Résultats d'analyse de Farbar Recovery Scan Tool (FRST) (x64) Version: 19-02-2017 Exécuté par Naharintsoa (administrateur) sur DESKTOP-A45705F (20-02-2017 20:57:59) Exécuté depuis C:\Users\Naharintsoa\Downloads\Programs Profils chargés: Naharintsoa (Profils disponibles: Naharintsoa) Platform: Windows 10 Pro (X64) Langue: Français (France) Internet Explorer Version 11 (Navigateur par défaut: IE) Mode d'amorçage: Normal Tutoriel pour Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processus (Avec liste blanche) ================= (Si un élément est inclus dans le fichier fixlist.txt, le processus sera arrêté. Le fichier ne sera pas déplacé.) (AMD) C:\Windows\System32\atiesrxx.exe (AMD) C:\Windows\System32\atieclxx.exe (Ellora Assets Corp.) C:\Program Files (x86)\Freemake\CaptureLib\CaptureLibService.exe (Microsoft Corporation) C:\Program Files (x86)\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe (Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe (Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe (RaMMicHaeL) C:\Program Files (x86)\Unchecky\bin\unchecky_svc.exe (Microsoft Corporation) C:\Windows\System32\rundll32.exe (VMware, Inc.) C:\Windows\SysWOW64\vmnat.exe (VMware, Inc.) C:\Windows\SysWOW64\vmnetdhcp.exe (VMware, Inc.) C:\Program Files (x86)\VMware\VMware Player\vmware-authd.exe () C:\Windows\Temp\gF470.tmp.exe (Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe (RaMMicHaeL) C:\Program Files (x86)\Unchecky\bin\unchecky_bg.exe (Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe (Tonec Inc.) C:\Program Files (x86)\Internet Download Manager\IDMan.exe (Tonec Inc.) C:\Program Files (x86)\Internet Download Manager\IEMonitor.exe (Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe (Google Inc.) C:\Program Files (x86)\Google\Update\1.3.32.7\GoogleCrashHandler.exe (Google Inc.) C:\Program Files (x86)\Google\Update\1.3.32.7\GoogleCrashHandler64.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.ZuneVideo_3.6.25071.0_x64__8wekyb3d8bbwe\Video.UI.exe (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsStore_11602.1.26.0_x64__8wekyb3d8bbwe\WinStore.Mobile.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe ==================== Registre (Avec liste blanche) ==================== (Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé. Le fichier ne sera pas déplacé.) HKLM-x32\...\Run: [ProductUpdater] => C:\Program Files (x86)\Common Files\Freemake Shared\ProductUpdater\ProductUpdater.exe HKU\S-1-5-21-1389410128-70137882-352627930-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [8944344 2016-09-28] (Piriform Ltd) HKU\S-1-5-21-1389410128-70137882-352627930-1001\...\Run: [IDMan] => C:\Program Files (x86)\Internet Download Manager\IDMan.exe [4019312 2017-02-13] (Tonec Inc.) HKU\S-1-5-21-1389410128-70137882-352627930-1001\...\RunOnce: [Uninstall C:\Users\Naharintsoa\AppData\Local\Microsoft\OneDrive\17.3.5892.0626\amd64] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Naharintsoa\AppData\Local\Microsoft\OneDrive\17.3.5892.0626\amd64" HKU\S-1-5-21-1389410128-70137882-352627930-1001\...\RunOnce: [Uninstall C:\Users\Naharintsoa\AppData\Local\Microsoft\OneDrive\17.3.6390.0509\amd64] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Naharintsoa\AppData\Local\Microsoft\OneDrive\17.3.6390.0509\amd64" HKU\S-1-5-21-1389410128-70137882-352627930-1001\...\MountPoints2: {0176a64f-a327-11e6-8d7c-441ea1ce7076} - "F:\.\Driver\DriverInstaller.exe" -eject HKU\S-1-5-21-1389410128-70137882-352627930-1001\...\MountPoints2: {018f0e6e-bd06-11e6-8dd4-441ea1ce7076} - "F:\AutoRun.exe" {D2D77DC2-8299-11D1-8949-444553540000} 5.2066.1.A11B02 PID_0083 HKU\S-1-5-21-1389410128-70137882-352627930-1001\...\MountPoints2: {018f0eba-bd06-11e6-8dd4-441ea1ce7076} - "F:\AutoRun.exe" {D2D77DC2-8299-11D1-8949-444553540000} 5.2066.1.A11B02 PID_0083 HKU\S-1-5-21-1389410128-70137882-352627930-1001\...\MountPoints2: {6764bebb-ddb1-11e6-8e55-441ea1ce7076} - "F:\Startme.exe" HKU\S-1-5-21-1389410128-70137882-352627930-1001\...\MountPoints2: {91e0020a-bbba-11e6-8dcf-441ea1ce7076} - "F:\Startme.exe" ShellIconOverlayIdentifiers: [ IDM Shell Extension] -> {CDC95B92-E27C-4745-A8C5-64A52A78855D} => C:\Program Files (x86)\Internet Download Manager\IDMShellExt64.dll [2015-08-14] (Tonec Inc.) GroupPolicy: Restriction - Chrome <======= ATTENTION ==================== Internet (Avec liste blanche) ==================== (Si un élément est inclus dans le fichier fixlist.txt, s'il s'agit d'un élément du Registre, il sera supprimé ou restauré à la valeur par défaut.) Hosts: 0x2320436F707972696768742028632920313939332D32303039204D6963726F736F667420436F72702E0D0A230D0A23205468697320697320612073616D706C6520484F5354532066696C652075736564206279204D6963726F736F6674205443502F495020666F722057696E646F77732E0D0A230D0A2320546869732066696C6520636F6E7461696E7320746865206D617070696E6773206F662049502061646472657373657320746F20686F7374206E616D65732E20456163680D0A2320656E7472792073686F756C64206265206B657074206F6E20616E20696E646976696475616C206C696E652E2054686520495020616464726573732073686F756C640D0A2320626520706C6163656420696E2074686520666972737420636F6C756D6E20666F6C6C6F7765642062792074686520636F72726573706F6E64696E6720686F7374206E616D652E0D0A2320546865204950206164647265737320616E642074686520686F7374206E616D652073686F756C6420626520736570617261746564206279206174206C65617374206F6E650D0A232073706163652E0D0A230D0A23204164646974696F6E616C6C792C20636F6D6D656E747320287375636820617320746865736529206D617920626520696E736572746564206F6E20696E646976696475616C0D0A23206C696E6573206F7220666F6C6C6F77696E6720746865206D616368696E65206E616D652064656E6F7465642062792061202723272073796D626F6C2E0D0A230D0A2320466F72206578616D706C653A0D0A230D0A232020202020203130322E35342E39342E393720202020207268696E6F2E61636D652E636F6D202020202020202020202320736F75726365207365727665720D0A232020202020202033382E32352E36332E31302020202020782E61636D652E636F6D202020202020202020202020202023207820636C69656E7420686F73740D0A0D0A23206C6F63616C686F7374206E616D65207265736F6C7574696F6E2069732068616E646C65642077697468696E20444E5320697473656C662E0D0A23093132372E302E302E31202020202020206C6F63616C686F73740D0A23093A3A31202020202020202020202020206C6F63616C686F73740D0A0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000D0A0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000D0A0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000D0A0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000D0A0D0A2320756E636865636B795F626567696E0D0A232054686573652072756C657320776572652061646465642062792074686520556E636865636B792070726F6772616D20696E206F7264657220746F20626C6F636B206164766572746973696E6720736F667477617265206D6F64756C65730D0A302E302E302E3020302E302E302E3020232066697820666F72207472616365726F75746520616E64206E65747374617420646973706C617920616E6F6D616C790D0A302E302E302E3020747261636B696E672E6F70656E63616E64792E636F6D2E73332E616D617A6F6E6177732E636F6D0D0A302E302E302E30206D656469612E6F70656E63616E64792E636F6D0D0A302E302E302E302063646E2E6F70656E63616E64792E636F6D0D0A302E302E302E3020747261636B696E672E6F70656E63616E64792E636F6D0D0A302E302E302E30206170692E6F70656E63616E64792E636F6D0D0A302E302E302E30206170692E7265636F6D6D656E64656473772E636F6D0D0A302E302E302E3020696E7374616C6C65722E626574746572696E7374616C6C65722E636F6D0D0A302E302E302E3020696E7374616C6C65722E66696C6562756C6C646F672E636F6D0D0A302E302E302E302064336F78746E31783362386437692E636C6F756466726F6E742E6E65740D0A302E302E302E3020696E6E6F2E62697372762E636F6D0D0A302E302E302E30206E7369732E62697372762E636F6D0D0A302E302E302E302063646E2E66696C65326465736B746F702E636F6D0D0A302E302E302E302063646E2E676F617465617374636163682E75730D0A302E302E302E302063646E2E677574746173746174646B2E75730D0A302E302E302E302063646E2E696E736B696E6D656469612E636F6D0D0A302E302E302E302063646E2E696E7374612E6F6962756E646C6573322E636F6D0D0A302E302E302E302063646E2E696E7374612E706C617962727974652E636F6D0D0A302E302E302E302063646E2E6C6C6F67657466617374636163682E75730D0A302E302E302E302063646E2E6D6F6E74696572612E636F6D0D0A302E302E302E302063646E2E6D7364776E6C642E636F6D0D0A302E302E302E302063646E2E6D7970636261636B75702E636F6D0D0A302E302E302E302063646E2E7070646F776E6C6F61642E636F6D0D0A302E302E302E302063646E2E72696365617465617374636163682E75730D0A302E302E302E302063646E2E73687961706F7461746F2E75730D0A302E302E302E302063646E2E736F6C696D62612E636F6D0D0A302E302E302E302063646E2E7475746F3470632E636F6D0D0A302E302E302E302063646E2E617070726F756E642E62697A0D0A302E302E302E302063646E2E626967737065656470726F2E636F6D0D0A302E302E302E302063646E2E62697370642E636F6D0D0A302E302E302E302063646E2E62697372762E636F6D0D0A302E302E302E302063646E2E63646E64702E636F6D0D0A302E302E302E302063646E2E646F776E6C6F61642E73776565747061636B732E636F6D0D0A302E302E302E302063646E2E6470646F776E6C6F61642E636F6D0D0A302E302E302E302063646E2E76697375616C6265652E6E65740D0A2320756E636865636B795F656E640D0A Tcpip\..\Interfaces\{116c648a-0451-4edd-a058-1a0a1a53ba66}: [DhcpNameServer] 192.168.42.129 Tcpip\..\Interfaces\{b6de4c39-aa94-47bc-bc4e-7c7de6aceb0e}: [DhcpNameServer] 192.168.1.242 Tcpip\..\Interfaces\{efc1b0b5-b82d-4413-a19c-3df6d66b04aa}: [DhcpNameServer] 192.168.1.1 0.0.0.0 Internet Explorer: ================== HKU\S-1-5-21-1389410128-70137882-352627930-1001\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://www.msn.com/fr-fr/?ocid=iehp BHO: IDM integration (IDMIEHlprObj Class) -> {0055C089-8582-441B-A0BF-17B458C2A3A8} -> C:\Program Files (x86)\Internet Download Manager\IDMIECC64.dll [2016-12-10] (Internet Download Manager, Tonec Inc.) BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\Office15\OCHelper.dll [2015-02-10] (Microsoft Corporation) BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_111\bin\ssv.dll [2016-11-02] (Oracle Corporation) BHO: Youtube AdBlock -> {95E84BD3-3604-4AAC-B2CA-D9AC3E55B64B} -> C:\Program Files (x86)\Youtube AdBlock\IEEF\2s18kA.dll => Pas de fichier BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL [2015-01-21] (Microsoft Corporation) BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_111\bin\jp2ssv.dll [2016-11-02] (Oracle Corporation) BHO-x32: IDM integration (IDMIEHlprObj Class) -> {0055C089-8582-441B-A0BF-17B458C2A3A8} -> C:\Program Files (x86)\Internet Download Manager\IDMIECC.dll [2016-12-10] (Internet Download Manager, Tonec Inc.) BHO-x32: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll [2015-02-10] (Microsoft Corporation) BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_111\bin\ssv.dll [2016-11-02] (Oracle Corporation) BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL [2015-01-21] (Microsoft Corporation) BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_111\bin\jp2ssv.dll [2016-11-02] (Oracle Corporation) Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL [2015-02-17] (Microsoft Corporation) FireFox: ======== FF DefaultProfile: 6lku5ar5.default FF ProfilePath: C:\Users\Naharintsoa\AppData\Roaming\Mozilla\Firefox\Profiles\6lku5ar5.default [2017-02-20] FF Extension: (SHA-1 deprecation staged rollout) - C:\Users\Naharintsoa\AppData\Roaming\Mozilla\Firefox\Profiles\6lku5ar5.default\features\{d7c25857-54b1-482c-a4b9-2e92f5bfa0a5}\disableSHA1rollout@mozilla.org.xpi [2017-02-17] FF Extension: (IDM integration) - C:\Program Files (x86)\Internet Download Manager\idmmzcc2.xpi [2017-01-26] FF Extension: (Adblocker for Youtube™) - C:\Program Files (x86)\Mozilla Firefox\browser\features\{95E84BD3-3604-4AAC-B2CA-D9AC3E55B64B} [2017-02-16] [non signé] FF HKU\S-1-5-21-1389410128-70137882-352627930-1001\...\Firefox\Extensions: [mozilla_cc2@internetdownloadmanager.com] - C:\Program Files (x86)\Internet Download Manager\idmmzcc2.xpi FF HKU\S-1-5-21-1389410128-70137882-352627930-1001\...\SeaMonkey\Extensions: [mozilla_cc@internetdownloadmanager.com] - C:\Users\Naharintsoa\AppData\Roaming\IDM\idmmzcc5 FF Extension: (IDM CC) - C:\Users\Naharintsoa\AppData\Roaming\IDM\idmmzcc5 [2017-02-20] [non signé] FF HKU\S-1-5-21-1389410128-70137882-352627930-1001\...\SeaMonkey\Extensions: [mozilla_cc2@internetdownloadmanager.com] - C:\Program Files (x86)\Internet Download Manager\idmmzcc2.xpi FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_24_0_0_221.dll [2017-02-18] () FF Plugin: @java.com/DTPlugin,version=11.111.2 -> C:\Program Files\Java\jre1.8.0_111\bin\dtplugin\npDeployJava1.dll [2016-11-02] (Oracle Corporation) FF Plugin: @java.com/JavaPlugin,version=11.111.2 -> C:\Program Files\Java\jre1.8.0_111\bin\plugin2\npjp2.dll [2016-11-02] (Oracle Corporation) FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~1\Office15\NPSPWRAP.DLL [2014-01-23] (Microsoft Corporation) FF Plugin: @videolan.org/vlc,version=2.2.4 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN) FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_24_0_0_221.dll [2017-02-18] () FF Plugin-x32: @java.com/DTPlugin,version=11.111.2 -> C:\Program Files (x86)\Java\jre1.8.0_111\bin\dtplugin\npDeployJava1.dll [2016-11-02] (Oracle Corporation) FF Plugin-x32: @java.com/JavaPlugin,version=11.111.2 -> C:\Program Files (x86)\Java\jre1.8.0_111\bin\plugin2\npjp2.dll [2016-11-02] (Oracle Corporation) FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2014-05-21] (Microsoft Corporation) FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office15\NPSPWRAP.DLL [2014-01-22] (Microsoft Corporation) FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2016-12-18] (Google Inc.) FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2016-12-18] (Google Inc.) FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npMeetingJoinPluginOC.dll [2014-05-21] (Microsoft Corporation) Chrome: ======= CHR StartupUrls: Default -> "hxxps://www.google.com/" CHR Profile: C:\Users\Naharintsoa\AppData\Local\Google\Chrome\User Data\Default [2017-02-20] CHR Extension: (Google Slides) - C:\Users\Naharintsoa\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2016-11-21] CHR Extension: (Text URL Linker) - C:\Users\Naharintsoa\AppData\Local\Google\Chrome\User Data\Default\Extensions\aegfbpchoheaflicfmggkmlmcccpjpgd [2016-11-27] CHR Extension: (Google Docs) - C:\Users\Naharintsoa\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2016-11-21] CHR Extension: (Google Drive) - C:\Users\Naharintsoa\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-11-21] CHR Extension: (WOT: Web of Trust, Website Reputation Ratings) - C:\Users\Naharintsoa\AppData\Local\Google\Chrome\User Data\Default\Extensions\bhmmomiinigofkjcapegjjndpbikblnp [2017-02-20] CHR Extension: (YouTube) - C:\Users\Naharintsoa\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-11-21] CHR Extension: (Webmail Ad Blocker) - C:\Users\Naharintsoa\AppData\Local\Google\Chrome\User Data\Default\Extensions\cbhfdchmklhpcngcgjmpdbjakdggkkjp [2016-11-21] CHR Extension: (FlashBlock) - C:\Users\Naharintsoa\AppData\Local\Google\Chrome\User Data\Default\Extensions\cdngiadmnkhgemkimkhiilgffbjijcie [2016-11-21] CHR Extension: (Adblock Plus) - C:\Users\Naharintsoa\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2017-02-16] CHR Extension: (Ad-blocker for Gmail™) - C:\Users\Naharintsoa\AppData\Local\Google\Chrome\User Data\Default\Extensions\coibnogmjcpbccgjofoiklnfpbbjbapo [2016-11-21] CHR Extension: (Tampermonkey) - C:\Users\Naharintsoa\AppData\Local\Google\Chrome\User Data\Default\Extensions\dhdgffkkebhmkfjojejmpbldmpobfkfo [2017-02-16] CHR Extension: (Blur) - C:\Users\Naharintsoa\AppData\Local\Google\Chrome\User Data\Default\Extensions\epanfjkfahimkgomnigadpkobaefekcd [2017-02-17] CHR Extension: (Google Sheets) - C:\Users\Naharintsoa\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2016-11-21] CHR Extension: (EditThisCookie) - C:\Users\Naharintsoa\AppData\Local\Google\Chrome\User Data\Default\Extensions\fngmhnnpilhplaeedifhccceomclgfbg [2017-02-20] CHR Extension: (Google Docs hors connexion) - C:\Users\Naharintsoa\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-11-21] CHR Extension: (AdBlock) - C:\Users\Naharintsoa\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2017-02-20] CHR Extension: (Page Captures d'écran Web - Fireshot) - C:\Users\Naharintsoa\AppData\Local\Google\Chrome\User Data\Default\Extensions\mcbpblocgmgfnpjjppndjkmgjaogfceg [2016-12-11] CHR Extension: (IDM Integration Module) - C:\Users\Naharintsoa\AppData\Local\Google\Chrome\User Data\Default\Extensions\ngpampappnmepgilojfohadhhmbhlaek [2017-02-16] CHR Extension: (Paiements via le Chrome Web Store) - C:\Users\Naharintsoa\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-01-18] CHR Extension: (Gmail) - C:\Users\Naharintsoa\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-11-21] CHR Extension: (Chrome Media Router) - C:\Users\Naharintsoa\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-02-09] CHR HKLM\...\Chrome\Extension: [ngpampappnmepgilojfohadhhmbhlaek] - C:\Program Files (x86)\Internet Download Manager\IDMGCExt.crx [2017-02-13] CHR HKLM-x32\...\Chrome\Extension: [ngpampappnmepgilojfohadhhmbhlaek] - C:\Program Files (x86)\Internet Download Manager\IDMGCExt.crx [2017-02-13] ==================== Services (Avec liste blanche) ==================== (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.) S2 Freemake Improver; C:\ProgramData\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe [104448 2016-12-13] (Freemake) [Fichier non signé] R2 FreemakeVideoCapture; C:\Program Files (x86)\Freemake\CaptureLib\CaptureLibService.exe [9216 2016-12-13] (Ellora Assets Corp.) [Fichier non signé] R2 MSSQL$SQLEXPRESS; c:\Program Files (x86)\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe [29181272 2008-12-18] (Microsoft Corporation) S4 msvsmon90; C:\Program Files\Microsoft Visual Studio 9.0\Common7\IDE\Remote Debugger\x64\msvsmon.exe [4466688 2007-11-07] (Microsoft Corporation) R2 SynTPEnhService; C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe [246888 2016-12-13] (Synaptics Incorporated) R2 Unchecky; C:\Program Files (x86)\Unchecky\bin\unchecky_svc.exe [304408 2017-02-08] (RaMMicHaeL) S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [362928 2016-10-25] (Microsoft Corporation) S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [24864 2016-10-25] (Microsoft Corporation) ===================== Pilotes (Avec liste blanche) ====================== (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.) S3 ALCATELUSB; C:\WINDOWS\System32\Drivers\AlcatelUsb.sys [25088 2012-08-23] (Windows (R) Codename Longhorn DDK provider) R3 AtiHDAudioService; C:\WINDOWS\system32\drivers\AtihdWT6.sys [110096 2016-11-01] (Advanced Micro Devices) R3 e1cexpress; C:\WINDOWS\system32\DRIVERS\e1c64x64.sys [468752 2014-07-28] (Intel Corporation) R1 HWiNFO32; C:\WINDOWS\SysWOW64\drivers\HWiNFO64A.SYS [26528 2016-11-01] (REALiX(tm)) S3 massfilter_hs; C:\WINDOWS\system32\drivers\massfilter_hs.sys [18456 2011-07-07] (HandSet Incorporated) S3 netr28ux; C:\WINDOWS\system32\DRIVERS\netr28ux.sys [2244944 2016-05-09] (MediaTek Inc.) R3 NETwNe64; C:\WINDOWS\System32\drivers\NETwew01.sys [3354384 2015-08-06] (Intel Corporation) R2 npf; C:\WINDOWS\System32\drivers\npf.sys [35344 2011-02-12] (CACE Technologies, Inc.) S3 qcusbser; C:\WINDOWS\system32\DRIVERS\qcusbser.sys [242688 2013-01-16] (QUALCOMM Incorporated) R3 SPUVCbv; C:\WINDOWS\System32\Drivers\SPUVCbv64.sys [760832 2016-12-13] (Sunplus) S3 UdeCx; C:\WINDOWS\System32\drivers\udecx.sys [44032 2015-07-10] () R1 VBoxNetAdp; C:\WINDOWS\system32\DRIVERS\VBoxNetAdp6.sys [131144 2017-01-16] (Oracle Corporation) R1 VBoxNetLwf; C:\WINDOWS\system32\DRIVERS\VBoxNetLwf.sys [205440 2017-01-16] (Oracle Corporation) S3 VBoxUSB; C:\WINDOWS\System32\Drivers\VBoxUSB.sys [125008 2015-11-10] (Oracle Corporation) R0 vsock; C:\WINDOWS\system32\DRIVERS\vsock.sys [91712 2016-09-30] (VMware, Inc.) S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [44568 2015-07-10] (Microsoft Corporation) R0 WdFilter; C:\WINDOWS\System32\drivers\WdFilter.sys [291680 2015-07-10] (Microsoft Corporation) R2 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [119648 2015-07-10] (Microsoft Corporation) S3 wfpcapture; \SystemRoot\System32\drivers\wfpcapture.sys [X] ==================== NetSvcs (Avec liste blanche) =================== (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.) ==================== Un mois - Créés - fichiers et dossiers ======== (Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.) 2017-02-20 20:57 - 2017-02-20 20:57 - 00000000 ____D C:\FRST 2017-02-20 19:59 - 2017-02-20 19:59 - 00016148 _____ C:\WINDOWS\system32\DESKTOP-A45705F_Naharintsoa_HistoryPrediction.bin 2017-02-20 16:37 - 2017-02-20 16:37 - 00114604 _____ C:\Users\Naharintsoa\Downloads\AntiAdware (1).user.js 2017-02-20 16:29 - 2017-02-20 16:30 - 02422784 _____ (Farbar) C:\Users\Naharintsoa\Downloads\FRST64.exe 2017-02-20 16:16 - 2017-02-20 16:16 - 00164174 _____ C:\Users\Naharintsoa\Downloads\adsbypasser (4).user.js 2017-02-20 16:15 - 2017-02-20 16:15 - 00164174 _____ C:\Users\Naharintsoa\Downloads\adsbypasser (3).user.js 2017-02-20 16:14 - 2017-02-20 16:14 - 00114604 _____ C:\Users\Naharintsoa\Downloads\AntiAdware.user.js 2017-02-20 16:13 - 2017-02-20 16:13 - 00226543 _____ C:\Users\Naharintsoa\Downloads\Anti-Adblock Killer - Reek (3).user.js 2017-02-20 16:08 - 2017-02-20 20:52 - 00001575 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk 2017-02-20 16:08 - 2017-02-20 20:52 - 00001563 _____ C:\Users\Public\Desktop\Google Chrome.lnk 2017-02-20 12:12 - 2016-11-11 23:22 - 00400968 _____ (VMware, Inc.) C:\WINDOWS\SysWOW64\vmnat.exe 2017-02-20 12:12 - 2016-11-11 23:22 - 00366664 _____ (VMware, Inc.) C:\WINDOWS\SysWOW64\vmnetdhcp.exe 2017-02-20 12:12 - 2016-11-11 23:21 - 01148488 _____ (VMware, Inc.) C:\WINDOWS\system32\vnetlib64.dll 2017-02-20 12:12 - 2016-11-11 23:16 - 00088128 _____ (VMware, Inc.) C:\WINDOWS\system32\Drivers\vmx86.sys 2017-02-20 12:12 - 2016-11-11 23:05 - 00066624 _____ (VMware, Inc.) C:\WINDOWS\system32\vnetinst.dll 2017-02-20 12:12 - 2016-11-11 23:05 - 00044096 _____ (VMware, Inc.) C:\WINDOWS\system32\Drivers\vmnetuserif.sys 2017-02-20 12:12 - 2016-09-30 01:12 - 00091712 _____ (VMware, Inc.) C:\WINDOWS\system32\Drivers\vsock.sys 2017-02-20 12:12 - 2016-09-30 01:12 - 00069104 _____ (VMware, Inc.) C:\WINDOWS\system32\vsocklib.dll 2017-02-20 12:12 - 2016-09-30 01:12 - 00065016 _____ (VMware, Inc.) C:\WINDOWS\SysWOW64\vsocklib.dll 2017-02-20 12:12 - 2016-09-06 18:48 - 00083008 _____ (VMware, Inc.) C:\WINDOWS\system32\Drivers\hcmon.sys 2017-02-20 12:11 - 2017-02-20 12:11 - 00001261 _____ C:\Users\Public\Desktop\VMware Workstation 12 Player.lnk 2017-02-20 12:11 - 2017-02-20 12:11 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VMware 2017-02-20 12:11 - 2017-02-20 12:11 - 00000000 ____D C:\Program Files\Common Files\VMware 2017-02-20 12:11 - 2017-02-20 12:11 - 00000000 ____D C:\Program Files (x86)\VMware 2017-02-20 08:22 - 2017-02-20 08:22 - 00000000 ____D C:\WINDOWS\System32\Tasks\microsoft-windowscamera_2016-1215-40-0_x64__8wekyb3d8bbwe 2017-02-20 07:44 - 2017-02-20 12:02 - 00001149 _____ C:\Users\Public\Desktop\Oracle VM VirtualBox.lnk 2017-02-20 07:44 - 2017-02-20 12:02 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Oracle VM VirtualBox 2017-02-20 07:44 - 2017-02-20 07:44 - 00000000 ____D C:\Program Files\Oracle 2017-02-20 07:16 - 2017-02-20 12:13 - 00000000 ____D C:\Users\Naharintsoa\Documents\Virtual Machines 2017-02-20 07:14 - 2017-02-20 13:30 - 00000000 ____D C:\Users\Naharintsoa\AppData\Local\VMware 2017-02-20 07:14 - 2017-02-20 12:13 - 00000000 ____D C:\Users\Naharintsoa\AppData\Roaming\VMware 2017-02-20 07:08 - 2017-02-20 17:06 - 00000000 ____D C:\ProgramData\VMware 2017-02-19 19:42 - 2017-02-19 19:44 - 00000000 ____D C:\Users\Naharintsoa\Documents\Blender Tuto 2017-02-19 19:42 - 2017-02-19 19:42 - 00000000 ____D C:\Users\Naharintsoa\Documents\Cine 4D 2017-02-19 19:42 - 2017-02-19 19:42 - 00000000 ____D C:\Users\Naharintsoa\Documents\Autres Tuto 2017-02-19 07:50 - 2017-02-19 07:50 - 00000000 ____D C:\Users\Naharintsoa\.android 2017-02-19 07:50 - 2017-02-19 07:50 - 00000000 ____D C:\Program Files\ZTE Handset USB Driver 2017-02-19 07:50 - 2011-09-13 09:53 - 00129432 _____ (ZTE Incorporated) C:\WINDOWS\system32\Drivers\zghsvousb.sys 2017-02-19 07:50 - 2011-09-13 09:53 - 00129432 _____ (ZTE Incorporated) C:\WINDOWS\system32\Drivers\zghstrace.sys 2017-02-19 07:50 - 2011-09-13 09:53 - 00129432 _____ (ZTE Incorporated) C:\WINDOWS\system32\Drivers\zghsnmea.sys 2017-02-19 07:50 - 2011-09-13 09:53 - 00129432 _____ (ZTE Incorporated) C:\WINDOWS\system32\Drivers\zghsmdm.sys 2017-02-19 07:50 - 2011-09-13 09:53 - 00129432 _____ (ZTE Incorporated) C:\WINDOWS\system32\Drivers\zghsdiagmdm.sys 2017-02-19 07:50 - 2011-09-13 09:53 - 00129432 _____ (ZTE Incorporated) C:\WINDOWS\system32\Drivers\zghsdiag.sys 2017-02-19 07:50 - 2011-09-13 09:53 - 00129432 _____ (ZTE Incorporated) C:\WINDOWS\system32\Drivers\zghsat.sys 2017-02-19 07:50 - 2011-09-13 09:43 - 00163352 _____ (ZTE Incorporated) C:\WINDOWS\system32\Drivers\zghsnet.sys 2017-02-19 07:50 - 2011-08-15 16:43 - 00584584 _____ C:\WINDOWS\adb.exe 2017-02-19 07:50 - 2011-08-15 16:43 - 00102936 _____ (Google, inc) C:\WINDOWS\AdbWinApi.dll 2017-02-19 07:50 - 2011-07-07 16:13 - 00018456 _____ (HandSet Incorporated) C:\WINDOWS\system32\Drivers\massfilter_hs.sys 2017-02-19 07:50 - 2011-03-28 15:42 - 00129304 _____ (ZTE Incorporated) C:\WINDOWS\system32\Drivers\ghsnmea.sys 2017-02-19 07:50 - 2011-03-28 15:42 - 00129304 _____ (ZTE Incorporated) C:\WINDOWS\system32\Drivers\ghsmdm.sys 2017-02-19 07:50 - 2011-03-28 15:42 - 00129304 _____ (ZTE Incorporated) C:\WINDOWS\system32\Drivers\ghsdiag.sys 2017-02-19 07:50 - 2010-10-18 14:24 - 00038424 _____ (Google Inc) C:\WINDOWS\system32\Drivers\ghsandroid.sys 2017-02-18 16:54 - 2017-02-18 16:54 - 00000000 ____D C:\WINDOWS\System32\Tasks\microsoft-windowsstore_11602-1-26-0_x64__8wekyb3d8bbwe 2017-02-18 16:14 - 2017-02-18 16:19 - 00000000 ____D C:\Users\Naharintsoa\Documents\Freemake 2017-02-18 16:14 - 2017-02-18 16:14 - 00001401 _____ C:\Users\Public\Desktop\Freemake Video Downloader.lnk 2017-02-18 16:14 - 2017-02-18 16:14 - 00000000 ____D C:\Users\Naharintsoa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Freemake 2017-02-18 16:14 - 2017-02-18 16:14 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Freemake 2017-02-18 16:14 - 2017-02-18 16:14 - 00000000 ____D C:\ProgramData\Freemake 2017-02-18 16:14 - 2017-02-18 16:14 - 00000000 ____D C:\Program Files\WinPcap 2017-02-18 16:06 - 2017-02-18 16:06 - 00002044 _____ C:\Users\Naharintsoa\Downloads\2. Config IDM by Majax31 (2).reg 2017-02-18 16:04 - 2017-02-18 16:04 - 00000000 ____D C:\Users\Naharintsoa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Registry Trash Keys Finder 2017-02-18 16:04 - 2017-02-18 16:04 - 00000000 ____D C:\Program Files (x86)\TrashReg 2017-02-18 15:58 - 2017-02-18 15:58 - 01480021 _____ C:\Users\Naharintsoa\Downloads\[opensource] IDM trial reset (1).rar 2017-02-18 15:55 - 2017-02-18 15:55 - 01481190 _____ C:\Users\Naharintsoa\Downloads\IDM Trial Reset-20170218T125452Z.zip 2017-02-18 15:53 - 2017-02-18 15:53 - 00002044 _____ C:\Users\Naharintsoa\Downloads\2. Config IDM by Majax31 (1).reg 2017-02-18 13:27 - 2017-02-18 22:06 - 00001064 _____ C:\WINDOWS\Tasks\Adobe Flash Player PPAPI Notifier.job 2017-02-18 13:27 - 2017-02-18 13:27 - 00004156 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player PPAPI Notifier 2017-02-18 13:25 - 2017-02-18 13:49 - 90955904 _____ C:\Users\Naharintsoa\Downloads\31553759.m3u8 2017-02-18 13:20 - 2017-02-18 16:06 - 00000000 ____D C:\WINDOWS\System32\Tasks\flash 2017-02-18 13:20 - 2017-02-18 13:20 - 00000000 ____D C:\Users\Naharintsoa\AppData\Local\Macromedia 2017-02-18 13:18 - 2017-02-20 20:27 - 00001002 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job 2017-02-18 13:18 - 2017-02-18 13:27 - 00003988 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater 2017-02-18 13:18 - 2017-02-18 13:18 - 00000000 ____D C:\WINDOWS\System32\Tasks\temp 2017-02-18 13:13 - 2017-02-18 13:20 - 00000000 ____D C:\Users\Naharintsoa\AppData\Local\Adobe 2017-02-18 12:42 - 2017-02-18 12:42 - 00016832 _____ C:\WINDOWS\System32\Tasks\microsoft-getstarted_4-5 2017-02-18 12:41 - 2017-02-18 12:41 - 00016836 _____ C:\WINDOWS\System32\Tasks\microsoft-getstarted_4-5-6 2017-02-18 12:41 - 2017-02-18 12:41 - 00000000 ____D C:\WINDOWS\System32\Tasks\microsoft-getstarted_4-5-6-0_x64__8wekyb3d8bbwe 2017-02-18 07:10 - 2017-02-18 07:14 - 24291292 _____ C:\Users\Naharintsoa\Downloads\Rossy - Ikalasoa Bal Kabosy - vidéo Dailymotion.TS 2017-02-17 20:09 - 2017-02-17 20:09 - 00016842 _____ C:\WINDOWS\System32\Tasks\microsoft-zunevideo_3-6-25071 2017-02-17 20:09 - 2017-02-17 20:09 - 00016830 _____ C:\WINDOWS\System32\Tasks\microsoft-zunevideo_3-6 2017-02-17 20:09 - 2017-02-17 20:09 - 00016826 _____ C:\WINDOWS\System32\Tasks\microsoft-zunevideo_3 2017-02-17 15:59 - 2017-02-17 15:59 - 00000000 ____D C:\WINDOWS\System32\Tasks\updater 2017-02-17 15:59 - 2017-02-17 15:59 - 00000000 ____D C:\WINDOWS\System32\Tasks\phone 2017-02-17 15:59 - 2017-02-17 15:59 - 00000000 ____D C:\WINDOWS\System32\Tasks\browser 2017-02-17 13:35 - 2017-02-17 13:35 - 00016882 _____ C:\WINDOWS\System32\Tasks\microsoft-windowscommunicationsapps_17-6568-46361 2017-02-17 13:35 - 2017-02-17 13:35 - 00016870 _____ C:\WINDOWS\System32\Tasks\microsoft-windowscommunicationsapps_17-6568 2017-02-17 13:35 - 2017-02-17 13:35 - 00016860 _____ C:\WINDOWS\System32\Tasks\microsoft-windowscommunicationsapps_17 2017-02-17 13:35 - 2017-02-17 13:35 - 00000000 ____D C:\WINDOWS\System32\Tasks\microsoft-windowscommunicationsapps_17-6568-46361-0_x64__8wekyb3d8bbwe 2017-02-17 08:35 - 2017-02-20 16:36 - 00001532 _____ C:\WINDOWS\Tasks\microsoft.job 2017-02-17 07:15 - 2017-02-17 07:15 - 00000000 ____D C:\WINDOWS\System32\Tasks\microsoft-zunevideo_3-6-25071-0_x64__8wekyb3d8bbwe 2017-02-16 23:13 - 2017-02-16 23:13 - 00016820 _____ C:\WINDOWS\System32\Tasks\5335R53T21B403-dll 2017-02-16 22:36 - 2017-02-16 22:40 - 04015056 _____ C:\Users\Naharintsoa\Downloads\adwcleaner_6.043.exe 2017-02-16 22:26 - 2017-02-16 22:26 - 00002882 _____ C:\WINDOWS\System32\Tasks\CCleanerSkipUAC 2017-02-16 22:21 - 2017-02-18 15:45 - 00000290 __RSH C:\Users\Naharintsoa\ntuser.pol 2017-02-16 20:56 - 2017-02-16 20:56 - 00000000 ____D C:\WINDOWS\system32\appmgmt 2017-02-16 20:50 - 2017-02-16 20:50 - 00016860 _____ C:\WINDOWS\System32\Tasks\microsoft-windows-photos_16-1118-10000 2017-02-16 20:50 - 2017-02-16 20:50 - 00016848 _____ C:\WINDOWS\System32\Tasks\microsoft-windows-photos_16-1118 2017-02-16 20:50 - 2017-02-16 20:50 - 00016838 _____ C:\WINDOWS\System32\Tasks\microsoft-windows-photos_16 2017-02-16 20:50 - 2017-02-16 20:50 - 00016818 _____ C:\WINDOWS\System32\Tasks\microsoft-windows 2017-02-16 20:47 - 2017-02-16 20:50 - 00000000 ____D C:\WINDOWS\System32\Tasks\microsoft-windows-photos_16-1118-10000-0_x64__8wekyb3d8bbwe 2017-02-16 20:39 - 2017-02-16 20:39 - 00000000 ____D C:\Users\Naharintsoa\AppData\Local\Chromium 2017-02-16 20:39 - 2017-02-16 20:39 - 00000000 ____D C:\Users\Naharintsoa\AppData\Local\CEF 2017-02-16 20:34 - 2017-02-16 21:35 - 00016812 _____ C:\WINDOWS\System32\Tasks\5335R53T21B403 2017-02-16 20:34 - 2017-02-16 20:35 - 00000000 ____D C:\Users\Public\Thunder Network 2017-02-16 20:34 - 2017-02-16 20:34 - 00001876 __RSH C:\ProgramData\ntuser.pol 2017-02-16 20:34 - 2017-02-16 20:34 - 00001062 _____ C:\Users\Naharintsoa\Desktop\Play Warframe.lnk 2017-02-16 20:34 - 2017-02-16 20:34 - 00000000 ___HD C:\ProgramData\5335R53T21B403 2017-02-16 20:34 - 2017-02-16 20:34 - 00000000 ____D C:\ProgramData\Thunder Network 2017-02-16 20:28 - 2017-02-16 20:29 - 01773568 _____ C:\Users\Naharintsoa\Downloads\WiFi_Password_Hacking_Software_2017_WiFi_Hack.iso 2017-02-15 06:16 - 2016-10-10 22:22 - 07357784 _____ C:\Users\Naharintsoa\Desktop\Atao en Sim.avi 2017-02-14 21:58 - 2017-02-15 04:35 - 08665860 _____ C:\Users\Naharintsoa\Downloads\TSY MISY TSY HAY ATAO . KARMELA - vidéo Dailymotion.TS 2017-02-13 20:14 - 2016-10-17 18:35 - 00223464 _____ (Tonec Inc.) C:\WINDOWS\system32\Drivers\idmwfp.sys 2017-02-13 12:37 - 2017-02-13 12:37 - 00000000 ____D C:\Users\Naharintsoa\Documents\legend of korra 2017-02-13 11:42 - 2017-02-13 11:48 - 00000000 ____D C:\Users\Naharintsoa\Documents\Adobe CS 3 2017-02-13 11:42 - 2017-02-13 11:42 - 00000000 ____D C:\Users\Naharintsoa\Documents\3Ds Max 2017 2017-02-13 11:40 - 2017-02-13 11:50 - 00000000 ____D C:\Users\Naharintsoa\Documents\Les fondamentaux d AJAX par la pratique 2017-02-09 15:40 - 2017-02-09 15:40 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Python 2.7 2017-02-09 15:39 - 2017-02-09 15:39 - 00000000 ____D C:\Python27 2017-02-07 11:28 - 2017-02-07 11:51 - 00000000 ____D C:\Users\Naharintsoa\Desktop\-_Animation.de.personnages.3D.avec.3ds.Max.2012 2017-02-07 11:08 - 2017-02-07 11:56 - 00000000 ____D C:\Users\Naharintsoa\Desktop\Elephorm Maîtriser le Particule Flow dans 3ds Max 2013 2017-02-07 10:55 - 2017-02-20 19:49 - 00348160 ___SH C:\Users\Naharintsoa\Desktop\Thumbs.db 2017-02-07 10:51 - 2017-02-07 10:58 - 00036864 ___SH C:\Users\Public\Thumbs.db 2017-02-02 23:02 - 2017-02-02 23:02 - 00003302 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task v2 2017-02-02 13:56 - 2017-02-02 13:56 - 00000000 ____D C:\Users\Naharintsoa\AppData\Roaming\EurekaLog 2017-01-31 18:54 - 2017-02-16 22:44 - 00000000 ____D C:\Users\Naharintsoa\AppData\Roaming\Adobe 2017-01-31 08:12 - 2017-01-31 08:12 - 00001456 _____ C:\Users\Naharintsoa\AppData\Local\Adobe Enregistrer pour le Web 13.0 Prefs 2017-01-24 22:57 - 2017-02-20 12:02 - 00000000 ____D C:\Users\Naharintsoa\VirtualBox VMs 2017-01-24 22:56 - 2017-02-20 12:09 - 00000000 ____D C:\Users\Naharintsoa\.VirtualBox 2017-01-24 22:56 - 2017-01-16 17:38 - 00959720 _____ (Oracle Corporation) C:\WINDOWS\system32\Drivers\VBoxDrv.sys 2017-01-24 22:56 - 2017-01-16 17:38 - 00149304 _____ (Oracle Corporation) C:\WINDOWS\system32\Drivers\VBoxUSBMon.sys 2017-01-24 11:40 - 2017-01-24 22:35 - 00000000 ____D C:\Users\Naharintsoa\Desktop\Film 2017-01-24 11:16 - 2017-01-31 07:36 - 00000000 ____D C:\Users\Naharintsoa\Desktop\best workout 2017-01-23 21:23 - 2017-01-23 21:23 - 00000000 ____D C:\Users\Naharintsoa\AppData\Roaming\Blender Foundation 2017-01-22 06:01 - 2017-01-23 07:07 - 44309156 _____ C:\Users\Naharintsoa\Downloads\Hardcore Busty Babes Ta-Ta Therapy - XNXX.COM.TS ==================== Un mois - Modifiés - fichiers et dossiers ======== (Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.) 2017-02-20 20:56 - 2016-11-01 18:59 - 00000000 ____D C:\Users\Naharintsoa\AppData\Roaming\Skype 2017-02-20 20:52 - 2016-11-01 19:18 - 00001162 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk 2017-02-20 20:52 - 2016-11-01 19:18 - 00001150 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk 2017-02-20 20:06 - 2016-11-01 17:36 - 00000000 ____D C:\Users\Naharintsoa\AppData\Roaming\DMCache 2017-02-20 18:40 - 2016-11-27 09:03 - 00000000 ____D C:\Users\Naharintsoa\AppData\LocalLow\Mozilla 2017-02-20 17:51 - 2016-11-01 17:36 - 00000000 ____D C:\Users\Naharintsoa\AppData\Roaming\IDM 2017-02-20 17:14 - 2016-11-20 20:35 - 00004184 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{A9F64C99-D1F3-4545-B868-ACAF54245546} 2017-02-20 17:06 - 2015-07-31 00:52 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT 2017-02-20 17:05 - 2015-07-10 12:05 - 00262144 ___SH C:\WINDOWS\system32\config\BBI 2017-02-20 16:45 - 2015-07-31 01:42 - 00000000 ____D C:\WINDOWS\AppReadiness 2017-02-20 16:45 - 2015-06-08 17:55 - 00000000 ____D C:\AdwCleaner 2017-02-20 16:08 - 2016-11-01 16:29 - 00000000 ____D C:\Program Files (x86)\Google 2017-02-20 12:52 - 2016-11-03 07:02 - 00005366 _____ C:\WINDOWS\System32\Tasks\Microsoft Office 15 Sync Maintenance for DESKTOP-A45705F-Naharintsoa DESKTOP-A45705F 2017-02-20 12:12 - 2015-07-31 01:40 - 00000000 ____D C:\WINDOWS\INF 2017-02-20 12:11 - 2016-12-09 10:07 - 01999846 _____ C:\WINDOWS\SysWOW64\PerfStringBackup.INI 2017-02-20 12:11 - 2015-09-10 08:08 - 00870412 _____ C:\WINDOWS\system32\perfh00C.dat 2017-02-20 12:11 - 2015-09-10 08:08 - 00173202 _____ C:\WINDOWS\system32\perfc00C.dat 2017-02-20 12:01 - 2015-07-31 01:42 - 00000000 ____D C:\WINDOWS\system32\NDF 2017-02-20 08:16 - 2016-11-01 19:13 - 00000000 ____D C:\Users\Naharintsoa\AppData\Roaming\vlc 2017-02-20 08:04 - 2016-11-01 17:36 - 00000000 ____D C:\Users\Naharintsoa\Downloads\Compressed 2017-02-20 07:02 - 2016-11-01 17:36 - 00000000 ____D C:\Users\Naharintsoa\Downloads\Video 2017-02-19 21:05 - 2016-11-01 16:19 - 01970678 _____ C:\WINDOWS\system32\PerfStringBackup.INI 2017-02-19 19:26 - 2016-11-01 16:24 - 00000000 ____D C:\Users\Naharintsoa\AppData\Local\Packages 2017-02-19 19:23 - 2015-07-31 01:42 - 00000000 ___HD C:\Program Files\WindowsApps 2017-02-19 07:50 - 2016-11-01 16:24 - 00000000 ____D C:\Users\Naharintsoa 2017-02-18 17:36 - 2016-11-01 17:36 - 00000000 ____D C:\Program Files (x86)\Internet Download Manager 2017-02-18 16:56 - 2016-11-01 18:15 - 00000000 ____D C:\WINDOWS\Minidump 2017-02-18 16:14 - 2016-11-15 20:40 - 00000000 ____D C:\Program Files (x86)\Freemake 2017-02-18 16:06 - 2016-11-01 17:36 - 00001074 _____ C:\Users\Naharintsoa\Desktop\Internet Download Manager.lnk 2017-02-18 15:59 - 2016-11-01 19:39 - 00005382 _____ C:\Users\Naharintsoa\Desktop\Nouveau document texte.txt 2017-02-18 13:54 - 2016-12-09 09:54 - 00000000 ____D C:\Users\Naharintsoa\Documents\Visual Studio 2008 2017-02-18 13:27 - 2015-07-31 01:42 - 00000000 ____D C:\WINDOWS\SysWOW64\Macromed 2017-02-18 13:27 - 2015-07-31 01:42 - 00000000 ____D C:\WINDOWS\system32\Macromed 2017-02-18 06:18 - 2016-12-09 06:55 - 00000000 ___HD C:\Users\Naharintsoa\Desktop\plan 2017-02-16 21:26 - 2016-11-01 18:29 - 00002361 _____ C:\Users\Public\Desktop\Driver Booster 4.lnk 2017-02-16 20:36 - 2016-11-01 18:29 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Driver Booster 4 2017-02-16 20:34 - 2015-07-31 01:42 - 00000000 ____D C:\WINDOWS\system32\GroupPolicy 2017-02-16 19:57 - 2016-11-01 18:59 - 00000000 ___RD C:\Program Files (x86)\Skype 2017-02-16 19:57 - 2016-11-01 18:59 - 00000000 ____D C:\ProgramData\Skype 2017-02-09 08:44 - 2016-11-04 08:42 - 00000000 ____D C:\Program Files\CCleaner 2017-02-09 07:12 - 2017-01-05 21:29 - 00000000 ____D C:\Users\Naharintsoa\AppData\Local\ElevatedDiagnostics 2017-02-03 16:35 - 2016-11-27 07:49 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox 2017-02-03 16:35 - 2016-11-01 19:18 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service 2017-02-02 23:02 - 2016-11-01 16:27 - 00002421 _____ C:\Users\Naharintsoa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk 2017-02-02 23:02 - 2016-11-01 16:27 - 00000000 ___RD C:\Users\Naharintsoa\OneDrive 2017-01-26 21:17 - 2016-11-01 16:53 - 00000000 ____D C:\ProgramData\ProductData 2017-01-21 23:37 - 2015-07-31 01:42 - 00000000 ____D C:\WINDOWS\LiveKernelReports ==================== Fichiers à la racine de certains dossiers ======= 2017-01-31 08:12 - 2017-01-31 08:12 - 0001456 _____ () C:\Users\Naharintsoa\AppData\Local\Adobe Enregistrer pour le Web 13.0 Prefs 2016-11-21 19:32 - 2016-11-21 19:32 - 0048050 _____ () C:\ProgramData\agent.1479745963.bdinstall.bin 2016-11-21 21:39 - 2016-11-21 21:39 - 0029153 _____ () C:\ProgramData\agent.1479753564.bdinstall.bin ==================== Bamital & volsnap ====================== (Il n'y a pas de correction automatique pour les fichiers qui ne satisfont pas à la vérification.) C:\WINDOWS\system32\winlogon.exe => Le fichier est signé numériquement C:\WINDOWS\system32\wininit.exe => Le fichier est signé numériquement C:\WINDOWS\explorer.exe => Le fichier est signé numériquement C:\WINDOWS\SysWOW64\explorer.exe => Le fichier est signé numériquement C:\WINDOWS\system32\svchost.exe => Le fichier est signé numériquement C:\WINDOWS\SysWOW64\svchost.exe => Le fichier est signé numériquement C:\WINDOWS\system32\services.exe => Le fichier est signé numériquement C:\WINDOWS\system32\User32.dll => Le fichier est signé numériquement C:\WINDOWS\SysWOW64\User32.dll => Le fichier est signé numériquement C:\WINDOWS\system32\userinit.exe => Le fichier est signé numériquement C:\WINDOWS\SysWOW64\userinit.exe => Le fichier est signé numériquement C:\WINDOWS\system32\rpcss.dll => Le fichier est signé numériquement C:\WINDOWS\system32\dnsapi.dll => Le fichier est signé numériquement C:\WINDOWS\SysWOW64\dnsapi.dll => Le fichier est signé numériquement C:\WINDOWS\system32\Drivers\volsnap.sys => Le fichier est signé numériquement LastRegBack: 2017-02-19 19:35 ==================== Fin de FRST.txt ============================