Publicité
Publicité
Format du document : text/plain
Prévisualisation
Résultats d'analyse de Farbar Recovery Scan Tool (FRST) (x64) Version:17-02-2016
Exécuté par Mélanie (administrateur) sur LAPTOP-TMHHHQPC (19-02-2016 18:26:10)
Exécuté depuis C:\Users\Mélanie\Desktop
Profils chargés: Mélanie (Profils disponibles: Mélanie)
Platform: Windows 10 Home (X64) Langue: Français (France)
Internet Explorer Version 11 (Navigateur par défaut: IE)
Mode d'amorçage: Normal
Tutoriel pour Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processus (Avec liste blanche) =================
(Si un élément est inclus dans le fichier fixlist.txt, le processus sera arrêté. Le fichier ne sera pas déplacé.)
(AMD) C:\Windows\System32\atiesrxx.exe
(Broadcom Corporation.) C:\Windows\System32\BtwRSupportService.exe
(Amazon Inc.) C:\Program Files (x86)\Amazon\Amazon1ButtonApp\Amazon1ButtonService64.Exe
(F-Secure Corporation) C:\Program Files (x86)\SFR Sécurité\apps\CCF_Reputation\fsorsp.exe
(Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
(F-Secure Corporation) C:\Program Files (x86)\SFR Sécurité\fshoster32.exe
(Acer Incorporated) C:\Program Files (x86)\Acer\AOP Framework\CCDMonitorService.exe
(F-Secure Corporation) C:\Program Files (x86)\SFR Sécurité\apps\ComputerSecurity\Anti-Virus\fsgk32.exe
(F-Secure Corporation) C:\Program Files (x86)\SFR Sécurité\apps\ComputerSecurity\Common\FSMA32.EXE
(F-Secure Corporation) C:\Program Files (x86)\SFR Sécurité\apps\ComputerSecurity\Anti-Virus\fssm32.exe
(F-Secure Corporation) C:\Program Files (x86)\SFR Sécurité\apps\ComputerSecurity\Common\FSHDLL64.EXE
(Acer Incorporated) C:\Program Files\Acer\Acer Quick Access\QASvc.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Quick Access\QALSvc.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe
(Acer Cloud Technology) C:\Program Files (x86)\Acer\AOP Framework\acer\ccd.exe
(acer) C:\Program Files\Acer\User Experience Improvement Program\Framework\UBTService.exe
(AMD) C:\Windows\System32\atieclxx.exe
(SweetLabs, Inc) C:\Users\Mélanie\AppData\Local\Host App Service\Engine\HostAppServiceUpdater.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Quick Access\QAAgent.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Quick Access\QALockHandler.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Quick Access\QAAdminAgent.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(F-Secure Corporation) C:\Program Files (x86)\SFR Sécurité\fshoster32.exe
(F-Secure Corporation) C:\Program Files (x86)\SFR Sécurité\apps\ComputerSecurity\Common\FSM32.EXE
() C:\Program Files (x86)\Acer\abDocs\abDocsDllLoaderMonitor.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerTray.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerEvent.exe
(Acer Incorporated) C:\Program Files (x86)\Acer\AOP Framework\BackgroundAgent.exe
() C:\Program Files (x86)\Acer\Care Center\ACCStd.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe
(Microsoft Corporation) C:\Windows\System32\browser_broker.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
(Enigma Software Group USA, LLC.) C:\Program Files\Enigma Software Group\SpyHunter\SpyHunter4.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
(Microsoft Corporation) C:\Windows\System32\DataExchangeHost.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
(Microsoft Corporation) C:\Windows\System32\InstallAgent.exe
(Microsoft Corporation) C:\Windows\SysWOW64\notepad.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
==================== Registre (Avec liste blanche) ===========================
(Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé. Le fichier ne sera pas déplacé.)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13876952 2015-05-20] (Realtek Semiconductor)
HKLM-x32\...\Run: [abDocsDllLoader] => C:\Program Files (x86)\Acer\abDocs\abDocsDllLoader.exe [91488 2015-11-23] ()
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [767176 2015-07-15] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [F-Secure Hoster (44996002)] => C:\Program Files (x86)\SFR Sécurité\fshoster32.exe [193064 2015-08-17] (F-Secure Corporation)
HKLM-x32\...\Run: [F-Secure Manager] => C:\Program Files (x86)\SFR Sécurité\apps\ComputerSecurity\Common\FSM32.EXE [306216 2015-10-07] (F-Secure Corporation)
HKU\S-1-5-21-3992069561-2133264890-3329846514-1001\...\Run: [C] => C:\Windows\system32\GroupPolicy\Machine\Registry.pol [750 2016-02-17] ()
HKU\S-1-5-21-3992069561-2133264890-3329846514-1001\...\RunOnce: [Uninstall C:\Users\M�lanie\AppData\Local\Microsoft\OneDrive\17.3.5892.0626\amd64] => C:\Windows\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Mélanie\AppData\Local\Microsoft\OneDrive\17.3.5892.0626\amd64"
HKU\S-1-5-21-3992069561-2133264890-3329846514-1001\...\RunOnce: [Uninstall C:\Users\M�lanie\AppData\Local\Microsoft\OneDrive\17.3.6281.1202\amd64] => C:\Windows\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Mélanie\AppData\Local\Microsoft\OneDrive\17.3.6281.1202\amd64"
ShellIconOverlayIdentifiers: [ ACloudSynced] -> {5CCE71FA-9F61-4F24-9CD1-98D819B40D68} => C:\Program Files (x86)\Acer\shellext\x64\shellext_win.dll [2016-01-19] (Acer Incorporated)
ShellIconOverlayIdentifiers: [ ACloudSyncing] -> {C1E1456F-C2D8-4C96-870D-35F1E13941EE} => C:\Program Files (x86)\Acer\shellext\x64\shellext_win.dll [2016-01-19] (Acer Incorporated)
ShellIconOverlayIdentifiers: [ ACloudToBeSynced] -> {307523FA-DDC0-4068-983F-2A6B34627744} => C:\Program Files (x86)\Acer\shellext\x64\shellext_win.dll [2016-01-19] (Acer Incorporated)
GroupPolicy: Restriction - Chrome <======= ATTENTION
GroupPolicy-x32: Restriction - Chrome <======= ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Restriction <======= ATTENTION
==================== Internet (Avec liste blanche) ====================
(Si un élément est inclus dans le fichier fixlist.txt, s'il s'agit d'un élément du Registre, il sera supprimé ou restauré à la valeur par défaut.)
AutoConfigURL: [S-1-5-21-3992069561-2133264890-3329846514-1001] => hxxps://ecosmartfilter.com/adblock.dat?7e889cc2a119bfaa5e9572a98039aec75986861427cab193d40ea7eab007e909158353
Tcpip\Parameters: [DhcpNameServer] 89.2.0.10
Tcpip\..\Interfaces\{07cc5cad-da93-4887-92ac-7964ef36071d}: [DhcpNameServer] 89.2.0.10
Tcpip\..\Interfaces\{58590e3b-0af1-4cef-90e1-c64b60c653b1}: [DhcpNameServer] 89.2.0.10
ManualProxies: 0https://ecosmartfilter.com/adblock.dat?7e889cc2a119bfaa5e9572a98039aec75986861427cab193d40ea7eab007e909158353
Internet Explorer:
==================
HKU\S-1-5-21-3992069561-2133264890-3329846514-1001\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://google.fr
HKU\S-1-5-21-3992069561-2133264890-3329846514-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://www.google.fr/
HKU\S-1-5-21-3992069561-2133264890-3329846514-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://acer15.msn.com/?pc=ACTE
HKU\S-1-5-21-3992069561-2133264890-3329846514-1001\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://homepage-web.com/?s=acer&m=start
URLSearchHook: [S-1-5-21-3992069561-2133264890-3329846514-1001] ATTENTION => URLSearchHook par défaut est absent
URLSearchHook: HKU\S-1-5-21-3992069561-2133264890-3329846514-1001 - (Pas de nom) - {0633EE93-D776-472f-A0FF-E1416B8B2E3D} - Pas de fichier
SearchScopes: HKLM -> {AA9A4890-4262-4441-8977-E2FFCBFB706C} URL = hxxp://fr.yhs4.search.yahoo.com/yhs/search?hspart=acer&hsimp=yhs-acer_001&p={searchTerms}
SearchScopes: HKLM-x32 -> {AA9A4890-4262-4441-8977-E2FFCBFB706C} URL = hxxp://fr.yhs4.search.yahoo.com/yhs/search?hspart=acer&hsimp=yhs-acer_001&p={searchTerms}
SearchScopes: HKU\S-1-5-21-3992069561-2133264890-3329846514-1001 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3C} URL =
SearchScopes: HKU\S-1-5-21-3992069561-2133264890-3329846514-1001 -> {AA9A4890-4262-4441-8977-E2FFCBFB706C} URL = hxxp://fr.yhs4.search.yahoo.com/yhs/search?hspart=acer&hsimp=yhs-acer_001&p={searchTerms}
SearchScopes: HKU\S-1-5-21-3992069561-2133264890-3329846514-1001 -> {CAA307EE-DF2C-458F-98BE-8DE40D00693A} URL =
BHO: Browsing Protection by F-Secure -> {45BBE08D-81C5-4A67-AF20-B2A077C67747} -> C:\Program Files (x86)\SFR Sécurité\apps\CCF_Scanning\bin\browser\install\fs_ie_https\fs_ie_https64.dll [2016-01-11] (F-Secure Corporation)
BHO: Search by F-Secure -> {690EF1CF-5775-4CB3-A5B8-85A63FD0262B} -> C:\Program Files (x86)\SFR Sécurité\apps\SafeSearch\IE\FSSafeSearch64.dll [2015-11-19] (F-Secure Corporation)
BHO-x32: Browsing Protection by F-Secure -> {45BBE08D-81C5-4A67-AF20-B2A077C67747} -> C:\Program Files (x86)\SFR Sécurité\apps\CCF_Scanning\bin\browser\install\fs_ie_https\fs_ie_https.dll [2016-01-11] (F-Secure Corporation)
BHO-x32: Search by F-Secure -> {690EF1CF-5775-4CB3-A5B8-85A63FD0262B} -> C:\Program Files (x86)\SFR Sécurité\apps\SafeSearch\IE\FSSafeSearch.dll [2015-11-19] (F-Secure Corporation)
Toolbar: HKLM - Search by F-Secure Toolbar - {B242FC32-2B60-48EA-A8E3-2E280EDBC48F} - C:\Program Files (x86)\SFR Sécurité\apps\SafeSearch\IE\FSSafeSearch64.dll [2015-11-19] (F-Secure Corporation)
Toolbar: HKLM-x32 - Search by F-Secure Toolbar - {B242FC32-2B60-48EA-A8E3-2E280EDBC48F} - C:\Program Files (x86)\SFR Sécurité\apps\SafeSearch\IE\FSSafeSearch.dll [2015-11-19] (F-Secure Corporation)
FireFox:
========
FF ProfilePath: C:\Users\Mélanie\AppData\Roaming\Mozilla\Firefox\Profiles\5iedtqhg.default
FF DefaultSearchEngine: Web Search
FF SelectedSearchEngine: Web Search
FF Homepage: hxxps://www.malwarebytes.org/restorebrowser//?s=acer&m=start
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.xdp -> C:\Program Files (x86)\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [Pas de fichier]
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.xfdf -> C:\Program Files (x86)\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [Pas de fichier]
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-02-19] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-02-19] (Google Inc.)
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll [Pas de fichier]
FF Extension: Français Language Pack - C:\Users\Mélanie\AppData\Roaming\Mozilla\Firefox\Profiles\5iedtqhg.default\Extensions\langpack-fr@firefox.mozilla.org.xpi [2015-12-29]
FF Extension: Russian (RU) Language Pack - C:\Users\Mélanie\AppData\Roaming\Mozilla\Firefox\Profiles\5iedtqhg.default\Extensions\langpack-ru@firefox.mozilla.org.xpi [2015-12-29]
FF Extension: Slovak (SK) Language Pack - C:\Users\Mélanie\AppData\Roaming\Mozilla\Firefox\Profiles\5iedtqhg.default\Extensions\langpack-sk@firefox.mozilla.org.xpi [2015-12-29]
FF Extension: Slovenski jezik Language Pack - C:\Users\Mélanie\AppData\Roaming\Mozilla\Firefox\Profiles\5iedtqhg.default\Extensions\langpack-sl@firefox.mozilla.org.xpi [2015-12-29]
FF Extension: српски (sr) Language Pack - C:\Users\Mélanie\AppData\Roaming\Mozilla\Firefox\Profiles\5iedtqhg.default\Extensions\langpack-sr@firefox.mozilla.org.xpi [2015-12-29]
FF Extension: Svenska (SE) Language Pack - C:\Users\Mélanie\AppData\Roaming\Mozilla\Firefox\Profiles\5iedtqhg.default\Extensions\langpack-sv-SE@firefox.mozilla.org.xpi [2015-12-29]
FF Extension: Thai Language Pack - C:\Users\Mélanie\AppData\Roaming\Mozilla\Firefox\Profiles\5iedtqhg.default\Extensions\langpack-th@firefox.mozilla.org.xpi [2015-12-29]
FF Extension: Türkçe (TR) Language Pack - C:\Users\Mélanie\AppData\Roaming\Mozilla\Firefox\Profiles\5iedtqhg.default\Extensions\langpack-tr@firefox.mozilla.org.xpi [2015-12-29]
FF Extension: Ukrainian (UA) Language Pack - C:\Users\Mélanie\AppData\Roaming\Mozilla\Firefox\Profiles\5iedtqhg.default\Extensions\langpack-uk@firefox.mozilla.org.xpi [2015-12-29]
FF Extension: Chinese Simplified (zh-CN) Language Pack - C:\Users\Mélanie\AppData\Roaming\Mozilla\Firefox\Profiles\5iedtqhg.default\Extensions\langpack-zh-CN@firefox.mozilla.org.xpi [2015-12-29]
FF Extension: Traditional Chinese (zh-TW) Language Pack - C:\Users\Mélanie\AppData\Roaming\Mozilla\Firefox\Profiles\5iedtqhg.default\Extensions\langpack-zh-TW@firefox.mozilla.org.xpi [2015-12-29]
FF HKLM-x32\...\Firefox\Extensions: [ols@f-secure.com] - C:\Program Files (x86)\SFR Sécurité\apps\CCF_Scanning\bin\browser\install\fs_firefox_https\fs_firefox_https.xpi
FF Extension: Browsing Protection by F-Secure - C:\Program Files (x86)\SFR Sécurité\apps\CCF_Scanning\bin\browser\install\fs_firefox_https\fs_firefox_https.xpi [2016-01-11]
Chrome:
=======
CHR DefaultSearchKeyword: Profile 2 -> safe
CHR Profile: C:\Users\Mélanie\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Slides) - C:\Users\Mélanie\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2016-01-10]
CHR Extension: (Google Docs) - C:\Users\Mélanie\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2016-01-10]
CHR Extension: (Google Drive) - C:\Users\Mélanie\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-01-10]
CHR Extension: (YouTube) - C:\Users\Mélanie\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-01-10]
CHR Extension: (Recherche Google) - C:\Users\Mélanie\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2016-01-10]
CHR Extension: (Google Sheets) - C:\Users\Mélanie\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2016-01-10]
CHR Extension: (Google Docs hors connexion) - C:\Users\Mélanie\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-01-10]
CHR Extension: (Browsing Protection by F-Secure) - C:\Users\Mélanie\AppData\Local\Google\Chrome\User Data\Default\Extensions\jmjjnhpacphpjmnnlnccpfmhkcloaade [2016-01-12]
CHR Extension: (Paiements via le Chrome Web Store) - C:\Users\Mélanie\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-01-10]
CHR Extension: (Gmail) - C:\Users\Mélanie\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-01-10]
CHR Profile: C:\Users\Mélanie\AppData\Local\Google\Chrome\User Data\Profile 2
CHR Extension: (Paiements via le Chrome Web Store) - C:\Users\Mélanie\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-02-19]
CHR HKU\S-1-5-21-3992069561-2133264890-3329846514-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [gkmikccifolokanfakbeadbmgchomeli] - C:\Program Files (x86)\SFR Sécurité\apps\SafeSearch\Chrome\main.crx [2015-11-04]
CHR HKLM-x32\...\Chrome\Extension: [jmjjnhpacphpjmnnlnccpfmhkcloaade] - C:/Program Files (x86)/SFR Sécurité/apps/CCF_Scanning/bin/browser/install/fs_chrome_https/fs_chrome_https.crx [2015-06-03]
==================== Services (Avec liste blanche) ========================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
R2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [2020056 2016-02-09] (Adobe Systems, Incorporated)
R2 Amazon 1Button App Service; c:\Program Files (x86)\Amazon\Amazon1ButtonApp\Amazon1ButtonService64.Exe [456000 2015-09-17] (Amazon Inc.)
R2 BcmBtRSupport; C:\Windows\system32\BtwRSupportService.exe [2278152 2015-09-17] (Broadcom Corporation.)
R2 CCDMonitorService; C:\Program Files (x86)\Acer\AOP Framework\CCDMonitorService.exe [2860760 2016-01-14] (Acer Incorporated)
R3 ePowerSvc; C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe [2573568 2015-05-14] (Acer Incorporated)
R2 fshoster; C:\Program Files (x86)\SFR Sécurité\fshoster32.exe [193064 2015-08-17] (F-Secure Corporation)
R3 FSMA; C:\Program Files (x86)\SFR Sécurité\apps\ComputerSecurity\Common\FSMA32.EXE [216104 2015-10-07] (F-Secure Corporation)
R2 FSORSPClient; C:\Program Files (x86)\SFR Sécurité\apps\CCF_Reputation\fsorsp.exe [60456 2015-12-25] (F-Secure Corporation)
S2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1513784 2015-10-05] (Malwarebytes)
S2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1135416 2015-10-05] (Malwarebytes)
R3 QALSvc; C:\Program Files\Acer\Acer Quick Access\QALSvc.exe [398176 2015-07-09] (Acer Incorporated)
R3 QASvc; C:\Program Files\Acer\Acer Quick Access\QASvc.exe [450400 2015-07-09] (Acer Incorporated)
S2 SpyHunter 4 Service; C:\Program Files\Enigma Software Group\SpyHunter\SH4Service.exe [1042304 2016-02-19] (Enigma Software Group USA, LLC.)
R3 UEIPSvc; C:\Program Files\Acer\User Experience Improvement Program\Framework\UBTService.exe [247040 2015-05-27] (acer)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [362928 2015-07-10] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [24864 2015-07-10] (Microsoft Corporation)
S3 GamesAppService; "C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe" [X]
S2 mccspsvc; "C:\Program Files\Common Files\McAfee\CSP\1.5.450.0\McCSPServiceHost.exe" [X]
===================== Pilotes (Avec liste blanche) ==========================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
R3 AtiHDAudioService; C:\Windows\system32\drivers\AtihdWT6.sys [102912 2015-05-28] (Advanced Micro Devices)
R3 bcbtums; C:\Windows\system32\drivers\bcbtums.sys [199472 2015-09-17] (Broadcom Corporation.)
R3 BCM43XX; C:\Windows\system32\DRIVERS\bcmwl63a.sys [7593176 2015-07-10] (Broadcom Corporation)
R3 esgiguard; C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys [15920 2016-02-19] (Enigma Software Group USA, LLC.)
S3 EsgScanner; C:\Windows\System32\DRIVERS\EsgScanner.sys [22704 2016-02-19] ()
R3 ETDI2C; C:\Windows\system32\DRIVERS\ETDI2C.sys [175288 2015-04-14] (ELAN Microelectronic Corp.)
R3 F-Secure Gatekeeper; C:\Program Files (x86)\SFR Sécurité\apps\ComputerSecurity\Anti-Virus\minifilter\fsgk.sys [219128 2015-12-27] (F-Secure Corporation)
R1 F-Secure HIPS; C:\Program Files (x86)\SFR Sécurité\apps\ComputerSecurity\HIPS\drivers\fshs.sys [97352 2016-02-12] (F-Secure Corporation)
R0 fsbts; C:\Windows\System32\Drivers\fsbts.sys [75448 2016-01-12] ()
R3 fsni; C:\Program Files (x86)\SFR Sécurité\apps\CCF_Scanning\bin\fsni64.sys [99968 2016-01-11] (F-Secure Corporation)
R3 Kb9xI2c; C:\Windows\System32\drivers\Kb9xI2c.sys [37888 2015-05-19] (ENE TECHNOLOGY INC.)
R3 LMDriver; C:\Windows\System32\drivers\LMDriver.sys [21344 2015-07-09] (Acer Incorporated)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2015-10-05] (Malwarebytes)
S3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [192216 2016-02-19] (Malwarebytes)
S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [64216 2015-10-05] (Malwarebytes Corporation)
R3 RadioShim; C:\Windows\System32\drivers\RadioShim.sys [14688 2015-07-09] (Acer Incorporated)
R3 rt640x64; C:\Windows\System32\drivers\rt640x64.sys [895256 2015-06-16] (Realtek )
S3 RTSUER; C:\Windows\system32\Drivers\RtsUer.sys [402136 2015-05-27] (Realsil Semiconductor Corporation)
S3 UdeCx; C:\Windows\System32\drivers\udecx.sys [44032 2015-07-10] ()
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44568 2015-07-10] (Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [291680 2015-07-10] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [119648 2015-07-10] (Microsoft Corporation)
S3 wfpcapture; \SystemRoot\System32\drivers\wfpcapture.sys [X]
==================== NetSvcs (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
==================== Un mois - Créés - fichiers et dossiers ========
(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)
2016-02-19 18:26 - 2016-02-19 18:27 - 00021761 _____ C:\Users\Mélanie\Desktop\FRST.txt
2016-02-19 18:25 - 2016-02-19 18:26 - 00000000 ____D C:\FRST
2016-02-19 18:25 - 2016-02-19 18:25 - 02371072 _____ (Farbar) C:\Users\Mélanie\Desktop\FRST64.exe
2016-02-19 18:20 - 2016-02-19 18:22 - 01722368 _____ (Farbar) C:\Users\Mélanie\Desktop\FRST.exe
2016-02-19 18:14 - 2016-02-19 18:14 - 00001303 _____ C:\Users\Mélanie\Desktop\ZHPFixReport.txt
2016-02-19 18:09 - 2016-02-19 18:10 - 00000000 ____D C:\Program Files (x86)\ZHPFix
2016-02-19 18:09 - 2016-02-19 18:09 - 03521617 _____ (Nicolas Coolman ) C:\Users\Mélanie\Desktop\ZHPFix.exe
2016-02-19 18:09 - 2016-02-19 18:09 - 00001926 _____ C:\Users\Public\Desktop\ZHPFix.lnk
2016-02-19 18:09 - 2016-02-19 18:09 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ZHP
2016-02-19 18:06 - 2016-02-19 18:06 - 00016148 _____ C:\Windows\system32\LAPTOP-TMHHHQPC_Mélanie_HistoryPrediction.bin
2016-02-19 15:21 - 2016-02-19 15:21 - 00002350 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-02-19 15:21 - 2016-02-19 15:21 - 00002338 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2016-02-19 15:20 - 2016-02-19 18:25 - 00001102 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2016-02-19 15:20 - 2016-02-19 15:25 - 00001098 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2016-02-19 15:20 - 2016-02-19 15:20 - 00004160 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2016-02-19 15:20 - 2016-02-19 15:20 - 00003928 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2016-02-19 15:20 - 2016-02-19 15:20 - 00000000 ____D C:\Program Files (x86)\Google
2016-02-19 15:19 - 2016-02-19 15:20 - 00987728 _____ (Google Inc.) C:\Users\Mélanie\Downloads\ChromeSetup.exe
2016-02-19 14:33 - 2016-02-19 14:33 - 00082605 _____ C:\Users\Mélanie\Desktop\ZHPDiag.txt
2016-02-19 14:21 - 2016-02-19 18:14 - 00000000 ____D C:\Users\Mélanie\AppData\Roaming\ZHP
2016-02-19 14:21 - 2016-02-19 14:21 - 00000871 _____ C:\Users\Mélanie\Desktop\ZHPDiag.lnk
2016-02-19 14:19 - 2016-02-19 14:20 - 02122752 _____ C:\Users\Mélanie\Downloads\ZHPDiag3.exe
2016-02-19 14:00 - 2016-02-19 14:00 - 00003450 _____ C:\Windows\System32\Tasks\SpyHunter4Startup
2016-02-19 14:00 - 2016-02-19 14:00 - 00001136 _____ C:\Users\Mélanie\Desktop\SpyHunter.lnk
2016-02-19 14:00 - 2016-02-19 14:00 - 00000000 ____D C:\Users\Mélanie\AppData\Roaming\Enigma Software Group
2016-02-19 14:00 - 2016-02-19 14:00 - 00000000 ____D C:\sh4ldr
2016-02-19 13:59 - 2016-02-19 13:59 - 03286400 _____ (Enigma Software Group USA, LLC.) C:\Users\Mélanie\Downloads\SpyHunter-Installer.exe
2016-02-19 13:59 - 2016-02-19 13:59 - 00022704 _____ C:\Windows\system32\Drivers\EsgScanner.sys
2016-02-19 13:59 - 2016-02-19 13:59 - 00000000 ____D C:\Program Files\Enigma Software Group
2016-02-19 13:44 - 2016-02-19 13:44 - 00000000 ____D C:\Users\Mélanie\AppData\Roaming\Microsoft\Windows\Start Menu\EcoSmartFilter
2016-02-19 13:43 - 2016-02-19 13:44 - 00000000 ____D C:\Program Files (x86)\EcoSmartFilter
2016-02-19 13:40 - 2016-02-19 13:41 - 00000000 ____D C:\ProgramData\InstallMachine
2016-02-19 13:28 - 2016-02-19 13:28 - 00000000 ___HD C:\OneDriveTemp
2016-02-19 06:33 - 2016-02-19 06:33 - 00000000 _____ C:\autoexec.bat
2016-02-19 05:55 - 2016-02-19 05:55 - 00000000 ___HD C:\temp
2016-02-19 05:52 - 2016-02-19 05:52 - 00000000 ____D C:\Users\Mélanie\AppData\Local\III
2016-02-19 04:15 - 2016-02-19 06:07 - 00192216 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2016-02-19 04:14 - 2016-02-19 04:14 - 00001179 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2016-02-19 04:14 - 2016-02-19 04:14 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2016-02-19 04:14 - 2016-02-19 04:14 - 00000000 ____D C:\ProgramData\Malwarebytes
2016-02-19 04:14 - 2016-02-19 04:14 - 00000000 ____D C:\Program Files (x86)\Malwarebytes Anti-Malware
2016-02-19 04:14 - 2015-10-05 09:50 - 00109272 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamchameleon.sys
2016-02-19 04:14 - 2015-10-05 09:50 - 00064216 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2016-02-19 04:14 - 2015-10-05 09:50 - 00025816 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbam.sys
2016-02-19 01:27 - 2016-02-19 07:03 - 00000000 ____D C:\Users\Mélanie\AppData\Local\FSDART
2016-02-19 01:08 - 2016-02-19 01:08 - 00000036 _____ C:\Windows\system32\L
2016-02-19 00:07 - 2015-12-09 04:39 - 00301728 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2016-02-18 23:13 - 2016-02-18 23:13 - 00000000 ____D C:\Users\Mélanie\AppData\Local\ElevatedDiagnostics
2016-02-18 22:08 - 2016-02-19 01:06 - 00000000 ____D C:\ProgramData\WinZip
2016-02-18 22:08 - 2016-02-18 22:08 - 00000000 ____D C:\Users\Mélanie\AppData\Local\Nico Mak Computing
2016-02-18 22:07 - 2016-02-18 22:07 - 00000000 ____D C:\ProgramData\UniqueId
2016-02-18 20:53 - 2016-02-18 21:25 - 00001006 _____ C:\Users\Mélanie\Documents\hosts.txt
2016-02-17 19:25 - 2016-02-19 01:08 - 00000290 __RSH C:\ProgramData\ntuser.pol
2016-02-17 19:25 - 2016-02-17 19:25 - 00000008 __RSH C:\Users\Mélanie\ntuser.pol
2016-02-17 18:38 - 2016-02-17 18:38 - 00000000 ____D C:\Users\Mélanie\AppData\Roaming\PDAppFlex
2016-02-10 10:16 - 2016-01-31 07:25 - 01951872 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2016-02-10 10:16 - 2016-01-31 07:25 - 01248896 _____ (Microsoft Corporation) C:\Windows\system32\WinTypes.dll
2016-02-10 10:16 - 2016-01-31 07:23 - 02601160 _____ (Microsoft Corporation) C:\Windows\system32\combase.dll
2016-02-10 10:16 - 2016-01-31 07:23 - 01420392 _____ (Microsoft Corporation) C:\Windows\system32\msctf.dll
2016-02-10 10:16 - 2016-01-31 07:06 - 01531368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2016-02-10 10:16 - 2016-01-31 07:06 - 00809336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WinTypes.dll
2016-02-10 10:16 - 2016-01-31 07:04 - 01811360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\combase.dll
2016-02-10 10:16 - 2016-01-31 07:04 - 01180696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msctf.dll
2016-02-10 10:16 - 2016-01-31 06:38 - 21873152 _____ (Microsoft Corporation) C:\Windows\system32\edgehtml.dll
2016-02-10 10:16 - 2016-01-31 06:33 - 24593920 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2016-02-10 10:16 - 2016-01-31 06:29 - 11557888 _____ (Microsoft Corporation) C:\Windows\system32\twinui.dll
2016-02-10 10:16 - 2016-01-31 06:26 - 06787072 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Data.Pdf.dll
2016-02-10 10:16 - 2016-01-31 06:26 - 03793408 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorets.dll
2016-02-10 10:16 - 2016-01-31 06:25 - 12504576 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2016-02-10 10:16 - 2016-01-31 06:25 - 02237952 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2016-02-10 10:16 - 2016-01-31 06:22 - 00680448 _____ (Microsoft Corporation) C:\Windows\system32\rasmans.dll
2016-02-10 10:16 - 2016-01-31 06:20 - 02849792 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2016-02-10 10:16 - 2016-01-31 06:17 - 19324928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2016-02-10 10:16 - 2016-01-31 06:17 - 00109056 _____ (Microsoft Corporation) C:\Windows\system32\hlink.dll
2016-02-10 10:16 - 2016-01-31 06:16 - 09889280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\twinui.dll
2016-02-10 10:16 - 2016-01-31 06:14 - 07525376 _____ (Microsoft Corporation) C:\Windows\system32\Chakra.dll
2016-02-10 10:16 - 2016-01-31 06:14 - 03588096 _____ (Microsoft Corporation) C:\Windows\system32\win32kfull.sys
2016-02-10 10:16 - 2016-01-31 06:13 - 04791808 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2016-02-10 10:16 - 2016-01-31 06:11 - 05156352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Data.Pdf.dll
2016-02-10 10:16 - 2016-01-31 06:11 - 00162304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msorcl32.dll
2016-02-10 10:16 - 2016-01-31 06:07 - 18802176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\edgehtml.dll
2016-02-10 10:16 - 2016-01-31 06:06 - 02316800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2016-02-10 10:16 - 2016-01-31 06:04 - 00100352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\hlink.dll
2016-02-10 10:16 - 2016-01-31 06:02 - 03580416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2016-02-10 10:16 - 2016-01-31 06:00 - 11263488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2016-02-10 10:15 - 2016-01-31 07:24 - 01824880 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2016-02-10 10:15 - 2016-01-31 07:06 - 01535032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2016-02-10 10:15 - 2016-01-31 06:34 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\ngckeyenum.dll
2016-02-10 10:15 - 2016-01-31 06:33 - 00057856 _____ (Microsoft Corporation) C:\Windows\system32\IoTAssignedAccessLockFramework.dll
2016-02-10 10:15 - 2016-01-31 06:29 - 00141312 _____ (Microsoft Corporation) C:\Windows\system32\rasman.dll
2016-02-10 10:15 - 2016-01-31 06:25 - 00366592 _____ (Microsoft Corporation) C:\Windows\system32\wuuhext.dll
2016-02-10 10:15 - 2016-01-31 06:25 - 00143872 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxdav.sys
2016-02-10 10:15 - 2016-01-31 06:24 - 00784384 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2016-02-10 10:15 - 2016-01-31 06:24 - 00047616 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2016-02-10 10:15 - 2016-01-31 06:24 - 00033280 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2016-02-10 10:15 - 2016-01-31 06:23 - 00079360 _____ (Microsoft Corporation) C:\Windows\system32\rdpudd.dll
2016-02-10 10:15 - 2016-01-31 06:19 - 01602560 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2016-02-10 10:15 - 2016-01-31 06:19 - 00237056 _____ (Microsoft Corporation) C:\Windows\system32\NetworkDesktopSettings.dll
2016-02-10 10:15 - 2016-01-31 06:19 - 00046592 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IoTAssignedAccessLockFramework.dll
2016-02-10 10:15 - 2016-01-31 06:18 - 00771072 _____ (Microsoft Corporation) C:\Windows\system32\Chakradiag.dll
2016-02-10 10:15 - 2016-01-31 06:18 - 00147456 _____ (Microsoft Corporation) C:\Windows\system32\mtxoci.dll
2016-02-10 10:15 - 2016-01-31 06:16 - 00950272 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2016-02-10 10:15 - 2016-01-31 06:13 - 00123392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rasman.dll
2016-02-10 10:15 - 2016-01-31 06:13 - 00034816 _____ (Microsoft Corporation) C:\Windows\system32\ztrace_maps.dll
2016-02-10 10:15 - 2016-01-31 06:11 - 00678400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2016-02-10 10:15 - 2016-01-31 06:11 - 00291840 _____ (Microsoft Corporation) C:\Windows\system32\microsoft-windows-system-events.dll
2016-02-10 10:15 - 2016-01-31 06:05 - 01380864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2016-02-10 10:15 - 2016-01-31 06:05 - 00574464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Chakradiag.dll
2016-02-10 10:15 - 2016-01-31 06:05 - 00118272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mtxoci.dll
2016-02-10 10:15 - 2016-01-31 06:02 - 00768000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2016-02-10 10:15 - 2016-01-31 05:59 - 05457408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Chakra.dll
2016-02-10 10:15 - 2016-01-31 05:58 - 00029696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ztrace_maps.dll
2016-02-07 17:25 - 2016-02-19 00:24 - 00000000 ____D C:\Users\Mélanie\Documents\Adobe
2016-02-07 15:55 - 2016-02-07 15:55 - 00003388 _____ C:\Windows\System32\Tasks\AcerCloud
2016-01-20 15:01 - 2016-02-18 20:28 - 00000000 ____D C:\Users\Mélanie\Desktop\18 ans Quentin
==================== Un mois - Modifiés - fichiers et dossiers ========
(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)
2016-02-19 18:22 - 2015-07-10 12:04 - 00000000 ____D C:\Windows\AppReadiness
2016-02-19 18:15 - 2015-12-25 08:21 - 00000000 ____D C:\Users\Mélanie\AppData\Local\CrashDumps
2016-02-19 18:07 - 2015-12-25 08:18 - 00000000 ____D C:\Users\Mélanie\AppData\Local\Host App Service
2016-02-19 13:50 - 2015-09-17 12:47 - 00821020 _____ C:\Windows\system32\perfh00C.dat
2016-02-19 13:50 - 2015-09-17 12:47 - 00154350 _____ C:\Windows\system32\perfc00C.dat
2016-02-19 13:50 - 2015-07-16 04:31 - 01839260 _____ C:\Windows\system32\PerfStringBackup.INI
2016-02-19 13:50 - 2015-07-10 12:02 - 00000000 ____D C:\Windows\INF
2016-02-19 13:40 - 2016-01-15 15:07 - 00000000 ____D C:\ProgramData\boost_interprocess
2016-02-19 13:32 - 2016-01-13 17:05 - 00004182 _____ C:\Windows\System32\Tasks\User_Feed_Synchronization-{F77DEB8D-607B-4803-9521-55801F8915A3}
2016-02-19 13:28 - 2015-12-25 08:23 - 00000000 ___RD C:\Users\Mélanie\OneDrive
2016-02-19 07:16 - 2015-12-25 13:02 - 00000000 ____D C:\Users\Mélanie\AppData\Local\F-Secure
2016-02-19 06:54 - 2015-07-10 13:21 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2016-02-19 06:53 - 2015-09-17 04:20 - 00065536 _____ C:\Windows\system32\spu_storage.bin
2016-02-19 06:53 - 2015-07-10 10:05 - 00262144 ___SH C:\Windows\system32\config\BBI
2016-02-19 06:31 - 2015-12-25 08:18 - 00000000 ____D C:\Users\Mélanie
2016-02-19 06:00 - 2015-12-25 08:18 - 00000000 ____D C:\Users\Mélanie\AppData\Local\Packages
2016-02-19 06:00 - 2015-07-10 12:04 - 00000000 ___HD C:\Program Files\WindowsApps
2016-02-19 05:59 - 2015-09-17 04:19 - 00000000 ____D C:\Program Files\AMD
2016-02-19 05:55 - 2016-01-14 21:08 - 00000000 ____D C:\ProgramData\Adobe
2016-02-19 05:54 - 2015-12-25 08:18 - 00000000 ____D C:\Users\Mélanie\AppData\Roaming\Adobe
2016-02-19 05:52 - 2015-12-25 08:19 - 00000000 ____D C:\Users\Mélanie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dashlane
2016-02-19 04:58 - 2016-01-14 21:02 - 00000000 ____D C:\Users\Mélanie\AppData\Local\Adobe
2016-02-19 04:37 - 2015-07-10 12:04 - 00000000 ____D C:\Windows\Web
2016-02-19 04:34 - 2015-10-30 20:24 - 00000000 ___HD C:\$WINDOWS.~BT
2016-02-19 03:52 - 2015-07-16 05:18 - 00000000 ____D C:\Windows\Panther
2016-02-19 03:33 - 2016-01-17 19:24 - 00000000 ____D C:\Windows\system32\MRT
2016-02-19 03:24 - 2016-01-15 15:13 - 00000000 ____D C:\Program Files\Common Files\Adobe
2016-02-19 03:23 - 2016-01-17 19:24 - 146614896 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2016-02-19 01:43 - 2015-07-10 12:04 - 00000000 ____D C:\Windows\system32\WinBioDatabase
2016-02-18 23:14 - 2016-01-15 15:14 - 00000000 ____D C:\ProgramData\regid.1986-12.com.adobe
2016-02-18 23:13 - 2015-07-10 12:04 - 00000000 ____D C:\Windows\system32\NDF
2016-02-18 20:20 - 2015-07-10 14:14 - 00000000 ____D C:\Program Files\Windows Journal
2016-02-17 19:25 - 2015-07-10 12:04 - 00000000 ____D C:\Windows\SysWOW64\GroupPolicy
2016-02-17 19:25 - 2015-07-10 12:04 - 00000000 ____D C:\Windows\system32\GroupPolicy
2016-02-17 19:20 - 2015-07-16 04:28 - 00000000 __RHD C:\Users\Public\AccountPictures
2016-02-17 18:33 - 2016-01-15 15:14 - 00000033 _____ C:\Users\Mélanie\AppData\Roaming\AdobeWLCMCache.dat
2016-02-12 09:58 - 2015-12-25 08:23 - 00002421 _____ C:\Users\Mélanie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2016-02-10 10:56 - 2015-07-10 11:55 - 00000000 ____D C:\Windows\CbsTemp
2016-02-08 18:02 - 2015-12-27 20:08 - 00000000 ____D C:\Users\Mélanie\Desktop\Finistère Sud
2016-02-07 15:54 - 2015-07-16 05:13 - 00000000 ___HD C:\OEM
2016-02-07 15:54 - 2015-07-16 04:31 - 00000000 ____D C:\Program Files (x86)\Acer
2016-02-07 15:52 - 2015-07-16 04:31 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acer
2016-02-07 15:45 - 2015-12-25 08:23 - 00000000 ____D C:\Users\Mélanie\AppData\Local\clear.fi
2016-02-02 23:47 - 2015-07-10 12:06 - 00828920 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2016-02-02 23:47 - 2015-07-10 12:06 - 00176632 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2016-01-31 14:24 - 2015-07-10 13:20 - 00189328 _____ C:\Windows\system32\FNTCACHE.DAT
2016-01-31 14:19 - 2015-07-10 12:04 - 00000000 ___SD C:\Windows\SysWOW64\F12
2016-01-31 14:18 - 2015-07-10 12:04 - 00000000 ___SD C:\Windows\system32\F12
2016-01-31 14:18 - 2015-07-10 12:04 - 00000000 ___RD C:\Windows\PurchaseDialog
2016-01-31 14:18 - 2015-07-10 12:04 - 00000000 ____D C:\Windows\system32\WinBioPlugIns
2016-01-31 14:18 - 2015-07-10 12:04 - 00000000 ____D C:\Windows\system32\SystemResetPlatform
2016-01-31 14:18 - 2015-07-10 12:04 - 00000000 ____D C:\Windows\system32\oobe
2016-01-31 14:18 - 2015-07-10 12:04 - 00000000 ____D C:\Windows\system32\appraiser
2016-01-31 14:18 - 2015-07-10 12:04 - 00000000 ____D C:\Windows\Provisioning
2016-01-31 14:18 - 2015-07-10 12:04 - 00000000 ____D C:\Windows\L2Schemas
2016-01-20 20:13 - 2015-12-25 12:51 - 00000000 ____D C:\Users\Mélanie\AppData\Local\MicrosoftEdge
2016-01-20 14:51 - 2015-12-27 19:12 - 00000000 ____D C:\Users\Mélanie\Desktop\Dossier de sauvegarde 27 Decembre 2015
==================== Fichiers à la racine de certains dossiers =======
2016-01-15 15:14 - 2016-02-17 18:33 - 0000033 _____ () C:\Users\Mélanie\AppData\Roaming\AdobeWLCMCache.dat
2015-09-17 04:13 - 2015-09-17 04:13 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
==================== Bamital & volsnap =================
(Il n'y a pas de correction automatique pour les fichiers qui ne satisfont pas à la vérification.)
C:\Windows\system32\winlogon.exe => Le fichier est signé numériquement
C:\Windows\system32\wininit.exe => Le fichier est signé numériquement
C:\Windows\explorer.exe => Le fichier est signé numériquement
C:\Windows\SysWOW64\explorer.exe => Le fichier est signé numériquement
C:\Windows\system32\svchost.exe => Le fichier est signé numériquement
C:\Windows\SysWOW64\svchost.exe => Le fichier est signé numériquement
C:\Windows\system32\services.exe => Le fichier est signé numériquement
C:\Windows\system32\User32.dll => Le fichier est signé numériquement
C:\Windows\SysWOW64\User32.dll => Le fichier est signé numériquement
C:\Windows\system32\userinit.exe => Le fichier est signé numériquement
C:\Windows\SysWOW64\userinit.exe => Le fichier est signé numériquement
C:\Windows\system32\rpcss.dll => Le fichier est signé numériquement
C:\Windows\system32\dnsapi.dll => Le fichier est signé numériquement
C:\Windows\SysWOW64\dnsapi.dll => Le fichier est signé numériquement
C:\Windows\system32\Drivers\volsnap.sys => Le fichier est signé numériquement
LastRegBack: 2016-02-08 14:33
==================== Fin de FRST.txt ============================
Exécuté par Mélanie (administrateur) sur LAPTOP-TMHHHQPC (19-02-2016 18:26:10)
Exécuté depuis C:\Users\Mélanie\Desktop
Profils chargés: Mélanie (Profils disponibles: Mélanie)
Platform: Windows 10 Home (X64) Langue: Français (France)
Internet Explorer Version 11 (Navigateur par défaut: IE)
Mode d'amorçage: Normal
Tutoriel pour Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processus (Avec liste blanche) =================
(Si un élément est inclus dans le fichier fixlist.txt, le processus sera arrêté. Le fichier ne sera pas déplacé.)
(AMD) C:\Windows\System32\atiesrxx.exe
(Broadcom Corporation.) C:\Windows\System32\BtwRSupportService.exe
(Amazon Inc.) C:\Program Files (x86)\Amazon\Amazon1ButtonApp\Amazon1ButtonService64.Exe
(F-Secure Corporation) C:\Program Files (x86)\SFR Sécurité\apps\CCF_Reputation\fsorsp.exe
(Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
(F-Secure Corporation) C:\Program Files (x86)\SFR Sécurité\fshoster32.exe
(Acer Incorporated) C:\Program Files (x86)\Acer\AOP Framework\CCDMonitorService.exe
(F-Secure Corporation) C:\Program Files (x86)\SFR Sécurité\apps\ComputerSecurity\Anti-Virus\fsgk32.exe
(F-Secure Corporation) C:\Program Files (x86)\SFR Sécurité\apps\ComputerSecurity\Common\FSMA32.EXE
(F-Secure Corporation) C:\Program Files (x86)\SFR Sécurité\apps\ComputerSecurity\Anti-Virus\fssm32.exe
(F-Secure Corporation) C:\Program Files (x86)\SFR Sécurité\apps\ComputerSecurity\Common\FSHDLL64.EXE
(Acer Incorporated) C:\Program Files\Acer\Acer Quick Access\QASvc.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Quick Access\QALSvc.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe
(Acer Cloud Technology) C:\Program Files (x86)\Acer\AOP Framework\acer\ccd.exe
(acer) C:\Program Files\Acer\User Experience Improvement Program\Framework\UBTService.exe
(AMD) C:\Windows\System32\atieclxx.exe
(SweetLabs, Inc) C:\Users\Mélanie\AppData\Local\Host App Service\Engine\HostAppServiceUpdater.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Quick Access\QAAgent.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Quick Access\QALockHandler.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Quick Access\QAAdminAgent.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(F-Secure Corporation) C:\Program Files (x86)\SFR Sécurité\fshoster32.exe
(F-Secure Corporation) C:\Program Files (x86)\SFR Sécurité\apps\ComputerSecurity\Common\FSM32.EXE
() C:\Program Files (x86)\Acer\abDocs\abDocsDllLoaderMonitor.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerTray.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerEvent.exe
(Acer Incorporated) C:\Program Files (x86)\Acer\AOP Framework\BackgroundAgent.exe
() C:\Program Files (x86)\Acer\Care Center\ACCStd.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe
(Microsoft Corporation) C:\Windows\System32\browser_broker.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
(Enigma Software Group USA, LLC.) C:\Program Files\Enigma Software Group\SpyHunter\SpyHunter4.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
(Microsoft Corporation) C:\Windows\System32\DataExchangeHost.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
(Microsoft Corporation) C:\Windows\System32\InstallAgent.exe
(Microsoft Corporation) C:\Windows\SysWOW64\notepad.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
==================== Registre (Avec liste blanche) ===========================
(Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé. Le fichier ne sera pas déplacé.)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13876952 2015-05-20] (Realtek Semiconductor)
HKLM-x32\...\Run: [abDocsDllLoader] => C:\Program Files (x86)\Acer\abDocs\abDocsDllLoader.exe [91488 2015-11-23] ()
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [767176 2015-07-15] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [F-Secure Hoster (44996002)] => C:\Program Files (x86)\SFR Sécurité\fshoster32.exe [193064 2015-08-17] (F-Secure Corporation)
HKLM-x32\...\Run: [F-Secure Manager] => C:\Program Files (x86)\SFR Sécurité\apps\ComputerSecurity\Common\FSM32.EXE [306216 2015-10-07] (F-Secure Corporation)
HKU\S-1-5-21-3992069561-2133264890-3329846514-1001\...\Run: [C] => C:\Windows\system32\GroupPolicy\Machine\Registry.pol [750 2016-02-17] ()
HKU\S-1-5-21-3992069561-2133264890-3329846514-1001\...\RunOnce: [Uninstall C:\Users\M�lanie\AppData\Local\Microsoft\OneDrive\17.3.5892.0626\amd64] => C:\Windows\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Mélanie\AppData\Local\Microsoft\OneDrive\17.3.5892.0626\amd64"
HKU\S-1-5-21-3992069561-2133264890-3329846514-1001\...\RunOnce: [Uninstall C:\Users\M�lanie\AppData\Local\Microsoft\OneDrive\17.3.6281.1202\amd64] => C:\Windows\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Mélanie\AppData\Local\Microsoft\OneDrive\17.3.6281.1202\amd64"
ShellIconOverlayIdentifiers: [ ACloudSynced] -> {5CCE71FA-9F61-4F24-9CD1-98D819B40D68} => C:\Program Files (x86)\Acer\shellext\x64\shellext_win.dll [2016-01-19] (Acer Incorporated)
ShellIconOverlayIdentifiers: [ ACloudSyncing] -> {C1E1456F-C2D8-4C96-870D-35F1E13941EE} => C:\Program Files (x86)\Acer\shellext\x64\shellext_win.dll [2016-01-19] (Acer Incorporated)
ShellIconOverlayIdentifiers: [ ACloudToBeSynced] -> {307523FA-DDC0-4068-983F-2A6B34627744} => C:\Program Files (x86)\Acer\shellext\x64\shellext_win.dll [2016-01-19] (Acer Incorporated)
GroupPolicy: Restriction - Chrome <======= ATTENTION
GroupPolicy-x32: Restriction - Chrome <======= ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Restriction <======= ATTENTION
==================== Internet (Avec liste blanche) ====================
(Si un élément est inclus dans le fichier fixlist.txt, s'il s'agit d'un élément du Registre, il sera supprimé ou restauré à la valeur par défaut.)
AutoConfigURL: [S-1-5-21-3992069561-2133264890-3329846514-1001] => hxxps://ecosmartfilter.com/adblock.dat?7e889cc2a119bfaa5e9572a98039aec75986861427cab193d40ea7eab007e909158353
Tcpip\Parameters: [DhcpNameServer] 89.2.0.10
Tcpip\..\Interfaces\{07cc5cad-da93-4887-92ac-7964ef36071d}: [DhcpNameServer] 89.2.0.10
Tcpip\..\Interfaces\{58590e3b-0af1-4cef-90e1-c64b60c653b1}: [DhcpNameServer] 89.2.0.10
ManualProxies: 0https://ecosmartfilter.com/adblock.dat?7e889cc2a119bfaa5e9572a98039aec75986861427cab193d40ea7eab007e909158353
Internet Explorer:
==================
HKU\S-1-5-21-3992069561-2133264890-3329846514-1001\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://google.fr
HKU\S-1-5-21-3992069561-2133264890-3329846514-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://www.google.fr/
HKU\S-1-5-21-3992069561-2133264890-3329846514-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://acer15.msn.com/?pc=ACTE
HKU\S-1-5-21-3992069561-2133264890-3329846514-1001\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://homepage-web.com/?s=acer&m=start
URLSearchHook: [S-1-5-21-3992069561-2133264890-3329846514-1001] ATTENTION => URLSearchHook par défaut est absent
URLSearchHook: HKU\S-1-5-21-3992069561-2133264890-3329846514-1001 - (Pas de nom) - {0633EE93-D776-472f-A0FF-E1416B8B2E3D} - Pas de fichier
SearchScopes: HKLM -> {AA9A4890-4262-4441-8977-E2FFCBFB706C} URL = hxxp://fr.yhs4.search.yahoo.com/yhs/search?hspart=acer&hsimp=yhs-acer_001&p={searchTerms}
SearchScopes: HKLM-x32 -> {AA9A4890-4262-4441-8977-E2FFCBFB706C} URL = hxxp://fr.yhs4.search.yahoo.com/yhs/search?hspart=acer&hsimp=yhs-acer_001&p={searchTerms}
SearchScopes: HKU\S-1-5-21-3992069561-2133264890-3329846514-1001 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3C} URL =
SearchScopes: HKU\S-1-5-21-3992069561-2133264890-3329846514-1001 -> {AA9A4890-4262-4441-8977-E2FFCBFB706C} URL = hxxp://fr.yhs4.search.yahoo.com/yhs/search?hspart=acer&hsimp=yhs-acer_001&p={searchTerms}
SearchScopes: HKU\S-1-5-21-3992069561-2133264890-3329846514-1001 -> {CAA307EE-DF2C-458F-98BE-8DE40D00693A} URL =
BHO: Browsing Protection by F-Secure -> {45BBE08D-81C5-4A67-AF20-B2A077C67747} -> C:\Program Files (x86)\SFR Sécurité\apps\CCF_Scanning\bin\browser\install\fs_ie_https\fs_ie_https64.dll [2016-01-11] (F-Secure Corporation)
BHO: Search by F-Secure -> {690EF1CF-5775-4CB3-A5B8-85A63FD0262B} -> C:\Program Files (x86)\SFR Sécurité\apps\SafeSearch\IE\FSSafeSearch64.dll [2015-11-19] (F-Secure Corporation)
BHO-x32: Browsing Protection by F-Secure -> {45BBE08D-81C5-4A67-AF20-B2A077C67747} -> C:\Program Files (x86)\SFR Sécurité\apps\CCF_Scanning\bin\browser\install\fs_ie_https\fs_ie_https.dll [2016-01-11] (F-Secure Corporation)
BHO-x32: Search by F-Secure -> {690EF1CF-5775-4CB3-A5B8-85A63FD0262B} -> C:\Program Files (x86)\SFR Sécurité\apps\SafeSearch\IE\FSSafeSearch.dll [2015-11-19] (F-Secure Corporation)
Toolbar: HKLM - Search by F-Secure Toolbar - {B242FC32-2B60-48EA-A8E3-2E280EDBC48F} - C:\Program Files (x86)\SFR Sécurité\apps\SafeSearch\IE\FSSafeSearch64.dll [2015-11-19] (F-Secure Corporation)
Toolbar: HKLM-x32 - Search by F-Secure Toolbar - {B242FC32-2B60-48EA-A8E3-2E280EDBC48F} - C:\Program Files (x86)\SFR Sécurité\apps\SafeSearch\IE\FSSafeSearch.dll [2015-11-19] (F-Secure Corporation)
FireFox:
========
FF ProfilePath: C:\Users\Mélanie\AppData\Roaming\Mozilla\Firefox\Profiles\5iedtqhg.default
FF DefaultSearchEngine: Web Search
FF SelectedSearchEngine: Web Search
FF Homepage: hxxps://www.malwarebytes.org/restorebrowser//?s=acer&m=start
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.xdp -> C:\Program Files (x86)\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [Pas de fichier]
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.xfdf -> C:\Program Files (x86)\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [Pas de fichier]
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-02-19] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-02-19] (Google Inc.)
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll [Pas de fichier]
FF Extension: Français Language Pack - C:\Users\Mélanie\AppData\Roaming\Mozilla\Firefox\Profiles\5iedtqhg.default\Extensions\langpack-fr@firefox.mozilla.org.xpi [2015-12-29]
FF Extension: Russian (RU) Language Pack - C:\Users\Mélanie\AppData\Roaming\Mozilla\Firefox\Profiles\5iedtqhg.default\Extensions\langpack-ru@firefox.mozilla.org.xpi [2015-12-29]
FF Extension: Slovak (SK) Language Pack - C:\Users\Mélanie\AppData\Roaming\Mozilla\Firefox\Profiles\5iedtqhg.default\Extensions\langpack-sk@firefox.mozilla.org.xpi [2015-12-29]
FF Extension: Slovenski jezik Language Pack - C:\Users\Mélanie\AppData\Roaming\Mozilla\Firefox\Profiles\5iedtqhg.default\Extensions\langpack-sl@firefox.mozilla.org.xpi [2015-12-29]
FF Extension: српски (sr) Language Pack - C:\Users\Mélanie\AppData\Roaming\Mozilla\Firefox\Profiles\5iedtqhg.default\Extensions\langpack-sr@firefox.mozilla.org.xpi [2015-12-29]
FF Extension: Svenska (SE) Language Pack - C:\Users\Mélanie\AppData\Roaming\Mozilla\Firefox\Profiles\5iedtqhg.default\Extensions\langpack-sv-SE@firefox.mozilla.org.xpi [2015-12-29]
FF Extension: Thai Language Pack - C:\Users\Mélanie\AppData\Roaming\Mozilla\Firefox\Profiles\5iedtqhg.default\Extensions\langpack-th@firefox.mozilla.org.xpi [2015-12-29]
FF Extension: Türkçe (TR) Language Pack - C:\Users\Mélanie\AppData\Roaming\Mozilla\Firefox\Profiles\5iedtqhg.default\Extensions\langpack-tr@firefox.mozilla.org.xpi [2015-12-29]
FF Extension: Ukrainian (UA) Language Pack - C:\Users\Mélanie\AppData\Roaming\Mozilla\Firefox\Profiles\5iedtqhg.default\Extensions\langpack-uk@firefox.mozilla.org.xpi [2015-12-29]
FF Extension: Chinese Simplified (zh-CN) Language Pack - C:\Users\Mélanie\AppData\Roaming\Mozilla\Firefox\Profiles\5iedtqhg.default\Extensions\langpack-zh-CN@firefox.mozilla.org.xpi [2015-12-29]
FF Extension: Traditional Chinese (zh-TW) Language Pack - C:\Users\Mélanie\AppData\Roaming\Mozilla\Firefox\Profiles\5iedtqhg.default\Extensions\langpack-zh-TW@firefox.mozilla.org.xpi [2015-12-29]
FF HKLM-x32\...\Firefox\Extensions: [ols@f-secure.com] - C:\Program Files (x86)\SFR Sécurité\apps\CCF_Scanning\bin\browser\install\fs_firefox_https\fs_firefox_https.xpi
FF Extension: Browsing Protection by F-Secure - C:\Program Files (x86)\SFR Sécurité\apps\CCF_Scanning\bin\browser\install\fs_firefox_https\fs_firefox_https.xpi [2016-01-11]
Chrome:
=======
CHR DefaultSearchKeyword: Profile 2 -> safe
CHR Profile: C:\Users\Mélanie\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Slides) - C:\Users\Mélanie\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2016-01-10]
CHR Extension: (Google Docs) - C:\Users\Mélanie\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2016-01-10]
CHR Extension: (Google Drive) - C:\Users\Mélanie\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-01-10]
CHR Extension: (YouTube) - C:\Users\Mélanie\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-01-10]
CHR Extension: (Recherche Google) - C:\Users\Mélanie\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2016-01-10]
CHR Extension: (Google Sheets) - C:\Users\Mélanie\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2016-01-10]
CHR Extension: (Google Docs hors connexion) - C:\Users\Mélanie\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-01-10]
CHR Extension: (Browsing Protection by F-Secure) - C:\Users\Mélanie\AppData\Local\Google\Chrome\User Data\Default\Extensions\jmjjnhpacphpjmnnlnccpfmhkcloaade [2016-01-12]
CHR Extension: (Paiements via le Chrome Web Store) - C:\Users\Mélanie\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-01-10]
CHR Extension: (Gmail) - C:\Users\Mélanie\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-01-10]
CHR Profile: C:\Users\Mélanie\AppData\Local\Google\Chrome\User Data\Profile 2
CHR Extension: (Paiements via le Chrome Web Store) - C:\Users\Mélanie\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-02-19]
CHR HKU\S-1-5-21-3992069561-2133264890-3329846514-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [gkmikccifolokanfakbeadbmgchomeli] - C:\Program Files (x86)\SFR Sécurité\apps\SafeSearch\Chrome\main.crx [2015-11-04]
CHR HKLM-x32\...\Chrome\Extension: [jmjjnhpacphpjmnnlnccpfmhkcloaade] - C:/Program Files (x86)/SFR Sécurité/apps/CCF_Scanning/bin/browser/install/fs_chrome_https/fs_chrome_https.crx [2015-06-03]
==================== Services (Avec liste blanche) ========================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
R2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [2020056 2016-02-09] (Adobe Systems, Incorporated)
R2 Amazon 1Button App Service; c:\Program Files (x86)\Amazon\Amazon1ButtonApp\Amazon1ButtonService64.Exe [456000 2015-09-17] (Amazon Inc.)
R2 BcmBtRSupport; C:\Windows\system32\BtwRSupportService.exe [2278152 2015-09-17] (Broadcom Corporation.)
R2 CCDMonitorService; C:\Program Files (x86)\Acer\AOP Framework\CCDMonitorService.exe [2860760 2016-01-14] (Acer Incorporated)
R3 ePowerSvc; C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe [2573568 2015-05-14] (Acer Incorporated)
R2 fshoster; C:\Program Files (x86)\SFR Sécurité\fshoster32.exe [193064 2015-08-17] (F-Secure Corporation)
R3 FSMA; C:\Program Files (x86)\SFR Sécurité\apps\ComputerSecurity\Common\FSMA32.EXE [216104 2015-10-07] (F-Secure Corporation)
R2 FSORSPClient; C:\Program Files (x86)\SFR Sécurité\apps\CCF_Reputation\fsorsp.exe [60456 2015-12-25] (F-Secure Corporation)
S2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1513784 2015-10-05] (Malwarebytes)
S2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1135416 2015-10-05] (Malwarebytes)
R3 QALSvc; C:\Program Files\Acer\Acer Quick Access\QALSvc.exe [398176 2015-07-09] (Acer Incorporated)
R3 QASvc; C:\Program Files\Acer\Acer Quick Access\QASvc.exe [450400 2015-07-09] (Acer Incorporated)
S2 SpyHunter 4 Service; C:\Program Files\Enigma Software Group\SpyHunter\SH4Service.exe [1042304 2016-02-19] (Enigma Software Group USA, LLC.)
R3 UEIPSvc; C:\Program Files\Acer\User Experience Improvement Program\Framework\UBTService.exe [247040 2015-05-27] (acer)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [362928 2015-07-10] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [24864 2015-07-10] (Microsoft Corporation)
S3 GamesAppService; "C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe" [X]
S2 mccspsvc; "C:\Program Files\Common Files\McAfee\CSP\1.5.450.0\McCSPServiceHost.exe" [X]
===================== Pilotes (Avec liste blanche) ==========================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
R3 AtiHDAudioService; C:\Windows\system32\drivers\AtihdWT6.sys [102912 2015-05-28] (Advanced Micro Devices)
R3 bcbtums; C:\Windows\system32\drivers\bcbtums.sys [199472 2015-09-17] (Broadcom Corporation.)
R3 BCM43XX; C:\Windows\system32\DRIVERS\bcmwl63a.sys [7593176 2015-07-10] (Broadcom Corporation)
R3 esgiguard; C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys [15920 2016-02-19] (Enigma Software Group USA, LLC.)
S3 EsgScanner; C:\Windows\System32\DRIVERS\EsgScanner.sys [22704 2016-02-19] ()
R3 ETDI2C; C:\Windows\system32\DRIVERS\ETDI2C.sys [175288 2015-04-14] (ELAN Microelectronic Corp.)
R3 F-Secure Gatekeeper; C:\Program Files (x86)\SFR Sécurité\apps\ComputerSecurity\Anti-Virus\minifilter\fsgk.sys [219128 2015-12-27] (F-Secure Corporation)
R1 F-Secure HIPS; C:\Program Files (x86)\SFR Sécurité\apps\ComputerSecurity\HIPS\drivers\fshs.sys [97352 2016-02-12] (F-Secure Corporation)
R0 fsbts; C:\Windows\System32\Drivers\fsbts.sys [75448 2016-01-12] ()
R3 fsni; C:\Program Files (x86)\SFR Sécurité\apps\CCF_Scanning\bin\fsni64.sys [99968 2016-01-11] (F-Secure Corporation)
R3 Kb9xI2c; C:\Windows\System32\drivers\Kb9xI2c.sys [37888 2015-05-19] (ENE TECHNOLOGY INC.)
R3 LMDriver; C:\Windows\System32\drivers\LMDriver.sys [21344 2015-07-09] (Acer Incorporated)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2015-10-05] (Malwarebytes)
S3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [192216 2016-02-19] (Malwarebytes)
S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [64216 2015-10-05] (Malwarebytes Corporation)
R3 RadioShim; C:\Windows\System32\drivers\RadioShim.sys [14688 2015-07-09] (Acer Incorporated)
R3 rt640x64; C:\Windows\System32\drivers\rt640x64.sys [895256 2015-06-16] (Realtek )
S3 RTSUER; C:\Windows\system32\Drivers\RtsUer.sys [402136 2015-05-27] (Realsil Semiconductor Corporation)
S3 UdeCx; C:\Windows\System32\drivers\udecx.sys [44032 2015-07-10] ()
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44568 2015-07-10] (Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [291680 2015-07-10] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [119648 2015-07-10] (Microsoft Corporation)
S3 wfpcapture; \SystemRoot\System32\drivers\wfpcapture.sys [X]
==================== NetSvcs (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
==================== Un mois - Créés - fichiers et dossiers ========
(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)
2016-02-19 18:26 - 2016-02-19 18:27 - 00021761 _____ C:\Users\Mélanie\Desktop\FRST.txt
2016-02-19 18:25 - 2016-02-19 18:26 - 00000000 ____D C:\FRST
2016-02-19 18:25 - 2016-02-19 18:25 - 02371072 _____ (Farbar) C:\Users\Mélanie\Desktop\FRST64.exe
2016-02-19 18:20 - 2016-02-19 18:22 - 01722368 _____ (Farbar) C:\Users\Mélanie\Desktop\FRST.exe
2016-02-19 18:14 - 2016-02-19 18:14 - 00001303 _____ C:\Users\Mélanie\Desktop\ZHPFixReport.txt
2016-02-19 18:09 - 2016-02-19 18:10 - 00000000 ____D C:\Program Files (x86)\ZHPFix
2016-02-19 18:09 - 2016-02-19 18:09 - 03521617 _____ (Nicolas Coolman ) C:\Users\Mélanie\Desktop\ZHPFix.exe
2016-02-19 18:09 - 2016-02-19 18:09 - 00001926 _____ C:\Users\Public\Desktop\ZHPFix.lnk
2016-02-19 18:09 - 2016-02-19 18:09 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ZHP
2016-02-19 18:06 - 2016-02-19 18:06 - 00016148 _____ C:\Windows\system32\LAPTOP-TMHHHQPC_Mélanie_HistoryPrediction.bin
2016-02-19 15:21 - 2016-02-19 15:21 - 00002350 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-02-19 15:21 - 2016-02-19 15:21 - 00002338 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2016-02-19 15:20 - 2016-02-19 18:25 - 00001102 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2016-02-19 15:20 - 2016-02-19 15:25 - 00001098 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2016-02-19 15:20 - 2016-02-19 15:20 - 00004160 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2016-02-19 15:20 - 2016-02-19 15:20 - 00003928 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2016-02-19 15:20 - 2016-02-19 15:20 - 00000000 ____D C:\Program Files (x86)\Google
2016-02-19 15:19 - 2016-02-19 15:20 - 00987728 _____ (Google Inc.) C:\Users\Mélanie\Downloads\ChromeSetup.exe
2016-02-19 14:33 - 2016-02-19 14:33 - 00082605 _____ C:\Users\Mélanie\Desktop\ZHPDiag.txt
2016-02-19 14:21 - 2016-02-19 18:14 - 00000000 ____D C:\Users\Mélanie\AppData\Roaming\ZHP
2016-02-19 14:21 - 2016-02-19 14:21 - 00000871 _____ C:\Users\Mélanie\Desktop\ZHPDiag.lnk
2016-02-19 14:19 - 2016-02-19 14:20 - 02122752 _____ C:\Users\Mélanie\Downloads\ZHPDiag3.exe
2016-02-19 14:00 - 2016-02-19 14:00 - 00003450 _____ C:\Windows\System32\Tasks\SpyHunter4Startup
2016-02-19 14:00 - 2016-02-19 14:00 - 00001136 _____ C:\Users\Mélanie\Desktop\SpyHunter.lnk
2016-02-19 14:00 - 2016-02-19 14:00 - 00000000 ____D C:\Users\Mélanie\AppData\Roaming\Enigma Software Group
2016-02-19 14:00 - 2016-02-19 14:00 - 00000000 ____D C:\sh4ldr
2016-02-19 13:59 - 2016-02-19 13:59 - 03286400 _____ (Enigma Software Group USA, LLC.) C:\Users\Mélanie\Downloads\SpyHunter-Installer.exe
2016-02-19 13:59 - 2016-02-19 13:59 - 00022704 _____ C:\Windows\system32\Drivers\EsgScanner.sys
2016-02-19 13:59 - 2016-02-19 13:59 - 00000000 ____D C:\Program Files\Enigma Software Group
2016-02-19 13:44 - 2016-02-19 13:44 - 00000000 ____D C:\Users\Mélanie\AppData\Roaming\Microsoft\Windows\Start Menu\EcoSmartFilter
2016-02-19 13:43 - 2016-02-19 13:44 - 00000000 ____D C:\Program Files (x86)\EcoSmartFilter
2016-02-19 13:40 - 2016-02-19 13:41 - 00000000 ____D C:\ProgramData\InstallMachine
2016-02-19 13:28 - 2016-02-19 13:28 - 00000000 ___HD C:\OneDriveTemp
2016-02-19 06:33 - 2016-02-19 06:33 - 00000000 _____ C:\autoexec.bat
2016-02-19 05:55 - 2016-02-19 05:55 - 00000000 ___HD C:\temp
2016-02-19 05:52 - 2016-02-19 05:52 - 00000000 ____D C:\Users\Mélanie\AppData\Local\III
2016-02-19 04:15 - 2016-02-19 06:07 - 00192216 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2016-02-19 04:14 - 2016-02-19 04:14 - 00001179 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2016-02-19 04:14 - 2016-02-19 04:14 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2016-02-19 04:14 - 2016-02-19 04:14 - 00000000 ____D C:\ProgramData\Malwarebytes
2016-02-19 04:14 - 2016-02-19 04:14 - 00000000 ____D C:\Program Files (x86)\Malwarebytes Anti-Malware
2016-02-19 04:14 - 2015-10-05 09:50 - 00109272 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamchameleon.sys
2016-02-19 04:14 - 2015-10-05 09:50 - 00064216 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2016-02-19 04:14 - 2015-10-05 09:50 - 00025816 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbam.sys
2016-02-19 01:27 - 2016-02-19 07:03 - 00000000 ____D C:\Users\Mélanie\AppData\Local\FSDART
2016-02-19 01:08 - 2016-02-19 01:08 - 00000036 _____ C:\Windows\system32\L
2016-02-19 00:07 - 2015-12-09 04:39 - 00301728 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2016-02-18 23:13 - 2016-02-18 23:13 - 00000000 ____D C:\Users\Mélanie\AppData\Local\ElevatedDiagnostics
2016-02-18 22:08 - 2016-02-19 01:06 - 00000000 ____D C:\ProgramData\WinZip
2016-02-18 22:08 - 2016-02-18 22:08 - 00000000 ____D C:\Users\Mélanie\AppData\Local\Nico Mak Computing
2016-02-18 22:07 - 2016-02-18 22:07 - 00000000 ____D C:\ProgramData\UniqueId
2016-02-18 20:53 - 2016-02-18 21:25 - 00001006 _____ C:\Users\Mélanie\Documents\hosts.txt
2016-02-17 19:25 - 2016-02-19 01:08 - 00000290 __RSH C:\ProgramData\ntuser.pol
2016-02-17 19:25 - 2016-02-17 19:25 - 00000008 __RSH C:\Users\Mélanie\ntuser.pol
2016-02-17 18:38 - 2016-02-17 18:38 - 00000000 ____D C:\Users\Mélanie\AppData\Roaming\PDAppFlex
2016-02-10 10:16 - 2016-01-31 07:25 - 01951872 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2016-02-10 10:16 - 2016-01-31 07:25 - 01248896 _____ (Microsoft Corporation) C:\Windows\system32\WinTypes.dll
2016-02-10 10:16 - 2016-01-31 07:23 - 02601160 _____ (Microsoft Corporation) C:\Windows\system32\combase.dll
2016-02-10 10:16 - 2016-01-31 07:23 - 01420392 _____ (Microsoft Corporation) C:\Windows\system32\msctf.dll
2016-02-10 10:16 - 2016-01-31 07:06 - 01531368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2016-02-10 10:16 - 2016-01-31 07:06 - 00809336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WinTypes.dll
2016-02-10 10:16 - 2016-01-31 07:04 - 01811360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\combase.dll
2016-02-10 10:16 - 2016-01-31 07:04 - 01180696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msctf.dll
2016-02-10 10:16 - 2016-01-31 06:38 - 21873152 _____ (Microsoft Corporation) C:\Windows\system32\edgehtml.dll
2016-02-10 10:16 - 2016-01-31 06:33 - 24593920 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2016-02-10 10:16 - 2016-01-31 06:29 - 11557888 _____ (Microsoft Corporation) C:\Windows\system32\twinui.dll
2016-02-10 10:16 - 2016-01-31 06:26 - 06787072 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Data.Pdf.dll
2016-02-10 10:16 - 2016-01-31 06:26 - 03793408 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorets.dll
2016-02-10 10:16 - 2016-01-31 06:25 - 12504576 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2016-02-10 10:16 - 2016-01-31 06:25 - 02237952 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2016-02-10 10:16 - 2016-01-31 06:22 - 00680448 _____ (Microsoft Corporation) C:\Windows\system32\rasmans.dll
2016-02-10 10:16 - 2016-01-31 06:20 - 02849792 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2016-02-10 10:16 - 2016-01-31 06:17 - 19324928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2016-02-10 10:16 - 2016-01-31 06:17 - 00109056 _____ (Microsoft Corporation) C:\Windows\system32\hlink.dll
2016-02-10 10:16 - 2016-01-31 06:16 - 09889280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\twinui.dll
2016-02-10 10:16 - 2016-01-31 06:14 - 07525376 _____ (Microsoft Corporation) C:\Windows\system32\Chakra.dll
2016-02-10 10:16 - 2016-01-31 06:14 - 03588096 _____ (Microsoft Corporation) C:\Windows\system32\win32kfull.sys
2016-02-10 10:16 - 2016-01-31 06:13 - 04791808 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2016-02-10 10:16 - 2016-01-31 06:11 - 05156352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Data.Pdf.dll
2016-02-10 10:16 - 2016-01-31 06:11 - 00162304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msorcl32.dll
2016-02-10 10:16 - 2016-01-31 06:07 - 18802176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\edgehtml.dll
2016-02-10 10:16 - 2016-01-31 06:06 - 02316800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2016-02-10 10:16 - 2016-01-31 06:04 - 00100352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\hlink.dll
2016-02-10 10:16 - 2016-01-31 06:02 - 03580416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2016-02-10 10:16 - 2016-01-31 06:00 - 11263488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2016-02-10 10:15 - 2016-01-31 07:24 - 01824880 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2016-02-10 10:15 - 2016-01-31 07:06 - 01535032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2016-02-10 10:15 - 2016-01-31 06:34 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\ngckeyenum.dll
2016-02-10 10:15 - 2016-01-31 06:33 - 00057856 _____ (Microsoft Corporation) C:\Windows\system32\IoTAssignedAccessLockFramework.dll
2016-02-10 10:15 - 2016-01-31 06:29 - 00141312 _____ (Microsoft Corporation) C:\Windows\system32\rasman.dll
2016-02-10 10:15 - 2016-01-31 06:25 - 00366592 _____ (Microsoft Corporation) C:\Windows\system32\wuuhext.dll
2016-02-10 10:15 - 2016-01-31 06:25 - 00143872 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxdav.sys
2016-02-10 10:15 - 2016-01-31 06:24 - 00784384 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2016-02-10 10:15 - 2016-01-31 06:24 - 00047616 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2016-02-10 10:15 - 2016-01-31 06:24 - 00033280 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2016-02-10 10:15 - 2016-01-31 06:23 - 00079360 _____ (Microsoft Corporation) C:\Windows\system32\rdpudd.dll
2016-02-10 10:15 - 2016-01-31 06:19 - 01602560 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2016-02-10 10:15 - 2016-01-31 06:19 - 00237056 _____ (Microsoft Corporation) C:\Windows\system32\NetworkDesktopSettings.dll
2016-02-10 10:15 - 2016-01-31 06:19 - 00046592 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IoTAssignedAccessLockFramework.dll
2016-02-10 10:15 - 2016-01-31 06:18 - 00771072 _____ (Microsoft Corporation) C:\Windows\system32\Chakradiag.dll
2016-02-10 10:15 - 2016-01-31 06:18 - 00147456 _____ (Microsoft Corporation) C:\Windows\system32\mtxoci.dll
2016-02-10 10:15 - 2016-01-31 06:16 - 00950272 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2016-02-10 10:15 - 2016-01-31 06:13 - 00123392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rasman.dll
2016-02-10 10:15 - 2016-01-31 06:13 - 00034816 _____ (Microsoft Corporation) C:\Windows\system32\ztrace_maps.dll
2016-02-10 10:15 - 2016-01-31 06:11 - 00678400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2016-02-10 10:15 - 2016-01-31 06:11 - 00291840 _____ (Microsoft Corporation) C:\Windows\system32\microsoft-windows-system-events.dll
2016-02-10 10:15 - 2016-01-31 06:05 - 01380864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2016-02-10 10:15 - 2016-01-31 06:05 - 00574464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Chakradiag.dll
2016-02-10 10:15 - 2016-01-31 06:05 - 00118272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mtxoci.dll
2016-02-10 10:15 - 2016-01-31 06:02 - 00768000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2016-02-10 10:15 - 2016-01-31 05:59 - 05457408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Chakra.dll
2016-02-10 10:15 - 2016-01-31 05:58 - 00029696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ztrace_maps.dll
2016-02-07 17:25 - 2016-02-19 00:24 - 00000000 ____D C:\Users\Mélanie\Documents\Adobe
2016-02-07 15:55 - 2016-02-07 15:55 - 00003388 _____ C:\Windows\System32\Tasks\AcerCloud
2016-01-20 15:01 - 2016-02-18 20:28 - 00000000 ____D C:\Users\Mélanie\Desktop\18 ans Quentin
==================== Un mois - Modifiés - fichiers et dossiers ========
(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)
2016-02-19 18:22 - 2015-07-10 12:04 - 00000000 ____D C:\Windows\AppReadiness
2016-02-19 18:15 - 2015-12-25 08:21 - 00000000 ____D C:\Users\Mélanie\AppData\Local\CrashDumps
2016-02-19 18:07 - 2015-12-25 08:18 - 00000000 ____D C:\Users\Mélanie\AppData\Local\Host App Service
2016-02-19 13:50 - 2015-09-17 12:47 - 00821020 _____ C:\Windows\system32\perfh00C.dat
2016-02-19 13:50 - 2015-09-17 12:47 - 00154350 _____ C:\Windows\system32\perfc00C.dat
2016-02-19 13:50 - 2015-07-16 04:31 - 01839260 _____ C:\Windows\system32\PerfStringBackup.INI
2016-02-19 13:50 - 2015-07-10 12:02 - 00000000 ____D C:\Windows\INF
2016-02-19 13:40 - 2016-01-15 15:07 - 00000000 ____D C:\ProgramData\boost_interprocess
2016-02-19 13:32 - 2016-01-13 17:05 - 00004182 _____ C:\Windows\System32\Tasks\User_Feed_Synchronization-{F77DEB8D-607B-4803-9521-55801F8915A3}
2016-02-19 13:28 - 2015-12-25 08:23 - 00000000 ___RD C:\Users\Mélanie\OneDrive
2016-02-19 07:16 - 2015-12-25 13:02 - 00000000 ____D C:\Users\Mélanie\AppData\Local\F-Secure
2016-02-19 06:54 - 2015-07-10 13:21 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2016-02-19 06:53 - 2015-09-17 04:20 - 00065536 _____ C:\Windows\system32\spu_storage.bin
2016-02-19 06:53 - 2015-07-10 10:05 - 00262144 ___SH C:\Windows\system32\config\BBI
2016-02-19 06:31 - 2015-12-25 08:18 - 00000000 ____D C:\Users\Mélanie
2016-02-19 06:00 - 2015-12-25 08:18 - 00000000 ____D C:\Users\Mélanie\AppData\Local\Packages
2016-02-19 06:00 - 2015-07-10 12:04 - 00000000 ___HD C:\Program Files\WindowsApps
2016-02-19 05:59 - 2015-09-17 04:19 - 00000000 ____D C:\Program Files\AMD
2016-02-19 05:55 - 2016-01-14 21:08 - 00000000 ____D C:\ProgramData\Adobe
2016-02-19 05:54 - 2015-12-25 08:18 - 00000000 ____D C:\Users\Mélanie\AppData\Roaming\Adobe
2016-02-19 05:52 - 2015-12-25 08:19 - 00000000 ____D C:\Users\Mélanie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dashlane
2016-02-19 04:58 - 2016-01-14 21:02 - 00000000 ____D C:\Users\Mélanie\AppData\Local\Adobe
2016-02-19 04:37 - 2015-07-10 12:04 - 00000000 ____D C:\Windows\Web
2016-02-19 04:34 - 2015-10-30 20:24 - 00000000 ___HD C:\$WINDOWS.~BT
2016-02-19 03:52 - 2015-07-16 05:18 - 00000000 ____D C:\Windows\Panther
2016-02-19 03:33 - 2016-01-17 19:24 - 00000000 ____D C:\Windows\system32\MRT
2016-02-19 03:24 - 2016-01-15 15:13 - 00000000 ____D C:\Program Files\Common Files\Adobe
2016-02-19 03:23 - 2016-01-17 19:24 - 146614896 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2016-02-19 01:43 - 2015-07-10 12:04 - 00000000 ____D C:\Windows\system32\WinBioDatabase
2016-02-18 23:14 - 2016-01-15 15:14 - 00000000 ____D C:\ProgramData\regid.1986-12.com.adobe
2016-02-18 23:13 - 2015-07-10 12:04 - 00000000 ____D C:\Windows\system32\NDF
2016-02-18 20:20 - 2015-07-10 14:14 - 00000000 ____D C:\Program Files\Windows Journal
2016-02-17 19:25 - 2015-07-10 12:04 - 00000000 ____D C:\Windows\SysWOW64\GroupPolicy
2016-02-17 19:25 - 2015-07-10 12:04 - 00000000 ____D C:\Windows\system32\GroupPolicy
2016-02-17 19:20 - 2015-07-16 04:28 - 00000000 __RHD C:\Users\Public\AccountPictures
2016-02-17 18:33 - 2016-01-15 15:14 - 00000033 _____ C:\Users\Mélanie\AppData\Roaming\AdobeWLCMCache.dat
2016-02-12 09:58 - 2015-12-25 08:23 - 00002421 _____ C:\Users\Mélanie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2016-02-10 10:56 - 2015-07-10 11:55 - 00000000 ____D C:\Windows\CbsTemp
2016-02-08 18:02 - 2015-12-27 20:08 - 00000000 ____D C:\Users\Mélanie\Desktop\Finistère Sud
2016-02-07 15:54 - 2015-07-16 05:13 - 00000000 ___HD C:\OEM
2016-02-07 15:54 - 2015-07-16 04:31 - 00000000 ____D C:\Program Files (x86)\Acer
2016-02-07 15:52 - 2015-07-16 04:31 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acer
2016-02-07 15:45 - 2015-12-25 08:23 - 00000000 ____D C:\Users\Mélanie\AppData\Local\clear.fi
2016-02-02 23:47 - 2015-07-10 12:06 - 00828920 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2016-02-02 23:47 - 2015-07-10 12:06 - 00176632 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2016-01-31 14:24 - 2015-07-10 13:20 - 00189328 _____ C:\Windows\system32\FNTCACHE.DAT
2016-01-31 14:19 - 2015-07-10 12:04 - 00000000 ___SD C:\Windows\SysWOW64\F12
2016-01-31 14:18 - 2015-07-10 12:04 - 00000000 ___SD C:\Windows\system32\F12
2016-01-31 14:18 - 2015-07-10 12:04 - 00000000 ___RD C:\Windows\PurchaseDialog
2016-01-31 14:18 - 2015-07-10 12:04 - 00000000 ____D C:\Windows\system32\WinBioPlugIns
2016-01-31 14:18 - 2015-07-10 12:04 - 00000000 ____D C:\Windows\system32\SystemResetPlatform
2016-01-31 14:18 - 2015-07-10 12:04 - 00000000 ____D C:\Windows\system32\oobe
2016-01-31 14:18 - 2015-07-10 12:04 - 00000000 ____D C:\Windows\system32\appraiser
2016-01-31 14:18 - 2015-07-10 12:04 - 00000000 ____D C:\Windows\Provisioning
2016-01-31 14:18 - 2015-07-10 12:04 - 00000000 ____D C:\Windows\L2Schemas
2016-01-20 20:13 - 2015-12-25 12:51 - 00000000 ____D C:\Users\Mélanie\AppData\Local\MicrosoftEdge
2016-01-20 14:51 - 2015-12-27 19:12 - 00000000 ____D C:\Users\Mélanie\Desktop\Dossier de sauvegarde 27 Decembre 2015
==================== Fichiers à la racine de certains dossiers =======
2016-01-15 15:14 - 2016-02-17 18:33 - 0000033 _____ () C:\Users\Mélanie\AppData\Roaming\AdobeWLCMCache.dat
2015-09-17 04:13 - 2015-09-17 04:13 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
==================== Bamital & volsnap =================
(Il n'y a pas de correction automatique pour les fichiers qui ne satisfont pas à la vérification.)
C:\Windows\system32\winlogon.exe => Le fichier est signé numériquement
C:\Windows\system32\wininit.exe => Le fichier est signé numériquement
C:\Windows\explorer.exe => Le fichier est signé numériquement
C:\Windows\SysWOW64\explorer.exe => Le fichier est signé numériquement
C:\Windows\system32\svchost.exe => Le fichier est signé numériquement
C:\Windows\SysWOW64\svchost.exe => Le fichier est signé numériquement
C:\Windows\system32\services.exe => Le fichier est signé numériquement
C:\Windows\system32\User32.dll => Le fichier est signé numériquement
C:\Windows\SysWOW64\User32.dll => Le fichier est signé numériquement
C:\Windows\system32\userinit.exe => Le fichier est signé numériquement
C:\Windows\SysWOW64\userinit.exe => Le fichier est signé numériquement
C:\Windows\system32\rpcss.dll => Le fichier est signé numériquement
C:\Windows\system32\dnsapi.dll => Le fichier est signé numériquement
C:\Windows\SysWOW64\dnsapi.dll => Le fichier est signé numériquement
C:\Windows\system32\Drivers\volsnap.sys => Le fichier est signé numériquement
LastRegBack: 2016-02-08 14:33
==================== Fin de FRST.txt ============================