Publicité
Publicité
Format du document : text/plain
Prévisualisation
Résultats d'analyse de Farbar Recovery Scan Tool (FRST) (x64) Version: 12.02.2018
Exécuté par bernard (administrateur) sur PCBERNARD (12-02-2018 19:53:37)
Exécuté depuis C:\Users\bernard\Downloads
Profils chargés: bernard (Profils disponibles: bernard)
Platform: Windows 8.1 (Update) (X64) Langue: Français (France)
Internet Explorer Version 11 (Navigateur par défaut: Chrome)
Mode d'amorçage: Normal
Tutoriel pour Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processus (Avec liste blanche) =================
(Si un élément est inclus dans le fichier fixlist.txt, le processus sera arrêté. Le fichier ne sera pas déplacé.)
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(AOMEI Tech Co., Ltd.) C:\Program Files (x86)\AOMEI Backupper\ABService.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
() C:\Program Files\CyberLink\Shared files\RichVideo64.exe
(Sonic Solutions) C:\Program Files (x86)\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatch9.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(Orange) C:\Users\bernard\AppData\Roaming\Orange\OrangeInside\OrangeInside.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
(Microsoft Corporation) C:\Windows\System32\SkyDrive.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
() C:\Windows\vsnpstd3.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Sonic Solutions) C:\Program Files (x86)\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatchTray9.exe
(Sonic Solutions) C:\Program Files (x86)\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe
(Sonic Solutions) C:\Program Files (x86)\Common Files\Roxio Shared\9.0\SharedCOM\CPSHelpRunner.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Macrovision Corporation) C:\Program Files (x86)\Common Files\InstallShield\UpdateService\issch.exe
(WildTangent) C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
() C:\Program Files\WindowsApps\32988BernardoZamora.SpiderSolitaireHD_1.18.0.27_x64__1fgex2kbsn6g8\Spider.exe
(Microsoft Corporation) C:\Windows\System32\WWAHost.exe
==================== Registre (Avec liste blanche) ===========================
(Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé. Le fichier ne sera pas déplacé.)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [8465112 2015-11-04] (Realtek Semiconductor)
HKLM\...\Run: [snpstd3] => C:\windows\vsnpstd3.exe [827392 2006-09-19] ()
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [246120 2018-01-05] (AVAST Software)
HKLM-x32\...\Run: [RoxWatchTray] => C:\Program Files (x86)\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatchTray9.exe [221184 2006-10-27] (Sonic Solutions)
HKLM-x32\...\Run: [ISUSPM Startup] => C:\Program Files (x86)\Common Files\InstallShield\UpdateService\ISUSPM.exe [221184 2006-08-25] (Macrovision Corporation)
HKLM-x32\...\Run: [ISUSScheduler] => C:\Program Files (x86)\Common Files\InstallShield\UpdateService\issch.exe [81920 2006-08-25] (Macrovision Corporation)
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [96056 2013-05-30] (Hewlett-Packard)
HKLM-x32\...\Run: [] => [X]
HKU\S-1-5-21-3909820871-1224786303-567306632-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [8461224 2015-09-16] (Piriform Ltd)
HKU\S-1-5-21-3909820871-1224786303-567306632-1001\...\Run: [Avanquest Message] => C:\Users\bernard\AppData\Local\Avanquest\Avanquest Message\AQNotif.exe [435944 2016-06-22] (Avanquest Software)
HKU\S-1-5-21-3909820871-1224786303-567306632-1001\...\RunOnce: [Uninstall C:\Users\bernard\AppData\Local\Microsoft\OneDrive\17.3.6386.0412\amd64] => C:\windows\system32\cmd.exe /q /c rmdir /s /q "C:\Users\bernard\AppData\Local\Microsoft\OneDrive\17.3.6386.0412\amd64"
Startup: C:\Users\bernard\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Alertes de surveillance de l'encre - HP Deskjet 3050A J611 series.lnk [2015-11-30]
ShortcutTarget: Alertes de surveillance de l'encre - HP Deskjet 3050A J611 series.lnk -> C:\Program Files\HP\HP Deskjet 3050A J611 series\Bin\HPStatusBL.dll (Hewlett-Packard Co.)
Startup: C:\Users\bernard\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Envoyer à OneNote.lnk [2018-02-06]
ShortcutTarget: Envoyer à OneNote.lnk -> C:\Program Files (x86)\Microsoft Office\root\Office16\ONENOTEM.EXE (Microsoft Corporation)
GroupPolicy: Restriction <==== ATTENTION
==================== Internet (Avec liste blanche) ====================
(Si un élément est inclus dans le fichier fixlist.txt, s'il s'agit d'un élément du Registre, il sera supprimé ou restauré à la valeur par défaut.)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.254
Tcpip\..\Interfaces\{0C51BC16-9600-4707-B46D-7BCD8801E194}: [DhcpNameServer] 192.168.1.254
Tcpip\..\Interfaces\{9453B8C5-9B77-4541-AB0F-66D1AF4D81DE}: [DhcpNameServer] 192.168.1.254
Internet Explorer:
==================
HKU\S-1-5-21-3909820871-1224786303-567306632-1001\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <==== ATTENTION
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome
HKU\S-1-5-21-3909820871-1224786303-567306632-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://r.orange.fr/r/Oodc_oi_odc?ref=O_OI_defaultPage_IEe64_w81e64_odc
HKU\S-1-5-21-3909820871-1224786303-567306632-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2018-02-05] (Microsoft Corporation)
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2017-11-20] (AVAST Software)
BHO: Pas de nom -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> Pas de fichier
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2017-11-20] (AVAST Software)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2018-02-05] (Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2018-02-05] (Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2018-02-05] (Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2018-02-05] (Microsoft Corporation)
StartMenuInternet: IEXPLORE.EXE - iexplore.exe
FireFox:
========
FF Plugin: @videolan.org/vlc,version=2.2.4 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2017-11-29] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.2.6 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2017-11-29] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.2.8 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2017-11-29] (VideoLAN)
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/pdf -> C:\Program Files (x86)\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [2014-10-20] (Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.fdf -> C:\Program Files (x86)\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [2014-10-20] (Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.xdp -> C:\Program Files (x86)\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [2014-10-20] (Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.xfdf -> C:\Program Files (x86)\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [2014-10-20] (Foxit Corporation)
FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll [2015-10-13] (Google, Inc.)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.56 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2014-08-13] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2014-08-13] (Intel Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2018-01-22] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-07-07] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-07-07] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.2.4 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2017-11-29] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.6 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2017-11-29] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.8 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2017-11-29] (VideoLAN)
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll [2015-08-13] ()
Chrome:
=======
CHR DefaultProfile: Default
CHR HomePage: Default -> hxxp://start.iminent.com/?appId=61D6F068-81C9-41DC-88B9-CA37AB64CD70
CHR Profile: C:\Users\bernard\AppData\Local\Google\Chrome\User Data\Default [2018-02-12]
CHR Extension: (Docs) - C:\Users\bernard\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-10-12]
CHR Extension: (Google Drive) - C:\Users\bernard\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2017-08-07]
CHR Extension: (YouTube) - C:\Users\bernard\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2017-08-07]
CHR Extension: (Adblock Plus) - C:\Users\bernard\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2018-02-05]
CHR Extension: (Avast Online Security (BETA)) - C:\Users\bernard\AppData\Local\Google\Chrome\User Data\Default\Extensions\daanglpcpkjjlkhcbladppjphglbigam [2018-02-09]
CHR Extension: (Avast SafePrice) - C:\Users\bernard\AppData\Local\Google\Chrome\User Data\Default\Extensions\eofcbnmajmjmplflapaojjnihcjkigck [2017-12-22]
CHR Extension: (Google Docs hors connexion) - C:\Users\bernard\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2017-07-28]
CHR Extension: (Avast Online Security) - C:\Users\bernard\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2017-10-06]
CHR Extension: (Paiements via le Chrome Web Store) - C:\Users\bernard\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-08-22]
CHR Extension: (Gmail) - C:\Users\bernard\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2017-08-07]
CHR Extension: (Chrome Media Router) - C:\Users\bernard\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-08-07]
CHR Profile: C:\Users\bernard\AppData\Local\Google\Chrome\User Data\Guest Profile [2018-02-05]
CHR Profile: C:\Users\bernard\AppData\Local\Google\Chrome\User Data\System Profile [2018-02-05]
CHR HKLM-x32\...\Chrome\Extension: [daanglpcpkjjlkhcbladppjphglbigam] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChromeSp.crx
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx
Opera:
=======
StartMenuInternet: (HKLM) Opera - C:\Program Files\Opera x64\Opera.exe
==================== Services (Avec liste blanche) ====================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
R3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe [7538536 2018-01-05] (AVAST Software)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [301168 2018-01-05] (AVAST Software)
R2 Backupper Service; C:\Program Files (x86)\AOMEI Backupper\ABService.exe [122728 2017-09-04] (AOMEI Tech Co., Ltd.)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [7968432 2018-01-30] (Microsoft Corporation)
R2 GamesAppIntegrationService; C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe [349728 2015-08-13] (WildTangent)
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe [73728 2004-10-22] (Macrovision Corporation) [Fichier non signé]
R2 igfxCUIService1.0.0.0; C:\windows\system32\igfxCUIService.exe [328296 2015-01-28] (Intel Corporation)
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [887256 2014-05-13] (Intel(R) Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [154584 2014-08-13] (Intel Corporation)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [6234056 2017-11-01] (Malwarebytes)
R2 RichVideo64; C:\Program Files\CyberLink\Shared files\RichVideo64.exe [389896 2014-04-14] ()
S3 Roxio UPnP Renderer 9; C:\Program Files (x86)\Roxio\Digital Home 9\RoxioUPnPRenderer9.exe [57344 2006-10-26] (Sonic Solutions) [Fichier non signé]
S2 Roxio Upnp Server 9; C:\Program Files (x86)\Roxio\Digital Home 9\RoxioUpnpService9.exe [294912 2006-10-26] (Sonic Solutions) [Fichier non signé]
S2 RoxLiveShare9; C:\Program Files (x86)\Common Files\Roxio Shared\9.0\SharedCOM\RoxLiveShare9.exe [303104 2006-10-27] (Sonic Solutions) [Fichier non signé]
R3 RoxMediaDB9; C:\Program Files (x86)\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe [880640 2006-10-27] (Sonic Solutions) [Fichier non signé]
R2 RoxWatch9; C:\Program Files (x86)\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatch9.exe [159744 2006-10-27] (Sonic Solutions) [Fichier non signé]
R2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [294104 2015-11-04] (Realtek Semiconductor)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [361824 2017-01-12] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [119872 2017-01-12] (Microsoft Corporation)
===================== Pilotes (Avec liste blanche) ======================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
R0 ambakdrv; C:\windows\System32\ambakdrv.sys [51120 2016-12-21] ()
R2 ammntdrv; C:\windows\system32\ammntdrv.sys [171952 2016-12-21] ()
R2 amwrtdrv; C:\windows\system32\amwrtdrv.sys [38320 2017-09-01] ()
R1 aswArPot; C:\windows\System32\drivers\aswArPot.sys [185096 2018-01-05] (AVAST Software)
R1 aswbidsdriver; C:\windows\System32\drivers\aswbidsdrivera.sys [321512 2018-01-05] (AVAST Software)
R0 aswbidsh; C:\windows\System32\drivers\aswbidsha.sys [199448 2018-01-05] (AVAST Software)
R0 aswblog; C:\windows\System32\drivers\aswbloga.sys [343768 2018-01-05] (AVAST Software)
R0 aswbuniv; C:\windows\System32\drivers\aswbuniva.sys [57696 2018-01-05] (AVAST Software)
R1 aswHdsKe; C:\windows\System32\drivers\aswHdsKe.sys [149344 2018-01-05] (AVAST Software)
S3 aswHwid; C:\windows\System32\drivers\aswHwid.sys [46976 2018-01-05] (AVAST Software)
R1 aswKbd; C:\windows\system32\drivers\aswKbd.sys [41832 2017-09-08] (AVAST Software)
R2 aswMonFlt; C:\windows\System32\drivers\aswMonFlt.sys [146648 2018-01-10] (AVAST Software)
R1 aswRdr; C:\windows\System32\drivers\aswRdr2.sys [110336 2018-01-05] (AVAST Software)
R0 aswRvrt; C:\windows\System32\drivers\aswRvrt.sys [84384 2018-01-05] (AVAST Software)
R1 aswSnx; C:\windows\System32\drivers\aswSnx.sys [1025176 2018-01-05] (AVAST Software)
R1 aswSP; C:\windows\System32\drivers\aswSP.sys [457896 2018-01-10] (AVAST Software)
R2 aswStm; C:\windows\System32\drivers\aswStm.sys [204456 2018-01-05] (AVAST Software)
R0 aswVmm; C:\windows\System32\drivers\aswVmm.sys [358672 2018-01-05] (AVAST Software)
R1 CLVirtualDrive; C:\windows\system32\DRIVERS\CLVirtualDrive.sys [91912 2013-11-12] (CyberLink)
S3 dg_ssudbus; C:\windows\system32\DRIVERS\ssudbus.sys [131984 2017-05-18] (Samsung Electronics Co., Ltd.)
R3 MBAMSwissArmy; C:\windows\System32\Drivers\mbamswissarmy.sys [253880 2018-02-12] (Malwarebytes)
R3 MEIx64; C:\windows\system32\DRIVERS\TeeDriverx64.sys [125952 2014-08-13] (Intel Corporation)
R3 RTWlanE; C:\windows\system32\DRIVERS\rtwlane.sys [3494616 2015-11-04] (Realtek Semiconductor Corporation )
S1 RxFilter; C:\windows\System32\DRIVERS\RxFilter.sys [58880 2006-10-27] (Sonic Solutions) [Fichier non signé]
S1 RxFilter; C:\Windows\SysWOW64\DRIVERS\RxFilter.sys [58880 2006-10-27] (Sonic Solutions) [Fichier non signé]
S3 SNPSTD3; C:\windows\system32\DRIVERS\snpstd3.sys [10550272 2007-03-27] (Sonix Co. Ltd.)
S3 ssudmdm; C:\windows\system32\DRIVERS\ssudmdm.sys [166288 2017-05-18] (Samsung Electronics Co., Ltd.)
S3 WdBoot; C:\windows\system32\drivers\WdBoot.sys [46600 2017-02-10] (Microsoft Corporation)
S3 WdFilter; C:\windows\system32\drivers\WdFilter.sys [274776 2017-01-12] (Microsoft Corporation)
S3 WdNisDrv; C:\windows\System32\Drivers\WdNisDrv.sys [117592 2017-01-12] (Microsoft Corporation)
==================== NetSvcs (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
==================== Un mois - Créés - fichiers et dossiers ========
(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)
2018-02-12 19:53 - 2018-02-12 19:53 - 000020042 _____ C:\Users\bernard\Downloads\FRST.txt
2018-02-12 19:13 - 2018-02-12 19:13 - 000001269 _____ C:\Users\bernard\Desktop\winchk_2.0 (1) - Raccourci.lnk
2018-02-12 19:13 - 2018-02-12 19:13 - 000001195 _____ C:\Users\bernard\Desktop\FRST64 - Raccourci.lnk
2018-02-12 18:56 - 2018-02-12 18:56 - 002405376 _____ (Farbar) C:\Users\bernard\Downloads\FRST64.exe
2018-02-12 17:19 - 2018-02-12 17:19 - 000315000 _____ C:\Users\bernard\Downloads\winchk_2.0 (1).exe
2018-02-12 17:19 - 2018-02-12 17:19 - 000000872 _____ C:\WinChk.txt
2018-02-12 16:55 - 2018-02-12 16:55 - 000001260 _____ C:\Users\bernard\Desktop\CKScanner (1) - Raccourci.lnk
2018-02-12 16:53 - 2018-02-12 16:53 - 000468480 _____ () C:\Users\bernard\Downloads\CKScanner (1).exe
2018-02-12 15:50 - 2018-02-12 15:50 - 000000148 _____ C:\Users\bernard\Desktop\coolman.url
2018-02-12 15:38 - 2018-02-12 15:38 - 000001215 _____ C:\Users\bernard\Desktop\ZHPDiag3 - Raccourci.lnk
2018-02-12 15:36 - 2018-02-12 15:36 - 003007360 _____ C:\Users\bernard\Downloads\ZHPDiag3.exe
2018-02-12 13:27 - 2018-02-12 13:27 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\7-Zip
2018-02-12 13:27 - 2018-02-12 13:27 - 000000000 ____D C:\Program Files\7-Zip
2018-02-12 10:49 - 2018-02-12 10:55 - 000000000 ____D C:\Users\bernard\Downloads\Arrow S06E13 HDTV FASTSUB VOSTFR
2018-02-12 10:04 - 2018-02-12 10:04 - 000000000 ____D C:\ProgramData\SWCUTemp
2018-02-11 14:01 - 2018-02-11 14:01 - 006074880 _____ C:\Users\bernard\Downloads\Rod1.pps
2018-02-09 19:23 - 2018-02-09 20:09 - 000000000 ____D C:\Users\bernard\Downloads\La Casa De Papel S01E12 FRENCH WEB XviD-EXTREME
2018-02-09 19:04 - 2018-02-09 19:11 - 000000000 ____D C:\Users\bernard\Downloads\La Casa De Papel S01E13 FiNAL FRENCH WEB XviD-EXTREME
2018-02-09 19:03 - 2018-02-09 19:10 - 000000000 ____D C:\Users\bernard\Downloads\La Casa De Papel S01E10 FRENCH WEB XviD-EXTREME
2018-02-09 19:03 - 2018-02-09 19:09 - 000000000 ____D C:\Users\bernard\Downloads\La Casa De Papel S01E11 FRENCH WEB XviD-EXTREME
2018-02-09 19:03 - 2018-02-09 19:09 - 000000000 ____D C:\Users\bernard\Downloads\La Casa De Papel S01E09 FRENCH WEB XviD-EXTREME
2018-02-09 19:02 - 2018-02-09 19:09 - 000000000 ____D C:\Users\bernard\Downloads\La Casa De Papel S01E08 FRENCH WEB XviD-EXTREME
2018-02-09 19:00 - 2018-02-09 19:38 - 000000000 ____D C:\Users\bernard\Downloads\La Casa De Papel S01E05 FRENCH WEB XviD-EXTREME
2018-02-09 19:00 - 2018-02-09 19:23 - 000000000 ____D C:\Users\bernard\Downloads\La Casa De Papel S01E06 FRENCH WEB XviD-EXTREME
2018-02-09 19:00 - 2018-02-09 19:04 - 000000000 ____D C:\Users\bernard\Downloads\La Casa De Papel S01E07 FRENCH WEB XviD-EXTREME
2018-02-09 18:55 - 2018-02-09 19:00 - 000000000 ____D C:\Users\bernard\Downloads\La Casa De Papel S01E04 FRENCH WEB XviD-EXTREME
2018-02-09 18:55 - 2018-02-09 19:00 - 000000000 ____D C:\Users\bernard\Downloads\La Casa De Papel S01E03 FRENCH WEB XviD-EXTREME
2018-02-09 18:55 - 2018-02-09 19:00 - 000000000 ____D C:\Users\bernard\Downloads\La Casa De Papel S01E02 FRENCH WEB XviD-EXTREME
2018-02-09 18:55 - 2018-02-09 19:00 - 000000000 ____D C:\Users\bernard\Downloads\La Casa De Papel S01E01 FRENCH WEB XviD-EXTREME
2018-02-09 04:47 - 2018-02-09 04:47 - 000001305 _____ C:\Users\bernard\Desktop\adwcleaner_7.0.8.0 - Raccourci.lnk
2018-02-09 04:45 - 2018-02-09 04:45 - 008222496 _____ (Malwarebytes) C:\Users\bernard\Downloads\adwcleaner_7.0.8.0.exe
2018-02-05 19:24 - 2018-02-05 19:46 - 000000000 ____D C:\Users\bernard\Downloads\Blindspot S03E12 VOSTFR HDTV XviD-EXTREME
2018-02-05 19:23 - 2018-02-05 19:45 - 000000000 ____D C:\Users\bernard\Downloads\Arrow S06E12 HDTV FASTSUB VOSTFR
2018-02-02 16:53 - 2018-02-02 16:54 - 000000000 ____D C:\Users\bernard\Downloads\Karaoke Move Over - Janis Joplin _
2018-02-02 10:38 - 2018-02-02 10:39 - 000000000 ____D C:\Users\bernard\Downloads\Karaoke Fever - Peggy Lee _
2018-02-01 19:45 - 2018-02-01 19:50 - 000000000 ____D C:\Users\bernard\Downloads\L'un dans l'autre French BDRIP
2018-02-01 16:33 - 2018-02-01 16:34 - 000000135 _____ C:\Users\bernard\Desktop\jazzradio.url
2018-01-31 22:31 - 2018-01-31 22:38 - 000000000 ____D C:\Users\bernard\Downloads\LeBonhommedeNeige 2017 TRUEFRENCH BDRip
2018-01-31 22:28 - 2018-01-31 22:45 - 000000000 ____D C:\Users\bernard\Downloads\Mon Garcon 2017 FRENCH BDRip
2018-01-31 22:23 - 2018-01-31 22:40 - 000000000 ____D C:\Users\bernard\Downloads\Fauted'amour 2017 FRENCH BDRip
2018-01-31 22:22 - 2018-01-31 22:28 - 000000000 ____D C:\Users\bernard\Downloads\Commelesautres -&&&&@@@{`@^[{` '%c3%a9&-%c3%a0(%c3%a8%c3%a0%c2%b2(%c2%b2(%c3%a0%c2%b2(%c2%b2'{[@{[{~^[{~[`[#{~##
2018-01-31 17:51 - 2018-01-31 17:51 - 000000000 ____D C:\Users\bernard\Downloads\Karaoke One Way Ticket - Eruption _
2018-01-30 17:38 - 2018-01-30 17:39 - 000000000 ____D C:\Users\bernard\Downloads\Karaoke Honey Don't - The Beatles _
2018-01-30 17:38 - 2018-01-30 17:39 - 000000000 ____D C:\Users\bernard\Downloads\DK050 09 Perkins, Carl Matchbox [karaoke]
2018-01-29 23:39 - 2018-01-29 23:41 - 000000000 ____D C:\Users\bernard\Downloads\Arrow S06E11 HDTV FASTSUB VOSTFR
2018-01-29 20:47 - 2018-01-29 20:49 - 000000000 ____D C:\Users\bernard\Downloads\Blindspot S03E08 VOSTFR HDTV XviD-EXTREME
2018-01-29 20:45 - 2018-01-29 21:38 - 000000000 ____D C:\Users\bernard\Downloads\Blindspot S03E11 VOSTFR WEB-DL x264-FDS
2018-01-25 11:35 - 2018-01-25 11:38 - 000000000 ____D C:\Users\bernard\Downloads\Blindspot S03E10 SUBFRENCH WEB XviD-EXTREME
2018-01-25 11:34 - 2018-01-25 11:37 - 000000000 ____D C:\Users\bernard\Downloads\Blindspot S03E09 VOSTFR HDTV XviD-EXTREME
2018-01-25 11:33 - 2018-01-25 11:36 - 000000000 ____D C:\Users\bernard\Downloads\Arrow S06E10 VOSTFR HDTV XviD-EXTREME
2018-01-23 14:34 - 2018-01-23 14:34 - 003048320 _____ C:\Users\bernard\Downloads\ZHPCleaner.exe
2018-01-23 14:34 - 2018-01-23 14:34 - 003048320 _____ C:\Users\bernard\Downloads\ZHPCleaner (1).exe
2018-01-22 19:05 - 2018-02-01 19:52 - 000000000 ____D C:\Users\bernard\Downloads\Rebel In The Rye 2017 FRENCH HDRip
2018-01-15 16:31 - 2018-02-12 10:04 - 000253880 _____ (Malwarebytes) C:\windows\system32\Drivers\mbamswissarmy.sys
2018-01-15 14:08 - 2018-01-15 17:29 - 000000000 ____D C:\Users\bernard\Downloads\10215517721565120
2018-01-13 18:12 - 2018-01-13 18:13 - 000000000 ____D C:\Users\bernard\Downloads\Etta James _ I'd Rather Go Blind _ Classic version
==================== Un mois - Modifiés - fichiers et dossiers ========
(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)
2018-02-12 19:53 - 2016-04-23 22:22 - 000000000 ____D C:\FRST
2018-02-12 18:53 - 2015-10-02 23:08 - 000000000 ____D C:\Users\bernard\AppData\Roaming\ZHP
2018-02-12 15:13 - 2017-06-07 12:46 - 000000000 ____D C:\Users\bernard\AppData\Local\ZHP
2018-02-12 14:35 - 2015-10-02 18:54 - 000003598 _____ C:\windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-3909820871-1224786303-567306632-1001
2018-02-12 11:38 - 2015-10-06 11:03 - 000000000 ____D C:\Users\bernard\AppData\Local\JDownloader v2.0
2018-02-12 10:10 - 2015-10-02 18:54 - 000000000 ___DO C:\Users\bernard\OneDrive
2018-02-12 10:04 - 2017-09-25 17:02 - 000000082 _____ C:\windows\SysWOW64\winsevr.dat
2018-02-12 10:04 - 2017-09-25 17:02 - 000000000 ____D C:\Program Files (x86)\AOMEI Backupper
2018-02-12 10:04 - 2013-08-22 15:45 - 000000006 ____H C:\windows\Tasks\SA.DAT
2018-02-12 10:04 - 2013-08-22 14:36 - 000000000 ____D C:\windows\Inf
2018-02-11 22:35 - 2013-08-22 14:25 - 000524288 ___SH C:\windows\system32\config\BBI
2018-02-11 21:02 - 2015-10-03 08:41 - 000000000 ____D C:\Users\bernard\AppData\Local\CrashDumps
2018-02-11 16:30 - 2015-12-17 23:40 - 000000010 _____ C:\windows\tarot.cfg
2018-02-11 16:28 - 2015-10-02 20:58 - 000000000 ____D C:\Program Files (x86)\Webtarot
2018-02-09 20:10 - 2015-07-16 00:00 - 000794940 _____ C:\windows\system32\perfh00C.dat
2018-02-09 20:10 - 2015-07-16 00:00 - 000171582 _____ C:\windows\system32\perfc00C.dat
2018-02-09 20:10 - 2014-11-21 03:50 - 001821360 _____ C:\windows\system32\PerfStringBackup.INI
2018-02-09 05:00 - 2015-10-02 23:35 - 000028272 _____ C:\windows\system32\Drivers\TrueSight.sys
2018-02-09 04:46 - 2015-10-07 09:29 - 000000000 ____D C:\AdwCleaner
2018-02-07 07:34 - 2013-08-22 16:20 - 000000000 ____D C:\windows\CbsTemp
2018-02-06 11:54 - 2016-06-08 22:43 - 000004604 _____ C:\windows\System32\Tasks\Adobe Flash Player PPAPI Notifier
2018-02-06 11:54 - 2016-06-08 22:43 - 000004460 _____ C:\windows\System32\Tasks\Adobe Flash Player Updater
2018-02-06 11:54 - 2013-08-22 16:36 - 000000000 ____D C:\windows\SysWOW64\Macromed
2018-02-06 11:54 - 2013-08-22 16:36 - 000000000 ____D C:\windows\system32\Macromed
2018-02-06 08:05 - 2015-11-13 09:13 - 000000000 ____D C:\windows\Minidump
2018-02-06 08:04 - 2015-10-02 08:29 - 000098816 ____N C:\windows\Minidump\020618-48484-01.dmp
2018-02-06 01:07 - 2015-10-02 18:47 - 000000000 ____D C:\Users\bernard
2018-02-05 21:38 - 2017-06-15 01:06 - 000835576 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerApp.exe
2018-02-05 21:38 - 2017-06-15 01:06 - 000177648 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerCPLApp.cpl
2018-02-05 19:38 - 2013-08-22 16:36 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2018-02-05 19:36 - 2015-07-15 16:23 - 000000000 ____D C:\Program Files (x86)\Microsoft Office
2018-02-05 19:06 - 2015-10-05 21:44 - 000000000 ____D C:\ProgramData\Roxio
2018-02-05 18:53 - 2015-12-09 18:24 - 000000000 ____D C:\Users\bernard\AppData\Roaming\MPC-HC
2018-02-02 18:58 - 2017-03-16 12:59 - 000004172 _____ C:\windows\System32\Tasks\Avast Emergency Update
2018-02-01 08:53 - 2017-07-26 17:39 - 000003178 _____ C:\windows\System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-3909820871-1224786303-567306632-1001
2018-02-01 08:53 - 2016-04-26 10:09 - 000002395 _____ C:\Users\bernard\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive Entreprise.lnk
2018-01-24 02:36 - 2013-08-22 16:36 - 000000000 ___HD C:\Program Files\WindowsApps
2018-01-24 02:36 - 2013-08-22 16:36 - 000000000 ____D C:\windows\AppReadiness
2018-01-23 14:35 - 2017-12-19 11:11 - 000000887 _____ C:\Users\bernard\Desktop\ZHPCleaner.lnk
2018-01-23 10:22 - 2017-07-07 07:48 - 000002400 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2018-01-23 10:22 - 2016-06-08 21:14 - 000002506 _____ C:\Users\bernard\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chromium.lnk
2018-01-23 10:22 - 2015-10-02 18:49 - 000001645 _____ C:\Users\bernard\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2018-01-15 12:32 - 2013-08-22 16:36 - 000000000 ____D C:\windows\system32\NDF
==================== Fichiers à la racine de certains dossiers =======
2016-02-23 10:36 - 2017-10-04 18:58 - 002941824 _____ () C:\Users\bernard\ZHPCleaner.exe
2015-10-21 15:06 - 2017-06-26 17:07 - 002755968 _____ () C:\Users\bernard\ZHPDiag3.exe
2016-08-03 08:25 - 2016-08-05 19:15 - 000005120 _____ () C:\Users\bernard\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2015-10-06 15:23 - 2015-10-06 15:23 - 000000000 _____ () C:\Users\bernard\AppData\Local\rx_image.Cache
==================== Bamital & volsnap ======================
(Il n'y a pas de correction automatique pour les fichiers qui ne satisfont pas à la vérification.)
C:\windows\system32\winlogon.exe => Le fichier est signé numériquement
C:\windows\system32\wininit.exe => Le fichier est signé numériquement
C:\windows\explorer.exe => Le fichier est signé numériquement
C:\windows\SysWOW64\explorer.exe => Le fichier est signé numériquement
C:\windows\system32\svchost.exe => Le fichier est signé numériquement
C:\windows\SysWOW64\svchost.exe => Le fichier est signé numériquement
C:\windows\system32\services.exe => Le fichier est signé numériquement
C:\windows\system32\User32.dll => Le fichier est signé numériquement
C:\windows\SysWOW64\User32.dll => Le fichier est signé numériquement
C:\windows\system32\userinit.exe => Le fichier est signé numériquement
C:\windows\SysWOW64\userinit.exe => Le fichier est signé numériquement
C:\windows\system32\rpcss.dll => Le fichier est signé numériquement
C:\windows\system32\dnsapi.dll => Le fichier est signé numériquement
C:\windows\SysWOW64\dnsapi.dll => Le fichier est signé numériquement
C:\windows\system32\Drivers\volsnap.sys => Le fichier est signé numériquement
LastRegBack: 2018-02-12 10:21
==================== Fin de FRST.txt ============================
Exécuté par bernard (administrateur) sur PCBERNARD (12-02-2018 19:53:37)
Exécuté depuis C:\Users\bernard\Downloads
Profils chargés: bernard (Profils disponibles: bernard)
Platform: Windows 8.1 (Update) (X64) Langue: Français (France)
Internet Explorer Version 11 (Navigateur par défaut: Chrome)
Mode d'amorçage: Normal
Tutoriel pour Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processus (Avec liste blanche) =================
(Si un élément est inclus dans le fichier fixlist.txt, le processus sera arrêté. Le fichier ne sera pas déplacé.)
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(AOMEI Tech Co., Ltd.) C:\Program Files (x86)\AOMEI Backupper\ABService.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
() C:\Program Files\CyberLink\Shared files\RichVideo64.exe
(Sonic Solutions) C:\Program Files (x86)\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatch9.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(Orange) C:\Users\bernard\AppData\Roaming\Orange\OrangeInside\OrangeInside.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
(Microsoft Corporation) C:\Windows\System32\SkyDrive.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
() C:\Windows\vsnpstd3.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Sonic Solutions) C:\Program Files (x86)\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatchTray9.exe
(Sonic Solutions) C:\Program Files (x86)\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe
(Sonic Solutions) C:\Program Files (x86)\Common Files\Roxio Shared\9.0\SharedCOM\CPSHelpRunner.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Macrovision Corporation) C:\Program Files (x86)\Common Files\InstallShield\UpdateService\issch.exe
(WildTangent) C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
() C:\Program Files\WindowsApps\32988BernardoZamora.SpiderSolitaireHD_1.18.0.27_x64__1fgex2kbsn6g8\Spider.exe
(Microsoft Corporation) C:\Windows\System32\WWAHost.exe
==================== Registre (Avec liste blanche) ===========================
(Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé. Le fichier ne sera pas déplacé.)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [8465112 2015-11-04] (Realtek Semiconductor)
HKLM\...\Run: [snpstd3] => C:\windows\vsnpstd3.exe [827392 2006-09-19] ()
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [246120 2018-01-05] (AVAST Software)
HKLM-x32\...\Run: [RoxWatchTray] => C:\Program Files (x86)\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatchTray9.exe [221184 2006-10-27] (Sonic Solutions)
HKLM-x32\...\Run: [ISUSPM Startup] => C:\Program Files (x86)\Common Files\InstallShield\UpdateService\ISUSPM.exe [221184 2006-08-25] (Macrovision Corporation)
HKLM-x32\...\Run: [ISUSScheduler] => C:\Program Files (x86)\Common Files\InstallShield\UpdateService\issch.exe [81920 2006-08-25] (Macrovision Corporation)
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [96056 2013-05-30] (Hewlett-Packard)
HKLM-x32\...\Run: [] => [X]
HKU\S-1-5-21-3909820871-1224786303-567306632-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [8461224 2015-09-16] (Piriform Ltd)
HKU\S-1-5-21-3909820871-1224786303-567306632-1001\...\Run: [Avanquest Message] => C:\Users\bernard\AppData\Local\Avanquest\Avanquest Message\AQNotif.exe [435944 2016-06-22] (Avanquest Software)
HKU\S-1-5-21-3909820871-1224786303-567306632-1001\...\RunOnce: [Uninstall C:\Users\bernard\AppData\Local\Microsoft\OneDrive\17.3.6386.0412\amd64] => C:\windows\system32\cmd.exe /q /c rmdir /s /q "C:\Users\bernard\AppData\Local\Microsoft\OneDrive\17.3.6386.0412\amd64"
Startup: C:\Users\bernard\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Alertes de surveillance de l'encre - HP Deskjet 3050A J611 series.lnk [2015-11-30]
ShortcutTarget: Alertes de surveillance de l'encre - HP Deskjet 3050A J611 series.lnk -> C:\Program Files\HP\HP Deskjet 3050A J611 series\Bin\HPStatusBL.dll (Hewlett-Packard Co.)
Startup: C:\Users\bernard\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Envoyer à OneNote.lnk [2018-02-06]
ShortcutTarget: Envoyer à OneNote.lnk -> C:\Program Files (x86)\Microsoft Office\root\Office16\ONENOTEM.EXE (Microsoft Corporation)
GroupPolicy: Restriction <==== ATTENTION
==================== Internet (Avec liste blanche) ====================
(Si un élément est inclus dans le fichier fixlist.txt, s'il s'agit d'un élément du Registre, il sera supprimé ou restauré à la valeur par défaut.)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.254
Tcpip\..\Interfaces\{0C51BC16-9600-4707-B46D-7BCD8801E194}: [DhcpNameServer] 192.168.1.254
Tcpip\..\Interfaces\{9453B8C5-9B77-4541-AB0F-66D1AF4D81DE}: [DhcpNameServer] 192.168.1.254
Internet Explorer:
==================
HKU\S-1-5-21-3909820871-1224786303-567306632-1001\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <==== ATTENTION
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome
HKU\S-1-5-21-3909820871-1224786303-567306632-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://r.orange.fr/r/Oodc_oi_odc?ref=O_OI_defaultPage_IEe64_w81e64_odc
HKU\S-1-5-21-3909820871-1224786303-567306632-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2018-02-05] (Microsoft Corporation)
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2017-11-20] (AVAST Software)
BHO: Pas de nom -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> Pas de fichier
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2017-11-20] (AVAST Software)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2018-02-05] (Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2018-02-05] (Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2018-02-05] (Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2018-02-05] (Microsoft Corporation)
StartMenuInternet: IEXPLORE.EXE - iexplore.exe
FireFox:
========
FF Plugin: @videolan.org/vlc,version=2.2.4 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2017-11-29] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.2.6 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2017-11-29] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.2.8 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2017-11-29] (VideoLAN)
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/pdf -> C:\Program Files (x86)\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [2014-10-20] (Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.fdf -> C:\Program Files (x86)\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [2014-10-20] (Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.xdp -> C:\Program Files (x86)\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [2014-10-20] (Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.xfdf -> C:\Program Files (x86)\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [2014-10-20] (Foxit Corporation)
FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll [2015-10-13] (Google, Inc.)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.56 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2014-08-13] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2014-08-13] (Intel Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2018-01-22] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-07-07] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-07-07] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.2.4 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2017-11-29] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.6 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2017-11-29] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.8 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2017-11-29] (VideoLAN)
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll [2015-08-13] ()
Chrome:
=======
CHR DefaultProfile: Default
CHR HomePage: Default -> hxxp://start.iminent.com/?appId=61D6F068-81C9-41DC-88B9-CA37AB64CD70
CHR Profile: C:\Users\bernard\AppData\Local\Google\Chrome\User Data\Default [2018-02-12]
CHR Extension: (Docs) - C:\Users\bernard\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-10-12]
CHR Extension: (Google Drive) - C:\Users\bernard\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2017-08-07]
CHR Extension: (YouTube) - C:\Users\bernard\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2017-08-07]
CHR Extension: (Adblock Plus) - C:\Users\bernard\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2018-02-05]
CHR Extension: (Avast Online Security (BETA)) - C:\Users\bernard\AppData\Local\Google\Chrome\User Data\Default\Extensions\daanglpcpkjjlkhcbladppjphglbigam [2018-02-09]
CHR Extension: (Avast SafePrice) - C:\Users\bernard\AppData\Local\Google\Chrome\User Data\Default\Extensions\eofcbnmajmjmplflapaojjnihcjkigck [2017-12-22]
CHR Extension: (Google Docs hors connexion) - C:\Users\bernard\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2017-07-28]
CHR Extension: (Avast Online Security) - C:\Users\bernard\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2017-10-06]
CHR Extension: (Paiements via le Chrome Web Store) - C:\Users\bernard\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-08-22]
CHR Extension: (Gmail) - C:\Users\bernard\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2017-08-07]
CHR Extension: (Chrome Media Router) - C:\Users\bernard\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-08-07]
CHR Profile: C:\Users\bernard\AppData\Local\Google\Chrome\User Data\Guest Profile [2018-02-05]
CHR Profile: C:\Users\bernard\AppData\Local\Google\Chrome\User Data\System Profile [2018-02-05]
CHR HKLM-x32\...\Chrome\Extension: [daanglpcpkjjlkhcbladppjphglbigam] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChromeSp.crx
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx
Opera:
=======
StartMenuInternet: (HKLM) Opera - C:\Program Files\Opera x64\Opera.exe
==================== Services (Avec liste blanche) ====================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
R3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe [7538536 2018-01-05] (AVAST Software)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [301168 2018-01-05] (AVAST Software)
R2 Backupper Service; C:\Program Files (x86)\AOMEI Backupper\ABService.exe [122728 2017-09-04] (AOMEI Tech Co., Ltd.)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [7968432 2018-01-30] (Microsoft Corporation)
R2 GamesAppIntegrationService; C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe [349728 2015-08-13] (WildTangent)
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe [73728 2004-10-22] (Macrovision Corporation) [Fichier non signé]
R2 igfxCUIService1.0.0.0; C:\windows\system32\igfxCUIService.exe [328296 2015-01-28] (Intel Corporation)
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [887256 2014-05-13] (Intel(R) Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [154584 2014-08-13] (Intel Corporation)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [6234056 2017-11-01] (Malwarebytes)
R2 RichVideo64; C:\Program Files\CyberLink\Shared files\RichVideo64.exe [389896 2014-04-14] ()
S3 Roxio UPnP Renderer 9; C:\Program Files (x86)\Roxio\Digital Home 9\RoxioUPnPRenderer9.exe [57344 2006-10-26] (Sonic Solutions) [Fichier non signé]
S2 Roxio Upnp Server 9; C:\Program Files (x86)\Roxio\Digital Home 9\RoxioUpnpService9.exe [294912 2006-10-26] (Sonic Solutions) [Fichier non signé]
S2 RoxLiveShare9; C:\Program Files (x86)\Common Files\Roxio Shared\9.0\SharedCOM\RoxLiveShare9.exe [303104 2006-10-27] (Sonic Solutions) [Fichier non signé]
R3 RoxMediaDB9; C:\Program Files (x86)\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe [880640 2006-10-27] (Sonic Solutions) [Fichier non signé]
R2 RoxWatch9; C:\Program Files (x86)\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatch9.exe [159744 2006-10-27] (Sonic Solutions) [Fichier non signé]
R2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [294104 2015-11-04] (Realtek Semiconductor)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [361824 2017-01-12] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [119872 2017-01-12] (Microsoft Corporation)
===================== Pilotes (Avec liste blanche) ======================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
R0 ambakdrv; C:\windows\System32\ambakdrv.sys [51120 2016-12-21] ()
R2 ammntdrv; C:\windows\system32\ammntdrv.sys [171952 2016-12-21] ()
R2 amwrtdrv; C:\windows\system32\amwrtdrv.sys [38320 2017-09-01] ()
R1 aswArPot; C:\windows\System32\drivers\aswArPot.sys [185096 2018-01-05] (AVAST Software)
R1 aswbidsdriver; C:\windows\System32\drivers\aswbidsdrivera.sys [321512 2018-01-05] (AVAST Software)
R0 aswbidsh; C:\windows\System32\drivers\aswbidsha.sys [199448 2018-01-05] (AVAST Software)
R0 aswblog; C:\windows\System32\drivers\aswbloga.sys [343768 2018-01-05] (AVAST Software)
R0 aswbuniv; C:\windows\System32\drivers\aswbuniva.sys [57696 2018-01-05] (AVAST Software)
R1 aswHdsKe; C:\windows\System32\drivers\aswHdsKe.sys [149344 2018-01-05] (AVAST Software)
S3 aswHwid; C:\windows\System32\drivers\aswHwid.sys [46976 2018-01-05] (AVAST Software)
R1 aswKbd; C:\windows\system32\drivers\aswKbd.sys [41832 2017-09-08] (AVAST Software)
R2 aswMonFlt; C:\windows\System32\drivers\aswMonFlt.sys [146648 2018-01-10] (AVAST Software)
R1 aswRdr; C:\windows\System32\drivers\aswRdr2.sys [110336 2018-01-05] (AVAST Software)
R0 aswRvrt; C:\windows\System32\drivers\aswRvrt.sys [84384 2018-01-05] (AVAST Software)
R1 aswSnx; C:\windows\System32\drivers\aswSnx.sys [1025176 2018-01-05] (AVAST Software)
R1 aswSP; C:\windows\System32\drivers\aswSP.sys [457896 2018-01-10] (AVAST Software)
R2 aswStm; C:\windows\System32\drivers\aswStm.sys [204456 2018-01-05] (AVAST Software)
R0 aswVmm; C:\windows\System32\drivers\aswVmm.sys [358672 2018-01-05] (AVAST Software)
R1 CLVirtualDrive; C:\windows\system32\DRIVERS\CLVirtualDrive.sys [91912 2013-11-12] (CyberLink)
S3 dg_ssudbus; C:\windows\system32\DRIVERS\ssudbus.sys [131984 2017-05-18] (Samsung Electronics Co., Ltd.)
R3 MBAMSwissArmy; C:\windows\System32\Drivers\mbamswissarmy.sys [253880 2018-02-12] (Malwarebytes)
R3 MEIx64; C:\windows\system32\DRIVERS\TeeDriverx64.sys [125952 2014-08-13] (Intel Corporation)
R3 RTWlanE; C:\windows\system32\DRIVERS\rtwlane.sys [3494616 2015-11-04] (Realtek Semiconductor Corporation )
S1 RxFilter; C:\windows\System32\DRIVERS\RxFilter.sys [58880 2006-10-27] (Sonic Solutions) [Fichier non signé]
S1 RxFilter; C:\Windows\SysWOW64\DRIVERS\RxFilter.sys [58880 2006-10-27] (Sonic Solutions) [Fichier non signé]
S3 SNPSTD3; C:\windows\system32\DRIVERS\snpstd3.sys [10550272 2007-03-27] (Sonix Co. Ltd.)
S3 ssudmdm; C:\windows\system32\DRIVERS\ssudmdm.sys [166288 2017-05-18] (Samsung Electronics Co., Ltd.)
S3 WdBoot; C:\windows\system32\drivers\WdBoot.sys [46600 2017-02-10] (Microsoft Corporation)
S3 WdFilter; C:\windows\system32\drivers\WdFilter.sys [274776 2017-01-12] (Microsoft Corporation)
S3 WdNisDrv; C:\windows\System32\Drivers\WdNisDrv.sys [117592 2017-01-12] (Microsoft Corporation)
==================== NetSvcs (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
==================== Un mois - Créés - fichiers et dossiers ========
(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)
2018-02-12 19:53 - 2018-02-12 19:53 - 000020042 _____ C:\Users\bernard\Downloads\FRST.txt
2018-02-12 19:13 - 2018-02-12 19:13 - 000001269 _____ C:\Users\bernard\Desktop\winchk_2.0 (1) - Raccourci.lnk
2018-02-12 19:13 - 2018-02-12 19:13 - 000001195 _____ C:\Users\bernard\Desktop\FRST64 - Raccourci.lnk
2018-02-12 18:56 - 2018-02-12 18:56 - 002405376 _____ (Farbar) C:\Users\bernard\Downloads\FRST64.exe
2018-02-12 17:19 - 2018-02-12 17:19 - 000315000 _____ C:\Users\bernard\Downloads\winchk_2.0 (1).exe
2018-02-12 17:19 - 2018-02-12 17:19 - 000000872 _____ C:\WinChk.txt
2018-02-12 16:55 - 2018-02-12 16:55 - 000001260 _____ C:\Users\bernard\Desktop\CKScanner (1) - Raccourci.lnk
2018-02-12 16:53 - 2018-02-12 16:53 - 000468480 _____ () C:\Users\bernard\Downloads\CKScanner (1).exe
2018-02-12 15:50 - 2018-02-12 15:50 - 000000148 _____ C:\Users\bernard\Desktop\coolman.url
2018-02-12 15:38 - 2018-02-12 15:38 - 000001215 _____ C:\Users\bernard\Desktop\ZHPDiag3 - Raccourci.lnk
2018-02-12 15:36 - 2018-02-12 15:36 - 003007360 _____ C:\Users\bernard\Downloads\ZHPDiag3.exe
2018-02-12 13:27 - 2018-02-12 13:27 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\7-Zip
2018-02-12 13:27 - 2018-02-12 13:27 - 000000000 ____D C:\Program Files\7-Zip
2018-02-12 10:49 - 2018-02-12 10:55 - 000000000 ____D C:\Users\bernard\Downloads\Arrow S06E13 HDTV FASTSUB VOSTFR
2018-02-12 10:04 - 2018-02-12 10:04 - 000000000 ____D C:\ProgramData\SWCUTemp
2018-02-11 14:01 - 2018-02-11 14:01 - 006074880 _____ C:\Users\bernard\Downloads\Rod1.pps
2018-02-09 19:23 - 2018-02-09 20:09 - 000000000 ____D C:\Users\bernard\Downloads\La Casa De Papel S01E12 FRENCH WEB XviD-EXTREME
2018-02-09 19:04 - 2018-02-09 19:11 - 000000000 ____D C:\Users\bernard\Downloads\La Casa De Papel S01E13 FiNAL FRENCH WEB XviD-EXTREME
2018-02-09 19:03 - 2018-02-09 19:10 - 000000000 ____D C:\Users\bernard\Downloads\La Casa De Papel S01E10 FRENCH WEB XviD-EXTREME
2018-02-09 19:03 - 2018-02-09 19:09 - 000000000 ____D C:\Users\bernard\Downloads\La Casa De Papel S01E11 FRENCH WEB XviD-EXTREME
2018-02-09 19:03 - 2018-02-09 19:09 - 000000000 ____D C:\Users\bernard\Downloads\La Casa De Papel S01E09 FRENCH WEB XviD-EXTREME
2018-02-09 19:02 - 2018-02-09 19:09 - 000000000 ____D C:\Users\bernard\Downloads\La Casa De Papel S01E08 FRENCH WEB XviD-EXTREME
2018-02-09 19:00 - 2018-02-09 19:38 - 000000000 ____D C:\Users\bernard\Downloads\La Casa De Papel S01E05 FRENCH WEB XviD-EXTREME
2018-02-09 19:00 - 2018-02-09 19:23 - 000000000 ____D C:\Users\bernard\Downloads\La Casa De Papel S01E06 FRENCH WEB XviD-EXTREME
2018-02-09 19:00 - 2018-02-09 19:04 - 000000000 ____D C:\Users\bernard\Downloads\La Casa De Papel S01E07 FRENCH WEB XviD-EXTREME
2018-02-09 18:55 - 2018-02-09 19:00 - 000000000 ____D C:\Users\bernard\Downloads\La Casa De Papel S01E04 FRENCH WEB XviD-EXTREME
2018-02-09 18:55 - 2018-02-09 19:00 - 000000000 ____D C:\Users\bernard\Downloads\La Casa De Papel S01E03 FRENCH WEB XviD-EXTREME
2018-02-09 18:55 - 2018-02-09 19:00 - 000000000 ____D C:\Users\bernard\Downloads\La Casa De Papel S01E02 FRENCH WEB XviD-EXTREME
2018-02-09 18:55 - 2018-02-09 19:00 - 000000000 ____D C:\Users\bernard\Downloads\La Casa De Papel S01E01 FRENCH WEB XviD-EXTREME
2018-02-09 04:47 - 2018-02-09 04:47 - 000001305 _____ C:\Users\bernard\Desktop\adwcleaner_7.0.8.0 - Raccourci.lnk
2018-02-09 04:45 - 2018-02-09 04:45 - 008222496 _____ (Malwarebytes) C:\Users\bernard\Downloads\adwcleaner_7.0.8.0.exe
2018-02-05 19:24 - 2018-02-05 19:46 - 000000000 ____D C:\Users\bernard\Downloads\Blindspot S03E12 VOSTFR HDTV XviD-EXTREME
2018-02-05 19:23 - 2018-02-05 19:45 - 000000000 ____D C:\Users\bernard\Downloads\Arrow S06E12 HDTV FASTSUB VOSTFR
2018-02-02 16:53 - 2018-02-02 16:54 - 000000000 ____D C:\Users\bernard\Downloads\Karaoke Move Over - Janis Joplin _
2018-02-02 10:38 - 2018-02-02 10:39 - 000000000 ____D C:\Users\bernard\Downloads\Karaoke Fever - Peggy Lee _
2018-02-01 19:45 - 2018-02-01 19:50 - 000000000 ____D C:\Users\bernard\Downloads\L'un dans l'autre French BDRIP
2018-02-01 16:33 - 2018-02-01 16:34 - 000000135 _____ C:\Users\bernard\Desktop\jazzradio.url
2018-01-31 22:31 - 2018-01-31 22:38 - 000000000 ____D C:\Users\bernard\Downloads\LeBonhommedeNeige 2017 TRUEFRENCH BDRip
2018-01-31 22:28 - 2018-01-31 22:45 - 000000000 ____D C:\Users\bernard\Downloads\Mon Garcon 2017 FRENCH BDRip
2018-01-31 22:23 - 2018-01-31 22:40 - 000000000 ____D C:\Users\bernard\Downloads\Fauted'amour 2017 FRENCH BDRip
2018-01-31 22:22 - 2018-01-31 22:28 - 000000000 ____D C:\Users\bernard\Downloads\Commelesautres -&&&&@@@{`@^[{` '%c3%a9&-%c3%a0(%c3%a8%c3%a0%c2%b2(%c2%b2(%c3%a0%c2%b2(%c2%b2'{[@{[{~^[{~[`[#{~##
2018-01-31 17:51 - 2018-01-31 17:51 - 000000000 ____D C:\Users\bernard\Downloads\Karaoke One Way Ticket - Eruption _
2018-01-30 17:38 - 2018-01-30 17:39 - 000000000 ____D C:\Users\bernard\Downloads\Karaoke Honey Don't - The Beatles _
2018-01-30 17:38 - 2018-01-30 17:39 - 000000000 ____D C:\Users\bernard\Downloads\DK050 09 Perkins, Carl Matchbox [karaoke]
2018-01-29 23:39 - 2018-01-29 23:41 - 000000000 ____D C:\Users\bernard\Downloads\Arrow S06E11 HDTV FASTSUB VOSTFR
2018-01-29 20:47 - 2018-01-29 20:49 - 000000000 ____D C:\Users\bernard\Downloads\Blindspot S03E08 VOSTFR HDTV XviD-EXTREME
2018-01-29 20:45 - 2018-01-29 21:38 - 000000000 ____D C:\Users\bernard\Downloads\Blindspot S03E11 VOSTFR WEB-DL x264-FDS
2018-01-25 11:35 - 2018-01-25 11:38 - 000000000 ____D C:\Users\bernard\Downloads\Blindspot S03E10 SUBFRENCH WEB XviD-EXTREME
2018-01-25 11:34 - 2018-01-25 11:37 - 000000000 ____D C:\Users\bernard\Downloads\Blindspot S03E09 VOSTFR HDTV XviD-EXTREME
2018-01-25 11:33 - 2018-01-25 11:36 - 000000000 ____D C:\Users\bernard\Downloads\Arrow S06E10 VOSTFR HDTV XviD-EXTREME
2018-01-23 14:34 - 2018-01-23 14:34 - 003048320 _____ C:\Users\bernard\Downloads\ZHPCleaner.exe
2018-01-23 14:34 - 2018-01-23 14:34 - 003048320 _____ C:\Users\bernard\Downloads\ZHPCleaner (1).exe
2018-01-22 19:05 - 2018-02-01 19:52 - 000000000 ____D C:\Users\bernard\Downloads\Rebel In The Rye 2017 FRENCH HDRip
2018-01-15 16:31 - 2018-02-12 10:04 - 000253880 _____ (Malwarebytes) C:\windows\system32\Drivers\mbamswissarmy.sys
2018-01-15 14:08 - 2018-01-15 17:29 - 000000000 ____D C:\Users\bernard\Downloads\10215517721565120
2018-01-13 18:12 - 2018-01-13 18:13 - 000000000 ____D C:\Users\bernard\Downloads\Etta James _ I'd Rather Go Blind _ Classic version
==================== Un mois - Modifiés - fichiers et dossiers ========
(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)
2018-02-12 19:53 - 2016-04-23 22:22 - 000000000 ____D C:\FRST
2018-02-12 18:53 - 2015-10-02 23:08 - 000000000 ____D C:\Users\bernard\AppData\Roaming\ZHP
2018-02-12 15:13 - 2017-06-07 12:46 - 000000000 ____D C:\Users\bernard\AppData\Local\ZHP
2018-02-12 14:35 - 2015-10-02 18:54 - 000003598 _____ C:\windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-3909820871-1224786303-567306632-1001
2018-02-12 11:38 - 2015-10-06 11:03 - 000000000 ____D C:\Users\bernard\AppData\Local\JDownloader v2.0
2018-02-12 10:10 - 2015-10-02 18:54 - 000000000 ___DO C:\Users\bernard\OneDrive
2018-02-12 10:04 - 2017-09-25 17:02 - 000000082 _____ C:\windows\SysWOW64\winsevr.dat
2018-02-12 10:04 - 2017-09-25 17:02 - 000000000 ____D C:\Program Files (x86)\AOMEI Backupper
2018-02-12 10:04 - 2013-08-22 15:45 - 000000006 ____H C:\windows\Tasks\SA.DAT
2018-02-12 10:04 - 2013-08-22 14:36 - 000000000 ____D C:\windows\Inf
2018-02-11 22:35 - 2013-08-22 14:25 - 000524288 ___SH C:\windows\system32\config\BBI
2018-02-11 21:02 - 2015-10-03 08:41 - 000000000 ____D C:\Users\bernard\AppData\Local\CrashDumps
2018-02-11 16:30 - 2015-12-17 23:40 - 000000010 _____ C:\windows\tarot.cfg
2018-02-11 16:28 - 2015-10-02 20:58 - 000000000 ____D C:\Program Files (x86)\Webtarot
2018-02-09 20:10 - 2015-07-16 00:00 - 000794940 _____ C:\windows\system32\perfh00C.dat
2018-02-09 20:10 - 2015-07-16 00:00 - 000171582 _____ C:\windows\system32\perfc00C.dat
2018-02-09 20:10 - 2014-11-21 03:50 - 001821360 _____ C:\windows\system32\PerfStringBackup.INI
2018-02-09 05:00 - 2015-10-02 23:35 - 000028272 _____ C:\windows\system32\Drivers\TrueSight.sys
2018-02-09 04:46 - 2015-10-07 09:29 - 000000000 ____D C:\AdwCleaner
2018-02-07 07:34 - 2013-08-22 16:20 - 000000000 ____D C:\windows\CbsTemp
2018-02-06 11:54 - 2016-06-08 22:43 - 000004604 _____ C:\windows\System32\Tasks\Adobe Flash Player PPAPI Notifier
2018-02-06 11:54 - 2016-06-08 22:43 - 000004460 _____ C:\windows\System32\Tasks\Adobe Flash Player Updater
2018-02-06 11:54 - 2013-08-22 16:36 - 000000000 ____D C:\windows\SysWOW64\Macromed
2018-02-06 11:54 - 2013-08-22 16:36 - 000000000 ____D C:\windows\system32\Macromed
2018-02-06 08:05 - 2015-11-13 09:13 - 000000000 ____D C:\windows\Minidump
2018-02-06 08:04 - 2015-10-02 08:29 - 000098816 ____N C:\windows\Minidump\020618-48484-01.dmp
2018-02-06 01:07 - 2015-10-02 18:47 - 000000000 ____D C:\Users\bernard
2018-02-05 21:38 - 2017-06-15 01:06 - 000835576 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerApp.exe
2018-02-05 21:38 - 2017-06-15 01:06 - 000177648 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerCPLApp.cpl
2018-02-05 19:38 - 2013-08-22 16:36 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2018-02-05 19:36 - 2015-07-15 16:23 - 000000000 ____D C:\Program Files (x86)\Microsoft Office
2018-02-05 19:06 - 2015-10-05 21:44 - 000000000 ____D C:\ProgramData\Roxio
2018-02-05 18:53 - 2015-12-09 18:24 - 000000000 ____D C:\Users\bernard\AppData\Roaming\MPC-HC
2018-02-02 18:58 - 2017-03-16 12:59 - 000004172 _____ C:\windows\System32\Tasks\Avast Emergency Update
2018-02-01 08:53 - 2017-07-26 17:39 - 000003178 _____ C:\windows\System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-3909820871-1224786303-567306632-1001
2018-02-01 08:53 - 2016-04-26 10:09 - 000002395 _____ C:\Users\bernard\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive Entreprise.lnk
2018-01-24 02:36 - 2013-08-22 16:36 - 000000000 ___HD C:\Program Files\WindowsApps
2018-01-24 02:36 - 2013-08-22 16:36 - 000000000 ____D C:\windows\AppReadiness
2018-01-23 14:35 - 2017-12-19 11:11 - 000000887 _____ C:\Users\bernard\Desktop\ZHPCleaner.lnk
2018-01-23 10:22 - 2017-07-07 07:48 - 000002400 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2018-01-23 10:22 - 2016-06-08 21:14 - 000002506 _____ C:\Users\bernard\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chromium.lnk
2018-01-23 10:22 - 2015-10-02 18:49 - 000001645 _____ C:\Users\bernard\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2018-01-15 12:32 - 2013-08-22 16:36 - 000000000 ____D C:\windows\system32\NDF
==================== Fichiers à la racine de certains dossiers =======
2016-02-23 10:36 - 2017-10-04 18:58 - 002941824 _____ () C:\Users\bernard\ZHPCleaner.exe
2015-10-21 15:06 - 2017-06-26 17:07 - 002755968 _____ () C:\Users\bernard\ZHPDiag3.exe
2016-08-03 08:25 - 2016-08-05 19:15 - 000005120 _____ () C:\Users\bernard\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2015-10-06 15:23 - 2015-10-06 15:23 - 000000000 _____ () C:\Users\bernard\AppData\Local\rx_image.Cache
==================== Bamital & volsnap ======================
(Il n'y a pas de correction automatique pour les fichiers qui ne satisfont pas à la vérification.)
C:\windows\system32\winlogon.exe => Le fichier est signé numériquement
C:\windows\system32\wininit.exe => Le fichier est signé numériquement
C:\windows\explorer.exe => Le fichier est signé numériquement
C:\windows\SysWOW64\explorer.exe => Le fichier est signé numériquement
C:\windows\system32\svchost.exe => Le fichier est signé numériquement
C:\windows\SysWOW64\svchost.exe => Le fichier est signé numériquement
C:\windows\system32\services.exe => Le fichier est signé numériquement
C:\windows\system32\User32.dll => Le fichier est signé numériquement
C:\windows\SysWOW64\User32.dll => Le fichier est signé numériquement
C:\windows\system32\userinit.exe => Le fichier est signé numériquement
C:\windows\SysWOW64\userinit.exe => Le fichier est signé numériquement
C:\windows\system32\rpcss.dll => Le fichier est signé numériquement
C:\windows\system32\dnsapi.dll => Le fichier est signé numériquement
C:\windows\SysWOW64\dnsapi.dll => Le fichier est signé numériquement
C:\windows\system32\Drivers\volsnap.sys => Le fichier est signé numériquement
LastRegBack: 2018-02-12 10:21
==================== Fin de FRST.txt ============================