cjoint

Publicité


Publicité

Format du document : text/plain

Prévisualisation

Résultats d'analyse de Farbar Recovery Scan Tool (FRST) (x64) Version:25-05-2016 01
Exécuté par Deladoey (administrateur) sur HP_AIO (26-05-2016 12:53:20)
Exécuté depuis C:\Users\Deladoey\Desktop
Profils chargés: Deladoey (Profils disponibles: Deladoey)
Platform: Windows 8.1 (Update) (X64) Langue: Français (France)
Internet Explorer Version 11 (Navigateur par défaut: IE)
Mode d'amorçage: Normal
Tutoriel pour Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processus (Avec liste blanche) =================

(Si un élément est inclus dans le fichier fixlist.txt, le processus sera arrêté. Le fichier ne sera pas déplacé.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Andrea Electronics Corporation) C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(F-Secure Corporation) C:\Program Files (x86)\F-Secure\fshoster32.exe
(F-Secure Corporation) C:\Program Files (x86)\F-Secure\apps\CCF_Reputation\fsorsp.exe
(F-Secure Corporation) C:\Program Files (x86)\F-Secure\apps\ComputerSecurity\Anti-Virus\fsgk32.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Skype Technologies) C:\Program Files (x86)\Skype\Updater\Updater.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
(F-Secure Corporation) C:\Program Files (x86)\F-Secure\apps\ComputerSecurity\Common\FSMA32.EXE
(F-Secure Corporation) C:\Program Files (x86)\F-Secure\apps\ComputerSecurity\Common\FSHDLL64.EXE
(F-Secure Corporation) C:\Program Files (x86)\F-Secure\apps\ComputerSecurity\Anti-Virus\fssm32.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe
(IvoSoft) C:\Program Files\Classic Shell\ClassicStartMenu.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20911_x64__8wekyb3d8bbwe\livecomm.exe
(Microsoft Corporation) C:\Windows\System32\SkyDrive.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(CyberLink) C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Swisscom (Schweiz) AG) C:\Program Files (x86)\Swisscom\My Swisscom Assistant\MySwisscomAssistant_Launcher.exe
(F-Secure Corporation) C:\Program Files (x86)\F-Secure\fshoster32.exe
(Swisscom (Schweiz) AG) C:\Program Files (x86)\Swisscom\My Swisscom Assistant\MySwisscomAssistant_Repair.exe
(F-Secure Corporation) C:\Program Files (x86)\F-Secure\apps\ComputerSecurity\Common\FSM32.EXE


==================== Registre (Avec liste blanche) ===========================

(Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé. Le fichier ne sera pas déplacé.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [7205592 2014-03-31] (Realtek Semiconductor)
HKLM\...\Run: [Classic Start Menu] => C:\Program Files\Classic Shell\ClassicStartMenu.exe [161984 2014-01-18] (IvoSoft)
HKLM-x32\...\Run: [CLMLServer_For_P2G8] => c:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe [111120 2012-06-08] (CyberLink)
HKLM-x32\...\Run: [CLVirtualDrive] => c:\Program Files (x86)\CyberLink\Power2Go8\VirtualDrive.exe [491120 2012-07-02] (CyberLink Corp.)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59280 2012-08-27] (Apple Inc.)
HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [421776 2012-09-10] (Apple Inc.)
HKLM-x32\...\Run: [My Swisscom Assistant] => C:\Program Files (x86)\Swisscom\My Swisscom Assistant\MySwisscomAssistant_Launcher.exe [14371936 2015-11-26] (Swisscom (Schweiz) AG)
HKLM-x32\...\Run: [F-Secure Hoster (45119)] => C:\Program Files (x86)\F-Secure\fshoster32.exe [187432 2014-02-19] (F-Secure Corporation)
HKLM-x32\...\Run: [F-Secure Manager] => C:\Program Files (x86)\F-Secure\apps\ComputerSecurity\Common\FSM32.EXE [310312 2015-10-08] (F-Secure Corporation)
HKLM\...\RunOnce: [NCPluginUpdater] => C:\Program Files (x86)\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\NCPluginUpdater.exe [21720 2014-08-19] (Hewlett-Packard)
HKU\S-1-5-19\Control Panel\Desktop\\SCRNSAVE.EXE ->
HKU\S-1-5-20\Control Panel\Desktop\\SCRNSAVE.EXE ->
HKU\S-1-5-21-1337973074-3388338273-3994013190-1001\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [30877280 2014-12-11] (Skype Technologies S.A.)
HKU\S-1-5-18\Control Panel\Desktop\\SCRNSAVE.EXE ->
AppInit_DLLs-x32: C:\PROGRA~2\Amazon\AMAZON~1\\AMAZON~3.DLL => Pas de fichier
Startup: C:\Users\Deladoey\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2010 - Capture d’écran et lancement.lnk [2014-08-30]
ShortcutTarget: OneNote 2010 - Capture d’écran et lancement.lnk -> C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE (Microsoft Corporation)
GroupPolicy: Restriction - Chrome <======= ATTENTION

==================== Internet (Avec liste blanche) ====================

(Si un élément est inclus dans le fichier fixlist.txt, s'il s'agit d'un élément du Registre, il sera supprimé ou restauré à la valeur par défaut.)

Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{3D644E54-50DC-4FE2-9A49-26228D4F9B52}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{92A22C67-FFD5-47EF-B4BC-310A03B6BEE2}: [DhcpNameServer] 192.168.1.1

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com
HKU\S-1-5-21-1337973074-3388338273-3994013190-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.bluewin.ch/fr/index.html
SearchScopes: HKLM -> {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = hxxp://rover.ebay.com/rover/1/5222-29882-11896-2/4 ?mpre=http%3A%2F%2Fwww.ebay.com%2Fsch%2F%3F_nkw%3D{searchTerms}&keyword={searchTerms}
SearchScopes: HKLM -> {E15E7100-1128-44B2-B432-C8682E14C8CC} URL = hxxp://www.amazon.fr/s/ref=azs_osd_ieafr?ie=UTF-8&tag=hp-fr3-vsb-21&link%5Fcode=qs&index=aps&field-keywords={searchTerms}
SearchScopes: HKLM-x32 -> {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = hxxp://rover.ebay.com/rover/1/5222-29882-11896-2/4 ?mpre=http%3A%2F%2Fwww.ebay.com%2Fsch%2F%3F_nkw%3D{searchTerms}&keyword={searchTerms}
SearchScopes: HKLM-x32 -> {E15E7100-1128-44B2-B432-C8682E14C8CC} URL = hxxp://www.amazon.fr/s/ref=azs_osd_ieafr?ie=UTF-8&tag=hp-fr3-vsb-21&link%5Fcode=qs&index=aps&field-keywords={searchTerms}
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-1337973074-3388338273-3994013190-1001 -> {D944BB61-2E34-4DBF-A683-47E505C587DC} URL =
SearchScopes: HKU\S-1-5-21-1337973074-3388338273-3994013190-1001 -> {E15E7100-1128-44B2-B432-C8682E14C8CC} URL =
BHO: Browsing Protection by F-Secure -> {45BBE08D-81C5-4A67-AF20-B2A077C67747} -> C:\Program Files (x86)\F-Secure\apps\CCF_Scanning\bin\browser\install\fs_ie_https\fs_ie_https64.dll [2016-05-09] (F-Secure Corporation)
BHO: F-Secure Search -> {690EF1CF-5775-4CB3-A5B8-85A63FD0262B} -> C:\Program Files (x86)\F-Secure\apps\SafeSearch\IE\FSSafeSearch64.dll [2015-11-19] (F-Secure Corporation)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll [2013-08-28] (Hewlett-Packard)
BHO-x32: Pas de nom -> {11111111-1111-1111-1111-110311281150} -> Pas de fichier
BHO-x32: Pas de nom -> {11111111-1111-1111-1111-110611191113} -> Pas de fichier
BHO-x32: Pas de nom -> {11111111-1111-1111-1111-110611421101} -> Pas de fichier
BHO-x32: Browsing Protection by F-Secure -> {45BBE08D-81C5-4A67-AF20-B2A077C67747} -> C:\Program Files (x86)\F-Secure\apps\CCF_Scanning\bin\browser\install\fs_ie_https\fs_ie_https.dll [2016-05-09] (F-Secure Corporation)
BHO-x32: F-Secure Search -> {690EF1CF-5775-4CB3-A5B8-85A63FD0262B} -> C:\Program Files (x86)\F-Secure\apps\SafeSearch\IE\FSSafeSearch.dll [2015-11-19] (F-Secure Corporation)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO-x32: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll [2013-08-28] (Hewlett-Packard)
Toolbar: HKLM - F-Secure Search Toolbar - {B242FC32-2B60-48EA-A8E3-2E280EDBC48F} - C:\Program Files (x86)\F-Secure\apps\SafeSearch\IE\FSSafeSearch64.dll [2015-11-19] (F-Secure Corporation)
Toolbar: HKLM-x32 - F-Secure Search Toolbar - {B242FC32-2B60-48EA-A8E3-2E280EDBC48F} - C:\Program Files (x86)\F-Secure\apps\SafeSearch\IE\FSSafeSearch.dll [2015-11-19] (F-Secure Corporation)

FireFox:
========
FF ProfilePath: C:\Users\Deladoey\AppData\Roaming\Mozilla\Firefox\Profiles\apfdmwc8.default
FF DefaultSearchUrl: hxxp://www.bing.com/search?FORM=IPGTDF&PC=IPGTDF&q=
FF Homepage: hxxp://www.bluewin.ch/fr/index.html
about:preferences
FF Plugin: @adobe.com/FlashPlayer -> C:\windows\system32\Macromed\Flash\NPSWF64_11_5_502_110.dll [2012-12-02] ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.41212.0\npctrl.dll [2015-12-12] ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\windows\SysWOW64\Macromed\Flash\NPSWF32_11_5_502_110.dll [2012-12-02] ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2012-08-08] ()
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll [2013-10-07] (Google)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2014-03-31] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2014-03-31] (Intel Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.41212.0\npctrl.dll [2015-12-12] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2013-08-29] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2013-08-29] (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.30.3\npGoogleUpdate3.dll [2016-05-11] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.30.3\npGoogleUpdate3.dll [2016-05-11] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.0.4 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2012-10-15] (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2016-05-03] (Adobe Systems Inc.)
FF Extension: My Swisscom Assistant - C:\Users\Deladoey\AppData\Roaming\Mozilla\Firefox\Profiles\apfdmwc8.default\extensions\{6A6114A5-EEF5-45F4-BCD1-B00A7B33E04B} [2016-03-15] [non signé]
FF Extension: Default Manager - C:\Users\Deladoey\AppData\Roaming\Mozilla\Firefox\Profiles\apfdmwc8.default\Extensions\DefaultManager@Microsoft [2012-11-18] [non signé]
FF HKLM\...\Firefox\Extensions: [ols@f-secure.com] - C:\Program Files (x86)\F-Secure\apps\CCF_Scanning\bin\browser\install\fs_firefox_https\fs_firefox_https.xpi
FF Extension: Browsing Protection by F-Secure - C:\Program Files (x86)\F-Secure\apps\CCF_Scanning\bin\browser\install\fs_firefox_https\fs_firefox_https.xpi [2016-05-09]
FF HKLM-x32\...\Firefox\Extensions: [{97aca5a6-dc35-4b6e-a46a-1e61405fd265}] - C:\Program Files (x86)\F-Secure\apps\CCF_Scanning\bin\browser\deploy\fs_firefox_https => non trouvé(e)
FF HKLM-x32\...\Firefox\Extensions: [ols@f-secure.com] - C:\Program Files (x86)\F-Secure\apps\CCF_Scanning\bin\browser\install\fs_firefox_https\fs_firefox_https.xpi

Chrome:
=======
CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\50.0.2661.102\PepperFlash\pepflashplayer.dll ()
CHR Plugin: (Native Client) - C:\Program Files (x86)\Google\Chrome\Application\50.0.2661.102\ppGoogleNaClPluginChrome.dll => Pas de fichier
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\50.0.2661.102\pdf.dll => Pas de fichier
CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\Browser\nppdf32.dll => Pas de fichier
CHR Plugin: (Microsoft Office 2010) - C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
CHR Plugin: (Microsoft Office 2010) - C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
CHR Plugin: (Google Earth Plugin) - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
CHR Plugin: (Picasa) - C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll => Pas de fichier
CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll => Pas de fichier
CHR Plugin: (Intel® Identity Protection Technology) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
CHR Plugin: (Intel® Identity Protection Technology) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
CHR Plugin: (McAfee Security Scanner +) - C:\Program Files (x86)\McAfee Security Scan\3.0.318\npMcAfeeMss.dll => Pas de fichier
CHR Plugin: (VLC Web Plugin) - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
CHR Plugin: (Photo Gallery) - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
CHR Plugin: (iTunes Application Detector) - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
CHR Plugin: (Shockwave Flash) - C:\windows\SysWOW64\Macromed\Flash\NPSWF32_11_5_502_110.dll ()
CHR Plugin: (Silverlight Plug-In) - c:\Program Files (x86)\Microsoft Silverlight\5.1.20513.0\npctrl.dll => Pas de fichier
CHR Profile: C:\Users\Deladoey\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Browsing Protection by F-Secure) - C:\Users\Deladoey\AppData\Local\Google\Chrome\User Data\Default\Extensions\jmjjnhpacphpjmnnlnccpfmhkcloaade [2016-05-25]
CHR Extension: (Paiements via le Chrome Web Store) - C:\Users\Deladoey\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-05-25]
CHR HKLM-x32\...\Chrome\Extension: [jmjjnhpacphpjmnnlnccpfmhkcloaade] - C:/Program Files (x86)/F-Secure/apps/CCF_Scanning/bin/browser/install/fs_chrome_https/fs_chrome_https.crx [2014-11-27]

==================== Services (Avec liste blanche) ========================

(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)

R2 fshoster; C:\Program Files (x86)\F-Secure\fshoster32.exe [187432 2014-02-19] (F-Secure Corporation)
R3 FSMA; C:\Program Files (x86)\F-Secure\apps\ComputerSecurity\Common\FSMA32.EXE [216104 2015-10-08] (F-Secure Corporation)
R2 FSORSPClient; C:\Program Files (x86)\F-Secure\apps\CCF_Reputation\fsorsp.exe [60456 2016-04-08] (F-Secure Corporation)
S2 HP Support Assistant Service; C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe [92160 2013-11-04] (Hewlett-Packard Company) [Fichier non signé]
S2 HPConnectedRemote; c:\Program Files (x86)\Hewlett-Packard\HP Connected Remote\HPConnectedRemoteService.exe [35232 2012-08-29] (Hewlett-Packard)
S2 IconMan_R; C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe [2451456 2012-07-14] (Realsil Microelectronics Inc.) [Fichier non signé]
R2 Intel(R) Capability Licensing Service Interface; c:\Program Files\Intel\iCLS Client\HeciServer.exe [733696 2013-05-11] (Intel(R) Corporation) [Fichier non signé]
S3 Intel(R) Capability Licensing Service TCP IP Interface; c:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [822232 2013-05-11] (Intel(R) Corporation)
S2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [131544 2014-03-31] (Intel Corporation)
S2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2014-03-31] (Intel Corporation)
S3 m2UpdateService_F8F8565687B043BDB2BA3B7982C22B5E; C:\Program Files (x86)\Swisscom\My Swisscom Assistant\m2UpdateService.exe [8331360 2015-11-26] (Swisscom (Schweiz) AG)
R2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [289496 2014-03-31] (Realtek Semiconductor)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [366552 2015-07-07] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2015-07-07] (Microsoft Corporation)

===================== Pilotes (Avec liste blanche) ==========================

(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)

R1 CLVirtualDrive; C:\Windows\system32\DRIVERS\CLVirtualDrive.sys [92536 2012-06-25] (CyberLink)
S0 ebdrv; C:\Windows\System32\drivers\evbda.sys [3357024 2013-08-22] (Broadcom Corporation)
R3 F-Secure Gatekeeper; C:\Program Files (x86)\F-Secure\apps\ComputerSecurity\Anti-Virus\minifilter\fsgk.sys [217160 2016-04-08] (F-Secure Corporation)
R1 F-Secure HIPS; C:\Program Files (x86)\F-Secure\apps\ComputerSecurity\HIPS\drivers\fshs.sys [106696 2016-04-21] (F-Secure Corporation)
R0 fsbts; C:\Windows\System32\Drivers\fsbts.sys [75448 2016-04-08] ()
R3 fsni; C:\Program Files (x86)\F-Secure\apps\CCF_Scanning\bin\fsni64.sys [110272 2016-05-09] (F-Secure Corporation)
R1 fsvista; C:\Program Files (x86)\F-Secure\apps\ComputerSecurity\Anti-Virus\minifilter\fsvista.sys [13352 2015-10-08] ()
R3 MEIx64; C:\Windows\system32\DRIVERS\TeeDriverx64.sys [99288 2014-03-31] (Intel Corporation)
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44560 2015-07-07] (Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [270168 2015-07-07] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114520 2015-07-07] (Microsoft Corporation)

==================== NetSvcs (Avec liste blanche) ===================

(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)


==================== Un mois - Créés - fichiers et dossiers ========

(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)

2016-05-26 12:53 - 2016-05-26 12:53 - 00021209 _____ C:\Users\Deladoey\Desktop\FRST.txt
2016-05-26 12:53 - 2016-05-26 12:53 - 00000000 ____D C:\Users\Deladoey\Desktop\FRST-OlderVersion
2016-05-26 12:52 - 2016-05-26 12:53 - 00000000 ____D C:\Users\Deladoey\Desktop\ccm
2016-05-25 17:10 - 2016-05-25 17:20 - 00000000 ____D C:\Users\Deladoey\Downloads\kavremvr
2016-05-25 17:09 - 2016-05-25 17:09 - 05618051 _____ C:\Users\Deladoey\Downloads\kavremvr.zip
2016-05-25 10:14 - 2016-05-26 12:53 - 00000000 ____D C:\FRST
2016-05-25 10:13 - 2016-05-26 12:53 - 02383360 _____ (Farbar) C:\Users\Deladoey\Desktop\FRST64.exe
2016-05-25 09:37 - 2016-04-14 17:25 - 02778624 _____ (Microsoft Corporation) C:\WINDOWS\system32\authui.dll
2016-05-25 09:37 - 2016-04-14 17:11 - 02464768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\authui.dll
2016-05-25 09:37 - 2016-04-12 17:46 - 14467584 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2016-05-25 09:37 - 2016-04-12 17:30 - 12879872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2016-05-25 09:37 - 2016-04-10 07:35 - 00551256 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vhdmp.sys
2016-05-25 09:37 - 2016-04-10 00:15 - 00026112 _____ (Microsoft Corporation) C:\WINDOWS\system32\wfapigp.dll
2016-05-25 09:37 - 2016-04-10 00:14 - 00306176 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Geolocation.dll
2016-05-25 09:37 - 2016-04-10 00:10 - 00816128 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpcss.dll
2016-05-25 09:37 - 2016-04-10 00:09 - 00754176 _____ (Microsoft Corporation) C:\WINDOWS\system32\FirewallAPI.dll
2016-05-25 09:37 - 2016-04-10 00:02 - 00346112 _____ (Microsoft Corporation) C:\WINDOWS\system32\LocationApi.dll
2016-05-25 09:37 - 2016-04-09 23:59 - 00218112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Geolocation.dll
2016-05-25 09:37 - 2016-04-09 23:59 - 00020480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wfapigp.dll
2016-05-25 09:37 - 2016-04-09 23:56 - 00543232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\FirewallAPI.dll
2016-05-25 09:37 - 2016-04-09 23:55 - 00881152 _____ (Microsoft Corporation) C:\WINDOWS\system32\MPSSVC.dll
2016-05-25 09:37 - 2016-04-09 23:52 - 00281088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LocationApi.dll
2016-05-25 09:37 - 2016-04-07 18:34 - 00987136 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll
2016-05-25 09:37 - 2016-04-07 18:06 - 00927744 _____ (Microsoft Corporation) C:\WINDOWS\system32\iphlpsvc.dll
2016-05-25 09:37 - 2016-04-07 17:36 - 00800768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kerberos.dll
2016-05-25 09:37 - 2016-04-06 23:21 - 00114528 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mup.sys
2016-05-25 09:37 - 2016-04-06 20:20 - 00402432 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rdbss.sys
2016-05-25 09:37 - 2016-04-06 20:17 - 18825216 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2016-05-25 09:37 - 2016-04-06 19:11 - 07074816 _____ (Microsoft Corporation) C:\WINDOWS\system32\glcndFilter.dll
2016-05-25 09:37 - 2016-04-06 18:40 - 07792640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll
2016-05-25 09:37 - 2016-04-06 18:25 - 15158272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2016-05-25 09:37 - 2016-04-06 18:02 - 05269504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\glcndFilter.dll
2016-05-25 09:37 - 2016-04-06 17:29 - 05265408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll
2016-05-25 09:37 - 2016-04-06 00:37 - 00205824 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndiswan.sys
2016-05-25 09:37 - 2016-04-02 15:58 - 00108032 _____ (Microsoft Corporation) C:\WINDOWS\system32\BdeHdCfgLib.dll
2016-05-25 09:37 - 2016-04-01 19:40 - 00322048 _____ (Microsoft Corporation) C:\WINDOWS\system32\fvecpl.dll
2016-05-25 09:37 - 2016-04-01 19:00 - 00840704 _____ (Microsoft Corporation) C:\WINDOWS\system32\netlogon.dll
2016-05-25 09:37 - 2016-04-01 18:53 - 00348672 _____ (Microsoft Corporation) C:\WINDOWS\system32\bdesvc.dll
2016-05-25 09:37 - 2016-04-01 18:50 - 00737280 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapi.dll
2016-05-25 09:37 - 2016-04-01 18:42 - 00748544 _____ (Microsoft Corporation) C:\WINDOWS\system32\StructuredQuery.dll
2016-05-25 09:37 - 2016-04-01 18:41 - 00696832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netlogon.dll
2016-05-25 09:37 - 2016-04-01 18:32 - 00503808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\StructuredQuery.dll
2016-05-25 09:37 - 2016-03-31 08:53 - 07446360 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2016-05-25 09:37 - 2016-03-31 08:51 - 01134776 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2016-05-25 09:37 - 2016-03-31 06:36 - 00862720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
2016-05-25 09:37 - 2016-03-08 16:44 - 00138240 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dfsc.sys
2016-05-25 09:37 - 2016-02-04 18:57 - 00018944 _____ (Microsoft Corporation) C:\WINDOWS\system32\httpprxp.dll
2016-05-25 09:37 - 2016-02-04 18:49 - 00125440 _____ (Microsoft Corporation) C:\WINDOWS\system32\httpprxm.dll
2016-05-25 09:37 - 2016-02-04 18:39 - 00077824 _____ (Microsoft Corporation) C:\WINDOWS\system32\adhsvc.dll
2016-05-25 09:37 - 2016-01-31 21:17 - 00118624 _____ (Microsoft Corporation) C:\WINDOWS\system32\consent.exe
2016-05-25 09:37 - 2016-01-31 20:07 - 00110080 _____ (Microsoft Corporation) C:\WINDOWS\system32\appinfo.dll
2016-05-25 09:37 - 2016-01-31 19:42 - 03320832 _____ (Microsoft Corporation) C:\WINDOWS\system32\msi.dll
2016-05-25 09:37 - 2016-01-31 19:14 - 03607040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msi.dll
2016-05-25 09:37 - 2015-12-16 19:11 - 01200128 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Globalization.dll
2016-05-25 09:37 - 2015-12-16 18:51 - 00868864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Globalization.dll
2016-05-25 09:15 - 2016-05-25 09:15 - 03651136 _____ C:\Users\Deladoey\Downloads\adwcleaner_5.117.exe
2016-05-25 09:06 - 2013-08-15 08:28 - 00830680 _____ (Realtek ) C:\WINDOWS\system32\Drivers\Rt630x64.sys
2016-05-25 09:06 - 2013-08-15 08:28 - 00074456 _____ (Realtek Semiconductor Corporation) C:\WINDOWS\system32\RtNicProp64.dll
2016-05-24 22:10 - 2016-05-24 22:10 - 00000836 _____ C:\Users\Public\Desktop\CCleaner.lnk
2016-05-16 17:33 - 2016-05-25 09:08 - 00000358 _____ C:\WINDOWS\Tasks\HPCeeScheduleForDeladoey.job
2016-05-16 17:33 - 2016-05-24 21:27 - 00003178 _____ C:\WINDOWS\System32\Tasks\HPCeeScheduleForDeladoey
2016-05-11 14:07 - 2016-04-06 23:13 - 00561960 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2016-05-11 14:07 - 2016-04-06 23:13 - 00137976 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncrypt.dll
2016-05-11 14:07 - 2016-04-06 20:20 - 00201728 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb20.sys
2016-05-11 14:07 - 2016-04-06 20:19 - 00401920 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb.sys
2016-05-11 14:07 - 2016-04-06 20:19 - 00284672 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb10.sys
2016-05-11 14:07 - 2016-04-06 19:49 - 00120384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ncrypt.dll
2016-05-11 14:07 - 2016-04-06 19:40 - 00445440 _____ (Microsoft Corporation) C:\WINDOWS\system32\certcli.dll
2016-05-11 14:07 - 2016-04-06 18:57 - 01441792 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2016-05-11 14:07 - 2016-04-06 18:52 - 00432128 _____ (Microsoft Corporation) C:\WINDOWS\system32\schannel.dll
2016-05-11 14:07 - 2016-04-06 18:20 - 00324096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\certcli.dll
2016-05-11 14:07 - 2016-04-06 17:48 - 00357888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\schannel.dll
2016-05-11 14:06 - 2016-04-22 22:54 - 25816576 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2016-05-11 14:06 - 2016-04-22 22:15 - 00571904 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2016-05-11 14:06 - 2016-04-22 22:14 - 02893312 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2016-05-11 14:06 - 2016-04-22 22:08 - 06052864 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2016-05-11 14:06 - 2016-04-22 22:06 - 20349952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2016-05-11 14:06 - 2016-04-22 22:00 - 00817664 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2016-05-11 14:06 - 2016-04-22 21:35 - 00497152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2016-05-11 14:06 - 2016-04-22 21:29 - 02285568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2016-05-11 14:06 - 2016-04-22 21:24 - 01032704 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcomm.dll
2016-05-11 14:06 - 2016-04-22 21:23 - 00663552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2016-05-11 14:06 - 2016-04-22 21:19 - 15414784 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2016-05-11 14:06 - 2016-04-22 21:17 - 00262144 _____ (Microsoft Corporation) C:\WINDOWS\system32\webcheck.dll
2016-05-11 14:06 - 2016-04-22 21:14 - 00806400 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2016-05-11 14:06 - 2016-04-22 21:14 - 00725504 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2016-05-11 14:06 - 2016-04-22 21:14 - 00379392 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2016-05-11 14:06 - 2016-04-22 21:12 - 02131968 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2016-05-11 14:06 - 2016-04-22 20:58 - 04611072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2016-05-11 14:06 - 2016-04-22 20:58 - 00880128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcomm.dll
2016-05-11 14:06 - 2016-04-22 20:54 - 13811200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2016-05-11 14:06 - 2016-04-22 20:53 - 00230400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webcheck.dll
2016-05-11 14:06 - 2016-04-22 20:52 - 02596864 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2016-05-11 14:06 - 2016-04-22 20:52 - 00693248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2016-05-11 14:06 - 2016-04-22 20:52 - 00330752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll
2016-05-11 14:06 - 2016-04-22 20:51 - 02056192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2016-05-11 14:06 - 2016-04-22 20:40 - 01547264 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2016-05-11 14:06 - 2016-04-22 20:29 - 00800768 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2016-05-11 14:06 - 2016-04-22 20:27 - 02121216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2016-05-11 14:06 - 2016-04-22 20:24 - 01311744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2016-05-11 14:06 - 2016-04-22 20:23 - 00710144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2016-05-11 14:05 - 2016-03-31 08:50 - 01307328 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpcrt4.dll
2016-05-11 14:05 - 2016-03-31 05:40 - 00747520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rpcrt4.dll
2016-05-11 14:04 - 2016-04-10 09:48 - 00738096 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d10level9.dll
2016-05-11 14:04 - 2016-04-10 09:48 - 00613624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d10level9.dll
2016-05-11 14:04 - 2016-04-10 06:21 - 01763376 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowsCodecs.dll
2016-05-11 14:04 - 2016-04-10 06:21 - 01489088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WindowsCodecs.dll
2016-05-11 14:04 - 2016-04-10 06:14 - 01380600 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32.dll
2016-05-11 14:04 - 2016-04-10 00:07 - 01097728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32.dll
2016-05-11 14:04 - 2016-04-09 23:58 - 00534016 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.dll
2016-05-11 14:04 - 2016-04-09 23:50 - 00375296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.dll
2016-05-11 14:04 - 2016-03-16 03:58 - 00442712 _____ (Microsoft Corporation) C:\WINDOWS\system32\msv1_0.dll
2016-05-11 14:04 - 2016-03-16 03:58 - 00332632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msv1_0.dll
2016-05-11 14:04 - 2016-03-14 18:50 - 00316760 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\volsnap.sys
2016-05-11 14:04 - 2016-03-10 19:03 - 00030208 _____ (Microsoft Corporation) C:\WINDOWS\system32\dsparse.dll
2016-05-11 14:04 - 2016-03-10 18:52 - 00186880 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpapisrv.dll
2016-05-11 14:04 - 2016-03-10 18:48 - 00024064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dsparse.dll
2016-05-11 14:04 - 2016-03-05 19:44 - 00148480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shacct.dll
2016-05-11 14:04 - 2016-03-05 19:04 - 00192512 _____ (Microsoft Corporation) C:\WINDOWS\system32\shacct.dll
2016-05-11 14:04 - 2016-02-27 20:28 - 00131584 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpudd.dll
2016-05-11 14:04 - 2016-02-27 19:57 - 03273728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdpcore.dll
2016-05-11 14:04 - 2016-02-27 19:19 - 03820544 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcore.dll
2016-05-11 14:04 - 2016-02-27 18:32 - 03547648 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcorets.dll
2016-05-11 14:03 - 2016-04-11 08:21 - 00074584 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\volmgr.sys
2016-05-11 14:03 - 2016-04-10 07:37 - 01549144 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2016-05-11 14:03 - 2016-04-10 01:29 - 04169216 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2016-05-11 14:03 - 2016-03-12 02:49 - 02466136 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2016-05-11 14:03 - 2016-03-12 02:47 - 00160160 _____ (Microsoft Corporation) C:\WINDOWS\system32\IPHLPAPI.DLL
2016-05-11 14:03 - 2016-03-12 02:47 - 00121912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\IPHLPAPI.DLL
2016-05-11 14:03 - 2016-03-10 18:55 - 00510976 _____ (Microsoft Corporation) C:\WINDOWS\system32\webio.dll
2016-05-11 14:03 - 2016-03-10 18:42 - 00413696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webio.dll
2016-05-03 17:43 - 2016-05-03 17:43 - 04135562 _____ C:\Users\Deladoey\Documents\aliments-magiques-santeplusmagazine.pdf

==================== Un mois - Modifiés - fichiers et dossiers ========

(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)

2016-05-26 12:52 - 2013-11-15 17:31 - 00000000 __RDO C:\Users\Deladoey\SkyDrive
2016-05-26 12:52 - 2013-11-15 16:38 - 00000000 ____D C:\ProgramData\NVIDIA
2016-05-26 12:52 - 2013-08-22 16:45 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2016-05-26 12:52 - 2012-11-18 18:27 - 00001086 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2016-05-26 12:51 - 2014-03-24 17:28 - 00000000 ____D C:\Users\Deladoey\AppData\Roaming\ClassicShell
2016-05-26 12:51 - 2013-08-22 15:25 - 00524288 ___SH C:\WINDOWS\system32\config\BBI
2016-05-26 10:39 - 2013-01-11 11:54 - 00003940 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{F7F5A970-CF2C-4201-BE06-85D2D6E395FC}
2016-05-26 04:39 - 2012-07-26 09:59 - 00000000 ____D C:\WINDOWS\CbsTemp
2016-05-25 17:13 - 2013-08-22 15:36 - 00000000 ____D C:\WINDOWS\Inf
2016-05-25 13:26 - 2013-08-22 16:44 - 00423176 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2016-05-25 10:45 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\rescache
2016-05-25 10:04 - 2013-08-22 17:36 - 00000000 ___RD C:\WINDOWS\ToastData
2016-05-25 09:27 - 2012-11-18 14:56 - 00003600 _____ C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-1337973074-3388338273-3994013190-1001
2016-05-25 09:16 - 2014-09-18 16:09 - 00000000 ____D C:\AdwCleaner
2016-05-25 09:06 - 2012-09-30 13:53 - 00000000 ____D C:\Program Files (x86)\Realtek
2016-05-25 09:04 - 2013-09-30 06:16 - 02025010 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2016-05-25 09:04 - 2013-09-30 05:56 - 00884978 _____ C:\WINDOWS\system32\perfh00C.dat
2016-05-25 09:04 - 2013-09-30 05:56 - 00191704 _____ C:\WINDOWS\system32\perfc00C.dat
2016-05-25 09:04 - 2012-08-02 05:15 - 00000000 ____D C:\SWSETUP
2016-05-24 22:13 - 2015-11-23 14:45 - 00000000 ____D C:\Users\Deladoey\Downloads\CCleaner - 23.11.15
2016-05-24 22:13 - 2012-11-18 19:44 - 00000000 ____D C:\Users\Deladoey\Tracing
2016-05-24 22:10 - 2015-11-23 14:39 - 00002792 _____ C:\WINDOWS\System32\Tasks\CCleanerSkipUAC
2016-05-24 21:26 - 2012-12-10 18:07 - 00000000 _____ C:\WINDOWS\system32\HP_ActiveX_Patch_NOT_DETECTED.txt
2016-05-24 21:20 - 2015-02-20 18:31 - 00192216 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2016-05-24 21:20 - 2015-02-20 18:31 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2016-05-24 21:20 - 2015-02-20 18:30 - 00000000 ____D C:\Program Files (x86)\Malwarebytes Anti-Malware
2016-05-23 13:31 - 2012-11-18 20:21 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\IncrediMail
2016-05-21 15:51 - 2015-12-26 15:37 - 00002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2016-05-18 11:03 - 2013-11-15 16:43 - 00000000 ____D C:\Users\Deladoey
2016-05-13 11:57 - 2012-11-18 18:28 - 00002215 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-05-13 11:56 - 2014-12-11 14:10 - 00000000 ____D C:\WINDOWS\system32\appraiser
2016-05-11 22:08 - 2014-05-15 17:45 - 00829944 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2016-05-11 22:08 - 2014-05-15 17:45 - 00176632 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2016-05-11 20:17 - 2013-09-30 06:00 - 00000000 ____D C:\Program Files\Windows Journal
2016-05-11 14:34 - 2013-08-14 13:02 - 00000000 ____D C:\WINDOWS\system32\MRT
2016-05-11 14:28 - 2012-12-12 19:00 - 139319312 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2016-05-11 14:04 - 2012-11-18 18:27 - 00004062 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2016-05-11 14:04 - 2012-11-18 18:27 - 00003826 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
2016-05-11 14:04 - 2012-11-18 18:27 - 00001090 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2016-05-11 14:02 - 2016-04-13 11:53 - 01737088 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2016-05-11 14:02 - 2016-04-13 11:53 - 01663184 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2016-05-11 14:02 - 2016-04-13 11:53 - 01523208 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2016-05-11 14:02 - 2016-04-13 11:53 - 01501488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
2016-05-11 14:02 - 2016-04-13 11:53 - 01490120 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2016-05-11 14:02 - 2016-04-13 11:53 - 01358952 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2016-05-11 14:02 - 2016-04-13 11:53 - 00246784 _____ (Microsoft Corporation) C:\WINDOWS\system32\microsoft-windows-system-events.dll
2016-05-11 14:01 - 2014-12-24 12:42 - 00003886 _____ C:\WINDOWS\System32\Tasks\Adobe Acrobat Update Task
2016-05-09 15:40 - 2016-04-08 16:11 - 00000000 ____D C:\Users\Deladoey\AppData\Local\F-Secure
2016-05-09 15:32 - 2016-04-08 15:40 - 00000000 ____D C:\ProgramData\F-Secure
2016-05-09 14:28 - 2015-04-04 10:44 - 00000000 ___SD C:\WINDOWS\SysWOW64\GWX
2016-05-09 14:28 - 2015-04-04 10:44 - 00000000 ___SD C:\WINDOWS\system32\GWX
2016-05-08 11:19 - 2013-08-22 17:36 - 00000000 ___HD C:\Program Files\WindowsApps
2016-05-08 11:19 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\AppReadiness

==================== Fichiers à la racine de certains dossiers =======

2013-01-07 11:29 - 2014-08-17 18:55 - 0003584 _____ () C:\Users\Deladoey\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2012-11-21 10:47 - 2012-11-21 10:47 - 0000057 _____ () C:\ProgramData\Ament.ini
2012-11-18 14:49 - 2012-11-18 14:49 - 0000141 _____ () C:\ProgramData\Microsoft.SqlServer.Compact.351.64.bc

Certains fichiers dans TEMP:
====================
C:\Users\Deladoey\AppData\Local\Temp\libeay32.dll
C:\Users\Deladoey\AppData\Local\Temp\msvcr120.dll
C:\Users\Deladoey\AppData\Local\Temp\sqlite3.dll


==================== Bamital & volsnap =================

(Il n'y a pas de correction automatique pour les fichiers qui ne satisfont pas à la vérification.)

C:\WINDOWS\system32\winlogon.exe => Le fichier est signé numériquement
C:\WINDOWS\system32\wininit.exe => Le fichier est signé numériquement
C:\WINDOWS\explorer.exe => Le fichier est signé numériquement
C:\WINDOWS\SysWOW64\explorer.exe => Le fichier est signé numériquement
C:\WINDOWS\system32\svchost.exe => Le fichier est signé numériquement
C:\WINDOWS\SysWOW64\svchost.exe => Le fichier est signé numériquement
C:\WINDOWS\system32\services.exe => Le fichier est signé numériquement
C:\WINDOWS\system32\User32.dll => Le fichier est signé numériquement
C:\WINDOWS\SysWOW64\User32.dll => Le fichier est signé numériquement
C:\WINDOWS\system32\userinit.exe => Le fichier est signé numériquement
C:\WINDOWS\SysWOW64\userinit.exe => Le fichier est signé numériquement
C:\WINDOWS\system32\rpcss.dll => Le fichier est signé numériquement
C:\WINDOWS\system32\dnsapi.dll => Le fichier est signé numériquement
C:\WINDOWS\SysWOW64\dnsapi.dll => Le fichier est signé numériquement
C:\WINDOWS\system32\Drivers\volsnap.sys => Le fichier est signé numériquement


LastRegBack: 2016-05-26 04:07

==================== Fin de FRST.txt ============================

Publicité


Signaler le contenu de ce document

Publicité