Publicité
Publicité
Format du document : text/plain
Prévisualisation
Résultats d'analyse de Farbar Recovery Scan Tool (FRST) (x64) Version:05-03-2016 01
Exécuté par Laurent (administrateur) sur LAURENT (09-04-2016 12:07:46)
Exécuté depuis C:\Users\Laurent\Desktop
Profils chargés: Laurent (Profils disponibles: UpdatusUser & Laurent)
Platform: Windows 10 Home Version 1511 (X64) Langue: Français (France)
Internet Explorer Version 11 (Navigateur par défaut: Chrome)
Mode d'amorçage: Normal
Tutoriel pour Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processus (Avec liste blanche) =================
(Si un élément est inclus dans le fichier fixlist.txt, le processus sera arrêté. Le fichier ne sera pas déplacé.)
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Intel Corporation) C:\Windows\SysWOW64\IntelCpHeciSvc.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe
(ASUS) C:\Program Files (x86)\ASUS\ASUS InstantOn\InsOnSrv.exe
(Realsil Microelectronics Inc.) C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(F-Secure Corporation) C:\Program Files (x86)\F-Secure\SAFE\apps\CCF_Reputation\fsorsp.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(F-Secure Corporation) C:\Program Files (x86)\F-Secure\SAFE\fshoster32.exe
() C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe
(Broadcom Corporation.) C:\Windows\System32\BtwRSupportService.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft SQL Server\90\Shared\sqlbrowser.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe
(TomTom) C:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(F-Secure Corporation) C:\Program Files (x86)\F-Secure\SAFE\apps\ComputerSecurity\Anti-Virus\fsgk32.exe
(Microsoft Corporation) C:\Windows\SysWOW64\dllhost.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe
(ASUS) C:\Program Files (x86)\ASUS\ASUS InstantOn\InsOnWMI.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\KBFiltr.exe
(F-Secure Corporation) C:\Program Files (x86)\F-Secure\SAFE\apps\ComputerSecurity\Common\FSMA32.EXE
(F-Secure Corporation) C:\Program Files (x86)\F-Secure\SAFE\apps\ComputerSecurity\Common\FSHDLL64.EXE
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersServer.exe
(F-Secure Corporation) C:\Program Files (x86)\F-Secure\SAFE\apps\ComputerSecurity\Anti-Virus\fssm32.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\tv_w32.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\tv_x64.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(ASUS) C:\Program Files (x86)\ASUS\Splendid\ACMON.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\Splendid\ColorUService.exe
(ASUS) C:\Program Files\ASUS\P4G\BatteryLife.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
(Intel Corporation) C:\Windows\System32\igfxTray.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Logitech, Inc.) C:\Program Files\Logitech\SetPointP\SetPoint.exe
(OVH) C:\Program Files\OVH\hubiC\hubiC.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(Disc Soft Ltd) C:\Program Files (x86)\DAEMON Tools Lite\DiscSoftBusService.exe
(F-Secure Corporation) C:\Program Files (x86)\F-Secure\SAFE\fshoster32.exe
(Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
(Logitech, Inc.) C:\Program Files\Common Files\Logishrd\KHAL3\KHALMNPR.exe
(Microsoft Corporation) C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE15\CSISYNCCLIENT.EXE
(AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPLoader.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
() C:\Program Files\WindowsApps\Microsoft.Messaging_2.13.20000.0_x86__8wekyb3d8bbwe\SkypeHost.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPHelper.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\ASUS Live Update\LiveUpdate.exe
() C:\Program Files\WindowsApps\Microsoft.People_10.0.10811.0_x64__8wekyb3d8bbwe\PeopleApp.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.6769.40791.0_x64__8wekyb3d8bbwe\HxCalendarAppImm.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.6769.40791.0_x64__8wekyb3d8bbwe\HxTsr.exe
(Logitech, Inc.) C:\Program Files\Logitech\SetPointP\LogiAppBroker.exe
(Hewlett-Packard Development Company, LP) C:\Program Files\HP\HP ENVY 4500 series\Bin\HPNetworkCommunicatorCom.exe
(BitTorrent Inc.) C:\Users\Laurent\AppData\Roaming\uTorrent\updates\3.4.6_42094.exe
(BitTorrent Inc.) C:\Users\Laurent\AppData\Roaming\uTorrent\updates\updates\3.4.6_42094\utorrentie.exe
(BitTorrent Inc.) C:\Users\Laurent\AppData\Roaming\uTorrent\updates\updates\3.4.6_42094\utorrentie.exe
(AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPCenter.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.6769.40791.0_x64__8wekyb3d8bbwe\HxMail.exe
(Microsoft Corporation) C:\Windows\System32\mspaint.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
==================== Registre (Avec liste blanche) ===========================
(Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé. Le fichier ne sera pas déplacé.)
HKLM\...\Run: [Logitech Download Assistant] => C:\Windows\system32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13885696 2015-06-24] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1402624 2015-06-24] (Realtek Semiconductor)
HKLM\...\Run: [EvtMgr6] => C:\Program Files\Logitech\SetPointP\SetPoint.exe [3113592 2015-08-26] (Logitech, Inc.)
HKLM-x32\...\Run: [Adobe Reader Speed Launcher] => C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe [40336 2015-09-24] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [ASUSPRP] => C:\Program Files (x86)\ASUS\APRP\APRP.EXE [3187360 2013-04-26] (ASUSTek Computer Inc.)
HKLM-x32\...\Run: [RemoteControl10] => C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe [95192 2013-03-08] (CyberLink Corp.)
HKLM-x32\...\Run: [CLMLServer] => C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe [111120 2012-05-24] (CyberLink)
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [96056 2013-05-30] (Hewlett-Packard)
HKLM-x32\...\Run: [] => [X]
Winlogon\Notify\LBTWlgn: c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll (Logitech, Inc.)
HKU\S-1-5-21-2820819004-2177552622-226030308-1002\...\Run: [Power2GoExpress] => C:\Program Files (x86)\CyberLink\Power2Go\Power2GoExpress.exe [2649816 2012-12-25] (CyberLink Corp.)
HKU\S-1-5-21-2820819004-2177552622-226030308-1002\...\Run: [hubiC] => C:\Program Files\OVH\hubiC\hubiC.exe [3527168 2015-03-03] (OVH)
HKU\S-1-5-21-2820819004-2177552622-226030308-1002\...\Run: [uTorrent] => C:\Users\Laurent\AppData\Roaming\uTorrent\updates\3.4.6_42094.exe [1959424 2016-04-07] (BitTorrent Inc.)
HKU\S-1-5-21-2820819004-2177552622-226030308-1002\...\Run: [TomTomHOME.exe] => C:\Program Files (x86)\TomTom HOME 2\TomTomHOMERunner.exe [248176 2015-04-30] (TomTom)
HKU\S-1-5-21-2820819004-2177552622-226030308-1002\...\Run: [DAEMON Tools Lite Automount] => C:\Program Files (x86)\DAEMON Tools Lite\DTAgent.exe [4468056 2015-06-18] (Disc Soft Ltd)
HKU\S-1-5-21-2820819004-2177552622-226030308-1002\...\Run: [HP ENVY 4500 series (NET)] => C:\Program Files\HP\HP ENVY 4500 series\Bin\ScanToPCActivationApp.exe [3487240 2014-07-21] (Hewlett-Packard Development Company, LP)
HKU\S-1-5-21-2820819004-2177552622-226030308-1002\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [50605696 2016-02-10] (Skype Technologies S.A.)
HKU\S-1-5-21-2820819004-2177552622-226030308-1002\...\RunOnce: [Uninstall C:\Users\Laurent\AppData\Local\Microsoft\OneDrive\17.3.6201.1019_1\amd64] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Laurent\AppData\Local\Microsoft\OneDrive\17.3.6201.1019_1\amd64"
HKU\S-1-5-21-2820819004-2177552622-226030308-1002\...\RunOnce: [Uninstall C:\Users\Laurent\AppData\Local\Microsoft\OneDrive\17.3.6281.1202\amd64] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Laurent\AppData\Local\Microsoft\OneDrive\17.3.6281.1202\amd64"
HKU\S-1-5-21-2820819004-2177552622-226030308-1002\...\RunOnce: [Uninstall C:\Users\Laurent\AppData\Local\Microsoft\OneDrive\17.3.6301.0127\amd64] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Laurent\AppData\Local\Microsoft\OneDrive\17.3.6301.0127\amd64"
HKU\S-1-5-21-2820819004-2177552622-226030308-1002\...\MountPoints2: G - "G:\setup.exe"
HKU\S-1-5-21-2820819004-2177552622-226030308-1002\...\MountPoints2: {35463a53-7fc8-11e5-bf5e-28e3479262e9} - "F:\setup.exe"
HKU\S-1-5-21-2820819004-2177552622-226030308-1002\...\MountPoints2: {35463c1f-7fc8-11e5-bf5e-28e3479262e9} - "G:\setup.exe"
HKU\S-1-5-21-2820819004-2177552622-226030308-1002\...\MountPoints2: {bd6d7352-7ef1-11e5-bf5e-28e3479262e9} - "F:\HTC_Sync_Manager_PC.exe"
AppInit_DLLs: C:\WINDOWS\system32\nvinitx.dll => C:\WINDOWS\system32\nvinitx.dll [177088 2015-07-13] (NVIDIA Corporation)
AppInit_DLLs-x32: C:\WINDOWS\SysWOW64\nvinit.dll => C:\WINDOWS\SysWOW64\nvinit.dll [155280 2015-07-13] (NVIDIA Corporation)
ShellIconOverlayIdentifiers: [ SkyDrive1] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Users\Laurent\AppData\Local\Microsoft\OneDrive\17.3.6302.0225\amd64\FileSyncShell64.dll [2016-03-11] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [ SkyDrive2] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Users\Laurent\AppData\Local\Microsoft\OneDrive\17.3.6302.0225\amd64\FileSyncShell64.dll [2016-03-11] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [ SkyDrive3] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Users\Laurent\AppData\Local\Microsoft\OneDrive\17.3.6302.0225\amd64\FileSyncShell64.dll [2016-03-11] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [HubicBackupRootOverlayHandler] -> {2DF0C6DB-1E85-4894-9D4F-63CB0EAB17EA} => C:\WINDOWS\system32\mscoree.dll [2015-10-30] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [HubicPublishedItemOverlayHandler] -> {7C76B697-27DF-4CFF-9909-863905561298} => C:\WINDOWS\system32\mscoree.dll [2015-10-30] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [HubicSyncItemOverlayHandler] -> {9B497753-D273-4A80-9DE8-72248D7FA595} => C:\WINDOWS\system32\mscoree.dll [2015-10-30] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [HubicUnsyncItemOverlayHandler] -> {D5454A6E-0904-4BA3-9E4A-240A5080259D} => C:\WINDOWS\system32\mscoree.dll [2015-10-30] (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ SkyDrive1] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Users\Laurent\AppData\Local\Microsoft\OneDrive\17.3.6302.0225\FileSyncShell.dll [2016-03-11] (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ SkyDrive2] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Users\Laurent\AppData\Local\Microsoft\OneDrive\17.3.6302.0225\FileSyncShell.dll [2016-03-11] (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ SkyDrive3] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Users\Laurent\AppData\Local\Microsoft\OneDrive\17.3.6302.0225\FileSyncShell.dll [2016-03-11] (Microsoft Corporation)
GroupPolicy: Restriction - Chrome <======= ATTENTION
==================== Internet (Avec liste blanche) ====================
(Si un élément est inclus dans le fichier fixlist.txt, s'il s'agit d'un élément du Registre, il sera supprimé ou restauré à la valeur par défaut.)
Tcpip\Parameters: [DhcpNameServer] 192.168.0.254
Tcpip\..\Interfaces\{a4f50756-c651-481b-ba50-b4eecf075617}: [DhcpNameServer] 192.168.0.254
Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.fr/
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.fr/
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.fr/?q={searchTerms}
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.fr/?q={searchTerms}
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.fr/
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.fr/
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.fr/
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.fr/
HKU\S-1-5-21-2820819004-2177552622-226030308-1002\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.fr/
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\Office15\OCHelper.dll [2016-02-09] (Microsoft Corporation)
BHO: Browsing Protection by F-Secure -> {45BBE08D-81C5-4A67-AF20-B2A077C67747} -> C:\Program Files (x86)\F-Secure\SAFE\apps\CCF_Scanning\bin\browser\install\fs_ie_https\fs_ie_https64.dll [2016-04-04] (F-Secure Corporation)
BHO: Logitech SetPoint -> {AF949550-9094-4807-95EC-D1C317803333} -> C:\Program Files\Logitech\SetPointP\SetPointSmooth.dll [2015-08-26] (Logitech, Inc.)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL [2016-02-09] (Microsoft Corporation)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll [2016-02-09] (Microsoft Corporation)
BHO-x32: Browsing Protection by F-Secure -> {45BBE08D-81C5-4A67-AF20-B2A077C67747} -> C:\Program Files (x86)\F-Secure\SAFE\apps\CCF_Scanning\bin\browser\install\fs_ie_https\fs_ie_https.dll [2016-04-04] (F-Secure Corporation)
BHO-x32: Logitech SetPoint -> {AF949550-9094-4807-95EC-D1C317803333} -> C:\Program Files\Logitech\SetPointP\32-bit\SetPointSmooth.dll [2015-08-26] (Logitech, Inc.)
BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL [2016-02-09] (Microsoft Corporation)
FireFox:
========
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2012-06-06] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2012-06-06] (Intel Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2015-11-18] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office15\NPSPWRAP.DLL [2014-01-23] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3505.0912 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-09-12] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-02-02] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-02-02] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll [2015-09-24] (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npMeetingJoinPluginOC.dll [2015-11-18] (Microsoft Corporation)
FF HKLM\...\Firefox\Extensions: [ols@f-secure.com] - C:\Program Files (x86)\F-Secure\SAFE\apps\CCF_Scanning\bin\browser\install\fs_firefox_https\fs_firefox_https.xpi
FF Extension: Browsing Protection by F-Secure - C:\Program Files (x86)\F-Secure\SAFE\apps\CCF_Scanning\bin\browser\install\fs_firefox_https\fs_firefox_https.xpi [2016-04-04]
FF HKLM-x32\...\Firefox\Extensions: [{F003DA68-8256-4b37-A6C4-350FA04494DF}] - C:\Program Files\Logitech\SetPointP\LogiSmoothFirefoxExt
FF Extension: Logitech SetPoint - C:\Program Files\Logitech\SetPointP\LogiSmoothFirefoxExt [2015-11-23] [non signé]
FF HKLM-x32\...\Firefox\Extensions: [ols@f-secure.com] - C:\Program Files (x86)\F-Secure\SAFE\apps\CCF_Scanning\bin\browser\install\fs_firefox_https\fs_firefox_https.xpi
Chrome:
=======
CHR HomePage: Default -> hxxps://www.google.com/
CHR StartupUrls: Default -> "hxxps://www.google.com/"
CHR DefaultSearchKeyword: Default -> safe
CHR Profile: C:\Users\Laurent\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Drive) - C:\Users\Laurent\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-01-04]
CHR Extension: (YouTube) - C:\Users\Laurent\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-01-04]
CHR Extension: (Recherche Google) - C:\Users\Laurent\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2016-01-04]
CHR Extension: (Paiements via le Chrome Web Store) - C:\Users\Laurent\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-04-02]
CHR Extension: (Gmail) - C:\Users\Laurent\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-01-04]
CHR HKU\S-1-5-21-2820819004-2177552622-226030308-1002\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [gkmikccifolokanfakbeadbmgchomeli] - C:\Program Files (x86)\F-Secure\SAFE\apps\SafeSearch\Chrome\main.crx [2015-11-04]
CHR HKLM-x32\...\Chrome\Extension: [jmjjnhpacphpjmnnlnccpfmhkcloaade] - C:/Program Files (x86)/F-Secure/SAFE/apps/CCF_Scanning/bin/browser/install/fs_chrome_https/fs_chrome_https.crx [2015-10-23]
==================== Services (Avec liste blanche) ========================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
R2 ASUS InstantOn; C:\Program Files (x86)\ASUS\ASUS InstantOn\InsOnSrv.exe [277120 2012-04-13] (ASUS)
R2 BcmBtRSupport; C:\Windows\system32\BtwRSupportService.exe [2251992 2015-03-27] (Broadcom Corporation.)
R3 Disc Soft Lite Bus Service; C:\Program Files (x86)\DAEMON Tools Lite\DiscSoftBusService.exe [1268568 2015-06-18] (Disc Soft Ltd)
R2 fshoster; C:\Program Files (x86)\F-Secure\SAFE\fshoster32.exe [186840 2016-03-11] (F-Secure Corporation)
R3 FSMA; C:\Program Files (x86)\F-Secure\SAFE\apps\ComputerSecurity\Common\FSMA32.EXE [216104 2015-11-24] (F-Secure Corporation)
R2 FSORSPClient; C:\Program Files (x86)\F-Secure\SAFE\apps\CCF_Reputation\fsorsp.exe [60456 2015-12-30] (F-Secure Corporation)
R2 HPSupportSolutionsFrameworkService; C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe [24888 2015-07-26] (Hewlett-Packard Company)
R2 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe [330136 2015-10-12] (Intel Corporation)
R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [129856 2012-06-27] (Intel Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [166720 2012-06-25] (Intel Corporation)
R2 MSSQL$KBMSS; C:\Program Files (x86)\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe [29263712 2008-11-24] (Microsoft Corporation)
R2 PassThru Service; C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe [166912 2013-10-17] () [Fichier non signé]
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [5702416 2015-09-11] (TeamViewer GmbH)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [364464 2015-10-30] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [24864 2015-10-30] (Microsoft Corporation)
===================== Pilotes (Avec liste blanche) ==========================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
R3 ATP; C:\Windows\System32\drivers\AsusTP.sys [101368 2015-09-23] (ASUS Corporation)
R3 bcbtums; C:\Windows\system32\drivers\bcbtums.sys [173312 2015-03-27] (Broadcom Corporation.)
R3 BCM43XX; C:\Windows\system32\DRIVERS\bcmwl63a.sys [8462000 2014-05-10] (Broadcom Corporation)
R3 dtlitescsibus; C:\Windows\System32\drivers\dtlitescsibus.sys [30264 2015-11-01] (Disc Soft Ltd)
R3 F-Secure Gatekeeper; C:\Program Files (x86)\F-Secure\SAFE\apps\ComputerSecurity\Anti-Virus\minifilter\fsgk.sys [219128 2015-12-30] (F-Secure Corporation)
R1 F-Secure HIPS; C:\Program Files (x86)\F-Secure\SAFE\apps\ComputerSecurity\HIPS\drivers\fshs.sys [97352 2016-02-11] (F-Secure Corporation)
R0 fsbts; C:\Windows\System32\Drivers\fsbts.sys [75448 2016-01-12] ()
R3 fsni; C:\Program Files (x86)\F-Secure\SAFE\apps\CCF_Scanning\bin\fsni64.sys [110272 2016-04-04] (F-Secure Corporation)
S3 HtcVCom32; C:\Windows\system32\DRIVERS\HtcVComV64.sys [121800 2010-03-09] (QUALCOMM Incorporated) [Fichier non signé]
R3 kbfiltr; C:\Windows\System32\drivers\kbfiltr.sys [14992 2012-08-02] ( )
S3 MBAMSwissArmy; C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [192216 2016-01-03] (Malwarebytes)
R3 rt640x64; C:\Windows\System32\drivers\rt640x64.sys [895256 2015-07-07] (Realtek )
S2 Sentinel64; C:\Windows\System32\Drivers\Sentinel64.sys [145448 2008-07-11] (SafeNet, Inc.)
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44568 2015-10-30] (Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [293216 2015-10-30] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [118112 2015-10-30] (Microsoft Corporation)
==================== NetSvcs (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
==================== Un mois - Créés - fichiers et dossiers ========
(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)
2016-04-09 12:07 - 2016-04-09 12:09 - 00024473 _____ C:\Users\Laurent\Desktop\FRST.txt
2016-04-09 12:06 - 2016-04-09 12:06 - 02374144 _____ (Farbar) C:\Users\Laurent\Downloads\FRST64.exe
2016-04-09 12:06 - 2016-04-09 12:06 - 02374144 _____ (Farbar) C:\Users\Laurent\Desktop\FRST64.exe
2016-04-09 12:01 - 2016-04-09 12:01 - 00002740 _____ C:\Users\Laurent\Desktop\ZHPFixReport.txt
2016-04-09 12:01 - 2016-04-09 12:01 - 00002740 _____ C:\Users\Laurent\Desktop\ZHPFix[R1].txt
2016-04-09 11:54 - 2016-04-09 11:59 - 00000000 ____D C:\Program Files (x86)\ZHPFix
2016-04-09 11:54 - 2016-04-09 11:54 - 00001920 _____ C:\Users\Public\Desktop\ZHPFix.lnk
2016-04-09 11:54 - 2016-04-09 11:54 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ZHP
2016-04-09 11:52 - 2016-04-09 11:52 - 03521617 _____ (Nicolas Coolman ) C:\Users\Laurent\Downloads\ZHPFix.exe
2016-04-09 11:52 - 2016-04-09 11:52 - 03521617 _____ (Nicolas Coolman ) C:\Users\Laurent\Desktop\ZHPFix.exe
2016-04-09 09:33 - 2016-04-09 09:33 - 00003634 _____ C:\WINDOWS\System32\Tasks\Scheduled scanning task
2016-04-09 09:33 - 2016-04-09 09:33 - 00000672 _____ C:\WINDOWS\Tasks\Scheduled scanning task.job
2016-04-09 09:28 - 2016-04-09 09:28 - 00129391 _____ C:\Users\Laurent\Desktop\ZHPDiag.txt
2016-04-09 09:25 - 2016-04-09 09:25 - 00000908 _____ C:\Users\Laurent\Desktop\ZHPDiag.lnk
2016-04-09 09:25 - 2016-04-09 09:24 - 02179584 _____ C:\Users\Laurent\Desktop\ZHPDiag3.exe
2016-04-09 09:24 - 2016-04-09 09:24 - 02179584 _____ C:\Users\Laurent\Downloads\ZHPDiag3.exe
2016-04-07 22:07 - 2016-04-07 22:07 - 00617089 _____ C:\Users\Laurent\Desktop\Mars LV.pdf
2016-04-07 22:06 - 2016-04-07 22:06 - 00630686 _____ C:\Users\Laurent\Desktop\Fevrier LV.pdf
2016-04-07 22:04 - 2016-04-07 22:04 - 00659966 _____ C:\Users\Laurent\Desktop\Mars LS.pdf
2016-04-07 22:02 - 2016-04-07 22:02 - 00635065 _____ C:\Users\Laurent\Desktop\Février LS.pdf
2016-04-07 19:02 - 2016-04-07 19:02 - 00023647 _____ C:\Users\Laurent\Desktop\paje_atfiempl.pdf
2016-04-07 19:01 - 2016-04-07 19:01 - 00000000 ____D C:\Users\Laurent\AppData\LocalLow\uTorrent
2016-04-04 18:43 - 2016-04-04 18:42 - 00038311 _____ C:\Users\Laurent\Desktop\Camping.pdf
2016-04-04 07:15 - 2016-04-04 07:15 - 00000000 ___HD C:\OneDriveTemp
2016-04-02 21:50 - 2016-04-02 21:50 - 00000257 _____ C:\Users\Laurent\Desktop\a copier.txt
2016-03-29 19:06 - 2016-03-29 19:06 - 00011508 _____ C:\Users\Laurent\Desktop\Classeur1.xlsx
2016-03-21 18:24 - 2016-03-21 18:24 - 00000000 ____D C:\WINDOWS\System32\Tasks\F-Secure
==================== Un mois - Modifiés - fichiers et dossiers ========
(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)
2016-04-09 12:07 - 2016-02-02 21:29 - 00000000 ____D C:\Users\Laurent\AppData\Roaming\uTorrent
2016-04-09 12:07 - 2016-01-04 23:56 - 00000000 ____D C:\FRST
2016-04-09 12:01 - 2015-12-25 01:18 - 00000000 ____D C:\Users\Laurent\AppData\Roaming\ZHP
2016-04-09 12:00 - 2015-05-13 19:05 - 00003544 _____ C:\WINDOWS\System32\Tasks\ASUS Live Update1
2016-04-09 12:00 - 2015-05-13 19:05 - 00003534 _____ C:\WINDOWS\System32\Tasks\ASUS Live Update2
2016-04-09 12:00 - 2014-09-20 00:08 - 00000000 ____D C:\Users\Laurent\AppData\Roaming\Skype
2016-04-09 11:46 - 2016-01-04 01:31 - 00001092 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2016-04-09 06:12 - 2014-11-21 23:24 - 00004164 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{EF916D1E-9B1D-4096-A8A5-C1D808987B6E}
2016-04-08 23:47 - 2016-01-04 01:31 - 00002272 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-04-08 22:46 - 2016-01-04 01:31 - 00001088 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2016-04-08 12:44 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\AppReadiness
2016-04-08 05:45 - 2015-10-30 09:24 - 00000000 ___HD C:\Program Files\WindowsApps
2016-04-04 19:52 - 2014-09-20 00:09 - 00000000 ____D C:\Users\Laurent\AppData\Roaming\hubiC
2016-04-04 07:21 - 2015-12-31 02:48 - 00000074 _____ C:\Users\Laurent\AppData\Roaming\sp_data.sys
2016-04-04 07:19 - 2015-08-16 10:38 - 00000000 ____D C:\ProgramData\ASUS Smart Gesture
2016-04-04 07:17 - 2015-10-30 21:00 - 00872208 _____ C:\WINDOWS\system32\perfh00C.dat
2016-04-04 07:17 - 2015-10-30 21:00 - 00173106 _____ C:\WINDOWS\system32\perfc00C.dat
2016-04-04 07:17 - 2015-10-30 09:21 - 00000000 ____D C:\WINDOWS\INF
2016-04-04 07:17 - 2015-08-16 10:14 - 01979206 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2016-04-04 07:15 - 2014-09-20 18:09 - 00000000 __RDO C:\Users\Laurent\OneDrive
2016-04-04 07:12 - 2015-08-16 10:35 - 00000000 __SHD C:\Users\Laurent\IntelGraphicsProfiles
2016-04-04 07:10 - 2015-12-05 06:14 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2016-04-04 07:10 - 2015-10-30 08:28 - 00524288 ___SH C:\WINDOWS\system32\config\BBI
2016-03-31 19:39 - 2015-03-29 21:11 - 00000000 ____D C:\Program Files (x86)\TeamViewer
2016-03-31 09:39 - 2014-09-20 00:13 - 00000000 ____D C:\Users\Laurent\hubiC
2016-03-23 08:23 - 2015-10-30 09:11 - 00000000 ____D C:\WINDOWS\CbsTemp
2016-03-17 18:33 - 2014-08-26 18:12 - 00000000 ____D C:\Users\Laurent\AppData\Local\Packages
2016-03-17 13:38 - 2014-11-30 22:15 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013
2016-03-11 18:59 - 2015-08-16 10:44 - 00002454 _____ C:\Users\Laurent\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2016-03-11 13:14 - 2015-12-05 05:50 - 00000000 ____D C:\Users\Laurent
2016-03-10 05:06 - 2015-12-05 05:40 - 00373672 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2016-03-10 05:03 - 2015-10-30 09:24 - 00000000 ____D C:\Program Files\Windows Portable Devices
2016-03-10 05:03 - 2015-10-30 09:24 - 00000000 ____D C:\Program Files\Windows Multimedia Platform
2016-03-10 05:03 - 2015-10-30 09:24 - 00000000 ____D C:\Program Files (x86)\Windows Portable Devices
2016-03-10 05:03 - 2015-10-30 09:24 - 00000000 ____D C:\Program Files (x86)\Windows Multimedia Platform
==================== Fichiers à la racine de certains dossiers =======
2015-12-31 02:48 - 2016-04-04 07:21 - 0000074 _____ () C:\Users\Laurent\AppData\Roaming\sp_data.sys
2015-05-30 12:13 - 2015-05-30 12:13 - 0000057 _____ () C:\ProgramData\Ament.ini
Certains fichiers dans TEMP:
====================
C:\Users\Laurent\AppData\Local\Temp\SkypeSetup.exe
C:\Users\Laurent\AppData\Local\Temp\{56785B62-C538-4EBA-A88A-4A3397DD020F}.exe
==================== Bamital & volsnap =================
(Il n'y a pas de correction automatique pour les fichiers qui ne satisfont pas à la vérification.)
C:\WINDOWS\system32\winlogon.exe => Le fichier est signé numériquement
C:\WINDOWS\system32\wininit.exe => Le fichier est signé numériquement
C:\WINDOWS\explorer.exe => Le fichier est signé numériquement
C:\WINDOWS\SysWOW64\explorer.exe => Le fichier est signé numériquement
C:\WINDOWS\system32\svchost.exe => Le fichier est signé numériquement
C:\WINDOWS\SysWOW64\svchost.exe => Le fichier est signé numériquement
C:\WINDOWS\system32\services.exe => Le fichier est signé numériquement
C:\WINDOWS\system32\User32.dll => Le fichier est signé numériquement
C:\WINDOWS\SysWOW64\User32.dll => Le fichier est signé numériquement
C:\WINDOWS\system32\userinit.exe => Le fichier est signé numériquement
C:\WINDOWS\SysWOW64\userinit.exe => Le fichier est signé numériquement
C:\WINDOWS\system32\rpcss.dll => Le fichier est signé numériquement
C:\WINDOWS\system32\dnsapi.dll => Le fichier est signé numériquement
C:\WINDOWS\SysWOW64\dnsapi.dll => Le fichier est signé numériquement
C:\WINDOWS\system32\Drivers\volsnap.sys => Le fichier est signé numériquement
LastRegBack: 2016-04-08 06:53
==================== Fin de FRST.txt ============================
Exécuté par Laurent (administrateur) sur LAURENT (09-04-2016 12:07:46)
Exécuté depuis C:\Users\Laurent\Desktop
Profils chargés: Laurent (Profils disponibles: UpdatusUser & Laurent)
Platform: Windows 10 Home Version 1511 (X64) Langue: Français (France)
Internet Explorer Version 11 (Navigateur par défaut: Chrome)
Mode d'amorçage: Normal
Tutoriel pour Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processus (Avec liste blanche) =================
(Si un élément est inclus dans le fichier fixlist.txt, le processus sera arrêté. Le fichier ne sera pas déplacé.)
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Intel Corporation) C:\Windows\SysWOW64\IntelCpHeciSvc.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe
(ASUS) C:\Program Files (x86)\ASUS\ASUS InstantOn\InsOnSrv.exe
(Realsil Microelectronics Inc.) C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(F-Secure Corporation) C:\Program Files (x86)\F-Secure\SAFE\apps\CCF_Reputation\fsorsp.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(F-Secure Corporation) C:\Program Files (x86)\F-Secure\SAFE\fshoster32.exe
() C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe
(Broadcom Corporation.) C:\Windows\System32\BtwRSupportService.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft SQL Server\90\Shared\sqlbrowser.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe
(TomTom) C:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(F-Secure Corporation) C:\Program Files (x86)\F-Secure\SAFE\apps\ComputerSecurity\Anti-Virus\fsgk32.exe
(Microsoft Corporation) C:\Windows\SysWOW64\dllhost.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe
(ASUS) C:\Program Files (x86)\ASUS\ASUS InstantOn\InsOnWMI.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\KBFiltr.exe
(F-Secure Corporation) C:\Program Files (x86)\F-Secure\SAFE\apps\ComputerSecurity\Common\FSMA32.EXE
(F-Secure Corporation) C:\Program Files (x86)\F-Secure\SAFE\apps\ComputerSecurity\Common\FSHDLL64.EXE
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersServer.exe
(F-Secure Corporation) C:\Program Files (x86)\F-Secure\SAFE\apps\ComputerSecurity\Anti-Virus\fssm32.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\tv_w32.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\tv_x64.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(ASUS) C:\Program Files (x86)\ASUS\Splendid\ACMON.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\Splendid\ColorUService.exe
(ASUS) C:\Program Files\ASUS\P4G\BatteryLife.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
(Intel Corporation) C:\Windows\System32\igfxTray.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Logitech, Inc.) C:\Program Files\Logitech\SetPointP\SetPoint.exe
(OVH) C:\Program Files\OVH\hubiC\hubiC.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(Disc Soft Ltd) C:\Program Files (x86)\DAEMON Tools Lite\DiscSoftBusService.exe
(F-Secure Corporation) C:\Program Files (x86)\F-Secure\SAFE\fshoster32.exe
(Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
(Logitech, Inc.) C:\Program Files\Common Files\Logishrd\KHAL3\KHALMNPR.exe
(Microsoft Corporation) C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE15\CSISYNCCLIENT.EXE
(AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPLoader.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
() C:\Program Files\WindowsApps\Microsoft.Messaging_2.13.20000.0_x86__8wekyb3d8bbwe\SkypeHost.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPHelper.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\ASUS Live Update\LiveUpdate.exe
() C:\Program Files\WindowsApps\Microsoft.People_10.0.10811.0_x64__8wekyb3d8bbwe\PeopleApp.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.6769.40791.0_x64__8wekyb3d8bbwe\HxCalendarAppImm.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.6769.40791.0_x64__8wekyb3d8bbwe\HxTsr.exe
(Logitech, Inc.) C:\Program Files\Logitech\SetPointP\LogiAppBroker.exe
(Hewlett-Packard Development Company, LP) C:\Program Files\HP\HP ENVY 4500 series\Bin\HPNetworkCommunicatorCom.exe
(BitTorrent Inc.) C:\Users\Laurent\AppData\Roaming\uTorrent\updates\3.4.6_42094.exe
(BitTorrent Inc.) C:\Users\Laurent\AppData\Roaming\uTorrent\updates\updates\3.4.6_42094\utorrentie.exe
(BitTorrent Inc.) C:\Users\Laurent\AppData\Roaming\uTorrent\updates\updates\3.4.6_42094\utorrentie.exe
(AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPCenter.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.6769.40791.0_x64__8wekyb3d8bbwe\HxMail.exe
(Microsoft Corporation) C:\Windows\System32\mspaint.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
==================== Registre (Avec liste blanche) ===========================
(Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé. Le fichier ne sera pas déplacé.)
HKLM\...\Run: [Logitech Download Assistant] => C:\Windows\system32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13885696 2015-06-24] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1402624 2015-06-24] (Realtek Semiconductor)
HKLM\...\Run: [EvtMgr6] => C:\Program Files\Logitech\SetPointP\SetPoint.exe [3113592 2015-08-26] (Logitech, Inc.)
HKLM-x32\...\Run: [Adobe Reader Speed Launcher] => C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe [40336 2015-09-24] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [ASUSPRP] => C:\Program Files (x86)\ASUS\APRP\APRP.EXE [3187360 2013-04-26] (ASUSTek Computer Inc.)
HKLM-x32\...\Run: [RemoteControl10] => C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe [95192 2013-03-08] (CyberLink Corp.)
HKLM-x32\...\Run: [CLMLServer] => C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe [111120 2012-05-24] (CyberLink)
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [96056 2013-05-30] (Hewlett-Packard)
HKLM-x32\...\Run: [] => [X]
Winlogon\Notify\LBTWlgn: c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll (Logitech, Inc.)
HKU\S-1-5-21-2820819004-2177552622-226030308-1002\...\Run: [Power2GoExpress] => C:\Program Files (x86)\CyberLink\Power2Go\Power2GoExpress.exe [2649816 2012-12-25] (CyberLink Corp.)
HKU\S-1-5-21-2820819004-2177552622-226030308-1002\...\Run: [hubiC] => C:\Program Files\OVH\hubiC\hubiC.exe [3527168 2015-03-03] (OVH)
HKU\S-1-5-21-2820819004-2177552622-226030308-1002\...\Run: [uTorrent] => C:\Users\Laurent\AppData\Roaming\uTorrent\updates\3.4.6_42094.exe [1959424 2016-04-07] (BitTorrent Inc.)
HKU\S-1-5-21-2820819004-2177552622-226030308-1002\...\Run: [TomTomHOME.exe] => C:\Program Files (x86)\TomTom HOME 2\TomTomHOMERunner.exe [248176 2015-04-30] (TomTom)
HKU\S-1-5-21-2820819004-2177552622-226030308-1002\...\Run: [DAEMON Tools Lite Automount] => C:\Program Files (x86)\DAEMON Tools Lite\DTAgent.exe [4468056 2015-06-18] (Disc Soft Ltd)
HKU\S-1-5-21-2820819004-2177552622-226030308-1002\...\Run: [HP ENVY 4500 series (NET)] => C:\Program Files\HP\HP ENVY 4500 series\Bin\ScanToPCActivationApp.exe [3487240 2014-07-21] (Hewlett-Packard Development Company, LP)
HKU\S-1-5-21-2820819004-2177552622-226030308-1002\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [50605696 2016-02-10] (Skype Technologies S.A.)
HKU\S-1-5-21-2820819004-2177552622-226030308-1002\...\RunOnce: [Uninstall C:\Users\Laurent\AppData\Local\Microsoft\OneDrive\17.3.6201.1019_1\amd64] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Laurent\AppData\Local\Microsoft\OneDrive\17.3.6201.1019_1\amd64"
HKU\S-1-5-21-2820819004-2177552622-226030308-1002\...\RunOnce: [Uninstall C:\Users\Laurent\AppData\Local\Microsoft\OneDrive\17.3.6281.1202\amd64] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Laurent\AppData\Local\Microsoft\OneDrive\17.3.6281.1202\amd64"
HKU\S-1-5-21-2820819004-2177552622-226030308-1002\...\RunOnce: [Uninstall C:\Users\Laurent\AppData\Local\Microsoft\OneDrive\17.3.6301.0127\amd64] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Laurent\AppData\Local\Microsoft\OneDrive\17.3.6301.0127\amd64"
HKU\S-1-5-21-2820819004-2177552622-226030308-1002\...\MountPoints2: G - "G:\setup.exe"
HKU\S-1-5-21-2820819004-2177552622-226030308-1002\...\MountPoints2: {35463a53-7fc8-11e5-bf5e-28e3479262e9} - "F:\setup.exe"
HKU\S-1-5-21-2820819004-2177552622-226030308-1002\...\MountPoints2: {35463c1f-7fc8-11e5-bf5e-28e3479262e9} - "G:\setup.exe"
HKU\S-1-5-21-2820819004-2177552622-226030308-1002\...\MountPoints2: {bd6d7352-7ef1-11e5-bf5e-28e3479262e9} - "F:\HTC_Sync_Manager_PC.exe"
AppInit_DLLs: C:\WINDOWS\system32\nvinitx.dll => C:\WINDOWS\system32\nvinitx.dll [177088 2015-07-13] (NVIDIA Corporation)
AppInit_DLLs-x32: C:\WINDOWS\SysWOW64\nvinit.dll => C:\WINDOWS\SysWOW64\nvinit.dll [155280 2015-07-13] (NVIDIA Corporation)
ShellIconOverlayIdentifiers: [ SkyDrive1] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Users\Laurent\AppData\Local\Microsoft\OneDrive\17.3.6302.0225\amd64\FileSyncShell64.dll [2016-03-11] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [ SkyDrive2] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Users\Laurent\AppData\Local\Microsoft\OneDrive\17.3.6302.0225\amd64\FileSyncShell64.dll [2016-03-11] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [ SkyDrive3] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Users\Laurent\AppData\Local\Microsoft\OneDrive\17.3.6302.0225\amd64\FileSyncShell64.dll [2016-03-11] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [HubicBackupRootOverlayHandler] -> {2DF0C6DB-1E85-4894-9D4F-63CB0EAB17EA} => C:\WINDOWS\system32\mscoree.dll [2015-10-30] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [HubicPublishedItemOverlayHandler] -> {7C76B697-27DF-4CFF-9909-863905561298} => C:\WINDOWS\system32\mscoree.dll [2015-10-30] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [HubicSyncItemOverlayHandler] -> {9B497753-D273-4A80-9DE8-72248D7FA595} => C:\WINDOWS\system32\mscoree.dll [2015-10-30] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [HubicUnsyncItemOverlayHandler] -> {D5454A6E-0904-4BA3-9E4A-240A5080259D} => C:\WINDOWS\system32\mscoree.dll [2015-10-30] (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ SkyDrive1] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Users\Laurent\AppData\Local\Microsoft\OneDrive\17.3.6302.0225\FileSyncShell.dll [2016-03-11] (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ SkyDrive2] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Users\Laurent\AppData\Local\Microsoft\OneDrive\17.3.6302.0225\FileSyncShell.dll [2016-03-11] (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ SkyDrive3] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Users\Laurent\AppData\Local\Microsoft\OneDrive\17.3.6302.0225\FileSyncShell.dll [2016-03-11] (Microsoft Corporation)
GroupPolicy: Restriction - Chrome <======= ATTENTION
==================== Internet (Avec liste blanche) ====================
(Si un élément est inclus dans le fichier fixlist.txt, s'il s'agit d'un élément du Registre, il sera supprimé ou restauré à la valeur par défaut.)
Tcpip\Parameters: [DhcpNameServer] 192.168.0.254
Tcpip\..\Interfaces\{a4f50756-c651-481b-ba50-b4eecf075617}: [DhcpNameServer] 192.168.0.254
Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.fr/
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.fr/
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.fr/?q={searchTerms}
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.fr/?q={searchTerms}
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.fr/
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.fr/
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.fr/
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.fr/
HKU\S-1-5-21-2820819004-2177552622-226030308-1002\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.fr/
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\Office15\OCHelper.dll [2016-02-09] (Microsoft Corporation)
BHO: Browsing Protection by F-Secure -> {45BBE08D-81C5-4A67-AF20-B2A077C67747} -> C:\Program Files (x86)\F-Secure\SAFE\apps\CCF_Scanning\bin\browser\install\fs_ie_https\fs_ie_https64.dll [2016-04-04] (F-Secure Corporation)
BHO: Logitech SetPoint -> {AF949550-9094-4807-95EC-D1C317803333} -> C:\Program Files\Logitech\SetPointP\SetPointSmooth.dll [2015-08-26] (Logitech, Inc.)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL [2016-02-09] (Microsoft Corporation)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll [2016-02-09] (Microsoft Corporation)
BHO-x32: Browsing Protection by F-Secure -> {45BBE08D-81C5-4A67-AF20-B2A077C67747} -> C:\Program Files (x86)\F-Secure\SAFE\apps\CCF_Scanning\bin\browser\install\fs_ie_https\fs_ie_https.dll [2016-04-04] (F-Secure Corporation)
BHO-x32: Logitech SetPoint -> {AF949550-9094-4807-95EC-D1C317803333} -> C:\Program Files\Logitech\SetPointP\32-bit\SetPointSmooth.dll [2015-08-26] (Logitech, Inc.)
BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL [2016-02-09] (Microsoft Corporation)
FireFox:
========
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2012-06-06] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2012-06-06] (Intel Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2015-11-18] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office15\NPSPWRAP.DLL [2014-01-23] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3505.0912 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-09-12] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-02-02] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-02-02] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll [2015-09-24] (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npMeetingJoinPluginOC.dll [2015-11-18] (Microsoft Corporation)
FF HKLM\...\Firefox\Extensions: [ols@f-secure.com] - C:\Program Files (x86)\F-Secure\SAFE\apps\CCF_Scanning\bin\browser\install\fs_firefox_https\fs_firefox_https.xpi
FF Extension: Browsing Protection by F-Secure - C:\Program Files (x86)\F-Secure\SAFE\apps\CCF_Scanning\bin\browser\install\fs_firefox_https\fs_firefox_https.xpi [2016-04-04]
FF HKLM-x32\...\Firefox\Extensions: [{F003DA68-8256-4b37-A6C4-350FA04494DF}] - C:\Program Files\Logitech\SetPointP\LogiSmoothFirefoxExt
FF Extension: Logitech SetPoint - C:\Program Files\Logitech\SetPointP\LogiSmoothFirefoxExt [2015-11-23] [non signé]
FF HKLM-x32\...\Firefox\Extensions: [ols@f-secure.com] - C:\Program Files (x86)\F-Secure\SAFE\apps\CCF_Scanning\bin\browser\install\fs_firefox_https\fs_firefox_https.xpi
Chrome:
=======
CHR HomePage: Default -> hxxps://www.google.com/
CHR StartupUrls: Default -> "hxxps://www.google.com/"
CHR DefaultSearchKeyword: Default -> safe
CHR Profile: C:\Users\Laurent\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Drive) - C:\Users\Laurent\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-01-04]
CHR Extension: (YouTube) - C:\Users\Laurent\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-01-04]
CHR Extension: (Recherche Google) - C:\Users\Laurent\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2016-01-04]
CHR Extension: (Paiements via le Chrome Web Store) - C:\Users\Laurent\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-04-02]
CHR Extension: (Gmail) - C:\Users\Laurent\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-01-04]
CHR HKU\S-1-5-21-2820819004-2177552622-226030308-1002\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [gkmikccifolokanfakbeadbmgchomeli] - C:\Program Files (x86)\F-Secure\SAFE\apps\SafeSearch\Chrome\main.crx [2015-11-04]
CHR HKLM-x32\...\Chrome\Extension: [jmjjnhpacphpjmnnlnccpfmhkcloaade] - C:/Program Files (x86)/F-Secure/SAFE/apps/CCF_Scanning/bin/browser/install/fs_chrome_https/fs_chrome_https.crx [2015-10-23]
==================== Services (Avec liste blanche) ========================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
R2 ASUS InstantOn; C:\Program Files (x86)\ASUS\ASUS InstantOn\InsOnSrv.exe [277120 2012-04-13] (ASUS)
R2 BcmBtRSupport; C:\Windows\system32\BtwRSupportService.exe [2251992 2015-03-27] (Broadcom Corporation.)
R3 Disc Soft Lite Bus Service; C:\Program Files (x86)\DAEMON Tools Lite\DiscSoftBusService.exe [1268568 2015-06-18] (Disc Soft Ltd)
R2 fshoster; C:\Program Files (x86)\F-Secure\SAFE\fshoster32.exe [186840 2016-03-11] (F-Secure Corporation)
R3 FSMA; C:\Program Files (x86)\F-Secure\SAFE\apps\ComputerSecurity\Common\FSMA32.EXE [216104 2015-11-24] (F-Secure Corporation)
R2 FSORSPClient; C:\Program Files (x86)\F-Secure\SAFE\apps\CCF_Reputation\fsorsp.exe [60456 2015-12-30] (F-Secure Corporation)
R2 HPSupportSolutionsFrameworkService; C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe [24888 2015-07-26] (Hewlett-Packard Company)
R2 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe [330136 2015-10-12] (Intel Corporation)
R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [129856 2012-06-27] (Intel Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [166720 2012-06-25] (Intel Corporation)
R2 MSSQL$KBMSS; C:\Program Files (x86)\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe [29263712 2008-11-24] (Microsoft Corporation)
R2 PassThru Service; C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe [166912 2013-10-17] () [Fichier non signé]
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [5702416 2015-09-11] (TeamViewer GmbH)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [364464 2015-10-30] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [24864 2015-10-30] (Microsoft Corporation)
===================== Pilotes (Avec liste blanche) ==========================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
R3 ATP; C:\Windows\System32\drivers\AsusTP.sys [101368 2015-09-23] (ASUS Corporation)
R3 bcbtums; C:\Windows\system32\drivers\bcbtums.sys [173312 2015-03-27] (Broadcom Corporation.)
R3 BCM43XX; C:\Windows\system32\DRIVERS\bcmwl63a.sys [8462000 2014-05-10] (Broadcom Corporation)
R3 dtlitescsibus; C:\Windows\System32\drivers\dtlitescsibus.sys [30264 2015-11-01] (Disc Soft Ltd)
R3 F-Secure Gatekeeper; C:\Program Files (x86)\F-Secure\SAFE\apps\ComputerSecurity\Anti-Virus\minifilter\fsgk.sys [219128 2015-12-30] (F-Secure Corporation)
R1 F-Secure HIPS; C:\Program Files (x86)\F-Secure\SAFE\apps\ComputerSecurity\HIPS\drivers\fshs.sys [97352 2016-02-11] (F-Secure Corporation)
R0 fsbts; C:\Windows\System32\Drivers\fsbts.sys [75448 2016-01-12] ()
R3 fsni; C:\Program Files (x86)\F-Secure\SAFE\apps\CCF_Scanning\bin\fsni64.sys [110272 2016-04-04] (F-Secure Corporation)
S3 HtcVCom32; C:\Windows\system32\DRIVERS\HtcVComV64.sys [121800 2010-03-09] (QUALCOMM Incorporated) [Fichier non signé]
R3 kbfiltr; C:\Windows\System32\drivers\kbfiltr.sys [14992 2012-08-02] ( )
S3 MBAMSwissArmy; C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [192216 2016-01-03] (Malwarebytes)
R3 rt640x64; C:\Windows\System32\drivers\rt640x64.sys [895256 2015-07-07] (Realtek )
S2 Sentinel64; C:\Windows\System32\Drivers\Sentinel64.sys [145448 2008-07-11] (SafeNet, Inc.)
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44568 2015-10-30] (Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [293216 2015-10-30] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [118112 2015-10-30] (Microsoft Corporation)
==================== NetSvcs (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
==================== Un mois - Créés - fichiers et dossiers ========
(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)
2016-04-09 12:07 - 2016-04-09 12:09 - 00024473 _____ C:\Users\Laurent\Desktop\FRST.txt
2016-04-09 12:06 - 2016-04-09 12:06 - 02374144 _____ (Farbar) C:\Users\Laurent\Downloads\FRST64.exe
2016-04-09 12:06 - 2016-04-09 12:06 - 02374144 _____ (Farbar) C:\Users\Laurent\Desktop\FRST64.exe
2016-04-09 12:01 - 2016-04-09 12:01 - 00002740 _____ C:\Users\Laurent\Desktop\ZHPFixReport.txt
2016-04-09 12:01 - 2016-04-09 12:01 - 00002740 _____ C:\Users\Laurent\Desktop\ZHPFix[R1].txt
2016-04-09 11:54 - 2016-04-09 11:59 - 00000000 ____D C:\Program Files (x86)\ZHPFix
2016-04-09 11:54 - 2016-04-09 11:54 - 00001920 _____ C:\Users\Public\Desktop\ZHPFix.lnk
2016-04-09 11:54 - 2016-04-09 11:54 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ZHP
2016-04-09 11:52 - 2016-04-09 11:52 - 03521617 _____ (Nicolas Coolman ) C:\Users\Laurent\Downloads\ZHPFix.exe
2016-04-09 11:52 - 2016-04-09 11:52 - 03521617 _____ (Nicolas Coolman ) C:\Users\Laurent\Desktop\ZHPFix.exe
2016-04-09 09:33 - 2016-04-09 09:33 - 00003634 _____ C:\WINDOWS\System32\Tasks\Scheduled scanning task
2016-04-09 09:33 - 2016-04-09 09:33 - 00000672 _____ C:\WINDOWS\Tasks\Scheduled scanning task.job
2016-04-09 09:28 - 2016-04-09 09:28 - 00129391 _____ C:\Users\Laurent\Desktop\ZHPDiag.txt
2016-04-09 09:25 - 2016-04-09 09:25 - 00000908 _____ C:\Users\Laurent\Desktop\ZHPDiag.lnk
2016-04-09 09:25 - 2016-04-09 09:24 - 02179584 _____ C:\Users\Laurent\Desktop\ZHPDiag3.exe
2016-04-09 09:24 - 2016-04-09 09:24 - 02179584 _____ C:\Users\Laurent\Downloads\ZHPDiag3.exe
2016-04-07 22:07 - 2016-04-07 22:07 - 00617089 _____ C:\Users\Laurent\Desktop\Mars LV.pdf
2016-04-07 22:06 - 2016-04-07 22:06 - 00630686 _____ C:\Users\Laurent\Desktop\Fevrier LV.pdf
2016-04-07 22:04 - 2016-04-07 22:04 - 00659966 _____ C:\Users\Laurent\Desktop\Mars LS.pdf
2016-04-07 22:02 - 2016-04-07 22:02 - 00635065 _____ C:\Users\Laurent\Desktop\Février LS.pdf
2016-04-07 19:02 - 2016-04-07 19:02 - 00023647 _____ C:\Users\Laurent\Desktop\paje_atfiempl.pdf
2016-04-07 19:01 - 2016-04-07 19:01 - 00000000 ____D C:\Users\Laurent\AppData\LocalLow\uTorrent
2016-04-04 18:43 - 2016-04-04 18:42 - 00038311 _____ C:\Users\Laurent\Desktop\Camping.pdf
2016-04-04 07:15 - 2016-04-04 07:15 - 00000000 ___HD C:\OneDriveTemp
2016-04-02 21:50 - 2016-04-02 21:50 - 00000257 _____ C:\Users\Laurent\Desktop\a copier.txt
2016-03-29 19:06 - 2016-03-29 19:06 - 00011508 _____ C:\Users\Laurent\Desktop\Classeur1.xlsx
2016-03-21 18:24 - 2016-03-21 18:24 - 00000000 ____D C:\WINDOWS\System32\Tasks\F-Secure
==================== Un mois - Modifiés - fichiers et dossiers ========
(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)
2016-04-09 12:07 - 2016-02-02 21:29 - 00000000 ____D C:\Users\Laurent\AppData\Roaming\uTorrent
2016-04-09 12:07 - 2016-01-04 23:56 - 00000000 ____D C:\FRST
2016-04-09 12:01 - 2015-12-25 01:18 - 00000000 ____D C:\Users\Laurent\AppData\Roaming\ZHP
2016-04-09 12:00 - 2015-05-13 19:05 - 00003544 _____ C:\WINDOWS\System32\Tasks\ASUS Live Update1
2016-04-09 12:00 - 2015-05-13 19:05 - 00003534 _____ C:\WINDOWS\System32\Tasks\ASUS Live Update2
2016-04-09 12:00 - 2014-09-20 00:08 - 00000000 ____D C:\Users\Laurent\AppData\Roaming\Skype
2016-04-09 11:46 - 2016-01-04 01:31 - 00001092 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2016-04-09 06:12 - 2014-11-21 23:24 - 00004164 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{EF916D1E-9B1D-4096-A8A5-C1D808987B6E}
2016-04-08 23:47 - 2016-01-04 01:31 - 00002272 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-04-08 22:46 - 2016-01-04 01:31 - 00001088 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2016-04-08 12:44 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\AppReadiness
2016-04-08 05:45 - 2015-10-30 09:24 - 00000000 ___HD C:\Program Files\WindowsApps
2016-04-04 19:52 - 2014-09-20 00:09 - 00000000 ____D C:\Users\Laurent\AppData\Roaming\hubiC
2016-04-04 07:21 - 2015-12-31 02:48 - 00000074 _____ C:\Users\Laurent\AppData\Roaming\sp_data.sys
2016-04-04 07:19 - 2015-08-16 10:38 - 00000000 ____D C:\ProgramData\ASUS Smart Gesture
2016-04-04 07:17 - 2015-10-30 21:00 - 00872208 _____ C:\WINDOWS\system32\perfh00C.dat
2016-04-04 07:17 - 2015-10-30 21:00 - 00173106 _____ C:\WINDOWS\system32\perfc00C.dat
2016-04-04 07:17 - 2015-10-30 09:21 - 00000000 ____D C:\WINDOWS\INF
2016-04-04 07:17 - 2015-08-16 10:14 - 01979206 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2016-04-04 07:15 - 2014-09-20 18:09 - 00000000 __RDO C:\Users\Laurent\OneDrive
2016-04-04 07:12 - 2015-08-16 10:35 - 00000000 __SHD C:\Users\Laurent\IntelGraphicsProfiles
2016-04-04 07:10 - 2015-12-05 06:14 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2016-04-04 07:10 - 2015-10-30 08:28 - 00524288 ___SH C:\WINDOWS\system32\config\BBI
2016-03-31 19:39 - 2015-03-29 21:11 - 00000000 ____D C:\Program Files (x86)\TeamViewer
2016-03-31 09:39 - 2014-09-20 00:13 - 00000000 ____D C:\Users\Laurent\hubiC
2016-03-23 08:23 - 2015-10-30 09:11 - 00000000 ____D C:\WINDOWS\CbsTemp
2016-03-17 18:33 - 2014-08-26 18:12 - 00000000 ____D C:\Users\Laurent\AppData\Local\Packages
2016-03-17 13:38 - 2014-11-30 22:15 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013
2016-03-11 18:59 - 2015-08-16 10:44 - 00002454 _____ C:\Users\Laurent\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2016-03-11 13:14 - 2015-12-05 05:50 - 00000000 ____D C:\Users\Laurent
2016-03-10 05:06 - 2015-12-05 05:40 - 00373672 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2016-03-10 05:03 - 2015-10-30 09:24 - 00000000 ____D C:\Program Files\Windows Portable Devices
2016-03-10 05:03 - 2015-10-30 09:24 - 00000000 ____D C:\Program Files\Windows Multimedia Platform
2016-03-10 05:03 - 2015-10-30 09:24 - 00000000 ____D C:\Program Files (x86)\Windows Portable Devices
2016-03-10 05:03 - 2015-10-30 09:24 - 00000000 ____D C:\Program Files (x86)\Windows Multimedia Platform
==================== Fichiers à la racine de certains dossiers =======
2015-12-31 02:48 - 2016-04-04 07:21 - 0000074 _____ () C:\Users\Laurent\AppData\Roaming\sp_data.sys
2015-05-30 12:13 - 2015-05-30 12:13 - 0000057 _____ () C:\ProgramData\Ament.ini
Certains fichiers dans TEMP:
====================
C:\Users\Laurent\AppData\Local\Temp\SkypeSetup.exe
C:\Users\Laurent\AppData\Local\Temp\{56785B62-C538-4EBA-A88A-4A3397DD020F}.exe
==================== Bamital & volsnap =================
(Il n'y a pas de correction automatique pour les fichiers qui ne satisfont pas à la vérification.)
C:\WINDOWS\system32\winlogon.exe => Le fichier est signé numériquement
C:\WINDOWS\system32\wininit.exe => Le fichier est signé numériquement
C:\WINDOWS\explorer.exe => Le fichier est signé numériquement
C:\WINDOWS\SysWOW64\explorer.exe => Le fichier est signé numériquement
C:\WINDOWS\system32\svchost.exe => Le fichier est signé numériquement
C:\WINDOWS\SysWOW64\svchost.exe => Le fichier est signé numériquement
C:\WINDOWS\system32\services.exe => Le fichier est signé numériquement
C:\WINDOWS\system32\User32.dll => Le fichier est signé numériquement
C:\WINDOWS\SysWOW64\User32.dll => Le fichier est signé numériquement
C:\WINDOWS\system32\userinit.exe => Le fichier est signé numériquement
C:\WINDOWS\SysWOW64\userinit.exe => Le fichier est signé numériquement
C:\WINDOWS\system32\rpcss.dll => Le fichier est signé numériquement
C:\WINDOWS\system32\dnsapi.dll => Le fichier est signé numériquement
C:\WINDOWS\SysWOW64\dnsapi.dll => Le fichier est signé numériquement
C:\WINDOWS\system32\Drivers\volsnap.sys => Le fichier est signé numériquement
LastRegBack: 2016-04-08 06:53
==================== Fin de FRST.txt ============================