cjoint

Publicité


Publicité

Format du document : text/plain

Prévisualisation

Résultats d'analyse de Farbar Recovery Scan Tool (FRST) (x64) Version:27-09-2015
Exécuté par Bénédicte (administrateur) sur BÉNÉDICTE-PC (27-09-2015 16:58:32)
Exécuté depuis C:\Users\Bénédicte\Downloads
Profils chargés: Bénédicte (Profils disponibles: Bénédicte)
Platform: Windows 7 Home Premium Service Pack 1 (X64) Langue: Français (France)
Internet Explorer Version 11 (Navigateur par défaut: IE)
Mode d'amorçage: Normal
Tutoriel pour Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processus (Avec liste blanche) =================

(Si un élément est inclus dans le fichier fixlist.txt, le processus sera arrêté. Le fichier ne sera pas déplacé.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Elex do Brasil Participações Ltda) C:\Program Files (x86)\Elex-tech\YAC\iSafeSvc.exe
(Elex do Brasil Participações Ltda) C:\Program Files (x86)\Elex-tech\YAC\iSafeSvc2.exe
(IDT, Inc.) C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_d15ed671de43d681\stacsv64.exe
(Hewlett-Packard) C:\Windows\System32\hpservice.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Emsisoft Ltd) C:\Program Files (x86)\Emsisoft Anti-Malware\a2service.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Andrea Electronics Corporation) C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_d15ed671de43d681\AESTSr64.exe
(Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
(Protexis Inc.) C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
() C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
(Elex do Brasil Participações Ltda) C:\Program Files (x86)\Elex-tech\YAC\iSafeTray.exe
(CyberLink) C:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMLSvc.exe
(CyberLink Corp.) C:\Program Files (x86)\Hewlett-Packard\Media\Live TV\TVAgent.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\sttray64.exe
() C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe
(Microsoft Corporation) C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe
() C:\Program Files (x86)\Corel\Corel Paint Shop Pro Photo X2\CorelIOMonitor.exe
(Apple Computer, Inc.) C:\Program Files (x86)\QuickTime\qttask.exe
( Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\QLBCtrl.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Hewlett-Packard) C:\Program Files (x86)\Hp\HP Software Update\hpwuschd2.exe
(Hewlett-Packard) C:\Program Files (x86)\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe
() C:\Program Files (x86)\Hewlett-Packard\Shared\HpqToaster.exe
(Hewlett-Packard Development Company L.P.) C:\Program Files (x86)\Hewlett-Packard\Shared\hpCaslNotification.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MpCmdRun.exe


==================== Registre (Avec liste blanche) ===========================

(Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé. Le fichier ne sera pas déplacé.)

HKLM\...\Run: [NvCplDaemon] => RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [1814312 2009-08-15] (Synaptics Incorporated)
HKLM\...\Run: [SysTrayApp] => C:\Program Files\IDT\WDM\sttray64.exe [487424 2009-10-21] (IDT, Inc.)
HKLM\...\Run: [SmartMenu] => C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe [610872 2009-08-25] ()
HKLM-x32\...\Run: [Corel File Shell Monitor] => C:\Program Files (x86)\Corel\Corel Paint Shop Pro Photo X2\CorelIOMonitor.exe [15544 2009-08-25] ()
HKLM-x32\...\Run: [HPCam_Menu] => c:\Program Files (x86)\Hewlett-Packard\Media\Webcam\MUITransfer\MUIStartMenu.exe [222504 2009-05-19] (CyberLink Corp.)
HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\qttask.exe [282624 2006-09-01] (Apple Computer, Inc.)
HKLM-x32\...\Run: [QlbCtrl.exe] => C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe [322104 2009-08-20] ( Hewlett-Packard Development Company, L.P.)
HKLM-x32\...\Run: [NortonOnlineBackupReminder] => C:\Program Files (x86)\Symantec\Norton Online Backup\Activation\NobuActivation.exe [600936 2009-06-29] (Symantec Corporation)
HKLM-x32\...\Run: [Easybits Recovery] => C:\Program Files (x86)\EasyBits For Kids\ezRecover.exe [60464 2009-09-02] (EasyBits Software AS)
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [54576 2008-12-08] (Hewlett-Packard)
HKLM-x32\...\Run: [WirelessAssistant] => C:\Program Files (x86)\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe [498744 2009-07-23] (Hewlett-Packard)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [6134544 2015-09-26] (AVAST Software)
HKLM-x32\...\Run: [emsisoft anti-malware] => C:\Program Files (x86)\Emsisoft Anti-Malware\a2guard.exe [4939800 2015-08-20] (Emsisoft Ltd)
Winlogon\Notify\SDWinLogon-x32: SDWinLogon.dll [X]
HKU\S-1-5-21-2130185542-2309449849-2320462487-1000\...\Run: [LightScribe Control Panel] => C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe [2363392 2009-08-20] (Hewlett-Packard Company)
HKU\S-1-5-21-2130185542-2309449849-2320462487-1000\...\Run: [msnmsgr] => C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe [3883856 2009-07-26] (Microsoft Corporation)
HKU\S-1-5-21-2130185542-2309449849-2320462487-1000\...\Run: [SpybotPostWindows10UpgradeReInstall] => C:\Program Files\Common Files\AV\Spybot - Search and Destroy\Test.exe [1011200 2015-07-28] (Safer-Networking Ltd.)
HKU\S-1-5-21-2130185542-2309449849-2320462487-1000\...\Policies\system: [DisableLockWorkstation] 0
HKU\S-1-5-21-2130185542-2309449849-2320462487-1000\...\Policies\system: [DisableChangePassword] 0
HKU\S-1-5-21-2130185542-2309449849-2320462487-1000\...\MountPoints2: {9833c668-d6bb-11e3-a57e-ff5eb46accec} - G:\iStudio.exe
ShellExecuteHooks-x32: EasyBits ShellExecute Hook - {E54729E8-BB3D-4270-9D49-7389EA579090} - C:\Windows\SysWOW64\ezUPBHook.dll [52272 2010-01-09] (EasyBits Software Corp.)
ShellIconOverlayIdentifiers: [.QMDeskTopGCIcon] -> {B7667919-3765-4815-A66D-98A09BE662D6} => C:\Program Files (x86)\Tencent\QQPCMgr\10.7.16066.216\QMGCShellExt64.dll Pas de fichier
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2015-09-26] (AVAST Software)
BootExecute: autocheck autochk * sdnclean64.exe
GroupPolicy: Restriction - Chrome <======= ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Restriction <======= ATTENTION

==================== Internet (Avec liste blanche) ====================

(Si un élément est inclus dans le fichier fixlist.txt, s'il s'agit d'un élément du Registre, il sera supprimé ou restauré à la valeur par défaut.)

Hosts: Il y a plus d'un élément dans hosts. Voir la section Hosts de Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{881D0646-CDBD-4F7C-8D6A-D52C10F51B18}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{E61AA1DE-C129-4DA3-82D1-7AA6E55D918E}: [DhcpNameServer] 192.168.1.1

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.hao123.com/?tn=91072394_hao_pg
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com
HKU\S-1-5-21-2130185542-2309449849-2320462487-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.hao123.com/?tn=91072394_hao_pg
HKU\S-1-5-21-2130185542-2309449849-2320462487-1000\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxp://g.msn.fr/0SEFRFR/SAOS02
SearchScopes: HKLM -> {DBAEF266-3CF8-492B-B088-3D804F601641} URL = hxxp://www.bing.com/search?q={searchTerms}&form=HPNTDF&pc=HPNTDF&src=IE-SearchBox
SearchScopes: HKLM-x32 -> {DBAEF266-3CF8-492B-B088-3D804F601641} URL = hxxp://www.bing.com/search?q={searchTerms}&form=HPNTDF&pc=HPNTDF&src=IE-SearchBox
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\.DEFAULT -> {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-2130185542-2309449849-2320462487-1000 -> DefaultScope {A9FC8CC8-0B21-4274-9CB9-62864821D753} URL = hxxps://www.google.com/search?q={searchTerms}
SearchScopes: HKU\S-1-5-21-2130185542-2309449849-2320462487-1000 -> {A9FC8CC8-0B21-4274-9CB9-62864821D753} URL = hxxps://www.google.com/search?q={searchTerms}
SearchScopes: HKU\S-1-5-21-2130185542-2309449849-2320462487-1000 -> {F69449F9-0606-4B42-8988-CCC243B670D7} URL = hxxps://www.google.com/search?q={searchTerms}
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2015-09-26] (AVAST Software)
BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2015-09-27] (Google Inc.)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre6\bin\jp2ssv.dll Pas de fichier
BHO-x32: Pas de nom -> {5C255C8A-E604-49b4-9D64-90988571CECB} -> Pas de fichier
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2015-09-26] (AVAST Software)
BHO-x32: Programme d'aide de l'Assistant de connexion Windows Live -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-01-22] (Microsoft Corporation)
BHO-x32: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2015-09-27] (Google Inc.)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2015-09-27] (Google Inc.)
Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2015-09-27] (Google Inc.)
Toolbar: HKU\S-1-5-21-2130185542-2309449849-2320462487-1000 -> Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2015-09-27] (Google Inc.)
Toolbar: HKU\S-1-5-21-2130185542-2309449849-2320462487-1000 -> Pas de nom - {A13C2648-91D4-4BF3-BC6D-0079707C4389} - Pas de fichier
DPF: HKLM-x32 {BFF1950D-B1B4-4AE8-B842-B2CCF06D9A1B} hxxp://game.zylom.com/activex/zylomgamesplayer.cab
Handler-x32: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.14.0.8089.0726.dll [2009-07-26] (Microsoft Corporation)
Handler-x32: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.14.0.8089.0726.dll [2009-07-26] (Microsoft Corporation)

FireFox:
========
FF ProfilePath: C:\Users\Bénédicte\AppData\Roaming\Mozilla\Firefox\Profiles\sk7b9ugq.default-1443273009014
FF Plugin: @microsoft.com/GENUINE -> disabled [Pas de fichier]
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw.dll [2009-07-21] (Adobe Systems, Inc.)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [Pas de fichier]
FF Plugin-x32: @microsoft.com/WLPG,version=14.0.8081.0709 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2009-07-10] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.21.169\npGoogleUpdate3.dll [2015-09-27] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.21.169\npGoogleUpdate3.dll [2015-09-27] (Google Inc.)
FF Plugin HKU\S-1-5-21-2130185542-2309449849-2320462487-1000: @stonetrip.com/ShiVaWebPlayer,version=1.8.1.0 -> C:\Users\Bénédicte\AppData\Roaming\..\LocalLow\StoneTrip\WebPlayer1.8.1\npShiVa3D_1.8.1.dll [2010-03-04] (Stonetrip)
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2015-09-26]
FF Extension: Pas de nom - C:\Users\Bénédicte\AppData\Roaming\Mozilla\Firefox\Profiles\sk7b9ugq.default-1443273009014\extensions\deskCutv2@gmail.com [non trouvé(e)]
FF Extension: Pas de nom - C:\Users\Bénédicte\AppData\Roaming\Mozilla\Firefox\Profiles\sk7b9ugq.default-1443273009014\extensions\d4db60df25f14dae9dd18@185c395f9e794c9ab86be3eb.com [non trouvé(e)]
FF Extension: Pas de nom - C:\Users\Bénédicte\AppData\Roaming\Mozilla\Firefox\Profiles\sk7b9ugq.default-1443273009014\extensions\AVJYFVOD75109374@HCDE39471360.com [non trouvé(e)]

Chrome:
=======
CHR StartupUrls: Default -> "hxxp://www.google.com"
CHR DefaultSearchURL: Default -> hxxp://www.default-search.net/search?sid=476&aid=10000&itype=u&src=ds&p={searchTerms}
CHR DefaultSearchKeyword: Default -> Default-Search
CHR Profile: C:\Users\Bénédicte\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Docs) - C:\Users\Bénédicte\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-04-23]
CHR Extension: (Avast Online Security) - C:\Users\Bénédicte\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2015-09-27]
CHR Extension: (Chrome Hotword Shared Module) - C:\Users\Bénédicte\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-09-27]
CHR Extension: (Paiements via le Chrome Web Store) - C:\Users\Bénédicte\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-04-23]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2015-09-26]
CHR HKLM-x32\...\Chrome\Extension: [iomphmdalfmaifjccmagmllnicjoghhk] - hxxps://clients2.google.com/service/update2/crx

==================== Services (Avec liste blanche) ========================

(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)

R2 a2AntiMalware; C:\Program Files (x86)\Emsisoft Anti-Malware\a2service.exe [5531008 2015-08-20] (Emsisoft Ltd)
R2 AESTFilters; C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_d15ed671de43d681\AESTSr64.exe [89600 2009-03-03] (Andrea Electronics Corporation)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [146600 2015-09-26] (AVAST Software)
R2 ezSharedSvc; C:\Windows\SysWOW64\ezsvc7.dll [129584 2009-02-22] (EasyBits Sofware AS) [Fichier non signé]
R2 iSafeService; C:\Program Files (x86)\Elex-tech\YAC\iSafeSvc.exe [118048 2015-04-16] (Elex do Brasil Participações Ltda)
R2 LightScribeService; C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe [73728 2009-08-20] (Hewlett-Packard Company) [Fichier non signé]
R2 RichVideo; C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe [247152 2009-07-06] ()
S2 SDWSCService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [171928 2014-04-25] (Safer-Networking Ltd.)
R2 STacSV; C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_d15ed671de43d681\STacSV64.exe [240640 2009-10-21] (IDT, Inc.)
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
S2 QQPCRTP; "C:\Program Files (x86)\Tencent\QQPCMgr\10.7.16066.216\QQPCRtp.exe" -r [X]

===================== Pilotes (Avec liste blanche) ==========================

(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)

R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [28656 2015-09-26] (AVAST Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [90968 2015-09-26] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93528 2015-09-26] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65224 2015-09-26] (AVAST Software)
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1049880 2015-09-26] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [448968 2015-09-26] (AVAST Software)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [153744 2015-09-26] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [274808 2015-09-26] (AVAST Software)
S3 ebdrv; C:\Windows\system32\DRIVERS\evbda.sys [3286016 2009-06-10] (Broadcom Corporation)
R1 epp64; C:\PROGRAM FILES (X86)\EMSISOFT ANTI-MALWARE\epp64.sys [138504 2015-08-07] (Emsisoft GmbH)
R1 iSafeKrnl; C:\Program Files (x86)\Elex-tech\YAC\iSafeKrnl.sys [260856 2015-05-14] (Elex do Brasil Participações Ltda)
S3 iSafeKrnlBoot; C:\Windows\System32\DRIVERS\iSafeKrnlBoot.sys [53568 2015-04-16] (Elex do Brasil Participações Ltda)
R1 iSafeKrnlKit; C:\Program Files (x86)\Elex-tech\YAC\iSafeKrnlKit.sys [110112 2015-08-20] (Elex do Brasil Participações Ltda)
R1 iSafeKrnlMon; C:\Program Files (x86)\Elex-tech\YAC\iSafeKrnlMon.sys [61832 2015-08-20] (Elex do Brasil Participações Ltda)
R1 iSafeKrnlR3; C:\Program Files (x86)\Elex-tech\YAC\iSafeKrnlR3.sys [103904 2015-09-01] (Elex do Brasil Participações Ltda)
R1 iSafeNetFilter; C:\Windows\System32\DRIVERS\iSafeNetFilter.sys [68488 2015-08-26] (Elex do Brasil Participações Ltda)
S3 MBAMSwissArmy; \??\C:\Windows\system32\drivers\MBAMSwissArmy.sys [X]

==================== NetSvcs (Avec liste blanche) ===================

(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)


==================== Un mois - Créés - fichiers et dossiers ========

(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)

2015-09-27 16:58 - 2015-09-27 16:58 - 00019510 _____ C:\Users\Bénédicte\Downloads\FRST.txt
2015-09-27 16:57 - 2015-09-27 16:58 - 00000000 ____D C:\FRST
2015-09-27 16:56 - 2015-09-27 16:57 - 02192384 _____ (Farbar) C:\Users\Bénédicte\Downloads\FRST64.exe
2015-09-27 16:54 - 2015-09-27 16:54 - 01695744 _____ (Farbar) C:\Users\Bénédicte\Downloads\FRST.exe
2015-09-27 16:40 - 2015-09-27 16:40 - 00000596 _____ C:\Windows\PFRO.log
2015-09-27 16:40 - 2015-09-27 16:40 - 00000056 _____ C:\Windows\setupact.log
2015-09-27 16:40 - 2015-09-27 16:40 - 00000000 _____ C:\Windows\setuperr.log
2015-09-27 16:07 - 2015-09-27 16:07 - 00001055 _____ C:\Users\Public\Desktop\Emsisoft Anti-Malware.lnk
2015-09-27 16:07 - 2015-09-27 16:07 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Emsisoft Anti-Malware
2015-09-27 16:05 - 2015-09-27 16:52 - 00000000 ____D C:\Program Files (x86)\Emsisoft Anti-Malware
2015-09-27 15:48 - 2015-09-27 16:02 - 174635400 _____ (Emsisoft Ltd. ) C:\Users\Bénédicte\Downloads\EmsisoftAntiMalwareSetup.exe
2015-09-27 15:42 - 2009-06-10 23:00 - 00000824 _____ C:\Windows\system32\Drivers\etc\hosts.20150927-154223.backup
2015-09-27 15:33 - 2015-07-28 17:52 - 00821920 _____ (Safer-Networking Ltd. ) C:\Users\Public\Desktop\Post Win10 Spybot-install.exe
2015-09-27 15:23 - 2015-09-27 15:23 - 00000000 ____D C:\Windows\System32\Tasks\Safer-Networking
2015-09-27 15:22 - 2015-09-27 15:45 - 00000000 ____D C:\Program Files (x86)\Spybot - Search & Destroy 2
2015-09-27 15:22 - 2015-09-27 15:41 - 00000000 ____D C:\ProgramData\Spybot - Search & Destroy
2015-09-27 15:22 - 2015-09-27 15:22 - 00001355 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot-S&D Start Center.lnk
2015-09-27 15:22 - 2015-09-27 15:22 - 00001343 _____ C:\Users\Public\Desktop\Spybot-S&D Start Center.lnk
2015-09-27 15:22 - 2015-09-27 15:22 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot - Search & Destroy 2
2015-09-27 15:22 - 2013-09-20 10:49 - 00021040 _____ (Safer Networking Limited) C:\Windows\system32\sdnclean64.exe
2015-09-27 15:15 - 2015-09-27 15:20 - 46525608 _____ (Safer-Networking Ltd. ) C:\Users\Bénédicte\Downloads\spybot-2-4.exe
2015-09-27 14:55 - 2015-09-27 14:55 - 00002217 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2015-09-27 14:55 - 2015-09-27 14:55 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2015-09-27 14:53 - 2015-09-27 14:53 - 00002806 _____ C:\Windows\System32\Tasks\CCleanerSkipUAC
2015-09-27 14:52 - 2015-09-27 14:53 - 00000000 ____D C:\Program Files\CCleaner
2015-09-27 14:52 - 2015-09-27 14:52 - 00000822 _____ C:\Users\Public\Desktop\CCleaner.lnk
2015-09-27 14:52 - 2015-09-27 14:52 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2015-09-27 14:49 - 2015-09-27 16:54 - 00001074 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-09-27 14:49 - 2015-09-27 16:41 - 00001070 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-09-27 14:49 - 2015-09-27 14:49 - 00004070 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2015-09-27 14:49 - 2015-09-27 14:49 - 00003818 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2015-09-26 21:48 - 2015-09-27 14:29 - 00000000 ____D C:\Users\Bénédicte\AppData\Local\Corel
2015-09-26 21:48 - 2015-09-26 21:48 - 06677440 _____ (Piriform Ltd) C:\Users\Bénédicte\Downloads\ccleaner_5-10-5373_fr_14492 (1)
2015-09-26 21:48 - 2015-09-26 21:48 - 00000000 ____D C:\Users\Bénédicte\Documents\My Corel Shows
2015-09-26 21:47 - 2015-09-26 21:47 - 00000848 ___SH C:\ProgramData\KGyGaAvL.sys
2015-09-26 21:46 - 2015-09-26 21:47 - 00000000 ____D C:\Users\Bénédicte\Documents\My PSP Files
2015-09-26 21:46 - 2015-09-26 21:47 - 00000000 ____D C:\Users\Bénédicte\AppData\Roaming\Corel
2015-09-26 21:45 - 2015-09-26 21:46 - 06677440 _____ (Piriform Ltd) C:\Users\Bénédicte\Downloads\ccleaner_5-10-5373_fr_14492
2015-09-26 20:30 - 2015-09-26 20:30 - 00001866 _____ C:\Users\Public\Desktop\YAC.lnk
2015-09-26 20:30 - 2015-09-26 20:30 - 00000000 ____D C:\Windows\system32\log
2015-09-26 20:30 - 2015-09-26 20:30 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\YAC
2015-09-26 20:30 - 2015-08-26 08:49 - 00068488 _____ (Elex do Brasil Participações Ltda) C:\Windows\system32\Drivers\iSafeNetFilter.sys
2015-09-26 20:30 - 2015-04-16 10:55 - 00053568 _____ (Elex do Brasil Participações Ltda) C:\Windows\system32\Drivers\iSafeKrnlBoot.sys
2015-09-26 20:29 - 2015-09-26 20:29 - 00000000 ____D C:\Program Files (x86)\Elex-tech
2015-09-26 20:27 - 2015-09-26 20:27 - 00000000 ____D C:\Users\Bénédicte\AppData\Roaming\Elex-tech
2015-09-26 19:30 - 2015-09-26 19:41 - 00000453 _____ C:\Users\Bénédicte\AppData\Local\SQ.RemoverDelete.bat
2015-09-26 19:30 - 2015-09-26 19:31 - 01662976 _____ C:\Users\Bénédicte\Downloads\AdwCleaner-5.008 (1).exe
2015-09-26 18:50 - 2015-09-26 18:51 - 01662976 _____ C:\Users\Bénédicte\Downloads\AdwCleaner-5.008.exe
2015-09-26 18:26 - 2015-09-26 18:52 - 00000027 _____ C:\Windows\wazpnmp.sys
2015-09-26 18:08 - 2015-09-26 18:08 - 00000000 ____D C:\Users\Bénédicte\AppData\Roaming\AVAST Software
2015-09-26 18:06 - 2015-09-26 18:06 - 00003924 _____ C:\Windows\System32\Tasks\avast! Emergency Update
2015-09-26 18:06 - 2015-09-26 18:06 - 00001922 _____ C:\Users\Public\Desktop\Avast Free Antivirus.lnk
2015-09-26 18:06 - 2015-09-26 18:06 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVAST Software
2015-09-26 18:05 - 2015-09-26 18:05 - 01049880 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys
2015-09-26 18:05 - 2015-09-26 18:05 - 00448968 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys
2015-09-26 18:05 - 2015-09-26 18:05 - 00378880 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2015-09-26 18:05 - 2015-09-26 18:05 - 00274808 _____ (AVAST Software) C:\Windows\system32\Drivers\aswVmm.sys
2015-09-26 18:05 - 2015-09-26 18:05 - 00153744 _____ (AVAST Software) C:\Windows\system32\Drivers\aswStm.sys
2015-09-26 18:05 - 2015-09-26 18:05 - 00093528 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2015-09-26 18:05 - 2015-09-26 18:05 - 00090968 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2015-09-26 18:05 - 2015-09-26 18:05 - 00065224 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRvrt.sys
2015-09-26 18:05 - 2015-09-26 18:05 - 00043112 _____ (AVAST Software) C:\Windows\avastSS.scr
2015-09-26 18:05 - 2015-09-26 18:05 - 00028656 _____ (AVAST Software) C:\Windows\system32\Drivers\aswHwid.sys
2015-09-26 17:57 - 2015-09-26 17:57 - 00001034 _____ C:\Windows\Tasks\PFoxemaUUyN1YvKCXDBZYTi.job
2015-09-26 17:57 - 2015-09-26 17:57 - 00001014 _____ C:\Windows\Tasks\sh5uZx66uZEvN.job
2015-09-26 17:56 - 2015-09-26 17:56 - 00000000 ____D C:\Program Files (x86)\e24f2756-812d-4cc8-9f5f-7fa6fc259d66
2015-09-26 17:55 - 2015-09-26 17:55 - 00001030 _____ C:\Windows\Tasks\cpwlqOsQH17NJRjOW1EYA.job
2015-09-26 17:55 - 2015-09-26 17:55 - 00001006 _____ C:\Windows\Tasks\2PabOEBGN.job
2015-09-26 17:54 - 2015-09-26 17:54 - 00000000 ____D C:\Program Files\AVAST Software
2015-09-26 17:53 - 2015-09-26 17:54 - 00000000 ____D C:\Program Files (x86)\8aedd194-eda3-46ff-96ee-7d6888955227
2015-09-26 17:48 - 2015-09-26 17:48 - 00000000 ____D C:\ProgramData\AVAST Software
2015-09-26 17:44 - 2015-09-26 17:44 - 00000000 ____D C:\Users\B茅n茅dicte
2015-09-26 17:44 - 2015-09-26 17:44 - 00000000 ____D C:\ProgramData\KingSoft
2015-09-26 17:17 - 2015-09-26 17:17 - 00128528 _____ C:\Users\Bénédicte\AppData\Local\GDIPFONTCACHEV1.DAT
2015-09-26 17:16 - 2015-09-26 17:18 - 00453368 _____ C:\Windows\system32\FNTCACHE.DAT
2015-09-26 17:10 - 2015-09-26 17:10 - 05693008 _____ (AVAST Software) C:\Users\Bénédicte\Downloads\avast_free_antivirus_setup_online.exe
2015-09-26 17:09 - 2015-09-26 17:09 - 00000000 ____D C:\Users\Bénédicte\AppData\Local\26025
2015-09-26 16:57 - 2015-09-26 16:57 - 00000000 ____D C:\Users\B閚閐icte\AppData\Roaming\Tencent
2015-09-26 16:57 - 2015-09-26 16:57 - 00000000 ____D C:\Users\B閚閐icte
2015-09-26 16:56 - 2015-09-26 19:47 - 00000000 ____D C:\Users\Bénédicte\AppData\Roaming\Tencent
2015-09-26 16:56 - 2015-09-26 19:47 - 00000000 ____D C:\ProgramData\Tencent
2015-09-26 16:56 - 2015-09-26 16:56 - 00087864 ____N (电脑管家) C:\Windows\system32\Drivers\TFsFltX64.sys
2015-09-26 16:52 - 2015-09-26 16:52 - 00000000 ___HD C:\sohucache
2015-09-26 16:52 - 2015-09-26 16:52 - 00000000 ____D C:\Users\Bénédicte\Documents\ËѺüÓ°Òô
2015-09-26 16:52 - 2015-09-26 16:52 - 00000000 ____D C:\SHDownload
2015-09-26 16:51 - 2015-09-26 16:51 - 00000000 ____D C:\Users\Bénédicte\AppData\Local\Temp尰
2015-09-26 16:47 - 2015-09-26 18:55 - 00000000 ____D C:\Program Files (x86)\Tencent
2015-09-26 16:47 - 2015-09-26 17:44 - 00001210 _____ C:\Users\Bénédicte\Desktop\Continue installation .lnk
2015-09-26 15:35 - 2015-09-26 17:21 - 00000000 ____D C:\Windows\System32\Tasks\Remediation
2015-09-26 15:34 - 2015-09-27 15:33 - 00000000 ____D C:\Program Files\Common Files\AV
2015-09-26 15:10 - 2015-09-26 15:10 - 00000000 ____D C:\Users\Bénédicte\Desktop\Anciennes données de Firefox

==================== Un mois - Modifiés - fichiers et dossiers ========

(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)

2015-09-27 16:59 - 2015-04-10 23:03 - 00001002 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-09-27 16:51 - 2009-07-14 06:45 - 00023248 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-09-27 16:51 - 2009-07-14 06:45 - 00023248 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-09-27 16:47 - 2010-02-06 02:19 - 01658958 _____ C:\Windows\WindowsUpdate.log
2015-09-27 16:42 - 2010-05-02 14:35 - 00000000 ____D C:\Users\Bénédicte\Tracing
2015-09-27 16:40 - 2009-07-14 07:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2015-09-27 16:13 - 2015-04-09 20:04 - 00000000 ____D C:\AdwCleaner
2015-09-27 14:56 - 2010-05-17 23:34 - 00000000 ____D C:\Users\Bénédicte\AppData\Local\CrashDumps
2015-09-27 14:54 - 2010-09-26 20:44 - 00000000 ____D C:\Program Files (x86)\Google
2015-09-27 14:53 - 2010-09-26 21:57 - 00000000 ____D C:\Users\Bénédicte\AppData\Local\Google
2015-09-27 14:50 - 2012-02-16 22:56 - 00000000 ____D C:\Program Files\Google
2015-09-27 14:50 - 2010-09-26 20:44 - 00000000 ____D C:\ProgramData\Google
2015-09-27 14:27 - 2014-04-09 08:05 - 00000290 __RSH C:\ProgramData\ntuser.pol
2015-09-26 20:41 - 2011-01-17 00:55 - 00000000 ____D C:\Users\Bénédicte\AppData\Local\Microsoft Help
2015-09-26 20:41 - 2010-04-22 22:36 - 00000000 ____D C:\Users\Bénédicte\AppData\Roaming\Skype
2015-09-26 20:41 - 2009-09-07 02:40 - 00000000 ____D C:\SwSetup
2015-09-26 20:41 - 2009-07-14 05:20 - 00000000 __RHD C:\Users\Default
2015-09-26 20:07 - 2010-01-09 00:56 - 00000000 ____D C:\Program Files (x86)\Microsoft Office
2015-09-26 20:05 - 2015-04-11 22:14 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2015-09-26 20:05 - 2010-01-09 02:49 - 00000000 ____D C:\Program Files (x86)\Java
2015-09-26 19:47 - 2010-02-06 02:46 - 00000000 ____D C:\ProgramData\Norton
2015-09-26 19:44 - 2015-04-23 21:20 - 00000000 ____D C:\Program Files (x86)\Adobe
2015-09-26 19:41 - 2015-04-11 15:17 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2015-09-26 19:41 - 2015-04-11 11:55 - 00000000 ____D C:\Users\Bénédicte\AppData\Local\SquareClock.Production_Castorama_Bathroom_Internet
2015-09-26 19:29 - 2015-04-11 11:47 - 00000000 ____D C:\Users\Bénédicte\AppData\Local\SquareClock.Production_Castorama_Dressing_Internet
2015-09-26 19:21 - 2009-07-14 07:09 - 00000000 ____D C:\Windows\System32\Tasks\WPD
2015-09-26 19:20 - 2010-03-17 23:33 - 00001433 _____ C:\Users\Bénédicte\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2015-09-26 18:57 - 2015-04-13 22:11 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Alinéa
2015-09-26 18:56 - 2010-03-17 23:25 - 00000000 ____D C:\Users\Bénédicte
2015-09-26 17:54 - 2015-04-13 22:32 - 00000000 ____D C:\Program Files (x86)\Alinea
2015-09-26 17:00 - 2011-10-23 23:26 - 00000000 ____D C:\Windows\Minidump
2015-09-26 17:00 - 2009-09-07 03:57 - 00000000 ____D C:\Windows\Panther
2015-09-26 16:01 - 2015-04-10 23:03 - 00780488 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-09-26 16:01 - 2015-04-10 23:03 - 00142536 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-09-26 16:01 - 2015-04-10 23:03 - 00003940 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater

==================== Fichiers à la racine de certains dossiers =======

2012-10-21 14:05 - 2012-10-21 22:33 - 4096000 _____ () C:\Program Files (x86)\GUTC236.tmp
2015-04-14 18:28 - 2015-04-14 18:28 - 0004387 _____ () C:\Users\Bénédicte\AppData\Roaming\2PabOEBGN
2015-04-20 16:05 - 2015-04-20 16:05 - 1246720 _____ () C:\Users\Bénédicte\AppData\Roaming\2PabOEBGN.exe
2015-04-19 14:20 - 2015-04-19 14:20 - 0005872 _____ () C:\Users\Bénédicte\AppData\Roaming\cpwlqOsQH17NJRjOW1EYA
2015-04-20 16:05 - 2015-04-20 16:05 - 1579520 _____ () C:\Users\Bénédicte\AppData\Roaming\cpwlqOsQH17NJRjOW1EYA.exe
2015-03-26 21:14 - 2015-03-26 21:14 - 0005542 _____ () C:\Users\Bénédicte\AppData\Roaming\MBFTHQ
2015-04-19 14:20 - 2015-04-19 14:20 - 0005872 _____ () C:\Users\Bénédicte\AppData\Roaming\PFoxemaUUyN1YvKCXDBZYTi
2015-04-20 16:05 - 2015-04-20 16:05 - 1579520 _____ () C:\Users\Bénédicte\AppData\Roaming\PFoxemaUUyN1YvKCXDBZYTi.exe
2015-03-09 23:30 - 2015-03-09 23:30 - 0005487 _____ () C:\Users\Bénédicte\AppData\Roaming\QJNFZ
2015-03-26 21:14 - 2015-03-26 21:14 - 0005542 _____ () C:\Users\Bénédicte\AppData\Roaming\RRUHLZSQ
2015-04-14 18:28 - 2015-04-14 18:28 - 0004387 _____ () C:\Users\Bénédicte\AppData\Roaming\sh5uZx66uZEvN
2015-04-20 16:05 - 2015-04-20 16:05 - 1246720 _____ () C:\Users\Bénédicte\AppData\Roaming\sh5uZx66uZEvN.exe
2010-08-10 21:37 - 2014-02-26 23:17 - 0001346 _____ () C:\Users\Bénédicte\AppData\Roaming\wklnhst.dat
2010-03-17 23:33 - 2010-03-17 23:33 - 0000000 _____ () C:\Users\Bénédicte\AppData\Local\AtStart.txt
2010-03-17 23:33 - 2010-03-17 23:33 - 0000000 _____ () C:\Users\Bénédicte\AppData\Local\DSwitch.txt
2010-03-17 23:33 - 2010-03-17 23:33 - 0000000 _____ () C:\Users\Bénédicte\AppData\Local\QSwitch.txt
2015-09-26 19:30 - 2015-09-26 19:41 - 0000453 _____ () C:\Users\Bénédicte\AppData\Local\SQ.RemoverDelete.bat
2012-11-25 21:40 - 2012-11-25 21:40 - 1712130 _____ () C:\Users\Bénédicte\AppData\Local\tmp050.0
2012-11-25 21:40 - 2012-11-25 21:40 - 0478797 _____ () C:\Users\Bénédicte\AppData\Local\tmp050.JPG
2012-11-25 21:40 - 2012-11-25 21:40 - 0006286 _____ () C:\Users\Bénédicte\AppData\Local\tmp050_navi.JPG
2012-11-17 21:46 - 2012-11-17 21:46 - 1870099 _____ () C:\Users\Bénédicte\AppData\Local\tmp062.0
2012-11-17 21:46 - 2012-11-17 21:46 - 0650639 _____ () C:\Users\Bénédicte\AppData\Local\tmp062.1
2012-11-17 21:46 - 2012-11-17 21:46 - 0650608 _____ () C:\Users\Bénédicte\AppData\Local\tmp062.JPG
2011-12-21 11:13 - 2011-12-21 11:13 - 1777211 _____ () C:\Users\Bénédicte\AppData\Local\tmp156.0
2011-12-21 11:13 - 2011-12-21 11:13 - 1071490 _____ () C:\Users\Bénédicte\AppData\Local\tmp156.JPG
2011-12-21 11:18 - 2011-12-21 11:18 - 1748472 _____ () C:\Users\Bénédicte\AppData\Local\tmp171.0
2011-12-21 11:18 - 2011-12-21 11:18 - 0770218 _____ () C:\Users\Bénédicte\AppData\Local\tmp171.JPG
2012-09-05 19:42 - 2012-09-05 19:42 - 1830196 _____ () C:\Users\Bénédicte\AppData\Local\tmp207.JPG
2012-03-24 20:42 - 2012-03-24 20:42 - 1759397 _____ () C:\Users\Bénédicte\AppData\Local\tmpP3240087.0
2012-03-24 20:42 - 2012-03-24 20:42 - 0518846 _____ () C:\Users\Bénédicte\AppData\Local\tmpP3240087.JPG
2010-03-17 23:33 - 2015-09-27 16:42 - 0000188 _____ () C:\ProgramData\HPWALog.txt
2015-09-26 21:47 - 2015-09-26 21:47 - 0000848 ___SH () C:\ProgramData\KGyGaAvL.sys
2010-02-06 02:45 - 2010-02-06 02:45 - 0000032 _____ () C:\ProgramData\{051B9612-4D82-42AC-8C63-CD2DCEDC1CB3}.log
2010-01-09 02:17 - 2010-01-09 02:17 - 0000109 _____ () C:\ProgramData\{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}.log
2010-02-06 02:45 - 2010-02-06 02:45 - 0000032 _____ () C:\ProgramData\{23F3DA62-2D9E-4A69-B8D5-BE8E9E148092}.log
2010-01-09 02:13 - 2010-01-09 02:14 - 0000105 _____ () C:\ProgramData\{40BF1E83-20EB-11D8-97C5-0009C5020658}.log
2010-02-06 02:44 - 2010-02-06 02:44 - 0000032 _____ () C:\ProgramData\{4FC670EB-5F02-4B07-90DB-022B86BFEFD0}.log
2010-02-06 02:45 - 2010-02-06 02:45 - 0000032 _____ () C:\ProgramData\{9867824A-C86D-4A83-8F3C-E7A86BE0AFD3}.log
2010-01-09 02:12 - 2010-01-09 02:13 - 0000107 _____ () C:\ProgramData\{C59C179C-668D-49A9-B6EA-0121CCFC1243}.log
2010-01-09 02:14 - 2010-01-09 02:17 - 0000110 _____ () C:\ProgramData\{CB099890-1D5F-11D5-9EA9-0050BAE317E1}.log
2010-02-06 02:45 - 2010-02-06 02:45 - 0000105 _____ () C:\ProgramData\{d36dd326-7280-11d8-97c8-000129760cbe}.log

Certains fichiers dans TEMP:
====================
C:\Users\Bénédicte\AppData\Local\Temp\sqlite3.dll
C:\Users\B茅n茅dicte\AppData\Local\Temp\TempQQPhoneManager-5.0.0_710202.4468.pas_2740314721.exe


==================== Bamital & volsnap =================

(Il n'y a pas de correction automatique pour les fichiers qui ne satisfont pas à la vérification.)

C:\Windows\system32\winlogon.exe => Le fichier est signé numériquement
C:\Windows\system32\wininit.exe => Le fichier est signé numériquement
C:\Windows\SysWOW64\wininit.exe => Le fichier est signé numériquement
C:\Windows\explorer.exe => Le fichier est signé numériquement
C:\Windows\SysWOW64\explorer.exe => Le fichier est signé numériquement
C:\Windows\system32\svchost.exe => Le fichier est signé numériquement
C:\Windows\SysWOW64\svchost.exe => Le fichier est signé numériquement
C:\Windows\system32\services.exe => Le fichier est signé numériquement
C:\Windows\system32\User32.dll => Le fichier est signé numériquement
C:\Windows\SysWOW64\User32.dll => Le fichier est signé numériquement
C:\Windows\system32\userinit.exe => Le fichier est signé numériquement
C:\Windows\SysWOW64\userinit.exe => Le fichier est signé numériquement
C:\Windows\system32\rpcss.dll => Le fichier est signé numériquement
C:\Windows\system32\dnsapi.dll => Le fichier est signé numériquement
C:\Windows\SysWOW64\dnsapi.dll => Le fichier est signé numériquement
C:\Windows\system32\Drivers\volsnap.sys => Le fichier est signé numériquement


LastRegBack: 2015-04-15 23:42

==================== Fin de FRST.txt ============================

Publicité


Signaler le contenu de ce document

Publicité