Résultats d'analyse de Farbar Recovery Scan Tool (FRST) (x64) Version: 11-07-2017 Exécuté par Sébastien (administrateur) sur BARTOX (12-07-2017 12:03:00) Exécuté depuis C:\Users\Sébastien\Desktop Profils chargés: Sébastien (Profils disponibles: Sébastien & Invité) Platform: Windows 7 Home Premium Service Pack 1 (X64) Langue: Français (France) Internet Explorer Version 11 (Navigateur par défaut: Chrome) Mode d'amorçage: Normal Tutoriel pour Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processus (Avec liste blanche) ================= (Si un élément est inclus dans le fichier fixlist.txt, le processus sera arrêté. Le fichier ne sera pas déplacé.) (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe (Microsoft Corporation) C:\Windows\System32\wisptis.exe (Check Point Software Technologies Ltd.) C:\Program Files (x86)\CheckPoint\ZoneAlarm\vsmon.exe (Microsoft Corporation) C:\Windows\System32\wisptis.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe (AVAST Software) C:\Program Files\Alwil Software\Avast5\AvastSvc.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe (Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe (Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe (Hewlett-Packard Co.) C:\Program Files\HP\HP Photosmart 5520 series\Bin\ScanToPCActivationApp.exe (Spotify Ltd) C:\Users\Sébastien\AppData\Roaming\Spotify\SpotifyWebHelper.exe (AVAST Software) C:\Program Files\Alwil Software\Avast5\AvastUI.exe (Dropbox, Inc.) C:\Windows\System32\DbxSvc.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe (Acer Incorporated) C:\Program Files (x86)\Acer\Registration\GregHSRW.exe (RealNetworks, Inc.) C:\Program Files (x86)\Real\RealPlayer\RPDS\Bin\rpsystray.exe (Egis Technology Inc.) C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\MWLService.exe (Vimicro Corporation) C:\Program Files (x86)\Vimicro Corporation\VMUVC\VMonitor.exe () C:\Program Files (x86)\Acer\Hotkey Utility\HotkeyUtility.exe (Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe (NewTech Infosystems, Inc.) C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe (Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe (Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe (Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe (Check Point Software Technologies Ltd.) C:\Program Files (x86)\CheckPoint\ZoneAlarm\zatray.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe (Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe (RealNetworks, Inc.) C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe (RealNetworks, Inc.) C:\Program Files (x86)\Real\RealPlayer\UpdateService\RealPlayerUpdateSvc.exe (RaMMicHaeL) C:\Program Files (x86)\Unchecky\bin\unchecky_svc.exe (Acer) C:\Program Files\Acer\Acer Updater\UpdaterService.exe (RaMMicHaeL) C:\Program Files (x86)\Unchecky\bin\unchecky_bg.exe (Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe () C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcAppFlt.exe (Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE (Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe () C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcIp.exe (Hewlett-Packard Co.) C:\Program Files\HP\HP Photosmart 5520 series\Bin\HPNetworkCommunicator.exe (AVAST Software s.r.o.) C:\Program Files\Alwil Software\Avast5\x64\aswidsagenta.exe (RealNetworks, Inc.) C:\Program Files (x86)\Real\RealPlayer\RPDS\Bin\rpdsvc.exe (AVAST Software) C:\Program Files\Alwil Software\Avast5\AvastUI.exe (Microsoft Corporation) C:\Windows\System32\dllhost.exe (Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\ink\InputPersonalization.exe (Check Point Software Technologies Ltd.) C:\Program Files (x86)\CheckPoint\ZoneAlarm\ICM-Service.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe () C:\Program Files (x86)\Real\RealPlayer\RealDownloader\downloader2.exe (RealNetworks, Inc.) C:\Program Files (x86)\Real\RealPlayer\RealDownloader\realdownloader264.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe ==================== Registre (Avec liste blanche) ==================== (Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé. Le fichier ne sera pas déplacé.) HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [7981088 2009-07-20] (Realtek Semiconductor) HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2585744 2015-01-16] (NVIDIA Corporation) HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart HKLM\...\Run: [AvastUI.exe] => C:\Program Files\Alwil Software\Avast5\AvLaunch.exe [213832 2017-07-09] (AVAST Software) HKLM\...\Run: [Malwarebytes TrayApp] => C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\mbamtray.exe [3146704 2017-05-09] (Malwarebytes) HKLM-x32\...\Run: [VMonitorVMUVC] => C:\Program Files (x86)\Vimicro Corporation\VMUVC\VMonitor.exe [143360 2010-09-10] (Vimicro Corporation) HKLM-x32\...\Run: [] => [X] HKLM-x32\...\Run: [Hotkey Utility] => C:\Program Files (x86)\Acer\Hotkey Utility\HotkeyUtility.exe [629280 2009-08-18] () HKLM-x32\...\Run: [Dropbox] => C:\Program Files (x86)\Dropbox\Client\Dropbox.exe [3486520 2017-06-26] (Dropbox, Inc.) HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [587288 2017-03-15] (Oracle Corporation) HKLM-x32\...\Run: [ZoneAlarm] => C:\Program Files (x86)\CheckPoint\ZoneAlarm\zatray.exe [145208 2017-04-14] (Check Point Software Technologies Ltd.) HKLM-x32\...\Run: [TkBellExe] => c:\program files (x86)\real\realplayer\Update\realsched.exe [352648 2017-06-21] (RealNetworks, Inc.) HKLM-x32\...\Run: [RealDownloader] => C:\program files (x86)\real\realplayer\RealDownloader\downloader2.exe [1297648 2017-06-02] () HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION HKU\S-1-5-21-2092465835-998468644-2159141961-1000\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [9364696 2017-03-03] (Piriform Ltd) HKU\S-1-5-21-2092465835-998468644-2159141961-1000\...\Run: [HP Photosmart 5520 series (NET)] => C:\Program Files\HP\HP Photosmart 5520 series\Bin\ScanToPCActivationApp.exe [2573416 2012-10-17] (Hewlett-Packard Co.) HKU\S-1-5-21-2092465835-998468644-2159141961-1000\...\Run: [Spotify Web Helper] => C:\Users\Sébastien\AppData\Roaming\Spotify\SpotifyWebHelper.exe [1562224 2017-06-25] (Spotify Ltd) HKU\S-1-5-21-2092465835-998468644-2159141961-1000\...\RunOnce: [Application Restart #4] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [1197912 2017-06-23] (Google Inc.) HKU\S-1-5-21-2092465835-998468644-2159141961-1000\...\Policies\Explorer: [NoInstrumentation] 1 HKU\S-1-5-21-2092465835-998468644-2159141961-1000\...\MountPoints2: {c1c9d1a2-d162-11e3-9319-e4548c249830} - I:\Startme.exe HKU\S-1-5-21-2092465835-998468644-2159141961-1000\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\system32\Mystify.scr [242688 2010-11-20] (Microsoft Corporation) HKU\S-1-5-18\...\Run: [] => [X] Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\RealTimes.lnk [2017-06-21] ShortcutTarget: RealTimes.lnk -> C:\Program Files (x86)\Real\RealPlayer\RPDS\Bin\rpsystray.exe (RealNetworks, Inc.) ==================== Internet (Avec liste blanche) ==================== (Si un élément est inclus dans le fichier fixlist.txt, s'il s'agit d'un élément du Registre, il sera supprimé ou restauré à la valeur par défaut.) Hosts: Il y a plus d'un élément dans hosts. Voir la section Hosts de Addition.txt Tcpip\Parameters: [DhcpNameServer] 192.168.0.254 Tcpip\..\Interfaces\{21D80D96-393D-4308-9155-D200505470A8}: [DhcpNameServer] 192.168.0.254 Internet Explorer: ================== HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.com HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = www.google.com HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = www.google.com HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = www.google.com HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.com HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.com HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = www.google.com HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = www.google.com HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/?LinkId=56626&homepage=www.google.com SearchScopes: HKLM-x32 -> {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL = hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7ACAW SearchScopes: HKU\S-1-5-21-2092465835-998468644-2159141961-1000 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = BHO: RealNetworks Download and Record Plugin for Internet Explorer -> {3049C3E9-B461-4BC5-8870-4C09146192CA} -> C:\program files (x86)\real\realplayer\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin64.dll [2017-06-02] (RealDownloader) BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_131\bin\ssv.dll [2017-05-07] (Oracle Corporation) BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\Alwil Software\Avast5\aswWebRepIE64.dll [2017-07-09] (AVAST Software) BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17] (Microsoft Corp.) BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_131\bin\jp2ssv.dll [2017-05-07] (Oracle Corporation) BHO-x32: RealNetworks Download and Record Plugin for Internet Explorer -> {3049C3E9-B461-4BC5-8870-4C09146192CA} -> C:\program files (x86)\real\realplayer\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin.dll [2017-06-02] (RealDownloader) BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_131\bin\ssv.dll [2017-05-07] (Oracle Corporation) BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll [2017-07-09] (AVAST Software) BHO-x32: Programme d’aide de l’Assistant de connexion au compte Microsoft -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17] (Microsoft Corp.) BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_131\bin\jp2ssv.dll [2017-05-07] (Oracle Corporation) Toolbar: HKLM - avast! Online Security - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - Pas de fichier DPF: HKLM-x32 {166B1BCA-3F9C-11CF-8075-444553540000} hxxp://fpdownload.macromedia.com/get/shockwave/cabs/director/sw.cab Handler-x32: http - {E1D2BF42-A96B-11D1-9C6B-0000F875AC61} - C:\PROGRA~2\COMMON~1\System\OLEDB~1\MSDAIPP.DLL [1999-02-03] (Microsoft Corporation) Handler-x32: http - {E1D2BF40-A96B-11D1-9C6B-0000F875AC61} - C:\PROGRA~2\COMMON~1\System\OLEDB~1\MSDAIPP.DLL [1999-02-03] (Microsoft Corporation) Handler-x32: https - {E1D2BF42-A96B-11D1-9C6B-0000F875AC61} - C:\PROGRA~2\COMMON~1\System\OLEDB~1\MSDAIPP.DLL [1999-02-03] (Microsoft Corporation) Handler-x32: https - {E1D2BF40-A96B-11D1-9C6B-0000F875AC61} - C:\PROGRA~2\COMMON~1\System\OLEDB~1\MSDAIPP.DLL [1999-02-03] (Microsoft Corporation) Handler-x32: ipp - {E1D2BF42-A96B-11D1-9C6B-0000F875AC61} - C:\PROGRA~2\COMMON~1\System\OLEDB~1\MSDAIPP.DLL [1999-02-03] (Microsoft Corporation) Handler-x32: msdaipp - {E1D2BF42-A96B-11D1-9C6B-0000F875AC61} - C:\PROGRA~2\COMMON~1\System\OLEDB~1\MSDAIPP.DLL [1999-02-03] (Microsoft Corporation) Handler-x32: msdaipp - {E1D2BF40-A96B-11D1-9C6B-0000F875AC61} - C:\PROGRA~2\COMMON~1\System\OLEDB~1\MSDAIPP.DLL [1999-02-03] (Microsoft Corporation) StartMenuInternet: IEXPLORE.EXE - iexplore.exe FireFox: ======== FF HKLM-x32\...\Firefox\Extensions: [{97E22097-9A2F-45b1-8DAF-36AD648C7EF4}] - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext FF Extension: (RealPlayer Browser Record Plugin) - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext [2017-06-14] [non signé] FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_26_0_0_137.dll [2017-07-11] () FF Plugin: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\npPDFXCviewNPPlugin.dll [2000-01-01] (Tracker Software Products Ltd.) FF Plugin: @java.com/DTPlugin,version=11.131.2 -> C:\Program Files\Java\jre1.8.0_131\bin\dtplugin\npDeployJava1.dll [2017-05-07] (Oracle Corporation) FF Plugin: @java.com/JavaPlugin,version=11.131.2 -> C:\Program Files\Java\jre1.8.0_131\bin\plugin2\npjp2.dll [2017-05-07] (Oracle Corporation) FF Plugin: @microsoft.com/GENUINE -> disabled [Pas de fichier] FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.50907.0\npctrl.dll [2017-05-03] ( Microsoft Corporation) FF Plugin: @tracker-software.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\npPDFXCviewNPPlugin.dll [2000-01-01] (Tracker Software Products Ltd.) FF Plugin: @videolan.org/vlc,version=2.2.3 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2017-05-24] (VideoLAN) FF Plugin: @videolan.org/vlc,version=2.2.4 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2017-05-24] (VideoLAN) FF Plugin: @videolan.org/vlc,version=2.2.6 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2017-05-24] (VideoLAN) FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_26_0_0_137.dll [2017-07-11] () FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw_1229199.dll [2017-03-31] (Adobe Systems, Inc.) FF Plugin-x32: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll [2000-01-01] (Tracker Software Products Ltd.) FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll [2015-03-30] (Google) FF Plugin-x32: @google.com/npPicasa2,version=2.0.0 -> C:\Program Files (x86)\Picasa2\npPicasa2.dll [2008-08-21] (Google, Inc.) FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll [2015-10-13] (Google, Inc.) FF Plugin-x32: @java.com/DTPlugin,version=11.131.2 -> C:\Program Files (x86)\Java\jre1.8.0_131\bin\dtplugin\npDeployJava1.dll [2017-05-07] (Oracle Corporation) FF Plugin-x32: @java.com/JavaPlugin,version=11.131.2 -> C:\Program Files (x86)\Java\jre1.8.0_131\bin\plugin2\npjp2.dll [2017-05-07] (Oracle Corporation) FF Plugin-x32: @microsoft.com/GENUINE -> disabled [Pas de fichier] FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.50907.0\npctrl.dll [2017-05-03] ( Microsoft Corporation) FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation) FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation) FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation) FF Plugin-x32: @real.com/nppl3260;version=18.1.8.212 -> c:\program files (x86)\real\realplayer\Netscape6\nppl3260.dll [2017-06-21] (RealNetworks, Inc.) FF Plugin-x32: @real.com/nprpchromebrowserrecordext;version=15.0.4.53 -> C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll [2012-09-30] (RealNetworks, Inc.) FF Plugin-x32: @real.com/nprphtml5videoshim;version=15.0.6.14 -> C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll [2012-09-30] (RealNetworks, Inc.) FF Plugin-x32: @real.com/nprpplugin;version=18.1.8.212 -> c:\program files (x86)\real\realplayer\Netscape6\nprpplugin.dll [2017-06-21] (RealPlayer) FF Plugin-x32: @rocketlife.com/RocketLife Secure Plug-In Layer;version=1.0.5 -> C:\ProgramData\Visan\plugins\npRLSecurePluginLayer.dll [2014-11-06] (RocketLife, LLP) FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-04-29] (Google Inc.) FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-04-29] (Google Inc.) FF Plugin-x32: @tracker-software.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll [2000-01-01] (Tracker Software Products Ltd.) FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2017-04-05] (Adobe Systems Inc.) FF Plugin HKU\S-1-5-21-2092465835-998468644-2159141961-1000: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll [2000-01-01] (Tracker Software Products Ltd.) FF Plugin HKU\S-1-5-21-2092465835-998468644-2159141961-1000: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Sébastien\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2014-05-28] (Unity Technologies ApS) FF Plugin HKU\S-1-5-21-2092465835-998468644-2159141961-1000: sony.com/MediaGoDetector -> C:\Program Files (x86)\Sony\Media Go\npMediaGoDetector.dll [2014-01-16] (Sony Network Entertainment International LLC) Chrome: ======= CHR DefaultProfile: Default CHR HomePage: Default -> msn.com/?pc=__PARAM__&ocid=__PARAM__DHP&osmkt=fr-fr CHR NewTab: Default -> Active:"chrome-extension://mfifcboiomeogenbbmnbeiobeplcmdhm/pages/home.html" CHR DefaultSearchURL: Default -> hxxps://fr.search.yahoo.com/yhs/search?type=avastbcl&hspart=avast&hsimp=yhs-001&p={searchTerms} CHR DefaultSearchKeyword: Default -> www.yahoo.com CHR DefaultSuggestURL: Default -> hxxp://ff.search.yahoo.com/gossip?output=fxjson&command={searchTerms} CHR Profile: C:\Users\Sébastien\AppData\Local\Google\Chrome\User Data\Default [2017-07-12] CHR Extension: (AdBlock) - C:\Users\Sébastien\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2017-06-27] CHR Extension: (Avast Online Security) - C:\Users\Sébastien\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2017-06-08] CHR Extension: (Little Alchemy) - C:\Users\Sébastien\AppData\Local\Google\Chrome\User Data\Default\Extensions\knkapnclbofjjgicpkfoagdjohlfjhpd [2016-05-29] CHR Extension: (Lilo Search) - C:\Users\Sébastien\AppData\Local\Google\Chrome\User Data\Default\Extensions\ldhcdlnondjolfdmlagafpjnhglkfefl [2017-06-12] CHR Extension: (Lilo Tab) - C:\Users\Sébastien\AppData\Local\Google\Chrome\User Data\Default\Extensions\mfifcboiomeogenbbmnbeiobeplcmdhm [2017-06-12] CHR Extension: (Pocket Legends) - C:\Users\Sébastien\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhpdbcnfpodnaefldpdohoibdajcfabp [2016-10-25] CHR Extension: (Paiements via le Chrome Web Store) - C:\Users\Sébastien\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-03-09] CHR Extension: (Lilo.org) - C:\Users\Sébastien\AppData\Local\Google\Chrome\User Data\Default\Extensions\oejnkhmeilmiplpmenkegjaibnjbappo [2017-06-12] CHR Extension: (Chrome Media Router) - C:\Users\Sébastien\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-06-28] CHR Profile: C:\Users\Sébastien\AppData\Local\Google\Chrome\User Data\Guest Profile [2015-11-14] CHR Extension: (YouTurn) - C:\Users\Sébastien\AppData\Local\Google\Chrome\User Data\Guest Profile\Extensions\icphmmimmfdlgaaglejeokffekamhplg [2015-11-12] [UpdateUrl: hxxps://epicunitscan.info/00service/update2/crx] <==== ATTENTION CHR Extension: (Mavenlink Project Manager) - C:\Users\Sébastien\AppData\Local\Google\Chrome\User Data\Guest Profile\Extensions\nkpcjfgdlfelfjldoebklcimbekfeami [2015-11-12] [UpdateUrl: hxxps://epicunitscan.info/00service/update2/crx] <==== ATTENTION CHR Profile: C:\Users\Sébastien\AppData\Local\Google\Chrome\User Data\Save Default [2016-07-08] <==== ATTENTION CHR Extension: (Google Drive) - C:\Users\Sébastien\AppData\Local\Google\Chrome\User Data\Save Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-04-15] [UpdateUrl: hxxps://epicunitscan.info/00service/update2/crx] <==== ATTENTION CHR Extension: (YouTube) - C:\Users\Sébastien\AppData\Local\Google\Chrome\User Data\Save Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-04-15] CHR Extension: (Adblock Plus) - C:\Users\Sébastien\AppData\Local\Google\Chrome\User Data\Save Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2015-11-12] [UpdateUrl: hxxps://epicunitscan.info/00service/update2/crx] <==== ATTENTION CHR Extension: (Recherche Google) - C:\Users\Sébastien\AppData\Local\Google\Chrome\User Data\Save Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-04-15] CHR Extension: (Google Wallet) - C:\Users\Sébastien\AppData\Local\Google\Chrome\User Data\Save Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-11-12] [UpdateUrl: hxxps://epicunitscan.info/00service/update2/crx] <==== ATTENTION CHR Extension: (ScriptSafe) - C:\Users\Sébastien\AppData\Local\Google\Chrome\User Data\Save Default\Extensions\oiigbmnaadbkfbmpbfijlflahbdbdgdf [2015-11-12] CHR Profile: C:\Users\Sébastien\AppData\Local\Google\Chrome\User Data\System Profile [2017-07-11] CHR HKU\S-1-5-21-2092465835-998468644-2159141961-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [apdfllckaahabafndbhieahigkjlhalf] - C:\Users\SBASTI~1\AppData\Local\Google\Drive\apdfllckaahabafndbhieahigkjlhalf_live.crx CHR HKU\S-1-5-21-2092465835-998468644-2159141961-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [fkkcgfbgohboipdhliafmacjnhjbhmim] - hxxps://clients2.google.com/service/update2/crx CHR HKU\S-1-5-21-2092465835-998468644-2159141961-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [hpacaholihkepnhgeeiipghhgonbhdfb] - hxxps://clients2.google.com/service/update2/crx CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - hxxps://clients2.google.com/service/update2/crx CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - hxxps://clients2.google.com/service/update2/crx CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\Alwil Software\Avast5\WebRep\Chrome\aswWebRepChrome.crx CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - hxxps://clients2.google.com/service/update2/crx ==================== Services (Avec liste blanche) ==================== (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.) R3 aswbIDSAgent; C:\Program Files\Alwil Software\Avast5\x64\aswidsagenta.exe [7430992 2017-07-09] (AVAST Software s.r.o.) R2 avast! Antivirus; C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [263312 2017-07-09] (AVAST Software) S3 dbupdate; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [136048 2015-09-27] (Dropbox, Inc.) S3 dbupdatem; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [136048 2015-09-27] (Dropbox, Inc.) R2 DbxSvc; C:\Windows\system32\DbxSvc.exe [49992 2017-06-26] (Dropbox, Inc.) R2 ForceWare Intelligent Application Manager (IAM); C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcAppFlt.exe [625184 2009-04-19] () R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1148560 2015-01-16] (NVIDIA Corporation) S2 LiveUpdateSvc; C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe [2960672 2016-06-14] (IObit) R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [4470736 2017-05-09] (Malwarebytes) R2 MWLService; C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\\MWLService.exe [305448 2009-09-10] (Egis Technology Inc.) S2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [71680 2010-08-06] (Hewlett-Packard) [Fichier non signé] R2 nSvcIp; C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcIp.exe [207904 2009-04-19] () R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1706128 2015-01-16] (NVIDIA Corporation) R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [21833360 2015-01-16] (NVIDIA Corporation) S2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [89600 2010-08-06] (Hewlett-Packard) [Fichier non signé] S3 RealPlayer Cloud Service; c:\program files (x86)\real\realplayer\RPDS\Bin\rpdsvc.exe [988944 2017-06-21] (RealNetworks, Inc.) R2 RealPlayerUpdateSvc; C:\program files (x86)\real\realplayer\UpdateService\RealPlayerUpdateSvc.exe [36640 2017-06-02] (RealNetworks, Inc.) R2 RealTimes Desktop Service; c:\program files (x86)\real\realplayer\RPDS\Bin\rpdsvc.exe [988944 2017-06-21] (RealNetworks, Inc.) R2 Unchecky; C:\Program Files (x86)\Unchecky\bin\unchecky_svc.exe [304408 2017-02-01] (RaMMicHaeL) R2 vsmon; C:\Program Files (x86)\CheckPoint\ZoneAlarm\vsmon.exe [4107680 2017-04-14] (Check Point Software Technologies Ltd.) S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation) R2 ZoneAlarm ICM Service; C:\Program Files (x86)\CheckPoint\ZoneAlarm\ICM-Service.exe [1058616 2017-04-14] (Check Point Software Technologies Ltd.) U4 AvastVBoxSvc; "C:\Program Files\Alwil Software\Avast5\ng\vbox\AvastVBoxSVC.exe" [X] ===================== Pilotes (Avec liste blanche) ====================== (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.) R1 aswbidsdriver; C:\Windows\system32\drivers\aswbidsdrivera.sys [319984 2017-07-09] (AVAST Software s.r.o.) R0 aswbidsh; C:\Windows\system32\drivers\aswbidsha.sys [198944 2017-07-09] (AVAST Software s.r.o.) R0 aswblog; C:\Windows\system32\drivers\aswbloga.sys [343264 2017-07-09] (AVAST Software s.r.o.) R0 aswbuniv; C:\Windows\system32\drivers\aswbuniva.sys [57704 2017-07-09] (AVAST Software s.r.o.) S3 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [46984 2017-07-09] (AVAST Software) R1 aswKbd; C:\Windows\system32\drivers\aswKbd.sys [41800 2017-07-09] (AVAST Software) R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [146664 2017-07-09] (AVAST Software) R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [110352 2017-07-09] (AVAST Software) R0 aswRvrt; C:\Windows\system32\drivers\aswRvrt.sys [84392 2017-07-09] (AVAST Software) R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1015848 2017-07-09] (AVAST Software) R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [585608 2017-07-09] (AVAST Software) R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [198768 2017-07-09] (AVAST Software) R0 aswVmm; C:\Windows\system32\drivers\aswVmm.sys [361336 2017-07-09] (AVAST Software) R1 HWiNFO32; C:\Windows\SysWOW64\drivers\HWiNFO64A.SYS [27552 2016-07-08] (REALiX(tm)) R0 MBAMSwissArmy; C:\Windows\System32\drivers\MBAMSwissArmy.sys [252832 2017-07-12] (Malwarebytes) R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [19600 2015-01-16] (NVIDIA Corporation) R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [56384 2016-07-08] (NVIDIA Corporation) R3 SMARTMouseFilterx64; C:\Windows\System32\DRIVERS\SMARTMouseFilterx64.sys [13168 2011-07-13] (SMART Technologies ULC) R3 SMARTVHidMiniVistaAmd64; C:\Windows\System32\DRIVERS\SMARTVHidMiniVistaAmd64.sys [16368 2011-07-13] (SMART Technologies ULC) R3 SMARTVTabletPCx64; C:\Windows\System32\DRIVERS\SMARTVTabletPCx64.sys [24944 2011-07-13] (SMART Technologies ULC) S3 SRS_SSCFilter; C:\Windows\System32\drivers\srs_sscfilter_amd64.sys [346992 2009-12-15] () S3 SynasUSB; C:\Windows\System32\drivers\SynUSB64.sys [31248 2006-11-16] (SIA Syncrosoft) S3 taphss6; C:\Windows\System32\DRIVERS\taphss6.sys [42064 2016-03-01] (Anchorfree Inc.) S3 VMUVC; C:\Windows\System32\Drivers\VMUVC.sys [202112 2010-11-12] (Vimicro Corporation) R1 Vsdatant; C:\Windows\System32\DRIVERS\vsdatant.sys [461240 2017-04-13] (Check Point Software Technologies Ltd.) S3 vvftUVC; C:\Windows\System32\drivers\vvftUVC.sys [303616 2008-07-01] (Vimicro Corporation) ==================== NetSvcs (Avec liste blanche) =================== (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.) ==================== Un mois - Créés - fichiers et dossiers ======== (Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.) 2017-07-12 12:03 - 2017-07-12 12:04 - 00030958 _____ C:\Users\Sébastien\Desktop\FRST.txt 2017-07-12 12:02 - 2017-07-12 12:03 - 00000000 ____D C:\FRST 2017-07-12 11:58 - 2017-07-12 11:58 - 02435584 _____ (Farbar) C:\Users\Sébastien\Desktop\FRST64.exe 2017-07-12 11:58 - 2017-07-12 11:58 - 00053164 _____ C:\Users\Sébastien\Desktop\téléchargement.htm 2017-07-12 11:52 - 2017-07-12 11:52 - 00002230 _____ C:\Users\Sébastien\Desktop\WinChk.txt 2017-07-12 11:50 - 2017-07-12 11:51 - 00002230 _____ C:\WinChk.txt 2017-07-12 11:50 - 2017-07-12 11:50 - 00315000 _____ C:\Users\Sébastien\Downloads\winchk_2.0 (1).exe 2017-07-12 11:48 - 2017-07-12 11:48 - 00315000 _____ C:\Users\Sébastien\Desktop\winchk_2.0.exe 2017-07-12 11:45 - 2017-07-12 11:45 - 00000266 _____ C:\Users\Sébastien\Desktop\ckfiles.txt 2017-07-12 11:41 - 2017-07-12 11:41 - 00468480 _____ () C:\Users\Sébastien\Desktop\CKScanner.exe 2017-07-12 10:41 - 2017-07-12 10:41 - 00000656 _____ C:\Users\Sébastien\Downloads\wu10.diagcab 2017-07-12 10:30 - 2017-07-12 10:30 - 00901927 _____ C:\Users\Sébastien\Downloads\CAT.exe 2017-07-12 10:30 - 2017-07-12 10:30 - 00000000 ____D C:\CAT-Logs 2017-07-12 10:20 - 2017-07-12 10:21 - 34790450 _____ C:\Users\Sébastien\Downloads\windows6.1-kb4012212-x64_2decefaa02e2058dcd965702509a992d8c4e92b3.msu 2017-07-12 09:57 - 2017-07-12 09:57 - 00000000 ____D C:\ProgramData\SWCUTemp 2017-07-12 09:55 - 2017-07-12 09:55 - 00463920 _____ C:\Windows\system32\FNTCACHE.DAT 2017-07-12 01:10 - 2017-07-12 01:10 - 00003544 ____N C:\bootsqm.dat 2017-07-11 21:12 - 2017-07-11 21:12 - 04110280 _____ C:\Users\Sébastien\Downloads\adwcleaner_6.047 (2).exe 2017-07-11 17:04 - 2017-07-11 19:30 - 1892308821 _____ C:\Users\Sébastien\Downloads\Logan.2017.TRUEFRENCH.720p.BluRay.DTS.x264-WwW.Zone-Telechargement.Ws.mkv 2017-07-11 17:01 - 2017-07-11 18:03 - 1452990294 _____ C:\Users\Sébastien\Downloads\Batman.v.Superman.Dawn.of.Justice.2016#{]^#{@-]##-^FRENCH.EXTENDED.BDRip.XViD.avi 2017-07-11 16:40 - 2017-07-11 16:40 - 00129576 _____ C:\Users\Sébastien\AppData\Local\GDIPFONTCACHEV1.DAT 2017-07-10 21:14 - 2017-07-10 21:14 - 00000000 ____H C:\Users\Sébastien\Documents\Default.rdp 2017-07-10 20:47 - 2017-07-10 20:47 - 00000000 ____D C:\Users\Sébastien\AppData\Local\CrashRpt 2017-07-10 19:19 - 2017-07-10 19:20 - 05170176 _____ C:\Users\Sébastien\Downloads\WindowsDefender-1593.msi 2017-07-10 19:09 - 2017-07-10 19:46 - 00003344 _____ C:\Windows\System32\Tasks\RealPlayerRealUpgradeScheduledTaskS-1-5-21-2092465835-998468644-2159141961-1000 2017-07-10 19:09 - 2017-07-10 19:46 - 00003218 _____ C:\Windows\System32\Tasks\RealPlayerRealUpgradeLogonTaskS-1-5-21-2092465835-998468644-2159141961-1000 2017-07-10 01:11 - 2017-07-10 01:20 - 367629838 _____ C:\Users\Sébastien\Downloads\Fear.The.Walking.Dead.S03E05.FRENCH.HDTV.XviD-ZT.WwW.Zone-Telechargement.Ws.avi 2017-07-09 23:44 - 2017-07-10 00:05 - 367393934 _____ C:\Users\Sébastien\Downloads\Fear.The.Walking.Dead.S03E06.FRENCH.HDTV.XviD-ZT.WwW.Zone-Telechargement.Ws.avi 2017-07-09 21:53 - 2017-07-09 22:30 - 367691124 _____ C:\Users\Sébastien\Downloads\Fear.The.Walking.Dead.S03E04.FRENCH.HDTV.XviD-ZT.WwW.Zone-Telechargement.Ws.avi 2017-07-09 21:53 - 2017-07-09 22:12 - 367683924 _____ C:\Users\Sébastien\Downloads\Fear.The.Walking.Dead.S03E03.FRENCH.HDTV.XviD-ZT.WwW.Zone-Telechargement.Ws.avi 2017-07-09 18:08 - 2017-07-09 18:24 - 367693060 _____ C:\Users\Sébastien\Downloads\Fear.The.Walking.Dead.S03E01.FRENCH.HDTV.XviD-ZT.WwW.Zone-Telechargement.Ws.avi 2017-07-09 18:08 - 2017-07-09 18:18 - 367491966 _____ C:\Users\Sébastien\Downloads\Fear.The.Walking.Dead.S03E02.FRENCH.HDTV.XviD-ZT.WwW.Zone-Telechargement.Ws.avi 2017-07-09 10:31 - 2017-07-09 10:31 - 00400464 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe 2017-07-08 19:54 - 2017-07-08 19:54 - 00000000 _____ C:\Users\Sébastien\Downloads\Formulaire de contact.pdf 2017-06-29 07:17 - 2017-06-29 07:17 - 02291642 _____ C:\Users\Sébastien\Downloads\bilan_periodique_2017-06-29T07-17-49.pdf 2017-06-28 21:30 - 2017-06-28 21:30 - 02291665 _____ C:\Users\Sébastien\Downloads\bilan_periodique_2017-06-28T21-30-57.pdf 2017-06-28 20:36 - 2017-06-28 20:36 - 01223033 _____ C:\Users\Sébastien\Downloads\bilan_periodique_2017-06-28T20-36-47.pdf 2017-06-28 20:32 - 2017-06-28 20:32 - 01222098 _____ C:\Users\Sébastien\Downloads\bilan_periodique_2017-06-28T20-32-55.pdf 2017-06-28 20:32 - 2017-06-28 20:32 - 00155988 _____ C:\Users\Sébastien\Downloads\bilan_periodique_2017-06-28T20-32-14.pdf 2017-06-28 20:13 - 2017-06-28 20:12 - 00157403 _____ C:\Users\Sébastien\Documents\bilan_periodique_thibaud 2017-06-28T20-06-18.pdf 2017-06-28 20:06 - 2017-06-28 20:06 - 00157403 _____ C:\Users\Sébastien\Downloads\bilan_periodique_2017-06-28T20-06-18.pdf 2017-06-28 20:05 - 2017-06-28 20:05 - 00181597 _____ C:\Users\Sébastien\Downloads\bilan_periodique_2017-06-28T20-05-56.pdf 2017-06-28 20:03 - 2017-06-28 20:03 - 00181570 _____ C:\Users\Sébastien\Downloads\bilan_periodique_2017-06-28T20-03-15.pdf 2017-06-28 05:01 - 2017-06-28 05:01 - 00000000 ____D C:\Users\Sébastien\Documents\relevés compte 2017-06-28 05:01 - 2017-06-28 05:01 - 00000000 ____D C:\Users\Sébastien\Documents\impôts 2017-06-28 05:01 - 2017-06-28 05:01 - 00000000 ____D C:\Users\Sébastien\Documents\Exo notebook 2017-06-28 05:01 - 2015-10-18 14:16 - 00013030 _____ C:\Users\Sébastien\Documents\Sans nom 1 essai.odt 2017-06-28 05:01 - 2014-12-13 17:24 - 00049704 _____ C:\Users\Sébastien\Documents\facture spa.pdf 2017-06-28 05:01 - 2013-05-07 12:51 - 00044855 _____ C:\Users\Sébastien\Documents\questionnaire_enseignant (1).pdf 2017-06-28 05:00 - 2017-06-28 05:00 - 00000000 ____D C:\Users\Sébastien\Documents\Dusty Rifflet 2017-06-28 05:00 - 2017-06-28 05:00 - 00000000 ____D C:\Users\Sébastien\Documents\Courrier 2017-06-28 05:00 - 2017-06-28 05:00 - 00000000 ____D C:\Users\Sébastien\Documents\Comptes 2017-06-28 05:00 - 2012-01-02 01:28 - 00008309 _____ C:\Users\Sébastien\Documents\contacts.csv 2017-06-27 21:00 - 2017-06-27 21:00 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox 2017-06-26 12:27 - 2017-06-26 12:27 - 00049992 _____ (Dropbox, Inc.) C:\Windows\system32\DbxSvc.exe 2017-06-26 12:27 - 2017-06-26 12:27 - 00045640 _____ (Dropbox, Inc.) C:\Windows\system32\Drivers\dbx-stable.sys 2017-06-26 12:27 - 2017-06-26 12:27 - 00045640 _____ (Dropbox, Inc.) C:\Windows\system32\Drivers\dbx-dev.sys 2017-06-26 12:27 - 2017-06-26 12:27 - 00045640 _____ (Dropbox, Inc.) C:\Windows\system32\Drivers\dbx-canary.sys 2017-06-25 13:14 - 2017-06-25 13:15 - 00952643 _____ C:\Users\Sébastien\Downloads\liste-des-ressources.pdf 2017-06-24 21:35 - 2017-06-24 21:35 - 00039143 _____ C:\Users\Sébastien\Downloads\contacts.vcf 2017-06-21 13:57 - 2017-06-21 13:57 - 00003372 _____ C:\Windows\System32\Tasks\RealDownloaderRealUpgradeScheduledTaskS-1-5-21-2092465835-998468644-2159141961-1000 2017-06-21 13:57 - 2017-06-21 13:57 - 00003246 _____ C:\Windows\System32\Tasks\RealDownloaderRealUpgradeLogonTaskS-1-5-21-2092465835-998468644-2159141961-1000 2017-06-21 13:57 - 2017-06-21 13:57 - 00000982 _____ C:\Users\Public\Desktop\RealPlayer (RealTimes).lnk 2017-06-21 13:57 - 2017-06-21 13:57 - 00000000 ____D C:\Users\Sébastien\AppData\Roaming\RealNetworks 2017-06-21 13:50 - 2017-06-21 13:50 - 00207752 _____ (RealNetworks, Inc.) C:\Windows\SysWOW64\rmoc3260.dll 2017-06-21 13:50 - 2017-06-21 13:50 - 00000000 ____D C:\ProgramData\RealNetworks 2017-06-21 13:49 - 2017-06-21 13:49 - 00285576 _____ (Progressive Networks) C:\Windows\SysWOW64\pncrt.dll 2017-06-18 16:54 - 2017-06-18 16:54 - 11313360 _____ (Microsoft Corporation) C:\Users\Sébastien\Downloads\windowsupdateagent-7.6-x64.exe 2017-06-18 16:45 - 2017-06-18 16:45 - 00000000 _____ C:\Windows\system32\net 2017-06-18 16:45 - 2017-06-18 16:45 - 00000000 _____ C:\Windows\system32\Del 2017-06-18 16:45 - 2017-06-18 16:45 - 00000000 _____ C:\Windows\system32\cd 2017-06-18 16:30 - 2017-06-18 16:32 - 563738672 _____ C:\Users\Sébastien\Documents\erport registre.reg 2017-06-18 16:14 - 2017-06-18 16:14 - 01034556 _____ C:\Users\Sébastien\Downloads\Windows6.1-KB2999226-x64 (1).msu 2017-06-18 16:13 - 2017-06-18 16:13 - 01034556 _____ C:\Users\Sébastien\Downloads\Windows6.1-KB2999226-x64.msu 2017-06-18 16:05 - 2017-06-18 16:05 - 00000000 ____D C:\inetpub 2017-06-18 11:21 - 2017-06-18 11:21 - 00745929 _____ C:\Users\Sébastien\Downloads\Le loup qui voyageait dans le temps doc 4 Antiquité 2 CP (1).pdf 2017-06-18 11:21 - 2017-06-18 11:21 - 00697983 _____ C:\Users\Sébastien\Downloads\Le loup qui voyageait dans le temps doc 2 Préhistoire Homme de Cro magnon CP (2).pdf 2017-06-18 11:21 - 2017-06-18 11:21 - 00500117 _____ C:\Users\Sébastien\Downloads\Le loup qui voyageait dans le temps doc 1 Dinosaures CP.pdf 2017-06-18 11:20 - 2017-06-18 11:20 - 00672909 _____ C:\Users\Sébastien\Downloads\Le loup qui voyageait dans le temps doc 3 Antiquité 1 CP Sanléane (1).pdf 2017-06-18 11:19 - 2017-06-18 11:19 - 00731453 _____ C:\Users\Sébastien\Downloads\Le loup qui voyageait dans le temps doc 8 Epoque comtemporaine conquête spatiale CP Sanléane.pdf 2017-06-18 11:19 - 2017-06-18 11:19 - 00258823 _____ C:\Users\Sébastien\Downloads\Le loup qui voyageait dans le temps doc 8 la conquete spatiale Q.pdf 2017-06-18 11:19 - 2017-06-18 11:19 - 00253780 _____ C:\Users\Sébastien\Downloads\Le loup qui voyageait dans le temps doc 7 louis XIV Q.pdf 2017-06-18 11:18 - 2017-06-18 11:18 - 00603435 _____ C:\Users\Sébastien\Downloads\Le loup qui voyageait dans le temps doc 7 Les temps modernes 2 CP Sanléane.pdf 2017-06-18 11:18 - 2017-06-18 11:18 - 00546051 _____ C:\Users\Sébastien\Downloads\Le loup qui voyageait dans le temps doc 5 Moyen Age CP Sanléane (1).pdf 2017-06-18 11:18 - 2017-06-18 11:18 - 00455985 _____ C:\Users\Sébastien\Downloads\Le loup qui voyageait dans le temps doc 6 Les temps modernes CP Sanléane.pdf 2017-06-18 11:17 - 2017-06-18 11:17 - 00342034 _____ C:\Users\Sébastien\Downloads\Le loup qui voyageait dans le temps doc 5 Moyen Age E CE1 Sanléane (1).pdf 2017-06-18 11:16 - 2017-06-18 11:16 - 00510365 _____ C:\Users\Sébastien\Downloads\Le loup qui voyageait dans le temps doc 6 La renaissance CP Sanléane.pdf 2017-06-17 13:01 - 2017-06-17 13:01 - 00180455 _____ C:\Users\Sébastien\Downloads\bilan_periodique_2017-06-17T13-01-34.pdf 2017-06-16 15:06 - 2017-06-16 15:06 - 00954265 _____ C:\Users\Sébastien\Downloads\Certificat médical 16 juin 2017 sébastien Attagant modifié.pdf 2017-06-16 11:40 - 2017-06-16 11:40 - 00178378 _____ C:\Users\Sébastien\Downloads\bilan_periodique_2017-06-16T11-40-36.pdf 2017-06-15 16:04 - 2017-06-15 16:04 - 00000016 _____ C:\InjectIntoProcess crash 2017-06-15 15:34 - 2017-06-15 15:34 - 00000000 ____D C:\Users\Sébastien\Documents\HpReg_Backup 2017-06-15 15:32 - 2017-06-15 15:32 - 00002010 _____ C:\Users\Public\Desktop\HP Print and Scan Doctor.lnk 2017-06-15 15:32 - 2017-06-15 15:32 - 00000000 ____D C:\Users\Sébastien\AppData\Roaming\HPPSDr 2017-06-15 15:30 - 2017-06-15 15:31 - 10581280 _____ C:\Users\Sébastien\Downloads\HPPSdr.exe 2017-06-15 15:12 - 2017-06-15 15:12 - 00154557 _____ C:\Users\Sébastien\Downloads\bilan_periodique_2017-06-15T15-12-23.pdf 2017-06-14 14:05 - 2017-06-14 14:05 - 01165315 _____ C:\Users\Sébastien\Downloads\ATTAGNANT IRPP 2017.PDF 2017-06-13 14:01 - 2017-06-27 19:10 - 00084256 _____ (Malwarebytes) C:\Windows\system32\Drivers\mwac.sys 2017-06-13 14:01 - 2017-06-26 21:11 - 00113592 _____ (Malwarebytes) C:\Windows\system32\Drivers\farflt.sys 2017-06-13 14:01 - 2017-06-13 14:01 - 00188312 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMChameleon.sys 2017-06-13 14:00 - 2017-07-12 09:56 - 00252832 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys 2017-06-13 14:00 - 2017-06-26 21:11 - 00044960 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbam.sys 2017-06-13 14:00 - 2017-06-14 07:33 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes 2017-06-13 14:00 - 2017-06-13 14:01 - 00001992 _____ C:\Users\Public\Desktop\Malwarebytes.lnk 2017-06-13 14:00 - 2017-06-13 14:00 - 00000000 ____D C:\Program Files\Malwarebytes 2017-06-13 14:00 - 2017-05-25 11:58 - 00077376 _____ C:\Windows\system32\Drivers\mbae64.sys ==================== Un mois - Modifiés - fichiers et dossiers ======== (Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.) 2017-07-12 12:01 - 2009-07-14 06:45 - 00018736 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 2017-07-12 12:01 - 2009-07-14 06:45 - 00018736 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 2017-07-12 09:56 - 2009-07-14 07:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT 2017-07-12 09:56 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\inf 2017-07-11 23:39 - 2016-05-15 19:48 - 00000000 ____D C:\AdwCleaner 2017-07-11 23:33 - 2017-03-15 20:22 - 00004174 _____ C:\Windows\System32\Tasks\Avast Emergency Update 2017-07-11 21:40 - 2016-06-22 18:08 - 00000570 ____H C:\Windows\Tasks\Norton Product InstallerIdle.job 2017-07-11 20:59 - 2009-07-14 07:13 - 01677594 _____ C:\Windows\system32\PerfStringBackup.INI 2017-07-11 20:59 - 2006-10-11 00:40 - 00750454 _____ C:\Windows\system32\perfh00C.dat 2017-07-11 20:59 - 2006-10-11 00:40 - 00151100 _____ C:\Windows\system32\perfc00C.dat 2017-07-11 20:57 - 2016-11-18 23:01 - 00000000 ____D C:\Users\Sébastien\AppData\Local\Spotify 2017-07-11 20:39 - 2012-04-01 20:16 - 00803328 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe 2017-07-11 20:39 - 2012-04-01 20:16 - 00004484 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater 2017-07-11 20:39 - 2012-03-25 11:01 - 00000000 ____D C:\Windows\system32\Macromed 2017-07-11 20:39 - 2011-11-12 12:18 - 00144896 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl 2017-07-11 20:39 - 2009-10-17 04:36 - 00000000 ____D C:\Windows\SysWOW64\Macromed 2017-07-11 20:09 - 2011-10-24 15:56 - 00000000 ____D C:\Users\Sébastien\AppData\Roaming\Spotify 2017-07-11 19:45 - 2010-03-04 19:21 - 00003944 _____ C:\Windows\System32\Tasks\User_Feed_Synchronization-{91102EC9-F723-4D42-8913-FDD0A1D18E49} 2017-07-11 11:44 - 2011-12-12 20:38 - 00000000 ____D C:\Windows\Minidump 2017-07-11 10:30 - 2015-11-01 16:23 - 00002471 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk 2017-07-10 21:12 - 2015-06-17 21:35 - 00000000 ____D C:\Users\Sébastien\Documents\Sauvegarde registre 2017-07-10 20:43 - 2015-04-27 12:49 - 00000000 ____D C:\Users\Sébastien\AppData\Roaming\ZHP 2017-07-10 19:46 - 2009-07-14 07:08 - 00032482 _____ C:\Windows\Tasks\SCHEDLGU.TXT 2017-07-10 19:03 - 2012-05-17 23:18 - 00000000 ____D C:\Program Files\Microsoft Silverlight 2017-07-10 19:03 - 2012-05-17 23:18 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight 2017-07-10 18:40 - 2017-02-05 13:06 - 00000681 _____ C:\Users\Sébastien\Desktop\ZHPCleaner.lnk 2017-07-10 18:40 - 2015-04-27 13:43 - 02818432 _____ C:\Users\Sébastien\ZHPCleaner.exe 2017-07-10 18:40 - 2010-01-16 11:47 - 00000000 ____D C:\Users\Sébastien 2017-07-09 10:32 - 2013-03-16 12:09 - 00361336 _____ (AVAST Software) C:\Windows\system32\Drivers\aswvmm.sys 2017-07-09 10:31 - 2017-03-15 20:22 - 00343264 _____ (AVAST Software s.r.o.) C:\Windows\system32\Drivers\aswbloga.sys 2017-07-09 10:31 - 2017-03-15 20:22 - 00319984 _____ (AVAST Software s.r.o.) C:\Windows\system32\Drivers\aswbidsdrivera.sys 2017-07-09 10:31 - 2017-03-15 20:22 - 00198944 _____ (AVAST Software s.r.o.) C:\Windows\system32\Drivers\aswbidsha.sys 2017-07-09 10:31 - 2017-03-15 20:22 - 00057704 _____ (AVAST Software s.r.o.) C:\Windows\system32\Drivers\aswbuniva.sys 2017-07-09 10:31 - 2016-04-26 20:47 - 00041800 _____ (AVAST Software) C:\Windows\system32\Drivers\aswKbd.sys 2017-07-09 10:31 - 2014-05-02 17:53 - 00046984 _____ (AVAST Software) C:\Windows\system32\Drivers\aswHwid.sys 2017-07-09 10:31 - 2014-01-02 16:46 - 00198768 _____ (AVAST Software) C:\Windows\system32\Drivers\aswStm.sys 2017-07-09 10:31 - 2013-03-16 12:09 - 00360792 _____ (AVAST Software) C:\Windows\system32\Drivers\aswvmm.sys.149958914985106 2017-07-09 10:31 - 2013-03-16 12:09 - 00084392 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRvrt.sys 2017-07-09 10:31 - 2012-02-26 20:41 - 00110352 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys 2017-07-09 10:31 - 2011-06-15 00:28 - 01015848 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys 2017-07-09 10:31 - 2010-02-17 18:12 - 00585608 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys 2017-07-09 10:31 - 2010-02-17 18:12 - 00146664 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys 2017-07-08 19:41 - 2012-05-17 23:19 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight 2017-07-07 21:34 - 2015-01-22 21:20 - 00000835 _____ C:\Users\Public\Desktop\VLC media player.lnk 2017-07-07 19:50 - 2012-07-09 17:33 - 00000000 ____D C:\ProgramData\AVAST Software 2017-07-06 21:12 - 2016-07-08 16:57 - 00000000 ____D C:\ProgramData\ProductData 2017-06-30 21:18 - 2013-04-15 18:24 - 00000000 ____D C:\ProgramData\Skype 2017-06-28 05:03 - 2015-11-14 21:06 - 00002199 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk 2017-06-28 05:03 - 2015-11-14 21:06 - 00002187 _____ C:\Users\Public\Desktop\Google Chrome.lnk 2017-06-28 05:01 - 2010-02-09 15:49 - 00000000 ____D C:\Users\Sébastien\Documents\Mes Projets 2017-06-28 05:00 - 2015-04-30 12:57 - 00000000 ____D C:\Users\Sébastien\Documents\Documents Admninistratifs 2017-06-28 05:00 - 2010-10-09 12:13 - 00000000 ____D C:\Users\Sébastien\Documents\documents utiles 2017-06-27 21:01 - 2015-09-27 12:38 - 00000000 ____D C:\Program Files (x86)\Dropbox 2017-06-24 22:02 - 2017-04-09 19:48 - 00000000 ____D C:\Users\Sébastien\AppData\Local\ZHP 2017-06-21 15:07 - 2015-06-20 02:27 - 00003434 _____ C:\Windows\System32\Tasks\RealDownloader Update Check 2017-06-21 13:58 - 2010-02-03 20:59 - 00000000 ____D C:\Users\Sébastien\AppData\Roaming\Real 2017-06-21 13:57 - 2014-05-02 16:30 - 00000000 ____D C:\ProgramData\Package Cache 2017-06-21 13:57 - 2010-02-03 21:02 - 00000000 ____D C:\ProgramData\Real 2017-06-21 13:50 - 2013-01-02 11:39 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RealNetworks 2017-06-21 13:50 - 2010-02-03 21:02 - 00000000 ____D C:\Program Files (x86)\Real 2017-06-21 13:48 - 2016-09-19 21:44 - 00512392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvcp71.dll 2017-06-21 13:48 - 2016-09-19 21:44 - 00360840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvcr71.dll 2017-06-18 17:30 - 2015-02-13 12:07 - 00000000 ____D C:\Windows\rescache 2017-06-18 16:05 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\SysWOW64\inetsrv 2017-06-18 16:05 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\system32\inetsrv 2017-06-15 20:48 - 2010-02-27 13:33 - 00000000 ____D C:\Users\Sébastien\Documents\Blagues 2017-06-15 16:15 - 2014-07-25 11:18 - 00000000 ____D C:\Windows\pss 2017-06-15 15:32 - 2010-01-16 11:57 - 00000000 ____D C:\ProgramData\HP 2017-06-15 15:31 - 2010-01-16 11:59 - 00000000 ____D C:\Program Files (x86)\HP 2017-06-14 07:34 - 2016-07-08 16:58 - 00000000 ____D C:\Users\Sébastien\AppData\Roaming\ProductData 2017-06-14 07:34 - 2015-12-03 21:30 - 00000000 ____D C:\Windows\System32\Tasks\AVAST Software 2017-06-14 07:34 - 2012-10-04 18:17 - 00000000 ____D C:\Users\Invité 2017-06-14 07:33 - 2017-03-15 20:28 - 00000000 ___RD C:\Program Files (x86)\Skype 2017-06-14 07:33 - 2010-07-06 18:52 - 00000000 ____D C:\Program Files (x86)\Morphyre 2017-06-13 22:08 - 2015-07-02 08:50 - 00000000 ____D C:\Users\Sébastien\AppData\Local\Dropbox 2017-06-13 14:00 - 2014-07-25 11:11 - 00000000 ____D C:\ProgramData\Malwarebytes 2017-06-13 14:00 - 2014-07-25 11:11 - 00000000 ____D C:\Program Files (x86)\Malwarebytes Anti-Malware ==================== Fichiers à la racine de certains dossiers ======= 2009-10-17 04:04 - 2009-02-10 21:23 - 0192484 _____ () C:\Program Files (x86)\Common Files\Acer GameZone online.ico 2015-10-18 14:15 - 2015-10-18 14:15 - 0000191 _____ () C:\Users\Sébastien\AppData\Roaming\.lirecouleur 2010-04-06 14:32 - 2009-11-04 13:49 - 0076407 _____ () C:\Users\Sébastien\AppData\Roaming\Smiley.ico 2010-02-09 15:48 - 2015-03-15 16:24 - 0000262 _____ () C:\Users\Sébastien\AppData\Roaming\wklnhst.dat 2010-03-24 19:17 - 2016-10-08 14:02 - 0009216 _____ () C:\Users\Sébastien\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini 2015-07-04 13:36 - 2015-10-17 16:41 - 0007657 _____ () C:\Users\Sébastien\AppData\Local\Resmon.ResmonCfg 2013-12-23 12:07 - 2013-12-23 12:07 - 0000057 _____ () C:\ProgramData\Ament.ini 2010-01-16 11:57 - 2017-06-15 15:34 - 0001365 _____ () C:\ProgramData\hpzinstall.log Fichiers à déplacer ou supprimer: ==================== C:\Users\Sébastien\ZHPCleaner.exe ==================== Bamital & volsnap ====================== (Il n'y a pas de correction automatique pour les fichiers qui ne satisfont pas à la vérification.) C:\Windows\system32\winlogon.exe => Le fichier est signé numériquement C:\Windows\system32\wininit.exe => Le fichier est signé numériquement C:\Windows\SysWOW64\wininit.exe => Le fichier est signé numériquement C:\Windows\explorer.exe => Le fichier est signé numériquement C:\Windows\SysWOW64\explorer.exe => Le fichier est signé numériquement C:\Windows\system32\svchost.exe => Le fichier est signé numériquement C:\Windows\SysWOW64\svchost.exe => Le fichier est signé numériquement C:\Windows\system32\services.exe => Le fichier est signé numériquement C:\Windows\system32\User32.dll => Le fichier est signé numériquement C:\Windows\SysWOW64\User32.dll => Le fichier est signé numériquement C:\Windows\system32\userinit.exe => Le fichier est signé numériquement C:\Windows\SysWOW64\userinit.exe => Le fichier est signé numériquement C:\Windows\system32\rpcss.dll => Le fichier est signé numériquement C:\Windows\system32\dnsapi.dll => Le fichier est signé numériquement C:\Windows\SysWOW64\dnsapi.dll => Le fichier est signé numériquement C:\Windows\system32\Drivers\volsnap.sys => Le fichier est signé numériquement LastRegBack: 2017-07-02 22:00 ==================== Fin de FRST.txt ============================