Publicité
Publicité
Format du document : text/plain
Prévisualisation
Résultats d'analyse de Farbar Recovery Scan Tool (FRST) (x86) Version: 07-12-2016
Exécuté par HAMARD (administrateur) sur HAMARD-AUDOUIN (08-12-2016 10:48:21)
Exécuté depuis C:\Users\HAMARD\Downloads
Profils chargés: HAMARD (Profils disponibles: HAMARD & DefaultAppPool)
Platform: Microsoft Windows 10 Famille Version 1511 (X86) Langue: Français (France)
Internet Explorer Version 11 (Navigateur par défaut: Opera)
Mode d'amorçage: Normal
Tutoriel pour Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processus (Avec liste blanche) =================
(Si un élément est inclus dans le fichier fixlist.txt, le processus sera arrêté. Le fichier ne sera pas déplacé.)
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(CybelSoft) C:\Program Files\ma-config.com\MaConfigAgent.exe
() C:\Program Files\Orange\ma Livebox\dedicarz\DedicarzService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe
( ) C:\Windows\System32\dkabcoms.exe
(Protexis Inc.) C:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe
(RealNetworks, Inc.) C:\Program Files\Online Games Manager\ogmservice.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(PacketVideo) C:\Program Files\Serveur Media\twonkymediaserverwatchdog.exe
() C:\Program Files\Serveur Media\twonkymediaserver.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Update Core\NvBackend.exe
() C:\Program Files\WindowsApps\Microsoft.Messaging_2.15.20002.0_x86__8wekyb3d8bbwe\SkypeHost.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\NisSrv.exe
(Orange) C:\Users\HAMARD\AppData\Roaming\Orange\OrangeInside\OrangeInside.exe
() C:\Program Files\Orange\Orange Installer\OrangeInstaller.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
() C:\Program Files\RocketDock\RocketDock.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner.exe
(Almico Software (www.almico.com)) C:\SpeedFan\speedfan.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MpCmdRun.exe
() C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.1611.3123.0_x86__8wekyb3d8bbwe\Calculator.exe
() C:\Program Files\WindowsApps\Microsoft.People_10.1.3160.0_x86__8wekyb3d8bbwe\PeopleApp.exe
(Opera Software) C:\Program Files\Opera\41.0.2353.69\opera.exe
(Opera Software) C:\Program Files\Opera\41.0.2353.69\opera_crashreporter.exe
(Opera Software) C:\Program Files\Opera\41.0.2353.69\opera.exe
(Opera Software) C:\Program Files\Opera\41.0.2353.69\opera.exe
(Opera Software) C:\Program Files\Opera\41.0.2353.69\opera.exe
(Opera Software) C:\Program Files\Opera\41.0.2353.69\opera.exe
(Microsoft Corporation) C:\Windows\System32\backgroundTaskHost.exe
(Farbar) C:\Users\HAMARD\Downloads\FRST (1).exe
==================== Registre (Avec liste blanche) ====================
(Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé. Le fichier ne sera pas déplacé.)
HKLM\...\Run: [Kernel and Hardware Abstraction Layer] => C:\WINDOWS\KHALMNPR.EXE [76304 2008-02-29] (Logitech, Inc.)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [164152 2016-10-28] (Apple Inc.)
HKU\S-1-5-21-3623109357-3433459825-984393507-1001\...\Run: [RocketDock] => C:\Program Files\RocketDock\RocketDock.exe [495616 2007-09-02] ()
HKU\S-1-5-21-3623109357-3433459825-984393507-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner.exe [6602152 2015-12-08] (Piriform Ltd)
HKU\S-1-5-21-3623109357-3433459825-984393507-1001\...\Run: [Chromium] => c:\users\hamard\appdata\local\chromium\application\chrome.exe [1043456 2016-01-26] (The Chromium Authors)
HKU\S-1-5-21-3623109357-3433459825-984393507-1001\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\WINDOWS\system32\Fliqlo.scr [679936 2016-09-14] (ScreenTime Media)
ShellIconOverlayIdentifiers: [ SkyDrive1] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Users\HAMARD\AppData\Local\Microsoft\OneDrive\17.3.6517.0809\FileSyncShell.dll [2016-09-25] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [ SkyDrive2] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Users\HAMARD\AppData\Local\Microsoft\OneDrive\17.3.6517.0809\FileSyncShell.dll [2016-09-25] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [ SkyDrive3] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Users\HAMARD\AppData\Local\Microsoft\OneDrive\17.3.6517.0809\FileSyncShell.dll [2016-09-25] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [000_OMHOverlayError] -> {6985F9D3-5A54-4C41-BABF-812F79A2B673} => C:\Users\HAMARD\AppData\Local\Le Cloud Orange\overlay\x86\OMHOverlay.dll [2014-12-04] (TODO:)
ShellIconOverlayIdentifiers: [001_OMHOverlayProg] -> {809D24D6-A067-4C51-BF0F-0A60CA722182} => C:\Users\HAMARD\AppData\Local\Le Cloud Orange\overlay\x86\OMHOverlay.dll [2014-12-04] (TODO:)
ShellIconOverlayIdentifiers: [002_OMHOverlayIcon] -> {0D077A21-3DB2-4955-A3AB-D623C9270D9C} => C:\Users\HAMARD\AppData\Local\Le Cloud Orange\overlay\x86\OMHOverlay.dll [2014-12-04] (TODO:)
ShellIconOverlayIdentifiers: [003_OMHOverlayExcl] -> {37FC1C76-E238-4779-B2AC-68DCEA8253C5} => C:\Users\HAMARD\AppData\Local\Le Cloud Orange\overlay\x86\OMHOverlay.dll [2014-12-04] (TODO:)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => Pas de fichier
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Agent Serveur Média.lnk [2016-08-27]
ShortcutTarget: Agent Serveur Média.lnk -> C:\Program Files\Serveur Media\twonkymediaserverconfig.exe (PacketVideo)
Startup: C:\Users\HAMARD\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\SpeedFan.lnk [2016-06-09]
ShortcutTarget: SpeedFan.lnk -> C:\Program Files\SpeedFan\speedfan.exe (Almico Software (www.almico.com))
Startup: C:\Users\HAMARD\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\zSpeedup.lnk [2016-11-22]
ShortcutTarget: zSpeedup.lnk -> C:\Program Files\Avira\System Speedup\Avira.SystemSpeedup.Core.Common.Starter.exe (Pas de fichier)
CHR HKLM\SOFTWARE\Policies\Google: Restriction <======= ATTENTION
==================== Internet (Avec liste blanche) ====================
(Si un élément est inclus dans le fichier fixlist.txt, s'il s'agit d'un élément du Registre, il sera supprimé ou restauré à la valeur par défaut.)
Winsock: Catalog5 07 C:\Program Files\Bonjour\mdnsNSP.dll [122128 2015-08-12] (Apple Inc.)
Hosts: Il y a plus d'un élément dans hosts. Voir la section Hosts de Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{5a411ad2-19bf-48e9-8543-8248d27c28a1}: [DhcpNameServer] 192.168.1.1
Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = www.google.com
HKU\S-1-5-21-3623109357-3433459825-984393507-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://r.orange.fr/r/Oodc_IE_oi_v2?ref=O_OI_defaultPage_IE_odc
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO: HP Print Enhancer -> {0347C33E-8762-4905-BF09-768834316C61} -> C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll [2009-09-20] (Hewlett-Packard Co.)
BHO: Adblock Plus for IE Browser Helper Object -> {FFCB3198-32F3-4E8B-9539-4324694ED664} -> C:\Program Files\Adblock Plus for IE\AdblockPlus32.dll [2014-08-12] (Adblock Plus)
BHO: HP Smart BHO Class -> {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} -> C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll [2009-09-20] (Hewlett-Packard Co.)
Toolbar: HKLM - Pas de nom - {c9a6357b-25cc-4bcf-96c1-78736985d412} - Pas de fichier
Toolbar: HKU\S-1-5-21-3623109357-3433459825-984393507-1001 -> Pas de nom - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - Pas de fichier
FireFox:
========
FF ProfilePath: C:\Users\HAMARD\AppData\Roaming\Mozilla\Firefox\Profiles\gdp5en70.default-1475037732215 [2016-12-04]
FF Homepage: Mozilla\Firefox\Profiles\gdp5en70.default-1475037732215 -> opera.fr
FF HKLM\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF Extension: (HP Smart Web Printing) - C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2013-12-04] [non signé]
FF HKLM\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird => non trouvé(e)
FF HKU\S-1-5-21-3623109357-3433459825-984393507-1001\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF32_23_0_0_207.dll [2016-11-09] ()
FF Plugin: @Google.com/GoogleEarthPlugin -> C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll [2016-10-06] (Google)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.50901.0\npctrl.dll [2016-08-31] ( Microsoft Corporation)
FF Plugin: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation)
FF Plugin: @nvidia.com/3DVision -> C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dv.dll [2014-03-04] (NVIDIA Corporation)
FF Plugin: @nvidia.com/3DVisionStreaming -> C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2014-03-04] (NVIDIA Corporation)
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-07-29] (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-07-29] (Google Inc.)
FF Plugin: @videolan.org/vlc,version=2.1.5 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.2.1 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.2.4 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2016-10-01] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-3623109357-3433459825-984393507-1001: sony.com/MediaGoDetector -> C:\Program Files\Sony\Media Go\npMediaGoDetector.dll [2014-03-24] (Sony Network Entertainment International LLC)
Chrome:
=======
CHR DefaultProfile: Default
CHR DefaultSearchURL: Default -> hxxps://fr.search.yahoo.com/yhs/search?hspart=iry&hsimp=yhs-fullyhosted_003&type=wbf_popjar_16_10_ssg02¶m1=1¶m2=f%3D4%26b%3DChrome%26cc%3Dfr%26pa%3DWincy%26cd%3D2XzuyEtN2Y1L1QzutDtDtC0EzytDtDyDzyzy0AtCyB0Bzz0EtN0D0Tzu0StCyDtAtDtN1L2XzutAtFtCzytFtBtFtDtN1L1Czu1TtN1L1G1B1V1N2Y1L1Qzu2StA0EtC0A0D0C0E0DtGyBzy0F0CtGtC0BtDyEtGtDtAtA0AtG0C0Dzz0AtByCyBzy0A0F0ByB2QtN1M1F1B2Z1V1N2Y1L1Qzu2Szz0D0AtA0AtD0E0FtG0F0BtD0AtGyEtAtCyEtG0AtA0FtBtGzy0AyDzytDzzyE0B0EyByDzy2QtN0A0LzutBtN1B2Z1V1T1S1NzutCyByEtC%26cr%3D1533428982%26a%3Dwbf_popjar_16_10_ssg02%26os_ver%3D10.0%26os%3DWindows%2B10%2BHome&p={searchTerms}
CHR DefaultSearchKeyword: Default -> search provided by yahoo.com
CHR DefaultSuggestURL: Default -> {google:baseSuggestURL}search?client=chrome&hl={language}&q={searchTerms}
CHR Profile: C:\Users\HAMARD\AppData\Local\Google\Chrome\User Data\default [2016-12-08]
CHR Extension: (Paiements via le Chrome Web Store) - C:\Users\HAMARD\AppData\Local\Google\Chrome\User Data\default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-12-08]
CHR Extension: (Chrome Media Router) - C:\Users\HAMARD\AppData\Local\Google\Chrome\User Data\default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2016-11-22]
CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx
CHR HKU\S-1-5-21-3623109357-3433459825-984393507-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [Äÿ] -
Opera:
=======
OPR Extension: (Ghostery) - C:\Users\HAMARD\AppData\Roaming\Opera Software\Opera Stable\Extensions\bbkekonodcdmedgffkkbgmnnekbainbg [2016-10-28]
==================== Services (Avec liste blanche) ====================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
R2 Dedicarz Service; C:\Program Files\Orange\ma Livebox\dedicarz\DedicarzService.exe [1970544 2014-09-15] () [Fichier non signé]
R2 dkab_device; C:\Windows\system32\DKabcoms.exe [593920 2012-10-02] ( ) [Fichier non signé]
R3 hpqcxs08; C:\Program Files\HP\Digital Imaging\bin\hpqcxs08.dll [249344 2009-09-20] (Hewlett-Packard Co.) [Fichier non signé]
R2 hpqddsvc; C:\Program Files\HP\Digital Imaging\bin\hpqddsvc.dll [133120 2009-09-20] (Hewlett-Packard Co.) [Fichier non signé]
R2 HPSLPSVC; C:\Program Files\HP\Digital Imaging\bin\HPSLPSVC32.DLL [694784 2009-09-20] (Hewlett-Packard Co.) [Fichier non signé]
R2 MaConfigAgent; C:\Program Files\ma-config.com\MaConfigAgent.exe [2117448 2014-06-24] (CybelSoft)
R2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [44032 2010-08-06] (Hewlett-Packard) [Fichier non signé]
U2 NvNetworkService; C:\Program Files\NVIDIA Corporation\NetService\NvNetworkService.exe [1593632 2014-02-05] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [15904544 2014-02-05] (NVIDIA Corporation)
R2 ogmservice; C:\Program Files\Online Games Manager\ogmservice.exe [582544 2016-07-13] (RealNetworks, Inc.)
S2 Orange update Core Service; C:\Program Files\Orange\OrangeUpdate\Service\OUCore.exe [734488 2016-08-29] (Orange SA)
R2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [53760 2010-08-06] (Hewlett-Packard) [Fichier non signé]
R2 Serveur Média; C:\Program Files\Serveur Media\twonkymediaserverwatchdog.exe [501336 2010-12-14] (PacketVideo)
S3 Sony PC Companion; C:\Program Files\Sony\Sony PC Companion\PCCService.exe [155520 2015-06-10] (Avanquest Software)
R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [280376 2015-10-30] (Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23264 2016-09-07] (Microsoft Corporation)
===================== Pilotes (Avec liste blanche) ======================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
R1 CFRMD; C:\WINDOWS\System32\DRIVERS\CFRMD.sys [35064 2013-05-07] (Windows (R) Win 7 DDK provider)
S3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus.sys [108032 2016-04-24] (Samsung Electronics Co., Ltd.)
R0 giveio; C:\WINDOWS\System32\giveio.sys [5248 1996-04-03] () [Fichier non signé]
R1 HMD; C:\WINDOWS\System32\DRIVERS\hmd.sys [15400 2013-10-07] ()
S3 ivusb; C:\WINDOWS\System32\drivers\ivusb.sys [25112 2010-07-29] (Initio Corporation)
R3 LUsbFilt; C:\WINDOWS\System32\Drivers\LUsbFilt.Sys [28944 2008-02-29] (Logitech, Inc.)
S3 ma-config_x86; C:\Program Files\ma-config.com\Drivers\ma-config_x86.sys [16160 2014-02-24] (CybelSoft)
R1 MpKslDrv; C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{E4EBEDD0-71CC-48C0-BA93-EC88BBBACD04}\MpKslDrv.sys [39168 2016-12-08] (Microsoft Corporation)
R2 npf; C:\WINDOWS\System32\drivers\npf.sys [35088 2011-02-11] (CACE Technologies, Inc.)
R3 nvvad_WaveExtensible; C:\WINDOWS\system32\drivers\nvvad32v.sys [34080 2013-12-27] (NVIDIA Corporation)
S3 Ps2; C:\WINDOWS\System32\DRIVERS\PS2.sys [19072 2005-12-12] (Hewlett-Packard Company) [Fichier non signé]
R3 rt640x86; C:\WINDOWS\System32\drivers\rt640x86.sys [494080 2015-10-30] (Realtek )
R0 speedfan; C:\WINDOWS\System32\speedfan.sys [5248 2006-09-24] (Windows (R) 2000 DDK provider) [Fichier non signé]
S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [199936 2016-04-24] (Samsung Electronics Co., Ltd.)
S3 ssudserd; C:\WINDOWS\system32\DRIVERS\ssudserd.sys [192944 2015-12-08] (DEVGURU Co., LTD.(www.devguru.co.kr))
S0 WdBoot; C:\WINDOWS\System32\drivers\WdBoot.sys [37400 2015-10-30] (Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\WdFilter.sys [246104 2015-10-30] (Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [98648 2015-10-30] (Microsoft Corporation)
R3 WUDFWpdMtp; C:\WINDOWS\system32\DRIVERS\WUDFRd.sys [163328 2015-10-30] (Microsoft Corporation)
U0 aswVmm; pas de ImagePath
U3 idsvc; pas de ImagePath
U3 wpcsvc; pas de ImagePath
==================== NetSvcs (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
==================== Un mois - Créés - fichiers et dossiers ========
(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)
2016-12-08 10:48 - 2016-12-08 10:50 - 00017794 _____ C:\Users\HAMARD\Downloads\FRST.txt
2016-12-08 10:46 - 2016-12-08 10:48 - 00001055 _____ C:\Users\HAMARD\Desktop\FRST (1).exe - Raccourci.lnk
2016-12-08 10:45 - 2016-12-08 10:48 - 01761792 _____ (Farbar) C:\Users\HAMARD\Downloads\FRST (1).exe
2016-12-08 08:58 - 2016-12-08 08:58 - 05741448 _____ (Microsoft Corporation) C:\Users\HAMARD\Downloads\Windows10Upgrade28084.exe
2016-12-08 06:57 - 2016-12-08 06:57 - 05741448 _____ (Microsoft Corporation) C:\Users\HAMARD\Desktop\Windows10Upgrade28084 (1).exe
2016-12-07 18:26 - 2016-12-08 10:33 - 00000036 _____ C:\WINDOWS\progress.ini
2016-12-07 17:43 - 2016-12-08 10:36 - 00000000 ___HD C:\$GetCurrent
2016-12-07 17:43 - 2016-12-08 10:36 - 00000000 ____D C:\Windows10Upgrade
2016-12-07 17:43 - 2016-12-08 08:58 - 00000731 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Assistant Mise à niveau de Windows 10.lnk
2016-12-07 17:43 - 2016-12-08 08:58 - 00000719 _____ C:\Users\HAMARD\Desktop\Assistant Mise à niveau de Windows 10.lnk
2016-12-07 17:43 - 2016-12-07 17:43 - 05741448 _____ (Microsoft Corporation) C:\Users\HAMARD\Desktop\Windows10Upgrade28084.exe
2016-12-07 06:08 - 2016-12-08 10:48 - 00000000 ____D C:\FRST
2016-12-07 06:07 - 2016-12-07 06:07 - 01761792 _____ (Farbar) C:\Users\HAMARD\Downloads\FRST.exe
2016-11-28 18:29 - 2016-11-28 18:29 - 04522568 _____ (Avira Operations GmbH & Co. KG) C:\Users\HAMARD\Downloads\avira_fr_av_583c64419627a__ws.exe
2016-11-28 18:27 - 2016-11-28 18:27 - 89909775 _____ C:\Users\HAMARD\Downloads\avast-win32.exe
2016-11-28 18:22 - 2016-11-28 18:23 - 01522312 _____ ( ) C:\Users\HAMARD\Downloads\avast.exe
2016-11-22 13:25 - 2016-11-22 13:25 - 00000000 ____D C:\Users\HAMARD\AppData\Local\AviraSpeedup
2016-11-22 13:03 - 2016-11-28 19:22 - 00000000 ____D C:\Users\HAMARD\AppData\Local\Avira
2016-11-22 12:28 - 2016-11-22 12:28 - 00000000 ____H C:\WINDOWS\system32\Drivers\Msft_Kernel_avusbflt_01011.Wdf
2016-11-22 12:19 - 2016-11-28 19:23 - 00000000 ____D C:\Program Files\Avira
2016-11-22 12:19 - 2016-11-22 12:19 - 04520336 _____ (Avira Operations GmbH & Co. KG) C:\Users\HAMARD\Downloads\avira_fr_fass0_583424c22493b__ws.exe
2016-11-22 12:17 - 2016-11-22 12:17 - 06334848 _____ (AVAST Software) C:\Users\HAMARD\Downloads\avast_free_antivirus_setup_online_b0k (1).exe
2016-11-22 12:07 - 2016-11-22 12:07 - 06334848 _____ (AVAST Software) C:\Users\HAMARD\Downloads\avast_free_antivirus_setup_online_b0k.exe
2016-11-22 08:39 - 2016-11-22 08:39 - 00001822 _____ C:\Users\Public\Desktop\iTunes.lnk
2016-11-22 08:38 - 2016-11-22 08:39 - 00000000 ____D C:\Program Files\iTunes
2016-11-22 08:38 - 2016-11-22 08:38 - 00000000 ____D C:\Program Files\iPod
2016-11-22 08:32 - 2016-11-22 08:32 - 00000000 ____D C:\Program Files\Apple Software Update
2016-11-22 08:08 - 2016-12-08 09:58 - 00002378 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-11-22 08:08 - 2016-12-08 09:58 - 00002366 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2016-11-22 07:57 - 2016-11-22 07:56 - 00921280 _____ (Microsoft Corporation) C:\WINDOWS\ucrtbase.dll
2016-11-22 07:55 - 2016-11-22 12:17 - 00000000 ____D C:\ProgramData\AVAST Software
2016-11-22 07:20 - 2016-11-22 07:55 - 06334848 _____ (AVAST Software) C:\Users\HAMARD\Downloads\avast_free_antivirus_setup.exe
2016-11-20 07:15 - 2016-11-20 07:19 - 19683152 _____ C:\Users\HAMARD\Downloads\drive-download-20161120T061502Z.zip
2016-11-17 08:35 - 2016-11-17 08:35 - 00248966 _____ C:\Users\HAMARD\Downloads\docapost_061560611002330401612015-12-088482969166991025448.pdf
2016-11-17 08:20 - 2016-11-17 08:20 - 00248966 _____ C:\Users\HAMARD\Downloads\docapost_061560611002330401612015-12-082532963687965381498.pdf
2016-11-17 08:06 - 2016-11-17 08:06 - 00183333 _____ C:\Users\HAMARD\Downloads\fiche_[B@5dbd5ec3356023026758626080.pdf
2016-11-17 08:06 - 2016-11-17 08:06 - 00183333 _____ C:\Users\HAMARD\Downloads\fiche_[B@41603b2c8973873643925354739.pdf
2016-11-17 08:04 - 2016-11-17 08:04 - 00248966 _____ C:\Users\HAMARD\Downloads\docapost_061560611002330401612015-12-08153950601055344591.pdf
2016-11-14 08:16 - 2016-11-30 17:59 - 00000000 ____D C:\Users\HAMARD\Documents\monAlbumPhoto
2016-11-10 06:46 - 2016-11-10 06:46 - 00002179 _____ C:\Users\Public\Desktop\Google Earth.lnk
2016-11-10 06:46 - 2016-11-10 06:46 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Earth
2016-11-08 14:43 - 2016-11-08 14:43 - 00023843 _____ C:\Users\HAMARD\Downloads\DetailRS.pdf
2016-11-08 06:01 - 2016-11-23 19:14 - 00000000 ____D C:\ProgramData\albumphoto
2016-11-08 06:01 - 2016-11-14 06:23 - 00001094 _____ C:\Users\HAMARD\Desktop\monAlbumPhoto.lnk
2016-11-08 06:01 - 2016-11-14 06:23 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\monAlbumPhoto
2016-11-08 06:01 - 2016-11-14 06:23 - 00000000 ____D C:\Program Files\monAlbumPhoto
2016-11-08 06:00 - 2016-11-08 06:01 - 31579944 _____ (monAlbumPhoto ) C:\Users\HAMARD\Downloads\monAlbumPhoto_Setupalt.exe
==================== Un mois - Modifiés - fichiers et dossiers ========
(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)
2016-12-08 10:49 - 2015-05-18 05:39 - 00001094 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA1d09124b13a4c55.job
2016-12-08 10:44 - 2014-07-09 05:13 - 00001058 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2016-12-08 10:36 - 2015-12-19 08:45 - 00001908 _____ C:\WINDOWS\diagwrn.xml
2016-12-08 10:36 - 2015-12-19 08:45 - 00001908 _____ C:\WINDOWS\diagerr.xml
2016-12-08 10:12 - 2013-11-17 11:23 - 00001002 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2016-12-08 08:33 - 2015-10-30 06:48 - 00000000 ___HD C:\Program Files\WindowsApps
2016-12-08 08:33 - 2015-10-30 06:48 - 00000000 ____D C:\WINDOWS\AppReadiness
2016-12-08 08:26 - 2014-05-29 06:09 - 00000000 ____D C:\SpeedFan
2016-12-08 08:25 - 2016-08-27 14:56 - 00000000 ____D C:\ProgramData\Serveur Média
2016-12-08 08:24 - 2015-02-05 13:32 - 00001090 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore1d0413fd4a3e400.job
2016-12-08 08:24 - 2014-07-09 05:13 - 00001054 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2016-12-08 08:23 - 2016-08-27 14:56 - 00000000 ____D C:\Program Files\Serveur Media
2016-12-08 08:23 - 2015-12-19 13:58 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2016-12-08 08:23 - 2015-12-19 13:29 - 00000000 ____D C:\ProgramData\NVIDIA
2016-12-08 08:22 - 2015-10-30 06:13 - 00524288 ___SH C:\WINDOWS\system32\config\BBI
2016-12-05 16:45 - 2015-07-18 16:13 - 00000000 ____D C:\Users\HAMARD\AppData\Local\CrashDumps
2016-12-05 12:28 - 2015-03-16 17:27 - 00000000 ____D C:\Users\HAMARD\Documents\AVS Cécile
2016-12-05 06:57 - 2016-04-28 07:22 - 00000000 ____D C:\Users\HAMARD\Documents\VITO
2016-12-05 06:27 - 2015-08-30 07:43 - 00000000 ____D C:\Users\HAMARD\Documents\50 ans
2016-12-05 06:27 - 2014-02-22 08:06 - 00000000 ____D C:\Users\HAMARD\Documents\Administratif
2016-12-05 06:26 - 2014-06-24 05:32 - 00000000 ____D C:\Users\HAMARD\Documents\Dossier Lea
2016-12-04 10:04 - 2015-12-19 13:33 - 02093102 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2016-12-04 10:04 - 2015-10-30 16:07 - 00917988 _____ C:\WINDOWS\system32\perfh00C.dat
2016-12-04 10:04 - 2015-10-30 16:07 - 00191548 _____ C:\WINDOWS\system32\perfc00C.dat
2016-12-04 10:04 - 2015-10-30 06:47 - 00000000 ____D C:\WINDOWS\INF
2016-12-04 09:57 - 2015-01-12 17:06 - 00000000 ____D C:\Users\HAMARD\AppData\Roaming\vlc
2016-12-04 09:26 - 2014-10-28 07:34 - 00000000 ____D C:\Users\HAMARD\Documents\Groupe musique
2016-12-04 08:18 - 2016-09-28 05:56 - 00000000 ____D C:\Program Files\Opera
2016-12-04 08:16 - 2015-10-30 06:48 - 00000000 ____D C:\WINDOWS\system32\NDF
2016-12-04 07:54 - 2015-12-19 13:35 - 00000000 ____D C:\Users\HAMARD
2016-12-03 20:12 - 2016-10-10 05:46 - 00001064 _____ C:\WINDOWS\Tasks\Adobe Flash Player PPAPI Notifier.job
2016-12-02 22:49 - 2016-09-01 11:44 - 00000000 ____D C:\Program Files\Mozilla Thunderbird
2016-12-02 22:48 - 2015-06-27 04:51 - 00170200 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2016-12-02 21:42 - 2014-09-17 05:13 - 00000000 ____D C:\Users\HAMARD\Documents\Dossier Ambre
2016-12-02 19:23 - 2016-03-20 07:54 - 00000000 ____D C:\Users\HAMARD\AppData\Roaming\ZHP
2016-12-02 19:07 - 2016-03-20 08:26 - 00004735 _____ C:\Users\HAMARD\Desktop\ZHPCleaner.txt
2016-12-01 20:31 - 2016-01-04 18:13 - 00000000 ____D C:\Users\HAMARD\Documents\fliqlo-7468-jetelecharge
2016-11-29 15:18 - 2013-11-17 10:42 - 00111216 _____ C:\Users\HAMARD\AppData\Local\GDIPFONTCACHEV1.DAT
2016-11-28 19:21 - 2014-06-09 11:47 - 00000000 ____D C:\ProgramData\Package Cache
2016-11-28 06:57 - 2015-02-24 17:49 - 00000000 ____D C:\AdwCleaner
2016-11-26 09:17 - 2016-09-28 05:57 - 00001078 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Opera.lnk
2016-11-25 06:48 - 2015-12-19 14:14 - 00000000 ____D C:\Users\HAMARD\AppData\Local\Packages
2016-11-25 06:48 - 2014-12-19 14:23 - 00000000 ____D C:\Program Files\Garmin
2016-11-23 06:26 - 2016-03-10 12:19 - 00000000 ____D C:\Users\HAMARD\AppData\Local\MiniService
2016-11-23 06:26 - 2015-11-30 06:37 - 00000000 ____D C:\Users\HAMARD\AppData\Local\Windows Live Writer
2016-11-23 06:26 - 2013-11-17 09:52 - 00000000 ____D C:\Users\HAMARD\AppData\Local\VirtualStore
2016-11-22 13:00 - 2015-12-19 13:26 - 00414560 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2016-11-22 08:46 - 2016-03-10 12:25 - 00002545 _____ C:\Users\HAMARD\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chromium.lnk
2016-11-22 08:46 - 2016-03-10 12:25 - 00002537 _____ C:\Users\HAMARD\Desktop\Chromium.lnk
2016-11-22 08:39 - 2016-01-17 16:24 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2016-11-22 08:38 - 2014-02-14 12:21 - 00000000 ____D C:\Program Files\Common Files\Apple
2016-11-22 08:32 - 2014-02-14 12:22 - 00002535 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Apple Software Update.lnk
2016-11-22 08:08 - 2014-07-09 05:13 - 00000000 ____D C:\Program Files\Google
2016-11-22 07:22 - 2015-10-30 06:48 - 00000000 ___HD C:\WINDOWS\ELAMBKUP
2016-11-09 07:12 - 2015-10-30 06:48 - 00000000 ____D C:\WINDOWS\system32\Macromed
==================== Fichiers à la racine de certains dossiers =======
2016-03-08 17:30 - 2016-03-08 17:30 - 0001915 _____ () C:\Users\HAMARD\AppData\Roaming\CaltropHighlowSprigCarbohydrate
2015-01-25 17:12 - 2015-01-25 17:12 - 0001248 _____ () C:\Users\HAMARD\AppData\Roaming\HPOUMHK
2015-01-25 17:12 - 2015-01-25 17:12 - 0002086 _____ () C:\Users\HAMARD\AppData\Roaming\HRAQRIR
2015-01-25 17:12 - 2015-01-25 17:12 - 0001248 _____ () C:\Users\HAMARD\AppData\Roaming\NRQXYB
2016-03-08 17:30 - 2016-03-08 17:30 - 0053468 _____ () C:\Users\HAMARD\AppData\Roaming\PSNormalMapInstanced.hlsl
2014-10-07 05:39 - 2014-10-07 05:39 - 0011264 _____ () C:\Users\HAMARD\AppData\Roaming\System.dll
2015-01-20 06:58 - 2015-01-20 07:00 - 0038462 _____ () C:\Users\HAMARD\AppData\Roaming\Valeurs séparées par une virgule (DOS).ADR
2014-11-30 20:45 - 2016-04-04 05:30 - 0000196 _____ () C:\Users\HAMARD\AppData\Roaming\WB.CFG
2015-01-25 17:12 - 2015-01-25 17:12 - 0002086 _____ () C:\Users\HAMARD\AppData\Roaming\ZMC
2015-09-17 08:29 - 2015-09-17 08:29 - 0551424 ____T (MultiMedia Soft) C:\Users\HAMARD\AppData\Roaming\Microsoft\engine_ag.dll
2014-07-18 17:20 - 2016-06-05 18:30 - 0006144 _____ () C:\Users\HAMARD\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2014-12-02 10:01 - 2014-12-02 10:01 - 0000002 _____ () C:\Users\HAMARD\AppData\Local\DSI.DAT
2013-11-18 08:40 - 2013-12-12 20:53 - 0004752 _____ () C:\ProgramData\dkab.log
2013-12-03 15:00 - 2016-05-01 06:32 - 0013027 _____ () C:\ProgramData\hpzinstall.log
Fichiers à déplacer ou supprimer:
====================
C:\Users\HAMARD\hpbcfgre.dll
C:\Users\HAMARD\hpmco155.dll
C:\Users\HAMARD\hpmews01.dat
C:\Users\HAMARD\hpmews01.dll
C:\Users\HAMARD\hpmldm01.dat
C:\Users\HAMARD\hpmldm01.dll
C:\Users\HAMARD\Install.dll
C:\Users\HAMARD\Install.exe
C:\Users\HAMARD\ZHPCleaner.exe
Certains fichiers dans TEMP:
====================
C:\Users\HAMARD\AppData\Local\Temp\sfamcc00001.dll
C:\Users\HAMARD\AppData\Local\Temp\sfareca00001.dll
==================== Bamital & volsnap ======================
(Il n'y a pas de correction automatique pour les fichiers qui ne satisfont pas à la vérification.)
C:\WINDOWS\explorer.exe => Le fichier est signé numériquement
C:\WINDOWS\system32\winlogon.exe => Le fichier est signé numériquement
C:\WINDOWS\system32\wininit.exe => Le fichier est signé numériquement
C:\WINDOWS\system32\svchost.exe => Le fichier est signé numériquement
C:\WINDOWS\system32\services.exe => Le fichier est signé numériquement
C:\WINDOWS\system32\User32.dll => Le fichier est signé numériquement
C:\WINDOWS\system32\userinit.exe => Le fichier est signé numériquement
C:\WINDOWS\system32\rpcss.dll => Le fichier est signé numériquement
C:\WINDOWS\system32\dnsapi.dll => Le fichier est signé numériquement
C:\WINDOWS\system32\Drivers\volsnap.sys => Le fichier est signé numériquement
LastRegBack: 2016-12-03 07:57
==================== Fin de FRST.txt ============================
Exécuté par HAMARD (administrateur) sur HAMARD-AUDOUIN (08-12-2016 10:48:21)
Exécuté depuis C:\Users\HAMARD\Downloads
Profils chargés: HAMARD (Profils disponibles: HAMARD & DefaultAppPool)
Platform: Microsoft Windows 10 Famille Version 1511 (X86) Langue: Français (France)
Internet Explorer Version 11 (Navigateur par défaut: Opera)
Mode d'amorçage: Normal
Tutoriel pour Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processus (Avec liste blanche) =================
(Si un élément est inclus dans le fichier fixlist.txt, le processus sera arrêté. Le fichier ne sera pas déplacé.)
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(CybelSoft) C:\Program Files\ma-config.com\MaConfigAgent.exe
() C:\Program Files\Orange\ma Livebox\dedicarz\DedicarzService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe
( ) C:\Windows\System32\dkabcoms.exe
(Protexis Inc.) C:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe
(RealNetworks, Inc.) C:\Program Files\Online Games Manager\ogmservice.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(PacketVideo) C:\Program Files\Serveur Media\twonkymediaserverwatchdog.exe
() C:\Program Files\Serveur Media\twonkymediaserver.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Update Core\NvBackend.exe
() C:\Program Files\WindowsApps\Microsoft.Messaging_2.15.20002.0_x86__8wekyb3d8bbwe\SkypeHost.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\NisSrv.exe
(Orange) C:\Users\HAMARD\AppData\Roaming\Orange\OrangeInside\OrangeInside.exe
() C:\Program Files\Orange\Orange Installer\OrangeInstaller.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
() C:\Program Files\RocketDock\RocketDock.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner.exe
(Almico Software (www.almico.com)) C:\SpeedFan\speedfan.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MpCmdRun.exe
() C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.1611.3123.0_x86__8wekyb3d8bbwe\Calculator.exe
() C:\Program Files\WindowsApps\Microsoft.People_10.1.3160.0_x86__8wekyb3d8bbwe\PeopleApp.exe
(Opera Software) C:\Program Files\Opera\41.0.2353.69\opera.exe
(Opera Software) C:\Program Files\Opera\41.0.2353.69\opera_crashreporter.exe
(Opera Software) C:\Program Files\Opera\41.0.2353.69\opera.exe
(Opera Software) C:\Program Files\Opera\41.0.2353.69\opera.exe
(Opera Software) C:\Program Files\Opera\41.0.2353.69\opera.exe
(Opera Software) C:\Program Files\Opera\41.0.2353.69\opera.exe
(Microsoft Corporation) C:\Windows\System32\backgroundTaskHost.exe
(Farbar) C:\Users\HAMARD\Downloads\FRST (1).exe
==================== Registre (Avec liste blanche) ====================
(Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé. Le fichier ne sera pas déplacé.)
HKLM\...\Run: [Kernel and Hardware Abstraction Layer] => C:\WINDOWS\KHALMNPR.EXE [76304 2008-02-29] (Logitech, Inc.)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [164152 2016-10-28] (Apple Inc.)
HKU\S-1-5-21-3623109357-3433459825-984393507-1001\...\Run: [RocketDock] => C:\Program Files\RocketDock\RocketDock.exe [495616 2007-09-02] ()
HKU\S-1-5-21-3623109357-3433459825-984393507-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner.exe [6602152 2015-12-08] (Piriform Ltd)
HKU\S-1-5-21-3623109357-3433459825-984393507-1001\...\Run: [Chromium] => c:\users\hamard\appdata\local\chromium\application\chrome.exe [1043456 2016-01-26] (The Chromium Authors)
HKU\S-1-5-21-3623109357-3433459825-984393507-1001\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\WINDOWS\system32\Fliqlo.scr [679936 2016-09-14] (ScreenTime Media)
ShellIconOverlayIdentifiers: [ SkyDrive1] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Users\HAMARD\AppData\Local\Microsoft\OneDrive\17.3.6517.0809\FileSyncShell.dll [2016-09-25] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [ SkyDrive2] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Users\HAMARD\AppData\Local\Microsoft\OneDrive\17.3.6517.0809\FileSyncShell.dll [2016-09-25] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [ SkyDrive3] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Users\HAMARD\AppData\Local\Microsoft\OneDrive\17.3.6517.0809\FileSyncShell.dll [2016-09-25] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [000_OMHOverlayError] -> {6985F9D3-5A54-4C41-BABF-812F79A2B673} => C:\Users\HAMARD\AppData\Local\Le Cloud Orange\overlay\x86\OMHOverlay.dll [2014-12-04] (TODO:
ShellIconOverlayIdentifiers: [001_OMHOverlayProg] -> {809D24D6-A067-4C51-BF0F-0A60CA722182} => C:\Users\HAMARD\AppData\Local\Le Cloud Orange\overlay\x86\OMHOverlay.dll [2014-12-04] (TODO:
ShellIconOverlayIdentifiers: [002_OMHOverlayIcon] -> {0D077A21-3DB2-4955-A3AB-D623C9270D9C} => C:\Users\HAMARD\AppData\Local\Le Cloud Orange\overlay\x86\OMHOverlay.dll [2014-12-04] (TODO:
ShellIconOverlayIdentifiers: [003_OMHOverlayExcl] -> {37FC1C76-E238-4779-B2AC-68DCEA8253C5} => C:\Users\HAMARD\AppData\Local\Le Cloud Orange\overlay\x86\OMHOverlay.dll [2014-12-04] (TODO:
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => Pas de fichier
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Agent Serveur Média.lnk [2016-08-27]
ShortcutTarget: Agent Serveur Média.lnk -> C:\Program Files\Serveur Media\twonkymediaserverconfig.exe (PacketVideo)
Startup: C:\Users\HAMARD\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\SpeedFan.lnk [2016-06-09]
ShortcutTarget: SpeedFan.lnk -> C:\Program Files\SpeedFan\speedfan.exe (Almico Software (www.almico.com))
Startup: C:\Users\HAMARD\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\zSpeedup.lnk [2016-11-22]
ShortcutTarget: zSpeedup.lnk -> C:\Program Files\Avira\System Speedup\Avira.SystemSpeedup.Core.Common.Starter.exe (Pas de fichier)
CHR HKLM\SOFTWARE\Policies\Google: Restriction <======= ATTENTION
==================== Internet (Avec liste blanche) ====================
(Si un élément est inclus dans le fichier fixlist.txt, s'il s'agit d'un élément du Registre, il sera supprimé ou restauré à la valeur par défaut.)
Winsock: Catalog5 07 C:\Program Files\Bonjour\mdnsNSP.dll [122128 2015-08-12] (Apple Inc.)
Hosts: Il y a plus d'un élément dans hosts. Voir la section Hosts de Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{5a411ad2-19bf-48e9-8543-8248d27c28a1}: [DhcpNameServer] 192.168.1.1
Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = www.google.com
HKU\S-1-5-21-3623109357-3433459825-984393507-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://r.orange.fr/r/Oodc_IE_oi_v2?ref=O_OI_defaultPage_IE_odc
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO: HP Print Enhancer -> {0347C33E-8762-4905-BF09-768834316C61} -> C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll [2009-09-20] (Hewlett-Packard Co.)
BHO: Adblock Plus for IE Browser Helper Object -> {FFCB3198-32F3-4E8B-9539-4324694ED664} -> C:\Program Files\Adblock Plus for IE\AdblockPlus32.dll [2014-08-12] (Adblock Plus)
BHO: HP Smart BHO Class -> {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} -> C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll [2009-09-20] (Hewlett-Packard Co.)
Toolbar: HKLM - Pas de nom - {c9a6357b-25cc-4bcf-96c1-78736985d412} - Pas de fichier
Toolbar: HKU\S-1-5-21-3623109357-3433459825-984393507-1001 -> Pas de nom - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - Pas de fichier
FireFox:
========
FF ProfilePath: C:\Users\HAMARD\AppData\Roaming\Mozilla\Firefox\Profiles\gdp5en70.default-1475037732215 [2016-12-04]
FF Homepage: Mozilla\Firefox\Profiles\gdp5en70.default-1475037732215 -> opera.fr
FF HKLM\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF Extension: (HP Smart Web Printing) - C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2013-12-04] [non signé]
FF HKLM\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird => non trouvé(e)
FF HKU\S-1-5-21-3623109357-3433459825-984393507-1001\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF32_23_0_0_207.dll [2016-11-09] ()
FF Plugin: @Google.com/GoogleEarthPlugin -> C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll [2016-10-06] (Google)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.50901.0\npctrl.dll [2016-08-31] ( Microsoft Corporation)
FF Plugin: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation)
FF Plugin: @nvidia.com/3DVision -> C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dv.dll [2014-03-04] (NVIDIA Corporation)
FF Plugin: @nvidia.com/3DVisionStreaming -> C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2014-03-04] (NVIDIA Corporation)
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-07-29] (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-07-29] (Google Inc.)
FF Plugin: @videolan.org/vlc,version=2.1.5 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.2.1 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.2.4 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2016-10-01] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-3623109357-3433459825-984393507-1001: sony.com/MediaGoDetector -> C:\Program Files\Sony\Media Go\npMediaGoDetector.dll [2014-03-24] (Sony Network Entertainment International LLC)
Chrome:
=======
CHR DefaultProfile: Default
CHR DefaultSearchURL: Default -> hxxps://fr.search.yahoo.com/yhs/search?hspart=iry&hsimp=yhs-fullyhosted_003&type=wbf_popjar_16_10_ssg02¶m1=1¶m2=f%3D4%26b%3DChrome%26cc%3Dfr%26pa%3DWincy%26cd%3D2XzuyEtN2Y1L1QzutDtDtC0EzytDtDyDzyzy0AtCyB0Bzz0EtN0D0Tzu0StCyDtAtDtN1L2XzutAtFtCzytFtBtFtDtN1L1Czu1TtN1L1G1B1V1N2Y1L1Qzu2StA0EtC0A0D0C0E0DtGyBzy0F0CtGtC0BtDyEtGtDtAtA0AtG0C0Dzz0AtByCyBzy0A0F0ByB2QtN1M1F1B2Z1V1N2Y1L1Qzu2Szz0D0AtA0AtD0E0FtG0F0BtD0AtGyEtAtCyEtG0AtA0FtBtGzy0AyDzytDzzyE0B0EyByDzy2QtN0A0LzutBtN1B2Z1V1T1S1NzutCyByEtC%26cr%3D1533428982%26a%3Dwbf_popjar_16_10_ssg02%26os_ver%3D10.0%26os%3DWindows%2B10%2BHome&p={searchTerms}
CHR DefaultSearchKeyword: Default -> search provided by yahoo.com
CHR DefaultSuggestURL: Default -> {google:baseSuggestURL}search?client=chrome&hl={language}&q={searchTerms}
CHR Profile: C:\Users\HAMARD\AppData\Local\Google\Chrome\User Data\default [2016-12-08]
CHR Extension: (Paiements via le Chrome Web Store) - C:\Users\HAMARD\AppData\Local\Google\Chrome\User Data\default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-12-08]
CHR Extension: (Chrome Media Router) - C:\Users\HAMARD\AppData\Local\Google\Chrome\User Data\default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2016-11-22]
CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx
CHR HKU\S-1-5-21-3623109357-3433459825-984393507-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [Äÿ] -
Opera:
=======
OPR Extension: (Ghostery) - C:\Users\HAMARD\AppData\Roaming\Opera Software\Opera Stable\Extensions\bbkekonodcdmedgffkkbgmnnekbainbg [2016-10-28]
==================== Services (Avec liste blanche) ====================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
R2 Dedicarz Service; C:\Program Files\Orange\ma Livebox\dedicarz\DedicarzService.exe [1970544 2014-09-15] () [Fichier non signé]
R2 dkab_device; C:\Windows\system32\DKabcoms.exe [593920 2012-10-02] ( ) [Fichier non signé]
R3 hpqcxs08; C:\Program Files\HP\Digital Imaging\bin\hpqcxs08.dll [249344 2009-09-20] (Hewlett-Packard Co.) [Fichier non signé]
R2 hpqddsvc; C:\Program Files\HP\Digital Imaging\bin\hpqddsvc.dll [133120 2009-09-20] (Hewlett-Packard Co.) [Fichier non signé]
R2 HPSLPSVC; C:\Program Files\HP\Digital Imaging\bin\HPSLPSVC32.DLL [694784 2009-09-20] (Hewlett-Packard Co.) [Fichier non signé]
R2 MaConfigAgent; C:\Program Files\ma-config.com\MaConfigAgent.exe [2117448 2014-06-24] (CybelSoft)
R2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [44032 2010-08-06] (Hewlett-Packard) [Fichier non signé]
U2 NvNetworkService; C:\Program Files\NVIDIA Corporation\NetService\NvNetworkService.exe [1593632 2014-02-05] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [15904544 2014-02-05] (NVIDIA Corporation)
R2 ogmservice; C:\Program Files\Online Games Manager\ogmservice.exe [582544 2016-07-13] (RealNetworks, Inc.)
S2 Orange update Core Service; C:\Program Files\Orange\OrangeUpdate\Service\OUCore.exe [734488 2016-08-29] (Orange SA)
R2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [53760 2010-08-06] (Hewlett-Packard) [Fichier non signé]
R2 Serveur Média; C:\Program Files\Serveur Media\twonkymediaserverwatchdog.exe [501336 2010-12-14] (PacketVideo)
S3 Sony PC Companion; C:\Program Files\Sony\Sony PC Companion\PCCService.exe [155520 2015-06-10] (Avanquest Software)
R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [280376 2015-10-30] (Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23264 2016-09-07] (Microsoft Corporation)
===================== Pilotes (Avec liste blanche) ======================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
R1 CFRMD; C:\WINDOWS\System32\DRIVERS\CFRMD.sys [35064 2013-05-07] (Windows (R) Win 7 DDK provider)
S3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus.sys [108032 2016-04-24] (Samsung Electronics Co., Ltd.)
R0 giveio; C:\WINDOWS\System32\giveio.sys [5248 1996-04-03] () [Fichier non signé]
R1 HMD; C:\WINDOWS\System32\DRIVERS\hmd.sys [15400 2013-10-07] ()
S3 ivusb; C:\WINDOWS\System32\drivers\ivusb.sys [25112 2010-07-29] (Initio Corporation)
R3 LUsbFilt; C:\WINDOWS\System32\Drivers\LUsbFilt.Sys [28944 2008-02-29] (Logitech, Inc.)
S3 ma-config_x86; C:\Program Files\ma-config.com\Drivers\ma-config_x86.sys [16160 2014-02-24] (CybelSoft)
R1 MpKslDrv; C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{E4EBEDD0-71CC-48C0-BA93-EC88BBBACD04}\MpKslDrv.sys [39168 2016-12-08] (Microsoft Corporation)
R2 npf; C:\WINDOWS\System32\drivers\npf.sys [35088 2011-02-11] (CACE Technologies, Inc.)
R3 nvvad_WaveExtensible; C:\WINDOWS\system32\drivers\nvvad32v.sys [34080 2013-12-27] (NVIDIA Corporation)
S3 Ps2; C:\WINDOWS\System32\DRIVERS\PS2.sys [19072 2005-12-12] (Hewlett-Packard Company) [Fichier non signé]
R3 rt640x86; C:\WINDOWS\System32\drivers\rt640x86.sys [494080 2015-10-30] (Realtek )
R0 speedfan; C:\WINDOWS\System32\speedfan.sys [5248 2006-09-24] (Windows (R) 2000 DDK provider) [Fichier non signé]
S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [199936 2016-04-24] (Samsung Electronics Co., Ltd.)
S3 ssudserd; C:\WINDOWS\system32\DRIVERS\ssudserd.sys [192944 2015-12-08] (DEVGURU Co., LTD.(www.devguru.co.kr))
S0 WdBoot; C:\WINDOWS\System32\drivers\WdBoot.sys [37400 2015-10-30] (Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\WdFilter.sys [246104 2015-10-30] (Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [98648 2015-10-30] (Microsoft Corporation)
R3 WUDFWpdMtp; C:\WINDOWS\system32\DRIVERS\WUDFRd.sys [163328 2015-10-30] (Microsoft Corporation)
U0 aswVmm; pas de ImagePath
U3 idsvc; pas de ImagePath
U3 wpcsvc; pas de ImagePath
==================== NetSvcs (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
==================== Un mois - Créés - fichiers et dossiers ========
(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)
2016-12-08 10:48 - 2016-12-08 10:50 - 00017794 _____ C:\Users\HAMARD\Downloads\FRST.txt
2016-12-08 10:46 - 2016-12-08 10:48 - 00001055 _____ C:\Users\HAMARD\Desktop\FRST (1).exe - Raccourci.lnk
2016-12-08 10:45 - 2016-12-08 10:48 - 01761792 _____ (Farbar) C:\Users\HAMARD\Downloads\FRST (1).exe
2016-12-08 08:58 - 2016-12-08 08:58 - 05741448 _____ (Microsoft Corporation) C:\Users\HAMARD\Downloads\Windows10Upgrade28084.exe
2016-12-08 06:57 - 2016-12-08 06:57 - 05741448 _____ (Microsoft Corporation) C:\Users\HAMARD\Desktop\Windows10Upgrade28084 (1).exe
2016-12-07 18:26 - 2016-12-08 10:33 - 00000036 _____ C:\WINDOWS\progress.ini
2016-12-07 17:43 - 2016-12-08 10:36 - 00000000 ___HD C:\$GetCurrent
2016-12-07 17:43 - 2016-12-08 10:36 - 00000000 ____D C:\Windows10Upgrade
2016-12-07 17:43 - 2016-12-08 08:58 - 00000731 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Assistant Mise à niveau de Windows 10.lnk
2016-12-07 17:43 - 2016-12-08 08:58 - 00000719 _____ C:\Users\HAMARD\Desktop\Assistant Mise à niveau de Windows 10.lnk
2016-12-07 17:43 - 2016-12-07 17:43 - 05741448 _____ (Microsoft Corporation) C:\Users\HAMARD\Desktop\Windows10Upgrade28084.exe
2016-12-07 06:08 - 2016-12-08 10:48 - 00000000 ____D C:\FRST
2016-12-07 06:07 - 2016-12-07 06:07 - 01761792 _____ (Farbar) C:\Users\HAMARD\Downloads\FRST.exe
2016-11-28 18:29 - 2016-11-28 18:29 - 04522568 _____ (Avira Operations GmbH & Co. KG) C:\Users\HAMARD\Downloads\avira_fr_av_583c64419627a__ws.exe
2016-11-28 18:27 - 2016-11-28 18:27 - 89909775 _____ C:\Users\HAMARD\Downloads\avast-win32.exe
2016-11-28 18:22 - 2016-11-28 18:23 - 01522312 _____ ( ) C:\Users\HAMARD\Downloads\avast.exe
2016-11-22 13:25 - 2016-11-22 13:25 - 00000000 ____D C:\Users\HAMARD\AppData\Local\AviraSpeedup
2016-11-22 13:03 - 2016-11-28 19:22 - 00000000 ____D C:\Users\HAMARD\AppData\Local\Avira
2016-11-22 12:28 - 2016-11-22 12:28 - 00000000 ____H C:\WINDOWS\system32\Drivers\Msft_Kernel_avusbflt_01011.Wdf
2016-11-22 12:19 - 2016-11-28 19:23 - 00000000 ____D C:\Program Files\Avira
2016-11-22 12:19 - 2016-11-22 12:19 - 04520336 _____ (Avira Operations GmbH & Co. KG) C:\Users\HAMARD\Downloads\avira_fr_fass0_583424c22493b__ws.exe
2016-11-22 12:17 - 2016-11-22 12:17 - 06334848 _____ (AVAST Software) C:\Users\HAMARD\Downloads\avast_free_antivirus_setup_online_b0k (1).exe
2016-11-22 12:07 - 2016-11-22 12:07 - 06334848 _____ (AVAST Software) C:\Users\HAMARD\Downloads\avast_free_antivirus_setup_online_b0k.exe
2016-11-22 08:39 - 2016-11-22 08:39 - 00001822 _____ C:\Users\Public\Desktop\iTunes.lnk
2016-11-22 08:38 - 2016-11-22 08:39 - 00000000 ____D C:\Program Files\iTunes
2016-11-22 08:38 - 2016-11-22 08:38 - 00000000 ____D C:\Program Files\iPod
2016-11-22 08:32 - 2016-11-22 08:32 - 00000000 ____D C:\Program Files\Apple Software Update
2016-11-22 08:08 - 2016-12-08 09:58 - 00002378 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-11-22 08:08 - 2016-12-08 09:58 - 00002366 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2016-11-22 07:57 - 2016-11-22 07:56 - 00921280 _____ (Microsoft Corporation) C:\WINDOWS\ucrtbase.dll
2016-11-22 07:55 - 2016-11-22 12:17 - 00000000 ____D C:\ProgramData\AVAST Software
2016-11-22 07:20 - 2016-11-22 07:55 - 06334848 _____ (AVAST Software) C:\Users\HAMARD\Downloads\avast_free_antivirus_setup.exe
2016-11-20 07:15 - 2016-11-20 07:19 - 19683152 _____ C:\Users\HAMARD\Downloads\drive-download-20161120T061502Z.zip
2016-11-17 08:35 - 2016-11-17 08:35 - 00248966 _____ C:\Users\HAMARD\Downloads\docapost_061560611002330401612015-12-088482969166991025448.pdf
2016-11-17 08:20 - 2016-11-17 08:20 - 00248966 _____ C:\Users\HAMARD\Downloads\docapost_061560611002330401612015-12-082532963687965381498.pdf
2016-11-17 08:06 - 2016-11-17 08:06 - 00183333 _____ C:\Users\HAMARD\Downloads\fiche_[B@5dbd5ec3356023026758626080.pdf
2016-11-17 08:06 - 2016-11-17 08:06 - 00183333 _____ C:\Users\HAMARD\Downloads\fiche_[B@41603b2c8973873643925354739.pdf
2016-11-17 08:04 - 2016-11-17 08:04 - 00248966 _____ C:\Users\HAMARD\Downloads\docapost_061560611002330401612015-12-08153950601055344591.pdf
2016-11-14 08:16 - 2016-11-30 17:59 - 00000000 ____D C:\Users\HAMARD\Documents\monAlbumPhoto
2016-11-10 06:46 - 2016-11-10 06:46 - 00002179 _____ C:\Users\Public\Desktop\Google Earth.lnk
2016-11-10 06:46 - 2016-11-10 06:46 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Earth
2016-11-08 14:43 - 2016-11-08 14:43 - 00023843 _____ C:\Users\HAMARD\Downloads\DetailRS.pdf
2016-11-08 06:01 - 2016-11-23 19:14 - 00000000 ____D C:\ProgramData\albumphoto
2016-11-08 06:01 - 2016-11-14 06:23 - 00001094 _____ C:\Users\HAMARD\Desktop\monAlbumPhoto.lnk
2016-11-08 06:01 - 2016-11-14 06:23 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\monAlbumPhoto
2016-11-08 06:01 - 2016-11-14 06:23 - 00000000 ____D C:\Program Files\monAlbumPhoto
2016-11-08 06:00 - 2016-11-08 06:01 - 31579944 _____ (monAlbumPhoto ) C:\Users\HAMARD\Downloads\monAlbumPhoto_Setupalt.exe
==================== Un mois - Modifiés - fichiers et dossiers ========
(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)
2016-12-08 10:49 - 2015-05-18 05:39 - 00001094 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA1d09124b13a4c55.job
2016-12-08 10:44 - 2014-07-09 05:13 - 00001058 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2016-12-08 10:36 - 2015-12-19 08:45 - 00001908 _____ C:\WINDOWS\diagwrn.xml
2016-12-08 10:36 - 2015-12-19 08:45 - 00001908 _____ C:\WINDOWS\diagerr.xml
2016-12-08 10:12 - 2013-11-17 11:23 - 00001002 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2016-12-08 08:33 - 2015-10-30 06:48 - 00000000 ___HD C:\Program Files\WindowsApps
2016-12-08 08:33 - 2015-10-30 06:48 - 00000000 ____D C:\WINDOWS\AppReadiness
2016-12-08 08:26 - 2014-05-29 06:09 - 00000000 ____D C:\SpeedFan
2016-12-08 08:25 - 2016-08-27 14:56 - 00000000 ____D C:\ProgramData\Serveur Média
2016-12-08 08:24 - 2015-02-05 13:32 - 00001090 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore1d0413fd4a3e400.job
2016-12-08 08:24 - 2014-07-09 05:13 - 00001054 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2016-12-08 08:23 - 2016-08-27 14:56 - 00000000 ____D C:\Program Files\Serveur Media
2016-12-08 08:23 - 2015-12-19 13:58 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2016-12-08 08:23 - 2015-12-19 13:29 - 00000000 ____D C:\ProgramData\NVIDIA
2016-12-08 08:22 - 2015-10-30 06:13 - 00524288 ___SH C:\WINDOWS\system32\config\BBI
2016-12-05 16:45 - 2015-07-18 16:13 - 00000000 ____D C:\Users\HAMARD\AppData\Local\CrashDumps
2016-12-05 12:28 - 2015-03-16 17:27 - 00000000 ____D C:\Users\HAMARD\Documents\AVS Cécile
2016-12-05 06:57 - 2016-04-28 07:22 - 00000000 ____D C:\Users\HAMARD\Documents\VITO
2016-12-05 06:27 - 2015-08-30 07:43 - 00000000 ____D C:\Users\HAMARD\Documents\50 ans
2016-12-05 06:27 - 2014-02-22 08:06 - 00000000 ____D C:\Users\HAMARD\Documents\Administratif
2016-12-05 06:26 - 2014-06-24 05:32 - 00000000 ____D C:\Users\HAMARD\Documents\Dossier Lea
2016-12-04 10:04 - 2015-12-19 13:33 - 02093102 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2016-12-04 10:04 - 2015-10-30 16:07 - 00917988 _____ C:\WINDOWS\system32\perfh00C.dat
2016-12-04 10:04 - 2015-10-30 16:07 - 00191548 _____ C:\WINDOWS\system32\perfc00C.dat
2016-12-04 10:04 - 2015-10-30 06:47 - 00000000 ____D C:\WINDOWS\INF
2016-12-04 09:57 - 2015-01-12 17:06 - 00000000 ____D C:\Users\HAMARD\AppData\Roaming\vlc
2016-12-04 09:26 - 2014-10-28 07:34 - 00000000 ____D C:\Users\HAMARD\Documents\Groupe musique
2016-12-04 08:18 - 2016-09-28 05:56 - 00000000 ____D C:\Program Files\Opera
2016-12-04 08:16 - 2015-10-30 06:48 - 00000000 ____D C:\WINDOWS\system32\NDF
2016-12-04 07:54 - 2015-12-19 13:35 - 00000000 ____D C:\Users\HAMARD
2016-12-03 20:12 - 2016-10-10 05:46 - 00001064 _____ C:\WINDOWS\Tasks\Adobe Flash Player PPAPI Notifier.job
2016-12-02 22:49 - 2016-09-01 11:44 - 00000000 ____D C:\Program Files\Mozilla Thunderbird
2016-12-02 22:48 - 2015-06-27 04:51 - 00170200 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2016-12-02 21:42 - 2014-09-17 05:13 - 00000000 ____D C:\Users\HAMARD\Documents\Dossier Ambre
2016-12-02 19:23 - 2016-03-20 07:54 - 00000000 ____D C:\Users\HAMARD\AppData\Roaming\ZHP
2016-12-02 19:07 - 2016-03-20 08:26 - 00004735 _____ C:\Users\HAMARD\Desktop\ZHPCleaner.txt
2016-12-01 20:31 - 2016-01-04 18:13 - 00000000 ____D C:\Users\HAMARD\Documents\fliqlo-7468-jetelecharge
2016-11-29 15:18 - 2013-11-17 10:42 - 00111216 _____ C:\Users\HAMARD\AppData\Local\GDIPFONTCACHEV1.DAT
2016-11-28 19:21 - 2014-06-09 11:47 - 00000000 ____D C:\ProgramData\Package Cache
2016-11-28 06:57 - 2015-02-24 17:49 - 00000000 ____D C:\AdwCleaner
2016-11-26 09:17 - 2016-09-28 05:57 - 00001078 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Opera.lnk
2016-11-25 06:48 - 2015-12-19 14:14 - 00000000 ____D C:\Users\HAMARD\AppData\Local\Packages
2016-11-25 06:48 - 2014-12-19 14:23 - 00000000 ____D C:\Program Files\Garmin
2016-11-23 06:26 - 2016-03-10 12:19 - 00000000 ____D C:\Users\HAMARD\AppData\Local\MiniService
2016-11-23 06:26 - 2015-11-30 06:37 - 00000000 ____D C:\Users\HAMARD\AppData\Local\Windows Live Writer
2016-11-23 06:26 - 2013-11-17 09:52 - 00000000 ____D C:\Users\HAMARD\AppData\Local\VirtualStore
2016-11-22 13:00 - 2015-12-19 13:26 - 00414560 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2016-11-22 08:46 - 2016-03-10 12:25 - 00002545 _____ C:\Users\HAMARD\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chromium.lnk
2016-11-22 08:46 - 2016-03-10 12:25 - 00002537 _____ C:\Users\HAMARD\Desktop\Chromium.lnk
2016-11-22 08:39 - 2016-01-17 16:24 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2016-11-22 08:38 - 2014-02-14 12:21 - 00000000 ____D C:\Program Files\Common Files\Apple
2016-11-22 08:32 - 2014-02-14 12:22 - 00002535 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Apple Software Update.lnk
2016-11-22 08:08 - 2014-07-09 05:13 - 00000000 ____D C:\Program Files\Google
2016-11-22 07:22 - 2015-10-30 06:48 - 00000000 ___HD C:\WINDOWS\ELAMBKUP
2016-11-09 07:12 - 2015-10-30 06:48 - 00000000 ____D C:\WINDOWS\system32\Macromed
==================== Fichiers à la racine de certains dossiers =======
2016-03-08 17:30 - 2016-03-08 17:30 - 0001915 _____ () C:\Users\HAMARD\AppData\Roaming\CaltropHighlowSprigCarbohydrate
2015-01-25 17:12 - 2015-01-25 17:12 - 0001248 _____ () C:\Users\HAMARD\AppData\Roaming\HPOUMHK
2015-01-25 17:12 - 2015-01-25 17:12 - 0002086 _____ () C:\Users\HAMARD\AppData\Roaming\HRAQRIR
2015-01-25 17:12 - 2015-01-25 17:12 - 0001248 _____ () C:\Users\HAMARD\AppData\Roaming\NRQXYB
2016-03-08 17:30 - 2016-03-08 17:30 - 0053468 _____ () C:\Users\HAMARD\AppData\Roaming\PSNormalMapInstanced.hlsl
2014-10-07 05:39 - 2014-10-07 05:39 - 0011264 _____ () C:\Users\HAMARD\AppData\Roaming\System.dll
2015-01-20 06:58 - 2015-01-20 07:00 - 0038462 _____ () C:\Users\HAMARD\AppData\Roaming\Valeurs séparées par une virgule (DOS).ADR
2014-11-30 20:45 - 2016-04-04 05:30 - 0000196 _____ () C:\Users\HAMARD\AppData\Roaming\WB.CFG
2015-01-25 17:12 - 2015-01-25 17:12 - 0002086 _____ () C:\Users\HAMARD\AppData\Roaming\ZMC
2015-09-17 08:29 - 2015-09-17 08:29 - 0551424 ____T (MultiMedia Soft) C:\Users\HAMARD\AppData\Roaming\Microsoft\engine_ag.dll
2014-07-18 17:20 - 2016-06-05 18:30 - 0006144 _____ () C:\Users\HAMARD\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2014-12-02 10:01 - 2014-12-02 10:01 - 0000002 _____ () C:\Users\HAMARD\AppData\Local\DSI.DAT
2013-11-18 08:40 - 2013-12-12 20:53 - 0004752 _____ () C:\ProgramData\dkab.log
2013-12-03 15:00 - 2016-05-01 06:32 - 0013027 _____ () C:\ProgramData\hpzinstall.log
Fichiers à déplacer ou supprimer:
====================
C:\Users\HAMARD\hpbcfgre.dll
C:\Users\HAMARD\hpmco155.dll
C:\Users\HAMARD\hpmews01.dat
C:\Users\HAMARD\hpmews01.dll
C:\Users\HAMARD\hpmldm01.dat
C:\Users\HAMARD\hpmldm01.dll
C:\Users\HAMARD\Install.dll
C:\Users\HAMARD\Install.exe
C:\Users\HAMARD\ZHPCleaner.exe
Certains fichiers dans TEMP:
====================
C:\Users\HAMARD\AppData\Local\Temp\sfamcc00001.dll
C:\Users\HAMARD\AppData\Local\Temp\sfareca00001.dll
==================== Bamital & volsnap ======================
(Il n'y a pas de correction automatique pour les fichiers qui ne satisfont pas à la vérification.)
C:\WINDOWS\explorer.exe => Le fichier est signé numériquement
C:\WINDOWS\system32\winlogon.exe => Le fichier est signé numériquement
C:\WINDOWS\system32\wininit.exe => Le fichier est signé numériquement
C:\WINDOWS\system32\svchost.exe => Le fichier est signé numériquement
C:\WINDOWS\system32\services.exe => Le fichier est signé numériquement
C:\WINDOWS\system32\User32.dll => Le fichier est signé numériquement
C:\WINDOWS\system32\userinit.exe => Le fichier est signé numériquement
C:\WINDOWS\system32\rpcss.dll => Le fichier est signé numériquement
C:\WINDOWS\system32\dnsapi.dll => Le fichier est signé numériquement
C:\WINDOWS\system32\Drivers\volsnap.sys => Le fichier est signé numériquement
LastRegBack: 2016-12-03 07:57
==================== Fin de FRST.txt ============================