Résultats d'analyse de Farbar Recovery Scan Tool (FRST) (x64) Version: 11-10-2017 Exécuté par Emeline (administrateur) sur EMELINE-TOSH (14-10-2017 00:54:22) Exécuté depuis C:\Users\Emeline\Desktop Profils chargés: Emeline (Profils disponibles: Emeline) Platform: Windows 10 Home Version 1703 170317-1834 (X64) Langue: Français (France) Internet Explorer Version 11 (Navigateur par défaut: Chrome) Mode d'amorçage: Normal Tutoriel pour Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processus (Avec liste blanche) ================= (Si un élément est inclus dans le fichier fixlist.txt, le processus sera arrêté. Le fichier ne sera pas déplacé.) (AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe (ABBYY) C:\Program Files (x86)\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe (Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe (Realsil Microelectronics Inc.) C:\Program Files (x86)\Realtek\Realtek USB 2.0 Card Reader\RIconMan.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (Microsoft Corporation) C:\Windows\System32\mqsvc.exe (Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe (Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe (TOSHIBA Corporation) C:\Windows\System32\TODDSrv.exe (TOSHIBA Corporation) C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe (Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe (Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe (Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe (Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe (AVAST Software s.r.o.) C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe (Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe (Intel Corporation) C:\Windows\System32\igfxtray.exe (Intel Corporation) C:\Windows\System32\hkcmd.exe (Intel Corporation) C:\Windows\System32\igfxpers.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe (TOSHIBA Corporation) C:\Program Files\TOSHIBA\BulletinBoard\TosNcCore.exe (TOSHIBA Corporation) C:\Program Files\TOSHIBA\ReelTime\TosReelTimeMonitor.exe (TOSHIBA Corporation) C:\Program Files\TOSHIBA\Power Saver\TPwrMain.exe (TOSHIBA Corporation) C:\Program Files\TOSHIBA\SmoothView\SmoothView.exe (TOSHIBA Corporation) C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe (Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe (Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe (AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe (Intel Corporation) C:\Windows\System32\igfxext.exe (SEIKO EPSON CORPORATION) C:\Windows\System32\spool\drivers\x64\3\E_IATIHJE.EXE (Toshiba) C:\Program Files\TOSHIBA\TOSHIBA Places Icon Utility\TosDIMonitor.exe (TOSHIBA CORPORATION) C:\Program Files (x86)\TOSHIBA\Utilities\KeNotify.exe (TOSHIBA Corporation) C:\Program Files\TOSHIBA\TOSHIBA Service Station\ToshibaServiceStation.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.19.856.0_x64__kzf8qxf38zg5c\SkypeHost.exe (TOSHIBA Corporation) C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe (TOSHIBA Corporation) C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSENotify.exe (Nero AG) C:\Program Files (x86)\Nero\Update\NASvc.exe (TOSHIBA Corporation) C:\Program Files\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe (Toshiba Europe GmbH) C:\Program Files (x86)\Toshiba TEMPRO\Toshiba.Tempro.UI.CommonNotifier.exe (Toshiba Europe GmbH) C:\Program Files (x86)\Toshiba TEMPRO\TemproSvc.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Microsoft Corporation) C:\Windows\System32\smartscreen.exe (Farbar) C:\Users\Emeline\Desktop\FRST64 (1).exe ==================== Registre (Avec liste blanche) =========================== (Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé. Le fichier ne sera pas déplacé.) HKLM\...\Run: [SecurityHealth] => C:\Program Files\Windows Defender\MSASCuiL.exe [629152 2017-03-18] (Microsoft Corporation) HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [11101800 2010-07-28] (Realtek Semiconductor) HKLM\...\Run: [RtHDVBg] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2120808 2010-07-28] (Realtek Semiconductor) HKLM\...\Run: [TosNC] => C:\Program Files\Toshiba\BulletinBoard\TosNcCore.exe [597928 2011-03-03] (TOSHIBA Corporation) HKLM\...\Run: [TosReelTimeMonitor] => C:\Program Files\TOSHIBA\ReelTime\TosReelTimeMonitor.exe [38304 2010-12-14] (TOSHIBA Corporation) HKLM\...\Run: [TPwrMain] => C:\Program Files\TOSHIBA\Power Saver\TPwrMain.EXE [566184 2010-09-28] (TOSHIBA Corporation) HKLM\...\Run: [SmoothView] => C:\Program Files\Toshiba\SmoothView\SmoothView.exe [570680 2009-08-13] (TOSHIBA Corporation) HKLM\...\Run: [00TCrdMain] => C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe [915320 2010-05-10] (TOSHIBA Corporation) HKLM\...\Run: [SmartFaceVWatcher] => C:\Program Files\Toshiba\SmartFaceV\SmartFaceVWatcher.exe [238080 2009-10-19] (TOSHIBA Corporation) HKLM\...\Run: [TosSENotify] => C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosWaitSrv.exe [709976 2010-02-05] (TOSHIBA Corporation) HKLM\...\Run: [TosVolRegulator] => C:\Program Files\TOSHIBA\TosVolRegulator\TosVolRegulator.exe [24376 2009-11-11] (TOSHIBA Corporation) HKLM\...\Run: [IntelliType Pro] => C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [1464944 2012-11-02] (Microsoft Corporation) HKLM\...\Run: [IntelliPoint] => C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2076272 2012-11-02] (Microsoft Corporation) HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [508128 2016-05-05] (Adobe Systems Incorporated) HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [253344 2017-10-11] (AVAST Software) HKLM-x32\...\Run: [NBAgent] => c:\Program Files (x86)\Nero\Nero 10\Nero BackItUp\NBAgent.exe [1409424 2011-06-29] (Nero AG) HKLM-x32\...\Run: [HWSetup] => C:\Program Files\TOSHIBA\Utilities\HWSetup.exe [423936 2010-03-04] (TOSHIBA Electronics, Inc.) HKLM-x32\...\Run: [KeNotify] => C:\Program Files (x86)\TOSHIBA\Utilities\KeNotify.exe [34160 2010-08-15] (TOSHIBA CORPORATION) HKLM-x32\...\Run: [QuickTime Plugin Install] => C:\Program Files (x86)\QuickTime\Plugins\DeleteMe1.exe [86016 2013-08-24] () HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [587288 2017-07-21] (Oracle Corporation) HKLM Group Policy restriction on software: %systemroot%\system32\mrt.exe <==== ATTENTION Winlogon\Notify\igfxcui: C:\WINDOWS\system32\igfxdev.dll (Intel Corporation) HKU\S-1-5-21-113817228-3845952270-3409043217-1000\...\Run: [TOPI.EXE] => C:\Program Files (x86)\TOSHIBA\TOSHIBA Online Product Information\topi.exe [846936 2011-05-16] (TOSHIBA) HKU\S-1-5-21-113817228-3845952270-3409043217-1000\...\Run: [Facebook Update] => C:\Users\Emeline\AppData\Local\Facebook\Update\FacebookUpdate.exe [138096 2013-05-09] (Facebook Inc.) HKU\S-1-5-21-113817228-3845952270-3409043217-1000\...\Run: [Steam] => C:\Program Files (x86)\Steam\Steam.exe [3071776 2017-08-28] (Valve Corporation) HKU\S-1-5-21-113817228-3845952270-3409043217-1000\...\Run: [EADM] => C:\Program Files (x86)\Origin\Origin.exe [3098952 2017-10-11] (Electronic Arts) HKU\S-1-5-21-113817228-3845952270-3409043217-1000\...\Run: [Dropbox Update] => C:\Users\Emeline\AppData\Local\Dropbox\Update\DropboxUpdate.exe [143144 2016-11-05] (Dropbox, Inc.) HKU\S-1-5-21-113817228-3845952270-3409043217-1000\...\Run: [Akamai NetSession Interface] => C:\Users\Emeline\AppData\Local\Akamai\netsession_win.exe [4691384 2015-09-10] (Akamai Technologies, Inc.) HKU\S-1-5-21-113817228-3845952270-3409043217-1000\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [9803992 2017-06-13] (Piriform Ltd) HKU\S-1-5-21-113817228-3845952270-3409043217-1000\...\Run: [Spotify Web Helper] => C:\Users\Emeline\AppData\Roaming\Spotify\SpotifyWebHelper.exe [1562224 2017-06-24] (Spotify Ltd) HKU\S-1-5-21-113817228-3845952270-3409043217-1000\...\Run: [Spotify] => C:\Users\Emeline\AppData\Roaming\Spotify\Spotify.exe [7047792 2017-06-24] (Spotify Ltd) HKU\S-1-5-21-113817228-3845952270-3409043217-1000\...\Run: [Discord] => C:\Users\Emeline\AppData\Local\Discord\app-0.0.297\Discord.exe [64290304 2017-01-04] (Hammer & Chisel, Inc.) HKU\S-1-5-21-113817228-3845952270-3409043217-1000\...\Run: [EPLTarget\P0000000000000000] => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_IATIHJE.EXE [283232 2012-02-29] (SEIKO EPSON CORPORATION) HKU\S-1-5-21-113817228-3845952270-3409043217-1000\...\MountPoints2: {2f445c5a-f812-11e6-9c51-dc0ea1362028} - "F:\HiSuiteDownLoader.exe" HKU\S-1-5-21-113817228-3845952270-3409043217-1000\...\MountPoints2: {332baa75-1096-11e1-8a42-806e6f6e6963} - "E:\SETUP.EXE" Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Toshiba Places Icon Utility.lnk [2012-02-11] ShortcutTarget: Toshiba Places Icon Utility.lnk -> C:\Program Files\TOSHIBA\TOSHIBA Places Icon Utility\TosDIMonitor.exe (Toshiba) Startup: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\TRDCReminder.lnk [2011-07-26] ShortcutTarget: TRDCReminder.lnk -> C:\Program Files (x86)\TOSHIBA\TRDCReminder\TRDCReminder.exe (TOSHIBA Europe) Startup: C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\TRDCReminder.lnk [2011-07-26] ShortcutTarget: TRDCReminder.lnk -> C:\Program Files (x86)\TOSHIBA\TRDCReminder\TRDCReminder.exe (TOSHIBA Europe) Startup: C:\Users\Emeline\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk [2015-12-10] ShortcutTarget: Dropbox.lnk -> C:\Users\Emeline\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.) GroupPolicy: Restriction - Chrome <==== ATTENTION ==================== Internet (Avec liste blanche) ==================== (Si un élément est inclus dans le fichier fixlist.txt, s'il s'agit d'un élément du Registre, il sera supprimé ou restauré à la valeur par défaut.) Hosts: Il y a plus d'un élément dans hosts. Voir la section Hosts de Addition.txt Tcpip\Parameters: [DhcpNameServer] 192.168.1.1 Tcpip\..\Interfaces\{3244a209-5760-4910-a570-e70ae41b0afe}: [DhcpNameServer] 10.2.0.1 Tcpip\..\Interfaces\{810d2ca7-f4fb-47c3-9d92-d7fdddef5c0f}: [DhcpNameServer] 192.168.1.1 Tcpip\..\Interfaces\{e9c495d5-1a45-4e18-814b-59751e1d80dd}: [DhcpNameServer] 192.168.1.1 Tcpip\..\Interfaces\{F4CA9914-7AF8-4DED-8CF6-CC5E2A8F331E}: [DhcpNameServer] 10.1.0.1 Internet Explorer: ================== HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = about:blank HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = about:blank HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\.DEFAULT -> {483830EE-A4CD-4b71-B0A3-3D82E62A6909} URL = SearchScopes: HKU\S-1-5-21-113817228-3845952270-3409043217-1000 -> {477DF3FC-20DF-4707-BBB2-98587BC0723A} URL = hxxps://fr.search.yahoo.com/search?p={searchTerms}&fr=yset_ie_syc_oracle&type=orcl_default BHO: Easy Photo Print -> {9421DD08-935F-4701-A9CA-22DF90AC4EA6} -> C:\Program Files (x86)\Epson Software\Easy Photo Print\EPTBL.dll [2015-07-31] (Seiko Epson Corporation) BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_144\bin\ssv.dll [2017-10-14] (Oracle Corporation) BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_144\bin\jp2ssv.dll [2017-10-14] (Oracle Corporation) BHO-x32: TOSHIBA Media Controller Plug-in -> {F3C88694-EFFA-4d78-B409-54B7B2535B14} -> C:\Program Files (x86)\TOSHIBA\TOSHIBA Media Controller Plug-in\TOSHIBAMediaControllerIE.dll [2010-03-19] () Toolbar: HKLM - Easy Photo Print - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files (x86)\Epson Software\Easy Photo Print\EPTBL.dll [2015-07-31] (Seiko Epson Corporation) Toolbar: HKU\S-1-5-21-113817228-3845952270-3409043217-1000 -> Pas de nom - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - Pas de fichier Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll [2017-07-18] (Skype Technologies) FireFox: ======== FF HKU\.DEFAULT\...\Firefox\Extensions: [{b64982b1-d112-42b5-b1e4-d3867c4533f8}] - C:\ProgramData\Browser Manager\2.2.643.41\{16cdff19-861d-48e3-a751-d99a27784753}\FirefoxExtension => non trouvé(e) FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_27_0_0_159.dll [2017-10-10] () FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.50907.0\npctrl.dll [2017-05-03] ( Microsoft Corporation) FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_27_0_0_159.dll [2017-10-10] () FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll [2014-01-06] (Google, Inc.) FF Plugin-x32: @java.com/DTPlugin,version=11.144.2 -> C:\Program Files (x86)\Java\jre1.8.0_144\bin\dtplugin\npDeployJava1.dll [2017-10-14] (Oracle Corporation) FF Plugin-x32: @java.com/JavaPlugin,version=11.144.2 -> C:\Program Files (x86)\Java\jre1.8.0_144\bin\plugin2\npjp2.dll [2017-10-14] (Oracle Corporation) FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.50907.0\npctrl.dll [2017-05-03] ( Microsoft Corporation) FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-03-08] (Microsoft Corporation) FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3538.0513 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-03-08] (Microsoft Corporation) FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3555.0308 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-03-08] (Microsoft Corporation) FF Plugin-x32: @Nero.com/KM -> C:\PROGRA~2\COMMON~1\Nero\BROWSE~1\NPBROW~1.DLL [2015-04-10] (Nero AG) FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-04-28] (Google Inc.) FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-04-28] (Google Inc.) FF Plugin-x32: @videolan.org/vlc,version=2.0.8 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2017-05-24] (VideoLAN) FF Plugin-x32: @videolan.org/vlc,version=2.2.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2017-05-24] (VideoLAN) FF Plugin-x32: @videolan.org/vlc,version=2.2.6 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2017-05-24] (VideoLAN) FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\10\NP_wtapp.dll [Pas de fichier] FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2017-08-01] (Adobe Systems Inc.) FF Plugin HKU\S-1-5-21-113817228-3845952270-3409043217-1000: @Skype Limited.com/Facebook Video Calling Plugin -> C:\Users\Emeline\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll [2014-07-24] (Skype Limited) FF Plugin HKU\S-1-5-21-113817228-3845952270-3409043217-1000: thehappycloud.com/HappyCloudPlugin -> C:\ProgramData\HappyCloud\Application\npHappyCloudPlugin.dll [2013-01-03] (The Happy Cloud) FF Plugin HKU\S-1-5-21-113817228-3845952270-3409043217-1000: ubisoft.com/uplaypc -> C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll [2017-04-01] () Chrome: ======= CHR DefaultProfile: Default CHR HomePage: Default -> hxxps://www.google.com/ CHR StartupUrls: Default -> "hxxps://www.google.fr/?gfe_rd=cr&ei=98WJWf7CEpHUXticgZgO","hxxps://www.facebook.com/","hxxp://www.livraddict.com/profil/tohrumina/","hxxp://www.seriebox.com/profil/tohrumina/","hxxps://www.youniqueproducts.com/EmelineVandenbroucke/business" CHR NewTab: Default -> Not-active:"chrome-extension://eedlgdlajadkbbjoobobefphmfkcchfk/newtab.html" CHR DefaultSearchURL: Default -> hxxps://www.ecosia.org/search?q={searchTerms}&addon=chrome&addonversion=2.0.3 CHR DefaultSearchKeyword: Default -> ecosia CHR DefaultSuggestURL: Default -> hxxps://ac.ecosia.org/?q={searchTerms}&type=list&mkt=fr CHR Profile: C:\Users\Emeline\AppData\Local\Google\Chrome\User Data\Default [2017-10-14] CHR Extension: (Photo Effects - CloneGram) - C:\Users\Emeline\AppData\Local\Google\Chrome\User Data\Default\Extensions\aiejelehjdombfbnjppoiabjnnjajnlm [2016-08-12] CHR Extension: (Google Drive) - C:\Users\Emeline\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-11-16] CHR Extension: (Spotiload (former Spotify Vk Downloader)) - C:\Users\Emeline\AppData\Local\Google\Chrome\User Data\Default\Extensions\baggnalhgbpeanbhedjlbndhjgmimmhl [2017-09-10] CHR Extension: (Adblock Plus) - C:\Users\Emeline\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2017-09-28] CHR Extension: (Redirection de l'omnibox vers Ecosia (Legacy)) - C:\Users\Emeline\AppData\Local\Google\Chrome\User Data\Default\Extensions\clellnciejhoedgepbdilbkdkaoecgpc [2017-05-14] CHR Extension: (Ecosia) - C:\Users\Emeline\AppData\Local\Google\Chrome\User Data\Default\Extensions\eedlgdlajadkbbjoobobefphmfkcchfk [2017-07-06] CHR Extension: (Google Docs hors connexion) - C:\Users\Emeline\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-03-16] CHR Extension: (Avast Online Security) - C:\Users\Emeline\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2017-10-14] CHR Extension: (Bouton Enregistrer Pinterest) - C:\Users\Emeline\AppData\Local\Google\Chrome\User Data\Default\Extensions\gpdjojdkbbmdfjfahjcgigfpmkopogic [2017-10-12] CHR Extension: (Save to Facebook) - C:\Users\Emeline\AppData\Local\Google\Chrome\User Data\Default\Extensions\jmfikkaogpplgnfjmbjdpalkhclendgd [2017-04-10] CHR Extension: (Paiements via le Chrome Web Store) - C:\Users\Emeline\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-08-25] CHR Extension: (Chrome Media Router) - C:\Users\Emeline\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-10-12] CHR Profile: C:\Users\Emeline\AppData\Local\Google\Chrome\User Data\Guest Profile [2017-10-13] CHR HKLM-x32\...\Chrome\Extension: [clgckgfbhciacomhlchmgdnplmdiadbj] - hxxps://clients2.google.com/service/update2/crx CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - hxxps://clients2.google.com/service/update2/crx CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - hxxps://clients2.google.com/service/update2/crx CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx CHR HKLM-x32\...\Chrome\Extension: [kpdmjodecdegfglgaapafjleomjjlpnh] - hxxps://clients2.google.com/service/update2/crx CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - hxxps://clients2.google.com/service/update2/crx ==================== Services (Avec liste blanche) ==================== (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.) R2 ABBYY.Licensing.FineReader.Sprint.9.0; C:\Program Files (x86)\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe [759048 2009-05-14] (ABBYY) R2 AdobeUpdateService; C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe [737984 2016-06-03] (Adobe Systems Incorporated) R2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [2257016 2017-08-23] (Adobe Systems, Incorporated) R3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe [7446024 2017-10-11] (AVAST Software s.r.o.) R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [281416 2017-10-11] (AVAST Software) S3 Boonty Games; C:\Program Files (x86)\Common Files\BOONTY Shared\Service\Boonty.exe [69120 2017-02-19] (BOONTY) [Fichier non signé] R2 IconMan_R; C:\Program Files (x86)\Realtek\Realtek USB 2.0 Card Reader\RIconMan.exe [1811456 2010-08-27] (Realsil Microelectronics Inc.) [Fichier non signé] S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2120032 2017-10-11] (Electronic Arts) S2 Origin Web Helper Service; C:\Program Files (x86)\Origin\OriginWebHelperService.exe [3000168 2017-10-11] (Electronic Arts) R2 SynTPEnhService; C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe [278616 2017-05-04] (Synaptics Incorporated) R3 TemproMonitoringService; C:\Program Files (x86)\Toshiba TEMPRO\TemproSvc.exe [120392 2015-11-17] (Toshiba Europe GmbH) S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [342264 2017-03-18] (Microsoft Corporation) S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [102816 2017-06-20] (Microsoft Corporation) ===================== Pilotes (Avec liste blanche) ====================== (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.) S3 amdkmdap; C:\WINDOWS\System32\DRIVERS\atikmpag.sys [285696 2010-10-05] (Advanced Micro Devices, Inc.) [Fichier non signé] S3 Apowersoft_AudioDevice; C:\WINDOWS\System32\drivers\Apowersoft_AudioDevice.sys [31920 2014-04-09] (Wondershare) R1 aswbidsdriver; C:\WINDOWS\system32\drivers\aswbidsdrivera.sys [321032 2017-10-11] (AVAST Software s.r.o.) R0 aswbidsh; C:\WINDOWS\system32\drivers\aswbidsha.sys [198976 2017-10-11] (AVAST Software s.r.o.) R0 aswblog; C:\WINDOWS\system32\drivers\aswbloga.sys [343288 2017-10-11] (AVAST Software s.r.o.) R0 aswbuniv; C:\WINDOWS\system32\drivers\aswbuniva.sys [57736 2017-10-11] (AVAST Software s.r.o.) S3 aswHwid; C:\WINDOWS\system32\drivers\aswHwid.sys [47008 2017-10-11] (AVAST Software) R1 aswKbd; C:\WINDOWS\system32\drivers\aswKbd.sys [41832 2017-09-07] (AVAST Software) R2 aswMonFlt; C:\WINDOWS\system32\drivers\aswMonFlt.sys [147776 2017-10-11] (AVAST Software) R1 aswRdr; C:\WINDOWS\system32\drivers\aswRdr2.sys [110376 2017-10-11] (AVAST Software) R0 aswRvrt; C:\WINDOWS\system32\drivers\aswRvrt.sys [84416 2017-10-11] (AVAST Software) R1 aswSnx; C:\WINDOWS\system32\drivers\aswSnx.sys [1020536 2017-10-11] (AVAST Software) R1 aswSP; C:\WINDOWS\system32\drivers\aswSP.sys [587168 2017-10-11] (AVAST Software) R2 aswStm; C:\WINDOWS\system32\drivers\aswStm.sys [201352 2017-10-11] (AVAST Software) R0 aswVmm; C:\WINDOWS\system32\drivers\aswVmm.sys [363440 2017-10-11] (AVAST Software) S3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus.sys [131712 2016-09-05] (Samsung Electronics Co., Ltd.) S3 dtlitescsibus; C:\WINDOWS\System32\drivers\dtlitescsibus.sys [30264 2015-07-01] (Disc Soft Ltd) R0 gfibto; C:\WINDOWS\System32\drivers\gfibto.sys [14456 2013-08-23] (GFI Software) R3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [604160 2017-03-18] (Realtek ) R3 rtwlane_13; C:\WINDOWS\System32\drivers\rtwlane_13.sys [3717120 2017-03-18] (Realtek Semiconductor Corporation ) S3 SDFRd; C:\WINDOWS\System32\drivers\SDFRd.sys [31128 2017-03-18] () S3 SmbDrvI; C:\WINDOWS\system32\DRIVERS\Smb_driver_Intel.sys [51392 2016-11-23] (Synaptics Incorporated) S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [165504 2016-09-05] (Samsung Electronics Co., Ltd.) R3 Thotkey; C:\WINDOWS\System32\drivers\Thotkey.sys [45720 2015-12-31] (Toshiba Corporation) S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [44632 2017-03-18] (Microsoft Corporation) S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [294816 2017-03-18] (Microsoft Corporation) S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [121248 2017-03-18] (Microsoft Corporation) S3 xhunter1; C:\WINDOWS\xhunter1.sys [37416 2015-08-22] (Wellbia.com Co., Ltd.) U3 idsvc; pas de ImagePath ==================== NetSvcs (Avec liste blanche) =================== (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.) ==================== Un mois - Créés - fichiers et dossiers ======== (Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.) 2017-10-14 00:54 - 2017-10-14 00:55 - 000026399 _____ C:\Users\Emeline\Desktop\FRST.txt 2017-10-14 00:54 - 2017-10-14 00:54 - 000000000 ____D C:\FRST 2017-10-14 00:53 - 2017-10-14 00:53 - 002401792 _____ (Farbar) C:\Users\Emeline\Downloads\FRST64.exe 2017-10-14 00:53 - 2017-10-14 00:53 - 002401792 _____ (Farbar) C:\Users\Emeline\Desktop\FRST64 (1).exe 2017-10-14 00:18 - 2017-10-14 00:18 - 000000000 ____D C:\ProgramData\SWCUTemp 2017-10-13 23:10 - 2017-10-13 23:10 - 008250832 _____ (Malwarebytes) C:\Users\Emeline\Downloads\adwcleaner_7.0.3.1.exe 2017-10-13 15:41 - 2017-10-13 15:52 - 000000000 ____D C:\Users\Emeline\Desktop\Ddl 2017-10-12 05:00 - 2017-10-12 05:00 - 126925120 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT-KB890830.exe 2017-10-11 17:11 - 2017-10-11 17:11 - 000401488 _____ (AVAST Software) C:\WINDOWS\system32\aswBoot.exe 2017-10-11 17:06 - 2017-10-11 17:07 - 000093479 _____ C:\Users\Emeline\Desktop\CV_emeline_vandenbroucke1.pdf 2017-10-11 16:15 - 2017-10-11 17:40 - 000016047 _____ C:\Users\Emeline\Desktop\Emploi....ods 2017-10-11 15:02 - 2017-10-11 16:49 - 000045449 _____ C:\Users\Emeline\Desktop\lettremotiv_EMELINE_VANDENBROUCKE.pdf 2017-10-11 14:53 - 2017-10-11 14:53 - 000042877 _____ C:\Users\Emeline\Desktop\lettremotiv_englos.pdf 2017-10-06 00:54 - 2017-10-06 00:54 - 000043892 _____ C:\Users\Emeline\Desktop\lettremotiv calais.pdf 2017-10-06 00:44 - 2017-10-06 00:44 - 000097207 _____ C:\Users\Emeline\Desktop\CV_emeline_vandenbroucke_calais3.pdf 2017-10-06 00:41 - 2017-10-06 00:41 - 000084484 _____ C:\Users\Emeline\Desktop\CV_emeline_vandenbroucke_calais2.pdf 2017-10-06 00:19 - 2017-10-06 00:19 - 000130382 _____ C:\Users\Emeline\Desktop\CV_emeline_vandenbroucke_calais.pdf 2017-10-06 00:04 - 2017-05-16 23:13 - 000811612 _____ C:\Users\Emeline\Desktop\Younique_BON_DE_COMMANDE_Order-Form_fr.pdf 2017-10-05 21:36 - 2017-10-05 21:36 - 000000000 ____D C:\Users\Emeline\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox 2017-10-05 01:18 - 2017-10-05 01:18 - 000004780 _____ C:\Users\Emeline\AppData\Local\recently-used.xbel 2017-10-05 01:07 - 2017-10-05 01:07 - 000000000 ____D C:\Users\Emeline\AppData\Local\webkit 2017-10-03 15:07 - 2017-10-04 15:07 - 000000000 ____D C:\Users\Emeline\AppData\Local\{E3A9A111-D327-466D-ABCB-1C0726B92B33} 2017-10-01 19:49 - 2017-10-01 19:49 - 000000000 ____D C:\Users\Emeline\AppData\Local\{CC846D90-5B2B-4831-A1BE-99744174A2AC} 2017-09-30 21:31 - 2017-09-30 21:31 - 000000000 ____D C:\Users\Emeline\AppData\Local\{FBC4893E-A65C-4F9F-AFF6-5D32EE2E926F} 2017-09-29 08:46 - 2017-09-29 08:46 - 000082806 _____ C:\Users\Emeline\Desktop\CV_emeline_vandenbroucke_pour villeneuve.pdf 2017-09-29 08:34 - 2017-09-29 08:34 - 000045999 _____ C:\Users\Emeline\Desktop\lettremotiv.pdf 2017-09-28 23:26 - 2017-10-11 23:30 - 000019230 _____ C:\Users\Emeline\Desktop\lettremotiv.odt 2017-09-28 23:26 - 2017-09-28 23:26 - 000047402 _____ C:\Users\Emeline\Desktop\Lettre_motivation_villeneuve.pdf 2017-09-25 18:54 - 2017-09-25 18:54 - 001391744 _____ C:\Users\Emeline\Desktop\Concert mariage de Cha & Hadrien.mp4 2017-09-24 17:32 - 2017-09-24 17:32 - 000000000 ____D C:\Users\Emeline\AppData\Local\{FBB4AE45-179E-48CF-9881-0DEE049F4D24} 2017-09-23 18:51 - 2017-09-23 18:51 - 000000000 ____D C:\Users\Emeline\AppData\Local\{FDAAC772-8FDC-433E-921D-CFA91FC8465C} 2017-09-20 00:00 - 2017-09-20 00:00 - 000000000 ____D C:\Users\Emeline\Desktop\EVJF Cha 2017-09-17 22:45 - 2017-09-17 22:45 - 000089932 _____ C:\Users\Emeline\Desktop\CV_emeline_vandenbroucke.pdf 2017-09-17 15:35 - 2017-09-17 15:35 - 000079573 _____ C:\Users\Emeline\Desktop\lettredemotivation_EmelineVANDENBROUCKE.pdf 2017-09-17 15:14 - 2017-09-17 15:14 - 000136733 _____ C:\Users\Emeline\Desktop\Offre n°060QXDJ _ Pôle emploi.pdf 2017-09-16 01:39 - 2017-09-16 14:26 - 000000000 ____D C:\Users\Emeline\AppData\Local\{2791677C-2D0E-4DC6-AE35-C47A49893A3F} ==================== Un mois - Modifiés - fichiers et dossiers ======== (Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.) 2017-10-14 00:44 - 2017-05-14 03:46 - 000004174 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{03D5D42B-6C86-4ACC-BF75-3A26D6E1AAF7} 2017-10-14 00:30 - 2014-10-24 17:40 - 000097856 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\WindowsAccessBridge-32.dll 2017-10-14 00:30 - 2014-10-24 17:39 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java 2017-10-14 00:29 - 2012-07-17 21:53 - 000000000 ____D C:\Program Files (x86)\Java 2017-10-14 00:16 - 2017-03-18 22:51 - 000000000 ____D C:\WINDOWS\CbsTemp 2017-10-14 00:01 - 2017-04-03 00:49 - 000000000 ____D C:\Users\Emeline\Desktop\YOUNIQUE 2017-10-14 00:00 - 2014-03-04 02:59 - 000000000 ____D C:\Users\Emeline\Desktop\GEEK 2017-10-13 23:57 - 2017-05-14 03:46 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT 2017-10-13 23:56 - 2017-03-18 13:40 - 001048576 _____ C:\WINDOWS\system32\config\BBI 2017-10-13 23:55 - 2017-05-14 03:21 - 000000000 ____D C:\Users\Emeline 2017-10-13 23:55 - 2014-09-21 00:56 - 000000000 ____D C:\AdwCleaner 2017-10-13 23:48 - 2017-03-18 23:01 - 000000000 ____D C:\WINDOWS\INF 2017-10-13 23:30 - 2017-03-18 23:03 - 000000000 ____D C:\WINDOWS\system32\FxsTmp 2017-10-13 23:26 - 2017-05-14 03:16 - 000271872 _____ C:\WINDOWS\system32\FNTCACHE.DAT 2017-10-13 21:03 - 2017-05-14 03:16 - 000000000 ____D C:\WINDOWS\system32\SleepStudy 2017-10-13 18:28 - 2017-06-14 00:41 - 000021826 _____ C:\Users\Emeline\Desktop\writer.odt 2017-10-13 15:56 - 2014-03-01 00:00 - 000000000 ____D C:\Program Files (x86)\Steam 2017-10-13 15:51 - 2016-12-12 15:57 - 000000290 __RSH C:\ProgramData\ntuser.pol 2017-10-13 15:43 - 2017-02-19 18:31 - 000000000 ____D C:\Users\Emeline\AppData\LocalLow\uTorrent 2017-10-13 11:32 - 2014-01-26 04:28 - 000000000 ____D C:\Users\Emeline\AppData\Roaming\Origin 2017-10-12 21:30 - 2017-03-18 23:03 - 000000000 ___HD C:\Program Files\WindowsApps 2017-10-12 21:30 - 2017-03-18 23:03 - 000000000 ____D C:\WINDOWS\AppReadiness 2017-10-12 15:16 - 2014-01-26 04:26 - 000000000 ____D C:\ProgramData\Origin 2017-10-12 05:23 - 2013-08-15 01:24 - 000000000 ____D C:\WINDOWS\system32\MRT 2017-10-12 04:59 - 2012-01-25 00:29 - 126925120 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe 2017-10-12 02:01 - 2014-06-13 22:05 - 000000000 ____D C:\Users\Emeline\AppData\Local\Adobe 2017-10-11 22:18 - 2015-08-01 01:47 - 000000000 ____D C:\Users\Emeline\AppData\Local\Packages 2017-10-11 17:13 - 2017-06-06 22:58 - 000061304 _____ () C:\WINDOWS\system32\Drivers\lpsport.sys 2017-10-11 17:12 - 2017-05-14 03:46 - 000003994 _____ C:\WINDOWS\System32\Tasks\Avast Emergency Update 2017-10-11 17:11 - 2014-12-26 00:01 - 000587168 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSP.sys 2017-10-11 17:11 - 2014-12-26 00:01 - 000363440 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswVmm.sys 2017-10-11 17:11 - 2014-12-26 00:01 - 000201352 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswStm.sys 2017-10-11 17:11 - 2014-12-26 00:01 - 000147776 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswMonFlt.sys 2017-10-11 17:11 - 2014-12-26 00:01 - 000110376 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRdr2.sys 2017-10-11 17:11 - 2014-12-26 00:01 - 000084416 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRvrt.sys 2017-10-11 17:11 - 2014-12-26 00:01 - 000047008 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswHwid.sys 2017-10-11 17:11 - 2012-01-16 02:07 - 000000000 ____D C:\ProgramData\AVAST Software 2017-10-11 17:10 - 2017-02-09 02:41 - 000343288 _____ (AVAST Software s.r.o.) C:\WINDOWS\system32\Drivers\aswbloga.sys 2017-10-11 17:10 - 2017-02-09 02:41 - 000321032 _____ (AVAST Software s.r.o.) C:\WINDOWS\system32\Drivers\aswbidsdrivera.sys 2017-10-11 17:10 - 2017-02-09 02:41 - 000198976 _____ (AVAST Software s.r.o.) C:\WINDOWS\system32\Drivers\aswbidsha.sys 2017-10-11 17:10 - 2017-02-09 02:41 - 000057736 _____ (AVAST Software s.r.o.) C:\WINDOWS\system32\Drivers\aswbuniva.sys 2017-10-11 17:10 - 2014-12-26 00:01 - 001020536 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSnx.sys 2017-10-11 01:35 - 2014-09-05 19:26 - 000000000 ____D C:\Program Files (x86)\Origin 2017-10-10 22:17 - 2017-03-18 23:03 - 000000000 ____D C:\WINDOWS\SysWOW64\Macromed 2017-10-10 22:17 - 2017-03-18 23:03 - 000000000 ____D C:\WINDOWS\system32\Macromed 2017-10-10 20:55 - 2017-03-18 23:03 - 000000000 ____D C:\WINDOWS\LiveKernelReports 2017-10-05 21:40 - 2014-08-27 23:54 - 000000000 ____D C:\Users\Emeline\AppData\Roaming\Dropbox 2017-10-05 01:43 - 2014-09-21 00:46 - 000000000 ____D C:\Users\Emeline\.gimp-2.8 2017-10-05 01:18 - 2015-10-08 22:57 - 000000000 ____D C:\Users\Emeline\AppData\Local\gtk-2.0 2017-10-05 00:12 - 2016-07-01 16:29 - 000023412 _____ C:\Users\Emeline\Desktop\Sans nom 1.ods 2017-09-28 21:01 - 2012-01-04 20:57 - 000000000 ____D C:\Users\Emeline\AppData\Roaming\Skype 2017-09-27 00:11 - 2011-07-26 11:47 - 000002277 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk 2017-09-27 00:11 - 2011-07-26 11:47 - 000002265 _____ C:\Users\Public\Desktop\Google Chrome.lnk 2017-09-22 00:27 - 2017-07-27 15:22 - 000003374 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-113817228-3845952270-3409043217-1000 2017-09-22 00:27 - 2015-08-01 02:07 - 000002463 _____ C:\Users\Emeline\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk 2017-09-22 00:27 - 2015-08-01 02:07 - 000000000 ___RD C:\Users\Emeline\OneDrive 2017-09-21 00:23 - 2017-09-10 21:18 - 000000000 ____D C:\WINDOWS\Minidump 2017-09-18 18:21 - 2017-05-14 03:20 - 000007102 _____ C:\WINDOWS\system32\PerfStringBackup.INI 2017-09-18 18:21 - 2017-03-20 07:10 - 003017376 _____ C:\WINDOWS\system32\perfh00C.dat 2017-09-18 18:21 - 2017-03-20 07:10 - 000808258 _____ C:\WINDOWS\system32\perfc00C.dat 2017-09-17 23:03 - 2017-06-07 15:16 - 000014062 _____ C:\Users\Emeline\Desktop\Recherche_emploi.odt 2017-09-17 18:14 - 2017-09-12 21:30 - 000018283 _____ C:\Users\Emeline\Desktop\Journal de bord.odt 2017-09-16 01:30 - 2017-03-18 23:03 - 000000000 ____D C:\WINDOWS\rescache 2017-09-14 17:02 - 2015-08-01 01:47 - 000000000 __RHD C:\Users\Public\AccountPictures 2017-09-14 04:16 - 2017-03-18 23:03 - 000000000 ___SD C:\WINDOWS\SysWOW64\F12 2017-09-14 04:16 - 2017-03-18 23:03 - 000000000 ____D C:\WINDOWS\SysWOW64\setup 2017-09-14 04:15 - 2017-03-20 07:10 - 000000000 ____D C:\WINDOWS\system32\fr 2017-09-14 04:15 - 2017-03-18 23:03 - 000000000 ___SD C:\WINDOWS\system32\F12 2017-09-14 04:15 - 2017-03-18 23:03 - 000000000 ____D C:\WINDOWS\system32\WinBioPlugIns 2017-09-14 04:15 - 2017-03-18 23:03 - 000000000 ____D C:\WINDOWS\system32\setup 2017-09-14 04:15 - 2017-03-18 23:03 - 000000000 ____D C:\WINDOWS\ShellExperiences 2017-09-14 04:15 - 2017-03-18 23:03 - 000000000 ____D C:\Program Files\Windows Photo Viewer 2017-09-14 04:15 - 2017-03-18 23:03 - 000000000 ____D C:\Program Files (x86)\Windows Photo Viewer ==================== Fichiers à la racine de certains dossiers ======= 2016-12-17 17:21 - 2016-12-17 17:21 - 007680000 _____ () C:\Program Files (x86)\GUT7A46.tmp 2012-08-17 01:03 - 2012-08-17 01:03 - 000000006 _____ () C:\Program Files (x86)\Common Files\WPVersion.txt 2015-11-29 16:41 - 2015-12-20 21:13 - 000000034 _____ () C:\Users\Emeline\AppData\Roaming\AdobeWLCMCache.dat 2016-12-12 15:58 - 2016-12-12 15:58 - 000017964 _____ () C:\Users\Emeline\AppData\Roaming\Palomina 2014-01-26 04:23 - 2014-02-14 00:10 - 000000097 _____ () C:\Users\Emeline\AppData\Roaming\WB.CFG 2015-11-24 15:14 - 2015-11-24 16:24 - 000001456 _____ () C:\Users\Emeline\AppData\Local\Adobe Enregistrer pour le Web 13.0 Prefs 2012-02-29 13:48 - 2015-12-10 14:34 - 000023040 _____ () C:\Users\Emeline\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini 2013-03-17 01:09 - 2013-03-17 01:09 - 000000095 _____ () C:\Users\Emeline\AppData\Local\fusioncache.dat 2017-10-05 01:18 - 2017-10-05 01:18 - 000004780 _____ () C:\Users\Emeline\AppData\Local\recently-used.xbel 2012-12-25 06:53 - 2012-12-25 06:53 - 000150889 _____ () C:\Users\Emeline\AppData\Local\speeddial.crx 2017-03-27 23:29 - 2017-03-27 23:29 - 000000000 _____ () C:\Users\Emeline\AppData\Local\{FEB3CDF7-ED71-4803-A7AD-9880647B37DC} 2012-12-23 03:05 - 2012-12-23 03:05 - 000000105 _____ () C:\ProgramData\Microsoft.SqlServer.Compact.351.32.bc 2013-12-28 17:59 - 2013-12-28 17:59 - 000000086 _____ () C:\ProgramData\Microsoft.SqlServer.Compact.400.32.bc Fichiers à déplacer ou supprimer: ==================== C:\Users\Emeline\dotNetFx40_Full_setup.exe ==================== Bamital & volsnap ====================== (Il n'y a pas de correction automatique pour les fichiers qui ne satisfont pas à la vérification.) C:\WINDOWS\system32\winlogon.exe => Le fichier est signé numériquement C:\WINDOWS\system32\wininit.exe => Le fichier est signé numériquement C:\WINDOWS\explorer.exe => Le fichier est signé numériquement C:\WINDOWS\SysWOW64\explorer.exe => Le fichier est signé numériquement C:\WINDOWS\system32\svchost.exe => Le fichier est signé numériquement C:\WINDOWS\SysWOW64\svchost.exe => Le fichier est signé numériquement C:\WINDOWS\system32\services.exe => Le fichier est signé numériquement C:\WINDOWS\system32\User32.dll => Le fichier est signé numériquement C:\WINDOWS\SysWOW64\User32.dll => Le fichier est signé numériquement C:\WINDOWS\system32\userinit.exe => Le fichier est signé numériquement C:\WINDOWS\SysWOW64\userinit.exe => Le fichier est signé numériquement C:\WINDOWS\system32\rpcss.dll => Le fichier est signé numériquement C:\WINDOWS\system32\dnsapi.dll => Le fichier est signé numériquement C:\WINDOWS\SysWOW64\dnsapi.dll => Le fichier est signé numériquement C:\WINDOWS\system32\Drivers\volsnap.sys => Le fichier est signé numériquement LastRegBack: 2017-10-09 18:19 ==================== Fin de FRST.txt ============================