cjoint

Publicité


Publicité

Format du document : text/plain

Prévisualisation

Résultats d'analyse de Farbar Recovery Scan Tool (FRST) (x64) Version: 16-10-2017
Exécuté par AA (administrateur) sur AA-DELL (17-10-2017 18:49:33)
Exécuté depuis D:\test
Profils chargés: AA & UpdatusUser (Profils disponibles: AA & UpdatusUser)
Platform: Windows 7 Professional Service Pack 1 (X64) Langue: Français (France)
Internet Explorer Version 10 (Navigateur par défaut: Chrome)
Mode d'amorçage: Normal
Tutoriel pour Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processus (Avec liste blanche) =================

(Si un élément est inclus dans le fichier fixlist.txt, le processus sera arrêté. Le fichier ne sera pas déplacé.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(LSI Corporation) C:\Program Files\LSI SoftModem\agr64svc.exe
(cFos Software GmbH) C:\Program Files\cFosSpeed\spd.exe
(ESET) C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe
(Firebird Project) C:\Program Files (x86)\Firebird\Firebird_2_5\bin\fbguard.exe
() C:\Program Files\CyberLink\Shared files\RichVideo64.exe
(@ByELDI) C:\Program Files\KMSpico\Service_KMS.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(Atheros) C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\Ath_CoexAgent.exe
(Atheros) C:\Program Files (x86)\Dell Wireless\Ath_WlanAgent.exe
(Highresolution Enterprises) D:\X-Mouse Button portable\64bit (x64)\XMouseButtonControl.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(ESET) C:\Program Files\ESET\ESET Smart Security\egui.exe
(cFos Software GmbH) C:\Program Files\cFosSpeed\cfosspeed.exe
() C:\Program Files\Everything\Everything.exe
(Microsoft Corporation) C:\Windows\System32\alg.exe
() C:\Program Files (x86)\MailBell\mailbell.exe
(Firebird Project) C:\Program Files (x86)\Firebird\Firebird_2_5\bin\fbserver.exe
(Learnpulse) C:\Users\AA\AppData\Local\Learnpulse\Screenpresso\Screenpresso.exe
(GP Software) C:\Program Files\GPSoftware\Directory Opus\dopusrt.exe
(Thornsoft Development, Inc.) D:\ClipMatePortable\ClipMatePortable.exe
(Emurasoft, Inc.) D:\EmEditor64 portable\emedtray.exe
(Thornsoft Development, Inc.) D:\ClipMatePortable\app\ClipMate\clipmate.exe
(GP Software) C:\Program Files\GPSoftware\Directory Opus\dopus.exe
(Think Less Do More Software) C:\Program Files (x86)\Ava Find 1.5.2\avafind.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\tv_w32.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\tv_x64.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.5\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.5\GoogleCrashHandler64.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe

==================== Registre (Avec liste blanche) ===========================

(Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé. Le fichier ne sera pas déplacé.)

HKLM\...\Run: [XMouseButtonControl] => D:\X-Mouse Button portable\64bit (x64)\XMouseButtonControl.exe [1486872 2017-02-07] (Highresolution Enterprises)
HKLM\...\Run: [egui] => C:\Program Files\ESET\ESET Smart Security\egui.exe [5595848 2015-01-28] (ESET)
HKLM\...\Run: [cFosSpeed] => C:\Program Files\cFosSpeed\cFosSpeed.exe [2088872 2015-09-09] (cFos Software GmbH)
HKLM\...\Run: [Everything] => C:\Program Files\Everything\Everything.exe [2197608 2017-06-06] ()
HKLM-x32\...\Run: [AvaFind] => C:\Program Files (x86)\Ava Find 1.5.2\avafind.exe [845824 2011-01-27] (Think Less Do More Software)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [271744 2015-04-10] (Oracle Corporation)
HKU\S-1-5-21-3011588200-1267134657-3290014790-1001\ DisallowedCertificates: 9AAF24A4D6CA8CCDF64BBF916CBC77512A9B0CA7 (U)
HKU\S-1-5-21-3011588200-1267134657-3290014790-1001\...\Run: [Mailbell] => C:\Program Files (x86)\MailBell\mailbell.exe [1729536 2016-07-26] ()
HKU\S-1-5-21-3011588200-1267134657-3290014790-1001\...\Run: [Screenpresso] => C:\Users\AA\AppData\Local\Learnpulse\Screenpresso\Screenpresso.exe [12349024 2016-03-05] (Learnpulse)
HKU\S-1-5-21-3011588200-1267134657-3290014790-1001\...\Run: [Directory Opus Desktop Dblclk] => C:\Program Files\GPSoftware\Directory Opus\dopusrt.exe [694128 2017-06-09] (GP Software)
HKU\S-1-5-21-3011588200-1267134657-3290014790-1001\...\Policies\Explorer: [NoLowDiskSpaceChecks] 1
HKU\S-1-5-21-3011588200-1267134657-3290014790-1001\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\system32\Mystify.scr [242688 2010-11-20] (Microsoft Corporation)
ShellExecuteHooks: Directory Opus Shell Execute Hook - {3CF9ECE0-1A9F-11D2-8C73-00C06C2005DE} - C:\Program Files\GPSoftware\Directory Opus\dopuslib.dll [1809776 2017-06-09] (GP Software)
ShellExecuteHooks-x32: Directory Opus Shell Execute Hook - {EE761688-C137-4b04-8FAB-3C9CDF0886F0} - C:\Program Files\GPSoftware\Directory Opus\dopuslib32.dll [381296 2017-06-09] (GP Software)
Startup: C:\Users\AA\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Directory Opus (Démarrage).lnk [2014-04-12]
ShortcutTarget: Directory Opus (Démarrage).lnk -> C:\Program Files\GPSoftware\Directory Opus\dopus.exe (GP Software)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Clipmate.lnk [2017-02-17]
ShortcutTarget: Clipmate.lnk -> D:\ClipMatePortable\ClipMatePortable.exe (Thornsoft Development, Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\EmEditor.lnk [2016-11-01]
ShortcutTarget: EmEditor.lnk -> D:\EmEditor64 portable\emedtray.exe (Emurasoft, Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\WinPatrol.lnk [2015-05-19]
ShortcutTarget: WinPatrol.lnk -> D:\WinPatrol Plus Portable\WinPatrol.exe (Pas de fichier)
GroupPolicy: Restriction - Chrome <==== ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION

==================== Internet (Avec liste blanche) ====================

(Si un élément est inclus dans le fichier fixlist.txt, s'il s'agit d'un élément du Registre, il sera supprimé ou restauré à la valeur par défaut.)

Hosts: Il y a plus d'un élément dans hosts. Voir la section Hosts de Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{2547D503-CA09-4F9A-8BC1-4035E164E011}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{29CC41DB-33A3-4F23-A11F-574B8CF12AFE}: [NameServer] 8.8.8.8,8.8.4.4,4.2.2.1,4.2.2.2,208.67.222.222,208.67.220.220,8.26.56.26,8.20.247.20,156.154.70.1,156.154.71.1

Internet Explorer:
==================
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [2011-02-12] (Microsoft Corporation)
BHO: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\x64\AcroIEFavClient.dll [2013-09-05] (Adobe Systems Incorporated)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2010-12-21] (Microsoft Corporation)
BHO: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\x64\AcroIEFavClient.dll [2013-09-05] (Adobe Systems Incorporated)
BHO-x32: BitComet Helper -> {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} -> D:\BitComet portable (torrent)\tools\bitcometbho.dll [2013-11-29] (BitComet)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL [2011-02-12] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2017-07-03] (Oracle Corporation)
BHO-x32: CIESpeechBHO Class -> {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} -> C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\IEPlugIn.dll [2011-12-29] (Atheros Commnucations)
BHO-x32: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll [2013-09-05] (Adobe Systems Incorporated)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2010-12-21] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2017-07-03] (Oracle Corporation)
BHO-x32: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll [2013-09-05] (Adobe Systems Incorporated)
Toolbar: HKLM - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\x64\AcroIEFavClient.dll [2013-09-05] (Adobe Systems Incorporated)
Toolbar: HKLM-x32 - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll [2013-09-05] (Adobe Systems Incorporated)
Toolbar: HKU\S-1-5-21-3011588200-1267134657-3290014790-1001 -> Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\x64\AcroIEFavClient.dll [2013-09-05] (Adobe Systems Incorporated)
Handler: WSAMVCUchrome - Pas de valeur CLSID

FireFox:
========
FF DefaultProfile: i53tw0k5.default
FF ProfilePath: C:\Users\AA\AppData\Roaming\Mozilla\Firefox\Profiles\i53tw0k5.default [2017-10-17]
FF Homepage: Mozilla\Firefox\Profiles\i53tw0k5.default -> hxxps://www.google.ca/
FF Extension: (Search Shield Study) - C:\Users\AA\AppData\Roaming\Mozilla\Firefox\Profiles\i53tw0k5.default\Extensions\@unified-urlbar-shield-study-opt-out-new-users.xpi [2017-10-13]
FF Extension: (Ant Video Downloader) - C:\Users\AA\AppData\Roaming\Mozilla\Firefox\Profiles\i53tw0k5.default\Extensions\anttoolbar@ant.com [2017-10-17]
FF Extension: (Duplicate This Tab) - C:\Users\AA\AppData\Roaming\Mozilla\Firefox\Profiles\i53tw0k5.default\Extensions\duplicate-this-tab@mozilla.org.xpi [2017-10-13]
FF Extension: (Duplicate in Tab Context Menu) - C:\Users\AA\AppData\Roaming\Mozilla\Firefox\Profiles\i53tw0k5.default\Extensions\DuplicateInTabContext@schuzak.jp.xpi [2017-10-13]
FF Extension: (Wiktionary and Google Translate) - C:\Users\AA\AppData\Roaming\Mozilla\Firefox\Profiles\i53tw0k5.default\Extensions\googledictionary@toptip.ca.xpi [2017-10-13]
FF Extension: (S3.Google Translator) - C:\Users\AA\AppData\Roaming\Mozilla\Firefox\Profiles\i53tw0k5.default\Extensions\s3google@translator.xpi [2017-10-13]
FF Extension: (Safe Browsing Version 4 (temporary add-on)) - C:\Users\AA\AppData\Roaming\Mozilla\Firefox\Profiles\i53tw0k5.default\Extensions\sbv4-gradual-rollout@mozilla.com.xpi [2017-10-13]
FF Extension: (Search IP) - C:\Users\AA\AppData\Roaming\Mozilla\Firefox\Profiles\i53tw0k5.default\Extensions\search-ip@exemple.tld [2017-10-17]
FF Extension: (TAARExperiment) - C:\Users\AA\AppData\Roaming\Mozilla\Firefox\Profiles\i53tw0k5.default\Extensions\taarexp@mozilla.com.xpi [2017-10-16]
FF Extension: (Google Translator for Firefox) - C:\Users\AA\AppData\Roaming\Mozilla\Firefox\Profiles\i53tw0k5.default\Extensions\translator@zoli.bod.xpi [2017-10-13]
FF Extension: (1-Click YouTube Video Downloader) - C:\Users\AA\AppData\Roaming\Mozilla\Firefox\Profiles\i53tw0k5.default\Extensions\YoutubeDownloader@PeterOlayev.com.xpi [2017-10-13]
FF Extension: (FireShot) - C:\Users\AA\AppData\Roaming\Mozilla\Firefox\Profiles\i53tw0k5.default\Extensions\{0b457cAA-602d-484a-8fe7-c1d894a011ba} [2017-10-17]
FF Extension: (Duplicate tab) - C:\Users\AA\AppData\Roaming\Mozilla\Firefox\Profiles\i53tw0k5.default\Extensions\{54fa1e34-a0ad-4526-a81b-b06139adf332}.xpi [2017-10-13]
FF Extension: (Adblock Plus) - C:\Users\AA\AppData\Roaming\Mozilla\Firefox\Profiles\i53tw0k5.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2017-10-13]
FF HKLM-x32\...\Firefox\Extensions: [web2pdfextension@web2pdf.adobedotcom] - C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Browser\WCFirefoxExtn
FF Extension: (Adobe Acrobat - Create PDF) - C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Browser\WCFirefoxExtn [2017-10-17] [non signé]
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2014-10-30] ()
FF Plugin-x32: @java.com/DTPlugin,version=10.79.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll [2017-07-03] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.79.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll [2017-07-03] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [Pas de fichier]
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.20513.0\npctrl.dll [2013-05-13] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~2\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~2\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2013-01-18] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2013-01-18] (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-04-28] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-04-28] (Google Inc.)
FF Plugin-x32: Adobe Acrobat -> C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Air\nppdf32.dll [2013-09-05] (Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll [2012-09-20] (Adobe Systems)

Chrome:
=======
CHR HomePage: Default -> hxxp://www.google.ca/
CHR StartupUrls: Default -> "hxxp://www.google.ca/"
CHR Profile: C:\Users\AA\AppData\Local\Google\Chrome\User Data\Default [2017-10-17]
CHR Extension: (Google Traduction) - C:\Users\AA\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapbdbdomjkkjkaonfhkkikfgjllcleb [2017-10-17]
CHR Extension: (Slides) - C:\Users\AA\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-10-17]
CHR Extension: (Docs) - C:\Users\AA\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-10-17]
CHR Extension: (Google Drive) - C:\Users\AA\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2017-10-17]
CHR Extension: (Turn Off the Lights) - C:\Users\AA\AppData\Local\Google\Chrome\User Data\Default\Extensions\bfbmjmiodbnnpllbbbfblcplfjjepjdn [2017-10-17]
CHR Extension: (YouTube) - C:\Users\AA\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2017-10-17]
CHR Extension: (Nimbus Screenshot & Screen Video Recorder) - C:\Users\AA\AppData\Local\Google\Chrome\User Data\Default\Extensions\bpconcjcammlapcogcnnelfmaeghhagj [2017-10-17]
CHR Extension: (Adblock Plus) - C:\Users\AA\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2017-10-17]
CHR Extension: (Download Manager) - C:\Users\AA\AppData\Local\Google\Chrome\User Data\Default\Extensions\daoidaoebhfcgccdpgjjcbdginkofmfe [2017-10-17]
CHR Extension: (Fair AdBlocker App) - C:\Users\AA\AppData\Local\Google\Chrome\User Data\Default\Extensions\dcnofaichneijfbkdkghmhjjbepjmble [2017-10-17]
CHR Extension: (Clipchamp – convertir, compresser, enregistrer des vidéos) - C:\Users\AA\AppData\Local\Google\Chrome\User Data\Default\Extensions\delkpojpfkkfgmknffmblbhmlamkjioi [2017-10-17]
CHR Extension: (Multiple Account Checker for Gmail™) - C:\Users\AA\AppData\Local\Google\Chrome\User Data\Default\Extensions\dnimhgelcnggigekhdjlifjpndgmnglm [2017-10-17]
CHR Extension: (Gmail hors connexion) - C:\Users\AA\AppData\Local\Google\Chrome\User Data\Default\Extensions\ejidjjhkpiempkbhmpbfngldlkglhimk [2017-10-17]
CHR Extension: (Google Agenda) - C:\Users\AA\AppData\Local\Google\Chrome\User Data\Default\Extensions\ejjicmeblgpmajnghnpcppodonldlgfn [2017-10-17]
CHR Extension: (Video Downloader professional) - C:\Users\AA\AppData\Local\Google\Chrome\User Data\Default\Extensions\elicpjhcidhpjomhibiffojpinpmmpil [2017-10-17]
CHR Extension: (Photo Zoom for Facebook) - C:\Users\AA\AppData\Local\Google\Chrome\User Data\Default\Extensions\elioihkkcdgakfbahdoddophfngopipi [2017-10-17]
CHR Extension: (Sheets) - C:\Users\AA\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-10-17]
CHR Extension: (Google Docs hors connexion) - C:\Users\AA\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2017-10-17]
CHR Extension: (AdBlock) - C:\Users\AA\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2017-10-17]
CHR Extension: (Google Calendar (by Google)) - C:\Users\AA\AppData\Local\Google\Chrome\User Data\Default\Extensions\gmbgaklkmjakoegficnlkhebmhkjfich [2017-10-17]
CHR Extension: (Video Recorder) - C:\Users\AA\AppData\Local\Google\Chrome\User Data\Default\Extensions\janpabomenbggihohponfklipffjhlfb [2017-10-17]
CHR Extension: (Lettre Compte Triple) - C:\Users\AA\AppData\Local\Google\Chrome\User Data\Default\Extensions\jjeddnjjfojmepmehcknfgdlefcolomp [2017-10-17]
CHR Extension: (Fair AdBlocker) - C:\Users\AA\AppData\Local\Google\Chrome\User Data\Default\Extensions\lgblnfidahcdcjddiepkckcfdhpknnjh [2017-10-17]
CHR Extension: (Google Maps) - C:\Users\AA\AppData\Local\Google\Chrome\User Data\Default\Extensions\lneaknkopdijkpnocmklfnjbeapigfbh [2017-10-17]
CHR Extension: (Conjugaison Vatefaireconjuguer) - C:\Users\AA\AppData\Local\Google\Chrome\User Data\Default\Extensions\lnpmoecabagognommankobjfmdfdppgp [2017-10-17]
CHR Extension: (Page Captures d'écran Web - Fireshot) - C:\Users\AA\AppData\Local\Google\Chrome\User Data\Default\Extensions\mcbpblocgmgfnpjjppndjkmgjaogfceg [2017-10-17]
CHR Extension: (Downloads) - C:\Users\AA\AppData\Local\Google\Chrome\User Data\Default\Extensions\ngbcgifdaopbfflfhbcfeomijfbbcadi [2017-10-17]
CHR Extension: (Paiements via le Chrome Web Store) - C:\Users\AA\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-10-17]
CHR Extension: (Adblock Pro) - C:\Users\AA\AppData\Local\Google\Chrome\User Data\Default\Extensions\ocifcklkibdehekfnmflempfgjhbedch [2017-10-17]
CHR Extension: (Hide My IP) - C:\Users\AA\AppData\Local\Google\Chrome\User Data\Default\Extensions\pekcnopmdcbjdgmpnpkndppflpldnkkp [2017-10-17]
CHR Extension: (Gmail) - C:\Users\AA\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2017-10-17]
CHR Extension: (Chrome Media Router) - C:\Users\AA\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-10-17]
CHR Profile: C:\Users\AA\AppData\Local\Google\Chrome\User Data\System Profile [2017-10-17]
StartMenuInternet: Google Chrome.KUBXCWRHNI66VOOM6GZXLXSU2U - D:\ChromePortable-64\App\Chrome64\chrome.exe

==================== Services (Avec liste blanche) ====================

(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)

S3 ADExchange; C:\Program Files (x86)\Common Files\ArcSoft\esinter\Bin\eservutil.exe [43072 2012-03-19] (ArcSoft, Inc.)
S3 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [77104 2015-09-02] (Apple Inc.)
S3 AtherosSvc; C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\adminservice.exe [106144 2011-12-29] (Atheros Commnucations) [Fichier non signé]
R2 cFosSpeedS; C:\Program Files\cFosSpeed\spd.exe [726952 2015-09-09] (cFos Software GmbH)
R2 ekrn; C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe [1349576 2015-01-28] (ESET)
R2 FirebirdGuardianDefaultInstance; C:\Program Files (x86)\Firebird\Firebird_2_5\bin\fbguard.exe [98304 2010-09-17] (Firebird Project) [Fichier non signé]
R3 FirebirdServerDefaultInstance; C:\Program Files (x86)\Firebird\Firebird_2_5\bin\fbserver.exe [3735552 2010-09-17] (Firebird Project) [Fichier non signé]
S3 KMS-R@1n; C:\Windows\KMS-R@1n.exe [22528 2015-06-02] () [Fichier non signé]
S2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [6058960 2017-08-07] (Malwarebytes)
S3 nlsvc; C:\Program Files\NetLimiter 3\nlsvc.exe [1851008 2013-06-25] (Locktime Software)
R2 RichVideo64; C:\Program Files\CyberLink\Shared files\RichVideo64.exe [390672 2012-08-08] ()
S3 SageTV; C:\Program Files (x86)\SageTV\SageTV\SageTVService.exe [58368 2017-06-21] (SageTV Open Source) [Fichier non signé]
R2 Service KMSELDI; C:\Program Files\KMSpico\Service_KMS.exe [965776 2014-10-26] (@ByELDI) [Fichier non signé]
S2 SpyHunter 4 Service; C:\Program Files\Enigma Software Group\SpyHunter\SH4Service.exe [889016 2017-10-17] (Enigma Software Group USA, LLC.)
S3 ss_conn_service; C:\Program Files\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe [754784 2016-01-08] (DEVGURU Co., LTD.)
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [7031056 2016-05-02] (TeamViewer GmbH)
S3 VfDrv32; C:\Program Files (x86)\Venta\VentaFax & Voice 6\vfdrv32.exe [1249280 2009-01-20] (Venta Association) [Fichier non signé]
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
R2 ZAtheros Bt&Wlan Coex Agent; C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\Ath_CoexAgent.exe [158880 2011-12-29] (Atheros) [Fichier non signé]
R2 ZAtheros Wlan Agent; C:\Program Files (x86)\Dell Wireless\Ath_WlanAgent.exe [76960 2011-12-26] (Atheros) [Fichier non signé]
S3 FoxitReaderService; "C:\Users\AA\AppData\Local\Temp\Rar$EXa0.599\App\FoxitReader\FoxitConnectedPDFService.exe" [X] <==== ATTENTION
S2 HPSLPSVC; C:\Users\AA\AppData\Local\Temp\7zS10CB\hpslpsvc64.dll [X] <==== ATTENTION
S2 MsMpSvc; "C:\Program Files\Microsoft Security Client\MsMpEng.exe" [X]
S3 NisSrv; "C:\Program Files\Microsoft Security Client\NisSrv.exe" [X]

===================== Pilotes (Avec liste blanche) ======================

(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)

S3 2310_00; C:\Windows\system32\drivers\2310_00.sys [170528 2009-06-12] (HighPoint Technologies, Inc.)
S3 272x_1x; C:\Windows\system32\drivers\272x_1x.sys [612672 2012-04-24] (HighPoint Technologies, Inc.)
S3 274x_3x; C:\Windows\system32\drivers\274x_3x.sys [240960 2012-04-24] (HighPoint Technologies, Inc.)
S3 amdide64; C:\Windows\system32\drivers\amdide64.sys [11904 2011-12-18] (Advanced Micro Devices Inc.)
S3 ampa; C:\Windows\system32\ampa.sys [19568 2015-11-10] () [Fichier non signé]
S3 ampa; C:\Windows\SysWOW64\ampa.sys [19568 2015-11-10] () [Fichier non signé]
S3 arcm_a64; C:\Windows\system32\drivers\arcm_a64.sys [52768 2009-11-08] (ARECA Technology Corporation)
S3 asahci64; C:\Windows\system32\drivers\asahci64.sys [49048 2012-07-18] (Asmedia Technology)
S3 b06diag; C:\Windows\system32\drivers\bxdiaga.sys [88104 2012-03-08] (Broadcom Corporation)
S3 bxfcoe; C:\Windows\system32\drivers\bxfcoe.sys [178216 2012-02-22] (Broadcom Corporation)
S3 bxois; C:\Windows\system32\drivers\bxois.sys [539176 2012-02-22] (Broadcom Corporation)
S3 cbaf; C:\Windows\System32\Drivers\cbaf.sys [15872 2008-01-09] (Intel Corp.)
S3 DC133; C:\Windows\system32\drivers\DC133.sys [39320 2011-05-02] (Dawicontrol GmbH)
S3 DC150; C:\Windows\system32\drivers\DC150.sys [39832 2011-05-02] (Dawicontrol GmbH)
S3 DC154; C:\Windows\system32\drivers\DC154.sys [48136 2011-05-02] (Dawicontrol GmbH)
S3 DC300e; C:\Windows\system32\drivers\DC300e.sys [40344 2011-05-02] (Dawicontrol GmbH)
R0 DC324e; C:\Windows\System32\drivers\DC324e.sys [49752 2011-05-02] (Dawicontrol GmbH)
R0 DC3410; C:\Windows\System32\drivers\DC3410.sys [48328 2011-05-02] (Dawicontrol GmbH)
S3 DC4300; C:\Windows\system32\drivers\DC4300.sys [48360 2011-05-02] (Dawicontrol GmbH)
S3 DC600e; C:\Windows\system32\drivers\DC600e.sys [40744 2011-05-02] (Dawicontrol GmbH)
S3 dfuuwb; C:\Windows\System32\Drivers\DfuUWB.sys [503296 2008-09-11] (Intel Corp.)
S3 dg_ssudbus; C:\Windows\System32\DRIVERS\ssudbus.sys [131984 2017-05-18] (Samsung Electronics Co., Ltd.)
R1 DVDHelp; C:\Windows\System32\drivers\DVDHelp.sys [28696 2015-03-08] ()
R1 eamonm; C:\Windows\System32\DRIVERS\eamonm.sys [246000 2015-03-10] (ESET)
U5 edevmon; C:\Windows\System32\Drivers\edevmon.sys [241880 2015-03-10] (ESET)
R1 ehdrv; C:\Windows\System32\DRIVERS\ehdrv.sys [169792 2015-03-10] (ESET)
R2 epfw; C:\Windows\System32\DRIVERS\epfw.sys [222280 2015-03-10] (ESET)
R1 EpfwLWF; C:\Windows\System32\DRIVERS\EpfwLWF.sys [44632 2015-03-10] (ESET)
R0 epfwwfp; C:\Windows\System32\DRIVERS\epfwwfp.sys [64208 2015-03-10] (ESET)
S3 EsgScanner; C:\Windows\System32\DRIVERS\EsgScanner.sys [22704 2017-10-17] ()
S3 EtronSTOR; C:\Windows\System32\Drivers\EtronSTOR.sys [32512 2012-08-07] (Etron Technology Inc)
S3 FLxHCIh; C:\Windows\system32\drivers\FLxHCIh.sys [77040 2012-11-02] (Fresco Logic)
S3 GSVDRIVE; C:\Windows\System32\DRIVERS\GSVDRIVE.sys [28568 2015-03-08] (GiliSoft International LLC.) [Fichier non signé]
R3 hcwhdpvr; C:\Windows\System32\DRIVERS\hcwhdpvr.sys [192072 2012-03-08] (Hauppauge, Inc.)
S3 hptiop; C:\Windows\system32\drivers\hptiop.sys [17440 2009-05-25] (HighPoint Technologies, Inc.)
S3 hptmv; C:\Windows\system32\drivers\hptmv.sys [93472 2006-09-18] (HighPoint Technologies, Inc.)
S3 hptmv6; C:\Windows\system32\drivers\hptmv6.sys [152096 2007-11-01] (HighPoint Technologies, Inc.)
S3 HWA; C:\Windows\System32\Drivers\HWA.sys [61440 2008-09-29] (Intel Corp.)
R0 iaStorF; C:\Windows\System32\drivers\iaStorF.sys [28216 2012-11-19] (Intel Corporation)
S3 iaStorS; C:\Windows\system32\drivers\iaStorS.sys [651224 2012-06-29] (Intel Corporation)
S3 iteatapi; C:\Windows\system32\drivers\iteatapi.sys [38680 2008-05-14] (ITE Tech. Inc.)
S3 iteraid; C:\Windows\system32\drivers\iteraid.sys [32768 2007-05-01] (ITE Tech. Inc.)
S3 MDA_NTDRV; C:\Windows\system32\MDA_NTDRV.sys [21208 2013-02-25] ()
S3 megasas2; C:\Windows\system32\drivers\megasas2.sys [51496 2012-02-28] (LSI Corporation)
S3 megasr1; C:\Windows\system32\drivers\MegaSR1.sys [461320 2009-04-16] (LSI Corporation, Inc.)
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [247216 2013-06-18] (Microsoft Corporation)
S3 mv61xx; C:\Windows\system32\drivers\mv61xx.sys [183144 2012-05-23] (Marvell Semiconductor, Inc.)
S3 mvs94xx; C:\Windows\system32\drivers\mvs94xx.sys [367920 2010-11-30] (Marvell Semiconductor, Inc.)
R2 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [139616 2013-06-18] (Microsoft Corporation)
R1 nltdi; C:\Program Files\NetLimiter 3\nltdi.sys [87472 2013-06-12] (Locktime Software)
R0 nvrd64; C:\Windows\System32\drivers\nvrd64.sys [175720 2010-04-08] (NVIDIA Corporation)
S3 ocz10xx; C:\Windows\system32\drivers\ocz10xx.sys [139056 2012-04-05] (OCZ Technology Group, Inc.)
S3 ocz12xx; C:\Windows\system32\drivers\ocz12xx.sys [138544 2011-09-14] (OCZ Technology Group, Inc.)
U0 Partizan; C:\Windows\SysWOW64\drivers\Partizan.sys [40304 2015-05-29] (Greatis Software)
S3 Pnp680; C:\Windows\system32\drivers\pnp680.sys [80424 2007-11-13] (Silicon Image, Inc)
S3 rr172x; C:\Windows\system32\drivers\rr172x.sys [124448 2007-11-01] (HighPoint Technologies, Inc.)
S3 rr174x; C:\Windows\system32\drivers\rr174x.sys [159264 2007-11-01] (HighPoint Technologies, Inc.)
S3 rr2210; C:\Windows\system32\drivers\rr2210.sys [153632 2007-11-01] (HighPoint Technologies, Inc.)
S3 rr232x; C:\Windows\system32\drivers\rr232x.sys [152096 2008-05-05] (HighPoint Technologies, Inc.)
S3 rr2340; C:\Windows\system32\drivers\rr2340.sys [162400 2009-12-31] (HighPoint Technologies, Inc.)
S3 rr2522; C:\Windows\system32\drivers\rr2522.sys [168032 2009-12-31] (HighPoint Technologies, Inc.)
S3 rr276x; C:\Windows\system32\drivers\rr276x.sys [241472 2012-04-24] (HighPoint Technologies, Inc.)
S3 rr278x; C:\Windows\system32\drivers\rr278x.sys [240960 2012-04-24] (HighPoint Technologies, Inc.)
S3 rr62x; C:\Windows\system32\drivers\rr62x.sys [156256 2010-06-16] (HighPoint Technologies, Inc.)
S3 rusb3hub; C:\Windows\system32\drivers\rusb3hub.sys [114568 2012-08-27] (Renesas Electronics Corporation)
S3 rusb3xhc; C:\Windows\system32\drivers\rusb3xhc.sys [230280 2012-08-27] (Renesas Electronics Corporation)
S3 SI3112r; C:\Windows\system32\drivers\SI3112r.sys [164656 2007-02-01] (Silicon Image, Inc)
S3 SI3114; C:\Windows\system32\drivers\SI3114.sys [99120 2006-11-10] (Silicon Image, Inc.)
S3 SI3114r; C:\Windows\system32\drivers\SI3114R.sys [163632 2007-04-11] (Silicon Image, Inc)
S3 SI3124; C:\Windows\system32\drivers\SI3124.sys [113456 2006-11-02] (Silicon Image, Inc.)
S3 Si3124r5; C:\Windows\system32\drivers\Si3124r5.sys [340008 2010-04-13] (Silicon Image, Inc)
S3 SI3132; C:\Windows\system32\drivers\SI3132.sys [90664 2007-10-03] (Silicon Image, Inc)
S3 Si3531; C:\Windows\system32\drivers\Si3531.sys [333864 2009-02-09] (Silicon Image, Inc)
R0 SiFilter; C:\Windows\System32\drivers\SiWinAcc.sys [22056 2007-10-03] (Silicon Image, Inc)
R0 SiRemFil; C:\Windows\System32\drivers\SiRemFil.sys [17448 2007-10-03] (Silicon Image, Inc)
S3 ssudmdm; C:\Windows\System32\DRIVERS\ssudmdm.sys [166288 2017-05-18] (Samsung Electronics Co., Ltd.)
U5 UnlockerDriver5; C:\Program Files\Unlocker\UnlockerDriver5.sys [12352 2010-07-01] ()
S3 uwbusb; C:\Windows\System32\Drivers\usbuwbmini.sys [13312 2008-09-15] (Intel Corp.)
S3 viamrx64; C:\Windows\system32\drivers\viamrx64.sys [161904 2010-12-02] (VIA Technologies Inc.,Ltd)
S3 videX64; C:\Windows\system32\drivers\videX64.sys [15000 2010-02-11] (VIA Technologies, Inc.)
S3 VUSB3HUB; C:\Windows\system32\drivers\ViaHub3.sys [210944 2012-05-30] (VIA Technologies, Inc.)
R0 xfiltx64; C:\Windows\System32\drivers\xfiltx64.sys [26776 2010-02-11] (VIA Technologies, Inc.)
S3 xhcdrv; C:\Windows\system32\drivers\xhcdrv.sys [261120 2012-05-30] (VIA Technologies, Inc.)
R1 ZAM; C:\Windows\System32\drivers\zam64.sys [203680 2017-10-17] (Zemana Ltd.)
R1 ZAM_Guard; C:\Windows\System32\drivers\zamguard64.sys [203680 2017-10-17] (Zemana Ltd.)
S2 NEWDRIVER; \??\C:\Windows\SysWow64\WinVDEdrv6.sys [X]
S3 PHYMEM; \??\C:\Program Files (x86)\Leawo\Total Media Converter Ultimate\phymem64.sys [X]
S2 WinisoCDBus; system32\drivers\WinisoCDBus.sys [X]

==================== NetSvcs (Avec liste blanche) ===================

(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)


==================== Un mois - Créés - fichiers et dossiers ========

(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)

2017-10-17 12:31 - 2017-10-17 12:31 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EMCO
2017-10-17 12:31 - 2017-10-17 12:31 - 000000000 ____D C:\ProgramData\EMCO
2017-10-17 12:31 - 2017-10-17 12:31 - 000000000 ____D C:\Program Files (x86)\EMCO
2017-10-17 12:01 - 2017-10-17 12:01 - 000000000 ____D C:\Users\AA\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Applications Chrome
2017-10-17 11:42 - 2017-10-17 11:42 - 000002264 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2017-10-17 11:42 - 2017-10-17 11:42 - 000002252 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2017-10-17 11:38 - 2017-10-17 11:38 - 000001021 _____ C:\Users\AA\Desktop\ChromePortable.exe - Raccourci.lnk
2017-10-17 11:27 - 2017-10-17 11:32 - 000000000 ____D C:\ProgramData\Ultra Adware Killer
2017-10-17 11:08 - 2017-10-17 18:49 - 000089026 _____ C:\Windows\ZAM.krnl.trace
2017-10-17 11:08 - 2017-10-17 18:49 - 000052521 _____ C:\Windows\ZAM_Guard.krnl.trace
2017-10-17 10:40 - 2017-10-17 10:40 - 000001902 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2017-10-17 10:40 - 2017-10-17 10:40 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes
2017-10-17 10:40 - 2017-10-04 13:15 - 000077440 _____ C:\Windows\system32\Drivers\mbae64.sys
2017-10-17 10:39 - 2017-10-17 10:39 - 000000000 ____D C:\ProgramData\Malwarebytes
2017-10-17 10:35 - 2017-10-16 10:42 - 072308723 _____ C:\Users\AA\Desktop\Malwarebytes.3.2.2.2029.DC.sanet.cd.rar
2017-10-17 10:25 - 2017-10-17 10:48 - 000000000 ____D C:\Users\AA\AppData\Roaming\Enigma Software Group
2017-10-17 10:25 - 2017-10-17 10:25 - 000003312 _____ C:\Windows\System32\Tasks\SpyHunter4Startup
2017-10-17 10:25 - 2017-10-17 10:25 - 000001122 _____ C:\Users\AA\Desktop\SpyHunter.lnk
2017-10-17 10:25 - 2017-10-17 10:25 - 000000000 ____D C:\sh4ldr
2017-10-17 10:24 - 2017-10-17 10:24 - 000022704 _____ C:\Windows\system32\Drivers\EsgScanner.sys
2017-10-17 10:24 - 2017-10-17 10:24 - 000000000 ____D C:\Program Files\Enigma Software Group
2017-10-17 09:07 - 2017-10-17 18:49 - 000056161 _____ C:\Users\AA\Desktop\Addition.txt
2017-10-17 09:06 - 2017-10-17 18:49 - 000048016 _____ C:\Users\AA\Desktop\FRST.txt
2017-10-17 09:06 - 2017-10-17 09:06 - 000000516 _____ C:\Users\AA\Desktop\SearchReg cleanserp.net.txt
2017-10-17 09:04 - 2017-10-17 09:06 - 000000516 _____ C:\Users\AA\Desktop\SearchReg.txt
2017-10-17 09:03 - 2017-10-17 18:49 - 000000000 ____D C:\FRST
2017-10-17 09:03 - 2017-10-17 09:03 - 000000000 ____D C:\Users\AA\Desktop\FRST-OlderVersion
2017-10-16 10:45 - 2017-10-17 10:39 - 000000000 ____D C:\Program Files\Malwarebytes
2017-10-16 10:44 - 2017-10-16 10:44 - 000000000 ____D C:\Users\AA\AppData\Roaming\Obsidium
2017-10-16 10:19 - 2017-10-16 10:21 - 000000000 ____D C:\AdwCleaner
2017-10-16 09:26 - 2017-10-17 09:03 - 002401792 _____ (Farbar) C:\Users\AA\Desktop\FRST64.exe
2017-10-16 09:03 - 2017-10-16 09:03 - 000290304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\subinacl.exe
2017-10-16 09:03 - 2017-10-16 09:03 - 000000000 ____D C:\Program Files (x86)\Adware Removal Tool by TSA
2017-10-16 08:57 - 2017-10-16 09:54 - 000000000 ____D C:\Windows\ACF5FE1B377240688B872D2A6EFD0A05.TMP
2017-10-16 08:57 - 2017-10-16 08:57 - 000000000 _____ C:\autoexec.bat
2017-10-15 18:51 - 2017-10-15 18:51 - 000001015 _____ C:\Users\AA\Desktop\VueScanPortable.exe - Raccourci (2).lnk
2017-10-13 11:48 - 2017-10-13 11:48 - 000000239 _____ C:\Users\AA\Desktop\Syncovery Pro Enterprise 7.87d Build 536 (x86x64) Portable ~ Apps2Portable Free Portable Apps for PC !.URL
2017-10-13 09:06 - 2017-10-13 09:06 - 000578956 _____ C:\Users\AA\Downloads\Rogers-Oct03_2017-1809170828.pdf
2017-10-13 08:53 - 2017-10-17 11:36 - 000000000 ____D C:\Program Files (x86)\Mozilla Firefox
2017-10-13 08:53 - 2017-10-13 08:53 - 000001158 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2017-10-13 08:53 - 2017-10-13 08:53 - 000001146 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk
2017-10-13 08:50 - 2017-10-13 08:52 - 045166648 _____ (Mozilla) C:\Users\AA\Downloads\Firefox_Setup_54.0.1-fr.exe
2017-10-12 16:57 - 2017-10-12 17:01 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Folder Lock
2017-10-12 16:57 - 2017-10-12 16:57 - 000040960 _____ C:\Windows\SysWOW64\nwsftUninstall.exe
2017-10-12 16:52 - 2017-10-12 16:54 - 000000000 ____D C:\Users\AA\AppData\Local\AxCrypt
2017-10-12 16:39 - 2017-10-13 08:40 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Anvisoft
2017-10-12 16:39 - 2017-10-12 16:39 - 000000000 ____D C:\ProgramData\Anvisoft
2017-10-12 16:38 - 2017-10-12 16:38 - 000000000 ____D C:\Program Files (x86)\Anvisoft
2017-10-12 16:29 - 2011-06-03 22:59 - 000057648 _____ (FSPro Labs) C:\Windows\system32\Drivers\FSPFltd2.sys
2017-10-12 13:09 - 2017-10-12 13:09 - 000001407 _____ C:\Users\AA\Desktop\Total Uninstall.exe - Raccourci (3).lnk
2017-10-12 13:05 - 2017-10-12 13:05 - 000002560 _____ C:\Windows\_MSRSTRT.EXE
2017-10-12 13:01 - 2017-10-13 08:41 - 000000000 ____D C:\Program Files\TrueCrypt
2017-10-12 13:01 - 2017-10-12 13:01 - 000230840 _____ (TrueCrypt Foundation) C:\Windows\system32\Drivers\truecrypt.sys
2017-10-12 11:21 - 2017-10-12 11:21 - 000000000 ____D C:\Users\AA\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Fast Folder Access
2017-10-12 11:10 - 2013-12-29 10:34 - 000290304 _____ C:\Users\AA\Desktop\hookfolderlocker.exe
2017-10-12 11:09 - 2017-10-12 11:09 - 000000836 _____ C:\Users\AA\Desktop\Payes - Raccourci.lnk
2017-10-12 09:57 - 2017-10-12 09:57 - 000000732 _____ C:\Users\AA\Desktop\Payes pasbon - Raccourci.lnk
2017-10-12 09:56 - 2017-10-12 09:56 - 000001509 _____ C:\Users\AA\Desktop\logiciel de paie 2015 pour Alain.xls - Raccourci (2).lnk
2017-10-12 09:55 - 2017-10-12 09:55 - 000001509 _____ C:\Users\AA\Desktop\logiciel de paie 2015 pour Alain.xls - Raccourci.lnk
2017-10-12 08:33 - 2017-10-12 17:00 - 000000700 ___SH C:\Users\AA\AppData\Local\systemFL7.dat
2017-10-08 13:48 - 2017-10-08 13:48 - 000000898 _____ C:\Users\AA\Desktop\UltraISO.exe - Raccourci.lnk
2017-10-08 13:41 - 2017-10-08 13:41 - 000000000 ____D C:\Users\AA\Documents\My ISO Files
2017-10-08 13:32 - 2017-10-08 13:32 - 000000000 ____D C:\Users\AA\AppData\LocalLow\Jet Propulsion Laboratory
2017-10-07 09:16 - 2017-10-07 09:16 - 000000000 ____D C:\Users\AA\AppData\Local\Locktime
2017-10-07 09:14 - 2017-10-07 09:14 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NetLimiter 3
2017-10-07 09:14 - 2017-10-07 09:14 - 000000000 ____D C:\ProgramData\Locktime
2017-10-07 09:14 - 2017-10-07 09:14 - 000000000 ____D C:\Program Files\NetLimiter 3
2017-10-07 08:48 - 2017-10-07 08:48 - 000004246 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2017-10-07 08:45 - 2017-10-07 08:45 - 004672861 _____ C:\disk1.cab
2017-10-07 08:40 - 2017-10-07 08:40 - 000000000 ____D C:\Users\AA\AppData\Roaming\Locktime
2017-10-07 08:39 - 2013-08-02 17:38 - 009199920 _____ (Locktime Software) C:\nl3setup.exe
2017-10-07 08:36 - 2013-08-02 17:38 - 010223064 _____ (Locktime Software) C:\nl3setup-x64.exe
2017-10-07 08:32 - 2017-10-07 08:32 - 002221568 _____ C:\nl3setup-x64.msi
2017-10-07 08:19 - 2017-10-07 09:00 - 000000000 ____D C:\Users\AA\AppData\Roaming\Locktime Software
2017-10-01 12:54 - 2017-10-01 12:54 - 000000132 _____ C:\Users\AA\Desktop\Télécharger Blue Moon - Saison 2 - COMPLETE - Quebec - Yggtorrent.url
2017-09-28 13:07 - 2017-09-28 13:07 - 000000092 _____ C:\Users\AA\Desktop\Nouvelle collection - Pearltrees.url
2017-09-21 18:02 - 2017-09-21 18:02 - 000002212 _____ C:\Users\AA\Desktop\One Click Root.lnk
2017-09-21 18:02 - 2017-09-21 18:02 - 000000000 ____D C:\Users\AA\AppData\Local\oneClickRoot
2017-09-21 18:02 - 2017-09-21 18:02 - 000000000 ____D C:\Users\AA\AppData\Local\AWSToolkit
2017-09-21 18:01 - 2017-09-21 18:01 - 000000000 ____D C:\Program Files (x86)\One Click Root
2017-09-21 18:00 - 2017-09-21 18:00 - 000000000 ____D C:\Users\AA\AppData\Roaming\One Click Root
2017-09-21 17:57 - 2017-09-21 17:57 - 000000000 ____D C:\Users\AA\AppData\Local\IsolatedStorage
2017-09-19 09:45 - 2017-09-19 09:45 - 000095604 _____ C:\Users\AA\Desktop\Calendrier commande vaccins Cliniques privées 2016-2017.pdf

==================== Un mois - Modifiés - fichiers et dossiers ========

(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)

2017-10-17 15:42 - 2017-01-17 06:43 - 000003348 _____ C:\Windows\System32\Tasks\ESET Windows 10 upgrade – Refresh settings
2017-10-17 12:01 - 2017-05-15 22:02 - 000000000 ____D C:\Users\AA\AppData\Roaming\Google
2017-10-17 11:42 - 2015-03-01 10:16 - 000000000 ____D C:\Program Files (x86)\Google
2017-10-17 11:42 - 2014-12-20 18:42 - 000000000 ____D C:\Users\AA\AppData\Local\Google
2017-10-17 11:36 - 2016-04-21 20:31 - 000000000 ____D C:\Livres
2017-10-17 11:36 - 2015-04-30 09:21 - 000000000 ____D C:\Users\AA\AppData\Roaming\FireShot
2017-10-17 11:36 - 2015-04-28 12:11 - 000000000 ____D C:\Users\AA\AppData\Roaming\Everything
2017-10-17 11:33 - 2009-07-14 00:45 - 000027344 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2017-10-17 11:33 - 2009-07-14 00:45 - 000027344 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2017-10-17 11:22 - 2013-07-25 13:04 - 000749672 _____ C:\Windows\system32\perfh00C.dat
2017-10-17 11:22 - 2013-07-25 13:04 - 000150318 _____ C:\Windows\system32\perfc00C.dat
2017-10-17 11:22 - 2009-07-14 01:13 - 001675006 _____ C:\Windows\system32\PerfStringBackup.INI
2017-10-17 11:22 - 2009-07-13 23:20 - 000000000 ____D C:\Windows\inf
2017-10-17 11:19 - 2016-03-26 20:05 - 000000435 _____ C:\Windows\system32\Drivers\etc\hosts.ics
2017-10-17 11:18 - 2014-04-12 11:11 - 000000000 ____D C:\ProgramData\TEMP
2017-10-17 11:18 - 2009-07-14 01:08 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2017-10-17 11:16 - 2016-02-13 22:03 - 000000000 ____D C:\Users\AA\AppData\Local\Everything
2017-10-17 11:10 - 2015-05-01 09:48 - 000000000 ____D C:\Users\AA\AppData\Local\CrashDumps
2017-10-17 11:08 - 2015-09-12 11:23 - 000203680 _____ (Zemana Ltd.) C:\Windows\system32\Drivers\zam64.sys
2017-10-17 11:07 - 2015-09-12 11:23 - 000203680 _____ (Zemana Ltd.) C:\Windows\system32\Drivers\zamguard64.sys
2017-10-17 11:02 - 2016-12-06 10:45 - 000000000 ____D C:\Users\AA\AppData\Roaming\VOS
2017-10-17 10:25 - 2014-04-12 08:45 - 000000000 ____D C:\Users\AA
2017-10-17 09:20 - 2016-11-28 10:03 - 000000000 ____D C:\Users\AA\Documents\Fichiers PDF
2017-10-17 04:04 - 2015-10-03 07:45 - 000000000 ____D C:\Users\AA\AppData\Roaming\AvaFind
2017-10-16 10:21 - 2017-02-14 21:39 - 000000000 ____D C:\ProgramData\IObit
2017-10-16 10:16 - 2014-04-12 09:10 - 000000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2017-10-15 17:28 - 2017-02-16 12:01 - 000000016 _____ C:\ProgramData\mntemp
2017-10-15 11:19 - 2016-03-07 05:16 - 000001878 __RSH C:\ProgramData\ntuser.pol
2017-10-13 09:55 - 2016-05-12 07:12 - 000000000 ____D C:\Program Files (x86)\TeamViewer
2017-10-13 09:15 - 2017-03-29 18:20 - 000000000 ____D C:\Users\AA\AppData\LocalLow\Mozilla
2017-10-12 11:25 - 2016-12-03 17:27 - 000000000 ____D C:\ProgramData\Package Cache
2017-10-12 11:13 - 2017-03-12 21:36 - 000000000 ____D C:\Users\AA\Desktop\Cafetiere
2017-10-08 13:11 - 2014-04-12 09:10 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GPSoftware
2017-10-07 09:14 - 2014-04-12 12:12 - 000000000 __SHD C:\Windows\SysWOW64\AI_RecycleBin
2017-10-07 08:42 - 2013-07-25 23:04 - 000000000 ____D C:\Windows\Panther
2017-10-07 08:42 - 2009-07-13 23:20 - 000000000 ____D C:\Windows\ModemLogs
2017-10-07 07:49 - 2017-02-18 10:44 - 000004126 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2017-10-03 06:38 - 2015-05-09 09:05 - 000000000 ____D C:\Users\AA\AppData\Roaming\Thinstall
2017-09-28 12:43 - 2015-04-03 09:30 - 000000980 _____ C:\Users\AA\Desktop\americanexpressmastercardvisaaffairesalain.rar

==================== Fichiers à la racine de certains dossiers =======

2017-04-22 11:29 - 2017-04-22 11:38 - 000001829 _____ () C:\Users\AA\AppData\Roaming\DreamCalc DC5P.dat
2017-03-16 12:43 - 2017-03-16 12:44 - 000001559 _____ () C:\Users\AA\AppData\Roaming\home_budget.ini
2017-03-16 12:44 - 2017-03-16 12:44 - 000000000 _____ () C:\Users\AA\AppData\Roaming\propersoft.ini
2014-12-20 18:40 - 2014-12-20 18:40 - 001330121 _____ () C:\Users\AA\AppData\Local\53E9472D_stp.CIS
2015-04-10 20:26 - 2015-04-10 20:26 - 000000218 _____ () C:\Users\AA\AppData\Local\recently-used.xbel
2017-10-12 08:33 - 2017-10-12 17:00 - 000000700 ___SH () C:\Users\AA\AppData\Local\systemFL7.dat
2017-06-17 16:30 - 2017-06-17 16:30 - 001714544 _____ () C:\Users\AA\AppData\Local\usbdrvtemp.7zz
2014-04-13 12:46 - 2014-04-13 12:48 - 000000741 _____ () C:\ProgramData\hpzinstall.log
2017-02-04 12:12 - 2017-02-04 12:12 - 000004934 _____ () C:\ProgramData\jmwgqlqm.fzc
2017-02-16 12:01 - 2017-10-15 17:28 - 000000016 _____ () C:\ProgramData\mntemp
2004-08-15 08:41 - 2004-08-15 08:41 - 000000000 ____H () C:\ProgramData\sdpsenv.dat
2017-06-17 16:28 - 2017-06-17 16:28 - 000000187 _____ () C:\ProgramData\serverclasscache.ini

Fichiers à déplacer ou supprimer:
====================
C:\ProgramData\sdpsenv.dat


Certains fichiers dans TEMP:
====================
2017-10-12 08:30 - 2017-10-12 16:58 - 000007680 _____ () C:\Users\AA\AppData\Local\Temp\launcher.exe
2017-10-17 10:35 - 2017-10-05 14:46 - 071535032 _____ (Malwarebytes ) C:\Users\AA\AppData\Local\Temp\mb3-setup-consumer-3.2.2.2029-1.0.212-1.0.2951.exe
2017-10-17 12:34 - 2017-10-17 12:34 - 000043520 ____N () C:\Users\AA\AppData\Local\Temp\proxy_vole1498092377958855649.dll
2017-10-16 08:55 - 2017-10-16 08:56 - 047329360 _____ () C:\Users\AA\AppData\Local\Temp\SHSetup.exe
2016-08-16 03:48 - 2016-08-16 03:48 - 000488960 _____ () C:\Users\AA\AppData\Local\Temp\sqlite3.exe

==================== Bamital & volsnap ======================

(Il n'y a pas de correction automatique pour les fichiers qui ne satisfont pas à la vérification.)

C:\Windows\system32\winlogon.exe => Le fichier est signé numériquement
C:\Windows\system32\wininit.exe => Le fichier est signé numériquement
C:\Windows\SysWOW64\wininit.exe => Le fichier est signé numériquement
C:\Windows\explorer.exe => Le fichier est signé numériquement
C:\Windows\SysWOW64\explorer.exe => Le fichier est signé numériquement
C:\Windows\system32\svchost.exe => Le fichier est signé numériquement
C:\Windows\SysWOW64\svchost.exe => Le fichier est signé numériquement
C:\Windows\system32\services.exe => Le fichier est signé numériquement
C:\Windows\system32\User32.dll => Le fichier est signé numériquement
C:\Windows\SysWOW64\User32.dll => Le fichier est signé numériquement
C:\Windows\system32\userinit.exe => Le fichier est signé numériquement
C:\Windows\SysWOW64\userinit.exe => Le fichier est signé numériquement
C:\Windows\system32\rpcss.dll => Le fichier est signé numériquement
C:\Windows\system32\dnsapi.dll => Le fichier est signé numériquement
C:\Windows\SysWOW64\dnsapi.dll => Le fichier est signé numériquement
C:\Windows\system32\Drivers\volsnap.sys => Le fichier est signé numériquement

LastRegBack: 2017-10-10 00:42

==================== Fin de FRST.txt ============================

Publicité


Signaler le contenu de ce document

Publicité