cjoint

Publicité


Publicité

Format du document : text/plain

Prévisualisation

Résultats d'analyse de Farbar Recovery Scan Tool (FRST) (x64) Version:27-02-2016
Exécuté par balla thomas (administrateur) sur PC-BUREAU (01-03-2016 14:18:53)
Exécuté depuis C:\Users\thomas\Downloads
Profils chargés: balla thomas & balla_000 (Profils disponibles: balla thomas & balla_000)
Platform: Windows 10 Home Version 1511 (X64) Langue: Français (France)
Internet Explorer Version 11 (Navigateur par défaut: FF)
Mode d'amorçage: Normal
Tutoriel pour Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processus (Avec liste blanche) =================

(Si un élément est inclus dans le fichier fixlist.txt, le processus sera arrêté. Le fichier ne sera pas déplacé.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Softex Inc.) C:\Program Files\Hewlett-Packard\SimplePass\OmniServ.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\stacsv64.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
() C:\Program Files (x86)\Canon\IJPLM\ijplmsvc.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe
(Malwarebytes) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\NisSrv.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Security Assist\isa.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MpCmdRun.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersServer.exe
() C:\Program Files\Hewlett-Packard\SimplePass\opvapp.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Hewlett-Packard) C:\Program Files\Hewlett-Packard\SimplePass\ClientCore.exe
(Hewlett-Packard) C:\Program Files\Hewlett-Packard\SimplePass\OPBHOBroker.exe
(Hewlett-Packard) C:\Program Files\Hewlett-Packard\SimplePass\OPBHOBrokerDsktop.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\sttray64.exe
(Hewlett-Packard ) C:\Program Files\IDT\WDM\Beats64.exe
(Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\root\office15\onenotem.exe
(Creative Technology Ltd.) C:\Program Files (x86)\Creative\Creative Live! Cam\VideoFX\StartFX.exe
(CANON INC.) C:\Program Files (x86)\Canon\Solution Menu EX\CNSEMAIN.EXE
(Evernote Corp., 305 Walnut Street, Redwood City, CA 94063) C:\Program Files (x86)\Evernote\Evernote\EvernoteClipper.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesCommonX86\Microsoft Shared\OFFICE15\CSISYNCCLIENT.EXE
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\SyncServer.exe
() C:\Program Files\WindowsApps\Microsoft.Messaging_2.13.20000.0_x86__8wekyb3d8bbwe\SkypeHost.exe
(Malwarebytes) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
(Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
() C:\Program Files\WindowsApps\Microsoft.Windows.Photos_16.201.11370.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
() C:\Program Files\Hewlett-Packard\SimplePass\opvapp.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Thunderbird\thunderbird.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Hewlett-Packard) C:\Program Files\Hewlett-Packard\SimplePass\ClientCore.exe
(Hewlett-Packard) C:\Program Files\Hewlett-Packard\SimplePass\OPBHOBroker.exe
(Hewlett-Packard) C:\Program Files\Hewlett-Packard\SimplePass\OPBHOBrokerDsktop.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\sttray64.exe
(Hewlett-Packard ) C:\Program Files\IDT\WDM\Beats64.exe
(Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
(© 2015 Microsoft Corporation) C:\Users\thomas\AppData\Local\Microsoft\BingSvc\BingSvc.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(Dropbox, Inc.) C:\Users\thomas\AppData\Local\Dropbox\Update\DropboxUpdate.exe
(Dropbox, Inc.) C:\Users\thomas\AppData\Roaming\Dropbox\bin\Dropbox.exe
(Creative Technology Ltd.) C:\Program Files (x86)\Creative\Creative Live! Cam\VideoFX\StartFX.exe
(CANON INC.) C:\Program Files (x86)\Canon\Solution Menu EX\CNSEMAIN.EXE
(Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe
() C:\Program Files\WindowsApps\Microsoft.Messaging_2.13.20000.0_x86__8wekyb3d8bbwe\SkypeHost.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_20_0_0_306.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_20_0_0_306.exe


==================== Registre (Avec liste blanche) ===========================

(Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé. Le fichier ne sera pas déplacé.)

HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2462536 2015-05-19] (NVIDIA Corporation)
HKLM\...\Run: [SimplePass] => C:\Program Files\Hewlett-Packard\SimplePass\ClientCore.exe [3957816 2014-02-07] (Hewlett-Packard)
HKLM\...\Run: [OPBHOBroker] => C:\Program Files\Hewlett-Packard\SimplePass\OPBHOBroker.exe [415288 2014-02-07] (Hewlett-Packard)
HKLM\...\Run: [OPBHOBrokerDesktop] => C:\Program Files\Hewlett-Packard\SimplePass\OPBHOBrokerDsktop.exe [415288 2014-02-07] (Hewlett-Packard)
HKLM\...\Run: [ShadowPlay] => C:\WINDOWS\system32\rundll32.exe C:\WINDOWS\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM\...\Run: [SysTrayApp] => C:\Program Files\IDT\WDM\sttray64.exe [1703424 2013-12-03] (IDT, Inc.)
HKLM\...\Run: [BeatsOSDApp] => C:\Program Files\IDT\WDM\beats64.exe [41664 2013-12-03] (Hewlett-Packard )
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [170256 2015-12-17] (Apple Inc.)
HKLM-x32\...\Run: [AVFX Engine] => C:\Program Files (x86)\Creative\Creative Live! Cam\VideoFX\StartFX.exe [24576 2006-08-16] (Creative Technology Ltd.)
HKLM-x32\...\Run: [CanonSolutionMenuEx] => C:\Program Files (x86)\Canon\Solution Menu EX\CNSEMAIN.EXE [1185112 2010-04-02] (CANON INC.)
HKU\S-1-5-21-2894245714-2991221408-1732658633-1001\...\Run: [BingSvc] => C:\Users\thomas\AppData\Local\Microsoft\BingSvc\BingSvc.exe [144008 2016-02-26] (© 2015 Microsoft Corporation)
HKU\S-1-5-21-2894245714-2991221408-1732658633-1001\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [50599552 2016-02-10] (Skype Technologies S.A.)
HKU\S-1-5-21-2894245714-2991221408-1732658633-1001\...\Run: [Dropbox Update] => C:\Users\thomas\AppData\Local\Dropbox\Update\DropboxUpdate.exe [136048 2015-08-27] (Dropbox, Inc.)
HKU\S-1-5-21-2894245714-2991221408-1732658633-1001\...\Policies\Explorer: [NoLowDiskSpaceChecks] 1
HKU\S-1-5-21-2894245714-2991221408-1732658633-1006\...\RunOnce: [Uninstall C:\Users\balla_000\AppData\Local\Microsoft\OneDrive\17.3.6201.1019_1\amd64] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\balla_000\AppData\Local\Microsoft\OneDrive\17.3.6201.1019_1\amd64"
HKU\S-1-5-21-2894245714-2991221408-1732658633-1006\...\RunOnce: [Uninstall C:\Users\balla_000\AppData\Local\Microsoft\OneDrive\17.3.6281.1202\amd64] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\balla_000\AppData\Local\Microsoft\OneDrive\17.3.6281.1202\amd64"
ShellIconOverlayIdentifiers: ["DropboxExt1"] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\thomas\AppData\Roaming\Dropbox\bin\DropboxExt64.33.dll [2016-02-16] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt2"] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\thomas\AppData\Roaming\Dropbox\bin\DropboxExt64.33.dll [2016-02-16] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt3"] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\thomas\AppData\Roaming\Dropbox\bin\DropboxExt64.33.dll [2016-02-16] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt4"] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\thomas\AppData\Roaming\Dropbox\bin\DropboxExt64.33.dll [2016-02-16] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt5"] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\thomas\AppData\Roaming\Dropbox\bin\DropboxExt64.33.dll [2016-02-16] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt6"] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\thomas\AppData\Roaming\Dropbox\bin\DropboxExt64.33.dll [2016-02-16] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt7"] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\thomas\AppData\Roaming\Dropbox\bin\DropboxExt64.33.dll [2016-02-16] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt8"] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\thomas\AppData\Roaming\Dropbox\bin\DropboxExt64.33.dll [2016-02-16] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => Pas de fichier
Startup: C:\Users\thomas\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk [2016-02-26]
ShortcutTarget: Dropbox.lnk -> C:\Users\thomas\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
Startup: C:\Users\balla_000\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Envoyer à OneNote.lnk [2015-03-05]
ShortcutTarget: Envoyer à OneNote.lnk -> C:\Program Files\Microsoft Office 15\root\office15\onenotem.exe (Microsoft Corporation)
Startup: C:\Users\balla_000\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\EvernoteClipper.lnk [2015-02-15]
ShortcutTarget: EvernoteClipper.lnk -> C:\Program Files (x86)\Evernote\Evernote\EvernoteClipper.exe (Evernote Corp., 305 Walnut Street, Redwood City, CA 94063)
Startup: C:\Users\thomas\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk [2016-02-26]
ShortcutTarget: Dropbox.lnk -> C:\Users\thomas\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CHR HKLM\SOFTWARE\Policies\Google: Restriction <======= ATTENTION

==================== Internet (Avec liste blanche) ====================

(Si un élément est inclus dans le fichier fixlist.txt, s'il s'agit d'un élément du Registre, il sera supprimé ou restauré à la valeur par défaut.)

Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{c9e40a86-0098-4b8a-a76f-b9b88f4a98c6}: [DhcpNameServer] 192.168.1.1

Internet Explorer:
==================
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = www.google.com
HKU\S-1-5-21-2894245714-2991221408-1732658633-1001\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxp://www.msn.com/?PC=AV01
HKU\S-1-5-21-2894245714-2991221408-1732658633-1001\Software\Microsoft\Internet Explorer\Main,First Home Page = hxxp://g.uk.msn.com/HPDSK14/3
HKU\S-1-5-21-2894245714-2991221408-1732658633-1006\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.msn.com/?PC=AV01
HKU\S-1-5-21-2894245714-2991221408-1732658633-1006\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxp://search.msn.com/spbasic.htm
HKU\S-1-5-21-2894245714-2991221408-1732658633-1006\Software\Microsoft\Internet Explorer\Main,First Home Page = hxxp://g.uk.msn.com/HPDSK14/3
SearchScopes: HKLM -> {628D8175-4762-4069-94CC-BC531128FEB0} URL = hxxp://www.amazon.fr/s/ref=azs_osd_ieafr?ie=UTF-8&tag=hp-fr1-vsb-21&link%5Fcode=qs&index=aps&field-keywords={searchTerms}
SearchScopes: HKLM -> {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL =
SearchScopes: HKLM-x32 -> DefaultScope {632F07F3-19A1-4d16-A23F-E6CE9486BAB5} URL = hxxp://www.bing.com/search?q={searchTerms}&FORM=AVASDF&PC=AV01
SearchScopes: HKLM-x32 -> {628D8175-4762-4069-94CC-BC531128FEB0} URL = hxxp://www.amazon.fr/s/ref=azs_osd_ieafr?ie=UTF-8&tag=hp-fr1-vsb-21&link%5Fcode=qs&index=aps&field-keywords={searchTerms}
SearchScopes: HKLM-x32 -> {632F07F3-19A1-4d16-A23F-E6CE9486BAB5} URL = hxxp://www.bing.com/search?q={searchTerms}&FORM=AVASDF&PC=AV01
SearchScopes: HKLM-x32 -> {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL =
SearchScopes: HKLM-x32 -> {9CB96984-43C3-4D44-90EF-01466EFCF7BB} URL = hxxps://fr.search.yahoo.com/yhs/search?type=avastbcl&hspart=avast&hsimp=yhs-001&p={searchTerms}
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-2894245714-2991221408-1732658633-1001 -> {628D8175-4762-4069-94CC-BC531128FEB0} URL =
SearchScopes: HKU\S-1-5-21-2894245714-2991221408-1732658633-1001 -> {632F07F3-19A1-4d16-A23F-E6CE9486BAB5} URL = hxxp://www.bing.com/search?q={searchTerms}&FORM=AVASDF&PC=AV01
SearchScopes: HKU\S-1-5-21-2894245714-2991221408-1732658633-1001 -> {DC91FAFB-6CEA-49E5-BB74-9CEE75D09B77} URL =
SearchScopes: HKU\S-1-5-21-2894245714-2991221408-1732658633-1006 -> {628D8175-4762-4069-94CC-BC531128FEB0} URL =
SearchScopes: HKU\S-1-5-21-2894245714-2991221408-1732658633-1006 -> {632F07F3-19A1-4d16-A23F-E6CE9486BAB5} URL = hxxp://www.bing.com/search?q={searchTerms}&FORM=AVASDF&PC=AV01
SearchScopes: HKU\S-1-5-21-2894245714-2991221408-1732658633-1006 -> {9CB96984-43C3-4D44-90EF-01466EFCF7BB} URL = hxxps://fr.search.yahoo.com/yhs/search?type=avastbcl&hspart=avast&hsimp=yhs-001&p={searchTerms}
SearchScopes: HKU\S-1-5-21-2894245714-2991221408-1732658633-1006 -> {DC91FAFB-6CEA-49E5-BB74-9CEE75D09B77} URL =
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll [2016-02-23] (Microsoft Corporation)
BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2016-01-08] (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL [2016-02-23] (Microsoft Corporation)
BHO: Pas de nom -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> Pas de fichier
BHO-x32: Evernote extension -> {92EF2EAD-A7CE-4424-B0DB-499CF856608E} -> C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll [2014-01-16] (Evernote Corp., 305 Walnut Street, Redwood City, CA 94063)
BHO-x32: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2016-01-08] (Microsoft Corporation)
BHO-x32: Pas de nom -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> Pas de fichier
Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL [2015-02-03] (Microsoft Corporation)
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2016-01-08] (Microsoft Corporation)
Handler-x32: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2016-01-08] (Microsoft Corporation)

FireFox:
========
FF ProfilePath: C:\Users\thomas\AppData\Roaming\Mozilla\Firefox\Profiles\g3lsbpjr.default-1446832069844
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_20_0_0_306.dll [2016-02-09] ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.41212.0\npctrl.dll [2015-12-11] ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_20_0_0_306.dll [2016-02-09] ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2015-10-14] ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2015-04-21] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.68 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2015-04-21] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2015-04-21] (Intel Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.41212.0\npctrl.dll [2015-12-11] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL [2015-01-23] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-02-10] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-02-10] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2015-12-18] (Adobe Systems Inc.)
FF Extension: Skype - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}.xpi [2016-01-06]

Chrome:
=======
CHR StartupUrls: Default -> "hxxp://www.google.com/"
CHR DefaultSearchURL: Default -> hxxps://fr.search.yahoo.com/yhs/search?type=avastbcl&hspart=avast&hsimp=yhs-001&p={searchTerms}
CHR DefaultSearchKeyword: Default -> www.yahoo.com
CHR DefaultSuggestURL: Default -> hxxp://ff.search.yahoo.com/gossip?output=fxjson&command={searchTerms}
CHR Profile: C:\Users\thomas\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Slides) - C:\Users\thomas\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2014-09-22]
CHR Extension: (Google Docs) - C:\Users\thomas\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-09-22]
CHR Extension: (Google Drive) - C:\Users\thomas\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-09-22]
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\thomas\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-09-22]
CHR Extension: (YouTube) - C:\Users\thomas\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-09-22]
CHR Extension: (Recherche Google) - C:\Users\thomas\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-09-22]
CHR Extension: (Google Sheets) - C:\Users\thomas\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2014-09-22]
CHR Extension: (Avast Online Security) - C:\Users\thomas\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2014-12-06]
CHR Extension: (Google Wallet) - C:\Users\thomas\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-09-22]
CHR Extension: (Gmail) - C:\Users\thomas\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-09-22]
CHR HKU\S-1-5-21-2894245714-2991221408-1732658633-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [fcfenmboojpjinhpgggodefccipikbpd] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx [2016-01-08]

==================== Services (Avec liste blanche) ========================

(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)

R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [77104 2015-10-07] (Apple Inc.)
R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1433216 2016-01-08] (Microsoft Corporation)
R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1773696 2016-01-08] (Microsoft Corporation)
R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [2809072 2016-01-20] (Microsoft Corporation)
R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1148744 2015-05-19] (NVIDIA Corporation)
R2 IJPLMSVC; C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE [116104 2010-04-05] ()
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [881152 2015-05-22] (Intel(R) Corporation)
R3 Intel(R) Security Assist; C:\Program Files (x86)\Intel\Intel(R) Security Assist\isa.exe [335872 2015-05-19] (Intel Corporation) [Fichier non signé]
S2 isaHelperSvc; C:\Program Files (x86)\Intel\Intel(R) Security Assist\isaHelperService.exe [7680 2015-05-19] () [Fichier non signé]
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [223520 2015-07-10] (Intel Corporation)
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1513784 2015-10-05] (Malwarebytes)
S2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1135416 2015-10-05] (Malwarebytes)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1795912 2015-05-19] (NVIDIA Corporation)
S2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [19439944 2015-05-19] (NVIDIA Corporation)
R2 omniserv; C:\Program Files\Hewlett-Packard\SimplePass\OmniServ.exe [88064 2014-02-07] (Softex Inc.) [Fichier non signé]
R2 STacSV; C:\Program Files\IDT\WDM\STacSV64.exe [339456 2013-12-03] (IDT, Inc.) [Fichier non signé]
R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [364464 2015-10-30] (Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [24864 2015-10-30] (Microsoft Corporation)

===================== Pilotes (Avec liste blanche) ==========================

(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)

R3 athr; C:\Windows\System32\drivers\athw10x.sys [4318760 2015-09-05] (Qualcomm Atheros Communications, Inc.)
R1 CLVirtualDrive; C:\Windows\system32\DRIVERS\CLVirtualDrive.sys [91912 2013-11-12] (CyberLink)
R3 dot4; C:\Windows\system32\DRIVERS\Dot4.sys [151968 2012-10-19] (Windows (R) Win 7 DDK provider)
R3 Dot4Print; C:\Windows\System32\drivers\Dot4Prt.sys [27040 2012-10-19] (Windows (R) Win 7 DDK provider)
R3 LcUvcUpper; C:\Windows\system32\DRIVERS\LcUvcUpper.sys [37912 2015-10-15] (Microsoft Corporation)
R3 MBAMProtector; C:\WINDOWS\system32\drivers\mbam.sys [25816 2015-10-05] (Malwarebytes)
R3 MBAMSwissArmy; C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [192216 2016-02-27] (Malwarebytes)
S3 MBAMWebAccessControl; C:\WINDOWS\system32\drivers\mwac.sys [64216 2015-10-05] (Malwarebytes Corporation)
R3 MEIx64; C:\Windows\System32\drivers\TeeDriverW8x64.sys [184608 2015-07-07] (Intel Corporation)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [19272 2015-05-19] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [38048 2015-05-19] (NVIDIA Corporation)
R3 rt640x64; C:\Windows\System32\drivers\rt640x64.sys [896768 2016-02-17] (Realtek )
S0 WdBoot; C:\Windows\System32\drivers\WdBoot.sys [44568 2015-10-30] (Microsoft Corporation)
R0 WdFilter; C:\Windows\System32\drivers\WdFilter.sys [293216 2015-10-30] (Microsoft Corporation)
R3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [118112 2015-10-30] (Microsoft Corporation)

==================== NetSvcs (Avec liste blanche) ===================

(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)


==================== Un mois - Créés - fichiers et dossiers ========

(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)

2016-03-01 14:18 - 2016-03-01 14:19 - 00025677 _____ C:\Users\thomas\Downloads\FRST.txt
2016-03-01 14:18 - 2016-03-01 14:18 - 00000000 ____D C:\FRST
2016-03-01 14:03 - 2016-03-01 14:18 - 02371072 _____ (Farbar) C:\Users\thomas\Downloads\FRST64.exe
2016-02-29 23:40 - 2016-02-29 23:40 - 00000000 ___HD C:\OneDriveTemp
2016-02-27 14:17 - 2016-02-27 14:17 - 02133504 _____ C:\Users\balla_000\Downloads\ZHPDiag3 (9).exe
2016-02-27 13:38 - 2016-02-27 13:38 - 02069504 _____ C:\Users\balla_000\Downloads\ZHPCleaner (3).exe
2016-02-27 12:44 - 2016-02-27 12:44 - 00003472 _____ C:\Users\thomas\Desktop\ZHPCleaner.txt
2016-02-27 12:33 - 2016-02-27 12:33 - 02069504 _____ C:\Users\balla_000\Downloads\ZHPCleaner (2).exe
2016-02-27 12:01 - 2016-02-27 12:01 - 02132480 _____ C:\Users\balla_000\Downloads\ZHPDiag3 (8).exe
2016-02-27 09:02 - 2016-02-27 09:07 - 167583000 _____ (Apple Inc.) C:\Users\thomas\Downloads\iTunes6464Setup.exe
2016-02-26 09:52 - 2016-02-26 20:32 - 00000000 ____D C:\Users\balla_000\AppData\Local\CrashDumps
2016-02-26 09:12 - 2016-03-01 14:16 - 00000000 ____D C:\Users\thomas\AppData\Local\CrashDumps
2016-02-26 08:49 - 2016-02-26 08:49 - 00000000 ____D C:\WINDOWS\HP
2016-02-26 08:44 - 2016-02-26 08:44 - 00192216 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\56AD43B2.sys
2016-02-26 08:04 - 2016-02-26 08:04 - 00192216 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\60502522.sys
2016-02-26 08:04 - 2016-02-26 08:04 - 00192216 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\127724FE.sys
2016-02-26 08:01 - 2016-02-26 08:01 - 00192216 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\6B2D2288.sys
2016-02-26 06:53 - 2016-03-01 14:03 - 00000380 _____ C:\WINDOWS\Tasks\HPCeeScheduleForballa thomas.job
2016-02-26 00:53 - 2016-02-26 00:53 - 00000000 ____D C:\Users\thomas\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2016-02-26 00:49 - 2016-02-26 00:49 - 00000000 ____D C:\Users\thomas\AppData\Local\ActiveSync
2016-02-25 23:42 - 2016-02-25 23:42 - 02130944 _____ C:\Users\balla_000\Downloads\ZHPDiag3 (7).exe
2016-02-25 23:01 - 2016-02-25 23:01 - 02130944 _____ C:\Users\balla_000\Downloads\ZHPDiag3 (6).exe
2016-02-25 22:59 - 2016-02-25 22:59 - 02130944 _____ C:\Users\balla_000\Downloads\ZHPDiag3 (5).exe
2016-02-25 22:48 - 2016-02-25 22:49 - 02130944 _____ C:\Users\balla_000\Downloads\ZHPDiag3 (3).exe
2016-02-25 22:48 - 2016-02-25 22:48 - 02130944 _____ C:\Users\balla_000\Downloads\ZHPDiag3 (4).exe
2016-02-25 21:08 - 2016-02-25 21:08 - 02130944 _____ C:\Users\balla_000\Downloads\ZHPDiag3 (2).exe
2016-02-25 16:56 - 2016-02-27 14:24 - 00114317 _____ C:\Users\thomas\Desktop\ZHPDiag.txt
2016-02-25 16:10 - 2016-02-25 16:10 - 02130944 _____ C:\Users\balla_000\Downloads\ZHPDiag3 (1).exe
2016-02-25 16:04 - 2016-02-25 16:04 - 00000913 _____ C:\Users\thomas\Desktop\ZHPDiag.lnk
2016-02-25 16:03 - 2016-02-25 16:04 - 02130944 _____ C:\Users\balla_000\Downloads\ZHPDiag3.exe
2016-02-25 14:06 - 2016-02-25 15:59 - 00000000 ____D C:\ProgramData\RogueKiller
2016-02-25 14:06 - 2016-02-25 14:06 - 00028272 _____ C:\WINDOWS\system32\Drivers\TrueSight.sys
2016-02-25 14:03 - 2016-02-25 14:04 - 22908888 _____ (Malwarebytes ) C:\Users\balla_000\Downloads\mbam-setup-org-2.2.0.1024.exe
2016-02-25 14:02 - 2016-02-25 14:05 - 25169992 _____ C:\Users\balla_000\Downloads\RogueKillerX64.exe
2016-02-25 10:27 - 2016-02-25 10:27 - 00000017 _____ C:\Users\balla_000\AppData\Local\resmon.resmoncfg
2016-02-25 09:18 - 2016-02-25 09:18 - 00331854 _____ C:\Users\balla_000\Downloads\Attestation fiscale ARRCO (3).pdf
2016-02-25 09:18 - 2016-02-25 09:18 - 00331854 _____ C:\Users\balla_000\Downloads\Attestation fiscale ARRCO (2).pdf
2016-02-25 08:58 - 2016-02-25 08:58 - 00331854 _____ C:\Users\balla_000\Downloads\Attestation fiscale ARRCO (1).pdf
2016-02-24 11:36 - 2016-02-27 14:28 - 00000000 ____D C:\Users\thomas\AppData\Roaming\ZHP
2016-02-24 11:36 - 2016-02-24 11:36 - 02064896 _____ C:\Users\balla_000\Downloads\ZHPCleaner (1).exe
2016-02-24 11:36 - 2016-02-24 11:36 - 00000923 _____ C:\Users\thomas\Desktop\ZHPCleaner.lnk
2016-02-24 10:16 - 2016-02-24 10:16 - 00001829 _____ C:\Users\Public\Desktop\iTunes.lnk
2016-02-24 10:16 - 2016-02-24 10:16 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2016-02-24 10:16 - 2016-02-24 10:16 - 00000000 ____D C:\Program Files\iTunes
2016-02-24 10:16 - 2016-02-24 10:16 - 00000000 ____D C:\Program Files\iPod
2016-02-24 10:16 - 2016-02-24 10:16 - 00000000 ____D C:\Program Files (x86)\iTunes
2016-02-24 10:14 - 2016-02-24 10:14 - 00000000 ____D C:\WINDOWS\System32\Tasks\Apple
2016-02-24 10:14 - 2016-02-24 10:14 - 00000000 ____D C:\Program Files\Bonjour
2016-02-24 10:14 - 2016-02-24 10:14 - 00000000 ____D C:\Program Files (x86)\Bonjour
2016-02-24 10:14 - 2016-02-24 10:14 - 00000000 ____D C:\Program Files (x86)\Apple Software Update
2016-02-22 17:24 - 2016-02-22 17:25 - 00331775 _____ C:\Users\balla_000\Downloads\Attestation fiscale AGIRC (2).pdf
2016-02-22 17:24 - 2016-02-22 17:24 - 00331775 _____ C:\Users\balla_000\Downloads\Attestation fiscale AGIRC (1).pdf
2016-02-22 17:05 - 2016-02-22 17:05 - 00331775 _____ C:\Users\balla_000\Downloads\Attestation fiscale AGIRC.pdf
2016-02-22 16:57 - 2016-02-22 16:58 - 00331877 _____ C:\Users\balla_000\Downloads\Attestation fiscale ARRCO.pdf
2016-02-17 16:27 - 2016-02-17 16:27 - 00091240 _____ (Realtek Semiconductor Corporation) C:\WINDOWS\system32\RtNicProp64.dll
2016-02-16 21:12 - 2016-02-24 10:17 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2016-02-15 11:07 - 2016-02-27 09:00 - 00000000 ____D C:\Program Files (x86)\Mozilla Thunderbird
2016-02-10 10:35 - 2016-01-27 06:10 - 22394368 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2016-02-10 10:35 - 2016-01-27 06:05 - 19339776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2016-02-10 10:35 - 2016-01-27 06:05 - 18678272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2016-02-10 10:35 - 2016-01-27 05:55 - 12125696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2016-02-10 10:35 - 2016-01-27 05:48 - 13382656 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2016-02-10 10:34 - 2016-01-29 07:57 - 04502352 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe
2016-02-10 10:34 - 2016-01-29 07:33 - 04064320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe
2016-02-10 10:34 - 2016-01-27 07:15 - 01557776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
2016-02-10 10:34 - 2016-01-27 07:15 - 01542816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
2016-02-10 10:34 - 2016-01-27 07:01 - 07476064 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2016-02-10 10:34 - 2016-01-27 07:01 - 01997328 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2016-02-10 10:34 - 2016-01-27 07:01 - 01819720 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2016-02-10 10:34 - 2016-01-27 06:59 - 00304752 _____ (Microsoft Corporation) C:\WINDOWS\system32\systemreset.exe
2016-02-10 10:34 - 2016-01-27 06:57 - 02919320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2016-02-10 10:34 - 2016-01-27 06:57 - 01824264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\combase.dll
2016-02-10 10:34 - 2016-01-27 06:57 - 00820704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WinTypes.dll
2016-02-10 10:34 - 2016-01-27 06:56 - 21124344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2016-02-10 10:34 - 2016-01-27 06:55 - 05242496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll
2016-02-10 10:34 - 2016-01-27 06:55 - 00081112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\OpenWith.exe
2016-02-10 10:34 - 2016-01-27 06:54 - 00295264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msv1_0.dll
2016-02-10 10:34 - 2016-01-27 06:46 - 02606824 _____ (Microsoft Corporation) C:\WINDOWS\system32\combase.dll
2016-02-10 10:34 - 2016-01-27 06:46 - 01270072 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinTypes.dll
2016-02-10 10:34 - 2016-01-27 06:45 - 22564328 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2016-02-10 10:34 - 2016-01-27 06:45 - 06605544 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll
2016-02-10 10:34 - 2016-01-27 06:44 - 00604928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2016-02-10 10:34 - 2016-01-27 06:44 - 00085320 _____ (Microsoft Corporation) C:\WINDOWS\system32\OpenWith.exe
2016-02-10 10:34 - 2016-01-27 06:43 - 00359776 _____ (Microsoft Corporation) C:\WINDOWS\system32\msv1_0.dll
2016-02-10 10:34 - 2016-01-27 06:37 - 01998176 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2016-02-10 10:34 - 2016-01-27 06:37 - 00576352 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys
2016-02-10 10:34 - 2016-01-27 06:21 - 00162816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msorcl32.dll
2016-02-10 10:34 - 2016-01-27 06:15 - 00031232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ztrace_maps.dll
2016-02-10 10:34 - 2016-01-27 06:13 - 00065536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininetlui.dll
2016-02-10 10:34 - 2016-01-27 06:12 - 00045568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jsproxy.dll
2016-02-10 10:34 - 2016-01-27 06:11 - 00118272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mtxoci.dll
2016-02-10 10:34 - 2016-01-27 06:10 - 00099840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\hlink.dll
2016-02-10 10:34 - 2016-01-27 06:08 - 00299008 _____ (Microsoft Corporation) C:\WINDOWS\system32\microsoft-windows-system-events.dll
2016-02-10 10:34 - 2016-01-27 06:08 - 00036864 _____ (Microsoft Corporation) C:\WINDOWS\system32\ztrace_maps.dll
2016-02-10 10:34 - 2016-01-27 06:07 - 00203264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iassam.dll
2016-02-10 10:34 - 2016-01-27 06:05 - 00069632 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininetlui.dll
2016-02-10 10:34 - 2016-01-27 06:05 - 00052224 _____ (Microsoft Corporation) C:\WINDOWS\system32\jsproxy.dll
2016-02-10 10:34 - 2016-01-27 06:04 - 09918976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2016-02-10 10:34 - 2016-01-27 06:04 - 00147456 _____ (Microsoft Corporation) C:\WINDOWS\system32\mtxoci.dll
2016-02-10 10:34 - 2016-01-27 06:03 - 00099328 _____ (Microsoft Corporation) C:\WINDOWS\system32\ngckeyenum.dll
2016-02-10 10:34 - 2016-01-27 06:02 - 00109056 _____ (Microsoft Corporation) C:\WINDOWS\system32\hlink.dll
2016-02-10 10:34 - 2016-01-27 06:01 - 00792064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kerberos.dll
2016-02-10 10:34 - 2016-01-27 05:59 - 00258048 _____ (Microsoft Corporation) C:\WINDOWS\system32\iassam.dll
2016-02-10 10:34 - 2016-01-27 05:58 - 11545088 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2016-02-10 10:34 - 2016-01-27 05:57 - 00764928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
2016-02-10 10:34 - 2016-01-27 05:55 - 03666432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2016-02-10 10:34 - 2016-01-27 05:54 - 24603136 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2016-02-10 10:34 - 2016-01-27 05:52 - 00970752 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll
2016-02-10 10:34 - 2016-01-27 05:50 - 02230784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2016-02-10 10:34 - 2016-01-27 05:50 - 01504768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2016-02-10 10:34 - 2016-01-27 05:50 - 00144384 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxdav.sys
2016-02-10 10:34 - 2016-01-27 05:49 - 05662208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2016-02-10 10:34 - 2016-01-27 05:44 - 00063488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cfgbkend.dll
2016-02-10 10:34 - 2016-01-27 05:42 - 01387520 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2016-02-10 10:34 - 2016-01-27 05:41 - 03592704 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2016-02-10 10:34 - 2016-01-27 05:39 - 02275328 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2016-02-10 10:34 - 2016-01-27 05:38 - 07835648 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2016-02-10 10:34 - 2016-01-27 05:38 - 01734656 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2016-02-10 10:34 - 2016-01-27 05:37 - 04894720 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2016-02-10 10:34 - 2016-01-27 05:36 - 02757120 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2016-02-10 10:34 - 2016-01-27 05:32 - 01087488 _____ (Microsoft Corporation) C:\WINDOWS\system32\reseteng.dll
2016-02-10 10:34 - 2016-01-27 05:31 - 00079360 _____ (Microsoft Corporation) C:\WINDOWS\system32\cfgbkend.dll
2016-02-08 09:48 - 2016-02-08 09:50 - 00114528 _____ C:\Users\balla_000\Downloads\telereglement_CFE_20160208_094707.pdf
2016-02-04 14:03 - 2016-02-04 14:04 - 00059177 _____ C:\Users\balla_000\Downloads\RECAPITULATIFANNUELDESFRAIS_20160119.pdf

==================== Un mois - Modifiés - fichiers et dossiers ========

(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)

2016-03-01 14:09 - 2014-10-25 07:59 - 00001096 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA1cff021282adc75.job
2016-03-01 14:04 - 2014-09-22 14:48 - 00001096 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2016-03-01 14:00 - 2014-11-29 11:29 - 00000000 ___RD C:\Users\thomas\Dropbox
2016-03-01 14:00 - 2014-11-26 08:40 - 00000000 ____D C:\Users\thomas\AppData\Roaming\Dropbox
2016-03-01 13:59 - 2015-03-14 21:25 - 00000000 ____D C:\Users\thomas\AppData\Roaming\Skype
2016-03-01 13:59 - 2014-09-22 14:48 - 00001092 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2016-03-01 13:50 - 2015-08-27 22:45 - 00001232 _____ C:\WINDOWS\Tasks\DropboxUpdateTaskUserS-1-5-21-2894245714-2991221408-1732658633-1001UA.job
2016-03-01 13:42 - 2014-09-22 14:38 - 00001002 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2016-03-01 09:06 - 2015-12-10 04:03 - 02049462 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2016-03-01 09:06 - 2015-10-30 20:00 - 00898128 _____ C:\WINDOWS\system32\perfh00C.dat
2016-03-01 09:06 - 2015-10-30 20:00 - 00188056 _____ C:\WINDOWS\system32\perfc00C.dat
2016-03-01 09:06 - 2015-10-30 08:21 - 00000000 ____D C:\WINDOWS\INF
2016-03-01 08:50 - 2015-02-06 23:00 - 00004174 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{81B95A4C-0D81-4CA3-AA82-D17A17203925}
2016-02-29 23:50 - 2015-08-27 22:45 - 00001180 _____ C:\WINDOWS\Tasks\DropboxUpdateTaskUserS-1-5-21-2894245714-2991221408-1732658633-1001Core.job
2016-02-29 23:40 - 2015-02-06 22:02 - 00000000 ___RD C:\Users\balla_000\OneDrive
2016-02-29 21:15 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\AppReadiness
2016-02-29 20:58 - 2015-06-22 13:58 - 00003272 _____ C:\WINDOWS\System32\Tasks\HPCeeScheduleForballa_000
2016-02-29 20:58 - 2015-06-22 13:58 - 00000368 _____ C:\WINDOWS\Tasks\HPCeeScheduleForballa_000.job
2016-02-27 22:41 - 2015-03-30 17:34 - 00000000 ____D C:\Users\balla_000\AppData\Roaming\Skype
2016-02-27 14:39 - 2015-02-06 21:55 - 00000000 ____D C:\Users\balla_000\AppData\Local\Packages
2016-02-27 14:32 - 2015-02-09 15:28 - 00000000 ____D C:\Users\balla_000\Documents\Mes Documents
2016-02-27 14:31 - 2014-09-19 05:31 - 00000000 ____D C:\Users\thomas\Documents\Mes Documents
2016-02-27 09:37 - 2015-10-30 08:24 - 00000000 ___HD C:\Program Files\WindowsApps
2016-02-27 09:17 - 2015-09-06 22:34 - 00000000 ____D C:\Users\thomas\AppData\Local\Comms
2016-02-27 09:06 - 2015-01-23 00:08 - 00192216 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2016-02-27 09:00 - 2014-10-25 10:03 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2016-02-27 08:59 - 2015-09-06 22:42 - 00002461 _____ C:\Users\thomas\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2016-02-27 08:59 - 2015-02-05 11:14 - 00000000 __RDO C:\Users\thomas\OneDrive
2016-02-26 21:33 - 2014-09-18 13:35 - 00004168 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{5A00D437-3BE3-40A1-A126-8A5202A0D820}
2016-02-26 09:22 - 2015-12-10 04:20 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2016-02-26 09:22 - 2015-10-30 07:28 - 00786432 ___SH C:\WINDOWS\system32\config\BBI
2016-02-26 08:49 - 2014-04-02 12:27 - 00000000 ____D C:\SWSETUP
2016-02-26 07:00 - 2015-12-10 04:03 - 00000000 ____D C:\Users\thomas
2016-02-26 06:53 - 2014-09-18 13:31 - 00000000 ____D C:\Users\thomas\AppData\Local\Packages
2016-02-26 00:47 - 2014-09-18 13:11 - 00000000 __RHD C:\Users\Public\AccountPictures
2016-02-25 14:05 - 2015-01-23 00:08 - 00001182 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2016-02-25 14:05 - 2015-01-23 00:08 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2016-02-25 14:05 - 2015-01-23 00:08 - 00000000 ____D C:\Program Files (x86)\Malwarebytes Anti-Malware
2016-02-25 09:17 - 2015-02-07 10:07 - 00000000 ____D C:\Users\balla_000\AppData\Local\Adobe
2016-02-25 09:16 - 2014-09-22 14:37 - 00000000 ____D C:\Users\thomas\AppData\Local\Adobe
2016-02-24 10:31 - 2015-09-14 12:41 - 00002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2016-02-24 10:16 - 2014-10-01 07:44 - 00000000 ____D C:\Program Files\Common Files\Apple
2016-02-24 10:14 - 2014-10-01 07:45 - 00002535 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Apple Software Update.lnk
2016-02-23 18:19 - 2015-03-14 21:25 - 00000000 ____D C:\ProgramData\Skype
2016-02-23 08:08 - 2015-10-30 08:24 - 00000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2016-02-23 08:07 - 2015-01-23 18:46 - 00000000 ____D C:\Program Files\Microsoft Office 15
2016-02-19 23:05 - 2014-10-28 19:12 - 00002277 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-02-17 16:27 - 2015-09-05 15:34 - 00896768 _____ (Realtek ) C:\WINDOWS\system32\Drivers\rt640x64.sys
2016-02-12 09:19 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\rescache
2016-02-11 10:21 - 2015-09-05 13:13 - 00002470 _____ C:\Users\balla_000\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2016-02-10 23:37 - 2015-10-30 20:03 - 00000000 ____D C:\Program Files\Windows Journal
2016-02-10 10:58 - 2014-09-23 22:05 - 00000000 ____D C:\WINDOWS\system32\MRT
2016-02-10 10:53 - 2015-10-30 08:11 - 00000000 ____D C:\WINDOWS\CbsTemp
2016-02-10 10:53 - 2014-09-23 22:05 - 146614896 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2016-02-10 07:04 - 2014-10-25 07:59 - 00004184 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA1cff021282adc75
2016-02-10 07:04 - 2014-09-22 14:48 - 00003922 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
2016-02-09 09:53 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\system32\FxsTmp
2016-02-04 13:42 - 2014-10-09 15:18 - 00000000 ____D C:\ProgramData\CanonIJPLM
2016-02-03 20:01 - 2015-10-30 08:26 - 00828920 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2016-02-03 20:01 - 2015-10-30 08:26 - 00176632 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2016-01-31 00:55 - 2015-12-10 04:03 - 00000000 ____D C:\Users\balla_000

==================== Fichiers à la racine de certains dossiers =======

2014-09-18 17:39 - 2015-01-21 08:56 - 0000123 _____ () C:\Users\thomas\AppData\Roaming\WB.CFG
2014-09-24 07:13 - 2014-10-01 09:42 - 0037376 _____ () C:\Users\thomas\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2015-01-20 19:55 - 2015-01-20 19:55 - 0234679 _____ () C:\Users\thomas\AppData\Local\dsi1.dat
2015-01-20 19:55 - 2015-01-20 19:55 - 0161916 _____ () C:\Users\thomas\AppData\Local\dsi2.dat
2014-10-23 06:57 - 2014-10-23 06:57 - 0000017 _____ () C:\Users\thomas\AppData\Local\resmon.resmoncfg
2015-01-23 09:10 - 2015-01-23 09:10 - 0002814 _____ () C:\Users\thomas\AppData\Local\ZHPFixReport.txt

Certains fichiers dans TEMP:
====================
C:\Users\thomas\AppData\Local\Temp\BingSvc.exe
C:\Users\thomas\AppData\Local\Temp\BSvcProcessor.exe
C:\Users\thomas\AppData\Local\Temp\BSvcUpdater.exe
C:\Users\thomas\AppData\Local\Temp\dllnt_dump.dll
C:\Users\thomas\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpmfdu1l.dll
C:\Users\thomas\AppData\Local\Temp\Extract.exe
C:\Users\thomas\AppData\Local\Temp\SP73514.exe


==================== Bamital & volsnap =================

(Il n'y a pas de correction automatique pour les fichiers qui ne satisfont pas à la vérification.)

C:\WINDOWS\system32\winlogon.exe => Le fichier est signé numériquement
C:\WINDOWS\system32\wininit.exe => Le fichier est signé numériquement
C:\WINDOWS\explorer.exe => Le fichier est signé numériquement
C:\WINDOWS\SysWOW64\explorer.exe => Le fichier est signé numériquement
C:\WINDOWS\system32\svchost.exe => Le fichier est signé numériquement
C:\WINDOWS\SysWOW64\svchost.exe => Le fichier est signé numériquement
C:\WINDOWS\system32\services.exe => Le fichier est signé numériquement
C:\WINDOWS\system32\User32.dll => Le fichier est signé numériquement
C:\WINDOWS\SysWOW64\User32.dll => Le fichier est signé numériquement
C:\WINDOWS\system32\userinit.exe => Le fichier est signé numériquement
C:\WINDOWS\SysWOW64\userinit.exe => Le fichier est signé numériquement
C:\WINDOWS\system32\rpcss.dll => Le fichier est signé numériquement
C:\WINDOWS\system32\dnsapi.dll => Le fichier est signé numériquement
C:\WINDOWS\SysWOW64\dnsapi.dll => Le fichier est signé numériquement
C:\WINDOWS\system32\Drivers\volsnap.sys => Le fichier est signé numériquement


LastRegBack: 2016-02-22 08:23

==================== Fin de FRST.txt ============================

Publicité


Signaler le contenu de ce document

Publicité