Résultats d'analyse de Farbar Recovery Scan Tool (FRST) (x64) Version: 27-02-2017 01
Exécuté par michel crouzet (administrateur) sur MICHELCROUZET (01-03-2017 09:41:03)
Exécuté depuis C:\Users\michel crouzet\AppData\Local\Microsoft\Windows\INetCache\IE\JA6EZRVC
Profils chargés: michel crouzet (Profils disponibles: michel crouzet)
Platform: Windows 10 Home Version 1607 (X64) Langue: Français (France)
Internet Explorer Version 11 (Navigateur par défaut: FF)
Mode d'amorçage: Normal
Tutoriel pour Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processus (Avec liste blanche) =================

(Si un élément est inclus dans le fichier fixlist.txt, le processus sera arrêté. Le fichier ne sera pas déplacé.)

(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
(Hewlett-Packard Company) C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hp\Common\HPSupportSolutionsFrameworkService.exe
(Symantec Corporation) C:\Program Files (x86)\Norton Internet Security\Engine\22.9.0.71\nis.exe
(Symantec Corporation) C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe
(Dropbox, Inc.) C:\Windows\System32\DbxSvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
(Microsoft Corporation) C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.32.7\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.32.7\GoogleCrashHandler64.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Symantec Corporation) C:\Program Files (x86)\Norton Internet Security\Engine\22.9.0.71\nis.exe
() C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.11.110.0_x64__kzf8qxf38zg5c\SkypeHost.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersServer.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Hewlett-Packard) C:\Program Files (x86)\Hewlett-Packard\HP Odometer\hpsysdrv.exe
(Google, Inc) C:\Users\michel crouzet\AppData\Local\Programs\Google\Google Photos Backup\Google Photos Backup.exe
(Hewlett-Packard) C:\Program Files (x86)\Hp\HP Software Update\hpwuschd2.exe
(Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe
(Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Google Inc.) C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbarUser_32.exe

==================== Registre (Avec liste blanche) ====================

(Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé. Le fichier ne sera pas déplacé.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [14021336 2015-06-18] (Realtek Semiconductor)
HKLM\...\Run: [Logitech Download Assistant] => C:\Windows\system32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch
HKLM\...\Run: [hpsysdrv] => c:\program files (x86)\hewlett-packard\HP odometer\hpsysdrv.exe [62768 2008-11-20] (Hewlett-Packard)
HKLM-x32\...\Run: [Norton Online Backup] => C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuClient.exe [1155928 2010-06-02] (Symantec Corporation)
HKLM-x32\...\Run: [Easybits Recovery] => C:\Program Files (x86)\EasyBits For Kids\ezRecover.exe
HKLM-x32\...\Run: [Nikon Message Center 2] => C:\Program Files (x86)\Nikon\Nikon Message Center 2\NkMC2.exe [571392 2011-10-30] (Nikon Corporation)
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe [96056 2013-05-30] (Hewlett-Packard)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [Dropbox] => C:\Program Files (x86)\Dropbox\Client\Dropbox.exe [26781320 2017-02-21] (Dropbox, Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [587288 2016-12-12] (Oracle Corporation)
Winlogon\Notify\igfxcui: C:\WINDOWS\system32\igfxdev.dll (Intel Corporation)
HKLM\...\Policies\Explorer: [EnableShellExecuteHooks] 1
HKU\S-1-5-19\Control Panel\Desktop\\SCRNSAVE.EXE ->
HKU\S-1-5-20\Control Panel\Desktop\\SCRNSAVE.EXE ->
HKU\S-1-5-21-1987855195-3959450341-489905678-1000\...\Run: [swg] => C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [39408 2012-07-11] (Google Inc.)
HKU\S-1-5-21-1987855195-3959450341-489905678-1000\...\Run: [GarminExpressTrayApp] => C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe [1407912 2017-01-16] (Garmin Ltd. or its subsidiaries)
HKU\S-1-5-21-1987855195-3959450341-489905678-1000\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [50137728 2015-11-17] (Skype Technologies S.A.)
HKU\S-1-5-21-1987855195-3959450341-489905678-1000\...\Run: [Google Update] => C:\Users\michel crouzet\AppData\Local\Google\Update\1.3.32.7\GoogleUpdateCore.exe [601752 2016-12-17] (Google Inc.)
HKU\S-1-5-21-1987855195-3959450341-489905678-1000\...\Run: [Google Photos Backup] => C:\Users\michel crouzet\AppData\Local\Programs\Google\Google Photos Backup\Google Photos Backup.exe [3790936 2016-04-08] (Google, Inc)
HKU\S-1-5-21-1987855195-3959450341-489905678-1000\...\RunOnce: [Uninstall C:\Users\michel crouzet\AppData\Local\Microsoft\OneDrive\17.3.6390.0509\amd64] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\michel crouzet\AppData\Local\Microsoft\OneDrive\17.3.6390.0509\amd64"
HKU\S-1-5-21-1987855195-3959450341-489905678-1000\...\RunOnce: [Uninstall C:\Users\michel crouzet\AppData\Local\Microsoft\OneDrive\17.3.6390.0509] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\michel crouzet\AppData\Local\Microsoft\OneDrive\17.3.6390.0509"
HKU\S-1-5-21-1987855195-3959450341-489905678-1000\...\Policies\system: [DisableLockWorkstation] 0
HKU\S-1-5-21-1987855195-3959450341-489905678-1000\...\Policies\system: [DisableChangePassword] 0
HKU\S-1-5-21-1987855195-3959450341-489905678-1000\...\Policies\Explorer: [NoLogoff] 0
HKU\S-1-5-21-1987855195-3959450341-489905678-1000\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\WINDOWS\system32\scrnsave.scr [37376 2016-07-16] (Microsoft Corporation)
HKU\S-1-5-18\...\Run: [GarminExpressTrayApp] => C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe [1407912 2017-01-16] (Garmin Ltd. or its subsidiaries)
HKU\S-1-5-18\Control Panel\Desktop\\SCRNSAVE.EXE ->
ShellExecuteHooks: Pas de nom - {E54729E8-643D-4270-9D49-7389EA579090} - C:\Windows\SysWOW64\ezUPBHook64.dll [773192 2014-12-24] ()
ShellExecuteHooks-x32: Pas de nom - {E54729E8-BB3D-4270-9D49-7389EA579090} - C:\Windows\SysWOW64\ezUPBHook32.dll [484936 2014-12-24] ()
ShellIconOverlayIdentifiers: [ DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.14.0.dll [2017-02-21] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.14.0.dll [2017-02-21] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.14.0.dll [2017-02-21] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.14.0.dll [2017-02-21] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.14.0.dll [2017-02-21] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.14.0.dll [2017-02-21] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.14.0.dll [2017-02-21] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.14.0.dll [2017-02-21] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.14.0.dll [2017-02-21] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.14.0.dll [2017-02-21] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ OverlayExcluded] -> {4433A54A-1AC8-432F-90FC-85F045CF383C} => C:\Program Files (x86)\Norton Internet Security\Engine\22.9.0.71\buShell.dll [2017-02-20] (Symantec Corporation)
ShellIconOverlayIdentifiers: [ OverlayPending] -> {F17C0B1E-EF8E-4AD4-8E1B-7D7E8CB23225} => C:\Program Files (x86)\Norton Internet Security\Engine\22.9.0.71\buShell.dll [2017-02-20] (Symantec Corporation)
ShellIconOverlayIdentifiers: [ OverlayProtected] -> {476D0EA3-80F9-48B5-B70B-05E677C9C148} => C:\Program Files (x86)\Norton Internet Security\Engine\22.9.0.71\buShell.dll [2017-02-20] (Symantec Corporation)
ShellIconOverlayIdentifiers-x32: [ DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.14.0.dll [2017-02-21] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.14.0.dll [2017-02-21] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.14.0.dll [2017-02-21] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.14.0.dll [2017-02-21] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.14.0.dll [2017-02-21] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.14.0.dll [2017-02-21] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.14.0.dll [2017-02-21] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.14.0.dll [2017-02-21] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.14.0.dll [2017-02-21] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.14.0.dll [2017-02-21] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ OverlayExcluded] -> {4433A54A-1AC8-432F-90FC-85F045CF383C} => C:\Program Files (x86)\Norton Internet Security\Engine32\22.9.0.71\buShell.dll [2017-02-20] (Symantec Corporation)
ShellIconOverlayIdentifiers-x32: [ OverlayPending] -> {F17C0B1E-EF8E-4AD4-8E1B-7D7E8CB23225} => C:\Program Files (x86)\Norton Internet Security\Engine32\22.9.0.71\buShell.dll [2017-02-20] (Symantec Corporation)
ShellIconOverlayIdentifiers-x32: [ OverlayProtected] -> {476D0EA3-80F9-48B5-B70B-05E677C9C148} => C:\Program Files (x86)\Norton Internet Security\Engine32\22.9.0.71\buShell.dll [2017-02-20] (Symantec Corporation)
Startup: C:\Users\DefaultAppPool\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Uninstall LastPass RunOnce.lnk [2017-01-30]
ShortcutTarget: Uninstall LastPass RunOnce.lnk -> C:\Program Files (x86)\Common Files\lpuninstall.exe (LastPass)
CHR HKLM\SOFTWARE\Policies\Google: Restriction <======= ATTENTION

==================== Internet (Avec liste blanche) ====================

(Si un élément est inclus dans le fichier fixlist.txt, s'il s'agit d'un élément du Registre, il sera supprimé ou restauré à la valeur par défaut.)

Tcpip\Parameters: [DhcpNameServer] 89.2.0.1 89.2.0.2
Tcpip\..\Interfaces\{cfac99e0-81cf-4754-a652-a5a14ffb07c7}: [DhcpNameServer] 89.2.0.1 89.2.0.2

Internet Explorer:
==================
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com
SearchScopes: HKLM -> {18A530B8-C1A3-4BA7-9364-59C2121529BC} URL = hxxp://www.amazon.fr/s/ref=azs_osd_ieafr?ie=UTF-8&tag=hp-fr1-vsb-21&link%5Fcode=qs&index=aps&field-keywords={searchTerms}
SearchScopes: HKLM -> {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = hxxp://rover.ebay.com/rover/1/709-111075-12437-2/4?mpre=hxxp://shop.ebay.com/?_nkw={searchTerms}
SearchScopes: HKLM-x32 -> {18A530B8-C1A3-4BA7-9364-59C2121529BC} URL = hxxp://www.amazon.fr/s/ref=azs_osd_ieafr?ie=UTF-8&tag=hp-fr1-vsb-21&link%5Fcode=qs&index=aps&field-keywords={searchTerms}
SearchScopes: HKLM-x32 -> {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = hxxp://rover.ebay.com/rover/1/709-111075-12437-2/4?mpre=hxxp://shop.ebay.com/?_nkw={searchTerms}
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-1987855195-3959450341-489905678-1000 -> DefaultScope {AFBCB7E0-F91A-4951-9F31-58FEE57A25C4} URL = hxxps://nortonsafe.search.ask.com/web?q={searchTerms}&o=APN11913&l=dis&prt=NS&chn=1000300&geo=FR&ver=22&locale=fr_FR&guid=681E2A23-EA2D-445E-9CDB-D6CD99FA319B&doi=2016-10-30&gct=kwd&qsrc=2869
SearchScopes: HKU\S-1-5-21-1987855195-3959450341-489905678-1000 -> URL hxxp://search.conduit.com/Results.aspx?ctid=CT3323737&octid=EB_ORIGINAL_CTID&SearchSource=58&CUI=&UM=4&UP=SPD7A3B12C-0C87-4064-9536-FE7B5B08D80C&q={searchTerms}&SSPV=
SearchScopes: HKU\S-1-5-21-1987855195-3959450341-489905678-1000 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-1987855195-3959450341-489905678-1000 -> {0b4d26f6-61a8-4463-99dd-5f2fe0400fa6} URL =
SearchScopes: HKU\S-1-5-21-1987855195-3959450341-489905678-1000 -> {18A530B8-C1A3-4BA7-9364-59C2121529BC} URL =
SearchScopes: HKU\S-1-5-21-1987855195-3959450341-489905678-1000 -> {85A60A59-D3D8-468F-B598-FB4393789EF4} URL = hxxps://www.google.fr/search?q={searchTerms}
SearchScopes: HKU\S-1-5-21-1987855195-3959450341-489905678-1000 -> {AFBCB7E0-F91A-4951-9F31-58FEE57A25C4} URL = hxxps://nortonsafe.search.ask.com/web?q={searchTerms}&o=APN11913&l=dis&prt=NS&chn=1000300&geo=FR&ver=22&locale=fr_FR&guid=681E2A23-EA2D-445E-9CDB-D6CD99FA319B&doi=2016-10-30&gct=kwd&qsrc=2869
SearchScopes: HKU\S-1-5-21-1987855195-3959450341-489905678-1000 -> {D944BB61-2E34-4DBF-A683-47E505C587DC} URL =
BHO: Norton Identity Safety -> {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} -> C:\Program Files (x86)\Norton Internet Security\Engine\22.9.0.71\coIEPlg.dll [2017-02-20] (Symantec Corporation)
BHO: LastPass Vault -> {95D9ECF5-2A4D-4550-BE49-70D42F71296E} -> C:\Program Files (x86)\LastPass\LPToolbar_x64.dll => Pas de fichier
BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2016-04-23] (Google Inc.)
BHO: OffresShopping -> {F4A9D6FE-8C16-4D72-B845-7AE0FFAB2DAB} -> C:\Program Files\ItinéraireInfoInstaller\BHO.dll [2015-02-10] (Prestafind)
BHO-x32: Norton Identity Safety -> {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} -> C:\Program Files (x86)\Norton Internet Security\Engine32\22.9.0.71\coIEPlg.dll [2017-02-20] (Symantec Corporation)
BHO-x32: Norton Vulnerability Protection -> {6D53EC84-6AAE-4787-AEEE-F4628F01010C} -> C:\Program Files (x86)\Norton Internet Security\Engine\21.7.0.11\IPS\IPSBHO.DLL => Pas de fichier
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_121\bin\ssv.dll [2017-01-28] (Oracle Corporation)
BHO-x32: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2016-04-23] (Google Inc.)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_121\bin\jp2ssv.dll [2017-01-28] (Oracle Corporation)
BHO-x32: OffresShopping -> {F4A9D6FE-8C16-4D72-B845-7AE0FFAB2DAB} -> C:\Program Files (x86)\ItinéraireInfoInstaller\BHO.dll [2015-02-10] (Prestafind)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2016-04-23] (Google Inc.)
Toolbar: HKLM - LastPass Toolbar - {9f6b5cc3-5c7b-4b5c-97af-19dec1e380e5} - C:\Program Files (x86)\LastPass\LPToolbar_x64.dll Pas de fichier
Toolbar: HKLM - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine\22.9.0.71\coIEPlg.dll [2017-02-20] (Symantec Corporation)
Toolbar: HKLM-x32 - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine32\22.9.0.71\coIEPlg.dll [2017-02-20] (Symantec Corporation)
Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2016-04-23] (Google Inc.)
Toolbar: HKU\S-1-5-21-1987855195-3959450341-489905678-1000 -> Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2016-04-23] (Google Inc.)
Toolbar: HKU\S-1-5-21-1987855195-3959450341-489905678-1000 -> Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine\22.9.0.71\coIEPlg.dll [2017-02-20] (Symantec Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll [2014-05-02] (Skype Technologies)

FireFox:
========
FF DefaultProfile: 7no32xxj.default
FF ProfilePath: C:\Users\michel crouzet\AppData\Roaming\mozilla\firefox\Profiles\7no32xxj.default [2017-03-01]
FF NewTab: mozilla\firefox\Profiles\7no32xxj.default -> hxxp://www.google.com/
FF DefaultSearchEngine: mozilla\firefox\Profiles\7no32xxj.default -> Google
FF SelectedSearchEngine: mozilla\firefox\Profiles\7no32xxj.default -> Google
FF Homepage: mozilla\firefox\Profiles\7no32xxj.default -> hxxp://www.google.com/
FF Extension: (Garmin Communicator) - C:\Users\michel crouzet\AppData\Roaming\mozilla\firefox\Profiles\7no32xxj.default\Extensions\{195A3098-0BD5-4e90-AE22-BA1C540AFD1E} [2015-12-09] [non signé]
FF Extension: (SHA-1 deprecation staged rollout) - C:\Users\michel crouzet\AppData\Roaming\mozilla\firefox\Profiles\7no32xxj.default\features\{13f3fbde-4393-43f8-a345-58f0011b642f}\disableSHA1rollout@mozilla.org.xpi [2017-02-27]
FF SearchPlugin: C:\Users\michel crouzet\AppData\Roaming\mozilla\firefox\Profiles\7no32xxj.default\searchplugins\google-lavasoft.xml [2016-11-22]
FF HKLM\...\Firefox\Extensions: [{C1A2A613-35F1-4FCF-B27F-2840527B6556}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_22.5.0.124\coFFAddon
FF Extension: (Norton Security Toolbar) - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_22.5.0.124\coFFAddon [2017-02-26]
FF HKLM-x32\...\Firefox\Extensions: [quickprint@hp.com] - C:\Program Files (x86)\Hewlett-Packard\SmartPrint\QPExtension
FF Extension: (HP Smart Print) - C:\Program Files (x86)\Hewlett-Packard\SmartPrint\QPExtension [2013-04-12] [non signé]
FF HKLM-x32\...\Firefox\Extensions: [{C1A2A613-35F1-4FCF-B27F-2840527B6556}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_22.5.0.124\coFFAddon
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_24_0_0_194.dll [2017-01-24] ()
FF Plugin: @garmin.com/GpsControl -> C:\Program Files\Garmin GPS Plugin\npGarmin.dll [2014-03-31] (GARMIN Corp.)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.50901.0\npctrl.dll [2016-08-31] ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWoW64\Macromed\Flash\NPSWF32_24_0_0_194.dll [2017-01-24] ()
FF Plugin-x32: @garmin.com/GpsControl -> C:\Program Files (x86)\Garmin GPS Plugin\npGarmin.dll [2014-03-31] (GARMIN Corp.)
FF Plugin-x32: @java.com/DTPlugin,version=11.121.2 -> C:\Program Files (x86)\Java\jre1.8.0_121\bin\dtplugin\npDeployJava1.dll [2017-01-28] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.121.2 -> C:\Program Files (x86)\Java\jre1.8.0_121\bin\plugin2\npjp2.dll [2017-01-28] (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.50901.0\npctrl.dll [2016-08-31] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-03-08] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-03-08] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3555.0308 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-03-08] (Microsoft Corporation)
FF Plugin-x32: @rocketlife.com/RocketLife Secure Plug-In Layer;version=1.0.5 -> C:\Users\michel crouzet\AppData\Roaming\Visan\plugins\npRLSecurePluginLayer.dll [2011-07-29] (RocketLife, LLP)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2016-12-17] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2016-12-17] (Google Inc.)
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\11\NP_wtapp.dll [Pas de fichier]
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2016-12-23] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-1987855195-3959450341-489905678-1000: @tools.google.com/Google Update;version=3 -> C:\Users\michel crouzet\AppData\Local\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2016-12-17] (Google Inc.)
FF Plugin HKU\S-1-5-21-1987855195-3959450341-489905678-1000: @tools.google.com/Google Update;version=9 -> C:\Users\michel crouzet\AppData\Local\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2016-12-17] (Google Inc.)
FF Plugin HKU\S-1-5-21-1987855195-3959450341-489905678-1000: SkypePlugin -> C:\Users\michel crouzet\AppData\Local\SkypePlugin\7.9.0.59\npGatewayNpapi.dll [2015-11-06] (Skype Technologies S.A.)
FF Plugin HKU\S-1-5-21-1987855195-3959450341-489905678-1000: SkypePlugin64 -> C:\Users\michel crouzet\AppData\Local\SkypePlugin\7.9.0.59\npGatewayNpapi-x64.dll [2015-11-06] (Skype Technologies S.A.)

Chrome:
=======
CHR DefaultProfile: Default
CHR HomePage: Default -> hxxp://search.conduit.com/?ctid=CT3323737&octid=EB_ORIGINAL_CTID&SearchSource=55&CUI=&UM=4&UP=SPD7A3B12C-0C87-4064-9536-FE7B5B08D80C&SSPV=
CHR Plugin: (Widevine Content Decryption Module) - C:\Users\michel crouzet\AppData\Local\Google\Chrome\User Data\WidevineCDM\1.4.8.866\_platform_specific\win_x86\widevinecdmadapter.dll => Pas de fichier
CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\56.0.2924.87\PepperFlash\pepflashplayer.dll => Pas de fichier
CHR Profile: C:\Users\michel crouzet\AppData\Local\Google\Chrome\User Data\Default [2017-03-01]
CHR Extension: (YouTube) - C:\Users\michel crouzet\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-10-06]
CHR Extension: (Norton Security Toolbar) - C:\Users\michel crouzet\AppData\Local\Google\Chrome\User Data\Default\Extensions\cjabmdjcfcfdmffimndhafhblfmpjdpe [2017-02-09]
CHR Extension: (Recherche Google) - C:\Users\michel crouzet\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-11-20]
CHR Extension: (Norton Home Page for Chrome) - C:\Users\michel crouzet\AppData\Local\Google\Chrome\User Data\Default\Extensions\ejbdobdndcjhdmljipngpeoekdinlohe [2016-06-16]
CHR Extension: (Norton Identity Safe) - C:\Users\michel crouzet\AppData\Local\Google\Chrome\User Data\Default\Extensions\iikflkcanblccfahdhdonehdalibjnif [2014-09-02]
CHR Extension: (Skype) - C:\Users\michel crouzet\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2017-02-26]
CHR Extension: (Paiements via le Chrome Web Store) - C:\Users\michel crouzet\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-01-19]
CHR Extension: (Gmail) - C:\Users\michel crouzet\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-04-17]
CHR Extension: (Chrome Media Router) - C:\Users\michel crouzet\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-02-04]
CHR Profile: C:\Users\michel crouzet\AppData\Local\Google\Chrome\User Data\Guest Profile [2017-02-09]
CHR Profile: C:\Users\michel crouzet\AppData\Local\Google\Chrome\User Data\System Profile [2017-02-09]
CHR HKLM\...\Chrome\Extension: [cjabmdjcfcfdmffimndhafhblfmpjdpe] - C:\Program Files (x86)\Norton Internet Security\Engine\22.9.0.71\Exts\Chrome.crx [2017-02-26]
CHR HKLM\...\Chrome\Extension: [iikflkcanblccfahdhdonehdalibjnif] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [cjabmdjcfcfdmffimndhafhblfmpjdpe] - C:\Program Files (x86)\Norton Internet Security\Engine\22.9.0.71\Exts\Chrome.crx [2017-02-26]
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [iikflkcanblccfahdhdonehdalibjnif] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - hxxps://clients2.google.com/service/update2/crx

==================== Services (Avec liste blanche) ====================

(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)

S2 dbupdate; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2016-11-08] (Dropbox, Inc.)
S3 dbupdatem; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2016-11-08] (Dropbox, Inc.)
R2 DbxSvc; C:\WINDOWS\system32\DbxSvc.exe [46408 2017-02-09] (Dropbox, Inc.)
S2 Garmin Device Interaction Service; C:\Program Files (x86)\Garmin\Device Interaction Service\GarminService.exe [1039376 2017-01-16] (Garmin Ltd. or its subsidiaries)
R2 HPSupportSolutionsFrameworkService; C:\Program Files (x86)\Hp\Common\HPSupportSolutionsFrameworkService.exe [46904 2013-12-17] (Hewlett-Packard Company)
R2 NIS; C:\Program Files (x86)\Norton Internet Security\Engine\22.9.0.71\NIS.exe [326160 2017-02-21] (Symantec Corporation)
R2 NOBU; C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe [2804568 2010-06-02] (Symantec Corporation)
R2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [294616 2015-05-22] (Realtek Semiconductor)
S2 TuneUp.UtilitiesSvc; C:\Program Files (x86)\TuneUp Utilities 2014\TuneUpUtilitiesService64.exe [2100024 2013-08-30] (TuneUp Software)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [347328 2016-07-16] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [103720 2016-07-16] (Microsoft Corporation)

===================== Pilotes (Avec liste blanche) ======================

(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)

R1 BHDrvx64; C:\Program Files (x86)\Norton Internet Security\NortonData\22.5.0.124\Definitions\BASHDefs\20170228.007\BHDrvx64.sys [1831072 2017-02-23] (Symantec Corporation)
R1 ccSet_NIS; C:\WINDOWS\system32\drivers\NISx64\1609000.047\ccSetx64.sys [174240 2017-02-20] (Symantec Corporation)
R1 eeCtrl; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [497312 2017-01-26] (Symantec Corporation)
R3 EraserUtilRebootDrv; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [156824 2017-01-26] (Symantec Corporation)
R1 IDSVia64; C:\Program Files (x86)\Norton Internet Security\NortonData\22.5.0.124\Definitions\IPSDefs\20170225.001\IDSvia64.sys [1038024 2017-02-25] (Symantec Corporation)
S3 NetAdapterCx; C:\WINDOWS\System32\drivers\NetAdapterCx.sys [90624 2016-07-16] ()
R3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [896752 2015-09-03] (Realtek )
R3 SRTSP; C:\WINDOWS\System32\Drivers\NISx64\1609000.047\SRTSP64.SYS [760992 2017-02-20] (Symantec Corporation)
R1 SRTSPX; C:\WINDOWS\system32\drivers\NISx64\1609000.047\SRTSPX64.SYS [49312 2017-02-20] (Symantec Corporation)
R0 SymEFASI; C:\WINDOWS\System32\drivers\NISx64\1609000.047\SYMEFASI64.SYS [1716896 2017-02-20] (Symantec Corporation)
S4 SymELAM; C:\WINDOWS\system32\drivers\NISx64\1609000.047\SymELAM.sys [24616 2017-02-20] (Symantec Corporation)
R3 SymEvent; C:\Windows\system32\Drivers\SYMEVENT64x86.SYS [102608 2017-02-26] (Symantec Corporation)
R1 SymIRON; C:\WINDOWS\system32\drivers\NISx64\1609000.047\Ironx64.SYS [291480 2017-02-20] (Symantec Corporation)
R1 SymNetS; C:\WINDOWS\System32\Drivers\NISx64\1609000.047\SYMNETS.SYS [567512 2017-02-20] (Symantec Corporation)
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [44056 2016-07-16] (Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [290144 2016-07-16] (Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [123232 2016-07-16] (Microsoft Corporation)
U3 aspnet_state; pas de ImagePath
S3 dbx; system32\DRIVERS\dbx.sys [X]
S3 TuneUpUtilitiesDrv; \??\C:\Program Files (x86)\TuneUp Utilities 2014\TuneUpUtilitiesDriver64.sys [X]

==================== NetSvcs (Avec liste blanche) ===================

(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)


==================== Un mois - Créés - fichiers et dossiers ========

(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)

2017-03-01 09:40 - 2017-03-01 09:41 - 00000000 ____D C:\FRST
2017-02-28 16:23 - 2017-02-28 16:23 - 00000000 ____D C:\Users\michel crouzet\Documents\100NIKON
2017-02-28 15:04 - 2017-02-28 15:04 - 00000000 ____D C:\Users\michel crouzet\AppData\Local\PDFCreator
2017-02-28 15:04 - 2017-02-28 15:04 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PDFCreator
2017-02-28 12:40 - 2017-02-28 12:40 - 00000000 ____D C:\Program Files\NortonInstaller
2017-02-28 09:45 - 2017-02-28 09:45 - 00000000 ____D C:\Users\michel crouzet\AppData\Local\{456B5D82-39E0-4E52-A533-70FDDE1C03BA}
2017-02-28 09:40 - 2017-02-28 16:20 - 00000000 ____D C:\Users\michel crouzet\Documents\agay 2017 original
2017-02-28 09:36 - 2017-02-28 16:20 - 00000000 ____D C:\Users\michel crouzet\Documents\AGAY FEV 2017
2017-02-28 09:26 - 2017-02-28 09:26 - 00000000 ____D C:\Users\michel crouzet\AppData\Local\{4607BA22-C89F-4C47-9450-A59753C343F6}
2017-02-28 09:04 - 2017-02-28 09:04 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox
2017-02-26 19:01 - 2017-02-28 15:11 - 00000000 ____D C:\WINDOWS\System32\Tasks\Norton Internet Security
2017-02-26 18:55 - 2017-02-26 18:55 - 00003404 _____ C:\WINDOWS\System32\Tasks\Norton WSC Integration
2017-02-21 19:49 - 2017-02-21 19:49 - 00046184 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-dev.sys
2017-02-21 19:49 - 2017-02-21 19:49 - 00046184 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-canary.sys
2017-02-10 10:23 - 2017-02-10 10:30 - 00000000 ____D C:\Users\michel crouzet\AppData\Roaming\ZHP
2017-02-09 09:33 - 2017-02-09 09:33 - 00046408 _____ (Dropbox, Inc.) C:\WINDOWS\system32\DbxSvc.exe
2017-02-09 09:33 - 2017-02-09 09:33 - 00046184 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-stable.sys
2017-02-08 11:47 - 2017-02-08 11:47 - 00370319 _____ C:\Users\michel crouzet\Documents\carte grise 308 CD 076 SJ.pdf
2017-02-08 11:36 - 2017-02-08 11:36 - 00000000 ____D C:\Users\michel crouzet\AppData\Local\{FEB77338-2EA5-44F7-966D-FAB14CC4F3F1}
2017-02-06 11:58 - 2017-02-06 11:58 - 00519463 _____ C:\Users\michel crouzet\Documents\Zoreilles069.pdf
2017-02-01 23:53 - 2017-02-01 23:53 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Earth
2017-01-30 14:16 - 2017-01-30 14:16 - 32681704 ____N (Symantec Corporation) C:\Users\michel crouzet\Downloads\NortonIdentitySafe-v1(3).exe
2017-01-30 14:07 - 2017-01-30 14:07 - 32681704 ____N (Symantec Corporation) C:\Users\michel crouzet\Downloads\NortonIdentitySafe-v1(2).exe
2017-01-30 13:56 - 2017-01-30 13:56 - 01284672 _____ (Symantec Corporation) C:\Users\michel crouzet\Downloads\AutoDetectPkg.exe
2017-01-30 13:42 - 2017-01-30 13:43 - 32681704 ____N (Symantec Corporation) C:\Users\michel crouzet\Downloads\NortonIdentitySafe-v1(1).exe

==================== Un mois - Modifiés - fichiers et dossiers ========

(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)

2017-03-01 09:33 - 2016-11-19 14:15 - 00000000 ____D C:\Users\michel crouzet\AppData\LocalLow\Mozilla
2017-03-01 09:26 - 2016-11-08 09:09 - 00000000 ___RD C:\Users\michel crouzet\Dropbox
2017-03-01 09:25 - 2016-11-10 09:24 - 00000000 ____D C:\WINDOWS\system32\SleepStudy
2017-02-28 15:11 - 2016-07-16 23:40 - 00797918 _____ C:\WINDOWS\system32\perfh00C.dat
2017-02-28 15:11 - 2016-07-16 23:40 - 00173602 _____ C:\WINDOWS\system32\perfc00C.dat
2017-02-28 15:11 - 2015-11-19 19:22 - 02046956 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2017-02-28 15:06 - 2016-11-10 12:33 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2017-02-28 15:05 - 2016-11-22 09:07 - 00000000 ____D C:\Program Files\PDFCreator
2017-02-28 15:05 - 2016-07-16 07:04 - 00786432 _____ C:\WINDOWS\system32\config\BBI
2017-02-28 13:24 - 2016-11-10 13:01 - 00004190 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{62A909A4-F408-4486-989B-23A98AEC85D8}
2017-02-28 09:04 - 2016-11-08 09:07 - 00000000 ____D C:\Program Files (x86)\Dropbox
2017-02-28 08:58 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\AppReadiness
2017-02-27 18:40 - 2012-05-21 12:29 - 00000000 ____D C:\Users\michel crouzet\AppData\Local\CrashDumps
2017-02-27 18:40 - 2012-05-09 16:38 - 00000000 ____D C:\Users\michel crouzet\AppData\Roaming\SoftGrid Client
2017-02-27 12:59 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\LiveKernelReports
2017-02-27 09:10 - 2016-07-16 12:36 - 00000000 ____D C:\WINDOWS\CbsTemp
2017-02-27 09:09 - 2013-08-15 17:58 - 00000000 ____D C:\WINDOWS\system32\MRT
2017-02-27 09:06 - 2012-05-21 11:20 - 138020592 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2017-02-27 08:42 - 2015-06-13 07:56 - 00000000 ____D C:\Program Files\Common Files\AV
2017-02-26 18:56 - 2016-07-16 07:04 - 00032768 _____ C:\WINDOWS\system32\config\ELAM
2017-02-26 18:55 - 2015-07-02 10:41 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Norton Internet Security
2017-02-26 18:55 - 2012-02-19 01:28 - 00000000 ____D C:\WINDOWS\system32\Drivers\NISx64
2017-02-26 18:55 - 2012-02-19 01:28 - 00000000 ____D C:\Program Files (x86)\Norton Internet Security
2017-02-26 18:35 - 2016-07-16 12:47 - 00000000 ___HD C:\Program Files\WindowsApps
2017-02-26 18:30 - 2015-11-06 10:07 - 00002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2017-02-26 18:21 - 2012-02-19 01:28 - 00102608 _____ (Symantec Corporation) C:\WINDOWS\system32\Drivers\SYMEVENT64x86.SYS
2017-02-26 18:21 - 2012-02-19 01:28 - 00008298 _____ C:\WINDOWS\system32\Drivers\SYMEVENT64x86.CAT
2017-02-10 11:04 - 2016-11-27 18:51 - 00000000 ____D C:\Users\michel crouzet\AppData\Local\FromDocToPDFTooltab
2017-02-10 11:04 - 2015-08-08 17:29 - 00000000 ____D C:\Users\michel crouzet\AppData\Roaming\ParetoLogic
2017-02-10 10:44 - 2015-02-13 12:07 - 00192216 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2017-02-10 10:31 - 2016-11-22 09:12 - 00000000 ____D C:\Users\michel crouzet\AppData\Roaming\Lavasoft
2017-02-10 10:31 - 2016-11-22 09:12 - 00000000 ____D C:\Program Files (x86)\Lavasoft
2017-02-08 07:31 - 2012-05-12 16:09 - 00000000 ____D C:\Users\michel crouzet\AppData\Local\Google
2017-02-08 07:21 - 2014-03-22 10:32 - 00000000 ____D C:\Users\michel crouzet\AppData\LocalLow\Adblock Plus for IE
2017-02-07 15:50 - 2016-12-18 16:49 - 00000000 ____D C:\Users\michel crouzet\Documents\ZIG ZAG Rando 57
2017-02-06 20:48 - 2016-07-16 12:49 - 00835576 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2017-02-06 20:48 - 2016-07-16 12:49 - 00177656 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2017-02-03 10:04 - 2012-12-15 14:32 - 00000000 ____D C:\Users\michel crouzet\AppData\Roaming\Garmin
2017-02-03 09:27 - 2015-04-18 17:00 - 00002272 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2017-02-02 00:01 - 2016-11-10 09:29 - 00000000 ____D C:\Users\michel crouzet
2017-02-01 16:39 - 2017-01-28 09:28 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2017-02-01 11:28 - 2012-02-19 01:28 - 00000000 ____D C:\Program Files (x86)\NortonInstaller
2017-01-31 14:18 - 2016-10-28 12:38 - 00000000 ____D C:\Users\michel crouzet\Documents\blagues internet
2017-01-30 13:57 - 2012-02-19 01:28 - 00000000 ____D C:\ProgramData\Norton

==================== Fichiers à la racine de certains dossiers =======

2017-01-30 14:54 - 2017-01-30 15:03 - 22803992 _____ (LastPass) C:\Program Files (x86)\Common Files\lpuninstall.exe
2014-11-12 18:01 - 2015-03-28 19:05 - 0000000 _____ () C:\Users\michel crouzet\AppData\Roaming\Displays
2014-05-23 19:05 - 2014-05-23 19:05 - 0000036 _____ () C:\Users\michel crouzet\AppData\Roaming\DOK52P4Q3J.dat
2014-02-26 15:05 - 2014-03-30 23:34 - 0000120 _____ () C:\Users\michel crouzet\AppData\Roaming\WB.CFG
2012-05-29 21:09 - 2012-05-29 21:09 - 0004096 ____H () C:\Users\michel crouzet\AppData\Local\keyfile3.drm
2014-03-11 18:28 - 2014-06-15 15:11 - 0000173 _____ () C:\Users\michel crouzet\AppData\Local\msmathematics.qat.michel crouzet
2014-07-27 17:19 - 2014-07-27 17:19 - 0003513 _____ () C:\Users\michel crouzet\AppData\Local\recently-used.xbel
2015-02-11 15:14 - 2015-02-11 15:45 - 0007664 _____ () C:\Users\michel crouzet\AppData\Local\Resmon.ResmonCfg
2013-04-12 12:24 - 2013-04-12 12:24 - 0000057 _____ () C:\ProgramData\Ament.ini
2015-03-28 19:05 - 2015-03-28 19:05 - 0000000 _____ () C:\ProgramData\CustomDataViews
2015-03-28 19:05 - 2015-03-28 19:05 - 0000000 _____ () C:\ProgramData\DirectoryService
2014-11-12 18:02 - 2015-03-28 19:06 - 0000000 ____H () C:\ProgramData\PKP_DLes.DAT
2014-11-12 18:01 - 2015-03-28 19:05 - 0000000 ____H () C:\ProgramData\PKP_DLet.DAT
2014-11-12 18:01 - 2015-03-28 19:05 - 0000000 ____H () C:\ProgramData\PKP_DLev.DAT

==================== Bamital & volsnap ======================

(Il n'y a pas de correction automatique pour les fichiers qui ne satisfont pas à la vérification.)

C:\WINDOWS\system32\winlogon.exe => Le fichier est signé numériquement
C:\WINDOWS\system32\wininit.exe => Le fichier est signé numériquement
C:\WINDOWS\explorer.exe => Le fichier est signé numériquement
C:\WINDOWS\SysWOW64\explorer.exe => Le fichier est signé numériquement
C:\WINDOWS\system32\svchost.exe => Le fichier est signé numériquement
C:\WINDOWS\SysWOW64\svchost.exe => Le fichier est signé numériquement
C:\WINDOWS\system32\services.exe => Le fichier est signé numériquement
C:\WINDOWS\system32\User32.dll => Le fichier est signé numériquement
C:\WINDOWS\SysWOW64\User32.dll => Le fichier est signé numériquement
C:\WINDOWS\system32\userinit.exe => Le fichier est signé numériquement
C:\WINDOWS\SysWOW64\userinit.exe => Le fichier est signé numériquement
C:\WINDOWS\system32\rpcss.dll => Le fichier est signé numériquement
C:\WINDOWS\system32\dnsapi.dll => Le fichier est signé numériquement
C:\WINDOWS\SysWOW64\dnsapi.dll => Le fichier est signé numériquement
C:\WINDOWS\system32\Drivers\volsnap.sys => Le fichier est signé numériquement

LastRegBack: 2017-02-27 09:03

==================== Fin de FRST.txt ============================