Résultats d'analyse de Farbar Recovery Scan Tool (FRST) (x64) Version: 10-10-2016 Exécuté par Mathis (administrateur) sur PAVILLON15E049S (13-10-2016 10:20:32) Exécuté depuis C:\Users\Mathis\Desktop Profils chargés: Mathis (Profils disponibles: Mathis & CCCCCCCCCCCCCCCCCCCC) Platform: Windows 8.1 (Update) (X64) Langue: Français (France) Internet Explorer Version 11 (Navigateur par défaut: Chrome) Mode d'amorçage: Normal Tutoriel pour Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processus (Avec liste blanche) ================= (Si un élément est inclus dans le fichier fixlist.txt, le processus sera arrêté. Le fichier ne sera pas déplacé.) (AMD) C:\Windows\System32\atiesrxx.exe (Hewlett-Packard Company) C:\Windows\System32\hpservice.exe (Sandboxie Holdings, LLC) Z:\Softs\Sandboxie\SbieSvc.exe (Microsoft Corporation) C:\Windows\System32\wlanext.exe (Advanced Micro Devices, Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe (Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe (Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP System Event\HPWMISVC.exe (Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe (Microsoft Corporation) C:\Windows\System32\alg.exe (Microsoft Corporation) C:\Program Files\Windows Defender\NisSrv.exe (Microsoft Corporation) C:\Windows\System32\dllhost.exe (Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe (HP Inc.) C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe (Microsoft Corporation) C:\Program Files\Windows Defender\MpCmdRun.exe (AMD) C:\Windows\System32\atieclxx.exe (Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe (Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe (Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP 3D DriveGuard\AccelerometerSt.exe (Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe (Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP System Event\HPMSGSVC.exe (Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe (Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe (CyberLink) C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe (Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP CoolSense\CoolSense.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (HP Inc.) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe ==================== Registre (Avec liste blanche) ==================== (Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé. Le fichier ne sera pas déplacé.) HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [3053808 2013-10-27] (Synaptics Incorporated) HKLM-x32\...\Run: [RemoteControl10] => C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe [95192 2013-04-10] (CyberLink Corp.) HKLM-x32\...\Run: [AccelerometerSysTrayApplet] => C:\Program Files (x86)\Hewlett-Packard\HP 3D DriveGuard\AccelerometerST.exe [77088 2013-07-24] (Hewlett-Packard Company) HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [766688 2014-07-04] (Advanced Micro Devices, Inc.) HKLM-x32\...\Run: [HPMessageService] => C:\Program Files (x86)\Hewlett-Packard\HP System Event\HPMSGSVC.exe [654088 2015-02-17] (Hewlett-Packard Development Company, L.P.) HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [596528 2015-11-09] (Oracle Corporation) HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [96056 2013-05-30] (Hewlett-Packard) HKLM-x32\...\Run: [] => [X] HKLM-x32\...\Run: [BlueStacks Agent] => C:\Program Files (x86)\BlueStacks\HD-Agent.exe HKU\S-1-5-21-3531046685-3261579373-2195462380-1002\...\Run: [Facebook Update] => C:\Users\Mathis\AppData\Local\Facebook\Update\FacebookUpdate.exe [138096 2014-01-28] (Facebook Inc.) HKU\S-1-5-21-3531046685-3261579373-2195462380-1002\...\Run: [SandboxieControl] => Z:\Softs\Sandboxie\SbieCtrl.exe [787592 2015-05-28] (Sandboxie Holdings, LLC) HKU\S-1-5-21-3531046685-3261579373-2195462380-1002\...\Run: [Steam] => Z:\Softs\Steam\steam.exe [2858272 2016-09-20] (Valve Corporation) HKU\S-1-5-21-3531046685-3261579373-2195462380-1002\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [53282944 2015-06-29] (Skype Technologies S.A.) HKU\S-1-5-21-3531046685-3261579373-2195462380-1002\...\Run: [TomTomHOME.exe] => "Z:\Softs\TomTom Home\TomTom HOME 2\TomTomHOMERunner.exe" -s HKU\S-1-5-21-3531046685-3261579373-2195462380-1002\...\Run: [MyComGames] => "C:\Users\Mathis\AppData\Local\MyComGames\MyComGames.exe" -autostart HKU\S-1-5-21-3531046685-3261579373-2195462380-1002\...\Run: [Dropbox Update] => C:\Users\Mathis\AppData\Local\Dropbox\Update\DropboxUpdate.exe [136048 2015-10-12] (Dropbox, Inc.) HKU\S-1-5-21-3531046685-3261579373-2195462380-1002\...\MountPoints2: {6edb415c-a733-11e3-beb8-a0481c06e9ef} - "F:\Une-cle-pour-demarrer.exe" HKU\S-1-5-21-3531046685-3261579373-2195462380-1002\...\MountPoints2: {8fdfbef7-42b7-11e5-bf40-a0481c06e9ef} - "F:\LG_PC_Programs.exe" HKU\S-1-5-21-3531046685-3261579373-2195462380-1002\...\MountPoints2: {d145bfb5-ac88-11e5-bf6f-a0481c06e9ef} - "F:\Setup.exe" HKU\S-1-5-18\...\Run: [Power2GoExpress8] => C:\Program Files (x86)\CyberLink\Power2Go8\Power2GoExpress8.exe [1728952 2015-06-22] (CyberLink Corp.) ShellIconOverlayIdentifiers: [ SkyDrive1] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => Pas de fichier ShellIconOverlayIdentifiers: [ SkyDrive2] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => Pas de fichier ShellIconOverlayIdentifiers: [ SkyDrive3] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => Pas de fichier ShellIconOverlayIdentifiers: ["DropboxExt1"] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Mathis\AppData\Roaming\Dropbox\bin\DropboxExt64.65536.dll [2016-10-06] (Dropbox, Inc.) ShellIconOverlayIdentifiers: ["DropboxExt2"] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Mathis\AppData\Roaming\Dropbox\bin\DropboxExt64.65536.dll [2016-10-06] (Dropbox, Inc.) ShellIconOverlayIdentifiers: ["DropboxExt3"] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Mathis\AppData\Roaming\Dropbox\bin\DropboxExt64.65536.dll [2016-10-06] (Dropbox, Inc.) ShellIconOverlayIdentifiers: ["DropboxExt4"] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Mathis\AppData\Roaming\Dropbox\bin\DropboxExt64.65536.dll [2016-10-06] (Dropbox, Inc.) ShellIconOverlayIdentifiers: ["DropboxExt5"] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Mathis\AppData\Roaming\Dropbox\bin\DropboxExt64.65536.dll [2016-10-06] (Dropbox, Inc.) ShellIconOverlayIdentifiers: ["DropboxExt6"] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Mathis\AppData\Roaming\Dropbox\bin\DropboxExt64.65536.dll [2016-10-06] (Dropbox, Inc.) ShellIconOverlayIdentifiers: ["DropboxExt7"] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Mathis\AppData\Roaming\Dropbox\bin\DropboxExt64.65536.dll [2016-10-06] (Dropbox, Inc.) ShellIconOverlayIdentifiers: ["DropboxExt8"] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Mathis\AppData\Roaming\Dropbox\bin\DropboxExt64.65536.dll [2016-10-06] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ SkyDrive1] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => Pas de fichier ShellIconOverlayIdentifiers-x32: [ SkyDrive2] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => Pas de fichier ShellIconOverlayIdentifiers-x32: [ SkyDrive3] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => Pas de fichier Startup: C:\Users\Mathis\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Alertes de surveillance de l'encre - HP Officejet Pro 6830.lnk [2016-08-18] Startup: C:\Users\Mathis\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk [2015-10-12] ShortcutTarget: Dropbox.lnk -> C:\Users\Mathis\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.) GroupPolicy: Restriction - Chrome <======= ATTENTION CHR HKLM\SOFTWARE\Policies\Google: Restriction <======= ATTENTION ==================== Internet (Avec liste blanche) ==================== (Si un élément est inclus dans le fichier fixlist.txt, s'il s'agit d'un élément du Registre, il sera supprimé ou restauré à la valeur par défaut.) AutoConfigURL: [S-1-5-21-3531046685-3261579373-2195462380-1002] => hxxp://noneblock.biz/wpad.dat?32ab9ea066b9c6abd2f64fb527b2303118137393 Tcpip\Parameters: [DhcpNameServer] 192.168.1.254 Tcpip\..\Interfaces\{B9C73D13-B206-4BE1-B55A-EC7F49A667BB}: [DhcpNameServer] 192.168.1.254 ManualProxies: 0hxxp://noneblock.biz/wpad.dat?32ab9ea066b9c6abd2f64fb527b2303118137393 Internet Explorer: ================== HKU\S-1-5-21-3531046685-3261579373-2195462380-1002\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/?LinkID=617910&ResetID=131199752742185755&GUID=D8AB4B09-2EE8-4728-B8E4-8A4D5BBB4377 HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/?LinkID=617910&ResetID=131199752742189840&GUID=D8AB4B09-2EE8-4728-B8E4-8A4D5BBB4377 HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://g.uk.msn.com/HPNOT13/3 HKU\S-1-5-21-3531046685-3261579373-2195462380-1002\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://g.uk.msn.com/HPNOT13/3 HKU\S-1-5-21-3531046685-3261579373-2195462380-1002\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.bing.com/search?q={searchTerms}&FORM=INMODF&PC=IN05 HKU\S-1-5-21-3531046685-3261579373-2195462380-1002\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/p/?LinkId=619797&pc=UE12&ocid=UE12DHP HKU\S-1-5-21-3531046685-3261579373-2195462380-1002\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxp://www.bing.com/search?q={searchTerms}&FORM=INMODF&PC=IN05 SearchScopes: HKLM -> {CF6E4C5A-A4C9-4373-9254-2390FFEFD754} URL = hxxp://www.amazon.fr/s/ref=azs_osd_ieafr?ie=UTF-8&tag=hp-fr2-vsb-21&link%5Fcode=qs&index=aps&field-keywords={searchTerms} SearchScopes: HKLM -> {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = hxxp://rover.ebay.com/rover/1/709-29563-11896-9/4 ?mpre=http%3A%2F%2Fwww.ebay.com%2Fsch%2F%3F_nkw%3D{searchTerms}&keyword={searchTerms} SearchScopes: HKLM-x32 -> {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL = hxxp://www.bing.com/search?q={searchTerms}&FORM=INMODF&PC=IN05 SearchScopes: HKLM-x32 -> {CF6E4C5A-A4C9-4373-9254-2390FFEFD754} URL = hxxp://www.amazon.fr/s/ref=azs_osd_ieafr?ie=UTF-8&tag=hp-fr2-vsb-21&link%5Fcode=qs&index=aps&field-keywords={searchTerms} SearchScopes: HKLM-x32 -> {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = hxxp://rover.ebay.com/rover/1/709-29563-11896-9/4 ?mpre=http%3A%2F%2Fwww.ebay.com%2Fsch%2F%3F_nkw%3D{searchTerms}&keyword={searchTerms} SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\S-1-5-21-3531046685-3261579373-2195462380-1002 -> {CF6E4C5A-A4C9-4373-9254-2390FFEFD754} URL = hxxp://www.amazon.fr/s/ref=azs_osd_ieafr?ie=UTF-8&tag=hp-fr2-vsb-21&link%5Fcode=qs&index=aps&field-keywords={searchTerms} SearchScopes: HKU\S-1-5-21-3531046685-3261579373-2195462380-1002 -> {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = hxxp://rover.ebay.com/rover/1/709-29563-11896-9/4 ?mpre=http%3A%2F%2Fwww.ebay.com%2Fsch%2F%3F_nkw%3D{searchTerms}&keyword={searchTerms} BHO: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll [2016-07-21] (HP Inc.) BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_66\bin\ssv.dll [2015-12-29] (Oracle Corporation) BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_66\bin\jp2ssv.dll [2015-12-29] (Oracle Corporation) BHO-x32: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll [2016-07-21] (HP Inc.) IE Session Restore: HKU\S-1-5-21-3531046685-3261579373-2195462380-1002 -> est activé. FireFox: ======== FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll [Pas de fichier] FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\windows\SysWOW64\Adobe\Director\np32dsw_1166636.dll [2012-08-08] (Adobe Systems, Inc.) FF Plugin-x32: @java.com/DTPlugin,version=11.66.2 -> C:\Program Files (x86)\Java\jre1.8.0_66\bin\dtplugin\npDeployJava1.dll [2015-12-29] (Oracle Corporation) FF Plugin-x32: @java.com/JavaPlugin,version=11.66.2 -> C:\Program Files (x86)\Java\jre1.8.0_66\bin\plugin2\npjp2.dll [2015-12-29] (Oracle Corporation) FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3505.0912 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-09-12] (Microsoft Corporation) FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-10-12] (Google Inc.) FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-10-12] (Google Inc.) FF Plugin HKU\S-1-5-21-3531046685-3261579373-2195462380-1002: @Skype Limited.com/Facebook Video Calling Plugin -> C:\Users\Mathis\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll [2014-07-24] (Skype Limited) FF Plugin HKU\S-1-5-21-3531046685-3261579373-2195462380-1002: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Mathis\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2015-04-27] (Unity Technologies ApS) Chrome: ======= CHR Profile: C:\Users\Mathis\AppData\Local\Google\Chrome\User Data\Default [2016-10-13] CHR Extension: (Paiements via le Chrome Web Store) - C:\Users\Mathis\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-10-12] CHR Extension: (Chrome Media Router) - C:\Users\Mathis\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2016-10-12] ==================== Services (Avec liste blanche) ==================== (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.) R2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [361984 2013-04-17] (Advanced Micro Devices, Inc.) [Fichier non signé] S3 BRSptStub; C:\ProgramData\BitRaider\BRSptStub.exe [363208 2015-04-04] (BitRaider, LLC) R2 HPSupportSolutionsFrameworkService; C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe [29728 2016-08-15] (HP Inc.) R2 HPWMISVC; c:\Program Files (x86)\Hewlett-Packard\HP System Event\HPWMISVC.exe [608520 2015-02-17] (Hewlett-Packard Development Company, L.P.) S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe [73728 2004-10-22] (Macrovision Corporation) [Fichier non signé] R2 SbieSvc; Z:\Softs\Sandboxie\SbieSvc.exe [176264 2015-05-28] (Sandboxie Holdings, LLC) S3 vmicvss; C:\Windows\System32\ICSvc.dll [524800 2014-10-29] (Microsoft Corporation) R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [366552 2015-07-07] (Microsoft Corporation) R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2015-07-07] (Microsoft Corporation) ===================== Pilotes (Avec liste blanche) ====================== (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.) R0 amdkmpfd; C:\Windows\System32\drivers\amdkmpfd.sys [37472 2013-10-27] (Advanced Micro Devices, Inc.) S2 AODDriver4.2.0; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [57472 2012-04-09] (Advanced Micro Devices) R3 AtiHDAudioService; C:\Windows\system32\drivers\AtihdW86.sys [94208 2013-02-15] (Advanced Micro Devices) S3 BRDriver64_1_3_3_E02B25FC; C:\ProgramData\BitRaider\support\1.3.3\E02B25FC\BRDriver64.sys [78088 2015-04-04] (BitRaider) S3 bthav; C:\Windows\system32\drivers\bthav.sys [40448 2008-07-10] (CSR, plc) R1 CLVirtualDrive; C:\Windows\system32\DRIVERS\CLVirtualDrive.sys [100624 2015-06-08] (CyberLink) S0 ebdrv; C:\Windows\System32\drivers\evbda.sys [3357024 2013-08-22] (Broadcom Corporation) S3 EsgScanner; C:\Windows\System32\DRIVERS\EsgScanner.sys [22704 2016-03-28] () S3 Hamachi; C:\Windows\system32\DRIVERS\Hamdrv.sys [46136 2014-05-13] (LogMeIn Inc.) R3 RSP2STOR; C:\Windows\system32\DRIVERS\RtsP2Stor.sys [290008 2014-12-06] (Realtek Semiconductor Corp.) R3 RTWlanE; C:\Windows\system32\DRIVERS\rtwlane.sys [3785432 2015-04-21] (Realtek Semiconductor Corporation ) R3 RTWlanE; C:\Windows\SysWOW64\DRIVERS\rtwlane.sys [2944216 2015-03-18] (Realtek Semiconductor Corporation ) R3 SbieDrv; Z:\Softs\Sandboxie\SbieDrv.sys [188552 2015-05-28] (Sandboxie Holdings, LLC) S4 secdrv; C:\Windows\SysWow64\Drivers\secdrv.sys [163644 2015-10-30] (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.) [Fichier non signé] S3 SmbDrv; C:\Windows\System32\drivers\Smb_driver_AMDASF.sys [28400 2013-02-06] (Synaptics Incorporated) S3 SmbDrvI; C:\Windows\System32\drivers\Smb_driver_Intel.sys [31984 2013-02-06] (Synaptics Incorporated) S3 taphss6; C:\Windows\system32\DRIVERS\taphss6.sys [42184 2014-01-15] (Anchorfree Inc.) S3 tapoas; C:\Windows\system32\DRIVERS\tapoas.sys [30720 2012-07-15] (The OpenVPN Project) S0 WdBoot; C:\Windows\System32\drivers\WdBoot.sys [44560 2015-07-07] (Microsoft Corporation) R0 WdFilter; C:\Windows\System32\drivers\WdFilter.sys [270168 2015-07-07] (Microsoft Corporation) R2 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114520 2015-07-07] (Microsoft Corporation) R3 WirelessButtonDriver; C:\Windows\System32\drivers\WirelessButtonDriver64.sys [30384 2015-06-23] (HP Inc.) S3 RTSPER; system32\DRIVERS\RtsPer.sys [X] ==================== NetSvcs (Avec liste blanche) =================== (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.) ==================== Un mois - Créés - fichiers et dossiers ======== (Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.) 2016-10-13 10:20 - 2016-10-13 10:22 - 00019853 _____ C:\Users\Mathis\Desktop\FRST.txt 2016-10-13 10:20 - 2016-10-13 10:20 - 00000000 ____D C:\FRST 2016-10-13 10:19 - 2016-10-13 10:19 - 02407424 _____ (Farbar) C:\Users\Mathis\Desktop\FRST64.exe 2016-10-12 20:40 - 2016-10-12 20:40 - 00014037 _____ C:\Users\Mathis\Desktop\ZHPFixReport.txt 2016-10-12 20:39 - 2016-10-12 20:39 - 00000691 _____ C:\Users\Public\Desktop\ZHPFix.lnk 2016-10-12 20:39 - 2016-10-12 20:39 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ZHP 2016-10-12 20:38 - 2016-10-12 20:38 - 03521617 _____ (Nicolas Coolman ) C:\Users\Mathis\Downloads\ZHPFix.exe 2016-10-12 20:04 - 2016-10-12 20:45 - 00126724 _____ C:\Users\Mathis\Desktop\ZHPDiag.txt 2016-10-12 19:54 - 2016-10-12 20:42 - 00000882 _____ C:\Users\Mathis\Desktop\ZHPDiag.lnk 2016-10-12 19:54 - 2016-10-12 19:54 - 02397184 _____ C:\Users\Mathis\Downloads\ZHPDiag3.exe 2016-10-12 19:50 - 2016-10-12 19:50 - 00025495 _____ C:\Users\Mathis\Desktop\Secure Preferences.txt 2016-10-12 19:38 - 2016-10-12 19:38 - 00001531 _____ C:\Users\Mathis\Desktop\ZHPCleaner.txt 2016-10-12 18:57 - 2016-10-12 20:44 - 00000000 ____D C:\Users\Mathis\AppData\Roaming\ZHP 2016-10-12 18:57 - 2016-10-12 18:57 - 02445824 _____ C:\Users\Mathis\ZHPCleaner.exe 2016-10-12 18:57 - 2016-10-12 18:57 - 02398720 _____ C:\Users\Mathis\Downloads\ZHPCleaner.exe 2016-10-12 18:57 - 2016-10-12 18:57 - 00000892 _____ C:\Users\Mathis\Desktop\ZHPCleaner.lnk 2016-10-12 18:34 - 2016-10-12 18:34 - 00002256 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk 2016-10-12 18:34 - 2016-10-12 18:34 - 00002244 _____ C:\Users\Public\Desktop\Google Chrome.lnk 2016-10-12 18:33 - 2016-10-13 10:17 - 00001096 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job 2016-10-12 18:33 - 2016-10-13 07:38 - 00001100 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job 2016-10-12 18:33 - 2016-10-12 18:33 - 00004072 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA 2016-10-12 18:33 - 2016-10-12 18:33 - 00003836 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore 2016-10-12 18:29 - 2016-10-12 18:30 - 00000290 _____ C:\Users\Mathis\Desktop\chrome.txt 2016-10-12 15:32 - 2016-10-10 22:22 - 03874368 _____ C:\Users\Mathis\Desktop\adwcleaner_6.021.exe 2016-10-07 08:03 - 2016-10-07 08:03 - 00000000 ____D C:\Users\Mathis\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox 2016-10-03 22:38 - 2016-10-03 22:38 - 00000000 ____D C:\Users\Mathis\AppData\Local\ESET 2016-10-01 16:59 - 2016-10-01 16:59 - 00000000 ____D C:\Users\Default\AppData\Roaming\hpqLog 2016-10-01 16:59 - 2016-10-01 16:59 - 00000000 ____D C:\Users\Default\AppData\Roaming\Hewlett-Packard 2016-10-01 16:59 - 2016-10-01 16:59 - 00000000 ____D C:\Users\Default User\AppData\Roaming\hpqLog 2016-10-01 16:59 - 2016-10-01 16:59 - 00000000 ____D C:\Users\Default User\AppData\Roaming\Hewlett-Packard 2016-10-01 16:57 - 2015-06-08 17:46 - 00100624 _____ (CyberLink) C:\WINDOWS\system32\Drivers\CLVirtualDrive.sys 2016-09-26 15:43 - 2016-10-04 13:38 - 00000000 ____D C:\Users\Mathis\Desktop\films 2016-09-26 15:43 - 2016-09-26 15:43 - 00002705 _____ C:\Users\Mathis\Desktop\µTorrent.lnk 2016-09-26 15:42 - 2016-10-04 17:32 - 00000000 ____D C:\Users\Mathis\AppData\Roaming\uTorrent 2016-09-24 11:03 - 2016-09-24 11:03 - 00000000 ____D C:\Program Files (x86)\NVIDIA Corporation 2016-09-24 11:03 - 2016-09-24 11:03 - 00000000 ____D C:\Program Files (x86)\AGEIA Technologies 2016-09-16 14:07 - 2016-09-16 14:08 - 00839320 _____ C:\WINDOWS\Minidump\091616-33953-01.dmp 2016-09-15 01:35 - 2016-08-21 01:45 - 07076864 _____ (Microsoft Corporation) C:\WINDOWS\system32\glcndFilter.dll 2016-09-15 01:35 - 2016-08-21 01:27 - 01445376 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll 2016-09-15 01:35 - 2016-08-21 01:22 - 00435200 _____ (Microsoft Corporation) C:\WINDOWS\system32\schannel.dll 2016-09-15 01:35 - 2016-08-21 01:05 - 05273600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\glcndFilter.dll 2016-09-15 01:35 - 2016-08-21 00:50 - 00360448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\schannel.dll 2016-09-15 01:35 - 2016-08-21 00:42 - 07795712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll 2016-09-15 01:35 - 2016-08-21 00:27 - 05268480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll 2016-09-15 01:35 - 2016-08-10 00:47 - 00803176 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleaut32.dll 2016-09-15 01:35 - 2016-08-10 00:47 - 00611576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\oleaut32.dll 2016-09-15 01:35 - 2016-08-04 16:17 - 00416768 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv.sys 2016-09-15 01:35 - 2016-08-03 20:06 - 00675328 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv2.sys 2016-09-15 01:35 - 2016-08-03 20:05 - 00243712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srvnet.sys 2016-09-15 01:35 - 2016-06-11 05:44 - 00107984 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncryptsslp.dll 2016-09-15 01:35 - 2016-06-11 05:44 - 00091416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ncryptsslp.dll 2016-09-15 01:34 - 2016-09-01 05:08 - 20312064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll 2016-09-15 01:34 - 2016-09-01 04:46 - 00498688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll 2016-09-15 01:34 - 2016-09-01 04:24 - 00663552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll 2016-09-15 01:34 - 2016-09-01 03:39 - 00880128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcomm.dll 2016-09-15 01:34 - 2016-09-01 03:30 - 00692736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll 2016-09-15 01:34 - 2016-09-01 03:27 - 13808128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll 2016-09-15 01:34 - 2016-09-01 03:24 - 04607488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll 2016-09-15 01:34 - 2016-09-01 02:45 - 25770496 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll 2016-09-15 01:34 - 2016-09-01 02:43 - 02445824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll 2016-09-15 01:34 - 2016-09-01 02:42 - 00710144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll 2016-09-15 01:34 - 2016-09-01 02:38 - 01316352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll 2016-09-15 01:34 - 2016-09-01 02:24 - 00576000 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll 2016-09-15 01:34 - 2016-09-01 02:10 - 00817664 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll 2016-09-15 01:34 - 2016-09-01 02:06 - 06047232 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll 2016-09-15 01:34 - 2016-09-01 01:38 - 01032704 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcomm.dll 2016-09-15 01:34 - 2016-09-01 01:28 - 00806400 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll 2016-09-15 01:34 - 2016-09-01 01:15 - 15411712 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll 2016-09-15 01:34 - 2016-09-01 01:10 - 02921472 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll 2016-09-15 01:34 - 2016-09-01 00:58 - 01550848 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll 2016-09-15 01:34 - 2016-09-01 00:47 - 00800768 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll 2016-09-15 01:34 - 2016-08-26 07:51 - 02894336 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll 2016-09-15 01:34 - 2016-08-26 06:44 - 02286592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll 2016-09-15 01:34 - 2016-08-26 06:41 - 02881536 _____ (Microsoft Corporation) C:\WINDOWS\system32\actxprxy.dll 2016-09-15 01:34 - 2016-08-26 06:00 - 01049600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\actxprxy.dll 2016-09-15 01:33 - 2016-08-13 09:41 - 07445848 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe 2016-09-15 01:33 - 2016-08-13 09:40 - 01737080 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll 2016-09-15 01:33 - 2016-08-13 09:40 - 01663184 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi 2016-09-15 01:33 - 2016-08-13 09:40 - 01523208 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe 2016-09-15 01:33 - 2016-08-13 09:40 - 01490120 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi 2016-09-15 01:33 - 2016-08-13 09:40 - 01358952 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe 2016-09-15 01:33 - 2016-08-13 02:04 - 00059392 _____ (Microsoft Corporation) C:\WINDOWS\system32\csrsrv.dll 2016-09-15 01:32 - 2016-09-08 23:51 - 00443224 _____ (Microsoft Corporation) C:\WINDOWS\system32\msv1_0.dll 2016-09-15 01:32 - 2016-09-08 23:51 - 00332632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msv1_0.dll 2016-09-15 01:32 - 2016-08-22 18:06 - 00179248 _____ (Microsoft Corporation) C:\WINDOWS\system32\sspicli.dll 2016-09-15 01:32 - 2016-08-22 18:06 - 00100184 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecdd.sys 2016-09-15 01:32 - 2016-08-21 03:03 - 00201728 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb20.sys 2016-09-15 01:32 - 2016-08-21 03:01 - 00401408 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb.sys 2016-09-15 01:32 - 2016-08-21 03:01 - 00284672 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb10.sys 2016-09-15 01:32 - 2016-08-21 02:17 - 00445440 _____ (Microsoft Corporation) C:\WINDOWS\system32\certcli.dll 2016-09-15 01:32 - 2016-08-21 01:26 - 00324096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\certcli.dll 2016-09-15 01:32 - 2016-08-21 00:55 - 00104960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sspicli.dll 2016-09-15 01:32 - 2016-08-14 21:34 - 01541248 _____ (Microsoft Corporation) C:\WINDOWS\system32\user32.dll 2016-09-15 01:32 - 2016-08-14 20:25 - 04171264 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys 2016-09-15 01:32 - 2016-08-14 18:14 - 01376768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\user32.dll 2016-09-15 01:32 - 2016-08-11 18:26 - 01156608 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwanmm.dll 2016-09-15 01:32 - 2016-08-11 18:17 - 00627200 _____ (Microsoft Corporation) C:\WINDOWS\system32\pnidui.dll 2016-09-15 01:32 - 2016-08-11 18:16 - 00455680 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwanconn.dll ==================== Un mois - Modifiés - fichiers et dossiers ======== (Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.) 2016-10-13 10:21 - 2013-09-27 10:18 - 00003598 _____ C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-3531046685-3261579373-2195462380-1002 2016-10-13 10:16 - 2015-07-29 13:09 - 00000588 _____ C:\WINDOWS\system32\Drivers\etc\hosts.ics 2016-10-13 08:00 - 2015-10-12 13:55 - 00001232 _____ C:\WINDOWS\Tasks\DropboxUpdateTaskUserS-1-5-21-3531046685-3261579373-2195462380-1002UA.job 2016-10-13 06:48 - 2014-01-28 22:43 - 00000964 _____ C:\WINDOWS\Tasks\FacebookUpdateTaskUserS-1-5-21-3531046685-3261579373-2195462380-1002UA.job 2016-10-13 01:09 - 2012-07-26 09:59 - 00000000 ____D C:\WINDOWS\CbsTemp 2016-10-13 01:03 - 2013-09-27 08:13 - 00003968 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{8ADA0271-CC71-49E3-ABAF-F92DB012D76A} 2016-10-12 19:05 - 2013-08-22 16:45 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT 2016-10-12 19:04 - 2014-10-19 14:35 - 00000000 ____D C:\AdwCleaner 2016-10-12 18:57 - 2014-10-30 17:49 - 00000000 ____D C:\Users\Mathis 2016-10-12 18:34 - 2013-09-27 21:06 - 00000000 ____D C:\Users\Mathis\AppData\Local\Google 2016-10-12 18:34 - 2013-09-27 21:06 - 00000000 ____D C:\Program Files (x86)\Google 2016-10-12 18:33 - 2015-03-02 20:16 - 00000000 ____D C:\Users\Mathis\AppData\Local\Deployment 2016-10-12 18:32 - 2015-03-02 20:16 - 00000000 __SHD C:\Users\Mathis\AppData\LocalLow\EmieUserList 2016-10-12 18:32 - 2015-03-02 20:16 - 00000000 __SHD C:\Users\Mathis\AppData\LocalLow\EmieSiteList 2016-10-12 14:00 - 2015-10-12 13:55 - 00001180 _____ C:\WINDOWS\Tasks\DropboxUpdateTaskUserS-1-5-21-3531046685-3261579373-2195462380-1002Core.job 2016-10-11 14:38 - 2016-04-11 18:02 - 00000979 _____ C:\Users\Mathis\Desktop\Start Tor Browser.lnk 2016-10-11 14:38 - 2014-10-30 18:25 - 00001681 _____ C:\Users\Mathis\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk 2016-10-10 23:18 - 2014-10-31 19:04 - 04240384 ___SH C:\Users\Mathis\Desktop\Thumbs.db 2016-10-10 23:01 - 2016-04-23 12:13 - 00003184 _____ C:\WINDOWS\System32\Tasks\HPCeeScheduleForMathis 2016-10-10 23:01 - 2016-04-23 12:13 - 00000368 _____ C:\WINDOWS\Tasks\HPCeeScheduleForMathis.job 2016-10-10 22:51 - 2014-09-24 17:26 - 02025074 _____ C:\WINDOWS\system32\PerfStringBackup.INI 2016-10-10 22:51 - 2014-09-24 16:41 - 00886220 _____ C:\WINDOWS\system32\perfh00C.dat 2016-10-10 22:51 - 2014-09-24 16:41 - 00191910 _____ C:\WINDOWS\system32\perfc00C.dat 2016-10-10 22:51 - 2013-08-22 15:36 - 00000000 ____D C:\WINDOWS\Inf 2016-10-10 21:48 - 2014-01-28 22:43 - 00000942 _____ C:\WINDOWS\Tasks\FacebookUpdateTaskUserS-1-5-21-3531046685-3261579373-2195462380-1002Core.job 2016-10-07 08:03 - 2014-09-11 17:04 - 00000000 ____D C:\Users\Mathis\AppData\Roaming\Dropbox 2016-10-05 20:38 - 2013-12-10 00:19 - 00000000 ____D C:\Users\Mathis\AppData\Roaming\vlc 2016-10-03 22:39 - 2013-08-22 15:25 - 00262144 ___SH C:\WINDOWS\system32\config\BBI 2016-10-01 16:59 - 2013-07-02 11:17 - 00000000 ____D C:\Program Files (x86)\Hewlett-Packard 2016-10-01 16:59 - 2012-08-04 02:02 - 00000000 ____D C:\SWSetup 2016-10-01 16:58 - 2013-08-09 17:36 - 00000000 ____D C:\WINDOWS\Hewlett-Packard 2016-10-01 16:57 - 2013-07-02 11:19 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Productivity and Tools 2016-10-01 16:55 - 2013-08-09 17:44 - 00000000 ____D C:\Program Files (x86)\CyberLink 2016-09-24 11:04 - 2013-12-14 18:13 - 00000000 ____D C:\Users\Mathis\Documents\My Games 2016-09-24 11:02 - 2013-08-09 17:34 - 00000000 ____D C:\ProgramData\Package Cache 2016-09-22 15:10 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\rescache 2016-09-22 08:12 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\AppReadiness 2016-09-16 14:07 - 2014-11-01 23:17 - 00000000 ____D C:\WINDOWS\Minidump 2016-09-16 14:07 - 2013-10-12 21:12 - 463727895 _____ C:\WINDOWS\MEMORY.DMP 2016-09-16 13:00 - 2015-09-14 18:24 - 00003598 _____ C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-3531046685-3261579373-2195462380-1007 2016-09-16 12:54 - 2013-08-22 17:36 - 00000000 ___HD C:\Program Files\WindowsApps 2016-09-16 11:55 - 2013-08-22 16:44 - 05061000 _____ C:\WINDOWS\system32\FNTCACHE.DAT 2016-09-15 21:30 - 2013-09-29 21:02 - 00000000 ____D C:\WINDOWS\system32\MRT 2016-09-15 21:22 - 2013-09-29 21:02 - 144199024 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe ==================== Fichiers à la racine de certains dossiers ======= 2015-01-17 21:34 - 2003-09-03 08:46 - 0010960 _____ () C:\Program Files (x86)\EULA.txt 2016-02-03 11:59 - 2016-02-03 11:59 - 6871040 _____ () C:\Program Files (x86)\GUT5E8F.tmp 2015-01-17 21:34 - 2015-10-25 11:31 - 0000744 _____ () C:\Program Files (x86)\INSTALL.LOG 2015-01-17 21:34 - 2003-12-18 12:33 - 0020102 _____ () C:\Program Files (x86)\Readme.txt 2014-02-08 20:34 - 2016-06-08 13:30 - 0000270 _____ () C:\Users\Mathis\AppData\Roaming\WB.CFG 2013-12-09 11:21 - 2014-03-31 09:27 - 0004608 _____ () C:\Users\Mathis\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini 2013-12-26 23:06 - 2013-12-26 23:06 - 0007605 _____ () C:\Users\Mathis\AppData\Local\Resmon.ResmonCfg 2015-08-29 23:14 - 2015-08-29 23:14 - 0025761 _____ () C:\Users\Mathis\AppData\Local\Tempbg.jpg 2013-11-11 15:10 - 2015-08-29 23:14 - 0877747 ____N () C:\Users\Mathis\AppData\Local\Tempmusic.ogg 2016-08-29 10:15 - 2016-08-29 10:15 - 0000000 _____ () C:\Users\Mathis\AppData\Local\{5EDAA8AE-24C5-421F-97FB-09412812F924} 2016-01-26 21:49 - 2016-01-26 21:49 - 0000057 _____ () C:\ProgramData\Ament.ini Fichiers à déplacer ou supprimer: ==================== C:\Users\Mathis\ZHPCleaner.exe ==================== Bamital & volsnap ====================== (Il n'y a pas de correction automatique pour les fichiers qui ne satisfont pas à la vérification.) C:\WINDOWS\system32\winlogon.exe => Le fichier est signé numériquement C:\WINDOWS\system32\wininit.exe => Le fichier est signé numériquement C:\WINDOWS\explorer.exe => Le fichier est signé numériquement C:\WINDOWS\SysWOW64\explorer.exe => Le fichier est signé numériquement C:\WINDOWS\system32\svchost.exe => Le fichier est signé numériquement C:\WINDOWS\SysWOW64\svchost.exe => Le fichier est signé numériquement C:\WINDOWS\system32\services.exe => Le fichier est signé numériquement C:\WINDOWS\system32\User32.dll => Le fichier est signé numériquement C:\WINDOWS\SysWOW64\User32.dll => Le fichier est signé numériquement C:\WINDOWS\system32\userinit.exe => Le fichier est signé numériquement C:\WINDOWS\SysWOW64\userinit.exe => Le fichier est signé numériquement C:\WINDOWS\system32\rpcss.dll => Le fichier est signé numériquement C:\WINDOWS\system32\dnsapi.dll => Le fichier est signé numériquement C:\WINDOWS\SysWOW64\dnsapi.dll => Le fichier est signé numériquement C:\WINDOWS\system32\Drivers\volsnap.sys => Le fichier est signé numériquement LastRegBack: 2016-10-10 23:47 ==================== Fin de FRST.txt ============================