cjoint

Publicité


Publicité

Format du document : text/plain

Prévisualisation

Résultats d'analyse de Farbar Recovery Scan Tool (FRST) (x64) Version:21-02-2016 01
Exécuté par Manon (administrateur) sur PC-PORTABLE (24-02-2016 13:01:51)
Exécuté depuis C:\Users\Manon\Desktop
Profils chargés: Manon (Profils disponibles: Manon)
Platform: Windows 8.1 (X64) Langue: Français (France)
Internet Explorer Version 11 (Navigateur par défaut: Chrome)
Mode d'amorçage: Normal
Tutoriel pour Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processus (Avec liste blanche) =================

(Si un élément est inclus dans le fichier fixlist.txt, le processus sera arrêté. Le fichier ne sera pas déplacé.)

(Softex Inc.) C:\Program Files\Hewlett-Packard\SimplePass\OmniServ.exe
(AMD) C:\Windows\System32\atiesrxx.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
() C:\Program Files\ATI Technologies\ATI.ACE\a4\AdaptiveSleepService.exe
(Andrea Electronics Corporation) C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe
(Advanced Micro Devices, Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP System Event\HPWMISVC.exe
() C:\Program Files\CyberLink\Shared files\RichVideo64.exe
() C:\Program Files\AVAST Software\SecureLine\vpnsvc.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(WildTangent) C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Malwarebytes) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
(Malwarebytes) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\CSP\1.8.203.0\McCSPServiceHost.exe
(Intel Security, Inc.) C:\Program Files\Common Files\Intel Security\PEF\CORE\PEFService.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\systemcore\mfemms.exe
(McAfee, Inc.) C:\Windows\System32\mfevtps.exe
(McAfee, Inc.) C:\Windows\System32\mfevtps.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\AMCore\mcshield.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\systemcore\mfefire.exe
(McAfee, Inc.) C:\Program Files\mcafee\msc\McAPExe.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\platform\McSvcHost\McSvHost.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\systemcore\mfefire.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Malwarebytes) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\platform\McUICnt.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
() C:\Program Files\Hewlett-Packard\SimplePass\opvapp.exe
(Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe
(CyberLink Corp.) C:\Program Files (x86)\CyberLink\YouCam\YouCamService.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Hewlett-Packard) C:\Program Files\Hewlett-Packard\SimplePass\ClientCore.exe
(Hewlett-Packard) C:\Program Files\Hewlett-Packard\SimplePass\OPBHOBroker.exe
(Hewlett-Packard) C:\Program Files\Hewlett-Packard\SimplePass\OPBHOBrokerDsktop.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
(Hewlett-Packard Development Company, LP) C:\Program Files\HP\HP ENVY 4500 series\Bin\ScanToPCActivationApp.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudPhotos.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(AVAST Software) C:\Program Files\AVAST Software\SecureLine\secureline.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP System Event\HPMSGSVC.exe
(Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe
(Hewlett-Packard) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPActiveHealth\ActiveHealth.exe


==================== Registre (Avec liste blanche) ===========================

(Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé. Le fichier ne sera pas déplacé.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [7636696 2014-09-03] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1396592 2014-09-02] (Realtek Semiconductor)
HKLM\...\Run: [SimplePass] => C:\Program Files\Hewlett-Packard\SimplePass\ClientCore.exe [3962936 2014-03-28] (Hewlett-Packard)
HKLM\...\Run: [OPBHOBroker] => C:\Program Files\Hewlett-Packard\SimplePass\OPBHOBroker.exe [415288 2014-03-28] (Hewlett-Packard)
HKLM\...\Run: [OPBHOBrokerDesktop] => C:\Program Files\Hewlett-Packard\SimplePass\OPBHOBrokerDsktop.exe [415288 2014-03-28] (Hewlett-Packard)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2818800 2014-09-17] (Synaptics Incorporated)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [170256 2015-12-17] (Apple Inc.)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [767200 2014-06-06] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [HPMessageService] => C:\Program Files (x86)\Hewlett-Packard\HP System Event\HPMSGSVC.exe [507144 2014-09-02] (Hewlett-Packard Development Company, L.P.)
HKLM-x32\...\Run: [DropboxOEM] => C:\Program Files (x86)\Dropbox\DropboxOEM\DropboxOEM.exe [462160 2014-09-02] ()
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [96056 2013-05-30] (Hewlett-Packard)
HKLM-x32\...\Run: [] => [X]
HKU\S-1-5-21-527559608-4183854516-3578462897-1002\...\Run: [HP ENVY 4500 series (NET)] => C:\Program Files\HP\HP ENVY 4500 series\Bin\ScanToPCActivationApp.exe [3487240 2014-07-21] (Hewlett-Packard Development Company, LP)
HKU\S-1-5-21-527559608-4183854516-3578462897-1002\...\Run: [iCloudServices] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe [60688 2015-11-30] (Apple Inc.)
HKU\S-1-5-21-527559608-4183854516-3578462897-1002\...\Run: [iCloudPhotos] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudPhotos.exe [349968 2015-11-30] (Apple Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\avast! SecureLine.lnk [2015-04-14]
ShortcutTarget: avast! SecureLine.lnk -> C:\Program Files\AVAST Software\SecureLine\SecureLine.exe (AVAST Software)
CHR HKLM\SOFTWARE\Policies\Google: Restriction <======= ATTENTION

==================== Internet (Avec liste blanche) ====================

(Si un élément est inclus dans le fichier fixlist.txt, s'il s'agit d'un élément du Registre, il sera supprimé ou restauré à la valeur par défaut.)

Tcpip\Parameters: [DhcpNameServer] 192.168.1.1 192.168.1.1
Tcpip\..\Interfaces\{3247754E-A469-4E9D-BF2A-0F32C423A31C}: [DhcpNameServer] 192.168.1.1 192.168.1.1
Tcpip\..\Interfaces\{B337B433-3BBF-4592-990E-67124B4237F1}: [DhcpNameServer] 172.20.10.1

Internet Explorer:
==================
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://hp13.msn.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://hp13.msn.com
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://hp13.msn.com
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://hp13.msn.com
HKU\S-1-5-21-527559608-4183854516-3578462897-1002\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://www.google.fr/?gfe_rd=cr&ei=gNJaVuzcAciAcNfJg_AE&gws_rd=ssl
HKU\S-1-5-21-527559608-4183854516-3578462897-1002\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://hp13.msn.com
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM -> {6586d803-df30-46d3-a89a-4136c8571d45} URL =
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2016-02-05] (Microsoft Corporation)
BHO: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\GROOVEEX.DLL [2016-02-04] (Microsoft Corporation)
BHO: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll => Pas de fichier
BHO-x32: Evernote extension -> {92EF2EAD-A7CE-4424-B0DB-499CF856608E} -> C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll [2014-07-25] (Evernote Corp., 305 Walnut Street, Redwood City, CA 94063)
BHO-x32: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll [2015-10-19] (Hewlett-Packard Company)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2016-02-04] (Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2016-02-04] (Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2016-02-04] (Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2016-02-04] (Microsoft Corporation)
Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files\mcafee\msc\McSnIePl64.dll [2016-01-08] (McAfee, Inc.)
Filter-x32: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files (x86)\McAfee\msc\McSnIePl.dll [2016-01-08] (McAfee, Inc.)
StartMenuInternet: IEXPLORE.EXE - iexplore.exe

FireFox:
========
FF Plugin: @mcafee.com/MSC,version=10 -> c:\PROGRA~1\mcafee\msc\NPMCSN~1.DLL [2016-01-08] ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\windows\SysWOW64\Adobe\Director\np32dsw_1204144.dll [2013-09-05] (Adobe Systems, Inc.)
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2015-10-14] ()
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/pdf -> C:\Program Files (x86)\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [2014-06-19] ()
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.fdf -> C:\Program Files (x86)\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [2014-06-19] ()
FF Plugin-x32: @mcafee.com/MSC,version=10 -> c:\PROGRA~2\mcafee\msc\NPMCSN~1.DLL [2016-01-08] ()
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2016-02-04] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-02-13] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-02-13] (Google Inc.)
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll [2015-12-22] ()
FF HKLM-x32\...\Thunderbird\Extensions: [msktbird@mcafee.com] - C:\Program Files\McAfee\MSK
FF Extension: McAfee Anti-Spam Thunderbird Extension - C:\Program Files\McAfee\MSK [2016-02-20] [non signé]

Chrome:
=======
CHR HomePage: Default -> hxxps://www.google.fr/webhp?sourceid=chrome-instant&ion=1&espv=2&ie=UTF-8
CHR StartupUrls: Default -> "hxxps://www.google.fr/"
CHR Profile: C:\Users\Manon\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Docs) - C:\Users\Manon\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-12-22]
CHR Extension: (Paiements via le Chrome Web Store) - C:\Users\Manon\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-12-12]

==================== Services (Avec liste blanche) ========================

(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)

S2 0156061456251406mcinstcleanup; C:\Windows\TEMP\015606~1.EXE [918056 2015-11-27] (McAfee, Inc.)
R2 AdaptiveSleepService; C:\Program Files\ATI Technologies\ATI.ACE\A4\AdaptiveSleepService.exe [140288 2014-06-05] () [Fichier non signé]
R2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [344064 2014-06-05] (Advanced Micro Devices, Inc.) [Fichier non signé]
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [77104 2015-10-07] (Apple Inc.)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [2804976 2016-02-04] (Microsoft Corporation)
R2 GamesAppIntegrationService; C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe [349728 2015-12-22] (WildTangent)
R2 HomeNetSvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [453520 2016-01-03] (McAfee, Inc.)
R2 HPSupportSolutionsFrameworkService; C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe [25800 2015-09-28] (Hewlett-Packard Company)
R2 HPWMISVC; C:\Program Files (x86)\Hewlett-Packard\HP System Event\HPWMISVC.exe [509192 2014-09-02] (Hewlett-Packard Development Company, L.P.)
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1513784 2015-10-05] (Malwarebytes)
R2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1135416 2015-10-05] (Malwarebytes)
R2 McAPExe; C:\Program Files\McAfee\MSC\McAPExe.exe [863448 2016-01-08] (McAfee, Inc.)
S3 McAWFwk; c:\Program Files\Common Files\McAfee\ActWiz\McAWFwk.exe [332528 2014-03-12] (McAfee, Inc.)
R2 McBootDelayStartSvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [453520 2016-01-03] (McAfee, Inc.)
R2 mccspsvc; C:\Program Files\Common Files\McAfee\CSP\1.8.203.0\McCSPServiceHost.exe [1694152 2015-12-02] (McAfee, Inc.)
R2 McMPFSvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [453520 2016-01-03] (McAfee, Inc.)
R2 McNaiAnn; C:\Program Files\Common Files\McAfee\platform\McSvcHost\McSvHost.exe [453520 2016-01-03] (McAfee, Inc.)
S3 McODS; C:\Program Files\mcafee\VirusScan\mcods.exe [681680 2016-01-08] (McAfee, Inc.)
S4 McOobeSv2; C:\Program Files\Common Files\McAfee\platform\McSvcHost\McSvHost.exe [453520 2016-01-03] (McAfee, Inc.)
R2 mcpltsvc; C:\Program Files\Common Files\McAfee\platform\McSvcHost\McSvHost.exe [453520 2016-01-03] (McAfee, Inc.)
R2 McProxy; C:\Program Files\Common Files\McAfee\platform\McSvcHost\McSvHost.exe [453520 2016-01-03] (McAfee, Inc.)
R3 mfefire; C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe [234192 2015-11-18] (McAfee, Inc.)
R2 mfemms; C:\Program Files\Common Files\McAfee\SystemCore\\mfemms.exe [380896 2016-01-21] (McAfee, Inc.)
R2 mfevtp; C:\Windows\system32\mfevtps.exe [275368 2015-11-18] (McAfee, Inc.)
R2 MSK80Service; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [453520 2016-01-03] (McAfee, Inc.)
R2 omniserv; C:\Program Files\Hewlett-Packard\SimplePass\OmniServ.exe [88064 2014-03-28] (Softex Inc.) [Fichier non signé]
R2 PEFService; C:\Program Files\Common Files\Intel Security\PEF\CORE\PEFService.exe [902112 2015-12-14] (Intel Security, Inc.)
R2 RichVideo64; C:\Program Files\CyberLink\Shared files\RichVideo64.exe [389896 2014-04-14] ()
R2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [291032 2014-08-19] (Realtek Semiconductor)
R2 SecureLine; C:\Program Files\AVAST Software\SecureLine\VpnSvc.exe [452456 2015-12-22] ()
R2 SynTPEnhService; C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe [191728 2014-09-17] (Synaptics Incorporated)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [366552 2015-07-07] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2015-07-07] (Microsoft Corporation)

===================== Pilotes (Avec liste blanche) ==========================

(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)

R3 AmdAS4; C:\Windows\System32\drivers\AmdAS4.sys [17640 2013-10-24] (Advanced Micro Devices, INC.)
R3 athr; C:\Windows\system32\DRIVERS\athwbx.sys [3903488 2014-07-11] (Qualcomm Atheros Communications, Inc.)
R3 AtiHDAudioService; C:\Windows\system32\drivers\AtihdWB6.sys [222720 2014-03-12] (Advanced Micro Devices)
R3 cfwids; C:\Windows\System32\drivers\cfwids.sys [79248 2015-11-25] (McAfee, Inc.)
R1 CLVirtualDrive; C:\Windows\system32\DRIVERS\CLVirtualDrive.sys [91912 2013-11-12] (CyberLink)
S0 ebdrv; C:\Windows\System32\drivers\evbda.sys [3357024 2013-08-22] (Broadcom Corporation)
S3 HipShieldK; C:\Windows\System32\drivers\HipShieldK.sys [207208 2015-05-19] (McAfee, Inc.)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2015-10-05] (Malwarebytes)
R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [192216 2016-02-24] (Malwarebytes)
R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [64216 2015-10-05] (Malwarebytes Corporation)
R3 mfeaack; C:\Windows\System32\drivers\mfeaack.sys [419624 2015-11-25] (McAfee, Inc.)
R3 mfeavfk; C:\Windows\System32\drivers\mfeavfk.sys [351144 2015-11-25] (McAfee, Inc.)
S0 mfeelamk; C:\Windows\System32\drivers\mfeelamk.sys [83096 2015-11-25] (McAfee, Inc.)
R3 mfefirek; C:\Windows\System32\drivers\mfefirek.sys [496368 2015-11-25] (McAfee, Inc.)
R0 mfehidk; C:\Windows\System32\drivers\mfehidk.sys [846080 2015-11-25] (McAfee, Inc.)
R3 mfencbdc; C:\Windows\System32\DRIVERS\mfencbdc.sys [539496 2015-11-20] (McAfee, Inc.)
S3 mfencrk; C:\Windows\System32\DRIVERS\mfencrk.sys [109480 2015-11-20] (McAfee, Inc.)
R0 mfewfpk; C:\Windows\System32\drivers\mfewfpk.sys [245096 2015-11-25] (McAfee, Inc.)
R3 RSP2STOR; C:\Windows\system32\DRIVERS\RtsP2Stor.sys [294104 2014-08-19] (Realtek Semiconductor Corp.)
S3 SmbDrv; C:\Windows\System32\drivers\Smb_driver_AMDASF.sys [32496 2014-09-17] (Synaptics Incorporated)
S3 SmbDrvI; C:\Windows\System32\drivers\Smb_driver_Intel.sys [33008 2014-09-17] (Synaptics Incorporated)
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44560 2015-07-07] (Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [270168 2015-07-07] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114520 2015-07-07] (Microsoft Corporation)
R3 WirelessButtonDriver; C:\Windows\System32\drivers\WirelessButtonDriver64.sys [20800 2013-07-22] (Hewlett-Packard Development Company, L.P.)

==================== NetSvcs (Avec liste blanche) ===================

(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)


==================== Un mois - Créés - fichiers et dossiers ========

(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)

2016-02-24 13:01 - 2016-02-24 13:03 - 00020674 _____ C:\Users\Manon\Desktop\FRST.txt
2016-02-24 13:00 - 2016-02-24 13:01 - 00000000 ____D C:\FRST
2016-02-24 13:00 - 2016-02-24 13:00 - 02371072 _____ (Farbar) C:\Users\Manon\Desktop\FRST64.exe
2016-02-23 19:55 - 2016-02-23 19:55 - 00097881 _____ C:\Users\Manon\Desktop\ZHPDiag.txt
2016-02-23 19:42 - 2016-02-23 19:46 - 00000000 ____D C:\Users\Manon\AppData\Roaming\ZHP
2016-02-23 19:42 - 2016-02-23 19:42 - 00000877 _____ C:\Users\Manon\Desktop\ZHPDiag.lnk
2016-02-23 19:41 - 2016-02-23 19:40 - 02127360 _____ C:\Users\Manon\Desktop\ZHPDiag3.exe
2016-02-23 19:40 - 2016-02-23 19:40 - 02127360 _____ C:\Users\Manon\Downloads\ZHPDiag3.exe
2016-02-23 19:33 - 2016-02-23 19:35 - 31299600 _____ (Adlice Software ) C:\Users\Manon\Downloads\setup.exe
2016-02-23 19:15 - 2016-02-24 12:52 - 00003846 _____ C:\Windows\System32\Tasks\Intel Security DAT Reputation (AMCore) periodic endpoint safety pulse
2016-02-23 19:15 - 2016-02-23 19:15 - 00004020 _____ C:\Windows\System32\Tasks\Intel Security DAT Reputation (AMCore) Post DAT update endpoint safety pulse
2016-02-23 19:00 - 2016-02-23 19:00 - 00001121 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2016-02-23 18:56 - 2016-02-23 18:57 - 22908888 _____ (Malwarebytes ) C:\Users\Manon\Downloads\mbam-setup-org-2.2.0.1024.exe
2016-02-23 18:17 - 2016-02-23 18:17 - 01609216 _____ (Malwarebytes) C:\Users\Manon\Downloads\JRT.exe
2016-02-23 18:17 - 2016-02-23 18:17 - 01609216 _____ (Malwarebytes) C:\Users\Manon\Desktop\JRT.exe
2016-02-23 17:43 - 2016-02-23 18:04 - 00000000 ____D C:\AdwCleaner
2016-02-23 17:41 - 2016-02-23 17:42 - 01511936 _____ C:\Users\Manon\Desktop\adwcleaner_5.036.exe
2016-02-20 08:56 - 2016-02-20 08:56 - 00000290 __RSH C:\ProgramData\ntuser.pol
2016-02-20 08:12 - 2016-02-24 12:55 - 00192216 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2016-02-20 08:11 - 2016-02-23 19:00 - 00000000 ____D C:\Program Files (x86)\Malwarebytes Anti-Malware
2016-02-20 08:11 - 2016-02-20 08:11 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2016-02-20 08:11 - 2016-02-20 08:11 - 00000000 ____D C:\ProgramData\Malwarebytes
2016-02-20 08:11 - 2015-10-05 09:50 - 00109272 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamchameleon.sys
2016-02-20 08:11 - 2015-10-05 09:50 - 00064216 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2016-02-20 08:11 - 2015-10-05 09:50 - 00025816 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbam.sys
2016-02-20 07:59 - 2016-02-20 08:50 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ReviverSoft
2016-02-20 07:34 - 2016-01-05 21:04 - 00826872 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2016-02-20 07:34 - 2016-01-05 21:04 - 00176632 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2016-02-13 11:33 - 2016-02-13 11:33 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee
2016-02-13 11:24 - 2016-02-13 11:24 - 00000000 ____D C:\ProgramData\Intel Security
2016-02-13 11:20 - 2016-02-13 11:20 - 00000000 ____D C:\Program Files\Common Files\Intel Security
2016-01-31 19:26 - 2015-12-11 05:38 - 25837568 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2016-01-31 19:25 - 2015-12-11 05:00 - 00571904 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2016-01-31 19:25 - 2015-12-11 04:55 - 06051328 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2016-01-31 19:25 - 2015-12-11 04:50 - 20367360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2016-01-31 19:25 - 2015-12-11 04:21 - 00496640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2016-01-31 19:25 - 2015-12-11 04:18 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2016-01-31 19:25 - 2015-12-11 03:43 - 04610560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2016-01-31 19:25 - 2015-12-11 03:38 - 02487808 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2016-01-31 19:25 - 2015-12-11 03:35 - 12856320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2016-01-31 19:25 - 2015-12-11 03:12 - 02011136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2016-01-31 19:24 - 2015-12-11 04:45 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2016-01-31 19:24 - 2015-12-11 04:09 - 01032704 _____ (Microsoft Corporation) C:\Windows\system32\inetcomm.dll
2016-01-31 19:24 - 2015-12-11 04:09 - 00663552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2016-01-31 19:24 - 2015-12-11 04:03 - 14456832 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2016-01-31 19:24 - 2015-12-11 03:59 - 00798208 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2016-01-31 19:24 - 2015-12-11 03:43 - 00880128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcomm.dll
2016-01-31 19:24 - 2015-12-11 03:37 - 00687104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2016-01-31 19:24 - 2015-12-11 03:26 - 01546752 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2016-01-31 19:24 - 2015-12-11 03:14 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2016-01-31 19:24 - 2015-12-11 03:08 - 01311744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2016-01-31 19:24 - 2015-12-11 03:07 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2016-01-31 19:20 - 2015-12-05 06:58 - 02745184 _____ (Microsoft Corporation) C:\Windows\system32\WMVDECOD.DLL
2016-01-31 19:20 - 2015-12-05 06:58 - 02528784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMVDECOD.DLL
2016-01-31 19:20 - 2015-12-05 06:58 - 02450240 _____ (Microsoft Corporation) C:\Windows\system32\WMVENCOD.DLL
2016-01-31 19:20 - 2015-12-05 06:58 - 02447136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMVENCOD.DLL
2016-01-31 19:20 - 2015-12-05 06:58 - 02334104 _____ (Microsoft Corporation) C:\Windows\system32\mfcore.dll
2016-01-31 19:20 - 2015-12-05 06:58 - 02324744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfcore.dll
2016-01-31 19:20 - 2015-12-05 06:58 - 01877504 _____ (Microsoft Corporation) C:\Windows\system32\msmpeg2adec.dll
2016-01-31 19:20 - 2015-12-05 06:58 - 01798480 _____ (Microsoft Corporation) C:\Windows\system32\WMALFXGFXDSP.dll
2016-01-31 19:20 - 2015-12-05 06:58 - 01484888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msmpeg2adec.dll
2016-01-31 19:20 - 2015-12-05 06:58 - 01288128 _____ (Microsoft Corporation) C:\Windows\system32\mfnetsrc.dll
2016-01-31 19:20 - 2015-12-05 06:58 - 01210200 _____ (Microsoft Corporation) C:\Windows\system32\WMADMOD.DLL
2016-01-31 19:20 - 2015-12-05 06:58 - 01150232 _____ (Microsoft Corporation) C:\Windows\system32\WMADMOE.DLL
2016-01-31 19:20 - 2015-12-05 06:58 - 01115640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfnetsrc.dll
2016-01-31 19:20 - 2015-12-05 06:58 - 01037680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMADMOD.DLL
2016-01-31 19:20 - 2015-12-05 06:58 - 00914672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMADMOE.DLL
2016-01-31 19:20 - 2015-12-05 06:58 - 00850680 _____ (Microsoft Corporation) C:\Windows\system32\mfnetcore.dll
2016-01-31 19:20 - 2015-12-05 06:58 - 00735496 _____ (Microsoft Corporation) C:\Windows\system32\evr.dll
2016-01-31 19:20 - 2015-12-05 06:58 - 00700360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfnetcore.dll
2016-01-31 19:20 - 2015-12-05 06:58 - 00629600 _____ (Microsoft Corporation) C:\Windows\system32\MP4SDECD.DLL
2016-01-31 19:20 - 2015-12-05 06:58 - 00584656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\evr.dll
2016-01-31 19:20 - 2015-12-05 06:58 - 00557856 _____ (Microsoft Corporation) C:\Windows\system32\WMVSDECD.DLL
2016-01-31 19:20 - 2015-12-05 06:58 - 00498472 _____ (Microsoft Corporation) C:\Windows\system32\mfsvr.dll
2016-01-31 19:20 - 2015-12-05 06:58 - 00492736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMVSDECD.DLL
2016-01-31 19:20 - 2015-12-05 06:58 - 00463776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MP4SDECD.DLL
2016-01-31 19:20 - 2015-12-05 06:58 - 00399776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfsvr.dll
2016-01-31 19:20 - 2015-12-05 06:58 - 00299080 _____ (Microsoft Corporation) C:\Windows\system32\VIDRESZR.DLL
2016-01-31 19:20 - 2015-12-05 06:58 - 00275312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MPG4DECD.DLL
2016-01-31 19:20 - 2015-12-05 06:58 - 00274280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MP43DECD.DLL
2016-01-31 19:20 - 2015-12-05 06:58 - 00250520 _____ (Microsoft Corporation) C:\Windows\system32\MPG4DECD.DLL
2016-01-31 19:20 - 2015-12-05 06:58 - 00248432 _____ (Microsoft Corporation) C:\Windows\system32\MP43DECD.DLL
2016-01-31 19:20 - 2015-12-05 06:58 - 00246856 _____ (Microsoft Corporation) C:\Windows\system32\RESAMPLEDMO.DLL
2016-01-31 19:20 - 2015-12-05 06:58 - 00244296 _____ (Microsoft Corporation) C:\Windows\system32\mfps.dll
2016-01-31 19:20 - 2015-12-05 06:58 - 00229272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RESAMPLEDMO.DLL
2016-01-31 19:20 - 2015-12-05 06:58 - 00203016 _____ (Microsoft Corporation) C:\Windows\system32\COLORCNV.DLL
2016-01-31 19:20 - 2015-12-05 06:58 - 00184912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\COLORCNV.DLL
2016-01-31 19:20 - 2015-12-05 06:58 - 00183856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\VIDRESZR.DLL
2016-01-31 19:20 - 2015-12-05 06:58 - 00116720 _____ (Microsoft Corporation) C:\Windows\system32\MP3DMOD.DLL
2016-01-31 19:20 - 2015-12-05 06:58 - 00110544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfps.dll
2016-01-31 19:20 - 2015-12-05 06:58 - 00099136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MP3DMOD.DLL
2016-01-31 19:20 - 2015-12-05 06:58 - 00090904 _____ (Microsoft Corporation) C:\Windows\system32\devenum.dll
2016-01-31 19:20 - 2015-12-05 06:58 - 00090392 _____ (Microsoft Corporation) C:\Windows\system32\mfvdsp.dll
2016-01-31 19:20 - 2015-12-05 06:58 - 00081032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\devenum.dll
2016-01-31 19:20 - 2015-12-05 06:58 - 00076936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfvdsp.dll
2016-01-31 19:20 - 2015-12-03 19:07 - 00340992 _____ (Microsoft Corporation) C:\Windows\system32\qdvd.dll
2016-01-31 19:20 - 2015-12-03 19:07 - 00289792 _____ (Microsoft Corporation) C:\Windows\system32\ksproxy.ax
2016-01-31 19:20 - 2015-12-03 19:05 - 00644608 _____ (Microsoft Corporation) C:\Windows\system32\WMVXENCD.DLL
2016-01-31 19:20 - 2015-12-03 19:02 - 01664000 _____ (Microsoft Corporation) C:\Windows\system32\WMSPDMOE.DLL
2016-01-31 19:20 - 2015-12-03 19:00 - 00451072 _____ (Microsoft Corporation) C:\Windows\system32\WMVSENCD.DLL
2016-01-31 19:20 - 2015-12-03 18:58 - 00378880 _____ (Microsoft Corporation) C:\Windows\system32\SysFxUI.dll
2016-01-31 19:20 - 2015-12-03 18:36 - 01697792 _____ (Microsoft Corporation) C:\Windows\system32\quartz.dll
2016-01-31 19:20 - 2015-12-03 18:30 - 00468480 _____ (Microsoft Corporation) C:\Windows\system32\MFWMAAEC.DLL
2016-01-31 19:20 - 2015-12-03 18:28 - 00519680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qdvd.dll
2016-01-31 19:20 - 2015-12-03 18:28 - 00245760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ksproxy.ax
2016-01-31 19:20 - 2015-12-03 18:27 - 00736256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMVXENCD.DLL
2016-01-31 19:20 - 2015-12-03 18:24 - 01411584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMSPDMOE.DLL
2016-01-31 19:20 - 2015-12-03 18:23 - 00402432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMVSENCD.DLL
2016-01-31 19:20 - 2015-12-03 18:06 - 01501184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\quartz.dll
2016-01-31 19:20 - 2015-12-03 18:01 - 00743936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MFWMAAEC.DLL
2016-01-31 19:20 - 2015-12-03 17:40 - 01010688 _____ (Microsoft Corporation) C:\Windows\system32\WMSPDMOD.DLL
2016-01-31 19:20 - 2015-12-03 17:29 - 00887296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMSPDMOD.DLL
2016-01-31 19:20 - 2015-12-02 16:04 - 00670208 _____ (Microsoft Corporation) C:\Windows\system32\qedit.dll
2016-01-31 19:20 - 2015-12-02 16:01 - 00561664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qedit.dll
2016-01-31 19:19 - 2015-12-30 20:32 - 07453016 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2016-01-31 19:19 - 2015-12-30 20:32 - 01735000 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2016-01-31 19:19 - 2015-12-30 20:32 - 01499912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2016-01-31 19:19 - 2015-12-11 01:13 - 01164800 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2016-01-31 19:19 - 2015-12-11 01:13 - 00705024 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2016-01-31 19:19 - 2015-12-11 01:13 - 00505344 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2016-01-31 19:19 - 2015-12-11 01:13 - 00210432 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll
2016-01-31 19:19 - 2015-12-07 11:56 - 01380600 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2016-01-31 19:19 - 2015-12-04 16:00 - 01097216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2016-01-31 19:19 - 2015-12-03 20:42 - 00561952 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys
2016-01-31 19:19 - 2015-12-03 20:42 - 00397224 _____ (Microsoft Corporation) C:\Windows\system32\bcryptprimitives.dll
2016-01-31 19:19 - 2015-12-03 20:42 - 00137968 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2016-01-31 19:19 - 2015-12-03 20:42 - 00106960 _____ (Microsoft Corporation) C:\Windows\system32\ncryptsslp.dll
2016-01-31 19:19 - 2015-12-03 20:41 - 00177488 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2016-01-31 19:19 - 2015-12-03 19:52 - 00340872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\bcryptprimitives.dll
2016-01-31 19:19 - 2015-12-03 19:52 - 00120376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2016-01-31 19:19 - 2015-12-03 19:52 - 00091416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncryptsslp.dll
2016-01-31 19:19 - 2015-12-03 19:28 - 00401920 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2016-01-31 19:19 - 2015-12-03 19:28 - 00202240 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2016-01-31 19:19 - 2015-12-03 18:51 - 00445440 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll
2016-01-31 19:19 - 2015-12-03 18:16 - 00324096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certcli.dll
2016-01-31 19:19 - 2015-12-03 18:13 - 01441280 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2016-01-31 19:19 - 2015-12-03 18:07 - 00432128 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2016-01-31 19:19 - 2015-12-03 17:45 - 00357888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2016-01-31 19:16 - 2015-12-08 20:08 - 00685432 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
2016-01-31 19:16 - 2015-12-08 20:07 - 00507176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\advapi32.dll

==================== Un mois - Modifiés - fichiers et dossiers ========

(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)

2016-02-24 13:03 - 2015-12-09 18:46 - 00001100 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2016-02-24 13:00 - 2015-11-11 12:12 - 00000000 ____D C:\Users\Manon\Documents\Youcam
2016-02-24 12:59 - 2015-11-11 12:06 - 00003948 _____ C:\Windows\System32\Tasks\User_Feed_Synchronization-{D2D6E3C8-DDD4-4CA3-ACB1-65B21A272116}
2016-02-24 12:58 - 2015-11-11 12:10 - 00003596 _____ C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-527559608-4183854516-3578462897-1002
2016-02-24 12:54 - 2015-12-09 18:46 - 00001096 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2016-02-24 12:53 - 2013-08-22 14:36 - 00000000 ____D C:\Windows\Inf
2016-02-23 20:43 - 2013-08-22 16:36 - 00000000 ___HD C:\Program Files\WindowsApps
2016-02-23 20:43 - 2013-08-22 16:36 - 00000000 ____D C:\Windows\AppReadiness
2016-02-23 19:23 - 2015-11-11 12:48 - 00000000 ____D C:\Windows\System32\Tasks\McAfee
2016-02-23 19:05 - 2013-08-22 16:20 - 00000000 ____D C:\Windows\CbsTemp
2016-02-23 18:28 - 2013-08-22 16:36 - 00000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2016-02-23 18:16 - 2014-10-27 21:40 - 00000000 ____D C:\Program Files (x86)\Microsoft Office
2016-02-23 18:11 - 2015-12-14 21:06 - 00064000 ___SH C:\Users\Manon\Desktop\Thumbs.db
2016-02-23 18:07 - 2013-08-22 15:45 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2016-02-23 18:06 - 2015-04-14 04:54 - 00065536 _____ C:\Windows\system32\spu_storage.bin
2016-02-23 17:25 - 2015-11-11 11:53 - 00000000 ____D C:\Users\Manon
2016-02-21 19:57 - 2014-10-28 04:14 - 00846474 _____ C:\Windows\system32\perfh00C.dat
2016-02-21 19:57 - 2014-10-28 04:14 - 00174564 _____ C:\Windows\system32\perfc00C.dat
2016-02-21 19:57 - 2014-03-18 10:53 - 01966994 _____ C:\Windows\system32\PerfStringBackup.INI
2016-02-20 17:06 - 2013-08-22 14:25 - 00262144 ___SH C:\Windows\system32\config\ELAM
2016-02-20 09:13 - 2015-11-11 18:25 - 00002499 ____N C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WildTangent Games App - hp.lnk
2016-02-20 09:13 - 2015-04-14 05:18 - 00002483 ____N C:\Users\Public\Desktop\WildTangent Games App - hp.lnk
2016-02-20 09:13 - 2015-04-14 05:18 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2016-02-20 09:12 - 2015-04-14 05:18 - 00000000 ____D C:\Program Files (x86)\WildTangent Games
2016-02-20 08:53 - 2013-08-22 16:36 - 00000000 ___RD C:\Windows\DesktopTileResources
2016-02-20 08:53 - 2013-08-22 14:25 - 00262144 ___SH C:\Windows\system32\config\BBI
2016-02-20 08:10 - 2015-12-09 18:48 - 00002237 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-02-20 08:10 - 2015-12-09 18:48 - 00002208 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2016-02-20 07:23 - 2015-12-06 09:17 - 00000000 ____D C:\Windows\system32\MRT
2016-02-18 20:35 - 2015-12-06 09:17 - 146614896 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2016-02-15 19:55 - 2015-11-11 13:53 - 00000000 ___RD C:\Users\Manon\OneDrive
2016-02-15 19:54 - 2015-12-22 15:14 - 00003102 _____ C:\Windows\System32\Tasks\Microsoft OneDrive Auto Update Task-S-1-5-21-527559608-4183854516-3578462897-1002
2016-02-13 11:58 - 2015-12-09 18:46 - 00004072 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2016-02-13 11:58 - 2015-12-09 18:46 - 00003836 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2016-02-13 11:33 - 2015-04-14 05:32 - 00000000 ____D C:\ProgramData\McAfee
2016-02-13 11:33 - 2014-10-27 21:38 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Security and Protection
2016-02-13 11:31 - 2015-04-14 05:32 - 00000000 ____D C:\Program Files\Common Files\McAfee
2016-02-13 11:28 - 2013-08-22 16:36 - 00000000 ___HD C:\Windows\ELAMBKUP

==================== Fichiers à la racine de certains dossiers =======

2015-11-29 12:30 - 2015-12-29 17:30 - 0000180 _____ () C:\Users\Manon\AppData\Roaming\WB.CFG
2015-11-11 12:50 - 2015-11-11 12:50 - 0000057 _____ () C:\ProgramData\Ament.ini

Certains fichiers dans TEMP:
====================
C:\Users\Manon\AppData\Local\Temp\COMAP.EXE
C:\Users\Manon\AppData\Local\Temp\HPSFUpdater.exe
C:\Users\Manon\AppData\Local\Temp\scp684C.tmp.exe
C:\Users\Manon\AppData\Local\Temp\sqlite3.dll
C:\Users\Manon\AppData\Local\Temp\UninstallHPSA.exe
C:\Users\Manon\AppData\Local\Temp\{A781E426-1119-4A87-82BB-A25FDE74B276}-48.0.2564.97_47.0.2526.106_chrome_updater_3stage.exe
C:\Users\Manon\AppData\Local\Temp\{C5379831-FC71-49D9-B0B5-8C2EBE981EC9}-48.0.2564.109_48.0.2564.97_chrome_updater.exe


==================== Bamital & volsnap =================

(Il n'y a pas de correction automatique pour les fichiers qui ne satisfont pas à la vérification.)

C:\Windows\system32\winlogon.exe => Le fichier est signé numériquement
C:\Windows\system32\wininit.exe => Le fichier est signé numériquement
C:\Windows\explorer.exe => Le fichier est signé numériquement
C:\Windows\SysWOW64\explorer.exe => Le fichier est signé numériquement
C:\Windows\system32\svchost.exe => Le fichier est signé numériquement
C:\Windows\SysWOW64\svchost.exe => Le fichier est signé numériquement
C:\Windows\system32\services.exe => Le fichier est signé numériquement
C:\Windows\system32\User32.dll => Le fichier est signé numériquement
C:\Windows\SysWOW64\User32.dll => Le fichier est signé numériquement
C:\Windows\system32\userinit.exe => Le fichier est signé numériquement
C:\Windows\SysWOW64\userinit.exe => Le fichier est signé numériquement
C:\Windows\system32\rpcss.dll => Le fichier est signé numériquement
C:\Windows\system32\dnsapi.dll => Le fichier est signé numériquement
C:\Windows\SysWOW64\dnsapi.dll => Le fichier est signé numériquement
C:\Windows\system32\Drivers\volsnap.sys => Le fichier est signé numériquement


LastRegBack: 2016-02-23 20:51

==================== Fin de FRST.txt ============================

Publicité


Signaler le contenu de ce document

Publicité