cjoint

Publicité


Publicité

Format du document : text/plain

Prévisualisation

Résultats d'analyse de Farbar Recovery Scan Tool (FRST) (x64) Version: 27-07-2016
Exécuté par Stéphane (administrateur) sur ASUS (29-07-2016 19:30:10)
Exécuté depuis C:\Users\Stéphane\Desktop
Profils chargés: Stéphane (Profils disponibles: Stéphane)
Platform: Windows 7 Home Premium Service Pack 1 (X64) Langue: Français (France)
Internet Explorer Version 11 (Navigateur par défaut: Chrome)
Mode d'amorçage: Normal
Tutoriel pour Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processus (Avec liste blanche) =================

(Si un élément est inclus dans le fichier fixlist.txt, le processus sera arrêté. Le fichier ne sera pas déplacé.)

(AMD) C:\Windows\System32\atiesrxx.exe
(Check Point Software Technologies Ltd.) C:\Program Files (x86)\CheckPoint\ZoneAlarm\vsmon.exe
(AMD) C:\Windows\System32\atieclxx.exe
(SUPERAntiSpyware.com) C:\Program Files\SUPERAntiSpyware\SASCore64.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Logitech, Inc.) C:\Program Files\Logitech\SetPointP\SetPoint.exe
(Check Point Software Technologies LTD) C:\Program Files (x86)\CheckPoint\AKL\AkSA.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
() C:\Program Files (x86)\ASUS\AXSP\1.00.14\atkexComSvc.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AI Suite II\AsRoutineController.exe
() C:\Program Files (x86)\ASUS\AAHM\1.00.14\aaHMSvc.exe
() C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.11\AsSysCtrlService.exe
(Logitech, Inc.) C:\Program Files\Common Files\Logishrd\KHAL3\KHALMNPR.exe
(ASUSTeK Computer Inc.) C:\Windows\SysWOW64\AsHookDevice.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Malwarebytes) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
(Malwarebytes) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
(Microsoft Corporation) C:\Program Files\Microsoft LifeCam\MSCamS64.exe
(Sony Corporation) C:\Program Files (x86)\Sony\PlayMemories Home\PMBDeviceInfoProvider.exe
(Malwarebytes) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
(Esumsoft) C:\Program Files (x86)\POP Peeper\POPPeeper.exe
(SUPERAntiSpyware) C:\Program Files\SUPERAntiSpyware\SUPERANTISPYWARE.EXE
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(AMD) C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AI Manager\AsShellApplication.exe
(Check Point Software Technologies Ltd.) C:\Program Files (x86)\CheckPoint\ZoneAlarm\zatray.exe
(Sony Corporation) C:\Program Files (x86)\Sony\PlayMemories Home\PMBVolumeWatcher.exe
(AMD) C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM64.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AI Suite II\EPU\EPUHelp.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AI Suite II\AI Suite II.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Check Point Software Technologies, Ltd.) C:\Program Files (x86)\CheckPoint\ZoneAlarm\ZAPrivacyService.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AI Suite II\Sensor\AlertHelper\AlertHelper.exe
(Dell SonicWALL, Inc.) C:\Program Files (x86)\CheckPoint\ZoneAlarm\MailFrontier\mantispm.exe
(Check Point Software Technologies, Ltd.) C:\Program Files (x86)\CheckPoint\ZoneAlarm\ThreatEmulation.exe
(Check Point Software Technologies Ltd.) C:\Program Files (x86)\CheckPoint\AntiTheft\Antitheft.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
(AppWork GmbH) C:\Users\Stéphane\AppData\Local\JDownloader v2.0\JDownloader2.exe
(Disc Soft Ltd) C:\Program Files\DAEMON Tools Lite\DiscSoftBusService.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\tv_w32.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\tv_x64.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe


==================== Registre (Avec liste blanche) ===========================

(Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé. Le fichier ne sera pas déplacé.)

HKLM\...\Run: [EvtMgr6] => C:\Program Files\Logitech\SetPointP\SetPoint.exe [3100440 2014-05-19] (Logitech, Inc.)
HKLM\...\Run: [ISW] => C:\Program Files (x86)\CheckPoint\AKL\AkSA.exe [935544 2016-01-22] (Check Point Software Technologies LTD)
HKLM-x32\...\Run: [RunAIShell] => C:\Program Files (x86)\ASUS\AI Manager\AsShellApplication.exe [232064 2009-12-23] (ASUSTeK Computer Inc.)
HKLM-x32\...\Run: [ZoneAlarm] => C:\Program Files (x86)\CheckPoint\ZoneAlarm\zatray.exe [134480 2016-03-24] (Check Point Software Technologies Ltd.)
HKLM-x32\...\Run: [PMBVolumeWatcher] => C:\Program Files (x86)\Sony\PlayMemories Home\PMBVolumeWatcher.exe [2724432 2015-12-26] (Sony Corporation)
Winlogon\Notify\LBTWlgn: c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll (Logitech, Inc.)
Winlogon\Notify\SDWinLogon-x32: SDWinLogon.dll [X]
HKU\S-1-5-21-2553047112-962110535-2580230815-1001\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [53123712 2016-05-17] (Skype Technologies S.A.)
HKU\S-1-5-21-2553047112-962110535-2580230815-1001\...\Run: [POP Peeper] => C:\Program Files (x86)\POP Peeper\POPPeeper.exe [2648272 2016-06-20] (Esumsoft)
HKU\S-1-5-21-2553047112-962110535-2580230815-1001\...\Run: [SUPERAntiSpyware] => C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe [7943072 2016-07-22] (SUPERAntiSpyware)
HKU\S-1-5-21-2553047112-962110535-2580230815-1001\...\Run: [DAEMON Tools Lite] => C:\Program Files\DAEMON Tools Lite\DTLite.exe [5583120 2015-02-27] (Disc Soft Ltd)
HKU\S-1-5-21-2553047112-962110535-2580230815-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [8891608 2016-07-13] (Piriform Ltd)
HKU\S-1-5-21-2553047112-962110535-2580230815-1001\...\Run: [HydraVisionDesktopManager] => C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM.exe [389120 2013-09-11] (AMD)
HKU\S-1-5-21-2553047112-962110535-2580230815-1001\...\Policies\Explorer: [NoLowDiskSpaceChecks] 1
HKU\S-1-5-21-2553047112-962110535-2580230815-1001\...\MountPoints2: K - K:\setup.exe
HKU\S-1-5-21-2553047112-962110535-2580230815-1001\...\MountPoints2: {671b6588-d06b-11e4-956b-10bf484f0037} - K:\setup.exe
HKU\S-1-5-21-2553047112-962110535-2580230815-1001\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\WLXPGSS.SCR [302448 2011-05-14] (Microsoft Corporation)
HKU\S-1-5-18\...\Run: [ZoneAlarm Windows 10 Upgrader] => "C:\ProgramData\CheckPoint\ZoneAlarm\Data\Updates\unpacked==win10=update_win10.zip\upgrade.exe" /delay
HKU\S-1-5-18\...\Run: [SpybotPostWindows10UpgradeReInstall] => C:\Program Files\Common Files\AV\Spybot - Search and Destroy\Test.exe [1011200 2015-07-28] (Safer-Networking Ltd.)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => Pas de fichier
Startup: C:\Users\Stéphane\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\JDownloader 2.lnk [2016-07-16]
ShortcutTarget: JDownloader 2.lnk -> C:\Users\Stéphane\AppData\Local\JDownloader v2.0\JDownloader2.exe (AppWork GmbH)
BootExecute: autocheck autochk * sdnclean64.exe

==================== Internet (Avec liste blanche) ====================

(Si un élément est inclus dans le fichier fixlist.txt, s'il s'agit d'un élément du Registre, il sera supprimé ou restauré à la valeur par défaut.)

Hosts: Il y a plus d'un élément dans hosts. Voir la section Hosts de Addition.txt
Tcpip\..\Interfaces\{A202AEC8-82B0-4FBC-A2E4-0D6C8D6ADD43}: [NameServer] 8.8.8.8,8.8.4.4,4.2.2.1,4.2.2.2,208.67.222.222,208.67.220.220,8.26.56.26,8.20.247.20,156.154.70.1,156.154.71.1

Internet Explorer:
==================
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.fr/
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.fr/?q={searchTerms}
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.fr/
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.fr/
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Local Page =
HKU\S-1-5-21-2553047112-962110535-2580230815-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.fr/
HKU\S-1-5-21-2553047112-962110535-2580230815-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://asus.msn.com/
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-2553047112-962110535-2580230815-1001 -> {012E1000-F331-11DB-8314-0800200C9A66} URL = hxxp://www.google.com/search?q={searchTerms}
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll [2015-05-11] (Oracle Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\jp2ssv.dll [2015-01-24] (Oracle Corporation)
Handler-x32: http - {E1D2BF42-A96B-11D1-9C6B-0000F875AC61} - C:\PROGRA~2\COMMON~1\System\OLEDB~1\MSDAIPP.DLL [1999-02-03] (Microsoft Corporation)
Handler-x32: http - {E1D2BF40-A96B-11D1-9C6B-0000F875AC61} - C:\PROGRA~2\COMMON~1\System\OLEDB~1\MSDAIPP.DLL [1999-02-03] (Microsoft Corporation)
Handler-x32: https - {E1D2BF42-A96B-11D1-9C6B-0000F875AC61} - C:\PROGRA~2\COMMON~1\System\OLEDB~1\MSDAIPP.DLL [1999-02-03] (Microsoft Corporation)
Handler-x32: https - {E1D2BF40-A96B-11D1-9C6B-0000F875AC61} - C:\PROGRA~2\COMMON~1\System\OLEDB~1\MSDAIPP.DLL [1999-02-03] (Microsoft Corporation)
Handler-x32: ipp - {E1D2BF42-A96B-11D1-9C6B-0000F875AC61} - C:\PROGRA~2\COMMON~1\System\OLEDB~1\MSDAIPP.DLL [1999-02-03] (Microsoft Corporation)
Handler-x32: msdaipp - {E1D2BF42-A96B-11D1-9C6B-0000F875AC61} - C:\PROGRA~2\COMMON~1\System\OLEDB~1\MSDAIPP.DLL [1999-02-03] (Microsoft Corporation)
Handler-x32: msdaipp - {E1D2BF40-A96B-11D1-9C6B-0000F875AC61} - C:\PROGRA~2\COMMON~1\System\OLEDB~1\MSDAIPP.DLL [1999-02-03] (Microsoft Corporation)

FireFox:
========
FF ProfilePath: C:\Users\Stéphane\AppData\Roaming\Mozilla\Firefox\Profiles\41A66E7E5EE1
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_22_0_0_209.dll [2016-07-12] ()
FF Plugin: @java.com/DTPlugin,version=10.5.0 -> C:\Windows\system32\npDeployJava1.dll [2015-05-11] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.5.0 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll [2015-05-11] (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE -> disabled [Pas de fichier]
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.50428.0\npctrl.dll [2016-04-27] ( Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=2.0.5 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2012-12-16] (VideoLAN)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_22_0_0_209.dll [2016-07-12] ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2000-01-01] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2000-01-01] (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.31.2 -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\dtplugin\npDeployJava1.dll [2015-01-24] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.31.2 -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\plugin2\npjp2.dll [2015-01-24] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [Pas de fichier]
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.50428.0\npctrl.dll [2016-04-27] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2011-05-14] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3538.0513 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2011-05-14] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-07-29] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-07-29] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll [2015-09-24] (Adobe Systems Inc.)
FF HKLM-x32\...\Firefox\Extensions: [{F003DA68-8256-4b37-A6C4-350FA04494DF}] - C:\Program Files\Logitech\SetPointP\LogiSmoothFirefoxExt
FF Extension: Logitech SetPoint - C:\Program Files\Logitech\SetPointP\LogiSmoothFirefoxExt [2014-09-30] [non signé]

Chrome:
=======
CHR StartupUrls: Default -> "hxxps://www.google.fr/"
CHR Profile: C:\Users\Stéphane\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Slides) - C:\Users\Stéphane\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2016-07-23]
CHR Extension: (Google Docs) - C:\Users\Stéphane\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2016-07-23]
CHR Extension: (Google Drive) - C:\Users\Stéphane\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-07-23]
CHR Extension: (Rapport) - C:\Users\Stéphane\AppData\Local\Google\Chrome\User Data\Default\Extensions\bbjllphbppobebmjpjcijfbakobcheof [2016-07-23]
CHR Extension: (YouTube) - C:\Users\Stéphane\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-07-23]
CHR Extension: (Google Sheets) - C:\Users\Stéphane\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2016-07-23]
CHR Extension: (Google Docs hors connexion) - C:\Users\Stéphane\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-07-23]
CHR Extension: (AdBlock) - C:\Users\Stéphane\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2016-07-28]
CHR Extension: (Tabs to the front!) - C:\Users\Stéphane\AppData\Local\Google\Chrome\User Data\Default\Extensions\hjaooagfdhdhmbfchnkhggjmacjlacla [2016-07-23]
CHR Extension: (Hotmixradio 90s) - C:\Users\Stéphane\AppData\Local\Google\Chrome\User Data\Default\Extensions\neljbigncpgfojoegfmpkajlnjdjmdmc [2016-07-23]
CHR Extension: (Paiements via le Chrome Web Store) - C:\Users\Stéphane\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-07-23]
CHR Extension: (Gmail) - C:\Users\Stéphane\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-07-23]
CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM\...\Chrome\Extension: [ngpampappnmepgilojfohadhhmbhlaek] -
CHR HKU\S-1-5-21-2553047112-962110535-2580230815-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [bbjllphbppobebmjpjcijfbakobcheof] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx

==================== Services (Avec liste blanche) ========================

(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)

R2 !SASCORE; C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE [172344 2014-07-23] (SUPERAntiSpyware.com)
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [77128 2015-02-17] (Apple Inc.)
R2 asComSvc; C:\Program Files (x86)\ASUS\AXSP\1.00.14\atkexComSvc.exe [922240 2011-06-13] ()
R2 asHmComSvc; C:\Program Files (x86)\ASUS\AAHM\1.00.14\aaHMSvc.exe [915584 2010-12-02] ()
R2 AsSysCtrlService; C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.11\AsSysCtrlService.exe [586880 2010-10-21] ()
S3 BrYNSvc; C:\Program Files (x86)\Browny02\BrYNSvc.exe [266240 2012-06-05] (Brother Industries, Ltd.) [Fichier non signé]
S3 CWUpdaterDaemon; C:\Program Files (x86)\CheckPoint\Parental Controls\bin\cwupdater.exe [9729368 2015-08-13] (ContentWatch, Inc.)
R3 Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusService.exe [1272592 2015-02-27] (Disc Soft Ltd)
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [747520 2013-08-27] (Intel(R) Corporation) [Fichier non signé]
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [828376 2013-08-27] (Intel(R) Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2000-01-01] (Intel Corporation)
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1514464 2016-03-10] (Malwarebytes)
R2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1136608 2016-03-10] (Malwarebytes)
R2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [71680 2009-05-15] (Hewlett-Packard) [Fichier non signé]
R2 PMBDeviceInfoProvider; C:\Program Files (x86)\Sony\PlayMemories Home\PMBDeviceInfoProvider.exe [506960 2015-12-26] (Sony Corporation)
R2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [89600 2009-05-15] (Hewlett-Packard) [Fichier non signé]
S2 SDScannerService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [1738168 2014-06-24] (Safer-Networking Ltd.)
R2 SDUpdateService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [2088408 2014-06-27] (Safer-Networking Ltd.)
R2 SDWSCService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [171928 2014-04-25] (Safer-Networking Ltd.)
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [7183632 2016-07-18] (TeamViewer GmbH)
R2 vsmon; C:\Program Files (x86)\CheckPoint\ZoneAlarm\vsmon.exe [3746584 2016-03-24] (Check Point Software Technologies Ltd.)
S4 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
R2 ZAPrivacyService; C:\Program Files (x86)\CheckPoint\ZoneAlarm\ZaPrivacyService.exe [96272 2015-10-19] (Check Point Software Technologies, Ltd.)
R2 ZoneAlarm AntiTheft; C:\Program Files (x86)\CheckPoint\AntiTheft\Antitheft.exe [3145552 2016-03-24] (Check Point Software Technologies Ltd.)

===================== Pilotes (Avec liste blanche) ==========================

(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)

R0 AiChargerPlus; C:\Windows\System32\DRIVERS\AiChargerPlus.sys [14464 2010-11-09] (ASUSTek Computer Inc.)
R0 asahci64; C:\Windows\System32\drivers\asahci64.sys [36448 2011-03-24] (Asmedia Technology)
R2 ASInsHelp; C:\Windows\SysWow64\drivers\AsInsHelp64.sys [11832 2008-01-04] ()
R1 AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [13440 2010-08-24] ()
R1 AsUpIO; C:\Windows\SysWow64\drivers\AsUpIO.sys [14464 2010-08-03] ()
R1 CFRMD; C:\Windows\System32\DRIVERS\CFRMD.sys [37976 2014-06-26] (Windows (R) Win 7 DDK provider) [Fichier non signé]
S3 dg_ssudbus; C:\Windows\System32\DRIVERS\ssudbus.sys [129152 2016-04-25] (Samsung Electronics Co., Ltd.)
R3 dtlitescsibus; C:\Windows\System32\DRIVERS\dtlitescsibus.sys [30352 2015-03-22] (Disc Soft Ltd)
S3 ebdrv; C:\Windows\system32\drivers\evbda.sys [3286016 2009-06-10] (Broadcom Corporation)
S3 EsgScanner; C:\Windows\System32\DRIVERS\EsgScanner.sys [22704 2016-04-29] ()
R1 HMD; C:\Windows\System32\DRIVERS\hmd.sys [14888 2014-06-26] ()
R3 icsak; C:\Program Files (x86)\CheckPoint\AKL\ak\icsak.sys [48512 2014-07-17] (Check Point Software Technologies LTD)
R2 ISWKL; C:\Program Files (x86)\CheckPoint\AKL\ISWKL.sys [54144 2014-07-17] (Check Point Software Technologies LTD)
R0 KL1; C:\Windows\System32\DRIVERS\kl1.sys [478392 2015-11-26] (Kaspersky Lab ZAO)
R3 klflt; C:\Windows\System32\DRIVERS\klflt.sys [172920 2015-11-26] (AO Kaspersky Lab)
R1 klhk; C:\Windows\System32\DRIVERS\klhk.sys [227000 2015-11-26] (AO Kaspersky Lab)
R1 KLIF; C:\Windows\System32\DRIVERS\klif.sys [926584 2015-11-26] (AO Kaspersky Lab)
R1 Klwtp; C:\Windows\System32\DRIVERS\klwtp.sys [103096 2015-11-26] (Kaspersky Lab ZAO)
S3 ksapi64; C:\Windows\system32\drivers\ksapi64.sys [56680 2016-05-08] (Kingsoft Corporation)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [27008 2016-03-10] (Malwarebytes)
R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [192216 2016-07-29] (Malwarebytes)
R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [64896 2016-03-10] (Malwarebytes Corporation)
R3 MEIx64; C:\Windows\System32\DRIVERS\TeeDriverx64.sys [100312 2000-01-01] (Intel Corporation)
U5 RTSPER; C:\Windows\System32\Drivers\RTSPER.sys [788696 2000-01-01] (Realsil Semiconductor Corporation)
R3 RTSUER; C:\Windows\System32\Drivers\RtsUer.sys [377560 2000-01-01] (Realsil Semiconductor Corporation)
R1 SASDIFSV; C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS [14928 2011-07-22] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
R1 SASKUTIL; C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS [12368 2011-07-12] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
S3 ssudmdm; C:\Windows\System32\DRIVERS\ssudmdm.sys [221824 2016-04-25] (Samsung Electronics Co., Ltd.)
S3 ssudserd; C:\Windows\System32\DRIVERS\ssudserd.sys [221824 2016-04-25] (Samsung Electronics Co., Ltd.)
U5 UnlockerDriver5; C:\Program Files\Unlocker\UnlockerDriver5.sys [12352 2010-07-01] ()
S3 VLAN; C:\Windows\System32\DRIVERS\RtVLAN60.sys [29472 2010-01-14] (Windows (R) Codename Longhorn DDK provider)
R1 Vsdatant; C:\Windows\System32\DRIVERS\vsdatant.sys [462296 2016-07-27] (Check Point Software Technologies Ltd.)

==================== NetSvcs (Avec liste blanche) ===================

(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)


==================== Un mois - Créés - fichiers et dossiers ========

(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)

2016-07-29 19:30 - 2016-07-29 19:31 - 00024296 _____ C:\Users\Stéphane\Desktop\FRST.txt
2016-07-29 19:29 - 2016-07-29 19:30 - 00000000 ____D C:\FRST
2016-07-29 19:28 - 2016-07-29 19:28 - 02394112 _____ (Farbar) C:\Users\Stéphane\Desktop\FRST64.exe
2016-07-28 14:21 - 2016-07-28 14:21 - 00000000 ____D C:\Users\Stéphane\Impostazioni locali
2016-07-24 08:50 - 2016-07-24 08:50 - 02284032 _____ C:\Users\Stéphane\ZHPCleaner.exe
2016-07-23 10:14 - 2016-07-23 09:29 - 00024064 _____ C:\Windows\zoek-delete.exe
2016-07-23 09:51 - 2016-07-23 11:10 - 00000000 ____D C:\zoek
2016-07-23 09:29 - 2016-07-23 09:52 - 00000000 ____D C:\zoek_backup
2016-07-23 08:45 - 2016-07-29 18:56 - 00001070 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2016-07-23 08:45 - 2016-07-29 14:56 - 00001066 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2016-07-23 08:45 - 2016-07-29 14:51 - 00004066 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2016-07-23 08:45 - 2016-07-29 14:51 - 00003814 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2016-07-23 08:45 - 2016-07-23 08:45 - 00002199 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-07-20 19:27 - 2016-07-20 19:27 - 00000000 ____D C:\Windows\EOONotify
2016-07-17 10:40 - 2016-07-17 10:40 - 00000000 ____D C:\Users\Stéphane\AppData\Local\4kdownload.com
2016-07-15 11:18 - 2016-06-11 08:57 - 00394448 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2016-07-15 11:18 - 2016-06-11 06:48 - 00346320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2016-07-15 11:18 - 2016-06-10 23:38 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2016-07-15 11:18 - 2016-06-10 23:38 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2016-07-15 11:18 - 2016-06-10 23:20 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2016-07-15 11:18 - 2016-06-10 23:19 - 00417792 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2016-07-15 11:18 - 2016-06-10 23:19 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2016-07-15 11:18 - 2016-06-10 23:18 - 00572416 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2016-07-15 11:18 - 2016-06-10 23:18 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2016-07-15 11:18 - 2016-06-10 23:17 - 02895360 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2016-07-15 11:18 - 2016-06-10 23:10 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2016-07-15 11:18 - 2016-06-10 23:08 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2016-07-15 11:18 - 2016-06-10 23:05 - 25814016 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2016-07-15 11:18 - 2016-06-10 23:04 - 00615936 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2016-07-15 11:18 - 2016-06-10 23:03 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2016-07-15 11:18 - 2016-06-10 23:03 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2016-07-15 11:18 - 2016-06-10 23:02 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2016-07-15 11:18 - 2016-06-10 23:02 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2016-07-15 11:18 - 2016-06-10 22:53 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2016-07-15 11:18 - 2016-06-10 22:50 - 00489984 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2016-07-15 11:18 - 2016-06-10 22:49 - 06047744 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2016-07-15 11:18 - 2016-06-10 22:40 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2016-07-15 11:18 - 2016-06-10 22:38 - 00107520 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2016-07-15 11:18 - 2016-06-10 22:35 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2016-07-15 11:18 - 2016-06-10 22:34 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2016-07-15 11:18 - 2016-06-10 22:31 - 00315392 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2016-07-15 11:18 - 2016-06-10 22:28 - 00152064 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2016-07-15 11:18 - 2016-06-10 22:15 - 00262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2016-07-15 11:18 - 2016-06-10 22:13 - 00724992 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2016-07-15 11:18 - 2016-06-10 22:12 - 00806400 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2016-07-15 11:18 - 2016-06-10 22:11 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2016-07-15 11:18 - 2016-06-10 22:10 - 02131456 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2016-07-15 11:18 - 2016-06-10 21:45 - 15409664 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2016-07-15 11:18 - 2016-06-10 21:44 - 02869248 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2016-07-15 11:18 - 2016-06-10 21:30 - 01550848 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2016-07-15 11:18 - 2016-06-10 21:21 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2016-07-15 11:18 - 2016-06-10 21:09 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2016-07-15 11:18 - 2016-06-10 20:54 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2016-07-15 11:18 - 2016-06-10 20:53 - 00497664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2016-07-15 11:18 - 2016-06-10 20:53 - 00341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2016-07-15 11:18 - 2016-06-10 20:53 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2016-07-15 11:18 - 2016-06-10 20:52 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2016-07-15 11:18 - 2016-06-10 20:47 - 02287104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2016-07-15 11:18 - 2016-06-10 20:46 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2016-07-15 11:18 - 2016-06-10 20:45 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2016-07-15 11:18 - 2016-06-10 20:42 - 20348928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2016-07-15 11:18 - 2016-06-10 20:42 - 00476160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2016-07-15 11:18 - 2016-06-10 20:41 - 00663552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2016-07-15 11:18 - 2016-06-10 20:41 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2016-07-15 11:18 - 2016-06-10 20:41 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2016-07-15 11:18 - 2016-06-10 20:32 - 00416256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2016-07-15 11:18 - 2016-06-10 20:27 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2016-07-15 11:18 - 2016-06-10 20:26 - 00091136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
2016-07-15 11:18 - 2016-06-10 20:24 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2016-07-15 11:18 - 2016-06-10 20:23 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2016-07-15 11:18 - 2016-06-10 20:21 - 00279040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2016-07-15 11:18 - 2016-06-10 20:19 - 00130048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2016-07-15 11:18 - 2016-06-10 20:14 - 04608000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2016-07-15 11:18 - 2016-06-10 20:12 - 00230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2016-07-15 11:18 - 2016-06-10 20:10 - 00692736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2016-07-15 11:18 - 2016-06-10 20:09 - 02055680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2016-07-15 11:18 - 2016-06-10 20:09 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2016-07-15 11:18 - 2016-06-10 19:58 - 13806080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2016-07-15 11:18 - 2016-06-10 19:45 - 02392576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2016-07-15 11:18 - 2016-06-10 19:42 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2016-07-15 11:18 - 2016-06-10 19:41 - 01315840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2016-07-15 11:17 - 2016-06-26 02:35 - 00041704 _____ (Microsoft Corporation) C:\Windows\system32\CompatTelRunner.exe
2016-07-15 11:17 - 2016-06-26 02:27 - 01208320 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2016-07-15 11:17 - 2016-06-26 02:27 - 00970240 _____ (Microsoft Corporation) C:\Windows\system32\localspl.dll
2016-07-15 11:17 - 2016-06-26 02:27 - 00756736 _____ (Microsoft Corporation) C:\Windows\system32\win32spl.dll
2016-07-15 11:17 - 2016-06-26 02:27 - 00344576 _____ (Microsoft Corporation) C:\Windows\system32\ntprint.dll
2016-07-15 11:17 - 2016-06-26 02:27 - 00166400 _____ (Microsoft Corporation) C:\Windows\system32\inetpp.dll
2016-07-15 11:17 - 2016-06-26 02:27 - 00022528 _____ (Microsoft Corporation) C:\Windows\system32\inetppui.dll
2016-07-15 11:17 - 2016-06-25 21:54 - 00497152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\win32spl.dll
2016-07-15 11:17 - 2016-06-25 21:53 - 00297472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntprint.dll
2016-07-15 11:17 - 2016-06-25 21:53 - 00061952 _____ (Microsoft Corporation) C:\Windows\system32\ntprint.exe
2016-07-15 11:17 - 2016-06-25 21:53 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\wpnpinst.exe
2016-07-15 11:17 - 2016-06-25 21:41 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntprint.exe
2016-07-15 11:17 - 2016-06-22 15:06 - 00268800 _____ (Microsoft Corporation) C:\Windows\system32\centel.dll
2016-07-15 11:17 - 2016-06-17 20:24 - 01490432 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2016-07-15 11:17 - 2016-06-17 20:24 - 00571904 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2016-07-15 11:17 - 2016-06-17 20:24 - 00544256 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2016-07-15 11:17 - 2016-06-17 20:24 - 00294912 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2016-07-15 11:17 - 2016-06-17 20:24 - 00219136 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll
2016-07-15 11:17 - 2016-06-17 20:24 - 00076800 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2016-07-15 11:17 - 2016-06-14 17:03 - 03217408 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2016-07-15 09:02 - 2016-07-15 09:02 - 00000000 ____D C:\Users\Stéphane\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Applications Chrome
2016-07-10 14:50 - 2016-07-10 14:50 - 00000000 ____D C:\Users\Stéphane\AppData\Local\Adobe
2016-07-10 11:29 - 2016-07-10 11:29 - 00000000 ____D C:\Users\Stéphane\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\JDownloader
2016-07-10 11:28 - 2016-07-29 19:27 - 00000000 ____D C:\Users\Stéphane\AppData\Local\JDownloader v2.0
2016-07-10 11:05 - 2016-07-23 09:20 - 00000000 ____D C:\AdwCleaner
2016-07-10 10:54 - 2016-07-10 10:54 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ZHP
2016-07-10 10:54 - 2016-07-10 10:54 - 00000000 ____D C:\Program Files (x86)\ZHPFix

==================== Un mois - Modifiés - fichiers et dossiers ========

(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)

2016-07-29 19:31 - 2014-09-30 14:51 - 00000000 ____D C:\Users\Stéphane\AppData\Roaming\Skype
2016-07-29 19:27 - 2015-02-11 15:16 - 00192216 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2016-07-29 18:34 - 2014-10-28 09:34 - 00001002 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2016-07-29 14:33 - 2009-07-14 06:45 - 00024608 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2016-07-29 14:33 - 2009-07-14 06:45 - 00024608 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2016-07-29 14:23 - 2009-07-14 07:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2016-07-28 14:21 - 2014-09-30 11:36 - 00000000 ____D C:\Users\Stéphane
2016-07-27 07:09 - 2016-02-13 03:46 - 00462296 _____ (Check Point Software Technologies Ltd.) C:\Windows\system32\Drivers\vsdatant.sys
2016-07-27 07:09 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\inf
2016-07-25 14:40 - 2011-03-15 23:23 - 00855360 _____ C:\Windows\system32\perfh00C.dat
2016-07-25 14:40 - 2011-03-15 23:23 - 00210512 _____ C:\Windows\system32\perfc00C.dat
2016-07-25 14:40 - 2009-07-14 07:13 - 01854660 _____ C:\Windows\system32\PerfStringBackup.INI
2016-07-24 09:30 - 2014-09-30 18:44 - 00000000 ____D C:\ProgramData\TEMP
2016-07-24 09:03 - 2016-04-29 22:05 - 00000000 ____D C:\Users\Stéphane\AppData\Roaming\ZHP
2016-07-23 14:43 - 2016-04-07 21:34 - 00001064 _____ C:\Windows\Tasks\Adobe Flash Player PPAPI Notifier.job
2016-07-23 10:38 - 2016-04-29 22:44 - 00000008 __RSH C:\ProgramData\ntuser.pol
2016-07-23 09:52 - 2009-07-14 05:20 - 00000000 ___HD C:\Windows\system32\GroupPolicy
2016-07-23 09:23 - 2015-04-23 12:55 - 00000000 ____D C:\Users\Stéphane\AppData\Roaming\POP Peeper
2016-07-23 08:45 - 2015-02-11 15:31 - 00000000 ____D C:\Program Files (x86)\Google
2016-07-23 08:28 - 2016-04-29 20:54 - 00000000 ____D C:\Program Files\SUPERAntiSpyware
2016-07-20 19:27 - 2016-05-07 03:00 - 00000000 ___SD C:\Windows\SysWOW64\GWX
2016-07-20 19:27 - 2016-05-07 03:00 - 00000000 ___SD C:\Windows\system32\GWX
2016-07-19 18:36 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\SysWOW64\GroupPolicy
2016-07-19 17:05 - 2015-12-07 18:58 - 00000977 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 11.lnk
2016-07-19 17:05 - 2014-09-30 14:58 - 00000000 ____D C:\Program Files (x86)\TeamViewer
2016-07-17 10:40 - 2015-10-31 17:11 - 00000000 ____D C:\Users\Stéphane\Documents\VirtualDJ
2016-07-17 09:23 - 2015-08-02 08:59 - 00004476 _____ C:\Windows\System32\Tasks\Adobe Acrobat Update Task
2016-07-16 19:22 - 2016-02-21 10:37 - 00002334 _____ C:\Users\Stéphane\Desktop\Arrêt.lnk
2016-07-16 08:45 - 2009-07-14 06:45 - 00582832 _____ C:\Windows\system32\FNTCACHE.DAT
2016-07-16 08:44 - 2014-12-10 11:19 - 00000000 ____D C:\Windows\system32\appraiser
2016-07-16 08:44 - 2010-11-21 09:17 - 00000000 ____D C:\Program Files\Windows Journal
2016-07-15 22:06 - 2014-10-02 21:03 - 00000000 ____D C:\Windows\system32\MRT
2016-07-15 21:56 - 2014-10-02 21:03 - 144749672 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2016-07-15 08:47 - 2009-07-14 07:08 - 00032482 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2016-07-15 08:34 - 2014-10-28 09:34 - 00003940 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2016-07-15 08:34 - 2014-10-28 09:33 - 00796352 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2016-07-15 08:34 - 2011-09-15 06:11 - 00142528 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2016-07-13 16:39 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\system32\NDF
2016-07-12 21:58 - 2014-09-30 16:16 - 00000000 ____D C:\Users\Stéphane\AppData\Roaming\Audacity
2016-07-12 19:33 - 2014-11-20 14:37 - 00000000 ____D C:\Users\Stéphane\AppData\Roaming\TeamViewer
2016-07-12 14:34 - 2016-04-07 21:34 - 00004056 _____ C:\Windows\System32\Tasks\Adobe Flash Player PPAPI Notifier
2016-07-12 12:34 - 2014-10-28 09:33 - 00000000 ____D C:\Windows\system32\Macromed
2016-07-12 12:34 - 2011-09-15 06:11 - 00000000 ____D C:\Windows\SysWOW64\Macromed
2016-07-10 10:50 - 2014-11-25 18:27 - 00000000 ____D C:\Temp
2016-07-10 10:39 - 2014-09-30 18:44 - 00000000 ____D C:\Program Files (x86)\SpywareBlaster
2016-07-07 15:57 - 2015-12-06 21:38 - 00000000 ____D C:\Windows\Minidump
2016-07-06 13:04 - 2016-05-17 10:03 - 00000000 ____D C:\Users\Stéphane\AppData\Roaming\MuseScore

==================== Fichiers à la racine de certains dossiers =======

2012-10-03 23:09 - 2012-10-03 23:09 - 132491811 _____ (fcportables.blogspot.com) C:\Program Files\nero.exe
1999-04-06 14:27 - 1999-04-06 14:27 - 0099840 _____ (Symantec Corp.) C:\Program Files (x86)\Common Files\IRAABOUT.DLL
1998-12-09 04:53 - 1998-12-09 04:53 - 0048640 _____ (Symantec Corp., Peter Norton Computing Group) C:\Program Files (x86)\Common Files\IRALPTTR.DLL
1998-12-09 04:53 - 1998-12-09 04:53 - 0070144 _____ (Symantec Corp., Peter Norton Computing Group) C:\Program Files (x86)\Common Files\IRAMDMTR.DLL
1998-12-09 04:53 - 1998-12-09 04:53 - 0186368 _____ (Symantec Corp., Peter Norton Computing Group) C:\Program Files (x86)\Common Files\IRAREG.DLL
1998-12-09 04:53 - 1998-12-09 04:53 - 0017920 _____ (Symantec Corp.) C:\Program Files (x86)\Common Files\IRASRIAL.DLL
1998-12-09 04:53 - 1998-12-09 04:53 - 0031744 _____ (Symantec Corp., Peter Norton Computing Group) C:\Program Files (x86)\Common Files\IRAWEBTR.DLL
2014-12-25 12:38 - 2015-08-15 13:11 - 0013312 _____ () C:\Users\Stéphane\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2014-12-12 11:41 - 2014-12-12 11:41 - 0007625 _____ () C:\Users\Stéphane\AppData\Local\Resmon.ResmonCfg

Fichiers à déplacer ou supprimer:
====================
C:\Users\Stéphane\ZHPCleaner.exe


Certains fichiers dans TEMP:
====================
C:\Users\Stéphane\AppData\Local\Temp\proxy_vole1826111068135868439.dll
C:\Users\Stéphane\AppData\Local\Temp\proxy_vole4197841359803312229.dll
C:\Users\Stéphane\AppData\Local\Temp\proxy_vole6219849959191321835.dll


==================== Bamital & volsnap =================

(Il n'y a pas de correction automatique pour les fichiers qui ne satisfont pas à la vérification.)

C:\Windows\system32\winlogon.exe => Le fichier est signé numériquement
C:\Windows\system32\wininit.exe => Le fichier est signé numériquement
C:\Windows\SysWOW64\wininit.exe => Le fichier est signé numériquement
C:\Windows\explorer.exe
[2016-05-22 11:43] - [2016-05-28 20:46] - 3240960 ____A (Microsoft Corporation) B0907CD458B43969E38C04FC1A71C1CF

C:\Windows\SysWOW64\explorer.exe => Le fichier est signé numériquement
C:\Windows\system32\svchost.exe => Le fichier est signé numériquement
C:\Windows\SysWOW64\svchost.exe => Le fichier est signé numériquement
C:\Windows\system32\services.exe => Le fichier est signé numériquement
C:\Windows\system32\User32.dll => Le fichier est signé numériquement
C:\Windows\SysWOW64\User32.dll => Le fichier est signé numériquement
C:\Windows\system32\userinit.exe => Le fichier est signé numériquement
C:\Windows\SysWOW64\userinit.exe => Le fichier est signé numériquement
C:\Windows\system32\rpcss.dll => Le fichier est signé numériquement
C:\Windows\system32\dnsapi.dll => Le fichier est signé numériquement
C:\Windows\SysWOW64\dnsapi.dll => Le fichier est signé numériquement
C:\Windows\system32\Drivers\volsnap.sys => Le fichier est signé numériquement


LastRegBack: 2015-07-14 13:04

==================== Fin de FRST.txt ============================

Publicité


Signaler le contenu de ce document

Publicité