Publicité
Publicité
Format du document : text/plain
Prévisualisation
Résultats d'analyse de Farbar Recovery Scan Tool (FRST) (x64) Version: 07-12-2016
Exécuté par Seb (administrateur) sur PORTABLE-SEB (09-12-2016 20:40:15)
Exécuté depuis C:\Users\Seb\Desktop
Profils chargés: Seb (Profils disponibles: Seb)
Platform: Windows 7 Home Premium Service Pack 1 (X64) Langue: Français (France)
Internet Explorer Version 8 (Navigateur par défaut: FF)
Mode d'amorçage: Normal
Tutoriel pour Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processus (Avec liste blanche) =================
(Si un élément est inclus dans le fichier fixlist.txt, le processus sera arrêté. Le fichier ne sera pas déplacé.)
(Stardock Corporation) C:\Program Files\Dell\DellDock\DockLogin.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Photoshop Elements 7.0\PhotoshopElementsFileAgent.exe
(Andrea Electronics Corporation) C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Dell Inc.) C:\Program Files\Dell\QuickSet\quickset.exe
(Dell Inc.) C:\Program Files\Dell\Dell Wireless WLAN Card\WLTRAY.EXE
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
( ) C:\Windows\System32\lxdicoms.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
() C:\Program Files (x86)\Polar\Daemon\polard.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe
(Bose Corporation) C:\Program Files (x86)\SoundTouch\SoundTouchMusicServer\SoundTouch Music Server.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BTStackServer.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BluetoothHeadsetProxy.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
==================== Registre (Avec liste blanche) ====================
(Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé. Le fichier ne sera pas déplacé.)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [7982112 2009-08-05] (Realtek Semiconductor)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [1810728 2009-08-02] (Synaptics Incorporated)
HKLM\...\Run: [QuickSet] => C:\Program Files\Dell\QuickSet\QuickSet.exe [3180624 2009-07-02] (Dell Inc.)
HKLM\...\Run: [Broadcom Wireless Manager UI] => C:\Program Files\Dell\Dell Wireless WLAN Card\WLTRAY.exe [4968960 2009-07-16] (Dell Inc.)
HKLM-x32\...\Run: [Dell Webcam Central] => C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe [409744 2009-06-24] (Creative Technology Ltd)
HKLM-x32\...\Run: [Microsoft Default Manager] => C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Default Manager\DefMgr.exe [439568 2010-05-10] (Microsoft Corporation)
HKLM-x32\...\Run: [BCSSync] => C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [89184 2012-11-05] (Microsoft Corporation)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [587288 2016-09-22] (Oracle Corporation)
HKLM-x32\...\Run: [SDTray] => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe [4101576 2014-06-24] (Safer-Networking Ltd.)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [9080768 2016-12-06] (AVAST Software)
HKLM-x32\...\Run: [SoundTouch Music Server] => C:\Program Files (x86)\SoundTouch\SoundTouchMusicServer\SoundTouch Music Server.lnk [2120 2016-12-08] ()
Winlogon\Notify\GoToAssist: C:\Program Files (x86)\Citrix\GoToAssist\514\G2AWinLogon_x64.dll [X]
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
Winlogon\Notify\SDWinLogon-x32: SDWinLogon.dll [X]
HKU\S-1-5-21-3176133209-3948113283-1044735500-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [9105112 2016-11-15] (Piriform Ltd)
HKU\S-1-5-21-3176133209-3948113283-1044735500-1001\...\Run: [GarminExpressTrayApp] => C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe [1407912 2016-11-29] (Garmin Ltd. or its subsidiaries)
HKU\S-1-5-21-3176133209-3948113283-1044735500-1001\...\MountPoints2: {0a87c9ff-6512-11e5-a0d6-0026b9aeaf50} - G:\SETUP.EXE
HKU\S-1-5-21-3176133209-3948113283-1044735500-1001\...\MountPoints2: {9679fcbc-d6d2-11e0-ba50-0026b9aeaf50} - F:\Startme.exe
HKU\S-1-5-18\...\Run: [GarminExpressTrayApp] => C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe [1407912 2016-11-29] (Garmin Ltd. or its subsidiaries)
HKU\S-1-5-18\...\Run: [SpybotPostWindows10UpgradeReInstall] => C:\Program Files\Common Files\AV\Spybot - Search and Destroy\Test.exe [1011200 2015-07-28] (Safer-Networking Ltd.)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2016-12-06] (AVAST Software)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Bluetooth.lnk [2010-01-30]
ShortcutTarget: Bluetooth.lnk -> C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe (Broadcom Corporation.)
Startup: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dell Dock First Run.lnk [2009-12-25]
ShortcutTarget: Dell Dock First Run.lnk -> C:\Program Files\Dell\DellDock\DellDock.exe (Stardock Corporation)
Startup: C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dell Dock First Run.lnk [2009-12-25]
ShortcutTarget: Dell Dock First Run.lnk -> C:\Program Files\Dell\DellDock\DellDock.exe (Stardock Corporation)
BootExecute: autocheck autochk * sdnclean64.exe
==================== Internet (Avec liste blanche) ====================
(Si un élément est inclus dans le fichier fixlist.txt, s'il s'agit d'un élément du Registre, il sera supprimé ou restauré à la valeur par défaut.)
Hosts: Il y a plus d'un élément dans hosts. Voir la section Hosts de Addition.txt
Tcpip\Parameters: [DhcpNameServer] 89.2.0.1 89.2.0.2
Tcpip\..\Interfaces\{10AE897A-7CEE-4FA3-BB6C-24B96E976E6C}: [DhcpNameServer] 10.28.224.1
Tcpip\..\Interfaces\{11156335-2E9A-48FF-8E03-876FD21D5745}: [DhcpNameServer] 192.168.42.129
Tcpip\..\Interfaces\{30DA0839-366F-4BF3-8F14-10532C41DE3E}: [DhcpNameServer] 89.2.0.1 89.2.0.2
Tcpip\..\Interfaces\{8BDA4CAD-F152-48C5-96E7-36AC30898E4F}: [DhcpNameServer] 192.168.42.129
Tcpip\..\Interfaces\{DE599CF6-E5B9-4DA4-A9DD-D3BBB2929BFC}: [DhcpNameServer] 192.168.42.129
Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Local Page =
HKU\S-1-5-21-3176133209-3948113283-1044735500-1001\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://home.microsoft.com/access/allinone.asp
HKU\S-1-5-21-3176133209-3948113283-1044735500-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://g.uk.msn.com/USCON/7
URLSearchHook: [S-1-5-21-3176133209-3948113283-1044735500-1001] ATTENTION => URLSearchHook par défaut est absent
SearchScopes: HKLM -> {F03C69CC-8CC1-4D52-9CCA-544AFB3917E1} URL = hxxp://www.bing.com/search?q={searchTerms}&form=DLCDF8&pc=MDDC&src=IE-SearchBox
SearchScopes: HKLM-x32 -> {A8141060-95C4-403F-B68E-0C8EA987A7B4} URL = hxxp://www.bing.com/search?q={searchTerms}&form=DLCDF8&pc=MDDC&src=IE-SearchBox
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-3176133209-3948113283-1044735500-1001 -> {B03A034F-8902-4D04-A02C-985116AA23E4} URL = hxxp://www.google.com/search?hl=en&q={searchTerms}
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2016-12-06] (AVAST Software)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28] (Microsoft Corp.)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO: Pas de nom -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> Pas de fichier
BHO-x32: Search Helper -> {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} -> C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll [2009-05-19] (Microsoft Corporation)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-18] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_111\bin\ssv.dll [2016-10-27] (Oracle Corporation)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2016-12-06] (AVAST Software)
BHO-x32: Programme d'aide de l'Assistant de connexion Windows Live ID -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28] (Microsoft Corp.)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_111\bin\jp2ssv.dll [2016-10-27] (Oracle Corporation)
Toolbar: HKLM - avast! Online Security - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - Pas de fichier
Toolbar: HKLM - Pas de nom - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - Pas de fichier
DPF: HKLM-x32 {2357B3CF-7F8D-4451-8D81-FD6097610AEE} hxxp://activex.camfrogweb.com/advanced/2.0.1.14/cfweb_activex.camfrogweb.com-advanced-2.0.1.14_instmodule.exe
DPF: HKLM-x32 {E2883E8F-472F-4FB0-9522-AC9BF37916A7} hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll [2016-09-23] (Skype Technologies)
Filter: deflate - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\system32\urlmon.dll [2011-11-05] (Microsoft Corporation)
Filter-x32: deflate - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\SysWOW64\urlmon.dll [2011-11-05] (Microsoft Corporation)
Filter: gzip - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\system32\urlmon.dll [2011-11-05] (Microsoft Corporation)
Filter-x32: gzip - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\SysWOW64\urlmon.dll [2011-11-05] (Microsoft Corporation)
FireFox:
========
FF ProfilePath: C:\Users\Seb\AppData\Roaming\Mozilla\Firefox\Profiles\y71rxpih.default [2016-12-09]
FF Homepage: Mozilla\Firefox\Profiles\y71rxpih.default -> hxxps://www.google.fr
FF Extension: (Adblock Plus) - C:\Users\Seb\AppData\Roaming\Mozilla\Firefox\Profiles\y71rxpih.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2016-11-23]
FF Extension: (Java Console) - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA} [2016-11-18] [non signé]
FF Extension: (Java Console) - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA} [2016-11-18] [non signé]
FF Extension: (Java Console) - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0037-ABCDEFFEDCBA} [2016-11-18] [non signé]
FF HKLM\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: (Avast Online Security) - C:\Program Files\AVAST Software\Avast\WebRep\FF [2016-12-06]
FF HKLM-x32\...\Firefox\Extensions: [{3252b9ae-c69a-4eaf-9502-dc9c1f6c009e}] - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Default Manager\DMExtension
FF Extension: (Default Manager) - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Default Manager\DMExtension [2010-07-11] [non signé]
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_23_0_0_207.dll [2016-11-08] ()
FF Plugin: @microsoft.com/GENUINE -> disabled [Pas de fichier]
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.41212.0\npctrl.dll [2015-12-11] ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_23_0_0_207.dll [2016-11-08] ()
FF Plugin-x32: @java.com/DTPlugin,version=11.111.2 -> C:\Program Files (x86)\Java\jre1.8.0_111\bin\dtplugin\npDeployJava1.dll [2016-10-27] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.111.2 -> C:\Program Files (x86)\Java\jre1.8.0_111\bin\plugin2\npjp2.dll [2016-10-27] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [Pas de fichier]
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.41212.0\npctrl.dll [2015-12-11] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MIF5BA~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MIF5BA~1\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-03-08] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-03-08] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3538.0513 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-03-08] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3555.0308 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-03-08] (Microsoft Corporation)
FF Plugin-x32: @videolan.org/vlc,version=2.0.7 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.2 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.4 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2016-10-01] (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\np-mswmp.dll [2007-04-10] (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll [2016-10-01] (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin.dll [2014-11-06] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin2.dll [2014-11-06] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin3.dll [2014-11-06] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin4.dll [2014-11-06] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin5.dll [2014-11-06] (Apple Inc.)
Chrome:
=======
CHR Profile: C:\Users\Seb\AppData\Local\Google\Chrome\User Data\Default [2016-12-03]
CHR Extension: (Google Drive) - C:\Users\Seb\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-12-03]
CHR Extension: (YouTube) - C:\Users\Seb\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-12-03]
CHR Extension: (Google Sheets) - C:\Users\Seb\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2016-12-03]
CHR Extension: (Paiements via le Chrome Web Store) - C:\Users\Seb\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-12-03]
CHR Extension: (Gmail) - C:\Users\Seb\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-12-03]
==================== Services (Avec liste blanche) ====================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
S2 AcfXAudioService; C:\Windows\SysWOW64\ACFXAU64.dll [436736 2009-04-28] (Conexant Systems, Inc.)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [197128 2016-12-06] (AVAST Software)
S3 Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusService.exe [1268568 2015-06-18] (Disc Soft Ltd)
R2 DockLoginService; C:\Program Files\Dell\DellDock\DockLogin.exe [155648 2009-06-09] (Stardock Corporation) [Fichier non signé]
S3 FLEXnet Licensing Service; C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [651720 2011-02-21] (Macrovision Europe Ltd.) [Fichier non signé]
S2 Garmin Device Interaction Service; C:\Program Files (x86)\Garmin\Device Interaction Service\GarminService.exe [1029648 2016-11-29] (Garmin Ltd. or its subsidiaries)
R2 lxdi_device; C:\Windows\system32\lxdicoms.exe [876976 2007-06-11] ( )
R2 Polar Daemon; C:\Program Files (x86)\Polar\Daemon\polard.exe [419536 2012-12-12] ()
R2 SDScannerService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [1738168 2014-06-24] (Safer-Networking Ltd.)
R2 SDUpdateService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [4088608 2016-09-21] (Safer-Networking Ltd.)
R2 SDWSCService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [235984 2016-11-24] (Safer-Networking Ltd.)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2016-03-25] (Microsoft Corporation)
S4 wltrysvc; C:\Program Files\Dell\Dell Wireless WLAN Card\bcmwltry.exe [3417088 2009-07-16] (Dell Inc.) [Fichier non signé]
===================== Pilotes (Avec liste blanche) ======================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
S3 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [37656 2016-12-06] (AVAST Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [108816 2016-12-06] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [103064 2016-12-06] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [74544 2016-12-06] (AVAST Software)
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [969184 2016-12-06] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [513632 2016-12-06] (AVAST Software)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [163416 2016-12-06] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [293352 2016-12-06] (AVAST Software)
R3 dtlitescsibus; C:\Windows\System32\DRIVERS\dtlitescsibus.sys [30264 2015-09-27] (Disc Soft Ltd)
R2 mdmxsdk; C:\Windows\System32\DRIVERS\ACFSDK64.sys [17024 2007-03-15] (Conexant)
S3 USBAAPL64; C:\Windows\System32\Drivers\usbaapl64.sys [53760 2012-09-28] (Apple, Inc.) [Fichier non signé]
R2 XAudio; C:\Windows\System32\DRIVERS\ACFXAU64.sys [10240 2009-04-28] (Conexant Systems, Inc.)
S3 hmxproj64; system32\drivers\hmxusb64.sys [X]
S3 HMXProjExt64; system32\DRIVERS\HMXExGrp64.sys [X]
S3 HMXProjMir64; system32\DRIVERS\HMXMrGrp64.sys [X]
S3 PCAMp50a64; System32\Drivers\PCAMp50a64.sys [X]
S3 PCASp50a64; System32\Drivers\PCASp50a64.sys [X]
S3 RtsUIR; system32\DRIVERS\Rts516xIR.sys [X]
S3 USBCCID; system32\DRIVERS\RtsUCcid.sys [X]
==================== NetSvcs (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
==================== Un mois - Créés - fichiers et dossiers ========
(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)
2016-12-09 20:40 - 2016-12-09 20:42 - 00022738 _____ C:\Users\Seb\Desktop\FRST.txt
2016-12-09 20:39 - 2016-12-09 20:40 - 00000000 ____D C:\FRST
2016-12-09 20:38 - 2016-12-09 20:38 - 02420224 _____ (Farbar) C:\Users\Seb\Desktop\FRST64.exe
2016-12-08 17:30 - 2016-12-08 17:30 - 00000000 ____D C:\Users\Seb\SoundTouchCrashDump
2016-12-08 17:30 - 2016-12-08 17:30 - 00000000 ____D C:\Users\Seb\AppData\Roaming\SoundTouch
2016-12-08 17:29 - 2016-12-08 17:30 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SoundTouch
2016-12-08 17:29 - 2016-12-08 17:30 - 00000000 ____D C:\Program Files (x86)\SoundTouch
2016-12-08 12:54 - 2016-12-08 12:54 - 00003152 _____ C:\Windows\System32\Tasks\{3B40EA23-B78A-4D9C-8AC9-554AA60EC076}
2016-12-08 12:47 - 2016-12-08 12:52 - 00000000 ____D C:\Program Files (x86)\ZHPFix
2016-12-08 12:47 - 2016-12-08 12:48 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ZHP
2016-12-06 21:00 - 2016-12-08 12:59 - 00000826 _____ C:\Users\Seb\Desktop\ZHPDiag.lnk
2016-12-06 20:59 - 2016-12-06 20:59 - 02503680 _____ C:\Users\Seb\Desktop\zhpdiag_2016.11.28.232.exe
2016-12-06 20:24 - 2016-12-06 20:24 - 00000000 ____D C:\Users\Seb\AppData\Roaming\AVAST Software
2016-12-06 20:24 - 2016-12-06 20:24 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVAST Software
2016-12-06 20:23 - 2016-12-08 22:53 - 00004180 _____ C:\Windows\System32\Tasks\avast! Emergency Update
2016-12-06 20:22 - 2016-12-06 20:23 - 00969184 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsnx.sys
2016-12-06 20:22 - 2016-12-06 20:23 - 00513632 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsp.sys
2016-12-06 20:22 - 2016-12-06 20:23 - 00293352 _____ (AVAST Software) C:\Windows\system32\Drivers\aswvmm.sys
2016-12-06 20:22 - 2016-12-06 20:21 - 00391496 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2016-12-06 20:22 - 2016-12-06 20:21 - 00163416 _____ (AVAST Software) C:\Windows\system32\Drivers\aswStm.sys
2016-12-06 20:22 - 2016-12-06 20:21 - 00108816 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2016-12-06 20:22 - 2016-12-06 20:21 - 00103064 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2016-12-06 20:22 - 2016-12-06 20:21 - 00074544 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRvrt.sys
2016-12-06 20:22 - 2016-12-06 20:21 - 00037656 _____ (AVAST Software) C:\Windows\system32\Drivers\aswHwid.sys
2016-12-06 20:21 - 2016-12-06 20:21 - 00053208 _____ (AVAST Software) C:\Windows\avastSS.scr
2016-12-06 20:17 - 2016-12-06 20:17 - 00000000 ____D C:\Program Files\AVAST Software
2016-12-06 20:16 - 2016-12-06 20:16 - 00000000 ____D C:\ProgramData\AVAST Software
2016-12-06 11:09 - 2016-12-08 13:00 - 00000000 ____D C:\Users\Seb\AppData\Roaming\ZHP
2016-12-04 21:15 - 2016-12-04 21:15 - 00000000 ____D C:\Windows\System32\Tasks\Safer-Networking
2016-12-04 21:13 - 2016-12-05 20:30 - 00000000 ____D C:\Program Files (x86)\Spybot - Search & Destroy 2
2016-12-04 21:13 - 2016-12-04 21:13 - 00001397 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot-S&D Start Center.lnk
2016-12-04 21:13 - 2016-12-04 21:13 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot - Search & Destroy 2
2016-12-04 21:13 - 2013-09-20 10:49 - 00021040 _____ (Safer Networking Limited) C:\Windows\system32\sdnclean64.exe
2016-12-04 20:54 - 2016-12-04 20:58 - 00000000 ____D C:\Users\Seb\AppData\Roaming\QuickScan
2016-12-04 18:27 - 2016-12-08 20:28 - 00000000 ____D C:\Users\Seb\AppData\Roaming\Skype
2016-12-04 18:27 - 2016-12-04 18:27 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2016-12-04 18:26 - 2016-12-04 18:27 - 00000000 ___RD C:\Program Files (x86)\Skype
2016-12-04 18:26 - 2016-12-04 18:27 - 00000000 ____D C:\ProgramData\Skype
2016-12-04 18:25 - 2016-12-04 18:25 - 00003078 _____ C:\Windows\System32\Tasks\{02115A30-5FA6-47D6-B482-9EF593DEB59C}
2016-12-04 17:11 - 2016-12-04 18:01 - 00000000 ____D C:\Users\Seb\AppData\Roaming\Iobit
2016-12-03 21:55 - 2016-12-04 17:50 - 00000000 ____D C:\Windows\System32\Tasks\AVAST Software
2016-12-03 18:54 - 2016-12-03 19:03 - 00000000 ____D C:\Users\TEMP.IIS APPPOOL
2016-12-03 18:54 - 2016-12-03 18:54 - 00000000 _SHDL C:\Users\TEMP.IIS APPPOOL\Voisinage réseau
2016-12-03 18:54 - 2016-12-03 18:54 - 00000000 _SHDL C:\Users\TEMP.IIS APPPOOL\Voisinage d'impression
2016-12-03 18:54 - 2016-12-03 18:54 - 00000000 _SHDL C:\Users\TEMP.IIS APPPOOL\Modèles
2016-12-03 18:54 - 2016-12-03 18:54 - 00000000 _SHDL C:\Users\TEMP.IIS APPPOOL\Mes documents
2016-12-03 18:54 - 2016-12-03 18:54 - 00000000 _SHDL C:\Users\TEMP.IIS APPPOOL\Menu Démarrer
2016-12-03 18:54 - 2016-12-03 18:54 - 00000000 _SHDL C:\Users\TEMP.IIS APPPOOL\Documents\Mes vidéos
2016-12-03 18:54 - 2016-12-03 18:54 - 00000000 _SHDL C:\Users\TEMP.IIS APPPOOL\Documents\Mes images
2016-12-03 18:54 - 2016-12-03 18:54 - 00000000 _SHDL C:\Users\TEMP.IIS APPPOOL\Documents\Ma musique
2016-12-03 18:54 - 2016-12-03 18:54 - 00000000 _SHDL C:\Users\TEMP.IIS APPPOOL\AppData\Roaming\Microsoft\Windows\Start Menu\Programmes
2016-12-03 18:54 - 2016-12-03 18:54 - 00000000 _SHDL C:\Users\TEMP.IIS APPPOOL\AppData\Local\Historique
2016-12-03 18:54 - 2010-02-06 12:15 - 00000000 ____D C:\Users\TEMP.IIS APPPOOL\AppData\Local\Microsoft Help
2016-12-03 18:54 - 2009-07-14 08:44 - 00000000 ____D C:\Users\TEMP.IIS APPPOOL\AppData\Roaming\Media Center Programs
2016-12-03 18:47 - 2016-12-03 18:47 - 00000000 ____D C:\Users\Seb\AppData\Local\Google
2016-12-03 18:45 - 2016-12-03 18:46 - 00000000 ____D C:\Program Files (x86)\Google
2016-12-03 18:42 - 2016-12-05 20:30 - 00000000 ____D C:\Program Files\Common Files\AV
2016-12-03 17:18 - 2016-12-03 17:18 - 00000000 ____D C:\Users\Seb\AppData\Local\SoundTouch
2016-12-03 17:18 - 2016-12-03 17:18 - 00000000 ____D C:\Users\Seb\.SoundTouch
2016-12-03 17:18 - 2016-12-03 17:18 - 00000000 ____D C:\Users\Seb\.QtWebEngineProcess
2016-12-02 19:18 - 2016-12-03 19:04 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Garmin
2016-11-19 13:49 - 2016-12-09 20:28 - 00000000 ____D C:\Users\Seb\AppData\LocalLow\Mozilla
2016-11-18 20:54 - 2016-12-03 19:25 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
==================== Un mois - Modifiés - fichiers et dossiers ========
(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)
2016-12-09 20:36 - 2012-04-17 20:56 - 00001002 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2016-12-09 20:08 - 2009-07-14 05:45 - 00022464 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2016-12-09 20:08 - 2009-07-14 05:45 - 00022464 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2016-12-09 19:13 - 2009-07-14 06:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2016-12-08 22:56 - 2010-02-05 20:44 - 00000000 ____D C:\Users\Seb\AppData\Roaming\vlc
2016-12-08 17:30 - 2010-02-05 17:24 - 00000000 ____D C:\Users\Seb
2016-12-07 21:10 - 2015-07-02 16:31 - 00000000 ____D C:\AdwCleaner
2016-12-06 20:27 - 2015-07-02 16:22 - 00001912 _____ C:\Windows\epplauncher.mif
2016-12-06 12:41 - 2009-07-14 08:45 - 00000000 ____D C:\Windows\ShellNew
2016-12-06 11:07 - 2015-07-02 16:48 - 00192216 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2016-12-06 07:27 - 2011-02-18 18:04 - 00000000 ____D C:\ProgramData\Spybot - Search & Destroy
2016-12-05 22:54 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\rescache
2016-12-05 22:53 - 2010-02-13 21:26 - 00000000 ____D C:\Users\Seb\AppData\Local\ElevatedDiagnostics
2016-12-04 17:50 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\registration
2016-12-04 17:50 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\inf
2016-12-04 15:28 - 2009-12-24 03:08 - 00815406 _____ C:\Windows\system32\perfh00C.dat
2016-12-04 15:28 - 2009-12-24 03:08 - 00175290 _____ C:\Windows\system32\perfc00C.dat
2016-12-04 15:28 - 2009-07-14 06:13 - 01842314 _____ C:\Windows\system32\PerfStringBackup.INI
2016-12-03 22:08 - 2010-10-10 21:03 - 00000000 ____D C:\ProgramData\Apple Computer
2016-12-03 22:00 - 2014-02-27 08:30 - 00000000 ____D C:\Users\Seb\AppData\Local\Skype
2016-12-03 21:51 - 2012-04-27 18:20 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2016-12-03 19:04 - 2016-10-28 14:54 - 00000000 ____D C:\ProgramData\Package Cache
2016-12-03 19:04 - 2016-09-17 18:13 - 00000000 ____D C:\Users\Seb\AppData\Roaming\SoundTouchPersist
2016-12-03 19:03 - 2016-10-28 14:54 - 00000000 ____D C:\Program Files (x86)\Garmin
2016-12-03 19:02 - 2010-02-05 18:24 - 00000000 ____D C:\Users\Seb\AppData\Local\Mozilla
2016-12-02 19:17 - 2016-10-28 14:54 - 00003556 _____ C:\Windows\System32\Tasks\GarminUpdaterTask
==================== Fichiers à la racine de certains dossiers =======
2011-04-09 08:28 - 2015-09-09 11:57 - 0013312 _____ () C:\Users\Seb\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2015-01-23 11:27 - 2016-10-01 09:18 - 0007605 _____ () C:\Users\Seb\AppData\Local\resmon.resmoncfg
==================== Bamital & volsnap ======================
(Il n'y a pas de correction automatique pour les fichiers qui ne satisfont pas à la vérification.)
C:\Windows\system32\winlogon.exe => Le fichier est signé numériquement
C:\Windows\system32\wininit.exe => Le fichier est signé numériquement
C:\Windows\SysWOW64\wininit.exe => Le fichier est signé numériquement
C:\Windows\explorer.exe => Le fichier est signé numériquement
C:\Windows\SysWOW64\explorer.exe => Le fichier est signé numériquement
C:\Windows\system32\svchost.exe => Le fichier est signé numériquement
C:\Windows\SysWOW64\svchost.exe => Le fichier est signé numériquement
C:\Windows\system32\services.exe => Le fichier est signé numériquement
C:\Windows\system32\User32.dll => Le fichier est signé numériquement
C:\Windows\SysWOW64\User32.dll => Le fichier est signé numériquement
C:\Windows\system32\userinit.exe => Le fichier est signé numériquement
C:\Windows\SysWOW64\userinit.exe => Le fichier est signé numériquement
C:\Windows\system32\rpcss.dll => Le fichier est signé numériquement
C:\Windows\system32\dnsapi.dll => Le fichier est signé numériquement
C:\Windows\SysWOW64\dnsapi.dll => Le fichier est signé numériquement
C:\Windows\system32\Drivers\volsnap.sys => Le fichier est signé numériquement
LastRegBack: 2016-12-05 22:45
==================== Fin de FRST.txt ============================
Exécuté par Seb (administrateur) sur PORTABLE-SEB (09-12-2016 20:40:15)
Exécuté depuis C:\Users\Seb\Desktop
Profils chargés: Seb (Profils disponibles: Seb)
Platform: Windows 7 Home Premium Service Pack 1 (X64) Langue: Français (France)
Internet Explorer Version 8 (Navigateur par défaut: FF)
Mode d'amorçage: Normal
Tutoriel pour Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processus (Avec liste blanche) =================
(Si un élément est inclus dans le fichier fixlist.txt, le processus sera arrêté. Le fichier ne sera pas déplacé.)
(Stardock Corporation) C:\Program Files\Dell\DellDock\DockLogin.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Photoshop Elements 7.0\PhotoshopElementsFileAgent.exe
(Andrea Electronics Corporation) C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Dell Inc.) C:\Program Files\Dell\QuickSet\quickset.exe
(Dell Inc.) C:\Program Files\Dell\Dell Wireless WLAN Card\WLTRAY.EXE
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
( ) C:\Windows\System32\lxdicoms.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
() C:\Program Files (x86)\Polar\Daemon\polard.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe
(Bose Corporation) C:\Program Files (x86)\SoundTouch\SoundTouchMusicServer\SoundTouch Music Server.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BTStackServer.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BluetoothHeadsetProxy.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
==================== Registre (Avec liste blanche) ====================
(Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé. Le fichier ne sera pas déplacé.)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [7982112 2009-08-05] (Realtek Semiconductor)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [1810728 2009-08-02] (Synaptics Incorporated)
HKLM\...\Run: [QuickSet] => C:\Program Files\Dell\QuickSet\QuickSet.exe [3180624 2009-07-02] (Dell Inc.)
HKLM\...\Run: [Broadcom Wireless Manager UI] => C:\Program Files\Dell\Dell Wireless WLAN Card\WLTRAY.exe [4968960 2009-07-16] (Dell Inc.)
HKLM-x32\...\Run: [Dell Webcam Central] => C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe [409744 2009-06-24] (Creative Technology Ltd)
HKLM-x32\...\Run: [Microsoft Default Manager] => C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Default Manager\DefMgr.exe [439568 2010-05-10] (Microsoft Corporation)
HKLM-x32\...\Run: [BCSSync] => C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [89184 2012-11-05] (Microsoft Corporation)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [587288 2016-09-22] (Oracle Corporation)
HKLM-x32\...\Run: [SDTray] => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe [4101576 2014-06-24] (Safer-Networking Ltd.)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [9080768 2016-12-06] (AVAST Software)
HKLM-x32\...\Run: [SoundTouch Music Server] => C:\Program Files (x86)\SoundTouch\SoundTouchMusicServer\SoundTouch Music Server.lnk [2120 2016-12-08] ()
Winlogon\Notify\GoToAssist: C:\Program Files (x86)\Citrix\GoToAssist\514\G2AWinLogon_x64.dll [X]
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
Winlogon\Notify\SDWinLogon-x32: SDWinLogon.dll [X]
HKU\S-1-5-21-3176133209-3948113283-1044735500-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [9105112 2016-11-15] (Piriform Ltd)
HKU\S-1-5-21-3176133209-3948113283-1044735500-1001\...\Run: [GarminExpressTrayApp] => C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe [1407912 2016-11-29] (Garmin Ltd. or its subsidiaries)
HKU\S-1-5-21-3176133209-3948113283-1044735500-1001\...\MountPoints2: {0a87c9ff-6512-11e5-a0d6-0026b9aeaf50} - G:\SETUP.EXE
HKU\S-1-5-21-3176133209-3948113283-1044735500-1001\...\MountPoints2: {9679fcbc-d6d2-11e0-ba50-0026b9aeaf50} - F:\Startme.exe
HKU\S-1-5-18\...\Run: [GarminExpressTrayApp] => C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe [1407912 2016-11-29] (Garmin Ltd. or its subsidiaries)
HKU\S-1-5-18\...\Run: [SpybotPostWindows10UpgradeReInstall] => C:\Program Files\Common Files\AV\Spybot - Search and Destroy\Test.exe [1011200 2015-07-28] (Safer-Networking Ltd.)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2016-12-06] (AVAST Software)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Bluetooth.lnk [2010-01-30]
ShortcutTarget: Bluetooth.lnk -> C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe (Broadcom Corporation.)
Startup: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dell Dock First Run.lnk [2009-12-25]
ShortcutTarget: Dell Dock First Run.lnk -> C:\Program Files\Dell\DellDock\DellDock.exe (Stardock Corporation)
Startup: C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dell Dock First Run.lnk [2009-12-25]
ShortcutTarget: Dell Dock First Run.lnk -> C:\Program Files\Dell\DellDock\DellDock.exe (Stardock Corporation)
BootExecute: autocheck autochk * sdnclean64.exe
==================== Internet (Avec liste blanche) ====================
(Si un élément est inclus dans le fichier fixlist.txt, s'il s'agit d'un élément du Registre, il sera supprimé ou restauré à la valeur par défaut.)
Hosts: Il y a plus d'un élément dans hosts. Voir la section Hosts de Addition.txt
Tcpip\Parameters: [DhcpNameServer] 89.2.0.1 89.2.0.2
Tcpip\..\Interfaces\{10AE897A-7CEE-4FA3-BB6C-24B96E976E6C}: [DhcpNameServer] 10.28.224.1
Tcpip\..\Interfaces\{11156335-2E9A-48FF-8E03-876FD21D5745}: [DhcpNameServer] 192.168.42.129
Tcpip\..\Interfaces\{30DA0839-366F-4BF3-8F14-10532C41DE3E}: [DhcpNameServer] 89.2.0.1 89.2.0.2
Tcpip\..\Interfaces\{8BDA4CAD-F152-48C5-96E7-36AC30898E4F}: [DhcpNameServer] 192.168.42.129
Tcpip\..\Interfaces\{DE599CF6-E5B9-4DA4-A9DD-D3BBB2929BFC}: [DhcpNameServer] 192.168.42.129
Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Local Page =
HKU\S-1-5-21-3176133209-3948113283-1044735500-1001\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://home.microsoft.com/access/allinone.asp
HKU\S-1-5-21-3176133209-3948113283-1044735500-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://g.uk.msn.com/USCON/7
URLSearchHook: [S-1-5-21-3176133209-3948113283-1044735500-1001] ATTENTION => URLSearchHook par défaut est absent
SearchScopes: HKLM -> {F03C69CC-8CC1-4D52-9CCA-544AFB3917E1} URL = hxxp://www.bing.com/search?q={searchTerms}&form=DLCDF8&pc=MDDC&src=IE-SearchBox
SearchScopes: HKLM-x32 -> {A8141060-95C4-403F-B68E-0C8EA987A7B4} URL = hxxp://www.bing.com/search?q={searchTerms}&form=DLCDF8&pc=MDDC&src=IE-SearchBox
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-3176133209-3948113283-1044735500-1001 -> {B03A034F-8902-4D04-A02C-985116AA23E4} URL = hxxp://www.google.com/search?hl=en&q={searchTerms}
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2016-12-06] (AVAST Software)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28] (Microsoft Corp.)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO: Pas de nom -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> Pas de fichier
BHO-x32: Search Helper -> {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} -> C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll [2009-05-19] (Microsoft Corporation)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-18] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_111\bin\ssv.dll [2016-10-27] (Oracle Corporation)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2016-12-06] (AVAST Software)
BHO-x32: Programme d'aide de l'Assistant de connexion Windows Live ID -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28] (Microsoft Corp.)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_111\bin\jp2ssv.dll [2016-10-27] (Oracle Corporation)
Toolbar: HKLM - avast! Online Security - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - Pas de fichier
Toolbar: HKLM - Pas de nom - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - Pas de fichier
DPF: HKLM-x32 {2357B3CF-7F8D-4451-8D81-FD6097610AEE} hxxp://activex.camfrogweb.com/advanced/2.0.1.14/cfweb_activex.camfrogweb.com-advanced-2.0.1.14_instmodule.exe
DPF: HKLM-x32 {E2883E8F-472F-4FB0-9522-AC9BF37916A7} hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll [2016-09-23] (Skype Technologies)
Filter: deflate - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\system32\urlmon.dll [2011-11-05] (Microsoft Corporation)
Filter-x32: deflate - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\SysWOW64\urlmon.dll [2011-11-05] (Microsoft Corporation)
Filter: gzip - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\system32\urlmon.dll [2011-11-05] (Microsoft Corporation)
Filter-x32: gzip - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\SysWOW64\urlmon.dll [2011-11-05] (Microsoft Corporation)
FireFox:
========
FF ProfilePath: C:\Users\Seb\AppData\Roaming\Mozilla\Firefox\Profiles\y71rxpih.default [2016-12-09]
FF Homepage: Mozilla\Firefox\Profiles\y71rxpih.default -> hxxps://www.google.fr
FF Extension: (Adblock Plus) - C:\Users\Seb\AppData\Roaming\Mozilla\Firefox\Profiles\y71rxpih.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2016-11-23]
FF Extension: (Java Console) - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA} [2016-11-18] [non signé]
FF Extension: (Java Console) - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA} [2016-11-18] [non signé]
FF Extension: (Java Console) - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0037-ABCDEFFEDCBA} [2016-11-18] [non signé]
FF HKLM\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: (Avast Online Security) - C:\Program Files\AVAST Software\Avast\WebRep\FF [2016-12-06]
FF HKLM-x32\...\Firefox\Extensions: [{3252b9ae-c69a-4eaf-9502-dc9c1f6c009e}] - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Default Manager\DMExtension
FF Extension: (Default Manager) - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Default Manager\DMExtension [2010-07-11] [non signé]
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_23_0_0_207.dll [2016-11-08] ()
FF Plugin: @microsoft.com/GENUINE -> disabled [Pas de fichier]
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.41212.0\npctrl.dll [2015-12-11] ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_23_0_0_207.dll [2016-11-08] ()
FF Plugin-x32: @java.com/DTPlugin,version=11.111.2 -> C:\Program Files (x86)\Java\jre1.8.0_111\bin\dtplugin\npDeployJava1.dll [2016-10-27] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.111.2 -> C:\Program Files (x86)\Java\jre1.8.0_111\bin\plugin2\npjp2.dll [2016-10-27] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [Pas de fichier]
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.41212.0\npctrl.dll [2015-12-11] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MIF5BA~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MIF5BA~1\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-03-08] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-03-08] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3538.0513 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-03-08] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3555.0308 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-03-08] (Microsoft Corporation)
FF Plugin-x32: @videolan.org/vlc,version=2.0.7 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.2 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.4 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2016-10-01] (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\np-mswmp.dll [2007-04-10] (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll [2016-10-01] (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin.dll [2014-11-06] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin2.dll [2014-11-06] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin3.dll [2014-11-06] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin4.dll [2014-11-06] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin5.dll [2014-11-06] (Apple Inc.)
Chrome:
=======
CHR Profile: C:\Users\Seb\AppData\Local\Google\Chrome\User Data\Default [2016-12-03]
CHR Extension: (Google Drive) - C:\Users\Seb\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-12-03]
CHR Extension: (YouTube) - C:\Users\Seb\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-12-03]
CHR Extension: (Google Sheets) - C:\Users\Seb\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2016-12-03]
CHR Extension: (Paiements via le Chrome Web Store) - C:\Users\Seb\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-12-03]
CHR Extension: (Gmail) - C:\Users\Seb\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-12-03]
==================== Services (Avec liste blanche) ====================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
S2 AcfXAudioService; C:\Windows\SysWOW64\ACFXAU64.dll [436736 2009-04-28] (Conexant Systems, Inc.)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [197128 2016-12-06] (AVAST Software)
S3 Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusService.exe [1268568 2015-06-18] (Disc Soft Ltd)
R2 DockLoginService; C:\Program Files\Dell\DellDock\DockLogin.exe [155648 2009-06-09] (Stardock Corporation) [Fichier non signé]
S3 FLEXnet Licensing Service; C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [651720 2011-02-21] (Macrovision Europe Ltd.) [Fichier non signé]
S2 Garmin Device Interaction Service; C:\Program Files (x86)\Garmin\Device Interaction Service\GarminService.exe [1029648 2016-11-29] (Garmin Ltd. or its subsidiaries)
R2 lxdi_device; C:\Windows\system32\lxdicoms.exe [876976 2007-06-11] ( )
R2 Polar Daemon; C:\Program Files (x86)\Polar\Daemon\polard.exe [419536 2012-12-12] ()
R2 SDScannerService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [1738168 2014-06-24] (Safer-Networking Ltd.)
R2 SDUpdateService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [4088608 2016-09-21] (Safer-Networking Ltd.)
R2 SDWSCService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [235984 2016-11-24] (Safer-Networking Ltd.)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2016-03-25] (Microsoft Corporation)
S4 wltrysvc; C:\Program Files\Dell\Dell Wireless WLAN Card\bcmwltry.exe [3417088 2009-07-16] (Dell Inc.) [Fichier non signé]
===================== Pilotes (Avec liste blanche) ======================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
S3 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [37656 2016-12-06] (AVAST Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [108816 2016-12-06] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [103064 2016-12-06] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [74544 2016-12-06] (AVAST Software)
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [969184 2016-12-06] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [513632 2016-12-06] (AVAST Software)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [163416 2016-12-06] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [293352 2016-12-06] (AVAST Software)
R3 dtlitescsibus; C:\Windows\System32\DRIVERS\dtlitescsibus.sys [30264 2015-09-27] (Disc Soft Ltd)
R2 mdmxsdk; C:\Windows\System32\DRIVERS\ACFSDK64.sys [17024 2007-03-15] (Conexant)
S3 USBAAPL64; C:\Windows\System32\Drivers\usbaapl64.sys [53760 2012-09-28] (Apple, Inc.) [Fichier non signé]
R2 XAudio; C:\Windows\System32\DRIVERS\ACFXAU64.sys [10240 2009-04-28] (Conexant Systems, Inc.)
S3 hmxproj64; system32\drivers\hmxusb64.sys [X]
S3 HMXProjExt64; system32\DRIVERS\HMXExGrp64.sys [X]
S3 HMXProjMir64; system32\DRIVERS\HMXMrGrp64.sys [X]
S3 PCAMp50a64; System32\Drivers\PCAMp50a64.sys [X]
S3 PCASp50a64; System32\Drivers\PCASp50a64.sys [X]
S3 RtsUIR; system32\DRIVERS\Rts516xIR.sys [X]
S3 USBCCID; system32\DRIVERS\RtsUCcid.sys [X]
==================== NetSvcs (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
==================== Un mois - Créés - fichiers et dossiers ========
(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)
2016-12-09 20:40 - 2016-12-09 20:42 - 00022738 _____ C:\Users\Seb\Desktop\FRST.txt
2016-12-09 20:39 - 2016-12-09 20:40 - 00000000 ____D C:\FRST
2016-12-09 20:38 - 2016-12-09 20:38 - 02420224 _____ (Farbar) C:\Users\Seb\Desktop\FRST64.exe
2016-12-08 17:30 - 2016-12-08 17:30 - 00000000 ____D C:\Users\Seb\SoundTouchCrashDump
2016-12-08 17:30 - 2016-12-08 17:30 - 00000000 ____D C:\Users\Seb\AppData\Roaming\SoundTouch
2016-12-08 17:29 - 2016-12-08 17:30 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SoundTouch
2016-12-08 17:29 - 2016-12-08 17:30 - 00000000 ____D C:\Program Files (x86)\SoundTouch
2016-12-08 12:54 - 2016-12-08 12:54 - 00003152 _____ C:\Windows\System32\Tasks\{3B40EA23-B78A-4D9C-8AC9-554AA60EC076}
2016-12-08 12:47 - 2016-12-08 12:52 - 00000000 ____D C:\Program Files (x86)\ZHPFix
2016-12-08 12:47 - 2016-12-08 12:48 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ZHP
2016-12-06 21:00 - 2016-12-08 12:59 - 00000826 _____ C:\Users\Seb\Desktop\ZHPDiag.lnk
2016-12-06 20:59 - 2016-12-06 20:59 - 02503680 _____ C:\Users\Seb\Desktop\zhpdiag_2016.11.28.232.exe
2016-12-06 20:24 - 2016-12-06 20:24 - 00000000 ____D C:\Users\Seb\AppData\Roaming\AVAST Software
2016-12-06 20:24 - 2016-12-06 20:24 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVAST Software
2016-12-06 20:23 - 2016-12-08 22:53 - 00004180 _____ C:\Windows\System32\Tasks\avast! Emergency Update
2016-12-06 20:22 - 2016-12-06 20:23 - 00969184 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsnx.sys
2016-12-06 20:22 - 2016-12-06 20:23 - 00513632 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsp.sys
2016-12-06 20:22 - 2016-12-06 20:23 - 00293352 _____ (AVAST Software) C:\Windows\system32\Drivers\aswvmm.sys
2016-12-06 20:22 - 2016-12-06 20:21 - 00391496 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2016-12-06 20:22 - 2016-12-06 20:21 - 00163416 _____ (AVAST Software) C:\Windows\system32\Drivers\aswStm.sys
2016-12-06 20:22 - 2016-12-06 20:21 - 00108816 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2016-12-06 20:22 - 2016-12-06 20:21 - 00103064 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2016-12-06 20:22 - 2016-12-06 20:21 - 00074544 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRvrt.sys
2016-12-06 20:22 - 2016-12-06 20:21 - 00037656 _____ (AVAST Software) C:\Windows\system32\Drivers\aswHwid.sys
2016-12-06 20:21 - 2016-12-06 20:21 - 00053208 _____ (AVAST Software) C:\Windows\avastSS.scr
2016-12-06 20:17 - 2016-12-06 20:17 - 00000000 ____D C:\Program Files\AVAST Software
2016-12-06 20:16 - 2016-12-06 20:16 - 00000000 ____D C:\ProgramData\AVAST Software
2016-12-06 11:09 - 2016-12-08 13:00 - 00000000 ____D C:\Users\Seb\AppData\Roaming\ZHP
2016-12-04 21:15 - 2016-12-04 21:15 - 00000000 ____D C:\Windows\System32\Tasks\Safer-Networking
2016-12-04 21:13 - 2016-12-05 20:30 - 00000000 ____D C:\Program Files (x86)\Spybot - Search & Destroy 2
2016-12-04 21:13 - 2016-12-04 21:13 - 00001397 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot-S&D Start Center.lnk
2016-12-04 21:13 - 2016-12-04 21:13 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot - Search & Destroy 2
2016-12-04 21:13 - 2013-09-20 10:49 - 00021040 _____ (Safer Networking Limited) C:\Windows\system32\sdnclean64.exe
2016-12-04 20:54 - 2016-12-04 20:58 - 00000000 ____D C:\Users\Seb\AppData\Roaming\QuickScan
2016-12-04 18:27 - 2016-12-08 20:28 - 00000000 ____D C:\Users\Seb\AppData\Roaming\Skype
2016-12-04 18:27 - 2016-12-04 18:27 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2016-12-04 18:26 - 2016-12-04 18:27 - 00000000 ___RD C:\Program Files (x86)\Skype
2016-12-04 18:26 - 2016-12-04 18:27 - 00000000 ____D C:\ProgramData\Skype
2016-12-04 18:25 - 2016-12-04 18:25 - 00003078 _____ C:\Windows\System32\Tasks\{02115A30-5FA6-47D6-B482-9EF593DEB59C}
2016-12-04 17:11 - 2016-12-04 18:01 - 00000000 ____D C:\Users\Seb\AppData\Roaming\Iobit
2016-12-03 21:55 - 2016-12-04 17:50 - 00000000 ____D C:\Windows\System32\Tasks\AVAST Software
2016-12-03 18:54 - 2016-12-03 19:03 - 00000000 ____D C:\Users\TEMP.IIS APPPOOL
2016-12-03 18:54 - 2016-12-03 18:54 - 00000000 _SHDL C:\Users\TEMP.IIS APPPOOL\Voisinage réseau
2016-12-03 18:54 - 2016-12-03 18:54 - 00000000 _SHDL C:\Users\TEMP.IIS APPPOOL\Voisinage d'impression
2016-12-03 18:54 - 2016-12-03 18:54 - 00000000 _SHDL C:\Users\TEMP.IIS APPPOOL\Modèles
2016-12-03 18:54 - 2016-12-03 18:54 - 00000000 _SHDL C:\Users\TEMP.IIS APPPOOL\Mes documents
2016-12-03 18:54 - 2016-12-03 18:54 - 00000000 _SHDL C:\Users\TEMP.IIS APPPOOL\Menu Démarrer
2016-12-03 18:54 - 2016-12-03 18:54 - 00000000 _SHDL C:\Users\TEMP.IIS APPPOOL\Documents\Mes vidéos
2016-12-03 18:54 - 2016-12-03 18:54 - 00000000 _SHDL C:\Users\TEMP.IIS APPPOOL\Documents\Mes images
2016-12-03 18:54 - 2016-12-03 18:54 - 00000000 _SHDL C:\Users\TEMP.IIS APPPOOL\Documents\Ma musique
2016-12-03 18:54 - 2016-12-03 18:54 - 00000000 _SHDL C:\Users\TEMP.IIS APPPOOL\AppData\Roaming\Microsoft\Windows\Start Menu\Programmes
2016-12-03 18:54 - 2016-12-03 18:54 - 00000000 _SHDL C:\Users\TEMP.IIS APPPOOL\AppData\Local\Historique
2016-12-03 18:54 - 2010-02-06 12:15 - 00000000 ____D C:\Users\TEMP.IIS APPPOOL\AppData\Local\Microsoft Help
2016-12-03 18:54 - 2009-07-14 08:44 - 00000000 ____D C:\Users\TEMP.IIS APPPOOL\AppData\Roaming\Media Center Programs
2016-12-03 18:47 - 2016-12-03 18:47 - 00000000 ____D C:\Users\Seb\AppData\Local\Google
2016-12-03 18:45 - 2016-12-03 18:46 - 00000000 ____D C:\Program Files (x86)\Google
2016-12-03 18:42 - 2016-12-05 20:30 - 00000000 ____D C:\Program Files\Common Files\AV
2016-12-03 17:18 - 2016-12-03 17:18 - 00000000 ____D C:\Users\Seb\AppData\Local\SoundTouch
2016-12-03 17:18 - 2016-12-03 17:18 - 00000000 ____D C:\Users\Seb\.SoundTouch
2016-12-03 17:18 - 2016-12-03 17:18 - 00000000 ____D C:\Users\Seb\.QtWebEngineProcess
2016-12-02 19:18 - 2016-12-03 19:04 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Garmin
2016-11-19 13:49 - 2016-12-09 20:28 - 00000000 ____D C:\Users\Seb\AppData\LocalLow\Mozilla
2016-11-18 20:54 - 2016-12-03 19:25 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
==================== Un mois - Modifiés - fichiers et dossiers ========
(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)
2016-12-09 20:36 - 2012-04-17 20:56 - 00001002 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2016-12-09 20:08 - 2009-07-14 05:45 - 00022464 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2016-12-09 20:08 - 2009-07-14 05:45 - 00022464 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2016-12-09 19:13 - 2009-07-14 06:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2016-12-08 22:56 - 2010-02-05 20:44 - 00000000 ____D C:\Users\Seb\AppData\Roaming\vlc
2016-12-08 17:30 - 2010-02-05 17:24 - 00000000 ____D C:\Users\Seb
2016-12-07 21:10 - 2015-07-02 16:31 - 00000000 ____D C:\AdwCleaner
2016-12-06 20:27 - 2015-07-02 16:22 - 00001912 _____ C:\Windows\epplauncher.mif
2016-12-06 12:41 - 2009-07-14 08:45 - 00000000 ____D C:\Windows\ShellNew
2016-12-06 11:07 - 2015-07-02 16:48 - 00192216 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2016-12-06 07:27 - 2011-02-18 18:04 - 00000000 ____D C:\ProgramData\Spybot - Search & Destroy
2016-12-05 22:54 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\rescache
2016-12-05 22:53 - 2010-02-13 21:26 - 00000000 ____D C:\Users\Seb\AppData\Local\ElevatedDiagnostics
2016-12-04 17:50 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\registration
2016-12-04 17:50 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\inf
2016-12-04 15:28 - 2009-12-24 03:08 - 00815406 _____ C:\Windows\system32\perfh00C.dat
2016-12-04 15:28 - 2009-12-24 03:08 - 00175290 _____ C:\Windows\system32\perfc00C.dat
2016-12-04 15:28 - 2009-07-14 06:13 - 01842314 _____ C:\Windows\system32\PerfStringBackup.INI
2016-12-03 22:08 - 2010-10-10 21:03 - 00000000 ____D C:\ProgramData\Apple Computer
2016-12-03 22:00 - 2014-02-27 08:30 - 00000000 ____D C:\Users\Seb\AppData\Local\Skype
2016-12-03 21:51 - 2012-04-27 18:20 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2016-12-03 19:04 - 2016-10-28 14:54 - 00000000 ____D C:\ProgramData\Package Cache
2016-12-03 19:04 - 2016-09-17 18:13 - 00000000 ____D C:\Users\Seb\AppData\Roaming\SoundTouchPersist
2016-12-03 19:03 - 2016-10-28 14:54 - 00000000 ____D C:\Program Files (x86)\Garmin
2016-12-03 19:02 - 2010-02-05 18:24 - 00000000 ____D C:\Users\Seb\AppData\Local\Mozilla
2016-12-02 19:17 - 2016-10-28 14:54 - 00003556 _____ C:\Windows\System32\Tasks\GarminUpdaterTask
==================== Fichiers à la racine de certains dossiers =======
2011-04-09 08:28 - 2015-09-09 11:57 - 0013312 _____ () C:\Users\Seb\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2015-01-23 11:27 - 2016-10-01 09:18 - 0007605 _____ () C:\Users\Seb\AppData\Local\resmon.resmoncfg
==================== Bamital & volsnap ======================
(Il n'y a pas de correction automatique pour les fichiers qui ne satisfont pas à la vérification.)
C:\Windows\system32\winlogon.exe => Le fichier est signé numériquement
C:\Windows\system32\wininit.exe => Le fichier est signé numériquement
C:\Windows\SysWOW64\wininit.exe => Le fichier est signé numériquement
C:\Windows\explorer.exe => Le fichier est signé numériquement
C:\Windows\SysWOW64\explorer.exe => Le fichier est signé numériquement
C:\Windows\system32\svchost.exe => Le fichier est signé numériquement
C:\Windows\SysWOW64\svchost.exe => Le fichier est signé numériquement
C:\Windows\system32\services.exe => Le fichier est signé numériquement
C:\Windows\system32\User32.dll => Le fichier est signé numériquement
C:\Windows\SysWOW64\User32.dll => Le fichier est signé numériquement
C:\Windows\system32\userinit.exe => Le fichier est signé numériquement
C:\Windows\SysWOW64\userinit.exe => Le fichier est signé numériquement
C:\Windows\system32\rpcss.dll => Le fichier est signé numériquement
C:\Windows\system32\dnsapi.dll => Le fichier est signé numériquement
C:\Windows\SysWOW64\dnsapi.dll => Le fichier est signé numériquement
C:\Windows\system32\Drivers\volsnap.sys => Le fichier est signé numériquement
LastRegBack: 2016-12-05 22:45
==================== Fin de FRST.txt ============================