cjoint

Publicité


Publicité

Format du document : text/plain

Prévisualisation

Résultats d'analyse de Farbar Recovery Scan Tool (FRST) (x64) Version:07-11-2015
Exécuté par nathalie (administrateur) sur PC-DE-NATHALIE (14-11-2015 18:20:53)
Exécuté depuis C:\Users\nathalie\Desktop
Profils chargés: nathalie (Profils disponibles: nathalie & Administrateur)
Platform: Windows Vista (TM) Home Premium Service Pack 2 (X64) Langue: Français (France)
Internet Explorer Version 9 (Navigateur par défaut: Chrome)
Mode d'amorçage: Normal
Tutoriel pour Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processus (Avec liste blanche) =================

(Si un élément est inclus dans le fichier fixlist.txt, le processus sera arrêté. Le fichier ne sera pas déplacé.)

(ATI Technologies Inc.) C:\Windows\System32\Ati2evxx.exe
(Microsoft Corporation) C:\Windows\System32\SLsvc.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(ATI Technologies Inc.) C:\Windows\System32\Ati2evxx.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
(Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
(Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
(Nero AG) C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe
(pdfforge GmbH) C:\Program Files (x86)\PDF Architect\HelperService.exe
(pdfforge GmbH) C:\Program Files (x86)\PDF Architect\ConversionService.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(Hewlett-Packard) C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe
() C:\Program Files\Hewlett-Packard\HP Remote\HP REMOTE V1.0.5.exe
(Hewlett-Packard Co.) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
(CyberLink Corp.) C:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\TSMAgent.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
(Microsoft Corporation) C:\Program Files\Windows Media Player\wmpnscfg.exe
(Hewlett-Packard Co.) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqste08.exe
(Hewlett-Packard Co.) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqbam08.exe
(Hewlett-Packard) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgpc01.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Hewlett-Packard) C:\Program Files (x86)\Hewlett-Packard\HP Health Check\HPHC_Service.exe
(Microsoft Corporation) C:\Windows\System32\conime.exe


==================== Registre (Avec liste blanche) ===========================

(Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé. Le fichier ne sera pas déplacé.)

HKLM\...\Run: [Windows Defender] => C:\Program Files\Windows Defender\MSASCui.exe [1584184 2008-01-21] (Microsoft Corporation)
HKLM\...\Run: [HP Remote Software] => C:\Program Files\Hewlett-Packard\HP Remote\HP REMOTE V1.0.5.exe [172032 2009-02-06] ()
HKLM\...\Run: [SmartMenu] => C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe [915512 2009-03-05] (Hewlett-Packard)
HKLM-x32\...\Run: [TSMAgent] => c:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\TSMAgent.exe [1328424 2009-04-09] (CyberLink Corp.)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-09-13] (Apple Inc.)
HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [782520 2015-09-25] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe [96056 2013-05-30] (Hewlett-Packard)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2015-08-06] (Apple Inc.)
HKU\S-1-5-21-3145036126-457181674-1837085233-1000\...\Run: [ISUSPM Startup] => C:\Program Files (x86)\Common Files\InstallShield\UpdateService\ISUSPM.exe [221184 2004-08-09] (InstallShield Software Corporation)
HKU\S-1-5-21-3145036126-457181674-1837085233-1000\...\Run: [Facebook Update] => C:\Users\nathalie\AppData\Local\Facebook\Update\FacebookUpdate.exe [138096 2012-10-22] (Facebook Inc.)
HKU\S-1-5-21-3145036126-457181674-1837085233-1000\...\Policies\system: [DisableLockWorkstation] 0
HKU\S-1-5-21-3145036126-457181674-1837085233-1000\...\Policies\system: [DisableChangePassword] 0
HKU\S-1-5-21-3145036126-457181674-1837085233-1000\...\Policies\Explorer: [NoLogoff] 0
HKU\S-1-5-21-3145036126-457181674-1837085233-1000\...\MountPoints2: {6eb6aaef-495e-11de-8b68-806e6f6e6963} - E:\Autorun.exe
HKU\S-1-5-21-3145036126-457181674-1837085233-1000\...\MountPoints2: {db1640c0-be5a-11e4-a09e-00248cf9898b} - F:\Startme.exe
HKU\S-1-5-21-3145036126-457181674-1837085233-1000\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\system32\Bubbles.scr [899584 2006-11-02] (Microsoft Corporation)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk [2015-04-13]
ShortcutTarget: HP Digital Imaging Monitor.lnk -> C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe (Hewlett-Packard Co.)

==================== Internet (Avec liste blanche) ====================

(Si un élément est inclus dans le fichier fixlist.txt, s'il s'agit d'un élément du Registre, il sera supprimé ou restauré à la valeur par défaut.)

Winsock: Catalog9 01 C:\Program Files (x86)\Avira\AntiVir Desktop\avsda.dll [507984 2014-11-24] (Avira Operations GmbH & Co. KG)
Winsock: Catalog9 02 C:\Program Files (x86)\Avira\AntiVir Desktop\avsda.dll [507984 2014-11-24] (Avira Operations GmbH & Co. KG)
Winsock: Catalog9 03 C:\Program Files (x86)\Avira\AntiVir Desktop\avsda.dll [507984 2014-11-24] (Avira Operations GmbH & Co. KG)
Winsock: Catalog9 04 C:\Program Files (x86)\Avira\AntiVir Desktop\avsda.dll [507984 2014-11-24] (Avira Operations GmbH & Co. KG)
Winsock: Catalog9 05 C:\Program Files (x86)\Avira\AntiVir Desktop\avsda.dll [507984 2014-11-24] (Avira Operations GmbH & Co. KG)
Winsock: Catalog9 06 C:\Program Files (x86)\Avira\AntiVir Desktop\avsda.dll [507984 2014-11-24] (Avira Operations GmbH & Co. KG)
Winsock: Catalog9 07 C:\Program Files (x86)\Avira\AntiVir Desktop\avsda.dll [507984 2014-11-24] (Avira Operations GmbH & Co. KG)
Winsock: Catalog9 08 C:\Program Files (x86)\Avira\AntiVir Desktop\avsda.dll [507984 2014-11-24] (Avira Operations GmbH & Co. KG)
Winsock: Catalog9 19 C:\Program Files (x86)\Avira\AntiVir Desktop\avsda.dll [507984 2014-11-24] (Avira Operations GmbH & Co. KG)
Winsock: Catalog9-x64 01 C:\Program Files (x86)\Avira\AntiVir Desktop\avsda64.dll [523344 2014-11-24] (Avira Operations GmbH & Co. KG)
Winsock: Catalog9-x64 02 C:\Program Files (x86)\Avira\AntiVir Desktop\avsda64.dll [523344 2014-11-24] (Avira Operations GmbH & Co. KG)
Winsock: Catalog9-x64 03 C:\Program Files (x86)\Avira\AntiVir Desktop\avsda64.dll [523344 2014-11-24] (Avira Operations GmbH & Co. KG)
Winsock: Catalog9-x64 04 C:\Program Files (x86)\Avira\AntiVir Desktop\avsda64.dll [523344 2014-11-24] (Avira Operations GmbH & Co. KG)
Winsock: Catalog9-x64 05 C:\Program Files (x86)\Avira\AntiVir Desktop\avsda64.dll [523344 2014-11-24] (Avira Operations GmbH & Co. KG)
Winsock: Catalog9-x64 06 C:\Program Files (x86)\Avira\AntiVir Desktop\avsda64.dll [523344 2014-11-24] (Avira Operations GmbH & Co. KG)
Winsock: Catalog9-x64 07 C:\Program Files (x86)\Avira\AntiVir Desktop\avsda64.dll [523344 2014-11-24] (Avira Operations GmbH & Co. KG)
Winsock: Catalog9-x64 08 C:\Program Files (x86)\Avira\AntiVir Desktop\avsda64.dll [523344 2014-11-24] (Avira Operations GmbH & Co. KG)
Winsock: Catalog9-x64 19 C:\Program Files (x86)\Avira\AntiVir Desktop\avsda64.dll [523344 2014-11-24] (Avira Operations GmbH & Co. KG)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.254
Tcpip\..\Interfaces\{146BDD8E-41DE-4848-B383-32DB620D1543}: [DhcpNameServer] 192.168.1.254

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=fr_fr&c=93&bd=Pavilion&pf=cndt
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://fr.msn.com/
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=fr_fr&c=93&bd=Pavilion&pf=cndt
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\S-1-5-21-3145036126-457181674-1837085233-1000\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://fr.msn.com/?ocid=iehp
HKU\S-1-5-21-3145036126-457181674-1837085233-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.fr/
HKU\S-1-5-21-3145036126-457181674-1837085233-1000\Software\Microsoft\Internet Explorer\Main,Default_search_url = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\S-1-5-21-3145036126-457181674-1837085233-1000\Software\Microsoft\Internet Explorer\Main,Default_page_url = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome
SearchScopes: HKLM -> DefaultScope la valeur est absente
SearchScopes: HKLM -> {657C0CF1-FD11-416D-8CB2-369BDF8E4B4D} URL = hxxp://fr.kelkoopartners.net/ctl/do/search?siteSearchQuery={searchTerms}&fromform=true&x=true&y=true&partner=hp&partnerId=96913932
SearchScopes: HKLM -> {A27AC05D-887E-4C54-98BF-519807417112} URL = hxxp://fr.search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=cb-hp06&type=ie2008
SearchScopes: HKLM -> {CC8264F0-7914-4E5D-AA1B-B532DDF0CD5F} URL = hxxp://slirsredirect.search.aol.com/slirs_http/sredir?sredir=1156&query={searchTerms}&invocationType=tb50hpcndtie7-fr-fr
SearchScopes: HKLM-x32 -> DefaultScope la valeur est absente
SearchScopes: HKLM-x32 -> {2B7B7EFC-C234-4532-822B-A8D74D7EF7EB} URL = hxxp://fr.gdark.com/search.php?cx=partner-pub-7902900401080901%3Ae94ctf-nqmg&cof=FORID%3A10&ie=UTF-8&q={searchTerms}
SearchScopes: HKLM-x32 -> {657C0CF1-FD11-416D-8CB2-369BDF8E4B4D} URL = hxxp://fr.kelkoopartners.net/ctl/do/search?siteSearchQuery={searchTerms}&fromform=true&x=true&y=true&partner=hp&partnerId=96913932
SearchScopes: HKLM-x32 -> {A27AC05D-887E-4C54-98BF-519807417112} URL = hxxp://fr.search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=cb-hp06&type=ie2008
SearchScopes: HKLM-x32 -> {CC8264F0-7914-4E5D-AA1B-B532DDF0CD5F} URL = hxxp://slirsredirect.search.aol.com/slirs_http/sredir?sredir=1156&query={searchTerms}&invocationType=tb50hpcndtie7-fr-fr
SearchScopes: HKU\S-1-5-21-3145036126-457181674-1837085233-1000 -> URL hxxp://search.conduit.com/Results.aspx?gd=&ctid=CT3321904&octid=EB_ORIGINAL_CTID&ISID=ISID_ID&SearchSource=58&CUI=&UM=5&UP=SPAA15475F-44AD-4837-A70D-8CEA3317A5FA&q={searchTerms}&SSPV=
SearchScopes: HKU\S-1-5-21-3145036126-457181674-1837085233-1000 -> ${searchCLSID} URL = hxxp://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?}
SearchScopes: HKU\S-1-5-21-3145036126-457181674-1837085233-1000 -> {2B7B7EFC-C234-4532-822B-A8D74D7EF7EB} URL =
SearchScopes: HKU\S-1-5-21-3145036126-457181674-1837085233-1000 -> {657C0CF1-FD11-416D-8CB2-369BDF8E4B4D} URL =
SearchScopes: HKU\S-1-5-21-3145036126-457181674-1837085233-1000 -> {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL =
SearchScopes: HKU\S-1-5-21-3145036126-457181674-1837085233-1000 -> {A27AC05D-887E-4C54-98BF-519807417112} URL =
SearchScopes: HKU\S-1-5-21-3145036126-457181674-1837085233-1000 -> {CC8264F0-7914-4E5D-AA1B-B532DDF0CD5F} URL = hxxp://slirsredirect.search.aol.com/slirs_http/sredir?sredir=1156&query={searchTerms}&invocationType=tb50hpcndtie7-fr-fr
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28] (Microsoft Corp.)
BHO: Pas de nom -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> Pas de fichier
BHO-x32: HP Print Enhancer -> {0347C33E-8762-4905-BF09-768834316C61} -> C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll [2009-10-22] (Hewlett-Packard Co.)
BHO-x32: PDF Architect Helper -> {3A2D5EBA-F86D-4BD3-A177-019765996711} -> C:\Program Files (x86)\PDF Architect\PDFIEHelper.dll [2013-04-08] (pdfforge GmbH)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\ssv.dll [2015-01-24] (Oracle Corporation)
BHO-x32: Programme d'aide de l'Assistant de connexion Windows Live ID -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28] (Microsoft Corp.)
BHO-x32: Windows Live Messenger Companion Helper -> {9FDDE16B-836F-4806-AB1F-1455CBEFF289} -> C:\Program Files (x86)\Windows Live\Companion\companioncore.dll [2012-03-08] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\jp2ssv.dll [2015-01-24] (Oracle Corporation)
BHO-x32: HP Smart BHO Class -> {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} -> C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll [2009-10-22] (Hewlett-Packard Co.)
Toolbar: HKLM-x32 - PDF Architect Toolbar - {25A3A431-30BB-47C8-AD6A-E1063801134F} - C:\Program Files (x86)\PDF Architect\PDFIEPlugin.dll [2013-04-08] (pdfforge GmbH)
Toolbar: HKU\S-1-5-21-3145036126-457181674-1837085233-1000 -> Pas de nom - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - Pas de fichier
DPF: HKLM-x32 {0972B098-DEE9-4279-AC7E-4BAAA029102D} hxxp://assets.photobox.com/assets/aurigma/ImageUploader5.cab?20110818073848
DPF: HKLM-x32 {166B1BCA-3F9C-11CF-8075-444553540000} hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab
DPF: HKLM-x32 {17492023-C23A-453E-A040-C7C580BBF700} hxxp://download.microsoft.com/download/C/0/C/C0CBBA88-A6F2-48D9-9B0E-1719D1177202/LegitCheckControl.cab
DPF: HKLM-x32 {4B54A9DE-EF1C-4EBE-A328-7C28EA3B433A} hxxp://quickscan.bitdefender.com/qsax/qsax.cab
DPF: HKLM-x32 {5D637FAD-E202-48D1-8F18-5B9C459BD1E3} hxxp://copainsdavant.linternaute.com/framework/lib/objimageuploader/html_include/5.1.1.0/ImageUploader5.cab
DPF: HKLM-x32 {680285A8-96D3-43DA-9D3D-51DD987D0B77} hxxp://www.nero.com/doc/NeroVersionCheckerControl.cab
DPF: HKLM-x32 {73ECB3AA-4717-450C-A2AB-D00DAD9EE203} hxxp://h20270.www2.hp.com/ediags/gmn2/install/HPProductDetection2.cab
DPF: HKLM-x32 {7530BFB8-7293-4D34-9923-61A11451AFC5} hxxp://download.eset.com/special/eos/OnlineScanner.cab
DPF: HKLM-x32 {8100D56A-5661-482C-BEE8-AFECE305D968} hxxp://upload.facebook.com/controls/2009.07.28_v5.5.8.1/FacebookPhotoUploader55.cab
DPF: HKLM-x32 {867E13F2-7F31-44FB-AC97-CD38E0DC46EF} hxxp://fichiers.touslesdrivers.com/maconfig/MaConfig_3_5_3_0.cab
DPF: HKLM-x32 {A8F2B9BD-A6A0-486A-9744-18920D898429} hxxp://www.sibelius.com/download/software/win/ActiveXPlugin.cab
DPF: HKLM-x32 {E2883E8F-472F-4FB0-9522-AC9BF37916A7} hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
Handler-x32: http - {E1D2BF42-A96B-11D1-9C6B-0000F875AC61} - C:\PROGRA~2\COMMON~1\System\OLEDB~1\MSDAIPP.DLL [1999-02-03] (Microsoft Corporation)
Handler-x32: http - {E1D2BF40-A96B-11D1-9C6B-0000F875AC61} - C:\PROGRA~2\COMMON~1\System\OLEDB~1\MSDAIPP.DLL [1999-02-03] (Microsoft Corporation)
Handler-x32: https - {E1D2BF42-A96B-11D1-9C6B-0000F875AC61} - C:\PROGRA~2\COMMON~1\System\OLEDB~1\MSDAIPP.DLL [1999-02-03] (Microsoft Corporation)
Handler-x32: https - {E1D2BF40-A96B-11D1-9C6B-0000F875AC61} - C:\PROGRA~2\COMMON~1\System\OLEDB~1\MSDAIPP.DLL [1999-02-03] (Microsoft Corporation)
Handler-x32: ipp - {E1D2BF42-A96B-11D1-9C6B-0000F875AC61} - C:\PROGRA~2\COMMON~1\System\OLEDB~1\MSDAIPP.DLL [1999-02-03] (Microsoft Corporation)
Handler: ms-itss - {0A9007C0-4076-11D3-8789-0000F8105754} - Pas de fichier
Handler-x32: msdaipp - {E1D2BF42-A96B-11D1-9C6B-0000F875AC61} - C:\PROGRA~2\COMMON~1\System\OLEDB~1\MSDAIPP.DLL [1999-02-03] (Microsoft Corporation)
Handler-x32: msdaipp - {E1D2BF40-A96B-11D1-9C6B-0000F875AC61} - C:\PROGRA~2\COMMON~1\System\OLEDB~1\MSDAIPP.DLL [1999-02-03] (Microsoft Corporation)

FireFox:
========
FF ProfilePath: C:\Users\nathalie\AppData\Roaming\Mozilla\Firefox\Profiles\0m01zpdd.default
FF Homepage: hxxps://www.google.fr/
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_19_0_0_245.dll [2015-11-11] ()
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_19_0_0_245.dll [2015-11-11] ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw_1168638.dll [2012-10-04] (Adobe Systems, Inc.)
FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll [2015-10-13] (Google, Inc.)
FF Plugin-x32: @java.com/DTPlugin,version=11.31.2 -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\dtplugin\npDeployJava1.dll [2015-01-24] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.31.2 -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\plugin2\npjp2.dll [2015-01-24] (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeLive,version=1.5 -> C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll [2010-04-26] (Microsoft Corp.)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-03-08] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-03-08] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3555.0308 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-03-08] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WPF,version=3.5 -> c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll [2008-07-29] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-09-16] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-09-16] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll [2015-09-24] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-3145036126-457181674-1837085233-1000: @Skype Limited.com/Facebook Video Calling Plugin -> C:\Users\nathalie\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll [2014-07-24] (Skype Limited)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\NPcol400.dll [2012-01-03] (Catalina Marketing Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\NPOFF12.DLL [2006-10-26] (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll [2015-09-24] (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin.dll [2015-08-31] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin2.dll [2015-08-31] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin3.dll [2015-08-31] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin4.dll [2015-08-31] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin5.dll [2015-08-31] (Apple Inc.)
FF SearchPlugin: C:\Users\nathalie\AppData\Roaming\Mozilla\Firefox\Profiles\0m01zpdd.default\searchplugins\absearch-search.xml [2011-04-16]
FF Extension: Avira Browser Safety - C:\Users\nathalie\AppData\Roaming\Mozilla\Firefox\Profiles\0m01zpdd.default\Extensions\abs@avira.com [2015-10-23] [non signé]
FF Extension: Adblock Plus - C:\Users\nathalie\AppData\Roaming\Mozilla\Firefox\Profiles\0m01zpdd.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2015-09-27]
FF HKLM-x32\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF Extension: Microsoft .NET Framework Assistant - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension [2009-07-31] [non signé]
FF HKLM-x32\...\Firefox\Extensions: [FFPDFArchitectConverter@pdfarchitect.com] - C:\Program Files (x86)\PDF Architect\FFPDFArchitectExt
FF Extension: PDF Architect Converter For Firefox - C:\Program Files (x86)\PDF Architect\FFPDFArchitectExt [2014-01-19] [non signé]
FF HKLM-x32\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF Extension: HP Smart Web Printing - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2015-04-13] [non signé]
FF HKU\S-1-5-21-3145036126-457181674-1837085233-1000\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3

Chrome:
=======
CHR HomePage: Default -> hxxp://www.google.com
CHR StartupUrls: Default -> "hxxp://www.google.com"
CHR Profile: C:\Users\nathalie\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Docs) - C:\Users\nathalie\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-02-07]
CHR Extension: (Google Drive) - C:\Users\nathalie\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-10-22]
CHR Extension: (YouTube) - C:\Users\nathalie\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-09-24]
CHR Extension: (Adblock Plus) - C:\Users\nathalie\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2015-09-24]
CHR Extension: (Recherche Google) - C:\Users\nathalie\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-10-27]
CHR Extension: (Protection Web Avira) - C:\Users\nathalie\AppData\Local\Google\Chrome\User Data\Default\Extensions\flliilndjeohchalpbbcdekjklbdgfkk [2015-10-20]
CHR Extension: (Google Docs hors connexion) - C:\Users\nathalie\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2015-09-03]
CHR Extension: (WhatFont) - C:\Users\nathalie\AppData\Local\Google\Chrome\User Data\Default\Extensions\jabopobgcpjmedljpbcaablpmlmfcogm [2015-08-18]
CHR Extension: (Paiements via le Chrome Web Store) - C:\Users\nathalie\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-07-25]
CHR Extension: (Gmail) - C:\Users\nathalie\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-03-28]
CHR HKLM-x32\...\Chrome\Extension: [ehedbflalfjlmepakecekpbhnonnmpdf] - C:\ProgramData\Download and Sa\ehedbflalfjlmepakecekpbhnonnmpdf.crx
CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx

==================== Services (Avec liste blanche) ========================

(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)

S2 AntiVirMailService; C:\Program Files (x86)\Avira\AntiVir Desktop\avmailc.exe [916968 2015-09-25] (Avira Operations GmbH & Co. KG)
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [461672 2015-09-25] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [461672 2015-09-25] (Avira Operations GmbH & Co. KG)
S2 AntiVirWebService; C:\Program Files (x86)\Avira\AntiVir Desktop\AVWEBGRD.EXE [1210512 2015-09-25] (Avira Operations GmbH & Co. KG)
R2 ezSharedSvc; C:\Windows\SysWOW64\ezsvc7.dll [129584 2009-01-04] (EasyBits Sofware AS) [Fichier non signé]
R2 HP Health Check Service; c:\Program Files (x86)\Hewlett-Packard\HP Health Check\hphc_service.exe [94208 2008-12-04] (Hewlett-Packard) [Fichier non signé]
R2 LightScribeService; C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe [73728 2009-08-20] (Hewlett-Packard Company) [Fichier non signé]
R2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [71680 2010-08-06] (Hewlett-Packard) [Fichier non signé]
R2 PDF Architect Helper Service; C:\Program Files (x86)\PDF Architect\HelperService.exe [1320496 2013-04-08] (pdfforge GmbH)
R2 PDF Architect Service; C:\Program Files (x86)\PDF Architect\ConversionService.exe [799280 2013-04-08] (pdfforge GmbH)
R2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [89600 2010-08-06] (Hewlett-Packard) [Fichier non signé]
S3 ServiceLayer; C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe [430592 2008-04-07] (Nokia.) [Fichier non signé]
S2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [383544 2008-01-21] (Microsoft Corporation)

===================== Pilotes (Avec liste blanche) ==========================

(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)

R2 atksgt; C:\Windows\System32\DRIVERS\atksgt.sys [311968 2010-07-07] ()
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [163544 2015-09-25] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [141416 2015-07-28] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2014-11-24] (Avira Operations GmbH & Co. KG)
S3 dgderdrv; C:\Windows\System32\drivers\dgderdrv.sys [20552 2010-09-09] (Devguru Co., Ltd)
S3 ezplay; C:\Windows\System32\Drivers\ezplay.sys [118400 2011-03-30] (VSO Software)
R2 lirsgt; C:\Windows\System32\DRIVERS\lirsgt.sys [43168 2010-07-07] ()
R2 lirsgt; C:\Windows\SysWOW64\DRIVERS\lirsgt.sys [18048 2009-10-24] () [Fichier non signé]
S3 PAEAFLT.sys; C:\Windows\System32\DRIVERS\PAEAFLT.sys [9472 2007-09-26] (PixArt Imaging Incorporation)
S3 amdkmdap; system32\DRIVERS\atikmpag.sys [X]
S3 AtiHDAudioService; system32\drivers\AtihdLH6.sys [X]
S3 catchme; \??\C:\Users\nathalie\AppData\Local\Temp\catchme.sys [X]
S3 cpuz132; \??\C:\Users\nathalie\AppData\Local\Temp\cpuz132\cpuz132_x64.sys [X]
S3 IpInIp; system32\DRIVERS\ipinip.sys [X]
S3 MBAMSwissArmy; \??\C:\Windows\system32\drivers\MBAMSwissArmy.sys [X]
S3 NwlnkFlt; system32\DRIVERS\nwlnkflt.sys [X]
S3 NwlnkFwd; system32\DRIVERS\nwlnkfwd.sys [X]
S3 PCDSRVC{F36B3A4C-F95654BD-06000000}_0; \??\c:\program files\pc-doctor for windows\pcdsrvc_x64.pkms [X]
S3 SANDRA; \??\C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2011c\WNt500x64\Sandra.sys [X]

==================== NetSvcs (Avec liste blanche) ===================

(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)


==================== Un mois - Créés - fichiers et dossiers ========

(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)

2015-11-14 18:20 - 2015-11-14 18:21 - 00028007 _____ C:\Users\nathalie\Desktop\FRST.txt
2015-11-14 18:19 - 2015-11-14 18:20 - 00000000 ____D C:\FRST
2015-11-14 18:18 - 2015-11-14 18:18 - 02198528 _____ (Farbar) C:\Users\nathalie\Desktop\FRST64.exe
2015-11-14 15:47 - 2015-11-14 15:47 - 00000380 _____ C:\Windows\PFRO.log
2015-11-14 15:34 - 2015-11-14 15:34 - 00000000 ____D C:\ProgramData\Licenses
2015-11-14 15:32 - 2015-11-14 15:39 - 00000000 ____D C:\Users\nathalie\Desktop\logiciels desinfection pc
2015-11-14 15:32 - 2015-11-14 15:31 - 00000097 _____ C:\Users\nathalie\Desktop\Nouveau document texte.txt
2015-11-14 15:03 - 2015-11-14 15:03 - 00001827 _____ C:\Users\nathalie\Desktop\AdwCleaner[R19].txt
2015-11-14 15:02 - 2015-11-14 15:03 - 00001827 _____ C:\AdwCleaner[R19].txt
2015-11-14 14:29 - 2015-11-14 14:29 - 00083422 _____ C:\Users\nathalie\Desktop\AVSCAN-20151114-112832-3263F662.LOG
2015-11-14 10:58 - 2015-11-14 10:58 - 00000000 ____D C:\Users\nathalie\AppData\Local\{0414A7C1-26EA-4D73-8342-CC1D253E34D4}
2015-11-13 17:09 - 2015-11-13 17:09 - 00000000 ____D C:\Users\nathalie\AppData\Local\{0C3E30EE-80A3-4D05-B280-A26E313E0280}
2015-11-12 15:04 - 2015-11-12 15:04 - 00000000 ____D C:\Users\nathalie\AppData\Local\{877932F0-B9BE-4C93-9321-D1D789228CB3}
2015-11-11 10:49 - 2015-10-17 15:35 - 02798592 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2015-11-11 10:49 - 2015-09-26 17:05 - 00281600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2015-11-11 10:49 - 2015-09-26 17:05 - 00077312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2015-11-11 10:49 - 2015-09-26 17:04 - 00206336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2015-11-11 10:49 - 2015-09-26 16:58 - 00350720 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2015-11-11 10:49 - 2015-09-26 16:58 - 00257536 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2015-11-11 10:49 - 2015-09-26 14:21 - 00275968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\bcrypt.dll
2015-11-11 10:49 - 2015-09-22 14:10 - 00517976 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2015-11-11 10:49 - 2015-09-22 14:10 - 00306688 _____ (Microsoft Corporation) C:\Windows\system32\bcrypt.dll
2015-11-11 10:45 - 2015-10-17 17:01 - 00501248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2015-11-11 10:45 - 2015-10-17 16:41 - 00659456 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2015-11-11 10:45 - 2015-10-10 16:48 - 00736192 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ndis.sys
2015-11-11 10:40 - 2015-10-13 15:45 - 00404992 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\afd.sys
2015-11-11 10:40 - 2015-10-13 15:44 - 00094720 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tdx.sys
2015-11-11 10:39 - 2015-10-14 21:25 - 01586304 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2015-11-11 10:39 - 2015-10-14 21:25 - 01168600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2015-11-11 10:39 - 2015-10-14 16:47 - 04691392 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-11-11 10:10 - 2015-10-31 20:48 - 17079296 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-11-11 10:10 - 2015-10-31 20:45 - 10886144 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-11-11 10:10 - 2015-10-31 20:45 - 00448512 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2015-11-11 10:10 - 2015-10-31 20:44 - 02264576 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-11-11 10:10 - 2015-10-31 20:44 - 01494016 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-11-11 10:10 - 2015-10-31 20:44 - 01299968 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-11-11 10:10 - 2015-10-31 20:44 - 01295872 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-11-11 10:10 - 2015-10-31 20:43 - 02382848 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2015-11-11 10:10 - 2015-10-31 20:43 - 02129408 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-11-11 10:10 - 2015-10-31 20:43 - 00887296 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2015-11-11 10:10 - 2015-10-31 20:43 - 00724992 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-11-11 10:10 - 2015-10-31 20:43 - 00521728 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-11-11 10:10 - 2015-10-31 20:43 - 00453120 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2015-11-11 10:10 - 2015-10-31 20:43 - 00269824 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-11-11 10:10 - 2015-10-31 20:43 - 00234496 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2015-11-11 10:10 - 2015-10-31 20:43 - 00228864 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2015-11-11 10:10 - 2015-10-31 20:43 - 00173568 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2015-11-11 10:10 - 2015-10-31 20:43 - 00095744 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-11-11 10:10 - 2015-10-31 20:43 - 00081408 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2015-11-11 10:10 - 2015-10-31 20:43 - 00052224 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll
2015-11-11 10:10 - 2015-10-31 20:43 - 00012800 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe
2015-11-11 10:10 - 2015-10-31 20:43 - 00011264 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe
2015-11-11 10:10 - 2015-10-31 19:40 - 12376576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2015-11-11 10:10 - 2015-10-31 19:38 - 09727488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2015-11-11 10:10 - 2015-10-31 19:38 - 00367616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2015-11-11 10:10 - 2015-10-31 19:37 - 01830912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2015-11-11 10:10 - 2015-10-31 19:36 - 02382848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2015-11-11 10:10 - 2015-10-31 19:36 - 01789440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2015-11-11 10:10 - 2015-10-31 19:36 - 01436160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2015-11-11 10:10 - 2015-10-31 19:36 - 01093632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2015-11-11 10:10 - 2015-10-31 19:36 - 01088512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2015-11-11 10:10 - 2015-10-31 19:36 - 00711168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2015-11-11 10:10 - 2015-10-31 19:36 - 00615424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2015-11-11 10:10 - 2015-10-31 19:36 - 00412672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2015-11-11 10:10 - 2015-10-31 19:36 - 00358400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2015-11-11 10:10 - 2015-10-31 19:36 - 00232960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\url.dll
2015-11-11 10:10 - 2015-10-31 19:36 - 00216064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2015-11-11 10:10 - 2015-10-31 19:36 - 00173056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2015-11-11 10:10 - 2015-10-31 19:36 - 00142848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2015-11-11 10:10 - 2015-10-31 19:36 - 00077312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2015-11-11 10:10 - 2015-10-31 19:36 - 00064512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2015-11-11 10:10 - 2015-10-31 19:36 - 00042496 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedsbs.dll
2015-11-11 10:10 - 2015-10-31 19:36 - 00011776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshta.exe
2015-11-11 10:10 - 2015-10-31 19:36 - 00010752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedssync.exe
2015-11-11 09:45 - 2015-11-11 09:45 - 00000000 ____D C:\Users\nathalie\AppData\Local\{D4ACD4AE-971A-4C4A-9819-CB9676E4B0AE}
2015-11-10 20:36 - 2015-11-10 20:36 - 00000000 ____D C:\Users\nathalie\AppData\Local\{81CD56DA-502F-4026-953E-CB52C27F152A}
2015-11-10 14:33 - 2015-11-10 14:33 - 00020733 _____ C:\Users\nathalie\AppData\Local\recently-used.xbel
2015-11-10 07:55 - 2015-11-10 07:55 - 00000000 ____D C:\Users\nathalie\AppData\Local\{4EC6F1E4-DDB3-4786-B1A5-2B0AA867594D}
2015-11-09 11:49 - 2015-11-09 11:49 - 00000000 ____D C:\Users\nathalie\AppData\Local\{B68E5F2D-DEA2-40A3-AFDE-5CFBED745AC4}
2015-11-09 11:29 - 2015-11-09 11:29 - 00000000 ____D C:\Users\nathalie\AppData\Local\{6C5B90DD-A3F9-4400-B4C6-15EE659DCCC8}
2015-11-08 09:37 - 2015-11-08 09:38 - 00000000 ____D C:\Users\nathalie\AppData\Local\{617B7F6E-9AF5-40DB-8EE2-354CB1050096}
2015-11-07 10:19 - 2015-11-07 10:19 - 00000000 ____D C:\Users\nathalie\AppData\Local\{DEB62688-F3FD-4BD0-A36C-B08C1410D964}
2015-11-06 08:52 - 2015-11-06 08:52 - 00000000 ____D C:\Users\nathalie\AppData\Local\{D9060556-9692-4688-B69B-8BCCAF645A89}
2015-11-05 12:50 - 2015-11-05 12:50 - 00000000 ____D C:\Users\nathalie\AppData\Local\{98596D1B-5507-4D75-AE66-3A6A36DBB795}
2015-11-04 16:50 - 2015-11-04 16:50 - 00000000 ____D C:\Users\nathalie\AppData\Local\{B839F97E-47A8-4C80-9ABB-25844936678F}
2015-11-03 09:14 - 2015-11-03 09:14 - 00000000 ____D C:\Users\nathalie\AppData\Local\{187AF0D6-956A-4E58-BBFC-175CF72A3AE9}
2015-11-02 10:25 - 2015-11-02 10:25 - 00000000 ____D C:\Users\nathalie\AppData\Local\{E0C2EFBC-110D-4BE5-AF2C-64952742081E}
2015-11-01 09:33 - 2015-11-01 09:34 - 00000000 ____D C:\Users\nathalie\AppData\Local\{AB355FD2-B418-4437-A45E-D1307EDC6EE4}
2015-10-31 07:27 - 2015-10-31 07:27 - 00000000 ____D C:\Users\nathalie\AppData\Local\{D9340734-7473-4C3F-B5E5-58BCAAE5090A}
2015-10-30 09:29 - 2015-10-30 09:29 - 00000000 ____D C:\Users\nathalie\AppData\Local\{A4C53C83-3704-4C9E-8443-38AF191C02F8}
2015-10-29 09:10 - 2015-10-29 09:10 - 00000000 ____D C:\Users\nathalie\AppData\Local\{A692CF8F-D25E-44A0-8382-CDE18EC65C5C}
2015-10-28 20:36 - 2015-11-14 18:18 - 00678217 _____ C:\Windows\WindowsUpdate.log
2015-10-28 11:51 - 2015-10-28 11:51 - 00000000 ____D C:\Users\nathalie\AppData\Local\{FEAB8E9F-1C94-402C-AD5A-B0BAB194C20B}
2015-10-27 20:38 - 2015-10-27 20:38 - 00000000 ____D C:\Users\nathalie\AppData\Local\{D4F9FABE-F13A-445A-BB42-C55836052377}
2015-10-27 07:52 - 2015-10-27 07:53 - 00000000 ____D C:\Users\nathalie\AppData\Local\{C7D6112C-E47D-461C-A659-118266D5216F}
2015-10-26 08:53 - 2015-10-26 08:53 - 00000000 ____D C:\Users\nathalie\AppData\Local\{FF083F1E-84F0-406F-ACE3-7DBC23254FF0}
2015-10-25 08:09 - 2015-10-25 08:09 - 00000000 ____D C:\Users\nathalie\AppData\Local\{A4CA9EB2-BF60-4155-A970-F5F003B67CFB}
2015-10-24 10:17 - 2015-10-24 10:18 - 00000000 ____D C:\Users\nathalie\AppData\Local\{CBC758D5-4CDE-4632-A2AD-7AF0565F93F6}
2015-10-23 16:20 - 2015-10-23 16:20 - 00000000 ____D C:\Users\nathalie\AppData\Local\{DF629D99-3445-425F-A4B4-21A7B3B8AF58}
2015-10-22 17:57 - 2015-10-22 17:57 - 00000000 ____D C:\Users\nathalie\AppData\Local\{83844F54-9C6D-4C2F-9879-EDB0C9EBB11B}
2015-10-21 09:16 - 2015-10-21 09:16 - 00000000 ____D C:\Users\nathalie\AppData\Local\{667D7066-0A0D-4CE5-A052-3B786FE915FD}
2015-10-20 07:40 - 2015-10-20 07:40 - 00000000 ____D C:\Users\nathalie\AppData\Local\{93EEC25A-8FC6-4192-BD88-B874E49D8E8E}
2015-10-19 10:24 - 2015-10-19 10:25 - 00000000 ____D C:\Users\nathalie\AppData\Local\{2BAB3918-C14E-47A9-9D97-204AAD783291}
2015-10-18 07:56 - 2015-10-18 07:57 - 00000000 ____D C:\Users\nathalie\AppData\Local\{5BD14E8F-191F-4C73-A1D7-D89E92A34BE5}
2015-10-17 07:55 - 2015-10-17 07:55 - 00000000 ____D C:\Users\nathalie\AppData\Local\{EC2B2135-949C-4A36-BA28-4569B6086488}
2015-10-16 07:36 - 2015-10-16 07:37 - 00000000 ____D C:\Users\nathalie\AppData\Local\{C79A638B-4526-45D4-AF60-3FFDED5DF12A}
2015-10-15 19:30 - 2015-10-15 19:30 - 00000000 ____D C:\Users\nathalie\AppData\Local\{FC20BEA3-9A04-420B-B87E-8176C48719DA}
2015-10-15 18:56 - 2015-10-15 18:56 - 00000000 ____D C:\Users\nathalie\AppData\Local\{AE2C6B3B-CE08-498B-8FC7-936443257C01}
2015-10-15 06:49 - 2015-10-15 06:49 - 00000000 ____D C:\Users\nathalie\AppData\Local\{EE3BAD0C-DADF-4ED2-BFB0-539152BA6A12}

==================== Un mois - Modifiés - fichiers et dossiers ========

(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)

2015-11-14 18:02 - 2014-07-30 14:13 - 00001068 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-11-14 17:31 - 2009-05-15 14:47 - 00727290 _____ C:\Windows\system32\perfh00C.dat
2015-11-14 17:31 - 2009-05-15 14:47 - 00150408 _____ C:\Windows\system32\perfc00C.dat
2015-11-14 17:31 - 2006-11-02 13:46 - 01645158 _____ C:\Windows\system32\PerfStringBackup.INI
2015-11-14 17:25 - 2014-07-30 14:13 - 00001064 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-11-14 17:25 - 2012-04-04 12:58 - 00001002 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-11-14 17:24 - 2006-11-02 16:42 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2015-11-14 17:24 - 2006-11-02 16:22 - 00003744 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
2015-11-14 17:24 - 2006-11-02 16:22 - 00003744 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
2015-11-14 16:00 - 2006-11-02 16:42 - 00032586 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2015-11-14 15:34 - 2009-05-15 06:41 - 00000000 ____D C:\ProgramData\Temp
2015-11-14 14:43 - 2011-02-10 16:35 - 00000000 ____D C:\Users\nathalie\Desktop\LOGICIELS PERIPHERIQUES
2015-11-14 14:28 - 2009-08-01 08:55 - 00000000 ___RD C:\Users\nathalie\Desktop\raccourci moins utilisés
2015-11-14 12:47 - 2012-10-22 14:42 - 00000940 _____ C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3145036126-457181674-1837085233-1000UA.job
2015-11-13 18:57 - 2011-10-18 09:16 - 00003732 _____ C:\Windows\System32\Tasks\User_Feed_Synchronization-{34D273E5-5669-47F2-907D-8A22C9422737}
2015-11-11 18:25 - 2012-04-04 12:58 - 00780488 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-11-11 18:25 - 2012-04-04 12:58 - 00003854 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2015-11-11 18:25 - 2011-05-13 08:57 - 00142536 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-11-11 17:57 - 2006-11-02 14:33 - 00000000 ____D C:\Windows\rescache
2015-11-11 17:41 - 2006-11-02 16:21 - 00617904 _____ C:\Windows\system32\FNTCACHE.DAT
2015-11-11 17:38 - 2006-11-02 16:07 - 00000000 ____D C:\Program Files\Windows Journal
2015-11-11 17:38 - 2006-11-02 14:33 - 00000000 ____D C:\Windows\PolicyDefinitions
2015-11-11 10:58 - 2014-01-18 17:11 - 00000000 ____D C:\Windows\system32\MRT
2015-11-11 10:51 - 2006-11-02 13:35 - 145617392 _____ (Microsoft Corporation) C:\Windows\system32\mrt.exe
2015-11-11 10:49 - 2009-08-01 19:46 - 00000000 ____D C:\ProgramData\Microsoft Help
2015-11-11 10:42 - 2011-05-16 09:13 - 01611038 _____ C:\Windows\SysWOW64\PerfStringBackup.INI
2015-11-10 15:47 - 2012-10-22 14:42 - 00000918 _____ C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3145036126-457181674-1837085233-1000Core.job
2015-11-10 14:33 - 2014-11-06 11:22 - 00000000 ____D C:\Users\nathalie\AppData\Local\gtk-2.0
2015-11-10 14:33 - 2014-11-06 11:20 - 00000000 ____D C:\Users\nathalie\.gimp-2.8
2015-11-10 14:20 - 2015-03-09 09:41 - 00000000 ____D C:\Users\nathalie\Desktop\RETOUCHE PRINTEMPS
2015-11-10 09:18 - 2014-01-18 18:29 - 00000000 ____D C:\Users\nathalie\Desktop\DOSSIER EMPLOI
2015-11-09 16:05 - 2010-01-23 20:31 - 00002671 _____ C:\Users\nathalie\Desktop\Microsoft Office Word 2007.lnk
2015-11-08 16:01 - 2009-07-31 23:07 - 00136704 _____ C:\Users\nathalie\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2015-10-30 09:39 - 2014-12-26 10:58 - 00003886 _____ C:\Windows\System32\Tasks\Adobe Acrobat Update Task
2015-10-28 08:40 - 2014-11-01 08:40 - 00000332 _____ C:\Windows\Tasks\SuperEasyDriverUpdater_UPDATES.job
2015-10-24 15:55 - 2009-08-01 15:08 - 00000052 _____ C:\Windows\SysWOW64\DOErrors.log
2015-10-21 19:40 - 2010-10-23 08:43 - 00000000 ____D C:\Users\nathalie\AppData\Local\Windows Live Writer
2015-10-19 14:46 - 2015-01-24 15:58 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2015-10-16 07:48 - 2011-06-20 07:22 - 00002425 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader X.lnk

==================== Fichiers à la racine de certains dossiers =======

2009-08-03 18:33 - 2013-08-31 14:15 - 0002122 _____ () C:\Users\nathalie\AppData\Roaming\default.rss
2011-01-16 15:12 - 2011-01-16 15:12 - 0000000 _____ () C:\Users\nathalie\AppData\Roaming\downloads.m3u
2011-03-30 15:05 - 2011-03-30 18:06 - 0007833 _____ () C:\Users\nathalie\AppData\Roaming\ezplay.cat
2011-03-30 15:05 - 2011-03-30 18:06 - 0001127 _____ () C:\Users\nathalie\AppData\Roaming\ezplay.inf
2011-03-30 15:05 - 2011-03-30 15:05 - 0000125 _____ () C:\Users\nathalie\AppData\Roaming\ezplay.ini
2011-03-30 15:06 - 2011-03-30 18:06 - 0000033 _____ () C:\Users\nathalie\AppData\Roaming\ezplay.log
2011-03-30 15:03 - 2011-03-30 18:06 - 0007859 _____ () C:\Users\nathalie\AppData\Roaming\pcouffin.cat
2011-03-30 15:03 - 2011-03-30 18:06 - 0001167 _____ () C:\Users\nathalie\AppData\Roaming\pcouffin.inf
2011-03-30 15:05 - 2011-03-30 18:06 - 0000033 _____ () C:\Users\nathalie\AppData\Roaming\pcouffin.log
2011-03-30 15:03 - 2011-03-30 18:06 - 0082816 _____ (VSO Software) C:\Users\nathalie\AppData\Roaming\pcouffin.sys
2009-11-24 17:18 - 2015-09-21 07:49 - 0000680 _____ () C:\Users\nathalie\AppData\Local\d3d9caps.dat
2009-07-31 23:07 - 2015-11-08 16:01 - 0136704 _____ () C:\Users\nathalie\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2009-10-25 20:18 - 2009-10-25 20:18 - 0069656 _____ () C:\Users\nathalie\AppData\Local\dd_depcheckdotnetfx30.txt
2009-10-25 20:17 - 2009-10-25 20:18 - 0000596 _____ () C:\Users\nathalie\AppData\Local\dd_dotnetfx3error.txt
2009-10-25 20:17 - 2009-10-25 20:18 - 0057210 _____ () C:\Users\nathalie\AppData\Local\dd_dotnetfx3install.txt
2009-07-31 20:46 - 2009-07-31 20:53 - 0424746 _____ () C:\Users\nathalie\AppData\Local\dd_vcredistMSI1F01.txt
2014-05-07 13:13 - 2014-05-07 13:13 - 0444690 _____ () C:\Users\nathalie\AppData\Local\dd_vcredistMSI213C.txt
2011-05-16 09:10 - 2011-05-16 09:11 - 0459904 _____ () C:\Users\nathalie\AppData\Local\dd_vcredistMSI2544.txt
2011-05-16 09:11 - 2011-05-16 09:12 - 0463854 _____ () C:\Users\nathalie\AppData\Local\dd_vcredistMSI25E7.txt
2009-09-18 15:36 - 2009-09-18 15:36 - 0334408 _____ () C:\Users\nathalie\AppData\Local\dd_vcredistMSI262A.txt
2014-05-07 13:26 - 2014-05-07 13:26 - 0355176 _____ () C:\Users\nathalie\AppData\Local\dd_vcredistMSI2B26.txt
2010-11-17 09:08 - 2010-11-17 09:08 - 0448806 _____ () C:\Users\nathalie\AppData\Local\dd_vcredistMSI33CC.txt
2014-05-07 13:43 - 2014-05-07 13:43 - 0412946 _____ () C:\Users\nathalie\AppData\Local\dd_vcredistMSI3853.txt
2009-07-31 21:47 - 2009-07-31 21:47 - 0335986 _____ () C:\Users\nathalie\AppData\Local\dd_vcredistMSI4D69.txt
2010-11-04 09:38 - 2010-11-04 09:39 - 0422216 _____ () C:\Users\nathalie\AppData\Local\dd_vcredistMSI5325.txt
2011-05-11 07:41 - 2011-05-11 07:41 - 0456040 _____ () C:\Users\nathalie\AppData\Local\dd_vcredistMSI5A6F.txt
2009-07-31 20:46 - 2009-07-31 20:53 - 0011416 _____ () C:\Users\nathalie\AppData\Local\dd_vcredistUI1F01.txt
2014-05-07 13:13 - 2014-05-07 13:13 - 0011216 _____ () C:\Users\nathalie\AppData\Local\dd_vcredistUI213C.txt
2011-05-16 09:10 - 2011-05-16 09:11 - 0011682 _____ () C:\Users\nathalie\AppData\Local\dd_vcredistUI2544.txt
2011-05-16 09:11 - 2011-05-16 09:12 - 0011714 _____ () C:\Users\nathalie\AppData\Local\dd_vcredistUI25E7.txt
2009-09-18 15:36 - 2009-09-18 15:36 - 0011170 _____ () C:\Users\nathalie\AppData\Local\dd_vcredistUI262A.txt
2014-05-07 13:26 - 2014-05-07 13:26 - 0011442 _____ () C:\Users\nathalie\AppData\Local\dd_vcredistUI2B26.txt
2010-11-17 09:08 - 2010-11-17 09:08 - 0011152 _____ () C:\Users\nathalie\AppData\Local\dd_vcredistUI33CC.txt
2014-05-07 13:43 - 2014-05-07 13:43 - 0012864 _____ () C:\Users\nathalie\AppData\Local\dd_vcredistUI3853.txt
2009-07-31 21:47 - 2009-07-31 21:47 - 0062862 _____ () C:\Users\nathalie\AppData\Local\dd_vcredistUI4D69.txt
2010-11-04 09:38 - 2010-11-04 09:39 - 0013874 _____ () C:\Users\nathalie\AppData\Local\dd_vcredistUI5325.txt
2011-05-11 07:41 - 2011-05-11 07:41 - 0011168 _____ () C:\Users\nathalie\AppData\Local\dd_vcredistUI5A6F.txt
2011-02-15 11:05 - 2011-02-15 11:06 - 1087178 _____ () C:\Users\nathalie\AppData\Local\dd_vstor40_x64MSI056E.txt
2011-06-29 08:37 - 2011-06-29 08:41 - 2144696 _____ () C:\Users\nathalie\AppData\Local\dd_vstor40_x64MSI7991.txt
2011-02-15 11:05 - 2011-02-15 11:06 - 0011308 _____ () C:\Users\nathalie\AppData\Local\dd_vstor40_x64UI056E.txt
2011-06-29 08:37 - 2011-06-29 08:41 - 0011244 _____ () C:\Users\nathalie\AppData\Local\dd_vstor40_x64UI7991.txt
2015-11-10 14:33 - 2015-11-10 14:33 - 0020733 _____ () C:\Users\nathalie\AppData\Local\recently-used.xbel
2009-10-25 20:17 - 2009-10-25 20:18 - 0002108 _____ () C:\Users\nathalie\AppData\Local\uxeventlog.txt
2012-10-16 15:58 - 2012-10-16 15:58 - 0082878 _____ () C:\ProgramData\gnsczthdldgkfid
2010-04-10 12:11 - 2015-04-13 08:48 - 0003856 _____ () C:\ProgramData\hpzinstall.log
2013-02-10 11:42 - 2013-02-10 11:42 - 0004934 _____ () C:\ProgramData\mtbjfghn.xbe

Certains fichiers dans TEMP:
====================
C:\Users\nathalie\AppData\Local\Temp\avgnt.exe


==================== Bamital & volsnap =================

(Il n'y a pas de correction automatique pour les fichiers qui ne satisfont pas à la vérification.)

C:\Windows\system32\winlogon.exe => Le fichier est signé numériquement
C:\Windows\system32\wininit.exe => Le fichier est signé numériquement
C:\Windows\SysWOW64\wininit.exe => Le fichier est signé numériquement
C:\Windows\explorer.exe => Le fichier est signé numériquement
C:\Windows\SysWOW64\explorer.exe => Le fichier est signé numériquement
C:\Windows\system32\svchost.exe => Le fichier est signé numériquement
C:\Windows\SysWOW64\svchost.exe => Le fichier est signé numériquement
C:\Windows\system32\services.exe => Le fichier est signé numériquement
C:\Windows\system32\User32.dll => Le fichier est signé numériquement
C:\Windows\SysWOW64\User32.dll => Le fichier est signé numériquement
C:\Windows\system32\userinit.exe => Le fichier est signé numériquement
C:\Windows\SysWOW64\userinit.exe => Le fichier est signé numériquement
C:\Windows\system32\rpcss.dll => Le fichier est signé numériquement
C:\Windows\system32\dnsapi.dll => Le fichier est signé numériquement
C:\Windows\SysWOW64\dnsapi.dll => Le fichier est signé numériquement
C:\Windows\system32\Drivers\volsnap.sys => Le fichier est signé numériquement


LastRegBack: 2015-11-14 17:31

==================== Fin de FRST.txt ============================

Publicité


Signaler le contenu de ce document

Publicité