Résultats d'analyse de  Farbar Recovery Scan Tool (FRST) (x86) Version: 15-03-2017
Exécuté par yess (administrateur) sur YESS-PC (12-04-2017 19:13:52)
Exécuté depuis C:\Users\yess\Desktop
Profils chargés: yess (Profils disponibles: yess)
Platform: Microsoft Windows 7 Édition Starter  Service Pack 1 (X86) Langue: Français (France)
Internet Explorer Version 11 (Navigateur par défaut: Chrome)
Mode d'amorçage: Normal
Tutoriel pour Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processus (Avec liste blanche) =================

(Si un élément est inclus dans le fichier fixlist.txt, le processus sera arrêté. Le fichier ne sera pas déplacé.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(AnchorFree Inc.) C:\Program Files\Hotspot Shield\bin\cmw_srv.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVCM.EXE
(Macrovision Corporation) C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe
(Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jusched.exe
(Skype Technologies S.A.) C:\Program Files\Skype\Phone\Skype.exe
(AnchorFree Inc.) C:\Program Files\Hotspot Shield\bin\hsscp.exe
(Tonec Inc.) C:\Program Files\Internet Download Manager\IEMonitor.exe
(Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jucheck.exe
(Tonec Inc.) C:\Program Files\Internet Download Manager\IDMan.exe

==================== Registre (Avec liste blanche) ====================

(Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé. Le fichier ne sera pas déplacé.)

HKLM\...\Run: [BCSSync] => C:\Program Files\Microsoft Office\Office14\BCSSync.exe [91520 2010-03-13] (Microsoft Corporation)
HKLM\...\Run: [ISUSScheduler] => C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe [81920 2005-08-11] (Macrovision Corporation)
HKLM\...\Run: [APSDaemon] => C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-04-21] (Apple Inc.)
HKLM\...\Run: [SunJavaUpdateSched] => C:\Program Files\Common Files\Java\Java Update\jusched.exe [596504 2016-04-01] (Oracle Corporation)
HKLM\...\Run: [Malwarebytes TrayApp] => C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\mbamtray.exe [2780112 2017-01-20] (Malwarebytes)
HKU\S-1-5-21-982583287-2987408562-3145824088-1000\...\Run: [ISUSPM Startup] => C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe [249856 2005-08-11] (Macrovision Corporation)
HKU\S-1-5-21-982583287-2987408562-3145824088-1000\...\Run: [IDMan] => C:\Program Files\Internet Download Manager\IDMan.exe [3911248 2015-10-16] (Tonec Inc.)
HKU\S-1-5-21-982583287-2987408562-3145824088-1000\...\Run: [Skype] => C:\Program Files\Skype\Phone\Skype.exe [27226072 2016-11-15] (Skype Technologies S.A.)
HKU\S-1-5-21-982583287-2987408562-3145824088-1000\...\Run: [EPSON SX100 Series] => C:\Windows\system32\spool\DRIVERS\W32X86\3\E_FATIEDE.EXE [188928 2008-02-05] (SEIKO EPSON CORPORATION)
HKU\S-1-5-18\...\RunOnce: [SPReview] => C:\Windows\System32\SPReview\SPReview.exe [280576 2014-09-18] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [   IDM Shell Extension] -> {CDC95B92-E27C-4745-A8C5-64A52A78855D} => C:\Program Files\Internet Download Manager\IDMShellExt.dll [2015-08-14] (Tonec Inc.)
GroupPolicy: Restriction - Chrome <======= ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Restriction <======= ATTENTION
CHR HKU\S-1-5-21-982583287-2987408562-3145824088-1000\SOFTWARE\Policies\Google: Restriction <======= ATTENTION

==================== Internet (Avec liste blanche) ====================

(Si un élément est inclus dans le fichier fixlist.txt, s'il s'agit d'un élément du Registre, il sera supprimé ou restauré à la valeur par défaut.)

Winsock: Catalog5 09 C:\Program Files\Bonjour\mdnsNSP.dll [152864 2010-10-07] (Apple Inc.)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1 0.0.0.0
Tcpip\..\Interfaces\{86DC00F5-1894-4050-922C-CE50C64FC686}: [DhcpNameServer] 192.168.1.1 0.0.0.0

Internet Explorer:
==================
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
HKU\S-1-5-21-982583287-2987408562-3145824088-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
HKU\S-1-5-21-982583287-2987408562-3145824088-1000\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\S-1-5-21-982583287-2987408562-3145824088-1000\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
SearchScopes: HKU\S-1-5-21-982583287-2987408562-3145824088-1000 -> DefaultScope 0633EE93-D776-472f-A0FF-E1416B8B2E3A URL = 
BHO: IDM integration (IDMIEHlprObj Class) -> {0055C089-8582-441B-A0BF-17B458C2A3A8} -> C:\Program Files\Internet Download Manager\IDMIECC.dll [2015-09-28] (Internet Download Manager, Tonec Inc.)
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [2011-06-12] (Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_91\bin\ssv.dll [2016-05-13] (Oracle Corporation)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-08-18] (Microsoft Corporation)
BHO: Easy Photo Print -> {9421DD08-935F-4701-A9CA-22DF90AC4EA6} -> C:\Program Files\Epson Software\Easy Photo Print\EPTBL.dll [2015-04-05] (SEIKO EPSON CORPORATION / CyCom Technology Corp.)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2010-02-28] (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_91\bin\jp2ssv.dll [2016-05-13] (Oracle Corporation)
Toolbar: HKLM - Easy Photo Print - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files\Epson Software\Easy Photo Print\EPTBL.dll [2015-04-05] (SEIKO EPSON CORPORATION / CyCom Technology Corp.)
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/pub/shockwave/cabs/flash/swflash.cab

FireFox:
========
FF HKU\S-1-5-21-982583287-2987408562-3145824088-1000\...\SeaMonkey\Extensions: [mozilla_cc2@internetdownloadmanager.com] - C:\Program Files\Internet Download Manager\idmmzcc2.xpi
FF Extension: (IDM integration) - C:\Program Files\Internet Download Manager\idmmzcc2.xpi [2015-11-09]
FF HKU\S-1-5-21-982583287-2987408562-3145824088-1000\...\SeaMonkey\Extensions: [mozilla_cc@internetdownloadmanager.com] - C:\Users\yess\AppData\Roaming\IDM\idmmzcc5
FF Extension: (IDM CC) - C:\Users\yess\AppData\Roaming\IDM\idmmzcc5 [2017-04-12] [non signé]
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32_25_0_0_148.dll [2017-04-11] ()
FF Plugin: @java.com/DTPlugin,version=11.91.2 -> C:\Program Files\Java\jre1.8.0_91\bin\dtplugin\npDeployJava1.dll [2016-05-13] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.91.2 -> C:\Program Files\Java\jre1.8.0_91\bin\plugin2\npjp2.dll [2016-05-13] (Oracle Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\Program Files\Microsoft Office\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2016-12-16] (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2016-12-16] (Google Inc.)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2017-04-05] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-982583287-2987408562-3145824088-1000: @zoom.us/ZoomVideoPlugin -> C:\Users\yess\AppData\Roaming\Zoom\bin\npzoomplugin.dll [2017-03-06] (Zoom Video Communications, Inc.)

Chrome: 
=======
CHR DefaultProfile: Default
CHR HomePage: Default -> amazon.com/websearch/?ie=UTF8__PARAM__
CHR RestoreOnStartup: Default -> "hxxp://searchinterneat-a.akamaihd.net/h?eq=U0EeCFZVBB8SRghCdFxZAghJQhgUdgoNTA1DE1QOIghcBRQQEQxHcFpdWAlDFQwFIk0FA1oDB0VXfV5bFElXTwhsLmpMAF4U"
CHR StartupUrls: Default -> "hxxps://www.google.com/"
CHR DefaultSearchURL: Default -> hxxps://www.amazon.com/websearch/?ie=UTF8__PARAM__&query={searchTerms}
CHR DefaultSearchKeyword: Default -> amazon
CHR Profile: C:\Users\yess\AppData\Local\Google\Chrome\User Data\Default [2017-04-12]
CHR Extension: (Sardalert - alert Live - Sardoche) - C:\Users\yess\AppData\Local\Google\Chrome\User Data\Default\Extensions\elnpfaoipdfdhikjacbpcfhpnehjjaii [2017-03-07]
CHR Extension: (Google Docs hors connexion) - C:\Users\yess\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-03-15]
CHR Extension: (Chrome Media Router) - C:\Users\yess\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-04-05]
CHR HKLM\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM\...\Chrome\Extension: [ngpampappnmepgilojfohadhhmbhlaek] - C:\Program Files\Internet Download Manager\IDMGCExt.crx [2015-11-09]
CHR HKU\S-1-5-21-982583287-2987408562-3145824088-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [dbaonaocldpohelilahfhnkmjankmbcc] - hxxps://clients2.google.com/service/update2/crx

Opera: 
=======
OPR Extension: (aapbdbdomjkkjkaonfhkkikfgjllcleb) - C:\Users\yess\AppData\Roaming\Opera Software\Opera Stable\Extensions\aapbdbdomjkkjkaonfhkkikfgjllcleb [2015-07-08]

==================== Services (Avec liste blanche) ====================

(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)

R2 hshld; C:\Program Files\Hotspot Shield\bin\cmw_srv.exe [2604664 2017-03-01] (AnchorFree Inc.)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [3303888 2017-01-20] (Malwarebytes)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [680960 2009-07-14] (Microsoft Corporation)
S3 rpcapd; "%ProgramFiles%\WinPcap\rpcapd.exe" -d -f "%ProgramFiles%\WinPcap\rpcapd.ini" [X]

===================== Pilotes (Avec liste blanche) ======================

(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)

S3 AFTrafMgr1.2; C:\Program Files\Hotspot Shield\bin\TrafMgr_1_2_32.sys [49080 2017-02-16] (AnchorFree Inc.)
S3 AndNetDiag; C:\Windows\System32\DRIVERS\lgandnetdiag.sys [23040 2012-07-03] (LG Electronics Inc.)
S3 ANDNetModem; C:\Windows\System32\DRIVERS\lgandnetmodem.sys [27776 2012-07-03] (LG Electronics Inc.)
S3 andnetndis; C:\Windows\System32\DRIVERS\lgandnetndis.sys [73728 2012-07-04] (LG Electronics Inc.)
R3 athur; C:\Windows\System32\DRIVERS\athur.sys [1500160 2010-01-05] (Atheros Communications, Inc.)
S3 cmusbser; C:\Windows\System32\DRIVERS\cmusbser.sys [103552 2008-08-29] (Mobile Connector)
R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [220088 2017-04-12] (Malwarebytes)
R2 NPF; C:\Windows\System32\drivers\npf.sys [36600 2013-03-01] (Riverbed Technology, Inc.)
S3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad32v.sys [32912 2014-11-22] (NVIDIA Corporation)
R3 SCREAMINGBDRIVER; C:\Windows\System32\drivers\ScreamingBAudio.sys [49856 2016-03-28] (Screaming Bee Inc)
R3 taphss6; C:\Windows\System32\DRIVERS\taphss6.sys [36944 2016-03-01] (Anchorfree Inc.)
R3 voxaldriver; C:\Windows\System32\DRIVERS\voxaldriverx86.sys [54696 2017-04-10] ()
U5 AppMgmt; C:\Windows\system32\svchost.exe [20992 2009-07-14] (Microsoft Corporation)
S3 catchme; \??\C:\Users\yess\AppData\Local\Temp\catchme.sys [X] <==== ATTENTION
S3 CLMirrorDriver; system32\DRIVERS\CLMirrorDriver.sys [X]
S3 FXDrv32; \??\E:\FXDrv32.sys [X]
S1 kikxtirh; \??\C:\Windows\system32\drivers\kikxtirh.sys [X]

==================== NetSvcs (Avec liste blanche) ===================

(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)


==================== Un mois - Créés - fichiers et dossiers ========

(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)

2017-04-12 19:13 - 2017-04-12 19:14 - 00013524 _____ C:\Users\yess\Desktop\FRST.txt
2017-04-12 19:13 - 2017-04-12 19:13 - 00000000 ____D C:\FRST
2017-04-12 19:12 - 2017-04-12 19:12 - 01766912 _____ (Farbar) C:\Users\yess\Desktop\FRST.exe
2017-04-12 18:12 - 2017-04-12 18:12 - 00119569 _____ C:\Users\yess\Desktop\ZHPDiag.txt
2017-04-12 18:02 - 2017-04-12 18:02 - 00000781 _____ C:\Users\yess\Desktop\ZHPDiag.lnk
2017-04-12 17:58 - 2017-04-12 18:00 - 00668346 _____ C:\TDSSKiller.3.1.0.12_12.04.2017_17.58.02_log.txt
2017-04-12 17:57 - 2017-04-12 17:57 - 04747704 _____ (AO Kaspersky Lab) C:\Users\yess\Desktop\tdsskiller.exe
2017-04-12 17:52 - 2017-04-12 17:56 - 00635610 _____ C:\TDSSKiller.3.1.0.12_12.04.2017_17.52.46_log.txt
2017-04-12 17:50 - 2017-04-12 17:51 - 00004670 _____ C:\TDSSKiller.3.1.0.12_12.04.2017_17.50.44_log.txt
2017-04-12 17:48 - 2017-04-12 17:50 - 00192890 _____ C:\TDSSKiller.3.1.0.12_12.04.2017_17.48.10_log.txt
2017-04-12 13:56 - 2017-04-12 13:56 - 00002471 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2017-04-12 13:56 - 2017-04-12 13:56 - 00002029 _____ C:\Users\Public\Desktop\Acrobat Reader DC.lnk
2017-04-11 18:17 - 2017-04-11 18:17 - 00000000 ____D C:\Program Files\ZHPFix
2017-04-11 18:09 - 2017-04-11 18:17 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ZHP
2017-04-10 22:13 - 2017-04-10 22:13 - 00002060 _____ C:\Users\Public\Desktop\MorphVOX Jr.lnk
2017-04-10 22:13 - 2017-04-10 22:13 - 00000000 ____D C:\Users\yess\AppData\Roaming\Screaming Bee
2017-04-10 22:13 - 2017-04-10 22:13 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Screaming Bee
2017-04-10 22:13 - 2017-04-10 22:13 - 00000000 ____D C:\Program Files\Screaming Bee
2017-04-10 21:52 - 2017-04-10 21:52 - 00054696 _____ C:\Windows\system32\Drivers\voxaldriverx86.sys
2017-04-10 21:52 - 2017-04-10 21:52 - 00001078 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Voxal Voice Changer.lnk
2017-04-10 21:52 - 2017-04-10 21:52 - 00000000 ____D C:\Users\yess\AppData\Roaming\NCH Software
2017-04-10 21:52 - 2017-04-10 21:52 - 00000000 ____D C:\ProgramData\NCH Software
2017-04-10 21:52 - 2017-04-10 21:52 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NCH Software Suite
2017-04-10 21:52 - 2017-04-10 21:52 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Audio Related Programs
2017-04-10 20:37 - 2017-04-10 20:37 - 00161216 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMChameleon.sys
2017-04-10 20:37 - 2017-04-10 20:37 - 00096704 _____ (Malwarebytes) C:\Windows\system32\Drivers\farflt.sys
2017-04-10 20:37 - 2017-04-10 20:37 - 00064288 _____ (Malwarebytes) C:\Windows\system32\Drivers\mwac.sys
2017-04-10 20:36 - 2017-04-12 18:08 - 00220088 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2017-04-10 20:36 - 2017-04-12 18:07 - 00059904 _____ C:\Windows\system32\Drivers\mbae.sys
2017-04-10 20:36 - 2017-04-10 20:36 - 00039360 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbam.sys
2017-04-10 20:36 - 2017-04-10 20:36 - 00002024 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2017-04-10 20:36 - 2017-04-10 20:36 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes
2017-04-10 20:36 - 2017-04-10 20:36 - 00000000 ____D C:\Program Files\Malwarebytes
2017-04-10 20:20 - 2017-04-10 20:20 - 00000000 ____D C:\Users\yess\Documents\Nouveau dossier
2017-04-10 20:16 - 2017-04-10 20:17 - 00000000 _____ C:\Users\yess\Downloads\adwcleaner_6.045 (1).exe
2017-04-10 20:15 - 2017-04-10 20:15 - 00000000 _____ C:\Users\yess\Desktop\adwcleaner_6.045.exe
2017-04-10 20:14 - 2017-04-10 20:23 - 00000000 _____ C:\Users\yess\Downloads\adwcleaner_6.045.exe
2017-04-10 19:56 - 2017-04-10 20:23 - 00000000 _____ C:\Users\yess\Downloads\zhpcleaner_2016.12.24.222 (3).exe
2017-04-10 19:55 - 2017-04-10 19:59 - 00000000 _____ C:\Users\yess\Downloads\zhpcleaner_2016.12.24.222 (2).exe
2017-04-10 19:48 - 2017-04-10 19:54 - 00000000 _____ C:\Users\yess\Downloads\zhpcleaner_2016.12.24.222 (1).exe
2017-04-10 19:43 - 2017-04-10 19:44 - 00000000 _____ C:\Users\yess\Downloads\zhpcleaner_2016.12.24.222.exe
2017-04-10 00:46 - 2017-04-10 00:46 - 00004111 _____ C:\Users\yess\Desktop\UsbFix_Report.txt
2017-04-10 00:43 - 2017-04-10 00:43 - 00008192 ____H C:\Users\Public\amjlggswgbswlnjbnzjdueelcnculhuf
2017-04-10 00:43 - 2017-04-10 00:43 - 00005120 ____H C:\Users\Public\amnfhldbwdclcjwyhpepjeupgnwgjfdg
2017-04-10 00:43 - 2017-04-10 00:43 - 00004608 ____H C:\Users\yess\Documents\amnfhldbwdclcjwyhpepjeupgnwgjfdg
2017-04-10 00:43 - 2017-04-10 00:43 - 00000498 _____ C:\Users\Public\addin.0
2017-04-10 00:43 - 2017-04-10 00:43 - 00000087 ____H C:\Users\yess\Documents\amsnlnujsbzusebleunwfelcsznhfbys
2017-04-10 00:43 - 2017-04-10 00:43 - 00000000 ____D C:\Users\yess\Documents\XLSTAT
2017-04-10 00:43 - 2017-04-10 00:43 - 00000000 ____D C:\ProgramData\addin
2017-04-09 23:12 - 2017-04-09 23:12 - 00001984 _____ C:\Users\Public\Desktop\XLSTAT 2017.lnk
2017-04-09 23:12 - 2017-04-09 23:12 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Addinsoft
2017-04-09 23:11 - 2017-04-09 23:11 - 00000000 ____D C:\Users\yess\AppData\Roaming\ADDINSOFT
2017-04-09 23:11 - 2017-04-09 23:11 - 00000000 ____D C:\Program Files\Addinsoft
2017-04-09 22:45 - 2017-04-10 00:47 - 00000000 _____ C:\Users\yess\Downloads\xlstat.exe
2017-04-09 21:57 - 2017-04-09 21:57 - 00082801 _____ C:\Users\yess\Downloads\Une nouvelle typologie de l’image de marque_Korchia.pdf
2017-04-09 21:56 - 2017-04-09 21:57 - 01448722 _____ C:\Users\yess\Downloads\These Korchia.pdf
2017-04-09 21:56 - 2017-04-09 21:56 - 00554225 _____ C:\Users\yess\Downloads\L'etude quali.pdf
2017-04-09 21:35 - 2017-04-12 18:10 - 00000000 ____D C:\Users\yess\AppData\Roaming\ZHP
2017-04-09 21:35 - 2017-04-09 21:37 - 00000000 ____D C:\Users\yess\AppData\Local\ZHP
2017-04-09 21:34 - 2017-04-10 13:52 - 00000000 _____ C:\Users\yess\Downloads\ZHPDiag3.exe
2017-04-08 22:53 - 2017-04-08 22:54 - 00859097 _____ C:\Users\yess\Downloads\537f0f32a3c38.pdf
2017-04-08 21:52 - 2017-04-10 00:47 - 00000000 _____ C:\Users\yess\Downloads\UsbFix_9.042.exe
2017-04-07 23:49 - 2017-04-07 23:49 - 00237256 _____ C:\Users\yess\Documents\cc_20170407_234928.reg
2017-04-07 20:58 - 2017-04-10 00:47 - 00000000 _____ C:\Users\yess\Downloads\clamwin-0.99.1-setup.exe
2017-04-07 20:52 - 2017-04-07 20:51 - 08001698 _____ C:\Users\yess\Desktop\marketing-strategique-et-operationnel-lAMBIN.pdf
2017-04-07 20:52 - 2017-04-07 20:51 - 01561305 _____ C:\Users\yess\Desktop\Tableaux et figures seance 5.pdf
2017-04-07 20:50 - 2017-04-07 20:51 - 08001698 _____ C:\Users\yess\Downloads\marketing-strategique-et-operationnel-lAMBIN.pdf
2017-04-07 20:50 - 2017-04-07 20:51 - 01561305 _____ C:\Users\yess\Downloads\Tableaux et figures seance 5.pdf
2017-04-06 01:10 - 2017-04-07 19:37 - 135706696 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2017-04-06 01:03 - 2017-04-10 00:47 - 00000000 _____ C:\Users\yess\Downloads\Windows-KB890830-V5.46.exe
2017-04-06 00:12 - 2017-04-06 00:12 - 00013150 _____ C:\ComboFix.txt
2017-04-05 23:59 - 2017-04-06 00:12 - 00000000 ____D C:\Qoobox
2017-04-05 23:59 - 2011-06-26 08:45 - 00256000 _____ C:\Windows\PEV.exe
2017-04-05 23:59 - 2010-11-07 19:20 - 00208896 _____ C:\Windows\MBR.exe
2017-04-05 23:59 - 2009-04-20 06:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
2017-04-05 23:59 - 2000-08-31 02:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
2017-04-05 23:59 - 2000-08-31 02:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe
2017-04-05 23:59 - 2000-08-31 02:00 - 00098816 _____ C:\Windows\sed.exe
2017-04-05 23:59 - 2000-08-31 02:00 - 00080412 _____ C:\Windows\grep.exe
2017-04-05 23:59 - 2000-08-31 02:00 - 00068096 _____ C:\Windows\zip.exe
2017-04-05 23:58 - 2017-04-06 00:12 - 00000000 ____D C:\Windows\erdnt
2017-04-05 22:54 - 2017-04-05 22:54 - 00000000 _____ C:\Users\yess\sfc
2017-04-05 21:55 - 2017-04-10 13:52 - 00000000 ____D C:\UsbFix
2017-04-05 21:55 - 2017-04-05 21:55 - 00001448 _____ C:\Users\yess\Desktop\UsbFix.lnk
2017-04-05 21:55 - 2017-04-05 21:55 - 00000000 _____ C:\Users\yess\Downloads\UsbFix_9.41 (1).exe
2017-04-05 21:46 - 2017-04-10 00:45 - 00000000 ___HD C:\boots
2017-04-05 21:22 - 2017-04-05 21:47 - 00000000 _____ C:\Users\yess\Downloads\UsbFix_9.41.exe
2017-04-05 21:14 - 2017-03-31 23:51 - 01172930 _____ C:\Users\yess\Desktop\Methodologie_G3 corrigee.pptx
2017-04-05 02:29 - 2017-04-05 02:36 - 00635685 _____ C:\Users\yess\Desktop\analyse Antitache (2).pptx
2017-04-04 22:51 - 2017-04-04 22:33 - 00630844 _____ C:\Users\yess\Desktop\analyse Antitache.pptx
2017-04-04 22:33 - 2017-04-05 02:36 - 00635685 _____ C:\Users\yess\Downloads\analyse Antitache.pptx
2017-04-03 23:24 - 2017-04-03 23:52 - 00076038 _____ C:\Users\yess\Desktop\pub assurance.pptx
2017-03-31 23:50 - 2017-03-31 23:51 - 01172930 _____ C:\Users\yess\Downloads\Methodologie_G3 corrigee.pptx
2017-03-31 22:13 - 2017-03-31 22:13 - 00243677 _____ C:\Users\yess\Downloads\ENSMMARKETING-02042017.docx_1490210006593.pdf
2017-03-31 21:43 - 2017-03-31 21:43 - 00852786 _____ C:\Users\yess\Downloads\3-le produit et la promotion.pptx
2017-03-31 21:16 - 2017-03-31 21:16 - 00000000 ____D C:\Users\yess\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Zoom
2017-03-31 14:52 - 2017-03-31 14:52 - 00248812 _____ C:\Users\yess\Downloads\BJVM-June-2010-p.65-80.pdf
2017-03-31 00:08 - 2017-03-31 21:16 - 00000000 ____D C:\Users\yess\AppData\Roaming\Zoom
2017-03-31 00:07 - 2017-04-05 21:47 - 00000000 _____ C:\Users\yess\Downloads\Zoom_launcher.exe
2017-03-30 23:47 - 2017-03-30 23:59 - 01168615 _____ C:\Users\yess\Desktop\metho et grille d_entretien, image de marque de BMW.pptx
2017-03-30 23:47 - 2017-03-30 23:47 - 01141291 _____ C:\Users\yess\Downloads\metho et grille d_entretien, image de marque de BMW.pptx
2017-03-30 22:15 - 2017-03-30 22:15 - 00122807 _____ C:\Users\yess\Desktop\metho et grille d'entretien, image de marque de BMW.pptx
2017-03-14 22:45 - 2017-03-14 22:44 - 00714580 _____ C:\Users\yess\Desktop\cours de communication séance 1.pdf
2017-03-14 22:43 - 2017-03-14 22:44 - 03684955 _____ C:\Users\yess\Downloads\Gordon C. Bruner, II..-Marketing scales handbook _ Vol 6 echelles de mesures compotement du conso et recherches pubs.pdf
2017-03-14 22:43 - 2017-03-14 22:44 - 00714580 _____ C:\Users\yess\Downloads\cours de communication séance 1.pdf
2017-03-14 22:40 - 2017-03-14 22:41 - 07661546 _____ C:\Users\yess\Downloads\Gordon C. Bruner, II.-Marketing scales handbook _Vol5 (1).pdf

==================== Un mois - Modifiés - fichiers et dossiers ========

(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)

2017-04-12 19:12 - 2015-03-14 17:59 - 00000000 ____D C:\Users\yess\AppData\Roaming\DMCache
2017-04-12 19:03 - 2014-12-25 17:53 - 00000000 ____D C:\Users\yess\AppData\Roaming\Skype
2017-04-12 17:59 - 2009-07-14 06:34 - 00017248 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2017-04-12 17:59 - 2009-07-14 06:34 - 00017248 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2017-04-12 17:52 - 2015-01-11 18:19 - 00065536 _____ C:\Windows\system32\Ikeext.etl
2017-04-12 17:52 - 2009-07-14 06:53 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2017-04-12 17:47 - 2015-03-14 17:59 - 00000000 ____D C:\Users\yess\Downloads\Compressed
2017-04-12 09:36 - 2015-12-05 16:17 - 00000000 ____D C:\Users\yess\Desktop\confection
2017-04-11 23:47 - 2014-09-10 17:32 - 00802904 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
2017-04-11 23:47 - 2014-09-10 17:32 - 00144472 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl
2017-04-11 23:47 - 2014-09-06 21:30 - 00000000 ____D C:\Windows\system32\Macromed
2017-04-10 22:13 - 2015-12-14 21:16 - 00000000 ____D C:\ProgramData\Package Cache
2017-04-10 22:13 - 2009-07-14 04:37 - 00000000 ____D C:\Windows\inf
2017-04-10 20:55 - 2016-01-31 18:36 - 00000000 ____D C:\Program Files\Amazon
2017-04-10 20:36 - 2015-09-30 19:45 - 00000000 ____D C:\ProgramData\Malwarebytes
2017-04-10 20:19 - 2015-09-30 19:38 - 00000000 ____D C:\AdwCleaner
2017-04-10 20:18 - 2015-12-07 19:57 - 00000000 ____D C:\Users\yess\AppData\Roaming\IDM
2017-04-10 19:31 - 2009-07-14 04:37 - 00000000 ____D C:\Windows\tracing
2017-04-10 00:46 - 2014-07-22 20:55 - 01667292 _____ C:\Windows\system32\PerfStringBackup.INI
2017-04-10 00:46 - 2009-07-27 12:41 - 00746916 _____ C:\Windows\system32\perfh00C.dat
2017-04-10 00:46 - 2009-07-27 12:41 - 00149440 _____ C:\Windows\system32\perfc00C.dat
2017-04-09 23:13 - 2009-07-14 04:04 - 00000617 _____ C:\Windows\win.ini
2017-04-09 23:11 - 2014-09-04 17:07 - 00000000 ___HD C:\Program Files\InstallShield Installation Information
2017-04-09 21:59 - 2017-03-03 00:37 - 00000000 ____D C:\Users\yess\Desktop\etude image de marque BMW
2017-04-09 01:12 - 2014-10-08 17:44 - 00000000 ____D C:\Users\yess\AppData\Local\ElevatedDiagnostics
2017-04-07 23:52 - 2016-02-26 21:42 - 00000000 ____D C:\Users\yess\AppData\Roaming\TS3Client
2017-04-07 23:52 - 2014-07-23 06:37 - 00000000 ____D C:\Windows\Panther
2017-04-07 23:52 - 2009-07-14 04:37 - 00000000 ____D C:\Windows\ModemLogs
2017-04-06 21:33 - 2014-07-22 20:52 - 00001126 _____ C:\Users\yess\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2017-04-06 00:12 - 2016-11-26 22:23 - 00000000 ____D C:\Users\yess\Desktop\Bases_finales
2017-04-06 00:10 - 2009-07-14 04:04 - 00000215 _____ C:\Windows\system.ini
2017-04-06 00:08 - 2009-07-14 04:03 - 45875200 _____ C:\Windows\system32\config\software.bak
2017-04-06 00:08 - 2009-07-14 04:03 - 17039360 _____ C:\Windows\system32\config\system.bak
2017-04-06 00:08 - 2009-07-14 04:03 - 00262144 _____ C:\Windows\system32\config\security.bak
2017-04-06 00:08 - 2009-07-14 04:03 - 00262144 _____ C:\Windows\system32\config\sam.bak
2017-04-06 00:08 - 2009-07-14 04:03 - 00262144 _____ C:\Windows\system32\config\default.bak
2017-04-06 00:05 - 2014-09-07 18:08 - 00000000 ____D C:\ProgramData\TEMP
2017-04-05 22:54 - 2014-07-22 20:51 - 00000000 ____D C:\Users\yess
2017-04-05 21:47 - 2017-03-06 23:25 - 00000000 _____ C:\Users\yess\Downloads\mb3-setup-consumer-3.0.6.1469-1075.exe
2017-04-05 21:47 - 2016-09-28 22:35 - 00000000 ____D C:\Users\yess\Desktop\Selfishnet win 7
2017-04-05 21:47 - 2016-03-27 19:54 - 00000000 _____ C:\Users\yess\Downloads\torbrowser-install-5.5.4_fr.exe
2017-04-05 21:47 - 2015-12-07 18:33 - 00000000 ____D C:\Users\yess\Downloads\IDM
2017-04-05 21:47 - 2015-12-07 18:05 - 00000000 _____ C:\Users\yess\Downloads\idman625build3.exe
2017-04-05 21:47 - 2015-10-27 20:36 - 00000000 ____D C:\Users\yess\Desktop\WinRAR
2017-04-05 21:47 - 2015-10-25 11:54 - 00000000 _____ C:\Users\yess\Desktop\Registration.exe
2017-04-05 21:47 - 2015-10-16 01:25 - 00000000 _____ C:\Users\yess\Downloads\ChromeSetup.exe
2017-04-05 21:47 - 2015-09-30 19:43 - 00000000 _____ C:\Users\yess\Downloads\mbam-setup-2.1.8.1057.exe
2017-04-05 21:47 - 2015-07-08 03:16 - 00000000 _____ C:\Users\yess\Downloads\chromeinstall-8u45.exe
2017-04-05 21:47 - 2015-07-08 02:30 - 00000000 _____ C:\Users\yess\Downloads\setup.exe
2017-04-05 21:47 - 2015-07-03 20:55 - 00000000 _____ C:\Users\yess\Downloads\flashplayer18pp_da_install.exe
2017-04-05 21:47 - 2015-06-02 01:50 - 00000000 _____ C:\Users\yess\Downloads\OverwolfInstaller.exe
2017-04-05 21:47 - 2015-03-26 00:37 - 00000000 _____ C:\Users\yess\Downloads\cdbxp_setup_4.5.4.5306.exe
2017-04-05 21:47 - 2015-03-25 16:22 - 00000000 _____ C:\Users\yess\Downloads\nero-essentials-free_nero_burnlite_10_francais_295676 [1].exe
2017-04-05 21:47 - 2015-03-14 17:56 - 00000000 _____ C:\Users\yess\Downloads\idman623build6.exe
2017-04-05 21:47 - 2015-01-09 19:20 - 00000000 _____ C:\Users\yess\Downloads\Nokia_PC_Suite_fre_web.exe
2017-04-05 21:47 - 2014-12-25 17:45 - 00000000 _____ C:\Users\yess\Downloads\SkypeSetup.exe
2017-04-05 21:46 - 2016-03-27 20:01 - 00000000 ____D C:\ProgramData\Hotspot Shield
2017-04-04 22:23 - 2016-01-29 19:59 - 00002145 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2017-04-04 22:23 - 2016-01-29 19:59 - 00002133 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2017-04-03 21:30 - 2016-11-08 23:51 - 00000000 ____D C:\Users\yess\Desktop\COURS ENSM
2017-04-03 00:11 - 2016-12-25 22:00 - 00000000 ____D C:\Users\yess\Desktop\RESITAS
2017-03-30 22:14 - 2014-09-10 18:04 - 00000000 ____D C:\Users\yess\AppData\Local\Microsoft Help
2017-03-17 21:21 - 2016-01-15 15:53 - 00000000 ____D C:\Users\yess\Desktop\stage caat
2017-03-15 01:09 - 2017-03-08 01:56 - 00000000 ____D C:\Users\yess\Desktop\nett

==================== Fichiers à la racine de certains dossiers =======

2015-07-27 12:03 - 2015-10-17 11:32 - 0000024 _____ () C:\Users\yess\AppData\Roaming\appdataFr25.bin
2015-01-09 22:14 - 2015-02-05 20:19 - 0006656 _____ () C:\Users\yess\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2014-08-01 00:08 - 2016-08-31 01:07 - 0007606 _____ () C:\Users\yess\AppData\Local\resmon.resmoncfg

==================== Bamital & volsnap ======================

(Il n'y a pas de correction automatique pour les fichiers qui ne satisfont pas à la vérification.)

C:\Windows\explorer.exe => Le fichier est signé numériquement
C:\Windows\system32\winlogon.exe => Le fichier est signé numériquement
C:\Windows\system32\wininit.exe => Le fichier est signé numériquement
C:\Windows\system32\svchost.exe => Le fichier est signé numériquement
C:\Windows\system32\services.exe => Le fichier est signé numériquement
C:\Windows\system32\User32.dll => Le fichier est signé numériquement
C:\Windows\system32\userinit.exe => Le fichier est signé numériquement
C:\Windows\system32\rpcss.dll => Le fichier est signé numériquement
C:\Windows\system32\dnsapi.dll => Le fichier est signé numériquement
C:\Windows\system32\Drivers\volsnap.sys => Le fichier est signé numériquement

LastRegBack: 2017-04-06 21:58

==================== Fin de FRST.txt ============================