Publicité
Publicité
Format du document : text/plain
Prévisualisation
Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 29-05-2015
Ran by propriétaire (administrator) on PC-DE-PROPRIÉTA on 02-06-2015 09:08:03
Running from C:\Users\propriétaire\Downloads
Loaded Profiles: propriétaire (Available Profiles: propriétaire)
Platform: Microsoft® Windows Vista™ Édition Familiale Premium Service Pack 2 (X86) OS Language: Français (France)
Internet Explorer Version 9 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Microsoft Corporation) C:\Windows\System32\SLsvc.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Avast Software s.r.o.) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Morpho e-Documents) C:\Windows\System32\TokenShareSrv32.exe
(Morpho e-Documents) C:\Windows\System32\TokenShareSrv32.exe
() C:\Acer\Empowering Technology\ePerformance\MemCheck.exe
() C:\Program Files\CyberLink\Shared Files\RichVideo.exe
(Microsoft Corp.) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVCM.EXE
(Acer Inc.) C:\Acer\Empowering Technology\eRecovery\eRecoveryService.exe
(Avast Software s.r.o.) C:\Program Files\AVAST Software\Avast\avastui.exe
(Realtek Semiconductor) C:\Windows\RtHDVCpl.exe
(Microsoft Corporation) C:\Windows\ehome\ehtray.exe
(Hewlett-Packard Co.) C:\Program Files\HP\HP Photosmart 7520 series\Bin\ScanToPCActivationApp.exe
(Microsoft Corporation) C:\Windows\ehome\ehmsas.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Hewlett-Packard Co.) C:\Program Files\HP\HP Photosmart 7520 series\Bin\HPNetworkCommunicatorCom.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner.exe
(Microsoft Corporation) C:\Windows\System32\wbem\unsecapp.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Hewlett-Packard Co.) C:\Program Files\HP\HP Photosmart 7520 series\Bin\HPNetworkCommunicator.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jusched.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [APSDaemon] => C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-04-21] (Apple Inc.)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [5515496 2015-05-12] (Avast Software s.r.o.)
HKLM\...\Run: [RtHDVCpl] => C:\Windows\RtHDVCpl.exe [3784704 2006-11-09] (Realtek Semiconductor)
HKLM\...\Policies\Explorer: [EnableShellExecuteHooks] 1
HKU\S-1-5-21-3144261404-479229320-1640704271-1000\...\Run: [ehTray.exe] => C:\Windows\ehome\ehTray.exe [125952 2008-01-19] (Microsoft Corporation)
HKU\S-1-5-21-3144261404-479229320-1640704271-1000\...\Run: [HP Photosmart 7520 series (NET)] => C:\Program Files\HP\HP Photosmart 7520 series\Bin\ScanToPCActivationApp.exe [1837672 2012-10-17] (Hewlett-Packard Co.)
HKU\S-1-5-21-3144261404-479229320-1640704271-1000\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner.exe [6369048 2015-05-08] (Piriform Ltd)
HKU\S-1-5-21-3144261404-479229320-1640704271-1000\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\ACER(N~1.SCR [187392 2006-10-19] ()
HKU\S-1-5-18\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\ACER(N~1.SCR [187392 2006-10-19] ()
Startup: C:\Users\propriétaire\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Alertes de surveillance de l'encre - .lnk [2014-03-06]
ShortcutTarget: Alertes de surveillance de l'encre - .lnk -> C:\Program Files\HP\HP Photosmart 7520 series\Bin\HPStatusBL.dll (Hewlett-Packard Co.)
Startup: C:\Users\propriétaire\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Alertes de surveillance de l'encre - HP Photosmart 7520 series (réseau).lnk [2014-06-18]
ShortcutTarget: Alertes de surveillance de l'encre - HP Photosmart 7520 series (réseau).lnk -> C:\Program Files\HP\HP Photosmart 7520 series\Bin\HPStatusBL.dll (Hewlett-Packard Co.)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2015-04-23] (Avast Software s.r.o.)
ShellIconOverlayIdentifiers: [GDriveBlacklistedOverlay] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files\Google\Drive\googledrivesync32.dll [2015-04-28] (Google)
ShellIconOverlayIdentifiers: [GDriveSharedEditOverlay] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44} => C:\Program Files\Google\Drive\googledrivesync32.dll [2015-04-28] (Google)
ShellIconOverlayIdentifiers: [GDriveSharedOverlay] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44} => C:\Program Files\Google\Drive\googledrivesync32.dll [2015-04-28] (Google)
ShellIconOverlayIdentifiers: [GDriveSharedViewOverlay] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D43} => C:\Program Files\Google\Drive\googledrivesync32.dll [2015-04-28] (Google)
ShellIconOverlayIdentifiers: [GDriveSyncedOverlay] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files\Google\Drive\googledrivesync32.dll [2015-04-28] (Google)
ShellIconOverlayIdentifiers: [GDriveSyncingOverlay] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files\Google\Drive\googledrivesync32.dll [2015-04-28] (Google)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKU\S-1-5-21-3144261404-479229320-1640704271-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com/
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\S-1-5-21-3144261404-479229320-1640704271-1000\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-3144261404-479229320-1640704271-1000 -> DefaultScope {814C76CB-2623-43F4-AAD0-58A0E5190A20} URL = http://www.orange.fr/bin/frame1px.cgi?u=http%3A//r.voila.fr/se%3Frdata%3D{searchTerms}%26kw%3D%20%26sev%3D2%26ref%3DW3ACC_vis_prospect_0912_header_rechercher_webr3%26lg%3Dfr%26dblg%3Dfr%26db%3Dwebr3%26ctx%3Dorange%26profil%3Dorange
SearchScopes: HKU\S-1-5-21-3144261404-479229320-1640704271-1000 -> {814C76CB-2623-43F4-AAD0-58A0E5190A20} URL = http://www.orange.fr/bin/frame1px.cgi?u=http%3A//r.voila.fr/se%3Frdata%3D{searchTerms}%26kw%3D%20%26sev%3D2%26ref%3DW3ACC_vis_prospect_0912_header_rechercher_webr3%26lg%3Dfr%26dblg%3Dfr%26db%3Dwebr3%26ctx%3Dorange%26profil%3Dorange
SearchScopes: HKU\S-1-5-21-3144261404-479229320-1640704271-1000 -> {A5B5371C-EA95-4116-B27B-3590152C4EE2} URL = http://fr.search.yahoo.com/search?p={searchTerms}&fr=chr-comodo
BHO: HP Print Enhancer -> {0347C33E-8762-4905-BF09-768834316C61} -> C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll [2009-10-22] (Hewlett-Packard Co.)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_45\bin\ssv.dll [2015-04-21] (Oracle Corporation)
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2015-04-23] (Avast Software s.r.o.)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28] (Microsoft Corp.)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_45\bin\jp2ssv.dll [2015-04-21] (Oracle Corporation)
BHO: HP Smart BHO Class -> {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} -> C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll [2009-10-22] (Hewlett-Packard Co.)
Toolbar: HKLM - barre d'outils Orange - {D3028143-6145-4318-99D3-3EDCE54A95A9} - C:\Program Files\Orange\ToolbarFR\ToolbarContainer101000317.dll [2010-01-12] (Orange)
Toolbar: HKU\S-1-5-21-3144261404-479229320-1640704271-1000 -> No Name - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No File
Toolbar: HKU\S-1-5-21-3144261404-479229320-1640704271-1000 -> No Name - {A057A204-BACC-4D26-9990-79A187E2698E} - No File
Toolbar: HKU\S-1-5-21-3144261404-479229320-1640704271-1000 -> barre d'outils Orange - {D3028143-6145-4318-99D3-3EDCE54A95A9} - C:\Program Files\Orange\ToolbarFR\ToolbarContainer101000317.dll [2010-01-12] (Orange)
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.7.0/jinstall-1_7_0_09-windows-i586.cab
DPF: {CAFEEFAC-0017-0000-0009-ABCDEFFEDCBA} http://java.sun.com/update/1.7.0/jinstall-1_7_0_09-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.7.0/jinstall-1_7_0_09-windows-i586.cab
DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
ShellExecuteHooks: - {AEB6717E-7E19-11d0-97EE-00C04FD91972} - No File [ ]
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
FireFox:
========
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32_17_0_0_188.dll [2015-05-19] ()
FF Plugin: @Google.com/GoogleEarthPlugin -> C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll [2013-10-07] (Google)
FF Plugin: @java.com/DTPlugin,version=11.45.2 -> C:\Program Files\Java\jre1.8.0_45\bin\dtplugin\npDeployJava1.dll [2015-04-21] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.45.2 -> C:\Program Files\Java\jre1.8.0_45\bin\plugin2\npjp2.dll [2015-04-21] (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.40416.0\npctrl.dll [2015-04-15] ( Microsoft Corporation)
FF Plugin: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll [2012-03-08] (Microsoft Corporation)
FF Plugin: @microsoft.com/WLPG,version=15.4.3508.1109 -> C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll [2012-03-08] (Microsoft Corporation)
FF Plugin: @microsoft.com/WLPG,version=15.4.3538.0513 -> C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll [2012-03-08] (Microsoft Corporation)
FF Plugin: @microsoft.com/WLPG,version=15.4.3555.0308 -> C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll [2012-03-08] (Microsoft Corporation)
FF Plugin: @microsoft.com/WPF,version=3.5 -> C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll [2008-07-29] (Microsoft Corporation)
FF Plugin: @rocketlife.com/RocketLife Secure Plug-In Layer;version=1.0.5 -> C:\Users\propriétaire\AppData\Roaming\Visan\plugins\npRLSecurePluginLayer.dll [2011-02-04] (RocketLife, LLP)
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-05-19] (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-05-19] (Google Inc.)
FF Plugin: @videolan.org/vlc,version=2.0.2 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll [2015-04-30] (Adobe Systems Inc.)
FF Plugin: yaxmpb@yahoo.com/YahooActiveXPluginBridge;version=1.0.0.1 -> C:\Program Files\Yahoo!\common\npyaxmpb.dll No File
FF Plugin HKU\S-1-5-21-3144261404-479229320-1640704271-1000: @Skype Limited.com/Facebook Video Calling Plugin -> C:\Users\propriétaire\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll [2014-07-24] (Skype Limited)
FF Plugin HKU\S-1-5-21-3144261404-479229320-1640704271-1000: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\propriétaire\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2014-12-05] (Unity Technologies ApS)
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF Extension: Microsoft .NET Framework Assistant - C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension [2009-07-18]
FF HKLM\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF Extension: HP Smart Web Printing - C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2010-01-14]
FF HKLM\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2013-05-23]
FF HKU\S-1-5-21-3144261404-479229320-1640704271-1000\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
Chrome:
=======
CHR Profile: C:\Users\propriétaire\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Bookmark Manager) - C:\Users\propriétaire\AppData\Local\Google\Chrome\User Data\Default\Extensions\gmlllbghnfkpflemihljekbapjopfjik [2015-04-22]
CHR Extension: (Avast Online Security) - C:\Users\propriétaire\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2014-08-12]
CHR Extension: (Chrome Hotword Shared Module) - C:\Users\propriétaire\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-03-05]
CHR Extension: (Google Wallet) - C:\Users\propriétaire\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-05-09]
CHR HKLM\...\Chrome\Extension: [aaaanggjopenpllbdidcpbendcjhbjme] - C:\Users\propriétaire\AppData\Local\APN\GoogleCRXs\aaaanggjopenpllbdidcpbendcjhbjme_7.14.1.0.crx [Not Found]
CHR HKLM\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2015-04-23]
========================== Services (Whitelisted) =================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 AcerMemUsageCheckService; C:\Acer\Empowering Technology\ePerformance\MemCheck.exe [24576 2006-11-12] () [File not signed]
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [343336 2015-04-23] (Avast Software s.r.o.)
R2 eRecoveryService; C:\Acer\Empowering Technology\eRecovery\eRecoveryService.exe [45056 2006-12-08] (Acer Inc.) [File not signed]
S2 gupdate1c9ba899e46fa8a; C:\Program Files\Google\Update\GoogleUpdate.exe [107912 2014-10-28] (Google Inc.)
R3 hpqcxs08; C:\Program Files\HP\Digital Imaging\bin\hpqcxs08.dll [248832 2009-05-21] (Hewlett-Packard Co.) [File not signed]
R2 hpqddsvc; C:\Program Files\HP\Digital Imaging\bin\hpqddsvc.dll [135168 2008-03-25] (Hewlett-Packard Co.) [File not signed]
R2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [44032 2010-08-06] (Hewlett-Packard) [File not signed]
R2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [53760 2010-08-06] (Hewlett-Packard) [File not signed]
R2 RichVideo; C:\Program Files\CyberLink\Shared Files\RichVideo.exe [143360 2005-01-21] () [File not signed]
S3 ServiceLayer; C:\Program Files\PC Connectivity Solution\ServiceLayer.exe [210432 2006-11-06] (Nokia.) [File not signed]
R2 StdTokenShareSrv_Service; C:\Windows\system32\TokenShareSrv32.exe [1789952 2011-03-10] (Morpho e-Documents) [File not signed]
S2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [272952 2008-01-19] (Microsoft Corporation)
==================== Drivers (Whitelisted) ====================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S3 ACSSCR; C:\Windows\System32\DRIVERS\a38usb.sys [37632 2010-02-03] (Advanced Card Systems Ltd)
R3 Afc; C:\Windows\System32\drivers\Afc.sys [11776 2005-02-23] (Arcsoft, Inc.) [File not signed]
S3 akshasp; C:\Windows\System32\DRIVERS\akshasp.sys [327168 2006-11-22] (Aladdin Knowledge Systems Ltd.)
S3 aksusb; C:\Windows\System32\DRIVERS\aksusb.sys [100096 2006-11-22] (Aladdin Knowledge Systems Ltd.)
S3 ARCSOFTVIRTUALCAPTURE; C:\Windows\System32\DRIVERS\ArcSoftVirtualCapture.sys [15104 2006-12-07] (ArcSoft, Inc.)
R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [24144 2015-04-23] ()
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [74976 2015-04-23] (Avast Software s.r.o.)
R1 AswRdr; C:\Windows\system32\drivers\aswRdr.sys [55200 2015-04-23] (Avast Software s.r.o.)
R0 aswRvrt; C:\Windows\system32\Drivers\aswRvrt.sys [49904 2015-04-23] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [787760 2015-04-23] (Avast Software s.r.o.)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [427992 2015-04-23] (Avast Software s.r.o.)
R1 aswTdi; C:\Windows\system32\drivers\aswTdi.sys [57888 2015-04-23] (Avast Software s.r.o.)
R0 aswVmm; C:\Windows\system32\Drivers\aswVmm.sys [209048 2015-04-23] ()
R2 Hardlock; C:\Windows\system32\drivers\hardlock.sys [693760 2006-11-22] (Aladdin Knowledge Systems Ltd.)
R2 Haspnt; C:\Windows\system32\drivers\Haspnt.sys [47616 2010-04-21] (Aladdin Knowledge Systems) [File not signed]
R2 int15; C:\Acer\Empowering Technology\eRecovery\int15.sys [76584 2006-12-07] ()
S3 MBAMSwissArmy; C:\Windows\system32\drivers\mbamswissarmy.sys [40776 2014-04-04] (Malwarebytes Corporation)
S3 NTIDrvr; C:\Windows\System32\DRIVERS\NTIDrvr.sys [6144 2006-12-14] (NewTech Infosystems, Inc.) [File not signed]
R3 PAC7302; C:\Windows\System32\DRIVERS\PAC7302.SYS [457856 2007-06-14] (PixArt Imaging Inc.)
R3 pfc; C:\Windows\System32\drivers\pfc.sys [21248 2003-09-19] (Padus, Inc.) [File not signed]
R0 PSDFilter; C:\Windows\System32\DRIVERS\psdfilter.sys [10624 2006-11-10] (HiTRUST) [File not signed]
R0 PSDNServ; C:\Windows\System32\drivers\PSDNServ.sys [7936 2006-11-10] (HiTRUST) [File not signed]
R0 psdvdisk; C:\Windows\System32\drivers\psdvdisk.sys [53760 2006-11-08] (HiTRUST) [File not signed]
R1 SbFw; C:\Windows\System32\drivers\SbFw.sys [270888 2008-10-31] (Sunbelt Software, Inc.)
R3 SBFWIMCL; C:\Windows\System32\DRIVERS\sbfwim.sys [65576 2008-06-21] (Sunbelt Software, Inc.)
S3 SIS163u; C:\Windows\System32\DRIVERS\sis163u.sys [215040 2005-06-20] (SiS Corporation)
S3 SNPSTD3; C:\Windows\System32\DRIVERS\snpstd3.sys [8701824 2005-10-13] ()
R2 SSPORT; C:\Windows\system32\Drivers\SSPORT.sys [5120 2010-12-23] (Samsung Electronics) [File not signed]
S4 UBHelper; C:\Windows\system32\Drivers\UBHelper.sys [13952 2006-08-29] () [File not signed]
U5 AppMgmt; C:\Windows\system32\svchost.exe [21504 2008-01-19] (Microsoft Corporation)
S4 blbdrive; \SystemRoot\system32\drivers\blbdrive.sys [X]
S3 catchme; \??\C:\ComboFix\catchme.sys [X]
S3 IpInIp; system32\DRIVERS\ipinip.sys [X]
S3 NwlnkFlt; system32\DRIVERS\nwlnkflt.sys [X]
S3 NwlnkFwd; system32\DRIVERS\nwlnkfwd.sys [X]
S3 SQTECH9080; System32\Drivers\Capt9080.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2015-06-02 09:08 - 2015-06-02 09:09 - 00020311 _____ () C:\Users\propriétaire\Downloads\FRST.txt
2015-06-02 09:05 - 2015-06-02 09:06 - 01147392 _____ (Farbar) C:\Users\propriétaire\Downloads\FRST.exe
2015-05-30 09:23 - 2015-05-30 09:23 - 00049664 _____ () C:\Users\propriétaire\Downloads\exemple-livre-comptes-3.xls
2015-05-29 08:29 - 2015-05-29 08:29 - 00001588 _____ () C:\Windows\PFRO.log
2015-05-29 08:14 - 2015-05-29 08:14 - 06549184 _____ (Piriform Ltd) C:\Users\propriétaire\Downloads\ccsetup506.exe
2015-05-29 08:14 - 2015-05-29 08:14 - 06549184 _____ (Piriform Ltd) C:\Users\propriétaire\Downloads\ccsetup506 (1).exe
2015-05-29 07:31 - 2015-05-29 07:32 - 00000000 ____D () C:\Users\propriétaire\AppData\Local\{E0D94892-6B21-4C33-A0E9-56C28F38DD86}
2015-05-28 17:33 - 2015-05-28 17:33 - 00014108 _____ () C:\Users\propriétaire\Desktop\K.BIS.odt
2015-05-28 07:53 - 2015-05-28 07:54 - 02959504 _____ (Hewlett-Packard ) C:\Users\propriétaire\Downloads\hpusetup.exe
2015-05-28 07:53 - 2015-05-28 07:54 - 02959504 _____ (Hewlett-Packard ) C:\Users\propriétaire\Downloads\hpusetup (1).exe
2015-05-28 07:36 - 2015-05-28 07:36 - 00000000 ____D () C:\Users\propriétaire\AppData\Local\{717E4D35-F293-4247-9768-E2CF8DF8E941}
2015-05-27 08:33 - 2015-05-27 08:33 - 00001732 _____ () C:\Users\propriétaire\Desktop\ZHPFix.lnk
2015-05-27 08:33 - 2015-05-27 08:33 - 00001609 _____ () C:\Users\propriétaire\Desktop\ZHPDiag.lnk
2015-05-27 08:33 - 2015-05-27 08:33 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ZHP
2015-05-27 08:31 - 2015-05-27 08:32 - 06882129 _____ (Nicolas Coolman ) C:\Users\propriétaire\Downloads\ZHPDiag2 (1).exe
2015-05-27 07:35 - 2015-05-27 07:35 - 00000000 ____D () C:\Users\propriétaire\AppData\Local\{C9411071-5DC4-4357-93F8-4E7717E5BB99}
2015-05-26 07:40 - 2015-05-26 07:40 - 00000000 ____D () C:\Users\propriétaire\AppData\Local\{E79EB400-8851-4274-9C99-57ECF5D24429}
2015-05-23 17:37 - 2015-05-23 17:37 - 00000823 _____ () C:\Users\Public\Desktop\VLC media player.lnk
2015-05-23 07:31 - 2015-05-23 07:32 - 00000000 ____D () C:\Users\propriétaire\AppData\Local\{F59A286F-38D6-4928-979F-961AF3B3D4EF}
2015-05-22 07:36 - 2015-05-22 07:36 - 00000000 ____D () C:\Users\propriétaire\AppData\Local\{8940E5ED-266A-4396-9392-175FEFECA5DC}
2015-05-21 07:38 - 2015-05-21 07:39 - 00000000 ____D () C:\Users\propriétaire\AppData\Local\{B2ECBACB-83EB-4B70-9926-BB1428B98259}
2015-05-20 08:40 - 2015-05-20 08:40 - 06880230 _____ (Nicolas Coolman ) C:\Users\propriétaire\Downloads\ZHPDiag2.exe
2015-05-20 08:13 - 2015-05-20 08:16 - 00000000 ____D () C:\AdwCleaner
2015-05-20 08:12 - 2015-05-20 08:12 - 02209792 _____ () C:\Users\propriétaire\Downloads\adwcleaner_4.204 (1).exe
2015-05-20 07:37 - 2015-05-20 07:37 - 00000000 ____D () C:\Users\propriétaire\AppData\Local\{057FDD04-3879-4784-8EF2-5908BFAAF3E1}
2015-05-19 18:14 - 2015-05-19 18:14 - 00000747 _____ () C:\Users\propriétaire\Desktop\ZHPCleaner.lnk
2015-05-19 18:13 - 2015-05-19 18:13 - 01835520 _____ () C:\Users\propriétaire\Downloads\ZHPCleaner.exe
2015-05-19 18:13 - 2015-05-19 18:13 - 01835520 _____ () C:\Users\propriétaire\Downloads\ZHPCleaner (1).exe
2015-05-19 14:35 - 2015-05-19 14:35 - 02209792 _____ () C:\Users\propriétaire\Downloads\adwcleaner_4.204.exe
2015-05-19 08:12 - 2015-05-19 08:12 - 00000000 ____D () C:\Users\propriétaire\AppData\Local\Skype
2015-05-16 18:05 - 2015-05-16 18:05 - 00010235 _____ () C:\Users\propriétaire\Desktop\Fiducial.odt
2015-05-13 08:54 - 2015-04-30 18:03 - 00279040 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2015-05-13 08:52 - 2015-04-19 23:24 - 01029120 _____ (Microsoft Corporation) C:\Windows\system32\d3d10.dll
2015-05-13 08:52 - 2015-04-19 23:24 - 00219648 _____ (Microsoft Corporation) C:\Windows\system32\d3d10_1core.dll
2015-05-13 08:52 - 2015-04-19 23:24 - 00189952 _____ (Microsoft Corporation) C:\Windows\system32\d3d10core.dll
2015-05-13 08:52 - 2015-04-19 23:24 - 00160768 _____ (Microsoft Corporation) C:\Windows\system32\d3d10_1.dll
2015-05-13 08:52 - 2015-04-19 22:19 - 01172480 _____ (Microsoft Corporation) C:\Windows\system32\d3d10warp.dll
2015-05-13 08:52 - 2015-04-19 22:18 - 00486400 _____ (Microsoft Corporation) C:\Windows\system32\d3d10level9.dll
2015-05-13 08:52 - 2015-04-19 22:13 - 00682496 _____ (Microsoft Corporation) C:\Windows\system32\d2d1.dll
2015-05-13 08:52 - 2015-04-19 22:12 - 01072640 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll
2015-05-13 08:52 - 2015-04-19 22:12 - 00801792 _____ (Microsoft Corporation) C:\Windows\system32\FntCache.dll
2015-05-13 08:52 - 2015-04-19 06:59 - 02065408 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2015-05-13 08:50 - 2015-04-30 15:14 - 00102608 _____ (Microsoft Corporation) C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll
2015-05-13 08:29 - 2015-04-11 01:22 - 00279552 _____ (Microsoft Corporation) C:\Windows\system32\services.exe
2015-05-13 08:03 - 2015-04-10 17:30 - 12379136 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-05-13 08:03 - 2015-04-10 17:25 - 01810944 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-05-13 08:03 - 2015-04-10 17:25 - 00367616 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2015-05-13 08:03 - 2015-04-10 17:24 - 09750528 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-05-13 08:03 - 2015-04-10 17:21 - 01139200 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-05-13 08:03 - 2015-04-10 17:20 - 01427968 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-05-13 08:03 - 2015-04-10 17:20 - 01129472 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-05-13 08:03 - 2015-04-10 17:19 - 01804288 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-05-13 08:03 - 2015-04-10 17:19 - 00718336 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2015-05-13 08:03 - 2015-04-10 17:19 - 00607744 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-05-13 08:03 - 2015-04-10 17:19 - 00421888 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-05-13 08:03 - 2015-04-10 17:19 - 00353792 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2015-05-13 08:03 - 2015-04-10 17:19 - 00231936 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2015-05-13 08:03 - 2015-04-10 17:19 - 00142848 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2015-05-13 08:03 - 2015-04-10 17:19 - 00065024 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2015-05-13 08:03 - 2015-04-10 17:18 - 02382848 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2015-05-13 08:03 - 2015-04-10 17:18 - 00223232 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-05-13 08:03 - 2015-04-10 17:18 - 00176640 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2015-05-13 08:03 - 2015-04-10 17:18 - 00073216 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-05-13 08:03 - 2015-04-10 17:18 - 00041472 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll
2015-05-13 08:03 - 2015-04-10 17:18 - 00010752 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe
2015-05-07 16:36 - 2015-05-16 16:31 - 00010333 _____ () C:\Users\propriétaire\Desktop\Lettre de relance.odt
2015-05-07 16:21 - 2015-05-07 16:21 - 00010398 _____ () C:\Users\propriétaire\Documents\Lettre de relance.odt
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2015-06-02 09:08 - 2015-01-02 10:22 - 00000000 ____D () C:\FRST
2015-06-02 08:56 - 2009-06-30 12:33 - 00001056 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-06-02 08:50 - 2011-09-28 14:38 - 01163345 _____ () C:\Windows\WindowsUpdate.log
2015-06-02 08:42 - 2012-04-04 09:08 - 00001002 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-06-02 07:32 - 2006-11-02 15:01 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2015-06-02 07:32 - 2006-11-02 14:47 - 00003168 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
2015-06-02 07:32 - 2006-11-02 14:47 - 00003168 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
2015-05-30 18:05 - 2006-11-02 15:01 - 00032504 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2015-05-30 15:26 - 2015-03-29 15:26 - 00000380 _____ () C:\Windows\Tasks\SlimCleaner Plus (Scheduled Scan - propriétaire).job
2015-05-30 14:49 - 2013-10-08 15:01 - 00000000 ____D () C:\Users\propriétaire\Desktop\Fact Clients
2015-05-30 09:59 - 2007-11-14 19:27 - 00000000 ____D () C:\Users\propriétaire\AppData\Roaming\OFFICEOne7
2015-05-29 08:34 - 2008-12-18 19:39 - 00000000 ____D () C:\Users\propriétaire\Tracing
2015-05-29 08:24 - 2013-04-09 16:08 - 00000000 ____D () C:\Windows\Minidump
2015-05-29 08:16 - 2013-05-28 14:51 - 00000768 _____ () C:\Users\Public\Desktop\CCleaner.lnk
2015-05-29 08:16 - 2013-05-25 14:57 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2015-05-29 08:16 - 2011-12-09 09:34 - 00000000 ____D () C:\Program Files\CCleaner
2015-05-28 17:24 - 2006-11-02 12:33 - 01631544 _____ () C:\Windows\system32\PerfStringBackup.INI
2015-05-28 07:58 - 2009-09-01 08:42 - 00000000 ____D () C:\Users\propriétaire\AppData\Roaming\HpUpdate
2015-05-27 08:45 - 2014-04-04 11:19 - 00000000 ____D () C:\Program Files\ZHPDiag
2015-05-27 08:40 - 2014-04-04 11:46 - 00000512 _____ () C:\PhysicalDisk0_MBR.bin
2015-05-27 08:36 - 2014-04-04 11:19 - 00000000 ____D () C:\Users\propriétaire\AppData\Roaming\ZHP
2015-05-27 07:54 - 2006-11-02 13:18 - 00000000 ____D () C:\Windows\Microsoft.NET
2015-05-23 17:40 - 2011-06-28 17:59 - 00000000 ____D () C:\Users\propriétaire\AppData\Roaming\vlc
2015-05-21 09:36 - 2007-12-11 09:25 - 00000000 ____D () C:\Program Files\Google
2015-05-21 09:31 - 2007-12-11 09:25 - 00000000 ____D () C:\Users\propriétaire\AppData\Local\Google
2015-05-19 14:11 - 2009-04-11 11:41 - 00000000 ____D () C:\Users\propriétaire\AppData\Roaming\Skype
2015-05-19 08:11 - 2015-04-15 08:03 - 00000000 ___RD () C:\Program Files\Skype
2015-05-19 08:11 - 2009-04-11 11:39 - 00000000 ____D () C:\ProgramData\Skype
2015-05-19 08:08 - 2012-04-04 09:08 - 00778416 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
2015-05-19 08:08 - 2011-05-18 07:50 - 00142512 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl
2015-05-19 07:56 - 2014-05-09 07:41 - 00001052 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore1cf6b494ffd0a3d.job
2015-05-15 14:37 - 2015-01-29 11:29 - 00002455 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader X.lnk
2015-05-13 09:00 - 2013-01-24 12:59 - 00583016 _____ () C:\Windows\system32\FNTCACHE.DAT
2015-05-13 08:59 - 2006-11-02 14:37 - 00000000 ____D () C:\Windows\system32\XPSViewer
2015-05-13 08:59 - 2006-11-02 14:37 - 00000000 ____D () C:\Program Files\Windows Journal
2015-05-13 08:58 - 2008-12-18 19:33 - 00000000 ____D () C:\Program Files\Microsoft Silverlight
2015-05-13 08:49 - 2013-08-27 16:18 - 00000000 ____D () C:\Windows\system32\MRT
2015-05-13 08:34 - 2006-11-02 12:24 - 137310008 _____ (Microsoft Corporation) C:\Windows\system32\mrt.exe
2015-05-13 08:27 - 2010-06-04 18:40 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2015-05-07 08:25 - 2013-05-21 12:23 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Drive
==================== Files in the root of some directories =======
2014-12-26 16:11 - 2014-12-27 09:12 - 0000065 _____ () C:\Users\propriétaire\AppData\Roaming\WB.CFG
2007-11-16 18:08 - 2013-08-28 07:46 - 0058368 _____ () C:\Users\propriétaire\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2015-04-07 15:25 - 2015-04-07 15:25 - 0000218 _____ () C:\Users\propriétaire\AppData\Local\recently-used.xbel
2014-03-06 15:47 - 2014-03-06 15:47 - 0000057 _____ () C:\ProgramData\Ament.ini
==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2015-06-02 07:41
==================== End of log ============================
Ran by propriétaire (administrator) on PC-DE-PROPRIÉTA on 02-06-2015 09:08:03
Running from C:\Users\propriétaire\Downloads
Loaded Profiles: propriétaire (Available Profiles: propriétaire)
Platform: Microsoft® Windows Vista™ Édition Familiale Premium Service Pack 2 (X86) OS Language: Français (France)
Internet Explorer Version 9 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Microsoft Corporation) C:\Windows\System32\SLsvc.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Avast Software s.r.o.) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Morpho e-Documents) C:\Windows\System32\TokenShareSrv32.exe
(Morpho e-Documents) C:\Windows\System32\TokenShareSrv32.exe
() C:\Acer\Empowering Technology\ePerformance\MemCheck.exe
() C:\Program Files\CyberLink\Shared Files\RichVideo.exe
(Microsoft Corp.) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVCM.EXE
(Acer Inc.) C:\Acer\Empowering Technology\eRecovery\eRecoveryService.exe
(Avast Software s.r.o.) C:\Program Files\AVAST Software\Avast\avastui.exe
(Realtek Semiconductor) C:\Windows\RtHDVCpl.exe
(Microsoft Corporation) C:\Windows\ehome\ehtray.exe
(Hewlett-Packard Co.) C:\Program Files\HP\HP Photosmart 7520 series\Bin\ScanToPCActivationApp.exe
(Microsoft Corporation) C:\Windows\ehome\ehmsas.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Hewlett-Packard Co.) C:\Program Files\HP\HP Photosmart 7520 series\Bin\HPNetworkCommunicatorCom.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner.exe
(Microsoft Corporation) C:\Windows\System32\wbem\unsecapp.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Hewlett-Packard Co.) C:\Program Files\HP\HP Photosmart 7520 series\Bin\HPNetworkCommunicator.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jusched.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [APSDaemon] => C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-04-21] (Apple Inc.)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [5515496 2015-05-12] (Avast Software s.r.o.)
HKLM\...\Run: [RtHDVCpl] => C:\Windows\RtHDVCpl.exe [3784704 2006-11-09] (Realtek Semiconductor)
HKLM\...\Policies\Explorer: [EnableShellExecuteHooks] 1
HKU\S-1-5-21-3144261404-479229320-1640704271-1000\...\Run: [ehTray.exe] => C:\Windows\ehome\ehTray.exe [125952 2008-01-19] (Microsoft Corporation)
HKU\S-1-5-21-3144261404-479229320-1640704271-1000\...\Run: [HP Photosmart 7520 series (NET)] => C:\Program Files\HP\HP Photosmart 7520 series\Bin\ScanToPCActivationApp.exe [1837672 2012-10-17] (Hewlett-Packard Co.)
HKU\S-1-5-21-3144261404-479229320-1640704271-1000\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner.exe [6369048 2015-05-08] (Piriform Ltd)
HKU\S-1-5-21-3144261404-479229320-1640704271-1000\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\ACER(N~1.SCR [187392 2006-10-19] ()
HKU\S-1-5-18\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\ACER(N~1.SCR [187392 2006-10-19] ()
Startup: C:\Users\propriétaire\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Alertes de surveillance de l'encre - .lnk [2014-03-06]
ShortcutTarget: Alertes de surveillance de l'encre - .lnk -> C:\Program Files\HP\HP Photosmart 7520 series\Bin\HPStatusBL.dll (Hewlett-Packard Co.)
Startup: C:\Users\propriétaire\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Alertes de surveillance de l'encre - HP Photosmart 7520 series (réseau).lnk [2014-06-18]
ShortcutTarget: Alertes de surveillance de l'encre - HP Photosmart 7520 series (réseau).lnk -> C:\Program Files\HP\HP Photosmart 7520 series\Bin\HPStatusBL.dll (Hewlett-Packard Co.)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2015-04-23] (Avast Software s.r.o.)
ShellIconOverlayIdentifiers: [GDriveBlacklistedOverlay] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files\Google\Drive\googledrivesync32.dll [2015-04-28] (Google)
ShellIconOverlayIdentifiers: [GDriveSharedEditOverlay] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44} => C:\Program Files\Google\Drive\googledrivesync32.dll [2015-04-28] (Google)
ShellIconOverlayIdentifiers: [GDriveSharedOverlay] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44} => C:\Program Files\Google\Drive\googledrivesync32.dll [2015-04-28] (Google)
ShellIconOverlayIdentifiers: [GDriveSharedViewOverlay] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D43} => C:\Program Files\Google\Drive\googledrivesync32.dll [2015-04-28] (Google)
ShellIconOverlayIdentifiers: [GDriveSyncedOverlay] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files\Google\Drive\googledrivesync32.dll [2015-04-28] (Google)
ShellIconOverlayIdentifiers: [GDriveSyncingOverlay] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files\Google\Drive\googledrivesync32.dll [2015-04-28] (Google)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKU\S-1-5-21-3144261404-479229320-1640704271-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com/
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\S-1-5-21-3144261404-479229320-1640704271-1000\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-3144261404-479229320-1640704271-1000 -> DefaultScope {814C76CB-2623-43F4-AAD0-58A0E5190A20} URL = http://www.orange.fr/bin/frame1px.cgi?u=http%3A//r.voila.fr/se%3Frdata%3D{searchTerms}%26kw%3D%20%26sev%3D2%26ref%3DW3ACC_vis_prospect_0912_header_rechercher_webr3%26lg%3Dfr%26dblg%3Dfr%26db%3Dwebr3%26ctx%3Dorange%26profil%3Dorange
SearchScopes: HKU\S-1-5-21-3144261404-479229320-1640704271-1000 -> {814C76CB-2623-43F4-AAD0-58A0E5190A20} URL = http://www.orange.fr/bin/frame1px.cgi?u=http%3A//r.voila.fr/se%3Frdata%3D{searchTerms}%26kw%3D%20%26sev%3D2%26ref%3DW3ACC_vis_prospect_0912_header_rechercher_webr3%26lg%3Dfr%26dblg%3Dfr%26db%3Dwebr3%26ctx%3Dorange%26profil%3Dorange
SearchScopes: HKU\S-1-5-21-3144261404-479229320-1640704271-1000 -> {A5B5371C-EA95-4116-B27B-3590152C4EE2} URL = http://fr.search.yahoo.com/search?p={searchTerms}&fr=chr-comodo
BHO: HP Print Enhancer -> {0347C33E-8762-4905-BF09-768834316C61} -> C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll [2009-10-22] (Hewlett-Packard Co.)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_45\bin\ssv.dll [2015-04-21] (Oracle Corporation)
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2015-04-23] (Avast Software s.r.o.)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28] (Microsoft Corp.)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_45\bin\jp2ssv.dll [2015-04-21] (Oracle Corporation)
BHO: HP Smart BHO Class -> {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} -> C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll [2009-10-22] (Hewlett-Packard Co.)
Toolbar: HKLM - barre d'outils Orange - {D3028143-6145-4318-99D3-3EDCE54A95A9} - C:\Program Files\Orange\ToolbarFR\ToolbarContainer101000317.dll [2010-01-12] (Orange)
Toolbar: HKU\S-1-5-21-3144261404-479229320-1640704271-1000 -> No Name - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No File
Toolbar: HKU\S-1-5-21-3144261404-479229320-1640704271-1000 -> No Name - {A057A204-BACC-4D26-9990-79A187E2698E} - No File
Toolbar: HKU\S-1-5-21-3144261404-479229320-1640704271-1000 -> barre d'outils Orange - {D3028143-6145-4318-99D3-3EDCE54A95A9} - C:\Program Files\Orange\ToolbarFR\ToolbarContainer101000317.dll [2010-01-12] (Orange)
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.7.0/jinstall-1_7_0_09-windows-i586.cab
DPF: {CAFEEFAC-0017-0000-0009-ABCDEFFEDCBA} http://java.sun.com/update/1.7.0/jinstall-1_7_0_09-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.7.0/jinstall-1_7_0_09-windows-i586.cab
DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
ShellExecuteHooks: - {AEB6717E-7E19-11d0-97EE-00C04FD91972} - No File [ ]
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
FireFox:
========
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32_17_0_0_188.dll [2015-05-19] ()
FF Plugin: @Google.com/GoogleEarthPlugin -> C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll [2013-10-07] (Google)
FF Plugin: @java.com/DTPlugin,version=11.45.2 -> C:\Program Files\Java\jre1.8.0_45\bin\dtplugin\npDeployJava1.dll [2015-04-21] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.45.2 -> C:\Program Files\Java\jre1.8.0_45\bin\plugin2\npjp2.dll [2015-04-21] (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.40416.0\npctrl.dll [2015-04-15] ( Microsoft Corporation)
FF Plugin: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll [2012-03-08] (Microsoft Corporation)
FF Plugin: @microsoft.com/WLPG,version=15.4.3508.1109 -> C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll [2012-03-08] (Microsoft Corporation)
FF Plugin: @microsoft.com/WLPG,version=15.4.3538.0513 -> C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll [2012-03-08] (Microsoft Corporation)
FF Plugin: @microsoft.com/WLPG,version=15.4.3555.0308 -> C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll [2012-03-08] (Microsoft Corporation)
FF Plugin: @microsoft.com/WPF,version=3.5 -> C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll [2008-07-29] (Microsoft Corporation)
FF Plugin: @rocketlife.com/RocketLife Secure Plug-In Layer;version=1.0.5 -> C:\Users\propriétaire\AppData\Roaming\Visan\plugins\npRLSecurePluginLayer.dll [2011-02-04] (RocketLife, LLP)
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-05-19] (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-05-19] (Google Inc.)
FF Plugin: @videolan.org/vlc,version=2.0.2 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll [2015-04-30] (Adobe Systems Inc.)
FF Plugin: yaxmpb@yahoo.com/YahooActiveXPluginBridge;version=1.0.0.1 -> C:\Program Files\Yahoo!\common\npyaxmpb.dll No File
FF Plugin HKU\S-1-5-21-3144261404-479229320-1640704271-1000: @Skype Limited.com/Facebook Video Calling Plugin -> C:\Users\propriétaire\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll [2014-07-24] (Skype Limited)
FF Plugin HKU\S-1-5-21-3144261404-479229320-1640704271-1000: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\propriétaire\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2014-12-05] (Unity Technologies ApS)
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF Extension: Microsoft .NET Framework Assistant - C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension [2009-07-18]
FF HKLM\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF Extension: HP Smart Web Printing - C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2010-01-14]
FF HKLM\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2013-05-23]
FF HKU\S-1-5-21-3144261404-479229320-1640704271-1000\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
Chrome:
=======
CHR Profile: C:\Users\propriétaire\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Bookmark Manager) - C:\Users\propriétaire\AppData\Local\Google\Chrome\User Data\Default\Extensions\gmlllbghnfkpflemihljekbapjopfjik [2015-04-22]
CHR Extension: (Avast Online Security) - C:\Users\propriétaire\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2014-08-12]
CHR Extension: (Chrome Hotword Shared Module) - C:\Users\propriétaire\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-03-05]
CHR Extension: (Google Wallet) - C:\Users\propriétaire\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-05-09]
CHR HKLM\...\Chrome\Extension: [aaaanggjopenpllbdidcpbendcjhbjme] - C:\Users\propriétaire\AppData\Local\APN\GoogleCRXs\aaaanggjopenpllbdidcpbendcjhbjme_7.14.1.0.crx [Not Found]
CHR HKLM\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2015-04-23]
========================== Services (Whitelisted) =================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 AcerMemUsageCheckService; C:\Acer\Empowering Technology\ePerformance\MemCheck.exe [24576 2006-11-12] () [File not signed]
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [343336 2015-04-23] (Avast Software s.r.o.)
R2 eRecoveryService; C:\Acer\Empowering Technology\eRecovery\eRecoveryService.exe [45056 2006-12-08] (Acer Inc.) [File not signed]
S2 gupdate1c9ba899e46fa8a; C:\Program Files\Google\Update\GoogleUpdate.exe [107912 2014-10-28] (Google Inc.)
R3 hpqcxs08; C:\Program Files\HP\Digital Imaging\bin\hpqcxs08.dll [248832 2009-05-21] (Hewlett-Packard Co.) [File not signed]
R2 hpqddsvc; C:\Program Files\HP\Digital Imaging\bin\hpqddsvc.dll [135168 2008-03-25] (Hewlett-Packard Co.) [File not signed]
R2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [44032 2010-08-06] (Hewlett-Packard) [File not signed]
R2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [53760 2010-08-06] (Hewlett-Packard) [File not signed]
R2 RichVideo; C:\Program Files\CyberLink\Shared Files\RichVideo.exe [143360 2005-01-21] () [File not signed]
S3 ServiceLayer; C:\Program Files\PC Connectivity Solution\ServiceLayer.exe [210432 2006-11-06] (Nokia.) [File not signed]
R2 StdTokenShareSrv_Service; C:\Windows\system32\TokenShareSrv32.exe [1789952 2011-03-10] (Morpho e-Documents) [File not signed]
S2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [272952 2008-01-19] (Microsoft Corporation)
==================== Drivers (Whitelisted) ====================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S3 ACSSCR; C:\Windows\System32\DRIVERS\a38usb.sys [37632 2010-02-03] (Advanced Card Systems Ltd)
R3 Afc; C:\Windows\System32\drivers\Afc.sys [11776 2005-02-23] (Arcsoft, Inc.) [File not signed]
S3 akshasp; C:\Windows\System32\DRIVERS\akshasp.sys [327168 2006-11-22] (Aladdin Knowledge Systems Ltd.)
S3 aksusb; C:\Windows\System32\DRIVERS\aksusb.sys [100096 2006-11-22] (Aladdin Knowledge Systems Ltd.)
S3 ARCSOFTVIRTUALCAPTURE; C:\Windows\System32\DRIVERS\ArcSoftVirtualCapture.sys [15104 2006-12-07] (ArcSoft, Inc.)
R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [24144 2015-04-23] ()
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [74976 2015-04-23] (Avast Software s.r.o.)
R1 AswRdr; C:\Windows\system32\drivers\aswRdr.sys [55200 2015-04-23] (Avast Software s.r.o.)
R0 aswRvrt; C:\Windows\system32\Drivers\aswRvrt.sys [49904 2015-04-23] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [787760 2015-04-23] (Avast Software s.r.o.)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [427992 2015-04-23] (Avast Software s.r.o.)
R1 aswTdi; C:\Windows\system32\drivers\aswTdi.sys [57888 2015-04-23] (Avast Software s.r.o.)
R0 aswVmm; C:\Windows\system32\Drivers\aswVmm.sys [209048 2015-04-23] ()
R2 Hardlock; C:\Windows\system32\drivers\hardlock.sys [693760 2006-11-22] (Aladdin Knowledge Systems Ltd.)
R2 Haspnt; C:\Windows\system32\drivers\Haspnt.sys [47616 2010-04-21] (Aladdin Knowledge Systems) [File not signed]
R2 int15; C:\Acer\Empowering Technology\eRecovery\int15.sys [76584 2006-12-07] ()
S3 MBAMSwissArmy; C:\Windows\system32\drivers\mbamswissarmy.sys [40776 2014-04-04] (Malwarebytes Corporation)
S3 NTIDrvr; C:\Windows\System32\DRIVERS\NTIDrvr.sys [6144 2006-12-14] (NewTech Infosystems, Inc.) [File not signed]
R3 PAC7302; C:\Windows\System32\DRIVERS\PAC7302.SYS [457856 2007-06-14] (PixArt Imaging Inc.)
R3 pfc; C:\Windows\System32\drivers\pfc.sys [21248 2003-09-19] (Padus, Inc.) [File not signed]
R0 PSDFilter; C:\Windows\System32\DRIVERS\psdfilter.sys [10624 2006-11-10] (HiTRUST) [File not signed]
R0 PSDNServ; C:\Windows\System32\drivers\PSDNServ.sys [7936 2006-11-10] (HiTRUST) [File not signed]
R0 psdvdisk; C:\Windows\System32\drivers\psdvdisk.sys [53760 2006-11-08] (HiTRUST) [File not signed]
R1 SbFw; C:\Windows\System32\drivers\SbFw.sys [270888 2008-10-31] (Sunbelt Software, Inc.)
R3 SBFWIMCL; C:\Windows\System32\DRIVERS\sbfwim.sys [65576 2008-06-21] (Sunbelt Software, Inc.)
S3 SIS163u; C:\Windows\System32\DRIVERS\sis163u.sys [215040 2005-06-20] (SiS Corporation)
S3 SNPSTD3; C:\Windows\System32\DRIVERS\snpstd3.sys [8701824 2005-10-13] ()
R2 SSPORT; C:\Windows\system32\Drivers\SSPORT.sys [5120 2010-12-23] (Samsung Electronics) [File not signed]
S4 UBHelper; C:\Windows\system32\Drivers\UBHelper.sys [13952 2006-08-29] () [File not signed]
U5 AppMgmt; C:\Windows\system32\svchost.exe [21504 2008-01-19] (Microsoft Corporation)
S4 blbdrive; \SystemRoot\system32\drivers\blbdrive.sys [X]
S3 catchme; \??\C:\ComboFix\catchme.sys [X]
S3 IpInIp; system32\DRIVERS\ipinip.sys [X]
S3 NwlnkFlt; system32\DRIVERS\nwlnkflt.sys [X]
S3 NwlnkFwd; system32\DRIVERS\nwlnkfwd.sys [X]
S3 SQTECH9080; System32\Drivers\Capt9080.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2015-06-02 09:08 - 2015-06-02 09:09 - 00020311 _____ () C:\Users\propriétaire\Downloads\FRST.txt
2015-06-02 09:05 - 2015-06-02 09:06 - 01147392 _____ (Farbar) C:\Users\propriétaire\Downloads\FRST.exe
2015-05-30 09:23 - 2015-05-30 09:23 - 00049664 _____ () C:\Users\propriétaire\Downloads\exemple-livre-comptes-3.xls
2015-05-29 08:29 - 2015-05-29 08:29 - 00001588 _____ () C:\Windows\PFRO.log
2015-05-29 08:14 - 2015-05-29 08:14 - 06549184 _____ (Piriform Ltd) C:\Users\propriétaire\Downloads\ccsetup506.exe
2015-05-29 08:14 - 2015-05-29 08:14 - 06549184 _____ (Piriform Ltd) C:\Users\propriétaire\Downloads\ccsetup506 (1).exe
2015-05-29 07:31 - 2015-05-29 07:32 - 00000000 ____D () C:\Users\propriétaire\AppData\Local\{E0D94892-6B21-4C33-A0E9-56C28F38DD86}
2015-05-28 17:33 - 2015-05-28 17:33 - 00014108 _____ () C:\Users\propriétaire\Desktop\K.BIS.odt
2015-05-28 07:53 - 2015-05-28 07:54 - 02959504 _____ (Hewlett-Packard ) C:\Users\propriétaire\Downloads\hpusetup.exe
2015-05-28 07:53 - 2015-05-28 07:54 - 02959504 _____ (Hewlett-Packard ) C:\Users\propriétaire\Downloads\hpusetup (1).exe
2015-05-28 07:36 - 2015-05-28 07:36 - 00000000 ____D () C:\Users\propriétaire\AppData\Local\{717E4D35-F293-4247-9768-E2CF8DF8E941}
2015-05-27 08:33 - 2015-05-27 08:33 - 00001732 _____ () C:\Users\propriétaire\Desktop\ZHPFix.lnk
2015-05-27 08:33 - 2015-05-27 08:33 - 00001609 _____ () C:\Users\propriétaire\Desktop\ZHPDiag.lnk
2015-05-27 08:33 - 2015-05-27 08:33 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ZHP
2015-05-27 08:31 - 2015-05-27 08:32 - 06882129 _____ (Nicolas Coolman ) C:\Users\propriétaire\Downloads\ZHPDiag2 (1).exe
2015-05-27 07:35 - 2015-05-27 07:35 - 00000000 ____D () C:\Users\propriétaire\AppData\Local\{C9411071-5DC4-4357-93F8-4E7717E5BB99}
2015-05-26 07:40 - 2015-05-26 07:40 - 00000000 ____D () C:\Users\propriétaire\AppData\Local\{E79EB400-8851-4274-9C99-57ECF5D24429}
2015-05-23 17:37 - 2015-05-23 17:37 - 00000823 _____ () C:\Users\Public\Desktop\VLC media player.lnk
2015-05-23 07:31 - 2015-05-23 07:32 - 00000000 ____D () C:\Users\propriétaire\AppData\Local\{F59A286F-38D6-4928-979F-961AF3B3D4EF}
2015-05-22 07:36 - 2015-05-22 07:36 - 00000000 ____D () C:\Users\propriétaire\AppData\Local\{8940E5ED-266A-4396-9392-175FEFECA5DC}
2015-05-21 07:38 - 2015-05-21 07:39 - 00000000 ____D () C:\Users\propriétaire\AppData\Local\{B2ECBACB-83EB-4B70-9926-BB1428B98259}
2015-05-20 08:40 - 2015-05-20 08:40 - 06880230 _____ (Nicolas Coolman ) C:\Users\propriétaire\Downloads\ZHPDiag2.exe
2015-05-20 08:13 - 2015-05-20 08:16 - 00000000 ____D () C:\AdwCleaner
2015-05-20 08:12 - 2015-05-20 08:12 - 02209792 _____ () C:\Users\propriétaire\Downloads\adwcleaner_4.204 (1).exe
2015-05-20 07:37 - 2015-05-20 07:37 - 00000000 ____D () C:\Users\propriétaire\AppData\Local\{057FDD04-3879-4784-8EF2-5908BFAAF3E1}
2015-05-19 18:14 - 2015-05-19 18:14 - 00000747 _____ () C:\Users\propriétaire\Desktop\ZHPCleaner.lnk
2015-05-19 18:13 - 2015-05-19 18:13 - 01835520 _____ () C:\Users\propriétaire\Downloads\ZHPCleaner.exe
2015-05-19 18:13 - 2015-05-19 18:13 - 01835520 _____ () C:\Users\propriétaire\Downloads\ZHPCleaner (1).exe
2015-05-19 14:35 - 2015-05-19 14:35 - 02209792 _____ () C:\Users\propriétaire\Downloads\adwcleaner_4.204.exe
2015-05-19 08:12 - 2015-05-19 08:12 - 00000000 ____D () C:\Users\propriétaire\AppData\Local\Skype
2015-05-16 18:05 - 2015-05-16 18:05 - 00010235 _____ () C:\Users\propriétaire\Desktop\Fiducial.odt
2015-05-13 08:54 - 2015-04-30 18:03 - 00279040 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2015-05-13 08:52 - 2015-04-19 23:24 - 01029120 _____ (Microsoft Corporation) C:\Windows\system32\d3d10.dll
2015-05-13 08:52 - 2015-04-19 23:24 - 00219648 _____ (Microsoft Corporation) C:\Windows\system32\d3d10_1core.dll
2015-05-13 08:52 - 2015-04-19 23:24 - 00189952 _____ (Microsoft Corporation) C:\Windows\system32\d3d10core.dll
2015-05-13 08:52 - 2015-04-19 23:24 - 00160768 _____ (Microsoft Corporation) C:\Windows\system32\d3d10_1.dll
2015-05-13 08:52 - 2015-04-19 22:19 - 01172480 _____ (Microsoft Corporation) C:\Windows\system32\d3d10warp.dll
2015-05-13 08:52 - 2015-04-19 22:18 - 00486400 _____ (Microsoft Corporation) C:\Windows\system32\d3d10level9.dll
2015-05-13 08:52 - 2015-04-19 22:13 - 00682496 _____ (Microsoft Corporation) C:\Windows\system32\d2d1.dll
2015-05-13 08:52 - 2015-04-19 22:12 - 01072640 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll
2015-05-13 08:52 - 2015-04-19 22:12 - 00801792 _____ (Microsoft Corporation) C:\Windows\system32\FntCache.dll
2015-05-13 08:52 - 2015-04-19 06:59 - 02065408 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2015-05-13 08:50 - 2015-04-30 15:14 - 00102608 _____ (Microsoft Corporation) C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll
2015-05-13 08:29 - 2015-04-11 01:22 - 00279552 _____ (Microsoft Corporation) C:\Windows\system32\services.exe
2015-05-13 08:03 - 2015-04-10 17:30 - 12379136 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-05-13 08:03 - 2015-04-10 17:25 - 01810944 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-05-13 08:03 - 2015-04-10 17:25 - 00367616 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2015-05-13 08:03 - 2015-04-10 17:24 - 09750528 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-05-13 08:03 - 2015-04-10 17:21 - 01139200 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-05-13 08:03 - 2015-04-10 17:20 - 01427968 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-05-13 08:03 - 2015-04-10 17:20 - 01129472 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-05-13 08:03 - 2015-04-10 17:19 - 01804288 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-05-13 08:03 - 2015-04-10 17:19 - 00718336 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2015-05-13 08:03 - 2015-04-10 17:19 - 00607744 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-05-13 08:03 - 2015-04-10 17:19 - 00421888 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-05-13 08:03 - 2015-04-10 17:19 - 00353792 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2015-05-13 08:03 - 2015-04-10 17:19 - 00231936 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2015-05-13 08:03 - 2015-04-10 17:19 - 00142848 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2015-05-13 08:03 - 2015-04-10 17:19 - 00065024 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2015-05-13 08:03 - 2015-04-10 17:18 - 02382848 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2015-05-13 08:03 - 2015-04-10 17:18 - 00223232 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-05-13 08:03 - 2015-04-10 17:18 - 00176640 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2015-05-13 08:03 - 2015-04-10 17:18 - 00073216 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-05-13 08:03 - 2015-04-10 17:18 - 00041472 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll
2015-05-13 08:03 - 2015-04-10 17:18 - 00010752 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe
2015-05-07 16:36 - 2015-05-16 16:31 - 00010333 _____ () C:\Users\propriétaire\Desktop\Lettre de relance.odt
2015-05-07 16:21 - 2015-05-07 16:21 - 00010398 _____ () C:\Users\propriétaire\Documents\Lettre de relance.odt
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2015-06-02 09:08 - 2015-01-02 10:22 - 00000000 ____D () C:\FRST
2015-06-02 08:56 - 2009-06-30 12:33 - 00001056 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-06-02 08:50 - 2011-09-28 14:38 - 01163345 _____ () C:\Windows\WindowsUpdate.log
2015-06-02 08:42 - 2012-04-04 09:08 - 00001002 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-06-02 07:32 - 2006-11-02 15:01 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2015-06-02 07:32 - 2006-11-02 14:47 - 00003168 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
2015-06-02 07:32 - 2006-11-02 14:47 - 00003168 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
2015-05-30 18:05 - 2006-11-02 15:01 - 00032504 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2015-05-30 15:26 - 2015-03-29 15:26 - 00000380 _____ () C:\Windows\Tasks\SlimCleaner Plus (Scheduled Scan - propriétaire).job
2015-05-30 14:49 - 2013-10-08 15:01 - 00000000 ____D () C:\Users\propriétaire\Desktop\Fact Clients
2015-05-30 09:59 - 2007-11-14 19:27 - 00000000 ____D () C:\Users\propriétaire\AppData\Roaming\OFFICEOne7
2015-05-29 08:34 - 2008-12-18 19:39 - 00000000 ____D () C:\Users\propriétaire\Tracing
2015-05-29 08:24 - 2013-04-09 16:08 - 00000000 ____D () C:\Windows\Minidump
2015-05-29 08:16 - 2013-05-28 14:51 - 00000768 _____ () C:\Users\Public\Desktop\CCleaner.lnk
2015-05-29 08:16 - 2013-05-25 14:57 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2015-05-29 08:16 - 2011-12-09 09:34 - 00000000 ____D () C:\Program Files\CCleaner
2015-05-28 17:24 - 2006-11-02 12:33 - 01631544 _____ () C:\Windows\system32\PerfStringBackup.INI
2015-05-28 07:58 - 2009-09-01 08:42 - 00000000 ____D () C:\Users\propriétaire\AppData\Roaming\HpUpdate
2015-05-27 08:45 - 2014-04-04 11:19 - 00000000 ____D () C:\Program Files\ZHPDiag
2015-05-27 08:40 - 2014-04-04 11:46 - 00000512 _____ () C:\PhysicalDisk0_MBR.bin
2015-05-27 08:36 - 2014-04-04 11:19 - 00000000 ____D () C:\Users\propriétaire\AppData\Roaming\ZHP
2015-05-27 07:54 - 2006-11-02 13:18 - 00000000 ____D () C:\Windows\Microsoft.NET
2015-05-23 17:40 - 2011-06-28 17:59 - 00000000 ____D () C:\Users\propriétaire\AppData\Roaming\vlc
2015-05-21 09:36 - 2007-12-11 09:25 - 00000000 ____D () C:\Program Files\Google
2015-05-21 09:31 - 2007-12-11 09:25 - 00000000 ____D () C:\Users\propriétaire\AppData\Local\Google
2015-05-19 14:11 - 2009-04-11 11:41 - 00000000 ____D () C:\Users\propriétaire\AppData\Roaming\Skype
2015-05-19 08:11 - 2015-04-15 08:03 - 00000000 ___RD () C:\Program Files\Skype
2015-05-19 08:11 - 2009-04-11 11:39 - 00000000 ____D () C:\ProgramData\Skype
2015-05-19 08:08 - 2012-04-04 09:08 - 00778416 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
2015-05-19 08:08 - 2011-05-18 07:50 - 00142512 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl
2015-05-19 07:56 - 2014-05-09 07:41 - 00001052 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore1cf6b494ffd0a3d.job
2015-05-15 14:37 - 2015-01-29 11:29 - 00002455 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader X.lnk
2015-05-13 09:00 - 2013-01-24 12:59 - 00583016 _____ () C:\Windows\system32\FNTCACHE.DAT
2015-05-13 08:59 - 2006-11-02 14:37 - 00000000 ____D () C:\Windows\system32\XPSViewer
2015-05-13 08:59 - 2006-11-02 14:37 - 00000000 ____D () C:\Program Files\Windows Journal
2015-05-13 08:58 - 2008-12-18 19:33 - 00000000 ____D () C:\Program Files\Microsoft Silverlight
2015-05-13 08:49 - 2013-08-27 16:18 - 00000000 ____D () C:\Windows\system32\MRT
2015-05-13 08:34 - 2006-11-02 12:24 - 137310008 _____ (Microsoft Corporation) C:\Windows\system32\mrt.exe
2015-05-13 08:27 - 2010-06-04 18:40 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2015-05-07 08:25 - 2013-05-21 12:23 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Drive
==================== Files in the root of some directories =======
2014-12-26 16:11 - 2014-12-27 09:12 - 0000065 _____ () C:\Users\propriétaire\AppData\Roaming\WB.CFG
2007-11-16 18:08 - 2013-08-28 07:46 - 0058368 _____ () C:\Users\propriétaire\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2015-04-07 15:25 - 2015-04-07 15:25 - 0000218 _____ () C:\Users\propriétaire\AppData\Local\recently-used.xbel
2014-03-06 15:47 - 2014-03-06 15:47 - 0000057 _____ () C:\ProgramData\Ament.ini
==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2015-06-02 07:41
==================== End of log ============================