Résultats d'analyse de Farbar Recovery Scan Tool (FRST) (x64) Version: 09.09.2018
Exécuté par admin (administrateur) sur ADMIN-PC (12-09-2018 13:05:57)
Exécuté depuis C:\Users\admin\Desktop
Profils chargés: admin (Profils disponibles: admin & Matty EVALUATIONS)
Platform: Windows 7 Professional Service Pack 1 (X64) Langue: Français (France)
Internet Explorer Version 11 (Navigateur par défaut: FF)
Mode d'amorçage: Normal
Tutoriel pour Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processus (Avec liste blanche) =================

(Si un élément est inclus dans le fichier fixlist.txt, le processus sera arrêté. Le fichier ne sera pas déplacé.)

(Lenovo.) C:\Windows\System32\ibmpmsvc.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Microsoft Corporation) C:\Windows\System32\wisptis.exe
(Broadcom Corporation) C:\Program Files\Broadcom Corporation\Broadcom USH Host Components\CV\bin\HostControlService.exe
(Broadcom Corporation) C:\Program Files\Broadcom Corporation\Broadcom USH Host Components\CV\bin\HostStorageService.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe
(Dropbox, Inc.) C:\Windows\System32\DbxSvc.exe
(Seiko Epson Corporation) C:\Windows\System32\escsvc64.exe
(SEIKO EPSON CORPORATION) C:\Program Files (x86)\epson\MyEpson Portal\mepService.exe
(QUALCOMM, Inc.) C:\Program Files (x86)\QUALCOMM\QDLService2k\QDLService2kLenovo.exe
(Samsung Electronics Co., Ltd.) C:\Windows\System32\RAPID\SamsungRapidSvc.exe
(Microsoft Corporation) C:\Windows\splwow64.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\NisSrv.exe
(SEIKO EPSON CORPORATION) C:\Program Files (x86)\epson\MyEpson Portal\mep.exe
(Microsoft Corporation) C:\Windows\System32\wisptis.exe
(Microsoft Corporation) C:\Windows\splwow64.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Samsung Electronics Co., Ltd.) C:\Program Files (x86)\Samsung\RAPID\CacheFilter\SamsungRapidApp.exe
(Seiko Epson Corporation) C:\Windows\System32\spool\drivers\x64\3\E_YATISLE.EXE
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\root\Office16\ONENOTEM.EXE
(PFU LIMITED) C:\Program Files (x86)\PFU\ScanSnap\Update\SsUWatcher.exe
(Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
(SEIKO EPSON CORPORATION) C:\Program Files (x86)\EPSON Software\Event Manager\EEventManager.exe
(Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Samsung Electronics Co. Ltd.) C:\Program Files (x86)\Samsung\Samsung Magician\SamsungMagician.exe
(Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\ink\InputPersonalization.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe

==================== Registre (Avec liste blanche) ===========================

(Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé. Le fichier ne sera pas déplacé.)

HKLM\...\Run: [MSC] => c:\Program Files\Microsoft Security Client\msseces.exe [1340192 2016-01-29] (Microsoft Corporation)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2963184 2013-04-24] (Synaptics Incorporated)
HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [287592 2013-11-21] (Intel Corporation)
HKLM\...\Run: [SamsungRapidApp] => C:\Program Files (x86)\Samsung\RAPID\CacheFilter\SamsungRapidApp.exe [123800 2016-11-18] (Samsung Electronics Co., Ltd.)
HKLM-x32\...\Run: [ScanSnap OnlineUpdate Watcher] => C:\Program Files (x86)\PFU\ScanSnap\Update\SsUWatcher.exe [77824 2015-11-17] (PFU LIMITED)
HKLM-x32\...\Run: [Dropbox] => C:\Program Files (x86)\Dropbox\Client\Dropbox.exe [3750208 2018-08-28] (Dropbox, Inc.)
HKLM-x32\...\Run: [EEventManager] => C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe [1151872 2016-11-18] (SEIKO EPSON CORPORATION)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-2680659666-2315148178-4308562-1000\...\Run: [Chromium] => "c:\users\admin\appdata\local\chromium\application\chrome.exe" --auto-launch-at-startup --profile-directory="Default" --restore-last-session
HKU\S-1-5-21-2680659666-2315148178-4308562-1000\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [9288408 2016-12-06] (Piriform Ltd)
HKU\S-1-5-21-2680659666-2315148178-4308562-1000\...\Run: [EPLTarget\P0000000000000000] => C:\Windows\system32\spool\DRIVERS\x64\3\E_YATISLE.EXE [418000 2016-07-14] (Seiko Epson Corporation)
Startup: C:\Users\admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Envoyer à OneNote.lnk [2018-09-12]
ShortcutTarget: Envoyer à OneNote.lnk -> C:\Program Files (x86)\Microsoft Office\root\Office16\ONENOTEM.EXE (Microsoft Corporation)
GroupPolicy: Restriction ? <==== ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION

==================== Internet (Avec liste blanche) ====================

(Si un élément est inclus dans le fichier fixlist.txt, s'il s'agit d'un élément du Registre, il sera supprimé ou restauré à la valeur par défaut.)

Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{07A8A80A-EB66-4BBF-89DA-76957A930614}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{3CDD0A81-C677-4A21-A111-45F78FF1CDF5}: [DhcpNameServer] 172.16.1.10
Tcpip\..\Interfaces\{B8A7ACE1-D614-412C-A108-59A8A9619740}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{DE6535A9-0061-4247-A16F-5BE9EEE44522}: [DhcpNameServer] 192.168.1.1

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.bing.com/search?FORM=INCOH1&PC=IC05&PTAG=ICO-ff96c91f
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.bing.com/search?FORM=INCOH1&PC=IC05&PTAG=ICO-ff96c91f
HKU\S-1-5-21-2680659666-2315148178-4308562-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.bing.com/search?FORM=INCOH1&PC=IC05&PTAG=ICO-ff96c91f
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?FORM=INCOH2&PC=IC05&PTAG=ICO-ff96c91f&q={searchTerms}
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?FORM=INCOH2&PC=IC05&PTAG=ICO-ff96c91f&q={searchTerms}
SearchScopes: HKLM -> {1b31c9d2-7135-442b-bb93-7c002172adc6} URL = hxxps://fr.search.yahoo.com/yhs/search?hspart=elm&hsimp=yhs-001&type=hdr_s_16_23_orgnl¶m1=1¶m2=f%3D4%26b%3DIE%26cc%3Dfr%26pa%3DHodor%26cd%3D2XzuyEtN2Y1L1Qzu0FtD0D0E0FtCyEtA0D0AtC0FzyyByDtBtN0D0Tzu0StCyCtBtDtN1L2XzutAtFtBtCtFtCtFtDtN1L1Czu1M1Q1CtByEtFtCtFtDtN1L1G1B1V1N2Y1L1Qzu2SyC0EyB0F0BtC0FzztGtAtCzy0AtG0C0E0EyDtGtA0AtB0AtGyC0B0ByDtCtDtD0D0FtBzz0E2QtN1M1F1B2Z1V1N2Y1L1Qzu2S0Czyzy0F0Fzy0CtBtGzzyBzytAtGyEtDyByDtG0BzzzytDtG0E0DyCyE0D0F0AzytBzytByE2QtN0A0LzuyE%26cr%3D1501778171%26a%3Dhdr_s_16_23_orgnl%26os_ver%3D6.1%26os%3DWindows%2B7%2BProfessional&p={searchTerms}
SearchScopes: HKLM -> {26080cad-4adc-49ac-8c63-eda16e595cbd} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSSE
SearchScopes: HKLM -> {2f23ab71-4ac6-41f2-a955-ea576e553146} URL = hxxps://fr.search.yahoo.com/yhs/search?hspart=elm&hsimp=yhs-001&type=hdr_s_16_23_orgnl¶m1=1¶m2=f%3D4%26b%3DIE%26cc%3Dfr%26pa%3DHodor%26cd%3D2XzuyEtN2Y1L1Qzu0FtD0D0E0FtCyEtA0D0AtC0FzyyByDtBtN0D0Tzu0StCyCtBtDtN1L2XzutAtFtBtCtFtCtFtDtN1L1Czu1M1Q1CtByEtFtCtFtDtN1L1G1B1V1N2Y1L1Qzu2SyC0EyB0F0BtC0FzztGtAtCzy0AtG0C0E0EyDtGtA0AtB0AtGyC0B0ByDtCtDtD0D0FtBzz0E2QtN1M1F1B2Z1V1N2Y1L1Qzu2S0Czyzy0F0Fzy0CtBtGzzyBzytAtGyEtDyByDtG0BzzzytDtG0E0DyCyE0D0F0AzytBzytByE2QtN0A0LzuyE%26cr%3D1501778171%26a%3Dhdr_s_16_23_orgnl%26os_ver%3D6.1%26os%3DWindows%2B7%2BProfessional&p={searchTerms}
SearchScopes: HKLM-x32 -> DefaultScope la valeur est absente
SearchScopes: HKLM-x32 -> {26080cad-4adc-49ac-8c63-eda16e595cbd} URL = hxxp://www.bing.com/search?FORM=INCOH2&PC=IC05&PTAG=ICO-ff96c91f&q={searchTerms}
SearchScopes: HKU\S-1-5-21-2680659666-2315148178-4308562-1000 -> DefaultScope {2f23ab71-4ac6-41f2-a955-ea576e553146} URL = hxxp://www.bing.com/search?FORM=INCOH2&PC=IC05&PTAG=ICO-ff96c91f&q={searchTerms}
SearchScopes: HKU\S-1-5-21-2680659666-2315148178-4308562-1000 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxps://fr.search.yahoo.com/yhs/search?hspart=iry&hsimp=yhs-fullyhosted_003&type=wncy_ir_15_43¶m1=1¶m2=f%3D4%26b%3DIE%26cc%3Dfr%26pa%3DWincy%26cd%3D2XzuyEtN2Y1L1Qzu0FtD0D0E0FtCyEtA0D0AtC0FzyyByDtBtN0D0Tzu0StCtAzytBtN1L2XzutAtFtCyEtFtDtFtBtN1L1Czu1StN1L1G1B1V1N2Y1L1Qzu2StCzy0DtCtA0D0F0EtGtCtDtC0EtGyCzz0C0BtGtD0BtD0AtG0CyC0F0ByD0D0A0F0DtB0E0B2QtN1M1F1B2Z1V1N2Y1L1Qzu2S0Czyzy0F0Fzy0CtBtGzzyBzytAtGyEtDyByDtG0BzzzytDtG0E0DyCyE0D0F0AzytBzytByE2QtN0A0LzuyEtN1B2Z1V1T1S1NzutCtCtByC%26cr%3D1067871690%26a%3Dwncy_ir_15_43%26os%3DWindows%2B7%2BProfessional&p={searchTerms}
SearchScopes: HKU\S-1-5-21-2680659666-2315148178-4308562-1000 -> {26080cad-4adc-49ac-8c63-eda16e595cbd} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSSE
SearchScopes: HKU\S-1-5-21-2680659666-2315148178-4308562-1000 -> {2f23ab71-4ac6-41f2-a955-ea576e553146} URL = hxxp://www.bing.com/search?FORM=INCOH2&PC=IC05&PTAG=ICO-ff96c91f&q={searchTerms}
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2016-09-18] (Microsoft Corporation)
BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2016-04-27] (Google Inc.)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\URLREDIR.DLL [2016-09-18] (Microsoft Corporation)
BHO: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\GROOVEEX.DLL [2016-09-18] (Microsoft Corporation)
BHO-x32: PDF Architect Helper -> {3A2D5EBA-F86D-4BD3-A177-019765996711} -> C:\Program Files (x86)\PDF Architect\PDFIEHelper.dll [2012-11-22] (pdfforge GbR)
BHO-x32: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2016-04-27] (Google Inc.)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\root\Office16\URLREDIR.DLL [2016-09-18] (Microsoft Corporation)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2016-04-27] (Google Inc.)
Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2016-04-27] (Google Inc.)
DPF: HKLM-x32 {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxps://fpdownload.macromedia.com/get/shockwave/cabs/flash/swflash.cab
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2016-09-18] (Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2016-09-18] (Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2016-09-18] (Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2016-09-18] (Microsoft Corporation)
StartMenuInternet: IEXPLORE.EXE - iexplore.exe

FireFox:
========
FF DefaultProfile: th6qdmn5.default-1412854130456
FF ProfilePath: C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\th6qdmn5.default-1412854130456 [2018-09-12]
FF Homepage: Mozilla\Firefox\Profiles\th6qdmn5.default-1412854130456 -> hxxp://www.bing.com/search?FORM=INCOH1&PC=IC04&PTAG=ICO-ff96c91f
FF NewTab: Mozilla\Firefox\Profiles\th6qdmn5.default-1412854130456 -> about:newtab
FF NewTabOverride: Mozilla\Firefox\Profiles\th6qdmn5.default-1412854130456 -> Enabled: jid1-16aeif9OQIRKxA@jetpack
FF Extension: (Recherche et nouvel onglet de Yahoo) - C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\th6qdmn5.default-1412854130456\Extensions\jid1-16aeif9OQIRKxA@jetpack.xpi [2018-08-04]
FF Extension: (Firefox Monitor) - C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\th6qdmn5.default-1412854130456\features\{323ab76a-6769-4d1a-8aaa-01e3d114d966}\fxmonitor@mozilla.org.xpi [2018-09-10]
FF SearchPlugin: C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\th6qdmn5.default-1412854130456\searchplugins\bing search engine.xml [2018-08-26]
FF SearchPlugin: C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\th6qdmn5.default-1412854130456\searchplugins\search-provided-by-yahoo.xml [2015-11-29]
FF Extension: (Recherche et nouvel onglet de Yahoo) - C:\Program Files (x86)\Mozilla Firefox\distribution\extensions\jid1-16aeif9OQIRKxA@jetpack.xpi [2017-11-29]
FF HKLM-x32\...\Firefox\Extensions: [FFPDFArchitectConverter@pdfarchitect.com] - C:\Program Files (x86)\PDF Architect\FFPDFArchitectExt
FF Extension: (PDF Architect Converter For Firefox) - C:\Program Files (x86)\PDF Architect\FFPDFArchitectExt [2012-12-24] [Legacy] [non signé]
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_30_0_0_154.dll [2018-08-26] ()
FF Plugin: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\npPDFXCviewNPPlugin.dll [2015-09-08] (Tracker Software Products (Canada) Ltd.)
FF Plugin: @microsoft.com/GENUINE -> disabled [Pas de fichier]
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.41212.0\npctrl.dll [2015-12-12] ( Microsoft Corporation)
FF Plugin: @tracker-software.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\npPDFXCviewNPPlugin.dll [2015-09-08] (Tracker Software Products (Canada) Ltd.)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_30_0_0_154.dll [2018-08-26] ()
FF Plugin-x32: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll [2015-09-08] (Tracker Software Products (Canada) Ltd.)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [Pas de fichier]
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.41212.0\npctrl.dll [2015-12-12] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2016-09-18] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.17\npGoogleUpdate3.dll [2018-05-23] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.17\npGoogleUpdate3.dll [2018-05-23] (Google Inc.)
FF Plugin-x32: @tracker-software.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll [2015-09-08] (Tracker Software Products (Canada) Ltd.)
FF Plugin-x32: @videolan.org/vlc,version=2.0.8 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2014-07-23] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.2 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2014-07-23] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2014-07-23] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2014-07-23] (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2018-08-02] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-2680659666-2315148178-4308562-1000: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll [2015-09-08] (Tracker Software Products (Canada) Ltd.)

Chrome:
=======
CHR HomePage: Default -> hxxp://www.google.com/
CHR StartupUrls: Default -> "hxxp://www.google.com/"
CHR Profile: C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default [2018-09-02]
CHR Extension: (Docs) - C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2018-03-06]
CHR Extension: (Google Drive) - C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2017-08-27]
CHR Extension: (YouTube) - C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2017-08-27]
CHR Extension: (uTab) - C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\bpmmandcadflhnnaiclipadomfmdbjbp [2018-02-02]
CHR Extension: (Adobe Acrobat) - C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2018-02-02]
CHR Extension: (Google Docs hors connexion) - C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2018-08-26]
CHR Extension: (Paiements via le Chrome Web Store) - C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-05-23]
CHR Extension: (Chrome Media Router) - C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2018-08-26]
CHR HKLM\...\Chrome\Extension: [bpmmandcadflhnnaiclipadomfmdbjbp] - hxxps://clients2.google.com/service/update2/crx
CHR HKU\S-1-5-21-2680659666-2315148178-4308562-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [bpmmandcadflhnnaiclipadomfmdbjbp] - hxxps://clients2.google.com/service/update2/crx
CHR HKU\S-1-5-21-2680659666-2315148178-4308562-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [bpmmandcadflhnnaiclipadomfmdbjbp] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [ihifdepjpbabohbabchnmpkgnleagkhj] - C:\ProgramData\SaveByclick\ihifdepjpbabohbabchnmpkgnleagkhj.crx <non trouvé(e)>

==================== Services (Avec liste blanche) ====================

(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)

R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [2980032 2016-09-05] (Microsoft Corporation)
S2 dbupdate; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2016-07-13] (Dropbox, Inc.)
S3 dbupdatem; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2016-07-13] (Dropbox, Inc.)
R2 DbxSvc; C:\Windows\system32\DbxSvc.exe [51024 2018-08-28] (Dropbox, Inc.)
R2 EpsonScanSvc; C:\Windows\system32\EscSvc64.exe [145224 2017-03-10] (Seiko Epson Corporation)
R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [15720 2013-11-21] (Intel Corporation)
R2 MsMpSvc; c:\Program Files\Microsoft Security Client\MsMpEng.exe [23808 2016-01-29] (Microsoft Corporation)
R2 MyEpson Portal Service; C:\Program Files (x86)\EPSON\MyEpson Portal\mepService.exe [703984 2014-09-22] (SEIKO EPSON CORPORATION)
R3 NisSrv; c:\Program Files\Microsoft Security Client\NisSrv.exe [374344 2016-01-29] (Microsoft Corporation)
S4 PDF Architect Helper Service; C:\Program Files (x86)\PDF Architect\HelperService.exe [1522312 2012-11-22] (pdfforge GbR)
S4 PDF Architect Service; C:\Program Files (x86)\PDF Architect\ConversionService.exe [905864 2012-11-22] (pdfforge GbR)
R2 QDLService2kLenovo; C:\Program Files (x86)\QUALCOMM\QDLService2k\QDLService2kLenovo.exe [1688384 2011-05-23] (QUALCOMM, Inc.)
R2 SamsungRapidSvc; C:\Windows\System32\RAPID\SamsungRapidSvc.exe [29080 2016-11-18] (Samsung Electronics Co., Ltd.)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
S3 WsAppService; C:\Program Files (x86)\Wondershare\WAF\WsAppService.exe [252816 2015-04-30] (Wondershare)

===================== Pilotes (Avec liste blanche) ======================

(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)

R1 HBtnKey; C:\Windows\System32\DRIVERS\wstbtndb.sys [17064 2010-06-28] (Lenovo)
R0 iaStorF; C:\Windows\System32\DRIVERS\iaStorF.sys [28008 2013-11-21] (Intel Corporation)
S3 LenovoRd; C:\Windows\System32\Drivers\LenovoRd.sys [118016 2009-05-11] (Lenovo)
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [289120 2015-11-13] (Microsoft Corporation)
R3 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [133816 2015-11-13] (Microsoft Corporation)
S3 pfc; C:\Windows\SysWOW64\drivers\pfc.sys [21248 2003-09-19] (Padus, Inc.) [Fichier non signé]
R3 qcfilterlno2k; C:\Windows\System32\DRIVERS\qcfilterlno2k.sys [6400 2011-05-23] (QUALCOMM Incorporated)
R3 qcusbnetlno2k; C:\Windows\System32\DRIVERS\qcusbnetlno2k.sys [444416 2011-05-23] (QUALCOMM Incorporated)
R3 qcusbserlno2k; C:\Windows\System32\DRIVERS\qcusbserlno2k.sys [231040 2011-05-23] (QUALCOMM Incorporated)
R0 SamsungRapidDiskFltr; C:\Windows\System32\DRIVERS\SamsungRapidDiskFltr.sys [272792 2016-11-18] (Samsung Electronics Co., Ltd.)
R0 SamsungRapidFSFltr; C:\Windows\System32\DRIVERS\SamsungRapidFSFltr.sys [111512 2016-11-18] (Samsung Electronics Co., Ltd.)
S3 ApfiltrService; system32\DRIVERS\Apfiltr.sys [X]
S3 BCM42RLY; system32\drivers\BCM42RLY.sys [X]
S3 dbx; system32\DRIVERS\dbx.sys [X]
S1 lvfvenph; \??\C:\Windows\system32\drivers\lvfvenph.sys [X]

==================== NetSvcs (Avec liste blanche) ===================

(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)


==================== Un mois - Créés - fichiers et dossiers ========

(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)

2018-09-12 13:05 - 2018-09-12 13:06 - 000023377 _____ C:\Users\admin\Desktop\FRST.txt
2018-09-12 13:05 - 2018-09-12 13:05 - 000000000 ____D C:\FRST
2018-09-12 13:03 - 2018-09-12 13:03 - 002413568 _____ (Farbar) C:\Users\admin\Desktop\FRST64.exe
2018-09-12 12:52 - 2018-09-12 12:52 - 000000000 ___HD C:\OneDriveTemp
2018-09-09 09:25 - 2018-09-09 09:25 - 003590144 _____ C:\Users\admin\Downloads\EpsonConnect140.exe
2018-09-09 09:00 - 2018-09-09 09:00 - 000000913 _____ C:\Windows\Tasks\ Update {3085F470-982E-46BF-9C3F-B7D7B2E6E430}.job
2018-09-09 09:00 - 2018-09-09 09:00 - 000000000 ____D C:\Program Files\Common Files\EPSON
2018-09-09 08:54 - 2018-09-09 09:14 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EPSON Software
2018-09-09 08:54 - 2018-09-09 09:14 - 000000000 ____D C:\Program Files (x86)\EPSON Software
2018-09-09 08:54 - 2018-09-09 08:54 - 000000123 _____ C:\Users\Public\Desktop\Epson Connect Site.url
2018-09-09 08:54 - 2018-09-09 08:54 - 000000000 ____D C:\Program Files\EpsonNet
2018-09-09 08:52 - 2017-03-10 16:02 - 000147472 _____ (TWAIN Working Group) C:\Windows\SysWOW64\twaindsm.dll
2018-09-09 08:52 - 2017-03-10 16:02 - 000145224 _____ (Seiko Epson Corporation) C:\Windows\system32\escsvc64.exe
2018-09-09 08:51 - 2016-12-21 04:12 - 000183296 _____ (SEIKO EPSON CORPORATION) C:\Windows\system32\E_YLMBSLE.DLL
2018-09-09 08:51 - 2011-03-15 03:03 - 000083968 _____ (SEIKO EPSON CORPORATION) C:\Windows\system32\E_YD4BSLE.DLL
2018-09-09 08:50 - 2018-09-09 09:13 - 000000000 ____D C:\ProgramData\Epson
2018-09-08 13:16 - 2018-09-08 13:16 - 000001789 _____ C:\Users\admin\Desktop\WINWORD - Raccourci.lnk
2018-09-08 09:18 - 2018-09-08 09:18 - 000001953 _____ C:\Users\Matty EVALUATIONS\Desktop\EVALUATIONS - Raccourci.lnk
2018-09-08 09:14 - 2018-09-08 09:14 - 000001537 _____ C:\Users\admin\Desktop\EVALUATIONS - Raccourci.lnk
2018-09-08 09:12 - 2018-09-08 09:31 - 000000000 ____D C:\Users\Matty EVALUATIONS\Documents\EVALUATIONS
2018-09-08 08:56 - 2018-09-08 08:56 - 000000000 ____D C:\Users\Matty EVALUATIONS\Documents\Modèles Office personnalisés
2018-09-08 08:39 - 2018-09-08 08:39 - 000000000 ____D C:\Users\Matty EVALUATIONS\AppData\Roaming\APP_NAME_NON_STRING
2018-09-08 08:37 - 2018-09-08 08:37 - 000000000 ____D C:\Users\Matty EVALUATIONS\AppData\Roaming\Intel Corporation
2018-09-08 08:36 - 2018-09-08 08:36 - 000126680 _____ C:\Users\Matty EVALUATIONS\AppData\Local\GDIPFONTCACHEV1.DAT
2018-09-08 08:36 - 2018-09-08 08:36 - 000000000 ____D C:\Users\Matty EVALUATIONS\AppData\Roaming\PFU
2018-09-08 08:36 - 2018-09-08 08:36 - 000000000 ____D C:\Users\Matty EVALUATIONS\AppData\Local\Dropbox
2018-09-08 08:35 - 2018-09-08 08:35 - 000001425 _____ C:\Users\Matty EVALUATIONS\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2018-09-08 08:35 - 2018-09-08 08:35 - 000000020 ___SH C:\Users\Matty EVALUATIONS\ntuser.ini
2018-09-08 08:35 - 2018-09-08 08:35 - 000000000 _SHDL C:\Users\Matty EVALUATIONS\Voisinage réseau
2018-09-08 08:35 - 2018-09-08 08:35 - 000000000 _SHDL C:\Users\Matty EVALUATIONS\Voisinage d'impression
2018-09-08 08:35 - 2018-09-08 08:35 - 000000000 _SHDL C:\Users\Matty EVALUATIONS\Modèles
2018-09-08 08:35 - 2018-09-08 08:35 - 000000000 _SHDL C:\Users\Matty EVALUATIONS\Mes documents
2018-09-08 08:35 - 2018-09-08 08:35 - 000000000 _SHDL C:\Users\Matty EVALUATIONS\Menu Démarrer
2018-09-08 08:35 - 2018-09-08 08:35 - 000000000 _SHDL C:\Users\Matty EVALUATIONS\Documents\Mes vidéos
2018-09-08 08:35 - 2018-09-08 08:35 - 000000000 _SHDL C:\Users\Matty EVALUATIONS\Documents\Mes images
2018-09-08 08:35 - 2018-09-08 08:35 - 000000000 _SHDL C:\Users\Matty EVALUATIONS\Documents\Ma musique
2018-09-08 08:35 - 2018-09-08 08:35 - 000000000 _SHDL C:\Users\Matty EVALUATIONS\AppData\Roaming\Microsoft\Windows\Start Menu\Programmes
2018-09-08 08:35 - 2018-09-08 08:35 - 000000000 _SHDL C:\Users\Matty EVALUATIONS\AppData\Local\Historique
2018-09-08 08:35 - 2018-09-08 08:35 - 000000000 ____D C:\Users\Matty EVALUATIONS\AppData\Roaming\Adobe
2018-09-08 08:35 - 2018-09-08 08:35 - 000000000 ____D C:\Users\Matty EVALUATIONS\AppData\Local\VirtualStore
2018-09-08 08:35 - 2018-09-08 08:35 - 000000000 ____D C:\Users\Matty EVALUATIONS
2018-09-08 08:35 - 2015-10-03 18:44 - 000002140 _____ C:\Users\Matty EVALUATIONS\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft OneDrive.lnk
2018-09-08 08:35 - 2011-04-12 11:28 - 000000000 ____D C:\Users\Matty EVALUATIONS\AppData\Roaming\Media Center Programs
2018-09-08 06:56 - 2018-09-08 07:11 - 000000159 _____ C:\Users\admin\Desktop\COLLEGE CONDORCET - PRONOTE - Espace Élèves.URL
2018-09-07 17:09 - 2018-09-08 07:18 - 000000000 ____D C:\Users\admin\Desktop\Cours de 6ème
2018-09-07 07:17 - 2018-09-08 09:00 - 000000000 ____D C:\Users\admin\Documents\loisir
2018-09-06 19:41 - 2018-09-11 18:51 - 000000000 ____D C:\Users\admin\Desktop\documents scannés
2018-09-02 19:46 - 2018-09-02 19:46 - 000493472 _____ C:\Windows\system32\FNTCACHE.DAT
2018-09-02 19:46 - 2018-09-02 19:46 - 000126680 _____ C:\Users\admin\AppData\Local\GDIPFONTCACHEV1.DAT
2018-09-02 17:08 - 2018-09-02 17:09 - 000010958 _____ C:\Users\admin\Downloads\Anglais 6ème.zip
2018-09-01 11:42 - 2018-09-01 11:42 - 000451975 _____ C:\Users\admin\Downloads\Agenda 2018-2019 Zone A(1).zip
2018-09-01 11:41 - 2018-09-01 11:41 - 000451975 _____ C:\Users\admin\Downloads\Agenda 2018-2019 Zone A.zip
2018-09-01 11:31 - 2018-09-01 11:31 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox
2018-08-28 13:53 - 2018-08-28 13:53 - 000051024 _____ (Dropbox, Inc.) C:\Windows\system32\DbxSvc.exe
2018-08-28 13:53 - 2018-08-28 13:53 - 000050232 _____ (Dropbox, Inc.) C:\Windows\system32\Drivers\dbx-dev.sys
2018-08-28 13:53 - 2018-08-28 13:53 - 000050232 _____ (Dropbox, Inc.) C:\Windows\system32\Drivers\dbx-canary.sys
2018-08-28 13:53 - 2018-08-28 13:53 - 000045640 _____ (Dropbox, Inc.) C:\Windows\system32\Drivers\dbx-stable.sys
2018-08-26 16:14 - 2018-08-26 16:17 - 000000000 ____D C:\Users\admin\AppData\Local\Mobebas
2018-08-26 16:14 - 2018-08-26 16:14 - 000000000 ____D C:\Users\admin\AppData\Local\{695A5F06-4DF2-33BE-206A-16560402EACE}

==================== Un mois - Modifiés - fichiers et dossiers ========

(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)

2018-09-12 13:04 - 2018-08-04 18:59 - 000000000 ____D C:\Users\admin\AppData\LocalLow\Mozilla
2018-09-12 13:00 - 2009-07-14 06:45 - 000099104 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2018-09-12 13:00 - 2009-07-14 06:45 - 000099104 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2018-09-12 12:59 - 2011-04-12 11:16 - 002026020 _____ C:\Windows\system32\perfh00C.dat
2018-09-12 12:59 - 2011-04-12 11:16 - 000580746 _____ C:\Windows\system32\perfc00C.dat
2018-09-12 12:59 - 2009-07-14 07:13 - 000006482 _____ C:\Windows\system32\PerfStringBackup.INI
2018-09-12 12:52 - 2016-07-13 11:41 - 000001180 _____ C:\Windows\Tasks\DropboxUpdateTaskMachineCore.job
2018-09-12 12:52 - 2015-10-03 18:44 - 000000000 ___RD C:\Users\admin\OneDrive
2018-09-12 12:52 - 2009-07-14 07:08 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2018-09-12 11:12 - 2016-07-13 11:41 - 000001184 _____ C:\Windows\Tasks\DropboxUpdateTaskMachineUA.job
2018-09-12 11:05 - 2016-09-18 09:50 - 000000270 _____ C:\Windows\Tasks\{1C08A27E-0FD0-F04F-76EB-16882B244817}.job
2018-09-10 23:05 - 2016-11-27 12:29 - 000000000 ____D C:\Users\admin\Desktop\applications diverses
2018-09-10 23:04 - 2017-08-27 21:00 - 000000000 ____D C:\Users\admin\Desktop\outils géométrie
2018-09-09 09:50 - 2015-10-23 17:31 - 000089088 ___SH C:\Users\admin\Documents\Thumbs.db
2018-09-09 09:47 - 2016-02-13 12:53 - 000000000 ____D C:\Users\admin\AppData\Roaming\EPSON
2018-09-09 09:14 - 2012-12-24 12:50 - 000000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2018-09-09 09:13 - 2016-02-13 12:27 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EPSON
2018-09-09 09:13 - 2016-02-13 12:26 - 000000000 ____D C:\Program Files (x86)\epson
2018-09-09 08:52 - 2009-07-14 05:20 - 000000000 ____D C:\Windows\inf
2018-09-08 10:45 - 2012-12-24 12:24 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2018-09-08 07:09 - 2012-12-24 12:24 - 000000000 ____D C:\Program Files (x86)\Mozilla Firefox
2018-09-07 06:59 - 2015-10-16 19:13 - 000000000 ____D C:\Users\admin\Documents\logiciel scanner
2018-09-07 06:55 - 2015-10-14 07:17 - 000000000 ____D C:\Users\admin\Documents\matty loisir
2018-09-06 19:59 - 2015-10-07 13:08 - 000004476 _____ C:\Windows\System32\Tasks\Adobe Acrobat Update Task
2018-09-06 19:58 - 2018-05-26 14:36 - 000002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2018-09-06 19:49 - 2017-08-27 14:51 - 000003172 _____ C:\Windows\System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-2680659666-2315148178-4308562-1000
2018-09-06 19:49 - 2015-10-03 18:44 - 000002196 _____ C:\Users\admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft OneDrive.lnk
2018-09-06 18:13 - 2015-10-25 19:20 - 000000757 _____ C:\Users\admin\AppData\Roaming\WB.CFG
2018-09-02 19:52 - 2015-10-03 09:16 - 000000000 ____D C:\Users\admin\Documents\Matty Devoirs
2018-09-02 15:24 - 2012-12-24 13:57 - 000000000 ____D C:\Program Files (x86)\Mozilla Thunderbird
2018-09-01 11:31 - 2016-07-13 11:41 - 000000000 ____D C:\Program Files (x86)\Dropbox
2018-08-26 16:15 - 2012-12-24 11:52 - 000001042 _____ C:\Users\admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2018-08-26 16:11 - 2018-03-17 14:16 - 000004634 _____ C:\Windows\System32\Tasks\Adobe Flash Player NPAPI Notifier
2018-08-26 16:11 - 2012-12-24 15:42 - 000842240 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2018-08-26 16:11 - 2012-12-24 15:42 - 000175104 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2018-08-26 16:11 - 2012-12-24 15:42 - 000004484 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2018-08-26 16:11 - 2012-12-24 15:20 - 000000000 ____D C:\Windows\system32\Macromed
2018-08-26 16:11 - 2012-12-24 14:42 - 000000000 ____D C:\Windows\SysWOW64\Macromed
2018-08-26 16:02 - 2016-07-13 11:41 - 000004180 _____ C:\Windows\System32\Tasks\DropboxUpdateTaskMachineUA
2018-08-26 16:02 - 2016-07-13 11:41 - 000003928 _____ C:\Windows\System32\Tasks\DropboxUpdateTaskMachineCore

==================== Fichiers à la racine de certains dossiers =======

2015-10-25 19:20 - 2018-09-06 18:13 - 000000757 _____ () C:\Users\admin\AppData\Roaming\WB.CFG
2017-12-17 09:47 - 2017-12-17 09:47 - 000000068 _____ () C:\Users\admin\AppData\Local\8wne5tkb2q
2016-11-10 10:17 - 2016-11-10 10:17 - 000000000 _____ () C:\Users\admin\AppData\Local\{04C87E80-62B4-4722-9462-D65BC8E1B280}
2016-10-18 15:33 - 2016-10-18 15:33 - 000000000 _____ () C:\Users\admin\AppData\Local\{1AA39199-6391-4E0F-A3A2-BB3000B134EE}
2017-10-18 09:18 - 2017-10-18 09:18 - 000000000 _____ () C:\Users\admin\AppData\Local\{637F9E6F-2706-4AA8-83A7-BCD5A604BC8D}
2018-06-08 08:56 - 2018-06-08 08:56 - 000000000 _____ () C:\Users\admin\AppData\Local\{682CE9F7-D6E8-4642-A883-9F0879E9590E}
2017-10-16 08:42 - 2017-10-16 08:42 - 000000000 _____ () C:\Users\admin\AppData\Local\{7048F3DE-F45F-4B21-9BD3-A3294FFFF813}
2018-05-29 12:05 - 2018-05-29 12:07 - 000000000 _____ () C:\Users\admin\AppData\Local\{7AF5295B-FAFF-4E8B-B145-F6BF1C6AFB67}
2018-01-15 08:56 - 2018-01-15 08:56 - 000000000 _____ () C:\Users\admin\AppData\Local\{86078E6B-94EA-4871-910F-040D6E178A08}
2017-02-01 20:38 - 2017-02-01 20:38 - 000000000 _____ () C:\Users\admin\AppData\Local\{9323F827-6BAB-442F-B1F6-0A97E8A22E1B}
2017-10-17 08:40 - 2017-10-17 08:40 - 000000000 _____ () C:\Users\admin\AppData\Local\{BFCE91AA-1BA3-4358-9A03-8F1395455D2E}
2017-10-17 10:07 - 2017-10-17 10:07 - 000000000 _____ () C:\Users\admin\AppData\Local\{C21D5B3D-C033-451E-BDBA-8397B1181F34}
2018-06-07 08:56 - 2018-06-07 08:56 - 000000000 _____ () C:\Users\admin\AppData\Local\{D4EA4E3D-19C8-479F-9AA7-06469D34B292}
2016-10-18 15:32 - 2016-10-18 15:32 - 000000000 _____ () C:\Users\admin\AppData\Local\{FF4604C2-64BE-486F-A84B-77D1570D0953}

Fichiers à déplacer ou supprimer:
====================
C:\Windows\Tasks\{1C08A27E-0FD0-F04F-76EB-16882B244817}.job


==================== Bamital & volsnap ======================

(Il n'y a pas de correction automatique pour les fichiers qui ne satisfont pas à la vérification.)

C:\Windows\system32\winlogon.exe => Le fichier est signé numériquement
C:\Windows\system32\wininit.exe => Le fichier est signé numériquement
C:\Windows\SysWOW64\wininit.exe => Le fichier est signé numériquement
C:\Windows\explorer.exe => Le fichier est signé numériquement
C:\Windows\SysWOW64\explorer.exe => Le fichier est signé numériquement
C:\Windows\system32\svchost.exe => Le fichier est signé numériquement
C:\Windows\SysWOW64\svchost.exe => Le fichier est signé numériquement
C:\Windows\system32\services.exe => Le fichier est signé numériquement
C:\Windows\system32\User32.dll => Le fichier est signé numériquement
C:\Windows\SysWOW64\User32.dll => Le fichier est signé numériquement
C:\Windows\system32\userinit.exe => Le fichier est signé numériquement
C:\Windows\SysWOW64\userinit.exe => Le fichier est signé numériquement
C:\Windows\system32\rpcss.dll => Le fichier est signé numériquement
C:\Windows\system32\dnsapi.dll => Le fichier est signé numériquement
C:\Windows\SysWOW64\dnsapi.dll => Le fichier est signé numériquement
C:\Windows\system32\Drivers\volsnap.sys => Le fichier est signé numériquement

LastRegBack: 2018-08-26 17:39

==================== Fin de FRST.txt ============================