Publicité
Publicité
Format du document : text/plain
Prévisualisation
Résultats d'analyse de Farbar Recovery Scan Tool (FRST) (x64) Version: 10.02.2018 02
Exécuté par Raymond (administrateur) sur ADMIN (10-02-2018 20:22:12)
Exécuté depuis C:\Users\Raymond\Downloads
Profils chargés: Raymond (Profils disponibles: Raymond)
Platform: Windows 10 Home Version 1709 16299.192 (X64) Langue: Français (France)
Internet Explorer Version 11 (Navigateur par défaut: Chrome)
Mode d'amorçage: Normal
Tutoriel pour Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processus (Avec liste blanche) =================
(Si un élément est inclus dans le fichier fixlist.txt, le processus sera arrêté. Le fichier ne sera pas déplacé.)
(AMD) C:\Windows\System32\atiesrxx.exe
(ABBYY) C:\Program Files (x86)\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe
() C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe
(Acronis) C:\Program Files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe
(Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
(Advanced Micro Devices, Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
(Ellora Assets Corp.) C:\Program Files (x86)\Freemake\CaptureLib\CaptureLibService.exe
() C:\Program Files (x86)\Canon\IJPLM\ijplmsvc.exe
(IObit) C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe
(Acronis) C:\Program Files (x86)\Common Files\Acronis\Infrastructure\mms_mini.exe
(DEVGURU Co., LTD.) C:\Program Files (x86)\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.12.17007.18011-0\MsMpEng.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.12.17007.18011-0\NisSrv.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.7\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.7\GoogleCrashHandler64.exe
() C:\Program Files (x86)\No-IP\ducservice.exe
(Acronis) C:\Program Files (x86)\Common Files\Acronis\SyncAgent\syncagentsrv.exe
(Nero AG) C:\Program Files (x86)\Nero\Update\NASvc.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(Orange) C:\Users\Raymond\AppData\Roaming\Orange\OrangeInside\OrangeInside.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersServer.exe
() C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.1803.279.0_x64__kzf8qxf38zg5c\SkypeHost.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
() C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe
() C:\Windows\SysWOW64\UMonit64.exe
() C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe
(AimerSoft) C:\Program Files (x86)\Common Files\Aimersoft\Aimersoft Helper Compact\ASHelper.exe
(SEIKO EPSON CORPORATION) C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
() C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.17122.15711.0_x64__8wekyb3d8bbwe\Video.UI.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.8827.21855.0_x64__8wekyb3d8bbwe\HxCalendarAppImm.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.8827.21855.0_x64__8wekyb3d8bbwe\HxTsr.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsStore_11801.1001.6.0_x64__8wekyb3d8bbwe\WinStore.App.exe
(Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
() C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2017.39101.16720.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Farbar) C:\Users\Raymond\Downloads\FRST64 (2).exe
==================== Registre (Avec liste blanche) ===========================
(Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé. Le fichier ne sera pas déplacé.)
HKLM\...\Run: [SecurityHealth] => C:\Program Files\Windows Defender\MSASCuiL.exe [630168 2017-09-29] (Microsoft Corporation)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13671640 2014-04-10] (Realtek Semiconductor)
HKLM\...\Run: [CanonSolutionMenu] => C:\Program Files (x86)\Canon\SolutionMenu\CNSLMAIN.exe [689488 2008-03-11] (CANON INC.)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [508128 2016-07-01] (Adobe Systems Incorporated)
HKLM\...\Run: [Acronis Scheduler2 Service] => C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe [497784 2016-07-06] ()
HKLM\...\Run: [UMonit] => C:\WINDOWS\SysWOW64\UMonit64.exe [53832 2015-09-21] ()
HKLM\...\Run: [AdobeGCInvoker-1.0] => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [315880 2018-01-05] (Adobe Systems, Incorporated)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [767176 2015-11-04] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [BrStsMon00] => C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe [4509184 2012-12-27] (Brother Industries, Ltd.)
HKLM-x32\...\Run: [BrStsInd00] => C:\Program Files (x86)\BrownyInd\Brother\BrIndicator.exe [1885184 2012-12-18] (Brother Industries, Ltd.)
HKLM-x32\...\Run: [AcronisTibMounterMonitor] => C:\Program Files (x86)\Common Files\Acronis\TibMounter\TibMounterMonitor.exe [651560 2015-11-10] (Acronis International GmbH)
HKLM-x32\...\Run: [TrueImageMonitor.exe] => C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe [6843208 2016-07-06] ()
HKLM-x32\...\Run: [Aimersoft Helper Compact.exe] => C:\Program Files (x86)\Common Files\Aimersoft\Aimersoft Helper Compact\ASHelper.exe [2131856 2016-07-14] (AimerSoft)
HKLM-x32\...\Run: [EEventManager] => C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe [979328 2010-10-12] (SEIKO EPSON CORPORATION)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [587288 2017-12-19] (Oracle Corporation)
HKU\S-1-5-21-976551006-3039632739-1132508307-1001\...\Run: [EssentialPIM] => C:\Program Files (x86)\EssentialPIM\EssentialPIM.exe [17853296 2015-11-18] (Astonsoft)
HKU\S-1-5-21-976551006-3039632739-1132508307-1001\...\Run: [Snip] => C:\Users\Raymond\AppData\Local\Snip\Snip.exe [1713312 2015-10-19] (Microsoft Corporation)
HKU\S-1-5-21-976551006-3039632739-1132508307-1001\...\Run: [Google Photos Backup] => C:\Users\Raymond\AppData\Local\Programs\Google\Google Photos Backup\Google Photos Backup.exe [3790936 2016-04-08] (Google, Inc)
HKU\S-1-5-21-976551006-3039632739-1132508307-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [9856176 2017-09-20] (Piriform Ltd)
HKU\S-1-5-21-976551006-3039632739-1132508307-1001\...\Policies\Explorer: [NolowDiskSpaceChecks] 1
HKU\S-1-5-21-976551006-3039632739-1132508307-1001\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\WINDOWS\system32\Bubbles.scr [805888 2017-09-29] (Microsoft Corporation)
==================== Internet (Avec liste blanche) ====================
(Si un élément est inclus dans le fichier fixlist.txt, s'il s'agit d'un élément du Registre, il sera supprimé ou restauré à la valeur par défaut.)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{3359f939-300f-4bae-9790-cb9823ff011f}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{7a129503-e1ca-4a61-b417-8047e61c128e}: [DhcpNameServer] 192.168.1.1 192.168.1.1
Tcpip\..\Interfaces\{872aebc9-1a58-41ac-a780-76db36b7032c}: [DhcpNameServer] 192.168.1.1 192.168.1.1
Tcpip\..\Interfaces\{c267a06e-dcc6-4b4d-a070-dd21cb0e3009}: [DhcpNameServer] 80.10.46.232 80.10.46.232
Tcpip\..\Interfaces\{cbdddf11-c55f-464a-b09a-6b2b85b134e3}: [DhcpNameServer] 192.168.1.1 192.168.1.1
Tcpip\..\Interfaces\{D806A566-61F1-4BBB-92C3-18A9DC0D8D38}: [DhcpNameServer] 192.168.1.1 192.168.1.1
Internet Explorer:
==================
HKU\S-1-5-21-976551006-3039632739-1132508307-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://r.orange.fr/r/Oodc_oi_promoUpdate?ref=O_OI_defaultPage_IEe64_w10e64_promoUpdate
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_161\bin\ssv.dll [2018-01-18] (Oracle Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_161\bin\jp2ssv.dll [2018-01-18] (Oracle Corporation)
DPF: HKLM-x32 {7530BFB8-7293-4D34-9923-61A11451AFC5} hxxp://download.eset.com/special/eos/OnlineScanner.cab
Edge:
======
Edge Session Restore: HKU\S-1-5-21-976551006-3039632739-1132508307-1001 -> est activé.
FireFox:
========
FF DefaultProfile: arzsw02y.default-1506669055859
FF ProfilePath: C:\Users\Raymond\AppData\Roaming\Mozilla\Firefox\Profiles\arzsw02y.default-1506669055859 [2018-02-10]
FF Homepage: Mozilla\Firefox\Profiles\arzsw02y.default-1506669055859 -> hxxps://r.orange.fr/r/Oodc_oi_promoUpdate?ref=O_OI_defaultPage_FFe64_w10e64_promoUpdate
FF Extension: (Video DownloadHelper) - C:\Users\Raymond\AppData\Roaming\Mozilla\Firefox\Profiles\arzsw02y.default-1506669055859\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}.xpi [2018-01-23]
FF Extension: (Qwant for Firefox) - C:\Program Files\Mozilla Firefox\distribution\extensions\qwantcomforfirefox@jetpack.xpi [2016-07-01] [Legacy]
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_28_0_0_161.dll [2018-02-07] ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.50907.0\npctrl.dll [2017-05-03] ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_28_0_0_161.dll [2018-02-07] ()
FF Plugin-x32: @java.com/DTPlugin,version=11.161.2 -> C:\Program Files (x86)\Java\jre1.8.0_161\bin\dtplugin\npDeployJava1.dll [2018-01-18] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.161.2 -> C:\Program Files (x86)\Java\jre1.8.0_161\bin\plugin2\npjp2.dll [2018-01-18] (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.50907.0\npctrl.dll [2017-05-03] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation)
FF Plugin-x32: @Nero.com/KM -> C:\Program Files (x86)\COMMON~1\Nero\BROWSE~1\NPBROW~1.DLL [2015-04-10] (Nero AG)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.7\npGoogleUpdate3.dll [2017-11-16] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.7\npGoogleUpdate3.dll [2017-11-16] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.2.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2017-05-24] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.4 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2017-05-24] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.6 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2017-05-24] (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2017-11-04] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-976551006-3039632739-1132508307-1001: @citrixonline.com/appdetectorplugin -> C:\Users\Raymond\AppData\Local\Citrix\Plugins\104\npappdetector.dll [2015-10-07] (Citrix Online)
FF Plugin HKU\S-1-5-21-976551006-3039632739-1132508307-1001: @tools.google.com/Google Update;version=3 -> C:\Users\Raymond\AppData\Local\Google\Update\1.3.33.7\npGoogleUpdate3.dll [Pas de fichier]
FF Plugin HKU\S-1-5-21-976551006-3039632739-1132508307-1001: @tools.google.com/Google Update;version=9 -> C:\Users\Raymond\AppData\Local\Google\Update\1.3.33.7\npGoogleUpdate3.dll [Pas de fichier]
Chrome:
=======
CHR DefaultProfile: Default
CHR Session Restore: Default -> est activé.
CHR Profile: C:\Users\Raymond\AppData\Local\Google\Chrome\User Data\Default [2018-02-10]
CHR Extension: (WOT: Web of Trust, Évaluation de la réputation de sites Web) - C:\Users\Raymond\AppData\Local\Google\Chrome\User Data\Default\Extensions\bhmmomiinigofkjcapegjjndpbikblnp [2017-12-28]
CHR Extension: (AdBlock) - C:\Users\Raymond\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2018-02-02]
CHR Extension: (Video DownloadHelper) - C:\Users\Raymond\AppData\Local\Google\Chrome\User Data\Default\Extensions\lmjnegcaeklhafolokijcfjliaokphfk [2016-12-21]
CHR Extension: (Page Captures d'écran Web - Fireshot) - C:\Users\Raymond\AppData\Local\Google\Chrome\User Data\Default\Extensions\mcbpblocgmgfnpjjppndjkmgjaogfceg [2017-12-17]
CHR Extension: (Paiements via le Chrome Web Store) - C:\Users\Raymond\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-08-22]
CHR Extension: (Chrome Media Router) - C:\Users\Raymond\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2018-01-25]
CHR Profile: C:\Users\Raymond\AppData\Local\Google\Chrome\User Data\Guest Profile [2018-01-27]
CHR Profile: C:\Users\Raymond\AppData\Local\Google\Chrome\User Data\System Profile [2018-01-27]
Opera:
=======
OPR Extension: (WOT: Web of Trust, Website Reputation Ratings) - C:\Users\Raymond\AppData\Roaming\Opera Software\Opera Stable\Extensions\eeokceolphhfjdfcibaiiopmekmcbedp [2017-06-14]
OPR Extension: (Traduire) - C:\Users\Raymond\AppData\Roaming\Opera Software\Opera Stable\Extensions\ibnombjmjocaccigcefonnipcnlaeaed [2015-11-18]
OPR Extension: (Adblock Plus) - C:\Users\Raymond\AppData\Roaming\Opera Software\Opera Stable\Extensions\oidhhegpmlfpoeialbgcdocjalghfpkp [2018-01-31]
==================== Services (Avec liste blanche) ====================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
R2 ABBYY.Licensing.FineReader.Sprint.9.0; C:\Program Files (x86)\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe [759048 2009-05-14] (ABBYY)
R2 AcrSch2Svc; C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe [1135568 2016-07-06] ()
R2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [2319848 2018-01-05] (Adobe Systems, Incorporated)
R2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [344064 2015-08-21] (Advanced Micro Devices, Inc.) [Fichier non signé]
S3 BrYNSvc; C:\Program Files (x86)\Browny02\BrYNSvc.exe [282112 2012-10-26] (Brother Industries, Ltd.) [Fichier non signé]
S2 CCALib8; C:\Program Files (x86)\Canon\CAL\CALMAIN.exe [96341 2005-09-30] (Canon Inc.) [Fichier non signé]
S3 FirebirdServerMAGIXInstance; C:\Program Files (x86)\MAGIX\Common\Database\bin\fbserver.exe [1527900 2005-11-17] (MAGIX®) [Fichier non signé]
R2 FreemakeVideoCapture; C:\Program Files (x86)\Freemake\CaptureLib\CaptureLibService.exe [9216 2016-11-15] (Ellora Assets Corp.) [Fichier non signé]
R2 IJPLMSVC; C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE [103808 2008-01-22] ()
R2 LiveUpdateSvc; C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe [2945312 2016-01-15] (IObit)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [6234056 2017-11-01] (Malwarebytes)
R2 mmsminisrv; C:\Program Files (x86)\Common Files\Acronis\Infrastructure\mms_mini.exe [4884064 2015-08-11] (Acronis)
R2 NoIPDUCService4; C:\Program Files (x86)\No-IP\ducservice.exe [12288 2015-07-20] () [Fichier non signé]
S2 Orange Update Core Service; C:\Program Files (x86)\Orange Update\OUService.exe [224528 2017-11-17] (Orange)
R2 ss_conn_service; C:\Program Files (x86)\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe [754784 2016-07-22] (DEVGURU Co., LTD.)
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [10803440 2017-08-29] (TeamViewer GmbH)
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.12.17007.18011-0\NisSrv.exe [356168 2018-01-19] (Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.12.17007.18011-0\MsMpEng.exe [105792 2018-01-19] (Microsoft Corporation)
===================== Pilotes (Avec liste blanche) ======================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
S3 61883; C:\WINDOWS\System32\drivers\61883.sys [62976 2017-09-29] (Microsoft Corporation)
S0 amdkmafd; C:\WINDOWS\System32\drivers\amdkmafd.sys [21160 2012-09-23] (Advanced Micro Devices, Inc.)
S3 ampa; C:\WINDOWS\system32\ampa.sys [38320 2016-12-25] ()
S3 ampa; C:\WINDOWS\SysWOW64\ampa.sys [38320 2016-12-25] ()
R2 AODDriver4.2.0; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [59616 2014-02-11] (Advanced Micro Devices)
R1 AppleCharger; C:\WINDOWS\System32\DRIVERS\AppleCharger.sys [22240 2013-10-28] ()
R2 APXACC; C:\WINDOWS\system32\DRIVERS\appexDrv.sys [225504 2014-03-28] (AppEx Networks Corporation)
R3 AtiHDAudioService; C:\WINDOWS\system32\drivers\AtihdWT6.sys [102912 2016-04-17] (Advanced Micro Devices)
R1 ESProtectionDriver; C:\WINDOWS\system32\drivers\mbae64.sys [77432 2017-12-10] ()
R0 file_tracker; C:\WINDOWS\System32\DRIVERS\file_tracker.sys [339808 2016-09-06] (Acronis International GmbH)
R3 GeneStor; C:\WINDOWS\system32\DRIVERS\GeneStor.sys [117224 2015-09-21] (GenesysLogic)
R1 HWiNFO32; C:\WINDOWS\SysWOW64\drivers\HWiNFO64A.SYS [27552 2016-04-17] (REALiX(tm))
R2 MBAMChameleon; C:\WINDOWS\System32\Drivers\MbamChameleon.sys [193968 2017-12-10] (Malwarebytes)
R3 MBAMFarflt; C:\WINDOWS\system32\DRIVERS\farflt.sys [110016 2018-02-10] (Malwarebytes)
R3 MBAMProtection; C:\WINDOWS\system32\DRIVERS\mbam.sys [46008 2018-02-10] (Malwarebytes)
R3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [253880 2018-02-10] (Malwarebytes)
R3 MBAMWebProtection; C:\WINDOWS\system32\DRIVERS\mwac.sys [94144 2018-02-10] (Malwarebytes)
R3 NPF; C:\WINDOWS\System32\drivers\NPF.sys [35344 2011-02-11] (CACE Technologies, Inc.)
R3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [935168 2016-04-17] (Realtek )
R0 tib; C:\WINDOWS\System32\DRIVERS\tib.sys [1049432 2016-09-06] (Acronis International GmbH)
R2 tib_mounter; C:\WINDOWS\system32\DRIVERS\tib_mounter.sys [202592 2016-09-06] (Acronis International GmbH)
S3 tnd; C:\WINDOWS\system32\DRIVERS\tnd.sys [581464 2016-09-06] (Acronis International GmbH)
S1 UsbCharger; C:\WINDOWS\System32\DRIVERS\UsbCharger.sys [22240 2013-10-24] ()
R2 virtual_file; C:\WINDOWS\System32\DRIVERS\virtual_file.sys [301408 2016-09-06] (Acronis International GmbH)
U5 vwifimp; C:\Windows\System32\Drivers\vwifimp.sys [41472 2017-11-26] (Microsoft Corporation)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [46072 2018-01-19] (Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [288848 2018-01-19] (Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [129616 2018-01-19] (Microsoft Corporation)
==================== NetSvcs (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
==================== Un mois - Créés - fichiers et dossiers ========
(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)
2018-02-10 20:22 - 2018-02-10 20:22 - 000021532 _____ C:\Users\Raymond\Downloads\FRST.txt
2018-02-10 20:21 - 2018-02-10 20:21 - 000000000 ____D C:\Users\Raymond\Downloads\FRST-OlderVersion
2018-02-10 20:12 - 2018-02-10 20:16 - 000005774 _____ C:\Users\Raymond\Desktop\ZHPCleaner.txt
2018-02-10 19:55 - 2018-02-10 19:55 - 000226663 _____ C:\Users\Raymond\Desktop\ZHPDiag.txt
2018-02-10 19:47 - 2018-02-10 19:47 - 002989952 _____ C:\Users\Raymond\Downloads\ZHPDiag3 (1).exe
2018-02-10 19:32 - 2018-02-10 19:42 - 000000910 _____ C:\Users\Raymond\Desktop\ZHPDiag.lnk
2018-02-10 19:30 - 2018-02-10 19:31 - 002989952 _____ C:\Users\Raymond\Downloads\ZHPDiag3.exe
2018-02-10 19:26 - 2018-02-10 19:26 - 000002339 _____ C:\Users\Raymond\Desktop\AdwCleaner[S8].txt
2018-02-10 12:57 - 2018-02-10 12:57 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2018-02-09 21:51 - 2018-02-09 21:52 - 000000000 ____D C:\KVRT_Data
2018-02-09 21:48 - 2018-02-09 21:51 - 141857576 _____ (Kaspersky Lab ZAO) C:\Users\Raymond\Desktop\KVRT.exe
2018-02-09 19:14 - 2018-02-10 08:33 - 000028272 _____ C:\WINDOWS\system32\Drivers\TrueSight.sys
2018-02-09 19:12 - 2018-02-10 08:32 - 000000906 _____ C:\Users\Public\Desktop\RogueKiller.lnk
2018-02-09 19:12 - 2018-02-10 08:32 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RogueKiller
2018-02-09 19:12 - 2018-02-10 08:32 - 000000000 ____D C:\Program Files\RogueKiller
2018-02-09 19:12 - 2018-02-09 20:11 - 000000000 ____D C:\ProgramData\RogueKiller
2018-02-09 19:11 - 2018-02-09 19:11 - 036408336 _____ (Adlice Software ) C:\Users\Raymond\Downloads\RogueKiller_setup-12.12.3.exe
2018-02-09 19:01 - 2018-02-09 19:01 - 008222496 _____ (Malwarebytes) C:\Users\Raymond\Downloads\adwcleaner_7.0.8.0.exe
2018-02-09 18:32 - 2018-02-10 20:00 - 000000920 _____ C:\Users\Raymond\Desktop\ZHPCleaner.lnk
2018-02-09 18:32 - 2018-02-09 18:32 - 003058048 _____ C:\Users\Raymond\Downloads\ZHPCleaner.exe
2018-02-09 12:36 - 2018-02-09 12:38 - 000026806 _____ C:\Users\Raymond\Downloads\Fixlog.txt
2018-02-09 12:31 - 2018-02-10 20:21 - 002404864 _____ (Farbar) C:\Users\Raymond\Downloads\FRST64 (2).exe
2018-02-08 22:25 - 2018-02-08 22:25 - 000648174 _____ C:\Users\Raymond\Downloads\Shortcut.txt
2018-02-08 20:37 - 2018-02-08 20:37 - 000000811 _____ C:\WinChk.txt
2018-02-08 20:36 - 2018-02-08 20:37 - 000315000 _____ C:\Users\Raymond\Downloads\winchk_2.0.exe
2018-02-08 20:34 - 2018-02-08 20:34 - 000468480 _____ () C:\Users\Raymond\Downloads\CKScanner (2).exe
2018-02-08 20:34 - 2018-02-08 20:34 - 000000640 _____ C:\Users\Raymond\Downloads\ckfiles.txt
2018-02-08 20:32 - 2018-02-08 20:32 - 000468480 _____ () C:\Users\Raymond\Downloads\CKScanner (1).exe
2018-02-08 20:29 - 2018-02-08 22:25 - 000070113 _____ C:\Users\Raymond\Downloads\Addition.txt
2018-02-08 20:28 - 2018-02-10 20:22 - 000000000 ____D C:\FRST
2018-02-08 17:54 - 2018-02-08 17:54 - 008206624 _____ (Malwarebytes) C:\Users\Raymond\Downloads\adwcleaner_7.0.7.0.exe
2018-02-08 17:54 - 2018-02-08 17:54 - 008206624 _____ (Malwarebytes) C:\Users\Raymond\Downloads\adwcleaner_7.0.7.0 (1).exe
2018-02-07 12:03 - 2018-02-07 12:03 - 000167187 _____ C:\Users\Raymond\Documents\FireShot Capture 98 - La Cour des comptes pointe les limites_ - http___www.lefigaro.fr_societes_20.pdf
2018-02-07 12:03 - 2018-02-07 12:03 - 000000000 ____D C:\Users\Raymond\Downloads\FireShot
2018-02-04 22:46 - 2018-02-04 22:46 - 000295490 _____ C:\Users\Raymond\Downloads\téléchargement
2018-02-03 09:20 - 2018-02-03 09:20 - 002120518 _____ C:\Users\Raymond\Downloads\fiche-geostop-vecto.pdf
2018-02-03 09:20 - 2018-02-03 09:20 - 002120518 _____ C:\Users\Raymond\Downloads\fiche-geostop-vecto (1).pdf
2018-02-02 08:44 - 2018-02-08 22:53 - 000000911 _____ C:\Users\Raymond\Desktop\Start Tor Browser.lnk
2018-02-02 08:44 - 2018-02-02 08:44 - 000000959 _____ C:\Users\Raymond\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Start Tor Browser.lnk
2018-02-02 08:44 - 2018-02-02 08:44 - 000000000 ____D C:\Users\Raymond\Desktop\Tor Browser
2018-02-02 08:42 - 2018-02-02 08:42 - 053924768 _____ C:\Users\Raymond\Downloads\torbrowser-install-7.5_fr.exe
2018-02-01 07:17 - 2018-02-01 07:17 - 000003614 _____ C:\WINDOWS\System32\Tasks\AdobeGCInvoker-1.0-MicrosoftAccount-raymond.moraux@hotmail.fr
2018-01-31 18:22 - 2018-01-31 18:22 - 001923808 _____ (Adobe Systems Incorporated) C:\Users\Raymond\Downloads\Lightroom_Set-Up.exe
2018-01-28 19:38 - 2018-01-28 19:38 - 009267801 _____ C:\Users\Raymond\Downloads\malongo.flv
2018-01-28 08:12 - 2018-02-06 11:55 - 000001368 _____ C:\Users\Raymond\Desktop\Edge.lnk
2018-01-28 08:12 - 2018-01-28 08:12 - 000000000 ____D C:\Users\Raymond\AppData\Roaming\Orange
2018-01-26 14:23 - 2018-01-26 15:02 - 006824448 _____ C:\Users\Raymond\Desktop\auto.ppt.pps
2018-01-26 14:20 - 2018-01-26 14:20 - 003542016 _____ C:\Users\Raymond\Desktop\Ancien_temps11.pps
2018-01-26 08:59 - 2018-01-26 08:59 - 000418304 _____ C:\Users\Raymond\Downloads\Calculateur_budget.xls
2018-01-13 22:52 - 2018-01-13 22:52 - 000094650 _____ C:\Users\Raymond\Downloads\morauxr_morauxr_classic_asc_bouquet_pauline__1515880326.pdf
2018-01-12 22:41 - 2018-01-12 22:41 - 003044224 _____ C:\Users\Raymond\ZHPCleaner.exe
2018-01-12 18:21 - 2018-01-12 18:21 - 000000844 _____ C:\Users\Public\Desktop\Speccy.lnk
2018-01-12 18:21 - 2018-01-12 18:21 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Speccy
2018-01-12 18:21 - 2018-01-12 18:21 - 000000000 ____D C:\Program Files\Speccy
2018-01-12 13:00 - 2018-01-12 13:00 - 000000000 ____D C:\Program Files\net.downloadhelper.coapp
2018-01-11 20:28 - 2018-01-11 20:28 - 019987259 _____ C:\Users\Raymond\Downloads\Robert Lamoureux retour de vacances.mp4
2018-01-11 20:21 - 2018-01-11 20:22 - 025444203 _____ C:\Users\Raymond\Downloads\Françis Blanche et Pierre Dac ( La Voyante Madame Arnica ) 1.mp4
==================== Un mois - Modifiés - fichiers et dossiers ========
(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)
2018-02-10 20:15 - 2015-08-20 07:21 - 000000000 ____D C:\Users\Raymond\AppData\Roaming\ZHP
2018-02-10 19:22 - 2017-06-19 07:12 - 000000000 ____D C:\AdwCleaner
2018-02-10 19:19 - 2017-05-30 06:33 - 000000000 ____D C:\Users\Raymond\AppData\LocalLow\Mozilla
2018-02-10 18:44 - 2017-11-30 18:18 - 000004160 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{2CB4F11D-77CD-40CC-8B73-1394F574E37C}
2018-02-10 13:03 - 2017-11-30 18:17 - 003591738 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2018-02-10 13:03 - 2017-09-30 15:40 - 001747160 _____ C:\WINDOWS\system32\perfh00C.dat
2018-02-10 13:03 - 2017-09-30 15:40 - 000433054 _____ C:\WINDOWS\system32\perfc00C.dat
2018-02-10 12:57 - 2017-12-10 13:45 - 000110016 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\farflt.sys
2018-02-10 12:57 - 2017-12-10 13:45 - 000094144 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mwac.sys
2018-02-10 12:57 - 2017-12-10 13:45 - 000046008 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbam.sys
2018-02-10 12:57 - 2017-11-30 18:18 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2018-02-10 12:57 - 2017-11-30 17:27 - 000253880 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamswissarmy.sys
2018-02-10 12:56 - 2017-09-29 09:45 - 001310720 _____ C:\WINDOWS\system32\config\BBI
2018-02-10 12:56 - 2017-09-19 17:57 - 000000234 _____ C:\Users\Raymond\Desktop\captvty.ini
2018-02-10 12:56 - 2015-06-12 15:41 - 000065536 _____ C:\WINDOWS\system32\spu_storage.bin
2018-02-10 12:45 - 2017-11-30 17:56 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2018-02-10 11:51 - 2015-06-20 19:11 - 000193466 _____ C:\Users\Raymond\Documents\Raymond.bp
2018-02-10 11:51 - 2015-06-17 17:58 - 000000000 ____D C:\Users\Raymond\AppData\Roaming\BankPerfect
2018-02-10 09:30 - 2016-12-26 09:25 - 000002480 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2018-02-10 09:30 - 2016-12-26 09:25 - 000002439 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2018-02-10 09:30 - 2016-07-04 13:16 - 000001280 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk
2018-02-10 09:30 - 2015-06-16 09:16 - 000001292 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2018-02-10 08:33 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\DeliveryOptimization
2018-02-09 20:03 - 2013-08-22 16:36 - 000000000 ___HD C:\WINDOWS\system32\GroupPolicy
2018-02-09 12:27 - 2016-05-08 21:55 - 000000000 ____D C:\ProgramData\Apple Computer
2018-02-09 09:43 - 2015-06-30 07:00 - 000000000 ____D C:\ProgramData\boost_interprocess
2018-02-09 08:46 - 2017-09-29 14:46 - 000000000 ___HD C:\Program Files\WindowsApps
2018-02-09 08:46 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\AppReadiness
2018-02-08 18:16 - 2017-06-19 07:41 - 000000000 ____D C:\Users\Raymond\AppData\Local\ZHP
2018-02-08 17:14 - 2015-10-24 09:05 - 000022016 _____ C:\Users\Raymond\Documents\evenements.xls
2018-02-08 17:07 - 2017-11-30 17:59 - 000000000 ____D C:\Users\Raymond
2018-02-07 17:32 - 2017-09-29 14:37 - 000000000 ____D C:\WINDOWS\CbsTemp
2018-02-07 08:54 - 2017-11-30 18:18 - 000004708 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player PPAPI Notifier
2018-02-07 08:54 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\SysWOW64\Macromed
2018-02-07 08:54 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\system32\Macromed
2018-02-06 03:49 - 2017-09-29 14:49 - 000835576 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2018-02-06 03:49 - 2017-09-29 14:49 - 000177648 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2018-02-05 13:13 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2018-02-05 08:09 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\system32\FxsTmp
2018-02-04 21:23 - 2016-04-17 07:58 - 000000000 ____D C:\ProgramData\ProductData
2018-02-03 13:49 - 2015-06-23 18:59 - 000000000 ___RD C:\Users\Raymond\OneDrive
2018-02-03 08:48 - 2017-05-11 08:29 - 000001024 ____H C:\AMTAG.BIN
2018-02-01 08:51 - 2017-10-02 07:48 - 000001160 _____ C:\Users\Raymond\Desktop\blender.lnk
2018-02-01 08:51 - 2015-06-28 13:51 - 000001183 _____ C:\Users\Raymond\Desktop\Lauyan TOWeb V6.lnk
2018-01-31 07:59 - 2017-11-30 18:18 - 000003360 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-976551006-3039632739-1132508307-1001
2018-01-31 07:59 - 2015-11-22 12:01 - 000002456 _____ C:\Users\Raymond\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2018-01-30 22:56 - 2016-02-11 10:46 - 000000000 ____D C:\Users\Raymond\La Gazette
2018-01-29 08:49 - 2017-09-29 14:44 - 000000000 ____D C:\WINDOWS\INF
2018-01-28 19:40 - 2015-08-12 12:01 - 000000000 ____D C:\Users\Raymond\AppData\Roaming\vlc
2018-01-28 08:12 - 2017-06-30 21:48 - 000001339 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Navigateur Opera.lnk
2018-01-28 08:12 - 2015-06-22 14:53 - 000001342 _____ C:\Users\Public\Desktop\Navigateur Opera.lnk
2018-01-28 08:08 - 2017-11-30 17:56 - 000712488 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2018-01-28 08:08 - 2017-07-01 21:04 - 000000000 ____D C:\Program Files (x86)\Mozilla Thunderbird
2018-01-28 08:08 - 2015-06-16 09:16 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2018-01-27 22:53 - 2015-07-12 20:05 - 000000000 ____D C:\Users\Raymond\AppData\Roaming\MPC-HC
2018-01-24 19:21 - 2017-11-30 18:18 - 000003976 _____ C:\WINDOWS\System32\Tasks\Opera scheduled Autoupdate 1434981236
2018-01-24 19:21 - 2015-06-22 14:48 - 000000000 ____D C:\Program Files (x86)\Opera
2018-01-24 10:42 - 2015-06-16 08:57 - 000548000 ____N (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe
2018-01-23 14:05 - 2015-06-19 08:18 - 000000000 ____D C:\Users\Raymond\Documents\TOWeb Sites
2018-01-22 19:45 - 2016-02-27 13:59 - 000000000 ____D C:\Users\Raymond\genealogie
2018-01-20 22:40 - 2016-03-07 15:31 - 000000000 ____D C:\Users\Raymond\Thiers
2018-01-19 19:39 - 2017-12-02 20:48 - 000000000 ____D C:\ProgramData\Généatique2018
2018-01-19 19:39 - 2017-12-02 20:46 - 000000000 ____D C:\Program Files (x86)\Geneatique2018
2018-01-18 09:00 - 2016-10-17 14:58 - 000000000 ____D C:\ProgramData\Oracle
2018-01-18 08:42 - 2016-10-17 14:58 - 000000000 ____D C:\Program Files (x86)\Java
2018-01-18 08:41 - 2016-10-17 14:58 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2018-01-18 08:39 - 2016-10-17 14:58 - 000097344 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\WindowsAccessBridge-32.dll
2018-01-16 13:50 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\rescache
2018-01-16 12:36 - 2015-12-10 08:24 - 000006656 _____ C:\Users\Raymond\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2018-01-12 22:54 - 2015-06-17 12:11 - 000000000 ____D C:\Users\Raymond\AppData\Local\Google
2018-01-12 12:42 - 2017-06-03 16:48 - 000000000 ____D C:\Program Files (x86)\Mozilla Firefox
2018-01-11 09:34 - 2017-03-17 09:31 - 000000000 ____D C:\YouTube
==================== Fichiers à la racine de certains dossiers =======
2018-01-12 22:41 - 2018-01-12 22:41 - 003044224 _____ () C:\Users\Raymond\ZHPCleaner.exe
2017-02-22 12:38 - 2017-02-22 12:38 - 000000003 _____ () C:\Users\Raymond\AppData\Roaming\.ptbt0
2016-10-26 20:58 - 2017-10-20 21:57 - 000001372 _____ () C:\Users\Raymond\AppData\Roaming\mplex-log.log
2017-03-17 09:31 - 2016-10-04 09:54 - 000000701 _____ () C:\Users\Raymond\AppData\Roaming\soundyg.dll
2015-12-10 08:24 - 2018-01-16 12:36 - 000006656 _____ () C:\Users\Raymond\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2015-06-25 07:43 - 2015-06-25 07:43 - 000000218 _____ () C:\Users\Raymond\AppData\Local\recently-used.xbel
2016-04-03 09:06 - 2016-11-03 08:41 - 000007635 _____ () C:\Users\Raymond\AppData\Local\resmon.resmoncfg
Certains fichiers dans TEMP:
====================
2018-02-09 19:12 - 2018-01-01 13:48 - 001954048 _____ (Microsoft Corporation) C:\Users\Raymond\AppData\Local\Temp\dllnt_dump.dll
==================== Bamital & volsnap ======================
(Il n'y a pas de correction automatique pour les fichiers qui ne satisfont pas à la vérification.)
C:\WINDOWS\system32\winlogon.exe => Le fichier est signé numériquement
C:\WINDOWS\system32\wininit.exe => Le fichier est signé numériquement
C:\WINDOWS\explorer.exe => Le fichier est signé numériquement
C:\WINDOWS\SysWOW64\explorer.exe => Le fichier est signé numériquement
C:\WINDOWS\system32\svchost.exe => Le fichier est signé numériquement
C:\WINDOWS\SysWOW64\svchost.exe => Le fichier est signé numériquement
C:\WINDOWS\system32\services.exe => Le fichier est signé numériquement
C:\WINDOWS\system32\User32.dll => Le fichier est signé numériquement
C:\WINDOWS\SysWOW64\User32.dll => Le fichier est signé numériquement
C:\WINDOWS\system32\userinit.exe => Le fichier est signé numériquement
C:\WINDOWS\SysWOW64\userinit.exe => Le fichier est signé numériquement
C:\WINDOWS\system32\rpcss.dll => Le fichier est signé numériquement
C:\WINDOWS\system32\dnsapi.dll => Le fichier est signé numériquement
C:\WINDOWS\SysWOW64\dnsapi.dll => Le fichier est signé numériquement
C:\WINDOWS\system32\Drivers\volsnap.sys => Le fichier est signé numériquement
LastRegBack: 2018-02-09 23:43
==================== Fin de FRST.txt ============================
Exécuté par Raymond (administrateur) sur ADMIN (10-02-2018 20:22:12)
Exécuté depuis C:\Users\Raymond\Downloads
Profils chargés: Raymond (Profils disponibles: Raymond)
Platform: Windows 10 Home Version 1709 16299.192 (X64) Langue: Français (France)
Internet Explorer Version 11 (Navigateur par défaut: Chrome)
Mode d'amorçage: Normal
Tutoriel pour Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processus (Avec liste blanche) =================
(Si un élément est inclus dans le fichier fixlist.txt, le processus sera arrêté. Le fichier ne sera pas déplacé.)
(AMD) C:\Windows\System32\atiesrxx.exe
(ABBYY) C:\Program Files (x86)\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe
() C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe
(Acronis) C:\Program Files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe
(Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
(Advanced Micro Devices, Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
(Ellora Assets Corp.) C:\Program Files (x86)\Freemake\CaptureLib\CaptureLibService.exe
() C:\Program Files (x86)\Canon\IJPLM\ijplmsvc.exe
(IObit) C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe
(Acronis) C:\Program Files (x86)\Common Files\Acronis\Infrastructure\mms_mini.exe
(DEVGURU Co., LTD.) C:\Program Files (x86)\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.12.17007.18011-0\MsMpEng.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.12.17007.18011-0\NisSrv.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.7\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.7\GoogleCrashHandler64.exe
() C:\Program Files (x86)\No-IP\ducservice.exe
(Acronis) C:\Program Files (x86)\Common Files\Acronis\SyncAgent\syncagentsrv.exe
(Nero AG) C:\Program Files (x86)\Nero\Update\NASvc.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(Orange) C:\Users\Raymond\AppData\Roaming\Orange\OrangeInside\OrangeInside.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersServer.exe
() C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.1803.279.0_x64__kzf8qxf38zg5c\SkypeHost.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
() C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe
() C:\Windows\SysWOW64\UMonit64.exe
() C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe
(AimerSoft) C:\Program Files (x86)\Common Files\Aimersoft\Aimersoft Helper Compact\ASHelper.exe
(SEIKO EPSON CORPORATION) C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
() C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.17122.15711.0_x64__8wekyb3d8bbwe\Video.UI.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.8827.21855.0_x64__8wekyb3d8bbwe\HxCalendarAppImm.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.8827.21855.0_x64__8wekyb3d8bbwe\HxTsr.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsStore_11801.1001.6.0_x64__8wekyb3d8bbwe\WinStore.App.exe
(Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
() C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2017.39101.16720.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Farbar) C:\Users\Raymond\Downloads\FRST64 (2).exe
==================== Registre (Avec liste blanche) ===========================
(Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé. Le fichier ne sera pas déplacé.)
HKLM\...\Run: [SecurityHealth] => C:\Program Files\Windows Defender\MSASCuiL.exe [630168 2017-09-29] (Microsoft Corporation)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13671640 2014-04-10] (Realtek Semiconductor)
HKLM\...\Run: [CanonSolutionMenu] => C:\Program Files (x86)\Canon\SolutionMenu\CNSLMAIN.exe [689488 2008-03-11] (CANON INC.)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [508128 2016-07-01] (Adobe Systems Incorporated)
HKLM\...\Run: [Acronis Scheduler2 Service] => C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe [497784 2016-07-06] ()
HKLM\...\Run: [UMonit] => C:\WINDOWS\SysWOW64\UMonit64.exe [53832 2015-09-21] ()
HKLM\...\Run: [AdobeGCInvoker-1.0] => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [315880 2018-01-05] (Adobe Systems, Incorporated)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [767176 2015-11-04] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [BrStsMon00] => C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe [4509184 2012-12-27] (Brother Industries, Ltd.)
HKLM-x32\...\Run: [BrStsInd00] => C:\Program Files (x86)\BrownyInd\Brother\BrIndicator.exe [1885184 2012-12-18] (Brother Industries, Ltd.)
HKLM-x32\...\Run: [AcronisTibMounterMonitor] => C:\Program Files (x86)\Common Files\Acronis\TibMounter\TibMounterMonitor.exe [651560 2015-11-10] (Acronis International GmbH)
HKLM-x32\...\Run: [TrueImageMonitor.exe] => C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe [6843208 2016-07-06] ()
HKLM-x32\...\Run: [Aimersoft Helper Compact.exe] => C:\Program Files (x86)\Common Files\Aimersoft\Aimersoft Helper Compact\ASHelper.exe [2131856 2016-07-14] (AimerSoft)
HKLM-x32\...\Run: [EEventManager] => C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe [979328 2010-10-12] (SEIKO EPSON CORPORATION)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [587288 2017-12-19] (Oracle Corporation)
HKU\S-1-5-21-976551006-3039632739-1132508307-1001\...\Run: [EssentialPIM] => C:\Program Files (x86)\EssentialPIM\EssentialPIM.exe [17853296 2015-11-18] (Astonsoft)
HKU\S-1-5-21-976551006-3039632739-1132508307-1001\...\Run: [Snip] => C:\Users\Raymond\AppData\Local\Snip\Snip.exe [1713312 2015-10-19] (Microsoft Corporation)
HKU\S-1-5-21-976551006-3039632739-1132508307-1001\...\Run: [Google Photos Backup] => C:\Users\Raymond\AppData\Local\Programs\Google\Google Photos Backup\Google Photos Backup.exe [3790936 2016-04-08] (Google, Inc)
HKU\S-1-5-21-976551006-3039632739-1132508307-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [9856176 2017-09-20] (Piriform Ltd)
HKU\S-1-5-21-976551006-3039632739-1132508307-1001\...\Policies\Explorer: [NolowDiskSpaceChecks] 1
HKU\S-1-5-21-976551006-3039632739-1132508307-1001\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\WINDOWS\system32\Bubbles.scr [805888 2017-09-29] (Microsoft Corporation)
==================== Internet (Avec liste blanche) ====================
(Si un élément est inclus dans le fichier fixlist.txt, s'il s'agit d'un élément du Registre, il sera supprimé ou restauré à la valeur par défaut.)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{3359f939-300f-4bae-9790-cb9823ff011f}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{7a129503-e1ca-4a61-b417-8047e61c128e}: [DhcpNameServer] 192.168.1.1 192.168.1.1
Tcpip\..\Interfaces\{872aebc9-1a58-41ac-a780-76db36b7032c}: [DhcpNameServer] 192.168.1.1 192.168.1.1
Tcpip\..\Interfaces\{c267a06e-dcc6-4b4d-a070-dd21cb0e3009}: [DhcpNameServer] 80.10.46.232 80.10.46.232
Tcpip\..\Interfaces\{cbdddf11-c55f-464a-b09a-6b2b85b134e3}: [DhcpNameServer] 192.168.1.1 192.168.1.1
Tcpip\..\Interfaces\{D806A566-61F1-4BBB-92C3-18A9DC0D8D38}: [DhcpNameServer] 192.168.1.1 192.168.1.1
Internet Explorer:
==================
HKU\S-1-5-21-976551006-3039632739-1132508307-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://r.orange.fr/r/Oodc_oi_promoUpdate?ref=O_OI_defaultPage_IEe64_w10e64_promoUpdate
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_161\bin\ssv.dll [2018-01-18] (Oracle Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_161\bin\jp2ssv.dll [2018-01-18] (Oracle Corporation)
DPF: HKLM-x32 {7530BFB8-7293-4D34-9923-61A11451AFC5} hxxp://download.eset.com/special/eos/OnlineScanner.cab
Edge:
======
Edge Session Restore: HKU\S-1-5-21-976551006-3039632739-1132508307-1001 -> est activé.
FireFox:
========
FF DefaultProfile: arzsw02y.default-1506669055859
FF ProfilePath: C:\Users\Raymond\AppData\Roaming\Mozilla\Firefox\Profiles\arzsw02y.default-1506669055859 [2018-02-10]
FF Homepage: Mozilla\Firefox\Profiles\arzsw02y.default-1506669055859 -> hxxps://r.orange.fr/r/Oodc_oi_promoUpdate?ref=O_OI_defaultPage_FFe64_w10e64_promoUpdate
FF Extension: (Video DownloadHelper) - C:\Users\Raymond\AppData\Roaming\Mozilla\Firefox\Profiles\arzsw02y.default-1506669055859\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}.xpi [2018-01-23]
FF Extension: (Qwant for Firefox) - C:\Program Files\Mozilla Firefox\distribution\extensions\qwantcomforfirefox@jetpack.xpi [2016-07-01] [Legacy]
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_28_0_0_161.dll [2018-02-07] ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.50907.0\npctrl.dll [2017-05-03] ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_28_0_0_161.dll [2018-02-07] ()
FF Plugin-x32: @java.com/DTPlugin,version=11.161.2 -> C:\Program Files (x86)\Java\jre1.8.0_161\bin\dtplugin\npDeployJava1.dll [2018-01-18] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.161.2 -> C:\Program Files (x86)\Java\jre1.8.0_161\bin\plugin2\npjp2.dll [2018-01-18] (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.50907.0\npctrl.dll [2017-05-03] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation)
FF Plugin-x32: @Nero.com/KM -> C:\Program Files (x86)\COMMON~1\Nero\BROWSE~1\NPBROW~1.DLL [2015-04-10] (Nero AG)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.7\npGoogleUpdate3.dll [2017-11-16] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.7\npGoogleUpdate3.dll [2017-11-16] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.2.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2017-05-24] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.4 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2017-05-24] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.6 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2017-05-24] (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2017-11-04] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-976551006-3039632739-1132508307-1001: @citrixonline.com/appdetectorplugin -> C:\Users\Raymond\AppData\Local\Citrix\Plugins\104\npappdetector.dll [2015-10-07] (Citrix Online)
FF Plugin HKU\S-1-5-21-976551006-3039632739-1132508307-1001: @tools.google.com/Google Update;version=3 -> C:\Users\Raymond\AppData\Local\Google\Update\1.3.33.7\npGoogleUpdate3.dll [Pas de fichier]
FF Plugin HKU\S-1-5-21-976551006-3039632739-1132508307-1001: @tools.google.com/Google Update;version=9 -> C:\Users\Raymond\AppData\Local\Google\Update\1.3.33.7\npGoogleUpdate3.dll [Pas de fichier]
Chrome:
=======
CHR DefaultProfile: Default
CHR Session Restore: Default -> est activé.
CHR Profile: C:\Users\Raymond\AppData\Local\Google\Chrome\User Data\Default [2018-02-10]
CHR Extension: (WOT: Web of Trust, Évaluation de la réputation de sites Web) - C:\Users\Raymond\AppData\Local\Google\Chrome\User Data\Default\Extensions\bhmmomiinigofkjcapegjjndpbikblnp [2017-12-28]
CHR Extension: (AdBlock) - C:\Users\Raymond\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2018-02-02]
CHR Extension: (Video DownloadHelper) - C:\Users\Raymond\AppData\Local\Google\Chrome\User Data\Default\Extensions\lmjnegcaeklhafolokijcfjliaokphfk [2016-12-21]
CHR Extension: (Page Captures d'écran Web - Fireshot) - C:\Users\Raymond\AppData\Local\Google\Chrome\User Data\Default\Extensions\mcbpblocgmgfnpjjppndjkmgjaogfceg [2017-12-17]
CHR Extension: (Paiements via le Chrome Web Store) - C:\Users\Raymond\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-08-22]
CHR Extension: (Chrome Media Router) - C:\Users\Raymond\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2018-01-25]
CHR Profile: C:\Users\Raymond\AppData\Local\Google\Chrome\User Data\Guest Profile [2018-01-27]
CHR Profile: C:\Users\Raymond\AppData\Local\Google\Chrome\User Data\System Profile [2018-01-27]
Opera:
=======
OPR Extension: (WOT: Web of Trust, Website Reputation Ratings) - C:\Users\Raymond\AppData\Roaming\Opera Software\Opera Stable\Extensions\eeokceolphhfjdfcibaiiopmekmcbedp [2017-06-14]
OPR Extension: (Traduire) - C:\Users\Raymond\AppData\Roaming\Opera Software\Opera Stable\Extensions\ibnombjmjocaccigcefonnipcnlaeaed [2015-11-18]
OPR Extension: (Adblock Plus) - C:\Users\Raymond\AppData\Roaming\Opera Software\Opera Stable\Extensions\oidhhegpmlfpoeialbgcdocjalghfpkp [2018-01-31]
==================== Services (Avec liste blanche) ====================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
R2 ABBYY.Licensing.FineReader.Sprint.9.0; C:\Program Files (x86)\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe [759048 2009-05-14] (ABBYY)
R2 AcrSch2Svc; C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe [1135568 2016-07-06] ()
R2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [2319848 2018-01-05] (Adobe Systems, Incorporated)
R2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [344064 2015-08-21] (Advanced Micro Devices, Inc.) [Fichier non signé]
S3 BrYNSvc; C:\Program Files (x86)\Browny02\BrYNSvc.exe [282112 2012-10-26] (Brother Industries, Ltd.) [Fichier non signé]
S2 CCALib8; C:\Program Files (x86)\Canon\CAL\CALMAIN.exe [96341 2005-09-30] (Canon Inc.) [Fichier non signé]
S3 FirebirdServerMAGIXInstance; C:\Program Files (x86)\MAGIX\Common\Database\bin\fbserver.exe [1527900 2005-11-17] (MAGIX®) [Fichier non signé]
R2 FreemakeVideoCapture; C:\Program Files (x86)\Freemake\CaptureLib\CaptureLibService.exe [9216 2016-11-15] (Ellora Assets Corp.) [Fichier non signé]
R2 IJPLMSVC; C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE [103808 2008-01-22] ()
R2 LiveUpdateSvc; C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe [2945312 2016-01-15] (IObit)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [6234056 2017-11-01] (Malwarebytes)
R2 mmsminisrv; C:\Program Files (x86)\Common Files\Acronis\Infrastructure\mms_mini.exe [4884064 2015-08-11] (Acronis)
R2 NoIPDUCService4; C:\Program Files (x86)\No-IP\ducservice.exe [12288 2015-07-20] () [Fichier non signé]
S2 Orange Update Core Service; C:\Program Files (x86)\Orange Update\OUService.exe [224528 2017-11-17] (Orange)
R2 ss_conn_service; C:\Program Files (x86)\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe [754784 2016-07-22] (DEVGURU Co., LTD.)
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [10803440 2017-08-29] (TeamViewer GmbH)
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.12.17007.18011-0\NisSrv.exe [356168 2018-01-19] (Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.12.17007.18011-0\MsMpEng.exe [105792 2018-01-19] (Microsoft Corporation)
===================== Pilotes (Avec liste blanche) ======================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
S3 61883; C:\WINDOWS\System32\drivers\61883.sys [62976 2017-09-29] (Microsoft Corporation)
S0 amdkmafd; C:\WINDOWS\System32\drivers\amdkmafd.sys [21160 2012-09-23] (Advanced Micro Devices, Inc.)
S3 ampa; C:\WINDOWS\system32\ampa.sys [38320 2016-12-25] ()
S3 ampa; C:\WINDOWS\SysWOW64\ampa.sys [38320 2016-12-25] ()
R2 AODDriver4.2.0; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [59616 2014-02-11] (Advanced Micro Devices)
R1 AppleCharger; C:\WINDOWS\System32\DRIVERS\AppleCharger.sys [22240 2013-10-28] ()
R2 APXACC; C:\WINDOWS\system32\DRIVERS\appexDrv.sys [225504 2014-03-28] (AppEx Networks Corporation)
R3 AtiHDAudioService; C:\WINDOWS\system32\drivers\AtihdWT6.sys [102912 2016-04-17] (Advanced Micro Devices)
R1 ESProtectionDriver; C:\WINDOWS\system32\drivers\mbae64.sys [77432 2017-12-10] ()
R0 file_tracker; C:\WINDOWS\System32\DRIVERS\file_tracker.sys [339808 2016-09-06] (Acronis International GmbH)
R3 GeneStor; C:\WINDOWS\system32\DRIVERS\GeneStor.sys [117224 2015-09-21] (GenesysLogic)
R1 HWiNFO32; C:\WINDOWS\SysWOW64\drivers\HWiNFO64A.SYS [27552 2016-04-17] (REALiX(tm))
R2 MBAMChameleon; C:\WINDOWS\System32\Drivers\MbamChameleon.sys [193968 2017-12-10] (Malwarebytes)
R3 MBAMFarflt; C:\WINDOWS\system32\DRIVERS\farflt.sys [110016 2018-02-10] (Malwarebytes)
R3 MBAMProtection; C:\WINDOWS\system32\DRIVERS\mbam.sys [46008 2018-02-10] (Malwarebytes)
R3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [253880 2018-02-10] (Malwarebytes)
R3 MBAMWebProtection; C:\WINDOWS\system32\DRIVERS\mwac.sys [94144 2018-02-10] (Malwarebytes)
R3 NPF; C:\WINDOWS\System32\drivers\NPF.sys [35344 2011-02-11] (CACE Technologies, Inc.)
R3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [935168 2016-04-17] (Realtek )
R0 tib; C:\WINDOWS\System32\DRIVERS\tib.sys [1049432 2016-09-06] (Acronis International GmbH)
R2 tib_mounter; C:\WINDOWS\system32\DRIVERS\tib_mounter.sys [202592 2016-09-06] (Acronis International GmbH)
S3 tnd; C:\WINDOWS\system32\DRIVERS\tnd.sys [581464 2016-09-06] (Acronis International GmbH)
S1 UsbCharger; C:\WINDOWS\System32\DRIVERS\UsbCharger.sys [22240 2013-10-24] ()
R2 virtual_file; C:\WINDOWS\System32\DRIVERS\virtual_file.sys [301408 2016-09-06] (Acronis International GmbH)
U5 vwifimp; C:\Windows\System32\Drivers\vwifimp.sys [41472 2017-11-26] (Microsoft Corporation)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [46072 2018-01-19] (Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [288848 2018-01-19] (Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [129616 2018-01-19] (Microsoft Corporation)
==================== NetSvcs (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
==================== Un mois - Créés - fichiers et dossiers ========
(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)
2018-02-10 20:22 - 2018-02-10 20:22 - 000021532 _____ C:\Users\Raymond\Downloads\FRST.txt
2018-02-10 20:21 - 2018-02-10 20:21 - 000000000 ____D C:\Users\Raymond\Downloads\FRST-OlderVersion
2018-02-10 20:12 - 2018-02-10 20:16 - 000005774 _____ C:\Users\Raymond\Desktop\ZHPCleaner.txt
2018-02-10 19:55 - 2018-02-10 19:55 - 000226663 _____ C:\Users\Raymond\Desktop\ZHPDiag.txt
2018-02-10 19:47 - 2018-02-10 19:47 - 002989952 _____ C:\Users\Raymond\Downloads\ZHPDiag3 (1).exe
2018-02-10 19:32 - 2018-02-10 19:42 - 000000910 _____ C:\Users\Raymond\Desktop\ZHPDiag.lnk
2018-02-10 19:30 - 2018-02-10 19:31 - 002989952 _____ C:\Users\Raymond\Downloads\ZHPDiag3.exe
2018-02-10 19:26 - 2018-02-10 19:26 - 000002339 _____ C:\Users\Raymond\Desktop\AdwCleaner[S8].txt
2018-02-10 12:57 - 2018-02-10 12:57 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2018-02-09 21:51 - 2018-02-09 21:52 - 000000000 ____D C:\KVRT_Data
2018-02-09 21:48 - 2018-02-09 21:51 - 141857576 _____ (Kaspersky Lab ZAO) C:\Users\Raymond\Desktop\KVRT.exe
2018-02-09 19:14 - 2018-02-10 08:33 - 000028272 _____ C:\WINDOWS\system32\Drivers\TrueSight.sys
2018-02-09 19:12 - 2018-02-10 08:32 - 000000906 _____ C:\Users\Public\Desktop\RogueKiller.lnk
2018-02-09 19:12 - 2018-02-10 08:32 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RogueKiller
2018-02-09 19:12 - 2018-02-10 08:32 - 000000000 ____D C:\Program Files\RogueKiller
2018-02-09 19:12 - 2018-02-09 20:11 - 000000000 ____D C:\ProgramData\RogueKiller
2018-02-09 19:11 - 2018-02-09 19:11 - 036408336 _____ (Adlice Software ) C:\Users\Raymond\Downloads\RogueKiller_setup-12.12.3.exe
2018-02-09 19:01 - 2018-02-09 19:01 - 008222496 _____ (Malwarebytes) C:\Users\Raymond\Downloads\adwcleaner_7.0.8.0.exe
2018-02-09 18:32 - 2018-02-10 20:00 - 000000920 _____ C:\Users\Raymond\Desktop\ZHPCleaner.lnk
2018-02-09 18:32 - 2018-02-09 18:32 - 003058048 _____ C:\Users\Raymond\Downloads\ZHPCleaner.exe
2018-02-09 12:36 - 2018-02-09 12:38 - 000026806 _____ C:\Users\Raymond\Downloads\Fixlog.txt
2018-02-09 12:31 - 2018-02-10 20:21 - 002404864 _____ (Farbar) C:\Users\Raymond\Downloads\FRST64 (2).exe
2018-02-08 22:25 - 2018-02-08 22:25 - 000648174 _____ C:\Users\Raymond\Downloads\Shortcut.txt
2018-02-08 20:37 - 2018-02-08 20:37 - 000000811 _____ C:\WinChk.txt
2018-02-08 20:36 - 2018-02-08 20:37 - 000315000 _____ C:\Users\Raymond\Downloads\winchk_2.0.exe
2018-02-08 20:34 - 2018-02-08 20:34 - 000468480 _____ () C:\Users\Raymond\Downloads\CKScanner (2).exe
2018-02-08 20:34 - 2018-02-08 20:34 - 000000640 _____ C:\Users\Raymond\Downloads\ckfiles.txt
2018-02-08 20:32 - 2018-02-08 20:32 - 000468480 _____ () C:\Users\Raymond\Downloads\CKScanner (1).exe
2018-02-08 20:29 - 2018-02-08 22:25 - 000070113 _____ C:\Users\Raymond\Downloads\Addition.txt
2018-02-08 20:28 - 2018-02-10 20:22 - 000000000 ____D C:\FRST
2018-02-08 17:54 - 2018-02-08 17:54 - 008206624 _____ (Malwarebytes) C:\Users\Raymond\Downloads\adwcleaner_7.0.7.0.exe
2018-02-08 17:54 - 2018-02-08 17:54 - 008206624 _____ (Malwarebytes) C:\Users\Raymond\Downloads\adwcleaner_7.0.7.0 (1).exe
2018-02-07 12:03 - 2018-02-07 12:03 - 000167187 _____ C:\Users\Raymond\Documents\FireShot Capture 98 - La Cour des comptes pointe les limites_ - http___www.lefigaro.fr_societes_20.pdf
2018-02-07 12:03 - 2018-02-07 12:03 - 000000000 ____D C:\Users\Raymond\Downloads\FireShot
2018-02-04 22:46 - 2018-02-04 22:46 - 000295490 _____ C:\Users\Raymond\Downloads\téléchargement
2018-02-03 09:20 - 2018-02-03 09:20 - 002120518 _____ C:\Users\Raymond\Downloads\fiche-geostop-vecto.pdf
2018-02-03 09:20 - 2018-02-03 09:20 - 002120518 _____ C:\Users\Raymond\Downloads\fiche-geostop-vecto (1).pdf
2018-02-02 08:44 - 2018-02-08 22:53 - 000000911 _____ C:\Users\Raymond\Desktop\Start Tor Browser.lnk
2018-02-02 08:44 - 2018-02-02 08:44 - 000000959 _____ C:\Users\Raymond\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Start Tor Browser.lnk
2018-02-02 08:44 - 2018-02-02 08:44 - 000000000 ____D C:\Users\Raymond\Desktop\Tor Browser
2018-02-02 08:42 - 2018-02-02 08:42 - 053924768 _____ C:\Users\Raymond\Downloads\torbrowser-install-7.5_fr.exe
2018-02-01 07:17 - 2018-02-01 07:17 - 000003614 _____ C:\WINDOWS\System32\Tasks\AdobeGCInvoker-1.0-MicrosoftAccount-raymond.moraux@hotmail.fr
2018-01-31 18:22 - 2018-01-31 18:22 - 001923808 _____ (Adobe Systems Incorporated) C:\Users\Raymond\Downloads\Lightroom_Set-Up.exe
2018-01-28 19:38 - 2018-01-28 19:38 - 009267801 _____ C:\Users\Raymond\Downloads\malongo.flv
2018-01-28 08:12 - 2018-02-06 11:55 - 000001368 _____ C:\Users\Raymond\Desktop\Edge.lnk
2018-01-28 08:12 - 2018-01-28 08:12 - 000000000 ____D C:\Users\Raymond\AppData\Roaming\Orange
2018-01-26 14:23 - 2018-01-26 15:02 - 006824448 _____ C:\Users\Raymond\Desktop\auto.ppt.pps
2018-01-26 14:20 - 2018-01-26 14:20 - 003542016 _____ C:\Users\Raymond\Desktop\Ancien_temps11.pps
2018-01-26 08:59 - 2018-01-26 08:59 - 000418304 _____ C:\Users\Raymond\Downloads\Calculateur_budget.xls
2018-01-13 22:52 - 2018-01-13 22:52 - 000094650 _____ C:\Users\Raymond\Downloads\morauxr_morauxr_classic_asc_bouquet_pauline__1515880326.pdf
2018-01-12 22:41 - 2018-01-12 22:41 - 003044224 _____ C:\Users\Raymond\ZHPCleaner.exe
2018-01-12 18:21 - 2018-01-12 18:21 - 000000844 _____ C:\Users\Public\Desktop\Speccy.lnk
2018-01-12 18:21 - 2018-01-12 18:21 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Speccy
2018-01-12 18:21 - 2018-01-12 18:21 - 000000000 ____D C:\Program Files\Speccy
2018-01-12 13:00 - 2018-01-12 13:00 - 000000000 ____D C:\Program Files\net.downloadhelper.coapp
2018-01-11 20:28 - 2018-01-11 20:28 - 019987259 _____ C:\Users\Raymond\Downloads\Robert Lamoureux retour de vacances.mp4
2018-01-11 20:21 - 2018-01-11 20:22 - 025444203 _____ C:\Users\Raymond\Downloads\Françis Blanche et Pierre Dac ( La Voyante Madame Arnica ) 1.mp4
==================== Un mois - Modifiés - fichiers et dossiers ========
(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)
2018-02-10 20:15 - 2015-08-20 07:21 - 000000000 ____D C:\Users\Raymond\AppData\Roaming\ZHP
2018-02-10 19:22 - 2017-06-19 07:12 - 000000000 ____D C:\AdwCleaner
2018-02-10 19:19 - 2017-05-30 06:33 - 000000000 ____D C:\Users\Raymond\AppData\LocalLow\Mozilla
2018-02-10 18:44 - 2017-11-30 18:18 - 000004160 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{2CB4F11D-77CD-40CC-8B73-1394F574E37C}
2018-02-10 13:03 - 2017-11-30 18:17 - 003591738 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2018-02-10 13:03 - 2017-09-30 15:40 - 001747160 _____ C:\WINDOWS\system32\perfh00C.dat
2018-02-10 13:03 - 2017-09-30 15:40 - 000433054 _____ C:\WINDOWS\system32\perfc00C.dat
2018-02-10 12:57 - 2017-12-10 13:45 - 000110016 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\farflt.sys
2018-02-10 12:57 - 2017-12-10 13:45 - 000094144 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mwac.sys
2018-02-10 12:57 - 2017-12-10 13:45 - 000046008 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbam.sys
2018-02-10 12:57 - 2017-11-30 18:18 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2018-02-10 12:57 - 2017-11-30 17:27 - 000253880 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamswissarmy.sys
2018-02-10 12:56 - 2017-09-29 09:45 - 001310720 _____ C:\WINDOWS\system32\config\BBI
2018-02-10 12:56 - 2017-09-19 17:57 - 000000234 _____ C:\Users\Raymond\Desktop\captvty.ini
2018-02-10 12:56 - 2015-06-12 15:41 - 000065536 _____ C:\WINDOWS\system32\spu_storage.bin
2018-02-10 12:45 - 2017-11-30 17:56 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2018-02-10 11:51 - 2015-06-20 19:11 - 000193466 _____ C:\Users\Raymond\Documents\Raymond.bp
2018-02-10 11:51 - 2015-06-17 17:58 - 000000000 ____D C:\Users\Raymond\AppData\Roaming\BankPerfect
2018-02-10 09:30 - 2016-12-26 09:25 - 000002480 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2018-02-10 09:30 - 2016-12-26 09:25 - 000002439 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2018-02-10 09:30 - 2016-07-04 13:16 - 000001280 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk
2018-02-10 09:30 - 2015-06-16 09:16 - 000001292 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2018-02-10 08:33 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\DeliveryOptimization
2018-02-09 20:03 - 2013-08-22 16:36 - 000000000 ___HD C:\WINDOWS\system32\GroupPolicy
2018-02-09 12:27 - 2016-05-08 21:55 - 000000000 ____D C:\ProgramData\Apple Computer
2018-02-09 09:43 - 2015-06-30 07:00 - 000000000 ____D C:\ProgramData\boost_interprocess
2018-02-09 08:46 - 2017-09-29 14:46 - 000000000 ___HD C:\Program Files\WindowsApps
2018-02-09 08:46 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\AppReadiness
2018-02-08 18:16 - 2017-06-19 07:41 - 000000000 ____D C:\Users\Raymond\AppData\Local\ZHP
2018-02-08 17:14 - 2015-10-24 09:05 - 000022016 _____ C:\Users\Raymond\Documents\evenements.xls
2018-02-08 17:07 - 2017-11-30 17:59 - 000000000 ____D C:\Users\Raymond
2018-02-07 17:32 - 2017-09-29 14:37 - 000000000 ____D C:\WINDOWS\CbsTemp
2018-02-07 08:54 - 2017-11-30 18:18 - 000004708 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player PPAPI Notifier
2018-02-07 08:54 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\SysWOW64\Macromed
2018-02-07 08:54 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\system32\Macromed
2018-02-06 03:49 - 2017-09-29 14:49 - 000835576 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2018-02-06 03:49 - 2017-09-29 14:49 - 000177648 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2018-02-05 13:13 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2018-02-05 08:09 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\system32\FxsTmp
2018-02-04 21:23 - 2016-04-17 07:58 - 000000000 ____D C:\ProgramData\ProductData
2018-02-03 13:49 - 2015-06-23 18:59 - 000000000 ___RD C:\Users\Raymond\OneDrive
2018-02-03 08:48 - 2017-05-11 08:29 - 000001024 ____H C:\AMTAG.BIN
2018-02-01 08:51 - 2017-10-02 07:48 - 000001160 _____ C:\Users\Raymond\Desktop\blender.lnk
2018-02-01 08:51 - 2015-06-28 13:51 - 000001183 _____ C:\Users\Raymond\Desktop\Lauyan TOWeb V6.lnk
2018-01-31 07:59 - 2017-11-30 18:18 - 000003360 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-976551006-3039632739-1132508307-1001
2018-01-31 07:59 - 2015-11-22 12:01 - 000002456 _____ C:\Users\Raymond\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2018-01-30 22:56 - 2016-02-11 10:46 - 000000000 ____D C:\Users\Raymond\La Gazette
2018-01-29 08:49 - 2017-09-29 14:44 - 000000000 ____D C:\WINDOWS\INF
2018-01-28 19:40 - 2015-08-12 12:01 - 000000000 ____D C:\Users\Raymond\AppData\Roaming\vlc
2018-01-28 08:12 - 2017-06-30 21:48 - 000001339 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Navigateur Opera.lnk
2018-01-28 08:12 - 2015-06-22 14:53 - 000001342 _____ C:\Users\Public\Desktop\Navigateur Opera.lnk
2018-01-28 08:08 - 2017-11-30 17:56 - 000712488 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2018-01-28 08:08 - 2017-07-01 21:04 - 000000000 ____D C:\Program Files (x86)\Mozilla Thunderbird
2018-01-28 08:08 - 2015-06-16 09:16 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2018-01-27 22:53 - 2015-07-12 20:05 - 000000000 ____D C:\Users\Raymond\AppData\Roaming\MPC-HC
2018-01-24 19:21 - 2017-11-30 18:18 - 000003976 _____ C:\WINDOWS\System32\Tasks\Opera scheduled Autoupdate 1434981236
2018-01-24 19:21 - 2015-06-22 14:48 - 000000000 ____D C:\Program Files (x86)\Opera
2018-01-24 10:42 - 2015-06-16 08:57 - 000548000 ____N (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe
2018-01-23 14:05 - 2015-06-19 08:18 - 000000000 ____D C:\Users\Raymond\Documents\TOWeb Sites
2018-01-22 19:45 - 2016-02-27 13:59 - 000000000 ____D C:\Users\Raymond\genealogie
2018-01-20 22:40 - 2016-03-07 15:31 - 000000000 ____D C:\Users\Raymond\Thiers
2018-01-19 19:39 - 2017-12-02 20:48 - 000000000 ____D C:\ProgramData\Généatique2018
2018-01-19 19:39 - 2017-12-02 20:46 - 000000000 ____D C:\Program Files (x86)\Geneatique2018
2018-01-18 09:00 - 2016-10-17 14:58 - 000000000 ____D C:\ProgramData\Oracle
2018-01-18 08:42 - 2016-10-17 14:58 - 000000000 ____D C:\Program Files (x86)\Java
2018-01-18 08:41 - 2016-10-17 14:58 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2018-01-18 08:39 - 2016-10-17 14:58 - 000097344 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\WindowsAccessBridge-32.dll
2018-01-16 13:50 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\rescache
2018-01-16 12:36 - 2015-12-10 08:24 - 000006656 _____ C:\Users\Raymond\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2018-01-12 22:54 - 2015-06-17 12:11 - 000000000 ____D C:\Users\Raymond\AppData\Local\Google
2018-01-12 12:42 - 2017-06-03 16:48 - 000000000 ____D C:\Program Files (x86)\Mozilla Firefox
2018-01-11 09:34 - 2017-03-17 09:31 - 000000000 ____D C:\YouTube
==================== Fichiers à la racine de certains dossiers =======
2018-01-12 22:41 - 2018-01-12 22:41 - 003044224 _____ () C:\Users\Raymond\ZHPCleaner.exe
2017-02-22 12:38 - 2017-02-22 12:38 - 000000003 _____ () C:\Users\Raymond\AppData\Roaming\.ptbt0
2016-10-26 20:58 - 2017-10-20 21:57 - 000001372 _____ () C:\Users\Raymond\AppData\Roaming\mplex-log.log
2017-03-17 09:31 - 2016-10-04 09:54 - 000000701 _____ () C:\Users\Raymond\AppData\Roaming\soundyg.dll
2015-12-10 08:24 - 2018-01-16 12:36 - 000006656 _____ () C:\Users\Raymond\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2015-06-25 07:43 - 2015-06-25 07:43 - 000000218 _____ () C:\Users\Raymond\AppData\Local\recently-used.xbel
2016-04-03 09:06 - 2016-11-03 08:41 - 000007635 _____ () C:\Users\Raymond\AppData\Local\resmon.resmoncfg
Certains fichiers dans TEMP:
====================
2018-02-09 19:12 - 2018-01-01 13:48 - 001954048 _____ (Microsoft Corporation) C:\Users\Raymond\AppData\Local\Temp\dllnt_dump.dll
==================== Bamital & volsnap ======================
(Il n'y a pas de correction automatique pour les fichiers qui ne satisfont pas à la vérification.)
C:\WINDOWS\system32\winlogon.exe => Le fichier est signé numériquement
C:\WINDOWS\system32\wininit.exe => Le fichier est signé numériquement
C:\WINDOWS\explorer.exe => Le fichier est signé numériquement
C:\WINDOWS\SysWOW64\explorer.exe => Le fichier est signé numériquement
C:\WINDOWS\system32\svchost.exe => Le fichier est signé numériquement
C:\WINDOWS\SysWOW64\svchost.exe => Le fichier est signé numériquement
C:\WINDOWS\system32\services.exe => Le fichier est signé numériquement
C:\WINDOWS\system32\User32.dll => Le fichier est signé numériquement
C:\WINDOWS\SysWOW64\User32.dll => Le fichier est signé numériquement
C:\WINDOWS\system32\userinit.exe => Le fichier est signé numériquement
C:\WINDOWS\SysWOW64\userinit.exe => Le fichier est signé numériquement
C:\WINDOWS\system32\rpcss.dll => Le fichier est signé numériquement
C:\WINDOWS\system32\dnsapi.dll => Le fichier est signé numériquement
C:\WINDOWS\SysWOW64\dnsapi.dll => Le fichier est signé numériquement
C:\WINDOWS\system32\Drivers\volsnap.sys => Le fichier est signé numériquement
LastRegBack: 2018-02-09 23:43
==================== Fin de FRST.txt ============================