Résultats d'analyse de Farbar Recovery Scan Tool (FRST) (x64) Version: 21-12-2016 Exécuté par Bruno (administrateur) sur PC-BRUNO (31-12-2016 20:07:29) Exécuté depuis C:\Users\Bruno\Downloads Profils chargés: Bruno (Profils disponibles: Bruno & DefaultAppPool) Platform: Windows 10 Home Version 1511 (X64) Langue: Français (France) Internet Explorer Version 11 (Navigateur par défaut: Edge) Mode d'amorçage: Normal Tutoriel pour Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processus (Avec liste blanche) ================= (Si un élément est inclus dans le fichier fixlist.txt, le processus sera arrêté. Le fichier ne sera pas déplacé.) (NVIDIA Corporation) C:\WINDOWS\System32\nvservice.exe (NVIDIA Corporation) C:\WINDOWS\System32\nvvsvc.exe (IBM Corp.) C:\Program Files (x86)\Trusteer\Rapport\bin\RapportMgmtService.exe (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\sched.exe (Dropbox, Inc.) C:\WINDOWS\System32\DbxSvc.exe (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avguard.exe (Sony Corporation) C:\Program Files\Sony\VAIO Smart Network\VSNService.exe (Microsoft Corporation) C:\Program Files (x86)\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe (ArcSoft, Inc.) C:\Program Files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe (ArcSoft Inc.) C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe (TomTom) C:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe (Sony Corporation) C:\Program Files (x86)\Sony\PMB\PMBDeviceInfoProvider.exe (Sony Corporation) C:\Program Files (x86)\Sony\VAIO Event Service\VESMgr.exe (Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe (Microsoft Corporation) C:\WINDOWS\SysWOW64\dllhost.exe (Microsoft Corporation) C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe (Sony Corporation) C:\Program Files (x86)\Sony\VAIO Event Service\VESMgrSub.exe (Microsoft Corporation) C:\WINDOWS\SysWOW64\dllhost.exe (Sony Corporation) C:\Program Files\Sony\VAIO Smart Network\VSNClient.exe () C:\Program Files\WindowsApps\Microsoft.Messaging_2.15.20002.0_x86__8wekyb3d8bbwe\SkypeHost.exe (IBM Corp.) C:\Program Files (x86)\Trusteer\Rapport\bin\RapportService.exe (Microsoft Corporation) C:\WINDOWS\System32\dllhost.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (TomTom) C:\Program Files (x86)\TomTom HOME 2\TomTomHOMERunner.exe (Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe (Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe (Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe (Microsoft Corporation) C:\WINDOWS\SysWOW64\wbem\WmiPrvSE.exe (Microsoft Corporation) C:\WINDOWS\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe (Microsoft Corporation) C:\WINDOWS\System32\browser_broker.exe (Microsoft Corporation) C:\WINDOWS\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe (Sony Corporation) C:\Program Files\Sony\VAIO Care\VCSystemTray.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe (Sony Corporation) C:\Program Files\Sony\VAIO Care\VCService.exe (Sony Corporation) C:\Program Files\Sony\VAIO Care\VCAgent.exe (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avshadow.exe (Sony Corporation) C:\Program Files\Sony\VAIO Gate\VAIO Gate.exe (Sony Corporation) C:\Program Files\Sony\VAIO Update\VAIOUpdt.exe (Sony Corporation) C:\Program Files\Sony\VAIO Update\VUAgent.exe (Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ink\InputPersonalization.exe (Microsoft Corporation) C:\WINDOWS\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe (Microsoft Corporation) C:\WINDOWS\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe (Adobe Systems Incorporated) C:\WINDOWS\System32\Macromed\Flash\FlashUtil_ActiveX.exe (Microsoft Corporation) C:\WINDOWS\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe (Microsoft Corporation) C:\WINDOWS\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe (Microsoft Corporation) C:\WINDOWS\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\update.exe (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\updrgui.exe ==================== Registre (Avec liste blanche) ==================== (Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé. Le fichier ne sera pas déplacé.) HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [10060320 2010-03-25] (Realtek Semiconductor) HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [96056 2013-05-30] (Hewlett-Packard) HKLM-x32\...\Run: [] => [X] HKLM-x32\...\Run: [Dropbox] => C:\Program Files (x86)\Dropbox\Client\Dropbox.exe [25779624 2016-12-21] (Dropbox, Inc.) HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [587288 2016-09-22] (Oracle Corporation) HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\Antivirus\avgnt.exe [916072 2016-10-17] (Avira Operations GmbH & Co. KG) Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation) HKU\S-1-5-21-2604878544-3053477791-3828823911-1000\...\Run: [TomTomHOME.exe] => C:\Program Files (x86)\TomTom HOME 2\TomTomHOMERunner.exe [248176 2015-07-13] (TomTom) HKU\S-1-5-21-2604878544-3053477791-3828823911-1000\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\WINDOWS\system32\scrnsave.scr [31744 2015-10-30] (Microsoft Corporation) ShellIconOverlayIdentifiers: [ DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.3.0.dll [2016-12-21] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt10] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.3.0.dll [2016-12-21] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.3.0.dll [2016-12-21] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt3] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.3.0.dll [2016-12-21] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt4] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.3.0.dll [2016-12-21] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt5] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.3.0.dll [2016-12-21] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt6] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.3.0.dll [2016-12-21] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt7] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.3.0.dll [2016-12-21] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt8] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.3.0.dll [2016-12-21] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt9] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.3.0.dll [2016-12-21] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.3.0.dll [2016-12-21] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt10] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.3.0.dll [2016-12-21] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.3.0.dll [2016-12-21] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt3] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.3.0.dll [2016-12-21] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt4] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.3.0.dll [2016-12-21] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt5] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.3.0.dll [2016-12-21] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt6] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.3.0.dll [2016-12-21] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt7] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.3.0.dll [2016-12-21] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt8] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.3.0.dll [2016-12-21] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt9] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.3.0.dll [2016-12-21] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.3.0.dll [2016-12-21] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.3.0.dll [2016-12-21] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.3.0.dll [2016-12-21] (Dropbox, Inc.) ==================== Internet (Avec liste blanche) ==================== (Si un élément est inclus dans le fichier fixlist.txt, s'il s'agit d'un élément du Registre, il sera supprimé ou restauré à la valeur par défaut.) Tcpip\Parameters: [DhcpNameServer] 192.168.0.254 Tcpip\..\Interfaces\{9ff56524-6cd5-4456-a2b6-1d835109bdb9}: [DhcpNameServer] 192.168.42.129 Tcpip\..\Interfaces\{b0ee257d-afef-4956-8bbc-3a2c71c409b8}: [DhcpNameServer] 192.168.0.254 Internet Explorer: ================== HKU\S-1-5-21-2604878544-3053477791-3828823911-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://safesearch.avira.com/#web/result?source=art&q= HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxps://safesearch.avira.com/#web/result?source=art&q= HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxps://safesearch.avira.com/#web/result?source=art&q= HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxps://safesearch.avira.com/#web/result?source=art&q= HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank HKU\S-1-5-21-2604878544-3053477791-3828823911-1000\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://home.microsoft.com/access/allinone.asp HKU\S-1-5-21-2604878544-3053477791-3828823911-1000\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxps://safesearch.avira.com/#web/result?source=art&q= HKU\S-1-5-21-2604878544-3053477791-3828823911-1000\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxps://safesearch.avira.com/#web/result?source=art&q= SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2016-12-04] (Microsoft Corporation) BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_111\bin\ssv.dll [2016-10-26] (Oracle Corporation) BHO: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\GROOVEEX.DLL [2016-12-04] (Microsoft Corporation) BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_111\bin\jp2ssv.dll [2016-10-26] (Oracle Corporation) BHO-x32: MSS+ Identifier -> {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} -> C:\Program Files\Sony\MSS\3.8.141\McAfeeMSS_IE.dll [2014-01-16] (McAfee, Inc.) BHO-x32: Pas de nom -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> Pas de fichier BHO-x32: Windows Live Messenger Companion Helper -> {9FDDE16B-836F-4806-AB1F-1455CBEFF289} -> C:\Program Files (x86)\Windows Live\Companion\companioncore.dll [2010-11-10] (Microsoft Corporation) BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll => Pas de fichier Toolbar: HKU\S-1-5-21-2604878544-3053477791-3828823911-1000 -> Pas de nom - {EE2AC4E5-B0B0-4EC6-88A9-BCA1A32AB107} - Pas de fichier Toolbar: HKU\S-1-5-21-2604878544-3053477791-3828823911-1000 -> Pas de nom - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - Pas de fichier Toolbar: HKU\S-1-5-21-2604878544-3053477791-3828823911-1000 -> Pas de nom - {D7F26D0E-9801-45C3-A091-8A65E4ED73B5} - Pas de fichier DPF: HKLM {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab DPF: HKLM-x32 {26E1BEAF-C1A1-482B-8714-08844F1BCF7F} hxxp://192.168.1.50/webviewer.cab DPF: HKLM-x32 {3AA1C0E3-DA98-4BB4-91AE-D3BC61178240} hxxp://192.168.1.50/GVersionMan.cab DPF: HKLM-x32 {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2016-12-04] (Microsoft Corporation) Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2016-12-04] (Microsoft Corporation) Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2016-12-04] (Microsoft Corporation) Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2016-12-04] (Microsoft Corporation) Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll [2016-09-23] (Skype Technologies) FireFox: ======== FF ProfilePath: C:\Users\Bruno\AppData\Roaming\TomTom\HOME\Profiles\5vn61z7k.default [2016-11-17] FF Extension: (RenaultTheme) - C:\Users\Bruno\AppData\Roaming\TomTom\HOME\Profiles\5vn61z7k.default\Extensions\RenaultTheme@tomtom.com [2013-01-24] [non signé] FF Extension: (Map status indicator) - C:\Program Files (x86)\TomTom HOME 2\xul\extensions\MapShare-status@tomtom.com [2016-04-11] [non signé] FF ProfilePath: C:\Users\Bruno\AppData\Roaming\Mozilla\Firefox\Profiles\C4YJrDvI.default [2016-05-07] FF Extension: (Avira Browser Safety) - C:\Users\Bruno\AppData\Roaming\Mozilla\Firefox\Profiles\C4YJrDvI.default\Extensions\abs@avira.com [2016-06-22] FF Extension: (Avira Browser Safety) - C:\Users\Bruno\AppData\Roaming\Mozilla\Firefox\Profiles\C4YJrDvI.default\Extensions\abs@avira.com.xpi [2016-04-20] FF Extension: (Avira SafeSearch Plus) - C:\Users\Bruno\AppData\Roaming\Mozilla\Firefox\Profiles\C4YJrDvI.default\Extensions\safesearchplus2@avira.com [2016-06-22] FF Extension: (Avira SafeSearch Plus) - C:\Users\Bruno\AppData\Roaming\Mozilla\Firefox\Profiles\C4YJrDvI.default\Extensions\safesearchplus2@avira.com.xpi [2016-04-18] FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_24_0_0_186.dll [2016-12-14] () FF Plugin: @java.com/DTPlugin,version=11.111.2 -> C:\Program Files\Java\jre1.8.0_111\bin\dtplugin\npDeployJava1.dll [2016-10-26] (Oracle Corporation) FF Plugin: @java.com/JavaPlugin,version=11.111.2 -> C:\Program Files\Java\jre1.8.0_111\bin\plugin2\npjp2.dll [2016-10-26] (Oracle Corporation) FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.50901.0\npctrl.dll [2016-08-31] ( Microsoft Corporation) FF Plugin: @microsoft.com/VirtualEarth3D,version=4.0 -> C:\Program Files (x86)\Virtual Earth 3D\ [Pas de fichier] FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_24_0_0_186.dll [2016-12-14] () FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll [2016-10-06] (Google) FF Plugin-x32: @java.com/DTPlugin,version=1.6.0_35 -> C:\Windows\SysWOW64\npdeployJava1.dll [2012-09-10] (Sun Microsystems, Inc.) FF Plugin-x32: @mcafee.com/McAfeeMssPlugin -> C:\Program Files\Sony\MSS\3.8.141\npMcAfeeMss.dll [Pas de fichier] FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.50901.0\npctrl.dll [2016-08-31] ( Microsoft Corporation) FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2016-12-04] (Microsoft Corporation) FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2010-11-10] (Microsoft Corporation) FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2010-11-10] (Microsoft Corporation) FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2016-12-17] (Google Inc.) FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2016-12-17] (Google Inc.) FF Plugin-x32: @videolan.org/vlc,version=1.1.11 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN) FF Plugin-x32: @videolan.org/vlc,version=2.2.4 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN) FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2016-10-01] (Adobe Systems Inc.) FF Plugin HKU\S-1-5-21-2604878544-3053477791-3828823911-1000: @citrixonline.com/appdetectorplugin -> C:\Users\Bruno\AppData\Local\Citrix\Plugins\104\npappdetector.dll [2016-11-15] (Citrix Online) FF Plugin HKU\S-1-5-21-2604878544-3053477791-3828823911-1000: @rocketlife.com/RocketLife Secure Plug-In Layer;version=1.0.5 -> C:\Users\Bruno\AppData\Roaming\Visan\plugins\npRLSecurePluginLayer.dll [2011-02-23] (RocketLife, LLP) Chrome: ======= CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx CHR HKLM\...\Chrome\Extension: [ipmkfpcnmccejididiaagpgchgjfajgp] - hxxps://clients2.google.com/service/update2/crx CHR HKU\S-1-5-21-2604878544-3053477791-3828823911-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [kgdcapepedmpopjkmdbjnmmmfgllnfek] - C:\Users\Bruno\AppData\Roaming\Check Point Software Technologies LTD\zonealarm\1.8.29.17\zonealarm.crx CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx CHR HKLM-x32\...\Chrome\Extension: [ipmkfpcnmccejididiaagpgchgjfajgp] - hxxps://clients2.google.com/service/update2/crx CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx [2016-01-08] ==================== Services (Avec liste blanche) ==================== (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.) R2 ACDaemon; C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe [113152 2010-03-18] (ArcSoft Inc.) S2 AntiVirMailService; C:\Program Files (x86)\Avira\Antivirus\avmailc7.exe [1089088 2016-10-17] (Avira Operations GmbH & Co. KG) R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\Antivirus\sched.exe [475232 2016-10-17] (Avira Operations GmbH & Co. KG) R2 AntiVirService; C:\Program Files (x86)\Avira\Antivirus\avguard.exe [475232 2016-10-17] (Avira Operations GmbH & Co. KG) S2 AntiVirWebService; C:\Program Files (x86)\Avira\Antivirus\avwebg7.exe [1488240 2016-10-17] (Avira Operations GmbH & Co. KG) R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [3698888 2016-12-04] (Microsoft Corporation) S2 dbupdate; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2016-08-04] (Dropbox, Inc.) S3 dbupdatem; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2016-08-04] (Dropbox, Inc.) R2 DbxSvc; C:\WINDOWS\system32\DbxSvc.exe [42096 2016-12-21] (Dropbox, Inc.) S2 Garmin Device Interaction Service; C:\Program Files (x86)\Garmin\Device Interaction Service\GarminService.exe [708616 2015-04-08] (Garmin Ltd. or its subsidiaries) R2 nvservice; C:\Windows\system32\nvservice.exe [192800 2013-02-04] (NVIDIA Corporation) R2 RapportMgmtService; C:\Program Files (x86)\Trusteer\Rapport\bin\RapportMgmtService.exe [2387952 2016-11-22] (IBM Corp.) S3 Roxio UPnP Renderer 10; C:\Program Files (x86)\Roxio\Digital Home 10\RoxioUPnPRenderer10.exe [313840 2009-11-25] (Sonic Solutions) S2 Roxio Upnp Server 10; C:\Program Files (x86)\Roxio\Digital Home 10\RoxioUpnpService10.exe [362992 2009-11-25] (Sonic Solutions) R2 uCamMonitor; C:\Program Files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe [104960 2008-09-18] (ArcSoft, Inc.) S3 VAIO Entertainment TV Device Arbitration Service; C:\Program Files (x86)\Common Files\Sony Shared\VAIO Entertainment Platform\VzHardwareResourceManager\VzHardwareResourceManager\VzHardwareResourceManager.exe [74496 2010-09-27] (Sony Corporation) S3 VCFw; C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe [864000 2010-09-27] (Sony Corporation) R2 VSNService; C:\Program Files\Sony\VAIO Smart Network\VSNService.exe [845312 2010-08-11] (Sony Corporation) [Fichier non signé] R3 VUAgent; C:\Program Files\Sony\VAIO Update\vuagent.exe [1656600 2016-03-31] (Sony Corporation) S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [364464 2016-10-25] (Microsoft Corporation) S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [24864 2016-10-25] (Microsoft Corporation) ===================== Pilotes (Avec liste blanche) ====================== (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.) S3 ALCATELUSB; C:\WINDOWS\System32\Drivers\AlcatelUsb.sys [25088 2012-08-22] (Windows (R) Codename Longhorn DDK provider) S3 androidusb; C:\WINDOWS\System32\Drivers\androidusb.sys [31744 2009-09-16] (Google Inc) R3 ArcSoftKsUFilter; C:\WINDOWS\System32\DRIVERS\ArcSoftKsUFilter.sys [19968 2009-05-26] (ArcSoft, Inc.) R2 avgntflt; C:\WINDOWS\System32\DRIVERS\avgntflt.sys [151352 2016-10-17] (Avira Operations GmbH & Co. KG) R1 avipbb; C:\WINDOWS\system32\DRIVERS\avipbb.sys [153392 2016-10-17] (Avira Operations GmbH & Co. KG) U4 avkmgr; C:\WINDOWS\system32\DRIVERS\avkmgr.sys [35488 2016-10-17] (Avira Operations GmbH & Co. KG) R2 avnetflt; C:\WINDOWS\system32\DRIVERS\avnetflt.sys [78208 2016-10-17] (Avira Operations GmbH & Co. KG) R0 avusbflt; C:\WINDOWS\System32\Drivers\avusbflt.sys [23640 2016-10-17] (Avira Operations GmbH & Co. KG) R1 FNETURPX; C:\WINDOWS\System32\drivers\FNETURPX.SYS [16648 2015-12-28] (FNet Co., Ltd.) R1 FNETURPX; C:\Windows\SysWOW64\drivers\FNETURPX.SYS [15936 2015-12-28] (FNet Co., Ltd.) R0 KL1; C:\WINDOWS\System32\DRIVERS\kl1.sys [478392 2015-12-01] (Kaspersky Lab ZAO) S3 klflt; C:\WINDOWS\System32\DRIVERS\klflt.sys [172920 2015-12-01] (AO Kaspersky Lab) R1 klhk; C:\WINDOWS\System32\DRIVERS\klhk.sys [227000 2015-12-01] (AO Kaspersky Lab) S1 KLIF; C:\WINDOWS\System32\DRIVERS\klif.sys [926584 2015-12-01] (AO Kaspersky Lab) S3 qcusbser; C:\WINDOWS\system32\DRIVERS\qcusbser.sys [242688 2013-01-16] (QUALCOMM Incorporated) R1 RapportCerberus_1609053; C:\ProgramData\Trusteer\Rapport\store\exts\RapportCerberus\baseline\RapportCerberus64_1609053.sys [1181672 2016-09-23] (IBM Corp.) R1 RapportEI64; C:\Program Files (x86)\Trusteer\Rapport\bin\x64\RapportEI64.sys [566248 2016-11-22] (IBM Corp.) R0 RapportHades64; C:\WINDOWS\System32\Drivers\RapportHades64.sys [235688 2016-11-22] (IBM Corp.) R0 RapportKE64; C:\WINDOWS\System32\Drivers\RapportKE64.sys [489704 2016-11-22] (IBM Corp.) R1 RapportPG64; C:\Program Files (x86)\Trusteer\Rapport\bin\x64\RapportPG64.sys [548008 2016-11-22] (IBM Corp.) S3 TVICHW64; C:\Windows\system32\DRIVERS\TVICHW64.SYS [21200 2011-01-20] (EnTech Taiwan) S3 VBTUSB; C:\WINDOWS\System32\Drivers\VBTUSB.sys [14848 2011-05-09] (Sony Corporation) [Fichier non signé] S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [44568 2015-10-30] (Microsoft Corporation) S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [293216 2015-10-30] (Microsoft Corporation) S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [118112 2015-10-30] (Microsoft Corporation) R3 ykinw8; C:\WINDOWS\System32\drivers\ykinx64.sys [288768 2015-10-30] (Marvell) S3 dbx; system32\DRIVERS\dbx.sys [X] U3 idsvc; pas de ImagePath U3 wpcsvc; pas de ImagePath ==================== NetSvcs (Avec liste blanche) =================== (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.) ==================== Un mois - Créés - fichiers et dossiers ======== (Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.) 2016-12-31 20:07 - 2016-12-31 20:09 - 00026247 _____ C:\Users\Bruno\Downloads\FRST.txt 2016-12-31 20:06 - 2016-12-31 20:07 - 00000000 ____D C:\FRST 2016-12-31 20:06 - 2016-12-31 20:06 - 02420736 _____ (Farbar) C:\Users\Bruno\Downloads\FRST64.exe 2016-12-31 14:47 - 2016-12-31 14:47 - 10709768 _____ C:\Users\Bruno\Desktop\AVSUPINF.7z 2016-12-31 14:31 - 2016-12-31 14:31 - 00602112 _____ (OldTimer Tools) C:\Users\Bruno\Downloads\OTL.exe 2016-12-31 14:21 - 2016-12-31 14:21 - 01886784 _____ C:\Users\Bruno\Downloads\avira_support_collector_en (1).exe 2016-12-31 14:20 - 2016-12-31 14:20 - 00345156 _____ C:\Users\Bruno\Downloads\regsearch.zip 2016-12-31 12:50 - 2016-12-31 12:50 - 01886784 _____ C:\Users\Bruno\Downloads\avira_support_collector_en.exe 2016-12-31 12:36 - 2016-12-31 12:36 - 00000000 ____D C:\Users\Bruno\AppData\Roaming\Roxio 2016-12-31 12:36 - 2016-12-31 12:36 - 00000000 ____D C:\ProgramData\Roxio 2016-12-31 12:32 - 2016-12-31 12:32 - 00426618 _____ C:\Users\Bruno\Documents\Courrier Finances Publiques Entreprises Beauvais 02.01.17.pdf 2016-12-31 11:36 - 2016-12-31 11:56 - 703033344 _____ C:\Users\Bruno\Downloads\rescue-system.iso 2016-12-31 11:27 - 2016-12-31 11:27 - 02975136 _____ (Avira Operations GmbH & Co. KG) C:\Users\Bruno\Downloads\avira_registry_cleaner_en (9).exe 2016-12-31 11:19 - 2016-12-31 11:20 - 02975136 _____ (Avira Operations GmbH & Co. KG) C:\Users\Bruno\Downloads\avira_registry_cleaner_en (8).exe 2016-12-30 12:09 - 2016-12-30 12:09 - 00429520 _____ C:\Users\Bruno\Desktop\Envoi Chéque KRYS Lorient 30.12.16.pdf 2016-12-26 18:32 - 2016-12-26 18:51 - 00000000 ____D C:\Users\Bruno\Desktop\Photo Ebay Persol 26.12.16 2016-12-26 12:41 - 2016-12-26 12:41 - 08299529 _____ C:\Users\Bruno\Documents\Le Cuisinier François, 1651.pdf 2016-12-26 12:39 - 2016-12-26 12:40 - 08280583 _____ C:\Users\Bruno\Downloads\Le_cuisinier_françois_enseignant_la_[...]La_Varenne_bpt6k114423k.pdf 2016-12-26 12:32 - 2016-12-26 12:34 - 69075607 _____ C:\Users\Bruno\Downloads\White Light (The Remixes) - George Michael.zip 2016-12-26 12:25 - 2016-12-26 12:26 - 18329906 _____ C:\Users\Bruno\Downloads\True Faith [Explicit] - George Michael.zip 2016-12-22 10:44 - 2016-12-22 10:44 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox 2016-12-21 19:15 - 2016-12-21 19:15 - 00075888 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-stable.sys 2016-12-21 19:15 - 2016-12-21 19:15 - 00075888 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-dev.sys 2016-12-21 19:15 - 2016-12-21 19:15 - 00075888 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-canary.sys 2016-12-21 19:15 - 2016-12-21 19:15 - 00042096 _____ (Dropbox, Inc.) C:\WINDOWS\system32\DbxSvc.exe 2016-12-21 14:50 - 2016-12-21 14:50 - 00272926 _____ C:\Users\Bruno\Downloads\VP204809482 (1).pdf 2016-12-21 14:24 - 2016-12-21 14:24 - 00272926 _____ C:\Users\Bruno\Downloads\VP204809482.pdf 2016-12-21 14:20 - 2016-12-21 14:20 - 00271052 _____ C:\Users\Bruno\Downloads\VP205131631.pdf 2016-12-18 10:49 - 2016-12-18 10:50 - 08803648 _____ (Piriform Ltd) C:\Users\Bruno\Downloads\ccsetup525.exe 2016-12-17 16:34 - 2016-12-17 16:34 - 00000000 ____D C:\ProgramData\VS Revo Group 2016-12-17 16:33 - 2016-12-17 16:33 - 11432112 _____ (VS Revo Group ) C:\Users\Bruno\Downloads\RevoUninProSetup.exe 2016-12-17 16:04 - 2016-12-31 14:19 - 00000000 ____D C:\Program Files\VS Revo Group 2016-12-17 15:54 - 2016-12-17 15:55 - 07097928 _____ (VS Revo Group ) C:\Users\Bruno\Downloads\revosetup.exe 2016-12-17 15:49 - 2016-12-17 15:49 - 02975136 _____ (Avira Operations GmbH & Co. KG) C:\Users\Bruno\Downloads\avira_registry_cleaner_en (7).exe 2016-12-17 15:48 - 2016-12-17 15:48 - 02975136 _____ (Avira Operations GmbH & Co. KG) C:\Users\Bruno\Downloads\avira_registry_cleaner_en (6).exe 2016-12-15 17:02 - 2016-12-15 17:43 - 00000000 ____D C:\ProgramData\~0 2016-12-15 17:02 - 2016-12-15 17:06 - 00000000 ____D C:\Users\Bruno\AppData\Local\IIIQF 2016-12-15 17:01 - 2016-12-15 17:01 - 08932000 _____ (Solvusoft Corporation ) C:\Users\Bruno\Downloads\Setup_WinThruster_2016.exe 2016-12-15 16:52 - 2016-12-15 16:52 - 02975136 _____ (Avira Operations GmbH & Co. KG) C:\Users\Bruno\Downloads\avira_registry_cleaner_en (5).exe 2016-12-15 16:50 - 2016-12-15 16:50 - 02975136 _____ (Avira Operations GmbH & Co. KG) C:\Users\Bruno\Downloads\avira_registry_cleaner_en (4).exe 2016-12-15 16:36 - 2016-12-15 16:36 - 04578888 _____ (Avira Operations GmbH & Co. KG) C:\Users\Bruno\Downloads\avira_fr_av_5852b311e4e7f__ws.exe 2016-12-15 16:25 - 2016-12-15 16:25 - 00090968 _____ C:\Users\Bruno\Downloads\avira_registry_cleaner_en.zip 2016-12-14 13:59 - 2016-12-14 14:00 - 00000000 ____D C:\Users\Bruno\Desktop\Photos Ebay 2016-12-14 09:26 - 2016-12-14 09:29 - 00000000 ____D C:\Users\Bruno\Documents\Dossier Wast & Van 2016-12-14 09:20 - 2016-11-22 12:42 - 00384864 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\clfs.sys 2016-12-14 09:20 - 2016-11-22 11:43 - 03692040 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll 2016-12-14 09:20 - 2016-11-22 11:38 - 01540224 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppobjs.dll 2016-12-14 09:20 - 2016-11-22 11:38 - 00692136 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppwinob.dll 2016-12-14 09:20 - 2016-11-22 11:36 - 00159640 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcrypt.dll 2016-12-14 09:20 - 2016-11-22 11:35 - 00609056 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys 2016-12-14 09:20 - 2016-11-22 11:35 - 00075448 _____ (Microsoft Corporation) C:\WINDOWS\system32\appidapi.dll 2016-12-14 09:20 - 2016-11-22 11:04 - 02549456 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d10warp.dll 2016-12-14 09:20 - 2016-11-22 11:03 - 01777280 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowsCodecs.dll 2016-12-14 09:20 - 2016-11-22 11:02 - 01594416 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32.dll 2016-12-14 09:20 - 2016-11-22 11:02 - 01399216 _____ (Microsoft Corporation) C:\WINDOWS\system32\user32.dll 2016-12-14 09:20 - 2016-11-22 10:32 - 00119296 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataTimeUtil.dll 2016-12-14 09:20 - 2016-11-22 10:24 - 02938408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll 2016-12-14 09:20 - 2016-11-22 10:21 - 00019456 _____ (Microsoft Corporation) C:\WINDOWS\system32\appidcertstorecheck.exe 2016-12-14 09:20 - 2016-11-22 10:17 - 00106896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcrypt.dll 2016-12-14 09:20 - 2016-11-22 10:16 - 00064072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\appidapi.dll 2016-12-14 09:20 - 2016-11-22 10:13 - 00045056 _____ (Microsoft Corporation) C:\WINDOWS\system32\appidsvc.dll 2016-12-14 09:20 - 2016-11-22 10:00 - 00161792 _____ (Microsoft Corporation) C:\WINDOWS\system32\appidpolicyconverter.exe 2016-12-14 09:20 - 2016-11-22 09:59 - 00221696 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe 2016-12-14 09:20 - 2016-11-22 09:55 - 00431104 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcastdvr.exe 2016-12-14 09:20 - 2016-11-22 09:54 - 00764928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll 2016-12-14 09:20 - 2016-11-22 09:50 - 00715776 _____ (Microsoft Corporation) C:\WINDOWS\system32\GamePanel.exe 2016-12-14 09:20 - 2016-11-22 09:49 - 02195640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d10warp.dll 2016-12-14 09:20 - 2016-11-22 09:48 - 01522672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WindowsCodecs.dll 2016-12-14 09:20 - 2016-11-22 09:47 - 01372312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32.dll 2016-12-14 09:20 - 2016-11-22 09:47 - 01337240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\user32.dll 2016-12-14 09:20 - 2016-11-22 09:35 - 00784896 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll 2016-12-14 09:20 - 2016-11-22 09:32 - 01386496 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys 2016-12-14 09:20 - 2016-11-22 09:27 - 01752576 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll 2016-12-14 09:20 - 2016-11-22 09:20 - 00223744 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapibase.dll 2016-12-14 09:20 - 2016-11-22 09:12 - 00094720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDataTimeUtil.dll 2016-12-14 09:20 - 2016-11-22 09:04 - 03587584 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys 2016-12-14 09:20 - 2016-11-22 08:57 - 03351040 _____ (Microsoft Corporation) C:\WINDOWS\system32\msi.dll 2016-12-14 09:20 - 2016-11-22 08:54 - 00070656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppCapture.dll 2016-12-14 09:20 - 2016-11-22 08:53 - 01728000 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll 2016-12-14 09:20 - 2016-11-22 08:41 - 00348160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcastdvr.exe 2016-12-14 09:20 - 2016-11-22 08:38 - 00541184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GamePanel.exe 2016-12-14 09:20 - 2016-11-22 08:36 - 00766464 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapi.dll 2016-12-14 09:20 - 2016-11-22 08:26 - 01388032 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll 2016-12-14 09:20 - 2016-11-22 08:26 - 00687616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll 2016-12-14 09:20 - 2016-11-22 08:21 - 01526272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll 2016-12-14 09:20 - 2016-11-22 08:15 - 22373376 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll 2016-12-14 09:20 - 2016-11-22 08:14 - 04895744 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll 2016-12-14 09:20 - 2016-11-22 08:02 - 24610304 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll 2016-12-14 09:20 - 2016-11-22 08:01 - 13392384 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll 2016-12-14 09:20 - 2016-11-22 07:59 - 03671040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msi.dll 2016-12-14 09:20 - 2016-11-22 07:55 - 01500160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll 2016-12-14 09:20 - 2016-11-22 07:49 - 07839232 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll 2016-12-14 09:20 - 2016-11-22 07:35 - 19350016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll 2016-12-14 09:20 - 2016-11-22 07:34 - 18670080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll 2016-12-14 09:20 - 2016-11-22 07:34 - 12134400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll 2016-12-14 09:20 - 2016-11-22 07:32 - 03663872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll 2016-12-14 09:20 - 2016-11-22 07:17 - 05658624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll 2016-12-13 19:20 - 2016-12-13 19:24 - 00000000 ____D C:\Users\Bruno\Documents\Hackathon La Poste 11.2016 2016-12-13 19:16 - 2016-12-13 19:20 - 96052215 _____ C:\Users\Bruno\Downloads\Hackathon H+ (1).zip 2016-12-13 18:55 - 2016-12-13 18:55 - 00376381 _____ C:\Users\Bruno\Desktop\Avis Taxes Foncières 2016.pdf 2016-12-13 18:28 - 2016-12-13 19:19 - 96052215 _____ C:\Users\Bruno\Downloads\Hackathon H+.zip 2016-12-13 17:54 - 2016-12-13 17:58 - 34043492 _____ C:\Users\Bruno\Downloads\Acoustic Sessions - Imany (1).zip 2016-12-13 16:37 - 2016-12-13 16:37 - 00016696 _____ C:\Users\Bruno\Downloads\C200916 - ANNONCE.pdf 2016-12-13 16:36 - 2016-12-13 16:36 - 00022805 _____ C:\Users\Bruno\Downloads\C201603 - ANNONCE.pdf 2016-12-13 16:35 - 2016-12-13 16:35 - 00016524 _____ C:\Users\Bruno\Downloads\C201513 - ANNONCEdoc.pdf 2016-12-13 10:57 - 2016-12-13 10:57 - 00252858 _____ C:\Users\Bruno\Desktop\Descriptif Détecteur Ouverture Aritech 12.2016.pdf 2016-12-13 10:55 - 2016-12-13 10:56 - 00249202 _____ C:\Users\Bruno\Downloads\Datasheet.pdf 2016-12-10 14:07 - 2016-12-10 14:08 - 04578888 _____ (Avira Operations GmbH & Co. KG) C:\Users\Bruno\Downloads\avira_fr_fass0_584bf846a3be6__ws.exe 2016-12-10 09:38 - 2016-12-10 09:38 - 02975136 _____ (Avira Operations GmbH & Co. KG) C:\Users\Bruno\Downloads\avira_registry_cleaner_en (3).exe 2016-12-10 09:37 - 2016-12-10 09:37 - 02975136 _____ (Avira Operations GmbH & Co. KG) C:\Users\Bruno\Downloads\avira_registry_cleaner_en (2).exe 2016-12-10 09:36 - 2016-12-10 09:37 - 02975136 _____ (Avira Operations GmbH & Co. KG) C:\Users\Bruno\Downloads\avira_registry_cleaner_en (1).exe 2016-12-10 09:36 - 2016-12-10 09:36 - 02975136 _____ (Avira Operations GmbH & Co. KG) C:\Users\Bruno\Downloads\avira_registry_cleaner_en.exe 2016-12-09 14:11 - 2016-12-09 14:11 - 00271142 _____ C:\Users\Bruno\Downloads\DeliveryReturn_c522ffe8-30d8-4a9b-b2c1-8bed41a7f9ec.pdf 2016-12-09 11:03 - 2016-12-09 11:03 - 00000165 ____H C:\Users\Bruno\Documents\~$Budget Foyer 01.2016.xlsx 2016-12-09 08:25 - 2016-12-09 08:25 - 00271918 _____ C:\Users\Bruno\Downloads\DeliveryReturn_4b6cb99b-37ee-4c9e-9b0b-4462c2518dbc.pdf 2016-12-09 08:24 - 2016-12-09 08:24 - 00271918 _____ C:\Users\Bruno\Downloads\DeliveryReturn_afc3e269-ac6c-48d7-9b7e-805a2c4d7b8b.pdf.bwkqscx.partial 2016-12-08 17:41 - 2016-12-08 17:41 - 00903667 _____ C:\Users\Bruno\Downloads\BI_T_6002_86_B_50105_0027784_2007-12-31_01.pdf 2016-12-08 17:41 - 2016-12-08 17:41 - 00313346 _____ C:\Users\Bruno\Downloads\BI_T_6002_86_B_50105_0024407_2006-12-31_01.pdf 2016-12-08 17:40 - 2016-12-08 17:40 - 00884099 _____ C:\Users\Bruno\Downloads\BI_T_6002_86_B_50105_0021188_2005-12-31_01.pdf 2016-12-08 17:40 - 2016-12-08 17:40 - 00312404 _____ C:\Users\Bruno\Downloads\BI_T_6002_86_B_50105_0018182_2004-12-31_01.pdf 2016-12-08 17:39 - 2016-12-08 17:39 - 01033243 _____ C:\Users\Bruno\Downloads\BI_T_6002_86_B_50105_0011054_2002-12-31_01 (1).pdf 2016-12-08 17:39 - 2016-12-08 17:39 - 00467034 _____ C:\Users\Bruno\Downloads\BI_T_6002_86_B_50105_0014299_2003-12-31_01.pdf 2016-12-08 17:38 - 2016-12-08 17:38 - 00955379 _____ C:\Users\Bruno\Downloads\BI_T_6002_86_B_50105_0005147_2008-12-31_01.pdf 2016-12-08 17:38 - 2016-12-08 17:38 - 00846019 _____ C:\Users\Bruno\Downloads\BI_T_6002_86_B_50105_0004608_2012-12-31_01.pdf 2016-12-08 17:37 - 2016-12-08 17:37 - 00832108 _____ C:\Users\Bruno\Downloads\BI_T_6002_86_B_50105_0004407_2009-12-31_01.pdf 2016-12-08 17:36 - 2016-12-08 17:36 - 01234045 _____ C:\Users\Bruno\Downloads\BI_T_6002_86_B_50105_0004193_2010-12-31_01.pdf 2016-12-08 17:36 - 2016-12-08 17:36 - 00165864 _____ C:\Users\Bruno\Downloads\BI_T_6002_86_B_50105_0004272_2013-12-31_01.pdf 2016-12-08 17:34 - 2016-12-08 17:34 - 00547464 _____ C:\Users\Bruno\Downloads\BI_T_6002_86_B_50105_0004171_2011-12-31_01.pdf 2016-12-08 08:34 - 2016-12-08 08:34 - 00022923 _____ C:\Users\Bruno\Downloads\DeliveryReturn_c93e8421-2405-4d78-aaff-aaf26af458c1.pdf 2016-12-07 08:04 - 2016-12-07 08:04 - 00022921 _____ C:\Users\Bruno\Downloads\DeliveryReturn_334d0ad5-9a12-4ca9-81ba-47201da36df7.pdf 2016-12-06 19:34 - 2016-12-06 19:34 - 00022925 _____ C:\Users\Bruno\Downloads\DeliveryReturn_201d86d3-5869-4774-898a-5070fc0fcd68.pdf 2016-12-06 15:43 - 2016-12-06 15:43 - 00193317 _____ C:\Users\Bruno\Documents\Bon Achat E.Leclerc 12.2016.pdf 2016-12-06 15:29 - 2016-12-06 15:30 - 00000000 ____D C:\Users\Bruno\Documents\Fleuret Associés 2016-12-06 11:42 - 2016-12-06 11:42 - 00022922 _____ C:\Users\Bruno\Downloads\DeliveryReturn_20fe8c07-b6d7-4b31-adbd-8a7b042b05df.pdf 2016-12-06 08:43 - 2016-12-06 08:43 - 00022923 _____ C:\Users\Bruno\Downloads\DeliveryReturn_28beeb2a-b40d-48d4-9c59-4f82b4a1a332.pdf 2016-12-05 12:19 - 2016-12-05 12:19 - 00245760 _____ C:\Users\Bruno\Downloads\supplychain_questionnaire (1).xls 2016-12-05 11:51 - 2016-12-05 11:51 - 00245760 _____ C:\Users\Bruno\Downloads\supplychain_questionnaire.xls 2016-12-05 11:38 - 2016-12-05 11:39 - 04522568 _____ (Avira Operations GmbH & Co. KG) C:\Users\Bruno\Downloads\avira_fr_fass0_58453b28c248a__ws.exe 2016-12-01 09:46 - 2016-12-01 09:46 - 00000683 _____ C:\Users\Bruno\Downloads\Plaquette 2015.pdf (3).lnk 2016-12-01 09:46 - 2016-12-01 09:46 - 00000683 _____ C:\Users\Bruno\Downloads\Plaquette 2015.pdf (2).lnk 2016-12-01 09:45 - 2016-12-01 09:45 - 00000683 _____ C:\Users\Bruno\Downloads\Plaquette 2015.pdf.lnk 2016-12-01 09:45 - 2016-12-01 09:45 - 00000683 _____ C:\Users\Bruno\Downloads\Plaquette 2015.pdf (1).lnk ==================== Un mois - Modifiés - fichiers et dossiers ======== (Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.) 2016-12-31 19:52 - 2013-03-22 17:51 - 00001002 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job 2016-12-31 19:34 - 2016-08-04 09:00 - 00001202 _____ C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA.job 2016-12-31 19:32 - 2016-11-15 12:08 - 00000580 _____ C:\WINDOWS\Tasks\G2MUpdateTask-S-1-5-21-2604878544-3053477791-3828823911-1000.job 2016-12-31 19:22 - 2015-06-16 06:11 - 00001196 _____ C:\WINDOWS\Tasks\DropboxUpdateTaskUserS-1-5-21-2604878544-3053477791-3828823911-1000UA.job 2016-12-31 18:37 - 2016-11-15 12:08 - 00000676 _____ C:\WINDOWS\Tasks\G2MUploadTask-S-1-5-21-2604878544-3053477791-3828823911-1000.job 2016-12-31 18:26 - 2016-07-27 10:18 - 02139664 _____ C:\WINDOWS\system32\PerfStringBackup.INI 2016-12-31 18:26 - 2016-04-27 06:12 - 00935218 _____ C:\WINDOWS\system32\perfh00C.dat 2016-12-31 18:26 - 2016-04-27 06:12 - 00199292 _____ C:\WINDOWS\system32\perfc00C.dat 2016-12-31 18:26 - 2015-10-30 08:21 - 00000000 ____D C:\WINDOWS\INF 2016-12-31 18:24 - 2013-03-14 16:42 - 00000000 ___RD C:\Users\Bruno\Dropbox 2016-12-31 18:23 - 2016-08-04 08:59 - 00001198 _____ C:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore.job 2016-12-31 18:22 - 2016-04-27 06:43 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT 2016-12-31 18:22 - 2015-10-30 07:28 - 00524288 ___SH C:\WINDOWS\system32\config\BBI 2016-12-31 18:22 - 2015-06-16 06:11 - 00001144 _____ C:\WINDOWS\Tasks\DropboxUpdateTaskUserS-1-5-21-2604878544-3053477791-3828823911-1000Core.job 2016-12-31 18:18 - 2016-03-26 09:31 - 00000000 ____D C:\Users\Bruno\Documents\Fichiers Outlook 2016-12-31 17:25 - 2016-07-27 18:04 - 00000000 ____D C:\Users\Bruno\AppData\Local\Packages 2016-12-31 16:56 - 2016-08-19 11:19 - 00000000 ____D C:\Users\Bruno\Documents\Dossier MPJ CCPT 2016-12-31 15:43 - 2016-06-12 17:45 - 00000000 ____D C:\Users\Bruno\Documents\Dossier MPJ Laforêt Immobilier 06.2016 2016-12-31 12:32 - 2010-05-13 05:27 - 00000000 ____D C:\ProgramData\Sonic 2016-12-31 10:03 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\AppReadiness 2016-12-29 12:19 - 2016-05-28 07:45 - 00000000 ____D C:\Users\Bruno\Documents\Polemploi 2016-12-29 10:28 - 2015-10-30 08:24 - 00000000 ___HD C:\Program Files\WindowsApps 2016-12-26 15:28 - 2016-08-11 14:39 - 00000000 ____D C:\Users\Bruno\Documents\E-Gerance 2016-12-26 08:46 - 2016-11-15 12:08 - 00003832 _____ C:\WINDOWS\System32\Tasks\G2MUploadTask-S-1-5-21-2604878544-3053477791-3828823911-1000 2016-12-26 08:46 - 2016-11-15 12:08 - 00003736 _____ C:\WINDOWS\System32\Tasks\G2MUpdateTask-S-1-5-21-2604878544-3053477791-3828823911-1000 2016-12-24 23:02 - 2015-10-30 08:24 - 00000000 ____D C:\ProgramData\regid.1991-06.com.microsoft 2016-12-24 22:55 - 2014-07-30 12:04 - 00000000 ____D C:\Program Files (x86)\Microsoft Office 2016-12-23 08:59 - 2016-06-06 16:30 - 00000000 ____D C:\Users\Bruno\Documents\MAIF 2016-12-22 10:44 - 2016-08-04 08:59 - 00000000 ____D C:\Program Files (x86)\Dropbox 2016-12-19 11:43 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\LiveKernelReports 2016-12-18 11:11 - 2016-07-27 11:12 - 00000000 ___DC C:\WINDOWS\Panther 2016-12-17 17:16 - 2011-09-13 06:10 - 00000000 ____D C:\ProgramData\Avira 2016-12-17 17:11 - 2014-10-30 09:17 - 00000000 ____D C:\Program Files (x86)\Avira 2016-12-17 15:17 - 2016-07-27 13:24 - 00003586 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA 2016-12-17 15:17 - 2016-07-27 13:24 - 00003462 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore 2016-12-15 17:19 - 2013-03-17 09:01 - 00000000 ____D C:\ProgramData\Package Cache 2016-12-14 13:26 - 2016-04-26 21:39 - 00376096 _____ C:\WINDOWS\system32\FNTCACHE.DAT 2016-12-14 10:06 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\system32\oobe 2016-12-14 09:44 - 2015-10-30 08:11 - 00000000 ____D C:\WINDOWS\CbsTemp 2016-12-14 09:44 - 2013-07-12 03:58 - 00000000 ____D C:\WINDOWS\system32\MRT 2016-12-14 09:34 - 2011-01-19 21:43 - 135632432 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe 2016-12-14 08:52 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\SysWOW64\Macromed 2016-12-14 08:52 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\system32\Macromed 2016-12-13 19:02 - 2016-06-12 17:47 - 00000000 ____D C:\Users\Bruno\Documents\Dossier MPJ Fibre Optique 06.2016 2016-12-12 00:03 - 2015-10-30 08:26 - 00835576 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe 2016-12-12 00:03 - 2015-10-30 08:26 - 00177656 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl 2016-12-10 14:36 - 2016-11-30 09:03 - 00004104 _____ C:\WINDOWS\System32\Tasks\AviraScoutUpdateTaskMachineCore 2016-12-10 09:41 - 2016-07-27 10:18 - 00000000 ____D C:\Users\Bruno 2016-12-10 09:25 - 2016-04-08 08:03 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Trusteer Sécurité des points d'accès 2016-12-09 11:08 - 2016-06-30 08:47 - 00038955 _____ C:\Users\Bruno\Documents\Budget Foyer 01.2016.xlsx 2016-12-06 17:25 - 2016-06-12 15:04 - 00000000 ____D C:\Users\Bruno\Documents\Dossier MPJ Crédit du Nord 06.2016 2016-12-06 11:45 - 2016-06-06 06:56 - 00000000 ____D C:\Users\Bruno\Documents\CV BB 2016 ==================== Fichiers à la racine de certains dossiers ======= 2015-07-16 07:27 - 2015-07-16 07:27 - 6420480 _____ () C:\Program Files (x86)\GUT62C9.tmp 2016-03-25 10:02 - 2016-03-25 10:02 - 0000000 _____ () C:\Users\Bruno\AppData\Local\{05637866-453D-49A2-A600-5CB9BF7395B4} 2016-03-02 14:42 - 2016-03-02 14:42 - 0000057 _____ () C:\ProgramData\Ament.ini 2011-10-12 17:29 - 2011-10-12 17:29 - 0000003 _____ () C:\ProgramData\MusicStation.log 2010-05-13 05:21 - 2011-10-12 17:29 - 0000243 _____ () C:\ProgramData\MusicStation.xml ==================== Bamital & volsnap ====================== (Il n'y a pas de correction automatique pour les fichiers qui ne satisfont pas à la vérification.) C:\WINDOWS\system32\winlogon.exe => Le fichier est signé numériquement C:\WINDOWS\system32\wininit.exe => Le fichier est signé numériquement C:\WINDOWS\explorer.exe => Le fichier est signé numériquement C:\WINDOWS\SysWOW64\explorer.exe => Le fichier est signé numériquement C:\WINDOWS\system32\svchost.exe => Le fichier est signé numériquement C:\WINDOWS\SysWOW64\svchost.exe => Le fichier est signé numériquement C:\WINDOWS\system32\services.exe => Le fichier est signé numériquement C:\WINDOWS\system32\User32.dll => Le fichier est signé numériquement C:\WINDOWS\SysWOW64\User32.dll => Le fichier est signé numériquement C:\WINDOWS\system32\userinit.exe => Le fichier est signé numériquement C:\WINDOWS\SysWOW64\userinit.exe => Le fichier est signé numériquement C:\WINDOWS\system32\rpcss.dll => Le fichier est signé numériquement C:\WINDOWS\system32\dnsapi.dll => Le fichier est signé numériquement C:\WINDOWS\SysWOW64\dnsapi.dll => Le fichier est signé numériquement C:\WINDOWS\system32\Drivers\volsnap.sys => Le fichier est signé numériquement LastRegBack: 2016-12-05 09:51 ==================== Fin de FRST.txt ============================