Publicité
Publicité
Format du document : text/plain
Prévisualisation
Résultats d'analyse de Farbar Recovery Scan Tool (FRST) (x64) Version: 20-08-2017
Exécuté par Manuella (administrateur) sur SOJARY (22-08-2017 12:06:56)
Exécuté depuis C:\Users\Manuella\Desktop
Profils chargés: Manuella & (Profils disponibles: Manuella)
Platform: Windows 10 Home Version 1511 (X64) Langue: Français (France)
Internet Explorer Version 11 (Navigateur par défaut: Chrome)
Mode d'amorçage: Normal
Tutoriel pour Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processus (Avec liste blanche) =================
(Si un élément est inclus dans le fichier fixlist.txt, le processus sera arrêté. Le fichier ne sera pas déplacé.)
(Intel Corporation) C:\WINDOWS\System32\igfxCUIService.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\Wacom\WTabletServicePro.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(ASUS Cloud Corporation) C:\Program Files (x86)\ASUS\WebStorage\2.0.3.226\AsusWSWinService.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Malwarebytes) C:\Anti-Malware\MBAMService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe
(Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe
(Razer Inc.) C:\Program Files (x86)\Razer\RzWizard\RzWizardService.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(© pdfforge GmbH.) C:\ProgramData\pdfforge\PDF Architect 5 Manager\PDF Architect 5\Architect Manager.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDService.exe
(Broadcom Corporation.) C:\WINDOWS\System32\BtwRSupportService.exe
(Microsoft Corporation) C:\WINDOWS\System32\wlanext.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(Microsoft Corporation) C:\WINDOWS\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.5\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.5\GoogleCrashHandler64.exe
(WildTangent) C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\KBFiltr.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\Wacom\Wacom_TabletUser.exe
(Wacom Technology) C:\Program Files\Tablet\Wacom\WacomHost.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe
(ASUS) C:\Program Files (x86)\ASUS\Splendid\ACMON.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\Splendid\ColorUService.exe
() C:\Program Files (x86)\Orange\Orange Installer\OrangeInstaller.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe
(ASUS) C:\Program Files\ASUS\P4G\BatteryLife.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\Wacom\Wacom_TouchUser.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\Wacom\Wacom_Tablet.exe
(Intel Corporation) C:\WINDOWS\System32\igfxEM.exe
(Intel Corporation) C:\WINDOWS\System32\igfxHK.exe
() C:\WINDOWS\System32\igfxTray.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPLoader.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Malwarebytes) C:\Anti-Malware\mbamtray.exe
(© 2015 Microsoft Corporation) C:\Users\Manuella\AppData\Local\Microsoft\BingSvc\BingSvc.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Spotify Ltd) C:\Users\Manuella\AppData\Roaming\Spotify\SpotifyWebHelper.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\WINDOWS\System32\rundll32.exe
(CyberLink Corp.) C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(Razer Inc.) C:\Program Files (x86)\Razer\RzWizard\RzWizard.exe
(Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.Systray.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\WINDOWS\WinSxS\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_10.0.10586.570_none_7645b09c266beb53\TiWorker.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\ASUS Live Update\LiveUpdate.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
==================== Registre (Avec liste blanche) ====================
(Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé. Le fichier ne sera pas déplacé.)
HKLM\...\Run: [ETDCtrl] => C:\Program Files\Elantech\ETDCtrl.exe [3350760 2015-07-14] (ELAN Microelectronics Corp.)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13885696 2015-06-24] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1402624 2015-06-24] (Realtek Semiconductor)
HKLM\...\Run: [IgfxTray] => C:\Windows\system32\igfxtray.exe [401896 2016-11-02] ()
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2398776 2016-05-02] (NVIDIA Corporation)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => "C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"
HKLM\...\Run: [Wondershare Helper Compact.exe] => C:\Program Files\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe
HKLM\...\Run: [Malwarebytes TrayApp] => C:\ANTI-MALWARE\mbamtray.exe [2780112 2017-01-20] (Malwarebytes)
HKLM-x32\...\Run: [ASUSPRP] => C:\Program Files (x86)\ASUS\APRP\APRP.EXE [3216032 2013-12-13] (ASUSTek Computer Inc.)
HKLM-x32\...\Run: [WebStorage] => C:\Program Files (x86)\ASUS\WebStorage\2.1.8.381\ASUSWSLoader.exe [63296 2014-07-08] ()
HKLM-x32\...\Run: [RemoteControl10] => C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe [95192 2013-03-08] (CyberLink Corp.)
HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [919032 2017-08-09] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [RzWizard] => C:\Program Files (x86)\Razer\RzWizard\RzWizard.exe [254976 2015-04-16] (Razer Inc.)
HKLM-x32\...\Run: [Avira SystrayStartTrigger] => C:\Program Files (x86)\Avira\Launcher\Avira.SystrayStartTrigger.exe [97512 2017-08-02] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [96056 2013-05-30] (Hewlett-Packard)
HKLM-x32\...\Run: [Wondershare Helper Compact.exe] => C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe
HKLM-x32\...\Run: [Adobe Creative Cloud] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [2404952 2017-03-27] (Adobe Systems Incorporated)
HKU\S-1-5-21-2633943692-513737018-3113483853-1001\...\Run: [EADM] => C:\Program Files (x86)\Origin\Origin.exe [3048256 2017-08-10] (Electronic Arts)
HKU\S-1-5-21-2633943692-513737018-3113483853-1001\...\Run: [Orange Installer] => C:\Program Files (x86)\Orange\Orange Installer\OrangeInstaller.exe [561320 2012-11-27] ()
HKU\S-1-5-21-2633943692-513737018-3113483853-1001\...\Run: [OrangeInside] => C:\Users\Manuella\AppData\Roaming\Orange\OrangeInside\one\OrangeInside.exe [0 2016-05-13] ()
HKU\S-1-5-21-2633943692-513737018-3113483853-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [3062560 2017-07-18] (Valve Corporation)
HKU\S-1-5-21-2633943692-513737018-3113483853-1001\...\Run: [Sony PC Companion] => C:\Program Files (x86)\Sony\Sony PC Companion\PCCompanion.exe [457088 2015-09-23] (Sony)
HKU\S-1-5-21-2633943692-513737018-3113483853-1001\...\Run: [BingSvc] => C:\Users\Manuella\AppData\Local\Microsoft\BingSvc\BingSvc.exe [144008 2015-11-27] (© 2015 Microsoft Corporation)
HKU\S-1-5-21-2633943692-513737018-3113483853-1001\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [26424960 2016-06-29] (Skype Technologies S.A.)
HKU\S-1-5-21-2633943692-513737018-3113483853-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [8641240 2016-02-12] (Piriform Ltd)
HKU\S-1-5-21-2633943692-513737018-3113483853-1001\...\Run: [Spotify] => C:\Users\Manuella\AppData\Roaming\Spotify\Spotify.exe [15866480 2017-08-21] (Spotify Ltd)
HKU\S-1-5-21-2633943692-513737018-3113483853-1001\...\Run: [Discord] => C:\Users\Manuella\AppData\Local\Discord\app-0.0.298\Discord.exe [57477112 2017-08-08] (Discord Inc.)
HKU\S-1-5-21-2633943692-513737018-3113483853-1001\...\Run: [Spotify Web Helper] => C:\Users\Manuella\AppData\Roaming\Spotify\SpotifyWebHelper.exe [1580144 2017-08-21] (Spotify Ltd)
HKU\S-1-5-21-2633943692-513737018-3113483853-1001\...\MountPoints2: {2543286f-c6b0-11e5-82c9-40167e8802df} - "G:\startme.exe"
HKU\S-1-5-21-2633943692-513737018-3113483853-1001\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\system32\Bubbles.scr [805888 2015-10-30] (Microsoft Corporation)
HKU\S-1-5-21-2633943692-513737018-3113483853-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-08222017030427617\...\Run: [EADM] => C:\Program Files (x86)\Origin\Origin.exe [3048256 2017-08-10] (Electronic Arts)
HKU\S-1-5-21-2633943692-513737018-3113483853-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-08222017030427617\...\Run: [Orange Installer] => C:\Program Files (x86)\Orange\Orange Installer\OrangeInstaller.exe [561320 2012-11-27] ()
HKU\S-1-5-21-2633943692-513737018-3113483853-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-08222017030427617\...\Run: [OrangeInside] => C:\Users\Manuella\AppData\Roaming\Orange\OrangeInside\one\OrangeInside.exe [0 2016-05-13] ()
HKU\S-1-5-21-2633943692-513737018-3113483853-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-08222017030427617\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [3062560 2017-07-18] (Valve Corporation)
HKU\S-1-5-21-2633943692-513737018-3113483853-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-08222017030427617\...\Run: [Sony PC Companion] => C:\Program Files (x86)\Sony\Sony PC Companion\PCCompanion.exe [457088 2015-09-23] (Sony)
HKU\S-1-5-21-2633943692-513737018-3113483853-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-08222017030427617\...\Run: [BingSvc] => C:\Users\Manuella\AppData\Local\Microsoft\BingSvc\BingSvc.exe [144008 2015-11-27] (© 2015 Microsoft Corporation)
HKU\S-1-5-21-2633943692-513737018-3113483853-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-08222017030427617\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [26424960 2016-06-29] (Skype Technologies S.A.)
HKU\S-1-5-21-2633943692-513737018-3113483853-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-08222017030427617\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [8641240 2016-02-12] (Piriform Ltd)
HKU\S-1-5-21-2633943692-513737018-3113483853-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-08222017030427617\...\Run: [Spotify] => C:\Users\Manuella\AppData\Roaming\Spotify\Spotify.exe [15866480 2017-08-21] (Spotify Ltd)
HKU\S-1-5-21-2633943692-513737018-3113483853-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-08222017030427617\...\Run: [Discord] => C:\Users\Manuella\AppData\Local\Discord\app-0.0.298\Discord.exe [57477112 2017-08-08] (Discord Inc.)
HKU\S-1-5-21-2633943692-513737018-3113483853-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-08222017030427617\...\Run: [Spotify Web Helper] => C:\Users\Manuella\AppData\Roaming\Spotify\SpotifyWebHelper.exe [1580144 2017-08-21] (Spotify Ltd)
HKU\S-1-5-21-2633943692-513737018-3113483853-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-08222017030427617\...\MountPoints2: {2543286f-c6b0-11e5-82c9-40167e8802df} - "G:\startme.exe"
HKU\S-1-5-21-2633943692-513737018-3113483853-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-08222017030427617\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\system32\Bubbles.scr [805888 2015-10-30] (Microsoft Corporation)
Startup: C:\Users\Manuella\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Alertes de surveillance de l'encre - HP ENVY 4500 series.lnk [2017-08-22]
ShortcutTarget: Alertes de surveillance de l'encre - HP ENVY 4500 series.lnk -> C:\Program Files\HP\HP ENVY 4500 series\Bin\HPStatusBL.dll (Hewlett-Packard Development Company, LP)
Startup: C:\Users\Manuella\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\CurseClientStartup.ccip [2015-05-08] ()
==================== Internet (Avec liste blanche) ====================
(Si un élément est inclus dans le fichier fixlist.txt, s'il s'agit d'un élément du Registre, il sera supprimé ou restauré à la valeur par défaut.)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{a583a8dc-b6a0-4072-8660-14e79331b171}: [DhcpNameServer] 192.168.1.1
Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-2633943692-513737018-3113483853-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.msn.com/?pc=SKY2&ocid=SKY2DHP&osmkt=fr-fr
HKU\S-1-5-21-2633943692-513737018-3113483853-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://asus13.msn.com/?pc=ASJB
HKU\S-1-5-21-2633943692-513737018-3113483853-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-08222017030427617\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.msn.com/?pc=SKY2&ocid=SKY2DHP&osmkt=fr-fr
HKU\S-1-5-21-2633943692-513737018-3113483853-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-08222017030427617\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://asus13.msn.com/?pc=ASJB
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_91\bin\ssv.dll [2016-05-05] (Oracle Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_91\bin\jp2ssv.dll [2016-05-05] (Oracle Corporation)
Handler: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - Pas de fichier
Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - Pas de fichier
FireFox:
========
FF DefaultProfile: kqo8lrr4.default
FF ProfilePath: C:\Users\Manuella\AppData\Roaming\Zotero\Zotero\Profiles\kqo8lrr4.default [2017-03-28]
FF ProfilePath: C:\Users\Manuella\AppData\Roaming\Mozilla\Firefox\Profiles\yxirrjfz.default [2017-08-22]
FF DefaultSearchEngine: Mozilla\Firefox\Profiles\yxirrjfz.default -> Recherche sécurisée
FF SearchEngineOrder.1: Mozilla\Firefox\Profiles\yxirrjfz.default -> Recherche sécurisée
FF SearchEngineOrder.3: Mozilla\Firefox\Profiles\yxirrjfz.default -> Bing
FF SelectedSearchEngine: Mozilla\Firefox\Profiles\yxirrjfz.default -> Recherche sécurisée
FF Homepage: Mozilla\Firefox\Profiles\yxirrjfz.default -> hxxp://www.msn.com/?pc=SKY2&ocid=SKY2DHP&osmkt=fr-fr
FF Keyword.URL: Mozilla\Firefox\Profiles\yxirrjfz.default -> hxxp://r.orange.fr/r?ref=O_OI_hook_openSearchFF&url=http%3A//rws.search.ke.voila.fr/RW/S/opensearch_orange?rdata=
FF Extension: (Avira Browser Safety) - C:\Users\Manuella\AppData\Roaming\Mozilla\Firefox\Profiles\yxirrjfz.default\Extensions\abs@avira.com [2017-06-07]
FF Extension: (Bing Search) - C:\Users\Manuella\AppData\Roaming\Mozilla\Firefox\Profiles\yxirrjfz.default\Extensions\bingsearch.full@microsoft.com.xpi [2015-11-27]
FF SearchPlugin: C:\Users\Manuella\AppData\Roaming\Mozilla\Firefox\Profiles\yxirrjfz.default\searchplugins\bing-.xml [2015-11-27]
FF SearchPlugin: C:\Users\Manuella\AppData\Roaming\Mozilla\Firefox\Profiles\yxirrjfz.default\searchplugins\McSiteAdvisor.xml [2016-08-11]
FF HKLM\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files (x86)\McAfee\SiteAdvisor\saffplg.xpi => non trouvé(e)
FF HKLM-x32\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files (x86)\McAfee\SiteAdvisor\saffplg.xpi => non trouvé(e)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.50901.0\npctrl.dll [2016-08-31] ( Microsoft Corporation)
FF Plugin: @wacom.com/wtPlugin,version=2.1.0.3 -> C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll [2014-03-25] (Wacom)
FF Plugin: @wacom.com/wtPlugin,version=2.1.0.7 -> C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll [2014-03-25] (Wacom)
FF Plugin: wacom.com/WacomTabletPlugin -> C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll [2014-03-25] (Wacom)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-09-16] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-09-16] (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.91.2 -> C:\Program Files (x86)\Java\jre1.8.0_91\bin\dtplugin\npDeployJava1.dll [2016-05-05] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.91.2 -> C:\Program Files (x86)\Java\jre1.8.0_91\bin\plugin2\npjp2.dll [2016-05-05] (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.50901.0\npctrl.dll [2016-08-31] ( Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-04-27] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-04-27] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.1.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2014-07-23] (VideoLAN)
FF Plugin-x32: @wacom.com/wtPlugin,version=2.1.0.3 -> C:\Program Files (x86)\TabletPlugins\npWacomTabletPlugin.dll [2014-03-25] (Wacom)
FF Plugin-x32: @wacom.com/wtPlugin,version=2.1.0.7 -> C:\Program Files (x86)\TabletPlugins\npWacomTabletPlugin.dll [2014-03-25] (Wacom)
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\1\NP_wtapp.dll [2013-08-06] ()
FF Plugin-x32: wacom.com/WacomTabletPlugin -> C:\Program Files (x86)\TabletPlugins\npWacomTabletPlugin.dll [2014-03-25] (Wacom)
FF Plugin HKU\S-1-5-21-2633943692-513737018-3113483853-1001: wacom.com/WacomTabletPlugin -> C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll [2014-03-25] (Wacom)
FF Plugin HKU\S-1-5-21-2633943692-513737018-3113483853-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-08222017030427617: wacom.com/WacomTabletPlugin -> C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll [2014-03-25] (Wacom)
Chrome:
=======
CHR DefaultProfile: Default
CHR HomePage: Default -> hxxp://www.google.com/
CHR StartupUrls: Default -> "hxxp://www.google.co.uk/"
CHR Profile: C:\Users\Manuella\AppData\Local\Google\Chrome\User Data\Default [2017-08-22]
CHR Extension: (Google Docs) - C:\Users\Manuella\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-02-04]
CHR Extension: (Google Drive) - C:\Users\Manuella\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-10-21]
CHR Extension: (YouTube) - C:\Users\Manuella\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-09-25]
CHR Extension: (Adblock Plus) - C:\Users\Manuella\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2017-07-13]
CHR Extension: (AdBlock+) - C:\Users\Manuella\AppData\Local\Google\Chrome\User Data\Default\Extensions\chmimgmjdabgiilljdjfbonifbhiglao [2014-07-18]
CHR Extension: (Adblock pour Youtube™) - C:\Users\Manuella\AppData\Local\Google\Chrome\User Data\Default\Extensions\cmedhionkhpnakcndndgjdbohmhepckk [2017-06-14]
CHR Extension: (Recherche Google) - C:\Users\Manuella\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-10-29]
CHR Extension: (Protection Web Avira) - C:\Users\Manuella\AppData\Local\Google\Chrome\User Data\Default\Extensions\flliilndjeohchalpbbcdekjklbdgfkk [2017-06-08]
CHR Extension: (Google Docs hors connexion) - C:\Users\Manuella\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-03-15]
CHR Extension: (AdBlock) - C:\Users\Manuella\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2017-08-14]
CHR Extension: (Roms43 for Chrome) - C:\Users\Manuella\AppData\Local\Google\Chrome\User Data\Default\Extensions\hodglkaodhnbkakchphcmbgdinlgcfgc [2016-02-29]
CHR Extension: (Cargo Bridge) - C:\Users\Manuella\AppData\Local\Google\Chrome\User Data\Default\Extensions\keembkgclppcbilkekfgpobhldjjhpmn [2014-07-18]
CHR Extension: (Paiements via le Chrome Web Store) - C:\Users\Manuella\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-08-22]
CHR Extension: (Mon thème Chrome) - C:\Users\Manuella\AppData\Local\Google\Chrome\User Data\Default\Extensions\oehpjpccmlcalbenfhnacjeocbjdonic [2015-08-27]
CHR Extension: (Gmail) - C:\Users\Manuella\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-03-28]
CHR Extension: (Chrome Media Router) - C:\Users\Manuella\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-07-29]
CHR HKLM\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] - C:\Program Files (x86)\McAfee\SiteAdvisor\McChPlg.crx
CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - hxxps://clients2.google.com/service/update2/crx
==================== Services (Avec liste blanche) ====================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
R2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [2246256 2017-05-18] (Adobe Systems, Incorporated)
S2 AntiVirMailService; C:\Program Files (x86)\Avira\AntiVir Desktop\avmailc7.exe [1128432 2017-08-09] (Avira Operations GmbH & Co. KG)
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [490968 2017-08-09] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [490968 2017-08-09] (Avira Operations GmbH & Co. KG)
S2 AntiVirWebService; C:\Program Files (x86)\Avira\AntiVir Desktop\avwebg7.exe [1525240 2017-08-09] (Avira Operations GmbH & Co. KG)
R2 Asus WebStorage Windows Service; C:\Program Files (x86)\ASUS\WebStorage\2.0.3.226\AsusWSWinService.exe [71680 2013-08-16] (ASUS Cloud Corporation) [Fichier non signé]
R2 Avira.ServiceHost; C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe [389312 2017-08-02] (Avira Operations GmbH & Co. KG)
R2 BcmBtRSupport; C:\WINDOWS\system32\BtwRSupportService.exe [2251992 2015-03-27] (Broadcom Corporation.)
R2 ETDService; C:\Program Files\Elantech\ETDService.exe [147688 2015-07-14] (ELAN Microelectronics Corp.)
R2 GamesAppIntegrationService; C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe [227904 2014-07-19] (WildTangent)
R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1165368 2016-05-02] (NVIDIA Corporation)
R2 igfxCUIService2.0.0.0; C:\WINDOWS\system32\igfxCUIService.exe [373744 2016-11-02] (Intel Corporation)
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [747520 2013-08-27] (Intel(R) Corporation) [Fichier non signé]
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [828376 2013-08-27] (Intel(R) Corporation)
R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [131544 2013-09-16] (Intel Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-09-16] (Intel Corporation)
R2 MBAMService; C:\Anti-Malware\mbamservice.exe [4355024 2017-01-20] (Malwarebytes)
R2 NVDisplay.ContainerLocalSystem; C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe [458176 2016-12-29] (NVIDIA Corporation)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1881144 2016-05-02] (NVIDIA Corporation)
R3 NvStreamNetworkSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe [3634232 2016-05-02] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe [2522680 2016-05-02] (NVIDIA Corporation)
S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2168672 2017-08-10] (Electronic Arts)
S2 Origin Web Helper Service; C:\Program Files (x86)\Origin\OriginWebHelperService.exe [3148128 2017-08-10] (Electronic Arts)
R2 PDF Architect 5 Manager; C:\ProgramData\pdfforge\PDF Architect 5 Manager\PDF Architect 5\Architect Manager.exe [985904 2017-02-28] (© pdfforge GmbH.)
R2 RzWizardService; C:\Program Files (x86)\Razer\RzWizard\RzWizardService.exe [368128 2015-04-16] (Razer Inc.) [Fichier non signé]
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [364464 2016-10-25] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [24864 2016-10-25] (Microsoft Corporation)
R2 WTabletServicePro; C:\Program Files\Tablet\Wacom\WTabletServicePro.exe [672208 2017-04-05] (Wacom Technology, Corp.)
===================== Pilotes (Avec liste blanche) ======================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
R0 avdevprot; C:\WINDOWS\System32\DRIVERS\avdevprot.sys [60920 2017-06-20] (Avira Operations GmbH & Co. KG)
R2 avgntflt; C:\WINDOWS\System32\DRIVERS\avgntflt.sys [173784 2017-08-09] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\WINDOWS\system32\DRIVERS\avipbb.sys [167464 2017-08-09] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\WINDOWS\system32\DRIVERS\avkmgr.sys [44488 2017-03-28] (Avira Operations GmbH & Co. KG)
R2 avnetflt; C:\WINDOWS\system32\DRIVERS\avnetflt.sys [88488 2017-03-28] (Avira Operations GmbH & Co. KG)
R3 bcbtums; C:\WINDOWS\system32\drivers\bcbtums.sys [173312 2015-03-27] (Broadcom Corporation.)
R3 BCM43XX; C:\WINDOWS\system32\DRIVERS\bcmwl63a.sys [7480496 2014-04-06] (Broadcom Corporation)
R3 ETDSMBus; C:\WINDOWS\System32\drivers\ETDSMBus.sys [31320 2015-07-14] (ELAN Microelectronic Corp.)
R3 kbfiltr; C:\WINDOWS\System32\drivers\kbfiltr.sys [17280 2012-08-06] ( )
R0 MBAMSwissArmy; C:\WINDOWS\System32\drivers\MBAMSwissArmy.sys [251832 2017-08-21] (Malwarebytes)
R3 MEIx64; C:\WINDOWS\system32\DRIVERS\TeeDriverx64.sys [99288 2013-09-16] (Intel Corporation)
R2 npf; C:\WINDOWS\System32\drivers\npf.sys [35344 2011-02-11] (CACE Technologies, Inc.)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [28216 2016-05-02] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\WINDOWS\system32\drivers\nvvad64v.sys [56384 2016-04-14] (NVIDIA Corporation)
R2 plctrl; C:\Program Files\ASUS\P4G\plctrl.sys [14136 2014-01-03] (Windows (R) Win 7 DDK provider)
R3 ScpVBus; C:\WINDOWS\System32\drivers\ScpVBus.sys [39168 2013-05-19] (Scarlet.Crush Productions)
S3 WacHidRouterPro; C:\WINDOWS\System32\drivers\wachidrouter.sys [120976 2017-03-27] (Wacom Technology)
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [44568 2015-10-30] (Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [293216 2015-10-30] (Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [118112 2015-10-30] (Microsoft Corporation)
==================== NetSvcs (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
==================== Un mois - Créés - fichiers et dossiers ========
(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)
2017-08-22 12:06 - 2017-08-22 12:07 - 000031057 _____ C:\Users\Manuella\Desktop\FRST.txt
2017-08-22 12:06 - 2017-08-22 12:06 - 002395648 _____ (Farbar) C:\Users\Manuella\Desktop\FRST64.exe
2017-08-22 12:06 - 2017-08-22 12:06 - 000000000 ____D C:\FRST
2017-08-22 11:20 - 2017-08-22 11:20 - 000163412 _____ C:\Users\Manuella\Desktop\ZHPDiag.txt
2017-08-22 11:16 - 2017-08-22 11:17 - 002812800 _____ C:\Users\Manuella\Downloads\zhpdiag_2017.8.15.140.exe
2017-08-22 11:16 - 2017-08-22 11:16 - 000000000 ___HD C:\OneDriveTemp
2017-08-18 09:47 - 2017-08-22 11:18 - 000000074 _____ C:\Users\Manuella\AppData\Roaming\sp_data.sys
2017-08-15 22:24 - 2017-08-15 22:24 - 000568624 _____ C:\Users\Manuella\Downloads\cacaoweb.exe
2017-08-11 17:14 - 2017-08-11 17:14 - 000015025 _____ C:\Users\Manuella\AppData\Local\recently-used.xbel
2017-08-11 17:11 - 2017-08-11 17:11 - 000323100 _____ C:\Users\Manuella\Desktop\Scan.pdf
2017-08-09 11:09 - 2017-08-09 11:09 - 000000000 ____D C:\Users\Manuella\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Discord Inc
2017-08-02 22:11 - 2017-08-21 09:17 - 000000000 ____D C:\Users\Manuella\AppData\Roaming\discord
2017-08-02 22:11 - 2017-08-09 11:09 - 000002288 _____ C:\Users\Manuella\Desktop\Discord.lnk
2017-08-02 22:11 - 2017-08-09 11:08 - 000000000 ____D C:\Users\Manuella\AppData\Local\Discord
2017-08-02 22:11 - 2017-08-02 22:11 - 000000000 ____D C:\Users\Manuella\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Hammer & Chisel, Inc
2017-08-02 22:11 - 2017-08-02 22:11 - 000000000 ____D C:\Users\Manuella\AppData\Local\SquirrelTemp
2017-08-02 22:05 - 2017-08-02 22:11 - 052553728 _____ (Hammer & Chisel, Inc.) C:\Users\Manuella\Downloads\DiscordSetup.exe
2017-07-25 13:03 - 2017-08-22 12:00 - 000003550 _____ C:\WINDOWS\System32\Tasks\ASUS Live Update1
2017-07-25 12:59 - 2017-07-25 12:59 - 000003364 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-2633943692-513737018-3113483853-1001
==================== Un mois - Modifiés - fichiers et dossiers ========
(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)
2017-08-22 12:00 - 2015-05-13 09:19 - 000003540 _____ C:\WINDOWS\System32\Tasks\ASUS Live Update2
2017-08-22 11:19 - 2014-07-18 02:19 - 000004164 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{DA17552E-AB5C-4167-A396-C030DE224CCD}
2017-08-22 11:18 - 2017-04-29 21:13 - 000000000 ____D C:\Users\Manuella\AppData\Roaming\ZHP
2017-08-22 11:16 - 2015-10-07 17:53 - 000000000 ____D C:\ProgramData\ASUS Smart Gesture
2017-08-22 11:16 - 2015-07-30 22:34 - 000000000 ___RD C:\Users\Manuella\OneDrive
2017-08-22 11:15 - 2016-01-09 06:12 - 000000180 _____ C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2017-08-22 11:15 - 2015-07-30 22:34 - 000000000 __SHD C:\Users\Manuella\IntelGraphicsProfiles
2017-08-22 04:39 - 2015-01-19 00:19 - 000000000 ____D C:\Program Files (x86)\Steam
2017-08-21 23:36 - 2016-01-09 06:16 - 000000000 ____D C:\Users\Manuella
2017-08-21 23:24 - 2015-10-30 21:00 - 000825500 _____ C:\WINDOWS\system32\perfh00C.dat
2017-08-21 23:24 - 2015-10-30 21:00 - 000155764 _____ C:\WINDOWS\system32\perfc00C.dat
2017-08-21 23:24 - 2015-10-30 09:21 - 000000000 ____D C:\WINDOWS\INF
2017-08-21 23:24 - 2015-07-30 22:22 - 001848398 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2017-08-21 23:16 - 2017-04-30 01:28 - 000251832 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2017-08-21 23:15 - 2016-01-09 06:13 - 000000000 ____D C:\ProgramData\NVIDIA
2017-08-21 23:14 - 2016-01-09 10:07 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2017-08-21 22:43 - 2016-06-14 19:56 - 000000000 ____D C:\Users\Manuella\AppData\Local\CrashDumps
2017-08-21 22:29 - 2015-06-15 21:39 - 000000000 ____D C:\Users\Manuella\AppData\Roaming\Azureus
2017-08-21 22:28 - 2017-05-01 13:53 - 000000000 ____D C:\WINDOWS\Minidump
2017-08-21 22:28 - 2016-05-14 12:27 - 000000000 ____D C:\Users\Manuella\AppData\Local\Deployment
2017-08-21 21:46 - 2014-07-30 23:31 - 000000000 ____D C:\ProgramData\Origin
2017-08-21 11:20 - 2014-08-17 01:07 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2017-08-21 11:20 - 2014-07-19 00:22 - 000000000 ____D C:\ProgramData\Package Cache
2017-08-21 09:19 - 2017-02-04 11:21 - 000000000 ____D C:\Users\Manuella\AppData\Roaming\Spotify
2017-08-21 09:19 - 2017-02-04 11:21 - 000000000 ____D C:\Users\Manuella\AppData\Local\Spotify
2017-08-18 18:31 - 2015-10-30 08:28 - 001310720 ___SH C:\WINDOWS\system32\config\BBI
2017-08-18 00:17 - 2014-09-29 18:53 - 000000000 ____D C:\Users\Manuella\AppData\Local\Battle.net
2017-08-17 23:16 - 2014-09-29 18:52 - 000000000 ____D C:\Program Files (x86)\Battle.net
2017-08-17 21:48 - 2014-07-18 02:38 - 000002272 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2017-08-11 17:57 - 2017-05-02 16:24 - 000000000 ____D C:\Users\Manuella\.gimp-2.8
2017-08-11 17:14 - 2017-05-02 16:26 - 000000000 ____D C:\Users\Manuella\AppData\Local\gtk-2.0
2017-08-11 12:01 - 2014-09-29 18:56 - 000000000 ____D C:\Program Files (x86)\Hearthstone
2017-08-11 11:59 - 2014-07-30 23:37 - 000000000 ____D C:\Program Files (x86)\Origin Games
2017-08-11 11:58 - 2015-04-29 19:48 - 000000000 ____D C:\Program Files (x86)\World of Warcraft
2017-08-10 11:04 - 2014-07-30 23:34 - 000000000 ____D C:\Users\Manuella\AppData\Roaming\Origin
2017-08-10 11:03 - 2014-07-30 23:31 - 000000000 ____D C:\Program Files (x86)\Origin
2017-08-09 11:08 - 2014-08-17 01:06 - 000173784 _____ (Avira Operations GmbH & Co. KG) C:\WINDOWS\system32\Drivers\avgntflt.sys
2017-08-09 11:08 - 2014-08-17 01:06 - 000167464 _____ (Avira Operations GmbH & Co. KG) C:\WINDOWS\system32\Drivers\avipbb.sys
2017-07-30 00:52 - 2014-08-17 00:46 - 000000000 ____D C:\Users\Manuella\AppData\Roaming\Skype
2017-07-25 12:58 - 2015-07-30 22:41 - 000002456 _____ C:\Users\Manuella\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
==================== Fichiers à la racine de certains dossiers =======
2017-02-03 02:13 - 2017-04-19 16:53 - 000000034 _____ () C:\Users\Manuella\AppData\Roaming\AdobeWLCMCache.dat
2014-08-19 23:21 - 2014-08-19 23:21 - 000000098 _____ () C:\Users\Manuella\AppData\Roaming\LauncherSettings_live.cfg
2017-08-18 09:47 - 2017-08-22 11:18 - 000000074 _____ () C:\Users\Manuella\AppData\Roaming\sp_data.sys
2014-08-19 18:38 - 2014-08-19 18:42 - 000008137 _____ () C:\Users\Manuella\AppData\Roaming\TheHunterSettings_live.bin
2014-08-19 18:32 - 2014-08-19 18:32 - 000000039 _____ () C:\Users\Manuella\AppData\Roaming\TheHunterSettings_steam_live.cfg
2015-08-02 12:55 - 2016-04-14 19:31 - 000001456 _____ () C:\Users\Manuella\AppData\Local\Adobe Enregistrer pour le Web 12.0 Prefs
2015-11-12 01:36 - 2016-03-06 17:05 - 000004608 _____ () C:\Users\Manuella\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2017-08-11 17:14 - 2017-08-11 17:14 - 000015025 _____ () C:\Users\Manuella\AppData\Local\recently-used.xbel
2016-05-09 19:27 - 2016-05-09 19:27 - 000000057 _____ () C:\ProgramData\Ament.ini
2016-01-09 06:12 - 2016-01-09 06:12 - 000000000 ____H () C:\ProgramData\DP45977C.lfl
2013-12-13 06:09 - 2012-09-07 13:40 - 000000256 _____ () C:\ProgramData\SetStretch.cmd
2013-12-13 06:09 - 2009-07-22 12:04 - 000024576 _____ () C:\ProgramData\SetStretch.exe
2013-12-13 06:09 - 2012-09-07 13:37 - 000000103 _____ () C:\ProgramData\SetStretch.VBS
==================== Bamital & volsnap ======================
(Il n'y a pas de correction automatique pour les fichiers qui ne satisfont pas à la vérification.)
C:\WINDOWS\system32\winlogon.exe => Le fichier est signé numériquement
C:\WINDOWS\system32\wininit.exe => Le fichier est signé numériquement
C:\WINDOWS\explorer.exe => Le fichier est signé numériquement
C:\WINDOWS\SysWOW64\explorer.exe => Le fichier est signé numériquement
C:\WINDOWS\system32\svchost.exe => Le fichier est signé numériquement
C:\WINDOWS\SysWOW64\svchost.exe => Le fichier est signé numériquement
C:\WINDOWS\system32\services.exe => Le fichier est signé numériquement
C:\WINDOWS\system32\User32.dll => Le fichier est signé numériquement
C:\WINDOWS\SysWOW64\User32.dll => Le fichier est signé numériquement
C:\WINDOWS\system32\userinit.exe => Le fichier est signé numériquement
C:\WINDOWS\SysWOW64\userinit.exe => Le fichier est signé numériquement
C:\WINDOWS\system32\rpcss.dll => Le fichier est signé numériquement
C:\WINDOWS\system32\dnsapi.dll => Le fichier est signé numériquement
C:\WINDOWS\SysWOW64\dnsapi.dll => Le fichier est signé numériquement
C:\WINDOWS\system32\Drivers\volsnap.sys => Le fichier est signé numériquement
LastRegBack: 2017-08-21 10:44
==================== Fin de FRST.txt ============================
Exécuté par Manuella (administrateur) sur SOJARY (22-08-2017 12:06:56)
Exécuté depuis C:\Users\Manuella\Desktop
Profils chargés: Manuella & (Profils disponibles: Manuella)
Platform: Windows 10 Home Version 1511 (X64) Langue: Français (France)
Internet Explorer Version 11 (Navigateur par défaut: Chrome)
Mode d'amorçage: Normal
Tutoriel pour Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processus (Avec liste blanche) =================
(Si un élément est inclus dans le fichier fixlist.txt, le processus sera arrêté. Le fichier ne sera pas déplacé.)
(Intel Corporation) C:\WINDOWS\System32\igfxCUIService.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\Wacom\WTabletServicePro.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(ASUS Cloud Corporation) C:\Program Files (x86)\ASUS\WebStorage\2.0.3.226\AsusWSWinService.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Malwarebytes) C:\Anti-Malware\MBAMService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe
(Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe
(Razer Inc.) C:\Program Files (x86)\Razer\RzWizard\RzWizardService.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(© pdfforge GmbH.) C:\ProgramData\pdfforge\PDF Architect 5 Manager\PDF Architect 5\Architect Manager.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDService.exe
(Broadcom Corporation.) C:\WINDOWS\System32\BtwRSupportService.exe
(Microsoft Corporation) C:\WINDOWS\System32\wlanext.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(Microsoft Corporation) C:\WINDOWS\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.5\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.5\GoogleCrashHandler64.exe
(WildTangent) C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\KBFiltr.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\Wacom\Wacom_TabletUser.exe
(Wacom Technology) C:\Program Files\Tablet\Wacom\WacomHost.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe
(ASUS) C:\Program Files (x86)\ASUS\Splendid\ACMON.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\Splendid\ColorUService.exe
() C:\Program Files (x86)\Orange\Orange Installer\OrangeInstaller.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe
(ASUS) C:\Program Files\ASUS\P4G\BatteryLife.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\Wacom\Wacom_TouchUser.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\Wacom\Wacom_Tablet.exe
(Intel Corporation) C:\WINDOWS\System32\igfxEM.exe
(Intel Corporation) C:\WINDOWS\System32\igfxHK.exe
() C:\WINDOWS\System32\igfxTray.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPLoader.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Malwarebytes) C:\Anti-Malware\mbamtray.exe
(© 2015 Microsoft Corporation) C:\Users\Manuella\AppData\Local\Microsoft\BingSvc\BingSvc.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Spotify Ltd) C:\Users\Manuella\AppData\Roaming\Spotify\SpotifyWebHelper.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\WINDOWS\System32\rundll32.exe
(CyberLink Corp.) C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(Razer Inc.) C:\Program Files (x86)\Razer\RzWizard\RzWizard.exe
(Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.Systray.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\WINDOWS\WinSxS\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_10.0.10586.570_none_7645b09c266beb53\TiWorker.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\ASUS Live Update\LiveUpdate.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
==================== Registre (Avec liste blanche) ====================
(Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé. Le fichier ne sera pas déplacé.)
HKLM\...\Run: [ETDCtrl] => C:\Program Files\Elantech\ETDCtrl.exe [3350760 2015-07-14] (ELAN Microelectronics Corp.)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13885696 2015-06-24] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1402624 2015-06-24] (Realtek Semiconductor)
HKLM\...\Run: [IgfxTray] => C:\Windows\system32\igfxtray.exe [401896 2016-11-02] ()
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2398776 2016-05-02] (NVIDIA Corporation)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => "C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"
HKLM\...\Run: [Wondershare Helper Compact.exe] => C:\Program Files\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe
HKLM\...\Run: [Malwarebytes TrayApp] => C:\ANTI-MALWARE\mbamtray.exe [2780112 2017-01-20] (Malwarebytes)
HKLM-x32\...\Run: [ASUSPRP] => C:\Program Files (x86)\ASUS\APRP\APRP.EXE [3216032 2013-12-13] (ASUSTek Computer Inc.)
HKLM-x32\...\Run: [WebStorage] => C:\Program Files (x86)\ASUS\WebStorage\2.1.8.381\ASUSWSLoader.exe [63296 2014-07-08] ()
HKLM-x32\...\Run: [RemoteControl10] => C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe [95192 2013-03-08] (CyberLink Corp.)
HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [919032 2017-08-09] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [RzWizard] => C:\Program Files (x86)\Razer\RzWizard\RzWizard.exe [254976 2015-04-16] (Razer Inc.)
HKLM-x32\...\Run: [Avira SystrayStartTrigger] => C:\Program Files (x86)\Avira\Launcher\Avira.SystrayStartTrigger.exe [97512 2017-08-02] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [96056 2013-05-30] (Hewlett-Packard)
HKLM-x32\...\Run: [Wondershare Helper Compact.exe] => C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe
HKLM-x32\...\Run: [Adobe Creative Cloud] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [2404952 2017-03-27] (Adobe Systems Incorporated)
HKU\S-1-5-21-2633943692-513737018-3113483853-1001\...\Run: [EADM] => C:\Program Files (x86)\Origin\Origin.exe [3048256 2017-08-10] (Electronic Arts)
HKU\S-1-5-21-2633943692-513737018-3113483853-1001\...\Run: [Orange Installer] => C:\Program Files (x86)\Orange\Orange Installer\OrangeInstaller.exe [561320 2012-11-27] ()
HKU\S-1-5-21-2633943692-513737018-3113483853-1001\...\Run: [OrangeInside] => C:\Users\Manuella\AppData\Roaming\Orange\OrangeInside\one\OrangeInside.exe [0 2016-05-13] ()
HKU\S-1-5-21-2633943692-513737018-3113483853-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [3062560 2017-07-18] (Valve Corporation)
HKU\S-1-5-21-2633943692-513737018-3113483853-1001\...\Run: [Sony PC Companion] => C:\Program Files (x86)\Sony\Sony PC Companion\PCCompanion.exe [457088 2015-09-23] (Sony)
HKU\S-1-5-21-2633943692-513737018-3113483853-1001\...\Run: [BingSvc] => C:\Users\Manuella\AppData\Local\Microsoft\BingSvc\BingSvc.exe [144008 2015-11-27] (© 2015 Microsoft Corporation)
HKU\S-1-5-21-2633943692-513737018-3113483853-1001\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [26424960 2016-06-29] (Skype Technologies S.A.)
HKU\S-1-5-21-2633943692-513737018-3113483853-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [8641240 2016-02-12] (Piriform Ltd)
HKU\S-1-5-21-2633943692-513737018-3113483853-1001\...\Run: [Spotify] => C:\Users\Manuella\AppData\Roaming\Spotify\Spotify.exe [15866480 2017-08-21] (Spotify Ltd)
HKU\S-1-5-21-2633943692-513737018-3113483853-1001\...\Run: [Discord] => C:\Users\Manuella\AppData\Local\Discord\app-0.0.298\Discord.exe [57477112 2017-08-08] (Discord Inc.)
HKU\S-1-5-21-2633943692-513737018-3113483853-1001\...\Run: [Spotify Web Helper] => C:\Users\Manuella\AppData\Roaming\Spotify\SpotifyWebHelper.exe [1580144 2017-08-21] (Spotify Ltd)
HKU\S-1-5-21-2633943692-513737018-3113483853-1001\...\MountPoints2: {2543286f-c6b0-11e5-82c9-40167e8802df} - "G:\startme.exe"
HKU\S-1-5-21-2633943692-513737018-3113483853-1001\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\system32\Bubbles.scr [805888 2015-10-30] (Microsoft Corporation)
HKU\S-1-5-21-2633943692-513737018-3113483853-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-08222017030427617\...\Run: [EADM] => C:\Program Files (x86)\Origin\Origin.exe [3048256 2017-08-10] (Electronic Arts)
HKU\S-1-5-21-2633943692-513737018-3113483853-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-08222017030427617\...\Run: [Orange Installer] => C:\Program Files (x86)\Orange\Orange Installer\OrangeInstaller.exe [561320 2012-11-27] ()
HKU\S-1-5-21-2633943692-513737018-3113483853-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-08222017030427617\...\Run: [OrangeInside] => C:\Users\Manuella\AppData\Roaming\Orange\OrangeInside\one\OrangeInside.exe [0 2016-05-13] ()
HKU\S-1-5-21-2633943692-513737018-3113483853-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-08222017030427617\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [3062560 2017-07-18] (Valve Corporation)
HKU\S-1-5-21-2633943692-513737018-3113483853-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-08222017030427617\...\Run: [Sony PC Companion] => C:\Program Files (x86)\Sony\Sony PC Companion\PCCompanion.exe [457088 2015-09-23] (Sony)
HKU\S-1-5-21-2633943692-513737018-3113483853-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-08222017030427617\...\Run: [BingSvc] => C:\Users\Manuella\AppData\Local\Microsoft\BingSvc\BingSvc.exe [144008 2015-11-27] (© 2015 Microsoft Corporation)
HKU\S-1-5-21-2633943692-513737018-3113483853-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-08222017030427617\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [26424960 2016-06-29] (Skype Technologies S.A.)
HKU\S-1-5-21-2633943692-513737018-3113483853-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-08222017030427617\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [8641240 2016-02-12] (Piriform Ltd)
HKU\S-1-5-21-2633943692-513737018-3113483853-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-08222017030427617\...\Run: [Spotify] => C:\Users\Manuella\AppData\Roaming\Spotify\Spotify.exe [15866480 2017-08-21] (Spotify Ltd)
HKU\S-1-5-21-2633943692-513737018-3113483853-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-08222017030427617\...\Run: [Discord] => C:\Users\Manuella\AppData\Local\Discord\app-0.0.298\Discord.exe [57477112 2017-08-08] (Discord Inc.)
HKU\S-1-5-21-2633943692-513737018-3113483853-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-08222017030427617\...\Run: [Spotify Web Helper] => C:\Users\Manuella\AppData\Roaming\Spotify\SpotifyWebHelper.exe [1580144 2017-08-21] (Spotify Ltd)
HKU\S-1-5-21-2633943692-513737018-3113483853-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-08222017030427617\...\MountPoints2: {2543286f-c6b0-11e5-82c9-40167e8802df} - "G:\startme.exe"
HKU\S-1-5-21-2633943692-513737018-3113483853-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-08222017030427617\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\system32\Bubbles.scr [805888 2015-10-30] (Microsoft Corporation)
Startup: C:\Users\Manuella\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Alertes de surveillance de l'encre - HP ENVY 4500 series.lnk [2017-08-22]
ShortcutTarget: Alertes de surveillance de l'encre - HP ENVY 4500 series.lnk -> C:\Program Files\HP\HP ENVY 4500 series\Bin\HPStatusBL.dll (Hewlett-Packard Development Company, LP)
Startup: C:\Users\Manuella\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\CurseClientStartup.ccip [2015-05-08] ()
==================== Internet (Avec liste blanche) ====================
(Si un élément est inclus dans le fichier fixlist.txt, s'il s'agit d'un élément du Registre, il sera supprimé ou restauré à la valeur par défaut.)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{a583a8dc-b6a0-4072-8660-14e79331b171}: [DhcpNameServer] 192.168.1.1
Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-2633943692-513737018-3113483853-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.msn.com/?pc=SKY2&ocid=SKY2DHP&osmkt=fr-fr
HKU\S-1-5-21-2633943692-513737018-3113483853-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://asus13.msn.com/?pc=ASJB
HKU\S-1-5-21-2633943692-513737018-3113483853-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-08222017030427617\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.msn.com/?pc=SKY2&ocid=SKY2DHP&osmkt=fr-fr
HKU\S-1-5-21-2633943692-513737018-3113483853-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-08222017030427617\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://asus13.msn.com/?pc=ASJB
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_91\bin\ssv.dll [2016-05-05] (Oracle Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_91\bin\jp2ssv.dll [2016-05-05] (Oracle Corporation)
Handler: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - Pas de fichier
Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - Pas de fichier
FireFox:
========
FF DefaultProfile: kqo8lrr4.default
FF ProfilePath: C:\Users\Manuella\AppData\Roaming\Zotero\Zotero\Profiles\kqo8lrr4.default [2017-03-28]
FF ProfilePath: C:\Users\Manuella\AppData\Roaming\Mozilla\Firefox\Profiles\yxirrjfz.default [2017-08-22]
FF DefaultSearchEngine: Mozilla\Firefox\Profiles\yxirrjfz.default -> Recherche sécurisée
FF SearchEngineOrder.1: Mozilla\Firefox\Profiles\yxirrjfz.default -> Recherche sécurisée
FF SearchEngineOrder.3: Mozilla\Firefox\Profiles\yxirrjfz.default -> Bing
FF SelectedSearchEngine: Mozilla\Firefox\Profiles\yxirrjfz.default -> Recherche sécurisée
FF Homepage: Mozilla\Firefox\Profiles\yxirrjfz.default -> hxxp://www.msn.com/?pc=SKY2&ocid=SKY2DHP&osmkt=fr-fr
FF Keyword.URL: Mozilla\Firefox\Profiles\yxirrjfz.default -> hxxp://r.orange.fr/r?ref=O_OI_hook_openSearchFF&url=http%3A//rws.search.ke.voila.fr/RW/S/opensearch_orange?rdata=
FF Extension: (Avira Browser Safety) - C:\Users\Manuella\AppData\Roaming\Mozilla\Firefox\Profiles\yxirrjfz.default\Extensions\abs@avira.com [2017-06-07]
FF Extension: (Bing Search) - C:\Users\Manuella\AppData\Roaming\Mozilla\Firefox\Profiles\yxirrjfz.default\Extensions\bingsearch.full@microsoft.com.xpi [2015-11-27]
FF SearchPlugin: C:\Users\Manuella\AppData\Roaming\Mozilla\Firefox\Profiles\yxirrjfz.default\searchplugins\bing-.xml [2015-11-27]
FF SearchPlugin: C:\Users\Manuella\AppData\Roaming\Mozilla\Firefox\Profiles\yxirrjfz.default\searchplugins\McSiteAdvisor.xml [2016-08-11]
FF HKLM\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files (x86)\McAfee\SiteAdvisor\saffplg.xpi => non trouvé(e)
FF HKLM-x32\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files (x86)\McAfee\SiteAdvisor\saffplg.xpi => non trouvé(e)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.50901.0\npctrl.dll [2016-08-31] ( Microsoft Corporation)
FF Plugin: @wacom.com/wtPlugin,version=2.1.0.3 -> C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll [2014-03-25] (Wacom)
FF Plugin: @wacom.com/wtPlugin,version=2.1.0.7 -> C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll [2014-03-25] (Wacom)
FF Plugin: wacom.com/WacomTabletPlugin -> C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll [2014-03-25] (Wacom)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-09-16] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-09-16] (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.91.2 -> C:\Program Files (x86)\Java\jre1.8.0_91\bin\dtplugin\npDeployJava1.dll [2016-05-05] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.91.2 -> C:\Program Files (x86)\Java\jre1.8.0_91\bin\plugin2\npjp2.dll [2016-05-05] (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.50901.0\npctrl.dll [2016-08-31] ( Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-04-27] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-04-27] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.1.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2014-07-23] (VideoLAN)
FF Plugin-x32: @wacom.com/wtPlugin,version=2.1.0.3 -> C:\Program Files (x86)\TabletPlugins\npWacomTabletPlugin.dll [2014-03-25] (Wacom)
FF Plugin-x32: @wacom.com/wtPlugin,version=2.1.0.7 -> C:\Program Files (x86)\TabletPlugins\npWacomTabletPlugin.dll [2014-03-25] (Wacom)
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\1\NP_wtapp.dll [2013-08-06] ()
FF Plugin-x32: wacom.com/WacomTabletPlugin -> C:\Program Files (x86)\TabletPlugins\npWacomTabletPlugin.dll [2014-03-25] (Wacom)
FF Plugin HKU\S-1-5-21-2633943692-513737018-3113483853-1001: wacom.com/WacomTabletPlugin -> C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll [2014-03-25] (Wacom)
FF Plugin HKU\S-1-5-21-2633943692-513737018-3113483853-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-08222017030427617: wacom.com/WacomTabletPlugin -> C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll [2014-03-25] (Wacom)
Chrome:
=======
CHR DefaultProfile: Default
CHR HomePage: Default -> hxxp://www.google.com/
CHR StartupUrls: Default -> "hxxp://www.google.co.uk/"
CHR Profile: C:\Users\Manuella\AppData\Local\Google\Chrome\User Data\Default [2017-08-22]
CHR Extension: (Google Docs) - C:\Users\Manuella\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-02-04]
CHR Extension: (Google Drive) - C:\Users\Manuella\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-10-21]
CHR Extension: (YouTube) - C:\Users\Manuella\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-09-25]
CHR Extension: (Adblock Plus) - C:\Users\Manuella\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2017-07-13]
CHR Extension: (AdBlock+) - C:\Users\Manuella\AppData\Local\Google\Chrome\User Data\Default\Extensions\chmimgmjdabgiilljdjfbonifbhiglao [2014-07-18]
CHR Extension: (Adblock pour Youtube™) - C:\Users\Manuella\AppData\Local\Google\Chrome\User Data\Default\Extensions\cmedhionkhpnakcndndgjdbohmhepckk [2017-06-14]
CHR Extension: (Recherche Google) - C:\Users\Manuella\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-10-29]
CHR Extension: (Protection Web Avira) - C:\Users\Manuella\AppData\Local\Google\Chrome\User Data\Default\Extensions\flliilndjeohchalpbbcdekjklbdgfkk [2017-06-08]
CHR Extension: (Google Docs hors connexion) - C:\Users\Manuella\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-03-15]
CHR Extension: (AdBlock) - C:\Users\Manuella\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2017-08-14]
CHR Extension: (Roms43 for Chrome) - C:\Users\Manuella\AppData\Local\Google\Chrome\User Data\Default\Extensions\hodglkaodhnbkakchphcmbgdinlgcfgc [2016-02-29]
CHR Extension: (Cargo Bridge) - C:\Users\Manuella\AppData\Local\Google\Chrome\User Data\Default\Extensions\keembkgclppcbilkekfgpobhldjjhpmn [2014-07-18]
CHR Extension: (Paiements via le Chrome Web Store) - C:\Users\Manuella\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-08-22]
CHR Extension: (Mon thème Chrome) - C:\Users\Manuella\AppData\Local\Google\Chrome\User Data\Default\Extensions\oehpjpccmlcalbenfhnacjeocbjdonic [2015-08-27]
CHR Extension: (Gmail) - C:\Users\Manuella\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-03-28]
CHR Extension: (Chrome Media Router) - C:\Users\Manuella\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-07-29]
CHR HKLM\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] - C:\Program Files (x86)\McAfee\SiteAdvisor\McChPlg.crx
CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - hxxps://clients2.google.com/service/update2/crx
==================== Services (Avec liste blanche) ====================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
R2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [2246256 2017-05-18] (Adobe Systems, Incorporated)
S2 AntiVirMailService; C:\Program Files (x86)\Avira\AntiVir Desktop\avmailc7.exe [1128432 2017-08-09] (Avira Operations GmbH & Co. KG)
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [490968 2017-08-09] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [490968 2017-08-09] (Avira Operations GmbH & Co. KG)
S2 AntiVirWebService; C:\Program Files (x86)\Avira\AntiVir Desktop\avwebg7.exe [1525240 2017-08-09] (Avira Operations GmbH & Co. KG)
R2 Asus WebStorage Windows Service; C:\Program Files (x86)\ASUS\WebStorage\2.0.3.226\AsusWSWinService.exe [71680 2013-08-16] (ASUS Cloud Corporation) [Fichier non signé]
R2 Avira.ServiceHost; C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe [389312 2017-08-02] (Avira Operations GmbH & Co. KG)
R2 BcmBtRSupport; C:\WINDOWS\system32\BtwRSupportService.exe [2251992 2015-03-27] (Broadcom Corporation.)
R2 ETDService; C:\Program Files\Elantech\ETDService.exe [147688 2015-07-14] (ELAN Microelectronics Corp.)
R2 GamesAppIntegrationService; C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe [227904 2014-07-19] (WildTangent)
R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1165368 2016-05-02] (NVIDIA Corporation)
R2 igfxCUIService2.0.0.0; C:\WINDOWS\system32\igfxCUIService.exe [373744 2016-11-02] (Intel Corporation)
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [747520 2013-08-27] (Intel(R) Corporation) [Fichier non signé]
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [828376 2013-08-27] (Intel(R) Corporation)
R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [131544 2013-09-16] (Intel Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-09-16] (Intel Corporation)
R2 MBAMService; C:\Anti-Malware\mbamservice.exe [4355024 2017-01-20] (Malwarebytes)
R2 NVDisplay.ContainerLocalSystem; C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe [458176 2016-12-29] (NVIDIA Corporation)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1881144 2016-05-02] (NVIDIA Corporation)
R3 NvStreamNetworkSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe [3634232 2016-05-02] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe [2522680 2016-05-02] (NVIDIA Corporation)
S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2168672 2017-08-10] (Electronic Arts)
S2 Origin Web Helper Service; C:\Program Files (x86)\Origin\OriginWebHelperService.exe [3148128 2017-08-10] (Electronic Arts)
R2 PDF Architect 5 Manager; C:\ProgramData\pdfforge\PDF Architect 5 Manager\PDF Architect 5\Architect Manager.exe [985904 2017-02-28] (© pdfforge GmbH.)
R2 RzWizardService; C:\Program Files (x86)\Razer\RzWizard\RzWizardService.exe [368128 2015-04-16] (Razer Inc.) [Fichier non signé]
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [364464 2016-10-25] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [24864 2016-10-25] (Microsoft Corporation)
R2 WTabletServicePro; C:\Program Files\Tablet\Wacom\WTabletServicePro.exe [672208 2017-04-05] (Wacom Technology, Corp.)
===================== Pilotes (Avec liste blanche) ======================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
R0 avdevprot; C:\WINDOWS\System32\DRIVERS\avdevprot.sys [60920 2017-06-20] (Avira Operations GmbH & Co. KG)
R2 avgntflt; C:\WINDOWS\System32\DRIVERS\avgntflt.sys [173784 2017-08-09] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\WINDOWS\system32\DRIVERS\avipbb.sys [167464 2017-08-09] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\WINDOWS\system32\DRIVERS\avkmgr.sys [44488 2017-03-28] (Avira Operations GmbH & Co. KG)
R2 avnetflt; C:\WINDOWS\system32\DRIVERS\avnetflt.sys [88488 2017-03-28] (Avira Operations GmbH & Co. KG)
R3 bcbtums; C:\WINDOWS\system32\drivers\bcbtums.sys [173312 2015-03-27] (Broadcom Corporation.)
R3 BCM43XX; C:\WINDOWS\system32\DRIVERS\bcmwl63a.sys [7480496 2014-04-06] (Broadcom Corporation)
R3 ETDSMBus; C:\WINDOWS\System32\drivers\ETDSMBus.sys [31320 2015-07-14] (ELAN Microelectronic Corp.)
R3 kbfiltr; C:\WINDOWS\System32\drivers\kbfiltr.sys [17280 2012-08-06] ( )
R0 MBAMSwissArmy; C:\WINDOWS\System32\drivers\MBAMSwissArmy.sys [251832 2017-08-21] (Malwarebytes)
R3 MEIx64; C:\WINDOWS\system32\DRIVERS\TeeDriverx64.sys [99288 2013-09-16] (Intel Corporation)
R2 npf; C:\WINDOWS\System32\drivers\npf.sys [35344 2011-02-11] (CACE Technologies, Inc.)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [28216 2016-05-02] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\WINDOWS\system32\drivers\nvvad64v.sys [56384 2016-04-14] (NVIDIA Corporation)
R2 plctrl; C:\Program Files\ASUS\P4G\plctrl.sys [14136 2014-01-03] (Windows (R) Win 7 DDK provider)
R3 ScpVBus; C:\WINDOWS\System32\drivers\ScpVBus.sys [39168 2013-05-19] (Scarlet.Crush Productions)
S3 WacHidRouterPro; C:\WINDOWS\System32\drivers\wachidrouter.sys [120976 2017-03-27] (Wacom Technology)
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [44568 2015-10-30] (Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [293216 2015-10-30] (Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [118112 2015-10-30] (Microsoft Corporation)
==================== NetSvcs (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
==================== Un mois - Créés - fichiers et dossiers ========
(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)
2017-08-22 12:06 - 2017-08-22 12:07 - 000031057 _____ C:\Users\Manuella\Desktop\FRST.txt
2017-08-22 12:06 - 2017-08-22 12:06 - 002395648 _____ (Farbar) C:\Users\Manuella\Desktop\FRST64.exe
2017-08-22 12:06 - 2017-08-22 12:06 - 000000000 ____D C:\FRST
2017-08-22 11:20 - 2017-08-22 11:20 - 000163412 _____ C:\Users\Manuella\Desktop\ZHPDiag.txt
2017-08-22 11:16 - 2017-08-22 11:17 - 002812800 _____ C:\Users\Manuella\Downloads\zhpdiag_2017.8.15.140.exe
2017-08-22 11:16 - 2017-08-22 11:16 - 000000000 ___HD C:\OneDriveTemp
2017-08-18 09:47 - 2017-08-22 11:18 - 000000074 _____ C:\Users\Manuella\AppData\Roaming\sp_data.sys
2017-08-15 22:24 - 2017-08-15 22:24 - 000568624 _____ C:\Users\Manuella\Downloads\cacaoweb.exe
2017-08-11 17:14 - 2017-08-11 17:14 - 000015025 _____ C:\Users\Manuella\AppData\Local\recently-used.xbel
2017-08-11 17:11 - 2017-08-11 17:11 - 000323100 _____ C:\Users\Manuella\Desktop\Scan.pdf
2017-08-09 11:09 - 2017-08-09 11:09 - 000000000 ____D C:\Users\Manuella\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Discord Inc
2017-08-02 22:11 - 2017-08-21 09:17 - 000000000 ____D C:\Users\Manuella\AppData\Roaming\discord
2017-08-02 22:11 - 2017-08-09 11:09 - 000002288 _____ C:\Users\Manuella\Desktop\Discord.lnk
2017-08-02 22:11 - 2017-08-09 11:08 - 000000000 ____D C:\Users\Manuella\AppData\Local\Discord
2017-08-02 22:11 - 2017-08-02 22:11 - 000000000 ____D C:\Users\Manuella\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Hammer & Chisel, Inc
2017-08-02 22:11 - 2017-08-02 22:11 - 000000000 ____D C:\Users\Manuella\AppData\Local\SquirrelTemp
2017-08-02 22:05 - 2017-08-02 22:11 - 052553728 _____ (Hammer & Chisel, Inc.) C:\Users\Manuella\Downloads\DiscordSetup.exe
2017-07-25 13:03 - 2017-08-22 12:00 - 000003550 _____ C:\WINDOWS\System32\Tasks\ASUS Live Update1
2017-07-25 12:59 - 2017-07-25 12:59 - 000003364 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-2633943692-513737018-3113483853-1001
==================== Un mois - Modifiés - fichiers et dossiers ========
(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)
2017-08-22 12:00 - 2015-05-13 09:19 - 000003540 _____ C:\WINDOWS\System32\Tasks\ASUS Live Update2
2017-08-22 11:19 - 2014-07-18 02:19 - 000004164 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{DA17552E-AB5C-4167-A396-C030DE224CCD}
2017-08-22 11:18 - 2017-04-29 21:13 - 000000000 ____D C:\Users\Manuella\AppData\Roaming\ZHP
2017-08-22 11:16 - 2015-10-07 17:53 - 000000000 ____D C:\ProgramData\ASUS Smart Gesture
2017-08-22 11:16 - 2015-07-30 22:34 - 000000000 ___RD C:\Users\Manuella\OneDrive
2017-08-22 11:15 - 2016-01-09 06:12 - 000000180 _____ C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2017-08-22 11:15 - 2015-07-30 22:34 - 000000000 __SHD C:\Users\Manuella\IntelGraphicsProfiles
2017-08-22 04:39 - 2015-01-19 00:19 - 000000000 ____D C:\Program Files (x86)\Steam
2017-08-21 23:36 - 2016-01-09 06:16 - 000000000 ____D C:\Users\Manuella
2017-08-21 23:24 - 2015-10-30 21:00 - 000825500 _____ C:\WINDOWS\system32\perfh00C.dat
2017-08-21 23:24 - 2015-10-30 21:00 - 000155764 _____ C:\WINDOWS\system32\perfc00C.dat
2017-08-21 23:24 - 2015-10-30 09:21 - 000000000 ____D C:\WINDOWS\INF
2017-08-21 23:24 - 2015-07-30 22:22 - 001848398 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2017-08-21 23:16 - 2017-04-30 01:28 - 000251832 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2017-08-21 23:15 - 2016-01-09 06:13 - 000000000 ____D C:\ProgramData\NVIDIA
2017-08-21 23:14 - 2016-01-09 10:07 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2017-08-21 22:43 - 2016-06-14 19:56 - 000000000 ____D C:\Users\Manuella\AppData\Local\CrashDumps
2017-08-21 22:29 - 2015-06-15 21:39 - 000000000 ____D C:\Users\Manuella\AppData\Roaming\Azureus
2017-08-21 22:28 - 2017-05-01 13:53 - 000000000 ____D C:\WINDOWS\Minidump
2017-08-21 22:28 - 2016-05-14 12:27 - 000000000 ____D C:\Users\Manuella\AppData\Local\Deployment
2017-08-21 21:46 - 2014-07-30 23:31 - 000000000 ____D C:\ProgramData\Origin
2017-08-21 11:20 - 2014-08-17 01:07 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2017-08-21 11:20 - 2014-07-19 00:22 - 000000000 ____D C:\ProgramData\Package Cache
2017-08-21 09:19 - 2017-02-04 11:21 - 000000000 ____D C:\Users\Manuella\AppData\Roaming\Spotify
2017-08-21 09:19 - 2017-02-04 11:21 - 000000000 ____D C:\Users\Manuella\AppData\Local\Spotify
2017-08-18 18:31 - 2015-10-30 08:28 - 001310720 ___SH C:\WINDOWS\system32\config\BBI
2017-08-18 00:17 - 2014-09-29 18:53 - 000000000 ____D C:\Users\Manuella\AppData\Local\Battle.net
2017-08-17 23:16 - 2014-09-29 18:52 - 000000000 ____D C:\Program Files (x86)\Battle.net
2017-08-17 21:48 - 2014-07-18 02:38 - 000002272 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2017-08-11 17:57 - 2017-05-02 16:24 - 000000000 ____D C:\Users\Manuella\.gimp-2.8
2017-08-11 17:14 - 2017-05-02 16:26 - 000000000 ____D C:\Users\Manuella\AppData\Local\gtk-2.0
2017-08-11 12:01 - 2014-09-29 18:56 - 000000000 ____D C:\Program Files (x86)\Hearthstone
2017-08-11 11:59 - 2014-07-30 23:37 - 000000000 ____D C:\Program Files (x86)\Origin Games
2017-08-11 11:58 - 2015-04-29 19:48 - 000000000 ____D C:\Program Files (x86)\World of Warcraft
2017-08-10 11:04 - 2014-07-30 23:34 - 000000000 ____D C:\Users\Manuella\AppData\Roaming\Origin
2017-08-10 11:03 - 2014-07-30 23:31 - 000000000 ____D C:\Program Files (x86)\Origin
2017-08-09 11:08 - 2014-08-17 01:06 - 000173784 _____ (Avira Operations GmbH & Co. KG) C:\WINDOWS\system32\Drivers\avgntflt.sys
2017-08-09 11:08 - 2014-08-17 01:06 - 000167464 _____ (Avira Operations GmbH & Co. KG) C:\WINDOWS\system32\Drivers\avipbb.sys
2017-07-30 00:52 - 2014-08-17 00:46 - 000000000 ____D C:\Users\Manuella\AppData\Roaming\Skype
2017-07-25 12:58 - 2015-07-30 22:41 - 000002456 _____ C:\Users\Manuella\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
==================== Fichiers à la racine de certains dossiers =======
2017-02-03 02:13 - 2017-04-19 16:53 - 000000034 _____ () C:\Users\Manuella\AppData\Roaming\AdobeWLCMCache.dat
2014-08-19 23:21 - 2014-08-19 23:21 - 000000098 _____ () C:\Users\Manuella\AppData\Roaming\LauncherSettings_live.cfg
2017-08-18 09:47 - 2017-08-22 11:18 - 000000074 _____ () C:\Users\Manuella\AppData\Roaming\sp_data.sys
2014-08-19 18:38 - 2014-08-19 18:42 - 000008137 _____ () C:\Users\Manuella\AppData\Roaming\TheHunterSettings_live.bin
2014-08-19 18:32 - 2014-08-19 18:32 - 000000039 _____ () C:\Users\Manuella\AppData\Roaming\TheHunterSettings_steam_live.cfg
2015-08-02 12:55 - 2016-04-14 19:31 - 000001456 _____ () C:\Users\Manuella\AppData\Local\Adobe Enregistrer pour le Web 12.0 Prefs
2015-11-12 01:36 - 2016-03-06 17:05 - 000004608 _____ () C:\Users\Manuella\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2017-08-11 17:14 - 2017-08-11 17:14 - 000015025 _____ () C:\Users\Manuella\AppData\Local\recently-used.xbel
2016-05-09 19:27 - 2016-05-09 19:27 - 000000057 _____ () C:\ProgramData\Ament.ini
2016-01-09 06:12 - 2016-01-09 06:12 - 000000000 ____H () C:\ProgramData\DP45977C.lfl
2013-12-13 06:09 - 2012-09-07 13:40 - 000000256 _____ () C:\ProgramData\SetStretch.cmd
2013-12-13 06:09 - 2009-07-22 12:04 - 000024576 _____ () C:\ProgramData\SetStretch.exe
2013-12-13 06:09 - 2012-09-07 13:37 - 000000103 _____ () C:\ProgramData\SetStretch.VBS
==================== Bamital & volsnap ======================
(Il n'y a pas de correction automatique pour les fichiers qui ne satisfont pas à la vérification.)
C:\WINDOWS\system32\winlogon.exe => Le fichier est signé numériquement
C:\WINDOWS\system32\wininit.exe => Le fichier est signé numériquement
C:\WINDOWS\explorer.exe => Le fichier est signé numériquement
C:\WINDOWS\SysWOW64\explorer.exe => Le fichier est signé numériquement
C:\WINDOWS\system32\svchost.exe => Le fichier est signé numériquement
C:\WINDOWS\SysWOW64\svchost.exe => Le fichier est signé numériquement
C:\WINDOWS\system32\services.exe => Le fichier est signé numériquement
C:\WINDOWS\system32\User32.dll => Le fichier est signé numériquement
C:\WINDOWS\SysWOW64\User32.dll => Le fichier est signé numériquement
C:\WINDOWS\system32\userinit.exe => Le fichier est signé numériquement
C:\WINDOWS\SysWOW64\userinit.exe => Le fichier est signé numériquement
C:\WINDOWS\system32\rpcss.dll => Le fichier est signé numériquement
C:\WINDOWS\system32\dnsapi.dll => Le fichier est signé numériquement
C:\WINDOWS\SysWOW64\dnsapi.dll => Le fichier est signé numériquement
C:\WINDOWS\system32\Drivers\volsnap.sys => Le fichier est signé numériquement
LastRegBack: 2017-08-21 10:44
==================== Fin de FRST.txt ============================