Publicité
Publicité
Format du document : text/plain
Prévisualisation
Résultats d'analyse de Farbar Recovery Scan Tool (FRST) (x64) Version: 02.01.2018
Exécuté par utilisateur (administrateur) sur UTILISATEUR-PC (06-01-2018 19:46:02)
Exécuté depuis C:\Users\utilisateur\Desktop
Profils chargés: utilisateur (Profils disponibles: utilisateur)
Platform: Windows 7 Home Premium Service Pack 1 (X64) Langue: Français (France)
Internet Explorer Version 11 (Navigateur par défaut: FF)
Mode d'amorçage: Normal
Tutoriel pour Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processus (Avec liste blanche) =================
(Si un élément est inclus dans le fichier fixlist.txt, le processus sera arrêté. Le fichier ne sera pas déplacé.)
(IObit) C:\Program Files (x86)\IObit\IObit Malware Fighter\IMFsrv.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe
(Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(AO Kaspersky Lab) C:\Program Files (x86)\Orange\Orange Security Suite 10.10\avp.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Digital Wave Ltd.) C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\app_updater.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe
(RealNetworks, Inc.) C:\Program Files (x86)\Real\UpdateService\RealPlayerUpdateSvc.exe
(RealNetworks, Inc.) C:\Program Files (x86)\Real\RealPlayer\RPDS\Bin\rpdsvc.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvContainer\nvcontainer.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvContainer\nvcontainer.exe
(Orange) C:\Users\utilisateur\AppData\Roaming\Orange\OrangeInside\OrangeInside.exe
(Logitech, Inc.) C:\Program Files\Logitech\SetPointP\SetPoint.exe
(Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
(TomTom) C:\Program Files (x86)\MyDrive Connect\TomTom MyDrive Connect.exe
() C:\Program Files (x86)\Google\Drive\googledrivesync.exe
(Orange) C:\Program Files\Le Cloud d'Orange\OrangeCloudApplication.exe
() C:\Program Files (x86)\RocketDock\RocketDock.exe
(Logitech, Inc.) C:\Program Files\Common Files\LogiShrd\KHAL3\KHALMNPR.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\IPC\AdobeIPCBroker.exe
() C:\Program Files (x86)\Google\Drive\googledrivesync.exe
(AO Kaspersky Lab) C:\Program Files (x86)\Orange\Orange Security Suite 10.10\avpui.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ADS\Adobe Desktop Service.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\HEX\Adobe CEF Helper.exe
() C:\Program Files (x86)\Adobe\Adobe Sync\CoreSync\CoreSync.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\CCXProcess.exe
(Node.js) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\libs\node.exe
(IObit) C:\Program Files (x86)\IObit\IObit Malware Fighter\IMF.exe
() C:\Program Files (x86)\Google\Drive\googledrivesync.exe
(Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
() C:\Program Files (x86)\Google\Drive\googledrivesync.exe
(IObit) C:\Program Files (x86)\IObit\IObit Malware Fighter\IMFTips.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCLibrary\CCLibrary.exe
(Node.js) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCLibrary\libs\node.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\ShadowPlay\nvsphelper64.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Elements 11 Organizer\PhotoshopElementsFileAgent.exe
() C:\Program Files\GoPro\GoPro Desktop App\GoProDeviceDetection.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(IObit) C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallMonitor.exe
() C:\Program Files (x86)\Lavasoft\Web Companion\Application\Lavasoft.WCAssistant.WinService.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
() C:\Program Files (x86)\Real\RealDownloader\downloader2.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(RealNetworks, Inc.) C:\Program Files (x86)\Real\RealDownloader\realdownloader264.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(IObit) C:\Program Files (x86)\IObit\IObit Malware Fighter\Surfing Protection\SPNativeMessage.exe
(IObit) C:\Program Files (x86)\IObit\IObit Malware Fighter\Surfing Protection\SPNativeMessage.exe
(IObit) C:\Program Files (x86)\IObit\IObit Malware Fighter\Surfing Protection\FFNativeMessage.exe
==================== Registre (Avec liste blanche) ===========================
(Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé. Le fichier ne sera pas déplacé.)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [9228800 2017-08-11] (Realtek Semiconductor)
HKLM\...\Run: [EvtMgr6] => C:\Program Files\Logitech\SetPointP\SetPoint.exe [3113592 2015-08-26] (Logitech, Inc.)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [508128 2016-07-01] (Adobe Systems Incorporated)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [297272 2017-12-05] (Apple Inc.)
HKLM-x32\...\Run: [Adobe Creative Cloud] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [2407008 2017-09-20] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [Nikon Message Center 2] => C:\Program Files (x86)\Nikon\Nikon Message Center 2\NkMC2.exe [588288 2016-01-08] (Nikon Corporation)
HKLM-x32\...\Run: [IObit Malware Fighter] => C:\Program Files (x86)\IObit\IObit Malware Fighter\IMF.exe [5764384 2017-11-20] (IObit)
Winlogon\Notify\LBTWlgn: c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll (Logitech, Inc.)
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKU\S-1-5-21-2178984533-954614097-2152146171-1000\...\Run: [MyDriveConnect.exe] => C:\Program Files (x86)\MyDrive Connect\TomTom MyDrive Connect.exe [1986280 2017-08-04] (TomTom)
HKU\S-1-5-21-2178984533-954614097-2152146171-1000\...\Run: [GoogleDriveSync] => C:\Program Files (x86)\Google\Drive\googledrivesync.exe [41061856 2017-11-20] ()
HKU\S-1-5-21-2178984533-954614097-2152146171-1000\...\Run: [OCCDesktop] => C:\Program Files\Le Cloud d'Orange\OrangeCloudApplication.exe [4563968 2017-10-31] (Orange)
HKU\S-1-5-21-2178984533-954614097-2152146171-1000\...\Run: [Adobe Acrobat Synchronizer] => C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\AdobeCollabSync.exe [886768 2017-11-04] (Adobe Systems Incorporated)
HKU\S-1-5-21-2178984533-954614097-2152146171-1000\...\Run: [GUDelayStartup] => C:\Program Files (x86)\Glary Utilities 5\StartupManager.exe [44024 2017-12-15] (Glarysoft Ltd)
HKU\S-1-5-21-2178984533-954614097-2152146171-1000\...\Run: [RocketDock] => C:\Program Files (x86)\RocketDock\RocketDock.exe [495616 2007-09-02] ()
HKU\S-1-5-21-2178984533-954614097-2152146171-1000\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [10249048 2017-12-01] (Piriform Ltd)
HKU\S-1-5-21-2178984533-954614097-2152146171-1000\...\Run: [Web Companion] => C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exe [7704168 2018-01-06] (Lavasoft)
HKU\S-1-5-21-2178984533-954614097-2152146171-1000\...\Policies\Explorer: [NolowDiskSpaceChecks] 1
HKU\S-1-5-21-2178984533-954614097-2152146171-1000\...\MountPoints2: {7733619f-5339-11e6-8de1-5404a68a5f37} - G:\Setup.exe
HKU\S-1-5-21-2178984533-954614097-2152146171-1000\...\MountPoints2: {eeb75f05-7bd5-11e6-918f-5404a68a5f37} - G:\iStudio.exe
HKU\S-1-5-18\...\RunOnce: [SPReview] => "C:\Windows\System32\SPReview\SPReview.exe" /sp:1 /errorfwlink:"hxxp://go.microsoft.com/fwlink/?LinkID=122915" /build:7601
BootExecute: autocheck autochk * �܀
==================== Internet (Avec liste blanche) ====================
(Si un élément est inclus dans le fichier fixlist.txt, s'il s'agit d'un élément du Registre, il sera supprimé ou restauré à la valeur par défaut.)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{27163DA5-AE9C-48B4-9374-0CD1212DA096}: [DhcpNameServer] 192.168.1.1
Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Local Page =
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-2178984533-954614097-2152146171-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://r.orange.fr/r/Oodc_IE_oi_v2?ref=O_OI_defaultPage_IE_odc
HKU\S-1-5-21-2178984533-954614097-2152146171-1000\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome
SearchScopes: HKLM-x32 -> DefaultScope la valeur est absente
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-2178984533-954614097-2152146171-1000 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?pc=COSP&ptag=D010618-A366AA8DC38&form=CONBDF&conlogo=CT3335786&q={searchTerms}
SearchScopes: HKU\S-1-5-21-2178984533-954614097-2152146171-1000 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?pc=COSP&ptag=D010618-A366AA8DC38&form=CONBDF&conlogo=CT3335786&q={searchTerms}
BHO: Kaspersky Protection -> {03993315-5CE9-4F00-8790-D14A94F1D91A} -> C:\Program Files (x86)\Orange\Orange Security Suite 10.10\x64\IEExt\ie_plugin.dll [2017-12-05] (AO Kaspersky Lab)
BHO: ExplorerWnd Helper -> {10921475-03CE-4E04-90CE-E2E7EF20C814} -> C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallExplorer.dll [2017-05-22] (IObit)
BHO: RealNetworks Download and Record Plugin for Internet Explorer -> {3049C3E9-B461-4BC5-8870-4C09146192CA} -> C:\Program Files (x86)\Real\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin64.dll [2017-06-02] (RealDownloader)
BHO: Canon Easy-WebPrint EX BHO -> {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} -> C:\Program Files\Canon\Easy-WebPrint EX\ewpexbho.dll [2015-02-23] (CANON INC.)
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-18] (Microsoft Corporation)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17] (Microsoft Corp.)
BHO: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2017-08-24] (Adobe Systems Incorporated)
BHO: Logitech SetPoint -> {AF949550-9094-4807-95EC-D1C317803333} -> C:\Program Files\Logitech\SetPointP\SetPointSmooth.dll [2015-08-26] (Logitech, Inc.)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2017-08-24] (Adobe Systems Incorporated)
BHO-x32: Kaspersky Protection -> {03993315-5CE9-4F00-8790-D14A94F1D91A} -> C:\Program Files (x86)\Orange\Orange Security Suite 10.10\IEExt\ie_plugin.dll [2017-12-05] (AO Kaspersky Lab)
BHO-x32: RealNetworks Download and Record Plugin for Internet Explorer -> {3049C3E9-B461-4BC5-8870-4C09146192CA} -> C:\Program Files (x86)\Real\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin.dll [2017-06-02] (RealDownloader)
BHO-x32: Canon Easy-WebPrint EX BHO -> {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} -> C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexbho.dll [2015-02-23] (CANON INC.)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-18] (Microsoft Corporation)
BHO-x32: Programme d’aide de l’Assistant de connexion au compte Microsoft -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17] (Microsoft Corp.)
BHO-x32: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2017-08-24] (Adobe Systems Incorporated)
BHO-x32: Logitech SetPoint -> {AF949550-9094-4807-95EC-D1C317803333} -> C:\Program Files\Logitech\SetPointP\32-bit\SetPointSmooth.dll [2015-08-26] (Logitech, Inc.)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO-x32: IObit Surfing Protection -> {BA0C978D-D909-49B6-AFE2-8BDE245DC7E6} -> C:\Program Files (x86)\IObit\IObit Malware Fighter\Surfing Protection\BrowerProtect\ASCPlugin_Protection.dll [2017-10-18] (IObit)
BHO-x32: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2017-08-24] (Adobe Systems Incorporated)
BHO-x32: IObit Ads Removal -> {FFCB3198-32F3-4E8B-9539-4324694ED664} -> C:\Program Files (x86)\IObit\IObit Malware Fighter\Surfing Protection\Adblock\Adblock.dll [2017-10-18] (IObit)
Toolbar: HKLM - Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files\Canon\Easy-WebPrint EX\ewpexhlp.dll [2015-02-23] (CANON INC.)
Toolbar: HKLM - Kaspersky Protection Toolbar - {001032CB-B0AC-4F2C-A650-AD4B2B26E5DA} - C:\Program Files (x86)\Orange\Orange Security Suite 10.10\x64\IEExt\ie_plugin.dll [2017-12-05] (AO Kaspersky Lab)
Toolbar: HKLM - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2017-08-24] (Adobe Systems Incorporated)
Toolbar: HKLM-x32 - Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll [2015-02-23] (CANON INC.)
Toolbar: HKLM-x32 - Kaspersky Protection Toolbar - {001032CB-B0AC-4F2C-A650-AD4B2B26E5DA} - C:\Program Files (x86)\Orange\Orange Security Suite 10.10\IEExt\ie_plugin.dll [2017-12-05] (AO Kaspersky Lab)
Toolbar: HKLM-x32 - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2017-08-24] (Adobe Systems Incorporated)
Toolbar: HKU\S-1-5-21-2178984533-954614097-2152146171-1000 -> Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2017-08-24] (Adobe Systems Incorporated)
FireFox:
========
FF DefaultProfile: x4na513e.default
FF DefaultProfile: 7c8kwjtr.default
FF ProfilePath: C:\Users\utilisateur\AppData\Roaming\Mozilla\Firefox\Profiles\x4na513e.default [2018-01-06]
FF Homepage: Mozilla\Firefox\Profiles\x4na513e.default -> hxxp://www.orange.fr/portail
hxxp://www.journaux.fr/
FF NewTab: Mozilla\Firefox\Profiles\x4na513e.default -> hxxp://www.bing.com/?pc=COSP&ptag=D010618-A366AA8DC38&form=CONMHP&conlogo=CT3335786
FF Extension: (AdBlocker Ultimate) - C:\Users\utilisateur\AppData\Roaming\Mozilla\Firefox\Profiles\x4na513e.default\Extensions\adblockultimate@adblockultimate.net.xpi [2017-12-15]
FF Extension: (IObit Surfing Protection & Ads Removal) - C:\Users\utilisateur\AppData\Roaming\Mozilla\Firefox\Profiles\x4na513e.default\Extensions\ascsurfingprotectionnew@iobit.com.xpi [2017-10-18]
FF Extension: (Ghostery) - C:\Users\utilisateur\AppData\Roaming\Mozilla\Firefox\Profiles\x4na513e.default\Extensions\firefox@ghostery.com.xpi [2017-12-28]
FF Extension: (Dictionnaire français) - C:\Users\utilisateur\AppData\Roaming\Mozilla\Firefox\Profiles\x4na513e.default\Extensions\fr-dicollecte@dictionaries.addons.mozilla.org [2017-11-29] [Legacy]
FF Extension: (Search image) - C:\Users\utilisateur\AppData\Roaming\Mozilla\Firefox\Profiles\x4na513e.default\Extensions\searchimage@searchimage.fr.xpi [2017-11-24]
FF Extension: (YesScript) - C:\Users\utilisateur\AppData\Roaming\Mozilla\Firefox\Profiles\x4na513e.default\Extensions\yesscript@userstyles.org.xpi [2017-10-11] [Legacy]
FF Extension: (uBlock) - C:\Users\utilisateur\AppData\Roaming\Mozilla\Firefox\Profiles\x4na513e.default\Extensions\{2b10c1c8-a11f-4bad-fe9c-1c11e82cac42}.xpi [2018-01-06] [Legacy]
FF Extension: (Download all Images) - C:\Users\utilisateur\AppData\Roaming\Mozilla\Firefox\Profiles\x4na513e.default\Extensions\{32af1358-428a-446d-873e-5f8eb5f2a72e}.xpi [2017-12-29]
FF Extension: (Save Button for Pinterest) - C:\Users\utilisateur\AppData\Roaming\Mozilla\Firefox\Profiles\x4na513e.default\Extensions\{677a8f98-fd64-40b0-a883-b8c95d0cbf17}.xpi [2017-12-29]
FF Extension: (ImTranslator: Traducteur, Dictionnaire, Voix) - C:\Users\utilisateur\AppData\Roaming\Mozilla\Firefox\Profiles\x4na513e.default\Extensions\{9AA46F4F-4DC7-4c06-97AF-5035170634FE}.xpi [2017-12-29]
FF Extension: (Video DownloadHelper) - C:\Users\utilisateur\AppData\Roaming\Mozilla\Firefox\Profiles\x4na513e.default\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}.xpi [2017-12-15]
FF Extension: (Adblock Plus) - C:\Users\utilisateur\AppData\Roaming\Mozilla\Firefox\Profiles\x4na513e.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2017-12-15]
FF Extension: (Block site) - C:\Users\utilisateur\AppData\Roaming\Mozilla\Firefox\Profiles\x4na513e.default\Extensions\{dd3d7613-0246-469d-bc65-2a3cc1668adc}.xpi [2017-12-01]
FF Extension: (Theme Font & Size Changer) - C:\Users\utilisateur\AppData\Roaming\Mozilla\Firefox\Profiles\x4na513e.default\Extensions\{f69e22c7-bc50-414a-9269-0f5c344cd94c}.xpi [2017-11-28]
FF SearchPlugin: C:\Users\utilisateur\AppData\Roaming\Mozilla\Firefox\Profiles\x4na513e.default\searchplugins\bing-lavasoft.xml [2018-01-06]
FF ProfilePath: C:\Users\utilisateur\AppData\Roaming\8pecxstudios\Cyberfox\Profiles\7c8kwjtr.default [2018-01-06]
FF Homepage: 8pecxstudios\Cyberfox\Profiles\7c8kwjtr.default -> hxxp://www.orange.fr/portail
FF Extension: (AdBlocker Ultimate) - C:\Users\utilisateur\AppData\Roaming\8pecxstudios\Cyberfox\Profiles\7c8kwjtr.default\Extensions\adblockultimate@adblockultimate.net.xpi [2017-12-13]
FF Extension: (Video Downloader professional) - C:\Users\utilisateur\AppData\Roaming\8pecxstudios\Cyberfox\Profiles\7c8kwjtr.default\Extensions\ffext_basicvideoext@startpage24.xpi [2017-11-24]
FF Extension: (Ghostery) - C:\Users\utilisateur\AppData\Roaming\8pecxstudios\Cyberfox\Profiles\7c8kwjtr.default\Extensions\firefox@ghostery.com.xpi [2017-12-28]
FF Extension: (Dictionnaire français) - C:\Users\utilisateur\AppData\Roaming\8pecxstudios\Cyberfox\Profiles\7c8kwjtr.default\Extensions\fr-dicollecte@dictionaries.addons.mozilla.org [2017-12-01] [Legacy]
FF Extension: (Outwit Images) - C:\Users\utilisateur\AppData\Roaming\8pecxstudios\Cyberfox\Profiles\7c8kwjtr.default\Extensions\outwit-images-1110@outwit.com [2017-12-03] [Legacy]
FF Extension: (Search image) - C:\Users\utilisateur\AppData\Roaming\8pecxstudios\Cyberfox\Profiles\7c8kwjtr.default\Extensions\searchimage@searchimage.fr.xpi [2017-11-24]
FF Extension: (YesScript) - C:\Users\utilisateur\AppData\Roaming\8pecxstudios\Cyberfox\Profiles\7c8kwjtr.default\Extensions\yesscript@userstyles.org.xpi [2017-11-22] [Legacy]
FF Extension: (uBlock) - C:\Users\utilisateur\AppData\Roaming\8pecxstudios\Cyberfox\Profiles\7c8kwjtr.default\Extensions\{2b10c1c8-a11f-4bad-fe9c-1c11e82cac42}.xpi [2017-11-22] [Legacy]
FF Extension: (Download all Images) - C:\Users\utilisateur\AppData\Roaming\8pecxstudios\Cyberfox\Profiles\7c8kwjtr.default\Extensions\{32af1358-428a-446d-873e-5f8eb5f2a72e}.xpi [2017-12-30]
FF Extension: (Save Button for Pinterest) - C:\Users\utilisateur\AppData\Roaming\8pecxstudios\Cyberfox\Profiles\7c8kwjtr.default\Extensions\{677a8f98-fd64-40b0-a883-b8c95d0cbf17}.xpi [2017-12-30]
FF Extension: (Video DownloadHelper) - C:\Users\utilisateur\AppData\Roaming\8pecxstudios\Cyberfox\Profiles\7c8kwjtr.default\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}.xpi [2017-11-22] [Legacy]
FF Extension: (Block site) - C:\Users\utilisateur\AppData\Roaming\8pecxstudios\Cyberfox\Profiles\7c8kwjtr.default\Extensions\{dd3d7613-0246-469d-bc65-2a3cc1668adc}.xpi [2017-12-01]
FF Extension: (Theme Font & Size Changer) - C:\Users\utilisateur\AppData\Roaming\8pecxstudios\Cyberfox\Profiles\7c8kwjtr.default\Extensions\{f69e22c7-bc50-414a-9269-0f5c344cd94c}.xpi [2017-11-28]
FF Extension: (CyberCTR) - C:\Program Files\Cyberfox\browser\features\CTR@8pecxstudios.com.xpi [2017-12-08] [Legacy] [non signé]
FF HKLM\...\Firefox\Extensions: [light_plugin_ACF0E80077C511E59DED005056C00008@kaspersky.com] - C:\Program Files (x86)\Orange\Orange Security Suite 10.10\FFExt\light_plugin_firefox\addon.xpi
FF Extension: (Kaspersky Protection) - C:\Program Files (x86)\Orange\Orange Security Suite 10.10\FFExt\light_plugin_firefox\addon.xpi [2017-09-19]
FF HKLM\...\Firefox\Extensions: [web2pdfextension.17@acrobat.adobe.com] - C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Browser\WCFirefoxExtn\WebExtn\signed_extn\adobe_acrobat-1.0-windows.xpi
FF Extension: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Browser\WCFirefoxExtn\WebExtn\signed_extn\adobe_acrobat-1.0-windows.xpi [2017-11-27]
FF HKLM-x32\...\Firefox\Extensions: [{F003DA68-8256-4b37-A6C4-350FA04494DF}] - C:\Program Files\Logitech\SetPointP\LogiSmoothFirefoxExt
FF Extension: (Logitech SetPoint) - C:\Program Files\Logitech\SetPointP\LogiSmoothFirefoxExt [2016-04-02] [Legacy] [non signé]
FF HKLM-x32\...\Firefox\Extensions: [light_plugin_D772DC8D6FAF43A29B25C4EBAA5AD1DE@kaspersky.com] - C:\Program Files (x86)\Orange\Orange Security Suite 10.10\FFExt\light_plugin_firefox\addon.xpi
FF HKLM-x32\...\Firefox\Extensions: [light_plugin_ACF0E80077C511E59DED005056C00008@kaspersky.com] - C:\Program Files (x86)\Orange\Orange Security Suite 10.10\FFExt\light_plugin_firefox\addon.xpi
FF HKLM-x32\...\Firefox\Extensions: [web2pdfextension.17@acrobat.adobe.com] - C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Browser\WCFirefoxExtn\WebExtn\signed_extn\adobe_acrobat-1.0-windows.xpi
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_28_0_0_126.dll [2017-12-13] ()
FF Plugin: @microsoft.com/GENUINE -> disabled [Pas de fichier]
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.50907.0\npctrl.dll [2017-05-03] ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=2.2.2 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2017-05-24] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.2.3 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2017-05-24] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.2.4 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2017-05-24] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.2.5.1 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2017-05-24] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.2.6 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2017-05-24] (VideoLAN)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll [2017-09-20] (Adobe Systems)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_28_0_0_126.dll [2017-12-13] ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw_1231201.dll [2017-11-02] (Adobe Systems, Inc.)
FF Plugin-x32: @canon.com/EPPEX -> C:\Program Files (x86)\Canon\My Image Garden\AddOn\CIG\npmigfpi.dll [2011-11-30] (CANON INC.)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [Pas de fichier]
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.50907.0\npctrl.dll [2017-05-03] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation)
FF Plugin-x32: @real.com/nppl3260;version=18.1.8.212 -> C:\Program Files (x86)\Real\RealPlayer\Netscape6\nppl3260.dll [2017-06-15] (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprpplugin;version=18.1.8.212 -> C:\Program Files (x86)\Real\RealPlayer\Netscape6\nprpplugin.dll [2017-06-15] (RealPlayer)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.7\npGoogleUpdate3.dll [2017-11-14] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.7\npGoogleUpdate3.dll [2017-11-14] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.2.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2017-11-29] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.4 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2017-11-29] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.5.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2017-11-29] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.6 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2017-11-29] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.8 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2017-11-29] (VideoLAN)
FF Plugin-x32: Adobe Acrobat -> C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Air\nppdf32.dll [2017-11-04] (Adobe Systems Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2017-11-04] (Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll [2017-09-20] (Adobe Systems)
FF ExtraCheck: C:\Program Files\mozilla firefox\defaults\pref\dsengine.js [2018-01-06] <==== ATTENTION (Pointe vers un fichier *.cfg)
FF ExtraCheck: C:\Program Files\mozilla firefox\dsengine.cfg [2018-01-06] <==== ATTENTION
Chrome:
=======
CHR Profile: C:\Users\utilisateur\AppData\Local\Google\Chrome\User Data\Default [2018-01-05]
CHR Extension: (Google Slides) - C:\Users\utilisateur\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2016-10-23]
CHR Extension: (Google Docs) - C:\Users\utilisateur\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2016-10-23]
CHR Extension: (Google Drive) - C:\Users\utilisateur\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-10-23]
CHR Extension: (YouTube) - C:\Users\utilisateur\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-10-23]
CHR Extension: (Google Sheets) - C:\Users\utilisateur\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2016-10-23]
CHR Extension: (Ads Removal) - C:\Users\utilisateur\AppData\Local\Google\Chrome\User Data\Default\Extensions\fopdddcinljmpmioaklghcalngfhbaen [2017-05-06]
CHR Extension: (Google Docs hors connexion) - C:\Users\utilisateur\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-10-23]
CHR Extension: (Plug-in de sécurité pour votre antivirus) - C:\Users\utilisateur\AppData\Local\Google\Chrome\User Data\Default\Extensions\lcfenocacchlkbenefaoghnpjlfcifng [2016-10-23]
CHR Extension: (Paiements via le Chrome Web Store) - C:\Users\utilisateur\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-10-23]
CHR Extension: (Gmail) - C:\Users\utilisateur\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-10-23]
CHR Extension: (Chrome Media Router) - C:\Users\utilisateur\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2016-10-23]
CHR HKLM\...\Chrome\Extension: [kgleflkdamakpmckkidkcmnmdikbbmok] - hxxps://chrome.google.com/webstore/detail/kgleflkdamakpmckkidkcmnmdikbbmok
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [kgleflkdamakpmckkidkcmnmdikbbmok] - hxxps://chrome.google.com/webstore/detail/kgleflkdamakpmckkidkcmnmdikbbmok
==================== Services (Avec liste blanche) ====================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
R2 AdobeActiveFileMonitor11.0; C:\Program Files (x86)\Adobe\Elements 11 Organizer\PhotoshopElementsFileAgent.exe [171600 2012-09-17] (Adobe Systems Incorporated)
R2 AdobeUpdateService; C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe [817760 2017-09-20] (Adobe Systems Incorporated)
R2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [2257016 2017-08-23] (Adobe Systems, Incorporated)
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [83768 2017-11-27] (Apple Inc.)
R2 AVP16.0.1; C:\Program Files (x86)\Orange\Orange Security Suite 10.10\avp.exe [236928 2015-12-22] (AO Kaspersky Lab)
R2 DigitalWave.Update.Service; C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\app_updater.exe [440808 2017-07-14] (Digital Wave Ltd.)
R2 GoProDeviceDetectionService; C:\Program Files\GoPro\GoPro Desktop App\GoProDeviceDetection.exe [37808 2016-05-11] ()
R2 IMFservice; C:\Program Files (x86)\IObit\IObit Malware Fighter\IMFsrv.exe [1769760 2017-11-14] (IObit)
S3 klvssbrigde64; C:\Program Files (x86)\Orange\Orange Security Suite 10.10\x64\vssbridge64.exe [152488 2015-12-22] (AO Kaspersky Lab)
R2 NvContainerLocalSystem; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [519104 2017-11-16] (NVIDIA Corporation)
S3 NvContainerNetworkService; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [519104 2017-11-16] (NVIDIA Corporation)
R2 RealPlayerUpdateSvc; C:\Program Files (x86)\Real\UpdateService\RealPlayerUpdateSvc.exe [36640 2017-06-02] (RealNetworks, Inc.)
R2 RealTimes Desktop Service; C:\Program Files (x86)\Real\RealPlayer\RPDS\Bin\rpdsvc.exe [988944 2017-06-15] (RealNetworks, Inc.)
S3 UsbClientService; C:\Program Files (x86)\Synology\Assistant\UsbClientService.exe [248856 2017-01-18] ()
R2 WCAssistantService; C:\Program Files (x86)\Lavasoft\Web Companion\Application\Lavasoft.WCAssistant.WinService.exe [25704 2018-01-06] ()
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
S3 WsAppService; C:\Program Files (x86)\Wondershare\WAF\2.4.3.225\WsAppService.exe [473824 2017-05-05] (Wondershare)
R2 NVDisplay.ContainerLocalSystem; "C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe" -s NVDisplay.ContainerLocalSystem -f "C:\ProgramData\NVIDIA\NVDisplay.ContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\LocalSystem" -r -p 30000
R2 NvTelemetryContainer; "C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe" -s NvTelemetryContainer -f "C:\ProgramData\NVIDIA\NvTelemetryContainer.log" -l 3 -d "C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\plugins" -r
===================== Pilotes (Avec liste blanche) ======================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
S1 arbpnzgdm.sys; C:\WINDOWS\system32\drivers\arbpnzgdm.sys [15424 2017-07-26] () [Fichier non signé]
S1 atldpogvo.sys; C:\WINDOWS\system32\drivers\atldpogvo.sys [15424 2017-07-26] () [Fichier non signé]
S1 bmlmmigie.sys; C:\WINDOWS\system32\drivers\bmlmmigie.sys [7712 2017-12-09] () [Fichier non signé]
S1 buldtrxfd.sys; C:\WINDOWS\system32\drivers\buldtrxfd.sys [7712 2018-01-06] () [Fichier non signé]
S1 chlxuifhn.sys; C:\WINDOWS\system32\drivers\chlxuifhn.sys [137768 2017-08-07] ()
R0 cm_km; C:\Windows\System32\DRIVERS\cm_km.sys [389816 2015-07-06] (Kaspersky Lab ZAO)
S3 cpuz143; C:\Windows\temp\cpuz143\cpuz143_x64.sys [48960 2018-01-05] (CPUID)
S1 eblhdfvtt.sys; C:\WINDOWS\system32\drivers\eblhdfvtt.sys [7712 2017-12-07] () [Fichier non signé]
S3 FlashUSB; C:\Windows\System32\DRIVERS\FlashUSB.sys [19968 2017-05-25] (Intel Mobile Communications)
S1 gdzftrqfv.sys; C:\WINDOWS\system32\drivers\gdzftrqfv.sys [15424 2017-07-26] () [Fichier non signé]
R1 GUBootStartup; C:\Windows\System32\drivers\GUBootStartup.sys [20160 2017-08-17] (Glarysoft Ltd)
S3 guillflt; C:\Windows\System32\DRIVERS\guillflt.sys [71024 2012-01-18] (Guillemot Corp S.A.)
R2 gzflt; C:\Windows\System32\DRIVERS\gzflt.sys [183576 2016-12-05] (BitDefender LLC)
S1 haanvuday.sys; C:\WINDOWS\system32\drivers\haanvuday.sys [15424 2017-07-10] () [Fichier non signé]
R1 HWiNFO32; C:\Windows\SysWOW64\drivers\HWiNFO64A.SYS [27552 2016-08-05] (REALiX(tm))
S3 hxctlflt; C:\Windows\System32\Drivers\hxctlflt.sys [117104 2011-12-29] (Guillemot Corporation)
S1 idduqneux.sys; C:\WINDOWS\system32\drivers\idduqneux.sys [15424 2017-07-26] () [Fichier non signé]
R1 IMFCameraProtect; C:\Windows\system32\drivers\IMFCameraProtect.sys [26272 2017-03-17] (IObit.com)
R3 IMFDownProtect; C:\Program Files (x86)\IObit\IObit Malware Fighter\drivers\win7_amd64\IMFDownProtect.sys [21360 2017-03-08] (IObit.com)
R3 IMFFilter; C:\Program Files (x86)\IObit\IObit Malware Fighter\Drivers\win7_amd64\IMFFilter.sys [22440 2016-12-22] (IObit)
R3 IMFForceDelete; C:\Program Files (x86)\IObit\IObit Malware Fighter\drivers\win7_amd64\IMFForceDelete.sys [16216 2017-07-03] (IObit.com)
R3 IUFileFilter; C:\Program Files (x86)\IObit\IObit Uninstaller\drivers\win7_amd64\IUFileFilter.sys [21928 2017-06-06] (IObit.com)
R3 IURegProcessFilter; C:\Program Files (x86)\IObit\IObit Uninstaller\drivers\win7_amd64\IURegProcessFilter.sys [21872 2017-09-28] (IObit.com)
R0 kl1; C:\Windows\System32\DRIVERS\kl1.sys [478392 2015-09-11] (Kaspersky Lab ZAO)
R0 klbackupdisk; C:\Windows\System32\DRIVERS\klbackupdisk.sys [53432 2015-06-06] (Kaspersky Lab ZAO)
R1 klbackupflt; C:\Windows\System32\DRIVERS\klbackupflt.sys [79240 2015-12-01] (AO Kaspersky Lab)
R2 kldisk; C:\Windows\System32\DRIVERS\kldisk.sys [78200 2015-12-02] (AO Kaspersky Lab)
R3 klflt; C:\Windows\System32\DRIVERS\klflt.sys [186360 2017-10-14] (AO Kaspersky Lab)
R1 klhk; C:\Windows\System32\DRIVERS\klhk.sys [279544 2017-10-14] (AO Kaspersky Lab)
R3 klids; C:\ProgramData\Kaspersky Lab\AVP16.0.1\Bases\klids.sys [190832 2018-01-06] (AO Kaspersky Lab)
R1 KLIF; C:\Windows\System32\DRIVERS\klif.sys [1011192 2017-10-14] (AO Kaspersky Lab)
R1 KLIM6; C:\Windows\System32\DRIVERS\klim6.sys [50776 2016-07-05] (AO Kaspersky Lab)
R3 klkbdflt; C:\Windows\System32\DRIVERS\klkbdflt.sys [52608 2015-11-11] (AO Kaspersky Lab)
R3 klmouflt; C:\Windows\System32\DRIVERS\klmouflt.sys [41648 2015-06-07] (Kaspersky Lab ZAO)
R1 klpd; C:\Windows\System32\DRIVERS\klpd.sys [45960 2015-12-07] (AO Kaspersky Lab)
R1 kltdi; C:\Windows\System32\DRIVERS\kltdi.sys [65208 2015-06-11] (Kaspersky Lab ZAO)
R1 Klwtp; C:\Windows\System32\DRIVERS\klwtp.sys [116448 2017-03-14] (AO Kaspersky Lab)
R1 kneps; C:\Windows\System32\DRIVERS\kneps.sys [194440 2015-12-03] (AO Kaspersky Lab)
S1 lfyvfgnkm.sys; C:\WINDOWS\system32\drivers\lfyvfgnkm.sys [15424 2017-07-10] () [Fichier non signé]
R3 netr28x; C:\Windows\System32\DRIVERS\netr28x.sys [2502288 2017-02-02] (MediaTek Inc.)
S1 nolwvfmgo.sys; C:\WINDOWS\system32\drivers\nolwvfmgo.sys [15424 2017-07-10] () [Fichier non signé]
S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [30144 2017-11-16] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [50624 2017-11-16] (NVIDIA Corporation)
R3 nvvhci; C:\Windows\System32\DRIVERS\nvvhci.sys [57792 2017-11-16] (NVIDIA Corporation)
R1 pnkdwzsou.sys; C:\WINDOWS\system32\drivers\pnkdwzsou.sys [142760 2018-01-06] () [Fichier non signé]
R0 PxHlpa64; C:\Windows\System32\Drivers\PxHlpa64.sys [56336 2012-08-10] (Corel Corporation)
S0 qbwvgswe.sys; C:\Windows\System32\drivers\qbwvgswe.sys [15440 2017-09-13] (Acer Laboratories Inc.)
S1 qrumxzklx.sys; C:\WINDOWS\system32\drivers\qrumxzklx.sys [7712 2018-01-02] () [Fichier non signé]
R3 RegFilter; C:\Program Files (x86)\IObit\IObit Malware Fighter\drivers\win7_amd64\regfilter.sys [34752 2016-11-03] (IObit.com)
S3 rtsuvc; C:\Windows\System32\DRIVERS\rtsuvc.sys [8213360 2011-12-29] (Realtek Semiconductor Corp.)
S3 semav6msr64; C:\Windows\system32\drivers\semav6msr64.sys [21984 2016-10-18] ()
R3 Trufos; C:\Windows\System32\DRIVERS\TRUFOS.sys [520032 2016-12-05] (BitDefender S.R.L.)
R0 ugefmuiz.sys; C:\Windows\System32\drivers\ugefmuiz.sys [904104 2017-09-13] () [Fichier non signé]
S1 vfkwphimv.sys; C:\WINDOWS\system32\drivers\vfkwphimv.sys [7712 2017-12-09] () [Fichier non signé]
S1 zbngraucl.sys; C:\WINDOWS\system32\drivers\zbngraucl.sys [7712 2018-01-05] () [Fichier non signé]
S3 EsgScanner; system32\DRIVERS\EsgScanner.sys [X]
S2 npf; \??\C:\Windows\system32\drivers\npf.sys [X]
==================== NetSvcs (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
==================== Un mois - Créés - fichiers et dossiers ========
(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)
2018-01-06 19:46 - 2018-01-06 19:46 - 000040176 _____ C:\Users\utilisateur\Desktop\FRST.txt
2018-01-06 19:44 - 2018-01-06 19:44 - 002393088 _____ (Farbar) C:\Users\utilisateur\Desktop\FRST64.exe
2018-01-06 18:46 - 2018-01-06 18:46 - 000001026 _____ C:\Users\Public\Desktop\VLC media player.lnk
2018-01-06 18:44 - 2018-01-06 18:44 - 000000000 ____D C:\Users\utilisateur\AppData\Roaming\Lavasoft
2018-01-06 18:44 - 2018-01-06 18:44 - 000000000 ____D C:\Users\utilisateur\AppData\Local\Lavasoft
2018-01-06 18:44 - 2018-01-06 18:44 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lavasoft
2018-01-06 18:44 - 2018-01-06 18:44 - 000000000 ____D C:\ProgramData\Lavasoft
2018-01-06 18:44 - 2018-01-06 18:44 - 000000000 ____D C:\Program Files (x86)\Lavasoft
2018-01-06 18:34 - 2018-01-06 18:34 - 000142760 _____ C:\Windows\system32\Drivers\dqjjhcohy.sys
2018-01-06 18:34 - 2018-01-06 18:34 - 000007712 _____ C:\Windows\system32\Drivers\buldtrxfd.sys
2018-01-06 17:41 - 2018-01-06 17:41 - 000000000 _____ C:\autoexec.bat
2018-01-06 17:00 - 2018-01-06 17:01 - 005189808 _____ (Enigma Software Group USA, LLC.) C:\Users\utilisateur\Downloads\SpyHunter-Installer.exe
2018-01-06 16:57 - 2018-01-06 18:33 - 000142760 _____ C:\Windows\system32\Drivers\pnkdwzsou.sys
2018-01-06 16:44 - 2018-01-06 16:44 - 000224712 _____ C:\Users\utilisateur\Desktop\ZHPDiag.txt
2018-01-06 16:42 - 2018-01-06 16:42 - 002961280 _____ C:\Users\utilisateur\Downloads\ZHPDiag3.exe
2018-01-06 16:42 - 2018-01-06 16:42 - 000000832 _____ C:\Users\utilisateur\Desktop\ZHPDiag.lnk
2018-01-06 11:43 - 2018-01-06 18:39 - 000571472 _____ C:\Tiem.txt
2018-01-05 18:54 - 2018-01-06 17:04 - 000001658 _____ C:\Users\utilisateur\Desktop\ZHPCleaner.txt
2018-01-05 18:48 - 2018-01-05 18:48 - 000000844 _____ C:\Users\utilisateur\Desktop\ZHPCleaner.lnk
2018-01-05 18:47 - 2018-01-05 18:48 - 003004288 _____ C:\Users\utilisateur\Downloads\ZHPCleaner.exe
2018-01-05 18:45 - 2018-01-05 18:46 - 000013030 _____ C:\PDOXUSRS.NET
2018-01-05 18:45 - 1999-11-12 05:11 - 000183808 _____ C:\Windows\SysWOW64\BDEADMIN.CPL
2018-01-05 18:45 - 1999-01-20 05:01 - 000210032 _____ C:\Windows\SysWOW64\DBCLIENT.DLL
2018-01-05 18:42 - 2018-01-05 18:42 - 000003204 _____ C:\Windows\System32\Tasks\{9C56B63C-D25E-405A-B9EC-9F9C4E76CF1C}
2018-01-05 18:39 - 2018-01-05 18:40 - 018476835 _____ (Nicolas Coolman ) C:\Users\utilisateur\Downloads\zhp2016setup.exe
2018-01-05 17:35 - 2018-01-06 19:06 - 001872267 _____ C:\Windows\system32\r6lstmp4.dat
2018-01-05 17:25 - 2018-01-05 17:25 - 005337864 _____ C:\Windows\system32\FNTCACHE.DAT
2018-01-05 17:10 - 2018-01-05 17:10 - 000181672 _____ C:\Users\utilisateur\AppData\Local\GDIPFONTCACHEV1.DAT
2018-01-05 16:42 - 2018-01-05 16:42 - 000142760 _____ C:\Windows\system32\Drivers\xpfzzrfux.sys
2018-01-05 16:42 - 2018-01-05 16:42 - 000007712 _____ C:\Windows\system32\Drivers\zbngraucl.sys
2018-01-05 16:20 - 2018-01-05 16:20 - 040237504 _____ (NVIDIA Corporation) C:\Windows\system32\nvcompiler.dll
2018-01-05 16:20 - 2018-01-05 16:20 - 036193912 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv64.dll
2018-01-05 16:20 - 2018-01-05 16:20 - 035156600 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcompiler.dll
2018-01-05 16:20 - 2018-01-05 16:20 - 029237880 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll
2018-01-05 16:20 - 2018-01-05 16:20 - 023265048 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll
2018-01-05 16:20 - 2018-01-05 16:20 - 019362944 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvwgf2um.dll
2018-01-05 16:20 - 2018-01-05 16:20 - 019038440 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl.dll
2018-01-05 16:20 - 2018-01-05 16:20 - 016815736 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys
2018-01-05 16:20 - 2018-01-05 16:20 - 013864560 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll
2018-01-05 16:20 - 2018-01-05 16:20 - 013255032 _____ (NVIDIA Corporation) C:\Windows\system32\nvptxJitCompiler.dll
2018-01-05 16:20 - 2018-01-05 16:20 - 011780560 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll
2018-01-05 16:20 - 2018-01-05 16:20 - 010883928 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvptxJitCompiler.dll
2018-01-05 16:20 - 2018-01-05 16:20 - 003807864 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll
2018-01-05 16:20 - 2018-01-05 16:20 - 003346368 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll
2018-01-05 16:20 - 2018-01-05 16:20 - 001989056 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6438831.dll
2018-01-05 16:20 - 2018-01-05 16:20 - 001673664 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6438831.dll
2018-01-05 16:20 - 2018-01-05 16:20 - 001135280 _____ (NVIDIA Corporation) C:\Windows\system32\nvfatbinaryLoader.dll
2018-01-05 16:20 - 2018-01-05 16:20 - 001099384 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll
2018-01-05 16:20 - 2018-01-05 16:20 - 001030592 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll
2018-01-05 16:20 - 2018-01-05 16:20 - 000981112 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll
2018-01-05 16:20 - 2018-01-05 16:20 - 000932288 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll
2018-01-05 16:20 - 2018-01-05 16:20 - 000885496 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvfatbinaryLoader.dll
2018-01-05 16:20 - 2018-01-05 16:20 - 000615544 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFROpenGL.dll
2018-01-05 16:20 - 2018-01-05 16:20 - 000527104 _____ (NVIDIA Corporation) C:\Windows\system32\nvEncodeAPI64.dll
2018-01-05 16:20 - 2018-01-05 16:20 - 000505976 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFROpenGL.dll
2018-01-05 16:20 - 2018-01-05 16:20 - 000446216 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvEncodeAPI.dll
2018-01-05 16:20 - 2018-01-05 16:20 - 000407248 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvumdshim.dll
2018-01-05 16:20 - 2018-01-05 16:20 - 000171896 _____ (NVIDIA Corporation) C:\Windows\system32\nvinitx.dll
2018-01-05 16:20 - 2018-01-05 16:20 - 000154392 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglshim64.dll
2018-01-05 16:20 - 2018-01-05 16:20 - 000149552 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvinit.dll
2018-01-05 16:20 - 2018-01-05 16:20 - 000132072 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglshim32.dll
2018-01-05 13:21 - 2018-01-05 13:21 - 000142760 _____ C:\Windows\system32\Drivers\wlvmgwbgn.sys
2018-01-02 17:24 - 2018-01-02 17:24 - 000000000 ____D C:\Users\utilisateur\AppData\Roaming\4Free
2018-01-02 17:17 - 2018-01-02 17:17 - 000000000 ____D C:\Users\utilisateur\.fontconfig
2018-01-02 17:16 - 2018-01-02 17:16 - 000004935 _____ C:\ProgramData\vfiakfjk.zeu
2018-01-02 17:16 - 2018-01-02 17:16 - 000000000 ____D C:\ProgramData\Movavi Video Converter 18
2018-01-02 17:16 - 2018-01-02 17:16 - 000000000 ____D C:\ProgramData\Movavi
2018-01-02 17:09 - 2018-01-02 17:10 - 000000000 ____D C:\Users\utilisateur\AppData\Roaming\Apowersoft
2018-01-02 16:45 - 2018-01-02 16:45 - 000000000 ____D C:\ProgramData\DigitalWave.ApplicationUpdater_files
2018-01-02 16:44 - 2018-01-05 16:57 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DVDVideoSoft
2018-01-02 16:44 - 2018-01-02 17:13 - 000000000 ____D C:\Users\utilisateur\AppData\Roaming\DVDVideoSoft
2018-01-02 16:44 - 2018-01-02 16:44 - 000000000 ____D C:\Program Files (x86)\FreeCodecPack
2018-01-02 16:17 - 2018-01-05 13:21 - 000000000 ____D C:\Program Files (x86)\DVD Flick
2018-01-02 16:17 - 2013-10-03 17:02 - 000040960 _____ (vbAccelerator) C:\Windows\SysWOW64\ssubtmr6.dll
2018-01-02 16:17 - 2013-10-03 17:02 - 000036864 _____ (Robdogg Inc.) C:\Windows\SysWOW64\trayicon_handler.ocx
2018-01-02 15:44 - 2018-01-02 15:44 - 000142760 _____ C:\Windows\system32\Drivers\ufersebsl.sys
2018-01-02 15:44 - 2018-01-02 15:44 - 000007712 _____ C:\Windows\system32\Drivers\qrumxzklx.sys
2018-01-02 15:30 - 2018-01-02 15:30 - 000000000 ____D C:\Users\utilisateur\AppData\Local\FreemakeVideoConverter
2018-01-02 08:31 - 2018-01-02 08:31 - 000142760 _____ C:\Windows\system32\Drivers\pmminelud.sys
2018-01-02 08:31 - 2018-01-02 08:31 - 000007712 _____ C:\Windows\system32\Drivers\dbkoqrjil.sys
2017-12-31 20:35 - 2017-12-31 20:35 - 000000000 ____D C:\Users\utilisateur\AppData\Roaming\Google
2017-12-31 14:37 - 2017-12-31 14:37 - 000142760 _____ C:\Windows\system32\Drivers\dprdkupbf.sys
2017-12-31 14:37 - 2017-12-31 14:37 - 000007712 _____ C:\Windows\system32\Drivers\jvxjvtgis.sys
2017-12-28 09:51 - 2017-12-28 09:52 - 000022970 _____ C:\Users\utilisateur\Downloads\Extrait de comptes 30066 10341 000101219.. au 2017-09-29.pdf
2017-12-27 16:03 - 2017-12-27 16:03 - 000000218 _____ C:\Users\utilisateur\AppData\Local\recently-used.xbel
2017-12-27 16:03 - 2017-12-27 16:03 - 000000218 _____ C:\Users\utilisateur\.recently-used.xbel
2017-12-27 16:00 - 2017-12-27 16:00 - 000000000 ____D C:\Users\utilisateur\AppData\Local\RawTherapee
2017-12-27 16:00 - 2017-12-27 16:00 - 000000000 ____D C:\Users\utilisateur\AppData\Local\gtk-3.0
2017-12-27 15:58 - 2017-12-27 15:58 - 000000938 _____ C:\Users\Public\Desktop\RawTherapee 5.3.lnk
2017-12-27 15:58 - 2017-12-27 15:58 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RawTherapee
2017-12-27 15:58 - 2017-12-27 15:58 - 000000000 ____D C:\Program Files\RawTherapee
2017-12-27 15:21 - 2017-12-27 15:21 - 000000000 ____D C:\Users\utilisateur\AppData\Roaming\hugin
2017-12-27 15:19 - 2017-12-27 15:19 - 000000003 _____ C:\Users\utilisateur\AppData\Roaming\.ptbt0
2017-12-27 15:19 - 2017-12-27 15:19 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Hugin
2017-12-27 15:19 - 2017-12-27 15:19 - 000000000 ____D C:\Program Files\Hugin
2017-12-27 15:16 - 2017-12-27 15:18 - 040038400 _____ C:\Users\utilisateur\Downloads\Hugin-2017.0-win64.msi
2017-12-27 11:50 - 2017-12-27 11:51 - 000000000 ____D C:\ProgramData\Google
2017-12-27 11:50 - 2017-12-27 11:50 - 000000000 ____D C:\Program Files\Google
2017-12-27 11:28 - 2017-12-27 11:34 - 450071920 _____ C:\Users\utilisateur\Downloads\nikcollection-full-1.2.11.exe
2017-12-22 16:25 - 2018-01-05 17:44 - 000000000 ____D C:\Users\utilisateur\AppData\Roaming\MPC-HC
2017-12-20 16:18 - 2017-12-20 16:18 - 000002464 _____ C:\Users\utilisateur\Desktop\TumblRipper.BugReporter.lnk
2017-12-20 16:18 - 2017-12-20 16:18 - 000000000 ____D C:\Users\utilisateur\AppData\Local\TumblRipper
2017-12-20 16:13 - 2017-12-20 16:18 - 000002356 _____ C:\Users\utilisateur\Desktop\TumblRipper.lnk
2017-12-20 16:13 - 2017-12-20 16:13 - 000000000 ____D C:\Program Files (x86)\TumblRipper
2017-12-20 16:12 - 2017-12-20 16:12 - 000911640 _____ (TumblRipper ) C:\Users\utilisateur\Downloads\TumblRipperDonate(2).exe
2017-12-20 16:03 - 2017-12-20 16:03 - 000911640 _____ (TumblRipper ) C:\Users\utilisateur\Downloads\TumblRipperDonate(1).exe
2017-12-20 13:52 - 2017-12-20 13:52 - 000911640 _____ (TumblRipper ) C:\Users\utilisateur\Downloads\TumblRipperDonate.exe
2017-12-20 13:44 - 2017-12-20 16:18 - 000000000 ____D C:\Users\utilisateur\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ZARk
2017-12-20 13:44 - 2017-12-20 16:18 - 000000000 ____D C:\Users\utilisateur\AppData\Local\SquirrelTemp
2017-12-20 13:44 - 2017-12-20 13:48 - 000000000 ____D C:\Users\utilisateur\AppData\Local\TumblRipper3
2017-12-20 13:44 - 2017-12-20 13:44 - 000000000 ____D C:\Users\utilisateur\AppData\Roaming\Intertel
2017-12-16 10:56 - 2017-12-16 10:57 - 038670008 _____ (DownloadHelper ) C:\Users\utilisateur\Downloads\VdhCoAppSetup-1.1.0.exe
2017-12-13 15:17 - 2017-12-13 15:17 - 000001002 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Bridge CC 2018.lnk
2017-12-13 15:06 - 2017-12-13 15:06 - 000001061 _____ C:\Users\utilisateur\Desktop\Adobe Lightroom Classic CC.lnk
2017-12-13 15:06 - 2017-12-13 15:06 - 000001061 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Lightroom Classic CC.lnk
2017-12-11 08:57 - 2017-12-11 08:57 - 000090136 _____ C:\Users\utilisateur\Downloads\article_722343.pdf
2017-12-09 16:57 - 2017-12-09 16:57 - 000142760 _____ C:\Windows\system32\Drivers\ohvcywdpw.sys
2017-12-09 16:57 - 2017-12-09 16:57 - 000007712 _____ C:\Windows\system32\Drivers\vfkwphimv.sys
2017-12-09 14:49 - 2017-12-09 14:49 - 000142760 _____ C:\Windows\system32\Drivers\jbljfvvig.sys
2017-12-09 14:49 - 2017-12-09 14:49 - 000007712 _____ C:\Windows\system32\Drivers\bmlmmigie.sys
2017-12-08 09:27 - 2017-12-08 09:27 - 000000000 ____D C:\Users\utilisateur\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Cyberfox
2017-12-07 14:17 - 2017-12-07 14:17 - 000001747 _____ C:\Users\Public\Desktop\iTunes.lnk
2017-12-07 14:17 - 2017-12-07 14:17 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2017-12-07 14:17 - 2017-12-07 14:17 - 000000000 ____D C:\Program Files\iTunes
2017-12-07 14:17 - 2017-12-07 14:17 - 000000000 ____D C:\Program Files\iPod
2017-12-07 14:08 - 2017-12-07 14:13 - 264340296 _____ (Apple Inc.) C:\Users\utilisateur\Downloads\iTunes_(64bit)_v12.7.2.exe
2017-12-07 08:50 - 2017-12-07 08:50 - 000142760 _____ C:\Windows\system32\Drivers\daqpvbzve.sys
2017-12-07 08:50 - 2017-12-07 08:50 - 000007712 _____ C:\Windows\system32\Drivers\eblhdfvtt.sys
==================== Un mois - Modifiés - fichiers et dossiers ========
(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)
2018-01-06 19:46 - 2017-04-27 15:47 - 000000000 ____D C:\Users\utilisateur\AppData\Local\OrangeCloud
2018-01-06 19:46 - 2017-02-25 09:51 - 000000000 ____D C:\FRST
2018-01-06 19:41 - 2016-04-02 09:59 - 000000000 ____D C:\ProgramData\Kaspersky Lab
2018-01-06 19:39 - 2016-11-16 10:39 - 000000000 ____D C:\Users\utilisateur\AppData\LocalLow\Mozilla
2018-01-06 18:44 - 2017-11-22 12:56 - 000000000 ____D C:\Program Files\Mozilla Firefox
2018-01-06 18:42 - 2009-07-14 05:45 - 000023728 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2018-01-06 18:42 - 2009-07-14 05:45 - 000023728 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2018-01-06 18:40 - 2009-07-14 16:24 - 000761414 _____ C:\Windows\system32\perfh00C.dat
2018-01-06 18:40 - 2009-07-14 16:24 - 000154342 _____ C:\Windows\system32\perfc00C.dat
2018-01-06 18:40 - 2009-07-14 06:13 - 001695496 _____ C:\Windows\system32\PerfStringBackup.INI
2018-01-06 18:40 - 2009-07-14 04:20 - 000000000 ____D C:\Windows\inf
2018-01-06 18:36 - 2017-08-24 10:01 - 001872267 _____ C:\Windows\system32\r6lstmp5.dat
2018-01-06 18:36 - 2016-04-01 10:11 - 000000000 ____D C:\ProgramData\NVIDIA
2018-01-06 18:35 - 2017-04-27 10:31 - 000000000 ___RD C:\Users\utilisateur\Google Drive
2018-01-06 18:35 - 2016-04-02 10:43 - 000000000 ___RD C:\Users\utilisateur\Creative Cloud Files
2018-01-06 18:35 - 2016-04-02 10:29 - 000000000 ____D C:\Users\utilisateur\AppData\Local\Adobe
2018-01-06 18:34 - 2009-07-14 06:08 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2018-01-06 17:41 - 2016-04-01 09:46 - 000000000 ____D C:\Users\utilisateur
2018-01-06 17:04 - 2017-08-15 19:29 - 000000000 ____D C:\Users\utilisateur\AppData\Roaming\ZHP
2018-01-06 16:59 - 2016-08-05 19:49 - 000000000 ____D C:\Users\utilisateur\AppData\LocalLow\IObit
2018-01-06 16:56 - 2016-08-05 19:53 - 000000000 ____D C:\AdwCleaner
2018-01-06 16:42 - 2017-08-15 19:29 - 000000000 ____D C:\Users\utilisateur\AppData\Local\ZHP
2018-01-06 12:19 - 2017-07-17 18:59 - 000000000 ____D C:\ProgramData\Malwarebytes
2018-01-06 10:10 - 2017-08-17 07:17 - 000000000 ____D C:\Program Files (x86)\Glary Utilities 5
2018-01-06 09:59 - 2017-02-02 08:32 - 000000000 ____D C:\Program Files (x86)\IObit
2018-01-06 09:59 - 2016-08-05 19:49 - 000000000 ____D C:\ProgramData\IObit
2018-01-06 09:36 - 2016-08-05 19:49 - 000002910 _____ C:\Windows\System32\Tasks\Driver Booster SkipUAC (utilisateur)
2018-01-05 20:23 - 2016-04-01 10:25 - 000000000 ____D C:\Windows\system32\MRT
2018-01-05 20:21 - 2017-10-11 11:28 - 133326408 ____C (Microsoft Corporation) C:\Windows\system32\MRT-KB890830.exe
2018-01-05 20:21 - 2016-04-01 10:25 - 133326408 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2018-01-05 20:20 - 2016-04-03 08:07 - 000000000 ____D C:\Program Files\PeerBlock
2018-01-05 19:37 - 2016-04-03 08:10 - 000000000 ____D C:\Users\utilisateur\AppData\Roaming\uTorrent
2018-01-05 18:42 - 2016-10-01 15:08 - 000000000 ____D C:\Users\utilisateur\AppData\Local\CrashDumps
2018-01-05 17:27 - 2016-08-05 19:48 - 000000000 ____D C:\Users\utilisateur\AppData\Roaming\IObit
2018-01-05 17:24 - 2009-07-14 04:20 - 000000000 ____D C:\Windows\SysWOW64\Setup
2018-01-05 17:24 - 2009-07-14 04:20 - 000000000 ____D C:\Windows\system32\Setup
2018-01-05 17:14 - 2017-08-17 07:17 - 000003338 _____ C:\Windows\System32\Tasks\GlaryInitialize 5
2018-01-05 17:14 - 2009-07-14 04:20 - 000000000 ____D C:\Windows\security
2018-01-05 16:57 - 2017-11-22 12:56 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2018-01-05 16:25 - 2016-04-12 10:21 - 000000000 ____D C:\Users\utilisateur\Documents\My CamStudio Temp Files
2018-01-05 16:22 - 2017-09-27 09:34 - 000002248 _____ C:\Users\Public\Desktop\Driver Booster 5.lnk
2018-01-05 16:20 - 2017-08-03 14:59 - 022096064 _____ (NVIDIA Corporation) C:\Windows\system32\nvwgf2umx.dll
2018-01-05 16:20 - 2017-08-03 14:59 - 000492232 _____ (NVIDIA Corporation) C:\Windows\system32\nvumdshimx.dll
2018-01-05 16:20 - 2017-08-03 14:58 - 018207576 _____ (NVIDIA Corporation) C:\Windows\system32\nvd3dumx.dll
2018-01-05 16:20 - 2017-08-03 14:58 - 015027984 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvd3dum.dll
2018-01-05 16:20 - 2017-08-03 14:57 - 004284680 _____ (NVIDIA Corporation) C:\Windows\system32\nvapi64.dll
2018-01-05 16:20 - 2017-08-03 14:57 - 003798848 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvapi.dll
2018-01-05 16:20 - 2016-04-01 10:10 - 000046182 _____ C:\Windows\system32\nvinfo.pb
2018-01-05 13:21 - 2016-08-21 09:44 - 000000000 ____D C:\Program Files (x86)\CDBurnerXP
2018-01-05 13:21 - 2016-08-05 19:49 - 000000000 ____D C:\ProgramData\ProductData
2018-01-05 13:21 - 2016-04-02 10:30 - 000000000 ____D C:\Windows\SysWOW64\Macromed
2018-01-05 13:21 - 2016-04-02 10:30 - 000000000 ____D C:\Windows\system32\Macromed
2018-01-05 13:21 - 2016-04-01 10:26 - 000000000 ____D C:\Windows\System32\Tasks\AVAST Software
2018-01-05 13:21 - 2016-04-01 10:11 - 000000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2018-01-05 13:21 - 2016-04-01 10:10 - 000000000 ____D C:\Program Files\NVIDIA Corporation
2018-01-05 13:21 - 2009-07-14 04:20 - 000000000 ____D C:\Windows\registration
2018-01-03 12:53 - 2016-04-12 10:18 - 000000096 _____ C:\Users\utilisateur\AppData\Roaming\version2.xml
2018-01-02 17:57 - 2016-07-10 14:43 - 000001073 _____ C:\Users\utilisateur\.lmmsrc.xml
2018-01-02 17:17 - 2017-10-05 10:52 - 000000000 ____D C:\Users\utilisateur\AppData\Local\Movavi
2018-01-02 16:13 - 2016-08-21 09:44 - 000001119 _____ C:\Users\Public\Desktop\CDBurnerXP.lnk
2018-01-02 16:13 - 2016-08-21 09:44 - 000001065 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CDBurnerXP.lnk
2018-01-02 14:41 - 2016-04-12 10:21 - 000004556 _____ C:\Users\utilisateur\AppData\Roaming\CamStudio.cfg
2018-01-02 14:41 - 2016-04-12 10:21 - 000000408 _____ C:\Users\utilisateur\AppData\Roaming\CamShapes.ini
2018-01-02 14:41 - 2016-04-12 10:21 - 000000408 _____ C:\Users\utilisateur\AppData\Roaming\CamLayout.ini
2018-01-02 14:41 - 2016-04-12 10:21 - 000000110 _____ C:\Users\utilisateur\AppData\Roaming\Camdata.ini
2017-12-27 15:17 - 2017-05-19 15:55 - 000001326 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\IObit Uninstaller.lnk
2017-12-27 15:17 - 2017-05-19 15:55 - 000001314 _____ C:\Users\Public\Desktop\IObit Uninstaller.lnk
2017-12-27 15:17 - 2017-05-19 15:55 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\IObit Uninstaller
2017-12-27 11:51 - 2016-04-02 10:36 - 000000000 ____D C:\Users\utilisateur\AppData\Roaming\Adobe
2017-12-27 11:51 - 2016-04-01 10:38 - 000000000 ____D C:\Users\utilisateur\AppData\Local\Google
2017-12-22 11:45 - 2017-10-24 16:43 - 000003872 _____ C:\Windows\System32\Tasks\CCleaner Update
2017-12-22 11:45 - 2016-04-02 16:47 - 000000000 ____D C:\Program Files\CCleaner
2017-12-18 09:23 - 2017-08-17 07:17 - 000002996 _____ C:\Windows\System32\Tasks\GU5SkipUAC
2017-12-18 09:23 - 2017-08-17 07:17 - 000001052 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Glary Utilities 5.lnk
2017-12-18 09:23 - 2017-08-17 07:17 - 000001040 _____ C:\Users\Public\Desktop\Glary Utilities 5.lnk
2017-12-16 10:57 - 2017-11-26 10:52 - 000000000 ____D C:\Program Files\net.downloadhelper.coapp
2017-12-13 15:17 - 2017-11-14 18:47 - 000000000 ___HD C:\adobeTemp
2017-12-13 15:16 - 2016-04-02 10:54 - 000000000 ____D C:\Program Files\Adobe
2017-12-13 14:29 - 2017-09-27 11:21 - 000004496 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2017-12-13 14:29 - 2016-08-05 19:57 - 000803328 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2017-12-13 14:29 - 2016-08-05 19:57 - 000144896 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2017-12-08 15:39 - 2017-07-25 14:34 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Backup and Sync from Google
2017-12-08 15:39 - 2017-04-27 10:29 - 000002002 _____ C:\Users\Public\Desktop\Google Slides.lnk
2017-12-08 15:39 - 2017-04-27 10:29 - 000002000 _____ C:\Users\Public\Desktop\Google Sheets.lnk
2017-12-08 15:39 - 2017-04-27 10:29 - 000001990 _____ C:\Users\Public\Desktop\Google Docs.lnk
2017-12-08 09:27 - 2017-11-22 17:00 - 000000000 ____D C:\Program Files\Cyberfox
==================== Fichiers à la racine de certains dossiers =======
2017-12-27 15:19 - 2017-12-27 15:19 - 000000003 _____ () C:\Users\utilisateur\AppData\Roaming\.ptbt0
2017-01-28 18:10 - 2017-11-04 11:36 - 000000033 _____ () C:\Users\utilisateur\AppData\Roaming\AdobeWLCMCache.dat
2016-04-12 10:21 - 2018-01-02 14:41 - 000000110 _____ () C:\Users\utilisateur\AppData\Roaming\Camdata.ini
2016-04-12 10:21 - 2018-01-02 14:41 - 000000408 _____ () C:\Users\utilisateur\AppData\Roaming\CamLayout.ini
2016-04-12 10:21 - 2018-01-02 14:41 - 000000408 _____ () C:\Users\utilisateur\AppData\Roaming\CamShapes.ini
2016-04-12 10:21 - 2018-01-02 14:41 - 000004556 _____ () C:\Users\utilisateur\AppData\Roaming\CamStudio.cfg
2016-04-12 10:47 - 2017-10-21 09:41 - 000000098 _____ () C:\Users\utilisateur\AppData\Roaming\CamStudio.Producer.command
2016-04-12 10:47 - 2017-10-21 09:41 - 000000000 _____ () C:\Users\utilisateur\AppData\Roaming\CamStudio.Producer.Data.ini
2016-04-12 10:47 - 2017-10-21 09:41 - 000001205 _____ () C:\Users\utilisateur\AppData\Roaming\CamStudio.Producer.ini
2017-09-15 18:50 - 2017-09-15 18:50 - 000000268 ___RH () C:\Users\utilisateur\AppData\Roaming\Instrument Library
2017-09-15 18:50 - 2017-09-15 18:50 - 000000268 ___RH () C:\Users\utilisateur\AppData\Roaming\Internet Services
2016-04-12 10:18 - 2018-01-03 12:53 - 000000096 _____ () C:\Users\utilisateur\AppData\Roaming\version2.xml
2017-11-30 15:16 - 2017-11-30 15:16 - 000003584 _____ () C:\Users\utilisateur\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2017-07-10 08:32 - 2017-07-10 08:32 - 000140800 _____ () C:\Users\utilisateur\AppData\Local\installer.dat
2017-12-27 16:03 - 2017-12-27 16:03 - 000000218 _____ () C:\Users\utilisateur\AppData\Local\recently-used.xbel
2016-07-13 11:03 - 2017-11-27 14:11 - 000007598 _____ () C:\Users\utilisateur\AppData\Local\Resmon.ResmonCfg
Certains fichiers dans TEMP:
====================
2018-01-06 16:37 - 2018-01-06 16:37 - 000452096 _____ () C:\Users\utilisateur\AppData\Local\Temp\fhnhpmjx.exe
2018-01-06 10:05 - 2018-01-06 10:05 - 000452096 _____ () C:\Users\utilisateur\AppData\Local\Temp\jtxozlysr.exe
2018-01-06 18:39 - 2018-01-06 18:39 - 000452096 _____ () C:\Users\utilisateur\AppData\Local\Temp\rtjeua.exe
2018-01-06 09:35 - 2018-01-06 09:35 - 000452096 _____ () C:\Users\utilisateur\AppData\Local\Temp\scjivfyzx.exe
2018-01-05 17:30 - 2018-01-05 17:30 - 000452096 _____ () C:\Users\utilisateur\AppData\Local\Temp\srjnxwdj.exe
2018-01-06 17:02 - 2018-01-06 17:02 - 000452096 _____ () C:\Users\utilisateur\AppData\Local\Temp\tjtjgdsbhw.exe
2018-01-06 12:16 - 2018-01-06 12:16 - 000452096 _____ () C:\Users\utilisateur\AppData\Local\Temp\vqppzja.exe
2018-01-05 17:38 - 2018-01-05 17:38 - 000452096 _____ () C:\Users\utilisateur\AppData\Local\Temp\wfezbqezle.exe
2018-01-06 11:43 - 2018-01-06 11:43 - 000452096 _____ () C:\Users\utilisateur\AppData\Local\Temp\xfgeyuj.exe
2018-01-06 12:53 - 2018-01-06 12:53 - 000452096 _____ () C:\Users\utilisateur\AppData\Local\Temp\zpfedrchjs.exe
==================== Bamital & volsnap ======================
(Il n'y a pas de correction automatique pour les fichiers qui ne satisfont pas à la vérification.)
C:\Windows\system32\winlogon.exe => Le fichier est signé numériquement
C:\Windows\system32\wininit.exe => Le fichier est signé numériquement
C:\Windows\SysWOW64\wininit.exe => Le fichier est signé numériquement
C:\Windows\explorer.exe => Le fichier est signé numériquement
C:\Windows\SysWOW64\explorer.exe => Le fichier est signé numériquement
C:\Windows\system32\svchost.exe => Le fichier est signé numériquement
C:\Windows\SysWOW64\svchost.exe => Le fichier est signé numériquement
C:\Windows\system32\services.exe => Le fichier est signé numériquement
C:\Windows\system32\User32.dll => Le fichier est signé numériquement
C:\Windows\SysWOW64\User32.dll => Le fichier est signé numériquement
C:\Windows\system32\userinit.exe => Le fichier est signé numériquement
C:\Windows\SysWOW64\userinit.exe => Le fichier est signé numériquement
C:\Windows\system32\rpcss.dll => Le fichier est signé numériquement
C:\Windows\system32\dnsapi.dll => Le fichier est signé numériquement
C:\Windows\SysWOW64\dnsapi.dll => Le fichier est signé numériquement
C:\Windows\system32\Drivers\volsnap.sys => Le fichier est signé numériquement
LastRegBack: 2017-12-29 16:35
==================== Fin de FRST.txt ============================
Exécuté par utilisateur (administrateur) sur UTILISATEUR-PC (06-01-2018 19:46:02)
Exécuté depuis C:\Users\utilisateur\Desktop
Profils chargés: utilisateur (Profils disponibles: utilisateur)
Platform: Windows 7 Home Premium Service Pack 1 (X64) Langue: Français (France)
Internet Explorer Version 11 (Navigateur par défaut: FF)
Mode d'amorçage: Normal
Tutoriel pour Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processus (Avec liste blanche) =================
(Si un élément est inclus dans le fichier fixlist.txt, le processus sera arrêté. Le fichier ne sera pas déplacé.)
(IObit) C:\Program Files (x86)\IObit\IObit Malware Fighter\IMFsrv.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe
(Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(AO Kaspersky Lab) C:\Program Files (x86)\Orange\Orange Security Suite 10.10\avp.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Digital Wave Ltd.) C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\app_updater.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe
(RealNetworks, Inc.) C:\Program Files (x86)\Real\UpdateService\RealPlayerUpdateSvc.exe
(RealNetworks, Inc.) C:\Program Files (x86)\Real\RealPlayer\RPDS\Bin\rpdsvc.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvContainer\nvcontainer.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvContainer\nvcontainer.exe
(Orange) C:\Users\utilisateur\AppData\Roaming\Orange\OrangeInside\OrangeInside.exe
(Logitech, Inc.) C:\Program Files\Logitech\SetPointP\SetPoint.exe
(Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
(TomTom) C:\Program Files (x86)\MyDrive Connect\TomTom MyDrive Connect.exe
() C:\Program Files (x86)\Google\Drive\googledrivesync.exe
(Orange) C:\Program Files\Le Cloud d'Orange\OrangeCloudApplication.exe
() C:\Program Files (x86)\RocketDock\RocketDock.exe
(Logitech, Inc.) C:\Program Files\Common Files\LogiShrd\KHAL3\KHALMNPR.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\IPC\AdobeIPCBroker.exe
() C:\Program Files (x86)\Google\Drive\googledrivesync.exe
(AO Kaspersky Lab) C:\Program Files (x86)\Orange\Orange Security Suite 10.10\avpui.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ADS\Adobe Desktop Service.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\HEX\Adobe CEF Helper.exe
() C:\Program Files (x86)\Adobe\Adobe Sync\CoreSync\CoreSync.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\CCXProcess.exe
(Node.js) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\libs\node.exe
(IObit) C:\Program Files (x86)\IObit\IObit Malware Fighter\IMF.exe
() C:\Program Files (x86)\Google\Drive\googledrivesync.exe
(Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
() C:\Program Files (x86)\Google\Drive\googledrivesync.exe
(IObit) C:\Program Files (x86)\IObit\IObit Malware Fighter\IMFTips.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCLibrary\CCLibrary.exe
(Node.js) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCLibrary\libs\node.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\ShadowPlay\nvsphelper64.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Elements 11 Organizer\PhotoshopElementsFileAgent.exe
() C:\Program Files\GoPro\GoPro Desktop App\GoProDeviceDetection.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(IObit) C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallMonitor.exe
() C:\Program Files (x86)\Lavasoft\Web Companion\Application\Lavasoft.WCAssistant.WinService.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
() C:\Program Files (x86)\Real\RealDownloader\downloader2.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(RealNetworks, Inc.) C:\Program Files (x86)\Real\RealDownloader\realdownloader264.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(IObit) C:\Program Files (x86)\IObit\IObit Malware Fighter\Surfing Protection\SPNativeMessage.exe
(IObit) C:\Program Files (x86)\IObit\IObit Malware Fighter\Surfing Protection\SPNativeMessage.exe
(IObit) C:\Program Files (x86)\IObit\IObit Malware Fighter\Surfing Protection\FFNativeMessage.exe
==================== Registre (Avec liste blanche) ===========================
(Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé. Le fichier ne sera pas déplacé.)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [9228800 2017-08-11] (Realtek Semiconductor)
HKLM\...\Run: [EvtMgr6] => C:\Program Files\Logitech\SetPointP\SetPoint.exe [3113592 2015-08-26] (Logitech, Inc.)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [508128 2016-07-01] (Adobe Systems Incorporated)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [297272 2017-12-05] (Apple Inc.)
HKLM-x32\...\Run: [Adobe Creative Cloud] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [2407008 2017-09-20] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [Nikon Message Center 2] => C:\Program Files (x86)\Nikon\Nikon Message Center 2\NkMC2.exe [588288 2016-01-08] (Nikon Corporation)
HKLM-x32\...\Run: [IObit Malware Fighter] => C:\Program Files (x86)\IObit\IObit Malware Fighter\IMF.exe [5764384 2017-11-20] (IObit)
Winlogon\Notify\LBTWlgn: c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll (Logitech, Inc.)
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKU\S-1-5-21-2178984533-954614097-2152146171-1000\...\Run: [MyDriveConnect.exe] => C:\Program Files (x86)\MyDrive Connect\TomTom MyDrive Connect.exe [1986280 2017-08-04] (TomTom)
HKU\S-1-5-21-2178984533-954614097-2152146171-1000\...\Run: [GoogleDriveSync] => C:\Program Files (x86)\Google\Drive\googledrivesync.exe [41061856 2017-11-20] ()
HKU\S-1-5-21-2178984533-954614097-2152146171-1000\...\Run: [OCCDesktop] => C:\Program Files\Le Cloud d'Orange\OrangeCloudApplication.exe [4563968 2017-10-31] (Orange)
HKU\S-1-5-21-2178984533-954614097-2152146171-1000\...\Run: [Adobe Acrobat Synchronizer] => C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\AdobeCollabSync.exe [886768 2017-11-04] (Adobe Systems Incorporated)
HKU\S-1-5-21-2178984533-954614097-2152146171-1000\...\Run: [GUDelayStartup] => C:\Program Files (x86)\Glary Utilities 5\StartupManager.exe [44024 2017-12-15] (Glarysoft Ltd)
HKU\S-1-5-21-2178984533-954614097-2152146171-1000\...\Run: [RocketDock] => C:\Program Files (x86)\RocketDock\RocketDock.exe [495616 2007-09-02] ()
HKU\S-1-5-21-2178984533-954614097-2152146171-1000\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [10249048 2017-12-01] (Piriform Ltd)
HKU\S-1-5-21-2178984533-954614097-2152146171-1000\...\Run: [Web Companion] => C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exe [7704168 2018-01-06] (Lavasoft)
HKU\S-1-5-21-2178984533-954614097-2152146171-1000\...\Policies\Explorer: [NolowDiskSpaceChecks] 1
HKU\S-1-5-21-2178984533-954614097-2152146171-1000\...\MountPoints2: {7733619f-5339-11e6-8de1-5404a68a5f37} - G:\Setup.exe
HKU\S-1-5-21-2178984533-954614097-2152146171-1000\...\MountPoints2: {eeb75f05-7bd5-11e6-918f-5404a68a5f37} - G:\iStudio.exe
HKU\S-1-5-18\...\RunOnce: [SPReview] => "C:\Windows\System32\SPReview\SPReview.exe" /sp:1 /errorfwlink:"hxxp://go.microsoft.com/fwlink/?LinkID=122915" /build:7601
BootExecute: autocheck autochk * �܀
==================== Internet (Avec liste blanche) ====================
(Si un élément est inclus dans le fichier fixlist.txt, s'il s'agit d'un élément du Registre, il sera supprimé ou restauré à la valeur par défaut.)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{27163DA5-AE9C-48B4-9374-0CD1212DA096}: [DhcpNameServer] 192.168.1.1
Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Local Page =
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-2178984533-954614097-2152146171-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://r.orange.fr/r/Oodc_IE_oi_v2?ref=O_OI_defaultPage_IE_odc
HKU\S-1-5-21-2178984533-954614097-2152146171-1000\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome
SearchScopes: HKLM-x32 -> DefaultScope la valeur est absente
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-2178984533-954614097-2152146171-1000 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?pc=COSP&ptag=D010618-A366AA8DC38&form=CONBDF&conlogo=CT3335786&q={searchTerms}
SearchScopes: HKU\S-1-5-21-2178984533-954614097-2152146171-1000 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?pc=COSP&ptag=D010618-A366AA8DC38&form=CONBDF&conlogo=CT3335786&q={searchTerms}
BHO: Kaspersky Protection -> {03993315-5CE9-4F00-8790-D14A94F1D91A} -> C:\Program Files (x86)\Orange\Orange Security Suite 10.10\x64\IEExt\ie_plugin.dll [2017-12-05] (AO Kaspersky Lab)
BHO: ExplorerWnd Helper -> {10921475-03CE-4E04-90CE-E2E7EF20C814} -> C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallExplorer.dll [2017-05-22] (IObit)
BHO: RealNetworks Download and Record Plugin for Internet Explorer -> {3049C3E9-B461-4BC5-8870-4C09146192CA} -> C:\Program Files (x86)\Real\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin64.dll [2017-06-02] (RealDownloader)
BHO: Canon Easy-WebPrint EX BHO -> {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} -> C:\Program Files\Canon\Easy-WebPrint EX\ewpexbho.dll [2015-02-23] (CANON INC.)
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-18] (Microsoft Corporation)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17] (Microsoft Corp.)
BHO: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2017-08-24] (Adobe Systems Incorporated)
BHO: Logitech SetPoint -> {AF949550-9094-4807-95EC-D1C317803333} -> C:\Program Files\Logitech\SetPointP\SetPointSmooth.dll [2015-08-26] (Logitech, Inc.)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2017-08-24] (Adobe Systems Incorporated)
BHO-x32: Kaspersky Protection -> {03993315-5CE9-4F00-8790-D14A94F1D91A} -> C:\Program Files (x86)\Orange\Orange Security Suite 10.10\IEExt\ie_plugin.dll [2017-12-05] (AO Kaspersky Lab)
BHO-x32: RealNetworks Download and Record Plugin for Internet Explorer -> {3049C3E9-B461-4BC5-8870-4C09146192CA} -> C:\Program Files (x86)\Real\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin.dll [2017-06-02] (RealDownloader)
BHO-x32: Canon Easy-WebPrint EX BHO -> {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} -> C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexbho.dll [2015-02-23] (CANON INC.)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-18] (Microsoft Corporation)
BHO-x32: Programme d’aide de l’Assistant de connexion au compte Microsoft -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17] (Microsoft Corp.)
BHO-x32: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2017-08-24] (Adobe Systems Incorporated)
BHO-x32: Logitech SetPoint -> {AF949550-9094-4807-95EC-D1C317803333} -> C:\Program Files\Logitech\SetPointP\32-bit\SetPointSmooth.dll [2015-08-26] (Logitech, Inc.)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO-x32: IObit Surfing Protection -> {BA0C978D-D909-49B6-AFE2-8BDE245DC7E6} -> C:\Program Files (x86)\IObit\IObit Malware Fighter\Surfing Protection\BrowerProtect\ASCPlugin_Protection.dll [2017-10-18] (IObit)
BHO-x32: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2017-08-24] (Adobe Systems Incorporated)
BHO-x32: IObit Ads Removal -> {FFCB3198-32F3-4E8B-9539-4324694ED664} -> C:\Program Files (x86)\IObit\IObit Malware Fighter\Surfing Protection\Adblock\Adblock.dll [2017-10-18] (IObit)
Toolbar: HKLM - Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files\Canon\Easy-WebPrint EX\ewpexhlp.dll [2015-02-23] (CANON INC.)
Toolbar: HKLM - Kaspersky Protection Toolbar - {001032CB-B0AC-4F2C-A650-AD4B2B26E5DA} - C:\Program Files (x86)\Orange\Orange Security Suite 10.10\x64\IEExt\ie_plugin.dll [2017-12-05] (AO Kaspersky Lab)
Toolbar: HKLM - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2017-08-24] (Adobe Systems Incorporated)
Toolbar: HKLM-x32 - Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll [2015-02-23] (CANON INC.)
Toolbar: HKLM-x32 - Kaspersky Protection Toolbar - {001032CB-B0AC-4F2C-A650-AD4B2B26E5DA} - C:\Program Files (x86)\Orange\Orange Security Suite 10.10\IEExt\ie_plugin.dll [2017-12-05] (AO Kaspersky Lab)
Toolbar: HKLM-x32 - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2017-08-24] (Adobe Systems Incorporated)
Toolbar: HKU\S-1-5-21-2178984533-954614097-2152146171-1000 -> Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2017-08-24] (Adobe Systems Incorporated)
FireFox:
========
FF DefaultProfile: x4na513e.default
FF DefaultProfile: 7c8kwjtr.default
FF ProfilePath: C:\Users\utilisateur\AppData\Roaming\Mozilla\Firefox\Profiles\x4na513e.default [2018-01-06]
FF Homepage: Mozilla\Firefox\Profiles\x4na513e.default -> hxxp://www.orange.fr/portail
hxxp://www.journaux.fr/
FF NewTab: Mozilla\Firefox\Profiles\x4na513e.default -> hxxp://www.bing.com/?pc=COSP&ptag=D010618-A366AA8DC38&form=CONMHP&conlogo=CT3335786
FF Extension: (AdBlocker Ultimate) - C:\Users\utilisateur\AppData\Roaming\Mozilla\Firefox\Profiles\x4na513e.default\Extensions\adblockultimate@adblockultimate.net.xpi [2017-12-15]
FF Extension: (IObit Surfing Protection & Ads Removal) - C:\Users\utilisateur\AppData\Roaming\Mozilla\Firefox\Profiles\x4na513e.default\Extensions\ascsurfingprotectionnew@iobit.com.xpi [2017-10-18]
FF Extension: (Ghostery) - C:\Users\utilisateur\AppData\Roaming\Mozilla\Firefox\Profiles\x4na513e.default\Extensions\firefox@ghostery.com.xpi [2017-12-28]
FF Extension: (Dictionnaire français) - C:\Users\utilisateur\AppData\Roaming\Mozilla\Firefox\Profiles\x4na513e.default\Extensions\fr-dicollecte@dictionaries.addons.mozilla.org [2017-11-29] [Legacy]
FF Extension: (Search image) - C:\Users\utilisateur\AppData\Roaming\Mozilla\Firefox\Profiles\x4na513e.default\Extensions\searchimage@searchimage.fr.xpi [2017-11-24]
FF Extension: (YesScript) - C:\Users\utilisateur\AppData\Roaming\Mozilla\Firefox\Profiles\x4na513e.default\Extensions\yesscript@userstyles.org.xpi [2017-10-11] [Legacy]
FF Extension: (uBlock) - C:\Users\utilisateur\AppData\Roaming\Mozilla\Firefox\Profiles\x4na513e.default\Extensions\{2b10c1c8-a11f-4bad-fe9c-1c11e82cac42}.xpi [2018-01-06] [Legacy]
FF Extension: (Download all Images) - C:\Users\utilisateur\AppData\Roaming\Mozilla\Firefox\Profiles\x4na513e.default\Extensions\{32af1358-428a-446d-873e-5f8eb5f2a72e}.xpi [2017-12-29]
FF Extension: (Save Button for Pinterest) - C:\Users\utilisateur\AppData\Roaming\Mozilla\Firefox\Profiles\x4na513e.default\Extensions\{677a8f98-fd64-40b0-a883-b8c95d0cbf17}.xpi [2017-12-29]
FF Extension: (ImTranslator: Traducteur, Dictionnaire, Voix) - C:\Users\utilisateur\AppData\Roaming\Mozilla\Firefox\Profiles\x4na513e.default\Extensions\{9AA46F4F-4DC7-4c06-97AF-5035170634FE}.xpi [2017-12-29]
FF Extension: (Video DownloadHelper) - C:\Users\utilisateur\AppData\Roaming\Mozilla\Firefox\Profiles\x4na513e.default\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}.xpi [2017-12-15]
FF Extension: (Adblock Plus) - C:\Users\utilisateur\AppData\Roaming\Mozilla\Firefox\Profiles\x4na513e.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2017-12-15]
FF Extension: (Block site) - C:\Users\utilisateur\AppData\Roaming\Mozilla\Firefox\Profiles\x4na513e.default\Extensions\{dd3d7613-0246-469d-bc65-2a3cc1668adc}.xpi [2017-12-01]
FF Extension: (Theme Font & Size Changer) - C:\Users\utilisateur\AppData\Roaming\Mozilla\Firefox\Profiles\x4na513e.default\Extensions\{f69e22c7-bc50-414a-9269-0f5c344cd94c}.xpi [2017-11-28]
FF SearchPlugin: C:\Users\utilisateur\AppData\Roaming\Mozilla\Firefox\Profiles\x4na513e.default\searchplugins\bing-lavasoft.xml [2018-01-06]
FF ProfilePath: C:\Users\utilisateur\AppData\Roaming\8pecxstudios\Cyberfox\Profiles\7c8kwjtr.default [2018-01-06]
FF Homepage: 8pecxstudios\Cyberfox\Profiles\7c8kwjtr.default -> hxxp://www.orange.fr/portail
FF Extension: (AdBlocker Ultimate) - C:\Users\utilisateur\AppData\Roaming\8pecxstudios\Cyberfox\Profiles\7c8kwjtr.default\Extensions\adblockultimate@adblockultimate.net.xpi [2017-12-13]
FF Extension: (Video Downloader professional) - C:\Users\utilisateur\AppData\Roaming\8pecxstudios\Cyberfox\Profiles\7c8kwjtr.default\Extensions\ffext_basicvideoext@startpage24.xpi [2017-11-24]
FF Extension: (Ghostery) - C:\Users\utilisateur\AppData\Roaming\8pecxstudios\Cyberfox\Profiles\7c8kwjtr.default\Extensions\firefox@ghostery.com.xpi [2017-12-28]
FF Extension: (Dictionnaire français) - C:\Users\utilisateur\AppData\Roaming\8pecxstudios\Cyberfox\Profiles\7c8kwjtr.default\Extensions\fr-dicollecte@dictionaries.addons.mozilla.org [2017-12-01] [Legacy]
FF Extension: (Outwit Images) - C:\Users\utilisateur\AppData\Roaming\8pecxstudios\Cyberfox\Profiles\7c8kwjtr.default\Extensions\outwit-images-1110@outwit.com [2017-12-03] [Legacy]
FF Extension: (Search image) - C:\Users\utilisateur\AppData\Roaming\8pecxstudios\Cyberfox\Profiles\7c8kwjtr.default\Extensions\searchimage@searchimage.fr.xpi [2017-11-24]
FF Extension: (YesScript) - C:\Users\utilisateur\AppData\Roaming\8pecxstudios\Cyberfox\Profiles\7c8kwjtr.default\Extensions\yesscript@userstyles.org.xpi [2017-11-22] [Legacy]
FF Extension: (uBlock) - C:\Users\utilisateur\AppData\Roaming\8pecxstudios\Cyberfox\Profiles\7c8kwjtr.default\Extensions\{2b10c1c8-a11f-4bad-fe9c-1c11e82cac42}.xpi [2017-11-22] [Legacy]
FF Extension: (Download all Images) - C:\Users\utilisateur\AppData\Roaming\8pecxstudios\Cyberfox\Profiles\7c8kwjtr.default\Extensions\{32af1358-428a-446d-873e-5f8eb5f2a72e}.xpi [2017-12-30]
FF Extension: (Save Button for Pinterest) - C:\Users\utilisateur\AppData\Roaming\8pecxstudios\Cyberfox\Profiles\7c8kwjtr.default\Extensions\{677a8f98-fd64-40b0-a883-b8c95d0cbf17}.xpi [2017-12-30]
FF Extension: (Video DownloadHelper) - C:\Users\utilisateur\AppData\Roaming\8pecxstudios\Cyberfox\Profiles\7c8kwjtr.default\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}.xpi [2017-11-22] [Legacy]
FF Extension: (Block site) - C:\Users\utilisateur\AppData\Roaming\8pecxstudios\Cyberfox\Profiles\7c8kwjtr.default\Extensions\{dd3d7613-0246-469d-bc65-2a3cc1668adc}.xpi [2017-12-01]
FF Extension: (Theme Font & Size Changer) - C:\Users\utilisateur\AppData\Roaming\8pecxstudios\Cyberfox\Profiles\7c8kwjtr.default\Extensions\{f69e22c7-bc50-414a-9269-0f5c344cd94c}.xpi [2017-11-28]
FF Extension: (CyberCTR) - C:\Program Files\Cyberfox\browser\features\CTR@8pecxstudios.com.xpi [2017-12-08] [Legacy] [non signé]
FF HKLM\...\Firefox\Extensions: [light_plugin_ACF0E80077C511E59DED005056C00008@kaspersky.com] - C:\Program Files (x86)\Orange\Orange Security Suite 10.10\FFExt\light_plugin_firefox\addon.xpi
FF Extension: (Kaspersky Protection) - C:\Program Files (x86)\Orange\Orange Security Suite 10.10\FFExt\light_plugin_firefox\addon.xpi [2017-09-19]
FF HKLM\...\Firefox\Extensions: [web2pdfextension.17@acrobat.adobe.com] - C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Browser\WCFirefoxExtn\WebExtn\signed_extn\adobe_acrobat-1.0-windows.xpi
FF Extension: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Browser\WCFirefoxExtn\WebExtn\signed_extn\adobe_acrobat-1.0-windows.xpi [2017-11-27]
FF HKLM-x32\...\Firefox\Extensions: [{F003DA68-8256-4b37-A6C4-350FA04494DF}] - C:\Program Files\Logitech\SetPointP\LogiSmoothFirefoxExt
FF Extension: (Logitech SetPoint) - C:\Program Files\Logitech\SetPointP\LogiSmoothFirefoxExt [2016-04-02] [Legacy] [non signé]
FF HKLM-x32\...\Firefox\Extensions: [light_plugin_D772DC8D6FAF43A29B25C4EBAA5AD1DE@kaspersky.com] - C:\Program Files (x86)\Orange\Orange Security Suite 10.10\FFExt\light_plugin_firefox\addon.xpi
FF HKLM-x32\...\Firefox\Extensions: [light_plugin_ACF0E80077C511E59DED005056C00008@kaspersky.com] - C:\Program Files (x86)\Orange\Orange Security Suite 10.10\FFExt\light_plugin_firefox\addon.xpi
FF HKLM-x32\...\Firefox\Extensions: [web2pdfextension.17@acrobat.adobe.com] - C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Browser\WCFirefoxExtn\WebExtn\signed_extn\adobe_acrobat-1.0-windows.xpi
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_28_0_0_126.dll [2017-12-13] ()
FF Plugin: @microsoft.com/GENUINE -> disabled [Pas de fichier]
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.50907.0\npctrl.dll [2017-05-03] ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=2.2.2 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2017-05-24] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.2.3 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2017-05-24] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.2.4 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2017-05-24] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.2.5.1 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2017-05-24] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.2.6 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2017-05-24] (VideoLAN)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll [2017-09-20] (Adobe Systems)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_28_0_0_126.dll [2017-12-13] ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw_1231201.dll [2017-11-02] (Adobe Systems, Inc.)
FF Plugin-x32: @canon.com/EPPEX -> C:\Program Files (x86)\Canon\My Image Garden\AddOn\CIG\npmigfpi.dll [2011-11-30] (CANON INC.)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [Pas de fichier]
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.50907.0\npctrl.dll [2017-05-03] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation)
FF Plugin-x32: @real.com/nppl3260;version=18.1.8.212 -> C:\Program Files (x86)\Real\RealPlayer\Netscape6\nppl3260.dll [2017-06-15] (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprpplugin;version=18.1.8.212 -> C:\Program Files (x86)\Real\RealPlayer\Netscape6\nprpplugin.dll [2017-06-15] (RealPlayer)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.7\npGoogleUpdate3.dll [2017-11-14] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.7\npGoogleUpdate3.dll [2017-11-14] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.2.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2017-11-29] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.4 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2017-11-29] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.5.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2017-11-29] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.6 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2017-11-29] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.8 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2017-11-29] (VideoLAN)
FF Plugin-x32: Adobe Acrobat -> C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Air\nppdf32.dll [2017-11-04] (Adobe Systems Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2017-11-04] (Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll [2017-09-20] (Adobe Systems)
FF ExtraCheck: C:\Program Files\mozilla firefox\defaults\pref\dsengine.js [2018-01-06] <==== ATTENTION (Pointe vers un fichier *.cfg)
FF ExtraCheck: C:\Program Files\mozilla firefox\dsengine.cfg [2018-01-06] <==== ATTENTION
Chrome:
=======
CHR Profile: C:\Users\utilisateur\AppData\Local\Google\Chrome\User Data\Default [2018-01-05]
CHR Extension: (Google Slides) - C:\Users\utilisateur\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2016-10-23]
CHR Extension: (Google Docs) - C:\Users\utilisateur\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2016-10-23]
CHR Extension: (Google Drive) - C:\Users\utilisateur\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-10-23]
CHR Extension: (YouTube) - C:\Users\utilisateur\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-10-23]
CHR Extension: (Google Sheets) - C:\Users\utilisateur\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2016-10-23]
CHR Extension: (Ads Removal) - C:\Users\utilisateur\AppData\Local\Google\Chrome\User Data\Default\Extensions\fopdddcinljmpmioaklghcalngfhbaen [2017-05-06]
CHR Extension: (Google Docs hors connexion) - C:\Users\utilisateur\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-10-23]
CHR Extension: (Plug-in de sécurité pour votre antivirus) - C:\Users\utilisateur\AppData\Local\Google\Chrome\User Data\Default\Extensions\lcfenocacchlkbenefaoghnpjlfcifng [2016-10-23]
CHR Extension: (Paiements via le Chrome Web Store) - C:\Users\utilisateur\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-10-23]
CHR Extension: (Gmail) - C:\Users\utilisateur\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-10-23]
CHR Extension: (Chrome Media Router) - C:\Users\utilisateur\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2016-10-23]
CHR HKLM\...\Chrome\Extension: [kgleflkdamakpmckkidkcmnmdikbbmok] - hxxps://chrome.google.com/webstore/detail/kgleflkdamakpmckkidkcmnmdikbbmok
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [kgleflkdamakpmckkidkcmnmdikbbmok] - hxxps://chrome.google.com/webstore/detail/kgleflkdamakpmckkidkcmnmdikbbmok
==================== Services (Avec liste blanche) ====================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
R2 AdobeActiveFileMonitor11.0; C:\Program Files (x86)\Adobe\Elements 11 Organizer\PhotoshopElementsFileAgent.exe [171600 2012-09-17] (Adobe Systems Incorporated)
R2 AdobeUpdateService; C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe [817760 2017-09-20] (Adobe Systems Incorporated)
R2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [2257016 2017-08-23] (Adobe Systems, Incorporated)
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [83768 2017-11-27] (Apple Inc.)
R2 AVP16.0.1; C:\Program Files (x86)\Orange\Orange Security Suite 10.10\avp.exe [236928 2015-12-22] (AO Kaspersky Lab)
R2 DigitalWave.Update.Service; C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\app_updater.exe [440808 2017-07-14] (Digital Wave Ltd.)
R2 GoProDeviceDetectionService; C:\Program Files\GoPro\GoPro Desktop App\GoProDeviceDetection.exe [37808 2016-05-11] ()
R2 IMFservice; C:\Program Files (x86)\IObit\IObit Malware Fighter\IMFsrv.exe [1769760 2017-11-14] (IObit)
S3 klvssbrigde64; C:\Program Files (x86)\Orange\Orange Security Suite 10.10\x64\vssbridge64.exe [152488 2015-12-22] (AO Kaspersky Lab)
R2 NvContainerLocalSystem; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [519104 2017-11-16] (NVIDIA Corporation)
S3 NvContainerNetworkService; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [519104 2017-11-16] (NVIDIA Corporation)
R2 RealPlayerUpdateSvc; C:\Program Files (x86)\Real\UpdateService\RealPlayerUpdateSvc.exe [36640 2017-06-02] (RealNetworks, Inc.)
R2 RealTimes Desktop Service; C:\Program Files (x86)\Real\RealPlayer\RPDS\Bin\rpdsvc.exe [988944 2017-06-15] (RealNetworks, Inc.)
S3 UsbClientService; C:\Program Files (x86)\Synology\Assistant\UsbClientService.exe [248856 2017-01-18] ()
R2 WCAssistantService; C:\Program Files (x86)\Lavasoft\Web Companion\Application\Lavasoft.WCAssistant.WinService.exe [25704 2018-01-06] ()
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
S3 WsAppService; C:\Program Files (x86)\Wondershare\WAF\2.4.3.225\WsAppService.exe [473824 2017-05-05] (Wondershare)
R2 NVDisplay.ContainerLocalSystem; "C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe" -s NVDisplay.ContainerLocalSystem -f "C:\ProgramData\NVIDIA\NVDisplay.ContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\LocalSystem" -r -p 30000
R2 NvTelemetryContainer; "C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe" -s NvTelemetryContainer -f "C:\ProgramData\NVIDIA\NvTelemetryContainer.log" -l 3 -d "C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\plugins" -r
===================== Pilotes (Avec liste blanche) ======================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
S1 arbpnzgdm.sys; C:\WINDOWS\system32\drivers\arbpnzgdm.sys [15424 2017-07-26] () [Fichier non signé]
S1 atldpogvo.sys; C:\WINDOWS\system32\drivers\atldpogvo.sys [15424 2017-07-26] () [Fichier non signé]
S1 bmlmmigie.sys; C:\WINDOWS\system32\drivers\bmlmmigie.sys [7712 2017-12-09] () [Fichier non signé]
S1 buldtrxfd.sys; C:\WINDOWS\system32\drivers\buldtrxfd.sys [7712 2018-01-06] () [Fichier non signé]
S1 chlxuifhn.sys; C:\WINDOWS\system32\drivers\chlxuifhn.sys [137768 2017-08-07] ()
R0 cm_km; C:\Windows\System32\DRIVERS\cm_km.sys [389816 2015-07-06] (Kaspersky Lab ZAO)
S3 cpuz143; C:\Windows\temp\cpuz143\cpuz143_x64.sys [48960 2018-01-05] (CPUID)
S1 eblhdfvtt.sys; C:\WINDOWS\system32\drivers\eblhdfvtt.sys [7712 2017-12-07] () [Fichier non signé]
S3 FlashUSB; C:\Windows\System32\DRIVERS\FlashUSB.sys [19968 2017-05-25] (Intel Mobile Communications)
S1 gdzftrqfv.sys; C:\WINDOWS\system32\drivers\gdzftrqfv.sys [15424 2017-07-26] () [Fichier non signé]
R1 GUBootStartup; C:\Windows\System32\drivers\GUBootStartup.sys [20160 2017-08-17] (Glarysoft Ltd)
S3 guillflt; C:\Windows\System32\DRIVERS\guillflt.sys [71024 2012-01-18] (Guillemot Corp S.A.)
R2 gzflt; C:\Windows\System32\DRIVERS\gzflt.sys [183576 2016-12-05] (BitDefender LLC)
S1 haanvuday.sys; C:\WINDOWS\system32\drivers\haanvuday.sys [15424 2017-07-10] () [Fichier non signé]
R1 HWiNFO32; C:\Windows\SysWOW64\drivers\HWiNFO64A.SYS [27552 2016-08-05] (REALiX(tm))
S3 hxctlflt; C:\Windows\System32\Drivers\hxctlflt.sys [117104 2011-12-29] (Guillemot Corporation)
S1 idduqneux.sys; C:\WINDOWS\system32\drivers\idduqneux.sys [15424 2017-07-26] () [Fichier non signé]
R1 IMFCameraProtect; C:\Windows\system32\drivers\IMFCameraProtect.sys [26272 2017-03-17] (IObit.com)
R3 IMFDownProtect; C:\Program Files (x86)\IObit\IObit Malware Fighter\drivers\win7_amd64\IMFDownProtect.sys [21360 2017-03-08] (IObit.com)
R3 IMFFilter; C:\Program Files (x86)\IObit\IObit Malware Fighter\Drivers\win7_amd64\IMFFilter.sys [22440 2016-12-22] (IObit)
R3 IMFForceDelete; C:\Program Files (x86)\IObit\IObit Malware Fighter\drivers\win7_amd64\IMFForceDelete.sys [16216 2017-07-03] (IObit.com)
R3 IUFileFilter; C:\Program Files (x86)\IObit\IObit Uninstaller\drivers\win7_amd64\IUFileFilter.sys [21928 2017-06-06] (IObit.com)
R3 IURegProcessFilter; C:\Program Files (x86)\IObit\IObit Uninstaller\drivers\win7_amd64\IURegProcessFilter.sys [21872 2017-09-28] (IObit.com)
R0 kl1; C:\Windows\System32\DRIVERS\kl1.sys [478392 2015-09-11] (Kaspersky Lab ZAO)
R0 klbackupdisk; C:\Windows\System32\DRIVERS\klbackupdisk.sys [53432 2015-06-06] (Kaspersky Lab ZAO)
R1 klbackupflt; C:\Windows\System32\DRIVERS\klbackupflt.sys [79240 2015-12-01] (AO Kaspersky Lab)
R2 kldisk; C:\Windows\System32\DRIVERS\kldisk.sys [78200 2015-12-02] (AO Kaspersky Lab)
R3 klflt; C:\Windows\System32\DRIVERS\klflt.sys [186360 2017-10-14] (AO Kaspersky Lab)
R1 klhk; C:\Windows\System32\DRIVERS\klhk.sys [279544 2017-10-14] (AO Kaspersky Lab)
R3 klids; C:\ProgramData\Kaspersky Lab\AVP16.0.1\Bases\klids.sys [190832 2018-01-06] (AO Kaspersky Lab)
R1 KLIF; C:\Windows\System32\DRIVERS\klif.sys [1011192 2017-10-14] (AO Kaspersky Lab)
R1 KLIM6; C:\Windows\System32\DRIVERS\klim6.sys [50776 2016-07-05] (AO Kaspersky Lab)
R3 klkbdflt; C:\Windows\System32\DRIVERS\klkbdflt.sys [52608 2015-11-11] (AO Kaspersky Lab)
R3 klmouflt; C:\Windows\System32\DRIVERS\klmouflt.sys [41648 2015-06-07] (Kaspersky Lab ZAO)
R1 klpd; C:\Windows\System32\DRIVERS\klpd.sys [45960 2015-12-07] (AO Kaspersky Lab)
R1 kltdi; C:\Windows\System32\DRIVERS\kltdi.sys [65208 2015-06-11] (Kaspersky Lab ZAO)
R1 Klwtp; C:\Windows\System32\DRIVERS\klwtp.sys [116448 2017-03-14] (AO Kaspersky Lab)
R1 kneps; C:\Windows\System32\DRIVERS\kneps.sys [194440 2015-12-03] (AO Kaspersky Lab)
S1 lfyvfgnkm.sys; C:\WINDOWS\system32\drivers\lfyvfgnkm.sys [15424 2017-07-10] () [Fichier non signé]
R3 netr28x; C:\Windows\System32\DRIVERS\netr28x.sys [2502288 2017-02-02] (MediaTek Inc.)
S1 nolwvfmgo.sys; C:\WINDOWS\system32\drivers\nolwvfmgo.sys [15424 2017-07-10] () [Fichier non signé]
S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [30144 2017-11-16] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [50624 2017-11-16] (NVIDIA Corporation)
R3 nvvhci; C:\Windows\System32\DRIVERS\nvvhci.sys [57792 2017-11-16] (NVIDIA Corporation)
R1 pnkdwzsou.sys; C:\WINDOWS\system32\drivers\pnkdwzsou.sys [142760 2018-01-06] () [Fichier non signé]
R0 PxHlpa64; C:\Windows\System32\Drivers\PxHlpa64.sys [56336 2012-08-10] (Corel Corporation)
S0 qbwvgswe.sys; C:\Windows\System32\drivers\qbwvgswe.sys [15440 2017-09-13] (Acer Laboratories Inc.)
S1 qrumxzklx.sys; C:\WINDOWS\system32\drivers\qrumxzklx.sys [7712 2018-01-02] () [Fichier non signé]
R3 RegFilter; C:\Program Files (x86)\IObit\IObit Malware Fighter\drivers\win7_amd64\regfilter.sys [34752 2016-11-03] (IObit.com)
S3 rtsuvc; C:\Windows\System32\DRIVERS\rtsuvc.sys [8213360 2011-12-29] (Realtek Semiconductor Corp.)
S3 semav6msr64; C:\Windows\system32\drivers\semav6msr64.sys [21984 2016-10-18] ()
R3 Trufos; C:\Windows\System32\DRIVERS\TRUFOS.sys [520032 2016-12-05] (BitDefender S.R.L.)
R0 ugefmuiz.sys; C:\Windows\System32\drivers\ugefmuiz.sys [904104 2017-09-13] () [Fichier non signé]
S1 vfkwphimv.sys; C:\WINDOWS\system32\drivers\vfkwphimv.sys [7712 2017-12-09] () [Fichier non signé]
S1 zbngraucl.sys; C:\WINDOWS\system32\drivers\zbngraucl.sys [7712 2018-01-05] () [Fichier non signé]
S3 EsgScanner; system32\DRIVERS\EsgScanner.sys [X]
S2 npf; \??\C:\Windows\system32\drivers\npf.sys [X]
==================== NetSvcs (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
==================== Un mois - Créés - fichiers et dossiers ========
(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)
2018-01-06 19:46 - 2018-01-06 19:46 - 000040176 _____ C:\Users\utilisateur\Desktop\FRST.txt
2018-01-06 19:44 - 2018-01-06 19:44 - 002393088 _____ (Farbar) C:\Users\utilisateur\Desktop\FRST64.exe
2018-01-06 18:46 - 2018-01-06 18:46 - 000001026 _____ C:\Users\Public\Desktop\VLC media player.lnk
2018-01-06 18:44 - 2018-01-06 18:44 - 000000000 ____D C:\Users\utilisateur\AppData\Roaming\Lavasoft
2018-01-06 18:44 - 2018-01-06 18:44 - 000000000 ____D C:\Users\utilisateur\AppData\Local\Lavasoft
2018-01-06 18:44 - 2018-01-06 18:44 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lavasoft
2018-01-06 18:44 - 2018-01-06 18:44 - 000000000 ____D C:\ProgramData\Lavasoft
2018-01-06 18:44 - 2018-01-06 18:44 - 000000000 ____D C:\Program Files (x86)\Lavasoft
2018-01-06 18:34 - 2018-01-06 18:34 - 000142760 _____ C:\Windows\system32\Drivers\dqjjhcohy.sys
2018-01-06 18:34 - 2018-01-06 18:34 - 000007712 _____ C:\Windows\system32\Drivers\buldtrxfd.sys
2018-01-06 17:41 - 2018-01-06 17:41 - 000000000 _____ C:\autoexec.bat
2018-01-06 17:00 - 2018-01-06 17:01 - 005189808 _____ (Enigma Software Group USA, LLC.) C:\Users\utilisateur\Downloads\SpyHunter-Installer.exe
2018-01-06 16:57 - 2018-01-06 18:33 - 000142760 _____ C:\Windows\system32\Drivers\pnkdwzsou.sys
2018-01-06 16:44 - 2018-01-06 16:44 - 000224712 _____ C:\Users\utilisateur\Desktop\ZHPDiag.txt
2018-01-06 16:42 - 2018-01-06 16:42 - 002961280 _____ C:\Users\utilisateur\Downloads\ZHPDiag3.exe
2018-01-06 16:42 - 2018-01-06 16:42 - 000000832 _____ C:\Users\utilisateur\Desktop\ZHPDiag.lnk
2018-01-06 11:43 - 2018-01-06 18:39 - 000571472 _____ C:\Tiem.txt
2018-01-05 18:54 - 2018-01-06 17:04 - 000001658 _____ C:\Users\utilisateur\Desktop\ZHPCleaner.txt
2018-01-05 18:48 - 2018-01-05 18:48 - 000000844 _____ C:\Users\utilisateur\Desktop\ZHPCleaner.lnk
2018-01-05 18:47 - 2018-01-05 18:48 - 003004288 _____ C:\Users\utilisateur\Downloads\ZHPCleaner.exe
2018-01-05 18:45 - 2018-01-05 18:46 - 000013030 _____ C:\PDOXUSRS.NET
2018-01-05 18:45 - 1999-11-12 05:11 - 000183808 _____ C:\Windows\SysWOW64\BDEADMIN.CPL
2018-01-05 18:45 - 1999-01-20 05:01 - 000210032 _____ C:\Windows\SysWOW64\DBCLIENT.DLL
2018-01-05 18:42 - 2018-01-05 18:42 - 000003204 _____ C:\Windows\System32\Tasks\{9C56B63C-D25E-405A-B9EC-9F9C4E76CF1C}
2018-01-05 18:39 - 2018-01-05 18:40 - 018476835 _____ (Nicolas Coolman ) C:\Users\utilisateur\Downloads\zhp2016setup.exe
2018-01-05 17:35 - 2018-01-06 19:06 - 001872267 _____ C:\Windows\system32\r6lstmp4.dat
2018-01-05 17:25 - 2018-01-05 17:25 - 005337864 _____ C:\Windows\system32\FNTCACHE.DAT
2018-01-05 17:10 - 2018-01-05 17:10 - 000181672 _____ C:\Users\utilisateur\AppData\Local\GDIPFONTCACHEV1.DAT
2018-01-05 16:42 - 2018-01-05 16:42 - 000142760 _____ C:\Windows\system32\Drivers\xpfzzrfux.sys
2018-01-05 16:42 - 2018-01-05 16:42 - 000007712 _____ C:\Windows\system32\Drivers\zbngraucl.sys
2018-01-05 16:20 - 2018-01-05 16:20 - 040237504 _____ (NVIDIA Corporation) C:\Windows\system32\nvcompiler.dll
2018-01-05 16:20 - 2018-01-05 16:20 - 036193912 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv64.dll
2018-01-05 16:20 - 2018-01-05 16:20 - 035156600 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcompiler.dll
2018-01-05 16:20 - 2018-01-05 16:20 - 029237880 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll
2018-01-05 16:20 - 2018-01-05 16:20 - 023265048 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll
2018-01-05 16:20 - 2018-01-05 16:20 - 019362944 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvwgf2um.dll
2018-01-05 16:20 - 2018-01-05 16:20 - 019038440 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl.dll
2018-01-05 16:20 - 2018-01-05 16:20 - 016815736 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys
2018-01-05 16:20 - 2018-01-05 16:20 - 013864560 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll
2018-01-05 16:20 - 2018-01-05 16:20 - 013255032 _____ (NVIDIA Corporation) C:\Windows\system32\nvptxJitCompiler.dll
2018-01-05 16:20 - 2018-01-05 16:20 - 011780560 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll
2018-01-05 16:20 - 2018-01-05 16:20 - 010883928 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvptxJitCompiler.dll
2018-01-05 16:20 - 2018-01-05 16:20 - 003807864 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll
2018-01-05 16:20 - 2018-01-05 16:20 - 003346368 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll
2018-01-05 16:20 - 2018-01-05 16:20 - 001989056 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6438831.dll
2018-01-05 16:20 - 2018-01-05 16:20 - 001673664 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6438831.dll
2018-01-05 16:20 - 2018-01-05 16:20 - 001135280 _____ (NVIDIA Corporation) C:\Windows\system32\nvfatbinaryLoader.dll
2018-01-05 16:20 - 2018-01-05 16:20 - 001099384 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll
2018-01-05 16:20 - 2018-01-05 16:20 - 001030592 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll
2018-01-05 16:20 - 2018-01-05 16:20 - 000981112 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll
2018-01-05 16:20 - 2018-01-05 16:20 - 000932288 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll
2018-01-05 16:20 - 2018-01-05 16:20 - 000885496 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvfatbinaryLoader.dll
2018-01-05 16:20 - 2018-01-05 16:20 - 000615544 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFROpenGL.dll
2018-01-05 16:20 - 2018-01-05 16:20 - 000527104 _____ (NVIDIA Corporation) C:\Windows\system32\nvEncodeAPI64.dll
2018-01-05 16:20 - 2018-01-05 16:20 - 000505976 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFROpenGL.dll
2018-01-05 16:20 - 2018-01-05 16:20 - 000446216 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvEncodeAPI.dll
2018-01-05 16:20 - 2018-01-05 16:20 - 000407248 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvumdshim.dll
2018-01-05 16:20 - 2018-01-05 16:20 - 000171896 _____ (NVIDIA Corporation) C:\Windows\system32\nvinitx.dll
2018-01-05 16:20 - 2018-01-05 16:20 - 000154392 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglshim64.dll
2018-01-05 16:20 - 2018-01-05 16:20 - 000149552 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvinit.dll
2018-01-05 16:20 - 2018-01-05 16:20 - 000132072 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglshim32.dll
2018-01-05 13:21 - 2018-01-05 13:21 - 000142760 _____ C:\Windows\system32\Drivers\wlvmgwbgn.sys
2018-01-02 17:24 - 2018-01-02 17:24 - 000000000 ____D C:\Users\utilisateur\AppData\Roaming\4Free
2018-01-02 17:17 - 2018-01-02 17:17 - 000000000 ____D C:\Users\utilisateur\.fontconfig
2018-01-02 17:16 - 2018-01-02 17:16 - 000004935 _____ C:\ProgramData\vfiakfjk.zeu
2018-01-02 17:16 - 2018-01-02 17:16 - 000000000 ____D C:\ProgramData\Movavi Video Converter 18
2018-01-02 17:16 - 2018-01-02 17:16 - 000000000 ____D C:\ProgramData\Movavi
2018-01-02 17:09 - 2018-01-02 17:10 - 000000000 ____D C:\Users\utilisateur\AppData\Roaming\Apowersoft
2018-01-02 16:45 - 2018-01-02 16:45 - 000000000 ____D C:\ProgramData\DigitalWave.ApplicationUpdater_files
2018-01-02 16:44 - 2018-01-05 16:57 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DVDVideoSoft
2018-01-02 16:44 - 2018-01-02 17:13 - 000000000 ____D C:\Users\utilisateur\AppData\Roaming\DVDVideoSoft
2018-01-02 16:44 - 2018-01-02 16:44 - 000000000 ____D C:\Program Files (x86)\FreeCodecPack
2018-01-02 16:17 - 2018-01-05 13:21 - 000000000 ____D C:\Program Files (x86)\DVD Flick
2018-01-02 16:17 - 2013-10-03 17:02 - 000040960 _____ (vbAccelerator) C:\Windows\SysWOW64\ssubtmr6.dll
2018-01-02 16:17 - 2013-10-03 17:02 - 000036864 _____ (Robdogg Inc.) C:\Windows\SysWOW64\trayicon_handler.ocx
2018-01-02 15:44 - 2018-01-02 15:44 - 000142760 _____ C:\Windows\system32\Drivers\ufersebsl.sys
2018-01-02 15:44 - 2018-01-02 15:44 - 000007712 _____ C:\Windows\system32\Drivers\qrumxzklx.sys
2018-01-02 15:30 - 2018-01-02 15:30 - 000000000 ____D C:\Users\utilisateur\AppData\Local\FreemakeVideoConverter
2018-01-02 08:31 - 2018-01-02 08:31 - 000142760 _____ C:\Windows\system32\Drivers\pmminelud.sys
2018-01-02 08:31 - 2018-01-02 08:31 - 000007712 _____ C:\Windows\system32\Drivers\dbkoqrjil.sys
2017-12-31 20:35 - 2017-12-31 20:35 - 000000000 ____D C:\Users\utilisateur\AppData\Roaming\Google
2017-12-31 14:37 - 2017-12-31 14:37 - 000142760 _____ C:\Windows\system32\Drivers\dprdkupbf.sys
2017-12-31 14:37 - 2017-12-31 14:37 - 000007712 _____ C:\Windows\system32\Drivers\jvxjvtgis.sys
2017-12-28 09:51 - 2017-12-28 09:52 - 000022970 _____ C:\Users\utilisateur\Downloads\Extrait de comptes 30066 10341 000101219.. au 2017-09-29.pdf
2017-12-27 16:03 - 2017-12-27 16:03 - 000000218 _____ C:\Users\utilisateur\AppData\Local\recently-used.xbel
2017-12-27 16:03 - 2017-12-27 16:03 - 000000218 _____ C:\Users\utilisateur\.recently-used.xbel
2017-12-27 16:00 - 2017-12-27 16:00 - 000000000 ____D C:\Users\utilisateur\AppData\Local\RawTherapee
2017-12-27 16:00 - 2017-12-27 16:00 - 000000000 ____D C:\Users\utilisateur\AppData\Local\gtk-3.0
2017-12-27 15:58 - 2017-12-27 15:58 - 000000938 _____ C:\Users\Public\Desktop\RawTherapee 5.3.lnk
2017-12-27 15:58 - 2017-12-27 15:58 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RawTherapee
2017-12-27 15:58 - 2017-12-27 15:58 - 000000000 ____D C:\Program Files\RawTherapee
2017-12-27 15:21 - 2017-12-27 15:21 - 000000000 ____D C:\Users\utilisateur\AppData\Roaming\hugin
2017-12-27 15:19 - 2017-12-27 15:19 - 000000003 _____ C:\Users\utilisateur\AppData\Roaming\.ptbt0
2017-12-27 15:19 - 2017-12-27 15:19 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Hugin
2017-12-27 15:19 - 2017-12-27 15:19 - 000000000 ____D C:\Program Files\Hugin
2017-12-27 15:16 - 2017-12-27 15:18 - 040038400 _____ C:\Users\utilisateur\Downloads\Hugin-2017.0-win64.msi
2017-12-27 11:50 - 2017-12-27 11:51 - 000000000 ____D C:\ProgramData\Google
2017-12-27 11:50 - 2017-12-27 11:50 - 000000000 ____D C:\Program Files\Google
2017-12-27 11:28 - 2017-12-27 11:34 - 450071920 _____ C:\Users\utilisateur\Downloads\nikcollection-full-1.2.11.exe
2017-12-22 16:25 - 2018-01-05 17:44 - 000000000 ____D C:\Users\utilisateur\AppData\Roaming\MPC-HC
2017-12-20 16:18 - 2017-12-20 16:18 - 000002464 _____ C:\Users\utilisateur\Desktop\TumblRipper.BugReporter.lnk
2017-12-20 16:18 - 2017-12-20 16:18 - 000000000 ____D C:\Users\utilisateur\AppData\Local\TumblRipper
2017-12-20 16:13 - 2017-12-20 16:18 - 000002356 _____ C:\Users\utilisateur\Desktop\TumblRipper.lnk
2017-12-20 16:13 - 2017-12-20 16:13 - 000000000 ____D C:\Program Files (x86)\TumblRipper
2017-12-20 16:12 - 2017-12-20 16:12 - 000911640 _____ (TumblRipper ) C:\Users\utilisateur\Downloads\TumblRipperDonate(2).exe
2017-12-20 16:03 - 2017-12-20 16:03 - 000911640 _____ (TumblRipper ) C:\Users\utilisateur\Downloads\TumblRipperDonate(1).exe
2017-12-20 13:52 - 2017-12-20 13:52 - 000911640 _____ (TumblRipper ) C:\Users\utilisateur\Downloads\TumblRipperDonate.exe
2017-12-20 13:44 - 2017-12-20 16:18 - 000000000 ____D C:\Users\utilisateur\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ZARk
2017-12-20 13:44 - 2017-12-20 16:18 - 000000000 ____D C:\Users\utilisateur\AppData\Local\SquirrelTemp
2017-12-20 13:44 - 2017-12-20 13:48 - 000000000 ____D C:\Users\utilisateur\AppData\Local\TumblRipper3
2017-12-20 13:44 - 2017-12-20 13:44 - 000000000 ____D C:\Users\utilisateur\AppData\Roaming\Intertel
2017-12-16 10:56 - 2017-12-16 10:57 - 038670008 _____ (DownloadHelper ) C:\Users\utilisateur\Downloads\VdhCoAppSetup-1.1.0.exe
2017-12-13 15:17 - 2017-12-13 15:17 - 000001002 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Bridge CC 2018.lnk
2017-12-13 15:06 - 2017-12-13 15:06 - 000001061 _____ C:\Users\utilisateur\Desktop\Adobe Lightroom Classic CC.lnk
2017-12-13 15:06 - 2017-12-13 15:06 - 000001061 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Lightroom Classic CC.lnk
2017-12-11 08:57 - 2017-12-11 08:57 - 000090136 _____ C:\Users\utilisateur\Downloads\article_722343.pdf
2017-12-09 16:57 - 2017-12-09 16:57 - 000142760 _____ C:\Windows\system32\Drivers\ohvcywdpw.sys
2017-12-09 16:57 - 2017-12-09 16:57 - 000007712 _____ C:\Windows\system32\Drivers\vfkwphimv.sys
2017-12-09 14:49 - 2017-12-09 14:49 - 000142760 _____ C:\Windows\system32\Drivers\jbljfvvig.sys
2017-12-09 14:49 - 2017-12-09 14:49 - 000007712 _____ C:\Windows\system32\Drivers\bmlmmigie.sys
2017-12-08 09:27 - 2017-12-08 09:27 - 000000000 ____D C:\Users\utilisateur\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Cyberfox
2017-12-07 14:17 - 2017-12-07 14:17 - 000001747 _____ C:\Users\Public\Desktop\iTunes.lnk
2017-12-07 14:17 - 2017-12-07 14:17 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2017-12-07 14:17 - 2017-12-07 14:17 - 000000000 ____D C:\Program Files\iTunes
2017-12-07 14:17 - 2017-12-07 14:17 - 000000000 ____D C:\Program Files\iPod
2017-12-07 14:08 - 2017-12-07 14:13 - 264340296 _____ (Apple Inc.) C:\Users\utilisateur\Downloads\iTunes_(64bit)_v12.7.2.exe
2017-12-07 08:50 - 2017-12-07 08:50 - 000142760 _____ C:\Windows\system32\Drivers\daqpvbzve.sys
2017-12-07 08:50 - 2017-12-07 08:50 - 000007712 _____ C:\Windows\system32\Drivers\eblhdfvtt.sys
==================== Un mois - Modifiés - fichiers et dossiers ========
(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)
2018-01-06 19:46 - 2017-04-27 15:47 - 000000000 ____D C:\Users\utilisateur\AppData\Local\OrangeCloud
2018-01-06 19:46 - 2017-02-25 09:51 - 000000000 ____D C:\FRST
2018-01-06 19:41 - 2016-04-02 09:59 - 000000000 ____D C:\ProgramData\Kaspersky Lab
2018-01-06 19:39 - 2016-11-16 10:39 - 000000000 ____D C:\Users\utilisateur\AppData\LocalLow\Mozilla
2018-01-06 18:44 - 2017-11-22 12:56 - 000000000 ____D C:\Program Files\Mozilla Firefox
2018-01-06 18:42 - 2009-07-14 05:45 - 000023728 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2018-01-06 18:42 - 2009-07-14 05:45 - 000023728 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2018-01-06 18:40 - 2009-07-14 16:24 - 000761414 _____ C:\Windows\system32\perfh00C.dat
2018-01-06 18:40 - 2009-07-14 16:24 - 000154342 _____ C:\Windows\system32\perfc00C.dat
2018-01-06 18:40 - 2009-07-14 06:13 - 001695496 _____ C:\Windows\system32\PerfStringBackup.INI
2018-01-06 18:40 - 2009-07-14 04:20 - 000000000 ____D C:\Windows\inf
2018-01-06 18:36 - 2017-08-24 10:01 - 001872267 _____ C:\Windows\system32\r6lstmp5.dat
2018-01-06 18:36 - 2016-04-01 10:11 - 000000000 ____D C:\ProgramData\NVIDIA
2018-01-06 18:35 - 2017-04-27 10:31 - 000000000 ___RD C:\Users\utilisateur\Google Drive
2018-01-06 18:35 - 2016-04-02 10:43 - 000000000 ___RD C:\Users\utilisateur\Creative Cloud Files
2018-01-06 18:35 - 2016-04-02 10:29 - 000000000 ____D C:\Users\utilisateur\AppData\Local\Adobe
2018-01-06 18:34 - 2009-07-14 06:08 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2018-01-06 17:41 - 2016-04-01 09:46 - 000000000 ____D C:\Users\utilisateur
2018-01-06 17:04 - 2017-08-15 19:29 - 000000000 ____D C:\Users\utilisateur\AppData\Roaming\ZHP
2018-01-06 16:59 - 2016-08-05 19:49 - 000000000 ____D C:\Users\utilisateur\AppData\LocalLow\IObit
2018-01-06 16:56 - 2016-08-05 19:53 - 000000000 ____D C:\AdwCleaner
2018-01-06 16:42 - 2017-08-15 19:29 - 000000000 ____D C:\Users\utilisateur\AppData\Local\ZHP
2018-01-06 12:19 - 2017-07-17 18:59 - 000000000 ____D C:\ProgramData\Malwarebytes
2018-01-06 10:10 - 2017-08-17 07:17 - 000000000 ____D C:\Program Files (x86)\Glary Utilities 5
2018-01-06 09:59 - 2017-02-02 08:32 - 000000000 ____D C:\Program Files (x86)\IObit
2018-01-06 09:59 - 2016-08-05 19:49 - 000000000 ____D C:\ProgramData\IObit
2018-01-06 09:36 - 2016-08-05 19:49 - 000002910 _____ C:\Windows\System32\Tasks\Driver Booster SkipUAC (utilisateur)
2018-01-05 20:23 - 2016-04-01 10:25 - 000000000 ____D C:\Windows\system32\MRT
2018-01-05 20:21 - 2017-10-11 11:28 - 133326408 ____C (Microsoft Corporation) C:\Windows\system32\MRT-KB890830.exe
2018-01-05 20:21 - 2016-04-01 10:25 - 133326408 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2018-01-05 20:20 - 2016-04-03 08:07 - 000000000 ____D C:\Program Files\PeerBlock
2018-01-05 19:37 - 2016-04-03 08:10 - 000000000 ____D C:\Users\utilisateur\AppData\Roaming\uTorrent
2018-01-05 18:42 - 2016-10-01 15:08 - 000000000 ____D C:\Users\utilisateur\AppData\Local\CrashDumps
2018-01-05 17:27 - 2016-08-05 19:48 - 000000000 ____D C:\Users\utilisateur\AppData\Roaming\IObit
2018-01-05 17:24 - 2009-07-14 04:20 - 000000000 ____D C:\Windows\SysWOW64\Setup
2018-01-05 17:24 - 2009-07-14 04:20 - 000000000 ____D C:\Windows\system32\Setup
2018-01-05 17:14 - 2017-08-17 07:17 - 000003338 _____ C:\Windows\System32\Tasks\GlaryInitialize 5
2018-01-05 17:14 - 2009-07-14 04:20 - 000000000 ____D C:\Windows\security
2018-01-05 16:57 - 2017-11-22 12:56 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2018-01-05 16:25 - 2016-04-12 10:21 - 000000000 ____D C:\Users\utilisateur\Documents\My CamStudio Temp Files
2018-01-05 16:22 - 2017-09-27 09:34 - 000002248 _____ C:\Users\Public\Desktop\Driver Booster 5.lnk
2018-01-05 16:20 - 2017-08-03 14:59 - 022096064 _____ (NVIDIA Corporation) C:\Windows\system32\nvwgf2umx.dll
2018-01-05 16:20 - 2017-08-03 14:59 - 000492232 _____ (NVIDIA Corporation) C:\Windows\system32\nvumdshimx.dll
2018-01-05 16:20 - 2017-08-03 14:58 - 018207576 _____ (NVIDIA Corporation) C:\Windows\system32\nvd3dumx.dll
2018-01-05 16:20 - 2017-08-03 14:58 - 015027984 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvd3dum.dll
2018-01-05 16:20 - 2017-08-03 14:57 - 004284680 _____ (NVIDIA Corporation) C:\Windows\system32\nvapi64.dll
2018-01-05 16:20 - 2017-08-03 14:57 - 003798848 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvapi.dll
2018-01-05 16:20 - 2016-04-01 10:10 - 000046182 _____ C:\Windows\system32\nvinfo.pb
2018-01-05 13:21 - 2016-08-21 09:44 - 000000000 ____D C:\Program Files (x86)\CDBurnerXP
2018-01-05 13:21 - 2016-08-05 19:49 - 000000000 ____D C:\ProgramData\ProductData
2018-01-05 13:21 - 2016-04-02 10:30 - 000000000 ____D C:\Windows\SysWOW64\Macromed
2018-01-05 13:21 - 2016-04-02 10:30 - 000000000 ____D C:\Windows\system32\Macromed
2018-01-05 13:21 - 2016-04-01 10:26 - 000000000 ____D C:\Windows\System32\Tasks\AVAST Software
2018-01-05 13:21 - 2016-04-01 10:11 - 000000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2018-01-05 13:21 - 2016-04-01 10:10 - 000000000 ____D C:\Program Files\NVIDIA Corporation
2018-01-05 13:21 - 2009-07-14 04:20 - 000000000 ____D C:\Windows\registration
2018-01-03 12:53 - 2016-04-12 10:18 - 000000096 _____ C:\Users\utilisateur\AppData\Roaming\version2.xml
2018-01-02 17:57 - 2016-07-10 14:43 - 000001073 _____ C:\Users\utilisateur\.lmmsrc.xml
2018-01-02 17:17 - 2017-10-05 10:52 - 000000000 ____D C:\Users\utilisateur\AppData\Local\Movavi
2018-01-02 16:13 - 2016-08-21 09:44 - 000001119 _____ C:\Users\Public\Desktop\CDBurnerXP.lnk
2018-01-02 16:13 - 2016-08-21 09:44 - 000001065 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CDBurnerXP.lnk
2018-01-02 14:41 - 2016-04-12 10:21 - 000004556 _____ C:\Users\utilisateur\AppData\Roaming\CamStudio.cfg
2018-01-02 14:41 - 2016-04-12 10:21 - 000000408 _____ C:\Users\utilisateur\AppData\Roaming\CamShapes.ini
2018-01-02 14:41 - 2016-04-12 10:21 - 000000408 _____ C:\Users\utilisateur\AppData\Roaming\CamLayout.ini
2018-01-02 14:41 - 2016-04-12 10:21 - 000000110 _____ C:\Users\utilisateur\AppData\Roaming\Camdata.ini
2017-12-27 15:17 - 2017-05-19 15:55 - 000001326 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\IObit Uninstaller.lnk
2017-12-27 15:17 - 2017-05-19 15:55 - 000001314 _____ C:\Users\Public\Desktop\IObit Uninstaller.lnk
2017-12-27 15:17 - 2017-05-19 15:55 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\IObit Uninstaller
2017-12-27 11:51 - 2016-04-02 10:36 - 000000000 ____D C:\Users\utilisateur\AppData\Roaming\Adobe
2017-12-27 11:51 - 2016-04-01 10:38 - 000000000 ____D C:\Users\utilisateur\AppData\Local\Google
2017-12-22 11:45 - 2017-10-24 16:43 - 000003872 _____ C:\Windows\System32\Tasks\CCleaner Update
2017-12-22 11:45 - 2016-04-02 16:47 - 000000000 ____D C:\Program Files\CCleaner
2017-12-18 09:23 - 2017-08-17 07:17 - 000002996 _____ C:\Windows\System32\Tasks\GU5SkipUAC
2017-12-18 09:23 - 2017-08-17 07:17 - 000001052 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Glary Utilities 5.lnk
2017-12-18 09:23 - 2017-08-17 07:17 - 000001040 _____ C:\Users\Public\Desktop\Glary Utilities 5.lnk
2017-12-16 10:57 - 2017-11-26 10:52 - 000000000 ____D C:\Program Files\net.downloadhelper.coapp
2017-12-13 15:17 - 2017-11-14 18:47 - 000000000 ___HD C:\adobeTemp
2017-12-13 15:16 - 2016-04-02 10:54 - 000000000 ____D C:\Program Files\Adobe
2017-12-13 14:29 - 2017-09-27 11:21 - 000004496 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2017-12-13 14:29 - 2016-08-05 19:57 - 000803328 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2017-12-13 14:29 - 2016-08-05 19:57 - 000144896 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2017-12-08 15:39 - 2017-07-25 14:34 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Backup and Sync from Google
2017-12-08 15:39 - 2017-04-27 10:29 - 000002002 _____ C:\Users\Public\Desktop\Google Slides.lnk
2017-12-08 15:39 - 2017-04-27 10:29 - 000002000 _____ C:\Users\Public\Desktop\Google Sheets.lnk
2017-12-08 15:39 - 2017-04-27 10:29 - 000001990 _____ C:\Users\Public\Desktop\Google Docs.lnk
2017-12-08 09:27 - 2017-11-22 17:00 - 000000000 ____D C:\Program Files\Cyberfox
==================== Fichiers à la racine de certains dossiers =======
2017-12-27 15:19 - 2017-12-27 15:19 - 000000003 _____ () C:\Users\utilisateur\AppData\Roaming\.ptbt0
2017-01-28 18:10 - 2017-11-04 11:36 - 000000033 _____ () C:\Users\utilisateur\AppData\Roaming\AdobeWLCMCache.dat
2016-04-12 10:21 - 2018-01-02 14:41 - 000000110 _____ () C:\Users\utilisateur\AppData\Roaming\Camdata.ini
2016-04-12 10:21 - 2018-01-02 14:41 - 000000408 _____ () C:\Users\utilisateur\AppData\Roaming\CamLayout.ini
2016-04-12 10:21 - 2018-01-02 14:41 - 000000408 _____ () C:\Users\utilisateur\AppData\Roaming\CamShapes.ini
2016-04-12 10:21 - 2018-01-02 14:41 - 000004556 _____ () C:\Users\utilisateur\AppData\Roaming\CamStudio.cfg
2016-04-12 10:47 - 2017-10-21 09:41 - 000000098 _____ () C:\Users\utilisateur\AppData\Roaming\CamStudio.Producer.command
2016-04-12 10:47 - 2017-10-21 09:41 - 000000000 _____ () C:\Users\utilisateur\AppData\Roaming\CamStudio.Producer.Data.ini
2016-04-12 10:47 - 2017-10-21 09:41 - 000001205 _____ () C:\Users\utilisateur\AppData\Roaming\CamStudio.Producer.ini
2017-09-15 18:50 - 2017-09-15 18:50 - 000000268 ___RH () C:\Users\utilisateur\AppData\Roaming\Instrument Library
2017-09-15 18:50 - 2017-09-15 18:50 - 000000268 ___RH () C:\Users\utilisateur\AppData\Roaming\Internet Services
2016-04-12 10:18 - 2018-01-03 12:53 - 000000096 _____ () C:\Users\utilisateur\AppData\Roaming\version2.xml
2017-11-30 15:16 - 2017-11-30 15:16 - 000003584 _____ () C:\Users\utilisateur\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2017-07-10 08:32 - 2017-07-10 08:32 - 000140800 _____ () C:\Users\utilisateur\AppData\Local\installer.dat
2017-12-27 16:03 - 2017-12-27 16:03 - 000000218 _____ () C:\Users\utilisateur\AppData\Local\recently-used.xbel
2016-07-13 11:03 - 2017-11-27 14:11 - 000007598 _____ () C:\Users\utilisateur\AppData\Local\Resmon.ResmonCfg
Certains fichiers dans TEMP:
====================
2018-01-06 16:37 - 2018-01-06 16:37 - 000452096 _____ () C:\Users\utilisateur\AppData\Local\Temp\fhnhpmjx.exe
2018-01-06 10:05 - 2018-01-06 10:05 - 000452096 _____ () C:\Users\utilisateur\AppData\Local\Temp\jtxozlysr.exe
2018-01-06 18:39 - 2018-01-06 18:39 - 000452096 _____ () C:\Users\utilisateur\AppData\Local\Temp\rtjeua.exe
2018-01-06 09:35 - 2018-01-06 09:35 - 000452096 _____ () C:\Users\utilisateur\AppData\Local\Temp\scjivfyzx.exe
2018-01-05 17:30 - 2018-01-05 17:30 - 000452096 _____ () C:\Users\utilisateur\AppData\Local\Temp\srjnxwdj.exe
2018-01-06 17:02 - 2018-01-06 17:02 - 000452096 _____ () C:\Users\utilisateur\AppData\Local\Temp\tjtjgdsbhw.exe
2018-01-06 12:16 - 2018-01-06 12:16 - 000452096 _____ () C:\Users\utilisateur\AppData\Local\Temp\vqppzja.exe
2018-01-05 17:38 - 2018-01-05 17:38 - 000452096 _____ () C:\Users\utilisateur\AppData\Local\Temp\wfezbqezle.exe
2018-01-06 11:43 - 2018-01-06 11:43 - 000452096 _____ () C:\Users\utilisateur\AppData\Local\Temp\xfgeyuj.exe
2018-01-06 12:53 - 2018-01-06 12:53 - 000452096 _____ () C:\Users\utilisateur\AppData\Local\Temp\zpfedrchjs.exe
==================== Bamital & volsnap ======================
(Il n'y a pas de correction automatique pour les fichiers qui ne satisfont pas à la vérification.)
C:\Windows\system32\winlogon.exe => Le fichier est signé numériquement
C:\Windows\system32\wininit.exe => Le fichier est signé numériquement
C:\Windows\SysWOW64\wininit.exe => Le fichier est signé numériquement
C:\Windows\explorer.exe => Le fichier est signé numériquement
C:\Windows\SysWOW64\explorer.exe => Le fichier est signé numériquement
C:\Windows\system32\svchost.exe => Le fichier est signé numériquement
C:\Windows\SysWOW64\svchost.exe => Le fichier est signé numériquement
C:\Windows\system32\services.exe => Le fichier est signé numériquement
C:\Windows\system32\User32.dll => Le fichier est signé numériquement
C:\Windows\SysWOW64\User32.dll => Le fichier est signé numériquement
C:\Windows\system32\userinit.exe => Le fichier est signé numériquement
C:\Windows\SysWOW64\userinit.exe => Le fichier est signé numériquement
C:\Windows\system32\rpcss.dll => Le fichier est signé numériquement
C:\Windows\system32\dnsapi.dll => Le fichier est signé numériquement
C:\Windows\SysWOW64\dnsapi.dll => Le fichier est signé numériquement
C:\Windows\system32\Drivers\volsnap.sys => Le fichier est signé numériquement
LastRegBack: 2017-12-29 16:35
==================== Fin de FRST.txt ============================