Résultats d'analyse de Farbar Recovery Scan Tool (FRST) (x64) Version: 16-10-2017 Exécuté par jmschneider (administrateur) sur L-15N002 (17-10-2017 16:49:57) Exécuté depuis C:\Users\jmschneider\Desktop Profils chargés: jmschneider (Profils disponibles: Administrateur & sgayme & acahagne & jmschneider & mluong & vdomalain & MLOUVEL & FRAPITA & Administrateur) Platform: Windows 7 Professional Service Pack 1 (X64) Langue: Français (France) Internet Explorer Version 11 (Navigateur par défaut: Chrome) Mode d'amorçage: Normal Tutoriel pour Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processus (Avec liste blanche) ================= (Si un élément est inclus dans le fichier fixlist.txt, le processus sera arrêté. Le fichier ne sera pas déplacé.) (Lenovo.) C:\Windows\System32\ibmpmsvc.exe (Juniper Networks, Inc.) C:\Program Files (x86)\Common Files\Juniper Networks\JUNS\dsAccessService.exe (Pulse Secure, LLC) C:\Program Files (x86)\Common Files\Pulse Secure\JUNS\PulseSecureService.exe (Microsoft Corporation) C:\Windows\System32\wlanext.exe (Acronis) C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe (Acronis) C:\Program Files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe (Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe (Apple Inc.) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Dropbox, Inc.) C:\Windows\System32\DbxSvc.exe (Pulse Secure, LLC) C:\Program Files (x86)\Pulse Secure\Common Files\dsNcService.exe (SEIKO EPSON CORPORATION) C:\Program Files\EPSON Projector\EasyMP Multi PC Projection\EMP_MPENSV.exe (SEIKO EPSON CORPORATION) C:\Program Files (x86)\EPSON Projector\EasyMP Network Projection V2\EMP_NSWLSV.exe (Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe (Condusiv Technologies) C:\Program Files\Condusiv Technologies\ExpressCache\ExpressCache.exe (Lenovo) C:\Program Files (x86)\Lenovo\RapidBoot HDD Accelerator\FBService.exe (Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe (Garmin Ltd. or its subsidiaries) C:\Program Files (x86)\Garmin\Device Interaction Service\GarminService.exe (%CFullName%) C:\Program Files\Lenovo\Fingerprint Manager Pro\opvapp.exe (Microsoft Corporation) C:\Program Files (x86)\Common Files\microsoft shared\Phone Tools\CoreCon\11.0\bin\IpOverUsbSvc.exe (Lenovo Group Limited) C:\Program Files\Lenovo\Communications Utility\CamMute.exe (Lenovo Group Limited) C:\Program Files\Lenovo\Communications Utility\TPKNRSVC.exe (Lenovo Group Limited) C:\Program Files\Lenovo\Communications Utility\vcamsvc.exe (Lenovo Group Limited) C:\Program Files\Lenovo\VIRTSCRL\lvvsst.exe (IBM Corp) C:\Lotus\notes\SUService.exe (Trend Micro Inc.) C:\Program Files (x86)\Trend Micro\OfficeScan Client\Ntrtscan.exe (Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe (Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe (TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\TPHKSVC.exe (Synaptics Incorporated) C:\Windows\System32\valWBFPolicyService.exe (Wondershare) C:\Program Files (x86)\Wondershare\WAF\2.4.2.222\WsAppService.exe (Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe (Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\micmute.exe (Trend Micro Inc.) C:\Program Files (x86)\Trend Micro\OfficeScan Client\TmListen.exe (Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\tphkload.exe (Trend Micro Inc.) C:\Program Files (x86)\Trend Micro\OfficeScan Client\CNTAoSMgr.exe (Trend Micro Inc.) C:\Program Files (x86)\Trend Micro\OfficeScan Client\tmssclient.exe (Microsoft Corporation) C:\Windows\System32\wisptis.exe (Trend Micro Inc.) C:\Program Files (x86)\Trend Micro\OfficeScan Client\CCSF\TmCCSF.exe (Trend Micro Inc.) C:\Program Files (x86)\Trend Micro\BM\TMBMSRV.exe (Lenovo Group Limited) C:\Program Files\Lenovo\VIRTSCRL\virtscrl.exe (Microsoft Corporation) C:\Windows\System32\wisptis.exe (Microsoft Corporation) C:\Windows\System32\rundll32.exe (Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\TPONSCR.exe (Lenovo.) C:\Windows\System32\TpShocks.exe (Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\shtctky.exe (Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\tpnumlkd.exe (Lenovo) C:\Program Files (x86)\Lenovo\Access Connections\AcDeskBandHlpr.exe (Lenovo Group Limited) C:\Program Files\Lenovo\Password Manager\password_manager.exe (Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe (Lenovo Group Limited) C:\Program Files\Lenovo\Communications Utility\TpKnrres.exe (Microsoft Corporation) C:\Program Files\Microsoft Office\Office14\MSOSYNC.EXE (Hewlett-Packard Development Company, LP) C:\Program Files\HP\HP ENVY 5540 series\Bin\ScanToPCActivationApp.exe (Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPLpr.exe (Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe (Canon INC.) C:\Program Files (x86)\Canon\EOS Utility\EOS Utility.exe (Microsoft Corporation) C:\Program Files\Microsoft Office\Office14\ONENOTEM.EXE (Microsoft Corporation) C:\Windows\SysWOW64\rundll32.exe (Trend Micro Inc.) C:\Program Files (x86)\Trend Micro\OfficeScan Client\PccNTMon.exe (Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe (Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe (Microsoft Corporation) C:\Windows\System32\rundll32.exe (Lenovo Group Limited) C:\Program Files (x86)\Lenovo\Password Manager\pwm_ie_helper_desktop.exe (Lenovo Group Limited) C:\Program Files (x86)\Lenovo\Password Manager\password_manager.exe (Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe (Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe (CANON INC.) C:\Program Files (x86)\Canon\EOS Utility\EOSUPNPSV.exe (Lenovo Group Limited) C:\Program Files (x86)\ThinkPad\Utilities\SCHTASK.EXE (Microsoft Corporation) C:\Windows\System32\mobsync.exe (Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe () C:\Program Files (x86)\Lenovo\System Update\SUService.exe (Motorola Solutions, Inc.) C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe (Motorola Solutions, Inc.) C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe (Motorola Solutions, Inc.) C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe (Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe (Acronis) C:\Program Files (x86)\Common Files\Acronis\SyncAgent\syncagentsrv.exe (Lenovo) C:\Users\jmschneider\AppData\Local\Apps\2.0\PO0A8R61.7GP\JN9TPHMA.LWZ\lsb...tion_2d7b41b05b24775e_0001.0006_3b0a905c8de4f74a\LSB.exe (Lenovo) C:\Program Files (x86)\ThinkPad\Utilities\PWMDBSVC.exe (Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe (Microsoft Corporation) C:\Program Files\Microsoft Office\Office14\EXCEL.EXE (Microsoft Corporation) C:\Program Files\Microsoft Office\Office14\EXCEL.EXE (Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE (IBM Corp) C:\Lotus\notes\nlnotes.exe (IBM) C:\Lotus\notes\framework\rcp\eclipse\plugins\com.ibm.rcp.base_9.0.1.20131002-1404\win32\x86\notes2.exe (IBM Corp) C:\Lotus\notes\ntaskldr.exe (Don HO don.h@free.fr) C:\Program Files (x86)\Notepad++\notepad++.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe ==================== Registre (Avec liste blanche) =========================== (Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé. Le fichier ne sera pas déplacé.) HKLM\...\Run: [PasswordManager] => C:\Program Files\Lenovo\Password Manager\password_manager.exe [1792800 2014-10-21] (Lenovo Group Limited) HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2823848 2015-02-05] (Synaptics Incorporated) HKLM\...\Run: [LENOVO.TPKNRRES] => C:\Program Files\Lenovo\Communications Utility\TPKNRRES.exe [296664 2017-05-12] (Lenovo Group Limited) HKLM-x32\...\Run: [PWMTRV] => rundll32 "C:\Program Files (x86)\ThinkPad\Utilities\PWMTR64V.DLL",PwrMgrBkGndMonitor HKLM-x32\...\Run: [OfficeScanNT Monitor] => C:\Program Files (x86)\Trend Micro\OfficeScan Client\pccntmon.exe [3382056 2016-10-05] (Trend Micro Inc.) HKLM-x32\...\Run: [] => [X] HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [595480 2016-03-20] (Oracle Corporation) HKLM-x32\...\Run: [Dropbox] => C:\Program Files (x86)\Dropbox\Client\Dropbox.exe [3481912 2017-10-03] (Dropbox, Inc.) Winlogon\Notify\igfxcui: igfxdev.dll [X] HKU\S-1-5-21-2036766668-3896712167-1855363723-11252\...\Run: [OfficeSyncProcess] => C:\Program Files\Microsoft Office\Office14\MSOSYNC.EXE [912480 2015-09-02] (Microsoft Corporation) HKU\S-1-5-21-2036766668-3896712167-1855363723-11252\...\Run: [HP ENVY 5540 series (NET)] => C:\Program Files\HP\HP ENVY 5540 series\Bin\ScanToPCActivationApp.exe [3651080 2015-03-09] (Hewlett-Packard Development Company, LP) HKU\S-1-5-21-2036766668-3896712167-1855363723-11252\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [20584608 2013-11-14] (Skype Technologies S.A.) HKU\S-1-5-21-2036766668-3896712167-1855363723-11252\...\Run: [Google Update] => C:\Users\jmschneider\AppData\Local\Google\Update\1.3.33.5\GoogleUpdateCore.exe HKU\S-1-5-21-2036766668-3896712167-1855363723-11252\...\Run: [Barre d'outils Cordial] => C:\PROGRAM FILES (X86)\CORDIAL\BARRE_OUTILS_CORDIAL.EXE [512068 2015-12-09] (Synapse Développement) HKU\S-1-5-21-2036766668-3896712167-1855363723-11252\...\Run: [ApowerMirror] => C:\Program Files (x86)\Apowersoft\ApowerMirror\ApowerMirror.exe /autoStart HKU\S-1-5-21-2036766668-3896712167-1855363723-11252\...\Policies\Explorer: [NoInplaceSharing] 0 HKU\S-1-5-21-2036766668-3896712167-1855363723-11252\...\MountPoints2: {421d91c8-5d39-11e3-8c10-806e6f6e6963} - Q:\LenovoQDrive.exe HKU\S-1-5-18\...\Run: [GarminExpressTrayApp] => C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe [1421736 2017-03-28] (Garmin Ltd. or its subsidiaries) Startup: C:\Users\jmschneider\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\EOS Utility.lnk [2017-04-17] ShortcutTarget: EOS Utility.lnk -> C:\Program Files (x86)\Canon\EOS Utility\EOS Utility.exe (Canon INC.) Startup: C:\Users\jmschneider\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2010 - Capture d’écran et lancement.lnk [2017-10-17] ShortcutTarget: OneNote 2010 - Capture d’écran et lancement.lnk -> C:\Program Files\Microsoft Office\Office14\ONENOTEM.EXE (Microsoft Corporation) Startup: C:\Users\jmschneider\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\SystemExplorerDisabled [2016-10-30] () CHR HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION ==================== Internet (Avec liste blanche) ==================== (Si un élément est inclus dans le fichier fixlist.txt, s'il s'agit d'un élément du Registre, il sera supprimé ou restauré à la valeur par défaut.) Tcpip\Parameters: [DhcpNameServer] 172.23.200.10 192.168.1.21 Tcpip\..\Interfaces\{31E9A69B-301B-44C5-85FE-361B4C90C253}: [DhcpNameServer] 172.23.200.10 192.168.1.21 Tcpip\..\Interfaces\{5E668251-543E-40CE-9A8C-66A79E16F723}: [DhcpNameServer] 192.168.1.1 Tcpip\..\Interfaces\{69CC05F3-05EF-4554-81B5-46520F391F77}: [DhcpNameServer] 192.168.42.129 Tcpip\..\Interfaces\{9311735F-D36F-4AFA-B7BE-BB86ABA492BD}: [DhcpNameServer] 192.168.44.1 Tcpip\..\Interfaces\{B81CABE5-9D60-4A89-925C-A62219066C8E}: [DhcpNameServer] 172.23.200.10 192.168.1.21 Internet Explorer: ================== HKU\S-1-5-21-2036766668-3896712167-1855363723-11252\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://recherche/RetD/index.php?option=com_dailymessage&Itemid=27&includepage=Recherche_action HKU\S-1-5-21-2036766668-3896712167-1855363723-11252\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://www.msn.com/fr-fr/?ocid=iehp SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\S-1-5-21-2036766668-3896712167-1855363723-11252 -> DefaultScope {557B08E5-CDF6-47E3-87A7-D96DB2D78EE6} URL = SearchScopes: HKU\S-1-5-21-2036766668-3896712167-1855363723-11252 -> {557B08E5-CDF6-47E3-87A7-D96DB2D78EE6} URL = BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-19] (Microsoft Corporation) BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll => Pas de fichier BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation) BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll => Pas de fichier BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-19] (Microsoft Corporation) BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_77\bin\ssv.dll [2016-04-10] (Oracle Corporation) BHO-x32: Evernote extension -> {92EF2EAD-A7CE-4424-B0DB-499CF856608E} -> C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll [2017-03-20] (Evernote Corp., 305 Walnut Street, Redwood City, CA 94063) BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation) BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_77\bin\jp2ssv.dll [2016-04-10] (Oracle Corporation) DPF: HKLM {583C990C-2D38-410c-9A4A-0932D66A754F} hxxps://pulsesecure.net/dana-cached/sc/PulseSetupClient64.cab DPF: HKLM {AA570693-00E2-4907-B6F1-60A1199B030C} hxxps://juniper.net/dana-cached/sc/JuniperSetupClient64.cab DPF: HKLM-x32 {8E375A63-C616-46F1-AC77-59DF78F3A826} hxxps://pulsesecure.net/dana-cached/sc/PulseSetupClient.cab DPF: HKLM-x32 {DEA985BB-7945-11D4-97AF-0006297090B0} hxxp://192.168.1.54:83/jde/axctls/jdeexpimp.cab DPF: HKLM-x32 {E5F5D008-DD2C-4D32-977D-1A0ADF03058B} hxxps://juniper.net/dana-cached/setup/JuniperSetupSP1.cab DPF: HKLM-x32 {F27237D7-93C8-44C2-AC6E-D6057B9A918F} hxxps://juniper.net/dana-cached/sc/JuniperSetupClient.cab Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll [2013-02-26] (Skype Technologies) FireFox: ======== FF ProfilePath: C:\Users\jmschneider\AppData\Roaming\Mozilla\Firefox\Profiles\ncdhkgm9.default [2016-03-19] FF Homepage: Mozilla\Firefox\Profiles\ncdhkgm9.default -> hxxp://r.orange.fr/r/Oodc_FF_oi_v2?ref=O_OI_defaultPage_FF_odc FF Extension: (Exif Viewer) - C:\Users\jmschneider\AppData\Roaming\Mozilla\Firefox\Profiles\ncdhkgm9.default\Extensions\exif_viewer@mozilla.doslash.org.xpi [2016-03-19] FF HKLM-x32\...\Firefox\Extensions: [{96D26B34-35E1-4ed2-AB54-138830AC8268}] - C:\Program Files (x86)\Cordial\Macros\Mozilla\correctionFirefox FF Extension: (Correction Cordial) - C:\Program Files (x86)\Cordial\Macros\Mozilla\correctionFirefox [2016-02-01] FF HKLM-x32\...\Thunderbird\Extensions: [{96D26B34-35E1-4ed2-AB54-138830AC8268}] - C:\Program Files (x86)\Cordial\Macros\Mozilla\correctionFirefox FF HKU\S-1-5-21-2036766668-3896712167-1855363723-11252\...\Firefox\Extensions: [{F74D5734-46F5-4B16-96F0-1E7FBF41B750}] - C:\Program Files (x86)\Lenovo\Password Manager\PWM Firefox Extension\2.0b12 FF Extension: (ThinkVantage Password Manager) - C:\Program Files (x86)\Lenovo\Password Manager\PWM Firefox Extension\2.0b12 [2015-11-20] [non signé] FF HKU\S-1-5-21-2036766668-3896712167-1855363723-11252\...\Firefox\Extensions: [{96D26B34-35E1-4ed2-AB54-138830AC8268}] - C:\Program Files (x86)\Cordial\Macros\Mozilla\correctionFirefox FF HKU\S-1-5-21-2036766668-3896712167-1855363723-11252\...\Thunderbird\Extensions: [{96D26B34-35E1-4ed2-AB54-138830AC8268}] - C:\Program Files (x86)\Cordial\Macros\Mozilla\correctionFirefox FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_27_0_0_170.dll [2017-10-16] () FF Plugin: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\npPDFXCviewNPPlugin.dll [2015-09-09] (Tracker Software Products (Canada) Ltd.) FF Plugin: @java.com/DTPlugin,version=10.79.2 -> C:\Windows\system32\npDeployJava1.dll [2016-01-13] (Oracle Corporation) FF Plugin: @java.com/JavaPlugin,version=10.79.2 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll [Pas de fichier] FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.50907.0\npctrl.dll [2017-05-03] ( Microsoft Corporation) FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation) FF Plugin: @tracker-software.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\npPDFXCviewNPPlugin.dll [2015-09-09] (Tracker Software Products (Canada) Ltd.) FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_27_0_0_170.dll [2017-10-16] () FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw_1220162.dll [2015-08-31] (Adobe Systems, Inc.) FF Plugin-x32: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll [2015-09-09] (Tracker Software Products (Canada) Ltd.) FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-07-26] (Intel Corporation) FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-07-26] (Intel Corporation) FF Plugin-x32: @java.com/DTPlugin,version=11.77.2 -> C:\Program Files (x86)\Java\jre1.8.0_77\bin\dtplugin\npDeployJava1.dll [2016-04-10] (Oracle Corporation) FF Plugin-x32: @java.com/JavaPlugin,version=11.77.2 -> C:\Program Files (x86)\Java\jre1.8.0_77\bin\plugin2\npjp2.dll [2016-04-10] (Oracle Corporation) FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.50907.0\npctrl.dll [2017-05-03] ( Microsoft Corporation) FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation) FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation) FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-04-29] (Google Inc.) FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-04-29] (Google Inc.) FF Plugin-x32: @tracker-software.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll [2015-09-09] (Tracker Software Products (Canada) Ltd.) FF Plugin-x32: @videolan.org/vlc,version=2.1.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2013-11-11] (VideoLAN) FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2013-09-05] (Adobe Systems Inc.) FF Plugin HKU\S-1-5-21-2036766668-3896712167-1855363723-11252: @citrixonline.com/appdetectorplugin -> C:\Users\jmschneider\AppData\Local\Citrix\Plugins\104\npappdetector.dll [2017-02-23] (Citrix Online) FF Plugin HKU\S-1-5-21-2036766668-3896712167-1855363723-11252: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll [2015-09-09] (Tracker Software Products (Canada) Ltd.) FF Plugin HKU\S-1-5-21-2036766668-3896712167-1855363723-11252: @radvision.com/ConfClient -> C:\Users\jmschneider\AppData\Local\Radvision\Installer\1.5.0.5\npclientinstmgr.dll [2015-09-21] (Avaya, Inc.) FF Plugin HKU\S-1-5-21-2036766668-3896712167-1855363723-11252: @tools.google.com/Google Update;version=3 -> C:\Users\jmschneider\AppData\Local\Google\Update\1.3.33.5\npGoogleUpdate3.dll [Pas de fichier] FF Plugin HKU\S-1-5-21-2036766668-3896712167-1855363723-11252: @tools.google.com/Google Update;version=9 -> C:\Users\jmschneider\AppData\Local\Google\Update\1.3.33.5\npGoogleUpdate3.dll [Pas de fichier] FF Plugin HKU\S-1-5-21-2036766668-3896712167-1855363723-11252: SkypePlugin -> C:\Users\jmschneider\AppData\Local\SkypePlugin\7.32.6.278\npGatewayNpapi.dll [2017-04-18] (Skype Technologies S.A.) FF Plugin HKU\S-1-5-21-2036766668-3896712167-1855363723-11252: SkypePlugin64 -> C:\Users\jmschneider\AppData\Local\SkypePlugin\7.32.6.278\npGatewayNpapi-x64.dll [2017-04-18] (Skype Technologies S.A.) FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npPDFXCviewNPPlugin.dll [2015-09-09] (Tracker Software Products (Canada) Ltd.) FF Plugin ProgramFiles/Appdata: C:\Users\jmschneider\AppData\Roaming\mozilla\plugins\npatgpc.dll [2017-03-06] (Cisco WebEx LLC) Chrome: ======= CHR DefaultProfile: Default CHR Profile: C:\Users\jmschneider\AppData\Local\Google\Chrome\User Data\Default [2017-10-17] CHR Extension: (Pas de nom) - C:\Users\jmschneider\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-10-13] CHR Extension: (Pas de nom) - C:\Users\jmschneider\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-10-25] CHR Extension: (Skype Calling) - C:\Users\jmschneider\AppData\Local\Google\Chrome\User Data\Default\Extensions\blakpkgjpemejpbmfiglncklihnhjkij [2017-07-08] CHR Extension: (Pas de nom) - C:\Users\jmschneider\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-10-25] CHR Extension: (Pas de nom) - C:\Users\jmschneider\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-10-27] CHR Extension: (Pas de nom) - C:\Users\jmschneider\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-03-16] CHR Extension: (Pas de nom) - C:\Users\jmschneider\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdgloanjhdcenjgiafkpbehddcnonlic [2017-09-30] CHR Extension: (Pas de nom) - C:\Users\jmschneider\AppData\Local\Google\Chrome\User Data\Default\Extensions\jlhmfgmfgeifomenelglieieghnjghma [2017-07-16] CHR Extension: (Chrome Web Store Payments) - C:\Users\jmschneider\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-08-22] CHR Extension: (Visualping) - C:\Users\jmschneider\AppData\Local\Google\Chrome\User Data\Default\Extensions\pemhgklkefakciniebenbfclihhmmfcd [2017-08-21] CHR Extension: (Pas de nom) - C:\Users\jmschneider\AppData\Local\Google\Chrome\User Data\Default\Extensions\pioclpoplcdbaefihamjohnefbikjilc [2017-09-11] CHR Extension: (Pas de nom) - C:\Users\jmschneider\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-10-25] CHR HKLM-x32\...\Chrome\Extension: [lpdfbkehegfmedglgemnhbnpmfmioggj] - hxxps://clients2.google.com/service/update2/crx CHR crx: C:\Program Files (x86)\Google\Chrome\Application\47.0.2526.80\default_apps\search.crx [2015-12-04] CHR crx: C:\Program Files (x86)\Google\Chrome\Application\31.0.1650.59\default_apps\search.crx [2013-11-14] ==================== Services (Avec liste blanche) ==================== (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.) R2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [2257016 2017-08-23] (Adobe Systems, Incorporated) S2 dbupdate; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2017-09-26] (Dropbox, Inc.) S3 dbupdatem; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2017-09-26] (Dropbox, Inc.) R2 DbxSvc; C:\Windows\system32\DbxSvc.exe [51016 2017-10-03] (Dropbox, Inc.) S3 DozeSvc; C:\Program Files (x86)\ThinkPad\Utilities\DZSVC64.EXE [326160 2016-04-14] (Lenovo.) R2 dsNcService; C:\Program Files (x86)\Pulse Secure\Common Files\dsNcService.exe [690128 2017-03-03] (Pulse Secure, LLC) S3 DWMRCS; C:\Windows\SysWOW64\DWRCS.exe [241688 2010-04-07] (DameWare Development LLC) R2 EMP_MPENSV; C:\Program Files\EPSON Projector\EasyMP Multi PC Projection\EMP_MPENSV.exe [238120 2015-12-03] (SEIKO EPSON CORPORATION) R2 EMP_NSWLSV; C:\Program Files (x86)\EPSON Projector\EasyMP Network Projection V2\EMP_NSWLSV.exe [147968 2015-11-04] (SEIKO EPSON CORPORATION) [Fichier non signé] R2 ExpressCache; C:\Program Files\Condusiv Technologies\ExpressCache\ExpressCache.exe [107792 2013-07-03] (Condusiv Technologies) R2 FastbootService; C:\Program Files (x86)\Lenovo\RapidBoot HDD Accelerator\FBService.exe [160048 2012-11-21] (Lenovo) R2 Garmin Device Interaction Service; C:\Program Files (x86)\Garmin\Device Interaction Service\GarminService.exe [1099280 2017-03-28] (Garmin Ltd. or its subsidiaries) S3 IBM Notes Diagnostics; C:\Lotus\notes\nsd.exe [5164136 2013-10-15] (IBM) S2 iBtSiva; C:\Program Files (x86)\Intel\Bluetooth\ibtsiva.exe [130664 2015-03-12] (Intel Corporation) S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe [69632 2005-11-14] (Macrovision Corporation) [Fichier non signé] S3 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe [344168 2015-03-10] (Intel Corporation) S3 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [733696 2013-05-11] (Intel(R) Corporation) [Fichier non signé] S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [822232 2013-05-11] (Intel(R) Corporation) R2 IpOverUsbSvc; C:\Program Files (x86)\Common Files\Microsoft Shared\Phone Tools\CoreCon\11.0\bin\IpOverUsbSvc.exe [21312 2017-03-30] (Microsoft Corporation) S3 ISCTAgent; C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe [182760 2013-04-15] () S3 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-07-26] (Intel Corporation) R2 LENOVO.TVTVCAM; C:\Program Files\Lenovo\Communications Utility\vcamsvc.exe [169176 2017-05-12] (Lenovo Group Limited) R2 Lenovo.VIRTSCRLSVC; C:\Program Files\LENOVO\VIRTSCRL\lvvsst.exe [114632 2015-07-13] (Lenovo Group Limited) R2 LNSUSvc; C:\Lotus\notes\SUService.exe [1654376 2013-10-15] (IBM Corp) S3 lnvDiscoveryWinSvc; C:\Program Files\Lenovo\Lenovo Peer Connect\LenovoDiscoverySvc.exe [21552 2014-02-21] (Lenovo) S2 LPlatSvc; C:\Windows\system32\LPlatSvc.exe [710144 2016-09-06] (Lenovo.) S3 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1871160 2015-06-18] (Malwarebytes Corporation) S3 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1133880 2015-06-18] (Malwarebytes Corporation) S3 Multi-user Cleanup Service; C:\Lotus\notes\ntmulti.exe [38504 2013-10-15] (IBM Corp) S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [268704 2016-06-23] () R2 ntrtscan; C:\Program Files (x86)\Trend Micro\OfficeScan Client\ntrtscan.exe [7535568 2016-10-05] (Trend Micro Inc.) R2 PulseSecureService; C:\Program Files (x86)\Common Files\Pulse Secure\JUNS\PulseSecureService.exe [182232 2017-02-22] (Pulse Secure, LLC) S3 QuickControlMasterSvc; C:\Program Files (x86)\Lenovo\QuickControl\QuickControlMasterSvc.exe [61232 2014-12-05] (Lenovo Group Limited) S3 QuickControlService; C:\Program Files (x86)\Lenovo\QuickControl\QuickControlService.exe [317224 2014-12-05] (Lenovo Group Limited) R3 SUService; C:\Program Files (x86)\Lenovo\System Update\SUService.exe [23928 2017-08-16] () S3 SystemExplorerHelpService; C:\Program Files (x86)\System Explorer\service\SystemExplorerService64.exe [820960 2014-12-20] (Mister Group) S3 Te.Service; C:\Program Files (x86)\Windows Kits\10\Testing\Runtimes\TAEF\Wex.Services.exe [185344 2017-02-13] (Microsoft Corporation) [Fichier non signé] R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [10803440 2017-08-29] (TeamViewer GmbH) R3 TMBMServer; C:\Program Files (x86)\Trend Micro\BM\TMBMSRV.exe [594432 2016-10-03] (Trend Micro Inc.) R3 tmccsf; C:\Program Files (x86)\Trend Micro\OfficeScan Client\CCSF\tmccsf.exe [1501952 2016-10-05] (Trend Micro Inc.) R2 tmlisten; C:\Program Files (x86)\Trend Micro\OfficeScan Client\tmlisten.exe [5614096 2016-10-05] (Trend Micro Inc.) R2 valWBFPolicyService; C:\Windows\system32\valWBFPolicyService.exe [88400 2015-12-06] (Synaptics Incorporated) S3 VSStandardCollectorService140; C:\Program Files (x86)\Microsoft Visual Studio 14.0\Team Tools\DiagnosticsHub\Collector\StandardCollector.Service.exe [56552 2016-03-22] (Microsoft Corporation) S3 VSStandardCollectorService150; C:\Program Files (x86)\Microsoft Visual Studio\Shared\Common\DiagnosticsHub.Collection.Service\StandardCollector.Service.exe [128232 2017-02-08] (Microsoft Corporation) R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-12-05] (Microsoft Corporation) R2 WsAppService; C:\Program Files (x86)\Wondershare\WAF\2.4.2.222\WsAppService.exe [474768 2017-03-01] (Wondershare) S3 WsDrvInst; C:\Program Files (x86)\Wondershare\MirrorGo\DriverInstall.exe [111328 2017-05-05] (Wondershare) R2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [3732896 2016-06-23] (Intel® Corporation) S3 rpcapd; "%ProgramFiles(x86)%\WinPcap\rpcapd.exe" -d -f "%ProgramFiles(x86)%\WinPcap\rpcapd.ini" [X] ===================== Pilotes (Avec liste blanche) ====================== (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.) S3 btmaudio; C:\Windows\System32\drivers\btmaud.sys [87864 2014-11-05] (Motorola Solutions, Inc.) S3 btmaux; C:\Windows\System32\DRIVERS\btmaux.sys [141624 2014-10-28] (Motorola Solutions, Inc.) S3 btmhsf; C:\Windows\System32\DRIVERS\btmhsf.sys [1448248 2014-11-26] (Motorola Solutions, Inc.) R1 dwvkbd; C:\Windows\System32\DRIVERS\dwvkbd64.sys [30720 2007-02-15] (DameWare) R3 e1dexpress; C:\Windows\System32\DRIVERS\e1d62x64.sys [378136 2015-03-24] (Intel Corporation) R3 empvhid; C:\Windows\System32\DRIVERS\EMP_VHID.sys [29688 2015-12-03] (Windows (R) Win 7 DDK provider) R3 EMP_MIRRMPP; C:\Windows\System32\DRIVERS\EMP_MirrMPP.sys [5632 2015-12-03] (Windows (R) Codename Longhorn DDK provider) R3 EMP_MIRRNP; C:\Windows\System32\DRIVERS\EMP_MirrNP.sys [5632 2015-11-04] (Windows (R) Codename Longhorn DDK provider) R3 EPPVAD2_simple; C:\Windows\System32\drivers\EMP_NSAU.sys [23040 2015-11-04] (SEIKO EPSON CORPORATION) R3 EPPVADMP_simple; C:\Windows\System32\drivers\EMP_MPAU.sys [23040 2015-12-03] (SEIKO EPSON CORPORATION) R1 excfs; C:\Windows\System32\DRIVERS\excfs.sys [25872 2013-07-03] (Condusiv Technologies) R0 excsd; C:\Windows\System32\DRIVERS\excsd.sys [112912 2013-07-03] (Condusiv Technologies) S3 Fastboot; C:\Windows\System32\DRIVERS\Fastboot.sys [71472 2012-11-21] (Windows (R) Win 7 DDK provider) S3 fcdabus; C:\Windows\System32\DRIVERS\fcdabus.sys [24592 2008-10-29] (FarStone Inc.) R0 fvxscsi; C:\Windows\System32\DRIVERS\fvxscsi.sys [93896 2013-08-22] (FarStone Inc.) R0 iaStorF; C:\Windows\System32\DRIVERS\iaStorF.sys [28008 2013-11-16] (Intel Corporation) S3 ibtusb; C:\Windows\System32\DRIVERS\ibtusb.sys [246512 2015-01-22] (Intel Corporation) R3 ikbevent; C:\Windows\System32\DRIVERS\ikbevent.sys [21048 2013-04-15] () R3 imsevent; C:\Windows\System32\DRIVERS\imsevent.sys [21048 2013-04-15] () S3 ISCT; C:\Windows\System32\DRIVERS\ISCTD64.sys [46568 2013-04-15] () S3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2015-06-18] (Malwarebytes Corporation) S3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [113880 2015-09-30] (Malwarebytes Corporation) S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2015-06-18] (Malwarebytes Corporation) R3 MEIx64; C:\Windows\System32\DRIVERS\TeeDriverx64.sys [99288 2013-07-26] (Intel Corporation) R3 NETwNs64; C:\Windows\System32\DRIVERS\NETwsw02.sys [3426576 2016-05-03] (Intel Corporation) R2 npf; C:\Windows\System32\drivers\npf.sys [35344 2011-02-11] (CACE Technologies, Inc.) R1 OMNISMI; C:\Windows\SysWOW64\drivers\omnismi.sys [14776 2013-08-05] () S3 pmxdrv; C:\Windows\system32\drivers\pmxdrv.sys [31152 2017-10-16] () S3 rt70x64; C:\Windows\System32\DRIVERS\netr7064.sys [388448 2010-04-27] (Ralink Technology Corp.) R3 RTSPER; C:\Windows\System32\DRIVERS\RtsPer.sys [423128 2013-07-24] (Realsil Semiconductor Corporation) R3 SmbDrvI; C:\Windows\System32\DRIVERS\Smb_driver_Intel.sys [32936 2015-02-05] (Synaptics Incorporated) R3 SPUVCbv; C:\Windows\System32\Drivers\SPUVCbv_x64.sys [682272 2014-09-04] (Sunplus) R0 tib; C:\Windows\System32\DRIVERS\tib.sys [1120032 2015-10-22] (Acronis International GmbH) R0 tib_mounter; C:\Windows\System32\DRIVERS\tib_mounter.sys [198432 2015-10-22] (Acronis International GmbH) R2 tmactmon; C:\Windows\System32\DRIVERS\tmactmon.sys [129752 2016-09-29] (Trend Micro Inc.) R1 tmcomm; C:\Windows\System32\DRIVERS\tmcomm.sys [435424 2016-09-29] (Trend Micro Inc.) R0 TMEBC; C:\Windows\System32\DRIVERS\TMEBC64.sys [72504 2016-04-21] (Trend Micro Inc.) R3 tmeevw; C:\Windows\System32\DRIVERS\tmeevw.sys [143072 2016-07-15] (Trend Micro Inc.) R2 tmevtmgr; C:\Windows\System32\DRIVERS\tmevtmgr.sys [91872 2016-09-29] (Trend Micro Inc.) R2 TmFilter; C:\Program Files (x86)\Trend Micro\OfficeScan Client\TmXPFlt.sys [393944 2017-03-21] (Trend Micro Inc.) R3 tmnciesc; C:\Windows\System32\DRIVERS\tmnciesc.sys [561952 2016-06-24] (Trend Micro Inc.) R2 TmPreFilter; C:\Program Files (x86)\Trend Micro\OfficeScan Client\TmPreFlt.sys [66776 2017-03-21] (Trend Micro Inc.) R1 tmumh; C:\Windows\System32\DRIVERS\TMUMH.sys [111840 2016-10-03] (Trend Micro Inc.) S3 tmusa; C:\Windows\System32\DRIVERS\tmusa.sys [131808 2016-07-15] (Trend Micro Inc.) R3 tvtvcamd; C:\Windows\System32\DRIVERS\tvtvcamd.sys [27432 2011-12-08] (ThinkVantage Communications Utility) R3 usb3Hub; C:\Windows\System32\DRIVERS\usb3Hub.sys [206744 2013-06-20] (Windows (R) Win 7 DDK provider) S3 usbohci; C:\Windows\system32\drivers\usbohci.sys [25600 2013-12-05] (Microsoft Corporation) [Fichier non signé] S3 usbuhci; C:\Windows\system32\drivers\usbuhci.sys [30720 2013-12-05] (Microsoft Corporation) [Fichier non signé] R0 vidsflt; C:\Windows\System32\DRIVERS\vidsflt.sys [117024 2015-10-22] (Acronis International GmbH) S3 vl810filter; C:\Windows\System32\DRIVERS\vl810filter.sys [17008 2011-11-17] (VIA Labs, Inc.) R2 VSApiNt; C:\Program Files (x86)\Trend Micro\OfficeScan Client\VSApiNt.sys [2621144 2017-03-21] (Trend Micro Inc.) S3 VSPerfDrv150; C:\Program Files (x86)\Microsoft Visual Studio\Shared\Common\VSPerfCollectionTools\VSPerfDrv150.sys [79528 2016-03-02] (Microsoft Corporation) S3 WPRO_41_2001; C:\Windows\System32\drivers\WPRO_41_2001.sys [34752 2014-03-20] () ==================== NetSvcs (Avec liste blanche) =================== (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.) ==================== Un mois - Créés - fichiers et dossiers ======== (Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.) 2017-10-17 16:49 - 2017-10-17 16:50 - 000036948 _____ C:\Users\jmschneider\Desktop\FRST.txt 2017-10-17 16:48 - 2017-10-17 16:49 - 000000000 ____D C:\FRST 2017-10-17 16:47 - 2017-10-17 16:47 - 002401792 _____ (Farbar) C:\Users\jmschneider\Desktop\FRST64.exe 2017-10-17 16:36 - 2017-10-17 16:36 - 000000000 ____D C:\Users\jmschneider\AppData\Roaming\smkits 2017-10-17 15:38 - 2017-10-17 15:40 - 000000000 ____D C:\AdwCleaner 2017-10-17 15:36 - 2017-10-17 15:37 - 008250832 _____ (Malwarebytes) C:\Users\jmschneider\Desktop\adwcleaner_7.0.3.1.exe 2017-10-17 15:08 - 2017-10-17 15:10 - 000010754 _____ C:\Users\jmschneider\Desktop\ZHPCleaner.txt 2017-10-17 14:46 - 2017-10-17 14:46 - 000000910 _____ C:\Users\jmschneider\Desktop\ZHPCleaner.lnk 2017-10-17 14:46 - 2017-10-17 14:45 - 002946944 _____ C:\Users\jmschneider\Desktop\zhpcleaner_2017.10.10.179.exe 2017-10-17 14:45 - 2017-10-17 14:45 - 002946944 _____ C:\Users\jmschneider\Downloads\zhpcleaner_2017.10.10.179.exe 2017-10-17 14:09 - 2017-10-17 15:55 - 000271846 _____ C:\Users\jmschneider\Desktop\ZHPDiag.txt 2017-10-17 13:59 - 2017-10-17 14:46 - 000000000 ____D C:\Users\jmschneider\AppData\Local\ZHP 2017-10-17 13:59 - 2017-10-17 13:59 - 000000799 _____ C:\Users\jmschneider\Desktop\ZHPDiag.lnk 2017-10-17 13:58 - 2017-10-17 13:58 - 002900480 _____ C:\Users\jmschneider\Desktop\zhpdiag_v2017.10.9.179.exe 2017-10-15 16:08 - 2017-10-15 16:08 - 000110336 _____ (DEVGURU Co., LTD.(www.devguru.co.kr)) C:\Windows\system32\Drivers\ssudbus.sys 2017-10-15 15:52 - 2017-10-15 15:52 - 001018864 _____ C:\Users\jmschneider\Downloads\mirror_go_setup_full1906.exe 2017-10-15 15:52 - 2017-10-15 15:52 - 000001174 _____ C:\Users\Public\Desktop\Wondershare MirrorGo.lnk 2017-10-15 15:52 - 2017-10-15 15:52 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wondershare 2017-10-15 09:13 - 2017-10-15 09:13 - 000000000 ____D C:\Users\jmschneider\Documents\Apowersoft 2017-10-15 09:12 - 2017-10-15 09:12 - 000000000 ____D C:\Users\jmschneider\AppData\Roaming\Apowersoft 2017-10-15 09:12 - 2017-10-15 09:12 - 000000000 ____D C:\Program Files\Bonjour 2017-10-15 09:12 - 2017-10-15 09:12 - 000000000 ____D C:\Program Files (x86)\Bonjour 2017-10-15 09:11 - 2017-10-15 09:11 - 070580136 _____ (APOWERSOFT LIMITED ) C:\Users\jmschneider\Downloads\apowermirror.exe 2017-10-14 12:06 - 2017-10-14 12:06 - 000000000 ____D C:\Users\jmschneider\AppData\Local\Notepad++ 2017-10-14 12:06 - 2017-10-14 12:06 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Notepad++ 2017-10-13 20:37 - 2017-10-13 20:37 - 015756368 _____ (TeamViewer GmbH) C:\Users\jmschneider\Downloads\TeamViewer_Setup.exe 2017-10-13 18:50 - 2017-10-13 18:50 - 000543664 _____ () C:\Users\jmschneider\Downloads\setup (2).exe 2017-10-13 13:19 - 2017-10-13 13:19 - 000000605 _____ C:\Users\jmschneider\Desktop\Centre de support Waldata.lnk 2017-10-11 17:06 - 2017-10-16 11:44 - 000001940 _____ C:\Users\jmschneider\Desktop\PCV.lnk 2017-10-11 08:55 - 2017-10-11 08:55 - 000227710 _____ C:\Users\jmschneider\Downloads\11792456_20171011_065336_734.pdf 2017-10-05 19:08 - 2017-10-05 19:08 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox 2017-10-04 19:01 - 2017-10-04 19:01 - 212495067 _____ C:\Users\jmschneider\Downloads\DataBase.fcx 2017-10-04 16:16 - 2017-10-04 16:16 - 001428243 _____ C:\Users\jmschneider\Downloads\file__916299776.pdf 2017-10-04 16:11 - 2017-10-04 16:11 - 213710261 _____ C:\Users\jmschneider\Downloads\DataBase.exe 2017-10-03 12:21 - 2017-10-03 12:21 - 000051016 _____ (Dropbox, Inc.) C:\Windows\system32\DbxSvc.exe 2017-10-03 12:21 - 2017-10-03 12:21 - 000045672 _____ (Dropbox, Inc.) C:\Windows\system32\Drivers\dbx-dev.sys 2017-10-03 12:21 - 2017-10-03 12:21 - 000045640 _____ (Dropbox, Inc.) C:\Windows\system32\Drivers\dbx-stable.sys 2017-10-03 12:21 - 2017-10-03 12:21 - 000045640 _____ (Dropbox, Inc.) C:\Windows\system32\Drivers\dbx-canary.sys 2017-10-02 20:18 - 2017-10-02 20:18 - 000298305 _____ C:\Users\jmschneider\Documents\Scan0001.pdf 2017-10-01 12:01 - 2017-10-01 12:01 - 001391469 _____ C:\Users\jmschneider\Downloads\file__1202379258.pdf 2017-09-30 16:42 - 2017-09-30 16:42 - 000000000 ____D C:\Users\jmschneider\AppData\Roaming\Google 2017-09-30 16:39 - 2017-09-30 16:39 - 001130328 _____ (Google Inc.) C:\Users\jmschneider\Downloads\ChromeSetup (2).exe 2017-09-30 16:37 - 2017-09-30 16:37 - 000002443 _____ C:\Users\jmschneider\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome Canary.lnk 2017-09-30 16:36 - 2017-09-30 16:36 - 001130328 _____ (Google Inc.) C:\Users\jmschneider\Downloads\ChromeSetup (1).exe 2017-09-30 16:36 - 2017-09-30 16:36 - 000003692 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2036766668-3896712167-1855363723-11252UA 2017-09-30 16:36 - 2017-09-30 16:36 - 000003420 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2036766668-3896712167-1855363723-11252Core 2017-09-29 19:54 - 2017-09-29 19:55 - 004864846 _____ C:\Users\jmschneider\Downloads\file__1458664100.pdf 2017-09-27 18:36 - 2017-09-27 18:42 - 000000000 ____D C:\Program Files\MacroCreator 2017-09-27 18:34 - 2017-09-27 18:34 - 003382733 _____ (Rodolfo U. Batista ) C:\Users\jmschneider\Downloads\MacroCreator-setup.exe 2017-09-27 18:24 - 2017-09-27 18:24 - 003041687 _____ C:\Users\jmschneider\Downloads\AutoHotkey_2.0-a081-cad307c.zip 2017-09-27 10:53 - 2017-09-27 18:29 - 000000000 ____D C:\Users\jmschneider\Desktop\AutoKey 2017-09-27 07:40 - 2017-09-27 07:40 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AutoHotkey 2017-09-26 20:55 - 2017-09-26 20:55 - 004433060 _____ C:\Users\jmschneider\Downloads\AutoHotkey_1.1.26.01.zip 2017-09-26 20:37 - 2017-09-26 20:38 - 038142423 _____ C:\Users\jmschneider\Downloads\actionaz-3.8.0-win64.7z 2017-09-26 19:58 - 2017-09-26 19:58 - 000664931 _____ C:\Users\jmschneider\Downloads\WinParrot_FR.zip 2017-09-26 09:28 - 2017-10-08 10:47 - 000000000 ___RD C:\Users\jmschneider\Dropbox 2017-09-26 09:24 - 2017-10-05 19:08 - 000000000 ____D C:\Program Files (x86)\Dropbox 2017-09-26 09:24 - 2017-09-27 19:11 - 000000000 ____D C:\Users\jmschneider\AppData\Local\Dropbox 2017-09-26 09:24 - 2017-09-26 09:24 - 000000000 ____D C:\Users\jmschneider\AppData\Roaming\Dropbox 2017-09-26 09:24 - 2017-09-26 09:24 - 000000000 ____D C:\ProgramData\Dropbox 2017-09-26 09:23 - 2017-09-26 09:24 - 000690080 _____ (Dropbox, Inc.) C:\Users\jmschneider\Downloads\DropboxInstaller.exe 2017-09-24 13:22 - 2017-09-24 13:22 - 000922825 _____ C:\Users\jmschneider\Downloads\file__1676267122.pdf 2017-09-22 18:08 - 2017-09-22 18:08 - 000000000 ____D C:\Users\jmschneider\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Waldata 2017-09-22 18:07 - 2017-09-28 18:51 - 000000000 ____D C:\WALDATA 2017-09-22 16:58 - 2017-09-22 17:07 - 136542955 _____ (Waldata) C:\Users\jmschneider\Downloads\internet_walmastertrader.exe 2017-09-22 14:18 - 2017-09-22 14:18 - 000000982 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 12.lnk 2017-09-18 18:34 - 2017-09-18 18:39 - 000687616 _____ C:\Users\jmschneider\Downloads\Solvent_switch (3).XLs 2017-09-18 18:34 - 2017-09-18 18:34 - 000353792 _____ C:\Users\jmschneider\Downloads\Solvent_Switch_Immiscible.XLs ==================== Un mois - Modifiés - fichiers et dossiers ======== (Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.) 2017-10-17 16:50 - 2015-03-27 11:45 - 000000472 _____ C:\Windows\system32\config\netlogon.ftl 2017-10-17 16:26 - 2015-09-10 13:40 - 000000000 ____D C:\Users\jmschneider\AppData\Local\Deployment 2017-10-17 16:18 - 2017-02-23 12:50 - 000000570 _____ C:\Windows\Tasks\G2MUpdateTask-S-1-5-21-2036766668-3896712167-1855363723-11252.job 2017-10-17 16:12 - 2013-12-05 09:39 - 002076692 _____ C:\Windows\system32\perfh00C.dat 2017-10-17 16:12 - 2013-12-05 09:39 - 000598076 _____ C:\Windows\system32\perfc00C.dat 2017-10-17 16:12 - 2009-07-14 07:13 - 000006436 _____ C:\Windows\system32\PerfStringBackup.INI 2017-10-17 15:51 - 2009-07-14 06:45 - 000034208 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 2017-10-17 15:51 - 2009-07-14 06:45 - 000034208 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 2017-10-17 15:47 - 2016-03-13 19:29 - 000000000 ____D C:\Users\jmschneider\AppData\Roaming\ZHP 2017-10-17 15:46 - 2016-04-07 09:38 - 000000558 ____H C:\Windows\Tasks\MATLAB R2016a Startup Accelerator.job 2017-10-17 15:46 - 2015-07-21 09:41 - 000000558 _____ C:\Windows\Tasks\MATLAB R2015a Startup Accelerator.job 2017-10-17 15:46 - 2015-03-30 12:29 - 000014186 _____ C:\Windows\cfgall.ini 2017-10-17 15:44 - 2017-04-10 08:43 - 000000224 _____ C:\Windows\Tasks\Lenovo Active Protection System.job 2017-10-17 15:44 - 2016-06-21 09:35 - 000000000 ____D C:\Users\jmschneider\AppData\Roaming\Skype 2017-10-17 15:42 - 2015-09-17 13:11 - 000000000 ____D C:\ProgramData\Synaptics 2017-10-17 15:42 - 2009-07-14 07:08 - 000000006 ____H C:\Windows\Tasks\SA.DAT 2017-10-17 15:16 - 2015-07-23 09:11 - 000000000 ____D C:\Users\jmschneider\Documents\TEMP 2017-10-17 15:11 - 2015-07-20 12:48 - 000000000 ____D C:\Users\jmschneider 2017-10-17 12:33 - 2015-07-20 12:48 - 000001994 __RSH C:\Users\jmschneider\ntuser.pol 2017-10-17 09:26 - 2013-12-18 14:27 - 000000000 ____D C:\Program Files (x86)\TeamViewer 2017-10-16 14:49 - 2017-04-21 09:48 - 000004650 _____ C:\Windows\System32\Tasks\Adobe Flash Player PPAPI Notifier 2017-10-16 14:49 - 2017-04-21 09:48 - 000004496 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater 2017-10-16 14:49 - 2013-12-18 14:23 - 000803328 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe 2017-10-16 14:49 - 2013-12-18 14:23 - 000144896 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl 2017-10-16 14:49 - 2013-12-18 14:23 - 000000000 ____D C:\Windows\SysWOW64\Macromed 2017-10-16 14:49 - 2013-12-18 14:23 - 000000000 ____D C:\Windows\system32\Macromed 2017-10-16 08:50 - 2017-06-05 07:50 - 000031152 _____ C:\Windows\system32\Drivers\pmxdrv.sys 2017-10-15 16:08 - 2009-07-14 05:20 - 000000000 ____D C:\Windows\inf 2017-10-15 15:52 - 2017-05-10 18:24 - 000000000 ____D C:\Users\jmschneider\AppData\Roaming\Wondershare 2017-10-15 15:52 - 2017-05-10 18:24 - 000000000 ____D C:\Users\jmschneider\.android 2017-10-15 15:52 - 2017-05-10 18:24 - 000000000 ____D C:\Program Files (x86)\Wondershare 2017-10-15 15:52 - 2017-05-10 18:22 - 000000000 ____D C:\Users\Public\Documents\Wondershare 2017-10-14 12:06 - 2015-07-20 13:58 - 000000000 ____D C:\Users\jmschneider\AppData\Roaming\Notepad++ 2017-10-14 12:06 - 2013-12-18 16:40 - 000000000 ____D C:\Program Files (x86)\Notepad++ 2017-10-13 18:02 - 2015-07-23 08:57 - 000002332 ____H C:\Users\jmschneider\Documents\Default.rdp 2017-10-13 14:33 - 2017-07-08 08:43 - 000000000 ____D C:\Users\jmschneider\AppData\Local\GoToMeeting 2017-10-13 14:33 - 2017-02-23 12:50 - 000003600 _____ C:\Windows\System32\Tasks\G2MUpdateTask-S-1-5-21-2036766668-3896712167-1855363723-11252 2017-10-12 08:16 - 2015-03-27 11:47 - 000010659 __RSH C:\ProgramData\ntuser.pol 2017-10-10 22:06 - 2015-07-25 19:56 - 000000000 ____D C:\ProgramData\CompeGPS 2017-10-08 17:31 - 2015-08-05 21:59 - 000000000 ____D C:\Users\jmschneider\AppData\Roaming\vlc 2017-10-04 23:53 - 2016-04-23 08:50 - 000000000 ____D C:\WINDDK 2017-09-30 16:49 - 2015-07-21 08:22 - 000000000 ____D C:\Users\jmschneider\AppData\Local\Google 2017-09-27 08:50 - 2015-09-12 14:18 - 000007625 _____ C:\Users\jmschneider\AppData\Local\Resmon.ResmonCfg 2017-09-27 07:40 - 2017-05-02 22:05 - 000000000 ____D C:\Program Files\AutoHotkey 2017-09-27 07:40 - 2015-03-30 13:32 - 000000000 ____D C:\Windows\SHELLNEW 2017-09-26 18:06 - 2017-03-19 23:43 - 000000000 ____D C:\Users\jmschneider\.Synkron 2017-09-26 14:27 - 2016-04-25 10:57 - 000000000 ____D C:\Users\jmschneider\Documents\Visual Studio 2015 2017-09-26 09:36 - 2015-11-08 00:28 - 000000600 _____ C:\Users\jmschneider\AppData\Local\PUTTY.RND 2017-09-25 08:17 - 2009-07-14 07:08 - 000032496 _____ C:\Windows\Tasks\SCHEDLGU.TXT 2017-09-25 08:17 - 2009-07-14 06:45 - 000418688 _____ C:\Windows\system32\FNTCACHE.DAT 2017-09-22 18:08 - 2015-07-20 12:49 - 000112304 _____ C:\Users\jmschneider\AppData\Local\GDIPFONTCACHEV1.DAT 2017-09-18 18:23 - 2017-07-11 17:54 - 000686592 _____ C:\Users\jmschneider\Downloads\Solvent_switch (2).XLs ==================== Fichiers à la racine de certains dossiers ======= 2017-03-27 11:34 - 2017-03-31 22:59 - 000000517 ____H () C:\Users\jmschneider\AppData\Roaming\basICColor.input5.lic 2017-03-27 11:35 - 2017-03-27 11:35 - 000000160 _____ () C:\Users\jmschneider\AppData\Roaming\basICColorLicenseFiles 2015-09-12 14:07 - 2015-09-12 14:07 - 000000019 _____ () C:\Users\jmschneider\AppData\Roaming\dll.bin 2015-11-08 00:28 - 2017-09-26 09:36 - 000000600 _____ () C:\Users\jmschneider\AppData\Local\PUTTY.RND 2016-12-28 11:18 - 2016-12-28 11:18 - 000002319 _____ () C:\Users\jmschneider\AppData\Local\recently-used.xbel 2015-09-12 14:18 - 2017-09-27 08:50 - 000007625 _____ () C:\Users\jmschneider\AppData\Local\Resmon.ResmonCfg 2016-12-12 14:48 - 2017-01-03 21:36 - 000080896 _____ () C:\Users\jmschneider\AppData\Local\WebpageIcons.db 2015-11-20 13:43 - 2015-11-20 13:45 - 000034450 _____ () C:\Users\jmschneider\AppData\Local\WiDiSetupLog.20151120.124347.wdl 2016-04-22 22:25 - 2016-04-22 22:25 - 000000041 ___SH () C:\ProgramData\.zreglib 2016-06-04 15:30 - 2016-06-04 15:30 - 000000057 _____ () C:\ProgramData\Ament.ini 2013-12-05 01:34 - 2013-12-05 01:34 - 000000000 ____H () C:\ProgramData\DP45977C.lfl Fichiers à déplacer ou supprimer: ==================== C:\Users\jmschneider\Partages.vbs Certains fichiers dans TEMP: ==================== 2016-10-13 16:16 - 2013-07-25 11:15 - 000026688 _____ (Foxit Corporation) C:\Users\jmschneider\AppData\Local\Temp\Checkupdate.exe 2017-04-14 08:52 - 2017-04-14 08:52 - 001927736 _____ () C:\Users\jmschneider\AppData\Local\Temp\dsHostCheckerSetup.exe 2017-03-03 13:50 - 2017-03-03 13:50 - 000252248 _____ (Pulse Secure, LLC) C:\Users\jmschneider\AppData\Local\Temp\dsInstallerClientLegacy.dll 2016-10-13 16:16 - 2013-08-02 19:17 - 008465984 _____ (Foxit Corporation) C:\Users\jmschneider\AppData\Local\Temp\Foxit Reader Updater.exe 2016-10-13 16:16 - 2013-06-09 22:59 - 000216064 _____ () C:\Users\jmschneider\AppData\Local\Temp\gcapi_dll.dll 2016-10-13 16:16 - 2013-06-10 00:38 - 000073408 _____ () C:\Users\jmschneider\AppData\Local\Temp\gtapi_signed.dll 2016-07-18 01:00 - 2016-07-18 01:00 - 000005632 _____ () C:\Users\jmschneider\AppData\Local\Temp\hwlzudir.dll 2017-05-09 12:21 - 2014-09-28 03:57 - 000910848 _____ () C:\Users\jmschneider\AppData\Local\Temp\InternalAHK.exe 2016-07-22 16:27 - 2016-07-22 16:27 - 000741440 _____ (Oracle Corporation) C:\Users\jmschneider\AppData\Local\Temp\jre-8u101-windows-au.exe 2017-01-20 17:27 - 2017-01-20 17:27 - 000739904 _____ (Oracle Corporation) C:\Users\jmschneider\AppData\Local\Temp\jre-8u121-windows-au.exe 2017-07-30 20:05 - 2017-07-30 20:05 - 000740416 _____ (Oracle Corporation) C:\Users\jmschneider\AppData\Local\Temp\jre-8u144-windows-au.exe 2016-03-24 13:51 - 2016-03-24 13:51 - 000736320 _____ (Oracle Corporation) C:\Users\jmschneider\AppData\Local\Temp\jre-8u77-windows-au.exe 2016-04-29 12:44 - 2016-04-29 12:45 - 000556646 _____ () C:\Users\jmschneider\AppData\Local\Temp\npp.6.9.1.Installer.exe 2017-10-14 12:06 - 2017-10-14 12:06 - 002885168 _____ () C:\Users\jmschneider\AppData\Local\Temp\npp.7.5.1.Installer.exe 2016-04-23 14:46 - 2016-04-23 14:46 - 000073544 _____ (Microsoft) C:\Users\jmschneider\AppData\Local\Temp\setup.exe 2016-11-09 10:17 - 2013-02-18 17:45 - 000073568 _____ (Testo AG) C:\Users\jmschneider\AppData\Local\Temp\TestoSetup.exe 2017-04-26 21:17 - 2017-04-26 21:17 - 013767776 _____ (Microsoft Corporation) C:\Users\jmschneider\AppData\Local\Temp\tmpD118.exe ==================== Bamital & volsnap ====================== (Il n'y a pas de correction automatique pour les fichiers qui ne satisfont pas à la vérification.) C:\Windows\system32\winlogon.exe => Le fichier est signé numériquement C:\Windows\system32\wininit.exe => Le fichier est signé numériquement C:\Windows\SysWOW64\wininit.exe => Le fichier est signé numériquement C:\Windows\explorer.exe => Le fichier est signé numériquement C:\Windows\SysWOW64\explorer.exe => Le fichier est signé numériquement C:\Windows\system32\svchost.exe => Le fichier est signé numériquement C:\Windows\SysWOW64\svchost.exe => Le fichier est signé numériquement C:\Windows\system32\services.exe => Le fichier est signé numériquement C:\Windows\system32\User32.dll => Le fichier est signé numériquement C:\Windows\SysWOW64\User32.dll => Le fichier est signé numériquement C:\Windows\system32\userinit.exe => Le fichier est signé numériquement C:\Windows\SysWOW64\userinit.exe => Le fichier est signé numériquement C:\Windows\system32\rpcss.dll => Le fichier est signé numériquement C:\Windows\system32\dnsapi.dll => Le fichier est signé numériquement C:\Windows\SysWOW64\dnsapi.dll => Le fichier est signé numériquement C:\Windows\system32\Drivers\volsnap.sys => Le fichier est signé numériquement LastRegBack: 2017-10-10 10:10 ==================== Fin de FRST.txt ============================