cjoint

Publicité


Publicité

Format du document : text/plain

Prévisualisation

Résultats d'analyse de Farbar Recovery Scan Tool (FRST) (x64) Version:26-08-2015
Exécuté par LWolff (administrateur) sur LORINE (27-08-2015 20:31:06)
Exécuté depuis C:\Users\LWolff\Downloads
Profils chargés: LWolff (Profils disponibles: LWolff)
Platform: Windows 8.1 (X64) Langue: Français (France)
Internet Explorer Version 11 (Navigateur par défaut: FF)
Mode d'amorçage: Normal
Tutoriel pour Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processus (Avec liste blanche) =================

(Si un élément est inclus dans le fichier fixlist.txt, le processus sera arrêté. Le fichier ne sera pas déplacé.)

(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Qualcomm Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\AdminService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Samsung Electronics CO., LTD.) C:\Program Files (x86)\Samsung\Settings\CmdServer\EasyLauncher.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(Motorola) C:\Program Files (x86)\Motorola\MotForwardDaemon\ForwardDaemon.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
(TomTom) C:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe
(Atheros) C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Elements 11 Organizer\PhotoshopElementsFileAgent.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Samsung Electronics CO., LTD.) C:\ProgramData\Samsung\SW Update Service\SWMAgent.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(IBM Corp.) C:\Program Files (x86)\Trusteer\Rapport\bin\RapportMgmtService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe
(Avast Software) C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe
(Microsoft Corporation) C:\Windows\System32\LogonUI.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
() C:\Program Files (x86)\Samsung\Settings\CmdServer\EasySettingsCmdServer.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Samsung Electronics CO., LTD.) C:\Program Files (x86)\Samsung\Settings\sSettings.exe
(IBM Corp.) C:\Program Files (x86)\Trusteer\Rapport\bin\RapportService.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Qualcomm Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe
(Intel Corporation) C:\Windows\System32\igfxext.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
() C:\Program Files (x86)\Bluetooth Suite\ActivateDesktop.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe


==================== Registre (Avec liste blanche) ===========================

(Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé. Le fichier ne sera pas déplacé.)

HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13263072 2012-12-12] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1260256 2013-01-04] (Realtek Semiconductor)
HKLM\...\Run: [Bitcasa] => C:\Program Files\Bitcasa\Bitcasa.exe [4365824 2012-12-27] (Bitcasa, Inc)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [499608 2011-06-16] (Adobe Systems Incorporated)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [3940040 2015-06-12] (Synaptics Incorporated)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [170280 2015-07-11] (Apple Inc.)
HKLM-x32\...\Run: [Adobe Reader Speed Launcher] => C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe [40336 2015-06-27] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Intel AppUp(SM) center] => C:\Program Files (x86)\Intel\IntelAppStore\bin\ismagent.exe [155488 2012-07-13] (Intel Corporation)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [60712 2015-05-15] (Apple Inc.)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [6111824 2015-08-25] (AVAST Software)
HKLM-x32\...\Run: [Wondershare Helper Compact.exe] => C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe
HKLM-x32\...\Run: [DelaypluginInstall] => C:\ProgramData\Wondershare\Video Converter Ultimate\DelayPluginI.exe
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2014-10-02] (Apple Inc.)
Winlogon\Notify\igfxcui: C:\WINDOWS\system32\igfxdev.dll (Intel Corporation)
HKLM\...\Policies\Explorer\Run: [BtvStack] => C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe [131712 2013-01-24] (Qualcomm Atheros Commnucations)
HKU\S-1-5-21-778861357-4007362292-4267262675-1001\...\Run: [Facebook Update] => C:\Users\LWolff\AppData\Local\Facebook\Update\FacebookUpdate.exe [138096 2014-01-29] (Facebook Inc.)
HKU\S-1-5-21-778861357-4007362292-4267262675-1001\...\Run: [HP Photosmart 5520 series (NET)] => C:\Program Files\HP\HP Photosmart 5520 series\Bin\ScanToPCActivationApp.exe [2573416 2012-10-17] (Hewlett-Packard Co.)
HKU\S-1-5-21-778861357-4007362292-4267262675-1001\...\Run: [Spotify Web Helper] => C:\Users\LWolff\AppData\Roaming\Spotify\SpotifyWebHelper.exe [2017848 2015-08-04] (Spotify Ltd)
HKU\S-1-5-21-778861357-4007362292-4267262675-1001\...\Run: [Spotify] => C:\Users\LWolff\AppData\Roaming\Spotify\Spotify.exe [7574584 2015-08-04] (Spotify Ltd)
HKU\S-1-5-21-778861357-4007362292-4267262675-1001\...\Run: [TomTomHOME.exe] => "C:\Program Files (x86)\TomTom HOME 2\TomTomHOMERunner.exe"
HKU\S-1-5-18\...\RunOnce: [Application Restart #0] => C:\Program Files (x86)\Samsung\Settings\CmdServer\VendorAPIRun64.exe [2406960 2013-02-01] (Samsung Electronics CO., LTD.)
HKU\S-1-5-18\...\RunOnce: [Application Restart #1] => C:\Program Files (x86)\Samsung\Settings\CmdServer\VendorAPIRun64.exe [2406960 2013-02-01] (Samsung Electronics CO., LTD.)
Startup: C:\Users\LWolff\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk [2013-09-17]
ShortcutTarget: Dropbox.lnk -> C:\Users\LWolff\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
SSODL: EldosMountNotificator - {5FF49FE8-B332-4CB9-B102-FB6951629E55} - C:\windows\system32\CbFsMntNtf3.dll (EldoS Corporation)
SSODL-x32: EldosMountNotificator - {5FF49FE8-B332-4CB9-B102-FB6951629E55} - C:\windows\SysWow64\CbFsMntNtf3.dll (EldoS Corporation)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2015-08-25] (AVAST Software)
ShellIconOverlayIdentifiers: [1EldosIconOverlay] -> {39F5802A-472A-4D02-B726-1B0525A3D923} => C:\windows\SYSTEM32\CbFsMntNtf3.dll [2012-08-06] (EldoS Corporation)
ShellIconOverlayIdentifiers: [BitcasaIconOverlay] -> {A6975448-A999-49BB-B3E4-7730CF6A82C0} => C:\Program Files\Bitcasa\ExplorerMenu.dll [2012-12-27] (Bitcasa, Inc)
ShellIconOverlayIdentifiers: [BitcasaProgressOverlay] -> {6FB8D52A-0064-45B2-B687-F596FEAD09C2} => C:\Program Files\Bitcasa\ExplorerMenu.dll [2012-12-27] (Bitcasa, Inc)
ShellIconOverlayIdentifiers: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\LWolff\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll [2015-02-11] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\LWolff\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll [2015-02-11] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\LWolff\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll [2015-02-11] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt4] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\LWolff\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll [2015-02-11] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [EldosIconOverlay] -> {5BB532A2-BF14-4CCC-86B7-71B81EF6F8BC} => C:\windows\system32\CbFsMntNtf3.dll [2012-08-06] (EldoS Corporation)
ShellIconOverlayIdentifiers-x32: [1EldosIconOverlay] -> {39F5802A-472A-4D02-B726-1B0525A3D923} => C:\windows\SysWOW64\CbFsMntNtf3.dll [2012-08-06] (EldoS Corporation)
ShellIconOverlayIdentifiers-x32: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\LWolff\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll [2015-02-11] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\LWolff\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll [2015-02-11] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\LWolff\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll [2015-02-11] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [EldosIconOverlay] -> {5BB532A2-BF14-4CCC-86B7-71B81EF6F8BC} => C:\windows\SysWow64\CbFsMntNtf3.dll [2012-08-06] (EldoS Corporation)

==================== Internet (Avec liste blanche) ====================

(Si un élément est inclus dans le fichier fixlist.txt, s'il s'agit d'un élément du Registre, il sera supprimé ou restauré à la valeur par défaut.)

HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com
HKU\S-1-5-21-778861357-4007362292-4267262675-1001\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.bing.com/search?q={searchTerms}&FORM=AVASDF&PC=AV01
HKU\S-1-5-21-778861357-4007362292-4267262675-1001\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxp://www.msn.com/?pc=AV01
SearchScopes: HKLM-x32 -> {632F07F3-19A1-4d16-A23F-E6CE9486BAB5} URL = hxxp://www.bing.com/search?q={searchTerms}&FORM=AVASDF&PC=AV01
SearchScopes: HKLM-x32 -> {9CB96984-43C3-4D44-90EF-01466EFCF7BB} URL = hxxps://fr.search.yahoo.com/yhs/search?type=avastbcl&hspart=avast&hsimp=yhs-001&p={searchTerms}
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-778861357-4007362292-4267262675-1001 -> {240EC9A8-7C48-4035-9302-298FECF7C4A6} URL = hxxp://www.google.com/search?q={searchTerms}
SearchScopes: HKU\S-1-5-21-778861357-4007362292-4267262675-1001 -> {DC91FAFB-6CEA-49E5-BB74-9CEE75D09B77} URL =
BHO: CIESpeechBHO Class -> {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} -> C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll [2013-01-24] (Qualcomm Atheros Commnucations)
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2015-08-25] (AVAST Software)
BHO-x32: Pas de nom -> {451C804F-C205-4F03-B48E-537EC94937BF} -> Pas de fichier
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\ssv.dll [2015-02-03] (Oracle Corporation)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2015-08-25] (AVAST Software)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\jp2ssv.dll [2015-02-03] (Oracle Corporation)
Toolbar: HKLM - Pas de nom - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - Pas de fichier
Handler: WSWSVCUchrome - {1CA93FF0-A218-44F1 - Pas de fichier
Tcpip\Parameters: [DhcpNameServer] 192.168.1.254
Tcpip\..\Interfaces\{C7101109-F77C-401B-BC96-071C31449422}: [DhcpNameServer] 192.168.1.254
StartMenuInternet: IEXPLORE.EXE - iexplore.exe

FireFox:
========
FF ProfilePath: C:\Users\LWolff\AppData\Roaming\Mozilla\Firefox\Profiles\y86jveht.default-1440496778089
FF DefaultSearchEngine: DuckDuckGo
FF DefaultSearchUrl: hxxps://fr.search.yahoo.com/yhs/search
FF SearchEngineOrder.1: Yahoo! (Avast)
FF SelectedSearchEngine: Yahoo! (Avast)
FF Homepage: hxxps://duckduckgo.com/
FF Keyword.URL: hxxps://fr.search.yahoo.com/yhs/search
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_18_0_0_232.dll [2015-08-16] ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_18_0_0_232.dll [2015-08-16] ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2015-01-06] ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.66 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2012-09-29] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2012-09-29] (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.31.2 -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\dtplugin\npDeployJava1.dll [2015-02-03] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.31.2 -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\plugin2\npjp2.dll [2015-02-03] (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll [2015-06-27] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-778861357-4007362292-4267262675-1001: @Skype Limited.com/Facebook Video Calling Plugin -> C:\Users\LWolff\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll [2014-07-24] (Skype Limited)
FF SearchPlugin: C:\Users\LWolff\AppData\Roaming\Mozilla\Firefox\Profiles\y86jveht.default-1440496778089\searchplugins\yahoo-avast.xml [2015-08-25]
FF Extension: Video DownloadHelper - C:\Users\LWolff\AppData\Roaming\Mozilla\Firefox\Profiles\y86jveht.default-1440496778089\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}.xpi [2015-08-25]
FF Extension: Adblock Plus - C:\Users\LWolff\AppData\Roaming\Mozilla\Firefox\Profiles\y86jveht.default-1440496778089\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2015-08-25]
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2013-11-15]

Chrome:
=======
CHR Profile: C:\Users\LWolff\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Docs) - C:\Users\LWolff\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2013-09-17]
CHR Extension: (Adblock Plus) - C:\Users\LWolff\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2014-07-21]
CHR Extension: (Avast Online Security) - C:\Users\LWolff\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2013-11-15]
CHR Extension: (Chrome Hotword Shared Module) - C:\Users\LWolff\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-03-05]
CHR Extension: (Chrome Web Store Payments) - C:\Users\LWolff\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-09-17]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2015-08-25]

==================== Services (Avec liste blanche) ========================

(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)

R2 AdobeActiveFileMonitor11.0; C:\Program Files (x86)\Adobe\Elements 11 Organizer\PhotoshopElementsFileAgent.exe [172104 2013-01-26] (Adobe Systems Incorporated)
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [77128 2015-05-29] (Apple Inc.)
R2 AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [227456 2013-01-24] (Qualcomm Atheros Commnucations) [Fichier non signé]
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [146600 2015-08-25] (AVAST Software)
R3 AvastVBoxSvc; C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe [4047768 2015-08-25] (Avast Software)
S3 BthHFSrv; C:\Windows\System32\BthHFSrv.dll [324608 2014-10-29] (Microsoft Corporation)
R2 Easy Launcher; C:\Program Files (x86)\Samsung\Settings\CmdServer\EasyLauncher.exe [1594416 2013-02-01] (Samsung Electronics CO., LTD.)
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [732160 2012-12-10] (Intel(R) Corporation) [Fichier non signé]
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [803872 2012-12-10] (Intel(R) Corporation)
R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [131032 2013-01-14] (Intel Corporation)
S3 iumsvc; C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe [174368 2014-02-28] ()
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [165336 2013-01-14] (Intel Corporation)
S2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1133880 2015-06-18] (Malwarebytes Corporation)
S2 Motorola Device Manager; C:\Program Files (x86)\Motorola Mobility\Motorola Device Manager\MotoHelperService.exe [137528 2013-11-15] (Motorola Mobility LLC)
R2 PST Service; C:\Program Files (x86)\Motorola\MotForwardDaemon\ForwardDaemon.exe [65657 2011-09-02] (Motorola) [Fichier non signé]
R2 RapportMgmtService; C:\Program Files (x86)\Trusteer\Rapport\bin\RapportMgmtService.exe [2255128 2015-08-04] (IBM Corp.)
R2 SWUpdateService; C:\ProgramData\Samsung\SW Update Service\SWMAgent.exe [3018800 2013-10-21] (Samsung Electronics CO., LTD.)
R2 SynTPEnhService; C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe [246464 2015-06-12] (Synaptics Incorporated)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [366552 2015-07-07] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2015-07-07] (Microsoft Corporation)
R2 ZAtheros Bt and Wlan Coex Agent; C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe [323584 2013-01-24] (Atheros) [Fichier non signé]

===================== Pilotes (Avec liste blanche) ==========================

(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)

R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [28656 2015-08-25] (AVAST Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [90968 2015-08-25] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93528 2015-08-25] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65224 2015-08-25] (AVAST Software)
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1048344 2015-08-25] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [447944 2015-08-25] (AVAST Software)
S2 aswStm; C:\Windows\system32\drivers\aswStm.sys [150672 2015-08-25] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [274808 2015-08-25] (AVAST Software)
S3 BTATH_LWFLT; C:\Windows\system32\DRIVERS\btath_lwflt.sys [77464 2013-01-24] (Qualcomm Atheros)
S3 BthLEEnum; C:\Windows\system32\DRIVERS\BthLEEnum.sys [226304 2014-03-18] (Microsoft Corporation)
R1 cbfs3; C:\windows\system32\drivers\cbfs3.sys [352456 2012-08-06] (EldoS Corporation)
S3 dot4; C:\Windows\system32\DRIVERS\Dot4.sys [151968 2012-10-19] (Windows (R) Win 7 DDK provider)
S3 Dot4Print; C:\Windows\System32\drivers\Dot4Prt.sys [27040 2012-10-19] (Windows (R) Win 7 DDK provider)
R3 MBAMProtector; C:\WINDOWS\system32\drivers\mbam.sys [25816 2015-06-18] (Malwarebytes Corporation)
S3 MBAMWebAccessControl; C:\WINDOWS\system32\drivers\mwac.sys [64216 2015-06-18] (Malwarebytes Corporation)
R0 ngvss; C:\Windows\System32\Drivers\ngvss.sys [115152 2015-08-25] (AVAST Software)
R3 RadioHIDMini; C:\Windows\System32\drivers\RadioHIDMini.sys [23408 2012-07-27] (Windows (R) Win 7 DDK provider)
R4 RapportCerberus_1507063; C:\ProgramData\Trusteer\Rapport\store\exts\RapportCerberus\baseline\RapportCerberus64_1507063.sys [958232 2015-08-25] (IBM Corp.)
R1 RapportCerberus_1507065; C:\ProgramData\Trusteer\Rapport\store\exts\RapportCerberus\baseline\RapportCerberus64_1507065.sys [958744 2015-08-26] (IBM Corp.)
R1 RapportEI64; C:\Program Files (x86)\Trusteer\Rapport\bin\x64\RapportEI64.sys [500184 2015-08-04] (IBM Corp.)
R0 RapportHades64; C:\Windows\System32\Drivers\RapportHades64.sys [139896 2015-08-04] (IBM Corp.)
R0 RapportKE64; C:\Windows\System32\Drivers\RapportKE64.sys [394584 2015-08-04] (IBM Corp.)
R1 RapportPG64; C:\Program Files (x86)\Trusteer\Rapport\bin\x64\RapportPG64.sys [489240 2015-08-04] (IBM Corp.)
R2 VBoxAswDrv; C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxAswDrv.sys [273824 2015-08-25] (Avast Software)
U0 Partizan; system32\drivers\Partizan.sys [X]

==================== NetSvcs (Avec liste blanche) ===================

(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)


==================== Un mois - Créés - fichiers et dossiers ========

(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)

2015-08-27 20:31 - 2015-08-27 20:32 - 00023593 _____ C:\Users\LWolff\Downloads\FRST.txt
2015-08-27 20:31 - 2015-08-27 20:31 - 00000000 ___HD C:\$Windows.~BT
2015-08-27 20:30 - 2015-08-27 20:31 - 00000000 ____D C:\FRST
2015-08-27 20:29 - 2015-08-27 20:29 - 02186752 _____ (Farbar) C:\Users\LWolff\Downloads\FRST64.exe
2015-08-27 11:37 - 2015-08-27 11:37 - 00000000 ____D C:\Users\LWolff\AppData\Local\GWX
2015-08-27 10:31 - 2015-08-27 10:31 - 00014328 _____ C:\Users\LWolff\Desktop\crumble.odt
2015-08-26 23:29 - 2015-08-26 23:29 - 00001304 _____ C:\Users\LWolff\Desktop\Journal d'analyse Malwarebytes.txt
2015-08-26 22:50 - 2015-08-26 22:50 - 00004174 _____ C:\Users\LWolff\Desktop\ZHPFixReport.txt
2015-08-26 20:32 - 2015-08-26 20:32 - 00103795 _____ C:\Users\Public\Desktop\ZHPDiag.txt
2015-08-26 20:25 - 2015-08-26 20:26 - 00000000 ____D C:\Program Files (x86)\ZHPFix
2015-08-26 20:25 - 2015-08-26 20:25 - 00001861 _____ C:\Users\Public\Desktop\ZHPFix.lnk
2015-08-26 20:25 - 2015-08-26 20:25 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ZHP
2015-08-26 20:24 - 2015-08-26 20:24 - 03521472 _____ (Nicolas Coolman ) C:\Users\LWolff\Downloads\ZHPFix.exe
2015-08-26 20:21 - 2015-08-26 20:24 - 00102715 _____ C:\Users\LWolff\Desktop\ZHPDiag.txt
2015-08-26 20:15 - 2015-08-26 20:15 - 01906688 _____ C:\Users\LWolff\ZHPDiag3.exe
2015-08-26 20:14 - 2015-08-26 22:50 - 00000000 ____D C:\Users\LWolff\AppData\Roaming\ZHP
2015-08-26 20:14 - 2015-08-26 20:17 - 00000865 _____ C:\Users\LWolff\Desktop\ZHPDiag.lnk
2015-08-26 20:14 - 2015-08-26 20:14 - 01901056 _____ C:\Users\LWolff\Downloads\ZHPDiag3.exe
2015-08-26 17:02 - 2015-08-26 17:02 - 01906688 _____ C:\Users\LWolff\Desktop\ZHPDiag3.exe
2015-08-26 09:55 - 2015-08-26 09:55 - 00000000 ____D C:\WINDOWS\SysWOW64\vbox
2015-08-26 09:55 - 2015-08-26 09:55 - 00000000 ____D C:\WINDOWS\system32\vbox
2015-08-26 09:36 - 2015-08-26 09:36 - 00000000 ____D C:\Users\Default\AppData\Local\Trusteer
2015-08-26 09:36 - 2015-08-26 09:36 - 00000000 ____D C:\Users\Default User\AppData\Local\Trusteer
2015-08-26 09:30 - 2015-08-26 09:30 - 00005894 _____ C:\WINDOWS\PFRO.log
2015-08-25 22:52 - 2015-08-11 03:20 - 25191936 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2015-08-25 22:52 - 2015-08-11 02:20 - 19871232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2015-08-25 22:43 - 2015-08-25 22:43 - 01048344 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswsnx.sys
2015-08-25 22:38 - 2015-08-04 21:45 - 00394584 _____ (IBM Corp.) C:\WINDOWS\system32\Drivers\RapportKE64.sys
2015-08-25 22:38 - 2015-08-04 21:45 - 00139896 _____ (IBM Corp.) C:\WINDOWS\system32\Drivers\RapportHades64.sys
2015-08-25 22:35 - 2015-08-26 09:36 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Trusteer Sécurité des points d'accès
2015-08-25 22:35 - 2015-08-25 22:35 - 00000000 ____D C:\Users\LWolff\AppData\Local\Trusteer
2015-08-25 22:34 - 2015-08-25 22:34 - 00000000 ____D C:\Program Files (x86)\Trusteer
2015-08-25 22:32 - 2015-08-25 22:32 - 00000000 ____D C:\ProgramData\Trusteer
2015-08-25 22:31 - 2015-08-25 22:32 - 00436504 _____ (IBM Corp.) C:\Users\LWolff\Downloads\RapportSetup.exe
2015-08-25 22:20 - 2015-08-26 12:49 - 00010789 _____ C:\Users\LWolff\Desktop\comptes août.odt
2015-08-25 22:19 - 2015-08-26 09:30 - 00000077 _____ C:\WINDOWS\setupact.log
2015-08-25 22:19 - 2015-08-25 22:19 - 00000000 _____ C:\WINDOWS\setuperr.log
2015-08-25 20:52 - 2015-07-30 16:04 - 00124624 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationCFFRasterizerNative_v0300.dll
2015-08-25 20:52 - 2015-07-30 15:48 - 00103120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2015-08-25 20:07 - 2015-07-05 12:08 - 00300704 ____N (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe
2015-08-25 20:01 - 2015-08-25 20:01 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVAST Software
2015-08-25 20:01 - 2015-08-25 20:00 - 00378880 _____ (AVAST Software) C:\WINDOWS\system32\aswBoot.exe
2015-08-25 20:01 - 2015-08-25 20:00 - 00115152 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\ngvss.sys
2015-08-25 20:00 - 2015-08-25 20:00 - 00043112 _____ (AVAST Software) C:\WINDOWS\avastSS.scr
2015-08-25 19:39 - 2015-08-25 19:46 - 00000000 ____D C:\ProgramData\Keylogger Detector
2015-08-25 19:38 - 2015-08-25 19:38 - 00613868 _____ C:\Users\LWolff\Downloads\inst_antispy.exe
2015-08-25 19:38 - 2015-08-25 19:38 - 00000000 ____D C:\Users\LWolff\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Keylogger Detector
2015-08-25 19:38 - 2015-08-25 19:38 - 00000000 ____D C:\Program Files\Keylogger Detector
2015-08-25 19:06 - 2015-08-25 19:06 - 00011392 _____ C:\Users\LWolff\Desktop\aremou.odt
2015-08-25 18:23 - 2015-08-25 18:23 - 00002996 _____ C:\WINDOWS\System32\Tasks\SUPatchForW10Up
2015-08-25 18:09 - 2015-08-25 18:10 - 01605632 _____ C:\Users\LWolff\Downloads\AdwCleaner-5.003.exe
2015-08-25 13:45 - 2015-08-25 13:45 - 03237248 _____ (Enigma Software Group USA, LLC.) C:\Users\LWolff\Downloads\SpyHunter-Installer.exe
2015-08-25 11:04 - 2015-08-25 11:04 - 00000000 _____ C:\autoexec.bat
2015-08-25 11:02 - 2015-08-25 11:02 - 03237248 _____ (Enigma Software Group USA, LLC.) C:\Users\LWolff\Downloads\sh-remover.exe
2015-08-25 10:52 - 2015-08-26 10:17 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2015-08-25 09:15 - 2013-08-22 15:25 - 00000824 _____ C:\WINDOWS\system32\Drivers\etc\hp.bak
2015-08-25 09:13 - 2015-08-25 09:15 - 00000000 ____D C:\ProgramData\update
2015-08-24 22:15 - 2015-08-24 22:15 - 00000000 ____D C:\Users\LWolff\AppData\Local\Downloaded Installations
2015-08-24 22:14 - 2015-08-24 22:14 - 00000000 ____D C:\Users\LWolff\Documents\TomTom
2015-08-24 22:14 - 2015-08-24 22:14 - 00000000 ____D C:\ProgramData\TomTom
2015-08-24 22:13 - 2015-08-25 19:46 - 00000000 ____D C:\Program Files (x86)\TomTom HOME 2
2015-08-24 22:13 - 2015-08-24 22:16 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TomTom
2015-08-24 22:13 - 2015-08-24 22:13 - 00000000 ____D C:\Users\LWolff\AppData\Roaming\TomTom
2015-08-24 22:13 - 2015-08-24 22:13 - 00000000 ____D C:\Users\LWolff\AppData\Local\TomTom
2015-08-24 22:13 - 2015-08-24 22:13 - 00000000 ____D C:\Program Files (x86)\TomTom International B.V
2015-08-24 22:13 - 2015-08-24 22:13 - 00000000 ____D C:\Program Files (x86)\TomTom DesktopSuite
2015-08-24 21:58 - 2015-08-24 21:58 - 00000000 ____D C:\Users\LWolff\AppData\Roaming\Thunderbird
2015-08-24 21:58 - 2015-08-24 21:58 - 00000000 ____D C:\Users\LWolff\AppData\Local\Thunderbird
2015-08-24 20:42 - 2015-07-19 03:58 - 00136904 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
2015-08-24 20:42 - 2015-07-18 20:51 - 03704320 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2015-08-24 20:42 - 2015-07-18 20:31 - 00140288 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuwebv.dll
2015-08-24 20:42 - 2015-07-18 20:31 - 00095744 _____ (Microsoft Corporation) C:\WINDOWS\system32\wudriver.dll
2015-08-24 20:42 - 2015-07-18 20:31 - 00035840 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapp.exe
2015-08-24 20:42 - 2015-07-18 20:29 - 00409088 _____ (Microsoft Corporation) C:\WINDOWS\system32\WUSettingsProvider.dll
2015-08-24 20:42 - 2015-07-18 20:29 - 00124928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuwebv.dll
2015-08-24 20:42 - 2015-07-18 20:29 - 00029696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapp.exe
2015-08-24 20:42 - 2015-07-18 20:28 - 00081920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wudriver.dll
2015-08-24 20:42 - 2015-07-18 20:12 - 02228736 _____ (Microsoft Corporation) C:\WINDOWS\system32\wucltux.dll
2015-08-24 20:42 - 2015-07-18 20:10 - 00891904 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll
2015-08-24 20:42 - 2015-07-18 20:09 - 00721920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapi.dll
2015-08-24 20:42 - 2015-07-16 02:29 - 07458648 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2015-08-24 20:42 - 2015-07-16 02:29 - 01735000 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2015-08-24 20:42 - 2015-07-16 02:29 - 00101720 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mountmgr.sys
2015-08-24 20:42 - 2015-07-16 02:28 - 01499920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
2015-08-24 20:42 - 2015-07-10 19:54 - 01217024 _____ (Microsoft Corporation) C:\WINDOWS\system32\sysmain.dll
2015-08-24 20:41 - 2015-07-16 22:36 - 00584192 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2015-08-24 20:41 - 2015-07-16 22:36 - 00417792 _____ (Microsoft Corporation) C:\WINDOWS\system32\html.iec
2015-08-24 20:41 - 2015-07-16 22:35 - 02885632 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2015-08-24 20:41 - 2015-07-16 22:26 - 05923328 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2015-08-24 20:41 - 2015-07-16 22:23 - 00615936 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieui.dll
2015-08-24 20:41 - 2015-07-16 22:21 - 00816640 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2015-08-24 20:41 - 2015-07-16 21:53 - 00145408 _____ (Microsoft Corporation) C:\WINDOWS\system32\iepeers.dll
2015-08-24 20:41 - 2015-07-16 21:51 - 00504320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2015-08-24 20:41 - 2015-07-16 21:50 - 00341504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\html.iec
2015-08-24 20:41 - 2015-07-16 21:45 - 02279424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2015-08-24 20:41 - 2015-07-16 21:45 - 01032704 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcomm.dll
2015-08-24 20:41 - 2015-07-16 21:41 - 00479232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieui.dll
2015-08-24 20:41 - 2015-07-16 21:39 - 00664064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2015-08-24 20:41 - 2015-07-16 21:38 - 00262144 _____ (Microsoft Corporation) C:\WINDOWS\system32\webcheck.dll
2015-08-24 20:41 - 2015-07-16 21:36 - 00801280 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2015-08-24 20:41 - 2015-07-16 21:34 - 14451200 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2015-08-24 20:41 - 2015-07-16 21:32 - 02125824 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2015-08-24 20:41 - 2015-07-16 21:14 - 02880000 _____ (Microsoft Corporation) C:\WINDOWS\system32\actxprxy.dll
2015-08-24 20:41 - 2015-07-16 21:13 - 00880128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcomm.dll
2015-08-24 20:41 - 2015-07-16 21:12 - 04520448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2015-08-24 20:41 - 2015-07-16 21:12 - 02427904 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2015-08-24 20:41 - 2015-07-16 21:10 - 12856832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2015-08-24 20:41 - 2015-07-16 21:06 - 00689152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2015-08-24 20:41 - 2015-07-16 21:01 - 01545728 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2015-08-24 20:41 - 2015-07-16 20:52 - 01048576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\actxprxy.dll
2015-08-24 20:41 - 2015-07-16 20:49 - 00800768 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2015-08-24 20:41 - 2015-07-16 20:42 - 01951232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2015-08-24 20:41 - 2015-07-16 20:38 - 01310720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2015-08-24 20:41 - 2015-07-16 20:37 - 00710144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2015-08-24 20:41 - 2015-06-09 20:27 - 00411133 _____ C:\WINDOWS\system32\ApnDatabase.xml
2015-08-24 20:40 - 2015-07-29 01:24 - 00025776 _____ (Microsoft Corporation) C:\WINDOWS\system32\CompatTelRunner.exe
2015-08-24 20:40 - 2015-07-28 16:24 - 01148416 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
2015-08-24 20:40 - 2015-07-28 16:24 - 01116160 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll
2015-08-24 20:40 - 2015-07-28 16:24 - 00774144 _____ (Microsoft Corporation) C:\WINDOWS\system32\invagent.dll
2015-08-24 20:40 - 2015-07-28 16:24 - 00743424 _____ (Microsoft Corporation) C:\WINDOWS\system32\generaltel.dll
2015-08-24 20:40 - 2015-07-28 16:24 - 00437248 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll
2015-08-24 20:40 - 2015-07-28 16:24 - 00069120 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
2015-08-24 20:40 - 2015-07-07 11:40 - 00270168 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdFilter.sys
2015-08-24 20:40 - 2015-07-07 11:40 - 00114520 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdNisDrv.sys
2015-08-24 20:40 - 2015-07-07 11:40 - 00044560 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdBoot.sys
2015-08-24 20:40 - 2015-07-02 00:19 - 00228864 _____ (Microsoft Corporation) C:\WINDOWS\system32\WebClnt.dll
2015-08-24 20:40 - 2015-07-02 00:16 - 00104448 _____ (Microsoft Corporation) C:\WINDOWS\system32\davclnt.dll
2015-08-24 20:40 - 2015-07-01 23:37 - 00198656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WebClnt.dll
2015-08-24 20:40 - 2015-07-01 23:35 - 00087040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\davclnt.dll
2015-08-24 20:40 - 2015-06-12 19:03 - 18823680 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2015-08-24 20:40 - 2015-06-12 18:36 - 15159296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2015-08-24 20:39 - 2015-07-29 16:37 - 01994752 _____ (Microsoft Corporation) C:\WINDOWS\system32\DWrite.dll
2015-08-24 20:39 - 2015-07-29 16:30 - 01381888 _____ (Microsoft Corporation) C:\WINDOWS\system32\FntCache.dll
2015-08-24 20:39 - 2015-07-29 16:23 - 01559552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DWrite.dll
2015-08-24 20:39 - 2015-07-24 20:57 - 04177408 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2015-08-24 20:39 - 2015-07-24 20:57 - 00358912 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\atmfd.dll
2015-08-24 20:39 - 2015-07-24 20:52 - 00044032 _____ (Adobe Systems) C:\WINDOWS\system32\atmlib.dll
2015-08-24 20:39 - 2015-07-24 19:27 - 00301568 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\atmfd.dll
2015-08-24 20:39 - 2015-07-24 19:23 - 00035840 _____ (Adobe Systems) C:\WINDOWS\SysWOW64\atmlib.dll
2015-08-24 20:39 - 2015-07-14 23:59 - 01113944 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndis.sys
2015-08-24 20:39 - 2015-07-14 23:59 - 00487256 _____ (Microsoft Corporation) C:\WINDOWS\system32\netcfgx.dll
2015-08-24 20:39 - 2015-07-14 23:59 - 00393560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netcfgx.dll
2015-08-24 20:39 - 2015-07-14 05:22 - 02529880 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml6.dll
2015-08-24 20:39 - 2015-07-14 05:21 - 01901776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml6.dll
2015-08-24 20:39 - 2015-07-13 21:46 - 00059392 _____ (Microsoft Corporation) C:\WINDOWS\system32\csrsrv.dll
2015-08-24 20:39 - 2015-07-13 21:45 - 00059392 _____ (Microsoft Corporation) C:\WINDOWS\system32\basesrv.dll
2015-08-24 20:39 - 2015-07-10 20:19 - 01101824 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdvidcrl.dll
2015-08-24 20:39 - 2015-07-10 19:42 - 02345472 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml3.dll
2015-08-24 20:39 - 2015-07-10 19:14 - 00856064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdvidcrl.dll
2015-08-24 20:39 - 2015-07-10 19:13 - 07032320 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll
2015-08-24 20:39 - 2015-07-10 18:47 - 01556992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml3.dll
2015-08-24 20:39 - 2015-07-10 18:31 - 06213120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll
2015-08-24 20:39 - 2015-07-09 19:13 - 00221184 _____ (Microsoft Corporation) C:\WINDOWS\system32\notepad.exe
2015-08-24 20:39 - 2015-07-09 19:13 - 00221184 _____ (Microsoft Corporation) C:\WINDOWS\notepad.exe
2015-08-24 20:39 - 2015-07-09 18:30 - 00212992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\notepad.exe
2015-08-24 20:39 - 2015-06-11 22:12 - 02476376 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2015-08-24 20:39 - 2015-06-11 22:12 - 00428888 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\FWPKCLNT.SYS
2015-08-24 15:46 - 2015-08-25 17:25 - 00000000 ____D C:\Users\LWolff\AppData\Roaming\Philipp Winterberg
2015-08-24 15:45 - 2015-08-24 15:45 - 01118048 _____ (Philipp Winterberg) C:\Users\LWolff\Downloads\free-rar-extract-frog_6-50_fr_223220.exe
2015-08-11 23:14 - 2015-08-11 23:14 - 00005332 _____ C:\Users\LWolff\Desktop\Imprimer la commande - Thomann France.html
2015-08-11 23:14 - 2015-08-11 23:14 - 00000000 ____D C:\Users\LWolff\Desktop\Imprimer la commande - Thomann France_files
2015-08-04 19:04 - 2015-08-04 19:24 - 00000000 ____D C:\Users\LWolff\Desktop\répèts Cabaret
2015-08-03 21:27 - 2015-08-03 21:27 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2015-08-03 21:26 - 2015-08-03 21:27 - 00000000 ____D C:\Program Files\iTunes
2015-08-03 21:26 - 2015-08-03 21:26 - 00000000 ____D C:\Program Files\iPod
2015-08-03 21:26 - 2015-08-03 21:26 - 00000000 ____D C:\Program Files (x86)\iTunes
2015-08-01 11:27 - 2015-08-01 11:28 - 00000000 ____D C:\Users\LWolff\Desktop\clé USB
2015-08-01 03:40 - 2015-08-01 03:40 - 00000000 ____D C:\Users\LWolff\Desktop\phone
2015-07-30 16:11 - 2015-07-30 16:11 - 00016793 _____ C:\Users\LWolff\Downloads\dragon_is_coming.zip
2015-07-30 12:30 - 2015-08-01 11:34 - 00000000 ____D C:\Users\LWolff\Desktop\Coco
2015-07-28 00:14 - 2015-07-28 00:14 - 00000000 ____D C:\Users\LWolff\AppData\Local\Qualcomm Atheros

==================== Un mois - Modifiés - fichiers et dossiers ========

(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)

2015-08-27 20:31 - 2015-07-18 18:27 - 02082320 _____ C:\WINDOWS\WindowsUpdate.log
2015-08-27 20:31 - 2014-04-13 16:14 - 00000000 ___DC C:\WINDOWS\Panther
2015-08-27 20:25 - 2013-09-14 10:22 - 00003596 _____ C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-778861357-4007362292-4267262675-1001
2015-08-27 20:24 - 2013-04-22 15:37 - 00000000 ____D C:\ProgramData\WinClon
2015-08-27 20:23 - 2014-04-28 00:00 - 00003932 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{EF52712D-4D63-4965-87A9-02A9BC38AD4D}
2015-08-27 20:20 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\system32\sru
2015-08-27 10:36 - 2014-05-30 21:48 - 00001002 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2015-08-27 10:36 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\AppReadiness
2015-08-26 23:45 - 2014-03-18 12:02 - 01824010 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2015-08-26 23:45 - 2014-03-18 11:26 - 00812350 _____ C:\WINDOWS\system32\perfh00C.dat
2015-08-26 23:45 - 2014-03-18 11:26 - 00159412 _____ C:\WINDOWS\system32\perfc00C.dat
2015-08-26 22:56 - 2015-07-18 16:41 - 00113880 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2015-08-26 20:15 - 2014-04-13 15:25 - 00000000 ____D C:\Users\LWolff
2015-08-26 20:10 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\rescache
2015-08-26 10:17 - 2014-05-30 21:30 - 00001171 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2015-08-26 10:17 - 2014-05-30 21:30 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2015-08-26 09:31 - 2013-11-15 01:45 - 00003924 _____ C:\WINDOWS\System32\Tasks\avast! Emergency Update
2015-08-26 09:31 - 2013-08-22 16:45 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2015-08-25 22:52 - 2012-07-26 09:59 - 00000000 ____D C:\WINDOWS\CbsTemp
2015-08-25 20:00 - 2014-06-01 10:39 - 00150672 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswStm.sys
2015-08-25 20:00 - 2014-06-01 10:39 - 00028656 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswHwid.sys
2015-08-25 20:00 - 2013-11-15 01:38 - 00447944 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSP.sys
2015-08-25 20:00 - 2013-11-15 01:38 - 00274808 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswVmm.sys
2015-08-25 20:00 - 2013-11-15 01:38 - 00093528 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRdr2.sys
2015-08-25 20:00 - 2013-11-15 01:38 - 00090968 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswMonFlt.sys
2015-08-25 20:00 - 2013-11-15 01:38 - 00065224 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRvrt.sys
2015-08-25 18:23 - 2013-04-22 15:40 - 00000000 ____D C:\ProgramData\Samsung
2015-08-25 18:18 - 2014-12-29 14:01 - 00000000 ____D C:\AdwCleaner
2015-08-25 10:44 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\IME
2015-08-25 10:44 - 2013-08-22 15:25 - 00262144 ___SH C:\WINDOWS\system32\config\BBI
2015-08-25 10:20 - 2014-04-13 20:49 - 00001061 _____ C:\Users\LWolff\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2015-08-25 10:09 - 2013-09-17 13:34 - 00000000 ____D C:\Users\LWolff\AppData\Local\Google
2015-08-25 08:39 - 2013-08-22 16:44 - 00423816 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2015-08-25 08:38 - 2013-10-11 23:46 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2015-08-25 08:38 - 2013-10-11 23:46 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight
2015-08-25 08:35 - 2014-12-14 01:41 - 00000000 ____D C:\WINDOWS\system32\appraiser
2015-08-25 08:35 - 2014-07-14 20:21 - 00000000 ___SD C:\WINDOWS\system32\CompatTel
2015-08-25 08:35 - 2013-10-11 23:48 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2015-08-25 08:35 - 2013-08-22 17:36 - 00000000 ___RD C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2015-08-25 08:35 - 2013-08-22 17:36 - 00000000 ___RD C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2015-08-25 08:35 - 2013-08-22 17:36 - 00000000 ___RD C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2015-08-25 08:35 - 2013-08-22 17:36 - 00000000 ___RD C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2015-08-25 08:35 - 2013-08-22 17:36 - 00000000 ____D C:\Program Files\Windows Defender
2015-08-25 08:35 - 2013-08-22 17:36 - 00000000 ____D C:\Program Files (x86)\Windows Defender
2015-08-25 08:33 - 2013-09-20 09:20 - 00000000 ____D C:\WINDOWS\system32\MRT
2015-08-25 08:25 - 2013-09-20 09:19 - 132483416 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2015-08-24 18:19 - 2014-07-26 19:37 - 00000000 ____D C:\Users\LWolff\Desktop\fonds
2015-08-24 15:37 - 2013-09-17 13:34 - 00000000 ____D C:\Program Files (x86)\Google
2015-08-16 19:36 - 2014-05-30 21:48 - 00003890 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater
2015-08-14 03:50 - 2015-03-12 00:31 - 00794088 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2015-08-14 03:50 - 2015-03-12 00:31 - 00179688 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2015-08-04 19:16 - 2013-11-21 12:55 - 00000000 ____D C:\Users\LWolff\AppData\Roaming\Audacity
2015-08-04 18:59 - 2015-05-03 15:13 - 00000000 ____D C:\Users\LWolff\AppData\Local\Spotify
2015-08-04 18:59 - 2015-05-03 15:12 - 00000000 ____D C:\Users\LWolff\AppData\Roaming\Spotify
2015-08-03 21:26 - 2015-03-20 10:24 - 00000000 ____D C:\ProgramData\E1864A66-75E3-486a-BD95-D1B7D99A84A7
2015-08-03 21:26 - 2013-09-17 12:58 - 00000000 ____D C:\Program Files\Common Files\Apple
2015-08-02 10:28 - 2014-12-22 01:34 - 00000000 __SHD C:\Users\LWolff\AppData\Local\EmieBrowserModeList
2015-08-02 10:28 - 2014-04-14 23:44 - 00000000 __SHD C:\Users\LWolff\AppData\Local\EmieUserList
2015-08-02 10:28 - 2014-04-14 23:44 - 00000000 __SHD C:\Users\LWolff\AppData\Local\EmieSiteList
2015-08-02 10:27 - 2013-09-14 10:16 - 00000000 ____D C:\Users\LWolff\AppData\Roaming\Atheros
2015-08-01 03:40 - 2013-09-14 10:17 - 00000000 ____D C:\Users\LWolff\Documents\Bluetooth Folder
2015-07-28 22:59 - 2014-01-17 11:22 - 00000000 ____D C:\Users\LWolff\AppData\Roaming\vlc

==================== Fichiers à la racine de certains dossiers =======

2014-02-28 21:23 - 2014-02-28 21:23 - 0000983 _____ () C:\Users\LWolff\AppData\Local\recently-used.xbel
2013-09-17 14:46 - 2013-09-17 14:46 - 0000057 _____ () C:\ProgramData\Ament.ini
2013-04-22 15:30 - 2013-02-19 09:34 - 2064264 _____ (Samsung Electronics) C:\ProgramData\MakeMarkerFile.exe
2013-04-22 15:30 - 2013-01-12 16:51 - 0003004 _____ () C:\ProgramData\MakeMarkerFile.xml

Fichiers à déplacer ou supprimer:
====================
C:\ProgramData\MakeMarkerFile.exe
C:\Users\EasySurvey\EasySurvey.exe
C:\Users\LWolff\ZHPDiag3.exe


==================== Bamital & volsnap =================

(Il n'y a pas de correction automatique pour les fichiers qui ne satisfont pas à la vérification.)

C:\WINDOWS\system32\winlogon.exe => Le fichier est signé numériquement
C:\WINDOWS\system32\wininit.exe => Le fichier est signé numériquement
C:\WINDOWS\explorer.exe => Le fichier est signé numériquement
C:\WINDOWS\SysWOW64\explorer.exe => Le fichier est signé numériquement
C:\WINDOWS\system32\svchost.exe => Le fichier est signé numériquement
C:\WINDOWS\SysWOW64\svchost.exe => Le fichier est signé numériquement
C:\WINDOWS\system32\services.exe => Le fichier est signé numériquement
C:\WINDOWS\system32\User32.dll => Le fichier est signé numériquement
C:\WINDOWS\SysWOW64\User32.dll => Le fichier est signé numériquement
C:\WINDOWS\system32\userinit.exe => Le fichier est signé numériquement
C:\WINDOWS\SysWOW64\userinit.exe => Le fichier est signé numériquement
C:\WINDOWS\system32\rpcss.dll => Le fichier est signé numériquement
C:\WINDOWS\system32\dnsapi.dll => Le fichier est signé numériquement
C:\WINDOWS\SysWOW64\dnsapi.dll => Le fichier est signé numériquement
C:\WINDOWS\system32\Drivers\volsnap.sys => Le fichier est signé numériquement


LastRegBack: 2015-08-26 09:59

==================== Fin de FRST.txt ============================

Publicité


Signaler le contenu de ce document

Publicité