Résultats d'analyse de Farbar Recovery Scan Tool (FRST) (x64) Version: 29-01-2017 Exécuté par nathan (administrateur) sur NATHAN-PC (31-01-2017 00:20:42) Exécuté depuis C:\Users\nathan\Downloads Profils chargés: nathan & UpdatusUser (Profils disponibles: nathan & Famille & UpdatusUser) Platform: Windows 7 Home Premium Service Pack 1 (X64) Langue: Français (France) Internet Explorer Version 11 (Navigateur par défaut: IE) Mode d'amorçage: Normal Tutoriel pour Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processus (Avec liste blanche) ================= (Si un élément est inclus dans le fichier fixlist.txt, le processus sera arrêté. Le fichier ne sera pas déplacé.) (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe (Microsoft Corporation) C:\Windows\System32\rundll32.exe (Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe (AO Kaspersky Lab) C:\Program Files (x86)\Orange\Orange Security Suite 10.10\avp.exe (Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe (Acer Incorporated) C:\Program Files (x86)\eMachines\Registration\GREGsvc.exe (Acer Group) C:\Program Files\eMachines\eMachines Updater\UpdaterService.exe () C:\Windows\Temp\g1B4E.tmp.exe (AO Kaspersky Lab) C:\Program Files (x86)\Orange\Orange Security Suite 10.10\avpui.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe (Sony) C:\Program Files (x86)\Sony\Sony PC Companion\PCCompanion.exe (MagicISO, Inc.) C:\Program Files (x86)\MagicDisc\MagicDisc.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe (Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe (Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe () C:\Program Files (x86)\Sony\Sony PC Companion\PCCompanionInfo.exe (Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe (Eyeo GmbH) C:\Program Files\Adblock Plus for IE\AdblockPlusEngine.exe (Adobe Systems Incorporated) C:\Windows\System32\Macromed\Flash\FlashUtil64_24_0_0_194_ActiveX.exe (Microsoft Corporation) C:\Windows\System32\dllhost.exe (Microsoft Corporation) C:\Windows\System32\dllhost.exe (Microsoft Corporation) C:\Windows\System32\dllhost.exe ==================== Registre (Avec liste blanche) ==================== (Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé. Le fichier ne sera pas déplacé.) HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [10060320 2010-02-09] (Realtek Semiconductor) HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [176440 2017-01-19] (Apple Inc.) HKLM-x32\...\Run: [startertv_fr_10] => [X] HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2013-05-01] (Apple Inc.) HKU\S-1-5-21-1427708534-1987972728-248007218-1000\...\Run: [Sony PC Companion] => C:\Program Files (x86)\Sony\Sony PC Companion\PCCompanion.exe [457088 2015-09-23] (Sony) HKU\S-1-5-21-1427708534-1987972728-248007218-1000\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [9292504 2016-12-21] (Piriform Ltd) HKU\S-1-5-21-1427708534-1987972728-248007218-1000\...\MountPoints2: I - I:\startme.exe HKU\S-1-5-21-1427708534-1987972728-248007218-1000\...\MountPoints2: {3dee6f55-1187-11e3-ac6e-f80f410e0774} - H:\Startme.exe HKU\S-1-5-21-1427708534-1987972728-248007218-1000\...\MountPoints2: {4ab1a902-97b3-11e6-a218-a0969b334be0} - H:\startme.exe HKU\S-1-5-21-1427708534-1987972728-248007218-1000\...\MountPoints2: {9786374c-dfcf-11e2-bd6b-f80f410e0774} - H:\Startme.exe HKU\S-1-5-21-1427708534-1987972728-248007218-1000\...\MountPoints2: {c2752747-2c40-11e4-bff2-f80f410e0774} - H:\Startme.exe HKU\S-1-5-21-1427708534-1987972728-248007218-1000\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\System32\eMachines.scr [456224 2010-07-29] () HKU\S-1-5-21-1427708534-1987972728-248007218-1004\...\RunOnce: [ScrSav] => C:\Program Files (x86)\eMachines\Screensaver\run_eMachines.exe [154144 2010-07-29] () HKU\S-1-5-21-1427708534-1987972728-248007218-1004\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\system32\eMachines.scr [456224 2010-07-29] () Startup: C:\Users\nathan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Facebook Messenger.lnk [2013-03-09] ShortcutTarget: Facebook Messenger.lnk -> C:\Users\nathan\AppData\Local\Facebook\Messenger\2.1.4814.0\FacebookMessenger.exe (Pas de fichier) Startup: C:\Users\nathan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\MagicDisc.lnk [2011-06-27] ShortcutTarget: MagicDisc.lnk -> C:\Program Files (x86)\MagicDisc\MagicDisc.exe (MagicISO, Inc.) Startup: C:\Users\nathan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ZooskMessenger.lnk [2013-01-03] ShortcutTarget: ZooskMessenger.lnk -> C:\Program Files (x86)\ZooskMessenger\ZooskMessenger.exe (Pas de fichier) GroupPolicy: Restriction <======= ATTENTION ==================== Internet (Avec liste blanche) ==================== (Si un élément est inclus dans le fichier fixlist.txt, s'il s'agit d'un élément du Registre, il sera supprimé ou restauré à la valeur par défaut.) ProxyEnable: [.DEFAULT] => Proxy est activé. ProxyServer: [.DEFAULT] => http=127.0.0.1:58963;https=127.0.0.1:58963 Tcpip\Parameters: [DhcpNameServer] 192.168.1.1 Tcpip\..\Interfaces\{0F9EE582-6F92-4426-A3B8-2AFE52E726F7}: [NameServer] 178.33.41.181,88.191.223.122,88.191.223.122 Tcpip\..\Interfaces\{0F9EE582-6F92-4426-A3B8-2AFE52E726F7}: [DhcpNameServer] 192.168.1.1 Tcpip\..\Interfaces\{23DEBDE9-2DD9-4E20-98F8-3A1E4F8E058A}: [NameServer] 178.33.41.181,88.191.223.122 Tcpip\..\Interfaces\{23DEBDE9-2DD9-4E20-98F8-3A1E4F8E058A}: [DhcpNameServer] 192.168.1.1 Tcpip\..\Interfaces\{635E1BB3-99CD-42CC-951D-75BBB31F5CD4}: [DhcpNameServer] 172.20.10.1 Tcpip\..\Interfaces\{D8D61DE9-604A-46A5-9EC4-083077B23417}: [NameServer] 178.33.41.181,88.191.223.122,88.191.223.122 Tcpip\..\Interfaces\{D8D61DE9-604A-46A5-9EC4-083077B23417}: [DhcpNameServer] 192.168.1.1 Tcpip\..\Interfaces\{E0AF148F-E198-4866-9E17-1112BB976BF7}: [NameServer] 178.33.41.181,88.191.223.122 Tcpip\..\Interfaces\{E0AF148F-E198-4866-9E17-1112BB976BF7}: [DhcpNameServer] 192.168.1.1 Tcpip\..\Interfaces\{F35F80A6-5F9E-4022-AB57-18DDFFE4FB94}: [NameServer] 178.33.41.181,88.191.223.122 Internet Explorer: ================== HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank HKU\S-1-5-21-1427708534-1987972728-248007218-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/p/?LinkId=620947&OCID=AVRES007&pc=UE06 SearchScopes: HKLM -> {014DB5FA-EAFB-4592-A95B-F44D3EE87FA9} URL = SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=AEMTDF&pc=MAEM&src=IE-SearchBox SearchScopes: HKLM -> {763A488C-19F0-F1BC-2970-54B9C5C2776A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1 SearchScopes: HKLM -> {8acdd076-7141-4655-8487-c35174c89c93} URL = SearchScopes: HKLM -> {d4fee3d1-1014-4db8-a824-573bf9ab51c7} URL = hxxp://www.bing.com/search?FORM=INCOH2&PC=IC05&PTAG=ICO-b8bc79ea&q={searchTerms} SearchScopes: HKLM -> {DC91FAFB-6CEA-49E5-BB74-9CEE75D09B77} URL = hxxp://www.bing.com/search?FORM=INCOH2&PC=IC05&PTAG=ICO-b8bc79ea&q={searchTerms} SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=AEMTDF&pc=MAEM&src=IE-SearchBox SearchScopes: HKLM-x32 -> {3D309E1A-1099-D1D7-D420-793032FFA881} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1 SearchScopes: HKLM-x32 -> {BB74DE59-BC4C-4172-9AC4-73315F71CFFE} URL = hxxp://websearch.lookforithere.info/?l=1&q={searchTerms}&pid=658&r=2013/05/15&hid=3572013055&lg=EN&cc=FR&unqvl=14 SearchScopes: HKU\S-1-5-21-1427708534-1987972728-248007218-1000 -> {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = SearchScopes: HKU\S-1-5-21-1427708534-1987972728-248007218-1000 -> {763A488C-19F0-F1BC-2970-54B9C5C2776A} URL = BHO: Kaspersky Protection -> {03993315-5CE9-4F00-8790-D14A94F1D91A} -> C:\Program Files (x86)\Orange\Orange Security Suite 10.10\x64\IEExt\ie_plugin.dll [2017-01-25] (AO Kaspersky Lab) BHO: Pas de nom -> {31ad400d-1b06-4e33-a59a-90c2c140cba0} -> Pas de fichier BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\Office15\OCHelper.dll [2016-12-13] (Microsoft Corporation) BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office15\URLREDIR.DLL [2014-01-23] (Microsoft Corporation) BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL [2016-11-15] (Microsoft Corporation) BHO: Adblock Plus for IE Browser Helper Object -> {FFCB3198-32F3-4E8B-9539-4324694ED664} -> C:\Program Files\Adblock Plus for IE\AdblockPlus64.dll [2015-09-22] (Eyeo GmbH) BHO-x32: Kaspersky Protection -> {03993315-5CE9-4F00-8790-D14A94F1D91A} -> C:\Program Files (x86)\Orange\Orange Security Suite 10.10\IEExt\ie_plugin.dll [2017-01-25] (AO Kaspersky Lab) BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll [2016-12-13] (Microsoft Corporation) BHO-x32: Pas de nom -> {53707962-6F74-2D53-2644-206D7942484F} -> Pas de fichier BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office15\URLREDIR.DLL [2014-01-22] (Microsoft Corporation) BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL [2016-11-15] (Microsoft Corporation) BHO-x32: Adblock Plus for IE Browser Helper Object -> {FFCB3198-32F3-4E8B-9539-4324694ED664} -> C:\Program Files\Adblock Plus for IE\AdblockPlus32.dll [2015-09-22] (Eyeo GmbH) Toolbar: HKLM - Pas de nom - {ae07101b-46d4-4a98-af68-0333ea26e113} - Pas de fichier Toolbar: HKLM - Kaspersky Protection Toolbar - {001032CB-B0AC-4F2C-A650-AD4B2B26E5DA} - C:\Program Files (x86)\Orange\Orange Security Suite 10.10\x64\IEExt\ie_plugin.dll [2017-01-25] (AO Kaspersky Lab) Toolbar: HKLM-x32 - Kaspersky Protection Toolbar - {001032CB-B0AC-4F2C-A650-AD4B2B26E5DA} - C:\Program Files (x86)\Orange\Orange Security Suite 10.10\IEExt\ie_plugin.dll [2017-01-25] (AO Kaspersky Lab) Toolbar: HKU\S-1-5-21-1427708534-1987972728-248007218-1000 -> Pas de nom - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - Pas de fichier Toolbar: HKU\S-1-5-21-1427708534-1987972728-248007218-1000 -> Kaspersky Protection Toolbar - {001032CB-B0AC-4F2C-A650-AD4B2B26E5DA} - C:\Program Files (x86)\Orange\Orange Security Suite 10.10\x64\IEExt\ie_plugin.dll [2017-01-25] (AO Kaspersky Lab) DPF: HKLM-x32 {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL [2016-05-17] (Microsoft Corporation) StartMenuInternet: IEXPLORE.EXE - iexplore.exe FireFox: ======== FF HKLM\...\Firefox\Extensions: [{8E9E3331-D360-4f87-8803-52DE43566502}] - C:\Program Files\Updater By Sweetpacks\Firefox => non trouvé(e) FF HKLM-x32\...\Firefox\Extensions: [{8E9E3331-D360-4f87-8803-52DE43566502}] - C:\Program Files\Updater By Sweetpacks\Firefox => non trouvé(e) FF HKLM-x32\...\Firefox\Extensions: [light_plugin_D772DC8D6FAF43A29B25C4EBAA5AD1DE@kaspersky.com] - C:\Program Files (x86)\Orange\Orange Security Suite 10.10\FFExt\light_plugin_firefox\addon.xpi FF Extension: (Kaspersky Protection) - C:\Program Files (x86)\Orange\Orange Security Suite 10.10\FFExt\light_plugin_firefox\addon.xpi [2017-01-25] FF HKU\S-1-5-21-1427708534-1987972728-248007218-1000\...\Firefox\Extensions: [{8A9386B4-E958-4c4c-ADF4-8F26DB3E4829}] - C:\Program Files (x86)\PriceGong\2.6.5\FF => non trouvé(e) FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_24_0_0_194.dll [2017-01-10] () FF Plugin: @iqiyi.com/npWebPlayer -> C:\IQIYI Video\LStyle\npWebPlayer.dll [Pas de fichier] FF Plugin: @microsoft.com/GENUINE -> disabled [Pas de fichier] FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.50901.0\npctrl.dll [2016-08-31] ( Microsoft Corporation) FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~2\Office15\NPSPWRAP.DLL [2014-01-23] (Microsoft Corporation) FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_24_0_0_194.dll [2017-01-10] () FF Plugin-x32: @microsoft.com/GENUINE -> disabled [Pas de fichier] FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2016-07-19] (Microsoft Corporation) FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.50901.0\npctrl.dll [2016-08-31] ( Microsoft Corporation) FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~3\Office15\NPSPWRAP.DLL [2014-01-22] (Microsoft Corporation) FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [Pas de fichier] FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [Pas de fichier] FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3538.0513 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [Pas de fichier] FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2016-12-27] (Google Inc.) FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2016-12-27] (Google Inc.) FF Plugin-x32: @videolan.org/vlc,version=2.0.8 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN) FF Plugin-x32: @videolan.org/vlc,version=2.1.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN) FF Plugin-x32: @videolan.org/vlc,version=2.1.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN) FF Plugin-x32: @videolan.org/vlc,version=2.1.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN) FF Plugin-x32: @videolan.org/vlc,version=2.2.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN) FF Plugin-x32: @videolan.org/vlc,version=2.2.4 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN) FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2016-12-23] (Adobe Systems Inc.) FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npMeetingJoinPluginOC.dll [2016-07-19] (Microsoft Corporation) Chrome: ======= CHR HKLM\...\Chrome\Extension: [kgleflkdamakpmckkidkcmnmdikbbmok] - hxxps://chrome.google.com/webstore/detail/kgleflkdamakpmckkidkcmnmdikbbmok CHR HKLM\...\Chrome\Extension: [pflphaooapbgpeakohlggbpidpppgdff] - C:\Users\nathan\AppData\Local\mysearchdial.crx CHR HKU\S-1-5-21-1427708534-1987972728-248007218-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [bahkljhhdeciiaodlkppoonappfnheoi] - hxxps://clients2.google.com/service/update2/crx CHR HKU\S-1-5-21-1427708534-1987972728-248007218-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [gaiilaahiahdejapggenmdmafpmbipje] - C:\Program Files (x86)\DealPly\DealPly.crx CHR HKU\S-1-5-21-1427708534-1987972728-248007218-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [pflphaooapbgpeakohlggbpidpppgdff] - C:\Users\nathan\AppData\Local\mysearchdial.crx CHR HKLM-x32\...\Chrome\Extension: [bahkljhhdeciiaodlkppoonappfnheoi] - hxxps://clients2.google.com/service/update2/crx CHR HKLM-x32\...\Chrome\Extension: [bkomkajifikmkfnjgphkjcfeepbnojok] - C:\Program Files (x86)\PriceGong\2.6.5\pricegong.crx CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - hxxps://clients2.google.com/service/update2/crx CHR HKLM-x32\...\Chrome\Extension: [eooncjejnppfjjklapaamhcdmjbilmde] - C:\Users\nathan\AppData\Roaming\BabSolution\CR\Delta.crx CHR HKLM-x32\...\Chrome\Extension: [gaiilaahiahdejapggenmdmafpmbipje] - C:\Program Files (x86)\DealPly\DealPly.crx CHR HKLM-x32\...\Chrome\Extension: [gjmpioofjhhijdaikhaabpkcbjinfnnp] - hxxps://chrome.google.com/webstore/detail/gjmpioofjhhijdaikhaabpkcbjinfnnp CHR HKLM-x32\...\Chrome\Extension: [kgleflkdamakpmckkidkcmnmdikbbmok] - hxxps://chrome.google.com/webstore/detail/kgleflkdamakpmckkidkcmnmdikbbmok CHR HKLM-x32\...\Chrome\Extension: [pbiamblgmkgbcgbcgejjgebalncpmhnp] - C:\Program Files (x86)\StartSearch plugin\vshareplg.crx CHR HKLM-x32\...\Chrome\Extension: [pflphaooapbgpeakohlggbpidpppgdff] - C:\Users\nathan\AppData\Local\mysearchdial.crx ==================== Services (Avec liste blanche) ==================== (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.) R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [83768 2016-09-22] (Apple Inc.) R2 AVP16.0.1; C:\Program Files (x86)\Orange\Orange Security Suite 10.10\avp.exe [236928 2015-12-22] (AO Kaspersky Lab) S3 GameConsoleService; C:\Program Files (x86)\eMachines Games\eMachines Game Console\GameConsoleService.exe [246520 2010-04-04] (WildTangent, Inc.) R2 GREGService; C:\Program Files (x86)\eMachines\Registration\GREGsvc.exe [23584 2010-01-08] (Acer Incorporated) S3 klvssbrigde64; C:\Program Files (x86)\Orange\Orange Security Suite 10.10\x64\vssbridge64.exe [152488 2015-12-22] (AO Kaspersky Lab) R2 Updater Service; C:\Program Files\eMachines\eMachines Updater\UpdaterService.exe [243232 2010-01-29] (Acer Group) R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation) ===================== Pilotes (Avec liste blanche) ====================== (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.) S3 athrusb; C:\Windows\System32\DRIVERS\athrxusb.sys [1075712 2008-07-29] (Atheros Communications, Inc.) R3 athrusb6; C:\Windows\System32\DRIVERS\athrxu6.sys [1039360 2007-05-16] (Atheros Communications, Inc.) R0 cm_km; C:\Windows\System32\DRIVERS\cm_km.sys [389816 2015-07-06] (Kaspersky Lab ZAO) S3 ggsomc; C:\Windows\System32\DRIVERS\ggsomc.sys [30424 2015-12-02] (Sony Mobile Communications) R0 kl1; C:\Windows\System32\DRIVERS\kl1.sys [478392 2015-09-11] (Kaspersky Lab ZAO) R0 klbackupdisk; C:\Windows\System32\DRIVERS\klbackupdisk.sys [53432 2015-06-06] (Kaspersky Lab ZAO) R1 klbackupflt; C:\Windows\System32\DRIVERS\klbackupflt.sys [79240 2015-12-01] (AO Kaspersky Lab) R2 kldisk; C:\Windows\System32\DRIVERS\kldisk.sys [78200 2015-12-02] (AO Kaspersky Lab) R3 klflt; C:\Windows\System32\DRIVERS\klflt.sys [182152 2015-12-11] (AO Kaspersky Lab) R1 klhk; C:\Windows\System32\DRIVERS\klhk.sys [236432 2017-01-25] (AO Kaspersky Lab) R3 klids; C:\ProgramData\Kaspersky Lab\AVP16.0.1\Bases\klids.sys [182360 2017-01-30] (AO Kaspersky Lab) R1 KLIF; C:\Windows\System32\DRIVERS\klif.sys [1001304 2017-01-25] (AO Kaspersky Lab) R1 KLIM6; C:\Windows\System32\DRIVERS\klim6.sys [50776 2016-07-05] (AO Kaspersky Lab) R3 klkbdflt; C:\Windows\System32\DRIVERS\klkbdflt.sys [52608 2015-11-11] (AO Kaspersky Lab) R3 klmouflt; C:\Windows\System32\DRIVERS\klmouflt.sys [41648 2015-06-07] (Kaspersky Lab ZAO) R1 klpd; C:\Windows\System32\DRIVERS\klpd.sys [45960 2015-12-07] (AO Kaspersky Lab) R1 kltdi; C:\Windows\System32\DRIVERS\kltdi.sys [65208 2015-06-11] (Kaspersky Lab ZAO) R1 Klwtp; C:\Windows\System32\DRIVERS\klwtp.sys [110424 2017-01-25] (AO Kaspersky Lab) R1 kneps; C:\Windows\System32\DRIVERS\kneps.sys [194440 2015-12-03] (AO Kaspersky Lab) U5 VWiFiFlt; C:\Windows\System32\Drivers\VWiFiFlt.sys [59904 2009-07-14] (Microsoft Corporation) ==================== NetSvcs (Avec liste blanche) =================== (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.) ==================== Un mois - Créés - fichiers et dossiers ======== (Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.) 2017-01-31 00:20 - 2017-01-31 00:21 - 00021128 _____ C:\Users\nathan\Downloads\FRST.txt 2017-01-31 00:20 - 2017-01-31 00:20 - 02420736 _____ (Farbar) C:\Users\nathan\Downloads\FRST64.exe 2017-01-30 22:10 - 2017-01-31 00:20 - 00000000 ____D C:\FRST 2017-01-30 22:07 - 2017-01-31 00:17 - 00001754 _____ C:\Users\nathan\Desktop\AdwCleaner[C3].txt 2017-01-30 10:58 - 2017-01-30 10:58 - 00001762 _____ C:\Users\Public\Desktop\iTunes.lnk 2017-01-30 10:58 - 2017-01-30 10:58 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes 2017-01-30 10:57 - 2017-01-30 10:58 - 00000000 ____D C:\Program Files\iTunes 2017-01-30 10:57 - 2017-01-30 10:57 - 00000000 ____D C:\Program Files\iPod 2017-01-30 10:53 - 2017-01-30 10:53 - 00002519 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Apple Software Update.lnk 2017-01-30 10:53 - 2017-01-30 10:53 - 00000000 ____D C:\Windows\System32\Tasks\Apple 2017-01-30 10:53 - 2017-01-30 10:53 - 00000000 ____D C:\Program Files (x86)\Apple Software Update 2017-01-30 10:52 - 2017-01-30 10:52 - 00000000 ____D C:\Program Files\Bonjour 2017-01-30 10:52 - 2017-01-30 10:52 - 00000000 ____D C:\Program Files (x86)\Bonjour 2017-01-30 00:26 - 2017-01-30 22:00 - 00000000 ____D C:\AdwCleaner 2017-01-29 20:29 - 2017-01-29 20:29 - 00000000 ____D C:\Users\nathan\Documents\4Media 2017-01-29 20:29 - 2017-01-29 20:29 - 00000000 ____D C:\Users\nathan\AppData\Roaming\4Media 2017-01-29 20:28 - 2017-01-29 20:28 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\4Media 2017-01-29 20:27 - 2017-01-29 20:27 - 00000000 ____D C:\ProgramData\4Media 2017-01-29 20:27 - 2017-01-29 20:27 - 00000000 ____D C:\Program Files (x86)\4Media 2017-01-29 16:57 - 2017-01-29 16:57 - 00002938 _____ C:\Windows\System32\Tasks\{C38E27AC-464E-4180-BAD9-2F253D983CE4} 2017-01-29 16:57 - 2017-01-29 16:57 - 00002938 _____ C:\Windows\System32\Tasks\{402EA251-BF24-41AD-A627-36B9A0AC41D0} 2017-01-29 16:39 - 2017-01-29 17:30 - 00000000 ____D C:\ProgramData\E1864A66-75E3-486a-BD95-D1B7D99A84A7 2017-01-29 16:35 - 2017-01-30 10:57 - 00000000 ____D C:\Program Files\Common Files\Apple 2017-01-29 09:40 - 2017-01-29 09:40 - 00000000 ____D C:\Users\nathan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FrostWire 6 2017-01-29 09:14 - 2017-01-29 09:14 - 00000000 ____D C:\Users\nathan\AppData\Local\Apple 2017-01-28 22:45 - 2017-01-28 22:45 - 00000000 ____D C:\Users\nathan\AppData\Local\Apple Computer 2017-01-27 21:28 - 2017-01-27 21:28 - 00001051 _____ C:\Users\UpdatusUser\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk 2017-01-27 19:21 - 2017-01-27 19:21 - 00118664 _____ C:\Users\nathan\AppData\Local\GDIPFONTCACHEV1.DAT 2017-01-27 19:17 - 2017-01-27 19:17 - 00000000 ____D C:\Users\nathan\AppData\Local\Lavasoft 2017-01-27 19:16 - 2017-01-27 19:16 - 00000000 ____D C:\Users\nathan\AppData\Local\VirtualStore 2017-01-27 18:49 - 2017-01-30 11:43 - 00000000 ____D C:\Users\nathan\AppData\Local\Google 2017-01-26 18:35 - 2017-01-05 19:55 - 00154856 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys 2017-01-26 18:35 - 2017-01-05 19:55 - 00095464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys 2017-01-26 18:35 - 2017-01-05 19:52 - 01460736 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll 2017-01-26 18:35 - 2017-01-05 19:52 - 01212928 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll 2017-01-26 18:35 - 2017-01-05 19:52 - 00730624 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll 2017-01-26 18:35 - 2017-01-05 19:52 - 00690688 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll 2017-01-26 18:35 - 2017-01-05 19:52 - 00463872 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll 2017-01-26 18:35 - 2017-01-05 19:52 - 00345600 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll 2017-01-26 18:35 - 2017-01-05 19:52 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll 2017-01-26 18:35 - 2017-01-05 19:52 - 00312320 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll 2017-01-26 18:35 - 2017-01-05 19:52 - 00210432 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll 2017-01-26 18:35 - 2017-01-05 19:52 - 00190464 _____ (Microsoft Corporation) C:\Windows\system32\rpchttp.dll 2017-01-26 18:35 - 2017-01-05 19:52 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll 2017-01-26 18:35 - 2017-01-05 19:52 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll 2017-01-26 18:35 - 2017-01-05 19:52 - 00123904 _____ (Microsoft Corporation) C:\Windows\system32\bcrypt.dll 2017-01-26 18:35 - 2017-01-05 19:52 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll 2017-01-26 18:35 - 2017-01-05 19:52 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll 2017-01-26 18:35 - 2017-01-05 19:52 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll 2017-01-26 18:35 - 2017-01-05 19:52 - 00028672 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll 2017-01-26 18:35 - 2017-01-05 19:52 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll 2017-01-26 18:35 - 2017-01-05 19:52 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll 2017-01-26 18:35 - 2017-01-05 18:43 - 00666112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll 2017-01-26 18:35 - 2017-01-05 18:43 - 00553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll 2017-01-26 18:35 - 2017-01-05 18:43 - 00342528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certcli.dll 2017-01-26 18:35 - 2017-01-05 18:43 - 00261120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll 2017-01-26 18:35 - 2017-01-05 18:43 - 00254464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll 2017-01-26 18:35 - 2017-01-05 18:43 - 00223232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll 2017-01-26 18:35 - 2017-01-05 18:43 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll 2017-01-26 18:35 - 2017-01-05 18:43 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll 2017-01-26 18:35 - 2017-01-05 18:43 - 00141312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpchttp.dll 2017-01-26 18:35 - 2017-01-05 18:43 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll 2017-01-26 18:35 - 2017-01-05 18:43 - 00082944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\bcrypt.dll 2017-01-26 18:35 - 2017-01-05 18:43 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll 2017-01-26 18:35 - 2017-01-05 18:43 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll 2017-01-26 18:35 - 2017-01-05 18:43 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll 2017-01-26 18:35 - 2017-01-05 18:43 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll 2017-01-26 18:35 - 2017-01-05 18:42 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll 2017-01-26 18:35 - 2017-01-05 18:32 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe 2017-01-26 18:35 - 2017-01-05 18:25 - 00159744 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys 2017-01-26 18:35 - 2017-01-05 18:24 - 00291328 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys 2017-01-26 18:35 - 2017-01-05 18:24 - 00129536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys 2017-01-26 18:35 - 2017-01-05 18:24 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe 2017-01-26 18:35 - 2017-01-05 18:23 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe 2017-01-26 18:35 - 2017-01-05 18:19 - 00036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptbase.dll 2017-01-25 19:04 - 2017-01-25 19:04 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Suite de Sécurité Orange 2017-01-25 18:59 - 2017-01-25 21:37 - 01001304 _____ (AO Kaspersky Lab) C:\Windows\system32\Drivers\klif.sys 2017-01-25 18:59 - 2015-12-11 17:28 - 00182152 _____ (AO Kaspersky Lab) C:\Windows\system32\Drivers\klflt.sys 2017-01-17 20:37 - 2017-01-26 21:40 - 00000000 ____D C:\Windows\system32\SSL 2017-01-07 23:01 - 2017-01-10 16:53 - 00000000 ____D C:\Users\nathan\Desktop\variete francais ==================== Un mois - Modifiés - fichiers et dossiers ======== (Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.) 2017-01-31 00:21 - 2016-12-11 17:32 - 00016734 _____ C:\Windows\System32\Tasks\363z96994t908 2017-01-31 00:19 - 2011-11-13 12:00 - 00000000 ____D C:\Windows\system32\Macromed 2017-01-31 00:10 - 2015-12-05 20:07 - 00000000 ____D C:\ProgramData\Kaspersky Lab 2017-01-31 00:01 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\tracing 2017-01-30 23:56 - 2016-12-11 17:38 - 00000458 _____ C:\Windows\Tasks\UCBrowserUpdater.job 2017-01-30 23:56 - 2012-04-02 10:45 - 00001002 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job 2017-01-30 22:10 - 2009-07-14 05:45 - 00018512 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 2017-01-30 22:10 - 2009-07-14 05:45 - 00018512 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 2017-01-30 22:01 - 2012-02-19 12:40 - 00065536 _____ C:\Windows\system32\Ikeext.etl 2017-01-30 22:01 - 2009-07-14 06:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT 2017-01-30 21:33 - 2016-12-01 20:29 - 00000000 ____D C:\Users\nathan\AppData\LocalLow\Adblock Plus for IE 2017-01-30 11:56 - 2013-04-12 22:48 - 00000000 ____D C:\Users\UpdatusUser 2017-01-30 11:53 - 2011-06-27 16:30 - 00000000 ____D C:\Program Files (x86)\Google 2017-01-30 11:46 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\inf 2017-01-30 11:44 - 2011-07-04 15:09 - 00000000 ____D C:\Users\Famille 2017-01-30 11:43 - 2011-06-27 16:30 - 00000000 ____D C:\ProgramData\Google 2017-01-30 10:48 - 2011-06-28 11:21 - 00000000 ____D C:\ProgramData\Apple 2017-01-30 00:32 - 2015-12-12 11:49 - 00000000 ____D C:\Program Files (x86)\Lavasoft 2017-01-30 00:32 - 2015-12-12 11:48 - 00000000 ____D C:\ProgramData\Lavasoft 2017-01-30 00:31 - 2015-12-12 11:51 - 00000000 ____D C:\Users\nathan\AppData\Roaming\Lavasoft 2017-01-29 09:40 - 2015-01-01 21:29 - 00000000 ____D C:\Program Files (x86)\FrostWire 2017-01-29 09:40 - 2014-11-27 11:33 - 00000000 ____D C:\Users\nathan\.frostwire5 2017-01-27 21:28 - 2013-05-07 10:30 - 00001051 ____H C:\Users\nathan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk 2017-01-27 21:28 - 2011-07-04 15:09 - 00001051 _____ C:\Users\Famille\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk 2017-01-27 21:27 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\system32\NDF 2017-01-26 18:53 - 2016-03-10 13:17 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013 2017-01-26 18:52 - 2009-07-14 03:34 - 00000478 _____ C:\Windows\win.ini 2017-01-26 18:47 - 2013-08-14 22:15 - 00000000 ____D C:\Windows\system32\MRT 2017-01-26 18:41 - 2011-03-05 19:54 - 00754648 _____ C:\Windows\system32\perfh00C.dat 2017-01-26 18:41 - 2011-03-05 19:54 - 00153478 _____ C:\Windows\system32\perfc00C.dat 2017-01-26 18:41 - 2009-07-14 06:13 - 01690230 _____ C:\Windows\system32\PerfStringBackup.INI 2017-01-26 18:40 - 2011-06-29 13:49 - 135657872 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe 2017-01-25 21:37 - 2015-12-03 11:10 - 00110424 _____ (AO Kaspersky Lab) C:\Windows\system32\Drivers\klwtp.sys 2017-01-25 21:28 - 2016-07-05 16:49 - 00236432 _____ (AO Kaspersky Lab) C:\Windows\system32\Drivers\klhk.sys 2017-01-25 19:04 - 2011-06-27 16:36 - 00000000 ____D C:\Program Files (x86)\Orange 2017-01-25 18:34 - 2015-11-09 13:36 - 00002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk 2017-01-17 21:33 - 2011-06-27 20:55 - 00000000 ____D C:\Program Files\CCleaner 2017-01-10 17:46 - 2012-04-02 10:45 - 00802904 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe 2017-01-10 17:46 - 2012-04-02 10:45 - 00003940 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater 2017-01-10 17:46 - 2011-07-05 16:36 - 00144472 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl 2017-01-10 17:46 - 2010-08-27 16:48 - 00000000 ____D C:\Windows\SysWOW64\Macromed 2017-01-10 16:08 - 2015-01-01 18:25 - 00004476 _____ C:\Windows\System32\Tasks\Adobe Acrobat Update Task ==================== Fichiers à la racine de certains dossiers ======= 2012-02-19 22:27 - 2012-02-19 22:27 - 0000006 _____ () C:\Program Files (x86)\Common Files\WPVersion.txt 2012-02-19 15:08 - 2012-02-19 15:20 - 0000000 _____ () C:\Users\nathan\AppData\Roaming\bibstats 2015-12-05 20:42 - 2015-12-05 20:42 - 0005120 _____ () C:\Users\nathan\AppData\Roaming\GiftBag.db 2014-01-11 13:49 - 2016-03-12 00:29 - 0000227 _____ () C:\Users\nathan\AppData\Roaming\WB.CFG 2014-01-11 13:49 - 2014-01-20 00:53 - 0000005 _____ () C:\Users\nathan\AppData\Roaming\WBPU-TTL.DAT Fichiers à déplacer ou supprimer: ==================== C:\Users\Public\AlexaNSISPlugin.3700.dll ==================== Bamital & volsnap ====================== (Il n'y a pas de correction automatique pour les fichiers qui ne satisfont pas à la vérification.) C:\Windows\system32\winlogon.exe => Le fichier est signé numériquement C:\Windows\system32\wininit.exe => Le fichier est signé numériquement C:\Windows\SysWOW64\wininit.exe => Le fichier est signé numériquement C:\Windows\explorer.exe => Le fichier est signé numériquement C:\Windows\SysWOW64\explorer.exe => Le fichier est signé numériquement C:\Windows\system32\svchost.exe => Le fichier est signé numériquement C:\Windows\SysWOW64\svchost.exe => Le fichier est signé numériquement C:\Windows\system32\services.exe => Le fichier est signé numériquement C:\Windows\system32\User32.dll => Le fichier est signé numériquement C:\Windows\SysWOW64\User32.dll => Le fichier est signé numériquement C:\Windows\system32\userinit.exe => Le fichier est signé numériquement C:\Windows\SysWOW64\userinit.exe => Le fichier est signé numériquement C:\Windows\system32\rpcss.dll => Le fichier est signé numériquement C:\Windows\system32\dnsapi.dll => Le fichier est signé numériquement C:\Windows\SysWOW64\dnsapi.dll => Le fichier est signé numériquement C:\Windows\system32\Drivers\volsnap.sys => Le fichier est signé numériquement LastRegBack: 2010-08-27 16:22 ==================== Fin de FRST.txt ============================