cjoint

Publicité


Publicité

Format du document : text/plain

Prévisualisation

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:13-07-2015
Ran by sophie (administrator) on FOURNIEZS on 15-07-2015 12:44:06
Running from C:\Users\sophie\Desktop
Loaded Profiles: sophie (Available Profiles: sophie)
Platform: Windows 8.1 (X64) OS Language: Français (France)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Qualcomm Atheros Commnucations) C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\AdminService.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(Intel(R) Corporation) C:\Program Files\Intel Corporation\Intel(R) Technology Access\IntelTechnologyAccessService.exe
(Acer Incorporate) C:\Program Files\Packard Bell\Packard Bell Launch Manager\LMSvc.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\NisSrv.exe
(Microsoft Corporation) C:\Windows\System32\SkyDrive.exe
(Acer Incorporate) C:\Program Files\Packard Bell\Packard Bell Launch Manager\LMEvent.exe
(Acer Incorporate) C:\Program Files\Packard Bell\Packard Bell Launch Manager\LMTray.exe
(Qualcomm Atheros Commnucations) C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\BtvStack.exe
() C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\ActivateDesktop.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesCommonX86\Microsoft Shared\OFFICE15\csisyncclient.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDTouch.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe
(Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Acer Incorporated) C:\Program Files\Packard Bell\Packard Bell Power Management\ePowerTray.exe
(Acer Incorporated) C:\Program Files\Packard Bell\Packard Bell Power Management\ePowerSvc.exe
(Acer Incorporated) C:\Program Files\Packard Bell\Packard Bell Power Management\ePowerEvent.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(WildTangent) C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe
(Nero AG) C:\Program Files (x86)\Nero\Update\NASvc.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13427784 2013-03-18] (Realtek Semiconductor)
HKLM\...\Run: [ETDCtrl] => C:\Program Files\Elantech\ETDCtrl.exe [2890056 2013-05-22] (ELAN Microelectronics Corp.)
HKLM\...\Run: [CanonSolutionMenu] => C:\Program Files (x86)\Canon\SolutionMenu\CNSLMAIN.exe [767312 2009-09-04] (CANON INC.)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [642656 2013-03-13] (Advanced Micro Devices, Inc.)
HKLM\...\Policies\Explorer\Run: [BtvStack] => C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\BtvStack.exe [132736 2013-04-15] (Qualcomm Atheros Commnucations)
HKU\S-1-5-21-3706686698-4042228667-722850055-1001\...\Run: [Facebook Update] => C:\Users\sophie\AppData\Local\Facebook\Update\FacebookUpdate.exe [138096 2014-04-29] (Facebook Inc.)
HKU\S-1-5-21-3706686698-4042228667-722850055-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [8358680 2015-06-01] (Piriform Ltd)
HKU\S-1-5-21-3706686698-4042228667-722850055-1001\...\MountPoints2: {463decbc-d354-11e3-be78-6002b449c0ab} - "E:\Startme.exe"
HKU\S-1-5-21-3706686698-4042228667-722850055-1001\...\MountPoints2: {4e624f0a-1238-11e4-be84-6002b449c0ab} - "E:\iLinker.exe"
HKU\S-1-5-21-3706686698-4042228667-722850055-1001\...\MountPoints2: {511e54e2-52c9-11e4-be92-6002b449c0ab} - "E:\LGAutoRun.exe"
HKU\S-1-5-21-3706686698-4042228667-722850055-1001\...\MountPoints2: {b3cb0152-02d4-11e4-be81-6002b449c0ab} - "E:\Startme.exe"
HKU\S-1-5-21-3706686698-4042228667-722850055-1001\...\MountPoints2: {b579f2f0-63eb-11e4-be97-6002b449c0ab} - "E:\DPFMate.exe"
ShellIconOverlayIdentifiers: [ SkyDrive1] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => No File
ShellIconOverlayIdentifiers: [ SkyDrive2] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => No File
ShellIconOverlayIdentifiers: [ SkyDrive3] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => No File
ShellIconOverlayIdentifiers-x32: [ SkyDrive1] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => No File
ShellIconOverlayIdentifiers-x32: [ SkyDrive2] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => No File
ShellIconOverlayIdentifiers-x32: [ SkyDrive3] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => No File
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com/?pc=MSE1
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page =
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL =
SearchScopes: HKLM -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = http://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-3706686698-4042228667-722850055-1001 -> {BB1D9B70-F0A0-47EE-9910-1DABA71A21CC} URL =
Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL [2015-02-03] (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.254
Tcpip\..\Interfaces\{37948A21-983B-473A-9423-1C1CB24F6F5B}: [DhcpNameServer] 192.168.1.254
Tcpip\..\Interfaces\{9B45F7E2-969E-4393-8787-3751111D62E2}: [DhcpNameServer] 127.0.0.1

FireFox:
========
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL [2014-10-29] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-05-22] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-05-22] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.1.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\3\NP_wtapp.dll [2015-01-18] ()
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2015-05-01] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-3706686698-4042228667-722850055-1001: @Skype Limited.com/Facebook Video Calling Plugin -> C:\Users\sophie\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll [2014-07-24] (Skype Limited)

Chrome:
=======
CHR Profile: C:\Users\sophie\AppData\Local\Google\Chrome\User Data\Default
CHR Profile: C:\Users\sophie\AppData\Local\Google\Chrome\User Data\Profile 1
CHR Extension: (YouTube) - C:\Users\sophie\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-02-27]
CHR Extension: (Google Search) - C:\Users\sophie\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-02-27]
CHR Extension: (Client for Analytics) - C:\Users\sophie\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\eambnehgniboinbhhcncaggoedccddnp [2015-06-27]
CHR Extension: (Chrome Hotword Shared Module) - C:\Users\sophie\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-03-08]
CHR Extension: (Google Wallet) - C:\Users\sophie\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-02-27]
CHR Extension: (WhiTeCCouppON) - C:\Users\sophie\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ocnlolkcmgngnnenpdknikgeokmibkim [2015-06-27]
CHR Extension: (Gmail) - C:\Users\sophie\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-02-27]
CHR Profile: C:\Users\sophie\AppData\Local\Google\Chrome\User Data\Profile 2
CHR Extension: (Google Slides) - C:\Users\sophie\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-06-28]
CHR Extension: (Google Docs) - C:\Users\sophie\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\aohghmighlieiainnegkcijnfilokake [2015-06-28]
CHR Extension: (Google Drive) - C:\Users\sophie\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-06-28]
CHR Extension: (YouTube) - C:\Users\sophie\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-06-28]
CHR Extension: (Google Search) - C:\Users\sophie\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-06-28]
CHR Extension: (Google Sheets) - C:\Users\sophie\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-06-28]
CHR Extension: (Chrome Hotword Shared Module) - C:\Users\sophie\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-07-14]
CHR Extension: (Google Wallet) - C:\Users\sophie\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-07-09]
CHR Extension: (Gmail) - C:\Users\sophie\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-06-28]
CHR HKLM-x32\...\Chrome\Extension: [bejnhdlplbjhffionohbdnpcbobfejcc] - C:\Program Files (x86)\Norton Internet Security\Engine\20.5.0.28\Exts\Chrome.crx [Not Found]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AtherosSvc; C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\adminservice.exe [228480 2013-04-15] (Qualcomm Atheros Commnucations) [File not signed]
S3 BthHFSrv; C:\Windows\System32\BthHFSrv.dll [324608 2014-10-29] (Microsoft Corporation)
R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [2739888 2015-05-19] (Microsoft Corporation)
S3 DeviceFastLaneService; C:\Program Files\Packard Bell\Packard Bell Device Fast-lane\DeviceFastLaneSvc.exe [470088 2013-03-12] (Acer Incorporated)
R3 ePowerSvc; C:\Program Files\Packard Bell\Packard Bell Power Management\ePowerSvc.exe [662088 2013-03-15] (Acer Incorporated)
R2 GamesAppIntegrationService; C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe [347200 2015-01-18] (WildTangent)
R2 Intel(R) TechnologyAccessService; C:\Program Files\Intel Corporation\Intel(R) Technology Access\IntelTechnologyAccessService.exe [93408 2015-03-17] (Intel(R) Corporation)
S3 iumsvc; C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe [174368 2014-06-09] ()
R2 LMSvc; C:\Program Files\Packard Bell\Packard Bell Launch Manager\LMSvc.exe [457768 2013-08-03] (Acer Incorporate)
R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [366520 2015-02-04] (Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23792 2015-02-04] (Microsoft Corporation)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 AtiHDAudioService; C:\Windows\system32\drivers\AtihdW86.sys [94208 2013-02-14] (Advanced Micro Devices)
S3 BTATH_LWFLT; C:\Windows\system32\DRIVERS\btath_lwflt.sys [77464 2013-04-15] (Qualcomm Atheros)
S3 BthLEEnum; C:\Windows\system32\DRIVERS\BthLEEnum.sys [226304 2014-03-18] (Microsoft Corporation)
R3 LMDriver; C:\Windows\System32\drivers\LMDriver.sys [21360 2013-07-17] (Acer Incorporated)
S3 MBAMSwissArmy; C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [119512 2014-04-27] (Malwarebytes Corporation)
R1 ndisrd; C:\Windows\system32\DRIVERS\ndisrfl.sys [41688 2014-10-30] (Intel Corporation)
R3 NetTap630; C:\Windows\system32\DRIVERS\nettap630.sys [67800 2014-10-30] (Intel Corporation)
R3 RadioShim; C:\Windows\System32\drivers\RadioShim.sys [14680 2013-07-17] (Acer Incorporated)
R3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114496 2015-02-04] (Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-07-15 12:44 - 2015-07-15 12:44 - 00015084 _____ C:\Users\sophie\Desktop\FRST.txt
2015-07-15 12:43 - 2015-07-15 12:44 - 00000000 ____D C:\FRST
2015-07-15 12:40 - 2015-07-15 12:40 - 02133504 _____ (Farbar) C:\Users\sophie\Desktop\FRST64.exe
2015-07-15 11:50 - 2015-07-15 11:50 - 02248704 _____ C:\Users\sophie\Downloads\AdwCleaner-4.208.exe
2015-07-15 11:38 - 2015-06-16 07:36 - 01661576 _____ (Microsoft Corporation) C:\WINDOWS\system32\ole32.dll
2015-07-15 11:38 - 2015-06-16 07:36 - 01212248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ole32.dll
2015-07-15 11:38 - 2015-06-11 05:49 - 01380600 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32.dll
2015-07-15 11:38 - 2015-06-10 18:13 - 01097216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32.dll
2015-07-15 10:36 - 2015-05-07 18:47 - 00564224 _____ (Microsoft Corporation) C:\WINDOWS\system32\apphelp.dll
2015-07-15 10:21 - 2015-07-15 11:55 - 00000385 _____ C:\WINDOWS\setupact.log
2015-07-15 10:21 - 2015-07-15 10:21 - 00000000 _____ C:\WINDOWS\setuperr.log
2015-07-14 16:57 - 2015-07-15 12:24 - 00831066 _____ C:\WINDOWS\WindowsUpdate.log
2015-07-14 15:36 - 2015-07-14 15:36 - 00000017 _____ C:\Users\sophie\AppData\Local\resmon.resmoncfg
2015-07-13 21:37 - 2015-07-13 21:37 - 00000000 ____D C:\Users\sophie\Tracing
2015-07-13 21:34 - 2015-07-15 11:28 - 00000000 ____D C:\ProgramData\Skype
2015-07-13 21:34 - 2015-07-15 10:59 - 00000000 ____D C:\Users\sophie\AppData\Roaming\Skype
2015-07-13 21:34 - 2015-07-13 21:34 - 00000000 ____D C:\Users\sophie\AppData\Local\Skype
2015-07-13 21:30 - 2015-07-13 21:30 - 01384576 _____ (Skype Technologies S.A.) C:\Users\sophie\Downloads\SkypeSetup.exe
2015-07-13 21:25 - 2015-07-13 21:26 - 00000000 ____D C:\Users\sophie\Desktop\Bellewarde
2015-07-13 21:23 - 2015-07-13 21:24 - 00000000 ____D C:\Users\sophie\Desktop\tablette
2015-07-11 11:48 - 2015-07-15 11:54 - 00000000 ____D C:\AdwCleaner
2015-07-11 11:41 - 2015-07-11 11:42 - 00002224 _____ C:\Users\sophie\Desktop\chrome.lnk
2015-07-09 19:57 - 2015-07-09 19:57 - 00000290 __RSH C:\ProgramData\ntuser.pol
2015-06-28 15:43 - 2015-07-15 11:55 - 00001084 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2015-06-28 15:43 - 2015-07-15 11:48 - 00001088 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2015-06-28 15:43 - 2015-06-28 15:43 - 00004060 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2015-06-28 15:43 - 2015-06-28 15:43 - 00003824 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
2015-06-28 15:26 - 2015-07-11 11:37 - 00000004 _____ C:\WINDOWS\SysWOW64\029B560A371F4E00AB32838EBC01B9E7
2015-06-27 13:45 - 2015-07-15 10:10 - 00000024 _____ C:\Users\sophie\AppData\Roaming\appdataFr25.bin
2015-06-27 10:06 - 2015-06-27 10:06 - 00000000 ____D C:\Program Files (x86)\Client for Analytics
2015-06-27 10:05 - 2015-06-27 10:06 - 00000000 ____D C:\ProgramData\10032006255046924921
2015-06-19 16:10 - 2015-06-19 16:15 - 94095225 _____ C:\Users\sophie\Downloads\Bonne nuit les petits 1ère COMPILATION 30min 10 épisodes.mp4
2015-06-16 09:35 - 2015-06-16 10:06 - 734319526 _____ C:\Users\sophie\Downloads\Bis.2015.FRENCH.DVDrip.XviD.avi
2015-06-15 13:00 - 2015-06-15 18:24 - 1099047357 _____ C:\Users\sophie\Downloads\Jurassic.World.TRUEFRENCH.TS.MD.XviD-ETERNITY.zone-telechargement.com.avi

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-07-15 12:40 - 2014-04-19 22:15 - 01986048 ___SH C:\Users\sophie\Downloads\Thumbs.db
2015-07-15 12:15 - 2014-10-29 15:54 - 00005078 _____ C:\WINDOWS\System32\Tasks\Microsoft Office 15 Sync Maintenance for FOURNIEZS-sophie fourniezs
2015-07-15 12:09 - 2014-04-18 19:15 - 00003598 _____ C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-3706686698-4042228667-722850055-1001
2015-07-15 12:00 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\system32\sru
2015-07-15 11:55 - 2014-04-23 15:54 - 00000000 __RDO C:\Users\sophie\OneDrive
2015-07-15 11:55 - 2013-08-22 16:45 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2015-07-15 11:41 - 2014-04-23 15:27 - 00000000 ____D C:\Users\sophie
2015-07-15 11:41 - 2012-07-26 09:59 - 00000000 ____D C:\WINDOWS\CbsTemp
2015-07-15 11:28 - 2014-04-27 15:10 - 00302080 ___SH C:\Users\sophie\Desktop\Thumbs.db
2015-07-15 10:35 - 2014-03-18 12:02 - 01824010 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2015-07-15 10:35 - 2014-03-18 11:26 - 00812350 _____ C:\WINDOWS\system32\perfh00C.dat
2015-07-15 10:35 - 2014-03-18 11:26 - 00159412 _____ C:\WINDOWS\system32\perfc00C.dat
2015-07-15 10:33 - 2014-04-23 15:52 - 00000000 ____D C:\Users\sophie\Documents\Bluetooth Folder
2015-07-15 10:30 - 2013-12-09 21:30 - 00000000 ____D C:\Program Files (x86)\Qualcomm Atheros
2015-07-15 10:21 - 2013-08-22 15:25 - 00262144 ___SH C:\WINDOWS\system32\config\BBI
2015-07-15 10:12 - 2014-04-23 15:56 - 00003944 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{E4B7D85C-885B-488E-8D48-5703FAC4A242}
2015-07-14 14:43 - 2014-04-29 17:38 - 00000952 _____ C:\WINDOWS\Tasks\FacebookUpdateTaskUserS-1-5-21-3706686698-4042228667-722850055-1001UA.job
2015-07-14 13:29 - 2014-12-30 10:41 - 00003886 _____ C:\WINDOWS\System32\Tasks\Adobe Acrobat Update Task
2015-07-11 15:07 - 2015-03-03 19:28 - 00000000 ____D C:\Users\sophie\Desktop\blacko
2015-07-11 15:00 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\system32\NDF
2015-07-11 12:07 - 2014-04-23 19:55 - 00000000 ____D C:\Program Files\CCleaner
2015-07-11 12:07 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\AppReadiness
2015-07-11 12:05 - 2014-04-23 19:55 - 00000846 _____ C:\Users\Public\Desktop\CCleaner.lnk
2015-07-11 12:05 - 2014-04-23 19:55 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2015-07-11 11:53 - 2014-04-23 19:57 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Soft-Now bundle
2015-07-11 11:53 - 2014-04-23 15:49 - 00001029 _____ C:\Users\sophie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2015-07-11 11:46 - 2013-12-09 21:23 - 00000000 ____D C:\Program Files (x86)\AMD AVT
2015-07-09 20:01 - 2013-08-22 15:25 - 00000194 _____ C:\WINDOWS\win.ini
2015-07-09 19:52 - 2014-04-27 12:47 - 00000000 ____D C:\Users\sophie\AppData\Local\Google
2015-07-06 23:24 - 2014-11-14 10:49 - 00792568 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2015-07-06 23:24 - 2014-11-14 10:49 - 00178168 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2015-07-05 12:08 - 2014-06-26 19:23 - 00300704 ____N (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe
2015-07-02 17:43 - 2014-04-29 17:38 - 00000930 _____ C:\WINDOWS\Tasks\FacebookUpdateTaskUserS-1-5-21-3706686698-4042228667-722850055-1001Core.job
2015-06-28 16:49 - 2014-05-17 17:20 - 00000000 ____D C:\Users\sophie\AppData\Local\CrashDumps
2015-06-28 16:24 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\system32\GroupPolicy
2015-06-28 14:38 - 2014-05-19 17:45 - 00000000 ____D C:\Users\sophie\AppData\Roaming\vlc
2015-06-24 10:21 - 2014-10-29 15:04 - 00000000 ____D C:\Program Files\Microsoft Office 15
2015-06-24 10:17 - 2014-04-18 19:07 - 00000000 ____D C:\Users\sophie\AppData\Local\Packages
2015-06-20 15:17 - 2015-03-25 20:36 - 00000000 ____D C:\Users\sophie\Desktop\aurelie
2015-06-17 19:40 - 2015-04-16 08:08 - 00000000 ____D C:\WINDOWS\system32\appraiser
2015-06-17 19:40 - 2015-03-23 20:48 - 00000000 ___SD C:\WINDOWS\system32\CompatTel
2015-06-17 19:40 - 2013-08-22 17:36 - 00000000 ___RD C:\WINDOWS\ToastData
2015-06-16 18:33 - 2014-05-07 07:05 - 00000000 ____D C:\Users\sophie\Desktop\100LGDSC
2015-06-15 15:20 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\rescache

==================== Files in the root of some directories =======

2015-06-27 13:45 - 2015-07-15 10:10 - 0000024 _____ () C:\Users\sophie\AppData\Roaming\appdataFr25.bin
2015-07-14 15:36 - 2015-07-14 15:36 - 0000017 _____ () C:\Users\sophie\AppData\Local\resmon.resmoncfg

Some files in TEMP:
====================
C:\Users\sophie\AppData\Local\Temp\Quarantine.exe
C:\Users\sophie\AppData\Local\Temp\sqlite3.dll


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2015-07-11 12:34

==================== End of log ============================

Publicité


Signaler le contenu de ce document

Publicité