Publicité
Publicité
Format du document : text/plain
Prévisualisation
Résultats d'analyse de Farbar Recovery Scan Tool (FRST) (x64) Version: 12-11-2017 03
Exécuté par N (administrateur) sur NATHALIE (12-11-2017 23:30:08)
Exécuté depuis C:\Users\N\Desktop
Profils chargés: N (Profils disponibles: N)
Platform: Windows 7 Home Premium Service Pack 1 (X64) Langue: Français (France)
Internet Explorer Version 11 (Navigateur par défaut: Chrome)
Mode d'amorçage: Normal
Tutoriel pour Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processus (Avec liste blanche) =================
(Si un élément est inclus dans le fichier fixlist.txt, le processus sera arrêté. Le fichier ne sera pas déplacé.)
(Logitech, Inc.) C:\Program Files\Common Files\Logishrd\Bluetooth\LBTServ.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
() C:\Windows\System32\GFNEXSrv.exe
(Dropbox, Inc.) C:\Windows\System32\DbxSvc.exe
(Nuance Communications, Inc.) C:\Program Files (x86)\Nuance\PaperPort\PDFProFiltSrvPP.exe
(DEVGURU Co., LTD.) C:\Program Files (x86)\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe
(TOSHIBA Corporation) C:\Windows\System32\TODDSrv.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe
(Western Digital Technologies, Inc.) C:\Program Files (x86)\Western Digital\WD Drive Manager\WDDriveService.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Western Digital Technologies, Inc.) C:\Program Files (x86)\Western Digital\WD SmartWare\WDBackupEngine.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\BulletinBoard\TosNcCore.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\ReelTime\TosReelTimeMonitor.exe
(Toshiba Europe GmbH) C:\Program Files (x86)\Toshiba TEMPRO\TemproTray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\Power Saver\TPwrMain.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Logitech Inc.) C:\Program Files\Logitech\SetPoint\LBTWiz.exe
(TOSHIBA) C:\Program Files (x86)\TOSHIBA\TOSHIBA Online Product Information\TOPI.exe
(Acresso Corporation) C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe
(Logitech, Inc.) C:\Program Files\Logitech\SetPoint\SetPoint.exe
(Intel Corporation) C:\Windows\System32\igfxext.exe
(Toshiba) C:\Program Files\TOSHIBA\TOSHIBA Places Icon Utility\TosDIMonitor.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
() C:\Program Files\Logitech\SetPoint\x86\SetPoint32.exe
(Logitech, Inc.) C:\Program Files\Common Files\Logishrd\KHAL2\KHALMNPR.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Nuance Communications, Inc.) C:\Program Files (x86)\Nuance\PaperPort\pptd40nt.exe
(Nuance Communications, Inc.) C:\Program Files (x86)\Nuance\PDF Viewer Plus\pdfPro5Hook.exe
(TOSHIBA CORPORATION) C:\Program Files (x86)\TOSHIBA\ConfigFree\NDSTray.exe
(Sun Microsystems, Inc.) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Samsung Electronics Co., Ltd.) C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe
(Western Digital Technologies, Inc.) C:\Program Files (x86)\Western Digital\WD Utilities\WDDriveUtilitiesHelper.exe
(Western Digital Technologies, Inc.) C:\Program Files (x86)\Western Digital\WD Security\WDDriveAutoUnlock.exe
(Western Digital Technologies, Inc.) C:\Program Files (x86)\Western Digital\WD Quick View\WDDMStatus.exe
(Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
(Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
(Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(TOSHIBA CORPORATION) C:\Program Files (x86)\TOSHIBA\ConfigFree\CFSwMgr.exe
(TOSHIBA CORPORATION) C:\Program Files (x86)\TOSHIBA\ConfigFree\CFIWmxSvcs64.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(TOSHIBA CORPORATION) C:\Program Files (x86)\TOSHIBA\ConfigFree\CFSvcs.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSENotify.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Nero AG) C:\Program Files (x86)\Nero\Update\NASvc.exe
(Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\wbem\WMIADAP.exe
(Microsoft Corporation) C:\Windows\SysWOW64\SearchProtocolHost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
==================== Registre (Avec liste blanche) ===========================
(Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé. Le fichier ne sera pas déplacé.)
HKLM\...\Run: [TosNC] => C:\Program Files\Toshiba\BulletinBoard\TosNcCore.exe [597928 2011-03-03] (TOSHIBA Corporation)
HKLM\...\Run: [TosReelTimeMonitor] => C:\Program Files\TOSHIBA\ReelTime\TosReelTimeMonitor.exe [38304 2010-12-14] (TOSHIBA Corporation)
HKLM\...\Run: [Toshiba TEMPRO] => C:\Program Files (x86)\Toshiba TEMPRO\TemproTray.exe [1546720 2011-02-10] (Toshiba Europe GmbH)
HKLM\...\Run: [TPwrMain] => C:\Program Files\TOSHIBA\Power Saver\TPwrMain.EXE [566696 2011-03-02] (TOSHIBA Corporation)
HKLM\...\Run: [TCrdMain] => C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe [973176 2010-12-15] (TOSHIBA Corporation)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [11775592 2011-01-12] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2186856 2011-01-10] (Realtek Semiconductor)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2679592 2011-02-03] (Synaptics Incorporated)
HKLM\...\Run: [TosSENotify] => C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosWaitSrv.exe [710040 2010-12-08] (TOSHIBA Corporation)
HKLM\...\Run: [TosVolRegulator] => C:\Program Files\TOSHIBA\TosVolRegulator\TosVolRegulator.exe [24376 2009-11-11] (TOSHIBA Corporation)
HKLM\...\Run: [Toshiba Registration] => C:\Program Files\TOSHIBA\Registration\ToshibaReminder.exe [150992 2011-04-28] (Toshiba Europe GmbH)
HKLM\...\Run: [Bluetooth Connection Assistant] => LBTWIZ.EXE -silent
HKLM\...\Run: [Kernel and Hardware Abstraction Layer] => C:\Windows\KHALMNPR.EXE [130576 2009-06-17] (Logitech, Inc.)
HKLM\...\Run: [Onboard] => C:\Program Files\Western Digital\WD SmartWare\WDSmartWare.exe [3197296 2014-07-22] (Western Digital Technologies, Inc.)
HKLM-x32\...\Run: [Adobe Reader Speed Launcher] => "C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe"
HKLM-x32\...\Run: [NBAgent] => c:\Program Files (x86)\Nero\Nero 10\Nero BackItUp\NBAgent.exe [1406248 2011-01-07] (Nero AG)
HKLM-x32\...\Run: [avast] => C:\Program Files\AVAST Software\Avast\avastUI.exe [4767304 2013-03-07] (AVAST Software)
HKLM-x32\...\Run: [BCSSync] => C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [89184 2012-11-05] (Microsoft Corporation)
HKLM-x32\...\Run: [IndexSearch] => C:\Program Files (x86)\Nuance\PaperPort\IndexSearch.exe [46368 2010-03-09] (Nuance Communications, Inc.)
HKLM-x32\...\Run: [PaperPort PTD] => C:\Program Files (x86)\Nuance\PaperPort\pptd40nt.exe [29984 2010-03-09] (Nuance Communications, Inc.)
HKLM-x32\...\Run: [PPort12reminder] => "C:\Program Files (x86)\Nuance\PaperPort\Ereg\Ereg.exe" -r "C:\ProgramData\ScanSoft\PaperPort\12\Config\Ereg\Ereg.ini"
HKLM-x32\...\Run: [PDFHook] => C:\Program Files (x86)\Nuance\PDF Viewer Plus\pdfpro5hook.exe [636192 2010-03-05] (Nuance Communications, Inc.)
HKLM-x32\...\Run: [PDF5 Registry Controller] => C:\Program Files (x86)\Nuance\PDF Viewer Plus\RegistryController.exe [62752 2010-03-05] (Nuance Communications, Inc.)
HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2011-10-24] (Apple Inc.)
HKLM-x32\...\Run: [Nikon Message Center 2] => C:\Program Files (x86)\Nikon\Nikon Message Center 2\NkMC2.exe [571392 2011-10-30] (Nikon Corporation)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [252848 2012-07-03] (Sun Microsystems, Inc.)
HKLM-x32\...\Run: [KiesTrayAgent] => C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe [311616 2015-04-28] (Samsung Electronics Co., Ltd.)
HKLM-x32\...\Run: [DriveUtilitiesHelper] => C:\Program Files (x86)\Western Digital\WD Utilities\WDDriveUtilitiesHelper.exe [1852264 2014-05-23] (Western Digital Technologies, Inc.)
HKLM-x32\...\Run: [WD Drive Unlocker] => C:\Program Files (x86)\Western Digital\WD Security\WDDriveAutoUnlock.exe [1694048 2014-05-23] (Western Digital Technologies, Inc.)
HKLM-x32\...\Run: [WD Quick View] => C:\Program Files (x86)\Western Digital\WD Quick View\WDDMStatus.exe [5562736 2014-07-22] (Western Digital Technologies, Inc.)
HKLM-x32\...\Run: [Dropbox] => C:\Program Files (x86)\Dropbox\Client\Dropbox.exe [3567928 2017-11-01] (Dropbox, Inc.)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
Winlogon\Notify\LBTWlgn: c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll (Logitech, Inc.)
HKU\S-1-5-19\...\Run: [TOPI.EXE] => C:\Program Files (x86)\TOSHIBA\TOSHIBA Online Product Information\topi.exe [845176 2011-02-18] (TOSHIBA)
HKU\S-1-5-20\...\Run: [TOPI.EXE] => C:\Program Files (x86)\TOSHIBA\TOSHIBA Online Product Information\topi.exe [845176 2011-02-18] (TOSHIBA)
HKU\S-1-5-21-2885777079-2916468298-131571349-1000\...\Run: [TOPI.EXE] => C:\Program Files (x86)\TOSHIBA\TOSHIBA Online Product Information\TOPI.exe [845176 2011-02-18] (TOSHIBA)
HKU\S-1-5-21-2885777079-2916468298-131571349-1000\...\Run: [ISUSPM] => C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe [222496 2009-05-05] (Acresso Corporation)
HKU\S-1-5-21-2885777079-2916468298-131571349-1000\...\Run: [KiesAirMessage] => C:\Program Files (x86)\Samsung\Kies\KiesAirMessage.exe -startup
HKU\S-1-5-21-2885777079-2916468298-131571349-1000\...\RunOnce: [Application Restart #1] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [1556312 2017-11-05] (Google Inc.)
HKU\S-1-5-21-2885777079-2916468298-131571349-1000\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\system32\PhotoScreensaver.scr [477696 2010-11-21] (Microsoft Corporation)
HKU\S-1-5-18\...\Run: [TOPI.EXE] => C:\Program Files (x86)\TOSHIBA\TOSHIBA Online Product Information\topi.exe [845176 2011-02-18] (TOSHIBA)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Logitech SetPoint.lnk [2011-10-28]
ShortcutTarget: Logitech SetPoint.lnk -> C:\Program Files\Logitech\SetPoint\SetPoint.exe (Logitech, Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Toshiba Places Icon Utility.lnk [2011-04-28]
ShortcutTarget: Toshiba Places Icon Utility.lnk -> C:\Program Files\TOSHIBA\TOSHIBA Places Icon Utility\TosDIMonitor.exe (Toshiba)
Startup: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\TRDCReminder.lnk [2011-04-28]
ShortcutTarget: TRDCReminder.lnk -> C:\Program Files (x86)\TOSHIBA\TRDCReminder\TRDCReminder.exe (TOSHIBA Europe)
Startup: C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\TRDCReminder.lnk [2011-04-28]
ShortcutTarget: TRDCReminder.lnk -> C:\Program Files (x86)\TOSHIBA\TRDCReminder\TRDCReminder.exe (TOSHIBA Europe)
Startup: C:\Users\N\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Startup.event [2011-11-27] ()
GroupPolicy: Restriction - Chrome <==== ATTENTION
==================== Internet (Avec liste blanche) ====================
(Si un élément est inclus dans le fichier fixlist.txt, s'il s'agit d'un élément du Registre, il sera supprimé ou restauré à la valeur par défaut.)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1 192.168.1.1
Tcpip\..\Interfaces\{6594C9E8-8E4A-4383-848B-C8C426C35B4E}: [DhcpNameServer] 192.168.1.1 192.168.1.1
Tcpip\..\Interfaces\{B4488FF1-BDC0-4DBA-9BB9-79F386CD543B}: [DhcpNameServer] 192.168.1.1
Internet Explorer:
==================
HKU\S-1-5-21-2885777079-2916468298-131571349-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://www.google.fr/?gfe_rd=cr&ei=BAWSVMzQHdCCVN74gNgC&gws_rd=ssl#cns=0&gfe_rd=cr&gws_rd=ssl
HKU\S-1-5-21-2885777079-2916468298-131571349-1000\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://toshiba.msn.com
SearchScopes: HKLM -> {E450C218-8D30-48E1-AED0-A39EB5955691} URL = hxxp://www.bing.com/search?q={searchTerms}&form=TSHMDF&pc=MATM&src=IE-SearchBox
SearchScopes: HKLM-x32 -> {E450C218-8D30-48E1-AED0-A39EB5955691} URL = hxxp://www.bing.com/search?q={searchTerms}&form=TSHMDF&pc=MATM&src=IE-SearchBox
SearchScopes: HKU\S-1-5-21-2885777079-2916468298-131571349-1000 -> DefaultScope {9C1FF789-748D-4BF0-BFEF-42C915437EEB} URL =
SearchScopes: HKU\S-1-5-21-2885777079-2916468298-131571349-1000 -> {69992BDE-8D43-40CA-B214-D0D280B51B47} URL = hxxp://rover.ebay.com/rover/1/709-44555-9400-8/4?satitle={searchTerms}
BHO: avast! WebRep -> {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2013-03-07] (AVAST Software)
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-19] (Microsoft Corporation)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21] (Microsoft Corp.)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO-x32: PlusIEEventHelper Class -> {551A852F-39A6-44A7-9C13-AFBEC9185A9D} -> C:\Program Files (x86)\Nuance\PDF Viewer Plus\Bin\PlusIEContextMenu.dll [2009-02-06] (Zeon Corporation)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-19] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2013-03-21] (Oracle Corporation)
BHO-x32: avast! WebRep -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2013-03-07] (AVAST Software)
BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21] (Microsoft Corp.)
BHO-x32: Skype Browser Helper -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll [2012-03-02] (Skype Technologies S.A.)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2013-03-21] (Oracle Corporation)
BHO-x32: TOSHIBA Media Controller Plug-in -> {F3C88694-EFFA-4d78-B409-54B7B2535B14} -> C:\Program Files (x86)\TOSHIBA\TOSHIBA Media Controller Plug-in\TOSHIBAMediaControllerIE.dll [2010-12-05] ()
Toolbar: HKLM - avast! WebRep - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2013-03-07] (AVAST Software)
Toolbar: HKLM-x32 - avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2013-03-07] (AVAST Software)
DPF: HKLM-x32 {0972B098-DEE9-4279-AC7E-4BAAA029102D} hxxp://assets.photobox.com/assets/aurigma/ImageUploader5.cab?20111109063336
DPF: HKLM-x32 {6A060448-60F9-11D5-A6CD-0002B31F7455}
Handler-x32: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll [2012-03-02] (Skype Technologies S.A.)
StartMenuInternet: IEXPLORE.EXE - iexplore.exe
FireFox:
========
FF ProfilePath: C:\Users\N\AppData\Roaming\TomTom\HOME\Profiles\59h52pyp.default [2014-07-30]
FF Extension: (Pas de nom) - C:\Program Files (x86)\TomTom HOME 2\xul\extensions\MapShare-status@tomtom.com [non trouvé(e)]
FF ProfilePath: C:\Users\N\AppData\Roaming\Mozilla\Firefox\Profiles\2kr9qe4a.default [2017-11-12]
FF DefaultSearchEngine: Mozilla\Firefox\Profiles\2kr9qe4a.default -> Search Provided by Yahoo
FF SelectedSearchEngine: Mozilla\Firefox\Profiles\2kr9qe4a.default -> WSE Rocket
FF Homepage: Mozilla\Firefox\Profiles\2kr9qe4a.default -> hxxps://www.malwarebytes.org/restorebrowser/%26cd%3D2XzuyEtN2Y1L1Qzu0EtD0C0AzyyEtByEtCzy0A0CtDyCtDyEtN0D0Tzu0StCtBtDtCtN1L2XzutAtFtCtDtFtBtFtCtN1L1CzutN1L1G1B1V1N2Y1L1Qzu2StD0AtBtAyCtByBtCtGtB0AtDyBtGzz0F0AzztGyCyDtA0CtGtDtD0CtDtByEzy0FyByByEyD2QtN1M1F1B2Z1V1N2Y1L1Qzu2StB0CtAzz0F0E0FyBtG0CtC0C0EtGyEzztC0DtG0AtC0E0FtGzyzyzzzz0BtBzzyDtD0A0AyD2QtN0A0LzuyEtN1B2Z1V1T1S1NzuyBtCyD%26cr%3D465388785%26a%3Dwny_clu_15_16%26os%3DWindows 7 Home Premium
FF NetworkProxy: Mozilla\Firefox\Profiles\2kr9qe4a.default -> no_proxies_on", "*.local"
FF NetworkProxy: Mozilla\Firefox\Profiles\2kr9qe4a.default -> type", 0
FF Extension: (FoxClocks) - C:\Users\N\AppData\Roaming\Mozilla\Firefox\Profiles\2kr9qe4a.default\Extensions\{d37dc5d0-431d-44e5-8c91-49419370caa1}.xpi [2016-04-08]
FF Extension: (avast! Online Security) - C:\Program Files\AVAST Software\Avast\WebRep\FF [2014-03-08] [non signé]
FF Extension: (Pas de nom) - C:\Users\N\AppData\Roaming\Mozilla\Firefox\Profiles\2kr9qe4a.default\extensions\{d37dc5d0-431d-44e5-8c91-49419370caa1} [non trouvé(e)]
FF Extension: (Skype Click to Call) - C:\Program Files (x86)\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} [2015-03-23] [non signé]
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_27_0_0_183.dll [2017-10-26] ()
FF Plugin: @microsoft.com/GENUINE -> disabled [Pas de fichier]
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.50907.0\npctrl.dll [2017-05-03] ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_27_0_0_183.dll [2017-10-26] ()
FF Plugin-x32: @java.com/DTPlugin,version=10.17.2 -> C:\Windows\SysWOW64\npDeployJava1.dll [2013-03-21] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.17.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll [2013-03-21] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [Pas de fichier]
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.50907.0\npctrl.dll [2017-05-03] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2010-11-10] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2010-11-10] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-04-29] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-04-29] (Google Inc.)
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\3\NP_wtapp.dll [2012-08-11] ()
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2017-08-10] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-2885777079-2916468298-131571349-1000: @squareclock.com/SQ3DPlayer_Production_Castorama_Dressing_Internet -> C:\Users\N\AppData\Local\SquareClock.Production_Castorama_Dressing_Internet\NPSQ3D.dll [2017-10-22] (SquareClock SAS)
StartMenuInternet: FIREFOX.EXE - firefox.exe
Chrome:
=======
CHR DefaultProfile: Default
CHR HomePage: Default -> hxxp://www.google.com
CHR StartupUrls: Default -> "hxxp://www.google.com"
CHR Profile: C:\Users\N\AppData\Local\Google\Chrome\User Data\Default [2017-11-12]
CHR Extension: (Docs) - C:\Users\N\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-10-13]
CHR Extension: (Google Drive) - C:\Users\N\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-10-22]
CHR Extension: (YouTube) - C:\Users\N\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-09-25]
CHR Extension: (Recherche Google) - C:\Users\N\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-10-27]
CHR Extension: (Google Docs hors connexion) - C:\Users\N\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-03-16]
CHR Extension: (Paiements via le Chrome Web Store) - C:\Users\N\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-08-25]
CHR Extension: (Gmail) - C:\Users\N\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-03-29]
CHR Extension: (Chrome Media Router) - C:\Users\N\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-10-27]
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [ikaooahnheaoeceaipjcmnamnoleeblk] - hxxps://clients2.google.com/service/update2/crx
==================== Services (Avec liste blanche) ====================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [45248 2013-03-07] (AVAST Software)
S2 dbupdate; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2016-11-05] (Dropbox, Inc.)
S3 dbupdatem; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2016-11-05] (Dropbox, Inc.)
R2 DbxSvc; C:\Windows\system32\DbxSvc.exe [51016 2017-11-01] (Dropbox, Inc.)
R2 GFNEXSrv; C:\Windows\System32\GFNEXSrv.exe [162824 2010-09-09] ()
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe [69632 2005-11-14] (Macrovision Corporation) [Fichier non signé]
S3 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [6058960 2017-08-21] (Malwarebytes)
R2 PDFProFiltSrvPP; C:\Program Files (x86)\Nuance\PaperPort\PDFProFiltSrvPP.exe [144672 2010-03-09] (Nuance Communications, Inc.)
R2 ss_conn_service; C:\Program Files (x86)\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe [754784 2016-07-22] (DEVGURU Co., LTD.)
S3 TemproMonitoringService; C:\Program Files (x86)\Toshiba TEMPRO\TemproSvc.exe [112080 2011-02-10] (Toshiba Europe GmbH)
R2 WDBackup; C:\Program Files (x86)\Western Digital\WD SmartWare\WDBackupEngine.exe [1042808 2014-07-22] (Western Digital Technologies, Inc.)
R2 WDDriveService; C:\Program Files (x86)\Western Digital\WD Drive Manager\WDDriveService.exe [296312 2014-05-23] (Western Digital Technologies, Inc.)
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
===================== Pilotes (Avec liste blanche) ======================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
R2 aswFsBlk; C:\Windows\System32\Drivers\aswFsBlk.sys [33400 2014-01-22] (AVAST Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [80816 2014-01-22] (AVAST Software)
R1 aswRdr; C:\Windows\System32\Drivers\aswrdr2.sys [72016 2014-01-22] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65336 2014-01-22] ()
R1 aswSnx; C:\Windows\System32\Drivers\aswSnx.sys [1031392 2014-12-03] (AVAST Software)
R1 aswSP; C:\Windows\System32\Drivers\aswSP.sys [378944 2014-01-22] (AVAST Software)
R1 aswTdi; C:\Windows\System32\Drivers\aswTdi.sys [64288 2014-01-22] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [189936 2014-01-22] ()
S3 dg_ssudbus; C:\Windows\System32\DRIVERS\ssudbus.sys [131712 2016-09-05] (Samsung Electronics Co., Ltd.)
S3 RimVSerPort; C:\Windows\System32\DRIVERS\RimSerial_AMD64.sys [44544 2012-12-10] (Research in Motion Ltd)
S3 ssudmdm; C:\Windows\System32\DRIVERS\ssudmdm.sys [165504 2016-09-05] (Samsung Electronics Co., Ltd.)
S3 USBAAPL64; C:\Windows\System32\Drivers\usbaapl64.sys [53760 2012-09-28] (Apple, Inc.) [Fichier non signé]
S3 dbx; system32\DRIVERS\dbx.sys [X]
S3 dgderdrv; System32\drivers\dgderdrv.sys [X]
S3 RimUsb; System32\Drivers\RimUsb_AMD64.sys [X]
==================== NetSvcs (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
==================== Un mois - Créés - fichiers et dossiers ========
(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)
2017-11-12 23:30 - 2017-11-12 23:33 - 000026807 _____ C:\Users\N\Desktop\FRST.txt
2017-11-12 23:30 - 2017-11-12 23:30 - 000000000 ____D C:\FRST
2017-11-12 23:26 - 2017-11-12 23:28 - 000008192 _____ C:\Windows\SysWOW64\WDPABKP.dat
2017-11-12 22:26 - 2017-11-12 22:27 - 002392576 _____ (Farbar) C:\Users\N\Desktop\FRST64.exe
2017-11-12 22:04 - 2017-11-12 22:04 - 000001318 _____ C:\Users\N\Desktop\Continuer Installation de Room Arranger 9 Full Serial Keys (x86x64).lnk
2017-11-12 22:02 - 2017-11-12 22:02 - 001525156 _____ ( ) C:\Users\N\Downloads\Room Arranger 9 Full Serial Keys (x86x64)_2160173046.exe
2017-11-12 22:01 - 2017-11-12 22:02 - 001525156 _____ ( ) C:\Users\N\Downloads\Room Arranger 9 Full Serial Keys (x86x64)_3546227198.exe
2017-11-12 21:53 - 2017-11-12 21:53 - 000001358 _____ C:\Users\N\Desktop\Continuer Installation de Room Arranger 9 Crack Plus Serial Number Download.lnk
2017-11-12 21:46 - 2017-11-12 21:46 - 001525156 _____ ( ) C:\Users\N\Downloads\Room Arranger 9 Crack Plus Serial Number Download_0199543433.exe
2017-11-12 21:42 - 2017-11-12 21:42 - 000550678 _____ ( ) C:\Users\N\Downloads\Room_Arranger_9_Full_Crack_With_Keygen_Updated (4).exe
2017-11-12 21:42 - 2017-11-12 21:42 - 000550678 _____ ( ) C:\Users\N\Downloads\Room_Arranger_9_Full_Crack_With_Keygen_Updated (3).exe
2017-11-12 21:42 - 2017-11-12 21:42 - 000550678 _____ ( ) C:\Users\N\Downloads\Room_Arranger_9_Full_Crack_With_Keygen_Updated (2).exe
2017-11-12 21:41 - 2017-11-12 21:41 - 000000290 __RSH C:\ProgramData\ntuser.pol
2017-11-12 21:40 - 2017-11-12 21:40 - 000550678 _____ ( ) C:\Users\N\Downloads\Room_Arranger_9_Full_Crack_With_Keygen_Updated.exe
2017-11-12 21:40 - 2017-11-12 21:40 - 000550678 _____ ( ) C:\Users\N\Downloads\Room_Arranger_9_Full_Crack_With_Keygen_Updated (1).exe
2017-11-12 21:34 - 2017-11-12 21:42 - 000000000 ____D C:\Users\N\AppData\Roaming\Room Arranger
2017-11-12 21:31 - 2017-11-12 21:31 - 000992488 _____ (NCH Software) C:\Users\N\Downloads\essetup.exe
2017-11-12 21:31 - 2017-11-12 21:31 - 000001037 _____ C:\Users\Public\Desktop\Room Arranger.lnk
2017-11-12 21:31 - 2017-11-12 21:31 - 000000000 ____D C:\ProgramData\Room Arranger
2017-11-12 21:31 - 2017-11-12 21:31 - 000000000 ____D C:\Program Files (x86)\Room Arranger
2017-11-12 21:18 - 2017-11-12 21:19 - 025589640 _____ C:\Users\N\Downloads\rooarr911.exe
2017-11-12 20:54 - 2017-11-12 20:54 - 000004638 _____ C:\Windows\System32\Tasks\Adobe Flash Player PPAPI Notifier
2017-11-12 11:05 - 2017-11-12 11:05 - 000147131 _____ C:\Users\N\Desktop\Impression des offres.pdf
2017-11-11 19:24 - 2017-11-11 19:25 - 000023493 _____ C:\Users\N\Downloads\CG garderie.odt
2017-11-10 21:51 - 2017-11-10 21:51 - 000369666 _____ C:\Users\N\Downloads\controle_poids_10_11_2017.txt
2017-11-06 23:01 - 2017-11-06 23:01 - 004087436 _____ C:\Users\N\Desktop\formulaire nespresso.pdf
2017-11-04 10:07 - 2017-11-04 10:07 - 000211383 _____ C:\Users\N\Downloads\DeliveryReturn_f8bf8c63-3b09-42e6-b105-4382254859a0.pdf
2017-11-02 21:13 - 2017-11-02 21:13 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox
2017-11-01 12:58 - 2017-11-01 12:58 - 000051016 _____ (Dropbox, Inc.) C:\Windows\system32\DbxSvc.exe
2017-11-01 12:58 - 2017-11-01 12:58 - 000045672 _____ (Dropbox, Inc.) C:\Windows\system32\Drivers\dbx-dev.sys
2017-11-01 12:58 - 2017-11-01 12:58 - 000045640 _____ (Dropbox, Inc.) C:\Windows\system32\Drivers\dbx-stable.sys
2017-11-01 12:58 - 2017-11-01 12:58 - 000045640 _____ (Dropbox, Inc.) C:\Windows\system32\Drivers\dbx-canary.sys
2017-10-28 21:09 - 2017-10-28 21:09 - 000087870 _____ C:\Users\N\Downloads\facture221839884.PDF
2017-10-28 21:07 - 2017-10-28 21:07 - 000087584 _____ C:\Users\N\Downloads\facture228373883.PDF
2017-10-28 21:07 - 2017-10-28 21:07 - 000082304 _____ C:\Users\N\Downloads\facture219524406 (1).PDF
2017-10-28 21:06 - 2017-10-28 21:06 - 000083137 _____ C:\Users\N\Downloads\facture227645771.PDF
2017-10-28 21:05 - 2017-10-28 21:05 - 000081421 _____ C:\Users\N\Downloads\facture229057216.PDF
2017-10-28 21:04 - 2017-10-28 21:04 - 000082203 _____ C:\Users\N\Downloads\facture228976292.PDF
2017-10-28 20:43 - 2017-10-28 20:43 - 126925120 ____C (Microsoft Corporation) C:\Windows\system32\MRT-KB890830.exe
2017-10-22 20:34 - 2017-10-22 20:34 - 000002195 _____ C:\Users\Public\Desktop\Style Builder 2016.lnk
2017-10-22 20:34 - 2017-10-22 20:34 - 000002109 _____ C:\Users\Public\Desktop\LayOut 2016.lnk
2017-10-22 20:34 - 2017-10-22 20:34 - 000002024 _____ C:\Users\Public\Desktop\SketchUp 2016.lnk
2017-10-22 20:34 - 2017-10-22 20:34 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SketchUp 2016
2017-10-22 20:32 - 2017-10-22 20:32 - 000000000 ____D C:\Program Files (x86)\SketchUp
2017-10-22 20:27 - 2017-10-22 20:29 - 000000000 ____D C:\Users\N\AppData\LocalLow\SquareClock.Production_Castorama_Dressing_Internet
2017-10-22 20:27 - 2017-10-22 20:27 - 000002318 _____ C:\Users\N\AppData\Roaming\Microsoft\Windows\Start Menu\Casto 3D Rangement.lnk
2017-10-22 20:27 - 2017-10-22 20:27 - 000002316 _____ C:\Users\N\Desktop\Casto 3D Rangement.lnk
2017-10-22 20:27 - 2017-10-22 20:27 - 000000000 ____D C:\Users\N\AppData\Local\SquareClock.Production_Castorama_Dressing_Internet
2017-10-22 20:24 - 2017-10-22 20:25 - 020612128 _____ (SquareClock SAS) C:\Users\N\Downloads\SquareClock_Castorama_Dressing_Internet.exe
2017-10-22 20:11 - 2017-10-22 20:12 - 025687744 _____ C:\Users\N\Downloads\rooarr941.exe
2017-10-22 20:09 - 2017-10-22 20:10 - 022503848 _____ C:\Users\N\Downloads\rooarr8.exe
2017-10-22 19:55 - 2017-11-12 21:36 - 000000000 ____D C:\Users\N\Documents\Room Arranger
2017-10-22 19:55 - 2017-10-22 19:56 - 025667576 _____ C:\Users\N\Downloads\rooarr93.exe
2017-10-21 22:09 - 2017-10-21 22:09 - 000000000 ____D C:\Users\N\AppData\Roaming\Trimble Connect for SketchUp
2017-10-21 22:07 - 2017-10-21 22:07 - 000000000 ____D C:\Users\N\AppData\Roaming\SketchUp
2017-10-21 21:54 - 2017-10-21 21:54 - 000000000 ____D C:\ProgramData\Reprise
2017-10-21 21:52 - 2017-10-21 21:52 - 000000000 ____D C:\ProgramData\SketchUp
2017-10-21 21:33 - 2017-10-21 21:37 - 123693928 _____ (Trimble Navigation Limited) C:\Users\N\Downloads\SketchUpMake-fr.exe
2017-10-21 20:59 - 2017-10-21 20:59 - 000060054 _____ C:\Users\N\Downloads\Odace_S520804.pdf
2017-10-21 19:42 - 2017-10-21 19:42 - 000081515 _____ C:\Users\N\Downloads\facture227146869.PDF
2017-10-20 22:20 - 2017-10-20 22:21 - 000053183 _____ C:\Users\N\Desktop\mail VP 1.pdf
2017-10-20 22:18 - 2017-10-20 22:25 - 000033792 _____ C:\Users\N\Desktop\mail VP 1.msg
2017-10-20 22:18 - 2017-10-20 22:18 - 000086379 _____ C:\Users\N\Downloads\facture228371636.PDF
2017-10-20 22:18 - 2017-10-20 22:18 - 000086379 _____ C:\Users\N\Desktop\facture VP.PDF
2017-10-20 21:01 - 2017-10-20 21:01 - 000123648 _____ C:\Users\N\Downloads\DeliveryReturn_6601debb-4bf7-4e7f-8996-2624218b82b5.pdf
2017-10-20 20:58 - 2017-10-20 20:58 - 000125818 _____ C:\Users\N\Downloads\DeliveryReturn_90bb88d3-bd08-4b44-b07c-d25080a9c649.pdf
2017-10-18 21:36 - 2017-10-18 21:36 - 000348160 _____ C:\Users\N\Documents\Database1.accdb
2017-10-18 21:15 - 2017-10-18 21:15 - 000015991 _____ C:\Users\N\Desktop\Classeur1.xlsx
2017-10-18 20:31 - 2017-10-18 20:31 - 000002959 _____ C:\Users\N\Downloads\Validation.zip
2017-10-18 20:24 - 2017-10-18 20:25 - 000714932 _____ C:\Users\N\Downloads\Data Validation Examples_update.xlsx
2017-10-16 19:49 - 2017-10-16 19:50 - 000124987 _____ C:\Users\N\Downloads\DeliveryReturn_5a2701a8-ad37-4272-b451-3d6838c9ec65.pdf
2017-10-13 20:04 - 2017-10-13 20:04 - 000211733 _____ C:\Users\N\Downloads\DeliveryReturn_9aef15b9-b6be-4ee1-b2ad-d7d5bcd370c1.pdf
==================== Un mois - Modifiés - fichiers et dossiers ========
(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)
2017-11-12 23:30 - 2011-02-11 17:16 - 000750704 _____ C:\Windows\system32\perfh00C.dat
2017-11-12 23:30 - 2011-02-11 17:16 - 000151318 _____ C:\Windows\system32\perfc00C.dat
2017-11-12 23:30 - 2009-07-14 06:13 - 001677594 _____ C:\Windows\system32\PerfStringBackup.INI
2017-11-12 23:30 - 2009-07-14 04:20 - 000000000 ____D C:\Windows\inf
2017-11-12 23:24 - 2015-08-31 13:30 - 000001172 _____ C:\Windows\Tasks\DropboxUpdateTaskMachineCore.job
2017-11-12 23:24 - 2009-07-14 06:08 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2017-11-12 23:05 - 2015-08-31 13:30 - 000001176 _____ C:\Windows\Tasks\DropboxUpdateTaskMachineUA.job
2017-11-12 22:46 - 2012-01-21 19:04 - 000000000 ____D C:\Users\N\Documents\Fichiers Outlook
2017-11-12 22:46 - 2011-10-12 19:56 - 000000000 ____D C:\Users\N\Documents\Outlook NV
2017-11-12 22:31 - 2009-07-14 05:45 - 000025120 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2017-11-12 22:31 - 2009-07-14 05:45 - 000025120 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2017-11-12 22:07 - 2013-05-04 16:41 - 000000000 ____D C:\Users\N\AppData\Local\Room Arranger
2017-11-12 21:54 - 2013-03-21 22:43 - 000004182 _____ C:\Windows\System32\Tasks\avast! Emergency Update
2017-11-12 21:51 - 2011-10-12 19:21 - 000000000 ____D C:\Users\N\AppData\Local\Adobe
2017-11-12 21:41 - 2009-07-14 04:20 - 000000000 ___HD C:\Windows\system32\GroupPolicy
2017-11-12 21:41 - 2009-07-14 04:20 - 000000000 ____D C:\Windows\SysWOW64\GroupPolicy
2017-11-12 20:54 - 2013-03-21 22:31 - 000803328 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2017-11-12 20:54 - 2012-01-21 17:25 - 000000000 ____D C:\Windows\system32\Macromed
2017-11-12 20:54 - 2011-10-23 19:06 - 000144896 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2017-11-12 20:54 - 2011-08-15 18:49 - 000000000 ____D C:\Windows\SysWOW64\Macromed
2017-11-12 20:50 - 2011-10-12 19:27 - 000000000 ____D C:\Users\N\Documents\Budget
2017-11-10 21:52 - 2016-05-27 22:03 - 000000000 ____D C:\Users\N\Documents\CDC
2017-11-06 21:52 - 2014-03-08 13:53 - 000002200 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2017-11-06 21:52 - 2014-03-08 13:53 - 000002188 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2017-11-03 13:36 - 2015-01-03 20:01 - 000000398 _____ C:\Windows\Tasks\DriverEasy Scheduled Scan.job
2017-11-02 21:13 - 2015-08-31 13:30 - 000000000 ____D C:\Program Files (x86)\Dropbox
2017-10-28 20:55 - 2013-08-15 07:26 - 000000000 ____D C:\Windows\system32\MRT
2017-10-28 20:42 - 2011-10-23 12:27 - 126925120 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2017-10-26 22:13 - 2011-12-17 09:35 - 000000000 ____D C:\Users\N\Documents\Invihome
2017-10-25 20:02 - 2011-10-12 19:25 - 000000000 ____D C:\Users\N\Documents\Dossiers divers
2017-10-24 20:40 - 2011-10-12 18:53 - 001652598 _____ C:\Windows\SysWOW64\PerfStringBackup.INI
==================== Fichiers à la racine de certains dossiers =======
2013-12-26 14:04 - 2013-12-26 14:04 - 000038412 _____ () C:\Users\N\AppData\Roaming\Microsoft Excel 97-2003.ADR
2012-09-12 23:06 - 2012-09-12 23:06 - 000000000 _____ () C:\Users\N\AppData\Roaming\pdfconverter
2012-07-28 08:11 - 2012-07-28 08:11 - 000000268 ___RH () C:\Users\N\AppData\Roaming\PrintingModule
2012-07-28 08:11 - 2012-07-28 08:11 - 000000268 ___RH () C:\Users\N\AppData\Roaming\Profiles
2014-02-26 22:31 - 2015-01-03 19:59 - 000000462 _____ () C:\Users\N\AppData\Roaming\Rim.Desktop.Exception.log
2014-02-26 22:30 - 2016-01-03 00:22 - 000002021 _____ () C:\Users\N\AppData\Roaming\Rim.Desktop.HttpServerSetup.log
2014-02-26 22:31 - 2015-01-03 19:59 - 000000462 _____ () C:\Users\N\AppData\Roaming\Rim.DesktopHelper.Exception.log
2011-11-27 19:51 - 2011-11-27 19:51 - 000000000 ____H () C:\Users\N\AppData\Roaming\Roaming.event
2013-12-26 14:23 - 2013-12-26 14:33 - 000022972 _____ () C:\Users\N\AppData\Roaming\Valeurs séparées par une virgule (Windows).ADR
2011-11-27 19:51 - 2011-11-27 19:51 - 000000000 ____H () C:\Users\N\AppData\Roaming\Microsoft\Microsoft.event
2012-03-13 21:20 - 2016-05-11 20:23 - 000012288 _____ () C:\Users\N\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2011-11-27 19:51 - 2011-11-27 19:51 - 000000000 ____H () C:\Users\N\AppData\Local\Local.event
2016-05-11 22:41 - 2016-05-11 22:41 - 000000218 _____ () C:\Users\N\AppData\Local\recently-used.xbel
2017-05-07 14:12 - 2017-05-07 14:12 - 000000000 _____ () C:\Users\N\AppData\Local\{91A9694E-CDD3-4F52-9E2D-9827C19A8C34}
2015-03-03 23:40 - 2015-03-03 23:40 - 000000000 _____ () C:\Users\N\AppData\Local\{9D1D3A57-C7C4-42BD-9841-70754E817872}
2016-05-25 21:12 - 2016-05-25 21:12 - 000000000 _____ () C:\Users\N\AppData\Local\{A66578E9-9F0C-4118-B54B-CADBB89DA506}
2011-10-16 18:55 - 2013-03-10 14:21 - 000000088 __RSH () C:\ProgramData\25BEE8149A.sys
2011-10-16 18:55 - 2013-03-10 14:21 - 000005642 ___SH () C:\ProgramData\KGyGaAvL.sys
2012-07-14 17:43 - 2012-07-28 08:08 - 000000000 ____H () C:\ProgramData\PKP_DLes.DAT
2012-07-14 17:42 - 2012-09-20 20:30 - 000000020 ____H () C:\ProgramData\PKP_DLet.DAT
2012-07-14 17:42 - 2012-09-20 20:30 - 000000020 ____H () C:\ProgramData\PKP_DLev.DAT
2012-07-28 08:11 - 2012-07-28 08:11 - 000000268 ___RH () C:\ProgramData\Quartz Composer
2012-07-28 08:11 - 2012-07-28 08:11 - 000000268 ___RH () C:\ProgramData\Receipts
Certains fichiers dans TEMP:
====================
2016-06-28 20:57 - 2016-06-28 20:57 - 000000000 _____ () C:\Users\N\AppData\Local\Temp\7checut2.dll
2015-12-03 21:32 - 2015-12-03 21:32 - 000071168 _____ () C:\Users\N\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpqosiaj.dll
2017-11-12 21:53 - 2017-11-12 21:53 - 001525156 _____ ( ) C:\Users\N\AppData\Local\Temp\ICReinstall_Room Arranger 9 Crack Plus Serial Number Download_0199543433.exe
2017-11-12 22:04 - 2017-11-12 22:04 - 001525156 _____ ( ) C:\Users\N\AppData\Local\Temp\ICReinstall_Room Arranger 9 Full Serial Keys (x86x64)_2160173046.exe
2016-09-23 20:04 - 2016-09-23 20:04 - 000737856 _____ (Oracle Corporation) C:\Users\N\AppData\Local\Temp\jre-8u111-windows-au.exe
2017-03-15 19:11 - 2017-03-15 19:11 - 000739904 _____ (Oracle Corporation) C:\Users\N\AppData\Local\Temp\jre-8u131-windows-au.exe
2017-07-24 17:05 - 2017-07-24 17:05 - 000740416 _____ (Oracle Corporation) C:\Users\N\AppData\Local\Temp\jre-8u144-windows-au.exe
2015-06-12 23:21 - 2015-06-12 23:21 - 000563808 _____ (Oracle Corporation) C:\Users\N\AppData\Local\Temp\jre-8u51-windows-au.exe
2015-11-10 16:59 - 2015-11-10 16:59 - 000585824 _____ (Oracle Corporation) C:\Users\N\AppData\Local\Temp\jre-8u66-windows-au.exe
2014-07-23 07:18 - 2014-07-23 07:18 - 000001536 _____ () C:\Users\N\AppData\Local\Temp\NEventMessages.dll
2014-07-23 07:16 - 2014-07-23 07:16 - 000001536 _____ () C:\Users\N\AppData\Local\Temp\NOSEventMessages.dll
2014-10-04 12:07 - 2014-09-30 21:35 - 000377097 _____ () C:\Users\N\AppData\Local\Temp\Quarantine.exe
2014-10-12 17:54 - 2014-10-12 17:54 - 000787968 _____ (SQLite Development Team) C:\Users\N\AppData\Local\Temp\sqlite3.dll
2015-01-03 18:33 - 2015-01-03 18:33 - 000000000 _____ () C:\Users\N\AppData\Local\Temp\x0xqoqt1.dll
2016-01-01 19:05 - 2006-05-24 18:10 - 000455600 _____ (Macrovision Corporation) C:\Users\N\AppData\Local\Temp\_is5D44.exe
2015-04-18 11:23 - 2015-04-18 11:35 - 041416787 _____ () C:\Users\N\AppData\Local\Temp\{3FD1E654-8292-4E46-BD28-A884CE5C8988}-42.0.2311.90_chrome_installer.exe
2016-01-15 09:29 - 2016-01-15 09:29 - 000000000 _____ () C:\Users\N\AppData\Local\Temp\{728C6A6B-EEE2-4C86-A7C2-4658012EB24F}-47.0.2526.111_47.0.2526.106_chrome_updater_3stage.exe
==================== Bamital & volsnap ======================
(Il n'y a pas de correction automatique pour les fichiers qui ne satisfont pas à la vérification.)
C:\Windows\system32\winlogon.exe => Le fichier est signé numériquement
C:\Windows\system32\wininit.exe => Le fichier est signé numériquement
C:\Windows\SysWOW64\wininit.exe => Le fichier est signé numériquement
C:\Windows\explorer.exe => Le fichier est signé numériquement
C:\Windows\SysWOW64\explorer.exe => Le fichier est signé numériquement
C:\Windows\system32\svchost.exe => Le fichier est signé numériquement
C:\Windows\SysWOW64\svchost.exe => Le fichier est signé numériquement
C:\Windows\system32\services.exe => Le fichier est signé numériquement
C:\Windows\system32\User32.dll => Le fichier est signé numériquement
C:\Windows\SysWOW64\User32.dll => Le fichier est signé numériquement
C:\Windows\system32\userinit.exe => Le fichier est signé numériquement
C:\Windows\SysWOW64\userinit.exe => Le fichier est signé numériquement
C:\Windows\system32\rpcss.dll => Le fichier est signé numériquement
C:\Windows\system32\dnsapi.dll => Le fichier est signé numériquement
C:\Windows\SysWOW64\dnsapi.dll => Le fichier est signé numériquement
C:\Windows\system32\Drivers\volsnap.sys => Le fichier est signé numériquement
LastRegBack: 2017-11-09 23:12
==================== Fin de FRST.txt ============================
Exécuté par N (administrateur) sur NATHALIE (12-11-2017 23:30:08)
Exécuté depuis C:\Users\N\Desktop
Profils chargés: N (Profils disponibles: N)
Platform: Windows 7 Home Premium Service Pack 1 (X64) Langue: Français (France)
Internet Explorer Version 11 (Navigateur par défaut: Chrome)
Mode d'amorçage: Normal
Tutoriel pour Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processus (Avec liste blanche) =================
(Si un élément est inclus dans le fichier fixlist.txt, le processus sera arrêté. Le fichier ne sera pas déplacé.)
(Logitech, Inc.) C:\Program Files\Common Files\Logishrd\Bluetooth\LBTServ.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
() C:\Windows\System32\GFNEXSrv.exe
(Dropbox, Inc.) C:\Windows\System32\DbxSvc.exe
(Nuance Communications, Inc.) C:\Program Files (x86)\Nuance\PaperPort\PDFProFiltSrvPP.exe
(DEVGURU Co., LTD.) C:\Program Files (x86)\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe
(TOSHIBA Corporation) C:\Windows\System32\TODDSrv.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe
(Western Digital Technologies, Inc.) C:\Program Files (x86)\Western Digital\WD Drive Manager\WDDriveService.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Western Digital Technologies, Inc.) C:\Program Files (x86)\Western Digital\WD SmartWare\WDBackupEngine.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\BulletinBoard\TosNcCore.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\ReelTime\TosReelTimeMonitor.exe
(Toshiba Europe GmbH) C:\Program Files (x86)\Toshiba TEMPRO\TemproTray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\Power Saver\TPwrMain.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Logitech Inc.) C:\Program Files\Logitech\SetPoint\LBTWiz.exe
(TOSHIBA) C:\Program Files (x86)\TOSHIBA\TOSHIBA Online Product Information\TOPI.exe
(Acresso Corporation) C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe
(Logitech, Inc.) C:\Program Files\Logitech\SetPoint\SetPoint.exe
(Intel Corporation) C:\Windows\System32\igfxext.exe
(Toshiba) C:\Program Files\TOSHIBA\TOSHIBA Places Icon Utility\TosDIMonitor.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
() C:\Program Files\Logitech\SetPoint\x86\SetPoint32.exe
(Logitech, Inc.) C:\Program Files\Common Files\Logishrd\KHAL2\KHALMNPR.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Nuance Communications, Inc.) C:\Program Files (x86)\Nuance\PaperPort\pptd40nt.exe
(Nuance Communications, Inc.) C:\Program Files (x86)\Nuance\PDF Viewer Plus\pdfPro5Hook.exe
(TOSHIBA CORPORATION) C:\Program Files (x86)\TOSHIBA\ConfigFree\NDSTray.exe
(Sun Microsystems, Inc.) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Samsung Electronics Co., Ltd.) C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe
(Western Digital Technologies, Inc.) C:\Program Files (x86)\Western Digital\WD Utilities\WDDriveUtilitiesHelper.exe
(Western Digital Technologies, Inc.) C:\Program Files (x86)\Western Digital\WD Security\WDDriveAutoUnlock.exe
(Western Digital Technologies, Inc.) C:\Program Files (x86)\Western Digital\WD Quick View\WDDMStatus.exe
(Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
(Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
(Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(TOSHIBA CORPORATION) C:\Program Files (x86)\TOSHIBA\ConfigFree\CFSwMgr.exe
(TOSHIBA CORPORATION) C:\Program Files (x86)\TOSHIBA\ConfigFree\CFIWmxSvcs64.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(TOSHIBA CORPORATION) C:\Program Files (x86)\TOSHIBA\ConfigFree\CFSvcs.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSENotify.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Nero AG) C:\Program Files (x86)\Nero\Update\NASvc.exe
(Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\wbem\WMIADAP.exe
(Microsoft Corporation) C:\Windows\SysWOW64\SearchProtocolHost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
==================== Registre (Avec liste blanche) ===========================
(Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé. Le fichier ne sera pas déplacé.)
HKLM\...\Run: [TosNC] => C:\Program Files\Toshiba\BulletinBoard\TosNcCore.exe [597928 2011-03-03] (TOSHIBA Corporation)
HKLM\...\Run: [TosReelTimeMonitor] => C:\Program Files\TOSHIBA\ReelTime\TosReelTimeMonitor.exe [38304 2010-12-14] (TOSHIBA Corporation)
HKLM\...\Run: [Toshiba TEMPRO] => C:\Program Files (x86)\Toshiba TEMPRO\TemproTray.exe [1546720 2011-02-10] (Toshiba Europe GmbH)
HKLM\...\Run: [TPwrMain] => C:\Program Files\TOSHIBA\Power Saver\TPwrMain.EXE [566696 2011-03-02] (TOSHIBA Corporation)
HKLM\...\Run: [TCrdMain] => C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe [973176 2010-12-15] (TOSHIBA Corporation)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [11775592 2011-01-12] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2186856 2011-01-10] (Realtek Semiconductor)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2679592 2011-02-03] (Synaptics Incorporated)
HKLM\...\Run: [TosSENotify] => C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosWaitSrv.exe [710040 2010-12-08] (TOSHIBA Corporation)
HKLM\...\Run: [TosVolRegulator] => C:\Program Files\TOSHIBA\TosVolRegulator\TosVolRegulator.exe [24376 2009-11-11] (TOSHIBA Corporation)
HKLM\...\Run: [Toshiba Registration] => C:\Program Files\TOSHIBA\Registration\ToshibaReminder.exe [150992 2011-04-28] (Toshiba Europe GmbH)
HKLM\...\Run: [Bluetooth Connection Assistant] => LBTWIZ.EXE -silent
HKLM\...\Run: [Kernel and Hardware Abstraction Layer] => C:\Windows\KHALMNPR.EXE [130576 2009-06-17] (Logitech, Inc.)
HKLM\...\Run: [Onboard] => C:\Program Files\Western Digital\WD SmartWare\WDSmartWare.exe [3197296 2014-07-22] (Western Digital Technologies, Inc.)
HKLM-x32\...\Run: [Adobe Reader Speed Launcher] => "C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe"
HKLM-x32\...\Run: [NBAgent] => c:\Program Files (x86)\Nero\Nero 10\Nero BackItUp\NBAgent.exe [1406248 2011-01-07] (Nero AG)
HKLM-x32\...\Run: [avast] => C:\Program Files\AVAST Software\Avast\avastUI.exe [4767304 2013-03-07] (AVAST Software)
HKLM-x32\...\Run: [BCSSync] => C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [89184 2012-11-05] (Microsoft Corporation)
HKLM-x32\...\Run: [IndexSearch] => C:\Program Files (x86)\Nuance\PaperPort\IndexSearch.exe [46368 2010-03-09] (Nuance Communications, Inc.)
HKLM-x32\...\Run: [PaperPort PTD] => C:\Program Files (x86)\Nuance\PaperPort\pptd40nt.exe [29984 2010-03-09] (Nuance Communications, Inc.)
HKLM-x32\...\Run: [PPort12reminder] => "C:\Program Files (x86)\Nuance\PaperPort\Ereg\Ereg.exe" -r "C:\ProgramData\ScanSoft\PaperPort\12\Config\Ereg\Ereg.ini"
HKLM-x32\...\Run: [PDFHook] => C:\Program Files (x86)\Nuance\PDF Viewer Plus\pdfpro5hook.exe [636192 2010-03-05] (Nuance Communications, Inc.)
HKLM-x32\...\Run: [PDF5 Registry Controller] => C:\Program Files (x86)\Nuance\PDF Viewer Plus\RegistryController.exe [62752 2010-03-05] (Nuance Communications, Inc.)
HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2011-10-24] (Apple Inc.)
HKLM-x32\...\Run: [Nikon Message Center 2] => C:\Program Files (x86)\Nikon\Nikon Message Center 2\NkMC2.exe [571392 2011-10-30] (Nikon Corporation)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [252848 2012-07-03] (Sun Microsystems, Inc.)
HKLM-x32\...\Run: [KiesTrayAgent] => C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe [311616 2015-04-28] (Samsung Electronics Co., Ltd.)
HKLM-x32\...\Run: [DriveUtilitiesHelper] => C:\Program Files (x86)\Western Digital\WD Utilities\WDDriveUtilitiesHelper.exe [1852264 2014-05-23] (Western Digital Technologies, Inc.)
HKLM-x32\...\Run: [WD Drive Unlocker] => C:\Program Files (x86)\Western Digital\WD Security\WDDriveAutoUnlock.exe [1694048 2014-05-23] (Western Digital Technologies, Inc.)
HKLM-x32\...\Run: [WD Quick View] => C:\Program Files (x86)\Western Digital\WD Quick View\WDDMStatus.exe [5562736 2014-07-22] (Western Digital Technologies, Inc.)
HKLM-x32\...\Run: [Dropbox] => C:\Program Files (x86)\Dropbox\Client\Dropbox.exe [3567928 2017-11-01] (Dropbox, Inc.)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
Winlogon\Notify\LBTWlgn: c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll (Logitech, Inc.)
HKU\S-1-5-19\...\Run: [TOPI.EXE] => C:\Program Files (x86)\TOSHIBA\TOSHIBA Online Product Information\topi.exe [845176 2011-02-18] (TOSHIBA)
HKU\S-1-5-20\...\Run: [TOPI.EXE] => C:\Program Files (x86)\TOSHIBA\TOSHIBA Online Product Information\topi.exe [845176 2011-02-18] (TOSHIBA)
HKU\S-1-5-21-2885777079-2916468298-131571349-1000\...\Run: [TOPI.EXE] => C:\Program Files (x86)\TOSHIBA\TOSHIBA Online Product Information\TOPI.exe [845176 2011-02-18] (TOSHIBA)
HKU\S-1-5-21-2885777079-2916468298-131571349-1000\...\Run: [ISUSPM] => C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe [222496 2009-05-05] (Acresso Corporation)
HKU\S-1-5-21-2885777079-2916468298-131571349-1000\...\Run: [KiesAirMessage] => C:\Program Files (x86)\Samsung\Kies\KiesAirMessage.exe -startup
HKU\S-1-5-21-2885777079-2916468298-131571349-1000\...\RunOnce: [Application Restart #1] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [1556312 2017-11-05] (Google Inc.)
HKU\S-1-5-21-2885777079-2916468298-131571349-1000\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\system32\PhotoScreensaver.scr [477696 2010-11-21] (Microsoft Corporation)
HKU\S-1-5-18\...\Run: [TOPI.EXE] => C:\Program Files (x86)\TOSHIBA\TOSHIBA Online Product Information\topi.exe [845176 2011-02-18] (TOSHIBA)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Logitech SetPoint.lnk [2011-10-28]
ShortcutTarget: Logitech SetPoint.lnk -> C:\Program Files\Logitech\SetPoint\SetPoint.exe (Logitech, Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Toshiba Places Icon Utility.lnk [2011-04-28]
ShortcutTarget: Toshiba Places Icon Utility.lnk -> C:\Program Files\TOSHIBA\TOSHIBA Places Icon Utility\TosDIMonitor.exe (Toshiba)
Startup: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\TRDCReminder.lnk [2011-04-28]
ShortcutTarget: TRDCReminder.lnk -> C:\Program Files (x86)\TOSHIBA\TRDCReminder\TRDCReminder.exe (TOSHIBA Europe)
Startup: C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\TRDCReminder.lnk [2011-04-28]
ShortcutTarget: TRDCReminder.lnk -> C:\Program Files (x86)\TOSHIBA\TRDCReminder\TRDCReminder.exe (TOSHIBA Europe)
Startup: C:\Users\N\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Startup.event [2011-11-27] ()
GroupPolicy: Restriction - Chrome <==== ATTENTION
==================== Internet (Avec liste blanche) ====================
(Si un élément est inclus dans le fichier fixlist.txt, s'il s'agit d'un élément du Registre, il sera supprimé ou restauré à la valeur par défaut.)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1 192.168.1.1
Tcpip\..\Interfaces\{6594C9E8-8E4A-4383-848B-C8C426C35B4E}: [DhcpNameServer] 192.168.1.1 192.168.1.1
Tcpip\..\Interfaces\{B4488FF1-BDC0-4DBA-9BB9-79F386CD543B}: [DhcpNameServer] 192.168.1.1
Internet Explorer:
==================
HKU\S-1-5-21-2885777079-2916468298-131571349-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://www.google.fr/?gfe_rd=cr&ei=BAWSVMzQHdCCVN74gNgC&gws_rd=ssl#cns=0&gfe_rd=cr&gws_rd=ssl
HKU\S-1-5-21-2885777079-2916468298-131571349-1000\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://toshiba.msn.com
SearchScopes: HKLM -> {E450C218-8D30-48E1-AED0-A39EB5955691} URL = hxxp://www.bing.com/search?q={searchTerms}&form=TSHMDF&pc=MATM&src=IE-SearchBox
SearchScopes: HKLM-x32 -> {E450C218-8D30-48E1-AED0-A39EB5955691} URL = hxxp://www.bing.com/search?q={searchTerms}&form=TSHMDF&pc=MATM&src=IE-SearchBox
SearchScopes: HKU\S-1-5-21-2885777079-2916468298-131571349-1000 -> DefaultScope {9C1FF789-748D-4BF0-BFEF-42C915437EEB} URL =
SearchScopes: HKU\S-1-5-21-2885777079-2916468298-131571349-1000 -> {69992BDE-8D43-40CA-B214-D0D280B51B47} URL = hxxp://rover.ebay.com/rover/1/709-44555-9400-8/4?satitle={searchTerms}
BHO: avast! WebRep -> {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2013-03-07] (AVAST Software)
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-19] (Microsoft Corporation)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21] (Microsoft Corp.)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO-x32: PlusIEEventHelper Class -> {551A852F-39A6-44A7-9C13-AFBEC9185A9D} -> C:\Program Files (x86)\Nuance\PDF Viewer Plus\Bin\PlusIEContextMenu.dll [2009-02-06] (Zeon Corporation)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-19] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2013-03-21] (Oracle Corporation)
BHO-x32: avast! WebRep -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2013-03-07] (AVAST Software)
BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21] (Microsoft Corp.)
BHO-x32: Skype Browser Helper -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll [2012-03-02] (Skype Technologies S.A.)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2013-03-21] (Oracle Corporation)
BHO-x32: TOSHIBA Media Controller Plug-in -> {F3C88694-EFFA-4d78-B409-54B7B2535B14} -> C:\Program Files (x86)\TOSHIBA\TOSHIBA Media Controller Plug-in\TOSHIBAMediaControllerIE.dll [2010-12-05] (
Toolbar: HKLM - avast! WebRep - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2013-03-07] (AVAST Software)
Toolbar: HKLM-x32 - avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2013-03-07] (AVAST Software)
DPF: HKLM-x32 {0972B098-DEE9-4279-AC7E-4BAAA029102D} hxxp://assets.photobox.com/assets/aurigma/ImageUploader5.cab?20111109063336
DPF: HKLM-x32 {6A060448-60F9-11D5-A6CD-0002B31F7455}
Handler-x32: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll [2012-03-02] (Skype Technologies S.A.)
StartMenuInternet: IEXPLORE.EXE - iexplore.exe
FireFox:
========
FF ProfilePath: C:\Users\N\AppData\Roaming\TomTom\HOME\Profiles\59h52pyp.default [2014-07-30]
FF Extension: (Pas de nom) - C:\Program Files (x86)\TomTom HOME 2\xul\extensions\MapShare-status@tomtom.com [non trouvé(e)]
FF ProfilePath: C:\Users\N\AppData\Roaming\Mozilla\Firefox\Profiles\2kr9qe4a.default [2017-11-12]
FF DefaultSearchEngine: Mozilla\Firefox\Profiles\2kr9qe4a.default -> Search Provided by Yahoo
FF SelectedSearchEngine: Mozilla\Firefox\Profiles\2kr9qe4a.default -> WSE Rocket
FF Homepage: Mozilla\Firefox\Profiles\2kr9qe4a.default -> hxxps://www.malwarebytes.org/restorebrowser/%26cd%3D2XzuyEtN2Y1L1Qzu0EtD0C0AzyyEtByEtCzy0A0CtDyCtDyEtN0D0Tzu0StCtBtDtCtN1L2XzutAtFtCtDtFtBtFtCtN1L1CzutN1L1G1B1V1N2Y1L1Qzu2StD0AtBtAyCtByBtCtGtB0AtDyBtGzz0F0AzztGyCyDtA0CtGtDtD0CtDtByEzy0FyByByEyD2QtN1M1F1B2Z1V1N2Y1L1Qzu2StB0CtAzz0F0E0FyBtG0CtC0C0EtGyEzztC0DtG0AtC0E0FtGzyzyzzzz0BtBzzyDtD0A0AyD2QtN0A0LzuyEtN1B2Z1V1T1S1NzuyBtCyD%26cr%3D465388785%26a%3Dwny_clu_15_16%26os%3DWindows 7 Home Premium
FF NetworkProxy: Mozilla\Firefox\Profiles\2kr9qe4a.default -> no_proxies_on", "*.local"
FF NetworkProxy: Mozilla\Firefox\Profiles\2kr9qe4a.default -> type", 0
FF Extension: (FoxClocks) - C:\Users\N\AppData\Roaming\Mozilla\Firefox\Profiles\2kr9qe4a.default\Extensions\{d37dc5d0-431d-44e5-8c91-49419370caa1}.xpi [2016-04-08]
FF Extension: (avast! Online Security) - C:\Program Files\AVAST Software\Avast\WebRep\FF [2014-03-08] [non signé]
FF Extension: (Pas de nom) - C:\Users\N\AppData\Roaming\Mozilla\Firefox\Profiles\2kr9qe4a.default\extensions\{d37dc5d0-431d-44e5-8c91-49419370caa1} [non trouvé(e)]
FF Extension: (Skype Click to Call) - C:\Program Files (x86)\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} [2015-03-23] [non signé]
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_27_0_0_183.dll [2017-10-26] ()
FF Plugin: @microsoft.com/GENUINE -> disabled [Pas de fichier]
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.50907.0\npctrl.dll [2017-05-03] ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_27_0_0_183.dll [2017-10-26] ()
FF Plugin-x32: @java.com/DTPlugin,version=10.17.2 -> C:\Windows\SysWOW64\npDeployJava1.dll [2013-03-21] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.17.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll [2013-03-21] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [Pas de fichier]
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.50907.0\npctrl.dll [2017-05-03] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2010-11-10] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2010-11-10] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-04-29] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-04-29] (Google Inc.)
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\3\NP_wtapp.dll [2012-08-11] ()
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2017-08-10] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-2885777079-2916468298-131571349-1000: @squareclock.com/SQ3DPlayer_Production_Castorama_Dressing_Internet -> C:\Users\N\AppData\Local\SquareClock.Production_Castorama_Dressing_Internet\NPSQ3D.dll [2017-10-22] (SquareClock SAS)
StartMenuInternet: FIREFOX.EXE - firefox.exe
Chrome:
=======
CHR DefaultProfile: Default
CHR HomePage: Default -> hxxp://www.google.com
CHR StartupUrls: Default -> "hxxp://www.google.com"
CHR Profile: C:\Users\N\AppData\Local\Google\Chrome\User Data\Default [2017-11-12]
CHR Extension: (Docs) - C:\Users\N\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-10-13]
CHR Extension: (Google Drive) - C:\Users\N\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-10-22]
CHR Extension: (YouTube) - C:\Users\N\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-09-25]
CHR Extension: (Recherche Google) - C:\Users\N\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-10-27]
CHR Extension: (Google Docs hors connexion) - C:\Users\N\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-03-16]
CHR Extension: (Paiements via le Chrome Web Store) - C:\Users\N\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-08-25]
CHR Extension: (Gmail) - C:\Users\N\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-03-29]
CHR Extension: (Chrome Media Router) - C:\Users\N\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-10-27]
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [ikaooahnheaoeceaipjcmnamnoleeblk] - hxxps://clients2.google.com/service/update2/crx
==================== Services (Avec liste blanche) ====================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [45248 2013-03-07] (AVAST Software)
S2 dbupdate; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2016-11-05] (Dropbox, Inc.)
S3 dbupdatem; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2016-11-05] (Dropbox, Inc.)
R2 DbxSvc; C:\Windows\system32\DbxSvc.exe [51016 2017-11-01] (Dropbox, Inc.)
R2 GFNEXSrv; C:\Windows\System32\GFNEXSrv.exe [162824 2010-09-09] ()
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe [69632 2005-11-14] (Macrovision Corporation) [Fichier non signé]
S3 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [6058960 2017-08-21] (Malwarebytes)
R2 PDFProFiltSrvPP; C:\Program Files (x86)\Nuance\PaperPort\PDFProFiltSrvPP.exe [144672 2010-03-09] (Nuance Communications, Inc.)
R2 ss_conn_service; C:\Program Files (x86)\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe [754784 2016-07-22] (DEVGURU Co., LTD.)
S3 TemproMonitoringService; C:\Program Files (x86)\Toshiba TEMPRO\TemproSvc.exe [112080 2011-02-10] (Toshiba Europe GmbH)
R2 WDBackup; C:\Program Files (x86)\Western Digital\WD SmartWare\WDBackupEngine.exe [1042808 2014-07-22] (Western Digital Technologies, Inc.)
R2 WDDriveService; C:\Program Files (x86)\Western Digital\WD Drive Manager\WDDriveService.exe [296312 2014-05-23] (Western Digital Technologies, Inc.)
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
===================== Pilotes (Avec liste blanche) ======================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
R2 aswFsBlk; C:\Windows\System32\Drivers\aswFsBlk.sys [33400 2014-01-22] (AVAST Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [80816 2014-01-22] (AVAST Software)
R1 aswRdr; C:\Windows\System32\Drivers\aswrdr2.sys [72016 2014-01-22] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65336 2014-01-22] ()
R1 aswSnx; C:\Windows\System32\Drivers\aswSnx.sys [1031392 2014-12-03] (AVAST Software)
R1 aswSP; C:\Windows\System32\Drivers\aswSP.sys [378944 2014-01-22] (AVAST Software)
R1 aswTdi; C:\Windows\System32\Drivers\aswTdi.sys [64288 2014-01-22] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [189936 2014-01-22] ()
S3 dg_ssudbus; C:\Windows\System32\DRIVERS\ssudbus.sys [131712 2016-09-05] (Samsung Electronics Co., Ltd.)
S3 RimVSerPort; C:\Windows\System32\DRIVERS\RimSerial_AMD64.sys [44544 2012-12-10] (Research in Motion Ltd)
S3 ssudmdm; C:\Windows\System32\DRIVERS\ssudmdm.sys [165504 2016-09-05] (Samsung Electronics Co., Ltd.)
S3 USBAAPL64; C:\Windows\System32\Drivers\usbaapl64.sys [53760 2012-09-28] (Apple, Inc.) [Fichier non signé]
S3 dbx; system32\DRIVERS\dbx.sys [X]
S3 dgderdrv; System32\drivers\dgderdrv.sys [X]
S3 RimUsb; System32\Drivers\RimUsb_AMD64.sys [X]
==================== NetSvcs (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
==================== Un mois - Créés - fichiers et dossiers ========
(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)
2017-11-12 23:30 - 2017-11-12 23:33 - 000026807 _____ C:\Users\N\Desktop\FRST.txt
2017-11-12 23:30 - 2017-11-12 23:30 - 000000000 ____D C:\FRST
2017-11-12 23:26 - 2017-11-12 23:28 - 000008192 _____ C:\Windows\SysWOW64\WDPABKP.dat
2017-11-12 22:26 - 2017-11-12 22:27 - 002392576 _____ (Farbar) C:\Users\N\Desktop\FRST64.exe
2017-11-12 22:04 - 2017-11-12 22:04 - 000001318 _____ C:\Users\N\Desktop\Continuer Installation de Room Arranger 9 Full Serial Keys (x86x64).lnk
2017-11-12 22:02 - 2017-11-12 22:02 - 001525156 _____ ( ) C:\Users\N\Downloads\Room Arranger 9 Full Serial Keys (x86x64)_2160173046.exe
2017-11-12 22:01 - 2017-11-12 22:02 - 001525156 _____ ( ) C:\Users\N\Downloads\Room Arranger 9 Full Serial Keys (x86x64)_3546227198.exe
2017-11-12 21:53 - 2017-11-12 21:53 - 000001358 _____ C:\Users\N\Desktop\Continuer Installation de Room Arranger 9 Crack Plus Serial Number Download.lnk
2017-11-12 21:46 - 2017-11-12 21:46 - 001525156 _____ ( ) C:\Users\N\Downloads\Room Arranger 9 Crack Plus Serial Number Download_0199543433.exe
2017-11-12 21:42 - 2017-11-12 21:42 - 000550678 _____ ( ) C:\Users\N\Downloads\Room_Arranger_9_Full_Crack_With_Keygen_Updated (4).exe
2017-11-12 21:42 - 2017-11-12 21:42 - 000550678 _____ ( ) C:\Users\N\Downloads\Room_Arranger_9_Full_Crack_With_Keygen_Updated (3).exe
2017-11-12 21:42 - 2017-11-12 21:42 - 000550678 _____ ( ) C:\Users\N\Downloads\Room_Arranger_9_Full_Crack_With_Keygen_Updated (2).exe
2017-11-12 21:41 - 2017-11-12 21:41 - 000000290 __RSH C:\ProgramData\ntuser.pol
2017-11-12 21:40 - 2017-11-12 21:40 - 000550678 _____ ( ) C:\Users\N\Downloads\Room_Arranger_9_Full_Crack_With_Keygen_Updated.exe
2017-11-12 21:40 - 2017-11-12 21:40 - 000550678 _____ ( ) C:\Users\N\Downloads\Room_Arranger_9_Full_Crack_With_Keygen_Updated (1).exe
2017-11-12 21:34 - 2017-11-12 21:42 - 000000000 ____D C:\Users\N\AppData\Roaming\Room Arranger
2017-11-12 21:31 - 2017-11-12 21:31 - 000992488 _____ (NCH Software) C:\Users\N\Downloads\essetup.exe
2017-11-12 21:31 - 2017-11-12 21:31 - 000001037 _____ C:\Users\Public\Desktop\Room Arranger.lnk
2017-11-12 21:31 - 2017-11-12 21:31 - 000000000 ____D C:\ProgramData\Room Arranger
2017-11-12 21:31 - 2017-11-12 21:31 - 000000000 ____D C:\Program Files (x86)\Room Arranger
2017-11-12 21:18 - 2017-11-12 21:19 - 025589640 _____ C:\Users\N\Downloads\rooarr911.exe
2017-11-12 20:54 - 2017-11-12 20:54 - 000004638 _____ C:\Windows\System32\Tasks\Adobe Flash Player PPAPI Notifier
2017-11-12 11:05 - 2017-11-12 11:05 - 000147131 _____ C:\Users\N\Desktop\Impression des offres.pdf
2017-11-11 19:24 - 2017-11-11 19:25 - 000023493 _____ C:\Users\N\Downloads\CG garderie.odt
2017-11-10 21:51 - 2017-11-10 21:51 - 000369666 _____ C:\Users\N\Downloads\controle_poids_10_11_2017.txt
2017-11-06 23:01 - 2017-11-06 23:01 - 004087436 _____ C:\Users\N\Desktop\formulaire nespresso.pdf
2017-11-04 10:07 - 2017-11-04 10:07 - 000211383 _____ C:\Users\N\Downloads\DeliveryReturn_f8bf8c63-3b09-42e6-b105-4382254859a0.pdf
2017-11-02 21:13 - 2017-11-02 21:13 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox
2017-11-01 12:58 - 2017-11-01 12:58 - 000051016 _____ (Dropbox, Inc.) C:\Windows\system32\DbxSvc.exe
2017-11-01 12:58 - 2017-11-01 12:58 - 000045672 _____ (Dropbox, Inc.) C:\Windows\system32\Drivers\dbx-dev.sys
2017-11-01 12:58 - 2017-11-01 12:58 - 000045640 _____ (Dropbox, Inc.) C:\Windows\system32\Drivers\dbx-stable.sys
2017-11-01 12:58 - 2017-11-01 12:58 - 000045640 _____ (Dropbox, Inc.) C:\Windows\system32\Drivers\dbx-canary.sys
2017-10-28 21:09 - 2017-10-28 21:09 - 000087870 _____ C:\Users\N\Downloads\facture221839884.PDF
2017-10-28 21:07 - 2017-10-28 21:07 - 000087584 _____ C:\Users\N\Downloads\facture228373883.PDF
2017-10-28 21:07 - 2017-10-28 21:07 - 000082304 _____ C:\Users\N\Downloads\facture219524406 (1).PDF
2017-10-28 21:06 - 2017-10-28 21:06 - 000083137 _____ C:\Users\N\Downloads\facture227645771.PDF
2017-10-28 21:05 - 2017-10-28 21:05 - 000081421 _____ C:\Users\N\Downloads\facture229057216.PDF
2017-10-28 21:04 - 2017-10-28 21:04 - 000082203 _____ C:\Users\N\Downloads\facture228976292.PDF
2017-10-28 20:43 - 2017-10-28 20:43 - 126925120 ____C (Microsoft Corporation) C:\Windows\system32\MRT-KB890830.exe
2017-10-22 20:34 - 2017-10-22 20:34 - 000002195 _____ C:\Users\Public\Desktop\Style Builder 2016.lnk
2017-10-22 20:34 - 2017-10-22 20:34 - 000002109 _____ C:\Users\Public\Desktop\LayOut 2016.lnk
2017-10-22 20:34 - 2017-10-22 20:34 - 000002024 _____ C:\Users\Public\Desktop\SketchUp 2016.lnk
2017-10-22 20:34 - 2017-10-22 20:34 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SketchUp 2016
2017-10-22 20:32 - 2017-10-22 20:32 - 000000000 ____D C:\Program Files (x86)\SketchUp
2017-10-22 20:27 - 2017-10-22 20:29 - 000000000 ____D C:\Users\N\AppData\LocalLow\SquareClock.Production_Castorama_Dressing_Internet
2017-10-22 20:27 - 2017-10-22 20:27 - 000002318 _____ C:\Users\N\AppData\Roaming\Microsoft\Windows\Start Menu\Casto 3D Rangement.lnk
2017-10-22 20:27 - 2017-10-22 20:27 - 000002316 _____ C:\Users\N\Desktop\Casto 3D Rangement.lnk
2017-10-22 20:27 - 2017-10-22 20:27 - 000000000 ____D C:\Users\N\AppData\Local\SquareClock.Production_Castorama_Dressing_Internet
2017-10-22 20:24 - 2017-10-22 20:25 - 020612128 _____ (SquareClock SAS) C:\Users\N\Downloads\SquareClock_Castorama_Dressing_Internet.exe
2017-10-22 20:11 - 2017-10-22 20:12 - 025687744 _____ C:\Users\N\Downloads\rooarr941.exe
2017-10-22 20:09 - 2017-10-22 20:10 - 022503848 _____ C:\Users\N\Downloads\rooarr8.exe
2017-10-22 19:55 - 2017-11-12 21:36 - 000000000 ____D C:\Users\N\Documents\Room Arranger
2017-10-22 19:55 - 2017-10-22 19:56 - 025667576 _____ C:\Users\N\Downloads\rooarr93.exe
2017-10-21 22:09 - 2017-10-21 22:09 - 000000000 ____D C:\Users\N\AppData\Roaming\Trimble Connect for SketchUp
2017-10-21 22:07 - 2017-10-21 22:07 - 000000000 ____D C:\Users\N\AppData\Roaming\SketchUp
2017-10-21 21:54 - 2017-10-21 21:54 - 000000000 ____D C:\ProgramData\Reprise
2017-10-21 21:52 - 2017-10-21 21:52 - 000000000 ____D C:\ProgramData\SketchUp
2017-10-21 21:33 - 2017-10-21 21:37 - 123693928 _____ (Trimble Navigation Limited) C:\Users\N\Downloads\SketchUpMake-fr.exe
2017-10-21 20:59 - 2017-10-21 20:59 - 000060054 _____ C:\Users\N\Downloads\Odace_S520804.pdf
2017-10-21 19:42 - 2017-10-21 19:42 - 000081515 _____ C:\Users\N\Downloads\facture227146869.PDF
2017-10-20 22:20 - 2017-10-20 22:21 - 000053183 _____ C:\Users\N\Desktop\mail VP 1.pdf
2017-10-20 22:18 - 2017-10-20 22:25 - 000033792 _____ C:\Users\N\Desktop\mail VP 1.msg
2017-10-20 22:18 - 2017-10-20 22:18 - 000086379 _____ C:\Users\N\Downloads\facture228371636.PDF
2017-10-20 22:18 - 2017-10-20 22:18 - 000086379 _____ C:\Users\N\Desktop\facture VP.PDF
2017-10-20 21:01 - 2017-10-20 21:01 - 000123648 _____ C:\Users\N\Downloads\DeliveryReturn_6601debb-4bf7-4e7f-8996-2624218b82b5.pdf
2017-10-20 20:58 - 2017-10-20 20:58 - 000125818 _____ C:\Users\N\Downloads\DeliveryReturn_90bb88d3-bd08-4b44-b07c-d25080a9c649.pdf
2017-10-18 21:36 - 2017-10-18 21:36 - 000348160 _____ C:\Users\N\Documents\Database1.accdb
2017-10-18 21:15 - 2017-10-18 21:15 - 000015991 _____ C:\Users\N\Desktop\Classeur1.xlsx
2017-10-18 20:31 - 2017-10-18 20:31 - 000002959 _____ C:\Users\N\Downloads\Validation.zip
2017-10-18 20:24 - 2017-10-18 20:25 - 000714932 _____ C:\Users\N\Downloads\Data Validation Examples_update.xlsx
2017-10-16 19:49 - 2017-10-16 19:50 - 000124987 _____ C:\Users\N\Downloads\DeliveryReturn_5a2701a8-ad37-4272-b451-3d6838c9ec65.pdf
2017-10-13 20:04 - 2017-10-13 20:04 - 000211733 _____ C:\Users\N\Downloads\DeliveryReturn_9aef15b9-b6be-4ee1-b2ad-d7d5bcd370c1.pdf
==================== Un mois - Modifiés - fichiers et dossiers ========
(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)
2017-11-12 23:30 - 2011-02-11 17:16 - 000750704 _____ C:\Windows\system32\perfh00C.dat
2017-11-12 23:30 - 2011-02-11 17:16 - 000151318 _____ C:\Windows\system32\perfc00C.dat
2017-11-12 23:30 - 2009-07-14 06:13 - 001677594 _____ C:\Windows\system32\PerfStringBackup.INI
2017-11-12 23:30 - 2009-07-14 04:20 - 000000000 ____D C:\Windows\inf
2017-11-12 23:24 - 2015-08-31 13:30 - 000001172 _____ C:\Windows\Tasks\DropboxUpdateTaskMachineCore.job
2017-11-12 23:24 - 2009-07-14 06:08 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2017-11-12 23:05 - 2015-08-31 13:30 - 000001176 _____ C:\Windows\Tasks\DropboxUpdateTaskMachineUA.job
2017-11-12 22:46 - 2012-01-21 19:04 - 000000000 ____D C:\Users\N\Documents\Fichiers Outlook
2017-11-12 22:46 - 2011-10-12 19:56 - 000000000 ____D C:\Users\N\Documents\Outlook NV
2017-11-12 22:31 - 2009-07-14 05:45 - 000025120 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2017-11-12 22:31 - 2009-07-14 05:45 - 000025120 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2017-11-12 22:07 - 2013-05-04 16:41 - 000000000 ____D C:\Users\N\AppData\Local\Room Arranger
2017-11-12 21:54 - 2013-03-21 22:43 - 000004182 _____ C:\Windows\System32\Tasks\avast! Emergency Update
2017-11-12 21:51 - 2011-10-12 19:21 - 000000000 ____D C:\Users\N\AppData\Local\Adobe
2017-11-12 21:41 - 2009-07-14 04:20 - 000000000 ___HD C:\Windows\system32\GroupPolicy
2017-11-12 21:41 - 2009-07-14 04:20 - 000000000 ____D C:\Windows\SysWOW64\GroupPolicy
2017-11-12 20:54 - 2013-03-21 22:31 - 000803328 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2017-11-12 20:54 - 2012-01-21 17:25 - 000000000 ____D C:\Windows\system32\Macromed
2017-11-12 20:54 - 2011-10-23 19:06 - 000144896 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2017-11-12 20:54 - 2011-08-15 18:49 - 000000000 ____D C:\Windows\SysWOW64\Macromed
2017-11-12 20:50 - 2011-10-12 19:27 - 000000000 ____D C:\Users\N\Documents\Budget
2017-11-10 21:52 - 2016-05-27 22:03 - 000000000 ____D C:\Users\N\Documents\CDC
2017-11-06 21:52 - 2014-03-08 13:53 - 000002200 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2017-11-06 21:52 - 2014-03-08 13:53 - 000002188 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2017-11-03 13:36 - 2015-01-03 20:01 - 000000398 _____ C:\Windows\Tasks\DriverEasy Scheduled Scan.job
2017-11-02 21:13 - 2015-08-31 13:30 - 000000000 ____D C:\Program Files (x86)\Dropbox
2017-10-28 20:55 - 2013-08-15 07:26 - 000000000 ____D C:\Windows\system32\MRT
2017-10-28 20:42 - 2011-10-23 12:27 - 126925120 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2017-10-26 22:13 - 2011-12-17 09:35 - 000000000 ____D C:\Users\N\Documents\Invihome
2017-10-25 20:02 - 2011-10-12 19:25 - 000000000 ____D C:\Users\N\Documents\Dossiers divers
2017-10-24 20:40 - 2011-10-12 18:53 - 001652598 _____ C:\Windows\SysWOW64\PerfStringBackup.INI
==================== Fichiers à la racine de certains dossiers =======
2013-12-26 14:04 - 2013-12-26 14:04 - 000038412 _____ () C:\Users\N\AppData\Roaming\Microsoft Excel 97-2003.ADR
2012-09-12 23:06 - 2012-09-12 23:06 - 000000000 _____ () C:\Users\N\AppData\Roaming\pdfconverter
2012-07-28 08:11 - 2012-07-28 08:11 - 000000268 ___RH () C:\Users\N\AppData\Roaming\PrintingModule
2012-07-28 08:11 - 2012-07-28 08:11 - 000000268 ___RH () C:\Users\N\AppData\Roaming\Profiles
2014-02-26 22:31 - 2015-01-03 19:59 - 000000462 _____ () C:\Users\N\AppData\Roaming\Rim.Desktop.Exception.log
2014-02-26 22:30 - 2016-01-03 00:22 - 000002021 _____ () C:\Users\N\AppData\Roaming\Rim.Desktop.HttpServerSetup.log
2014-02-26 22:31 - 2015-01-03 19:59 - 000000462 _____ () C:\Users\N\AppData\Roaming\Rim.DesktopHelper.Exception.log
2011-11-27 19:51 - 2011-11-27 19:51 - 000000000 ____H () C:\Users\N\AppData\Roaming\Roaming.event
2013-12-26 14:23 - 2013-12-26 14:33 - 000022972 _____ () C:\Users\N\AppData\Roaming\Valeurs séparées par une virgule (Windows).ADR
2011-11-27 19:51 - 2011-11-27 19:51 - 000000000 ____H () C:\Users\N\AppData\Roaming\Microsoft\Microsoft.event
2012-03-13 21:20 - 2016-05-11 20:23 - 000012288 _____ () C:\Users\N\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2011-11-27 19:51 - 2011-11-27 19:51 - 000000000 ____H () C:\Users\N\AppData\Local\Local.event
2016-05-11 22:41 - 2016-05-11 22:41 - 000000218 _____ () C:\Users\N\AppData\Local\recently-used.xbel
2017-05-07 14:12 - 2017-05-07 14:12 - 000000000 _____ () C:\Users\N\AppData\Local\{91A9694E-CDD3-4F52-9E2D-9827C19A8C34}
2015-03-03 23:40 - 2015-03-03 23:40 - 000000000 _____ () C:\Users\N\AppData\Local\{9D1D3A57-C7C4-42BD-9841-70754E817872}
2016-05-25 21:12 - 2016-05-25 21:12 - 000000000 _____ () C:\Users\N\AppData\Local\{A66578E9-9F0C-4118-B54B-CADBB89DA506}
2011-10-16 18:55 - 2013-03-10 14:21 - 000000088 __RSH () C:\ProgramData\25BEE8149A.sys
2011-10-16 18:55 - 2013-03-10 14:21 - 000005642 ___SH () C:\ProgramData\KGyGaAvL.sys
2012-07-14 17:43 - 2012-07-28 08:08 - 000000000 ____H () C:\ProgramData\PKP_DLes.DAT
2012-07-14 17:42 - 2012-09-20 20:30 - 000000020 ____H () C:\ProgramData\PKP_DLet.DAT
2012-07-14 17:42 - 2012-09-20 20:30 - 000000020 ____H () C:\ProgramData\PKP_DLev.DAT
2012-07-28 08:11 - 2012-07-28 08:11 - 000000268 ___RH () C:\ProgramData\Quartz Composer
2012-07-28 08:11 - 2012-07-28 08:11 - 000000268 ___RH () C:\ProgramData\Receipts
Certains fichiers dans TEMP:
====================
2016-06-28 20:57 - 2016-06-28 20:57 - 000000000 _____ () C:\Users\N\AppData\Local\Temp\7checut2.dll
2015-12-03 21:32 - 2015-12-03 21:32 - 000071168 _____ () C:\Users\N\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpqosiaj.dll
2017-11-12 21:53 - 2017-11-12 21:53 - 001525156 _____ ( ) C:\Users\N\AppData\Local\Temp\ICReinstall_Room Arranger 9 Crack Plus Serial Number Download_0199543433.exe
2017-11-12 22:04 - 2017-11-12 22:04 - 001525156 _____ ( ) C:\Users\N\AppData\Local\Temp\ICReinstall_Room Arranger 9 Full Serial Keys (x86x64)_2160173046.exe
2016-09-23 20:04 - 2016-09-23 20:04 - 000737856 _____ (Oracle Corporation) C:\Users\N\AppData\Local\Temp\jre-8u111-windows-au.exe
2017-03-15 19:11 - 2017-03-15 19:11 - 000739904 _____ (Oracle Corporation) C:\Users\N\AppData\Local\Temp\jre-8u131-windows-au.exe
2017-07-24 17:05 - 2017-07-24 17:05 - 000740416 _____ (Oracle Corporation) C:\Users\N\AppData\Local\Temp\jre-8u144-windows-au.exe
2015-06-12 23:21 - 2015-06-12 23:21 - 000563808 _____ (Oracle Corporation) C:\Users\N\AppData\Local\Temp\jre-8u51-windows-au.exe
2015-11-10 16:59 - 2015-11-10 16:59 - 000585824 _____ (Oracle Corporation) C:\Users\N\AppData\Local\Temp\jre-8u66-windows-au.exe
2014-07-23 07:18 - 2014-07-23 07:18 - 000001536 _____ () C:\Users\N\AppData\Local\Temp\NEventMessages.dll
2014-07-23 07:16 - 2014-07-23 07:16 - 000001536 _____ () C:\Users\N\AppData\Local\Temp\NOSEventMessages.dll
2014-10-04 12:07 - 2014-09-30 21:35 - 000377097 _____ () C:\Users\N\AppData\Local\Temp\Quarantine.exe
2014-10-12 17:54 - 2014-10-12 17:54 - 000787968 _____ (SQLite Development Team) C:\Users\N\AppData\Local\Temp\sqlite3.dll
2015-01-03 18:33 - 2015-01-03 18:33 - 000000000 _____ () C:\Users\N\AppData\Local\Temp\x0xqoqt1.dll
2016-01-01 19:05 - 2006-05-24 18:10 - 000455600 _____ (Macrovision Corporation) C:\Users\N\AppData\Local\Temp\_is5D44.exe
2015-04-18 11:23 - 2015-04-18 11:35 - 041416787 _____ () C:\Users\N\AppData\Local\Temp\{3FD1E654-8292-4E46-BD28-A884CE5C8988}-42.0.2311.90_chrome_installer.exe
2016-01-15 09:29 - 2016-01-15 09:29 - 000000000 _____ () C:\Users\N\AppData\Local\Temp\{728C6A6B-EEE2-4C86-A7C2-4658012EB24F}-47.0.2526.111_47.0.2526.106_chrome_updater_3stage.exe
==================== Bamital & volsnap ======================
(Il n'y a pas de correction automatique pour les fichiers qui ne satisfont pas à la vérification.)
C:\Windows\system32\winlogon.exe => Le fichier est signé numériquement
C:\Windows\system32\wininit.exe => Le fichier est signé numériquement
C:\Windows\SysWOW64\wininit.exe => Le fichier est signé numériquement
C:\Windows\explorer.exe => Le fichier est signé numériquement
C:\Windows\SysWOW64\explorer.exe => Le fichier est signé numériquement
C:\Windows\system32\svchost.exe => Le fichier est signé numériquement
C:\Windows\SysWOW64\svchost.exe => Le fichier est signé numériquement
C:\Windows\system32\services.exe => Le fichier est signé numériquement
C:\Windows\system32\User32.dll => Le fichier est signé numériquement
C:\Windows\SysWOW64\User32.dll => Le fichier est signé numériquement
C:\Windows\system32\userinit.exe => Le fichier est signé numériquement
C:\Windows\SysWOW64\userinit.exe => Le fichier est signé numériquement
C:\Windows\system32\rpcss.dll => Le fichier est signé numériquement
C:\Windows\system32\dnsapi.dll => Le fichier est signé numériquement
C:\Windows\SysWOW64\dnsapi.dll => Le fichier est signé numériquement
C:\Windows\system32\Drivers\volsnap.sys => Le fichier est signé numériquement
LastRegBack: 2017-11-09 23:12
==================== Fin de FRST.txt ============================