Hi,
It look like my programs, as Teamviewer, Microsoft Word, are closing suddenly only a few seconds after they are opened.
As I was reading others peep topics, I do the malware check-up steps with Farbar and it result by the following: (is there any problems?)
FRST.txt files : (sorry it is in French mode)
Résultats d'analyse de Farbar Recovery Scan Tool (FRST) (x64) Version: 07-06-2017 01
Exécuté par Sandie (administrateur) sur SANDIE-PC (07-06-2017 18:59:25)
Exécuté depuis C:\Users\Sandie\Downloads
Profils chargés: Sandie (Profils disponibles: Sandie)
Platform: Windows 7 Home Premium Service Pack 1 (X64) Langue: Français (France)
Internet Explorer Version 11 (Navigateur par défaut: Chrome)
Mode d'amorçage: Normal
Tutoriel pour Farbar Recovery Scan Tool:
==================== Processus (Avec liste blanche) =================
(Si un élément est inclus dans le fichier fixlist.txt, le processus sera arrêté. Le fichier ne sera pas déplacé.)
(AMD) C:\Windows\System32\atiesrxx.exe
(Logitech Inc.) C:\Program Files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe
(AMD) C:\Windows\System32\atieclxx.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
() C:\Program Files (x86)\Common Files\BattlEye\BEService.exe
(Microsoft Corporation) C:\Program Files\Windows Identity Foundation\v3.5\c2wtshost.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AviraSpeedup\Avira.SystemSpeedup.UI.Systray.exe
(Dropbox, Inc.) C:\Windows\System32\DbxSvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Windows Kits\8.1\App Certification Kit\fussvc.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Acer Incorporated) C:\Program Files (x86)\Gateway\Registration\GREGsvc.exe
(Macrovision Corporation) C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Akamai Technologies, Inc.) C:\Users\Sandie\AppData\Local\Akamai\netsession_win.exe
(Google) C:\Program Files (x86)\Google\Drive\googledrivesync.exe
(Akamai Technologies, Inc.) C:\Users\Sandie\AppData\Local\Akamai\netsession_win.exe
(Fisher & Paykel Healthcare) C:\Users\Sandie\AppData\Roaming\Fisher & Paykel Healthcare\InfoUSBDetector\InfoUSBDetector.exe
(Acer Incorporated) C:\Program Files\Gateway\Gateway Updater\UpdaterService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\sqlservr.exe
(Google) C:\Program Files (x86)\Google\Drive\googledrivesync.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Nero AG) C:\Program Files (x86)\Nero\Update\NASvc.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
(Microsoft Corporation) C:\Program Files (x86)\Common Files\microsoft shared\Source Engine\OSE.EXE
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
(Microsoft Corporation) C:\Windows\SysWOW64\perfhost.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft SQL Server\90\Shared\sqlbrowser.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
(DEVGURU Co., LTD.) C:\Program Files (x86)\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe
(Microsoft Corporation) C:\Program Files (x86)\Windows Kits\8.1\Testing\Runtimes\TAEF\Wex.Services.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Microsoft Corporation) C:\Program Files\Windows Live\Mesh\wlcrasvc.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Wellbia.com Co., Ltd.) C:\Windows\SysWOW64\xsherlock.xem
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
(Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe
(Microsoft Corporation) C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\tv_x64.exe
(AVAST Software s.r.o.) C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe
(Microsoft Corporation) C:\Windows\System32\msiexec.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
==================== Registre (Avec liste blanche) ====================
(Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé. Le fichier ne sera pas déplacé.)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [11660904 2010-11-30] (Realtek Semiconductor)
HKLM\...\Run: [StartCCC] => C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\amd64\CLIStart.exe [767176 2015-07-28] (Advanced Micro Devices, Inc.)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [213824 2017-06-07] (AVAST Software)
HKLM-x32\...\Run: [Dropbox] => C:\Program Files (x86)\Dropbox\Client\Dropbox.exe [29246632 2017-05-30] (Dropbox, Inc.)
HKU\S-1-5-19\...\Run: [Exetender] => "C:\Program Files (x86)\Free Ride Games\GPlayer.exe" /runonstartup
HKU\S-1-5-21-3154787465-929561759-525958776-1000\...\Run: [Akamai NetSession Interface] => C:\Users\Sandie\AppData\Local\Akamai\netsession_win.exe [4490200 2017-01-03] (Akamai Technologies, Inc.)
HKU\S-1-5-21-3154787465-929561759-525958776-1000\...\Run: [GoogleDriveSync] => C:\Program Files (x86)\Google\Drive\googledrivesync.exe [23819304 2017-03-21] (Google)
HKU\S-1-5-21-3154787465-929561759-525958776-1000\...\Policies\Explorer: [NoDesktopCleanupWizard] 1
HKU\S-1-5-21-3154787465-929561759-525958776-1000\...\MountPoints2: J - J:\Autorun.exe
HKU\S-1-5-21-3154787465-929561759-525958776-1000\...\MountPoints2: K - K:\setup\rsrc\Autorun.exe
HKU\S-1-5-21-3154787465-929561759-525958776-1000\...\MountPoints2: {53974149-3792-11e1-b12a-806e6f6e6963} - D:\Setup.exe
HKU\S-1-5-21-3154787465-929561759-525958776-1000\...\MountPoints2: {efc1c226-acd5-11e2-977c-386077fb0477} - J:\MotorolaDeviceManagerSetup.exe -a
HKU\S-1-5-21-3154787465-929561759-525958776-1000\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\system32\ssText3d.scr [333824 2010-11-20] (Microsoft Corporation)
HKU\S-1-5-18\...\Run: [Exetender] => "C:\Program Files (x86)\Free Ride Games\GPlayer.exe" /runonstartup
ShellIconOverlayIdentifiers: [ DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.16.0.dll [2017-05-30] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.16.0.dll [2017-05-30] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.16.0.dll [2017-05-30] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.16.0.dll [2017-05-30] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.16.0.dll [2017-05-30] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.16.0.dll [2017-05-30] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.16.0.dll [2017-05-30] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.16.0.dll [2017-05-30] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.16.0.dll [2017-05-30] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.16.0.dll [2017-05-30] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ GoogleDriveBlacklisted] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2017-03-21] (Google)
ShellIconOverlayIdentifiers: [ GoogleDriveSynced] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2017-03-21] (Google)
ShellIconOverlayIdentifiers: [ GoogleDriveSyncing] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2017-03-21] (Google)
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2017-06-07] (AVAST Software)
ShellIconOverlayIdentifiers-x32: [ DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.16.0.dll [2017-05-30] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.16.0.dll [2017-05-30] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.16.0.dll [2017-05-30] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.16.0.dll [2017-05-30] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.16.0.dll [2017-05-30] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.16.0.dll [2017-05-30] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.16.0.dll [2017-05-30] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.16.0.dll [2017-05-30] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.16.0.dll [2017-05-30] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.16.0.dll [2017-05-30] (Dropbox, Inc.)
Startup: C:\Users\Sandie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\InfoUSB Detector.lnk [2016-06-22]
ShortcutTarget: InfoUSB Detector.lnk -> C:\Users\Sandie\AppData\Roaming\Fisher & Paykel Healthcare\InfoUSBDetector\InfoUSBDetector.exe (Fisher & Paykel Healthcare)
Startup: C:\Users\Sandie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Superviser les alertes relatives aux cartouches - HP OfficeJet Pro 8720.lnk [2017-06-07]
ShortcutTarget: Superviser les alertes relatives aux cartouches - HP OfficeJet Pro 8720.lnk -> C:\Program Files\HP\HP OfficeJet Pro 8720\Bin\HPStatusBL.dll (HP Inc.)
GroupPolicy: Restriction - Chrome <======= ATTENTION
GroupPolicy\User: Restriction <======= ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Restriction <======= ATTENTION
==================== Internet (Avec liste blanche) ====================
(Si un élément est inclus dans le fichier fixlist.txt, s'il s'agit d'un élément du Registre, il sera supprimé ou restauré à la valeur par défaut.)
Hosts: Il y a plus d'un élément dans hosts. Voir la section Hosts de Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1
Tcpip\..\Interfaces\{13AC22B4-6062-4C03-BD6B-8B12D9D71C0B}: [DhcpNameServer] 172.20.10.1
Tcpip\..\Interfaces\{5BE6617D-B547-480B-95E7-7F11992E0B45}: [DhcpNameServer] 192.168.2.1
Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/?LinkID=617910&ResetID=131371989438681992&GUID=00000000-0000-0000-0000-000000000000
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/?LinkID=617910&ResetID=131371989438681992&GUID=00000000-0000-0000-0000-000000000000
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxps://safesearch.avira.com/
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxps://safesearch.avira.com/
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxps://safesearch.avira.com/
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxps://safesearch.avira.com/
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxps://safesearch.avira.com/
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxps://safesearch.avira.com/
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Local Page =
HKU\S-1-5-21-3154787465-929561759-525958776-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/?LinkID=617910&ResetID=131371989438681992&GUID=00000000-0000-0000-0000-000000000000
HKU\S-1-5-21-3154787465-929561759-525958776-1000\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxps://safesearch.avira.com/
HKU\S-1-5-21-3154787465-929561759-525958776-1000\Software\Microsoft\Internet Explorer\Main,Search Page = hxxps://safesearch.avira.com/
HKU\S-1-5-21-3154787465-929561759-525958776-1000\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxps://safesearch.avira.com/
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM -> {2211d4a5-48d0-47f5-a7cd-81e861470f7f} URL = hxxps://ca.search.yahoo.com/yhs/search?hspart=iry&hsimp=yhs-fullyhosted_003&type=wbf_cdxfs_17_14¶m1=1¶m2=f%3D4%26b%3DIE%26cc%3Dca%26pa%3Dwincy%26cd%3D2XzuyEtN2Y1L1Qzuzy0C0ByBtD0DtB0E0AtDyB0A0FtC0FzytN0D0Tzu0StCzytBtCtN1L2XzutAtFtBzytFtAtFyDtBtN1L1Czu1ByDtN1L1G1B1V1N2Y1L1Qzu2StA0F0FyCtC0DyByBtGyCyDtDzztGzyyByCtBtGyC0D0ByEtGzzzyzyyDtAzztBzztDyB0E0E2QtN1M1F1B2Z1V1N2Y1L1Qzu2StDzyzytCtD0AzytBtG0FtByD0EtGyEtCyDyCtGzy0ByDyBtGyDtD0FyDtCtDzz0D0EtA0Azz2QtN0A0LzuyE%26cr%3D761988319%26a%3Dwbf_cdxfs_17_14%26os_ver%3D6.1%26os%3DWindows%2B7%2BHome%2BPremium&p={searchTerms}
SearchScopes: HKLM -> {f79e5d1c-5148-469e-9f98-a11d8d7863f4} URL = hxxps://ca.search.yahoo.com/yhs/search?hspart=arh&hsimp=yhs-001&type=zxy_7d748b79ad623fcd40¶m1=ArFaIWJoNqArQGMVHFFoNqAqBbFaITMsQGR7xTVoN9I4y7IsQGR7B7JoN9JbDSk8vFE9GqQANFdcFCk8vmpdJaYXvFQ9IWYVwVRdIGYYwVI4JqYYNVA9JaYTvmo9GqYVNUI3wGYGwVM3vCIXwVM9GqUNNos3wCIYwVA9Jmk3wVA4ICITvFI4ICILNFdcJ6k8wV5cGWUSNFRcEqULNopcGWUIvmFbF6IYvFJdJGYVvmpdJqYWNVI9I6oXvmk4ISIXwVxdICIWvmo9J6ISvFJdImIYNVU9I6oVwVM9JGYUvFQ4ICIVvFE4ISoUwVVdIWQIwV5cGGUTNFRbDqUDNF5bDGUNNEU3wGQGwVI3vCk4wVM9IWYYvmo9JmISNVA9JmoVNVE9I6oUwVM4ISoWwVw3vGYXvFI4JmISvFI9IWYTvFI9J6IVvmldIWYUwVVdJCk3NoU9GqYYNVc3wCoUQGR7B6RoN9JcMapaLGF7LWBdQGR7BHFaISopzU0aCaV6CaV9C78kBrFbMn0aC6AoxrFaIWBfNHFbMn0aQGMVE7ofAT06xbFbJqxoNpQRy78oQGQXFSQoyDo8yJ%3D%3D¶m2=MWNaLWxaMat9&p={searchTerms}
SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> {2211d4a5-48d0-47f5-a7cd-81e861470f7f} URL = hxxps://ca.search.yahoo.com/yhs/search?hspart=iry&hsimp=yhs-fullyhosted_003&type=wbf_cdxfs_17_14¶m1=1¶m2=f%3D4%26b%3DIE%26cc%3Dca%26pa%3Dwincy%26cd%3D2XzuyEtN2Y1L1Qzuzy0C0ByBtD0DtB0E0AtDyB0A0FtC0FzytN0D0Tzu0StCzytBtCtN1L2XzutAtFtBzytFtAtFyDtBtN1L1Czu1ByDtN1L1G1B1V1N2Y1L1Qzu2StA0F0FyCtC0DyByBtGyCyDtDzztGzyyByCtBtGyC0D0ByEtGzzzyzyyDtAzztBzztDyB0E0E2QtN1M1F1B2Z1V1N2Y1L1Qzu2StDzyzytCtD0AzytBtG0FtByD0EtGyEtCyDyCtGzy0ByDyBtGyDtD0FyDtCtDzz0D0EtA0Azz2QtN0A0LzuyE%26cr%3D761988319%26a%3Dwbf_cdxfs_17_14%26os_ver%3D6.1%26os%3DWindows%2B7%2BHome%2BPremium&p={searchTerms}
SearchScopes: HKLM-x32 -> {f79e5d1c-5148-469e-9f98-a11d8d7863f4} URL = hxxps://ca.search.yahoo.com/yhs/search?hspart=arh&hsimp=yhs-001&type=zxy_7d748b79ad623fcd40¶m1=ArFaIWJoNqArQGMVHFFoNqAqBbFaITMsQGR7xTVoN9I4y7IsQGR7B7JoN9JbDSk8vFE9GqQANFdcFCk8vmpdJaYXvFQ9IWYVwVRdIGYYwVI4JqYYNVA9JaYTvmo9GqYVNUI3wGYGwVM3vCIXwVM9GqUNNos3wCIYwVA9Jmk3wVA4ICITvFI4ICILNFdcJ6k8wV5cGWUSNFRcEqULNopcGWUIvmFbF6IYvFJdJGYVvmpdJqYWNVI9I6oXvmk4ISIXwVxdICIWvmo9J6ISvFJdImIYNVU9I6oVwVM9JGYUvFQ4ICIVvFE4ISoUwVVdIWQIwV5cGGUTNFRbDqUDNF5bDGUNNEU3wGQGwVI3vCk4wVM9IWYYvmo9JmISNVA9JmoVNVE9I6oUwVM4ISoWwVw3vGYXvFI4JmISvFI9IWYTvFI9J6IVvmldIWYUwVVdJCk3NoU9GqYYNVc3wCoUQGR7B6RoN9JcMapaLGF7LWBdQGR7BHFaISopzU0aCaV6CaV9C78kBrFbMn0aC6AoxrFaIWBfNHFbMn0aQGMVE7ofAT06xbFbJqxoNpQRy78oQGQXFSQoyDo8yJ%3D%3D¶m2=MWNaLWxaMat9&p={searchTerms}
SearchScopes: HKU\S-1-5-21-3154787465-929561759-525958776-1000 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxps://ca.search.yahoo.com/yhs/search?hspart=arh&hsimp=yhs-001&type=zxy_7d748b79ad623fcd40¶m1=ArFaIWJoNqArQGMVHFFoNqAqBbFaITMsQGR7xTVoN9I4y7IsQGR7B7JoN9JbDSk8vFE9GqQANFdcFCk8vmpdJaYXvFQ9IWYVwVRdIGYYwVI4JqYYNVA9JaYTvmo9GqYVNUI3wGYGwVM3vCIXwVM9GqUNNos3wCIYwVA9Jmk3wVA4ICITvFI4ICILNFdcJ6k8wV5cGWUSNFRcEqULNopcGWUIvmFbF6IYvFJdJGYVvmpdJqYWNVI9I6oXvmk4ISIXwVxdICIWvmo9J6ISvFJdImIYNVU9I6oVwVM9JGYUvFQ4ICIVvFE4ISoUwVVdIWQIwV5cGGUTNFRbDqUDNF5bDGUNNEU3wGQGwVI3vCk4wVM9IWYYvmo9JmISNVA9JmoVNVE9I6oUwVM4ISoWwVw3vGYXvFI4JmISvFI9IWYTvFI9J6IVvmldIWYUwVVdJCk3NoU9GqYYNVc3wCoUQGR7B6RoN9JcMapaLGF7LWBdQGR7BHFaISopzU0aCaV6CaV9C78kBrFbMn0aC6AoxrFaIWBfNHFbMn0aQGMVE7ofAT06xbFbJqxoNpQRy78oQGQXFSQoyDo8yJ%3D%3D¶m2=MWNaLWxaMat9&p={searchTerms}
SearchScopes: HKU\S-1-5-21-3154787465-929561759-525958776-1000 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxps://ca.search.yahoo.com/yhs/search?hspart=arh&hsimp=yhs-001&type=zxy_7d748b79ad623fcd40¶m1=ArFaIWJoNqArQGMVHFFoNqAqBbFaITMsQGR7xTVoN9I4y7IsQGR7B7JoN9JbDSk8vFE9GqQANFdcFCk8vmpdJaYXvFQ9IWYVwVRdIGYYwVI4JqYYNVA9JaYTvmo9GqYVNUI3wGYGwVM3vCIXwVM9GqUNNos3wCIYwVA9Jmk3wVA4ICITvFI4ICILNFdcJ6k8wV5cGWUSNFRcEqULNopcGWUIvmFbF6IYvFJdJGYVvmpdJqYWNVI9I6oXvmk4ISIXwVxdICIWvmo9J6ISvFJdImIYNVU9I6oVwVM9JGYUvFQ4ICIVvFE4ISoUwVVdIWQIwV5cGGUTNFRbDqUDNF5bDGUNNEU3wGQGwVI3vCk4wVM9IWYYvmo9JmISNVA9JmoVNVE9I6oUwVM4ISoWwVw3vGYXvFI4JmISvFI9IWYTvFI9J6IVvmldIWYUwVVdJCk3NoU9GqYYNVc3wCoUQGR7B6RoN9JcMapaLGF7LWBdQGR7BHFaISopzU0aCaV6CaV9C78kBrFbMn0aC6AoxrFaIWBfNHFbMn0aQGMVE7ofAT06xbFbJqxoNpQRy78oQGQXFSQoyDo8yJ%3D%3D¶m2=MWNaLWxaMat9&p={searchTerms}
SearchScopes: HKU\S-1-5-21-3154787465-929561759-525958776-1000 -> {f79e5d1c-5148-469e-9f98-a11d8d7863f4} URL = hxxps://ca.search.yahoo.com/yhs/search?hspart=iry&hsimp=yhs-fullyhosted_003&type=wbf_cdxfs_17_14¶m1=1¶m2=f%3D4%26b%3DIE%26cc%3Dca%26pa%3Dwincy%26cd%3D2XzuyEtN2Y1L1Qzuzy0C0ByBtD0DtB0E0AtDyB0A0FtC0FzytN0D0Tzu0StCzytBtCtN1L2XzutAtFtBzytFtAtFyDtBtN1L1Czu1ByDtN1L1G1B1V1N2Y1L1Qzu2StA0F0FyCtC0DyByBtGyCyDtDzztGzyyByCtBtGyC0D0ByEtGzzzyzyyDtAzztBzztDyB0E0E2QtN1M1F1B2Z1V1N2Y1L1Qzu2StDzyzytCtD0AzytBtG0FtByD0EtGyEtCyDyCtGzy0ByDyBtGyDtD0FyDtCtDzz0D0EtA0Azz2QtN0A0LzuyE%26cr%3D761988319%26a%3Dwbf_cdxfs_17_14%26os_ver%3D6.1%26os%3DWindows%2B7%2BHome%2BPremium&p={searchTerms}
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2017-06-07] (AVAST Software)
BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2016-04-26] (Google Inc.)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_121\bin\ssv.dll [2017-02-27] (Oracle Corporation)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2017-06-07] (AVAST Software)
BHO-x32: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2016-04-26] (Google Inc.)
BHO-x32: AviraBrowserSafety.BrowserSafety -> {c3c77255-42c0-499f-b664-6e981a0b1647} -> C:\Windows\system32\mscoree.dll [2010-11-20] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_121\bin\jp2ssv.dll [2017-02-27] (Oracle Corporation)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2016-04-26] (Google Inc.)
Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2016-04-26] (Google Inc.)
Toolbar: HKU\S-1-5-21-3154787465-929561759-525958776-1000 -> Pas de nom - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - Pas de fichier
Toolbar: HKU\S-1-5-21-3154787465-929561759-525958776-1000 -> Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2016-04-26] (Google Inc.)
DPF: HKLM-x32 {6A060448-60F9-11D5-A6CD-0002B31F7455}
Handler-x32: abs - {E00957BD-D0E1-4eb9-A025-7743FDC8B27B} - C:\Windows\system32\mscoree.dll [2010-11-20] (Microsoft Corporation)
Handler: livecall - {828030A1-22C1-4009-854F-8E305202313F} - Pas de fichier
Handler: msnim - {828030A1-22C1-4009-854F-8E305202313F} - Pas de fichier
StartMenuInternet: IEXPLORE.EXE - iexplore.exe
FireFox:
========
FF DefaultProfile: p7dszgys.default
FF ProfilePath: C:\Users\Sandie\AppData\Roaming\Mozilla\Firefox\Profiles\p7dszgys.default [2017-06-02]
FF NewTab: Mozilla\Firefox\Profiles\p7dszgys.default -> about:newtab
FF DefaultSearchEngine: Mozilla\Firefox\Profiles\p7dszgys.default -> Yahoo! Powered
FF SelectedSearchEngine: Mozilla\Firefox\Profiles\p7dszgys.default -> Yahoo! Powered
FF Homepage: Mozilla\Firefox\Profiles\p7dszgys.default -> hxxps://ca.search.yahoo.com/yhs/web?hspart=iry&hsimp=yhs-fullyhosted_003&type=wbf_cdxfs_17_14¶m1=1¶m2=f%3D1%26b%3DFirefox%26cc%3Dca%26pa%3Dwincy%26cd%3D2XzuyEtN2Y1L1Qzuzy0C0ByBtD0DtB0E0AtDyB0A0FtC0FzytN0D0Tzu0StCzytBtCtN1L2XzutAtFtBzytFtAtFyDtBtN1L1Czu1ByDtN1L1G1B1V1N2Y1L1Qzu2StA0F0FyCtC0DyByBtGyCyDtDzztGzyyByCtBtGyC0D0ByEtGzzzyzyyDtAzztBzztDyB0E0E2QtN1M1F1B2Z1V1N2Y1L1Qzu2StDzyzytCtD0AzytBtG0FtByD0EtGyEtCyDyCtGzy0ByDyBtGyDtD0FyDtCtDzz0D0EtA0Azz2QtN0A0LzuyE%26cr%3D761988319%26a%3Dwbf_cdxfs_17_14%26os_ver%3D6.1%26os%3DWindows%2B7%2BHome%2BPremium
FF Keyword.URL: Mozilla\Firefox\Profiles\p7dszgys.default -> user_pref("keyword.URL", true);
FF Extension: (Avira Browser Safety) - C:\Users\Sandie\AppData\Roaming\Mozilla\Firefox\Profiles\p7dszgys.default\Extensions\abs@avira.com.xpi [2017-04-05]
FF Extension: (Lightbeam) - C:\Users\Sandie\AppData\Roaming\Mozilla\Firefox\Profiles\p7dszgys.default\Extensions\jid1-F9UJ2thwoAm5gQ@jetpack.xpi [2017-03-26]
FF Extension: (Avast Online Security) - C:\Users\Sandie\AppData\Roaming\Mozilla\Firefox\Profiles\p7dszgys.default\Extensions\wrc@avast.com.xpi [2017-06-07]
FF Extension: (Disable TLS Certificate Transparency) - C:\Users\Sandie\AppData\Roaming\Mozilla\Firefox\Profiles\p7dszgys.default\features\{8c95e5b1-3c39-48fb-bbeb-9bafc38ed79b}\disable-cert-transparency@mozilla.org.xpi [2017-04-18]
FF Extension: (Disable Prefetch) - C:\Users\Sandie\AppData\Roaming\Mozilla\Firefox\Profiles\p7dszgys.default\features\{8c95e5b1-3c39-48fb-bbeb-9bafc38ed79b}\disable-prefetch@mozilla.org.xpi [2017-04-18]
FF SearchPlugin: C:\Users\Sandie\AppData\Roaming\Mozilla\Firefox\Profiles\p7dszgys.default\searchplugins\yahoo! powered.xml [2017-04-05]
FF HKU\S-1-5-21-3154787465-929561759-525958776-1000\...\Firefox\Extensions: [{B64D9B05-48E1-4CEB-BF58-E0643994E900}] - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\ff
FF Extension: (Download videos and MP3s from YouTube) - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\ff [2014-04-12] [non signé]
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_25_0_0_171.dll [2017-05-15] ()
FF Plugin: @microsoft.com/GENUINE -> disabled [Pas de fichier]
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.50906.0\npctrl.dll [2017-03-09] ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_25_0_0_171.dll [2017-05-15] ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw_1202122.dll [2013-04-03] (Adobe Systems, Inc.)
FF Plugin-x32: @java.com/DTPlugin,version=11.121.2 -> C:\Program Files (x86)\Java\jre1.8.0_121\bin\dtplugin\npDeployJava1.dll [2017-02-27] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.121.2 -> C:\Program Files (x86)\Java\jre1.8.0_121\bin\plugin2\npjp2.dll [2017-02-27] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [Pas de fichier]
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.50906.0\npctrl.dll [2017-03-09] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~4\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-03-08] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-03-08] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3555.0308 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-03-08] (Microsoft Corporation)
FF Plugin-x32: @qq.com/npchrome -> C:\Program Files (x86)\Common Files\Tencent\Npchrome\npchrome.dll [2016-01-19] (Tencent)
FF Plugin-x32: @qq.com/npqscall -> C:\Program Files (x86)\Common Files\Tencent\NPQSCALL\npqscall.dll [2016-01-19] (Tencent)
FF Plugin-x32: @qq.com/TXSSO -> C:\Program Files (x86)\Common Files\Tencent\TXSSO\1.2.2.1\Bin\npSSOAxCtrlForPTLogin.dll [2013-04-08] (Tencent)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-04-29] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-04-29] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.0.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2012-03-16] (VideoLAN)
FF Plugin-x32: @Webzen.com/NPBrowserExt -> C:\Program Files (x86)\WEBZEN\BrowserExtension\NPWZCmnCtrl.dll [2012-03-27] (WEBZEN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2017-04-04] (Adobe Systems Inc.)
StartMenuInternet: FIREFOX.EXE - firefox.exe
Chrome:
=======
CHR DefaultProfile: Profile 1
CHR HomePage: Profile 1 -> hxxp://www.google.ca/
CHR StartupUrls: Profile 1 -> "hxxp://www.google.ca/"
CHR Profile: C:\Users\Sandie\AppData\Local\Google\Chrome\User Data\Default [2017-04-17]
CHR Extension: (Protection Web Avira) - C:\Users\Sandie\AppData\Local\Google\Chrome\User Data\Default\Extensions\flliilndjeohchalpbbcdekjklbdgfkk [2015-12-15]
CHR Extension: (Office Online - Copier et coller) - C:\Users\Sandie\AppData\Local\Google\Chrome\User Data\Default\Extensions\ifbmcpbgkhlpfcodhjhdbllhiaomkdej [2015-08-04]
CHR Extension: (Paiements via le Chrome Web Store) - C:\Users\Sandie\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-12-14]
CHR Extension: (Chrome Media Router) - C:\Users\Sandie\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2016-12-14]
CHR Profile: C:\Users\Sandie\AppData\Local\Google\Chrome\User Data\Profile 1 [2017-06-07]
CHR Extension: (Google Slides) - C:\Users\Sandie\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-12-27]
CHR Extension: (Google Docs) - C:\Users\Sandie\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aohghmighlieiainnegkcijnfilokake [2015-12-27]
CHR Extension: (Google Drive) - C:\Users\Sandie\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-12-27]
CHR Extension: (YouTube) - C:\Users\Sandie\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-12-27]
CHR Extension: (Recherche Google) - C:\Users\Sandie\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-12-27]
CHR Extension: (Adobe Acrobat) - C:\Users\Sandie\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2017-05-17]
CHR Extension: (Google Sheets) - C:\Users\Sandie\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-12-27]
CHR Extension: (Protection Web Avira) - C:\Users\Sandie\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\flliilndjeohchalpbbcdekjklbdgfkk [2017-06-07]
CHR Extension: (Google Docs hors connexion) - C:\Users\Sandie\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-03-21]
CHR Extension: (Application Launcher for Drive (by Google)) - C:\Users\Sandie\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh [2017-05-28]
CHR Extension: (Search Manager) - C:\Users\Sandie\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce [2017-06-07]
CHR Extension: (Paiements via le Chrome Web Store) - C:\Users\Sandie\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-03-12]
CHR Extension: (Gmail) - C:\Users\Sandie\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-12-27]
CHR Extension: (Chrome Media Router) - C:\Users\Sandie\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-05-16]
CHR HKLM\...\Chrome\Extension: [elmkjjfkkchohaaoljobaffjeedcoocj] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM\...\Chrome\Extension: [nahhmpbckpgdidfnmfkfgiflpjijilce] - hxxps://clients2.google.com/service/update2/crx
CHR HKU\S-1-5-21-3154787465-929561759-525958776-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [apdfllckaahabafndbhieahigkjlhalf] - C:\Users\Sandie\AppData\Local\Google\Drive\user_default\apdfllckaahabafndbhieahigkjlhalf_live.crx [2017-05-28]
CHR HKU\S-1-5-21-3154787465-929561759-525958776-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - hxxps://clients2.google.com/service/update2/crx
CHR HKU\S-1-5-21-3154787465-929561759-525958776-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [elmkjjfkkchohaaoljobaffjeedcoocj] - hxxps://clients2.google.com/service/update2/crx
CHR HKU\S-1-5-21-3154787465-929561759-525958776-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [fdepacjoijebcfaaenjicnejghibmebp] - <pas de Path/update_url>
CHR HKU\S-1-5-21-3154787465-929561759-525958776-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh] - hxxps://clients2.google.com/service/update2/crx
CHR HKU\S-1-5-21-3154787465-929561759-525958776-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [mmlkabjddkpgkgfhdhpimhcbonapngoh] - C:\Users\Sandie\AppData\Local\CRE\mmlkabjddkpgkgfhdhpimhcbonapngoh.crx <non trouvé(e)>
CHR HKU\S-1-5-21-3154787465-929561759-525958776-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [nahhmpbckpgdidfnmfkfgiflpjijilce] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [elmkjjfkkchohaaoljobaffjeedcoocj] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [fdepacjoijebcfaaenjicnejghibmebp] - <pas de Path/update_url>
CHR HKLM-x32\...\Chrome\Extension: [feffgldcgbgbkgihdccknhbfknichcio] - <pas de Path/update_url>
CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [hdgpdecndphihcinammckiacmcpbaipk] - <pas de Path/update_url>
CHR HKLM-x32\...\Chrome\Extension: [ibclbohbddcmmaaobgjamgbfbchjdfae] - <pas de Path/update_url>
CHR HKLM-x32\...\Chrome\Extension: [mfchmfgdaabgdjbcaophikcobddojjoe] - <pas de Path/update_url>
CHR HKLM-x32\...\Chrome\Extension: [mmlkabjddkpgkgfhdhpimhcbonapngoh] - C:\Users\Sandie\AppData\Local\CRE\mmlkabjddkpgkgfhdhpimhcbonapngoh.crx <non trouvé(e)>
CHR HKLM-x32\...\Chrome\Extension: [nahhmpbckpgdidfnmfkfgiflpjijilce] - hxxps://clients2.google.com/service/update2/crx
==================== Services (Avec liste blanche) ====================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
S4 AntiVirMailService; C:\Program Files (x86)\Avira\Antivirus\avmailc7.exe [1119712 2017-05-05] (Avira Operations GmbH & Co. KG)
S4 AntiVirSchedulerService; C:\Program Files (x86)\Avira\Antivirus\sched.exe [488920 2017-05-05] (Avira Operations GmbH & Co. KG)
S4 AntiVirService; C:\Program Files (x86)\Avira\Antivirus\avguard.exe [488920 2017-05-05] (Avira Operations GmbH & Co. KG)
S4 AntiVirWebService; C:\Program Files (x86)\Avira\Antivirus\avwebg7.exe [1520680 2017-05-05] (Avira Operations GmbH & Co. KG)
R3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe [7346208 2017-06-07] (AVAST Software s.r.o.)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [263304 2017-06-07] (AVAST Software)
R2 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [1465352 2017-04-16] ()
R2 c2wts; C:\Program Files\Windows Identity Foundation\v3.5\c2wtshost.exe [15768 2010-02-02] (Microsoft Corporation)
S2 dbupdate; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2017-05-28] (Dropbox, Inc.)
S3 dbupdatem; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2017-05-28] (Dropbox, Inc.)
R2 DbxSvc; C:\Windows\system32\DbxSvc.exe [48944 2017-05-30] (Dropbox, Inc.)
S4 DigitalWave.Update.Service; C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\app_updater.exe [440808 2017-05-26] (Digital Wave Ltd.)
R2 fussvc; C:\Program Files (x86)\Windows Kits\8.1\App Certification Kit\fussvc.exe [142336 2013-08-22] (Microsoft Corporation) [Fichier non signé]
R2 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-04] (Macrovision Corporation) [Fichier non signé]
R2 MSSQL$SQLEXPRESS; c:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\sqlservr.exe [69964448 2015-04-03] (Microsoft Corporation)
S3 MySQLRouter; C:\Program Files\MySQL\MySQL Router 2.1\bin\mysqlrouter.exe [326144 2017-04-06] () [Fichier non signé]
S2 npggsvc; C:\Windows\SysWOW64\GameMon.des [4362656 2016-02-24] (INCA Internet Co., Ltd.) [Fichier non signé]
S4 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2119688 2017-05-27] (Electronic Arts)
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76888 2015-05-07] ()
S4 SpeedupService; C:\Program Files (x86)\Avira\AviraSpeedup\Avira.SystemSpeedup.SpeedupService.exe [74800 2017-04-07] (Avira Operations GmbH & Co. KG)
S2 SQLAgent$SQLEXPRESS; c:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\SQLAGENT.EXE [441512 2015-04-03] (Microsoft Corporation)
R2 ss_conn_service; C:\Program Files (x86)\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe [752224 2017-01-16] (DEVGURU Co., LTD.)
R2 Te.Service; C:\Program Files (x86)\Windows Kits\8.1\Testing\Runtimes\TAEF\Wex.Services.exe [119808 2013-08-22] (Microsoft Corporation) [Fichier non signé]
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [10888944 2017-04-25] (TeamViewer GmbH)
S2 VsEtwService120; C:\Program Files\Microsoft Visual Studio 12.0\Common7\Packages\Debugger\Services\VsEtwService.exe [87728 2013-10-05] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
R2 xsherlock; C:\Windows\SysWOW64\xsherlock.xem [666720 2012-09-23] (Wellbia.com Co., Ltd.) [Fichier non signé]
S2 ACDaemon; C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe [X]
===================== Pilotes (Avec liste blanche) ======================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
S3 1394hub; C:\Windows\System32\svchost.exe [27136 2009-07-13] (Microsoft Corporation)
S3 1394hub; C:\Windows\SysWOW64\svchost.exe [20992 2009-07-13] (Microsoft Corporation)
R1 aswbidsdriver; C:\Windows\system32\drivers\aswbidsdrivera.sys [311808 2017-06-07] (AVAST Software s.r.o.)
R0 aswbidsh; C:\Windows\system32\drivers\aswbidsha.sys [190256 2017-06-07] (AVAST Software s.r.o.)
R0 aswblog; C:\Windows\system32\drivers\aswbloga.sys [334576 2017-06-07] (AVAST Software s.r.o.)
R0 aswbuniv; C:\Windows\system32\drivers\aswbuniva.sys [49016 2017-06-07] (AVAST Software s.r.o.)
S3 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [38296 2017-06-07] (AVAST Software)
R1 aswKbd; C:\Windows\system32\drivers\aswKbd.sys [32600 2017-06-07] (AVAST Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [128648 2017-06-07] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [101152 2017-06-07] (AVAST Software)
R0 aswRvrt; C:\Windows\system32\drivers\aswRvrt.sys [75704 2017-06-07] (AVAST Software)
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1007160 2017-06-07] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [569192 2017-06-07] (AVAST Software)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [158880 2017-06-07] (AVAST Software)
R0 aswVmm; C:\Windows\system32\drivers\aswVmm.sys [339696 2017-06-07] (AVAST Software)
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [176968 2017-03-28] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [148104 2017-03-28] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [35328 2017-03-28] (Avira Operations GmbH & Co. KG)
R2 avnetflt; C:\Windows\System32\DRIVERS\avnetflt.sys [78600 2017-03-28] (Avira Operations GmbH & Co. KG)
S3 dg_ssudbus; C:\Windows\System32\DRIVERS\ssudbus.sys [131984 2017-05-18] (Samsung Electronics Co., Ltd.)
S3 hitmanpro37; C:\Windows\system32\drivers\hitmanpro37.sys [32512 2014-06-03] ()
R1 HWiNFO32; C:\Windows\system32\drivers\HWiNFO64A.SYS [27552 2015-05-16] (REALiX(tm))
S3 Netaapl; C:\Windows\System32\DRIVERS\netaapl64.sys [23040 2013-07-25] (Apple Inc.) [Fichier non signé]
S4 secdrv; C:\Windows\SysWow64\Drivers\secdrv.sys [163644 2017-05-18] (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.) [Fichier non signé]
S3 ssudmdm; C:\Windows\System32\DRIVERS\ssudmdm.sys [166288 2017-05-18] (Samsung Electronics Co., Ltd.)
S3 USBAAPL64; C:\Windows\System32\Drivers\usbaapl64.sys [54784 2014-08-16] (Apple, Inc.) [Fichier non signé]
S3 wdm_usb; C:\Windows\System32\DRIVERS\usb2ser.sys [159936 2016-08-16] (MBB)
S3 cpuz134; \??\C:\Users\Sandie\AppData\Local\Temp\cpuz134\cpuz134_x64.sys [X] <==== ATTENTION
S3 EagleX64; \??\C:\Windows\system32\drivers\EagleX64.sys [X]
S3 MBAMSwissArmy; \??\C:\Windows\system32\drivers\MBAMSwissArmy.sys [X]
S3 NAVENG; \??\C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.0.0.128\Definitions\VirusDefs\20120628.004\ENG64.SYS [X]
S3 NAVEX15; \??\C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.0.0.128\Definitions\VirusDefs\20120628.004\EX64.SYS [X]
S2 X5XSEx; \??\C:\Program Files (x86)\Free Ride Games\X5XSEx.Sys [X]
S3 xhunter1; \??\C:\Windows\xhunter1.sys [X]
==================== NetSvcs (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
It look like my programs, as Teamviewer, Microsoft Word, are closing suddenly only a few seconds after they are opened.
As I was reading others peep topics, I do the malware check-up steps with Farbar and it result by the following: (is there any problems?)
FRST.txt files : (sorry it is in French mode)
Résultats d'analyse de Farbar Recovery Scan Tool (FRST) (x64) Version: 07-06-2017 01
Exécuté par Sandie (administrateur) sur SANDIE-PC (07-06-2017 18:59:25)
Exécuté depuis C:\Users\Sandie\Downloads
Profils chargés: Sandie (Profils disponibles: Sandie)
Platform: Windows 7 Home Premium Service Pack 1 (X64) Langue: Français (France)
Internet Explorer Version 11 (Navigateur par défaut: Chrome)
Mode d'amorçage: Normal
Tutoriel pour Farbar Recovery Scan Tool:
==================== Processus (Avec liste blanche) =================
(Si un élément est inclus dans le fichier fixlist.txt, le processus sera arrêté. Le fichier ne sera pas déplacé.)
(AMD) C:\Windows\System32\atiesrxx.exe
(Logitech Inc.) C:\Program Files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe
(AMD) C:\Windows\System32\atieclxx.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
() C:\Program Files (x86)\Common Files\BattlEye\BEService.exe
(Microsoft Corporation) C:\Program Files\Windows Identity Foundation\v3.5\c2wtshost.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AviraSpeedup\Avira.SystemSpeedup.UI.Systray.exe
(Dropbox, Inc.) C:\Windows\System32\DbxSvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Windows Kits\8.1\App Certification Kit\fussvc.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Acer Incorporated) C:\Program Files (x86)\Gateway\Registration\GREGsvc.exe
(Macrovision Corporation) C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Akamai Technologies, Inc.) C:\Users\Sandie\AppData\Local\Akamai\netsession_win.exe
(Google) C:\Program Files (x86)\Google\Drive\googledrivesync.exe
(Akamai Technologies, Inc.) C:\Users\Sandie\AppData\Local\Akamai\netsession_win.exe
(Fisher & Paykel Healthcare) C:\Users\Sandie\AppData\Roaming\Fisher & Paykel Healthcare\InfoUSBDetector\InfoUSBDetector.exe
(Acer Incorporated) C:\Program Files\Gateway\Gateway Updater\UpdaterService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\sqlservr.exe
(Google) C:\Program Files (x86)\Google\Drive\googledrivesync.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Nero AG) C:\Program Files (x86)\Nero\Update\NASvc.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
(Microsoft Corporation) C:\Program Files (x86)\Common Files\microsoft shared\Source Engine\OSE.EXE
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
(Microsoft Corporation) C:\Windows\SysWOW64\perfhost.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft SQL Server\90\Shared\sqlbrowser.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
(DEVGURU Co., LTD.) C:\Program Files (x86)\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe
(Microsoft Corporation) C:\Program Files (x86)\Windows Kits\8.1\Testing\Runtimes\TAEF\Wex.Services.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Microsoft Corporation) C:\Program Files\Windows Live\Mesh\wlcrasvc.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Wellbia.com Co., Ltd.) C:\Windows\SysWOW64\xsherlock.xem
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
(Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe
(Microsoft Corporation) C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\tv_x64.exe
(AVAST Software s.r.o.) C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe
(Microsoft Corporation) C:\Windows\System32\msiexec.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
==================== Registre (Avec liste blanche) ====================
(Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé. Le fichier ne sera pas déplacé.)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [11660904 2010-11-30] (Realtek Semiconductor)
HKLM\...\Run: [StartCCC] => C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\amd64\CLIStart.exe [767176 2015-07-28] (Advanced Micro Devices, Inc.)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [213824 2017-06-07] (AVAST Software)
HKLM-x32\...\Run: [Dropbox] => C:\Program Files (x86)\Dropbox\Client\Dropbox.exe [29246632 2017-05-30] (Dropbox, Inc.)
HKU\S-1-5-19\...\Run: [Exetender] => "C:\Program Files (x86)\Free Ride Games\GPlayer.exe" /runonstartup
HKU\S-1-5-21-3154787465-929561759-525958776-1000\...\Run: [Akamai NetSession Interface] => C:\Users\Sandie\AppData\Local\Akamai\netsession_win.exe [4490200 2017-01-03] (Akamai Technologies, Inc.)
HKU\S-1-5-21-3154787465-929561759-525958776-1000\...\Run: [GoogleDriveSync] => C:\Program Files (x86)\Google\Drive\googledrivesync.exe [23819304 2017-03-21] (Google)
HKU\S-1-5-21-3154787465-929561759-525958776-1000\...\Policies\Explorer: [NoDesktopCleanupWizard] 1
HKU\S-1-5-21-3154787465-929561759-525958776-1000\...\MountPoints2: J - J:\Autorun.exe
HKU\S-1-5-21-3154787465-929561759-525958776-1000\...\MountPoints2: K - K:\setup\rsrc\Autorun.exe
HKU\S-1-5-21-3154787465-929561759-525958776-1000\...\MountPoints2: {53974149-3792-11e1-b12a-806e6f6e6963} - D:\Setup.exe
HKU\S-1-5-21-3154787465-929561759-525958776-1000\...\MountPoints2: {efc1c226-acd5-11e2-977c-386077fb0477} - J:\MotorolaDeviceManagerSetup.exe -a
HKU\S-1-5-21-3154787465-929561759-525958776-1000\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\system32\ssText3d.scr [333824 2010-11-20] (Microsoft Corporation)
HKU\S-1-5-18\...\Run: [Exetender] => "C:\Program Files (x86)\Free Ride Games\GPlayer.exe" /runonstartup
ShellIconOverlayIdentifiers: [ DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.16.0.dll [2017-05-30] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.16.0.dll [2017-05-30] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.16.0.dll [2017-05-30] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.16.0.dll [2017-05-30] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.16.0.dll [2017-05-30] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.16.0.dll [2017-05-30] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.16.0.dll [2017-05-30] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.16.0.dll [2017-05-30] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.16.0.dll [2017-05-30] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.16.0.dll [2017-05-30] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ GoogleDriveBlacklisted] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2017-03-21] (Google)
ShellIconOverlayIdentifiers: [ GoogleDriveSynced] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2017-03-21] (Google)
ShellIconOverlayIdentifiers: [ GoogleDriveSyncing] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2017-03-21] (Google)
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2017-06-07] (AVAST Software)
ShellIconOverlayIdentifiers-x32: [ DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.16.0.dll [2017-05-30] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.16.0.dll [2017-05-30] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.16.0.dll [2017-05-30] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.16.0.dll [2017-05-30] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.16.0.dll [2017-05-30] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.16.0.dll [2017-05-30] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.16.0.dll [2017-05-30] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.16.0.dll [2017-05-30] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.16.0.dll [2017-05-30] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.16.0.dll [2017-05-30] (Dropbox, Inc.)
Startup: C:\Users\Sandie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\InfoUSB Detector.lnk [2016-06-22]
ShortcutTarget: InfoUSB Detector.lnk -> C:\Users\Sandie\AppData\Roaming\Fisher & Paykel Healthcare\InfoUSBDetector\InfoUSBDetector.exe (Fisher & Paykel Healthcare)
Startup: C:\Users\Sandie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Superviser les alertes relatives aux cartouches - HP OfficeJet Pro 8720.lnk [2017-06-07]
ShortcutTarget: Superviser les alertes relatives aux cartouches - HP OfficeJet Pro 8720.lnk -> C:\Program Files\HP\HP OfficeJet Pro 8720\Bin\HPStatusBL.dll (HP Inc.)
GroupPolicy: Restriction - Chrome <======= ATTENTION
GroupPolicy\User: Restriction <======= ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Restriction <======= ATTENTION
==================== Internet (Avec liste blanche) ====================
(Si un élément est inclus dans le fichier fixlist.txt, s'il s'agit d'un élément du Registre, il sera supprimé ou restauré à la valeur par défaut.)
Hosts: Il y a plus d'un élément dans hosts. Voir la section Hosts de Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1
Tcpip\..\Interfaces\{13AC22B4-6062-4C03-BD6B-8B12D9D71C0B}: [DhcpNameServer] 172.20.10.1
Tcpip\..\Interfaces\{5BE6617D-B547-480B-95E7-7F11992E0B45}: [DhcpNameServer] 192.168.2.1
Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/?LinkID=617910&ResetID=131371989438681992&GUID=00000000-0000-0000-0000-000000000000
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/?LinkID=617910&ResetID=131371989438681992&GUID=00000000-0000-0000-0000-000000000000
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxps://safesearch.avira.com/
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxps://safesearch.avira.com/
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxps://safesearch.avira.com/
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxps://safesearch.avira.com/
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxps://safesearch.avira.com/
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxps://safesearch.avira.com/
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Local Page =
HKU\S-1-5-21-3154787465-929561759-525958776-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/?LinkID=617910&ResetID=131371989438681992&GUID=00000000-0000-0000-0000-000000000000
HKU\S-1-5-21-3154787465-929561759-525958776-1000\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxps://safesearch.avira.com/
HKU\S-1-5-21-3154787465-929561759-525958776-1000\Software\Microsoft\Internet Explorer\Main,Search Page = hxxps://safesearch.avira.com/
HKU\S-1-5-21-3154787465-929561759-525958776-1000\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxps://safesearch.avira.com/
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM -> {2211d4a5-48d0-47f5-a7cd-81e861470f7f} URL = hxxps://ca.search.yahoo.com/yhs/search?hspart=iry&hsimp=yhs-fullyhosted_003&type=wbf_cdxfs_17_14¶m1=1¶m2=f%3D4%26b%3DIE%26cc%3Dca%26pa%3Dwincy%26cd%3D2XzuyEtN2Y1L1Qzuzy0C0ByBtD0DtB0E0AtDyB0A0FtC0FzytN0D0Tzu0StCzytBtCtN1L2XzutAtFtBzytFtAtFyDtBtN1L1Czu1ByDtN1L1G1B1V1N2Y1L1Qzu2StA0F0FyCtC0DyByBtGyCyDtDzztGzyyByCtBtGyC0D0ByEtGzzzyzyyDtAzztBzztDyB0E0E2QtN1M1F1B2Z1V1N2Y1L1Qzu2StDzyzytCtD0AzytBtG0FtByD0EtGyEtCyDyCtGzy0ByDyBtGyDtD0FyDtCtDzz0D0EtA0Azz2QtN0A0LzuyE%26cr%3D761988319%26a%3Dwbf_cdxfs_17_14%26os_ver%3D6.1%26os%3DWindows%2B7%2BHome%2BPremium&p={searchTerms}
SearchScopes: HKLM -> {f79e5d1c-5148-469e-9f98-a11d8d7863f4} URL = hxxps://ca.search.yahoo.com/yhs/search?hspart=arh&hsimp=yhs-001&type=zxy_7d748b79ad623fcd40¶m1=ArFaIWJoNqArQGMVHFFoNqAqBbFaITMsQGR7xTVoN9I4y7IsQGR7B7JoN9JbDSk8vFE9GqQANFdcFCk8vmpdJaYXvFQ9IWYVwVRdIGYYwVI4JqYYNVA9JaYTvmo9GqYVNUI3wGYGwVM3vCIXwVM9GqUNNos3wCIYwVA9Jmk3wVA4ICITvFI4ICILNFdcJ6k8wV5cGWUSNFRcEqULNopcGWUIvmFbF6IYvFJdJGYVvmpdJqYWNVI9I6oXvmk4ISIXwVxdICIWvmo9J6ISvFJdImIYNVU9I6oVwVM9JGYUvFQ4ICIVvFE4ISoUwVVdIWQIwV5cGGUTNFRbDqUDNF5bDGUNNEU3wGQGwVI3vCk4wVM9IWYYvmo9JmISNVA9JmoVNVE9I6oUwVM4ISoWwVw3vGYXvFI4JmISvFI9IWYTvFI9J6IVvmldIWYUwVVdJCk3NoU9GqYYNVc3wCoUQGR7B6RoN9JcMapaLGF7LWBdQGR7BHFaISopzU0aCaV6CaV9C78kBrFbMn0aC6AoxrFaIWBfNHFbMn0aQGMVE7ofAT06xbFbJqxoNpQRy78oQGQXFSQoyDo8yJ%3D%3D¶m2=MWNaLWxaMat9&p={searchTerms}
SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> {2211d4a5-48d0-47f5-a7cd-81e861470f7f} URL = hxxps://ca.search.yahoo.com/yhs/search?hspart=iry&hsimp=yhs-fullyhosted_003&type=wbf_cdxfs_17_14¶m1=1¶m2=f%3D4%26b%3DIE%26cc%3Dca%26pa%3Dwincy%26cd%3D2XzuyEtN2Y1L1Qzuzy0C0ByBtD0DtB0E0AtDyB0A0FtC0FzytN0D0Tzu0StCzytBtCtN1L2XzutAtFtBzytFtAtFyDtBtN1L1Czu1ByDtN1L1G1B1V1N2Y1L1Qzu2StA0F0FyCtC0DyByBtGyCyDtDzztGzyyByCtBtGyC0D0ByEtGzzzyzyyDtAzztBzztDyB0E0E2QtN1M1F1B2Z1V1N2Y1L1Qzu2StDzyzytCtD0AzytBtG0FtByD0EtGyEtCyDyCtGzy0ByDyBtGyDtD0FyDtCtDzz0D0EtA0Azz2QtN0A0LzuyE%26cr%3D761988319%26a%3Dwbf_cdxfs_17_14%26os_ver%3D6.1%26os%3DWindows%2B7%2BHome%2BPremium&p={searchTerms}
SearchScopes: HKLM-x32 -> {f79e5d1c-5148-469e-9f98-a11d8d7863f4} URL = hxxps://ca.search.yahoo.com/yhs/search?hspart=arh&hsimp=yhs-001&type=zxy_7d748b79ad623fcd40¶m1=ArFaIWJoNqArQGMVHFFoNqAqBbFaITMsQGR7xTVoN9I4y7IsQGR7B7JoN9JbDSk8vFE9GqQANFdcFCk8vmpdJaYXvFQ9IWYVwVRdIGYYwVI4JqYYNVA9JaYTvmo9GqYVNUI3wGYGwVM3vCIXwVM9GqUNNos3wCIYwVA9Jmk3wVA4ICITvFI4ICILNFdcJ6k8wV5cGWUSNFRcEqULNopcGWUIvmFbF6IYvFJdJGYVvmpdJqYWNVI9I6oXvmk4ISIXwVxdICIWvmo9J6ISvFJdImIYNVU9I6oVwVM9JGYUvFQ4ICIVvFE4ISoUwVVdIWQIwV5cGGUTNFRbDqUDNF5bDGUNNEU3wGQGwVI3vCk4wVM9IWYYvmo9JmISNVA9JmoVNVE9I6oUwVM4ISoWwVw3vGYXvFI4JmISvFI9IWYTvFI9J6IVvmldIWYUwVVdJCk3NoU9GqYYNVc3wCoUQGR7B6RoN9JcMapaLGF7LWBdQGR7BHFaISopzU0aCaV6CaV9C78kBrFbMn0aC6AoxrFaIWBfNHFbMn0aQGMVE7ofAT06xbFbJqxoNpQRy78oQGQXFSQoyDo8yJ%3D%3D¶m2=MWNaLWxaMat9&p={searchTerms}
SearchScopes: HKU\S-1-5-21-3154787465-929561759-525958776-1000 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxps://ca.search.yahoo.com/yhs/search?hspart=arh&hsimp=yhs-001&type=zxy_7d748b79ad623fcd40¶m1=ArFaIWJoNqArQGMVHFFoNqAqBbFaITMsQGR7xTVoN9I4y7IsQGR7B7JoN9JbDSk8vFE9GqQANFdcFCk8vmpdJaYXvFQ9IWYVwVRdIGYYwVI4JqYYNVA9JaYTvmo9GqYVNUI3wGYGwVM3vCIXwVM9GqUNNos3wCIYwVA9Jmk3wVA4ICITvFI4ICILNFdcJ6k8wV5cGWUSNFRcEqULNopcGWUIvmFbF6IYvFJdJGYVvmpdJqYWNVI9I6oXvmk4ISIXwVxdICIWvmo9J6ISvFJdImIYNVU9I6oVwVM9JGYUvFQ4ICIVvFE4ISoUwVVdIWQIwV5cGGUTNFRbDqUDNF5bDGUNNEU3wGQGwVI3vCk4wVM9IWYYvmo9JmISNVA9JmoVNVE9I6oUwVM4ISoWwVw3vGYXvFI4JmISvFI9IWYTvFI9J6IVvmldIWYUwVVdJCk3NoU9GqYYNVc3wCoUQGR7B6RoN9JcMapaLGF7LWBdQGR7BHFaISopzU0aCaV6CaV9C78kBrFbMn0aC6AoxrFaIWBfNHFbMn0aQGMVE7ofAT06xbFbJqxoNpQRy78oQGQXFSQoyDo8yJ%3D%3D¶m2=MWNaLWxaMat9&p={searchTerms}
SearchScopes: HKU\S-1-5-21-3154787465-929561759-525958776-1000 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxps://ca.search.yahoo.com/yhs/search?hspart=arh&hsimp=yhs-001&type=zxy_7d748b79ad623fcd40¶m1=ArFaIWJoNqArQGMVHFFoNqAqBbFaITMsQGR7xTVoN9I4y7IsQGR7B7JoN9JbDSk8vFE9GqQANFdcFCk8vmpdJaYXvFQ9IWYVwVRdIGYYwVI4JqYYNVA9JaYTvmo9GqYVNUI3wGYGwVM3vCIXwVM9GqUNNos3wCIYwVA9Jmk3wVA4ICITvFI4ICILNFdcJ6k8wV5cGWUSNFRcEqULNopcGWUIvmFbF6IYvFJdJGYVvmpdJqYWNVI9I6oXvmk4ISIXwVxdICIWvmo9J6ISvFJdImIYNVU9I6oVwVM9JGYUvFQ4ICIVvFE4ISoUwVVdIWQIwV5cGGUTNFRbDqUDNF5bDGUNNEU3wGQGwVI3vCk4wVM9IWYYvmo9JmISNVA9JmoVNVE9I6oUwVM4ISoWwVw3vGYXvFI4JmISvFI9IWYTvFI9J6IVvmldIWYUwVVdJCk3NoU9GqYYNVc3wCoUQGR7B6RoN9JcMapaLGF7LWBdQGR7BHFaISopzU0aCaV6CaV9C78kBrFbMn0aC6AoxrFaIWBfNHFbMn0aQGMVE7ofAT06xbFbJqxoNpQRy78oQGQXFSQoyDo8yJ%3D%3D¶m2=MWNaLWxaMat9&p={searchTerms}
SearchScopes: HKU\S-1-5-21-3154787465-929561759-525958776-1000 -> {f79e5d1c-5148-469e-9f98-a11d8d7863f4} URL = hxxps://ca.search.yahoo.com/yhs/search?hspart=iry&hsimp=yhs-fullyhosted_003&type=wbf_cdxfs_17_14¶m1=1¶m2=f%3D4%26b%3DIE%26cc%3Dca%26pa%3Dwincy%26cd%3D2XzuyEtN2Y1L1Qzuzy0C0ByBtD0DtB0E0AtDyB0A0FtC0FzytN0D0Tzu0StCzytBtCtN1L2XzutAtFtBzytFtAtFyDtBtN1L1Czu1ByDtN1L1G1B1V1N2Y1L1Qzu2StA0F0FyCtC0DyByBtGyCyDtDzztGzyyByCtBtGyC0D0ByEtGzzzyzyyDtAzztBzztDyB0E0E2QtN1M1F1B2Z1V1N2Y1L1Qzu2StDzyzytCtD0AzytBtG0FtByD0EtGyEtCyDyCtGzy0ByDyBtGyDtD0FyDtCtDzz0D0EtA0Azz2QtN0A0LzuyE%26cr%3D761988319%26a%3Dwbf_cdxfs_17_14%26os_ver%3D6.1%26os%3DWindows%2B7%2BHome%2BPremium&p={searchTerms}
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2017-06-07] (AVAST Software)
BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2016-04-26] (Google Inc.)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_121\bin\ssv.dll [2017-02-27] (Oracle Corporation)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2017-06-07] (AVAST Software)
BHO-x32: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2016-04-26] (Google Inc.)
BHO-x32: AviraBrowserSafety.BrowserSafety -> {c3c77255-42c0-499f-b664-6e981a0b1647} -> C:\Windows\system32\mscoree.dll [2010-11-20] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_121\bin\jp2ssv.dll [2017-02-27] (Oracle Corporation)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2016-04-26] (Google Inc.)
Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2016-04-26] (Google Inc.)
Toolbar: HKU\S-1-5-21-3154787465-929561759-525958776-1000 -> Pas de nom - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - Pas de fichier
Toolbar: HKU\S-1-5-21-3154787465-929561759-525958776-1000 -> Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2016-04-26] (Google Inc.)
DPF: HKLM-x32 {6A060448-60F9-11D5-A6CD-0002B31F7455}
Handler-x32: abs - {E00957BD-D0E1-4eb9-A025-7743FDC8B27B} - C:\Windows\system32\mscoree.dll [2010-11-20] (Microsoft Corporation)
Handler: livecall - {828030A1-22C1-4009-854F-8E305202313F} - Pas de fichier
Handler: msnim - {828030A1-22C1-4009-854F-8E305202313F} - Pas de fichier
StartMenuInternet: IEXPLORE.EXE - iexplore.exe
FireFox:
========
FF DefaultProfile: p7dszgys.default
FF ProfilePath: C:\Users\Sandie\AppData\Roaming\Mozilla\Firefox\Profiles\p7dszgys.default [2017-06-02]
FF NewTab: Mozilla\Firefox\Profiles\p7dszgys.default -> about:newtab
FF DefaultSearchEngine: Mozilla\Firefox\Profiles\p7dszgys.default -> Yahoo! Powered
FF SelectedSearchEngine: Mozilla\Firefox\Profiles\p7dszgys.default -> Yahoo! Powered
FF Homepage: Mozilla\Firefox\Profiles\p7dszgys.default -> hxxps://ca.search.yahoo.com/yhs/web?hspart=iry&hsimp=yhs-fullyhosted_003&type=wbf_cdxfs_17_14¶m1=1¶m2=f%3D1%26b%3DFirefox%26cc%3Dca%26pa%3Dwincy%26cd%3D2XzuyEtN2Y1L1Qzuzy0C0ByBtD0DtB0E0AtDyB0A0FtC0FzytN0D0Tzu0StCzytBtCtN1L2XzutAtFtBzytFtAtFyDtBtN1L1Czu1ByDtN1L1G1B1V1N2Y1L1Qzu2StA0F0FyCtC0DyByBtGyCyDtDzztGzyyByCtBtGyC0D0ByEtGzzzyzyyDtAzztBzztDyB0E0E2QtN1M1F1B2Z1V1N2Y1L1Qzu2StDzyzytCtD0AzytBtG0FtByD0EtGyEtCyDyCtGzy0ByDyBtGyDtD0FyDtCtDzz0D0EtA0Azz2QtN0A0LzuyE%26cr%3D761988319%26a%3Dwbf_cdxfs_17_14%26os_ver%3D6.1%26os%3DWindows%2B7%2BHome%2BPremium
FF Keyword.URL: Mozilla\Firefox\Profiles\p7dszgys.default -> user_pref("keyword.URL", true);
FF Extension: (Avira Browser Safety) - C:\Users\Sandie\AppData\Roaming\Mozilla\Firefox\Profiles\p7dszgys.default\Extensions\abs@avira.com.xpi [2017-04-05]
FF Extension: (Lightbeam) - C:\Users\Sandie\AppData\Roaming\Mozilla\Firefox\Profiles\p7dszgys.default\Extensions\jid1-F9UJ2thwoAm5gQ@jetpack.xpi [2017-03-26]
FF Extension: (Avast Online Security) - C:\Users\Sandie\AppData\Roaming\Mozilla\Firefox\Profiles\p7dszgys.default\Extensions\wrc@avast.com.xpi [2017-06-07]
FF Extension: (Disable TLS Certificate Transparency) - C:\Users\Sandie\AppData\Roaming\Mozilla\Firefox\Profiles\p7dszgys.default\features\{8c95e5b1-3c39-48fb-bbeb-9bafc38ed79b}\disable-cert-transparency@mozilla.org.xpi [2017-04-18]
FF Extension: (Disable Prefetch) - C:\Users\Sandie\AppData\Roaming\Mozilla\Firefox\Profiles\p7dszgys.default\features\{8c95e5b1-3c39-48fb-bbeb-9bafc38ed79b}\disable-prefetch@mozilla.org.xpi [2017-04-18]
FF SearchPlugin: C:\Users\Sandie\AppData\Roaming\Mozilla\Firefox\Profiles\p7dszgys.default\searchplugins\yahoo! powered.xml [2017-04-05]
FF HKU\S-1-5-21-3154787465-929561759-525958776-1000\...\Firefox\Extensions: [{B64D9B05-48E1-4CEB-BF58-E0643994E900}] - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\ff
FF Extension: (Download videos and MP3s from YouTube) - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\ff [2014-04-12] [non signé]
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_25_0_0_171.dll [2017-05-15] ()
FF Plugin: @microsoft.com/GENUINE -> disabled [Pas de fichier]
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.50906.0\npctrl.dll [2017-03-09] ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_25_0_0_171.dll [2017-05-15] ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw_1202122.dll [2013-04-03] (Adobe Systems, Inc.)
FF Plugin-x32: @java.com/DTPlugin,version=11.121.2 -> C:\Program Files (x86)\Java\jre1.8.0_121\bin\dtplugin\npDeployJava1.dll [2017-02-27] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.121.2 -> C:\Program Files (x86)\Java\jre1.8.0_121\bin\plugin2\npjp2.dll [2017-02-27] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [Pas de fichier]
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.50906.0\npctrl.dll [2017-03-09] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~4\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-03-08] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-03-08] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3555.0308 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-03-08] (Microsoft Corporation)
FF Plugin-x32: @qq.com/npchrome -> C:\Program Files (x86)\Common Files\Tencent\Npchrome\npchrome.dll [2016-01-19] (Tencent)
FF Plugin-x32: @qq.com/npqscall -> C:\Program Files (x86)\Common Files\Tencent\NPQSCALL\npqscall.dll [2016-01-19] (Tencent)
FF Plugin-x32: @qq.com/TXSSO -> C:\Program Files (x86)\Common Files\Tencent\TXSSO\1.2.2.1\Bin\npSSOAxCtrlForPTLogin.dll [2013-04-08] (Tencent)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-04-29] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-04-29] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.0.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2012-03-16] (VideoLAN)
FF Plugin-x32: @Webzen.com/NPBrowserExt -> C:\Program Files (x86)\WEBZEN\BrowserExtension\NPWZCmnCtrl.dll [2012-03-27] (WEBZEN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2017-04-04] (Adobe Systems Inc.)
StartMenuInternet: FIREFOX.EXE - firefox.exe
Chrome:
=======
CHR DefaultProfile: Profile 1
CHR HomePage: Profile 1 -> hxxp://www.google.ca/
CHR StartupUrls: Profile 1 -> "hxxp://www.google.ca/"
CHR Profile: C:\Users\Sandie\AppData\Local\Google\Chrome\User Data\Default [2017-04-17]
CHR Extension: (Protection Web Avira) - C:\Users\Sandie\AppData\Local\Google\Chrome\User Data\Default\Extensions\flliilndjeohchalpbbcdekjklbdgfkk [2015-12-15]
CHR Extension: (Office Online - Copier et coller) - C:\Users\Sandie\AppData\Local\Google\Chrome\User Data\Default\Extensions\ifbmcpbgkhlpfcodhjhdbllhiaomkdej [2015-08-04]
CHR Extension: (Paiements via le Chrome Web Store) - C:\Users\Sandie\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-12-14]
CHR Extension: (Chrome Media Router) - C:\Users\Sandie\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2016-12-14]
CHR Profile: C:\Users\Sandie\AppData\Local\Google\Chrome\User Data\Profile 1 [2017-06-07]
CHR Extension: (Google Slides) - C:\Users\Sandie\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-12-27]
CHR Extension: (Google Docs) - C:\Users\Sandie\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aohghmighlieiainnegkcijnfilokake [2015-12-27]
CHR Extension: (Google Drive) - C:\Users\Sandie\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-12-27]
CHR Extension: (YouTube) - C:\Users\Sandie\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-12-27]
CHR Extension: (Recherche Google) - C:\Users\Sandie\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-12-27]
CHR Extension: (Adobe Acrobat) - C:\Users\Sandie\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2017-05-17]
CHR Extension: (Google Sheets) - C:\Users\Sandie\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-12-27]
CHR Extension: (Protection Web Avira) - C:\Users\Sandie\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\flliilndjeohchalpbbcdekjklbdgfkk [2017-06-07]
CHR Extension: (Google Docs hors connexion) - C:\Users\Sandie\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-03-21]
CHR Extension: (Application Launcher for Drive (by Google)) - C:\Users\Sandie\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh [2017-05-28]
CHR Extension: (Search Manager) - C:\Users\Sandie\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce [2017-06-07]
CHR Extension: (Paiements via le Chrome Web Store) - C:\Users\Sandie\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-03-12]
CHR Extension: (Gmail) - C:\Users\Sandie\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-12-27]
CHR Extension: (Chrome Media Router) - C:\Users\Sandie\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-05-16]
CHR HKLM\...\Chrome\Extension: [elmkjjfkkchohaaoljobaffjeedcoocj] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM\...\Chrome\Extension: [nahhmpbckpgdidfnmfkfgiflpjijilce] - hxxps://clients2.google.com/service/update2/crx
CHR HKU\S-1-5-21-3154787465-929561759-525958776-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [apdfllckaahabafndbhieahigkjlhalf] - C:\Users\Sandie\AppData\Local\Google\Drive\user_default\apdfllckaahabafndbhieahigkjlhalf_live.crx [2017-05-28]
CHR HKU\S-1-5-21-3154787465-929561759-525958776-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - hxxps://clients2.google.com/service/update2/crx
CHR HKU\S-1-5-21-3154787465-929561759-525958776-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [elmkjjfkkchohaaoljobaffjeedcoocj] - hxxps://clients2.google.com/service/update2/crx
CHR HKU\S-1-5-21-3154787465-929561759-525958776-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [fdepacjoijebcfaaenjicnejghibmebp] - <pas de Path/update_url>
CHR HKU\S-1-5-21-3154787465-929561759-525958776-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh] - hxxps://clients2.google.com/service/update2/crx
CHR HKU\S-1-5-21-3154787465-929561759-525958776-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [mmlkabjddkpgkgfhdhpimhcbonapngoh] - C:\Users\Sandie\AppData\Local\CRE\mmlkabjddkpgkgfhdhpimhcbonapngoh.crx <non trouvé(e)>
CHR HKU\S-1-5-21-3154787465-929561759-525958776-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [nahhmpbckpgdidfnmfkfgiflpjijilce] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [elmkjjfkkchohaaoljobaffjeedcoocj] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [fdepacjoijebcfaaenjicnejghibmebp] - <pas de Path/update_url>
CHR HKLM-x32\...\Chrome\Extension: [feffgldcgbgbkgihdccknhbfknichcio] - <pas de Path/update_url>
CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [hdgpdecndphihcinammckiacmcpbaipk] - <pas de Path/update_url>
CHR HKLM-x32\...\Chrome\Extension: [ibclbohbddcmmaaobgjamgbfbchjdfae] - <pas de Path/update_url>
CHR HKLM-x32\...\Chrome\Extension: [mfchmfgdaabgdjbcaophikcobddojjoe] - <pas de Path/update_url>
CHR HKLM-x32\...\Chrome\Extension: [mmlkabjddkpgkgfhdhpimhcbonapngoh] - C:\Users\Sandie\AppData\Local\CRE\mmlkabjddkpgkgfhdhpimhcbonapngoh.crx <non trouvé(e)>
CHR HKLM-x32\...\Chrome\Extension: [nahhmpbckpgdidfnmfkfgiflpjijilce] - hxxps://clients2.google.com/service/update2/crx
==================== Services (Avec liste blanche) ====================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
S4 AntiVirMailService; C:\Program Files (x86)\Avira\Antivirus\avmailc7.exe [1119712 2017-05-05] (Avira Operations GmbH & Co. KG)
S4 AntiVirSchedulerService; C:\Program Files (x86)\Avira\Antivirus\sched.exe [488920 2017-05-05] (Avira Operations GmbH & Co. KG)
S4 AntiVirService; C:\Program Files (x86)\Avira\Antivirus\avguard.exe [488920 2017-05-05] (Avira Operations GmbH & Co. KG)
S4 AntiVirWebService; C:\Program Files (x86)\Avira\Antivirus\avwebg7.exe [1520680 2017-05-05] (Avira Operations GmbH & Co. KG)
R3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe [7346208 2017-06-07] (AVAST Software s.r.o.)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [263304 2017-06-07] (AVAST Software)
R2 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [1465352 2017-04-16] ()
R2 c2wts; C:\Program Files\Windows Identity Foundation\v3.5\c2wtshost.exe [15768 2010-02-02] (Microsoft Corporation)
S2 dbupdate; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2017-05-28] (Dropbox, Inc.)
S3 dbupdatem; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2017-05-28] (Dropbox, Inc.)
R2 DbxSvc; C:\Windows\system32\DbxSvc.exe [48944 2017-05-30] (Dropbox, Inc.)
S4 DigitalWave.Update.Service; C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\app_updater.exe [440808 2017-05-26] (Digital Wave Ltd.)
R2 fussvc; C:\Program Files (x86)\Windows Kits\8.1\App Certification Kit\fussvc.exe [142336 2013-08-22] (Microsoft Corporation) [Fichier non signé]
R2 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-04] (Macrovision Corporation) [Fichier non signé]
R2 MSSQL$SQLEXPRESS; c:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\sqlservr.exe [69964448 2015-04-03] (Microsoft Corporation)
S3 MySQLRouter; C:\Program Files\MySQL\MySQL Router 2.1\bin\mysqlrouter.exe [326144 2017-04-06] () [Fichier non signé]
S2 npggsvc; C:\Windows\SysWOW64\GameMon.des [4362656 2016-02-24] (INCA Internet Co., Ltd.) [Fichier non signé]
S4 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2119688 2017-05-27] (Electronic Arts)
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76888 2015-05-07] ()
S4 SpeedupService; C:\Program Files (x86)\Avira\AviraSpeedup\Avira.SystemSpeedup.SpeedupService.exe [74800 2017-04-07] (Avira Operations GmbH & Co. KG)
S2 SQLAgent$SQLEXPRESS; c:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\SQLAGENT.EXE [441512 2015-04-03] (Microsoft Corporation)
R2 ss_conn_service; C:\Program Files (x86)\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe [752224 2017-01-16] (DEVGURU Co., LTD.)
R2 Te.Service; C:\Program Files (x86)\Windows Kits\8.1\Testing\Runtimes\TAEF\Wex.Services.exe [119808 2013-08-22] (Microsoft Corporation) [Fichier non signé]
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [10888944 2017-04-25] (TeamViewer GmbH)
S2 VsEtwService120; C:\Program Files\Microsoft Visual Studio 12.0\Common7\Packages\Debugger\Services\VsEtwService.exe [87728 2013-10-05] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
R2 xsherlock; C:\Windows\SysWOW64\xsherlock.xem [666720 2012-09-23] (Wellbia.com Co., Ltd.) [Fichier non signé]
S2 ACDaemon; C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe [X]
===================== Pilotes (Avec liste blanche) ======================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
S3 1394hub; C:\Windows\System32\svchost.exe [27136 2009-07-13] (Microsoft Corporation)
S3 1394hub; C:\Windows\SysWOW64\svchost.exe [20992 2009-07-13] (Microsoft Corporation)
R1 aswbidsdriver; C:\Windows\system32\drivers\aswbidsdrivera.sys [311808 2017-06-07] (AVAST Software s.r.o.)
R0 aswbidsh; C:\Windows\system32\drivers\aswbidsha.sys [190256 2017-06-07] (AVAST Software s.r.o.)
R0 aswblog; C:\Windows\system32\drivers\aswbloga.sys [334576 2017-06-07] (AVAST Software s.r.o.)
R0 aswbuniv; C:\Windows\system32\drivers\aswbuniva.sys [49016 2017-06-07] (AVAST Software s.r.o.)
S3 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [38296 2017-06-07] (AVAST Software)
R1 aswKbd; C:\Windows\system32\drivers\aswKbd.sys [32600 2017-06-07] (AVAST Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [128648 2017-06-07] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [101152 2017-06-07] (AVAST Software)
R0 aswRvrt; C:\Windows\system32\drivers\aswRvrt.sys [75704 2017-06-07] (AVAST Software)
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1007160 2017-06-07] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [569192 2017-06-07] (AVAST Software)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [158880 2017-06-07] (AVAST Software)
R0 aswVmm; C:\Windows\system32\drivers\aswVmm.sys [339696 2017-06-07] (AVAST Software)
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [176968 2017-03-28] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [148104 2017-03-28] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [35328 2017-03-28] (Avira Operations GmbH & Co. KG)
R2 avnetflt; C:\Windows\System32\DRIVERS\avnetflt.sys [78600 2017-03-28] (Avira Operations GmbH & Co. KG)
S3 dg_ssudbus; C:\Windows\System32\DRIVERS\ssudbus.sys [131984 2017-05-18] (Samsung Electronics Co., Ltd.)
S3 hitmanpro37; C:\Windows\system32\drivers\hitmanpro37.sys [32512 2014-06-03] ()
R1 HWiNFO32; C:\Windows\system32\drivers\HWiNFO64A.SYS [27552 2015-05-16] (REALiX(tm))
S3 Netaapl; C:\Windows\System32\DRIVERS\netaapl64.sys [23040 2013-07-25] (Apple Inc.) [Fichier non signé]
S4 secdrv; C:\Windows\SysWow64\Drivers\secdrv.sys [163644 2017-05-18] (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.) [Fichier non signé]
S3 ssudmdm; C:\Windows\System32\DRIVERS\ssudmdm.sys [166288 2017-05-18] (Samsung Electronics Co., Ltd.)
S3 USBAAPL64; C:\Windows\System32\Drivers\usbaapl64.sys [54784 2014-08-16] (Apple, Inc.) [Fichier non signé]
S3 wdm_usb; C:\Windows\System32\DRIVERS\usb2ser.sys [159936 2016-08-16] (MBB)
S3 cpuz134; \??\C:\Users\Sandie\AppData\Local\Temp\cpuz134\cpuz134_x64.sys [X] <==== ATTENTION
S3 EagleX64; \??\C:\Windows\system32\drivers\EagleX64.sys [X]
S3 MBAMSwissArmy; \??\C:\Windows\system32\drivers\MBAMSwissArmy.sys [X]
S3 NAVENG; \??\C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.0.0.128\Definitions\VirusDefs\20120628.004\ENG64.SYS [X]
S3 NAVEX15; \??\C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.0.0.128\Definitions\VirusDefs\20120628.004\EX64.SYS [X]
S2 X5XSEx; \??\C:\Program Files (x86)\Free Ride Games\X5XSEx.Sys [X]
S3 xhunter1; \??\C:\Windows\xhunter1.sys [X]
==================== NetSvcs (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)