cjoint

Publicité


Publicité

Format du document : text/plain

Prévisualisation

Résultats d'analyse de Farbar Recovery Scan Tool (FRST) (x86) Version: 20-04-2017
Exécuté par Sandrine (administrateur) sur PC-DE-SANDRINE (21-04-2017 10:01:52)
Exécuté depuis C:\Users\Sandrine\Downloads
Profils chargés: Sandrine (Profils disponibles: Sandrine)
Platform: Microsoft® Windows Vista™ Édition Familiale Premium Service Pack 2 (X86) Langue: Français (France)
Internet Explorer Version 7 (Navigateur par défaut: Chrome)
Mode d'amorçage: Normal
Tutoriel pour Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processus (Avec liste blanche) =================

(Si un élément est inclus dans le fichier fixlist.txt, le processus sera arrêté. Le fichier ne sera pas déplacé.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Microsoft Corporation) C:\Windows\System32\SLsvc.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
() C:\Program Files\Adobe\Photoshop Elements 6.0\PhotoshopElementsFileAgent.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
() C:\Program Files\PACKARD BELL\Packard Bell Recovery Management\Service\ETService.exe
(Packard Bell Services) C:\Windows\System32\HidService.exe
(Nero AG) C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
(Realtek Semiconductor) C:\Windows\RtHDVCpl.exe
(Packard Bell BV) C:\Program Files\PACKARD BELL\SetUpMyPC\SmpSys.exe
(Prolific Technology Inc.) C:\Windows\System32\IoctlSvc.exe
(Packard Bell BV) C:\ACER\Preload\Autorun\DRV\Fiji Keyboard\ABoard.exe
(Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
(Microsoft Corporation) C:\Windows\WindowsMobile\wmdSync.exe
(Wondershare) C:\Program Files\Wondershare\WAF\2.3.2.220\WsAppService.exe
(Nero AG) C:\Program Files\Common Files\Nero\Lib\NMIndexStoreSvr.exe
(Microsoft Corporation) C:\Windows\ehome\ehtray.exe
(Microsoft Corporation) C:\Windows\ehome\ehmsas.exe
(Packard Bell BV) C:\ACER\Preload\Autorun\DRV\Fiji Keyboard\AOSD.exe
(Nico Mak Computing) C:\Program Files\File Association Helper\FAHWindow.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Wondershare) C:\Program Files\Wondershare\dr.fone toolkit pour Android\Library\DriverInstaller\DriverInstall.exe
(Microsoft Corporation) C:\Program Files\Windows Media Player\wmpnscfg.exe
(AVAST Software s.r.o.) C:\Program Files\AVAST Software\Avast\aswidsagent.exe
(Microsoft Corporation) C:\Windows\System32\wbem\unsecapp.exe
(Nero AG) C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\conime.exe

==================== Registre (Avec liste blanche) ====================

(Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé. Le fichier ne sera pas déplacé.)

HKLM\...\Run: [Windows Defender] => C:\Program Files\Windows Defender\MSASCui.exe [1008184 2008-01-21] (Microsoft Corporation)
HKLM\...\Run: [RtHDVCpl] => C:\Windows\RtHDVCpl.exe [6139904 2008-05-07] (Realtek Semiconductor)
HKLM\...\Run: [FujiKeyboard] => c:\Acer\Preload\Autorun\DRV\FUJI Keyboard\ABoard.exe
HKLM\...\Run: [Google Desktop Search] => C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe [30192 2009-01-11] (Google)
HKLM\...\Run: [SmpcSys] => C:\Program Files\Packard Bell\SetupMyPC\SmpSys.exe [1038136 2008-07-07] (Packard Bell BV)
HKLM\...\Run: [Skytel] => C:\Windows\Skytel.exe [1826816 2007-11-20] (Realtek Semiconductor Corp.)
HKLM\...\Run: [FijiKeyboard] => c:\Acer\Preload\Autorun\DRV\FIJI Keyboard\ABoard.exe [79416 2008-09-18] (Packard Bell BV)
HKLM\...\Run: [Setresolution] => C:\ACER\config\1366x768.cmd
HKLM\...\Run: [MontiorGeo] => c:\Acer\MonitorGeo.cmd
HKLM\...\Run: [eRecoveryService] => [X]
HKLM\...\Run: [NvCplDaemon] => RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [157456 2015-09-12] (Apple Inc.)
HKLM\...\Run: [Windows Mobile-based device management] => C:\Windows\WindowsMobile\wmdSync.exe [215552 2008-01-21] (Microsoft Corporation)
HKLM\...\Run: [FAHConsole] => C:\Program Files\File Association Helper\FAHConsole.exe [616632 2014-01-28] (Nico Mak Computing)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [213824 2017-04-03] (AVAST Software)
HKLM\...\Winlogon: [Userinit] C:\Windows\system32\ezShellStart.exe
HKU\S-1-5-21-667585832-4106197334-438472604-1000\...\Run: [SmpcSys] => C:\Program Files\PACKARD BELL\SetUpMyPC\SmpSys.exe [1038136 2008-07-07] (Packard Bell BV)
HKU\S-1-5-21-667585832-4106197334-438472604-1000\...\Run: [IndxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] => C:\Program Files\Common Files\Nero\Lib\NMIndexStoreSvr.exe [1828136 2008-04-28] (Nero AG)
HKU\S-1-5-21-667585832-4106197334-438472604-1000\...\Run: [ehTray.exe] => C:\Windows\ehome\ehTray.exe [125952 2008-01-21] (Microsoft Corporation)
HKU\S-1-5-21-667585832-4106197334-438472604-1000\...\Run: [uTorrent] => C:\Users\Sandrine\AppData\Roaming\uTorrent\uTorrent.exe [2144448 2017-04-08] (BitTorrent Inc.)
HKU\S-1-5-21-667585832-4106197334-438472604-1000\...\Run: [CrashService] => "C:\Users\Sandrine\AppData\Local\1stBrowser\Application\crash_service.exe" --max-reports=50 --no-window
HKU\S-1-5-21-667585832-4106197334-438472604-1000\...\Run: [GoogleChromeAutoLaunch_9E4B2E1DBADBCD836DC3FD62A4ED081C] => C:\Users\Sandrine\AppData\Local\Chromium\Application\chrome.exe [667136 2015-08-11] (The Chromium Authors)
HKU\S-1-5-21-667585832-4106197334-438472604-1000\...\Run: [Skype] => C:\Program Files\Skype\Phone\Skype.exe [27774936 2017-04-02] (Skype Technologies S.A.)
HKU\S-1-5-21-667585832-4106197334-438472604-1000\...\Policies\system: [DisableLockWorkstation] 0
HKU\S-1-5-21-667585832-4106197334-438472604-1000\...\Policies\system: [DisableChangePassword] 0
HKU\S-1-5-21-667585832-4106197334-438472604-1000\...\Policies\Explorer: [NoLogoff] 0
HKU\S-1-5-21-667585832-4106197334-438472604-1000\...\MountPoints2: {2c4047b0-5af5-11e6-8fa0-002511294c89} - E:\AutoRun.exe
HKU\S-1-5-21-667585832-4106197334-438472604-1000\...\MountPoints2: {bbc1019f-8479-11e6-972a-002511294c89} - E:\LaunchU3.exe -a
HKU\S-1-5-21-667585832-4106197334-438472604-1000\...\MountPoints2: {d16dcf51-58c9-11e6-95fb-002511294c89} - E:\LaunchU3.exe -a
HKU\S-1-5-21-667585832-4106197334-438472604-1000\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\System32\Lounge.scr [1359872 2006-11-16] (Packard Bell BV)
AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~1\GOEC62~1.DLL => C:\Program Files\Google\Google Desktop Search\GoogleDesktopNetwork3.dll [119296 2009-01-11] (Google)
ShellExecuteHooks: EasyBits ShellExecute Hook - {E54729E8-BB3D-4270-9D49-7389EA579090} - C:\Windows\System32\ezUPBHook.dll [49152 2016-07-28] (EasyBits Software Corp.)
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2017-04-03] (AVAST Software)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Adobe Reader Speed Launch.lnk [2016-11-19]
ShortcutTarget: Adobe Reader Speed Launch.lnk -> C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe (Adobe Systems Incorporated)
Startup: C:\Users\Sandrine\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Lanceur.lnk [2016-12-26]
ShortcutTarget: Lanceur.lnk -> C:\Program Files\Micro Application\LauncherMA.exe (Micro Application)
GroupPolicy: Restriction - Chrome <======= ATTENTION

==================== Internet (Avec liste blanche) ====================

(Si un élément est inclus dans le fichier fixlist.txt, s'il s'agit d'un élément du Registre, il sera supprimé ou restauré à la valeur par défaut.)

Winsock: Catalog5 07 C:\Program Files\Bonjour\mdnsNSP.dll [122128 2015-08-12] (Apple Inc.)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.254
Tcpip\..\Interfaces\{1BE66F69-CE43-4F38-AA66-CB34FA2C5A53}: [DhcpNameServer] 192.168.1.254
Tcpip\..\Interfaces\{BC1F930E-7A78-4BF8-AACF-BB600FFE79D5}: [DhcpNameServer] 192.168.42.129

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.bing.com/search?FORM=INCOH1&PC=IC05&PTAG=ICO-9cec0b23
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://homepage.packardbell.com/rdr.aspx?b=ACPW&l=040c&s=1&o=vp32&d=0716&m=imedia_d4145_fr
HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
HKU\S-1-5-21-667585832-4106197334-438472604-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.bing.com/search?FORM=INCOH1&PC=IC05&PTAG=ICO-9cec0b23
HKU\S-1-5-21-667585832-4106197334-438472604-1000\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://homepage.packardbell.com/rdr.aspx?b=ACPW&l=040c&s=1&o=vp32&d=0716&m=imedia_d4145_fr
HKU\S-1-5-21-667585832-4106197334-438472604-1000\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxps://www.google.fr/webhp?sourceid=navclient&hl=fr&ie=UTF-8&gws_rd=ssl
SearchScopes: HKLM -> DefaultScope {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL = hxxp://www.bing.com/search?FORM=INCOH2&PC=IC05&PTAG=ICO-9cec0b23&q={searchTerms}
SearchScopes: HKLM -> {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL = hxxp://www.bing.com/search?FORM=INCOH2&PC=IC05&PTAG=ICO-9cec0b23&q={searchTerms}
SearchScopes: HKLM -> {d4fee3d1-1014-4db8-a824-573bf9ab51c7} URL = hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7ACPW
SearchScopes: HKU\S-1-5-21-667585832-4106197334-438472604-1000 -> DefaultScope {FE24DCF0-AA98-4E52-9FD3-CC38FF0D68EE} URL = hxxp://www.bing.com/search?FORM=INCOH2&PC=IC05&PTAG=ICO-9cec0b23&q={searchTerms}
SearchScopes: HKU\S-1-5-21-667585832-4106197334-438472604-1000 -> {d4fee3d1-1014-4db8-a824-573bf9ab51c7} URL = hxxps://fr.search.yahoo.com/search?fr=chr-greentree_ie&ei=utf-8&ilc=12&type=994519&p={searchTerms}
SearchScopes: HKU\S-1-5-21-667585832-4106197334-438472604-1000 -> {FE24DCF0-AA98-4E52-9FD3-CC38FF0D68EE} URL = hxxp://www.bing.com/search?FORM=INCOH2&PC=IC05&PTAG=ICO-9cec0b23&q={searchTerms}
BHO: AcroIEHlprObj Class -> {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} -> C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll [2004-12-14] (Adobe Systems Incorporated)
BHO: Pas de nom -> {5C255C8A-E604-49b4-9D64-90988571CECB} -> Pas de fichier
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2017-04-03] (AVAST Software)
BHO: Programme d'aide de l'Assistant de connexion Windows Live -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2008-11-18] (Microsoft Corporation)
BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2017-02-01] (Google Inc.)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2017-02-01] (Google Inc.)
Toolbar: HKU\S-1-5-21-667585832-4106197334-438472604-1000 -> Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2017-02-01] (Google Inc.)
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
Handler: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.14.0.8050.1202.dll [2008-12-02] (Microsoft Corporation)
Handler: ms-itss - {0A9007C0-4076-11D3-8789-0000F8105754} - c:\Program Files\Common Files\Microsoft Shared\Information Retrieval\msitss.dll [2007-06-08] (Microsoft Corporation)
Handler: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.14.0.8050.1202.dll [2008-12-02] (Microsoft Corporation)
StartMenuInternet: IEXPLORE.EXE - iexplore.exe

FireFox:
========
FF DefaultProfile: mt54sl80.default
FF ProfilePath: C:\Users\Sandrine\AppData\Roaming\Mozilla\Firefox\Profiles\mt54sl80.default [2016-11-17]
FF SelectedSearchEngine: Mozilla\Firefox\Profiles\mt54sl80.default -> Bing Search Engine
FF DefaultSearchEngine: Mozilla\Firefox\Profiles\mt54sl80.default -> Bing Search Engine
FF NewTab: Mozilla\Firefox\Profiles\mt54sl80.default -> about:newtab
FF Homepage: Mozilla\Firefox\Profiles\mt54sl80.default -> hxxp://www.bing.com/search?FORM=INCOH1&PC=IC04&PTAG=ICO-9cec0b23
FF Keyword.URL: Mozilla\Firefox\Profiles\mt54sl80.default -> user_pref("keyword.URL", true);
FF Extension: (Downloadsf Search Engine) - C:\Users\Sandrine\AppData\Roaming\Mozilla\Firefox\Profiles\mt54sl80.default\Extensions\{f63d620c-8781-4ba0-b70e-08dce6856205}.xpi [2016-08-08]
FF SearchPlugin: C:\Users\Sandrine\AppData\Roaming\Mozilla\Firefox\Profiles\mt54sl80.default\searchplugins\bing powered search.xml [2016-09-26]
FF SearchPlugin: C:\Users\Sandrine\AppData\Roaming\Mozilla\Firefox\Profiles\mt54sl80.default\searchplugins\bing search engine.xml [2017-01-04]
FF SearchPlugin: C:\Users\Sandrine\AppData\Roaming\Mozilla\Firefox\Profiles\mt54sl80.default\searchplugins\yahoo_ff.xml [2016-08-03]
FF SearchPlugin: C:\Users\Sandrine\AppData\Roaming\Mozilla\Firefox\Profiles\mt54sl80.default\searchplugins\yhs.xml [2016-10-31]
FF Extension: (Site Deployment Checker) - C:\Program Files\Mozilla Firefox\browser\features\deployment-checker@mozilla.org.xpi [2017-04-08] [non signé]
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF Extension: (Microsoft .NET Framework Assistant) - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension [2016-08-02] [non signé]
FF HKLM\...\Firefox\Extensions: [{7BA52691-1876-45ce-9EE6-54BCB3B04BBC}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\coFFPlgn => non trouvé(e)
FF HKLM\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF48
FF Extension: (Avast Online Security) - C:\Program Files\AVAST Software\Avast\WebRep\FF48 [2017-04-12]
FF HKLM\...\Firefox\Extensions: [sp@avast.com] - C:\Program Files\AVAST Software\Avast\SafePrice\FF48
FF Extension: (Avast SafePrice) - C:\Program Files\AVAST Software\Avast\SafePrice\FF48 [2017-04-12]
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32_25_0_0_148.dll [2017-04-11] ()
FF Plugin: @Apple.com/iTunes,version=1.0 -> C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll [2015-09-04] ()
FF Plugin: @microsoft.com/WLPG,version=14.0.8051.1204 -> C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll [2008-12-04] (Microsoft Corporation)
FF Plugin: @microsoft.com/WPF,version=3.5 -> c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll [2008-07-29] (Microsoft Corporation)
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.33.3\npGoogleUpdate3.dll [2017-04-11] (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.33.3\npGoogleUpdate3.dll [2017-04-11] (Google Inc.)
FF Plugin: @videolan.org/vlc,version=2.2.4 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF ExtraCheck: C:\Program Files\mozilla firefox\defaults\pref\itms.js [2015-09-09]

Chrome:
=======
CHR HomePage: Default -> hxxps://fr.search.yahoo.com/?type=994519&fr=yo-yhp-ch
CHR StartupUrls: Default -> "hxxps://fr.search.yahoo.com/?type=994519&fr=yo-yhp-ch"
CHR NewTab: Default -> Not-active:"chrome-extension://mojomniapdmejaljolnjndpkhdfedpfe/newtab/newtab.html", Not-active:"chrome-extension://ppgplhcfmaadpnkmnkhgadmaekeldbnh/stubby.html"
CHR Profile: C:\Users\Sandrine\AppData\Local\Google\Chrome\User Data\Default [2017-04-21]
CHR Extension: (Google Slides) - C:\Users\Sandrine\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2016-08-02]
CHR Extension: (Google Docs) - C:\Users\Sandrine\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2016-08-02]
CHR Extension: (Google Drive) - C:\Users\Sandrine\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-08-02]
CHR Extension: (YouTube) - C:\Users\Sandrine\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-08-02]
CHR Extension: (Avast SafePrice) - C:\Users\Sandrine\AppData\Local\Google\Chrome\User Data\Default\Extensions\eofcbnmajmjmplflapaojjnihcjkigck [2017-03-21]
CHR Extension: (Google Sheets) - C:\Users\Sandrine\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2016-08-02]
CHR Extension: (Google Docs hors connexion) - C:\Users\Sandrine\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-08-02]
CHR Extension: (Avast Online Security) - C:\Users\Sandrine\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2017-04-06]
CHR Extension: (Seen On Screen) - C:\Users\Sandrine\AppData\Local\Google\Chrome\User Data\Default\Extensions\mojomniapdmejaljolnjndpkhdfedpfe [2017-04-20]
CHR Extension: (Paiements via le Chrome Web Store) - C:\Users\Sandrine\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-03-10]
CHR Extension: (Gmail) - C:\Users\Sandrine\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-08-02]
CHR Extension: (TelevisionFanatic) - C:\Users\Sandrine\AppData\Local\Google\Chrome\User Data\Default\Extensions\ppgplhcfmaadpnkmnkhgadmaekeldbnh [2017-04-13]
CHR Profile: C:\Users\Sandrine\AppData\Local\Google\Chrome\User Data\System Profile [2016-09-26]
CHR HKLM\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - hxxps://clients2.google.com/service/update2/crx

==================== Services (Avec liste blanche) ====================

(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)

R2 AdobeActiveFileMonitor6.0; C:\Program Files\Adobe\Photoshop Elements 6.0\PhotoshopElementsFileAgent.exe [124832 2007-09-11] ()
R3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\aswidsagent.exe [5758120 2017-04-03] (AVAST Software s.r.o.)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [261712 2017-04-03] (AVAST Software)
R2 ETService; C:\Program Files\Packard Bell\Packard Bell Recovery Management\Service\ETService.exe [24576 2008-07-16] () [Fichier non signé]
R2 ezSharedSvc; C:\Windows\System32\ezsvc7.dll [129992 2008-02-03] (EasyBits Sofware AS) [Fichier non signé]
S3 FLEXnet Licensing Service; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [654848 2009-01-11] (Macrovision Europe Ltd.) [Fichier non signé]
R2 GenericHidService; C:\Windows\system32\HidService.exe [83264 2008-05-29] (Packard Bell Services)
S3 GoogleDesktopManager-092308-165331; C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe [30192 2009-01-11] (Google)
R2 PLFlash DeviceIoControl Service; C:\Windows\system32\IoctlSvc.exe [81920 2006-12-19] (Prolific Technology Inc.) [Fichier non signé]
S2 SkypeUpdate; C:\Program Files\Skype\Updater\Updater.exe [317400 2017-02-22] (Skype Technologies) [Fichier non signé]
S2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [272952 2008-01-21] (Microsoft Corporation)
R2 WsAppService; C:\Program Files\Wondershare\WAF\2.3.2.220\WsAppService.exe [441344 2017-01-05] (Wondershare) [Fichier non signé]
R2 WsDrvInst; C:\Program Files\Wondershare\dr.fone toolkit pour Android\Library\DriverInstaller\DriverInstall.exe [124048 2017-01-05] (Wondershare)

===================== Pilotes (Avec liste blanche) ======================

(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)

S3 61883; C:\Windows\System32\DRIVERS\61883.sys [45696 2008-01-21] (Microsoft Corporation)
R1 aswbidsdriver; C:\Windows\system32\drivers\aswbidsdriverx.sys [255184 2017-04-03] (AVAST Software s.r.o.)
R0 aswbidsh; C:\Windows\system32\drivers\aswbidshx.sys [148208 2017-04-03] (AVAST Software s.r.o.)
R0 aswblog; C:\Windows\system32\drivers\aswblogx.sys [267528 2017-04-03] (AVAST Software s.r.o.)
R0 aswbuniv; C:\Windows\system32\drivers\aswbunivx.sys [41176 2017-04-03] (AVAST Software s.r.o.)
S3 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [34136 2017-04-03] (AVAST Software)
R1 aswKbd; C:\Windows\system32\drivers\aswKbd.sys [31064 2017-04-03] (AVAST Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [106904 2017-04-03] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr.sys [60760 2017-04-03] (AVAST Software)
R0 aswRvrt; C:\Windows\system32\drivers\aswRvrt.sys [62152 2017-04-03] (AVAST Software)
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [764064 2017-04-03] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [472760 2017-04-03] (AVAST Software)
R3 aswStmXP; C:\Windows\system32\drivers\aswStmXP.sys [184208 2017-04-03] (AVAST Software)
R0 aswVmm; C:\Windows\system32\drivers\aswVmm.sys [279800 2017-04-03] (AVAST Software)
S3 SIS163u; C:\Windows\System32\DRIVERS\sis163u.sys [215040 2005-06-20] (SiS Corporation)
S3 EraserUtilDrv10710; \??\C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilDrv10710.sys [X]
S3 IpInIp; system32\DRIVERS\ipinip.sys [X]
S3 NwlnkFlt; system32\DRIVERS\nwlnkflt.sys [X]
S3 NwlnkFwd; system32\DRIVERS\nwlnkfwd.sys [X]

==================== NetSvcs (Avec liste blanche) ===================

(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)


==================== Un mois - Créés - fichiers et dossiers ========

(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)

2017-04-21 10:01 - 2017-04-21 10:03 - 00022919 _____ C:\Users\Sandrine\Downloads\FRST.txt
2017-04-21 10:01 - 2017-04-21 10:01 - 00000000 ____D C:\FRST
2017-04-21 10:00 - 2017-04-21 10:00 - 01766912 _____ (Farbar) C:\Users\Sandrine\Downloads\FRST.exe
2017-04-21 09:54 - 2017-04-21 09:54 - 00000000 ____D C:\ProgramData\SWCUTemp
2017-04-20 10:54 - 2017-04-20 10:55 - 00000000 ____D C:\Msc
2017-04-20 10:54 - 2017-04-20 10:54 - 00000486 _____ C:\Users\Sandrine\Desktop\Logiciel ESPION.lnk
2017-04-17 13:09 - 2017-04-17 13:09 - 00000000 ____D C:\Users\Sandrine\Desktop\Facebook
2017-04-17 13:08 - 2017-04-17 13:18 - 00000000 ____D C:\Users\Sandrine\Desktop\Camera
2017-04-12 21:24 - 2017-04-03 16:35 - 00330256 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2017-04-11 14:24 - 2017-04-11 14:24 - 00153916 _____ C:\Users\Sandrine\Downloads\attestation.pdf
2017-04-10 09:13 - 2017-04-10 09:13 - 01207392 _____ (Adobe Systems Incorporated) C:\Users\Sandrine\Downloads\reader11_fr_ga_install.exe
2017-04-08 20:10 - 2017-04-21 09:51 - 729450262 _____ C:\Users\Sandrine\Downloads\Friend.Request.2016.FRENCH.BDRip.XviD-EXTREME.avi
2017-04-08 20:10 - 2017-04-21 09:51 - 1483821280 _____ C:\Users\Sandrine\Downloads\Split.2016.FRENCH.BDRip.XviD-EXTREME.avi
2017-04-08 20:08 - 2017-04-21 09:51 - 1474177024 _____ C:\Users\Sandrine\Downloads\[nextorrent.net] Rogue.One.2016.TRUEFRENCH.BDRiP.XviD-GZR.avi
2017-04-08 20:08 - 2017-04-08 21:20 - 00000000 ____D C:\Users\Sandrine\Downloads\Lion 2016 FRENCH BDRip XviD-EXTREME
2017-04-08 20:06 - 2017-04-21 09:51 - 728609732 _____ C:\Users\Sandrine\Downloads\Felony.2013.FRENCH.BDRip.XviD-EXTREME.avi
2017-04-08 20:06 - 2017-04-21 09:51 - 1465121420 _____ C:\Users\Sandrine\Downloads\Bleed.For.This.2016.FRENCH.BDRip.XviD-EXTREME.avi
2017-04-08 20:06 - 2017-04-08 20:49 - 00000000 ____D C:\Users\Sandrine\Downloads\Lavender 2016 FRENCH WEBRip XviD-EXTREME
2017-04-08 20:05 - 2017-04-21 09:58 - 729386066 _____ C:\Users\Sandrine\Downloads\1.54.2016.FRENCH.BDRip.XviD-EXTREME.avi
2017-04-08 20:05 - 2017-04-08 20:28 - 00000000 ____D C:\Users\Sandrine\Downloads\Stratton 2017 FRENCH HDRip XviD-EXTREME
2017-04-08 20:01 - 2017-04-08 20:01 - 00058441 _____ C:\Users\Sandrine\Downloads\criminel-french-dvdrip-2017.torrent
2017-04-08 19:59 - 2017-04-08 19:59 - 00114630 _____ C:\Users\Sandrine\Downloads\k-o-bleed-for-this-french-dvdrip-2017.torrent
2017-04-08 19:59 - 2017-04-08 19:59 - 00058498 _____ C:\Users\Sandrine\Downloads\1-54-french-dvdrip-2017.torrent
2017-04-08 19:58 - 2017-04-08 19:58 - 00058508 _____ C:\Users\Sandrine\Downloads\friend-request-french-dvdrip-2017.torrent
2017-04-08 19:56 - 2017-04-08 19:56 - 00114931 _____ C:\Users\Sandrine\Downloads\lion-french-dvdrip-2017.torrent
2017-04-08 19:53 - 2017-04-08 19:53 - 00058672 _____ C:\Users\Sandrine\Downloads\lavender-french-webrip-2017.torrent
2017-04-08 19:52 - 2017-04-08 19:52 - 00029410 _____ C:\Users\Sandrine\Downloads\Rogue One- A Star Wars Story TRUEFRENCH DVDRiP 2017.torrent
2017-04-08 19:51 - 2017-04-08 20:04 - 00000000 ____D C:\Users\Sandrine\Downloads\Monster High Electrified 2017 FRENCH BDRip XviD-EXTREME
2017-04-08 19:51 - 2017-04-08 19:51 - 00116062 _____ C:\Users\Sandrine\Downloads\split-french-dvdrip-2017.torrent
2017-04-08 19:50 - 2017-04-21 09:58 - 730637086 _____ C:\Users\Sandrine\Downloads\Teen.Titans.The.Judas.Contract.2017.FRENCH.BDRip.XviD-EXTREME.avi
2017-04-08 19:50 - 2017-04-08 19:50 - 00059161 _____ C:\Users\Sandrine\Downloads\stratton-french-webrip-2017.torrent
2017-04-08 19:50 - 2017-04-08 19:50 - 00058813 _____ C:\Users\Sandrine\Downloads\monster-high-electrified-french-dvdrip-2017.torrent
2017-04-08 19:49 - 2017-04-08 20:06 - 00000000 ____D C:\Users\Sandrine\Downloads\Nemesis 2016 FRENCH BDRip XviD-EXTREME
2017-04-08 19:49 - 2017-04-08 19:49 - 00058630 _____ C:\Users\Sandrine\Downloads\teen-titans-the-judas-contract-french-dvdrip-2017.torrent
2017-04-08 19:48 - 2017-04-08 19:48 - 00058898 _____ C:\Users\Sandrine\Downloads\nemesis-french-dvdrip-2017.torrent
2017-04-08 19:46 - 2017-04-21 09:51 - 1462029958 _____ C:\Users\Sandrine\Downloads\[nextorrent.net] Kong.Skull.Island.2017.KORSUB.FRENCH.MD.HDRip.XviD.NEWCiNE.avi
2017-04-08 19:44 - 2017-04-08 19:44 - 00029208 _____ C:\Users\Sandrine\Downloads\Kong- Skull Island TRUEFRENCH DVDSCR MD 2017.torrent
2017-04-07 11:08 - 2017-04-07 11:08 - 00000000 ____D C:\Program Files\Common Files\Skype
2017-04-07 11:04 - 2017-04-07 11:06 - 57197528 _____ (Skype Technologies S.A.) C:\Users\Sandrine\Downloads\SkypeSetupFullXp.exe
2017-04-02 17:36 - 2017-04-02 17:39 - 00000000 ____D C:\Users\Sandrine\Downloads\fichier win
2017-04-02 17:31 - 2017-04-04 10:26 - 00000000 ____D C:\Users\Sandrine\Downloads\sansan
2017-03-31 17:09 - 2017-03-31 17:10 - 00000000 ____D C:\Users\Sandrine\Documents\104SSCAM
2017-03-31 09:26 - 2017-03-31 09:31 - 00000000 ____D C:\Users\Sandrine\AppData\Local\Microsoft Help
2017-03-31 09:21 - 2017-03-31 09:21 - 00000000 ____D C:\Users\Sandrine\AppData\Roaming\AdobeUM
2017-03-24 18:04 - 2017-03-24 18:04 - 00000000 ____H C:\Windows\system32\Drivers\Msft_Kernel_winusb_01009.Wdf
2017-03-24 18:03 - 2017-03-24 18:03 - 00000000 ____H C:\Windows\system32\Drivers\MsftWdf_Kernel_01009_Coinstaller_Critical.Wdf
2017-03-24 18:03 - 2009-07-14 19:45 - 00445008 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Wdf01000.sys
2017-03-24 18:03 - 2009-07-14 19:45 - 00038480 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WdfLdr.sys
2017-03-24 18:03 - 2009-07-14 19:45 - 00000003 _____ C:\Windows\system32\Drivers\MsftWdf_Kernel_01009_Inbox_Critical.Wdf
2017-03-24 18:03 - 2009-07-14 14:12 - 00016896 _____ (Microsoft Corporation) C:\Windows\system32\winusb.dll
2017-03-24 18:03 - 2009-07-14 01:51 - 00034944 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\winusb.sys
2017-03-23 17:44 - 2017-04-20 13:50 - 00000936 _____ C:\Users\Sandrine\AppData\Roaming\wklnhst.dat
2017-03-23 17:44 - 2017-03-23 17:44 - 00000000 ____D C:\Users\Sandrine\AppData\Roaming\Template
2017-03-23 16:28 - 2017-03-23 16:28 - 00000000 ____D C:\99fb1d01032378fa0ee4
2017-03-22 12:33 - 2017-03-22 12:33 - 00000000 ____D C:\6b2072c85039991ecb808e4a
2017-03-22 10:29 - 2017-04-07 11:08 - 00000000 ___RD C:\Program Files\Skype
2017-03-22 10:29 - 2017-03-22 10:29 - 00001878 _____ C:\Users\Public\Desktop\Skype.lnk
2017-03-22 10:29 - 2017-03-22 10:29 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype

==================== Un mois - Modifiés - fichiers et dossiers ========

(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)

2017-04-21 10:01 - 2016-07-28 23:38 - 00000069 _____ C:\Windows\NeroDigital.ini
2017-04-21 10:01 - 2016-07-28 23:25 - 00128512 _____ C:\Users\Sandrine\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2017-04-21 10:00 - 2006-11-02 13:18 - 00000000 ____D C:\Windows\tracing
2017-04-21 09:58 - 2016-08-05 12:01 - 00000000 ____D C:\Users\Sandrine\AppData\Roaming\Skype
2017-04-21 09:58 - 2016-08-03 18:32 - 00000000 ____D C:\Users\Sandrine\AppData\Roaming\uTorrent
2017-04-21 09:56 - 2016-07-29 13:55 - 00000440 _____ C:\Windows\system32\Drivers\etc\hosts.ics
2017-04-21 09:54 - 2016-08-01 19:14 - 00065536 _____ C:\Windows\system32\Ikeext.etl
2017-04-21 09:54 - 2016-07-28 21:58 - 00000000 _____ C:\Windows\system32\LogConfigTemp.xml
2017-04-21 09:53 - 2006-11-02 15:01 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2017-04-21 09:53 - 2006-11-02 14:47 - 00003216 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
2017-04-21 09:53 - 2006-11-02 14:47 - 00003216 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
2017-04-21 09:52 - 2006-11-02 15:01 - 00032492 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2017-04-20 12:51 - 2016-08-03 18:33 - 00000000 ___SD C:\Users\Sandrine\AppData\LocalLow\Temp
2017-04-20 12:51 - 2016-07-28 21:56 - 00000000 ____D C:\Users\Sandrine\AppData\Local\Google
2017-04-20 11:48 - 2016-09-26 12:46 - 00000290 __RSH C:\ProgramData\ntuser.pol
2017-04-20 11:46 - 2016-09-26 12:46 - 00000000 ____D C:\ProgramData\{449081F3-CED2-0B35-4814-9577D2561EB9}
2017-04-20 11:16 - 2016-11-09 12:09 - 00000000 ____D C:\ProgramData\{2F58EA3B-A51A-60FD-23DC-FEBFB99E7571}
2017-04-18 15:40 - 2017-02-20 16:11 - 00000000 ____D C:\Users\Sandrine\Downloads\Fifty Shades Darker 2017 HD-TS x264-CPG
2017-04-15 17:37 - 2017-01-04 13:17 - 00000000 ____D C:\Users\Sandrine\AppData\Roaming\Porabocaba
2017-04-15 10:36 - 2008-01-21 10:41 - 01495948 _____ C:\Windows\system32\PerfStringBackup.INI
2017-04-15 10:36 - 2008-01-21 10:40 - 00678804 _____ C:\Windows\system32\perfh00C.dat
2017-04-15 10:36 - 2008-01-21 10:40 - 00126420 _____ C:\Windows\system32\perfc00C.dat
2017-04-15 10:36 - 2006-11-02 13:18 - 00000000 ____D C:\Windows\inf
2017-04-13 18:37 - 2016-09-27 08:23 - 00000274 _____ C:\Users\Sandrine\AppData\Roaming\WB.CFG
2017-04-11 18:59 - 2016-08-21 22:58 - 00802904 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
2017-04-11 18:59 - 2016-08-21 22:58 - 00144472 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl
2017-04-11 18:59 - 2009-01-11 00:44 - 00000000 ____D C:\Windows\system32\Macromed
2017-04-09 16:22 - 2016-09-26 16:49 - 00000000 ____D C:\Users\Sandrine\AppData\Roaming\U3
2017-04-09 09:06 - 2016-11-19 14:55 - 00000000 ____D C:\Program Files\WinRAR
2017-04-08 19:47 - 2017-03-04 19:16 - 00000000 ____D C:\Users\Sandrine\Downloads\Dieudonne.En.Paix.2016.Webrip.mkv-HDlife
2017-04-08 19:47 - 2017-03-04 19:14 - 00000000 ____D C:\Users\Sandrine\Downloads\Dark Web 2016 TRUEFRENCH DVDRip XviD-UTT
2017-04-08 19:46 - 2017-03-19 18:05 - 00000000 ____D C:\Users\Sandrine\Downloads\Rogue One 2016 FRENCH BDRip XviD-EXTREME
2017-04-08 19:46 - 2017-03-19 17:47 - 00000000 ____D C:\Users\Sandrine\Downloads\Sniper Special Ops 2016 FRENCH BDRip XviD-EXTREME
2017-04-08 19:46 - 2017-01-28 14:52 - 00000000 ____D C:\Users\Sandrine\Downloads\Toni Erdmann 2016 FRENCH BDRip XviD-EXTREME
2017-04-08 18:49 - 2016-11-19 14:55 - 00000000 ____D C:\Users\Sandrine\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2017-04-08 18:49 - 2016-11-19 14:55 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
2017-04-08 18:49 - 2016-11-11 12:09 - 00000000 ____D C:\Program Files\Mozilla Firefox
2017-04-08 18:43 - 2016-09-03 20:01 - 00000000 ____D C:\Users\Sandrine\Desktop\MUSIQUE USB
2017-04-07 11:08 - 2016-08-05 12:00 - 00000000 ____D C:\ProgramData\Skype
2017-04-03 16:35 - 2017-03-21 09:30 - 00031064 _____ (AVAST Software) C:\Windows\system32\Drivers\aswKbd.sys
2017-04-03 16:35 - 2017-03-20 18:17 - 00764064 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys
2017-04-03 16:35 - 2017-03-20 18:17 - 00472760 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys
2017-04-03 16:35 - 2017-03-20 18:17 - 00279800 _____ (AVAST Software) C:\Windows\system32\Drivers\aswVmm.sys
2017-04-03 16:35 - 2017-03-20 18:17 - 00267528 _____ (AVAST Software s.r.o.) C:\Windows\system32\Drivers\aswblogx.sys
2017-04-03 16:35 - 2017-03-20 18:17 - 00255184 _____ (AVAST Software s.r.o.) C:\Windows\system32\Drivers\aswbidsdriverx.sys
2017-04-03 16:35 - 2017-03-20 18:17 - 00184208 _____ (AVAST Software) C:\Windows\system32\Drivers\aswStmXP.sys
2017-04-03 16:35 - 2017-03-20 18:17 - 00148208 _____ (AVAST Software s.r.o.) C:\Windows\system32\Drivers\aswbidshx.sys
2017-04-03 16:35 - 2017-03-20 18:17 - 00106904 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2017-04-03 16:35 - 2017-03-20 18:17 - 00062152 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRvrt.sys
2017-04-03 16:35 - 2017-03-20 18:17 - 00060760 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr.sys
2017-04-03 16:35 - 2017-03-20 18:17 - 00041176 _____ (AVAST Software s.r.o.) C:\Windows\system32\Drivers\aswbunivx.sys
2017-04-03 16:35 - 2017-03-20 18:17 - 00034136 _____ (AVAST Software) C:\Windows\system32\Drivers\aswHwid.sys
2017-04-02 17:39 - 2016-08-27 14:13 - 00000000 ____D C:\Users\Sandrine\Downloads\usb hich
2017-03-31 16:58 - 2006-11-02 14:47 - 00303536 _____ C:\Windows\system32\FNTCACHE.DAT
2017-03-31 09:34 - 2016-07-28 21:56 - 00072784 _____ C:\Users\Sandrine\AppData\Local\GDIPFONTCACHEV1.DAT
2017-03-30 20:21 - 2017-03-19 17:47 - 730573380 _____ C:\Users\Sandrine\Downloads\Sword.of.Vengeance.2015.FRENCH.BDRip.XviD-EXTREME.avi
2017-03-25 10:07 - 2006-11-02 13:18 - 00000000 ____D C:\Windows\rescache
2017-03-24 11:12 - 2016-11-14 20:20 - 00000000 ____D C:\Users\Sandrine\AppData\Roaming\vlc
2017-03-23 22:08 - 2016-11-11 14:39 - 00000000 ____D C:\ProgramData\AVAST Software
2017-03-23 19:28 - 2016-09-09 11:14 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wondershare
2017-03-23 19:27 - 2016-09-09 11:13 - 00000000 ____D C:\Program Files\Wondershare

==================== Fichiers à la racine de certains dossiers =======

2017-01-04 13:17 - 2017-01-04 13:17 - 0019198 _____ () C:\Users\Sandrine\AppData\Roaming\Gedinocihuta
2017-03-15 08:08 - 2017-03-15 08:08 - 0750592 _____ (Cafamaroco Ltd.) C:\Users\Sandrine\AppData\Roaming\Pagala.exe
2016-09-27 08:23 - 2017-04-13 18:37 - 0000274 _____ () C:\Users\Sandrine\AppData\Roaming\WB.CFG
2017-03-23 17:44 - 2017-04-20 13:50 - 0000936 _____ () C:\Users\Sandrine\AppData\Roaming\wklnhst.dat
2016-07-28 23:25 - 2017-04-21 10:01 - 0128512 _____ () C:\Users\Sandrine\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2017-03-20 17:36 - 2017-03-20 17:36 - 0007070 _____ () C:\ProgramData\N360BUOptions.ini

Certains fichiers dans TEMP:
====================
2008-08-25 10:31 - 2008-08-25 10:31 - 242743296 _____ (Microsoft Corporation) C:\Users\Sandrine\AppData\Local\Temp\dotnetfx35_sp1.exe
2009-03-16 18:38 - 2009-03-16 18:38 - 1914000 _____ (Adobe Systems Incorporated) C:\Users\Sandrine\AppData\Local\Temp\install_flash_player_10_active_x.exe
2008-12-15 17:34 - 2008-12-15 17:34 - 2585872 _____ (Microsoft Corporation) C:\Users\Sandrine\AppData\Local\Temp\Wi3.1-x86.exe
2006-12-07 12:43 - 2006-12-07 12:43 - 8100680 _____ (Microsoft Corporation) C:\Users\Sandrine\AppData\Local\Temp\wmfdist11.exe

==================== Bamital & volsnap ======================

(Il n'y a pas de correction automatique pour les fichiers qui ne satisfont pas à la vérification.)

C:\Windows\explorer.exe => Le fichier est signé numériquement
C:\Windows\system32\winlogon.exe => Le fichier est signé numériquement
C:\Windows\system32\wininit.exe => Le fichier est signé numériquement
C:\Windows\system32\svchost.exe => Le fichier est signé numériquement
C:\Windows\system32\services.exe => Le fichier est signé numériquement
C:\Windows\system32\User32.dll => Le fichier est signé numériquement
C:\Windows\system32\userinit.exe => Le fichier est signé numériquement
C:\Windows\system32\rpcss.dll => Le fichier est signé numériquement
C:\Windows\system32\dnsapi.dll => Le fichier est signé numériquement
C:\Windows\system32\Drivers\volsnap.sys => Le fichier est signé numériquement

LastRegBack: 2017-04-21 10:01

==================== Fin de FRST.txt ============================

Publicité


Signaler le contenu de ce document

Publicité