Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- Résultats d'analyse de Farbar Recovery Scan Tool (FRST) (x64) Version: 01-01-2017
- Exécuté par Letendre Colette (administrateur) sur PC (02-01-2017 00:39:41)
- Exécuté depuis C:\Users\Letendre Colette\Desktop
- Profils chargés: Letendre Colette (Profils disponibles: Letendre Colette)
- Platform: Windows 10 Home Version 1511 (X64) Langue: Français (France)
- Internet Explorer Version 11 (Navigateur par défaut: Chrome)
- Mode d'amorçage: Normal
- Tutoriel pour Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
- ==================== Processus (Avec liste blanche) =================
- (Si un élément est inclus dans le fichier fixlist.txt, le processus sera arrêté. Le fichier ne sera pas déplacé.)
- (ASUSTeK Computer Inc.) C:\Windows\System32\FBAgent.exe
- (Advanced Micro Devices, Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
- (Broadcom Corporation.) C:\Windows\System32\BtwRSupportService.exe
- (ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDService.exe
- (DEVGURU Co., LTD.) C:\Program Files\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe
- (Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe
- (Microsoft Corporation) C:\Program Files\Windows Defender\NisSrv.exe
- (Microsoft Corporation) C:\Program Files (x86)\EMET 5.5\EMET_Service.exe
- (HP Inc.) C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe
- (Microsoft Corporation) C:\Program Files\Windows Defender\MpCmdRun.exe
- (ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe
- (Microsoft Corporation) C:\Program Files (x86)\EMET 5.5\EMET_Agent.exe
- (© 2015 Microsoft Corporation) C:\Users\Letendre Colette\AppData\Local\Microsoft\BingSvc\BingSvc.exe
- (MiTAC) C:\Users\Letendre Colette\AppData\Roaming\MiTAC Digital Corporation\mgnContentManager\3.0.0.00\mgnContentManager.exe
- (AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPLoader.exe
- (Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
- (Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
- (Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
- (AMD) C:\Windows\System32\atiesrxx.exe
- (AMD) C:\Windows\System32\atieclxx.exe
- (ASUS) C:\Program Files (x86)\ASUS\Splendid\ACMON.exe
- (ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe
- (ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe
- (ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\KBFiltr.exe
- (ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
- (ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
- (ASUS) C:\Program Files (x86)\ASUS\ASUS InstantOn\InsOnSrv.exe
- (ASUS) C:\Program Files (x86)\ASUS\ASUS InstantOn\InsOnWMI.exe
- () C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.18.159\AsusWSWinService.exe
- (ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
- (CyberLink Corp.) C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe
- (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
- (ASUS) C:\Program Files (x86)\ASUS\ASUS InstantOn\InsOnCfg.exe
- (AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPCenter.exe
- (ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\ASUS Live Update\LiveUpdate.exe
- (ASUS) C:\Program Files\ASUS\P4G\BatteryLife.exe
- (ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe
- (AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPHelper.exe
- (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
- (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
- (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
- (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
- (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
- (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
- (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
- (Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
- (Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe
- (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
- (Microsoft Corporation) C:\Windows\WinSxS\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_10.0.10586.570_none_7645b09c266beb53\TiWorker.exe
- (Microsoft Corporation) C:\Windows\System32\sdiagnhost.exe
- (Microsoft Corporation) C:\Windows\System32\PrintIsolationHost.exe
- ==================== Registre (Avec liste blanche) ====================
- (Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé. Le fichier ne sera pas déplacé.)
- HKLM\...\Run: [ETDCtrl] => C:\Program Files\Elantech\ETDCtrl.exe [3350760 2015-07-14] (ELAN Microelectronics Corp.)
- HKLM\...\Run: [Malwarebytes TrayApp] => C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\mbamtray.exe [2776528 2016-12-14] (Malwarebytes)
- HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [767176 2015-08-21] (Advanced Micro Devices, Inc.)
- HKLM-x32\...\Run: [CLMLServer] => C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe [107816 2011-03-09] (CyberLink)
- HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [598552 2016-06-22] (Oracle Corporation)
- Winlogon\Notify\SDWinLogon-x32: SDWinLogon.dll [X]
- HKU\S-1-5-21-1181139031-2039296223-3395277628-1001\...\Run: [CmTray] => C:\Program Files (x86)\Content Manager\launchCM.exe [94208 2011-12-28] ()
- HKU\S-1-5-21-1181139031-2039296223-3395277628-1001\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [51656320 2016-04-08] (Skype Technologies S.A.)
- HKU\S-1-5-21-1181139031-2039296223-3395277628-1001\...\Run: [BingSvc] => C:\Users\Letendre Colette\AppData\Local\Microsoft\BingSvc\BingSvc.exe [144008 2016-02-18] (© 2015 Microsoft Corporation)
- HKU\S-1-5-21-1181139031-2039296223-3395277628-1001\...\Run: [Magellan Update Manager] => C:\Users\Letendre Colette\AppData\Roaming\MiTAC Digital Corporation\mgnContentManager\3.0.0.00\mgnContentManager.exe [2705672 2016-01-20] (MiTAC)
- HKU\S-1-5-21-1181139031-2039296223-3395277628-1001\Control Panel\Desktop\\SCRNSAVE.EXE ->
- ShellIconOverlayIdentifiers: [ SkyDrive1] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Users\Letendre Colette\AppData\Local\Microsoft\OneDrive\17.3.6390.0509_1\amd64\FileSyncShell64.dll [2016-06-16] (Microsoft Corporation)
- ShellIconOverlayIdentifiers: [ SkyDrive2] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Users\Letendre Colette\AppData\Local\Microsoft\OneDrive\17.3.6390.0509_1\amd64\FileSyncShell64.dll [2016-06-16] (Microsoft Corporation)
- ShellIconOverlayIdentifiers: [ SkyDrive3] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Users\Letendre Colette\AppData\Local\Microsoft\OneDrive\17.3.6390.0509_1\amd64\FileSyncShell64.dll [2016-06-16] (Microsoft Corporation)
- ShellIconOverlayIdentifiers: [!AsusWSShellExt_B] -> {6D4133E5-0742-4ADC-8A8C-9303440F7190} => C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.18.159\ASUSWSShellExt64.dll [2012-09-27] (ASUS Cloud Corporation.)
- ShellIconOverlayIdentifiers: [!AsusWSShellExt_O] -> {64174815-8D98-4CE6-8646-4C039977D808} => C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.18.159\ASUSWSShellExt64.dll [2012-09-27] (ASUS Cloud Corporation.)
- ShellIconOverlayIdentifiers: [!AsusWSShellExt_U] -> {1C5AB7B1-0B38-4EC4-9093-7FD277E2AF4D} => C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.18.159\ASUSWSShellExt64.dll [2012-09-27] (ASUS Cloud Corporation.)
- ShellIconOverlayIdentifiers-x32: [ SkyDrive1] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Users\Letendre Colette\AppData\Local\Microsoft\OneDrive\17.3.6390.0509_1\FileSyncShell.dll [2016-06-16] (Microsoft Corporation)
- ShellIconOverlayIdentifiers-x32: [ SkyDrive2] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Users\Letendre Colette\AppData\Local\Microsoft\OneDrive\17.3.6390.0509_1\FileSyncShell.dll [2016-06-16] (Microsoft Corporation)
- ShellIconOverlayIdentifiers-x32: [ SkyDrive3] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Users\Letendre Colette\AppData\Local\Microsoft\OneDrive\17.3.6390.0509_1\FileSyncShell.dll [2016-06-16] (Microsoft Corporation)
- ==================== Internet (Avec liste blanche) ====================
- (Si un élément est inclus dans le fichier fixlist.txt, s'il s'agit d'un élément du Registre, il sera supprimé ou restauré à la valeur par défaut.)
- Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
- Tcpip\..\Interfaces\{06a3c736-b1de-4273-a436-ae83de84a9db}: [DhcpNameServer] 192.168.1.1
- Tcpip\..\Interfaces\{9de60e78-b8be-43f7-b39c-8d5bb28a3dcb}: [DhcpNameServer] 192.168.1.1
- Internet Explorer:
- ==================
- HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
- HKU\S-1-5-21-1181139031-2039296223-3395277628-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.msn.com/?pc=SK2M&ocid=SK2MDHP&osmkt=fr-ca
- HKU\S-1-5-21-1181139031-2039296223-3395277628-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://asus13.msn.com
- SearchScopes: HKU\S-1-5-21-1181139031-2039296223-3395277628-1001 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
- SearchScopes: HKU\S-1-5-21-1181139031-2039296223-3395277628-1001 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
- SearchScopes: HKU\S-1-5-21-1181139031-2039296223-3395277628-1001 -> {47F07F88-D68B-4F5C-B8BE-F13D4897E4F0} URL = hxxps://qc.search.yahoo.com/search?p={searchTerms}&fr=yset_ie_syc_oracle&type=orcl_default
- BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_101\bin\ssv.dll [2016-07-28] (Oracle Corporation)
- BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_101\bin\jp2ssv.dll [2016-07-28] (Oracle Corporation)
- FireFox:
- ========
- FF ProfilePath: C:\Users\Letendre Colette\AppData\Roaming\Mozilla\Firefox\Profiles\zjs9v61d.default-1423954450415 [2016-12-31]
- FF DefaultSearchEngine: Mozilla\Firefox\Profiles\zjs9v61d.default-1423954450415 -> DuckDuckGo
- FF Homepage: Mozilla\Firefox\Profiles\zjs9v61d.default-1423954450415 -> hxxps://qc.yahoo.com/?fr=yset_ff_syc_oracle&type=hpset
- FF Extension: (LastPass) - C:\Users\Letendre Colette\AppData\Roaming\Mozilla\Firefox\Profiles\zjs9v61d.default-1423954450415\Extensions\support@lastpass.com [2016-12-21]
- FF Extension: (uBlock Origin) - C:\Users\Letendre Colette\AppData\Roaming\Mozilla\Firefox\Profiles\zjs9v61d.default-1423954450415\Extensions\uBlock0@raymondhill.net.xpi [2016-12-19]
- FF Extension: (NoScript) - C:\Users\Letendre Colette\AppData\Roaming\Mozilla\Firefox\Profiles\zjs9v61d.default-1423954450415\Extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi [2016-11-30]
- FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_24_0_0_186.dll [2016-12-19] ()
- FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.50709.0\npctrl.dll [2016-07-11] ( Microsoft Corporation)
- FF Plugin: @videolan.org/vlc,version=2.2.1 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN)
- FF Plugin: @videolan.org/vlc,version=2.2.4 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN)
- FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_24_0_0_186.dll [2016-12-19] ()
- FF Plugin-x32: @java.com/DTPlugin,version=11.101.2 -> C:\Program Files (x86)\Java\jre1.8.0_101\bin\dtplugin\npDeployJava1.dll [2016-07-28] (Oracle Corporation)
- FF Plugin-x32: @java.com/JavaPlugin,version=11.101.2 -> C:\Program Files (x86)\Java\jre1.8.0_101\bin\plugin2\npjp2.dll [2016-07-28] (Oracle Corporation)
- FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.50709.0\npctrl.dll [2016-07-11] ( Microsoft Corporation)
- FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3505.0912 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-09-12] (Microsoft Corporation)
- FF Plugin-x32: @mozilla.zeniko.ch/SumatraPDF_Browser_Plugin -> C:\Program Files (x86)\SumatraPDF\npPdfViewer.dll [2014-05-13] (Simon Bünzli)
- FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2016-12-19] (Google Inc.)
- FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2016-12-19] (Google Inc.)
- FF Plugin-x32: @videolan.org/vlc,version=2.1.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2014-07-22] (VideoLAN)
- FF Plugin-x32: @videolan.org/vlc,version=2.1.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2014-07-22] (VideoLAN)
- FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll [2015-09-24] (Adobe Systems Inc.)
- FF Plugin HKU\S-1-5-21-1181139031-2039296223-3395277628-1001: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Letendre Colette\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2015-08-28] (Unity Technologies ApS)
- FF Plugin HKU\S-1-5-21-1181139031-2039296223-3395277628-1001: magellangps.com/mgnContentManager -> C:\Users\Letendre Colette\AppData\Roaming\MiTAC Digital Corporation\mgnContentManager\3.0.0.00\npmgnContentManager.dll [2016-01-20] (MiTAC Digital Corp.)
- Chrome:
- =======
- CHR DefaultProfile: Default
- CHR DefaultSearchURL: Default -> hxxps://fr.search.yahoo.com/search?p={searchTerms}&fr=yset_chr_syc_oracle&type=orcl_default
- CHR DefaultSearchKeyword: Default -> lp
- CHR DefaultSuggestURL: Default -> hxxps://fr.search.yahoo.com/sugg/ie?output=fxjson&command={searchTerms}&nResults=10
- CHR Profile: C:\Users\Letendre Colette\AppData\Local\Google\Chrome\User Data\Default [2017-01-02]
- CHR Extension: (Google Slides) - C:\Users\Letendre Colette\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-06-09]
- CHR Extension: (Google Docs) - C:\Users\Letendre Colette\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-06-09]
- CHR Extension: (Google Drive) - C:\Users\Letendre Colette\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-12-24]
- CHR Extension: (YouTube) - C:\Users\Letendre Colette\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-10-03]
- CHR Extension: (uBlock Origin) - C:\Users\Letendre Colette\AppData\Local\Google\Chrome\User Data\Default\Extensions\cjpalhdlnbpafiamejdnhcphjbkeiagm [2016-12-24]
- CHR Extension: (Recherche Google) - C:\Users\Letendre Colette\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-12-24]
- CHR Extension: (Google Sheets) - C:\Users\Letendre Colette\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-06-09]
- CHR Extension: (Google Docs hors connexion) - C:\Users\Letendre Colette\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-05-03]
- CHR Extension: (LastPass: Free Password Manager) - C:\Users\Letendre Colette\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdokiejnpimakedhajhdlcegeplioahd [2016-12-24]
- CHR Extension: (Paiements via le Chrome Web Store) - C:\Users\Letendre Colette\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-06-29]
- CHR Extension: (Gmail) - C:\Users\Letendre Colette\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-06-09]
- CHR Extension: (Chrome Media Router) - C:\Users\Letendre Colette\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2016-12-24]
- CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx
- CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx
- CHR HKLM-x32\...\Chrome\Extension: [kpdmjodecdegfglgaapafjleomjjlpnh] - hxxps://clients2.google.com/service/update2/crx
- CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - hxxps://clients2.google.com/service/update2/crx
- ==================== Services (Avec liste blanche) ====================
- (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
- R2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [344064 2015-08-21] (Advanced Micro Devices, Inc.) [Fichier non signé]
- R3 ASUS InstantOn; C:\Program Files (x86)\ASUS\ASUS InstantOn\InsOnSrv.exe [277120 2012-04-13] (ASUS)
- R3 Asus WebStorage Windows Service; C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.18.159\AsusWSWinService.exe [72192 2012-12-19] () [Fichier non signé]
- R2 BcmBtRSupport; C:\WINDOWS\system32\BtwRSupportService.exe [2297104 2015-10-12] (Broadcom Corporation.)
- R2 EMET_Service; C:\Program Files (x86)\EMET 5.5\EMET_Service.exe [33960 2016-01-29] (Microsoft Corporation)
- R2 ETDService; C:\Program Files\Elantech\ETDService.exe [147688 2015-07-14] (ELAN Microelectronics Corp.)
- R2 HPSupportSolutionsFrameworkService; C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe [31776 2016-12-07] (HP Inc.)
- R2 ss_conn_service; C:\Program Files\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe [754784 2016-01-08] (DEVGURU Co., LTD.)
- R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [364456 2016-09-07] (Microsoft Corporation)
- R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [24864 2016-09-07] (Microsoft Corporation)
- ===================== Pilotes (Avec liste blanche) ======================
- (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
- S0 amdkmafd; C:\WINDOWS\System32\drivers\amdkmafd.sys [21160 2012-09-22] (Advanced Micro Devices, Inc.)
- S2 APXACC; C:\WINDOWS\system32\DRIVERS\appexDrv.sys [229056 2014-10-28] (AppEx Networks Corporation)
- R3 AtiHDAudioService; C:\WINDOWS\system32\drivers\AtihdWT6.sys [102912 2015-05-28] (Advanced Micro Devices)
- R3 ATP; C:\WINDOWS\System32\drivers\AsusTP.sys [101368 2015-12-14] (ASUS Corporation)
- S3 bcbtums; C:\WINDOWS\system32\drivers\bcbtums.sys [227144 2015-10-12] (Broadcom Corporation.)
- S3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus.sys [130688 2016-07-22] (Samsung Electronics Co., Ltd.)
- R3 dot4; C:\WINDOWS\system32\DRIVERS\Dot4.sys [151968 2012-10-19] (Windows (R) Win 7 DDK provider)
- R3 Dot4Print; C:\WINDOWS\System32\drivers\Dot4Prt.sys [27040 2012-10-19] (Windows (R) Win 7 DDK provider)
- R1 ESProtectionDriver; C:\WINDOWS\system32\drivers\mbae64.sys [77416 2016-12-14] ()
- R3 kbfiltr; C:\WINDOWS\System32\drivers\kbfiltr.sys [14992 2012-08-01] ( )
- S3 MBAMFarflt; C:\WINDOWS\system32\drivers\farflt.sys [102856 2016-12-30] (Malwarebytes)
- S3 MBAMWebProtection; C:\WINDOWS\system32\drivers\mwac.sys [91584 2016-12-31] (Malwarebytes)
- R3 netr28x; C:\WINDOWS\system32\DRIVERS\netr28x.sys [2554528 2015-06-12] (MediaTek Inc.)
- S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [164992 2016-07-22] (Samsung Electronics Co., Ltd.)
- S3 ss_conn_usb_driver; C:\WINDOWS\System32\Drivers\ss_conn_usb_driver.sys [43648 2016-07-22] (Samsung Electronics Co., Ltd.)
- S0 WdBoot; C:\WINDOWS\System32\drivers\WdBoot.sys [44568 2015-10-30] (Microsoft Corporation)
- R0 WdFilter; C:\WINDOWS\System32\drivers\WdFilter.sys [293216 2015-10-30] (Microsoft Corporation)
- R3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [118112 2015-10-30] (Microsoft Corporation)
- S3 btwaudio; \SystemRoot\system32\drivers\btwaudio.sys [X]
- S3 btwavdt; \SystemRoot\System32\drivers\btwavdt.sys [X]
- S3 btwl2cap; \SystemRoot\system32\DRIVERS\btwl2cap.sys [X]
- S3 btwrchid; \SystemRoot\System32\drivers\btwrchid.sys [X]
- S3 MBAMProtection; \??\C:\WINDOWS\system32\drivers\mbam.sys [X]
- ==================== NetSvcs (Avec liste blanche) ===================
- (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
- ==================== Un mois - Créés - fichiers et dossiers ========
- (Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)
- 2017-01-02 00:39 - 2017-01-02 00:41 - 00020734 _____ C:\Users\Letendre Colette\Desktop\FRST.txt
- 2017-01-02 00:39 - 2017-01-02 00:39 - 02418176 _____ (Farbar) C:\Users\Letendre Colette\Desktop\FRST64.exe
- 2017-01-02 00:39 - 2017-01-02 00:39 - 00000000 ____D C:\Users\Letendre Colette\Desktop\FRST-OlderVersion
- 2017-01-01 23:43 - 2017-01-01 23:43 - 00000000 ___HD C:\$WINDOWS.~BT
- 2017-01-01 23:08 - 2017-01-01 23:08 - 00253404 _____ C:\WINDOWS\Minidump\010117-20125-01.dmp
- 2017-01-01 22:59 - 2017-01-01 22:59 - 01107912 _____ (Bleeping Computer, LLC) C:\Users\Letendre Colette\Downloads\rkill64.exe
- 2016-12-31 01:27 - 2016-12-31 01:28 - 00340532 _____ C:\WINDOWS\Minidump\123116-20796-01.dmp
- 2016-12-31 01:03 - 2016-12-31 01:03 - 00000000 ____D C:\zoek_backup
- 2016-12-31 00:56 - 2016-12-31 00:56 - 00566128 _____ (Malwarebytes) C:\Users\Letendre Colette\Downloads\mbam-clean-2.3.0.1001.exe
- 2016-12-31 00:53 - 2016-12-31 01:03 - 01309184 _____ C:\Users\Letendre Colette\Downloads\zoek.exe
- 2016-12-31 00:50 - 2016-12-31 00:57 - 00602112 _____ (OldTimer Tools) C:\Users\Letendre Colette\Downloads\OTL.exe
- 2016-12-31 00:47 - 2016-12-31 00:53 - 00042845 _____ C:\Users\Letendre Colette\Downloads\Addition.txt
- 2016-12-31 00:43 - 2017-01-02 00:39 - 00000000 ____D C:\FRST
- 2016-12-31 00:43 - 2016-12-31 00:47 - 00031644 _____ C:\Users\Letendre Colette\Downloads\FRST.txt
- 2016-12-31 00:42 - 2016-12-31 01:00 - 00380928 _____ C:\Users\Letendre Colette\Downloads\zuvvwk1f.exe
- 2016-12-31 00:37 - 2016-12-31 00:43 - 02420736 _____ (Farbar) C:\Users\Letendre Colette\Downloads\FRST64.exe
- 2016-12-30 21:50 - 2016-12-31 00:51 - 00091584 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mwac.sys
- 2016-12-30 21:50 - 2016-12-30 23:51 - 00102856 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\farflt.sys
- 2016-12-30 21:49 - 2016-12-30 21:49 - 00001914 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
- 2016-12-30 21:49 - 2016-12-30 21:49 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes
- 2016-12-30 21:49 - 2016-12-30 21:49 - 00000000 ____D C:\Program Files\Malwarebytes
- 2016-12-30 21:49 - 2016-12-14 12:55 - 00077416 _____ C:\WINDOWS\system32\Drivers\mbae64.sys
- 2016-12-30 21:24 - 2016-12-30 21:24 - 00284628 _____ C:\WINDOWS\Minidump\123016-25812-01.dmp
- 2016-12-30 21:11 - 2016-12-30 21:17 - 54199488 _____ (Malwarebytes ) C:\Users\Letendre Colette\Downloads\mb3-setup-consumer-3.0.5.1299.exe
- 2016-12-30 21:04 - 2016-12-30 21:05 - 01663040 _____ (Malwarebytes) C:\Users\Letendre Colette\Downloads\JRT (1).exe
- 2016-12-30 21:03 - 2016-12-30 21:04 - 03977168 _____ C:\Users\Letendre Colette\Downloads\AdwCleaner.exe
- 2016-12-30 20:52 - 2016-12-30 20:52 - 00037270 _____ C:\Users\Letendre Colette\Downloads\hijackthis.log
- 2016-12-30 20:49 - 2017-01-02 00:35 - 00002898 _____ C:\Users\Letendre Colette\Desktop\Rkill.txt
- 2016-12-30 15:34 - 2016-12-30 15:34 - 00000000 ____D C:\Users\Letendre Colette\AppData\Roaming\XnView
- 2016-12-30 15:30 - 2016-12-30 15:35 - 00000994 _____ C:\Users\Letendre Colette\Desktop\XnView.lnk
- 2016-12-30 15:30 - 2016-12-30 15:30 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\XnView
- 2016-12-30 15:29 - 2016-12-30 15:30 - 00000000 ____D C:\Program Files (x86)\XnView
- 2016-12-30 15:21 - 2016-12-30 15:28 - 19336160 _____ (Gougelet Pierre-e ) C:\Users\Letendre Colette\Downloads\XnView-win-full.exe
- 2016-12-30 15:19 - 2016-12-30 15:20 - 03743734 _____ (PhapSoftware ) C:\Users\Letendre Colette\Downloads\ImageGlass_3.5.9.17.exe
- 2016-12-30 14:59 - 2016-12-30 14:59 - 00242628 _____ C:\WINDOWS\Minidump\123016-26203-01.dmp
- 2016-12-30 12:55 - 2016-12-30 12:55 - 00001215 _____ C:\Users\Public\Desktop\SideSync.lnk
- 2016-12-30 12:55 - 2016-12-30 12:55 - 00001145 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SideSync.lnk
- 2016-12-30 10:46 - 2016-12-30 10:46 - 00250156 _____ C:\WINDOWS\Minidump\123016-32281-01.dmp
- 2016-12-30 10:15 - 2016-12-30 10:15 - 00272868 _____ C:\WINDOWS\Minidump\123016-49640-01.dmp
- ==================== Un mois - Modifiés - fichiers et dossiers ========
- (Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)
- 2017-01-02 00:11 - 2016-08-06 08:24 - 00000000 ____D C:\ProgramData\ASUS Smart Gesture
- 2017-01-02 00:11 - 2014-02-12 04:26 - 00000408 _____ C:\Users\Letendre Colette\AppData\Roaming\sp_data.sys
- 2017-01-02 00:11 - 2013-07-29 17:42 - 00002432 _____ C:\WINDOWS\System32\Tasks\ASUS USB Charger Plus
- 2017-01-02 00:11 - 2013-07-29 17:41 - 00002562 _____ C:\WINDOWS\System32\Tasks\ASUS Live Update
- 2017-01-02 00:11 - 2013-07-29 17:40 - 00002516 _____ C:\WINDOWS\System32\Tasks\ASUS P4G
- 2017-01-02 00:11 - 2013-07-29 17:40 - 00002068 _____ C:\WINDOWS\System32\Tasks\ASUS InstantOn Config
- 2017-01-02 00:08 - 2014-02-27 02:03 - 00001002 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
- 2017-01-01 23:43 - 2016-06-15 16:39 - 00000000 ___DC C:\WINDOWS\Panther
- 2017-01-01 23:08 - 2016-07-14 22:44 - 451365037 _____ C:\WINDOWS\MEMORY.DMP
- 2017-01-01 23:08 - 2016-07-14 22:44 - 00000000 ____D C:\WINDOWS\Minidump
- 2017-01-01 23:08 - 2016-04-27 00:43 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
- 2017-01-01 23:02 - 2016-06-15 21:50 - 00000000 ____D C:\Users\Letendre Colette
- 2017-01-01 22:53 - 2015-10-30 02:24 - 00000000 ____D C:\WINDOWS\AppReadiness
- 2017-01-01 22:48 - 2015-10-30 02:24 - 00000000 ___HD C:\Program Files\WindowsApps
- 2016-12-31 22:05 - 2016-11-18 13:21 - 00000000 ____D C:\Users\Letendre Colette\AppData\LocalLow\Mozilla
- 2016-12-31 21:54 - 2016-07-28 12:50 - 00004174 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{28A5DF8C-3891-4AD8-9479-DEFBA95AEFCD}
- 2016-12-31 21:52 - 2014-09-07 12:24 - 00000000 ____D C:\Users\Letendre Colette\AppData\LocalLow\LastPass
- 2016-12-31 02:25 - 2013-07-29 17:20 - 00000000 __SHD C:\System Volume Information
- 2016-12-31 01:42 - 2015-10-30 01:28 - 05271552 _____ C:\WINDOWS\system32\config\DRIVERS
- 2016-12-31 01:18 - 2015-06-09 10:46 - 00000000 ____D C:\Users\Letendre Colette\AppData\Local\Google
- 2016-12-31 01:03 - 2015-10-30 01:28 - 00000000 ____D C:\WINDOWS\SysWOW64
- 2016-12-31 00:56 - 2016-08-16 14:37 - 00000000 ____D C:\ProgramData\Malwarebytes
- 2016-12-31 00:03 - 2014-09-14 13:26 - 00000000 ____D C:\Users\Letendre Colette\AppData\Local\ElevatedDiagnostics
- 2016-12-30 23:53 - 2016-06-15 21:50 - 00000000 ____D C:\Users\Letendre Colette\AppData\Local
- 2016-12-30 22:51 - 2016-06-15 21:50 - 00524288 ___SH C:\Users\Letendre Colette\NTUSER.DAT{404b0371-0bf7-11e6-9eee-c7f85b4f6d8d}.TMContainer00000000000000000002.regtrans-ms
- 2016-12-30 22:51 - 2016-06-15 21:50 - 00065536 ___SH C:\Users\Letendre Colette\NTUSER.DAT{404b0371-0bf7-11e6-9eee-c7f85b4f6d8d}.TM.blf
- 2016-12-30 21:49 - 2015-10-30 02:24 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs
- 2016-12-30 21:49 - 2015-10-30 01:28 - 00000000 ___RD C:\Program Files (x86)
- 2016-12-30 21:49 - 2015-10-30 01:28 - 00000000 ___RD C:\Program Files
- 2016-12-30 21:49 - 2013-08-22 10:36 - 00000000 __RHD C:\Users\Public\Desktop
- 2016-12-30 21:36 - 2014-03-22 16:00 - 00000000 ____D C:\Users\Letendre Colette\AppData\Roaming\.minecraft
- 2016-12-30 21:17 - 2016-01-29 18:31 - 00000000 ____D C:\AdwCleaner
- 2016-12-30 21:17 - 2015-06-09 11:34 - 00000000 ____D C:\Program Files (x86)\Yahoo!
- 2016-12-30 15:34 - 2016-06-15 21:50 - 00000000 ____D C:\Users\Letendre Colette\AppData\Roaming
- 2016-12-30 15:21 - 2016-07-28 12:29 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ImageGlass
- 2016-12-30 15:21 - 2016-07-28 12:29 - 00000000 ____D C:\Program Files\ImageGlass
- 2016-12-30 12:54 - 2015-10-30 02:24 - 00000000 __SHD C:\WINDOWS\Installer
- 2016-12-30 12:54 - 2014-09-12 16:32 - 00000000 __SHD C:\Config.Msi
- 2016-12-30 11:05 - 2016-04-27 00:43 - 00524288 ___SH C:\Users\Administrateur\NTUSER.DAT
- 2016-12-30 11:05 - 2014-02-27 02:35 - 00262144 _____ C:\Users\Public\NTUSER.DAT
- 2016-12-30 10:13 - 2015-10-30 01:28 - 00000000 ____D C:\WINDOWS\WinSxS
- 2016-12-30 09:58 - 2015-10-30 02:24 - 00000000 ____D C:\WINDOWS\system32\config\RegBack
- 2016-12-29 23:33 - 2016-04-27 00:12 - 00825500 _____ C:\WINDOWS\system32\perfh00C.dat
- 2016-12-29 23:33 - 2016-04-27 00:12 - 00155764 _____ C:\WINDOWS\system32\perfc00C.dat
- 2016-12-29 23:33 - 2015-10-30 02:26 - 00734494 _____ C:\WINDOWS\system32\perfh009.dat
- 2016-12-29 23:33 - 2015-10-30 02:26 - 00139034 _____ C:\WINDOWS\system32\perfc009.dat
- 2016-12-29 23:33 - 2015-10-30 02:21 - 00000000 ____D C:\WINDOWS\INF
- 2016-12-29 23:33 - 2015-08-08 15:23 - 01848398 _____ C:\WINDOWS\system32\PerfStringBackup.INI
- 2016-12-29 23:29 - 2016-04-27 00:40 - 00039441 _____ C:\WINDOWS\setupact.log
- 2016-12-26 16:09 - 2016-06-15 21:44 - 00000000 ____D C:\Program Files\AMD
- 2016-12-26 15:55 - 2014-03-06 16:33 - 00000000 ____D C:\AMD
- 2016-12-22 09:53 - 2014-02-12 04:24 - 00000000 ___RD C:\Users\Letendre Colette\Pictures
- 2016-12-22 09:22 - 2015-10-03 21:15 - 00001517 _____ C:\Users\Letendre Colette\Desktop\Photos.lnk
- 2016-12-22 08:39 - 2016-11-18 11:18 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
- 2016-12-22 08:39 - 2014-02-27 01:28 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
- 2016-12-19 20:33 - 2015-08-08 15:20 - 00002260 _____ C:\Users\Public\Desktop\Google Chrome.lnk
- 2016-12-19 20:33 - 2015-06-09 10:47 - 00002272 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
- 2016-12-19 20:23 - 2015-10-30 02:24 - 00000000 ___RD C:\WINDOWS\assembly
- 2016-12-19 20:21 - 2015-06-09 10:46 - 00003586 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
- 2016-12-19 20:21 - 2015-06-09 10:46 - 00003462 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
- 2016-12-19 20:21 - 2013-08-22 10:36 - 00000000 ____D C:\WINDOWS\Tasks
- 2016-12-19 20:14 - 2015-10-30 02:24 - 00000000 ____D C:\WINDOWS\system32\Macromed
- 2016-12-19 20:10 - 2015-10-30 02:24 - 00000000 ____D C:\WINDOWS\SysWOW64\Macromed
- 2016-12-05 20:38 - 2015-10-30 02:24 - 00000000 ____D C:\WINDOWS\system32\NDF
- 2016-12-05 20:37 - 2015-01-25 15:29 - 00000000 ____D C:\Users\Letendre Colette\AppData\Local\Diagnostics
- 2016-12-04 21:15 - 2014-02-12 04:24 - 00000000 ____D C:\Users\Letendre Colette\AppData\Local\Packages
- ==================== Fichiers à la racine de certains dossiers =======
- 2014-02-12 04:26 - 2017-01-02 00:11 - 0000408 _____ () C:\Users\Letendre Colette\AppData\Roaming\sp_data.sys
- 2014-04-20 21:48 - 2014-04-20 21:54 - 0000600 _____ () C:\Users\Letendre Colette\AppData\Local\PUTTY.RND
- 2014-03-23 17:27 - 2014-03-23 17:27 - 0001000 _____ () C:\Users\Letendre Colette\AppData\Local\recently-used.xbel
- 2016-06-15 21:44 - 2016-06-15 21:44 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
- 2013-05-01 04:34 - 2012-09-07 06:40 - 0000256 _____ () C:\ProgramData\SetStretch.cmd
- 2013-05-01 04:34 - 2009-07-22 05:04 - 0024576 _____ () C:\ProgramData\SetStretch.exe
- 2013-05-01 04:34 - 2012-09-07 06:37 - 0000103 _____ () C:\ProgramData\SetStretch.VBS
- 2014-02-12 09:25 - 2014-02-12 09:29 - 0000105 _____ () C:\ProgramData\{40BF1E83-20EB-11D8-97C5-0009C5020658}.log
- 2014-02-12 09:23 - 2014-02-12 09:25 - 0000107 _____ () C:\ProgramData\{C59C179C-668D-49A9-B6EA-0121CCFC1243}.log
- Certains fichiers dans TEMP:
- ====================
- C:\Users\Letendre Colette\AppData\Local\Temp\ACLMInstaller.exe
- C:\Users\Letendre Colette\AppData\Local\Temp\libeay32.dll
- C:\Users\Letendre Colette\AppData\Local\Temp\msvcr120.dll
- C:\Users\Letendre Colette\AppData\Local\Temp\sqlite3.dll
- C:\Users\Letendre Colette\AppData\Local\Temp\tmp60EE.exe
- ==================== Bamital & volsnap ======================
- (Il n'y a pas de correction automatique pour les fichiers qui ne satisfont pas à la vérification.)
- C:\WINDOWS\system32\winlogon.exe => Le fichier est signé numériquement
- C:\WINDOWS\system32\wininit.exe => Le fichier est signé numériquement
- C:\WINDOWS\explorer.exe => Le fichier est signé numériquement
- C:\WINDOWS\SysWOW64\explorer.exe => Le fichier est signé numériquement
- C:\WINDOWS\system32\svchost.exe => Le fichier est signé numériquement
- C:\WINDOWS\SysWOW64\svchost.exe => Le fichier est signé numériquement
- C:\WINDOWS\system32\services.exe => Le fichier est signé numériquement
- C:\WINDOWS\system32\User32.dll => Le fichier est signé numériquement
- C:\WINDOWS\SysWOW64\User32.dll => Le fichier est signé numériquement
- C:\WINDOWS\system32\userinit.exe => Le fichier est signé numériquement
- C:\WINDOWS\SysWOW64\userinit.exe => Le fichier est signé numériquement
- C:\WINDOWS\system32\rpcss.dll => Le fichier est signé numériquement
- C:\WINDOWS\system32\dnsapi.dll => Le fichier est signé numériquement
- C:\WINDOWS\SysWOW64\dnsapi.dll => Le fichier est signé numériquement
- C:\WINDOWS\system32\Drivers\volsnap.sys => Le fichier est signé numériquement
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement