Résultats d'analyse de Farbar Recovery Scan Tool (FRST) (x86) Version: 20-08-2017 Exécuté par laurent (administrateur) sur PC-DE-LAURENT (28-08-2017 19:58:31) Exécuté depuis C:\Users\laurent\Desktop Profils chargés: laurent (Profils disponibles: laurent) Platform: Microsoft® Windows Vista™ Édition Familiale Premium Service Pack 2 (X86) Langue: Français (France) Internet Explorer Version 7 (Navigateur par défaut: FF) Mode d'amorçage: Normal Tutoriel pour Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processus (Avec liste blanche) ================= (Si un élément est inclus dans le fichier fixlist.txt, le processus sera arrêté. Le fichier ne sera pas déplacé.) (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe (Microsoft Corporation) C:\Windows\System32\SLsvc.exe (Microsoft Corporation) C:\Windows\System32\wlanext.exe (Avira Operations GmbH & Co. KG) C:\Program Files\Avira\Antivirus\sched.exe (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe (Andrea Electronics Corporation) C:\Windows\System32\AEstSrv.exe (Avira Operations GmbH & Co. KG) C:\Program Files\Avira\Antivirus\avguard.exe (CANON INC.) C:\Program Files\Canon\IJ Scan Utility\SETEVENT.exe (Intel Corporation) C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTmon.exe (Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe (DEVGURU Co., LTD.) C:\Program Files\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe (IDT, Inc.) C:\Windows\System32\stacsv.exe (TomTom) C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe (TuneUp Software) C:\Program Files\TuneUp Utilities 2013\TuneUpUtilitiesService32.exe (Conexant Systems, Inc.) C:\Windows\System32\drivers\XAudio.exe (Avira Operations GmbH & Co. KG) C:\Program Files\Avira\Launcher\Avira.ServiceHost.exe (Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe (Microsoft Corporation) C:\Windows\System32\wbem\unsecapp.exe (Avira Operations GmbH & Co. KG) C:\Program Files\Avira\Antivirus\avshadow.exe (TuneUp Software) C:\Program Files\TuneUp Utilities 2013\TuneUpUtilitiesApp32.exe (Intel Corporation) C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe (Avira Operations GmbH & Co. KG) C:\Program Files\Avira\Antivirus\avgnt.exe (Elaborate Bytes AG) C:\Program Files\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe (IDT, Inc.) C:\Program Files\SigmaTel\C-Major Audio\WDM\sttray.exe (Microsoft Corporation) C:\Windows\ehome\ehtray.exe (Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe (Avira Operations GmbH & Co. KG) C:\Program Files\Avira\Launcher\Avira.Systray.exe (Microsoft Corporation) C:\Windows\System32\wbem\unsecapp.exe (Microsoft Corporation) C:\Windows\ehome\ehmsas.exe (Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe (Tonec Inc.) C:\Program Files\Internet Download Manager\IDMan.exe (Microsoft Corporation) C:\Windows\System32\conime.exe (Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jusched.exe (Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jucheck.exe ==================== Registre (Avec liste blanche) ==================== (Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé. Le fichier ne sera pas déplacé.) HKLM\...\Run: [Windows Defender] => C:\Program Files\Windows Defender\MSASCui.exe [1008184 2008-01-21] (Microsoft Corporation) HKLM\...\Run: [IAAnotif] => C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe [174872 2007-02-12] (Intel Corporation) HKLM\...\Run: [avgnt] => C:\Program Files\Avira\Antivirus\avgnt.exe [831576 2016-09-01] (Avira Operations GmbH & Co. KG) HKLM\...\Run: [Avira SystrayStartTrigger] => C:\Program Files\Avira\Launcher\Avira.SystrayStartTrigger.exe [67840 2016-07-11] (Avira Operations GmbH & Co. KG) HKLM\...\Run: [VirtualCloneDrive] => C:\Program Files\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe [88984 2013-03-10] (Elaborate Bytes AG) HKLM\...\Run: [SigmatelSysTrayApp] => C:\Program Files\SigmaTel\C-Major Audio\WDM\sttray.exe [405504 2007-09-13] (IDT, Inc.) HKU\S-1-5-21-732756086-2140749639-2061509908-1000\...\Run: [IDM trial reset] => E:\telechargement\[opensource] IDM trial reset.rar\[opensource] IDM trial reset\idm_trial_reset.exe [1179136 2015-04-11] () HKU\S-1-5-21-732756086-2140749639-2061509908-1000\...\Run: [ehTray.exe] => C:\Windows\ehome\ehTray.exe [125952 2008-01-21] (Microsoft Corporation) HKU\S-1-5-21-732756086-2140749639-2061509908-1000\...\Run: [SmartSwitchPDLR.exe] => C:\Program Files\Samsung\Smart Switch PC\SmartSwitchPDLR.exe [1037984 2017-05-20] (Samsung) HKU\S-1-5-21-732756086-2140749639-2061509908-1000\...\MountPoints2: {3ae2a863-7510-11e7-a5d2-001d09db23a7} - I:\HiSuiteDownLoader.exe HKU\S-1-5-21-732756086-2140749639-2061509908-1000\...\MountPoints2: {82110d50-7437-11e7-9c15-001d09db23a7} - I:\HiSuiteDownLoader.exe HKU\S-1-5-21-732756086-2140749639-2061509908-1000\...\MountPoints2: {82110d5a-7437-11e7-9c15-001d09db23a7} - I:\HiSuiteDownLoader.exe IFEO\dropbox.exe: [Debugger] "C:\Program Files\TuneUp Utilities 2013\TUAutoReactivator32.exe" IFEO\dropboxuninstaller.exe: [Debugger] "C:\Program Files\TuneUp Utilities 2013\TUAutoReactivator32.exe" Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\BTTray.lnk [2013-01-12] ShortcutTarget: BTTray.lnk -> C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe (Broadcom Corporation.) Startup: C:\Users\laurent\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk [2015-03-19] ShortcutTarget: Dropbox.lnk -> C:\Users\laurent\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.) BootExecute: autocheck autochk * sdnclean.exe GroupPolicy: Restriction ? <==== ATTENTION ==================== Internet (Avec liste blanche) ==================== (Si un élément est inclus dans le fichier fixlist.txt, s'il s'agit d'un élément du Registre, il sera supprimé ou restauré à la valeur par défaut.) ProxyServer: [S-1-5-21-732756086-2140749639-2061509908-1000] => localhost:8080 AutoConfigURL: [S-1-5-21-732756086-2140749639-2061509908-1000] => localhost:8080 Tcpip\Parameters: [DhcpNameServer] 212.27.40.241 212.27.40.240 Tcpip\..\Interfaces\{FAD6359B-1169-47D0-8B9F-C60622DE22AC}: [DhcpNameServer] 212.27.40.241 212.27.40.240 Internet Explorer: ================== HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\S-1-5-21-732756086-2140749639-2061509908-1000 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = BHO: IDM integration (IDMIEHlprObj Class) -> {0055C089-8582-441B-A0BF-17B458C2A3A8} -> C:\Program Files\Internet Download Manager\IDMIECC.dll [2017-07-12] (Internet Download Manager, Tonec Inc.) BHO: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2012-07-27] (Adobe Systems Incorporated) BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_65\bin\ssv.dll [2015-10-22] (Oracle Corporation) BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation) BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_65\bin\jp2ssv.dll [2015-10-22] (Oracle Corporation) FireFox: ======== FF ProfilePath: C:\Users\laurent\AppData\Roaming\TomTom\HOME\Profiles\bd028vj8.default [2014-11-04] FF Extension: (Emulator) - C:\Users\laurent\AppData\Roaming\TomTom\HOME\Profiles\bd028vj8.default\Extensions\Navcore.9.510.1234792@tomtom.com [2014-11-04] [non signé] FF Extension: (Map status indicator) - C:\Program Files\TomTom HOME 2\xul\extensions\MapShare-status@tomtom.com [2014-11-04] [non signé] FF ProfilePath: C:\Users\laurent\AppData\Roaming\Mozilla\Firefox\Profiles\i551s25d.default-1473367046036 [2017-08-28] FF Session Restore: Mozilla\Firefox\Profiles\i551s25d.default-1473367046036 -> est activé. FF Extension: (Visualisateur 3D de 20-20) - C:\Users\laurent\AppData\Roaming\Mozilla\Firefox\Profiles\i551s25d.default-1473367046036\Extensions\2020Player_IKEA@2020Technologies.com [2017-01-02] FF Extension: (ADB Helper) - C:\Users\laurent\AppData\Roaming\Mozilla\Firefox\Profiles\i551s25d.default-1473367046036\Extensions\adbhelper@mozilla.org [2017-08-03] FF Extension: (Keepa - Amazon Price Tracker) - C:\Users\laurent\AppData\Roaming\Mozilla\Firefox\Profiles\i551s25d.default-1473367046036\Extensions\amptra@keepa.com.xpi [2017-06-16] FF Extension: (InvisibleHand) - C:\Users\laurent\AppData\Roaming\Mozilla\Firefox\Profiles\i551s25d.default-1473367046036\Extensions\canitbecheaper@trafficbroker.co.uk.xpi [2017-07-01] FF Extension: (Alerte Bons Plans eBuyClub) - C:\Users\laurent\AppData\Roaming\Mozilla\Firefox\Profiles\i551s25d.default-1473367046036\Extensions\ebctb@plebicom.xul.xpi [2017-03-23] FF Extension: (Firebug) - C:\Users\laurent\AppData\Roaming\Mozilla\Firefox\Profiles\i551s25d.default-1473367046036\Extensions\firebug@software.joehewitt.com.xpi [2017-03-01] FF Extension: (MEGA) - C:\Users\laurent\AppData\Roaming\Mozilla\Firefox\Profiles\i551s25d.default-1473367046036\Extensions\firefox@mega.co.nz.xpi [2017-08-18] FF Extension: (Valence) - C:\Users\laurent\AppData\Roaming\Mozilla\Firefox\Profiles\i551s25d.default-1473367046036\Extensions\fxdevtools-adapters@mozilla.org [2017-08-03] FF Extension: (Visualisateur 3D de 20-20) - C:\Users\laurent\AppData\Roaming\Mozilla\Firefox\Profiles\i551s25d.default-1473367046036\Extensions\NP_2020Player_IS@2020Technologies.com [2017-03-27] FF Extension: (Pas de nom) - C:\Users\laurent\AppData\Roaming\Mozilla\Firefox\Profiles\i551s25d.default-1473367046036\Extensions\support@shoptimate.com.xpi [2017-07-17] FF Extension: (uBlock Origin) - C:\Users\laurent\AppData\Roaming\Mozilla\Firefox\Profiles\i551s25d.default-1473367046036\Extensions\uBlock0@raymondhill.net.xpi [2017-07-19] FF Extension: (Google Analytics Opt-out Add-on (by Google)) - C:\Users\laurent\AppData\Roaming\Mozilla\Firefox\Profiles\i551s25d.default-1473367046036\Extensions\{6d96bb5e-1175-4ebf-8ab5-5f56f1c79f65}.xpi [2017-04-01] FF Extension: (Adblock Plus) - C:\Users\laurent\AppData\Roaming\Mozilla\Firefox\Profiles\i551s25d.default-1473367046036\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2017-06-07] FF Extension: (Greasemonkey) - C:\Users\laurent\AppData\Roaming\Mozilla\Firefox\Profiles\i551s25d.default-1473367046036\Extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}.xpi [2017-04-27] FF Extension: (IDM integration) - C:\Program Files\Internet Download Manager\idmmzcc2.xpi [2017-01-26] FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension FF Extension: (Microsoft .NET Framework Assistant) - C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension [2013-02-02] [non signé] FF HKU\S-1-5-21-732756086-2140749639-2061509908-1000\...\Firefox\Extensions: [mozilla_cc2@internetdownloadmanager.com] - C:\Program Files\Internet Download Manager\idmmzcc2.xpi FF HKU\S-1-5-21-732756086-2140749639-2061509908-1000\...\SeaMonkey\Extensions: [mozilla_cc@internetdownloadmanager.com] - C:\Users\laurent\AppData\Roaming\IDM\idmmzcc5 FF Extension: (IDM CC) - C:\Users\laurent\AppData\Roaming\IDM\idmmzcc5 [2017-03-26] [non signé] FF HKU\S-1-5-21-732756086-2140749639-2061509908-1000\...\SeaMonkey\Extensions: [mozilla_cc2@internetdownloadmanager.com] - C:\Program Files\Internet Download Manager\idmmzcc2.xpi FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32_26_0_0_137.dll [2017-07-17] () FF Plugin: @java.com/DTPlugin,version=11.65.2 -> C:\Program Files\Java\jre1.8.0_65\bin\dtplugin\npDeployJava1.dll [2015-10-22] (Oracle Corporation) FF Plugin: @java.com/JavaPlugin,version=11.65.2 -> C:\Program Files\Java\jre1.8.0_65\bin\plugin2\npjp2.dll [2015-10-22] (Oracle Corporation) FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.50428.0\npctrl.dll [2016-04-27] ( Microsoft Corporation) FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation) FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation) FF Plugin: @microsoft.com/WPF,version=3.5 -> C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll [2008-07-30] (Microsoft Corporation) FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-05-01] (Google Inc.) FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-05-01] (Google Inc.) FF Plugin: @videolan.org/vlc,version=2.0.5 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2017-05-24] (VideoLAN) FF Plugin: @videolan.org/vlc,version=2.0.8 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2017-05-24] (VideoLAN) FF Plugin: @videolan.org/vlc,version=2.1.1 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2017-05-24] (VideoLAN) FF Plugin: @videolan.org/vlc,version=2.1.2 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2017-05-24] (VideoLAN) FF Plugin: @videolan.org/vlc,version=2.1.3 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2017-05-24] (VideoLAN) FF Plugin: @videolan.org/vlc,version=2.1.5 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2017-05-24] (VideoLAN) FF Plugin: @videolan.org/vlc,version=2.2.1 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2017-05-24] (VideoLAN) FF Plugin: @videolan.org/vlc,version=2.2.4 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2017-05-24] (VideoLAN) FF Plugin: @videolan.org/vlc,version=2.2.6 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2017-05-24] (VideoLAN) FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll [2012-07-27] (Adobe Systems Inc.) FF Plugin: PDF Architect 2 -> C:\Program Files\PDF Architect 2\np-previewer.dll [2014-10-10] (pdfforge GmbH) Chrome: ======= CHR DefaultProfile: Default CHR NewTab: Default -> Active:"chrome-extension://icpgjfneehieebagbmdbhnlpiopdcmna/main.html" CHR Session Restore: Default -> est activé. CHR Profile: C:\Users\laurent\AppData\Local\Google\Chrome\User Data\Default [2017-08-27] CHR Extension: (Adblock Plus) - C:\Users\laurent\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2017-07-13] CHR Extension: (uBlock Origin) - C:\Users\laurent\AppData\Local\Google\Chrome\User Data\Default\Extensions\cjpalhdlnbpafiamejdnhcphjbkeiagm [2017-07-27] CHR Extension: (ZenMate VPN - Sécurité internet & Unblock) - C:\Users\laurent\AppData\Local\Google\Chrome\User Data\Default\Extensions\fdcgdnkidjaadafnichfpabhfomcebme [2017-08-02] CHR Extension: (Alerte Bons Plans eBuyClub) - C:\Users\laurent\AppData\Local\Google\Chrome\User Data\Default\Extensions\fjjddemkcndmbbeeibicagaobbijjgmm [2017-03-24] CHR Extension: (Désactivation de Google Analytics) - C:\Users\laurent\AppData\Local\Google\Chrome\User Data\Default\Extensions\fllaojicojecljbmefodhfapmkghcbnh [2015-10-21] CHR Extension: (New Tab Redirect) - C:\Users\laurent\AppData\Local\Google\Chrome\User Data\Default\Extensions\icpgjfneehieebagbmdbhnlpiopdcmna [2015-12-08] CHR Extension: (eBay pour Chrome) - C:\Users\laurent\AppData\Local\Google\Chrome\User Data\Default\Extensions\khhckppjhonfmcpegdjdibmngahahhck [2017-07-03] CHR Extension: (IDM Integration Module) - C:\Users\laurent\AppData\Local\Google\Chrome\User Data\Default\Extensions\ngpampappnmepgilojfohadhhmbhlaek [2017-07-18] CHR Extension: (Paiements via le Chrome Web Store) - C:\Users\laurent\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-08-22] CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx CHR HKLM\...\Chrome\Extension: [ngpampappnmepgilojfohadhhmbhlaek] - C:\Program Files\Internet Download Manager\IDMGCExt.crx [2017-08-05] ==================== Services (Avec liste blanche) ==================== (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.) S2 AntiVirMailService; C:\Program Files\Avira\Antivirus\avmailc.exe [970632 2016-09-01] (Avira Operations GmbH & Co. KG) R2 AntiVirSchedulerService; C:\Program Files\Avira\Antivirus\sched.exe [470600 2016-09-01] (Avira Operations GmbH & Co. KG) R2 AntiVirService; C:\Program Files\Avira\Antivirus\avguard.exe [470600 2016-09-01] (Avira Operations GmbH & Co. KG) S2 AntiVirWebService; C:\Program Files\Avira\Antivirus\AVWEBGRD.EXE [1253352 2016-09-01] (Avira Operations GmbH & Co. KG) R2 Avira.ServiceHost; C:\Program Files\Avira\Launcher\Avira.ServiceHost.exe [309384 2016-07-11] (Avira Operations GmbH & Co. KG) R2 CIJSRegister; C:\Program Files\Canon\IJ Scan Utility\SETEVENT.exe [144464 2015-02-19] (CANON INC.) S3 PDF Architect 2; C:\Program Files\PDF Architect 2\ws.exe [1771560 2014-10-10] (pdfforge GmbH) S3 pdfforge CrashHandler; C:\Program Files\PDF Architect 2\crash-handler-ws.exe [861736 2014-10-10] (pdfforge GmbH) R2 ss_conn_service; C:\Program Files\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe [752224 2017-01-16] (DEVGURU Co., LTD.) R2 TuneUp.UtilitiesSvc; C:\Program Files\TuneUp Utilities 2013\TuneUpUtilitiesService32.exe [1723744 2012-12-07] (TuneUp Software) S2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [272952 2008-01-21] (Microsoft Corporation) ===================== Pilotes (Avec liste blanche) ====================== (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.) R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [115600 2016-07-28] (Avira Operations GmbH & Co. KG) R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [140272 2016-07-28] (Avira Operations GmbH & Co. KG) R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [37896 2015-08-07] (Avira Operations GmbH & Co. KG) S3 dg_ssudbus; C:\Windows\System32\DRIVERS\ssudbus.sys [109184 2017-01-16] (Samsung Electronics Co., Ltd.) R1 ElbyCDIO; C:\Windows\System32\Drivers\ElbyCDIO.sys [30616 2014-12-21] (Elaborate Bytes AG) S3 ew_usbccgpfilter; C:\Windows\System32\DRIVERS\ew_usbccgpfilter.sys [15360 2017-04-11] (Huawei Technologies Co., Ltd.) S3 LEqdUsb; C:\Windows\System32\Drivers\LEqdUsb.Sys [42264 2013-05-23] (Logitech, Inc.) S3 LHidEqd; C:\Windows\System32\Drivers\LHidEqd.Sys [10136 2013-05-23] (Logitech, Inc.) R3 NETwLv32; C:\Windows\System32\DRIVERS\NETwLv32.sys [6637056 2010-08-16] (Intel Corporation) S3 SANDRA; C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2014.SP3e\WNt600x86\Sandra.sys [23112 2009-08-08] (SiSoftware) R3 SNTNLUSB; C:\Windows\System32\DRIVERS\SNTNLUSB.SYS [35328 2007-04-27] (SafeNet, Inc.) R0 sptd; C:\Windows\System32\Drivers\sptd.sys [717296 2014-01-07] () [Fichier non signé] R3 tap0901; C:\Windows\System32\DRIVERS\tap0901.sys [26624 2013-08-03] (The OpenVPN Project) R3 TuneUpUtilitiesDrv; C:\Program Files\TuneUp Utilities 2013\TuneUpUtilitiesDriver32.sys [10088 2012-11-16] (TuneUp Software) R3 vusbbus; C:\Windows\System32\DRIVERS\vusbbus.sys [171520 2008-04-06] (Chingachguk & Denger2k) [Fichier non signé] ==================== NetSvcs (Avec liste blanche) =================== (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.) ==================== Un mois - Créés - fichiers et dossiers ======== (Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.) 2017-08-28 19:58 - 2017-08-28 19:59 - 000020136 _____ C:\Users\laurent\Desktop\FRST.txt 2017-08-28 19:58 - 2017-08-28 19:58 - 000000000 ____D C:\FRST 2017-08-28 19:40 - 2017-08-28 19:40 - 001792512 _____ (Farbar) C:\Users\laurent\Desktop\FRST.exe 2017-08-28 18:39 - 2017-08-28 18:39 - 000000000 ____D C:\Users\laurent\AppData\Local\Aegisub 2017-08-28 18:02 - 2017-08-28 18:02 - 002812800 _____ C:\Users\laurent\Desktop\zhpdiag_2017.8.15.140.exe 2017-08-28 18:02 - 2017-08-28 18:02 - 000000711 _____ C:\Users\laurent\Desktop\ZHPDiag.lnk 2017-08-28 00:10 - 2017-08-28 00:10 - 000000000 ____D C:\_OTL 2017-08-28 00:08 - 2017-08-28 00:07 - 000602112 _____ (OldTimer Tools) C:\Users\laurent\Desktop\OTL.exe 2017-08-27 19:00 - 2017-08-28 18:06 - 000142520 _____ C:\Users\laurent\Desktop\ZHPDiag.txt 2017-08-25 23:38 - 2017-08-25 23:38 - 000863362 _____ C:\Users\laurent\Desktop\samsung-vous-rembourse-jusqu-a-150-pour-l-achat-d-un-refrigerateur-190201-promo-6.pdf 2017-08-25 11:25 - 2017-08-25 11:25 - 000012501 _____ C:\Users\laurent\Desktop\rib Caisse Régionale Provence Côte d'Azur.pdf 2017-08-25 11:03 - 2017-08-25 11:03 - 000083129 _____ C:\Users\laurent\Desktop\Cloture_compte_individuel_hors_ct_et_livret_individuel.pdf 2017-08-23 23:01 - 2017-08-27 18:40 - 000000000 ____D C:\Program Files\Spybot - Search & Destroy 2017-08-23 22:42 - 2017-08-23 22:42 - 000000079 _____ C:\Windows\wininit.ini 2017-08-23 20:33 - 2017-08-23 20:33 - 002856320 _____ C:\Users\laurent\ZHPCleaner.exe 2017-08-21 22:11 - 2017-08-28 18:03 - 000000000 ____D C:\Users\laurent\AppData\Roaming\ZHP 2017-08-21 22:11 - 2017-08-28 18:03 - 000000000 ____D C:\Users\laurent\AppData\Local\ZHP 2017-08-21 21:30 - 2006-09-18 23:41 - 000000761 _____ C:\Windows\system32\Drivers\etc\hosts.20170821-213036.backup 2017-08-21 20:31 - 2017-08-27 18:40 - 000000000 ____D C:\ProgramData\Spybot - Search & Destroy 2017-08-21 20:30 - 2017-08-23 22:43 - 000000000 ____D C:\Program Files\Spybot - Search & Destroy 2 2017-08-21 12:58 - 2017-08-21 12:58 - 000002216 _____ C:\Users\laurent\Documents\cc_20170821_125808.reg 2017-08-21 12:14 - 2017-07-22 19:28 - 000467128 _____ C:\Users\laurent\Desktop\Accord déplacement emplacement réservé.pdf 2017-08-21 10:42 - 2017-08-21 10:44 - 000000000 ____D C:\Users\laurent\Desktop\AXa zbanque 2017-08-20 23:59 - 2017-08-20 23:59 - 000000000 ____D C:\Users\laurent\AppData\Local\WiFi Guard 2017-08-17 13:09 - 2017-08-18 16:35 - 000000000 ____D C:\Program Files\Mozilla Thunderbird 2017-08-11 16:48 - 2017-08-11 16:48 - 000000000 ____D C:\Users\laurent\AppData\Local\FonePaw 2017-08-11 16:48 - 2017-08-11 16:48 - 000000000 ____D C:\Users\laurent\{89098f50-0711-4c46-a1f9-76ce36e32931} 2017-08-11 16:48 - 2017-08-11 16:48 - 000000000 ____D C:\Users\laurent\{05bf6308-8a05-41e5-9412-21865b6d8703} 2017-08-11 16:48 - 2017-03-17 01:52 - 000191200 _____ (DEVGURU Co., LTD.(www.devguru.co.kr)) C:\Windows\system32\Drivers\ssudmdm.sys 2017-08-08 18:55 - 2017-08-08 18:55 - 000001904 _____ C:\Users\Public\Desktop\Smart Switch.lnk 2017-08-08 18:54 - 2017-01-16 08:26 - 000109184 _____ (Samsung Electronics Co., Ltd.) C:\Windows\system32\Drivers\ssudbus.sys 2017-08-05 18:31 - 2017-08-05 18:26 - 000149224 _____ (Tonec Inc.) C:\Windows\system32\Drivers\idmwfp.sys 2017-08-03 20:06 - 2017-08-03 20:06 - 000000000 ____D C:\236b18de690d2acb229bf715 2017-07-30 17:00 - 2017-07-30 17:00 - 000000000 ____D C:\59d77cd21689473d22ee 2017-07-30 15:59 - 2017-04-11 04:17 - 000249856 _____ (Huawei Technologies Co., Ltd.) C:\Windows\system32\Drivers\hw_quusbnet.sys 2017-07-30 15:59 - 2017-04-11 04:17 - 000199680 _____ (Huawei Technologies Co., Ltd.) C:\Windows\system32\Drivers\hw_quusbmdm.sys 2017-07-30 15:59 - 2017-04-11 04:17 - 000113792 _____ (Huawei Technologies Co., Ltd.) C:\Windows\system32\Drivers\hw_cdcacm.sys 2017-07-30 15:59 - 2017-04-11 04:17 - 000102272 _____ (Huawei Technologies Co., Ltd.) C:\Windows\system32\Drivers\hw_usbdev.sys 2017-07-30 15:59 - 2017-04-11 04:17 - 000028160 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbser.sys 2017-07-30 15:59 - 2017-04-11 04:17 - 000015360 _____ (Huawei Technologies Co., Ltd.) C:\Windows\system32\Drivers\ew_usbccgpfilter.sys 2017-07-29 20:00 - 2017-08-03 20:06 - 000000000 ___HT C:\Windows\wusa.lock 2017-07-29 20:00 - 2017-07-29 20:00 - 000000000 ____D C:\275cb60bd6bd4f29bb740885530d9a34 2017-07-29 17:52 - 2017-07-29 18:43 - 000000000 ____D C:\Users\laurent\Documents\HiSuite 2017-07-29 17:52 - 2017-04-11 04:17 - 001837296 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WUDFUpdate_01009.dll 2017-07-29 17:52 - 2017-04-11 04:17 - 001461992 _____ (Microsoft Corporation) C:\Windows\system32\WdfCoInstaller01009.dll 2017-07-29 17:52 - 2017-04-11 04:17 - 001461992 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WdfCoInstaller01009.dll 2017-07-29 17:52 - 2017-04-11 04:17 - 000851176 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\winusbcoinstaller2.dll 2017-07-29 17:51 - 2017-08-04 20:58 - 000000000 ____D C:\Users\laurent\AppData\Local\Hisuite ==================== Un mois - Modifiés - fichiers et dossiers ======== (Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.) 2017-08-28 19:58 - 2016-11-22 22:13 - 000000000 ____D C:\Users\laurent\AppData\LocalLow\Mozilla 2017-08-28 19:54 - 2006-11-02 14:47 - 000003712 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0 2017-08-28 19:54 - 2006-11-02 14:47 - 000003712 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0 2017-08-28 18:51 - 2016-05-02 18:00 - 000000000 ____D C:\Users\laurent\AppData\Roaming\Aegisub 2017-08-28 18:27 - 2013-01-18 19:40 - 000000000 ____D C:\Users\laurent\AppData\Roaming\vlc 2017-08-28 18:07 - 2017-06-17 09:30 - 000000000 ____D C:\Program Files\Mozilla Firefox 2017-08-28 18:05 - 2013-01-12 07:33 - 010277386 _____ C:\Windows\system32\perfh00C.dat 2017-08-28 18:05 - 2013-01-12 07:33 - 003724820 _____ C:\Windows\system32\perfc00C.dat 2017-08-28 18:05 - 2006-11-02 12:33 - 000006984 _____ C:\Windows\system32\PerfStringBackup.INI 2017-08-28 17:59 - 2013-02-02 21:25 - 000032061 _____ C:\ProgramData\nvModes.dat 2017-08-28 17:59 - 2013-02-02 21:25 - 000032061 _____ C:\ProgramData\nvModes.001 2017-08-28 17:55 - 2015-06-11 12:03 - 000000374 _____ C:\Windows\system32\Drivers\etc\hosts.ics 2017-08-28 17:54 - 2006-11-02 15:01 - 000000006 ____H C:\Windows\Tasks\SA.DAT 2017-08-28 01:21 - 2013-01-11 22:39 - 000000012 _____ C:\Windows\bthservsdp.dat 2017-08-28 01:21 - 2006-11-02 15:01 - 000032590 _____ C:\Windows\Tasks\SCHEDLGU.TXT 2017-08-28 00:08 - 2016-09-11 18:21 - 000000000 ____D C:\Users\laurent\AppData\Roaming\IDM 2017-08-27 14:57 - 2013-11-23 13:02 - 000170200 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamswissarmy.sys 2017-08-27 14:55 - 2006-11-02 13:18 - 000000000 ____D C:\Windows\inf 2017-08-26 01:12 - 2014-01-10 12:57 - 000000000 ____D C:\Users\laurent\AppData\Roaming\DMCache 2017-08-25 00:07 - 2013-01-12 01:55 - 000184320 _____ C:\Users\laurent\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini 2017-08-23 20:33 - 2013-01-11 22:44 - 000000000 ____D C:\Users\laurent 2017-08-21 20:26 - 2016-09-27 22:49 - 000000000 ____D C:\AdwCleaner 2017-08-21 12:23 - 2016-10-19 18:54 - 000000000 ____D C:\Users\laurent\AppData\Roaming\inkscape 2017-08-21 12:23 - 2015-04-01 19:05 - 000000000 ____D C:\Users\laurent\AppData\Roaming\uTorrent 2017-08-21 12:23 - 2013-08-20 22:22 - 000000000 ____D C:\Windows\Minidump 2017-08-21 10:52 - 2014-11-27 14:42 - 014295040 _____ C:\Users\laurent\AppData\Roaming\Sandra.mdb 2017-08-21 00:11 - 2013-01-12 02:40 - 000000000 ____D C:\Windows\system32\Macromed 2017-08-19 11:52 - 2013-01-12 02:37 - 000000000 ____D C:\Program Files\Mozilla Maintenance Service 2017-08-17 09:47 - 2013-11-07 13:14 - 000000859 _____ C:\Users\Public\Desktop\VLC media player.lnk 2017-08-09 21:00 - 2013-05-01 14:56 - 000000000 ____D C:\Users\laurent\Documents\samsung 2017-08-08 18:55 - 2013-05-01 14:52 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Samsung 2017-08-08 18:52 - 2013-05-01 14:56 - 000000000 ____D C:\Users\laurent\AppData\Roaming\Samsung 2017-08-08 18:52 - 2013-05-01 14:50 - 000000000 ____D C:\Program Files\Samsung 2017-08-08 18:52 - 2013-01-12 01:22 - 000000000 ___HD C:\Program Files\InstallShield Installation Information 2017-08-08 18:50 - 2014-02-09 19:32 - 000000000 ____D C:\Program Files\Internet Download Manager 2017-07-29 18:38 - 2013-01-12 14:25 - 000000826 _____ C:\Users\laurent\Desktop\mdp.txt ==================== Fichiers à la racine de certains dossiers ======= 2017-04-02 19:56 - 2017-04-10 20:34 - 000000019 _____ () C:\Users\laurent\AppData\Roaming\ArchiFacile.json 2013-01-19 13:00 - 2013-02-02 19:09 - 000027525 _____ () C:\Users\laurent\AppData\Roaming\nvModes.001 2013-01-18 16:43 - 2013-01-18 16:43 - 000027525 _____ () C:\Users\laurent\AppData\Roaming\nvModes.dat 2014-11-27 14:42 - 2017-08-21 10:52 - 014295040 _____ () C:\Users\laurent\AppData\Roaming\Sandra.mdb 2013-01-11 22:44 - 2014-04-24 11:12 - 000000680 _____ () C:\Users\laurent\AppData\Local\d3d9caps.dat 2013-01-12 01:55 - 2017-08-25 00:07 - 000184320 _____ () C:\Users\laurent\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini 2016-11-19 14:30 - 2016-11-19 14:30 - 000000095 _____ () C:\Users\laurent\AppData\Local\fusioncache.dat 2016-12-02 15:40 - 2016-12-02 15:40 - 000001253 _____ () C:\Users\laurent\AppData\Local\recently-used.xbel 2017-04-02 18:41 - 2017-04-02 18:41 - 000007406 _____ () C:\Users\laurent\AppData\Local\SquareClock.Production_Home_ConforamaIcon.ico 2017-04-03 23:41 - 2017-04-03 23:41 - 000353118 _____ () C:\Users\laurent\AppData\Local\SquareClock.Production_Home_Ixina_WebIcon.ico 2013-02-02 21:25 - 2017-08-28 17:59 - 000032061 _____ () C:\ProgramData\nvModes.001 2013-02-02 21:25 - 2017-08-28 17:59 - 000032061 _____ () C:\ProgramData\nvModes.dat Fichiers à déplacer ou supprimer: ==================== C:\Users\laurent\ZHPCleaner.exe Certains fichiers dans TEMP: ==================== 2013-11-27 22:44 - 2017-08-28 00:59 - 000000000 ____D () C:\Users\laurent\AppData\Local\Temp\avgnt.exe ==================== Bamital & volsnap ====================== (Il n'y a pas de correction automatique pour les fichiers qui ne satisfont pas à la vérification.) C:\Windows\explorer.exe => Le fichier est signé numériquement C:\Windows\system32\winlogon.exe => Le fichier est signé numériquement C:\Windows\system32\wininit.exe => Le fichier est signé numériquement C:\Windows\system32\svchost.exe => Le fichier est signé numériquement C:\Windows\system32\services.exe => Le fichier est signé numériquement C:\Windows\system32\User32.dll => Le fichier est signé numériquement C:\Windows\system32\userinit.exe => Le fichier est signé numériquement C:\Windows\system32\rpcss.dll => Le fichier est signé numériquement C:\Windows\system32\dnsapi.dll => Le fichier est signé numériquement C:\Windows\system32\Drivers\volsnap.sys => Le fichier est signé numériquement LastRegBack: 2017-08-28 18:05 ==================== Fin de FRST.txt ============================