Publicité
Publicité
Format du document : text/plain
Prévisualisation
Résultats d'analyse de Farbar Recovery Scan Tool (FRST) (x64) Version: 10.10.2018
Exécuté par fred.splend (administrateur) sur FREDSPLEND-TOSH (19-10-2018 19:26:23)
Exécuté depuis C:\Users\fred.splend\Desktop
Profils chargés: fred.splend & DefaultAppPool (Profils disponibles: fred.splend & DefaultAppPool)
Platform: Windows 10 Home Version 1709 16299.431 (X64) Langue: Français (France)
Internet Explorer Version 11 (Navigateur par défaut: FF)
Mode d'amorçage: Normal
Tutoriel pour Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processus (Avec liste blanche) =================
(Si un élément est inclus dans le fichier fixlist.txt, le processus sera arrêté. Le fichier ne sera pas déplacé.)
() C:\Windows\System32\GFNEXSrv.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Compex Médical SA) C:\Program Files (x86)\DJO LLC\CpxRS02 Sync Service\CompexG9SyncService.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(DEVGURU Co., LTD.) C:\Program Files (x86)\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe
(Sony Corporation) C:\Program Files (x86)\Sony\PlayMemories Home\PMBDeviceInfoProvider.exe
(Seiko Epson Corporation) C:\Windows\System32\escsvc64.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe
(Toshiba Europe GmbH) C:\Program Files (x86)\Toshiba TEMPRO\TemproSvc.exe
(TOSHIBA Corporation) C:\Windows\System32\TODDSrv.exe
(Microsoft Corporation) C:\Windows\System32\mqsvc.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Microsoft Corporation) C:\Program Files\rempl\sedsvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\BulletinBoard\TosNcCore.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\ReelTime\TosReelTimeMonitor.exe
(Toshiba Europe GmbH) C:\Program Files (x86)\Toshiba TEMPRO\TemproTray.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\Power Saver\TPwrMain.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Hewlett-Packard Co.) C:\Program Files\HP\HP Photosmart 6510 series\Bin\ScanToPCActivationApp.exe
(Hewlett-Packard Co.) C:\Program Files\HP\HP Photosmart 6510 series\Bin\ScanToPCActivationApp.exe
(Hewlett-Packard Co.) C:\Program Files\HP\HP Photosmart 6510 series\Bin\ScanToPCActivationApp.exe
(SEIKO EPSON CORPORATION) C:\Windows\System32\spool\drivers\x64\3\E_YATINOE.EXE
(SEIKO EPSON CORPORATION) C:\Windows\System32\spool\drivers\x64\3\E_YATINOE.EXE
(Suunto) C:\Users\fred.splend\AppData\Local\Apps\2.0\JWG1LJ86.MO3\Q5XNQNVC.VEZ\move..tion_7b728a49b2b0d019_0001.0005_cab60a8d7bc05604\Moveslink2.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Sony Corporation) C:\Program Files (x86)\Sony\PlayMemories Home\PMBVolumeWatcher.exe
(WinZip Computing, S.L.) C:\Program Files (x86)\WinZip\WzPreloader.exe
(Microsoft Corporation) C:\Windows\System32\Taskmgr.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSENotify.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Microsoft Corporation) C:\Windows\System32\inetsrv\w3wp.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.LockApp_cw5n1h2txyewy\LockApp.exe
(Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
==================== Registre (Avec liste blanche) ===========================
(Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé. Le fichier ne sera pas déplacé.)
HKLM\...\Run: [SecurityHealth] => C:\Program Files\Windows Defender\MSASCuiL.exe [630168 2017-09-29] (Microsoft Corporation)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [11775592 2011-01-12] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2186856 2011-01-10] (Realtek Semiconductor)
HKLM\...\Run: [TosNC] => C:\Program Files\Toshiba\BulletinBoard\TosNcCore.exe [597928 2011-03-03] (TOSHIBA Corporation)
HKLM\...\Run: [TosReelTimeMonitor] => C:\Program Files\TOSHIBA\ReelTime\TosReelTimeMonitor.exe [38304 2010-12-14] (TOSHIBA Corporation)
HKLM\...\Run: [Toshiba TEMPRO] => C:\Program Files (x86)\Toshiba TEMPRO\TemproTray.exe [1546720 2011-02-10] (Toshiba Europe GmbH)
HKLM\...\Run: [TPwrMain] => C:\Program Files\TOSHIBA\Power Saver\TPwrMain.EXE [566696 2011-03-02] (TOSHIBA Corporation)
HKLM\...\Run: [TCrdMain] => C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe [973176 2010-12-15] (TOSHIBA Corporation)
HKLM\...\Run: [TosSENotify] => C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosWaitSrv.exe [710040 2010-12-08] (TOSHIBA Corporation)
HKLM\...\Run: [TosVolRegulator] => C:\Program Files\TOSHIBA\TosVolRegulator\TosVolRegulator.exe [24376 2009-11-11] (TOSHIBA Corporation)
HKLM\...\Run: [Toshiba Registration] => C:\Program Files\TOSHIBA\Registration\ToshibaReminder.exe [150992 2011-08-31] (Toshiba Europe GmbH)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [242392 2018-10-19] (AVAST Software)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [3953344 2017-06-02] (Synaptics Incorporated)
HKLM-x32\...\Run: [GrooveMonitor] => C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [30040 2009-02-26] (Microsoft Corporation)
HKLM-x32\...\Run: [APSDaemon] => "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKLM-x32\...\Run: [PMBVolumeWatcher] => C:\Program Files (x86)\Sony\PlayMemories Home\PMBVolumeWatcher.exe [2724896 2016-06-24] (Sony Corporation)
HKLM-x32\...\Run: [WinZip UN] => C:\Program Files (x86)\WinZip\WZUpdateNotifier.exe [1709312 2017-12-11] (WinZip)
HKLM-x32\...\Run: [WinZip PreLoader] => C:\Program Files (x86)\WinZip\WzPreloader.exe [123848 2017-12-11] (WinZip Computing, S.L.)
HKLM-x32\...\Run: [WinZip FAH] => C:\Program Files (x86)\WinZip\FAHConsole.exe [455360 2017-12-11] (WinZip Computing, S.L.)
HKLM-x32\...\RunOnce: [RemoveSafeZoneBrowser] => C:\Users\FRED~1.SPL\AppData\Local\Temp\removeSZB.exe [2781728 2018-10-18] () <==== ATTENTION
HKU\S-1-5-21-260067723-2658648044-1364929071-1000\...\Run: [TOPI.EXE] => C:\Program Files (x86)\TOSHIBA\TOSHIBA Online Product Information\topi.exe [846936 2011-05-16] (TOSHIBA)
HKU\S-1-5-21-260067723-2658648044-1364929071-1000\...\Run: [HP Photosmart 6510 series (NET)] => C:\Program Files\HP\HP Photosmart 6510 series\Bin\ScanToPCActivationApp.exe [2672488 2011-05-25] (Hewlett-Packard Co.)
HKU\S-1-5-21-260067723-2658648044-1364929071-1000\...\Run: [HP Photosmart 6510 series (NET) #2] => C:\Program Files\HP\HP Photosmart 6510 series\Bin\ScanToPCActivationApp.exe [2672488 2011-05-25] (Hewlett-Packard Co.)
HKU\S-1-5-21-260067723-2658648044-1364929071-1000\...\Run: [HP Photosmart 6510 series (NET) #3] => C:\Program Files\HP\HP Photosmart 6510 series\Bin\ScanToPCActivationApp.exe [2672488 2011-05-25] (Hewlett-Packard Co.)
HKU\S-1-5-21-260067723-2658648044-1364929071-1000\...\Run: [GarminExpressTrayApp] => C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe [1421736 2017-03-28] (Garmin Ltd. or its subsidiaries)
HKU\S-1-5-21-260067723-2658648044-1364929071-1000\...\Run: [Moveslink2] => C:\Users\fred.splend\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Suunto\Moveslink2.appref-ms -auto
HKU\S-1-5-21-260067723-2658648044-1364929071-1000\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [18630056 2018-09-23] (Piriform Ltd)
HKU\S-1-5-21-260067723-2658648044-1364929071-1000\...\Run: [EPLTarget\P0000000000000000] => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_YATINOE.EXE [298560 2013-12-16] (SEIKO EPSON CORPORATION)
HKU\S-1-5-21-260067723-2658648044-1364929071-1000\...\Run: [EPLTarget\P0000000000000001] => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_YATINOE.EXE [298560 2013-12-16] (SEIKO EPSON CORPORATION)
HKU\S-1-5-82-3006700770-424185619-1745488364-794895919-4004696415\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [519680 2017-09-29] (Microsoft Corporation)
Startup: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\TRDCReminder.lnk [2011-08-31]
ShortcutTarget: TRDCReminder.lnk -> C:\Program Files (x86)\TOSHIBA\TRDCReminder\TRDCReminder.exe (TOSHIBA Europe)
Startup: C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\TRDCReminder.lnk [2011-08-31]
ShortcutTarget: TRDCReminder.lnk -> C:\Program Files (x86)\TOSHIBA\TRDCReminder\TRDCReminder.exe (TOSHIBA Europe)
Startup: C:\Users\DefaultAppPool\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\TRDCReminder.lnk [2011-08-31]
ShortcutTarget: TRDCReminder.lnk -> C:\Program Files (x86)\TOSHIBA\TRDCReminder\TRDCReminder.exe (TOSHIBA Europe)
Startup: C:\Users\fred.splend\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Alertes de surveillance de l'encre - .lnk [2012-09-26]
ShortcutTarget: Alertes de surveillance de l'encre - .lnk -> C:\Program Files\HP\HP Photosmart 6510 series\Bin\HPStatusBL.dll (Hewlett-Packard Co.)
Startup: C:\Users\fred.splend\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Alertes de surveillance de l'encre - HP Photosmart 6510 series (réseau).lnk [2013-09-10]
ShortcutTarget: Alertes de surveillance de l'encre - HP Photosmart 6510 series (réseau).lnk -> C:\Program Files\HP\HP Photosmart 6510 series\Bin\HPStatusBL.dll (Hewlett-Packard Co.)
Startup: C:\Users\fred.splend\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Alertes de surveillance de l'encre - HP Photosmart 6510 series.lnk [2017-03-11]
ShortcutTarget: Alertes de surveillance de l'encre - HP Photosmart 6510 series.lnk -> C:\Program Files\HP\HP Photosmart 6510 series\Bin\HPStatusBL.dll (Hewlett-Packard Co.)
GroupPolicy: Restriction ? <==== ATTENTION
==================== Internet (Avec liste blanche) ====================
(Si un élément est inclus dans le fichier fixlist.txt, s'il s'agit d'un élément du Registre, il sera supprimé ou restauré à la valeur par défaut.)
Tcpip\Parameters: [DhcpNameServer] 192.168.43.1
Tcpip\..\Interfaces\{312d4630-0a42-431c-9a15-8320e57625d3}: [DhcpNameServer] 62.2.17.60 62.2.24.162 62.2.17.61 62.2.24.158
Tcpip\..\Interfaces\{357c3317-e631-4835-8f8c-802a321dca80}: [DhcpNameServer] 192.168.43.1
Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.com
SearchScopes: HKLM-x32 -> DefaultScope la valeur est absente
SearchScopes: HKU\S-1-5-21-260067723-2658648044-1364929071-1000 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-260067723-2658648044-1364929071-1000 -> {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL =
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26] (Microsoft Corporation)
BHO-x32: TOSHIBA Media Controller Plug-in -> {F3C88694-EFFA-4d78-B409-54B7B2535B14} -> C:\Program Files (x86)\TOSHIBA\TOSHIBA Media Controller Plug-in\TOSHIBAMediaControllerIE.dll [2010-12-05] ()
FireFox:
========
FF ProfilePath: C:\Users\fred.splend\AppData\Roaming\Mozilla\Firefox\Profiles\uq3yq3c4.default [2018-10-19]
FF Homepage: Mozilla\Firefox\Profiles\uq3yq3c4.default -> hxxps://www.google.ch/
FF NewTab: Mozilla\Firefox\Profiles\uq3yq3c4.default -> about:newtab
FF Extension: (Avast SafePrice) - C:\Users\fred.splend\AppData\Roaming\Mozilla\Firefox\Profiles\uq3yq3c4.default\Extensions\sp@avast.com.xpi [2018-03-09]
FF Extension: (Avast Online Security) - C:\Users\fred.splend\AppData\Roaming\Mozilla\Firefox\Profiles\uq3yq3c4.default\Extensions\wrc@avast.com.xpi [2018-10-19]
FF Extension: (Telemetry coverage) - C:\Users\fred.splend\AppData\Roaming\Mozilla\Firefox\Profiles\uq3yq3c4.default\features\{afa179cb-7079-40ba-a2f6-91d1a748a547}\telemetry-coverage-bug1487578@mozilla.org.xpi [2018-10-15] [Legacy]
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_29_0_0_171.dll [2018-05-15] ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.50907.0\npctrl.dll [2017-05-04] ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_29_0_0_171.dll [2018-05-15] ()
FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll [2014-01-06] (Google, Inc.)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.50907.0\npctrl.dll [2017-05-03] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [Pas de fichier]
FF Plugin-x32: @rocketlife.com/RocketLife Secure Plug-In Layer;version=1.0.5 -> C:\ProgramData\Visan\plugins\npRLSecurePluginLayer.dll [2013-09-17] (RocketLife, LLP)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.17\npGoogleUpdate3.dll [2018-05-21] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.17\npGoogleUpdate3.dll [2018-05-21] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.0.8 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2017-11-29] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2017-11-29] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2017-11-29] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.4 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2017-11-29] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.8 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2017-11-29] (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2018-09-20] (Adobe Systems Inc.)
Chrome:
=======
CHR DefaultProfile: Default
CHR HomePage: Default -> hxxp://www.google.com
CHR StartupUrls: Default -> "hxxp://www.google.com"
CHR Profile: C:\Users\fred.splend\AppData\Local\Google\Chrome\User Data\Default [2018-10-19]
CHR Extension: (Avast SafePrice | Comparaison, offres, coupons) - C:\Users\fred.splend\AppData\Local\Google\Chrome\User Data\Default\Extensions\eofcbnmajmjmplflapaojjnihcjkigck [2018-10-19]
CHR Extension: (Avast Online Security) - C:\Users\fred.splend\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2018-10-19]
CHR Extension: (Paiements via le Chrome Web Store) - C:\Users\fred.splend\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-09-02]
CHR Extension: (Chrome Media Router) - C:\Users\fred.splend\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2018-10-19]
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChromeSp.crx
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx
==================== Services (Avec liste blanche) ====================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
R3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe [8188768 2018-10-19] (AVAST Software)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [325024 2018-10-19] (AVAST Software)
S3 AvastWscReporter; C:\Program Files\AVAST Software\Avast\wsc_proxy.exe [57504 2018-10-19] (AVAST Software)
R2 CompexG9SyncService; C:\Program Files (x86)\DJO LLC\CpxRS02 Sync Service\CompexG9SyncService.exe [37376 2012-05-10] (Compex Médical SA) [Fichier non signé]
R2 EpsonScanSvc; C:\WINDOWS\system32\EscSvc64.exe [144560 2012-05-17] (Seiko Epson Corporation)
S2 Garmin Device Interaction Service; C:\Program Files (x86)\Garmin\Device Interaction Service\GarminService.exe [1099280 2017-03-28] (Garmin Ltd. or its subsidiaries)
R2 GFNEXSrv; C:\Windows\System32\GFNEXSrv.exe [162824 2010-09-09] ()
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe [69632 2005-11-14] (Macrovision Corporation) [Fichier non signé]
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [6347056 2018-09-19] (Malwarebytes)
R2 PMBDeviceInfoProvider; C:\Program Files (x86)\Sony\PlayMemories Home\PMBDeviceInfoProvider.exe [506912 2016-06-24] (Sony Corporation)
R2 ss_conn_service; C:\Program Files (x86)\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe [754784 2016-07-22] (DEVGURU Co., LTD.)
R2 SynTPEnhService; C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe [255168 2017-06-02] (Synaptics Incorporated)
R2 TemproMonitoringService; C:\Program Files (x86)\Toshiba TEMPRO\TemproSvc.exe [112080 2011-02-10] (Toshiba Europe GmbH)
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.12.17007.18011-0\NisSrv.exe [356168 2018-02-10] (Microsoft Corporation)
S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.12.17007.18011-0\MsMpEng.exe [105792 2018-02-10] (Microsoft Corporation)
R2 NVDisplay.ContainerLocalSystem; "C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe" -s NVDisplay.ContainerLocalSystem -f "C:\ProgramData\NVIDIA\NVDisplay.ContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\LocalSystem"
S2 nvsvc; "C:\WINDOWS\system32\nvvsvc.exe" [X]
S2 WinZip Compression Smart Monitor Service; "C:\Program Files (x86)\WinZip\WinZip Smart Monitor\WinZip Compression Smart Monitor Service.exe" [X]
===================== Pilotes (Avec liste blanche) ======================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
R1 aswArPot; C:\WINDOWS\System32\drivers\aswArPot.sys [201408 2018-10-19] (AVAST Software)
R1 aswbidsdriver; C:\WINDOWS\System32\drivers\aswbidsdrivera.sys [230512 2018-10-19] (AVAST Software)
R0 aswbidsh; C:\WINDOWS\System32\drivers\aswbidsha.sys [201928 2018-10-19] (AVAST Software)
R0 aswblog; C:\WINDOWS\System32\drivers\aswbloga.sys [346760 2018-10-19] (AVAST Software)
R0 aswbuniv; C:\WINDOWS\System32\drivers\aswbuniva.sys [59664 2018-10-19] (AVAST Software)
R0 aswElam; C:\WINDOWS\System32\drivers\aswElam.sys [15360 2018-10-19] (AVAST Software)
R1 aswHdsKe; C:\WINDOWS\System32\drivers\aswHdsKe.sys [185240 2018-10-19] (AVAST Software)
S3 aswHwid; C:\WINDOWS\System32\drivers\aswHwid.sys [47064 2018-10-19] (AVAST Software)
R1 aswKbd; C:\WINDOWS\System32\drivers\aswKbd.sys [42456 2018-10-19] (AVAST Software)
R2 aswMonFlt; C:\WINDOWS\System32\drivers\aswMonFlt.sys [163376 2018-10-19] (AVAST Software)
R1 aswRdr; C:\WINDOWS\System32\drivers\aswRdr2.sys [111968 2018-10-19] (AVAST Software)
R0 aswRvrt; C:\WINDOWS\System32\drivers\aswRvrt.sys [88112 2018-10-19] (AVAST Software)
R1 aswSnx; C:\WINDOWS\System32\drivers\aswSnx.sys [1028840 2018-10-19] (AVAST Software)
R1 aswSP; C:\WINDOWS\System32\drivers\aswSP.sys [467904 2018-10-19] (AVAST Software)
R2 aswStm; C:\WINDOWS\System32\drivers\aswStm.sys [208640 2018-10-19] (AVAST Software)
R0 aswVmm; C:\WINDOWS\System32\drivers\aswVmm.sys [381144 2018-10-19] (AVAST Software)
S3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus.sys [131712 2016-09-05] (Samsung Electronics Co., Ltd.)
R2 MBAMChameleon; C:\WINDOWS\System32\Drivers\MbamChameleon.sys [200232 2018-10-18] (Malwarebytes)
R3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [260384 2018-10-19] (Malwarebytes)
R3 nvlddmkm; C:\WINDOWS\System32\DriverStore\FileRepository\nvtdwu.inf_amd64_7b6a26f0085e5f11\nvlddmkm.sys [14190520 2017-01-17] (NVIDIA Corporation)
R3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [604160 2017-09-29] (Realtek )
R3 rtwlane_13; C:\WINDOWS\System32\drivers\rtwlane_13.sys [3717120 2017-09-29] (Realtek Semiconductor Corporation )
R3 SmbDrvI; C:\WINDOWS\system32\DRIVERS\Smb_driver_Intel.sys [51392 2017-06-02] (Synaptics Incorporated)
S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [165504 2016-09-05] (Samsung Electronics Co., Ltd.)
R3 Thotkey; C:\WINDOWS\System32\drivers\Thotkey.sys [45728 2015-11-26] (Toshiba Corporation)
S3 USBAAPL64; C:\WINDOWS\System32\Drivers\usbaapl64.sys [54784 2015-06-10] (Apple, Inc.) [Fichier non signé]
S3 WdBoot; C:\WINDOWS\system32\drivers\wd\WdBoot.sys [46072 2018-02-10] (Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\wd\WdFilter.sys [288848 2018-02-10] (Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [129616 2018-02-10] (Microsoft Corporation)
U3 idsvc; pas de ImagePath
==================== NetSvcs (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
==================== Un mois - Créés - fichiers et dossiers ========
(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)
2018-10-19 19:26 - 2018-10-19 19:27 - 000023877 _____ C:\Users\fred.splend\Desktop\FRST.txt
2018-10-19 19:26 - 2018-10-19 19:26 - 000000000 ____D C:\FRST
2018-10-19 19:25 - 2018-10-19 19:25 - 002414592 _____ (Farbar) C:\Users\fred.splend\Desktop\FRST64.exe
2018-10-19 18:53 - 2018-10-19 18:53 - 000260384 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamswissarmy.sys
2018-10-19 18:48 - 2018-10-19 18:48 - 000378584 _____ (AVAST Software) C:\WINDOWS\system32\aswBoot.exe
2018-10-19 18:48 - 2018-10-19 18:48 - 000015360 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswElam.sys
2018-10-19 18:48 - 2018-10-19 18:47 - 000042456 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswKbd.sys
2018-10-19 18:41 - 2018-10-19 18:41 - 000339129 _____ C:\Users\fred.splend\Desktop\ZHPDiag.txt
2018-10-19 18:30 - 2018-10-19 18:30 - 003172224 _____ C:\Users\fred.splend\ZHPDiag3.exe
2018-10-18 17:30 - 2018-10-18 17:30 - 000000000 ____D C:\Windows.old
2018-10-18 12:29 - 2018-10-19 18:30 - 000000783 _____ C:\Users\fred.splend\Desktop\ZHPDiag.lnk
2018-10-18 12:29 - 2018-10-18 12:29 - 003171712 _____ C:\Users\fred.splend\Downloads\ZHPDiag3.exe
2018-10-18 11:21 - 2018-10-18 11:21 - 000000000 ____D C:\Users\fred.splend\AppData\Local\mbam
2018-10-18 11:20 - 2018-10-18 11:20 - 000200232 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamChameleon.sys
2018-10-18 11:20 - 2018-10-18 11:20 - 000001919 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2018-10-18 11:20 - 2018-10-18 11:20 - 000000000 ____D C:\Users\fred.splend\AppData\Local\mbamtray
2018-10-18 11:20 - 2018-10-18 11:20 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes
2018-10-18 11:20 - 2018-09-11 13:18 - 000152688 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbae64.sys
2018-10-18 11:19 - 2018-10-18 11:19 - 000000000 ____D C:\ProgramData\MB2Migration
2018-10-18 11:19 - 2018-10-18 11:19 - 000000000 ____D C:\Program Files\Malwarebytes
2018-10-18 10:54 - 2018-10-18 10:54 - 007592144 _____ (Malwarebytes) C:\Users\fred.splend\Desktop\adwcleaner_7.2.4.0.exe
2018-10-18 10:34 - 2018-10-18 10:34 - 000000000 ____D C:\ProgramData\TOSHIBA Tempro
2018-10-18 10:34 - 2018-10-18 10:34 - 000000000 ____D C:\ProgramData\IsolatedStorage
2018-10-18 10:24 - 2018-10-18 10:26 - 000000934 _____ C:\Users\fred.splend\Desktop\ZHPCleaner.lnk
2018-10-18 10:24 - 2018-10-18 10:24 - 003281792 _____ C:\Users\fred.splend\Downloads\ZHPCleaner.exe
2018-10-18 10:23 - 2018-10-19 18:41 - 000000000 ____D C:\Users\fred.splend\AppData\Roaming\ZHP
2018-10-18 10:23 - 2018-10-18 12:29 - 000000000 ____D C:\Users\fred.splend\AppData\Local\ZHP
2018-10-18 10:22 - 2018-10-18 10:23 - 003275136 _____ C:\Users\fred.splend\Downloads\zhpcleaner_2018.9.3.169.exe
2018-10-07 17:39 - 2018-10-07 17:39 - 000001464 _____ C:\Users\Public\Desktop\Manuels EPSON.lnk
2018-10-07 17:36 - 2018-10-18 09:56 - 000000951 _____ C:\WINDOWS\Tasks\EPSON XP-620 Series Update {A1B37A47-F904-4201-A47A-E1CFB9BF48EB}.job
2018-10-07 17:36 - 2018-10-07 17:36 - 000004148 _____ C:\WINDOWS\System32\Tasks\EPSON XP-620 Series Update {A1B37A47-F904-4201-A47A-E1CFB9BF48EB}
2018-10-07 17:35 - 2018-10-18 09:56 - 000000951 _____ C:\WINDOWS\Tasks\EPSON XP-620 Series Update {815504E8-D6C9-406F-8F44-8725AA8232BA}.job
2018-10-07 17:35 - 2018-10-07 17:35 - 000004148 _____ C:\WINDOWS\System32\Tasks\EPSON XP-620 Series Update {815504E8-D6C9-406F-8F44-8725AA8232BA}
2018-10-07 17:14 - 2018-10-07 17:15 - 002519834 _____ C:\Users\fred.splend\Downloads\Ferring Corporate Presentation(1).pdf
2018-10-07 16:30 - 2018-06-08 14:09 - 000130808 _____ (Microsoft Corporation) C:\WINDOWS\system32\osrss.dll
2018-10-05 20:46 - 2018-10-05 20:46 - 000135971 _____ C:\Users\fred.splend\Downloads\Invoice_41010708330251503_7700768552102018.pdf
2018-10-05 20:46 - 2018-10-05 20:46 - 000135971 _____ C:\Users\fred.splend\Downloads\Invoice_41010708330251503_7700768552102018(1).pdf
2018-09-29 12:53 - 2018-09-29 12:53 - 000442630 _____ C:\Users\fred.splend\Downloads\1502390(5).pdf
2018-09-29 12:53 - 2018-09-29 12:53 - 000442630 _____ C:\Users\fred.splend\Downloads\1502390(4).pdf
2018-09-29 12:48 - 2018-09-29 12:48 - 000442630 _____ C:\Users\fred.splend\Downloads\1502390(3).pdf
2018-09-29 12:46 - 2018-09-29 12:46 - 000442630 _____ C:\Users\fred.splend\Downloads\1502390(2).pdf
2018-09-29 12:46 - 2018-09-29 12:46 - 000442630 _____ C:\Users\fred.splend\Downloads\1502390(1).pdf
2018-09-29 12:43 - 2018-09-29 12:44 - 000442630 _____ C:\Users\fred.splend\Downloads\1502390.pdf
2018-09-29 11:52 - 2018-05-04 11:37 - 000278448 _____ (Microsoft Corporation) C:\WINDOWS\system32\Notifier.exe
2018-09-29 11:35 - 2018-09-29 11:35 - 000000000 ____D C:\WINDOWS\UpdateAssistant
2018-09-29 11:35 - 2018-09-27 15:06 - 000025440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Luadgmgt.dll
2018-09-29 11:34 - 2018-06-13 23:14 - 000033792 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups2.dll
2018-09-29 11:33 - 2018-06-29 10:09 - 000170496 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhosdeployment.dll
2018-09-29 11:33 - 2018-06-29 09:58 - 000462336 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhext.dll
2018-09-29 11:33 - 2018-06-13 23:02 - 002786304 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2018-09-29 11:33 - 2018-06-08 08:07 - 000400896 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotification.exe
2018-09-29 11:33 - 2018-06-08 08:02 - 000253440 _____ (Microsoft Corporation) C:\WINDOWS\system32\domgmt.dll
2018-09-29 11:33 - 2018-06-08 07:57 - 001345024 _____ (Microsoft Corporation) C:\WINDOWS\system32\dosvc.dll
2018-09-29 11:33 - 2018-05-11 23:54 - 001300992 _____ (Microsoft Corporation) C:\WINDOWS\system32\usocore.dll
2018-09-23 13:47 - 2018-09-23 13:48 - 000074627 _____ C:\Users\fred.splend\Downloads\INT_AVB_08.2006_FR.pdf
2018-09-23 13:40 - 2018-09-23 13:40 - 000079576 _____ C:\Users\fred.splend\Downloads\fs-14824FR_reiseversicherung_intertours_fr(1).pdf
2018-09-23 13:39 - 2018-09-23 13:39 - 000079576 _____ C:\Users\fred.splend\Downloads\fs-14824FR_reiseversicherung_intertours_fr.pdf
2018-09-23 13:16 - 2018-09-23 13:16 - 000044485 _____ C:\Users\fred.splend\Downloads\SC-00000000001823210462(1).pdf
2018-09-23 13:15 - 2018-09-23 13:15 - 000044485 _____ C:\Users\fred.splend\Downloads\SC-00000000001823210462.pdf
2018-09-23 13:10 - 2018-09-23 13:10 - 000139429 _____ C:\Users\fred.splend\Downloads\invoice_23_09_2018 13_10_27.pdf
==================== Un mois - Modifiés - fichiers et dossiers ========
(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)
2018-10-19 19:23 - 2017-03-11 14:39 - 000000000 ____D C:\Users\fred.splend\AppData\Local\CrashDumps
2018-10-19 19:21 - 2018-01-25 17:09 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2018-10-19 19:20 - 2018-01-25 17:50 - 000004188 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{D13B6DE1-3BED-4701-90CD-7B21BC6FB832}
2018-10-19 19:04 - 2016-11-21 18:53 - 000000000 ____D C:\Users\fred.splend\AppData\LocalLow\Mozilla
2018-10-19 19:02 - 2018-01-25 21:03 - 000000000 ____D C:\Users\fred.splend\AppData\Local\Deployment
2018-10-19 18:57 - 2018-01-25 17:15 - 003255178 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2018-10-19 18:57 - 2017-09-30 16:40 - 001534938 _____ C:\WINDOWS\system32\perfh00C.dat
2018-10-19 18:57 - 2017-09-30 16:40 - 000374320 _____ C:\WINDOWS\system32\perfc00C.dat
2018-10-19 18:52 - 2018-01-25 17:50 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2018-10-19 18:52 - 2016-10-06 20:55 - 000000000 ____D C:\ProgramData\NVIDIA
2018-10-19 18:51 - 2017-09-29 10:45 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2018-10-19 18:49 - 2018-01-25 17:50 - 000003990 _____ C:\WINDOWS\System32\Tasks\Avast Emergency Update
2018-10-19 18:48 - 2018-01-26 11:47 - 000201408 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswArPot.sys
2018-10-19 18:48 - 2017-09-29 15:46 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2018-10-19 18:48 - 2015-10-16 18:50 - 000467904 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSP.sys
2018-10-19 18:48 - 2015-10-16 18:50 - 000381144 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswVmm.sys
2018-10-19 18:48 - 2015-10-16 18:50 - 000208640 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswStm.sys
2018-10-19 18:48 - 2015-10-16 18:50 - 000163376 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswMonFlt.sys
2018-10-19 18:48 - 2015-10-16 18:50 - 000111968 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRdr2.sys
2018-10-19 18:48 - 2015-10-16 18:50 - 000088112 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRvrt.sys
2018-10-19 18:48 - 2015-10-16 18:50 - 000047064 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswHwid.sys
2018-10-19 18:48 - 2012-01-27 20:55 - 000000000 ____D C:\ProgramData\AVAST Software
2018-10-19 18:47 - 2018-01-26 11:47 - 000185240 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswHdsKe.sys
2018-10-19 18:47 - 2017-03-12 13:36 - 000346760 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbloga.sys
2018-10-19 18:47 - 2017-03-12 13:36 - 000230512 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbidsdrivera.sys
2018-10-19 18:47 - 2017-03-12 13:36 - 000201928 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbidsha.sys
2018-10-19 18:47 - 2017-03-12 13:36 - 000059664 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbuniva.sys
2018-10-19 18:47 - 2015-10-16 18:50 - 001028840 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSnx.sys
2018-10-19 18:30 - 2018-01-25 17:20 - 000000000 ____D C:\Users\fred.splend
2018-10-19 18:26 - 2018-01-25 17:49 - 000045723 _____ C:\WINDOWS\diagwrn.xml
2018-10-19 18:26 - 2018-01-25 17:49 - 000045723 _____ C:\WINDOWS\diagerr.xml
2018-10-19 16:26 - 2017-09-29 15:46 - 000000000 ____D C:\WINDOWS\DeliveryOptimization
2018-10-19 16:25 - 2017-09-29 15:46 - 000000000 ___HD C:\Program Files\WindowsApps
2018-10-19 16:25 - 2017-09-29 15:46 - 000000000 ____D C:\WINDOWS\AppReadiness
2018-10-19 15:32 - 2018-03-09 17:38 - 000004210 _____ C:\WINDOWS\System32\Tasks\CCleaner Update
2018-10-19 15:17 - 2017-09-29 15:46 - 000000000 ____D C:\WINDOWS\Registration
2018-10-19 15:16 - 2018-04-12 19:25 - 000000000 ___HD C:\$WINDOWS.~BT
2018-10-18 19:24 - 2018-01-22 16:10 - 000000000 ___DC C:\WINDOWS\Panther
2018-10-18 12:22 - 2013-08-18 22:39 - 000000000 ____D C:\WINDOWS\system32\MRT
2018-10-18 12:18 - 2017-09-29 15:37 - 000000000 ____D C:\WINDOWS\CbsTemp
2018-10-18 12:18 - 2012-02-19 18:37 - 136745976 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2018-10-18 12:06 - 2016-11-02 23:02 - 000000000 ____D C:\Users\fred.splend\AppData\Local\7e13bd35834d640527cb0411e65ccc09
2018-10-18 11:19 - 2018-01-06 19:53 - 000000000 ____D C:\Program Files\rempl
2018-10-18 11:19 - 2012-01-27 21:06 - 000000000 ____D C:\ProgramData\Malwarebytes
2018-10-18 11:04 - 2018-01-26 12:06 - 000000000 ____D C:\Program Files (x86)\WinZip
2018-10-18 10:56 - 2013-09-10 00:09 - 000000000 ____D C:\AdwCleaner
2018-10-18 10:37 - 2018-01-25 17:22 - 000000000 ____D C:\Users\fred.splend\AppData\Local\Packages
2018-10-18 10:09 - 2018-01-25 17:50 - 000003388 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-260067723-2658648044-1364929071-1000
2018-10-18 10:09 - 2015-11-26 23:43 - 000002478 _____ C:\Users\fred.splend\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2018-10-18 10:09 - 2015-11-26 23:43 - 000000000 ___RD C:\Users\fred.splend\OneDrive
2018-10-18 09:56 - 2016-11-20 19:46 - 000000000 ____D C:\Program Files (x86)\Mozilla Firefox
2018-10-18 09:56 - 2012-04-27 21:19 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2018-10-15 16:28 - 2017-09-29 10:45 - 000032768 _____ C:\WINDOWS\system32\config\ELAM
2018-10-15 14:30 - 2017-04-26 16:16 - 000002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2018-10-07 17:39 - 2017-09-29 15:44 - 000000000 ____D C:\WINDOWS\INF
2018-10-07 17:39 - 2015-02-17 19:45 - 000001010 _____ C:\Users\Public\Desktop\EPSON Scan.lnk
2018-10-07 17:34 - 2015-02-17 19:45 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EPSON
2018-10-07 17:25 - 2015-02-17 19:17 - 000000000 ____D C:\ProgramData\Epson
2018-10-07 17:21 - 2015-02-17 19:45 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EPSON Software
2018-10-07 17:19 - 2012-02-05 17:35 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP
2018-10-07 17:19 - 2012-02-05 17:34 - 000000000 ____D C:\ProgramData\HP
2018-10-07 17:19 - 2012-02-05 17:34 - 000000000 ____D C:\Program Files\HP
2018-10-07 17:19 - 2012-02-05 17:34 - 000000000 ____D C:\Program Files (x86)\HP
2018-10-07 17:04 - 2016-11-27 19:54 - 000001235 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2018-10-07 16:43 - 2012-01-27 20:45 - 000000000 ____D C:\Users\fred.splend\AppData\LocalLow\Adobe
2018-10-02 21:57 - 2018-05-15 22:09 - 000835152 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2018-10-02 21:57 - 2018-05-15 22:09 - 000179792 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2018-09-30 04:15 - 2016-11-27 20:33 - 000000000 ____D C:\Program Files\CCleaner
2018-09-23 13:53 - 2018-03-25 14:24 - 000000000 ____D C:\Users\fred.splend\AppData\Local\ElevatedDiagnostics
2018-09-23 13:07 - 2018-01-25 17:50 - 000004562 _____ C:\WINDOWS\System32\Tasks\Adobe Acrobat Update Task
2018-09-23 13:06 - 2017-04-26 16:16 - 000002131 _____ C:\Users\Public\Desktop\Acrobat Reader DC.lnk
2018-09-23 13:04 - 2011-08-31 11:13 - 000002306 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
==================== Fichiers à la racine de certains dossiers =======
2018-10-19 18:30 - 2018-10-19 18:30 - 003172224 _____ () C:\Users\fred.splend\ZHPDiag3.exe
2016-10-31 19:20 - 2016-10-31 19:20 - 000000017 _____ () C:\Users\fred.splend\AppData\Local\resmon.resmoncfg
Fichiers à déplacer ou supprimer:
====================
C:\Users\FRED~1.SPL\AppData\Local\Temp\removeSZB.exe
Certains fichiers dans TEMP:
====================
2018-10-18 11:12 - 2018-10-18 11:08 - 002781728 _____ () C:\Users\fred.splend\AppData\Local\Temp\removeSZB.exe
==================== Bamital & volsnap ======================
(Il n'y a pas de correction automatique pour les fichiers qui ne satisfont pas à la vérification.)
C:\WINDOWS\system32\winlogon.exe => Le fichier est signé numériquement
C:\WINDOWS\system32\wininit.exe => Le fichier est signé numériquement
C:\WINDOWS\explorer.exe => Le fichier est signé numériquement
C:\WINDOWS\SysWOW64\explorer.exe => Le fichier est signé numériquement
C:\WINDOWS\system32\svchost.exe => Le fichier est signé numériquement
C:\WINDOWS\SysWOW64\svchost.exe => Le fichier est signé numériquement
C:\WINDOWS\system32\services.exe => Le fichier est signé numériquement
C:\WINDOWS\system32\User32.dll => Le fichier est signé numériquement
C:\WINDOWS\SysWOW64\User32.dll => Le fichier est signé numériquement
C:\WINDOWS\system32\userinit.exe => Le fichier est signé numériquement
C:\WINDOWS\SysWOW64\userinit.exe => Le fichier est signé numériquement
C:\WINDOWS\system32\rpcss.dll => Le fichier est signé numériquement
C:\WINDOWS\system32\dnsapi.dll => Le fichier est signé numériquement
C:\WINDOWS\SysWOW64\dnsapi.dll => Le fichier est signé numériquement
C:\WINDOWS\system32\Drivers\volsnap.sys => Le fichier est signé numériquement
LastRegBack: 2018-10-18 18:34
==================== Fin de FRST.txt ============================
Exécuté par fred.splend (administrateur) sur FREDSPLEND-TOSH (19-10-2018 19:26:23)
Exécuté depuis C:\Users\fred.splend\Desktop
Profils chargés: fred.splend & DefaultAppPool (Profils disponibles: fred.splend & DefaultAppPool)
Platform: Windows 10 Home Version 1709 16299.431 (X64) Langue: Français (France)
Internet Explorer Version 11 (Navigateur par défaut: FF)
Mode d'amorçage: Normal
Tutoriel pour Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processus (Avec liste blanche) =================
(Si un élément est inclus dans le fichier fixlist.txt, le processus sera arrêté. Le fichier ne sera pas déplacé.)
() C:\Windows\System32\GFNEXSrv.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Compex Médical SA) C:\Program Files (x86)\DJO LLC\CpxRS02 Sync Service\CompexG9SyncService.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(DEVGURU Co., LTD.) C:\Program Files (x86)\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe
(Sony Corporation) C:\Program Files (x86)\Sony\PlayMemories Home\PMBDeviceInfoProvider.exe
(Seiko Epson Corporation) C:\Windows\System32\escsvc64.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe
(Toshiba Europe GmbH) C:\Program Files (x86)\Toshiba TEMPRO\TemproSvc.exe
(TOSHIBA Corporation) C:\Windows\System32\TODDSrv.exe
(Microsoft Corporation) C:\Windows\System32\mqsvc.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Microsoft Corporation) C:\Program Files\rempl\sedsvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\BulletinBoard\TosNcCore.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\ReelTime\TosReelTimeMonitor.exe
(Toshiba Europe GmbH) C:\Program Files (x86)\Toshiba TEMPRO\TemproTray.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\Power Saver\TPwrMain.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Hewlett-Packard Co.) C:\Program Files\HP\HP Photosmart 6510 series\Bin\ScanToPCActivationApp.exe
(Hewlett-Packard Co.) C:\Program Files\HP\HP Photosmart 6510 series\Bin\ScanToPCActivationApp.exe
(Hewlett-Packard Co.) C:\Program Files\HP\HP Photosmart 6510 series\Bin\ScanToPCActivationApp.exe
(SEIKO EPSON CORPORATION) C:\Windows\System32\spool\drivers\x64\3\E_YATINOE.EXE
(SEIKO EPSON CORPORATION) C:\Windows\System32\spool\drivers\x64\3\E_YATINOE.EXE
(Suunto) C:\Users\fred.splend\AppData\Local\Apps\2.0\JWG1LJ86.MO3\Q5XNQNVC.VEZ\move..tion_7b728a49b2b0d019_0001.0005_cab60a8d7bc05604\Moveslink2.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Sony Corporation) C:\Program Files (x86)\Sony\PlayMemories Home\PMBVolumeWatcher.exe
(WinZip Computing, S.L.) C:\Program Files (x86)\WinZip\WzPreloader.exe
(Microsoft Corporation) C:\Windows\System32\Taskmgr.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSENotify.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Microsoft Corporation) C:\Windows\System32\inetsrv\w3wp.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.LockApp_cw5n1h2txyewy\LockApp.exe
(Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
==================== Registre (Avec liste blanche) ===========================
(Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé. Le fichier ne sera pas déplacé.)
HKLM\...\Run: [SecurityHealth] => C:\Program Files\Windows Defender\MSASCuiL.exe [630168 2017-09-29] (Microsoft Corporation)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [11775592 2011-01-12] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2186856 2011-01-10] (Realtek Semiconductor)
HKLM\...\Run: [TosNC] => C:\Program Files\Toshiba\BulletinBoard\TosNcCore.exe [597928 2011-03-03] (TOSHIBA Corporation)
HKLM\...\Run: [TosReelTimeMonitor] => C:\Program Files\TOSHIBA\ReelTime\TosReelTimeMonitor.exe [38304 2010-12-14] (TOSHIBA Corporation)
HKLM\...\Run: [Toshiba TEMPRO] => C:\Program Files (x86)\Toshiba TEMPRO\TemproTray.exe [1546720 2011-02-10] (Toshiba Europe GmbH)
HKLM\...\Run: [TPwrMain] => C:\Program Files\TOSHIBA\Power Saver\TPwrMain.EXE [566696 2011-03-02] (TOSHIBA Corporation)
HKLM\...\Run: [TCrdMain] => C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe [973176 2010-12-15] (TOSHIBA Corporation)
HKLM\...\Run: [TosSENotify] => C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosWaitSrv.exe [710040 2010-12-08] (TOSHIBA Corporation)
HKLM\...\Run: [TosVolRegulator] => C:\Program Files\TOSHIBA\TosVolRegulator\TosVolRegulator.exe [24376 2009-11-11] (TOSHIBA Corporation)
HKLM\...\Run: [Toshiba Registration] => C:\Program Files\TOSHIBA\Registration\ToshibaReminder.exe [150992 2011-08-31] (Toshiba Europe GmbH)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [242392 2018-10-19] (AVAST Software)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [3953344 2017-06-02] (Synaptics Incorporated)
HKLM-x32\...\Run: [GrooveMonitor] => C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [30040 2009-02-26] (Microsoft Corporation)
HKLM-x32\...\Run: [APSDaemon] => "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKLM-x32\...\Run: [PMBVolumeWatcher] => C:\Program Files (x86)\Sony\PlayMemories Home\PMBVolumeWatcher.exe [2724896 2016-06-24] (Sony Corporation)
HKLM-x32\...\Run: [WinZip UN] => C:\Program Files (x86)\WinZip\WZUpdateNotifier.exe [1709312 2017-12-11] (WinZip)
HKLM-x32\...\Run: [WinZip PreLoader] => C:\Program Files (x86)\WinZip\WzPreloader.exe [123848 2017-12-11] (WinZip Computing, S.L.)
HKLM-x32\...\Run: [WinZip FAH] => C:\Program Files (x86)\WinZip\FAHConsole.exe [455360 2017-12-11] (WinZip Computing, S.L.)
HKLM-x32\...\RunOnce: [RemoveSafeZoneBrowser] => C:\Users\FRED~1.SPL\AppData\Local\Temp\removeSZB.exe [2781728 2018-10-18] () <==== ATTENTION
HKU\S-1-5-21-260067723-2658648044-1364929071-1000\...\Run: [TOPI.EXE] => C:\Program Files (x86)\TOSHIBA\TOSHIBA Online Product Information\topi.exe [846936 2011-05-16] (TOSHIBA)
HKU\S-1-5-21-260067723-2658648044-1364929071-1000\...\Run: [HP Photosmart 6510 series (NET)] => C:\Program Files\HP\HP Photosmart 6510 series\Bin\ScanToPCActivationApp.exe [2672488 2011-05-25] (Hewlett-Packard Co.)
HKU\S-1-5-21-260067723-2658648044-1364929071-1000\...\Run: [HP Photosmart 6510 series (NET) #2] => C:\Program Files\HP\HP Photosmart 6510 series\Bin\ScanToPCActivationApp.exe [2672488 2011-05-25] (Hewlett-Packard Co.)
HKU\S-1-5-21-260067723-2658648044-1364929071-1000\...\Run: [HP Photosmart 6510 series (NET) #3] => C:\Program Files\HP\HP Photosmart 6510 series\Bin\ScanToPCActivationApp.exe [2672488 2011-05-25] (Hewlett-Packard Co.)
HKU\S-1-5-21-260067723-2658648044-1364929071-1000\...\Run: [GarminExpressTrayApp] => C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe [1421736 2017-03-28] (Garmin Ltd. or its subsidiaries)
HKU\S-1-5-21-260067723-2658648044-1364929071-1000\...\Run: [Moveslink2] => C:\Users\fred.splend\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Suunto\Moveslink2.appref-ms -auto
HKU\S-1-5-21-260067723-2658648044-1364929071-1000\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [18630056 2018-09-23] (Piriform Ltd)
HKU\S-1-5-21-260067723-2658648044-1364929071-1000\...\Run: [EPLTarget\P0000000000000000] => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_YATINOE.EXE [298560 2013-12-16] (SEIKO EPSON CORPORATION)
HKU\S-1-5-21-260067723-2658648044-1364929071-1000\...\Run: [EPLTarget\P0000000000000001] => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_YATINOE.EXE [298560 2013-12-16] (SEIKO EPSON CORPORATION)
HKU\S-1-5-82-3006700770-424185619-1745488364-794895919-4004696415\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [519680 2017-09-29] (Microsoft Corporation)
Startup: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\TRDCReminder.lnk [2011-08-31]
ShortcutTarget: TRDCReminder.lnk -> C:\Program Files (x86)\TOSHIBA\TRDCReminder\TRDCReminder.exe (TOSHIBA Europe)
Startup: C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\TRDCReminder.lnk [2011-08-31]
ShortcutTarget: TRDCReminder.lnk -> C:\Program Files (x86)\TOSHIBA\TRDCReminder\TRDCReminder.exe (TOSHIBA Europe)
Startup: C:\Users\DefaultAppPool\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\TRDCReminder.lnk [2011-08-31]
ShortcutTarget: TRDCReminder.lnk -> C:\Program Files (x86)\TOSHIBA\TRDCReminder\TRDCReminder.exe (TOSHIBA Europe)
Startup: C:\Users\fred.splend\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Alertes de surveillance de l'encre - .lnk [2012-09-26]
ShortcutTarget: Alertes de surveillance de l'encre - .lnk -> C:\Program Files\HP\HP Photosmart 6510 series\Bin\HPStatusBL.dll (Hewlett-Packard Co.)
Startup: C:\Users\fred.splend\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Alertes de surveillance de l'encre - HP Photosmart 6510 series (réseau).lnk [2013-09-10]
ShortcutTarget: Alertes de surveillance de l'encre - HP Photosmart 6510 series (réseau).lnk -> C:\Program Files\HP\HP Photosmart 6510 series\Bin\HPStatusBL.dll (Hewlett-Packard Co.)
Startup: C:\Users\fred.splend\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Alertes de surveillance de l'encre - HP Photosmart 6510 series.lnk [2017-03-11]
ShortcutTarget: Alertes de surveillance de l'encre - HP Photosmart 6510 series.lnk -> C:\Program Files\HP\HP Photosmart 6510 series\Bin\HPStatusBL.dll (Hewlett-Packard Co.)
GroupPolicy: Restriction ? <==== ATTENTION
==================== Internet (Avec liste blanche) ====================
(Si un élément est inclus dans le fichier fixlist.txt, s'il s'agit d'un élément du Registre, il sera supprimé ou restauré à la valeur par défaut.)
Tcpip\Parameters: [DhcpNameServer] 192.168.43.1
Tcpip\..\Interfaces\{312d4630-0a42-431c-9a15-8320e57625d3}: [DhcpNameServer] 62.2.17.60 62.2.24.162 62.2.17.61 62.2.24.158
Tcpip\..\Interfaces\{357c3317-e631-4835-8f8c-802a321dca80}: [DhcpNameServer] 192.168.43.1
Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.com
SearchScopes: HKLM-x32 -> DefaultScope la valeur est absente
SearchScopes: HKU\S-1-5-21-260067723-2658648044-1364929071-1000 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-260067723-2658648044-1364929071-1000 -> {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL =
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26] (Microsoft Corporation)
BHO-x32: TOSHIBA Media Controller Plug-in -> {F3C88694-EFFA-4d78-B409-54B7B2535B14} -> C:\Program Files (x86)\TOSHIBA\TOSHIBA Media Controller Plug-in\TOSHIBAMediaControllerIE.dll [2010-12-05] (
FireFox:
========
FF ProfilePath: C:\Users\fred.splend\AppData\Roaming\Mozilla\Firefox\Profiles\uq3yq3c4.default [2018-10-19]
FF Homepage: Mozilla\Firefox\Profiles\uq3yq3c4.default -> hxxps://www.google.ch/
FF NewTab: Mozilla\Firefox\Profiles\uq3yq3c4.default -> about:newtab
FF Extension: (Avast SafePrice) - C:\Users\fred.splend\AppData\Roaming\Mozilla\Firefox\Profiles\uq3yq3c4.default\Extensions\sp@avast.com.xpi [2018-03-09]
FF Extension: (Avast Online Security) - C:\Users\fred.splend\AppData\Roaming\Mozilla\Firefox\Profiles\uq3yq3c4.default\Extensions\wrc@avast.com.xpi [2018-10-19]
FF Extension: (Telemetry coverage) - C:\Users\fred.splend\AppData\Roaming\Mozilla\Firefox\Profiles\uq3yq3c4.default\features\{afa179cb-7079-40ba-a2f6-91d1a748a547}\telemetry-coverage-bug1487578@mozilla.org.xpi [2018-10-15] [Legacy]
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_29_0_0_171.dll [2018-05-15] ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.50907.0\npctrl.dll [2017-05-04] ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_29_0_0_171.dll [2018-05-15] ()
FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll [2014-01-06] (Google, Inc.)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.50907.0\npctrl.dll [2017-05-03] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [Pas de fichier]
FF Plugin-x32: @rocketlife.com/RocketLife Secure Plug-In Layer;version=1.0.5 -> C:\ProgramData\Visan\plugins\npRLSecurePluginLayer.dll [2013-09-17] (RocketLife, LLP)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.17\npGoogleUpdate3.dll [2018-05-21] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.17\npGoogleUpdate3.dll [2018-05-21] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.0.8 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2017-11-29] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2017-11-29] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2017-11-29] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.4 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2017-11-29] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.8 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2017-11-29] (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2018-09-20] (Adobe Systems Inc.)
Chrome:
=======
CHR DefaultProfile: Default
CHR HomePage: Default -> hxxp://www.google.com
CHR StartupUrls: Default -> "hxxp://www.google.com"
CHR Profile: C:\Users\fred.splend\AppData\Local\Google\Chrome\User Data\Default [2018-10-19]
CHR Extension: (Avast SafePrice | Comparaison, offres, coupons) - C:\Users\fred.splend\AppData\Local\Google\Chrome\User Data\Default\Extensions\eofcbnmajmjmplflapaojjnihcjkigck [2018-10-19]
CHR Extension: (Avast Online Security) - C:\Users\fred.splend\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2018-10-19]
CHR Extension: (Paiements via le Chrome Web Store) - C:\Users\fred.splend\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-09-02]
CHR Extension: (Chrome Media Router) - C:\Users\fred.splend\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2018-10-19]
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChromeSp.crx
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx
==================== Services (Avec liste blanche) ====================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
R3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe [8188768 2018-10-19] (AVAST Software)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [325024 2018-10-19] (AVAST Software)
S3 AvastWscReporter; C:\Program Files\AVAST Software\Avast\wsc_proxy.exe [57504 2018-10-19] (AVAST Software)
R2 CompexG9SyncService; C:\Program Files (x86)\DJO LLC\CpxRS02 Sync Service\CompexG9SyncService.exe [37376 2012-05-10] (Compex Médical SA) [Fichier non signé]
R2 EpsonScanSvc; C:\WINDOWS\system32\EscSvc64.exe [144560 2012-05-17] (Seiko Epson Corporation)
S2 Garmin Device Interaction Service; C:\Program Files (x86)\Garmin\Device Interaction Service\GarminService.exe [1099280 2017-03-28] (Garmin Ltd. or its subsidiaries)
R2 GFNEXSrv; C:\Windows\System32\GFNEXSrv.exe [162824 2010-09-09] ()
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe [69632 2005-11-14] (Macrovision Corporation) [Fichier non signé]
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [6347056 2018-09-19] (Malwarebytes)
R2 PMBDeviceInfoProvider; C:\Program Files (x86)\Sony\PlayMemories Home\PMBDeviceInfoProvider.exe [506912 2016-06-24] (Sony Corporation)
R2 ss_conn_service; C:\Program Files (x86)\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe [754784 2016-07-22] (DEVGURU Co., LTD.)
R2 SynTPEnhService; C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe [255168 2017-06-02] (Synaptics Incorporated)
R2 TemproMonitoringService; C:\Program Files (x86)\Toshiba TEMPRO\TemproSvc.exe [112080 2011-02-10] (Toshiba Europe GmbH)
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.12.17007.18011-0\NisSrv.exe [356168 2018-02-10] (Microsoft Corporation)
S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.12.17007.18011-0\MsMpEng.exe [105792 2018-02-10] (Microsoft Corporation)
R2 NVDisplay.ContainerLocalSystem; "C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe" -s NVDisplay.ContainerLocalSystem -f "C:\ProgramData\NVIDIA\NVDisplay.ContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\LocalSystem"
S2 nvsvc; "C:\WINDOWS\system32\nvvsvc.exe" [X]
S2 WinZip Compression Smart Monitor Service; "C:\Program Files (x86)\WinZip\WinZip Smart Monitor\WinZip Compression Smart Monitor Service.exe" [X]
===================== Pilotes (Avec liste blanche) ======================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
R1 aswArPot; C:\WINDOWS\System32\drivers\aswArPot.sys [201408 2018-10-19] (AVAST Software)
R1 aswbidsdriver; C:\WINDOWS\System32\drivers\aswbidsdrivera.sys [230512 2018-10-19] (AVAST Software)
R0 aswbidsh; C:\WINDOWS\System32\drivers\aswbidsha.sys [201928 2018-10-19] (AVAST Software)
R0 aswblog; C:\WINDOWS\System32\drivers\aswbloga.sys [346760 2018-10-19] (AVAST Software)
R0 aswbuniv; C:\WINDOWS\System32\drivers\aswbuniva.sys [59664 2018-10-19] (AVAST Software)
R0 aswElam; C:\WINDOWS\System32\drivers\aswElam.sys [15360 2018-10-19] (AVAST Software)
R1 aswHdsKe; C:\WINDOWS\System32\drivers\aswHdsKe.sys [185240 2018-10-19] (AVAST Software)
S3 aswHwid; C:\WINDOWS\System32\drivers\aswHwid.sys [47064 2018-10-19] (AVAST Software)
R1 aswKbd; C:\WINDOWS\System32\drivers\aswKbd.sys [42456 2018-10-19] (AVAST Software)
R2 aswMonFlt; C:\WINDOWS\System32\drivers\aswMonFlt.sys [163376 2018-10-19] (AVAST Software)
R1 aswRdr; C:\WINDOWS\System32\drivers\aswRdr2.sys [111968 2018-10-19] (AVAST Software)
R0 aswRvrt; C:\WINDOWS\System32\drivers\aswRvrt.sys [88112 2018-10-19] (AVAST Software)
R1 aswSnx; C:\WINDOWS\System32\drivers\aswSnx.sys [1028840 2018-10-19] (AVAST Software)
R1 aswSP; C:\WINDOWS\System32\drivers\aswSP.sys [467904 2018-10-19] (AVAST Software)
R2 aswStm; C:\WINDOWS\System32\drivers\aswStm.sys [208640 2018-10-19] (AVAST Software)
R0 aswVmm; C:\WINDOWS\System32\drivers\aswVmm.sys [381144 2018-10-19] (AVAST Software)
S3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus.sys [131712 2016-09-05] (Samsung Electronics Co., Ltd.)
R2 MBAMChameleon; C:\WINDOWS\System32\Drivers\MbamChameleon.sys [200232 2018-10-18] (Malwarebytes)
R3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [260384 2018-10-19] (Malwarebytes)
R3 nvlddmkm; C:\WINDOWS\System32\DriverStore\FileRepository\nvtdwu.inf_amd64_7b6a26f0085e5f11\nvlddmkm.sys [14190520 2017-01-17] (NVIDIA Corporation)
R3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [604160 2017-09-29] (Realtek )
R3 rtwlane_13; C:\WINDOWS\System32\drivers\rtwlane_13.sys [3717120 2017-09-29] (Realtek Semiconductor Corporation )
R3 SmbDrvI; C:\WINDOWS\system32\DRIVERS\Smb_driver_Intel.sys [51392 2017-06-02] (Synaptics Incorporated)
S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [165504 2016-09-05] (Samsung Electronics Co., Ltd.)
R3 Thotkey; C:\WINDOWS\System32\drivers\Thotkey.sys [45728 2015-11-26] (Toshiba Corporation)
S3 USBAAPL64; C:\WINDOWS\System32\Drivers\usbaapl64.sys [54784 2015-06-10] (Apple, Inc.) [Fichier non signé]
S3 WdBoot; C:\WINDOWS\system32\drivers\wd\WdBoot.sys [46072 2018-02-10] (Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\wd\WdFilter.sys [288848 2018-02-10] (Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [129616 2018-02-10] (Microsoft Corporation)
U3 idsvc; pas de ImagePath
==================== NetSvcs (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
==================== Un mois - Créés - fichiers et dossiers ========
(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)
2018-10-19 19:26 - 2018-10-19 19:27 - 000023877 _____ C:\Users\fred.splend\Desktop\FRST.txt
2018-10-19 19:26 - 2018-10-19 19:26 - 000000000 ____D C:\FRST
2018-10-19 19:25 - 2018-10-19 19:25 - 002414592 _____ (Farbar) C:\Users\fred.splend\Desktop\FRST64.exe
2018-10-19 18:53 - 2018-10-19 18:53 - 000260384 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamswissarmy.sys
2018-10-19 18:48 - 2018-10-19 18:48 - 000378584 _____ (AVAST Software) C:\WINDOWS\system32\aswBoot.exe
2018-10-19 18:48 - 2018-10-19 18:48 - 000015360 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswElam.sys
2018-10-19 18:48 - 2018-10-19 18:47 - 000042456 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswKbd.sys
2018-10-19 18:41 - 2018-10-19 18:41 - 000339129 _____ C:\Users\fred.splend\Desktop\ZHPDiag.txt
2018-10-19 18:30 - 2018-10-19 18:30 - 003172224 _____ C:\Users\fred.splend\ZHPDiag3.exe
2018-10-18 17:30 - 2018-10-18 17:30 - 000000000 ____D C:\Windows.old
2018-10-18 12:29 - 2018-10-19 18:30 - 000000783 _____ C:\Users\fred.splend\Desktop\ZHPDiag.lnk
2018-10-18 12:29 - 2018-10-18 12:29 - 003171712 _____ C:\Users\fred.splend\Downloads\ZHPDiag3.exe
2018-10-18 11:21 - 2018-10-18 11:21 - 000000000 ____D C:\Users\fred.splend\AppData\Local\mbam
2018-10-18 11:20 - 2018-10-18 11:20 - 000200232 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamChameleon.sys
2018-10-18 11:20 - 2018-10-18 11:20 - 000001919 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2018-10-18 11:20 - 2018-10-18 11:20 - 000000000 ____D C:\Users\fred.splend\AppData\Local\mbamtray
2018-10-18 11:20 - 2018-10-18 11:20 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes
2018-10-18 11:20 - 2018-09-11 13:18 - 000152688 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbae64.sys
2018-10-18 11:19 - 2018-10-18 11:19 - 000000000 ____D C:\ProgramData\MB2Migration
2018-10-18 11:19 - 2018-10-18 11:19 - 000000000 ____D C:\Program Files\Malwarebytes
2018-10-18 10:54 - 2018-10-18 10:54 - 007592144 _____ (Malwarebytes) C:\Users\fred.splend\Desktop\adwcleaner_7.2.4.0.exe
2018-10-18 10:34 - 2018-10-18 10:34 - 000000000 ____D C:\ProgramData\TOSHIBA Tempro
2018-10-18 10:34 - 2018-10-18 10:34 - 000000000 ____D C:\ProgramData\IsolatedStorage
2018-10-18 10:24 - 2018-10-18 10:26 - 000000934 _____ C:\Users\fred.splend\Desktop\ZHPCleaner.lnk
2018-10-18 10:24 - 2018-10-18 10:24 - 003281792 _____ C:\Users\fred.splend\Downloads\ZHPCleaner.exe
2018-10-18 10:23 - 2018-10-19 18:41 - 000000000 ____D C:\Users\fred.splend\AppData\Roaming\ZHP
2018-10-18 10:23 - 2018-10-18 12:29 - 000000000 ____D C:\Users\fred.splend\AppData\Local\ZHP
2018-10-18 10:22 - 2018-10-18 10:23 - 003275136 _____ C:\Users\fred.splend\Downloads\zhpcleaner_2018.9.3.169.exe
2018-10-07 17:39 - 2018-10-07 17:39 - 000001464 _____ C:\Users\Public\Desktop\Manuels EPSON.lnk
2018-10-07 17:36 - 2018-10-18 09:56 - 000000951 _____ C:\WINDOWS\Tasks\EPSON XP-620 Series Update {A1B37A47-F904-4201-A47A-E1CFB9BF48EB}.job
2018-10-07 17:36 - 2018-10-07 17:36 - 000004148 _____ C:\WINDOWS\System32\Tasks\EPSON XP-620 Series Update {A1B37A47-F904-4201-A47A-E1CFB9BF48EB}
2018-10-07 17:35 - 2018-10-18 09:56 - 000000951 _____ C:\WINDOWS\Tasks\EPSON XP-620 Series Update {815504E8-D6C9-406F-8F44-8725AA8232BA}.job
2018-10-07 17:35 - 2018-10-07 17:35 - 000004148 _____ C:\WINDOWS\System32\Tasks\EPSON XP-620 Series Update {815504E8-D6C9-406F-8F44-8725AA8232BA}
2018-10-07 17:14 - 2018-10-07 17:15 - 002519834 _____ C:\Users\fred.splend\Downloads\Ferring Corporate Presentation(1).pdf
2018-10-07 16:30 - 2018-06-08 14:09 - 000130808 _____ (Microsoft Corporation) C:\WINDOWS\system32\osrss.dll
2018-10-05 20:46 - 2018-10-05 20:46 - 000135971 _____ C:\Users\fred.splend\Downloads\Invoice_41010708330251503_7700768552102018.pdf
2018-10-05 20:46 - 2018-10-05 20:46 - 000135971 _____ C:\Users\fred.splend\Downloads\Invoice_41010708330251503_7700768552102018(1).pdf
2018-09-29 12:53 - 2018-09-29 12:53 - 000442630 _____ C:\Users\fred.splend\Downloads\1502390(5).pdf
2018-09-29 12:53 - 2018-09-29 12:53 - 000442630 _____ C:\Users\fred.splend\Downloads\1502390(4).pdf
2018-09-29 12:48 - 2018-09-29 12:48 - 000442630 _____ C:\Users\fred.splend\Downloads\1502390(3).pdf
2018-09-29 12:46 - 2018-09-29 12:46 - 000442630 _____ C:\Users\fred.splend\Downloads\1502390(2).pdf
2018-09-29 12:46 - 2018-09-29 12:46 - 000442630 _____ C:\Users\fred.splend\Downloads\1502390(1).pdf
2018-09-29 12:43 - 2018-09-29 12:44 - 000442630 _____ C:\Users\fred.splend\Downloads\1502390.pdf
2018-09-29 11:52 - 2018-05-04 11:37 - 000278448 _____ (Microsoft Corporation) C:\WINDOWS\system32\Notifier.exe
2018-09-29 11:35 - 2018-09-29 11:35 - 000000000 ____D C:\WINDOWS\UpdateAssistant
2018-09-29 11:35 - 2018-09-27 15:06 - 000025440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Luadgmgt.dll
2018-09-29 11:34 - 2018-06-13 23:14 - 000033792 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups2.dll
2018-09-29 11:33 - 2018-06-29 10:09 - 000170496 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhosdeployment.dll
2018-09-29 11:33 - 2018-06-29 09:58 - 000462336 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhext.dll
2018-09-29 11:33 - 2018-06-13 23:02 - 002786304 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2018-09-29 11:33 - 2018-06-08 08:07 - 000400896 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotification.exe
2018-09-29 11:33 - 2018-06-08 08:02 - 000253440 _____ (Microsoft Corporation) C:\WINDOWS\system32\domgmt.dll
2018-09-29 11:33 - 2018-06-08 07:57 - 001345024 _____ (Microsoft Corporation) C:\WINDOWS\system32\dosvc.dll
2018-09-29 11:33 - 2018-05-11 23:54 - 001300992 _____ (Microsoft Corporation) C:\WINDOWS\system32\usocore.dll
2018-09-23 13:47 - 2018-09-23 13:48 - 000074627 _____ C:\Users\fred.splend\Downloads\INT_AVB_08.2006_FR.pdf
2018-09-23 13:40 - 2018-09-23 13:40 - 000079576 _____ C:\Users\fred.splend\Downloads\fs-14824FR_reiseversicherung_intertours_fr(1).pdf
2018-09-23 13:39 - 2018-09-23 13:39 - 000079576 _____ C:\Users\fred.splend\Downloads\fs-14824FR_reiseversicherung_intertours_fr.pdf
2018-09-23 13:16 - 2018-09-23 13:16 - 000044485 _____ C:\Users\fred.splend\Downloads\SC-00000000001823210462(1).pdf
2018-09-23 13:15 - 2018-09-23 13:15 - 000044485 _____ C:\Users\fred.splend\Downloads\SC-00000000001823210462.pdf
2018-09-23 13:10 - 2018-09-23 13:10 - 000139429 _____ C:\Users\fred.splend\Downloads\invoice_23_09_2018 13_10_27.pdf
==================== Un mois - Modifiés - fichiers et dossiers ========
(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)
2018-10-19 19:23 - 2017-03-11 14:39 - 000000000 ____D C:\Users\fred.splend\AppData\Local\CrashDumps
2018-10-19 19:21 - 2018-01-25 17:09 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2018-10-19 19:20 - 2018-01-25 17:50 - 000004188 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{D13B6DE1-3BED-4701-90CD-7B21BC6FB832}
2018-10-19 19:04 - 2016-11-21 18:53 - 000000000 ____D C:\Users\fred.splend\AppData\LocalLow\Mozilla
2018-10-19 19:02 - 2018-01-25 21:03 - 000000000 ____D C:\Users\fred.splend\AppData\Local\Deployment
2018-10-19 18:57 - 2018-01-25 17:15 - 003255178 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2018-10-19 18:57 - 2017-09-30 16:40 - 001534938 _____ C:\WINDOWS\system32\perfh00C.dat
2018-10-19 18:57 - 2017-09-30 16:40 - 000374320 _____ C:\WINDOWS\system32\perfc00C.dat
2018-10-19 18:52 - 2018-01-25 17:50 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2018-10-19 18:52 - 2016-10-06 20:55 - 000000000 ____D C:\ProgramData\NVIDIA
2018-10-19 18:51 - 2017-09-29 10:45 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2018-10-19 18:49 - 2018-01-25 17:50 - 000003990 _____ C:\WINDOWS\System32\Tasks\Avast Emergency Update
2018-10-19 18:48 - 2018-01-26 11:47 - 000201408 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswArPot.sys
2018-10-19 18:48 - 2017-09-29 15:46 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2018-10-19 18:48 - 2015-10-16 18:50 - 000467904 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSP.sys
2018-10-19 18:48 - 2015-10-16 18:50 - 000381144 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswVmm.sys
2018-10-19 18:48 - 2015-10-16 18:50 - 000208640 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswStm.sys
2018-10-19 18:48 - 2015-10-16 18:50 - 000163376 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswMonFlt.sys
2018-10-19 18:48 - 2015-10-16 18:50 - 000111968 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRdr2.sys
2018-10-19 18:48 - 2015-10-16 18:50 - 000088112 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRvrt.sys
2018-10-19 18:48 - 2015-10-16 18:50 - 000047064 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswHwid.sys
2018-10-19 18:48 - 2012-01-27 20:55 - 000000000 ____D C:\ProgramData\AVAST Software
2018-10-19 18:47 - 2018-01-26 11:47 - 000185240 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswHdsKe.sys
2018-10-19 18:47 - 2017-03-12 13:36 - 000346760 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbloga.sys
2018-10-19 18:47 - 2017-03-12 13:36 - 000230512 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbidsdrivera.sys
2018-10-19 18:47 - 2017-03-12 13:36 - 000201928 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbidsha.sys
2018-10-19 18:47 - 2017-03-12 13:36 - 000059664 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbuniva.sys
2018-10-19 18:47 - 2015-10-16 18:50 - 001028840 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSnx.sys
2018-10-19 18:30 - 2018-01-25 17:20 - 000000000 ____D C:\Users\fred.splend
2018-10-19 18:26 - 2018-01-25 17:49 - 000045723 _____ C:\WINDOWS\diagwrn.xml
2018-10-19 18:26 - 2018-01-25 17:49 - 000045723 _____ C:\WINDOWS\diagerr.xml
2018-10-19 16:26 - 2017-09-29 15:46 - 000000000 ____D C:\WINDOWS\DeliveryOptimization
2018-10-19 16:25 - 2017-09-29 15:46 - 000000000 ___HD C:\Program Files\WindowsApps
2018-10-19 16:25 - 2017-09-29 15:46 - 000000000 ____D C:\WINDOWS\AppReadiness
2018-10-19 15:32 - 2018-03-09 17:38 - 000004210 _____ C:\WINDOWS\System32\Tasks\CCleaner Update
2018-10-19 15:17 - 2017-09-29 15:46 - 000000000 ____D C:\WINDOWS\Registration
2018-10-19 15:16 - 2018-04-12 19:25 - 000000000 ___HD C:\$WINDOWS.~BT
2018-10-18 19:24 - 2018-01-22 16:10 - 000000000 ___DC C:\WINDOWS\Panther
2018-10-18 12:22 - 2013-08-18 22:39 - 000000000 ____D C:\WINDOWS\system32\MRT
2018-10-18 12:18 - 2017-09-29 15:37 - 000000000 ____D C:\WINDOWS\CbsTemp
2018-10-18 12:18 - 2012-02-19 18:37 - 136745976 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2018-10-18 12:06 - 2016-11-02 23:02 - 000000000 ____D C:\Users\fred.splend\AppData\Local\7e13bd35834d640527cb0411e65ccc09
2018-10-18 11:19 - 2018-01-06 19:53 - 000000000 ____D C:\Program Files\rempl
2018-10-18 11:19 - 2012-01-27 21:06 - 000000000 ____D C:\ProgramData\Malwarebytes
2018-10-18 11:04 - 2018-01-26 12:06 - 000000000 ____D C:\Program Files (x86)\WinZip
2018-10-18 10:56 - 2013-09-10 00:09 - 000000000 ____D C:\AdwCleaner
2018-10-18 10:37 - 2018-01-25 17:22 - 000000000 ____D C:\Users\fred.splend\AppData\Local\Packages
2018-10-18 10:09 - 2018-01-25 17:50 - 000003388 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-260067723-2658648044-1364929071-1000
2018-10-18 10:09 - 2015-11-26 23:43 - 000002478 _____ C:\Users\fred.splend\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2018-10-18 10:09 - 2015-11-26 23:43 - 000000000 ___RD C:\Users\fred.splend\OneDrive
2018-10-18 09:56 - 2016-11-20 19:46 - 000000000 ____D C:\Program Files (x86)\Mozilla Firefox
2018-10-18 09:56 - 2012-04-27 21:19 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2018-10-15 16:28 - 2017-09-29 10:45 - 000032768 _____ C:\WINDOWS\system32\config\ELAM
2018-10-15 14:30 - 2017-04-26 16:16 - 000002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2018-10-07 17:39 - 2017-09-29 15:44 - 000000000 ____D C:\WINDOWS\INF
2018-10-07 17:39 - 2015-02-17 19:45 - 000001010 _____ C:\Users\Public\Desktop\EPSON Scan.lnk
2018-10-07 17:34 - 2015-02-17 19:45 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EPSON
2018-10-07 17:25 - 2015-02-17 19:17 - 000000000 ____D C:\ProgramData\Epson
2018-10-07 17:21 - 2015-02-17 19:45 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EPSON Software
2018-10-07 17:19 - 2012-02-05 17:35 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP
2018-10-07 17:19 - 2012-02-05 17:34 - 000000000 ____D C:\ProgramData\HP
2018-10-07 17:19 - 2012-02-05 17:34 - 000000000 ____D C:\Program Files\HP
2018-10-07 17:19 - 2012-02-05 17:34 - 000000000 ____D C:\Program Files (x86)\HP
2018-10-07 17:04 - 2016-11-27 19:54 - 000001235 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2018-10-07 16:43 - 2012-01-27 20:45 - 000000000 ____D C:\Users\fred.splend\AppData\LocalLow\Adobe
2018-10-02 21:57 - 2018-05-15 22:09 - 000835152 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2018-10-02 21:57 - 2018-05-15 22:09 - 000179792 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2018-09-30 04:15 - 2016-11-27 20:33 - 000000000 ____D C:\Program Files\CCleaner
2018-09-23 13:53 - 2018-03-25 14:24 - 000000000 ____D C:\Users\fred.splend\AppData\Local\ElevatedDiagnostics
2018-09-23 13:07 - 2018-01-25 17:50 - 000004562 _____ C:\WINDOWS\System32\Tasks\Adobe Acrobat Update Task
2018-09-23 13:06 - 2017-04-26 16:16 - 000002131 _____ C:\Users\Public\Desktop\Acrobat Reader DC.lnk
2018-09-23 13:04 - 2011-08-31 11:13 - 000002306 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
==================== Fichiers à la racine de certains dossiers =======
2018-10-19 18:30 - 2018-10-19 18:30 - 003172224 _____ () C:\Users\fred.splend\ZHPDiag3.exe
2016-10-31 19:20 - 2016-10-31 19:20 - 000000017 _____ () C:\Users\fred.splend\AppData\Local\resmon.resmoncfg
Fichiers à déplacer ou supprimer:
====================
C:\Users\FRED~1.SPL\AppData\Local\Temp\removeSZB.exe
Certains fichiers dans TEMP:
====================
2018-10-18 11:12 - 2018-10-18 11:08 - 002781728 _____ () C:\Users\fred.splend\AppData\Local\Temp\removeSZB.exe
==================== Bamital & volsnap ======================
(Il n'y a pas de correction automatique pour les fichiers qui ne satisfont pas à la vérification.)
C:\WINDOWS\system32\winlogon.exe => Le fichier est signé numériquement
C:\WINDOWS\system32\wininit.exe => Le fichier est signé numériquement
C:\WINDOWS\explorer.exe => Le fichier est signé numériquement
C:\WINDOWS\SysWOW64\explorer.exe => Le fichier est signé numériquement
C:\WINDOWS\system32\svchost.exe => Le fichier est signé numériquement
C:\WINDOWS\SysWOW64\svchost.exe => Le fichier est signé numériquement
C:\WINDOWS\system32\services.exe => Le fichier est signé numériquement
C:\WINDOWS\system32\User32.dll => Le fichier est signé numériquement
C:\WINDOWS\SysWOW64\User32.dll => Le fichier est signé numériquement
C:\WINDOWS\system32\userinit.exe => Le fichier est signé numériquement
C:\WINDOWS\SysWOW64\userinit.exe => Le fichier est signé numériquement
C:\WINDOWS\system32\rpcss.dll => Le fichier est signé numériquement
C:\WINDOWS\system32\dnsapi.dll => Le fichier est signé numériquement
C:\WINDOWS\SysWOW64\dnsapi.dll => Le fichier est signé numériquement
C:\WINDOWS\system32\Drivers\volsnap.sys => Le fichier est signé numériquement
LastRegBack: 2018-10-18 18:34
==================== Fin de FRST.txt ============================