Résultats d'analyse de Farbar Recovery Scan Tool (FRST) (x64) Version: 24.10.2018
Exécuté par Sophie (administrateur) sur SOPHIE-PC (02-11-2018 07:26:18)
Exécuté depuis C:\Users\Sophie\Desktop
Profils chargés: Sophie (Profils disponibles: Sophie & Classic .NET AppPool & DefaultAppPool)
Platform: Windows 7 Home Premium Service Pack 1 (X64) Langue: Français (France)
Internet Explorer Version 11 (Navigateur par défaut: Chrome)
Mode d'amorçage: Normal
Tutoriel pour Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processus (Avec liste blanche) =================

(Si un élément est inclus dans le fichier fixlist.txt, le processus sera arrêté. Le fichier ne sera pas déplacé.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
(IDT, Inc.) C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_5ea32181aefd3364\stacsv64.exe
(Hewlett-Packard) C:\Windows\System32\hpservice.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(AVAST Software) C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\sttray64.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Andrea Electronics Corporation) C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_5ea32181aefd3364\AESTSr64.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Microsoft Corporation) C:\Windows\System32\StikyNot.exe
(Hewlett-Packard) C:\Program Files (x86)\Hp\HP Software Update\hpwuschd2.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(SEIKO EPSON CORPORATION) C:\ProgramData\EPSON\EPW!3 SSRP\E_S30RP1.EXE
(Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
(Freemake) C:\ProgramData\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe
(CyberLink) C:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMLSvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
(Microsoft Corporation) C:\Windows\System32\inetsrv\inetinfo.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Common Files\microsoft shared\VS7DEBUG\mdm.exe
(Microsoft Corporation) C:\Program Files\IIS\Microsoft Web Deploy\MsDepSvc.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\sqlservr.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
() C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
(Microsoft Corporation) C:\Program Files\IIS\Microsoft Web Farm Framework\WebFarmService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corporation) C:\Windows\System32\inetsrv\WMSvc.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(AVAST Software) C:\Program Files\Alwil Software\Avast5\x64\aswidsagenta.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\NisSrv.exe
(AVAST Software) C:\Program Files\Alwil Software\Avast5\AvastUI.exe
(HP Inc.) C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.17\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.17\GoogleCrashHandler64.exe

==================== Registre (Avec liste blanche) ===========================

(Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé. Le fichier ne sera pas déplacé.)

HKLM\...\Run: [SysTrayApp] => C:\Program Files\IDT\WDM\sttray64.exe [487424 2014-02-28] (IDT, Inc.)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2585744 2016-01-29] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\Alwil Software\Avast5\AvLaunch.exe [242392 2018-11-01] (AVAST Software)
HKLM\...\Run: [MSC] => c:\Program Files\Microsoft Security Client\msseces.exe [1353680 2016-11-14] (Microsoft Corporation)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [301880 2018-10-22] (Apple Inc.)
HKLM-x32\...\Run: [Magic Desktop for HP notification] => C:\ProgramData\Easybits Magic Desktop for HP\mdhpSUN.exe [1259024 2014-11-05] (Easybits)
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [96056 2013-05-30] (Hewlett-Packard)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [601424 2018-10-06] (Oracle Corporation)
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKU\S-1-5-21-1980402465-4161764194-531160111-1001\...\Run: [Google Update] => C:\Users\Sophie\AppData\Local\Google\Update\1.3.33.17\GoogleUpdateCore.exe [601680 2018-05-21] (Google Inc.)
HKU\S-1-5-21-1980402465-4161764194-531160111-1001\...\Run: [RESTART_STICKY_NOTES] => C:\Windows\System32\StikyNot.exe [427520 2009-07-14] (Microsoft Corporation)
HKU\S-1-5-21-1980402465-4161764194-531160111-1001\...\Run: [iCloudServices] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe [67384 2018-10-22] (Apple Inc.)
HKU\S-1-5-21-1980402465-4161764194-531160111-1001\...\Policies\system: [WallpaperStyle] 2
HKU\S-1-5-21-1980402465-4161764194-531160111-1001\...\Policies\system: [DisableLockWorkstation] 0
HKU\S-1-5-21-1980402465-4161764194-531160111-1001\...\Policies\system: [DisableChangePassword] 0
HKU\S-1-5-21-1980402465-4161764194-531160111-1001\...\MountPoints2: {4695399d-4afe-11e0-88b5-de8d3c4d8df3} - E:\AutoRunCardDetector.exe
HKU\S-1-5-21-1980402465-4161764194-531160111-1001\...\MountPoints2: {7e7ac3a1-8597-11e1-9718-9cc180626a98} - E:\Setup.exe
HKU\S-1-5-21-1980402465-4161764194-531160111-1001\...\MountPoints2: {d112796f-9e83-11e0-b1db-d456c4b0d289} - E:\Launcher.exe
HKU\S-1-5-21-1980402465-4161764194-531160111-1001\...\MountPoints2: {f1eb807b-4204-11e3-bb7b-9e71003ef98d} - E:\autorun.exe
HKU\S-1-5-18\...\Policies\system: [WallpaperStyle] 2**
ShellExecuteHooks-x32: EasyBits ShellExecute Hook - {E54729E8-BB3D-4270-9D49-7389EA579090} - C:\Windows\SysWOW64\ezUPBHook.dll [52272 2009-09-08] (EasyBits Software Corp.)

==================== Internet (Avec liste blanche) ====================

(Si un élément est inclus dans le fichier fixlist.txt, s'il s'agit d'un élément du Registre, il sera supprimé ou restauré à la valeur par défaut.)

Hosts: Il y a plus d'un élément dans hosts. Voir la section Hosts de Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{0F39DF2C-A045-42E7-8DFA-1CA2C8A026E7}: [DhcpNameServer] 192.168.10.110
Tcpip\..\Interfaces\{156AE4B1-3767-430C-A374-7518E85DD8FF}: [DhcpNameServer] 172.20.10.1
Tcpip\..\Interfaces\{25643505-9F6E-471D-88E5-2EC30C5B1067}: [NameServer] 77.234.40.79
Tcpip\..\Interfaces\{616E2989-BD6F-424E-A19F-27CDB94D67A4}: [DhcpNameServer] 192.168.10.110
Tcpip\..\Interfaces\{86A61515-F100-4108-9AC3-2F5EF6D618CF}: [DhcpNameServer] 172.20.10.1
Tcpip\..\Interfaces\{BEA79D8C-7BF5-4552-B5BD-5CB204A49B79}: [DhcpNameServer] 192.168.10.110
Tcpip\..\Interfaces\{CFDEF43A-31CA-4473-A136-1A486874E3C2}: [DhcpNameServer] 192.168.10.110
Tcpip\..\Interfaces\{E84C69C7-758D-4939-9CE8-173EBBD9168D}: [DhcpNameServer] 192.168.1.1

Internet Explorer:
==================
HKU\S-1-5-21-1980402465-4161764194-531160111-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.bing.com/search?FORM=INCOH1&PC=IC05&PTAG=ICO-5e1a9385
HKU\S-1-5-21-1980402465-4161764194-531160111-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=fr_FR&c=94&bd=Pavilion&pf=cnnb
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM -> {1E43F789-836A-4084-8806-012753E224F0} URL = hxxp://fr.kelkoopartners.net/ctl/do/search?siteSearchQuery={searchTerms}&fromform=true&x=true&y=true&partner=hp&partnerId=96913932
SearchScopes: HKLM -> {613F1491-148D-428F-B03C-0B1A8B106344} URL = hxxp://fr.search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=cb-hp06&type=ie2008
SearchScopes: HKLM -> {68F8B8E6-7F2D-407C-B63B-61F17B853074} URL = hxxp://slirsredirect.search.aol.com/slirs_http/sredir?sredir=1156&query={searchTerms}&invocationType=tb50hpcnnbie7-fr-fr
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> {1E43F789-836A-4084-8806-012753E224F0} URL = hxxp://fr.kelkoopartners.net/ctl/do/search?siteSearchQuery={searchTerms}&fromform=true&x=true&y=true&partner=hp&partnerId=96913932
SearchScopes: HKLM-x32 -> {613F1491-148D-428F-B03C-0B1A8B106344} URL = hxxp://fr.search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=cb-hp06&type=ie2008
SearchScopes: HKLM-x32 -> {68F8B8E6-7F2D-407C-B63B-61F17B853074} URL = hxxp://slirsredirect.search.aol.com/slirs_http/sredir?sredir=1156&query={searchTerms}&invocationType=tb50hpcnnbie7-fr-fr
SearchScopes: HKU\S-1-5-21-1980402465-4161764194-531160111-1001 -> DefaultScope {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = hxxps://fr.search.yahoo.com/yhs/search?hspart=elm&hsimp=yhs-001&type=hdr_s_16_20_orgnl¶m1=1¶m2=f%3D4%26b%3DIE%26cc%3Dfr%26pa%3DHodor%26cd%3D2XzuyEtN2Y1L1QzutD0CyCtDyByCyDtByB0E0C0Ezzzy0C0EtN0D0Tzu0StCyDzyzztN1L2XzutAtFtBtCtFtCtFtDtN1L1Czu1M1Q1CtBtAtFtCtFtDtN1L1G1B1V1N2Y1L1Qzu2SyCyBtCzytCyCzy0DtGyCtDyDtAtGzyzyzz0BtGyDzztA0FtGyDtB0D0AyE0E0C0Dzz0AyEyC2QtN1M1F1B2Z1V1N2Y1L1Qzu2S0F0DyB0CyDzyzzyBtGzztCzy0FtGyE0ByDtBtG0A0D0E0BtGtDtBzztCzztByE0AtCyD0F0C2QtN0A0LzutB%26cr%3D1528005908%26a%3Dhdr_s_16_20_orgnl%26os_ver%3D6.1%26os%3DWindows%2B7%2BHome%2BPremium&p={searchTerms}
SearchScopes: HKU\S-1-5-21-1980402465-4161764194-531160111-1001 -> {171DEBEB-C3D4-40b7-AC73-056A5EBA4A7E} URL =
SearchScopes: HKU\S-1-5-21-1980402465-4161764194-531160111-1001 -> {1E43F789-836A-4084-8806-012753E224F0} URL = hxxp://fr.kelkoopartners.net/ctl/do/search?siteSearchQuery={searchTerms}&fromform=true&x=true&y=true&partner=hp&partnerId=96913932
SearchScopes: HKU\S-1-5-21-1980402465-4161764194-531160111-1001 -> {613F1491-148D-428F-B03C-0B1A8B106344} URL = hxxp://fr.search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=cb-hp06&type=ie2008
SearchScopes: HKU\S-1-5-21-1980402465-4161764194-531160111-1001 -> {67278022-C06F-4FE3-B359-5E7B14CB4B4C} URL = hxxp://fr.search.yahoo.com/search?fr=chr-greentree_ie&ei=utf-8&ilc=12&type=302398&p={searchTerms}
SearchScopes: HKU\S-1-5-21-1980402465-4161764194-531160111-1001 -> {68F8B8E6-7F2D-407C-B63B-61F17B853074} URL = hxxp://slirsredirect.search.aol.com/slirs_http/sredir?sredir=1156&query={searchTerms}&invocationType=tb50hpcnnbie7-fr-fr
SearchScopes: HKU\S-1-5-21-1980402465-4161764194-531160111-1001 -> {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = hxxps://fr.search.yahoo.com/yhs/search?hspart=elm&hsimp=yhs-001&type=hdr_s_16_20_orgnl¶m1=1¶m2=f%3D4%26b%3DIE%26cc%3Dfr%26pa%3DHodor%26cd%3D2XzuyEtN2Y1L1QzutD0CyCtDyByCyDtByB0E0C0Ezzzy0C0EtN0D0Tzu0StCyDzyzztN1L2XzutAtFtBtCtFtCtFtDtN1L1Czu1M1Q1CtBtAtFtCtFtDtN1L1G1B1V1N2Y1L1Qzu2SyCyBtCzytCyCzy0DtGyCtDyDtAtGzyzyzz0BtGyDzztA0FtGyDtB0D0AyE0E0C0Dzz0AyEyC2QtN1M1F1B2Z1V1N2Y1L1Qzu2S0F0DyB0CyDzyzzyBtGzztCzy0FtGyE0ByDtBtG0A0D0E0BtGtDtBzztCzztByE0AtCyD0F0C2QtN0A0LzutB%26cr%3D1528005908%26a%3Dhdr_s_16_20_orgnl%26os_ver%3D6.1%26os%3DWindows%2B7%2BHome%2BPremium&p={searchTerms}
SearchScopes: HKU\S-1-5-21-1980402465-4161764194-531160111-1001 -> {AD2D3305-D082-423B-8B56-217FAEC4C0B1} URL = hxxp://start.funmoods.com/results.php?f=4&a=make&q={searchTerms}
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21] (Microsoft Corp.)
BHO: Google Toolbar Notifier BHO -> {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} -> C:\Program Files\Google\GoogleToolbarNotifier\5.6.5612.1312\swg64.dll [2010-09-14] (Google Inc.)
BHO: Pas de nom -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> Pas de fichier
BHO: Pas de nom -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> Pas de fichier
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_191\bin\ssv.dll [2018-11-01] (Oracle Corporation)
BHO-x32: Programme d'aide de l'Assistant de connexion Windows Live ID -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21] (Microsoft Corp.)
BHO-x32: Google Toolbar Notifier BHO -> {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} -> C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.6.5612.1312\swg.dll [2010-09-14] (Google Inc.)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_191\bin\jp2ssv.dll [2018-11-01] (Oracle Corporation)
BHO-x32: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll [2016-07-21] (HP Inc.)
Toolbar: HKLM - avast! Online Security - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - Pas de fichier
Toolbar: HKLM - Pas de nom - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - Pas de fichier
Toolbar: HKU\S-1-5-21-1980402465-4161764194-531160111-1001 -> Pas de nom - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - Pas de fichier
Toolbar: HKU\S-1-5-21-1980402465-4161764194-531160111-1001 -> Pas de nom - {D4027C7F-154A-4066-A1AD-4243D8127440} - Pas de fichier
DPF: HKLM-x32 {0742B9EF-8C83-41CA-BFBA-830A59E23533} hxxps://oas.support.microsoft.com/ActiveX/MSDcode.cab
DPF: HKLM-x32 {4871A87A-BFDD-4106-8153-FFDE2BAC2967} hxxp://dlm.tools.akamai.com/dlmanager/versions/activex/dlm-activex-2.2.5.0.cab
DPF: HKLM-x32 {9FFA5747-4FDB-4221-A61E-4CAC0E5095A5} hxxp://ibiza.gmba.fr/2015.06.1/dlls/iBiZaCL.dll
DPF: HKLM-x32 {E2883E8F-472F-4FB0-9522-AC9BF37916A7} hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
Handler-x32: http - {E1D2BF42-A96B-11D1-9C6B-0000F875AC61} - C:\PROGRA~2\COMMON~1\System\OLEDB~1\MSDAIPP.DLL [1999-02-03] (Microsoft Corporation)
Handler-x32: http - {E1D2BF40-A96B-11D1-9C6B-0000F875AC61} - C:\PROGRA~2\COMMON~1\System\OLEDB~1\MSDAIPP.DLL [1999-02-03] (Microsoft Corporation)
Handler-x32: https - {E1D2BF42-A96B-11D1-9C6B-0000F875AC61} - C:\PROGRA~2\COMMON~1\System\OLEDB~1\MSDAIPP.DLL [1999-02-03] (Microsoft Corporation)
Handler-x32: https - {E1D2BF40-A96B-11D1-9C6B-0000F875AC61} - C:\PROGRA~2\COMMON~1\System\OLEDB~1\MSDAIPP.DLL [1999-02-03] (Microsoft Corporation)
Handler-x32: ipp - {E1D2BF42-A96B-11D1-9C6B-0000F875AC61} - C:\PROGRA~2\COMMON~1\System\OLEDB~1\MSDAIPP.DLL [1999-02-03] (Microsoft Corporation)
Handler-x32: msdaipp - {E1D2BF42-A96B-11D1-9C6B-0000F875AC61} - C:\PROGRA~2\COMMON~1\System\OLEDB~1\MSDAIPP.DLL [1999-02-03] (Microsoft Corporation)
Handler-x32: msdaipp - {E1D2BF40-A96B-11D1-9C6B-0000F875AC61} - C:\PROGRA~2\COMMON~1\System\OLEDB~1\MSDAIPP.DLL [1999-02-03] (Microsoft Corporation)

FireFox:
========
FF ProfilePath: C:\Users\Sophie\AppData\Roaming\Mozilla\Firefox\Profiles\pjprr2k7.default [2018-05-01]
FF Homepage: Mozilla\Firefox\Profiles\pjprr2k7.default -> hxxps://fr.search.yahoo.com/yhs/web?hspart=elm&hsimp=yhs-001&type=hdr_s_16_20_orgnl¶m1=1¶m2=f%3D1%26b%3DFirefox%26cc%3Dfr%26pa%3DHodor%26cd%3D2XzuyEtN2Y1L1QzutD0CyCtDyByCyDtByB0E0C0Ezzzy0C0EtN0D0Tzu0StCyDzyzztN1L2XzutAtFtBtCtFtCtFtDtN1L1Czu1M1Q1CtBtAtFtCtFtDtN1L1G1B1V1N2Y1L1Qzu2SyCyBtCzytCyCzy0DtGyCtDyDtAtGzyzyzz0BtGyDzztA0FtGyDtB0D0AyE0E0C0Dzz0AyEyC2QtN1M1F1B2Z1V1N2Y1L1Qzu2S0F0DyB0CyDzyzzyBtGzztCzy0FtGyE0ByDtBtG0A0D0E0BtGtDtBzztCzztByE0AtCyD0F0C2QtN0A0LzutB%26cr%3D1528005908%26a%3Dhdr_s_16_20_orgnl%26os_ver%3D6.1%26os%3DWindows%2B7%2BHome%2BPremium
FF NewTab: Mozilla\Firefox\Profiles\pjprr2k7.default -> about:newtab
FF SearchPlugin: C:\Users\Sophie\AppData\Roaming\Mozilla\Firefox\Profiles\pjprr2k7.default\searchplugins\funmoods.xml [2012-03-23]
FF SearchPlugin: C:\Users\Sophie\AppData\Roaming\Mozilla\Firefox\Profiles\pjprr2k7.default\searchplugins\google-avast.xml [2015-07-15]
FF SearchPlugin: C:\Users\Sophie\AppData\Roaming\Mozilla\Firefox\Profiles\pjprr2k7.default\searchplugins\Search Provided by Yahoo.xml [2016-05-17]
FF ProfilePath: C:\Users\Sophie\AppData\Roaming\kompozer.net\KompoZer\Profiles\ocd4o4wj.default [2011-08-10]
FF HKLM-x32\...\Firefox\Extensions: [fmconverter@gmail.com] - C:\Program Files (x86)\Freemake\Freemake Video Converter\BrowserPlugin\Firefox
FF Extension: (Freemake Video Converter Plugin) - C:\Program Files (x86)\Freemake\Freemake Video Converter\BrowserPlugin\Firefox [2012-03-23] [Legacy] [non signé]
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_31_0_0_122.dll [2018-11-01] ()
FF Plugin: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\npPDFXCviewNPPlugin.dll [2014-07-28] (Tracker Software Products (Canada) Ltd.)
FF Plugin: @microsoft.com/GENUINE -> disabled [Pas de fichier]
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-13] ( Microsoft Corporation)
FF Plugin: @microsoft.com/wpi,version=1.4 -> C:\Program Files\Microsoft\Web Platform Installer\\npwpidetector.dll [2011-04-01] (Microsoft Corp)
FF Plugin: @tracker-software.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\npPDFXCviewNPPlugin.dll [2014-07-28] (Tracker Software Products (Canada) Ltd.)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_31_0_0_122.dll [2018-11-01] ()
FF Plugin-x32: @canon.com/EPPEX -> C:\Program Files\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL [2010-02-05] (CANON INC.)
FF Plugin-x32: @divx.com/DivX Browser Plugin,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX Web Player\npdivx32.dll [2009-09-25] (DivX,Inc.)
FF Plugin-x32: @divx.com/DivX Player Plugin,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX Player\npDivxPlayerPlugin.dll [2009-09-25] (DivX, Inc)
FF Plugin-x32: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll [2014-07-28] (Tracker Software Products (Canada) Ltd.)
FF Plugin-x32: @java.com/DTPlugin,version=11.191.2 -> C:\Program Files (x86)\Java\jre1.8.0_191\bin\dtplugin\npDeployJava1.dll [2018-11-01] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.191.2 -> C:\Program Files (x86)\Java\jre1.8.0_191\bin\plugin2\npjp2.dll [2018-11-01] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [Pas de fichier]
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-13] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeLive,version=1.5 -> C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll [2010-04-26] (Microsoft Corp.)
FF Plugin-x32: @microsoft.com/wpi,version=1.4 -> C:\Program Files\Microsoft\Web Platform Installer\\npwpidetector.dll [2011-04-01] (Microsoft Corp)
FF Plugin-x32: @pack.google.com/Google Updater;version=14 -> C:\Program Files (x86)\Google\Google Updater\2.4.2432.1652\npCIDetect14.dll [2011-09-29] (Google)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.17\npGoogleUpdate3.dll [2018-11-02] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.17\npGoogleUpdate3.dll [2018-11-02] (Google Inc.)
FF Plugin-x32: @tracker-software.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll [2014-07-28] (Tracker Software Products (Canada) Ltd.)
FF Plugin-x32: @videolan.org/vlc,version=2.0.7 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2018-05-29] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2018-05-29] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.2 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2018-05-29] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2018-05-29] (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2018-08-02] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-1980402465-4161764194-531160111-1001: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll [2014-07-28] (Tracker Software Products (Canada) Ltd.)
FF Plugin HKU\S-1-5-21-1980402465-4161764194-531160111-1001: @tools.google.com/Google Update;version=3 -> C:\Users\Sophie\AppData\Local\Google\Update\1.3.33.17\npGoogleUpdate3.dll [2018-05-21] (Google Inc.)
FF Plugin HKU\S-1-5-21-1980402465-4161764194-531160111-1001: @tools.google.com/Google Update;version=9 -> C:\Users\Sophie\AppData\Local\Google\Update\1.3.33.17\npGoogleUpdate3.dll [2018-05-21] (Google Inc.)

Chrome:
=======
CHR DefaultProfile: Default
CHR HomePage: Default -> hxxps://www.google.fr/
CHR StartupUrls: Default -> "hxxp://www.google.fr/","hxxp://www.searchword.news/homepage/8080/1239/00340/90/France/FR/06147518/569E0BC8-D490-51BD-8FD5-491EC5ADB90A"
CHR NewTab: Default -> Not-active:"chrome-extension://ehlceeijggpdgfcefmipcmdelickjgfg/ntab.html"
CHR Profile: C:\Users\Sophie\AppData\Local\Google\Chrome\User Data\Default [2018-11-02]
CHR Extension: (YouTube) - C:\Users\Sophie\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-10-20]
CHR Extension: (appear.in screen sharing) - C:\Users\Sophie\AppData\Local\Google\Chrome\User Data\Default\Extensions\bodncoafpihbhpfljcaofnebjkaiaiga [2018-04-16]
CHR Extension: (Recherche Google) - C:\Users\Sophie\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-11-08]
CHR Extension: (Adobe Acrobat) - C:\Users\Sophie\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2017-04-25]
CHR Extension: (Hermes Tab) - C:\Users\Sophie\AppData\Local\Google\Chrome\User Data\Default\Extensions\ehlceeijggpdgfcefmipcmdelickjgfg [2017-12-10]
CHR Extension: (Freemake Video Converter) - C:\Users\Sophie\AppData\Local\Google\Chrome\User Data\Default\Extensions\jbolfgndggfhhpbnkgnpjkfhinclbigj [2012-03-23]
CHR Extension: (HP Network Check Launcher) - C:\Users\Sophie\AppData\Local\Google\Chrome\User Data\Default\Extensions\jkfpchpiljkaemlpmpebnglgkomamfeo [2018-11-01]
CHR Extension: (Cisco Webex Extension) - C:\Users\Sophie\AppData\Local\Google\Chrome\User Data\Default\Extensions\jlhmfgmfgeifomenelglieieghnjghma [2018-08-20]
CHR Extension: (Page speed test) - C:\Users\Sophie\AppData\Local\Google\Chrome\User Data\Default\Extensions\lgmnmdkkghdeagbghognjbjijpnckcid [2012-04-14]
CHR Extension: (Paiements via le Chrome Web Store) - C:\Users\Sophie\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-04-27]
CHR Extension: (20-20 3D Viewer for IKEA) - C:\Users\Sophie\AppData\Local\Google\Chrome\User Data\Default\Extensions\pfhldcakmgpmglboaclpfdedehjblalp [2013-04-27]
CHR Extension: (Gmail) - C:\Users\Sophie\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-03-31]
CHR Extension: (Chrome Media Router) - C:\Users\Sophie\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2018-11-02]
CHR Profile: C:\Users\Sophie\AppData\Local\Google\Chrome\User Data\System Profile [2018-04-16]
CHR HKU\S-1-5-21-1980402465-4161764194-531160111-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [ehlceeijggpdgfcefmipcmdelickjgfg] - hxxps://clients2.google.com/service/update2/crx
CHR HKU\S-1-5-21-1980402465-4161764194-531160111-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [kofkpgiaknijknhajbhnghkodiccblkg] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [ehlceeijggpdgfcefmipcmdelickjgfg] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - C:\Program Files\Alwil Software\Avast5\WebRep\Chrome\aswwebrepchrome-sp.crx <non trouvé(e)>
CHR HKLM-x32\...\Chrome\Extension: [fdloijijlkoblmigdofommgnheckmaki] - C:\Program Files (x86)\Funmoods\funmoods\1.5.11.16\funmoodsOEM.crx <non trouvé(e)>
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [jbolfgndggfhhpbnkgnpjkfhinclbigj] - C:\Program Files (x86)\Freemake\Freemake Video Converter\BrowserPlugin\Chrome\Freemake.Plugin.Chrome.crx [2012-03-23]
CHR HKLM-x32\...\Chrome\Extension: [jkfpchpiljkaemlpmpebnglgkomamfeo] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [kofkpgiaknijknhajbhnghkodiccblkg] - hxxps://clients2.google.com/service/update2/crx

==================== Services (Avec liste blanche) ====================

(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)

R2 AESTFilters; C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_5ea32181aefd3364\AESTSr64.exe [89600 2014-02-28] (Andrea Electronics Corporation)
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [85304 2018-10-16] (Apple Inc.)
R3 aswbIDSAgent; C:\Program Files\Alwil Software\Avast5\x64\aswidsagenta.exe [8188768 2018-11-01] (AVAST Software)
R2 avast! Antivirus; C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [325024 2018-11-01] (AVAST Software)
S3 BrYNSvc; C:\Program Files (x86)\Browny02\BrYNSvc.exe [282112 2013-09-25] (Brother Industries, Ltd.) [Fichier non signé]
R2 EPSON_PM_RPCV4_01; C:\ProgramData\EPSON\EPW!3 SSRP\E_S30RP1.EXE [102400 2006-04-18] (SEIKO EPSON CORPORATION)
R2 ezSharedSvc; C:\Windows\SysWOW64\ezsvc7.dll [129584 2009-02-22] (EasyBits Sofware AS) [Fichier non signé]
R2 Freemake Improver; C:\ProgramData\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe [86528 2012-03-22] (Freemake) [Fichier non signé]
R2 ftpsvc; C:\Windows\system32\inetsrv\ftpsvc.dll [350720 2012-06-01] (Microsoft Corporation)
R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1148560 2016-01-29] (NVIDIA Corporation)
R2 HPSupportSolutionsFrameworkService; C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe [332144 2017-11-21] (HP Inc.)
R2 IISADMIN; C:\Windows\system32\inetsrv\inetinfo.exe [15872 2010-11-20] (Microsoft Corporation)
R2 LightScribeService; C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe [73728 2009-06-17] (Hewlett-Packard Company) [Fichier non signé]
R2 MDM; C:\Program Files (x86)\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe [335872 2006-10-26] (Microsoft Corporation) [Fichier non signé]
R2 MsDepSvc; C:\Program Files\IIS\Microsoft Web Deploy\MsDepSvc.exe [67400 2011-04-01] (Microsoft Corporation)
R2 MsMpSvc; c:\Program Files\Microsoft Security Client\MsMpEng.exe [119864 2016-11-14] (Microsoft Corporation)
R2 MSSQL$SQLEXPRESS; c:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\sqlservr.exe [58387104 2014-07-12] (Microsoft Corporation)
R3 NisSrv; c:\Program Files\Microsoft Security Client\NisSrv.exe [361816 2016-11-14] (Microsoft Corporation)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1706128 2016-01-29] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [21833360 2016-01-29] (NVIDIA Corporation)
R2 RichVideo; C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe [247152 2009-01-21] ()
S4 SQLAgent$SQLEXPRESS; c:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\SQLAGENT.EXE [441504 2014-07-12] (Microsoft Corporation)
R2 STacSV; C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_5ea32181aefd3364\STacSV64.exe [240640 2014-02-28] (IDT, Inc.)
R2 WebFarmService; C:\Program Files\IIS\Microsoft Web Farm Framework\WebFarmService.exe [15640 2011-01-20] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
R2 WMSVC; C:\Windows\system32\inetsrv\wmsvc.exe [10752 2009-07-14] (Microsoft Corporation)
S3 AvastVBoxSvc; C:\Program Files\Alwil Software\Avast5\ng\vbox\AvastVBoxSVC.exe [X]

===================== Pilotes (Avec liste blanche) ======================

(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)

R1 aswArPot; C:\Windows\System32\drivers\aswArPot.sys [201408 2018-11-01] (AVAST Software)
R1 aswbidsdriver; C:\Windows\System32\drivers\aswbidsdrivera.sys [230512 2018-11-01] (AVAST Software)
R0 aswbidsh; C:\Windows\System32\drivers\aswbidsha.sys [201928 2018-11-01] (AVAST Software)
R0 aswblog; C:\Windows\System32\drivers\aswbloga.sys [346760 2018-11-01] (AVAST Software)
R0 aswbuniv; C:\Windows\System32\drivers\aswbuniva.sys [59664 2018-11-01] (AVAST Software)
R1 aswHdsKe; C:\Windows\System32\drivers\aswHdsKe.sys [185240 2018-11-01] (AVAST Software)
S3 aswHwid; C:\Windows\System32\drivers\aswHwid.sys [47064 2018-11-01] (AVAST Software)
R1 aswKbd; C:\Windows\System32\drivers\aswKbd.sys [42456 2018-11-01] (AVAST Software)
R2 aswMonFlt; C:\Windows\System32\drivers\aswMonFlt.sys [163376 2018-11-01] (AVAST Software)
R1 aswRdr; C:\Windows\System32\drivers\aswRdr2.sys [111968 2018-11-01] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\drivers\aswRvrt.sys [88112 2018-11-01] (AVAST Software)
R1 aswSnx; C:\Windows\System32\drivers\aswSnx.sys [1028840 2018-11-01] (AVAST Software)
R1 aswSP; C:\Windows\System32\drivers\aswSP.sys [467904 2018-11-01] (AVAST Software)
R2 aswStm; C:\Windows\System32\drivers\aswStm.sys [208640 2018-11-01] (AVAST Software)
S3 aswTap; C:\Windows\System32\DRIVERS\aswTap.sys [44640 2014-07-14] (The OpenVPN Project)
R0 aswVmm; C:\Windows\System32\drivers\aswVmm.sys [381144 2018-11-01] (AVAST Software)
R3 DCamUSBNovatek; C:\Windows\System32\Drivers\nvtcam.sys [2755072 2010-09-07] (Novatek)
S3 ewusbnet; C:\Windows\System32\DRIVERS\ewusbnet.sys [138752 2011-06-23] (Huawei Technologies Co., Ltd.) [Fichier non signé]
S3 ew_hwusbdev; C:\Windows\System32\DRIVERS\ew_hwusbdev.sys [117248 2011-06-23] (Huawei Technologies Co., Ltd.) [Fichier non signé]
S3 ew_usbenumfilter; C:\Windows\System32\DRIVERS\ew_usbenumfilter.sys [13952 2011-06-23] (Huawei Technologies Co., Ltd.) [Fichier non signé]
S3 GTUHSBUS; C:\Windows\System32\DRIVERS\gtuhsbus.sys [88576 2009-07-15] (Option N.V.) [Fichier non signé]
S3 GTUHSNDISIPXP; C:\Windows\System32\DRIVERS\gtuhs51.sys [129536 2009-07-15] (Option N.V.) [Fichier non signé]
S3 GTUHSSER; C:\Windows\System32\DRIVERS\gtuhsser.sys [10496 2009-07-15] (Option N.V.)
S3 hwdatacard; C:\Windows\System32\DRIVERS\ewusbmdm.sys [121600 2011-06-23] (Huawei Technologies Co., Ltd.) [Fichier non signé]
R3 InputFilter_Hid_FlexDef2b; C:\Windows\System32\DRIVERS\InputFilter_FlexDef2b.sys [17920 2010-06-19] (Siliten)
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [295000 2016-08-25] (Microsoft Corporation)
R3 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [135928 2016-08-25] (Microsoft Corporation)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [19600 2016-01-29] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [38032 2016-01-29] (NVIDIA Corporation)
S3 cpuz132; \??\C:\Users\Sophie\AppData\Local\Temp\cpuz132\cpuz132_x64.sys [X] <==== ATTENTION
S3 CrystalSysInfo; \??\C:\Program Files\MediaCoder\SysInfoX64.sys [X]
U4 eabfiltr; pas de ImagePath
S3 EraserUtilDrvI9; \??\C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilDrvI9.sys [X]
U4 VBoxAswDrv; \??\C:\Program Files\Alwil Software\Avast5\ng\vbox\VBoxAswDrv.sys [X]
U3 wampapache64; pas de ImagePath

==================== NetSvcs (Avec liste blanche) ===================

(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)


==================== Un mois - Créés - fichiers et dossiers ========

(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)

2018-11-02 07:26 - 2018-11-02 07:27 - 000033942 _____ C:\Users\Sophie\Desktop\FRST.txt
2018-11-02 07:25 - 2018-11-02 07:26 - 000000000 ____D C:\FRST
2018-11-02 07:18 - 2018-11-02 07:18 - 002414592 _____ (Farbar) C:\Users\Sophie\Desktop\FRST64.exe
2018-11-02 07:01 - 2018-11-02 07:01 - 000003502 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2018-11-02 07:01 - 2018-11-02 07:01 - 000002333 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2018-11-02 07:01 - 2018-11-02 07:01 - 000002292 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2018-11-02 07:00 - 2018-11-02 07:00 - 001130840 _____ (Google Inc.) C:\Users\Sophie\Downloads\ChromeSetup (1).exe
2018-11-02 07:00 - 2018-11-02 07:00 - 000003374 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2018-11-01 19:19 - 2018-11-01 19:19 - 000000000 ____D C:\0f80e1cae4c5c7d7d4fbbe6516399962
2018-11-01 19:15 - 2018-11-01 19:17 - 011840839 _____ C:\Users\Sophie\Downloads\Windows6.1-KB2670838-x64.msu
2018-11-01 19:15 - 2018-11-01 19:16 - 005911327 _____ C:\Users\Sophie\Downloads\Windows6.1-KB2670838-x86.msu
2018-11-01 19:12 - 2018-11-01 19:13 - 000694784 _____ C:\Users\Sophie\Downloads\Updates in Win7 and WS08R2 SP1 (1).xls
2018-11-01 19:10 - 2018-11-01 19:10 - 000694784 _____ C:\Users\Sophie\Downloads\Updates in Win7 and WS08R2 SP1.xls
2018-11-01 17:47 - 2018-11-01 17:47 - 000001746 _____ C:\Users\Public\Desktop\iTunes.lnk
2018-11-01 17:47 - 2018-11-01 17:47 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2018-11-01 17:47 - 2018-11-01 17:47 - 000000000 ____D C:\Program Files\iPod
2018-11-01 17:45 - 2018-11-01 17:47 - 000000000 ____D C:\Program Files\iTunes
2018-11-01 17:36 - 2018-11-01 17:36 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iCloud
2018-11-01 16:47 - 2018-11-01 16:45 - 000378584 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe

==================== Un mois - Modifiés - fichiers et dossiers ========

(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)

2018-11-02 07:22 - 2009-07-14 05:45 - 000026192 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2018-11-02 07:22 - 2009-07-14 05:45 - 000026192 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2018-11-02 07:01 - 2009-11-02 20:26 - 000000000 ____D C:\Program Files (x86)\Google
2018-11-01 22:16 - 2011-08-16 09:40 - 000002421 _____ C:\Users\Sophie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2018-11-01 22:15 - 2011-08-16 09:40 - 000002384 _____ C:\Users\Sophie\Desktop\Google Chrome.lnk
2018-11-01 19:03 - 2018-07-09 10:02 - 000000000 ____D C:\Users\Sophie\AppData\Local\AVAST Software
2018-11-01 19:01 - 2009-09-09 05:29 - 000892940 _____ C:\Windows\system32\perfh00C.dat
2018-11-01 19:01 - 2009-09-09 05:29 - 000205920 _____ C:\Windows\system32\perfc00C.dat
2018-11-01 19:01 - 2009-07-14 06:13 - 002060898 _____ C:\Windows\system32\PerfStringBackup.INI
2018-11-01 19:01 - 2009-07-14 04:20 - 000000000 ____D C:\Windows\inf
2018-11-01 18:55 - 2009-07-14 04:20 - 000000000 ____D C:\Windows\system32\inetsrv
2018-11-01 18:52 - 2009-07-14 06:08 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2018-11-01 17:29 - 2018-04-13 14:34 - 000004638 _____ C:\Windows\System32\Tasks\Adobe Flash Player NPAPI Notifier
2018-11-01 17:29 - 2012-07-21 18:05 - 000004484 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2018-11-01 17:29 - 2012-03-30 08:12 - 000842240 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2018-11-01 17:29 - 2011-11-21 15:15 - 000000000 ____D C:\Windows\system32\Macromed
2018-11-01 17:29 - 2011-05-17 14:21 - 000175104 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2018-11-01 17:29 - 2009-09-08 20:22 - 000000000 ____D C:\Windows\SysWOW64\Macromed
2018-11-01 17:20 - 2018-08-20 15:41 - 000004476 _____ C:\Windows\System32\Tasks\Adobe Acrobat Update Task
2018-11-01 16:58 - 2017-04-24 13:09 - 000003912 _____ C:\Windows\System32\Tasks\Avast Emergency Update
2018-11-01 16:57 - 2009-07-14 06:08 - 000032482 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2018-11-01 16:47 - 2014-10-22 07:03 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2018-11-01 16:47 - 2010-05-19 14:03 - 000000000 ____D C:\Program Files (x86)\Java
2018-11-01 16:45 - 2018-01-10 21:03 - 000201408 _____ (AVAST Software) C:\Windows\system32\Drivers\aswArPot.sys
2018-11-01 16:45 - 2014-05-05 07:54 - 000047064 _____ (AVAST Software) C:\Windows\system32\Drivers\aswHwid.sys
2018-11-01 16:45 - 2014-01-11 15:35 - 000208640 _____ (AVAST Software) C:\Windows\system32\Drivers\aswStm.sys
2018-11-01 16:45 - 2013-03-17 15:10 - 000381144 _____ (AVAST Software) C:\Windows\system32\Drivers\aswVmm.sys
2018-11-01 16:45 - 2013-03-17 15:10 - 000088112 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRvrt.sys
2018-11-01 16:45 - 2012-02-26 09:07 - 000111968 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2018-11-01 16:45 - 2009-11-02 21:03 - 000467904 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys
2018-11-01 16:45 - 2009-11-02 21:03 - 000163376 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2018-11-01 16:44 - 2016-05-27 15:25 - 000042456 _____ (AVAST Software) C:\Windows\system32\Drivers\aswKbd.sys
2018-11-01 16:42 - 2011-05-15 19:34 - 001028840 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys
2018-11-01 16:41 - 2018-01-10 21:03 - 000185240 _____ (AVAST Software) C:\Windows\system32\Drivers\aswHdsKe.sys
2018-11-01 16:41 - 2017-04-24 13:09 - 000346760 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbloga.sys
2018-11-01 16:41 - 2017-04-24 13:09 - 000230512 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbidsdrivera.sys
2018-11-01 16:41 - 2017-04-24 13:09 - 000201928 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbidsha.sys
2018-11-01 16:41 - 2017-04-24 13:09 - 000059664 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbuniva.sys
2018-11-01 16:30 - 2015-01-27 17:59 - 000098680 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2018-11-01 16:26 - 2009-11-02 15:08 - 000000000 ____D C:\Users\Sophie\AppData\Roaming\HpUpdate
2018-11-01 16:25 - 2013-09-19 07:44 - 000000000 ____D C:\ProgramData\Oracle

==================== Fichiers à la racine de certains dossiers =======

2011-02-03 14:57 - 2011-06-16 13:52 - 000001854 _____ () C:\Users\Sophie\AppData\Roaming\GhostObjGAFix.xml
2012-03-23 17:04 - 2012-03-23 17:06 - 000002463 _____ () C:\Users\Sophie\AppData\Roaming\hamster_installer_log.txt
2016-10-13 14:15 - 2016-10-13 14:15 - 002669075 _____ () C:\Users\Sophie\AppData\Roaming\sb561.dat
2013-09-13 10:28 - 2017-01-20 11:24 - 000000371 _____ () C:\Users\Sophie\AppData\Roaming\WB.CFG
2009-11-02 15:03 - 2009-11-02 15:03 - 000000000 _____ () C:\Users\Sophie\AppData\Local\AtStart.txt
2010-01-19 20:57 - 2012-04-10 17:36 - 000011264 _____ () C:\Users\Sophie\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2009-11-02 15:03 - 2009-11-02 15:03 - 000000000 _____ () C:\Users\Sophie\AppData\Local\DSwitch.txt
2010-05-09 13:38 - 2010-05-09 13:38 - 000000036 _____ () C:\Users\Sophie\AppData\Local\housecall.guid.cache
2009-11-02 15:03 - 2009-11-02 15:03 - 000000000 _____ () C:\Users\Sophie\AppData\Local\QSwitch.txt
2016-04-16 19:38 - 2016-04-16 19:38 - 000002833 _____ () C:\Users\Sophie\AppData\Local\recently-used.xbel
2011-08-10 17:35 - 2011-08-10 17:35 - 000007605 _____ () C:\Users\Sophie\AppData\Local\Resmon.ResmonCfg
2012-11-25 17:21 - 2012-12-04 15:35 - 010668176 _____ () C:\Users\Sophie\AppData\Local\SelfExtractible.zip
2010-03-30 08:50 - 2010-03-30 08:50 - 000073171 _____ () C:\Users\Sophie\AppData\Local\tmpMAIL0001.0
2010-03-30 08:50 - 2010-03-30 08:50 - 000073507 _____ () C:\Users\Sophie\AppData\Local\tmpMAIL0001.1
2010-03-30 08:50 - 2010-03-30 08:50 - 000073486 _____ () C:\Users\Sophie\AppData\Local\tmpMAIL0001.JPG
2009-12-12 19:05 - 2009-12-12 19:05 - 002481063 _____ () C:\Users\Sophie\AppData\Local\tmpMAQUETTES PATHELIN.0
2009-12-12 19:05 - 2009-12-12 19:05 - 000481310 _____ () C:\Users\Sophie\AppData\Local\tmpMAQUETTES PATHELIN.JPG
2010-01-09 20:27 - 2010-01-09 20:27 - 000196819 _____ () C:\Users\Sophie\AppData\Local\tmpPHOTO.0
2010-01-09 20:27 - 2010-01-09 20:27 - 000100989 _____ () C:\Users\Sophie\AppData\Local\tmpPHOTO.1
2010-01-09 20:27 - 2010-01-09 20:27 - 000100575 _____ () C:\Users\Sophie\AppData\Local\tmpPHOTO.2
2010-01-09 20:27 - 2010-01-09 20:27 - 000102417 _____ () C:\Users\Sophie\AppData\Local\tmpPHOTO.3
2010-01-09 20:27 - 2010-01-09 20:27 - 000196819 _____ () C:\Users\Sophie\AppData\Local\tmpPHOTO.JPG

Certains fichiers dans TEMP:
====================
2018-05-03 19:08 - 2018-05-03 19:08 - 001884616 _____ (Oracle Corporation) C:\Users\Sophie\AppData\Local\Temp\jre-8u171-windows-au.exe
2018-08-20 15:03 - 2018-08-20 15:03 - 001906040 _____ (Oracle Corporation) C:\Users\Sophie\AppData\Local\Temp\jre-8u181-windows-au.exe
2018-11-01 16:26 - 2018-11-01 16:26 - 001892728 _____ (Oracle Corporation) C:\Users\Sophie\AppData\Local\Temp\jre-8u191-windows-au.exe
2018-05-01 13:01 - 2018-05-01 13:02 - 046281952 _____ (Microsoft Corporation) C:\Users\Sophie\AppData\Local\Temp\mpam-b454973d.exe

==================== Bamital & volsnap ======================

(Il n'y a pas de correction automatique pour les fichiers qui ne satisfont pas à la vérification.)

C:\Windows\system32\winlogon.exe => Le fichier est signé numériquement
C:\Windows\system32\wininit.exe => Le fichier est signé numériquement
C:\Windows\SysWOW64\wininit.exe => Le fichier est signé numériquement
C:\Windows\explorer.exe => Le fichier est signé numériquement
C:\Windows\SysWOW64\explorer.exe => Le fichier est signé numériquement
C:\Windows\system32\svchost.exe => Le fichier est signé numériquement
C:\Windows\SysWOW64\svchost.exe => Le fichier est signé numériquement
C:\Windows\system32\services.exe => Le fichier est signé numériquement
C:\Windows\system32\User32.dll => Le fichier est signé numériquement
C:\Windows\SysWOW64\User32.dll => Le fichier est signé numériquement
C:\Windows\system32\userinit.exe => Le fichier est signé numériquement
C:\Windows\SysWOW64\userinit.exe => Le fichier est signé numériquement
C:\Windows\system32\rpcss.dll => Le fichier est signé numériquement
C:\Windows\system32\dnsapi.dll => Le fichier est signé numériquement
C:\Windows\SysWOW64\dnsapi.dll => Le fichier est signé numériquement
C:\Windows\system32\Drivers\volsnap.sys => Le fichier est signé numériquement

LastRegBack: 2018-11-01 18:23

==================== Fin de FRST.txt ============================