Résultats d'analyse de Farbar Recovery Scan Tool (FRST) (x64) Version: 12.05.2018
Exécuté par Boulanger (administrateur) sur ANGEL-HP (13-05-2018 19:45:15)
Exécuté depuis C:\Users\Angel\Desktop
Profils chargés: Boulanger (Profils disponibles: Boulanger & DefaultAppPool)
Platform: Windows 10 Home Version 1709 16299.371 (X64) Langue: Français (France)
Internet Explorer Version 11 (Navigateur par défaut: Chrome)
Mode d'amorçage: Normal
Tutoriel pour Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processus (Avec liste blanche) =================

(Si un élément est inclus dans le fichier fixlist.txt, le processus sera arrêté. Le fichier ne sera pas déplacé.)

(HP) C:\Program Files (x86)\HP SimplePass 2011\TrueSuiteService.exe
(AMD) C:\Windows\System32\atiesrxx.exe
(Hewlett-Packard Company) C:\Windows\System32\hpservice.exe
(Seiko Epson Corporation) C:\Windows\System32\escsvc64.exe
(Andrea Electronics Corporation) C:\Program Files\IDT\WDM\AESTSr64.exe
(Hewlett-Packard Company) C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe
(F-Secure Corporation) C:\Program Files (x86)\F-Secure\fshoster32.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Realsil Microelectronics Inc.) C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe
(Seiko Epson Corporation) C:\Program Files (x86)\epson\MyEpson Portal\mepService.exe
(F-Secure Corporation) C:\Program Files (x86)\F-Secure\fshoster32.exe
(pdfforge GmbH) C:\Program Files\PDF Architect 4\creator-ws.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe
() C:\Program Files (x86)\RIFT Technologies\InstallClick Connector\installclick.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\sqlservr.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE
(Microsoft Corporation) C:\Windows\System32\mqsvc.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
(DEVGURU Co., LTD.) C:\Program Files\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
(Western Digital Technologies, Inc.) C:\Program Files (x86)\Western Digital\WD Drive Manager\WDDriveService.exe
(HP Inc.) C:\Program Files\HP\HP Touchpoint Analytics Client\TouchpointAnalyticsClientService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
(F-Secure Corporation) C:\Program Files (x86)\F-Secure\apps\Ultralight\ulcore\1525688755\fsorsp64.exe
(F-Secure Corporation) C:\Program Files (x86)\F-Secure\apps\Ultralight\ulcore\1525688755\fshoster64.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe
(HP Inc.) C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe
(Microsoft Corporation) C:\Windows\WinSxS\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_10.0.16299.428_none_1704c21831ffb4a8\TiWorker.exe
() C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.1813.286.0_x64__kzf8qxf38zg5c\SkypeHost.exe
() C:\Program Files (x86)\RIFT Technologies\InstallClick Connector\installclick-connector.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(F-Secure Corporation) C:\Program Files (x86)\F-Secure\fshoster32.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Microsoft Corporation) C:\Windows\System32\smartscreen.exe

==================== Registre (Avec liste blanche) ===========================

(Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé. Le fichier ne sera pas déplacé.)

HKLM\...\Run: [SecurityHealth] => C:\Program Files\Windows Defender\MSASCuiL.exe [630168 2017-09-29] (Microsoft Corporation)
HKLM\...\Run: [SysTrayApp] => C:\Program Files\IDT\WDM\sttray64.exe [1128448 2011-03-11] (IDT, Inc.)
HKLM\...\Run: [IntelliType Pro] => C:\Program Files\Microsoft Device Center\itype.exe [1464928 2012-06-26] (Microsoft Corporation)
HKLM\...\Run: [IntelliPoint] => C:\Program Files\Microsoft Device Center\ipoint.exe [2004584 2012-06-26] (Microsoft Corporation)
HKLM\...\Run: [BTMTrayAgent] => rundll32.exe "C:\Program Files (x86)\Intel\Bluetooth\btmshell.dll",TrayApp
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [3954352 2016-04-28] (Synaptics Incorporated)
HKLM-x32\...\Run: [NUSB3MON] => C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe [113288 2013-06-29] (Renesas Electronics Corporation)
HKLM-x32\...\Run: [RemoteControl10] => C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe [87336 2010-02-03] (CyberLink Corp.)
HKLM-x32\...\Run: [BDRegion] => C:\Program Files (x86)\Cyberlink\Shared files\brs.exe [75048 2011-01-25] (cyberlink)
HKLM-x32\...\Run: [HP Quick Launch] => C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe [586296 2010-11-09] (Hewlett-Packard Development Company, L.P.)
HKLM-x32\...\Run: [Adobe Reader Speed Launcher] => C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe [38112 2012-12-18] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [946352 2012-12-03] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Easybits Recovery] => C:\Program Files (x86)\EasyBits For Kids\ezRecover.exe [61112 2011-03-16] (EasyBits Software AS)
HKLM-x32\...\Run: [BCSSync] => C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [89184 2012-11-05] (Microsoft Corporation)
HKLM-x32\...\Run: [Wheeler] => C:\Program Files (x86)\Wheeler\wheeler_run.exe [24064 2005-07-18] (Eluent Software, LLC)
HKLM-x32\...\Run: [Magic Desktop for HP notification] => C:\ProgramData\Easybits Magic Desktop for HP\mdhpSUN.exe [1243656 2013-12-06] (Easybits)
HKLM-x32\...\Run: [HPOSD] => C:\Program Files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe [379960 2011-08-19] (Hewlett-Packard Development Company, L.P.)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59240 2011-09-27] (Apple Inc.)
HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2011-10-24] (Apple Inc.)
HKLM-x32\...\Run: [WD Quick View] => C:\Program Files (x86)\Western Digital\WD Quick View\WDDMStatus.exe [5564784 2015-07-20] (Western Digital Technologies, Inc.)
HKLM-x32\...\Run: [EEventManager] => C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe [1087184 2016-01-20] (SEIKO EPSON CORPORATION)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [767176 2015-11-04] (Advanced Micro Devices, Inc.)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKLM\...\Policies\Explorer: [EnableShellExecuteHooks] 1
HKU\S-1-5-21-869892466-1310413750-2721537338-1000\...\Run: [OfficeSyncProcess] => C:\Program Files (x86)\Microsoft Office\Office14\MSOSYNC.EXE [721504 2015-09-02] (Microsoft Corporation)
HKU\S-1-5-21-869892466-1310413750-2721537338-1000\...\Run: [Screenpresso] => C:\Users\Boulanger\AppData\Local\Learnpulse\Screenpresso\Screenpresso.exe [13416512 2018-02-14] (Learnpulse)
HKU\S-1-5-21-869892466-1310413750-2721537338-1000\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [27021952 2016-10-17] (Skype Technologies S.A.)
HKU\S-1-5-21-869892466-1310413750-2721537338-1000\...\Run: [SideSync] => C:\Program Files (x86)\Samsung\SideSync4\SideSync.exe [12476064 2018-03-07] ()
HKU\S-1-5-21-869892466-1310413750-2721537338-1000\...\Run: [Piratrax] => C:\Program Files (x86)\Piratrax\piratrax_launch.exe [417544 2018-04-21] ()
HKU\S-1-5-21-869892466-1310413750-2721537338-1000\...\RunOnce: [Application Restart #5] => C:\Users\Boulanger\AppData\Local\SweetLabs App Platform\Engine\ServiceHostApp.exe [7875640 2015-10-30] (Pokki)
HKU\S-1-5-21-869892466-1310413750-2721537338-1000\...\RunOnce: [Application Restart #4] => C:\Users\Boulanger\AppData\Local\SweetLabs App Platform\Engine\ServiceHostApp.exe [7875640 2015-10-30] (Pokki)
HKU\S-1-5-21-869892466-1310413750-2721537338-1000\...\RunOnce: [Application Restart #2] => C:\Users\Boulanger\AppData\Local\SweetLabs App Platform\Engine\ServiceHostApp.exe [7875640 2015-10-30] (Pokki)
HKU\S-1-5-21-869892466-1310413750-2721537338-1000\...\RunOnce: [Application Restart #0] => C:\Users\Boulanger\AppData\Local\SweetLabs App Platform\Engine\ServiceHostApp.exe [7875640 2015-10-30] (Pokki)
HKU\S-1-5-21-869892466-1310413750-2721537338-1000\...\Policies\Explorer: [NoLowDiskSpaceChecks] 1
HKU\S-1-5-18\...\RunOnce: [Application Restart #1] => C:\Windows\System32\Magnify.exe [800768 2018-02-10] (Microsoft Corporation)
HKU\S-1-5-18\...\RunOnce: [Application Restart #0] => C:\Windows\System32\Magnify.exe [800768 2018-02-10] (Microsoft Corporation)
AppInit_DLLs: C:\PROGRA~2\SearchProtect\SearchProtect\bin\SPVC64Loader.dll => Pas de fichier
ShellExecuteHooks-x32: EasyBits ShellExecute Hook - {E54729E8-BB3D-4270-9D49-7389EA579090} - C:\Windows\SysWOW64\ezUPBHook.dll [52920 2011-06-21] (EasyBits Software Corp.)
Startup: C:\Users\Boulanger\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Angel_2014_4F.accdb [2014-07-07] ()
Startup: C:\Users\Boulanger\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2010 - Capture d’écran et lancement.lnk [2017-02-24]
ShortcutTarget: OneNote 2010 - Capture d’écran et lancement.lnk -> C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE (Microsoft Corporation)

==================== Internet (Avec liste blanche) ====================

(Si un élément est inclus dans le fichier fixlist.txt, s'il s'agit d'un élément du Registre, il sera supprimé ou restauré à la valeur par défaut.)

Tcpip\Parameters: [DhcpNameServer] 192.168.0.254
Tcpip\..\Interfaces\{2c8ed688-45ed-4374-a640-6705b1b1a0ed}: [DhcpNameServer] 192.168.0.254

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Local Page =
HKU\S-1-5-21-869892466-1310413750-2721537338-1000\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-869892466-1310413750-2721537338-1000\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://home.microsoft.com/access/allinone.asp
URLSearchHook: HKLM-x32 - (Pas de nom) - {ebd898f8-fcf6-4694-bc3b-eabc7271eeb1} - Pas de fichier
URLSearchHook: HKLM-x32 - (Pas de nom) - {af60a4bd-4236-4fcf-802a-d9115bc85e6a} - Pas de fichier
URLSearchHook: HKU\S-1-5-21-869892466-1310413750-2721537338-1000 - (Pas de nom) - {84FF7BD6-B47F-46F8-9130-01B2696B36CB} - Pas de fichier
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=HPNTDF&pc=HPNTDF&src=IE-SearchBox
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=HPNTDF&pc=HPNTDF&src=IE-SearchBox
SearchScopes: HKLM -> {2fa28606-de77-4029-af96-b231e3b8f827} URL = hxxp://eu.ask.com/web?q={searchterms}&l=dis&o=HPNTDF
SearchScopes: HKLM -> {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = hxxp://start.mysearchdial.com/results.php?f=4&q={searchTerms}&a=telemsd1103&cd=2XzuyEtN2Y1L1Qzu0A0CyBtBzzzy0ByCtAzytCzytD0D0CyDtN0D0Tzu0CyBtCtDtN1L2XzutBtFtBtFtCyEtFtCtAyBzytN1L1CzutCyD1B1P1R&cr=1890232313&ir=
SearchScopes: HKLM -> {b7fca997-d0fb-4fe0-8afd-255e89cf9671} URL = hxxp://fr.search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=chr-hp-psg&type=HPNTDF
SearchScopes: HKLM -> {C6032E4B-F4D5-4B62-906B-55E7D90625AF} URL = hxxp://www.amazon.fr/s/ref=azs_osd_ieafr?ie=UTF-8&tag=hp-fr2-vsb-21&link%5Fcode=qs&index=aps&field-keywords={searchTerms}
SearchScopes: HKLM -> {d43b3890-80c7-4010-a95d-1e77b5924dc3} URL = hxxp://fr.wikipedia.org/wiki/Special:Search?search={searchTerms}
SearchScopes: HKLM -> {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = hxxp://rover.ebay.com/rover/1/709-111075-12437-3/4?mpre=hxxp://shop.ebay.com/?_nkw={searchTerms}
SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=HPNTDF&pc=HPNTDF&src=IE-SearchBox
SearchScopes: HKLM-x32 -> {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL = hxxp://feed.helperbar.com/?publisher=YahooOC&dpid=YahooOC&co=FR&userid=86988fe0-332e-4acb-9fcf-603f70917ce3&searchtype=ds&p={searchTerms}&fr=linkury-tb&installDate=07/04/2013&type=hp1000
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=HPNTDF&pc=HPNTDF&src=IE-SearchBox
SearchScopes: HKLM-x32 -> {75b4241f-171e-44a3-bf44-23613b6e3e03} URL = hxxp://search.tb.ask.com/search/GGmain.jhtml?p2=^AYY^xdm073^YYA^fr&si=flvrunner&ptb=41437952-35A0-426A-B400-ADFA74F5C202&ind=2013111214&n=77fda3ae&psa=&st=sb&searchfor={searchTerms}
SearchScopes: HKU\S-1-5-21-869892466-1310413750-2721537338-1000 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-869892466-1310413750-2721537338-1000 -> {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL = hxxp://feed.helperbar.com/?publisher=YahooOC&dpid=YahooOC&co=FR&userid=86988fe0-332e-4acb-9fcf-603f70917ce3&searchtype=ds&p={searchTerms}&fr=linkury-tb&installDate=07/04/2013&type=hp1000
SearchScopes: HKU\S-1-5-21-869892466-1310413750-2721537338-1000 -> {2EB32407-D484-4BC0-8B59-807B017C6A19} URL = hxxp://search.conduit.com/Results.aspx?gd=&ctid=CT3325585&octid=EB_ORIGINAL_CTID&ISID=&SearchSource=58&CUI=&UM=5&UP=SPA9ACF4E7-243A-472F-8294-F85D7101BE85&q={searchTerms}&SSPV=
SearchScopes: HKU\S-1-5-21-869892466-1310413750-2721537338-1000 -> {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = hxxp://start.mysearchdial.com/results.php?f=4&q={searchTerms}&a=telemsd1103&cd=2XzuyEtN2Y1L1Qzu0A0CyBtBzzzy0ByCtAzytCzytD0D0CyDtN0D0Tzu0CyBtCtDtN1L2XzutBtFtBtFtCyEtFtCtAyBzytN1L1CzutCyD1B1P1R&cr=1890232313&ir=
SearchScopes: HKU\S-1-5-21-869892466-1310413750-2721537338-1000 -> {75b4241f-171e-44a3-bf44-23613b6e3e03} URL = hxxp://search.tb.ask.com/search/GGmain.jhtml?p2=^AYY^xdm073^YYA^fr&si=flvrunner&ptb=41437952-35A0-426A-B400-ADFA74F5C202&ind=2013111214&n=77fda3ae&psa=&st=sb&searchfor={searchTerms}
SearchScopes: HKU\S-1-5-21-869892466-1310413750-2721537338-1000 -> {AD018B48-C65E-4B59-ACE0-E40C39DE3FA5} URL = hxxp://websearch.ask.com/redirect?client=ie&tb=ORJ&o=100000027&src=kw&q={searchTerms}&locale=fr_FR&apn_ptnrs=^U3&apn_dtid=^OSJ000^YY^FR&apn_uid=9FE5EDC4-3CA2-4411-AD61-8F31E1E2F654&apn_sauid=B824E26B-3601-404F-89DA-6384084514CE
SearchScopes: HKU\S-1-5-21-869892466-1310413750-2721537338-1000 -> {d43b3890-80c7-4010-a95d-1e77b5924dc3} URL =
SearchScopes: HKU\S-1-5-21-869892466-1310413750-2721537338-1000 -> {D944BB61-2E34-4DBF-A683-47E505C587DC} URL =
BHO: Pas de nom -> {31ad400d-1b06-4e33-a59a-90c2c140cba0} -> Pas de fichier
BHO: Browsing Protection by F-Secure -> {45BBE08D-81C5-4A67-AF20-B2A077C67747} -> C:\Program Files (x86)\F-Secure\apps\Ultralight\nif\1520854327\browser\install\fs_ie_https\fs_ie_https64.dll [2018-03-12] (F-Secure Corporation)
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-19] (Microsoft Corporation)
BHO: TrueSuite Website Log On -> {8590886E-EC8C-43C1-A32C-E4C2B0B6395B} -> C:\Program Files (x86)\HP SimplePass 2011\x64\IEBHO.dll [2011-02-17] (HP)
BHO: Easy Photo Print -> {9421DD08-935F-4701-A9CA-22DF90AC4EA6} -> C:\Program Files (x86)\Epson Software\Easy Photo Print\EPTBL.dll [2015-07-31] (Seiko Epson Corporation)
BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2016-05-01] (Google Inc.)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre6\bin\jp2ssv.dll [2011-06-21] (Sun Microsystems, Inc.)
BHO: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll [2016-07-21] (HP Inc.)
BHO-x32: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2012-12-18] (Adobe Systems Incorporated)
BHO-x32: Pas de nom -> {31ad400d-1b06-4e33-a59a-90c2c140cba0} -> Pas de fichier
BHO-x32: PDF Architect 4 Helper -> {38279E1A-7019-40C1-B579-E99DFB3312E8} -> C:\Program Files (x86)\PDF Architect 4\creator-ie-helper.dll [2015-10-19] (pdfforge GmbH)
BHO-x32: Browsing Protection by F-Secure -> {45BBE08D-81C5-4A67-AF20-B2A077C67747} -> C:\Program Files (x86)\F-Secure\apps\Ultralight\nif\1520854327\browser\install\fs_ie_https\fs_ie_https.dll [2018-03-12] (F-Secure Corporation)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-19] (Microsoft Corporation)
BHO-x32: Pas de nom -> {84FF7BD6-B47F-46F8-9130-01B2696B36CB} -> Pas de fichier
BHO-x32: TrueSuite Website Log On -> {8590886E-EC8C-43C1-A32C-E4C2B0B6395B} -> C:\Program Files (x86)\HP SimplePass 2011\IEBHO.dll [2011-02-17] (HP)
BHO-x32: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2016-05-01] (Google Inc.)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO-x32: Bing Bar Helper -> {d2ce3e00-f94a-4740-988e-03dc2f38c34f} -> C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll [2011-03-01] (Microsoft Corporation.)
BHO-x32: Microsoft Web Test Recorder 10.0 Helper -> {DDA57003-0068-4ed2-9D32-4D1EC707D94D} -> C:\Program Files (x86)\Microsoft Visual Studio 10.0\Common7\IDE\PrivateAssemblies\Microsoft.VisualStudio.QualityTools.RecorderBarBHO100.dll [2010-03-19] (Microsoft Corporation)
BHO-x32: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll [2016-07-21] (HP Inc.)
BHO-x32: SweetPacks Browser Helper -> {EEE6C35C-6118-11DC-9C72-001320C79847} -> C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll [2012-07-04] (SweetIM Technologies Ltd.)
Toolbar: HKLM - Pas de nom - {ae07101b-46d4-4a98-af68-0333ea26e113} - Pas de fichier
Toolbar: HKLM - Easy Photo Print - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files (x86)\Epson Software\Easy Photo Print\EPTBL.dll [2015-07-31] (Seiko Epson Corporation)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2016-05-01] (Google Inc.)
Toolbar: HKLM-x32 - Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll [2011-03-01] (Microsoft Corporation.)
Toolbar: HKLM-x32 - Pas de nom - {6e47d688-85ec-465a-9946-ec58220f14fc} - Pas de fichier
Toolbar: HKLM-x32 - SweetPacks Toolbar for Internet Explorer - {EEE6C35B-6118-11DC-9C72-001320C79847} - C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll [2012-07-04] (SweetIM Technologies Ltd.)
Toolbar: HKLM-x32 - Pas de nom - {ae07101b-46d4-4a98-af68-0333ea26e113} - Pas de fichier
Toolbar: HKLM-x32 - Pas de nom - {D4027C7F-154A-4066-A1AD-4243D8127440} - Pas de fichier
Toolbar: HKLM-x32 - PDF Architect 4 Toolbar - {23FD9C33-A9E1-48A1-8404-E5925CF1C8E1} - C:\Program Files (x86)\PDF Architect 4\creator-ie-plugin.dll [2015-10-19] (pdfforge GmbH)
Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2016-05-01] (Google Inc.)
Toolbar: HKU\S-1-5-21-869892466-1310413750-2721537338-1000 -> Pas de nom - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - Pas de fichier
Toolbar: HKU\S-1-5-21-869892466-1310413750-2721537338-1000 -> Pas de nom - {3BBD3C14-4C16-4989-8366-95BC9179779D} - Pas de fichier
Toolbar: HKU\S-1-5-21-869892466-1310413750-2721537338-1000 -> Pas de nom - {EBD898F8-FCF6-4694-BC3B-EABC7271EEB1} - Pas de fichier
Toolbar: HKU\S-1-5-21-869892466-1310413750-2721537338-1000 -> Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2016-05-01] (Google Inc.)
Toolbar: HKU\S-1-5-21-869892466-1310413750-2721537338-1000 -> Pas de nom - {AF60A4BD-4236-4FCF-802A-D9115BC85E6A} - Pas de fichier
Toolbar: HKU\S-1-5-21-869892466-1310413750-2721537338-1000 -> Pas de nom - {D4027C7F-154A-4066-A1AD-4243D8127440} - Pas de fichier
DPF: HKLM-x32 {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab

FireFox:
========
FF ProfilePath: C:\Users\Boulanger\AppData\Roaming\Mozilla\Sunbird\Profiles\ssvr7sfs.default [2013-05-28]
FF Extension: (Pas de nom) - C:\Program Files (x86)\Mozilla Sunbird\extensions\calendar-timezones@mozilla.org [non trouvé(e)]
FF Extension: (Pas de nom) - C:\Program Files (x86)\Mozilla Sunbird\extensions\{e2fda1a4-762b-4020-b5ad-a41df1933103} [non trouvé(e)]
FF HKLM\...\Firefox\Extensions: [pdf_architect_4_conv@pdfarchitect.org] - C:\Program Files\PDF Architect 4\resources\pdfarchitect4firefoxextension
FF Extension: (PDF Architect 4 Creator) - C:\Program Files\PDF Architect 4\resources\pdfarchitect4firefoxextension [2015-11-10] [Legacy] [non signé]
FF HKLM\...\Firefox\Extensions: [ols@f-secure.com] - C:\Program Files (x86)\F-Secure\apps\Ultralight\nif\1520854327\browser\install\fs_firefox_https\fs_firefox_https.xpi
FF Extension: (Browsing Protection by F-Secure) - C:\Program Files (x86)\F-Secure\apps\Ultralight\nif\1520854327\browser\install\fs_firefox_https\fs_firefox_https.xpi [2018-03-12]
FF HKLM-x32\...\Firefox\Extensions: [ocr@babylon.com] - C:\Program Files (x86)\Babylon\Babylon-Pro\Utils\ocr@babylon.com => non trouvé(e)
FF HKLM-x32\...\Firefox\Extensions: [ols@f-secure.com] - C:\Program Files (x86)\F-Secure\apps\Ultralight\nif\1520854327\browser\install\fs_firefox_https\fs_firefox_https.xpi
FF Plugin: @java.com/JavaPlugin -> C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll [2011-06-21] (Sun Microsystems, Inc.)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.50907.0\npctrl.dll [2017-05-03] ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\system32\Adobe\Director\np32dsw.dll [Pas de fichier]
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll [2015-05-21] (Google)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.50907.0\npctrl.dll [2017-05-03] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2010-11-10] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2010-11-10] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.7\npGoogleUpdate3.dll [2017-11-16] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.7\npGoogleUpdate3.dll [2017-11-16] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.0.8 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2016-01-21] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2016-01-21] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.2 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2016-01-21] (VideoLAN)
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll [2010-12-08] ()
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll [2012-12-18] (Adobe Systems Inc.)
FF Plugin-x32: PDF Architect 4 -> C:\Program Files (x86)\PDF Architect 4\np-previewer.dll [2015-10-19] (pdfforge GmbH)

Chrome:
=======
CHR StartupUrls: Default -> "hxxp://Vosteran.com/?f=7&a=vst_fs_14_50_ch&cd=2XzuyEtN2Y1L1Qzu0A0CyBtBzzzy0ByCtAzytCzytD0D0CyDtN0D0Tzu0StCtDyBtAtN1L2XzutAtFyCtFtCtDtFtCtDtN1L1Czu0C0I0S0V0E0R1V1BtN1L1G1B1V1N2Y1L1Qzu2SyD0Ezz0DtA0BtDyDtGyCyC0CtBtGtByE0C0BtG0CyC0DtDtGyDyB0ByCtByD0FtA0EtAzztD2QtN1M1F1B2Z1V1N2Y1L1Qzu2StA0ByByB0AtCtA0BtGtCyC0B0DtGyEtC0DyEtGzzyC0D0EtGyCtBtBtCyC0E0DtA0BtDtC0B2Q&cr=1950922465&ir="
CHR NewTab: Default -> Active:"chrome-extension://gglnonobhpbfkiifdpofdglcobmkdokl/newtabproduct.html"
CHR DefaultSearchURL: Default -> hxxps://search.f-secure.com/search?query={searchTerms}&fs_uo=provider
CHR DefaultSearchKeyword: Default -> search.f-secure.com
CHR DefaultSuggestURL: Default -> hxxps://completr-v2.appspot.com/?l=fr&c=FR&q={searchTerms}&o=1
CHR Session Restore: Default -> est activé.
CHR Profile: C:\Users\Boulanger\AppData\Local\Google\Chrome\User Data\Default [2018-05-13]
CHR Extension: (Website Logon) - C:\Users\Boulanger\AppData\Local\Google\Chrome\User Data\Default\Extensions\aepeildmfnnehghlknddebgjghlompfe [2014-09-18]
CHR Extension: (Google Agenda) - C:\Users\Boulanger\AppData\Local\Google\Chrome\User Data\Default\Extensions\ejjicmeblgpmajnghnpcppodonldlgfn [2017-02-26]
CHR Extension: (Barre de Confiance CM-CIC) - C:\Users\Boulanger\AppData\Local\Google\Chrome\User Data\Default\Extensions\ffjkhaeogkeelkioellpgcebmekedpag [2015-06-03]
CHR Extension: (MapsGalaxy) - C:\Users\Boulanger\AppData\Local\Google\Chrome\User Data\Default\Extensions\gglnonobhpbfkiifdpofdglcobmkdokl [2018-04-26]
CHR Extension: (Bouton Enregistrer Pinterest) - C:\Users\Boulanger\AppData\Local\Google\Chrome\User Data\Default\Extensions\gpdjojdkbbmdfjfahjcgigfpmkopogic [2018-05-01]
CHR Extension: (Itineraire - Offres shopping) - C:\Users\Boulanger\AppData\Local\Google\Chrome\User Data\Default\Extensions\jlincbpgbkpbjepghokdnhnnpphmegig [2016-09-17]
CHR Extension: (Browsing Protection by F-Secure) - C:\Users\Boulanger\AppData\Local\Google\Chrome\User Data\Default\Extensions\jmjjnhpacphpjmnnlnccpfmhkcloaade [2018-02-09]
CHR Extension: (Paiements via le Chrome Web Store) - C:\Users\Boulanger\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-04-03]
CHR Extension: (Cheklaby : La carte animée de Paris) - C:\Users\Boulanger\AppData\Local\Google\Chrome\User Data\Default\Extensions\oldodgeclckjlppmdlilnngkegpiioho [2017-11-15]
CHR Extension: (Chrome Media Router) - C:\Users\Boulanger\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2018-05-06]
CHR HKLM\...\Chrome\Extension: [jmjjnhpacphpjmnnlnccpfmhkcloaade] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM\...\Chrome\Extension: [oilkkkefbalmbfppgjmgjoefbclebkce] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM\...\Chrome\Extension: [pflphaooapbgpeakohlggbpidpppgdff] - C:\Users\Boulanger\AppData\Local\mysearchdial-speeddial.crx <non trouvé(e)>
CHR HKU\S-1-5-21-869892466-1310413750-2721537338-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [amfclgbdpgndipgoegfpkkgobahigbcl] - C:\Users\Boulanger\AppData\Local\Smartbar/Application\1Extension.crx <non trouvé(e)>
CHR HKU\S-1-5-21-869892466-1310413750-2721537338-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [oilkkkefbalmbfppgjmgjoefbclebkce] - hxxps://clients2.google.com/service/update2/crx
CHR HKU\S-1-5-21-869892466-1310413750-2721537338-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [pflphaooapbgpeakohlggbpidpppgdff] - C:\Users\Boulanger\AppData\Local\mysearchdial-speeddial.crx <non trouvé(e)>
CHR HKLM-x32\...\Chrome\Extension: [aepeildmfnnehghlknddebgjghlompfe] - C:\Program Files (x86)\HP SimplePass 2011\tschrome.crx [2011-02-11]
CHR HKLM-x32\...\Chrome\Extension: [jcdgjdiieiljkfkdcloehkohchhpekkn] - C:\Users\Boulanger\AppData\Local\Google\Chrome\User Data\Default\External Extensions\{EEE6C373-6118-11DC-9C72-001320C79847}\SweetFB.crx [2012-11-18]
CHR HKLM-x32\...\Chrome\Extension: [jmjjnhpacphpjmnnlnccpfmhkcloaade] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [oilkkkefbalmbfppgjmgjoefbclebkce] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [pflphaooapbgpeakohlggbpidpppgdff] - C:\Users\Boulanger\AppData\Local\mysearchdial-speeddial.crx <non trouvé(e)>

==================== Services (Avec liste blanche) ====================

(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)

R2 AESTFilters; C:\Program Files\IDT\WDM\AESTSr64.exe [89600 2009-03-03] (Andrea Electronics Corporation) [Fichier non signé]
S2 Bluetooth Device Monitor; C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe [901184 2011-01-24] (Intel Corporation) [Fichier non signé]
S3 Bluetooth Media Service; C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe [1298496 2011-01-24] (Intel Corporation) [Fichier non signé]
S2 Bluetooth OBEX Service; C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe [991296 2011-01-24] (Intel Corporation) [Fichier non signé]
S2 CLKMSVC10_38F51D56; C:\Program Files (x86)\CyberLink\PowerDVD10\NavFilter\kmsvc.exe [241648 2011-01-25] (CyberLink)
R2 EpsonScanSvc; C:\WINDOWS\system32\EscSvc64.exe [144560 2012-05-17] (Seiko Epson Corporation)
R2 fshoster; C:\Program Files (x86)\F-Secure\fshoster32.exe [199136 2018-03-05] (F-Secure Corporation)
R2 fsnethoster; C:\Program Files (x86)\F-Secure\fshoster32.exe [199136 2018-03-05] (F-Secure Corporation)
R2 fsulhoster; C:\Program Files (x86)\F-Secure\apps\Ultralight\ulcore\1525688755\fshoster64.exe [572896 2018-05-07] (F-Secure Corporation)
R2 fsulorsp; C:\Program Files (x86)\F-Secure\apps\Ultralight\ulcore\1525688755\fsorsp64.exe [78304 2018-05-07] (F-Secure Corporation)
R2 HPSupportSolutionsFrameworkService; C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe [332656 2018-05-02] (HP Inc.)
R2 HPTouchpointAnalyticsService; C:\Program Files\HP\HP Touchpoint Analytics Client\TouchpointAnalyticsClientService.exe [332216 2017-11-22] (HP Inc.)
R2 IconMan_R; C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe [2413056 2014-03-29] (Realsil Microelectronics Inc.) [Fichier non signé]
R2 InstallClick; C:\Program Files (x86)\RIFT Technologies\InstallClick Connector\installclick.exe [149840 2012-04-26] ()
R2 MSSQL$SQLEXPRESS; C:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\sqlservr.exe [57617752 2009-03-30] (Microsoft Corporation)
R2 MyEpson Portal Service; C:\Program Files (x86)\EPSON\MyEpson Portal\mepService.exe [714712 2017-06-28] (Seiko Epson Corporation)
S3 PDF Architect 4; C:\Program Files\PDF Architect 4\ws.exe [2417376 2015-10-19] (pdfforge GmbH)
S3 PDF Architect 4 CrashHandler; C:\Program Files\PDF Architect 4\crash-handler-ws.exe [1038048 2015-10-19] (pdfforge GmbH)
R2 PDF Architect 4 Creator; C:\Program Files\PDF Architect 4\creator-ws.exe [851168 2015-10-19] (pdfforge GmbH)
S4 SQLAgent$SQLEXPRESS; C:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\SQLAGENT.EXE [427880 2009-03-30] (Microsoft Corporation)
R2 ss_conn_service; C:\Program Files\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe [752224 2017-01-16] (DEVGURU Co., LTD.)
S2 STacSV; C:\Program Files\IDT\WDM\STacSV64.exe [297984 2011-03-11] (IDT, Inc.) [Fichier non signé]
R2 SynTPEnhService; C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe [253960 2016-04-28] (Synaptics Incorporated)
R2 WDDriveService; C:\Program Files (x86)\Western Digital\WD Drive Manager\WDDriveService.exe [306552 2015-07-20] (Western Digital Technologies, Inc.)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [355304 2017-09-29] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [105944 2017-09-29] (Microsoft Corporation)

===================== Pilotes (Avec liste blanche) ======================

(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)

R3 F-Secure Gatekeeper; C:\Program Files (x86)\F-Secure\apps\Ultralight\ulcore\1525688755\fsulgk.sys [239952 2018-05-07] (F-Secure Corporation)
R1 F-Secure UL HIPS; C:\Program Files (x86)\F-Secure\apps\Ultralight\ulcore\1525688755\fshs.sys [102216 2018-05-07] (F-Secure Corporation)
R0 fsbts; C:\WINDOWS\System32\drivers\fsbts.sys [73928 2017-11-09] ()
R0 fsbts; C:\Windows\SysWOW64\drivers\fsbts.sys [42248 2013-02-28] ()
R3 fsni; C:\Program Files (x86)\F-Secure\apps\Ultralight\nif\1520854327\fsni64.sys [117576 2018-03-12] (F-Secure Corporation)
R1 fsvista; C:\Program Files (x86)\F-Secure\apps\ComputerSecurity\Anti-Virus\minifilter\fsvista.sys [13352 2014-06-24] ()
R3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [604160 2017-09-29] (Realtek )
R3 SmbDrvI; C:\WINDOWS\system32\DRIVERS\Smb_driver_Intel.sys [52904 2016-04-28] (Synaptics Incorporated)
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [44608 2017-09-29] (Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [309144 2017-09-29] (Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [119192 2017-09-29] (Microsoft Corporation)
S3 WirelessKeyboardFilter; C:\WINDOWS\System32\drivers\WirelessKeyboardFilter.sys [49896 2016-07-22] (Microsoft Corporation)
U3 idsvc; pas de ImagePath

==================== NetSvcs (Avec liste blanche) ===================

(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)


==================== Un mois - Créés - fichiers et dossiers ========

(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)

2018-05-13 19:45 - 2018-05-13 19:46 - 000035769 _____ C:\Users\Angel\Desktop\FRST.txt
2018-05-13 19:45 - 2018-05-13 19:45 - 002404864 _____ (Farbar) C:\Users\Angel\Desktop\FRST64.exe
2018-05-13 19:45 - 2018-05-13 19:45 - 000000000 ____D C:\Users\Angel\Desktop\FRST-OlderVersion
2018-05-13 19:44 - 2018-05-13 19:45 - 000000000 ____D C:\FRST
2018-05-13 18:37 - 2018-05-13 19:12 - 000000000 ____D C:\~00~
2018-05-08 09:41 - 2018-05-12 16:35 - 000001205 _____ C:\Users\Angel\Desktop\Diagramme Gantt Angel v1.01 - Raccourci.lnk
2018-05-08 08:23 - 2018-05-08 08:23 - 000001083 _____ C:\Users\Angel\Desktop\Diagramme Gantt Angel v1.01 - Raccourci (2).lnk
2018-05-08 08:12 - 2010-11-29 12:14 - 000067472 ____N (CANON INC.) C:\WINDOWS\SysWOW64\IJRMF.exe
2018-05-07 11:09 - 2018-05-08 13:20 - 000000000 ____D C:\Program Files\Reimage
2018-05-07 11:08 - 2018-05-08 13:18 - 000000150 _____ C:\WINDOWS\Reimage.ini
2018-05-02 13:37 - 2018-05-02 13:37 - 000001276 _____ C:\Users\Angel\Desktop\JC_Devis_Factures - Raccourci.lnk
2018-04-28 23:14 - 2018-04-28 23:14 - 000001185 _____ C:\Users\Angel\Desktop\Planning Stagiaires v1 - Raccourci.lnk
2018-04-28 23:11 - 2018-04-28 23:11 - 000001865 _____ C:\Users\Angel\Desktop\Diagramme Gantt v1.01 - Raccourci.lnk
2018-04-26 17:26 - 2018-04-26 17:26 - 009818760 _____ (Hewlett-Packard Company ) C:\Users\Angel\Downloads\sp67743.exe
2018-04-21 07:23 - 2018-04-21 07:23 - 000001956 _____ C:\Users\Angel\Desktop\Piratrax.lnk
2018-04-21 07:23 - 2018-04-21 07:23 - 000000000 ____D C:\Users\Boulanger\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Piratrax
2018-04-16 20:38 - 2018-04-16 20:38 - 000001096 _____ C:\Users\Angel\Desktop\BD Caisse v1.01 - Raccourci.lnk
2018-04-14 21:25 - 2018-04-14 21:25 - 000000000 ____D C:\Users\Boulanger\AppData\Local\BudgetView
2018-04-14 21:24 - 2018-04-14 21:25 - 000000000 ____D C:\Users\Boulanger\.oracle_jre_usage

==================== Un mois - Modifiés - fichiers et dossiers ========

(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)

2018-05-13 19:00 - 2012-08-24 09:07 - 000000000 ____D C:\SauveUSB-66144
2018-05-13 19:00 - 2012-04-21 06:54 - 000000000 ____D C:\Comptes
2018-05-13 18:50 - 2014-01-17 12:21 - 000000000 ____D C:\Users\Boulanger\Documents\Ymsoft
2018-05-13 18:50 - 2012-08-10 10:03 - 000000000 ____D C:\Users\Boulanger\AppData\Roaming\Ymsoft
2018-05-13 18:42 - 2017-12-10 11:44 - 000004170 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{301DFC09-7C86-4ED2-A72D-B05FD9F44AFB}
2018-05-13 18:37 - 2012-06-24 17:01 - 000000000 ____D C:\Users\Boulanger\AppData\Local\piratrax
2018-05-13 18:28 - 2015-12-14 17:23 - 000000000 ____D C:\Users\Boulanger\AppData\Local\SweetLabs App Platform
2018-05-13 18:19 - 2012-01-11 17:12 - 000000000 ____D C:\Users\Boulanger\AppData\LocalLow\AuthenTec
2018-05-13 13:24 - 2017-12-10 10:50 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2018-05-12 19:23 - 2016-10-08 21:01 - 130802688 _____ C:\Users\Boulanger\Documents\archive.pst
2018-05-12 19:23 - 2014-05-01 19:13 - 000000000 ____D C:\Users\Boulanger\Documents\Fichiers Outlook
2018-05-12 19:23 - 2011-02-19 22:10 - 000000000 ____D C:\Users\Angel\Documents\Fichiers Outlook
2018-05-12 18:38 - 2016-08-31 10:32 - 000000000 ___RD C:\Users\Boulanger\Documents\Angel_Perso
2018-05-12 18:37 - 2017-09-29 15:46 - 000000000 ____D C:\WINDOWS\rescache
2018-05-12 16:38 - 2017-09-29 15:46 - 000000000 ____D C:\WINDOWS\DeliveryOptimization
2018-05-12 16:38 - 2017-09-29 15:46 - 000000000 ____D C:\WINDOWS\AppReadiness
2018-05-12 16:37 - 2017-09-29 15:46 - 000000000 ___HD C:\Program Files\WindowsApps
2018-05-12 16:25 - 2017-09-29 15:37 - 000000000 ____D C:\WINDOWS\CbsTemp
2018-05-08 13:48 - 2017-12-10 11:44 - 000003274 _____ C:\WINDOWS\System32\Tasks\HPCeeScheduleForBoulanger
2018-05-08 13:48 - 2017-07-08 19:00 - 000000366 _____ C:\WINDOWS\Tasks\HPCeeScheduleForBoulanger.job
2018-05-08 08:12 - 2012-04-22 22:38 - 000000000 ____D C:\Program Files (x86)\Canon
2018-05-07 17:31 - 2014-01-01 00:13 - 000001592 _____ C:\Users\Boulanger\AppData\Roaming\ofx2csv.ini
2018-05-07 17:20 - 2017-09-29 15:44 - 000000000 ____D C:\WINDOWS\INF
2018-05-07 17:20 - 2012-04-22 22:43 - 000000000 ___HD C:\ProgramData\CanonIJScan
2018-05-07 17:20 - 2012-04-22 22:43 - 000000000 ____D C:\Users\Boulanger\AppData\Roaming\Canon
2018-05-07 12:04 - 2017-12-10 11:44 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2018-05-07 12:04 - 2015-10-04 15:04 - 000142832 ____N (CyberLink Corp.) C:\WINDOWS\system32\Drivers\rikvm_38F51D56.sys
2018-05-07 12:01 - 2017-09-29 10:45 - 001048576 _____ C:\WINDOWS\system32\config\BBI
2018-05-06 17:24 - 2017-12-10 11:03 - 000000000 ____D C:\Users\Boulanger
2018-05-06 10:09 - 2016-09-02 16:02 - 000001706 _____ C:\Users\Public\Documents\SyncSettings.ffs_gui
2018-05-06 10:08 - 2017-03-16 12:12 - 000000989 _____ C:\Users\Public\Desktop\RealTimeSync.lnk
2018-05-06 10:08 - 2013-10-12 10:20 - 000001031 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FreeFileSync.lnk
2018-05-06 10:08 - 2013-10-12 10:20 - 000001001 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RealTimeSync.lnk
2018-05-06 10:08 - 2013-10-12 10:17 - 000001019 _____ C:\Users\Public\Desktop\FreeFileSync.lnk
2018-05-06 10:08 - 2013-10-12 10:17 - 000000000 ____D C:\Program Files\FreeFileSync
2018-05-06 09:52 - 2017-12-10 10:57 - 002708136 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2018-05-06 09:52 - 2017-09-30 16:40 - 001239668 _____ C:\WINDOWS\system32\perfh00C.dat
2018-05-06 09:52 - 2017-09-30 16:40 - 000288276 _____ C:\WINDOWS\system32\perfc00C.dat
2018-05-06 09:44 - 2012-04-23 00:09 - 000000000 ____D C:\Program Files (x86)\F-Secure
2018-05-05 09:48 - 2012-07-17 13:48 - 000000000 ____D C:\Users\Boulanger\AppData\LocalLow\Temp
2018-05-04 19:01 - 2017-09-29 15:46 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2018-05-02 13:38 - 2016-11-28 10:40 - 000002224 _____ C:\Users\Angel\Desktop\JC_Devis_Facture.lnk
2018-05-02 08:40 - 2017-12-10 11:44 - 000003370 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-869892466-1310413750-2721537338-1000
2018-05-02 08:38 - 2015-10-04 15:43 - 000002461 _____ C:\Users\Boulanger\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2018-05-02 08:38 - 2015-10-04 15:43 - 000000000 ___RD C:\Users\Boulanger\OneDrive
2018-05-02 08:37 - 2012-04-22 23:58 - 000000000 ____D C:\ProgramData\f-secure
2018-04-26 17:34 - 2017-12-10 11:44 - 000000000 ____D C:\WINDOWS\System32\Tasks\Hewlett-Packard
2018-04-26 17:28 - 2011-06-21 18:35 - 000000000 ____D C:\Program Files (x86)\Hewlett-Packard
2018-04-26 17:26 - 2011-02-10 21:23 - 000000000 ____D C:\SWSetup
2018-04-21 07:23 - 2017-12-10 11:44 - 000003154 _____ C:\WINDOWS\System32\Tasks\Piratrax_with_menu
2018-04-21 07:23 - 2017-12-10 11:44 - 000003144 _____ C:\WINDOWS\System32\Tasks\Piratrax_autorun
2018-04-21 07:23 - 2017-07-31 11:38 - 000000000 ____D C:\Program Files (x86)\Piratrax
2018-04-21 07:23 - 2012-06-24 17:01 - 000001986 _____ C:\Users\Boulanger\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Piratrax.lnk

==================== Fichiers à la racine de certains dossiers =======

2015-09-22 16:21 - 2015-09-22 16:23 - 063831744 _____ () C:\Users\Boulanger\WDMyCloud_win.exe
2013-03-26 11:48 - 2010-07-30 10:31 - 001313504 _____ (CDIP) C:\Program Files (x86)\ProjectConverter.exe
2013-12-31 18:22 - 2014-01-01 23:45 - 000001017 _____ () C:\Users\Boulanger\AppData\Roaming\bank2csv.ini
2017-03-02 18:30 - 2017-07-25 18:37 - 000012987 _____ () C:\Users\Boulanger\AppData\Roaming\Microsoft Access 97-2003.CAL
2016-08-06 09:22 - 2016-08-06 09:22 - 000025600 _____ () C:\Users\Boulanger\AppData\Roaming\Microsoft Excel 97-2003.ADR
2017-03-02 18:27 - 2017-03-02 18:27 - 000012988 _____ () C:\Users\Boulanger\AppData\Roaming\Microsoft Excel 97-2003.CAL
2014-01-01 00:13 - 2018-05-07 17:31 - 000001592 _____ () C:\Users\Boulanger\AppData\Roaming\ofx2csv.ini
2013-11-05 00:33 - 2013-11-05 00:33 - 000083006 _____ () C:\Users\Boulanger\AppData\Roaming\WavePad.dmp
2013-12-31 19:06 - 2014-12-10 18:58 - 000000076 _____ () C:\Users\Boulanger\AppData\Roaming\WB.CFG
2014-12-09 15:56 - 2014-12-09 15:56 - 000031794 _____ () C:\Users\Boulanger\AppData\Local\13E5D428_stp.CIS
2014-12-09 15:56 - 2014-12-09 15:57 - 000000289 _____ () C:\Users\Boulanger\AppData\Local\13E5D428_stp.CIS.part
2014-01-17 12:13 - 2014-09-12 20:42 - 000000129 _____ () C:\Users\Boulanger\AppData\Local\1c1609cb78cb8884e96f6d189fd05f67
2015-01-19 11:38 - 2015-01-19 11:38 - 000236098 _____ () C:\Users\Boulanger\AppData\Local\1CB6E743_stp.CIS
2015-01-19 11:38 - 2015-01-19 11:41 - 000000271 _____ () C:\Users\Boulanger\AppData\Local\1CB6E743_stp.CIS.part
2014-12-09 15:56 - 2014-12-09 15:56 - 000382062 _____ () C:\Users\Boulanger\AppData\Local\6AC3B58C_stp.CIS
2014-12-09 15:56 - 2014-12-09 15:57 - 000000220 _____ () C:\Users\Boulanger\AppData\Local\6AC3B58C_stp.CIS.part
2015-01-26 12:01 - 2015-01-26 12:01 - 000201123 _____ () C:\Users\Boulanger\AppData\Local\7A514A11_stp.CIS
2015-01-26 12:01 - 2015-01-26 12:01 - 000000294 _____ () C:\Users\Boulanger\AppData\Local\7A514A11_stp.CIS.part
2014-09-12 20:44 - 2014-09-12 21:02 - 000000129 _____ () C:\Users\Boulanger\AppData\Local\d2926ebf90c89f587ec67323aeea8c8d
2012-05-14 22:17 - 2012-11-09 18:23 - 000008704 _____ () C:\Users\Boulanger\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2014-02-23 23:08 - 2014-03-02 14:02 - 000000129 _____ () C:\Users\Boulanger\AppData\Local\fd5a5daf755ceefe223052ac51c9c37e
2012-11-23 00:02 - 2012-11-23 00:02 - 000000008 ____H () C:\Users\Boulanger\AppData\Local\L8457789120
2014-11-26 21:16 - 2014-11-26 21:16 - 000001405 _____ () C:\Users\Boulanger\AppData\Local\recently-used.xbel
2013-02-12 20:51 - 2015-12-14 16:05 - 000007605 _____ () C:\Users\Boulanger\AppData\Local\resmon.resmoncfg

Certains fichiers dans TEMP:
====================
2010-07-09 12:51 - 2010-07-09 12:51 - 000028480 ____N (Automated Programming Technologies, Inc.) C:\Users\Angel\AppData\Local\Temp\AMPing.exe
2012-02-19 01:52 - 2012-02-19 01:52 - 000357032 ____N (Ask.com) C:\Users\Angel\AppData\Local\Temp\ApnStub.exe
2011-05-06 17:49 - 2011-05-06 17:49 - 002871968 ____N (Adobe Systems, Inc.) C:\Users\Angel\AppData\Local\Temp\FlashPlayerUpdate.exe
2011-02-19 22:49 - 2009-11-18 18:04 - 000192936 ____N (F-Secure Corporation) C:\Users\Angel\AppData\Local\Temp\fsprod.dll
2011-02-19 22:49 - 2009-11-19 16:25 - 000356776 ____N (F-Secure Corporation) C:\Users\Angel\AppData\Local\Temp\fssfm.dll
2008-03-31 01:40 - 2008-03-31 01:40 - 000771408 ____N (CANON INC.) C:\Users\Angel\AppData\Local\Temp\MSETUP4.EXE
2011-11-30 01:12 - 2011-11-30 16:47 - 001521360 ____N (Aedge Performance BCN SL) C:\Users\Angel\AppData\Local\Temp\OB.exe
2010-03-29 14:50 - 2010-03-29 14:50 - 000149352 ____N (Microsoft Corporation) C:\Users\Angel\AppData\Local\Temp\ose00000.exe
2011-02-19 22:49 - 2009-11-19 16:24 - 000184744 ____N (F-Secure Corporation) C:\Users\Angel\AppData\Local\Temp\preconfig.exe
1997-01-18 12:53 - 2012-04-22 19:56 - 003943592 ____N (Ask) C:\Users\Angel\AppData\Local\Temp\SETUP.EXE
1995-09-07 21:22 - 1995-09-07 21:22 - 000008192 ____N (Stirling Technologies, Inc.) C:\Users\Angel\AppData\Local\Temp\_ISDEL.EXE
1998-01-20 18:35 - 1998-01-20 18:35 - 000012288 ____N (InstallShield Corporation, Inc.) C:\Users\Angel\AppData\Local\Temp\_SETUP.DLL

==================== Bamital & volsnap ======================

(Il n'y a pas de correction automatique pour les fichiers qui ne satisfont pas à la vérification.)

C:\WINDOWS\system32\winlogon.exe => Le fichier est signé numériquement
C:\WINDOWS\system32\wininit.exe => Le fichier est signé numériquement
C:\WINDOWS\explorer.exe => Le fichier est signé numériquement
C:\WINDOWS\SysWOW64\explorer.exe => Le fichier est signé numériquement
C:\WINDOWS\system32\svchost.exe => Le fichier est signé numériquement
C:\WINDOWS\SysWOW64\svchost.exe => Le fichier est signé numériquement
C:\WINDOWS\system32\services.exe => Le fichier est signé numériquement
C:\WINDOWS\system32\User32.dll => Le fichier est signé numériquement
C:\WINDOWS\SysWOW64\User32.dll => Le fichier est signé numériquement
C:\WINDOWS\system32\userinit.exe => Le fichier est signé numériquement
C:\WINDOWS\SysWOW64\userinit.exe => Le fichier est signé numériquement
C:\WINDOWS\system32\rpcss.dll => Le fichier est signé numériquement
C:\WINDOWS\system32\dnsapi.dll => Le fichier est signé numériquement
C:\WINDOWS\SysWOW64\dnsapi.dll => Le fichier est signé numériquement
C:\WINDOWS\system32\Drivers\volsnap.sys => Le fichier est signé numériquement

LastRegBack: 2018-05-08 08:55

==================== Fin de FRST.txt ============================