Résultats d'analyse de Farbar Recovery Scan Tool (FRST) (x64) Version: 17.03.2019
Exécuté par Bisous (administrateur) sur MONSTER-PC (11-04-2019 17:41:32)
Exécuté depuis C:\Users\Bisous\Desktop
Profils chargés: Bisous (Profils disponibles: Bisous)
Platform: Windows 7 Professional Service Pack 1 (X64) Langue: Français (France)
Internet Explorer Version 11 (Navigateur par défaut: FF)
Mode d'amorçage: Normal
Tutoriel pour Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processus (Avec liste blanche) =================

(Si un élément est inclus dans le fichier fixlist.txt, le processus sera arrêté. Le fichier ne sera pas déplacé.)

(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Windows\System32\nvwmi64.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Windows\System32\nvwmi64.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Adobe Systems, Incorporated -> Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(F.lux Software LLC -> f.lux Software LLC) C:\Users\Bisous\AppData\Local\FluxSoftware\Flux\flux.exe
(BlueStack Systems, Inc.) [Fichier non signé] C:\Program Files (x86)\BlueStacks\HD-Agent.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Dropbox, Inc -> Dropbox, Inc.) C:\Windows\System32\DbxSvc.exe
(Foxit Software Incorporated -> Foxit Software Inc.) C:\Program Files (x86)\Foxit Software\Foxit Reader\FoxitConnectedPDFService.exe
(Renesas Electronics Corporation -> Renesas Electronics Corporation) C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe
(Realsil Microelectronics Inc.) [Fichier non signé] C:\Program Files (x86)\Realtek\Realtek USB 2.0 Card Reader\RIconMan.exe
(Oracle America, Inc. -> Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Intel Corporation -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe
(NVIDIA Corporation -> Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\SysWOW64\perfhost.exe
(AVG Netherlands B.V. -> TuneUp Software) C:\Program Files (x86)\TuneUp Utilities 2014\TuneUpUtilitiesService64.exe
(Intel Corporation -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Symantec Corp -> Symantec Corporation) C:\Program Files (x86)\Symantec\VIP Access Client\VIPAppService.exe
(VMware, Inc. -> VMware, Inc.) C:\Windows\SysWOW64\vmnat.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Windows Live\Mesh\wlcrasvc.exe
(Microsoft Corporation -> Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Intel Corporation -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology enterprise\IAStorDataMgrSvc.exe
(Malwarebytes Corporation -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(Microsoft Corporation -> Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(VMware, Inc. -> VMware, Inc.) C:\Program Files (x86)\VMware\VMware Player\vmware-authd.exe
(NVIDIA Corporation -> ) C:\Program Files\NVIDIA Corporation\nview\nviewMain64.exe
(NVIDIA Corporation -> ) C:\Program Files\NVIDIA Corporation\nview\nviewMain.exe
(NVIDIA Corporation -> ) C:\Program Files\NVIDIA Corporation\nview\nviewMain64.exe
(AVG Netherlands B.V. -> TuneUp Software) C:\Program Files (x86)\TuneUp Utilities 2014\TuneUpUtilitiesApp64.exe
(VMware, Inc. -> VMware, Inc.) C:\Windows\SysWOW64\vmnetdhcp.exe
(VMware, Inc. -> VMware, Inc.) C:\Program Files (x86)\Common Files\VMware\USB\vmware-usbarbitrator64.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\aswidsagent.exe
(Malwarebytes Corporation -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(BlueStack Systems, Inc. -> BlueStack Systems, Inc.) C:\ProgramData\BlueStacks\Client\Bluestacks.exe
(BlueStack Systems, Inc.) [Fichier non signé] C:\Program Files (x86)\BlueStacks\HD-Player.exe
(Bluestack Systems, Inc. -> Bluestack System Inc. ) C:\Program Files (x86)\BlueStacks\BstkSVC.exe
(BlueStack Systems, Inc. -> BlueStack Systems, Inc.) C:\ProgramData\BlueStacks\Client\Bluestacks.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

==================== Registre (Avec liste blanche) ===========================

(Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé. Le fichier ne sera pas déplacé.)

HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [12503184 2012-06-11] (Realtek Semiconductor Corp -> Realtek Semiconductor)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [260488 2019-03-19] (AVAST Software s.r.o. -> AVAST Software)
HKLM-x32\...\Run: [IMSS] => C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PIconStartup.exe [112408 2011-09-22] (Intel Corporation -> Intel Corporation)
HKLM-x32\...\Run: [NUSB3MON] => C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe [115048 2011-09-16] (Renesas Electronics Corporation -> Renesas Electronics Corporation)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [601424 2018-12-16] (Oracle America, Inc. -> Oracle Corporation)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [260488 2019-03-19] (AVAST Software s.r.o. -> AVAST Software)
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKU\S-1-5-21-3802539016-2338054135-2437994298-1000\...\Run: [f.lux] => C:\Users\Bisous\AppData\Local\FluxSoftware\Flux\flux.exe [1376264 2019-03-27] (F.lux Software LLC -> f.lux Software LLC)
HKU\S-1-5-21-3802539016-2338054135-2437994298-1000\...\Run: [BlueStacks Agent] => C:\Program Files (x86)\Bluestacks\HD-Agent.exe [519168 2018-06-21] (BlueStack Systems, Inc.) [Fichier non signé]
HKU\S-1-5-21-3802539016-2338054135-2437994298-1000\...\MountPoints2: {3c280b92-0280-11e7-8083-005056c00008} - D:\Setup.exe
HKU\S-1-5-21-3802539016-2338054135-2437994298-1000\...\MountPoints2: {4ddbd4cd-6f05-11e8-87f6-005056c00008} - D:\HiSuiteDownLoader.exe
HKLM\Software\Microsoft\Active Setup\Installed Components: [{2D46B6DC-2207-486B-B523-A557E6D54B47}] -> C:\Windows\system32\cmd.exe /D /C start C:\Windows\system32\ie4uinit.exe -ClearIconCache
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\73.0.3683.103\Installer\chrmstp.exe [2019-04-09] (Google LLC -> Google Inc.)
HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{2D46B6DC-2207-486B-B523-A557E6D54B47}] -> C:\Windows\system32\cmd.exe /D /C start C:\Windows\system32\ie4uinit.exe -ClearIconCache
HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> "C:\Program Files (x86)\Google\Chrome\Application\58.0.3029.81\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level
HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{A6EADE66-0000-0000-484E-7E8A45000000}] -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Esl\AiodLite.dll [2018-09-20] (Adobe Systems, Incorporated -> Adobe Systems, Inc.)
HKLM\Software\...\Authentication\Credential Providers: [{F8A0B131-5F68-486c-8040-7E8FC3C85BB6}] -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDCREDPROV.DLL [2011-03-28] (Microsoft Corporation -> Microsoft Corp.)
IFEO: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2014\TUAutoReactivator64.exe"
IFEO\AcroRd32.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2014\TUAutoReactivator64.exe"
IFEO\adobe air application installer.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2014\TUAutoReactivator64.exe"
IFEO\andy.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2014\TUAutoReactivator64.exe"
IFEO\dropbox.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2014\TUAutoReactivator64.exe"
IFEO\dtagent.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2014\TUAutoReactivator64.exe"
IFEO\dtlauncher.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2014\TUAutoReactivator64.exe"
IFEO\express.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2014\TUAutoReactivator64.exe"
IFEO\gpg4win-uninstall.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2014\TUAutoReactivator64.exe"
IFEO\handyandy.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2014\TUAutoReactivator64.exe"
IFEO\kleopatra.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2014\TUAutoReactivator64.exe"
IFEO\privacyiconclient.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2014\TUAutoReactivator64.exe"
IFEO\spotify.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2014\TUAutoReactivator64.exe"
IFEO\vipuimanager.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2014\TUAutoReactivator64.exe"
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\HandyAndy.lnk [2015-11-17]
ShortcutTarget: HandyAndy.lnk -> C:\Program Files\Andy\HandyAndy.exe (Andy OS Inc -> )

==================== Internet (Avec liste blanche) ====================

(Si un élément est inclus dans le fichier fixlist.txt, s'il s'agit d'un élément du Registre, il sera supprimé ou restauré à la valeur par défaut.)

Tcpip\Parameters: [DhcpNameServer] 192.168.1.1 192.168.1.1
Tcpip\..\Interfaces\{488EF442-0C16-4E8D-862C-E37560FD4DBB}: [NameServer] 8.8.8.8,8.8.4.4,4.2.2.1,4.2.2.2,208.67.222.222,208.67.220.220,8.26.56.26,8.20.247.20,156.154.70.1,156.154.71.1
Tcpip\..\Interfaces\{4939886B-C523-42B4-AED9-9479FD5A5C8D}: [DhcpNameServer] 192.168.42.129
Tcpip\..\Interfaces\{546433B8-0741-442D-8680-B8B451CE5119}: [DhcpNameServer] 192.168.1.1 192.168.1.1
Tcpip\..\Interfaces\{7AA940D2-3D8B-4EA6-9BD9-9B5BF58E0888}: [NameServer] 8.8.8.8,8.8.4.4,4.2.2.1,4.2.2.2,208.67.222.222,208.67.220.220,8.26.56.26,8.20.247.20,156.154.70.1,156.154.71.1

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page =
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKU\S-1-5-21-3802539016-2338054135-2437994298-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.fr/
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_201\bin\ssv.dll [2019-01-21] (Oracle America, Inc. -> Oracle Corporation)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28] (Microsoft Corporation -> Microsoft Corp.)
BHO: Symantec VIP Access Add-On -> {C63CD127-A1CB-4D49-A4F7-D6F88A917BE6} -> C:\Program Files (x86)\Symantec\VIP Access Client\64bit\VIPAddOnForIE64.dll [2012-04-19] (Symantec Corp -> Symantec Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_201\bin\jp2ssv.dll [2019-01-21] (Oracle America, Inc. -> Oracle Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_201\bin\ssv.dll [2019-01-21] (Oracle America, Inc. -> Oracle Corporation)
BHO-x32: Programme d'aide de l'Assistant de connexion Windows Live ID -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28] (Microsoft Corporation -> Microsoft Corp.)
BHO-x32: Symantec VIP Access Add-On -> {C63CD127-A1CB-4D49-A4F7-D6F88A917BE6} -> C:\Program Files (x86)\Symantec\VIP Access Client\VIPAddOnForIE.dll [2012-04-19] (Symantec Corp -> Symantec Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_201\bin\jp2ssv.dll [2019-01-21] (Oracle America, Inc. -> Oracle Corporation)
IE Session Restore: HKU\S-1-5-21-3802539016-2338054135-2437994298-1000 -> est activé.

FireFox:
========
FF ProfilePath: C:\Users\Bisous\AppData\Roaming\Mozilla\Firefox\Profiles\nWpFUCAQ.default [2019-04-11]
FF user.js: detected! => C:\Users\Bisous\AppData\Roaming\Mozilla\Firefox\Profiles\nWpFUCAQ.default\user.js [2016-09-29]
FF Session Restore: Mozilla\Firefox\Profiles\nWpFUCAQ.default -> est activé.
FF Extension: (Facebook Container) - C:\Users\Bisous\AppData\Roaming\Mozilla\Firefox\Profiles\nWpFUCAQ.default\Extensions\@contain-facebook.xpi [2018-04-12]
FF Extension: (F.B Purity - Cleans up Facebook (WX)) - C:\Users\Bisous\AppData\Roaming\Mozilla\Firefox\Profiles\nWpFUCAQ.default\Extensions\fbpElectroWebExt@fbpurity.com.xpi [2017-10-20]
FF Extension: (Ghostery – Bloqueur de publicité protégeant la vie privée) - C:\Users\Bisous\AppData\Roaming\Mozilla\Firefox\Profiles\nWpFUCAQ.default\Extensions\firefox@ghostery.com.xpi [2019-02-11]
FF Extension: (FoxyProxy for Firefox) - C:\Users\Bisous\AppData\Roaming\Mozilla\Firefox\Profiles\nWpFUCAQ.default\Extensions\foxyproxy@eric.h.jung.xpi [2017-09-05]
FF Extension: (QuickMark) - C:\Users\Bisous\AppData\Roaming\Mozilla\Firefox\Profiles\nWpFUCAQ.default\Extensions\jid0-QT2VXewB9xzbRlyapSJjA4ebwoU@jetpack.xpi [2017-04-14] [Legacy]
FF Extension: (Lazarus: Form Recovery) - C:\Users\Bisous\AppData\Roaming\Mozilla\Firefox\Profiles\nWpFUCAQ.default\Extensions\lazarus@interclue.com.xpi [2016-04-28] [Legacy]
FF Extension: (Avast SafePrice | Comparaison, offres, coupons) - C:\Users\Bisous\AppData\Roaming\Mozilla\Firefox\Profiles\nWpFUCAQ.default\Extensions\sp@avast.com.xpi [2019-02-11]
FF Extension: (Textarea Cache) - C:\Users\Bisous\AppData\Roaming\Mozilla\Firefox\Profiles\nWpFUCAQ.default\Extensions\textarea-cache-lite@wildsky.cc.xpi [2019-03-02]
FF Extension: (TinEye Reverse Image Search) - C:\Users\Bisous\AppData\Roaming\Mozilla\Firefox\Profiles\nWpFUCAQ.default\Extensions\tineye@ideeinc.com.xpi [2018-10-05]
FF Extension: (uBlock Origin) - C:\Users\Bisous\AppData\Roaming\Mozilla\Firefox\Profiles\nWpFUCAQ.default\Extensions\uBlock0@raymondhill.net.xpi [2019-03-15]
FF Extension: (Avast Online Security) - C:\Users\Bisous\AppData\Roaming\Mozilla\Firefox\Profiles\nWpFUCAQ.default\Extensions\wrc@avast.com.xpi [2019-03-20]
FF Extension: (Screengrab!) - C:\Users\Bisous\AppData\Roaming\Mozilla\Firefox\Profiles\nWpFUCAQ.default\Extensions\{02450914-cdd9-410f-b1da-db004e18c671}.xpi [2018-10-14]
FF Extension: (All-in-One Sidebar) - C:\Users\Bisous\AppData\Roaming\Mozilla\Firefox\Profiles\nWpFUCAQ.default\Extensions\{097d3191-e6fa-4728-9826-b533d755359d}.xpi [2017-08-21] [Legacy]
FF Extension: (Resurrect Pages) - C:\Users\Bisous\AppData\Roaming\Mozilla\Firefox\Profiles\nWpFUCAQ.default\Extensions\{0c8fbd76-bdeb-4c52-9b24-d587ce7b9dc3}.xpi [2018-04-21]
FF Extension: (NoScript) - C:\Users\Bisous\AppData\Roaming\Mozilla\Firefox\Profiles\nWpFUCAQ.default\Extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi [2019-04-10]
FF Extension: (iMacros for Firefox) - C:\Users\Bisous\AppData\Roaming\Mozilla\Firefox\Profiles\nWpFUCAQ.default\Extensions\{81BF1D23-5F17-408D-AC6B-BD6DF7CAF670}.xpi [2018-08-09]
FF Extension: (ReminderFox) - C:\Users\Bisous\AppData\Roaming\Mozilla\Firefox\Profiles\nWpFUCAQ.default\Extensions\{ada4b710-8346-4b82-8199-5de2b400a6ae}.xpi [2017-06-26] [Legacy]
FF Extension: (Video DownloadHelper) - C:\Users\Bisous\AppData\Roaming\Mozilla\Firefox\Profiles\nWpFUCAQ.default\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}.xpi [2018-08-09]
FF Extension: (Adblock Plus - bloqueur de publicités gratuit) - C:\Users\Bisous\AppData\Roaming\Mozilla\Firefox\Profiles\nWpFUCAQ.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2019-04-04]
FF Extension: (BetterPrivacy) - C:\Users\Bisous\AppData\Roaming\Mozilla\Firefox\Profiles\nWpFUCAQ.default\Extensions\{d40f5e7b-d2cf-4856-b441-cc613eeffbe3}.xpi [2016-11-01] [Legacy]
FF Extension: (DownThemAll!) - C:\Users\Bisous\AppData\Roaming\Mozilla\Firefox\Profiles\nWpFUCAQ.default\Extensions\{DDC359D1-844A-42a7-9AA1-88A850A938A8}.xpi [2016-09-30] [Legacy]
FF Extension: (Greasemonkey) - C:\Users\Bisous\AppData\Roaming\Mozilla\Firefox\Profiles\nWpFUCAQ.default\Extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}.xpi [2018-03-18]
FF SearchPlugin: C:\Users\Bisous\AppData\Roaming\Mozilla\Firefox\Profiles\nWpFUCAQ.default\searchplugins\duckduckgo.xml [2014-08-20]
FF SearchPlugin: C:\Users\Bisous\AppData\Roaming\Mozilla\Firefox\Profiles\nWpFUCAQ.default\searchplugins\ixquick-https.xml [2015-10-15]
FF SearchPlugin: C:\Users\Bisous\AppData\Roaming\Mozilla\Firefox\Profiles\nWpFUCAQ.default\searchplugins\privatelee-https.xml [2015-10-15]
FF SearchPlugin: C:\Users\Bisous\AppData\Roaming\Mozilla\Firefox\Profiles\nWpFUCAQ.default\searchplugins\startpage-ssl.xml [2015-10-15]
FF HKLM-x32\...\Firefox\Extensions: [VIP5X@verisign.com] - C:\Program Files (x86)\Symantec\VIP Access Client
FF Extension: (Symantec VIP Access Add-On) - C:\Program Files (x86)\Symantec\VIP Access Client [2012-12-20] [Legacy] [non signé]
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_32_0_0_171.dll [2019-04-10] (Adobe Inc. -> )
FF Plugin: @java.com/DTPlugin,version=11.201.2 -> C:\Program Files\Java\jre1.8.0_201\bin\dtplugin\npDeployJava1.dll [2019-01-21] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.201.2 -> C:\Program Files\Java\jre1.8.0_201\bin\plugin2\npjp2.dll [2019-01-21] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE -> disabled [Pas de fichier]
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.50907.0\npctrl.dll [2017-05-03] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_32_0_0_171.dll [2019-04-10] (Adobe Inc. -> )
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2017-12-01] (Foxit Software Incorporated -> Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.fdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2017-12-01] (Foxit Software Incorporated -> Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xdp -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2017-12-01] (Foxit Software Incorporated -> Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xfdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2017-12-01] (Foxit Software Incorporated -> Foxit Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.201.2 -> C:\Program Files (x86)\Java\jre1.8.0_201\bin\dtplugin\npDeployJava1.dll [2019-01-21] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.201.2 -> C:\Program Files (x86)\Java\jre1.8.0_201\bin\plugin2\npjp2.dll [2019-01-21] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [Pas de fichier]
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.50907.0\npctrl.dll [2017-05-03] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-03-08] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3555.0308 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-03-08] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2017-08-14] (NVIDIA Corporation PE Sign v2016 -> NVIDIA Corporation) [Fichier non signé]
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2017-08-14] (NVIDIA Corporation PE Sign v2016 -> NVIDIA Corporation) [Fichier non signé]
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.34.7\npGoogleUpdate3.dll [2019-03-28] (Google Inc -> Google LLC)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.34.7\npGoogleUpdate3.dll [2019-03-28] (Google Inc -> Google LLC)
FF Plugin-x32: @videolan.org/vlc,version=2.1.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2019-01-10] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2019-01-10] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.4 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2019-01-10] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.6 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2019-01-10] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.8 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2019-01-10] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2019-01-10] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2019-01-10] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.4 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2019-01-10] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.6 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2019-01-10] (VideoLAN -> VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2019-03-25] (Adobe Inc. -> Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-3802539016-2338054135-2437994298-1000: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Bisous\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2015-08-28] (Unity Technologies SF -> Unity Technologies ApS)
FF Plugin HKU\S-1-5-21-3802539016-2338054135-2437994298-1000: intel.com/AppUp -> C:\Program Files (x86)\Intel\IntelAppStore\bin\npAppUp.dll [Pas de fichier]

Chrome:
=======
CHR DefaultProfile: Profile 1
CHR Session Restore: Profile 1 -> est activé.
CHR Profile: C:\Users\Bisous\AppData\Local\Google\Chrome\User Data\Default [2017-10-09]
CHR Extension: (Google Slides) - C:\Users\Bisous\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-02-12]
CHR Extension: (Google Docs) - C:\Users\Bisous\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-02-12]
CHR Extension: (Google Drive) - C:\Users\Bisous\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-02-12]
CHR Extension: (YouTube) - C:\Users\Bisous\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-02-12]
CHR Extension: (Recherche Google) - C:\Users\Bisous\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-01-26]
CHR Extension: (Google Sheets) - C:\Users\Bisous\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-02-12]
CHR Extension: (Protection Web Avira) - C:\Users\Bisous\AppData\Local\Google\Chrome\User Data\Default\Extensions\flliilndjeohchalpbbcdekjklbdgfkk [2015-03-10]
CHR Extension: (Chrome Hotword Shared Module) - C:\Users\Bisous\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-03-12]
CHR Extension: (Google Wallet) - C:\Users\Bisous\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-03-05]
CHR Extension: (Gmail) - C:\Users\Bisous\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-03-05]
CHR Profile: C:\Users\Bisous\AppData\Local\Google\Chrome\User Data\Profile 1 [2019-04-11]
CHR Extension: (Slides) - C:\Users\Bisous\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-10-13]
CHR Extension: (Docs) - C:\Users\Bisous\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aohghmighlieiainnegkcijnfilokake [2017-10-13]
CHR Extension: (Google Drive) - C:\Users\Bisous\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\apdfllckaahabafndbhieahigkjlhalf [2018-10-17]
CHR Extension: (YouTube) - C:\Users\Bisous\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-09-30]
CHR Extension: (Recherche Google) - C:\Users\Bisous\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-10-27]
CHR Extension: (Sheets) - C:\Users\Bisous\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-10-13]
CHR Extension: (Protection Web Avira) - C:\Users\Bisous\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\flliilndjeohchalpbbcdekjklbdgfkk [2019-03-19]
CHR Extension: (Google Docs hors connexion) - C:\Users\Bisous\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2018-08-20]
CHR Extension: (AdBlock) - C:\Users\Bisous\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2019-04-09]
CHR Extension: (Avast Online Security) - C:\Users\Bisous\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\gomekmidlodglbbmalcneegieacbdmki [2019-02-19]
CHR Extension: (WavesLiteApp) - C:\Users\Bisous\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\kfmcaklajknfekomaflnhkjjkcjabogm [2018-09-05]
CHR Extension: (Social Book Post Manager) - C:\Users\Bisous\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ljfidlkcmdmmibngdfikhffffdmphjae [2019-01-05]
CHR Extension: (Paiements via le Chrome Web Store) - C:\Users\Bisous\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-04-03]
CHR Extension: (Gmail) - C:\Users\Bisous\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-03-29]
CHR Extension: (Chrome Media Router) - C:\Users\Bisous\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2019-03-29]
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - hxxps://clients2.google.com/service/update2/crx

==================== Services (Avec liste blanche) ====================

(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)

R3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\aswidsagent.exe [6570352 2019-03-19] (AVAST Software s.r.o. -> AVAST Software)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [360440 2019-03-19] (AVAST Software s.r.o. -> AVAST Software)
S4 dbupdate; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2017-03-12] (Dropbox, Inc -> Dropbox, Inc.)
S4 dbupdatem; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2017-03-12] (Dropbox, Inc -> Dropbox, Inc.)
R2 DbxSvc; C:\Windows\system32\DbxSvc.exe [48944 2017-06-12] (Dropbox, Inc -> Dropbox, Inc.)
S4 DirMngr; C:\Program Files (x86)\GNU\GnuPG\dirmngr.exe [216576 2016-08-18] () [Fichier non signé]
S4 Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe [1471168 2017-02-06] (Disc Soft Ltd -> Disc Soft Ltd)
R2 FoxitReaderService; C:\Program Files (x86)\Foxit Software\Foxit Reader\FoxitConnectedPDFService.exe [1659456 2017-12-11] (Foxit Software Incorporated -> Foxit Software Inc.)
S4 Garmin Core Update Service; C:\Program Files (x86)\Garmin\Core Update Service\Garmin.Cartography.MapUpdate.CoreService.exe [517464 2015-01-28] (Garmin International, Inc. -> Garmin Ltd or its subsidiaries)
R2 IconMan_R; C:\Program Files (x86)\Realtek\Realtek USB 2.0 Card Reader\RIconMan.exe [2451456 2012-07-14] (Realsil Microelectronics Inc.) [Fichier non signé]
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [6562472 2019-02-01] (Malwarebytes Corporation -> Malwarebytes)
R2 NvContainerLocalSystem; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [773160 2018-10-10] (NVIDIA Corporation -> NVIDIA Corporation)
S3 NvContainerNetworkService; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [773160 2018-10-10] (NVIDIA Corporation -> NVIDIA Corporation)
R2 NVWMI; C:\Windows\system32\nvwmi64.exe [4165568 2017-08-14] (NVIDIA Corporation -> NVIDIA Corporation)
R2 TuneUp.UtilitiesSvc; C:\Program Files (x86)\TuneUp Utilities 2014\TuneUpUtilitiesService64.exe [2145080 2014-07-16] (AVG Netherlands B.V. -> TuneUp Software)
R2 VIPAppService; C:\Program Files (x86)\Symantec\VIP Access Client\VIPAppService.exe [84080 2012-04-19] (Symantec Corp -> Symantec Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Windows -> Microsoft Corporation)
R2 NVDisplay.ContainerLocalSystem; "C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe" -s NVDisplay.ContainerLocalSystem -f "C:\ProgramData\NVIDIA\NVDisplay.ContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\LocalSystem"
R2 NvTelemetryContainer; "C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe" -s NvTelemetryContainer -f "C:\ProgramData\NVIDIA\NvTelemetryContainer.log" -l 3 -d "C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\plugins" -r

===================== Pilotes (Avec liste blanche) ======================

(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)

R0 aswArDisk; C:\Windows\System32\drivers\aswArDisk.sys [37320 2019-03-19] (AVAST Software s.r.o. -> AVAST Software)
R1 aswArPot; C:\Windows\System32\drivers\aswArPot.sys [205608 2019-03-19] (AVAST Software s.r.o. -> AVAST Software)
R1 aswbidsdriver; C:\Windows\System32\drivers\aswbidsdriver.sys [254408 2019-03-19] (AVAST Software s.r.o. -> AVAST Software)
R0 aswbidsh; C:\Windows\System32\drivers\aswbidsh.sys [196304 2019-03-19] (AVAST Software s.r.o. -> AVAST Software)
R0 aswblog; C:\Windows\System32\drivers\aswblog.sys [320904 2019-03-19] (AVAST Software s.r.o. -> AVAST Software)
R0 aswbuniv; C:\Windows\System32\drivers\aswbuniv.sys [58168 2019-03-19] (AVAST Software s.r.o. -> AVAST Software)
R1 aswHdsKe; C:\Windows\System32\drivers\aswHdsKe.sys [249152 2019-03-19] (AVAST Software s.r.o. -> AVAST Software)
R1 aswKbd; C:\Windows\System32\drivers\aswKbd.sys [42496 2019-03-19] (AVAST Software s.r.o. -> AVAST Software)
R2 aswMonFlt; C:\Windows\System32\drivers\aswMonFlt.sys [169104 2019-03-19] (AVAST Software s.r.o. -> AVAST Software)
R1 aswRdr; C:\Windows\System32\drivers\aswRdr2.sys [112520 2019-03-19] (AVAST Software s.r.o. -> AVAST Software)
R0 aswRvrt; C:\Windows\System32\drivers\aswRvrt.sys [88152 2019-03-19] (AVAST Software s.r.o. -> AVAST Software)
R1 aswSnx; C:\Windows\System32\drivers\aswSnx.sys [1034640 2019-03-19] (AVAST Software s.r.o. -> AVAST Software)
R1 aswSP; C:\Windows\System32\drivers\aswSP.sys [476256 2019-03-19] (AVAST Software s.r.o. -> AVAST Software)
R2 aswStm; C:\Windows\System32\drivers\aswStm.sys [220632 2019-03-19] (AVAST Software s.r.o. -> AVAST Software)
R0 aswVmm; C:\Windows\System32\drivers\aswVmm.sys [380160 2019-03-19] (AVAST Software s.r.o. -> AVAST Software)
R3 BstkDrv; C:\Program Files (x86)\BlueStacks\BstkDrv.sys [269408 2018-06-21] (Bluestack Systems, Inc. -> Bluestack System Inc. )
R3 dtlitescsibus; C:\Windows\System32\DRIVERS\dtlitescsibus.sys [30264 2017-03-06] (Disc Soft Ltd -> Disc Soft Ltd)
R3 dtliteusbbus; C:\Windows\System32\DRIVERS\dtliteusbbus.sys [47672 2017-03-06] (Disc Soft Ltd -> Disc Soft Ltd)
R0 iaStorF; C:\Windows\System32\drivers\iaStorF.sys [26072 2012-10-19] (Intel Corporation -> Intel Corporation)
R0 iaStorS; C:\Windows\System32\drivers\iaStorS.sys [652760 2012-10-19] (Intel Corporation -> Intel Corporation)
R3 MBAMSwissArmy; C:\Windows\System32\Drivers\mbamswissarmy.sys [274416 2019-04-11] (Malwarebytes Corporation -> Malwarebytes)
R3 nusb3hub; C:\Windows\System32\DRIVERS\nusb3hub.sys [96768 2011-10-25] (Microsoft Windows Hardware Compatibility Publisher -> Renesas Electronics Corporation)
R3 nusb3xhc; C:\Windows\System32\DRIVERS\nusb3xhc.sys [213504 2011-10-25] (Microsoft Windows Hardware Compatibility Publisher -> Renesas Electronics Corporation)
S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [30792 2018-08-21] (NVIDIA Corporation -> NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [69544 2018-06-08] (NVIDIA Corporation -> NVIDIA Corporation)
R3 nvvhci; C:\Windows\System32\DRIVERS\nvvhci.sys [74576 2018-10-01] (NVIDIA Corporation -> NVIDIA Corporation)
R3 TuneUpUtilitiesDrv; C:\Program Files (x86)\TuneUp Utilities 2014\TuneUpUtilitiesDriver64.sys [14112 2014-06-23] (AVG Technologies CZ, s.r.o. -> TuneUp Software)
R0 vsock; C:\Windows\System32\drivers\vsock.sys [73296 2013-10-08] (VMware, Inc. -> VMware, Inc.)
S3 wdm_usb; C:\Windows\System32\DRIVERS\usb2ser.sys [159936 2016-08-16] (NGO -> MBB)
U1 aswbdisk; pas de ImagePath
S3 dbx; system32\DRIVERS\dbx.sys [X]
S3 esgiguard; \??\C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys [X]
S3 EsgScanner; system32\DRIVERS\EsgScanner.sys [X]

==================== NetSvcs (Avec liste blanche) ===================

(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)


==================== Un mois (créés) ========

(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)

2019-04-11 17:41 - 2019-04-11 17:43 - 000039152 _____ C:\Users\Bisous\Desktop\FRST.txt
2019-04-11 17:39 - 2019-04-11 17:40 - 000000000 ____D C:\Users\Bisous\Desktop\FRST
2019-04-11 13:49 - 2019-04-11 13:49 - 000274416 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamswissarmy.sys
2019-04-11 01:57 - 2019-04-11 17:41 - 000000000 ____D C:\FRST
2019-04-11 00:38 - 2019-04-11 00:39 - 002434048 _____ (Farbar) C:\Users\Bisous\Desktop\FRST64.exe
2019-04-10 00:40 - 2019-04-10 01:40 - 004234808 _____ (Adobe) C:\Windows\SysWOW64\FlashPlayerInstaller.exe
2019-04-05 02:50 - 2019-04-05 02:50 - 000180680 _____ C:\Users\Bisous\Downloads\Unidialog_1134259(1).pdf
2019-04-05 02:49 - 2019-04-05 02:49 - 000180680 _____ C:\Users\Bisous\Downloads\Unidialog_1134259.pdf
2019-03-21 06:24 - 2019-03-21 06:24 - 000005774 _____ C:\Users\Bisous\Desktop\Le bouseux - hétérophobie.txt
2019-03-19 15:11 - 2019-03-19 15:11 - 000002014 _____ C:\Users\Public\Desktop\Avast Antivirus Gratuit.lnk
2019-03-19 15:11 - 2019-03-19 15:11 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVAST Software
2019-03-19 15:07 - 2019-03-19 15:05 - 000362888 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2019-03-18 05:24 - 2019-03-18 05:24 - 000385517 _____ C:\Users\Bisous\Downloads\522107_---King-Dedede-Theme---.mp3.opdownload

==================== Un mois (modifiés) ========

(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)

2019-04-11 16:48 - 2009-07-14 06:45 - 000034432 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2019-04-11 16:48 - 2009-07-14 06:45 - 000034432 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2019-04-11 16:43 - 2019-01-21 14:37 - 000003310 _____ C:\Windows\System32\Tasks\{5D65CB51-8377-4F59-9695-CD7E2C9D74BB}
2019-04-11 16:43 - 2018-10-24 14:56 - 000003792 _____ C:\Windows\System32\Tasks\NvTmRepCR3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2019-04-11 16:43 - 2018-10-24 14:56 - 000003738 _____ C:\Windows\System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2019-04-11 16:43 - 2018-10-22 10:32 - 000003310 _____ C:\Windows\System32\Tasks\{C42BF22B-9EBA-4B4E-8581-712B0989B05C}
2019-04-11 16:43 - 2018-04-23 13:58 - 000003310 _____ C:\Windows\System32\Tasks\{4F7BEB08-0022-43FA-9F5B-94BB59C535A9}
2019-04-11 16:43 - 2018-01-17 11:48 - 000003240 _____ C:\Windows\System32\Tasks\{54545B06-2A13-4B60-AC96-41DFDF85B821}
2019-04-11 16:43 - 2017-06-24 16:12 - 000003438 _____ C:\Windows\System32\Tasks\nWizard_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2019-04-11 16:43 - 2017-03-06 23:59 - 000003004 _____ C:\Windows\System32\Tasks\{DA5BF53F-31FB-4190-9247-7B6BC4D9FAC8}
2019-04-11 16:43 - 2017-03-06 23:59 - 000003004 _____ C:\Windows\System32\Tasks\{CFB0BDAA-47C5-4A2C-9345-D8CE88A0A37C}
2019-04-11 16:43 - 2017-03-06 23:59 - 000003004 _____ C:\Windows\System32\Tasks\{3A4E6703-4A06-4116-8872-B7722EB2AF43}
2019-04-11 16:43 - 2016-11-28 01:47 - 000003040 _____ C:\Windows\System32\Tasks\{3048056B-9305-4987-A036-D88F93C81B6A}
2019-04-11 16:43 - 2016-11-28 01:47 - 000003040 _____ C:\Windows\System32\Tasks\{1EB341DC-2880-4DC3-A7B0-EAE87362330A}
2019-04-11 16:43 - 2015-03-04 18:31 - 000003344 _____ C:\Windows\System32\Tasks\{14500C39-E265-4F8B-9AA8-0EE92E22ED1D}
2019-04-11 16:43 - 2014-08-31 19:54 - 000002770 _____ C:\Windows\System32\Tasks\TuneUpUtilities_Task_BkGndMaintenance2013
2019-04-11 16:43 - 2014-08-20 16:05 - 000003876 _____ C:\Windows\System32\Tasks\Opera scheduled Autoupdate 1408543509
2019-04-11 16:42 - 2018-10-24 14:57 - 000004146 _____ C:\Windows\System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2019-04-11 16:42 - 2018-10-24 14:57 - 000003940 _____ C:\Windows\System32\Tasks\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2019-04-11 16:42 - 2018-10-24 14:57 - 000003798 _____ C:\Windows\System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2019-04-11 16:42 - 2018-10-24 14:57 - 000003790 _____ C:\Windows\System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2019-04-11 16:42 - 2018-10-24 14:56 - 000003792 _____ C:\Windows\System32\Tasks\NvTmRepCR2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2019-04-11 16:42 - 2018-10-24 14:56 - 000003792 _____ C:\Windows\System32\Tasks\NvTmRepCR1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2019-04-11 16:42 - 2018-10-24 14:56 - 000003738 _____ C:\Windows\System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2019-04-11 16:42 - 2018-10-24 14:56 - 000003730 _____ C:\Windows\System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2019-04-11 16:42 - 2018-10-24 14:56 - 000003494 _____ C:\Windows\System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2019-04-11 16:42 - 2018-06-15 10:29 - 000003870 _____ C:\Windows\System32\Tasks\BlueStacksHelper
2019-04-11 16:42 - 2018-03-14 15:40 - 000004640 _____ C:\Windows\System32\Tasks\Adobe Flash Player NPAPI Notifier
2019-04-11 16:42 - 2017-12-05 16:27 - 000004652 _____ C:\Windows\System32\Tasks\Adobe Flash Player PPAPI Notifier
2019-04-11 16:42 - 2015-07-22 13:01 - 000004476 _____ C:\Windows\System32\Tasks\Adobe Acrobat Update Task
2019-04-11 16:42 - 2015-01-26 16:07 - 000003500 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2019-04-11 16:42 - 2015-01-26 16:07 - 000003372 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2019-04-11 16:42 - 2014-10-27 02:14 - 000003704 _____ C:\Windows\System32\Tasks\Java Update Scheduler
2019-04-11 16:42 - 2014-08-20 12:11 - 000004484 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2019-04-11 14:02 - 2016-11-25 15:23 - 000002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2019-04-11 13:58 - 2012-12-20 07:07 - 000000000 ____D C:\ProgramData\NVIDIA
2019-04-11 13:48 - 2015-11-17 19:23 - 000000000 ____D C:\ProgramData\VMware
2019-04-11 13:47 - 2009-07-14 07:08 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2019-04-11 03:22 - 2016-11-18 15:43 - 000000000 ____D C:\Users\Bisous\AppData\LocalLow\Mozilla
2019-04-10 22:04 - 2016-11-17 21:55 - 000000000 ____D C:\Program Files (x86)\Mozilla Firefox
2019-04-10 01:41 - 2014-08-20 12:11 - 000842296 _____ (Adobe) C:\Windows\SysWOW64\FlashPlayerApp.exe
2019-04-10 01:41 - 2014-08-20 12:11 - 000175160 _____ (Adobe) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2019-04-10 01:41 - 2014-08-20 12:11 - 000000000 ____D C:\Windows\system32\Macromed
2019-04-10 01:40 - 2012-12-20 07:17 - 000000000 ____D C:\Windows\SysWOW64\Macromed
2019-04-09 04:30 - 2015-01-26 16:10 - 000002233 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2019-04-09 04:30 - 2015-01-26 16:10 - 000002192 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2019-04-05 01:49 - 2014-08-19 23:53 - 000000000 ____D C:\Users\Bisous\AppData\Roaming\vlc
2019-03-30 16:51 - 2018-01-01 17:59 - 000002061 _____ C:\Users\Bisous\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\f.lux.lnk
2019-03-30 06:07 - 2014-08-20 16:05 - 000000000 ____D C:\Program Files (x86)\Opera
2019-03-29 02:52 - 2014-08-19 21:09 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2019-03-21 06:30 - 2017-03-27 02:29 - 000000000 ____D C:\Users\Bisous\AppData\Roaming\gnupg
2019-03-20 14:52 - 2017-10-17 20:06 - 000003910 _____ C:\Windows\System32\Tasks\Avast Emergency Update
2019-03-20 03:41 - 2017-10-12 04:05 - 000000445 _____ C:\Users\Bisous\Desktop\prochain runage summoners war.txt
2019-03-19 15:06 - 2019-02-19 18:56 - 000249152 _____ (AVAST Software) C:\Windows\system32\Drivers\aswHdsKe.sys
2019-03-19 15:06 - 2018-10-22 14:14 - 000042496 _____ (AVAST Software) C:\Windows\system32\Drivers\aswKbd.sys
2019-03-19 15:06 - 2017-10-17 20:06 - 000476256 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys
2019-03-19 15:06 - 2017-10-17 20:06 - 000380160 _____ (AVAST Software) C:\Windows\system32\Drivers\aswVmm.sys
2019-03-19 15:06 - 2017-10-17 20:06 - 000220632 _____ (AVAST Software) C:\Windows\system32\Drivers\aswStm.sys
2019-03-19 15:06 - 2017-10-17 20:06 - 000169104 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2019-03-19 15:06 - 2017-10-17 20:06 - 000112520 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2019-03-19 15:06 - 2017-10-17 20:06 - 000088152 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRvrt.sys
2019-03-19 15:05 - 2019-01-16 14:15 - 000037320 _____ (AVAST Software) C:\Windows\system32\Drivers\aswArDisk.sys
2019-03-19 15:05 - 2017-11-10 18:05 - 000205608 _____ (AVAST Software) C:\Windows\system32\Drivers\aswArPot.sys
2019-03-19 15:05 - 2017-10-17 20:06 - 001034640 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys
2019-03-19 15:04 - 2019-01-17 17:47 - 000254408 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbidsdriver.sys
2019-03-19 15:04 - 2019-01-16 14:15 - 000320904 _____ (AVAST Software) C:\Windows\system32\Drivers\aswblog.sys
2019-03-19 15:04 - 2019-01-16 14:15 - 000196304 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbidsh.sys
2019-03-19 15:04 - 2019-01-16 14:15 - 000058168 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbuniv.sys
2019-03-18 19:18 - 2019-02-18 09:28 - 000153328 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbae64.sys
2019-03-14 02:13 - 2016-04-15 00:42 - 000000000 ____D C:\Users\Bisous\Documents\Infokiosque
2019-03-13 22:26 - 2014-11-14 15:44 - 000000000 ____D C:\Users\Bisous\Documents\Paperasse

==================== Fichiers à la racine de certains dossiers =======

2017-10-17 23:16 - 2017-10-17 23:16 - 000139098 _____ () C:\Users\Bisous\AppData\Local\ars.cache
2017-10-17 23:17 - 2017-10-17 23:17 - 000287490 _____ () C:\Users\Bisous\AppData\Local\census.cache
2017-10-17 22:26 - 2017-10-17 22:26 - 000000036 _____ () C:\Users\Bisous\AppData\Local\housecall.guid.cache

Certains fichiers dans TEMP:
====================
2017-11-17 16:42 - 2017-08-16 13:31 - 000838200 _____ (BlueStack Systems, Inc.) C:\Users\Bisous\AppData\Local\Temp\BlueStacksClientUninstaller.exe
2018-01-23 18:54 - 2018-01-23 18:54 - 001864256 _____ (Oracle Corporation) C:\Users\Bisous\AppData\Local\Temp\jre-8u161-windows-au.exe
2018-06-21 17:46 - 2018-06-21 17:47 - 001884616 _____ (Oracle Corporation) C:\Users\Bisous\AppData\Local\Temp\jre-8u171-windows-au.exe
2018-10-22 10:29 - 2018-10-22 10:29 - 001892728 _____ (Oracle Corporation) C:\Users\Bisous\AppData\Local\Temp\jre-8u191-windows-au.exe
2019-01-21 14:27 - 2019-01-21 14:27 - 001974624 _____ (Oracle Corporation) C:\Users\Bisous\AppData\Local\Temp\jre-8u201-windows-au.exe
2019-01-04 02:43 - 2019-01-04 02:41 - 081227760 _____ (Malwarebytes ) C:\Users\Bisous\AppData\Local\Temp\mb3-setup-consumer-3.6.1.2711-1.0.508-1.0.8211.exe
2019-01-31 04:52 - 2019-01-31 04:53 - 040477384 _____ () C:\Users\Bisous\AppData\Local\Temp\vlc-3.0.6-win32.exe

==================== Bamital & volsnap ======================

(Il n'y a pas de correction automatique pour les fichiers qui ne satisfont pas à la vérification.)

C:\Windows\system32\winlogon.exe => Le fichier est signé numériquement
C:\Windows\system32\wininit.exe => Le fichier est signé numériquement
C:\Windows\SysWOW64\wininit.exe => Le fichier est signé numériquement
C:\Windows\explorer.exe => Le fichier est signé numériquement
C:\Windows\SysWOW64\explorer.exe => Le fichier est signé numériquement
C:\Windows\system32\svchost.exe => Le fichier est signé numériquement
C:\Windows\SysWOW64\svchost.exe => Le fichier est signé numériquement
C:\Windows\system32\services.exe => Le fichier est signé numériquement
C:\Windows\system32\User32.dll => Le fichier est signé numériquement
C:\Windows\SysWOW64\User32.dll => Le fichier est signé numériquement
C:\Windows\system32\userinit.exe => Le fichier est signé numériquement
C:\Windows\SysWOW64\userinit.exe => Le fichier est signé numériquement
C:\Windows\system32\rpcss.dll => Le fichier est signé numériquement
C:\Windows\system32\dnsapi.dll => Le fichier est signé numériquement
C:\Windows\SysWOW64\dnsapi.dll => Le fichier est signé numériquement
C:\Windows\system32\dllhost.exe => Le fichier est signé numériquement
C:\Windows\SysWOW64\dllhost.exe => Le fichier est signé numériquement
C:\Windows\system32\Drivers\volsnap.sys => Le fichier est signé numériquement

LastRegBack: 2019-04-04 14:22

==================== Fin de FRST.txt ============================