cjoint

Publicité


Publicité

Format du document : text/plain

Prévisualisation

Résultats d'analyse de Farbar Recovery Scan Tool (FRST) (x64) Version: 17-10-2016
Exécuté par doudou (administrateur) sur DOUDOU-HP (20-10-2016 16:17:49)
Exécuté depuis C:\Users\doudou\Desktop
Profils chargés: doudou (Profils disponibles: doudou)
Platform: Windows 7 Home Premium Service Pack 1 (X64) Langue: Français (France)
Internet Explorer Version 11 (Navigateur par défaut: FF)
Mode d'amorçage: Normal
Tutoriel pour Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processus (Avec liste blanche) =================

(Si un élément est inclus dans le fichier fixlist.txt, le processus sera arrêté. Le fichier ne sera pas déplacé.)

(AuthenTec, Inc) C:\Program Files\Lenovo Fingerprint Reader\TrueSuiteService.exe
(AMD) C:\Windows\System32\atiesrxx.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\stacsv64.exe
(Hewlett-Packard Company) C:\Windows\System32\hpservice.exe
(AMD) C:\Windows\System32\atieclxx.exe
(AuthenTec Inc.) C:\Program Files\Lenovo Fingerprint Reader\TouchControl.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Kingsoft Corporation) C:\Program Files (x86)\kingsoft\kingsoft antivirus\kxescore.exe
(ABBYY) C:\Program Files (x86)\ABBYY FineReader 11\NetworkLicenseServer.exe
(Andrea Electronics Corporation) C:\Program Files\IDT\WDM\AESTSr64.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
(EasyBits Software AS) C:\Windows\SysWOW64\ezSharedSvcHost.exe
(Hewlett-Packard Company) C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
(Microsoft Corporation) C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE
(AuthenTec, Inc.) C:\Program Files\Common Files\AuthenTec\TrueService.exe
(AuthenTec, Inc.) C:\Program Files\Common Files\AuthenTec\TrueService.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\sttray64.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Google Inc.) C:\Users\doudou\AppData\Local\Google\Update\GoogleUpdate.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
(Microsoft Corporation) C:\Users\doudou\AppData\Roaming\Microsoft\Outil de notification de cadeaux MSN\msnotif.exe
(PowerISO Computing, Inc.) C:\Program Files (x86)\PowerISO\PWRISOVM.EXE
(Microsoft Corporation) C:\Windows\SysWOW64\rundll32.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BTStackServer.exe
(CyberLink) C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe
(Google Inc.) C:\Users\doudou\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\doudou\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\doudou\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\doudou\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\doudou\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\doudou\AppData\Local\Google\Chrome\Application\chrome.exe
(MAGIX AG) C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.31.5\GoogleCrashHandler.exe
(HP Inc.) C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.31.5\GoogleCrashHandler64.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Realsil Microelectronics Inc.) C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(HP Inc.) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe


==================== Registre (Avec liste blanche) ====================

(Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé. Le fichier ne sera pas déplacé.)

HKLM\...\Run: [SysTrayApp] => C:\Program Files\IDT\WDM\sttray64.exe [1425408 2012-03-12] (IDT, Inc.)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [3030256 2013-05-07] (Synaptics Incorporated)
HKLM\...\Run: [] => [X]
HKLM-x32\...\Run: [PWRISOVM.EXE] => C:\Program Files (x86)\PowerISO\PWRISOVM.EXE [180224 2009-03-15] (PowerISO Computing, Inc.)
Winlogon\Notify\igfxcui: C:\Windows\SYSTEM32\igfxdev.dll (Intel Corporation)
HKLM\...\Policies\Explorer: [EnableShellExecuteHooks] 0
HKU\S-1-5-21-3474315022-1746984501-1391338485-1000\...\Run: [EPSON Stylus C79 Series] => C:\Windows\system32\spool\DRIVERS\x64\3\E_FATIBGP.EXE [139264 2006-09-22] (SEIKO EPSON CORPORATION)
HKU\S-1-5-21-3474315022-1746984501-1391338485-1000\...\Run: [Google Update] => C:\Users\doudou\AppData\Local\Google\Update\GoogleUpdate.exe [144200 2015-08-31] (Google Inc.)
HKU\S-1-5-21-3474315022-1746984501-1391338485-1000\...\Policies\system: [DisableLockWorkstation] 0
HKU\S-1-5-21-3474315022-1746984501-1391338485-1000\...\Policies\system: [DisableChangePassword] 0
HKU\S-1-5-21-3474315022-1746984501-1391338485-1000\...\MountPoints2: {1b4d6667-a554-11e3-927f-402cf4026c1c} - H:\AutoRun.exe
HKU\S-1-5-21-3474315022-1746984501-1391338485-1000\...\MountPoints2: {1b4d6678-a554-11e3-927f-402cf4026c1c} - H:\AutoRun.exe
HKU\S-1-5-21-3474315022-1746984501-1391338485-1000\...\MountPoints2: {3c1b94f9-a564-11e3-b981-402cf4026c1c} - H:\AutoRun.exe
HKU\S-1-5-21-3474315022-1746984501-1391338485-1000\...\MountPoints2: {75aaab94-df97-11e1-b8f9-cc52afa6c754} - I:\autorun.exe
HKU\S-1-5-21-3474315022-1746984501-1391338485-1000\...\MountPoints2: {aebd9038-e176-11e3-a5c1-cc52afa6c754} - H:\autorun.exe
HKU\S-1-5-21-3474315022-1746984501-1391338485-1000\...\MountPoints2: {afb5e9a1-f1c6-11e3-b842-cc52afa6c754} - H:\AutoRun.exe
Lsa: [Notification Packages] scecli c:\Program Files\WIDCOMM\Bluetooth Software\BtwProximityCP.dll
ShellExecuteHooks-x32: EasyBits ShellExecute Hook - {E54729E8-BB3D-4270-9D49-7389EA579090} - C:\Windows\SysWOW64\ezUPBHook.dll [52920 2011-03-31] (EasyBits Software Corp.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Bluetooth.lnk [2016-10-14]
ShortcutTarget: Bluetooth.lnk -> C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe (Broadcom Corporation.)
Startup: C:\Users\doudou\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\C-cleaner.lnk [2016-10-14]
ShortcutTarget: C-cleaner.lnk -> (Pas de fichier)
Startup: C:\Users\doudou\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Outil de notification de cadeaux MSN.lnk [2016-10-14]
ShortcutTarget: Outil de notification de cadeaux MSN.lnk -> C:\Users\doudou\AppData\Roaming\Microsoft\Outil de notification de cadeaux MSN\msnotif.exe (Microsoft Corporation)
Startup: C:\Users\doudou\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\VideoLAN.lnk [2016-10-14]
ShortcutTarget: VideoLAN.lnk -> (Pas de fichier)

==================== Internet (Avec liste blanche) ====================

(Si un élément est inclus dans le fichier fixlist.txt, s'il s'agit d'un élément du Registre, il sera supprimé ou restauré à la valeur par défaut.)

Hosts: Fichier hosts non détecté dans le dossier par défaut
Tcpip\Parameters: [DhcpNameServer] 192.168.8.1 192.168.8.1
Tcpip\..\Interfaces\{54D1DF28-40A7-4835-BA67-4BC71E0334A0}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{BD1E2DD8-9B48-4E2E-89D8-E104A8AD8D5D}: [DhcpNameServer] 192.168.8.1 192.168.8.1
Tcpip\..\Interfaces\{D410ED44-7066-403C-8C6C-BB62051CE499}: [DhcpNameServer] 192.168.1.1

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/?LinkId=56626&homepage=hxxp://go.microsoft.com/fwlink/p/?LinkId=255141
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/?LinkId=56626&homepage=hxxp://go.microsoft.com/fwlink/p/?LinkId=255141
HKU\S-1-5-21-3474315022-1746984501-1391338485-1000\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\S-1-5-21-3474315022-1746984501-1391338485-1000\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxp://search.msn.com/spbasic.htm
HKU\S-1-5-21-3474315022-1746984501-1391338485-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://google.fr
HKU\S-1-5-21-3474315022-1746984501-1391338485-1000\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://www.ouedkniss.com/annonce/vehicules_auto/1626687/Peugeot+206+1.4+essance+2003
URLSearchHook: [S-1-5-21-3474315022-1746984501-1391338485-1000] ATTENTION => URLSearchHook par défaut est absent
SearchScopes: HKLM -> DefaultScope {9BB47C17-9C68-4BB3-B188-DD9AF0FD2431} URL =
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=HPNTDF&pc=HPNTDF&src=IE-SearchBox
SearchScopes: HKLM -> {0F239958-C7A4-46AA-AE1F-F48B00F2F52B} URL = hxxp://www.amazon.fr/s/ref=azs_osd_ieafr?ie=UTF-8&tag=hp-fr2-vsb-21&link%5Fcode=qs&index=aps&field-keywords={searchTerms}
SearchScopes: HKLM -> {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = hxxp://rover.ebay.com/rover/1/709-111075-12437-3/4?mpre=hxxp://shop.ebay.com/?_nkw={searchTerms}
SearchScopes: HKLM-x32 -> DefaultScope la valeur est absente
SearchScopes: HKLM-x32 -> {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = hxxp://rover.ebay.com/rover/1/709-111075-12437-3/4?mpre=hxxp://shop.ebay.com/?_nkw={searchTerms}
SearchScopes: HKU\S-1-5-21-3474315022-1746984501-1391338485-1000 -> {9D5BD211-422C-4164-9298-BB4186A30F31} URL = hxxp://www.bing.com/search?q={searchTerms}&mkt=fr-FR&form=IE0004
BHO: TrueSuite Browser Helper Object -> {8590886E-EC8C-43C1-A32C-E4C2B0B6395B} -> C:\Program Files\Lenovo Fingerprint Reader\IEBHO.DLL [2013-08-07] (AuthenTec Inc.)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre6\bin\jp2ssv.dll => Pas de fichier
BHO: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll [2016-07-21] (HP Inc.)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\ssv.dll [2015-04-21] (Oracle Corporation)
BHO-x32: TrueSuite Browser Helper Object -> {8590886E-EC8C-43C1-A32C-E4C2B0B6395B} -> C:\Program Files\Lenovo Fingerprint Reader\x86\IEBHO.dll [2013-08-07] (AuthenTec Inc.)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\jp2ssv.dll [2015-04-21] (Oracle Corporation)
BHO-x32: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll [2016-07-21] (HP Inc.)
Toolbar: HKLM - Pas de nom - !{2318C2B1-4965-11d4-9B18-009027A5CD4F} - Pas de fichier
Toolbar: HKLM - Pas de nom - !{82E1477C-B154-48D3-9891-33D83C26BCD3} - Pas de fichier
Toolbar: HKLM - Pas de nom - !{8769adce-dba5-48e9-afb5-67b12cdf2e61} - Pas de fichier
Toolbar: HKLM - Pas de nom - !{9421DD08-935F-4701-A9CA-22DF90AC4EA6} - Pas de fichier
Toolbar: HKLM - Pas de nom - !{95B7759C-8C7F-4BF1-B163-73684A933233} - Pas de fichier
Toolbar: HKLM - Pas de nom - !{977AE9CC-AF83-45E8-9E03-E2798216E2D5} - Pas de fichier
Toolbar: HKLM-x32 - Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll [2011-03-01] (Microsoft Corporation.)
Toolbar: HKLM-x32 - Pas de nom - {504C5432-2D56-3700-76A7-7A786E7484D7} - Pas de fichier
Toolbar: HKLM-x32 - Pas de nom - !{2318C2B1-4965-11d4-9B18-009027A5CD4F} - Pas de fichier
Toolbar: HKLM-x32 - Pas de nom - !{82E1477C-B154-48D3-9891-33D83C26BCD3} - Pas de fichier
Toolbar: HKLM-x32 - Pas de nom - !{8769adce-dba5-48e9-afb5-67b12cdf2e61} - Pas de fichier
Toolbar: HKLM-x32 - Pas de nom - !{9421DD08-935F-4701-A9CA-22DF90AC4EA6} - Pas de fichier
Toolbar: HKLM-x32 - Pas de nom - !{95B7759C-8C7F-4BF1-B163-73684A933233} - Pas de fichier
Toolbar: HKLM-x32 - Pas de nom - !{977AE9CC-AF83-45E8-9E03-E2798216E2D5} - Pas de fichier
DPF: HKLM-x32 {867E13F2-7F31-44FB-AC97-CD38E0DC46EF} hxxp://fichiers2.touslesdrivers.com/maconfig/MaConfig_6_0_3_0.cab
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll [2016-02-01] (Skype Technologies)

FireFox:
========
FF ProfilePath: C:\Users\doudou\AppData\Roaming\Mozilla\Firefox\Profiles\xqs8lvcw.default-1475915723318 [2016-10-20]
FF Extension: (TrueSuite Website Logon) - C:\Program Files (x86)\Mozilla Firefox\distribution\bundles\websitelogon@truesuite.com [2016-10-12] [non signé]
FF HKU\S-1-5-21-3474315022-1746984501-1391338485-1000\...\SeaMonkey\Extensions: [mozilla_cc2@internetdownloadmanager.com] - C:\Program Files (x86)\Internet Download Manager\idmmzcc2.xpi
FF Extension: (IDM integration) - C:\Program Files (x86)\Internet Download Manager\idmmzcc2.xpi [2016-09-21]
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_23_0_0_185.dll [2016-10-11] ()
FF Plugin: @microsoft.com/GENUINE -> disabled [Pas de fichier]
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.41212.0\npctrl.dll [2015-12-11] ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=2.1.5 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2014-09-22] (VideoLAN)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_23_0_0_185.dll [2016-10-11] ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\system32\Adobe\Director\np32dsw.dll [Pas de fichier]
FF Plugin-x32: @authentec.com/ffwloplugin -> C:\Program Files\Lenovo Fingerprint Reader\npffwloplugin.dll [2013-08-07] (AuthenTec, Inc)
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll [2015-05-21] (Google)
FF Plugin-x32: @java.com/DTPlugin,version=11.45.2 -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\dtplugin\npDeployJava1.dll [2015-04-21] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.45.2 -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\plugin2\npjp2.dll [2015-04-21] (Oracle Corporation)
FF Plugin-x32: @messenger.yahoo.com/YahooMessengerStatePlugin;version=1.0.0.6 -> C:\Program Files (x86)\Yahoo!\Shared\npYState.dll [Pas de fichier]
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [Pas de fichier]
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.41212.0\npctrl.dll [2015-12-11] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [Pas de fichier]
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [Pas de fichier]
FF Plugin-x32: @real.com/nppl3260;version=6.0.12.69 -> C:\Program Files (x86)\Video Convert Premier\codec\real\browser\plugins\nppl3260.dll [Pas de fichier]
FF Plugin-x32: @real.com/nprpjplug;version=6.0.12.69 -> C:\Program Files (x86)\Video Convert Premier\codec\real\browser\plugins\nprpjplug.dll [Pas de fichier]
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-07-29] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-07-29] (Google Inc.)
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll [2016-04-01] ()
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll [2015-09-24] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-3474315022-1746984501-1391338485-1000: @Skype Limited.com/Facebook Video Calling Plugin -> C:\Users\doudou\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll [2014-07-24] (Skype Limited)
FF Plugin HKU\S-1-5-21-3474315022-1746984501-1391338485-1000: @tools.google.com/Google Update;version=3 -> C:\Users\doudou\AppData\Local\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-07-28] (Google Inc.)
FF Plugin HKU\S-1-5-21-3474315022-1746984501-1391338485-1000: @tools.google.com/Google Update;version=9 -> C:\Users\doudou\AppData\Local\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-07-28] (Google Inc.)

Chrome:
=======
CHR DefaultProfile: Profile 1
CHR HomePage: Profile 1 -> msn.com/?pc=__PARAM__&ocid=__PARAM__DHP&osmkt=fr-fr
CHR DefaultSearchURL: Profile 1 -> hxxp://%66%65%65%64.%68%65%6C%70%65%72%62%61%72.%63%6F%6D/?p=mKO_AwFzXIpYRYEqQao2TxTGptbOxpBNbqiwsrfOqu9TNB1EQuWoAe1QRw_7nVWW11xA0SNraUhmBoa5HOPxJ5SEds8qHCYVE9gUrTjVvqdXTP5fzE0aXQbSoIpFVGeFSQCulA5oAujdnfi-t5ufNm4TncEX2RyybMj-L9fgMzvOBLFs4eUsG11AgwJQVoK6Q4qZvpfIqVM,&q={searchTerms}
CHR DefaultSearchKeyword: Profile 1 -> feed.sonic-search.com
CHR DefaultSuggestURL: Profile 1 -> hxxps://search.yahoo.com/sugg/chrome?output=fxjson&appid=crmas&command={searchTerms}
CHR Profile: C:\Users\doudou\AppData\Local\Google\Chrome\User Data\Profile 1 [2016-10-20]
CHR Extension: (Google Docs) - C:\Users\doudou\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aohghmighlieiainnegkcijnfilokake [2016-09-04]
CHR Extension: (Google Drive) - C:\Users\doudou\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-09-04]
CHR Extension: (YouTube) - C:\Users\doudou\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-09-04]
CHR Extension: (Website Logon) - C:\Users\doudou\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\clglhglbidpdbjffpfcldkifhdegdfle [2016-09-04]
CHR Extension: (Google Docs hors connexion) - C:\Users\doudou\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-09-04]
CHR Extension: (Utos) - C:\Users\doudou\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\leafpkahdpigbdceocebmhamgfafaign [2016-10-02]
CHR Extension: (Paiements via le Chrome Web Store) - C:\Users\doudou\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-09-04]
CHR Extension: (Gmail) - C:\Users\doudou\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-09-04]
CHR Extension: (Chrome Media Router) - C:\Users\doudou\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2016-09-22]
CHR HKLM\...\Chrome\Extension: [jeaohhlajejodfjadcponpnjgkiikocn] - C:\Program Files (x86)\Internet Download Manager\IDMGCExt.crx [2013-06-28]
CHR HKLM\...\Chrome\Extension: [ngpampappnmepgilojfohadhhmbhlaek] - C:\Program Files (x86)\Internet Download Manager\IDMGCExt.crx [2013-06-28]
CHR HKU\S-1-5-21-3474315022-1746984501-1391338485-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [fcfenmboojpjinhpgggodefccipikbpd] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [clglhglbidpdbjffpfcldkifhdegdfle] - C:\Program Files\Lenovo Fingerprint Reader\x86\tschrome.crx [2013-04-01]
StartMenuInternet: Google Chrome.OMOLTAZOD5YLVM7PT7II66BV4E - C:\Users\doudou\AppData\Local\Google\Chrome\Application\chrome.exe

==================== Services (Avec liste blanche) ====================

(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)

R2 ABBYY.Licensing.FineReader.Professional.11.0; C:\Program Files (x86)\ABBYY FineReader 11\NetworkLicenseServer.exe [819976 2011-08-18] (ABBYY)
R2 ezSharedSvc; C:\Windows\SysWOW64\ezSharedSvcHost.exe [514232 2010-04-23] (EasyBits Software AS) [Fichier non signé]
R2 Fabs; C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe [1840128 2011-05-24] (MAGIX AG) [Fichier non signé]
S3 FirebirdServerMAGIXInstance; C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\fbserver.exe [2702848 2011-04-26] (MAGIX®) [Fichier non signé]
R2 FPLService; C:\Program Files\Lenovo Fingerprint Reader\TrueSuiteService.exe [2139944 2013-08-07] (AuthenTec, Inc)
S3 GamesAppIntegrationService; C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe [350064 2016-04-01] (WildTangent)
R2 HPSupportSolutionsFrameworkService; C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe [29728 2016-08-15] (HP Inc.)
R2 kxescore; c:\program files (x86)\kingsoft\kingsoft antivirus\kxescore.exe [123992 2013-12-13] (Kingsoft Corporation)
S3 MSCSPTISRV; C:\Program Files (x86)\Common Files\Sony Shared\AVLib\MSCSPTISRV.exe [53248 2007-11-28] (Sony Corporation) [Fichier non signé]
S3 PACSPTISVR; C:\Program Files (x86)\Common Files\Sony Shared\AVLib\PACSPTISVR.exe [53248 2007-11-28] (Sony Corporation) [Fichier non signé]
S3 SonicStage Back-End Service; C:\Program Files (x86)\Common Files\Sony Shared\AVLib\SsBeSvc.exe [112184 2007-02-05] (Sony Corporation)
S3 SPTISRV; C:\Program Files (x86)\Common Files\Sony Shared\AVLib\SPTISRV.exe [77824 2007-11-28] (Sony Corporation) [Fichier non signé]
S3 SSScsiSV; C:\Program Files (x86)\Common Files\Sony Shared\AVLib\SSScsiSV.exe [75320 2007-02-05] (Sony Corporation)
S2 ToolManagerService; C:\Program Files (x86)\ToolManager\ToolManager.exe [43024 2013-12-03] ()
R3 TrueService; C:\Program Files\Common Files\AuthenTec\TrueService.exe [401704 2013-07-22] (AuthenTec, Inc.)
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)

===================== Pilotes (Avec liste blanche) ======================

(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)

U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-14] (Microsoft Corporation)
R1 avgtp; C:\Windows\system32\drivers\avgtpx64.sys [46368 2013-11-19] (AVG Technologies)
R3 BTWDPAN; C:\Windows\System32\DRIVERS\btwdpan.sys [89640 2012-02-01] (Broadcom Corporation.)
S3 cmusbser; C:\Windows\System32\DRIVERS\cmusbser.sys [118144 2008-08-29] (Mobile Connector)
S3 ebdrv; C:\Windows\system32\drivers\evbda.sys [3286016 2009-06-10] (Broadcom Corporation)
S3 ew_hwusbdev; C:\Windows\System32\DRIVERS\ew_hwusbdev.sys [109568 2013-11-14] (Huawei Technologies Co., Ltd.) [Fichier non signé]
S3 ew_usbenumfilter; C:\Windows\System32\DRIVERS\ew_usbenumfilter.sys [14976 2013-11-14] (Huawei Technologies Co., Ltd.) [Fichier non signé]
S3 hitmanpro37; C:\Windows\system32\drivers\hitmanpro37.sys [54736 2016-10-14] ()
R1 HssDRV6; C:\Windows\System32\DRIVERS\hssdrv6.sys [41224 2012-06-01] (AnchorFree Inc.)
S3 huawei_cdcacm; C:\Windows\System32\DRIVERS\ew_jucdcacm.sys [110592 2013-11-14] (Huawei Technologies Co., Ltd.) [Fichier non signé]
S3 huawei_enumerator; C:\Windows\System32\DRIVERS\ew_jubusenum.sys [91648 2013-11-14] (Huawei Technologies Co., Ltd.) [Fichier non signé]
S3 huawei_ext_ctrl; C:\Windows\System32\DRIVERS\ew_juextctrl.sys [30720 2013-11-14] (Huawei Technologies Co., Ltd.) [Fichier non signé]
S3 huawei_wwanecm; C:\Windows\System32\DRIVERS\ew_juwwanecm.sys [246272 2013-11-14] (Huawei Technologies Co., Ltd.) [Fichier non signé]
R0 kavbootc; C:\Windows\System32\drivers\kavbootc64.sys [31848 2013-12-13] (Kingsoft Corporation)
R1 KDHacker; c:\program files (x86)\kingsoft\kingsoft antivirus\security\kxescan\kdhacker64.sys [164696 2013-12-13] (Kingsoft Corporation)
R2 kisknl; C:\Windows\system32\drivers\kisknl.sys [210296 2013-12-13] (Kingsoft Corporation)
S3 SmbDrv; C:\Windows\System32\DRIVERS\Smb_driver.sys [21264 2012-03-15] (Synaptics Incorporated)
R3 SmbDrvI; C:\Windows\System32\DRIVERS\Smb_driver_Intel.sys [33008 2013-05-07] (Synaptics Incorporated)
U3 TrueSight; C:\Windows\System32\drivers\TrueSight.sys [28272 2016-10-13] ()
R3 whfltr2k; C:\Windows\System32\DRIVERS\whfltr2k.sys [10368 2009-09-16] ()
S3 catchme; \??\C:\Users\doudou\AppData\Local\Temp\catchme.sys [X]
S3 CpqDfw; system32\drivers\CpqDfw.sys [X]
U3 DfSdkS; pas de ImagePath
S3 MBAMSwissArmy; \??\C:\Windows\system32\drivers\MBAMSwissArmy.sys [X]
S3 WinRing0_1_2_0; \??\C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPActiveHealth\ActiveHealth.sys [X]

==================== NetSvcs (Avec liste blanche) ===================

(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)


==================== Un mois - Créés - fichiers et dossiers ========

(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)

2016-10-20 16:17 - 2016-10-20 16:19 - 00026480 _____ C:\Users\doudou\Desktop\FRST.txt
2016-10-20 16:14 - 2016-10-20 16:14 - 00005294 ____C C:\TDSSKiller.3.1.0.11_20.10.2016_16.14.03_log.txt
2016-10-20 16:13 - 2013-12-13 14:00 - 00210296 _____ (Kingsoft Corporation) C:\Windows\system32\Drivers\kisknl.sys
2016-10-20 16:12 - 2016-10-20 16:12 - 00210033 _____ C:\Users\doudou\Desktop\TDSS rootkit removing tool.txt
2016-10-20 16:10 - 2016-10-20 16:10 - 00000000 ___DC C:\TDSSKiller_Quarantine
2016-10-20 15:52 - 2016-10-20 16:12 - 00420160 ____C C:\TDSSKiller.3.1.0.11_20.10.2016_15.52.28_log.txt
2016-10-20 15:50 - 2016-10-20 15:50 - 00002376 ____C C:\TDSSKiller.3.1.0.11_20.10.2016_15.50.21_log.txt
2016-10-20 15:24 - 2016-10-20 15:25 - 04747704 _____ (AO Kaspersky Lab) C:\Users\doudou\Downloads\tdsskiller.exe
2016-10-20 15:24 - 2016-10-20 15:25 - 04747704 _____ (AO Kaspersky Lab) C:\Users\doudou\Desktop\tdsskiller.exe
2016-10-19 11:40 - 2016-10-19 11:40 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Fingerprint Reader
2016-10-18 18:41 - 2016-10-18 18:42 - 00262144 _____ C:\Windows\Minidump\101816-42603-01.dmp
2016-10-18 18:40 - 2016-10-18 18:40 - 688945836 _____ C:\Windows\MEMORY.DMP
2016-10-18 12:51 - 2016-10-18 14:36 - 00000336 _____ C:\Windows\Tasks\HPCeeScheduleFordoudou.job
2016-10-18 12:51 - 2016-10-18 12:51 - 00003192 _____ C:\Windows\System32\Tasks\HPCeeScheduleFordoudou
2016-10-16 18:22 - 2016-10-20 16:17 - 00000000 ___DC C:\FRST
2016-10-16 18:20 - 2016-10-18 16:53 - 02407424 ____C (Farbar) C:\Users\doudou\Desktop\FRST64.exe
2016-10-16 18:20 - 2016-10-16 18:20 - 02406912 _____ (Farbar) C:\Users\doudou\Downloads\FRST64.exe
2016-10-15 18:25 - 2016-10-17 09:19 - 00000000 ____D C:\Users\doudou\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Périphériques Bluetooth
2016-10-15 16:17 - 2016-10-15 16:20 - 09052608 _____ C:\Users\doudou\Downloads\bitdefender_windows_737a340d-18c4-4386-b726-c1a41b614fb9.exe
2016-10-15 15:35 - 2016-10-15 15:35 - 00007900 _____ C:\Users\doudou\Desktop\ZHPFixReport.txt
2016-10-15 15:25 - 2016-10-15 15:59 - 00000000 ____D C:\Program Files (x86)\ZHPFix
2016-10-15 15:09 - 2016-10-15 15:11 - 03521617 _____ (Nicolas Coolman ) C:\Users\doudou\Downloads\ZHPFix.exe
2016-10-14 19:59 - 2016-10-14 20:09 - 22851472 _____ (Malwarebytes ) C:\Users\doudou\Downloads\mbam-setup-cnet.35891-2.2.1.1043.exe
2016-10-14 16:41 - 2016-10-14 16:41 - 00003866 _____ C:\Windows\system32\.crusader
2016-10-14 16:24 - 2016-10-14 16:44 - 00054736 _____ C:\Windows\system32\Drivers\hitmanpro37.sys
2016-10-14 16:24 - 2016-10-14 16:43 - 00000000 ____D C:\ProgramData\HitmanPro
2016-10-14 13:58 - 2016-10-14 13:59 - 02405888 _____ C:\Users\doudou\Desktop\ZHPDiag3(1).exe
2016-10-14 13:56 - 2016-10-14 13:56 - 02405888 _____ C:\Users\doudou\ZHPDiag3.exe
2016-10-13 22:53 - 2016-10-13 22:55 - 00000000 ___DC C:\AuthLog
2016-10-13 22:46 - 2016-10-13 22:55 - 00000000 ___DC C:\AdwCleaner
2016-10-13 13:08 - 2016-10-14 22:25 - 00001927 _____ C:\Users\doudou\Desktop\Mozilla Firefox.lnk
2016-10-13 13:07 - 2016-10-13 13:07 - 00000000 _____ C:\Windows\SysWOW64\sho8D7F.tmp
2016-10-13 07:54 - 2016-10-13 20:12 - 00028272 _____ C:\Windows\system32\Drivers\TrueSight.sys
2016-10-13 07:51 - 2016-10-14 19:57 - 00000000 ____D C:\Program Files\RogueKiller
2016-10-13 07:51 - 2016-10-13 07:51 - 00000000 ____D C:\ProgramData\RogueKiller
2016-10-12 21:31 - 2016-10-12 21:32 - 00000000 ____D C:\Program Files (x86)\smadav
2016-10-12 20:32 - 2016-10-12 20:32 - 00000000 ____D C:\Windows\erdnt
2016-10-12 14:30 - 2016-10-12 14:31 - 02397184 _____ C:\Users\doudou\Downloads\ZHPDiag3.exe
2016-10-12 11:59 - 2016-10-12 16:52 - 00000000 ____D C:\Users\doudou\AppData\Local\FSDART
2016-10-12 11:59 - 2016-10-12 11:59 - 00000000 ____D C:\ProgramData\F-Secure
2016-10-10 13:28 - 2016-10-10 13:28 - 01807645 _____ C:\Users\doudou\Desktop\secu.pdf
2016-10-08 09:35 - 2016-10-08 09:35 - 00000000 ____D C:\Users\doudou\Desktop\Anciennes données de Firefox
2016-10-08 09:24 - 2016-10-14 22:26 - 00001123 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2016-10-08 09:24 - 2016-10-08 09:24 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2016-10-04 19:28 - 2016-10-04 19:28 - 00000000 ____D C:\Users\doudou\Nouveau dossier (2)
2016-10-03 12:19 - 2016-10-07 20:25 - 00000000 ____D C:\Program Files (x86)\Internet Download Manager
2016-10-03 12:19 - 2016-10-07 15:59 - 00000000 ____D C:\Users\doudou\AppData\Roaming\IDM
2016-09-25 18:02 - 2016-09-25 18:02 - 00003166 _____ C:\Windows\System32\Tasks\{83C5E49B-11BA-4BC8-A196-72FC74BCB8C5}
2016-09-25 17:59 - 2016-09-25 17:59 - 00000020 _____ C:\Windows\Ð÷7
2016-09-24 12:18 - 2016-09-24 12:18 - 00000000 ____D C:\ProgramData\IDM

==================== Un mois - Modifiés - fichiers et dossiers ========

(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)

2016-10-20 16:20 - 2011-03-31 20:25 - 00762694 _____ C:\Windows\system32\perfh00C.dat
2016-10-20 16:20 - 2011-03-31 20:25 - 00155300 _____ C:\Windows\system32\perfc00C.dat
2016-10-20 16:20 - 2009-07-14 06:13 - 01699400 _____ C:\Windows\system32\PerfStringBackup.INI
2016-10-20 16:20 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\inf
2016-10-20 16:13 - 2014-05-22 09:24 - 00000000 ____D C:\Program Files (x86)\HSPA USB Modem
2016-10-20 16:13 - 2012-08-20 15:16 - 00065536 _____ C:\Windows\system32\Ikeext.etl
2016-10-20 16:13 - 2012-03-16 19:41 - 00000000 ____D C:\Users\doudou\AppData\LocalLow\AuthenTec
2016-10-20 16:13 - 2009-07-14 06:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2016-10-20 15:57 - 2009-07-14 05:45 - 00032064 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2016-10-20 15:57 - 2009-07-14 05:45 - 00032064 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2016-10-20 14:40 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\tracing
2016-10-19 20:14 - 2012-03-17 12:06 - 00003944 _____ C:\Windows\System32\Tasks\User_Feed_Synchronization-{4468F9DC-E7D4-44B4-94D4-CF1A08AFE57D}
2016-10-19 18:57 - 2009-07-14 06:08 - 00032482 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2016-10-19 03:02 - 2012-03-16 20:12 - 00000000 ____D C:\Users\doudou\AppData\Local\CrashDumps
2016-10-18 18:41 - 2012-08-30 16:13 - 00000000 ____D C:\Windows\Minidump
2016-10-16 17:20 - 2013-10-09 08:04 - 00000000 ____D C:\Users\doudou\AppData\Roaming\vlc
2016-10-15 16:21 - 2012-03-17 22:38 - 00000000 ____D C:\Dossier Général
2016-10-15 15:35 - 2015-02-13 14:05 - 00000000 RSHDC C:\Google
2016-10-15 15:35 - 2013-12-11 18:36 - 00000000 ____D C:\Users\doudou\AppData\Roaming\ZHP
2016-10-15 15:29 - 2012-06-14 00:04 - 00000000 ____D C:\Program Files (x86)\Yahoo!
2016-10-14 22:26 - 2015-10-15 21:12 - 00002116 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Earth.lnk
2016-10-14 22:26 - 2012-04-09 19:54 - 00002557 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Visionneuse Microsoft PowerPoint .lnk
2016-10-14 22:26 - 2012-03-17 11:56 - 00002217 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MusicStation.lnk
2016-10-14 22:26 - 2011-10-20 12:46 - 00001345 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Media Center.lnk
2016-10-14 22:26 - 2011-10-20 12:46 - 00001326 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows DVD Maker.lnk
2016-10-14 22:26 - 2011-03-31 10:58 - 00001962 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Magic Desktop.lnk
2016-10-14 22:26 - 2011-03-31 10:57 - 00002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader X.lnk
2016-10-14 22:26 - 2009-07-14 05:57 - 00001547 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
2016-10-14 22:26 - 2009-07-14 05:57 - 00001352 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Anytime Upgrade.lnk
2016-10-14 22:26 - 2009-07-14 05:57 - 00001330 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sidebar.lnk
2016-10-14 22:26 - 2009-07-14 05:57 - 00001246 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\XPS Viewer.lnk
2016-10-14 22:26 - 2009-07-14 05:54 - 00001210 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Fax and Scan.lnk
2016-10-14 22:25 - 2016-03-27 01:55 - 00001947 _____ C:\Users\doudou\Desktop\Paltalk Messenger.lnk
2016-10-14 22:25 - 2016-03-27 01:55 - 00001228 _____ C:\Users\doudou\Desktop\Upgrade to Paltalk Extreme.lnk
2016-10-14 22:25 - 2016-01-07 06:58 - 00002191 _____ C:\Users\doudou\Desktop\HP Support Assistant.lnk
2016-10-14 22:25 - 2015-10-11 12:17 - 00001843 _____ C:\Users\doudou\Desktop\Internet Explorer.lnk
2016-10-14 22:25 - 2014-10-01 02:03 - 00000875 _____ C:\Users\Public\Desktop\VLC media player.lnk
2016-10-14 22:25 - 2014-09-27 04:01 - 00002697 _____ C:\Users\Public\Desktop\Skype.lnk
2016-10-14 22:25 - 2014-08-18 21:23 - 00000833 _____ C:\Users\doudou\AppData\Roaming\Microsoft\Windows\Start Menu\µTorrent.lnk
2016-10-14 22:25 - 2014-07-26 07:22 - 00002380 _____ C:\Users\doudou\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-10-14 22:25 - 2014-07-26 07:22 - 00002372 _____ C:\Users\doudou\Desktop\Google Chrome.lnk
2016-10-14 22:25 - 2013-12-13 14:00 - 00001063 _____ C:\Users\Public\Desktop\Kingsoft Antivirus.lnk
2016-10-14 22:25 - 2013-10-07 18:47 - 00001327 _____ C:\Users\Public\Desktop\Ashampoo Burning Studio 2012.lnk
2016-10-14 22:25 - 2013-10-07 18:45 - 00002278 _____ C:\Users\Public\Desktop\1-Click-Optimizer (WO2012).lnk
2016-10-14 22:25 - 2013-10-07 18:45 - 00001256 _____ C:\Users\Public\Desktop\Ashampoo WinOptimizer 2012.lnk
2016-10-14 22:25 - 2013-10-07 18:44 - 00001351 _____ C:\Users\Public\Desktop\Ashampoo Slideshow Studio 2012.lnk
2016-10-14 22:25 - 2013-10-07 18:32 - 00001237 _____ C:\Users\Public\Desktop\Ashampoo Photo Commander 9.lnk
2016-10-14 22:25 - 2013-05-06 02:22 - 00002258 _____ C:\Users\doudou\Desktop\IBM SPSS Statistics 19.lnk
2016-10-14 22:25 - 2013-03-14 17:20 - 00002885 _____ C:\Users\Public\Desktop\ABBYY FineReader 11.lnk
2016-10-14 22:25 - 2013-03-14 15:33 - 00001281 _____ C:\ProgramData\Microsoft\Windows\Start Menu\CutePDF Pro (Evaluation).lnk
2016-10-14 22:25 - 2012-11-01 01:15 - 00002139 _____ C:\Users\doudou\Desktop\Express English.lnk
2016-10-14 22:25 - 2012-04-27 21:55 - 00001011 _____ C:\Users\Public\Desktop\PowerISO.lnk
2016-10-14 22:25 - 2012-03-18 20:51 - 00002474 _____ C:\Users\doudou\Desktop\Windows Live Messenger.lnk
2016-10-14 22:25 - 2012-03-17 12:26 - 00001202 _____ C:\Users\doudou\Desktop\Format Factory.lnk
2016-10-14 22:25 - 2012-03-17 12:01 - 00001433 _____ C:\Users\doudou\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2016-10-14 22:25 - 2012-03-17 11:56 - 00002010 _____ C:\Users\Public\Desktop\Snapfish.lnk
2016-10-14 22:25 - 2011-03-31 10:45 - 00002420 _____ C:\Users\Public\Desktop\WildTangent Games App - hp.lnk
2016-10-14 22:25 - 2009-07-14 06:01 - 00001282 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Default Programs.lnk
2016-10-14 22:25 - 2009-07-14 05:49 - 00001266 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Windows Update.lnk
2016-10-14 22:24 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\SchCache
2016-10-14 22:23 - 2012-08-03 20:02 - 00000000 ____D C:\Users\doudou\AppData\Roaming\uTorrent
2016-10-14 22:21 - 2009-07-14 06:32 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2016-10-14 22:20 - 2015-02-13 14:06 - 00000000 RSHDC C:\Skypee
2016-10-14 22:20 - 2014-09-26 21:20 - 00000000 ____D C:\Users\doudou\AppData\Roaming\Tera Copy Pro 2.3
2016-10-14 22:20 - 2013-12-12 00:01 - 00000000 ____D C:\Program Files (x86)\Gooclic
2016-10-14 22:20 - 2012-04-21 14:16 - 00000000 ____D C:\Users\doudou\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games
2016-10-14 21:50 - 2016-09-09 12:21 - 00000000 ____D C:\Users\doudou\AppData\LocalLow\uTorrent
2016-10-14 20:11 - 2013-12-12 16:09 - 00000000 ____D C:\ProgramData\Malwarebytes
2016-10-14 16:17 - 2012-03-22 11:43 - 00000000 ____D C:\Users\doudou\AppData\Local\ElevatedDiagnostics
2016-10-14 14:25 - 2012-03-16 20:42 - 00000000 ____D C:\Users\doudou\Documents\Youcam
2016-10-14 13:56 - 2012-03-16 19:41 - 00000000 ____D C:\Users\doudou
2016-10-13 22:51 - 2015-01-29 11:27 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2016-10-12 21:07 - 2015-03-03 18:00 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SMADAV Antivirus
2016-10-12 19:13 - 2015-03-03 18:00 - 00003244 _____ C:\Windows\System32\Tasks\smadav
2016-10-12 19:13 - 2012-03-17 12:00 - 00003712 _____ C:\Windows\System32\Tasks\Registration
2016-10-12 15:12 - 2009-07-14 03:34 - 00000219 _____ C:\Windows\system.ini
2016-10-12 04:42 - 2012-03-17 12:30 - 00000000 ____D C:\Users\doudou\Downloads\Video
2016-10-11 20:20 - 2012-04-04 14:33 - 00000000 ____D C:\Windows\system32\Macromed
2016-10-11 20:20 - 2012-04-03 08:02 - 00796352 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2016-10-11 20:20 - 2012-03-20 16:38 - 00142528 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2016-10-11 20:20 - 2011-03-31 10:45 - 00000000 ____D C:\Windows\SysWOW64\Macromed
2016-10-08 08:53 - 2014-10-27 11:54 - 00001414 _____ C:\Windows\SysWOW64\logFile.xml
2016-10-07 17:37 - 2016-09-17 10:23 - 00000000 ____D C:\Users\doudou\Desktop\وثائق الأستاذ
2016-10-04 19:26 - 2012-03-18 20:29 - 00000000 ____D C:\Users\doudou\AppData\Roaming\SoftGrid Client
2016-10-03 11:35 - 2012-06-13 00:41 - 00043008 _____ C:\Users\doudou\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2016-10-02 12:31 - 2012-07-02 17:54 - 00000000 ____D C:\temp
2016-09-30 13:29 - 2016-08-03 23:08 - 00000000 ____D C:\Users\doudou\Desktop\Nouveau dossier (3)
2016-09-29 18:29 - 2015-06-29 12:01 - 00004476 _____ C:\Windows\System32\Tasks\Adobe Acrobat Update Task
2016-09-26 18:16 - 2012-03-16 20:50 - 00000000 ____D C:\Users\doudou\AppData\Roaming\Skype
2016-09-25 18:07 - 2014-09-27 21:12 - 00000000 ____D C:\Program Files (x86)\BlueStacks
2016-09-25 18:07 - 2009-07-14 04:20 - 00000000 __RHD C:\Users\Public\Libraries
2016-09-25 17:59 - 2009-07-14 04:20 - 00000000 ____D C:\Program Files\Common Files\Microsoft Shared
2016-09-25 17:50 - 2012-03-16 19:47 - 00000000 ____D C:\Users\doudou\Tracing

==================== Fichiers à la racine de certains dossiers =======

2012-06-06 05:06 - 2012-06-06 05:06 - 2174976 _____ (Advanced Micro Devices Inc.) C:\Program Files (x86)\Common Files\atimpenc.dll
2016-09-01 13:00 - 2016-09-01 13:00 - 7118336 _____ () C:\Users\doudou\AppData\Roaming\agent.dat
2010-09-22 00:00 - 2010-09-22 00:00 - 0002141 _____ () C:\Users\doudou\AppData\Roaming\CouponBoulle.b
2016-09-01 12:58 - 2016-09-01 12:58 - 0138240 _____ () C:\Users\doudou\AppData\Roaming\Installer.dat
2016-09-01 13:00 - 2016-09-01 13:00 - 0018432 _____ () C:\Users\doudou\AppData\Roaming\Main.dat
1991-07-10 00:00 - 1991-07-10 00:00 - 0074841 _____ () C:\Users\doudou\AppData\Roaming\Midland.vhR
2012-06-13 00:41 - 2016-10-03 11:35 - 0043008 _____ () C:\Users\doudou\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2015-07-15 20:53 - 2015-06-15 22:42 - 98242432 ___SH () C:\ProgramData\msmwb.exe
2015-04-07 05:30 - 2015-04-07 05:30 - 0000902 _____ () C:\ProgramData\ProgramData.lnk

Fichiers à déplacer ou supprimer:
====================
C:\ProgramData\msmwb.exe
C:\Users\doudou\ZHPDiag3.exe


==================== Bamital & volsnap ======================

(Il n'y a pas de correction automatique pour les fichiers qui ne satisfont pas à la vérification.)

C:\Windows\system32\winlogon.exe => Le fichier est signé numériquement
C:\Windows\system32\wininit.exe => Le fichier est signé numériquement
C:\Windows\SysWOW64\wininit.exe => Le fichier est signé numériquement
C:\Windows\explorer.exe => Le fichier est signé numériquement
C:\Windows\SysWOW64\explorer.exe => Le fichier est signé numériquement
C:\Windows\system32\svchost.exe => Le fichier est signé numériquement
C:\Windows\SysWOW64\svchost.exe => Le fichier est signé numériquement
C:\Windows\system32\services.exe => Le fichier est signé numériquement
C:\Windows\system32\User32.dll => Le fichier est signé numériquement
C:\Windows\SysWOW64\User32.dll => Le fichier est signé numériquement
C:\Windows\system32\userinit.exe => Le fichier est signé numériquement
C:\Windows\SysWOW64\userinit.exe => Le fichier est signé numériquement
C:\Windows\system32\rpcss.dll => Le fichier est signé numériquement
C:\Windows\system32\dnsapi.dll => Le fichier est signé numériquement
C:\Windows\SysWOW64\dnsapi.dll => Le fichier est signé numériquement
C:\Windows\system32\Drivers\volsnap.sys => Le fichier est signé numériquement


testsigning: ==> 'testsigning' est activé. Rechercher un éventuel pilote non signé <===== ATTENTION


LastRegBack: 2016-09-17 19:58

==================== Fin de FRST.txt ============================

Publicité


Signaler le contenu de ce document

Publicité