Publicité
Publicité
Format du document : text/plain
Prévisualisation
Résultats d'analyse de Farbar Recovery Scan Tool (FRST) (x64) Version: 10-10-2016
Exécuté par Mathis (administrateur) sur PAVILLON15E049S (13-10-2016 10:20:32)
Exécuté depuis C:\Users\Mathis\Desktop
Profils chargés: Mathis (Profils disponibles: Mathis & CCCCCCCCCCCCCCCCCCCC)
Platform: Windows 8.1 (Update) (X64) Langue: Français (France)
Internet Explorer Version 11 (Navigateur par défaut: Chrome)
Mode d'amorçage: Normal
Tutoriel pour Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processus (Avec liste blanche) =================
(Si un élément est inclus dans le fichier fixlist.txt, le processus sera arrêté. Le fichier ne sera pas déplacé.)
(AMD) C:\Windows\System32\atiesrxx.exe
(Hewlett-Packard Company) C:\Windows\System32\hpservice.exe
(Sandboxie Holdings, LLC) Z:\Softs\Sandboxie\SbieSvc.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Advanced Micro Devices, Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP System Event\HPWMISVC.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe
(Microsoft Corporation) C:\Windows\System32\alg.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\NisSrv.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe
(HP Inc.) C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MpCmdRun.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe
(Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP 3D DriveGuard\AccelerometerSt.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP System Event\HPMSGSVC.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
(CyberLink) C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP CoolSense\CoolSense.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(HP Inc.) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe
==================== Registre (Avec liste blanche) ====================
(Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé. Le fichier ne sera pas déplacé.)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [3053808 2013-10-27] (Synaptics Incorporated)
HKLM-x32\...\Run: [RemoteControl10] => C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe [95192 2013-04-10] (CyberLink Corp.)
HKLM-x32\...\Run: [AccelerometerSysTrayApplet] => C:\Program Files (x86)\Hewlett-Packard\HP 3D DriveGuard\AccelerometerST.exe [77088 2013-07-24] (Hewlett-Packard Company)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [766688 2014-07-04] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [HPMessageService] => C:\Program Files (x86)\Hewlett-Packard\HP System Event\HPMSGSVC.exe [654088 2015-02-17] (Hewlett-Packard Development Company, L.P.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [596528 2015-11-09] (Oracle Corporation)
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [96056 2013-05-30] (Hewlett-Packard)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [BlueStacks Agent] => C:\Program Files (x86)\BlueStacks\HD-Agent.exe
HKU\S-1-5-21-3531046685-3261579373-2195462380-1002\...\Run: [Facebook Update] => C:\Users\Mathis\AppData\Local\Facebook\Update\FacebookUpdate.exe [138096 2014-01-28] (Facebook Inc.)
HKU\S-1-5-21-3531046685-3261579373-2195462380-1002\...\Run: [SandboxieControl] => Z:\Softs\Sandboxie\SbieCtrl.exe [787592 2015-05-28] (Sandboxie Holdings, LLC)
HKU\S-1-5-21-3531046685-3261579373-2195462380-1002\...\Run: [Steam] => Z:\Softs\Steam\steam.exe [2858272 2016-09-20] (Valve Corporation)
HKU\S-1-5-21-3531046685-3261579373-2195462380-1002\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [53282944 2015-06-29] (Skype Technologies S.A.)
HKU\S-1-5-21-3531046685-3261579373-2195462380-1002\...\Run: [TomTomHOME.exe] => "Z:\Softs\TomTom Home\TomTom HOME 2\TomTomHOMERunner.exe" -s
HKU\S-1-5-21-3531046685-3261579373-2195462380-1002\...\Run: [MyComGames] => "C:\Users\Mathis\AppData\Local\MyComGames\MyComGames.exe" -autostart
HKU\S-1-5-21-3531046685-3261579373-2195462380-1002\...\Run: [Dropbox Update] => C:\Users\Mathis\AppData\Local\Dropbox\Update\DropboxUpdate.exe [136048 2015-10-12] (Dropbox, Inc.)
HKU\S-1-5-21-3531046685-3261579373-2195462380-1002\...\MountPoints2: {6edb415c-a733-11e3-beb8-a0481c06e9ef} - "F:\Une-cle-pour-demarrer.exe"
HKU\S-1-5-21-3531046685-3261579373-2195462380-1002\...\MountPoints2: {8fdfbef7-42b7-11e5-bf40-a0481c06e9ef} - "F:\LG_PC_Programs.exe"
HKU\S-1-5-21-3531046685-3261579373-2195462380-1002\...\MountPoints2: {d145bfb5-ac88-11e5-bf6f-a0481c06e9ef} - "F:\Setup.exe"
HKU\S-1-5-18\...\Run: [Power2GoExpress8] => C:\Program Files (x86)\CyberLink\Power2Go8\Power2GoExpress8.exe [1728952 2015-06-22] (CyberLink Corp.)
ShellIconOverlayIdentifiers: [ SkyDrive1] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => Pas de fichier
ShellIconOverlayIdentifiers: [ SkyDrive2] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => Pas de fichier
ShellIconOverlayIdentifiers: [ SkyDrive3] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => Pas de fichier
ShellIconOverlayIdentifiers: ["DropboxExt1"] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Mathis\AppData\Roaming\Dropbox\bin\DropboxExt64.65536.dll [2016-10-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt2"] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Mathis\AppData\Roaming\Dropbox\bin\DropboxExt64.65536.dll [2016-10-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt3"] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Mathis\AppData\Roaming\Dropbox\bin\DropboxExt64.65536.dll [2016-10-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt4"] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Mathis\AppData\Roaming\Dropbox\bin\DropboxExt64.65536.dll [2016-10-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt5"] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Mathis\AppData\Roaming\Dropbox\bin\DropboxExt64.65536.dll [2016-10-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt6"] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Mathis\AppData\Roaming\Dropbox\bin\DropboxExt64.65536.dll [2016-10-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt7"] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Mathis\AppData\Roaming\Dropbox\bin\DropboxExt64.65536.dll [2016-10-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt8"] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Mathis\AppData\Roaming\Dropbox\bin\DropboxExt64.65536.dll [2016-10-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ SkyDrive1] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => Pas de fichier
ShellIconOverlayIdentifiers-x32: [ SkyDrive2] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => Pas de fichier
ShellIconOverlayIdentifiers-x32: [ SkyDrive3] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => Pas de fichier
Startup: C:\Users\Mathis\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Alertes de surveillance de l'encre - HP Officejet Pro 6830.lnk [2016-08-18]
Startup: C:\Users\Mathis\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk [2015-10-12]
ShortcutTarget: Dropbox.lnk -> C:\Users\Mathis\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
GroupPolicy: Restriction - Chrome <======= ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Restriction <======= ATTENTION
==================== Internet (Avec liste blanche) ====================
(Si un élément est inclus dans le fichier fixlist.txt, s'il s'agit d'un élément du Registre, il sera supprimé ou restauré à la valeur par défaut.)
AutoConfigURL: [S-1-5-21-3531046685-3261579373-2195462380-1002] => hxxp://noneblock.biz/wpad.dat?32ab9ea066b9c6abd2f64fb527b2303118137393
Tcpip\Parameters: [DhcpNameServer] 192.168.1.254
Tcpip\..\Interfaces\{B9C73D13-B206-4BE1-B55A-EC7F49A667BB}: [DhcpNameServer] 192.168.1.254
ManualProxies: 0hxxp://noneblock.biz/wpad.dat?32ab9ea066b9c6abd2f64fb527b2303118137393
Internet Explorer:
==================
HKU\S-1-5-21-3531046685-3261579373-2195462380-1002\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/?LinkID=617910&ResetID=131199752742185755&GUID=D8AB4B09-2EE8-4728-B8E4-8A4D5BBB4377
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/?LinkID=617910&ResetID=131199752742189840&GUID=D8AB4B09-2EE8-4728-B8E4-8A4D5BBB4377
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://g.uk.msn.com/HPNOT13/3
HKU\S-1-5-21-3531046685-3261579373-2195462380-1002\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://g.uk.msn.com/HPNOT13/3
HKU\S-1-5-21-3531046685-3261579373-2195462380-1002\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.bing.com/search?q={searchTerms}&FORM=INMODF&PC=IN05
HKU\S-1-5-21-3531046685-3261579373-2195462380-1002\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/p/?LinkId=619797&pc=UE12&ocid=UE12DHP
HKU\S-1-5-21-3531046685-3261579373-2195462380-1002\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxp://www.bing.com/search?q={searchTerms}&FORM=INMODF&PC=IN05
SearchScopes: HKLM -> {CF6E4C5A-A4C9-4373-9254-2390FFEFD754} URL = hxxp://www.amazon.fr/s/ref=azs_osd_ieafr?ie=UTF-8&tag=hp-fr2-vsb-21&link%5Fcode=qs&index=aps&field-keywords={searchTerms}
SearchScopes: HKLM -> {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = hxxp://rover.ebay.com/rover/1/709-29563-11896-9/4 ?mpre=http%3A%2F%2Fwww.ebay.com%2Fsch%2F%3F_nkw%3D{searchTerms}&keyword={searchTerms}
SearchScopes: HKLM-x32 -> {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL = hxxp://www.bing.com/search?q={searchTerms}&FORM=INMODF&PC=IN05
SearchScopes: HKLM-x32 -> {CF6E4C5A-A4C9-4373-9254-2390FFEFD754} URL = hxxp://www.amazon.fr/s/ref=azs_osd_ieafr?ie=UTF-8&tag=hp-fr2-vsb-21&link%5Fcode=qs&index=aps&field-keywords={searchTerms}
SearchScopes: HKLM-x32 -> {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = hxxp://rover.ebay.com/rover/1/709-29563-11896-9/4 ?mpre=http%3A%2F%2Fwww.ebay.com%2Fsch%2F%3F_nkw%3D{searchTerms}&keyword={searchTerms}
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-3531046685-3261579373-2195462380-1002 -> {CF6E4C5A-A4C9-4373-9254-2390FFEFD754} URL = hxxp://www.amazon.fr/s/ref=azs_osd_ieafr?ie=UTF-8&tag=hp-fr2-vsb-21&link%5Fcode=qs&index=aps&field-keywords={searchTerms}
SearchScopes: HKU\S-1-5-21-3531046685-3261579373-2195462380-1002 -> {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = hxxp://rover.ebay.com/rover/1/709-29563-11896-9/4 ?mpre=http%3A%2F%2Fwww.ebay.com%2Fsch%2F%3F_nkw%3D{searchTerms}&keyword={searchTerms}
BHO: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll [2016-07-21] (HP Inc.)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_66\bin\ssv.dll [2015-12-29] (Oracle Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_66\bin\jp2ssv.dll [2015-12-29] (Oracle Corporation)
BHO-x32: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll [2016-07-21] (HP Inc.)
IE Session Restore: HKU\S-1-5-21-3531046685-3261579373-2195462380-1002 -> est activé.
FireFox:
========
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll [Pas de fichier]
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\windows\SysWOW64\Adobe\Director\np32dsw_1166636.dll [2012-08-08] (Adobe Systems, Inc.)
FF Plugin-x32: @java.com/DTPlugin,version=11.66.2 -> C:\Program Files (x86)\Java\jre1.8.0_66\bin\dtplugin\npDeployJava1.dll [2015-12-29] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.66.2 -> C:\Program Files (x86)\Java\jre1.8.0_66\bin\plugin2\npjp2.dll [2015-12-29] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3505.0912 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-09-12] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-10-12] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-10-12] (Google Inc.)
FF Plugin HKU\S-1-5-21-3531046685-3261579373-2195462380-1002: @Skype Limited.com/Facebook Video Calling Plugin -> C:\Users\Mathis\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll [2014-07-24] (Skype Limited)
FF Plugin HKU\S-1-5-21-3531046685-3261579373-2195462380-1002: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Mathis\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2015-04-27] (Unity Technologies ApS)
Chrome:
=======
CHR Profile: C:\Users\Mathis\AppData\Local\Google\Chrome\User Data\Default [2016-10-13]
CHR Extension: (Paiements via le Chrome Web Store) - C:\Users\Mathis\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-10-12]
CHR Extension: (Chrome Media Router) - C:\Users\Mathis\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2016-10-12]
==================== Services (Avec liste blanche) ====================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
R2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [361984 2013-04-17] (Advanced Micro Devices, Inc.) [Fichier non signé]
S3 BRSptStub; C:\ProgramData\BitRaider\BRSptStub.exe [363208 2015-04-04] (BitRaider, LLC)
R2 HPSupportSolutionsFrameworkService; C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe [29728 2016-08-15] (HP Inc.)
R2 HPWMISVC; c:\Program Files (x86)\Hewlett-Packard\HP System Event\HPWMISVC.exe [608520 2015-02-17] (Hewlett-Packard Development Company, L.P.)
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe [73728 2004-10-22] (Macrovision Corporation) [Fichier non signé]
R2 SbieSvc; Z:\Softs\Sandboxie\SbieSvc.exe [176264 2015-05-28] (Sandboxie Holdings, LLC)
S3 vmicvss; C:\Windows\System32\ICSvc.dll [524800 2014-10-29] (Microsoft Corporation)
R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [366552 2015-07-07] (Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2015-07-07] (Microsoft Corporation)
===================== Pilotes (Avec liste blanche) ======================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
R0 amdkmpfd; C:\Windows\System32\drivers\amdkmpfd.sys [37472 2013-10-27] (Advanced Micro Devices, Inc.)
S2 AODDriver4.2.0; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [57472 2012-04-09] (Advanced Micro Devices)
R3 AtiHDAudioService; C:\Windows\system32\drivers\AtihdW86.sys [94208 2013-02-15] (Advanced Micro Devices)
S3 BRDriver64_1_3_3_E02B25FC; C:\ProgramData\BitRaider\support\1.3.3\E02B25FC\BRDriver64.sys [78088 2015-04-04] (BitRaider)
S3 bthav; C:\Windows\system32\drivers\bthav.sys [40448 2008-07-10] (CSR, plc)
R1 CLVirtualDrive; C:\Windows\system32\DRIVERS\CLVirtualDrive.sys [100624 2015-06-08] (CyberLink)
S0 ebdrv; C:\Windows\System32\drivers\evbda.sys [3357024 2013-08-22] (Broadcom Corporation)
S3 EsgScanner; C:\Windows\System32\DRIVERS\EsgScanner.sys [22704 2016-03-28] ()
S3 Hamachi; C:\Windows\system32\DRIVERS\Hamdrv.sys [46136 2014-05-13] (LogMeIn Inc.)
R3 RSP2STOR; C:\Windows\system32\DRIVERS\RtsP2Stor.sys [290008 2014-12-06] (Realtek Semiconductor Corp.)
R3 RTWlanE; C:\Windows\system32\DRIVERS\rtwlane.sys [3785432 2015-04-21] (Realtek Semiconductor Corporation )
R3 RTWlanE; C:\Windows\SysWOW64\DRIVERS\rtwlane.sys [2944216 2015-03-18] (Realtek Semiconductor Corporation )
R3 SbieDrv; Z:\Softs\Sandboxie\SbieDrv.sys [188552 2015-05-28] (Sandboxie Holdings, LLC)
S4 secdrv; C:\Windows\SysWow64\Drivers\secdrv.sys [163644 2015-10-30] (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.) [Fichier non signé]
S3 SmbDrv; C:\Windows\System32\drivers\Smb_driver_AMDASF.sys [28400 2013-02-06] (Synaptics Incorporated)
S3 SmbDrvI; C:\Windows\System32\drivers\Smb_driver_Intel.sys [31984 2013-02-06] (Synaptics Incorporated)
S3 taphss6; C:\Windows\system32\DRIVERS\taphss6.sys [42184 2014-01-15] (Anchorfree Inc.)
S3 tapoas; C:\Windows\system32\DRIVERS\tapoas.sys [30720 2012-07-15] (The OpenVPN Project)
S0 WdBoot; C:\Windows\System32\drivers\WdBoot.sys [44560 2015-07-07] (Microsoft Corporation)
R0 WdFilter; C:\Windows\System32\drivers\WdFilter.sys [270168 2015-07-07] (Microsoft Corporation)
R2 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114520 2015-07-07] (Microsoft Corporation)
R3 WirelessButtonDriver; C:\Windows\System32\drivers\WirelessButtonDriver64.sys [30384 2015-06-23] (HP Inc.)
S3 RTSPER; system32\DRIVERS\RtsPer.sys [X]
==================== NetSvcs (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
==================== Un mois - Créés - fichiers et dossiers ========
(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)
2016-10-13 10:20 - 2016-10-13 10:22 - 00019853 _____ C:\Users\Mathis\Desktop\FRST.txt
2016-10-13 10:20 - 2016-10-13 10:20 - 00000000 ____D C:\FRST
2016-10-13 10:19 - 2016-10-13 10:19 - 02407424 _____ (Farbar) C:\Users\Mathis\Desktop\FRST64.exe
2016-10-12 20:40 - 2016-10-12 20:40 - 00014037 _____ C:\Users\Mathis\Desktop\ZHPFixReport.txt
2016-10-12 20:39 - 2016-10-12 20:39 - 00000691 _____ C:\Users\Public\Desktop\ZHPFix.lnk
2016-10-12 20:39 - 2016-10-12 20:39 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ZHP
2016-10-12 20:38 - 2016-10-12 20:38 - 03521617 _____ (Nicolas Coolman ) C:\Users\Mathis\Downloads\ZHPFix.exe
2016-10-12 20:04 - 2016-10-12 20:45 - 00126724 _____ C:\Users\Mathis\Desktop\ZHPDiag.txt
2016-10-12 19:54 - 2016-10-12 20:42 - 00000882 _____ C:\Users\Mathis\Desktop\ZHPDiag.lnk
2016-10-12 19:54 - 2016-10-12 19:54 - 02397184 _____ C:\Users\Mathis\Downloads\ZHPDiag3.exe
2016-10-12 19:50 - 2016-10-12 19:50 - 00025495 _____ C:\Users\Mathis\Desktop\Secure Preferences.txt
2016-10-12 19:38 - 2016-10-12 19:38 - 00001531 _____ C:\Users\Mathis\Desktop\ZHPCleaner.txt
2016-10-12 18:57 - 2016-10-12 20:44 - 00000000 ____D C:\Users\Mathis\AppData\Roaming\ZHP
2016-10-12 18:57 - 2016-10-12 18:57 - 02445824 _____ C:\Users\Mathis\ZHPCleaner.exe
2016-10-12 18:57 - 2016-10-12 18:57 - 02398720 _____ C:\Users\Mathis\Downloads\ZHPCleaner.exe
2016-10-12 18:57 - 2016-10-12 18:57 - 00000892 _____ C:\Users\Mathis\Desktop\ZHPCleaner.lnk
2016-10-12 18:34 - 2016-10-12 18:34 - 00002256 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-10-12 18:34 - 2016-10-12 18:34 - 00002244 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2016-10-12 18:33 - 2016-10-13 10:17 - 00001096 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2016-10-12 18:33 - 2016-10-13 07:38 - 00001100 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2016-10-12 18:33 - 2016-10-12 18:33 - 00004072 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2016-10-12 18:33 - 2016-10-12 18:33 - 00003836 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
2016-10-12 18:29 - 2016-10-12 18:30 - 00000290 _____ C:\Users\Mathis\Desktop\chrome.txt
2016-10-12 15:32 - 2016-10-10 22:22 - 03874368 _____ C:\Users\Mathis\Desktop\adwcleaner_6.021.exe
2016-10-07 08:03 - 2016-10-07 08:03 - 00000000 ____D C:\Users\Mathis\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2016-10-03 22:38 - 2016-10-03 22:38 - 00000000 ____D C:\Users\Mathis\AppData\Local\ESET
2016-10-01 16:59 - 2016-10-01 16:59 - 00000000 ____D C:\Users\Default\AppData\Roaming\hpqLog
2016-10-01 16:59 - 2016-10-01 16:59 - 00000000 ____D C:\Users\Default\AppData\Roaming\Hewlett-Packard
2016-10-01 16:59 - 2016-10-01 16:59 - 00000000 ____D C:\Users\Default User\AppData\Roaming\hpqLog
2016-10-01 16:59 - 2016-10-01 16:59 - 00000000 ____D C:\Users\Default User\AppData\Roaming\Hewlett-Packard
2016-10-01 16:57 - 2015-06-08 17:46 - 00100624 _____ (CyberLink) C:\WINDOWS\system32\Drivers\CLVirtualDrive.sys
2016-09-26 15:43 - 2016-10-04 13:38 - 00000000 ____D C:\Users\Mathis\Desktop\films
2016-09-26 15:43 - 2016-09-26 15:43 - 00002705 _____ C:\Users\Mathis\Desktop\µTorrent.lnk
2016-09-26 15:42 - 2016-10-04 17:32 - 00000000 ____D C:\Users\Mathis\AppData\Roaming\uTorrent
2016-09-24 11:03 - 2016-09-24 11:03 - 00000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2016-09-24 11:03 - 2016-09-24 11:03 - 00000000 ____D C:\Program Files (x86)\AGEIA Technologies
2016-09-16 14:07 - 2016-09-16 14:08 - 00839320 _____ C:\WINDOWS\Minidump\091616-33953-01.dmp
2016-09-15 01:35 - 2016-08-21 01:45 - 07076864 _____ (Microsoft Corporation) C:\WINDOWS\system32\glcndFilter.dll
2016-09-15 01:35 - 2016-08-21 01:27 - 01445376 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2016-09-15 01:35 - 2016-08-21 01:22 - 00435200 _____ (Microsoft Corporation) C:\WINDOWS\system32\schannel.dll
2016-09-15 01:35 - 2016-08-21 01:05 - 05273600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\glcndFilter.dll
2016-09-15 01:35 - 2016-08-21 00:50 - 00360448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\schannel.dll
2016-09-15 01:35 - 2016-08-21 00:42 - 07795712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll
2016-09-15 01:35 - 2016-08-21 00:27 - 05268480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll
2016-09-15 01:35 - 2016-08-10 00:47 - 00803176 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleaut32.dll
2016-09-15 01:35 - 2016-08-10 00:47 - 00611576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\oleaut32.dll
2016-09-15 01:35 - 2016-08-04 16:17 - 00416768 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv.sys
2016-09-15 01:35 - 2016-08-03 20:06 - 00675328 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv2.sys
2016-09-15 01:35 - 2016-08-03 20:05 - 00243712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srvnet.sys
2016-09-15 01:35 - 2016-06-11 05:44 - 00107984 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncryptsslp.dll
2016-09-15 01:35 - 2016-06-11 05:44 - 00091416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ncryptsslp.dll
2016-09-15 01:34 - 2016-09-01 05:08 - 20312064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2016-09-15 01:34 - 2016-09-01 04:46 - 00498688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2016-09-15 01:34 - 2016-09-01 04:24 - 00663552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2016-09-15 01:34 - 2016-09-01 03:39 - 00880128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcomm.dll
2016-09-15 01:34 - 2016-09-01 03:30 - 00692736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2016-09-15 01:34 - 2016-09-01 03:27 - 13808128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2016-09-15 01:34 - 2016-09-01 03:24 - 04607488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2016-09-15 01:34 - 2016-09-01 02:45 - 25770496 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2016-09-15 01:34 - 2016-09-01 02:43 - 02445824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2016-09-15 01:34 - 2016-09-01 02:42 - 00710144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2016-09-15 01:34 - 2016-09-01 02:38 - 01316352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2016-09-15 01:34 - 2016-09-01 02:24 - 00576000 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2016-09-15 01:34 - 2016-09-01 02:10 - 00817664 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2016-09-15 01:34 - 2016-09-01 02:06 - 06047232 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2016-09-15 01:34 - 2016-09-01 01:38 - 01032704 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcomm.dll
2016-09-15 01:34 - 2016-09-01 01:28 - 00806400 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2016-09-15 01:34 - 2016-09-01 01:15 - 15411712 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2016-09-15 01:34 - 2016-09-01 01:10 - 02921472 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2016-09-15 01:34 - 2016-09-01 00:58 - 01550848 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2016-09-15 01:34 - 2016-09-01 00:47 - 00800768 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2016-09-15 01:34 - 2016-08-26 07:51 - 02894336 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2016-09-15 01:34 - 2016-08-26 06:44 - 02286592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2016-09-15 01:34 - 2016-08-26 06:41 - 02881536 _____ (Microsoft Corporation) C:\WINDOWS\system32\actxprxy.dll
2016-09-15 01:34 - 2016-08-26 06:00 - 01049600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\actxprxy.dll
2016-09-15 01:33 - 2016-08-13 09:41 - 07445848 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2016-09-15 01:33 - 2016-08-13 09:40 - 01737080 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2016-09-15 01:33 - 2016-08-13 09:40 - 01663184 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2016-09-15 01:33 - 2016-08-13 09:40 - 01523208 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2016-09-15 01:33 - 2016-08-13 09:40 - 01490120 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2016-09-15 01:33 - 2016-08-13 09:40 - 01358952 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2016-09-15 01:33 - 2016-08-13 02:04 - 00059392 _____ (Microsoft Corporation) C:\WINDOWS\system32\csrsrv.dll
2016-09-15 01:32 - 2016-09-08 23:51 - 00443224 _____ (Microsoft Corporation) C:\WINDOWS\system32\msv1_0.dll
2016-09-15 01:32 - 2016-09-08 23:51 - 00332632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msv1_0.dll
2016-09-15 01:32 - 2016-08-22 18:06 - 00179248 _____ (Microsoft Corporation) C:\WINDOWS\system32\sspicli.dll
2016-09-15 01:32 - 2016-08-22 18:06 - 00100184 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecdd.sys
2016-09-15 01:32 - 2016-08-21 03:03 - 00201728 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb20.sys
2016-09-15 01:32 - 2016-08-21 03:01 - 00401408 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb.sys
2016-09-15 01:32 - 2016-08-21 03:01 - 00284672 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb10.sys
2016-09-15 01:32 - 2016-08-21 02:17 - 00445440 _____ (Microsoft Corporation) C:\WINDOWS\system32\certcli.dll
2016-09-15 01:32 - 2016-08-21 01:26 - 00324096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\certcli.dll
2016-09-15 01:32 - 2016-08-21 00:55 - 00104960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sspicli.dll
2016-09-15 01:32 - 2016-08-14 21:34 - 01541248 _____ (Microsoft Corporation) C:\WINDOWS\system32\user32.dll
2016-09-15 01:32 - 2016-08-14 20:25 - 04171264 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2016-09-15 01:32 - 2016-08-14 18:14 - 01376768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\user32.dll
2016-09-15 01:32 - 2016-08-11 18:26 - 01156608 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwanmm.dll
2016-09-15 01:32 - 2016-08-11 18:17 - 00627200 _____ (Microsoft Corporation) C:\WINDOWS\system32\pnidui.dll
2016-09-15 01:32 - 2016-08-11 18:16 - 00455680 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwanconn.dll
==================== Un mois - Modifiés - fichiers et dossiers ========
(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)
2016-10-13 10:21 - 2013-09-27 10:18 - 00003598 _____ C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-3531046685-3261579373-2195462380-1002
2016-10-13 10:16 - 2015-07-29 13:09 - 00000588 _____ C:\WINDOWS\system32\Drivers\etc\hosts.ics
2016-10-13 08:00 - 2015-10-12 13:55 - 00001232 _____ C:\WINDOWS\Tasks\DropboxUpdateTaskUserS-1-5-21-3531046685-3261579373-2195462380-1002UA.job
2016-10-13 06:48 - 2014-01-28 22:43 - 00000964 _____ C:\WINDOWS\Tasks\FacebookUpdateTaskUserS-1-5-21-3531046685-3261579373-2195462380-1002UA.job
2016-10-13 01:09 - 2012-07-26 09:59 - 00000000 ____D C:\WINDOWS\CbsTemp
2016-10-13 01:03 - 2013-09-27 08:13 - 00003968 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{8ADA0271-CC71-49E3-ABAF-F92DB012D76A}
2016-10-12 19:05 - 2013-08-22 16:45 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2016-10-12 19:04 - 2014-10-19 14:35 - 00000000 ____D C:\AdwCleaner
2016-10-12 18:57 - 2014-10-30 17:49 - 00000000 ____D C:\Users\Mathis
2016-10-12 18:34 - 2013-09-27 21:06 - 00000000 ____D C:\Users\Mathis\AppData\Local\Google
2016-10-12 18:34 - 2013-09-27 21:06 - 00000000 ____D C:\Program Files (x86)\Google
2016-10-12 18:33 - 2015-03-02 20:16 - 00000000 ____D C:\Users\Mathis\AppData\Local\Deployment
2016-10-12 18:32 - 2015-03-02 20:16 - 00000000 __SHD C:\Users\Mathis\AppData\LocalLow\EmieUserList
2016-10-12 18:32 - 2015-03-02 20:16 - 00000000 __SHD C:\Users\Mathis\AppData\LocalLow\EmieSiteList
2016-10-12 14:00 - 2015-10-12 13:55 - 00001180 _____ C:\WINDOWS\Tasks\DropboxUpdateTaskUserS-1-5-21-3531046685-3261579373-2195462380-1002Core.job
2016-10-11 14:38 - 2016-04-11 18:02 - 00000979 _____ C:\Users\Mathis\Desktop\Start Tor Browser.lnk
2016-10-11 14:38 - 2014-10-30 18:25 - 00001681 _____ C:\Users\Mathis\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2016-10-10 23:18 - 2014-10-31 19:04 - 04240384 ___SH C:\Users\Mathis\Desktop\Thumbs.db
2016-10-10 23:01 - 2016-04-23 12:13 - 00003184 _____ C:\WINDOWS\System32\Tasks\HPCeeScheduleForMathis
2016-10-10 23:01 - 2016-04-23 12:13 - 00000368 _____ C:\WINDOWS\Tasks\HPCeeScheduleForMathis.job
2016-10-10 22:51 - 2014-09-24 17:26 - 02025074 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2016-10-10 22:51 - 2014-09-24 16:41 - 00886220 _____ C:\WINDOWS\system32\perfh00C.dat
2016-10-10 22:51 - 2014-09-24 16:41 - 00191910 _____ C:\WINDOWS\system32\perfc00C.dat
2016-10-10 22:51 - 2013-08-22 15:36 - 00000000 ____D C:\WINDOWS\Inf
2016-10-10 21:48 - 2014-01-28 22:43 - 00000942 _____ C:\WINDOWS\Tasks\FacebookUpdateTaskUserS-1-5-21-3531046685-3261579373-2195462380-1002Core.job
2016-10-07 08:03 - 2014-09-11 17:04 - 00000000 ____D C:\Users\Mathis\AppData\Roaming\Dropbox
2016-10-05 20:38 - 2013-12-10 00:19 - 00000000 ____D C:\Users\Mathis\AppData\Roaming\vlc
2016-10-03 22:39 - 2013-08-22 15:25 - 00262144 ___SH C:\WINDOWS\system32\config\BBI
2016-10-01 16:59 - 2013-07-02 11:17 - 00000000 ____D C:\Program Files (x86)\Hewlett-Packard
2016-10-01 16:59 - 2012-08-04 02:02 - 00000000 ____D C:\SWSetup
2016-10-01 16:58 - 2013-08-09 17:36 - 00000000 ____D C:\WINDOWS\Hewlett-Packard
2016-10-01 16:57 - 2013-07-02 11:19 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Productivity and Tools
2016-10-01 16:55 - 2013-08-09 17:44 - 00000000 ____D C:\Program Files (x86)\CyberLink
2016-09-24 11:04 - 2013-12-14 18:13 - 00000000 ____D C:\Users\Mathis\Documents\My Games
2016-09-24 11:02 - 2013-08-09 17:34 - 00000000 ____D C:\ProgramData\Package Cache
2016-09-22 15:10 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\rescache
2016-09-22 08:12 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\AppReadiness
2016-09-16 14:07 - 2014-11-01 23:17 - 00000000 ____D C:\WINDOWS\Minidump
2016-09-16 14:07 - 2013-10-12 21:12 - 463727895 _____ C:\WINDOWS\MEMORY.DMP
2016-09-16 13:00 - 2015-09-14 18:24 - 00003598 _____ C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-3531046685-3261579373-2195462380-1007
2016-09-16 12:54 - 2013-08-22 17:36 - 00000000 ___HD C:\Program Files\WindowsApps
2016-09-16 11:55 - 2013-08-22 16:44 - 05061000 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2016-09-15 21:30 - 2013-09-29 21:02 - 00000000 ____D C:\WINDOWS\system32\MRT
2016-09-15 21:22 - 2013-09-29 21:02 - 144199024 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
==================== Fichiers à la racine de certains dossiers =======
2015-01-17 21:34 - 2003-09-03 08:46 - 0010960 _____ () C:\Program Files (x86)\EULA.txt
2016-02-03 11:59 - 2016-02-03 11:59 - 6871040 _____ () C:\Program Files (x86)\GUT5E8F.tmp
2015-01-17 21:34 - 2015-10-25 11:31 - 0000744 _____ () C:\Program Files (x86)\INSTALL.LOG
2015-01-17 21:34 - 2003-12-18 12:33 - 0020102 _____ () C:\Program Files (x86)\Readme.txt
2014-02-08 20:34 - 2016-06-08 13:30 - 0000270 _____ () C:\Users\Mathis\AppData\Roaming\WB.CFG
2013-12-09 11:21 - 2014-03-31 09:27 - 0004608 _____ () C:\Users\Mathis\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2013-12-26 23:06 - 2013-12-26 23:06 - 0007605 _____ () C:\Users\Mathis\AppData\Local\Resmon.ResmonCfg
2015-08-29 23:14 - 2015-08-29 23:14 - 0025761 _____ () C:\Users\Mathis\AppData\Local\Tempbg.jpg
2013-11-11 15:10 - 2015-08-29 23:14 - 0877747 ____N () C:\Users\Mathis\AppData\Local\Tempmusic.ogg
2016-08-29 10:15 - 2016-08-29 10:15 - 0000000 _____ () C:\Users\Mathis\AppData\Local\{5EDAA8AE-24C5-421F-97FB-09412812F924}
2016-01-26 21:49 - 2016-01-26 21:49 - 0000057 _____ () C:\ProgramData\Ament.ini
Fichiers à déplacer ou supprimer:
====================
C:\Users\Mathis\ZHPCleaner.exe
==================== Bamital & volsnap ======================
(Il n'y a pas de correction automatique pour les fichiers qui ne satisfont pas à la vérification.)
C:\WINDOWS\system32\winlogon.exe => Le fichier est signé numériquement
C:\WINDOWS\system32\wininit.exe => Le fichier est signé numériquement
C:\WINDOWS\explorer.exe => Le fichier est signé numériquement
C:\WINDOWS\SysWOW64\explorer.exe => Le fichier est signé numériquement
C:\WINDOWS\system32\svchost.exe => Le fichier est signé numériquement
C:\WINDOWS\SysWOW64\svchost.exe => Le fichier est signé numériquement
C:\WINDOWS\system32\services.exe => Le fichier est signé numériquement
C:\WINDOWS\system32\User32.dll => Le fichier est signé numériquement
C:\WINDOWS\SysWOW64\User32.dll => Le fichier est signé numériquement
C:\WINDOWS\system32\userinit.exe => Le fichier est signé numériquement
C:\WINDOWS\SysWOW64\userinit.exe => Le fichier est signé numériquement
C:\WINDOWS\system32\rpcss.dll => Le fichier est signé numériquement
C:\WINDOWS\system32\dnsapi.dll => Le fichier est signé numériquement
C:\WINDOWS\SysWOW64\dnsapi.dll => Le fichier est signé numériquement
C:\WINDOWS\system32\Drivers\volsnap.sys => Le fichier est signé numériquement
LastRegBack: 2016-10-10 23:47
==================== Fin de FRST.txt ============================
Exécuté par Mathis (administrateur) sur PAVILLON15E049S (13-10-2016 10:20:32)
Exécuté depuis C:\Users\Mathis\Desktop
Profils chargés: Mathis (Profils disponibles: Mathis & CCCCCCCCCCCCCCCCCCCC)
Platform: Windows 8.1 (Update) (X64) Langue: Français (France)
Internet Explorer Version 11 (Navigateur par défaut: Chrome)
Mode d'amorçage: Normal
Tutoriel pour Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processus (Avec liste blanche) =================
(Si un élément est inclus dans le fichier fixlist.txt, le processus sera arrêté. Le fichier ne sera pas déplacé.)
(AMD) C:\Windows\System32\atiesrxx.exe
(Hewlett-Packard Company) C:\Windows\System32\hpservice.exe
(Sandboxie Holdings, LLC) Z:\Softs\Sandboxie\SbieSvc.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Advanced Micro Devices, Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP System Event\HPWMISVC.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe
(Microsoft Corporation) C:\Windows\System32\alg.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\NisSrv.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe
(HP Inc.) C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MpCmdRun.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe
(Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP 3D DriveGuard\AccelerometerSt.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP System Event\HPMSGSVC.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
(CyberLink) C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP CoolSense\CoolSense.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(HP Inc.) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe
==================== Registre (Avec liste blanche) ====================
(Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé. Le fichier ne sera pas déplacé.)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [3053808 2013-10-27] (Synaptics Incorporated)
HKLM-x32\...\Run: [RemoteControl10] => C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe [95192 2013-04-10] (CyberLink Corp.)
HKLM-x32\...\Run: [AccelerometerSysTrayApplet] => C:\Program Files (x86)\Hewlett-Packard\HP 3D DriveGuard\AccelerometerST.exe [77088 2013-07-24] (Hewlett-Packard Company)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [766688 2014-07-04] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [HPMessageService] => C:\Program Files (x86)\Hewlett-Packard\HP System Event\HPMSGSVC.exe [654088 2015-02-17] (Hewlett-Packard Development Company, L.P.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [596528 2015-11-09] (Oracle Corporation)
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [96056 2013-05-30] (Hewlett-Packard)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [BlueStacks Agent] => C:\Program Files (x86)\BlueStacks\HD-Agent.exe
HKU\S-1-5-21-3531046685-3261579373-2195462380-1002\...\Run: [Facebook Update] => C:\Users\Mathis\AppData\Local\Facebook\Update\FacebookUpdate.exe [138096 2014-01-28] (Facebook Inc.)
HKU\S-1-5-21-3531046685-3261579373-2195462380-1002\...\Run: [SandboxieControl] => Z:\Softs\Sandboxie\SbieCtrl.exe [787592 2015-05-28] (Sandboxie Holdings, LLC)
HKU\S-1-5-21-3531046685-3261579373-2195462380-1002\...\Run: [Steam] => Z:\Softs\Steam\steam.exe [2858272 2016-09-20] (Valve Corporation)
HKU\S-1-5-21-3531046685-3261579373-2195462380-1002\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [53282944 2015-06-29] (Skype Technologies S.A.)
HKU\S-1-5-21-3531046685-3261579373-2195462380-1002\...\Run: [TomTomHOME.exe] => "Z:\Softs\TomTom Home\TomTom HOME 2\TomTomHOMERunner.exe" -s
HKU\S-1-5-21-3531046685-3261579373-2195462380-1002\...\Run: [MyComGames] => "C:\Users\Mathis\AppData\Local\MyComGames\MyComGames.exe" -autostart
HKU\S-1-5-21-3531046685-3261579373-2195462380-1002\...\Run: [Dropbox Update] => C:\Users\Mathis\AppData\Local\Dropbox\Update\DropboxUpdate.exe [136048 2015-10-12] (Dropbox, Inc.)
HKU\S-1-5-21-3531046685-3261579373-2195462380-1002\...\MountPoints2: {6edb415c-a733-11e3-beb8-a0481c06e9ef} - "F:\Une-cle-pour-demarrer.exe"
HKU\S-1-5-21-3531046685-3261579373-2195462380-1002\...\MountPoints2: {8fdfbef7-42b7-11e5-bf40-a0481c06e9ef} - "F:\LG_PC_Programs.exe"
HKU\S-1-5-21-3531046685-3261579373-2195462380-1002\...\MountPoints2: {d145bfb5-ac88-11e5-bf6f-a0481c06e9ef} - "F:\Setup.exe"
HKU\S-1-5-18\...\Run: [Power2GoExpress8] => C:\Program Files (x86)\CyberLink\Power2Go8\Power2GoExpress8.exe [1728952 2015-06-22] (CyberLink Corp.)
ShellIconOverlayIdentifiers: [ SkyDrive1] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => Pas de fichier
ShellIconOverlayIdentifiers: [ SkyDrive2] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => Pas de fichier
ShellIconOverlayIdentifiers: [ SkyDrive3] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => Pas de fichier
ShellIconOverlayIdentifiers: ["DropboxExt1"] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Mathis\AppData\Roaming\Dropbox\bin\DropboxExt64.65536.dll [2016-10-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt2"] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Mathis\AppData\Roaming\Dropbox\bin\DropboxExt64.65536.dll [2016-10-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt3"] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Mathis\AppData\Roaming\Dropbox\bin\DropboxExt64.65536.dll [2016-10-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt4"] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Mathis\AppData\Roaming\Dropbox\bin\DropboxExt64.65536.dll [2016-10-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt5"] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Mathis\AppData\Roaming\Dropbox\bin\DropboxExt64.65536.dll [2016-10-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt6"] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Mathis\AppData\Roaming\Dropbox\bin\DropboxExt64.65536.dll [2016-10-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt7"] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Mathis\AppData\Roaming\Dropbox\bin\DropboxExt64.65536.dll [2016-10-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt8"] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Mathis\AppData\Roaming\Dropbox\bin\DropboxExt64.65536.dll [2016-10-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ SkyDrive1] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => Pas de fichier
ShellIconOverlayIdentifiers-x32: [ SkyDrive2] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => Pas de fichier
ShellIconOverlayIdentifiers-x32: [ SkyDrive3] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => Pas de fichier
Startup: C:\Users\Mathis\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Alertes de surveillance de l'encre - HP Officejet Pro 6830.lnk [2016-08-18]
Startup: C:\Users\Mathis\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk [2015-10-12]
ShortcutTarget: Dropbox.lnk -> C:\Users\Mathis\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
GroupPolicy: Restriction - Chrome <======= ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Restriction <======= ATTENTION
==================== Internet (Avec liste blanche) ====================
(Si un élément est inclus dans le fichier fixlist.txt, s'il s'agit d'un élément du Registre, il sera supprimé ou restauré à la valeur par défaut.)
AutoConfigURL: [S-1-5-21-3531046685-3261579373-2195462380-1002] => hxxp://noneblock.biz/wpad.dat?32ab9ea066b9c6abd2f64fb527b2303118137393
Tcpip\Parameters: [DhcpNameServer] 192.168.1.254
Tcpip\..\Interfaces\{B9C73D13-B206-4BE1-B55A-EC7F49A667BB}: [DhcpNameServer] 192.168.1.254
ManualProxies: 0hxxp://noneblock.biz/wpad.dat?32ab9ea066b9c6abd2f64fb527b2303118137393
Internet Explorer:
==================
HKU\S-1-5-21-3531046685-3261579373-2195462380-1002\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/?LinkID=617910&ResetID=131199752742185755&GUID=D8AB4B09-2EE8-4728-B8E4-8A4D5BBB4377
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/?LinkID=617910&ResetID=131199752742189840&GUID=D8AB4B09-2EE8-4728-B8E4-8A4D5BBB4377
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://g.uk.msn.com/HPNOT13/3
HKU\S-1-5-21-3531046685-3261579373-2195462380-1002\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://g.uk.msn.com/HPNOT13/3
HKU\S-1-5-21-3531046685-3261579373-2195462380-1002\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.bing.com/search?q={searchTerms}&FORM=INMODF&PC=IN05
HKU\S-1-5-21-3531046685-3261579373-2195462380-1002\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/p/?LinkId=619797&pc=UE12&ocid=UE12DHP
HKU\S-1-5-21-3531046685-3261579373-2195462380-1002\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxp://www.bing.com/search?q={searchTerms}&FORM=INMODF&PC=IN05
SearchScopes: HKLM -> {CF6E4C5A-A4C9-4373-9254-2390FFEFD754} URL = hxxp://www.amazon.fr/s/ref=azs_osd_ieafr?ie=UTF-8&tag=hp-fr2-vsb-21&link%5Fcode=qs&index=aps&field-keywords={searchTerms}
SearchScopes: HKLM -> {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = hxxp://rover.ebay.com/rover/1/709-29563-11896-9/4 ?mpre=http%3A%2F%2Fwww.ebay.com%2Fsch%2F%3F_nkw%3D{searchTerms}&keyword={searchTerms}
SearchScopes: HKLM-x32 -> {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL = hxxp://www.bing.com/search?q={searchTerms}&FORM=INMODF&PC=IN05
SearchScopes: HKLM-x32 -> {CF6E4C5A-A4C9-4373-9254-2390FFEFD754} URL = hxxp://www.amazon.fr/s/ref=azs_osd_ieafr?ie=UTF-8&tag=hp-fr2-vsb-21&link%5Fcode=qs&index=aps&field-keywords={searchTerms}
SearchScopes: HKLM-x32 -> {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = hxxp://rover.ebay.com/rover/1/709-29563-11896-9/4 ?mpre=http%3A%2F%2Fwww.ebay.com%2Fsch%2F%3F_nkw%3D{searchTerms}&keyword={searchTerms}
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-3531046685-3261579373-2195462380-1002 -> {CF6E4C5A-A4C9-4373-9254-2390FFEFD754} URL = hxxp://www.amazon.fr/s/ref=azs_osd_ieafr?ie=UTF-8&tag=hp-fr2-vsb-21&link%5Fcode=qs&index=aps&field-keywords={searchTerms}
SearchScopes: HKU\S-1-5-21-3531046685-3261579373-2195462380-1002 -> {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = hxxp://rover.ebay.com/rover/1/709-29563-11896-9/4 ?mpre=http%3A%2F%2Fwww.ebay.com%2Fsch%2F%3F_nkw%3D{searchTerms}&keyword={searchTerms}
BHO: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll [2016-07-21] (HP Inc.)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_66\bin\ssv.dll [2015-12-29] (Oracle Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_66\bin\jp2ssv.dll [2015-12-29] (Oracle Corporation)
BHO-x32: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll [2016-07-21] (HP Inc.)
IE Session Restore: HKU\S-1-5-21-3531046685-3261579373-2195462380-1002 -> est activé.
FireFox:
========
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll [Pas de fichier]
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\windows\SysWOW64\Adobe\Director\np32dsw_1166636.dll [2012-08-08] (Adobe Systems, Inc.)
FF Plugin-x32: @java.com/DTPlugin,version=11.66.2 -> C:\Program Files (x86)\Java\jre1.8.0_66\bin\dtplugin\npDeployJava1.dll [2015-12-29] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.66.2 -> C:\Program Files (x86)\Java\jre1.8.0_66\bin\plugin2\npjp2.dll [2015-12-29] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3505.0912 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-09-12] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-10-12] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-10-12] (Google Inc.)
FF Plugin HKU\S-1-5-21-3531046685-3261579373-2195462380-1002: @Skype Limited.com/Facebook Video Calling Plugin -> C:\Users\Mathis\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll [2014-07-24] (Skype Limited)
FF Plugin HKU\S-1-5-21-3531046685-3261579373-2195462380-1002: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Mathis\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2015-04-27] (Unity Technologies ApS)
Chrome:
=======
CHR Profile: C:\Users\Mathis\AppData\Local\Google\Chrome\User Data\Default [2016-10-13]
CHR Extension: (Paiements via le Chrome Web Store) - C:\Users\Mathis\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-10-12]
CHR Extension: (Chrome Media Router) - C:\Users\Mathis\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2016-10-12]
==================== Services (Avec liste blanche) ====================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
R2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [361984 2013-04-17] (Advanced Micro Devices, Inc.) [Fichier non signé]
S3 BRSptStub; C:\ProgramData\BitRaider\BRSptStub.exe [363208 2015-04-04] (BitRaider, LLC)
R2 HPSupportSolutionsFrameworkService; C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe [29728 2016-08-15] (HP Inc.)
R2 HPWMISVC; c:\Program Files (x86)\Hewlett-Packard\HP System Event\HPWMISVC.exe [608520 2015-02-17] (Hewlett-Packard Development Company, L.P.)
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe [73728 2004-10-22] (Macrovision Corporation) [Fichier non signé]
R2 SbieSvc; Z:\Softs\Sandboxie\SbieSvc.exe [176264 2015-05-28] (Sandboxie Holdings, LLC)
S3 vmicvss; C:\Windows\System32\ICSvc.dll [524800 2014-10-29] (Microsoft Corporation)
R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [366552 2015-07-07] (Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2015-07-07] (Microsoft Corporation)
===================== Pilotes (Avec liste blanche) ======================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
R0 amdkmpfd; C:\Windows\System32\drivers\amdkmpfd.sys [37472 2013-10-27] (Advanced Micro Devices, Inc.)
S2 AODDriver4.2.0; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [57472 2012-04-09] (Advanced Micro Devices)
R3 AtiHDAudioService; C:\Windows\system32\drivers\AtihdW86.sys [94208 2013-02-15] (Advanced Micro Devices)
S3 BRDriver64_1_3_3_E02B25FC; C:\ProgramData\BitRaider\support\1.3.3\E02B25FC\BRDriver64.sys [78088 2015-04-04] (BitRaider)
S3 bthav; C:\Windows\system32\drivers\bthav.sys [40448 2008-07-10] (CSR, plc)
R1 CLVirtualDrive; C:\Windows\system32\DRIVERS\CLVirtualDrive.sys [100624 2015-06-08] (CyberLink)
S0 ebdrv; C:\Windows\System32\drivers\evbda.sys [3357024 2013-08-22] (Broadcom Corporation)
S3 EsgScanner; C:\Windows\System32\DRIVERS\EsgScanner.sys [22704 2016-03-28] ()
S3 Hamachi; C:\Windows\system32\DRIVERS\Hamdrv.sys [46136 2014-05-13] (LogMeIn Inc.)
R3 RSP2STOR; C:\Windows\system32\DRIVERS\RtsP2Stor.sys [290008 2014-12-06] (Realtek Semiconductor Corp.)
R3 RTWlanE; C:\Windows\system32\DRIVERS\rtwlane.sys [3785432 2015-04-21] (Realtek Semiconductor Corporation )
R3 RTWlanE; C:\Windows\SysWOW64\DRIVERS\rtwlane.sys [2944216 2015-03-18] (Realtek Semiconductor Corporation )
R3 SbieDrv; Z:\Softs\Sandboxie\SbieDrv.sys [188552 2015-05-28] (Sandboxie Holdings, LLC)
S4 secdrv; C:\Windows\SysWow64\Drivers\secdrv.sys [163644 2015-10-30] (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.) [Fichier non signé]
S3 SmbDrv; C:\Windows\System32\drivers\Smb_driver_AMDASF.sys [28400 2013-02-06] (Synaptics Incorporated)
S3 SmbDrvI; C:\Windows\System32\drivers\Smb_driver_Intel.sys [31984 2013-02-06] (Synaptics Incorporated)
S3 taphss6; C:\Windows\system32\DRIVERS\taphss6.sys [42184 2014-01-15] (Anchorfree Inc.)
S3 tapoas; C:\Windows\system32\DRIVERS\tapoas.sys [30720 2012-07-15] (The OpenVPN Project)
S0 WdBoot; C:\Windows\System32\drivers\WdBoot.sys [44560 2015-07-07] (Microsoft Corporation)
R0 WdFilter; C:\Windows\System32\drivers\WdFilter.sys [270168 2015-07-07] (Microsoft Corporation)
R2 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114520 2015-07-07] (Microsoft Corporation)
R3 WirelessButtonDriver; C:\Windows\System32\drivers\WirelessButtonDriver64.sys [30384 2015-06-23] (HP Inc.)
S3 RTSPER; system32\DRIVERS\RtsPer.sys [X]
==================== NetSvcs (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
==================== Un mois - Créés - fichiers et dossiers ========
(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)
2016-10-13 10:20 - 2016-10-13 10:22 - 00019853 _____ C:\Users\Mathis\Desktop\FRST.txt
2016-10-13 10:20 - 2016-10-13 10:20 - 00000000 ____D C:\FRST
2016-10-13 10:19 - 2016-10-13 10:19 - 02407424 _____ (Farbar) C:\Users\Mathis\Desktop\FRST64.exe
2016-10-12 20:40 - 2016-10-12 20:40 - 00014037 _____ C:\Users\Mathis\Desktop\ZHPFixReport.txt
2016-10-12 20:39 - 2016-10-12 20:39 - 00000691 _____ C:\Users\Public\Desktop\ZHPFix.lnk
2016-10-12 20:39 - 2016-10-12 20:39 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ZHP
2016-10-12 20:38 - 2016-10-12 20:38 - 03521617 _____ (Nicolas Coolman ) C:\Users\Mathis\Downloads\ZHPFix.exe
2016-10-12 20:04 - 2016-10-12 20:45 - 00126724 _____ C:\Users\Mathis\Desktop\ZHPDiag.txt
2016-10-12 19:54 - 2016-10-12 20:42 - 00000882 _____ C:\Users\Mathis\Desktop\ZHPDiag.lnk
2016-10-12 19:54 - 2016-10-12 19:54 - 02397184 _____ C:\Users\Mathis\Downloads\ZHPDiag3.exe
2016-10-12 19:50 - 2016-10-12 19:50 - 00025495 _____ C:\Users\Mathis\Desktop\Secure Preferences.txt
2016-10-12 19:38 - 2016-10-12 19:38 - 00001531 _____ C:\Users\Mathis\Desktop\ZHPCleaner.txt
2016-10-12 18:57 - 2016-10-12 20:44 - 00000000 ____D C:\Users\Mathis\AppData\Roaming\ZHP
2016-10-12 18:57 - 2016-10-12 18:57 - 02445824 _____ C:\Users\Mathis\ZHPCleaner.exe
2016-10-12 18:57 - 2016-10-12 18:57 - 02398720 _____ C:\Users\Mathis\Downloads\ZHPCleaner.exe
2016-10-12 18:57 - 2016-10-12 18:57 - 00000892 _____ C:\Users\Mathis\Desktop\ZHPCleaner.lnk
2016-10-12 18:34 - 2016-10-12 18:34 - 00002256 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-10-12 18:34 - 2016-10-12 18:34 - 00002244 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2016-10-12 18:33 - 2016-10-13 10:17 - 00001096 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2016-10-12 18:33 - 2016-10-13 07:38 - 00001100 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2016-10-12 18:33 - 2016-10-12 18:33 - 00004072 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2016-10-12 18:33 - 2016-10-12 18:33 - 00003836 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
2016-10-12 18:29 - 2016-10-12 18:30 - 00000290 _____ C:\Users\Mathis\Desktop\chrome.txt
2016-10-12 15:32 - 2016-10-10 22:22 - 03874368 _____ C:\Users\Mathis\Desktop\adwcleaner_6.021.exe
2016-10-07 08:03 - 2016-10-07 08:03 - 00000000 ____D C:\Users\Mathis\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2016-10-03 22:38 - 2016-10-03 22:38 - 00000000 ____D C:\Users\Mathis\AppData\Local\ESET
2016-10-01 16:59 - 2016-10-01 16:59 - 00000000 ____D C:\Users\Default\AppData\Roaming\hpqLog
2016-10-01 16:59 - 2016-10-01 16:59 - 00000000 ____D C:\Users\Default\AppData\Roaming\Hewlett-Packard
2016-10-01 16:59 - 2016-10-01 16:59 - 00000000 ____D C:\Users\Default User\AppData\Roaming\hpqLog
2016-10-01 16:59 - 2016-10-01 16:59 - 00000000 ____D C:\Users\Default User\AppData\Roaming\Hewlett-Packard
2016-10-01 16:57 - 2015-06-08 17:46 - 00100624 _____ (CyberLink) C:\WINDOWS\system32\Drivers\CLVirtualDrive.sys
2016-09-26 15:43 - 2016-10-04 13:38 - 00000000 ____D C:\Users\Mathis\Desktop\films
2016-09-26 15:43 - 2016-09-26 15:43 - 00002705 _____ C:\Users\Mathis\Desktop\µTorrent.lnk
2016-09-26 15:42 - 2016-10-04 17:32 - 00000000 ____D C:\Users\Mathis\AppData\Roaming\uTorrent
2016-09-24 11:03 - 2016-09-24 11:03 - 00000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2016-09-24 11:03 - 2016-09-24 11:03 - 00000000 ____D C:\Program Files (x86)\AGEIA Technologies
2016-09-16 14:07 - 2016-09-16 14:08 - 00839320 _____ C:\WINDOWS\Minidump\091616-33953-01.dmp
2016-09-15 01:35 - 2016-08-21 01:45 - 07076864 _____ (Microsoft Corporation) C:\WINDOWS\system32\glcndFilter.dll
2016-09-15 01:35 - 2016-08-21 01:27 - 01445376 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2016-09-15 01:35 - 2016-08-21 01:22 - 00435200 _____ (Microsoft Corporation) C:\WINDOWS\system32\schannel.dll
2016-09-15 01:35 - 2016-08-21 01:05 - 05273600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\glcndFilter.dll
2016-09-15 01:35 - 2016-08-21 00:50 - 00360448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\schannel.dll
2016-09-15 01:35 - 2016-08-21 00:42 - 07795712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll
2016-09-15 01:35 - 2016-08-21 00:27 - 05268480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll
2016-09-15 01:35 - 2016-08-10 00:47 - 00803176 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleaut32.dll
2016-09-15 01:35 - 2016-08-10 00:47 - 00611576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\oleaut32.dll
2016-09-15 01:35 - 2016-08-04 16:17 - 00416768 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv.sys
2016-09-15 01:35 - 2016-08-03 20:06 - 00675328 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv2.sys
2016-09-15 01:35 - 2016-08-03 20:05 - 00243712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srvnet.sys
2016-09-15 01:35 - 2016-06-11 05:44 - 00107984 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncryptsslp.dll
2016-09-15 01:35 - 2016-06-11 05:44 - 00091416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ncryptsslp.dll
2016-09-15 01:34 - 2016-09-01 05:08 - 20312064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2016-09-15 01:34 - 2016-09-01 04:46 - 00498688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2016-09-15 01:34 - 2016-09-01 04:24 - 00663552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2016-09-15 01:34 - 2016-09-01 03:39 - 00880128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcomm.dll
2016-09-15 01:34 - 2016-09-01 03:30 - 00692736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2016-09-15 01:34 - 2016-09-01 03:27 - 13808128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2016-09-15 01:34 - 2016-09-01 03:24 - 04607488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2016-09-15 01:34 - 2016-09-01 02:45 - 25770496 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2016-09-15 01:34 - 2016-09-01 02:43 - 02445824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2016-09-15 01:34 - 2016-09-01 02:42 - 00710144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2016-09-15 01:34 - 2016-09-01 02:38 - 01316352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2016-09-15 01:34 - 2016-09-01 02:24 - 00576000 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2016-09-15 01:34 - 2016-09-01 02:10 - 00817664 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2016-09-15 01:34 - 2016-09-01 02:06 - 06047232 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2016-09-15 01:34 - 2016-09-01 01:38 - 01032704 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcomm.dll
2016-09-15 01:34 - 2016-09-01 01:28 - 00806400 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2016-09-15 01:34 - 2016-09-01 01:15 - 15411712 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2016-09-15 01:34 - 2016-09-01 01:10 - 02921472 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2016-09-15 01:34 - 2016-09-01 00:58 - 01550848 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2016-09-15 01:34 - 2016-09-01 00:47 - 00800768 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2016-09-15 01:34 - 2016-08-26 07:51 - 02894336 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2016-09-15 01:34 - 2016-08-26 06:44 - 02286592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2016-09-15 01:34 - 2016-08-26 06:41 - 02881536 _____ (Microsoft Corporation) C:\WINDOWS\system32\actxprxy.dll
2016-09-15 01:34 - 2016-08-26 06:00 - 01049600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\actxprxy.dll
2016-09-15 01:33 - 2016-08-13 09:41 - 07445848 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2016-09-15 01:33 - 2016-08-13 09:40 - 01737080 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2016-09-15 01:33 - 2016-08-13 09:40 - 01663184 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2016-09-15 01:33 - 2016-08-13 09:40 - 01523208 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2016-09-15 01:33 - 2016-08-13 09:40 - 01490120 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2016-09-15 01:33 - 2016-08-13 09:40 - 01358952 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2016-09-15 01:33 - 2016-08-13 02:04 - 00059392 _____ (Microsoft Corporation) C:\WINDOWS\system32\csrsrv.dll
2016-09-15 01:32 - 2016-09-08 23:51 - 00443224 _____ (Microsoft Corporation) C:\WINDOWS\system32\msv1_0.dll
2016-09-15 01:32 - 2016-09-08 23:51 - 00332632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msv1_0.dll
2016-09-15 01:32 - 2016-08-22 18:06 - 00179248 _____ (Microsoft Corporation) C:\WINDOWS\system32\sspicli.dll
2016-09-15 01:32 - 2016-08-22 18:06 - 00100184 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecdd.sys
2016-09-15 01:32 - 2016-08-21 03:03 - 00201728 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb20.sys
2016-09-15 01:32 - 2016-08-21 03:01 - 00401408 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb.sys
2016-09-15 01:32 - 2016-08-21 03:01 - 00284672 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb10.sys
2016-09-15 01:32 - 2016-08-21 02:17 - 00445440 _____ (Microsoft Corporation) C:\WINDOWS\system32\certcli.dll
2016-09-15 01:32 - 2016-08-21 01:26 - 00324096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\certcli.dll
2016-09-15 01:32 - 2016-08-21 00:55 - 00104960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sspicli.dll
2016-09-15 01:32 - 2016-08-14 21:34 - 01541248 _____ (Microsoft Corporation) C:\WINDOWS\system32\user32.dll
2016-09-15 01:32 - 2016-08-14 20:25 - 04171264 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2016-09-15 01:32 - 2016-08-14 18:14 - 01376768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\user32.dll
2016-09-15 01:32 - 2016-08-11 18:26 - 01156608 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwanmm.dll
2016-09-15 01:32 - 2016-08-11 18:17 - 00627200 _____ (Microsoft Corporation) C:\WINDOWS\system32\pnidui.dll
2016-09-15 01:32 - 2016-08-11 18:16 - 00455680 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwanconn.dll
==================== Un mois - Modifiés - fichiers et dossiers ========
(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)
2016-10-13 10:21 - 2013-09-27 10:18 - 00003598 _____ C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-3531046685-3261579373-2195462380-1002
2016-10-13 10:16 - 2015-07-29 13:09 - 00000588 _____ C:\WINDOWS\system32\Drivers\etc\hosts.ics
2016-10-13 08:00 - 2015-10-12 13:55 - 00001232 _____ C:\WINDOWS\Tasks\DropboxUpdateTaskUserS-1-5-21-3531046685-3261579373-2195462380-1002UA.job
2016-10-13 06:48 - 2014-01-28 22:43 - 00000964 _____ C:\WINDOWS\Tasks\FacebookUpdateTaskUserS-1-5-21-3531046685-3261579373-2195462380-1002UA.job
2016-10-13 01:09 - 2012-07-26 09:59 - 00000000 ____D C:\WINDOWS\CbsTemp
2016-10-13 01:03 - 2013-09-27 08:13 - 00003968 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{8ADA0271-CC71-49E3-ABAF-F92DB012D76A}
2016-10-12 19:05 - 2013-08-22 16:45 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2016-10-12 19:04 - 2014-10-19 14:35 - 00000000 ____D C:\AdwCleaner
2016-10-12 18:57 - 2014-10-30 17:49 - 00000000 ____D C:\Users\Mathis
2016-10-12 18:34 - 2013-09-27 21:06 - 00000000 ____D C:\Users\Mathis\AppData\Local\Google
2016-10-12 18:34 - 2013-09-27 21:06 - 00000000 ____D C:\Program Files (x86)\Google
2016-10-12 18:33 - 2015-03-02 20:16 - 00000000 ____D C:\Users\Mathis\AppData\Local\Deployment
2016-10-12 18:32 - 2015-03-02 20:16 - 00000000 __SHD C:\Users\Mathis\AppData\LocalLow\EmieUserList
2016-10-12 18:32 - 2015-03-02 20:16 - 00000000 __SHD C:\Users\Mathis\AppData\LocalLow\EmieSiteList
2016-10-12 14:00 - 2015-10-12 13:55 - 00001180 _____ C:\WINDOWS\Tasks\DropboxUpdateTaskUserS-1-5-21-3531046685-3261579373-2195462380-1002Core.job
2016-10-11 14:38 - 2016-04-11 18:02 - 00000979 _____ C:\Users\Mathis\Desktop\Start Tor Browser.lnk
2016-10-11 14:38 - 2014-10-30 18:25 - 00001681 _____ C:\Users\Mathis\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2016-10-10 23:18 - 2014-10-31 19:04 - 04240384 ___SH C:\Users\Mathis\Desktop\Thumbs.db
2016-10-10 23:01 - 2016-04-23 12:13 - 00003184 _____ C:\WINDOWS\System32\Tasks\HPCeeScheduleForMathis
2016-10-10 23:01 - 2016-04-23 12:13 - 00000368 _____ C:\WINDOWS\Tasks\HPCeeScheduleForMathis.job
2016-10-10 22:51 - 2014-09-24 17:26 - 02025074 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2016-10-10 22:51 - 2014-09-24 16:41 - 00886220 _____ C:\WINDOWS\system32\perfh00C.dat
2016-10-10 22:51 - 2014-09-24 16:41 - 00191910 _____ C:\WINDOWS\system32\perfc00C.dat
2016-10-10 22:51 - 2013-08-22 15:36 - 00000000 ____D C:\WINDOWS\Inf
2016-10-10 21:48 - 2014-01-28 22:43 - 00000942 _____ C:\WINDOWS\Tasks\FacebookUpdateTaskUserS-1-5-21-3531046685-3261579373-2195462380-1002Core.job
2016-10-07 08:03 - 2014-09-11 17:04 - 00000000 ____D C:\Users\Mathis\AppData\Roaming\Dropbox
2016-10-05 20:38 - 2013-12-10 00:19 - 00000000 ____D C:\Users\Mathis\AppData\Roaming\vlc
2016-10-03 22:39 - 2013-08-22 15:25 - 00262144 ___SH C:\WINDOWS\system32\config\BBI
2016-10-01 16:59 - 2013-07-02 11:17 - 00000000 ____D C:\Program Files (x86)\Hewlett-Packard
2016-10-01 16:59 - 2012-08-04 02:02 - 00000000 ____D C:\SWSetup
2016-10-01 16:58 - 2013-08-09 17:36 - 00000000 ____D C:\WINDOWS\Hewlett-Packard
2016-10-01 16:57 - 2013-07-02 11:19 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Productivity and Tools
2016-10-01 16:55 - 2013-08-09 17:44 - 00000000 ____D C:\Program Files (x86)\CyberLink
2016-09-24 11:04 - 2013-12-14 18:13 - 00000000 ____D C:\Users\Mathis\Documents\My Games
2016-09-24 11:02 - 2013-08-09 17:34 - 00000000 ____D C:\ProgramData\Package Cache
2016-09-22 15:10 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\rescache
2016-09-22 08:12 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\AppReadiness
2016-09-16 14:07 - 2014-11-01 23:17 - 00000000 ____D C:\WINDOWS\Minidump
2016-09-16 14:07 - 2013-10-12 21:12 - 463727895 _____ C:\WINDOWS\MEMORY.DMP
2016-09-16 13:00 - 2015-09-14 18:24 - 00003598 _____ C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-3531046685-3261579373-2195462380-1007
2016-09-16 12:54 - 2013-08-22 17:36 - 00000000 ___HD C:\Program Files\WindowsApps
2016-09-16 11:55 - 2013-08-22 16:44 - 05061000 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2016-09-15 21:30 - 2013-09-29 21:02 - 00000000 ____D C:\WINDOWS\system32\MRT
2016-09-15 21:22 - 2013-09-29 21:02 - 144199024 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
==================== Fichiers à la racine de certains dossiers =======
2015-01-17 21:34 - 2003-09-03 08:46 - 0010960 _____ () C:\Program Files (x86)\EULA.txt
2016-02-03 11:59 - 2016-02-03 11:59 - 6871040 _____ () C:\Program Files (x86)\GUT5E8F.tmp
2015-01-17 21:34 - 2015-10-25 11:31 - 0000744 _____ () C:\Program Files (x86)\INSTALL.LOG
2015-01-17 21:34 - 2003-12-18 12:33 - 0020102 _____ () C:\Program Files (x86)\Readme.txt
2014-02-08 20:34 - 2016-06-08 13:30 - 0000270 _____ () C:\Users\Mathis\AppData\Roaming\WB.CFG
2013-12-09 11:21 - 2014-03-31 09:27 - 0004608 _____ () C:\Users\Mathis\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2013-12-26 23:06 - 2013-12-26 23:06 - 0007605 _____ () C:\Users\Mathis\AppData\Local\Resmon.ResmonCfg
2015-08-29 23:14 - 2015-08-29 23:14 - 0025761 _____ () C:\Users\Mathis\AppData\Local\Tempbg.jpg
2013-11-11 15:10 - 2015-08-29 23:14 - 0877747 ____N () C:\Users\Mathis\AppData\Local\Tempmusic.ogg
2016-08-29 10:15 - 2016-08-29 10:15 - 0000000 _____ () C:\Users\Mathis\AppData\Local\{5EDAA8AE-24C5-421F-97FB-09412812F924}
2016-01-26 21:49 - 2016-01-26 21:49 - 0000057 _____ () C:\ProgramData\Ament.ini
Fichiers à déplacer ou supprimer:
====================
C:\Users\Mathis\ZHPCleaner.exe
==================== Bamital & volsnap ======================
(Il n'y a pas de correction automatique pour les fichiers qui ne satisfont pas à la vérification.)
C:\WINDOWS\system32\winlogon.exe => Le fichier est signé numériquement
C:\WINDOWS\system32\wininit.exe => Le fichier est signé numériquement
C:\WINDOWS\explorer.exe => Le fichier est signé numériquement
C:\WINDOWS\SysWOW64\explorer.exe => Le fichier est signé numériquement
C:\WINDOWS\system32\svchost.exe => Le fichier est signé numériquement
C:\WINDOWS\SysWOW64\svchost.exe => Le fichier est signé numériquement
C:\WINDOWS\system32\services.exe => Le fichier est signé numériquement
C:\WINDOWS\system32\User32.dll => Le fichier est signé numériquement
C:\WINDOWS\SysWOW64\User32.dll => Le fichier est signé numériquement
C:\WINDOWS\system32\userinit.exe => Le fichier est signé numériquement
C:\WINDOWS\SysWOW64\userinit.exe => Le fichier est signé numériquement
C:\WINDOWS\system32\rpcss.dll => Le fichier est signé numériquement
C:\WINDOWS\system32\dnsapi.dll => Le fichier est signé numériquement
C:\WINDOWS\SysWOW64\dnsapi.dll => Le fichier est signé numériquement
C:\WINDOWS\system32\Drivers\volsnap.sys => Le fichier est signé numériquement
LastRegBack: 2016-10-10 23:47
==================== Fin de FRST.txt ============================