Résultats d'analyse de  Farbar Recovery Scan Tool (FRST) (x64) Version: 17-07-2016
Exécuté par Anthony (administrateur) sur SONIA (16-07-2016 17:58:33)
Exécuté depuis C:\Users\sonia\Desktop
Profils chargés: Anthony (Profils disponibles: Anthony & Administrateur)
Platform: Windows 10 Home Version 1511 (X64) Langue: Français (France)
Internet Explorer Version 11 (Navigateur par défaut: Chrome)
Mode d'amorçage: Normal
Tutoriel pour Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processus (Avec liste blanche) =================

(Si un élément est inclus dans le fichier fixlist.txt, le processus sera arrêté. Le fichier ne sera pas déplacé.)

(IObit) C:\Program Files (x86)\IObit\Advanced SystemCare\ASCService.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\Pen\WTabletServiceCon.exe
(Check Point Software Technologies Ltd.) C:\Program Files (x86)\CheckPoint\ZoneAlarm\vsmon.exe
(Windows (R) Win 7 DDK provider) C:\Program Files (x86)\Bluetooth Suite\AdminService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Malwarebytes) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
(Malwarebytes) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
(Check Point Software Technologies, Ltd.) C:\Program Files (x86)\CheckPoint\ZoneAlarm\ZAPrivacyService.exe
(Malwarebytes) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
(IObit) C:\Program Files (x86)\IObit\Advanced SystemCare\Monitor.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\Pen\Pen_TabletUser.exe
(Wacom Technology) C:\Program Files\Tablet\Pen\WacomHost.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\Pen\Pen_Tablet.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\Pen\Pen_TouchUser.exe
(Flux Software LLC) C:\Users\sonia\AppData\Local\FluxSoftware\Flux\flux.exe
(Check Point Software Technologies Ltd.) C:\Program Files (x86)\CheckPoint\ZoneAlarm\zatray.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\NetworkUXBroker.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Framework\Common\avgsvca.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Framework\Common\avguix.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgidsagenta.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgcsrva.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgwdsvca.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgnsa.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgemca.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgui.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgrsa.exe
(Microsoft Corporation) C:\Windows\System32\SndVol.exe
Impossible d'accéder au processus -> LCore.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\InstallAgent.exe
Impossible d'accéder au processus -> SystemSettingsBroker.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe


==================== Registre (Avec liste blanche) ===========================

(Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé. Le fichier ne sera pas déplacé.)

HKLM\...\Run: [Launch LCore] => C:\Program Files\Logitech Gaming Software\LCore.exe [13318424 2015-03-12] (Logitech Inc.)
HKLM-x32\...\Run: [ZoneAlarm] => C:\Program Files (x86)\CheckPoint\ZoneAlarm\zatray.exe [134480 2016-03-24] (Check Point Software Technologies Ltd.)
HKLM-x32\...\Run: [ZoneAlarm Installer] => C:\Users\sonia\AppData\Local\Temp\{907A1104-E812-4b5c-959B-E4DAB37A96AB}\Install.exe [2919224 2016-07-15] (Check Point Software Technologies Ltd.) <===== ATTENTION
HKLM-x32\...\Run: [AvgUi] => C:\Program Files (x86)\AVG\Framework\Common\avguirnx.exe [186640 2016-06-21] (AVG Technologies CZ, s.r.o.)
HKLM-x32\...\Run: [AVG_UI] => C:\Program Files (x86)\AVG\Av\avgui.exe [6723856 2016-06-29] (AVG Technologies CZ, s.r.o.)
Winlogon\Notify\igfxcui: C:\WINDOWS\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-2144432019-1321986784-2387423559-1001\...\Run: [f.lux] => C:\Users\sonia\AppData\Local\FluxSoftware\Flux\flux.exe [1016712 2013-10-16] (Flux Software LLC)
HKU\S-1-5-21-2144432019-1321986784-2387423559-1001\...\Run: [GUDelayStartup] => C:\Program Files (x86)\Glary Utilities 5\StartupManager.exe [37152 2015-10-12] (Glarysoft Ltd)
HKU\S-1-5-21-2144432019-1321986784-2387423559-1001\...\Run: [Discord] => C:\Users\sonia\AppData\Local\Discord\app-0.0.292\Discord.exe [57746616 2016-07-08] (Hammer & Chisel, Inc.)
HKU\S-1-5-21-2144432019-1321986784-2387423559-1001\...\Run: [Advanced SystemCare 9] => C:\Program Files (x86)\IObit\Advanced SystemCare\ASCTray.exe [2010912 2015-11-30] (IObit)
HKU\S-1-5-21-2144432019-1321986784-2387423559-1001\...\Run: [SandboxieControl] => C:\Program Files\Sandboxie\SbieCtrl.exe [797328 2016-02-26] (Sandboxie Holdings, LLC)
HKU\S-1-5-21-2144432019-1321986784-2387423559-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [8641240 2016-02-12] (Piriform Ltd)
HKU\S-1-5-21-2144432019-1321986784-2387423559-1001\...\Run: [DAEMON Tools Lite] => C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [3671872 2012-04-17] (DT Soft Ltd)
HKU\S-1-5-21-2144432019-1321986784-2387423559-1001\...\Policies\Explorer: [NoLowDiskSpaceChecks] 1
HKU\S-1-5-18\...\Run: [ZoneAlarm Windows 10 Upgrader] => "C:\ProgramData\CheckPoint\ZoneAlarm\Data\Updates\unpacked==win10=update_win10.zip\upgrade.exe" /delay
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} =>  Pas de fichier
BootExecute: RegistryDefragBootTime.exeautocheck autochk * 

==================== Internet (Avec liste blanche) ====================

(Si un élément est inclus dans le fichier fixlist.txt, s'il s'agit d'un élément du Registre, il sera supprimé ou restauré à la valeur par défaut.)

Hosts: Fichier hosts non détecté dans le dossier par défaut
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{68b21781-9065-4871-b47f-2a0d039b8aa6}: [DhcpNameServer] 192.168.0.1

Internet Explorer:
==================
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
HKU\S-1-5-21-2144432019-1321986784-2387423559-1001\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\S-1-5-21-2144432019-1321986784-2387423559-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://acer13.msn.com
SearchScopes: HKU\S-1-5-21-2144432019-1321986784-2387423559-1001 -> DefaultScope {5A2F50C2-E87E-40ED-A16D-00C8FD6292F5} URL = 
SearchScopes: HKU\S-1-5-21-2144432019-1321986784-2387423559-1001 -> {5A2F50C2-E87E-40ED-A16D-00C8FD6292F5} URL = 
BHO: ExplorerWnd Helper -> {10921475-03CE-4E04-90CE-E2E7EF20C814} -> C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallExplorer.dll [2015-11-12] (IObit)
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2016-04-29] (Microsoft Corporation)
BHO: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\GROOVEEX.DLL [2016-04-29] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_65\bin\ssv.dll [2015-11-03] (Oracle Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_65\bin\jp2ssv.dll [2015-11-03] (Oracle Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2016-04-29] (Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2016-04-29] (Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2016-04-29] (Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2016-04-29] (Microsoft Corporation)

FireFox:
========
FF ProfilePath: C:\Users\sonia\AppData\Roaming\Mozilla\Firefox\Profiles\h0pzhnzz.default
FF DefaultSearchEngine: Bing 
FF SelectedSearchEngine: Bing 
FF SearchEngineOrder.3: Bing 
FF Keyword.URL: hxxp://www.bing.com/search?FORM=SK2MDF&PC=SK2M&q=
FF Homepage: hxxp://www.msn.com/?pc=SK2M&ocid=SK2MDHP&osmkt=en-ww
FF Plugin: @videolan.org/vlc,version=2.2.1 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2015-04-16] (VideoLAN)
FF Plugin: @wacom.com/wtPlugin,version=2.1.0.7 -> C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll [2014-03-25] (Wacom)
FF Plugin: wacom.com/WacomTabletPlugin -> C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll [2014-03-25] (Wacom)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32.dll [2016-02-20] ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2012-06-07] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2012-06-07] (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.65.2 -> C:\Program Files (x86)\Java\jre1.8.0_65\bin\dtplugin\npDeployJava1.dll [2015-11-03] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.65.2 -> C:\Program Files (x86)\Java\jre1.8.0_65\bin\plugin2\npjp2.dll [2015-11-03] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2016-04-29] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-02-02] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-02-02] (Google Inc.)
FF Plugin-x32: @wacom.com/wtPlugin,version=2.1.0.7 -> C:\Program Files (x86)\TabletPlugins\npWacomTabletPlugin.dll [2014-03-25] (Wacom)
FF Plugin-x32: wacom.com/WacomTabletPlugin -> C:\Program Files (x86)\TabletPlugins\npWacomTabletPlugin.dll [2014-03-25] (Wacom)
FF user.js: detected! => C:\Users\sonia\AppData\Roaming\Mozilla\Firefox\Profiles\h0pzhnzz.default\user.js [2016-07-15]
FF SearchPlugin: C:\Users\sonia\AppData\Roaming\Mozilla\Firefox\Profiles\h0pzhnzz.default\searchplugins\bing-.xml [2016-02-27]
FF Extension: Bing Search - C:\Users\sonia\AppData\Roaming\Mozilla\Firefox\Profiles\h0pzhnzz.default\Extensions\bingsearch.full@microsoft.com.xpi [2016-02-27]

Chrome: 
=======
CHR Plugin: (Widevine Content Decryption Module) - C:\Users\sonia\AppData\Local\Google\Chrome\User Data\WidevineCDM\1.4.8.866\_platform_specific\win_x86\widevinecdmadapter.dll => Pas de fichier
CHR Plugin: (Shockwave Flash) - C:\Users\sonia\AppData\Local\Google\Chrome\User Data\PepperFlash\20.0.0.267\pepflashplayer.dll => Pas de fichier
CHR Profile: C:\Users\sonia\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Slides) - C:\Users\sonia\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-10-30]
CHR Extension: (Google Docs) - C:\Users\sonia\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-10-17]
CHR Extension: (Google Drive) - C:\Users\sonia\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-10-21]
CHR Extension: (WOT: Web of Trust, Website Reputation Ratings) - C:\Users\sonia\AppData\Local\Google\Chrome\User Data\Default\Extensions\bhmmomiinigofkjcapegjjndpbikblnp [2016-06-14]
CHR Extension: (YouTube) - C:\Users\sonia\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-10-17]
CHR Extension: (Adblock Plus) - C:\Users\sonia\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2016-06-30]
CHR Extension: (Recherche Google) - C:\Users\sonia\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-10-28]
CHR Extension: (Corobizar.com - Alerte Live) - C:\Users\sonia\AppData\Local\Google\Chrome\User Data\Default\Extensions\dflnhmchphajjkfadohcpiobjdhnfaed [2015-12-07]
CHR Extension: (Sardalert - alert Live - Sardoche) - C:\Users\sonia\AppData\Local\Google\Chrome\User Data\Default\Extensions\elnpfaoipdfdhikjacbpcfhpnehjjaii [2016-05-21]
CHR Extension: (Google Sheets) - C:\Users\sonia\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-10-30]
CHR Extension: (Google Docs hors connexion) - C:\Users\sonia\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-03-15]
CHR Extension: (AdBlock) - C:\Users\sonia\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2016-07-06]
CHR Extension: (The Great Suspender) - C:\Users\sonia\AppData\Local\Google\Chrome\User Data\Default\Extensions\klbibkeccnjlkjkiokjodocebajanakg [2016-06-23]
CHR Extension: (Paiements via le Chrome Web Store) - C:\Users\sonia\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-04-08]
CHR Extension: (Oddshot) - C:\Users\sonia\AppData\Local\Google\Chrome\User Data\Default\Extensions\olnoeeagkgpkplnhmnnlgodjnjgckhja [2016-06-30]
CHR Extension: (Gmail) - C:\Users\sonia\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-10-17]

==================== Services (Avec liste blanche) ========================

(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)

R2 AdvancedSystemCareService9; C:\Program Files (x86)\IObit\Advanced SystemCare\ASCService.exe [827680 2015-11-04] (IObit)
R2 AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [323152 2015-11-19] (Windows (R) Win 7 DDK provider)
S3 AvgAMPS; C:\Program Files (x86)\AVG\Av\avgamps.exe [637944 2016-06-29] (AVG Technologies CZ, s.r.o.)
R2 AVGIDSAgent; C:\Program Files (x86)\AVG\Av\avgidsagenta.exe [5251808 2016-06-29] (AVG Technologies CZ, s.r.o.)
R2 avgsvc; C:\Program Files (x86)\AVG\Framework\Common\avgsvca.exe [1080080 2016-06-21] (AVG Technologies CZ, s.r.o.)
R2 avgwd; C:\Program Files (x86)\AVG\Av\avgwdsvca.exe [712792 2016-06-29] (AVG Technologies CZ, s.r.o.)
S4 CCDMonitorService; C:\Program Files (x86)\Acer\Acer Cloud\CCDMonitorService.exe [2435728 2012-08-24] (Acer Incorporated)
S3 cfbackd; C:\Program Files (x86)\CleverFiles\Disk Drill\cfbackd.w32.exe [211520 2014-08-31] (CleverFiles)
S3 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [2911464 2016-04-29] (Microsoft Corporation)
S4 DeviceFastLaneService; C:\Program Files\Acer\Acer Device Fast-lane\DeviceFastLaneSvc.exe [468624 2012-08-23] (Acer Incorporated)
S4 Droid4XService; C:\Program Files (x86)\Droid4X\Droid4XService.exe [269312 2016-01-06] () [Fichier non signé]
S4 ePowerSvc; C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe [658576 2012-08-23] (Acer Incorporated)
S4 IMFservice; C:\Program Files (x86)\IObit\IObit Malware Fighter\IMFsrv.exe [882464 2015-07-17] (IObit)
S4 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [165760 2012-07-18] (Intel Corporation)
S4 LiveUpdateSvc; C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe [2934048 2015-10-09] (IObit)
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1514464 2016-03-10] (Malwarebytes)
R2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1136608 2016-03-10] (Malwarebytes)
S3 npggsvc; C:\WINDOWS\SysWOW64\GameMon.des [5560840 2016-05-11] (INCA Internet Co., Ltd.)
S4 NTI IScheduleSvc; C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe [259136 2012-08-23] (NTI Corporation)
S3 ose; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [202288 2016-04-28] (Microsoft Corporation) [Fichier non signé]
S4 Razer Game Scanner Service; C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe [188072 2015-09-23] ()
S4 RfButtonDriverService; C:\Windows\RfBtnSvc64.exe [93296 2013-11-06] (Dritek System INC.)
S4 RzKLService; C:\Program Files (x86)\Razer\Razer Cortex\RzKLService.exe [129168 2015-10-28] (Razer Inc.)
S4 SbieSvc; C:\Program Files\Sandboxie\SbieSvc.exe [187024 2016-02-26] (Sandboxie Holdings, LLC)
R2 vsmon; C:\Program Files (x86)\CheckPoint\ZoneAlarm\vsmon.exe [3746584 2016-03-24] (Check Point Software Technologies Ltd.)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [364464 2015-10-30] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [24864 2015-10-30] (Microsoft Corporation)
R2 WTabletServiceCon; C:\Program Files\Tablet\Pen\WTabletServiceCon.exe [656664 2014-08-19] (Wacom Technology, Corp.)
R2 ZAPrivacyService; C:\Program Files (x86)\CheckPoint\ZoneAlarm\ZaPrivacyService.exe [96272 2015-10-19] (Check Point Software Technologies, Ltd.)
S4 ZAtheros Wlan Agent; C:\Program Files (x86)\Qualcomm Atheros\Ath_WlanAgent.exe [81536 2012-08-01] (Atheros) [Fichier non signé]
S2 mfecore; "C:\Program Files\Common Files\McAfee\AMCore\mcshield.exe" [X]

===================== Pilotes (Avec liste blanche) ==========================

(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)

R0 amdkmpfd; C:\Windows\System32\drivers\amdkmpfd.sys [65248 2015-04-23] (Advanced Micro Devices, Inc.)
R3 athr; C:\Windows\System32\drivers\athw10x.sys [4323976 2016-06-23] (Qualcomm Atheros Communications, Inc.)
S0 Avgboota; C:\Windows\System32\DRIVERS\avgboota.sys [21632 2016-01-07] (AVG Technologies CZ, s.r.o.)
R1 Avgdiska; C:\Windows\System32\DRIVERS\avgdiska.sys [163072 2016-05-13] (AVG Technologies CZ, s.r.o.)
R1 AVGIDSDriver; C:\Windows\System32\DRIVERS\avgidsdrivera.sys [310016 2016-06-09] (AVG Technologies CZ, s.r.o.)
R0 AVGIDSHA; C:\Windows\System32\DRIVERS\avgidsha.sys [261376 2016-06-01] (AVG Technologies CZ, s.r.o.)
R1 Avgldx64; C:\Windows\System32\DRIVERS\avgldx64.sys [260352 2016-06-01] (AVG Technologies CZ, s.r.o.)
R0 Avgloga; C:\Windows\System32\DRIVERS\avgloga.sys [360736 2016-02-16] (AVG Technologies CZ, s.r.o.)
R0 Avgmfx64; C:\Windows\System32\DRIVERS\avgmfx64.sys [249088 2016-06-02] (AVG Technologies CZ, s.r.o.)
R0 Avgrkx64; C:\Windows\System32\DRIVERS\avgrkx64.sys [52992 2016-06-01] (AVG Technologies CZ, s.r.o.)
R0 avguniva; C:\Windows\System32\DRIVERS\avguniva.sys [76544 2016-06-01] (AVG Technologies CZ, s.r.o.)
R1 Avgwfpa; C:\Windows\system32\DRIVERS\avgwfpa.sys [294664 2016-06-07] (AVG Technologies CZ, s.r.o.)
S3 dtlitescsibus; C:\Windows\System32\drivers\dtlitescsibus.sys [30264 2016-05-31] (Disc Soft Ltd)
S3 dtliteusbbus; C:\Windows\System32\drivers\dtliteusbbus.sys [47672 2016-05-31] (Disc Soft Ltd)
R1 dtsoftbus01; C:\Windows\System32\drivers\dtsoftbus01.sys [283200 2016-06-20] (DT Soft Ltd)
S3 dtultrascsibus; C:\Windows\System32\drivers\dtultrascsibus.sys [30264 2015-10-31] (Disc Soft Ltd)
S3 dtultrausbbus; C:\Windows\System32\drivers\dtultrausbbus.sys [47160 2015-10-31] (Disc Soft Ltd)
S4 FileMonitor; C:\Program Files (x86)\IObit\IObit Malware Fighter\Drivers\win7_amd64\FileMonitor.sys [23048 2015-03-25] (IObit)
R1 GUBootStartup; C:\WINDOWS\System32\drivers\GUBootStartup.sys [20160 2015-10-20] (Glarysoft Ltd)
R1 HWiNFO32; C:\WINDOWS\SysWOW64\drivers\HWiNFO64A.SYS [26528 2015-10-21] (REALiX(tm))
S3 ladfGSS; C:\Windows\system32\drivers\ladfGSS.sys [45208 2016-04-15] (Logitech Inc.)
S3 LADF_BakerCOnly; C:\Windows\system32\DRIVERS\ladfBakerCamd64.sys [410184 2011-03-18] (Logitech)
S3 LADF_BakerROnly; C:\Windows\system32\DRIVERS\ladfBakerRamd64.sys [335688 2011-03-18] (Logitech)
S3 LGJoyXlCore; C:\Windows\system32\drivers\LGJoyXlCore.sys [85160 2016-04-19] (Logitech Inc.)
R3 MBAMProtector; C:\WINDOWS\system32\drivers\mbam.sys [27008 2016-03-10] (Malwarebytes)
R3 MBAMSwissArmy; C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [192216 2016-07-16] (Malwarebytes)
R3 MBAMWebAccessControl; C:\WINDOWS\system32\drivers\mwac.sys [65408 2016-03-10] (Malwarebytes Corporation)
R3 MEIx64; C:\Windows\System32\drivers\TeeDriverW8x64.sys [186424 2016-07-08] (Intel Corporation)
S3 mfencbdc; C:\Windows\system32\DRIVERS\mfencbdc.sys [445512 2014-08-20] (McAfee, Inc.)
S3 mfencrk; C:\Windows\system32\DRIVERS\mfencrk.sys [96592 2014-08-20] (McAfee, Inc.)
R3 Ps2Kb2Hid; C:\Windows\System32\drivers\aPs2Kb2Hid.sys [26736 2013-11-06] (Dritek System Inc.)
S3 RegFilter; C:\Program Files (x86)\IObit\IObit Malware Fighter\drivers\win7_amd64\regfilter.sys [34848 2015-03-25] (IObit.com)
R2 rzpmgrk; C:\WINDOWS\system32\drivers\rzpmgrk.sys [37184 2015-09-23] (Razer, Inc.)
S3 S6000KNT; C:\Windows\System32\Drivers\S6000KNT.sys [3390976 2012-02-24] (Windows (R) Win 7 DDK provider)
S3 SbieDrv; C:\Program Files\Sandboxie\SbieDrv.sys [204944 2016-02-26] (Sandboxie Holdings, LLC)
R0 SmartDefragDriver; C:\Windows\System32\Drivers\SmartDefragDriver.sys [21184 2014-06-04] (IObit)
R0 sptd2; C:\Windows\System32\Drivers\sptd2.sys [196152 2016-06-20] (Duplex Secure Ltd)
S3 UrlFilter; C:\Program Files (x86)\IObit\IObit Malware Fighter\drivers\win7_amd64\UrlFilter.sys [23016 2015-03-25] (IObit.com)
R1 Vsdatant; C:\Windows\System32\drivers\vsdatant.sys [462304 2016-03-24] (Check Point Software Technologies Ltd.)
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44568 2015-10-30] (Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [293216 2015-10-30] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [118112 2015-10-30] (Microsoft Corporation)
S3 ETDSMBus; \SystemRoot\System32\drivers\ETDSMBus.sys [X]

==================== NetSvcs (Avec liste blanche) ===================

(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)


==================== Un mois - Créés - fichiers et dossiers ========

(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)

2016-07-16 17:58 - 2016-07-16 17:59 - 00023965 _____ C:\Users\sonia\Desktop\FRST.txt
2016-07-16 17:58 - 2016-07-16 17:58 - 00000000 ____D C:\FRST
2016-07-16 17:57 - 2016-07-16 17:58 - 02391040 _____ (Farbar) C:\Users\sonia\Desktop\FRST64.exe
2016-07-15 23:12 - 2016-07-15 23:30 - 661934161 _____ C:\Users\sonia\Desktop\furi-blind-race-cdv-vs-twyn-vs-karim-debbache-et-emeric-thoa-directeur-creatif-du-jeu.mp4
2016-07-15 23:03 - 2016-07-15 23:12 - 322422478 _____ C:\Users\sonia\Desktop\chef-tyler1-apple-pie-more.mp4
2016-07-15 22:58 - 2016-07-15 23:00 - 39247161 _____ C:\Users\sonia\Desktop\tour-moncade-la-verite.mp4
2016-07-15 22:56 - 2016-07-15 23:00 - 102557257 _____ C:\Users\sonia\Desktop\aventures-saison-3-26-waterworld.mp4
2016-07-15 22:54 - 2016-07-15 22:57 - 109252131 _____ C:\Users\sonia\Desktop\aventures-saison-3-25-piege-en-haute-mer.mp4
2016-07-15 22:31 - 2016-07-15 22:31 - 00000000 ____D C:\Users\sonia\AppData\Roaming\TuneUp Software
2016-07-15 22:31 - 2016-07-15 22:31 - 00000000 ____D C:\Users\sonia\AppData\Roaming\AVG
2016-07-15 22:31 - 2016-07-15 22:31 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG
2016-07-15 22:30 - 2016-07-15 22:30 - 00000000 ___HD C:\$AVG
2016-07-15 22:28 - 2016-07-16 17:56 - 00000000 ____D C:\ProgramData\MFAData
2016-07-15 22:28 - 2016-07-15 22:28 - 00000882 _____ C:\Users\Public\Desktop\AVG.lnk
2016-07-15 22:28 - 2016-07-15 22:28 - 00000000 ____D C:\Users\sonia\AppData\Local\MFAData
2016-07-15 22:28 - 2016-07-15 22:28 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG Zen
2016-07-15 22:26 - 2016-07-15 22:30 - 00000000 ____D C:\Program Files (x86)\AVG
2016-07-15 22:13 - 2016-07-15 22:13 - 00136715 _____ C:\Users\sonia\Desktop\ZHPDiag.txt
2016-07-15 22:09 - 2016-07-15 22:09 - 03143504 _____ (AVG Technologies CZ, s.r.o.) C:\Users\sonia\Desktop\AVG_Protection_Free_1606 (1).exe
2016-07-15 22:03 - 2016-07-15 22:03 - 00001886 _____ C:\Users\Public\Desktop\ZHPFix.lnk
2016-07-15 22:03 - 2016-07-15 22:03 - 00001369 _____ C:\Users\sonia\Desktop\ZHPFixReport.txt
2016-07-15 22:00 - 2016-07-15 22:03 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ZHP
2016-07-15 21:58 - 2016-07-15 21:58 - 03521617 _____ (Nicolas Coolman ) C:\Users\sonia\Downloads\ZHPFix.exe
2016-07-15 18:13 - 2016-07-15 18:13 - 00003014 _____ C:\WINDOWS\System32\Tasks\Driver Booster SkipUAC (Anthony)
2016-07-15 17:46 - 2016-07-15 17:46 - 00002788 _____ C:\Users\sonia\Desktop\ZHPCleaner.txt
2016-07-15 17:30 - 2016-07-15 17:30 - 00000881 _____ C:\Users\sonia\Desktop\ZHPCleaner.lnk
2016-07-15 17:27 - 2016-07-15 17:30 - 02281472 _____ C:\Users\sonia\Downloads\ZHPCleaner.exe
2016-07-15 17:26 - 2016-07-15 17:31 - 03136792 _____ (AVG Technologies CZ, s.r.o.) C:\Users\sonia\Downloads\AVG_Protection_Free_698.exe
2016-07-15 17:25 - 2016-07-15 17:28 - 02216960 _____ C:\Users\sonia\Downloads\ZHPDiag3.exe
2016-07-15 17:19 - 2016-07-15 17:23 - 00002750 _____ C:\Users\sonia\Desktop\Rkill.txt
2016-07-15 17:18 - 2016-07-15 17:19 - 02030536 _____ (Bleeping Computer, LLC) C:\Users\sonia\Downloads\rkill.com
2016-07-15 17:15 - 2016-07-15 17:15 - 00002543 _____ C:\Users\sonia\Desktop\Reprendre l'installation de ZoneAlarm Security.lnk
2016-07-15 17:09 - 2016-07-15 17:09 - 03135888 _____ (AVG Technologies CZ, s.r.o.) C:\Users\sonia\Downloads\AVG_Antivirus_Free_692.exe
2016-07-15 17:06 - 2016-07-15 22:31 - 00000000 ____D C:\Users\sonia\AppData\Local\AvgSetupLog
2016-07-15 17:06 - 2016-07-15 22:31 - 00000000 ____D C:\Users\sonia\AppData\Local\Avg
2016-07-15 17:06 - 2016-07-15 22:30 - 00000000 ____D C:\ProgramData\Avg
2016-07-15 17:06 - 2016-07-15 17:06 - 03143504 _____ (AVG Technologies CZ, s.r.o.) C:\Users\sonia\Downloads\AVG_Protection_Free_1606.exe
2016-07-15 17:04 - 2016-07-15 17:05 - 06253640 _____ (AVAST Software) C:\Users\sonia\Downloads\avast_free_antivirus_setup_online_cnet_2.exe
2016-07-15 16:59 - 2016-07-15 17:00 - 06253640 _____ (AVAST Software) C:\Users\sonia\Downloads\avast_free_antivirus_setup_online (1).exe
2016-07-15 16:58 - 2016-07-15 16:58 - 00103616 _____ (Wacom Technology) C:\WINDOWS\system32\Drivers\wachidrouter.sys
2016-07-15 16:58 - 2016-07-15 16:58 - 00015040 _____ (Wacom Technology) C:\WINDOWS\system32\Drivers\wacomrouterfilter.sys
2016-07-15 16:58 - 2016-07-15 16:58 - 00014016 _____ (Windows (R) Win 7 DDK provider) C:\WINDOWS\system32\Drivers\hidkmdf.sys
2016-07-15 16:57 - 2016-07-15 16:57 - 00000000 ____D C:\ProgramData\AVAST Software
2016-07-15 16:56 - 2016-07-15 16:57 - 06253640 _____ (AVAST Software) C:\Users\sonia\Downloads\avast_free_antivirus_setup_online.exe
2016-07-15 16:48 - 2016-07-15 16:48 - 00000214 _____ C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job
2016-07-15 16:45 - 2016-07-15 16:45 - 07200704 _____ (AVAST Software) C:\Users\sonia\Downloads\avastclear.exe
2016-07-14 21:42 - 2016-07-14 21:42 - 00131514 _____ C:\Users\sonia\Downloads\MX Brown.zip
2016-07-14 00:40 - 2016-07-14 00:42 - 00286188 _____ C:\WINDOWS\Minidump\071416-28515-01.dmp
2016-07-13 19:08 - 2016-07-13 19:14 - 261397354 _____ C:\Users\sonia\Downloads\Himouto Umaru-chan 12 vostfr FIN [720p].MaChO@zone-telechargement.com.mp4
2016-07-13 19:08 - 2016-07-13 19:13 - 233255884 _____ C:\Users\sonia\Downloads\Himouto Umaru-chan 11 vostfr [720p].MaChO@zone-telechargement.com.mp4
2016-07-13 19:06 - 2016-07-13 19:13 - 285332792 _____ C:\Users\sonia\Downloads\Himouto Umaru-chan 10 Vostfr [720p].MaChO@zone-telechargement.com.mp4
2016-07-13 19:04 - 2016-07-13 19:10 - 261725942 _____ C:\Users\sonia\Downloads\Himouto Umaru-chan Episode 9 - Umaru and Valentines.MaChO@zone-telechargement.com.mp4
2016-07-13 19:03 - 2016-07-13 19:09 - 251106501 _____ C:\Users\sonia\Downloads\Himouto Umaru-chan 08 Vostfr [720p].MaChO@zone-telechargement.com.mp4
2016-07-13 19:02 - 2016-07-13 19:05 - 262719816 _____ C:\Users\sonia\Downloads\Himouto Umaru-chan 07 Vostfr [720p].MaChO@zone-telechargement.com.mp4
2016-07-13 19:00 - 2016-07-13 19:02 - 194557606 _____ C:\Users\sonia\Downloads\Himouto! Umaru-chan 06 vostfr [720p].MaChO@zone-telechargement.com.mp4
2016-07-13 18:58 - 2016-07-13 19:00 - 201272567 _____ C:\Users\sonia\Downloads\Himouto! Umaru-chan 05 vostfr [720p].MaChO@zone-telechargement.com.mp4
2016-07-12 19:22 - 2016-07-14 00:40 - 537342660 _____ C:\WINDOWS\MEMORY.DMP
2016-07-12 19:22 - 2016-07-12 19:25 - 00284988 _____ C:\WINDOWS\Minidump\071216-30703-01.dmp
2016-07-12 18:56 - 2016-07-12 18:59 - 00284820 _____ C:\WINDOWS\Minidump\071216-29390-01.dmp
2016-07-12 18:11 - 2016-07-12 18:43 - 00000000 ____D C:\Users\sonia\Downloads\Psycho Pass [Tekmatek]
2016-07-12 16:42 - 2016-07-12 16:42 - 00029212 _____ C:\Users\sonia\Downloads\Psycho Pass [Tekmatek].torrent
2016-07-12 16:14 - 2016-07-12 16:14 - 00000000 ____D C:\Users\sonia\AppData\Roaming\WTablet
2016-07-12 16:14 - 2016-07-12 16:14 - 00000000 ____D C:\Program Files (x86)\TabletPlugins
2016-07-12 16:13 - 2016-07-12 16:14 - 00000000 ____D C:\Program Files\TabletPlugins
2016-07-12 16:13 - 2016-07-12 16:13 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wacom
2016-07-12 16:13 - 2016-07-12 16:13 - 00000000 ____D C:\Program Files\Tablet
2016-07-12 16:13 - 2014-08-19 21:12 - 02006808 _____ (Wacom Technology, Corp.) C:\WINDOWS\system32\WacomMT.dll
2016-07-12 16:13 - 2014-08-19 21:12 - 01991448 _____ (Wacom Technology, Corp.) C:\WINDOWS\system32\Pen_Tablet.dll
2016-07-12 16:13 - 2014-08-19 21:12 - 01984792 _____ (Wacom Technology, Corp.) C:\WINDOWS\system32\Pen_Touch_Tablet.dll
2016-07-12 16:13 - 2014-08-19 21:12 - 01858328 _____ (Wacom Technology, Corp.) C:\WINDOWS\system32\Wintab32.dll
2016-07-12 16:13 - 2014-08-19 21:12 - 01614104 _____ (Wacom Technology, Corp.) C:\WINDOWS\SysWOW64\Pen_Tablet.dll
2016-07-12 16:13 - 2014-08-19 21:12 - 01610008 _____ (Wacom Technology, Corp.) C:\WINDOWS\SysWOW64\WacomMT.dll
2016-07-12 16:13 - 2014-08-19 21:12 - 01607448 _____ (Wacom Technology, Corp.) C:\WINDOWS\SysWOW64\Pen_Touch_Tablet.dll
2016-07-12 16:13 - 2014-08-19 21:12 - 01493784 _____ (Wacom Technology, Corp.) C:\WINDOWS\SysWOW64\Wintab32.dll
2016-07-12 16:13 - 2012-04-12 00:34 - 01721576 _____ (Microsoft Corporation) C:\WINDOWS\system32\wdfcoinstaller01009.dll
2016-07-12 16:13 - 2012-04-12 00:34 - 01721576 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wdfcoinstaller01009.dll
2016-07-12 16:10 - 2016-07-12 16:11 - 40103880 _____ C:\Users\sonia\Downloads\pentablet_5.3.5-3.exe
2016-07-12 16:06 - 2016-07-12 16:08 - 262178510 _____ C:\Users\sonia\Downloads\Psycho Pass - 01 [Tekmatek].mp4
2016-07-12 13:30 - 2016-07-12 13:34 - 00284740 _____ C:\WINDOWS\Minidump\071216-36265-01.dmp
2016-07-12 13:26 - 2016-07-12 13:29 - 355074048 _____ C:\Users\sonia\Downloads\[SSF]_Psycho-Pass_-_02_Vostfr_1080p_BD_10bit_[A72FAC3A].LasT@Zone-Telechargement.com.mkv.crdownload
2016-07-12 13:23 - 2016-07-12 13:23 - 260814921 _____ C:\Users\sonia\Downloads\[SSF]_Psycho-Pass_-_01_Vostfr_1080p_BD_10bit_[F45BDBB0].LasT@Zone-Telechargement.com.mkv.crdownload
2016-07-12 02:46 - 2016-07-12 02:46 - 00002241 _____ C:\Users\sonia\Desktop\Discord.lnk
2016-07-12 01:49 - 2016-07-12 05:48 - 00000000 ____D C:\Users\sonia\Downloads\D gray man
2016-07-08 05:31 - 2016-07-08 05:31 - 00601616 _____ (Qualcomm Atheros) C:\WINDOWS\system32\Drivers\btfilter.sys
2016-07-08 05:31 - 2016-07-08 05:31 - 00000000 ____D C:\WINDOWS\LastGood.Tmp
2016-07-08 05:30 - 2016-07-08 05:30 - 00186424 _____ (Intel Corporation) C:\WINDOWS\system32\Drivers\TeeDriverW8x64.sys
2016-07-05 03:11 - 2016-07-05 04:02 - 00000000 ____D C:\Program Files\Guild Wars 2
2016-07-05 03:11 - 2016-07-05 03:11 - 00000962 _____ C:\Users\Public\Desktop\Guild Wars 2.lnk
2016-07-05 03:11 - 2016-07-05 03:11 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Guild Wars 2
2016-07-05 03:03 - 2016-07-05 03:04 - 26068984 _____ (ArenaNet) C:\Users\sonia\Downloads\Gw2Setup.exe
2016-07-03 21:01 - 2016-07-15 22:28 - 00000254 _____ C:\WINDOWS\Tasks\ASC9_SkipUac_Anthony.job
2016-07-03 21:01 - 2016-07-03 21:01 - 00002434 _____ C:\WINDOWS\System32\Tasks\ASC9_SkipUac_Anthony
2016-07-03 09:16 - 2016-07-03 09:16 - 03480040 _____ (McAfee, Inc.) C:\Users\sonia\Downloads\MCPR.exe
2016-07-03 09:08 - 2016-07-03 09:08 - 00448512 _____ (OldTimer Tools) C:\Users\sonia\Downloads\TFC.exe
2016-07-03 08:39 - 2016-07-03 08:41 - 00284828 _____ C:\WINDOWS\Minidump\070316-49078-01.dmp
2016-07-03 08:39 - 2016-07-03 08:39 - 00359184 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2016-07-03 06:25 - 2016-05-11 14:10 - 05560840 _____ (INCA Internet Co., Ltd.) C:\WINDOWS\SysWOW64\GameMon.des
2016-07-03 06:25 - 2004-12-30 14:43 - 00004682 _____ (INCA Internet Co., Ltd.) C:\WINDOWS\SysWOW64\npptNT2.sys
2016-07-03 06:25 - 2003-07-15 23:17 - 00005174 _____ C:\WINDOWS\SysWOW64\nppt9x.vxd
2016-07-03 06:05 - 2016-07-03 06:05 - 00001176 _____ C:\Users\Public\Desktop\Elsword.lnk
2016-07-03 04:37 - 2016-07-03 04:37 - 00000000 ____D C:\Program Files\Bonjour
2016-07-03 04:37 - 2016-07-03 04:37 - 00000000 ____D C:\Program Files (x86)\Bonjour
2016-07-03 04:36 - 2016-07-03 04:36 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Logitech
2016-07-03 04:35 - 2016-07-03 04:37 - 00000000 ____D C:\Program Files\Logitech Gaming Software
2016-07-03 03:32 - 2016-07-03 05:34 - 00000000 ____D C:\Users\sonia\Downloads\Gameforge Live
2016-07-03 03:32 - 2016-07-03 03:32 - 00000000 ____D C:\Users\sonia\AppData\Local\Gameforge4d
2016-07-03 03:31 - 2016-07-03 06:05 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Gameforge Live
2016-07-03 03:31 - 2016-07-03 03:31 - 00001112 _____ C:\Users\Public\Desktop\Gameforge Live.lnk
2016-07-03 03:31 - 2016-07-03 03:31 - 00000000 ____D C:\Program Files (x86)\GameforgeLive
2016-07-03 02:56 - 2016-07-03 02:57 - 00000000 ____D C:\Program Files\Common Files\QCA_Bluetooth
2016-07-03 02:56 - 2016-07-03 02:56 - 00000000 ____D C:\Program Files (x86)\Bluetooth Suite
2016-07-03 02:49 - 2016-07-03 02:49 - 00001009 _____ C:\Users\Public\Desktop\DriversCloud.com - Démarrer la détection.lnk
2016-07-03 00:20 - 2016-07-03 00:20 - 00001072 _____ C:\Users\sonia\Desktop\WinDirStat.lnk
2016-07-03 00:20 - 2016-07-03 00:20 - 00000000 ____D C:\Users\sonia\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinDirStat
2016-07-03 00:20 - 2016-07-03 00:20 - 00000000 ____D C:\Program Files (x86)\WinDirStat
2016-07-02 23:31 - 2016-07-02 23:31 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GameForge
2016-07-02 23:28 - 2016-07-02 23:28 - 00000000 ____D C:\Users\sonia\Downloads\tmpinstall
2016-07-02 01:47 - 2016-07-02 01:47 - 00003006 _____ C:\WINDOWS\System32\Tasks\Driver Booster SkipUAC (sonia)
2016-07-02 00:13 - 2016-07-02 00:13 - 00000000 ____D C:\Users\sonia\AppData\Roaming\TERA
2016-07-01 07:04 - 2016-07-01 20:41 - 00000158 _____ C:\Users\sonia\Desktop\waifu top.txt
2016-07-01 02:56 - 2016-07-05 03:38 - 100921344 _____ C:\WINDOWS\system32\config\SOFTWARE.iodefrag
2016-07-01 02:56 - 2016-07-05 03:38 - 05545984 _____ C:\WINDOWS\system32\config\DEFAULT.iodefrag
2016-07-01 02:56 - 2016-07-05 03:38 - 00065536 _____ C:\WINDOWS\system32\config\SAM.iodefrag
2016-07-01 02:56 - 2016-07-05 03:38 - 00028672 _____ C:\WINDOWS\system32\config\SECURITY.iodefrag
2016-06-30 18:16 - 2016-06-30 18:16 - 00003398 _____ C:\WINDOWS\System32\Tasks\ASC9_SkipUac_sonia
2016-06-26 19:48 - 2016-06-26 19:48 - 00000000 ____D C:\Users\sonia\Documents\Games
2016-06-26 19:40 - 2016-06-26 19:40 - 00001570 _____ C:\Users\sonia\Desktop\RPGMV.lnk
2016-06-26 19:35 - 2016-06-26 19:35 - 00001135 _____ C:\Users\Public\Desktop\RPG Maker MV.lnk
2016-06-26 19:34 - 2016-06-26 19:35 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RPG Maker MV
2016-06-26 19:31 - 2016-06-26 19:31 - 00000000 ____D C:\Program Files (x86)\KADOKAWA
2016-06-26 19:28 - 2016-06-26 19:30 - 00000000 ____D C:\Users\sonia\Desktop\rpgmaker
2016-06-26 18:54 - 2016-06-26 18:54 - 00000000 ____D C:\Users\sonia\AppData\Local\KADOKAWA
2016-06-23 18:49 - 2016-06-23 18:49 - 04323976 _____ (Qualcomm Atheros Communications, Inc.) C:\WINDOWS\system32\Drivers\athw10x.sys
2016-06-23 18:44 - 2016-07-15 16:59 - 00002215 _____ C:\Users\Public\Desktop\Driver Booster 3.lnk
2016-06-23 18:44 - 2016-06-23 18:44 - 00003362 _____ C:\WINDOWS\System32\Tasks\Driver Booster Scheduler
2016-06-23 18:44 - 2016-06-23 18:44 - 00000000 ____D C:\WINDOWS\IObit
2016-06-20 18:58 - 2016-06-20 18:58 - 00000000 ____D C:\Users\sonia\Desktop\Localisation
2016-06-20 08:28 - 2016-06-20 08:28 - 00000000 ____D C:\Users\sonia\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Patch 2.02 v6.0.0
2016-06-20 08:04 - 2016-06-20 08:04 - 00283200 _____ (DT Soft Ltd) C:\WINDOWS\system32\Drivers\dtsoftbus01.sys
2016-06-20 08:04 - 2016-06-20 08:04 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DAEMON Tools Lite
2016-06-20 08:04 - 2016-06-20 08:04 - 00000000 ____D C:\Program Files (x86)\DAEMON Tools Lite
2016-06-20 07:50 - 2016-06-20 07:50 - 00196152 _____ (Duplex Secure Ltd) C:\WINDOWS\system32\Drivers\sptd2.sys
2016-06-20 07:35 - 2016-06-20 07:35 - 00001285 _____ C:\Users\Public\Desktop\BFME2PatchSwitcher.lnk
2016-06-20 07:35 - 2016-06-20 07:35 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\BFME2 PatchSwitcher
2016-06-20 07:34 - 2016-06-20 07:34 - 00000000 ____D C:\Program Files (x86)\BFME2PatchSwitcher
2016-06-20 07:29 - 2016-06-21 19:05 - 00000000 ____D C:\Users\sonia\AppData\Roaming\La Bataille pour la Terre du Milieu ™ II
2016-06-20 07:29 - 2016-06-20 07:29 - 00001678 _____ C:\Users\Public\Desktop\LSDA - La Bataille pour la Terre du Milieu 2.lnk
2016-06-20 07:29 - 2016-06-20 07:29 - 00001605 _____ C:\Users\Public\Desktop\LSDA - L'Avènement du Roi-sorcier.lnk
2016-06-20 07:29 - 2016-06-20 07:29 - 00000000 ____D C:\Users\sonia\AppData\Roaming\Mes fichiers de LSDA, L'Avènement du Roi-sorcier™
2016-06-20 07:29 - 2016-06-20 07:29 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LSDA - La Bataille pour la Terre du Milieu 2 Gold Edition
2016-06-20 07:07 - 2016-06-20 17:51 - 00000000 ____D C:\Program Files\LSDA - La Bataille pour la Terre du Milieu 2 Gold Edition
2016-06-20 04:34 - 2016-06-20 04:34 - 00003452 _____ C:\WINDOWS\System32\Tasks\Uninstaller_SkipUac_sonia
2016-06-20 03:10 - 2016-06-20 03:14 - 00000000 ____D C:\Users\sonia\AppData\Roaming\BFME2
2016-06-20 03:10 - 2016-06-20 03:10 - 00000000 ____D C:\Users\sonia\AppData\Roaming\BFME2-ADRS
2016-06-18 19:11 - 2016-06-18 19:11 - 00001115 _____ C:\Users\sonia\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\GameRanger.lnk
2016-06-18 19:11 - 2016-06-18 19:11 - 00000000 ____D C:\Users\sonia\AppData\Roaming\GameRanger
2016-06-18 19:04 - 2016-06-20 08:28 - 00000000 ____D C:\Users\sonia\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Rise of the Witch King Unofficial Patch 2.02
2016-06-16 22:05 - 2016-06-16 22:05 - 00000000 ____D C:\Users\sonia\Documents\Guild Wars 2
2016-06-16 07:19 - 2016-06-16 07:19 - 00000000 ____D C:\Users\sonia\Downloads\bin64

==================== Un mois - Modifiés - fichiers et dossiers ========

(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)

2016-07-16 17:57 - 2015-10-30 09:24 - 00000000 ___HD C:\Program Files\WindowsApps
2016-07-16 17:57 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\AppReadiness
2016-07-16 17:54 - 2015-10-29 19:06 - 00192216 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2016-07-16 02:25 - 2016-01-16 05:37 - 00000000 ____D C:\Users\sonia\AppData\Roaming\vlc
2016-07-16 01:04 - 2015-11-02 20:02 - 01848398 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2016-07-16 01:04 - 2015-10-30 21:00 - 00825500 _____ C:\WINDOWS\system32\perfh00C.dat
2016-07-16 01:04 - 2015-10-30 21:00 - 00155764 _____ C:\WINDOWS\system32\perfc00C.dat
2016-07-16 01:04 - 2015-10-30 09:21 - 00000000 ____D C:\WINDOWS\INF
2016-07-15 23:19 - 2015-10-30 08:28 - 00065536 ___SH C:\WINDOWS\system32\config\ELAM
2016-07-15 23:07 - 2015-10-28 14:16 - 00000000 ____D C:\Users\sonia\AppData\Local\osu!
2016-07-15 22:30 - 2015-10-30 09:24 - 00000000 ___HD C:\WINDOWS\ELAMBKUP
2016-07-15 22:21 - 2015-10-21 17:37 - 00000000 ____D C:\ProgramData\Package Cache
2016-07-15 22:15 - 2015-10-29 18:05 - 00000000 ____D C:\Users\sonia\AppData\Roaming\ZHP
2016-07-15 22:03 - 2015-10-30 13:53 - 00000000 ____D C:\Program Files (x86)\ZHPFix
2016-07-15 19:01 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\system32\NDF
2016-07-15 18:25 - 2015-09-20 03:43 - 00000000 ____D C:\Users\sonia\Desktop\Bureau
2016-07-15 18:09 - 2016-02-09 15:11 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2016-07-15 18:09 - 2016-02-09 14:38 - 00017408 _____ C:\WINDOWS\SysWOW64\rpcnetp.dll
2016-07-15 18:08 - 2016-02-09 14:37 - 00029336 _____ C:\WINDOWS\system32\wpbbin.exe
2016-07-15 18:08 - 2016-02-09 14:37 - 00017408 _____ C:\WINDOWS\SysWOW64\rpcnetp.exe
2016-07-15 18:08 - 2016-02-09 14:37 - 00017408 _____ C:\WINDOWS\system32\rpcnetp.exe
2016-07-15 18:08 - 2015-10-30 08:28 - 00524288 ___SH C:\WINDOWS\system32\config\BBI
2016-07-15 17:58 - 2016-02-09 17:37 - 00000260 _____ C:\WINDOWS\Tasks\ASC9_SkipUac_Système.job
2016-07-15 16:46 - 2016-02-09 14:47 - 00000000 ____D C:\Users\sonia
2016-07-14 00:50 - 2016-06-05 23:02 - 00000000 ____D C:\Users\sonia\AppData\Roaming\discord
2016-07-14 00:40 - 2016-03-14 13:58 - 00000000 ____D C:\WINDOWS\Minidump
2016-07-13 03:16 - 2015-12-02 15:44 - 00000000 ____D C:\Users\sonia\AppData\Roaming\qBittorrent
2016-07-12 02:46 - 2015-11-07 19:48 - 00000000 ____D C:\Users\sonia\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Hammer & Chisel, Inc
2016-07-12 02:45 - 2016-06-05 23:01 - 00000000 ____D C:\Users\sonia\AppData\Local\Discord
2016-07-11 03:29 - 2015-10-17 22:46 - 00000000 ____D C:\Users\sonia\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Flux
2016-07-07 17:10 - 2015-10-17 22:13 - 00000000 ____D C:\Users\sonia\AppData\Local\Packages
2016-07-05 04:02 - 2016-02-07 00:02 - 00000000 ____D C:\Users\sonia\AppData\Roaming\Guild Wars 2
2016-07-05 03:38 - 2016-05-29 01:03 - 100921344 _____ C:\WINDOWS\system32\config\SOFTWARE.iodefrag.bak
2016-07-05 03:38 - 2016-05-29 01:03 - 05545984 _____ C:\WINDOWS\system32\config\DEFAULT.iodefrag.bak
2016-07-05 03:38 - 2016-05-29 01:03 - 00065536 _____ C:\WINDOWS\system32\config\SAM.iodefrag.bak
2016-07-05 03:38 - 2016-05-29 01:03 - 00028672 _____ C:\WINDOWS\system32\config\SECURITY.iodefrag.bak
2016-07-03 02:49 - 2016-03-19 23:15 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DriversCloud.com
2016-07-03 02:49 - 2015-11-02 20:22 - 00000000 ____D C:\ProgramData\DriversCloud.com
2016-07-03 02:49 - 2015-10-25 18:44 - 00000000 ____D C:\Program Files\DriversCloud.com
2016-07-03 01:26 - 2014-11-30 18:13 - 00000000 ____D C:\Users\sonia\Downloads\Kill la Kill
2016-06-23 18:44 - 2015-10-21 15:50 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Driver Booster 3
2016-06-23 18:03 - 2016-06-09 03:16 - 00000996 _____ C:\Users\sonia\Desktop\champ lol+comment acheter les champ a 6300 pi moins cher.txt
2016-06-23 17:05 - 2015-11-03 21:29 - 00001585 _____ C:\Users\Public\Desktop\League of Legends.lnk
2016-06-22 17:03 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\LiveKernelReports
2016-06-20 18:42 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\Registration
2016-06-20 08:09 - 2016-05-31 21:50 - 00000000 ____D C:\ProgramData\DAEMON Tools Lite
2016-06-20 08:08 - 2016-05-31 21:50 - 00000000 ____D C:\Users\sonia\AppData\Roaming\DAEMON Tools Lite
2016-06-20 07:52 - 2016-02-21 19:43 - 00000000 ____D C:\Program Files\Recuva
2016-06-20 02:25 - 2015-10-30 09:24 - 00000000 ___RD C:\WINDOWS\PrintDialog
2016-06-20 00:58 - 2016-06-01 02:56 - 00000000 ____D C:\Users\Public\Documents\Daemon Tools Images
2016-06-17 18:17 - 2016-06-15 02:08 - 00000000 ____D C:\Program Files (x86)\NCSOFT
2016-06-17 18:15 - 2016-06-15 01:06 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NCSOFT
2016-06-17 18:15 - 2012-11-20 16:44 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2016-06-16 16:56 - 2016-06-02 21:28 - 00000000 ____D C:\Program Files (x86)\Steam

==================== Fichiers à la racine de certains dossiers =======

2016-03-22 03:20 - 2016-03-22 03:26 - 0002634 _____ () C:\Users\sonia\AppData\Roaming\droid4xinstaller.log
2015-10-18 14:33 - 2015-10-18 14:33 - 0032038 _____ () C:\Users\sonia\AppData\Roaming\Edge.ico
2016-06-05 22:39 - 2016-06-05 22:39 - 0001297 _____ () C:\Users\sonia\AppData\Local\Discord (2).lnk
2016-06-05 22:04 - 2016-06-05 22:04 - 0001297 _____ () C:\Users\sonia\AppData\Local\Discord.lnk
2015-10-29 16:36 - 2016-03-19 16:35 - 0007598 _____ () C:\Users\sonia\AppData\Local\resmon.resmoncfg
2016-02-09 14:43 - 2016-02-09 14:43 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
2015-11-30 00:21 - 2015-11-30 00:21 - 0009503 _____ () C:\ProgramData\regid.2015-11.com.tmacdev,dev_95D5118B-D43F-4229-A9DD-6242B211CBDF.swidtag

Fichiers à déplacer ou supprimer:
====================
C:\Users\sonia\AppData\Local\Temp\{907A1104-E812-4b5c-959B-E4DAB37A96AB}\Install.exe
C:\Users\sonia\ZHPDiag3.exe


==================== Bamital & volsnap =================

(Il n'y a pas de correction automatique pour les fichiers qui ne satisfont pas à la vérification.)

C:\WINDOWS\system32\winlogon.exe => Le fichier est signé numériquement
C:\WINDOWS\system32\wininit.exe => Le fichier est signé numériquement
C:\WINDOWS\explorer.exe => Le fichier est signé numériquement
C:\WINDOWS\SysWOW64\explorer.exe => Le fichier est signé numériquement
C:\WINDOWS\system32\svchost.exe => Le fichier est signé numériquement
C:\WINDOWS\SysWOW64\svchost.exe => Le fichier est signé numériquement
C:\WINDOWS\system32\services.exe => Le fichier est signé numériquement
C:\WINDOWS\system32\User32.dll => Le fichier est signé numériquement
C:\WINDOWS\SysWOW64\User32.dll => Le fichier est signé numériquement
C:\WINDOWS\system32\userinit.exe => Le fichier est signé numériquement
C:\WINDOWS\SysWOW64\userinit.exe => Le fichier est signé numériquement
C:\WINDOWS\system32\rpcss.dll => Le fichier est signé numériquement
C:\WINDOWS\system32\dnsapi.dll => Le fichier est signé numériquement
C:\WINDOWS\SysWOW64\dnsapi.dll => Le fichier est signé numériquement
C:\WINDOWS\system32\Drivers\volsnap.sys => Le fichier est signé numériquement


LastRegBack: 2016-07-07 01:45

==================== Fin de FRST.txt ============================