Publicité
Publicité
Format du document : text/plain
Prévisualisation
Résultats d'analyse de Farbar Recovery Scan Tool (FRST) (x86) Version: 03-11-2016
Exécuté par les 4 ballon (administrateur) sur LES4BALLON-PC (06-11-2016 11:07:24)
Exécuté depuis C:\Users\les 4 ballon\Desktop
Profils chargés: les 4 ballon (Profils disponibles: les 4 ballon & UpdatusUser)
Platform: Microsoft Windows 7 Édition Intégrale Service Pack 1 (X86) Langue: Français (France)
Internet Explorer Version 11 (Navigateur par défaut: Chrome)
Mode d'amorçage: Normal
Tutoriel pour Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processus (Avec liste blanche) =================
(Si un élément est inclus dans le fichier fixlist.txt, le processus sera arrêté. Le fichier ne sera pas déplacé.)
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Autodesk, Inc.) C:\Program Files\Autodesk\Content Service\Connect.Service.ContentService.exe
(Seiko Epson Corporation) C:\Windows\System32\escsvc.exe
(SEIKO EPSON CORPORATION) C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S50RP7.EXE
(Lavasoft Limited) C:\Program Files\Lavasoft\Web Companion\TcpService\2.3.4.7\LavasoftTcpService.exe
(Microsoft Corporation) C:\Program Files\Microsoft LifeCam\MSCamS32.exe
(pdfforge GmbH) C:\Program Files\PDF Architect 4\creator-ws.exe
(© pdfforge GmbH.) C:\ProgramData\pdfforge\PDF Architect 4 Manager\PDF Architect 4\Architect Manager.exe
(TeamViewer GmbH) C:\Program Files\TeamViewer\Version6\TeamViewer_Service.exe
() C:\Program Files\Lavasoft\Web Companion\Application\Lavasoft.WCAssistant.WinService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Microsoft Corporation) C:\Windows\vVX3000.exe
(Adobe Systems Incorporated) C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
(Sun Microsystems, Inc.) C:\Program Files\Common Files\Java\Java Update\jusched.exe
(Wondershare) C:\Program Files\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe
(SEIKO EPSON CORPORATION) C:\Windows\System32\spool\drivers\w32x86\3\E_FATIIKE.EXE
(Akamai Technologies, Inc.) C:\Users\les 4 ballon\AppData\Local\Akamai\netsession_win.exe
(Autodesk, Inc.) C:\Program Files\Autodesk\Autodesk Sync\AdSync.exe
(Akamai Technologies, Inc.) C:\Users\les 4 ballon\AppData\Local\Akamai\netsession_win.exe
(Lavasoft) C:\Program Files\Lavasoft\Web Companion\Application\WebCompanion.exe
() C:\Users\les 4 ballon\AppData\Local\Facebook\Games\FacebookGamesNotifier.exe
(The CefSharp Authors) C:\Users\les 4 ballon\AppData\Local\Facebook\Games\CefSharp.BrowserSubprocess.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
(Sun Microsystems, Inc.) C:\Program Files\Common Files\Java\Java Update\jucheck.exe
(The CefSharp Authors) C:\Users\les 4 ballon\AppData\Local\Facebook\Games\CefSharp.BrowserSubprocess.exe
==================== Registre (Avec liste blanche) ====================
(Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé. Le fichier ne sera pas déplacé.)
HKLM\...\Run: [avast] => C:\Program Files\AVAST Software\Avast\avastUI.exe [4858968 2014-01-22] (AVAST Software)
HKLM\...\Run: [VX3000] => C:\Windows\vVX3000.exe [762736 2010-05-20] (Microsoft Corporation)
HKLM\...\Run: [LifeCam] => C:\Program Files\Microsoft LifeCam\LifeExp.exe [119152 2010-05-20] (Microsoft Corporation)
HKLM\...\Run: [Adobe ARM] => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [937920 2011-06-06] (Adobe Systems Incorporated)
HKLM\...\Run: [SunJavaUpdateSched] => C:\Program Files\Common Files\Java\Java Update\jusched.exe [246504 2010-01-11] (Sun Microsystems, Inc.)
HKLM\...\Run: [Wondershare Helper Compact.exe] => C:\Program Files\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe [2020704 2014-08-05] (Wondershare)
HKLM\...\Run: [DelaypluginInstall] => C:\ProgramData\Wondershare\Video Converter Ultimate\DelayPluginI.exe
HKLM\...\Run: [BCSSync] => C:\Program Files\Microsoft Office\Office14\BCSSync.exe [89184 2012-11-05] (Microsoft Corporation)
HKU\S-1-5-21-1287516834-2338127881-1189959688-1001\...\Run: [msnmsgr] => "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
HKU\S-1-5-21-1287516834-2338127881-1189959688-1001\...\Run: [Orange Installer] => C:\Program Files\Orange\Orange Installer\OrangeInstaller.exe [561320 2012-11-27] ()
HKU\S-1-5-21-1287516834-2338127881-1189959688-1001\...\Run: [EPLTarget\P0000000000000000] => C:\Windows\system32\spool\DRIVERS\W32X86\3\E_FATIIKE.EXE [249440 2012-02-29] (SEIKO EPSON CORPORATION)
HKU\S-1-5-21-1287516834-2338127881-1189959688-1001\...\Run: [Akamai NetSession Interface] => C:\Users\les 4 ballon\AppData\Local\Akamai\netsession_win.exe [4691384 2015-09-10] (Akamai Technologies, Inc.)
HKU\S-1-5-21-1287516834-2338127881-1189959688-1001\...\Run: [Autodesk Sync] => C:\Program Files\Autodesk\Autodesk Sync\AdSync.exe [894344 2013-02-05] (Autodesk, Inc.)
HKU\S-1-5-21-1287516834-2338127881-1189959688-1001\...\Run: [Speech Recognition] => C:\Windows\Speech\Common\sapisvr.exe [51712 2009-07-14] (Microsoft Corporation)
HKU\S-1-5-21-1287516834-2338127881-1189959688-1001\...\Run: [PCKeeperLive] => "C:\Program Files\Essentware\PCKeeper\PCKeeper.exe" /autorun
HKU\S-1-5-21-1287516834-2338127881-1189959688-1001\...\Run: [PCKeeper Antivirus] => "C:\Program Files\Essentware\PCKAV\PCKAV.exe" /autorun
HKU\S-1-5-21-1287516834-2338127881-1189959688-1001\...\Run: [Web Companion] => C:\Program Files\Lavasoft\Web Companion\Application\WebCompanion.exe [1790616 2016-11-03] (Lavasoft)
HKU\S-1-5-21-1287516834-2338127881-1189959688-1001\...\Policies\Explorer: []
HKU\S-1-5-21-1287516834-2338127881-1189959688-1001\...\MountPoints2: {51466147-a346-11e0-81a5-806e6f6e6963} - D:\start.exe
HKU\S-1-5-21-1287516834-2338127881-1189959688-1001\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Users\LES4BA~1\DOWNLO~1\horloge.scr
HKU\S-1-5-18\...\Run: [SearchProtect] => \SearchProtect\bin\cltmng.exe
HKU\S-1-5-18\...\Run: [Autodesk Sync] => C:\Program Files\Autodesk\Autodesk Sync\AdSync.exe [894344 2013-02-05] (Autodesk, Inc.)
AppInit_DLLs: C:\PROGRA~1\SEARCH~1\Datamngr\mgrldr.dll => Pas de fichier
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2014-01-22] (AVAST Software)
ShellIconOverlayIdentifiers: [AutoCAD Digital Signatures Icon Overlay Handler] -> {36A21736-36C2-4C11-8ACB-D4136F2B57BD} => C:\Windows\system32\AcSignIcon.dll [2013-02-08] (Autodesk, Inc.)
Startup: C:\Users\les 4 ballon\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\FacebookGamesNotifier.exe.lnk [2016-08-26]
ShortcutTarget: FacebookGamesNotifier.exe.lnk -> C:\Users\les 4 ballon\AppData\Local\Facebook\Games\FacebookGamesNotifier.exe ()
Startup: C:\Users\les 4 ballon\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.3.lnk [2011-07-01]
ShortcutTarget: OpenOffice.org 3.3.lnk -> C:\Program Files\OpenOffice.org 3\program\quickstart.exe ()
GroupPolicy: Restriction - Chrome <======= ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Restriction <======= ATTENTION
==================== Internet (Avec liste blanche) ====================
(Si un élément est inclus dans le fichier fixlist.txt, s'il s'agit d'un élément du Registre, il sera supprimé ou restauré à la valeur par défaut.)
ProxyEnable: [S-1-5-21-1287516834-2338127881-1189959688-1001] => Proxy est activé.
Winsock: Catalog9 01 C:\Windows\system32\LavasoftTcpService.dll [345360 2016-11-03] (Lavasoft Limited)
Winsock: Catalog9 02 C:\Windows\system32\LavasoftTcpService.dll [345360 2016-11-03] (Lavasoft Limited)
Winsock: Catalog9 03 C:\Windows\system32\LavasoftTcpService.dll [345360 2016-11-03] (Lavasoft Limited)
Winsock: Catalog9 04 C:\Windows\system32\LavasoftTcpService.dll [345360 2016-11-03] (Lavasoft Limited)
Winsock: Catalog9 25 C:\Windows\system32\LavasoftTcpService.dll [345360 2016-11-03] (Lavasoft Limited)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{8EFF417F-12CC-4CBA-89A3-5E63F33B6091}: [DhcpNameServer] 192.168.1.1
Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://fr.yahoo.com/?fr=hp-avast&type=avastbcl
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKU\S-1-5-21-1287516834-2338127881-1189959688-1001\Software\Microsoft\Internet Explorer\Main,Search Page = hxxps://fr.search.yahoo.com/yhs/search?type=avastbcl&hspart=avast&hsimp=yhs-001&p={searchTerms}
HKU\S-1-5-21-1287516834-2338127881-1189959688-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.fr/
HKU\S-1-5-21-1287516834-2338127881-1189959688-1001\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxps://fr.yahoo.com/?fr=hp-avast&type=avastbcl
URLSearchHook: HKU\S-1-5-21-1287516834-2338127881-1189959688-1001 - (Pas de nom) - {8e5025c2-8ea3-430d-80b8-a14151068a6d} - Pas de fichier
SearchScopes: HKLM -> DefaultScope {9CB96984-43C3-4D44-90EF-01466EFCF7BB} URL = hxxps://fr.search.yahoo.com/yhs/search?type=avastbcl&hspart=avast&hsimp=yhs-001&p={searchTerms}
SearchScopes: HKLM -> {9BB47C17-9C68-4BB3-B188-DD9AF0FD2410} URL = hxxp://dts.search-results.com/sr?src=ieb&gct=ds&appid=0&systemid=410&apn_uid=3496010263334854&apn_dtid=BND410&o=APN10649&apn_ptnrs=AGA&q={searchTerms}
SearchScopes: HKLM -> {9CB96984-43C3-4D44-90EF-01466EFCF7BB} URL = hxxps://fr.search.yahoo.com/yhs/search?type=avastbcl&hspart=avast&hsimp=yhs-001&p={searchTerms}
SearchScopes: HKU\S-1-5-21-1287516834-2338127881-1189959688-1001 -> DefaultScope {593E4790-8941-4CF1-90DB-2D2D7C07AE7A} URL = hxxp://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT3285358&CUI=UN16944676761140113&UM=2
SearchScopes: HKU\S-1-5-21-1287516834-2338127881-1189959688-1001 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?pc=COSP&ptag=D110316-A8D15A5DDE3&form=CONBDF&conlogo=CT3335578&q={searchTerms}
SearchScopes: HKU\S-1-5-21-1287516834-2338127881-1189959688-1001 -> {593E4790-8941-4CF1-90DB-2D2D7C07AE7A} URL = hxxp://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT3285358&CUI=UN16944676761140113&UM=2
SearchScopes: HKU\S-1-5-21-1287516834-2338127881-1189959688-1001 -> {9BB47C17-9C68-4BB3-B188-DD9AF0FD2410} URL = hxxp://dts.search-results.com/sr?src=ieb&gct=ds&appid=0&systemid=410&apn_uid=3496010263334854&apn_dtid=BND410&o=APN10649&apn_ptnrs=AGA&q={searchTerms}
SearchScopes: HKU\S-1-5-21-1287516834-2338127881-1189959688-1001 -> {9CB96984-43C3-4D44-90EF-01466EFCF7BB} URL = hxxps://fr.search.yahoo.com/yhs/search?type=avastbcl&hspart=avast&hsimp=yhs-001&p={searchTerms}
BHO: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2011-06-06] (Adobe Systems Incorporated)
BHO: PDF Architect 4 Helper -> {38279E1A-7019-40C1-B579-E99DFB3312E8} -> C:\Program Files\PDF Architect 4\creator-ie-helper.dll [2016-08-05] (pdfforge GmbH)
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-19] (Microsoft Corporation)
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2014-01-22] (AVAST Software)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre6\bin\jp2ssv.dll [2011-10-30] (Sun Microsystems, Inc.)
BHO: Shareiiit -> {E7AB3DAE-5A7A-41A7-8258-BD60657392E2} -> C:\Program Files\Shareiiit\ScriptHost.dll [2012-06-12] ()
Toolbar: HKLM - avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2014-01-22] (AVAST Software)
Toolbar: HKLM - PDF Architect 4 Toolbar - {23FD9C33-A9E1-48A1-8404-E5925CF1C8E1} - C:\Program Files\PDF Architect 4\creator-ie-plugin.dll [2016-08-05] (pdfforge GmbH)
FireFox:
========
FF HKLM\...\Firefox\Extensions: [pdf_architect_4_conv@pdfarchitect.org] - C:\Program Files\PDF Architect 4\resources\pdfarchitect4firefoxextension
FF Extension: (PDF Architect 4 Creator) - C:\Program Files\PDF Architect 4\resources\pdfarchitect4firefoxextension [2016-11-03] [non signé]
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32.dll [2011-11-19] ()
FF Plugin: @microsoft.com/GENUINE -> C:\Windows\system32\Wat\npWatWeb.dll [2015-10-06] (Microsoft Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.50901.0\npctrl.dll [2016-08-31] ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MIF5BA~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MIF5BA~1\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll [Pas de fichier]
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-08-26] (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-08-26] (Google Inc.)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll [2011-06-06] (Adobe Systems Inc.)
Chrome:
=======
CHR DefaultProfile: Default
CHR HomePage: Default -> hxxp://r.orange.fr/r/Ohome_portail?ref=O_OI_defaultPage_CH
CHR StartupUrls: Default -> "hxxp://www.google.fr/"
CHR Plugin: (Native Client) - C:\Program Files\Google\Chrome\Application\54.0.2840.71\ppGoogleNaClPluginChrome.dll => Pas de fichier
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files\Google\Chrome\Application\54.0.2840.71\pdf.dll => Pas de fichier
CHR Plugin: (Shockwave Flash) - C:\Program Files\Google\Chrome\Application\54.0.2840.71\gcswf32.dll => Pas de fichier
CHR Plugin: (Shockwave Flash) - C:\Windows\system32\Macromed\Flash\NPSWF32.dll ()
CHR Plugin: (Adobe Acrobat) - C:\Program Files\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll (Adobe Systems Inc.)
CHR Plugin: (Java Deployment Toolkit 6.0.180.7) - C:\Program Files\Java\jre6\bin\new_plugin\npdeploytk.dll (Sun Microsystems, Inc.)
CHR Plugin: (Java(TM) Platform SE 6 U18) - C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
CHR Plugin: (QuickTime Plug-in 7.1.6) - C:\Program Files\QuickTime\plugins\npqtplugin.dll => Pas de fichier
CHR Plugin: (QuickTime Plug-in 7.1.6) - C:\Program Files\QuickTime\plugins\npqtplugin2.dll => Pas de fichier
CHR Plugin: (QuickTime Plug-in 7.1.6) - C:\Program Files\QuickTime\plugins\npqtplugin3.dll => Pas de fichier
CHR Plugin: (QuickTime Plug-in 7.1.6) - C:\Program Files\QuickTime\plugins\npqtplugin4.dll => Pas de fichier
CHR Plugin: (QuickTime Plug-in 7.1.6) - C:\Program Files\QuickTime\plugins\npqtplugin5.dll => Pas de fichier
CHR Plugin: (QuickTime Plug-in 7.1.6) - C:\Program Files\QuickTime\plugins\npqtplugin6.dll => Pas de fichier
CHR Plugin: (QuickTime Plug-in 7.1.6) - C:\Program Files\QuickTime\plugins\npqtplugin7.dll => Pas de fichier
CHR Plugin: (Google Talk Plugin) - C:\Users\les 4 ballon\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll => Pas de fichier
CHR Plugin: (Google Talk Plugin Video Accelerator) - C:\Users\les 4 ballon\AppData\Roaming\Mozilla\plugins\npgtpo3dautoplugin.dll => Pas de fichier
CHR Plugin: (Windows Live Photo Gallery) - C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll => Pas de fichier
CHR Plugin: (Unity Player) - C:\Users\les 4 ballon\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll => Pas de fichier
CHR Plugin: (Facebook Video Calling Plugin) - C:\Users\les 4 ballon\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll => Pas de fichier
CHR Plugin: (Google Update) - C:\Users\les 4 ballon\AppData\Local\Google\Update\1.3.21.111\npGoogleUpdate3.dll => Pas de fichier
CHR Plugin: (Silverlight Plug-In) - c:\Program Files\Microsoft Silverlight\4.1.10329.0\npctrl.dll => Pas de fichier
CHR Profile: C:\Users\les 4 ballon\AppData\Local\Google\Chrome\User Data\Default [2016-11-06]
CHR Extension: (Adblock Plus) - C:\Users\les 4 ballon\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2016-10-27]
CHR Extension: (ZipArcade Ads) - C:\Users\les 4 ballon\AppData\Local\Google\Chrome\User Data\Default\Extensions\ebdhjmlocoglfmofdbbedcpflikfhilh [2016-10-06]
CHR Extension: (avast! Ad Blocker) - C:\Users\les 4 ballon\AppData\Local\Google\Chrome\User Data\Default\Extensions\fplhdcjmbpfkejbhngmlngaecbjmoimd [2016-08-26] [UpdateUrl: hxxps://update.adblockplus.org/avast-adblocker.xml] <==== ATTENTION
CHR Extension: (Horloge) - C:\Users\les 4 ballon\AppData\Local\Google\Chrome\User Data\Default\Extensions\gdkjifoifglkpcdffkenpinlbjgephlo [2015-10-05]
CHR Extension: (Retrogamer) - C:\Users\les 4 ballon\AppData\Local\Google\Chrome\User Data\Default\Extensions\gjjcikpknngnligmfglfojkhjkdcmdim [2016-03-19]
CHR Extension: (Core) - C:\Users\les 4 ballon\AppData\Local\Google\Chrome\User Data\Default\Extensions\gkhcgfdghbiidgeccbldhfceleibkkpe [2015-10-05]
CHR Extension: (Quick MP3 Search) - C:\Users\les 4 ballon\AppData\Local\Google\Chrome\User Data\Default\Extensions\ldaagbccpofpobgonoepcnoahbnkljno [2016-06-19]
CHR Extension: (Paiements via le Chrome Web Store) - C:\Users\les 4 ballon\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-04-07]
CHR Extension: (Chrome Media Router) - C:\Users\les 4 ballon\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2016-10-28]
CHR HKLM\...\Chrome\Extension: [ehdmaehkiiampolokajdcelladmnopgp] - C:\Users\les 4 ballon\AppData\Local\CRE\ehdmaehkiiampolokajdcelladmnopgp.crx
CHR HKLM\...\Chrome\Extension: [fplhdcjmbpfkejbhngmlngaecbjmoimd] - C:\Program Files\AVAST Software\Avast\AdBlocker\Chrome\avast-adblocker-chrome.crx [2013-02-25]
CHR HKLM\...\Chrome\Extension: [hakpajgggjjcjmidfbnnncnbaihjneaj] - C:\Users\les 4 ballon\AppData\Local\CRE\hakpajgggjjcjmidfbnnncnbaihjneaj.crx
CHR HKLM\...\Chrome\Extension: [iijmpjamifmplbakhgikofogdfackici] - C:\ProgramData\Wondershare\Video Converter Ultimate\WSVCU@Wondershare.com.crx
CHR HKU\S-1-5-21-1287516834-2338127881-1189959688-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [ehdmaehkiiampolokajdcelladmnopgp] - C:\Users\les 4 ballon\AppData\Local\CRE\ehdmaehkiiampolokajdcelladmnopgp.crx
CHR HKU\S-1-5-21-1287516834-2338127881-1189959688-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [hakpajgggjjcjmidfbnnncnbaihjneaj] - C:\Users\les 4 ballon\AppData\Local\CRE\hakpajgggjjcjmidfbnnncnbaihjneaj.crx
==================== Services (Avec liste blanche) ====================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
R2 Autodesk Content Service; C:\Program Files\Autodesk\Content Service\Connect.Service.ContentService.exe [12288 2012-12-13] (Autodesk, Inc.) [Fichier non signé]
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [46808 2014-01-22] (AVAST Software)
R2 EpsonScanSvc; C:\Windows\system32\EscSvc.exe [122000 2011-12-11] (Seiko Epson Corporation)
R2 EPSON_PM_RPCV4_04; C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S50RP7.EXE [142432 2012-02-21] (SEIKO EPSON CORPORATION)
S3 FlexNet Licensing Service; C:\Program Files\Common Files\Macrovision Shared\FlexNet Publisher\FNPLicensingService.exe [1087792 2016-04-25] (Flexera Software LLC)
R2 LavasoftTcpService; C:\Program Files\Lavasoft\Web Companion\TcpService\2.3.4.7\LavasoftTcpService.exe [2751760 2016-11-03] (Lavasoft Limited)
S3 PDF Architect 4; C:\Program Files\PDF Architect 4\ws.exe [2236640 2016-08-05] (pdfforge GmbH)
S3 PDF Architect 4 CrashHandler; C:\Program Files\PDF Architect 4\crash-handler-ws.exe [970976 2016-08-05] (pdfforge GmbH)
R2 PDF Architect 4 Creator; C:\Program Files\PDF Architect 4\creator-ws.exe [772832 2016-08-05] (pdfforge GmbH)
R2 PDF Architect 4 Manager; C:\ProgramData\pdfforge\PDF Architect 4 Manager\PDF Architect 4\Architect Manager.exe [972056 2016-05-18] (© pdfforge GmbH.)
R2 WCAssistantService; C:\Program Files\Lavasoft\Web Companion\Application\Lavasoft.WCAssistant.WinService.exe [25240 2016-11-03] ()
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [680960 2013-05-27] (Microsoft Corporation)
S2 ReimageRealTimeProtector; C:\Program Files\Reimage\Reimage Protector\ReiGuard.exe [X]
===================== Pilotes (Avec liste blanche) ======================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
R2 aswFsBlk; C:\Windows\system32\Drivers\aswFsBlk.sys [29816 2014-01-22] (AVAST Software)
R1 aswKbd; C:\Windows\system32\Drivers\aswKbd.sys [21576 2013-05-09] (AVAST Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [66336 2014-01-22] (AVAST Software)
R1 aswRdr; C:\Windows\System32\Drivers\aswrdr2.sys [61680 2014-01-22] (AVAST Software)
R0 aswRvrt; C:\Windows\system32\Drivers\aswRvrt.sys [49376 2014-01-22] ()
R1 aswSnx; C:\Windows\system32\Drivers\aswSnx.sys [770784 2014-12-31] (AVAST Software)
R1 aswSP; C:\Windows\system32\Drivers\aswSP.sys [369584 2014-01-22] (AVAST Software)
R1 aswTdi; C:\Windows\system32\Drivers\aswTdi.sys [56080 2014-01-22] (AVAST Software)
R0 aswVmm; C:\Windows\system32\Drivers\aswVmm.sys [175176 2014-01-22] ()
R0 sptd; C:\Windows\System32\Drivers\sptd.sys [721904 2015-01-12] () [Fichier non signé]
S3 USBAAPL; C:\Windows\System32\Drivers\usbaapl.sys [45056 2012-12-13] (Apple, Inc.) [Fichier non signé]
S3 cpuz134; \??\C:\Users\LES4BA~1\AppData\Local\Temp\cpuz134\cpuz134_x32.sys [X]
S3 Synth3dVsc; System32\drivers\synth3dvsc.sys [X]
S3 tsusbhub; system32\drivers\tsusbhub.sys [X]
S3 usb_rndisx; \SystemRoot\system32\drivers\usb8023x.sys [X]
S3 VGPU; System32\drivers\rdvgkmd.sys [X]
==================== NetSvcs (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
==================== Un mois - Créés - fichiers et dossiers ========
(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)
2016-11-06 11:07 - 2016-11-06 11:08 - 00023163 _____ C:\Users\les 4 ballon\Desktop\FRST.txt
2016-11-06 11:07 - 2016-11-06 11:07 - 00000000 ____D C:\FRST
2016-11-06 11:06 - 2016-11-06 11:06 - 01759744 _____ (Farbar) C:\Users\les 4 ballon\Desktop\FRST.exe
2016-11-06 11:02 - 2016-11-06 11:03 - 02409984 _____ (Farbar) C:\Users\les 4 ballon\Desktop\FRST64.exe
2016-11-04 22:21 - 2016-11-04 22:21 - 00000573 _____ C:\Users\les 4 ballon\Desktop\secrétaire indépendante.lnk
2016-11-04 22:19 - 2016-11-06 10:38 - 00000000 ____D C:\Users\les 4 ballon\Desktop\secrétaire indépendante
2016-11-04 05:28 - 2016-11-04 05:28 - 00059307 _____ C:\Users\les 4 ballon\Desktop\INFORMATIONDENONEXECUTIONDEPRELEVEMENTSEPA_20161003.pdf
2016-11-04 05:27 - 2016-11-04 05:27 - 00059293 _____ C:\Users\les 4 ballon\Desktop\INFORMATIONDENONEXECUTIONDEPRELEVEMENTSEPA_20161031.pdf
2016-11-03 10:29 - 2016-11-03 14:56 - 00000000 ____D C:\Users\les 4 ballon\Desktop\boulot fab
2016-11-03 10:19 - 2016-11-03 10:19 - 00000000 ____D C:\Users\les 4 ballon\AppData\Local\Lavasoft
2016-11-03 10:19 - 2016-11-03 10:19 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lavasoft
2016-11-03 10:18 - 2016-11-03 10:18 - 00002872 _____ C:\Windows\system32\LavasoftTcpServiceOff.ini
2016-11-03 10:18 - 2016-11-03 10:18 - 00000000 ____D C:\Users\les 4 ballon\AppData\Roaming\Lavasoft
2016-11-03 10:17 - 2016-11-03 10:17 - 00345360 _____ (Lavasoft Limited) C:\Windows\system32\LavasoftTcpService.dll
2016-11-03 10:17 - 2016-11-03 10:17 - 00000000 ____D C:\Program Files\Lavasoft
2016-11-03 10:16 - 2016-11-03 10:16 - 00000000 ____D C:\Users\les 4 ballon\AppData\Local\PDFCreator
2016-11-03 10:16 - 2016-11-03 10:16 - 00000000 ____D C:\ProgramData\Lavasoft
2016-11-03 10:15 - 2016-11-03 10:15 - 00000000 ____D C:\ProgramData\pdfforge
2016-11-03 10:14 - 2016-11-03 10:34 - 00000000 ____D C:\Users\les 4 ballon\AppData\Roaming\PDF Architect 4
2016-11-03 10:14 - 2016-11-03 10:14 - 00000957 _____ C:\Users\Public\Desktop\PDF Architect 4.lnk
2016-11-03 10:12 - 2016-11-03 10:12 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PDF Architect 4
2016-11-03 10:11 - 2016-11-03 10:14 - 00000000 ____D C:\Program Files\PDF Architect 4
2016-11-03 10:11 - 2016-11-03 10:11 - 00000000 ____D C:\Users\les 4 ballon\Documents\PDF Architect
2016-11-03 10:11 - 2016-11-03 10:11 - 00000000 ____D C:\Program Files\Common Files\PDF Software
2016-11-03 10:08 - 2016-11-03 10:34 - 00000000 ____D C:\ProgramData\PDF Architect 4
2016-11-03 10:08 - 2016-11-03 10:16 - 00000000 ____D C:\Program Files\PDFCreator
2016-11-03 10:08 - 2016-11-03 10:08 - 00096256 _____ (pdfforge GmbH) C:\Windows\system32\pdfcmon.dll
2016-11-03 10:08 - 2016-11-03 10:08 - 00000993 _____ C:\Users\Public\Desktop\PDFCreator.lnk
2016-11-03 10:08 - 2016-11-03 10:08 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PDFCreator
2016-11-03 10:05 - 2016-11-03 10:06 - 28398896 _____ (pdfforge GmbH ) C:\Users\les 4 ballon\Desktop\PDFCreator-2_4_0-Setup.exe
2016-10-11 22:58 - 2016-09-30 06:47 - 20306944 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2016-10-11 22:58 - 2016-07-22 15:51 - 00123904 _____ (Microsoft Corporation) C:\Windows\system32\poqexec.exe
2016-10-11 22:57 - 2016-09-30 20:28 - 00346312 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2016-10-11 22:57 - 2016-09-30 16:20 - 04000488 _____ (Microsoft Corporation) C:\Windows\system32\ntkrnlpa.exe
2016-10-11 22:57 - 2016-09-30 16:20 - 03944680 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2016-10-11 22:57 - 2016-09-30 06:54 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2016-10-11 22:57 - 2016-09-30 06:54 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2016-10-11 22:57 - 2016-09-30 06:42 - 00498688 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2016-10-11 22:57 - 2016-09-30 06:42 - 00341504 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2016-10-11 22:57 - 2016-09-30 06:42 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2016-10-11 22:57 - 2016-09-30 06:42 - 00047616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2016-10-11 22:57 - 2016-09-30 06:41 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2016-10-11 22:57 - 2016-09-30 06:38 - 02286592 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2016-10-11 22:57 - 2016-09-30 06:36 - 00047104 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2016-10-11 22:57 - 2016-09-30 06:35 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2016-10-11 22:57 - 2016-09-30 06:33 - 00476160 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2016-10-11 22:57 - 2016-09-30 06:32 - 00663552 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2016-10-11 22:57 - 2016-09-30 06:32 - 00620032 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2016-10-11 22:57 - 2016-09-30 06:32 - 00115712 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2016-10-11 22:57 - 2016-09-30 06:32 - 00102912 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2016-10-11 22:57 - 2016-09-30 06:27 - 00667648 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2016-10-11 22:57 - 2016-09-30 06:24 - 00416256 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2016-10-11 22:57 - 2016-09-30 06:19 - 00091136 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2016-10-11 22:57 - 2016-09-30 06:19 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2016-10-11 22:57 - 2016-09-30 06:17 - 00168960 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2016-10-11 22:57 - 2016-09-30 06:15 - 00076288 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2016-10-11 22:57 - 2016-09-30 06:14 - 00279040 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2016-10-11 22:57 - 2016-09-30 06:13 - 00130048 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2016-10-11 22:57 - 2016-09-30 06:12 - 04608512 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2016-10-11 22:57 - 2016-09-30 06:07 - 00230400 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2016-10-11 22:57 - 2016-09-30 06:05 - 02055680 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2016-10-11 22:57 - 2016-09-30 06:05 - 01155072 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2016-10-11 22:57 - 2016-09-30 06:05 - 00693248 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2016-10-11 22:57 - 2016-09-30 06:05 - 00689152 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2016-10-11 22:57 - 2016-09-30 06:03 - 13653504 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2016-10-11 22:57 - 2016-09-30 05:46 - 02444288 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2016-10-11 22:57 - 2016-09-30 05:43 - 01312768 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2016-10-11 22:57 - 2016-09-30 05:42 - 00710144 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2016-10-11 22:57 - 2016-09-15 16:15 - 00741888 _____ (Microsoft Corporation) C:\Windows\system32\inetcomm.dll
2016-10-11 22:57 - 2016-09-15 16:15 - 00084480 _____ (Microsoft Corporation) C:\Windows\system32\INETRES.dll
2016-10-11 22:57 - 2016-09-12 21:53 - 00137960 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2016-10-11 22:57 - 2016-09-12 21:53 - 00067304 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2016-10-11 22:57 - 2016-09-12 21:49 - 01063936 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2016-10-11 22:57 - 2016-09-12 21:49 - 00690688 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2016-10-11 22:57 - 2016-09-12 21:49 - 00655360 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2016-10-11 22:57 - 2016-09-12 21:49 - 00553472 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2016-10-11 22:57 - 2016-09-12 21:49 - 00260608 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2016-10-11 22:57 - 2016-09-12 21:49 - 00254464 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2016-10-11 22:57 - 2016-09-12 21:49 - 00223232 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2016-10-11 22:57 - 2016-09-12 21:49 - 00172032 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2016-10-11 22:57 - 2016-09-12 21:49 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2016-10-11 22:57 - 2016-09-12 21:49 - 00141312 _____ (Microsoft Corporation) C:\Windows\system32\rpchttp.dll
2016-10-11 22:57 - 2016-09-12 21:49 - 00099840 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2016-10-11 22:57 - 2016-09-12 21:49 - 00076800 _____ (Microsoft Corporation) C:\Windows\system32\adsmsext.dll
2016-10-11 22:57 - 2016-09-12 21:49 - 00065536 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2016-10-11 22:57 - 2016-09-12 21:49 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2016-10-11 22:57 - 2016-09-12 21:49 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2016-10-11 22:57 - 2016-09-12 21:49 - 00017408 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2016-10-11 22:57 - 2016-09-12 21:29 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2016-10-11 22:57 - 2016-09-12 21:28 - 02399232 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2016-10-11 22:57 - 2016-09-12 21:26 - 00226304 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2016-10-11 22:57 - 2016-09-12 21:26 - 00124416 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2016-10-11 22:57 - 2016-09-12 21:26 - 00098304 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2016-10-11 22:57 - 2016-09-12 21:25 - 00036352 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll
2016-10-11 22:57 - 2016-09-12 21:25 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2016-10-11 22:57 - 2016-09-12 21:25 - 00015872 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2016-10-11 22:57 - 2016-09-12 20:08 - 01251328 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll
2016-10-11 22:57 - 2016-09-12 20:08 - 00909824 _____ (Microsoft Corporation) C:\Windows\system32\FntCache.dll
2016-10-11 22:57 - 2016-09-10 16:53 - 02291712 _____ (Microsoft Corporation) C:\Windows\system32\MSVidCtl.dll
2016-10-11 22:57 - 2016-09-09 19:01 - 01310528 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2016-10-11 22:57 - 2016-09-09 19:00 - 00400896 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2016-10-11 22:57 - 2016-09-09 19:00 - 00043008 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2016-10-11 22:57 - 2016-09-09 18:59 - 00644096 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
2016-10-11 22:57 - 2016-09-09 18:59 - 00050688 _____ (Microsoft Corporation) C:\Windows\system32\appidapi.dll
2016-10-11 22:57 - 2016-09-09 18:59 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\setbcdlocale.dll
2016-10-11 22:57 - 2016-09-09 18:59 - 00038912 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2016-10-11 22:57 - 2016-09-09 18:59 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2016-10-11 22:57 - 2016-09-09 18:42 - 00097792 _____ (Microsoft Corporation) C:\Windows\system32\appidpolicyconverter.exe
2016-10-11 22:57 - 2016-09-09 18:42 - 00050688 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\appid.sys
2016-10-11 22:57 - 2016-09-09 18:42 - 00029696 _____ (Microsoft Corporation) C:\Windows\system32\appidsvc.dll
2016-10-11 22:57 - 2016-09-09 18:42 - 00016896 _____ (Microsoft Corporation) C:\Windows\system32\appidcertstorecheck.exe
2016-10-11 22:57 - 2016-09-09 18:39 - 00262656 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2016-10-11 22:57 - 2016-09-09 18:37 - 00069632 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2016-10-11 22:57 - 2016-09-08 21:34 - 00208896 _____ (Microsoft Corporation) C:\Windows\system32\WebClnt.dll
2016-10-11 22:57 - 2016-09-08 21:34 - 00087040 _____ (Microsoft Corporation) C:\Windows\system32\davclnt.dll
2016-10-11 22:57 - 2016-09-08 15:49 - 00117248 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxdav.sys
2016-10-11 22:57 - 2016-09-08 15:49 - 00081408 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dfsc.sys
2016-10-11 22:57 - 2016-08-16 19:47 - 00419640 _____ C:\Windows\system32\locale.nls
2016-10-11 22:57 - 2016-08-12 17:47 - 12574208 _____ (Microsoft Corporation) C:\Windows\system32\wmploc.DLL
2016-10-11 22:57 - 2016-08-12 17:47 - 11410432 _____ (Microsoft Corporation) C:\Windows\system32\wmp.dll
2016-10-11 22:57 - 2016-08-12 17:31 - 00008192 _____ (Microsoft Corporation) C:\Windows\system32\spwmp.dll
2016-10-11 22:57 - 2016-08-12 17:31 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\msdxm.ocx
2016-10-11 22:57 - 2016-08-12 17:31 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\dxmasf.dll
2016-10-11 22:57 - 2016-08-12 17:21 - 00437248 _____ (Microsoft Corporation) C:\Windows\system32\scavengeui.dll
2016-10-11 22:57 - 2016-08-06 16:15 - 01178112 _____ (Microsoft Corporation) C:\Windows\system32\WsmSvc.dll
2016-10-11 22:57 - 2016-08-06 16:15 - 00249344 _____ (Microsoft Corporation) C:\Windows\system32\WSManMigrationPlugin.dll
2016-10-11 22:57 - 2016-08-06 16:15 - 00214016 _____ (Microsoft Corporation) C:\Windows\system32\WsmWmiPl.dll
2016-10-11 22:57 - 2016-08-06 16:15 - 00146944 _____ (Microsoft Corporation) C:\Windows\system32\WsmAuto.dll
2016-10-11 22:57 - 2016-08-06 16:15 - 00054272 _____ (Microsoft Corporation) C:\Windows\system32\WsmRes.dll
2016-10-11 22:57 - 2016-08-06 15:53 - 00199168 _____ (Microsoft Corporation) C:\Windows\system32\WSManHTTPConfig.exe
2016-10-11 22:57 - 2016-08-06 15:53 - 00012288 _____ (Microsoft Corporation) C:\Windows\system32\wsmprovhost.exe
2016-10-11 22:57 - 2016-08-06 15:53 - 00010240 _____ (Microsoft Corporation) C:\Windows\system32\wsmplpxy.dll
2016-10-11 22:57 - 2016-06-14 16:25 - 00078568 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mountmgr.sys
2016-10-11 22:57 - 2016-06-14 16:21 - 03209216 _____ (Microsoft Corporation) C:\Windows\system32\mf.dll
2016-10-11 22:57 - 2016-06-14 16:21 - 01329664 _____ (Microsoft Corporation) C:\Windows\system32\quartz.dll
2016-10-11 22:57 - 2016-06-14 16:21 - 01176064 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2016-10-11 22:57 - 2016-06-14 16:21 - 01005056 _____ (Microsoft Corporation) C:\Windows\system32\cryptui.dll
2016-10-11 22:57 - 2016-06-14 16:21 - 00988160 _____ (Microsoft Corporation) C:\Windows\system32\drmv2clt.dll
2016-10-11 22:57 - 2016-06-14 16:21 - 00744960 _____ (Microsoft Corporation) C:\Windows\system32\blackbox.dll
2016-10-11 22:57 - 2016-06-14 16:21 - 00617984 _____ (Microsoft Corporation) C:\Windows\system32\wmdrmsdk.dll
2016-10-11 22:57 - 2016-06-14 16:21 - 00519680 _____ (Microsoft Corporation) C:\Windows\system32\qdvd.dll
2016-10-11 22:57 - 2016-06-14 16:21 - 00504320 _____ (Microsoft Corporation) C:\Windows\system32\msscp.dll
2016-10-11 22:57 - 2016-06-14 16:21 - 00489984 _____ (Microsoft Corporation) C:\Windows\system32\evr.dll
2016-10-11 22:57 - 2016-06-14 16:21 - 00474624 _____ (Microsoft Corporation) C:\Windows\system32\audiosrv.dll
2016-10-11 22:57 - 2016-06-14 16:21 - 00442368 _____ (Microsoft Corporation) C:\Windows\system32\AUDIOKSE.dll
2016-10-11 22:57 - 2016-06-14 16:21 - 00406016 _____ (Microsoft Corporation) C:\Windows\system32\drmmgrtn.dll
2016-10-11 22:57 - 2016-06-14 16:21 - 00374784 _____ (Microsoft Corporation) C:\Windows\system32\AudioEng.dll
2016-10-11 22:57 - 2016-06-14 16:21 - 00354816 _____ (Microsoft Corporation) C:\Windows\system32\mfplat.dll
2016-10-11 22:57 - 2016-06-14 16:21 - 00275968 _____ (Microsoft Corporation) C:\Windows\system32\EncDump.dll
2016-10-11 22:57 - 2016-06-14 16:21 - 00265216 _____ (Microsoft Corporation) C:\Windows\system32\msnetobj.dll
2016-10-11 22:57 - 2016-06-14 16:21 - 00195072 _____ (Microsoft Corporation) C:\Windows\system32\AudioSes.dll
2016-10-11 22:57 - 2016-06-14 16:21 - 00179200 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll
2016-10-11 22:57 - 2016-06-14 16:21 - 00157184 _____ (Microsoft Corporation) C:\Windows\system32\pcasvc.dll
2016-10-11 22:57 - 2016-06-14 16:21 - 00145920 _____ (Microsoft Corporation) C:\Windows\system32\cryptsvc.dll
2016-10-11 22:57 - 2016-06-14 16:21 - 00106496 _____ (Microsoft Corporation) C:\Windows\system32\cryptnet.dll
2016-10-11 22:57 - 2016-06-14 16:21 - 00103424 _____ (Microsoft Corporation) C:\Windows\system32\mfps.dll
2016-10-11 22:57 - 2016-06-14 16:21 - 00080896 _____ (Microsoft Corporation) C:\Windows\system32\cryptsp.dll
2016-10-11 22:57 - 2016-06-14 16:21 - 00008704 _____ (Microsoft Corporation) C:\Windows\system32\pcaevts.dll
2016-10-11 22:57 - 2016-06-14 16:21 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\mferror.dll
2016-10-11 22:57 - 2016-06-14 16:17 - 00593920 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\PEAuth.sys
2016-10-11 22:57 - 2016-06-14 16:05 - 00100352 _____ (Microsoft Corporation) C:\Windows\system32\audiodg.exe
2016-10-11 22:57 - 2016-06-14 16:05 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\rrinstaller.exe
2016-10-11 22:57 - 2016-06-14 16:05 - 00023040 _____ (Microsoft Corporation) C:\Windows\system32\mfpmp.exe
2016-10-11 22:57 - 2016-06-14 16:00 - 00010752 _____ (Microsoft Corporation) C:\Windows\system32\msmmsp.dll
2016-10-11 22:57 - 2016-06-14 15:55 - 00009728 _____ (Microsoft Corporation) C:\Windows\system32\pcawrk.exe
2016-10-11 22:57 - 2016-06-14 15:55 - 00008192 _____ (Microsoft Corporation) C:\Windows\system32\pcalua.exe
2016-10-11 22:57 - 2016-06-14 15:54 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\pcadm.dll
2016-10-09 14:45 - 2016-10-09 15:04 - 00000000 ____D C:\Users\les 4 ballon\Desktop\polo
==================== Un mois - Modifiés - fichiers et dossiers ========
(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)
2016-11-06 10:45 - 2016-08-26 14:31 - 00001064 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2016-11-06 10:43 - 2009-07-14 05:53 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2016-11-06 10:39 - 2009-07-14 05:34 - 00013312 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2016-11-06 10:39 - 2009-07-14 05:34 - 00013312 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2016-11-06 10:36 - 2016-08-26 14:31 - 00001068 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2016-11-06 10:36 - 2009-07-14 03:37 - 00000000 ____D C:\Windows\system32\NDF
2016-11-06 10:27 - 2015-12-06 02:18 - 00001002 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2016-11-03 18:05 - 2011-06-30 19:50 - 01669656 _____ C:\Windows\system32\PerfStringBackup.INI
2016-11-03 18:05 - 2009-08-01 09:28 - 00747660 _____ C:\Windows\system32\perfh00C.dat
2016-11-03 18:05 - 2009-08-01 09:28 - 00150184 _____ C:\Windows\system32\perfc00C.dat
2016-11-03 18:05 - 2009-07-14 03:37 - 00000000 ____D C:\Windows\inf
2016-11-01 08:41 - 2011-06-30 20:11 - 00000000 ____D C:\Users\les 4 ballon\AppData\Local\Google
2016-10-30 00:00 - 2011-06-30 23:33 - 00000000 ____D C:\Users\les 4 ballon\AppData\Local\ElevatedDiagnostics
2016-10-25 10:43 - 2016-03-08 18:53 - 00000000 ____D C:\Users\les 4 ballon\Desktop\formation steph
2016-10-25 00:40 - 2016-08-26 14:32 - 00002139 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-10-25 00:40 - 2016-08-26 14:32 - 00002127 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2016-10-21 16:21 - 2011-11-19 13:05 - 00000000 ____D C:\Users\les 4 ballon\AppData\Local\cache
2016-10-12 03:45 - 2009-07-14 03:37 - 00000000 ____D C:\Windows\rescache
2016-10-12 02:42 - 2011-06-30 23:36 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2016-10-12 02:42 - 2009-07-14 05:33 - 00501792 _____ C:\Windows\system32\FNTCACHE.DAT
2016-10-12 02:39 - 2009-07-14 03:37 - 00000000 ____D C:\Windows\system32\Dism
2016-10-12 02:20 - 2013-08-16 02:23 - 00000000 ____D C:\Windows\system32\MRT
2016-10-12 02:04 - 2011-06-30 21:04 - 141042968 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2016-10-12 02:03 - 2011-06-30 23:37 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
==================== Fichiers à la racine de certains dossiers =======
2011-07-05 15:39 - 2011-07-05 15:40 - 0002280 _____ () C:\Users\les 4 ballon\AppData\Roaming\Bubble Dock.boostrap.log
2011-11-19 13:06 - 2011-11-19 13:16 - 0000581 _____ () C:\Users\les 4 ballon\AppData\Local\cookies.ini
2011-08-11 20:05 - 2011-08-11 20:05 - 0003584 _____ () C:\Users\les 4 ballon\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2015-11-09 17:55 - 2015-11-09 17:55 - 0000133 _____ () C:\ProgramData\Microsoft.SqlServer.Compact.351.32.bc
Certains fichiers dans TEMP:
====================
C:\Users\les 4 ballon\AppData\Local\Temp\AcDeltree.exe
C:\Users\les 4 ballon\AppData\Local\Temp\ose00000.exe
C:\Users\les 4 ballon\AppData\Local\Temp\ReimageExpressPackage.exe
C:\Users\les 4 ballon\AppData\Local\Temp\ReimageExpressSetup.exe
C:\Users\les 4 ballon\AppData\Local\Temp\ReimagePackage.exe
C:\Users\les 4 ballon\AppData\Local\Temp\sqlite3.exe
C:\Users\les 4 ballon\AppData\Local\Temp\uninstall.exe
C:\Users\les 4 ballon\AppData\Local\Temp\Uninstaller.exe
==================== Bamital & volsnap ======================
(Il n'y a pas de correction automatique pour les fichiers qui ne satisfont pas à la vérification.)
C:\Windows\explorer.exe => Le fichier est signé numériquement
C:\Windows\system32\winlogon.exe => Le fichier est signé numériquement
C:\Windows\system32\wininit.exe => Le fichier est signé numériquement
C:\Windows\system32\svchost.exe => Le fichier est signé numériquement
C:\Windows\system32\services.exe => Le fichier est signé numériquement
C:\Windows\system32\User32.dll => Le fichier est signé numériquement
C:\Windows\system32\userinit.exe => Le fichier est signé numériquement
C:\Windows\system32\rpcss.dll => Le fichier est signé numériquement
C:\Windows\system32\dnsapi.dll => Le fichier est signé numériquement
C:\Windows\system32\Drivers\volsnap.sys => Le fichier est signé numériquement
LastRegBack: 2016-11-04 00:44
==================== Fin de FRST.txt ============================
Exécuté par les 4 ballon (administrateur) sur LES4BALLON-PC (06-11-2016 11:07:24)
Exécuté depuis C:\Users\les 4 ballon\Desktop
Profils chargés: les 4 ballon (Profils disponibles: les 4 ballon & UpdatusUser)
Platform: Microsoft Windows 7 Édition Intégrale Service Pack 1 (X86) Langue: Français (France)
Internet Explorer Version 11 (Navigateur par défaut: Chrome)
Mode d'amorçage: Normal
Tutoriel pour Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processus (Avec liste blanche) =================
(Si un élément est inclus dans le fichier fixlist.txt, le processus sera arrêté. Le fichier ne sera pas déplacé.)
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Autodesk, Inc.) C:\Program Files\Autodesk\Content Service\Connect.Service.ContentService.exe
(Seiko Epson Corporation) C:\Windows\System32\escsvc.exe
(SEIKO EPSON CORPORATION) C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S50RP7.EXE
(Lavasoft Limited) C:\Program Files\Lavasoft\Web Companion\TcpService\2.3.4.7\LavasoftTcpService.exe
(Microsoft Corporation) C:\Program Files\Microsoft LifeCam\MSCamS32.exe
(pdfforge GmbH) C:\Program Files\PDF Architect 4\creator-ws.exe
(© pdfforge GmbH.) C:\ProgramData\pdfforge\PDF Architect 4 Manager\PDF Architect 4\Architect Manager.exe
(TeamViewer GmbH) C:\Program Files\TeamViewer\Version6\TeamViewer_Service.exe
() C:\Program Files\Lavasoft\Web Companion\Application\Lavasoft.WCAssistant.WinService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Microsoft Corporation) C:\Windows\vVX3000.exe
(Adobe Systems Incorporated) C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
(Sun Microsystems, Inc.) C:\Program Files\Common Files\Java\Java Update\jusched.exe
(Wondershare) C:\Program Files\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe
(SEIKO EPSON CORPORATION) C:\Windows\System32\spool\drivers\w32x86\3\E_FATIIKE.EXE
(Akamai Technologies, Inc.) C:\Users\les 4 ballon\AppData\Local\Akamai\netsession_win.exe
(Autodesk, Inc.) C:\Program Files\Autodesk\Autodesk Sync\AdSync.exe
(Akamai Technologies, Inc.) C:\Users\les 4 ballon\AppData\Local\Akamai\netsession_win.exe
(Lavasoft) C:\Program Files\Lavasoft\Web Companion\Application\WebCompanion.exe
() C:\Users\les 4 ballon\AppData\Local\Facebook\Games\FacebookGamesNotifier.exe
(The CefSharp Authors) C:\Users\les 4 ballon\AppData\Local\Facebook\Games\CefSharp.BrowserSubprocess.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
(Sun Microsystems, Inc.) C:\Program Files\Common Files\Java\Java Update\jucheck.exe
(The CefSharp Authors) C:\Users\les 4 ballon\AppData\Local\Facebook\Games\CefSharp.BrowserSubprocess.exe
==================== Registre (Avec liste blanche) ====================
(Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé. Le fichier ne sera pas déplacé.)
HKLM\...\Run: [avast] => C:\Program Files\AVAST Software\Avast\avastUI.exe [4858968 2014-01-22] (AVAST Software)
HKLM\...\Run: [VX3000] => C:\Windows\vVX3000.exe [762736 2010-05-20] (Microsoft Corporation)
HKLM\...\Run: [LifeCam] => C:\Program Files\Microsoft LifeCam\LifeExp.exe [119152 2010-05-20] (Microsoft Corporation)
HKLM\...\Run: [Adobe ARM] => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [937920 2011-06-06] (Adobe Systems Incorporated)
HKLM\...\Run: [SunJavaUpdateSched] => C:\Program Files\Common Files\Java\Java Update\jusched.exe [246504 2010-01-11] (Sun Microsystems, Inc.)
HKLM\...\Run: [Wondershare Helper Compact.exe] => C:\Program Files\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe [2020704 2014-08-05] (Wondershare)
HKLM\...\Run: [DelaypluginInstall] => C:\ProgramData\Wondershare\Video Converter Ultimate\DelayPluginI.exe
HKLM\...\Run: [BCSSync] => C:\Program Files\Microsoft Office\Office14\BCSSync.exe [89184 2012-11-05] (Microsoft Corporation)
HKU\S-1-5-21-1287516834-2338127881-1189959688-1001\...\Run: [msnmsgr] => "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
HKU\S-1-5-21-1287516834-2338127881-1189959688-1001\...\Run: [Orange Installer] => C:\Program Files\Orange\Orange Installer\OrangeInstaller.exe [561320 2012-11-27] ()
HKU\S-1-5-21-1287516834-2338127881-1189959688-1001\...\Run: [EPLTarget\P0000000000000000] => C:\Windows\system32\spool\DRIVERS\W32X86\3\E_FATIIKE.EXE [249440 2012-02-29] (SEIKO EPSON CORPORATION)
HKU\S-1-5-21-1287516834-2338127881-1189959688-1001\...\Run: [Akamai NetSession Interface] => C:\Users\les 4 ballon\AppData\Local\Akamai\netsession_win.exe [4691384 2015-09-10] (Akamai Technologies, Inc.)
HKU\S-1-5-21-1287516834-2338127881-1189959688-1001\...\Run: [Autodesk Sync] => C:\Program Files\Autodesk\Autodesk Sync\AdSync.exe [894344 2013-02-05] (Autodesk, Inc.)
HKU\S-1-5-21-1287516834-2338127881-1189959688-1001\...\Run: [Speech Recognition] => C:\Windows\Speech\Common\sapisvr.exe [51712 2009-07-14] (Microsoft Corporation)
HKU\S-1-5-21-1287516834-2338127881-1189959688-1001\...\Run: [PCKeeperLive] => "C:\Program Files\Essentware\PCKeeper\PCKeeper.exe" /autorun
HKU\S-1-5-21-1287516834-2338127881-1189959688-1001\...\Run: [PCKeeper Antivirus] => "C:\Program Files\Essentware\PCKAV\PCKAV.exe" /autorun
HKU\S-1-5-21-1287516834-2338127881-1189959688-1001\...\Run: [Web Companion] => C:\Program Files\Lavasoft\Web Companion\Application\WebCompanion.exe [1790616 2016-11-03] (Lavasoft)
HKU\S-1-5-21-1287516834-2338127881-1189959688-1001\...\Policies\Explorer: []
HKU\S-1-5-21-1287516834-2338127881-1189959688-1001\...\MountPoints2: {51466147-a346-11e0-81a5-806e6f6e6963} - D:\start.exe
HKU\S-1-5-21-1287516834-2338127881-1189959688-1001\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Users\LES4BA~1\DOWNLO~1\horloge.scr
HKU\S-1-5-18\...\Run: [SearchProtect] => \SearchProtect\bin\cltmng.exe
HKU\S-1-5-18\...\Run: [Autodesk Sync] => C:\Program Files\Autodesk\Autodesk Sync\AdSync.exe [894344 2013-02-05] (Autodesk, Inc.)
AppInit_DLLs: C:\PROGRA~1\SEARCH~1\Datamngr\mgrldr.dll => Pas de fichier
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2014-01-22] (AVAST Software)
ShellIconOverlayIdentifiers: [AutoCAD Digital Signatures Icon Overlay Handler] -> {36A21736-36C2-4C11-8ACB-D4136F2B57BD} => C:\Windows\system32\AcSignIcon.dll [2013-02-08] (Autodesk, Inc.)
Startup: C:\Users\les 4 ballon\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\FacebookGamesNotifier.exe.lnk [2016-08-26]
ShortcutTarget: FacebookGamesNotifier.exe.lnk -> C:\Users\les 4 ballon\AppData\Local\Facebook\Games\FacebookGamesNotifier.exe ()
Startup: C:\Users\les 4 ballon\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.3.lnk [2011-07-01]
ShortcutTarget: OpenOffice.org 3.3.lnk -> C:\Program Files\OpenOffice.org 3\program\quickstart.exe ()
GroupPolicy: Restriction - Chrome <======= ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Restriction <======= ATTENTION
==================== Internet (Avec liste blanche) ====================
(Si un élément est inclus dans le fichier fixlist.txt, s'il s'agit d'un élément du Registre, il sera supprimé ou restauré à la valeur par défaut.)
ProxyEnable: [S-1-5-21-1287516834-2338127881-1189959688-1001] => Proxy est activé.
Winsock: Catalog9 01 C:\Windows\system32\LavasoftTcpService.dll [345360 2016-11-03] (Lavasoft Limited)
Winsock: Catalog9 02 C:\Windows\system32\LavasoftTcpService.dll [345360 2016-11-03] (Lavasoft Limited)
Winsock: Catalog9 03 C:\Windows\system32\LavasoftTcpService.dll [345360 2016-11-03] (Lavasoft Limited)
Winsock: Catalog9 04 C:\Windows\system32\LavasoftTcpService.dll [345360 2016-11-03] (Lavasoft Limited)
Winsock: Catalog9 25 C:\Windows\system32\LavasoftTcpService.dll [345360 2016-11-03] (Lavasoft Limited)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{8EFF417F-12CC-4CBA-89A3-5E63F33B6091}: [DhcpNameServer] 192.168.1.1
Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://fr.yahoo.com/?fr=hp-avast&type=avastbcl
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKU\S-1-5-21-1287516834-2338127881-1189959688-1001\Software\Microsoft\Internet Explorer\Main,Search Page = hxxps://fr.search.yahoo.com/yhs/search?type=avastbcl&hspart=avast&hsimp=yhs-001&p={searchTerms}
HKU\S-1-5-21-1287516834-2338127881-1189959688-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.fr/
HKU\S-1-5-21-1287516834-2338127881-1189959688-1001\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxps://fr.yahoo.com/?fr=hp-avast&type=avastbcl
URLSearchHook: HKU\S-1-5-21-1287516834-2338127881-1189959688-1001 - (Pas de nom) - {8e5025c2-8ea3-430d-80b8-a14151068a6d} - Pas de fichier
SearchScopes: HKLM -> DefaultScope {9CB96984-43C3-4D44-90EF-01466EFCF7BB} URL = hxxps://fr.search.yahoo.com/yhs/search?type=avastbcl&hspart=avast&hsimp=yhs-001&p={searchTerms}
SearchScopes: HKLM -> {9BB47C17-9C68-4BB3-B188-DD9AF0FD2410} URL = hxxp://dts.search-results.com/sr?src=ieb&gct=ds&appid=0&systemid=410&apn_uid=3496010263334854&apn_dtid=BND410&o=APN10649&apn_ptnrs=AGA&q={searchTerms}
SearchScopes: HKLM -> {9CB96984-43C3-4D44-90EF-01466EFCF7BB} URL = hxxps://fr.search.yahoo.com/yhs/search?type=avastbcl&hspart=avast&hsimp=yhs-001&p={searchTerms}
SearchScopes: HKU\S-1-5-21-1287516834-2338127881-1189959688-1001 -> DefaultScope {593E4790-8941-4CF1-90DB-2D2D7C07AE7A} URL = hxxp://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT3285358&CUI=UN16944676761140113&UM=2
SearchScopes: HKU\S-1-5-21-1287516834-2338127881-1189959688-1001 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?pc=COSP&ptag=D110316-A8D15A5DDE3&form=CONBDF&conlogo=CT3335578&q={searchTerms}
SearchScopes: HKU\S-1-5-21-1287516834-2338127881-1189959688-1001 -> {593E4790-8941-4CF1-90DB-2D2D7C07AE7A} URL = hxxp://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT3285358&CUI=UN16944676761140113&UM=2
SearchScopes: HKU\S-1-5-21-1287516834-2338127881-1189959688-1001 -> {9BB47C17-9C68-4BB3-B188-DD9AF0FD2410} URL = hxxp://dts.search-results.com/sr?src=ieb&gct=ds&appid=0&systemid=410&apn_uid=3496010263334854&apn_dtid=BND410&o=APN10649&apn_ptnrs=AGA&q={searchTerms}
SearchScopes: HKU\S-1-5-21-1287516834-2338127881-1189959688-1001 -> {9CB96984-43C3-4D44-90EF-01466EFCF7BB} URL = hxxps://fr.search.yahoo.com/yhs/search?type=avastbcl&hspart=avast&hsimp=yhs-001&p={searchTerms}
BHO: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2011-06-06] (Adobe Systems Incorporated)
BHO: PDF Architect 4 Helper -> {38279E1A-7019-40C1-B579-E99DFB3312E8} -> C:\Program Files\PDF Architect 4\creator-ie-helper.dll [2016-08-05] (pdfforge GmbH)
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-19] (Microsoft Corporation)
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2014-01-22] (AVAST Software)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre6\bin\jp2ssv.dll [2011-10-30] (Sun Microsystems, Inc.)
BHO: Shareiiit -> {E7AB3DAE-5A7A-41A7-8258-BD60657392E2} -> C:\Program Files\Shareiiit\ScriptHost.dll [2012-06-12] ()
Toolbar: HKLM - avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2014-01-22] (AVAST Software)
Toolbar: HKLM - PDF Architect 4 Toolbar - {23FD9C33-A9E1-48A1-8404-E5925CF1C8E1} - C:\Program Files\PDF Architect 4\creator-ie-plugin.dll [2016-08-05] (pdfforge GmbH)
FireFox:
========
FF HKLM\...\Firefox\Extensions: [pdf_architect_4_conv@pdfarchitect.org] - C:\Program Files\PDF Architect 4\resources\pdfarchitect4firefoxextension
FF Extension: (PDF Architect 4 Creator) - C:\Program Files\PDF Architect 4\resources\pdfarchitect4firefoxextension [2016-11-03] [non signé]
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32.dll [2011-11-19] ()
FF Plugin: @microsoft.com/GENUINE -> C:\Windows\system32\Wat\npWatWeb.dll [2015-10-06] (Microsoft Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.50901.0\npctrl.dll [2016-08-31] ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MIF5BA~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MIF5BA~1\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll [Pas de fichier]
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-08-26] (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-08-26] (Google Inc.)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll [2011-06-06] (Adobe Systems Inc.)
Chrome:
=======
CHR DefaultProfile: Default
CHR HomePage: Default -> hxxp://r.orange.fr/r/Ohome_portail?ref=O_OI_defaultPage_CH
CHR StartupUrls: Default -> "hxxp://www.google.fr/"
CHR Plugin: (Native Client) - C:\Program Files\Google\Chrome\Application\54.0.2840.71\ppGoogleNaClPluginChrome.dll => Pas de fichier
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files\Google\Chrome\Application\54.0.2840.71\pdf.dll => Pas de fichier
CHR Plugin: (Shockwave Flash) - C:\Program Files\Google\Chrome\Application\54.0.2840.71\gcswf32.dll => Pas de fichier
CHR Plugin: (Shockwave Flash) - C:\Windows\system32\Macromed\Flash\NPSWF32.dll ()
CHR Plugin: (Adobe Acrobat) - C:\Program Files\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll (Adobe Systems Inc.)
CHR Plugin: (Java Deployment Toolkit 6.0.180.7) - C:\Program Files\Java\jre6\bin\new_plugin\npdeploytk.dll (Sun Microsystems, Inc.)
CHR Plugin: (Java(TM) Platform SE 6 U18) - C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
CHR Plugin: (QuickTime Plug-in 7.1.6) - C:\Program Files\QuickTime\plugins\npqtplugin.dll => Pas de fichier
CHR Plugin: (QuickTime Plug-in 7.1.6) - C:\Program Files\QuickTime\plugins\npqtplugin2.dll => Pas de fichier
CHR Plugin: (QuickTime Plug-in 7.1.6) - C:\Program Files\QuickTime\plugins\npqtplugin3.dll => Pas de fichier
CHR Plugin: (QuickTime Plug-in 7.1.6) - C:\Program Files\QuickTime\plugins\npqtplugin4.dll => Pas de fichier
CHR Plugin: (QuickTime Plug-in 7.1.6) - C:\Program Files\QuickTime\plugins\npqtplugin5.dll => Pas de fichier
CHR Plugin: (QuickTime Plug-in 7.1.6) - C:\Program Files\QuickTime\plugins\npqtplugin6.dll => Pas de fichier
CHR Plugin: (QuickTime Plug-in 7.1.6) - C:\Program Files\QuickTime\plugins\npqtplugin7.dll => Pas de fichier
CHR Plugin: (Google Talk Plugin) - C:\Users\les 4 ballon\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll => Pas de fichier
CHR Plugin: (Google Talk Plugin Video Accelerator) - C:\Users\les 4 ballon\AppData\Roaming\Mozilla\plugins\npgtpo3dautoplugin.dll => Pas de fichier
CHR Plugin: (Windows Live Photo Gallery) - C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll => Pas de fichier
CHR Plugin: (Unity Player) - C:\Users\les 4 ballon\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll => Pas de fichier
CHR Plugin: (Facebook Video Calling Plugin) - C:\Users\les 4 ballon\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll => Pas de fichier
CHR Plugin: (Google Update) - C:\Users\les 4 ballon\AppData\Local\Google\Update\1.3.21.111\npGoogleUpdate3.dll => Pas de fichier
CHR Plugin: (Silverlight Plug-In) - c:\Program Files\Microsoft Silverlight\4.1.10329.0\npctrl.dll => Pas de fichier
CHR Profile: C:\Users\les 4 ballon\AppData\Local\Google\Chrome\User Data\Default [2016-11-06]
CHR Extension: (Adblock Plus) - C:\Users\les 4 ballon\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2016-10-27]
CHR Extension: (ZipArcade Ads) - C:\Users\les 4 ballon\AppData\Local\Google\Chrome\User Data\Default\Extensions\ebdhjmlocoglfmofdbbedcpflikfhilh [2016-10-06]
CHR Extension: (avast! Ad Blocker) - C:\Users\les 4 ballon\AppData\Local\Google\Chrome\User Data\Default\Extensions\fplhdcjmbpfkejbhngmlngaecbjmoimd [2016-08-26] [UpdateUrl: hxxps://update.adblockplus.org/avast-adblocker.xml] <==== ATTENTION
CHR Extension: (Horloge) - C:\Users\les 4 ballon\AppData\Local\Google\Chrome\User Data\Default\Extensions\gdkjifoifglkpcdffkenpinlbjgephlo [2015-10-05]
CHR Extension: (Retrogamer) - C:\Users\les 4 ballon\AppData\Local\Google\Chrome\User Data\Default\Extensions\gjjcikpknngnligmfglfojkhjkdcmdim [2016-03-19]
CHR Extension: (Core) - C:\Users\les 4 ballon\AppData\Local\Google\Chrome\User Data\Default\Extensions\gkhcgfdghbiidgeccbldhfceleibkkpe [2015-10-05]
CHR Extension: (Quick MP3 Search) - C:\Users\les 4 ballon\AppData\Local\Google\Chrome\User Data\Default\Extensions\ldaagbccpofpobgonoepcnoahbnkljno [2016-06-19]
CHR Extension: (Paiements via le Chrome Web Store) - C:\Users\les 4 ballon\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-04-07]
CHR Extension: (Chrome Media Router) - C:\Users\les 4 ballon\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2016-10-28]
CHR HKLM\...\Chrome\Extension: [ehdmaehkiiampolokajdcelladmnopgp] - C:\Users\les 4 ballon\AppData\Local\CRE\ehdmaehkiiampolokajdcelladmnopgp.crx
CHR HKLM\...\Chrome\Extension: [fplhdcjmbpfkejbhngmlngaecbjmoimd] - C:\Program Files\AVAST Software\Avast\AdBlocker\Chrome\avast-adblocker-chrome.crx [2013-02-25]
CHR HKLM\...\Chrome\Extension: [hakpajgggjjcjmidfbnnncnbaihjneaj] - C:\Users\les 4 ballon\AppData\Local\CRE\hakpajgggjjcjmidfbnnncnbaihjneaj.crx
CHR HKLM\...\Chrome\Extension: [iijmpjamifmplbakhgikofogdfackici] - C:\ProgramData\Wondershare\Video Converter Ultimate\WSVCU@Wondershare.com.crx
CHR HKU\S-1-5-21-1287516834-2338127881-1189959688-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [ehdmaehkiiampolokajdcelladmnopgp] - C:\Users\les 4 ballon\AppData\Local\CRE\ehdmaehkiiampolokajdcelladmnopgp.crx
CHR HKU\S-1-5-21-1287516834-2338127881-1189959688-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [hakpajgggjjcjmidfbnnncnbaihjneaj] - C:\Users\les 4 ballon\AppData\Local\CRE\hakpajgggjjcjmidfbnnncnbaihjneaj.crx
==================== Services (Avec liste blanche) ====================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
R2 Autodesk Content Service; C:\Program Files\Autodesk\Content Service\Connect.Service.ContentService.exe [12288 2012-12-13] (Autodesk, Inc.) [Fichier non signé]
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [46808 2014-01-22] (AVAST Software)
R2 EpsonScanSvc; C:\Windows\system32\EscSvc.exe [122000 2011-12-11] (Seiko Epson Corporation)
R2 EPSON_PM_RPCV4_04; C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S50RP7.EXE [142432 2012-02-21] (SEIKO EPSON CORPORATION)
S3 FlexNet Licensing Service; C:\Program Files\Common Files\Macrovision Shared\FlexNet Publisher\FNPLicensingService.exe [1087792 2016-04-25] (Flexera Software LLC)
R2 LavasoftTcpService; C:\Program Files\Lavasoft\Web Companion\TcpService\2.3.4.7\LavasoftTcpService.exe [2751760 2016-11-03] (Lavasoft Limited)
S3 PDF Architect 4; C:\Program Files\PDF Architect 4\ws.exe [2236640 2016-08-05] (pdfforge GmbH)
S3 PDF Architect 4 CrashHandler; C:\Program Files\PDF Architect 4\crash-handler-ws.exe [970976 2016-08-05] (pdfforge GmbH)
R2 PDF Architect 4 Creator; C:\Program Files\PDF Architect 4\creator-ws.exe [772832 2016-08-05] (pdfforge GmbH)
R2 PDF Architect 4 Manager; C:\ProgramData\pdfforge\PDF Architect 4 Manager\PDF Architect 4\Architect Manager.exe [972056 2016-05-18] (© pdfforge GmbH.)
R2 WCAssistantService; C:\Program Files\Lavasoft\Web Companion\Application\Lavasoft.WCAssistant.WinService.exe [25240 2016-11-03] ()
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [680960 2013-05-27] (Microsoft Corporation)
S2 ReimageRealTimeProtector; C:\Program Files\Reimage\Reimage Protector\ReiGuard.exe [X]
===================== Pilotes (Avec liste blanche) ======================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
R2 aswFsBlk; C:\Windows\system32\Drivers\aswFsBlk.sys [29816 2014-01-22] (AVAST Software)
R1 aswKbd; C:\Windows\system32\Drivers\aswKbd.sys [21576 2013-05-09] (AVAST Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [66336 2014-01-22] (AVAST Software)
R1 aswRdr; C:\Windows\System32\Drivers\aswrdr2.sys [61680 2014-01-22] (AVAST Software)
R0 aswRvrt; C:\Windows\system32\Drivers\aswRvrt.sys [49376 2014-01-22] ()
R1 aswSnx; C:\Windows\system32\Drivers\aswSnx.sys [770784 2014-12-31] (AVAST Software)
R1 aswSP; C:\Windows\system32\Drivers\aswSP.sys [369584 2014-01-22] (AVAST Software)
R1 aswTdi; C:\Windows\system32\Drivers\aswTdi.sys [56080 2014-01-22] (AVAST Software)
R0 aswVmm; C:\Windows\system32\Drivers\aswVmm.sys [175176 2014-01-22] ()
R0 sptd; C:\Windows\System32\Drivers\sptd.sys [721904 2015-01-12] () [Fichier non signé]
S3 USBAAPL; C:\Windows\System32\Drivers\usbaapl.sys [45056 2012-12-13] (Apple, Inc.) [Fichier non signé]
S3 cpuz134; \??\C:\Users\LES4BA~1\AppData\Local\Temp\cpuz134\cpuz134_x32.sys [X]
S3 Synth3dVsc; System32\drivers\synth3dvsc.sys [X]
S3 tsusbhub; system32\drivers\tsusbhub.sys [X]
S3 usb_rndisx; \SystemRoot\system32\drivers\usb8023x.sys [X]
S3 VGPU; System32\drivers\rdvgkmd.sys [X]
==================== NetSvcs (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
==================== Un mois - Créés - fichiers et dossiers ========
(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)
2016-11-06 11:07 - 2016-11-06 11:08 - 00023163 _____ C:\Users\les 4 ballon\Desktop\FRST.txt
2016-11-06 11:07 - 2016-11-06 11:07 - 00000000 ____D C:\FRST
2016-11-06 11:06 - 2016-11-06 11:06 - 01759744 _____ (Farbar) C:\Users\les 4 ballon\Desktop\FRST.exe
2016-11-06 11:02 - 2016-11-06 11:03 - 02409984 _____ (Farbar) C:\Users\les 4 ballon\Desktop\FRST64.exe
2016-11-04 22:21 - 2016-11-04 22:21 - 00000573 _____ C:\Users\les 4 ballon\Desktop\secrétaire indépendante.lnk
2016-11-04 22:19 - 2016-11-06 10:38 - 00000000 ____D C:\Users\les 4 ballon\Desktop\secrétaire indépendante
2016-11-04 05:28 - 2016-11-04 05:28 - 00059307 _____ C:\Users\les 4 ballon\Desktop\INFORMATIONDENONEXECUTIONDEPRELEVEMENTSEPA_20161003.pdf
2016-11-04 05:27 - 2016-11-04 05:27 - 00059293 _____ C:\Users\les 4 ballon\Desktop\INFORMATIONDENONEXECUTIONDEPRELEVEMENTSEPA_20161031.pdf
2016-11-03 10:29 - 2016-11-03 14:56 - 00000000 ____D C:\Users\les 4 ballon\Desktop\boulot fab
2016-11-03 10:19 - 2016-11-03 10:19 - 00000000 ____D C:\Users\les 4 ballon\AppData\Local\Lavasoft
2016-11-03 10:19 - 2016-11-03 10:19 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lavasoft
2016-11-03 10:18 - 2016-11-03 10:18 - 00002872 _____ C:\Windows\system32\LavasoftTcpServiceOff.ini
2016-11-03 10:18 - 2016-11-03 10:18 - 00000000 ____D C:\Users\les 4 ballon\AppData\Roaming\Lavasoft
2016-11-03 10:17 - 2016-11-03 10:17 - 00345360 _____ (Lavasoft Limited) C:\Windows\system32\LavasoftTcpService.dll
2016-11-03 10:17 - 2016-11-03 10:17 - 00000000 ____D C:\Program Files\Lavasoft
2016-11-03 10:16 - 2016-11-03 10:16 - 00000000 ____D C:\Users\les 4 ballon\AppData\Local\PDFCreator
2016-11-03 10:16 - 2016-11-03 10:16 - 00000000 ____D C:\ProgramData\Lavasoft
2016-11-03 10:15 - 2016-11-03 10:15 - 00000000 ____D C:\ProgramData\pdfforge
2016-11-03 10:14 - 2016-11-03 10:34 - 00000000 ____D C:\Users\les 4 ballon\AppData\Roaming\PDF Architect 4
2016-11-03 10:14 - 2016-11-03 10:14 - 00000957 _____ C:\Users\Public\Desktop\PDF Architect 4.lnk
2016-11-03 10:12 - 2016-11-03 10:12 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PDF Architect 4
2016-11-03 10:11 - 2016-11-03 10:14 - 00000000 ____D C:\Program Files\PDF Architect 4
2016-11-03 10:11 - 2016-11-03 10:11 - 00000000 ____D C:\Users\les 4 ballon\Documents\PDF Architect
2016-11-03 10:11 - 2016-11-03 10:11 - 00000000 ____D C:\Program Files\Common Files\PDF Software
2016-11-03 10:08 - 2016-11-03 10:34 - 00000000 ____D C:\ProgramData\PDF Architect 4
2016-11-03 10:08 - 2016-11-03 10:16 - 00000000 ____D C:\Program Files\PDFCreator
2016-11-03 10:08 - 2016-11-03 10:08 - 00096256 _____ (pdfforge GmbH) C:\Windows\system32\pdfcmon.dll
2016-11-03 10:08 - 2016-11-03 10:08 - 00000993 _____ C:\Users\Public\Desktop\PDFCreator.lnk
2016-11-03 10:08 - 2016-11-03 10:08 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PDFCreator
2016-11-03 10:05 - 2016-11-03 10:06 - 28398896 _____ (pdfforge GmbH ) C:\Users\les 4 ballon\Desktop\PDFCreator-2_4_0-Setup.exe
2016-10-11 22:58 - 2016-09-30 06:47 - 20306944 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2016-10-11 22:58 - 2016-07-22 15:51 - 00123904 _____ (Microsoft Corporation) C:\Windows\system32\poqexec.exe
2016-10-11 22:57 - 2016-09-30 20:28 - 00346312 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2016-10-11 22:57 - 2016-09-30 16:20 - 04000488 _____ (Microsoft Corporation) C:\Windows\system32\ntkrnlpa.exe
2016-10-11 22:57 - 2016-09-30 16:20 - 03944680 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2016-10-11 22:57 - 2016-09-30 06:54 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2016-10-11 22:57 - 2016-09-30 06:54 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2016-10-11 22:57 - 2016-09-30 06:42 - 00498688 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2016-10-11 22:57 - 2016-09-30 06:42 - 00341504 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2016-10-11 22:57 - 2016-09-30 06:42 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2016-10-11 22:57 - 2016-09-30 06:42 - 00047616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2016-10-11 22:57 - 2016-09-30 06:41 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2016-10-11 22:57 - 2016-09-30 06:38 - 02286592 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2016-10-11 22:57 - 2016-09-30 06:36 - 00047104 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2016-10-11 22:57 - 2016-09-30 06:35 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2016-10-11 22:57 - 2016-09-30 06:33 - 00476160 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2016-10-11 22:57 - 2016-09-30 06:32 - 00663552 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2016-10-11 22:57 - 2016-09-30 06:32 - 00620032 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2016-10-11 22:57 - 2016-09-30 06:32 - 00115712 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2016-10-11 22:57 - 2016-09-30 06:32 - 00102912 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2016-10-11 22:57 - 2016-09-30 06:27 - 00667648 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2016-10-11 22:57 - 2016-09-30 06:24 - 00416256 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2016-10-11 22:57 - 2016-09-30 06:19 - 00091136 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2016-10-11 22:57 - 2016-09-30 06:19 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2016-10-11 22:57 - 2016-09-30 06:17 - 00168960 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2016-10-11 22:57 - 2016-09-30 06:15 - 00076288 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2016-10-11 22:57 - 2016-09-30 06:14 - 00279040 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2016-10-11 22:57 - 2016-09-30 06:13 - 00130048 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2016-10-11 22:57 - 2016-09-30 06:12 - 04608512 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2016-10-11 22:57 - 2016-09-30 06:07 - 00230400 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2016-10-11 22:57 - 2016-09-30 06:05 - 02055680 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2016-10-11 22:57 - 2016-09-30 06:05 - 01155072 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2016-10-11 22:57 - 2016-09-30 06:05 - 00693248 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2016-10-11 22:57 - 2016-09-30 06:05 - 00689152 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2016-10-11 22:57 - 2016-09-30 06:03 - 13653504 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2016-10-11 22:57 - 2016-09-30 05:46 - 02444288 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2016-10-11 22:57 - 2016-09-30 05:43 - 01312768 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2016-10-11 22:57 - 2016-09-30 05:42 - 00710144 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2016-10-11 22:57 - 2016-09-15 16:15 - 00741888 _____ (Microsoft Corporation) C:\Windows\system32\inetcomm.dll
2016-10-11 22:57 - 2016-09-15 16:15 - 00084480 _____ (Microsoft Corporation) C:\Windows\system32\INETRES.dll
2016-10-11 22:57 - 2016-09-12 21:53 - 00137960 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2016-10-11 22:57 - 2016-09-12 21:53 - 00067304 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2016-10-11 22:57 - 2016-09-12 21:49 - 01063936 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2016-10-11 22:57 - 2016-09-12 21:49 - 00690688 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2016-10-11 22:57 - 2016-09-12 21:49 - 00655360 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2016-10-11 22:57 - 2016-09-12 21:49 - 00553472 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2016-10-11 22:57 - 2016-09-12 21:49 - 00260608 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2016-10-11 22:57 - 2016-09-12 21:49 - 00254464 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2016-10-11 22:57 - 2016-09-12 21:49 - 00223232 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2016-10-11 22:57 - 2016-09-12 21:49 - 00172032 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2016-10-11 22:57 - 2016-09-12 21:49 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2016-10-11 22:57 - 2016-09-12 21:49 - 00141312 _____ (Microsoft Corporation) C:\Windows\system32\rpchttp.dll
2016-10-11 22:57 - 2016-09-12 21:49 - 00099840 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2016-10-11 22:57 - 2016-09-12 21:49 - 00076800 _____ (Microsoft Corporation) C:\Windows\system32\adsmsext.dll
2016-10-11 22:57 - 2016-09-12 21:49 - 00065536 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2016-10-11 22:57 - 2016-09-12 21:49 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2016-10-11 22:57 - 2016-09-12 21:49 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2016-10-11 22:57 - 2016-09-12 21:49 - 00017408 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2016-10-11 22:57 - 2016-09-12 21:29 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2016-10-11 22:57 - 2016-09-12 21:28 - 02399232 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2016-10-11 22:57 - 2016-09-12 21:26 - 00226304 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2016-10-11 22:57 - 2016-09-12 21:26 - 00124416 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2016-10-11 22:57 - 2016-09-12 21:26 - 00098304 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2016-10-11 22:57 - 2016-09-12 21:25 - 00036352 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll
2016-10-11 22:57 - 2016-09-12 21:25 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2016-10-11 22:57 - 2016-09-12 21:25 - 00015872 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2016-10-11 22:57 - 2016-09-12 20:08 - 01251328 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll
2016-10-11 22:57 - 2016-09-12 20:08 - 00909824 _____ (Microsoft Corporation) C:\Windows\system32\FntCache.dll
2016-10-11 22:57 - 2016-09-10 16:53 - 02291712 _____ (Microsoft Corporation) C:\Windows\system32\MSVidCtl.dll
2016-10-11 22:57 - 2016-09-09 19:01 - 01310528 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2016-10-11 22:57 - 2016-09-09 19:00 - 00400896 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2016-10-11 22:57 - 2016-09-09 19:00 - 00043008 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2016-10-11 22:57 - 2016-09-09 18:59 - 00644096 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
2016-10-11 22:57 - 2016-09-09 18:59 - 00050688 _____ (Microsoft Corporation) C:\Windows\system32\appidapi.dll
2016-10-11 22:57 - 2016-09-09 18:59 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\setbcdlocale.dll
2016-10-11 22:57 - 2016-09-09 18:59 - 00038912 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2016-10-11 22:57 - 2016-09-09 18:59 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2016-10-11 22:57 - 2016-09-09 18:42 - 00097792 _____ (Microsoft Corporation) C:\Windows\system32\appidpolicyconverter.exe
2016-10-11 22:57 - 2016-09-09 18:42 - 00050688 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\appid.sys
2016-10-11 22:57 - 2016-09-09 18:42 - 00029696 _____ (Microsoft Corporation) C:\Windows\system32\appidsvc.dll
2016-10-11 22:57 - 2016-09-09 18:42 - 00016896 _____ (Microsoft Corporation) C:\Windows\system32\appidcertstorecheck.exe
2016-10-11 22:57 - 2016-09-09 18:39 - 00262656 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2016-10-11 22:57 - 2016-09-09 18:37 - 00069632 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2016-10-11 22:57 - 2016-09-08 21:34 - 00208896 _____ (Microsoft Corporation) C:\Windows\system32\WebClnt.dll
2016-10-11 22:57 - 2016-09-08 21:34 - 00087040 _____ (Microsoft Corporation) C:\Windows\system32\davclnt.dll
2016-10-11 22:57 - 2016-09-08 15:49 - 00117248 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxdav.sys
2016-10-11 22:57 - 2016-09-08 15:49 - 00081408 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dfsc.sys
2016-10-11 22:57 - 2016-08-16 19:47 - 00419640 _____ C:\Windows\system32\locale.nls
2016-10-11 22:57 - 2016-08-12 17:47 - 12574208 _____ (Microsoft Corporation) C:\Windows\system32\wmploc.DLL
2016-10-11 22:57 - 2016-08-12 17:47 - 11410432 _____ (Microsoft Corporation) C:\Windows\system32\wmp.dll
2016-10-11 22:57 - 2016-08-12 17:31 - 00008192 _____ (Microsoft Corporation) C:\Windows\system32\spwmp.dll
2016-10-11 22:57 - 2016-08-12 17:31 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\msdxm.ocx
2016-10-11 22:57 - 2016-08-12 17:31 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\dxmasf.dll
2016-10-11 22:57 - 2016-08-12 17:21 - 00437248 _____ (Microsoft Corporation) C:\Windows\system32\scavengeui.dll
2016-10-11 22:57 - 2016-08-06 16:15 - 01178112 _____ (Microsoft Corporation) C:\Windows\system32\WsmSvc.dll
2016-10-11 22:57 - 2016-08-06 16:15 - 00249344 _____ (Microsoft Corporation) C:\Windows\system32\WSManMigrationPlugin.dll
2016-10-11 22:57 - 2016-08-06 16:15 - 00214016 _____ (Microsoft Corporation) C:\Windows\system32\WsmWmiPl.dll
2016-10-11 22:57 - 2016-08-06 16:15 - 00146944 _____ (Microsoft Corporation) C:\Windows\system32\WsmAuto.dll
2016-10-11 22:57 - 2016-08-06 16:15 - 00054272 _____ (Microsoft Corporation) C:\Windows\system32\WsmRes.dll
2016-10-11 22:57 - 2016-08-06 15:53 - 00199168 _____ (Microsoft Corporation) C:\Windows\system32\WSManHTTPConfig.exe
2016-10-11 22:57 - 2016-08-06 15:53 - 00012288 _____ (Microsoft Corporation) C:\Windows\system32\wsmprovhost.exe
2016-10-11 22:57 - 2016-08-06 15:53 - 00010240 _____ (Microsoft Corporation) C:\Windows\system32\wsmplpxy.dll
2016-10-11 22:57 - 2016-06-14 16:25 - 00078568 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mountmgr.sys
2016-10-11 22:57 - 2016-06-14 16:21 - 03209216 _____ (Microsoft Corporation) C:\Windows\system32\mf.dll
2016-10-11 22:57 - 2016-06-14 16:21 - 01329664 _____ (Microsoft Corporation) C:\Windows\system32\quartz.dll
2016-10-11 22:57 - 2016-06-14 16:21 - 01176064 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2016-10-11 22:57 - 2016-06-14 16:21 - 01005056 _____ (Microsoft Corporation) C:\Windows\system32\cryptui.dll
2016-10-11 22:57 - 2016-06-14 16:21 - 00988160 _____ (Microsoft Corporation) C:\Windows\system32\drmv2clt.dll
2016-10-11 22:57 - 2016-06-14 16:21 - 00744960 _____ (Microsoft Corporation) C:\Windows\system32\blackbox.dll
2016-10-11 22:57 - 2016-06-14 16:21 - 00617984 _____ (Microsoft Corporation) C:\Windows\system32\wmdrmsdk.dll
2016-10-11 22:57 - 2016-06-14 16:21 - 00519680 _____ (Microsoft Corporation) C:\Windows\system32\qdvd.dll
2016-10-11 22:57 - 2016-06-14 16:21 - 00504320 _____ (Microsoft Corporation) C:\Windows\system32\msscp.dll
2016-10-11 22:57 - 2016-06-14 16:21 - 00489984 _____ (Microsoft Corporation) C:\Windows\system32\evr.dll
2016-10-11 22:57 - 2016-06-14 16:21 - 00474624 _____ (Microsoft Corporation) C:\Windows\system32\audiosrv.dll
2016-10-11 22:57 - 2016-06-14 16:21 - 00442368 _____ (Microsoft Corporation) C:\Windows\system32\AUDIOKSE.dll
2016-10-11 22:57 - 2016-06-14 16:21 - 00406016 _____ (Microsoft Corporation) C:\Windows\system32\drmmgrtn.dll
2016-10-11 22:57 - 2016-06-14 16:21 - 00374784 _____ (Microsoft Corporation) C:\Windows\system32\AudioEng.dll
2016-10-11 22:57 - 2016-06-14 16:21 - 00354816 _____ (Microsoft Corporation) C:\Windows\system32\mfplat.dll
2016-10-11 22:57 - 2016-06-14 16:21 - 00275968 _____ (Microsoft Corporation) C:\Windows\system32\EncDump.dll
2016-10-11 22:57 - 2016-06-14 16:21 - 00265216 _____ (Microsoft Corporation) C:\Windows\system32\msnetobj.dll
2016-10-11 22:57 - 2016-06-14 16:21 - 00195072 _____ (Microsoft Corporation) C:\Windows\system32\AudioSes.dll
2016-10-11 22:57 - 2016-06-14 16:21 - 00179200 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll
2016-10-11 22:57 - 2016-06-14 16:21 - 00157184 _____ (Microsoft Corporation) C:\Windows\system32\pcasvc.dll
2016-10-11 22:57 - 2016-06-14 16:21 - 00145920 _____ (Microsoft Corporation) C:\Windows\system32\cryptsvc.dll
2016-10-11 22:57 - 2016-06-14 16:21 - 00106496 _____ (Microsoft Corporation) C:\Windows\system32\cryptnet.dll
2016-10-11 22:57 - 2016-06-14 16:21 - 00103424 _____ (Microsoft Corporation) C:\Windows\system32\mfps.dll
2016-10-11 22:57 - 2016-06-14 16:21 - 00080896 _____ (Microsoft Corporation) C:\Windows\system32\cryptsp.dll
2016-10-11 22:57 - 2016-06-14 16:21 - 00008704 _____ (Microsoft Corporation) C:\Windows\system32\pcaevts.dll
2016-10-11 22:57 - 2016-06-14 16:21 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\mferror.dll
2016-10-11 22:57 - 2016-06-14 16:17 - 00593920 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\PEAuth.sys
2016-10-11 22:57 - 2016-06-14 16:05 - 00100352 _____ (Microsoft Corporation) C:\Windows\system32\audiodg.exe
2016-10-11 22:57 - 2016-06-14 16:05 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\rrinstaller.exe
2016-10-11 22:57 - 2016-06-14 16:05 - 00023040 _____ (Microsoft Corporation) C:\Windows\system32\mfpmp.exe
2016-10-11 22:57 - 2016-06-14 16:00 - 00010752 _____ (Microsoft Corporation) C:\Windows\system32\msmmsp.dll
2016-10-11 22:57 - 2016-06-14 15:55 - 00009728 _____ (Microsoft Corporation) C:\Windows\system32\pcawrk.exe
2016-10-11 22:57 - 2016-06-14 15:55 - 00008192 _____ (Microsoft Corporation) C:\Windows\system32\pcalua.exe
2016-10-11 22:57 - 2016-06-14 15:54 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\pcadm.dll
2016-10-09 14:45 - 2016-10-09 15:04 - 00000000 ____D C:\Users\les 4 ballon\Desktop\polo
==================== Un mois - Modifiés - fichiers et dossiers ========
(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)
2016-11-06 10:45 - 2016-08-26 14:31 - 00001064 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2016-11-06 10:43 - 2009-07-14 05:53 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2016-11-06 10:39 - 2009-07-14 05:34 - 00013312 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2016-11-06 10:39 - 2009-07-14 05:34 - 00013312 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2016-11-06 10:36 - 2016-08-26 14:31 - 00001068 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2016-11-06 10:36 - 2009-07-14 03:37 - 00000000 ____D C:\Windows\system32\NDF
2016-11-06 10:27 - 2015-12-06 02:18 - 00001002 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2016-11-03 18:05 - 2011-06-30 19:50 - 01669656 _____ C:\Windows\system32\PerfStringBackup.INI
2016-11-03 18:05 - 2009-08-01 09:28 - 00747660 _____ C:\Windows\system32\perfh00C.dat
2016-11-03 18:05 - 2009-08-01 09:28 - 00150184 _____ C:\Windows\system32\perfc00C.dat
2016-11-03 18:05 - 2009-07-14 03:37 - 00000000 ____D C:\Windows\inf
2016-11-01 08:41 - 2011-06-30 20:11 - 00000000 ____D C:\Users\les 4 ballon\AppData\Local\Google
2016-10-30 00:00 - 2011-06-30 23:33 - 00000000 ____D C:\Users\les 4 ballon\AppData\Local\ElevatedDiagnostics
2016-10-25 10:43 - 2016-03-08 18:53 - 00000000 ____D C:\Users\les 4 ballon\Desktop\formation steph
2016-10-25 00:40 - 2016-08-26 14:32 - 00002139 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-10-25 00:40 - 2016-08-26 14:32 - 00002127 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2016-10-21 16:21 - 2011-11-19 13:05 - 00000000 ____D C:\Users\les 4 ballon\AppData\Local\cache
2016-10-12 03:45 - 2009-07-14 03:37 - 00000000 ____D C:\Windows\rescache
2016-10-12 02:42 - 2011-06-30 23:36 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2016-10-12 02:42 - 2009-07-14 05:33 - 00501792 _____ C:\Windows\system32\FNTCACHE.DAT
2016-10-12 02:39 - 2009-07-14 03:37 - 00000000 ____D C:\Windows\system32\Dism
2016-10-12 02:20 - 2013-08-16 02:23 - 00000000 ____D C:\Windows\system32\MRT
2016-10-12 02:04 - 2011-06-30 21:04 - 141042968 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2016-10-12 02:03 - 2011-06-30 23:37 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
==================== Fichiers à la racine de certains dossiers =======
2011-07-05 15:39 - 2011-07-05 15:40 - 0002280 _____ () C:\Users\les 4 ballon\AppData\Roaming\Bubble Dock.boostrap.log
2011-11-19 13:06 - 2011-11-19 13:16 - 0000581 _____ () C:\Users\les 4 ballon\AppData\Local\cookies.ini
2011-08-11 20:05 - 2011-08-11 20:05 - 0003584 _____ () C:\Users\les 4 ballon\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2015-11-09 17:55 - 2015-11-09 17:55 - 0000133 _____ () C:\ProgramData\Microsoft.SqlServer.Compact.351.32.bc
Certains fichiers dans TEMP:
====================
C:\Users\les 4 ballon\AppData\Local\Temp\AcDeltree.exe
C:\Users\les 4 ballon\AppData\Local\Temp\ose00000.exe
C:\Users\les 4 ballon\AppData\Local\Temp\ReimageExpressPackage.exe
C:\Users\les 4 ballon\AppData\Local\Temp\ReimageExpressSetup.exe
C:\Users\les 4 ballon\AppData\Local\Temp\ReimagePackage.exe
C:\Users\les 4 ballon\AppData\Local\Temp\sqlite3.exe
C:\Users\les 4 ballon\AppData\Local\Temp\uninstall.exe
C:\Users\les 4 ballon\AppData\Local\Temp\Uninstaller.exe
==================== Bamital & volsnap ======================
(Il n'y a pas de correction automatique pour les fichiers qui ne satisfont pas à la vérification.)
C:\Windows\explorer.exe => Le fichier est signé numériquement
C:\Windows\system32\winlogon.exe => Le fichier est signé numériquement
C:\Windows\system32\wininit.exe => Le fichier est signé numériquement
C:\Windows\system32\svchost.exe => Le fichier est signé numériquement
C:\Windows\system32\services.exe => Le fichier est signé numériquement
C:\Windows\system32\User32.dll => Le fichier est signé numériquement
C:\Windows\system32\userinit.exe => Le fichier est signé numériquement
C:\Windows\system32\rpcss.dll => Le fichier est signé numériquement
C:\Windows\system32\dnsapi.dll => Le fichier est signé numériquement
C:\Windows\system32\Drivers\volsnap.sys => Le fichier est signé numériquement
LastRegBack: 2016-11-04 00:44
==================== Fin de FRST.txt ============================