Format du document : text/plain
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 3-07-2019
Ran by Léo (administrator) on LÉO-PC (SAMSUNG ELECTRONICS CO., LTD. 350V5C/351V5C/3540VC/3440VC) (10-07-2019 18:56:36)
Running from C:\Users\Léo\Desktop
Loaded Profiles: Léo (Available Profiles: Léo)
Platform: Windows 7 Ultimate Service Pack 1 (X64) Language: Anglais (États-Unis)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool:
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Apple Inc. -> Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Atheros) [File not signed] C:\Program Files (x86)\Qualcomm Atheros Fast Reconnect\Ath_WlanAgent.exe
(Google Inc -> Google LLC) C:\Users\Léo\AppData\Local\Google\Update\\GoogleCrashHandler.exe
(Google Inc -> Google LLC) C:\Users\Léo\AppData\Local\Google\Update\\GoogleCrashHandler64.exe
(Google LLC -> Google LLC) C:\Users\Léo\AppData\Local\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Users\Léo\AppData\Local\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Users\Léo\AppData\Local\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Users\Léo\AppData\Local\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Users\Léo\AppData\Local\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Users\Léo\AppData\Local\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Users\Léo\AppData\Local\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Users\Léo\AppData\Local\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Users\Léo\AppData\Local\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Users\Léo\AppData\Local\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Users\Léo\AppData\Local\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Users\Léo\AppData\Local\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Users\Léo\AppData\Local\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Users\Léo\AppData\Local\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Users\Léo\AppData\Local\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Users\Léo\AppData\Local\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Users\Léo\AppData\Local\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Users\Léo\AppData\Local\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Users\Léo\AppData\Local\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Users\Léo\AppData\Local\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Users\Léo\AppData\Local\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Users\Léo\AppData\Local\Google\Chrome\Application\chrome.exe
(Intel Corporation - pGFX -> Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Intel Corporation - pGFX -> Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation - pGFX -> Intel Corporation) C:\Windows\System32\igfxHK.exe
(Intel Corporation - pGFX -> Intel Corporation) C:\Windows\System32\igfxTray.exe
(Malwarebytes Corporation -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(Malwarebytes Corporation -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(M-Audio -> Avid Technology, Inc.) C:\Windows\System32\M-AudioTaskBarIcon.exe
(Microsoft Corporation -> Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corporation -> Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(TeamViewer GmbH -> TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
==================== Registry (Whitelisted) ===========================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [M-Audio Taskbar Icon] => C:\Windows\system32\M-AudioTaskBarIcon.exe [798216 2009-10-02] (M-Audio -> Avid Technology, Inc.)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => "C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [CheckUpdate] => C:\ProgramData\Update\fmaj5.exe [613888 2014-05-02] () [File not signed]
HKLM-x32\...\Run: [QuickTime Task] => "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
HKLM-x32\...\Run: [iSkysoft Helper Compact.exe] => C:\Program Files (x86)\Common Files\iSkysoft\iSkysoft Helper Compact\ISHelper.exe
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-09-13] (Apple Inc. -> Apple Inc.)
HKU\S-1-5-21-1149298868-2067588766-1365819076-1000\...\Run: [Google Update] => C:\Users\Léo\AppData\Local\Google\Update\\GoogleUpdateCore.exe [752424 2019-07-09] (Google Inc -> Google LLC)
HKLM\...\Drivers32: [msacm.vorbis] => C:\Windows\system32\vorbis.acm [1470976 2015-03-11] (HMS hxxp:// [File not signed]
HKLM\...\Drivers32: [msacm.vorbis] => C:\Windows\SysWOW64\vorbis.acm [1554944 2015-03-11] (HMS hxxp:// [File not signed]
HKLM\...\Drivers32: [vidc.iv50] => C:\Windows\SysWOW64\ir50_32.dll [746496 2009-07-14] (Microsoft Windows -> Intel Corporation)
HKLM\...\Drivers32: [msacm.iac2] => C:\Windows\SysWOW64\ [197632 2009-07-14] (Microsoft Windows -> Intel Corporation)
HKLM\Software\...\Authentication\Credential Providers: [{F8A0B131-5F68-486c-8040-7E8FC3C85BB6}] -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDCREDPROV.DLL [2012-07-17] (Microsoft Corporation -> Microsoft Corp.)
CHR HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION
==================== Scheduled Tasks (Whitelisted) =============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {4E69A3D4-F191-4FEE-B688-2C2E4E7F2FFA} - System32\Tasks\{1753EBF6-F68F-49CC-BB51-7EB4EBF45504} => C:\Windows\system32\pcalua.exe -a C:\ProgramData\ZombieNews\uninstall.exe -c /kb=y /ic=1
Task: {97FEC401-702B-4E1C-A4CF-689AEFC20107} - System32\Tasks\AdobeAAMUpdater-1.0-Léo-PC-Léo => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe
Task: {99A37104-9A02-4EA3-A620-499CDE2AAB36} - System32\Tasks\Microsoft\Windows Live\SOXE\Extractor Definitions Update Task => {3519154C-227E-47F3-9CC9-12C3F05817F1}
Task: {A172D169-EB53-4A0C-A7CF-5DA100124586} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1149298868-2067588766-1365819076-1000Core => C:\Users\Léo\AppData\Local\Google\Update\GoogleUpdate.exe [156456 2019-07-09] (Google Inc -> Google LLC)
Task: {A8CECB62-BFB5-4906-A905-7B4BAB80BBEB} - System32\Tasks\Microsoft\Windows\Application Experience\Microsoft Compatibility Appraiser => Command(2): %windir%\system32\rundll32.exe -> aepdu.dll,AePduRunUpdate -nolegacy
Task: {A8CECB62-BFB5-4906-A905-7B4BAB80BBEB} - System32\Tasks\Microsoft\Windows\Application Experience\Microsoft Compatibility Appraiser => Command(3): %windir%\system32\rundll32.exe -> appraiser.dll,DoScheduledTelemetryRun
Task: {B20215B5-9CB0-49FB-B321-8935AB4EAC61} - System32\Tasks\Microsoft\Windows\Application Experience\ProgramDataUpdater => Command(1): %windir%\system32\rundll32.exe -> aepdu.dll,AePduRunUpdate
Task: {B20215B5-9CB0-49FB-B321-8935AB4EAC61} - System32\Tasks\Microsoft\Windows\Application Experience\ProgramDataUpdater => Command(2): %windir%\system32\rundll32.exe -> invagent.dll,RunUpdate -noappraiser
Task: {C446050F-2AF8-4D38-AE3C-97DAAAFA6B35} - System32\Tasks\Locatorexewlidres => C:\\ProgramData\\cvolsnapwbiosrvc\Locatorexewlidres.exe
Task: {D11E14CB-ADA5-42B2-8D0E-CFAB5E492C20} - System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B => schtasks [Argument = /run /TN "\Microsoft\Windows\Setup\gwx\refreshgwxconfig"]
Task: {D44C1595-9EBD-4FF4-A2C1-310571D55F4E} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1149298868-2067588766-1365819076-1000UA => C:\Users\Léo\AppData\Local\Google\Update\GoogleUpdate.exe [156456 2019-07-09] (Google Inc -> Google LLC)
Task: {E460FAF1-4AB8-4F50-BBD1-AB13ACBE5FA8} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [561984 2011-06-01] (Apple Inc. -> Apple Inc.)
Task: {F4F0CE40-C23D-483A-9AB6-4E31712EE4FC} - System32\Tasks\BlueStacksHelper => C:\ProgramData\BlueStacks\Client\Helper\BlueStacksHelper.exe [745480 2019-04-16] (BlueStack Systems, Inc. -> BlueStack Systems, Inc.)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer]
Tcpip\..\Interfaces\{B8E448EC-69C5-4E60-AC3E-47A55928ACD4}: [NameServer],,,
Tcpip\..\Interfaces\{B8E448EC-69C5-4E60-AC3E-47A55928ACD4}: [DhcpNameServer]
Internet Explorer:
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Local Page =
HKU\S-1-5-21-1149298868-2067588766-1365819076-1000\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM -> {26080cad-4adc-49ac-8c63-eda16e595cbd} URL = hxxp://{searchTerms}
SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> {26080cad-4adc-49ac-8c63-eda16e595cbd} URL = hxxp://{searchTerms}
SearchScopes: HKU\S-1-5-21-1149298868-2067588766-1365819076-1000 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://{searchTerms}
SearchScopes: HKU\S-1-5-21-1149298868-2067588766-1365819076-1000 -> {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = hxxp://{searchTerms}
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17] (Microsoft Corporation -> Microsoft Corp.)
BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17] (Microsoft Corporation -> Microsoft Corp.)
StartMenuInternet: IEXPLORE.EXE - iexplore.exe
FF DefaultProfile: wW6pNSbH.default
FF ProfilePath: C:\Users\Léo\AppData\Roaming\Mozilla\Firefox\Profiles\wW6pNSbH.default [2019-07-10]
FF user.js: detected! => C:\Users\Léo\AppData\Roaming\Mozilla\Firefox\Profiles\wW6pNSbH.default\user.js [2019-07-06]
FF Plugin-x32:,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-13] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32:,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin HKU\S-1-5-21-1149298868-2067588766-1365819076-1000: Update;version=3 -> C:\Users\Léo\AppData\Local\Google\Update\\npGoogleUpdate3.dll [2019-07-09] (Google Inc -> Google LLC)
FF Plugin HKU\S-1-5-21-1149298868-2067588766-1365819076-1000: Update;version=9 -> C:\Users\Léo\AppData\Local\Google\Update\\npGoogleUpdate3.dll [2019-07-09] (Google Inc -> Google LLC)
CHR Profile: C:\Users\Léo\AppData\Local\Google\Chrome\User Data\Default [2019-07-10]
CHR Extension: (Slides) - C:\Users\Léo\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2019-07-09]
CHR Extension: (Paiements via le Chrome Web Store) - C:\Users\Léo\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2019-07-09]
CHR Extension: (Chrome Media Router) - C:\Users\Léo\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2019-07-09]
CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://
CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://
StartMenuInternet: Google Chrome.PDHUKQ5PKDYXFQT7AHWGABP634 - C:\Users\Léo\AppData\Local\Google\Chrome\Application\chrome.exe
OPR Extension: (No Name) - C:\Users\Léo\AppData\Roaming\Opera Software\Opera Stable\Extensions\nknpohplagminmhchlbhigcgcdfigion [2019-07-06]
==================== Services (Whitelisted) ====================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe [319376 2014-10-01] (Intel Corporation - pGFX -> Intel Corporation)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [6744288 2019-06-26] (Malwarebytes Corporation -> Malwarebytes)
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [11293936 2018-04-03] (TeamViewer GmbH -> TeamViewer GmbH)
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2014-05-15] (Microsoft Windows -> Microsoft Corporation)
R2 ZAtheros Wlan Agent; C:\Program Files (x86)\Qualcomm Atheros Fast Reconnect\Ath_WlanAgent.exe [57344 2011-08-10] (Atheros) [File not signed]
===================== Drivers (Whitelisted) ======================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R3 athr; C:\Windows\System32\DRIVERS\athrx.sys [2768384 2011-08-05] (Microsoft Windows Hardware Compatibility Publisher -> Atheros Communications, Inc.)
S3 automap; C:\Windows\System32\DRIVERS\automap.sys [18776 2012-04-19] (Focusrite Audio Engineering Limited -> Focusrite Audio Engineering Limited)
S3 blackberryncm; C:\Windows\System32\DRIVERS\blackberryncm6_AMD64.sys [25088 2014-09-08] (BlackBerry) [File not signed]
S3 BstkDrv; C:\Program Files (x86)\BlueStacks\BstkDrv.sys [269408 2018-06-21] (Bluestack Systems, Inc. -> Bluestack System Inc. )
R1 ISODrive; C:\Program Files (x86)\UltraISO\drivers\ISODrv64.sys [115600 2009-02-10] (SHENZHEN YIBO DIGITAL SYSTEMS DEVELOPMENT CO. LTD. -> EZB Systems, Inc.)
R3 MAUSBFASTTRACK; C:\Windows\System32\DRIVERS\MAudioFastTrack.sys [187912 2009-10-02] (M-Audio -> Avid Technology, Inc.)
R3 MBAMSwissArmy; C:\Windows\System32\Drivers\mbamswissarmy.sys [275232 2019-07-10] (Malwarebytes Corporation -> Malwarebytes)
R3 mlkumidi; C:\Windows\System32\drivers\mlkumidi.sys [55856 2014-08-30] (MusicLab, Inc. -> MusicLab, Inc.)
S3 NvnUsbAudio; C:\Windows\System32\DRIVERS\nvnusbaudio.sys [54000 2015-06-10] (Focusrite Audio Engineering Limited -> Novation DMS Ltd.)
S3 rimvndis; C:\Windows\System32\Drivers\rimvndis6_AMD64.sys [18432 2015-03-19] (BlackBerry Limited) [File not signed]
S3 RimVSerPort; C:\Windows\System32\DRIVERS\RimSerial_AMD64.sys [44544 2012-12-10] (Microsoft Windows Hardware Compatibility Publisher -> Research in Motion Ltd)
U5 RTSPER; C:\Windows\System32\Drivers\RTSPER.sys [788696 2015-02-07] (Realtek Semiconductor Corp -> Realsil Semiconductor Corporation)
R3 RTSUER; C:\Windows\System32\Drivers\RtsUer.sys [377560 2015-02-07] (Realtek Semiconductor Corp -> Realsil Semiconductor Corporation)
R3 SoundGridMIDI; C:\Windows\System32\drivers\SoundGridMidi.sys [43264 2018-03-15] (Waves Inc -> Waves Audio Ltd.)
R3 SoundGridMIDI; C:\Windows\SysWOW64\drivers\SoundGridMidi.sys [22016 2018-03-15] (Waves Audio Ltd.) [File not signed]
R2 SoundGridProtocol; C:\Windows\System32\DRIVERS\SoundGridProtocol.sys [117504 2018-03-15] (Waves Inc -> Waves Audio Ltd.)
R2 SoundGridProtocol; C:\Windows\SysWOW64\DRIVERS\SoundGridProtocol.sys [56832 2018-03-15] (Waves Audio Ltd.) [File not signed]
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One month (created) ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2099-01-21 15:19 - 2015-04-30 18:20 - 000000000 ____D C:\Windows\system32\appmgmt
2019-07-10 11:39 - 2019-07-10 11:39 - 000015335 _____ C:\Users\Léo\Downloads\fixing-boot-manager-using-startup-repair.pdf
2019-07-10 11:39 - 2019-07-10 11:39 - 000015335 _____ C:\Users\Léo\Downloads\fixing-boot-manager-using-startup-repair (1).pdf
2019-07-10 11:25 - 2019-07-10 11:34 - 000000000 ____D C:\Users\Léo\AppData\LocalLow\Mozilla
2019-07-10 11:25 - 2019-07-10 11:25 - 000000936 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2019-07-10 11:25 - 2019-07-10 11:25 - 000000924 _____ C:\Users\Public\Desktop\Firefox.lnk
2019-07-10 11:25 - 2019-07-10 11:25 - 000000000 ____D C:\Users\Léo\AppData\Local\Mozilla
2019-07-10 11:25 - 2019-07-10 11:25 - 000000000 ____D C:\ProgramData\Mozilla
2019-07-10 11:25 - 2019-07-10 11:25 - 000000000 ____D C:\Program Files\Mozilla Firefox
2019-07-10 11:25 - 2019-07-10 11:25 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2019-07-10 11:24 - 2019-07-10 11:25 - 047200464 _____ (Mozilla) C:\Users\Léo\Downloads\Firefox Setup 67.0.3.exe
2019-07-10 11:22 - 2019-07-10 11:22 - 000275232 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamswissarmy.sys
2019-07-09 22:26 - 2019-07-09 22:26 - 000002407 _____ C:\Users\Léo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2019-07-09 22:26 - 2019-07-09 22:26 - 000002370 _____ C:\Users\Léo\Desktop\Google Chrome.lnk
2019-07-09 22:25 - 2019-07-09 22:25 - 000003674 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1149298868-2067588766-1365819076-1000UA
2019-07-09 22:25 - 2019-07-09 22:25 - 000003402 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1149298868-2067588766-1365819076-1000Core
2019-07-09 09:58 - 2019-07-09 10:10 - 000015547 _____ C:\Users\Léo\Desktop\Fixlog.txt
2019-07-08 17:21 - 2019-07-08 17:24 - 000043873 _____ C:\Users\Léo\Desktop\Addition.txt
2019-07-08 17:19 - 2019-07-10 18:57 - 000017846 _____ C:\Users\Léo\Desktop\FRST.txt
2019-07-08 17:19 - 2019-07-10 18:56 - 000000000 ____D C:\FRST
2019-07-08 17:19 - 2019-07-08 17:19 - 002420224 _____ (Farbar) C:\Users\Léo\Desktop\FRST64.exe
2019-07-08 14:46 - 2019-07-08 14:46 - 000253280 _____ C:\Users\Léo\Desktop\ZHPCleaner (R).txt
2019-07-08 13:08 - 2019-07-08 13:08 - 003033984 _____ (Nicolas Coolman) C:\Users\Léo\ZHPDiag3.exe
2019-07-08 12:50 - 2019-07-08 12:50 - 000051349 _____ C:\Users\Léo\Desktop\Malware bytes.txt
2019-07-08 12:02 - 2019-07-08 12:02 - 000000000 ____D C:\Users\Léo\AppData\Local\mbamtray
2019-07-08 12:02 - 2019-07-08 12:02 - 000000000 ____D C:\Users\Léo\AppData\Local\mbam
2019-07-08 12:01 - 2019-07-08 12:01 - 000001867 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2019-07-08 12:01 - 2019-07-08 12:01 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes
2019-07-08 12:01 - 2019-07-08 12:01 - 000000000 ____D C:\Program Files\Malwarebytes
2019-07-08 12:01 - 2019-07-08 11:58 - 064455440 _____ (Malwarebytes ) C:\Users\Léo\Desktop\mb3-setup-consumer-
2019-07-08 12:01 - 2019-01-08 16:32 - 000153328 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbae64.sys
2019-07-08 11:52 - 2019-07-08 12:08 - 000000000 ____D C:\Users\Léo\Desktop\déinfection pc
2019-07-08 11:52 - 2019-07-08 11:52 - 000008193 _____ C:\Users\Léo\Desktop\AdwCleaner[C00].txt
2019-07-08 11:46 - 2019-07-08 11:48 - 000000000 ____D C:\AdwCleaner
2019-07-08 11:45 - 2019-07-08 11:45 - 007025360 _____ (Malwarebytes) C:\Users\Léo\Downloads\adwcleaner_7.3.exe
2019-07-08 11:42 - 2019-07-08 14:35 - 000250815 _____ C:\Users\Léo\Desktop\ZHPCleaner (S).txt
2019-07-08 11:34 - 2019-07-08 11:34 - 003140480 _____ (Nicolas Coolman) C:\Users\Léo\Downloads\ZHPCleaner.exe
2019-07-08 11:34 - 2019-07-08 11:34 - 000000826 _____ C:\Users\Léo\Desktop\ZHPCleaner.lnk
2019-07-08 11:22 - 2019-07-08 11:22 - 007411912 _____ (VS Revo Group ) C:\Users\Léo\Downloads\revosetup.exe
2019-07-08 11:22 - 2019-07-08 11:22 - 000001034 _____ C:\Users\Public\Desktop\Revo Uninstaller.lnk
2019-07-08 11:22 - 2019-07-08 11:22 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Revo Uninstaller
2019-07-08 11:22 - 2019-07-08 11:22 - 000000000 ____D C:\Program Files\VS Revo Group
2019-07-07 19:38 - 2019-07-10 18:55 - 000293939 _____ C:\Users\Léo\Desktop\ZHPDiag.txt
2019-07-07 18:10 - 2019-07-08 13:08 - 000000663 _____ C:\Users\Léo\Desktop\ZHPDiag.lnk
2019-07-07 18:09 - 2019-07-10 18:55 - 000000000 ____D C:\Users\Léo\AppData\Roaming\ZHP
2019-07-07 18:09 - 2019-07-08 11:34 - 000000000 ____D C:\Users\Léo\AppData\Local\ZHP
2019-07-07 18:09 - 2019-07-07 18:09 - 003033984 _____ (Nicolas Coolman) C:\Users\Léo\Downloads\ZHPDiag3.exe
2019-07-07 17:43 - 2019-07-07 17:43 - 000130501 _____ C:\Users\Léo\Downloads\
2019-07-07 17:42 - 2019-07-07 17:42 - 000004061 _____ C:\Users\Léo\Downloads\Reset-WindowsUpdate.ps1
2019-07-07 17:26 - 2019-07-07 17:26 - 000313366 _____ C:\Users\Léo\Downloads\WindowsUpdate.diagcab
2019-07-07 06:53 - 2019-07-07 06:54 - 031264856 _____ (M-Audio) C:\Users\Léo\Downloads\Install M-Audio M-Track 8X4M 1.0.3.exe
2019-07-07 06:39 - 2019-07-07 06:39 - 005074344 _____ (Easeware ) C:\Users\Léo\Downloads\DriverEasy_Setup.exe
2019-07-07 02:11 - 2019-07-07 02:11 - 000000000 ____D C:\Anti-Malware
2019-07-07 02:10 - 2019-07-07 02:10 - 000000000 ____D C:\Windows\system32\Drivers\etc\BACKUP
2019-07-07 02:10 - 2019-07-07 02:10 - 000000000 ____D C:\Program Files (x86)\Malwarebytes
2019-07-07 02:07 - 2019-07-07 02:08 - 065859251 _____ C:\Users\Léo\Downloads\malwarebytes licencia full.rar
2019-07-07 01:46 - 2019-07-07 06:56 - 000000000 ____D C:\ProgramData\LimagitoX
2019-07-07 01:45 - 2019-07-07 01:45 - 000003754 _____ C:\Windows\System32\Tasks\Locatorexewlidres
2019-07-07 01:44 - 2019-07-07 02:55 - 000000000 __SHD C:\ProgramData\cvolsnapwbiosrvc
2019-07-07 01:44 - 2019-07-07 01:44 - 057686458 _____ ( ) C:\ProgramData\llimagitox.exe
2019-07-07 01:40 - 2019-07-07 01:40 - 060120186 _____ C:\Users\Léo\Downloads\Files.rar
2019-07-06 22:20 - 2019-07-09 10:21 - 000000000 ____D C:\Windows\pss
2019-07-06 22:16 - 2019-07-08 11:46 - 000000000 ____D C:\Program Files (x86)\Malwarebytes Anti-Malware
2019-07-06 22:08 - 2019-07-06 22:09 - 005569984 _____ (Microsoft Corporation) C:\Windows\system32\ntkrnlmp.exe
2019-07-06 22:08 - 2019-07-06 22:09 - 000606208 _____ (Microsoft Corporation) C:\Windows\system32\osloader.exe
2019-07-06 20:29 - 2019-07-07 07:54 - 000000000 ____D C:\Program Files (x86)\rZdaClXBU
2019-07-06 20:29 - 2019-07-07 05:58 - 000000000 ____D C:\Users\Léo\AppData\Roaming\1337
2019-07-06 20:29 - 2019-07-07 02:36 - 000000000 ____D C:\Windows\System32\Tasks\System
2019-07-06 20:29 - 2019-07-06 20:29 - 000000000 ____D C:\ProgramData\jbrd1DZBJBYK
2019-07-06 20:28 - 2019-07-06 22:07 - 000000290 __RSH C:\Users\Léo\ntuser.pol
2019-07-06 20:28 - 2019-07-06 20:30 - 000003242 __RSH C:\ProgramData\ntuser.pol
2019-07-06 20:27 - 2019-07-06 20:30 - 000000000 ____D C:\Users\Léo\AppData\Local\Mail.Ru
2019-07-06 20:27 - 2019-07-06 20:27 - 000000000 ____D C:\Users\Léo\AppData\Roaming\Python
2019-07-06 20:27 - 2019-07-02 14:46 - 000084480 _____ C:\Users\Léo\AppData\Local\task.dll
2019-07-06 20:21 - 2019-07-06 20:22 - 001126961 _____ C:\Users\Léo\Downloads\
2019-07-06 19:58 - 2019-07-06 19:58 - 000000000 ____D C:\Users\Léo\Desktop\RGC Audio z3ta Plus Access Virus VSTi v1.2.Retail-ELiTE
2019-07-06 19:58 - 2019-07-06 19:58 - 000000000 ____D C:\Users\Léo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\RGC.Audio.z3ta+_Access.Virus.VSTi.v1.2.Retail-Elite
2019-07-06 19:58 - 2019-07-06 19:58 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RGC.Audio.z3ta+_Access.Virus.VSTi.v1.2.Retail-Elite
2019-07-06 19:56 - 2019-07-06 19:57 - 003467089 _____ C:\Users\Léo\Downloads\1819.rar
2019-07-04 22:56 - 2019-07-04 22:58 - 099855508 _____ C:\Users\Léo\Downloads\
2019-07-03 12:41 - 2019-07-03 12:41 - 000312944 _____ C:\Users\Léo\Downloads\Adresse bien présentée…Courrier mieux distribué.pdf
2019-07-01 22:21 - 2019-07-01 22:21 - 000002104 _____ C:\Users\Public\Desktop\Google Earth.lnk
2019-07-01 22:21 - 2019-07-01 22:21 - 000000000 ____D C:\Users\Léo\AppData\LocalLow\Google
2019-07-01 22:21 - 2019-07-01 22:21 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Earth
2019-07-01 22:19 - 2019-07-01 22:20 - 030589432 _____ C:\Users\Léo\Downloads\GoogleEarthWin.exe
2019-07-01 22:12 - 2019-07-02 11:02 - 000000000 ____D C:\Program Files\Google
2019-07-01 22:04 - 2019-07-01 22:06 - 014993976 _____ (Macrovision Corporation) C:\Users\Léo\Downloads\Google Earth402737.exe
2019-06-30 19:55 - 2019-06-30 19:55 - 000019629 _____ C:\Users\Léo\Downloads\INV0021.pdf
2019-06-29 12:03 - 2019-07-04 22:51 - 000000000 ____D C:\Users\Léo\Desktop\Waves
2019-06-27 12:25 - 2019-06-27 12:34 - 000000000 ____D C:\ProgramData\Waves Audio
2019-06-27 12:16 - 2019-06-27 12:25 - 000000000 ____D C:\Program Files (x86)\Waves
2019-06-27 11:51 - 2018-03-15 04:06 - 000117504 _____ (Waves Audio Ltd.) C:\Windows\system32\Drivers\SoundGridProtocol.sys
2019-06-27 11:51 - 2018-03-15 04:06 - 000088576 _____ (Waves Audio Ltd.) C:\Windows\system32\SoundGridAsio.dll
2019-06-27 11:51 - 2018-03-15 04:06 - 000069632 _____ (Waves Audio Ltd.) C:\Windows\SysWOW64\SoundGridAsio.dll
2019-06-27 11:51 - 2018-03-15 04:06 - 000056832 _____ (Waves Audio Ltd.) C:\Windows\SysWOW64\Drivers\SoundGridProtocol.sys
2019-06-27 11:51 - 2018-03-15 04:06 - 000043264 _____ (Waves Audio Ltd.) C:\Windows\system32\Drivers\SoundGridMidi.sys
2019-06-27 11:51 - 2018-03-15 04:06 - 000025088 _____ (Waves Audio Ltd.) C:\Windows\system32\SoundGridInstHlp.dll
2019-06-27 11:51 - 2018-03-15 04:06 - 000022016 _____ (Waves Audio Ltd.) C:\Windows\SysWOW64\Drivers\SoundGridMidi.sys
2019-06-27 11:51 - 2018-03-15 04:06 - 000018944 _____ (Waves Audio Ltd.) C:\Windows\SysWOW64\SoundGridInstHlp.dll
2019-06-22 21:04 - 2019-06-22 21:14 - 000000000 ____D C:\Users\Léo\Desktop\Nouveau dossier
2019-06-21 21:33 - 2019-06-21 21:33 - 000005936 _____ C:\Users\Léo\Downloads\
2019-06-17 22:33 - 2019-07-01 22:18 - 000000000 ____D C:\Users\Léo\AppData\Roaming\Google
2019-06-15 22:55 - 2019-06-20 16:21 - 000000000 ____D C:\Users\Léo\Desktop\SAMPLES
2019-06-13 17:10 - 2019-06-13 17:11 - 000000000 ___RD C:\Users\Léo\Desktop\LEOBENSALEM_SOUNDS_V4
==================== One month (modified) ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2019-07-10 18:43 - 2017-12-01 23:37 - 000000000 ___RD C:\Users\Léo\Desktop\exports
2019-07-10 18:37 - 2018-04-15 22:18 - 000000000 ____D C:\ProgramData\ValhallaVintageVerbPreferences
2019-07-10 18:37 - 2018-04-15 22:18 - 000000000 ____D C:\ProgramData\ValhallaVintageVerb
2019-07-10 18:37 - 2018-04-15 22:18 - 000000000 ____D C:\ProgramData\ValhallaRoomPreferences
2019-07-10 18:37 - 2018-04-15 22:18 - 000000000 ____D C:\ProgramData\ValhallaRoom
2019-07-10 11:29 - 2009-07-14 06:45 - 000026576 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2019-07-10 11:29 - 2009-07-14 06:45 - 000026576 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2019-07-10 11:25 - 2015-05-01 00:34 - 000000000 ____D C:\Users\Léo\AppData\Roaming\Mozilla
2019-07-10 11:22 - 2019-04-24 17:47 - 000000000 ____D C:\ProgramData\Update
2019-07-10 11:22 - 2018-05-23 22:22 - 000000000 ____D C:\Program Files (x86)\TeamViewer
2019-07-10 11:22 - 2009-07-14 07:08 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2019-07-09 23:04 - 2015-06-10 13:04 - 000000000 ____D C:\Program Files (x86)\Google
2019-07-09 22:25 - 2015-06-10 13:04 - 000000000 ____D C:\Users\Léo\AppData\Local\Google
2019-07-09 22:18 - 2015-06-08 22:04 - 000000000 ____D C:\Users\Léo\AppData\Local\ElevatedDiagnostics
2019-07-09 22:18 - 2009-07-14 05:20 - 000000000 ____D C:\Windows\system32\NDF
2019-07-09 20:19 - 2018-04-15 22:18 - 000000000 ____D C:\ProgramData\ValhallaShimmer
2019-07-09 10:03 - 2019-02-20 14:22 - 000000000 ____D C:\Users\Léo\AppData\LocalLow\Temp
2019-07-08 13:08 - 2015-02-16 18:41 - 000000000 ____D C:\Users\Léo
2019-07-08 12:50 - 2015-02-16 19:14 - 000000000 ____D C:\Users\Léo\Desktop\progs
2019-07-08 12:04 - 2015-03-12 22:42 - 000746014 _____ C:\Windows\system32\perfh00C.dat
2019-07-08 12:04 - 2015-03-12 22:42 - 000149906 _____ C:\Windows\system32\perfc00C.dat
2019-07-08 12:04 - 2009-07-14 07:13 - 001669584 _____ C:\Windows\system32\PerfStringBackup.INI
2019-07-08 12:04 - 2009-07-14 05:20 - 000000000 ____D C:\Windows\inf
2019-07-08 12:02 - 2015-05-06 19:55 - 000000000 ____D C:\ProgramData\Malwarebytes
2019-07-08 11:18 - 2009-07-14 07:08 - 000032620 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2019-07-07 12:20 - 2018-05-07 20:37 - 000000000 ____D C:\Program Files\Gramblr
2019-07-06 20:27 - 2009-07-14 05:20 - 000000000 ___HD C:\Windows\system32\GroupPolicy
2019-07-06 20:01 - 2018-04-15 22:18 - 000000000 ____D C:\ProgramData\ValhallaUberMod
2019-07-06 20:01 - 2018-04-15 22:18 - 000000000 ____D C:\ProgramData\ValhallaPlate
2019-07-06 20:00 - 2015-02-16 19:18 - 000000000 ____D C:\Program Files (x86)\VstPlugins
2019-07-04 17:52 - 2018-06-17 01:49 - 000000000 ___RD C:\Users\Léo\Desktop\01
2019-07-02 19:25 - 2018-05-27 18:56 - 000000000 ____D C:\ProgramData\boost_interprocess
2019-07-01 22:17 - 2015-02-16 18:45 - 000000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2019-07-01 18:58 - 2015-03-25 14:01 - 000000000 ____D C:\Users\Léo\AppData\Local\CrashDumps
2019-06-29 23:53 - 2018-10-31 23:23 - 000000000 ____D C:\Users\Léo\Desktop\plug in disparus
2019-06-27 12:27 - 2018-05-27 18:17 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Waves
2019-06-27 12:25 - 2018-05-27 18:16 - 000000000 ____D C:\Users\Public\Waves Audio
2019-06-27 12:10 - 2015-03-01 19:10 - 000000000 ____D C:\Program Files\Common Files\VST3
2019-06-19 13:27 - 2019-03-27 19:53 - 000000000 ____D C:\Users\Léo\Desktop\Sounds of KSHMR (Vol.1, Vol.2 & Vol.3)
2019-06-18 14:18 - 2018-01-10 16:57 - 000000000 ____D C:\Users\Léo\Documents\Camtasia Studio
2019-06-18 00:04 - 2015-03-19 19:57 - 000020480 _____ C:\Users\Léo\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2019-06-16 22:30 - 2015-11-13 21:28 - 000000000 ____D C:\Users\Léo\AppData\Roaming\Ample Sound
2019-06-10 12:37 - 2019-03-14 01:47 - 000000000 ____D C:\Users\Léo\Desktop\Nouveau dossier (14)
==================== Files in the root of some directories ================
2019-07-07 01:44 - 2019-07-07 01:44 - 057686458 _____ ( ) C:\ProgramData\llimagitox.exe
2019-07-08 13:08 - 2019-07-08 13:08 - 003033984 _____ (Nicolas Coolman) C:\Users\Léo\ZHPDiag3.exe
2018-05-07 21:56 - 2018-05-07 21:56 - 000000132 _____ () C:\Users\Léo\AppData\Roaming\Préfs Filtre IllExportation Adobe CS6
2018-05-07 21:17 - 2019-05-11 22:08 - 000000132 _____ () C:\Users\Léo\AppData\Roaming\Préfs Format PNG Adobe CS6
2015-03-19 19:57 - 2019-06-18 00:04 - 000020480 _____ () C:\Users\Léo\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2017-11-18 16:37 - 2017-11-18 16:37 - 000007606 _____ () C:\Users\Léo\AppData\Local\Resmon.ResmonCfg
2019-07-06 20:27 - 2019-07-02 14:46 - 000084480 _____ () C:\Users\Léo\AppData\Local\task.dll
==================== SigCheck ===============================
(There is no automatic fix for files that do not pass verification.)
ATTENTION: ==> Could not access BCD. -> 'C:\Windows\system32\bcdedit' n'est pas reconnu en tant que commande interne
ou externe, un programme ex�cutable ou un fichier de commandes.
LastRegBack: 2015-05-05 16:08
==================== End of FRST.txt ============================