Résultats d'analyse de Farbar Recovery Scan Tool (FRST) (x86) Version: 20-04-2017 Exécuté par Sandrine (administrateur) sur PC-DE-SANDRINE (21-04-2017 10:01:52) Exécuté depuis C:\Users\Sandrine\Downloads Profils chargés: Sandrine (Profils disponibles: Sandrine) Platform: Microsoft® Windows Vista™ Édition Familiale Premium Service Pack 2 (X86) Langue: Français (France) Internet Explorer Version 7 (Navigateur par défaut: Chrome) Mode d'amorçage: Normal Tutoriel pour Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processus (Avec liste blanche) ================= (Si un élément est inclus dans le fichier fixlist.txt, le processus sera arrêté. Le fichier ne sera pas déplacé.) (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe (Microsoft Corporation) C:\Windows\System32\SLsvc.exe (Microsoft Corporation) C:\Windows\System32\rundll32.exe (AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe () C:\Program Files\Adobe\Photoshop Elements 6.0\PhotoshopElementsFileAgent.exe (Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe (Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe () C:\Program Files\PACKARD BELL\Packard Bell Recovery Management\Service\ETService.exe (Packard Bell Services) C:\Windows\System32\HidService.exe (Nero AG) C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe (Realtek Semiconductor) C:\Windows\RtHDVCpl.exe (Packard Bell BV) C:\Program Files\PACKARD BELL\SetUpMyPC\SmpSys.exe (Prolific Technology Inc.) C:\Windows\System32\IoctlSvc.exe (Packard Bell BV) C:\ACER\Preload\Autorun\DRV\Fiji Keyboard\ABoard.exe (Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe (Microsoft Corporation) C:\Windows\WindowsMobile\wmdSync.exe (Wondershare) C:\Program Files\Wondershare\WAF\2.3.2.220\WsAppService.exe (Nero AG) C:\Program Files\Common Files\Nero\Lib\NMIndexStoreSvr.exe (Microsoft Corporation) C:\Windows\ehome\ehtray.exe (Microsoft Corporation) C:\Windows\ehome\ehmsas.exe (Packard Bell BV) C:\ACER\Preload\Autorun\DRV\Fiji Keyboard\AOSD.exe (Nico Mak Computing) C:\Program Files\File Association Helper\FAHWindow.exe (AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe (Wondershare) C:\Program Files\Wondershare\dr.fone toolkit pour Android\Library\DriverInstaller\DriverInstall.exe (Microsoft Corporation) C:\Program Files\Windows Media Player\wmpnscfg.exe (AVAST Software s.r.o.) C:\Program Files\AVAST Software\Avast\aswidsagent.exe (Microsoft Corporation) C:\Windows\System32\wbem\unsecapp.exe (Nero AG) C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe (Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe (Microsoft Corporation) C:\Windows\System32\conime.exe ==================== Registre (Avec liste blanche) ==================== (Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé. Le fichier ne sera pas déplacé.) HKLM\...\Run: [Windows Defender] => C:\Program Files\Windows Defender\MSASCui.exe [1008184 2008-01-21] (Microsoft Corporation) HKLM\...\Run: [RtHDVCpl] => C:\Windows\RtHDVCpl.exe [6139904 2008-05-07] (Realtek Semiconductor) HKLM\...\Run: [FujiKeyboard] => c:\Acer\Preload\Autorun\DRV\FUJI Keyboard\ABoard.exe HKLM\...\Run: [Google Desktop Search] => C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe [30192 2009-01-11] (Google) HKLM\...\Run: [SmpcSys] => C:\Program Files\Packard Bell\SetupMyPC\SmpSys.exe [1038136 2008-07-07] (Packard Bell BV) HKLM\...\Run: [Skytel] => C:\Windows\Skytel.exe [1826816 2007-11-20] (Realtek Semiconductor Corp.) HKLM\...\Run: [FijiKeyboard] => c:\Acer\Preload\Autorun\DRV\FIJI Keyboard\ABoard.exe [79416 2008-09-18] (Packard Bell BV) HKLM\...\Run: [Setresolution] => C:\ACER\config\1366x768.cmd HKLM\...\Run: [MontiorGeo] => c:\Acer\MonitorGeo.cmd HKLM\...\Run: [eRecoveryService] => [X] HKLM\...\Run: [NvCplDaemon] => RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [157456 2015-09-12] (Apple Inc.) HKLM\...\Run: [Windows Mobile-based device management] => C:\Windows\WindowsMobile\wmdSync.exe [215552 2008-01-21] (Microsoft Corporation) HKLM\...\Run: [FAHConsole] => C:\Program Files\File Association Helper\FAHConsole.exe [616632 2014-01-28] (Nico Mak Computing) HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [213824 2017-04-03] (AVAST Software) HKLM\...\Winlogon: [Userinit] C:\Windows\system32\ezShellStart.exe HKU\S-1-5-21-667585832-4106197334-438472604-1000\...\Run: [SmpcSys] => C:\Program Files\PACKARD BELL\SetUpMyPC\SmpSys.exe [1038136 2008-07-07] (Packard Bell BV) HKU\S-1-5-21-667585832-4106197334-438472604-1000\...\Run: [IndxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] => C:\Program Files\Common Files\Nero\Lib\NMIndexStoreSvr.exe [1828136 2008-04-28] (Nero AG) HKU\S-1-5-21-667585832-4106197334-438472604-1000\...\Run: [ehTray.exe] => C:\Windows\ehome\ehTray.exe [125952 2008-01-21] (Microsoft Corporation) HKU\S-1-5-21-667585832-4106197334-438472604-1000\...\Run: [uTorrent] => C:\Users\Sandrine\AppData\Roaming\uTorrent\uTorrent.exe [2144448 2017-04-08] (BitTorrent Inc.) HKU\S-1-5-21-667585832-4106197334-438472604-1000\...\Run: [CrashService] => "C:\Users\Sandrine\AppData\Local\1stBrowser\Application\crash_service.exe" --max-reports=50 --no-window HKU\S-1-5-21-667585832-4106197334-438472604-1000\...\Run: [GoogleChromeAutoLaunch_9E4B2E1DBADBCD836DC3FD62A4ED081C] => C:\Users\Sandrine\AppData\Local\Chromium\Application\chrome.exe [667136 2015-08-11] (The Chromium Authors) HKU\S-1-5-21-667585832-4106197334-438472604-1000\...\Run: [Skype] => C:\Program Files\Skype\Phone\Skype.exe [27774936 2017-04-02] (Skype Technologies S.A.) HKU\S-1-5-21-667585832-4106197334-438472604-1000\...\Policies\system: [DisableLockWorkstation] 0 HKU\S-1-5-21-667585832-4106197334-438472604-1000\...\Policies\system: [DisableChangePassword] 0 HKU\S-1-5-21-667585832-4106197334-438472604-1000\...\Policies\Explorer: [NoLogoff] 0 HKU\S-1-5-21-667585832-4106197334-438472604-1000\...\MountPoints2: {2c4047b0-5af5-11e6-8fa0-002511294c89} - E:\AutoRun.exe HKU\S-1-5-21-667585832-4106197334-438472604-1000\...\MountPoints2: {bbc1019f-8479-11e6-972a-002511294c89} - E:\LaunchU3.exe -a HKU\S-1-5-21-667585832-4106197334-438472604-1000\...\MountPoints2: {d16dcf51-58c9-11e6-95fb-002511294c89} - E:\LaunchU3.exe -a HKU\S-1-5-21-667585832-4106197334-438472604-1000\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\System32\Lounge.scr [1359872 2006-11-16] (Packard Bell BV) AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~1\GOEC62~1.DLL => C:\Program Files\Google\Google Desktop Search\GoogleDesktopNetwork3.dll [119296 2009-01-11] (Google) ShellExecuteHooks: EasyBits ShellExecute Hook - {E54729E8-BB3D-4270-9D49-7389EA579090} - C:\Windows\System32\ezUPBHook.dll [49152 2016-07-28] (EasyBits Software Corp.) ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2017-04-03] (AVAST Software) Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Adobe Reader Speed Launch.lnk [2016-11-19] ShortcutTarget: Adobe Reader Speed Launch.lnk -> C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe (Adobe Systems Incorporated) Startup: C:\Users\Sandrine\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Lanceur.lnk [2016-12-26] ShortcutTarget: Lanceur.lnk -> C:\Program Files\Micro Application\LauncherMA.exe (Micro Application) GroupPolicy: Restriction - Chrome <======= ATTENTION ==================== Internet (Avec liste blanche) ==================== (Si un élément est inclus dans le fichier fixlist.txt, s'il s'agit d'un élément du Registre, il sera supprimé ou restauré à la valeur par défaut.) Winsock: Catalog5 07 C:\Program Files\Bonjour\mdnsNSP.dll [122128 2015-08-12] (Apple Inc.) Tcpip\Parameters: [DhcpNameServer] 192.168.1.254 Tcpip\..\Interfaces\{1BE66F69-CE43-4F38-AA66-CB34FA2C5A53}: [DhcpNameServer] 192.168.1.254 Tcpip\..\Interfaces\{BC1F930E-7A78-4BF8-AACF-BB600FFE79D5}: [DhcpNameServer] 192.168.42.129 Internet Explorer: ================== HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.bing.com/search?FORM=INCOH1&PC=IC05&PTAG=ICO-9cec0b23 HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://homepage.packardbell.com/rdr.aspx?b=ACPW&l=040c&s=1&o=vp32&d=0716&m=imedia_d4145_fr HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm HKU\S-1-5-21-667585832-4106197334-438472604-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.bing.com/search?FORM=INCOH1&PC=IC05&PTAG=ICO-9cec0b23 HKU\S-1-5-21-667585832-4106197334-438472604-1000\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://homepage.packardbell.com/rdr.aspx?b=ACPW&l=040c&s=1&o=vp32&d=0716&m=imedia_d4145_fr HKU\S-1-5-21-667585832-4106197334-438472604-1000\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxps://www.google.fr/webhp?sourceid=navclient&hl=fr&ie=UTF-8&gws_rd=ssl SearchScopes: HKLM -> DefaultScope {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL = hxxp://www.bing.com/search?FORM=INCOH2&PC=IC05&PTAG=ICO-9cec0b23&q={searchTerms} SearchScopes: HKLM -> {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL = hxxp://www.bing.com/search?FORM=INCOH2&PC=IC05&PTAG=ICO-9cec0b23&q={searchTerms} SearchScopes: HKLM -> {d4fee3d1-1014-4db8-a824-573bf9ab51c7} URL = hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7ACPW SearchScopes: HKU\S-1-5-21-667585832-4106197334-438472604-1000 -> DefaultScope {FE24DCF0-AA98-4E52-9FD3-CC38FF0D68EE} URL = hxxp://www.bing.com/search?FORM=INCOH2&PC=IC05&PTAG=ICO-9cec0b23&q={searchTerms} SearchScopes: HKU\S-1-5-21-667585832-4106197334-438472604-1000 -> {d4fee3d1-1014-4db8-a824-573bf9ab51c7} URL = hxxps://fr.search.yahoo.com/search?fr=chr-greentree_ie&ei=utf-8&ilc=12&type=994519&p={searchTerms} SearchScopes: HKU\S-1-5-21-667585832-4106197334-438472604-1000 -> {FE24DCF0-AA98-4E52-9FD3-CC38FF0D68EE} URL = hxxp://www.bing.com/search?FORM=INCOH2&PC=IC05&PTAG=ICO-9cec0b23&q={searchTerms} BHO: AcroIEHlprObj Class -> {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} -> C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll [2004-12-14] (Adobe Systems Incorporated) BHO: Pas de nom -> {5C255C8A-E604-49b4-9D64-90988571CECB} -> Pas de fichier BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2017-04-03] (AVAST Software) BHO: Programme d'aide de l'Assistant de connexion Windows Live -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2008-11-18] (Microsoft Corporation) BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2017-02-01] (Google Inc.) Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2017-02-01] (Google Inc.) Toolbar: HKU\S-1-5-21-667585832-4106197334-438472604-1000 -> Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2017-02-01] (Google Inc.) DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab Handler: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.14.0.8050.1202.dll [2008-12-02] (Microsoft Corporation) Handler: ms-itss - {0A9007C0-4076-11D3-8789-0000F8105754} - c:\Program Files\Common Files\Microsoft Shared\Information Retrieval\msitss.dll [2007-06-08] (Microsoft Corporation) Handler: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.14.0.8050.1202.dll [2008-12-02] (Microsoft Corporation) StartMenuInternet: IEXPLORE.EXE - iexplore.exe FireFox: ======== FF DefaultProfile: mt54sl80.default FF ProfilePath: C:\Users\Sandrine\AppData\Roaming\Mozilla\Firefox\Profiles\mt54sl80.default [2016-11-17] FF SelectedSearchEngine: Mozilla\Firefox\Profiles\mt54sl80.default -> Bing Search Engine FF DefaultSearchEngine: Mozilla\Firefox\Profiles\mt54sl80.default -> Bing Search Engine FF NewTab: Mozilla\Firefox\Profiles\mt54sl80.default -> about:newtab FF Homepage: Mozilla\Firefox\Profiles\mt54sl80.default -> hxxp://www.bing.com/search?FORM=INCOH1&PC=IC04&PTAG=ICO-9cec0b23 FF Keyword.URL: Mozilla\Firefox\Profiles\mt54sl80.default -> user_pref("keyword.URL", true); FF Extension: (Downloadsf Search Engine) - C:\Users\Sandrine\AppData\Roaming\Mozilla\Firefox\Profiles\mt54sl80.default\Extensions\{f63d620c-8781-4ba0-b70e-08dce6856205}.xpi [2016-08-08] FF SearchPlugin: C:\Users\Sandrine\AppData\Roaming\Mozilla\Firefox\Profiles\mt54sl80.default\searchplugins\bing powered search.xml [2016-09-26] FF SearchPlugin: C:\Users\Sandrine\AppData\Roaming\Mozilla\Firefox\Profiles\mt54sl80.default\searchplugins\bing search engine.xml [2017-01-04] FF SearchPlugin: C:\Users\Sandrine\AppData\Roaming\Mozilla\Firefox\Profiles\mt54sl80.default\searchplugins\yahoo_ff.xml [2016-08-03] FF SearchPlugin: C:\Users\Sandrine\AppData\Roaming\Mozilla\Firefox\Profiles\mt54sl80.default\searchplugins\yhs.xml [2016-10-31] FF Extension: (Site Deployment Checker) - C:\Program Files\Mozilla Firefox\browser\features\deployment-checker@mozilla.org.xpi [2017-04-08] [non signé] FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension FF Extension: (Microsoft .NET Framework Assistant) - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension [2016-08-02] [non signé] FF HKLM\...\Firefox\Extensions: [{7BA52691-1876-45ce-9EE6-54BCB3B04BBC}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\coFFPlgn => non trouvé(e) FF HKLM\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF48 FF Extension: (Avast Online Security) - C:\Program Files\AVAST Software\Avast\WebRep\FF48 [2017-04-12] FF HKLM\...\Firefox\Extensions: [sp@avast.com] - C:\Program Files\AVAST Software\Avast\SafePrice\FF48 FF Extension: (Avast SafePrice) - C:\Program Files\AVAST Software\Avast\SafePrice\FF48 [2017-04-12] FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32_25_0_0_148.dll [2017-04-11] () FF Plugin: @Apple.com/iTunes,version=1.0 -> C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll [2015-09-04] () FF Plugin: @microsoft.com/WLPG,version=14.0.8051.1204 -> C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll [2008-12-04] (Microsoft Corporation) FF Plugin: @microsoft.com/WPF,version=3.5 -> c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll [2008-07-29] (Microsoft Corporation) FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.33.3\npGoogleUpdate3.dll [2017-04-11] (Google Inc.) FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.33.3\npGoogleUpdate3.dll [2017-04-11] (Google Inc.) FF Plugin: @videolan.org/vlc,version=2.2.4 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN) FF ExtraCheck: C:\Program Files\mozilla firefox\defaults\pref\itms.js [2015-09-09] Chrome: ======= CHR HomePage: Default -> hxxps://fr.search.yahoo.com/?type=994519&fr=yo-yhp-ch CHR StartupUrls: Default -> "hxxps://fr.search.yahoo.com/?type=994519&fr=yo-yhp-ch" CHR NewTab: Default -> Not-active:"chrome-extension://mojomniapdmejaljolnjndpkhdfedpfe/newtab/newtab.html", Not-active:"chrome-extension://ppgplhcfmaadpnkmnkhgadmaekeldbnh/stubby.html" CHR Profile: C:\Users\Sandrine\AppData\Local\Google\Chrome\User Data\Default [2017-04-21] CHR Extension: (Google Slides) - C:\Users\Sandrine\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2016-08-02] CHR Extension: (Google Docs) - C:\Users\Sandrine\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2016-08-02] CHR Extension: (Google Drive) - C:\Users\Sandrine\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-08-02] CHR Extension: (YouTube) - C:\Users\Sandrine\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-08-02] CHR Extension: (Avast SafePrice) - C:\Users\Sandrine\AppData\Local\Google\Chrome\User Data\Default\Extensions\eofcbnmajmjmplflapaojjnihcjkigck [2017-03-21] CHR Extension: (Google Sheets) - C:\Users\Sandrine\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2016-08-02] CHR Extension: (Google Docs hors connexion) - C:\Users\Sandrine\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-08-02] CHR Extension: (Avast Online Security) - C:\Users\Sandrine\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2017-04-06] CHR Extension: (Seen On Screen) - C:\Users\Sandrine\AppData\Local\Google\Chrome\User Data\Default\Extensions\mojomniapdmejaljolnjndpkhdfedpfe [2017-04-20] CHR Extension: (Paiements via le Chrome Web Store) - C:\Users\Sandrine\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-03-10] CHR Extension: (Gmail) - C:\Users\Sandrine\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-08-02] CHR Extension: (TelevisionFanatic) - C:\Users\Sandrine\AppData\Local\Google\Chrome\User Data\Default\Extensions\ppgplhcfmaadpnkmnkhgadmaekeldbnh [2017-04-13] CHR Profile: C:\Users\Sandrine\AppData\Local\Google\Chrome\User Data\System Profile [2016-09-26] CHR HKLM\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - hxxps://clients2.google.com/service/update2/crx CHR HKLM\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - hxxps://clients2.google.com/service/update2/crx ==================== Services (Avec liste blanche) ==================== (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.) R2 AdobeActiveFileMonitor6.0; C:\Program Files\Adobe\Photoshop Elements 6.0\PhotoshopElementsFileAgent.exe [124832 2007-09-11] () R3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\aswidsagent.exe [5758120 2017-04-03] (AVAST Software s.r.o.) R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [261712 2017-04-03] (AVAST Software) R2 ETService; C:\Program Files\Packard Bell\Packard Bell Recovery Management\Service\ETService.exe [24576 2008-07-16] () [Fichier non signé] R2 ezSharedSvc; C:\Windows\System32\ezsvc7.dll [129992 2008-02-03] (EasyBits Sofware AS) [Fichier non signé] S3 FLEXnet Licensing Service; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [654848 2009-01-11] (Macrovision Europe Ltd.) [Fichier non signé] R2 GenericHidService; C:\Windows\system32\HidService.exe [83264 2008-05-29] (Packard Bell Services) S3 GoogleDesktopManager-092308-165331; C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe [30192 2009-01-11] (Google) R2 PLFlash DeviceIoControl Service; C:\Windows\system32\IoctlSvc.exe [81920 2006-12-19] (Prolific Technology Inc.) [Fichier non signé] S2 SkypeUpdate; C:\Program Files\Skype\Updater\Updater.exe [317400 2017-02-22] (Skype Technologies) [Fichier non signé] S2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [272952 2008-01-21] (Microsoft Corporation) R2 WsAppService; C:\Program Files\Wondershare\WAF\2.3.2.220\WsAppService.exe [441344 2017-01-05] (Wondershare) [Fichier non signé] R2 WsDrvInst; C:\Program Files\Wondershare\dr.fone toolkit pour Android\Library\DriverInstaller\DriverInstall.exe [124048 2017-01-05] (Wondershare) ===================== Pilotes (Avec liste blanche) ====================== (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.) S3 61883; C:\Windows\System32\DRIVERS\61883.sys [45696 2008-01-21] (Microsoft Corporation) R1 aswbidsdriver; C:\Windows\system32\drivers\aswbidsdriverx.sys [255184 2017-04-03] (AVAST Software s.r.o.) R0 aswbidsh; C:\Windows\system32\drivers\aswbidshx.sys [148208 2017-04-03] (AVAST Software s.r.o.) R0 aswblog; C:\Windows\system32\drivers\aswblogx.sys [267528 2017-04-03] (AVAST Software s.r.o.) R0 aswbuniv; C:\Windows\system32\drivers\aswbunivx.sys [41176 2017-04-03] (AVAST Software s.r.o.) S3 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [34136 2017-04-03] (AVAST Software) R1 aswKbd; C:\Windows\system32\drivers\aswKbd.sys [31064 2017-04-03] (AVAST Software) R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [106904 2017-04-03] (AVAST Software) R1 aswRdr; C:\Windows\system32\drivers\aswRdr.sys [60760 2017-04-03] (AVAST Software) R0 aswRvrt; C:\Windows\system32\drivers\aswRvrt.sys [62152 2017-04-03] (AVAST Software) R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [764064 2017-04-03] (AVAST Software) R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [472760 2017-04-03] (AVAST Software) R3 aswStmXP; C:\Windows\system32\drivers\aswStmXP.sys [184208 2017-04-03] (AVAST Software) R0 aswVmm; C:\Windows\system32\drivers\aswVmm.sys [279800 2017-04-03] (AVAST Software) S3 SIS163u; C:\Windows\System32\DRIVERS\sis163u.sys [215040 2005-06-20] (SiS Corporation) S3 EraserUtilDrv10710; \??\C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilDrv10710.sys [X] S3 IpInIp; system32\DRIVERS\ipinip.sys [X] S3 NwlnkFlt; system32\DRIVERS\nwlnkflt.sys [X] S3 NwlnkFwd; system32\DRIVERS\nwlnkfwd.sys [X] ==================== NetSvcs (Avec liste blanche) =================== (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.) ==================== Un mois - Créés - fichiers et dossiers ======== (Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.) 2017-04-21 10:01 - 2017-04-21 10:03 - 00022919 _____ C:\Users\Sandrine\Downloads\FRST.txt 2017-04-21 10:01 - 2017-04-21 10:01 - 00000000 ____D C:\FRST 2017-04-21 10:00 - 2017-04-21 10:00 - 01766912 _____ (Farbar) C:\Users\Sandrine\Downloads\FRST.exe 2017-04-21 09:54 - 2017-04-21 09:54 - 00000000 ____D C:\ProgramData\SWCUTemp 2017-04-20 10:54 - 2017-04-20 10:55 - 00000000 ____D C:\Msc 2017-04-20 10:54 - 2017-04-20 10:54 - 00000486 _____ C:\Users\Sandrine\Desktop\Logiciel ESPION.lnk 2017-04-17 13:09 - 2017-04-17 13:09 - 00000000 ____D C:\Users\Sandrine\Desktop\Facebook 2017-04-17 13:08 - 2017-04-17 13:18 - 00000000 ____D C:\Users\Sandrine\Desktop\Camera 2017-04-12 21:24 - 2017-04-03 16:35 - 00330256 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe 2017-04-11 14:24 - 2017-04-11 14:24 - 00153916 _____ C:\Users\Sandrine\Downloads\attestation.pdf 2017-04-10 09:13 - 2017-04-10 09:13 - 01207392 _____ (Adobe Systems Incorporated) C:\Users\Sandrine\Downloads\reader11_fr_ga_install.exe 2017-04-08 20:10 - 2017-04-21 09:51 - 729450262 _____ C:\Users\Sandrine\Downloads\Friend.Request.2016.FRENCH.BDRip.XviD-EXTREME.avi 2017-04-08 20:10 - 2017-04-21 09:51 - 1483821280 _____ C:\Users\Sandrine\Downloads\Split.2016.FRENCH.BDRip.XviD-EXTREME.avi 2017-04-08 20:08 - 2017-04-21 09:51 - 1474177024 _____ C:\Users\Sandrine\Downloads\[nextorrent.net] Rogue.One.2016.TRUEFRENCH.BDRiP.XviD-GZR.avi 2017-04-08 20:08 - 2017-04-08 21:20 - 00000000 ____D C:\Users\Sandrine\Downloads\Lion 2016 FRENCH BDRip XviD-EXTREME 2017-04-08 20:06 - 2017-04-21 09:51 - 728609732 _____ C:\Users\Sandrine\Downloads\Felony.2013.FRENCH.BDRip.XviD-EXTREME.avi 2017-04-08 20:06 - 2017-04-21 09:51 - 1465121420 _____ C:\Users\Sandrine\Downloads\Bleed.For.This.2016.FRENCH.BDRip.XviD-EXTREME.avi 2017-04-08 20:06 - 2017-04-08 20:49 - 00000000 ____D C:\Users\Sandrine\Downloads\Lavender 2016 FRENCH WEBRip XviD-EXTREME 2017-04-08 20:05 - 2017-04-21 09:58 - 729386066 _____ C:\Users\Sandrine\Downloads\1.54.2016.FRENCH.BDRip.XviD-EXTREME.avi 2017-04-08 20:05 - 2017-04-08 20:28 - 00000000 ____D C:\Users\Sandrine\Downloads\Stratton 2017 FRENCH HDRip XviD-EXTREME 2017-04-08 20:01 - 2017-04-08 20:01 - 00058441 _____ C:\Users\Sandrine\Downloads\criminel-french-dvdrip-2017.torrent 2017-04-08 19:59 - 2017-04-08 19:59 - 00114630 _____ C:\Users\Sandrine\Downloads\k-o-bleed-for-this-french-dvdrip-2017.torrent 2017-04-08 19:59 - 2017-04-08 19:59 - 00058498 _____ C:\Users\Sandrine\Downloads\1-54-french-dvdrip-2017.torrent 2017-04-08 19:58 - 2017-04-08 19:58 - 00058508 _____ C:\Users\Sandrine\Downloads\friend-request-french-dvdrip-2017.torrent 2017-04-08 19:56 - 2017-04-08 19:56 - 00114931 _____ C:\Users\Sandrine\Downloads\lion-french-dvdrip-2017.torrent 2017-04-08 19:53 - 2017-04-08 19:53 - 00058672 _____ C:\Users\Sandrine\Downloads\lavender-french-webrip-2017.torrent 2017-04-08 19:52 - 2017-04-08 19:52 - 00029410 _____ C:\Users\Sandrine\Downloads\Rogue One- A Star Wars Story TRUEFRENCH DVDRiP 2017.torrent 2017-04-08 19:51 - 2017-04-08 20:04 - 00000000 ____D C:\Users\Sandrine\Downloads\Monster High Electrified 2017 FRENCH BDRip XviD-EXTREME 2017-04-08 19:51 - 2017-04-08 19:51 - 00116062 _____ C:\Users\Sandrine\Downloads\split-french-dvdrip-2017.torrent 2017-04-08 19:50 - 2017-04-21 09:58 - 730637086 _____ C:\Users\Sandrine\Downloads\Teen.Titans.The.Judas.Contract.2017.FRENCH.BDRip.XviD-EXTREME.avi 2017-04-08 19:50 - 2017-04-08 19:50 - 00059161 _____ C:\Users\Sandrine\Downloads\stratton-french-webrip-2017.torrent 2017-04-08 19:50 - 2017-04-08 19:50 - 00058813 _____ C:\Users\Sandrine\Downloads\monster-high-electrified-french-dvdrip-2017.torrent 2017-04-08 19:49 - 2017-04-08 20:06 - 00000000 ____D C:\Users\Sandrine\Downloads\Nemesis 2016 FRENCH BDRip XviD-EXTREME 2017-04-08 19:49 - 2017-04-08 19:49 - 00058630 _____ C:\Users\Sandrine\Downloads\teen-titans-the-judas-contract-french-dvdrip-2017.torrent 2017-04-08 19:48 - 2017-04-08 19:48 - 00058898 _____ C:\Users\Sandrine\Downloads\nemesis-french-dvdrip-2017.torrent 2017-04-08 19:46 - 2017-04-21 09:51 - 1462029958 _____ C:\Users\Sandrine\Downloads\[nextorrent.net] Kong.Skull.Island.2017.KORSUB.FRENCH.MD.HDRip.XviD.NEWCiNE.avi 2017-04-08 19:44 - 2017-04-08 19:44 - 00029208 _____ C:\Users\Sandrine\Downloads\Kong- Skull Island TRUEFRENCH DVDSCR MD 2017.torrent 2017-04-07 11:08 - 2017-04-07 11:08 - 00000000 ____D C:\Program Files\Common Files\Skype 2017-04-07 11:04 - 2017-04-07 11:06 - 57197528 _____ (Skype Technologies S.A.) C:\Users\Sandrine\Downloads\SkypeSetupFullXp.exe 2017-04-02 17:36 - 2017-04-02 17:39 - 00000000 ____D C:\Users\Sandrine\Downloads\fichier win 2017-04-02 17:31 - 2017-04-04 10:26 - 00000000 ____D C:\Users\Sandrine\Downloads\sansan 2017-03-31 17:09 - 2017-03-31 17:10 - 00000000 ____D C:\Users\Sandrine\Documents\104SSCAM 2017-03-31 09:26 - 2017-03-31 09:31 - 00000000 ____D C:\Users\Sandrine\AppData\Local\Microsoft Help 2017-03-31 09:21 - 2017-03-31 09:21 - 00000000 ____D C:\Users\Sandrine\AppData\Roaming\AdobeUM 2017-03-24 18:04 - 2017-03-24 18:04 - 00000000 ____H C:\Windows\system32\Drivers\Msft_Kernel_winusb_01009.Wdf 2017-03-24 18:03 - 2017-03-24 18:03 - 00000000 ____H C:\Windows\system32\Drivers\MsftWdf_Kernel_01009_Coinstaller_Critical.Wdf 2017-03-24 18:03 - 2009-07-14 19:45 - 00445008 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Wdf01000.sys 2017-03-24 18:03 - 2009-07-14 19:45 - 00038480 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WdfLdr.sys 2017-03-24 18:03 - 2009-07-14 19:45 - 00000003 _____ C:\Windows\system32\Drivers\MsftWdf_Kernel_01009_Inbox_Critical.Wdf 2017-03-24 18:03 - 2009-07-14 14:12 - 00016896 _____ (Microsoft Corporation) C:\Windows\system32\winusb.dll 2017-03-24 18:03 - 2009-07-14 01:51 - 00034944 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\winusb.sys 2017-03-23 17:44 - 2017-04-20 13:50 - 00000936 _____ C:\Users\Sandrine\AppData\Roaming\wklnhst.dat 2017-03-23 17:44 - 2017-03-23 17:44 - 00000000 ____D C:\Users\Sandrine\AppData\Roaming\Template 2017-03-23 16:28 - 2017-03-23 16:28 - 00000000 ____D C:\99fb1d01032378fa0ee4 2017-03-22 12:33 - 2017-03-22 12:33 - 00000000 ____D C:\6b2072c85039991ecb808e4a 2017-03-22 10:29 - 2017-04-07 11:08 - 00000000 ___RD C:\Program Files\Skype 2017-03-22 10:29 - 2017-03-22 10:29 - 00001878 _____ C:\Users\Public\Desktop\Skype.lnk 2017-03-22 10:29 - 2017-03-22 10:29 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype ==================== Un mois - Modifiés - fichiers et dossiers ======== (Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.) 2017-04-21 10:01 - 2016-07-28 23:38 - 00000069 _____ C:\Windows\NeroDigital.ini 2017-04-21 10:01 - 2016-07-28 23:25 - 00128512 _____ C:\Users\Sandrine\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini 2017-04-21 10:00 - 2006-11-02 13:18 - 00000000 ____D C:\Windows\tracing 2017-04-21 09:58 - 2016-08-05 12:01 - 00000000 ____D C:\Users\Sandrine\AppData\Roaming\Skype 2017-04-21 09:58 - 2016-08-03 18:32 - 00000000 ____D C:\Users\Sandrine\AppData\Roaming\uTorrent 2017-04-21 09:56 - 2016-07-29 13:55 - 00000440 _____ C:\Windows\system32\Drivers\etc\hosts.ics 2017-04-21 09:54 - 2016-08-01 19:14 - 00065536 _____ C:\Windows\system32\Ikeext.etl 2017-04-21 09:54 - 2016-07-28 21:58 - 00000000 _____ C:\Windows\system32\LogConfigTemp.xml 2017-04-21 09:53 - 2006-11-02 15:01 - 00000006 ____H C:\Windows\Tasks\SA.DAT 2017-04-21 09:53 - 2006-11-02 14:47 - 00003216 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0 2017-04-21 09:53 - 2006-11-02 14:47 - 00003216 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0 2017-04-21 09:52 - 2006-11-02 15:01 - 00032492 _____ C:\Windows\Tasks\SCHEDLGU.TXT 2017-04-20 12:51 - 2016-08-03 18:33 - 00000000 ___SD C:\Users\Sandrine\AppData\LocalLow\Temp 2017-04-20 12:51 - 2016-07-28 21:56 - 00000000 ____D C:\Users\Sandrine\AppData\Local\Google 2017-04-20 11:48 - 2016-09-26 12:46 - 00000290 __RSH C:\ProgramData\ntuser.pol 2017-04-20 11:46 - 2016-09-26 12:46 - 00000000 ____D C:\ProgramData\{449081F3-CED2-0B35-4814-9577D2561EB9} 2017-04-20 11:16 - 2016-11-09 12:09 - 00000000 ____D C:\ProgramData\{2F58EA3B-A51A-60FD-23DC-FEBFB99E7571} 2017-04-18 15:40 - 2017-02-20 16:11 - 00000000 ____D C:\Users\Sandrine\Downloads\Fifty Shades Darker 2017 HD-TS x264-CPG 2017-04-15 17:37 - 2017-01-04 13:17 - 00000000 ____D C:\Users\Sandrine\AppData\Roaming\Porabocaba 2017-04-15 10:36 - 2008-01-21 10:41 - 01495948 _____ C:\Windows\system32\PerfStringBackup.INI 2017-04-15 10:36 - 2008-01-21 10:40 - 00678804 _____ C:\Windows\system32\perfh00C.dat 2017-04-15 10:36 - 2008-01-21 10:40 - 00126420 _____ C:\Windows\system32\perfc00C.dat 2017-04-15 10:36 - 2006-11-02 13:18 - 00000000 ____D C:\Windows\inf 2017-04-13 18:37 - 2016-09-27 08:23 - 00000274 _____ C:\Users\Sandrine\AppData\Roaming\WB.CFG 2017-04-11 18:59 - 2016-08-21 22:58 - 00802904 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe 2017-04-11 18:59 - 2016-08-21 22:58 - 00144472 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl 2017-04-11 18:59 - 2009-01-11 00:44 - 00000000 ____D C:\Windows\system32\Macromed 2017-04-09 16:22 - 2016-09-26 16:49 - 00000000 ____D C:\Users\Sandrine\AppData\Roaming\U3 2017-04-09 09:06 - 2016-11-19 14:55 - 00000000 ____D C:\Program Files\WinRAR 2017-04-08 19:47 - 2017-03-04 19:16 - 00000000 ____D C:\Users\Sandrine\Downloads\Dieudonne.En.Paix.2016.Webrip.mkv-HDlife 2017-04-08 19:47 - 2017-03-04 19:14 - 00000000 ____D C:\Users\Sandrine\Downloads\Dark Web 2016 TRUEFRENCH DVDRip XviD-UTT 2017-04-08 19:46 - 2017-03-19 18:05 - 00000000 ____D C:\Users\Sandrine\Downloads\Rogue One 2016 FRENCH BDRip XviD-EXTREME 2017-04-08 19:46 - 2017-03-19 17:47 - 00000000 ____D C:\Users\Sandrine\Downloads\Sniper Special Ops 2016 FRENCH BDRip XviD-EXTREME 2017-04-08 19:46 - 2017-01-28 14:52 - 00000000 ____D C:\Users\Sandrine\Downloads\Toni Erdmann 2016 FRENCH BDRip XviD-EXTREME 2017-04-08 18:49 - 2016-11-19 14:55 - 00000000 ____D C:\Users\Sandrine\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR 2017-04-08 18:49 - 2016-11-19 14:55 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR 2017-04-08 18:49 - 2016-11-11 12:09 - 00000000 ____D C:\Program Files\Mozilla Firefox 2017-04-08 18:43 - 2016-09-03 20:01 - 00000000 ____D C:\Users\Sandrine\Desktop\MUSIQUE USB 2017-04-07 11:08 - 2016-08-05 12:00 - 00000000 ____D C:\ProgramData\Skype 2017-04-03 16:35 - 2017-03-21 09:30 - 00031064 _____ (AVAST Software) C:\Windows\system32\Drivers\aswKbd.sys 2017-04-03 16:35 - 2017-03-20 18:17 - 00764064 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys 2017-04-03 16:35 - 2017-03-20 18:17 - 00472760 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys 2017-04-03 16:35 - 2017-03-20 18:17 - 00279800 _____ (AVAST Software) C:\Windows\system32\Drivers\aswVmm.sys 2017-04-03 16:35 - 2017-03-20 18:17 - 00267528 _____ (AVAST Software s.r.o.) C:\Windows\system32\Drivers\aswblogx.sys 2017-04-03 16:35 - 2017-03-20 18:17 - 00255184 _____ (AVAST Software s.r.o.) C:\Windows\system32\Drivers\aswbidsdriverx.sys 2017-04-03 16:35 - 2017-03-20 18:17 - 00184208 _____ (AVAST Software) C:\Windows\system32\Drivers\aswStmXP.sys 2017-04-03 16:35 - 2017-03-20 18:17 - 00148208 _____ (AVAST Software s.r.o.) C:\Windows\system32\Drivers\aswbidshx.sys 2017-04-03 16:35 - 2017-03-20 18:17 - 00106904 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys 2017-04-03 16:35 - 2017-03-20 18:17 - 00062152 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRvrt.sys 2017-04-03 16:35 - 2017-03-20 18:17 - 00060760 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr.sys 2017-04-03 16:35 - 2017-03-20 18:17 - 00041176 _____ (AVAST Software s.r.o.) C:\Windows\system32\Drivers\aswbunivx.sys 2017-04-03 16:35 - 2017-03-20 18:17 - 00034136 _____ (AVAST Software) C:\Windows\system32\Drivers\aswHwid.sys 2017-04-02 17:39 - 2016-08-27 14:13 - 00000000 ____D C:\Users\Sandrine\Downloads\usb hich 2017-03-31 16:58 - 2006-11-02 14:47 - 00303536 _____ C:\Windows\system32\FNTCACHE.DAT 2017-03-31 09:34 - 2016-07-28 21:56 - 00072784 _____ C:\Users\Sandrine\AppData\Local\GDIPFONTCACHEV1.DAT 2017-03-30 20:21 - 2017-03-19 17:47 - 730573380 _____ C:\Users\Sandrine\Downloads\Sword.of.Vengeance.2015.FRENCH.BDRip.XviD-EXTREME.avi 2017-03-25 10:07 - 2006-11-02 13:18 - 00000000 ____D C:\Windows\rescache 2017-03-24 11:12 - 2016-11-14 20:20 - 00000000 ____D C:\Users\Sandrine\AppData\Roaming\vlc 2017-03-23 22:08 - 2016-11-11 14:39 - 00000000 ____D C:\ProgramData\AVAST Software 2017-03-23 19:28 - 2016-09-09 11:14 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wondershare 2017-03-23 19:27 - 2016-09-09 11:13 - 00000000 ____D C:\Program Files\Wondershare ==================== Fichiers à la racine de certains dossiers ======= 2017-01-04 13:17 - 2017-01-04 13:17 - 0019198 _____ () C:\Users\Sandrine\AppData\Roaming\Gedinocihuta 2017-03-15 08:08 - 2017-03-15 08:08 - 0750592 _____ (Cafamaroco Ltd.) C:\Users\Sandrine\AppData\Roaming\Pagala.exe 2016-09-27 08:23 - 2017-04-13 18:37 - 0000274 _____ () C:\Users\Sandrine\AppData\Roaming\WB.CFG 2017-03-23 17:44 - 2017-04-20 13:50 - 0000936 _____ () C:\Users\Sandrine\AppData\Roaming\wklnhst.dat 2016-07-28 23:25 - 2017-04-21 10:01 - 0128512 _____ () C:\Users\Sandrine\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini 2017-03-20 17:36 - 2017-03-20 17:36 - 0007070 _____ () C:\ProgramData\N360BUOptions.ini Certains fichiers dans TEMP: ==================== 2008-08-25 10:31 - 2008-08-25 10:31 - 242743296 _____ (Microsoft Corporation) C:\Users\Sandrine\AppData\Local\Temp\dotnetfx35_sp1.exe 2009-03-16 18:38 - 2009-03-16 18:38 - 1914000 _____ (Adobe Systems Incorporated) C:\Users\Sandrine\AppData\Local\Temp\install_flash_player_10_active_x.exe 2008-12-15 17:34 - 2008-12-15 17:34 - 2585872 _____ (Microsoft Corporation) C:\Users\Sandrine\AppData\Local\Temp\Wi3.1-x86.exe 2006-12-07 12:43 - 2006-12-07 12:43 - 8100680 _____ (Microsoft Corporation) C:\Users\Sandrine\AppData\Local\Temp\wmfdist11.exe ==================== Bamital & volsnap ====================== (Il n'y a pas de correction automatique pour les fichiers qui ne satisfont pas à la vérification.) C:\Windows\explorer.exe => Le fichier est signé numériquement C:\Windows\system32\winlogon.exe => Le fichier est signé numériquement C:\Windows\system32\wininit.exe => Le fichier est signé numériquement C:\Windows\system32\svchost.exe => Le fichier est signé numériquement C:\Windows\system32\services.exe => Le fichier est signé numériquement C:\Windows\system32\User32.dll => Le fichier est signé numériquement C:\Windows\system32\userinit.exe => Le fichier est signé numériquement C:\Windows\system32\rpcss.dll => Le fichier est signé numériquement C:\Windows\system32\dnsapi.dll => Le fichier est signé numériquement C:\Windows\system32\Drivers\volsnap.sys => Le fichier est signé numériquement LastRegBack: 2017-04-21 10:01 ==================== Fin de FRST.txt ============================