Résultats d'analyse de Farbar Recovery Scan Tool (FRST) (x64) Version: 07-12-2016 Exécuté par Seb (administrateur) sur PORTABLE-SEB (09-12-2016 20:40:15) Exécuté depuis C:\Users\Seb\Desktop Profils chargés: Seb (Profils disponibles: Seb) Platform: Windows 7 Home Premium Service Pack 1 (X64) Langue: Français (France) Internet Explorer Version 8 (Navigateur par défaut: FF) Mode d'amorçage: Normal Tutoriel pour Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processus (Avec liste blanche) ================= (Si un élément est inclus dans le fichier fixlist.txt, le processus sera arrêté. Le fichier ne sera pas déplacé.) (Stardock Corporation) C:\Program Files\Dell\DellDock\DockLogin.exe (AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe (Microsoft Corporation) C:\Windows\System32\wlanext.exe (Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Photoshop Elements 7.0\PhotoshopElementsFileAgent.exe (Andrea Electronics Corporation) C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe (Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe (Dell Inc.) C:\Program Files\Dell\QuickSet\quickset.exe (Dell Inc.) C:\Program Files\Dell\Dell Wireless WLAN Card\WLTRAY.EXE (Intel Corporation) C:\Windows\System32\hkcmd.exe (Intel Corporation) C:\Windows\System32\igfxpers.exe (Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe (Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe ( ) C:\Windows\System32\lxdicoms.exe (Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe (Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe (Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe () C:\Program Files (x86)\Polar\Daemon\polard.exe (Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe (AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe (Bose Corporation) C:\Program Files (x86)\SoundTouch\SoundTouchMusicServer\SoundTouch Music Server.exe (Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe (Microsoft Corporation) C:\Program Files (x86)\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe (Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE (Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe (Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE (Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe (Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BTStackServer.exe (Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BluetoothHeadsetProxy.exe (Microsoft Corporation) C:\Windows\System32\dllhost.exe (Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe ==================== Registre (Avec liste blanche) ==================== (Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé. Le fichier ne sera pas déplacé.) HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [7982112 2009-08-05] (Realtek Semiconductor) HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [1810728 2009-08-02] (Synaptics Incorporated) HKLM\...\Run: [QuickSet] => C:\Program Files\Dell\QuickSet\QuickSet.exe [3180624 2009-07-02] (Dell Inc.) HKLM\...\Run: [Broadcom Wireless Manager UI] => C:\Program Files\Dell\Dell Wireless WLAN Card\WLTRAY.exe [4968960 2009-07-16] (Dell Inc.) HKLM-x32\...\Run: [Dell Webcam Central] => C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe [409744 2009-06-24] (Creative Technology Ltd) HKLM-x32\...\Run: [Microsoft Default Manager] => C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Default Manager\DefMgr.exe [439568 2010-05-10] (Microsoft Corporation) HKLM-x32\...\Run: [BCSSync] => C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [89184 2012-11-05] (Microsoft Corporation) HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [587288 2016-09-22] (Oracle Corporation) HKLM-x32\...\Run: [SDTray] => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe [4101576 2014-06-24] (Safer-Networking Ltd.) HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [9080768 2016-12-06] (AVAST Software) HKLM-x32\...\Run: [SoundTouch Music Server] => C:\Program Files (x86)\SoundTouch\SoundTouchMusicServer\SoundTouch Music Server.lnk [2120 2016-12-08] () Winlogon\Notify\GoToAssist: C:\Program Files (x86)\Citrix\GoToAssist\514\G2AWinLogon_x64.dll [X] Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation) Winlogon\Notify\SDWinLogon-x32: SDWinLogon.dll [X] HKU\S-1-5-21-3176133209-3948113283-1044735500-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [9105112 2016-11-15] (Piriform Ltd) HKU\S-1-5-21-3176133209-3948113283-1044735500-1001\...\Run: [GarminExpressTrayApp] => C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe [1407912 2016-11-29] (Garmin Ltd. or its subsidiaries) HKU\S-1-5-21-3176133209-3948113283-1044735500-1001\...\MountPoints2: {0a87c9ff-6512-11e5-a0d6-0026b9aeaf50} - G:\SETUP.EXE HKU\S-1-5-21-3176133209-3948113283-1044735500-1001\...\MountPoints2: {9679fcbc-d6d2-11e0-ba50-0026b9aeaf50} - F:\Startme.exe HKU\S-1-5-18\...\Run: [GarminExpressTrayApp] => C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe [1407912 2016-11-29] (Garmin Ltd. or its subsidiaries) HKU\S-1-5-18\...\Run: [SpybotPostWindows10UpgradeReInstall] => C:\Program Files\Common Files\AV\Spybot - Search and Destroy\Test.exe [1011200 2015-07-28] (Safer-Networking Ltd.) ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2016-12-06] (AVAST Software) Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Bluetooth.lnk [2010-01-30] ShortcutTarget: Bluetooth.lnk -> C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe (Broadcom Corporation.) Startup: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dell Dock First Run.lnk [2009-12-25] ShortcutTarget: Dell Dock First Run.lnk -> C:\Program Files\Dell\DellDock\DellDock.exe (Stardock Corporation) Startup: C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dell Dock First Run.lnk [2009-12-25] ShortcutTarget: Dell Dock First Run.lnk -> C:\Program Files\Dell\DellDock\DellDock.exe (Stardock Corporation) BootExecute: autocheck autochk * sdnclean64.exe ==================== Internet (Avec liste blanche) ==================== (Si un élément est inclus dans le fichier fixlist.txt, s'il s'agit d'un élément du Registre, il sera supprimé ou restauré à la valeur par défaut.) Hosts: Il y a plus d'un élément dans hosts. Voir la section Hosts de Addition.txt Tcpip\Parameters: [DhcpNameServer] 89.2.0.1 89.2.0.2 Tcpip\..\Interfaces\{10AE897A-7CEE-4FA3-BB6C-24B96E976E6C}: [DhcpNameServer] 10.28.224.1 Tcpip\..\Interfaces\{11156335-2E9A-48FF-8E03-876FD21D5745}: [DhcpNameServer] 192.168.42.129 Tcpip\..\Interfaces\{30DA0839-366F-4BF3-8F14-10532C41DE3E}: [DhcpNameServer] 89.2.0.1 89.2.0.2 Tcpip\..\Interfaces\{8BDA4CAD-F152-48C5-96E7-36AC30898E4F}: [DhcpNameServer] 192.168.42.129 Tcpip\..\Interfaces\{DE599CF6-E5B9-4DA4-A9DD-D3BBB2929BFC}: [DhcpNameServer] 192.168.42.129 Internet Explorer: ================== HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Local Page = HKU\S-1-5-21-3176133209-3948113283-1044735500-1001\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://home.microsoft.com/access/allinone.asp HKU\S-1-5-21-3176133209-3948113283-1044735500-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://g.uk.msn.com/USCON/7 URLSearchHook: [S-1-5-21-3176133209-3948113283-1044735500-1001] ATTENTION => URLSearchHook par défaut est absent SearchScopes: HKLM -> {F03C69CC-8CC1-4D52-9CCA-544AFB3917E1} URL = hxxp://www.bing.com/search?q={searchTerms}&form=DLCDF8&pc=MDDC&src=IE-SearchBox SearchScopes: HKLM-x32 -> {A8141060-95C4-403F-B68E-0C8EA987A7B4} URL = hxxp://www.bing.com/search?q={searchTerms}&form=DLCDF8&pc=MDDC&src=IE-SearchBox SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\S-1-5-21-3176133209-3948113283-1044735500-1001 -> {B03A034F-8902-4D04-A02C-985116AA23E4} URL = hxxp://www.google.com/search?hl=en&q={searchTerms} BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2016-12-06] (AVAST Software) BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28] (Microsoft Corp.) BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation) BHO: Pas de nom -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> Pas de fichier BHO-x32: Search Helper -> {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} -> C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll [2009-05-19] (Microsoft Corporation) BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-18] (Microsoft Corporation) BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_111\bin\ssv.dll [2016-10-27] (Oracle Corporation) BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2016-12-06] (AVAST Software) BHO-x32: Programme d'aide de l'Assistant de connexion Windows Live ID -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28] (Microsoft Corp.) BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation) BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_111\bin\jp2ssv.dll [2016-10-27] (Oracle Corporation) Toolbar: HKLM - avast! Online Security - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - Pas de fichier Toolbar: HKLM - Pas de nom - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - Pas de fichier DPF: HKLM-x32 {2357B3CF-7F8D-4451-8D81-FD6097610AEE} hxxp://activex.camfrogweb.com/advanced/2.0.1.14/cfweb_activex.camfrogweb.com-advanced-2.0.1.14_instmodule.exe DPF: HKLM-x32 {E2883E8F-472F-4FB0-9522-AC9BF37916A7} hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll [2016-09-23] (Skype Technologies) Filter: deflate - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\system32\urlmon.dll [2011-11-05] (Microsoft Corporation) Filter-x32: deflate - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\SysWOW64\urlmon.dll [2011-11-05] (Microsoft Corporation) Filter: gzip - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\system32\urlmon.dll [2011-11-05] (Microsoft Corporation) Filter-x32: gzip - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\SysWOW64\urlmon.dll [2011-11-05] (Microsoft Corporation) FireFox: ======== FF ProfilePath: C:\Users\Seb\AppData\Roaming\Mozilla\Firefox\Profiles\y71rxpih.default [2016-12-09] FF Homepage: Mozilla\Firefox\Profiles\y71rxpih.default -> hxxps://www.google.fr FF Extension: (Adblock Plus) - C:\Users\Seb\AppData\Roaming\Mozilla\Firefox\Profiles\y71rxpih.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2016-11-23] FF Extension: (Java Console) - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA} [2016-11-18] [non signé] FF Extension: (Java Console) - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA} [2016-11-18] [non signé] FF Extension: (Java Console) - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0037-ABCDEFFEDCBA} [2016-11-18] [non signé] FF HKLM\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF FF Extension: (Avast Online Security) - C:\Program Files\AVAST Software\Avast\WebRep\FF [2016-12-06] FF HKLM-x32\...\Firefox\Extensions: [{3252b9ae-c69a-4eaf-9502-dc9c1f6c009e}] - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Default Manager\DMExtension FF Extension: (Default Manager) - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Default Manager\DMExtension [2010-07-11] [non signé] FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_23_0_0_207.dll [2016-11-08] () FF Plugin: @microsoft.com/GENUINE -> disabled [Pas de fichier] FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.41212.0\npctrl.dll [2015-12-11] ( Microsoft Corporation) FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation) FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_23_0_0_207.dll [2016-11-08] () FF Plugin-x32: @java.com/DTPlugin,version=11.111.2 -> C:\Program Files (x86)\Java\jre1.8.0_111\bin\dtplugin\npDeployJava1.dll [2016-10-27] (Oracle Corporation) FF Plugin-x32: @java.com/JavaPlugin,version=11.111.2 -> C:\Program Files (x86)\Java\jre1.8.0_111\bin\plugin2\npjp2.dll [2016-10-27] (Oracle Corporation) FF Plugin-x32: @microsoft.com/GENUINE -> disabled [Pas de fichier] FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.41212.0\npctrl.dll [2015-12-11] ( Microsoft Corporation) FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MIF5BA~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation) FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MIF5BA~1\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation) FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-03-08] (Microsoft Corporation) FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-03-08] (Microsoft Corporation) FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3538.0513 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-03-08] (Microsoft Corporation) FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3555.0308 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-03-08] (Microsoft Corporation) FF Plugin-x32: @videolan.org/vlc,version=2.0.7 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN) FF Plugin-x32: @videolan.org/vlc,version=2.1.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN) FF Plugin-x32: @videolan.org/vlc,version=2.1.2 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN) FF Plugin-x32: @videolan.org/vlc,version=2.1.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN) FF Plugin-x32: @videolan.org/vlc,version=2.1.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN) FF Plugin-x32: @videolan.org/vlc,version=2.2.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN) FF Plugin-x32: @videolan.org/vlc,version=2.2.4 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN) FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2016-10-01] (Adobe Systems Inc.) FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\np-mswmp.dll [2007-04-10] (Microsoft Corporation) FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll [2016-10-01] (Adobe Systems Inc.) FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin.dll [2014-11-06] (Apple Inc.) FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin2.dll [2014-11-06] (Apple Inc.) FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin3.dll [2014-11-06] (Apple Inc.) FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin4.dll [2014-11-06] (Apple Inc.) FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin5.dll [2014-11-06] (Apple Inc.) Chrome: ======= CHR Profile: C:\Users\Seb\AppData\Local\Google\Chrome\User Data\Default [2016-12-03] CHR Extension: (Google Drive) - C:\Users\Seb\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-12-03] CHR Extension: (YouTube) - C:\Users\Seb\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-12-03] CHR Extension: (Google Sheets) - C:\Users\Seb\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2016-12-03] CHR Extension: (Paiements via le Chrome Web Store) - C:\Users\Seb\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-12-03] CHR Extension: (Gmail) - C:\Users\Seb\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-12-03] ==================== Services (Avec liste blanche) ==================== (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.) S2 AcfXAudioService; C:\Windows\SysWOW64\ACFXAU64.dll [436736 2009-04-28] (Conexant Systems, Inc.) R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [197128 2016-12-06] (AVAST Software) S3 Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusService.exe [1268568 2015-06-18] (Disc Soft Ltd) R2 DockLoginService; C:\Program Files\Dell\DellDock\DockLogin.exe [155648 2009-06-09] (Stardock Corporation) [Fichier non signé] S3 FLEXnet Licensing Service; C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [651720 2011-02-21] (Macrovision Europe Ltd.) [Fichier non signé] S2 Garmin Device Interaction Service; C:\Program Files (x86)\Garmin\Device Interaction Service\GarminService.exe [1029648 2016-11-29] (Garmin Ltd. or its subsidiaries) R2 lxdi_device; C:\Windows\system32\lxdicoms.exe [876976 2007-06-11] ( ) R2 Polar Daemon; C:\Program Files (x86)\Polar\Daemon\polard.exe [419536 2012-12-12] () R2 SDScannerService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [1738168 2014-06-24] (Safer-Networking Ltd.) R2 SDUpdateService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [4088608 2016-09-21] (Safer-Networking Ltd.) R2 SDWSCService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [235984 2016-11-24] (Safer-Networking Ltd.) S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2016-03-25] (Microsoft Corporation) S4 wltrysvc; C:\Program Files\Dell\Dell Wireless WLAN Card\bcmwltry.exe [3417088 2009-07-16] (Dell Inc.) [Fichier non signé] ===================== Pilotes (Avec liste blanche) ====================== (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.) S3 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [37656 2016-12-06] (AVAST Software) R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [108816 2016-12-06] (AVAST Software) R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [103064 2016-12-06] (AVAST Software) R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [74544 2016-12-06] (AVAST Software) R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [969184 2016-12-06] (AVAST Software) R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [513632 2016-12-06] (AVAST Software) R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [163416 2016-12-06] (AVAST Software) R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [293352 2016-12-06] (AVAST Software) R3 dtlitescsibus; C:\Windows\System32\DRIVERS\dtlitescsibus.sys [30264 2015-09-27] (Disc Soft Ltd) R2 mdmxsdk; C:\Windows\System32\DRIVERS\ACFSDK64.sys [17024 2007-03-15] (Conexant) S3 USBAAPL64; C:\Windows\System32\Drivers\usbaapl64.sys [53760 2012-09-28] (Apple, Inc.) [Fichier non signé] R2 XAudio; C:\Windows\System32\DRIVERS\ACFXAU64.sys [10240 2009-04-28] (Conexant Systems, Inc.) S3 hmxproj64; system32\drivers\hmxusb64.sys [X] S3 HMXProjExt64; system32\DRIVERS\HMXExGrp64.sys [X] S3 HMXProjMir64; system32\DRIVERS\HMXMrGrp64.sys [X] S3 PCAMp50a64; System32\Drivers\PCAMp50a64.sys [X] S3 PCASp50a64; System32\Drivers\PCASp50a64.sys [X] S3 RtsUIR; system32\DRIVERS\Rts516xIR.sys [X] S3 USBCCID; system32\DRIVERS\RtsUCcid.sys [X] ==================== NetSvcs (Avec liste blanche) =================== (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.) ==================== Un mois - Créés - fichiers et dossiers ======== (Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.) 2016-12-09 20:40 - 2016-12-09 20:42 - 00022738 _____ C:\Users\Seb\Desktop\FRST.txt 2016-12-09 20:39 - 2016-12-09 20:40 - 00000000 ____D C:\FRST 2016-12-09 20:38 - 2016-12-09 20:38 - 02420224 _____ (Farbar) C:\Users\Seb\Desktop\FRST64.exe 2016-12-08 17:30 - 2016-12-08 17:30 - 00000000 ____D C:\Users\Seb\SoundTouchCrashDump 2016-12-08 17:30 - 2016-12-08 17:30 - 00000000 ____D C:\Users\Seb\AppData\Roaming\SoundTouch 2016-12-08 17:29 - 2016-12-08 17:30 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SoundTouch 2016-12-08 17:29 - 2016-12-08 17:30 - 00000000 ____D C:\Program Files (x86)\SoundTouch 2016-12-08 12:54 - 2016-12-08 12:54 - 00003152 _____ C:\Windows\System32\Tasks\{3B40EA23-B78A-4D9C-8AC9-554AA60EC076} 2016-12-08 12:47 - 2016-12-08 12:52 - 00000000 ____D C:\Program Files (x86)\ZHPFix 2016-12-08 12:47 - 2016-12-08 12:48 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ZHP 2016-12-06 21:00 - 2016-12-08 12:59 - 00000826 _____ C:\Users\Seb\Desktop\ZHPDiag.lnk 2016-12-06 20:59 - 2016-12-06 20:59 - 02503680 _____ C:\Users\Seb\Desktop\zhpdiag_2016.11.28.232.exe 2016-12-06 20:24 - 2016-12-06 20:24 - 00000000 ____D C:\Users\Seb\AppData\Roaming\AVAST Software 2016-12-06 20:24 - 2016-12-06 20:24 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVAST Software 2016-12-06 20:23 - 2016-12-08 22:53 - 00004180 _____ C:\Windows\System32\Tasks\avast! Emergency Update 2016-12-06 20:22 - 2016-12-06 20:23 - 00969184 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsnx.sys 2016-12-06 20:22 - 2016-12-06 20:23 - 00513632 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsp.sys 2016-12-06 20:22 - 2016-12-06 20:23 - 00293352 _____ (AVAST Software) C:\Windows\system32\Drivers\aswvmm.sys 2016-12-06 20:22 - 2016-12-06 20:21 - 00391496 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe 2016-12-06 20:22 - 2016-12-06 20:21 - 00163416 _____ (AVAST Software) C:\Windows\system32\Drivers\aswStm.sys 2016-12-06 20:22 - 2016-12-06 20:21 - 00108816 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys 2016-12-06 20:22 - 2016-12-06 20:21 - 00103064 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys 2016-12-06 20:22 - 2016-12-06 20:21 - 00074544 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRvrt.sys 2016-12-06 20:22 - 2016-12-06 20:21 - 00037656 _____ (AVAST Software) C:\Windows\system32\Drivers\aswHwid.sys 2016-12-06 20:21 - 2016-12-06 20:21 - 00053208 _____ (AVAST Software) C:\Windows\avastSS.scr 2016-12-06 20:17 - 2016-12-06 20:17 - 00000000 ____D C:\Program Files\AVAST Software 2016-12-06 20:16 - 2016-12-06 20:16 - 00000000 ____D C:\ProgramData\AVAST Software 2016-12-06 11:09 - 2016-12-08 13:00 - 00000000 ____D C:\Users\Seb\AppData\Roaming\ZHP 2016-12-04 21:15 - 2016-12-04 21:15 - 00000000 ____D C:\Windows\System32\Tasks\Safer-Networking 2016-12-04 21:13 - 2016-12-05 20:30 - 00000000 ____D C:\Program Files (x86)\Spybot - Search & Destroy 2 2016-12-04 21:13 - 2016-12-04 21:13 - 00001397 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot-S&D Start Center.lnk 2016-12-04 21:13 - 2016-12-04 21:13 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot - Search & Destroy 2 2016-12-04 21:13 - 2013-09-20 10:49 - 00021040 _____ (Safer Networking Limited) C:\Windows\system32\sdnclean64.exe 2016-12-04 20:54 - 2016-12-04 20:58 - 00000000 ____D C:\Users\Seb\AppData\Roaming\QuickScan 2016-12-04 18:27 - 2016-12-08 20:28 - 00000000 ____D C:\Users\Seb\AppData\Roaming\Skype 2016-12-04 18:27 - 2016-12-04 18:27 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype 2016-12-04 18:26 - 2016-12-04 18:27 - 00000000 ___RD C:\Program Files (x86)\Skype 2016-12-04 18:26 - 2016-12-04 18:27 - 00000000 ____D C:\ProgramData\Skype 2016-12-04 18:25 - 2016-12-04 18:25 - 00003078 _____ C:\Windows\System32\Tasks\{02115A30-5FA6-47D6-B482-9EF593DEB59C} 2016-12-04 17:11 - 2016-12-04 18:01 - 00000000 ____D C:\Users\Seb\AppData\Roaming\Iobit 2016-12-03 21:55 - 2016-12-04 17:50 - 00000000 ____D C:\Windows\System32\Tasks\AVAST Software 2016-12-03 18:54 - 2016-12-03 19:03 - 00000000 ____D C:\Users\TEMP.IIS APPPOOL 2016-12-03 18:54 - 2016-12-03 18:54 - 00000000 _SHDL C:\Users\TEMP.IIS APPPOOL\Voisinage réseau 2016-12-03 18:54 - 2016-12-03 18:54 - 00000000 _SHDL C:\Users\TEMP.IIS APPPOOL\Voisinage d'impression 2016-12-03 18:54 - 2016-12-03 18:54 - 00000000 _SHDL C:\Users\TEMP.IIS APPPOOL\Modèles 2016-12-03 18:54 - 2016-12-03 18:54 - 00000000 _SHDL C:\Users\TEMP.IIS APPPOOL\Mes documents 2016-12-03 18:54 - 2016-12-03 18:54 - 00000000 _SHDL C:\Users\TEMP.IIS APPPOOL\Menu Démarrer 2016-12-03 18:54 - 2016-12-03 18:54 - 00000000 _SHDL C:\Users\TEMP.IIS APPPOOL\Documents\Mes vidéos 2016-12-03 18:54 - 2016-12-03 18:54 - 00000000 _SHDL C:\Users\TEMP.IIS APPPOOL\Documents\Mes images 2016-12-03 18:54 - 2016-12-03 18:54 - 00000000 _SHDL C:\Users\TEMP.IIS APPPOOL\Documents\Ma musique 2016-12-03 18:54 - 2016-12-03 18:54 - 00000000 _SHDL C:\Users\TEMP.IIS APPPOOL\AppData\Roaming\Microsoft\Windows\Start Menu\Programmes 2016-12-03 18:54 - 2016-12-03 18:54 - 00000000 _SHDL C:\Users\TEMP.IIS APPPOOL\AppData\Local\Historique 2016-12-03 18:54 - 2010-02-06 12:15 - 00000000 ____D C:\Users\TEMP.IIS APPPOOL\AppData\Local\Microsoft Help 2016-12-03 18:54 - 2009-07-14 08:44 - 00000000 ____D C:\Users\TEMP.IIS APPPOOL\AppData\Roaming\Media Center Programs 2016-12-03 18:47 - 2016-12-03 18:47 - 00000000 ____D C:\Users\Seb\AppData\Local\Google 2016-12-03 18:45 - 2016-12-03 18:46 - 00000000 ____D C:\Program Files (x86)\Google 2016-12-03 18:42 - 2016-12-05 20:30 - 00000000 ____D C:\Program Files\Common Files\AV 2016-12-03 17:18 - 2016-12-03 17:18 - 00000000 ____D C:\Users\Seb\AppData\Local\SoundTouch 2016-12-03 17:18 - 2016-12-03 17:18 - 00000000 ____D C:\Users\Seb\.SoundTouch 2016-12-03 17:18 - 2016-12-03 17:18 - 00000000 ____D C:\Users\Seb\.QtWebEngineProcess 2016-12-02 19:18 - 2016-12-03 19:04 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Garmin 2016-11-19 13:49 - 2016-12-09 20:28 - 00000000 ____D C:\Users\Seb\AppData\LocalLow\Mozilla 2016-11-18 20:54 - 2016-12-03 19:25 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox ==================== Un mois - Modifiés - fichiers et dossiers ======== (Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.) 2016-12-09 20:36 - 2012-04-17 20:56 - 00001002 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job 2016-12-09 20:08 - 2009-07-14 05:45 - 00022464 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 2016-12-09 20:08 - 2009-07-14 05:45 - 00022464 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 2016-12-09 19:13 - 2009-07-14 06:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT 2016-12-08 22:56 - 2010-02-05 20:44 - 00000000 ____D C:\Users\Seb\AppData\Roaming\vlc 2016-12-08 17:30 - 2010-02-05 17:24 - 00000000 ____D C:\Users\Seb 2016-12-07 21:10 - 2015-07-02 16:31 - 00000000 ____D C:\AdwCleaner 2016-12-06 20:27 - 2015-07-02 16:22 - 00001912 _____ C:\Windows\epplauncher.mif 2016-12-06 12:41 - 2009-07-14 08:45 - 00000000 ____D C:\Windows\ShellNew 2016-12-06 11:07 - 2015-07-02 16:48 - 00192216 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys 2016-12-06 07:27 - 2011-02-18 18:04 - 00000000 ____D C:\ProgramData\Spybot - Search & Destroy 2016-12-05 22:54 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\rescache 2016-12-05 22:53 - 2010-02-13 21:26 - 00000000 ____D C:\Users\Seb\AppData\Local\ElevatedDiagnostics 2016-12-04 17:50 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\registration 2016-12-04 17:50 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\inf 2016-12-04 15:28 - 2009-12-24 03:08 - 00815406 _____ C:\Windows\system32\perfh00C.dat 2016-12-04 15:28 - 2009-12-24 03:08 - 00175290 _____ C:\Windows\system32\perfc00C.dat 2016-12-04 15:28 - 2009-07-14 06:13 - 01842314 _____ C:\Windows\system32\PerfStringBackup.INI 2016-12-03 22:08 - 2010-10-10 21:03 - 00000000 ____D C:\ProgramData\Apple Computer 2016-12-03 22:00 - 2014-02-27 08:30 - 00000000 ____D C:\Users\Seb\AppData\Local\Skype 2016-12-03 21:51 - 2012-04-27 18:20 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service 2016-12-03 19:04 - 2016-10-28 14:54 - 00000000 ____D C:\ProgramData\Package Cache 2016-12-03 19:04 - 2016-09-17 18:13 - 00000000 ____D C:\Users\Seb\AppData\Roaming\SoundTouchPersist 2016-12-03 19:03 - 2016-10-28 14:54 - 00000000 ____D C:\Program Files (x86)\Garmin 2016-12-03 19:02 - 2010-02-05 18:24 - 00000000 ____D C:\Users\Seb\AppData\Local\Mozilla 2016-12-02 19:17 - 2016-10-28 14:54 - 00003556 _____ C:\Windows\System32\Tasks\GarminUpdaterTask ==================== Fichiers à la racine de certains dossiers ======= 2011-04-09 08:28 - 2015-09-09 11:57 - 0013312 _____ () C:\Users\Seb\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini 2015-01-23 11:27 - 2016-10-01 09:18 - 0007605 _____ () C:\Users\Seb\AppData\Local\resmon.resmoncfg ==================== Bamital & volsnap ====================== (Il n'y a pas de correction automatique pour les fichiers qui ne satisfont pas à la vérification.) C:\Windows\system32\winlogon.exe => Le fichier est signé numériquement C:\Windows\system32\wininit.exe => Le fichier est signé numériquement C:\Windows\SysWOW64\wininit.exe => Le fichier est signé numériquement C:\Windows\explorer.exe => Le fichier est signé numériquement C:\Windows\SysWOW64\explorer.exe => Le fichier est signé numériquement C:\Windows\system32\svchost.exe => Le fichier est signé numériquement C:\Windows\SysWOW64\svchost.exe => Le fichier est signé numériquement C:\Windows\system32\services.exe => Le fichier est signé numériquement C:\Windows\system32\User32.dll => Le fichier est signé numériquement C:\Windows\SysWOW64\User32.dll => Le fichier est signé numériquement C:\Windows\system32\userinit.exe => Le fichier est signé numériquement C:\Windows\SysWOW64\userinit.exe => Le fichier est signé numériquement C:\Windows\system32\rpcss.dll => Le fichier est signé numériquement C:\Windows\system32\dnsapi.dll => Le fichier est signé numériquement C:\Windows\SysWOW64\dnsapi.dll => Le fichier est signé numériquement C:\Windows\system32\Drivers\volsnap.sys => Le fichier est signé numériquement LastRegBack: 2016-12-05 22:45 ==================== Fin de FRST.txt ============================