Publicité
Publicité
Format du document : text/plain
Prévisualisation
Résultats d'analyse de Farbar Recovery Scan Tool (FRST) (x64) Version: 17-10-2016
Exécuté par Dany (administrateur) sur DANY-PORTABLE (18-10-2016 15:26:11)
Exécuté depuis C:\Users\Dany\Desktop
Profils chargés: Dany & UpdatusUser (Profils disponibles: Dany & UpdatusUser)
Platform: Windows 8.1 (Update) (X64) Langue: Français (France)
Internet Explorer Version 11 (Navigateur par défaut: Chrome)
Mode d'amorçage: Normal
Tutoriel pour Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processus (Avec liste blanche) =================
(Si un élément est inclus dans le fichier fixlist.txt, le processus sera arrêté. Le fichier ne sera pas déplacé.)
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
() C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.12.945.9202\AdAwareService.exe
(猫哈网络 版权所有) C:\Program Files (x86)\GreatMaker\MaohaWiFi\MaohaWifiSvr.exe
() C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.12.945.9202\AdAwareTray.exe
(IObit) C:\Program Files (x86)\IObit\Start Menu 8\StartMenuServices.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(Transaction Software, D 81737 Munich) C:\BMWgroup\ETKLokal\transbase\tbmux32.exe
(TODO: <公司名>) C:\Program Files (x86)\YouKu\YoukuClient\WebServe.exe
(IObit) C:\Program Files (x86)\IObit\Start Menu 8\StartMenu_Hook.exe
(IObit) C:\Program Files (x86)\IObit\Start Menu 8\InstallServices.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
() C:\Windows\System32\igfxTray.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(IObit) C:\Program Files (x86)\IObit\Start Menu 8\StartMenu8.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office\root\Office16\WINWORD.EXE
==================== Registre (Avec liste blanche) ====================
(Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé. Le fichier ne sera pas déplacé.)
HKLM\...\Run: [RtHDVBg_LENOVO_MICPKEY] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1368792 2014-01-08] (Realtek Semiconductor)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2771184 2013-09-10] (Synaptics Incorporated)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13662936 2014-01-08] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_Dolby] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1368792 2014-01-08] (Realtek Semiconductor)
HKLM\...\Run: [] => [X]
HKLM\...\Run: [AdAwareTray] => C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.12.945.9202\AdAwareTray.exe [9571552 2016-07-18] ()
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [598552 2016-06-22] (Oracle Corporation)
HKU\S-1-5-21-762224936-743751336-2218651039-1004\...\Run: [Spotify Web Helper] => C:\Users\Dany\AppData\Roaming\Spotify\SpotifyWebHelper.exe [2018360 2015-09-01] (Spotify Ltd)
HKU\S-1-5-21-762224936-743751336-2218651039-1004\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [8912088 2016-08-26] (Piriform Ltd)
HKU\S-1-5-21-762224936-743751336-2218651039-1004\...\Run: [Spotify] => C:\Users\Dany\AppData\Roaming\Spotify\Spotify.exe [7535672 2015-09-01] (Spotify Ltd)
HKU\S-1-5-21-762224936-743751336-2218651039-1005\...\Run: [Spotify Web Helper] => C:\Users\Dany\AppData\Roaming\Spotify\SpotifyWebHelper.exe [2018360 2015-09-01] (Spotify Ltd)
HKU\S-1-5-21-762224936-743751336-2218651039-1005\...\Run: [Spotify] => C:\Users\Dany\AppData\Roaming\Spotify\Spotify.exe [7535672 2015-09-01] (Spotify Ltd)
ShellIconOverlayIdentifiers: [KzShlobj2] -> {AAA0C5B8-933F-4200-93AD-B143D7FFF9F3} => C:\Program Files (x86)\KuaiZip\X64\KZipShell.dll [2016-10-17] ()
ShellIconOverlayIdentifiers-x32: [ Report] -> {32C50D96-7A9E-4F3E-8763-F74D86AFEDC2} => C:\Users\Dany\AppData\Roaming\ytmediacenter\report.dll Pas de fichier
ShellIconOverlayIdentifiers-x32: [ YoukuModShlExt] -> {9071723E-9F41-4A8C-9CC2-EB6F94BA9B9E} => C:\Users\Dany\AppData\Roaming\ytmediacenter\coreplay.dll Pas de fichier
Startup: C:\Users\Dany\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\MAJ VCDS.lnk [2015-09-13]
ShortcutTarget: MAJ VCDS.lnk -> C:\Ross-Tech\VCDS-FRM\VCDS.exe (Ross-Tech, LLC)
GroupPolicy: Restriction - Chrome <======= ATTENTION
==================== Internet (Avec liste blanche) ====================
(Si un élément est inclus dans le fichier fixlist.txt, s'il s'agit d'un élément du Registre, il sera supprimé ou restauré à la valeur par défaut.)
Hosts: Il y a plus d'un élément dans hosts. Voir la section Hosts de Addition.txt
Tcpip\..\Interfaces\{5E09E8E9-3FE9-4C59-8473-417B546A0A82}: [DhcpNameServer] 192.168.2.1
Tcpip\..\Interfaces\{82CEB224-EA4E-447F-9323-E9D894F4A932}: [NameServer] 8.8.8.8,8.8.4.4,4.2.2.1,4.2.2.2,208.67.222.222,208.67.220.220,8.26.56.26,8.20.247.20,156.154.70.1,156.154.71.1
Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKU\S-1-5-21-762224936-743751336-2218651039-1004\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-762224936-743751336-2218651039-1005\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\Office16\OCHelper.dll [2016-10-17] (Microsoft Corporation)
BHO: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\root\Office16\GROOVEEX.DLL [2016-10-17] (Microsoft Corporation)
BHO-x32: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll [2016-10-17] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_101\bin\ssv.dll [2016-10-18] (Oracle Corporation)
BHO-x32: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\GROOVEEX.DLL [2016-10-17] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_101\bin\jp2ssv.dll [2016-10-18] (Oracle Corporation)
Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2016-10-17] (Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2016-10-17] (Microsoft Corporation)
Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2016-10-17] (Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2016-10-17] (Microsoft Corporation)
Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2016-10-17] (Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2016-10-17] (Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2016-10-17] (Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2016-10-17] (Microsoft Corporation)
FireFox:
========
FF Extension: (Belgium eID) - C:\Program Files (x86)\Mozilla Firefox\extensions\belgiumeid@eid.belgium.be [2015-12-21] [non signé]
FF HKLM-x32\...\Firefox\Extensions: [belgiumeid@eid.belgium.be] - C:\Program Files\Mozilla Firefox\extensions\belgiumeid@eid.belgium.be => non trouvé(e)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2016-10-17] (Microsoft Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.101.2 -> C:\Program Files (x86)\Java\jre1.8.0_101\bin\dtplugin\npDeployJava1.dll [2016-10-18] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.101.2 -> C:\Program Files (x86)\Java\jre1.8.0_101\bin\plugin2\npjp2.dll [2016-10-18] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2016-10-17] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2016-10-17] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-08-27] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-08-27] (Google Inc.)
Chrome:
=======
CHR DefaultProfile: ChromeDefaultData
CHR HomePage: ChromeDefaultData -> hxxp://www.google.be/
CHR Session Restore: ChromeDefaultData -> est activé.
CHR Plugin: (Widevine Content Decryption Module) - C:\Users\Dany\AppData\Local\Google\Chrome\User Data\WidevineCDM\1.4.8.824\_platform_specific\win_x86\widevinecdmadapter.dll => Pas de fichier
CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\53.0.2785.143\PepperFlash\pepflashplayer.dll ()
CHR Profile: C:\Users\Dany\AppData\Local\Google\Chrome\User Data\ChromeDefaultData [2016-10-18] <==== ATTENTION
CHR Extension: (Back to Backspace) - C:\Users\Dany\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\cldokedgmomhbifmiiogjjkgffhcbaec [2016-10-16]
CHR Extension: (Download) - C:\Users\Dany\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\nccjoeeljedbmkidebclpoabijggpbdp [2016-10-16]
CHR Extension: (Paiements via le Chrome Web Store) - C:\Users\Dany\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-06-05]
CHR Extension: (Chrome Media Router) - C:\Users\Dany\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2016-10-13]
CHR HKLM-x32\...\Chrome\Extension: [dkdiphcpgeoipjdhnnldnmifhpokfojg] - hxxps://clients2.google.com/service/update2/crx
==================== Services (Avec liste blanche) ====================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
S3 BMW iLean MaintenanceService; C:\Program Files (x86)\BMW\ISPI\iLean\ISPI Admin Client\Updater.Service.exe [15872 2014-08-01] (BMW Group) [Fichier non signé]
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [3064520 2016-10-08] (Microsoft Corporation)
R2 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe [355232 2015-08-09] (Intel Corporation)
R2 Kuaizip Update Checker; C:\Program Files (x86)\KuaiZip\X86\kuaizipUpdateChecker.dll [216704 2016-10-17] ()
R2 LavasoftAdAwareService11; C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.12.945.9202\AdAwareService.exe [732056 2016-07-18] ()
S2 LiveUpdateSvc; C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe [2909472 2015-08-26] (IObit)
R2 MaohaWifiSvr; C:\Program Files (x86)\GreatMaker\MaohaWiFi\MaohaWifiSvr.exe [170464 2014-12-18] (猫哈网络 版权所有)
R2 StartMenuService; C:\Program Files (x86)\IObit\Start Menu 8\StartMenuServices.exe [1055008 2015-08-26] (IObit)
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [5611280 2015-08-07] (TeamViewer GmbH)
R2 Transbase; C:\BMWgroup\ETKLokal\transbase\tbmux32.exe [385024 2004-08-05] (Transaction Software, D 81737 Munich) [Fichier non signé]
S3 vmicvss; C:\Windows\System32\ICSvc.dll [524800 2014-10-29] (Microsoft Corporation)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [366552 2015-07-07] (Microsoft Corporation)
R2 WebServe; C:\Program Files (x86)\YouKu\YoukuClient\WebServe.exe [370224 2015-12-08] (TODO: <公司名>)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2015-07-07] (Microsoft Corporation)
S2 BMWISTADInstallationCompleteBMWISTADInstallationComplete; "D:\BMW ISTA-D 3.44.10 Installation Complete\BMWISTADInstallationCompleteBMWISTADInstallationComplete.exe" affe6dc7e5264e7e8e5695737342bee0 [X]
S3 CHNGTSvc; c:\exervice.exe http://cloudfront.fce9de6573cee601804eafaf2fdb072b440a0959.xyz/download/xpack1014_BE_IE_PL_PT_RO.1476456723.exe [X] <==== ATTENTION
===================== Pilotes (Avec liste blanche) ======================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
R3 athr; C:\Windows\system32\DRIVERS\athwbx.sys [3859968 2013-08-15] (Qualcomm Atheros Communications, Inc.)
R3 avc3; C:\Windows\System32\DRIVERS\avc3.sys [1600512 2016-01-05] (BitDefender)
R3 avchv; C:\Windows\system32\DRIVERS\avchv.sys [282000 2016-01-05] (BitDefender)
R3 avckf; C:\Windows\System32\DRIVERS\avckf.sys [775424 2016-01-05] (BitDefender)
R1 BdfNdisf; C:\Windows\system32\DRIVERS\bdfndisf6.sys [107496 2016-02-16] (BitDefender LLC)
R1 bdfwfpf; C:\Program Files\Lavasoft\Ad-Aware Antivirus\Firewall Engine\1.6.1.0\Drivers\bdfwfpf.sys [115800 2016-02-16] (BitDefender LLC)
S0 ebdrv; C:\Windows\System32\drivers\evbda.sys [3357024 2013-08-22] (Broadcom Corporation)
S3 EsgScanner; C:\Windows\System32\DRIVERS\EsgScanner.sys [22704 2016-10-17] ()
R3 gzflt; C:\Program Files\Lavasoft\Ad-Aware Antivirus\Antimalware Engine\3.0.129.0\gzflt.sys [161592 2016-04-28] (BitDefender LLC)
R3 kmloop; C:\Windows\system32\DRIVERS\loop.sys [15360 2013-08-22] (Microsoft Corporation)
R2 KuaiZipDrive2; C:\Windows\system32\drivers\KuaiZipDrive2.sys [93072 2016-10-17] (WinMount International Inc) <==== ATTENTION
R1 MaohaWifiNetPro; C:\Program Files (x86)\GreatMaker\MaohaWiFi\MaoHaWiFiNet64.sys [871152 2015-10-27] ()
R3 MEIx64; C:\Windows\system32\DRIVERS\TeeDriverx64.sys [99288 2013-12-19] (Intel Corporation)
R3 SensorsAlsDriver; C:\Windows\system32\DRIVERS\WUDFRd.sys [226304 2014-10-29] (Microsoft Corporation)
R3 SensorsServiceDriver; C:\Windows\System32\drivers\WUDFRd.sys [226304 2014-10-29] (Microsoft Corporation)
R3 SmbDrvI; C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys [34544 2013-09-10] (Synaptics Incorporated)
R3 Trufos; C:\Windows\System32\DRIVERS\Trufos.sys [485512 2016-04-28] (BitDefender S.R.L.)
R1 ucdrv; C:\Windows\System32\drivers:ucdrv-x64.sys [80850 ] (UC Web Inc.) <==== ATTENTION
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44560 2015-07-07] (Microsoft Corporation)
R0 WdFilter; C:\Windows\System32\drivers\WdFilter.sys [270168 2015-07-07] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114520 2015-07-07] (Microsoft Corporation)
U3 catchme; \??\C:\Users\Dany\AppData\Local\Temp\catchmeabcd.sys [X]
==================== NetSvcs (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
==================== Un mois - Créés - fichiers et dossiers ========
(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)
2016-10-18 15:26 - 2016-10-18 15:26 - 00017758 _____ C:\Users\Dany\Desktop\FRST.txt
2016-10-18 15:25 - 2016-10-18 15:26 - 00000000 ____D C:\FRST
2016-10-18 15:25 - 2016-10-18 15:25 - 02407424 _____ (Farbar) C:\Users\Dany\Desktop\FRST64.exe
2016-10-18 10:00 - 2016-10-18 10:00 - 00098808 _____ C:\Users\Dany\Desktop\ZHPDiag.txt
2016-10-18 09:56 - 2016-10-18 09:56 - 00002668 _____ C:\Users\Dany\Desktop\ZHPFixReport.txt
2016-10-18 09:49 - 2016-10-18 09:49 - 00448512 _____ (OldTimer Tools) C:\Users\Dany\Desktop\TFC.exe
2016-10-18 08:46 - 2016-10-18 08:46 - 02415616 _____ C:\Users\Dany\Desktop\ZHPDiag3.exe
2016-10-18 08:45 - 2016-10-18 08:45 - 02415616 _____ C:\Users\Dany\ZHPDiag3.exe
2016-10-18 00:32 - 2016-10-18 00:32 - 03874368 _____ C:\Users\Dany\Downloads\adwcleaner_6.021.exe
2016-10-17 03:06 - 2016-10-17 03:06 - 00000000 ____D C:\Users\Dany\Documents\Youku Files
2016-10-17 02:39 - 2016-10-17 03:08 - 00000880 _____ C:\Users\Dany\Desktop\ZHPCleaner.lnk
2016-10-17 02:39 - 2016-10-17 02:39 - 02460160 _____ C:\Users\Dany\Downloads\ZHPCleaner.exe
2016-10-17 02:31 - 2016-10-17 02:31 - 01279784 _____ (UCWeb Inc.) C:\Users\Dany\Downloads\UCBrowser_V5.7.15533.1010_windows_pf101_(Build16090920).exe
2016-10-17 02:10 - 2016-10-17 02:10 - 02412032 _____ C:\Users\Dany\Downloads\ZHPDiag3.exe
2016-10-17 02:07 - 2016-10-18 10:01 - 00000000 ____D C:\Users\Dany\AppData\Roaming\ZHP
2016-10-17 02:07 - 2016-10-17 02:07 - 03521617 _____ (Nicolas Coolman ) C:\Users\Dany\Downloads\ZHPFix.exe
2016-10-17 02:07 - 2016-10-17 02:07 - 00001861 _____ C:\Users\Public\Desktop\ZHPFix.lnk
2016-10-17 02:07 - 2016-10-17 02:07 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ZHP
2016-10-17 02:07 - 2016-10-17 02:07 - 00000000 ____D C:\Program Files (x86)\ZHPFix
2016-10-17 02:00 - 2016-10-17 02:00 - 00000290 __RSH C:\Users\Dany\ntuser.pol
2016-10-17 01:44 - 2016-10-17 01:44 - 00000000 ____D C:\Users\Dany\AppData\Roaming\Lavasoft
2016-10-17 01:42 - 2016-10-17 02:36 - 00000000 ____D C:\Users\Dany\AppData\Local\UCBrowser
2016-10-17 01:42 - 2016-10-17 01:42 - 00004444 _____ C:\Windows\System32\Tasks\SecureUpdater
2016-10-17 01:42 - 2016-10-17 01:42 - 00000000 ____D C:\Program Files (x86)\GreatMaker
2016-10-17 01:40 - 2016-10-17 01:40 - 00000000 ____D C:\ProgramData\BitDefender
2016-10-17 01:38 - 2016-10-17 01:38 - 00002798 _____ C:\Windows\System32\Tasks\CCleanerSkipUAC
2016-10-17 01:38 - 2016-10-17 01:38 - 00000794 _____ C:\Users\Public\Desktop\CCleaner.lnk
2016-10-17 01:38 - 2016-10-17 01:38 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2016-10-17 01:38 - 2016-10-17 01:38 - 00000000 ____D C:\Program Files\CCleaner
2016-10-17 01:37 - 2016-10-17 01:37 - 08244656 _____ (Piriform Ltd) C:\Users\Dany\Downloads\ccsetup522.exe
2016-10-17 01:29 - 2016-10-17 03:05 - 00002312 _____ C:\Users\Public\Desktop\Ad-Aware Antivirus.lnk
2016-10-17 01:29 - 2016-10-17 01:29 - 00000000 ____H C:\Windows\system32\Drivers\Msft_Kernel_avchv_01009.Wdf
2016-10-17 01:29 - 2016-10-17 01:29 - 00000000 ____D C:\Users\Dany\AppData\Roaming\LavasoftStatistics
2016-10-17 01:29 - 2016-10-17 01:29 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lavasoft
2016-10-17 01:29 - 2016-10-17 01:29 - 00000000 ____D C:\Program Files\Lavasoft
2016-10-17 01:29 - 2016-02-16 16:52 - 01061776 _____ (BitDefender S.R.L.) C:\Windows\system32\bdsmtpp.dll
2016-10-17 01:29 - 2016-02-16 16:52 - 00209984 _____ (BitDefender) C:\Windows\system32\BdFirewallSDK.dll
2016-10-17 01:29 - 2016-02-16 16:52 - 00195016 _____ (BitDefender) C:\Windows\system32\httproxy.dll
2016-10-17 01:29 - 2016-02-16 16:52 - 00156936 _____ C:\Windows\system32\bdfwcore.dll
2016-10-17 01:29 - 2016-02-16 16:52 - 00155912 _____ (BitDefender S.R.L.) C:\Windows\system32\bdpop3p.dll
2016-10-17 01:29 - 2016-02-16 16:52 - 00122928 _____ (BitDefender) C:\Windows\system32\OEMbdpredir.dll
2016-10-17 01:29 - 2016-02-16 16:52 - 00096160 _____ (BitDefender) C:\Windows\system32\bdpredir.dll
2016-10-17 01:28 - 2016-10-17 01:28 - 00000000 ____D C:\ProgramData\Lavasoft
2016-10-17 01:28 - 2016-10-17 01:28 - 00000000 ____D C:\Program Files\Common Files\Lavasoft
2016-10-17 01:27 - 2016-10-17 01:28 - 02150192 _____ C:\Users\Dany\Downloads\Adaware_Installer.exe
2016-10-17 01:26 - 2016-10-17 01:26 - 00000000 _____ C:\autoexec.bat
2016-10-17 01:25 - 2016-10-17 01:25 - 03516080 _____ (Enigma Software Group USA, LLC.) C:\Users\Dany\Downloads\SpyHunter-Installer.exe
2016-10-17 01:25 - 2016-10-17 01:25 - 00022704 _____ C:\Windows\system32\Drivers\EsgScanner.sys
2016-10-17 01:23 - 2016-10-17 02:05 - 00000000 ____D C:\ProgramData\boost_interprocess
2016-10-17 01:22 - 2016-10-17 07:10 - 00000000 ____D C:\Users\Dany\AppData\Roaming\youku
2016-10-17 01:22 - 2016-10-17 01:22 - 00093072 _____ (WinMount International Inc) C:\Windows\system32\Drivers\KuaiZipDrive2.sys
2016-10-17 01:22 - 2016-10-17 01:22 - 00003416 _____ C:\Windows\System32\Tasks\KuaiZip_Update
2016-10-17 01:22 - 2016-10-17 01:22 - 00001051 _____ C:\Users\Dany\AppData\Roaming\Microsoft\Windows\Start Menu\KuaiZip.lnk
2016-10-17 01:22 - 2016-10-17 01:22 - 00000000 ____D C:\Users\Dany\AppData\Roaming\Softlink
2016-10-17 01:22 - 2016-10-17 01:22 - 00000000 ____D C:\Users\Dany\AppData\Roaming\KuaiZip
2016-10-17 01:22 - 2016-10-17 01:22 - 00000000 ____D C:\Program Files (x86)\YouKu
2016-10-17 01:22 - 2016-10-17 01:22 - 00000000 ____D C:\Program Files (x86)\KuaiZip
2016-10-17 01:18 - 2016-10-17 01:18 - 00000000 ____D C:\Users\Public\Thunder Network
2016-10-17 01:18 - 2016-10-17 01:18 - 00000000 ____D C:\ProgramData\Thunder Network
2016-10-17 01:17 - 2016-10-17 03:28 - 00000000 ____D C:\Users\Dany\AppData\Local\Apps\2.0
2016-10-17 01:17 - 2016-10-17 01:17 - 00000000 ____D C:\Users\Dany\AppData\Roaming\Mozilla
2016-10-17 01:16 - 2016-10-17 01:16 - 00000000 _____ C:\TOSTACK
2016-10-17 01:15 - 2016-10-17 01:15 - 00000000 ____D C:\ProgramData\Avira
2016-10-17 01:15 - 2016-10-17 01:15 - 00000000 ____D C:\ProgramData\Avg
2016-10-17 01:15 - 2016-10-17 01:15 - 00000000 ____D C:\ProgramData\AVAST Software
2016-10-17 01:14 - 2016-10-17 01:17 - 00008856 _____ C:\Windows\System32\Tasks\Perducult Verfier
2016-10-17 01:14 - 2016-10-17 01:14 - 00000290 __RSH C:\ProgramData\ntuser.pol
2016-10-17 00:54 - 2016-10-17 01:48 - 00000000 ____D C:\Program Files (x86)\Microsoft OneDrive
2016-10-17 00:54 - 2016-10-17 00:54 - 00003188 _____ C:\Windows\System32\Tasks\Microsoft OneDrive Auto Update Task-S-1-5-21-762224936-743751336-2218651039-1004
2016-10-17 00:54 - 2016-10-17 00:54 - 00002382 _____ C:\Users\Dany\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive Entreprise.lnk
2016-10-17 00:54 - 2016-10-17 00:54 - 00002286 _____ C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive Entreprise.lnk
2016-10-17 00:54 - 2016-10-17 00:54 - 00002286 _____ C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive Entreprise.lnk
2016-10-17 00:54 - 2016-10-17 00:54 - 00000000 ____D C:\ProgramData\Microsoft OneDrive
2016-10-17 00:53 - 2016-10-17 00:53 - 00000000 ___HT C:\Windows\wusa.lock
2016-10-17 00:53 - 2016-10-17 00:53 - 00000000 ____D C:\8ca1122a85ba0626497c03a733
2016-10-17 00:52 - 2016-10-17 00:52 - 00000000 ____D C:\Program Files\Common Files\DESIGNER
2016-10-17 00:36 - 2016-10-17 00:36 - 00002489 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype Entreprise 2016.lnk
2016-10-17 00:36 - 2016-10-17 00:36 - 00002477 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneDrive Entreprise.lnk
2016-10-17 00:36 - 2016-10-17 00:36 - 00002446 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Project 2016.lnk
2016-10-17 00:36 - 2016-10-17 00:36 - 00002432 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Visio 2016.lnk
2016-10-17 00:36 - 2016-10-17 00:36 - 00002415 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PowerPoint 2016.lnk
2016-10-17 00:36 - 2016-10-17 00:36 - 00002415 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Access 2016.lnk
2016-10-17 00:36 - 2016-10-17 00:36 - 00002400 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Outlook 2016.lnk
2016-10-17 00:36 - 2016-10-17 00:36 - 00002398 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Word 2016.lnk
2016-10-17 00:36 - 2016-10-17 00:36 - 00002388 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneNote 2016.lnk
2016-10-17 00:36 - 2016-10-17 00:36 - 00002388 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Excel 2016.lnk
2016-10-17 00:36 - 2016-10-17 00:36 - 00002338 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Publisher 2016.lnk
2016-10-17 00:36 - 2016-10-17 00:36 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Outils Microsoft Office 2016
2016-10-17 00:28 - 2016-10-17 01:02 - 00000000 ____D C:\Program Files\Microsoft Office
2016-10-17 00:28 - 2016-10-17 00:28 - 00000000 ____D C:\Program Files\Microsoft Office 15
2016-10-14 16:51 - 2016-10-14 16:51 - 00046592 _____ C:\exervice.exe
2016-10-13 00:27 - 2016-10-13 02:21 - 05979136 ___SH C:\Users\Dany\Downloads\Thumbs.db
2016-10-12 01:09 - 2016-10-13 01:47 - 00000000 ____D C:\Users\Dany\Desktop\Photos Voitures
2016-10-08 01:10 - 2016-10-08 01:10 - 00334616 _____ (Microsoft Corporation) C:\Windows\system32\concrt140.dll
2016-10-08 01:10 - 2016-10-08 01:10 - 00085744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vcruntime140.dll
2016-10-08 01:09 - 2016-10-08 01:09 - 00639728 _____ (Microsoft Corporation) C:\Windows\system32\msvcp140.dll
2016-10-08 01:09 - 2016-10-08 01:09 - 00443632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvcp140.dll
2016-10-08 01:09 - 2016-10-08 01:09 - 00244496 _____ (Microsoft Corporation) C:\Windows\SysWOW64\concrt140.dll
2016-10-08 01:08 - 2016-10-08 01:08 - 00394496 _____ (Microsoft Corporation) C:\Windows\system32\vccorlib140.dll
2016-10-08 01:08 - 2016-10-08 01:08 - 00271104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vccorlib140.dll
2016-10-08 01:08 - 2016-10-08 01:08 - 00089328 _____ (Microsoft Corporation) C:\Windows\system32\vcruntime140.dll
2016-10-06 01:03 - 2016-10-06 01:03 - 00021947 _____ C:\Users\Dany\Downloads\BMW_E6x_Code_List.xlsx
==================== Un mois - Modifiés - fichiers et dossiers ========
(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)
2016-10-18 09:58 - 2015-08-31 18:13 - 00003594 _____ C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-762224936-743751336-2218651039-1004
2016-10-18 08:45 - 2015-08-31 18:07 - 00000000 ____D C:\Users\Dany
2016-10-18 01:07 - 2015-09-01 20:58 - 00001104 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2016-10-18 00:52 - 2015-09-03 16:24 - 00000000 ____D C:\ProgramData\Oracle
2016-10-18 00:52 - 2015-09-03 16:24 - 00000000 ____D C:\Program Files (x86)\Java
2016-10-18 00:51 - 2015-09-03 16:24 - 00097856 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2016-10-18 00:51 - 2015-09-03 16:24 - 00000000 ____D C:\Users\Dany\.oracle_jre_usage
2016-10-18 00:51 - 2015-09-03 16:24 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2016-10-18 00:17 - 2015-09-13 03:22 - 00332800 ___SH C:\Users\Dany\Desktop\Thumbs.db
2016-10-18 00:00 - 2015-09-13 03:12 - 00000000 ____D C:\ProgramData\ProductData
2016-10-17 03:21 - 2015-09-05 14:12 - 00000000 ____D C:\Users\Dany\AppData\Roaming\uTorrent
2016-10-17 03:21 - 2015-06-08 01:38 - 00000000 ____D C:\Windows\Panther
2016-10-17 03:06 - 2015-09-01 23:40 - 00000000 ____D C:\Users\Dany\AppData\Local\Spotify
2016-10-17 03:06 - 2015-09-01 23:39 - 00000000 ____D C:\Users\Dany\AppData\Roaming\Spotify
2016-10-17 03:04 - 2015-08-31 19:24 - 00000000 __SHD C:\Users\Dany\IntelGraphicsProfiles
2016-10-17 03:03 - 2015-09-01 20:58 - 00001100 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2016-10-17 03:03 - 2013-08-22 16:45 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2016-10-17 02:05 - 2013-08-22 15:36 - 00000000 ____D C:\Windows\Inf
2016-10-17 01:59 - 2013-08-22 16:44 - 00482648 _____ C:\Windows\system32\FNTCACHE.DAT
2016-10-17 01:58 - 2013-08-22 15:25 - 00262144 ___SH C:\Windows\system32\config\BBI
2016-10-17 01:48 - 2015-12-21 23:10 - 00000000 ____D C:\Program Files (x86)\Belgium Identity Card
2016-10-17 01:48 - 2015-09-05 19:30 - 00000000 ____D C:\Program Files (x86)\BMW
2016-10-17 01:18 - 2015-09-06 16:46 - 00000000 ____D C:\Program Files (x86)\TeamViewer
2016-10-17 01:18 - 2015-09-05 14:39 - 00000000 ____D C:\Program Files (x86)\MSBuild
2016-10-17 01:18 - 2015-08-31 18:14 - 00000000 ____D C:\Program Files (x86)\Qualcomm Atheros
2016-10-17 01:17 - 2015-12-21 23:11 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2016-10-17 01:17 - 2015-09-13 03:12 - 00000000 ____D C:\Program Files (x86)\IObit
2016-10-17 01:17 - 2015-09-13 02:02 - 00000000 ____D C:\Program Files (x86)\Realtek
2016-10-17 01:17 - 2015-09-13 02:00 - 00000000 ___HD C:\Program Files (x86)\Temp
2016-10-17 01:17 - 2015-09-01 20:58 - 00000000 ____D C:\Program Files (x86)\Google
2016-10-17 01:17 - 2015-08-31 19:16 - 00000000 ____D C:\Program Files (x86)\Intel
2016-10-17 01:17 - 2015-08-31 19:12 - 00000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2016-10-17 01:17 - 2015-08-31 18:54 - 00000000 ____D C:\Program Files (x86)\Reference Assemblies
2016-10-17 01:17 - 2015-08-31 18:13 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2016-10-17 01:17 - 2013-08-22 17:36 - 00000000 __SHD C:\Program Files (x86)\Windows Sidebar
2016-10-17 01:17 - 2013-08-22 17:36 - 00000000 ____D C:\Program Files (x86)\Windows Portable Devices
2016-10-17 01:17 - 2013-08-22 17:36 - 00000000 ____D C:\Program Files (x86)\Windows Photo Viewer
2016-10-17 01:17 - 2013-08-22 17:36 - 00000000 ____D C:\Program Files (x86)\Windows NT
2016-10-17 01:17 - 2013-08-22 17:36 - 00000000 ____D C:\Program Files (x86)\Windows Multimedia Platform
2016-10-17 01:14 - 2013-08-22 17:36 - 00000000 ____D C:\Windows\system32\GroupPolicy
2016-10-17 01:08 - 2015-08-31 18:07 - 00000000 ____D C:\Users\Dany\AppData\Local\Packages
2016-10-17 00:54 - 2015-12-12 13:37 - 00000000 ____D C:\Users\Dany\Desktop\PFL
2016-10-17 00:53 - 2013-08-22 17:36 - 00000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2016-10-17 00:52 - 2016-06-24 11:05 - 00000000 ____D C:\Users\Dany\Desktop\ISTA 3.53.13_fr
2016-10-17 00:52 - 2015-11-27 20:50 - 00000000 ____D C:\Users\Dany\Desktop\BMW ISTA TOOLS & TUTOS
2016-10-17 00:52 - 2013-08-22 17:36 - 00000000 ____D C:\Program Files\Common Files\microsoft shared
2016-10-17 00:07 - 2015-09-05 17:31 - 00000000 ____D C:\BMWgroup
2016-10-16 23:55 - 2015-09-05 17:38 - 00001770 _____ C:\Users\Public\Desktop\ETK Admin.lnk
2016-10-16 23:55 - 2015-09-05 17:38 - 00001735 _____ C:\Users\Public\Desktop\ETK (Lokal).lnk
2016-10-16 23:55 - 2015-09-05 17:38 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ETKLokal
2016-10-12 01:10 - 2015-06-07 16:38 - 00812350 _____ C:\Windows\system32\perfh00C.dat
2016-10-12 01:10 - 2015-06-07 16:38 - 00159412 _____ C:\Windows\system32\perfc00C.dat
2016-10-12 01:10 - 2014-03-18 11:47 - 01824010 _____ C:\Windows\system32\PerfStringBackup.INI
2016-10-04 00:09 - 2015-09-01 21:00 - 00002213 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-10-03 23:20 - 2013-08-22 17:36 - 00000000 ____D C:\Windows\AppReadiness
2016-09-27 12:08 - 2013-08-22 17:36 - 00000000 ___HD C:\Program Files\WindowsApps
2016-09-27 11:57 - 2015-08-31 19:12 - 00000000 ____D C:\Users\UpdatusUser
==================== Fichiers à la racine de certains dossiers =======
2016-01-17 00:47 - 2016-01-17 01:47 - 0000115 _____ () C:\Users\Dany\AppData\Roaming\LogFile.txt
2015-12-21 23:29 - 2015-12-21 23:29 - 0000215 _____ () C:\Users\Dany\AppData\Local\config.ini
2015-12-21 23:06 - 2015-12-21 23:06 - 0000000 _____ () C:\Users\Dany\AppData\Local\simedit.log
2015-09-05 19:23 - 2015-09-05 19:23 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
2016-03-19 19:26 - 2016-03-20 16:16 - 0000193 _____ () C:\ProgramData\Microsoft.SqlServer.Compact.351.32.bc
Fichiers à déplacer ou supprimer:
====================
C:\Users\Dany\ZHPDiag3.exe
==================== Bamital & volsnap ======================
(Il n'y a pas de correction automatique pour les fichiers qui ne satisfont pas à la vérification.)
C:\Windows\system32\winlogon.exe => Le fichier est signé numériquement
C:\Windows\system32\wininit.exe => Le fichier est signé numériquement
C:\Windows\explorer.exe => Le fichier est signé numériquement
C:\Windows\SysWOW64\explorer.exe => Le fichier est signé numériquement
C:\Windows\system32\svchost.exe => Le fichier est signé numériquement
C:\Windows\SysWOW64\svchost.exe => Le fichier est signé numériquement
C:\Windows\system32\services.exe => Le fichier est signé numériquement
C:\Windows\system32\User32.dll => Le fichier est signé numériquement
C:\Windows\SysWOW64\User32.dll => Le fichier est signé numériquement
C:\Windows\system32\userinit.exe => Le fichier est signé numériquement
C:\Windows\SysWOW64\userinit.exe => Le fichier est signé numériquement
C:\Windows\system32\rpcss.dll => Le fichier est signé numériquement
C:\Windows\system32\dnsapi.dll => Le fichier est signé numériquement
C:\Windows\SysWOW64\dnsapi.dll => Le fichier est signé numériquement
C:\Windows\system32\Drivers\volsnap.sys => Le fichier est signé numériquement
LastRegBack: 2016-10-12 00:50
==================== Fin de FRST.txt ============================
Exécuté par Dany (administrateur) sur DANY-PORTABLE (18-10-2016 15:26:11)
Exécuté depuis C:\Users\Dany\Desktop
Profils chargés: Dany & UpdatusUser (Profils disponibles: Dany & UpdatusUser)
Platform: Windows 8.1 (Update) (X64) Langue: Français (France)
Internet Explorer Version 11 (Navigateur par défaut: Chrome)
Mode d'amorçage: Normal
Tutoriel pour Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processus (Avec liste blanche) =================
(Si un élément est inclus dans le fichier fixlist.txt, le processus sera arrêté. Le fichier ne sera pas déplacé.)
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
() C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.12.945.9202\AdAwareService.exe
(猫哈网络 版权所有) C:\Program Files (x86)\GreatMaker\MaohaWiFi\MaohaWifiSvr.exe
() C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.12.945.9202\AdAwareTray.exe
(IObit) C:\Program Files (x86)\IObit\Start Menu 8\StartMenuServices.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(Transaction Software, D 81737 Munich) C:\BMWgroup\ETKLokal\transbase\tbmux32.exe
(TODO: <公司名>) C:\Program Files (x86)\YouKu\YoukuClient\WebServe.exe
(IObit) C:\Program Files (x86)\IObit\Start Menu 8\StartMenu_Hook.exe
(IObit) C:\Program Files (x86)\IObit\Start Menu 8\InstallServices.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
() C:\Windows\System32\igfxTray.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(IObit) C:\Program Files (x86)\IObit\Start Menu 8\StartMenu8.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office\root\Office16\WINWORD.EXE
==================== Registre (Avec liste blanche) ====================
(Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé. Le fichier ne sera pas déplacé.)
HKLM\...\Run: [RtHDVBg_LENOVO_MICPKEY] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1368792 2014-01-08] (Realtek Semiconductor)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2771184 2013-09-10] (Synaptics Incorporated)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13662936 2014-01-08] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_Dolby] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1368792 2014-01-08] (Realtek Semiconductor)
HKLM\...\Run: [] => [X]
HKLM\...\Run: [AdAwareTray] => C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.12.945.9202\AdAwareTray.exe [9571552 2016-07-18] ()
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [598552 2016-06-22] (Oracle Corporation)
HKU\S-1-5-21-762224936-743751336-2218651039-1004\...\Run: [Spotify Web Helper] => C:\Users\Dany\AppData\Roaming\Spotify\SpotifyWebHelper.exe [2018360 2015-09-01] (Spotify Ltd)
HKU\S-1-5-21-762224936-743751336-2218651039-1004\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [8912088 2016-08-26] (Piriform Ltd)
HKU\S-1-5-21-762224936-743751336-2218651039-1004\...\Run: [Spotify] => C:\Users\Dany\AppData\Roaming\Spotify\Spotify.exe [7535672 2015-09-01] (Spotify Ltd)
HKU\S-1-5-21-762224936-743751336-2218651039-1005\...\Run: [Spotify Web Helper] => C:\Users\Dany\AppData\Roaming\Spotify\SpotifyWebHelper.exe [2018360 2015-09-01] (Spotify Ltd)
HKU\S-1-5-21-762224936-743751336-2218651039-1005\...\Run: [Spotify] => C:\Users\Dany\AppData\Roaming\Spotify\Spotify.exe [7535672 2015-09-01] (Spotify Ltd)
ShellIconOverlayIdentifiers: [KzShlobj2] -> {AAA0C5B8-933F-4200-93AD-B143D7FFF9F3} => C:\Program Files (x86)\KuaiZip\X64\KZipShell.dll [2016-10-17] ()
ShellIconOverlayIdentifiers-x32: [ Report] -> {32C50D96-7A9E-4F3E-8763-F74D86AFEDC2} => C:\Users\Dany\AppData\Roaming\ytmediacenter\report.dll Pas de fichier
ShellIconOverlayIdentifiers-x32: [ YoukuModShlExt] -> {9071723E-9F41-4A8C-9CC2-EB6F94BA9B9E} => C:\Users\Dany\AppData\Roaming\ytmediacenter\coreplay.dll Pas de fichier
Startup: C:\Users\Dany\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\MAJ VCDS.lnk [2015-09-13]
ShortcutTarget: MAJ VCDS.lnk -> C:\Ross-Tech\VCDS-FRM\VCDS.exe (Ross-Tech, LLC)
GroupPolicy: Restriction - Chrome <======= ATTENTION
==================== Internet (Avec liste blanche) ====================
(Si un élément est inclus dans le fichier fixlist.txt, s'il s'agit d'un élément du Registre, il sera supprimé ou restauré à la valeur par défaut.)
Hosts: Il y a plus d'un élément dans hosts. Voir la section Hosts de Addition.txt
Tcpip\..\Interfaces\{5E09E8E9-3FE9-4C59-8473-417B546A0A82}: [DhcpNameServer] 192.168.2.1
Tcpip\..\Interfaces\{82CEB224-EA4E-447F-9323-E9D894F4A932}: [NameServer] 8.8.8.8,8.8.4.4,4.2.2.1,4.2.2.2,208.67.222.222,208.67.220.220,8.26.56.26,8.20.247.20,156.154.70.1,156.154.71.1
Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKU\S-1-5-21-762224936-743751336-2218651039-1004\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-762224936-743751336-2218651039-1005\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\Office16\OCHelper.dll [2016-10-17] (Microsoft Corporation)
BHO: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\root\Office16\GROOVEEX.DLL [2016-10-17] (Microsoft Corporation)
BHO-x32: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll [2016-10-17] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_101\bin\ssv.dll [2016-10-18] (Oracle Corporation)
BHO-x32: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\GROOVEEX.DLL [2016-10-17] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_101\bin\jp2ssv.dll [2016-10-18] (Oracle Corporation)
Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2016-10-17] (Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2016-10-17] (Microsoft Corporation)
Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2016-10-17] (Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2016-10-17] (Microsoft Corporation)
Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2016-10-17] (Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2016-10-17] (Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2016-10-17] (Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2016-10-17] (Microsoft Corporation)
FireFox:
========
FF Extension: (Belgium eID) - C:\Program Files (x86)\Mozilla Firefox\extensions\belgiumeid@eid.belgium.be [2015-12-21] [non signé]
FF HKLM-x32\...\Firefox\Extensions: [belgiumeid@eid.belgium.be] - C:\Program Files\Mozilla Firefox\extensions\belgiumeid@eid.belgium.be => non trouvé(e)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2016-10-17] (Microsoft Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.101.2 -> C:\Program Files (x86)\Java\jre1.8.0_101\bin\dtplugin\npDeployJava1.dll [2016-10-18] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.101.2 -> C:\Program Files (x86)\Java\jre1.8.0_101\bin\plugin2\npjp2.dll [2016-10-18] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2016-10-17] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2016-10-17] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-08-27] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-08-27] (Google Inc.)
Chrome:
=======
CHR DefaultProfile: ChromeDefaultData
CHR HomePage: ChromeDefaultData -> hxxp://www.google.be/
CHR Session Restore: ChromeDefaultData -> est activé.
CHR Plugin: (Widevine Content Decryption Module) - C:\Users\Dany\AppData\Local\Google\Chrome\User Data\WidevineCDM\1.4.8.824\_platform_specific\win_x86\widevinecdmadapter.dll => Pas de fichier
CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\53.0.2785.143\PepperFlash\pepflashplayer.dll ()
CHR Profile: C:\Users\Dany\AppData\Local\Google\Chrome\User Data\ChromeDefaultData [2016-10-18] <==== ATTENTION
CHR Extension: (Back to Backspace) - C:\Users\Dany\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\cldokedgmomhbifmiiogjjkgffhcbaec [2016-10-16]
CHR Extension: (Download) - C:\Users\Dany\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\nccjoeeljedbmkidebclpoabijggpbdp [2016-10-16]
CHR Extension: (Paiements via le Chrome Web Store) - C:\Users\Dany\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-06-05]
CHR Extension: (Chrome Media Router) - C:\Users\Dany\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2016-10-13]
CHR HKLM-x32\...\Chrome\Extension: [dkdiphcpgeoipjdhnnldnmifhpokfojg] - hxxps://clients2.google.com/service/update2/crx
==================== Services (Avec liste blanche) ====================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
S3 BMW iLean MaintenanceService; C:\Program Files (x86)\BMW\ISPI\iLean\ISPI Admin Client\Updater.Service.exe [15872 2014-08-01] (BMW Group) [Fichier non signé]
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [3064520 2016-10-08] (Microsoft Corporation)
R2 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe [355232 2015-08-09] (Intel Corporation)
R2 Kuaizip Update Checker; C:\Program Files (x86)\KuaiZip\X86\kuaizipUpdateChecker.dll [216704 2016-10-17] ()
R2 LavasoftAdAwareService11; C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.12.945.9202\AdAwareService.exe [732056 2016-07-18] ()
S2 LiveUpdateSvc; C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe [2909472 2015-08-26] (IObit)
R2 MaohaWifiSvr; C:\Program Files (x86)\GreatMaker\MaohaWiFi\MaohaWifiSvr.exe [170464 2014-12-18] (猫哈网络 版权所有)
R2 StartMenuService; C:\Program Files (x86)\IObit\Start Menu 8\StartMenuServices.exe [1055008 2015-08-26] (IObit)
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [5611280 2015-08-07] (TeamViewer GmbH)
R2 Transbase; C:\BMWgroup\ETKLokal\transbase\tbmux32.exe [385024 2004-08-05] (Transaction Software, D 81737 Munich) [Fichier non signé]
S3 vmicvss; C:\Windows\System32\ICSvc.dll [524800 2014-10-29] (Microsoft Corporation)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [366552 2015-07-07] (Microsoft Corporation)
R2 WebServe; C:\Program Files (x86)\YouKu\YoukuClient\WebServe.exe [370224 2015-12-08] (TODO: <公司名>)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2015-07-07] (Microsoft Corporation)
S2 BMWISTADInstallationCompleteBMWISTADInstallationComplete; "D:\BMW ISTA-D 3.44.10 Installation Complete\BMWISTADInstallationCompleteBMWISTADInstallationComplete.exe" affe6dc7e5264e7e8e5695737342bee0 [X]
S3 CHNGTSvc; c:\exervice.exe http://cloudfront.fce9de6573cee601804eafaf2fdb072b440a0959.xyz/download/xpack1014_BE_IE_PL_PT_RO.1476456723.exe [X] <==== ATTENTION
===================== Pilotes (Avec liste blanche) ======================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
R3 athr; C:\Windows\system32\DRIVERS\athwbx.sys [3859968 2013-08-15] (Qualcomm Atheros Communications, Inc.)
R3 avc3; C:\Windows\System32\DRIVERS\avc3.sys [1600512 2016-01-05] (BitDefender)
R3 avchv; C:\Windows\system32\DRIVERS\avchv.sys [282000 2016-01-05] (BitDefender)
R3 avckf; C:\Windows\System32\DRIVERS\avckf.sys [775424 2016-01-05] (BitDefender)
R1 BdfNdisf; C:\Windows\system32\DRIVERS\bdfndisf6.sys [107496 2016-02-16] (BitDefender LLC)
R1 bdfwfpf; C:\Program Files\Lavasoft\Ad-Aware Antivirus\Firewall Engine\1.6.1.0\Drivers\bdfwfpf.sys [115800 2016-02-16] (BitDefender LLC)
S0 ebdrv; C:\Windows\System32\drivers\evbda.sys [3357024 2013-08-22] (Broadcom Corporation)
S3 EsgScanner; C:\Windows\System32\DRIVERS\EsgScanner.sys [22704 2016-10-17] ()
R3 gzflt; C:\Program Files\Lavasoft\Ad-Aware Antivirus\Antimalware Engine\3.0.129.0\gzflt.sys [161592 2016-04-28] (BitDefender LLC)
R3 kmloop; C:\Windows\system32\DRIVERS\loop.sys [15360 2013-08-22] (Microsoft Corporation)
R2 KuaiZipDrive2; C:\Windows\system32\drivers\KuaiZipDrive2.sys [93072 2016-10-17] (WinMount International Inc) <==== ATTENTION
R1 MaohaWifiNetPro; C:\Program Files (x86)\GreatMaker\MaohaWiFi\MaoHaWiFiNet64.sys [871152 2015-10-27] ()
R3 MEIx64; C:\Windows\system32\DRIVERS\TeeDriverx64.sys [99288 2013-12-19] (Intel Corporation)
R3 SensorsAlsDriver; C:\Windows\system32\DRIVERS\WUDFRd.sys [226304 2014-10-29] (Microsoft Corporation)
R3 SensorsServiceDriver; C:\Windows\System32\drivers\WUDFRd.sys [226304 2014-10-29] (Microsoft Corporation)
R3 SmbDrvI; C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys [34544 2013-09-10] (Synaptics Incorporated)
R3 Trufos; C:\Windows\System32\DRIVERS\Trufos.sys [485512 2016-04-28] (BitDefender S.R.L.)
R1 ucdrv; C:\Windows\System32\drivers:ucdrv-x64.sys [80850 ] (UC Web Inc.) <==== ATTENTION
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44560 2015-07-07] (Microsoft Corporation)
R0 WdFilter; C:\Windows\System32\drivers\WdFilter.sys [270168 2015-07-07] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114520 2015-07-07] (Microsoft Corporation)
U3 catchme; \??\C:\Users\Dany\AppData\Local\Temp\catchmeabcd.sys [X]
==================== NetSvcs (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
==================== Un mois - Créés - fichiers et dossiers ========
(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)
2016-10-18 15:26 - 2016-10-18 15:26 - 00017758 _____ C:\Users\Dany\Desktop\FRST.txt
2016-10-18 15:25 - 2016-10-18 15:26 - 00000000 ____D C:\FRST
2016-10-18 15:25 - 2016-10-18 15:25 - 02407424 _____ (Farbar) C:\Users\Dany\Desktop\FRST64.exe
2016-10-18 10:00 - 2016-10-18 10:00 - 00098808 _____ C:\Users\Dany\Desktop\ZHPDiag.txt
2016-10-18 09:56 - 2016-10-18 09:56 - 00002668 _____ C:\Users\Dany\Desktop\ZHPFixReport.txt
2016-10-18 09:49 - 2016-10-18 09:49 - 00448512 _____ (OldTimer Tools) C:\Users\Dany\Desktop\TFC.exe
2016-10-18 08:46 - 2016-10-18 08:46 - 02415616 _____ C:\Users\Dany\Desktop\ZHPDiag3.exe
2016-10-18 08:45 - 2016-10-18 08:45 - 02415616 _____ C:\Users\Dany\ZHPDiag3.exe
2016-10-18 00:32 - 2016-10-18 00:32 - 03874368 _____ C:\Users\Dany\Downloads\adwcleaner_6.021.exe
2016-10-17 03:06 - 2016-10-17 03:06 - 00000000 ____D C:\Users\Dany\Documents\Youku Files
2016-10-17 02:39 - 2016-10-17 03:08 - 00000880 _____ C:\Users\Dany\Desktop\ZHPCleaner.lnk
2016-10-17 02:39 - 2016-10-17 02:39 - 02460160 _____ C:\Users\Dany\Downloads\ZHPCleaner.exe
2016-10-17 02:31 - 2016-10-17 02:31 - 01279784 _____ (UCWeb Inc.) C:\Users\Dany\Downloads\UCBrowser_V5.7.15533.1010_windows_pf101_(Build16090920).exe
2016-10-17 02:10 - 2016-10-17 02:10 - 02412032 _____ C:\Users\Dany\Downloads\ZHPDiag3.exe
2016-10-17 02:07 - 2016-10-18 10:01 - 00000000 ____D C:\Users\Dany\AppData\Roaming\ZHP
2016-10-17 02:07 - 2016-10-17 02:07 - 03521617 _____ (Nicolas Coolman ) C:\Users\Dany\Downloads\ZHPFix.exe
2016-10-17 02:07 - 2016-10-17 02:07 - 00001861 _____ C:\Users\Public\Desktop\ZHPFix.lnk
2016-10-17 02:07 - 2016-10-17 02:07 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ZHP
2016-10-17 02:07 - 2016-10-17 02:07 - 00000000 ____D C:\Program Files (x86)\ZHPFix
2016-10-17 02:00 - 2016-10-17 02:00 - 00000290 __RSH C:\Users\Dany\ntuser.pol
2016-10-17 01:44 - 2016-10-17 01:44 - 00000000 ____D C:\Users\Dany\AppData\Roaming\Lavasoft
2016-10-17 01:42 - 2016-10-17 02:36 - 00000000 ____D C:\Users\Dany\AppData\Local\UCBrowser
2016-10-17 01:42 - 2016-10-17 01:42 - 00004444 _____ C:\Windows\System32\Tasks\SecureUpdater
2016-10-17 01:42 - 2016-10-17 01:42 - 00000000 ____D C:\Program Files (x86)\GreatMaker
2016-10-17 01:40 - 2016-10-17 01:40 - 00000000 ____D C:\ProgramData\BitDefender
2016-10-17 01:38 - 2016-10-17 01:38 - 00002798 _____ C:\Windows\System32\Tasks\CCleanerSkipUAC
2016-10-17 01:38 - 2016-10-17 01:38 - 00000794 _____ C:\Users\Public\Desktop\CCleaner.lnk
2016-10-17 01:38 - 2016-10-17 01:38 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2016-10-17 01:38 - 2016-10-17 01:38 - 00000000 ____D C:\Program Files\CCleaner
2016-10-17 01:37 - 2016-10-17 01:37 - 08244656 _____ (Piriform Ltd) C:\Users\Dany\Downloads\ccsetup522.exe
2016-10-17 01:29 - 2016-10-17 03:05 - 00002312 _____ C:\Users\Public\Desktop\Ad-Aware Antivirus.lnk
2016-10-17 01:29 - 2016-10-17 01:29 - 00000000 ____H C:\Windows\system32\Drivers\Msft_Kernel_avchv_01009.Wdf
2016-10-17 01:29 - 2016-10-17 01:29 - 00000000 ____D C:\Users\Dany\AppData\Roaming\LavasoftStatistics
2016-10-17 01:29 - 2016-10-17 01:29 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lavasoft
2016-10-17 01:29 - 2016-10-17 01:29 - 00000000 ____D C:\Program Files\Lavasoft
2016-10-17 01:29 - 2016-02-16 16:52 - 01061776 _____ (BitDefender S.R.L.) C:\Windows\system32\bdsmtpp.dll
2016-10-17 01:29 - 2016-02-16 16:52 - 00209984 _____ (BitDefender) C:\Windows\system32\BdFirewallSDK.dll
2016-10-17 01:29 - 2016-02-16 16:52 - 00195016 _____ (BitDefender) C:\Windows\system32\httproxy.dll
2016-10-17 01:29 - 2016-02-16 16:52 - 00156936 _____ C:\Windows\system32\bdfwcore.dll
2016-10-17 01:29 - 2016-02-16 16:52 - 00155912 _____ (BitDefender S.R.L.) C:\Windows\system32\bdpop3p.dll
2016-10-17 01:29 - 2016-02-16 16:52 - 00122928 _____ (BitDefender) C:\Windows\system32\OEMbdpredir.dll
2016-10-17 01:29 - 2016-02-16 16:52 - 00096160 _____ (BitDefender) C:\Windows\system32\bdpredir.dll
2016-10-17 01:28 - 2016-10-17 01:28 - 00000000 ____D C:\ProgramData\Lavasoft
2016-10-17 01:28 - 2016-10-17 01:28 - 00000000 ____D C:\Program Files\Common Files\Lavasoft
2016-10-17 01:27 - 2016-10-17 01:28 - 02150192 _____ C:\Users\Dany\Downloads\Adaware_Installer.exe
2016-10-17 01:26 - 2016-10-17 01:26 - 00000000 _____ C:\autoexec.bat
2016-10-17 01:25 - 2016-10-17 01:25 - 03516080 _____ (Enigma Software Group USA, LLC.) C:\Users\Dany\Downloads\SpyHunter-Installer.exe
2016-10-17 01:25 - 2016-10-17 01:25 - 00022704 _____ C:\Windows\system32\Drivers\EsgScanner.sys
2016-10-17 01:23 - 2016-10-17 02:05 - 00000000 ____D C:\ProgramData\boost_interprocess
2016-10-17 01:22 - 2016-10-17 07:10 - 00000000 ____D C:\Users\Dany\AppData\Roaming\youku
2016-10-17 01:22 - 2016-10-17 01:22 - 00093072 _____ (WinMount International Inc) C:\Windows\system32\Drivers\KuaiZipDrive2.sys
2016-10-17 01:22 - 2016-10-17 01:22 - 00003416 _____ C:\Windows\System32\Tasks\KuaiZip_Update
2016-10-17 01:22 - 2016-10-17 01:22 - 00001051 _____ C:\Users\Dany\AppData\Roaming\Microsoft\Windows\Start Menu\KuaiZip.lnk
2016-10-17 01:22 - 2016-10-17 01:22 - 00000000 ____D C:\Users\Dany\AppData\Roaming\Softlink
2016-10-17 01:22 - 2016-10-17 01:22 - 00000000 ____D C:\Users\Dany\AppData\Roaming\KuaiZip
2016-10-17 01:22 - 2016-10-17 01:22 - 00000000 ____D C:\Program Files (x86)\YouKu
2016-10-17 01:22 - 2016-10-17 01:22 - 00000000 ____D C:\Program Files (x86)\KuaiZip
2016-10-17 01:18 - 2016-10-17 01:18 - 00000000 ____D C:\Users\Public\Thunder Network
2016-10-17 01:18 - 2016-10-17 01:18 - 00000000 ____D C:\ProgramData\Thunder Network
2016-10-17 01:17 - 2016-10-17 03:28 - 00000000 ____D C:\Users\Dany\AppData\Local\Apps\2.0
2016-10-17 01:17 - 2016-10-17 01:17 - 00000000 ____D C:\Users\Dany\AppData\Roaming\Mozilla
2016-10-17 01:16 - 2016-10-17 01:16 - 00000000 _____ C:\TOSTACK
2016-10-17 01:15 - 2016-10-17 01:15 - 00000000 ____D C:\ProgramData\Avira
2016-10-17 01:15 - 2016-10-17 01:15 - 00000000 ____D C:\ProgramData\Avg
2016-10-17 01:15 - 2016-10-17 01:15 - 00000000 ____D C:\ProgramData\AVAST Software
2016-10-17 01:14 - 2016-10-17 01:17 - 00008856 _____ C:\Windows\System32\Tasks\Perducult Verfier
2016-10-17 01:14 - 2016-10-17 01:14 - 00000290 __RSH C:\ProgramData\ntuser.pol
2016-10-17 00:54 - 2016-10-17 01:48 - 00000000 ____D C:\Program Files (x86)\Microsoft OneDrive
2016-10-17 00:54 - 2016-10-17 00:54 - 00003188 _____ C:\Windows\System32\Tasks\Microsoft OneDrive Auto Update Task-S-1-5-21-762224936-743751336-2218651039-1004
2016-10-17 00:54 - 2016-10-17 00:54 - 00002382 _____ C:\Users\Dany\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive Entreprise.lnk
2016-10-17 00:54 - 2016-10-17 00:54 - 00002286 _____ C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive Entreprise.lnk
2016-10-17 00:54 - 2016-10-17 00:54 - 00002286 _____ C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive Entreprise.lnk
2016-10-17 00:54 - 2016-10-17 00:54 - 00000000 ____D C:\ProgramData\Microsoft OneDrive
2016-10-17 00:53 - 2016-10-17 00:53 - 00000000 ___HT C:\Windows\wusa.lock
2016-10-17 00:53 - 2016-10-17 00:53 - 00000000 ____D C:\8ca1122a85ba0626497c03a733
2016-10-17 00:52 - 2016-10-17 00:52 - 00000000 ____D C:\Program Files\Common Files\DESIGNER
2016-10-17 00:36 - 2016-10-17 00:36 - 00002489 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype Entreprise 2016.lnk
2016-10-17 00:36 - 2016-10-17 00:36 - 00002477 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneDrive Entreprise.lnk
2016-10-17 00:36 - 2016-10-17 00:36 - 00002446 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Project 2016.lnk
2016-10-17 00:36 - 2016-10-17 00:36 - 00002432 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Visio 2016.lnk
2016-10-17 00:36 - 2016-10-17 00:36 - 00002415 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PowerPoint 2016.lnk
2016-10-17 00:36 - 2016-10-17 00:36 - 00002415 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Access 2016.lnk
2016-10-17 00:36 - 2016-10-17 00:36 - 00002400 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Outlook 2016.lnk
2016-10-17 00:36 - 2016-10-17 00:36 - 00002398 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Word 2016.lnk
2016-10-17 00:36 - 2016-10-17 00:36 - 00002388 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneNote 2016.lnk
2016-10-17 00:36 - 2016-10-17 00:36 - 00002388 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Excel 2016.lnk
2016-10-17 00:36 - 2016-10-17 00:36 - 00002338 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Publisher 2016.lnk
2016-10-17 00:36 - 2016-10-17 00:36 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Outils Microsoft Office 2016
2016-10-17 00:28 - 2016-10-17 01:02 - 00000000 ____D C:\Program Files\Microsoft Office
2016-10-17 00:28 - 2016-10-17 00:28 - 00000000 ____D C:\Program Files\Microsoft Office 15
2016-10-14 16:51 - 2016-10-14 16:51 - 00046592 _____ C:\exervice.exe
2016-10-13 00:27 - 2016-10-13 02:21 - 05979136 ___SH C:\Users\Dany\Downloads\Thumbs.db
2016-10-12 01:09 - 2016-10-13 01:47 - 00000000 ____D C:\Users\Dany\Desktop\Photos Voitures
2016-10-08 01:10 - 2016-10-08 01:10 - 00334616 _____ (Microsoft Corporation) C:\Windows\system32\concrt140.dll
2016-10-08 01:10 - 2016-10-08 01:10 - 00085744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vcruntime140.dll
2016-10-08 01:09 - 2016-10-08 01:09 - 00639728 _____ (Microsoft Corporation) C:\Windows\system32\msvcp140.dll
2016-10-08 01:09 - 2016-10-08 01:09 - 00443632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvcp140.dll
2016-10-08 01:09 - 2016-10-08 01:09 - 00244496 _____ (Microsoft Corporation) C:\Windows\SysWOW64\concrt140.dll
2016-10-08 01:08 - 2016-10-08 01:08 - 00394496 _____ (Microsoft Corporation) C:\Windows\system32\vccorlib140.dll
2016-10-08 01:08 - 2016-10-08 01:08 - 00271104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vccorlib140.dll
2016-10-08 01:08 - 2016-10-08 01:08 - 00089328 _____ (Microsoft Corporation) C:\Windows\system32\vcruntime140.dll
2016-10-06 01:03 - 2016-10-06 01:03 - 00021947 _____ C:\Users\Dany\Downloads\BMW_E6x_Code_List.xlsx
==================== Un mois - Modifiés - fichiers et dossiers ========
(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)
2016-10-18 09:58 - 2015-08-31 18:13 - 00003594 _____ C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-762224936-743751336-2218651039-1004
2016-10-18 08:45 - 2015-08-31 18:07 - 00000000 ____D C:\Users\Dany
2016-10-18 01:07 - 2015-09-01 20:58 - 00001104 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2016-10-18 00:52 - 2015-09-03 16:24 - 00000000 ____D C:\ProgramData\Oracle
2016-10-18 00:52 - 2015-09-03 16:24 - 00000000 ____D C:\Program Files (x86)\Java
2016-10-18 00:51 - 2015-09-03 16:24 - 00097856 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2016-10-18 00:51 - 2015-09-03 16:24 - 00000000 ____D C:\Users\Dany\.oracle_jre_usage
2016-10-18 00:51 - 2015-09-03 16:24 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2016-10-18 00:17 - 2015-09-13 03:22 - 00332800 ___SH C:\Users\Dany\Desktop\Thumbs.db
2016-10-18 00:00 - 2015-09-13 03:12 - 00000000 ____D C:\ProgramData\ProductData
2016-10-17 03:21 - 2015-09-05 14:12 - 00000000 ____D C:\Users\Dany\AppData\Roaming\uTorrent
2016-10-17 03:21 - 2015-06-08 01:38 - 00000000 ____D C:\Windows\Panther
2016-10-17 03:06 - 2015-09-01 23:40 - 00000000 ____D C:\Users\Dany\AppData\Local\Spotify
2016-10-17 03:06 - 2015-09-01 23:39 - 00000000 ____D C:\Users\Dany\AppData\Roaming\Spotify
2016-10-17 03:04 - 2015-08-31 19:24 - 00000000 __SHD C:\Users\Dany\IntelGraphicsProfiles
2016-10-17 03:03 - 2015-09-01 20:58 - 00001100 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2016-10-17 03:03 - 2013-08-22 16:45 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2016-10-17 02:05 - 2013-08-22 15:36 - 00000000 ____D C:\Windows\Inf
2016-10-17 01:59 - 2013-08-22 16:44 - 00482648 _____ C:\Windows\system32\FNTCACHE.DAT
2016-10-17 01:58 - 2013-08-22 15:25 - 00262144 ___SH C:\Windows\system32\config\BBI
2016-10-17 01:48 - 2015-12-21 23:10 - 00000000 ____D C:\Program Files (x86)\Belgium Identity Card
2016-10-17 01:48 - 2015-09-05 19:30 - 00000000 ____D C:\Program Files (x86)\BMW
2016-10-17 01:18 - 2015-09-06 16:46 - 00000000 ____D C:\Program Files (x86)\TeamViewer
2016-10-17 01:18 - 2015-09-05 14:39 - 00000000 ____D C:\Program Files (x86)\MSBuild
2016-10-17 01:18 - 2015-08-31 18:14 - 00000000 ____D C:\Program Files (x86)\Qualcomm Atheros
2016-10-17 01:17 - 2015-12-21 23:11 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2016-10-17 01:17 - 2015-09-13 03:12 - 00000000 ____D C:\Program Files (x86)\IObit
2016-10-17 01:17 - 2015-09-13 02:02 - 00000000 ____D C:\Program Files (x86)\Realtek
2016-10-17 01:17 - 2015-09-13 02:00 - 00000000 ___HD C:\Program Files (x86)\Temp
2016-10-17 01:17 - 2015-09-01 20:58 - 00000000 ____D C:\Program Files (x86)\Google
2016-10-17 01:17 - 2015-08-31 19:16 - 00000000 ____D C:\Program Files (x86)\Intel
2016-10-17 01:17 - 2015-08-31 19:12 - 00000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2016-10-17 01:17 - 2015-08-31 18:54 - 00000000 ____D C:\Program Files (x86)\Reference Assemblies
2016-10-17 01:17 - 2015-08-31 18:13 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2016-10-17 01:17 - 2013-08-22 17:36 - 00000000 __SHD C:\Program Files (x86)\Windows Sidebar
2016-10-17 01:17 - 2013-08-22 17:36 - 00000000 ____D C:\Program Files (x86)\Windows Portable Devices
2016-10-17 01:17 - 2013-08-22 17:36 - 00000000 ____D C:\Program Files (x86)\Windows Photo Viewer
2016-10-17 01:17 - 2013-08-22 17:36 - 00000000 ____D C:\Program Files (x86)\Windows NT
2016-10-17 01:17 - 2013-08-22 17:36 - 00000000 ____D C:\Program Files (x86)\Windows Multimedia Platform
2016-10-17 01:14 - 2013-08-22 17:36 - 00000000 ____D C:\Windows\system32\GroupPolicy
2016-10-17 01:08 - 2015-08-31 18:07 - 00000000 ____D C:\Users\Dany\AppData\Local\Packages
2016-10-17 00:54 - 2015-12-12 13:37 - 00000000 ____D C:\Users\Dany\Desktop\PFL
2016-10-17 00:53 - 2013-08-22 17:36 - 00000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2016-10-17 00:52 - 2016-06-24 11:05 - 00000000 ____D C:\Users\Dany\Desktop\ISTA 3.53.13_fr
2016-10-17 00:52 - 2015-11-27 20:50 - 00000000 ____D C:\Users\Dany\Desktop\BMW ISTA TOOLS & TUTOS
2016-10-17 00:52 - 2013-08-22 17:36 - 00000000 ____D C:\Program Files\Common Files\microsoft shared
2016-10-17 00:07 - 2015-09-05 17:31 - 00000000 ____D C:\BMWgroup
2016-10-16 23:55 - 2015-09-05 17:38 - 00001770 _____ C:\Users\Public\Desktop\ETK Admin.lnk
2016-10-16 23:55 - 2015-09-05 17:38 - 00001735 _____ C:\Users\Public\Desktop\ETK (Lokal).lnk
2016-10-16 23:55 - 2015-09-05 17:38 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ETKLokal
2016-10-12 01:10 - 2015-06-07 16:38 - 00812350 _____ C:\Windows\system32\perfh00C.dat
2016-10-12 01:10 - 2015-06-07 16:38 - 00159412 _____ C:\Windows\system32\perfc00C.dat
2016-10-12 01:10 - 2014-03-18 11:47 - 01824010 _____ C:\Windows\system32\PerfStringBackup.INI
2016-10-04 00:09 - 2015-09-01 21:00 - 00002213 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-10-03 23:20 - 2013-08-22 17:36 - 00000000 ____D C:\Windows\AppReadiness
2016-09-27 12:08 - 2013-08-22 17:36 - 00000000 ___HD C:\Program Files\WindowsApps
2016-09-27 11:57 - 2015-08-31 19:12 - 00000000 ____D C:\Users\UpdatusUser
==================== Fichiers à la racine de certains dossiers =======
2016-01-17 00:47 - 2016-01-17 01:47 - 0000115 _____ () C:\Users\Dany\AppData\Roaming\LogFile.txt
2015-12-21 23:29 - 2015-12-21 23:29 - 0000215 _____ () C:\Users\Dany\AppData\Local\config.ini
2015-12-21 23:06 - 2015-12-21 23:06 - 0000000 _____ () C:\Users\Dany\AppData\Local\simedit.log
2015-09-05 19:23 - 2015-09-05 19:23 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
2016-03-19 19:26 - 2016-03-20 16:16 - 0000193 _____ () C:\ProgramData\Microsoft.SqlServer.Compact.351.32.bc
Fichiers à déplacer ou supprimer:
====================
C:\Users\Dany\ZHPDiag3.exe
==================== Bamital & volsnap ======================
(Il n'y a pas de correction automatique pour les fichiers qui ne satisfont pas à la vérification.)
C:\Windows\system32\winlogon.exe => Le fichier est signé numériquement
C:\Windows\system32\wininit.exe => Le fichier est signé numériquement
C:\Windows\explorer.exe => Le fichier est signé numériquement
C:\Windows\SysWOW64\explorer.exe => Le fichier est signé numériquement
C:\Windows\system32\svchost.exe => Le fichier est signé numériquement
C:\Windows\SysWOW64\svchost.exe => Le fichier est signé numériquement
C:\Windows\system32\services.exe => Le fichier est signé numériquement
C:\Windows\system32\User32.dll => Le fichier est signé numériquement
C:\Windows\SysWOW64\User32.dll => Le fichier est signé numériquement
C:\Windows\system32\userinit.exe => Le fichier est signé numériquement
C:\Windows\SysWOW64\userinit.exe => Le fichier est signé numériquement
C:\Windows\system32\rpcss.dll => Le fichier est signé numériquement
C:\Windows\system32\dnsapi.dll => Le fichier est signé numériquement
C:\Windows\SysWOW64\dnsapi.dll => Le fichier est signé numériquement
C:\Windows\system32\Drivers\volsnap.sys => Le fichier est signé numériquement
LastRegBack: 2016-10-12 00:50
==================== Fin de FRST.txt ============================