cjoint

Publicité


Publicité

Format du document : text/plain

Prévisualisation

Résultats d'analyse de Farbar Recovery Scan Tool (FRST) (x64) Version:15-09-2015
Exécuté par J (administrateur) sur PC-JUMELS (21-09-2015 02:10:46)
Exécuté depuis C:\Users\J\Downloads
Profils chargés: J (Profils disponibles: J)
Platform: Windows 8.1 (X64) Langue: Français (France)
Internet Explorer Version 11 (Navigateur par défaut: FF)
Mode d'amorçage: Normal
Tutoriel pour Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processus (Avec liste blanche) =================

(Si un élément est inclus dans le fichier fixlist.txt, le processus sera arrêté. Le fichier ne sera pas déplacé.)

(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
(ASUS) C:\Program Files (x86)\ASUS\ASUS InstantOn\InsOnSrv.exe
(Realsil Microelectronics Inc.) C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe
() C:\Program Files (x86)\RayDld\ihpmServer.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe
(ASUS) C:\Program Files (x86)\ASUS\ASUS InstantOn\InsOnWMI.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\KBFiltr.exe
(Greatis Software) C:\Program Files (x86)\UnHackMe\hackmon.exe
(ASUS) C:\Program Files\ASUS\P4G\BatteryLife.exe
(AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPLoader.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\QuickGesture\x64\QuickGesture64.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\QuickGesture\x86\QuickGesture.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPCenter.exe
(Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe
(Microsoft Corporation) C:\Windows\System32\SkyDrive.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(ASUS) C:\Program Files (x86)\ASUS\Splendid\ACMON.exe
(ASUSTeK) C:\Windows\SysWOW64\ACEngSvr.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\ASUS Live Update\LiveUpdate.exe
(AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPHelper.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20911_x64__8wekyb3d8bbwe\livecomm.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_18_0_0_232.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_18_0_0_232.exe


==================== Registre (Avec liste blanche) ===========================

(Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé. Le fichier ne sera pas déplacé.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13197456 2012-09-28] (Realtek Semiconductor)
HKLM\...\Run: [ACMON] => C:\Program Files (x86)\ASUS\Splendid\ACMON.exe [107192 2012-08-24] (ASUS)
HKLM-x32\...\Run: [Adobe Reader Speed Launcher] => C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe [40336 2015-06-27] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [ASUSPRP] => C:\Program Files (x86)\ASUS\APRP\APRP.EXE [3187360 2012-11-27] (ASUSTek Computer Inc.)
HKLM-x32\...\Run: [ASUSWebStorage] => C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.10.123\AsusWSPanel.exe [3423104 2012-08-31] (ASUS Cloud Corporation)
HKLM-x32\...\Run: [BCSSync] => C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [89184 2012-11-05] (Microsoft Corporation)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [597552 2015-08-04] (Oracle Corporation)
Winlogon\Notify\igfxcui: C:\WINDOWS\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-436175978-3131036754-1171350570-1001\...\Run: [uTorrent] => C:\Users\J\AppData\Roaming\uTorrent\uTorrent.exe [1774432 2015-09-18] (BitTorrent Inc.)
ShellIconOverlayIdentifiers: [AsusWSShellExt_B] -> {6D4133E5-0742-4ADC-8A8C-9303440F7190} => C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.10.123\ASUSWSShellExt64.dll [2012-03-13] (ASUS Cloud Corporation.)
ShellIconOverlayIdentifiers: [AsusWSShellExt_O] -> {64174815-8D98-4CE6-8646-4C039977D808} => C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.10.123\ASUSWSShellExt64.dll [2012-03-13] (ASUS Cloud Corporation.)
ShellIconOverlayIdentifiers: [AsusWSShellExt_U] -> {1C5AB7B1-0B38-4EC4-9093-7FD277E2AF4D} => C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.10.123\ASUSWSShellExt64.dll [2012-03-13] (ASUS Cloud Corporation.)
BootExecute: autocheck autochk * Partizan

==================== Internet (Avec liste blanche) ====================

(Si un élément est inclus dans le fichier fixlist.txt, s'il s'agit d'un élément du Registre, il sera supprimé ou restauré à la valeur par défaut.)

Hosts: 0.0.0.1 mssplus.mcafee.com
Tcpip\Parameters: [DhcpNameServer] 192.168.1.254
Tcpip\..\Interfaces\{43B304A1-86EF-4829-B0A5-9655C574D0C2}: [DhcpNameServer] 192.168.1.254
Tcpip\..\Interfaces\{960235A1-FFE9-46BC-AFB2-D2053684EF7D}: [DhcpNameServer] 192.168.1.254

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\S-1-5-21-436175978-3131036754-1171350570-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome
HKU\S-1-5-21-436175978-3131036754-1171350570-1001\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://www.msn.com/fr-fr/?ocid=iehp
URLSearchHook: [S-1-5-21-436175978-3131036754-1171350570-1001] ATTENTION => URLSearchHook par défaut est absent
SearchScopes: HKU\S-1-5-21-436175978-3131036754-1171350570-1001 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-436175978-3131036754-1171350570-1001 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
StartMenuInternet: IEXPLORE.EXE - iexplore.exe

FireFox:
========
FF ProfilePath: C:\Users\J\AppData\Roaming\Mozilla\Firefox\Profiles\mq8kvwpa.default
FF NewTab:
FF DefaultSearchEngine: Google
FF SearchEngineOrder.1: Google
FF SelectedSearchEngine: Google
FF Homepage: about:home
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_18_0_0_232.dll [2015-08-12] ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_18_0_0_232.dll [2015-08-12] ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2012-06-06] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2012-06-06] (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.60.2 -> C:\Program Files (x86)\Java\jre1.8.0_60\bin\dtplugin\npDeployJava1.dll [2015-09-10] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.60.2 -> C:\Program Files (x86)\Java\jre1.8.0_60\bin\plugin2\npjp2.dll [2015-09-10] (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3505.0912 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-09-12] (Microsoft Corporation)
FF Plugin-x32: @qq.com/npAndroidAssistant -> C:\Program Files (x86)\Common Files\Tencent\QQPhoneManager\2.0.201.3198\npQQPhoneManagerExt.dll [Pas de fichier]
FF Plugin-x32: @rising.com.cn/nprising -> C:\Program Files (x86)\Rising\RAV\nprising.dll [Pas de fichier]
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll [2015-06-27] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-436175978-3131036754-1171350570-1001: @rising.com.cn/nprising -> C:\Program Files (x86)\Rising\RAV\nprising.dll Pas de fichier
StartMenuInternet: FIREFOX.EXE - firefox.exe

Chrome:
=======
CHR Profile: C:\Users\J\AppData\Local\Google\Chrome\User Data\default
CHR HKU\S-1-5-21-436175978-3131036754-1171350570-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [begbnpffhnpedhocnobliippgejhjpfp] - C:\Users\J\AppData\Roaming\Cool Mirage Ltd\gophotoit\1.8.29.5\gophotoit.crx

==================== Services (Avec liste blanche) ========================

(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)

R2 ASUS InstantOn; C:\Program Files (x86)\ASUS\ASUS InstantOn\InsOnSrv.exe [277120 2012-04-13] (ASUS)
R2 ihpmServer; C:\Program Files (x86)\RayDld\ihpmServer.exe [268520 2015-09-09] ()
R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [129856 2012-06-27] (Intel Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [166720 2012-06-25] (Intel Corporation)
S2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1133880 2015-06-18] (Malwarebytes Corporation)
S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.11.163\McCHSvc.exe [289256 2015-07-31] (McAfee, Inc.)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [366552 2015-07-07] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2015-07-07] (Microsoft Corporation)

===================== Pilotes (Avec liste blanche) ==========================

(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)

R3 ATP; C:\Windows\System32\drivers\AsusTP.sys [62848 2012-11-20] (ASUS Corporation)
S0 ebdrv; C:\Windows\System32\drivers\evbda.sys [3357024 2013-08-22] (Broadcom Corporation)
R1 HyperVM; C:\WINDOWS\system32\drivers\hvm.sys [41784 2015-09-18] (Beijing Rising Information Technology Co., Ltd.)
R3 kbfiltr; C:\Windows\System32\drivers\kbfiltr.sys [14992 2012-08-02] ( )
R3 MBAMProtector; C:\WINDOWS\system32\drivers\mbam.sys [25816 2015-06-18] (Malwarebytes Corporation)
S3 MBAMWebAccessControl; C:\WINDOWS\system32\drivers\mwac.sys [64216 2015-06-18] (Malwarebytes Corporation)
U0 Partizan; C:\Windows\SysWOW64\drivers\Partizan.sys [40304 2015-09-18] (Greatis Software)
R1 rsutils; C:\Windows\System32\DRIVERS\rsutils.sys [71760 2015-04-09] (Beijing Rising Information Technology Co., Ltd.)
R0 sysmon; C:\Windows\System32\DRIVERS\sysmon.sys [119168 2015-09-18] (Beijing Rising Information Technology Co., Ltd.)
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44560 2015-07-07] (Microsoft Corporation)
R0 WdFilter; C:\Windows\System32\drivers\WdFilter.sys [270168 2015-07-07] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114520 2015-07-07] (Microsoft Corporation)

==================== NetSvcs (Avec liste blanche) ===================

(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)


==================== Un mois - Créés - fichiers et dossiers ========

(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)

2015-09-21 02:10 - 2015-09-21 02:11 - 00013881 _____ C:\Users\J\Downloads\FRST.txt
2015-09-21 02:10 - 2015-09-21 02:10 - 00000000 ____D C:\FRST
2015-09-21 02:09 - 2015-09-21 02:09 - 02191360 _____ (Farbar) C:\Users\J\Downloads\FRST64.exe
2015-09-21 02:02 - 2015-09-21 02:02 - 00091726 _____ C:\Users\J\Desktop\ZHPDiag.txt
2015-09-21 01:39 - 2015-09-21 01:39 - 01934848 _____ C:\Users\J\ZHPDiag3.exe
2015-09-21 01:38 - 2015-09-21 02:00 - 00000000 ____D C:\Users\J\AppData\Roaming\ZHP
2015-09-21 01:38 - 2015-09-21 01:59 - 00000867 _____ C:\Users\J\Desktop\ZHPDiag.lnk
2015-09-21 01:22 - 2015-09-21 01:23 - 01934848 _____ C:\Users\J\Downloads\ZHPDiag3.exe
2015-09-21 00:22 - 2015-09-21 00:46 - 00000000 ____D C:\Users\J\Desktop\Videos boulette
2015-09-20 23:41 - 2015-09-20 23:41 - 00000000 ____D C:\ProgramData\Rising
2015-09-20 23:36 - 2015-09-20 23:38 - 00000000 ____D C:\AdwCleaner
2015-09-20 23:34 - 2015-09-20 23:34 - 00001116 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2015-09-20 23:34 - 2015-09-20 23:34 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2015-09-20 23:34 - 2015-09-20 23:34 - 00000000 ____D C:\Program Files (x86)\Malwarebytes Anti-Malware
2015-09-20 23:34 - 2015-06-18 08:42 - 00064216 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mwac.sys
2015-09-20 23:34 - 2015-06-18 08:41 - 00109272 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbamchameleon.sys
2015-09-20 23:34 - 2015-06-18 08:41 - 00025816 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbam.sys
2015-09-20 23:33 - 2015-09-20 23:33 - 01662976 _____ C:\Users\J\Downloads\adwcleaner_5.008.exe
2015-09-20 12:06 - 2015-09-20 12:06 - 00000000 ____D C:\ProgramData\Malwarebytes
2015-09-20 12:04 - 2015-09-20 12:04 - 24345872 _____ (Malwarebytes Corporation ) C:\Users\J\Downloads\mbam-setup-2.1.8.1057.exe
2015-09-18 12:15 - 2015-09-20 23:39 - 00000248 _____ C:\WINDOWS\SysWOW64\PARTIZAN.TXT
2015-09-18 12:10 - 2015-09-18 12:10 - 00043312 _____ (Greatis Software) C:\WINDOWS\system32\Partizan.exe
2015-09-18 12:04 - 2015-09-18 12:04 - 00000002 RSHOT C:\WINDOWS\winstart.bat
2015-09-18 12:04 - 2015-09-18 12:04 - 00000002 RSHOT C:\WINDOWS\SysWOW64\CONFIG.NT
2015-09-18 12:04 - 2015-09-18 12:04 - 00000002 RSHOT C:\WINDOWS\SysWOW64\AUTOEXEC.NT
2015-09-18 12:02 - 2015-09-18 12:02 - 00000102 _____ C:\ProgramData\{262E20B8-6E20-4CEF-B1FD-D022AB1085F5}.dat
2015-09-18 11:57 - 2015-09-20 22:55 - 00000000 ____D C:\Users\Public\Documents\regruninfo
2015-09-18 11:57 - 2015-09-20 22:55 - 00000000 ____D C:\Users\J\Documents\RegRun2
2015-09-18 11:57 - 2015-09-20 22:54 - 00000000 ____D C:\ProgramData\RegRun
2015-09-18 11:57 - 2015-09-20 22:19 - 00001021 _____ C:\Users\J\Desktop\UnHackMe.lnk
2015-09-18 11:57 - 2015-09-18 11:57 - 00040304 _____ (Greatis Software) C:\WINDOWS\SysWOW64\Drivers\Partizan.sys
2015-09-18 11:57 - 2015-09-18 11:57 - 00003318 _____ C:\WINDOWS\System32\Tasks\UnHackMe Task Scheduler
2015-09-18 11:57 - 2015-09-18 11:57 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\UnHackMe
2015-09-18 11:57 - 2015-09-18 11:57 - 00000000 ____D C:\Program Files (x86)\UnHackMe
2015-09-18 11:57 - 2015-07-21 12:26 - 00012800 _____ (Greatis Software, LLC.) C:\WINDOWS\SysWOW64\Drivers\UnHackMeDrv.sys
2015-09-18 10:53 - 2015-09-20 22:19 - 00000985 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2015-09-18 10:38 - 2015-09-18 10:38 - 00000000 ____D C:\Users\J\.android
2015-09-18 10:14 - 2015-09-18 10:14 - 00003192 _____ C:\WINDOWS\System32\Tasks\Sunrise
2015-09-18 10:04 - 2015-09-18 10:06 - 00000875 _____ C:\WINDOWS\SysWOW64\${LOGFILE}
2015-09-18 09:45 - 2015-09-19 10:39 - 00003308 _____ C:\WINDOWS\System32\Tasks\RsDelayLauncher_{8A34248E-7D35-4832-8378-7659E0B0A380}
2015-09-18 09:42 - 2015-09-20 22:19 - 00001460 _____ C:\Users\J\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2015-09-18 09:22 - 2015-09-18 09:15 - 00041784 ____N (Beijing Rising Information Technology Co., Ltd.) C:\WINDOWS\system32\Drivers\hvm.sys
2015-09-18 07:41 - 2015-09-18 07:41 - 00000044 _____ C:\Users\J\AppData\Roaming\WB.CFG
2015-09-18 07:35 - 2015-09-18 07:35 - 00000150 __RSH C:\rising.ini
2015-09-18 07:35 - 2014-07-30 04:44 - 00091928 ____N (Beijing Rising Information Technology Co., Ltd.) C:\WINDOWS\SysWOW64\vpatch.dll
2015-09-18 07:34 - 2015-09-18 12:03 - 00000000 ___RD C:\RavBin
2015-09-18 07:33 - 2014-01-02 09:37 - 00325400 ____N (Beijing Rising Information Technology Co., Ltd.) C:\WINDOWS\system32\ravext64.dll
2015-09-18 07:33 - 2013-12-30 09:33 - 00256280 ____N (Beijing Rising Information Technology Co., Ltd.) C:\WINDOWS\SysWOW64\ravext.dll
2015-09-18 07:33 - 2012-09-06 02:30 - 00240472 ____N (Beijing Rising Information Technology Co., Ltd.) C:\WINDOWS\SysWOW64\bsmain.exe
2015-09-18 07:32 - 2012-02-29 09:49 - 00011888 ____N (Beijing Rising Information Technology Co., Ltd.) C:\WINDOWS\system32\Drivers\rsndisp.sys
2015-09-18 07:31 - 2015-09-18 09:14 - 00119168 ____N (Beijing Rising Information Technology Co., Ltd.) C:\WINDOWS\system32\Drivers\sysmon.sys
2015-09-18 07:31 - 2015-04-09 07:00 - 00071760 ____N (Beijing Rising Information Technology Co., Ltd.) C:\WINDOWS\system32\Drivers\rsutils.sys
2015-09-18 00:02 - 2015-09-18 07:32 - 00003428 _____ C:\WINDOWS\System32\Tasks\Plaoalhi
2015-09-17 23:51 - 2015-09-18 11:05 - 00000004 _____ C:\WINDOWS\SysWOW64\029B560A371F4E00AB32838EBC01B9E7
2015-09-17 23:40 - 2015-09-18 09:55 - 00000000 ____D C:\Users\J\AppData\Local\{9DCEAB92-B966-C72A-D4FE-E2C2F0961E5A}
2015-09-17 23:40 - 2015-09-17 23:40 - 00000290 __RSH C:\ProgramData\ntuser.pol
2015-09-17 23:36 - 2015-09-05 11:38 - 00000856 _____ C:\WINDOWS\system32\Drivers\etc\hp.bak
2015-09-17 23:35 - 2015-09-18 09:42 - 00004744 _____ C:\WINDOWS\SysWOW64\Sotrio.ini
2015-09-17 23:35 - 2015-09-18 09:42 - 00002456 _____ C:\WINDOWS\SysWOW64\SotrioOff.ini
2015-09-17 23:35 - 2015-09-18 09:42 - 00002456 _____ C:\WINDOWS\system32\SotrioOff.ini
2015-09-17 23:35 - 2015-09-17 23:39 - 00000000 ____D C:\Users\J\AppData\Local\Tempfolder
2015-09-17 23:35 - 2015-09-17 23:35 - 00000000 ____D C:\WINDOWS\system32\galw
2015-09-17 23:34 - 2015-09-17 23:34 - 00000000 ____D C:\Users\J\AppData\Roaming\WB_CFG
2015-09-17 23:34 - 2015-09-17 23:34 - 00000000 ____D C:\Users\J\AppData\Roaming\Opera Software
2015-09-17 23:34 - 2015-09-17 23:34 - 00000000 ____D C:\Users\J\AppData\Local\Opera Software
2015-09-17 23:32 - 2015-09-18 09:40 - 00000000 ____D C:\Program Files (x86)\Software
2015-09-17 23:32 - 2015-09-17 23:40 - 00000000 ____D C:\Program Files (x86)\Opera
2015-09-17 23:29 - 2015-09-18 10:40 - 00000000 ____D C:\Users\J\AppData\Local\Unity
2015-09-17 23:29 - 2015-09-17 23:29 - 00000000 ____D C:\ProgramData\adb
2015-09-17 23:28 - 2015-09-17 23:28 - 00000000 ____D C:\Users\Public\QiYi
2015-09-17 23:26 - 2015-09-20 22:18 - 00000000 ____D C:\Program Files (x86)\baidu
2015-09-17 23:26 - 2015-09-17 23:26 - 00000000 ____D C:\Program Files (x86)\RayDld
2015-09-10 21:50 - 2015-09-10 21:50 - 00000000 ____D C:\Users\J\AppData\Roaming\Sun
2015-09-10 21:50 - 2015-09-10 21:50 - 00000000 ____D C:\Users\J\.oracle_jre_usage
2015-09-10 00:31 - 2015-08-27 04:48 - 00136904 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
2015-09-10 00:31 - 2015-08-26 20:00 - 00721920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapi.dll
2015-09-10 00:31 - 2015-08-26 20:00 - 00124928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuwebv.dll
2015-09-10 00:31 - 2015-08-26 20:00 - 00081920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wudriver.dll
2015-09-10 00:31 - 2015-08-26 20:00 - 00029696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapp.exe
2015-09-10 00:31 - 2015-08-26 16:46 - 03705344 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2015-09-10 00:31 - 2015-08-26 16:29 - 02240512 _____ (Microsoft Corporation) C:\WINDOWS\system32\wucltux.dll
2015-09-10 00:31 - 2015-08-26 16:27 - 00891904 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll
2015-09-10 00:31 - 2015-08-26 16:27 - 00409088 _____ (Microsoft Corporation) C:\WINDOWS\system32\WUSettingsProvider.dll
2015-09-10 00:31 - 2015-08-26 16:26 - 00140288 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuwebv.dll
2015-09-10 00:31 - 2015-08-26 16:26 - 00095744 _____ (Microsoft Corporation) C:\WINDOWS\system32\wudriver.dll
2015-09-10 00:31 - 2015-08-26 16:26 - 00035840 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapp.exe
2015-09-10 00:30 - 2015-09-03 04:18 - 02531400 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml6.dll
2015-09-10 00:30 - 2015-09-03 04:17 - 01903848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml6.dll
2015-09-10 00:30 - 2015-09-02 20:48 - 02345472 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml3.dll
2015-09-10 00:30 - 2015-09-02 19:09 - 01556992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml3.dll
2015-09-10 00:30 - 2015-08-22 20:19 - 25188352 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2015-09-10 00:30 - 2015-08-22 19:35 - 02886144 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2015-09-10 00:30 - 2015-08-22 19:34 - 00585216 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2015-09-10 00:30 - 2015-08-22 19:22 - 19856384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2015-09-10 00:30 - 2015-08-22 19:21 - 00817664 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2015-09-10 00:30 - 2015-08-22 19:20 - 05923840 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2015-09-10 00:30 - 2015-08-22 18:55 - 00504832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2015-09-10 00:30 - 2015-08-22 18:50 - 02279424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2015-09-10 00:30 - 2015-08-22 18:50 - 01032704 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcomm.dll
2015-09-10 00:30 - 2015-08-22 18:45 - 00665600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2015-09-10 00:30 - 2015-08-22 18:44 - 00262144 _____ (Microsoft Corporation) C:\WINDOWS\system32\webcheck.dll
2015-09-10 00:30 - 2015-08-22 18:41 - 14451712 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2015-09-10 00:30 - 2015-08-22 18:41 - 00801280 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2015-09-10 00:30 - 2015-08-22 18:41 - 00720384 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2015-09-10 00:30 - 2015-08-22 18:41 - 00374784 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2015-09-10 00:30 - 2015-08-22 18:39 - 02126336 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2015-09-10 00:30 - 2015-08-22 18:28 - 04520448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2015-09-10 00:30 - 2015-08-22 18:26 - 02427392 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2015-09-10 00:30 - 2015-08-22 18:23 - 00880128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcomm.dll
2015-09-10 00:30 - 2015-08-22 18:22 - 12857344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2015-09-10 00:30 - 2015-08-22 18:20 - 00230400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webcheck.dll
2015-09-10 00:30 - 2015-08-22 18:18 - 02052608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2015-09-10 00:30 - 2015-08-22 18:18 - 00689152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2015-09-10 00:30 - 2015-08-22 18:18 - 00327168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll
2015-09-10 00:30 - 2015-08-22 18:14 - 01545728 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2015-09-10 00:30 - 2015-08-22 18:01 - 00800768 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2015-09-10 00:30 - 2015-08-22 18:00 - 01951232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2015-09-10 00:30 - 2015-08-22 17:56 - 01310720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2015-09-10 00:30 - 2015-08-22 17:55 - 00710144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2015-09-10 00:30 - 2015-08-01 05:47 - 00229376 _____ (Microsoft Corporation) C:\WINDOWS\system32\schtasks.exe
2015-09-10 00:30 - 2015-08-01 05:45 - 00182784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\schtasks.exe
2015-09-10 00:30 - 2015-08-01 05:38 - 01265152 _____ (Microsoft Corporation) C:\WINDOWS\system32\schedsvc.dll
2015-09-10 00:30 - 2015-08-01 05:37 - 00468992 _____ (Microsoft Corporation) C:\WINDOWS\system32\taskeng.exe
2015-09-10 00:30 - 2015-08-01 05:37 - 00359936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\taskeng.exe
2015-09-10 00:30 - 2015-07-30 19:18 - 00268288 _____ (Microsoft Corporation) C:\WINDOWS\system32\InkEd.dll
2015-09-10 00:30 - 2015-07-30 18:22 - 00230912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InkEd.dll
2015-09-10 00:30 - 2015-07-22 16:19 - 00041984 _____ (Microsoft Corporation) C:\WINDOWS\system32\UtcResources.dll
2015-09-10 00:30 - 2015-07-22 15:52 - 01633792 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagtrack.dll
2015-09-10 00:30 - 2015-07-17 16:15 - 00951296 _____ (Microsoft Corporation) C:\WINDOWS\system32\tdh.dll
2015-09-10 00:30 - 2015-07-17 16:10 - 00749568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tdh.dll
2015-09-10 00:30 - 2015-06-27 13:47 - 00118616 _____ (Microsoft Corporation) C:\WINDOWS\system32\consent.exe
2015-09-10 00:30 - 2015-06-19 19:07 - 02819072 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers.dll
2015-09-10 00:29 - 2015-09-02 04:56 - 04175872 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2015-09-10 00:29 - 2015-09-02 04:55 - 00358912 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\atmfd.dll
2015-09-10 00:29 - 2015-09-02 04:50 - 00044032 _____ (Adobe Systems) C:\WINDOWS\system32\atmlib.dll
2015-09-10 00:29 - 2015-09-02 04:17 - 00301568 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\atmfd.dll
2015-09-10 00:29 - 2015-09-02 04:13 - 00035840 _____ (Adobe Systems) C:\WINDOWS\SysWOW64\atmlib.dll
2015-09-10 00:29 - 2015-08-03 23:15 - 00074928 _____ (Microsoft Corporation) C:\WINDOWS\system32\appidapi.dll
2015-09-10 00:29 - 2015-08-03 23:15 - 00065600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\appidapi.dll
2015-09-10 00:29 - 2015-08-01 16:22 - 00039936 _____ (Microsoft Corporation) C:\WINDOWS\system32\appidsvc.dll
2015-09-10 00:29 - 2015-07-22 16:34 - 02775552 _____ (Microsoft Corporation) C:\WINDOWS\system32\authui.dll
2015-09-10 00:29 - 2015-07-22 16:33 - 01728000 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Immersive.dll
2015-09-10 00:29 - 2015-07-22 16:25 - 02461184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\authui.dll
2015-09-10 00:29 - 2015-07-22 16:25 - 01546752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Immersive.dll
2015-09-10 00:29 - 2015-07-18 20:31 - 00194048 _____ (Microsoft Corporation) C:\WINDOWS\system32\shacct.dll
2015-09-10 00:29 - 2015-07-18 20:29 - 00655872 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSync.dll
2015-09-10 00:29 - 2015-07-18 20:29 - 00148480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shacct.dll
2015-09-10 00:29 - 2015-07-18 20:27 - 00520192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSync.dll
2015-09-10 00:29 - 2015-07-14 05:27 - 00063488 _____ (Microsoft Corporation) C:\WINDOWS\system32\tzsync.exe
2015-09-10 00:29 - 2015-07-13 21:10 - 00411455 _____ C:\WINDOWS\system32\ApnDatabase.xml
2015-09-10 00:29 - 2015-07-09 18:14 - 00228864 _____ (Microsoft Corporation) C:\WINDOWS\system32\profsvc.dll
2015-09-10 00:29 - 2015-07-03 23:51 - 01380056 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32.dll
2015-09-10 00:29 - 2015-07-03 16:00 - 01097216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32.dll
2015-09-05 23:37 - 2015-09-17 22:20 - 00000000 ____D C:\Users\J\Downloads\photo_alain
2015-09-05 11:38 - 2015-09-05 11:38 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee Security Scan Plus
2015-09-05 11:37 - 2015-09-05 11:37 - 00000000 ____D C:\Program Files\McAfee Security Scan
2015-08-28 11:08 - 2015-09-14 11:25 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2015-08-24 08:34 - 2015-08-24 08:54 - 00000000 ____D C:\Users\J\Downloads\Litige friendly moment
2015-08-22 14:14 - 2015-08-22 14:14 - 00284184 _____ C:\WINDOWS\Minidump\082215-32171-01.dmp

==================== Un mois - Modifiés - fichiers et dossiers ========

(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)

2015-09-21 02:00 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\system32\sru
2015-09-21 01:44 - 2013-12-09 01:19 - 01167370 _____ C:\WINDOWS\WindowsUpdate.log
2015-09-21 01:39 - 2013-12-09 01:03 - 00000000 ____D C:\Users\J
2015-09-21 01:15 - 2013-11-04 10:41 - 00001002 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2015-09-21 00:39 - 2014-05-10 14:22 - 01692672 ___SH C:\Users\J\Desktop\Thumbs.db
2015-09-20 23:44 - 2013-10-26 18:07 - 00003596 _____ C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-436175978-3131036754-1171350570-1001
2015-09-20 23:40 - 2013-12-27 00:55 - 00000000 ____D C:\Users\J\AppData\Roaming\uTorrent
2015-09-20 23:40 - 2013-12-09 23:39 - 00000000 ___DO C:\Users\J\SkyDrive
2015-09-20 23:39 - 2013-10-26 17:59 - 00000408 _____ C:\Users\J\AppData\Roaming\sp_data.sys
2015-09-20 23:39 - 2013-09-29 21:05 - 00144142 _____ C:\WINDOWS\PFRO.log
2015-09-20 23:39 - 2013-08-22 16:46 - 00350472 _____ C:\WINDOWS\setupact.log
2015-09-20 23:39 - 2013-08-22 16:45 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2015-09-20 23:38 - 2013-08-22 15:25 - 00524288 ___SH C:\WINDOWS\system32\config\BBI
2015-09-20 22:21 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\tracing
2015-09-20 22:19 - 2015-05-18 00:28 - 00002035 _____ C:\Users\Public\Desktop\Adobe Reader X.lnk
2015-09-20 22:19 - 2014-06-17 08:03 - 00001039 _____ C:\Users\Public\Desktop\PDFCreator.lnk
2015-09-20 22:19 - 2014-06-16 20:03 - 00001950 _____ C:\Users\Public\Desktop\McAfee Security Scan Plus.lnk
2015-09-20 22:19 - 2014-04-05 03:12 - 00002271 _____ C:\Users\Public\Desktop\PokerStrategy.com Equilab.lnk
2015-09-20 22:19 - 2014-04-04 00:32 - 00000797 _____ C:\Users\J\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BetclicPoker.fr.lnk
2015-09-20 22:19 - 2014-04-04 00:32 - 00000767 _____ C:\Users\J\Desktop\BetclicPoker.fr.lnk
2015-09-20 22:19 - 2013-12-27 23:15 - 00000566 _____ C:\Users\Public\Desktop\Jiwok.lnk
2015-09-20 22:19 - 2013-12-27 00:57 - 00000898 _____ C:\Users\J\Desktop\µTorrent.lnk
2015-09-20 22:19 - 2013-12-27 00:57 - 00000878 _____ C:\Users\J\AppData\Roaming\Microsoft\Windows\Start Menu\µTorrent.lnk
2015-09-20 22:19 - 2013-12-09 01:07 - 00001511 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
2015-09-20 22:19 - 2013-05-16 15:57 - 00000710 _____ C:\Users\Public\Desktop\eManual.Lnk
2015-09-20 22:19 - 2013-05-16 15:39 - 00001628 _____ C:\Users\Public\Desktop\ASUS Install.lnk
2015-09-20 22:19 - 2012-11-27 06:10 - 00001364 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Photo Gallery.lnk
2015-09-20 22:19 - 2012-11-27 06:10 - 00001295 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Movie Maker.lnk
2015-09-20 22:19 - 2012-11-27 06:09 - 00002607 _____ C:\Users\Public\Desktop\ASUS Instant Connect Installer.lnk
2015-09-20 22:19 - 2012-11-27 06:09 - 00002587 _____ C:\Users\Public\Desktop\ASUS Tutor.lnk
2015-09-20 22:19 - 2012-11-27 06:09 - 00001251 _____ C:\Users\Public\Desktop\WebStorage.lnk
2015-09-20 22:19 - 2012-11-27 06:08 - 00002445 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader X.lnk
2015-09-20 22:19 - 2012-11-27 06:07 - 00001960 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office.lnk
2015-09-20 22:18 - 2014-01-19 12:24 - 00000000 ____D C:\Users\J\AppData\Roaming\Cool Mirage Ltd
2015-09-20 19:37 - 2013-12-25 23:28 - 00003924 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{C32CD364-5041-45F3-B2B8-EFF7425A5357}
2015-09-20 11:00 - 2013-12-27 00:58 - 00000000 ____D C:\WINDOWS\system32\log
2015-09-18 12:12 - 2014-04-12 11:41 - 00000000 ____D C:\Users\J\Desktop\[www.Cpasbien.me] House.Of.Cards.2013.S01E05.FASTSUB.VOSTFR.WebRip.XviD-TFTD
2015-09-18 11:04 - 2013-08-22 16:44 - 00483456 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2015-09-18 10:17 - 2014-04-26 17:25 - 00000551 _____ C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Documents.lnk
2015-09-18 10:17 - 2014-04-26 17:25 - 00000551 _____ C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Documents.lnk
2015-09-18 10:17 - 2014-04-26 17:25 - 00000549 _____ C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Pictures.lnk
2015-09-18 10:17 - 2014-04-26 17:25 - 00000549 _____ C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Pictures.lnk
2015-09-18 00:05 - 2013-10-26 17:57 - 00000000 ____D C:\Users\J\AppData\Local\VirtualStore
2015-09-17 23:40 - 2013-08-22 17:36 - 00000000 ___HD C:\WINDOWS\system32\GroupPolicy
2015-09-17 23:40 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\SysWOW64\GroupPolicy
2015-09-17 23:35 - 2015-04-15 22:19 - 00657920 _____ (Microsoft Corporation) C:\WINDOWS\system32\dnsapi.dll
2015-09-17 23:35 - 2015-04-15 22:18 - 00498688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dnsapi.dll
2015-09-17 21:16 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\AppReadiness
2015-09-14 15:37 - 2013-09-30 06:16 - 01824010 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2015-09-14 15:37 - 2013-09-30 05:56 - 00812350 _____ C:\WINDOWS\system32\perfh00C.dat
2015-09-14 15:37 - 2013-09-30 05:56 - 00159412 _____ C:\WINDOWS\system32\perfc00C.dat
2015-09-14 14:09 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\rescache
2015-09-14 11:25 - 2013-11-01 11:13 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2015-09-14 11:22 - 2013-09-30 06:00 - 00000000 ____D C:\Program Files\Windows Journal
2015-09-14 11:22 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\PolicyDefinitions
2015-09-11 22:16 - 2013-10-28 22:05 - 00000000 ____D C:\WINDOWS\system32\MRT
2015-09-10 21:52 - 2013-10-27 13:51 - 00000000 ____D C:\ProgramData\Oracle
2015-09-10 21:51 - 2014-10-20 21:49 - 00000000 ____D C:\Program Files (x86)\Java
2015-09-10 21:51 - 2013-10-27 13:51 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2015-09-10 21:49 - 2014-10-20 21:49 - 00097888 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\WindowsAccessBridge-32.dll
2015-09-10 11:36 - 2013-11-05 14:09 - 00000000 ____D C:\ProgramData\Microsoft Help
2015-09-10 11:35 - 2012-07-26 09:59 - 00000000 ____D C:\WINDOWS\CbsTemp
2015-09-08 23:31 - 2013-11-12 18:28 - 00873984 ___SH C:\Users\J\Downloads\Thumbs.db
2015-09-07 22:23 - 2014-10-13 19:46 - 00000000 ____D C:\Users\J\Desktop\Ventes le bon coin
2015-09-07 14:15 - 2015-05-04 09:29 - 00000000 ____D C:\Users\J\Desktop\Bon coin
2015-08-26 18:37 - 2013-10-28 22:05 - 134753440 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2015-08-22 14:14 - 2015-06-09 17:16 - 592681778 _____ C:\WINDOWS\MEMORY.DMP
2015-08-22 14:14 - 2015-06-09 17:16 - 00000000 ____D C:\WINDOWS\Minidump

==================== Fichiers à la racine de certains dossiers =======

2015-04-14 18:28 - 2015-04-14 18:28 - 0004387 ____N () C:\Users\J\AppData\Roaming\3zF17p3WiBM8
2015-04-14 18:28 - 2015-04-14 18:28 - 0004387 ____N () C:\Users\J\AppData\Roaming\Gi2atDyxXst2u4j7rudGEglwpAF
2014-10-25 19:16 - 2014-10-25 19:16 - 0000021 _____ () C:\Users\J\AppData\Roaming\my_intel.sys
2013-10-26 17:59 - 2015-09-20 23:39 - 0000408 _____ () C:\Users\J\AppData\Roaming\sp_data.sys
2015-09-18 07:41 - 2015-09-18 07:41 - 0000044 _____ () C:\Users\J\AppData\Roaming\WB.CFG
2012-11-27 06:08 - 2012-09-07 13:40 - 0000256 _____ () C:\ProgramData\SetStretch.cmd
2012-11-27 06:08 - 2009-07-22 12:04 - 0024576 _____ () C:\ProgramData\SetStretch.exe
2012-11-27 06:08 - 2012-09-07 13:37 - 0000103 _____ () C:\ProgramData\SetStretch.VBS
2015-09-18 12:02 - 2015-09-18 12:02 - 0000102 _____ () C:\ProgramData\{262E20B8-6E20-4CEF-B1FD-D022AB1085F5}.dat

Fichiers à déplacer ou supprimer:
====================
C:\ProgramData\SetStretch.VBS
C:\ProgramData\{262E20B8-6E20-4CEF-B1FD-D022AB1085F5}.dat
C:\Users\J\ZHPDiag3.exe


Certains fichiers dans TEMP:
====================
C:\Users\J\AppData\Local\Temp\f.exe
C:\Users\J\AppData\Local\Temp\geeplayersetup_unfix.exe
C:\Users\J\AppData\Local\Temp\install1754835.exe
C:\Users\J\AppData\Local\Temp\IQIYIsetup_spl004@kb037.exe
C:\Users\J\AppData\Local\Temp\jre-7u60-windows-i586-iftw.exe
C:\Users\J\AppData\Local\Temp\jre-7u67-windows-i586-iftw.exe
C:\Users\J\AppData\Local\Temp\jre-7u71-windows-i586-iftw.exe
C:\Users\J\AppData\Local\Temp\jre-8u31-windows-au.exe
C:\Users\J\AppData\Local\Temp\jre-8u60-windows-au.exe
C:\Users\J\AppData\Local\Temp\karafunstudio_trial_1.20.90.exe
C:\Users\J\AppData\Local\Temp\Opera_NI_stable.exe
C:\Users\J\AppData\Local\Temp\qqpcmgr_v10.11.16575.227_8881494_Silence.exe
C:\Users\J\AppData\Local\Temp\setup3.exe
C:\Users\J\AppData\Local\Temp\SpOrder.dll
C:\Users\J\AppData\Local\Temp\sqlite3.dll
C:\Users\J\AppData\Local\Temp\UBp1276.exe
C:\Users\J\AppData\Local\Temp\UBp5F65.exe
C:\Users\J\AppData\Local\Temp\Uninstall.exe
C:\Users\J\AppData\Local\Temp\UpdUninstall.exe
C:\Users\J\AppData\Local\Temp\V8._85773_20150906124525.exe
C:\Users\J\AppData\Local\Temp\wgjiklit_533_setup.exe


==================== Bamital & volsnap =================

(Il n'y a pas de correction automatique pour les fichiers qui ne satisfont pas à la vérification.)

C:\WINDOWS\system32\winlogon.exe => Le fichier est signé numériquement
C:\WINDOWS\system32\wininit.exe => Le fichier est signé numériquement
C:\WINDOWS\explorer.exe => Le fichier est signé numériquement
C:\WINDOWS\SysWOW64\explorer.exe => Le fichier est signé numériquement
C:\WINDOWS\system32\svchost.exe => Le fichier est signé numériquement
C:\WINDOWS\SysWOW64\svchost.exe => Le fichier est signé numériquement
C:\WINDOWS\system32\services.exe => Le fichier est signé numériquement
C:\WINDOWS\system32\User32.dll => Le fichier est signé numériquement
C:\WINDOWS\SysWOW64\User32.dll => Le fichier est signé numériquement
C:\WINDOWS\system32\userinit.exe => Le fichier est signé numériquement
C:\WINDOWS\SysWOW64\userinit.exe => Le fichier est signé numériquement
C:\WINDOWS\system32\rpcss.dll => Le fichier est signé numériquement
C:\WINDOWS\system32\dnsapi.dll
[2015-04-15 22:19] - [2015-09-17 23:35] - 0657920 ____A (Microsoft Corporation) 3C07018A39521BE672F066281228AB67

C:\WINDOWS\SysWOW64\dnsapi.dll
[2015-04-15 22:18] - [2015-09-17 23:35] - 0498688 ____A (Microsoft Corporation) 9FFBAA8DD47853BB7D4EB9B16C3ACC06

C:\WINDOWS\system32\Drivers\volsnap.sys => Le fichier est signé numériquement


LastRegBack: 2015-09-20 12:28

==================== Fin de FRST.txt ============================

Publicité


Signaler le contenu de ce document

Publicité