Résultats d'analyse de Farbar Recovery Scan Tool (FRST) (x86) Version: 02-06-2017 Exécuté par op (administrateur) sur OP-PC (04-06-2017 22:54:50) Exécuté depuis C:\Users\op\Downloads Profils chargés: op (Profils disponibles: op & DefaultAppPool) Platform: Microsoft Windows 10 Professionnel Version 1703 (X86) Langue: Français (France) Internet Explorer Version 11 (Navigateur par défaut: Chrome) Mode d'amorçage: Normal Tutoriel pour Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processus (Avec liste blanche) ================= (Si un élément est inclus dans le fichier fixlist.txt, le processus sera arrêté. Le fichier ne sera pas déplacé.) (AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe (Digital Care Solutions) C:\Program Files\BDServices\BitDefenderCOM.exe (Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe (Microsoft Corporation) C:\Windows\System32\wlanext.exe (Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe (Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe (AVAST Software s.r.o.) C:\Program Files\AVAST Software\Avast\aswidsagent.exe () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.16.595.0_x86__kzf8qxf38zg5c\SkypeHost.exe (Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe (Intel Corporation) C:\Windows\System32\igfxtray.exe (Intel Corporation) C:\Windows\System32\hkcmd.exe (Intel Corporation) C:\Windows\System32\igfxpers.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe (Hewlett-Packard) C:\Program Files\HP\HP Software Update\hpwuschd2.exe (Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jusched.exe (AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe (Google Inc.) C:\Program Files\Google\Update\1.3.33.5\GoogleCrashHandler.exe (© 2015 Microsoft Corporation) C:\Users\op\AppData\Local\Microsoft\BingSvc\BingSvc.exe (Hewlett-Packard Development Company, LP) C:\Program Files\HP\HP ENVY 5530 series\Bin\ScanToPCActivationApp.exe (Piriform Ltd) C:\Program Files\CCleaner\CCleaner.exe (BlueStack Systems, Inc.) C:\Program Files\BlueStacks\HD-Agent.exe (Intel® Corporation) C:\Program Files\Intel\ConnectCenter\bin\CCFManager.exe (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsStore_11703.1001.45.0_x86__8wekyb3d8bbwe\WinStore.App.exe () C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.8218.40507.0_x86__8wekyb3d8bbwe\HxMail.exe (Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.8218.40507.0_x86__8wekyb3d8bbwe\HxTsr.exe (Microsoft Corporation) C:\Windows\System32\WWAHost.exe (Microsoft Corporation) C:\Windows\System32\dllhost.exe (Microsoft Corporation) C:\Windows\System32\dllhost.exe (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe (Microsoft Corporation) C:\Windows\System32\smartscreen.exe (Hewlett-Packard Development Company, LP) C:\Program Files\HP\HP ENVY 5530 series\Bin\HPNetworkCommunicatorCom.exe ==================== Registre (Avec liste blanche) ==================== (Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé. Le fichier ne sera pas déplacé.) HKLM\...\Run: [SecurityHealth] => C:\Program Files\Windows Defender\MSASCuiL.exe [485280 2017-03-18] (Microsoft Corporation) HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe [15009280 2017-04-19] (Realtek Semiconductor) HKLM\...\Run: [Apoint] => C:\Program Files\Apoint2K\Apoint.exe [522136 2012-11-09] (Alps Electric Co., Ltd.) HKLM\...\Run: [PWRISOVM.EXE] => C:\Program Files\PowerISO\PWRISOVM.EXE [366904 2014-06-27] (Power Software Ltd) HKLM\...\Run: [BlueStacks Agent] => C:\Program Files\BlueStacks\HD-Agent.exe [160824 2017-04-20] (BlueStack Systems, Inc.) HKLM\...\Run: [HP Software Update] => C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe [96056 2013-05-30] (Hewlett-Packard) HKLM\...\Run: [IntelConnectCenter] => C:\Program Files\Intel\ConnectCenter\bin\ICCLauncher.exe [89088 2015-03-16] (Intel® Corporation) HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [213824 2017-05-10] (AVAST Software) HKLM\...\Run: [SunJavaUpdateSched] => C:\Program Files\Common Files\Java\Java Update\jusched.exe [587288 2017-03-15] (Oracle Corporation) HKU\S-1-5-21-1709605954-1953430209-2909918561-1000\...\Run: [BingSvc] => C:\Users\op\AppData\Local\Microsoft\BingSvc\BingSvc.exe [144008 2015-11-24] (© 2015 Microsoft Corporation) HKU\S-1-5-21-1709605954-1953430209-2909918561-1000\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner.exe [7175384 2016-12-06] (Piriform Ltd) HKU\S-1-5-21-1709605954-1953430209-2909918561-1000\...\Run: [HP ENVY 5530 series (NET)] => C:\Program Files\HP\HP ENVY 5530 series\Bin\ScanToPCActivationApp.exe [2427400 2014-07-21] (Hewlett-Packard Development Company, LP) HKU\S-1-5-21-1709605954-1953430209-2909918561-1000\...\Run: [Gaijin.Net Agent] => C:\Users\op\AppData\Local\Gaijin\Program Files (x86)\NetAgent\gjagent.exe [1790472 2016-12-09] () HKU\S-1-5-21-1709605954-1953430209-2909918561-1000\...\Run: [Steam] => C:\Program Files\Steam\steam.exe [3019552 2017-04-26] (Valve Corporation) HKU\S-1-5-21-1709605954-1953430209-2909918561-1000\...\Run: [Skype] => C:\Program Files\Skype\Phone\Skype.exe [27716568 2017-05-04] (Skype Technologies S.A.) HKU\S-1-5-21-1709605954-1953430209-2909918561-1000\...\Run: [BlueStacks Agent] => C:\Program Files\BlueStacks\HD-Agent.exe [160824 2017-04-20] (BlueStack Systems, Inc.) HKU\S-1-5-21-1709605954-1953430209-2909918561-1000\...\MountPoints2: {030365ee-405f-11e7-9b0f-e89a8fd4d1a7} - "F:\HiSuiteDownLoader.exe" AppInit_DLLs: C:\Windows\Jaksta\AC\x86\jaudcap.dll => C:\Windows\Jaksta\AC\x86\jaudcap.dll [264480 2014-06-10] (Jaksta Technologies Pty Ltd) ShellIconOverlayIdentifiers: [###MegaShellExtPending] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => -> Pas de fichier ShellIconOverlayIdentifiers: [###MegaShellExtSynced] -> {05B38830-F4E9-4329-978B-1DD28605D202} => -> Pas de fichier ShellIconOverlayIdentifiers: [###MegaShellExtSyncing] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => -> Pas de fichier ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2017-05-10] (AVAST Software) GroupPolicy: Restriction - Chrome <======= ATTENTION CHR HKLM\SOFTWARE\Policies\Google: Restriction <======= ATTENTION ==================== Internet (Avec liste blanche) ==================== (Si un élément est inclus dans le fichier fixlist.txt, s'il s'agit d'un élément du Registre, il sera supprimé ou restauré à la valeur par défaut.) ProxyEnable: [S-1-5-21-1709605954-1953430209-2909918561-1000] => Proxy est activé. Hosts: Il y a plus d'un élément dans hosts. Voir la section Hosts de Addition.txt Tcpip\Parameters: [DhcpNameServer] 192.168.1.1 Tcpip\..\Interfaces\{677af74d-8167-40d2-8f5d-6064c590f189}: [DhcpNameServer] 192.168.1.1 Tcpip\..\Interfaces\{75d3816d-210d-4929-bd3e-05d2a20367a5}: [DhcpNameServer] 192.168.1.1 Internet Explorer: ================== HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com HKU\S-1-5-21-1709605954-1953430209-2909918561-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.bing.com/search?FORM=INCOH1&PC=IC05&PTAG=ICO-3e451b6f SearchScopes: HKLM -> {fcd9f10e-0daa-405f-bca0-0dd3f37c59d9} URL = SearchScopes: HKU\S-1-5-21-1709605954-1953430209-2909918561-1000 -> DefaultScope {85A60A59-D3D8-468F-B598-FB4393789EF4} URL = hxxp://www.bing.com/search?FORM=INCOH2&PC=IC05&PTAG=ICO-3e451b6f&q={searchTerms} SearchScopes: HKU\S-1-5-21-1709605954-1953430209-2909918561-1000 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?FORM=SK2MDF&PC=SK2M&q={searchTerms}&src=IE-SearchBox SearchScopes: HKU\S-1-5-21-1709605954-1953430209-2909918561-1000 -> {85A60A59-D3D8-468F-B598-FB4393789EF4} URL = hxxp://www.bing.com/search?FORM=INCOH2&PC=IC05&PTAG=ICO-3e451b6f&q={searchTerms} SearchScopes: HKU\S-1-5-21-1709605954-1953430209-2909918561-1000 -> {fcd9f10e-0daa-405f-bca0-0dd3f37c59d9} URL = hxxps://www.google.fr/search?q={searchTerms} BHO: ExplorerWnd Helper -> {10921475-03CE-4E04-90CE-E2E7EF20C814} -> C:\Program Files\IObit\IObit Uninstaller\UninstallExplorer.dll [2015-11-12] (IObit) BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_131\bin\ssv.dll [2017-05-30] (Oracle Corporation) BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_131\bin\jp2ssv.dll [2017-05-30] (Oracle Corporation) FireFox: ======== FF ProfilePath: C:\Users\op\AppData\Roaming\Mozilla\Firefox\Profiles\uocfos2t.default-1467285312204 [2017-06-04] FF user.js: detected! => C:\Users\op\AppData\Roaming\Mozilla\Firefox\Profiles\uocfos2t.default-1467285312204\user.js [2017-05-03] FF NewTab: Mozilla\Firefox\Profiles\uocfos2t.default-1467285312204 -> about:newtab FF DefaultSearchEngine: Mozilla\Firefox\Profiles\uocfos2t.default-1467285312204 -> Yahoo! FF SelectedSearchEngine: Mozilla\Firefox\Profiles\uocfos2t.default-1467285312204 -> Yahoo! FF Homepage: Mozilla\Firefox\Profiles\uocfos2t.default-1467285312204 -> hxxps://www.google.fr/ FF Extension: (AdBlock) - C:\Users\op\AppData\Roaming\Mozilla\Firefox\Profiles\uocfos2t.default-1467285312204\Extensions\jid1-NIfFY2CA8fy1tg@jetpack.xpi [2017-05-10] FF Extension: (Avast SafePrice) - C:\Users\op\AppData\Roaming\Mozilla\Firefox\Profiles\uocfos2t.default-1467285312204\Extensions\sp@avast.com.xpi [2017-05-10] FF Extension: (Avast Online Security) - C:\Users\op\AppData\Roaming\Mozilla\Firefox\Profiles\uocfos2t.default-1467285312204\Extensions\wrc@avast.com.xpi [2017-05-10] FF Extension: (Adblock Plus) - C:\Users\op\AppData\Roaming\Mozilla\Firefox\Profiles\uocfos2t.default-1467285312204\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2017-04-05] FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF32_25_0_0_171.dll [2017-05-30] () FF Plugin: @adobe.com/ShockwavePlayer -> C:\WINDOWS\system32\Adobe\Director\np32dsw_1228198.dll [2017-02-27] (Adobe Systems, Inc.) FF Plugin: @java.com/DTPlugin,version=11.131.2 -> C:\Program Files\Java\jre1.8.0_131\bin\dtplugin\npDeployJava1.dll [2017-05-30] (Oracle Corporation) FF Plugin: @java.com/JavaPlugin,version=11.131.2 -> C:\Program Files\Java\jre1.8.0_131\bin\plugin2\npjp2.dll [2017-05-30] (Oracle Corporation) FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.50906.0\npctrl.dll [2017-03-09] ( Microsoft Corporation) FF Plugin: @Nero.com/KM -> C:\PROGRA~1\COMMON~1\Nero\BrowserPlugin\npBrowserPlugin.dll [2014-08-29] (Nero AG) FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-06-03] (Google Inc.) FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-06-03] (Google Inc.) FF Plugin: @videolan.org/vlc,version=2.0.8 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2017-04-07] (VideoLAN) FF Plugin: @videolan.org/vlc,version=2.1.5 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2017-04-07] (VideoLAN) FF Plugin: @videolan.org/vlc,version=2.2.1 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2017-04-07] (VideoLAN) FF Plugin: @videolan.org/vlc,version=2.2.4 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2017-04-07] (VideoLAN) FF Plugin: @videolan.org/vlc,version=2.2.5.1 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2017-04-07] (VideoLAN) FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2017-04-05] (Adobe Systems Inc.) Chrome: ======= CHR DefaultProfile: Default CHR HomePage: Default -> hxxps://fr.search.yahoo.com/?type=994519&fr=yo-yhp-ch CHR StartupUrls: Default -> "hxxps://fr.search.yahoo.com/?type=994519&fr=yo-yhp-ch",null,"hxxp://www.bing.com/search?FORM=INCOH1&PC=IC03&PTAG=ICO-3e451b6f" CHR Profile: C:\Users\op\AppData\Local\Google\Chrome\User Data\Default [2017-06-04] CHR Extension: (Avast SafePrice) - C:\Users\op\AppData\Local\Google\Chrome\User Data\Default\Extensions\eofcbnmajmjmplflapaojjnihcjkigck [2017-05-31] CHR Extension: (AdBlock) - C:\Users\op\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2017-04-16] CHR Extension: (Paiements via le Chrome Web Store) - C:\Users\op\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-03-11] CHR Extension: (Chrome Media Router) - C:\Users\op\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-05-17] CHR Extension: (unTabs) - C:\Users\op\AppData\Local\Google\Chrome\User Data\Default\Extensions\pphnmcjolbjlahhdegnbnbhjbgnlceid [2017-06-03] CHR HKLM\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - hxxps://clients2.google.com/service/update2/crx CHR HKLM\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - hxxps://clients2.google.com/service/update2/crx CHR HKLM\...\Chrome\Extension: [ngpampappnmepgilojfohadhhmbhlaek] - C:\Program Files\Internet Download Manager\IDMGCExt.crx ==================== Services (Avec liste blanche) ==================== (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.) R3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\aswidsagent.exe [5732136 2017-05-10] (AVAST Software s.r.o.) R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [263304 2017-05-10] (AVAST Software) R2 BitDefenderCOM; C:\Program Files\BDServices\BitDefenderCom.exe [773632 2016-11-21] (Digital Care Solutions) [Fichier non signé] S3 BstHdAndroidSvc; C:\Program Files\BlueStacks\HD-Service.exe [387128 2017-04-20] (BlueStack Systems, Inc.) S3 BstHdLogRotatorSvc; C:\Program Files\BlueStacks\HD-LogRotatorService.exe [369720 2017-04-20] (BlueStack Systems, Inc.) S3 BstHdPlusAndroidSvc; C:\Program Files\BlueStacks\HD-Plus-Service.exe [407608 2017-04-20] (BlueStack Systems, Inc.) S4 eqkrDEt; C:\ProgramData\qxpHVFZhBbs\eqkrDEt.exe [3000824 2015-11-25] (Irrational Number Applications) S4 LiveUpdateSvc; C:\Program Files\IObit\LiveUpdate\LiveUpdate.exe [3046688 2016-07-29] (IObit) S4 NAUpdate; C:\Program Files\Nero\Update\NASvc.exe [786256 2014-07-14] (Nero AG) S4 PnkBstrA; C:\WINDOWS\system32\PnkBstrA.exe [66872 2016-01-13] () S3 rpcapd; C:\Program Files\WinPcap\rpcapd.exe [118520 2013-03-01] (Riverbed Technology, Inc.) S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [2545848 2017-03-19] (Microsoft Corporation) S4 STCServ; C:\Program Files\Intel\STCServ\STCServ.exe [6658496 2015-03-16] (Intel Corporation) R2 SynTPEnhService; C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe [238176 2017-01-18] (Synaptics Incorporated) S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [265352 2017-03-18] (Microsoft Corporation) S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [82488 2017-03-18] (Microsoft Corporation) ===================== Pilotes (Avec liste blanche) ====================== (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.) S3 AmUStor; C:\WINDOWS\system32\drivers\AmUStor.SYS [75416 2017-01-12] (Alcor Micro, Corp.) S3 AsusVBus; C:\WINDOWS\System32\drivers\AsusVBus.sys [33048 2015-10-07] (Windows (R) Win 7 DDK provider) R1 aswbidsdriver; C:\WINDOWS\system32\drivers\aswbidsdriverx.sys [258288 2017-05-10] (AVAST Software s.r.o.) R0 aswbidsh; C:\WINDOWS\system32\drivers\aswbidshx.sys [148696 2017-05-10] (AVAST Software s.r.o.) R0 aswblog; C:\WINDOWS\system32\drivers\aswblogx.sys [268016 2017-05-10] (AVAST Software s.r.o.) R0 aswbuniv; C:\WINDOWS\system32\drivers\aswbunivx.sys [41664 2017-05-10] (AVAST Software s.r.o.) S3 aswHwid; C:\WINDOWS\system32\drivers\aswHwid.sys [34136 2017-05-10] (AVAST Software) R1 aswKbd; C:\WINDOWS\system32\drivers\aswKbd.sys [31064 2017-05-10] (AVAST Software) R2 aswMonFlt; C:\WINDOWS\system32\drivers\aswMonFlt.sys [107928 2017-05-10] (AVAST Software) R1 aswRdr; C:\WINDOWS\system32\drivers\aswRdr2.sys [90336 2017-05-10] (AVAST Software) R0 aswRvrt; C:\WINDOWS\system32\drivers\aswRvrt.sys [62152 2017-05-10] (AVAST Software) R1 aswSnx; C:\WINDOWS\system32\drivers\aswSnx.sys [764576 2017-05-10] (AVAST Software) R1 aswSP; C:\WINDOWS\system32\drivers\aswSP.sys [482608 2017-05-10] (AVAST Software) R2 aswStm; C:\WINDOWS\system32\drivers\aswStm.sys [115152 2017-05-13] (AVAST Software) R0 aswVmm; C:\WINDOWS\system32\drivers\aswVmm.sys [279800 2017-05-10] (AVAST Software) S3 ATP; C:\WINDOWS\System32\drivers\AsusTP.sys [75256 2015-10-07] (ASUS Corporation) R3 BCMWL63; C:\WINDOWS\system32\DRIVERS\bcmwl63.sys [10424072 2016-01-14] (Broadcom Corp) S3 BstHdDrv; C:\Program Files\BlueStacks\HD-Hypervisor-x86.sys [139360 2017-04-20] (BlueStack Systems) S3 BstkDrv; C:\Program Files\BlueStacks\BstkDrv.sys [220216 2017-04-20] (Bluestack System Inc. ) S3 cpuz138; C:\Users\op\AppData\Local\Temp\cpuz138\cpuz138_x32.sys [27832 2017-05-31] (CPUID) S3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus.sys [109184 2016-09-05] (Samsung Electronics Co., Ltd.) S3 dtlitescsibus; C:\WINDOWS\System32\drivers\dtlitescsibus.sys [26168 2016-12-03] (Disc Soft Ltd) S3 dtliteusbbus; C:\WINDOWS\System32\drivers\dtliteusbbus.sys [40504 2016-12-03] (Disc Soft Ltd) R3 ETDSMBus; C:\WINDOWS\System32\drivers\ETDSMBus.sys [28248 2017-05-10] (ELAN Microelectronic Corp.) S3 FsUsbExDisk; C:\Windows\system32\FsUsbExDisk.SYS [36608 2010-06-14] () [Fichier non signé] R1 HWiNFO32; C:\WINDOWS\system32\drivers\HWiNFO32.SYS [23840 2016-01-14] (REALiX(tm)) R0 iaStorA; C:\WINDOWS\System32\drivers\iaStorA.sys [490856 2014-04-24] (Intel Corporation) R2 NPF; C:\WINDOWS\System32\drivers\npf.sys [36600 2013-03-01] (Riverbed Technology, Inc.) S3 phantomtap; C:\WINDOWS\System32\drivers\phantomtap.sys [40424 2017-05-18] (The OpenVPN Project) R1 SCDEmu; C:\WINDOWS\system32\Drivers\SCDEmu.sys [116320 2014-06-27] (Power Software Ltd) R3 ScpVBus; C:\WINDOWS\System32\drivers\ScpVBus.sys [33024 2013-05-05] (Scarlet.Crush Productions) S3 SmbDrvI; C:\WINDOWS\system32\DRIVERS\Smb_driver_Intel.sys [26792 2017-01-12] (Synaptics Incorporated) S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [147072 2016-09-05] (Samsung Electronics Co., Ltd.) S3 tap0901; C:\WINDOWS\System32\drivers\tap0901.sys [30696 2017-03-20] (The OpenVPN Project) S3 taphss6; C:\WINDOWS\System32\drivers\taphss6.sys [36944 2016-08-23] (Anchorfree Inc.) S3 Trufos; C:\WINDOWS\System32\DRIVERS\Trufos.sys [428832 2016-11-10] (BitDefender S.R.L.) S3 USBAAPL; C:\WINDOWS\System32\Drivers\usbaapl.sys [45056 2015-06-17] (Apple, Inc.) [Fichier non signé] R1 VBoxUSBMon; C:\WINDOWS\system32\DRIVERS\VBoxUSBMon.sys [104096 2015-09-08] (BigNox Corporation) S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [37464 2017-03-18] (Microsoft Corporation) S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [243104 2017-03-18] (Microsoft Corporation) S3 wdm_usb; C:\WINDOWS\system32\DRIVERS\usb2ser.sys [119952 2016-07-15] (MBB) S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [96672 2017-03-18] (Microsoft Corporation) S3 WinRing0_1_2_0; C:\Program Files\IObit\Advanced SystemCare\OpenHardwareMonitorLib.sys [14416 2017-05-31] (OpenLibSys.org) S3 WUDFWpdMtp; C:\WINDOWS\system32\DRIVERS\WUDFRd.sys [160256 2017-03-18] (Microsoft Corporation) S1 XQHDrv; C:\WINDOWS\system32\DRIVERS\XQHDrv.sys [203424 2015-09-08] (BigNox Corporation) U3 idsvc; pas de ImagePath ==================== NetSvcs (Avec liste blanche) =================== (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.) ==================== Un mois - Créés - fichiers et dossiers ======== (Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.) 2017-06-04 22:54 - 2017-06-04 22:55 - 00020894 _____ C:\Users\op\Downloads\FRST.txt 2017-06-04 22:20 - 2017-06-04 22:21 - 01774080 _____ (Farbar) C:\Users\op\Downloads\FRST.exe 2017-06-04 16:34 - 2017-06-04 16:37 - 00879548 _____ C:\WINDOWS\Minidump\060417-32125-01.dmp 2017-06-04 16:34 - 2017-06-04 16:34 - 00000000 ____D C:\WINDOWS\Minidump 2017-06-04 09:27 - 2017-06-04 09:27 - 00000000 ____D C:\WINDOWS\LastGood.Tmp 2017-06-03 23:19 - 2017-06-03 23:19 - 00002254 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk 2017-06-03 23:19 - 2017-06-03 23:19 - 00000000 ____D C:\Program Files\Google 2017-06-03 23:18 - 2017-06-03 23:18 - 01130328 _____ (Google Inc.) C:\Users\op\Downloads\ChromeSetup.exe 2017-06-03 23:14 - 2017-06-03 23:14 - 00000272 _____ C:\WINDOWS\Tasks\Uninstaller_SkipUac_op.job 2017-06-03 22:57 - 2017-06-03 22:57 - 00000000 ____D C:\ProgramData\SWCUTemp 2017-06-03 22:57 - 2017-06-03 22:57 - 00000000 ____D C:\FRST 2017-06-03 22:35 - 2017-06-03 22:36 - 04110280 _____ C:\Users\op\Downloads\adwcleaner_6.047.exe 2017-06-03 18:26 - 2017-06-03 18:26 - 00002198 _____ C:\Users\op\bureau\Molotov.lnk 2017-06-03 18:26 - 2017-06-03 18:26 - 00000000 ____D C:\Users\op\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Molotov 2017-05-31 20:00 - 2017-05-31 20:00 - 03233264 _____ (Blizzard Entertainment) C:\Users\op\Downloads\Battle.net-Setup.exe 2017-05-31 14:15 - 2017-05-31 14:15 - 00001163 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast SafeZone Browser.lnk 2017-05-31 13:31 - 2017-05-31 13:55 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira 2017-05-31 13:31 - 2017-05-31 13:55 - 00000000 ____D C:\ProgramData\Avira 2017-05-31 13:31 - 2017-05-31 13:55 - 00000000 ____D C:\Program Files\Avira 2017-05-31 13:24 - 2017-05-31 13:24 - 00002028 __RSH C:\ProgramData\ntuser.pol 2017-05-31 13:08 - 2017-05-31 13:08 - 00000000 ___RD C:\Sandbox 2017-05-31 13:04 - 2017-05-31 13:35 - 00001850 _____ C:\WINDOWS\Sandboxie.ini 2017-05-30 17:36 - 2017-05-30 17:36 - 00095808 _____ (Oracle Corporation) C:\WINDOWS\system32\WindowsAccessBridge.dll 2017-05-30 17:36 - 2017-05-30 17:36 - 00000000 ____D C:\Users\op\AppData\Roaming\Sun 2017-05-30 17:36 - 2017-05-30 17:36 - 00000000 ____D C:\Program Files\Common Files\Java 2017-05-30 17:30 - 2017-05-30 17:30 - 00000020 ___SH C:\Users\DefaultAppPool\ntuser.ini 2017-05-22 08:56 - 2017-05-22 08:56 - 01945822 _____ C:\Users\op\Downloads\FORMULAIRE INSCRIPTION 2016-2017 TRANSPORT SCOLAIRE DEMI-PENSIONNAIRE.pdf 2017-05-18 16:15 - 2017-05-18 16:15 - 00040424 _____ (The OpenVPN Project) C:\WINDOWS\system32\Drivers\phantomtap.sys 2017-05-18 09:30 - 2017-05-18 09:30 - 00004862 _____ C:\Users\op\Downloads\sfr-facture-1219851347.pdf 2017-05-18 09:30 - 2017-05-18 09:30 - 00004861 _____ C:\Users\op\Downloads\sfr-facture-1226885307.pdf 2017-05-16 21:00 - 2017-05-16 21:00 - 00000563 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Scratch 2.lnk 2017-05-13 06:12 - 2017-05-13 06:12 - 00115152 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswstm.sys 2017-05-11 18:57 - 2017-05-11 18:57 - 00018886 _____ C:\Users\op\Downloads\Dossier-PAC-2017_063020785_accuse-reception_2017-05-11-11H45M43.pdf 2017-05-11 06:42 - 2017-05-11 06:42 - 00000000 ____D C:\Program Files\Common Files\Skype 2017-05-10 18:12 - 2017-05-10 18:10 - 00482608 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSP.sys 2017-05-10 18:12 - 2017-05-10 18:10 - 00279800 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswVmm.sys 2017-05-10 18:12 - 2017-05-10 18:10 - 00107928 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswMonFlt.sys 2017-05-10 18:12 - 2017-05-10 18:10 - 00090336 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRdr2.sys 2017-05-10 18:12 - 2017-05-10 18:10 - 00062152 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRvrt.sys 2017-05-10 18:12 - 2017-05-10 18:10 - 00034136 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswHwid.sys 2017-05-10 18:12 - 2017-05-10 18:09 - 00764576 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSnx.sys 2017-05-10 18:12 - 2017-05-10 18:09 - 00268016 _____ (AVAST Software s.r.o.) C:\WINDOWS\system32\Drivers\aswblogx.sys 2017-05-10 18:12 - 2017-05-10 18:09 - 00258288 _____ (AVAST Software s.r.o.) C:\WINDOWS\system32\Drivers\aswbidsdriverx.sys 2017-05-10 18:12 - 2017-05-10 18:09 - 00148696 _____ (AVAST Software s.r.o.) C:\WINDOWS\system32\Drivers\aswbidshx.sys 2017-05-10 18:12 - 2017-05-10 18:09 - 00041664 _____ (AVAST Software s.r.o.) C:\WINDOWS\system32\Drivers\aswbunivx.sys 2017-05-10 18:12 - 2017-05-10 18:09 - 00031064 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswKbd.sys 2017-05-10 18:10 - 2017-05-10 18:10 - 00330768 _____ (AVAST Software) C:\WINDOWS\system32\aswBoot.exe 2017-05-10 17:40 - 2017-05-10 17:40 - 01488120 _____ (Microsoft Corporation) C:\WINDOWS\system32\WdfCoInstaller01009.dll 2017-05-10 17:39 - 2017-05-10 17:39 - 00028248 _____ (ELAN Microelectronic Corp.) C:\WINDOWS\system32\Drivers\ETDSMBus.sys 2017-05-10 07:21 - 2017-04-29 03:05 - 00835576 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerApp.exe 2017-05-10 07:21 - 2017-04-29 03:05 - 00177656 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerCPLApp.cpl 2017-05-10 07:18 - 2017-04-28 03:38 - 01432304 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32full.dll 2017-05-10 07:18 - 2017-04-28 03:19 - 05863328 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe 2017-05-10 07:18 - 2017-04-28 03:19 - 01854832 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll 2017-05-10 07:18 - 2017-04-28 03:19 - 00605936 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleaut32.dll 2017-05-10 07:18 - 2017-04-28 03:18 - 02259760 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreUIComponents.dll 2017-05-10 07:18 - 2017-04-28 03:17 - 00698376 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreMessaging.dll 2017-05-10 07:18 - 2017-04-28 03:17 - 00624368 _____ (Microsoft Corporation) C:\WINDOWS\system32\kernel32.dll 2017-05-10 07:18 - 2017-04-28 03:14 - 00573504 _____ (Microsoft Corporation) C:\WINDOWS\system32\ci.dll 2017-05-10 07:18 - 2017-04-28 03:11 - 02158544 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll 2017-05-10 07:18 - 2017-04-28 03:11 - 02022816 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys 2017-05-10 07:18 - 2017-04-28 03:11 - 00170904 _____ (Microsoft Corporation) C:\WINDOWS\system32\browserbroker.dll 2017-05-10 07:18 - 2017-04-28 03:11 - 00025504 _____ (Microsoft Corporation) C:\WINDOWS\system32\browser_broker.exe 2017-05-10 07:18 - 2017-04-28 03:10 - 00777400 _____ (Microsoft Corporation) C:\WINDOWS\system32\ClipSVC.dll 2017-05-10 07:18 - 2017-04-28 03:10 - 00286624 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBXHCI.SYS 2017-05-10 07:18 - 2017-04-28 03:09 - 01557288 _____ (Microsoft Corporation) C:\WINDOWS\system32\crypt32.dll 2017-05-10 07:18 - 2017-04-28 03:08 - 02330520 _____ (Microsoft Corporation) C:\WINDOWS\system32\combase.dll 2017-05-10 07:18 - 2017-04-28 03:07 - 06759512 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll 2017-05-10 07:18 - 2017-04-28 03:07 - 00988168 _____ (Microsoft Corporation) C:\WINDOWS\system32\ole32.dll 2017-05-10 07:18 - 2017-04-28 02:52 - 02957824 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys 2017-05-10 07:18 - 2017-04-28 02:52 - 00790528 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.dll 2017-05-10 07:18 - 2017-04-28 02:52 - 00584192 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIRibbonRes.dll 2017-05-10 07:18 - 2017-04-28 02:51 - 20505600 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll 2017-05-10 07:18 - 2017-04-28 02:49 - 00072192 _____ (Microsoft Corporation) C:\WINDOWS\system32\tdc.ocx 2017-05-10 07:18 - 2017-04-28 02:49 - 00027648 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\BasicRender.sys 2017-05-10 07:18 - 2017-04-28 02:49 - 00025088 _____ (Microsoft Corporation) C:\WINDOWS\system32\odbcconf.dll 2017-05-10 07:18 - 2017-04-28 02:46 - 19335168 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll 2017-05-10 07:18 - 2017-04-28 02:46 - 00329728 _____ (Microsoft Corporation) C:\WINDOWS\system32\webplatstorageserver.dll 2017-05-10 07:18 - 2017-04-28 02:46 - 00257024 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsEnvironment.Desktop.dll 2017-05-10 07:18 - 2017-04-28 02:46 - 00080384 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll 2017-05-10 07:18 - 2017-04-28 02:45 - 00359424 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadcloudap.dll 2017-05-10 07:18 - 2017-04-28 02:45 - 00124928 _____ (Microsoft Corporation) C:\WINDOWS\system32\iepeers.dll 2017-05-10 07:18 - 2017-04-28 02:44 - 00338432 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll 2017-05-10 07:18 - 2017-04-28 02:44 - 00266240 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtrans.dll 2017-05-10 07:18 - 2017-04-28 02:43 - 00314368 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpAXHolder.dll 2017-05-10 07:18 - 2017-04-28 02:42 - 00936960 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpcss.dll 2017-05-10 07:18 - 2017-04-28 02:42 - 00806400 _____ (Microsoft Corporation) C:\WINDOWS\system32\StoreAgent.dll 2017-05-10 07:18 - 2017-04-28 02:42 - 00663040 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll 2017-05-10 07:18 - 2017-04-28 02:42 - 00636416 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcWebFilter.dll 2017-05-10 07:18 - 2017-04-28 02:42 - 00367104 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallAgentUserBroker.exe 2017-05-10 07:18 - 2017-04-28 02:41 - 01248768 _____ (Microsoft Corporation) C:\WINDOWS\system32\AzureSettingSyncProvider.dll 2017-05-10 07:18 - 2017-04-28 02:41 - 00871424 _____ (Microsoft Corporation) C:\WINDOWS\system32\modernexecserver.dll 2017-05-10 07:18 - 2017-04-28 02:40 - 11870208 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll 2017-05-10 07:18 - 2017-04-28 02:40 - 06292992 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll 2017-05-10 07:18 - 2017-04-28 02:40 - 02008576 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl 2017-05-10 07:18 - 2017-04-28 02:40 - 01513984 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll 2017-05-10 07:18 - 2017-04-28 02:40 - 00799232 _____ (Microsoft Corporation) C:\WINDOWS\system32\TokenBroker.dll 2017-05-10 07:18 - 2017-04-28 02:40 - 00328704 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallAgent.exe 2017-05-10 07:18 - 2017-04-28 02:40 - 00050176 _____ (Microsoft Corporation) C:\WINDOWS\system32\cldapi.dll 2017-05-10 07:18 - 2017-04-28 02:39 - 05225984 _____ (Microsoft Corporation) C:\WINDOWS\system32\d2d1.dll 2017-05-10 07:18 - 2017-04-28 02:39 - 03655680 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll 2017-05-10 07:18 - 2017-04-28 02:39 - 02859520 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll 2017-05-10 07:18 - 2017-04-28 02:39 - 02366464 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll 2017-05-10 07:18 - 2017-04-28 02:38 - 03667456 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_47.dll 2017-05-10 07:18 - 2017-04-28 02:38 - 01585664 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys 2017-05-10 07:18 - 2017-04-28 02:38 - 01019904 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadtb.dll 2017-05-10 07:18 - 2017-04-28 02:37 - 04559360 _____ (Microsoft Corporation) C:\WINDOWS\system32\dbgeng.dll 2017-05-10 07:18 - 2017-04-28 02:37 - 01626624 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll 2017-05-10 07:18 - 2017-04-28 02:35 - 00625664 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv2.sys 2017-05-10 07:18 - 2017-04-28 02:34 - 00891904 _____ (Microsoft Corporation) C:\WINDOWS\system32\autochk.exe 2017-05-10 07:18 - 2017-04-28 02:34 - 00342528 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv.sys 2017-05-10 07:18 - 2017-04-28 02:33 - 00089088 _____ (Microsoft Corporation) C:\WINDOWS\system32\olepro32.dll 2017-05-06 07:56 - 2017-05-06 07:56 - 00005946 _____ C:\Users\op\Downloads\Mise à disposition de services en ligne.pdf ==================== Un mois - Modifiés - fichiers et dossiers ======== (Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.) 2017-06-04 22:48 - 2017-04-30 07:18 - 00000000 ____D C:\WINDOWS\system32\SleepStudy 2017-06-04 22:00 - 2017-01-21 00:00 - 00000000 ___RD C:\Users\op\bureau 2017-06-04 21:56 - 2016-11-18 10:23 - 00000000 ____D C:\Users\op\AppData\LocalLow\Mozilla 2017-06-04 16:35 - 2017-04-30 07:29 - 00000000 ____D C:\Users\op 2017-06-04 16:34 - 2017-04-30 07:53 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT 2017-06-04 16:34 - 2017-02-26 10:29 - 431160581 _____ C:\WINDOWS\MEMORY.DMP 2017-06-04 09:28 - 2014-12-28 09:09 - 00000000 __SHD C:\Users\Public\DRM 2017-06-04 07:19 - 2017-01-21 00:11 - 00000000 ____D C:\Users\op\bureau\LOGICIEL 2017-06-03 22:43 - 2017-03-18 08:02 - 02359296 _____ C:\WINDOWS\system32\config\BBI 2017-06-03 22:42 - 2016-01-14 16:38 - 00000000 ____D C:\Program Files\Common Files\IObit 2017-06-03 22:42 - 2015-11-27 19:30 - 00000000 ____D C:\AdwCleaner 2017-06-03 22:39 - 2017-01-07 14:21 - 00000000 ____D C:\ProgramData\BSD 2017-06-03 22:39 - 2016-01-14 16:10 - 00000000 ____D C:\Users\op\AppData\Roaming\IObit 2017-06-03 22:39 - 2016-01-14 16:10 - 00000000 ____D C:\Users\op\AppData\LocalLow\IObit 2017-06-03 22:39 - 2016-01-14 16:10 - 00000000 ____D C:\ProgramData\IObit 2017-06-03 18:30 - 2016-11-15 21:51 - 00000000 ____D C:\Users\op\AppData\Roaming\Molotov 2017-06-03 18:26 - 2016-11-20 21:12 - 00000000 ____D C:\Users\op\AppData\Local\Molotov 2017-06-03 06:42 - 2017-03-18 20:23 - 00000000 ___HD C:\Program Files\WindowsApps 2017-06-03 06:42 - 2017-03-18 20:23 - 00000000 ____D C:\WINDOWS\AppReadiness 2017-05-31 20:04 - 2016-01-30 15:26 - 00000000 ____D C:\Program Files\Hearthstone 2017-05-31 15:19 - 2017-02-05 05:01 - 00000000 ____D C:\Program Files\Steam 2017-05-31 13:55 - 2017-03-18 20:21 - 00000000 ____D C:\WINDOWS\INF 2017-05-31 13:24 - 2009-07-14 04:37 - 00000000 ___HD C:\WINDOWS\system32\GroupPolicy 2017-05-30 17:51 - 2017-04-30 07:29 - 00000000 ____D C:\Users\DefaultAppPool 2017-05-30 17:37 - 2014-12-23 20:38 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java 2017-05-30 17:35 - 2014-12-23 20:38 - 00000000 ____D C:\Program Files\Java 2017-05-30 17:34 - 2014-12-23 18:11 - 00000000 ____D C:\Users\op\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR 2017-05-30 17:34 - 2014-12-23 18:11 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR 2017-05-30 17:34 - 2014-12-23 18:11 - 00000000 ____D C:\Program Files\WinRAR 2017-05-30 17:33 - 2017-03-18 20:23 - 00000000 ____D C:\WINDOWS\system32\Macromed 2017-05-29 20:51 - 2016-01-10 10:44 - 00000000 ____D C:\Users\op\AppData\Local\Packages 2017-05-29 15:22 - 2017-04-30 07:28 - 02202306 _____ C:\WINDOWS\system32\PerfStringBackup.INI 2017-05-29 15:22 - 2017-03-19 10:20 - 00976048 _____ C:\WINDOWS\system32\perfh00C.dat 2017-05-29 15:22 - 2017-03-19 10:20 - 00207938 _____ C:\WINDOWS\system32\perfc00C.dat 2017-05-29 15:16 - 2017-03-18 08:02 - 00032768 _____ C:\WINDOWS\system32\config\ELAM 2017-05-29 15:12 - 2014-12-23 19:14 - 00000000 ____D C:\Program Files\Mozilla Maintenance Service 2017-05-24 08:49 - 2016-10-04 12:49 - 00000000 ____D C:\Users\op\Documents\Share Link 2017-05-24 08:48 - 2016-09-30 20:35 - 00000000 ____D C:\Users\op\AppData\Local\Share Link 2017-05-23 06:34 - 2016-01-10 17:25 - 00000000 ____D C:\WINDOWS\system32\MRT 2017-05-23 06:29 - 2016-01-10 17:25 - 129479984 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe 2017-05-22 10:01 - 2016-09-24 10:50 - 00000000 ____D C:\Program Files\Mozilla Firefox 2017-05-16 21:36 - 2014-12-23 19:19 - 00000000 ____D C:\Program Files\Common Files\Adobe AIR 2017-05-12 09:46 - 2017-03-18 20:23 - 00000000 ____D C:\WINDOWS\rescache 2017-05-11 06:42 - 2017-03-15 19:31 - 00000000 ___RD C:\Program Files\Skype 2017-05-11 06:42 - 2015-11-24 19:20 - 00000000 ____D C:\ProgramData\Skype 2017-05-10 18:05 - 2017-04-30 07:18 - 00379544 _____ C:\WINDOWS\system32\FNTCACHE.DAT 2017-05-10 18:03 - 2017-03-18 20:23 - 00000000 ____D C:\WINDOWS\system32\appraiser 2017-05-10 18:03 - 2017-03-18 20:23 - 00000000 ____D C:\WINDOWS\ShellExperiences 2017-05-10 18:03 - 2017-03-18 20:23 - 00000000 ____D C:\Program Files\Windows Photo Viewer 2017-05-10 07:23 - 2017-03-18 20:14 - 00000000 ____D C:\WINDOWS\CbsTemp 2017-05-08 09:19 - 2014-12-23 19:17 - 00000000 ____D C:\Users\op\AppData\Roaming\vlc 2017-05-08 09:02 - 2015-11-19 14:36 - 00000000 ____D C:\Users\op\AppData\Local\Songr ==================== Fichiers à la racine de certains dossiers ======= 2017-04-12 18:38 - 2017-04-12 18:38 - 3019912 _____ (Sandboxie Holdings, LLC) C:\Program Files\SbieMsg.dll 2017-04-12 18:38 - 2017-04-12 18:38 - 0035464 _____ (Sandboxie Holdings, LLC) C:\Program Files\SboxHostDll.dll 2016-01-13 00:13 - 2016-01-13 00:13 - 0022328 _____ () C:\Users\op\AppData\Roaming\PnkBstrK.sys 2017-01-06 22:39 - 2017-01-06 22:39 - 0003158 _____ () C:\Users\op\AppData\Roaming\ZeroBraneStudio.ini 2015-11-23 20:21 - 2015-11-23 20:21 - 0000000 ___SH () C:\Users\op\AppData\Local\LumaEmu 2016-06-30 13:55 - 2016-10-11 19:04 - 0007597 _____ () C:\Users\op\AppData\Local\resmon.resmoncfg 2016-03-27 20:05 - 2016-03-27 20:05 - 0000057 _____ () C:\ProgramData\Ament.ini 2017-04-30 07:21 - 2017-04-30 07:21 - 0000000 ____H () C:\ProgramData\DP45977C.lfl 2015-01-17 12:12 - 2015-09-23 07:52 - 0000300 _____ () C:\ProgramData\Microsoft.SqlServer.Compact.351.32.bc ==================== Bamital & volsnap ====================== (Il n'y a pas de correction automatique pour les fichiers qui ne satisfont pas à la vérification.) C:\WINDOWS\explorer.exe => Le fichier est signé numériquement C:\WINDOWS\system32\winlogon.exe => Le fichier est signé numériquement C:\WINDOWS\system32\wininit.exe => Le fichier est signé numériquement C:\WINDOWS\system32\svchost.exe => Le fichier est signé numériquement C:\WINDOWS\system32\services.exe => Le fichier est signé numériquement C:\WINDOWS\system32\User32.dll => Le fichier est signé numériquement C:\WINDOWS\system32\userinit.exe => Le fichier est signé numériquement C:\WINDOWS\system32\rpcss.dll => Le fichier est signé numériquement C:\WINDOWS\system32\dnsapi.dll => Le fichier est signé numériquement C:\WINDOWS\system32\Drivers\volsnap.sys => Le fichier est signé numériquement LastRegBack: 2017-06-04 07:54 ==================== Fin de FRST.txt ============================