Publicité
Publicité
Format du document : text/plain
Prévisualisation
Résultats d'analyse de Farbar Recovery Scan Tool (FRST) (x86) Version: 23.04.2018
Exécuté par ROLAND (administrateur) sur PC-DE-SOPHIA (04-05-2018 18:41:12)
Exécuté depuis C:\Users\ROLAND\Desktop\FRST
Profils chargés: ROLAND (Profils disponibles: ROLAND)
Platform: Microsoft Windows 7 Édition Familiale Premium Service Pack 1 (X86) Langue: Français (France)
Internet Explorer Version 11 (Navigateur par défaut: Opera)
Mode d'amorçage: Normal
Tutoriel pour Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processus (Avec liste blanche) =================
(Si un élément est inclus dans le fichier fixlist.txt, le processus sera arrêté. Le fichier ne sera pas déplacé.)
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Microsoft Corporation) C:\Program Files\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
(Microsoft Corporation) C:\Program Files\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
(Intel) C:\Program Files\Intel Driver and Support Assistant\DSAService.exe
(SEIKO EPSON CORPORATION) C:\Program Files\epson\EpsonCustomerParticipation\EPCP.exe
(Seiko Epson Corporation) C:\Windows\System32\escsvc.exe
(Teruten) C:\Windows\System32\FsUsbExService.Exe
() C:\Program Files\HiSuite\HandSetService\HuaweiHiSuiteService.exe
() C:\Windows\System32\PnkBstrA.exe
() C:\Program Files\RealNetworks\RealDownloader\rndlresolversvc.exe
(RealNetworks, Inc.) C:\Program Files\Real\RealPlayer\RPDS\Bin\rpdsvc.exe
() C:\Program Files\Real\UpdateService\RealPlayerUpdateSvc.exe
(SDL) C:\Program Files\Common Files\SDL\Telemetrics\Sdl.Desktop.ProductTelemetrics.Host.Windows.exe
(TOSHIBA Corporation) C:\Windows\System32\TODDSrv.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe
(Ulead Systems, Inc.) C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
(Toshiba) C:\Program Files\TOSHIBA\SmartFaceV\SmartFaceVWatchSrv.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\aswidsagent.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Synaptics, Inc.) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
(Synaptics, Inc.) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\Power Saver\TPwrMain.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\SmoothView\SmoothView.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(RealNetworks, Inc.) C:\Program Files\Real\RealPlayer\Update\realsched.exe
(SEIKO EPSON CORPORATION) C:\Program Files\Epson Software\FAX Utility\FUFAXRCV.exe
(SEIKO EPSON CORPORATION) C:\Program Files\Epson Software\Event Manager\EEventManager.exe
(Intel Corporation) C:\Windows\System32\igfxext.exe
(Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
(Hewlett-Packard) C:\Program Files\HP\HP Software Update\hpwuschd2.exe
(Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jusched.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(TOSHIBA) C:\Program Files\TOSHIBA\TOSCDSPD\TOSCDSPD.exe
(Microsoft Corporation) C:\Windows\System32\wbem\unsecapp.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(LSI Corporation) C:\Program Files\LSI SoftModem\agrsmsvc.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(AVAST Software) C:\Program Files\AVAST Software\Browser\Update\1.4.136.333\AvastBrowserCrashHandler.exe
(TOSHIBA CORPORATION) C:\Program Files\TOSHIBA\ConfigFree\CFIWmxSvcs.exe
(TOSHIBA CORPORATION) C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner.exe
(Microsoft Corporation) C:\Windows\System32\msiexec.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
==================== Registre (Avec liste blanche) ===========================
(Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé. Le fichier ne sera pas déplacé.)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [1348904 2008-08-14] (Synaptics, Inc.)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe [7625248 2009-07-28] (Realtek Semiconductor)
HKLM\...\Run: [Acrobat Assistant 8.0] => C:\Program Files\Adobe\Acrobat 8.0\Acrobat\Acrotray.exe [620152 2006-10-22] (Adobe Systems Inc.)
HKLM\...\Run: [Camera Assistant Software] => C:\Program Files\Camera Assistant Software for Toshiba\traybar.exe [417792 2008-09-26] (Chicony)
HKLM\...\Run: [Google Desktop Search] => C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe [30192 2010-09-10] (Google)
HKLM\...\Run: [Google EULA Launcher] => c:\Program Files\Google\Google EULA\GoogleEULALauncher.exe [20480 2008-05-28] ( )
HKLM\...\Run: [topi] => C:\Program Files\TOSHIBA\Toshiba Online Product Information\topi.exe [581632 2007-07-10] (TOSHIBA)
HKLM\...\Run: [Adobe_ID0EYTHM] => C:\Program Files\Common Files\Adobe\Adobe Version Cue CS3\Server\bin\VersionCueCS3Tray.exe [1884160 2007-03-20] (Adobe Systems Incorporated)
HKLM\...\Run: [TPwrMain] => C:\Program Files\TOSHIBA\Power Saver\TPwrMain.EXE [476512 2009-08-21] (TOSHIBA Corporation)
HKLM\...\Run: [HSON] => C:\Program Files\TOSHIBA\TBS\HSON.exe [55160 2009-03-09] (TOSHIBA Corporation)
HKLM\...\Run: [SmoothView] => C:\Program Files\Toshiba\SmoothView\SmoothView.exe [521528 2009-08-13] (TOSHIBA Corporation)
HKLM\...\Run: [00TCrdMain] => C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe [738616 2009-08-05] (TOSHIBA Corporation)
HKLM\...\Run: [APSDaemon] => C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe [67896 2017-11-30] (Apple Inc.)
HKLM\...\Run: [DivXMediaServer] => C:\Program Files\DivX\DivX Media Server\DivXMediaServer.exe [1057240 2017-11-18] (DivX, LLC)
HKLM\...\Run: [TkBellExe] => c:\program files\real\realplayer\Update\realsched.exe [296520 2014-07-09] (RealNetworks, Inc.)
HKLM\...\Run: [FUFAXRCV] => C:\Program Files\Epson Software\FAX Utility\FUFAXRCV.exe [650784 2015-01-20] (SEIKO EPSON CORPORATION)
HKLM\...\Run: [FUFAXSTM] => C:\Program Files\Epson Software\FAX Utility\FUFAXSTM.exe [863776 2015-01-20] (SEIKO EPSON CORPORATION)
HKLM\...\Run: [IJNetworkScannerSelectorEX] => C:\Program Files\Canon\IJ Network Scanner Selector EX\CNMNSST.exe [449168 2012-03-26] (CANON INC.)
HKLM\...\Run: [EEventManager] => C:\Program Files\Epson Software\Event Manager\EEventManager.exe [1065024 2014-06-10] (SEIKO EPSON CORPORATION)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [499608 2011-03-15] (Adobe Systems Incorporated)
HKLM\...\Run: [DSATray] => C:\Program Files\Intel Driver and Support Assistant\DsaTray.exe [131360 2017-09-18] (Intel)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [261432 2017-09-11] (Apple Inc.)
HKLM\...\Run: [HP Software Update] => C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe [96056 2013-05-30] (Hewlett-Packard)
HKLM\...\Run: [] => [X]
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [242392 2018-05-03] (AVAST Software)
HKLM\...\Run: [SunJavaUpdateSched] => C:\Program Files\Common Files\Java\Java Update\jusched.exe [588704 2018-03-28] (Oracle Corporation)
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKU\S-1-5-21-752407965-2584871733-3107330616-1000\...\Run: [ehTray.exe] => C:\Windows\ehome\ehTray.exe [144384 2010-11-20] (Microsoft Corporation)
HKU\S-1-5-21-752407965-2584871733-3107330616-1000\...\Run: [TOSCDSPD] => C:\Program Files\TOSHIBA\TOSCDSPD\TOSCDSPD.exe [430080 2008-04-24] (TOSHIBA)
HKU\S-1-5-21-752407965-2584871733-3107330616-1000\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner.exe [13619968 2018-04-12] (Piriform Ltd)
HKU\S-1-5-21-752407965-2584871733-3107330616-1000\...\Run: [DAEMON Tools Lite] => C:\Program Files\DAEMON Tools Lite\DTLite.exe [3696912 2014-03-04] (Disc Soft Ltd)
HKU\S-1-5-21-752407965-2584871733-3107330616-1000\...\MountPoints2: {1b71d232-0713-11e3-b345-001e33f4664a} - F:\AOEINST.EXE /autorun
HKU\S-1-5-21-752407965-2584871733-3107330616-1000\...\MountPoints2: {91d6aa29-6c89-11e2-b229-001e33f4664a} - F:\AOEINST.EXE /autorun
HKU\S-1-5-21-752407965-2584871733-3107330616-1000\...\MountPoints2: {a6eeb89c-323a-11e7-82ba-001e33f4664a} - G:\HiSuiteDownLoader.exe
HKU\S-1-5-21-752407965-2584871733-3107330616-1000\...\MountPoints2: {e404264f-7286-11e0-b03a-001e33f4664a} - F:\autorun.exe
HKU\S-1-5-21-752407965-2584871733-3107330616-1000\...\MountPoints2: {ec644fa0-4dbd-11e7-8384-001e33f4664a} - G:\HiSuiteDownLoader.exe
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Adobe Reader Synchronizer.lnk [2015-09-08]
ShortcutTarget: Adobe Reader Synchronizer.lnk -> C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AdobeCollabSync.exe ()
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Lancement rapide d'Adobe Acrobat.lnk [2015-09-08]
ShortcutTarget: Lancement rapide d'Adobe Acrobat.lnk -> C:\Windows\Installer\{AC76BA86-1033-F400-7760-000000000003}\_SC_Acrobat.exe ()
Startup: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\TRDCReminder.lnk [2008-08-07]
ShortcutTarget: TRDCReminder.lnk -> C:\Program Files\TOSHIBA\TRDCReminder\TRDCReminder.exe (TOSHIBA Europe)
Startup: C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\TRDCReminder.lnk [2008-08-07]
ShortcutTarget: TRDCReminder.lnk -> C:\Program Files\TOSHIBA\TRDCReminder\TRDCReminder.exe (TOSHIBA Europe)
Startup: C:\Users\ROLAND\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Alertes de surveillance de l'encre - HP Photosmart 6520 series.lnk [2018-05-04]
ShortcutTarget: Alertes de surveillance de l'encre - HP Photosmart 6520 series.lnk -> C:\Program Files\HP\HP Photosmart 6520 series\Bin\HPStatusBL.dll (Hewlett-Packard Co.)
==================== Internet (Avec liste blanche) ====================
(Si un élément est inclus dans le fichier fixlist.txt, s'il s'agit d'un élément du Registre, il sera supprimé ou restauré à la valeur par défaut.)
Winsock: Catalog5 07 C:\Program Files\Bonjour\mdnsNSP.dll [122128 2015-08-12] (Apple Inc.)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{89D0A398-6F97-497D-B492-6C0BD8CEA328}: [DhcpNameServer] 192.168.0.254
Tcpip\..\Interfaces\{AF70E87D-0EF8-4165-9D14-D8D7E0694F88}: [DhcpNameServer] 192.168.1.1
Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://www.google.com/?bcutc=sp-006
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxps://www.google.com/search?bcutc=sp-006&q={searchTerms}
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKU\S-1-5-21-752407965-2584871733-3107330616-1000\Software\Microsoft\Internet Explorer\Main,Search Page = hxxps://www.google.com/search?bcutc=sp-006&q={searchTerms}
HKU\S-1-5-21-752407965-2584871733-3107330616-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://www.google.com/?bcutc=sp-006
SearchScopes: HKLM -> DefaultScope {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL = hxxps://www.google.com/search?bcutc=sp-006&q={searchTerms}
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM -> {DC91FAFB-6CEA-49E5-BB74-9CEE75D09B77} URL = hxxp://www.google.com/search?source=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7TSEA;
SearchScopes: HKLM -> {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL = hxxps://www.google.com/search?bcutc=sp-006&q={searchTerms}
SearchScopes: HKU\.DEFAULT -> {483830EE-A4CD-4b71-B0A3-3D82E62A6909} URL =
SearchScopes: HKU\S-1-5-21-752407965-2584871733-3107330616-1000 -> DefaultScope {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL = hxxps://www.google.com/search?bcutc=sp-006&q={searchTerms}
SearchScopes: HKU\S-1-5-21-752407965-2584871733-3107330616-1000 -> {70D46D94-BF1E-45ED-B567-48701376298E} URL = hxxp://127.0.0.1:4664/search&s=AfHp9m70ctwBvty2jFb3kMcZD98?q={searchTerms}
SearchScopes: HKU\S-1-5-21-752407965-2584871733-3107330616-1000 -> {DC91FAFB-6CEA-49E5-BB74-9CEE75D09B77} URL = hxxp://www.google.com/search?source=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7TSEA_frFR349
SearchScopes: HKU\S-1-5-21-752407965-2584871733-3107330616-1000 -> {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL = hxxps://www.google.com/search?bcutc=sp-006&q={searchTerms}
BHO: Aide pour le lien d'Adobe PDF Reader -> {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} -> C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [2012-09-23] (Adobe Systems Incorporated)
BHO: RealNetworks Download and Record Plugin for Internet Explorer -> {3049C3E9-B461-4BC5-8870-4C09146192CA} -> C:\Program Files\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin.dll [2014-06-10] (RealDownloader)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_172\bin\ssv.dll [2018-05-03] (Oracle Corporation)
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2018-05-03] (AVAST Software)
BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2016-04-27] (Google Inc.)
BHO: Adobe PDF Conversion Toolbar Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll [2006-10-22] (Adobe Systems Incorporated)
BHO: Skype Browser Helper -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2013-11-20] (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_172\bin\jp2ssv.dll [2018-05-03] (Oracle Corporation)
Toolbar: HKLM - Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll [2006-10-22] (Adobe Systems Incorporated)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2016-04-27] (Google Inc.)
Toolbar: HKU\S-1-5-21-752407965-2584871733-3107330616-1000 -> Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2016-04-27] (Google Inc.)
Toolbar: HKU\S-1-5-21-752407965-2584871733-3107330616-1000 -> Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll [2006-10-22] (Adobe Systems Incorporated)
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.8.0/jinstall-1_8_0_25-windows-i586.cab
DPF: {CAFEEFAC-0018-0000-0025-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.8.0/jinstall-1_8_0_25-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.8.0/jinstall-1_8_0_25-windows-i586.cab
DPF: {E6F480FC-BD44-4CBA-B74A-89AF7842937D} hxxp://content.systemrequirementslab.com.s3.amazonaws.com/global/bin/srldetect_cyri_4.3.1.0.cab
Handler: ms-itss - {0A9007C0-4076-11D3-8789-0000F8105754} - c:\Program Files\Common Files\Microsoft Shared\Information Retrieval\msitss.dll [2007-06-08] (Microsoft Corporation)
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2013-11-20] (Microsoft Corporation)
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll [2016-09-23] (Skype Technologies)
FireFox:
========
FF DefaultProfile: m3uizvwr.default-1509883012239
FF ProfilePath: C:\Users\ROLAND\AppData\Roaming\Zotero\Zotero\Profiles\5lzv3528.default [2016-10-03]
FF Extension: (Zotero LibreOffice Integration) - C:\Program Files\Zotero Standalone\extensions\zoteroOpenOfficeIntegration@zotero.org [2016-08-24] [Legacy] [non signé]
FF Extension: (Zotero Word for Windows Integration) - C:\Program Files\Zotero Standalone\extensions\zoteroWinWordIntegration@zotero.org [2016-08-24] [Legacy] [non signé]
FF ProfilePath: C:\Users\ROLAND\AppData\Roaming\Mozilla\Firefox\Profiles\m3uizvwr.default-1509883012239 [2018-05-04]
FF Session Restore: Mozilla\Firefox\Profiles\m3uizvwr.default-1509883012239 -> est activé.
FF Extension: (Avast SafePrice) - C:\Users\ROLAND\AppData\Roaming\Mozilla\Firefox\Profiles\m3uizvwr.default-1509883012239\Extensions\sp@avast.com.xpi [2017-11-10]
FF Extension: (Avast Online Security) - C:\Users\ROLAND\AppData\Roaming\Mozilla\Firefox\Profiles\m3uizvwr.default-1509883012239\Extensions\wrc@avast.com.xpi [2017-11-10]
FF Extension: (Adblock Plus) - C:\Users\ROLAND\AppData\Roaming\Mozilla\Firefox\Profiles\m3uizvwr.default-1509883012239\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2017-11-05] [Legacy]
FF Extension: (Skype Click to Call) - C:\Program Files\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}.xpi [2014-01-03] [Legacy] [non signé]
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF Extension: (Microsoft .NET Framework Assistant) - C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension [2009-12-29] [Legacy] [non signé]
FF HKLM\...\Firefox\Extensions: [{ABDE892B-13A8-4d1b-88E6-365A6E755758}] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext
FF Extension: (RealDownloader) - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext [2014-07-09] [Legacy] [non signé]
FF HKLM\...\Firefox\Extensions: [{1DD9AC48-0855-4AE7-9934-159B4377FFA2}] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32_27_0_0_187.dll [2017-11-19] ()
FF Plugin: @divx.com/DivX Web Player Plug-In,version=1.0.0 -> C:\Program Files\DivX\DivX Web Player\npdivx32.dll [2017-11-21] (DivX, LLC)
FF Plugin: @java.com/DTPlugin,version=11.172.2 -> C:\Program Files\Java\jre1.8.0_172\bin\dtplugin\npDeployJava1.dll [2018-05-03] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.172.2 -> C:\Program Files\Java\jre1.8.0_172\bin\plugin2\npjp2.dll [2018-05-03] (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE -> disabled [Pas de fichier]
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.50907.0\npctrl.dll [2017-05-03] ( Microsoft Corporation)
FF Plugin: @microsoft.com/WPF,version=3.5 -> C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll [2008-07-29] (Microsoft Corporation)
FF Plugin: @parallelgraphics.com/Cortona -> C:\Program Files\Common Files\ParallelGraphics\Cortona\npCortona.dll [2009-06-01] (ParallelGraphics)
FF Plugin: @real.com/nppl3260;version=17.0.11.0 -> c:\program files\real\realplayer\Netscape6\nppl3260.dll [2014-07-09] (RealNetworks, Inc.)
FF Plugin: @real.com/nprndlchromebrowserrecordext;version=17.0.11 -> C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlchromebrowserrecordext.dll [2014-06-10] (RealNetworks, Inc.)
FF Plugin: @real.com/nprndlhtml5videoshim;version=17.0.11 -> C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlhtml5videoshim.dll [2014-06-10] (RealNetworks, Inc.)
FF Plugin: @real.com/nprndlpepperflashvideoshim;version=17.0.11 -> C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlpepperflashvideoshim.dll [2014-06-10] (RealNetworks, Inc.)
FF Plugin: @real.com/nprpplugin;version=17.0.11.0 -> c:\program files\real\realplayer\Netscape6\nprpplugin.dll [2014-07-09] (RealPlayer Cloud)
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.33.7\npGoogleUpdate3.dll [2017-11-16] (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.33.7\npGoogleUpdate3.dll [2017-11-16] (Google Inc.)
FF Plugin: @videolan.org/vlc,version=2.0.8 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2018-04-19] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.1 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2018-04-19] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.2 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2018-04-19] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.3 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2018-04-19] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.5 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2018-04-19] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.2.1 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2018-04-19] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.2.4 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2018-04-19] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.2.6 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2018-04-19] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.2.8 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2018-04-19] (VideoLAN)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2017-11-04] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-752407965-2584871733-3107330616-1000: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\ROLAND\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [Pas de fichier]
Chrome:
=======
CHR DefaultProfile: Default
CHR HKLM\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM\...\Chrome\Extension: [idhngdhcfkoamngbedgpaokgjbnpdiji] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Chrome\Ext\realdownloader.crx [2014-06-10]
CHR HKLM\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx [2014-01-03]
Opera:
=======
OPR Extension: (Ghostery – Bloqueur de publicité protégeant la vie privée) - C:\Users\ROLAND\AppData\Roaming\Opera Software\Opera Stable\Extensions\bbkekonodcdmedgffkkbgmnnekbainbg [2018-05-01]
OPR Extension: (AdGuard AdBlocker) - C:\Users\ROLAND\AppData\Roaming\Opera Software\Opera Stable\Extensions\bopfaehpakahokaelnomggbohfbimcia [2018-03-23]
OPR Extension: (AdBlocker for YouTube™) - C:\Users\ROLAND\AppData\Roaming\Opera Software\Opera Stable\Extensions\cgdogbijachehheddakopmfjahhgmmma [2017-12-06]
OPR Extension: (VPN SurfEasy - Sécurité, Confidentialité, Débloquage) - C:\Users\ROLAND\AppData\Roaming\Opera Software\Opera Stable\Extensions\ebpielhlnnpkiddeeacoephkilopgblc [2018-05-04]
OPR Extension: (Adblock Plus) - C:\Users\ROLAND\AppData\Roaming\Opera Software\Opera Stable\Extensions\oidhhegpmlfpoeialbgcdocjalghfpkp [2018-05-02]
==================== Services (Avec liste blanche) ====================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
S3 Adobe Version Cue CS3; C:\Program Files\Common Files\Adobe\Adobe Version Cue CS3\Server\bin\VersionCueCS3.exe [153792 2007-03-20] (Adobe Systems Incorporated)
R2 AdobeARMservice; C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe [83984 2017-09-27] (Adobe Systems Incorporated) [Fichier non signé]
S3 AdobeFlashPlayerUpdateSvc; C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [272384 2017-11-19] (Adobe Systems Incorporated) [Fichier non signé]
R2 AgereModemAudio; C:\Program Files\LSI SoftModem\agrsmsvc.exe [14336 2009-03-27] (LSI Corporation)
R3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\aswidsagent.exe [5947256 2018-05-03] (AVAST Software)
S2 avast; C:\Program Files\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [164984 2018-04-20] (AVAST Software) [Fichier non signé]
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [313640 2018-05-03] (AVAST Software) [Fichier non signé]
S3 avastm; C:\Program Files\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [164984 2018-04-20] (AVAST Software) [Fichier non signé]
R2 c2cautoupdatesvc; C:\Program Files\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1363616 2014-01-03] (Microsoft Corporation)
R2 c2cpnrsvc; C:\Program Files\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1748640 2014-01-03] (Microsoft Corporation)
R2 cfWiMAXService; C:\Program Files\TOSHIBA\ConfigFree\CFIWmxSvcs.exe [185712 2009-08-10] (TOSHIBA CORPORATION)
R2 ConfigFree Service; C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe [46448 2009-03-10] (TOSHIBA CORPORATION)
R2 DSAService; C:\Program Files\Intel Driver and Support Assistant\DSAService.exe [22816 2017-09-18] (Intel) [Fichier non signé]
R2 EpsonCustomerParticipation; C:\Program Files\EPSON\EpsonCustomerParticipation\EPCP.exe [539744 2012-05-10] (SEIKO EPSON CORPORATION)
R2 EpsonScanSvc; C:\Windows\system32\EscSvc.exe [122000 2011-12-12] (Seiko Epson Corporation)
S3 FLEXnet Licensing Service; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [654848 2009-10-16] (Macrovision Europe Ltd.) [Fichier non signé]
R2 FsUsbExService; C:\Windows\system32\FsUsbExService.Exe [233472 2013-04-18] (Teruten) [Fichier non signé]
S3 GoogleDesktopManager-051210-111108; C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe [30192 2010-09-10] (Google)
R2 HuaweiHiSuiteService.exe; C:\Program Files\HiSuite\HandSetService\HuaweiHiSuiteService.exe [155848 2017-07-26] () [Fichier non signé]
S3 jswpsapi; C:\Program Files\Jumpstart\jswpsapi.exe [954368 2008-04-16] (Atheros Communications, Inc.) [Fichier non signé]
S3 MozillaMaintenance; C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe [175568 2017-11-05] (Mozilla Foundation) [Fichier non signé]
R2 PnkBstrA; C:\Windows\system32\PnkBstrA.exe [66872 2010-12-30] ()
R2 RealNetworks Downloader Resolver Service; C:\Program Files\RealNetworks\RealDownloader\rndlresolversvc.exe [39568 2014-06-10] ()
R2 RealPlayer Cloud Service; c:\program files\real\realplayer\RPDS\Bin\rpdsvc.exe [1141848 2014-07-09] (RealNetworks, Inc.)
R2 RealPlayerUpdateSvc; C:\Program Files\Real\UpdateService\RealPlayerUpdateSvc.exe [23552 2014-06-10] () [Fichier non signé]
R2 Sdl.ProductTelemetrics.v1; C:\Program Files\Common Files\SDL\Telemetrics\Sdl.Desktop.ProductTelemetrics.Host.Windows.exe [12288 2015-06-17] (SDL) [Fichier non signé]
R3 SmartFaceVWatchSrv; C:\Program Files\TOSHIBA\SmartFaceV\SmartFaceVWatchSrv.exe [77824 2008-08-25] (Toshiba) [Fichier non signé]
S3 Steam Client Service; C:\Program Files\Common Files\Steam\SteamService.exe [1466144 2016-09-20] (Valve Corporation) [Fichier non signé]
R2 UleadBurningHelper; C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe [49152 2006-08-23] (Ulead Systems, Inc.) [Fichier non signé]
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [680960 2013-05-27] (Microsoft Corporation)
===================== Pilotes (Avec liste blanche) ======================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
R1 aswArPot; C:\Windows\System32\drivers\aswArPot.sys [167040 2018-05-03] (AVAST Software)
R1 aswbidsdriver; C:\Windows\System32\drivers\aswbidsdriverx.sys [185432 2018-05-03] (AVAST Software)
R0 aswbidsh; C:\Windows\System32\drivers\aswbidshx.sys [157368 2018-05-03] (AVAST Software)
R0 aswblog; C:\Windows\System32\drivers\aswblogx.sys [276688 2018-05-03] (AVAST Software)
R0 aswbuniv; C:\Windows\System32\drivers\aswbunivx.sys [50336 2018-05-03] (AVAST Software)
R1 aswHdsKe; C:\Windows\System32\drivers\aswHdsKe.sys [180984 2018-05-03] (AVAST Software)
S3 aswHwid; C:\Windows\System32\drivers\aswHwid.sys [42808 2018-05-03] (AVAST Software)
R2 aswMonFlt; C:\Windows\System32\drivers\aswMonFlt.sys [124392 2018-05-03] (AVAST Software)
R1 aswRdr; C:\Windows\System32\drivers\aswRdr2.sys [100544 2018-05-03] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\drivers\aswRvrt.sys [70816 2018-05-03] (AVAST Software)
R1 aswSnx; C:\Windows\System32\drivers\aswSnx.sys [783600 2018-05-03] (AVAST Software)
R1 aswSP; C:\Windows\System32\drivers\aswSP.sys [391856 2018-05-03] (AVAST Software)
R2 aswStm; C:\Windows\System32\drivers\aswStm.sys [152344 2018-05-03] (AVAST Software)
R0 aswVmm; C:\Windows\System32\drivers\aswVmm.sys [310784 2018-05-03] (AVAST Software)
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [243128 2014-12-21] (Disc Soft Ltd)
S3 ew_usbccgpfilter; C:\Windows\System32\DRIVERS\ew_usbccgpfilter.sys [15360 2017-07-26] (Huawei Technologies Co., Ltd.)
R3 FsUsbExDisk; C:\Windows\system32\FsUsbExDisk.SYS [37344 2013-04-18] () [Fichier non signé]
S3 ggsomc; C:\Windows\System32\DRIVERS\ggsomc.sys [26328 2017-02-16] (Sony Mobile Communications)
S3 USBAAPL; C:\Windows\System32\Drivers\usbaapl.sys [45056 2012-12-13] (Apple, Inc.) [Fichier non signé]
R3 UVCFTR; C:\Windows\System32\Drivers\UVCFTR_S.SYS [17960 2008-07-15] (Chicony Electronics Co., Ltd.)
S3 dgderdrv; System32\drivers\dgderdrv.sys [X]
U5 hw_usbdev; C:\Windows\System32\Drivers\hw_usbdev.sys [102272 2017-07-26] (Huawei Technologies Co., Ltd.)
S3 RtsUIR; system32\DRIVERS\Rts516xIR.sys [X]
S3 USBCCID; system32\DRIVERS\RtsUCcid.sys [X]
S3 vpnva; system32\DRIVERS\vpnva-6.sys [X]
==================== NetSvcs (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
==================== Un mois - Créés - fichiers et dossiers ========
(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)
2018-05-04 18:41 - 2018-05-04 18:41 - 000000000 ____D C:\FRST
2018-05-04 18:40 - 2018-05-04 18:41 - 000000000 ____D C:\Users\ROLAND\Desktop\FRST
2018-05-04 18:13 - 2018-05-04 18:13 - 000214443 _____ C:\Users\ROLAND\Desktop\ZHPDiag.txt
2018-05-04 17:52 - 2018-05-04 17:52 - 000005294 _____ C:\Users\ROLAND\Documents\cc_20180504_175212.reg
2018-05-04 17:45 - 2018-05-04 17:45 - 015813864 _____ (Piriform Ltd) C:\Users\ROLAND\Downloads\ccsetup542.exe
2018-05-03 18:28 - 2018-05-03 18:28 - 000000000 ____D C:\Program Files\Common Files\Java
2018-05-03 18:27 - 2018-05-03 18:27 - 000000000 ____D C:\Program Files\Common Files\Oracle
2018-05-03 17:30 - 2018-05-03 17:30 - 000002043 _____ C:\Users\Public\Desktop\Avast Antivirus Gratuit.lnk
2018-05-03 17:30 - 2018-05-03 17:30 - 000000000 ____D C:\Users\ROLAND\AppData\Roaming\AVAST Software
2018-05-03 17:30 - 2018-05-03 17:30 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVAST Software
2018-05-03 17:29 - 2018-05-03 17:29 - 000124392 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2018-05-03 17:29 - 2018-05-03 17:28 - 000783600 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys
2018-05-03 17:29 - 2018-05-03 17:28 - 000391856 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys
2018-05-03 17:29 - 2018-05-03 17:28 - 000320728 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2018-05-03 17:29 - 2018-05-03 17:28 - 000310784 _____ (AVAST Software) C:\Windows\system32\Drivers\aswVmm.sys
2018-05-03 17:29 - 2018-05-03 17:28 - 000276688 _____ (AVAST Software) C:\Windows\system32\Drivers\aswblogx.sys
2018-05-03 17:29 - 2018-05-03 17:28 - 000185432 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbidsdriverx.sys
2018-05-03 17:29 - 2018-05-03 17:28 - 000180984 _____ (AVAST Software) C:\Windows\system32\Drivers\aswHdsKe.sys
2018-05-03 17:29 - 2018-05-03 17:28 - 000167040 _____ (AVAST Software) C:\Windows\system32\Drivers\aswArPot.sys
2018-05-03 17:29 - 2018-05-03 17:28 - 000157368 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbidshx.sys
2018-05-03 17:29 - 2018-05-03 17:28 - 000152344 _____ (AVAST Software) C:\Windows\system32\Drivers\aswStm.sys
2018-05-03 17:29 - 2018-05-03 17:28 - 000100544 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2018-05-03 17:29 - 2018-05-03 17:28 - 000070816 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRvrt.sys
2018-05-03 17:29 - 2018-05-03 17:28 - 000050336 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbunivx.sys
2018-05-03 17:29 - 2018-05-03 17:28 - 000042808 _____ (AVAST Software) C:\Windows\system32\Drivers\aswHwid.sys
2018-05-02 20:49 - 2018-05-02 20:49 - 000004106 _____ C:\Users\ROLAND\Documents\cc_20180502_204903.reg
2018-05-02 20:48 - 2018-05-02 20:48 - 000031376 _____ C:\Users\ROLAND\Documents\cc_20180502_204801.reg
2018-05-01 09:47 - 2018-03-14 19:18 - 000116928 _____ (Microsoft Corporation) C:\Windows\system32\CompatTelRunner.exe
2018-05-01 09:47 - 2018-03-14 19:14 - 000535040 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2018-05-01 09:47 - 2018-03-14 15:04 - 001893376 _____ (Microsoft Corporation) C:\Windows\system32\aitstatic.exe
2018-05-01 09:47 - 2018-03-14 15:04 - 001319424 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2018-05-01 09:47 - 2018-03-14 15:04 - 000594944 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2018-05-01 09:47 - 2018-03-14 15:04 - 000507392 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2018-05-01 09:47 - 2018-03-14 15:04 - 000338432 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2018-05-01 09:47 - 2018-03-14 15:04 - 000338432 _____ (Microsoft Corporation) C:\Windows\system32\centel.dll
2018-05-01 09:47 - 2018-03-14 15:04 - 000238592 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2018-05-01 09:47 - 2018-03-14 15:04 - 000190976 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll
2018-04-20 12:37 - 2018-04-20 12:37 - 000002413 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast Secure Browser.lnk
2018-04-20 12:34 - 2018-04-20 12:34 - 000000000 ____D C:\Users\ROLAND\AppData\Local\AVAST Software
2018-04-18 15:12 - 2018-04-18 15:12 - 000000214 _____ C:\Users\ROLAND\Desktop\Final DOOM.url
2018-04-18 11:03 - 2018-04-18 11:03 - 000000214 _____ C:\Users\ROLAND\Desktop\Master Levels for DOOM II.url
2018-04-18 10:52 - 2018-04-18 10:53 - 000000000 ____D C:\Users\ROLAND\AppData\Local\Divinity 2
2018-04-18 10:52 - 2018-04-18 10:52 - 000000000 ____D C:\ProgramData\Divinity 2
2018-04-13 17:14 - 2018-04-13 17:14 - 000000216 _____ C:\Users\ROLAND\Desktop\Divinity II Developer's Cut.url
2018-04-12 09:29 - 2018-04-12 09:30 - 040749109 _____ C:\Users\ROLAND\Desktop\ac_addin_win_980_387.zip
2018-04-11 10:56 - 2018-04-11 11:00 - 227726016 _____ (Kilgray ) C:\Users\ROLAND\Desktop\memoQ-8-4-Setup-06.exe
2018-04-08 20:23 - 2018-04-08 20:23 - 000000000 ____D C:\Users\ROLAND\AppData\Roaming\11bitstudios
2018-04-08 17:25 - 2018-04-08 17:25 - 001110946 _____ C:\Users\ROLAND\Documents\ACFrOgDTpCg8sMCn7FAg2HhtE7vGCIFDKQW0JtSdmfDK0yUV0FcFS6JN7X6lfTdZZs23XdAPZETe_GK34K9OWyQFDINPkh_h1UvP8Brd2-oLI0Nt2yaB5hDhlnqwjYU=.pdf
2018-04-07 12:07 - 2018-04-07 12:07 - 000000000 ____D C:\Users\ROLAND\AppData\Local\CrashRpt
2018-04-06 11:49 - 2018-04-06 11:49 - 000000216 _____ C:\Users\ROLAND\Desktop\Crusader Kings II.url
2018-04-04 13:22 - 2018-04-04 13:26 - 000000000 ____D C:\Users\ROLAND\Desktop\Pôle Emploi
==================== Un mois - Modifiés - fichiers et dossiers ========
(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)
2018-05-04 18:13 - 2017-11-04 14:12 - 000000000 ____D C:\Users\ROLAND\AppData\Roaming\ZHP
2018-05-04 18:00 - 2017-11-04 14:12 - 000000000 ____D C:\Users\ROLAND\AppData\Local\ZHP
2018-05-04 17:55 - 2017-11-04 13:58 - 000000000 ____D C:\Users\ROLAND\Desktop\ZHP
2018-05-04 17:52 - 2009-12-29 14:31 - 000019664 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2018-05-04 17:52 - 2009-12-29 14:31 - 000019664 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2018-05-04 17:46 - 2016-11-01 16:48 - 000000933 _____ C:\Users\Public\Desktop\CCleaner.lnk
2018-05-04 17:44 - 2010-07-17 17:05 - 000000000 ____D C:\Users\ROLAND\AppData\Roaming\Skype
2018-05-04 14:22 - 2016-10-16 18:15 - 000000000 ____D C:\Program Files\Opera
2018-05-04 14:16 - 2010-12-30 12:46 - 000000000 ____D C:\Users\ROLAND\AppData\Local\ApplicationHistory
2018-05-04 14:10 - 2009-07-14 06:53 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2018-05-04 09:09 - 2009-07-14 06:53 - 000032482 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2018-05-04 01:11 - 2016-08-14 23:53 - 000002903 _____ C:\Windows\system32\servers.def.vpx
2018-05-04 01:11 - 2016-08-14 23:53 - 000002903 _____ C:\Windows\system32\servers.def.lkg
2018-05-04 01:11 - 2016-08-14 23:53 - 000000000 _____ C:\Windows\system32\prod-pgm.vpx
2018-05-03 19:32 - 2013-09-06 12:20 - 000000000 ____D C:\Program Files\Steam
2018-05-03 18:27 - 2017-12-06 19:36 - 000096712 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge.dll
2018-05-03 18:27 - 2017-12-06 19:36 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2018-05-03 18:26 - 2008-08-07 16:56 - 000000000 ____D C:\Program Files\Java
2018-05-03 18:25 - 2016-04-03 19:39 - 000000000 ____D C:\Program Files\Common Files\Adobe AIR
2018-05-03 18:25 - 2011-04-01 22:41 - 000000000 ____D C:\Program Files\DivX
2018-05-03 18:25 - 2011-04-01 22:33 - 000000000 ____D C:\ProgramData\DivX
2018-05-03 18:24 - 2013-10-01 20:13 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DivX
2018-05-03 18:24 - 2011-04-01 22:50 - 000000000 ____D C:\Program Files\Common Files\DivX Shared
2018-05-03 18:23 - 2011-04-01 22:51 - 000000000 ____D C:\Users\ROLAND\AppData\Roaming\DivX
2018-05-03 18:21 - 2010-12-26 01:45 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\7-Zip
2018-05-03 18:21 - 2010-12-26 01:45 - 000000000 ____D C:\Program Files\7-Zip
2018-05-03 17:28 - 2017-12-06 17:57 - 000000000 ____D C:\Program Files\Common Files\Avast Software
2018-05-03 17:27 - 2015-10-10 08:39 - 000000000 ____D C:\Program Files\AVAST Software
2018-05-03 17:27 - 2015-10-10 08:38 - 000000000 ____D C:\ProgramData\AVAST Software
2018-05-03 17:27 - 2009-07-14 04:37 - 000000000 ____D C:\Windows\inf
2018-05-03 17:07 - 2017-09-10 00:31 - 000000000 _____ C:\Windows\system32\last.dump
2018-05-02 20:55 - 2009-12-29 15:23 - 000143952 _____ C:\Users\ROLAND\AppData\Local\GDIPFONTCACHEV1.DAT
2018-05-02 20:51 - 2009-07-14 06:33 - 001833656 _____ C:\Windows\system32\FNTCACHE.DAT
2018-05-02 20:07 - 2014-12-11 12:28 - 000000000 ____D C:\Windows\system32\appraiser
2018-05-02 19:09 - 2015-09-08 09:39 - 000170200 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2018-04-20 17:05 - 2016-11-16 12:05 - 001697946 _____ C:\Windows\system32\PerfStringBackup.INI
2018-04-20 17:05 - 2009-07-14 10:39 - 000757762 _____ C:\Windows\system32\perfh00C.dat
2018-04-20 17:05 - 2009-07-14 10:39 - 000155264 _____ C:\Windows\system32\perfc00C.dat
2018-04-18 15:12 - 2014-04-01 10:48 - 000000000 ____D C:\Users\ROLAND\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2018-04-18 10:52 - 2014-05-09 23:32 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
2018-04-18 10:52 - 2014-05-09 23:32 - 000000000 ____D C:\Program Files\AGEIA Technologies
2018-04-18 10:52 - 2014-05-09 23:31 - 000000000 ____D C:\Program Files\Common Files\Wise Installation Wizard
2018-04-17 01:47 - 2011-01-17 22:04 - 000000000 ____D C:\Users\ROLAND\AppData\Roaming\vlc
2018-04-15 23:13 - 2016-11-23 00:07 - 000000000 ____D C:\Users\ROLAND\AppData\LocalLow\Mozilla
2018-04-14 11:39 - 2018-03-26 14:19 - 000000000 ____D C:\Users\ROLAND\Desktop\Photos Vieille Dame 2018
2018-04-10 18:13 - 2018-03-09 13:45 - 000000000 ____D C:\Users\ROLAND\Desktop\Liebesdienst
2018-04-08 21:12 - 2017-10-24 11:52 - 000000000 ____D C:\Program Files\Intel Driver and Support Assistant
2018-04-08 21:07 - 2017-06-28 18:22 - 000000000 ____D C:\Program Files\Mozilla Thunderbird
2018-04-08 21:07 - 2012-10-22 10:06 - 000000000 ____D C:\Program Files\Mozilla Maintenance Service
2018-04-08 17:19 - 2015-06-23 01:35 - 000000000 ____D C:\Users\ROLAND\Desktop\TOULOUSE-BONN_LA VIEILLE DAME
2018-04-05 12:39 - 2013-03-11 11:16 - 000000000 ____D C:\Program Files\Mozilla Firefox
2018-04-05 12:38 - 2010-10-06 17:03 - 000000000 ____D C:\Users\ROLAND\Desktop\ICONES
==================== Fichiers à la racine de certains dossiers =======
2010-12-30 00:59 - 2010-12-30 00:59 - 000022328 _____ () C:\Users\ROLAND\AppData\Roaming\PnkBstrK.sys
2009-10-17 13:42 - 2009-10-17 13:42 - 000000000 _____ () C:\Users\ROLAND\AppData\Roaming\wklnhst.dat
2014-12-06 02:38 - 2014-12-06 02:38 - 000000000 _____ () C:\Users\ROLAND\AppData\Roaming\Microsoft\AF3D.tmp
2010-07-13 00:55 - 2016-04-03 13:58 - 000027136 _____ () C:\Users\ROLAND\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2010-12-30 12:46 - 2010-12-30 12:46 - 000000094 _____ () C:\Users\ROLAND\AppData\Local\fusioncache.dat
Certains fichiers dans TEMP:
====================
2018-05-04 14:21 - 2018-05-04 14:21 - 001876480 _____ (Opera Software) C:\Users\ROLAND\AppData\Local\Temp\Opera_installer_180504122143073.dll
2018-05-04 14:21 - 2018-05-04 14:21 - 001876480 _____ (Opera Software) C:\Users\ROLAND\AppData\Local\Temp\Opera_installer_180504122143900.dll
2018-05-04 14:21 - 2018-05-04 14:21 - 001876480 _____ (Opera Software) C:\Users\ROLAND\AppData\Local\Temp\Opera_installer_180504122146146.dll
2018-05-04 14:21 - 2018-05-04 14:21 - 001876480 _____ (Opera Software) C:\Users\ROLAND\AppData\Local\Temp\Opera_installer_180504122146380.dll
2018-05-04 14:21 - 2018-05-04 14:21 - 001876480 _____ (Opera Software) C:\Users\ROLAND\AppData\Local\Temp\Opera_installer_180504122157612.dll
==================== Bamital & volsnap ======================
(Il n'y a pas de correction automatique pour les fichiers qui ne satisfont pas à la vérification.)
C:\Windows\explorer.exe => Le fichier est signé numériquement
C:\Windows\system32\winlogon.exe => Le fichier est signé numériquement
C:\Windows\system32\wininit.exe => Le fichier est signé numériquement
C:\Windows\system32\svchost.exe => Le fichier est signé numériquement
C:\Windows\system32\services.exe => Le fichier est signé numériquement
C:\Windows\system32\User32.dll => Le fichier est signé numériquement
C:\Windows\system32\userinit.exe => Le fichier est signé numériquement
C:\Windows\system32\rpcss.dll => Le fichier est signé numériquement
C:\Windows\system32\dnsapi.dll => Le fichier est signé numériquement
C:\Windows\system32\Drivers\volsnap.sys => Le fichier est signé numériquement
LastRegBack: 2018-05-03 11:20
==================== Fin de FRST.txt ============================
Exécuté par ROLAND (administrateur) sur PC-DE-SOPHIA (04-05-2018 18:41:12)
Exécuté depuis C:\Users\ROLAND\Desktop\FRST
Profils chargés: ROLAND (Profils disponibles: ROLAND)
Platform: Microsoft Windows 7 Édition Familiale Premium Service Pack 1 (X86) Langue: Français (France)
Internet Explorer Version 11 (Navigateur par défaut: Opera)
Mode d'amorçage: Normal
Tutoriel pour Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processus (Avec liste blanche) =================
(Si un élément est inclus dans le fichier fixlist.txt, le processus sera arrêté. Le fichier ne sera pas déplacé.)
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Microsoft Corporation) C:\Program Files\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
(Microsoft Corporation) C:\Program Files\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
(Intel) C:\Program Files\Intel Driver and Support Assistant\DSAService.exe
(SEIKO EPSON CORPORATION) C:\Program Files\epson\EpsonCustomerParticipation\EPCP.exe
(Seiko Epson Corporation) C:\Windows\System32\escsvc.exe
(Teruten) C:\Windows\System32\FsUsbExService.Exe
() C:\Program Files\HiSuite\HandSetService\HuaweiHiSuiteService.exe
() C:\Windows\System32\PnkBstrA.exe
() C:\Program Files\RealNetworks\RealDownloader\rndlresolversvc.exe
(RealNetworks, Inc.) C:\Program Files\Real\RealPlayer\RPDS\Bin\rpdsvc.exe
() C:\Program Files\Real\UpdateService\RealPlayerUpdateSvc.exe
(SDL) C:\Program Files\Common Files\SDL\Telemetrics\Sdl.Desktop.ProductTelemetrics.Host.Windows.exe
(TOSHIBA Corporation) C:\Windows\System32\TODDSrv.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe
(Ulead Systems, Inc.) C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
(Toshiba) C:\Program Files\TOSHIBA\SmartFaceV\SmartFaceVWatchSrv.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\aswidsagent.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Synaptics, Inc.) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
(Synaptics, Inc.) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\Power Saver\TPwrMain.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\SmoothView\SmoothView.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(RealNetworks, Inc.) C:\Program Files\Real\RealPlayer\Update\realsched.exe
(SEIKO EPSON CORPORATION) C:\Program Files\Epson Software\FAX Utility\FUFAXRCV.exe
(SEIKO EPSON CORPORATION) C:\Program Files\Epson Software\Event Manager\EEventManager.exe
(Intel Corporation) C:\Windows\System32\igfxext.exe
(Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
(Hewlett-Packard) C:\Program Files\HP\HP Software Update\hpwuschd2.exe
(Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jusched.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(TOSHIBA) C:\Program Files\TOSHIBA\TOSCDSPD\TOSCDSPD.exe
(Microsoft Corporation) C:\Windows\System32\wbem\unsecapp.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(LSI Corporation) C:\Program Files\LSI SoftModem\agrsmsvc.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(AVAST Software) C:\Program Files\AVAST Software\Browser\Update\1.4.136.333\AvastBrowserCrashHandler.exe
(TOSHIBA CORPORATION) C:\Program Files\TOSHIBA\ConfigFree\CFIWmxSvcs.exe
(TOSHIBA CORPORATION) C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner.exe
(Microsoft Corporation) C:\Windows\System32\msiexec.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
==================== Registre (Avec liste blanche) ===========================
(Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé. Le fichier ne sera pas déplacé.)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [1348904 2008-08-14] (Synaptics, Inc.)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe [7625248 2009-07-28] (Realtek Semiconductor)
HKLM\...\Run: [Acrobat Assistant 8.0] => C:\Program Files\Adobe\Acrobat 8.0\Acrobat\Acrotray.exe [620152 2006-10-22] (Adobe Systems Inc.)
HKLM\...\Run: [Camera Assistant Software] => C:\Program Files\Camera Assistant Software for Toshiba\traybar.exe [417792 2008-09-26] (Chicony)
HKLM\...\Run: [Google Desktop Search] => C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe [30192 2010-09-10] (Google)
HKLM\...\Run: [Google EULA Launcher] => c:\Program Files\Google\Google EULA\GoogleEULALauncher.exe [20480 2008-05-28] ( )
HKLM\...\Run: [topi] => C:\Program Files\TOSHIBA\Toshiba Online Product Information\topi.exe [581632 2007-07-10] (TOSHIBA)
HKLM\...\Run: [Adobe_ID0EYTHM] => C:\Program Files\Common Files\Adobe\Adobe Version Cue CS3\Server\bin\VersionCueCS3Tray.exe [1884160 2007-03-20] (Adobe Systems Incorporated)
HKLM\...\Run: [TPwrMain] => C:\Program Files\TOSHIBA\Power Saver\TPwrMain.EXE [476512 2009-08-21] (TOSHIBA Corporation)
HKLM\...\Run: [HSON] => C:\Program Files\TOSHIBA\TBS\HSON.exe [55160 2009-03-09] (TOSHIBA Corporation)
HKLM\...\Run: [SmoothView] => C:\Program Files\Toshiba\SmoothView\SmoothView.exe [521528 2009-08-13] (TOSHIBA Corporation)
HKLM\...\Run: [00TCrdMain] => C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe [738616 2009-08-05] (TOSHIBA Corporation)
HKLM\...\Run: [APSDaemon] => C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe [67896 2017-11-30] (Apple Inc.)
HKLM\...\Run: [DivXMediaServer] => C:\Program Files\DivX\DivX Media Server\DivXMediaServer.exe [1057240 2017-11-18] (DivX, LLC)
HKLM\...\Run: [TkBellExe] => c:\program files\real\realplayer\Update\realsched.exe [296520 2014-07-09] (RealNetworks, Inc.)
HKLM\...\Run: [FUFAXRCV] => C:\Program Files\Epson Software\FAX Utility\FUFAXRCV.exe [650784 2015-01-20] (SEIKO EPSON CORPORATION)
HKLM\...\Run: [FUFAXSTM] => C:\Program Files\Epson Software\FAX Utility\FUFAXSTM.exe [863776 2015-01-20] (SEIKO EPSON CORPORATION)
HKLM\...\Run: [IJNetworkScannerSelectorEX] => C:\Program Files\Canon\IJ Network Scanner Selector EX\CNMNSST.exe [449168 2012-03-26] (CANON INC.)
HKLM\...\Run: [EEventManager] => C:\Program Files\Epson Software\Event Manager\EEventManager.exe [1065024 2014-06-10] (SEIKO EPSON CORPORATION)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [499608 2011-03-15] (Adobe Systems Incorporated)
HKLM\...\Run: [DSATray] => C:\Program Files\Intel Driver and Support Assistant\DsaTray.exe [131360 2017-09-18] (Intel)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [261432 2017-09-11] (Apple Inc.)
HKLM\...\Run: [HP Software Update] => C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe [96056 2013-05-30] (Hewlett-Packard)
HKLM\...\Run: [] => [X]
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [242392 2018-05-03] (AVAST Software)
HKLM\...\Run: [SunJavaUpdateSched] => C:\Program Files\Common Files\Java\Java Update\jusched.exe [588704 2018-03-28] (Oracle Corporation)
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKU\S-1-5-21-752407965-2584871733-3107330616-1000\...\Run: [ehTray.exe] => C:\Windows\ehome\ehTray.exe [144384 2010-11-20] (Microsoft Corporation)
HKU\S-1-5-21-752407965-2584871733-3107330616-1000\...\Run: [TOSCDSPD] => C:\Program Files\TOSHIBA\TOSCDSPD\TOSCDSPD.exe [430080 2008-04-24] (TOSHIBA)
HKU\S-1-5-21-752407965-2584871733-3107330616-1000\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner.exe [13619968 2018-04-12] (Piriform Ltd)
HKU\S-1-5-21-752407965-2584871733-3107330616-1000\...\Run: [DAEMON Tools Lite] => C:\Program Files\DAEMON Tools Lite\DTLite.exe [3696912 2014-03-04] (Disc Soft Ltd)
HKU\S-1-5-21-752407965-2584871733-3107330616-1000\...\MountPoints2: {1b71d232-0713-11e3-b345-001e33f4664a} - F:\AOEINST.EXE /autorun
HKU\S-1-5-21-752407965-2584871733-3107330616-1000\...\MountPoints2: {91d6aa29-6c89-11e2-b229-001e33f4664a} - F:\AOEINST.EXE /autorun
HKU\S-1-5-21-752407965-2584871733-3107330616-1000\...\MountPoints2: {a6eeb89c-323a-11e7-82ba-001e33f4664a} - G:\HiSuiteDownLoader.exe
HKU\S-1-5-21-752407965-2584871733-3107330616-1000\...\MountPoints2: {e404264f-7286-11e0-b03a-001e33f4664a} - F:\autorun.exe
HKU\S-1-5-21-752407965-2584871733-3107330616-1000\...\MountPoints2: {ec644fa0-4dbd-11e7-8384-001e33f4664a} - G:\HiSuiteDownLoader.exe
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Adobe Reader Synchronizer.lnk [2015-09-08]
ShortcutTarget: Adobe Reader Synchronizer.lnk -> C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AdobeCollabSync.exe ()
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Lancement rapide d'Adobe Acrobat.lnk [2015-09-08]
ShortcutTarget: Lancement rapide d'Adobe Acrobat.lnk -> C:\Windows\Installer\{AC76BA86-1033-F400-7760-000000000003}\_SC_Acrobat.exe ()
Startup: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\TRDCReminder.lnk [2008-08-07]
ShortcutTarget: TRDCReminder.lnk -> C:\Program Files\TOSHIBA\TRDCReminder\TRDCReminder.exe (TOSHIBA Europe)
Startup: C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\TRDCReminder.lnk [2008-08-07]
ShortcutTarget: TRDCReminder.lnk -> C:\Program Files\TOSHIBA\TRDCReminder\TRDCReminder.exe (TOSHIBA Europe)
Startup: C:\Users\ROLAND\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Alertes de surveillance de l'encre - HP Photosmart 6520 series.lnk [2018-05-04]
ShortcutTarget: Alertes de surveillance de l'encre - HP Photosmart 6520 series.lnk -> C:\Program Files\HP\HP Photosmart 6520 series\Bin\HPStatusBL.dll (Hewlett-Packard Co.)
==================== Internet (Avec liste blanche) ====================
(Si un élément est inclus dans le fichier fixlist.txt, s'il s'agit d'un élément du Registre, il sera supprimé ou restauré à la valeur par défaut.)
Winsock: Catalog5 07 C:\Program Files\Bonjour\mdnsNSP.dll [122128 2015-08-12] (Apple Inc.)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{89D0A398-6F97-497D-B492-6C0BD8CEA328}: [DhcpNameServer] 192.168.0.254
Tcpip\..\Interfaces\{AF70E87D-0EF8-4165-9D14-D8D7E0694F88}: [DhcpNameServer] 192.168.1.1
Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://www.google.com/?bcutc=sp-006
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxps://www.google.com/search?bcutc=sp-006&q={searchTerms}
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKU\S-1-5-21-752407965-2584871733-3107330616-1000\Software\Microsoft\Internet Explorer\Main,Search Page = hxxps://www.google.com/search?bcutc=sp-006&q={searchTerms}
HKU\S-1-5-21-752407965-2584871733-3107330616-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://www.google.com/?bcutc=sp-006
SearchScopes: HKLM -> DefaultScope {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL = hxxps://www.google.com/search?bcutc=sp-006&q={searchTerms}
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM -> {DC91FAFB-6CEA-49E5-BB74-9CEE75D09B77} URL = hxxp://www.google.com/search?source=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7TSEA;
SearchScopes: HKLM -> {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL = hxxps://www.google.com/search?bcutc=sp-006&q={searchTerms}
SearchScopes: HKU\.DEFAULT -> {483830EE-A4CD-4b71-B0A3-3D82E62A6909} URL =
SearchScopes: HKU\S-1-5-21-752407965-2584871733-3107330616-1000 -> DefaultScope {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL = hxxps://www.google.com/search?bcutc=sp-006&q={searchTerms}
SearchScopes: HKU\S-1-5-21-752407965-2584871733-3107330616-1000 -> {70D46D94-BF1E-45ED-B567-48701376298E} URL = hxxp://127.0.0.1:4664/search&s=AfHp9m70ctwBvty2jFb3kMcZD98?q={searchTerms}
SearchScopes: HKU\S-1-5-21-752407965-2584871733-3107330616-1000 -> {DC91FAFB-6CEA-49E5-BB74-9CEE75D09B77} URL = hxxp://www.google.com/search?source=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7TSEA_frFR349
SearchScopes: HKU\S-1-5-21-752407965-2584871733-3107330616-1000 -> {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL = hxxps://www.google.com/search?bcutc=sp-006&q={searchTerms}
BHO: Aide pour le lien d'Adobe PDF Reader -> {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} -> C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [2012-09-23] (Adobe Systems Incorporated)
BHO: RealNetworks Download and Record Plugin for Internet Explorer -> {3049C3E9-B461-4BC5-8870-4C09146192CA} -> C:\Program Files\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin.dll [2014-06-10] (RealDownloader)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_172\bin\ssv.dll [2018-05-03] (Oracle Corporation)
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2018-05-03] (AVAST Software)
BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2016-04-27] (Google Inc.)
BHO: Adobe PDF Conversion Toolbar Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll [2006-10-22] (Adobe Systems Incorporated)
BHO: Skype Browser Helper -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2013-11-20] (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_172\bin\jp2ssv.dll [2018-05-03] (Oracle Corporation)
Toolbar: HKLM - Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll [2006-10-22] (Adobe Systems Incorporated)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2016-04-27] (Google Inc.)
Toolbar: HKU\S-1-5-21-752407965-2584871733-3107330616-1000 -> Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2016-04-27] (Google Inc.)
Toolbar: HKU\S-1-5-21-752407965-2584871733-3107330616-1000 -> Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll [2006-10-22] (Adobe Systems Incorporated)
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.8.0/jinstall-1_8_0_25-windows-i586.cab
DPF: {CAFEEFAC-0018-0000-0025-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.8.0/jinstall-1_8_0_25-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.8.0/jinstall-1_8_0_25-windows-i586.cab
DPF: {E6F480FC-BD44-4CBA-B74A-89AF7842937D} hxxp://content.systemrequirementslab.com.s3.amazonaws.com/global/bin/srldetect_cyri_4.3.1.0.cab
Handler: ms-itss - {0A9007C0-4076-11D3-8789-0000F8105754} - c:\Program Files\Common Files\Microsoft Shared\Information Retrieval\msitss.dll [2007-06-08] (Microsoft Corporation)
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2013-11-20] (Microsoft Corporation)
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll [2016-09-23] (Skype Technologies)
FireFox:
========
FF DefaultProfile: m3uizvwr.default-1509883012239
FF ProfilePath: C:\Users\ROLAND\AppData\Roaming\Zotero\Zotero\Profiles\5lzv3528.default [2016-10-03]
FF Extension: (Zotero LibreOffice Integration) - C:\Program Files\Zotero Standalone\extensions\zoteroOpenOfficeIntegration@zotero.org [2016-08-24] [Legacy] [non signé]
FF Extension: (Zotero Word for Windows Integration) - C:\Program Files\Zotero Standalone\extensions\zoteroWinWordIntegration@zotero.org [2016-08-24] [Legacy] [non signé]
FF ProfilePath: C:\Users\ROLAND\AppData\Roaming\Mozilla\Firefox\Profiles\m3uizvwr.default-1509883012239 [2018-05-04]
FF Session Restore: Mozilla\Firefox\Profiles\m3uizvwr.default-1509883012239 -> est activé.
FF Extension: (Avast SafePrice) - C:\Users\ROLAND\AppData\Roaming\Mozilla\Firefox\Profiles\m3uizvwr.default-1509883012239\Extensions\sp@avast.com.xpi [2017-11-10]
FF Extension: (Avast Online Security) - C:\Users\ROLAND\AppData\Roaming\Mozilla\Firefox\Profiles\m3uizvwr.default-1509883012239\Extensions\wrc@avast.com.xpi [2017-11-10]
FF Extension: (Adblock Plus) - C:\Users\ROLAND\AppData\Roaming\Mozilla\Firefox\Profiles\m3uizvwr.default-1509883012239\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2017-11-05] [Legacy]
FF Extension: (Skype Click to Call) - C:\Program Files\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}.xpi [2014-01-03] [Legacy] [non signé]
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF Extension: (Microsoft .NET Framework Assistant) - C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension [2009-12-29] [Legacy] [non signé]
FF HKLM\...\Firefox\Extensions: [{ABDE892B-13A8-4d1b-88E6-365A6E755758}] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext
FF Extension: (RealDownloader) - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext [2014-07-09] [Legacy] [non signé]
FF HKLM\...\Firefox\Extensions: [{1DD9AC48-0855-4AE7-9934-159B4377FFA2}] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32_27_0_0_187.dll [2017-11-19] ()
FF Plugin: @divx.com/DivX Web Player Plug-In,version=1.0.0 -> C:\Program Files\DivX\DivX Web Player\npdivx32.dll [2017-11-21] (DivX, LLC)
FF Plugin: @java.com/DTPlugin,version=11.172.2 -> C:\Program Files\Java\jre1.8.0_172\bin\dtplugin\npDeployJava1.dll [2018-05-03] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.172.2 -> C:\Program Files\Java\jre1.8.0_172\bin\plugin2\npjp2.dll [2018-05-03] (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE -> disabled [Pas de fichier]
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.50907.0\npctrl.dll [2017-05-03] ( Microsoft Corporation)
FF Plugin: @microsoft.com/WPF,version=3.5 -> C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll [2008-07-29] (Microsoft Corporation)
FF Plugin: @parallelgraphics.com/Cortona -> C:\Program Files\Common Files\ParallelGraphics\Cortona\npCortona.dll [2009-06-01] (ParallelGraphics)
FF Plugin: @real.com/nppl3260;version=17.0.11.0 -> c:\program files\real\realplayer\Netscape6\nppl3260.dll [2014-07-09] (RealNetworks, Inc.)
FF Plugin: @real.com/nprndlchromebrowserrecordext;version=17.0.11 -> C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlchromebrowserrecordext.dll [2014-06-10] (RealNetworks, Inc.)
FF Plugin: @real.com/nprndlhtml5videoshim;version=17.0.11 -> C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlhtml5videoshim.dll [2014-06-10] (RealNetworks, Inc.)
FF Plugin: @real.com/nprndlpepperflashvideoshim;version=17.0.11 -> C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlpepperflashvideoshim.dll [2014-06-10] (RealNetworks, Inc.)
FF Plugin: @real.com/nprpplugin;version=17.0.11.0 -> c:\program files\real\realplayer\Netscape6\nprpplugin.dll [2014-07-09] (RealPlayer Cloud)
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.33.7\npGoogleUpdate3.dll [2017-11-16] (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.33.7\npGoogleUpdate3.dll [2017-11-16] (Google Inc.)
FF Plugin: @videolan.org/vlc,version=2.0.8 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2018-04-19] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.1 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2018-04-19] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.2 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2018-04-19] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.3 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2018-04-19] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.5 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2018-04-19] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.2.1 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2018-04-19] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.2.4 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2018-04-19] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.2.6 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2018-04-19] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.2.8 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2018-04-19] (VideoLAN)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2017-11-04] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-752407965-2584871733-3107330616-1000: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\ROLAND\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [Pas de fichier]
Chrome:
=======
CHR DefaultProfile: Default
CHR HKLM\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM\...\Chrome\Extension: [idhngdhcfkoamngbedgpaokgjbnpdiji] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Chrome\Ext\realdownloader.crx [2014-06-10]
CHR HKLM\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx [2014-01-03]
Opera:
=======
OPR Extension: (Ghostery – Bloqueur de publicité protégeant la vie privée) - C:\Users\ROLAND\AppData\Roaming\Opera Software\Opera Stable\Extensions\bbkekonodcdmedgffkkbgmnnekbainbg [2018-05-01]
OPR Extension: (AdGuard AdBlocker) - C:\Users\ROLAND\AppData\Roaming\Opera Software\Opera Stable\Extensions\bopfaehpakahokaelnomggbohfbimcia [2018-03-23]
OPR Extension: (AdBlocker for YouTube™) - C:\Users\ROLAND\AppData\Roaming\Opera Software\Opera Stable\Extensions\cgdogbijachehheddakopmfjahhgmmma [2017-12-06]
OPR Extension: (VPN SurfEasy - Sécurité, Confidentialité, Débloquage) - C:\Users\ROLAND\AppData\Roaming\Opera Software\Opera Stable\Extensions\ebpielhlnnpkiddeeacoephkilopgblc [2018-05-04]
OPR Extension: (Adblock Plus) - C:\Users\ROLAND\AppData\Roaming\Opera Software\Opera Stable\Extensions\oidhhegpmlfpoeialbgcdocjalghfpkp [2018-05-02]
==================== Services (Avec liste blanche) ====================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
S3 Adobe Version Cue CS3; C:\Program Files\Common Files\Adobe\Adobe Version Cue CS3\Server\bin\VersionCueCS3.exe [153792 2007-03-20] (Adobe Systems Incorporated)
R2 AdobeARMservice; C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe [83984 2017-09-27] (Adobe Systems Incorporated) [Fichier non signé]
S3 AdobeFlashPlayerUpdateSvc; C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [272384 2017-11-19] (Adobe Systems Incorporated) [Fichier non signé]
R2 AgereModemAudio; C:\Program Files\LSI SoftModem\agrsmsvc.exe [14336 2009-03-27] (LSI Corporation)
R3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\aswidsagent.exe [5947256 2018-05-03] (AVAST Software)
S2 avast; C:\Program Files\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [164984 2018-04-20] (AVAST Software) [Fichier non signé]
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [313640 2018-05-03] (AVAST Software) [Fichier non signé]
S3 avastm; C:\Program Files\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [164984 2018-04-20] (AVAST Software) [Fichier non signé]
R2 c2cautoupdatesvc; C:\Program Files\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1363616 2014-01-03] (Microsoft Corporation)
R2 c2cpnrsvc; C:\Program Files\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1748640 2014-01-03] (Microsoft Corporation)
R2 cfWiMAXService; C:\Program Files\TOSHIBA\ConfigFree\CFIWmxSvcs.exe [185712 2009-08-10] (TOSHIBA CORPORATION)
R2 ConfigFree Service; C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe [46448 2009-03-10] (TOSHIBA CORPORATION)
R2 DSAService; C:\Program Files\Intel Driver and Support Assistant\DSAService.exe [22816 2017-09-18] (Intel) [Fichier non signé]
R2 EpsonCustomerParticipation; C:\Program Files\EPSON\EpsonCustomerParticipation\EPCP.exe [539744 2012-05-10] (SEIKO EPSON CORPORATION)
R2 EpsonScanSvc; C:\Windows\system32\EscSvc.exe [122000 2011-12-12] (Seiko Epson Corporation)
S3 FLEXnet Licensing Service; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [654848 2009-10-16] (Macrovision Europe Ltd.) [Fichier non signé]
R2 FsUsbExService; C:\Windows\system32\FsUsbExService.Exe [233472 2013-04-18] (Teruten) [Fichier non signé]
S3 GoogleDesktopManager-051210-111108; C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe [30192 2010-09-10] (Google)
R2 HuaweiHiSuiteService.exe; C:\Program Files\HiSuite\HandSetService\HuaweiHiSuiteService.exe [155848 2017-07-26] () [Fichier non signé]
S3 jswpsapi; C:\Program Files\Jumpstart\jswpsapi.exe [954368 2008-04-16] (Atheros Communications, Inc.) [Fichier non signé]
S3 MozillaMaintenance; C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe [175568 2017-11-05] (Mozilla Foundation) [Fichier non signé]
R2 PnkBstrA; C:\Windows\system32\PnkBstrA.exe [66872 2010-12-30] ()
R2 RealNetworks Downloader Resolver Service; C:\Program Files\RealNetworks\RealDownloader\rndlresolversvc.exe [39568 2014-06-10] ()
R2 RealPlayer Cloud Service; c:\program files\real\realplayer\RPDS\Bin\rpdsvc.exe [1141848 2014-07-09] (RealNetworks, Inc.)
R2 RealPlayerUpdateSvc; C:\Program Files\Real\UpdateService\RealPlayerUpdateSvc.exe [23552 2014-06-10] () [Fichier non signé]
R2 Sdl.ProductTelemetrics.v1; C:\Program Files\Common Files\SDL\Telemetrics\Sdl.Desktop.ProductTelemetrics.Host.Windows.exe [12288 2015-06-17] (SDL) [Fichier non signé]
R3 SmartFaceVWatchSrv; C:\Program Files\TOSHIBA\SmartFaceV\SmartFaceVWatchSrv.exe [77824 2008-08-25] (Toshiba) [Fichier non signé]
S3 Steam Client Service; C:\Program Files\Common Files\Steam\SteamService.exe [1466144 2016-09-20] (Valve Corporation) [Fichier non signé]
R2 UleadBurningHelper; C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe [49152 2006-08-23] (Ulead Systems, Inc.) [Fichier non signé]
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [680960 2013-05-27] (Microsoft Corporation)
===================== Pilotes (Avec liste blanche) ======================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
R1 aswArPot; C:\Windows\System32\drivers\aswArPot.sys [167040 2018-05-03] (AVAST Software)
R1 aswbidsdriver; C:\Windows\System32\drivers\aswbidsdriverx.sys [185432 2018-05-03] (AVAST Software)
R0 aswbidsh; C:\Windows\System32\drivers\aswbidshx.sys [157368 2018-05-03] (AVAST Software)
R0 aswblog; C:\Windows\System32\drivers\aswblogx.sys [276688 2018-05-03] (AVAST Software)
R0 aswbuniv; C:\Windows\System32\drivers\aswbunivx.sys [50336 2018-05-03] (AVAST Software)
R1 aswHdsKe; C:\Windows\System32\drivers\aswHdsKe.sys [180984 2018-05-03] (AVAST Software)
S3 aswHwid; C:\Windows\System32\drivers\aswHwid.sys [42808 2018-05-03] (AVAST Software)
R2 aswMonFlt; C:\Windows\System32\drivers\aswMonFlt.sys [124392 2018-05-03] (AVAST Software)
R1 aswRdr; C:\Windows\System32\drivers\aswRdr2.sys [100544 2018-05-03] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\drivers\aswRvrt.sys [70816 2018-05-03] (AVAST Software)
R1 aswSnx; C:\Windows\System32\drivers\aswSnx.sys [783600 2018-05-03] (AVAST Software)
R1 aswSP; C:\Windows\System32\drivers\aswSP.sys [391856 2018-05-03] (AVAST Software)
R2 aswStm; C:\Windows\System32\drivers\aswStm.sys [152344 2018-05-03] (AVAST Software)
R0 aswVmm; C:\Windows\System32\drivers\aswVmm.sys [310784 2018-05-03] (AVAST Software)
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [243128 2014-12-21] (Disc Soft Ltd)
S3 ew_usbccgpfilter; C:\Windows\System32\DRIVERS\ew_usbccgpfilter.sys [15360 2017-07-26] (Huawei Technologies Co., Ltd.)
R3 FsUsbExDisk; C:\Windows\system32\FsUsbExDisk.SYS [37344 2013-04-18] () [Fichier non signé]
S3 ggsomc; C:\Windows\System32\DRIVERS\ggsomc.sys [26328 2017-02-16] (Sony Mobile Communications)
S3 USBAAPL; C:\Windows\System32\Drivers\usbaapl.sys [45056 2012-12-13] (Apple, Inc.) [Fichier non signé]
R3 UVCFTR; C:\Windows\System32\Drivers\UVCFTR_S.SYS [17960 2008-07-15] (Chicony Electronics Co., Ltd.)
S3 dgderdrv; System32\drivers\dgderdrv.sys [X]
U5 hw_usbdev; C:\Windows\System32\Drivers\hw_usbdev.sys [102272 2017-07-26] (Huawei Technologies Co., Ltd.)
S3 RtsUIR; system32\DRIVERS\Rts516xIR.sys [X]
S3 USBCCID; system32\DRIVERS\RtsUCcid.sys [X]
S3 vpnva; system32\DRIVERS\vpnva-6.sys [X]
==================== NetSvcs (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
==================== Un mois - Créés - fichiers et dossiers ========
(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)
2018-05-04 18:41 - 2018-05-04 18:41 - 000000000 ____D C:\FRST
2018-05-04 18:40 - 2018-05-04 18:41 - 000000000 ____D C:\Users\ROLAND\Desktop\FRST
2018-05-04 18:13 - 2018-05-04 18:13 - 000214443 _____ C:\Users\ROLAND\Desktop\ZHPDiag.txt
2018-05-04 17:52 - 2018-05-04 17:52 - 000005294 _____ C:\Users\ROLAND\Documents\cc_20180504_175212.reg
2018-05-04 17:45 - 2018-05-04 17:45 - 015813864 _____ (Piriform Ltd) C:\Users\ROLAND\Downloads\ccsetup542.exe
2018-05-03 18:28 - 2018-05-03 18:28 - 000000000 ____D C:\Program Files\Common Files\Java
2018-05-03 18:27 - 2018-05-03 18:27 - 000000000 ____D C:\Program Files\Common Files\Oracle
2018-05-03 17:30 - 2018-05-03 17:30 - 000002043 _____ C:\Users\Public\Desktop\Avast Antivirus Gratuit.lnk
2018-05-03 17:30 - 2018-05-03 17:30 - 000000000 ____D C:\Users\ROLAND\AppData\Roaming\AVAST Software
2018-05-03 17:30 - 2018-05-03 17:30 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVAST Software
2018-05-03 17:29 - 2018-05-03 17:29 - 000124392 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2018-05-03 17:29 - 2018-05-03 17:28 - 000783600 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys
2018-05-03 17:29 - 2018-05-03 17:28 - 000391856 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys
2018-05-03 17:29 - 2018-05-03 17:28 - 000320728 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2018-05-03 17:29 - 2018-05-03 17:28 - 000310784 _____ (AVAST Software) C:\Windows\system32\Drivers\aswVmm.sys
2018-05-03 17:29 - 2018-05-03 17:28 - 000276688 _____ (AVAST Software) C:\Windows\system32\Drivers\aswblogx.sys
2018-05-03 17:29 - 2018-05-03 17:28 - 000185432 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbidsdriverx.sys
2018-05-03 17:29 - 2018-05-03 17:28 - 000180984 _____ (AVAST Software) C:\Windows\system32\Drivers\aswHdsKe.sys
2018-05-03 17:29 - 2018-05-03 17:28 - 000167040 _____ (AVAST Software) C:\Windows\system32\Drivers\aswArPot.sys
2018-05-03 17:29 - 2018-05-03 17:28 - 000157368 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbidshx.sys
2018-05-03 17:29 - 2018-05-03 17:28 - 000152344 _____ (AVAST Software) C:\Windows\system32\Drivers\aswStm.sys
2018-05-03 17:29 - 2018-05-03 17:28 - 000100544 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2018-05-03 17:29 - 2018-05-03 17:28 - 000070816 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRvrt.sys
2018-05-03 17:29 - 2018-05-03 17:28 - 000050336 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbunivx.sys
2018-05-03 17:29 - 2018-05-03 17:28 - 000042808 _____ (AVAST Software) C:\Windows\system32\Drivers\aswHwid.sys
2018-05-02 20:49 - 2018-05-02 20:49 - 000004106 _____ C:\Users\ROLAND\Documents\cc_20180502_204903.reg
2018-05-02 20:48 - 2018-05-02 20:48 - 000031376 _____ C:\Users\ROLAND\Documents\cc_20180502_204801.reg
2018-05-01 09:47 - 2018-03-14 19:18 - 000116928 _____ (Microsoft Corporation) C:\Windows\system32\CompatTelRunner.exe
2018-05-01 09:47 - 2018-03-14 19:14 - 000535040 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2018-05-01 09:47 - 2018-03-14 15:04 - 001893376 _____ (Microsoft Corporation) C:\Windows\system32\aitstatic.exe
2018-05-01 09:47 - 2018-03-14 15:04 - 001319424 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2018-05-01 09:47 - 2018-03-14 15:04 - 000594944 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2018-05-01 09:47 - 2018-03-14 15:04 - 000507392 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2018-05-01 09:47 - 2018-03-14 15:04 - 000338432 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2018-05-01 09:47 - 2018-03-14 15:04 - 000338432 _____ (Microsoft Corporation) C:\Windows\system32\centel.dll
2018-05-01 09:47 - 2018-03-14 15:04 - 000238592 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2018-05-01 09:47 - 2018-03-14 15:04 - 000190976 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll
2018-04-20 12:37 - 2018-04-20 12:37 - 000002413 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast Secure Browser.lnk
2018-04-20 12:34 - 2018-04-20 12:34 - 000000000 ____D C:\Users\ROLAND\AppData\Local\AVAST Software
2018-04-18 15:12 - 2018-04-18 15:12 - 000000214 _____ C:\Users\ROLAND\Desktop\Final DOOM.url
2018-04-18 11:03 - 2018-04-18 11:03 - 000000214 _____ C:\Users\ROLAND\Desktop\Master Levels for DOOM II.url
2018-04-18 10:52 - 2018-04-18 10:53 - 000000000 ____D C:\Users\ROLAND\AppData\Local\Divinity 2
2018-04-18 10:52 - 2018-04-18 10:52 - 000000000 ____D C:\ProgramData\Divinity 2
2018-04-13 17:14 - 2018-04-13 17:14 - 000000216 _____ C:\Users\ROLAND\Desktop\Divinity II Developer's Cut.url
2018-04-12 09:29 - 2018-04-12 09:30 - 040749109 _____ C:\Users\ROLAND\Desktop\ac_addin_win_980_387.zip
2018-04-11 10:56 - 2018-04-11 11:00 - 227726016 _____ (Kilgray ) C:\Users\ROLAND\Desktop\memoQ-8-4-Setup-06.exe
2018-04-08 20:23 - 2018-04-08 20:23 - 000000000 ____D C:\Users\ROLAND\AppData\Roaming\11bitstudios
2018-04-08 17:25 - 2018-04-08 17:25 - 001110946 _____ C:\Users\ROLAND\Documents\ACFrOgDTpCg8sMCn7FAg2HhtE7vGCIFDKQW0JtSdmfDK0yUV0FcFS6JN7X6lfTdZZs23XdAPZETe_GK34K9OWyQFDINPkh_h1UvP8Brd2-oLI0Nt2yaB5hDhlnqwjYU=.pdf
2018-04-07 12:07 - 2018-04-07 12:07 - 000000000 ____D C:\Users\ROLAND\AppData\Local\CrashRpt
2018-04-06 11:49 - 2018-04-06 11:49 - 000000216 _____ C:\Users\ROLAND\Desktop\Crusader Kings II.url
2018-04-04 13:22 - 2018-04-04 13:26 - 000000000 ____D C:\Users\ROLAND\Desktop\Pôle Emploi
==================== Un mois - Modifiés - fichiers et dossiers ========
(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)
2018-05-04 18:13 - 2017-11-04 14:12 - 000000000 ____D C:\Users\ROLAND\AppData\Roaming\ZHP
2018-05-04 18:00 - 2017-11-04 14:12 - 000000000 ____D C:\Users\ROLAND\AppData\Local\ZHP
2018-05-04 17:55 - 2017-11-04 13:58 - 000000000 ____D C:\Users\ROLAND\Desktop\ZHP
2018-05-04 17:52 - 2009-12-29 14:31 - 000019664 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2018-05-04 17:52 - 2009-12-29 14:31 - 000019664 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2018-05-04 17:46 - 2016-11-01 16:48 - 000000933 _____ C:\Users\Public\Desktop\CCleaner.lnk
2018-05-04 17:44 - 2010-07-17 17:05 - 000000000 ____D C:\Users\ROLAND\AppData\Roaming\Skype
2018-05-04 14:22 - 2016-10-16 18:15 - 000000000 ____D C:\Program Files\Opera
2018-05-04 14:16 - 2010-12-30 12:46 - 000000000 ____D C:\Users\ROLAND\AppData\Local\ApplicationHistory
2018-05-04 14:10 - 2009-07-14 06:53 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2018-05-04 09:09 - 2009-07-14 06:53 - 000032482 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2018-05-04 01:11 - 2016-08-14 23:53 - 000002903 _____ C:\Windows\system32\servers.def.vpx
2018-05-04 01:11 - 2016-08-14 23:53 - 000002903 _____ C:\Windows\system32\servers.def.lkg
2018-05-04 01:11 - 2016-08-14 23:53 - 000000000 _____ C:\Windows\system32\prod-pgm.vpx
2018-05-03 19:32 - 2013-09-06 12:20 - 000000000 ____D C:\Program Files\Steam
2018-05-03 18:27 - 2017-12-06 19:36 - 000096712 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge.dll
2018-05-03 18:27 - 2017-12-06 19:36 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2018-05-03 18:26 - 2008-08-07 16:56 - 000000000 ____D C:\Program Files\Java
2018-05-03 18:25 - 2016-04-03 19:39 - 000000000 ____D C:\Program Files\Common Files\Adobe AIR
2018-05-03 18:25 - 2011-04-01 22:41 - 000000000 ____D C:\Program Files\DivX
2018-05-03 18:25 - 2011-04-01 22:33 - 000000000 ____D C:\ProgramData\DivX
2018-05-03 18:24 - 2013-10-01 20:13 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DivX
2018-05-03 18:24 - 2011-04-01 22:50 - 000000000 ____D C:\Program Files\Common Files\DivX Shared
2018-05-03 18:23 - 2011-04-01 22:51 - 000000000 ____D C:\Users\ROLAND\AppData\Roaming\DivX
2018-05-03 18:21 - 2010-12-26 01:45 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\7-Zip
2018-05-03 18:21 - 2010-12-26 01:45 - 000000000 ____D C:\Program Files\7-Zip
2018-05-03 17:28 - 2017-12-06 17:57 - 000000000 ____D C:\Program Files\Common Files\Avast Software
2018-05-03 17:27 - 2015-10-10 08:39 - 000000000 ____D C:\Program Files\AVAST Software
2018-05-03 17:27 - 2015-10-10 08:38 - 000000000 ____D C:\ProgramData\AVAST Software
2018-05-03 17:27 - 2009-07-14 04:37 - 000000000 ____D C:\Windows\inf
2018-05-03 17:07 - 2017-09-10 00:31 - 000000000 _____ C:\Windows\system32\last.dump
2018-05-02 20:55 - 2009-12-29 15:23 - 000143952 _____ C:\Users\ROLAND\AppData\Local\GDIPFONTCACHEV1.DAT
2018-05-02 20:51 - 2009-07-14 06:33 - 001833656 _____ C:\Windows\system32\FNTCACHE.DAT
2018-05-02 20:07 - 2014-12-11 12:28 - 000000000 ____D C:\Windows\system32\appraiser
2018-05-02 19:09 - 2015-09-08 09:39 - 000170200 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2018-04-20 17:05 - 2016-11-16 12:05 - 001697946 _____ C:\Windows\system32\PerfStringBackup.INI
2018-04-20 17:05 - 2009-07-14 10:39 - 000757762 _____ C:\Windows\system32\perfh00C.dat
2018-04-20 17:05 - 2009-07-14 10:39 - 000155264 _____ C:\Windows\system32\perfc00C.dat
2018-04-18 15:12 - 2014-04-01 10:48 - 000000000 ____D C:\Users\ROLAND\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2018-04-18 10:52 - 2014-05-09 23:32 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
2018-04-18 10:52 - 2014-05-09 23:32 - 000000000 ____D C:\Program Files\AGEIA Technologies
2018-04-18 10:52 - 2014-05-09 23:31 - 000000000 ____D C:\Program Files\Common Files\Wise Installation Wizard
2018-04-17 01:47 - 2011-01-17 22:04 - 000000000 ____D C:\Users\ROLAND\AppData\Roaming\vlc
2018-04-15 23:13 - 2016-11-23 00:07 - 000000000 ____D C:\Users\ROLAND\AppData\LocalLow\Mozilla
2018-04-14 11:39 - 2018-03-26 14:19 - 000000000 ____D C:\Users\ROLAND\Desktop\Photos Vieille Dame 2018
2018-04-10 18:13 - 2018-03-09 13:45 - 000000000 ____D C:\Users\ROLAND\Desktop\Liebesdienst
2018-04-08 21:12 - 2017-10-24 11:52 - 000000000 ____D C:\Program Files\Intel Driver and Support Assistant
2018-04-08 21:07 - 2017-06-28 18:22 - 000000000 ____D C:\Program Files\Mozilla Thunderbird
2018-04-08 21:07 - 2012-10-22 10:06 - 000000000 ____D C:\Program Files\Mozilla Maintenance Service
2018-04-08 17:19 - 2015-06-23 01:35 - 000000000 ____D C:\Users\ROLAND\Desktop\TOULOUSE-BONN_LA VIEILLE DAME
2018-04-05 12:39 - 2013-03-11 11:16 - 000000000 ____D C:\Program Files\Mozilla Firefox
2018-04-05 12:38 - 2010-10-06 17:03 - 000000000 ____D C:\Users\ROLAND\Desktop\ICONES
==================== Fichiers à la racine de certains dossiers =======
2010-12-30 00:59 - 2010-12-30 00:59 - 000022328 _____ () C:\Users\ROLAND\AppData\Roaming\PnkBstrK.sys
2009-10-17 13:42 - 2009-10-17 13:42 - 000000000 _____ () C:\Users\ROLAND\AppData\Roaming\wklnhst.dat
2014-12-06 02:38 - 2014-12-06 02:38 - 000000000 _____ () C:\Users\ROLAND\AppData\Roaming\Microsoft\AF3D.tmp
2010-07-13 00:55 - 2016-04-03 13:58 - 000027136 _____ () C:\Users\ROLAND\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2010-12-30 12:46 - 2010-12-30 12:46 - 000000094 _____ () C:\Users\ROLAND\AppData\Local\fusioncache.dat
Certains fichiers dans TEMP:
====================
2018-05-04 14:21 - 2018-05-04 14:21 - 001876480 _____ (Opera Software) C:\Users\ROLAND\AppData\Local\Temp\Opera_installer_180504122143073.dll
2018-05-04 14:21 - 2018-05-04 14:21 - 001876480 _____ (Opera Software) C:\Users\ROLAND\AppData\Local\Temp\Opera_installer_180504122143900.dll
2018-05-04 14:21 - 2018-05-04 14:21 - 001876480 _____ (Opera Software) C:\Users\ROLAND\AppData\Local\Temp\Opera_installer_180504122146146.dll
2018-05-04 14:21 - 2018-05-04 14:21 - 001876480 _____ (Opera Software) C:\Users\ROLAND\AppData\Local\Temp\Opera_installer_180504122146380.dll
2018-05-04 14:21 - 2018-05-04 14:21 - 001876480 _____ (Opera Software) C:\Users\ROLAND\AppData\Local\Temp\Opera_installer_180504122157612.dll
==================== Bamital & volsnap ======================
(Il n'y a pas de correction automatique pour les fichiers qui ne satisfont pas à la vérification.)
C:\Windows\explorer.exe => Le fichier est signé numériquement
C:\Windows\system32\winlogon.exe => Le fichier est signé numériquement
C:\Windows\system32\wininit.exe => Le fichier est signé numériquement
C:\Windows\system32\svchost.exe => Le fichier est signé numériquement
C:\Windows\system32\services.exe => Le fichier est signé numériquement
C:\Windows\system32\User32.dll => Le fichier est signé numériquement
C:\Windows\system32\userinit.exe => Le fichier est signé numériquement
C:\Windows\system32\rpcss.dll => Le fichier est signé numériquement
C:\Windows\system32\dnsapi.dll => Le fichier est signé numériquement
C:\Windows\system32\Drivers\volsnap.sys => Le fichier est signé numériquement
LastRegBack: 2018-05-03 11:20
==================== Fin de FRST.txt ============================