cjoint

Publicité


Publicité

Format du document : text/plain

Prévisualisation

Résultats d'analyse de Farbar Recovery Scan Tool (FRST) (x64) Version:16-06-2016 01
Exécuté par stefjanet (administrateur) sur GRIBOUILLE1 (17-06-2016 12:42:36)
Exécuté depuis C:\Users\stefjanet\Downloads
Profils chargés: stefjanet (Profils disponibles: stefjanet & Administrateur)
Platform: Windows 8.1 (Update) (X64) Langue: Français (France)
Internet Explorer Version 11 (Navigateur par défaut: Chrome)
Mode d'amorçage: Normal
Tutoriel pour Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processus (Avec liste blanche) =================

(Si un élément est inclus dans le fichier fixlist.txt, le processus sera arrêté. Le fichier ne sera pas déplacé.)

(Bitdefender) C:\Program Files\Bitdefender\Bitdefender 2015\vsserv.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(ArcSoft Inc.) C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
(Acer Incorporated) C:\Program Files (x86)\Acer\Acer Cloud\CCDMonitorService.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Windows\System32\IPROSetMonitor.exe
(Bitdefender) C:\Program Files\Bitdefender\Bitdefender 2015\updatesrv.exe
(Bitdefender) C:\Program Files\Bitdefender\Bitdefender Safebox\safeboxservice.exe
(Seiko Epson Corporation) C:\Windows\System32\escsvc64.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(WildTangent) C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(Nero AG) C:\Program Files (x86)\Nero\Update\NASvc.exe
(Acer Incorporated) C:\Program Files (x86)\Acer\Hotkey Utility\HotkeyUtility.exe
(Microsoft Corporation) C:\Windows\System32\SkyDrive.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(NewSoft Technology Corporation) C:\Windows\System32\spool\drivers\x64\3\WrtMon.exe
(NewSoft Technology Corporation) C:\Windows\System32\spool\drivers\x64\3\WrtProc.exe
(Bitdefender) C:\Program Files\Bitdefender\Bitdefender 2015\bdagent.exe
(NewSoft Technology Corporation) C:\Program Files (x86)\NewSoft\Presto! PageManager 9.03\Pmsb.exe
(Bitdefender) C:\Program Files\Bitdefender\Bitdefender 2015\bdwtxag.exe
(Bitdefender) C:\Program Files\Bitdefender\Bitdefender 2015\antispam32\bdwtxapps.exe
(Sony) C:\Program Files (x86)\Sony\Xperia Companion\XperiaCompanionAgent.exe
(Sony Corporation) C:\Program Files (x86)\Sony\Sony Picture Utility\VolumeWatcher\SPUVolumeWatcher.exe
(ArcSoft Inc.) C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe
(ArcSoft Inc.) C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ArcCon.ac
(NewSoft Technology Corporation) C:\Program Files (x86)\NewSoft\Presto! PageManager 9.03\PMSpeed.exe
(SEIKO EPSON CORPORATION) C:\Program Files (x86)\Epson Software\FAX Utility\FUFAXSTM.exe
(SEIKO EPSON CORPORATION) C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerTray.exe
(Microsoft Corporation) C:\Windows\splwow64.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe
(CyberLink) C:\Program Files (x86)\CyberLink\MediaEspresso\DeviceDetector\DeviceDetector.exe
(Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Thunderbird\thunderbird.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Malwarebytes) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(SEIKO EPSON CORPORATION) C:\Program Files (x86)\Epson Software\FAX Utility\FUFAXRCV.exe
(Matsushita Electric Industrial Co., Ltd.) C:\Program Files (x86)\Panasonic\PHOTOfunSTUDIO -viewer-\PhAutoRun.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe


==================== Registre (Avec liste blanche) ===========================

(Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé. Le fichier ne sera pas déplacé.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13191312 2012-08-15] (Realtek Semiconductor)
HKLM\...\Run: [WrtMon.exe] => C:\WINDOWS\system32\spool\drivers\x64\3\WrtMon.exe [26448 2008-05-24] (NewSoft Technology Corporation)
HKLM\...\Run: [Bdagent] => C:\Program Files\Bitdefender\Bitdefender 2015\bdagent.exe [1691112 2015-03-12] (Bitdefender)
HKLM-x32\...\Run: [ArcSoft Connection Service] => C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe [207424 2010-10-27] (ArcSoft Inc.)
HKLM-x32\...\Run: [PMSpeed] => C:\Program Files (x86)\NewSoft\Presto! PageManager 9.03\PMSpeed.EXE [116632 2010-07-29] (NewSoft Technology Corporation)
HKLM-x32\...\Run: [FUFAXRCV] => C:\Program Files (x86)\Epson Software\FAX Utility\FUFAXRCV.exe [502952 2012-07-09] (SEIKO EPSON CORPORATION)
HKLM-x32\...\Run: [FUFAXSTM] => C:\Program Files (x86)\Epson Software\FAX Utility\FUFAXSTM.exe [863400 2012-07-09] (SEIKO EPSON CORPORATION)
HKLM-x32\...\Run: [EEventManager] => C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe [1058912 2012-04-02] (SEIKO EPSON CORPORATION)
HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2010-11-29] (Apple Inc.)
HKLM-x32\...\Run: [Nikon Message Center 2] => C:\Program Files (x86)\Nikon\Nikon Message Center 2\NkMC2.exe [588288 2016-01-08] (Nikon Corporation)
HKU\S-1-5-21-78639816-319229528-1684083156-1001\...\Run: [GoogleChromeAutoLaunch_7B8E3110111E36905B9753C4104D1E46] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [941720 2016-06-04] (Google Inc.)
HKU\S-1-5-21-78639816-319229528-1684083156-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [8686296 2016-03-11] (Piriform Ltd)
HKU\S-1-5-21-78639816-319229528-1684083156-1001\...\Run: [Scan Buttons] => C:\Program Files (x86)\NewSoft\Presto! PageManager 9.03\PMSB.EXE [214360 2011-01-21] (NewSoft Technology Corporation)
HKU\S-1-5-21-78639816-319229528-1684083156-1001\...\Run: [Bitdefender Wallet Agent] => C:\Program Files\Bitdefender\Bitdefender 2015\bdwtxag.exe [790880 2015-01-15] (Bitdefender)
HKU\S-1-5-21-78639816-319229528-1684083156-1001\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [53123712 2016-05-17] (Skype Technologies S.A.)
HKU\S-1-5-21-78639816-319229528-1684083156-1001\...\Run: [XperiaCompanionAgent] => C:\Program Files (x86)\Sony\Xperia Companion\XperiaCompanionAgent.exe [2062208 2016-05-26] (Sony)
HKU\S-1-5-21-78639816-319229528-1684083156-1001\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\WINDOWS\system32\PhotoScreensaver.scr [589312 2014-10-29] (Microsoft Corporation)
HKU\S-1-5-18\...\Run: [SpybotPostWindows10UpgradeReInstall] => C:\Program Files\Common Files\AV\Spybot - Search and Destroy\Test.exe [1011200 2015-07-28] (Safer-Networking Ltd.)
ShellIconOverlayIdentifiers: [__SafeBox1] -> {152C96EB-288E-4EDC-B7C6-D21F8250ADF3} => C:\Program Files\Bitdefender\Bitdefender SafeBox\SafeBoxShell.dll [2014-07-04] (Bitdefender)
ShellIconOverlayIdentifiers: [__SafeBox2] -> {342DAA0B-D796-460D-8566-901E08A1CCAD} => C:\Program Files\Bitdefender\Bitdefender SafeBox\SafeBoxShell.dll [2014-07-04] (Bitdefender)
ShellIconOverlayIdentifiers: [__SafeBox3] -> {57595DAE-1AE1-4D97-A49E-67CBB53B52DF} => C:\Program Files\Bitdefender\Bitdefender SafeBox\SafeBoxShell.dll [2014-07-04] (Bitdefender)
ShellIconOverlayIdentifiers: [__SafeBox4] -> {33816773-98AE-4723-ADE0-EBE54C8B5A67} => C:\Program Files\Bitdefender\Bitdefender SafeBox\SafeBoxShell.dll [2014-07-04] (Bitdefender)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Acer Remote.lnk [2014-02-24]
ShortcutTarget: Acer Remote.lnk -> C:\Program Files (x86)\Acer Remote\ArcServer.exe (Acer)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\PHOTOfunSTUDIO -viewer-.lnk [2015-04-19]
ShortcutTarget: PHOTOfunSTUDIO -viewer-.lnk -> C:\Program Files (x86)\Panasonic\PHOTOfunSTUDIO -viewer-\PhAutoRun.exe (Matsushita Electric Industrial Co., Ltd.)
Startup: C:\Users\stefjanet\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Outil de détection de support de Cyber-shot Viewer.lnk [2014-09-26]
ShortcutTarget: Outil de détection de support de Cyber-shot Viewer.lnk -> C:\Program Files (x86)\Sony\Sony Picture Utility\VolumeWatcher\SPUVolumeWatcher.exe (Sony Corporation)
BootExecute: autocheck autochk * sdnclean64.exe

==================== Internet (Avec liste blanche) ====================

(Si un élément est inclus dans le fichier fixlist.txt, s'il s'agit d'un élément du Registre, il sera supprimé ou restauré à la valeur par défaut.)

Hosts: Il y a plus d'un élément dans hosts. Voir la section Hosts de Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.1.254
Tcpip\..\Interfaces\{B79753BF-FAC1-4A92-9D23-C3B5EFA94EC2}: [DhcpNameServer] 192.168.1.254

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKU\S-1-5-21-78639816-319229528-1684083156-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://www.facebook.com/Is-Cool-Fanpage-Officielle-149567861846/?fref=ts
HKU\S-1-5-21-78639816-319229528-1684083156-1001\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxps://www.facebook.com/?ref=tn_tnmn
hxxps://www.facebook.com/?ref=tn_tnmn
SearchScopes: HKU\S-1-5-21-78639816-319229528-1684083156-1001 -> DefaultScope {0BAF7E07-E5C0-4EDF-ABCC-714C63C92C9F} URL = hxxps://fr.search.yahoo.com/search?fr=mcafee&type=B010FR662D20140925&p={SearchTerms}
SearchScopes: HKU\S-1-5-21-78639816-319229528-1684083156-1001 -> {0BAF7E07-E5C0-4EDF-ABCC-714C63C92C9F} URL = hxxps://fr.search.yahoo.com/search?fr=mcafee&type=B010FR662D20140925&p={SearchTerms}
BHO: Bitdefender Wallet -> {1DAC0C53-7D23-4AB3-856A-B04D98CD982A} -> C:\Program Files\Bitdefender\Bitdefender 2015\pmbxie.dll [2015-01-28] (Bitdefender)
BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2016-05-25] (Microsoft Corporation)
BHO-x32: Bitdefender Wallet -> {1DAC0C53-7D23-4AB3-856A-B04D98CD982A} -> C:\Program Files\Bitdefender\Bitdefender 2015\Antispam32\pmbxie.dll [2015-01-28] (Bitdefender)
BHO-x32: E-Web Print -> {201CF130-E29C-4E5C-A73F-CD197DEFA6AE} -> C:\Program Files (x86)\Epson Software\E-Web Print\ewps_tb.dll [2013-02-28] (SEIKO EPSON CORPORATION)
BHO-x32: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2016-05-25] (Microsoft Corporation)
Toolbar: HKLM - Bitdefender Wallet - {1DAC0C53-7D23-4AB3-856A-B04D98CD982A} - C:\Program Files\Bitdefender\Bitdefender 2015\pmbxie.dll [2015-01-28] (Bitdefender)
Toolbar: HKLM-x32 - E-Web Print - {201CF130-E29C-4E5C-A73F-CD197DEFA6AE} - C:\Program Files (x86)\Epson Software\E-Web Print\ewps_tb.dll [2013-02-28] (SEIKO EPSON CORPORATION)
Toolbar: HKLM-x32 - Bitdefender Wallet - {1DAC0C53-7D23-4AB3-856A-B04D98CD982A} - C:\Program Files\Bitdefender\Bitdefender 2015\Antispam32\pmbxie.dll [2015-01-28] (Bitdefender)
Toolbar: HKU\S-1-5-21-78639816-319229528-1684083156-1001 -> Bitdefender Wallet - {1DAC0C53-7D23-4AB3-856A-B04D98CD982A} - C:\Program Files\Bitdefender\Bitdefender 2015\pmbxie.dll [2015-01-28] (Bitdefender)
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2016-05-25] (Microsoft Corporation)
Handler-x32: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2016-05-25] (Microsoft Corporation)

FireFox:
========
FF ProfilePath: C:\Users\stefjanet\AppData\Roaming\Mozilla\Firefox\Profiles\ue4pvxku.default
FF DefaultSearchEngine: DuckDuckGo
FF SearchEngineOrder.1: Recherche sécurisée
FF SelectedSearchEngine: DuckDuckGo
FF Homepage: hxxp://www.modesettravaux.fr/bijoux-en-paracorde/
hxxps://www.facebook.com/
hxxps://www.facebook.com/pages/Is-Cool-Fanpage-Officielle/149567861846?ref=ts&fref=ts
hxxps://www.facebook.com/
hxxps://www.youtube.com/watch?v=KGWvA9X623E
FF Session Restore: -> est activé.
FF Keyword.URL: hxxps://fr.search.yahoo.com/search?fr=mcafee&type=B110FR662D20140925&p=
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_21_0_0_242.dll [2016-05-13] ()
FF Plugin: @videolan.org/vlc,version=2.1.5 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2014-09-23] (VideoLAN)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_21_0_0_242.dll [2016-05-13] ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=3.0.72 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-03-12] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-03-12] (Intel Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2013-08-29] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2013-08-29] (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.30.3\npGoogleUpdate3.dll [2016-05-11] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.30.3\npGoogleUpdate3.dll [2016-05-11] (Google Inc.)
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll [2014-11-15] ()
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2016-05-27] (Adobe Systems Inc.)
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\McSiteAdvisor.xml [2014-11-04]
FF HKLM\...\Thunderbird\Extensions: [bdThunderbird@bitdefender.com] - C:\Program Files\Bitdefender\Bitdefender 2015\bdtbext
FF Extension: Bitdefender Antispam Toolbar - C:\Program Files\Bitdefender\Bitdefender 2015\bdtbext [2015-03-27] [non signé]
FF HKLM-x32\...\Firefox\Extensions: [e-webprint@epson.com] - C:\Program Files (x86)\Epson Software\E-Web Print\Firefox Add-on
FF Extension: E-Web Print - C:\Program Files (x86)\Epson Software\E-Web Print\Firefox Add-on [2014-09-30] [non signé]
FF HKLM-x32\...\Firefox\Extensions: [bdwteff@bitdefender.com] - C:\Program Files\Bitdefender\Bitdefender 2015\antispam32\bdwteff
FF Extension: Bitdefender Wallet - C:\Program Files\Bitdefender\Bitdefender 2015\antispam32\bdwteff [2015-03-27] [non signé]
FF HKLM-x32\...\Thunderbird\Extensions: [msktbird@mcafee.com] - C:\Program Files\McAfee\MSK => non trouvé(e)
FF HKLM-x32\...\Thunderbird\Extensions: [bdThunderbird@bitdefender.com] - C:\Program Files\Bitdefender\Bitdefender 2015\bdtbext

Chrome:
=======
CHR HomePage: Default -> hxxp://www.trovi.com/?gd=&ctid=CT3325111&octid=EB_ORIGINAL_CTID&ISID=13DB7BC1-4F73-4A80-9CAE-29BB2C898DE4&SearchSource=55&CUI=&UM=6&UP=SPA06816C2-44ED-4EBA-926E-0A395E507C33&SSPV=
CHR StartupUrls: Default -> "hxxps://www.facebook.com/?ref=tn_tnmn","hxxps://www.facebook.com/?ref=tn_tnmn","hxxp://www.rtl.fr/direct","hxxps://www.mon-compte.bouyguestelecom.fr/cas/login?service=https%3A%2F%2Fwww.bouyguestelecom.fr%2Fmon-compte%2F","hxxps://adsl.free.fr/home.pl?id=15871149&idt=f953f1b85a258259","hxxps://lire.amazon.fr/?asin=B00KUXECS8","hxxp://www.maritima.info/depeches/social/martigues/32104/rn-568-des-tonnes-de-patates-sur-la-chaussee.html","hxxp://www.ecouter-en-direct.com/rtl/"
CHR Profile: C:\Users\stefjanet\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Tv-replay) - C:\Users\stefjanet\AppData\Local\Google\Chrome\User Data\Default\Extensions\apfgogkjjjedakfeibebkfmlbmagifci [2015-05-21]
CHR Extension: (Bitdefender Wallet) - C:\Users\stefjanet\AppData\Local\Google\Chrome\User Data\Default\Extensions\fabcmochhfpldjekobfaaggijgohadih [2015-11-05]
CHR Extension: (Barre d'Outils eBuyClub) - C:\Users\stefjanet\AppData\Local\Google\Chrome\User Data\Default\Extensions\fjjddemkcndmbbeeibicagaobbijjgmm [2016-06-17]
CHR Extension: (Itineraire.info - Sur la route des bons plans) - C:\Users\stefjanet\AppData\Local\Google\Chrome\User Data\Default\Extensions\jlincbpgbkpbjepghokdnhnnpphmegig [2016-03-23]
CHR Extension: (Skype) - C:\Users\stefjanet\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2016-05-24]
CHR Extension: (Paiements via le Chrome Web Store) - C:\Users\stefjanet\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-04-02]
CHR HKLM-x32\...\Chrome\Extension: [fabcmochhfpldjekobfaaggijgohadih] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx [2016-05-25]

==================== Services (Avec liste blanche) ========================

(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)

R2 ACDaemon; C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe [113152 2010-03-18] (ArcSoft Inc.)
S3 BdDesktopParental; C:\Program Files\Bitdefender\Bitdefender 2015\bdparentalservice.exe [78144 2014-12-09] (Bitdefender)
R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1364096 2016-05-25] (Microsoft Corporation)
R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1687680 2016-05-25] (Microsoft Corporation)
R2 CCDMonitorService; C:\Program Files (x86)\Acer\Acer Cloud\CCDMonitorService.exe [2615368 2013-02-19] (Acer Incorporated)
R3 ePowerSvc; C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe [660040 2013-01-18] (Acer Incorporated)
R2 EpsonScanSvc; C:\WINDOWS\system32\EscSvc64.exe [135824 2011-12-12] (Seiko Epson Corporation)
R2 GamesAppIntegrationService; C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe [373824 2015-05-12] (WildTangent)
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [731648 2013-02-13] (Intel(R) Corporation) [Fichier non signé]
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [820184 2013-02-13] (Intel(R) Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-03-12] (Intel Corporation)
R2 SafeBox; C:\Program Files\Bitdefender\Bitdefender SafeBox\safeboxservice.exe [94624 2013-07-08] (Bitdefender)
R2 UPDATESRV; C:\Program Files\Bitdefender\Bitdefender 2015\updatesrv.exe [67320 2014-10-27] (Bitdefender)
R2 VSSERV; C:\Program Files\Bitdefender\Bitdefender 2015\vsserv.exe [1547936 2015-03-16] (Bitdefender)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [366552 2015-07-07] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2015-07-07] (Microsoft Corporation)

===================== Pilotes (Avec liste blanche) ==========================

(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)

R0 avc3; C:\Windows\System32\DRIVERS\avc3.sys [1306464 2015-01-14] (BitDefender)
R3 avchv; C:\Windows\system32\DRIVERS\avchv.sys [262544 2015-01-23] (BitDefender)
R3 avckf; C:\Windows\System32\DRIVERS\avckf.sys [677104 2015-01-14] (BitDefender)
S0 bdelam; C:\Windows\System32\drivers\bdelam.sys [23568 2013-09-08] (Bitdefender)
R1 BdfNdisf; C:\Program Files\Common Files\Bitdefender\Bitdefender Firewall\bdfndisf6.sys [98768 2014-12-15] (BitDefender LLC)
R1 bdfwfpf; C:\Program Files\Common Files\Bitdefender\Bitdefender Firewall\bdfwfpf.sys [107008 2013-07-29] (BitDefender LLC)
S3 bdfwfpf_pc; C:\Program Files\Common Files\Bitdefender\Bitdefender Firewall\bdfwfpf_pc.sys [121928 2013-07-02] (Bitdefender SRL)
S3 BDSandBox; C:\WINDOWS\system32\drivers\bdsandbox.sys [82824 2015-01-09] (BitDefender SRL)
R1 BDVEDISK; C:\Windows\system32\DRIVERS\bdvedisk.sys [79192 2013-07-30] (BitDefender)
R3 e1dexpress; C:\Windows\system32\DRIVERS\e1d63x64.sys [468240 2013-04-23] (Intel Corporation)
S0 ebdrv; C:\Windows\System32\drivers\evbda.sys [3357024 2013-08-22] (Broadcom Corporation)
R0 gzflt; C:\Windows\System32\DRIVERS\gzflt.sys [160544 2015-02-24] (BitDefender LLC)
R3 MBAMSwissArmy; C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [192216 2016-06-17] (Malwarebytes)
S3 NvnUsbAudio; C:\Windows\system32\DRIVERS\nvnusbaudio.sys [54000 2014-10-17] (Novation DMS Ltd.)
S3 ssudserd; C:\Windows\system32\DRIVERS\ssudserd.sys [206080 2014-01-22] (DEVGURU Co., LTD.(www.devguru.co.kr))
R0 trufos; C:\Windows\System32\DRIVERS\trufos.sys [452040 2014-10-15] (BitDefender S.R.L.)
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44560 2015-07-07] (Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [270168 2015-07-07] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114520 2015-07-07] (Microsoft Corporation)
R3 WUDFWpdComp; C:\Windows\System32\drivers\WUDFRd.sys [226304 2014-10-29] (Microsoft Corporation)

==================== NetSvcs (Avec liste blanche) ===================

(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)


==================== Un mois - Créés - fichiers et dossiers ========

(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)

2016-06-17 12:42 - 2016-06-17 12:43 - 00023698 _____ C:\Users\stefjanet\Downloads\FRST.txt
2016-06-17 12:42 - 2016-06-17 12:42 - 00000000 ____D C:\FRST
2016-06-17 12:41 - 2016-06-17 12:41 - 02386944 _____ (Farbar) C:\Users\stefjanet\Downloads\FRST64.exe
2016-06-17 12:35 - 2016-06-17 12:35 - 00001289 _____ C:\Users\stefjanet\Documents\antimalwares.txt
2016-06-17 11:13 - 2016-06-17 11:13 - 00001289 _____ C:\Users\stefjanet\Documents\malwarebytes.txt
2016-06-17 10:27 - 2016-06-17 10:28 - 22851472 _____ (Malwarebytes ) C:\Users\stefjanet\Downloads\mbam-setup-2.2.1.1043 (1).exe
2016-06-17 09:45 - 2016-06-17 09:45 - 22851472 _____ (Malwarebytes ) C:\Users\stefjanet\Downloads\mbam-setup-2.2.1.1043.exe
2016-06-17 09:24 - 2016-06-17 09:24 - 00000000 ____D C:\KVRT_Data
2016-06-17 09:22 - 2016-06-17 09:22 - 03618856 _____ (Facebook Inc.) C:\Users\stefjanet\Downloads\Kaspersky_T10208515030667354T_.exe
2016-06-16 20:03 - 2016-06-16 20:03 - 00003688 _____ C:\Users\stefjanet\Documents\ZHPFix[R1].txt
2016-06-16 20:02 - 2016-06-16 20:02 - 00003688 _____ C:\Users\stefjanet\Desktop\ZHPFixReport.txt
2016-06-16 10:40 - 2016-06-16 10:40 - 00001861 _____ C:\Users\Public\Desktop\ZHPFix.lnk
2016-06-16 10:40 - 2016-06-16 10:40 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ZHP
2016-06-16 10:40 - 2016-06-16 10:40 - 00000000 ____D C:\Program Files (x86)\ZHPFix
2016-06-16 10:39 - 2016-06-16 10:39 - 03521617 _____ (Nicolas Coolman ) C:\Users\stefjanet\Downloads\ZHPFix.exe
2016-06-16 10:37 - 2016-06-16 10:37 - 00002982 _____ C:\Users\stefjanet\Documents\AdwCleaner[C1]2.txt
2016-06-16 10:28 - 2016-06-16 10:28 - 00003107 _____ C:\Users\stefjanet\Documents\AdwCleaner[S1].txt
2016-06-16 10:12 - 2016-06-16 10:29 - 00000000 ____D C:\AdwCleaner
2016-06-16 10:11 - 2016-06-16 10:11 - 03703360 _____ C:\Users\stefjanet\Downloads\adwcleaner_5.200.exe
2016-06-15 14:15 - 2016-05-18 07:31 - 00372568 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\atmfd.dll
2016-06-15 14:15 - 2016-05-18 07:31 - 00315224 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\atmfd.dll
2016-06-15 14:15 - 2016-05-16 23:13 - 00563016 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2016-06-15 14:15 - 2016-05-16 23:13 - 00397224 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcryptprimitives.dll
2016-06-15 14:15 - 2016-05-16 23:13 - 00340872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcryptprimitives.dll
2016-06-15 14:15 - 2016-05-16 23:13 - 00178008 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecpkg.sys
2016-06-15 14:15 - 2016-05-14 01:09 - 04169216 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2016-06-15 14:15 - 2016-05-14 01:07 - 00675328 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv2.sys
2016-06-15 14:15 - 2016-05-14 01:07 - 00416768 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv.sys
2016-06-15 14:15 - 2016-05-14 01:06 - 00243712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srvnet.sys
2016-06-15 14:15 - 2016-05-14 01:04 - 00044032 _____ (Adobe Systems) C:\WINDOWS\system32\atmlib.dll
2016-06-15 14:15 - 2016-05-14 00:34 - 00445440 _____ (Microsoft Corporation) C:\WINDOWS\system32\certcli.dll
2016-06-15 14:15 - 2016-05-14 00:19 - 00035840 _____ (Adobe Systems) C:\WINDOWS\SysWOW64\atmlib.dll
2016-06-15 14:15 - 2016-05-13 23:58 - 00324096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\certcli.dll
2016-06-15 14:15 - 2016-05-12 20:38 - 00135336 _____ (Microsoft Corporation) C:\WINDOWS\system32\gpapi.dll
2016-06-15 14:15 - 2016-05-12 19:43 - 00115704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gpapi.dll
2016-06-15 14:15 - 2016-05-12 18:17 - 00331776 _____ (Microsoft Corporation) C:\WINDOWS\system32\polstore.dll
2016-06-15 14:15 - 2016-05-12 18:08 - 00092160 _____ (Microsoft Corporation) C:\WINDOWS\system32\FwRemoteSvr.dll
2016-06-15 14:15 - 2016-05-12 18:07 - 01360896 _____ (Microsoft Corporation) C:\WINDOWS\system32\gpsvc.dll
2016-06-15 14:15 - 2016-05-12 17:59 - 00398848 _____ (Microsoft Corporation) C:\WINDOWS\system32\IPSECSVC.DLL
2016-06-15 14:15 - 2016-05-12 17:43 - 00291328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\polstore.dll
2016-06-15 14:15 - 2016-05-12 17:37 - 00050176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\FwRemoteSvr.dll
2016-06-15 14:15 - 2016-05-09 23:35 - 07075328 _____ (Microsoft Corporation) C:\WINDOWS\system32\glcndFilter.dll
2016-06-15 14:15 - 2016-05-09 22:56 - 05270016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\glcndFilter.dll
2016-06-15 14:15 - 2016-05-09 22:45 - 07793152 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll
2016-06-15 14:15 - 2016-05-09 22:23 - 05265920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll
2016-06-15 14:15 - 2016-05-06 17:45 - 00748544 _____ (Microsoft Corporation) C:\WINDOWS\system32\StructuredQuery.dll
2016-06-15 14:15 - 2016-05-06 17:23 - 00503808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\StructuredQuery.dll
2016-06-15 14:14 - 2016-05-21 19:28 - 25802752 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2016-06-15 14:14 - 2016-05-21 18:57 - 20341248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2016-06-15 14:14 - 2016-05-21 00:09 - 00572416 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2016-06-15 14:14 - 2016-05-21 00:08 - 02895360 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2016-06-15 14:14 - 2016-05-21 00:02 - 06051328 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2016-06-15 14:14 - 2016-05-20 23:57 - 00497664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2016-06-15 14:14 - 2016-05-20 23:55 - 00064000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MshtmlDac.dll
2016-06-15 14:14 - 2016-05-20 23:54 - 00817664 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2016-06-15 14:14 - 2016-05-20 23:50 - 02287104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2016-06-15 14:14 - 2016-05-20 23:44 - 00663552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2016-06-15 14:14 - 2016-05-20 23:29 - 13815808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2016-06-15 14:14 - 2016-05-20 23:27 - 00092160 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll
2016-06-15 14:14 - 2016-05-20 23:25 - 00315392 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtrans.dll
2016-06-15 14:14 - 2016-05-20 23:25 - 00145408 _____ (Microsoft Corporation) C:\WINDOWS\system32\iepeers.dll
2016-06-15 14:14 - 2016-05-20 23:21 - 00279040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtrans.dll
2016-06-15 14:14 - 2016-05-20 23:21 - 00128000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iepeers.dll
2016-06-15 14:14 - 2016-05-20 23:19 - 01032704 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcomm.dll
2016-06-15 14:14 - 2016-05-20 23:16 - 00880128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcomm.dll
2016-06-15 14:14 - 2016-05-20 23:14 - 04610048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2016-06-15 14:14 - 2016-05-20 23:12 - 00230400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webcheck.dll
2016-06-15 14:14 - 2016-05-20 23:11 - 15420928 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2016-06-15 14:14 - 2016-05-20 23:11 - 00262144 _____ (Microsoft Corporation) C:\WINDOWS\system32\webcheck.dll
2016-06-15 14:14 - 2016-05-20 23:09 - 00693248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2016-06-15 14:14 - 2016-05-20 23:09 - 00379392 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2016-06-15 14:14 - 2016-05-20 23:08 - 02055680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2016-06-15 14:14 - 2016-05-20 23:08 - 00806400 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2016-06-15 14:14 - 2016-05-20 23:06 - 02131968 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2016-06-15 14:14 - 2016-05-20 22:46 - 02597888 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2016-06-15 14:14 - 2016-05-20 22:42 - 02121216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2016-06-15 14:14 - 2016-05-20 22:38 - 01310208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2016-06-15 14:14 - 2016-05-20 22:38 - 00710144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2016-06-15 14:14 - 2016-05-20 22:34 - 01544192 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2016-06-15 14:14 - 2016-05-20 22:23 - 00800768 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2016-06-15 14:13 - 2016-05-19 01:15 - 01379040 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32.dll
2016-06-15 14:13 - 2016-05-18 22:35 - 01097216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32.dll
2016-06-15 14:13 - 2016-05-14 22:01 - 00363104 _____ (Microsoft Corporation) C:\WINDOWS\system32\ws2_32.dll
2016-06-15 14:13 - 2016-05-14 22:01 - 00320720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ws2_32.dll
2016-06-15 14:13 - 2016-05-14 01:07 - 00281088 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\netbt.sys
2016-06-15 14:13 - 2016-05-13 23:58 - 00339456 _____ (Microsoft Corporation) C:\WINDOWS\system32\mswsock.dll
2016-06-15 14:13 - 2016-05-13 23:45 - 00802816 _____ (Microsoft Corporation) C:\WINDOWS\system32\winhttp.dll
2016-06-15 14:13 - 2016-05-13 23:35 - 00286208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mswsock.dll
2016-06-15 14:13 - 2016-05-13 23:26 - 00631808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winhttp.dll
2016-06-15 13:36 - 2016-06-15 13:36 - 00124154 _____ C:\Users\stefjanet\Documents\ZHPDiag.txt
2016-06-15 13:33 - 2016-06-15 13:33 - 00124151 _____ C:\Users\stefjanet\Desktop\ZHPDiag.txt
2016-06-15 13:26 - 2016-06-16 20:02 - 00000000 ____D C:\Users\stefjanet\AppData\Roaming\ZHP
2016-06-15 13:26 - 2016-06-15 13:26 - 02216960 _____ C:\Users\stefjanet\ZHPDiag3.exe
2016-06-15 13:26 - 2016-06-15 13:26 - 00000877 _____ C:\Users\stefjanet\Desktop\ZHPDiag.lnk
2016-06-15 13:25 - 2016-06-15 13:25 - 02213888 _____ C:\Users\stefjanet\Downloads\ZHPDiag3.exe
2016-06-15 11:48 - 2016-06-15 11:48 - 00001964 _____ C:\Users\stefjanet\Documents\cc_20160615_114824.reg
2016-06-14 14:23 - 2016-06-14 14:32 - 533582008 _____ C:\Users\stefjanet\Downloads\Madame Foresti.mp4
2016-06-14 13:22 - 2016-06-14 13:22 - 00000000 ____D C:\Users\stefjanet\AppData\Roaming\Apple Computer
2016-06-14 13:21 - 2016-06-14 13:21 - 00002685 _____ C:\Users\Public\Desktop\Xperia Companion.lnk
2016-06-14 13:18 - 2016-06-14 13:19 - 45700992 _____ (Sony) C:\Users\stefjanet\Downloads\XperiaCompanion.exe
2016-06-14 11:58 - 2016-06-14 11:58 - 00000082 _____ C:\Users\stefjanet\Documents\cc_20160614_115850.reg
2016-06-12 22:29 - 2016-06-12 22:29 - 01504005 _____ C:\Users\stefjanet\Downloads\Fiche_Technique_DELTIPLAC_Th32-Ultra32_v2014.pdf
2016-06-10 16:37 - 2016-06-09 11:50 - 00452848 ____R C:\WINDOWS\system32\Drivers\etc\hosts.20160610-163703.backup
2016-06-10 08:41 - 2016-06-12 09:14 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2016-06-09 11:50 - 2016-06-06 13:08 - 00452736 ____R C:\WINDOWS\system32\Drivers\etc\hosts.20160609-115048.backup
2016-06-06 20:23 - 2016-06-06 20:23 - 06227391 _____ C:\Users\stefjanet\Documents\brave bête-mon.mp4
2016-06-06 13:08 - 2015-06-02 13:17 - 00450831 ____R C:\WINDOWS\system32\Drivers\etc\hosts.20160606-130814.backup
2016-06-06 13:02 - 2016-06-06 13:02 - 00004234 _____ C:\Users\stefjanet\Documents\cc_20160606_130227.reg
2016-06-06 12:26 - 2016-06-06 12:26 - 01142732 _____ C:\Users\stefjanet\Downloads\Gilet N_658 cat printemps été 2004.pdf
2016-06-02 21:19 - 2016-06-02 21:19 - 00000000 ____D C:\Program Files (x86)\Mozilla Thunderbird
2016-05-29 19:57 - 2016-05-29 19:57 - 00000000 ____D C:\Users\stefjanet\Documents\ProcAlyzer Dumps
2016-05-29 19:51 - 2015-07-28 17:52 - 00821920 _____ (Safer-Networking Ltd. ) C:\Users\Public\Desktop\Post Win10 Spybot-install.exe
2016-05-29 19:44 - 2016-05-29 19:46 - 46525608 _____ (Safer-Networking Ltd. ) C:\Users\stefjanet\Downloads\spybot-2.4 (1).exe
2016-05-27 07:20 - 2016-05-27 07:20 - 00001030 _____ C:\Users\stefjanet\Documents\cc_20160527_072033.reg
2016-05-19 14:55 - 2016-05-19 14:55 - 01067851 _____ C:\Users\stefjanet\Downloads\cat 14 n_ 17 robe pull.pdf
2016-05-18 21:40 - 2016-05-18 21:40 - 00359133 _____ C:\Users\stefjanet\Downloads\FICHE 022.pdf
2016-05-18 21:39 - 2016-05-18 21:39 - 00395077 _____ C:\Users\stefjanet\Downloads\FICHE 038.pdf
2016-05-18 21:38 - 2016-05-18 21:38 - 00368268 _____ C:\Users\stefjanet\Downloads\FICHE 058.pdf
2016-05-18 21:38 - 2016-05-18 21:38 - 00281592 _____ C:\Users\stefjanet\Downloads\FICHE 121.pdf
2016-05-18 21:37 - 2016-05-18 21:37 - 00345564 _____ C:\Users\stefjanet\Downloads\FICHE 129.pdf
2016-05-18 18:36 - 2016-05-18 18:36 - 00004152 _____ C:\Users\stefjanet\Documents\cc_20160518_183640.reg

==================== Un mois - Modifiés - fichiers et dossiers ========

(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)

2016-06-17 12:35 - 2014-09-25 22:52 - 00000000 ____D C:\Users\stefjanet\AppData\Roaming\Skype
2016-06-17 12:34 - 2014-10-16 11:10 - 00192216 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2016-06-17 12:31 - 2014-10-22 19:11 - 00003964 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{B5357E40-706D-4AE3-9631-95B7775C95DA}
2016-06-17 12:29 - 2014-10-07 16:35 - 00000000 ___DO C:\Users\stefjanet\OneDrive
2016-06-17 12:29 - 2014-10-01 18:39 - 00000000 ____D C:\Users\stefjanet\AppData\Roaming\.oit
2016-06-17 12:29 - 2014-09-25 22:36 - 00001096 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2016-06-17 12:25 - 2014-10-07 14:45 - 00000000 ____D C:\ProgramData\NVIDIA
2016-06-17 12:25 - 2013-08-22 16:45 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2016-06-17 12:24 - 2014-09-07 09:42 - 00166841 _____ C:\bdlog.txt
2016-06-17 12:24 - 2013-08-22 15:25 - 00262144 ___SH C:\WINDOWS\system32\config\BBI
2016-06-17 11:52 - 2014-09-26 10:30 - 00001002 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2016-06-17 11:25 - 2014-09-25 22:36 - 00001100 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2016-06-17 11:06 - 2014-12-04 19:40 - 02024448 ___SH C:\Users\stefjanet\Documents\Thumbs.db
2016-06-17 10:32 - 2014-09-25 21:03 - 00003594 _____ C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-78639816-319229528-1684083156-1001
2016-06-17 10:29 - 2014-10-16 11:09 - 00001114 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2016-06-17 10:29 - 2014-10-16 11:09 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2016-06-17 10:29 - 2014-10-16 11:09 - 00000000 ____D C:\Program Files (x86)\Malwarebytes Anti-Malware
2016-06-17 08:17 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\rescache
2016-06-17 06:50 - 2012-07-26 09:59 - 00000000 ____D C:\WINDOWS\CbsTemp
2016-06-16 20:28 - 2014-10-10 12:14 - 00000000 ____D C:\Users\stefjanet\AppData\Local\Deployment
2016-06-16 20:07 - 2013-08-22 15:25 - 00262144 ___SH C:\WINDOWS\system32\config\ELAM
2016-06-16 17:41 - 2015-01-10 23:58 - 01217536 ___SH C:\Users\stefjanet\Downloads\Thumbs.db
2016-06-16 09:53 - 2014-11-04 14:21 - 00000000 ____D C:\Program Files (x86)\Spybot - Search & Destroy 2
2016-06-16 09:53 - 2013-08-22 16:44 - 00481496 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2016-06-16 09:48 - 2014-11-05 11:48 - 00004115 _____ C:\WINDOWS\wininit.ini
2016-06-16 07:18 - 2013-08-22 17:36 - 00000000 ___HD C:\Program Files\WindowsApps
2016-06-16 07:18 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\AppReadiness
2016-06-16 07:15 - 2014-09-26 00:02 - 00000000 ____D C:\WINDOWS\system32\MRT
2016-06-16 07:05 - 2014-09-26 00:02 - 142482544 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2016-06-15 13:26 - 2014-10-07 14:50 - 00000000 ____D C:\Users\stefjanet
2016-06-15 06:55 - 2014-09-28 13:47 - 00000000 ____D C:\Users\stefjanet\AppData\Local\ElevatedDiagnostics
2016-06-14 19:13 - 2013-08-22 17:38 - 00828408 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2016-06-14 19:13 - 2013-08-22 17:38 - 00176632 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2016-06-14 13:21 - 2015-06-25 08:06 - 00000000 ____D C:\ProgramData\Package Cache
2016-06-14 13:21 - 2014-11-12 11:01 - 00000000 ____D C:\Users\stefjanet\Documents\Sony
2016-06-14 13:21 - 2014-11-12 10:58 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sony
2016-06-14 13:21 - 2014-09-26 18:59 - 00000000 ____D C:\Program Files (x86)\Sony
2016-06-14 08:32 - 2014-10-02 11:47 - 00000000 ____D C:\Users\stefjanet\Desktop\TRICOTS
2016-06-12 09:14 - 2014-09-26 09:09 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2016-06-09 11:49 - 2014-10-07 14:50 - 00000000 ____D C:\Users\Administrator
2016-06-09 06:27 - 2014-09-25 22:39 - 00002217 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-06-09 06:27 - 2014-09-25 22:39 - 00002205 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2016-06-09 06:23 - 2014-09-25 22:52 - 00000000 ____D C:\ProgramData\Skype
2016-06-02 10:28 - 2015-07-15 18:51 - 00002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2016-05-29 19:53 - 2014-11-04 14:23 - 00000000 ____D C:\ProgramData\Spybot - Search & Destroy
2016-05-29 19:51 - 2015-07-27 19:03 - 00000000 ____D C:\Program Files\Common Files\AV
2016-05-29 15:46 - 2015-06-10 11:01 - 00000000 ____D C:\Program Files (x86)\Spybot - Search & Destroy
2016-05-28 21:48 - 2015-10-05 19:38 - 06931840 _____ C:\Users\stefjanet\Downloads\cstrial.zip
2016-05-26 11:21 - 2014-09-25 22:52 - 00000000 ___RD C:\Program Files (x86)\Skype
2016-05-23 13:13 - 2014-03-18 12:02 - 01824010 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2016-05-23 13:13 - 2014-03-18 11:26 - 00811108 _____ C:\WINDOWS\system32\perfh00C.dat
2016-05-23 13:13 - 2014-03-18 11:26 - 00159206 _____ C:\WINDOWS\system32\perfc00C.dat
2016-05-23 13:13 - 2013-08-22 15:36 - 00000000 ____D C:\WINDOWS\Inf
2016-05-22 12:31 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\system32\FxsTmp

==================== Fichiers à la racine de certains dossiers =======

2015-06-17 18:48 - 2015-06-17 18:48 - 0000116 _____ () C:\Users\stefjanet\AppData\Roaming\.ptbt0
2015-05-11 18:46 - 2015-05-11 18:46 - 0000268 ___RH () C:\Users\stefjanet\AppData\Roaming\Icons
2015-05-11 18:46 - 2015-05-11 18:46 - 0000268 ___RH () C:\Users\stefjanet\AppData\Roaming\Image Capture
2015-05-11 18:46 - 2015-05-11 18:46 - 0000268 ___RH () C:\Users\stefjanet\AppData\Roaming\Image Manipulation
2014-10-28 18:19 - 2015-02-02 20:42 - 0008192 _____ () C:\Users\stefjanet\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2015-06-03 10:09 - 2015-06-03 10:09 - 0649395 _____ () C:\ProgramData\1433318486.bdinstall.bin
2015-05-11 18:46 - 2015-05-11 18:46 - 0000268 ___RH () C:\ProgramData\Images
2015-05-11 18:46 - 2015-05-11 18:46 - 0000268 ___RH () C:\ProgramData\Importer
2015-05-11 18:46 - 2015-05-11 18:46 - 0000268 ___RH () C:\ProgramData\InkjetPrinter
2015-05-11 18:46 - 2015-05-11 18:46 - 0000020 ____H () C:\ProgramData\PKP_DLes.DAT
2015-05-11 18:46 - 2015-05-20 18:01 - 0000020 ____H () C:\ProgramData\PKP_DLet.DAT
2015-05-11 18:46 - 2015-05-11 18:46 - 0000020 ____H () C:\ProgramData\PKP_DLev.DAT

Fichiers à déplacer ou supprimer:
====================
C:\Users\stefjanet\ZHPDiag3.exe


==================== Bamital & volsnap =================

(Il n'y a pas de correction automatique pour les fichiers qui ne satisfont pas à la vérification.)

C:\WINDOWS\system32\winlogon.exe => Le fichier est signé numériquement
C:\WINDOWS\system32\wininit.exe => Le fichier est signé numériquement
C:\WINDOWS\explorer.exe => Le fichier est signé numériquement
C:\WINDOWS\SysWOW64\explorer.exe => Le fichier est signé numériquement
C:\WINDOWS\system32\svchost.exe => Le fichier est signé numériquement
C:\WINDOWS\SysWOW64\svchost.exe => Le fichier est signé numériquement
C:\WINDOWS\system32\services.exe => Le fichier est signé numériquement
C:\WINDOWS\system32\User32.dll => Le fichier est signé numériquement
C:\WINDOWS\SysWOW64\User32.dll => Le fichier est signé numériquement
C:\WINDOWS\system32\userinit.exe => Le fichier est signé numériquement
C:\WINDOWS\SysWOW64\userinit.exe => Le fichier est signé numériquement
C:\WINDOWS\system32\rpcss.dll => Le fichier est signé numériquement
C:\WINDOWS\system32\dnsapi.dll => Le fichier est signé numériquement
C:\WINDOWS\SysWOW64\dnsapi.dll => Le fichier est signé numériquement
C:\WINDOWS\system32\Drivers\volsnap.sys => Le fichier est signé numériquement


LastRegBack: 2016-06-17 06:48

==================== Fin de FRST.txt ============================

Publicité


Signaler le contenu de ce document

Publicité