Publicité
Publicité
Format du document : text/plain
Prévisualisation
Résultats d'analyse de Farbar Recovery Scan Tool (FRST) (x64) Version: 11-09-2017
Exécuté par euzen140097 (administrateur) sur ESC-131597 (11-09-2017 18:07:35)
Exécuté depuis C:\Users\euzen140097\Desktop
Profils chargés: euzen140097 (Profils disponibles: euzen140097 & Support)
Platform: Windows 8.1 Pro (Update) (X64) Langue: Français (France)
Internet Explorer Version 11 (Navigateur par défaut: FF)
Mode d'amorçage: Normal
Tutoriel pour Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processus (Avec liste blanche) =================
(Si un élément est inclus dans le fichier fixlist.txt, le processus sera arrêté. Le fichier ne sera pas déplacé.)
(Lenovo.) C:\Windows\System32\ibmpmsvc.exe
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe
(Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Mediatek Inc.) C:\Program Files (x86)\MediatekWiFi\Common\RaRegistry.exe
(Mediatek Inc.) C:\Program Files (x86)\MediatekWiFi\Common\RaRegistry64.exe
(Nalpeiron Ltd.) C:\Windows\SysWOW64\NLSSRV32.EXE
(pdfforge GmbH) C:\Program Files\PDF Architect 4\creator-ws.exe
(© pdfforge GmbH.) C:\ProgramData\pdfforge\PDF Architect 4 Manager\PDF Architect 4\Architect Manager.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(A.N.D. Technologies, Inc.) C:\Windows\System32\spool\drivers\x64\3\PcounterProClient.exe
(AVAST Software s.r.o.) C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe
(Mediatek Inc.) C:\Program Files (x86)\MediatekWiFi\Common\RaUI.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
(Intel Corporation) C:\Windows\System32\igfxTray.exe
(Realsil Microelectronics Inc.) C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe
(Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroRd32.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroRd32.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe
==================== Registre (Avec liste blanche) ====================
(Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé. Le fichier ne sera pas déplacé.)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13192848 2012-08-20] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_Dolby] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1215632 2012-08-16] (Realtek Semiconductor)
HKLM\...\Run: [PCounterProClient] => C:\Windows\system32\Spool\Drivers\x64\3\PcounterProClient.exe [404480 2009-12-15] (A.N.D. Technologies, Inc.)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [508128 2016-07-01] (Adobe Systems Incorporated)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [239856 2017-09-09] (AVAST Software)
HKLM-x32\...\Run: [PCounterProClient] => C:\Windows\System32\Spool\Drivers\x64\3\PcounterProClient.exe [404480 2009-12-15] (A.N.D. Technologies, Inc.)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-09-13] (Apple Inc.)
HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2013-11-02] (Apple Inc.)
HKLM-x32\...\Run: [Aimersoft Helper Compact.exe] => C:\Program Files (x86)\Common Files\Aimersoft\Aimersoft Helper Compact\ASHelper.exe
HKLM-x32\...\Run: [AdobeCEPServiceManager] => C:\Program Files (x86)\Common Files\Adobe\CEPServiceManager4\CEPServiceManager.exe [1039248 2013-03-13] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Adobe Creative Cloud] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [2383040 2016-10-25] (Adobe Systems Incorporated)
HKU\S-1-5-21-1834913581-721874356-3486338912-27692\...\Run: [Lync] => C:\Program Files\Microsoft Office\Office15\lync.exe [21431912 2012-10-01] (Microsoft Corporation)
HKU\S-1-5-21-1834913581-721874356-3486338912-27692\...\Run: [Facebook Update] => C:\Users\euzen140097\AppData\Local\Facebook\Update\FacebookUpdate.exe [138096 2013-12-15] (Facebook Inc.)
HKU\S-1-5-21-1834913581-721874356-3486338912-27692\...\Run: [RESTART_STICKY_NOTES] => C:\Windows\System32\StikyNot.exe [479744 2014-10-29] (Microsoft Corporation)
HKU\S-1-5-21-1834913581-721874356-3486338912-27692\...\Run: [Dropbox Update] => C:\Users\euzen140097\AppData\Local\Dropbox\Update\DropboxUpdate.exe [143144 2016-11-05] (Dropbox, Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Mediatek Wireless Utility.lnk [2017-09-09]
ShortcutTarget: Mediatek Wireless Utility.lnk -> C:\Program Files (x86)\MediatekWiFi\Common\RaUI.exe (Mediatek Inc.)
Startup: C:\Users\euzen140097\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk [2017-09-09]
ShortcutTarget: Dropbox.lnk -> C:\Users\euzen140097\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
GroupPolicy: Restriction <==== ATTENTION
==================== Internet (Avec liste blanche) ====================
(Si un élément est inclus dans le fichier fixlist.txt, s'il s'agit d'un élément du Registre, il sera supprimé ou restauré à la valeur par défaut.)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{37C83CE2-9C3B-48B8-BEC5-683EB1C3575B}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{3D02025D-3DA9-40EC-8FC5-9DA055209A6B}: [DhcpNameServer] 192.168.0.254
Tcpip\..\Interfaces\{EC1C0BE7-E7DB-4597-A953-B42B10640574}: [DhcpNameServer] 80.10.46.232
Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/?LinkID=617912&ResetID=131191836764677469&GUID=0C172390-324C-455E-9820-5D86E3A6C34F
HKU\S-1-5-21-1834913581-721874356-3486338912-27692\Software\Microsoft\Internet Explorer\Main,Search Page = hxxps://fr.search.yahoo.com/yhs/search?type=avastbcl&hspart=avast&hsimp=yhs-001&p={searchTerms}
HKU\S-1-5-21-1834913581-721874356-3486338912-27692\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/?LinkID=617912&ResetID=131191836764691382&GUID=0C172390-324C-455E-9820-5D86E3A6C34F
HKU\S-1-5-21-1834913581-721874356-3486338912-27692\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://t.fr.msn.com/
SearchScopes: HKLM -> DefaultScope {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSERBM&pc=MSERT1
SearchScopes: HKLM -> {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSERBM&pc=MSERT1
SearchScopes: HKLM-x32 -> DefaultScope {9CB96984-43C3-4D44-90EF-01466EFCF7BB} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSERBM&pc=MSERT1
SearchScopes: HKLM-x32 -> {9CB96984-43C3-4D44-90EF-01466EFCF7BB} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSERBM&pc=MSERT1
SearchScopes: HKU\S-1-5-21-1834913581-721874356-3486338912-27692 -> DefaultScope {77AA745B-F4F8-45DA-9B14-61D2D95054C8} URL =
SearchScopes: HKU\S-1-5-21-1834913581-721874356-3486338912-27692 -> {9CB96984-43C3-4D44-90EF-01466EFCF7BB} URL = hxxps://fr.search.yahoo.com/yhs/search?type=avastbcl&hspart=avast&hsimp=yhs-001&p={searchTerms}
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\Office15\OCHelper.dll [2012-10-01] (Microsoft Corporation)
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2017-09-09] (AVAST Software)
BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2016-05-06] (Google Inc.)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office15\URLREDIR.DLL [2012-10-01] (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL [2012-10-01] (Microsoft Corporation)
BHO-x32: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll [2012-10-01] (Microsoft Corporation)
BHO-x32: PDF Architect 4 Helper -> {38279E1A-7019-40C1-B579-E99DFB3312E8} -> C:\Program Files (x86)\PDF Architect 4\creator-ie-helper.dll [2016-01-15] (pdfforge GmbH)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2017-09-09] (AVAST Software)
BHO-x32: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2016-05-06] (Google Inc.)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office15\URLREDIR.DLL [2012-10-01] (Microsoft Corporation)
BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL [2012-10-01] (Microsoft Corporation)
Toolbar: HKLM - Pas de nom - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - Pas de fichier
Toolbar: HKLM - Pas de nom - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - Pas de fichier
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2016-05-06] (Google Inc.)
Toolbar: HKLM-x32 - PDF Architect 4 Toolbar - {23FD9C33-A9E1-48A1-8404-E5925CF1C8E1} - C:\Program Files (x86)\PDF Architect 4\creator-ie-plugin.dll [2016-01-15] (pdfforge GmbH)
Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2016-05-06] (Google Inc.)
Toolbar: HKU\S-1-5-21-1834913581-721874356-3486338912-27692 -> Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2016-05-06] (Google Inc.)
DPF: HKLM-x32 {A4639D2F-774E-11D3-A490-00C04F6843FB} hxxp://download.microsoft.com/download/vizact2000/Install/10/WIN98Me/EN-US/msorun.cab
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL [2012-10-01] (Microsoft Corporation)
FireFox:
========
FF ProfilePath: C:\Users\euzen140097\AppData\Roaming\Zotero\Zotero\Profiles\7cz6bqwi.default [2014-04-21]
FF Extension: (Zotero LibreOffice Integration) - C:\Program Files (x86)\Zotero Standalone\extensions\zoteroOpenOfficeIntegration@zotero.org [2014-02-21] [non signé]
FF Extension: (Zotero Word for Windows Integration) - C:\Program Files (x86)\Zotero Standalone\extensions\zoteroWinWordIntegration@zotero.org [2014-02-21] [non signé]
FF ProfilePath: C:\Users\euzen140097\AppData\Roaming\Mozilla\Firefox\Profiles\6cntmuai.default [2017-09-11]
FF user.js: detected! => C:\Users\euzen140097\AppData\Roaming\Mozilla\Firefox\Profiles\6cntmuai.default\user.js [2017-09-08]
FF Homepage: Mozilla\Firefox\Profiles\6cntmuai.default -> hxxps://www.google.fr/
FF Extension: (Avast SafePrice) - C:\Users\euzen140097\AppData\Roaming\Mozilla\Firefox\Profiles\6cntmuai.default\Extensions\sp@avast.com.xpi [2017-09-02]
FF Extension: (Avast Online Security) - C:\Users\euzen140097\AppData\Roaming\Mozilla\Firefox\Profiles\6cntmuai.default\Extensions\wrc@avast.com.xpi [2017-08-19]
FF Extension: (Zotero) - C:\Users\euzen140097\AppData\Roaming\Mozilla\Firefox\Profiles\6cntmuai.default\Extensions\zotero@chnm.gmu.edu.xpi [2017-08-09]
FF Extension: (Adblock Plus) - C:\Users\euzen140097\AppData\Roaming\Mozilla\Firefox\Profiles\6cntmuai.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2017-06-10]
FF HKLM\...\Firefox\Extensions: [pdf_architect_4_conv@pdfarchitect.org] - C:\Program Files\PDF Architect 4\resources\pdfarchitect4firefoxextension
FF Extension: (PDF Architect 4 Creator) - C:\Program Files\PDF Architect 4\resources\pdfarchitect4firefoxextension [2016-01-29] [non signé]
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_26_0_0_151.dll [2017-08-08] ()
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~1\Office15\NPSPWRAP.DLL [2012-10-01] (Microsoft Corporation)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll [2016-10-25] (Adobe Systems)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_26_0_0_151.dll [2017-08-08] ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2013-10-01] ()
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2012-10-01] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office15\NPSPWRAP.DLL [2012-10-01] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-05-09] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-05-09] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.1.0 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2017-08-01] (Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll [2016-10-25] (Adobe Systems)
FF Plugin-x32: PDF Architect 4 -> C:\Program Files (x86)\PDF Architect 4\np-previewer.dll [2016-01-15] (pdfforge GmbH)
FF Plugin HKU\S-1-5-21-1834913581-721874356-3486338912-27692: @Skype Limited.com/Facebook Video Calling Plugin -> C:\Users\euzen140097\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll [2014-07-24] (Skype Limited)
FF Plugin HKU\S-1-5-21-1834913581-721874356-3486338912-27692: editions-eni.fr/EniEditionsMediaplusClientPluginProxy -> C:\Users\euzen140097\AppData\Roaming\Editions ENI\MEDIAplus Client\npEniEditionsMediaplusClientPluginProxy.dll [2013-02-19] (Editions ENI)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npMeetingJoinPluginOC.dll [2012-10-01] (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll [2017-08-01] (Adobe Systems Inc.)
Chrome:
=======
CHR DefaultProfile: Default
CHR Profile: C:\Users\euzen140097\AppData\Local\Google\Chrome\User Data\Default [2017-09-09]
CHR Extension: (Pas de nom) - C:\Users\euzen140097\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-04-30]
CHR Extension: (Pas de nom) - C:\Users\euzen140097\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-01-18]
CHR Extension: (Pas de nom) - C:\Users\euzen140097\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-10-15]
CHR Extension: (Adblock Plus) - C:\Users\euzen140097\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2017-08-01]
CHR Extension: (Pas de nom) - C:\Users\euzen140097\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2016-01-18]
CHR Extension: (Pas de nom) - C:\Users\euzen140097\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-04-01]
CHR Extension: (Unlimited Free VPN - Hola) - C:\Users\euzen140097\AppData\Local\Google\Chrome\User Data\Default\Extensions\gkojfkhlekighikafcpjkiklfbnlmeio [2017-03-08]
CHR Extension: (Avast Online Security) - C:\Users\euzen140097\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2017-08-01]
CHR Extension: (Chrome Web Store Payments) - C:\Users\euzen140097\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-08-01]
CHR Extension: (Pas de nom) - C:\Users\euzen140097\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-06-15]
CHR Extension: (Chrome Media Router) - C:\Users\euzen140097\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-08-01]
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx
==================== Services (Avec liste blanche) ====================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
R2 AdobeUpdateService; C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe [744640 2016-10-25] (Adobe Systems Incorporated)
R2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [2246256 2017-05-18] (Adobe Systems, Incorporated)
S3 ALG; C:\WINDOWS\System32\alg.exe [96768 2014-10-29] (Microsoft Corporation)
R3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe [7452288 2017-09-09] (AVAST Software s.r.o.)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [275208 2017-09-09] (AVAST Software)
S2 BcmBtRSupport; C:\WINDOWS\system32\BtwRSupportService.exe [2252504 2013-09-04] (Broadcom Corporation.)
S3 Fax; C:\WINDOWS\system32\fxssvc.exe [658944 2014-10-29] (Microsoft Corporation)
R2 IconMan_R; C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe [2451456 2012-07-13] (Realsil Microelectronics Inc.) [Fichier non signé]
S3 IEEtwCollectorService; C:\WINDOWS\system32\IEEtwCollector.exe [116224 2017-04-16] (Microsoft Corporation)
R2 igfxCUIService1.0.0.0; C:\WINDOWS\system32\igfxCUIService.exe [319376 2014-10-01] (Intel Corporation)
S2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [6058960 2017-08-21] (Malwarebytes)
R2 MediatekRegistryWriter; C:\Program Files (x86)\MediatekWiFi\Common\RaRegistry.exe [405136 2014-12-04] (Mediatek Inc.)
R2 MediatekRegistryWriter64; C:\Program Files (x86)\MediatekWiFi\Common\RaRegistry64.exe [454288 2014-12-04] (Mediatek Inc.)
S3 MSDTC; C:\WINDOWS\System32\msdtc.exe [144384 2014-10-29] (Microsoft Corporation)
S3 msiserver; C:\WINDOWS\System32\msiexec.exe [65024 2016-05-05] (Microsoft Corporation)
S3 msiserver; C:\WINDOWS\SysWOW64\msiexec.exe [59904 2016-05-05] (Microsoft Corporation)
S3 PDF Architect 4; C:\Program Files\PDF Architect 4\ws.exe [2417376 2016-01-15] (pdfforge GmbH)
S3 PDF Architect 4 CrashHandler; C:\Program Files\PDF Architect 4\crash-handler-ws.exe [1038048 2016-01-15] (pdfforge GmbH)
R2 PDF Architect 4 Creator; C:\Program Files\PDF Architect 4\creator-ws.exe [851168 2016-01-15] (pdfforge GmbH)
R2 PDF Architect 4 Manager; C:\ProgramData\pdfforge\PDF Architect 4 Manager\PDF Architect 4\Architect Manager.exe [959248 2015-10-05] (© pdfforge GmbH.)
S3 RpcLocator; C:\WINDOWS\system32\locator.exe [10240 2014-10-29] (Microsoft Corporation)
R2 SamSs; C:\WINDOWS\system32\lsass.exe [47024 2014-10-29] (Microsoft Corporation)
S3 SNMPTRAP; C:\WINDOWS\System32\snmptrap.exe [14848 2017-05-09] (Microsoft Corporation)
R2 Spooler; C:\WINDOWS\System32\spoolsv.exe [827392 2014-10-29] (Microsoft Corporation)
S2 sppsvc; C:\WINDOWS\system32\sppsvc.exe [6521800 2016-06-10] (Microsoft Corporation)
S3 UI0Detect; C:\WINDOWS\system32\UI0Detect.exe [41984 2014-10-29] (Microsoft Corporation)
S3 vds; C:\WINDOWS\System32\vds.exe [1313792 2014-10-29] (Microsoft Corporation)
S3 VSS; C:\WINDOWS\system32\vssvc.exe [1455104 2016-02-05] (Microsoft Corporation)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [361824 2017-01-12] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [119872 2017-01-12] (Microsoft Corporation)
R2 WSearch; C:\WINDOWS\system32\SearchIndexer.exe [903168 2017-06-02] (Microsoft Corporation)
R2 WSearch; C:\WINDOWS\SysWOW64\SearchIndexer.exe [710144 2017-06-02] (Microsoft Corporation)
S3 AvastVBoxSvc; C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe [X]
===================== Pilotes (Avec liste blanche) ======================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
R1 aswbidsdriver; C:\WINDOWS\system32\drivers\aswbidsdrivera.sys [320528 2017-09-09] (AVAST Software s.r.o.)
R0 aswbidsh; C:\WINDOWS\system32\drivers\aswbidsha.sys [198976 2017-09-09] (AVAST Software s.r.o.)
R0 aswblog; C:\WINDOWS\system32\drivers\aswbloga.sys [343296 2017-09-09] (AVAST Software s.r.o.)
R0 aswbuniv; C:\WINDOWS\system32\drivers\aswbuniva.sys [57736 2017-09-09] (AVAST Software s.r.o.)
S3 aswHwid; C:\WINDOWS\system32\drivers\aswHwid.sys [47016 2017-09-09] (AVAST Software)
R1 aswKbd; C:\WINDOWS\system32\drivers\aswKbd.sys [41832 2017-09-09] (AVAST Software)
R2 aswMonFlt; C:\WINDOWS\system32\drivers\aswMonFlt.sys [147784 2017-09-09] (AVAST Software)
R1 aswRdr; C:\WINDOWS\system32\drivers\aswRdr2.sys [110376 2017-09-09] (AVAST Software)
R0 aswRvrt; C:\WINDOWS\system32\drivers\aswRvrt.sys [84416 2017-09-09] (AVAST Software)
R1 aswSnx; C:\WINDOWS\system32\drivers\aswSnx.sys [1016384 2017-09-09] (AVAST Software)
R1 aswSP; C:\WINDOWS\system32\drivers\aswSP.sys [590880 2017-09-09] (AVAST Software)
R2 aswStm; C:\WINDOWS\system32\drivers\aswStm.sys [199312 2017-09-09] (AVAST Software)
R0 aswVmm; C:\WINDOWS\system32\drivers\aswVmm.sys [361336 2017-09-09] (AVAST Software)
R3 bcbtums; C:\WINDOWS\system32\drivers\bcbtums.sys [170712 2013-09-04] (Broadcom Corporation.)
R3 BCM43XX; C:\WINDOWS\system32\DRIVERS\bcmwl63a.sys [8536752 2013-07-01] (Broadcom Corporation)
S3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus.sys [131984 2017-05-18] (Samsung Electronics Co., Ltd.)
R3 netr28ux; C:\WINDOWS\system32\DRIVERS\netr28ux.sys [2231440 2015-04-30] (MediaTek Inc.)
S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [166288 2017-05-18] (Samsung Electronics Co., Ltd.)
S3 TTDrv; C:\KOPLAYER\vbox\TTDrv.sys [261104 2015-12-22] (Oracle Corporation)
S3 usbrndis6; C:\WINDOWS\system32\DRIVERS\usb80236.sys [20992 2015-04-25] (Microsoft Corporation)
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [46600 2017-02-10] (Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [274776 2017-01-12] (Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [117592 2017-01-12] (Microsoft Corporation)
U4 VBoxAswDrv; \??\C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxAswDrv.sys [X]
==================== NetSvcs (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
==================== Un mois - Créés - fichiers et dossiers ========
(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)
2017-09-11 18:07 - 2017-09-11 18:08 - 000024840 _____ C:\Users\euzen140097\Desktop\FRST.txt
2017-09-11 18:07 - 2017-09-11 18:07 - 000000000 ____D C:\FRST
2017-09-11 18:06 - 2017-09-11 18:06 - 002396672 _____ (Farbar) C:\Users\euzen140097\Desktop\FRST64.exe
2017-09-09 16:53 - 2017-09-09 16:53 - 000000000 ____D C:\ProgramData\SWCUTemp
2017-09-09 15:35 - 2017-09-09 15:44 - 000000000 ____D C:\Users\euzen140097\.TianTianVM
2017-09-09 15:35 - 2017-09-09 15:35 - 000000000 ____D C:\Users\Public\Thunder Network
2017-09-09 15:35 - 2017-09-09 15:35 - 000000000 ____D C:\ProgramData\Thunder Network
2017-09-09 15:28 - 2017-09-09 15:28 - 000001471 _____ C:\Users\euzen140097\Desktop\KOPLAYER Multi Manager.lnk
2017-09-09 15:28 - 2017-09-09 15:28 - 000000607 _____ C:\Users\euzen140097\Desktop\KOPLAYER.lnk
2017-09-09 15:28 - 2017-09-09 15:28 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\KOPLAYER
2017-09-09 15:26 - 2017-09-09 15:44 - 000000000 ____D C:\KOPLAYER
2017-09-09 15:26 - 2017-09-09 15:38 - 000000000 ____D C:\Users\euzen140097\AppData\Local\KOPLAYERData
2017-09-09 15:22 - 2017-09-09 15:22 - 325047840 _____ ( ) C:\Users\euzen140097\Downloads\koplayer-1.4.1055.exe
2017-09-09 15:17 - 2017-09-09 15:17 - 000000000 ____D C:\Program Files (x86)\VMware
2017-09-09 15:12 - 2017-09-09 15:12 - 000000000 ____D C:\Users\euzen140097\Andy
2017-09-09 15:11 - 2017-09-09 15:17 - 000000000 ____D C:\Users\euzen140097\AppData\Roaming\Andy
2017-09-09 15:11 - 2017-09-09 15:11 - 000000000 ____D C:\Users\euzen14009\Andy
2017-09-09 15:11 - 2017-09-09 15:11 - 000000000 ____D C:\Users\euzen14009
2017-09-09 15:08 - 2017-09-09 15:08 - 001575520 _____ (Kelihod ) C:\Users\euzen140097\Downloads\Andy_46.16_66.exe
2017-09-09 15:01 - 2017-09-09 15:01 - 000004208 _____ C:\Users\euzen140097\Desktop\startup ccleaner.txt
2017-09-09 14:50 - 2017-09-09 14:50 - 000002800 _____ C:\WINDOWS\System32\Tasks\CCleanerSkipUAC
2017-09-09 14:50 - 2017-09-09 14:50 - 000000834 _____ C:\Users\Public\Desktop\CCleaner.lnk
2017-09-09 14:50 - 2017-09-09 14:50 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2017-09-09 14:50 - 2017-09-09 14:50 - 000000000 ____D C:\Program Files\CCleaner
2017-09-09 14:49 - 2017-09-09 14:49 - 009791816 _____ (Piriform Ltd) C:\Users\euzen140097\Downloads\ccsetup533.exe
2017-09-09 13:18 - 2017-09-09 16:52 - 000000000 ____D C:\Program Files (x86)\BlueStacks
2017-09-09 13:17 - 2017-09-09 15:23 - 000000000 ____D C:\Users\euzen140097\AppData\Local\Bluestacks
2017-09-09 13:15 - 2017-09-09 13:16 - 256571616 _____ (BlueStack Systems Inc.) C:\Users\euzen140097\Downloads\BlueStacks-Installer_BS3_native_836a8a041717238c30741aa4e48dbbe5.exe
2017-09-09 12:04 - 2017-09-09 12:04 - 000131100 _____ C:\Users\euzen140097\Desktop\ZHPDiag.txt
2017-09-09 11:48 - 2017-09-09 11:48 - 000001571 _____ C:\Users\euzen140097\Desktop\ZHPFixReport.txt
2017-09-09 11:47 - 2017-09-09 11:47 - 000000000 ____D C:\Users\euzen140097\Downloads\Quarantine
2017-09-09 11:42 - 2017-09-09 11:42 - 003067264 _____ (Nicolas Coolman) C:\Users\euzen140097\Downloads\zhpfix_2017-6-13-1.exe
2017-09-09 11:41 - 2017-09-09 11:41 - 000000000 ____D C:\Users\euzen140097\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2017-09-09 11:41 - 2017-09-09 11:40 - 000401488 _____ (AVAST Software) C:\WINDOWS\system32\aswBoot.exe
2017-09-08 12:07 - 2017-09-08 12:07 - 000000000 ____D C:\Program Files\DIFX
2017-09-08 12:07 - 2017-09-07 15:59 - 000270608 _____ (BigNox Corporation) C:\WINDOWS\system32\Drivers\YSDrv.sys
2017-09-08 11:36 - 2017-09-08 11:36 - 002834304 _____ C:\Users\euzen140097\ZHPDiag3.exe
2017-09-08 11:04 - 2017-09-08 11:04 - 000192960 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMChameleon.sys
2017-09-08 11:04 - 2017-09-08 11:04 - 000094144 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mwac.sys
2017-09-08 11:03 - 2017-09-09 16:53 - 000253888 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2017-09-08 11:03 - 2017-09-08 11:42 - 000077440 _____ C:\WINDOWS\system32\Drivers\mbae64.sys
2017-09-08 11:03 - 2017-09-08 11:03 - 000045472 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbam.sys
2017-09-08 11:03 - 2017-09-08 11:03 - 000001883 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2017-09-08 11:03 - 2017-09-08 11:03 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes
2017-09-08 11:03 - 2017-09-08 11:03 - 000000000 ____D C:\ProgramData\Malwarebytes
2017-09-08 11:03 - 2017-09-08 11:03 - 000000000 ____D C:\Program Files\Malwarebytes
2017-09-08 11:02 - 2017-09-08 11:02 - 065942208 _____ (Malwarebytes ) C:\Users\euzen140097\Downloads\mb3-setup-35891.35891-3.2.2.2018.exe
2017-09-08 10:48 - 2017-09-08 10:51 - 000000000 ____D C:\AdwCleaner
2017-09-08 10:47 - 2017-09-08 10:47 - 008182736 _____ (Malwarebytes) C:\Users\euzen140097\Downloads\adwcleaner_7.0.2.1.exe
2017-09-07 19:11 - 2017-09-07 19:11 - 002869632 _____ C:\Users\euzen140097\Downloads\zhpcleaner_2017.8.31.148.exe
2017-09-07 19:11 - 2017-09-07 19:11 - 000000934 _____ C:\Users\euzen140097\Desktop\ZHPCleaner.lnk
2017-09-07 17:09 - 2017-09-09 11:59 - 000000000 ____D C:\Users\euzen140097\AppData\Roaming\ZHP
2017-09-07 17:09 - 2017-09-08 11:36 - 000000669 _____ C:\Users\euzen140097\Desktop\ZHPDiag.lnk
2017-09-07 17:09 - 2017-09-07 19:11 - 000000000 ____D C:\Users\euzen140097\AppData\Local\ZHP
2017-09-07 17:08 - 2017-09-07 17:08 - 002833280 _____ C:\Users\euzen140097\Downloads\ZHPDiag3.exe
2017-09-07 16:11 - 2017-09-09 12:12 - 000000000 ____D C:\Users\euzen140097\Desktop\App
2017-09-07 16:05 - 2017-09-07 16:05 - 000000066 _____ C:\Users\euzen140097\inittk.ini
2017-09-07 16:03 - 2017-09-07 16:03 - 000000000 ____D C:\Users\euzen140097\Nox_share
2017-09-07 15:59 - 2017-09-07 15:59 - 000000045 _____ C:\Users\euzen140097\nuuid.ini
2017-09-07 15:59 - 2017-09-07 15:59 - 000000041 _____ C:\Users\euzen140097\inst.ini
2017-09-07 15:58 - 2017-09-09 13:01 - 000000000 ____D C:\Users\euzen140097\vmlogs
2017-09-07 15:55 - 2017-09-09 13:12 - 000000000 ____D C:\Program Files (x86)\Nox
2017-09-07 15:54 - 2017-09-09 13:12 - 000000000 ____D C:\Users\euzen140097\AppData\Local\Nox
2017-09-07 15:41 - 2017-09-07 15:54 - 288312200 _____ (Duodian Technology Co. Ltd.) C:\Users\euzen140097\Downloads\nox_setup_v5.1.0.0_full_intl.exe
2017-09-06 17:21 - 2017-09-06 17:41 - 1965416561 _____ C:\Users\euzen140097\Downloads\southpaw.2015.multi.truefrench.1080p.bluray.x264-lost.zone-telechargement.ws(1).mkv
2017-09-02 19:56 - 2017-09-02 19:56 - 000000000 ____D C:\Users\euzen140097\AppData\LocalLow\uTorrent
2017-09-02 12:12 - 2017-09-02 12:12 - 003493695 _____ C:\Users\euzen140097\Downloads\path-to-purpose_infographics.pdf
2017-09-01 14:02 - 2017-09-01 14:02 - 000000000 ____D C:\WINDOWS\LastGood.Tmp
2017-08-28 20:35 - 2017-08-28 20:35 - 000072338 _____ C:\Users\euzen140097\Downloads\game-of-thrones-s07e07-final-vostfr-bluray-720p-hdtv.torrent
2017-08-18 19:39 - 2017-08-18 19:39 - 000086570 _____ C:\Users\euzen140097\Downloads\John Wick 2 MULTI BluRay 1080p 2017.torrent
2017-08-17 21:58 - 2017-08-17 22:17 - 1955656787 _____ C:\Users\euzen140097\Downloads\Game.of.Thrones.S07E06.FASTSUB.VOSTFR.1080p.HDTV.LEAKED-ZT..Zone-Telechargement.Ws.mkv
==================== Un mois - Modifiés - fichiers et dossiers ========
(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)
2017-09-11 17:59 - 2013-12-15 21:54 - 000000968 _____ C:\WINDOWS\Tasks\FacebookUpdateTaskUserS-1-5-21-1834913581-721874356-3486338912-27692UA.job
2017-09-11 17:51 - 2015-08-02 22:23 - 000001236 _____ C:\WINDOWS\Tasks\DropboxUpdateTaskUserS-1-5-21-1834913581-721874356-3486338912-27692UA.job
2017-09-11 17:23 - 2013-08-22 15:36 - 000000000 ____D C:\WINDOWS\Inf
2017-09-11 17:13 - 2013-09-28 17:15 - 000000000 ____D C:\Users\euzen140097\AppData\Local\Adobe
2017-09-11 17:07 - 2013-10-02 16:12 - 000003600 _____ C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-1834913581-721874356-3486338912-27692
2017-09-11 16:58 - 2013-08-22 17:36 - 000000000 ____D C:\WINDOWS\system32\NDF
2017-09-11 16:44 - 2014-12-07 16:52 - 000003956 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{ABE48BFB-3A5D-42D0-AA32-318F6E5AF7C6}
2017-09-11 16:43 - 2016-11-18 09:07 - 000000000 ____D C:\Users\euzen140097\AppData\LocalLow\Mozilla
2017-09-09 17:00 - 2013-09-29 15:56 - 000000000 ____D C:\Users\euzen140097\AppData\Roaming\vlc
2017-09-09 16:52 - 2013-08-22 16:45 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2017-09-09 15:35 - 2014-11-06 18:03 - 000000000 ____D C:\Users\euzen140097
2017-09-09 14:59 - 2016-01-29 10:36 - 000000000 ____D C:\Program Files\PDFCreator
2017-09-09 14:59 - 2013-12-20 12:16 - 000000000 ____D C:\ProgramData\Aimersoft Video Converter Ultimate
2017-09-09 14:59 - 2013-10-11 22:28 - 000000000 ____D C:\Users\euzen140097\AppData\Roaming\uTorrent
2017-09-09 14:58 - 2016-06-11 21:32 - 000000000 ____D C:\WINDOWS\Minidump
2017-09-09 14:58 - 2014-11-06 17:53 - 000000000 ___DC C:\WINDOWS\Panther
2017-09-09 13:43 - 2017-02-09 20:05 - 000004172 _____ C:\WINDOWS\System32\Tasks\Avast Emergency Update
2017-09-09 13:02 - 2014-11-08 21:16 - 000000000 ____D C:\Users\euzen140097\.android
2017-09-09 11:51 - 2017-03-08 22:05 - 000003918 _____ C:\WINDOWS\System32\Tasks\SafeZone scheduled Autoupdate 1471140205
2017-09-09 11:51 - 2017-03-08 22:05 - 000001059 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast SafeZone Browser.lnk
2017-09-09 11:49 - 2015-12-15 21:17 - 000000000 ____D C:\Program Files\Common Files\AV
2017-09-09 11:45 - 2013-11-18 22:43 - 000000000 ____D C:\Users\euzen140097\AppData\Roaming\Dropbox
2017-09-09 11:41 - 2014-08-14 22:15 - 000047016 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswHwid.sys
2017-09-09 11:41 - 2014-01-13 22:28 - 000199312 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswStm.sys
2017-09-09 11:41 - 2013-10-07 00:19 - 000590880 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSP.sys
2017-09-09 11:41 - 2013-10-07 00:19 - 000361336 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswVmm.sys
2017-09-09 11:41 - 2013-10-07 00:19 - 000147784 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswMonFlt.sys
2017-09-09 11:41 - 2013-10-07 00:19 - 000084416 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRvrt.sys
2017-09-09 11:40 - 2013-10-07 00:19 - 000110376 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRdr2.sys
2017-09-09 11:39 - 2016-07-22 15:32 - 000041832 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswKbd.sys
2017-09-09 11:39 - 2013-10-07 00:19 - 001016384 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSnx.sys
2017-09-09 11:38 - 2017-02-09 20:05 - 000343296 _____ (AVAST Software s.r.o.) C:\WINDOWS\system32\Drivers\aswbloga.sys
2017-09-09 11:38 - 2017-02-09 20:05 - 000320528 _____ (AVAST Software s.r.o.) C:\WINDOWS\system32\Drivers\aswbidsdrivera.sys
2017-09-09 11:38 - 2017-02-09 20:05 - 000198976 _____ (AVAST Software s.r.o.) C:\WINDOWS\system32\Drivers\aswbidsha.sys
2017-09-09 11:38 - 2017-02-09 20:05 - 000057736 _____ (AVAST Software s.r.o.) C:\WINDOWS\system32\Drivers\aswbuniva.sys
2017-09-08 11:00 - 2014-09-24 17:26 - 001826754 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2017-09-08 11:00 - 2014-09-24 16:41 - 000813248 _____ C:\WINDOWS\system32\perfh00C.dat
2017-09-08 11:00 - 2014-09-24 16:41 - 000159750 _____ C:\WINDOWS\system32\perfc00C.dat
2017-09-08 10:51 - 2013-08-22 17:36 - 000000000 ____D C:\WINDOWS\Registration
2017-09-05 21:51 - 2015-08-02 22:23 - 000001184 _____ C:\WINDOWS\Tasks\DropboxUpdateTaskUserS-1-5-21-1834913581-721874356-3486338912-27692Core.job
2017-09-05 20:59 - 2013-12-15 21:54 - 000000946 _____ C:\WINDOWS\Tasks\FacebookUpdateTaskUserS-1-5-21-1834913581-721874356-3486338912-27692Core.job
2017-09-05 18:02 - 2016-11-14 19:43 - 000000000 _____ C:\WINDOWS\SysWOW64\last.dump
2017-09-05 17:34 - 2017-03-26 21:23 - 000000000 ___RD C:\Program Files (x86)\Skype
2017-09-05 17:34 - 2013-12-13 21:49 - 000000000 ____D C:\ProgramData\Skype
2017-09-05 15:44 - 2013-08-20 11:15 - 000000000 ____D C:\Users\euzen140097\AppData\Local\Packages
2017-09-04 13:15 - 2016-11-18 00:07 - 000000000 ____D C:\Program Files (x86)\Mozilla Firefox
2017-09-04 13:15 - 2013-09-28 15:11 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2017-09-04 13:14 - 2013-08-22 15:25 - 000524288 ___SH C:\WINDOWS\system32\config\BBI
2017-09-01 17:16 - 2013-08-22 17:36 - 000000000 ____D C:\WINDOWS\rescache
2017-09-01 14:17 - 2016-05-20 03:01 - 000000000 ____D C:\Users\euzen140097\Documents\GEM 4A
2017-09-01 14:01 - 2017-06-16 14:52 - 000002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2017-08-28 20:23 - 2013-10-07 00:21 - 000002213 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2017-08-28 20:23 - 2013-10-07 00:21 - 000002201 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2017-08-18 22:02 - 2013-08-22 16:44 - 005307648 _____ C:\WINDOWS\system32\FNTCACHE.DAT
==================== Fichiers à la racine de certains dossiers =======
2014-11-09 19:19 - 2017-03-15 19:48 - 000000034 _____ () C:\Users\euzen140097\AppData\Roaming\AdobeWLCMCache.dat
2013-11-20 15:00 - 2013-12-23 12:19 - 000000132 _____ () C:\Users\euzen140097\AppData\Roaming\Préfs Format PNG Adobe CS6
2014-03-15 23:00 - 2017-03-15 10:21 - 000000132 _____ () C:\Users\euzen140097\AppData\Roaming\Préférences Adobe PNG Format CC
2014-05-06 14:08 - 2016-09-18 17:08 - 000000379 _____ () C:\Users\euzen140097\AppData\Roaming\WB.CFG
2014-01-31 09:37 - 2015-09-09 14:58 - 000001456 _____ () C:\Users\euzen140097\AppData\Local\Adobe Enregistrer pour le Web 13.0 Prefs
2013-08-05 13:57 - 2013-08-05 13:57 - 000000000 ____H () C:\ProgramData\DP45977C.lfl
Fichiers à déplacer ou supprimer:
====================
C:\Users\euzen140097\ZHPDiag3.exe
Certains fichiers dans TEMP:
====================
2017-09-09 15:23 - 2017-09-05 10:57 - 000961592 _____ (BlueStack Systems, Inc.) C:\Users\euzen140097\AppData\Local\Temp\BlueStacksClientUninstaller.exe
2017-09-09 15:23 - 2017-09-05 10:56 - 000421400 _____ (CodeTitans) C:\Users\euzen140097\AppData\Local\Temp\JSON.dll
2017-09-09 15:17 - 2017-02-03 15:20 - 001342792 _____ (Andy OS, inc.) C:\Users\euzen140097\AppData\Local\Temp\RemoveTemp.exe
2017-09-09 16:57 - 2017-09-09 16:57 - 011891712 _____ () C:\Users\euzen140097\AppData\Local\Temp\vlc-2.2.6-win32.exe
==================== Bamital & volsnap ======================
(Il n'y a pas de correction automatique pour les fichiers qui ne satisfont pas à la vérification.)
C:\WINDOWS\system32\winlogon.exe => Le fichier est signé numériquement
C:\WINDOWS\system32\wininit.exe => Le fichier est signé numériquement
C:\WINDOWS\explorer.exe => Le fichier est signé numériquement
C:\WINDOWS\SysWOW64\explorer.exe => Le fichier est signé numériquement
C:\WINDOWS\system32\svchost.exe => Le fichier est signé numériquement
C:\WINDOWS\SysWOW64\svchost.exe => Le fichier est signé numériquement
C:\WINDOWS\system32\services.exe => Le fichier est signé numériquement
C:\WINDOWS\system32\User32.dll => Le fichier est signé numériquement
C:\WINDOWS\SysWOW64\User32.dll => Le fichier est signé numériquement
C:\WINDOWS\system32\userinit.exe => Le fichier est signé numériquement
C:\WINDOWS\SysWOW64\userinit.exe => Le fichier est signé numériquement
C:\WINDOWS\system32\rpcss.dll => Le fichier est signé numériquement
C:\WINDOWS\system32\dnsapi.dll => Le fichier est signé numériquement
C:\WINDOWS\SysWOW64\dnsapi.dll => Le fichier est signé numériquement
C:\WINDOWS\system32\Drivers\volsnap.sys => Le fichier est signé numériquement
LastRegBack: 2017-09-11 17:24
==================== Fin de FRST.txt ============================
Exécuté par euzen140097 (administrateur) sur ESC-131597 (11-09-2017 18:07:35)
Exécuté depuis C:\Users\euzen140097\Desktop
Profils chargés: euzen140097 (Profils disponibles: euzen140097 & Support)
Platform: Windows 8.1 Pro (Update) (X64) Langue: Français (France)
Internet Explorer Version 11 (Navigateur par défaut: FF)
Mode d'amorçage: Normal
Tutoriel pour Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processus (Avec liste blanche) =================
(Si un élément est inclus dans le fichier fixlist.txt, le processus sera arrêté. Le fichier ne sera pas déplacé.)
(Lenovo.) C:\Windows\System32\ibmpmsvc.exe
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe
(Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Mediatek Inc.) C:\Program Files (x86)\MediatekWiFi\Common\RaRegistry.exe
(Mediatek Inc.) C:\Program Files (x86)\MediatekWiFi\Common\RaRegistry64.exe
(Nalpeiron Ltd.) C:\Windows\SysWOW64\NLSSRV32.EXE
(pdfforge GmbH) C:\Program Files\PDF Architect 4\creator-ws.exe
(© pdfforge GmbH.) C:\ProgramData\pdfforge\PDF Architect 4 Manager\PDF Architect 4\Architect Manager.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(A.N.D. Technologies, Inc.) C:\Windows\System32\spool\drivers\x64\3\PcounterProClient.exe
(AVAST Software s.r.o.) C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe
(Mediatek Inc.) C:\Program Files (x86)\MediatekWiFi\Common\RaUI.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
(Intel Corporation) C:\Windows\System32\igfxTray.exe
(Realsil Microelectronics Inc.) C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe
(Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroRd32.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroRd32.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe
==================== Registre (Avec liste blanche) ====================
(Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé. Le fichier ne sera pas déplacé.)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13192848 2012-08-20] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_Dolby] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1215632 2012-08-16] (Realtek Semiconductor)
HKLM\...\Run: [PCounterProClient] => C:\Windows\system32\Spool\Drivers\x64\3\PcounterProClient.exe [404480 2009-12-15] (A.N.D. Technologies, Inc.)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [508128 2016-07-01] (Adobe Systems Incorporated)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [239856 2017-09-09] (AVAST Software)
HKLM-x32\...\Run: [PCounterProClient] => C:\Windows\System32\Spool\Drivers\x64\3\PcounterProClient.exe [404480 2009-12-15] (A.N.D. Technologies, Inc.)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-09-13] (Apple Inc.)
HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2013-11-02] (Apple Inc.)
HKLM-x32\...\Run: [Aimersoft Helper Compact.exe] => C:\Program Files (x86)\Common Files\Aimersoft\Aimersoft Helper Compact\ASHelper.exe
HKLM-x32\...\Run: [AdobeCEPServiceManager] => C:\Program Files (x86)\Common Files\Adobe\CEPServiceManager4\CEPServiceManager.exe [1039248 2013-03-13] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Adobe Creative Cloud] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [2383040 2016-10-25] (Adobe Systems Incorporated)
HKU\S-1-5-21-1834913581-721874356-3486338912-27692\...\Run: [Lync] => C:\Program Files\Microsoft Office\Office15\lync.exe [21431912 2012-10-01] (Microsoft Corporation)
HKU\S-1-5-21-1834913581-721874356-3486338912-27692\...\Run: [Facebook Update] => C:\Users\euzen140097\AppData\Local\Facebook\Update\FacebookUpdate.exe [138096 2013-12-15] (Facebook Inc.)
HKU\S-1-5-21-1834913581-721874356-3486338912-27692\...\Run: [RESTART_STICKY_NOTES] => C:\Windows\System32\StikyNot.exe [479744 2014-10-29] (Microsoft Corporation)
HKU\S-1-5-21-1834913581-721874356-3486338912-27692\...\Run: [Dropbox Update] => C:\Users\euzen140097\AppData\Local\Dropbox\Update\DropboxUpdate.exe [143144 2016-11-05] (Dropbox, Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Mediatek Wireless Utility.lnk [2017-09-09]
ShortcutTarget: Mediatek Wireless Utility.lnk -> C:\Program Files (x86)\MediatekWiFi\Common\RaUI.exe (Mediatek Inc.)
Startup: C:\Users\euzen140097\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk [2017-09-09]
ShortcutTarget: Dropbox.lnk -> C:\Users\euzen140097\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
GroupPolicy: Restriction <==== ATTENTION
==================== Internet (Avec liste blanche) ====================
(Si un élément est inclus dans le fichier fixlist.txt, s'il s'agit d'un élément du Registre, il sera supprimé ou restauré à la valeur par défaut.)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{37C83CE2-9C3B-48B8-BEC5-683EB1C3575B}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{3D02025D-3DA9-40EC-8FC5-9DA055209A6B}: [DhcpNameServer] 192.168.0.254
Tcpip\..\Interfaces\{EC1C0BE7-E7DB-4597-A953-B42B10640574}: [DhcpNameServer] 80.10.46.232
Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/?LinkID=617912&ResetID=131191836764677469&GUID=0C172390-324C-455E-9820-5D86E3A6C34F
HKU\S-1-5-21-1834913581-721874356-3486338912-27692\Software\Microsoft\Internet Explorer\Main,Search Page = hxxps://fr.search.yahoo.com/yhs/search?type=avastbcl&hspart=avast&hsimp=yhs-001&p={searchTerms}
HKU\S-1-5-21-1834913581-721874356-3486338912-27692\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/?LinkID=617912&ResetID=131191836764691382&GUID=0C172390-324C-455E-9820-5D86E3A6C34F
HKU\S-1-5-21-1834913581-721874356-3486338912-27692\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://t.fr.msn.com/
SearchScopes: HKLM -> DefaultScope {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSERBM&pc=MSERT1
SearchScopes: HKLM -> {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSERBM&pc=MSERT1
SearchScopes: HKLM-x32 -> DefaultScope {9CB96984-43C3-4D44-90EF-01466EFCF7BB} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSERBM&pc=MSERT1
SearchScopes: HKLM-x32 -> {9CB96984-43C3-4D44-90EF-01466EFCF7BB} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSERBM&pc=MSERT1
SearchScopes: HKU\S-1-5-21-1834913581-721874356-3486338912-27692 -> DefaultScope {77AA745B-F4F8-45DA-9B14-61D2D95054C8} URL =
SearchScopes: HKU\S-1-5-21-1834913581-721874356-3486338912-27692 -> {9CB96984-43C3-4D44-90EF-01466EFCF7BB} URL = hxxps://fr.search.yahoo.com/yhs/search?type=avastbcl&hspart=avast&hsimp=yhs-001&p={searchTerms}
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\Office15\OCHelper.dll [2012-10-01] (Microsoft Corporation)
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2017-09-09] (AVAST Software)
BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2016-05-06] (Google Inc.)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office15\URLREDIR.DLL [2012-10-01] (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL [2012-10-01] (Microsoft Corporation)
BHO-x32: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll [2012-10-01] (Microsoft Corporation)
BHO-x32: PDF Architect 4 Helper -> {38279E1A-7019-40C1-B579-E99DFB3312E8} -> C:\Program Files (x86)\PDF Architect 4\creator-ie-helper.dll [2016-01-15] (pdfforge GmbH)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2017-09-09] (AVAST Software)
BHO-x32: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2016-05-06] (Google Inc.)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office15\URLREDIR.DLL [2012-10-01] (Microsoft Corporation)
BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL [2012-10-01] (Microsoft Corporation)
Toolbar: HKLM - Pas de nom - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - Pas de fichier
Toolbar: HKLM - Pas de nom - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - Pas de fichier
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2016-05-06] (Google Inc.)
Toolbar: HKLM-x32 - PDF Architect 4 Toolbar - {23FD9C33-A9E1-48A1-8404-E5925CF1C8E1} - C:\Program Files (x86)\PDF Architect 4\creator-ie-plugin.dll [2016-01-15] (pdfforge GmbH)
Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2016-05-06] (Google Inc.)
Toolbar: HKU\S-1-5-21-1834913581-721874356-3486338912-27692 -> Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2016-05-06] (Google Inc.)
DPF: HKLM-x32 {A4639D2F-774E-11D3-A490-00C04F6843FB} hxxp://download.microsoft.com/download/vizact2000/Install/10/WIN98Me/EN-US/msorun.cab
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL [2012-10-01] (Microsoft Corporation)
FireFox:
========
FF ProfilePath: C:\Users\euzen140097\AppData\Roaming\Zotero\Zotero\Profiles\7cz6bqwi.default [2014-04-21]
FF Extension: (Zotero LibreOffice Integration) - C:\Program Files (x86)\Zotero Standalone\extensions\zoteroOpenOfficeIntegration@zotero.org [2014-02-21] [non signé]
FF Extension: (Zotero Word for Windows Integration) - C:\Program Files (x86)\Zotero Standalone\extensions\zoteroWinWordIntegration@zotero.org [2014-02-21] [non signé]
FF ProfilePath: C:\Users\euzen140097\AppData\Roaming\Mozilla\Firefox\Profiles\6cntmuai.default [2017-09-11]
FF user.js: detected! => C:\Users\euzen140097\AppData\Roaming\Mozilla\Firefox\Profiles\6cntmuai.default\user.js [2017-09-08]
FF Homepage: Mozilla\Firefox\Profiles\6cntmuai.default -> hxxps://www.google.fr/
FF Extension: (Avast SafePrice) - C:\Users\euzen140097\AppData\Roaming\Mozilla\Firefox\Profiles\6cntmuai.default\Extensions\sp@avast.com.xpi [2017-09-02]
FF Extension: (Avast Online Security) - C:\Users\euzen140097\AppData\Roaming\Mozilla\Firefox\Profiles\6cntmuai.default\Extensions\wrc@avast.com.xpi [2017-08-19]
FF Extension: (Zotero) - C:\Users\euzen140097\AppData\Roaming\Mozilla\Firefox\Profiles\6cntmuai.default\Extensions\zotero@chnm.gmu.edu.xpi [2017-08-09]
FF Extension: (Adblock Plus) - C:\Users\euzen140097\AppData\Roaming\Mozilla\Firefox\Profiles\6cntmuai.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2017-06-10]
FF HKLM\...\Firefox\Extensions: [pdf_architect_4_conv@pdfarchitect.org] - C:\Program Files\PDF Architect 4\resources\pdfarchitect4firefoxextension
FF Extension: (PDF Architect 4 Creator) - C:\Program Files\PDF Architect 4\resources\pdfarchitect4firefoxextension [2016-01-29] [non signé]
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_26_0_0_151.dll [2017-08-08] ()
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~1\Office15\NPSPWRAP.DLL [2012-10-01] (Microsoft Corporation)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll [2016-10-25] (Adobe Systems)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_26_0_0_151.dll [2017-08-08] ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2013-10-01] ()
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2012-10-01] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office15\NPSPWRAP.DLL [2012-10-01] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-05-09] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-05-09] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.1.0 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2017-08-01] (Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll [2016-10-25] (Adobe Systems)
FF Plugin-x32: PDF Architect 4 -> C:\Program Files (x86)\PDF Architect 4\np-previewer.dll [2016-01-15] (pdfforge GmbH)
FF Plugin HKU\S-1-5-21-1834913581-721874356-3486338912-27692: @Skype Limited.com/Facebook Video Calling Plugin -> C:\Users\euzen140097\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll [2014-07-24] (Skype Limited)
FF Plugin HKU\S-1-5-21-1834913581-721874356-3486338912-27692: editions-eni.fr/EniEditionsMediaplusClientPluginProxy -> C:\Users\euzen140097\AppData\Roaming\Editions ENI\MEDIAplus Client\npEniEditionsMediaplusClientPluginProxy.dll [2013-02-19] (Editions ENI)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npMeetingJoinPluginOC.dll [2012-10-01] (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll [2017-08-01] (Adobe Systems Inc.)
Chrome:
=======
CHR DefaultProfile: Default
CHR Profile: C:\Users\euzen140097\AppData\Local\Google\Chrome\User Data\Default [2017-09-09]
CHR Extension: (Pas de nom) - C:\Users\euzen140097\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-04-30]
CHR Extension: (Pas de nom) - C:\Users\euzen140097\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-01-18]
CHR Extension: (Pas de nom) - C:\Users\euzen140097\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-10-15]
CHR Extension: (Adblock Plus) - C:\Users\euzen140097\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2017-08-01]
CHR Extension: (Pas de nom) - C:\Users\euzen140097\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2016-01-18]
CHR Extension: (Pas de nom) - C:\Users\euzen140097\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-04-01]
CHR Extension: (Unlimited Free VPN - Hola) - C:\Users\euzen140097\AppData\Local\Google\Chrome\User Data\Default\Extensions\gkojfkhlekighikafcpjkiklfbnlmeio [2017-03-08]
CHR Extension: (Avast Online Security) - C:\Users\euzen140097\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2017-08-01]
CHR Extension: (Chrome Web Store Payments) - C:\Users\euzen140097\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-08-01]
CHR Extension: (Pas de nom) - C:\Users\euzen140097\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-06-15]
CHR Extension: (Chrome Media Router) - C:\Users\euzen140097\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-08-01]
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx
==================== Services (Avec liste blanche) ====================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
R2 AdobeUpdateService; C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe [744640 2016-10-25] (Adobe Systems Incorporated)
R2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [2246256 2017-05-18] (Adobe Systems, Incorporated)
S3 ALG; C:\WINDOWS\System32\alg.exe [96768 2014-10-29] (Microsoft Corporation)
R3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe [7452288 2017-09-09] (AVAST Software s.r.o.)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [275208 2017-09-09] (AVAST Software)
S2 BcmBtRSupport; C:\WINDOWS\system32\BtwRSupportService.exe [2252504 2013-09-04] (Broadcom Corporation.)
S3 Fax; C:\WINDOWS\system32\fxssvc.exe [658944 2014-10-29] (Microsoft Corporation)
R2 IconMan_R; C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe [2451456 2012-07-13] (Realsil Microelectronics Inc.) [Fichier non signé]
S3 IEEtwCollectorService; C:\WINDOWS\system32\IEEtwCollector.exe [116224 2017-04-16] (Microsoft Corporation)
R2 igfxCUIService1.0.0.0; C:\WINDOWS\system32\igfxCUIService.exe [319376 2014-10-01] (Intel Corporation)
S2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [6058960 2017-08-21] (Malwarebytes)
R2 MediatekRegistryWriter; C:\Program Files (x86)\MediatekWiFi\Common\RaRegistry.exe [405136 2014-12-04] (Mediatek Inc.)
R2 MediatekRegistryWriter64; C:\Program Files (x86)\MediatekWiFi\Common\RaRegistry64.exe [454288 2014-12-04] (Mediatek Inc.)
S3 MSDTC; C:\WINDOWS\System32\msdtc.exe [144384 2014-10-29] (Microsoft Corporation)
S3 msiserver; C:\WINDOWS\System32\msiexec.exe [65024 2016-05-05] (Microsoft Corporation)
S3 msiserver; C:\WINDOWS\SysWOW64\msiexec.exe [59904 2016-05-05] (Microsoft Corporation)
S3 PDF Architect 4; C:\Program Files\PDF Architect 4\ws.exe [2417376 2016-01-15] (pdfforge GmbH)
S3 PDF Architect 4 CrashHandler; C:\Program Files\PDF Architect 4\crash-handler-ws.exe [1038048 2016-01-15] (pdfforge GmbH)
R2 PDF Architect 4 Creator; C:\Program Files\PDF Architect 4\creator-ws.exe [851168 2016-01-15] (pdfforge GmbH)
R2 PDF Architect 4 Manager; C:\ProgramData\pdfforge\PDF Architect 4 Manager\PDF Architect 4\Architect Manager.exe [959248 2015-10-05] (© pdfforge GmbH.)
S3 RpcLocator; C:\WINDOWS\system32\locator.exe [10240 2014-10-29] (Microsoft Corporation)
R2 SamSs; C:\WINDOWS\system32\lsass.exe [47024 2014-10-29] (Microsoft Corporation)
S3 SNMPTRAP; C:\WINDOWS\System32\snmptrap.exe [14848 2017-05-09] (Microsoft Corporation)
R2 Spooler; C:\WINDOWS\System32\spoolsv.exe [827392 2014-10-29] (Microsoft Corporation)
S2 sppsvc; C:\WINDOWS\system32\sppsvc.exe [6521800 2016-06-10] (Microsoft Corporation)
S3 UI0Detect; C:\WINDOWS\system32\UI0Detect.exe [41984 2014-10-29] (Microsoft Corporation)
S3 vds; C:\WINDOWS\System32\vds.exe [1313792 2014-10-29] (Microsoft Corporation)
S3 VSS; C:\WINDOWS\system32\vssvc.exe [1455104 2016-02-05] (Microsoft Corporation)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [361824 2017-01-12] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [119872 2017-01-12] (Microsoft Corporation)
R2 WSearch; C:\WINDOWS\system32\SearchIndexer.exe [903168 2017-06-02] (Microsoft Corporation)
R2 WSearch; C:\WINDOWS\SysWOW64\SearchIndexer.exe [710144 2017-06-02] (Microsoft Corporation)
S3 AvastVBoxSvc; C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe [X]
===================== Pilotes (Avec liste blanche) ======================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
R1 aswbidsdriver; C:\WINDOWS\system32\drivers\aswbidsdrivera.sys [320528 2017-09-09] (AVAST Software s.r.o.)
R0 aswbidsh; C:\WINDOWS\system32\drivers\aswbidsha.sys [198976 2017-09-09] (AVAST Software s.r.o.)
R0 aswblog; C:\WINDOWS\system32\drivers\aswbloga.sys [343296 2017-09-09] (AVAST Software s.r.o.)
R0 aswbuniv; C:\WINDOWS\system32\drivers\aswbuniva.sys [57736 2017-09-09] (AVAST Software s.r.o.)
S3 aswHwid; C:\WINDOWS\system32\drivers\aswHwid.sys [47016 2017-09-09] (AVAST Software)
R1 aswKbd; C:\WINDOWS\system32\drivers\aswKbd.sys [41832 2017-09-09] (AVAST Software)
R2 aswMonFlt; C:\WINDOWS\system32\drivers\aswMonFlt.sys [147784 2017-09-09] (AVAST Software)
R1 aswRdr; C:\WINDOWS\system32\drivers\aswRdr2.sys [110376 2017-09-09] (AVAST Software)
R0 aswRvrt; C:\WINDOWS\system32\drivers\aswRvrt.sys [84416 2017-09-09] (AVAST Software)
R1 aswSnx; C:\WINDOWS\system32\drivers\aswSnx.sys [1016384 2017-09-09] (AVAST Software)
R1 aswSP; C:\WINDOWS\system32\drivers\aswSP.sys [590880 2017-09-09] (AVAST Software)
R2 aswStm; C:\WINDOWS\system32\drivers\aswStm.sys [199312 2017-09-09] (AVAST Software)
R0 aswVmm; C:\WINDOWS\system32\drivers\aswVmm.sys [361336 2017-09-09] (AVAST Software)
R3 bcbtums; C:\WINDOWS\system32\drivers\bcbtums.sys [170712 2013-09-04] (Broadcom Corporation.)
R3 BCM43XX; C:\WINDOWS\system32\DRIVERS\bcmwl63a.sys [8536752 2013-07-01] (Broadcom Corporation)
S3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus.sys [131984 2017-05-18] (Samsung Electronics Co., Ltd.)
R3 netr28ux; C:\WINDOWS\system32\DRIVERS\netr28ux.sys [2231440 2015-04-30] (MediaTek Inc.)
S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [166288 2017-05-18] (Samsung Electronics Co., Ltd.)
S3 TTDrv; C:\KOPLAYER\vbox\TTDrv.sys [261104 2015-12-22] (Oracle Corporation)
S3 usbrndis6; C:\WINDOWS\system32\DRIVERS\usb80236.sys [20992 2015-04-25] (Microsoft Corporation)
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [46600 2017-02-10] (Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [274776 2017-01-12] (Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [117592 2017-01-12] (Microsoft Corporation)
U4 VBoxAswDrv; \??\C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxAswDrv.sys [X]
==================== NetSvcs (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
==================== Un mois - Créés - fichiers et dossiers ========
(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)
2017-09-11 18:07 - 2017-09-11 18:08 - 000024840 _____ C:\Users\euzen140097\Desktop\FRST.txt
2017-09-11 18:07 - 2017-09-11 18:07 - 000000000 ____D C:\FRST
2017-09-11 18:06 - 2017-09-11 18:06 - 002396672 _____ (Farbar) C:\Users\euzen140097\Desktop\FRST64.exe
2017-09-09 16:53 - 2017-09-09 16:53 - 000000000 ____D C:\ProgramData\SWCUTemp
2017-09-09 15:35 - 2017-09-09 15:44 - 000000000 ____D C:\Users\euzen140097\.TianTianVM
2017-09-09 15:35 - 2017-09-09 15:35 - 000000000 ____D C:\Users\Public\Thunder Network
2017-09-09 15:35 - 2017-09-09 15:35 - 000000000 ____D C:\ProgramData\Thunder Network
2017-09-09 15:28 - 2017-09-09 15:28 - 000001471 _____ C:\Users\euzen140097\Desktop\KOPLAYER Multi Manager.lnk
2017-09-09 15:28 - 2017-09-09 15:28 - 000000607 _____ C:\Users\euzen140097\Desktop\KOPLAYER.lnk
2017-09-09 15:28 - 2017-09-09 15:28 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\KOPLAYER
2017-09-09 15:26 - 2017-09-09 15:44 - 000000000 ____D C:\KOPLAYER
2017-09-09 15:26 - 2017-09-09 15:38 - 000000000 ____D C:\Users\euzen140097\AppData\Local\KOPLAYERData
2017-09-09 15:22 - 2017-09-09 15:22 - 325047840 _____ ( ) C:\Users\euzen140097\Downloads\koplayer-1.4.1055.exe
2017-09-09 15:17 - 2017-09-09 15:17 - 000000000 ____D C:\Program Files (x86)\VMware
2017-09-09 15:12 - 2017-09-09 15:12 - 000000000 ____D C:\Users\euzen140097\Andy
2017-09-09 15:11 - 2017-09-09 15:17 - 000000000 ____D C:\Users\euzen140097\AppData\Roaming\Andy
2017-09-09 15:11 - 2017-09-09 15:11 - 000000000 ____D C:\Users\euzen14009\Andy
2017-09-09 15:11 - 2017-09-09 15:11 - 000000000 ____D C:\Users\euzen14009
2017-09-09 15:08 - 2017-09-09 15:08 - 001575520 _____ (Kelihod ) C:\Users\euzen140097\Downloads\Andy_46.16_66.exe
2017-09-09 15:01 - 2017-09-09 15:01 - 000004208 _____ C:\Users\euzen140097\Desktop\startup ccleaner.txt
2017-09-09 14:50 - 2017-09-09 14:50 - 000002800 _____ C:\WINDOWS\System32\Tasks\CCleanerSkipUAC
2017-09-09 14:50 - 2017-09-09 14:50 - 000000834 _____ C:\Users\Public\Desktop\CCleaner.lnk
2017-09-09 14:50 - 2017-09-09 14:50 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2017-09-09 14:50 - 2017-09-09 14:50 - 000000000 ____D C:\Program Files\CCleaner
2017-09-09 14:49 - 2017-09-09 14:49 - 009791816 _____ (Piriform Ltd) C:\Users\euzen140097\Downloads\ccsetup533.exe
2017-09-09 13:18 - 2017-09-09 16:52 - 000000000 ____D C:\Program Files (x86)\BlueStacks
2017-09-09 13:17 - 2017-09-09 15:23 - 000000000 ____D C:\Users\euzen140097\AppData\Local\Bluestacks
2017-09-09 13:15 - 2017-09-09 13:16 - 256571616 _____ (BlueStack Systems Inc.) C:\Users\euzen140097\Downloads\BlueStacks-Installer_BS3_native_836a8a041717238c30741aa4e48dbbe5.exe
2017-09-09 12:04 - 2017-09-09 12:04 - 000131100 _____ C:\Users\euzen140097\Desktop\ZHPDiag.txt
2017-09-09 11:48 - 2017-09-09 11:48 - 000001571 _____ C:\Users\euzen140097\Desktop\ZHPFixReport.txt
2017-09-09 11:47 - 2017-09-09 11:47 - 000000000 ____D C:\Users\euzen140097\Downloads\Quarantine
2017-09-09 11:42 - 2017-09-09 11:42 - 003067264 _____ (Nicolas Coolman) C:\Users\euzen140097\Downloads\zhpfix_2017-6-13-1.exe
2017-09-09 11:41 - 2017-09-09 11:41 - 000000000 ____D C:\Users\euzen140097\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2017-09-09 11:41 - 2017-09-09 11:40 - 000401488 _____ (AVAST Software) C:\WINDOWS\system32\aswBoot.exe
2017-09-08 12:07 - 2017-09-08 12:07 - 000000000 ____D C:\Program Files\DIFX
2017-09-08 12:07 - 2017-09-07 15:59 - 000270608 _____ (BigNox Corporation) C:\WINDOWS\system32\Drivers\YSDrv.sys
2017-09-08 11:36 - 2017-09-08 11:36 - 002834304 _____ C:\Users\euzen140097\ZHPDiag3.exe
2017-09-08 11:04 - 2017-09-08 11:04 - 000192960 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMChameleon.sys
2017-09-08 11:04 - 2017-09-08 11:04 - 000094144 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mwac.sys
2017-09-08 11:03 - 2017-09-09 16:53 - 000253888 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2017-09-08 11:03 - 2017-09-08 11:42 - 000077440 _____ C:\WINDOWS\system32\Drivers\mbae64.sys
2017-09-08 11:03 - 2017-09-08 11:03 - 000045472 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbam.sys
2017-09-08 11:03 - 2017-09-08 11:03 - 000001883 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2017-09-08 11:03 - 2017-09-08 11:03 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes
2017-09-08 11:03 - 2017-09-08 11:03 - 000000000 ____D C:\ProgramData\Malwarebytes
2017-09-08 11:03 - 2017-09-08 11:03 - 000000000 ____D C:\Program Files\Malwarebytes
2017-09-08 11:02 - 2017-09-08 11:02 - 065942208 _____ (Malwarebytes ) C:\Users\euzen140097\Downloads\mb3-setup-35891.35891-3.2.2.2018.exe
2017-09-08 10:48 - 2017-09-08 10:51 - 000000000 ____D C:\AdwCleaner
2017-09-08 10:47 - 2017-09-08 10:47 - 008182736 _____ (Malwarebytes) C:\Users\euzen140097\Downloads\adwcleaner_7.0.2.1.exe
2017-09-07 19:11 - 2017-09-07 19:11 - 002869632 _____ C:\Users\euzen140097\Downloads\zhpcleaner_2017.8.31.148.exe
2017-09-07 19:11 - 2017-09-07 19:11 - 000000934 _____ C:\Users\euzen140097\Desktop\ZHPCleaner.lnk
2017-09-07 17:09 - 2017-09-09 11:59 - 000000000 ____D C:\Users\euzen140097\AppData\Roaming\ZHP
2017-09-07 17:09 - 2017-09-08 11:36 - 000000669 _____ C:\Users\euzen140097\Desktop\ZHPDiag.lnk
2017-09-07 17:09 - 2017-09-07 19:11 - 000000000 ____D C:\Users\euzen140097\AppData\Local\ZHP
2017-09-07 17:08 - 2017-09-07 17:08 - 002833280 _____ C:\Users\euzen140097\Downloads\ZHPDiag3.exe
2017-09-07 16:11 - 2017-09-09 12:12 - 000000000 ____D C:\Users\euzen140097\Desktop\App
2017-09-07 16:05 - 2017-09-07 16:05 - 000000066 _____ C:\Users\euzen140097\inittk.ini
2017-09-07 16:03 - 2017-09-07 16:03 - 000000000 ____D C:\Users\euzen140097\Nox_share
2017-09-07 15:59 - 2017-09-07 15:59 - 000000045 _____ C:\Users\euzen140097\nuuid.ini
2017-09-07 15:59 - 2017-09-07 15:59 - 000000041 _____ C:\Users\euzen140097\inst.ini
2017-09-07 15:58 - 2017-09-09 13:01 - 000000000 ____D C:\Users\euzen140097\vmlogs
2017-09-07 15:55 - 2017-09-09 13:12 - 000000000 ____D C:\Program Files (x86)\Nox
2017-09-07 15:54 - 2017-09-09 13:12 - 000000000 ____D C:\Users\euzen140097\AppData\Local\Nox
2017-09-07 15:41 - 2017-09-07 15:54 - 288312200 _____ (Duodian Technology Co. Ltd.) C:\Users\euzen140097\Downloads\nox_setup_v5.1.0.0_full_intl.exe
2017-09-06 17:21 - 2017-09-06 17:41 - 1965416561 _____ C:\Users\euzen140097\Downloads\southpaw.2015.multi.truefrench.1080p.bluray.x264-lost.zone-telechargement.ws(1).mkv
2017-09-02 19:56 - 2017-09-02 19:56 - 000000000 ____D C:\Users\euzen140097\AppData\LocalLow\uTorrent
2017-09-02 12:12 - 2017-09-02 12:12 - 003493695 _____ C:\Users\euzen140097\Downloads\path-to-purpose_infographics.pdf
2017-09-01 14:02 - 2017-09-01 14:02 - 000000000 ____D C:\WINDOWS\LastGood.Tmp
2017-08-28 20:35 - 2017-08-28 20:35 - 000072338 _____ C:\Users\euzen140097\Downloads\game-of-thrones-s07e07-final-vostfr-bluray-720p-hdtv.torrent
2017-08-18 19:39 - 2017-08-18 19:39 - 000086570 _____ C:\Users\euzen140097\Downloads\John Wick 2 MULTI BluRay 1080p 2017.torrent
2017-08-17 21:58 - 2017-08-17 22:17 - 1955656787 _____ C:\Users\euzen140097\Downloads\Game.of.Thrones.S07E06.FASTSUB.VOSTFR.1080p.HDTV.LEAKED-ZT..Zone-Telechargement.Ws.mkv
==================== Un mois - Modifiés - fichiers et dossiers ========
(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)
2017-09-11 17:59 - 2013-12-15 21:54 - 000000968 _____ C:\WINDOWS\Tasks\FacebookUpdateTaskUserS-1-5-21-1834913581-721874356-3486338912-27692UA.job
2017-09-11 17:51 - 2015-08-02 22:23 - 000001236 _____ C:\WINDOWS\Tasks\DropboxUpdateTaskUserS-1-5-21-1834913581-721874356-3486338912-27692UA.job
2017-09-11 17:23 - 2013-08-22 15:36 - 000000000 ____D C:\WINDOWS\Inf
2017-09-11 17:13 - 2013-09-28 17:15 - 000000000 ____D C:\Users\euzen140097\AppData\Local\Adobe
2017-09-11 17:07 - 2013-10-02 16:12 - 000003600 _____ C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-1834913581-721874356-3486338912-27692
2017-09-11 16:58 - 2013-08-22 17:36 - 000000000 ____D C:\WINDOWS\system32\NDF
2017-09-11 16:44 - 2014-12-07 16:52 - 000003956 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{ABE48BFB-3A5D-42D0-AA32-318F6E5AF7C6}
2017-09-11 16:43 - 2016-11-18 09:07 - 000000000 ____D C:\Users\euzen140097\AppData\LocalLow\Mozilla
2017-09-09 17:00 - 2013-09-29 15:56 - 000000000 ____D C:\Users\euzen140097\AppData\Roaming\vlc
2017-09-09 16:52 - 2013-08-22 16:45 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2017-09-09 15:35 - 2014-11-06 18:03 - 000000000 ____D C:\Users\euzen140097
2017-09-09 14:59 - 2016-01-29 10:36 - 000000000 ____D C:\Program Files\PDFCreator
2017-09-09 14:59 - 2013-12-20 12:16 - 000000000 ____D C:\ProgramData\Aimersoft Video Converter Ultimate
2017-09-09 14:59 - 2013-10-11 22:28 - 000000000 ____D C:\Users\euzen140097\AppData\Roaming\uTorrent
2017-09-09 14:58 - 2016-06-11 21:32 - 000000000 ____D C:\WINDOWS\Minidump
2017-09-09 14:58 - 2014-11-06 17:53 - 000000000 ___DC C:\WINDOWS\Panther
2017-09-09 13:43 - 2017-02-09 20:05 - 000004172 _____ C:\WINDOWS\System32\Tasks\Avast Emergency Update
2017-09-09 13:02 - 2014-11-08 21:16 - 000000000 ____D C:\Users\euzen140097\.android
2017-09-09 11:51 - 2017-03-08 22:05 - 000003918 _____ C:\WINDOWS\System32\Tasks\SafeZone scheduled Autoupdate 1471140205
2017-09-09 11:51 - 2017-03-08 22:05 - 000001059 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast SafeZone Browser.lnk
2017-09-09 11:49 - 2015-12-15 21:17 - 000000000 ____D C:\Program Files\Common Files\AV
2017-09-09 11:45 - 2013-11-18 22:43 - 000000000 ____D C:\Users\euzen140097\AppData\Roaming\Dropbox
2017-09-09 11:41 - 2014-08-14 22:15 - 000047016 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswHwid.sys
2017-09-09 11:41 - 2014-01-13 22:28 - 000199312 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswStm.sys
2017-09-09 11:41 - 2013-10-07 00:19 - 000590880 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSP.sys
2017-09-09 11:41 - 2013-10-07 00:19 - 000361336 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswVmm.sys
2017-09-09 11:41 - 2013-10-07 00:19 - 000147784 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswMonFlt.sys
2017-09-09 11:41 - 2013-10-07 00:19 - 000084416 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRvrt.sys
2017-09-09 11:40 - 2013-10-07 00:19 - 000110376 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRdr2.sys
2017-09-09 11:39 - 2016-07-22 15:32 - 000041832 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswKbd.sys
2017-09-09 11:39 - 2013-10-07 00:19 - 001016384 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSnx.sys
2017-09-09 11:38 - 2017-02-09 20:05 - 000343296 _____ (AVAST Software s.r.o.) C:\WINDOWS\system32\Drivers\aswbloga.sys
2017-09-09 11:38 - 2017-02-09 20:05 - 000320528 _____ (AVAST Software s.r.o.) C:\WINDOWS\system32\Drivers\aswbidsdrivera.sys
2017-09-09 11:38 - 2017-02-09 20:05 - 000198976 _____ (AVAST Software s.r.o.) C:\WINDOWS\system32\Drivers\aswbidsha.sys
2017-09-09 11:38 - 2017-02-09 20:05 - 000057736 _____ (AVAST Software s.r.o.) C:\WINDOWS\system32\Drivers\aswbuniva.sys
2017-09-08 11:00 - 2014-09-24 17:26 - 001826754 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2017-09-08 11:00 - 2014-09-24 16:41 - 000813248 _____ C:\WINDOWS\system32\perfh00C.dat
2017-09-08 11:00 - 2014-09-24 16:41 - 000159750 _____ C:\WINDOWS\system32\perfc00C.dat
2017-09-08 10:51 - 2013-08-22 17:36 - 000000000 ____D C:\WINDOWS\Registration
2017-09-05 21:51 - 2015-08-02 22:23 - 000001184 _____ C:\WINDOWS\Tasks\DropboxUpdateTaskUserS-1-5-21-1834913581-721874356-3486338912-27692Core.job
2017-09-05 20:59 - 2013-12-15 21:54 - 000000946 _____ C:\WINDOWS\Tasks\FacebookUpdateTaskUserS-1-5-21-1834913581-721874356-3486338912-27692Core.job
2017-09-05 18:02 - 2016-11-14 19:43 - 000000000 _____ C:\WINDOWS\SysWOW64\last.dump
2017-09-05 17:34 - 2017-03-26 21:23 - 000000000 ___RD C:\Program Files (x86)\Skype
2017-09-05 17:34 - 2013-12-13 21:49 - 000000000 ____D C:\ProgramData\Skype
2017-09-05 15:44 - 2013-08-20 11:15 - 000000000 ____D C:\Users\euzen140097\AppData\Local\Packages
2017-09-04 13:15 - 2016-11-18 00:07 - 000000000 ____D C:\Program Files (x86)\Mozilla Firefox
2017-09-04 13:15 - 2013-09-28 15:11 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2017-09-04 13:14 - 2013-08-22 15:25 - 000524288 ___SH C:\WINDOWS\system32\config\BBI
2017-09-01 17:16 - 2013-08-22 17:36 - 000000000 ____D C:\WINDOWS\rescache
2017-09-01 14:17 - 2016-05-20 03:01 - 000000000 ____D C:\Users\euzen140097\Documents\GEM 4A
2017-09-01 14:01 - 2017-06-16 14:52 - 000002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2017-08-28 20:23 - 2013-10-07 00:21 - 000002213 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2017-08-28 20:23 - 2013-10-07 00:21 - 000002201 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2017-08-18 22:02 - 2013-08-22 16:44 - 005307648 _____ C:\WINDOWS\system32\FNTCACHE.DAT
==================== Fichiers à la racine de certains dossiers =======
2014-11-09 19:19 - 2017-03-15 19:48 - 000000034 _____ () C:\Users\euzen140097\AppData\Roaming\AdobeWLCMCache.dat
2013-11-20 15:00 - 2013-12-23 12:19 - 000000132 _____ () C:\Users\euzen140097\AppData\Roaming\Préfs Format PNG Adobe CS6
2014-03-15 23:00 - 2017-03-15 10:21 - 000000132 _____ () C:\Users\euzen140097\AppData\Roaming\Préférences Adobe PNG Format CC
2014-05-06 14:08 - 2016-09-18 17:08 - 000000379 _____ () C:\Users\euzen140097\AppData\Roaming\WB.CFG
2014-01-31 09:37 - 2015-09-09 14:58 - 000001456 _____ () C:\Users\euzen140097\AppData\Local\Adobe Enregistrer pour le Web 13.0 Prefs
2013-08-05 13:57 - 2013-08-05 13:57 - 000000000 ____H () C:\ProgramData\DP45977C.lfl
Fichiers à déplacer ou supprimer:
====================
C:\Users\euzen140097\ZHPDiag3.exe
Certains fichiers dans TEMP:
====================
2017-09-09 15:23 - 2017-09-05 10:57 - 000961592 _____ (BlueStack Systems, Inc.) C:\Users\euzen140097\AppData\Local\Temp\BlueStacksClientUninstaller.exe
2017-09-09 15:23 - 2017-09-05 10:56 - 000421400 _____ (CodeTitans) C:\Users\euzen140097\AppData\Local\Temp\JSON.dll
2017-09-09 15:17 - 2017-02-03 15:20 - 001342792 _____ (Andy OS, inc.) C:\Users\euzen140097\AppData\Local\Temp\RemoveTemp.exe
2017-09-09 16:57 - 2017-09-09 16:57 - 011891712 _____ () C:\Users\euzen140097\AppData\Local\Temp\vlc-2.2.6-win32.exe
==================== Bamital & volsnap ======================
(Il n'y a pas de correction automatique pour les fichiers qui ne satisfont pas à la vérification.)
C:\WINDOWS\system32\winlogon.exe => Le fichier est signé numériquement
C:\WINDOWS\system32\wininit.exe => Le fichier est signé numériquement
C:\WINDOWS\explorer.exe => Le fichier est signé numériquement
C:\WINDOWS\SysWOW64\explorer.exe => Le fichier est signé numériquement
C:\WINDOWS\system32\svchost.exe => Le fichier est signé numériquement
C:\WINDOWS\SysWOW64\svchost.exe => Le fichier est signé numériquement
C:\WINDOWS\system32\services.exe => Le fichier est signé numériquement
C:\WINDOWS\system32\User32.dll => Le fichier est signé numériquement
C:\WINDOWS\SysWOW64\User32.dll => Le fichier est signé numériquement
C:\WINDOWS\system32\userinit.exe => Le fichier est signé numériquement
C:\WINDOWS\SysWOW64\userinit.exe => Le fichier est signé numériquement
C:\WINDOWS\system32\rpcss.dll => Le fichier est signé numériquement
C:\WINDOWS\system32\dnsapi.dll => Le fichier est signé numériquement
C:\WINDOWS\SysWOW64\dnsapi.dll => Le fichier est signé numériquement
C:\WINDOWS\system32\Drivers\volsnap.sys => Le fichier est signé numériquement
LastRegBack: 2017-09-11 17:24
==================== Fin de FRST.txt ============================