Publicité
Publicité
Format du document : text/plain
Prévisualisation
Résultats d'analyse de Farbar Recovery Scan Tool (FRST) (x86) Version: 19-04-2017
Exécuté par Otam (administrateur) sur IAN (20-04-2017 12:03:34)
Exécuté depuis C:\Documents and Settings\Otam\Bureau
Profils chargés: Otam (Profils disponibles: Otam & Administrateur)
Platform: Microsoft Windows XP Édition familiale Service Pack 3 (X86) Langue: Français (France)
Internet Explorer Version 8 (Navigateur par défaut: Chrome)
Mode d'amorçage: Normal
Tutoriel pour Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processus (Avec liste blanche) =================
(Si un élément est inclus dans le fichier fixlist.txt, le processus sera arrêté. Le fichier ne sera pas déplacé.)
(Intel Corporation) C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
(Intel Corporation ) C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
(Acronis) C:\Program Files\Fichiers communs\Acronis\Schedule2\schedul2.exe
(Acronis) C:\Program Files\Fichiers communs\Acronis\CDP\afcdpsrv.exe
(Apple Inc.) C:\Program Files\Fichiers communs\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Microsoft Corporation) C:\WINDOWS\System32\RUNDLL32.EXE
(Realtek Semiconductor Corp.) C:\WINDOWS\RTHDCPL.EXE
() C:\WINDOWS\ATK0100\HControl.exe
() C:\Program Files\Wireless Console 2\wcourier.exe
(Intel Corporation) C:\Program Files\Intel\Wireless\Bin\ZCfgSvc.exe
(Intel Corporation) C:\Program Files\Intel\Wireless\Bin\iFrmewrk.exe
(ASUSTeK Computer INC.) C:\Program Files\ASUS\ATK Media\DMedia.exe
(ATK) C:\Program Files\ASUS\Splendid\ACMON.exe
(Motorola Inc.) C:\WINDOWS\sm56hlpr.exe
(Acronis) C:\Program Files\Acronis\TrueImageHome\TrueImageMonitor.exe
(Native Instruments GmbH) C:\Program Files\Fichiers communs\Native Instruments\Hardware\NIHardwareService.exe
(NVIDIA Corporation) C:\WINDOWS\System32\nvsvc32.exe
(ASUSTeK) C:\WINDOWS\System32\ACEngSvr.exe
(HP) C:\WINDOWS\System32\HPZipm12.exe
(Intel Corporation) C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
() C:\WINDOWS\ATK0100\ATKOSD.exe
(Acronis) C:\Program Files\Fichiers communs\Acronis\Schedule2\schedhlp.exe
(Synaptics, Inc.) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Macrovision Corporation) C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe
(Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
(Oracle Corporation) C:\Program Files\Fichiers communs\Java\Java Update\jusched.exe
(iMobie Inc.) C:\Program Files\iMobie\PhoneClean\SilentCleanServer.exe
(Microsoft Corporation) C:\WINDOWS\System32\RUNDLL32.EXE
(RME) C:\WINDOWS\System32\fireface.exe
(RME) C:\WINDOWS\System32\firefacemix.exe
(SFX TEAM) C:\Program Files\SuperCopier2\SuperCopier2.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(The Document Foundation) C:\Program Files\LibreOffice 5\program\soffice.exe
(The Document Foundation) C:\Program Files\LibreOffice 5\program\soffice.bin
(Microsoft Corporation) C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe
(Intel Corporation) C:\Program Files\Intel\Wireless\Bin\Dot1XCfg.exe
(Microsoft Corporation) C:\WINDOWS\System32\wscntfy.exe
==================== Registre (Avec liste blanche) ====================
(Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé. Le fichier ne sera pas déplacé.)
HKLM\...\Run: [AuditMode] => C:\sysprep\factory.exe -logon
HKLM\...\Run: [NvCplDaemon] => RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
HKLM\...\Run: [nwiz] => nwiz.exe /install
HKLM\...\Run: [NvMediaCenter] => RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
HKLM\...\Run: [RTHDCPL] => C:\WINDOWS\RTHDCPL.EXE [16206848 2006-05-04] (Realtek Semiconductor Corp.)
HKLM\...\Run: [Alcmtr] => C:\WINDOWS\ALCMTR.EXE [69632 2005-05-03] (Realtek Semiconductor Corp.)
HKLM\...\Run: [HControl] => C:\WINDOWS\ATK0100\HControl.exe [110592 2006-04-17] ()
HKLM\...\Run: [Wireless Console 2] => C:\Program Files\Wireless Console 2\wcourier.exe [987136 2005-10-17] ()
HKLM\...\Run: [IntelZeroConfig] => C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe [802816 2006-08-02] (Intel Corporation)
HKLM\...\Run: [IntelWireless] => C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe [696320 2006-08-02] (Intel Corporation)
HKLM\...\Run: [ATKMEDIA] => C:\Program Files\ASUS\ATK Media\DMEDIA.EXE [53248 2006-05-16] (ASUSTeK Computer INC.)
HKLM\...\Run: [ACMON] => C:\Program Files\ASUS\Splendid\ACMON.exe [17920 2006-02-21] (ATK)
HKLM\...\Run: [SMSERIAL] => C:\WINDOWS\sm56hlpr.exe [544768 2006-03-30] (Motorola Inc.)
HKLM\...\Run: [TrueImageMonitor.exe] => C:\Program Files\Acronis\TrueImageHome\TrueImageMonitor.exe [5140360 2009-11-12] (Acronis)
HKLM\...\Run: [Service Scheduler2 Acronis] => C:\Program Files\Fichiers communs\Acronis\Schedule2\schedhlp.exe [362088 2009-11-12] (Acronis)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [786521 2006-05-25] (Synaptics, Inc.)
HKLM\...\Run: [ISUSPM Startup] => C:\Program Files\Fichiers communs\InstallShield\UpdateService\isuspm.exe [249856 2005-08-11] (Macrovision Corporation)
HKLM\...\Run: [ISUSScheduler] => C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe [81920 2005-08-11] (Macrovision Corporation)
HKLM\...\Run: [] => [X]
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [157456 2015-09-12] (Apple Inc.)
HKLM\...\Run: [SunJavaUpdateSched] => C:\Program Files\Fichiers communs\Java\Java Update\jusched.exe [595992 2016-05-20] (Oracle Corporation)
HKLM\...\Run: [SilentCleanService] => C:\Program Files\iMobie\PhoneClean\SilentCleanServer.exe [495080 2016-10-20] (iMobie Inc.)
HKLM\...\Run: [BluetoothAuthenticationAgent] => rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
HKLM\...\Run: [FirefaceTray] => C:\WINDOWS\system32\fireface.exe [64000 2010-12-17] (RME)
HKLM\...\Run: [FirefaceMixTray] => C:\WINDOWS\system32\firefacemix.exe [1054208 2010-12-17] (RME)
HKLM\...\Run: [QuickTime Task] => "C:\Program Files\QuickTime\qttask.exe" -atboottime
HKLM\...\Run: [UnlockerAssistant] => "C:\Program Files\Unlocker\UnlockerAssistant.exe"
HKLM\...\Run: [Malwarebytes TrayApp] => C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\mbamtray.exe [2780112 2017-01-20] (Malwarebytes)
HKU\S-1-5-21-3552450095-722642494-2735697518-1005\...\Run: [SuperCopier2.exe] => C:\Program Files\SuperCopier2\SuperCopier2.exe [955392 2009-08-16] (SFX TEAM)
HKU\S-1-5-21-3552450095-722642494-2735697518-1005\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner.exe [7348440 2017-03-03] (Piriform Ltd)
HKU\S-1-5-21-3552450095-722642494-2735697518-1005\...\MountPoints2: {f22a3622-42c8-11e2-a964-001302dd141c} - F:\RunClubSanDisk.exe
ShellIconOverlayIdentifiers: [Fichiers hors connexion] -> {750fdf0e-2a26-11d1-a3ea-080036587f03} => C:\WINDOWS\System32\cscui.dll [2008-04-13] (Microsoft Corporation)
Startup: C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\McAfee Security Scan Plus.lnk [2016-08-24]
ShortcutTarget: McAfee Security Scan Plus.lnk -> C:\Program Files\McAfee Security Scan\3.11.376\SSScheduler.exe (McAfee, Inc.)
Startup: C:\Documents and Settings\Otam\Menu Démarrer\Programmes\Démarrage\LibreOffice 5.0.lnk [2016-05-17]
ShortcutTarget: LibreOffice 5.0.lnk -> C:\Program Files\LibreOffice 5\program\quickstart.exe ()
==================== Internet (Avec liste blanche) ====================
(Si un élément est inclus dans le fichier fixlist.txt, s'il s'agit d'un élément du Registre, il sera supprimé ou restauré à la valeur par défaut.)
Winsock: Catalog5 04 C:\Program Files\Bonjour\mdnsNSP.dll [121704 2011-08-30] (Apple Inc.)
Tcpip\Parameters: [DhcpNameServer] 192.168.0.254
Tcpip\..\Interfaces\{0F253B95-1B6B-4F73-B3D1-488511FB9708}: [NameServer] 8.8.8.8,8.8.4.4
Tcpip\..\Interfaces\{BBCD1530-664D-46EE-AE9B-5024B715B7E9}: [DhcpNameServer] 192.168.0.254
Internet Explorer:
==================
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.asus.com
HKU\S-1-5-19\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.asus.com
HKU\S-1-5-20\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.asus.com
HKU\S-1-5-21-3552450095-722642494-2735697518-1005\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://fr.yahoo.com/?fr=yset_ie_syc_oracle&type=orcl_hpset
HKU\S-1-5-21-3552450095-722642494-2735697518-1005\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
SearchScopes: HKU\S-1-5-21-3552450095-722642494-2735697518-1005 -> {C0849B4B-320C-4628-B7D9-438F8E2A1EDC} URL = hxxps://fr.search.yahoo.com/search?p={searchTerms}&fr=yset_ie_syc_oracle&type=orcl_default
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_91\bin\ssv.dll [2016-06-22] (Oracle Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_91\bin\jp2ssv.dll [2016-06-22] (Oracle Corporation)
DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} hxxp://windowsupdate.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1400596399640
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload.macromedia.com/pub/shockwave/cabs/flash/swflash.cab
Handler: http\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\msdaipp.dll [2008-04-13] (Microsoft Corporation)
Handler: http\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\msdaipp.dll [2008-04-13] (Microsoft Corporation)
Handler: https\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\msdaipp.dll [2008-04-13] (Microsoft Corporation)
Handler: https\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\msdaipp.dll [2008-04-13] (Microsoft Corporation)
Handler: ipp\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\msdaipp.dll [2008-04-13] (Microsoft Corporation)
Handler: ms-help - {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files\Fichiers communs\Microsoft Shared\Help\hxds.dll [2005-09-23] (Microsoft Corporation)
Handler: msdaipp\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\msdaipp.dll [2008-04-13] (Microsoft Corporation)
Handler: msdaipp\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\msdaipp.dll [2008-04-13] (Microsoft Corporation)
FireFox:
========
FF DefaultProfile: 0daqfz4e.default-1353426251546
FF ProfilePath: C:\Documents and Settings\Otam\Application Data\Mozilla\Firefox\Profiles\a3dzxh9z.default [2012-11-19]
FF Homepage: C:\Documents and Settings\Otam\Application Data\Mozilla\Firefox\Profiles\a3dzxh9z.default -> hxxps://www.malwarebytes.org/restorebrowser//?gd=&ctid=CT3333004&octid=EB_ORIGINAL_CTID&ISID=E64A13D6-A846-48B7-8BE1-8960BCC1D543&SearchSource=55&CUI=&UM=8&UP=SPA6750B4D-A3C1-4C46-989B-54A3B4286F80&D=082715&SSPV=
FF NewTab: C:\Documents and Settings\Otam\Application Data\Mozilla\Firefox\Profiles\a3dzxh9z.default -> about:newtab
FF Extension: (Search and New Tab by Yahoo) - C:\Documents and Settings\Otam\Application Data\Mozilla\Firefox\Profiles\a3dzxh9z.default\Extensions\jid1-16aeif9OQIRKxA@jetpack.xpi [2016-06-22]
FF ProfilePath: C:\Documents and Settings\Otam\Application Data\Mozilla\Firefox\Profiles\0daqfz4e.default-1353426251546 [2012-11-20]
FF Homepage: C:\Documents and Settings\Otam\Application Data\Mozilla\Firefox\Profiles\0daqfz4e.default-1353426251546 -> google.com
FF Extension: (Firefox Hotfix) - C:\Documents and Settings\Otam\Application Data\Mozilla\Firefox\Profiles\0daqfz4e.default-1353426251546\Extensions\firefox-hotfix@mozilla.org.xpi [2016-11-03]
FF Extension: (Adblock Plus) - C:\Documents and Settings\Otam\Application Data\Mozilla\Firefox\Profiles\0daqfz4e.default-1353426251546\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2016-11-24]
FF Extension: (Video DownloadHelper) - C:\Documents and Settings\Otam\Application Data\Mozilla\Firefox\Profiles\0daqfz4e.default-1353426251546\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}.xpi [2017-02-15]
FF Extension: (Xmarks) - C:\Documents and Settings\Otam\Application Data\Mozilla\Firefox\Profiles\0daqfz4e.default-1353426251546\Extensions\foxmarks@kei.com [2017-02-15]
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF Extension: (Microsoft .NET Framework Assistant) - C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension [2014-03-15] [non signé]
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF32_23_0_0_205.dll [2016-11-01] ()
FF Plugin: @Apple.com/iTunes,version=1.0 -> C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll [2015-09-04] ()
FF Plugin: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\npPDFXCviewNPPlugin.dll [2017-03-06] (Tracker Software Products (Canada) Ltd.)
FF Plugin: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xdp -> C:\Program Files\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [Pas de fichier]
FF Plugin: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xfdf -> C:\Program Files\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [Pas de fichier]
FF Plugin: @java.com/DTPlugin,version=11.91.2 -> C:\Program Files\Java\jre1.8.0_91\bin\dtplugin\npDeployJava1.dll [2016-06-22] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.91.2 -> C:\Program Files\Java\jre1.8.0_91\bin\plugin2\npjp2.dll [2016-06-22] (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\4.1.10329.0\npctrl.dll [2012-03-29] ( Microsoft Corporation)
FF Plugin: @microsoft.com/WPF,version=3.5 -> C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll [2008-07-29] (Microsoft Corporation)
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.33.3\npGoogleUpdate3.dll [2017-04-15] (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.33.3\npGoogleUpdate3.dll [2017-04-15] (Google Inc.)
FF Plugin: @tracker-software.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\npPDFXCviewNPPlugin.dll [2017-03-06] (Tracker Software Products (Canada) Ltd.)
FF Plugin: @videolan.org/vlc,version=2.0.2 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2012-06-27] (VideoLAN)
FF Plugin HKU\S-1-5-21-3552450095-722642494-2735697518-1005: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\npPDFXCviewNPPlugin.dll [2017-03-06] (Tracker Software Products (Canada) Ltd.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npPDFXCviewNPPlugin.dll [2017-03-06] (Tracker Software Products (Canada) Ltd.)
FF ExtraCheck: C:\Program Files\mozilla firefox\defaults\pref\itms.js [2015-09-09]
Chrome:
=======
CHR HomePage: Default -> hxxps://fr.search.yahoo.com/?fr=spigot-yhp-gcmac&ilc=12&type=435714
CHR StartupUrls: Default -> "hxxp://google.com/","hxxp://www.google.fr/"
CHR Profile: C:\Documents and Settings\Otam\Local Settings\Application Data\Google\Chrome\User Data\Default [2012-12-19]
CHR Extension: (Recherche Google) - C:\Documents and Settings\Otam\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2012-12-19]
CHR Extension: (Google Drive) - C:\Documents and Settings\Otam\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2012-12-19]
CHR Extension: (Gmail) - C:\Documents and Settings\Otam\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2012-12-19]
CHR Extension: (YouTube) - C:\Documents and Settings\Otam\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2012-12-19]
CHR Extension: (Paiements via le Chrome Web Store) - C:\Documents and Settings\Otam\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-10-17]
CHR Extension: (FVD Video Downloader) - C:\Documents and Settings\Otam\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\lfmhcpmkbdkbgbmkjoiopeeegenkdikp [2015-01-17]
CHR Extension: (Google Docs hors connexion) - C:\Documents and Settings\Otam\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2015-09-18]
CHR Extension: (Google Docs) - C:\Documents and Settings\Otam\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-02-20]
CHR Extension: (Google Slides) - C:\Documents and Settings\Otam\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-02-20]
CHR Extension: (Google Sheets) - C:\Documents and Settings\Otam\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-02-20]
CHR Profile: C:\Documents and Settings\Otam\Local Settings\Application Data\Google\Chrome\User Data\Guest Profile [2015-01-17]
CHR Profile: C:\Documents and Settings\Otam\Local Settings\Application Data\Google\Chrome\User Data\System Profile [2016-02-16]
CHR Profile: C:\Documents and Settings\Otam\Local Settings\Application Data\Google\Chrome\User Data\Profile 1 [2016-05-06]
CHR Extension: (Google Docs) - C:\Documents and Settings\Otam\Local Settings\Application Data\Google\Chrome\User Data\Profile 1\Extensions\aohghmighlieiainnegkcijnfilokake [2016-05-06]
CHR Extension: (Google Drive) - C:\Documents and Settings\Otam\Local Settings\Application Data\Google\Chrome\User Data\Profile 1\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-05-06]
CHR Extension: (Gmail) - C:\Documents and Settings\Otam\Local Settings\Application Data\Google\Chrome\User Data\Profile 1\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-05-06]
CHR Extension: (Paiements via le Chrome Web Store) - C:\Documents and Settings\Otam\Local Settings\Application Data\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-05-06]
CHR Extension: (YouTube) - C:\Documents and Settings\Otam\Local Settings\Application Data\Google\Chrome\User Data\Profile 1\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-05-06]
CHR Extension: (Google Sheets) - C:\Documents and Settings\Otam\Local Settings\Application Data\Google\Chrome\User Data\Profile 1\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2016-05-06]
CHR Extension: (Google Docs hors connexion) - C:\Documents and Settings\Otam\Local Settings\Application Data\Google\Chrome\User Data\Profile 1\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-05-06]
CHR Extension: (Google Slides) - C:\Documents and Settings\Otam\Local Settings\Application Data\Google\Chrome\User Data\Profile 1\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2016-05-06]
CHR HKLM\...\Chrome\Extension: [kpdmjodecdegfglgaapafjleomjjlpnh] - hxxps://clients2.google.com/service/update2/crx
==================== Services (Avec liste blanche) ====================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
R2 AcrSch2Svc; C:\Program Files\Fichiers communs\Acronis\Schedule2\schedul2.exe [661128 2009-11-12] (Acronis)
R2 afcdpsrv; C:\Program Files\Fichiers communs\Acronis\CDP\afcdpsrv.exe [2480048 2012-11-22] (Acronis)
S2 AntiRansom; C:\Program Files\Kaspersky Lab\Kaspersky Anti-Ransomware Tool for Business 1.1\anti_ransom.exe [693720 2016-07-19] (AO Kaspersky Lab)
R2 Apple Mobile Device; C:\Program Files\Fichiers communs\Apple\Mobile Device Support\AppleMobileDeviceService.exe [60720 2015-09-02] (Apple Inc.)
S3 CoordinatorServiceHost; C:\Program Files\SolidWorks Corp\SolidWorks\swScheduler\DTSCoordinatorService.exe [89192 2012-06-09] (Dassault Systèmes SolidWorks Corp.)
S2 DrvCovEx; C:\WINDOWS\System32\DrvCovEx.exe [45056 2015-09-15] () [Fichier non signé]
R2 EvtEng; C:\Program Files\Intel\Wireless\Bin\EvtEng.exe [434176 2006-08-02] (Intel Corporation) [Fichier non signé]
S3 FLEXnet Licensing Service; C:\Program Files\Fichiers communs\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [1044816 2015-09-08] (Flexera Software, Inc.)
S3 HP Port Resolver; C:\WINDOWS\system32\spool\drivers\w32x86\3\HPBPRO.EXE [81920 2005-05-20] (Hewlett-Packard Company)
S3 HP Status Server; C:\WINDOWS\system32\spool\drivers\w32x86\3\HPBOID.EXE [73728 2004-10-16] (Hewlett-Packard Company)
S3 IDriverT; C:\Program Files\Fichiers communs\InstallShield\Driver\1050\Intel 32\IDriverT.exe [73728 2004-10-22] (Macrovision Corporation) [Fichier non signé]
S2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [3303888 2017-01-20] (Malwarebytes)
S4 msvsmon80; C:\Program Files\Microsoft Visual Studio 8\Common7\IDE\Remote Debugger\x86\msvsmon.exe [2799808 2005-09-23] (Microsoft Corporation)
R2 NIHardwareService; C:\Program Files\Fichiers communs\Native Instruments\Hardware\NIHardwareService.exe [3857408 2011-04-07] (Native Instruments GmbH) [Fichier non signé]
R2 RegSrvc; C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe [327680 2006-08-02] (Intel Corporation) [Fichier non signé]
S3 Remote Solver for Flow Simulation 2012; C:\Program Files\SolidWorks Corp\SolidWorks Flow Simulation\binCFW\StandAloneSlv.exe [95368 2012-04-09] (Mentor Graphics Corporation) [Fichier non signé]
R2 S24EventMonitor; C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe [937984 2006-08-02] (Intel Corporation ) [Fichier non signé]
S3 SolidWorks Licensing Service; C:\Program Files\Fichiers communs\SolidWorks Shared\Service\SolidWorksLicensing.exe [79360 2015-09-08] (SolidWorks) [Fichier non signé]
S2 MA_CMIDI_InstallerService; C:\Program Files\M-Audio\M-Audio Series II MIDI\MA_CMIDI_Inst.exe [X]
S3 McComponentHostService; "C:\Program Files\McAfee Security Scan\3.11.334\McCHSvc.exe" [X]
===================== Pilotes (Avec liste blanche) ======================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
R2 AegisP; C:\WINDOWS\System32\DRIVERS\AegisP.sys [21419 2012-11-19] (Meetinghouse Data Communications) [Fichier non signé]
S3 CCDECODE; C:\WINDOWS\System32\DRIVERS\CCDECODE.sys [17024 2008-04-13] (Microsoft Corporation)
R3 dtscsi; C:\WINDOWS\System32\Drivers\dtscsi.sys [223128 2012-11-25] () [Fichier non signé]
S3 fireface; C:\WINDOWS\System32\drivers\fireface.sys [88832 2010-12-17] (RME) [Fichier non signé]
S3 firefaceu; C:\WINDOWS\System32\drivers\fireface_usb.sys [83584 2012-08-27] (RME) [Fichier non signé]
S3 gfiutil; C:\WINDOWS\System32\drivers\gfiutil.sys [25440 2016-03-04] (ThreatTrack Security)
S3 HPZid412; C:\WINDOWS\System32\DRIVERS\HPZid412.sys [49664 2006-04-13] (HP)
S3 HPZipr12; C:\WINDOWS\System32\DRIVERS\HPZipr12.sys [16496 2006-04-13] (HP)
S3 HPZius12; C:\WINDOWS\System32\DRIVERS\HPZius12.sys [21568 2006-04-13] (HP)
R0 kl1; C:\WINDOWS\System32\DRIVERS\kl1.sys [165296 2016-06-02] (AO Kaspersky Lab)
R3 klflt; C:\WINDOWS\System32\DRIVERS\klflt.sys [153936 2016-06-26] (AO Kaspersky Lab)
R1 klhk; C:\WINDOWS\System32\DRIVERS\klhk.sys [109904 2016-06-28] (AO Kaspersky Lab)
R1 KLIF; C:\WINDOWS\System32\DRIVERS\klif.sys [791888 2016-06-26] (AO Kaspersky Lab)
R1 klpd; C:\WINDOWS\System32\DRIVERS\klpd.sys [41392 2016-05-31] (AO Kaspersky Lab)
R1 kltdf; C:\WINDOWS\System32\DRIVERS\kltdf.sys [82352 2016-05-17] (AO Kaspersky Lab)
S3 lvupdtio; C:\Program Files\ASUS\ASUS Live Update\SYS64\lvupdtio.sys [10752 2005-05-20] () [Fichier non signé]
S3 MA_CMIDI; C:\WINDOWS\System32\drivers\ma_cmidi.sys [21888 2006-08-16] (M-Audio) [Fichier non signé]
R1 MBAMChameleon; C:\WINDOWS\system32\drivers\MBAMChameleon.sys [148256 2017-04-16] (Malwarebytes)
R3 mpfilt; C:\WINDOWS\system32\drivers\mpfilt.sys [10588 2009-01-09] () [Fichier non signé]
S3 mpszfilt; C:\WINDOWS\System32\DRIVERS\mpszfilt.sys [10752 2015-09-15] (Generic) [Fichier non signé]
R3 MTsensor; C:\WINDOWS\System32\DRIVERS\ATKACPI.sys [5632 2005-02-17] ()
S3 NdisIP; C:\WINDOWS\System32\DRIVERS\NdisIP.sys [10880 2008-04-13] (Microsoft Corporation)
R3 NETw3x32; C:\WINDOWS\System32\DRIVERS\NETw3x32.sys [1709696 2006-09-27] (Intel® Corporation)
R2 s24trans; C:\WINDOWS\System32\DRIVERS\s24trans.sys [12544 2006-08-02] (Intel Corporation) [Fichier non signé]
S3 SeratoUsb; C:\WINDOWS\System32\Drivers\SeratoUsb.sys [29952 2013-07-09] (Cristalink Ltd) [Fichier non signé]
R0 sptd; C:\WINDOWS\System32\Drivers\sptd.sys [642560 2012-11-25] () [Fichier non signé]
R3 SynMini; C:\WINDOWS\System32\Drivers\SynMini.sys [1116544 2006-08-09] ()
R3 SynScan; C:\WINDOWS\System32\Drivers\SynScan.sys [7808 2006-08-09] ()
R0 tdrpman258; C:\WINDOWS\System32\DRIVERS\tdrpm258.sys [911680 2012-11-22] (Acronis)
S3 w39n51; C:\WINDOWS\System32\DRIVERS\w39n51.sys [1429632 2006-04-04] (Intel® Corporation)
S4 IntelIde; pas de ImagePath
U5 ScsiPort; C:\WINDOWS\system32\drivers\scsiport.sys [96384 2008-04-13] (Microsoft Corporation)
U1 WS2IFSL; pas de ImagePath
==================== NetSvcs (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
==================== Un mois - Créés - fichiers et dossiers ========
(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)
2017-04-20 12:03 - 2017-04-20 12:03 - 00026232 _____ C:\Documents and Settings\Otam\Bureau\FRST.txt
2017-04-20 12:03 - 2017-04-20 12:03 - 00000000 ____D C:\FRST
2017-04-20 12:01 - 2017-04-20 12:01 - 01766912 _____ (Farbar) C:\Documents and Settings\Otam\Bureau\FRST.exe
2017-04-20 10:08 - 2017-04-20 10:08 - 01740631 _____ C:\Documents and Settings\Otam\Bureau\7978-6-evaluation.pptx
2017-04-20 10:01 - 2017-04-20 10:01 - 00167486 _____ C:\Documents and Settings\Otam\Bureau\ZHPDiag2004_1.txt
2017-04-20 09:52 - 2017-04-20 09:52 - 00000066 _____ C:\WINDOWS\system32\DrvLog-2017-04-20-09-52-21.txt
2017-04-20 09:48 - 2017-04-20 09:48 - 00167184 _____ C:\Documents and Settings\Otam\Bureau\ZHPDiag2004.txt
2017-04-20 09:42 - 2017-04-20 09:42 - 00001291 _____ C:\Documents and Settings\Otam\Bureau\ZHPFix[R1].txt
2017-04-20 09:41 - 2017-04-20 09:41 - 00001416 _____ C:\Documents and Settings\All Users\Bureau\ZHPFix.lnk
2017-04-20 09:41 - 2017-04-20 09:41 - 00001291 _____ C:\Documents and Settings\Otam\Bureau\ZHPFixReport.txt
2017-04-20 09:41 - 2017-04-20 09:41 - 00000000 ____D C:\Program Files\ZHPFix
2017-04-20 09:41 - 2017-04-20 09:41 - 00000000 ____D C:\Documents and Settings\All Users\Menu Démarrer\Programmes\ZHP
2017-04-20 09:35 - 2017-04-20 09:35 - 03521617 _____ (Nicolas Coolman ) C:\Documents and Settings\Otam\Bureau\zhpfix_2015.10.19.9.exe
2017-04-19 22:48 - 2017-04-19 22:48 - 00167067 _____ C:\Documents and Settings\Otam\Bureau\ZHPDiag2.txt
2017-04-19 16:23 - 2017-04-19 16:23 - 00166997 _____ C:\Documents and Settings\Otam\Bureau\ZHPDiag1.txt
2017-04-19 16:14 - 2017-04-19 16:14 - 00021390 _____ C:\Documents and Settings\Otam\Bureau\scunia.odt
2017-04-19 16:14 - 2017-04-19 10:29 - 02105344 _____ C:\Documents and Settings\Otam\Bureau\ZHPDiag3.exe
2017-04-19 15:46 - 2017-04-19 15:47 - 00099029 _____ C:\Documents and Settings\Otam\Bureau\DU SECOND DEGRE.pdf
2017-04-19 15:37 - 2017-04-19 15:37 - 00103315 _____ C:\Documents and Settings\Otam\Bureau\du_second_degre-4.pdf
2017-04-19 15:18 - 2017-04-19 15:18 - 00000066 _____ C:\WINDOWS\system32\DrvLog-2017-04-19-15-18-02.txt
2017-04-19 15:15 - 2017-04-19 15:15 - 00001871 _____ C:\Documents and Settings\Otam\Bureau\ZHPCleaner 2.txt
2017-04-19 15:01 - 2017-04-19 15:01 - 00002916 _____ C:\Documents and Settings\Otam\Bureau\AdwCleaner[C0].txt
2017-04-19 14:59 - 2017-04-19 14:59 - 00000066 _____ C:\WINDOWS\system32\DrvLog-2017-04-19-14-59-29.txt
2017-04-19 14:50 - 2017-04-19 14:50 - 00011124 _____ C:\Documents and Settings\Otam\Bureau\ZHPCleaner 1.txt
2017-04-19 14:49 - 2017-04-19 14:49 - 00000066 _____ C:\WINDOWS\system32\DrvLog-2017-04-19-14-49-40.txt
2017-04-19 13:59 - 2017-04-19 15:15 - 00002055 _____ C:\Documents and Settings\Otam\Bureau\ZHPCleaner.txt
2017-04-19 13:45 - 2017-04-19 15:01 - 00000599 _____ C:\Documents and Settings\Otam\Bureau\ZHPCleaner.lnk
2017-04-19 13:45 - 2017-04-19 13:44 - 00296265 _____ C:\Documents and Settings\Otam\Bureau\projet brevet blanc 2.pdf
2017-04-19 13:12 - 2017-04-19 13:12 - 00480684 _____ C:\Documents and Settings\Otam\Bureau\Infection par Spora aide.pdf
2017-04-19 13:10 - 2017-04-19 13:10 - 02658304 _____ C:\Documents and Settings\Otam\Bureau\zhpcleaner_2016.12.24.222.exe
2017-04-19 13:09 - 2017-04-19 13:09 - 04089296 _____ C:\Documents and Settings\Otam\Bureau\adwcleaner_6.045.exe
2017-04-19 11:12 - 2017-04-19 11:12 - 00170799 _____ C:\Documents and Settings\Otam\Bureau\ZHPDiag_19042017.txt
2017-04-19 10:47 - 2017-04-20 10:00 - 00167483 _____ C:\Documents and Settings\Otam\Bureau\ZHPDiag.txt
2017-04-19 10:29 - 2017-04-20 09:54 - 00000698 _____ C:\Documents and Settings\Otam\Bureau\ZHPDiag.lnk
2017-04-19 10:29 - 2017-04-19 10:29 - 00000000 ____D C:\Documents and Settings\Otam\Application Data\ZHP
2017-04-19 10:08 - 2017-04-19 10:08 - 00000638 _____ C:\WINDOWS\Tasks\TrackerAutoUpdate.job
2017-04-19 10:08 - 2017-04-19 10:08 - 00000000 ____D C:\Program Files\Tracker Software
2017-04-19 10:08 - 2017-04-19 10:08 - 00000000 ____D C:\Documents and Settings\All Users\Menu Démarrer\Programmes\PDF-XChange PDF Viewer
2017-04-19 10:08 - 2017-04-19 10:08 - 00000000 ____D C:\Documents and Settings\All Users\Application Data\Tracker Software
2017-04-19 09:56 - 2017-04-19 09:56 - 00000066 _____ C:\WINDOWS\system32\DrvLog-2017-04-19-09-56-55.txt
2017-04-18 22:43 - 2017-04-18 22:43 - 00031803 _____ C:\Documents and Settings\Otam\Bureau\multiplication par p modulo n.ggb
2017-04-18 22:25 - 2017-04-18 22:25 - 00000066 _____ C:\WINDOWS\system32\DrvLog-2017-04-18-22-25-21.txt
2017-04-18 22:20 - 2017-04-18 22:20 - 00002076 _____ C:\Documents and Settings\All Users\Bureau\Kaspersky Anti-Ransomware Tool for Business.lnk
2017-04-18 22:20 - 2017-04-18 22:20 - 00000000 ____D C:\Program Files\Kaspersky Lab
2017-04-18 22:20 - 2017-04-18 22:20 - 00000000 ____D C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Kaspersky Anti-Ransomware Tool for Business
2017-04-18 22:20 - 2017-04-18 22:20 - 00000000 ____D C:\Documents and Settings\All Users\Application Data\Kaspersky Lab
2017-04-18 22:20 - 2016-06-28 12:28 - 00109904 _____ (AO Kaspersky Lab) C:\WINDOWS\system32\Drivers\klhk.sys
2017-04-18 22:20 - 2016-06-26 15:05 - 00791888 _____ (AO Kaspersky Lab) C:\WINDOWS\system32\Drivers\klif.sys
2017-04-18 22:20 - 2016-06-26 15:05 - 00153936 _____ (AO Kaspersky Lab) C:\WINDOWS\system32\Drivers\klflt.sys
2017-04-18 21:48 - 2017-04-18 21:51 - 00002676 _____ C:\RakhniDecryptor.1.17.17.0_18.04.2017_21.48.45_log.txt
2017-04-18 17:31 - 2017-04-18 17:38 - 00020168 _____ C:\Documents and Settings\Otam\Bureau\2 points sur cercle trigo.ggb
2017-04-18 16:19 - 2017-04-18 16:19 - 00000066 _____ C:\WINDOWS\system32\DrvLog-2017-04-18-16-19-20.txt
2017-04-16 18:27 - 2017-04-16 18:27 - 00000066 _____ C:\WINDOWS\system32\DrvLog-2017-04-16-18-27-24.txt
2017-04-16 18:02 - 2017-04-16 18:02 - 00000066 _____ C:\WINDOWS\system32\DrvLog-2017-04-16-18-02-37.txt
2017-04-14 16:45 - 2017-04-14 16:45 - 00000066 _____ C:\WINDOWS\system32\DrvLog-2017-04-14-16-45-49.txt
2017-04-14 16:45 - 2017-04-14 14:09 - 00102400 _____ C:\WINDOWS\Minidump\Mini041417-02.dmp
2017-04-14 14:09 - 2017-04-14 14:09 - 00000066 _____ C:\WINDOWS\system32\DrvLog-2017-04-14-14-09-45.txt
2017-04-14 14:09 - 2017-04-14 13:53 - 00102400 _____ C:\WINDOWS\Minidump\Mini041417-01.dmp
2017-04-14 14:07 - 2017-04-14 14:07 - 00000000 __SHD C:\FOUND.041
2017-04-14 13:53 - 2017-04-14 13:53 - 00000066 _____ C:\WINDOWS\system32\DrvLog-2017-04-14-13-53-54.txt
2017-04-14 13:49 - 2017-04-18 22:46 - 00097600 _____ C:\Documents and Settings\Otam\Bureau\multiplication par p modulo n 1.ggb
2017-04-14 12:32 - 2017-04-14 12:32 - 00029174 _____ C:\Documents and Settings\Otam\Bureau\w1.pdf
2017-04-14 12:26 - 2017-04-14 12:26 - 00000066 _____ C:\WINDOWS\system32\DrvLog-2017-04-14-12-26-38.txt
2017-04-12 17:49 - 2017-04-16 19:05 - 00021075 _____ C:\Documents and Settings\Otam\Bureau\eval dpr YLeSerrec.ods
2017-04-11 08:43 - 2017-04-11 08:43 - 00000066 _____ C:\WINDOWS\system32\DrvLog-2017-04-11-08-43-01.txt
2017-04-09 17:57 - 2017-04-09 17:57 - 00000066 _____ C:\WINDOWS\system32\DrvLog-2017-04-09-17-57-56.txt
2017-04-09 17:19 - 2017-04-16 18:28 - 00148256 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMChameleon.sys
2017-04-09 17:18 - 2017-04-20 09:54 - 00039360 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbam.sys
2017-04-09 17:18 - 2017-04-18 17:32 - 00059904 _____ C:\WINDOWS\system32\Drivers\mbae.sys
2017-04-09 17:18 - 2017-04-09 17:18 - 00001619 _____ C:\Documents and Settings\All Users\Bureau\Malwarebytes.lnk
2017-04-09 17:18 - 2017-04-09 17:18 - 00000000 ____D C:\Program Files\Malwarebytes
2017-04-09 17:18 - 2017-04-09 17:18 - 00000000 ____D C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Malwarebytes
2017-04-09 13:30 - 2017-04-09 13:30 - 00102849 _____ C:\Documents and Settings\Otam\Bureau\semainier 28 2016 2017.pdf
2017-04-09 13:09 - 2017-04-09 13:09 - 00000066 _____ C:\WINDOWS\system32\DrvLog-2017-04-09-13-09-31.txt
2017-04-09 12:28 - 2017-04-09 12:28 - 00016670 _____ C:\FR9CF-10RGR-FTRZK-ZTAZT-FRTAO-FFTFO-FYYYY.html
2017-04-09 12:28 - 2017-04-09 12:28 - 00016670 _____ C:\Documents and Settings\Otam\FR9CF-10RGR-FTRZK-ZTAZT-FRTAO-FFTFO-FYYYY.html
2017-04-09 12:28 - 2017-04-09 12:28 - 00016670 _____ C:\Documents and Settings\Otam\Application Data\FR9CF-10RGR-FTRZK-ZTAZT-FRTAO-FFTFO-FYYYY.html
2017-04-09 12:27 - 2017-04-09 13:05 - 02073088 _____ C:\Documents and Settings\Otam\Application Data\3905113179
2017-04-06 15:18 - 2017-04-06 15:18 - 00000066 _____ C:\WINDOWS\system32\DrvLog-2017-04-06-15-18-56.txt
2017-03-29 18:50 - 2017-03-29 18:50 - 00000636 _____ C:\Documents and Settings\Otam\Bureau\GeoGebra 5.0.lnk
2017-03-29 18:43 - 2017-03-29 18:43 - 00034263 _____ C:\Documents and Settings\Otam\Bureau\banc pyramide.ggb
2017-03-29 11:39 - 2017-03-29 11:39 - 00000000 ____D C:\Documents and Settings\All Users\Application Data\PCCleaner Pro
2017-03-29 11:39 - 2017-03-29 11:39 - 00000000 ____D C:\Documents and Settings\All Users\Application Data\AmSettingsLocal
2017-03-29 11:31 - 2017-03-29 11:31 - 00000066 _____ C:\WINDOWS\system32\DrvLog-2017-03-29-11-31-03.txt
2017-03-29 11:29 - 2017-03-29 11:29 - 00000000 __SHD C:\FOUND.040
2017-03-21 20:04 - 2017-03-21 20:04 - 00000586 _____ C:\Documents and Settings\All Users\Bureau\CCleaner.lnk
==================== Un mois - Modifiés - fichiers et dossiers ========
(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)
2017-04-20 12:02 - 2012-12-19 19:42 - 00001056 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2017-04-20 11:26 - 2014-05-01 16:26 - 00000408 _____ C:\WINDOWS\Tasks\At1.job
2017-04-20 11:05 - 2012-11-19 22:00 - 00001002 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2017-04-20 09:54 - 2014-05-10 23:13 - 00220088 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2017-04-20 09:52 - 2014-05-21 12:38 - 00000220 _____ C:\WINDOWS\Tasks\Notification de fin de service de Microsoft Windows XP - à la connexion.job
2017-04-20 09:52 - 2012-12-19 19:42 - 00001052 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2017-04-20 09:52 - 2012-11-19 13:07 - 00051048 _____ C:\WINDOWS\system32\nvapps.xml
2017-04-20 09:51 - 2012-11-19 11:24 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2017-04-20 09:50 - 2016-10-02 09:40 - 00000012 _____ C:\WINDOWS\bthservsdp.dat
2017-04-20 09:50 - 2014-03-18 20:22 - 00256166 _____ C:\Documents and Settings\LocalService\Local Settings\Application Data\WPFFontCache_v0400-System.dat
2017-04-20 09:50 - 2014-03-18 20:22 - 00256166 _____ C:\Documents and Settings\LocalService\Local Settings\Application Data\WPFFontCache_v0400-S-1-5-21-3552450095-722642494-2735697518-1005-0.dat
2017-04-20 09:50 - 2012-11-19 11:43 - 00000284 ___SH C:\Documents and Settings\Otam\ntuser.ini
2017-04-20 09:50 - 2012-11-19 11:24 - 00032402 _____ C:\WINDOWS\SchedLgU.Txt
2017-04-20 09:15 - 2014-08-14 16:57 - 00000664 _____ C:\WINDOWS\system32\d3d9caps.dat
2017-04-19 17:49 - 2016-11-24 11:26 - 00054156 ____H C:\WINDOWS\QTFont.qfn
2017-04-19 14:45 - 2016-11-24 11:26 - 00001409 _____ C:\WINDOWS\QTFont.for
2017-04-18 21:39 - 2004-09-20 17:49 - 00000216 __RSH C:\boot.ini
2017-04-18 21:39 - 2004-09-20 17:48 - 00000573 _____ C:\WINDOWS\win.ini
2017-04-18 21:39 - 2004-09-20 17:48 - 00000227 _____ C:\WINDOWS\system.ini
2017-04-18 21:12 - 2014-01-11 14:50 - 00355840 ___SH C:\Documents and Settings\Otam\Bureau\Thumbs.db
2017-04-18 16:19 - 2004-09-20 17:49 - 00001158 _____ C:\WINDOWS\system32\wpa.dbl
2017-04-09 13:11 - 2014-05-21 12:38 - 00000214 _____ C:\WINDOWS\Tasks\Notification de fin de service de Microsoft Windows XP -mensuellement.job
2017-04-05 16:17 - 2012-11-22 13:35 - 00028672 _____ C:\Documents and Settings\Otam\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2017-03-29 11:30 - 2012-11-19 11:15 - 00231984 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2017-03-25 15:17 - 2016-05-05 17:33 - 00000284 _____ C:\WINDOWS\Tasks\AppleSoftwareUpdate.job
==================== Fichiers à la racine de certains dossiers =======
2012-11-24 11:08 - 2012-11-24 11:08 - 0000011 _____ () C:\Documents and Settings\Otam\Application Data\iasna_C92E1371-3DF5-4322-9729-82CC0DD90EC6.dll
2017-04-09 12:27 - 2017-04-09 13:05 - 2073088 _____ () C:\Documents and Settings\Otam\Application Data\3905113179
2017-04-09 12:28 - 2017-04-09 12:28 - 0016670 _____ () C:\Documents and Settings\Otam\Application Data\FR9CF-10RGR-FTRZK-ZTAZT-FRTAO-FFTFO-FYYYY.html
2012-11-22 13:35 - 2017-04-05 16:17 - 0028672 _____ () C:\Documents and Settings\Otam\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2012-11-19 18:16 - 2012-11-19 18:28 - 0000334 _____ () C:\Documents and Settings\All Users\Application Data\hpzinstall.log
Fichiers à déplacer ou supprimer:
====================
C:\Windows\Tasks\At1.job
==================== Bamital & volsnap ======================
(Il n'y a pas de correction automatique pour les fichiers qui ne satisfont pas à la vérification.)
C:\WINDOWS\explorer.exe => Le fichier est signé numériquement
C:\WINDOWS\system32\winlogon.exe => Le fichier est signé numériquement
C:\WINDOWS\system32\svchost.exe => Le fichier est signé numériquement
C:\WINDOWS\system32\services.exe => Le fichier est signé numériquement
C:\WINDOWS\system32\User32.dll => Le fichier est signé numériquement
C:\WINDOWS\system32\userinit.exe => Le fichier est signé numériquement
C:\WINDOWS\system32\rpcss.dll => Le fichier est signé numériquement
C:\WINDOWS\system32\dnsapi.dll => Le fichier est signé numériquement
C:\WINDOWS\system32\Drivers\volsnap.sys => Le fichier est signé numériquement
==================== Fin de FRST.txt ============================
Exécuté par Otam (administrateur) sur IAN (20-04-2017 12:03:34)
Exécuté depuis C:\Documents and Settings\Otam\Bureau
Profils chargés: Otam (Profils disponibles: Otam & Administrateur)
Platform: Microsoft Windows XP Édition familiale Service Pack 3 (X86) Langue: Français (France)
Internet Explorer Version 8 (Navigateur par défaut: Chrome)
Mode d'amorçage: Normal
Tutoriel pour Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processus (Avec liste blanche) =================
(Si un élément est inclus dans le fichier fixlist.txt, le processus sera arrêté. Le fichier ne sera pas déplacé.)
(Intel Corporation) C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
(Intel Corporation ) C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
(Acronis) C:\Program Files\Fichiers communs\Acronis\Schedule2\schedul2.exe
(Acronis) C:\Program Files\Fichiers communs\Acronis\CDP\afcdpsrv.exe
(Apple Inc.) C:\Program Files\Fichiers communs\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Microsoft Corporation) C:\WINDOWS\System32\RUNDLL32.EXE
(Realtek Semiconductor Corp.) C:\WINDOWS\RTHDCPL.EXE
() C:\WINDOWS\ATK0100\HControl.exe
() C:\Program Files\Wireless Console 2\wcourier.exe
(Intel Corporation) C:\Program Files\Intel\Wireless\Bin\ZCfgSvc.exe
(Intel Corporation) C:\Program Files\Intel\Wireless\Bin\iFrmewrk.exe
(ASUSTeK Computer INC.) C:\Program Files\ASUS\ATK Media\DMedia.exe
(ATK) C:\Program Files\ASUS\Splendid\ACMON.exe
(Motorola Inc.) C:\WINDOWS\sm56hlpr.exe
(Acronis) C:\Program Files\Acronis\TrueImageHome\TrueImageMonitor.exe
(Native Instruments GmbH) C:\Program Files\Fichiers communs\Native Instruments\Hardware\NIHardwareService.exe
(NVIDIA Corporation) C:\WINDOWS\System32\nvsvc32.exe
(ASUSTeK) C:\WINDOWS\System32\ACEngSvr.exe
(HP) C:\WINDOWS\System32\HPZipm12.exe
(Intel Corporation) C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
() C:\WINDOWS\ATK0100\ATKOSD.exe
(Acronis) C:\Program Files\Fichiers communs\Acronis\Schedule2\schedhlp.exe
(Synaptics, Inc.) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Macrovision Corporation) C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe
(Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
(Oracle Corporation) C:\Program Files\Fichiers communs\Java\Java Update\jusched.exe
(iMobie Inc.) C:\Program Files\iMobie\PhoneClean\SilentCleanServer.exe
(Microsoft Corporation) C:\WINDOWS\System32\RUNDLL32.EXE
(RME) C:\WINDOWS\System32\fireface.exe
(RME) C:\WINDOWS\System32\firefacemix.exe
(SFX TEAM) C:\Program Files\SuperCopier2\SuperCopier2.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(The Document Foundation) C:\Program Files\LibreOffice 5\program\soffice.exe
(The Document Foundation) C:\Program Files\LibreOffice 5\program\soffice.bin
(Microsoft Corporation) C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe
(Intel Corporation) C:\Program Files\Intel\Wireless\Bin\Dot1XCfg.exe
(Microsoft Corporation) C:\WINDOWS\System32\wscntfy.exe
==================== Registre (Avec liste blanche) ====================
(Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé. Le fichier ne sera pas déplacé.)
HKLM\...\Run: [AuditMode] => C:\sysprep\factory.exe -logon
HKLM\...\Run: [NvCplDaemon] => RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
HKLM\...\Run: [nwiz] => nwiz.exe /install
HKLM\...\Run: [NvMediaCenter] => RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
HKLM\...\Run: [RTHDCPL] => C:\WINDOWS\RTHDCPL.EXE [16206848 2006-05-04] (Realtek Semiconductor Corp.)
HKLM\...\Run: [Alcmtr] => C:\WINDOWS\ALCMTR.EXE [69632 2005-05-03] (Realtek Semiconductor Corp.)
HKLM\...\Run: [HControl] => C:\WINDOWS\ATK0100\HControl.exe [110592 2006-04-17] ()
HKLM\...\Run: [Wireless Console 2] => C:\Program Files\Wireless Console 2\wcourier.exe [987136 2005-10-17] ()
HKLM\...\Run: [IntelZeroConfig] => C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe [802816 2006-08-02] (Intel Corporation)
HKLM\...\Run: [IntelWireless] => C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe [696320 2006-08-02] (Intel Corporation)
HKLM\...\Run: [ATKMEDIA] => C:\Program Files\ASUS\ATK Media\DMEDIA.EXE [53248 2006-05-16] (ASUSTeK Computer INC.)
HKLM\...\Run: [ACMON] => C:\Program Files\ASUS\Splendid\ACMON.exe [17920 2006-02-21] (ATK)
HKLM\...\Run: [SMSERIAL] => C:\WINDOWS\sm56hlpr.exe [544768 2006-03-30] (Motorola Inc.)
HKLM\...\Run: [TrueImageMonitor.exe] => C:\Program Files\Acronis\TrueImageHome\TrueImageMonitor.exe [5140360 2009-11-12] (Acronis)
HKLM\...\Run: [Service Scheduler2 Acronis] => C:\Program Files\Fichiers communs\Acronis\Schedule2\schedhlp.exe [362088 2009-11-12] (Acronis)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [786521 2006-05-25] (Synaptics, Inc.)
HKLM\...\Run: [ISUSPM Startup] => C:\Program Files\Fichiers communs\InstallShield\UpdateService\isuspm.exe [249856 2005-08-11] (Macrovision Corporation)
HKLM\...\Run: [ISUSScheduler] => C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe [81920 2005-08-11] (Macrovision Corporation)
HKLM\...\Run: [] => [X]
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [157456 2015-09-12] (Apple Inc.)
HKLM\...\Run: [SunJavaUpdateSched] => C:\Program Files\Fichiers communs\Java\Java Update\jusched.exe [595992 2016-05-20] (Oracle Corporation)
HKLM\...\Run: [SilentCleanService] => C:\Program Files\iMobie\PhoneClean\SilentCleanServer.exe [495080 2016-10-20] (iMobie Inc.)
HKLM\...\Run: [BluetoothAuthenticationAgent] => rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
HKLM\...\Run: [FirefaceTray] => C:\WINDOWS\system32\fireface.exe [64000 2010-12-17] (RME)
HKLM\...\Run: [FirefaceMixTray] => C:\WINDOWS\system32\firefacemix.exe [1054208 2010-12-17] (RME)
HKLM\...\Run: [QuickTime Task] => "C:\Program Files\QuickTime\qttask.exe" -atboottime
HKLM\...\Run: [UnlockerAssistant] => "C:\Program Files\Unlocker\UnlockerAssistant.exe"
HKLM\...\Run: [Malwarebytes TrayApp] => C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\mbamtray.exe [2780112 2017-01-20] (Malwarebytes)
HKU\S-1-5-21-3552450095-722642494-2735697518-1005\...\Run: [SuperCopier2.exe] => C:\Program Files\SuperCopier2\SuperCopier2.exe [955392 2009-08-16] (SFX TEAM)
HKU\S-1-5-21-3552450095-722642494-2735697518-1005\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner.exe [7348440 2017-03-03] (Piriform Ltd)
HKU\S-1-5-21-3552450095-722642494-2735697518-1005\...\MountPoints2: {f22a3622-42c8-11e2-a964-001302dd141c} - F:\RunClubSanDisk.exe
ShellIconOverlayIdentifiers: [Fichiers hors connexion] -> {750fdf0e-2a26-11d1-a3ea-080036587f03} => C:\WINDOWS\System32\cscui.dll [2008-04-13] (Microsoft Corporation)
Startup: C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\McAfee Security Scan Plus.lnk [2016-08-24]
ShortcutTarget: McAfee Security Scan Plus.lnk -> C:\Program Files\McAfee Security Scan\3.11.376\SSScheduler.exe (McAfee, Inc.)
Startup: C:\Documents and Settings\Otam\Menu Démarrer\Programmes\Démarrage\LibreOffice 5.0.lnk [2016-05-17]
ShortcutTarget: LibreOffice 5.0.lnk -> C:\Program Files\LibreOffice 5\program\quickstart.exe ()
==================== Internet (Avec liste blanche) ====================
(Si un élément est inclus dans le fichier fixlist.txt, s'il s'agit d'un élément du Registre, il sera supprimé ou restauré à la valeur par défaut.)
Winsock: Catalog5 04 C:\Program Files\Bonjour\mdnsNSP.dll [121704 2011-08-30] (Apple Inc.)
Tcpip\Parameters: [DhcpNameServer] 192.168.0.254
Tcpip\..\Interfaces\{0F253B95-1B6B-4F73-B3D1-488511FB9708}: [NameServer] 8.8.8.8,8.8.4.4
Tcpip\..\Interfaces\{BBCD1530-664D-46EE-AE9B-5024B715B7E9}: [DhcpNameServer] 192.168.0.254
Internet Explorer:
==================
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.asus.com
HKU\S-1-5-19\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.asus.com
HKU\S-1-5-20\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.asus.com
HKU\S-1-5-21-3552450095-722642494-2735697518-1005\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://fr.yahoo.com/?fr=yset_ie_syc_oracle&type=orcl_hpset
HKU\S-1-5-21-3552450095-722642494-2735697518-1005\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
SearchScopes: HKU\S-1-5-21-3552450095-722642494-2735697518-1005 -> {C0849B4B-320C-4628-B7D9-438F8E2A1EDC} URL = hxxps://fr.search.yahoo.com/search?p={searchTerms}&fr=yset_ie_syc_oracle&type=orcl_default
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_91\bin\ssv.dll [2016-06-22] (Oracle Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_91\bin\jp2ssv.dll [2016-06-22] (Oracle Corporation)
DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} hxxp://windowsupdate.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1400596399640
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload.macromedia.com/pub/shockwave/cabs/flash/swflash.cab
Handler: http\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\msdaipp.dll [2008-04-13] (Microsoft Corporation)
Handler: http\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\msdaipp.dll [2008-04-13] (Microsoft Corporation)
Handler: https\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\msdaipp.dll [2008-04-13] (Microsoft Corporation)
Handler: https\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\msdaipp.dll [2008-04-13] (Microsoft Corporation)
Handler: ipp\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\msdaipp.dll [2008-04-13] (Microsoft Corporation)
Handler: ms-help - {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files\Fichiers communs\Microsoft Shared\Help\hxds.dll [2005-09-23] (Microsoft Corporation)
Handler: msdaipp\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\msdaipp.dll [2008-04-13] (Microsoft Corporation)
Handler: msdaipp\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\msdaipp.dll [2008-04-13] (Microsoft Corporation)
FireFox:
========
FF DefaultProfile: 0daqfz4e.default-1353426251546
FF ProfilePath: C:\Documents and Settings\Otam\Application Data\Mozilla\Firefox\Profiles\a3dzxh9z.default [2012-11-19]
FF Homepage: C:\Documents and Settings\Otam\Application Data\Mozilla\Firefox\Profiles\a3dzxh9z.default -> hxxps://www.malwarebytes.org/restorebrowser//?gd=&ctid=CT3333004&octid=EB_ORIGINAL_CTID&ISID=E64A13D6-A846-48B7-8BE1-8960BCC1D543&SearchSource=55&CUI=&UM=8&UP=SPA6750B4D-A3C1-4C46-989B-54A3B4286F80&D=082715&SSPV=
FF NewTab: C:\Documents and Settings\Otam\Application Data\Mozilla\Firefox\Profiles\a3dzxh9z.default -> about:newtab
FF Extension: (Search and New Tab by Yahoo) - C:\Documents and Settings\Otam\Application Data\Mozilla\Firefox\Profiles\a3dzxh9z.default\Extensions\jid1-16aeif9OQIRKxA@jetpack.xpi [2016-06-22]
FF ProfilePath: C:\Documents and Settings\Otam\Application Data\Mozilla\Firefox\Profiles\0daqfz4e.default-1353426251546 [2012-11-20]
FF Homepage: C:\Documents and Settings\Otam\Application Data\Mozilla\Firefox\Profiles\0daqfz4e.default-1353426251546 -> google.com
FF Extension: (Firefox Hotfix) - C:\Documents and Settings\Otam\Application Data\Mozilla\Firefox\Profiles\0daqfz4e.default-1353426251546\Extensions\firefox-hotfix@mozilla.org.xpi [2016-11-03]
FF Extension: (Adblock Plus) - C:\Documents and Settings\Otam\Application Data\Mozilla\Firefox\Profiles\0daqfz4e.default-1353426251546\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2016-11-24]
FF Extension: (Video DownloadHelper) - C:\Documents and Settings\Otam\Application Data\Mozilla\Firefox\Profiles\0daqfz4e.default-1353426251546\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}.xpi [2017-02-15]
FF Extension: (Xmarks) - C:\Documents and Settings\Otam\Application Data\Mozilla\Firefox\Profiles\0daqfz4e.default-1353426251546\Extensions\foxmarks@kei.com [2017-02-15]
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF Extension: (Microsoft .NET Framework Assistant) - C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension [2014-03-15] [non signé]
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF32_23_0_0_205.dll [2016-11-01] ()
FF Plugin: @Apple.com/iTunes,version=1.0 -> C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll [2015-09-04] ()
FF Plugin: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\npPDFXCviewNPPlugin.dll [2017-03-06] (Tracker Software Products (Canada) Ltd.)
FF Plugin: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xdp -> C:\Program Files\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [Pas de fichier]
FF Plugin: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xfdf -> C:\Program Files\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [Pas de fichier]
FF Plugin: @java.com/DTPlugin,version=11.91.2 -> C:\Program Files\Java\jre1.8.0_91\bin\dtplugin\npDeployJava1.dll [2016-06-22] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.91.2 -> C:\Program Files\Java\jre1.8.0_91\bin\plugin2\npjp2.dll [2016-06-22] (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\4.1.10329.0\npctrl.dll [2012-03-29] ( Microsoft Corporation)
FF Plugin: @microsoft.com/WPF,version=3.5 -> C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll [2008-07-29] (Microsoft Corporation)
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.33.3\npGoogleUpdate3.dll [2017-04-15] (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.33.3\npGoogleUpdate3.dll [2017-04-15] (Google Inc.)
FF Plugin: @tracker-software.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\npPDFXCviewNPPlugin.dll [2017-03-06] (Tracker Software Products (Canada) Ltd.)
FF Plugin: @videolan.org/vlc,version=2.0.2 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2012-06-27] (VideoLAN)
FF Plugin HKU\S-1-5-21-3552450095-722642494-2735697518-1005: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\npPDFXCviewNPPlugin.dll [2017-03-06] (Tracker Software Products (Canada) Ltd.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npPDFXCviewNPPlugin.dll [2017-03-06] (Tracker Software Products (Canada) Ltd.)
FF ExtraCheck: C:\Program Files\mozilla firefox\defaults\pref\itms.js [2015-09-09]
Chrome:
=======
CHR HomePage: Default -> hxxps://fr.search.yahoo.com/?fr=spigot-yhp-gcmac&ilc=12&type=435714
CHR StartupUrls: Default -> "hxxp://google.com/","hxxp://www.google.fr/"
CHR Profile: C:\Documents and Settings\Otam\Local Settings\Application Data\Google\Chrome\User Data\Default [2012-12-19]
CHR Extension: (Recherche Google) - C:\Documents and Settings\Otam\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2012-12-19]
CHR Extension: (Google Drive) - C:\Documents and Settings\Otam\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2012-12-19]
CHR Extension: (Gmail) - C:\Documents and Settings\Otam\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2012-12-19]
CHR Extension: (YouTube) - C:\Documents and Settings\Otam\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2012-12-19]
CHR Extension: (Paiements via le Chrome Web Store) - C:\Documents and Settings\Otam\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-10-17]
CHR Extension: (FVD Video Downloader) - C:\Documents and Settings\Otam\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\lfmhcpmkbdkbgbmkjoiopeeegenkdikp [2015-01-17]
CHR Extension: (Google Docs hors connexion) - C:\Documents and Settings\Otam\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2015-09-18]
CHR Extension: (Google Docs) - C:\Documents and Settings\Otam\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-02-20]
CHR Extension: (Google Slides) - C:\Documents and Settings\Otam\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-02-20]
CHR Extension: (Google Sheets) - C:\Documents and Settings\Otam\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-02-20]
CHR Profile: C:\Documents and Settings\Otam\Local Settings\Application Data\Google\Chrome\User Data\Guest Profile [2015-01-17]
CHR Profile: C:\Documents and Settings\Otam\Local Settings\Application Data\Google\Chrome\User Data\System Profile [2016-02-16]
CHR Profile: C:\Documents and Settings\Otam\Local Settings\Application Data\Google\Chrome\User Data\Profile 1 [2016-05-06]
CHR Extension: (Google Docs) - C:\Documents and Settings\Otam\Local Settings\Application Data\Google\Chrome\User Data\Profile 1\Extensions\aohghmighlieiainnegkcijnfilokake [2016-05-06]
CHR Extension: (Google Drive) - C:\Documents and Settings\Otam\Local Settings\Application Data\Google\Chrome\User Data\Profile 1\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-05-06]
CHR Extension: (Gmail) - C:\Documents and Settings\Otam\Local Settings\Application Data\Google\Chrome\User Data\Profile 1\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-05-06]
CHR Extension: (Paiements via le Chrome Web Store) - C:\Documents and Settings\Otam\Local Settings\Application Data\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-05-06]
CHR Extension: (YouTube) - C:\Documents and Settings\Otam\Local Settings\Application Data\Google\Chrome\User Data\Profile 1\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-05-06]
CHR Extension: (Google Sheets) - C:\Documents and Settings\Otam\Local Settings\Application Data\Google\Chrome\User Data\Profile 1\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2016-05-06]
CHR Extension: (Google Docs hors connexion) - C:\Documents and Settings\Otam\Local Settings\Application Data\Google\Chrome\User Data\Profile 1\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-05-06]
CHR Extension: (Google Slides) - C:\Documents and Settings\Otam\Local Settings\Application Data\Google\Chrome\User Data\Profile 1\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2016-05-06]
CHR HKLM\...\Chrome\Extension: [kpdmjodecdegfglgaapafjleomjjlpnh] - hxxps://clients2.google.com/service/update2/crx
==================== Services (Avec liste blanche) ====================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
R2 AcrSch2Svc; C:\Program Files\Fichiers communs\Acronis\Schedule2\schedul2.exe [661128 2009-11-12] (Acronis)
R2 afcdpsrv; C:\Program Files\Fichiers communs\Acronis\CDP\afcdpsrv.exe [2480048 2012-11-22] (Acronis)
S2 AntiRansom; C:\Program Files\Kaspersky Lab\Kaspersky Anti-Ransomware Tool for Business 1.1\anti_ransom.exe [693720 2016-07-19] (AO Kaspersky Lab)
R2 Apple Mobile Device; C:\Program Files\Fichiers communs\Apple\Mobile Device Support\AppleMobileDeviceService.exe [60720 2015-09-02] (Apple Inc.)
S3 CoordinatorServiceHost; C:\Program Files\SolidWorks Corp\SolidWorks\swScheduler\DTSCoordinatorService.exe [89192 2012-06-09] (Dassault Systèmes SolidWorks Corp.)
S2 DrvCovEx; C:\WINDOWS\System32\DrvCovEx.exe [45056 2015-09-15] () [Fichier non signé]
R2 EvtEng; C:\Program Files\Intel\Wireless\Bin\EvtEng.exe [434176 2006-08-02] (Intel Corporation) [Fichier non signé]
S3 FLEXnet Licensing Service; C:\Program Files\Fichiers communs\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [1044816 2015-09-08] (Flexera Software, Inc.)
S3 HP Port Resolver; C:\WINDOWS\system32\spool\drivers\w32x86\3\HPBPRO.EXE [81920 2005-05-20] (Hewlett-Packard Company)
S3 HP Status Server; C:\WINDOWS\system32\spool\drivers\w32x86\3\HPBOID.EXE [73728 2004-10-16] (Hewlett-Packard Company)
S3 IDriverT; C:\Program Files\Fichiers communs\InstallShield\Driver\1050\Intel 32\IDriverT.exe [73728 2004-10-22] (Macrovision Corporation) [Fichier non signé]
S2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [3303888 2017-01-20] (Malwarebytes)
S4 msvsmon80; C:\Program Files\Microsoft Visual Studio 8\Common7\IDE\Remote Debugger\x86\msvsmon.exe [2799808 2005-09-23] (Microsoft Corporation)
R2 NIHardwareService; C:\Program Files\Fichiers communs\Native Instruments\Hardware\NIHardwareService.exe [3857408 2011-04-07] (Native Instruments GmbH) [Fichier non signé]
R2 RegSrvc; C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe [327680 2006-08-02] (Intel Corporation) [Fichier non signé]
S3 Remote Solver for Flow Simulation 2012; C:\Program Files\SolidWorks Corp\SolidWorks Flow Simulation\binCFW\StandAloneSlv.exe [95368 2012-04-09] (Mentor Graphics Corporation) [Fichier non signé]
R2 S24EventMonitor; C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe [937984 2006-08-02] (Intel Corporation ) [Fichier non signé]
S3 SolidWorks Licensing Service; C:\Program Files\Fichiers communs\SolidWorks Shared\Service\SolidWorksLicensing.exe [79360 2015-09-08] (SolidWorks) [Fichier non signé]
S2 MA_CMIDI_InstallerService; C:\Program Files\M-Audio\M-Audio Series II MIDI\MA_CMIDI_Inst.exe [X]
S3 McComponentHostService; "C:\Program Files\McAfee Security Scan\3.11.334\McCHSvc.exe" [X]
===================== Pilotes (Avec liste blanche) ======================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
R2 AegisP; C:\WINDOWS\System32\DRIVERS\AegisP.sys [21419 2012-11-19] (Meetinghouse Data Communications) [Fichier non signé]
S3 CCDECODE; C:\WINDOWS\System32\DRIVERS\CCDECODE.sys [17024 2008-04-13] (Microsoft Corporation)
R3 dtscsi; C:\WINDOWS\System32\Drivers\dtscsi.sys [223128 2012-11-25] () [Fichier non signé]
S3 fireface; C:\WINDOWS\System32\drivers\fireface.sys [88832 2010-12-17] (RME) [Fichier non signé]
S3 firefaceu; C:\WINDOWS\System32\drivers\fireface_usb.sys [83584 2012-08-27] (RME) [Fichier non signé]
S3 gfiutil; C:\WINDOWS\System32\drivers\gfiutil.sys [25440 2016-03-04] (ThreatTrack Security)
S3 HPZid412; C:\WINDOWS\System32\DRIVERS\HPZid412.sys [49664 2006-04-13] (HP)
S3 HPZipr12; C:\WINDOWS\System32\DRIVERS\HPZipr12.sys [16496 2006-04-13] (HP)
S3 HPZius12; C:\WINDOWS\System32\DRIVERS\HPZius12.sys [21568 2006-04-13] (HP)
R0 kl1; C:\WINDOWS\System32\DRIVERS\kl1.sys [165296 2016-06-02] (AO Kaspersky Lab)
R3 klflt; C:\WINDOWS\System32\DRIVERS\klflt.sys [153936 2016-06-26] (AO Kaspersky Lab)
R1 klhk; C:\WINDOWS\System32\DRIVERS\klhk.sys [109904 2016-06-28] (AO Kaspersky Lab)
R1 KLIF; C:\WINDOWS\System32\DRIVERS\klif.sys [791888 2016-06-26] (AO Kaspersky Lab)
R1 klpd; C:\WINDOWS\System32\DRIVERS\klpd.sys [41392 2016-05-31] (AO Kaspersky Lab)
R1 kltdf; C:\WINDOWS\System32\DRIVERS\kltdf.sys [82352 2016-05-17] (AO Kaspersky Lab)
S3 lvupdtio; C:\Program Files\ASUS\ASUS Live Update\SYS64\lvupdtio.sys [10752 2005-05-20] () [Fichier non signé]
S3 MA_CMIDI; C:\WINDOWS\System32\drivers\ma_cmidi.sys [21888 2006-08-16] (M-Audio) [Fichier non signé]
R1 MBAMChameleon; C:\WINDOWS\system32\drivers\MBAMChameleon.sys [148256 2017-04-16] (Malwarebytes)
R3 mpfilt; C:\WINDOWS\system32\drivers\mpfilt.sys [10588 2009-01-09] () [Fichier non signé]
S3 mpszfilt; C:\WINDOWS\System32\DRIVERS\mpszfilt.sys [10752 2015-09-15] (Generic) [Fichier non signé]
R3 MTsensor; C:\WINDOWS\System32\DRIVERS\ATKACPI.sys [5632 2005-02-17] ()
S3 NdisIP; C:\WINDOWS\System32\DRIVERS\NdisIP.sys [10880 2008-04-13] (Microsoft Corporation)
R3 NETw3x32; C:\WINDOWS\System32\DRIVERS\NETw3x32.sys [1709696 2006-09-27] (Intel® Corporation)
R2 s24trans; C:\WINDOWS\System32\DRIVERS\s24trans.sys [12544 2006-08-02] (Intel Corporation) [Fichier non signé]
S3 SeratoUsb; C:\WINDOWS\System32\Drivers\SeratoUsb.sys [29952 2013-07-09] (Cristalink Ltd) [Fichier non signé]
R0 sptd; C:\WINDOWS\System32\Drivers\sptd.sys [642560 2012-11-25] () [Fichier non signé]
R3 SynMini; C:\WINDOWS\System32\Drivers\SynMini.sys [1116544 2006-08-09] ()
R3 SynScan; C:\WINDOWS\System32\Drivers\SynScan.sys [7808 2006-08-09] ()
R0 tdrpman258; C:\WINDOWS\System32\DRIVERS\tdrpm258.sys [911680 2012-11-22] (Acronis)
S3 w39n51; C:\WINDOWS\System32\DRIVERS\w39n51.sys [1429632 2006-04-04] (Intel® Corporation)
S4 IntelIde; pas de ImagePath
U5 ScsiPort; C:\WINDOWS\system32\drivers\scsiport.sys [96384 2008-04-13] (Microsoft Corporation)
U1 WS2IFSL; pas de ImagePath
==================== NetSvcs (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
==================== Un mois - Créés - fichiers et dossiers ========
(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)
2017-04-20 12:03 - 2017-04-20 12:03 - 00026232 _____ C:\Documents and Settings\Otam\Bureau\FRST.txt
2017-04-20 12:03 - 2017-04-20 12:03 - 00000000 ____D C:\FRST
2017-04-20 12:01 - 2017-04-20 12:01 - 01766912 _____ (Farbar) C:\Documents and Settings\Otam\Bureau\FRST.exe
2017-04-20 10:08 - 2017-04-20 10:08 - 01740631 _____ C:\Documents and Settings\Otam\Bureau\7978-6-evaluation.pptx
2017-04-20 10:01 - 2017-04-20 10:01 - 00167486 _____ C:\Documents and Settings\Otam\Bureau\ZHPDiag2004_1.txt
2017-04-20 09:52 - 2017-04-20 09:52 - 00000066 _____ C:\WINDOWS\system32\DrvLog-2017-04-20-09-52-21.txt
2017-04-20 09:48 - 2017-04-20 09:48 - 00167184 _____ C:\Documents and Settings\Otam\Bureau\ZHPDiag2004.txt
2017-04-20 09:42 - 2017-04-20 09:42 - 00001291 _____ C:\Documents and Settings\Otam\Bureau\ZHPFix[R1].txt
2017-04-20 09:41 - 2017-04-20 09:41 - 00001416 _____ C:\Documents and Settings\All Users\Bureau\ZHPFix.lnk
2017-04-20 09:41 - 2017-04-20 09:41 - 00001291 _____ C:\Documents and Settings\Otam\Bureau\ZHPFixReport.txt
2017-04-20 09:41 - 2017-04-20 09:41 - 00000000 ____D C:\Program Files\ZHPFix
2017-04-20 09:41 - 2017-04-20 09:41 - 00000000 ____D C:\Documents and Settings\All Users\Menu Démarrer\Programmes\ZHP
2017-04-20 09:35 - 2017-04-20 09:35 - 03521617 _____ (Nicolas Coolman ) C:\Documents and Settings\Otam\Bureau\zhpfix_2015.10.19.9.exe
2017-04-19 22:48 - 2017-04-19 22:48 - 00167067 _____ C:\Documents and Settings\Otam\Bureau\ZHPDiag2.txt
2017-04-19 16:23 - 2017-04-19 16:23 - 00166997 _____ C:\Documents and Settings\Otam\Bureau\ZHPDiag1.txt
2017-04-19 16:14 - 2017-04-19 16:14 - 00021390 _____ C:\Documents and Settings\Otam\Bureau\scunia.odt
2017-04-19 16:14 - 2017-04-19 10:29 - 02105344 _____ C:\Documents and Settings\Otam\Bureau\ZHPDiag3.exe
2017-04-19 15:46 - 2017-04-19 15:47 - 00099029 _____ C:\Documents and Settings\Otam\Bureau\DU SECOND DEGRE.pdf
2017-04-19 15:37 - 2017-04-19 15:37 - 00103315 _____ C:\Documents and Settings\Otam\Bureau\du_second_degre-4.pdf
2017-04-19 15:18 - 2017-04-19 15:18 - 00000066 _____ C:\WINDOWS\system32\DrvLog-2017-04-19-15-18-02.txt
2017-04-19 15:15 - 2017-04-19 15:15 - 00001871 _____ C:\Documents and Settings\Otam\Bureau\ZHPCleaner 2.txt
2017-04-19 15:01 - 2017-04-19 15:01 - 00002916 _____ C:\Documents and Settings\Otam\Bureau\AdwCleaner[C0].txt
2017-04-19 14:59 - 2017-04-19 14:59 - 00000066 _____ C:\WINDOWS\system32\DrvLog-2017-04-19-14-59-29.txt
2017-04-19 14:50 - 2017-04-19 14:50 - 00011124 _____ C:\Documents and Settings\Otam\Bureau\ZHPCleaner 1.txt
2017-04-19 14:49 - 2017-04-19 14:49 - 00000066 _____ C:\WINDOWS\system32\DrvLog-2017-04-19-14-49-40.txt
2017-04-19 13:59 - 2017-04-19 15:15 - 00002055 _____ C:\Documents and Settings\Otam\Bureau\ZHPCleaner.txt
2017-04-19 13:45 - 2017-04-19 15:01 - 00000599 _____ C:\Documents and Settings\Otam\Bureau\ZHPCleaner.lnk
2017-04-19 13:45 - 2017-04-19 13:44 - 00296265 _____ C:\Documents and Settings\Otam\Bureau\projet brevet blanc 2.pdf
2017-04-19 13:12 - 2017-04-19 13:12 - 00480684 _____ C:\Documents and Settings\Otam\Bureau\Infection par Spora aide.pdf
2017-04-19 13:10 - 2017-04-19 13:10 - 02658304 _____ C:\Documents and Settings\Otam\Bureau\zhpcleaner_2016.12.24.222.exe
2017-04-19 13:09 - 2017-04-19 13:09 - 04089296 _____ C:\Documents and Settings\Otam\Bureau\adwcleaner_6.045.exe
2017-04-19 11:12 - 2017-04-19 11:12 - 00170799 _____ C:\Documents and Settings\Otam\Bureau\ZHPDiag_19042017.txt
2017-04-19 10:47 - 2017-04-20 10:00 - 00167483 _____ C:\Documents and Settings\Otam\Bureau\ZHPDiag.txt
2017-04-19 10:29 - 2017-04-20 09:54 - 00000698 _____ C:\Documents and Settings\Otam\Bureau\ZHPDiag.lnk
2017-04-19 10:29 - 2017-04-19 10:29 - 00000000 ____D C:\Documents and Settings\Otam\Application Data\ZHP
2017-04-19 10:08 - 2017-04-19 10:08 - 00000638 _____ C:\WINDOWS\Tasks\TrackerAutoUpdate.job
2017-04-19 10:08 - 2017-04-19 10:08 - 00000000 ____D C:\Program Files\Tracker Software
2017-04-19 10:08 - 2017-04-19 10:08 - 00000000 ____D C:\Documents and Settings\All Users\Menu Démarrer\Programmes\PDF-XChange PDF Viewer
2017-04-19 10:08 - 2017-04-19 10:08 - 00000000 ____D C:\Documents and Settings\All Users\Application Data\Tracker Software
2017-04-19 09:56 - 2017-04-19 09:56 - 00000066 _____ C:\WINDOWS\system32\DrvLog-2017-04-19-09-56-55.txt
2017-04-18 22:43 - 2017-04-18 22:43 - 00031803 _____ C:\Documents and Settings\Otam\Bureau\multiplication par p modulo n.ggb
2017-04-18 22:25 - 2017-04-18 22:25 - 00000066 _____ C:\WINDOWS\system32\DrvLog-2017-04-18-22-25-21.txt
2017-04-18 22:20 - 2017-04-18 22:20 - 00002076 _____ C:\Documents and Settings\All Users\Bureau\Kaspersky Anti-Ransomware Tool for Business.lnk
2017-04-18 22:20 - 2017-04-18 22:20 - 00000000 ____D C:\Program Files\Kaspersky Lab
2017-04-18 22:20 - 2017-04-18 22:20 - 00000000 ____D C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Kaspersky Anti-Ransomware Tool for Business
2017-04-18 22:20 - 2017-04-18 22:20 - 00000000 ____D C:\Documents and Settings\All Users\Application Data\Kaspersky Lab
2017-04-18 22:20 - 2016-06-28 12:28 - 00109904 _____ (AO Kaspersky Lab) C:\WINDOWS\system32\Drivers\klhk.sys
2017-04-18 22:20 - 2016-06-26 15:05 - 00791888 _____ (AO Kaspersky Lab) C:\WINDOWS\system32\Drivers\klif.sys
2017-04-18 22:20 - 2016-06-26 15:05 - 00153936 _____ (AO Kaspersky Lab) C:\WINDOWS\system32\Drivers\klflt.sys
2017-04-18 21:48 - 2017-04-18 21:51 - 00002676 _____ C:\RakhniDecryptor.1.17.17.0_18.04.2017_21.48.45_log.txt
2017-04-18 17:31 - 2017-04-18 17:38 - 00020168 _____ C:\Documents and Settings\Otam\Bureau\2 points sur cercle trigo.ggb
2017-04-18 16:19 - 2017-04-18 16:19 - 00000066 _____ C:\WINDOWS\system32\DrvLog-2017-04-18-16-19-20.txt
2017-04-16 18:27 - 2017-04-16 18:27 - 00000066 _____ C:\WINDOWS\system32\DrvLog-2017-04-16-18-27-24.txt
2017-04-16 18:02 - 2017-04-16 18:02 - 00000066 _____ C:\WINDOWS\system32\DrvLog-2017-04-16-18-02-37.txt
2017-04-14 16:45 - 2017-04-14 16:45 - 00000066 _____ C:\WINDOWS\system32\DrvLog-2017-04-14-16-45-49.txt
2017-04-14 16:45 - 2017-04-14 14:09 - 00102400 _____ C:\WINDOWS\Minidump\Mini041417-02.dmp
2017-04-14 14:09 - 2017-04-14 14:09 - 00000066 _____ C:\WINDOWS\system32\DrvLog-2017-04-14-14-09-45.txt
2017-04-14 14:09 - 2017-04-14 13:53 - 00102400 _____ C:\WINDOWS\Minidump\Mini041417-01.dmp
2017-04-14 14:07 - 2017-04-14 14:07 - 00000000 __SHD C:\FOUND.041
2017-04-14 13:53 - 2017-04-14 13:53 - 00000066 _____ C:\WINDOWS\system32\DrvLog-2017-04-14-13-53-54.txt
2017-04-14 13:49 - 2017-04-18 22:46 - 00097600 _____ C:\Documents and Settings\Otam\Bureau\multiplication par p modulo n 1.ggb
2017-04-14 12:32 - 2017-04-14 12:32 - 00029174 _____ C:\Documents and Settings\Otam\Bureau\w1.pdf
2017-04-14 12:26 - 2017-04-14 12:26 - 00000066 _____ C:\WINDOWS\system32\DrvLog-2017-04-14-12-26-38.txt
2017-04-12 17:49 - 2017-04-16 19:05 - 00021075 _____ C:\Documents and Settings\Otam\Bureau\eval dpr YLeSerrec.ods
2017-04-11 08:43 - 2017-04-11 08:43 - 00000066 _____ C:\WINDOWS\system32\DrvLog-2017-04-11-08-43-01.txt
2017-04-09 17:57 - 2017-04-09 17:57 - 00000066 _____ C:\WINDOWS\system32\DrvLog-2017-04-09-17-57-56.txt
2017-04-09 17:19 - 2017-04-16 18:28 - 00148256 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMChameleon.sys
2017-04-09 17:18 - 2017-04-20 09:54 - 00039360 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbam.sys
2017-04-09 17:18 - 2017-04-18 17:32 - 00059904 _____ C:\WINDOWS\system32\Drivers\mbae.sys
2017-04-09 17:18 - 2017-04-09 17:18 - 00001619 _____ C:\Documents and Settings\All Users\Bureau\Malwarebytes.lnk
2017-04-09 17:18 - 2017-04-09 17:18 - 00000000 ____D C:\Program Files\Malwarebytes
2017-04-09 17:18 - 2017-04-09 17:18 - 00000000 ____D C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Malwarebytes
2017-04-09 13:30 - 2017-04-09 13:30 - 00102849 _____ C:\Documents and Settings\Otam\Bureau\semainier 28 2016 2017.pdf
2017-04-09 13:09 - 2017-04-09 13:09 - 00000066 _____ C:\WINDOWS\system32\DrvLog-2017-04-09-13-09-31.txt
2017-04-09 12:28 - 2017-04-09 12:28 - 00016670 _____ C:\FR9CF-10RGR-FTRZK-ZTAZT-FRTAO-FFTFO-FYYYY.html
2017-04-09 12:28 - 2017-04-09 12:28 - 00016670 _____ C:\Documents and Settings\Otam\FR9CF-10RGR-FTRZK-ZTAZT-FRTAO-FFTFO-FYYYY.html
2017-04-09 12:28 - 2017-04-09 12:28 - 00016670 _____ C:\Documents and Settings\Otam\Application Data\FR9CF-10RGR-FTRZK-ZTAZT-FRTAO-FFTFO-FYYYY.html
2017-04-09 12:27 - 2017-04-09 13:05 - 02073088 _____ C:\Documents and Settings\Otam\Application Data\3905113179
2017-04-06 15:18 - 2017-04-06 15:18 - 00000066 _____ C:\WINDOWS\system32\DrvLog-2017-04-06-15-18-56.txt
2017-03-29 18:50 - 2017-03-29 18:50 - 00000636 _____ C:\Documents and Settings\Otam\Bureau\GeoGebra 5.0.lnk
2017-03-29 18:43 - 2017-03-29 18:43 - 00034263 _____ C:\Documents and Settings\Otam\Bureau\banc pyramide.ggb
2017-03-29 11:39 - 2017-03-29 11:39 - 00000000 ____D C:\Documents and Settings\All Users\Application Data\PCCleaner Pro
2017-03-29 11:39 - 2017-03-29 11:39 - 00000000 ____D C:\Documents and Settings\All Users\Application Data\AmSettingsLocal
2017-03-29 11:31 - 2017-03-29 11:31 - 00000066 _____ C:\WINDOWS\system32\DrvLog-2017-03-29-11-31-03.txt
2017-03-29 11:29 - 2017-03-29 11:29 - 00000000 __SHD C:\FOUND.040
2017-03-21 20:04 - 2017-03-21 20:04 - 00000586 _____ C:\Documents and Settings\All Users\Bureau\CCleaner.lnk
==================== Un mois - Modifiés - fichiers et dossiers ========
(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)
2017-04-20 12:02 - 2012-12-19 19:42 - 00001056 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2017-04-20 11:26 - 2014-05-01 16:26 - 00000408 _____ C:\WINDOWS\Tasks\At1.job
2017-04-20 11:05 - 2012-11-19 22:00 - 00001002 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2017-04-20 09:54 - 2014-05-10 23:13 - 00220088 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2017-04-20 09:52 - 2014-05-21 12:38 - 00000220 _____ C:\WINDOWS\Tasks\Notification de fin de service de Microsoft Windows XP - à la connexion.job
2017-04-20 09:52 - 2012-12-19 19:42 - 00001052 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2017-04-20 09:52 - 2012-11-19 13:07 - 00051048 _____ C:\WINDOWS\system32\nvapps.xml
2017-04-20 09:51 - 2012-11-19 11:24 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2017-04-20 09:50 - 2016-10-02 09:40 - 00000012 _____ C:\WINDOWS\bthservsdp.dat
2017-04-20 09:50 - 2014-03-18 20:22 - 00256166 _____ C:\Documents and Settings\LocalService\Local Settings\Application Data\WPFFontCache_v0400-System.dat
2017-04-20 09:50 - 2014-03-18 20:22 - 00256166 _____ C:\Documents and Settings\LocalService\Local Settings\Application Data\WPFFontCache_v0400-S-1-5-21-3552450095-722642494-2735697518-1005-0.dat
2017-04-20 09:50 - 2012-11-19 11:43 - 00000284 ___SH C:\Documents and Settings\Otam\ntuser.ini
2017-04-20 09:50 - 2012-11-19 11:24 - 00032402 _____ C:\WINDOWS\SchedLgU.Txt
2017-04-20 09:15 - 2014-08-14 16:57 - 00000664 _____ C:\WINDOWS\system32\d3d9caps.dat
2017-04-19 17:49 - 2016-11-24 11:26 - 00054156 ____H C:\WINDOWS\QTFont.qfn
2017-04-19 14:45 - 2016-11-24 11:26 - 00001409 _____ C:\WINDOWS\QTFont.for
2017-04-18 21:39 - 2004-09-20 17:49 - 00000216 __RSH C:\boot.ini
2017-04-18 21:39 - 2004-09-20 17:48 - 00000573 _____ C:\WINDOWS\win.ini
2017-04-18 21:39 - 2004-09-20 17:48 - 00000227 _____ C:\WINDOWS\system.ini
2017-04-18 21:12 - 2014-01-11 14:50 - 00355840 ___SH C:\Documents and Settings\Otam\Bureau\Thumbs.db
2017-04-18 16:19 - 2004-09-20 17:49 - 00001158 _____ C:\WINDOWS\system32\wpa.dbl
2017-04-09 13:11 - 2014-05-21 12:38 - 00000214 _____ C:\WINDOWS\Tasks\Notification de fin de service de Microsoft Windows XP -mensuellement.job
2017-04-05 16:17 - 2012-11-22 13:35 - 00028672 _____ C:\Documents and Settings\Otam\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2017-03-29 11:30 - 2012-11-19 11:15 - 00231984 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2017-03-25 15:17 - 2016-05-05 17:33 - 00000284 _____ C:\WINDOWS\Tasks\AppleSoftwareUpdate.job
==================== Fichiers à la racine de certains dossiers =======
2012-11-24 11:08 - 2012-11-24 11:08 - 0000011 _____ () C:\Documents and Settings\Otam\Application Data\iasna_C92E1371-3DF5-4322-9729-82CC0DD90EC6.dll
2017-04-09 12:27 - 2017-04-09 13:05 - 2073088 _____ () C:\Documents and Settings\Otam\Application Data\3905113179
2017-04-09 12:28 - 2017-04-09 12:28 - 0016670 _____ () C:\Documents and Settings\Otam\Application Data\FR9CF-10RGR-FTRZK-ZTAZT-FRTAO-FFTFO-FYYYY.html
2012-11-22 13:35 - 2017-04-05 16:17 - 0028672 _____ () C:\Documents and Settings\Otam\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2012-11-19 18:16 - 2012-11-19 18:28 - 0000334 _____ () C:\Documents and Settings\All Users\Application Data\hpzinstall.log
Fichiers à déplacer ou supprimer:
====================
C:\Windows\Tasks\At1.job
==================== Bamital & volsnap ======================
(Il n'y a pas de correction automatique pour les fichiers qui ne satisfont pas à la vérification.)
C:\WINDOWS\explorer.exe => Le fichier est signé numériquement
C:\WINDOWS\system32\winlogon.exe => Le fichier est signé numériquement
C:\WINDOWS\system32\svchost.exe => Le fichier est signé numériquement
C:\WINDOWS\system32\services.exe => Le fichier est signé numériquement
C:\WINDOWS\system32\User32.dll => Le fichier est signé numériquement
C:\WINDOWS\system32\userinit.exe => Le fichier est signé numériquement
C:\WINDOWS\system32\rpcss.dll => Le fichier est signé numériquement
C:\WINDOWS\system32\dnsapi.dll => Le fichier est signé numériquement
C:\WINDOWS\system32\Drivers\volsnap.sys => Le fichier est signé numériquement
==================== Fin de FRST.txt ============================