cjoint

Publicité


Publicité

Format du document : text/plain

Prévisualisation

Résultats d'analyse de Farbar Recovery Scan Tool (FRST) (x64) Version:29-11-2015
Exécuté par LAURENCE (administrateur) sur LAURENCE-PC (30-11-2015 19:41:29)
Exécuté depuis C:\Users\LAURENCE\Desktop
Profils chargés: LAURENCE (Profils disponibles: UpdatusUser & LAURENCE)
Platform: Windows 7 Home Premium Service Pack 1 (X64) Langue: Français (France)
Internet Explorer Version 11 (Navigateur par défaut non détecté(e)!)
Mode d'amorçage: Normal
Tutoriel pour Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processus (Avec liste blanche) =================

(Si un élément est inclus dans le fichier fixlist.txt, le processus sera arrêté. Le fichier ne sera pas déplacé.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\NvXDSync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(ASUSTeK Computer Inc.) C:\Windows\System32\FBAgent.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
(ASUS) C:\Program Files\P4G\BatteryLife.exe
() C:\Program Files (x86)\ASUS\ASUS Live Update\ALU.exe
(ASUS) C:\Program Files (x86)\ASUS\Splendid\ACMON.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
(ASUSTeK) C:\Windows\SysWOW64\ACEngSvr.exe
(ASUS) C:\Windows\AsScrPro.exe
(CyberLink) C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Alcor Micro Corp.) C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(Intel® Corporation) C:\Program Files\Intel\TurboBoost\SignalIslandUi.exe
(Virage Logic Corporation / Sonic Focus) C:\Program Files (x86)\ASUS\Sonic Focus\SonicFocusTray.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe
(ASUS) C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe
(Intel(R) Corporation) C:\Program Files\Intel\TurboBoost\TurboBoost.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MpCmdRun.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MpCmdRun.exe
( ) C:\Users\LAURENCE\AppData\Roaming\zKy9RRR\R8YIWbD.exe
(Microsoft Corporation) C:\Windows\System32\cmd.exe
( ) C:\Users\LAURENCE\AppData\Local\Temp\v3\downloader.exe
() C:\Program Files (x86)\OLBPre\OLBPre.exe
(Microsoft Corporation) C:\Windows\System32\taskmgr.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
() C:\Users\LAURENCE\AppData\Local\gmsd_fr_010010162\upgmsd_fr_010010162.exe
() C:\Program Files (x86)\gmsd_fr_010010162\gmsd_fr_010010162.exe
() C:\Users\LAURENCE\AppData\Local\Temp\~UWTeI2b.tmp\SpaceSoundPro\SpaceSoundPro.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe


==================== Registre (Avec liste blanche) ===========================

(Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé. Le fichier ne sera pas déplacé.)

HKLM\...\Run: [RtHDVBg] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2264168 2011-07-13] (Realtek Semiconductor)
HKLM\...\Run: [AmIcoSinglun64] => C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe [324096 2010-08-11] (Alcor Micro Corp.)
HKLM\...\Run: [ETDCtrl] => C:\Program Files\Elantech\ETDCtrl.exe [2587944 2010-12-31] (ELAN Microelectronics Corp.)
HKLM\...\Run: [IntelTBRunOnce] => wscript.exe //b //nologo "C:\Program Files\Intel\TurboBoost\RunTBGadgetOnce.vbs"
HKLM\...\Run: [Setwallpaper] => c:\programdata\SetWallpaper.cmd
HKLM\...\Run: [3D BubbleSound] => "C:\Program Files\BubbleSound\3D BubbleSound.exe"
HKLM\...\Run: [MSC] => C:\Program Files\Microsoft Security Client\msseces.exe [1337000 2015-04-30] (Microsoft Corporation)
HKLM\...\Run: [gpuminer] => C:\Users\LAURENCE\AppData\Roaming\cpuminer\sgminer\sgminer.cmd
HKLM\...\Run: [cpuminer] => C:\Windows\system32\cpuminer-gw64.exe
HKLM\...\Run: [Windesk Winsearch] => C:\Program Files (x86)\WindeskWinsearch\Windesk Winsearch.exe
HKLM-x32\...\Run: [ASUSPRP] => C:\Program Files (x86)\ASUS\APRP\APRP.EXE [2018032 2011-04-13] (ASUSTek Computer Inc.)
HKLM-x32\...\Run: [ASUSWebStorage] => C:\Program Files (x86)\ASUS\ASUS WebStorage\3.0.84.161\AsusWSPanel.exe [731472 2011-02-23] (ecareme)
HKLM-x32\...\Run: [SonicMasterTray] => C:\Program Files (x86)\ASUS\Sonic Focus\SonicFocusTray.exe [984400 2010-07-10] (Virage Logic Corporation / Sonic Focus)
HKLM-x32\...\Run: [ATKOSD2] => C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe [5732992 2010-08-17] (ASUS)
HKLM-x32\...\Run: [ATKMEDIA] => C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe [170624 2010-10-07] (ASUS)
HKLM-x32\...\Run: [HControlUser] => C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe [105016 2009-06-19] (ASUS)
HKLM-x32\...\Run: [Wireless Console 3] => C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe [2255360 2011-06-10] (ASUS)
HKLM-x32\...\Run: [UpdateLBPShortCut] => C:\Program Files (x86)\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe [222504 2009-05-20] (CyberLink Corp.)
HKLM-x32\...\Run: [UpdateP2GoShortCut] => C:\Program Files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe [222504 2009-05-20] (CyberLink Corp.)
HKLM-x32\...\Run: [gmsd_fr_010010162] => C:\Program Files (x86)\gmsd_fr_010010162\gmsd_fr_010010162.exe [4336816 2015-11-30] ()
HKLM-x32\...\RunOnce: [upgmsd_fr_010010162.exe] => C:\Users\LAURENCE\AppData\Local\gmsd_fr_010010162\upgmsd_fr_010010162.exe [3280560 2015-11-30] ()
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-1428646825-993689964-1848176180-1001\...\Run: [GoogleChromeAutoLaunch_7E5C3CB1C1409BC0DB0097739DFA3D8A] => "C:\Program Files (x86)\Crossbrowse\Crossbrowse\Application\crossbrowse.exe" --no-startup-window
AppInit_DLLs-x32: c:\windows\syswow64\nvinit.dll => c:\windows\syswow64\nvinit.dll [201576 2013-04-08] (NVIDIA Corporation)
ShellIconOverlayIdentifiers: [AsusWSShellExt_B] -> {6D4133E5-0742-4ADC-8A8C-9303440F7190} => C:\Program Files (x86)\ASUS\ASUS WebStorage\3.0.84.161\ASUSWSShellExt64.dll [2010-09-02] (eCareme Technologies, Inc.)
ShellIconOverlayIdentifiers: [AsusWSShellExt_O] -> {64174815-8D98-4CE6-8646-4C039977D808} => C:\Program Files (x86)\ASUS\ASUS WebStorage\3.0.84.161\ASUSWSShellExt64.dll [2010-09-02] (eCareme Technologies, Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\AsusVibeLauncher.lnk [2011-04-13]
ShortcutTarget: AsusVibeLauncher.lnk -> C:\Program Files (x86)\ASUS\AsusVibe\AsusVibeLauncher.exe ()
Startup: C:\Users\LAURENCE\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Intel(R) Turbo Boost Technology Monitor 2.0.lnk [2015-02-19]
ShortcutTarget: Intel(R) Turbo Boost Technology Monitor 2.0.lnk -> C:\Program Files\Intel\TurboBoost\SignalIslandUi.exe (Intel® Corporation)
Startup: C:\Users\LAURENCE\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\MyPC Backup.lnk [2015-11-30]
ShortcutTarget: MyPC Backup.lnk -> C:\Program Files (x86)\OLBPre\OLBPre.exe ()
Startup: C:\Users\LAURENCE\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Of_FR-I3-OptimizerPro_chk_0_237.lnk [2015-03-07]
ShortcutTarget: Of_FR-I3-OptimizerPro_chk_0_237.lnk -> C:\ProgramData\{5536b47a-6151-616f-5536-6b47a615d1e9}\Of_FR-I3-OptimizerPro_chk_0_237.exe (Pas de fichier)
GroupPolicy: Restriction - Chrome <======= ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Restriction <======= ATTENTION

==================== Internet (Avec liste blanche) ====================

(Si un élément est inclus dans le fichier fixlist.txt, s'il s'agit d'un élément du Registre, il sera supprimé ou restauré à la valeur par défaut.)

ProxyEnable: [.DEFAULT] => Proxy est activé.
ProxyServer: [.DEFAULT] => http=127.0.0.1:51088;https=127.0.0.1:51088
Tcpip\Parameters: [DhcpNameServer] 192.168.1.254
Tcpip\..\Interfaces\{56DFFBBB-164B-4FB4-A49F-E27D0B690F18}: [NameServer] 52.17.204.69,8.8.8.8
Tcpip\..\Interfaces\{56DFFBBB-164B-4FB4-A49F-E27D0B690F18}: [DhcpNameServer] 192.168.1.254
Tcpip\..\Interfaces\{846ee342-7039-11de-9d20-806e6f6e6963}: [NameServer] 52.17.204.69,8.8.8.8
Tcpip\..\Interfaces\{BEA0EE68-204F-4B5E-874F-F21DC7AB7F80}: [NameServer] 52.17.204.69,8.8.8.8

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/?LinkID=617911&ResetID=130848821155884297&GUID=BAA9C398-C85C-48F1-8F97-0493D00CEF61
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/?LinkID=617911&ResetID=130848821156040297&GUID=BAA9C398-C85C-48F1-8F97-0493D00CEF61
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com
HKU\S-1-5-21-1428646825-993689964-1848176180-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.mystart.com/?pr=vmn&id=mystarttb&v=5_4&ent=hp_5354&src=5354
SearchScopes: HKLM -> DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSSE
SearchScopes: HKLM -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSSE
SearchScopes: HKLM-x32 -> DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSSE
SearchScopes: HKLM-x32 -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSSE
SearchScopes: HKLM-x32 -> {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL = hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7ASUT
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-1428646825-993689964-1848176180-1001 -> DefaultScope {3BD44F0E-0596-4008-AEE0-45D47E3A8F0E} URL = hxxp://www.mystart.com/results.php?gen=ms&pr=vmn&id=mystarttb&v=5_4&ent=ch_5354&q={searchTerms}
SearchScopes: HKU\S-1-5-21-1428646825-993689964-1848176180-1001 -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL =
SearchScopes: HKU\S-1-5-21-1428646825-993689964-1848176180-1001 -> {3BD44F0E-0596-4008-AEE0-45D47E3A8F0E} URL = hxxp://www.mystart.com/results.php?gen=ms&pr=vmn&id=mystarttb&v=5_4&ent=ch_5354&q={searchTerms}
SearchScopes: HKU\S-1-5-21-1428646825-993689964-1848176180-1001 -> {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL =
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21] (Microsoft Corp.)
BHO: MyStart Toolbar -> {ccb24e92-62c4-4c53-95d2-65f9eed476bc} -> C:\Program Files (x86)\mystarttb\mystartDx64.dll [2015-02-17] ()
BHO: Adblock Plus for IE Browser Helper Object -> {FFCB3198-32F3-4E8B-9539-4324694ED664} -> C:\Program Files\Adblock Plus for IE\AdblockPlus64.dll [2015-02-25] (Eyeo GmbH)
BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21] (Microsoft Corp.)
BHO-x32: WOT Helper -> {C920E44A-7F78-4E64-BDD7-A57026E7FEB7} -> C:\Program Files (x86)\WOT\WOT.dll [2013-09-02] ()
BHO-x32: MyStart Toolbar -> {ccb24e92-62c4-4c53-95d2-65f9eed476bc} -> C:\Program Files (x86)\mystarttb\mystartDx.dll [2015-02-17] ()
BHO-x32: Adblock Plus for IE Browser Helper Object -> {FFCB3198-32F3-4E8B-9539-4324694ED664} -> C:\Program Files\Adblock Plus for IE\AdblockPlus32.dll [2015-02-25] (Eyeo GmbH)
Toolbar: HKLM - MyStart Toolbar - {ccb24e92-62c4-4c53-95d2-65f9eed476bc} - C:\Program Files (x86)\mystarttb\mystartDx64.dll [2015-02-17] ()
Toolbar: HKLM-x32 - WOT - {71576546-354D-41c9-AAE8-31F2EC22BF0D} - C:\Program Files (x86)\WOT\WOT.dll [2013-09-02] ()
Toolbar: HKLM-x32 - MyStart Toolbar - {ccb24e92-62c4-4c53-95d2-65f9eed476bc} - C:\Program Files (x86)\mystarttb\mystartDx.dll [2015-02-17] ()
Handler-x32: wot - {C2A44D6B-CB9F-4663-88A6-DF2F26E4D952} - C:\Program Files (x86)\WOT\WOT.dll [2013-09-02] ()

FireFox:
========
FF ProfilePath: C:\Users\LAURENCE\AppData\Roaming\Mozilla\Firefox\Profiles\bq1kr4rx.default
FF Plugin: @microsoft.com/GENUINE -> disabled [Pas de fichier]
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32.dll [Pas de fichier]
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [Pas de fichier]
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2010-11-10] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2010-11-10] (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Users\LAURENCE\AppData\Roaming\mozilla\plugins\np-mswmp.dll [2009-09-25] (Microsoft Corporation)
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\mystarttb.xml [2015-11-30]
FF Extension: WOT - C:\Users\LAURENCE\AppData\Roaming\Mozilla\Firefox\Profiles\bq1kr4rx.default\extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7} [2015-06-17]
FF Extension: Product Deals 1.0.1 - C:\Users\LAURENCE\AppData\Roaming\Mozilla\Firefox\Profiles\bq1kr4rx.default\extensions\{091b32e0-9f35-4c0d-a441-9eb90360f0ef}.xpi [2015-06-23] [non signé]
FF Extension: checkcompatibilitydactylgooglecodecom - C:\Users\LAURENCE\AppData\Roaming\Mozilla\Firefox\Profiles\bq1kr4rx.default\extensions\check-compatibility@dactyl.googlecode.com [2015-08-17] [non signé]
FF Extension: jsonhandlegmailcom - C:\Users\LAURENCE\AppData\Roaming\Mozilla\Firefox\Profiles\bq1kr4rx.default\extensions\jsonhandle@gmail.com [2015-08-17] [non signé]
FF Extension: winservice86 - C:\Users\LAURENCE\AppData\Roaming\Mozilla\Firefox\Profiles\bq1kr4rx.default\extensions\taylorralston@hotmail.com [2015-06-14] [non signé]
FF Extension: MyStart Toolbar - C:\Users\LAURENCE\AppData\Roaming\Mozilla\Firefox\Profiles\bq1kr4rx.default\extensions\{607b689f-7600-45e4-b8e5-887f72dab15c} [2015-11-30] [non signé]
FF Extension: Adblock Plus - C:\Users\LAURENCE\AppData\Roaming\Mozilla\Firefox\Profiles\bq1kr4rx.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2015-06-14]
FF ExtraCheck: C:\Program Files (x86)\mozilla firefox\browser\defaults\preferences\prefs.js [2015-08-17] <==== ATTENTION (Pointe vers un fichier *.cfg)

Opera:
=======
OPR Extension: (SmartSaver+ 3) - C:\Users\LAURENCE\AppData\Roaming\Opera Software\Opera Stable\Extensions\ekpibplnnkfdcafdpoekhoffegcajene [2015-08-25]
OPR Extension: (GoHD) - C:\Users\LAURENCE\AppData\Roaming\Opera Software\Opera Stable\Extensions\fijhlnmmmgflacagjecncpmpnhjieggk [2015-08-17]
OPR Extension: (iWebar) - C:\Users\LAURENCE\AppData\Roaming\Opera Software\Opera Stable\Extensions\hdhmofnopkgkpgnpggloijpbnaonhplc [2015-08-17]
OPR Extension: (BrowserV23.06) - C:\Users\LAURENCE\AppData\Roaming\Opera Software\Opera Stable\Extensions\idhkmcfanijhphphomamdkaejjadkhgn [2015-08-18]
OPR Extension: (Object Browser) - C:\Users\LAURENCE\AppData\Roaming\Opera Software\Opera Stable\Extensions\kfgaibfbmkjgmimhbbaikfnpkkjkpoan [2015-08-17]

==================== Services (Avec liste blanche) ========================

(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)

R2 MsMpSvc; C:\Program Files\Microsoft Security Client\MsMpEng.exe [23816 2015-04-30] (Microsoft Corporation)
S3 NisSrv; C:\Program Files\Microsoft Security Client\NisSrv.exe [366544 2015-04-30] (Microsoft Corporation)
S2 53a1c4d9; "C:\Windows\system32\rundll32.exe" "c:\Program Files (x86)\Optimizer Pro 3.96\OptProMon.dll",ENT <==== ATTENTION
S2 cae99edb; "C:\Windows\system32\rundll32.exe" "c:\Program Files (x86)\Super Optimizer\SupOptStats.dll",ENT

===================== Pilotes (Avec liste blanche) ==========================

(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)

S3 ebdrv; C:\Windows\system32\drivers\evbda.sys [3286016 2009-06-10] (Broadcom Corporation)
R3 kbfiltr; C:\Windows\System32\DRIVERS\kbfiltr.sys [15416 2009-07-20] ( )
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [280376 2015-03-04] (Microsoft Corporation)
S3 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [124568 2015-03-04] (Microsoft Corporation)

==================== NetSvcs (Avec liste blanche) ===================

(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)


==================== Un mois - Créés - fichiers et dossiers ========

(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)

2015-11-30 19:41 - 2015-11-30 19:41 - 00046494 _____ C:\Users\LAURENCE\Desktop\Shortcut.txt
2015-11-30 19:41 - 2015-11-30 19:41 - 00000874 _____ C:\Users\LAURENCE\Desktop\SpaceSoundPro.lnk
2015-11-30 19:41 - 2015-11-30 19:41 - 00000008 _____ C:\END
2015-11-30 19:41 - 2015-11-30 19:41 - 00000000 ____D C:\Users\LAURENCE\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SpaceSoundPro 1.0
2015-11-30 19:41 - 2015-11-30 19:41 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GAMESDESKTOP
2015-11-30 19:41 - 2015-11-30 19:41 - 00000000 ____D C:\Program Files\SpaceSoundPro
2015-11-30 19:41 - 2015-11-30 19:41 - 00000000 ____D C:\Program Files (x86)\SpaceSondPro_v61.10055
2015-11-30 19:41 - 2015-11-30 19:41 - 00000000 ____D C:\Program Files (x86)\SpaceSondPro
2015-11-30 19:40 - 2015-11-30 19:41 - 00000000 ____D C:\Users\LAURENCE\AppData\Local\gmsd_fr_010010162
2015-11-30 19:40 - 2015-11-30 19:41 - 00000000 ____D C:\Program Files (x86)\gmsd_fr_010010162
2015-11-30 19:38 - 2015-11-30 19:41 - 00000452 _____ C:\Users\LAURENCE\Desktop\Addition.txt
2015-11-30 19:37 - 2015-11-30 19:37 - 00000000 ____D C:\ProgramData\EmailNotifier
2015-11-30 19:36 - 2015-11-30 19:37 - 00000000 ____D C:\Users\LAURENCE\AppData\LocalLow\mystarttb
2015-11-30 19:35 - 2015-11-30 19:37 - 00000000 ____D C:\Program Files (x86)\mystarttb
2015-11-30 19:35 - 2015-11-30 19:36 - 00000000 ____D C:\Program Files (x86)\OLBPre
2015-11-30 19:35 - 2015-11-30 19:35 - 00003996 _____ C:\Windows\System32\Tasks\LaunchPreSignup
2015-11-30 19:35 - 2015-11-30 19:35 - 00001865 _____ C:\Users\LAURENCE\Desktop\MyPC Backup.lnk
2015-11-30 19:32 - 2015-11-30 19:41 - 00018794 _____ C:\Users\LAURENCE\Desktop\FRST.txt
2015-11-30 19:31 - 2015-11-30 19:41 - 00000000 ____D C:\FRST
2015-11-30 19:30 - 2015-11-30 19:30 - 02350080 _____ (Farbar) C:\Users\LAURENCE\Desktop\FRST64.exe
2015-11-30 19:16 - 2015-11-30 19:16 - 00075913 _____ C:\Users\LAURENCE\Desktop\AdwCleaner[C1].txt
2015-11-30 19:00 - 2015-11-30 19:00 - 00000000 ____D C:\Users\LAURENCE\AppData\Local\CEF
2015-11-30 18:58 - 2015-11-30 18:58 - 01736704 _____ C:\Users\LAURENCE\Downloads\adwcleaner_5.023.exe

==================== Un mois - Modifiés - fichiers et dossiers ========

(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)

2015-11-30 19:40 - 2009-07-14 04:20 - 00000000 ____D C:\Windows
2015-11-30 19:33 - 2009-07-14 05:45 - 00009920 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-11-30 19:33 - 2009-07-14 05:45 - 00009920 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-11-30 19:31 - 2015-08-26 08:24 - 00001014 _____ C:\Windows\Tasks\dQUUOjhYHv03Jad.job
2015-11-30 19:21 - 2011-02-19 05:29 - 00758982 _____ C:\Windows\system32\perfh00C.dat
2015-11-30 19:21 - 2011-02-19 05:29 - 00153814 _____ C:\Windows\system32\perfc00C.dat
2015-11-30 19:21 - 2009-07-14 06:13 - 01699016 _____ C:\Windows\system32\PerfStringBackup.INI
2015-11-30 19:21 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\inf
2015-11-30 19:20 - 2015-06-17 17:27 - 00000000 ____D C:\Program Files (x86)\Opera
2015-11-30 19:19 - 2015-02-26 15:35 - 00000000 __SHD C:\Users\LAURENCE\AppData\LocalLow\EmieUserList
2015-11-30 19:19 - 2015-02-26 15:35 - 00000000 __SHD C:\Users\LAURENCE\AppData\LocalLow\EmieSiteList
2015-11-30 19:19 - 2015-02-26 15:35 - 00000000 __SHD C:\Users\LAURENCE\AppData\LocalLow\EmieBrowserModeList
2015-11-30 19:14 - 2015-08-26 13:29 - 00001006 _____ C:\Windows\Tasks\6oEgnf7lwON.job
2015-11-30 19:14 - 2015-08-26 11:35 - 00001008 _____ C:\Windows\Tasks\CZEa4jsxSG4i.job
2015-11-30 19:14 - 2015-08-26 07:11 - 00001000 _____ C:\Windows\Tasks\wAgfuWOb.job
2015-11-30 19:14 - 2015-08-26 05:34 - 00001036 _____ C:\Windows\Tasks\ikOtaPW6IpwG6gWS8FZQ7u5BmH.job
2015-11-30 19:14 - 2015-08-26 03:05 - 00001016 _____ C:\Windows\Tasks\VnEIP0AgV7tcDbCV.job
2015-11-30 19:14 - 2015-08-26 00:28 - 00001024 _____ C:\Windows\Tasks\U2pOXx956PRbJhY5oYbu.job
2015-11-30 19:14 - 2015-08-25 22:43 - 00001026 _____ C:\Windows\Tasks\lm6XSBcWv45L5pdGtrNsz.job
2015-11-30 19:14 - 2015-08-25 20:22 - 00001020 _____ C:\Windows\Tasks\d2W9PG7ytuD57UeDRe.job
2015-11-30 19:14 - 2015-08-25 18:43 - 00001022 _____ C:\Windows\Tasks\FUTFWB8J34AfpO2CuFj.job
2015-11-30 19:14 - 2015-08-25 16:08 - 00001034 _____ C:\Windows\Tasks\iJ1QdqQUNiy1Yk3t4L69YGr4z.job
2015-11-30 19:14 - 2015-08-25 13:39 - 00001006 _____ C:\Windows\Tasks\ST7Q9BfLLXf.job
2015-11-30 19:14 - 2015-08-25 09:15 - 00001022 _____ C:\Windows\Tasks\iMx3GTuPfAodhae8Jla.job
2015-11-30 19:14 - 2015-08-24 15:32 - 00001014 _____ C:\Windows\Tasks\g0XBqurkqqm9kHZ.job
2015-11-30 19:14 - 2015-08-24 10:34 - 00001018 _____ C:\Windows\Tasks\l0tOf3pY2j6CIy60X.job
2015-11-30 19:14 - 2015-08-18 10:37 - 00001018 _____ C:\Windows\Tasks\kfhb8DF34dxYnE8l9.job
2015-11-30 19:14 - 2015-08-17 10:38 - 00001002 _____ C:\Windows\Tasks\ktLgQFniw.job
2015-11-30 19:14 - 2015-04-14 09:35 - 00001350 _____ C:\Windows\Tasks\GFXEWI.job
2015-11-30 19:14 - 2015-04-06 09:26 - 00001346 _____ C:\Windows\Tasks\ZZYC.job
2015-11-30 19:14 - 2015-02-19 13:42 - 00045056 _____ C:\Windows\SysWOW64\acovcnt.exe
2015-11-30 19:14 - 2009-07-14 06:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2015-11-30 19:08 - 2015-06-17 17:28 - 00000996 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Opera.lnk
2015-11-30 19:08 - 2015-06-17 17:28 - 00000984 _____ C:\Users\Public\Desktop\Opera.lnk
2015-11-30 19:08 - 2015-05-03 23:20 - 00001063 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2015-11-30 19:08 - 2015-05-03 23:20 - 00001051 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk
2015-11-30 19:08 - 2015-05-03 23:20 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2015-11-30 19:08 - 2009-07-14 04:20 - 00000000 ____D C:\Program Files\Common Files\System
2015-11-30 19:07 - 2015-05-03 20:53 - 00000000 ____D C:\AdwCleaner
2015-11-30 19:07 - 2015-02-19 13:41 - 00000000 ____D C:\Users\LAURENCE
2015-11-30 18:50 - 2015-02-19 21:24 - 00003252 _____ C:\Windows\system32\AutoRunFilter.ini
2015-11-30 18:49 - 2015-03-30 11:22 - 00000004 _____ C:\Windows\SysWOW64\029B560A371F4E00AB32838EBC01B9E7
2015-11-30 18:49 - 2015-02-19 21:24 - 00001750 _____ C:\Windows\system32\ServiceFilter.ini

==================== Fichiers à la racine de certains dossiers =======

2015-03-30 10:18 - 2015-03-30 10:18 - 6000640 _____ () C:\Program Files (x86)\GUT4C83.tmp
2015-04-14 17:28 - 2015-04-14 17:28 - 0004387 _____ () C:\Users\LAURENCE\AppData\Roaming\6oEgnf7lwON
2015-04-20 15:05 - 2015-04-20 15:05 - 1246720 _____ () C:\Users\LAURENCE\AppData\Roaming\6oEgnf7lwON.exe
2015-03-27 17:40 - 2015-05-03 19:31 - 0000020 _____ () C:\Users\LAURENCE\AppData\Roaming\appdataFr3.bin
2015-04-14 17:28 - 2015-04-14 17:28 - 0004387 _____ () C:\Users\LAURENCE\AppData\Roaming\CZEa4jsxSG4i
2015-04-20 15:05 - 2015-04-20 15:05 - 1246720 _____ () C:\Users\LAURENCE\AppData\Roaming\CZEa4jsxSG4i.exe
2015-04-14 17:28 - 2015-04-14 17:28 - 0004387 _____ () C:\Users\LAURENCE\AppData\Roaming\d2W9PG7ytuD57UeDRe
2015-04-20 15:05 - 2015-04-20 15:05 - 1246720 _____ () C:\Users\LAURENCE\AppData\Roaming\d2W9PG7ytuD57UeDRe.exe
2015-04-14 17:28 - 2015-04-14 17:28 - 0004387 _____ () C:\Users\LAURENCE\AppData\Roaming\dQUUOjhYHv03Jad
2015-04-20 15:05 - 2015-04-20 15:05 - 1246720 _____ () C:\Users\LAURENCE\AppData\Roaming\dQUUOjhYHv03Jad.exe
2015-04-14 17:28 - 2015-04-14 17:28 - 0004387 _____ () C:\Users\LAURENCE\AppData\Roaming\FUTFWB8J34AfpO2CuFj
2015-04-20 15:05 - 2015-04-20 15:05 - 1246720 _____ () C:\Users\LAURENCE\AppData\Roaming\FUTFWB8J34AfpO2CuFj.exe
2015-04-14 17:28 - 2015-04-14 17:28 - 0004387 _____ () C:\Users\LAURENCE\AppData\Roaming\g0XBqurkqqm9kHZ
2015-04-20 15:05 - 2015-04-20 15:05 - 1246720 _____ () C:\Users\LAURENCE\AppData\Roaming\g0XBqurkqqm9kHZ.exe
2015-03-26 20:14 - 2015-03-26 20:14 - 0005542 _____ () C:\Users\LAURENCE\AppData\Roaming\GFXEWI
2015-04-14 09:35 - 2015-04-14 09:36 - 1905664 _____ (Cinema PlusV13.04) C:\Users\LAURENCE\AppData\Roaming\GFXEWI.exe
2015-04-14 17:28 - 2015-04-14 17:28 - 0004387 _____ () C:\Users\LAURENCE\AppData\Roaming\iJ1QdqQUNiy1Yk3t4L69YGr4z
2015-04-20 15:05 - 2015-04-20 15:05 - 1246720 _____ () C:\Users\LAURENCE\AppData\Roaming\iJ1QdqQUNiy1Yk3t4L69YGr4z.exe
2015-04-14 17:28 - 2015-04-14 17:28 - 0004387 _____ () C:\Users\LAURENCE\AppData\Roaming\ikOtaPW6IpwG6gWS8FZQ7u5BmH
2015-04-20 15:05 - 2015-04-20 15:05 - 1246720 _____ () C:\Users\LAURENCE\AppData\Roaming\ikOtaPW6IpwG6gWS8FZQ7u5BmH.exe
2015-04-14 17:28 - 2015-04-14 17:28 - 0004387 _____ () C:\Users\LAURENCE\AppData\Roaming\iMx3GTuPfAodhae8Jla
2015-04-20 15:05 - 2015-04-20 15:05 - 1246720 _____ () C:\Users\LAURENCE\AppData\Roaming\iMx3GTuPfAodhae8Jla.exe
2015-04-14 17:28 - 2015-04-14 17:28 - 0004387 _____ () C:\Users\LAURENCE\AppData\Roaming\kfhb8DF34dxYnE8l9
2015-04-20 15:05 - 2015-04-20 15:05 - 1246720 _____ () C:\Users\LAURENCE\AppData\Roaming\kfhb8DF34dxYnE8l9.exe
2015-04-14 17:28 - 2015-04-14 17:28 - 0004387 _____ () C:\Users\LAURENCE\AppData\Roaming\ktLgQFniw
2015-04-20 15:05 - 2015-04-20 15:05 - 1246720 _____ () C:\Users\LAURENCE\AppData\Roaming\ktLgQFniw.exe
2015-04-14 17:28 - 2015-04-14 17:28 - 0004387 _____ () C:\Users\LAURENCE\AppData\Roaming\l0tOf3pY2j6CIy60X
2015-04-20 15:05 - 2015-04-20 15:05 - 1246720 _____ () C:\Users\LAURENCE\AppData\Roaming\l0tOf3pY2j6CIy60X.exe
2015-04-14 17:28 - 2015-04-14 17:28 - 0004387 _____ () C:\Users\LAURENCE\AppData\Roaming\lm6XSBcWv45L5pdGtrNsz
2015-04-20 15:05 - 2015-04-20 15:05 - 1246720 _____ () C:\Users\LAURENCE\AppData\Roaming\lm6XSBcWv45L5pdGtrNsz.exe
2015-04-14 17:28 - 2015-04-14 17:28 - 0004387 _____ () C:\Users\LAURENCE\AppData\Roaming\ST7Q9BfLLXf
2015-04-20 15:05 - 2015-04-20 15:05 - 1246720 _____ () C:\Users\LAURENCE\AppData\Roaming\ST7Q9BfLLXf.exe
2015-04-14 17:28 - 2015-04-14 17:28 - 0004387 _____ () C:\Users\LAURENCE\AppData\Roaming\U2pOXx956PRbJhY5oYbu
2015-04-20 15:05 - 2015-04-20 15:05 - 1246720 _____ () C:\Users\LAURENCE\AppData\Roaming\U2pOXx956PRbJhY5oYbu.exe
2015-04-14 17:28 - 2015-04-14 17:28 - 0004387 _____ () C:\Users\LAURENCE\AppData\Roaming\VnEIP0AgV7tcDbCV
2015-04-20 15:05 - 2015-04-20 15:05 - 1246720 _____ () C:\Users\LAURENCE\AppData\Roaming\VnEIP0AgV7tcDbCV.exe
2015-04-14 17:28 - 2015-04-14 17:28 - 0004387 _____ () C:\Users\LAURENCE\AppData\Roaming\wAgfuWOb
2015-04-20 15:05 - 2015-04-20 15:05 - 1246720 _____ () C:\Users\LAURENCE\AppData\Roaming\wAgfuWOb.exe
2015-03-26 20:14 - 2015-03-26 20:14 - 0005542 _____ () C:\Users\LAURENCE\AppData\Roaming\ZZYC
2015-04-06 09:25 - 2015-04-06 09:25 - 1739264 _____ (InstallMoonV06.04) C:\Users\LAURENCE\AppData\Roaming\ZZYC.exe
2015-04-06 07:45 - 2015-04-06 07:45 - 0000000 _____ () C:\Users\LAURENCE\AppData\Local\.a852.db
2015-04-06 09:27 - 2015-04-06 09:27 - 0613255 _____ (CMI Limited) C:\Users\LAURENCE\AppData\Local\nsa6D45.tmp
2015-08-17 21:32 - 2015-08-17 21:32 - 0613255 _____ (CMI Limited) C:\Users\LAURENCE\AppData\Local\nsbF357.tmp
2015-06-17 17:29 - 2015-06-17 17:29 - 0613255 _____ (CMI Limited) C:\Users\LAURENCE\AppData\Local\nsfDC06.tmp
2015-04-14 10:52 - 2015-04-14 10:52 - 0613255 _____ (CMI Limited) C:\Users\LAURENCE\AppData\Local\nsg6508.tmp
2015-04-14 18:09 - 2015-04-14 18:09 - 0613255 _____ (CMI Limited) C:\Users\LAURENCE\AppData\Local\nsj2CB2.tmp
2015-08-17 10:13 - 2015-08-17 10:13 - 0613255 _____ (CMI Limited) C:\Users\LAURENCE\AppData\Local\nsl4065.tmp
2015-04-06 08:16 - 2015-04-06 08:16 - 0613255 _____ (CMI Limited) C:\Users\LAURENCE\AppData\Local\nsn381C.tmp
2015-08-24 10:33 - 2015-08-24 10:33 - 0613255 _____ (CMI Limited) C:\Users\LAURENCE\AppData\Local\nso6008.tmp
2015-05-03 22:37 - 2015-05-03 22:37 - 0613255 _____ (CMI Limited) C:\Users\LAURENCE\AppData\Local\nso6AC8.tmp
2015-08-24 11:00 - 2015-08-24 11:00 - 0613255 _____ (CMI Limited) C:\Users\LAURENCE\AppData\Local\nsoFD63.tmp
2015-05-03 21:55 - 2015-05-03 21:55 - 0613255 _____ (CMI Limited) C:\Users\LAURENCE\AppData\Local\nsp3DA4.tmp
2015-04-20 18:22 - 2015-04-20 18:22 - 0613255 _____ (CMI Limited) C:\Users\LAURENCE\AppData\Local\nsq1879.tmp
2015-08-17 10:41 - 2015-08-17 10:41 - 0613255 _____ (CMI Limited) C:\Users\LAURENCE\AppData\Local\nsqAA54.tmp
2015-08-17 10:14 - 2015-08-17 10:14 - 0613255 _____ (CMI Limited) C:\Users\LAURENCE\AppData\Local\nsqB133.tmp
2015-04-13 09:33 - 2015-04-13 09:33 - 0613255 _____ (CMI Limited) C:\Users\LAURENCE\AppData\Local\nsu1518.tmp
2015-05-03 21:52 - 2015-05-03 21:52 - 0613255 _____ (CMI Limited) C:\Users\LAURENCE\AppData\Local\nsy8B24.tmp
2015-03-30 10:20 - 2015-08-25 13:37 - 0000556 _____ () C:\Users\LAURENCE\AppData\Local\recently-fix.db
2015-03-04 19:02 - 2015-03-04 19:02 - 0000057 _____ () C:\ProgramData\Ament.ini
2011-04-13 03:48 - 2010-07-07 00:10 - 0131472 _____ () C:\ProgramData\FullRemove.exe
2015-02-19 21:28 - 2015-02-19 21:28 - 0000105 _____ () C:\ProgramData\{40BF1E83-20EB-11D8-97C5-0009C5020658}.log
2015-02-19 21:27 - 2015-02-19 21:28 - 0000107 _____ () C:\ProgramData\{C59C179C-668D-49A9-B6EA-0121CCFC1243}.log

Certains fichiers dans TEMP:
====================
C:\Users\LAURENCE\AppData\Local\Temp\1357.exe
C:\Users\LAURENCE\AppData\Local\Temp\1510.exe
C:\Users\LAURENCE\AppData\Local\Temp\153.exe
C:\Users\LAURENCE\AppData\Local\Temp\1840.exe
C:\Users\LAURENCE\AppData\Local\Temp\1890.exe
C:\Users\LAURENCE\AppData\Local\Temp\1932.exe
C:\Users\LAURENCE\AppData\Local\Temp\2200.exe
C:\Users\LAURENCE\AppData\Local\Temp\2241.exe
C:\Users\LAURENCE\AppData\Local\Temp\2505.exe
C:\Users\LAURENCE\AppData\Local\Temp\2750.exe
C:\Users\LAURENCE\AppData\Local\Temp\2920.exe
C:\Users\LAURENCE\AppData\Local\Temp\2984.exe
C:\Users\LAURENCE\AppData\Local\Temp\3005.exe
C:\Users\LAURENCE\AppData\Local\Temp\304.exe
C:\Users\LAURENCE\AppData\Local\Temp\3150.exe
C:\Users\LAURENCE\AppData\Local\Temp\3578.exe
C:\Users\LAURENCE\AppData\Local\Temp\3912.exe
C:\Users\LAURENCE\AppData\Local\Temp\4118.exe
C:\Users\LAURENCE\AppData\Local\Temp\4144.exe
C:\Users\LAURENCE\AppData\Local\Temp\452670.exe
C:\Users\LAURENCE\AppData\Local\Temp\50.exe
C:\Users\LAURENCE\AppData\Local\Temp\54.exe
C:\Users\LAURENCE\AppData\Local\Temp\5479.exe
C:\Users\LAURENCE\AppData\Local\Temp\5497872027506839482.exe
C:\Users\LAURENCE\AppData\Local\Temp\5607.exe
C:\Users\LAURENCE\AppData\Local\Temp\5DDCB39B-A50E-9C40-C832-783197171DB9.dll
C:\Users\LAURENCE\AppData\Local\Temp\5DDCB39B-A50E-9C40-C832-783197171DB9.exe
C:\Users\LAURENCE\AppData\Local\Temp\6345.exe
C:\Users\LAURENCE\AppData\Local\Temp\6417.exe
C:\Users\LAURENCE\AppData\Local\Temp\6466.exe
C:\Users\LAURENCE\AppData\Local\Temp\64755_updater.exe
C:\Users\LAURENCE\AppData\Local\Temp\6714.exe
C:\Users\LAURENCE\AppData\Local\Temp\6730.exe
C:\Users\LAURENCE\AppData\Local\Temp\6945.exe
C:\Users\LAURENCE\AppData\Local\Temp\72366C25-FECE-E495-1811-0E57C047B02E.dll
C:\Users\LAURENCE\AppData\Local\Temp\72366C25-FECE-E495-1811-0E57C047B02E.exe
C:\Users\LAURENCE\AppData\Local\Temp\72899_updater.exe
C:\Users\LAURENCE\AppData\Local\Temp\74253_updater.exe
C:\Users\LAURENCE\AppData\Local\Temp\7532.exe
C:\Users\LAURENCE\AppData\Local\Temp\7719.exe
C:\Users\LAURENCE\AppData\Local\Temp\7768.exe
C:\Users\LAURENCE\AppData\Local\Temp\7800.exe
C:\Users\LAURENCE\AppData\Local\Temp\7860.exe
C:\Users\LAURENCE\AppData\Local\Temp\8300.exe
C:\Users\LAURENCE\AppData\Local\Temp\8402.exe
C:\Users\LAURENCE\AppData\Local\Temp\875.exe
C:\Users\LAURENCE\AppData\Local\Temp\8824.exe
C:\Users\LAURENCE\AppData\Local\Temp\9645.exe
C:\Users\LAURENCE\AppData\Local\Temp\9994.exe
C:\Users\LAURENCE\AppData\Local\Temp\9B39F70F-26E6-A2EF-B8EB-E62AB01B6CD7.exe
C:\Users\LAURENCE\AppData\Local\Temp\avg1F.exe
C:\Users\LAURENCE\AppData\Local\Temp\BE95E3F9-C836-21FA-C023-4FAD82AE007C.exe
C:\Users\LAURENCE\AppData\Local\Temp\cfcabfibcdg.exe
C:\Users\LAURENCE\AppData\Local\Temp\DRHelper_installFinish.exe
C:\Users\LAURENCE\AppData\Local\Temp\DRHelper_installStart.exe
C:\Users\LAURENCE\AppData\Local\Temp\jue1EC6.exe
C:\Users\LAURENCE\AppData\Local\Temp\jue511C.exe
C:\Users\LAURENCE\AppData\Local\Temp\jue9645.exe
C:\Users\LAURENCE\AppData\Local\Temp\jue9C0.exe
C:\Users\LAURENCE\AppData\Local\Temp\jueBCAA.exe
C:\Users\LAURENCE\AppData\Local\Temp\jueD943.exe
C:\Users\LAURENCE\AppData\Local\Temp\jueD995.exe
C:\Users\LAURENCE\AppData\Local\Temp\jueF2B5.exe
C:\Users\LAURENCE\AppData\Local\Temp\OnlineBackup.exe
C:\Users\LAURENCE\AppData\Local\Temp\optprosetup.exe
C:\Users\LAURENCE\AppData\Local\Temp\optsetup.exe
C:\Users\LAURENCE\AppData\Local\Temp\Quarantine.exe
C:\Users\LAURENCE\AppData\Local\Temp\rc66.exe
C:\Users\LAURENCE\AppData\Local\Temp\sdfDDE0.exe
C:\Users\LAURENCE\AppData\Local\Temp\setacl.exe
C:\Users\LAURENCE\AppData\Local\Temp\setup_296.exe
C:\Users\LAURENCE\AppData\Local\Temp\setup_608.exe
C:\Users\LAURENCE\AppData\Local\Temp\sqlite3.dll
C:\Users\LAURENCE\AppData\Local\Temp\supoptsetup.exe
C:\Users\LAURENCE\AppData\Local\Temp\System.Data.SQLite.dll
C:\Users\LAURENCE\AppData\Local\Temp\System.Data.SQLite441176e1-9409-4515-9818-74fc2cb1f633.dll
C:\Users\LAURENCE\AppData\Local\Temp\Uninstall.exe
C:\Users\LAURENCE\AppData\Local\Temp\vcredist_x64.exe
C:\Users\LAURENCE\AppData\Local\Temp\vcredist_x86.exe
C:\Users\LAURENCE\AppData\Local\Temp\VirtualDJ New Version.exe


==================== Bamital & volsnap =================

(Il n'y a pas de correction automatique pour les fichiers qui ne satisfont pas à la vérification.)

C:\Windows\system32\winlogon.exe => Le fichier est signé numériquement
C:\Windows\system32\wininit.exe => Le fichier est signé numériquement
C:\Windows\SysWOW64\wininit.exe => Le fichier est signé numériquement
C:\Windows\explorer.exe => Le fichier est signé numériquement
C:\Windows\SysWOW64\explorer.exe => Le fichier est signé numériquement
C:\Windows\system32\svchost.exe => Le fichier est signé numériquement
C:\Windows\SysWOW64\svchost.exe => Le fichier est signé numériquement
C:\Windows\system32\services.exe => Le fichier est signé numériquement
C:\Windows\system32\User32.dll => Le fichier est signé numériquement
C:\Windows\SysWOW64\User32.dll => Le fichier est signé numériquement
C:\Windows\system32\userinit.exe => Le fichier est signé numériquement
C:\Windows\SysWOW64\userinit.exe => Le fichier est signé numériquement
C:\Windows\system32\rpcss.dll => Le fichier est signé numériquement
C:\Windows\system32\dnsapi.dll => Le fichier est signé numériquement
C:\Windows\SysWOW64\dnsapi.dll => Le fichier est signé numériquement
C:\Windows\system32\Drivers\volsnap.sys => Le fichier est signé numériquement


LastRegBack: 2015-06-14 11:33

==================== Fin de FRST.txt ============================

Publicité


Signaler le contenu de ce document

Publicité