Publicité
Publicité
Format du document : text/plain
Prévisualisation
Résultats d'analyse de Farbar Recovery Scan Tool (FRST) (x64) Version: 02-11-2017
Exécuté par M9 (administrateur) sur M9_FIXE (06-11-2017 23:23:33)
Exécuté depuis C:\Users\M9\Desktop
Profils chargés: M9 (Profils disponibles: M9)
Platform: Windows 10 Pro Version 1511 10586.494 (X64) Langue: Français (France)
Internet Explorer Version 11 (Navigateur par défaut: Chrome)
Mode d'amorçage: Normal
Tutoriel pour Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processus (Avec liste blanche) =================
(Si un élément est inclus dans le fichier fixlist.txt, le processus sera arrêté. Le fichier ne sera pas déplacé.)
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(Logitech, Inc.) C:\Program Files\Logitech\SolarApp\L4301_Solar.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
() C:\Program Files (x86)\Canon\IJPLM\ijplmsvc.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe
() C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe
(DEVGURU Co., LTD.) C:\Program Files\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe
(VIA Technologies, Inc.) C:\Windows\System32\ViakaraokeSrv.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(eVenture Limited) C:\Program Files (x86)\hide.me VPN\hidemesvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvContainer\nvcontainer.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\NisSrv.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\tv_w32.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\tv_x64.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(CANON INC.) C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Razer Inc.) C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MpCmdRun.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Nero AG) C:\Program Files (x86)\Nero\Update\NASvc.exe
(Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
(Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
() C:\Program Files\WindowsApps\Microsoft.Messaging_2.15.20002.0_x86__8wekyb3d8bbwe\SkypeHost.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
==================== Registre (Avec liste blanche) ===========================
(Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé. Le fichier ne sera pas déplacé.)
HKLM\...\Run: [ShadowPlay] => "C:\WINDOWS\system32\rundll32.exe" C:\WINDOWS\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [303928 2017-05-09] (Apple Inc.)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [Adobe Acrobat Speed Launcher] => C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrobat_sl.exe [41360 2015-09-24] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Acrobat Assistant 8.0] => C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrotray.exe [840592 2015-09-24] (Adobe Systems Inc.)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [767176 2015-08-21] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [IJNetworkScannerSelectorEX] => C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe [438888 2014-01-15] (CANON INC.)
HKLM-x32\...\Run: [VirtualCloneDrive] => C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe [88984 2013-03-10] (Elaborate Bytes AG)
HKLM-x32\...\Run: ["C:\Program Files (x86)\D-Link\D-ViewCam\MainConsole.EXE"] => "C:\Program Files (x86)\D-Link\D-ViewCam\MainConsole.exe" RunWithWindows
HKLM-x32\...\Run: [Razer Synapse] => C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe [596640 2017-04-13] (Razer Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [587288 2017-09-05] (Oracle Corporation)
HKU\S-1-5-21-4143373384-3803122505-923137172-1001\...\Run: [DAEMON Tools Lite Automount] => C:\Program Files\DAEMON Tools Lite\DTAgent.exe [4177784 2016-01-15] (Disc Soft Ltd)
HKU\S-1-5-21-4143373384-3803122505-923137172-1001\...\Run: [LightScribe Control Panel] => C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe [2736128 2011-06-20] (Hewlett-Packard Company)
HKU\S-1-5-21-4143373384-3803122505-923137172-1001\...\MountPoints2: {451526c1-7016-11e5-9bc2-806e6f6e6963} - "F:\CheckID.exe"
HKU\S-1-5-21-4143373384-3803122505-923137172-1001\...\MountPoints2: {9d84dc79-bb58-11e7-9c1c-e0cb4e077665} - "G:\SETUP.EXE"
GroupPolicy: Restriction - Chrome <==== ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION
==================== Internet (Avec liste blanche) ====================
(Si un élément est inclus dans le fichier fixlist.txt, s'il s'agit d'un élément du Registre, il sera supprimé ou restauré à la valeur par défaut.)
Hosts: 127.0.0.1 activate.adobe.com
Tcpip\Parameters: [DhcpNameServer] 91.121.61.147 91.121.58.181
Tcpip\..\Interfaces\{8e38d137-ad3b-4ecb-919c-a05330769240}: [DhcpNameServer] 91.121.61.147 91.121.58.181
Internet Explorer:
==================
HKU\S-1-5-21-4143373384-3803122505-923137172-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://www.google.fr/?gws_rd=ssl
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\Office15\OCHelper.dll [2016-06-14] (Microsoft Corporation)
BHO-x32: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2015-09-24] (Adobe Systems Incorporated)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll [2016-06-14] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_151\bin\ssv.dll [2017-10-26] (Oracle Corporation)
BHO-x32: Adobe PDF Conversion Toolbar Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2015-09-24] (Adobe Systems Incorporated)
BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL [2016-06-14] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_151\bin\jp2ssv.dll [2017-10-26] (Oracle Corporation)
BHO-x32: SmartSelect Class -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2015-09-24] (Adobe Systems Incorporated)
Toolbar: HKLM-x32 - Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2015-09-24] (Adobe Systems Incorporated)
DPF: HKLM-x32 {2D20E99C-1FD7-48EC-9FDF-CF3555B273D4} hxxp://192.168.1.65/VDControl.CAB?2,0,0,89
DPF: HKLM-x32 {4E94DD12-E0E0-5C87-9E61-4F4C4B0052BB} hxxp://192.168.1.92:5000/webman/3rdparty/SurveillanceStation/object/SurveillanceHelper.cab?undefined
DPF: HKLM-x32 {D63FBD76-6EAA-43C0-BAFB-474D5FD9AD3F} hxxp://192.168.1.92:5000/webman/3rdparty/SurveillanceStation/object/SurveillancePlugin.cab?undefined
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL [2016-05-17] (Microsoft Corporation)
FireFox:
========
FF DefaultProfile: j01c3cke.default
FF ProfilePath: C:\Users\M9\AppData\Roaming\Mozilla\Firefox\Profiles\j01c3cke.default [2017-10-11]
FF Homepage: Mozilla\Firefox\Profiles\j01c3cke.default -> www.google.fr
FF HKLM-x32\...\Firefox\Extensions: [web2pdfextension@web2pdf.adobedotcom] - C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Browser\WCFirefoxExtn
FF Extension: (Adobe Acrobat - Create PDF) - C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Browser\WCFirefoxExtn [2015-10-27] [non signé]
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~1\Office15\NPSPWRAP.DLL [2014-01-23] (Microsoft Corporation)
FF Plugin: synology.com/SurveillanceHelper -> C:\Program Files (x86)\Synology\SurveillanceHelper\1.0.0.5\npSurveillanceHelper_x86_64.dll [2017-07-11] (Synology)
FF Plugin: synology.com/SurveillancePlugin_x86_64 -> C:\Program Files (x86)\Synology\SurveillancePlugin\1.0.0.1177\npSurveillancePlugin_x86_64.dll [2017-07-11] (Synology)
FF Plugin-x32: @java.com/DTPlugin,version=11.151.2 -> C:\Program Files (x86)\Java\jre1.8.0_151\bin\dtplugin\npDeployJava1.dll [2017-10-26] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.151.2 -> C:\Program Files (x86)\Java\jre1.8.0_151\bin\plugin2\npjp2.dll [2017-10-26] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2015-11-18] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office15\NPSPWRAP.DLL [2014-01-22] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation)
FF Plugin-x32: @Nero.com/KM -> C:\PROGRA~2\COMMON~1\Nero\BROWSE~1\NPBROW~1.DLL [2015-08-28] (Nero AG)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2017-05-18] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2017-05-18] (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-04-30] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-04-30] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.2.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2017-05-24] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.4 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2017-05-24] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.6 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2017-05-24] (VideoLAN)
FF Plugin-x32: Adobe Acrobat -> C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Air\nppdf32.dll [2015-09-24] (Adobe Systems Inc.)
FF Plugin-x32: synology.com/SurveillanceHelper -> C:\Program Files (x86)\Synology\SurveillanceHelper\1.0.0.5\npSurveillanceHelper.dll [2017-07-11] (Synology)
FF Plugin-x32: synology.com/SurveillancePlugin -> C:\Program Files (x86)\Synology\SurveillancePlugin\1.0.0.1177\npSurveillancePlugin.dll [2017-07-11] (Synology)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npMeetingJoinPluginOC.dll [2015-11-18] (Microsoft Corporation)
Chrome:
=======
CHR DefaultProfile: Default
CHR HomePage: Default -> hxxp://Vosteran.com/?f=1&a=vst_ggfc_15_01_ch&cd=2XzuyEtN2Y1L1QzuyByEtB0FyCzzyBzz0E0C0DyE0Dzzzy0FtN0D0Tzu0StCtDzyyEtN1L2XzutAtFyCtFtCyCtFyCtN1L1CzutCyEtBzytDyD1V1TtN1L1G1B1V1N2Y1L1Qzu2StB0DzzzyyEyB0EzztGyCtDtD0CtG0AyE0CyDtGzy0F0E0BtGyBtCyC0CtBtB0E0DtDzytByB2QtN1M1F1B2Z1V1N2Y1L1Qzu2S0A0DtByCtDyCzztAtGyDyCyEtAtGyEtDtCyDtGzy0Bzy0DtG0A0CyCyE0F0CzztB0AyD0E0D2Q&cr=913130174&ir=
CHR StartupUrls: Default -> "hxxp://www.google.com/ig"
CHR Profile: C:\Users\M9\AppData\Local\Google\Chrome\User Data\Default [2017-11-06]
CHR Extension: (Google Drive) - C:\Users\M9\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-10-27]
CHR Extension: (YouTube) - C:\Users\M9\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-10-11]
CHR Extension: (Recherche Google) - C:\Users\M9\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-10-27]
CHR Extension: (AdBlock) - C:\Users\M9\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2017-10-21]
CHR Extension: (Bouton Enregistrer Pinterest) - C:\Users\M9\AppData\Local\Google\Chrome\User Data\Default\Extensions\gpdjojdkbbmdfjfahjcgigfpmkopogic [2017-10-11]
CHR Extension: (Extension AllDebrid ) - C:\Users\M9\AppData\Local\Google\Chrome\User Data\Default\Extensions\mdjbgnpehbhpibonmjjjbjaoechnlcaf [2017-10-09]
CHR Extension: (Paiements via le Chrome Web Store) - C:\Users\M9\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-08-24]
CHR Extension: (Gmail) - C:\Users\M9\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-10-11]
CHR Extension: (Chrome Media Router) - C:\Users\M9\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-09-27]
CHR Profile: C:\Users\M9\AppData\Local\Google\Chrome\User Data\Guest Profile [2017-09-17]
CHR Profile: C:\Users\M9\AppData\Local\Google\Chrome\User Data\System Profile [2017-11-06]
CHR HKLM-x32\...\Chrome\Extension: [nagnmfhgkjkplbhplkbicmpkfopmnefp] - hxxps://clients2.google.com/service/update2/crx
==================== Services (Avec liste blanche) ====================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [83768 2017-04-03] (Apple Inc.)
S3 Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusService.exe [1369464 2016-01-15] (Disc Soft Ltd)
R2 hmevpnsvc; C:\Program Files (x86)\hide.me VPN\hidemesvc.exe [138912 2017-08-07] (eVenture Limited)
R2 IJPLMSVC; C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE [84616 2013-06-28] ()
R2 L4301_Solar; C:\Program Files\Logitech\SolarApp\L4301_Solar.exe [405744 2013-01-30] (Logitech, Inc.)
R2 LightScribeService; C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe [73728 2011-06-20] (Hewlett-Packard Company) [Fichier non signé]
R2 NvContainerLocalSystem; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [495224 2017-05-03] (NVIDIA Corporation)
S3 NvContainerNetworkService; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [495224 2017-05-03] (NVIDIA Corporation)
R2 NVDisplay.ContainerLocalSystem; C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe [462968 2017-05-18] (NVIDIA Corporation)
R2 NvTelemetryContainer; C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe [449984 2017-05-18] (NVIDIA Corporation)
R2 Razer Game Scanner Service; C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe [189264 2016-09-24] ()
R2 ss_conn_service; C:\Program Files\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe [754784 2016-09-06] (DEVGURU Co., LTD.)
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [10942704 2017-10-20] (TeamViewer GmbH)
R2 VIAKaraokeService; C:\WINDOWS\system32\viakaraokesrv.exe [36504 2015-10-11] (VIA Technologies, Inc.)
R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [364464 2015-10-30] (Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [24864 2016-07-01] (Microsoft Corporation)
===================== Pilotes (Avec liste blanche) ======================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
S3 AtiHDAudioService; C:\WINDOWS\system32\drivers\AtihdWT6.sys [102912 2015-10-11] (Advanced Micro Devices)
S3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus.sys [131712 2016-09-06] (Samsung Electronics Co., Ltd.)
R3 dtlitescsibus; C:\WINDOWS\System32\drivers\dtlitescsibus.sys [30264 2016-02-07] (Disc Soft Ltd)
R3 dtliteusbbus; C:\WINDOWS\System32\drivers\dtliteusbbus.sys [47672 2016-02-07] (Disc Soft Ltd)
S3 dtproscsibus; C:\WINDOWS\System32\drivers\dtproscsibus.sys [30352 2015-10-11] (Disc Soft Ltd)
R1 MpKsl8b5e7d23; C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{53E60C94-1B90-46D8-9777-7EB07C3C8C7F}\MpKsl8b5e7d23.sys [58120 2017-11-06] (Microsoft Corporation)
R3 MTsensor; C:\WINDOWS\system32\DRIVERS\ASACPI.sys [17280 2015-10-11] ()
S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [30328 2017-05-03] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\WINDOWS\system32\drivers\nvvad64v.sys [48248 2017-05-03] (NVIDIA Corporation)
R3 nvvhci; C:\WINDOWS\System32\drivers\nvvhci.sys [57792 2017-02-23] (NVIDIA Corporation)
R3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [589824 2015-10-30] (Realtek )
S3 rzjstk; C:\WINDOWS\System32\drivers\rzjstk.sys [36568 2015-08-13] (Razer Inc)
S3 rzkeypadendpt; C:\WINDOWS\System32\drivers\rzkeypadendpt.sys [46280 2015-08-13] (Razer Inc)
R2 rzpmgrk; C:\WINDOWS\system32\drivers\rzpmgrk.sys [44144 2016-09-17] (Razer, Inc.)
R2 rzpnk; C:\WINDOWS\system32\drivers\rzpnk.sys [130880 2015-12-14] (Razer, Inc.)
S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [165504 2016-09-06] (Samsung Electronics Co., Ltd.)
S0 WdBoot; C:\WINDOWS\System32\drivers\WdBoot.sys [44568 2015-10-30] (Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\WdFilter.sys [293216 2015-10-30] (Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [118112 2015-10-30] (Microsoft Corporation)
S3 sxuptp; \SystemRoot\System32\drivers\sxuptp.sys [X]
==================== NetSvcs (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
==================== Un mois - Créés - fichiers et dossiers ========
(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)
2017-11-06 23:23 - 2017-11-06 23:23 - 000019873 _____ C:\Users\M9\Desktop\FRST.txt
2017-11-06 23:23 - 2017-11-06 23:23 - 000000000 ____D C:\FRST
2017-11-06 23:22 - 2017-11-06 23:23 - 002403328 _____ (Farbar) C:\Users\M9\Desktop\FRST64.exe
2017-11-06 23:20 - 2017-11-06 23:20 - 000141785 _____ C:\Users\M9\Desktop\ZHPDiag.txt
2017-11-06 23:19 - 2017-11-06 23:19 - 000000894 _____ C:\Users\M9\Desktop\ZHPDiag.lnk
2017-11-06 23:19 - 2017-11-06 23:19 - 000000000 ____D C:\Users\M9\AppData\Roaming\ZHP
2017-11-06 23:19 - 2017-11-06 23:19 - 000000000 ____D C:\Users\M9\AppData\Local\ZHP
2017-11-06 23:17 - 2017-11-06 23:19 - 002900480 _____ C:\Users\M9\Downloads\zhpdiag_v2017.10.9.179.exe
2017-11-06 22:02 - 2017-11-06 22:55 - 000000000 ____D C:\AdwCleaner
2017-11-05 18:35 - 2017-11-05 18:35 - 000001040 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 13.lnk
2017-11-05 09:33 - 2017-11-05 09:33 - 000001742 __RSH C:\ProgramData\ntuser.pol
2017-10-30 09:27 - 2017-10-30 09:27 - 000000000 ____D C:\Users\Public\Documents\Daemon Tools Images
2017-10-26 14:44 - 2017-10-26 14:44 - 000318172 _____ C:\WINDOWS\Minidump\102617-11375-01.dmp
2017-10-10 05:44 - 2017-10-10 05:45 - 000267445 _____ C:\Users\M9\Documents\IMG_20171010_0002.pdf
2017-10-10 05:44 - 2017-10-10 05:44 - 000137735 _____ C:\Users\M9\Documents\IMG_20171010_0001.pdf
2017-10-08 17:17 - 2017-10-08 17:17 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2017-10-08 17:16 - 2017-10-08 17:17 - 000000000 ___RD C:\Program Files (x86)\Skype
==================== Un mois - Modifiés - fichiers et dossiers ========
(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)
2017-11-06 23:04 - 2015-10-11 15:17 - 000003796 _____ C:\WINDOWS\System32\Tasks\AutoKMS
2017-11-06 23:00 - 2015-10-30 20:00 - 000787838 _____ C:\WINDOWS\system32\perfh00C.dat
2017-11-06 23:00 - 2015-10-30 20:00 - 000147778 _____ C:\WINDOWS\system32\perfc00C.dat
2017-11-06 23:00 - 2015-10-30 08:21 - 000000000 ____D C:\WINDOWS\INF
2017-11-06 23:00 - 2015-10-11 14:00 - 001758862 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2017-11-06 22:58 - 2017-04-01 18:18 - 000000000 ____D C:\ProgramData\NVIDIA
2017-11-06 22:56 - 2015-12-04 03:16 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2017-11-06 22:55 - 2015-10-30 07:28 - 000524288 ___SH C:\WINDOWS\system32\config\BBI
2017-11-06 22:40 - 2015-11-11 19:03 - 000000000 ____D C:\Users\M9\AppData\Local\CrashDumps
2017-11-06 22:19 - 2015-10-11 18:26 - 000004170 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{86D18AAF-0463-4B19-B206-29E1D68EB891}
2017-11-06 22:05 - 2015-12-04 03:10 - 000281232 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2017-11-06 10:29 - 2015-10-30 08:24 - 000000000 ____D C:\WINDOWS\AppReadiness
2017-11-05 20:30 - 2015-10-11 14:42 - 000000000 ____D C:\Users\M9\AppData\Roaming\vlc
2017-11-05 18:36 - 2017-04-01 22:06 - 000000000 ____D C:\Users\M9\AppData\Local\TeamViewer
2017-11-05 18:35 - 2017-04-01 22:03 - 000000000 ____D C:\Program Files (x86)\TeamViewer
2017-11-05 11:55 - 2015-10-30 08:24 - 000000000 ___HD C:\Program Files\WindowsApps
2017-11-05 09:33 - 2015-10-30 08:24 - 000000000 ____D C:\WINDOWS\SysWOW64\GroupPolicy
2017-11-05 09:33 - 2015-07-10 12:04 - 000000000 ___HD C:\WINDOWS\system32\GroupPolicy
2017-11-04 22:45 - 2017-08-10 18:21 - 000002070 _____ C:\Users\M9\Documents\PLNas2.ffs_gui
2017-11-04 22:45 - 2017-08-10 18:19 - 000001989 _____ C:\Users\M9\Documents\PLNas3.ffs_gui
2017-11-04 22:42 - 2015-10-11 13:54 - 000000000 ____D C:\Users\M9\AppData\Local\Packages
2017-11-04 07:57 - 2017-04-07 06:44 - 000000000 ____D C:\Users\M9\AppData\Roaming\Hide.me
2017-11-03 23:48 - 2015-12-04 03:12 - 000000000 ____D C:\Users\M9
2017-11-02 21:35 - 2016-07-03 21:08 - 000000600 _____ C:\Users\M9\AppData\Local\PUTTY.RND
2017-11-02 21:35 - 2015-10-11 20:25 - 000000000 ____D C:\Users\M9\AppData\Roaming\FileZilla
2017-11-01 19:12 - 2017-08-18 20:46 - 000003354 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-4143373384-3803122505-923137172-1001
2017-11-01 19:12 - 2015-10-11 13:55 - 000002398 _____ C:\Users\M9\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2017-11-01 19:12 - 2015-10-11 13:55 - 000000000 ___RD C:\Users\M9\OneDrive
2017-10-30 17:55 - 2015-10-11 18:40 - 000000000 ____D C:\Users\M9\AppData\Roaming\Skype
2017-10-30 09:28 - 2015-10-11 15:08 - 000000000 ____D C:\Users\M9\AppData\Roaming\DAEMON Tools Lite
2017-10-26 22:14 - 2015-10-11 18:25 - 000000000 ____D C:\ProgramData\Oracle
2017-10-26 22:06 - 2015-10-11 18:25 - 000097856 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\WindowsAccessBridge-32.dll
2017-10-26 22:06 - 2015-10-11 18:25 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2017-10-26 22:06 - 2015-10-11 18:25 - 000000000 ____D C:\Program Files (x86)\Java
2017-10-26 14:44 - 2016-02-14 08:47 - 000000000 ____D C:\WINDOWS\Minidump
2017-10-26 14:44 - 2015-11-24 00:46 - 914936017 _____ C:\WINDOWS\MEMORY.DMP
2017-10-26 07:22 - 2016-02-03 22:47 - 000000000 ____D C:\ProgramData\CanonIJPLM
2017-10-21 18:31 - 2015-10-11 20:25 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FileZilla FTP Client
2017-10-21 18:31 - 2015-10-11 20:25 - 000000000 ____D C:\Program Files\FileZilla FTP Client
2017-10-12 17:34 - 2015-10-11 22:22 - 000000000 ____D C:\Users\M9\AppData\Roaming\Youtube Downloader HD
2017-10-11 22:09 - 2017-08-08 17:56 - 000000000 ____D C:\Users\M9\AppData\LocalLow\Mozilla
2017-10-08 20:09 - 2017-04-01 22:04 - 000000000 ____D C:\Users\M9\AppData\Roaming\TeamViewer
2017-10-08 17:17 - 2015-10-11 18:39 - 000000000 ____D C:\ProgramData\Skype
2017-10-07 23:09 - 2015-10-11 20:17 - 000000999 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FreeFileSync.lnk
2017-10-07 23:09 - 2015-10-11 20:17 - 000000969 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RealTimeSync.lnk
2017-10-07 23:09 - 2015-10-11 20:17 - 000000000 ____D C:\Program Files\FreeFileSync
==================== Fichiers à la racine de certains dossiers =======
2016-07-03 21:08 - 2017-11-02 21:35 - 000000600 _____ () C:\Users\M9\AppData\Local\PUTTY.RND
Certains fichiers dans TEMP:
====================
2017-10-07 21:43 - 2017-10-07 21:43 - 000035680 _____ () C:\Users\M9\AppData\Local\Temp\i4jdel0.exe
2017-04-01 16:16 - 2017-04-01 16:16 - 000739904 _____ (Oracle Corporation) C:\Users\M9\AppData\Local\Temp\jre-8u121-windows-au.exe
2017-04-20 21:04 - 2017-04-20 21:04 - 000739904 _____ (Oracle Corporation) C:\Users\M9\AppData\Local\Temp\jre-8u131-windows-au.exe
2017-07-27 23:46 - 2017-07-27 23:46 - 000740416 _____ (Oracle Corporation) C:\Users\M9\AppData\Local\Temp\jre-8u144-windows-au.exe
2017-10-26 22:05 - 2017-10-26 22:05 - 001856576 _____ (Oracle Corporation) C:\Users\M9\AppData\Local\Temp\jre-8u151-windows-au.exe
2016-01-26 01:41 - 2016-01-26 01:41 - 000644704 _____ (Oracle Corporation) C:\Users\M9\AppData\Local\Temp\jre-8u71-windows-au.exe
2016-02-10 01:38 - 2016-02-10 01:38 - 000736352 _____ (Oracle Corporation) C:\Users\M9\AppData\Local\Temp\jre-8u73-windows-au.exe
2016-03-29 07:59 - 2016-03-29 07:59 - 000736320 _____ (Oracle Corporation) C:\Users\M9\AppData\Local\Temp\jre-8u77-windows-au.exe
2016-05-26 21:22 - 2016-05-26 21:22 - 000739904 _____ (Oracle Corporation) C:\Users\M9\AppData\Local\Temp\jre-8u91-windows-au.exe
2016-04-03 14:22 - 2016-04-03 14:22 - 000058368 ____N () C:\Users\M9\AppData\Local\Temp\jshortcut-1535879221636873397.dll
2016-04-03 12:46 - 2016-04-03 12:46 - 000058368 ____N () C:\Users\M9\AppData\Local\Temp\jshortcut-3233294397235308748.dll
2016-04-03 14:29 - 2016-04-03 14:29 - 000058368 ____N () C:\Users\M9\AppData\Local\Temp\jshortcut-5736276338576773240.dll
2016-04-03 13:46 - 2016-04-03 13:46 - 000058368 ____N () C:\Users\M9\AppData\Local\Temp\jshortcut-8303040256593985673.dll
2016-04-03 14:19 - 2016-04-03 14:19 - 000058368 ____N () C:\Users\M9\AppData\Local\Temp\jshortcut-8470457906347557063.dll
2016-04-03 14:30 - 2016-04-03 14:30 - 000058368 ____N () C:\Users\M9\AppData\Local\Temp\jshortcut-8747082711234029675.dll
2015-12-06 18:43 - 2015-10-30 08:18 - 000620176 _____ (Microsoft Corporation) C:\Users\M9\AppData\Local\Temp\kernel32.dll
2016-02-03 22:40 - 2014-05-15 18:40 - 001122384 ____N (CANON INC.) C:\Users\M9\AppData\Local\Temp\MSETUP4.EXE
2017-04-01 18:32 - 2017-05-01 21:14 - 000754680 _____ (NVIDIA Corporation) C:\Users\M9\AppData\Local\Temp\nvSCPAPI.dll
2017-04-01 18:32 - 2017-05-01 21:14 - 000869200 _____ (NVIDIA Corporation) C:\Users\M9\AppData\Local\Temp\nvSCPAPI64.dll
2017-04-01 18:30 - 2017-05-01 21:14 - 000367552 _____ (NVIDIA Corporation) C:\Users\M9\AppData\Local\Temp\nvStInst.exe
2016-05-15 18:20 - 2016-05-15 18:55 - 045196928 _____ (Skype Technologies S.A.) C:\Users\M9\AppData\Local\Temp\SkypeSetup.exe
2016-06-16 23:45 - 2016-06-16 23:46 - 030533688 _____ () C:\Users\M9\AppData\Local\Temp\vlc-2.2.4-win32.exe
2017-09-05 23:20 - 2017-09-05 23:22 - 030950664 _____ () C:\Users\M9\AppData\Local\Temp\vlc-2.2.6-win32.exe
==================== Bamital & volsnap ======================
(Il n'y a pas de correction automatique pour les fichiers qui ne satisfont pas à la vérification.)
C:\WINDOWS\system32\winlogon.exe => Le fichier est signé numériquement
C:\WINDOWS\system32\wininit.exe => Le fichier est signé numériquement
C:\WINDOWS\explorer.exe => Le fichier est signé numériquement
C:\WINDOWS\SysWOW64\explorer.exe => Le fichier est signé numériquement
C:\WINDOWS\system32\svchost.exe => Le fichier est signé numériquement
C:\WINDOWS\SysWOW64\svchost.exe => Le fichier est signé numériquement
C:\WINDOWS\system32\services.exe => Le fichier est signé numériquement
C:\WINDOWS\system32\User32.dll => Le fichier est signé numériquement
C:\WINDOWS\SysWOW64\User32.dll => Le fichier est signé numériquement
C:\WINDOWS\system32\userinit.exe => Le fichier est signé numériquement
C:\WINDOWS\SysWOW64\userinit.exe => Le fichier est signé numériquement
C:\WINDOWS\system32\rpcss.dll => Le fichier est signé numériquement
C:\WINDOWS\system32\dnsapi.dll => Le fichier est signé numériquement
C:\WINDOWS\SysWOW64\dnsapi.dll => Le fichier est signé numériquement
C:\WINDOWS\system32\Drivers\volsnap.sys => Le fichier est signé numériquement
LastRegBack: 2017-10-31 14:07
==================== Fin de FRST.txt ============================
Exécuté par M9 (administrateur) sur M9_FIXE (06-11-2017 23:23:33)
Exécuté depuis C:\Users\M9\Desktop
Profils chargés: M9 (Profils disponibles: M9)
Platform: Windows 10 Pro Version 1511 10586.494 (X64) Langue: Français (France)
Internet Explorer Version 11 (Navigateur par défaut: Chrome)
Mode d'amorçage: Normal
Tutoriel pour Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processus (Avec liste blanche) =================
(Si un élément est inclus dans le fichier fixlist.txt, le processus sera arrêté. Le fichier ne sera pas déplacé.)
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(Logitech, Inc.) C:\Program Files\Logitech\SolarApp\L4301_Solar.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
() C:\Program Files (x86)\Canon\IJPLM\ijplmsvc.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe
() C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe
(DEVGURU Co., LTD.) C:\Program Files\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe
(VIA Technologies, Inc.) C:\Windows\System32\ViakaraokeSrv.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(eVenture Limited) C:\Program Files (x86)\hide.me VPN\hidemesvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvContainer\nvcontainer.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\NisSrv.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\tv_w32.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\tv_x64.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(CANON INC.) C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Razer Inc.) C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MpCmdRun.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Nero AG) C:\Program Files (x86)\Nero\Update\NASvc.exe
(Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
(Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
() C:\Program Files\WindowsApps\Microsoft.Messaging_2.15.20002.0_x86__8wekyb3d8bbwe\SkypeHost.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
==================== Registre (Avec liste blanche) ===========================
(Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé. Le fichier ne sera pas déplacé.)
HKLM\...\Run: [ShadowPlay] => "C:\WINDOWS\system32\rundll32.exe" C:\WINDOWS\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [303928 2017-05-09] (Apple Inc.)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [Adobe Acrobat Speed Launcher] => C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrobat_sl.exe [41360 2015-09-24] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Acrobat Assistant 8.0] => C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrotray.exe [840592 2015-09-24] (Adobe Systems Inc.)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [767176 2015-08-21] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [IJNetworkScannerSelectorEX] => C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe [438888 2014-01-15] (CANON INC.)
HKLM-x32\...\Run: [VirtualCloneDrive] => C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe [88984 2013-03-10] (Elaborate Bytes AG)
HKLM-x32\...\Run: ["C:\Program Files (x86)\D-Link\D-ViewCam\MainConsole.EXE"] => "C:\Program Files (x86)\D-Link\D-ViewCam\MainConsole.exe" RunWithWindows
HKLM-x32\...\Run: [Razer Synapse] => C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe [596640 2017-04-13] (Razer Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [587288 2017-09-05] (Oracle Corporation)
HKU\S-1-5-21-4143373384-3803122505-923137172-1001\...\Run: [DAEMON Tools Lite Automount] => C:\Program Files\DAEMON Tools Lite\DTAgent.exe [4177784 2016-01-15] (Disc Soft Ltd)
HKU\S-1-5-21-4143373384-3803122505-923137172-1001\...\Run: [LightScribe Control Panel] => C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe [2736128 2011-06-20] (Hewlett-Packard Company)
HKU\S-1-5-21-4143373384-3803122505-923137172-1001\...\MountPoints2: {451526c1-7016-11e5-9bc2-806e6f6e6963} - "F:\CheckID.exe"
HKU\S-1-5-21-4143373384-3803122505-923137172-1001\...\MountPoints2: {9d84dc79-bb58-11e7-9c1c-e0cb4e077665} - "G:\SETUP.EXE"
GroupPolicy: Restriction - Chrome <==== ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION
==================== Internet (Avec liste blanche) ====================
(Si un élément est inclus dans le fichier fixlist.txt, s'il s'agit d'un élément du Registre, il sera supprimé ou restauré à la valeur par défaut.)
Hosts: 127.0.0.1 activate.adobe.com
Tcpip\Parameters: [DhcpNameServer] 91.121.61.147 91.121.58.181
Tcpip\..\Interfaces\{8e38d137-ad3b-4ecb-919c-a05330769240}: [DhcpNameServer] 91.121.61.147 91.121.58.181
Internet Explorer:
==================
HKU\S-1-5-21-4143373384-3803122505-923137172-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://www.google.fr/?gws_rd=ssl
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\Office15\OCHelper.dll [2016-06-14] (Microsoft Corporation)
BHO-x32: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2015-09-24] (Adobe Systems Incorporated)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll [2016-06-14] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_151\bin\ssv.dll [2017-10-26] (Oracle Corporation)
BHO-x32: Adobe PDF Conversion Toolbar Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2015-09-24] (Adobe Systems Incorporated)
BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL [2016-06-14] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_151\bin\jp2ssv.dll [2017-10-26] (Oracle Corporation)
BHO-x32: SmartSelect Class -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2015-09-24] (Adobe Systems Incorporated)
Toolbar: HKLM-x32 - Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2015-09-24] (Adobe Systems Incorporated)
DPF: HKLM-x32 {2D20E99C-1FD7-48EC-9FDF-CF3555B273D4} hxxp://192.168.1.65/VDControl.CAB?2,0,0,89
DPF: HKLM-x32 {4E94DD12-E0E0-5C87-9E61-4F4C4B0052BB} hxxp://192.168.1.92:5000/webman/3rdparty/SurveillanceStation/object/SurveillanceHelper.cab?undefined
DPF: HKLM-x32 {D63FBD76-6EAA-43C0-BAFB-474D5FD9AD3F} hxxp://192.168.1.92:5000/webman/3rdparty/SurveillanceStation/object/SurveillancePlugin.cab?undefined
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL [2016-05-17] (Microsoft Corporation)
FireFox:
========
FF DefaultProfile: j01c3cke.default
FF ProfilePath: C:\Users\M9\AppData\Roaming\Mozilla\Firefox\Profiles\j01c3cke.default [2017-10-11]
FF Homepage: Mozilla\Firefox\Profiles\j01c3cke.default -> www.google.fr
FF HKLM-x32\...\Firefox\Extensions: [web2pdfextension@web2pdf.adobedotcom] - C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Browser\WCFirefoxExtn
FF Extension: (Adobe Acrobat - Create PDF) - C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Browser\WCFirefoxExtn [2015-10-27] [non signé]
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~1\Office15\NPSPWRAP.DLL [2014-01-23] (Microsoft Corporation)
FF Plugin: synology.com/SurveillanceHelper -> C:\Program Files (x86)\Synology\SurveillanceHelper\1.0.0.5\npSurveillanceHelper_x86_64.dll [2017-07-11] (Synology)
FF Plugin: synology.com/SurveillancePlugin_x86_64 -> C:\Program Files (x86)\Synology\SurveillancePlugin\1.0.0.1177\npSurveillancePlugin_x86_64.dll [2017-07-11] (Synology)
FF Plugin-x32: @java.com/DTPlugin,version=11.151.2 -> C:\Program Files (x86)\Java\jre1.8.0_151\bin\dtplugin\npDeployJava1.dll [2017-10-26] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.151.2 -> C:\Program Files (x86)\Java\jre1.8.0_151\bin\plugin2\npjp2.dll [2017-10-26] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2015-11-18] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office15\NPSPWRAP.DLL [2014-01-22] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation)
FF Plugin-x32: @Nero.com/KM -> C:\PROGRA~2\COMMON~1\Nero\BROWSE~1\NPBROW~1.DLL [2015-08-28] (Nero AG)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2017-05-18] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2017-05-18] (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-04-30] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-04-30] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.2.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2017-05-24] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.4 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2017-05-24] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.6 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2017-05-24] (VideoLAN)
FF Plugin-x32: Adobe Acrobat -> C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Air\nppdf32.dll [2015-09-24] (Adobe Systems Inc.)
FF Plugin-x32: synology.com/SurveillanceHelper -> C:\Program Files (x86)\Synology\SurveillanceHelper\1.0.0.5\npSurveillanceHelper.dll [2017-07-11] (Synology)
FF Plugin-x32: synology.com/SurveillancePlugin -> C:\Program Files (x86)\Synology\SurveillancePlugin\1.0.0.1177\npSurveillancePlugin.dll [2017-07-11] (Synology)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npMeetingJoinPluginOC.dll [2015-11-18] (Microsoft Corporation)
Chrome:
=======
CHR DefaultProfile: Default
CHR HomePage: Default -> hxxp://Vosteran.com/?f=1&a=vst_ggfc_15_01_ch&cd=2XzuyEtN2Y1L1QzuyByEtB0FyCzzyBzz0E0C0DyE0Dzzzy0FtN0D0Tzu0StCtDzyyEtN1L2XzutAtFyCtFtCyCtFyCtN1L1CzutCyEtBzytDyD1V1TtN1L1G1B1V1N2Y1L1Qzu2StB0DzzzyyEyB0EzztGyCtDtD0CtG0AyE0CyDtGzy0F0E0BtGyBtCyC0CtBtB0E0DtDzytByB2QtN1M1F1B2Z1V1N2Y1L1Qzu2S0A0DtByCtDyCzztAtGyDyCyEtAtGyEtDtCyDtGzy0Bzy0DtG0A0CyCyE0F0CzztB0AyD0E0D2Q&cr=913130174&ir=
CHR StartupUrls: Default -> "hxxp://www.google.com/ig"
CHR Profile: C:\Users\M9\AppData\Local\Google\Chrome\User Data\Default [2017-11-06]
CHR Extension: (Google Drive) - C:\Users\M9\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-10-27]
CHR Extension: (YouTube) - C:\Users\M9\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-10-11]
CHR Extension: (Recherche Google) - C:\Users\M9\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-10-27]
CHR Extension: (AdBlock) - C:\Users\M9\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2017-10-21]
CHR Extension: (Bouton Enregistrer Pinterest) - C:\Users\M9\AppData\Local\Google\Chrome\User Data\Default\Extensions\gpdjojdkbbmdfjfahjcgigfpmkopogic [2017-10-11]
CHR Extension: (Extension AllDebrid ) - C:\Users\M9\AppData\Local\Google\Chrome\User Data\Default\Extensions\mdjbgnpehbhpibonmjjjbjaoechnlcaf [2017-10-09]
CHR Extension: (Paiements via le Chrome Web Store) - C:\Users\M9\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-08-24]
CHR Extension: (Gmail) - C:\Users\M9\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-10-11]
CHR Extension: (Chrome Media Router) - C:\Users\M9\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-09-27]
CHR Profile: C:\Users\M9\AppData\Local\Google\Chrome\User Data\Guest Profile [2017-09-17]
CHR Profile: C:\Users\M9\AppData\Local\Google\Chrome\User Data\System Profile [2017-11-06]
CHR HKLM-x32\...\Chrome\Extension: [nagnmfhgkjkplbhplkbicmpkfopmnefp] - hxxps://clients2.google.com/service/update2/crx
==================== Services (Avec liste blanche) ====================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [83768 2017-04-03] (Apple Inc.)
S3 Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusService.exe [1369464 2016-01-15] (Disc Soft Ltd)
R2 hmevpnsvc; C:\Program Files (x86)\hide.me VPN\hidemesvc.exe [138912 2017-08-07] (eVenture Limited)
R2 IJPLMSVC; C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE [84616 2013-06-28] ()
R2 L4301_Solar; C:\Program Files\Logitech\SolarApp\L4301_Solar.exe [405744 2013-01-30] (Logitech, Inc.)
R2 LightScribeService; C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe [73728 2011-06-20] (Hewlett-Packard Company) [Fichier non signé]
R2 NvContainerLocalSystem; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [495224 2017-05-03] (NVIDIA Corporation)
S3 NvContainerNetworkService; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [495224 2017-05-03] (NVIDIA Corporation)
R2 NVDisplay.ContainerLocalSystem; C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe [462968 2017-05-18] (NVIDIA Corporation)
R2 NvTelemetryContainer; C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe [449984 2017-05-18] (NVIDIA Corporation)
R2 Razer Game Scanner Service; C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe [189264 2016-09-24] ()
R2 ss_conn_service; C:\Program Files\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe [754784 2016-09-06] (DEVGURU Co., LTD.)
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [10942704 2017-10-20] (TeamViewer GmbH)
R2 VIAKaraokeService; C:\WINDOWS\system32\viakaraokesrv.exe [36504 2015-10-11] (VIA Technologies, Inc.)
R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [364464 2015-10-30] (Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [24864 2016-07-01] (Microsoft Corporation)
===================== Pilotes (Avec liste blanche) ======================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
S3 AtiHDAudioService; C:\WINDOWS\system32\drivers\AtihdWT6.sys [102912 2015-10-11] (Advanced Micro Devices)
S3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus.sys [131712 2016-09-06] (Samsung Electronics Co., Ltd.)
R3 dtlitescsibus; C:\WINDOWS\System32\drivers\dtlitescsibus.sys [30264 2016-02-07] (Disc Soft Ltd)
R3 dtliteusbbus; C:\WINDOWS\System32\drivers\dtliteusbbus.sys [47672 2016-02-07] (Disc Soft Ltd)
S3 dtproscsibus; C:\WINDOWS\System32\drivers\dtproscsibus.sys [30352 2015-10-11] (Disc Soft Ltd)
R1 MpKsl8b5e7d23; C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{53E60C94-1B90-46D8-9777-7EB07C3C8C7F}\MpKsl8b5e7d23.sys [58120 2017-11-06] (Microsoft Corporation)
R3 MTsensor; C:\WINDOWS\system32\DRIVERS\ASACPI.sys [17280 2015-10-11] ()
S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [30328 2017-05-03] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\WINDOWS\system32\drivers\nvvad64v.sys [48248 2017-05-03] (NVIDIA Corporation)
R3 nvvhci; C:\WINDOWS\System32\drivers\nvvhci.sys [57792 2017-02-23] (NVIDIA Corporation)
R3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [589824 2015-10-30] (Realtek )
S3 rzjstk; C:\WINDOWS\System32\drivers\rzjstk.sys [36568 2015-08-13] (Razer Inc)
S3 rzkeypadendpt; C:\WINDOWS\System32\drivers\rzkeypadendpt.sys [46280 2015-08-13] (Razer Inc)
R2 rzpmgrk; C:\WINDOWS\system32\drivers\rzpmgrk.sys [44144 2016-09-17] (Razer, Inc.)
R2 rzpnk; C:\WINDOWS\system32\drivers\rzpnk.sys [130880 2015-12-14] (Razer, Inc.)
S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [165504 2016-09-06] (Samsung Electronics Co., Ltd.)
S0 WdBoot; C:\WINDOWS\System32\drivers\WdBoot.sys [44568 2015-10-30] (Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\WdFilter.sys [293216 2015-10-30] (Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [118112 2015-10-30] (Microsoft Corporation)
S3 sxuptp; \SystemRoot\System32\drivers\sxuptp.sys [X]
==================== NetSvcs (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
==================== Un mois - Créés - fichiers et dossiers ========
(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)
2017-11-06 23:23 - 2017-11-06 23:23 - 000019873 _____ C:\Users\M9\Desktop\FRST.txt
2017-11-06 23:23 - 2017-11-06 23:23 - 000000000 ____D C:\FRST
2017-11-06 23:22 - 2017-11-06 23:23 - 002403328 _____ (Farbar) C:\Users\M9\Desktop\FRST64.exe
2017-11-06 23:20 - 2017-11-06 23:20 - 000141785 _____ C:\Users\M9\Desktop\ZHPDiag.txt
2017-11-06 23:19 - 2017-11-06 23:19 - 000000894 _____ C:\Users\M9\Desktop\ZHPDiag.lnk
2017-11-06 23:19 - 2017-11-06 23:19 - 000000000 ____D C:\Users\M9\AppData\Roaming\ZHP
2017-11-06 23:19 - 2017-11-06 23:19 - 000000000 ____D C:\Users\M9\AppData\Local\ZHP
2017-11-06 23:17 - 2017-11-06 23:19 - 002900480 _____ C:\Users\M9\Downloads\zhpdiag_v2017.10.9.179.exe
2017-11-06 22:02 - 2017-11-06 22:55 - 000000000 ____D C:\AdwCleaner
2017-11-05 18:35 - 2017-11-05 18:35 - 000001040 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 13.lnk
2017-11-05 09:33 - 2017-11-05 09:33 - 000001742 __RSH C:\ProgramData\ntuser.pol
2017-10-30 09:27 - 2017-10-30 09:27 - 000000000 ____D C:\Users\Public\Documents\Daemon Tools Images
2017-10-26 14:44 - 2017-10-26 14:44 - 000318172 _____ C:\WINDOWS\Minidump\102617-11375-01.dmp
2017-10-10 05:44 - 2017-10-10 05:45 - 000267445 _____ C:\Users\M9\Documents\IMG_20171010_0002.pdf
2017-10-10 05:44 - 2017-10-10 05:44 - 000137735 _____ C:\Users\M9\Documents\IMG_20171010_0001.pdf
2017-10-08 17:17 - 2017-10-08 17:17 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2017-10-08 17:16 - 2017-10-08 17:17 - 000000000 ___RD C:\Program Files (x86)\Skype
==================== Un mois - Modifiés - fichiers et dossiers ========
(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)
2017-11-06 23:04 - 2015-10-11 15:17 - 000003796 _____ C:\WINDOWS\System32\Tasks\AutoKMS
2017-11-06 23:00 - 2015-10-30 20:00 - 000787838 _____ C:\WINDOWS\system32\perfh00C.dat
2017-11-06 23:00 - 2015-10-30 20:00 - 000147778 _____ C:\WINDOWS\system32\perfc00C.dat
2017-11-06 23:00 - 2015-10-30 08:21 - 000000000 ____D C:\WINDOWS\INF
2017-11-06 23:00 - 2015-10-11 14:00 - 001758862 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2017-11-06 22:58 - 2017-04-01 18:18 - 000000000 ____D C:\ProgramData\NVIDIA
2017-11-06 22:56 - 2015-12-04 03:16 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2017-11-06 22:55 - 2015-10-30 07:28 - 000524288 ___SH C:\WINDOWS\system32\config\BBI
2017-11-06 22:40 - 2015-11-11 19:03 - 000000000 ____D C:\Users\M9\AppData\Local\CrashDumps
2017-11-06 22:19 - 2015-10-11 18:26 - 000004170 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{86D18AAF-0463-4B19-B206-29E1D68EB891}
2017-11-06 22:05 - 2015-12-04 03:10 - 000281232 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2017-11-06 10:29 - 2015-10-30 08:24 - 000000000 ____D C:\WINDOWS\AppReadiness
2017-11-05 20:30 - 2015-10-11 14:42 - 000000000 ____D C:\Users\M9\AppData\Roaming\vlc
2017-11-05 18:36 - 2017-04-01 22:06 - 000000000 ____D C:\Users\M9\AppData\Local\TeamViewer
2017-11-05 18:35 - 2017-04-01 22:03 - 000000000 ____D C:\Program Files (x86)\TeamViewer
2017-11-05 11:55 - 2015-10-30 08:24 - 000000000 ___HD C:\Program Files\WindowsApps
2017-11-05 09:33 - 2015-10-30 08:24 - 000000000 ____D C:\WINDOWS\SysWOW64\GroupPolicy
2017-11-05 09:33 - 2015-07-10 12:04 - 000000000 ___HD C:\WINDOWS\system32\GroupPolicy
2017-11-04 22:45 - 2017-08-10 18:21 - 000002070 _____ C:\Users\M9\Documents\PLNas2.ffs_gui
2017-11-04 22:45 - 2017-08-10 18:19 - 000001989 _____ C:\Users\M9\Documents\PLNas3.ffs_gui
2017-11-04 22:42 - 2015-10-11 13:54 - 000000000 ____D C:\Users\M9\AppData\Local\Packages
2017-11-04 07:57 - 2017-04-07 06:44 - 000000000 ____D C:\Users\M9\AppData\Roaming\Hide.me
2017-11-03 23:48 - 2015-12-04 03:12 - 000000000 ____D C:\Users\M9
2017-11-02 21:35 - 2016-07-03 21:08 - 000000600 _____ C:\Users\M9\AppData\Local\PUTTY.RND
2017-11-02 21:35 - 2015-10-11 20:25 - 000000000 ____D C:\Users\M9\AppData\Roaming\FileZilla
2017-11-01 19:12 - 2017-08-18 20:46 - 000003354 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-4143373384-3803122505-923137172-1001
2017-11-01 19:12 - 2015-10-11 13:55 - 000002398 _____ C:\Users\M9\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2017-11-01 19:12 - 2015-10-11 13:55 - 000000000 ___RD C:\Users\M9\OneDrive
2017-10-30 17:55 - 2015-10-11 18:40 - 000000000 ____D C:\Users\M9\AppData\Roaming\Skype
2017-10-30 09:28 - 2015-10-11 15:08 - 000000000 ____D C:\Users\M9\AppData\Roaming\DAEMON Tools Lite
2017-10-26 22:14 - 2015-10-11 18:25 - 000000000 ____D C:\ProgramData\Oracle
2017-10-26 22:06 - 2015-10-11 18:25 - 000097856 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\WindowsAccessBridge-32.dll
2017-10-26 22:06 - 2015-10-11 18:25 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2017-10-26 22:06 - 2015-10-11 18:25 - 000000000 ____D C:\Program Files (x86)\Java
2017-10-26 14:44 - 2016-02-14 08:47 - 000000000 ____D C:\WINDOWS\Minidump
2017-10-26 14:44 - 2015-11-24 00:46 - 914936017 _____ C:\WINDOWS\MEMORY.DMP
2017-10-26 07:22 - 2016-02-03 22:47 - 000000000 ____D C:\ProgramData\CanonIJPLM
2017-10-21 18:31 - 2015-10-11 20:25 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FileZilla FTP Client
2017-10-21 18:31 - 2015-10-11 20:25 - 000000000 ____D C:\Program Files\FileZilla FTP Client
2017-10-12 17:34 - 2015-10-11 22:22 - 000000000 ____D C:\Users\M9\AppData\Roaming\Youtube Downloader HD
2017-10-11 22:09 - 2017-08-08 17:56 - 000000000 ____D C:\Users\M9\AppData\LocalLow\Mozilla
2017-10-08 20:09 - 2017-04-01 22:04 - 000000000 ____D C:\Users\M9\AppData\Roaming\TeamViewer
2017-10-08 17:17 - 2015-10-11 18:39 - 000000000 ____D C:\ProgramData\Skype
2017-10-07 23:09 - 2015-10-11 20:17 - 000000999 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FreeFileSync.lnk
2017-10-07 23:09 - 2015-10-11 20:17 - 000000969 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RealTimeSync.lnk
2017-10-07 23:09 - 2015-10-11 20:17 - 000000000 ____D C:\Program Files\FreeFileSync
==================== Fichiers à la racine de certains dossiers =======
2016-07-03 21:08 - 2017-11-02 21:35 - 000000600 _____ () C:\Users\M9\AppData\Local\PUTTY.RND
Certains fichiers dans TEMP:
====================
2017-10-07 21:43 - 2017-10-07 21:43 - 000035680 _____ () C:\Users\M9\AppData\Local\Temp\i4jdel0.exe
2017-04-01 16:16 - 2017-04-01 16:16 - 000739904 _____ (Oracle Corporation) C:\Users\M9\AppData\Local\Temp\jre-8u121-windows-au.exe
2017-04-20 21:04 - 2017-04-20 21:04 - 000739904 _____ (Oracle Corporation) C:\Users\M9\AppData\Local\Temp\jre-8u131-windows-au.exe
2017-07-27 23:46 - 2017-07-27 23:46 - 000740416 _____ (Oracle Corporation) C:\Users\M9\AppData\Local\Temp\jre-8u144-windows-au.exe
2017-10-26 22:05 - 2017-10-26 22:05 - 001856576 _____ (Oracle Corporation) C:\Users\M9\AppData\Local\Temp\jre-8u151-windows-au.exe
2016-01-26 01:41 - 2016-01-26 01:41 - 000644704 _____ (Oracle Corporation) C:\Users\M9\AppData\Local\Temp\jre-8u71-windows-au.exe
2016-02-10 01:38 - 2016-02-10 01:38 - 000736352 _____ (Oracle Corporation) C:\Users\M9\AppData\Local\Temp\jre-8u73-windows-au.exe
2016-03-29 07:59 - 2016-03-29 07:59 - 000736320 _____ (Oracle Corporation) C:\Users\M9\AppData\Local\Temp\jre-8u77-windows-au.exe
2016-05-26 21:22 - 2016-05-26 21:22 - 000739904 _____ (Oracle Corporation) C:\Users\M9\AppData\Local\Temp\jre-8u91-windows-au.exe
2016-04-03 14:22 - 2016-04-03 14:22 - 000058368 ____N () C:\Users\M9\AppData\Local\Temp\jshortcut-1535879221636873397.dll
2016-04-03 12:46 - 2016-04-03 12:46 - 000058368 ____N () C:\Users\M9\AppData\Local\Temp\jshortcut-3233294397235308748.dll
2016-04-03 14:29 - 2016-04-03 14:29 - 000058368 ____N () C:\Users\M9\AppData\Local\Temp\jshortcut-5736276338576773240.dll
2016-04-03 13:46 - 2016-04-03 13:46 - 000058368 ____N () C:\Users\M9\AppData\Local\Temp\jshortcut-8303040256593985673.dll
2016-04-03 14:19 - 2016-04-03 14:19 - 000058368 ____N () C:\Users\M9\AppData\Local\Temp\jshortcut-8470457906347557063.dll
2016-04-03 14:30 - 2016-04-03 14:30 - 000058368 ____N () C:\Users\M9\AppData\Local\Temp\jshortcut-8747082711234029675.dll
2015-12-06 18:43 - 2015-10-30 08:18 - 000620176 _____ (Microsoft Corporation) C:\Users\M9\AppData\Local\Temp\kernel32.dll
2016-02-03 22:40 - 2014-05-15 18:40 - 001122384 ____N (CANON INC.) C:\Users\M9\AppData\Local\Temp\MSETUP4.EXE
2017-04-01 18:32 - 2017-05-01 21:14 - 000754680 _____ (NVIDIA Corporation) C:\Users\M9\AppData\Local\Temp\nvSCPAPI.dll
2017-04-01 18:32 - 2017-05-01 21:14 - 000869200 _____ (NVIDIA Corporation) C:\Users\M9\AppData\Local\Temp\nvSCPAPI64.dll
2017-04-01 18:30 - 2017-05-01 21:14 - 000367552 _____ (NVIDIA Corporation) C:\Users\M9\AppData\Local\Temp\nvStInst.exe
2016-05-15 18:20 - 2016-05-15 18:55 - 045196928 _____ (Skype Technologies S.A.) C:\Users\M9\AppData\Local\Temp\SkypeSetup.exe
2016-06-16 23:45 - 2016-06-16 23:46 - 030533688 _____ () C:\Users\M9\AppData\Local\Temp\vlc-2.2.4-win32.exe
2017-09-05 23:20 - 2017-09-05 23:22 - 030950664 _____ () C:\Users\M9\AppData\Local\Temp\vlc-2.2.6-win32.exe
==================== Bamital & volsnap ======================
(Il n'y a pas de correction automatique pour les fichiers qui ne satisfont pas à la vérification.)
C:\WINDOWS\system32\winlogon.exe => Le fichier est signé numériquement
C:\WINDOWS\system32\wininit.exe => Le fichier est signé numériquement
C:\WINDOWS\explorer.exe => Le fichier est signé numériquement
C:\WINDOWS\SysWOW64\explorer.exe => Le fichier est signé numériquement
C:\WINDOWS\system32\svchost.exe => Le fichier est signé numériquement
C:\WINDOWS\SysWOW64\svchost.exe => Le fichier est signé numériquement
C:\WINDOWS\system32\services.exe => Le fichier est signé numériquement
C:\WINDOWS\system32\User32.dll => Le fichier est signé numériquement
C:\WINDOWS\SysWOW64\User32.dll => Le fichier est signé numériquement
C:\WINDOWS\system32\userinit.exe => Le fichier est signé numériquement
C:\WINDOWS\SysWOW64\userinit.exe => Le fichier est signé numériquement
C:\WINDOWS\system32\rpcss.dll => Le fichier est signé numériquement
C:\WINDOWS\system32\dnsapi.dll => Le fichier est signé numériquement
C:\WINDOWS\SysWOW64\dnsapi.dll => Le fichier est signé numériquement
C:\WINDOWS\system32\Drivers\volsnap.sys => Le fichier est signé numériquement
LastRegBack: 2017-10-31 14:07
==================== Fin de FRST.txt ============================