Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

Sedoparking problem

Started by stricpa , Dec 16 2015 09:43 AM

  • Please log in to reply

#1
stricpa
Posted 16 December 2015 - 09:43 AM

stricpa

    New Member

  • Member
  • Pip
  • 1 posts

Hi. This seems to be an old problem but it is new to me. I have been trying to access a site called thetrilife.com but I either get a message saying "unable to select database" or else I am redirected to a sedoparking site (although the url is still thetrilife.com. I have not so far experienced the problem with other sites but am worried it might spread further. I tried to solve the problem by running malwarebytes, and by emptying the browser and DNS caches, but that didn't solve it. I am worried that this may be an infection and would like to know whether something can be done about it. Thanks in advance.

 

Résultats d'analyse de  Farbar Recovery Scan Tool (FRST) (x64) Version:16-12-2015 01
Exécuté par 226 (administrateur) sur 226-PC (16-12-2015 16:16:57)
Exécuté depuis C:\Users\226\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\Q7B16XBD
Profils chargés: 226 (Profils disponibles: 226)
Platform: Windows 7 Home Premium Service Pack 1 (X64) Langue: Français (France)
Internet Explorer Version 11 (Navigateur par défaut: Chrome)
Mode d'amorçage: Normal
Tutoriel pour Farbar Recovery Scan Tool: http://www.geekstogo...very-scan-tool/

==================== Processus (Avec liste blanche) =================

(Si un élément est inclus dans le fichier fixlist.txt, le processus sera arrêté. Le fichier ne sera pas déplacé.)

(Acer Incorporated) C:\Program Files (x86)\Acer\Registration\GREGsvc.exe
() C:\Program Files (x86)\Cyberlink\Shared files\RichVideo.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
(Acer Group) C:\Program Files\Acer\Acer Updater\UpdaterService.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTmon.exe
(Microsoft Corporation) C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.29.1\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.29.1\GoogleCrashHandler64.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe
(Egis Technology Inc.) C:\Program Files (x86)\EgisTec MyWinLocker\x86\mwlDaemon.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(© 2015 Microsoft Corporation) C:\Users\226\AppData\Local\Microsoft\BingSvc\BingSvc.exe
(Dropbox, Inc.) C:\Users\226\AppData\Roaming\Dropbox\bin\Dropbox.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE
(OLYMPUS IMAGING CORP.) C:\Program Files (x86)\OLYMPUS\ib\olycamdetect.exe
() C:\Program Files (x86)\Acer\Hotkey Utility\HotkeyUtility.exe
(Egis Technology Inc.) C:\Program Files (x86)\EgisTec IPS\PmmUpdate.exe
(CyberLink Corp.) C:\Program Files (x86)\Acer Arcade Deluxe\Arcade Movie\ArcadeMovieService.exe
(Egis Technology Inc.) C:\Program Files (x86)\EgisTec IPS\EgisUpdate.exe
(Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\Office14\OUTLOOK.EXE
(Symantec Corporation) C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
(Symantec Corporation) C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuClient.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Symantec Corporation) C:\Program Files (x86)\Norton Internet Security\Engine\22.5.5.15\nis.exe
(Symantec Corporation) C:\Program Files (x86)\Norton Internet Security\Engine\22.5.5.15\nis.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe

==================== Registre (Avec liste blanche) ===========================

(Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé. Le fichier ne sera pas déplacé.)

HKLM\...\Run: [IAAnotif] => C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\iaanotif.exe [186904 2009-06-05] (Intel Corporation)
HKLM\...\Run: [mwlDaemon] => C:\Program Files (x86)\EgisTec MyWinLocker\x86\mwlDaemon.exe [349552 2010-05-27] (Egis Technology Inc.)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13672152 2014-05-09] (Realtek Semiconductor)
HKLM-x32\...\Run: [Microsoft Default Manager] => C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Default Manager\DefMgr.exe [439568 2010-05-10] (Microsoft Corporation)
HKLM-x32\...\Run: [BCSSync] => C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [89184 2012-11-05] (Microsoft Corporation)
HKLM-x32\...\Run: [SuiteTray] => C:\Program Files (x86)\EgisTec MyWinLockerSuite\x86\SuiteTray.exe [337264 2010-05-27] (Egis Technology Inc.)
HKLM-x32\...\Run: [Olympus ib] => C:\Program Files (x86)\Olympus\ib\olycamdetect.exe [96128 2012-02-02] (OLYMPUS IMAGING CORP.)
HKLM-x32\...\Run: [MDS_Menu] => C:\Program Files (x86)\Olympus\ib\MUITransfer\MUIStartMenu.exe [223104 2011-08-30] (CyberLink Corp.)
HKLM-x32\...\Run: [Hotkey Utility] => C:\Program Files (x86)\Acer\Hotkey Utility\HotkeyUtility.exe [611872 2010-08-04] ()
HKLM-x32\...\Run: [EgisUpdate] => C:\Program Files (x86)\EgisTec IPS\EgisUpdate.exe [201584 2010-03-11] (Egis Technology Inc.)
HKLM-x32\...\Run: [EgisTecPMMUpdate] => C:\Program Files (x86)\EgisTec IPS\PmmUpdate.exe [407920 2010-03-11] (Egis Technology Inc.)
HKLM-x32\...\Run: [ArcadeMovieService] => C:\Program Files (x86)\Acer Arcade Deluxe\Arcade Movie\ArcadeMovieService.exe [124136 2010-06-30] (CyberLink Corp.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [596528 2015-11-09] (Oracle Corporation)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-766115575-3831559217-2071392652-1000\...\Run: [Google Update] => C:\Users\226\AppData\Local\Google\Update\GoogleUpdate.exe [144200 2015-08-30] (Google Inc.)
HKU\S-1-5-21-766115575-3831559217-2071392652-1000\...\Run: [Dropbox Update] => C:\Users\226\AppData\Local\Dropbox\Update\DropboxUpdate.exe [134512 2015-06-16] (Dropbox, Inc.)
HKU\S-1-5-21-766115575-3831559217-2071392652-1000\...\Run: [BingSvc] => C:\Users\226\AppData\Local\Microsoft\BingSvc\BingSvc.exe [144008 2015-12-11] (© 2015 Microsoft Corporation)
HKU\S-1-5-21-766115575-3831559217-2071392652-1000\...\MountPoints2: {9d8e174c-b5b5-11e4-bd9b-00262d497bca} - C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL H:\index.html
HKU\S-1-5-21-766115575-3831559217-2071392652-1000\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\System32\Acer.scr [456224 2010-07-29] ()
ShellIconOverlayIdentifiers: [  OverlayExcluded] -> {4433A54A-1AC8-432F-90FC-85F045CF383C} => C:\Program Files (x86)\Norton Internet Security\Engine64\22.5.5.15\buShell.dll [2015-11-05] (Symantec Corporation)
ShellIconOverlayIdentifiers: [  OverlayPending] -> {F17C0B1E-EF8E-4AD4-8E1B-7D7E8CB23225} => C:\Program Files (x86)\Norton Internet Security\Engine64\22.5.5.15\buShell.dll [2015-11-05] (Symantec Corporation)
ShellIconOverlayIdentifiers: [  OverlayProtected] -> {476D0EA3-80F9-48B5-B70B-05E677C9C148} => C:\Program Files (x86)\Norton Internet Security\Engine64\22.5.5.15\buShell.dll [2015-11-05] (Symantec Corporation)
ShellIconOverlayIdentifiers: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\226\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll [2015-12-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\226\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll [2015-12-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\226\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll [2015-12-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt4] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\226\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll [2015-12-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [egisPSDP] -> {30A0A3F6-38AC-4C53-BB8B-0D95238E25BA} => C:\Program Files (x86)\EgisTec MyWinLocker\x64\psdprotect.dll [2010-05-27] (Egis Technology Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\226\AppData\Roaming\Dropbox\bin\DropboxExt.28.dll [2015-12-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\226\AppData\Roaming\Dropbox\bin\DropboxExt.28.dll [2015-12-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\226\AppData\Roaming\Dropbox\bin\DropboxExt.28.dll [2015-12-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [egisPSDP] -> {30A0A3F6-38AC-4C53-BB8B-0D95238E25BA} => C:\Program Files (x86)\EgisTec MyWinLocker\x86\psdprotect.dll [2010-05-27] (Egis Technology Inc.)
Startup: C:\Users\226\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk [2015-12-11]
ShortcutTarget: Dropbox.lnk -> C:\Users\226\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
Startup: C:\Users\226\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2010 Screen Clipper and Launcher.lnk [2015-10-26]
ShortcutTarget: OneNote 2010 Screen Clipper and Launcher.lnk -> C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE (Microsoft Corporation)

==================== Internet (Avec liste blanche) ====================

(Si un élément est inclus dans le fichier fixlist.txt, s'il s'agit d'un élément du Registre, il sera supprimé ou restauré à la valeur par défaut.)

Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{CC3F24BF-1A41-49F0-9FAC-2AD2D6ADB981}: [DhcpNameServer] 192.168.1.1

Internet Explorer:
==================
HKU\S-1-5-21-766115575-3831559217-2071392652-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://www.google.com/
HKU\S-1-5-21-766115575-3831559217-2071392652-1000\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://acer.msn.com
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=AARTDF&pc=MAAR&src=IE-SearchBox
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=AARTDF&pc=MAAR&src=IE-SearchBox
SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=AARTDF&pc=MAAR&src=IE-SearchBox
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=AARTDF&pc=MAAR&src=IE-SearchBox
SearchScopes: HKU\S-1-5-21-766115575-3831559217-2071392652-1000 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-766115575-3831559217-2071392652-1000 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-766115575-3831559217-2071392652-1000 -> {39A330CD-D2CD-4EFF-B33F-B368AF7820F4} URL = hxxp://fr.search.yahoo.com/search?fr=mcafee&p={SearchTerms}
SearchScopes: HKU\S-1-5-21-766115575-3831559217-2071392652-1000 -> {AFBCB7E0-F91A-4951-9F31-58FEE57A25C4} URL = hxxp://nortonsafe.search.ask.com/web?q={SEARCHTERMS}&o=APN10506&l=dis&prt=NIS&chn=retail&geo=FR&ver=20&locale=fr_FR&gct=kwd&qsrc=2869
BHO: Norton Identity Protection -> {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} -> C:\Program Files (x86)\Norton Internet Security\Engine64\22.5.5.15\coIEPlg.dll [2015-11-05] (Symantec Corporation)
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-19] (Microsoft Corporation)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO-x32: Norton Identity Protection -> {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} -> C:\Program Files (x86)\Norton Internet Security\Engine\22.5.5.15\coIEPlg.dll [2015-11-05] (Symantec Corporation)
BHO-x32: Norton Vulnerability Protection -> {6D53EC84-6AAE-4787-AEEE-F4628F01010C} -> C:\Program Files (x86)\Norton Internet Security\Engine\21.7.0.11\IPS\IPSBHO.DLL => Pas de fichier
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-19] (Microsoft Corporation)
BHO-x32: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_66\bin\ssv.dll [2015-12-16] (Oracle Corporation)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO-x32: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_66\bin\jp2ssv.dll [2015-12-16] (Oracle Corporation)
Toolbar: HKLM - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine64\22.5.5.15\coIEPlg.dll [2015-11-05] (Symantec Corporation)
Toolbar: HKLM-x32 - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine\22.5.5.15\coIEPlg.dll [2015-11-05] (Symantec Corporation)
Toolbar: HKU\S-1-5-21-766115575-3831559217-2071392652-1000 -> Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine64\22.5.5.15\coIEPlg.dll [2015-11-05] (Symantec Corporation)
DPF: HKLM-x32 {F27237D7-93C8-44C2-AC6E-D6057B9A918F} hxxps://juniper.net/dana-cached/sc/JuniperSetupClient.cab

FireFox:
========
FF Plugin: @microsoft.com/GENUINE -> disabled [Pas de fichier]
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.41105.0\npctrl.dll [2015-11-04] ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @glance.net/GlanceClient -> C:\Program Files (x86)\Glance29\npglance.dll [2014-09-16] (Glance Networks, Inc.)
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll [2013-10-07] (Google)
FF Plugin-x32: @java.com/DTPlugin,version=11.66.2 -> C:\Program Files (x86)\Java\jre1.8.0_66\bin\dtplugin\npDeployJava1.dll [2015-12-16] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.66.2 -> C:\Program Files (x86)\Java\jre1.8.0_66\bin\plugin2\npjp2.dll [2015-12-16] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [Pas de fichier]
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.41105.0\npctrl.dll [2015-11-04] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~3\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~3\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.29.1\npGoogleUpdate3.dll [2015-12-05] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.29.1\npGoogleUpdate3.dll [2015-12-05] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2015-09-27] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-766115575-3831559217-2071392652-1000: @tools.google.com/Google Update;version=3 -> C:\Users\226\AppData\Local\Google\Update\1.3.29.1\npGoogleUpdate3.dll [2015-12-05] (Google Inc.)
FF Plugin HKU\S-1-5-21-766115575-3831559217-2071392652-1000: @tools.google.com/Google Update;version=9 -> C:\Users\226\AppData\Local\Google\Update\1.3.29.1\npGoogleUpdate3.dll [2015-12-05] (Google Inc.)
FF HKLM\...\Firefox\Extensions: [{C1A2A613-35F1-4FCF-B27F-2840527B6556}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_22.5.0.124\coFFAddon
FF Extension: Norton Identity Safe - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_22.5.0.124\coFFAddon [2015-12-16]
FF HKLM-x32\...\Firefox\Extensions: [{3252b9ae-c69a-4eaf-9502-dc9c1f6c009e}] - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Default Manager\DMExtension
FF Extension: Default Manager - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Default Manager\DMExtension [2007-10-11] [non signé]
FF HKLM-x32\...\Firefox\Extensions: [{C1A2A613-35F1-4FCF-B27F-2840527B6556}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_22.5.0.124\coFFAddon

Chrome:
=======
CHR HomePage: Default -> hxxp://www.search.ask.com/?gct=hp
CHR Plugin: (Native Client) - C:\Users\226\AppData\Local\Google\Chrome\Application\47.0.2526.80\ppGoogleNaClPluginChrome.dll => Pas de fichier
CHR Plugin: (Chrome PDF Viewer) - C:\Users\226\AppData\Local\Google\Chrome\Application\47.0.2526.80\pdf.dll => Pas de fichier
CHR Plugin: (Shockwave Flash) - C:\Users\226\AppData\Local\Google\Chrome\Application\47.0.2526.80\gcswf32.dll => Pas de fichier
CHR Plugin: (McAfee SiteAdvisor) - C:\Users\226\AppData\Local\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho\3.41.123.2_0\McChPlg.dll => Pas de fichier
CHR Plugin: (McAfee SiteAdvisor) - C:\Program Files (x86)\McAfee\SiteAdvisor\npmcffplg32.dll => Pas de fichier
CHR Plugin: (Norton Confidential) - C:\Users\226\AppData\Local\Google\Chrome\User Data\Default\Extensions\mkfokfffehpeedafpekjeddnmnjhmcmk\2012.5.3.7_0\npcoplgn.dll => Pas de fichier
CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll => Pas de fichier
CHR Plugin: (Microsoft Office 2010) - C:\PROGRA~2\MICROS~3\Office14\NPAUTHZ.DLL (Microsoft Corporation)
CHR Plugin: (Microsoft Office 2010) - C:\PROGRA~2\MICROS~3\Office14\NPSPWRAP.DLL (Microsoft Corporation)
CHR Plugin: (Google Earth Plugin) - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll => Pas de fichier
CHR Plugin: (Silverlight Plug-In) - C:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrl.dll => Pas de fichier
CHR Profile: C:\Users\226\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Norton Security Toolbar) - C:\Users\226\AppData\Local\Google\Chrome\User Data\Default\Extensions\cjabmdjcfcfdmffimndhafhblfmpjdpe [2015-10-11]
CHR Extension: (AT_AmericanApparel) - C:\Users\226\AppData\Local\Google\Chrome\User Data\Default\Extensions\gejbaacdckokghddlhgapklpmlfklfga [2011-06-03]
CHR Extension: (Norton Identity Safe) - C:\Users\226\AppData\Local\Google\Chrome\User Data\Default\Extensions\iikflkcanblccfahdhdonehdalibjnif [2014-08-14]
CHR Extension: (Chrome Web Store Payments) - C:\Users\226\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-07-30]
CHR HKLM\...\Chrome\Extension: [cjabmdjcfcfdmffimndhafhblfmpjdpe] - C:\Program Files (x86)\Norton Internet Security\Engine\22.5.5.15\Exts\Chrome.crx [2015-11-30]
CHR HKLM\...\Chrome\Extension: [iikflkcanblccfahdhdonehdalibjnif] - hxxps://clients2.google.com/service/update2/crx
CHR HKU\S-1-5-21-766115575-3831559217-2071392652-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [fcfenmboojpjinhpgggodefccipikbpd] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [cjabmdjcfcfdmffimndhafhblfmpjdpe] - C:\Program Files (x86)\Norton Internet Security\Engine\22.5.5.15\Exts\Chrome.crx [2015-11-30]
CHR HKLM-x32\...\Chrome\Extension: [iikflkcanblccfahdhdonehdalibjnif] - hxxps://clients2.google.com/service/update2/crx
StartMenuInternet: Google Chrome - C:\Users\226\AppData\Local\Google\Chrome\Application\chrome.exe

==================== Services (Avec liste blanche) ========================

(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)

S3 becldr3Service; C:\Program Files\BCL Technologies\easyConverter SDK 3\Common\becldr.exe [263168 2013-07-03] () [Fichier non signé]
S2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1135416 2015-10-05] (Malwarebytes)
S3 MWLService; C:\Program Files (x86)\EgisTec MyWinLocker\x86\MWLService.exe [305520 2010-05-27] (Egis Technology Inc.)
R2 NIS; C:\Program Files (x86)\Norton Internet Security\Engine\22.5.5.15\NIS.exe [282016 2015-11-20] (Symantec Corporation)
R2 NOBU; C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe [4362056 2014-11-18] (Symantec Corporation)
R2 RichVideo; C:\Program Files (x86)\Cyberlink\Shared files\RichVideo.exe [244904 2010-05-13] () [Fichier non signé]
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)

===================== Pilotes (Avec liste blanche) ==========================

(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)

R1 BHDrvx64; C:\Program Files (x86)\Norton Internet Security\NortonData\22.5.0.124\Definitions\BASHDefs\20151207.001\BHDrvx64.sys [1665608 2015-10-08] (Symantec Corporation)
R1 ccSet_NIS; C:\Windows\system32\drivers\NISx64\1605050.00F\ccSetx64.sys [173808 2015-07-11] (Symantec Corporation)
S3 ebdrv; C:\Windows\system32\DRIVERS\evbda.sys [3286016 2009-06-10] (Broadcom Corporation)
R1 eeCtrl; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [498512 2015-11-18] (Symantec Corporation)
R3 EraserUtilRebootDrv; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [157520 2015-11-18] (Symantec Corporation)
R3 glancedrv; C:\Windows\System32\DRIVERS\glancedrv.sys [36384 2009-05-13] (Glance Networks, Inc)
R1 IDSVia64; C:\Program Files (x86)\Norton Internet Security\NortonData\22.5.0.124\Definitions\IPSDefs\20151215.002\IDSvia64.sys [767224 2015-12-04] (Symantec Corporation)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2015-10-05] (Malwarebytes)
S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2015-10-05] (Malwarebytes Corporation)
R3 NAVENG; C:\Program Files (x86)\Norton Internet Security\NortonData\22.5.0.124\Definitions\VirusDefs\20151215.018\ENG64.SYS [138488 2015-11-15] (Symantec Corporation)
R3 NAVEX15; C:\Program Files (x86)\Norton Internet Security\NortonData\22.5.0.124\Definitions\VirusDefs\20151215.018\EX64.SYS [2148080 2015-11-15] (Symantec Corporation)
R3 SRTSP; C:\Windows\System32\Drivers\NISx64\1605050.00F\SRTSP64.SYS [928496 2015-11-12] (Symantec Corporation)
R1 SRTSPX; C:\Windows\system32\drivers\NISx64\1605050.00F\SRTSPX64.SYS [50936 2015-07-11] (Symantec Corporation)
R0 SymEFASI; C:\Windows\System32\drivers\NISx64\1605050.00F\SYMEFASI64.SYS [1621232 2015-11-12] (Symantec Corporation)
R3 SymEvent; C:\Windows\system32\Drivers\SYMEVENT64x86.SYS [111344 2015-07-28] (Symantec Corporation)
R1 SymIRON; C:\Windows\system32\drivers\NISx64\1605050.00F\Ironx64.SYS [297720 2015-07-11] (Symantec Corporation)
R1 SymNetS; C:\Windows\System32\Drivers\NISx64\1605050.00F\SYMNETS.SYS [577768 2015-11-12] (Symantec Corporation)
S3 cpuz134; \??\C:\Users\226\AppData\Local\Temp\cpuz134\cpuz134_x64.sys [X]

==================== NetSvcs (Avec liste blanche) ===================

(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)

==================== Un mois - Créés - fichiers et dossiers ========

(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)

2015-12-16 15:56 - 2015-12-16 16:16 - 00000000 ____D C:\FRST
2015-12-16 14:10 - 2015-12-16 14:10 - 00000000 ____D C:\Users\226\AppData\Roaming\Sun
2015-12-16 14:10 - 2015-12-16 14:10 - 00000000 ____D C:\Users\226\.oracle_jre_usage
2015-12-16 14:08 - 2015-12-16 14:08 - 00000000 ____D C:\Users\226\AppData\LocalLow\Oracle
2015-12-16 13:44 - 2015-12-16 13:44 - 00001106 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2015-12-15 11:05 - 2015-12-15 11:05 - 00277672 _____ C:\Windows\Minidump\121515-29156-01.dmp
2015-12-14 15:26 - 2015-12-14 15:26 - 00277672 _____ C:\Windows\Minidump\121415-30310-01.dmp
2015-12-14 12:51 - 2015-12-14 12:51 - 00019179 ____H C:\Users\226\Documents\~WRL2709.tmp
2015-12-13 14:23 - 2015-12-13 14:24 - 00277672 _____ C:\Windows\Minidump\121315-32027-01.dmp
2015-12-11 13:46 - 2015-12-11 13:46 - 00277672 _____ C:\Windows\Minidump\121115-31839-01.dmp
2015-12-11 12:45 - 2015-12-11 12:45 - 00000000 ____D C:\Users\226\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2015-12-10 14:25 - 2015-12-10 14:25 - 00277672 _____ C:\Windows\Minidump\121015-39390-01.dmp
2015-12-09 09:27 - 2015-11-20 19:54 - 03170304 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2015-12-09 09:27 - 2015-11-20 19:54 - 02609152 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2015-12-09 09:27 - 2015-11-20 19:54 - 00709632 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2015-12-09 09:27 - 2015-11-20 19:54 - 00192512 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2015-12-09 09:27 - 2015-11-20 19:54 - 00140288 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2015-12-09 09:27 - 2015-11-20 19:54 - 00098816 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2015-12-09 09:27 - 2015-11-20 19:54 - 00091136 _____ (Microsoft Corporation) C:\Windows\system32\WinSetupUI.dll
2015-12-09 09:27 - 2015-11-20 19:54 - 00037888 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2015-12-09 09:27 - 2015-11-20 19:54 - 00037888 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2015-12-09 09:27 - 2015-11-20 19:54 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2015-12-09 09:27 - 2015-11-20 19:54 - 00012288 _____ (Microsoft Corporation) C:\Windows\system32\wu.upgrade.ps.dll
2015-12-09 09:27 - 2015-11-20 19:34 - 00573440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2015-12-09 09:27 - 2015-11-20 19:34 - 00174080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2015-12-09 09:27 - 2015-11-20 19:34 - 00093696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2015-12-09 09:27 - 2015-11-20 19:34 - 00030208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll
2015-12-09 09:27 - 2015-11-20 19:33 - 00035328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2015-12-09 09:27 - 2015-11-11 22:12 - 00387792 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2015-12-09 09:27 - 2015-11-11 21:52 - 00341192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2015-12-09 09:27 - 2015-11-11 19:53 - 01735680 _____ (Microsoft Corporation) C:\Windows\system32\comsvcs.dll
2015-12-09 09:27 - 2015-11-11 19:53 - 00525312 _____ (Microsoft Corporation) C:\Windows\system32\catsrvut.dll
2015-12-09 09:27 - 2015-11-11 19:39 - 01242624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\comsvcs.dll
2015-12-09 09:27 - 2015-11-11 19:39 - 00487936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\catsrvut.dll
2015-12-09 09:27 - 2015-11-11 17:00 - 12856832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2015-12-09 09:27 - 2015-11-11 16:44 - 00416256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2015-12-09 09:27 - 2015-11-11 16:44 - 00279040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2015-12-09 09:27 - 2015-11-11 16:41 - 20366848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2015-12-09 09:27 - 2015-11-11 16:12 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-12-09 09:27 - 2015-11-11 15:57 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2015-12-09 09:27 - 2015-11-10 19:55 - 01648128 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll
2015-12-09 09:27 - 2015-11-10 19:55 - 01180160 _____ (Microsoft Corporation) C:\Windows\system32\FntCache.dll
2015-12-09 09:27 - 2015-11-10 19:55 - 01008640 _____ (Microsoft Corporation) C:\Windows\system32\user32.dll
2015-12-09 09:27 - 2015-11-10 19:39 - 01251328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll
2015-12-09 09:27 - 2015-11-10 19:37 - 00833024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user32.dll
2015-12-09 09:27 - 2015-11-10 18:47 - 03211264 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2015-12-09 09:27 - 2015-11-10 01:24 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2015-12-09 09:27 - 2015-11-10 01:13 - 00496640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2015-12-09 09:27 - 2015-11-10 01:13 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2015-12-09 09:27 - 2015-11-10 01:12 - 00341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2015-12-09 09:27 - 2015-11-10 01:12 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2015-12-09 09:27 - 2015-11-10 01:11 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2015-12-09 09:27 - 2015-11-10 01:08 - 02280448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2015-12-09 09:27 - 2015-11-10 01:06 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2015-12-09 09:27 - 2015-11-10 01:06 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2015-12-09 09:27 - 2015-11-10 01:04 - 00476160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2015-12-09 09:27 - 2015-11-10 01:03 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2015-12-09 09:27 - 2015-11-10 01:02 - 00663552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2015-12-09 09:27 - 2015-11-10 01:02 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2015-12-09 09:27 - 2015-11-10 00:50 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2015-12-09 09:27 - 2015-11-10 00:47 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2015-12-09 09:27 - 2015-11-10 00:46 - 04514816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2015-12-09 09:27 - 2015-11-10 00:44 - 00130048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2015-12-09 09:27 - 2015-11-10 00:37 - 00230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2015-12-09 09:27 - 2015-11-10 00:36 - 02050560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2015-12-09 09:27 - 2015-11-10 00:36 - 00687104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2015-12-09 09:27 - 2015-11-10 00:35 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2015-12-09 09:27 - 2015-11-10 00:17 - 02011136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2015-12-09 09:27 - 2015-11-10 00:14 - 01311744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2015-12-09 09:27 - 2015-11-10 00:12 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2015-12-09 09:27 - 2015-11-08 23:33 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2015-12-09 09:27 - 2015-11-08 23:32 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2015-12-09 09:27 - 2015-11-08 23:16 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2015-12-09 09:27 - 2015-11-08 23:15 - 02887168 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-12-09 09:27 - 2015-11-08 23:15 - 00571392 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-12-09 09:27 - 2015-11-08 23:15 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2015-12-09 09:27 - 2015-11-08 23:07 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2015-12-09 09:27 - 2015-11-08 23:06 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2015-12-09 09:27 - 2015-11-08 23:02 - 00615936 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2015-12-09 09:27 - 2015-11-08 23:01 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2015-12-09 09:27 - 2015-11-08 23:01 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2015-12-09 09:27 - 2015-11-08 23:01 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2015-12-09 09:27 - 2015-11-08 22:52 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2015-12-09 09:27 - 2015-11-08 22:48 - 00489984 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2015-12-09 09:27 - 2015-11-08 22:40 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2015-12-09 09:27 - 2015-11-08 22:32 - 00315392 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-12-09 09:27 - 2015-11-08 22:29 - 00152064 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2015-12-09 09:27 - 2015-11-08 22:18 - 00262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2015-12-09 09:27 - 2015-11-08 22:15 - 00798208 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-12-09 09:27 - 2015-11-08 22:15 - 00718336 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2015-12-09 09:27 - 2015-11-08 22:14 - 14456832 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-12-09 09:27 - 2015-11-08 22:14 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2015-12-09 09:27 - 2015-11-08 22:13 - 02123264 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-12-09 09:27 - 2015-11-08 21:41 - 01546752 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-12-09 09:27 - 2015-11-08 21:30 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2015-12-09 09:27 - 2015-11-05 20:05 - 00017408 _____ (Microsoft Corporation) C:\Windows\system32\wshrm.dll
2015-12-09 09:27 - 2015-11-05 20:02 - 00014848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wshrm.dll
2015-12-09 09:27 - 2015-11-05 20:02 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2015-12-09 09:27 - 2015-11-05 20:00 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2015-12-09 09:27 - 2015-11-05 10:53 - 00146944 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rmcast.sys
2015-12-09 09:27 - 2015-11-03 20:04 - 00802304 _____ (Microsoft Corporation) C:\Windows\system32\usp10.dll
2015-12-09 09:27 - 2015-11-03 19:56 - 00627712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\usp10.dll
2015-12-09 09:27 - 2015-10-09 00:22 - 00069120 _____ (Microsoft Corporation) C:\Windows\system32\nlsbres.dll
2015-12-09 09:27 - 2015-10-09 00:18 - 00007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDAZE.DLL
2015-12-09 09:27 - 2015-10-09 00:18 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\kbdgeoqw.dll
2015-12-09 09:27 - 2015-10-09 00:18 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDAZEL.DLL
2015-12-09 09:27 - 2015-10-09 00:18 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDAZE.DLL
2015-12-09 09:27 - 2015-10-09 00:18 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kbdgeoqw.dll
2015-12-09 09:27 - 2015-10-09 00:18 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDAZEL.DLL
2015-12-09 09:27 - 2015-10-09 00:17 - 00069120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nlsbres.dll
2015-12-09 09:27 - 2015-10-08 20:13 - 00419928 _____ C:\Windows\SysWOW64\locale.nls
2015-12-09 09:27 - 2015-10-08 19:52 - 00419928 _____ C:\Windows\system32\locale.nls
2015-12-09 09:26 - 2015-11-11 17:21 - 25837568 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-12-09 09:26 - 2015-11-08 23:15 - 00417792 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2015-12-09 09:26 - 2015-11-08 23:14 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2015-12-09 09:26 - 2015-11-08 23:04 - 05923840 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-12-09 09:26 - 2015-11-08 23:01 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2015-12-09 09:26 - 2015-11-08 22:35 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2015-12-09 09:26 - 2015-11-08 21:53 - 02487808 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-12-09 09:26 - 2015-11-03 20:04 - 00241664 _____ (Microsoft Corporation) C:\Windows\system32\els.dll
2015-12-09 09:26 - 2015-11-03 19:55 - 00179712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\els.dll
2015-12-06 15:47 - 2015-12-16 14:05 - 00000000 ____D C:\Windows\System32\Tasks\Remediation
2015-12-01 11:29 - 2015-12-01 11:29 - 00000000 ____D C:\Windows\System32\Tasks\Norton Internet Security
2015-12-01 11:24 - 2015-12-01 11:24 - 00003234 _____ C:\Windows\System32\Tasks\Norton WSC Integration

==================== Un mois - Modifiés - fichiers et dossiers ========

(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)

2015-12-16 16:12 - 2015-06-16 09:01 - 00000910 _____ C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-766115575-3831559217-2071392652-1000UA.job
2015-12-16 16:06 - 2009-07-14 05:45 - 00018736 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-12-16 16:06 - 2009-07-14 05:45 - 00018736 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-12-16 16:05 - 2007-07-12 02:48 - 00000000 ____D C:\Windows
2015-12-16 16:01 - 2014-12-29 15:06 - 00000000 ____D C:\ProgramData\Oracle
2015-12-16 15:47 - 2011-08-28 16:09 - 00000900 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-12-16 15:41 - 2011-06-03 16:06 - 00000900 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-766115575-3831559217-2071392652-1000UA.job
2015-12-16 15:04 - 2015-10-29 10:59 - 00000000 ____D C:\Users\226\Documents\Outlook Files
2015-12-16 14:12 - 2015-06-16 09:01 - 00000858 _____ C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-766115575-3831559217-2071392652-1000Core.job
2015-12-16 14:11 - 2014-12-29 15:06 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2015-12-16 14:11 - 2014-12-29 15:06 - 00000000 ____D C:\Program Files (x86)\Java
2015-12-16 14:10 - 2014-12-29 15:06 - 00097888 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2015-12-16 14:10 - 2011-04-30 12:19 - 00000000 ____D C:\Users\226
2015-12-16 14:05 - 2011-12-17 11:45 - 00000000 ____D C:\ProgramData\boost_interprocess
2015-12-16 14:03 - 2014-08-22 13:37 - 00000490 _____ C:\Windows\Tasks\ParetoLogic Update Version3 Startup Task.job
2015-12-16 14:03 - 2011-08-28 16:09 - 00000896 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-12-16 14:03 - 2011-06-25 13:17 - 00000000 ___RD C:\Users\226\Dropbox
2015-12-16 14:03 - 2011-06-25 13:14 - 00000000 ____D C:\Users\226\AppData\Roaming\Dropbox
2015-12-16 14:02 - 2009-07-14 06:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2015-12-16 14:00 - 2015-02-04 20:37 - 00000000 ____D C:\ProgramData\APN
2015-12-16 13:45 - 2014-04-09 08:56 - 00192216 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-12-16 13:44 - 2014-04-09 08:55 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2015-12-16 13:44 - 2014-04-09 08:55 - 00000000 ____D C:\Program Files (x86)\Malwarebytes Anti-Malware
2015-12-16 13:38 - 2011-06-03 16:06 - 00000848 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-766115575-3831559217-2071392652-1000Core.job
2015-12-15 11:05 - 2015-06-08 12:40 - 609131962 _____ C:\Windows\MEMORY.DMP
2015-12-15 11:05 - 2012-10-13 12:43 - 00000000 ____D C:\Windows\Minidump
2015-12-14 18:00 - 2014-08-22 13:38 - 00000464 _____ C:\Windows\Tasks\ParetoLogic Registration3.job
2015-12-11 16:41 - 2011-06-03 16:06 - 00002356 _____ C:\Users\226\Desktop\Google Chrome.lnk
2015-12-11 13:33 - 2014-05-26 13:28 - 00000000 ____D C:\Users\226\Documents\Family Tree Maker
2015-12-11 12:16 - 2013-01-18 15:34 - 00000000 ____D C:\Users\226\AppData\Local\CrashDumps
2015-12-10 17:29 - 2013-08-15 17:06 - 00000000 ____D C:\Windows\system32\MRT
2015-12-10 09:24 - 2009-07-14 05:45 - 00408136 _____ C:\Windows\system32\FNTCACHE.DAT
2015-12-10 09:22 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\inf
2015-12-09 14:31 - 2011-08-14 13:02 - 00000000 ____D C:\ProgramData\Microsoft Help
2015-12-09 14:30 - 2013-03-18 01:22 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2015-12-09 14:29 - 2013-03-18 01:21 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2015-12-09 14:29 - 2013-03-18 01:21 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight
2015-12-06 15:43 - 2011-06-03 17:02 - 02068480 _____ C:\Users\226\Documents\stricklandfamily.paf
2015-12-06 14:23 - 2015-10-26 15:59 - 00000000 ____D C:\Users\226\Documents\FHDocs
2015-12-06 13:56 - 2009-07-14 06:13 - 01671272 _____ C:\Windows\system32\PerfStringBackup.INI
2015-12-06 13:56 - 2007-10-11 06:23 - 00752364 _____ C:\Windows\system32\perfh00C.dat
2015-12-06 13:56 - 2007-10-11 06:23 - 00154438 _____ C:\Windows\system32\perfc00C.dat
2015-12-05 13:42 - 2011-08-28 16:09 - 00003896 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2015-12-05 13:42 - 2011-08-28 16:09 - 00003644 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2015-12-05 13:33 - 2011-06-03 16:06 - 00003866 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-766115575-3831559217-2071392652-1000UA
2015-12-05 13:33 - 2011-06-03 16:06 - 00003470 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-766115575-3831559217-2071392652-1000Core
2015-12-03 14:51 - 2015-11-10 11:43 - 00094208 ___SH C:\Users\226\Documents\Thumbs.db
2015-12-01 11:24 - 2011-12-17 11:39 - 00000000 ____D C:\Windows\system32\Drivers\NISx64
2015-12-01 11:23 - 2015-07-14 12:25 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Norton Internet Security
2015-12-01 11:23 - 2011-12-17 11:39 - 00002411 _____ C:\Users\Public\Desktop\Norton Internet Security.LNK
2015-11-23 19:10 - 2011-06-05 12:56 - 140158008 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe

==================== Fichiers à la racine de certains dossiers =======

2015-04-20 11:50 - 2015-05-09 13:07 - 0000115 _____ () C:\Users\226\AppData\Roaming\LogFile.txt
2015-09-06 13:00 - 2015-09-06 13:00 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
2010-08-28 05:23 - 2010-03-02 23:59 - 0131984 _____ () C:\ProgramData\FullRemove.exe

Certains fichiers dans TEMP:
====================
C:\Users\226\AppData\Local\Temp\jre-8u66-windows-au.exe

==================== Bamital & volsnap =================

(Il n'y a pas de correction automatique pour les fichiers qui ne satisfont pas à la vérification.)

C:\Windows\system32\winlogon.exe => Le fichier est signé numériquement
C:\Windows\system32\wininit.exe => Le fichier est signé numériquement
C:\Windows\SysWOW64\wininit.exe => Le fichier est signé numériquement
C:\Windows\explorer.exe => Le fichier est signé numériquement
C:\Windows\SysWOW64\explorer.exe => Le fichier est signé numériquement
C:\Windows\system32\svchost.exe => Le fichier est signé numériquement
C:\Windows\SysWOW64\svchost.exe => Le fichier est signé numériquement
C:\Windows\system32\services.exe => Le fichier est signé numériquement
C:\Windows\system32\User32.dll => Le fichier est signé numériquement
C:\Windows\SysWOW64\User32.dll => Le fichier est signé numériquement
C:\Windows\system32\userinit.exe => Le fichier est signé numériquement
C:\Windows\SysWOW64\userinit.exe => Le fichier est signé numériquement
C:\Windows\system32\rpcss.dll => Le fichier est signé numériquement
C:\Windows\system32\dnsapi.dll => Le fichier est signé numériquement
C:\Windows\SysWOW64\dnsapi.dll => Le fichier est signé numériquement
C:\Windows\system32\Drivers\volsnap.sys => Le fichier est signé numériquement

LastRegBack: 2015-06-18 01:16

==================== Fin de FRST.txt ============================

 

Résultats de l'Analyse supplémentaire de Farbar Recovery Scan Tool (x64) Version:16-12-2015 01
Exécuté par 226 (2015-12-16 16:17:16)
Exécuté depuis C:\Users\226\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\Q7B16XBD
Windows 7 Home Premium Service Pack 1 (X64) (2011-04-30 11:19:41)
Mode d'amorçage: Normal
==========================================================

==================== Comptes: =============================

226 (S-1-5-21-766115575-3831559217-2071392652-1000 - Administrator - Enabled) => C:\Users\226
Administrateur (S-1-5-21-766115575-3831559217-2071392652-500 - Administrator - Disabled)
HomeGroupUser$ (S-1-5-21-766115575-3831559217-2071392652-1002 - Limited - Enabled)
Invité (S-1-5-21-766115575-3831559217-2071392652-501 - Limited - Disabled)

==================== Centre de sécurité ========================

(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé.)

AV: Norton Internet Security (Enabled - Up to date) {53C7D717-52E2-B95E-FA61-6F32ECC805DB}
AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Norton Internet Security (Enabled - Up to date) {E8A636F3-74D8-B6D0-C0D1-5440974F4F66}
FW: Norton Internet Security (Enabled) {6BFC5632-188D-B806-D13E-C607121B42A0}

==================== Programmes installés ======================

(Seuls les logiciels publicitaires ('adware') avec la marque 'caché' ('Hidden') sont susceptibles d'être ajoutés au fichier fixlist.txt pour qu'ils ne soient plus masqués. Les programmes publicitaires devront être désinstallés manuellement.)

Acer Arcade Deluxe (HKLM-x32\...\InstallShield_{2637C347-9DAD-11D6-9EA2-00055D0CA761}) (Version: 4.5.7828 - CyberLink Corp.)
Acer Arcade Deluxe (x32 Version: 4.5.7828 - CyberLink Corp.) Hidden
Acer Arcade Movie (x32 Version: 9.0.6629 - CyberLink Corp.) Hidden
Acer eRecovery Management (HKLM-x32\...\{7F811A54-5A09-4579-90E1-C93498E230D9}) (Version: 4.05.3013 - Acer Incorporated)
Acer GameZone Console (HKLM-x32\...\{58F4D244-314F-4D26-B5EF-C28AB32E22CB}_is1) (Version: 6.1.0.9 - Oberon Media, Inc.)
Acer Registration (HKLM-x32\...\Acer Registration) (Version: 1.03.3003 - Acer Incorporated)
Acer ScreenSaver (HKLM-x32\...\Acer Screensaver) (Version: 1.1.0825.2010 - Acer Incorporated)
Acer Updater (HKLM-x32\...\{EE171732-BEB4-4576-887D-CB62727F01CA}) (Version: 1.02.3001 - Acer Incorporated)
Acrobat.com (HKLM-x32\...\{287ECFA4-719A-2143-A09B-D6A12DE54E40}) (Version: 1.6.65 - Adobe Systems Incorporated)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 1.5.0.7220 - Adobe Systems Inc.)
Adobe Flash Player 18 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 18.0.0.232 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.13) (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AB0000000001}) (Version: 11.0.13 - Adobe Systems Incorporated)
Advertising Center (x32 Version: 0.0.0.2 - Nero AG) Hidden
Airport Mania First Flight (HKLM-x32\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-11505173}) (Version:  - Oberon Media)
Amazonia (HKLM-x32\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-11273477}) (Version:  - Oberon Media)
BCL easyConverter SDK 3 (Word Version) 64 (HKLM\...\{350CC85B-CA59-4F85-909D-8E4CDBF532FA}) (Version: 3.0.64 - BCL Technologies)
Bing Rewards Client Installer (x32 Version: 16.0.345.0 - Microsoft Corporation) Hidden
Cake Mania (HKLM-x32\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-111199750}) (Version:  - Oberon Media)
Dream Day First Home (HKLM-x32\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-113832110}) (Version:  - Oberon Media)
Dropbox (HKU\S-1-5-21-766115575-3831559217-2071392652-1000\...\Dropbox) (Version: 3.12.5 - Dropbox, Inc.)
eBay Worldwide (HKLM-x32\...\{E0B19DF7-B1C7-4937-82C4-0E4B1E346965}) (Version: 2.1.0901 - OEM)
eSobi v2 (HKLM-x32\...\InstallShield_{15D967B5-A4BE-42AE-9E84-64CD062B25AA}) (Version: 2.0.4.000274 - esobi Inc.)
eSobi v2 (x32 Version: 2.0.4.000274 - esobi Inc.) Hidden
Family Tree Maker 2012 (HKLM-x32\...\Family Tree Maker 2012) (Version: 21.0.388 - Ancestry.com, Inc.)
Family Tree Maker 2012 (x32 Version: 21.0.388 - Ancestry.com, Inc.) Hidden
Family Tree Maker 2012 Welcome Pack (HKLM-x32\...\{97A9524C-3499-41DF-8703-A428E53BD453}) (Version: 1.00 - Family Tree Maker 2012)
Family Tree Maker 2014 (HKLM-x32\...\Family Tree Maker 2014) (Version: 22.0.207 - Ancestry.com, Inc.)
Family Tree Maker 2014 (Version: 22.0.207 - Ancestry.com, Inc.) Hidden
Farm Frenzy 2 (HKLM-x32\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-11531173}) (Version:  - Oberon Media)
Galapago (HKLM-x32\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-111307457}) (Version:  - Oberon Media)
Garmin BaseCamp (HKLM-x32\...\{8114290E-D0F6-4CC8-BD3D-F40278CD01EA}) (Version: 4.3.1 - Garmin Ltd or its subsidiaries)
Garmin USB Drivers (HKLM-x32\...\{3D5D6CFC-3097-425A-8D8F-7EAF5D57641D}) (Version: 2.3.1.0 - Garmin Ltd or its subsidiaries)
Glance 2.9 (HKLM-x32\...\Glance_is1) (Version:  - Glance Networks, Inc.)
Google Chrome (HKU\S-1-5-21-766115575-3831559217-2071392652-1000\...\Google Chrome) (Version: 47.0.2526.80 - Google Inc.)
Google Earth (HKLM-x32\...\{4D2A6330-2F8B-11E3-9C40-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.29.1 - Google Inc.) Hidden
Heroes of Hellas (HKLM-x32\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-113786380}) (Version:  - Oberon Media)
Hotkey Utility (HKLM-x32\...\Hotkey Utility) (Version: 2.05.3009 - Acer Incorporated)
Identity Card (HKLM-x32\...\Identity Card) (Version: 1.00.3003 - Acer Incorporated)
ImagXpress (x32 Version: 7.0.74.0 - Nero AG) Hidden
Intel® Graphics Media Accelerator Driver (HKLM\...\HDMI) (Version:  - Intel Corporation)
Intel® Matrix Storage Manager (HKLM\...\{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}) (Version:  - Intel Corporation)
Java 8 Update 66 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218066F0}) (Version: 8.0.660.18 - Oracle Corporation)
Juniper Networks, Inc. Setup Client (HKU\S-1-5-21-766115575-3831559217-2071392652-1000\...\Juniper_Setup_Client) (Version: 7.1.7.18795 - Juniper Networks, Inc.)
Juniper Terminal Services Client (HKU\S-1-5-21-766115575-3831559217-2071392652-1000\...\Juniper_Term_Services) (Version: 7.1.7.20581 - Juniper Networks)
Malwarebytes Anti-Malware version 2.2.0.1024 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.0.1024 - Malwarebytes)
MediaShow Espresso (x32 Version: 5.5.1713_26701 - CyberLink Corp.) Hidden
Merriam Websters Spell Jam (HKLM-x32\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-112662477}) (Version:  - Oberon Media)
Microsoft .NET Framework 4.5.1 (Français) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1036) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft Office « Démarrer en un clic » 2010 (HKLM-x32\...\Office14.Click2Run) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office 2010 (HKLM-x32\...\{95140000-0070-0000-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office Professional Plus 2010 (HKLM-x32\...\Office14.PROPLUSR) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Office Starter 2010 - Français (HKLM-x32\...\{90140011-0066-040C-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.41105.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{A49F249F-0C91-497F-86DF-B2585E8E76B7}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6E8E85E8-CE4B-4FF5-91F7-04999C9FAE6A}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 (HKLM-x32\...\{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Module linguistique Microsoft Visual Studio 2010 Tools pour Office Runtime (x64) - FRA (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - FRA) (Version: 10.0.50903 - Microsoft Corporation)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MSXML 4.0 SP2 Parser and SDK (HKLM-x32\...\{716E0306-8318-4364-8B8F-0CC4E9376BAC}) (Version: 4.20.9818.0 - Microsoft Corporation)
MyWinLocker (x32 Version: 3.1.212.0 - Egis Technology Inc.) Hidden
MyWinLocker Suite (HKLM-x32\...\InstallShield_{738BF5C3-AF7B-4BB0-B7EF-E505EFC756BE}) (Version: 3.1.212.0 - Egis Technology Inc.)
MyWinLocker Suite (x32 Version: 3.1.212.0 - Egis Technology Inc.) Hidden
Nero 9 Essentials (HKLM-x32\...\{109c3c61-a763-470f-abde-0d4a4f2c95d0}) (Version:  - Nero AG)
Norton Internet Security (HKLM-x32\...\NIS) (Version: 22.5.5.15 - Symantec Corporation)
Norton Online Backup (HKLM-x32\...\{652C1CDF-C61D-4525-9348-8C272CC2DB24}) (Version: 2.10.1.3 - Symantec Corporation)
OLYMPUS Digital Camera Updater (HKLM-x32\...\{2A9E8F56-C31B-4DBB-BFE2-0F4EC8192355}) (Version: 1.0.3 - OLYMPUS IMAGING CORP.)
Olympus ib (HKLM-x32\...\InstallShield_{89A43E80-AC6C-4DA8-9800-F4B30ED577C0}) (Version: 1.6.3731 - OLYMPUS IMAGING CORP.)
Olympus ib (x32 Version: 1.6.3731 - OLYMPUS IMAGING CORP.) Hidden
OLYMPUS Viewer 2 (HKLM-x32\...\{AEE39224-92BE-4389-9493-E57FF73BB96A}) (Version: 1.3.1 - OLYMPUS IMAGING CORP.)
Package de pilotes Windows - OLYMPUS IMAGING CORP. Camera Communication Driver Package (09/09/2009 1.0.0.0) (HKLM\...\2C1C2F29FADF39F533CEEE67B90F07A5306A4BDB) (Version: 09/09/2009 1.0.0.0 - OLYMPUS IMAGING CORP.)
ParetoLogic Privacy Controls (HKLM-x32\...\{29ACDA07-0CAD-4751-B3A4-3E03C5F74673}) (Version: 3.2.0.0 - ParetoLogic, Inc.)
Personal Ancestral File 5 (HKLM-x32\...\{D94A8E22-DF2B-4107-9E51-608A60A7671D}) (Version:  - )
PlayCatan Access Software (HKLM-x32\...\PlayCatan Client) (Version: 3.1200 - Catan GmbH)
Poker Pop (HKLM-x32\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-111355427}) (Version:  - Oberon Media)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7246 - Realtek Semiconductor Corp.)
RegCure Pro (HKLM-x32\...\{C547F361-5750-4CD1-9FB6-BC93827CB6C1}) (Version: 3.2.15.0 - ParetoLogic, Inc.) <==== ATTENTION
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version:  - Microsoft)
Shredder (Version: 2.0.8.3 - Egis Technology Inc.) Hidden
Shredder (x32 Version: 2.0.8.3 - Egis Technology Inc.) Hidden
Spin & Win (HKLM-x32\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-110300453}) (Version:  - Oberon Media)
Welcome Center (HKLM-x32\...\Acer Welcome Center) (Version: 1.02.3004 - Acer Incorporated)
Windows Driver Package - Garmin (grmnusb) GARMIN Devices  (04/19/2012 2.3.1.0) (HKLM\...\98157A226B40B173301B0F53C8E98C47805D5152) (Version: 04/19/2012 2.3.1.0 - Garmin)
Windows Media Encoder 9 Series (HKLM-x32\...\Windows Media Encoder 9) (Version:  - )

==================== Personnalisé CLSID (Avec liste blanche): ==========================

(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)

CustomCLSID: HKU\S-1-5-21-766115575-3831559217-2071392652-1000_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\226\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-766115575-3831559217-2071392652-1000_Classes\CLSID\{0F22A205-CFB0-4679-8499-A6F44A80A208}\InprocServer32 -> C:\Users\226\AppData\Local\Google\Update\1.3.25.5\psuser_64.dll => Pas de fichier
CustomCLSID: HKU\S-1-5-21-766115575-3831559217-2071392652-1000_Classes\CLSID\{1423F872-3F7F-4E57-B621-8B1A9D49B448}\InprocServer32 -> C:\Users\226\AppData\Local\Google\Update\1.3.27.5\psuser_64.dll => Pas de fichier
CustomCLSID: HKU\S-1-5-21-766115575-3831559217-2071392652-1000_Classes\CLSID\{5C8C2A98-6133-4EBA-BBCC-34D9EA01FC2E}\InprocServer32 -> C:\Users\226\AppData\Local\Google\Update\1.3.28.1\psuser_64.dll => Pas de fichier
CustomCLSID: HKU\S-1-5-21-766115575-3831559217-2071392652-1000_Classes\CLSID\{78550997-5DEF-4A8A-BAF9-D5774E87AC98}\InprocServer32 -> C:\Users\226\AppData\Local\Google\Update\1.3.28.13\psuser_64.dll => Pas de fichier
CustomCLSID: HKU\S-1-5-21-766115575-3831559217-2071392652-1000_Classes\CLSID\{90B3DFBF-AF6A-4EA0-8899-F332194690F8}\InprocServer32 -> C:\Users\226\AppData\Local\Google\Update\1.3.24.15\psuser_64.dll => Pas de fichier
CustomCLSID: HKU\S-1-5-21-766115575-3831559217-2071392652-1000_Classes\CLSID\{C3BC25C0-FCD3-4F01-AFDD-41373F017C9A}\InprocServer32 -> C:\Users\226\AppData\Local\Google\Update\1.3.26.9\psuser_64.dll => Pas de fichier
CustomCLSID: HKU\S-1-5-21-766115575-3831559217-2071392652-1000_Classes\CLSID\{CC182BE1-84CE-4A57-B85C-FD4BBDF78CB2}\InprocServer32 -> C:\Users\226\AppData\Local\Google\Update\1.3.29.1\psuser_64.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-766115575-3831559217-2071392652-1000_Classes\CLSID\{D0336C0B-7919-4C04-8CCE-2EBAE2ECE8C9}\InprocServer32 -> C:\Users\226\AppData\Local\Google\Update\1.3.25.11\psuser_64.dll => Pas de fichier
CustomCLSID: HKU\S-1-5-21-766115575-3831559217-2071392652-1000_Classes\CLSID\{D1EDC4F5-7F4D-4B12-906A-614ECF66DDAF}\InprocServer32 -> C:\Users\226\AppData\Local\Google\Update\1.3.28.15\psuser_64.dll => Pas de fichier
CustomCLSID: HKU\S-1-5-21-766115575-3831559217-2071392652-1000_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Users\226\AppData\Local\Google\Update\1.3.29.1\psuser_64.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-766115575-3831559217-2071392652-1000_Classes\CLSID\{ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C}\InprocServer32 -> C:\Users\226\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-766115575-3831559217-2071392652-1000_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\226\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-766115575-3831559217-2071392652-1000_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\226\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-766115575-3831559217-2071392652-1000_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\226\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-766115575-3831559217-2071392652-1000_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\226\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-766115575-3831559217-2071392652-1000_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\226\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-766115575-3831559217-2071392652-1000_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\226\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-766115575-3831559217-2071392652-1000_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\226\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-766115575-3831559217-2071392652-1000_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\226\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-766115575-3831559217-2071392652-1000_Classes\CLSID\{FBC9D74C-AF55-4309-9FB2-C426E071637F}\InprocServer32 -> C:\Users\226\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll (Dropbox, Inc.)

==================== Points de restauration =========================

29-10-2015 11:45:22 Opération de restauration
11-11-2015 11:30:46 Windows Update
12-11-2015 17:22:52 Windows Update
09-12-2015 14:22:49 Windows Update
10-12-2015 17:23:37 Windows Update

==================== Hosts contenu: ===============================

(Si nécessaire, la commande Hosts: peut être incluse dans le fichier fixlist.txt afin de réinitialiser le fichier hosts.)

2009-07-14 03:34 - 2009-06-10 22:00 - 00000824 ____N C:\Windows\system32\Drivers\etc\hosts

==================== Tâches planifiées (Avec liste blanche) =============

(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)

Task: {037059F5-5C1B-48BC-B726-D51BFF89CB59} - System32\Tasks\{86092AD2-8E55-421B-9C81-B053B19DBA81} => pcalua.exe -a "C:\Users\226\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\B7SC6N2X\MFInstall[1].exe" -d C:\Users\226\Desktop
Task: {0E586F94-508A-44B2-8ACC-DC6E16B2A65D} - System32\Tasks\ParetoLogic Update Version3 => c:\program files (x86)\common files\paretologic\uus3\Pareto_Update3.exe [2013-09-11] ()
Task: {113B33F1-31A8-42BE-8A40-FE85B0CDC4F0} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-766115575-3831559217-2071392652-1000Core => C:\Users\226\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2015-06-16] (Dropbox, Inc.)
Task: {2F4E6A34-2F60-4418-A262-9D6B3A666F49} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-10-28] (Adobe Systems Incorporated)
Task: {309C0B20-88EA-410A-BF10-9A1B3A113968} - System32\Tasks\Norton WSC Integration => C:\Program Files (x86)\Norton Internet Security\Engine\22.5.5.15\WSCStub.exe [2015-11-23] (Symantec Corporation)
Task: {328698B4-75DD-4616-B72F-99DCF226A53C} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-31] (Google Inc.)
Task: {45924BD8-A3F2-4816-94F4-6CE6CC488580} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-31] (Google Inc.)
Task: {539DE53E-8B6B-41F6-9005-04A30B97935A} - System32\Tasks\Remediation\AntimalwareMigrationTask => C:\Program Files\Common Files\AV\Norton Internet Security\Upgrade.exe [2015-11-23] (Symantec Corporation)
Task: {6EB0CDF4-6F8B-437B-9B65-9BE5DBBFCCF4} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-766115575-3831559217-2071392652-1000UA => C:\Users\226\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2015-06-16] (Dropbox, Inc.)
Task: {75577552-78BA-4DF9-AFE2-47A58BA30CAE} - System32\Tasks\RegCure Pro_sch_09D91A92-E74B-11E4-81F0-00262D497BCA => C:\Program Files (x86)\ParetoLogic\RegCure Pro\RegCurePro.exe <==== ATTENTION
Task: {88C6EFF1-1BC4-47B5-A0D6-2CEE4D51A916} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-766115575-3831559217-2071392652-1000Core => C:\Users\226\AppData\Local\Google\Update\GoogleUpdate.exe [2015-08-30] (Google Inc.)
Task: {A4F829D1-A859-4F5F-A11B-DD3A66D3D3AB} - System32\Tasks\Norton Internet Security\Norton Error Processor => C:\Program Files (x86)\Norton Internet Security\Engine\22.5.5.15\SymErr.exe [2015-11-05] (Symantec Corporation)
Task: {BC084097-22D2-4590-9B0F-43E20AD011DC} - System32\Tasks\Norton Internet Security\Norton Error Analyzer => C:\Program Files (x86)\Norton Internet Security\Engine\22.5.5.15\SymErr.exe [2015-11-05] (Symantec Corporation)
Task: {BCE6B299-F051-4F52-A40C-B051793365B2} - System32\Tasks\Privacy Controls_{93584F5C-29FC-11E4-9BDA-00262D497BCA} => C:\Program Files (x86)\ParetoLogic\Privacy Controls\Pareto_PC.exe
Task: {ED6E14BB-0EB2-4235-BAD0-D9650AE6AF6A} - System32\Tasks\ParetoLogic Update Version3 Startup Task => C:\Program Files (x86)\Common Files\ParetoLogic\UUS3\Pareto_Update3.exe [2013-09-11] ()
Task: {F6597E44-10C3-4874-AE1D-1641E11F90ED} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-766115575-3831559217-2071392652-1000UA => C:\Users\226\AppData\Local\Google\Update\GoogleUpdate.exe [2015-08-30] (Google Inc.)
Task: {F8DE2B09-64EC-479B-B48E-EA1486CF17F7} - System32\Tasks\ParetoLogic Registration3 => Rundll32.exe "C:\Program Files (x86)\Common Files\ParetoLogic\UUS3\UUS3.dll" RunUns

(Si un élément est inclus dans le fichier fixlist.txt, le fichier tâche (.job) sera déplacé. Le fichier exécuté par la tâche ne sera pas déplacé.)

Task: C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-766115575-3831559217-2071392652-1000Core.job => C:\Users\226\AppData\Local\Dropbox\Update\DropboxUpdate.exe
Task: C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-766115575-3831559217-2071392652-1000UA.job => C:\Users\226\AppData\Local\Dropbox\Update\DropboxUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-766115575-3831559217-2071392652-1000Core.job => C:\Users\226\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-766115575-3831559217-2071392652-1000UA.job => C:\Users\226\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\ParetoLogic Registration3.job => C:\Windows\system32\rundll32.exeGC:\Program Files (x86)\Common Files\ParetoLogic\UUS3\UUS3.dll
Task: C:\Windows\Tasks\ParetoLogic Update Version3 Startup Task.job => C:\Program Files (x86)\Common Files\ParetoLogic\UUS3\Pareto_Update3.exe
Task: C:\Windows\Tasks\ParetoLogic Update Version3.job => c:\program files (x86)\common files\paretologic\uus3\Pareto_Update3.exe
Task: C:\Windows\Tasks\Privacy Controls_{93584F5C-29FC-11E4-9BDA-00262D497BCA}.job => C:\Program Files (x86)\ParetoLogic\Privacy Controls\Pareto_PC.exe
Task: C:\Windows\Tasks\RegCure Pro_sch_09D91A92-E74B-11E4-81F0-00262D497BCA.job => C:\Program Files (x86)\ParetoLogic\RegCure Pro\RegCurePro.exe <==== ATTENTION

==================== Raccourcis =============================

(Les éléments sont susceptibles d'être inscrits dans le fichier fixlist.txt afin d'être supprimés ou restaurés.)

==================== Modules chargés (Avec liste blanche) ==============

2007-10-11 05:51 - 2010-05-13 06:23 - 00244904 ____N () C:\Program Files (x86)\Cyberlink\Shared files\RichVideo.exe
2013-09-05 00:17 - 2013-09-05 00:17 - 04300456 _____ () C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Cultures\OFFICE.ODF
2010-10-20 15:23 - 2010-10-20 15:23 - 08801632 _____ () C:\Program Files\Microsoft Office\Office14\1033\GrooveIntlResource.dll
2010-08-04 13:40 - 2010-08-04 13:40 - 00611872 _____ () C:\Program Files (x86)\Acer\Hotkey Utility\HotkeyUtility.exe
2015-12-11 12:45 - 2015-10-31 01:59 - 00034768 _____ () C:\Users\226\AppData\Roaming\Dropbox\bin\_multiprocessing.pyd
2015-12-11 12:45 - 2015-10-31 02:00 - 00019408 _____ () C:\Users\226\AppData\Roaming\Dropbox\bin\faulthandler.pyd
2015-12-11 12:45 - 2015-12-08 22:36 - 00022848 _____ () C:\Users\226\AppData\Roaming\Dropbox\bin\Crypto.Random.OSRNG.winrandom.pyd
2015-12-11 12:45 - 2015-12-08 22:36 - 00023352 _____ () C:\Users\226\AppData\Roaming\Dropbox\bin\Crypto.Util._counter.pyd
2015-12-11 12:45 - 2015-12-08 22:36 - 00042296 _____ () C:\Users\226\AppData\Roaming\Dropbox\bin\Crypto.Cipher._AES.pyd
2015-12-11 12:45 - 2015-10-31 01:59 - 00116688 _____ () C:\Users\226\AppData\Roaming\Dropbox\bin\pywintypes27.dll
2015-12-11 12:45 - 2015-10-31 01:59 - 00093640 _____ () C:\Users\226\AppData\Roaming\Dropbox\bin\_ctypes.pyd
2015-12-11 12:45 - 2015-10-31 01:59 - 00018376 _____ () C:\Users\226\AppData\Roaming\Dropbox\bin\select.pyd
2015-12-11 12:45 - 2015-12-08 22:36 - 00019760 _____ () C:\Users\226\AppData\Roaming\Dropbox\bin\tornado.speedups.pyd
2015-12-11 12:45 - 2015-10-31 02:00 - 00105928 _____ () C:\Users\226\AppData\Roaming\Dropbox\bin\win32api.pyd
2015-12-11 12:45 - 2015-10-31 01:59 - 00392144 _____ () C:\Users\226\AppData\Roaming\Dropbox\bin\pythoncom27.dll
2015-12-11 12:45 - 2015-12-08 22:36 - 00381752 _____ () C:\Users\226\AppData\Roaming\Dropbox\bin\win32com.shell.shell.pyd
2015-12-11 12:45 - 2015-10-31 01:59 - 00692688 _____ () C:\Users\226\AppData\Roaming\Dropbox\bin\unicodedata.pyd
2015-12-11 12:45 - 2015-12-08 22:36 - 00020816 _____ () C:\Users\226\AppData\Roaming\Dropbox\bin\cryptography.hazmat.bindings._constant_time.pyd
2015-12-11 12:45 - 2015-10-31 02:00 - 00109520 _____ () C:\Users\226\AppData\Roaming\Dropbox\bin\_cffi_backend.pyd
2015-12-11 12:45 - 2015-12-08 22:36 - 01737032 _____ () C:\Users\226\AppData\Roaming\Dropbox\bin\cryptography.hazmat.bindings._openssl.pyd
2015-12-11 12:45 - 2015-12-08 22:36 - 00020808 _____ () C:\Users\226\AppData\Roaming\Dropbox\bin\cryptography.hazmat.bindings._padding.pyd
2015-12-11 12:45 - 2015-12-08 22:36 - 00020800 _____ () C:\Users\226\AppData\Roaming\Dropbox\bin\_cffi_python_x66cf7a7cx17a72769.pyd
2015-12-11 12:45 - 2015-12-08 22:36 - 00021840 _____ () C:\Users\226\AppData\Roaming\Dropbox\bin\_cffi_unicode_environ_win32_x8bf8e68bx9968e850.pyd
2015-12-11 12:45 - 2015-12-08 22:36 - 00038696 _____ () C:\Users\226\AppData\Roaming\Dropbox\bin\fastpath.pyd
2015-12-11 12:45 - 2015-10-31 02:00 - 00024528 _____ () C:\Users\226\AppData\Roaming\Dropbox\bin\win32event.pyd
2015-12-11 12:45 - 2015-10-31 02:00 - 00020936 _____ () C:\Users\226\AppData\Roaming\Dropbox\bin\mmapfile.pyd
2015-12-11 12:45 - 2015-10-31 02:00 - 00114640 _____ () C:\Users\226\AppData\Roaming\Dropbox\bin\win32security.pyd
2015-12-11 12:45 - 2015-12-08 22:36 - 00021320 _____ () C:\Users\226\AppData\Roaming\Dropbox\bin\_cffi_pywin_kernel32_xde9e4433x360333f0.pyd
2015-12-11 12:45 - 2015-10-31 02:00 - 00124880 _____ () C:\Users\226\AppData\Roaming\Dropbox\bin\win32file.pyd
2015-12-11 12:45 - 2015-10-31 02:00 - 00030160 _____ () C:\Users\226\AppData\Roaming\Dropbox\bin\win32pipe.pyd
2015-12-11 12:45 - 2015-10-31 02:00 - 00043472 _____ () C:\Users\226\AppData\Roaming\Dropbox\bin\win32process.pyd
2015-12-11 12:45 - 2015-10-31 02:00 - 00175560 _____ () C:\Users\226\AppData\Roaming\Dropbox\bin\win32gui.pyd
2015-12-11 12:45 - 2015-10-31 02:00 - 00028616 _____ () C:\Users\226\AppData\Roaming\Dropbox\bin\win32ts.pyd
2015-12-11 12:45 - 2015-10-31 02:00 - 00024016 _____ () C:\Users\226\AppData\Roaming\Dropbox\bin\win32clipboard.pyd
2015-12-11 12:45 - 2015-10-31 02:00 - 00048592 _____ () C:\Users\226\AppData\Roaming\Dropbox\bin\win32service.pyd
2015-12-11 12:45 - 2015-12-08 22:36 - 00024392 _____ () C:\Users\226\AppData\Roaming\Dropbox\bin\librsyncffi.compiled._librsyncffi.pyd
2015-12-11 12:45 - 2015-10-31 02:00 - 00036296 _____ () C:\Users\226\AppData\Roaming\Dropbox\bin\librsync.dll
2015-12-11 12:45 - 2015-10-31 02:00 - 00024016 _____ () C:\Users\226\AppData\Roaming\Dropbox\bin\win32profile.pyd
2015-12-11 12:45 - 2015-12-08 22:36 - 00117056 _____ () C:\Users\226\AppData\Roaming\Dropbox\bin\breakpad.client.windows.handler.pyd
2015-12-11 12:45 - 2015-12-08 22:36 - 00023376 _____ () C:\Users\226\AppData\Roaming\Dropbox\bin\winscreenshot.compiled._CaptureScreenshot.pyd
2015-12-11 12:45 - 2015-10-31 01:59 - 00134608 _____ () C:\Users\226\AppData\Roaming\Dropbox\bin\_elementtree.pyd
2015-12-11 12:45 - 2015-10-31 01:59 - 00134088 _____ () C:\Users\226\AppData\Roaming\Dropbox\bin\pyexpat.pyd
2015-12-11 12:45 - 2015-10-31 02:00 - 00240584 _____ () C:\Users\226\AppData\Roaming\Dropbox\bin\jpegtran.pyd
2015-12-11 12:45 - 2015-12-08 22:36 - 00020280 _____ () C:\Users\226\AppData\Roaming\Dropbox\bin\cpuid.compiled._cpuid.pyd
2015-12-11 12:45 - 2015-12-08 22:36 - 00052024 _____ () C:\Users\226\AppData\Roaming\Dropbox\bin\psutil._psutil_windows.pyd
2015-12-11 12:45 - 2015-12-08 22:36 - 00021304 _____ () C:\Users\226\AppData\Roaming\Dropbox\bin\Crypto.Util.strxor.pyd
2015-12-11 12:45 - 2015-10-31 02:00 - 00350152 _____ () C:\Users\226\AppData\Roaming\Dropbox\bin\winxpgui.pyd
2015-12-11 12:45 - 2015-12-08 22:36 - 00084792 _____ () C:\Users\226\AppData\Roaming\Dropbox\bin\dropbox_sqlite_ext.DLL
2015-12-11 12:45 - 2015-12-08 22:36 - 01826608 _____ () C:\Users\226\AppData\Roaming\Dropbox\bin\PyQt5.QtCore.pyd
2015-12-11 12:45 - 2015-10-31 02:00 - 00083912 _____ () C:\Users\226\AppData\Roaming\Dropbox\bin\sip.pyd
2015-12-11 12:45 - 2015-12-08 22:36 - 03891504 _____ () C:\Users\226\AppData\Roaming\Dropbox\bin\PyQt5.QtWidgets.pyd
2015-12-11 12:45 - 2015-12-08 22:36 - 01950000 _____ () C:\Users\226\AppData\Roaming\Dropbox\bin\PyQt5.QtGui.pyd
2015-12-11 12:45 - 2015-12-08 22:36 - 00519984 _____ () C:\Users\226\AppData\Roaming\Dropbox\bin\PyQt5.QtNetwork.pyd
2015-12-11 12:45 - 2015-12-08 22:36 - 00133936 _____ () C:\Users\226\AppData\Roaming\Dropbox\bin\PyQt5.QtWebKit.pyd
2015-12-11 12:45 - 2015-12-08 22:36 - 00225080 _____ () C:\Users\226\AppData\Roaming\Dropbox\bin\PyQt5.QtWebKitWidgets.pyd
2015-12-11 12:45 - 2015-12-08 22:36 - 00207672 _____ () C:\Users\226\AppData\Roaming\Dropbox\bin\PyQt5.QtPrintSupport.pyd
2015-12-11 12:45 - 2015-12-08 22:36 - 00024904 _____ () C:\Users\226\AppData\Roaming\Dropbox\bin\_cffi_wpad_proxy_win_x752e3d61xdcfdcc84.pyd
2015-12-11 12:45 - 2015-12-08 22:36 - 00486704 _____ () C:\Users\226\AppData\Roaming\Dropbox\bin\PyQt5.QtQuick.pyd
2015-12-11 12:45 - 2015-12-08 22:36 - 00357680 _____ () C:\Users\226\AppData\Roaming\Dropbox\bin\PyQt5.QtQml.pyd
2015-03-04 22:45 - 2015-10-31 02:01 - 00019920 _____ () C:\Users\226\AppData\Roaming\Dropbox\bin\QtQuick.2\qtquick2plugin.dll
2015-03-04 22:45 - 2015-10-31 02:00 - 00786904 _____ () C:\Users\226\AppData\Roaming\Dropbox\bin\QtQuick\Controls\qtquickcontrolsplugin.dll
2015-07-31 09:43 - 2015-10-31 02:00 - 00063448 _____ () C:\Users\226\AppData\Roaming\Dropbox\bin\QtQuick\Layouts\qquicklayoutsplugin.dll
2015-03-04 22:45 - 2015-10-31 02:00 - 00019408 _____ () C:\Users\226\AppData\Roaming\Dropbox\bin\QtQuick\Window.2\windowplugin.dll
2010-08-04 10:47 - 2010-08-04 10:47 - 00144896 _____ () C:\Program Files (x86)\Acer\Hotkey Utility\HotkeyHook.dll
2013-09-05 00:14 - 2013-09-05 00:14 - 04300456 _____ () C:\Program Files (x86)\Common Files\Microsoft Shared\office14\Cultures\office.odf
2015-11-11 02:42 - 2015-11-11 02:42 - 01045672 _____ () C:\Program Files (x86)\Microsoft Office\Office14\ADDINS\UmOutlookAddin.dll

==================== Alternate Data Streams (Avec liste blanche) =========

(Si un élément est inclus dans le fichier fixlist.txt, seul le flux de données additionnel (ADS - Alternate Data Stream) sera supprimé.)

AlternateDataStreams: C:\Users\226\Documents\FHDocs:com.dropbox.attributes
AlternateDataStreams: C:\Users\226\Documents\St Joseph's. Bangalore:com.dropbox.attributes

==================== Mode sans échec (Avec liste blanche) ===================

(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le "AlternateShell" sera restauré.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\McMPFSvc => ""="Service"

==================== EXE Association (Avec liste blanche) ===============

(Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé.)

==================== Internet Explorer sites de confiance/sensibles ===============

(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre.)

==================== Autres zones ============================

(Actuellement, il n'y a pas de correction automatique pour cette section.)

HKU\S-1-5-21-766115575-3831559217-2071392652-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\226\AppData\Roaming\Microsoft\Internet Explorer\Internet Explorer Wallpaper.bmp
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Le Pare-feu est activé.

==================== MSCONFIG/TASK MANAGER éléments désactivés ==

(Actuellement, il n'y a pas de correction automatique pour cette section.)

==================== RèglesPare-feu (Avec liste blanche) ===============

(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)

FirewallRules: [{62E1F38F-9A59-4D62-8FE1-067E49171444}] => (Allow) C:\Program Files\Common Files\mcafee\mcsvchost\McSvHost.exe
FirewallRules: [{BDE83D4D-A455-49FE-B012-95B1E6C745D0}] => (Allow) C:\Program Files\Common Files\mcafee\mcsvchost\McSvHost.exe
FirewallRules: [{770B1E1A-9D82-4482-97FB-789F7B841727}] => (Allow) C:\Program Files (x86)\Acer Arcade Deluxe\Acer Arcade Deluxe\Acer Arcade Deluxe.exe
FirewallRules: [{63CEFA69-0BE8-4C64-B547-757E234BCAD3}] => (Allow) C:\Program Files (x86)\Acer Arcade Deluxe\Acer Arcade Deluxe\ArcadeDeluxeAgent.exe
FirewallRules: [{221EB807-9DAD-4A14-B6BC-48816F41AF99}] => (Allow) C:\Program Files (x86)\Acer Arcade Deluxe\Acer Arcade Deluxe\CLMLSvc.exe
FirewallRules: [{0F21FF16-D85F-449F-82CB-6931FA25A851}] => (Allow) C:\Program Files (x86)\Acer Arcade Deluxe\HomeMedia\HomeMedia.exe
FirewallRules: [{5454074D-243A-40C7-A0FF-AC6CA2F88AFA}] => (Allow) C:\Program Files (x86)\Acer Arcade Deluxe\Arcade Movie\TouchMovie.exe
FirewallRules: [{9D835F93-3EB8-4D7E-A477-59CDF15FAC57}] => (Allow) C:\Program Files (x86)\Acer Arcade Deluxe\Arcade Movie\TouchMovieService.exe
FirewallRules: [TCP Query User{AAC5492C-9F56-4836-A9C4-909898CF44A4}C:\program files (x86)\symantec\norton online backup\nobuclient.exe] => (Allow) C:\program files (x86)\symantec\norton online backup\nobuclient.exe
FirewallRules: [UDP Query User{DB97B539-1397-4ABD-95E2-A9A88FDE80B8}C:\program files (x86)\symantec\norton online backup\nobuclient.exe] => (Allow) C:\program files (x86)\symantec\norton online backup\nobuclient.exe
FirewallRules: [TCP Query User{DDD05635-3A57-4DF9-BB3C-997AAB640159}C:\program files (x86)\symantec\norton online backup\nobuclient.exe] => (Block) C:\program files (x86)\symantec\norton online backup\nobuclient.exe
FirewallRules: [UDP Query User{FF3CF2E0-FF69-400E-A92B-5150EA75F588}C:\program files (x86)\symantec\norton online backup\nobuclient.exe] => (Block) C:\program files (x86)\symantec\norton online backup\nobuclient.exe
FirewallRules: [{6BBDABCA-6D64-4414-A21D-C7372121B8F7}] => (Allow) C:\Users\226\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [{B23D0932-ACD1-43F4-8019-ADE7FEABC69C}] => (Allow) C:\Users\226\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [TCP Query User{E1835C4A-1E1D-49FD-810B-0E23BA4EB9AB}C:\users\226\appdata\roaming\dropbox\bin\dropbox.exe] => (Block) C:\users\226\appdata\roaming\dropbox\bin\dropbox.exe
FirewallRules: [UDP Query User{7C790CB5-6386-44E6-AC89-8401996CBDDD}C:\users\226\appdata\roaming\dropbox\bin\dropbox.exe] => (Block) C:\users\226\appdata\roaming\dropbox\bin\dropbox.exe

==================== Éléments en erreur du Gestionnaire de périphériques =============

Name: Souris Microsoft PS/2
Description: Souris Microsoft PS/2
Class Guid: {4d36e96f-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: i8042prt
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.

==================== Erreurs du Journal des événements: =========================

Erreurs Application:
==================
Error: (12/16/2015 02:12:35 PM) (Source: CVHSVC) (EventID: 100) (User: )
Description: Pour information uniquement.
(Patch task for {90140011-0066-040C-0000-0000000FF1CE}): DownloadLatest Failed:

Error: (12/16/2015 02:06:24 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nom de l’application défaillante NIS.exe, version : 13.0.2.6, horodatage : 0x55772924
Nom du module défaillant : ntdll.dll, version : 6.1.7601.19045, horodatage : 0x56258e62
Code d’exception : 0xc0000005
Décalage d’erreur : 0x0002dfd4
ID du processus défaillant : 0x6e4
Heure de début de l’application défaillante : 0xNIS.exe0
Chemin d’accès de l’application défaillante : NIS.exe1
Chemin d’accès du module défaillant: NIS.exe2
ID de rapport : NIS.exe3

Error: (12/16/2015 09:12:21 AM) (Source: CVHSVC) (EventID: 100) (User: )
Description: Pour information uniquement.
(Patch task for {90140011-0066-040C-0000-0000000FF1CE}): DownloadLatest Failed:

Error: (12/15/2015 11:16:09 AM) (Source: CVHSVC) (EventID: 100) (User: )
Description: Pour information uniquement.
(Patch task for {90140011-0066-040C-0000-0000000FF1CE}): DownloadLatest Failed:

Error: (12/15/2015 11:08:15 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nom de l’application défaillante SearchIndexer.exe, version : 7.0.7601.17610, horodatage : 0x4dc0d019
Nom du module défaillant : MSSRCH.DLL, version : 7.0.7601.17610, horodatage : 0x4dc0e0c8
Code d’exception : 0xc0000005
Décalage d’erreur : 0x000000000007091b
ID du processus défaillant : 0xb74
Heure de début de l’application défaillante : 0xSearchIndexer.exe0
Chemin d’accès de l’application défaillante : SearchIndexer.exe1
Chemin d’accès du module défaillant: SearchIndexer.exe2
ID de rapport : SearchIndexer.exe3

Error: (12/15/2015 10:00:40 AM) (Source: CVHSVC) (EventID: 100) (User: )
Description: Pour information uniquement.
(Patch task for {90140011-0066-040C-0000-0000000FF1CE}): DownloadLatest Failed:

Error: (12/14/2015 03:37:14 PM) (Source: CVHSVC) (EventID: 100) (User: )
Description: Pour information uniquement.
(Patch task for {90140011-0066-040C-0000-0000000FF1CE}): DownloadLatest Failed:

Error: (12/14/2015 12:14:37 PM) (Source: CVHSVC) (EventID: 100) (User: )
Description: Pour information uniquement.
(Patch task for {90140011-0066-040C-0000-0000000FF1CE}): DownloadLatest Failed:

Error: (12/13/2015 02:34:18 PM) (Source: CVHSVC) (EventID: 100) (User: )
Description: Pour information uniquement.
(Patch task for {90140011-0066-040C-0000-0000000FF1CE}): DownloadLatest Failed:

Error: (12/13/2015 12:41:39 PM) (Source: CVHSVC) (EventID: 100) (User: )
Description: Pour information uniquement.
(Patch task for {90140011-0066-040C-0000-0000000FF1CE}): DownloadLatest Failed:

Erreurs système:
=============
Error: (12/16/2015 02:06:45 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Le service Norton Internet Security s’est terminé de manière inattendue. Ceci s’est produit 1 fois. L’action corrective suivante va être effectuée dans 120000 millisecondes : Redémarrer le service.

Error: (12/16/2015 12:35:02 PM) (Source: Schannel) (EventID: 4120) (User: AUTORITE NT)
Description: L’alerte fatale suivante a été générée : 40. L’état d’erreur interne est 252.

Error: (12/16/2015 12:35:02 PM) (Source: Schannel) (EventID: 4120) (User: AUTORITE NT)
Description: L’alerte fatale suivante a été générée : 40. L’état d’erreur interne est 252.

Error: (12/16/2015 12:35:02 PM) (Source: Schannel) (EventID: 4120) (User: AUTORITE NT)
Description: L’alerte fatale suivante a été générée : 40. L’état d’erreur interne est 252.

Error: (12/16/2015 12:35:02 PM) (Source: Schannel) (EventID: 4120) (User: AUTORITE NT)
Description: L’alerte fatale suivante a été générée : 40. L’état d’erreur interne est 252.

Error: (12/16/2015 12:35:01 PM) (Source: Schannel) (EventID: 4120) (User: AUTORITE NT)
Description: L’alerte fatale suivante a été générée : 40. L’état d’erreur interne est 252.

Error: (12/16/2015 12:35:01 PM) (Source: Schannel) (EventID: 4120) (User: AUTORITE NT)
Description: L’alerte fatale suivante a été générée : 40. L’état d’erreur interne est 252.

Error: (12/16/2015 12:32:10 PM) (Source: Schannel) (EventID: 4120) (User: AUTORITE NT)
Description: L’alerte fatale suivante a été générée : 40. L’état d’erreur interne est 252.

Error: (12/16/2015 12:32:10 PM) (Source: Schannel) (EventID: 4120) (User: AUTORITE NT)
Description: L’alerte fatale suivante a été générée : 40. L’état d’erreur interne est 252.

Error: (12/16/2015 12:32:09 PM) (Source: Schannel) (EventID: 4120) (User: AUTORITE NT)
Description: L’alerte fatale suivante a été générée : 40. L’état d’erreur interne est 252.

==================== Infos Mémoire ===========================

Processeur: Pentium® Dual-Core CPU E5700 @ 3.00GHz
Pourcentage de mémoire utilisée: 38%
Mémoire physique - RAM - totale: 4061.18 MB
Mémoire physique - RAM - disponible: 2492.63 MB
Mémoire virtuelle totale: 8120.56 MB
Mémoire virtuelle disponible: 5756.99 MB

==================== Lecteurs ================================

Drive c: (Acer) (Fixed) (Total:455.94 GB) (Free:369.36 GB) NTFS
Drive d: (Data) (Fixed) (Total:455.94 GB) (Free:455.84 GB) NTFS

==================== MBR & Table des partitions ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: C6526DA5)
Partition 1: (Not Active) - (Size=19.5 GB) - (Type=27)
Partition 2: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=455.9 GB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=455.9 GB) - (Type=07 NTFS)

==================== Fin de Addition.txt ============================

 

 


  • 0

Advertisements

Back to Virus, Spyware, Malware Removal · Next Unread Topic →




Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

  1. Geeks to Go Community
  2. Security
  3. Virus, Spyware, Malware Removal

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP