Publicité
Publicité
Format du document : text/plain
Prévisualisation
Résultats d'analyse de Farbar Recovery Scan Tool (FRST) (x86) Version: 20-08-2017
Exécuté par laurent (administrateur) sur PC-DE-LAURENT (28-08-2017 19:58:31)
Exécuté depuis C:\Users\laurent\Desktop
Profils chargés: laurent (Profils disponibles: laurent)
Platform: Microsoft® Windows Vista™ Édition Familiale Premium Service Pack 2 (X86) Langue: Français (France)
Internet Explorer Version 7 (Navigateur par défaut: FF)
Mode d'amorçage: Normal
Tutoriel pour Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processus (Avec liste blanche) =================
(Si un élément est inclus dans le fichier fixlist.txt, le processus sera arrêté. Le fichier ne sera pas déplacé.)
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Microsoft Corporation) C:\Windows\System32\SLsvc.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\Antivirus\sched.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Andrea Electronics Corporation) C:\Windows\System32\AEstSrv.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\Antivirus\avguard.exe
(CANON INC.) C:\Program Files\Canon\IJ Scan Utility\SETEVENT.exe
(Intel Corporation) C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTmon.exe
(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(DEVGURU Co., LTD.) C:\Program Files\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe
(IDT, Inc.) C:\Windows\System32\stacsv.exe
(TomTom) C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe
(TuneUp Software) C:\Program Files\TuneUp Utilities 2013\TuneUpUtilitiesService32.exe
(Conexant Systems, Inc.) C:\Windows\System32\drivers\XAudio.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\Launcher\Avira.ServiceHost.exe
(Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Microsoft Corporation) C:\Windows\System32\wbem\unsecapp.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\Antivirus\avshadow.exe
(TuneUp Software) C:\Program Files\TuneUp Utilities 2013\TuneUpUtilitiesApp32.exe
(Intel Corporation) C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\Antivirus\avgnt.exe
(Elaborate Bytes AG) C:\Program Files\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe
(IDT, Inc.) C:\Program Files\SigmaTel\C-Major Audio\WDM\sttray.exe
(Microsoft Corporation) C:\Windows\ehome\ehtray.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\Launcher\Avira.Systray.exe
(Microsoft Corporation) C:\Windows\System32\wbem\unsecapp.exe
(Microsoft Corporation) C:\Windows\ehome\ehmsas.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe
(Tonec Inc.) C:\Program Files\Internet Download Manager\IDMan.exe
(Microsoft Corporation) C:\Windows\System32\conime.exe
(Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jusched.exe
(Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jucheck.exe
==================== Registre (Avec liste blanche) ====================
(Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé. Le fichier ne sera pas déplacé.)
HKLM\...\Run: [Windows Defender] => C:\Program Files\Windows Defender\MSASCui.exe [1008184 2008-01-21] (Microsoft Corporation)
HKLM\...\Run: [IAAnotif] => C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe [174872 2007-02-12] (Intel Corporation)
HKLM\...\Run: [avgnt] => C:\Program Files\Avira\Antivirus\avgnt.exe [831576 2016-09-01] (Avira Operations GmbH & Co. KG)
HKLM\...\Run: [Avira SystrayStartTrigger] => C:\Program Files\Avira\Launcher\Avira.SystrayStartTrigger.exe [67840 2016-07-11] (Avira Operations GmbH & Co. KG)
HKLM\...\Run: [VirtualCloneDrive] => C:\Program Files\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe [88984 2013-03-10] (Elaborate Bytes AG)
HKLM\...\Run: [SigmatelSysTrayApp] => C:\Program Files\SigmaTel\C-Major Audio\WDM\sttray.exe [405504 2007-09-13] (IDT, Inc.)
HKU\S-1-5-21-732756086-2140749639-2061509908-1000\...\Run: [IDM trial reset] => E:\telechargement\[opensource] IDM trial reset.rar\[opensource] IDM trial reset\idm_trial_reset.exe [1179136 2015-04-11] ()
HKU\S-1-5-21-732756086-2140749639-2061509908-1000\...\Run: [ehTray.exe] => C:\Windows\ehome\ehTray.exe [125952 2008-01-21] (Microsoft Corporation)
HKU\S-1-5-21-732756086-2140749639-2061509908-1000\...\Run: [SmartSwitchPDLR.exe] => C:\Program Files\Samsung\Smart Switch PC\SmartSwitchPDLR.exe [1037984 2017-05-20] (Samsung)
HKU\S-1-5-21-732756086-2140749639-2061509908-1000\...\MountPoints2: {3ae2a863-7510-11e7-a5d2-001d09db23a7} - I:\HiSuiteDownLoader.exe
HKU\S-1-5-21-732756086-2140749639-2061509908-1000\...\MountPoints2: {82110d50-7437-11e7-9c15-001d09db23a7} - I:\HiSuiteDownLoader.exe
HKU\S-1-5-21-732756086-2140749639-2061509908-1000\...\MountPoints2: {82110d5a-7437-11e7-9c15-001d09db23a7} - I:\HiSuiteDownLoader.exe
IFEO\dropbox.exe: [Debugger] "C:\Program Files\TuneUp Utilities 2013\TUAutoReactivator32.exe"
IFEO\dropboxuninstaller.exe: [Debugger] "C:\Program Files\TuneUp Utilities 2013\TUAutoReactivator32.exe"
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\BTTray.lnk [2013-01-12]
ShortcutTarget: BTTray.lnk -> C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe (Broadcom Corporation.)
Startup: C:\Users\laurent\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk [2015-03-19]
ShortcutTarget: Dropbox.lnk -> C:\Users\laurent\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
BootExecute: autocheck autochk * sdnclean.exe
GroupPolicy: Restriction ? <==== ATTENTION
==================== Internet (Avec liste blanche) ====================
(Si un élément est inclus dans le fichier fixlist.txt, s'il s'agit d'un élément du Registre, il sera supprimé ou restauré à la valeur par défaut.)
ProxyServer: [S-1-5-21-732756086-2140749639-2061509908-1000] => localhost:8080
AutoConfigURL: [S-1-5-21-732756086-2140749639-2061509908-1000] => localhost:8080
Tcpip\Parameters: [DhcpNameServer] 212.27.40.241 212.27.40.240
Tcpip\..\Interfaces\{FAD6359B-1169-47D0-8B9F-C60622DE22AC}: [DhcpNameServer] 212.27.40.241 212.27.40.240
Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-732756086-2140749639-2061509908-1000 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO: IDM integration (IDMIEHlprObj Class) -> {0055C089-8582-441B-A0BF-17B458C2A3A8} -> C:\Program Files\Internet Download Manager\IDMIECC.dll [2017-07-12] (Internet Download Manager, Tonec Inc.)
BHO: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2012-07-27] (Adobe Systems Incorporated)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_65\bin\ssv.dll [2015-10-22] (Oracle Corporation)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_65\bin\jp2ssv.dll [2015-10-22] (Oracle Corporation)
FireFox:
========
FF ProfilePath: C:\Users\laurent\AppData\Roaming\TomTom\HOME\Profiles\bd028vj8.default [2014-11-04]
FF Extension: (Emulator) - C:\Users\laurent\AppData\Roaming\TomTom\HOME\Profiles\bd028vj8.default\Extensions\Navcore.9.510.1234792@tomtom.com [2014-11-04] [non signé]
FF Extension: (Map status indicator) - C:\Program Files\TomTom HOME 2\xul\extensions\MapShare-status@tomtom.com [2014-11-04] [non signé]
FF ProfilePath: C:\Users\laurent\AppData\Roaming\Mozilla\Firefox\Profiles\i551s25d.default-1473367046036 [2017-08-28]
FF Session Restore: Mozilla\Firefox\Profiles\i551s25d.default-1473367046036 -> est activé.
FF Extension: (Visualisateur 3D de 20-20) - C:\Users\laurent\AppData\Roaming\Mozilla\Firefox\Profiles\i551s25d.default-1473367046036\Extensions\2020Player_IKEA@2020Technologies.com [2017-01-02]
FF Extension: (ADB Helper) - C:\Users\laurent\AppData\Roaming\Mozilla\Firefox\Profiles\i551s25d.default-1473367046036\Extensions\adbhelper@mozilla.org [2017-08-03]
FF Extension: (Keepa - Amazon Price Tracker) - C:\Users\laurent\AppData\Roaming\Mozilla\Firefox\Profiles\i551s25d.default-1473367046036\Extensions\amptra@keepa.com.xpi [2017-06-16]
FF Extension: (InvisibleHand) - C:\Users\laurent\AppData\Roaming\Mozilla\Firefox\Profiles\i551s25d.default-1473367046036\Extensions\canitbecheaper@trafficbroker.co.uk.xpi [2017-07-01]
FF Extension: (Alerte Bons Plans eBuyClub) - C:\Users\laurent\AppData\Roaming\Mozilla\Firefox\Profiles\i551s25d.default-1473367046036\Extensions\ebctb@plebicom.xul.xpi [2017-03-23]
FF Extension: (Firebug) - C:\Users\laurent\AppData\Roaming\Mozilla\Firefox\Profiles\i551s25d.default-1473367046036\Extensions\firebug@software.joehewitt.com.xpi [2017-03-01]
FF Extension: (MEGA) - C:\Users\laurent\AppData\Roaming\Mozilla\Firefox\Profiles\i551s25d.default-1473367046036\Extensions\firefox@mega.co.nz.xpi [2017-08-18]
FF Extension: (Valence) - C:\Users\laurent\AppData\Roaming\Mozilla\Firefox\Profiles\i551s25d.default-1473367046036\Extensions\fxdevtools-adapters@mozilla.org [2017-08-03]
FF Extension: (Visualisateur 3D de 20-20) - C:\Users\laurent\AppData\Roaming\Mozilla\Firefox\Profiles\i551s25d.default-1473367046036\Extensions\NP_2020Player_IS@2020Technologies.com [2017-03-27]
FF Extension: (Pas de nom) - C:\Users\laurent\AppData\Roaming\Mozilla\Firefox\Profiles\i551s25d.default-1473367046036\Extensions\support@shoptimate.com.xpi [2017-07-17]
FF Extension: (uBlock Origin) - C:\Users\laurent\AppData\Roaming\Mozilla\Firefox\Profiles\i551s25d.default-1473367046036\Extensions\uBlock0@raymondhill.net.xpi [2017-07-19]
FF Extension: (Google Analytics Opt-out Add-on (by Google)) - C:\Users\laurent\AppData\Roaming\Mozilla\Firefox\Profiles\i551s25d.default-1473367046036\Extensions\{6d96bb5e-1175-4ebf-8ab5-5f56f1c79f65}.xpi [2017-04-01]
FF Extension: (Adblock Plus) - C:\Users\laurent\AppData\Roaming\Mozilla\Firefox\Profiles\i551s25d.default-1473367046036\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2017-06-07]
FF Extension: (Greasemonkey) - C:\Users\laurent\AppData\Roaming\Mozilla\Firefox\Profiles\i551s25d.default-1473367046036\Extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}.xpi [2017-04-27]
FF Extension: (IDM integration) - C:\Program Files\Internet Download Manager\idmmzcc2.xpi [2017-01-26]
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF Extension: (Microsoft .NET Framework Assistant) - C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension [2013-02-02] [non signé]
FF HKU\S-1-5-21-732756086-2140749639-2061509908-1000\...\Firefox\Extensions: [mozilla_cc2@internetdownloadmanager.com] - C:\Program Files\Internet Download Manager\idmmzcc2.xpi
FF HKU\S-1-5-21-732756086-2140749639-2061509908-1000\...\SeaMonkey\Extensions: [mozilla_cc@internetdownloadmanager.com] - C:\Users\laurent\AppData\Roaming\IDM\idmmzcc5
FF Extension: (IDM CC) - C:\Users\laurent\AppData\Roaming\IDM\idmmzcc5 [2017-03-26] [non signé]
FF HKU\S-1-5-21-732756086-2140749639-2061509908-1000\...\SeaMonkey\Extensions: [mozilla_cc2@internetdownloadmanager.com] - C:\Program Files\Internet Download Manager\idmmzcc2.xpi
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32_26_0_0_137.dll [2017-07-17] ()
FF Plugin: @java.com/DTPlugin,version=11.65.2 -> C:\Program Files\Java\jre1.8.0_65\bin\dtplugin\npDeployJava1.dll [2015-10-22] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.65.2 -> C:\Program Files\Java\jre1.8.0_65\bin\plugin2\npjp2.dll [2015-10-22] (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.50428.0\npctrl.dll [2016-04-27] ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin: @microsoft.com/WPF,version=3.5 -> C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll [2008-07-30] (Microsoft Corporation)
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-05-01] (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-05-01] (Google Inc.)
FF Plugin: @videolan.org/vlc,version=2.0.5 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2017-05-24] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.0.8 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2017-05-24] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.1 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2017-05-24] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.2 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2017-05-24] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.3 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2017-05-24] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.5 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2017-05-24] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.2.1 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2017-05-24] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.2.4 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2017-05-24] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.2.6 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2017-05-24] (VideoLAN)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll [2012-07-27] (Adobe Systems Inc.)
FF Plugin: PDF Architect 2 -> C:\Program Files\PDF Architect 2\np-previewer.dll [2014-10-10] (pdfforge GmbH)
Chrome:
=======
CHR DefaultProfile: Default
CHR NewTab: Default -> Active:"chrome-extension://icpgjfneehieebagbmdbhnlpiopdcmna/main.html"
CHR Session Restore: Default -> est activé.
CHR Profile: C:\Users\laurent\AppData\Local\Google\Chrome\User Data\Default [2017-08-27]
CHR Extension: (Adblock Plus) - C:\Users\laurent\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2017-07-13]
CHR Extension: (uBlock Origin) - C:\Users\laurent\AppData\Local\Google\Chrome\User Data\Default\Extensions\cjpalhdlnbpafiamejdnhcphjbkeiagm [2017-07-27]
CHR Extension: (ZenMate VPN - Sécurité internet & Unblock) - C:\Users\laurent\AppData\Local\Google\Chrome\User Data\Default\Extensions\fdcgdnkidjaadafnichfpabhfomcebme [2017-08-02]
CHR Extension: (Alerte Bons Plans eBuyClub) - C:\Users\laurent\AppData\Local\Google\Chrome\User Data\Default\Extensions\fjjddemkcndmbbeeibicagaobbijjgmm [2017-03-24]
CHR Extension: (Désactivation de Google Analytics) - C:\Users\laurent\AppData\Local\Google\Chrome\User Data\Default\Extensions\fllaojicojecljbmefodhfapmkghcbnh [2015-10-21]
CHR Extension: (New Tab Redirect) - C:\Users\laurent\AppData\Local\Google\Chrome\User Data\Default\Extensions\icpgjfneehieebagbmdbhnlpiopdcmna [2015-12-08]
CHR Extension: (eBay pour Chrome) - C:\Users\laurent\AppData\Local\Google\Chrome\User Data\Default\Extensions\khhckppjhonfmcpegdjdibmngahahhck [2017-07-03]
CHR Extension: (IDM Integration Module) - C:\Users\laurent\AppData\Local\Google\Chrome\User Data\Default\Extensions\ngpampappnmepgilojfohadhhmbhlaek [2017-07-18]
CHR Extension: (Paiements via le Chrome Web Store) - C:\Users\laurent\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-08-22]
CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM\...\Chrome\Extension: [ngpampappnmepgilojfohadhhmbhlaek] - C:\Program Files\Internet Download Manager\IDMGCExt.crx [2017-08-05]
==================== Services (Avec liste blanche) ====================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
S2 AntiVirMailService; C:\Program Files\Avira\Antivirus\avmailc.exe [970632 2016-09-01] (Avira Operations GmbH & Co. KG)
R2 AntiVirSchedulerService; C:\Program Files\Avira\Antivirus\sched.exe [470600 2016-09-01] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files\Avira\Antivirus\avguard.exe [470600 2016-09-01] (Avira Operations GmbH & Co. KG)
S2 AntiVirWebService; C:\Program Files\Avira\Antivirus\AVWEBGRD.EXE [1253352 2016-09-01] (Avira Operations GmbH & Co. KG)
R2 Avira.ServiceHost; C:\Program Files\Avira\Launcher\Avira.ServiceHost.exe [309384 2016-07-11] (Avira Operations GmbH & Co. KG)
R2 CIJSRegister; C:\Program Files\Canon\IJ Scan Utility\SETEVENT.exe [144464 2015-02-19] (CANON INC.)
S3 PDF Architect 2; C:\Program Files\PDF Architect 2\ws.exe [1771560 2014-10-10] (pdfforge GmbH)
S3 pdfforge CrashHandler; C:\Program Files\PDF Architect 2\crash-handler-ws.exe [861736 2014-10-10] (pdfforge GmbH)
R2 ss_conn_service; C:\Program Files\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe [752224 2017-01-16] (DEVGURU Co., LTD.)
R2 TuneUp.UtilitiesSvc; C:\Program Files\TuneUp Utilities 2013\TuneUpUtilitiesService32.exe [1723744 2012-12-07] (TuneUp Software)
S2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [272952 2008-01-21] (Microsoft Corporation)
===================== Pilotes (Avec liste blanche) ======================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [115600 2016-07-28] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [140272 2016-07-28] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [37896 2015-08-07] (Avira Operations GmbH & Co. KG)
S3 dg_ssudbus; C:\Windows\System32\DRIVERS\ssudbus.sys [109184 2017-01-16] (Samsung Electronics Co., Ltd.)
R1 ElbyCDIO; C:\Windows\System32\Drivers\ElbyCDIO.sys [30616 2014-12-21] (Elaborate Bytes AG)
S3 ew_usbccgpfilter; C:\Windows\System32\DRIVERS\ew_usbccgpfilter.sys [15360 2017-04-11] (Huawei Technologies Co., Ltd.)
S3 LEqdUsb; C:\Windows\System32\Drivers\LEqdUsb.Sys [42264 2013-05-23] (Logitech, Inc.)
S3 LHidEqd; C:\Windows\System32\Drivers\LHidEqd.Sys [10136 2013-05-23] (Logitech, Inc.)
R3 NETwLv32; C:\Windows\System32\DRIVERS\NETwLv32.sys [6637056 2010-08-16] (Intel Corporation)
S3 SANDRA; C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2014.SP3e\WNt600x86\Sandra.sys [23112 2009-08-08] (SiSoftware)
R3 SNTNLUSB; C:\Windows\System32\DRIVERS\SNTNLUSB.SYS [35328 2007-04-27] (SafeNet, Inc.)
R0 sptd; C:\Windows\System32\Drivers\sptd.sys [717296 2014-01-07] () [Fichier non signé]
R3 tap0901; C:\Windows\System32\DRIVERS\tap0901.sys [26624 2013-08-03] (The OpenVPN Project)
R3 TuneUpUtilitiesDrv; C:\Program Files\TuneUp Utilities 2013\TuneUpUtilitiesDriver32.sys [10088 2012-11-16] (TuneUp Software)
R3 vusbbus; C:\Windows\System32\DRIVERS\vusbbus.sys [171520 2008-04-06] (Chingachguk & Denger2k) [Fichier non signé]
==================== NetSvcs (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
==================== Un mois - Créés - fichiers et dossiers ========
(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)
2017-08-28 19:58 - 2017-08-28 19:59 - 000020136 _____ C:\Users\laurent\Desktop\FRST.txt
2017-08-28 19:58 - 2017-08-28 19:58 - 000000000 ____D C:\FRST
2017-08-28 19:40 - 2017-08-28 19:40 - 001792512 _____ (Farbar) C:\Users\laurent\Desktop\FRST.exe
2017-08-28 18:39 - 2017-08-28 18:39 - 000000000 ____D C:\Users\laurent\AppData\Local\Aegisub
2017-08-28 18:02 - 2017-08-28 18:02 - 002812800 _____ C:\Users\laurent\Desktop\zhpdiag_2017.8.15.140.exe
2017-08-28 18:02 - 2017-08-28 18:02 - 000000711 _____ C:\Users\laurent\Desktop\ZHPDiag.lnk
2017-08-28 00:10 - 2017-08-28 00:10 - 000000000 ____D C:\_OTL
2017-08-28 00:08 - 2017-08-28 00:07 - 000602112 _____ (OldTimer Tools) C:\Users\laurent\Desktop\OTL.exe
2017-08-27 19:00 - 2017-08-28 18:06 - 000142520 _____ C:\Users\laurent\Desktop\ZHPDiag.txt
2017-08-25 23:38 - 2017-08-25 23:38 - 000863362 _____ C:\Users\laurent\Desktop\samsung-vous-rembourse-jusqu-a-150-pour-l-achat-d-un-refrigerateur-190201-promo-6.pdf
2017-08-25 11:25 - 2017-08-25 11:25 - 000012501 _____ C:\Users\laurent\Desktop\rib Caisse Régionale Provence Côte d'Azur.pdf
2017-08-25 11:03 - 2017-08-25 11:03 - 000083129 _____ C:\Users\laurent\Desktop\Cloture_compte_individuel_hors_ct_et_livret_individuel.pdf
2017-08-23 23:01 - 2017-08-27 18:40 - 000000000 ____D C:\Program Files\Spybot - Search & Destroy
2017-08-23 22:42 - 2017-08-23 22:42 - 000000079 _____ C:\Windows\wininit.ini
2017-08-23 20:33 - 2017-08-23 20:33 - 002856320 _____ C:\Users\laurent\ZHPCleaner.exe
2017-08-21 22:11 - 2017-08-28 18:03 - 000000000 ____D C:\Users\laurent\AppData\Roaming\ZHP
2017-08-21 22:11 - 2017-08-28 18:03 - 000000000 ____D C:\Users\laurent\AppData\Local\ZHP
2017-08-21 21:30 - 2006-09-18 23:41 - 000000761 _____ C:\Windows\system32\Drivers\etc\hosts.20170821-213036.backup
2017-08-21 20:31 - 2017-08-27 18:40 - 000000000 ____D C:\ProgramData\Spybot - Search & Destroy
2017-08-21 20:30 - 2017-08-23 22:43 - 000000000 ____D C:\Program Files\Spybot - Search & Destroy 2
2017-08-21 12:58 - 2017-08-21 12:58 - 000002216 _____ C:\Users\laurent\Documents\cc_20170821_125808.reg
2017-08-21 12:14 - 2017-07-22 19:28 - 000467128 _____ C:\Users\laurent\Desktop\Accord déplacement emplacement réservé.pdf
2017-08-21 10:42 - 2017-08-21 10:44 - 000000000 ____D C:\Users\laurent\Desktop\AXa zbanque
2017-08-20 23:59 - 2017-08-20 23:59 - 000000000 ____D C:\Users\laurent\AppData\Local\WiFi Guard
2017-08-17 13:09 - 2017-08-18 16:35 - 000000000 ____D C:\Program Files\Mozilla Thunderbird
2017-08-11 16:48 - 2017-08-11 16:48 - 000000000 ____D C:\Users\laurent\AppData\Local\FonePaw
2017-08-11 16:48 - 2017-08-11 16:48 - 000000000 ____D C:\Users\laurent\{89098f50-0711-4c46-a1f9-76ce36e32931}
2017-08-11 16:48 - 2017-08-11 16:48 - 000000000 ____D C:\Users\laurent\{05bf6308-8a05-41e5-9412-21865b6d8703}
2017-08-11 16:48 - 2017-03-17 01:52 - 000191200 _____ (DEVGURU Co., LTD.(www.devguru.co.kr)) C:\Windows\system32\Drivers\ssudmdm.sys
2017-08-08 18:55 - 2017-08-08 18:55 - 000001904 _____ C:\Users\Public\Desktop\Smart Switch.lnk
2017-08-08 18:54 - 2017-01-16 08:26 - 000109184 _____ (Samsung Electronics Co., Ltd.) C:\Windows\system32\Drivers\ssudbus.sys
2017-08-05 18:31 - 2017-08-05 18:26 - 000149224 _____ (Tonec Inc.) C:\Windows\system32\Drivers\idmwfp.sys
2017-08-03 20:06 - 2017-08-03 20:06 - 000000000 ____D C:\236b18de690d2acb229bf715
2017-07-30 17:00 - 2017-07-30 17:00 - 000000000 ____D C:\59d77cd21689473d22ee
2017-07-30 15:59 - 2017-04-11 04:17 - 000249856 _____ (Huawei Technologies Co., Ltd.) C:\Windows\system32\Drivers\hw_quusbnet.sys
2017-07-30 15:59 - 2017-04-11 04:17 - 000199680 _____ (Huawei Technologies Co., Ltd.) C:\Windows\system32\Drivers\hw_quusbmdm.sys
2017-07-30 15:59 - 2017-04-11 04:17 - 000113792 _____ (Huawei Technologies Co., Ltd.) C:\Windows\system32\Drivers\hw_cdcacm.sys
2017-07-30 15:59 - 2017-04-11 04:17 - 000102272 _____ (Huawei Technologies Co., Ltd.) C:\Windows\system32\Drivers\hw_usbdev.sys
2017-07-30 15:59 - 2017-04-11 04:17 - 000028160 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbser.sys
2017-07-30 15:59 - 2017-04-11 04:17 - 000015360 _____ (Huawei Technologies Co., Ltd.) C:\Windows\system32\Drivers\ew_usbccgpfilter.sys
2017-07-29 20:00 - 2017-08-03 20:06 - 000000000 ___HT C:\Windows\wusa.lock
2017-07-29 20:00 - 2017-07-29 20:00 - 000000000 ____D C:\275cb60bd6bd4f29bb740885530d9a34
2017-07-29 17:52 - 2017-07-29 18:43 - 000000000 ____D C:\Users\laurent\Documents\HiSuite
2017-07-29 17:52 - 2017-04-11 04:17 - 001837296 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WUDFUpdate_01009.dll
2017-07-29 17:52 - 2017-04-11 04:17 - 001461992 _____ (Microsoft Corporation) C:\Windows\system32\WdfCoInstaller01009.dll
2017-07-29 17:52 - 2017-04-11 04:17 - 001461992 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WdfCoInstaller01009.dll
2017-07-29 17:52 - 2017-04-11 04:17 - 000851176 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\winusbcoinstaller2.dll
2017-07-29 17:51 - 2017-08-04 20:58 - 000000000 ____D C:\Users\laurent\AppData\Local\Hisuite
==================== Un mois - Modifiés - fichiers et dossiers ========
(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)
2017-08-28 19:58 - 2016-11-22 22:13 - 000000000 ____D C:\Users\laurent\AppData\LocalLow\Mozilla
2017-08-28 19:54 - 2006-11-02 14:47 - 000003712 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
2017-08-28 19:54 - 2006-11-02 14:47 - 000003712 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
2017-08-28 18:51 - 2016-05-02 18:00 - 000000000 ____D C:\Users\laurent\AppData\Roaming\Aegisub
2017-08-28 18:27 - 2013-01-18 19:40 - 000000000 ____D C:\Users\laurent\AppData\Roaming\vlc
2017-08-28 18:07 - 2017-06-17 09:30 - 000000000 ____D C:\Program Files\Mozilla Firefox
2017-08-28 18:05 - 2013-01-12 07:33 - 010277386 _____ C:\Windows\system32\perfh00C.dat
2017-08-28 18:05 - 2013-01-12 07:33 - 003724820 _____ C:\Windows\system32\perfc00C.dat
2017-08-28 18:05 - 2006-11-02 12:33 - 000006984 _____ C:\Windows\system32\PerfStringBackup.INI
2017-08-28 17:59 - 2013-02-02 21:25 - 000032061 _____ C:\ProgramData\nvModes.dat
2017-08-28 17:59 - 2013-02-02 21:25 - 000032061 _____ C:\ProgramData\nvModes.001
2017-08-28 17:55 - 2015-06-11 12:03 - 000000374 _____ C:\Windows\system32\Drivers\etc\hosts.ics
2017-08-28 17:54 - 2006-11-02 15:01 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2017-08-28 01:21 - 2013-01-11 22:39 - 000000012 _____ C:\Windows\bthservsdp.dat
2017-08-28 01:21 - 2006-11-02 15:01 - 000032590 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2017-08-28 00:08 - 2016-09-11 18:21 - 000000000 ____D C:\Users\laurent\AppData\Roaming\IDM
2017-08-27 14:57 - 2013-11-23 13:02 - 000170200 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamswissarmy.sys
2017-08-27 14:55 - 2006-11-02 13:18 - 000000000 ____D C:\Windows\inf
2017-08-26 01:12 - 2014-01-10 12:57 - 000000000 ____D C:\Users\laurent\AppData\Roaming\DMCache
2017-08-25 00:07 - 2013-01-12 01:55 - 000184320 _____ C:\Users\laurent\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2017-08-23 20:33 - 2013-01-11 22:44 - 000000000 ____D C:\Users\laurent
2017-08-21 20:26 - 2016-09-27 22:49 - 000000000 ____D C:\AdwCleaner
2017-08-21 12:23 - 2016-10-19 18:54 - 000000000 ____D C:\Users\laurent\AppData\Roaming\inkscape
2017-08-21 12:23 - 2015-04-01 19:05 - 000000000 ____D C:\Users\laurent\AppData\Roaming\uTorrent
2017-08-21 12:23 - 2013-08-20 22:22 - 000000000 ____D C:\Windows\Minidump
2017-08-21 10:52 - 2014-11-27 14:42 - 014295040 _____ C:\Users\laurent\AppData\Roaming\Sandra.mdb
2017-08-21 00:11 - 2013-01-12 02:40 - 000000000 ____D C:\Windows\system32\Macromed
2017-08-19 11:52 - 2013-01-12 02:37 - 000000000 ____D C:\Program Files\Mozilla Maintenance Service
2017-08-17 09:47 - 2013-11-07 13:14 - 000000859 _____ C:\Users\Public\Desktop\VLC media player.lnk
2017-08-09 21:00 - 2013-05-01 14:56 - 000000000 ____D C:\Users\laurent\Documents\samsung
2017-08-08 18:55 - 2013-05-01 14:52 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Samsung
2017-08-08 18:52 - 2013-05-01 14:56 - 000000000 ____D C:\Users\laurent\AppData\Roaming\Samsung
2017-08-08 18:52 - 2013-05-01 14:50 - 000000000 ____D C:\Program Files\Samsung
2017-08-08 18:52 - 2013-01-12 01:22 - 000000000 ___HD C:\Program Files\InstallShield Installation Information
2017-08-08 18:50 - 2014-02-09 19:32 - 000000000 ____D C:\Program Files\Internet Download Manager
2017-07-29 18:38 - 2013-01-12 14:25 - 000000826 _____ C:\Users\laurent\Desktop\mdp.txt
==================== Fichiers à la racine de certains dossiers =======
2017-04-02 19:56 - 2017-04-10 20:34 - 000000019 _____ () C:\Users\laurent\AppData\Roaming\ArchiFacile.json
2013-01-19 13:00 - 2013-02-02 19:09 - 000027525 _____ () C:\Users\laurent\AppData\Roaming\nvModes.001
2013-01-18 16:43 - 2013-01-18 16:43 - 000027525 _____ () C:\Users\laurent\AppData\Roaming\nvModes.dat
2014-11-27 14:42 - 2017-08-21 10:52 - 014295040 _____ () C:\Users\laurent\AppData\Roaming\Sandra.mdb
2013-01-11 22:44 - 2014-04-24 11:12 - 000000680 _____ () C:\Users\laurent\AppData\Local\d3d9caps.dat
2013-01-12 01:55 - 2017-08-25 00:07 - 000184320 _____ () C:\Users\laurent\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2016-11-19 14:30 - 2016-11-19 14:30 - 000000095 _____ () C:\Users\laurent\AppData\Local\fusioncache.dat
2016-12-02 15:40 - 2016-12-02 15:40 - 000001253 _____ () C:\Users\laurent\AppData\Local\recently-used.xbel
2017-04-02 18:41 - 2017-04-02 18:41 - 000007406 _____ () C:\Users\laurent\AppData\Local\SquareClock.Production_Home_ConforamaIcon.ico
2017-04-03 23:41 - 2017-04-03 23:41 - 000353118 _____ () C:\Users\laurent\AppData\Local\SquareClock.Production_Home_Ixina_WebIcon.ico
2013-02-02 21:25 - 2017-08-28 17:59 - 000032061 _____ () C:\ProgramData\nvModes.001
2013-02-02 21:25 - 2017-08-28 17:59 - 000032061 _____ () C:\ProgramData\nvModes.dat
Fichiers à déplacer ou supprimer:
====================
C:\Users\laurent\ZHPCleaner.exe
Certains fichiers dans TEMP:
====================
2013-11-27 22:44 - 2017-08-28 00:59 - 000000000 ____D () C:\Users\laurent\AppData\Local\Temp\avgnt.exe
==================== Bamital & volsnap ======================
(Il n'y a pas de correction automatique pour les fichiers qui ne satisfont pas à la vérification.)
C:\Windows\explorer.exe => Le fichier est signé numériquement
C:\Windows\system32\winlogon.exe => Le fichier est signé numériquement
C:\Windows\system32\wininit.exe => Le fichier est signé numériquement
C:\Windows\system32\svchost.exe => Le fichier est signé numériquement
C:\Windows\system32\services.exe => Le fichier est signé numériquement
C:\Windows\system32\User32.dll => Le fichier est signé numériquement
C:\Windows\system32\userinit.exe => Le fichier est signé numériquement
C:\Windows\system32\rpcss.dll => Le fichier est signé numériquement
C:\Windows\system32\dnsapi.dll => Le fichier est signé numériquement
C:\Windows\system32\Drivers\volsnap.sys => Le fichier est signé numériquement
LastRegBack: 2017-08-28 18:05
==================== Fin de FRST.txt ============================
Exécuté par laurent (administrateur) sur PC-DE-LAURENT (28-08-2017 19:58:31)
Exécuté depuis C:\Users\laurent\Desktop
Profils chargés: laurent (Profils disponibles: laurent)
Platform: Microsoft® Windows Vista™ Édition Familiale Premium Service Pack 2 (X86) Langue: Français (France)
Internet Explorer Version 7 (Navigateur par défaut: FF)
Mode d'amorçage: Normal
Tutoriel pour Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processus (Avec liste blanche) =================
(Si un élément est inclus dans le fichier fixlist.txt, le processus sera arrêté. Le fichier ne sera pas déplacé.)
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Microsoft Corporation) C:\Windows\System32\SLsvc.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\Antivirus\sched.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Andrea Electronics Corporation) C:\Windows\System32\AEstSrv.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\Antivirus\avguard.exe
(CANON INC.) C:\Program Files\Canon\IJ Scan Utility\SETEVENT.exe
(Intel Corporation) C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTmon.exe
(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(DEVGURU Co., LTD.) C:\Program Files\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe
(IDT, Inc.) C:\Windows\System32\stacsv.exe
(TomTom) C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe
(TuneUp Software) C:\Program Files\TuneUp Utilities 2013\TuneUpUtilitiesService32.exe
(Conexant Systems, Inc.) C:\Windows\System32\drivers\XAudio.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\Launcher\Avira.ServiceHost.exe
(Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Microsoft Corporation) C:\Windows\System32\wbem\unsecapp.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\Antivirus\avshadow.exe
(TuneUp Software) C:\Program Files\TuneUp Utilities 2013\TuneUpUtilitiesApp32.exe
(Intel Corporation) C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\Antivirus\avgnt.exe
(Elaborate Bytes AG) C:\Program Files\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe
(IDT, Inc.) C:\Program Files\SigmaTel\C-Major Audio\WDM\sttray.exe
(Microsoft Corporation) C:\Windows\ehome\ehtray.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\Launcher\Avira.Systray.exe
(Microsoft Corporation) C:\Windows\System32\wbem\unsecapp.exe
(Microsoft Corporation) C:\Windows\ehome\ehmsas.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe
(Tonec Inc.) C:\Program Files\Internet Download Manager\IDMan.exe
(Microsoft Corporation) C:\Windows\System32\conime.exe
(Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jusched.exe
(Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jucheck.exe
==================== Registre (Avec liste blanche) ====================
(Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé. Le fichier ne sera pas déplacé.)
HKLM\...\Run: [Windows Defender] => C:\Program Files\Windows Defender\MSASCui.exe [1008184 2008-01-21] (Microsoft Corporation)
HKLM\...\Run: [IAAnotif] => C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe [174872 2007-02-12] (Intel Corporation)
HKLM\...\Run: [avgnt] => C:\Program Files\Avira\Antivirus\avgnt.exe [831576 2016-09-01] (Avira Operations GmbH & Co. KG)
HKLM\...\Run: [Avira SystrayStartTrigger] => C:\Program Files\Avira\Launcher\Avira.SystrayStartTrigger.exe [67840 2016-07-11] (Avira Operations GmbH & Co. KG)
HKLM\...\Run: [VirtualCloneDrive] => C:\Program Files\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe [88984 2013-03-10] (Elaborate Bytes AG)
HKLM\...\Run: [SigmatelSysTrayApp] => C:\Program Files\SigmaTel\C-Major Audio\WDM\sttray.exe [405504 2007-09-13] (IDT, Inc.)
HKU\S-1-5-21-732756086-2140749639-2061509908-1000\...\Run: [IDM trial reset] => E:\telechargement\[opensource] IDM trial reset.rar\[opensource] IDM trial reset\idm_trial_reset.exe [1179136 2015-04-11] ()
HKU\S-1-5-21-732756086-2140749639-2061509908-1000\...\Run: [ehTray.exe] => C:\Windows\ehome\ehTray.exe [125952 2008-01-21] (Microsoft Corporation)
HKU\S-1-5-21-732756086-2140749639-2061509908-1000\...\Run: [SmartSwitchPDLR.exe] => C:\Program Files\Samsung\Smart Switch PC\SmartSwitchPDLR.exe [1037984 2017-05-20] (Samsung)
HKU\S-1-5-21-732756086-2140749639-2061509908-1000\...\MountPoints2: {3ae2a863-7510-11e7-a5d2-001d09db23a7} - I:\HiSuiteDownLoader.exe
HKU\S-1-5-21-732756086-2140749639-2061509908-1000\...\MountPoints2: {82110d50-7437-11e7-9c15-001d09db23a7} - I:\HiSuiteDownLoader.exe
HKU\S-1-5-21-732756086-2140749639-2061509908-1000\...\MountPoints2: {82110d5a-7437-11e7-9c15-001d09db23a7} - I:\HiSuiteDownLoader.exe
IFEO\dropbox.exe: [Debugger] "C:\Program Files\TuneUp Utilities 2013\TUAutoReactivator32.exe"
IFEO\dropboxuninstaller.exe: [Debugger] "C:\Program Files\TuneUp Utilities 2013\TUAutoReactivator32.exe"
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\BTTray.lnk [2013-01-12]
ShortcutTarget: BTTray.lnk -> C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe (Broadcom Corporation.)
Startup: C:\Users\laurent\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk [2015-03-19]
ShortcutTarget: Dropbox.lnk -> C:\Users\laurent\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
BootExecute: autocheck autochk * sdnclean.exe
GroupPolicy: Restriction ? <==== ATTENTION
==================== Internet (Avec liste blanche) ====================
(Si un élément est inclus dans le fichier fixlist.txt, s'il s'agit d'un élément du Registre, il sera supprimé ou restauré à la valeur par défaut.)
ProxyServer: [S-1-5-21-732756086-2140749639-2061509908-1000] => localhost:8080
AutoConfigURL: [S-1-5-21-732756086-2140749639-2061509908-1000] => localhost:8080
Tcpip\Parameters: [DhcpNameServer] 212.27.40.241 212.27.40.240
Tcpip\..\Interfaces\{FAD6359B-1169-47D0-8B9F-C60622DE22AC}: [DhcpNameServer] 212.27.40.241 212.27.40.240
Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-732756086-2140749639-2061509908-1000 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO: IDM integration (IDMIEHlprObj Class) -> {0055C089-8582-441B-A0BF-17B458C2A3A8} -> C:\Program Files\Internet Download Manager\IDMIECC.dll [2017-07-12] (Internet Download Manager, Tonec Inc.)
BHO: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2012-07-27] (Adobe Systems Incorporated)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_65\bin\ssv.dll [2015-10-22] (Oracle Corporation)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_65\bin\jp2ssv.dll [2015-10-22] (Oracle Corporation)
FireFox:
========
FF ProfilePath: C:\Users\laurent\AppData\Roaming\TomTom\HOME\Profiles\bd028vj8.default [2014-11-04]
FF Extension: (Emulator) - C:\Users\laurent\AppData\Roaming\TomTom\HOME\Profiles\bd028vj8.default\Extensions\Navcore.9.510.1234792@tomtom.com [2014-11-04] [non signé]
FF Extension: (Map status indicator) - C:\Program Files\TomTom HOME 2\xul\extensions\MapShare-status@tomtom.com [2014-11-04] [non signé]
FF ProfilePath: C:\Users\laurent\AppData\Roaming\Mozilla\Firefox\Profiles\i551s25d.default-1473367046036 [2017-08-28]
FF Session Restore: Mozilla\Firefox\Profiles\i551s25d.default-1473367046036 -> est activé.
FF Extension: (Visualisateur 3D de 20-20) - C:\Users\laurent\AppData\Roaming\Mozilla\Firefox\Profiles\i551s25d.default-1473367046036\Extensions\2020Player_IKEA@2020Technologies.com [2017-01-02]
FF Extension: (ADB Helper) - C:\Users\laurent\AppData\Roaming\Mozilla\Firefox\Profiles\i551s25d.default-1473367046036\Extensions\adbhelper@mozilla.org [2017-08-03]
FF Extension: (Keepa - Amazon Price Tracker) - C:\Users\laurent\AppData\Roaming\Mozilla\Firefox\Profiles\i551s25d.default-1473367046036\Extensions\amptra@keepa.com.xpi [2017-06-16]
FF Extension: (InvisibleHand) - C:\Users\laurent\AppData\Roaming\Mozilla\Firefox\Profiles\i551s25d.default-1473367046036\Extensions\canitbecheaper@trafficbroker.co.uk.xpi [2017-07-01]
FF Extension: (Alerte Bons Plans eBuyClub) - C:\Users\laurent\AppData\Roaming\Mozilla\Firefox\Profiles\i551s25d.default-1473367046036\Extensions\ebctb@plebicom.xul.xpi [2017-03-23]
FF Extension: (Firebug) - C:\Users\laurent\AppData\Roaming\Mozilla\Firefox\Profiles\i551s25d.default-1473367046036\Extensions\firebug@software.joehewitt.com.xpi [2017-03-01]
FF Extension: (MEGA) - C:\Users\laurent\AppData\Roaming\Mozilla\Firefox\Profiles\i551s25d.default-1473367046036\Extensions\firefox@mega.co.nz.xpi [2017-08-18]
FF Extension: (Valence) - C:\Users\laurent\AppData\Roaming\Mozilla\Firefox\Profiles\i551s25d.default-1473367046036\Extensions\fxdevtools-adapters@mozilla.org [2017-08-03]
FF Extension: (Visualisateur 3D de 20-20) - C:\Users\laurent\AppData\Roaming\Mozilla\Firefox\Profiles\i551s25d.default-1473367046036\Extensions\NP_2020Player_IS@2020Technologies.com [2017-03-27]
FF Extension: (Pas de nom) - C:\Users\laurent\AppData\Roaming\Mozilla\Firefox\Profiles\i551s25d.default-1473367046036\Extensions\support@shoptimate.com.xpi [2017-07-17]
FF Extension: (uBlock Origin) - C:\Users\laurent\AppData\Roaming\Mozilla\Firefox\Profiles\i551s25d.default-1473367046036\Extensions\uBlock0@raymondhill.net.xpi [2017-07-19]
FF Extension: (Google Analytics Opt-out Add-on (by Google)) - C:\Users\laurent\AppData\Roaming\Mozilla\Firefox\Profiles\i551s25d.default-1473367046036\Extensions\{6d96bb5e-1175-4ebf-8ab5-5f56f1c79f65}.xpi [2017-04-01]
FF Extension: (Adblock Plus) - C:\Users\laurent\AppData\Roaming\Mozilla\Firefox\Profiles\i551s25d.default-1473367046036\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2017-06-07]
FF Extension: (Greasemonkey) - C:\Users\laurent\AppData\Roaming\Mozilla\Firefox\Profiles\i551s25d.default-1473367046036\Extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}.xpi [2017-04-27]
FF Extension: (IDM integration) - C:\Program Files\Internet Download Manager\idmmzcc2.xpi [2017-01-26]
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF Extension: (Microsoft .NET Framework Assistant) - C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension [2013-02-02] [non signé]
FF HKU\S-1-5-21-732756086-2140749639-2061509908-1000\...\Firefox\Extensions: [mozilla_cc2@internetdownloadmanager.com] - C:\Program Files\Internet Download Manager\idmmzcc2.xpi
FF HKU\S-1-5-21-732756086-2140749639-2061509908-1000\...\SeaMonkey\Extensions: [mozilla_cc@internetdownloadmanager.com] - C:\Users\laurent\AppData\Roaming\IDM\idmmzcc5
FF Extension: (IDM CC) - C:\Users\laurent\AppData\Roaming\IDM\idmmzcc5 [2017-03-26] [non signé]
FF HKU\S-1-5-21-732756086-2140749639-2061509908-1000\...\SeaMonkey\Extensions: [mozilla_cc2@internetdownloadmanager.com] - C:\Program Files\Internet Download Manager\idmmzcc2.xpi
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32_26_0_0_137.dll [2017-07-17] ()
FF Plugin: @java.com/DTPlugin,version=11.65.2 -> C:\Program Files\Java\jre1.8.0_65\bin\dtplugin\npDeployJava1.dll [2015-10-22] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.65.2 -> C:\Program Files\Java\jre1.8.0_65\bin\plugin2\npjp2.dll [2015-10-22] (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.50428.0\npctrl.dll [2016-04-27] ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin: @microsoft.com/WPF,version=3.5 -> C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll [2008-07-30] (Microsoft Corporation)
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-05-01] (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-05-01] (Google Inc.)
FF Plugin: @videolan.org/vlc,version=2.0.5 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2017-05-24] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.0.8 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2017-05-24] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.1 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2017-05-24] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.2 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2017-05-24] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.3 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2017-05-24] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.5 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2017-05-24] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.2.1 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2017-05-24] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.2.4 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2017-05-24] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.2.6 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2017-05-24] (VideoLAN)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll [2012-07-27] (Adobe Systems Inc.)
FF Plugin: PDF Architect 2 -> C:\Program Files\PDF Architect 2\np-previewer.dll [2014-10-10] (pdfforge GmbH)
Chrome:
=======
CHR DefaultProfile: Default
CHR NewTab: Default -> Active:"chrome-extension://icpgjfneehieebagbmdbhnlpiopdcmna/main.html"
CHR Session Restore: Default -> est activé.
CHR Profile: C:\Users\laurent\AppData\Local\Google\Chrome\User Data\Default [2017-08-27]
CHR Extension: (Adblock Plus) - C:\Users\laurent\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2017-07-13]
CHR Extension: (uBlock Origin) - C:\Users\laurent\AppData\Local\Google\Chrome\User Data\Default\Extensions\cjpalhdlnbpafiamejdnhcphjbkeiagm [2017-07-27]
CHR Extension: (ZenMate VPN - Sécurité internet & Unblock) - C:\Users\laurent\AppData\Local\Google\Chrome\User Data\Default\Extensions\fdcgdnkidjaadafnichfpabhfomcebme [2017-08-02]
CHR Extension: (Alerte Bons Plans eBuyClub) - C:\Users\laurent\AppData\Local\Google\Chrome\User Data\Default\Extensions\fjjddemkcndmbbeeibicagaobbijjgmm [2017-03-24]
CHR Extension: (Désactivation de Google Analytics) - C:\Users\laurent\AppData\Local\Google\Chrome\User Data\Default\Extensions\fllaojicojecljbmefodhfapmkghcbnh [2015-10-21]
CHR Extension: (New Tab Redirect) - C:\Users\laurent\AppData\Local\Google\Chrome\User Data\Default\Extensions\icpgjfneehieebagbmdbhnlpiopdcmna [2015-12-08]
CHR Extension: (eBay pour Chrome) - C:\Users\laurent\AppData\Local\Google\Chrome\User Data\Default\Extensions\khhckppjhonfmcpegdjdibmngahahhck [2017-07-03]
CHR Extension: (IDM Integration Module) - C:\Users\laurent\AppData\Local\Google\Chrome\User Data\Default\Extensions\ngpampappnmepgilojfohadhhmbhlaek [2017-07-18]
CHR Extension: (Paiements via le Chrome Web Store) - C:\Users\laurent\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-08-22]
CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM\...\Chrome\Extension: [ngpampappnmepgilojfohadhhmbhlaek] - C:\Program Files\Internet Download Manager\IDMGCExt.crx [2017-08-05]
==================== Services (Avec liste blanche) ====================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
S2 AntiVirMailService; C:\Program Files\Avira\Antivirus\avmailc.exe [970632 2016-09-01] (Avira Operations GmbH & Co. KG)
R2 AntiVirSchedulerService; C:\Program Files\Avira\Antivirus\sched.exe [470600 2016-09-01] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files\Avira\Antivirus\avguard.exe [470600 2016-09-01] (Avira Operations GmbH & Co. KG)
S2 AntiVirWebService; C:\Program Files\Avira\Antivirus\AVWEBGRD.EXE [1253352 2016-09-01] (Avira Operations GmbH & Co. KG)
R2 Avira.ServiceHost; C:\Program Files\Avira\Launcher\Avira.ServiceHost.exe [309384 2016-07-11] (Avira Operations GmbH & Co. KG)
R2 CIJSRegister; C:\Program Files\Canon\IJ Scan Utility\SETEVENT.exe [144464 2015-02-19] (CANON INC.)
S3 PDF Architect 2; C:\Program Files\PDF Architect 2\ws.exe [1771560 2014-10-10] (pdfforge GmbH)
S3 pdfforge CrashHandler; C:\Program Files\PDF Architect 2\crash-handler-ws.exe [861736 2014-10-10] (pdfforge GmbH)
R2 ss_conn_service; C:\Program Files\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe [752224 2017-01-16] (DEVGURU Co., LTD.)
R2 TuneUp.UtilitiesSvc; C:\Program Files\TuneUp Utilities 2013\TuneUpUtilitiesService32.exe [1723744 2012-12-07] (TuneUp Software)
S2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [272952 2008-01-21] (Microsoft Corporation)
===================== Pilotes (Avec liste blanche) ======================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [115600 2016-07-28] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [140272 2016-07-28] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [37896 2015-08-07] (Avira Operations GmbH & Co. KG)
S3 dg_ssudbus; C:\Windows\System32\DRIVERS\ssudbus.sys [109184 2017-01-16] (Samsung Electronics Co., Ltd.)
R1 ElbyCDIO; C:\Windows\System32\Drivers\ElbyCDIO.sys [30616 2014-12-21] (Elaborate Bytes AG)
S3 ew_usbccgpfilter; C:\Windows\System32\DRIVERS\ew_usbccgpfilter.sys [15360 2017-04-11] (Huawei Technologies Co., Ltd.)
S3 LEqdUsb; C:\Windows\System32\Drivers\LEqdUsb.Sys [42264 2013-05-23] (Logitech, Inc.)
S3 LHidEqd; C:\Windows\System32\Drivers\LHidEqd.Sys [10136 2013-05-23] (Logitech, Inc.)
R3 NETwLv32; C:\Windows\System32\DRIVERS\NETwLv32.sys [6637056 2010-08-16] (Intel Corporation)
S3 SANDRA; C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2014.SP3e\WNt600x86\Sandra.sys [23112 2009-08-08] (SiSoftware)
R3 SNTNLUSB; C:\Windows\System32\DRIVERS\SNTNLUSB.SYS [35328 2007-04-27] (SafeNet, Inc.)
R0 sptd; C:\Windows\System32\Drivers\sptd.sys [717296 2014-01-07] () [Fichier non signé]
R3 tap0901; C:\Windows\System32\DRIVERS\tap0901.sys [26624 2013-08-03] (The OpenVPN Project)
R3 TuneUpUtilitiesDrv; C:\Program Files\TuneUp Utilities 2013\TuneUpUtilitiesDriver32.sys [10088 2012-11-16] (TuneUp Software)
R3 vusbbus; C:\Windows\System32\DRIVERS\vusbbus.sys [171520 2008-04-06] (Chingachguk & Denger2k) [Fichier non signé]
==================== NetSvcs (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
==================== Un mois - Créés - fichiers et dossiers ========
(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)
2017-08-28 19:58 - 2017-08-28 19:59 - 000020136 _____ C:\Users\laurent\Desktop\FRST.txt
2017-08-28 19:58 - 2017-08-28 19:58 - 000000000 ____D C:\FRST
2017-08-28 19:40 - 2017-08-28 19:40 - 001792512 _____ (Farbar) C:\Users\laurent\Desktop\FRST.exe
2017-08-28 18:39 - 2017-08-28 18:39 - 000000000 ____D C:\Users\laurent\AppData\Local\Aegisub
2017-08-28 18:02 - 2017-08-28 18:02 - 002812800 _____ C:\Users\laurent\Desktop\zhpdiag_2017.8.15.140.exe
2017-08-28 18:02 - 2017-08-28 18:02 - 000000711 _____ C:\Users\laurent\Desktop\ZHPDiag.lnk
2017-08-28 00:10 - 2017-08-28 00:10 - 000000000 ____D C:\_OTL
2017-08-28 00:08 - 2017-08-28 00:07 - 000602112 _____ (OldTimer Tools) C:\Users\laurent\Desktop\OTL.exe
2017-08-27 19:00 - 2017-08-28 18:06 - 000142520 _____ C:\Users\laurent\Desktop\ZHPDiag.txt
2017-08-25 23:38 - 2017-08-25 23:38 - 000863362 _____ C:\Users\laurent\Desktop\samsung-vous-rembourse-jusqu-a-150-pour-l-achat-d-un-refrigerateur-190201-promo-6.pdf
2017-08-25 11:25 - 2017-08-25 11:25 - 000012501 _____ C:\Users\laurent\Desktop\rib Caisse Régionale Provence Côte d'Azur.pdf
2017-08-25 11:03 - 2017-08-25 11:03 - 000083129 _____ C:\Users\laurent\Desktop\Cloture_compte_individuel_hors_ct_et_livret_individuel.pdf
2017-08-23 23:01 - 2017-08-27 18:40 - 000000000 ____D C:\Program Files\Spybot - Search & Destroy
2017-08-23 22:42 - 2017-08-23 22:42 - 000000079 _____ C:\Windows\wininit.ini
2017-08-23 20:33 - 2017-08-23 20:33 - 002856320 _____ C:\Users\laurent\ZHPCleaner.exe
2017-08-21 22:11 - 2017-08-28 18:03 - 000000000 ____D C:\Users\laurent\AppData\Roaming\ZHP
2017-08-21 22:11 - 2017-08-28 18:03 - 000000000 ____D C:\Users\laurent\AppData\Local\ZHP
2017-08-21 21:30 - 2006-09-18 23:41 - 000000761 _____ C:\Windows\system32\Drivers\etc\hosts.20170821-213036.backup
2017-08-21 20:31 - 2017-08-27 18:40 - 000000000 ____D C:\ProgramData\Spybot - Search & Destroy
2017-08-21 20:30 - 2017-08-23 22:43 - 000000000 ____D C:\Program Files\Spybot - Search & Destroy 2
2017-08-21 12:58 - 2017-08-21 12:58 - 000002216 _____ C:\Users\laurent\Documents\cc_20170821_125808.reg
2017-08-21 12:14 - 2017-07-22 19:28 - 000467128 _____ C:\Users\laurent\Desktop\Accord déplacement emplacement réservé.pdf
2017-08-21 10:42 - 2017-08-21 10:44 - 000000000 ____D C:\Users\laurent\Desktop\AXa zbanque
2017-08-20 23:59 - 2017-08-20 23:59 - 000000000 ____D C:\Users\laurent\AppData\Local\WiFi Guard
2017-08-17 13:09 - 2017-08-18 16:35 - 000000000 ____D C:\Program Files\Mozilla Thunderbird
2017-08-11 16:48 - 2017-08-11 16:48 - 000000000 ____D C:\Users\laurent\AppData\Local\FonePaw
2017-08-11 16:48 - 2017-08-11 16:48 - 000000000 ____D C:\Users\laurent\{89098f50-0711-4c46-a1f9-76ce36e32931}
2017-08-11 16:48 - 2017-08-11 16:48 - 000000000 ____D C:\Users\laurent\{05bf6308-8a05-41e5-9412-21865b6d8703}
2017-08-11 16:48 - 2017-03-17 01:52 - 000191200 _____ (DEVGURU Co., LTD.(www.devguru.co.kr)) C:\Windows\system32\Drivers\ssudmdm.sys
2017-08-08 18:55 - 2017-08-08 18:55 - 000001904 _____ C:\Users\Public\Desktop\Smart Switch.lnk
2017-08-08 18:54 - 2017-01-16 08:26 - 000109184 _____ (Samsung Electronics Co., Ltd.) C:\Windows\system32\Drivers\ssudbus.sys
2017-08-05 18:31 - 2017-08-05 18:26 - 000149224 _____ (Tonec Inc.) C:\Windows\system32\Drivers\idmwfp.sys
2017-08-03 20:06 - 2017-08-03 20:06 - 000000000 ____D C:\236b18de690d2acb229bf715
2017-07-30 17:00 - 2017-07-30 17:00 - 000000000 ____D C:\59d77cd21689473d22ee
2017-07-30 15:59 - 2017-04-11 04:17 - 000249856 _____ (Huawei Technologies Co., Ltd.) C:\Windows\system32\Drivers\hw_quusbnet.sys
2017-07-30 15:59 - 2017-04-11 04:17 - 000199680 _____ (Huawei Technologies Co., Ltd.) C:\Windows\system32\Drivers\hw_quusbmdm.sys
2017-07-30 15:59 - 2017-04-11 04:17 - 000113792 _____ (Huawei Technologies Co., Ltd.) C:\Windows\system32\Drivers\hw_cdcacm.sys
2017-07-30 15:59 - 2017-04-11 04:17 - 000102272 _____ (Huawei Technologies Co., Ltd.) C:\Windows\system32\Drivers\hw_usbdev.sys
2017-07-30 15:59 - 2017-04-11 04:17 - 000028160 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbser.sys
2017-07-30 15:59 - 2017-04-11 04:17 - 000015360 _____ (Huawei Technologies Co., Ltd.) C:\Windows\system32\Drivers\ew_usbccgpfilter.sys
2017-07-29 20:00 - 2017-08-03 20:06 - 000000000 ___HT C:\Windows\wusa.lock
2017-07-29 20:00 - 2017-07-29 20:00 - 000000000 ____D C:\275cb60bd6bd4f29bb740885530d9a34
2017-07-29 17:52 - 2017-07-29 18:43 - 000000000 ____D C:\Users\laurent\Documents\HiSuite
2017-07-29 17:52 - 2017-04-11 04:17 - 001837296 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WUDFUpdate_01009.dll
2017-07-29 17:52 - 2017-04-11 04:17 - 001461992 _____ (Microsoft Corporation) C:\Windows\system32\WdfCoInstaller01009.dll
2017-07-29 17:52 - 2017-04-11 04:17 - 001461992 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WdfCoInstaller01009.dll
2017-07-29 17:52 - 2017-04-11 04:17 - 000851176 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\winusbcoinstaller2.dll
2017-07-29 17:51 - 2017-08-04 20:58 - 000000000 ____D C:\Users\laurent\AppData\Local\Hisuite
==================== Un mois - Modifiés - fichiers et dossiers ========
(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)
2017-08-28 19:58 - 2016-11-22 22:13 - 000000000 ____D C:\Users\laurent\AppData\LocalLow\Mozilla
2017-08-28 19:54 - 2006-11-02 14:47 - 000003712 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
2017-08-28 19:54 - 2006-11-02 14:47 - 000003712 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
2017-08-28 18:51 - 2016-05-02 18:00 - 000000000 ____D C:\Users\laurent\AppData\Roaming\Aegisub
2017-08-28 18:27 - 2013-01-18 19:40 - 000000000 ____D C:\Users\laurent\AppData\Roaming\vlc
2017-08-28 18:07 - 2017-06-17 09:30 - 000000000 ____D C:\Program Files\Mozilla Firefox
2017-08-28 18:05 - 2013-01-12 07:33 - 010277386 _____ C:\Windows\system32\perfh00C.dat
2017-08-28 18:05 - 2013-01-12 07:33 - 003724820 _____ C:\Windows\system32\perfc00C.dat
2017-08-28 18:05 - 2006-11-02 12:33 - 000006984 _____ C:\Windows\system32\PerfStringBackup.INI
2017-08-28 17:59 - 2013-02-02 21:25 - 000032061 _____ C:\ProgramData\nvModes.dat
2017-08-28 17:59 - 2013-02-02 21:25 - 000032061 _____ C:\ProgramData\nvModes.001
2017-08-28 17:55 - 2015-06-11 12:03 - 000000374 _____ C:\Windows\system32\Drivers\etc\hosts.ics
2017-08-28 17:54 - 2006-11-02 15:01 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2017-08-28 01:21 - 2013-01-11 22:39 - 000000012 _____ C:\Windows\bthservsdp.dat
2017-08-28 01:21 - 2006-11-02 15:01 - 000032590 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2017-08-28 00:08 - 2016-09-11 18:21 - 000000000 ____D C:\Users\laurent\AppData\Roaming\IDM
2017-08-27 14:57 - 2013-11-23 13:02 - 000170200 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamswissarmy.sys
2017-08-27 14:55 - 2006-11-02 13:18 - 000000000 ____D C:\Windows\inf
2017-08-26 01:12 - 2014-01-10 12:57 - 000000000 ____D C:\Users\laurent\AppData\Roaming\DMCache
2017-08-25 00:07 - 2013-01-12 01:55 - 000184320 _____ C:\Users\laurent\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2017-08-23 20:33 - 2013-01-11 22:44 - 000000000 ____D C:\Users\laurent
2017-08-21 20:26 - 2016-09-27 22:49 - 000000000 ____D C:\AdwCleaner
2017-08-21 12:23 - 2016-10-19 18:54 - 000000000 ____D C:\Users\laurent\AppData\Roaming\inkscape
2017-08-21 12:23 - 2015-04-01 19:05 - 000000000 ____D C:\Users\laurent\AppData\Roaming\uTorrent
2017-08-21 12:23 - 2013-08-20 22:22 - 000000000 ____D C:\Windows\Minidump
2017-08-21 10:52 - 2014-11-27 14:42 - 014295040 _____ C:\Users\laurent\AppData\Roaming\Sandra.mdb
2017-08-21 00:11 - 2013-01-12 02:40 - 000000000 ____D C:\Windows\system32\Macromed
2017-08-19 11:52 - 2013-01-12 02:37 - 000000000 ____D C:\Program Files\Mozilla Maintenance Service
2017-08-17 09:47 - 2013-11-07 13:14 - 000000859 _____ C:\Users\Public\Desktop\VLC media player.lnk
2017-08-09 21:00 - 2013-05-01 14:56 - 000000000 ____D C:\Users\laurent\Documents\samsung
2017-08-08 18:55 - 2013-05-01 14:52 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Samsung
2017-08-08 18:52 - 2013-05-01 14:56 - 000000000 ____D C:\Users\laurent\AppData\Roaming\Samsung
2017-08-08 18:52 - 2013-05-01 14:50 - 000000000 ____D C:\Program Files\Samsung
2017-08-08 18:52 - 2013-01-12 01:22 - 000000000 ___HD C:\Program Files\InstallShield Installation Information
2017-08-08 18:50 - 2014-02-09 19:32 - 000000000 ____D C:\Program Files\Internet Download Manager
2017-07-29 18:38 - 2013-01-12 14:25 - 000000826 _____ C:\Users\laurent\Desktop\mdp.txt
==================== Fichiers à la racine de certains dossiers =======
2017-04-02 19:56 - 2017-04-10 20:34 - 000000019 _____ () C:\Users\laurent\AppData\Roaming\ArchiFacile.json
2013-01-19 13:00 - 2013-02-02 19:09 - 000027525 _____ () C:\Users\laurent\AppData\Roaming\nvModes.001
2013-01-18 16:43 - 2013-01-18 16:43 - 000027525 _____ () C:\Users\laurent\AppData\Roaming\nvModes.dat
2014-11-27 14:42 - 2017-08-21 10:52 - 014295040 _____ () C:\Users\laurent\AppData\Roaming\Sandra.mdb
2013-01-11 22:44 - 2014-04-24 11:12 - 000000680 _____ () C:\Users\laurent\AppData\Local\d3d9caps.dat
2013-01-12 01:55 - 2017-08-25 00:07 - 000184320 _____ () C:\Users\laurent\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2016-11-19 14:30 - 2016-11-19 14:30 - 000000095 _____ () C:\Users\laurent\AppData\Local\fusioncache.dat
2016-12-02 15:40 - 2016-12-02 15:40 - 000001253 _____ () C:\Users\laurent\AppData\Local\recently-used.xbel
2017-04-02 18:41 - 2017-04-02 18:41 - 000007406 _____ () C:\Users\laurent\AppData\Local\SquareClock.Production_Home_ConforamaIcon.ico
2017-04-03 23:41 - 2017-04-03 23:41 - 000353118 _____ () C:\Users\laurent\AppData\Local\SquareClock.Production_Home_Ixina_WebIcon.ico
2013-02-02 21:25 - 2017-08-28 17:59 - 000032061 _____ () C:\ProgramData\nvModes.001
2013-02-02 21:25 - 2017-08-28 17:59 - 000032061 _____ () C:\ProgramData\nvModes.dat
Fichiers à déplacer ou supprimer:
====================
C:\Users\laurent\ZHPCleaner.exe
Certains fichiers dans TEMP:
====================
2013-11-27 22:44 - 2017-08-28 00:59 - 000000000 ____D () C:\Users\laurent\AppData\Local\Temp\avgnt.exe
==================== Bamital & volsnap ======================
(Il n'y a pas de correction automatique pour les fichiers qui ne satisfont pas à la vérification.)
C:\Windows\explorer.exe => Le fichier est signé numériquement
C:\Windows\system32\winlogon.exe => Le fichier est signé numériquement
C:\Windows\system32\wininit.exe => Le fichier est signé numériquement
C:\Windows\system32\svchost.exe => Le fichier est signé numériquement
C:\Windows\system32\services.exe => Le fichier est signé numériquement
C:\Windows\system32\User32.dll => Le fichier est signé numériquement
C:\Windows\system32\userinit.exe => Le fichier est signé numériquement
C:\Windows\system32\rpcss.dll => Le fichier est signé numériquement
C:\Windows\system32\dnsapi.dll => Le fichier est signé numériquement
C:\Windows\system32\Drivers\volsnap.sys => Le fichier est signé numériquement
LastRegBack: 2017-08-28 18:05
==================== Fin de FRST.txt ============================