Publicité
Publicité
Format du document : text/plain
Prévisualisation
Résultats d'analyse de Farbar Recovery Scan Tool (FRST) (x64) Version: 01-03-2017
Exécuté par Attilio (administrateur) sur LAPTOP-N43E9LDI (03-03-2017 20:57:41)
Exécuté depuis C:\Users\Attilio\Desktop
Profils chargés: Attilio (Profils disponibles: Attilio)
Platform: Windows 10 Home Version 1607 (X64) Langue: Français (France)
Internet Explorer Version 11 (Navigateur par défaut: Edge)
Mode d'amorçage: Normal
Tutoriel pour Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processus (Avec liste blanche) =================
(Si un élément est inclus dans le fichier fixlist.txt, le processus sera arrêté. Le fichier ne sera pas déplacé.)
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Broadcom Corporation.) C:\Windows\System32\BtwRSupportService.exe
(Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
(Acer Incorporated) C:\Program Files (x86)\Acer\AOP Framework\CCDMonitorService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(Acer Cloud Technology) C:\Program Files (x86)\Acer\AOP Framework\acer\ccd.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
() C:\Windows\System32\igfxTray.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Quick Access\QASvc.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Quick Access\QALSvc.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Quick Access\QAAgent.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Quick Access\QALockHandler.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Quick Access\QAAdminAgent.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Hewlett-Packard Co.) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
(Hewlett-Packard Co.) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqste08.exe
(Hewlett-Packard Co.) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqbam08.exe
(Hewlett-Packard) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgpc01.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerTray.exe
(Intel Corporation) C:\Windows\System32\igfxext.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerEvent.exe
() C:\OEM\Preload\FubTracking\FubTracking.exe
==================== Registre (Avec liste blanche) ====================
(Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé. Le fichier ne sera pas déplacé.)
HKLM\...\Run: [WindowsDefender] => C:\Program Files\Windows Defender\MSASCuiL.exe [631808 2016-09-07] (Microsoft Corporation)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [587288 2016-12-12] (Oracle Corporation)
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe [96056 2013-05-30] (Hewlett-Packard)
HKLM-x32\...\Run: [] => [X]
HKU\S-1-5-21-2394248128-3885229179-4112585846-1001\...\Run: [AcerPortal] => C:\Program Files (x86)\Acer\Acer Portal\AcerPortal.exe [2418392 2016-09-09] (Acer)
HKU\S-1-5-21-2394248128-3885229179-4112585846-1001\...\MountPoints2: {3ab48d30-3c7b-11e6-9bde-1c3947942997} - "E:\MI.exe"
HKU\S-1-5-18\...\Run: [] => [X]
ShellExecuteHooks: Pas de nom - {91B43DB6-F779-11E6-B26C-64006A5CFC23} - C:\Program Files (x86)\Prifuly\Jubetplubiied.dll -> Pas de fichier
ShellIconOverlayIdentifiers: [ ACloudSynced] -> {5CCE71FA-9F61-4F24-9CD1-98D819B40D68} => C:\Program Files (x86)\Acer\shellext\x64\shellext_win.dll [2016-09-09] (Acer Incorporated)
ShellIconOverlayIdentifiers: [ ACloudSyncing] -> {C1E1456F-C2D8-4C96-870D-35F1E13941EE} => C:\Program Files (x86)\Acer\shellext\x64\shellext_win.dll [2016-09-09] (Acer Incorporated)
ShellIconOverlayIdentifiers: [ ACloudToBeSynced] -> {307523FA-DDC0-4068-983F-2A6B34627744} => C:\Program Files (x86)\Acer\shellext\x64\shellext_win.dll [2016-09-09] (Acer Incorporated)
ShellIconOverlayIdentifiers-x32: [ ACloudSynced] -> {5CCE71FA-9F61-4F24-9CD1-98D819B40D68} => C:\Program Files (x86)\Acer\shellext\Win32\shellext_win.dll [2016-09-09] (Acer Incorporated)
ShellIconOverlayIdentifiers-x32: [ ACloudSyncing] -> {C1E1456F-C2D8-4C96-870D-35F1E13941EE} => C:\Program Files (x86)\Acer\shellext\Win32\shellext_win.dll [2016-09-09] (Acer Incorporated)
ShellIconOverlayIdentifiers-x32: [ ACloudToBeSynced] -> {307523FA-DDC0-4068-983F-2A6B34627744} => C:\Program Files (x86)\Acer\shellext\Win32\shellext_win.dll [2016-09-09] (Acer Incorporated)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk [2017-02-17]
ShortcutTarget: HP Digital Imaging Monitor.lnk -> C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe (Hewlett-Packard Co.)
==================== Internet (Avec liste blanche) ====================
(Si un élément est inclus dans le fichier fixlist.txt, s'il s'agit d'un élément du Registre, il sera supprimé ou restauré à la valeur par défaut.)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{a19d1baa-0382-4001-ae4a-28145b180b99}: [DhcpNameServer] 192.168.1.1
Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page =
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKU\S-1-5-21-2394248128-3885229179-4112585846-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://r.orange.fr/r/Oodc_IE_oi_v2?ref=O_OI_defaultPage_IE_odc
SearchScopes: HKU\S-1-5-21-2394248128-3885229179-4112585846-1001 -> {B3056DF7-9679-478E-B6D6-49C0DBDE6B84} URL =
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [2010-03-25] (Microsoft Corporation)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2010-02-28] (Microsoft Corporation)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL [2010-03-25] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_121\bin\ssv.dll [2017-02-03] (Oracle Corporation)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2010-02-28] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_121\bin\jp2ssv.dll [2017-02-03] (Oracle Corporation)
Edge:
======
Edge HomeButtonPage: HKU\S-1-5-21-2394248128-3885229179-4112585846-1001 -> hxxp://www.google.com
FireFox:
========
FF ProfilePath: C:\Users\Attilio\AppData\Roaming\Mozilla\Firefox\Profiles\1wyxytwo.default-1474902429916 [2017-03-03]
FF Homepage: Mozilla\Firefox\Profiles\1wyxytwo.default-1474902429916 -> hxxp://r.orange.fr/r/Oodc_FF_oi_v2?ref=O_OI_defaultPage_FF_odc
FF Extension: (Visualisateur 3D de 20-20) - C:\Users\Attilio\AppData\Roaming\Mozilla\Firefox\Profiles\1wyxytwo.default-1474902429916\Extensions\2020Player_WEB@2020Technologies.com [2016-11-09]
FF Extension: (Français Language Pack) - C:\Users\Attilio\AppData\Roaming\Mozilla\Firefox\Profiles\1wyxytwo.default-1474902429916\Extensions\langpack-fr@firefox.mozilla.org.xpi [2017-01-30]
FF Extension: (Visualisateur 3D de 20-20) - C:\Users\Attilio\AppData\Roaming\Mozilla\Firefox\Profiles\1wyxytwo.default-1474902429916\Extensions\NP_2020Player_IS@2020Technologies.com [2017-02-13]
FF Extension: (ImTranslator) - C:\Users\Attilio\AppData\Roaming\Mozilla\Firefox\Profiles\1wyxytwo.default-1474902429916\Extensions\{9AA46F4F-4DC7-4c06-97AF-5035170634FE}.xpi [2016-12-30]
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_24_0_0_194.dll [2017-01-11] ()
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=2.2.4 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWoW64\Macromed\Flash\NPSWF32_24_0_0_194.dll [2017-01-11] ()
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/pdf -> C:\Program Files (x86)\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [2014-10-20] (Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.fdf -> C:\Program Files (x86)\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [2014-10-20] (Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.xdp -> C:\Program Files (x86)\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [2014-10-20] (Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.xfdf -> C:\Program Files (x86)\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [2014-10-20] (Foxit Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.121.2 -> C:\Program Files (x86)\Java\jre1.8.0_121\bin\dtplugin\npDeployJava1.dll [2017-02-03] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.121.2 -> C:\Program Files (x86)\Java\jre1.8.0_121\bin\plugin2\npjp2.dll [2017-02-03] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2016-12-24] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2016-12-24] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.0.7 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [Pas de fichier]
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll [2016-05-23] ()
FF Plugin HKU\S-1-5-21-2394248128-3885229179-4112585846-1001: @rocketlife.com/RocketLife Secure Plug-In Layer;version=1.0.5 -> C:\Users\Attilio\AppData\Roaming\Visan\plugins\npRLSecurePluginLayer.dll [2011-11-15] (RocketLife, LLP)
FF ExtraCheck: C:\Program Files (x86)\mozilla firefox\browser\defaults\preferences\firefox.js [2017-03-01]
Chrome:
=======
CHR DefaultProfile: ChromeDefaultData
CHR HomePage: ChromeDefaultData -> hxxps://www.google.com/
CHR DefaultSearchURL: ChromeDefaultData -> hxxp://www.youndoo.com/search/?q={searchTerms}&z=263f216152d6b66dbec5c9cgbzab2beceb0g2qaz6g&from=wak&uid=TOSHIBAXMQ01ABD100_X5NRT7IMTXXX5NRT7IMT&type=sp
CHR DefaultSearchKeyword: ChromeDefaultData -> youndoo
CHR Profile: C:\Users\Attilio\AppData\Local\Google\Chrome\User Data\ChromeDefaultData [2017-03-03] <==== ATTENTION
CHR Extension: (Google Docs) - C:\Users\Attilio\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\aohghmighlieiainnegkcijnfilokake [2016-07-12]
CHR Extension: (Google Drive) - C:\Users\Attilio\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-07-12]
CHR Extension: (YouTube) - C:\Users\Attilio\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-07-12]
CHR Extension: (Google Docs hors connexion) - C:\Users\Attilio\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-07-12]
CHR Extension: (Paiements via le Chrome Web Store) - C:\Users\Attilio\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-07-12]
CHR Extension: (Gmail) - C:\Users\Attilio\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-07-12]
CHR Extension: (Chrome Media Router) - C:\Users\Attilio\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2016-09-07]
==================== Services (Avec liste blanche) ====================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
S4 ACDaemon; C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe [113152 2010-03-18] (ArcSoft Inc.)
R2 Apps_Cfg; C:\ProgramData\Apple\Apps\config.dll [115712 2017-03-02] () [Fichier non signé]
R2 BcmBtRSupport; C:\WINDOWS\system32\BtwRSupportService.exe [2278152 2015-12-19] (Broadcom Corporation.)
R2 CCDMonitorService; C:\Program Files (x86)\Acer\AOP Framework\CCDMonitorService.exe [2267352 2016-08-30] (Acer Incorporated)
R2 Dashlane Upgrade Service; C:\Program Files (x86)\Dashlane\Upgrade\DashlaneUpgradeService.exe [75056 2015-06-24] (Dashlane SAS)
S4 Dedicarz Service; C:\Program Files (x86)\Orange\ma Livebox\dedicarz\DedicarzService.exe [1970544 2014-09-15] () [Fichier non signé]
R3 ePowerSvc; C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe [2573568 2015-05-14] (Acer Incorporated)
S2 GamesAppIntegrationService; C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe [350064 2016-05-23] (WildTangent)
S4 GoProDeviceDetectionService; C:\Program Files\GoPro\GoPro Desktop App\GoProDeviceDetection.exe [37808 2016-05-11] ()
R2 HPSLPSVC; C:\Program Files (x86)\HP\Digital Imaging\bin\HPSLPSVC64.DLL [1039360 2011-08-18] (Hewlett-Packard Co.) [Fichier non signé]
S4 HPSupportSolutionsFrameworkService; C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe [31776 2016-12-07] (HP Inc.)
R2 igfxCUIService2.0.0.0; C:\WINDOWS\system32\igfxCUIService.exe [382472 2017-01-25] (Intel Corporation)
S3 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [4355024 2017-01-20] (Malwarebytes)
R2 Net Driver HPZ12; C:\Windows\System32\HPZinw12.dll [71680 2010-08-06] (Hewlett-Packard) [Fichier non signé]
R2 NVDisplay.ContainerLocalSystem; C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe [458176 2016-12-29] (NVIDIA Corporation)
S4 Orange update Core Service; C:\Program Files (x86)\Orange\OrangeUpdate\Service\OUCore.exe [734488 2016-08-29] (Orange SA)
R2 Pml Driver HPZ12; C:\Windows\System32\HPZipm12.dll [89600 2010-08-06] (Hewlett-Packard) [Fichier non signé]
R3 QALSvc; C:\Program Files\Acer\Acer Quick Access\QALSvc.exe [401248 2015-09-04] (Acer Incorporated)
R3 QASvc; C:\Program Files\Acer\Acer Quick Access\QASvc.exe [453984 2015-09-04] (Acer Incorporated)
S4 RichVideo64; C:\Program Files\CyberLink\Shared files\RichVideo64.exe [614664 2015-09-03] (CyberLink)
S3 UEIPSvc; C:\Program Files\Acer\User Experience Improvement Program\Framework\UBTService.exe [247040 2015-05-27] (acer)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [347328 2016-07-16] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [103720 2016-07-16] (Microsoft Corporation)
S4 XperiaCompanionService; C:\Program Files\Sony\Xperia Companion\Service\XperiaCompanionService.exe [2205568 2016-12-22] (Sony)
===================== Pilotes (Avec liste blanche) ======================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
S3 aswTap; C:\WINDOWS\System32\drivers\aswTap.sys [44640 2014-09-05] (The OpenVPN Project)
R3 bcbtums; C:\WINDOWS\system32\drivers\bcbtums.sys [199472 2015-12-19] (Broadcom Corporation.)
R3 BCMWL63A; C:\WINDOWS\system32\DRIVERS\bcmwl63a.sys [11142392 2015-12-19] (Broadcom Corporation)
S3 dot4; C:\WINDOWS\system32\DRIVERS\Dot4.sys [151968 2016-06-24] (Windows (R) Win 7 DDK provider)
S3 Dot4Print; C:\WINDOWS\System32\drivers\Dot4Prt.sys [27040 2016-06-24] (Windows (R) Win 7 DDK provider)
R1 ESProtectionDriver; C:\WINDOWS\system32\drivers\mbae64.sys [77408 2017-02-24] ()
R3 iaLPSS_GPIO; C:\WINDOWS\System32\drivers\iaLPSS_GPIO.sys [46856 2015-06-15] (Intel Corporation)
R3 LMDriver; C:\WINDOWS\System32\drivers\LMDriver.sys [21344 2015-09-04] (Acer Incorporated)
R2 MBAMChameleon; C:\WINDOWS\system32\drivers\MBAMChameleon.sys [186304 2017-03-03] (Malwarebytes)
S3 MBAMFarflt; C:\WINDOWS\system32\drivers\farflt.sys [111544 2017-03-03] (Malwarebytes)
R0 MBAMSwissArmy; C:\WINDOWS\System32\drivers\MBAMSwissArmy.sys [251840 2017-03-03] (Malwarebytes)
S3 MBAMWebProtection; C:\WINDOWS\system32\drivers\mwac.sys [92088 2017-03-03] (Malwarebytes)
S3 NetAdapterCx; C:\WINDOWS\System32\drivers\NetAdapterCx.sys [90624 2016-07-16] ()
R1 NetUtils2016; C:\WINDOWS\system32\drivers\NetUtils2016.sys [909944 2017-03-03] () <==== ATTENTION
R2 npf; C:\WINDOWS\System32\drivers\npf.sys [35344 2011-02-11] (CACE Technologies, Inc.)
R3 nvlddmkm; C:\WINDOWS\System32\DriverStore\FileRepository\nvacwu.inf_amd64_31f4ef4821269ebb\nvlddmkm.sys [14190520 2017-01-17] (NVIDIA Corporation)
R3 RadioShim; C:\WINDOWS\System32\drivers\RadioShim.sys [14688 2015-09-04] (Acer Incorporated)
R3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [887552 2015-07-15] (Realtek )
R3 RTSPER; C:\WINDOWS\system32\DRIVERS\RtsPer.sys [752856 2015-05-29] (Realsil Semiconductor Corporation)
R3 SynRMIHID; C:\WINDOWS\system32\DRIVERS\SynRMIHID.sys [51368 2015-05-11] (Synaptics Incorporated)
U3 TrueSight; C:\Windows\System32\drivers\TrueSight.sys [28272 2017-03-03] ()
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [44056 2016-07-16] (Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [290144 2016-07-16] (Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [123232 2016-07-16] (Microsoft Corporation)
S3 catchme; \??\C:\Users\Attilio\AppData\Local\Temp\catchmegnqc.sys [X] <==== ATTENTION
==================== NetSvcs (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
==================== Un mois - Créés - fichiers et dossiers ========
(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)
2017-03-03 20:57 - 2017-03-03 20:59 - 00019599 _____ C:\Users\Attilio\Desktop\FRST.txt
2017-03-03 20:52 - 2017-03-03 20:52 - 00002118 _____ C:\Users\Attilio\Desktop\ZHPFixReport.txt
2017-03-03 20:48 - 2017-03-03 20:45 - 00002151 _____ C:\Users\Attilio\Desktop\ScriptZHPFix.txt
2017-03-03 20:45 - 2017-03-03 20:45 - 00001926 _____ C:\Users\Public\Desktop\ZHPFix.lnk
2017-03-03 20:45 - 2017-03-03 20:45 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ZHP
2017-03-03 20:40 - 2017-03-03 20:37 - 03521617 _____ (Nicolas Coolman ) C:\Users\Attilio\Downloads\ZHPFix.exe
2017-03-03 13:18 - 2017-03-03 13:18 - 00000000 ____D C:\zoek
2017-03-03 12:53 - 2017-03-03 13:19 - 00003397 _____ C:\runcheck.txt
2017-03-03 12:39 - 2017-03-03 12:30 - 01663736 _____ (Malwarebytes) C:\Users\Attilio\Downloads\JRT.exe
2017-03-03 10:54 - 2017-03-03 20:58 - 00000000 _____ C:\Users\Public\Documents\temp.dat
2017-03-03 10:43 - 2017-03-02 22:21 - 04031440 _____ C:\Users\Attilio\Desktop\adwcleaner_6.044.exe
2017-03-03 10:41 - 2017-03-03 10:50 - 00000000 ____D C:\Program Files\5lp7tumu
2017-03-03 10:41 - 2017-03-03 10:41 - 00000000 ____D C:\Users\Attilio\AppData\Roaming\Kyubey
2017-03-03 08:54 - 2017-03-03 08:58 - 00000000 ____D C:\Users\TEMP
2017-03-03 08:54 - 2017-03-03 08:54 - 00000000 ____D C:\Users\TEMP\AppData\Local\acer
2017-03-03 08:35 - 2017-03-03 08:35 - 00251840 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\254977EB.sys
2017-03-03 08:26 - 2017-03-03 08:26 - 00186304 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMChameleon.sys
2017-03-03 08:26 - 2017-03-03 08:26 - 00111544 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\farflt.sys
2017-03-03 08:26 - 2017-03-03 08:26 - 00092088 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mwac.sys
2017-03-03 08:26 - 2017-03-03 08:26 - 00043968 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbam.sys
2017-03-03 08:25 - 2017-03-03 16:31 - 00251840 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2017-03-03 08:25 - 2017-03-03 08:25 - 00001916 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2017-03-03 08:25 - 2017-03-03 08:25 - 00000000 ____D C:\ProgramData\Malwarebytes
2017-03-03 08:25 - 2017-02-24 06:23 - 00077408 _____ C:\WINDOWS\system32\Drivers\mbae64.sys
2017-03-03 08:23 - 2017-03-03 07:50 - 57131432 _____ (Malwarebytes ) C:\Users\Attilio\Downloads\mb3-setup-consumer-3.0.6.1469-1075.exe
2017-03-03 08:22 - 2017-03-03 20:56 - 00625272 _____ C:\WINDOWS\system32\NetUtils2016.dll
2017-03-03 08:11 - 2017-03-03 08:11 - 00000000 ____D C:\Program Files\Malwarebytes
2017-03-03 07:29 - 2017-03-03 11:47 - 00028272 _____ C:\WINDOWS\system32\Drivers\TrueSight.sys
2017-03-03 07:28 - 2017-03-03 08:08 - 00000000 ____D C:\ProgramData\RogueKiller
2017-03-03 07:28 - 2017-03-03 07:28 - 00000903 _____ C:\Users\Public\Desktop\RogueKiller.lnk
2017-03-03 07:28 - 2017-03-03 07:28 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RogueKiller
2017-03-03 07:28 - 2017-03-03 07:28 - 00000000 ____D C:\Program Files\RogueKiller
2017-03-03 07:24 - 2017-03-03 07:16 - 34885984 _____ (Adlice Software ) C:\Users\Attilio\Downloads\setup.exe
2017-03-02 22:21 - 2017-03-03 10:50 - 00000000 ____D C:\AdwCleaner
2017-03-02 22:20 - 2017-03-02 22:21 - 04031440 _____ C:\Users\Attilio\Downloads\adwcleaner_6.044.exe
2017-03-02 22:15 - 2017-03-03 10:36 - 00000000 ____D C:\WINDOWS\system32\log
2017-03-02 22:13 - 2017-03-02 22:14 - 00000000 _____ C:\WINDOWS\SysWOW64\4
2017-03-02 22:13 - 2017-03-02 22:14 - 00000000 _____ C:\WINDOWS\SysWOW64\3
2017-03-02 22:13 - 2017-03-02 22:13 - 00002219 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2017-03-02 22:13 - 2017-03-02 22:13 - 00000000 ____D C:\Users\Attilio\AppData\Local\Legass
2017-03-02 22:12 - 2017-03-02 22:12 - 00000382 _____ C:\WINDOWS\SysWOW64\data.bin
2017-03-02 22:12 - 2017-03-02 22:12 - 00000000 ____D C:\Program Files (x86)\Legass
2017-03-02 22:00 - 2017-03-03 13:19 - 00000000 ____D C:\zoek_backup
2017-03-02 21:58 - 2017-03-02 22:00 - 01309184 _____ C:\Users\Attilio\Downloads\zoek.exe
2017-03-02 17:39 - 2017-03-03 10:50 - 00000000 ____D C:\Program Files (x86)\Prifuly
2017-03-02 16:32 - 2017-03-03 20:57 - 00000000 ____D C:\FRST
2017-03-02 16:31 - 2017-03-02 16:31 - 02423808 _____ (Farbar) C:\Users\Attilio\Desktop\FRST64.exe
2017-03-02 16:30 - 2017-03-02 16:30 - 02423808 _____ (Farbar) C:\Users\Attilio\Downloads\FRST64.exe
2017-03-02 16:12 - 2017-03-02 16:12 - 00315000 _____ C:\Users\Attilio\Downloads\winchk_2.0.exe
2017-03-02 16:12 - 2017-03-02 16:12 - 00000738 _____ C:\WinChk.txt
2017-03-02 14:03 - 2017-03-03 16:50 - 00000000 ____D C:\Users\Attilio\Documents\zzz-Repar
2017-03-02 13:04 - 2017-03-03 19:12 - 00000871 _____ C:\Users\Attilio\Desktop\ZHPDiag.lnk
2017-03-02 13:04 - 2017-03-02 13:04 - 00000864 _____ C:\Users\Attilio\Desktop\ZHPLite.lnk
2017-03-02 13:00 - 2017-03-02 13:04 - 01496576 _____ C:\Users\Attilio\Downloads\ZHPlite.exe
2017-03-02 12:59 - 2017-03-02 13:04 - 02707456 _____ C:\Users\Attilio\Downloads\ZHPDiag3.exe
2017-03-01 18:00 - 2017-03-02 12:00 - 00000000 ____D C:\Users\Attilio\AppData\Roaming\vlc
2017-03-01 17:29 - 2017-03-03 10:49 - 00000848 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2017-03-01 17:01 - 2017-03-01 17:15 - 00002990 _____ C:\WINDOWS\System32\Tasks\maLivebox
2017-03-01 16:36 - 2017-03-01 16:36 - 00126464 _____ C:\Users\Attilio\AppData\Roaming\lobby.dat
2017-03-01 16:25 - 2017-03-03 10:36 - 00909944 _____ C:\WINDOWS\system32\Drivers\NetUtils2016.sys
2017-03-01 16:25 - 2017-03-01 16:25 - 00000000 ____D C:\WINDOWS\system32\sstmp
2017-03-01 16:21 - 2017-03-01 16:22 - 00000000 ____D C:\Users\Default\AppData\Local\AdvinstAnalytics
2017-03-01 16:21 - 2017-03-01 16:22 - 00000000 ____D C:\Users\Default User\AppData\Local\AdvinstAnalytics
2017-03-01 16:20 - 2017-03-03 16:26 - 00000000 ____D C:\Program Files (x86)\Araochstjuther Host
2017-03-01 16:20 - 2017-03-01 16:21 - 00000000 ____D C:\Users\Attilio\AppData\Local\Ugerlygregock
2017-03-01 16:19 - 2017-03-01 16:51 - 00000000 ____D C:\WINDOWS\system32\SSL
2017-02-28 11:14 - 2017-02-28 11:14 - 00000000 ____D C:\Users\Attilio\AppData\Roaming\Trimble Connect for SketchUp
2017-02-28 11:10 - 2017-02-28 11:10 - 00000000 ____D C:\ProgramData\Reprise
2017-02-27 17:48 - 2017-02-27 17:49 - 00000294 _____ C:\Users\Attilio\Documents\Capture_mp4.mrk
2017-02-27 08:20 - 2017-03-03 08:21 - 00000372 _____ C:\WINDOWS\Tasks\HPCeeScheduleForAttilio.job
2017-02-27 08:20 - 2017-03-03 08:20 - 00003272 _____ C:\WINDOWS\System32\Tasks\HPCeeScheduleForAttilio
2017-02-27 08:20 - 2017-02-27 08:20 - 00000000 ____D C:\Users\Attilio\AppData\Local\HP_Development_Company,_L
2017-02-22 19:59 - 2017-02-22 19:59 - 03079878 _____ C:\WINDOWS\cc31da482a1eb60fb1933ba24f3540fd.exe
2017-02-17 13:55 - 2017-02-17 13:55 - 00000000 ____D C:\Program Files\VideoLAN
2017-02-17 11:00 - 2017-02-17 11:00 - 00002069 ____N C:\Users\Attilio\Desktop\CyberLink PowerDirector 14.lnk
2017-02-17 10:01 - 2017-03-01 16:57 - 00000446 _____ C:\WINDOWS\Tasks\HP Photo Creations Communicator.job
2017-02-17 10:01 - 2017-02-17 10:20 - 00000000 ___RD C:\Users\Attilio\Documents\RocketLifeNetwork
2017-02-17 10:01 - 2017-02-17 10:20 - 00000000 ____D C:\Users\Attilio\AppData\Roaming\HP Photo Creations
2017-02-17 10:01 - 2017-02-17 10:01 - 00003526 _____ C:\WINDOWS\System32\Tasks\HP Photo Creations Communicator
2017-02-17 10:01 - 2017-02-17 10:01 - 00002183 ____N C:\Users\Attilio\Desktop\HP Photo Creations.lnk
2017-02-17 10:01 - 2017-02-17 10:01 - 00000000 ____D C:\Users\Attilio\AppData\Roaming\Visan
2017-02-17 10:01 - 2017-02-17 10:01 - 00000000 ____D C:\Users\Attilio\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\HP
2017-02-17 10:01 - 2017-02-17 10:01 - 00000000 ____D C:\Users\Attilio\AppData\Local\RLPlatform
2017-02-17 09:50 - 2017-02-28 10:16 - 00000000 ____D C:\Users\Attilio\Documents\Mes numérisations
2017-02-17 09:14 - 2017-02-17 09:14 - 00000000 ____D C:\Users\Attilio\AppData\Local\HP
2017-02-17 09:12 - 2017-02-17 09:14 - 00000000 ____D C:\Users\Attilio\AppData\Roaming\HP
2017-02-17 09:12 - 2017-02-17 09:12 - 00000000 ____D C:\ProgramData\WEBREG
2017-02-17 09:10 - 2017-02-27 08:08 - 00000000 ____D C:\Users\Attilio\AppData\Roaming\HpUpdate
2017-02-17 09:10 - 2017-02-17 09:10 - 00000000 ____D C:\WINDOWS\SysWOW64\spool
2017-02-17 09:09 - 2017-02-17 09:11 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP
2017-02-17 09:09 - 2017-02-17 09:09 - 00001496 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Centre de solutions HP.lnk
2017-02-17 09:09 - 2017-02-17 09:09 - 00001490 ____N C:\Users\Public\Desktop\Centre de solutions HP.lnk
2017-02-17 09:09 - 2017-02-17 09:09 - 00001110 ____N C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Enregistrement OCR I.R.I.S..lnk
2017-02-17 09:09 - 2017-02-17 09:09 - 00000000 ____D C:\ProgramData\HP Product Assistant
2017-02-17 09:07 - 2017-02-17 09:10 - 00000000 ____D C:\Program Files (x86)\HP
2017-02-17 09:05 - 2017-02-17 09:13 - 00000000 ____D C:\ProgramData\HP
2017-02-17 09:05 - 2017-02-17 09:12 - 00218335 _____ C:\WINDOWS\hpoins19.dat
2017-02-17 09:05 - 2012-10-14 13:03 - 00015561 ____N C:\WINDOWS\hpomdl19.dat
2017-02-17 09:02 - 2017-02-17 09:36 - 00000000 ____D C:\Users\Attilio\AppData\Local\Hewlett-Packard
2017-02-17 08:58 - 2017-02-17 08:58 - 00000000 ____D C:\Users\Attilio\AppData\Roaming\Hewlett-Packard
2017-02-17 08:52 - 2017-03-01 17:13 - 00000000 ____D C:\ProgramData\Hewlett-Packard
2017-02-17 08:52 - 2017-02-17 08:52 - 00000000 ____D C:\System.sav
2017-02-17 08:52 - 2017-02-17 08:52 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP Help and Support
2017-02-17 08:51 - 2017-02-17 08:51 - 00000000 ____D C:\Users\Attilio\AppData\Roaming\hpqLog
2017-02-17 08:50 - 2017-03-01 17:13 - 00000000 ____D C:\WINDOWS\System32\Tasks\Hewlett-Packard
2017-02-17 08:50 - 2017-02-17 08:52 - 00000000 ____D C:\Program Files (x86)\Hewlett-Packard
2017-02-15 16:09 - 2017-02-15 16:09 - 00000000 ____D C:\Users\Attilio\Documents\PortalPlus
2017-02-15 16:09 - 2017-02-15 16:09 - 00000000 ____D C:\Users\Attilio\AppData\Roaming\PortalPlus
2017-02-15 16:08 - 2017-02-15 16:08 - 00000000 ____D C:\Users\Attilio\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PortalPlus
2017-02-15 16:08 - 2017-02-15 16:08 - 00000000 ____D C:\Program Files (x86)\PortalPlus
2017-02-11 09:13 - 2017-02-11 09:13 - 00000000 ____D C:\Program Files (x86)\VulkanRT
2017-02-11 09:13 - 2016-12-29 14:10 - 00001951 _____ C:\WINDOWS\NvContainerRecovery.bat
2017-02-11 09:13 - 2016-09-09 19:25 - 00269600 _____ C:\WINDOWS\SysWOW64\vulkan-1.dll
2017-02-11 09:13 - 2016-09-09 19:25 - 00261920 _____ C:\WINDOWS\system32\vulkan-1.dll
2017-02-11 09:13 - 2016-09-09 19:25 - 00110880 _____ C:\WINDOWS\SysWOW64\vulkaninfo.exe
2017-02-11 09:13 - 2016-09-09 19:24 - 00125216 _____ C:\WINDOWS\system32\vulkaninfo.exe
2017-02-10 10:17 - 2017-03-01 16:32 - 00001903 ____R C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Оpеrа.lnk
2017-02-10 10:17 - 2017-02-10 10:17 - 00000000 ____D C:\Users\Attilio\AppData\Roaming\Opera Software
2017-02-01 18:23 - 2017-02-01 18:23 - 00002225 ____N C:\Users\Public\Desktop\Google Earth.lnk
2017-02-01 18:23 - 2017-02-01 18:23 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Earth
==================== Un mois - Modifiés - fichiers et dossiers ========
(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)
2017-03-03 20:56 - 2016-08-31 10:44 - 00000000 ____D C:\ProgramData\NVIDIA
2017-03-03 20:56 - 2016-08-31 10:43 - 00000180 _____ C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2017-03-03 20:56 - 2016-06-22 13:49 - 00000000 __SHD C:\Users\Attilio\IntelGraphicsProfiles
2017-03-03 20:55 - 2016-08-31 11:10 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2017-03-03 20:55 - 2016-07-16 07:04 - 00262144 _____ C:\WINDOWS\system32\config\BBI
2017-03-03 20:52 - 2016-09-12 13:47 - 00000000 ____D C:\Users\Attilio\AppData\Roaming\ZHP
2017-03-03 20:45 - 2016-09-13 09:21 - 00000000 ____D C:\Program Files (x86)\ZHPFix
2017-03-03 20:39 - 2016-11-18 14:41 - 00000000 ____D C:\Users\Attilio\AppData\LocalLow\Mozilla
2017-03-03 19:58 - 2016-08-31 10:39 - 00000000 ____D C:\WINDOWS\system32\SleepStudy
2017-03-03 16:26 - 2016-06-22 20:33 - 00002297 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Gооglе Сhrоmе.lnk
2017-03-03 16:26 - 2015-09-04 04:50 - 00002040 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Моzillа Firеfох.lnk
2017-03-03 16:11 - 2016-11-18 14:40 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2017-03-03 14:01 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\system32\NDF
2017-03-03 10:43 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\AppReadiness
2017-03-03 10:28 - 2017-01-04 13:31 - 00000744 _____ C:\Users\Attilio\Desktop\ZHPCleaner.lnk
2017-03-03 08:55 - 2015-09-04 04:47 - 00000000 __RHD C:\Users\Public\AccountPictures
2017-03-03 08:35 - 2016-06-22 16:52 - 00000000 ____D C:\Users\Attilio\AppData\Local\CrashDumps
2017-03-03 08:03 - 2015-07-10 12:04 - 00000000 ___HD C:\WINDOWS\system32\GroupPolicy
2017-03-02 22:13 - 2016-06-22 15:33 - 00000000 ____D C:\ProgramData\Apple
2017-03-02 17:45 - 2016-06-23 12:50 - 00023040 _____ C:\Users\Attilio\Documents\7-Admin-AA.xlsx
2017-03-02 14:25 - 2016-09-27 09:55 - 00000000 ____D C:\Windows10Upgrade
2017-03-02 13:38 - 2015-12-19 03:41 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2017-03-02 12:05 - 2017-01-11 08:06 - 02748416 _____ C:\Users\Attilio\ZHPCleaner.exe
2017-03-02 12:05 - 2016-08-31 10:48 - 00000000 ____D C:\Users\Attilio
2017-03-02 11:34 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\registration
2017-03-02 10:43 - 2016-06-23 07:28 - 00000000 ____D C:\Users\Attilio\Documents\21 - Maison Pessac
2017-03-02 10:38 - 2016-07-16 12:47 - 00000000 ___HD C:\Program Files\WindowsApps
2017-03-02 10:27 - 2015-09-04 04:50 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2017-03-01 17:24 - 2016-06-23 06:23 - 00000000 ____D C:\Users\Attilio\Documents\20 - Programes Ordi
2017-03-01 17:24 - 2016-06-23 06:12 - 00000000 ____D C:\Users\Attilio\Documents\13 - Programmes Attilio
2017-03-01 17:01 - 2016-06-23 13:34 - 00001318 _____ C:\Users\Attilio\Desktop\ma Livebox.lnk
2017-03-01 16:57 - 2016-08-31 10:39 - 00404168 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2017-03-01 16:56 - 2016-06-23 06:04 - 00000000 ___SD C:\Users\Attilio\Documents\0 - Documents Attilio
2017-03-01 16:32 - 2015-09-04 04:49 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2017-03-01 09:46 - 2016-06-23 06:15 - 00000000 ____D C:\Users\Attilio\Documents\17 - Pêche
2017-02-28 11:32 - 2016-11-21 09:04 - 00000000 ____D C:\Users\Attilio\Documents\Lyd - Alex (projet maison)
2017-02-28 11:08 - 2015-12-19 03:43 - 00000000 ____D C:\ProgramData\Package Cache
2017-02-28 09:50 - 2016-09-03 07:53 - 00485032 ____N (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe
2017-02-27 08:57 - 2016-06-22 19:00 - 00000000 ____D C:\WINDOWS\system32\MRT
2017-02-27 08:54 - 2016-06-22 19:00 - 138020592 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2017-02-27 08:11 - 2016-07-16 12:36 - 00000000 ____D C:\WINDOWS\CbsTemp
2017-02-17 09:28 - 2016-06-22 15:01 - 00000000 ___RD C:\Users\Attilio\Documents\Scanned Documents
2017-02-17 09:11 - 2015-07-10 12:04 - 00000270 _____ C:\WINDOWS\win.ini
2017-02-17 09:07 - 2016-07-16 12:45 - 00000000 ____D C:\WINDOWS\INF
2017-02-15 16:48 - 2016-06-23 06:09 - 00000000 ____D C:\Users\Attilio\Documents\8 - Calculs
2017-02-11 09:13 - 2016-08-31 10:43 - 00000000 ____D C:\Program Files\NVIDIA Corporation
2017-02-11 09:13 - 2015-12-19 03:56 - 00000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2017-02-11 09:04 - 2016-06-23 06:15 - 00000000 ____D C:\Users\Attilio\Documents\16 - Voyages
2017-02-07 11:03 - 2016-06-23 07:55 - 00000000 ____D C:\Users\Attilio\Documents\22 - Factures
2017-02-06 20:48 - 2016-07-16 12:49 - 00835576 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2017-02-06 20:48 - 2016-07-16 12:49 - 00177656 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2017-02-05 14:43 - 2016-08-31 11:10 - 00000000 ____D C:\WINDOWS\System32\Tasks\CareCenter
2017-02-03 20:07 - 2016-08-19 07:16 - 00000000 ____D C:\ProgramData\Oracle
2017-02-03 20:06 - 2016-08-19 07:17 - 00097856 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\WindowsAccessBridge-32.dll
2017-02-03 20:06 - 2016-08-19 07:17 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2017-02-03 20:06 - 2016-08-19 07:16 - 00000000 ____D C:\Program Files (x86)\Java
==================== Fichiers à la racine de certains dossiers =======
2017-03-01 16:36 - 2017-03-01 16:36 - 0126464 _____ () C:\Users\Attilio\AppData\Roaming\lobby.dat
2016-12-13 08:44 - 2016-11-15 16:08 - 0000570 _____ () C:\Users\Attilio\AppData\Local\TroubleshooterConfig.json
2016-08-31 10:42 - 2016-08-31 10:42 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
2017-02-17 09:05 - 2017-02-17 09:12 - 0000832 _____ () C:\ProgramData\hpzinstall.log
Fichiers à déplacer ou supprimer:
====================
C:\Users\Attilio\ZHPCleaner.exe
C:\Users\Attilio\ZHPDiag3.exe
==================== Bamital & volsnap ======================
(Il n'y a pas de correction automatique pour les fichiers qui ne satisfont pas à la vérification.)
C:\WINDOWS\system32\winlogon.exe => Le fichier est signé numériquement
C:\WINDOWS\system32\wininit.exe => Le fichier est signé numériquement
C:\WINDOWS\explorer.exe => Le fichier est signé numériquement
C:\WINDOWS\SysWOW64\explorer.exe => Le fichier est signé numériquement
C:\WINDOWS\system32\svchost.exe => Le fichier est signé numériquement
C:\WINDOWS\SysWOW64\svchost.exe => Le fichier est signé numériquement
C:\WINDOWS\system32\services.exe => Le fichier est signé numériquement
C:\WINDOWS\system32\User32.dll => Le fichier est signé numériquement
C:\WINDOWS\SysWOW64\User32.dll => Le fichier est signé numériquement
C:\WINDOWS\system32\userinit.exe => Le fichier est signé numériquement
C:\WINDOWS\SysWOW64\userinit.exe => Le fichier est signé numériquement
C:\WINDOWS\system32\rpcss.dll => Le fichier est signé numériquement
C:\WINDOWS\system32\dnsapi.dll => Le fichier est signé numériquement
C:\WINDOWS\SysWOW64\dnsapi.dll => Le fichier est signé numériquement
C:\WINDOWS\system32\Drivers\volsnap.sys => Le fichier est signé numériquement
LastRegBack: 2017-03-03 12:26
==================== Fin de FRST.txt ============================
Exécuté par Attilio (administrateur) sur LAPTOP-N43E9LDI (03-03-2017 20:57:41)
Exécuté depuis C:\Users\Attilio\Desktop
Profils chargés: Attilio (Profils disponibles: Attilio)
Platform: Windows 10 Home Version 1607 (X64) Langue: Français (France)
Internet Explorer Version 11 (Navigateur par défaut: Edge)
Mode d'amorçage: Normal
Tutoriel pour Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processus (Avec liste blanche) =================
(Si un élément est inclus dans le fichier fixlist.txt, le processus sera arrêté. Le fichier ne sera pas déplacé.)
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Broadcom Corporation.) C:\Windows\System32\BtwRSupportService.exe
(Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
(Acer Incorporated) C:\Program Files (x86)\Acer\AOP Framework\CCDMonitorService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(Acer Cloud Technology) C:\Program Files (x86)\Acer\AOP Framework\acer\ccd.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
() C:\Windows\System32\igfxTray.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Quick Access\QASvc.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Quick Access\QALSvc.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Quick Access\QAAgent.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Quick Access\QALockHandler.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Quick Access\QAAdminAgent.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Hewlett-Packard Co.) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
(Hewlett-Packard Co.) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqste08.exe
(Hewlett-Packard Co.) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqbam08.exe
(Hewlett-Packard) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgpc01.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerTray.exe
(Intel Corporation) C:\Windows\System32\igfxext.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerEvent.exe
() C:\OEM\Preload\FubTracking\FubTracking.exe
==================== Registre (Avec liste blanche) ====================
(Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé. Le fichier ne sera pas déplacé.)
HKLM\...\Run: [WindowsDefender] => C:\Program Files\Windows Defender\MSASCuiL.exe [631808 2016-09-07] (Microsoft Corporation)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [587288 2016-12-12] (Oracle Corporation)
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe [96056 2013-05-30] (Hewlett-Packard)
HKLM-x32\...\Run: [] => [X]
HKU\S-1-5-21-2394248128-3885229179-4112585846-1001\...\Run: [AcerPortal] => C:\Program Files (x86)\Acer\Acer Portal\AcerPortal.exe [2418392 2016-09-09] (Acer)
HKU\S-1-5-21-2394248128-3885229179-4112585846-1001\...\MountPoints2: {3ab48d30-3c7b-11e6-9bde-1c3947942997} - "E:\MI.exe"
HKU\S-1-5-18\...\Run: [] => [X]
ShellExecuteHooks: Pas de nom - {91B43DB6-F779-11E6-B26C-64006A5CFC23} - C:\Program Files (x86)\Prifuly\Jubetplubiied.dll -> Pas de fichier
ShellIconOverlayIdentifiers: [ ACloudSynced] -> {5CCE71FA-9F61-4F24-9CD1-98D819B40D68} => C:\Program Files (x86)\Acer\shellext\x64\shellext_win.dll [2016-09-09] (Acer Incorporated)
ShellIconOverlayIdentifiers: [ ACloudSyncing] -> {C1E1456F-C2D8-4C96-870D-35F1E13941EE} => C:\Program Files (x86)\Acer\shellext\x64\shellext_win.dll [2016-09-09] (Acer Incorporated)
ShellIconOverlayIdentifiers: [ ACloudToBeSynced] -> {307523FA-DDC0-4068-983F-2A6B34627744} => C:\Program Files (x86)\Acer\shellext\x64\shellext_win.dll [2016-09-09] (Acer Incorporated)
ShellIconOverlayIdentifiers-x32: [ ACloudSynced] -> {5CCE71FA-9F61-4F24-9CD1-98D819B40D68} => C:\Program Files (x86)\Acer\shellext\Win32\shellext_win.dll [2016-09-09] (Acer Incorporated)
ShellIconOverlayIdentifiers-x32: [ ACloudSyncing] -> {C1E1456F-C2D8-4C96-870D-35F1E13941EE} => C:\Program Files (x86)\Acer\shellext\Win32\shellext_win.dll [2016-09-09] (Acer Incorporated)
ShellIconOverlayIdentifiers-x32: [ ACloudToBeSynced] -> {307523FA-DDC0-4068-983F-2A6B34627744} => C:\Program Files (x86)\Acer\shellext\Win32\shellext_win.dll [2016-09-09] (Acer Incorporated)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk [2017-02-17]
ShortcutTarget: HP Digital Imaging Monitor.lnk -> C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe (Hewlett-Packard Co.)
==================== Internet (Avec liste blanche) ====================
(Si un élément est inclus dans le fichier fixlist.txt, s'il s'agit d'un élément du Registre, il sera supprimé ou restauré à la valeur par défaut.)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{a19d1baa-0382-4001-ae4a-28145b180b99}: [DhcpNameServer] 192.168.1.1
Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page =
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKU\S-1-5-21-2394248128-3885229179-4112585846-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://r.orange.fr/r/Oodc_IE_oi_v2?ref=O_OI_defaultPage_IE_odc
SearchScopes: HKU\S-1-5-21-2394248128-3885229179-4112585846-1001 -> {B3056DF7-9679-478E-B6D6-49C0DBDE6B84} URL =
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [2010-03-25] (Microsoft Corporation)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2010-02-28] (Microsoft Corporation)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL [2010-03-25] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_121\bin\ssv.dll [2017-02-03] (Oracle Corporation)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2010-02-28] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_121\bin\jp2ssv.dll [2017-02-03] (Oracle Corporation)
Edge:
======
Edge HomeButtonPage: HKU\S-1-5-21-2394248128-3885229179-4112585846-1001 -> hxxp://www.google.com
FireFox:
========
FF ProfilePath: C:\Users\Attilio\AppData\Roaming\Mozilla\Firefox\Profiles\1wyxytwo.default-1474902429916 [2017-03-03]
FF Homepage: Mozilla\Firefox\Profiles\1wyxytwo.default-1474902429916 -> hxxp://r.orange.fr/r/Oodc_FF_oi_v2?ref=O_OI_defaultPage_FF_odc
FF Extension: (Visualisateur 3D de 20-20) - C:\Users\Attilio\AppData\Roaming\Mozilla\Firefox\Profiles\1wyxytwo.default-1474902429916\Extensions\2020Player_WEB@2020Technologies.com [2016-11-09]
FF Extension: (Français Language Pack) - C:\Users\Attilio\AppData\Roaming\Mozilla\Firefox\Profiles\1wyxytwo.default-1474902429916\Extensions\langpack-fr@firefox.mozilla.org.xpi [2017-01-30]
FF Extension: (Visualisateur 3D de 20-20) - C:\Users\Attilio\AppData\Roaming\Mozilla\Firefox\Profiles\1wyxytwo.default-1474902429916\Extensions\NP_2020Player_IS@2020Technologies.com [2017-02-13]
FF Extension: (ImTranslator) - C:\Users\Attilio\AppData\Roaming\Mozilla\Firefox\Profiles\1wyxytwo.default-1474902429916\Extensions\{9AA46F4F-4DC7-4c06-97AF-5035170634FE}.xpi [2016-12-30]
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_24_0_0_194.dll [2017-01-11] ()
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=2.2.4 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWoW64\Macromed\Flash\NPSWF32_24_0_0_194.dll [2017-01-11] ()
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/pdf -> C:\Program Files (x86)\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [2014-10-20] (Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.fdf -> C:\Program Files (x86)\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [2014-10-20] (Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.xdp -> C:\Program Files (x86)\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [2014-10-20] (Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.xfdf -> C:\Program Files (x86)\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [2014-10-20] (Foxit Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.121.2 -> C:\Program Files (x86)\Java\jre1.8.0_121\bin\dtplugin\npDeployJava1.dll [2017-02-03] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.121.2 -> C:\Program Files (x86)\Java\jre1.8.0_121\bin\plugin2\npjp2.dll [2017-02-03] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2016-12-24] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2016-12-24] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.0.7 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [Pas de fichier]
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll [2016-05-23] ()
FF Plugin HKU\S-1-5-21-2394248128-3885229179-4112585846-1001: @rocketlife.com/RocketLife Secure Plug-In Layer;version=1.0.5 -> C:\Users\Attilio\AppData\Roaming\Visan\plugins\npRLSecurePluginLayer.dll [2011-11-15] (RocketLife, LLP)
FF ExtraCheck: C:\Program Files (x86)\mozilla firefox\browser\defaults\preferences\firefox.js [2017-03-01]
Chrome:
=======
CHR DefaultProfile: ChromeDefaultData
CHR HomePage: ChromeDefaultData -> hxxps://www.google.com/
CHR DefaultSearchURL: ChromeDefaultData -> hxxp://www.youndoo.com/search/?q={searchTerms}&z=263f216152d6b66dbec5c9cgbzab2beceb0g2qaz6g&from=wak&uid=TOSHIBAXMQ01ABD100_X5NRT7IMTXXX5NRT7IMT&type=sp
CHR DefaultSearchKeyword: ChromeDefaultData -> youndoo
CHR Profile: C:\Users\Attilio\AppData\Local\Google\Chrome\User Data\ChromeDefaultData [2017-03-03] <==== ATTENTION
CHR Extension: (Google Docs) - C:\Users\Attilio\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\aohghmighlieiainnegkcijnfilokake [2016-07-12]
CHR Extension: (Google Drive) - C:\Users\Attilio\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-07-12]
CHR Extension: (YouTube) - C:\Users\Attilio\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-07-12]
CHR Extension: (Google Docs hors connexion) - C:\Users\Attilio\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-07-12]
CHR Extension: (Paiements via le Chrome Web Store) - C:\Users\Attilio\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-07-12]
CHR Extension: (Gmail) - C:\Users\Attilio\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-07-12]
CHR Extension: (Chrome Media Router) - C:\Users\Attilio\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2016-09-07]
==================== Services (Avec liste blanche) ====================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
S4 ACDaemon; C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe [113152 2010-03-18] (ArcSoft Inc.)
R2 Apps_Cfg; C:\ProgramData\Apple\Apps\config.dll [115712 2017-03-02] () [Fichier non signé]
R2 BcmBtRSupport; C:\WINDOWS\system32\BtwRSupportService.exe [2278152 2015-12-19] (Broadcom Corporation.)
R2 CCDMonitorService; C:\Program Files (x86)\Acer\AOP Framework\CCDMonitorService.exe [2267352 2016-08-30] (Acer Incorporated)
R2 Dashlane Upgrade Service; C:\Program Files (x86)\Dashlane\Upgrade\DashlaneUpgradeService.exe [75056 2015-06-24] (Dashlane SAS)
S4 Dedicarz Service; C:\Program Files (x86)\Orange\ma Livebox\dedicarz\DedicarzService.exe [1970544 2014-09-15] () [Fichier non signé]
R3 ePowerSvc; C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe [2573568 2015-05-14] (Acer Incorporated)
S2 GamesAppIntegrationService; C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe [350064 2016-05-23] (WildTangent)
S4 GoProDeviceDetectionService; C:\Program Files\GoPro\GoPro Desktop App\GoProDeviceDetection.exe [37808 2016-05-11] ()
R2 HPSLPSVC; C:\Program Files (x86)\HP\Digital Imaging\bin\HPSLPSVC64.DLL [1039360 2011-08-18] (Hewlett-Packard Co.) [Fichier non signé]
S4 HPSupportSolutionsFrameworkService; C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe [31776 2016-12-07] (HP Inc.)
R2 igfxCUIService2.0.0.0; C:\WINDOWS\system32\igfxCUIService.exe [382472 2017-01-25] (Intel Corporation)
S3 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [4355024 2017-01-20] (Malwarebytes)
R2 Net Driver HPZ12; C:\Windows\System32\HPZinw12.dll [71680 2010-08-06] (Hewlett-Packard) [Fichier non signé]
R2 NVDisplay.ContainerLocalSystem; C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe [458176 2016-12-29] (NVIDIA Corporation)
S4 Orange update Core Service; C:\Program Files (x86)\Orange\OrangeUpdate\Service\OUCore.exe [734488 2016-08-29] (Orange SA)
R2 Pml Driver HPZ12; C:\Windows\System32\HPZipm12.dll [89600 2010-08-06] (Hewlett-Packard) [Fichier non signé]
R3 QALSvc; C:\Program Files\Acer\Acer Quick Access\QALSvc.exe [401248 2015-09-04] (Acer Incorporated)
R3 QASvc; C:\Program Files\Acer\Acer Quick Access\QASvc.exe [453984 2015-09-04] (Acer Incorporated)
S4 RichVideo64; C:\Program Files\CyberLink\Shared files\RichVideo64.exe [614664 2015-09-03] (CyberLink)
S3 UEIPSvc; C:\Program Files\Acer\User Experience Improvement Program\Framework\UBTService.exe [247040 2015-05-27] (acer)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [347328 2016-07-16] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [103720 2016-07-16] (Microsoft Corporation)
S4 XperiaCompanionService; C:\Program Files\Sony\Xperia Companion\Service\XperiaCompanionService.exe [2205568 2016-12-22] (Sony)
===================== Pilotes (Avec liste blanche) ======================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
S3 aswTap; C:\WINDOWS\System32\drivers\aswTap.sys [44640 2014-09-05] (The OpenVPN Project)
R3 bcbtums; C:\WINDOWS\system32\drivers\bcbtums.sys [199472 2015-12-19] (Broadcom Corporation.)
R3 BCMWL63A; C:\WINDOWS\system32\DRIVERS\bcmwl63a.sys [11142392 2015-12-19] (Broadcom Corporation)
S3 dot4; C:\WINDOWS\system32\DRIVERS\Dot4.sys [151968 2016-06-24] (Windows (R) Win 7 DDK provider)
S3 Dot4Print; C:\WINDOWS\System32\drivers\Dot4Prt.sys [27040 2016-06-24] (Windows (R) Win 7 DDK provider)
R1 ESProtectionDriver; C:\WINDOWS\system32\drivers\mbae64.sys [77408 2017-02-24] ()
R3 iaLPSS_GPIO; C:\WINDOWS\System32\drivers\iaLPSS_GPIO.sys [46856 2015-06-15] (Intel Corporation)
R3 LMDriver; C:\WINDOWS\System32\drivers\LMDriver.sys [21344 2015-09-04] (Acer Incorporated)
R2 MBAMChameleon; C:\WINDOWS\system32\drivers\MBAMChameleon.sys [186304 2017-03-03] (Malwarebytes)
S3 MBAMFarflt; C:\WINDOWS\system32\drivers\farflt.sys [111544 2017-03-03] (Malwarebytes)
R0 MBAMSwissArmy; C:\WINDOWS\System32\drivers\MBAMSwissArmy.sys [251840 2017-03-03] (Malwarebytes)
S3 MBAMWebProtection; C:\WINDOWS\system32\drivers\mwac.sys [92088 2017-03-03] (Malwarebytes)
S3 NetAdapterCx; C:\WINDOWS\System32\drivers\NetAdapterCx.sys [90624 2016-07-16] ()
R1 NetUtils2016; C:\WINDOWS\system32\drivers\NetUtils2016.sys [909944 2017-03-03] () <==== ATTENTION
R2 npf; C:\WINDOWS\System32\drivers\npf.sys [35344 2011-02-11] (CACE Technologies, Inc.)
R3 nvlddmkm; C:\WINDOWS\System32\DriverStore\FileRepository\nvacwu.inf_amd64_31f4ef4821269ebb\nvlddmkm.sys [14190520 2017-01-17] (NVIDIA Corporation)
R3 RadioShim; C:\WINDOWS\System32\drivers\RadioShim.sys [14688 2015-09-04] (Acer Incorporated)
R3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [887552 2015-07-15] (Realtek )
R3 RTSPER; C:\WINDOWS\system32\DRIVERS\RtsPer.sys [752856 2015-05-29] (Realsil Semiconductor Corporation)
R3 SynRMIHID; C:\WINDOWS\system32\DRIVERS\SynRMIHID.sys [51368 2015-05-11] (Synaptics Incorporated)
U3 TrueSight; C:\Windows\System32\drivers\TrueSight.sys [28272 2017-03-03] ()
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [44056 2016-07-16] (Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [290144 2016-07-16] (Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [123232 2016-07-16] (Microsoft Corporation)
S3 catchme; \??\C:\Users\Attilio\AppData\Local\Temp\catchmegnqc.sys [X] <==== ATTENTION
==================== NetSvcs (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
==================== Un mois - Créés - fichiers et dossiers ========
(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)
2017-03-03 20:57 - 2017-03-03 20:59 - 00019599 _____ C:\Users\Attilio\Desktop\FRST.txt
2017-03-03 20:52 - 2017-03-03 20:52 - 00002118 _____ C:\Users\Attilio\Desktop\ZHPFixReport.txt
2017-03-03 20:48 - 2017-03-03 20:45 - 00002151 _____ C:\Users\Attilio\Desktop\ScriptZHPFix.txt
2017-03-03 20:45 - 2017-03-03 20:45 - 00001926 _____ C:\Users\Public\Desktop\ZHPFix.lnk
2017-03-03 20:45 - 2017-03-03 20:45 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ZHP
2017-03-03 20:40 - 2017-03-03 20:37 - 03521617 _____ (Nicolas Coolman ) C:\Users\Attilio\Downloads\ZHPFix.exe
2017-03-03 13:18 - 2017-03-03 13:18 - 00000000 ____D C:\zoek
2017-03-03 12:53 - 2017-03-03 13:19 - 00003397 _____ C:\runcheck.txt
2017-03-03 12:39 - 2017-03-03 12:30 - 01663736 _____ (Malwarebytes) C:\Users\Attilio\Downloads\JRT.exe
2017-03-03 10:54 - 2017-03-03 20:58 - 00000000 _____ C:\Users\Public\Documents\temp.dat
2017-03-03 10:43 - 2017-03-02 22:21 - 04031440 _____ C:\Users\Attilio\Desktop\adwcleaner_6.044.exe
2017-03-03 10:41 - 2017-03-03 10:50 - 00000000 ____D C:\Program Files\5lp7tumu
2017-03-03 10:41 - 2017-03-03 10:41 - 00000000 ____D C:\Users\Attilio\AppData\Roaming\Kyubey
2017-03-03 08:54 - 2017-03-03 08:58 - 00000000 ____D C:\Users\TEMP
2017-03-03 08:54 - 2017-03-03 08:54 - 00000000 ____D C:\Users\TEMP\AppData\Local\acer
2017-03-03 08:35 - 2017-03-03 08:35 - 00251840 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\254977EB.sys
2017-03-03 08:26 - 2017-03-03 08:26 - 00186304 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMChameleon.sys
2017-03-03 08:26 - 2017-03-03 08:26 - 00111544 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\farflt.sys
2017-03-03 08:26 - 2017-03-03 08:26 - 00092088 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mwac.sys
2017-03-03 08:26 - 2017-03-03 08:26 - 00043968 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbam.sys
2017-03-03 08:25 - 2017-03-03 16:31 - 00251840 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2017-03-03 08:25 - 2017-03-03 08:25 - 00001916 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2017-03-03 08:25 - 2017-03-03 08:25 - 00000000 ____D C:\ProgramData\Malwarebytes
2017-03-03 08:25 - 2017-02-24 06:23 - 00077408 _____ C:\WINDOWS\system32\Drivers\mbae64.sys
2017-03-03 08:23 - 2017-03-03 07:50 - 57131432 _____ (Malwarebytes ) C:\Users\Attilio\Downloads\mb3-setup-consumer-3.0.6.1469-1075.exe
2017-03-03 08:22 - 2017-03-03 20:56 - 00625272 _____ C:\WINDOWS\system32\NetUtils2016.dll
2017-03-03 08:11 - 2017-03-03 08:11 - 00000000 ____D C:\Program Files\Malwarebytes
2017-03-03 07:29 - 2017-03-03 11:47 - 00028272 _____ C:\WINDOWS\system32\Drivers\TrueSight.sys
2017-03-03 07:28 - 2017-03-03 08:08 - 00000000 ____D C:\ProgramData\RogueKiller
2017-03-03 07:28 - 2017-03-03 07:28 - 00000903 _____ C:\Users\Public\Desktop\RogueKiller.lnk
2017-03-03 07:28 - 2017-03-03 07:28 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RogueKiller
2017-03-03 07:28 - 2017-03-03 07:28 - 00000000 ____D C:\Program Files\RogueKiller
2017-03-03 07:24 - 2017-03-03 07:16 - 34885984 _____ (Adlice Software ) C:\Users\Attilio\Downloads\setup.exe
2017-03-02 22:21 - 2017-03-03 10:50 - 00000000 ____D C:\AdwCleaner
2017-03-02 22:20 - 2017-03-02 22:21 - 04031440 _____ C:\Users\Attilio\Downloads\adwcleaner_6.044.exe
2017-03-02 22:15 - 2017-03-03 10:36 - 00000000 ____D C:\WINDOWS\system32\log
2017-03-02 22:13 - 2017-03-02 22:14 - 00000000 _____ C:\WINDOWS\SysWOW64\4
2017-03-02 22:13 - 2017-03-02 22:14 - 00000000 _____ C:\WINDOWS\SysWOW64\3
2017-03-02 22:13 - 2017-03-02 22:13 - 00002219 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2017-03-02 22:13 - 2017-03-02 22:13 - 00000000 ____D C:\Users\Attilio\AppData\Local\Legass
2017-03-02 22:12 - 2017-03-02 22:12 - 00000382 _____ C:\WINDOWS\SysWOW64\data.bin
2017-03-02 22:12 - 2017-03-02 22:12 - 00000000 ____D C:\Program Files (x86)\Legass
2017-03-02 22:00 - 2017-03-03 13:19 - 00000000 ____D C:\zoek_backup
2017-03-02 21:58 - 2017-03-02 22:00 - 01309184 _____ C:\Users\Attilio\Downloads\zoek.exe
2017-03-02 17:39 - 2017-03-03 10:50 - 00000000 ____D C:\Program Files (x86)\Prifuly
2017-03-02 16:32 - 2017-03-03 20:57 - 00000000 ____D C:\FRST
2017-03-02 16:31 - 2017-03-02 16:31 - 02423808 _____ (Farbar) C:\Users\Attilio\Desktop\FRST64.exe
2017-03-02 16:30 - 2017-03-02 16:30 - 02423808 _____ (Farbar) C:\Users\Attilio\Downloads\FRST64.exe
2017-03-02 16:12 - 2017-03-02 16:12 - 00315000 _____ C:\Users\Attilio\Downloads\winchk_2.0.exe
2017-03-02 16:12 - 2017-03-02 16:12 - 00000738 _____ C:\WinChk.txt
2017-03-02 14:03 - 2017-03-03 16:50 - 00000000 ____D C:\Users\Attilio\Documents\zzz-Repar
2017-03-02 13:04 - 2017-03-03 19:12 - 00000871 _____ C:\Users\Attilio\Desktop\ZHPDiag.lnk
2017-03-02 13:04 - 2017-03-02 13:04 - 00000864 _____ C:\Users\Attilio\Desktop\ZHPLite.lnk
2017-03-02 13:00 - 2017-03-02 13:04 - 01496576 _____ C:\Users\Attilio\Downloads\ZHPlite.exe
2017-03-02 12:59 - 2017-03-02 13:04 - 02707456 _____ C:\Users\Attilio\Downloads\ZHPDiag3.exe
2017-03-01 18:00 - 2017-03-02 12:00 - 00000000 ____D C:\Users\Attilio\AppData\Roaming\vlc
2017-03-01 17:29 - 2017-03-03 10:49 - 00000848 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2017-03-01 17:01 - 2017-03-01 17:15 - 00002990 _____ C:\WINDOWS\System32\Tasks\maLivebox
2017-03-01 16:36 - 2017-03-01 16:36 - 00126464 _____ C:\Users\Attilio\AppData\Roaming\lobby.dat
2017-03-01 16:25 - 2017-03-03 10:36 - 00909944 _____ C:\WINDOWS\system32\Drivers\NetUtils2016.sys
2017-03-01 16:25 - 2017-03-01 16:25 - 00000000 ____D C:\WINDOWS\system32\sstmp
2017-03-01 16:21 - 2017-03-01 16:22 - 00000000 ____D C:\Users\Default\AppData\Local\AdvinstAnalytics
2017-03-01 16:21 - 2017-03-01 16:22 - 00000000 ____D C:\Users\Default User\AppData\Local\AdvinstAnalytics
2017-03-01 16:20 - 2017-03-03 16:26 - 00000000 ____D C:\Program Files (x86)\Araochstjuther Host
2017-03-01 16:20 - 2017-03-01 16:21 - 00000000 ____D C:\Users\Attilio\AppData\Local\Ugerlygregock
2017-03-01 16:19 - 2017-03-01 16:51 - 00000000 ____D C:\WINDOWS\system32\SSL
2017-02-28 11:14 - 2017-02-28 11:14 - 00000000 ____D C:\Users\Attilio\AppData\Roaming\Trimble Connect for SketchUp
2017-02-28 11:10 - 2017-02-28 11:10 - 00000000 ____D C:\ProgramData\Reprise
2017-02-27 17:48 - 2017-02-27 17:49 - 00000294 _____ C:\Users\Attilio\Documents\Capture_mp4.mrk
2017-02-27 08:20 - 2017-03-03 08:21 - 00000372 _____ C:\WINDOWS\Tasks\HPCeeScheduleForAttilio.job
2017-02-27 08:20 - 2017-03-03 08:20 - 00003272 _____ C:\WINDOWS\System32\Tasks\HPCeeScheduleForAttilio
2017-02-27 08:20 - 2017-02-27 08:20 - 00000000 ____D C:\Users\Attilio\AppData\Local\HP_Development_Company,_L
2017-02-22 19:59 - 2017-02-22 19:59 - 03079878 _____ C:\WINDOWS\cc31da482a1eb60fb1933ba24f3540fd.exe
2017-02-17 13:55 - 2017-02-17 13:55 - 00000000 ____D C:\Program Files\VideoLAN
2017-02-17 11:00 - 2017-02-17 11:00 - 00002069 ____N C:\Users\Attilio\Desktop\CyberLink PowerDirector 14.lnk
2017-02-17 10:01 - 2017-03-01 16:57 - 00000446 _____ C:\WINDOWS\Tasks\HP Photo Creations Communicator.job
2017-02-17 10:01 - 2017-02-17 10:20 - 00000000 ___RD C:\Users\Attilio\Documents\RocketLifeNetwork
2017-02-17 10:01 - 2017-02-17 10:20 - 00000000 ____D C:\Users\Attilio\AppData\Roaming\HP Photo Creations
2017-02-17 10:01 - 2017-02-17 10:01 - 00003526 _____ C:\WINDOWS\System32\Tasks\HP Photo Creations Communicator
2017-02-17 10:01 - 2017-02-17 10:01 - 00002183 ____N C:\Users\Attilio\Desktop\HP Photo Creations.lnk
2017-02-17 10:01 - 2017-02-17 10:01 - 00000000 ____D C:\Users\Attilio\AppData\Roaming\Visan
2017-02-17 10:01 - 2017-02-17 10:01 - 00000000 ____D C:\Users\Attilio\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\HP
2017-02-17 10:01 - 2017-02-17 10:01 - 00000000 ____D C:\Users\Attilio\AppData\Local\RLPlatform
2017-02-17 09:50 - 2017-02-28 10:16 - 00000000 ____D C:\Users\Attilio\Documents\Mes numérisations
2017-02-17 09:14 - 2017-02-17 09:14 - 00000000 ____D C:\Users\Attilio\AppData\Local\HP
2017-02-17 09:12 - 2017-02-17 09:14 - 00000000 ____D C:\Users\Attilio\AppData\Roaming\HP
2017-02-17 09:12 - 2017-02-17 09:12 - 00000000 ____D C:\ProgramData\WEBREG
2017-02-17 09:10 - 2017-02-27 08:08 - 00000000 ____D C:\Users\Attilio\AppData\Roaming\HpUpdate
2017-02-17 09:10 - 2017-02-17 09:10 - 00000000 ____D C:\WINDOWS\SysWOW64\spool
2017-02-17 09:09 - 2017-02-17 09:11 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP
2017-02-17 09:09 - 2017-02-17 09:09 - 00001496 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Centre de solutions HP.lnk
2017-02-17 09:09 - 2017-02-17 09:09 - 00001490 ____N C:\Users\Public\Desktop\Centre de solutions HP.lnk
2017-02-17 09:09 - 2017-02-17 09:09 - 00001110 ____N C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Enregistrement OCR I.R.I.S..lnk
2017-02-17 09:09 - 2017-02-17 09:09 - 00000000 ____D C:\ProgramData\HP Product Assistant
2017-02-17 09:07 - 2017-02-17 09:10 - 00000000 ____D C:\Program Files (x86)\HP
2017-02-17 09:05 - 2017-02-17 09:13 - 00000000 ____D C:\ProgramData\HP
2017-02-17 09:05 - 2017-02-17 09:12 - 00218335 _____ C:\WINDOWS\hpoins19.dat
2017-02-17 09:05 - 2012-10-14 13:03 - 00015561 ____N C:\WINDOWS\hpomdl19.dat
2017-02-17 09:02 - 2017-02-17 09:36 - 00000000 ____D C:\Users\Attilio\AppData\Local\Hewlett-Packard
2017-02-17 08:58 - 2017-02-17 08:58 - 00000000 ____D C:\Users\Attilio\AppData\Roaming\Hewlett-Packard
2017-02-17 08:52 - 2017-03-01 17:13 - 00000000 ____D C:\ProgramData\Hewlett-Packard
2017-02-17 08:52 - 2017-02-17 08:52 - 00000000 ____D C:\System.sav
2017-02-17 08:52 - 2017-02-17 08:52 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP Help and Support
2017-02-17 08:51 - 2017-02-17 08:51 - 00000000 ____D C:\Users\Attilio\AppData\Roaming\hpqLog
2017-02-17 08:50 - 2017-03-01 17:13 - 00000000 ____D C:\WINDOWS\System32\Tasks\Hewlett-Packard
2017-02-17 08:50 - 2017-02-17 08:52 - 00000000 ____D C:\Program Files (x86)\Hewlett-Packard
2017-02-15 16:09 - 2017-02-15 16:09 - 00000000 ____D C:\Users\Attilio\Documents\PortalPlus
2017-02-15 16:09 - 2017-02-15 16:09 - 00000000 ____D C:\Users\Attilio\AppData\Roaming\PortalPlus
2017-02-15 16:08 - 2017-02-15 16:08 - 00000000 ____D C:\Users\Attilio\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PortalPlus
2017-02-15 16:08 - 2017-02-15 16:08 - 00000000 ____D C:\Program Files (x86)\PortalPlus
2017-02-11 09:13 - 2017-02-11 09:13 - 00000000 ____D C:\Program Files (x86)\VulkanRT
2017-02-11 09:13 - 2016-12-29 14:10 - 00001951 _____ C:\WINDOWS\NvContainerRecovery.bat
2017-02-11 09:13 - 2016-09-09 19:25 - 00269600 _____ C:\WINDOWS\SysWOW64\vulkan-1.dll
2017-02-11 09:13 - 2016-09-09 19:25 - 00261920 _____ C:\WINDOWS\system32\vulkan-1.dll
2017-02-11 09:13 - 2016-09-09 19:25 - 00110880 _____ C:\WINDOWS\SysWOW64\vulkaninfo.exe
2017-02-11 09:13 - 2016-09-09 19:24 - 00125216 _____ C:\WINDOWS\system32\vulkaninfo.exe
2017-02-10 10:17 - 2017-03-01 16:32 - 00001903 ____R C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Оpеrа.lnk
2017-02-10 10:17 - 2017-02-10 10:17 - 00000000 ____D C:\Users\Attilio\AppData\Roaming\Opera Software
2017-02-01 18:23 - 2017-02-01 18:23 - 00002225 ____N C:\Users\Public\Desktop\Google Earth.lnk
2017-02-01 18:23 - 2017-02-01 18:23 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Earth
==================== Un mois - Modifiés - fichiers et dossiers ========
(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)
2017-03-03 20:56 - 2016-08-31 10:44 - 00000000 ____D C:\ProgramData\NVIDIA
2017-03-03 20:56 - 2016-08-31 10:43 - 00000180 _____ C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2017-03-03 20:56 - 2016-06-22 13:49 - 00000000 __SHD C:\Users\Attilio\IntelGraphicsProfiles
2017-03-03 20:55 - 2016-08-31 11:10 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2017-03-03 20:55 - 2016-07-16 07:04 - 00262144 _____ C:\WINDOWS\system32\config\BBI
2017-03-03 20:52 - 2016-09-12 13:47 - 00000000 ____D C:\Users\Attilio\AppData\Roaming\ZHP
2017-03-03 20:45 - 2016-09-13 09:21 - 00000000 ____D C:\Program Files (x86)\ZHPFix
2017-03-03 20:39 - 2016-11-18 14:41 - 00000000 ____D C:\Users\Attilio\AppData\LocalLow\Mozilla
2017-03-03 19:58 - 2016-08-31 10:39 - 00000000 ____D C:\WINDOWS\system32\SleepStudy
2017-03-03 16:26 - 2016-06-22 20:33 - 00002297 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Gооglе Сhrоmе.lnk
2017-03-03 16:26 - 2015-09-04 04:50 - 00002040 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Моzillа Firеfох.lnk
2017-03-03 16:11 - 2016-11-18 14:40 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2017-03-03 14:01 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\system32\NDF
2017-03-03 10:43 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\AppReadiness
2017-03-03 10:28 - 2017-01-04 13:31 - 00000744 _____ C:\Users\Attilio\Desktop\ZHPCleaner.lnk
2017-03-03 08:55 - 2015-09-04 04:47 - 00000000 __RHD C:\Users\Public\AccountPictures
2017-03-03 08:35 - 2016-06-22 16:52 - 00000000 ____D C:\Users\Attilio\AppData\Local\CrashDumps
2017-03-03 08:03 - 2015-07-10 12:04 - 00000000 ___HD C:\WINDOWS\system32\GroupPolicy
2017-03-02 22:13 - 2016-06-22 15:33 - 00000000 ____D C:\ProgramData\Apple
2017-03-02 17:45 - 2016-06-23 12:50 - 00023040 _____ C:\Users\Attilio\Documents\7-Admin-AA.xlsx
2017-03-02 14:25 - 2016-09-27 09:55 - 00000000 ____D C:\Windows10Upgrade
2017-03-02 13:38 - 2015-12-19 03:41 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2017-03-02 12:05 - 2017-01-11 08:06 - 02748416 _____ C:\Users\Attilio\ZHPCleaner.exe
2017-03-02 12:05 - 2016-08-31 10:48 - 00000000 ____D C:\Users\Attilio
2017-03-02 11:34 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\registration
2017-03-02 10:43 - 2016-06-23 07:28 - 00000000 ____D C:\Users\Attilio\Documents\21 - Maison Pessac
2017-03-02 10:38 - 2016-07-16 12:47 - 00000000 ___HD C:\Program Files\WindowsApps
2017-03-02 10:27 - 2015-09-04 04:50 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2017-03-01 17:24 - 2016-06-23 06:23 - 00000000 ____D C:\Users\Attilio\Documents\20 - Programes Ordi
2017-03-01 17:24 - 2016-06-23 06:12 - 00000000 ____D C:\Users\Attilio\Documents\13 - Programmes Attilio
2017-03-01 17:01 - 2016-06-23 13:34 - 00001318 _____ C:\Users\Attilio\Desktop\ma Livebox.lnk
2017-03-01 16:57 - 2016-08-31 10:39 - 00404168 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2017-03-01 16:56 - 2016-06-23 06:04 - 00000000 ___SD C:\Users\Attilio\Documents\0 - Documents Attilio
2017-03-01 16:32 - 2015-09-04 04:49 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2017-03-01 09:46 - 2016-06-23 06:15 - 00000000 ____D C:\Users\Attilio\Documents\17 - Pêche
2017-02-28 11:32 - 2016-11-21 09:04 - 00000000 ____D C:\Users\Attilio\Documents\Lyd - Alex (projet maison)
2017-02-28 11:08 - 2015-12-19 03:43 - 00000000 ____D C:\ProgramData\Package Cache
2017-02-28 09:50 - 2016-09-03 07:53 - 00485032 ____N (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe
2017-02-27 08:57 - 2016-06-22 19:00 - 00000000 ____D C:\WINDOWS\system32\MRT
2017-02-27 08:54 - 2016-06-22 19:00 - 138020592 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2017-02-27 08:11 - 2016-07-16 12:36 - 00000000 ____D C:\WINDOWS\CbsTemp
2017-02-17 09:28 - 2016-06-22 15:01 - 00000000 ___RD C:\Users\Attilio\Documents\Scanned Documents
2017-02-17 09:11 - 2015-07-10 12:04 - 00000270 _____ C:\WINDOWS\win.ini
2017-02-17 09:07 - 2016-07-16 12:45 - 00000000 ____D C:\WINDOWS\INF
2017-02-15 16:48 - 2016-06-23 06:09 - 00000000 ____D C:\Users\Attilio\Documents\8 - Calculs
2017-02-11 09:13 - 2016-08-31 10:43 - 00000000 ____D C:\Program Files\NVIDIA Corporation
2017-02-11 09:13 - 2015-12-19 03:56 - 00000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2017-02-11 09:04 - 2016-06-23 06:15 - 00000000 ____D C:\Users\Attilio\Documents\16 - Voyages
2017-02-07 11:03 - 2016-06-23 07:55 - 00000000 ____D C:\Users\Attilio\Documents\22 - Factures
2017-02-06 20:48 - 2016-07-16 12:49 - 00835576 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2017-02-06 20:48 - 2016-07-16 12:49 - 00177656 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2017-02-05 14:43 - 2016-08-31 11:10 - 00000000 ____D C:\WINDOWS\System32\Tasks\CareCenter
2017-02-03 20:07 - 2016-08-19 07:16 - 00000000 ____D C:\ProgramData\Oracle
2017-02-03 20:06 - 2016-08-19 07:17 - 00097856 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\WindowsAccessBridge-32.dll
2017-02-03 20:06 - 2016-08-19 07:17 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2017-02-03 20:06 - 2016-08-19 07:16 - 00000000 ____D C:\Program Files (x86)\Java
==================== Fichiers à la racine de certains dossiers =======
2017-03-01 16:36 - 2017-03-01 16:36 - 0126464 _____ () C:\Users\Attilio\AppData\Roaming\lobby.dat
2016-12-13 08:44 - 2016-11-15 16:08 - 0000570 _____ () C:\Users\Attilio\AppData\Local\TroubleshooterConfig.json
2016-08-31 10:42 - 2016-08-31 10:42 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
2017-02-17 09:05 - 2017-02-17 09:12 - 0000832 _____ () C:\ProgramData\hpzinstall.log
Fichiers à déplacer ou supprimer:
====================
C:\Users\Attilio\ZHPCleaner.exe
C:\Users\Attilio\ZHPDiag3.exe
==================== Bamital & volsnap ======================
(Il n'y a pas de correction automatique pour les fichiers qui ne satisfont pas à la vérification.)
C:\WINDOWS\system32\winlogon.exe => Le fichier est signé numériquement
C:\WINDOWS\system32\wininit.exe => Le fichier est signé numériquement
C:\WINDOWS\explorer.exe => Le fichier est signé numériquement
C:\WINDOWS\SysWOW64\explorer.exe => Le fichier est signé numériquement
C:\WINDOWS\system32\svchost.exe => Le fichier est signé numériquement
C:\WINDOWS\SysWOW64\svchost.exe => Le fichier est signé numériquement
C:\WINDOWS\system32\services.exe => Le fichier est signé numériquement
C:\WINDOWS\system32\User32.dll => Le fichier est signé numériquement
C:\WINDOWS\SysWOW64\User32.dll => Le fichier est signé numériquement
C:\WINDOWS\system32\userinit.exe => Le fichier est signé numériquement
C:\WINDOWS\SysWOW64\userinit.exe => Le fichier est signé numériquement
C:\WINDOWS\system32\rpcss.dll => Le fichier est signé numériquement
C:\WINDOWS\system32\dnsapi.dll => Le fichier est signé numériquement
C:\WINDOWS\SysWOW64\dnsapi.dll => Le fichier est signé numériquement
C:\WINDOWS\system32\Drivers\volsnap.sys => Le fichier est signé numériquement
LastRegBack: 2017-03-03 12:26
==================== Fin de FRST.txt ============================