cjoint

Publicité


Publicité

Format du document : text/plain

Prévisualisation

Résultats d'analyse de Farbar Recovery Scan Tool (FRST) (x86) Version:22-10-2015
Exécuté par Julio (administrateur) sur JULIO-PC (24-10-2015 08:28:50)
Exécuté depuis C:\Users\Julio\Downloads
Profils chargés: Julio (Profils disponibles: Julio & Administrateur)
Platform: Microsoft Windows 7 Édition Intégrale Service Pack 1 (X86) Langue: Français (France)
Internet Explorer Version 11 (Navigateur par défaut: IE)
Mode d'amorçage: Normal
Tutoriel pour Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processus (Avec liste blanche) =================

(Si un élément est inclus dans le fichier fixlist.txt, le processus sera arrêté. Le fichier ne sera pas déplacé.)

(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\sched.exe
(ArcSoft Inc.) C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avguard.exe
(Lavasoft Limited) C:\Program Files\Lavasoft\Web Companion\TcpService\2.3.4.7\LavasoftTcpService.exe
(CybelSoft) C:\Program Files\ma-config.com\MaConfigAgent.exe
(Malwarebytes) C:\Program Files\Malwarebytes Anti-Malware\mbamscheduler.exe
(Malwarebytes) C:\Program Files\Malwarebytes Anti-Malware\mbam.exe
(Malwarebytes) C:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe
() C:\Program Files\Lavasoft\Web Companion\Application\Lavasoft.SearchProtect.WinService.exe
(www.shadowexplorer.com) C:\Program Files\ShadowExplorer\sesvc.exe
(Microsoft Corp.) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\Launcher\Avira.ServiceHost.exe
(Microsoft Corp.) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVCM.EXE
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avshadow.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
(Advanced Micro Devices Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
() C:\Program Files\DivX\DivX Update\DivXUpdate.exe
(Hewlett-Packard) C:\Program Files\HP\HP Software Update\hpwuSchd2.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
(Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jusched.exe
() C:\Windows\PLFSetI.exe
() C:\Program Files\Unlocker\UnlockerAssistant.exe
(Labtec Inc,) C:\Program Files\Common Files\LogiShrd\LComMgr\Communications_Helper.exe
(Labtec Inc.) C:\Program Files\Common Files\LogiShrd\LComMgr\LVComSX.exe
() C:\Program Files\Labtec\WebCam10\WebCam10.exe
(SFR) C:\Program Files\SFR\Kit\9props.exe
(ATI Technologies Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office\Office14\MSOSYNC.EXE
(© 2015 Microsoft Corporation) C:\Users\Julio\AppData\Local\Microsoft\BingSvc\BingSvc.exe
(Hewlett-Packard Co.) C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\Launcher\Avira.Systray.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Google Inc.) C:\Program Files\Google\Google Toolbar\GoogleToolbarUser_32.exe
(Micro Application) C:\Program Files\Micro Application\LauncherMA.exe
(Hewlett-Packard Co.) C:\Program Files\HP\Digital Imaging\bin\hpqste08.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
(Hewlett-Packard Co.) C:\Program Files\HP\Digital Imaging\bin\hpqbam08.exe
(Hewlett-Packard) C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe


==================== Registre (Avec liste blanche) ===========================

(Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé. Le fichier ne sera pas déplacé.)

HKLM\...\Run: [StartCCC] => C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [343168 2011-12-05] (Advanced Micro Devices, Inc.)
HKLM\...\Run: [BCSSync] => C:\Program Files\Microsoft Office\Office14\BCSSync.exe [89184 2012-11-05] (Microsoft Corporation)
HKLM\...\Run: [Adobe ARM] => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [937920 2011-06-06] (Adobe Systems Incorporated)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe [11487848 2011-12-13] (Realtek Semiconductor)
HKLM\...\Run: [DivXUpdate] => C:\Program Files\DivX\DivX Update\DivXUpdate.exe [1263512 2012-11-01] ()
HKLM\...\Run: [hpqSRMon] => C:\Program Files\HP\Digital Imaging\bin\hpqSRMon.exe [150528 2008-07-22] (Hewlett-Packard)
HKLM\...\Run: [HP Software Update] => C:\Program Files\HP\HP Software Update\HPWuSchd2.exe [54840 2007-05-08] (Hewlett-Packard)
HKLM\...\Run: [avgnt] => C:\Program Files\Avira\AntiVir Desktop\avgnt.exe [782008 2015-09-01] (Avira Operations GmbH & Co. KG)
HKLM\...\Run: [APSDaemon] => C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe [59240 2011-09-27] (Apple Inc.)
HKLM\...\Run: [QuickTime Task] => C:\Program Files\QuickTime\QTTask.exe [421888 2011-10-24] (Apple Inc.)
HKLM\...\Run: [ArcSoft Connection Service] => C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe [207424 2010-10-27] (ArcSoft Inc.)
HKLM\...\Run: [SunJavaUpdateSched] => C:\Program Files\Common Files\Java\Java Update\jusched.exe [256896 2014-07-25] (Oracle Corporation)
HKLM\...\Run: [PLFSetL] => C:\Windows\PLFSetL.exe [94208 2007-07-05] (sonix)
HKLM\...\Run: [PLFSetI] => C:\Windows\PLFSetI.exe [200704 2008-07-29] ()
HKLM\...\Run: [UnlockerAssistant] => C:\Program Files\Unlocker\UnlockerAssistant.exe [17408 2010-07-04] ()
HKLM\...\Run: [Avira SystrayStartTrigger] => C:\Program Files\Avira\Launcher\Avira.SystrayStartTrigger.exe [66320 2015-09-10] (Avira Operations GmbH & Co. KG)
HKLM\...\Run: [LogitechCommunicationsManager] => C:\Program Files\Common Files\LogiShrd\LComMgr\Communications_Helper.exe [488984 2007-03-06] (Labtec Inc,)
HKLM\...\Run: [LVCOMSX] => C:\Program Files\Common Files\LogiShrd\LComMgr\LVComSX.exe [252704 2007-03-06] (Labtec Inc.)
HKLM\...\Run: [] => [X]
HKLM\...\Run: [LogitechQuickCamRibbon] => C:\Program Files\Labtec\WebCam10\WebCam10.exe [1060376 2007-03-06] ()
HKU\S-1-5-21-3629983168-1962649771-3116347968-1000\...\Run: [Connexion SFR 9props.exe] => C:\Program Files\SFR\Kit\9props.exe [959880 2011-06-10] (SFR)
HKU\S-1-5-21-3629983168-1962649771-3116347968-1000\...\Run: [DAEMON Tools Lite] => C:\Program Files\DAEMON Tools Lite\DTLite.exe [3672640 2013-03-14] (Disc Soft Ltd)
HKU\S-1-5-21-3629983168-1962649771-3116347968-1000\...\Run: [GoogleChromeAutoLaunch_10DD2C0B25E54D8A04C136866AFB21B6] => C:\Program Files\Google\Chrome\Application\chrome.exe [841032 2014-04-24] (Google Inc.)
HKU\S-1-5-21-3629983168-1962649771-3116347968-1000\...\Run: [aaehke] => "c:\users\julio\appdata\local\aaehke.exe" /r
HKU\S-1-5-21-3629983168-1962649771-3116347968-1000\...\Run: [Xvid] => C:\Program Files\Xvid\CheckUpdate.exe [8192 2011-01-17] ()
HKU\S-1-5-21-3629983168-1962649771-3116347968-1000\...\Run: [OfficeSyncProcess] => C:\Program Files\Microsoft Office\Office14\MSOSYNC.EXE [720064 2013-04-22] (Microsoft Corporation)
HKU\S-1-5-21-3629983168-1962649771-3116347968-1000\...\Run: [Web Companion] => C:\Program Files\Lavasoft\Web Companion\Application\WebCompanion.exe [1402640 2015-09-06] (Lavasoft)
HKU\S-1-5-21-3629983168-1962649771-3116347968-1000\...\Run: [BingSvc] => C:\Users\Julio\AppData\Local\Microsoft\BingSvc\BingSvc.exe [144008 2015-04-07] (© 2015 Microsoft Corporation)
HKU\S-1-5-21-3629983168-1962649771-3116347968-1000\...\MountPoints2: E - E:\SETUP.EXE
HKU\S-1-5-21-3629983168-1962649771-3116347968-1000\...\MountPoints2: F - F:\setup.exe
HKU\S-1-5-18\...\Run: [] => [X]
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk [2015-10-23]
ShortcutTarget: HP Digital Imaging Monitor.lnk -> C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe (Hewlett-Packard Co.)
Startup: C:\Users\Julio\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\HELP_DECRYPT.HTML [2015-10-23] ()
Startup: C:\Users\Julio\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\HELP_DECRYPT.PNG [2015-10-23] ()
Startup: C:\Users\Julio\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\HELP_DECRYPT.TXT [2015-10-23] ()
InternetURL: C:\Users\Julio\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\HELP_DECRYPT.URL -> hxxp://ayh2m57ruxjtwyd5.speralreaopio.com/xbxcso
Startup: C:\Users\Julio\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Lanceur.lnk [2015-10-23]
ShortcutTarget: Lanceur.lnk -> C:\Program Files\Micro Application\LauncherMA.exe (Micro Application)
GroupPolicyScripts: Restriction <======= ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Restriction <======= ATTENTION

==================== Internet (Avec liste blanche) ====================

(Si un élément est inclus dans le fichier fixlist.txt, s'il s'agit d'un élément du Registre, il sera supprimé ou restauré à la valeur par défaut.)

Hosts: Il y a plus d'un élément dans hosts. Voir la section Hosts de Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{4F837D3C-42E6-4145-9D95-0ABC19BDCA4E}: [DhcpNameServer] 192.168.1.1

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = about:blank
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-3629983168-1962649771-3116347968-1000\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://www.msn.com/fr-fr/?ocid=iehp
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-3629983168-1962649771-3116347968-1000 -> DefaultScope {3A754A05-F2DE-4476-BB97-BBBC40C5563B} URL = hxxp://www.google.com/search?q={searchTerms}&rlz=1I7NDKB_frFR592
SearchScopes: HKU\S-1-5-21-3629983168-1962649771-3116347968-1000 -> {3A754A05-F2DE-4476-BB97-BBBC40C5563B} URL = hxxp://www.google.com/search?q={searchTerms}&rlz=1I7NDKB_frFR592
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-19] (Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll [2014-07-25] (Oracle Corporation)
BHO: Ript -> {91D9091B-2046-42f7-903E-1215A29E21EA} -> C:\Program Files\Ript\mscoree.dll [2007-10-27] (Microsoft Corporation)
BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2015-08-09] (Google Inc.)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll [2014-07-25] (Oracle Corporation)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2015-08-09] (Google Inc.)
Toolbar: HKU\S-1-5-21-3629983168-1962649771-3116347968-1000 -> Pas de nom - {9E96C0CD-A901-4032-9236-0E4A264AEEE4} - Pas de fichier
Toolbar: HKU\S-1-5-21-3629983168-1962649771-3116347968-1000 -> Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2015-08-09] (Google Inc.)
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab

FireFox:
========
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32_19_0_0_226.dll [2015-10-17] ()
FF Plugin: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll [2011-06-20] (DivX, LLC.)
FF Plugin: @java.com/DTPlugin,version=10.67.2 -> C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll [2014-07-25] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.67.2 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll [2014-07-25] (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE -> disabled [Pas de fichier]
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~3\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~3\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll [2012-03-08] (Microsoft Corporation)
FF Plugin: @microsoft.com/WLPG,version=15.4.3555.0308 -> C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll [2012-03-08] (Microsoft Corporation)
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.22.5\npGoogleUpdate3.dll [2014-04-27] (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.22.5\npGoogleUpdate3.dll [2014-04-27] (Google Inc.)
FF Plugin: @videolan.org/vlc,version=2.0.1 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.0.5 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.2.1 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll [2011-09-05] (Adobe Systems Inc.)
FF HKLM\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF Extension: HP Smart Web Printing - C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2013-06-08] [non signé]
FF HKU\S-1-5-21-3629983168-1962649771-3116347968-1000\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3

Chrome:
=======
CHR Profile: C:\Users\Julio\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Store) - C:\Users\Julio\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-02-09]
CHR Extension: (Google Drive) - C:\Users\Julio\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-02-09]
CHR Extension: (YouTube) - C:\Users\Julio\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-02-09]
CHR Extension: (Recherche Google) - C:\Users\Julio\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-04-27]
CHR Extension: (Google Wallet) - C:\Users\Julio\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-03-22]
CHR Extension: (Gmail) - C:\Users\Julio\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-03-22]
CHR HKLM\...\Chrome\Extension: [bknbnapaddjdnbilpmlacdkjdkjmbjhd] - hxxp://clients2.google.com/service/update2/crx
CHR HKLM\...\Chrome\Extension: [iphahelpmejkbidhiecfeicblienleon] - hxxps://clients2.google.com/service/update2/crx
CHR HKU\S-1-5-21-3629983168-1962649771-3116347968-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [bknbnapaddjdnbilpmlacdkjdkjmbjhd] - hxxp://clients2.google.com/service/update2/crx

==================== Services (Avec liste blanche) ========================

(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)

R2 ACDaemon; C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe [113152 2010-03-18] (ArcSoft Inc.)
S2 AntiVirMailService; C:\Program Files\Avira\AntiVir Desktop\avmailc7.exe [887128 2015-09-01] (Avira Operations GmbH & Co. KG)
R2 AntiVirSchedulerService; C:\Program Files\Avira\AntiVir Desktop\sched.exe [461672 2015-09-01] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files\Avira\AntiVir Desktop\avguard.exe [461672 2015-09-01] (Avira Operations GmbH & Co. KG)
S2 AntiVirWebService; C:\Program Files\Avira\AntiVir Desktop\AVWEBGRD.EXE [1212048 2015-09-01] (Avira Operations GmbH & Co. KG)
R2 Avira.ServiceHost; C:\Program Files\Avira\Launcher\Avira.ServiceHost.exe [240872 2015-09-10] (Avira Operations GmbH & Co. KG)
R3 hpqcxs08; C:\Program Files\HP\Digital Imaging\bin\hpqcxs08.dll [249344 2009-09-20] (Hewlett-Packard Co.) [Fichier non signé]
R2 hpqddsvc; C:\Program Files\HP\Digital Imaging\bin\hpqddsvc.dll [133120 2009-09-20] (Hewlett-Packard Co.) [Fichier non signé]
R2 HPSLPSVC; C:\Users\Julio\AppData\Local\Temp\7zS2263\hpslpsvc32.dll [701288 2013-02-06] (Hewlett-Packard Co.)
S3 IDriverT; C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe [73728 2004-10-22] (Macrovision Corporation) [Fichier non signé]
R2 LavasoftTcpService; C:\Program Files\Lavasoft\Web Companion\TcpService\2.3.4.7\LavasoftTcpService.exe [2751760 2015-09-06] (Lavasoft Limited)
S2 LVSrvLauncher; C:\Program Files\Common Files\LogiShrd\SrvLnch\SrvLnch.exe [105248 2007-03-06] (Labtec Inc.)
R2 MaConfigAgent; C:\Program Files\ma-config.com\MaConfigAgent.exe [754000 2013-04-22] (CybelSoft)
R2 MBAMScheduler; C:\Program Files\Malwarebytes Anti-Malware\mbamscheduler.exe [1513784 2015-10-05] (Malwarebytes)
R2 MBAMService; C:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe [1135416 2015-10-05] (Malwarebytes)
R2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [44544 2008-12-03] (Hewlett-Packard) [Fichier non signé]
R2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [53760 2008-12-03] (Hewlett-Packard) [Fichier non signé]
R2 SearchProtectionService; C:\Program Files\Lavasoft\Web Companion\Application\Lavasoft.SearchProtect.WinService.exe [16656 2015-09-06] ()
R2 sesvc; C:\Program Files\ShadowExplorer\sesvc.exe [9216 2013-01-02] (www.shadowexplorer.com) [Fichier non signé]
S4 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [680960 2013-05-27] (Microsoft Corporation)

===================== Pilotes (Avec liste blanche) ==========================

(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)

R3 Afc; C:\Windows\System32\drivers\Afc.sys [18688 2006-11-10] (Arcsoft, Inc.)
S3 APL531; C:\Windows\System32\Drivers\ov550i.sys [580992 2006-07-31] (Omnivision Technologies, Inc.) [Fichier non signé]
S3 Apowersoft_AudioDevice; C:\Windows\System32\drivers\Apowersoft_AudioDevice.sys [26080 2012-10-08] (Wondershare)
R2 atksgt; C:\Windows\System32\DRIVERS\atksgt.sys [83872 2014-10-19] ()
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [108448 2015-09-01] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [136728 2015-09-01] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [37896 2015-05-19] (Avira Operations GmbH & Co. KG)
R2 avnetflt; C:\Windows\System32\DRIVERS\avnetflt.sys [37896 2015-03-10] (Avira Operations GmbH & Co. KG)
R2 CDRPDACC; C:\Program Files\Quintessential Player\cdrpdacc.sys [5273 2003-10-29] (Arrowkey) [Fichier non signé]
S3 driverhardwarev2; C:\Program Files\ma-config.com\Drivers\driverhardwarev2.sys [16640 2011-07-21] (CybelSoft)
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [242240 2013-05-29] (DT Soft Ltd)
R2 lirsgt; C:\Windows\System32\DRIVERS\lirsgt.sys [25888 2014-10-19] ()
S3 LVcKap; C:\Windows\System32\DRIVERS\LVcKap.sys [1669664 2007-03-06] ()
S3 LVMVDrv; C:\Windows\System32\DRIVERS\LVMVDrv.sys [2261792 2007-03-06] (Labtec Inc.)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [23256 2015-10-05] (Malwarebytes)
R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [170200 2015-10-24] (Malwarebytes)
R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [51928 2015-10-05] (Malwarebytes Corporation)
R3 SNP2UVC; C:\Windows\System32\DRIVERS\snp2uvc.sys [1769984 2007-10-01] ()
R1 ssmdrv; C:\Windows\System32\DRIVERS\ssmdrv.sys [31848 2015-06-19] (Avira Operations GmbH & Co. KG)
S1 MpKsl3cc87beb; \??\C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{380C6745-D55C-4C05-81CF-9746571FD3AA}\MpKsl3cc87beb.sys [X]
S3 Synth3dVsc; System32\drivers\synth3dvsc.sys [X]
S3 tsusbhub; system32\drivers\tsusbhub.sys [X]
U5 UnlockerDriver5; C:\Program Files\Unlocker\UnlockerDriver5.sys [4096 2010-07-04] () [Fichier non signé]
S3 VGPU; System32\drivers\rdvgkmd.sys [X]

==================== NetSvcs (Avec liste blanche) ===================

(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)


==================== Un mois - Créés - fichiers et dossiers ========

(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)

2015-10-24 08:28 - 2015-10-24 08:29 - 00022073 _____ C:\Users\Julio\Downloads\FRST.txt
2015-10-24 08:27 - 2015-10-24 08:28 - 00000000 ____D C:\FRST
2015-10-24 08:27 - 2015-10-24 08:27 - 01700352 _____ (Farbar) C:\Users\Julio\Downloads\FRST.exe
2015-10-23 15:57 - 2015-10-23 15:57 - 00122790 _____ C:\Users\Julio\Desktop\ZHPDiag.txt
2015-10-23 15:53 - 2015-10-23 16:02 - 00000828 _____ C:\Users\Julio\Desktop\ZHPDiag.lnk
2015-10-23 15:53 - 2015-10-23 16:02 - 00000000 ____D C:\Users\Julio\AppData\Roaming\ZHP
2015-10-23 15:53 - 2015-10-23 15:53 - 01958912 _____ C:\Users\Julio\Downloads\ZHPDiag3.exe
2015-10-23 15:09 - 2015-10-23 15:09 - 00001853 _____ C:\Users\Julio\Desktop\ShadowExplorer.lnk
2015-10-23 15:09 - 2015-10-23 15:09 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ShadowExplorer
2015-10-23 15:09 - 2015-10-23 15:09 - 00000000 ____D C:\Program Files\ShadowExplorer
2015-10-23 14:45 - 2015-10-23 14:46 - 00605656 _____ C:\Users\Julio\Desktop\coucou HOLE MIRROR 1.mp3.sfk
2015-10-23 14:11 - 2015-10-23 14:11 - 00935645 _____ (ShadowExplorer.com ) C:\Users\Julio\Downloads\ShadowExplorer-0.6-setup.exe
2015-10-23 14:11 - 2015-10-23 14:11 - 00000000 ____D C:\Users\Julio\AppData\Local\www.shadowexplorer.com
2015-10-23 14:09 - 2015-10-23 14:09 - 00000000 ____D C:\Users\Julio\AppData\Roaming\www.shadowexplorer.com
2015-10-23 14:08 - 2015-10-23 14:08 - 00969845 _____ (ShadowExplorer.com ) C:\Users\Julio\Downloads\ShadowExplorer-0.9-setup.exe
2015-10-23 12:53 - 2015-10-23 12:53 - 03237248 _____ (Enigma Software Group USA, LLC.) C:\Users\Julio\Downloads\SpyHunter-Installer.exe
2015-10-23 12:43 - 2015-10-23 12:43 - 00001304 _____ C:\Users\Julio\Desktop\RAPPORT MALWARE 23.10.txt
2015-10-23 07:51 - 2015-10-23 07:51 - 00000000 ____D C:\Users\Julio\AppData\Local\{2FC93E46-64A7-45CA-880B-8F5FE05B7809}
2015-10-22 19:05 - 2015-10-24 08:23 - 00170200 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-10-22 19:02 - 2015-10-23 12:43 - 00001070 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2015-10-22 19:02 - 2015-10-22 19:02 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2015-10-22 19:02 - 2015-10-22 19:02 - 00000000 ____D C:\ProgramData\Malwarebytes
2015-10-22 19:02 - 2015-10-22 19:02 - 00000000 ____D C:\Program Files\Malwarebytes Anti-Malware
2015-10-22 19:02 - 2015-10-05 09:50 - 00094936 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamchameleon.sys
2015-10-22 19:02 - 2015-10-05 09:50 - 00051928 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2015-10-22 19:02 - 2015-10-05 09:50 - 00023256 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbam.sys
2015-10-22 19:00 - 2015-10-22 19:01 - 22908888 _____ (Malwarebytes ) C:\Users\Julio\Downloads\mbam-setup-org-2.2.0.1024.exe
2015-10-22 17:33 - 2015-10-22 17:33 - 00072879 _____ C:\Users\Julio\Desktop\PCHA-Log-22-10-15-17-02-24.zip
2015-10-22 16:55 - 2015-10-22 16:55 - 00009088 _____ C:\Users\Julio\HELP_DECRYPT.HTML
2015-10-22 16:55 - 2015-10-22 16:55 - 00009088 _____ C:\Users\HELP_DECRYPT.HTML
2015-10-22 16:55 - 2015-10-22 16:55 - 00009088 _____ C:\HELP_DECRYPT.HTML
2015-10-22 16:55 - 2015-10-22 16:55 - 00004732 _____ C:\Users\Julio\HELP_DECRYPT.TXT
2015-10-22 16:55 - 2015-10-22 16:55 - 00004732 _____ C:\Users\HELP_DECRYPT.TXT
2015-10-22 16:55 - 2015-10-22 16:55 - 00004732 _____ C:\HELP_DECRYPT.TXT
2015-10-22 16:55 - 2015-10-22 16:55 - 00000292 _____ C:\Users\Julio\HELP_DECRYPT.URL
2015-10-22 16:55 - 2015-10-22 16:55 - 00000292 _____ C:\Users\HELP_DECRYPT.URL
2015-10-22 16:55 - 2015-10-22 16:55 - 00000292 _____ C:\HELP_DECRYPT.URL
2015-10-22 16:54 - 2015-10-22 16:54 - 00009088 _____ C:\Users\Julio\Downloads\HELP_DECRYPT.HTML
2015-10-22 16:54 - 2015-10-22 16:54 - 00004732 _____ C:\Users\Julio\Downloads\HELP_DECRYPT.TXT
2015-10-22 16:54 - 2015-10-22 16:54 - 00000292 _____ C:\Users\Julio\Downloads\HELP_DECRYPT.URL
2015-10-22 16:30 - 2015-10-22 18:00 - 00000444 _____ C:\Windows\Tasks\ParetoLogic Registration3.job
2015-10-22 16:29 - 2015-10-22 16:29 - 00009088 _____ C:\Users\Julio\Documents\HELP_DECRYPT.HTML
2015-10-22 16:29 - 2015-10-22 16:29 - 00004732 _____ C:\Users\Julio\Documents\HELP_DECRYPT.TXT
2015-10-22 16:29 - 2015-10-22 16:29 - 00000292 _____ C:\Users\Julio\Documents\HELP_DECRYPT.URL
2015-10-22 16:28 - 2015-10-24 08:20 - 00000470 _____ C:\Windows\Tasks\ParetoLogic Update Version3 Startup Task.job
2015-10-22 16:28 - 2015-10-23 12:42 - 00001077 _____ C:\Users\Julio\Desktop\ParetoLogic PC Health Advisor.lnk
2015-10-22 16:28 - 2015-10-22 19:56 - 00000418 _____ C:\Windows\Tasks\ParetoLogic Update Version3.job
2015-10-22 16:28 - 2015-10-22 19:56 - 00000376 _____ C:\Windows\Tasks\PC Health Advisor Defrag.job
2015-10-22 16:28 - 2015-10-22 16:28 - 00000000 ____D C:\Users\Julio\AppData\Roaming\ParetoLogic
2015-10-22 16:28 - 2015-10-22 16:28 - 00000000 ____D C:\Users\Julio\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ParetoLogic
2015-10-22 16:28 - 2015-10-22 16:28 - 00000000 ____D C:\Users\Julio\AppData\Roaming\DriverCure
2015-10-22 16:27 - 2015-10-22 19:56 - 00000358 _____ C:\Windows\Tasks\PC Health Advisor.job
2015-10-22 16:27 - 2015-10-22 16:27 - 00000000 ____D C:\ProgramData\ParetoLogic
2015-10-22 16:27 - 2015-10-22 16:27 - 00000000 ____D C:\Program Files\ParetoLogic
2015-10-22 16:27 - 2015-10-22 16:27 - 00000000 ____D C:\Program Files\Common Files\ParetoLogic
2015-10-22 16:25 - 2015-10-22 16:25 - 05817064 _____ (ParetoLogic Inc.) C:\Users\Julio\Downloads\ParetoLogic PC Health Advisor_fr.exe
2015-10-22 12:46 - 2015-10-22 12:46 - 00009088 _____ C:\Users\Julio\AppData\Roaming\HELP_DECRYPT.HTML
2015-10-22 12:46 - 2015-10-22 12:46 - 00009088 _____ C:\Users\Julio\AppData\HELP_DECRYPT.HTML
2015-10-22 12:46 - 2015-10-22 12:46 - 00004732 _____ C:\Users\Julio\AppData\Roaming\HELP_DECRYPT.TXT
2015-10-22 12:46 - 2015-10-22 12:46 - 00004732 _____ C:\Users\Julio\AppData\HELP_DECRYPT.TXT
2015-10-22 12:46 - 2015-10-22 12:46 - 00000292 _____ C:\Users\Julio\AppData\Roaming\HELP_DECRYPT.URL
2015-10-22 12:46 - 2015-10-22 12:46 - 00000292 _____ C:\Users\Julio\AppData\HELP_DECRYPT.URL
2015-10-22 12:44 - 2015-10-22 12:44 - 00009088 _____ C:\Users\Julio\AppData\LocalLow\HELP_DECRYPT.HTML
2015-10-22 12:44 - 2015-10-22 12:44 - 00009088 _____ C:\Users\Julio\AppData\Local\HELP_DECRYPT.HTML
2015-10-22 12:44 - 2015-10-22 12:44 - 00004732 _____ C:\Users\Julio\AppData\LocalLow\HELP_DECRYPT.TXT
2015-10-22 12:44 - 2015-10-22 12:44 - 00004732 _____ C:\Users\Julio\AppData\Local\HELP_DECRYPT.TXT
2015-10-22 12:44 - 2015-10-22 12:44 - 00000292 _____ C:\Users\Julio\AppData\LocalLow\HELP_DECRYPT.URL
2015-10-22 12:44 - 2015-10-22 12:44 - 00000292 _____ C:\Users\Julio\AppData\Local\HELP_DECRYPT.URL
2015-10-22 12:43 - 2015-10-22 12:43 - 00009088 _____ C:\Users\Administrateur\HELP_DECRYPT.HTML
2015-10-22 12:43 - 2015-10-22 12:43 - 00009088 _____ C:\Users\Administrateur\AppData\Local\HELP_DECRYPT.HTML
2015-10-22 12:43 - 2015-10-22 12:43 - 00009088 _____ C:\Users\Administrateur\AppData\HELP_DECRYPT.HTML
2015-10-22 12:43 - 2015-10-22 12:43 - 00004732 _____ C:\Users\Administrateur\HELP_DECRYPT.TXT
2015-10-22 12:43 - 2015-10-22 12:43 - 00004732 _____ C:\Users\Administrateur\AppData\Local\HELP_DECRYPT.TXT
2015-10-22 12:43 - 2015-10-22 12:43 - 00004732 _____ C:\Users\Administrateur\AppData\HELP_DECRYPT.TXT
2015-10-22 12:43 - 2015-10-22 12:43 - 00000292 _____ C:\Users\Administrateur\HELP_DECRYPT.URL
2015-10-22 12:43 - 2015-10-22 12:43 - 00000292 _____ C:\Users\Administrateur\AppData\Local\HELP_DECRYPT.URL
2015-10-22 12:43 - 2015-10-22 12:43 - 00000292 _____ C:\Users\Administrateur\AppData\HELP_DECRYPT.URL
2015-10-22 12:42 - 2015-10-22 12:42 - 00009088 _____ C:\ProgramData\HELP_DECRYPT.HTML
2015-10-22 12:42 - 2015-10-22 12:42 - 00004732 _____ C:\ProgramData\HELP_DECRYPT.TXT
2015-10-22 12:42 - 2015-10-22 12:42 - 00000292 _____ C:\ProgramData\HELP_DECRYPT.URL
2015-10-22 11:19 - 2015-10-22 11:19 - 00000000 ____D C:\Users\Julio\AppData\Local\{59C7267D-0864-44C3-BB3D-ADCFAF91206F}
2015-10-22 10:22 - 2015-10-22 10:25 - 05670144 _____ C:\Users\Julio\Desktop\RAGEHOLD.wmv
2015-10-22 07:04 - 2015-10-22 12:47 - 00000000 ____D C:\Users\Julio\Desktop\CLIPS
2015-10-22 06:38 - 2015-10-22 16:22 - 00000000 ____D C:\Users\Julio\Desktop\PAROLES
2015-10-22 06:27 - 2015-10-22 16:50 - 00000000 ____D C:\Users\Julio\Downloads\Claude Nougaro - Discographie (1962-2004)
2015-10-22 06:20 - 2015-10-22 16:52 - 00000000 ____D C:\Users\Julio\Downloads\Joe Walsh - Greatest Hits Little Did He Know (1997) vtwin88cube
2015-10-17 14:55 - 2015-10-23 14:53 - 00000000 ____D C:\Users\Julio\Desktop\BLACK ANGEL AND LOST HEROES
2015-10-11 12:58 - 2015-10-11 12:58 - 00000000 ____D C:\Users\Julio\AppData\Local\{F91CF77E-8435-412B-9435-0F5C0EE09A25}
2015-10-11 12:47 - 2015-10-11 12:55 - 139238576 _____ (Microsoft Corporation) C:\Users\Julio\Desktop\windows-live-movie-maker_16-4-3528-0331_fr_295896
2015-10-11 12:36 - 2015-10-11 12:36 - 07363584 _____ C:\Users\Julio\Downloads\MM26_FR (1).msi
2015-10-11 11:20 - 2015-10-22 16:23 - 00000000 ____D C:\Users\Julio\Desktop\POUR P'TIT SOLDAT
2015-10-11 11:00 - 2015-10-10 14:32 - 485175616 _____ C:\Users\Julio\Desktop\REPRISES OF ZEPOUNET FACE 2.wav
2015-10-10 14:30 - 2015-10-11 11:01 - 485884224 _____ C:\Users\Julio\Desktop\REPRISES OF ZEPOUNET FACE 1.wav
2015-10-03 19:14 - 2015-10-22 10:42 - 00216720 _____ C:\Users\Julio\Desktop\Sans titre2.veg
2015-10-03 17:14 - 2015-10-23 14:46 - 00000000 ____D C:\Users\Julio\Desktop\NOUVELLE VAGUE
2015-09-26 09:36 - 2015-10-22 08:48 - 00000000 ____D C:\Users\Julio\AppData\LocalLow\uTorrent

==================== Un mois - Modifiés - fichiers et dossiers ========

(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)

2015-10-24 08:23 - 2015-01-24 18:45 - 00055286 _____ C:\Windows\setupact.log
2015-10-24 08:20 - 2014-04-27 06:48 - 00001050 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-10-24 08:20 - 2012-03-04 15:58 - 00000294 _____ C:\Windows\Tasks\AutoKMS.job
2015-10-24 08:20 - 2009-07-14 06:53 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2015-10-23 20:06 - 2015-01-24 18:45 - 00266968 _____ C:\Windows\PFRO.log
2015-10-23 19:53 - 2014-04-27 06:48 - 00001054 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-10-23 19:40 - 2012-03-01 19:52 - 00006224 _____ C:\Windows\system32\PerfStringBackup.INI
2015-10-23 19:40 - 2009-07-14 06:34 - 00021600 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-10-23 19:40 - 2009-07-14 06:34 - 00021600 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-10-23 19:35 - 2012-04-02 17:39 - 00001002 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-10-23 15:39 - 2012-03-11 19:59 - 00000000 ____D C:\Users\Julio\AppData\LocalLow\Temp
2015-10-23 14:48 - 2012-03-09 20:44 - 00000000 ____D C:\ProgramData\TEMP
2015-10-23 14:47 - 2012-03-01 23:27 - 00000000 ____D C:\Users\Julio\AppData\Roaming\TeraCopy
2015-10-23 14:25 - 2012-03-01 19:01 - 01181053 _____ C:\Windows\WindowsUpdate.log
2015-10-23 12:58 - 2012-03-04 15:58 - 00000000 ____D C:\Windows\AutoKMS
2015-10-23 12:56 - 2012-03-01 19:44 - 00000000 ____D C:\Users\Julio
2015-10-23 12:48 - 2012-03-04 15:58 - 00151552 _____ C:\Windows\KMSEmulator.exe
2015-10-23 12:45 - 2009-07-14 04:37 - 00000000 ____D C:\Windows\Registration
2015-10-23 12:44 - 2013-12-27 18:30 - 00001124 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Prism - Convertisseur de fichiers vidéo.lnk
2015-10-23 12:44 - 2013-12-21 09:26 - 00001170 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Doxillion - Convertisseur de documents.lnk
2015-10-23 12:44 - 2013-06-08 18:32 - 00001060 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Enregistrement OCR I.R.I.S..lnk
2015-10-23 12:44 - 2013-01-01 12:35 - 00002519 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Apple Software Update.lnk
2015-10-23 12:44 - 2012-08-05 19:31 - 00001326 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live Photo Gallery.lnk
2015-10-23 12:44 - 2012-04-15 19:05 - 00001126 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MixPad - Mixeur de fichiers audio.lnk
2015-10-23 12:44 - 2012-04-15 17:17 - 00001743 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ript.lnk
2015-10-23 12:44 - 2012-03-04 16:46 - 00002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader X.lnk
2015-10-23 12:44 - 2012-03-01 19:03 - 00001345 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Media Center.lnk
2015-10-23 12:44 - 2012-03-01 19:03 - 00001326 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows DVD Maker.lnk
2015-10-23 12:44 - 2009-07-14 06:46 - 00001491 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
2015-10-23 12:44 - 2009-07-14 06:42 - 00001304 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sidebar.lnk
2015-10-23 12:44 - 2009-07-14 06:42 - 00001246 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\XPS Viewer.lnk
2015-10-23 12:44 - 2009-07-14 06:42 - 00001210 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Fax and Scan.lnk
2015-10-23 12:43 - 2015-09-13 19:36 - 00002053 _____ C:\Users\Julio\AppData\Roaming\Microsoft\Windows\Start Menu\MyPlayCity Games.lnk
2015-10-23 12:43 - 2015-09-12 11:16 - 00002004 _____ C:\Users\Public\Desktop\Labtec WebCam.lnk
2015-10-23 12:43 - 2015-05-30 19:28 - 00001012 _____ C:\Users\Public\Desktop\CamStudio.lnk
2015-10-23 12:43 - 2015-05-16 14:53 - 00002685 _____ C:\Users\Public\Desktop\Skype.lnk
2015-10-23 12:43 - 2013-09-12 17:33 - 00000839 _____ C:\Users\Julio\AppData\Roaming\Microsoft\Windows\Start Menu\µTorrent.lnk
2015-10-23 12:43 - 2013-09-09 18:24 - 00000929 _____ C:\ProgramData\Microsoft\Windows\Start Menu\µTorrent.lnk
2015-10-23 12:43 - 2013-06-08 18:31 - 00001379 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Centre de solutions HP.lnk
2015-10-23 12:43 - 2009-07-14 06:46 - 00001218 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Default Programs.lnk
2015-10-23 12:43 - 2009-07-14 06:37 - 00001246 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Windows Update.lnk
2015-10-23 12:42 - 2014-01-26 13:35 - 00001254 _____ C:\Users\Julio\Desktop\Snipping Tool.lnk
2015-10-23 12:42 - 2013-02-10 13:12 - 00000975 _____ C:\Users\Julio\Desktop\Audacity.lnk
2015-10-23 07:49 - 2012-04-08 15:42 - 00000000 ____D C:\Users\Julio\AppData\Roaming\vlc
2015-10-22 19:56 - 2009-07-14 04:37 - 00000000 ____D C:\Windows\schemas
2015-10-22 16:55 - 2015-05-16 15:09 - 00000000 ____D C:\Users\Julio\Tracing
2015-10-22 16:29 - 2013-06-27 18:29 - 00000000 ____D C:\Users\Julio\Documents\Mes numérisations
2015-10-22 16:28 - 2015-09-07 19:16 - 00000000 ____D C:\Users\Julio\Desktop\ULTRABLACK EN JEU DERNIERES PHOTOS
2015-10-22 16:28 - 2013-05-29 19:30 - 00000000 ____D C:\Users\Julio\Documents\Cakewalk
2015-10-22 16:24 - 2014-01-26 13:33 - 00000000 ____D C:\Users\Julio\Desktop\RACCOURCIS LOGICIELS
2015-10-22 16:20 - 2014-05-18 12:56 - 00000000 ____D C:\Users\Julio\Desktop\EN COURS
2015-10-22 14:00 - 2015-09-06 19:43 - 00000000 ____D C:\AdwCleaner
2015-10-22 12:47 - 2015-05-12 19:34 - 00000000 ____D C:\Users\Julio\Desktop\DERNIER QUART POEMES AVANT MODIFICATIONS ALTERNATIVES
2015-10-22 12:47 - 2015-02-14 12:24 - 00000000 ____D C:\Users\Julio\Desktop\AMANDE
2015-10-22 12:46 - 2015-08-02 08:25 - 00000000 ____D C:\Users\Julio\AppData\Roaming\Synthesia
2015-10-22 12:46 - 2015-05-16 14:53 - 00000000 ____D C:\Users\Julio\AppData\Roaming\Skype
2015-10-22 12:46 - 2012-10-01 18:46 - 00000000 ____D C:\Users\Julio\AppData\Roaming\REAPER
2015-10-22 12:46 - 2012-08-14 14:10 - 00000000 ____D C:\Users\Julio\AppData\Roaming\uTorrent
2015-10-22 12:46 - 2012-04-15 17:17 - 00000000 ____D C:\Users\Julio\AppData\Roaming\Ript
2015-10-22 12:46 - 2012-03-09 20:44 - 00000000 ____D C:\Users\Julio\AppData\Roaming\Sony
2015-10-22 12:45 - 2015-09-06 16:59 - 00000000 ____D C:\Users\Julio\AppData\Roaming\Lavasoft
2015-10-22 12:45 - 2014-08-11 19:24 - 00000000 ____D C:\Users\Julio\AppData\Roaming\Dexpot
2015-10-22 12:45 - 2014-03-02 20:15 - 00000000 ____D C:\Users\Julio\AppData\Roaming\OpenOffice
2015-10-22 12:45 - 2013-06-08 14:37 - 00000000 ____D C:\Users\Julio\AppData\Roaming\HP
2015-10-22 12:45 - 2013-05-29 19:30 - 00000000 ____D C:\Users\Julio\AppData\Roaming\Cakewalk
2015-10-22 12:45 - 2013-05-29 17:16 - 00000000 ____D C:\Users\Julio\AppData\Roaming\DAEMON Tools Lite
2015-10-22 12:45 - 2013-02-04 20:59 - 00000000 ____D C:\Users\Julio\AppData\Roaming\com.adobe.downloadassistant.AdobeDownloadAssistant
2015-10-22 12:45 - 2013-02-03 19:48 - 00000000 ____D C:\Users\Julio\AppData\Roaming\Corel
2015-10-22 12:45 - 2012-03-09 20:44 - 00000000 ____D C:\Users\Julio\AppData\Roaming\Publish Providers
2015-10-22 12:45 - 2012-03-01 21:43 - 00000000 ____D C:\Users\Julio\AppData\Roaming\Mozilla
2015-10-22 12:44 - 2015-06-14 12:33 - 00000000 ____D C:\Users\Julio\AppData\Roaming\Anvsoft
2015-10-22 12:44 - 2015-05-16 14:54 - 00000000 ____D C:\Users\Julio\AppData\Local\Skype
2015-10-22 12:44 - 2015-03-22 12:11 - 00000000 ____D C:\Users\Julio\AppData\Local\mp3box
2015-10-22 12:44 - 2014-04-10 17:05 - 00000000 ____D C:\Users\Julio\AppData\LocalLow\Sun
2015-10-22 12:44 - 2013-12-25 20:56 - 00000000 ____D C:\Users\Julio\AppData\Roaming\ArcSoft
2015-10-22 12:44 - 2013-03-17 19:15 - 00000000 ____D C:\Users\Julio\AppData\Roaming\avidemux
2015-10-22 12:44 - 2012-04-15 17:17 - 00000000 ____D C:\Users\Julio\AppData\Local\Ript
2015-10-22 12:44 - 2012-03-01 21:46 - 00000000 ____D C:\Users\Julio\AppData\Roaming\Adobe
2015-10-22 12:43 - 2014-10-20 17:52 - 00000000 ____D C:\Users\Administrateur
2015-10-22 12:43 - 2014-06-26 17:53 - 00000000 ____D C:\Users\Julio\AppData\Local\Adobe
2015-10-22 12:43 - 2013-12-25 20:57 - 00000000 ____D C:\Users\Julio\AppData\Local\ArcSoft
2015-10-22 12:43 - 2013-06-08 14:38 - 00000000 ____D C:\Users\Julio\AppData\Local\HP
2015-10-22 12:43 - 2013-04-26 14:24 - 00000000 ____D C:\Users\Julio\AppData\Local\Micro Application
2015-10-22 12:43 - 2012-07-20 16:59 - 00000000 ____D C:\Users\Julio\AppData\Local\Google
2015-10-22 12:42 - 2014-10-20 17:53 - 00000000 ____D C:\Users\Administrateur\AppData\Local\ArcSoft
2015-10-22 12:42 - 2014-05-16 19:34 - 00000000 ____D C:\ProgramData\Lavasoft
2015-10-22 12:42 - 2013-06-08 11:24 - 00000000 ____D C:\ProgramData\HP
2015-10-22 12:42 - 2013-04-28 12:58 - 00000000 ____D C:\ProgramData\ma-config.com
2015-10-22 12:42 - 2013-04-26 14:21 - 00000000 ____D C:\ProgramData\Micro Application
2015-10-22 12:42 - 2013-02-09 20:33 - 00000000 ____D C:\ProgramData\MAGIX
2015-10-22 12:42 - 2013-01-16 07:08 - 00000000 ____D C:\ProgramData\InstallMate
2015-10-22 12:41 - 2013-08-24 11:00 - 00000000 ____D C:\ProgramData\Avira
2015-10-22 12:41 - 2013-05-29 19:22 - 00000000 ____D C:\ProgramData\Cakewalk
2015-10-22 12:41 - 2013-01-01 12:37 - 00000000 ____D C:\ProgramData\FUJIFILM
2015-10-22 12:41 - 2012-11-25 12:49 - 00000000 ____D C:\ProgramData\DivX
2015-10-22 12:40 - 2013-12-25 20:59 - 00000000 ____D C:\filmtype
2015-10-22 12:40 - 2013-05-29 19:30 - 00000000 ____D C:\Cakewalk Projects
2015-10-22 12:40 - 2012-03-04 16:44 - 00000000 ____D C:\ProgramData\Adobe
2015-10-22 12:28 - 2012-03-01 22:14 - 00000000 ____D C:\AMD
2015-10-22 10:56 - 2009-07-14 04:37 - 00000000 ____D C:\Windows\system32\NDF
2015-10-22 08:45 - 2014-12-03 19:24 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2015-10-22 08:01 - 2015-05-30 19:30 - 00004507 _____ C:\Users\Julio\AppData\Roaming\CamStudio.cfg
2015-10-22 08:01 - 2015-05-30 19:30 - 00000408 _____ C:\Users\Julio\AppData\Roaming\CamShapes.ini
2015-10-22 08:01 - 2015-05-30 19:30 - 00000408 _____ C:\Users\Julio\AppData\Roaming\CamLayout.ini
2015-10-22 08:01 - 2015-05-30 19:30 - 00000103 _____ C:\Users\Julio\AppData\Roaming\Camdata.ini
2015-10-22 06:06 - 2014-12-03 19:25 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2015-10-18 09:46 - 2009-07-14 06:53 - 00032482 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2015-10-17 14:36 - 2012-03-20 20:52 - 00000000 ____D C:\Users\Julio\AppData\Roaming\Audacity
2015-10-17 12:45 - 2015-05-14 18:20 - 00000000 ____D C:\Users\Julio\Desktop\Captvty
2015-10-17 10:35 - 2012-04-02 17:39 - 00780488 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
2015-10-17 10:35 - 2012-03-01 21:46 - 00142536 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl
2015-10-11 12:45 - 2015-09-06 17:11 - 00000000 ____D C:\Users\Julio\AppData\Local\WMTools Downloaded Files
2015-10-11 12:26 - 2015-09-21 07:27 - 00000000 ____D C:\Users\Julio\Nouveau dossier
2015-10-11 12:16 - 2015-09-06 17:11 - 00006144 _____ C:\Users\Julio\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2015-10-02 18:02 - 2014-08-21 16:06 - 00000000 ____D C:\ProgramData\Package Cache
2015-10-02 18:02 - 2013-08-24 18:46 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira

==================== Fichiers à la racine de certains dossiers =======

2013-07-29 18:58 - 2013-07-29 18:58 - 0010804 _____ () C:\Program Files\Cakewa
2012-04-27 06:17 - 2012-04-27 06:17 - 0421888 _____ () C:\Program Files\lame_enc.dll
2012-03-24 16:24 - 2012-03-24 16:25 - 0508984 _____ (NCH Software) C:\Program Files\switchsetup.exe
2015-05-30 19:30 - 2015-10-22 08:01 - 0000103 _____ () C:\Users\Julio\AppData\Roaming\Camdata.ini
2015-05-30 19:30 - 2015-10-22 08:01 - 0000408 _____ () C:\Users\Julio\AppData\Roaming\CamLayout.ini
2015-05-30 19:30 - 2015-10-22 08:01 - 0000408 _____ () C:\Users\Julio\AppData\Roaming\CamShapes.ini
2015-05-30 19:30 - 2015-10-22 08:01 - 0004507 _____ () C:\Users\Julio\AppData\Roaming\CamStudio.cfg
2015-10-22 12:46 - 2015-10-22 12:46 - 0009088 _____ () C:\Users\Julio\AppData\Roaming\HELP_DECRYPT.HTML
2015-10-22 12:46 - 2015-10-22 12:46 - 0047469 _____ () C:\Users\Julio\AppData\Roaming\HELP_DECRYPT.PNG
2015-10-22 12:46 - 2015-10-22 12:46 - 0004732 _____ () C:\Users\Julio\AppData\Roaming\HELP_DECRYPT.TXT
2015-10-22 12:46 - 2015-10-22 12:46 - 0000292 _____ () C:\Users\Julio\AppData\Roaming\HELP_DECRYPT.URL
2014-05-05 20:48 - 2014-05-05 20:48 - 0000043 _____ () C:\Users\Julio\AppData\Roaming\WB.CFG
2014-06-12 07:28 - 2014-06-25 19:32 - 0553984 _____ () C:\Users\Julio\AppData\Local\aaehke.gdb
2014-06-12 07:28 - 2014-06-25 19:33 - 1249506 _____ () C:\Users\Julio\AppData\Local\aaehke.gss
2015-09-06 17:11 - 2015-10-11 12:16 - 0006144 _____ () C:\Users\Julio\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2015-10-22 12:44 - 2015-10-22 12:44 - 0009088 _____ () C:\Users\Julio\AppData\Local\HELP_DECRYPT.HTML
2015-10-22 12:44 - 2015-10-22 12:44 - 0047469 _____ () C:\Users\Julio\AppData\Local\HELP_DECRYPT.PNG
2015-10-22 12:44 - 2015-10-22 12:44 - 0004732 _____ () C:\Users\Julio\AppData\Local\HELP_DECRYPT.TXT
2015-10-22 12:44 - 2015-10-22 12:44 - 0000292 _____ () C:\Users\Julio\AppData\Local\HELP_DECRYPT.URL
2012-03-27 22:14 - 2015-01-24 19:51 - 0019376 _____ () C:\Users\Julio\AppData\Local\HWVendorDetection.log
2015-01-24 19:37 - 2015-01-24 19:37 - 0301608 _____ (VuuPC Limited) C:\Users\Julio\AppData\Local\nsi5C0B.tmp
2012-08-21 18:27 - 2012-08-21 18:37 - 0001226 _____ () C:\Users\Julio\AppData\Local\TempIM-Config.xml
2015-10-22 12:42 - 2015-10-22 12:42 - 0009088 _____ () C:\ProgramData\HELP_DECRYPT.HTML
2015-10-22 12:42 - 2015-10-22 12:42 - 0047469 _____ () C:\ProgramData\HELP_DECRYPT.PNG
2015-10-22 12:42 - 2015-10-22 12:42 - 0004732 _____ () C:\ProgramData\HELP_DECRYPT.TXT
2015-10-22 12:42 - 2015-10-22 12:42 - 0000292 _____ () C:\ProgramData\HELP_DECRYPT.URL
2013-06-08 11:24 - 2013-06-08 18:34 - 0010189 _____ () C:\ProgramData\hpzinstall.log

Certains fichiers dans TEMP:
====================
C:\Users\Administrateur\AppData\Local\Temp\avgnt.exe
C:\Users\Julio\AppData\Local\Temp\92972F13-F8BE-181F-217F-BEC5917BA197.dll
C:\Users\Julio\AppData\Local\Temp\avgnt.exe
C:\Users\Julio\AppData\Local\Temp\BSvcProcessor.exe
C:\Users\Julio\AppData\Local\Temp\BSvcUpdater.exe
C:\Users\Julio\AppData\Local\Temp\BVRmgu7N8Y.exe
C:\Users\Julio\AppData\Local\Temp\DefaultPack.EXE
C:\Users\Julio\AppData\Local\Temp\sqlite3.dll
C:\Users\Julio\AppData\Local\Temp\zN1ztjzfwt.exe


==================== Bamital & volsnap =================

(Il n'y a pas de correction automatique pour les fichiers qui ne satisfont pas à la vérification.)

C:\Windows\explorer.exe => Le fichier est signé numériquement
C:\Windows\system32\winlogon.exe => Le fichier est signé numériquement
C:\Windows\system32\wininit.exe => Le fichier est signé numériquement
C:\Windows\system32\svchost.exe => Le fichier est signé numériquement
C:\Windows\system32\services.exe => Le fichier est signé numériquement
C:\Windows\system32\User32.dll => Le fichier est signé numériquement
C:\Windows\system32\userinit.exe => Le fichier est signé numériquement
C:\Windows\system32\rpcss.dll => Le fichier est signé numériquement
C:\Windows\system32\dnsapi.dll => Le fichier est signé numériquement
C:\Windows\system32\Drivers\volsnap.sys => Le fichier est signé numériquement


LastRegBack: 2015-10-22 09:18

==================== Fin de FRST.txt ============================

Publicité


Signaler le contenu de ce document

Publicité