Publicité
Publicité
Format du document : text/plain
Prévisualisation
Résultats d'analyse de Farbar Recovery Scan Tool (FRST) (x86) Version: 11-07-2017
Exécuté par Meunier Nicolas (administrateur) sur PC-DE-MEUNIER-G (13-07-2017 18:47:13)
Exécuté depuis D:\Users\Meunier Nicolas\Desktop
Profils chargés: Meunier Nicolas (Profils disponibles: Meunier Nicolas)
Platform: Microsoft® Windows Vista™ Édition Familiale Premium Service Pack 2 (X86) Langue: Français (France)
Internet Explorer Version 9 (Navigateur par défaut: Opera)
Mode d'amorçage: Normal
Tutoriel pour Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processus (Avec liste blanche) =================
(Si un élément est inclus dans le fichier fixlist.txt, le processus sera arrêté. Le fichier ne sera pas déplacé.)
(Microsoft Corporation) C:\Windows\System32\SLsvc.exe
(AVAST Software) C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
() C:\Program Files\Unlocker\UnlockerAssistant.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner.exe
(AVAST Software) C:\Program Files\Alwil Software\Avast5\avastui.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(TeamViewer GmbH) C:\Program Files\TeamViewer\TeamViewer_Service.exe
(AVAST Software s.r.o.) C:\Program Files\Alwil Software\Avast5\aswidsagent.exe
(Valve Corporation) C:\Program Files\Steam\Steam.exe
(Valve Corporation) C:\Program Files\Steam\bin\cef\cef.winxp\steamwebhelper.exe
(Valve Corporation) C:\Program Files\Common Files\Steam\SteamService.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Adobe Systems Incorporated) C:\Windows\System32\Macromed\Flash\FlashUtil32_26_0_0_137_ActiveX.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
==================== Registre (Avec liste blanche) ====================
(Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé. Le fichier ne sera pas déplacé.)
HKLM\...\Run: [Windows Defender] => C:\Program Files\Windows Defender\MSASCui.exe [1008184 2008-01-21] (Microsoft Corporation)
HKLM\...\Run: [UnlockerAssistant] => C:\Program Files\Unlocker\UnlockerAssistant.exe [6144 2006-03-03] ()
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\Alwil Software\Avast5\AvLaunch.exe [213832 2017-07-06] (AVAST Software)
HKLM\...\Run: [ConnectionCenter] => C:\Program Files\Citrix\ICA Client\concentr.exe [526648 2016-09-05] (Citrix Systems, Inc.)
HKLM\...\Run: [Redirector] => C:\Program Files\Citrix\ICA Client\redirector.exe [231736 2016-09-05] (Citrix Systems, Inc.)
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKU\S-1-5-21-738365936-2945050022-965498131-1000\...\Run: [ehTray.exe] => C:\Windows\ehome\ehTray.exe [125952 2008-01-21] (Microsoft Corporation)
HKU\S-1-5-21-738365936-2945050022-965498131-1000\...\Run: [WMPNSCFG] => C:\Program Files\Windows Media Player\WMPNSCFG.exe [202240 2008-01-21] (Microsoft Corporation)
HKU\S-1-5-21-738365936-2945050022-965498131-1000\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner.exe [7618776 2017-05-05] (Piriform Ltd)
HKU\S-1-5-21-738365936-2945050022-965498131-1000\...\Policies\system: [LogonHoursAction] 2
HKU\S-1-5-21-738365936-2945050022-965498131-1000\...\Policies\system: [DontDisplayLogonHoursWarnings] 1
HKU\S-1-5-21-738365936-2945050022-965498131-1000\...\MountPoints2: {0eb5609a-0d7e-11df-9703-002215fae372} - H:\KIT-AUTO-ENTREPRENEUR.exe
HKU\S-1-5-21-738365936-2945050022-965498131-1000\...\MountPoints2: {417f4003-e7c8-11dd-ae6c-806e6f6e6963} - E:\SETUP.EXE
HKU\S-1-5-21-738365936-2945050022-965498131-1000\...\MountPoints2: {4a38ef57-9597-11e0-83cc-002215fae372} - I:\iStudio.exe
HKU\S-1-5-21-738365936-2945050022-965498131-1000\...\MountPoints2: {7d8739a8-e967-11dd-876a-002215fae372} - G:\Launch.exe
HKU\S-1-5-21-738365936-2945050022-965498131-1000\...\MountPoints2: {ced3e4ac-9080-11de-9731-002215fae372} - G:\setup.exe
GroupPolicy: Restriction ? <==== ATTENTION
GroupPolicy\User: Restriction ? <==== ATTENTION
GroupPolicyUsers\S-1-5-21-738365936-2945050022-965498131-1002\User: Restriction <==== ATTENTION
==================== Internet (Avec liste blanche) ====================
(Si un élément est inclus dans le fichier fixlist.txt, s'il s'agit d'un élément du Registre, il sera supprimé ou restauré à la valeur par défaut.)
Winsock: Catalog5 07 C:\Program Files\Bonjour\mdnsNSP.dll [121704 2011-07-12] (Apple Inc.)
Hosts: Fichier hosts non détecté dans le dossier par défaut
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{A7989F58-B4EF-4ECA-8FE9-D4F4523CADA8}: [DhcpNameServer] 192.168.1.1
Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKU\S-1-5-21-738365936-2945050022-965498131-1000\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7&rlz=
HKU\S-1-5-21-738365936-2945050022-965498131-1000\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://fr.msn.com/?ocid=iehp
HKU\S-1-5-21-738365936-2945050022-965498131-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://ceod05-ondemand.cegid.com/Citrix/XenApp/auth/login.aspx
SearchScopes: HKU\S-1-5-21-738365936-2945050022-965498131-1000 -> DefaultScope {4CB922FE-D86C-4977-9C2A-924675FD42AD} URL = hxxp://www.google.fr/search?hl=fr&q={searchTerms}+&meta=
SearchScopes: HKU\S-1-5-21-738365936-2945050022-965498131-1000 -> {4CB922FE-D86C-4977-9C2A-924675FD42AD} URL = hxxp://www.google.fr/search?hl=fr&q={searchTerms}+&meta=
BHO: Canon Easy-WebPrint EX BHO -> {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} -> C:\Program Files\Canon\Easy-WebPrint EX\ewpexbho.dll [2009-11-25] (CANON INC.)
BHO: Pas de nom -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> Pas de fichier
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll [2017-07-06] (AVAST Software)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre6\bin\jp2ssv.dll => Pas de fichier
Toolbar: HKLM - Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files\Canon\Easy-WebPrint EX\ewpexhlp.dll [2009-11-25] (CANON INC.)
Toolbar: HKU\S-1-5-21-738365936-2945050022-965498131-1000 -> Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files\Canon\Easy-WebPrint EX\ewpexhlp.dll [2009-11-25] (CANON INC.)
Filter: application/x-ica - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll [2016-09-05] (Citrix Systems, Inc.)
Filter: application/x-ica; charset=euc-jp - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll [2016-09-05] (Citrix Systems, Inc.)
Filter: application/x-ica; charset=ISO-8859-1 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll [2016-09-05] (Citrix Systems, Inc.)
Filter: application/x-ica; charset=MS936 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll [2016-09-05] (Citrix Systems, Inc.)
Filter: application/x-ica; charset=MS949 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll [2016-09-05] (Citrix Systems, Inc.)
Filter: application/x-ica; charset=MS950 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll [2016-09-05] (Citrix Systems, Inc.)
Filter: application/x-ica; charset=UTF-8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll [2016-09-05] (Citrix Systems, Inc.)
Filter: application/x-ica; charset=UTF8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll [2016-09-05] (Citrix Systems, Inc.)
Filter: application/x-ica;charset=euc-jp - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll [2016-09-05] (Citrix Systems, Inc.)
Filter: application/x-ica;charset=ISO-8859-1 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll [2016-09-05] (Citrix Systems, Inc.)
Filter: application/x-ica;charset=MS936 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll [2016-09-05] (Citrix Systems, Inc.)
Filter: application/x-ica;charset=MS949 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll [2016-09-05] (Citrix Systems, Inc.)
Filter: application/x-ica;charset=MS950 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll [2016-09-05] (Citrix Systems, Inc.)
Filter: application/x-ica;charset=UTF-8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll [2016-09-05] (Citrix Systems, Inc.)
Filter: application/x-ica;charset=UTF8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll [2016-09-05] (Citrix Systems, Inc.)
Filter: ica - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll [2016-09-05] (Citrix Systems, Inc.)
FireFox:
========
FF ProfilePath: D:\Users\Meunier Nicolas\AppData\Roaming\Mozilla\Firefox\Profiles\90rjlnt7.default [2017-07-13]
FF Homepage: Mozilla\Firefox\Profiles\90rjlnt7.default -> www.google.fr
FF Keyword.URL: Mozilla\Firefox\Profiles\90rjlnt7.default -> hxxp://r.orange.fr/r?ref=O_OI_hook_openSearchFF&url=http%3A//rws.search.ke.voila.fr/RW/S/opensearch_orange?rdata=
FF Extension: (Visualisateur 3D de 20-20) - D:\Users\Meunier Nicolas\AppData\Roaming\Mozilla\Firefox\Profiles\90rjlnt7.default\Extensions\2020Player_IKEA@2020Technologies.com [2014-05-25] [non signé]
FF Extension: (Firefox 3 theme for Firefox 4+) - D:\Users\Meunier Nicolas\AppData\Roaming\Mozilla\Firefox\Profiles\90rjlnt7.default\Extensions\ffe_ff3ff4@game-point.net.xpi [2012-06-27] [non signé]
FF Extension: (Classic Compact Options) - D:\Users\Meunier Nicolas\AppData\Roaming\Mozilla\Firefox\Profiles\90rjlnt7.default\Extensions\notreal.ccoptions@environmentalchemistry.com.xpi [2015-04-26]
FF Extension: (Avast SafePrice) - D:\Users\Meunier Nicolas\AppData\Roaming\Mozilla\Firefox\Profiles\90rjlnt7.default\Extensions\sp@avast.com.xpi [2017-06-01]
FF Extension: (Avast Online Security) - D:\Users\Meunier Nicolas\AppData\Roaming\Mozilla\Firefox\Profiles\90rjlnt7.default\Extensions\wrc@avast.com.xpi [2017-06-01]
FF Extension: (YouTube to MP3) - D:\Users\Meunier Nicolas\AppData\Roaming\Mozilla\Firefox\Profiles\90rjlnt7.default\Extensions\youtube2mp3@mondayx.de.xpi [2016-05-01]
FF Extension: (Microsoft .NET Framework Assistant) - D:\Users\Meunier Nicolas\AppData\Roaming\Mozilla\Firefox\Profiles\90rjlnt7.default\Extensions\{20a82645-c095-46ed-80e3-08825760534b} [2010-04-27] [non signé]
FF Extension: (Video DownloadHelper) - D:\Users\Meunier Nicolas\AppData\Roaming\Mozilla\Firefox\Profiles\90rjlnt7.default\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}.xpi [2017-05-11]
FF Extension: (Adblock Plus) - D:\Users\Meunier Nicolas\AppData\Roaming\Mozilla\Firefox\Profiles\90rjlnt7.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2017-06-09]
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF Extension: (Microsoft .NET Framework Assistant) - C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension [2009-07-09] [non signé]
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32_26_0_0_137.dll [2017-07-11] ()
FF Plugin: @adobe.com/ShockwavePlayer -> C:\Windows\system32\Adobe\Director\np32dsw_1216156.dll [2015-01-09] (Adobe Systems, Inc.)
FF Plugin: @Apple.com/iTunes,version=1.0 -> C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll [2011-07-14] ()
FF Plugin: @calps.plugin -> C:\Program Files\calps\npCalps.dll [2009-02-17] (CEGID)
FF Plugin: @canon.com/EPPEX -> C:\Program Files\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL [2009-09-07] (CANON INC.)
FF Plugin: @Citrix.com/npican -> C:\Program Files\Citrix\ICA Client\npicaN.dll [2016-09-05] (Citrix Systems, Inc.)
FF Plugin: @divx.com/DivX Browser Plugin,version=1.0.0 -> C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll [2010-08-25] (DivX,Inc.)
FF Plugin: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll [2011-01-24] (DivX, LLC.)
FF Plugin: @Google.com/GoogleEarthPlugin -> C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll [2013-10-07] (Google)
FF Plugin: @java.com/DTPlugin -> C:\Program Files\Java\jre6\bin\dtplugin\npDeployJava1.dll [Pas de fichier]
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.50428.0\npctrl.dll [2016-04-27] ( Microsoft Corporation)
FF Plugin: @microsoft.com/WPF,version=3.5 -> C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll [2008-07-30] (Microsoft Corporation)
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-04-30] (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-04-30] (Google Inc.)
FF Plugin: @unisys.com/npornap -> C:\Program Files\Orange\CAP Nap Plugin ActiveX [2013-10-25] ()
FF Plugin: @veetle.com/vbp;version=0.9.17 -> C:\Program Files\Veetle\VLCBroadcast\npvbp.dll [Pas de fichier]
FF Plugin: @videolan.org/vlc,version=2.1.3 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2014-02-05] (VideoLAN)
FF Plugin: @virtools.com/3DviaPlayer -> C:\Program Files\Virtools\3D Life Player\npvirtools.dll [2009-11-14] (Dassault Systèmes)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll [2015-09-24] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-738365936-2945050022-965498131-1000: @unity3d.com/UnityPlayer,version=1.0 -> D:\Users\Meunier Nicolas\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2016-02-14] (Unity Technologies ApS)
FF Plugin HKU\S-1-5-21-738365936-2945050022-965498131-1000: ubisoft.com/uplaypc -> C:\Program Files\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll [2016-05-05] ()
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\np-mswmp.dll [2007-04-10] (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npornap.dll [2009-09-08] (UNISYS France)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nppdf32.dll [2015-09-24] (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin.dll [2011-07-30] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin2.dll [2011-07-30] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin3.dll [2011-07-30] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin4.dll [2011-07-30] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin5.dll [2011-07-30] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin6.dll [2011-07-30] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin7.dll [2011-07-30] (Apple Inc.)
==================== Services (Avec liste blanche) ====================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
S3 AdobeFlashPlayerUpdateSvc; C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [272384 2017-07-11] (Adobe Systems Incorporated) [Fichier non signé]
R3 aswbIDSAgent; C:\Program Files\Alwil Software\Avast5\aswidsagent.exe [5815840 2017-07-06] (AVAST Software s.r.o.)
R2 avast! Antivirus; C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [263312 2017-07-06] (AVAST Software)
S3 DAUpdaterSvc; D:\Jeux\Dragon Age\bin_ship\DAUpdaterSvc.Service.exe [25832 2009-07-26] (BioWare)
S3 IDriverT; C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-04] (Macrovision Corporation) [Fichier non signé]
S4 NMIndexingService; C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe [262144 2006-12-23] (Nero AG) [Fichier non signé]
S3 Origin Client Service; C:\Program Files\Origin\OriginClientService.exe [2119688 2016-10-25] (Electronic Arts)
R2 TeamViewer; C:\Program Files\TeamViewer\TeamViewer_Service.exe [7032080 2016-05-12] (TeamViewer GmbH)
S2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [272952 2008-01-21] (Microsoft Corporation)
S3 AvastVBoxSvc; "C:\Program Files\Alwil Software\Avast5\ng\vbox\AvastVBoxSVC.exe" [X]
===================== Pilotes (Avec liste blanche) ======================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
R1 AsIO; C:\Windows\System32\drivers\AsIO.sys [12400 2007-12-17] ()
R1 aswbidsdriver; C:\Windows\system32\drivers\aswbidsdriverx.sys [266976 2017-07-06] (AVAST Software s.r.o.)
R0 aswbidsh; C:\Windows\system32\drivers\aswbidshx.sys [157384 2017-07-06] (AVAST Software s.r.o.)
R0 aswblog; C:\Windows\system32\drivers\aswblogx.sys [276704 2017-07-06] (AVAST Software s.r.o.)
R0 aswbuniv; C:\Windows\system32\drivers\aswbunivx.sys [50352 2017-07-06] (AVAST Software s.r.o.)
S3 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [42824 2017-07-06] (AVAST Software)
R1 aswKbd; C:\Windows\system32\drivers\aswKbd.sys [39752 2017-07-06] (AVAST Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [123896 2017-07-06] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr.sys [70088 2017-07-06] (AVAST Software)
R0 aswRvrt; C:\Windows\system32\drivers\aswRvrt.sys [70840 2017-07-06] (AVAST Software)
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [774288 2017-07-06] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [496976 2017-07-06] (AVAST Software)
R3 aswStmXP; C:\Windows\system32\drivers\aswStmXP.sys [202688 2017-07-06] (AVAST Software)
R0 aswVmm; C:\Windows\system32\drivers\aswVmm.sys [296312 2017-07-06] (AVAST Software)
S3 camfilt2; C:\Windows\System32\DRIVERS\camfilt2.sys [94720 2007-08-06] (Guillemot Corporation)
R3 L1E; C:\Windows\System32\DRIVERS\L1E60x86.sys [47616 2008-06-30] (Atheros Communications, Inc.)
R3 MTsensor; C:\Windows\System32\DRIVERS\ASACPI.sys [7680 2006-10-18] ()
R0 mv61xx; C:\Windows\System32\DRIVERS\mv61xx.sys [150568 2008-06-24] (Marvell Semiconductor, Inc.)
R2 npf; C:\Windows\System32\drivers\npf.sys [35088 2011-02-11] (CACE Technologies, Inc.)
S3 SNPSTD3; C:\Windows\System32\DRIVERS\snpstd3.sys [10371072 2007-07-17] (Sonix Co. Ltd.)
R0 sptd; C:\Windows\System32\Drivers\sptd.sys [691696 2010-06-14] () [Fichier non signé]
U3 anunot8s; C:\Windows\system32\Drivers\anunot8s.sys [0 ] (Microsoft Corporation) <==== ATTENTION (zéro octet Fichier/Dossier)
==================== NetSvcs (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
==================== Un mois - Créés - fichiers et dossiers ========
(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)
2017-07-13 18:47 - 2017-07-13 18:47 - 00000000 ____D C:\FRST
2017-07-13 16:06 - 2017-07-13 16:06 - 00000000 ____D C:\ProgramData\SWCUTemp
2017-07-13 09:15 - 2017-07-13 16:13 - 00000182 _____ D:\Users\Meunier
2017-07-06 13:56 - 2017-07-06 13:55 - 00303280 ____N (AVAST Software) C:\Windows\system32\aswBoot.exe
2017-06-24 09:07 - 2017-06-24 09:07 - 00000655 _____ C:\Users\Public\Desktop\Opera.lnk
2017-06-24 09:07 - 2017-06-24 09:07 - 00000655 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Opera.lnk
2017-06-24 09:07 - 2017-06-24 09:07 - 00000000 ____D C:\Program Files\Opera
==================== Un mois - Modifiés - fichiers et dossiers ========
(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)
2017-07-13 17:59 - 2006-11-02 14:47 - 00003840 _____ C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
2017-07-13 17:59 - 2006-11-02 14:47 - 00003840 _____ C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
2017-07-13 16:51 - 2017-04-22 20:39 - 00000000 ____D C:\Program Files\Steam
2017-07-13 16:12 - 2009-01-23 10:06 - 00000000 ____D D:\Users\Meunier Nicolas
2017-07-13 15:59 - 2006-11-02 15:01 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2017-07-13 15:57 - 2006-11-02 15:01 - 00032588 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2017-07-13 10:24 - 2017-04-22 20:39 - 00000000 ____D C:\Program Files\Common Files\Steam
2017-07-13 09:16 - 2008-01-21 10:41 - 01690622 _____ C:\Windows\system32\PerfStringBackup.INI
2017-07-13 09:16 - 2008-01-21 10:40 - 00749152 _____ C:\Windows\system32\perfh00C.dat
2017-07-13 09:16 - 2008-01-21 10:40 - 00158510 _____ C:\Windows\system32\perfc00C.dat
2017-07-13 09:16 - 2006-11-02 13:18 - 00000000 ____D C:\Windows\inf
2017-07-11 21:23 - 2012-04-04 18:45 - 00803328 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
2017-07-11 21:23 - 2011-05-14 01:08 - 00144896 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl
2017-07-11 21:23 - 2009-01-23 11:59 - 00000000 ____D C:\Windows\system32\Macromed
2017-07-10 20:07 - 2016-12-04 16:14 - 00000000 ____D C:\Program Files\Mozilla Firefox
2017-07-10 20:07 - 2009-11-29 00:59 - 00000370 _____ C:\Windows\Tasks\Ad-Aware Update (Weekly).job
2017-07-09 09:53 - 2009-01-23 11:08 - 00000000 ____D C:\Program Files\Windows Live
2017-07-09 09:52 - 2006-11-02 13:18 - 00000000 ____D C:\Program Files\Common Files\microsoft shared
2017-07-09 09:51 - 2016-09-26 21:45 - 00000000 ____D C:\Program Files\VLMC
2017-07-09 09:51 - 2009-07-30 12:28 - 00000000 ____D C:\ProgramData\ViaMichelin
2017-07-09 09:51 - 2009-01-21 16:59 - 00000000 ___HD C:\Program Files\InstallShield Installation Information
2017-07-09 09:49 - 2011-04-09 14:27 - 00000000 ____D C:\Program Files\Google
2017-07-09 09:48 - 2012-04-28 09:30 - 00000000 ____D C:\Program Files\Mozilla Maintenance Service
2017-07-06 13:56 - 2013-03-17 13:47 - 00296312 ____N (AVAST Software) C:\Windows\system32\Drivers\aswvmm.sys
2017-07-06 13:55 - 2017-02-19 18:08 - 00276704 ____N (AVAST Software s.r.o.) C:\Windows\system32\Drivers\aswblogx.sys
2017-07-06 13:55 - 2017-02-19 18:08 - 00266976 ____N (AVAST Software s.r.o.) C:\Windows\system32\Drivers\aswbidsdriverx.sys
2017-07-06 13:55 - 2017-02-19 18:08 - 00157384 ____N (AVAST Software s.r.o.) C:\Windows\system32\Drivers\aswbidshx.sys
2017-07-06 13:55 - 2017-02-19 18:08 - 00050352 ____N (AVAST Software s.r.o.) C:\Windows\system32\Drivers\aswbunivx.sys
2017-07-06 13:55 - 2016-04-16 10:49 - 00039752 ____N (AVAST Software) C:\Windows\system32\Drivers\aswKbd.sys
2017-07-06 13:55 - 2015-08-23 12:21 - 00202688 ____N (AVAST Software) C:\Windows\system32\Drivers\aswStmXP.sys
2017-07-06 13:55 - 2014-04-21 14:36 - 00042824 ____N (AVAST Software) C:\Windows\system32\Drivers\aswHwid.sys
2017-07-06 13:55 - 2013-03-17 13:47 - 00070840 ____N (AVAST Software) C:\Windows\system32\Drivers\aswRvrt.sys
2017-07-06 13:55 - 2011-05-18 12:34 - 00774288 ____N (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys
2017-07-06 13:55 - 2009-01-23 10:55 - 00496976 ____N (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys
2017-07-06 13:55 - 2009-01-23 10:55 - 00123896 ____N (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2017-07-06 13:55 - 2009-01-23 10:55 - 00070088 ____N (AVAST Software) C:\Windows\system32\Drivers\aswRdr.sys
2017-06-21 19:45 - 2009-11-16 20:00 - 00000000 ____D C:\Windows\Minidump
2017-06-15 18:17 - 2014-03-30 22:53 - 00000000 ____D C:\Program Files\Common Files\Adobe AIR
2017-06-14 22:20 - 2013-01-29 23:26 - 00000000 ____D C:\Mes documents
==================== Fichiers à la racine de certains dossiers =======
2009-01-23 17:43 - 2014-06-07 04:23 - 0149504 _____ () D:\Users\Meunier Nicolas\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2009-02-04 16:28 - 2009-02-04 16:28 - 0000103 _____ () D:\Users\Meunier Nicolas\AppData\Local\fusioncache.dat
2011-05-15 20:19 - 2013-03-05 22:21 - 0004742 _____ () D:\Users\Meunier Nicolas\AppData\Local\LOG_calps.txt
2009-02-05 15:49 - 2009-02-05 15:49 - 0000336 _____ () D:\Users\Meunier Nicolas\AppData\Local\magnifier.ini
2011-06-15 09:51 - 2011-07-16 18:37 - 0000193 _____ () C:\ProgramData\Microsoft.SqlServer.Compact.351.32.bc
==================== Bamital & volsnap ======================
(Il n'y a pas de correction automatique pour les fichiers qui ne satisfont pas à la vérification.)
C:\Windows\explorer.exe => Le fichier est signé numériquement
C:\Windows\system32\winlogon.exe => Le fichier est signé numériquement
C:\Windows\system32\wininit.exe => Le fichier est signé numériquement
C:\Windows\system32\svchost.exe => Le fichier est signé numériquement
C:\Windows\system32\services.exe => Le fichier est signé numériquement
C:\Windows\system32\User32.dll => Le fichier est signé numériquement
C:\Windows\system32\userinit.exe => Le fichier est signé numériquement
C:\Windows\system32\rpcss.dll => Le fichier est signé numériquement
C:\Windows\system32\dnsapi.dll => Le fichier est signé numériquement
C:\Windows\system32\Drivers\volsnap.sys => Le fichier est signé numériquement
LastRegBack: 2017-07-13 16:05
==================== Fin de FRST.txt ============================
Exécuté par Meunier Nicolas (administrateur) sur PC-DE-MEUNIER-G (13-07-2017 18:47:13)
Exécuté depuis D:\Users\Meunier Nicolas\Desktop
Profils chargés: Meunier Nicolas (Profils disponibles: Meunier Nicolas)
Platform: Microsoft® Windows Vista™ Édition Familiale Premium Service Pack 2 (X86) Langue: Français (France)
Internet Explorer Version 9 (Navigateur par défaut: Opera)
Mode d'amorçage: Normal
Tutoriel pour Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processus (Avec liste blanche) =================
(Si un élément est inclus dans le fichier fixlist.txt, le processus sera arrêté. Le fichier ne sera pas déplacé.)
(Microsoft Corporation) C:\Windows\System32\SLsvc.exe
(AVAST Software) C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
() C:\Program Files\Unlocker\UnlockerAssistant.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner.exe
(AVAST Software) C:\Program Files\Alwil Software\Avast5\avastui.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(TeamViewer GmbH) C:\Program Files\TeamViewer\TeamViewer_Service.exe
(AVAST Software s.r.o.) C:\Program Files\Alwil Software\Avast5\aswidsagent.exe
(Valve Corporation) C:\Program Files\Steam\Steam.exe
(Valve Corporation) C:\Program Files\Steam\bin\cef\cef.winxp\steamwebhelper.exe
(Valve Corporation) C:\Program Files\Common Files\Steam\SteamService.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Adobe Systems Incorporated) C:\Windows\System32\Macromed\Flash\FlashUtil32_26_0_0_137_ActiveX.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
==================== Registre (Avec liste blanche) ====================
(Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé. Le fichier ne sera pas déplacé.)
HKLM\...\Run: [Windows Defender] => C:\Program Files\Windows Defender\MSASCui.exe [1008184 2008-01-21] (Microsoft Corporation)
HKLM\...\Run: [UnlockerAssistant] => C:\Program Files\Unlocker\UnlockerAssistant.exe [6144 2006-03-03] ()
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\Alwil Software\Avast5\AvLaunch.exe [213832 2017-07-06] (AVAST Software)
HKLM\...\Run: [ConnectionCenter] => C:\Program Files\Citrix\ICA Client\concentr.exe [526648 2016-09-05] (Citrix Systems, Inc.)
HKLM\...\Run: [Redirector] => C:\Program Files\Citrix\ICA Client\redirector.exe [231736 2016-09-05] (Citrix Systems, Inc.)
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKU\S-1-5-21-738365936-2945050022-965498131-1000\...\Run: [ehTray.exe] => C:\Windows\ehome\ehTray.exe [125952 2008-01-21] (Microsoft Corporation)
HKU\S-1-5-21-738365936-2945050022-965498131-1000\...\Run: [WMPNSCFG] => C:\Program Files\Windows Media Player\WMPNSCFG.exe [202240 2008-01-21] (Microsoft Corporation)
HKU\S-1-5-21-738365936-2945050022-965498131-1000\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner.exe [7618776 2017-05-05] (Piriform Ltd)
HKU\S-1-5-21-738365936-2945050022-965498131-1000\...\Policies\system: [LogonHoursAction] 2
HKU\S-1-5-21-738365936-2945050022-965498131-1000\...\Policies\system: [DontDisplayLogonHoursWarnings] 1
HKU\S-1-5-21-738365936-2945050022-965498131-1000\...\MountPoints2: {0eb5609a-0d7e-11df-9703-002215fae372} - H:\KIT-AUTO-ENTREPRENEUR.exe
HKU\S-1-5-21-738365936-2945050022-965498131-1000\...\MountPoints2: {417f4003-e7c8-11dd-ae6c-806e6f6e6963} - E:\SETUP.EXE
HKU\S-1-5-21-738365936-2945050022-965498131-1000\...\MountPoints2: {4a38ef57-9597-11e0-83cc-002215fae372} - I:\iStudio.exe
HKU\S-1-5-21-738365936-2945050022-965498131-1000\...\MountPoints2: {7d8739a8-e967-11dd-876a-002215fae372} - G:\Launch.exe
HKU\S-1-5-21-738365936-2945050022-965498131-1000\...\MountPoints2: {ced3e4ac-9080-11de-9731-002215fae372} - G:\setup.exe
GroupPolicy: Restriction ? <==== ATTENTION
GroupPolicy\User: Restriction ? <==== ATTENTION
GroupPolicyUsers\S-1-5-21-738365936-2945050022-965498131-1002\User: Restriction <==== ATTENTION
==================== Internet (Avec liste blanche) ====================
(Si un élément est inclus dans le fichier fixlist.txt, s'il s'agit d'un élément du Registre, il sera supprimé ou restauré à la valeur par défaut.)
Winsock: Catalog5 07 C:\Program Files\Bonjour\mdnsNSP.dll [121704 2011-07-12] (Apple Inc.)
Hosts: Fichier hosts non détecté dans le dossier par défaut
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{A7989F58-B4EF-4ECA-8FE9-D4F4523CADA8}: [DhcpNameServer] 192.168.1.1
Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKU\S-1-5-21-738365936-2945050022-965498131-1000\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7&rlz=
HKU\S-1-5-21-738365936-2945050022-965498131-1000\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://fr.msn.com/?ocid=iehp
HKU\S-1-5-21-738365936-2945050022-965498131-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://ceod05-ondemand.cegid.com/Citrix/XenApp/auth/login.aspx
SearchScopes: HKU\S-1-5-21-738365936-2945050022-965498131-1000 -> DefaultScope {4CB922FE-D86C-4977-9C2A-924675FD42AD} URL = hxxp://www.google.fr/search?hl=fr&q={searchTerms}+&meta=
SearchScopes: HKU\S-1-5-21-738365936-2945050022-965498131-1000 -> {4CB922FE-D86C-4977-9C2A-924675FD42AD} URL = hxxp://www.google.fr/search?hl=fr&q={searchTerms}+&meta=
BHO: Canon Easy-WebPrint EX BHO -> {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} -> C:\Program Files\Canon\Easy-WebPrint EX\ewpexbho.dll [2009-11-25] (CANON INC.)
BHO: Pas de nom -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> Pas de fichier
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll [2017-07-06] (AVAST Software)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre6\bin\jp2ssv.dll => Pas de fichier
Toolbar: HKLM - Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files\Canon\Easy-WebPrint EX\ewpexhlp.dll [2009-11-25] (CANON INC.)
Toolbar: HKU\S-1-5-21-738365936-2945050022-965498131-1000 -> Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files\Canon\Easy-WebPrint EX\ewpexhlp.dll [2009-11-25] (CANON INC.)
Filter: application/x-ica - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll [2016-09-05] (Citrix Systems, Inc.)
Filter: application/x-ica; charset=euc-jp - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll [2016-09-05] (Citrix Systems, Inc.)
Filter: application/x-ica; charset=ISO-8859-1 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll [2016-09-05] (Citrix Systems, Inc.)
Filter: application/x-ica; charset=MS936 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll [2016-09-05] (Citrix Systems, Inc.)
Filter: application/x-ica; charset=MS949 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll [2016-09-05] (Citrix Systems, Inc.)
Filter: application/x-ica; charset=MS950 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll [2016-09-05] (Citrix Systems, Inc.)
Filter: application/x-ica; charset=UTF-8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll [2016-09-05] (Citrix Systems, Inc.)
Filter: application/x-ica; charset=UTF8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll [2016-09-05] (Citrix Systems, Inc.)
Filter: application/x-ica;charset=euc-jp - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll [2016-09-05] (Citrix Systems, Inc.)
Filter: application/x-ica;charset=ISO-8859-1 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll [2016-09-05] (Citrix Systems, Inc.)
Filter: application/x-ica;charset=MS936 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll [2016-09-05] (Citrix Systems, Inc.)
Filter: application/x-ica;charset=MS949 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll [2016-09-05] (Citrix Systems, Inc.)
Filter: application/x-ica;charset=MS950 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll [2016-09-05] (Citrix Systems, Inc.)
Filter: application/x-ica;charset=UTF-8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll [2016-09-05] (Citrix Systems, Inc.)
Filter: application/x-ica;charset=UTF8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll [2016-09-05] (Citrix Systems, Inc.)
Filter: ica - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll [2016-09-05] (Citrix Systems, Inc.)
FireFox:
========
FF ProfilePath: D:\Users\Meunier Nicolas\AppData\Roaming\Mozilla\Firefox\Profiles\90rjlnt7.default [2017-07-13]
FF Homepage: Mozilla\Firefox\Profiles\90rjlnt7.default -> www.google.fr
FF Keyword.URL: Mozilla\Firefox\Profiles\90rjlnt7.default -> hxxp://r.orange.fr/r?ref=O_OI_hook_openSearchFF&url=http%3A//rws.search.ke.voila.fr/RW/S/opensearch_orange?rdata=
FF Extension: (Visualisateur 3D de 20-20) - D:\Users\Meunier Nicolas\AppData\Roaming\Mozilla\Firefox\Profiles\90rjlnt7.default\Extensions\2020Player_IKEA@2020Technologies.com [2014-05-25] [non signé]
FF Extension: (Firefox 3 theme for Firefox 4+) - D:\Users\Meunier Nicolas\AppData\Roaming\Mozilla\Firefox\Profiles\90rjlnt7.default\Extensions\ffe_ff3ff4@game-point.net.xpi [2012-06-27] [non signé]
FF Extension: (Classic Compact Options) - D:\Users\Meunier Nicolas\AppData\Roaming\Mozilla\Firefox\Profiles\90rjlnt7.default\Extensions\notreal.ccoptions@environmentalchemistry.com.xpi [2015-04-26]
FF Extension: (Avast SafePrice) - D:\Users\Meunier Nicolas\AppData\Roaming\Mozilla\Firefox\Profiles\90rjlnt7.default\Extensions\sp@avast.com.xpi [2017-06-01]
FF Extension: (Avast Online Security) - D:\Users\Meunier Nicolas\AppData\Roaming\Mozilla\Firefox\Profiles\90rjlnt7.default\Extensions\wrc@avast.com.xpi [2017-06-01]
FF Extension: (YouTube to MP3) - D:\Users\Meunier Nicolas\AppData\Roaming\Mozilla\Firefox\Profiles\90rjlnt7.default\Extensions\youtube2mp3@mondayx.de.xpi [2016-05-01]
FF Extension: (Microsoft .NET Framework Assistant) - D:\Users\Meunier Nicolas\AppData\Roaming\Mozilla\Firefox\Profiles\90rjlnt7.default\Extensions\{20a82645-c095-46ed-80e3-08825760534b} [2010-04-27] [non signé]
FF Extension: (Video DownloadHelper) - D:\Users\Meunier Nicolas\AppData\Roaming\Mozilla\Firefox\Profiles\90rjlnt7.default\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}.xpi [2017-05-11]
FF Extension: (Adblock Plus) - D:\Users\Meunier Nicolas\AppData\Roaming\Mozilla\Firefox\Profiles\90rjlnt7.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2017-06-09]
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF Extension: (Microsoft .NET Framework Assistant) - C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension [2009-07-09] [non signé]
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32_26_0_0_137.dll [2017-07-11] ()
FF Plugin: @adobe.com/ShockwavePlayer -> C:\Windows\system32\Adobe\Director\np32dsw_1216156.dll [2015-01-09] (Adobe Systems, Inc.)
FF Plugin: @Apple.com/iTunes,version=1.0 -> C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll [2011-07-14] ()
FF Plugin: @calps.plugin -> C:\Program Files\calps\npCalps.dll [2009-02-17] (CEGID)
FF Plugin: @canon.com/EPPEX -> C:\Program Files\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL [2009-09-07] (CANON INC.)
FF Plugin: @Citrix.com/npican -> C:\Program Files\Citrix\ICA Client\npicaN.dll [2016-09-05] (Citrix Systems, Inc.)
FF Plugin: @divx.com/DivX Browser Plugin,version=1.0.0 -> C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll [2010-08-25] (DivX,Inc.)
FF Plugin: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll [2011-01-24] (DivX, LLC.)
FF Plugin: @Google.com/GoogleEarthPlugin -> C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll [2013-10-07] (Google)
FF Plugin: @java.com/DTPlugin -> C:\Program Files\Java\jre6\bin\dtplugin\npDeployJava1.dll [Pas de fichier]
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.50428.0\npctrl.dll [2016-04-27] ( Microsoft Corporation)
FF Plugin: @microsoft.com/WPF,version=3.5 -> C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll [2008-07-30] (Microsoft Corporation)
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-04-30] (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-04-30] (Google Inc.)
FF Plugin: @unisys.com/npornap -> C:\Program Files\Orange\CAP Nap Plugin ActiveX [2013-10-25] ()
FF Plugin: @veetle.com/vbp;version=0.9.17 -> C:\Program Files\Veetle\VLCBroadcast\npvbp.dll [Pas de fichier]
FF Plugin: @videolan.org/vlc,version=2.1.3 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2014-02-05] (VideoLAN)
FF Plugin: @virtools.com/3DviaPlayer -> C:\Program Files\Virtools\3D Life Player\npvirtools.dll [2009-11-14] (Dassault Systèmes)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll [2015-09-24] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-738365936-2945050022-965498131-1000: @unity3d.com/UnityPlayer,version=1.0 -> D:\Users\Meunier Nicolas\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2016-02-14] (Unity Technologies ApS)
FF Plugin HKU\S-1-5-21-738365936-2945050022-965498131-1000: ubisoft.com/uplaypc -> C:\Program Files\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll [2016-05-05] ()
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\np-mswmp.dll [2007-04-10] (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npornap.dll [2009-09-08] (UNISYS France)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nppdf32.dll [2015-09-24] (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin.dll [2011-07-30] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin2.dll [2011-07-30] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin3.dll [2011-07-30] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin4.dll [2011-07-30] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin5.dll [2011-07-30] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin6.dll [2011-07-30] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin7.dll [2011-07-30] (Apple Inc.)
==================== Services (Avec liste blanche) ====================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
S3 AdobeFlashPlayerUpdateSvc; C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [272384 2017-07-11] (Adobe Systems Incorporated) [Fichier non signé]
R3 aswbIDSAgent; C:\Program Files\Alwil Software\Avast5\aswidsagent.exe [5815840 2017-07-06] (AVAST Software s.r.o.)
R2 avast! Antivirus; C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [263312 2017-07-06] (AVAST Software)
S3 DAUpdaterSvc; D:\Jeux\Dragon Age\bin_ship\DAUpdaterSvc.Service.exe [25832 2009-07-26] (BioWare)
S3 IDriverT; C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-04] (Macrovision Corporation) [Fichier non signé]
S4 NMIndexingService; C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe [262144 2006-12-23] (Nero AG) [Fichier non signé]
S3 Origin Client Service; C:\Program Files\Origin\OriginClientService.exe [2119688 2016-10-25] (Electronic Arts)
R2 TeamViewer; C:\Program Files\TeamViewer\TeamViewer_Service.exe [7032080 2016-05-12] (TeamViewer GmbH)
S2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [272952 2008-01-21] (Microsoft Corporation)
S3 AvastVBoxSvc; "C:\Program Files\Alwil Software\Avast5\ng\vbox\AvastVBoxSVC.exe" [X]
===================== Pilotes (Avec liste blanche) ======================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
R1 AsIO; C:\Windows\System32\drivers\AsIO.sys [12400 2007-12-17] ()
R1 aswbidsdriver; C:\Windows\system32\drivers\aswbidsdriverx.sys [266976 2017-07-06] (AVAST Software s.r.o.)
R0 aswbidsh; C:\Windows\system32\drivers\aswbidshx.sys [157384 2017-07-06] (AVAST Software s.r.o.)
R0 aswblog; C:\Windows\system32\drivers\aswblogx.sys [276704 2017-07-06] (AVAST Software s.r.o.)
R0 aswbuniv; C:\Windows\system32\drivers\aswbunivx.sys [50352 2017-07-06] (AVAST Software s.r.o.)
S3 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [42824 2017-07-06] (AVAST Software)
R1 aswKbd; C:\Windows\system32\drivers\aswKbd.sys [39752 2017-07-06] (AVAST Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [123896 2017-07-06] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr.sys [70088 2017-07-06] (AVAST Software)
R0 aswRvrt; C:\Windows\system32\drivers\aswRvrt.sys [70840 2017-07-06] (AVAST Software)
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [774288 2017-07-06] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [496976 2017-07-06] (AVAST Software)
R3 aswStmXP; C:\Windows\system32\drivers\aswStmXP.sys [202688 2017-07-06] (AVAST Software)
R0 aswVmm; C:\Windows\system32\drivers\aswVmm.sys [296312 2017-07-06] (AVAST Software)
S3 camfilt2; C:\Windows\System32\DRIVERS\camfilt2.sys [94720 2007-08-06] (Guillemot Corporation)
R3 L1E; C:\Windows\System32\DRIVERS\L1E60x86.sys [47616 2008-06-30] (Atheros Communications, Inc.)
R3 MTsensor; C:\Windows\System32\DRIVERS\ASACPI.sys [7680 2006-10-18] ()
R0 mv61xx; C:\Windows\System32\DRIVERS\mv61xx.sys [150568 2008-06-24] (Marvell Semiconductor, Inc.)
R2 npf; C:\Windows\System32\drivers\npf.sys [35088 2011-02-11] (CACE Technologies, Inc.)
S3 SNPSTD3; C:\Windows\System32\DRIVERS\snpstd3.sys [10371072 2007-07-17] (Sonix Co. Ltd.)
R0 sptd; C:\Windows\System32\Drivers\sptd.sys [691696 2010-06-14] () [Fichier non signé]
U3 anunot8s; C:\Windows\system32\Drivers\anunot8s.sys [0 ] (Microsoft Corporation) <==== ATTENTION (zéro octet Fichier/Dossier)
==================== NetSvcs (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
==================== Un mois - Créés - fichiers et dossiers ========
(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)
2017-07-13 18:47 - 2017-07-13 18:47 - 00000000 ____D C:\FRST
2017-07-13 16:06 - 2017-07-13 16:06 - 00000000 ____D C:\ProgramData\SWCUTemp
2017-07-13 09:15 - 2017-07-13 16:13 - 00000182 _____ D:\Users\Meunier
2017-07-06 13:56 - 2017-07-06 13:55 - 00303280 ____N (AVAST Software) C:\Windows\system32\aswBoot.exe
2017-06-24 09:07 - 2017-06-24 09:07 - 00000655 _____ C:\Users\Public\Desktop\Opera.lnk
2017-06-24 09:07 - 2017-06-24 09:07 - 00000655 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Opera.lnk
2017-06-24 09:07 - 2017-06-24 09:07 - 00000000 ____D C:\Program Files\Opera
==================== Un mois - Modifiés - fichiers et dossiers ========
(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)
2017-07-13 17:59 - 2006-11-02 14:47 - 00003840 _____ C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
2017-07-13 17:59 - 2006-11-02 14:47 - 00003840 _____ C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
2017-07-13 16:51 - 2017-04-22 20:39 - 00000000 ____D C:\Program Files\Steam
2017-07-13 16:12 - 2009-01-23 10:06 - 00000000 ____D D:\Users\Meunier Nicolas
2017-07-13 15:59 - 2006-11-02 15:01 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2017-07-13 15:57 - 2006-11-02 15:01 - 00032588 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2017-07-13 10:24 - 2017-04-22 20:39 - 00000000 ____D C:\Program Files\Common Files\Steam
2017-07-13 09:16 - 2008-01-21 10:41 - 01690622 _____ C:\Windows\system32\PerfStringBackup.INI
2017-07-13 09:16 - 2008-01-21 10:40 - 00749152 _____ C:\Windows\system32\perfh00C.dat
2017-07-13 09:16 - 2008-01-21 10:40 - 00158510 _____ C:\Windows\system32\perfc00C.dat
2017-07-13 09:16 - 2006-11-02 13:18 - 00000000 ____D C:\Windows\inf
2017-07-11 21:23 - 2012-04-04 18:45 - 00803328 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
2017-07-11 21:23 - 2011-05-14 01:08 - 00144896 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl
2017-07-11 21:23 - 2009-01-23 11:59 - 00000000 ____D C:\Windows\system32\Macromed
2017-07-10 20:07 - 2016-12-04 16:14 - 00000000 ____D C:\Program Files\Mozilla Firefox
2017-07-10 20:07 - 2009-11-29 00:59 - 00000370 _____ C:\Windows\Tasks\Ad-Aware Update (Weekly).job
2017-07-09 09:53 - 2009-01-23 11:08 - 00000000 ____D C:\Program Files\Windows Live
2017-07-09 09:52 - 2006-11-02 13:18 - 00000000 ____D C:\Program Files\Common Files\microsoft shared
2017-07-09 09:51 - 2016-09-26 21:45 - 00000000 ____D C:\Program Files\VLMC
2017-07-09 09:51 - 2009-07-30 12:28 - 00000000 ____D C:\ProgramData\ViaMichelin
2017-07-09 09:51 - 2009-01-21 16:59 - 00000000 ___HD C:\Program Files\InstallShield Installation Information
2017-07-09 09:49 - 2011-04-09 14:27 - 00000000 ____D C:\Program Files\Google
2017-07-09 09:48 - 2012-04-28 09:30 - 00000000 ____D C:\Program Files\Mozilla Maintenance Service
2017-07-06 13:56 - 2013-03-17 13:47 - 00296312 ____N (AVAST Software) C:\Windows\system32\Drivers\aswvmm.sys
2017-07-06 13:55 - 2017-02-19 18:08 - 00276704 ____N (AVAST Software s.r.o.) C:\Windows\system32\Drivers\aswblogx.sys
2017-07-06 13:55 - 2017-02-19 18:08 - 00266976 ____N (AVAST Software s.r.o.) C:\Windows\system32\Drivers\aswbidsdriverx.sys
2017-07-06 13:55 - 2017-02-19 18:08 - 00157384 ____N (AVAST Software s.r.o.) C:\Windows\system32\Drivers\aswbidshx.sys
2017-07-06 13:55 - 2017-02-19 18:08 - 00050352 ____N (AVAST Software s.r.o.) C:\Windows\system32\Drivers\aswbunivx.sys
2017-07-06 13:55 - 2016-04-16 10:49 - 00039752 ____N (AVAST Software) C:\Windows\system32\Drivers\aswKbd.sys
2017-07-06 13:55 - 2015-08-23 12:21 - 00202688 ____N (AVAST Software) C:\Windows\system32\Drivers\aswStmXP.sys
2017-07-06 13:55 - 2014-04-21 14:36 - 00042824 ____N (AVAST Software) C:\Windows\system32\Drivers\aswHwid.sys
2017-07-06 13:55 - 2013-03-17 13:47 - 00070840 ____N (AVAST Software) C:\Windows\system32\Drivers\aswRvrt.sys
2017-07-06 13:55 - 2011-05-18 12:34 - 00774288 ____N (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys
2017-07-06 13:55 - 2009-01-23 10:55 - 00496976 ____N (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys
2017-07-06 13:55 - 2009-01-23 10:55 - 00123896 ____N (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2017-07-06 13:55 - 2009-01-23 10:55 - 00070088 ____N (AVAST Software) C:\Windows\system32\Drivers\aswRdr.sys
2017-06-21 19:45 - 2009-11-16 20:00 - 00000000 ____D C:\Windows\Minidump
2017-06-15 18:17 - 2014-03-30 22:53 - 00000000 ____D C:\Program Files\Common Files\Adobe AIR
2017-06-14 22:20 - 2013-01-29 23:26 - 00000000 ____D C:\Mes documents
==================== Fichiers à la racine de certains dossiers =======
2009-01-23 17:43 - 2014-06-07 04:23 - 0149504 _____ () D:\Users\Meunier Nicolas\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2009-02-04 16:28 - 2009-02-04 16:28 - 0000103 _____ () D:\Users\Meunier Nicolas\AppData\Local\fusioncache.dat
2011-05-15 20:19 - 2013-03-05 22:21 - 0004742 _____ () D:\Users\Meunier Nicolas\AppData\Local\LOG_calps.txt
2009-02-05 15:49 - 2009-02-05 15:49 - 0000336 _____ () D:\Users\Meunier Nicolas\AppData\Local\magnifier.ini
2011-06-15 09:51 - 2011-07-16 18:37 - 0000193 _____ () C:\ProgramData\Microsoft.SqlServer.Compact.351.32.bc
==================== Bamital & volsnap ======================
(Il n'y a pas de correction automatique pour les fichiers qui ne satisfont pas à la vérification.)
C:\Windows\explorer.exe => Le fichier est signé numériquement
C:\Windows\system32\winlogon.exe => Le fichier est signé numériquement
C:\Windows\system32\wininit.exe => Le fichier est signé numériquement
C:\Windows\system32\svchost.exe => Le fichier est signé numériquement
C:\Windows\system32\services.exe => Le fichier est signé numériquement
C:\Windows\system32\User32.dll => Le fichier est signé numériquement
C:\Windows\system32\userinit.exe => Le fichier est signé numériquement
C:\Windows\system32\rpcss.dll => Le fichier est signé numériquement
C:\Windows\system32\dnsapi.dll => Le fichier est signé numériquement
C:\Windows\system32\Drivers\volsnap.sys => Le fichier est signé numériquement
LastRegBack: 2017-07-13 16:05
==================== Fin de FRST.txt ============================