Résultats d'analyse de Farbar Recovery Scan Tool (FRST) (x86) Version:23-09-2015 Exécuté par jean-louis (administrateur) sur MURATET (27-09-2015 12:07:02) Exécuté depuis C:\Users\jean-louis\Downloads Profils chargés: jean-louis (Profils disponibles: jean-louis) Platform: Microsoft Windows 8.1 Professionnel avec Media Center (X86) Langue: Français (France) Internet Explorer Version 11 (Navigateur par défaut: FF) Mode d'amorçage: Normal Tutoriel pour Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processus (Avec liste blanche) ================= (Si un élément est inclus dans le fichier fixlist.txt, le processus sera arrêté. Le fichier ne sera pas déplacé.) (Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe (Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe (Microsoft Corporation) C:\Program Files\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe (Microsoft Corporation) C:\Program Files\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe (Google Inc.) C:\Program Files\Google\Update\1.3.28.15\GoogleCrashHandler.exe (Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX86\officeclicktorun.exe () C:\Program Files\Orange\Assistance Livebox\dedicarz\DedicarzService.exe (OrdinarySoft) C:\Program Files\Start Menu X\StartMenuX.exe (ESET) C:\Program Files\ESET\ESET Smart Security\ekrn.exe (Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe (Secunia) C:\Program Files\Secunia\PSI\psia.exe (PacketVideo) C:\Program Files\Serveur Media\twonkymediaserverwatchdog.exe (TuneUp Software) C:\Program Files\TuneUp Utilities 2014\TuneUpUtilitiesService32.exe () C:\Program Files\Serveur Media\twonkymediaserver.exe (TuneUp Software) C:\Program Files\TuneUp Utilities 2014\TuneUpUtilitiesApp32.exe (Microsoft Corporation) C:\Windows\System32\SkyDrive.exe (MYSecurityCenter Ltd.) C:\Program Files\My Security Center\Tray\000000000000000001.0x0 (Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe (Piriform Ltd) C:\Program Files\CCleaner\CCleaner.exe () C:\Users\jean-louis\AppData\Roaming\Dashlane\Dashlane.exe Impossible d'accéder au processus -> DashlanePlugin.exe (Mozilla Corporation) C:\Program Files\Mozilla Thunderbird\thunderbird.exe (ESET) C:\Program Files\ESET\ESET Smart Security\egui.exe () C:\Users\JEAN-L~1\AppData\Local\Temp\virustotal.exe (Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe (Goversoft LLC) C:\Program Files\PrivaZer\PrivaZer.exe ==================== Registre (Avec liste blanche) =========================== (Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé. Le fichier ne sera pas déplacé.) HKLM\...\Run: [egui] => C:\Program Files\ESET\ESET Smart Security\egui.exe [5075104 2014-02-24] (ESET) HKLM\...\Run: [NBAgent] => C:\Program Files\Nero\Nero 10\Nero BackItUp\NBAgent.exe [1234216 2010-03-26] (Nero AG) HKLM\...\Run: [SunJavaUpdateSched] => C:\Program Files\Common Files\Java\Java Update\jusched.exe [597552 2015-08-04] (Oracle Corporation) HKLM\...\Run: [CommonToolkitTray_My Security Center] => C:\Program Files\My Security Center\Tray\MYSCTray.exe HKU\S-1-5-21-3974272555-2943434140-3627363908-1001\...\Run: [GoogleDriveSync] => C:\Program Files\Google\Drive\googledrivesync.exe [22344224 2015-07-29] (Google) HKU\S-1-5-21-3974272555-2943434140-3627363908-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner.exe [6490904 2015-08-20] (Piriform Ltd) HKU\S-1-5-21-3974272555-2943434140-3627363908-1001\...\Run: [StartMenuX] => C:\Program Files\Start Menu X\StartMenuX.exe [5464384 2015-06-09] (OrdinarySoft) HKU\S-1-5-21-3974272555-2943434140-3627363908-1001\...\Run: [BingSvc] => C:\Users\jean-louis\AppData\Local\Microsoft\BingSvc\BingSvc.exe [144008 2015-04-07] (© 2015 Microsoft Corporation) HKU\S-1-5-21-3974272555-2943434140-3627363908-1001\...\Run: [Skype] => C:\Program Files\Skype\Phone\Skype.exe [53735968 2015-08-07] (Skype Technologies S.A.) HKU\S-1-5-21-3974272555-2943434140-3627363908-1001\...\Policies\Explorer: [NoLowDiskSpaceChecks] 1 HKU\S-1-5-21-3974272555-2943434140-3627363908-1001\...\MountPoints2: {b09a965c-1865-11e3-afb6-7071bc55c6dc} - "G:\iLinker.exe" ShellIconOverlayIdentifiers: [ GoogleDriveBlacklisted] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files\Google\Drive\googledrivesync32.dll [2015-07-29] (Google) ShellIconOverlayIdentifiers: [ GoogleDriveSynced] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files\Google\Drive\googledrivesync32.dll [2015-07-29] (Google) ShellIconOverlayIdentifiers: [ GoogleDriveSyncing] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files\Google\Drive\googledrivesync32.dll [2015-07-29] (Google) Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Agent Serveur Média.lnk [2014-07-28] ShortcutTarget: Agent Serveur Média.lnk -> C:\Program Files\Serveur Media\twonkymediaserverconfig.exe (PacketVideo) Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\PC Sync.lnk [2014-01-22] ShortcutTarget: PC Sync.lnk -> C:\Program Files\PC Sync\Voxsync.exe () Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Secunia PSI Tray.lnk [2014-10-23] ShortcutTarget: Secunia PSI Tray.lnk -> C:\Program Files\Secunia\PSI\psi_tray.exe (Secunia) Startup: C:\Users\jean-louis\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Envoyer à OneNote.lnk [2014-03-31] ShortcutTarget: Envoyer à OneNote.lnk -> C:\Program Files\Microsoft Office\Office15\ONENOTEM.EXE (Microsoft Corporation) BootExecute: autocheck autochk * sdnclean.exe ==================== Internet (Avec liste blanche) ==================== (Si un élément est inclus dans le fichier fixlist.txt, s'il s'agit d'un élément du Registre, il sera supprimé ou restauré à la valeur par défaut.) Winsock: Catalog5 07 C:\Program Files\Bonjour\mdnsNSP.dll [121704 2015-08-12] (Apple Inc.) Tcpip\Parameters: [DhcpNameServer] 192.168.1.1 192.168.1.1 Tcpip\..\Interfaces\{9E1C873D-C09E-479D-AA63-8BAC26567063}: [DhcpNameServer] 192.168.1.1 192.168.1.1 Internet Explorer: ================== HKU\S-1-5-21-3974272555-2943434140-3627363908-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://r.orange.fr/r/Oodc_home_ie HKU\S-1-5-21-3974272555-2943434140-3627363908-1001\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://t.fr.msn.com/ SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\.DEFAULT -> {0191A6B0-1154-4C22-9182-23A95BBE92D9} URL = hxxp://www.google.com/search?q={searchTerms} SearchScopes: HKU\S-1-5-21-3974272555-2943434140-3627363908-1001 -> DefaultScope {012E1000-F331-11DB-8314-0800200C9A66} URL = hxxp://www.google.com/search?q={searchTerms} SearchScopes: HKU\S-1-5-21-3974272555-2943434140-3627363908-1001 -> {012E1000-F331-11DB-8314-0800200C9A66} URL = hxxp://www.google.com/search?q={searchTerms} SearchScopes: HKU\S-1-5-21-3974272555-2943434140-3627363908-1001 -> {2C9DCDC1-78C9-41A4-9E5F-77F92701D4B9} URL = hxxp://www.bing.com/search?FORM=SK2MDF&PC=SK2M&q={searchTerms}&src=IE-SearchBox BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\Office15\OCHelper.dll [2015-08-12] (Microsoft Corporation) BHO: Dashlane BHO -> {42D79B50-CC4A-4A8E-860F-BE674AF053A2} -> C:\Users\jean-louis\AppData\Roaming\Dashlane\ie\Dashlanei.dll [2015-09-03] (Dashlane) BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_60\bin\ssv.dll [2015-09-16] (Oracle Corporation) BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2015-05-01] (Microsoft Corporation) BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL [2015-07-14] (Microsoft Corporation) BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_60\bin\jp2ssv.dll [2015-09-16] (Oracle Corporation) Toolbar: HKLM - Dashlane Toolbar - {669695BC-A811-4A9D-8CDF-BA8C795F261C} - C:\Users\jean-louis\AppData\Roaming\Dashlane\ie\KWIEBar.dll [2015-09-03] (Dashlane) Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL [2015-02-03] (Microsoft Corporation) Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2015-05-01] (Microsoft Corporation) FireFox: ======== FF ProfilePath: C:\Users\jean-louis\AppData\Roaming\Mozilla\Firefox\Profiles\l1zh8djg.default-1443182895729 FF Homepage: hxxps://news.google.fr/news?pz=1&cf=all&ned=fr&hl=fr&q&ar=1441531858&pli=1 FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF32_19_0_0_185.dll [2015-09-22] () FF Plugin: @Apple.com/iTunes,version=1.0 -> C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll [2015-07-30] () FF Plugin: @Google.com/GoogleEarthPlugin -> C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll [2015-05-21] (Google) FF Plugin: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files\Google\Picasa3\npPicasa3.dll [2014-01-06] (Google, Inc.) FF Plugin: @java.com/DTPlugin,version=11.60.2 -> C:\Program Files\Java\jre1.8.0_60\bin\dtplugin\npDeployJava1.dll [2015-09-16] (Oracle Corporation) FF Plugin: @java.com/JavaPlugin,version=11.60.2 -> C:\Program Files\Java\jre1.8.0_60\bin\plugin2\npjp2.dll [2015-09-16] (Oracle Corporation) FF Plugin: @microsoft.com/Lync,version=15.0 -> C:\Program Files\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2015-03-31] (Microsoft Corporation) FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] ( Microsoft Corporation) FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL [2014-01-28] (Microsoft Corporation) FF Plugin: @microsoft.com/WLPG,version=16.4.3508.0205 -> C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll [2013-02-05] (Microsoft Corporation) FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-09-14] (Google Inc.) FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-09-14] (Google Inc.) FF Plugin: @videolan.org/vlc,version=2.1.5 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN) FF Plugin: @videolan.org/vlc,version=2.2.0 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN) FF Plugin: @videolan.org/vlc,version=2.2.1 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN) FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2015-07-03] (Adobe Systems Inc.) FF Plugin HKU\S-1-5-21-3974272555-2943434140-3627363908-1001: @citrixonline.com/appdetectorplugin -> C:\Users\jean-louis\AppData\Local\Citrix\Plugins\104\npappdetector.dll [2015-03-27] (Citrix Online) FF Plugin HKU\S-1-5-21-3974272555-2943434140-3627363908-1001: SkypePlugin -> C:\Users\jean-louis\AppData\Local\SkypePlugin\7.5.0.127\npGatewayNpapi.dll [2015-08-02] (Skype Technologies S.A.) FF user.js: detected! => C:\Users\jean-louis\AppData\Roaming\Mozilla\Firefox\Profiles\l1zh8djg.default-1443182895729\user.js [2015-09-26] FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npMeetingJoinPluginOC.dll [2015-03-31] (Microsoft Corporation) FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nppdf32.dll [2015-07-03] (Adobe Systems Inc.) FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin.dll [2015-08-22] (Apple Inc.) FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin2.dll [2015-08-22] (Apple Inc.) FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin3.dll [2015-08-22] (Apple Inc.) FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin4.dll [2015-08-22] (Apple Inc.) FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin5.dll [2015-08-22] (Apple Inc.) FF Extension: LastPass - C:\Users\jean-louis\AppData\Roaming\Mozilla\Firefox\Profiles\l1zh8djg.default-1443182895729\Extensions\support@lastpass.com [2015-09-25] FF Extension: ColorfulTabs - C:\Users\jean-louis\AppData\Roaming\Mozilla\Firefox\Profiles\l1zh8djg.default-1443182895729\Extensions\{0545b830-f0aa-4d7e-8820-50a4629a56fe} [2015-09-25] FF Extension: Webmail Ad Blocker - C:\Users\jean-louis\AppData\Roaming\Mozilla\Firefox\Profiles\l1zh8djg.default-1443182895729\Extensions\gmailnoads@mywebber.com.xpi [2015-09-25] FF Extension: TV-replay - C:\Users\jean-louis\AppData\Roaming\Mozilla\Firefox\Profiles\l1zh8djg.default-1443182895729\Extensions\jid0-lmIsXALI3c9rxMVACyXQltd4m2E@jetpack.xpi [2015-09-25] FF Extension: Google™ Translator Lite - C:\Users\jean-louis\AppData\Roaming\Mozilla\Firefox\Profiles\l1zh8djg.default-1443182895729\Extensions\jid1-f3mYMbCpz2AZYl@jetpack.xpi [2015-09-25] FF Extension: I don't care about cookies - C:\Users\jean-louis\AppData\Roaming\Mozilla\Firefox\Profiles\l1zh8djg.default-1443182895729\Extensions\jid1-KKzOGWgsW3Ao4Q@jetpack.xpi [2015-09-25] FF Extension: New Tab Tools - C:\Users\jean-louis\AppData\Roaming\Mozilla\Firefox\Profiles\l1zh8djg.default-1443182895729\Extensions\newtabtools@darktrojan.net.xpi [2015-09-25] FF Extension: NoiaButtons - C:\Users\jean-louis\AppData\Roaming\Mozilla\Firefox\Profiles\l1zh8djg.default-1443182895729\Extensions\NoiaButtons@ArisT2_Noia4dev.xpi [2015-09-25] FF Extension: Noia Fox options - C:\Users\jean-louis\AppData\Roaming\Mozilla\Firefox\Profiles\l1zh8djg.default-1443182895729\Extensions\NoiaFoxoption@davidvincent.tld.xpi [2015-09-25] FF Extension: Personas Plus - C:\Users\jean-louis\AppData\Roaming\Mozilla\Firefox\Profiles\l1zh8djg.default-1443182895729\Extensions\personas@christopher.beard.xpi [2015-09-25] FF Extension: S3.Google Translator - C:\Users\jean-louis\AppData\Roaming\Mozilla\Firefox\Profiles\l1zh8djg.default-1443182895729\Extensions\s3google@translator.xpi [2015-09-25] FF Extension: The Addon Bar (restored) - C:\Users\jean-louis\AppData\Roaming\Mozilla\Firefox\Profiles\l1zh8djg.default-1443182895729\Extensions\the-addon-bar@GeekInTraining-GiT.xpi [2015-09-25] FF Extension: Beyond Australis - C:\Users\jean-louis\AppData\Roaming\Mozilla\Firefox\Profiles\l1zh8djg.default-1443182895729\Extensions\thefoxonlybetter@quicksaver.xpi [2015-09-25] FF Extension: Tile Tabs - C:\Users\jean-louis\AppData\Roaming\Mozilla\Firefox\Profiles\l1zh8djg.default-1443182895729\Extensions\tiletabs@DW-dev.xpi [2015-09-25] FF Extension: Google Translator for Firefox - C:\Users\jean-louis\AppData\Roaming\Mozilla\Firefox\Profiles\l1zh8djg.default-1443182895729\Extensions\translator@zoli.bod.xpi [2015-09-25] FF Extension: Noia Fox - C:\Users\jean-louis\AppData\Roaming\Mozilla\Firefox\Profiles\l1zh8djg.default-1443182895729\Extensions\{7b90e860-5d61-11e0-80e3-0800200c9a66}.xpi [2015-09-25] FF Extension: Adblock Plus - C:\Users\jean-louis\AppData\Roaming\Mozilla\Firefox\Profiles\l1zh8djg.default-1443182895729\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2015-09-25] FF Extension: Tab Mix Plus - C:\Users\jean-louis\AppData\Roaming\Mozilla\Firefox\Profiles\l1zh8djg.default-1443182895729\Extensions\{dc572301-7619-498c-a57d-39143191b318}.xpi [2015-09-25] FF Extension: Personas Shuffler - C:\Users\jean-louis\AppData\Roaming\Mozilla\Firefox\Profiles\l1zh8djg.default-1443182895729\Extensions\{f18ce681-59c6-4a25-8ecb-e3e0fd7fbb44}.xpi [2015-09-25] FF Extension: Pas de nom - C:\Program Files\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}.xpi [2015-09-23] FF HKLM\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird FF Extension: ESET Smart Security Extension - C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird [2014-09-20] FF HKU\S-1-5-21-3974272555-2943434140-3627363908-1001\...\Firefox\Extensions: [jetpack-extension@dashlane.com] - C:\Users\jean-louis\AppData\Roaming\Dashlane\3.5.2.91395\Extensions\JetPack_expanded\jetpack-extension@dashlane.com FF Extension: Dashlane - C:\Users\jean-louis\AppData\Roaming\Dashlane\3.5.2.91395\Extensions\JetPack_expanded\jetpack-extension@dashlane.com [2015-09-26] FF ExtraCheck: C:\Program Files\mozilla firefox\defaults\pref\itms.js [2015-09-23] Chrome: ======= CHR dev: Chrome dev build détecté(e)! <======= ATTENTION CHR Profile: C:\Users\jean-louis\AppData\Local\Google\Chrome\User Data\Default CHR Extension: (Google Drive) - C:\Users\jean-louis\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-07-06] CHR Extension: (YouTube) - C:\Users\jean-louis\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-07-06] CHR Extension: (Google Search) - C:\Users\jean-louis\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-07-06] CHR Extension: (Gmail) - C:\Users\jean-louis\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-07-06] CHR HKU\S-1-5-21-3974272555-2943434140-3627363908-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [mkjojgglmmcghgaiknnpgjgldgaocjfd] - C:\Users\jean-louis\AppData\Roaming\Dashlane\3.5.2.91395\bin\Chrome_Extension\kwift.crx [2015-09-26] ==================== Services (Avec liste blanche) ======================== (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.) R2 c2cautoupdatesvc; C:\Program Files\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1394816 2015-05-01] (Microsoft Corporation) R2 c2cpnrsvc; C:\Program Files\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1772672 2015-05-01] (Microsoft Corporation) R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX86\OfficeClickToRun.exe [1879640 2015-09-11] (Microsoft Corporation) R2 Dedicarz Service; C:\Program Files\Orange\Assistance Livebox\dedicarz\DedicarzService.exe [1966960 2013-06-10] () [Fichier non signé] R2 ekrn; C:\Program Files\ESET\ESET Smart Security\ekrn.exe [1343408 2014-02-24] (ESET) S3 FLEXnet Licensing Service; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [654848 2014-09-20] (Macrovision Europe Ltd.) [Fichier non signé] S4 Orange update Core Service; C:\Program Files\Orange\OrangeUpdate\Service\OUCore.exe [1073160 2013-08-29] (Orange SA) R2 Secunia PSI Agent; C:\Program Files\Secunia\PSI\PSIA.exe [1229528 2013-12-06] (Secunia) S2 Secunia Update Agent; C:\Program Files\Secunia\PSI\sua.exe [662232 2013-12-06] (Secunia) R2 Serveur Média; C:\Program Files\Serveur Media\twonkymediaserverwatchdog.exe [501336 2010-12-14] (PacketVideo) R2 TuneUp.UtilitiesSvc; C:\Program Files\TuneUp Utilities 2014\TuneUpUtilitiesService32.exe [1781048 2015-06-25] (TuneUp Software) S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [284520 2015-07-07] (Microsoft Corporation) S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [22224 2015-07-07] (Microsoft Corporation) ===================== Pilotes (Avec liste blanche) ========================== (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.) R1 eamonm; C:\WINDOWS\System32\DRIVERS\eamonm.sys [188808 2013-09-17] (ESET) R3 eapihdrv; C:\Users\JEAN-L~1\AppData\Local\Temp\ehdrv.sys [135760 2015-09-27] (ESET) R0 edevmon; C:\WINDOWS\System32\DRIVERS\edevmon.sys [187808 2013-09-17] (ESET) R1 ehdrv; C:\WINDOWS\system32\DRIVERS\ehdrv.sys [134248 2013-09-17] (ESET) R2 epfw; C:\WINDOWS\system32\DRIVERS\epfw.sys [174400 2013-09-17] (ESET) R1 EpfwLWF; C:\WINDOWS\system32\DRIVERS\EpfwLWF.sys [37416 2013-09-17] (ESET) R0 epfwwfp; C:\WINDOWS\System32\DRIVERS\epfwwfp.sys [49240 2013-09-17] (ESET) R3 PSI; C:\WINDOWS\System32\DRIVERS\psi_mf_x86.sys [16024 2013-12-06] (Secunia) R0 SmartDefragDriver; C:\WINDOWS\System32\Drivers\SmartDefragDriver.sys [18624 2014-06-04] (IObit) S3 ssudserd; C:\WINDOWS\system32\DRIVERS\ssudserd.sys [184192 2014-01-22] (DEVGURU Co., LTD.(www.devguru.co.kr)) R3 TuneUpUtilitiesDrv; C:\Program Files\TuneUp Utilities 2014\TuneUpUtilitiesDriver32.sys [30632 2015-06-04] (TuneUp Software) S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [38928 2015-07-07] (Microsoft Corporation) S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [233304 2015-07-07] (Microsoft Corporation) S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [84824 2015-07-07] (Microsoft Corporation) S3 WUDFSensorLP; C:\WINDOWS\System32\drivers\WUDFRd.sys [190976 2014-10-29] (Microsoft Corporation) S3 WUDFWpdMtp; C:\WINDOWS\System32\drivers\WUDFRd.sys [190976 2014-10-29] (Microsoft Corporation) U3 catchme; \??\C:\Users\JEAN-L~1\AppData\Local\Temp\catchme.sys [X] S3 MBAMSwissArmy; \??\C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [X] ==================== NetSvcs (Avec liste blanche) =================== (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.) ==================== Un mois - Créés - fichiers et dossiers ======== (Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.) 2015-09-27 12:05 - 2015-09-27 12:05 - 01695744 _____ (Farbar) C:\Users\jean-louis\Downloads\FRST.exe 2015-09-27 12:03 - 2015-09-27 12:03 - 00000152 _____ C:\Users\jean-louis\Downloads\fixlist.txt 2015-09-27 10:41 - 2015-09-26 16:52 - 00017392 _____ C:\zoek-results2015-09-26-145203.log 2015-09-27 10:37 - 2015-09-27 10:37 - 01308672 _____ C:\Users\jean-louis\Downloads\zoek(2).exe 2015-09-27 10:10 - 2015-09-27 10:10 - 00000280 _____ C:\Users\jean-louis\Downloads\eset on line.txt 2015-09-27 08:20 - 2015-09-27 09:56 - 00080644 _____ C:\WINDOWS\WindowsUpdate.log 2015-09-26 23:28 - 2015-09-26 23:28 - 02870984 _____ (ESET) C:\Users\jean-louis\Downloads\esetsmartinstaller_fra.exe 2015-09-26 20:14 - 2015-09-26 20:14 - 01938944 _____ C:\Users\jean-louis\Downloads\ZHPDiag3(1).exe 2015-09-26 20:12 - 2015-09-26 20:12 - 00001928 _____ C:\Users\jean-louis\Desktop\ZHPFixReport.txt 2015-09-26 20:07 - 2015-09-26 20:10 - 00000000 ____D C:\Program Files\ZHPFix 2015-09-26 20:07 - 2015-09-26 20:09 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ZHP 2015-09-26 20:07 - 2015-09-26 20:07 - 03521472 _____ (Nicolas Coolman ) C:\Users\jean-louis\Downloads\ZHPFix.exe 2015-09-26 17:25 - 2015-09-26 17:25 - 00513832 _____ (Dashlane inc.) C:\Users\jean-louis\Downloads\Dashlane_Launcher_bfirefox-1441010438.exe 2015-09-26 17:17 - 2015-09-26 20:12 - 00000000 ____D C:\Users\jean-louis\AppData\Roaming\Dashlane 2015-09-26 17:12 - 2015-09-26 17:03 - 00110713 _____ C:\Users\jean-louis\Documents\ZHPDiag.txt 2015-09-26 16:56 - 2015-09-26 16:56 - 01938944 _____ C:\Users\jean-louis\Downloads\ZHPDiag3.exe 2015-09-26 16:30 - 2015-09-27 10:41 - 00000793 _____ C:\zoek-results.log 2015-09-26 16:24 - 2015-09-26 16:24 - 01308672 _____ C:\Users\jean-louis\Downloads\zoek(1).exe 2015-09-26 16:23 - 2015-09-26 16:51 - 00000000 ____D C:\zoek_backup 2015-09-26 16:23 - 2015-09-26 16:23 - 01308672 _____ C:\Users\jean-louis\Downloads\zoek.exe 2015-09-26 16:20 - 2015-09-26 16:20 - 00000026 _____ C:\Users\jean-louis\Downloads\ScriptZoek.txt 2015-09-26 16:16 - 2015-09-26 16:16 - 00001283 _____ C:\malwhere.txt 2015-09-26 14:17 - 2015-09-26 14:20 - 24345872 _____ (Malwarebytes Corporation ) C:\Users\jean-louis\Downloads\mbam-setup-2.1.8.1057(2).exe 2015-09-26 13:34 - 2015-09-26 13:34 - 00000000 ____D C:\AdwCleaner 2015-09-26 13:32 - 2015-09-26 13:32 - 01662976 _____ C:\Users\jean-louis\Downloads\adwcleaner_5.008.exe 2015-09-26 11:32 - 2015-09-26 11:32 - 00048717 _____ C:\Users\jean-louis\Downloads\Addition.txt 2015-09-26 11:31 - 2015-09-27 12:07 - 00021824 _____ C:\Users\jean-louis\Downloads\FRST.txt 2015-09-26 11:29 - 2015-09-27 12:07 - 00000000 ____D C:\FRST 2015-09-26 11:15 - 2015-09-26 11:15 - 01965568 _____ C:\Users\jean-louis\Downloads\ZHPCleaner.exe 2015-09-25 16:54 - 2015-09-25 16:54 - 01057696 _____ C:\Users\jean-louis\Downloads\SFTGC(1).exe 2015-09-25 16:51 - 2015-09-25 16:51 - 01354240 _____ C:\Users\jean-louis\Downloads\SFTGC.exe 2015-09-25 13:41 - 2015-09-25 13:43 - 24345872 _____ (Malwarebytes Corporation ) C:\Users\jean-louis\Downloads\mbam-setup-2.1.8.1057(1).exe 2015-09-25 11:24 - 2015-09-25 11:24 - 01900096 _____ C:\WINDOWS\system32\FNTCACHE.DAT 2015-09-23 23:37 - 2015-09-24 01:03 - 00000000 ____D C:\Program Files\jv16 PowerTools 2010 2015-09-23 23:10 - 2015-09-24 19:17 - 00000000 ____D C:\Program Files\RegCleaner 2015-09-23 17:00 - 2015-09-23 17:00 - 00000000 ____D C:\Users\jean-louis\AppData\Roaming\My Security Center 2015-09-23 16:59 - 2015-09-27 11:49 - 00000000 ____D C:\Program Files\My Security Center 2015-09-23 16:59 - 2015-09-25 11:23 - 00000000 ____D C:\ProgramData\My Security Center 2015-09-23 16:59 - 2015-09-25 11:23 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\My Security Center 2015-09-23 16:52 - 2015-09-26 18:42 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MYSecurityCenter Toolkit 2015-09-23 16:48 - 2015-09-23 16:48 - 04458592 _____ (TeamViewer) C:\Users\jean-louis\Downloads\remote_support_msc_atc.exe 2015-09-23 00:37 - 2015-09-23 17:50 - 00000000 ____D C:\Program Files\Mozilla Firefox 2015-09-22 15:26 - 2015-09-22 15:26 - 03894696 _____ C:\Users\jean-louis\Downloads\Setup_WinThruster_2015.exe 2015-09-20 10:37 - 2015-09-20 10:39 - 24345872 _____ (Malwarebytes Corporation ) C:\Users\jean-louis\Downloads\mbam-setup-2.1.8.1057.exe 2015-09-18 09:13 - 2015-09-18 09:13 - 00000000 ____D C:\Users\jean-louis\AppData\Roaming\LibreOffice 2015-09-17 14:19 - 2015-09-17 14:19 - 00001506 _____ C:\Users\Public\Desktop\LibreOffice 5.0.lnk 2015-09-17 14:19 - 2015-09-17 14:19 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LibreOffice 5.0 2015-09-17 14:17 - 2015-09-17 14:19 - 00000000 ____D C:\Program Files\LibreOffice 5 2015-09-17 13:47 - 2015-09-17 14:15 - 220966912 _____ C:\Users\jean-louis\Downloads\LibreOffice_5.0.1_Win_x86.msi 2015-09-16 18:40 - 2015-09-16 18:40 - 00450807 ____R C:\WINDOWS\system32\Drivers\etc\hosts.20150916-184054.backup 2015-09-16 18:40 - 2015-09-16 18:32 - 00450807 ____R C:\WINDOWS\system32\Drivers\etc\hosts.20150916-184024.backup 2015-09-16 18:32 - 2015-09-16 18:31 - 00450807 ____R C:\WINDOWS\system32\Drivers\etc\hosts.20150916-183253.backup 2015-09-16 18:31 - 2015-09-03 11:55 - 00000866 _____ C:\WINDOWS\system32\Drivers\etc\hosts.20150916-183150.backup 2015-09-16 10:18 - 2015-09-16 10:18 - 00000000 ____D C:\Users\jean-louis\AppData\Roaming\Sun 2015-09-16 10:18 - 2015-09-16 10:18 - 00000000 ____D C:\Users\jean-louis\.oracle_jre_usage 2015-09-16 10:18 - 2015-09-16 10:18 - 00000000 ____D C:\Program Files\Common Files\Java 2015-09-16 10:17 - 2015-09-16 10:17 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java 2015-09-16 10:17 - 2015-09-16 10:16 - 00097888 _____ (Oracle Corporation) C:\WINDOWS\system32\WindowsAccessBridge.dll 2015-09-16 10:16 - 2015-09-16 10:18 - 00000000 ____D C:\ProgramData\Oracle 2015-09-15 20:53 - 2015-09-18 11:13 - 00000000 ____D C:\Program Files\Common Files\AV 2015-09-15 20:46 - 2013-09-20 10:49 - 00018968 _____ (Safer Networking Limited) C:\WINDOWS\system32\sdnclean.exe 2015-09-14 20:12 - 2015-09-14 20:12 - 00001080 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA1d0ef18e4b08c20.job 2015-09-14 10:27 - 2015-09-26 16:17 - 00001282 _____ C:\malware.txt 2015-09-12 11:33 - 2015-09-12 11:33 - 00000000 ____D C:\Users\jean-louis\AppData\Roaming\Dropbox 2015-09-12 11:29 - 2015-09-26 18:55 - 00000000 ____D C:\Users\jean-louis\AppData\Local\Dropbox 2015-09-12 11:29 - 2015-09-26 18:55 - 00000000 ____D C:\Program Files\Dropbox 2015-09-12 11:29 - 2015-09-12 11:29 - 00000000 ____D C:\ProgramData\Dropbox 2015-09-11 11:25 - 2015-07-13 21:01 - 00411455 _____ C:\WINDOWS\system32\ApnDatabase.xml 2015-09-11 11:24 - 2015-07-14 05:32 - 00064512 _____ (Microsoft Corporation) C:\WINDOWS\system32\tzsync.exe 2015-09-11 11:23 - 2015-08-22 19:22 - 19856384 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll 2015-09-11 11:23 - 2015-08-22 18:55 - 00504832 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll 2015-09-11 11:23 - 2015-08-22 18:50 - 02279424 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll 2015-09-11 11:23 - 2015-08-22 18:45 - 00665600 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll 2015-09-11 11:23 - 2015-08-22 18:28 - 04520448 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll 2015-09-11 11:23 - 2015-08-22 18:23 - 00880128 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcomm.dll 2015-09-11 11:23 - 2015-08-22 18:22 - 12857344 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll 2015-09-11 11:23 - 2015-08-22 18:20 - 00230400 _____ (Microsoft Corporation) C:\WINDOWS\system32\webcheck.dll 2015-09-11 11:23 - 2015-08-22 18:18 - 02052608 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl 2015-09-11 11:23 - 2015-08-22 18:18 - 00689152 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll 2015-09-11 11:23 - 2015-08-22 18:18 - 00685568 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe 2015-09-11 11:23 - 2015-08-22 18:18 - 00327168 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll 2015-09-11 11:23 - 2015-08-22 18:00 - 01951232 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll 2015-09-11 11:23 - 2015-08-22 17:56 - 01310720 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll 2015-09-11 11:23 - 2015-08-22 17:55 - 00710144 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll 2015-09-11 11:23 - 2015-08-01 05:45 - 00182784 _____ (Microsoft Corporation) C:\WINDOWS\system32\schtasks.exe 2015-09-11 11:23 - 2015-08-01 05:38 - 01015808 _____ (Microsoft Corporation) C:\WINDOWS\system32\schedsvc.dll 2015-09-11 11:23 - 2015-08-01 05:37 - 00359936 _____ (Microsoft Corporation) C:\WINDOWS\system32\taskeng.exe 2015-09-11 11:22 - 2015-09-02 04:17 - 03523584 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys 2015-09-11 11:22 - 2015-09-02 04:17 - 00301568 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\atmfd.dll 2015-09-11 11:22 - 2015-09-02 04:13 - 00035840 _____ (Adobe Systems) C:\WINDOWS\system32\atmlib.dll 2015-09-11 11:22 - 2015-08-27 04:53 - 00128568 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe 2015-09-11 11:22 - 2015-08-26 20:07 - 03066368 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll 2015-09-11 11:22 - 2015-08-26 20:01 - 02173440 _____ (Microsoft Corporation) C:\WINDOWS\system32\wucltux.dll 2015-09-11 11:22 - 2015-08-26 20:00 - 00721920 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll 2015-09-11 11:22 - 2015-08-26 20:00 - 00334336 _____ (Microsoft Corporation) C:\WINDOWS\system32\WUSettingsProvider.dll 2015-09-11 11:22 - 2015-08-26 20:00 - 00124928 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuwebv.dll 2015-09-11 11:22 - 2015-08-26 20:00 - 00081920 _____ (Microsoft Corporation) C:\WINDOWS\system32\wudriver.dll 2015-09-11 11:22 - 2015-08-26 20:00 - 00029696 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapp.exe 2015-09-11 11:22 - 2015-07-22 16:25 - 02461184 _____ (Microsoft Corporation) C:\WINDOWS\system32\authui.dll 2015-09-11 11:22 - 2015-07-22 16:25 - 01546752 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Immersive.dll 2015-09-11 11:22 - 2015-07-18 20:29 - 00148480 _____ (Microsoft Corporation) C:\WINDOWS\system32\shacct.dll 2015-09-11 11:22 - 2015-07-18 20:27 - 00520192 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSync.dll 2015-09-10 12:04 - 2015-09-10 12:05 - 00000000 ___HD C:\$Windows.~BT 2015-09-09 14:30 - 2015-07-30 18:22 - 00230912 _____ (Microsoft Corporation) C:\WINDOWS\system32\InkEd.dll 2015-09-09 14:22 - 2015-07-09 17:50 - 00191488 _____ (Microsoft Corporation) C:\WINDOWS\system32\profsvc.dll 2015-09-09 14:16 - 2015-09-03 04:17 - 01903848 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml6.dll 2015-09-09 14:16 - 2015-09-02 19:09 - 01556992 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml3.dll 2015-09-09 14:16 - 2015-08-03 23:15 - 00065600 _____ (Microsoft Corporation) C:\WINDOWS\system32\appidapi.dll 2015-09-09 14:16 - 2015-08-01 16:21 - 00032768 _____ (Microsoft Corporation) C:\WINDOWS\system32\appidsvc.dll 2015-09-09 14:16 - 2015-07-22 16:15 - 00041984 _____ (Microsoft Corporation) C:\WINDOWS\system32\UtcResources.dll 2015-09-09 14:16 - 2015-07-22 15:50 - 01172992 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagtrack.dll 2015-09-09 14:16 - 2015-07-17 16:10 - 00749568 _____ (Microsoft Corporation) C:\WINDOWS\system32\tdh.dll 2015-09-09 14:16 - 2015-07-03 23:56 - 01132648 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32.dll 2015-09-09 14:16 - 2015-06-27 13:53 - 00108888 _____ (Microsoft Corporation) C:\WINDOWS\system32\consent.exe 2015-09-09 14:16 - 2015-06-19 19:03 - 02241024 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers.dll 2015-09-08 09:45 - 2015-09-08 09:45 - 00000855 _____ C:\Users\jean-louis\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Start Tor Browser.lnk 2015-09-08 09:45 - 2015-09-08 09:45 - 00000807 _____ C:\Users\jean-louis\Desktop\Start Tor Browser.lnk 2015-09-08 09:44 - 2015-09-08 09:44 - 00000000 ____D C:\Users\jean-louis\Desktop\Tor Browser 2015-09-04 11:52 - 2015-08-13 23:05 - 397973454 ____R C:\Users\jean-louis\Documents\american.sniper.2014.french.720p.bluray.x264-lost.mkv 2015-09-04 00:06 - 2015-09-26 17:30 - 00001805 _____ C:\Users\jean-louis\Desktop\Dashlane.lnk 2015-09-02 23:03 - 2015-09-02 23:03 - 00021815 _____ C:\MBAM.txt 2015-08-31 15:41 - 2015-08-31 15:41 - 00000000 ____D C:\Users\jean-louis\Documents\FormatFactory 2015-08-31 15:15 - 2015-08-31 15:15 - 00000000 ____D C:\ProgramData\Baidu 2015-08-31 15:13 - 2015-09-26 18:50 - 00000000 ____D C:\Program Files\FreeTime 2015-08-29 17:16 - 2015-08-29 17:16 - 00000000 ____D C:\Users\jean-louis\AppData\Local\FreemakeVideoConverter 2015-08-29 17:15 - 2015-09-26 18:46 - 00000000 ____D C:\ProgramData\Freemake 2015-08-29 17:15 - 2015-08-29 17:16 - 00000000 ____D C:\Users\jean-louis\Documents\Freemake 2015-08-29 12:06 - 2015-09-26 20:14 - 00000000 ____D C:\Users\jean-louis\AppData\Roaming\ZHP 2015-08-28 02:06 - 2015-09-14 20:12 - 00001080 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA1d0e1255802ae83.job ==================== Un mois - Modifiés - fichiers et dossiers ======== (Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.) 2015-09-27 12:02 - 2014-07-28 17:50 - 00000000 ____D C:\ProgramData\Serveur Média 2015-09-27 12:02 - 2013-08-22 10:17 - 00000000 ____D C:\WINDOWS\system32\sru 2015-09-27 11:55 - 2013-09-01 17:55 - 00000000 ____D C:\Users\jean-louis\AppData\Local\PrivaZer 2015-09-27 11:43 - 2015-04-02 13:46 - 00001002 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job 2015-09-27 11:41 - 2015-02-02 18:11 - 00000000 ____D C:\Users\jean-louis\AppData\Roaming\StartMenuX 2015-09-27 08:22 - 2013-08-22 10:17 - 00000000 ____D C:\WINDOWS\AppReadiness 2015-09-26 20:17 - 2015-07-16 01:06 - 00001076 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore1d0bf52e8411573.job 2015-09-26 18:52 - 2014-10-11 16:28 - 00000000 ____D C:\Program Files\Avanquest 2015-09-26 18:52 - 2014-03-25 12:07 - 00000000 ____D C:\ProgramData\Avanquest 2015-09-26 18:52 - 2014-01-22 19:28 - 00000000 ___HD C:\Program Files\InstallShield Installation Information 2015-09-26 18:49 - 2013-10-25 09:56 - 00000000 ____D C:\Users\jean-louis\AppData\Roaming\Intelli-studio 2015-09-26 18:48 - 2014-08-07 12:43 - 00000000 ____D C:\Program Files\SAMSUNG 2015-09-26 18:44 - 2015-05-09 12:13 - 00000000 ____D C:\Program Files\Quicksys 2015-09-26 18:39 - 2013-08-22 10:17 - 00000000 ____D C:\WINDOWS\Microsoft.NET 2015-09-26 18:27 - 2014-08-29 18:02 - 00000000 ___RD C:\Users\jean-louis\OneDrive 2015-09-26 18:27 - 2014-07-28 16:59 - 00000000 ____D C:\Program Files\Serveur Media 2015-09-26 18:26 - 2013-08-22 09:23 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT 2015-09-26 18:25 - 2013-08-22 08:13 - 00524288 ___SH C:\WINDOWS\system32\config\BBI 2015-09-26 17:30 - 2014-06-27 19:22 - 00000000 ____D C:\Users\jean-louis\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dashlane 2015-09-26 16:45 - 2013-12-10 14:17 - 00000000 ____D C:\Users\jean-louis 2015-09-26 12:00 - 2014-01-27 00:08 - 00000000 ____D C:\Program Files\Microsoft Office 15 2015-09-26 10:51 - 2013-10-23 11:48 - 00000437 _____ C:\DelFix.txt 2015-09-25 14:08 - 2014-09-08 09:46 - 00000000 ____D C:\Users\jean-louis\Desktop\Anciennes données de Firefox 2015-09-25 13:37 - 2013-12-11 19:31 - 00000000 ____D C:\ProgramData\IObit 2015-09-25 13:37 - 2013-12-11 19:30 - 00000000 ____D C:\Users\jean-louis\AppData\Roaming\IObit 2015-09-25 11:24 - 2014-09-13 17:19 - 00000000 ____D C:\Program Files\Bonjour 2015-09-25 11:23 - 2015-08-22 21:29 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes 2015-09-25 11:23 - 2015-08-22 21:28 - 00000000 ____D C:\Program Files\iTunes 2015-09-25 11:23 - 2015-05-09 12:13 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Quicksys 2015-09-25 11:23 - 2015-04-04 12:12 - 00000000 ___SD C:\WINDOWS\system32\GWX 2015-09-25 11:23 - 2014-07-25 13:56 - 00000000 ____D C:\Users\jean-louis\Documents\Wise Disk Cleaner 2015-09-25 11:23 - 2014-03-12 10:49 - 00000000 ____D C:\Users\jean-louis\AppData\Local\Apple 2015-09-25 11:23 - 2013-09-01 01:52 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner 2015-09-25 11:23 - 2013-08-22 10:17 - 00000000 ____D C:\WINDOWS\Help 2015-09-25 11:22 - 2014-03-12 10:49 - 00000000 ____D C:\Program Files\Apple Software Update 2015-09-25 11:22 - 2013-09-01 01:52 - 00000000 ____D C:\Program Files\CCleaner 2015-09-25 11:11 - 2013-08-22 10:17 - 00000000 ____D C:\WINDOWS\registration 2015-09-25 11:09 - 2015-08-22 21:28 - 00000000 ____D C:\Program Files\iPod 2015-09-25 11:09 - 2014-03-12 10:49 - 00000000 ____D C:\Program Files\Common Files\Apple 2015-09-24 14:01 - 2013-09-17 22:05 - 00007609 _____ C:\Users\jean-louis\AppData\Local\resmon.resmoncfg 2015-09-23 17:51 - 2013-09-06 09:45 - 00000000 ____D C:\Users\jean-louis\AppData\Roaming\Wise Disk Cleaner 2015-09-23 16:49 - 2014-04-16 16:42 - 00000000 ____D C:\Users\jean-louis\AppData\Roaming\TeamViewer 2015-09-23 10:32 - 2013-08-31 15:57 - 00000000 ____D C:\Program Files\Mozilla Maintenance Service 2015-09-22 10:32 - 2012-07-26 08:43 - 00000000 ____D C:\WINDOWS\CbsTemp 2015-09-19 12:30 - 2013-04-09 03:25 - 00000000 ____D C:\Users\jean-louis\Documents\mt6589_rooter 2015-09-19 12:28 - 2012-11-27 17:24 - 00000000 ____D C:\Users\jean-louis\Documents\i386 2015-09-19 12:28 - 2012-11-27 17:24 - 00000000 ____D C:\Users\jean-louis\Documents\amd64 2015-09-19 11:29 - 2015-04-16 12:07 - 00000000 ____D C:\Program Files\Mozilla Thunderbird 2015-09-19 11:27 - 2013-08-31 16:02 - 00000000 __RHD C:\MSOCache 2015-09-19 10:57 - 2013-11-12 20:21 - 00000000 ____D C:\Program Files\Orange 2015-09-19 10:39 - 2014-09-20 16:44 - 00000000 ____D C:\Users\jean-louis\Documents\NeroVision 2015-09-19 00:00 - 2014-01-22 18:55 - 81282048 _____ C:\Users\jean-louis\Documents\jean-louis.muratet@orange.fr.pst 2015-09-19 00:00 - 2013-08-31 18:46 - 00000000 ____D C:\Users\jean-louis\Documents\Fichiers Outlook 2015-09-17 12:25 - 2015-03-16 18:08 - 00000000 ____D C:\Users\jean-louis\Desktop\Captvty 2015-09-17 02:01 - 2015-04-16 12:07 - 00001183 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Thunderbird.lnk 2015-09-17 02:01 - 2015-04-16 12:07 - 00001171 _____ C:\Users\Public\Desktop\Mozilla Thunderbird.lnk 2015-09-16 23:40 - 2013-12-03 15:45 - 00000000 ____D C:\Users\jean-louis\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\NirSoft ProduKey 2015-09-16 10:27 - 2014-03-25 12:07 - 00000000 ____D C:\Program Files\PDF Pro 10 2015-09-16 10:16 - 2013-10-23 13:12 - 00000000 ____D C:\Program Files\Java 2015-09-15 03:18 - 2014-08-21 10:05 - 00812008 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerApp.exe 2015-09-15 03:18 - 2014-08-21 10:05 - 00178152 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerCPLApp.cpl 2015-09-13 12:46 - 2013-08-22 10:17 - 00000000 ____D C:\WINDOWS\rescache 2015-09-12 13:11 - 2013-08-22 10:17 - 00000000 ____D C:\WINDOWS\system32\fr-FR 2015-09-12 11:29 - 2014-03-23 15:52 - 00000981 _____ C:\Users\Public\Desktop\CCleaner.lnk 2015-09-12 10:36 - 2013-08-31 16:06 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013 2015-09-12 10:35 - 2013-08-31 16:02 - 00000000 ____D C:\ProgramData\Microsoft Help 2015-09-12 10:32 - 2013-09-02 12:48 - 00000000 ____D C:\WINDOWS\system32\MRT 2015-09-10 17:07 - 2015-02-03 20:22 - 00000000 ____D C:\Program Files\PrivaZer 2015-09-10 17:07 - 2014-04-19 13:45 - 00001847 _____ C:\Users\Public\Desktop\PrivaZer.lnk 2015-09-10 17:07 - 2013-09-01 17:55 - 00001859 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PrivaZer.lnk 2015-09-10 12:04 - 2013-12-10 14:12 - 00000000 ___DC C:\WINDOWS\Panther 2015-09-09 18:31 - 2014-03-03 16:10 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Auslogics 2015-09-09 15:23 - 2013-09-30 05:49 - 00000000 ____D C:\Program Files\Windows Journal 2015-09-09 15:22 - 2012-07-26 06:17 - 00000167 _____ C:\WINDOWS\win.ini 2015-09-07 22:53 - 2014-01-28 11:43 - 00000000 ____D C:\Users\jean-louis\AppData\Roaming\Skype 2015-09-07 14:12 - 2014-01-22 14:25 - 00000000 ____D C:\Users\jean-louis\AppData\Roaming\vlc 2015-09-06 17:04 - 2014-02-18 14:34 - 00000000 ____D C:\Log 2015-09-06 12:07 - 2014-03-03 16:10 - 00000000 ____D C:\Program Files\Auslogics 2015-09-06 12:07 - 2013-09-05 00:26 - 00000000 ____D C:\ProgramData\Auslogics 2015-09-05 14:41 - 2014-09-20 14:18 - 00000000 ____D C:\Program Files\ESET 2015-09-03 19:09 - 2013-08-22 08:21 - 00000000 ___RD C:\Users\Public 2015-09-02 22:22 - 2013-09-02 15:33 - 00000000 ____D C:\ProgramData\Malwarebytes 2015-09-02 21:05 - 2013-12-10 14:29 - 01831820 _____ C:\WINDOWS\system32\PerfStringBackup.INI ==================== Fichiers à la racine de certains dossiers ======= 2014-05-19 19:45 - 2014-06-23 09:18 - 0000000 _____ () C:\Program Files\Mozilla Firefoxavg-secure-search.xml 2013-08-31 21:31 - 2014-01-28 01:57 - 15818240 _____ (LastPass) C:\Program Files\Common Files\lpuninstall.exe 2014-10-29 18:30 - 2014-10-29 18:30 - 0038445 _____ () C:\Users\jean-louis\AppData\Roaming\Valeurs séparées par une virgule.ADR 2013-09-17 22:05 - 2015-09-24 14:01 - 0007609 _____ () C:\Users\jean-louis\AppData\Local\resmon.resmoncfg Certains fichiers dans TEMP: ==================== C:\Users\jean-louis\AppData\Local\Temp\virustotal.exe ==================== Bamital & volsnap ================= (Il n'y a pas de correction automatique pour les fichiers qui ne satisfont pas à la vérification.) C:\WINDOWS\explorer.exe => Le fichier est signé numériquement C:\WINDOWS\system32\winlogon.exe => Le fichier est signé numériquement C:\WINDOWS\system32\wininit.exe => Le fichier est signé numériquement C:\WINDOWS\system32\svchost.exe => Le fichier est signé numériquement C:\WINDOWS\system32\services.exe => Le fichier est signé numériquement C:\WINDOWS\system32\User32.dll => Le fichier est signé numériquement C:\WINDOWS\system32\userinit.exe => Le fichier est signé numériquement C:\WINDOWS\system32\rpcss.dll => Le fichier est signé numériquement C:\WINDOWS\system32\dnsapi.dll => Le fichier est signé numériquement C:\WINDOWS\system32\Drivers\volsnap.sys => Le fichier est signé numériquement LastRegBack: 2015-09-26 18:37 ==================== Fin de FRST.txt ============================