Publicité
Publicité
Commentaire : Bonjour . Voici le rapport - FRST.txt - de 'Farbar Recovery Scan Tool pour systèmes x32 (x86)'
Format du document : text/plain
Prévisualisation
Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 05-07-2015
Ran by Utilisateur (administrator) on PC-DE-UTILISATE on 09-07-2015 13:03:05
Running from C:\Users\Utilisateur\Downloads
Loaded Profiles: Utilisateur (Available Profiles: Utilisateur & Administrateur)
Platform: Windows Vista (TM) Home Premium Service Pack 2 (X86) OS Language: Français (France)
Internet Explorer Version 9 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(Microsoft Corporation) C:\Windows\System32\SLsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(SUPERAntiSpyware.com) C:\Program Files\SUPERAntiSpyware\SASCore.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe
(Kaspersky Lab ZAO) C:\Program Files\Kaspersky Lab\Kaspersky Total Security 15.0.2\avp.exe
(Microsoft Corporation) C:\Windows\System32\CISVC.EXE
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\ehome\ehrecvr.exe
(Microsoft Corporation) C:\Windows\ehome\ehsched.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
(Microsoft Corporation) C:\Program Files\Windows Live\Family Safety\fsssvc.exe
(PC Tools) C:\Users\Public\Norton Utilities 16\sMonitor\StartManSvc.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
(Reimage®) C:\Program Files\Reimage\Reimage Protector\ReiGuard.exe
(Microsoft Corporation) C:\Windows\System32\Locator.exe
(Reimage®) C:\Program Files\Reimage\Reimage Protector\ReiSystem.exe
(Microsoft Corporation) C:\Program Files\Microsoft Application Virtualization Client\sftvsa.exe
(Microsoft Corporation) C:\Windows\System32\UI0Detect.exe
(Microsoft Corp.) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVCM.EXE
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
(Kaspersky Lab ZAO) C:\Program Files\Kaspersky Lab\Kaspersky Total Security 15.0.2\avpui.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI.exe
(Symantec Corporation) C:\Users\Public\Norton Utilities 16\sMonitor\SSDMonitor.exe
(Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jusched.exe
(Hewlett-Packard) C:\Program Files\HP\HP Software Update\hpwuschd2.exe
(Microsoft Corporation) C:\Program Files\Windows Media Player\wmpnscfg.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(SUPERAntiSpyware) C:\Program Files\SUPERAntiSpyware\SUPERANTISPYWARE.EXE
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner.exe
(Microsoft Corporation) C:\Program Files\Microsoft Application Virtualization Client\sftlist.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE
(Tweaking.com) C:\Program Files\Tweaking.com\Windows Repair (All in One)\WR_Tray_Icon.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe
(Microsoft Corporation) C:\Windows\System32\wbem\unsecapp.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\plugin-container.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\plugin-container.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\plugin-container.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\plugin-container.exe
(Adobe Systems, Inc.) C:\Windows\System32\Macromed\Flash\FlashPlayerPlugin_18_0_0_194.exe
(Adobe Systems, Inc.) C:\Windows\System32\Macromed\Flash\FlashPlayerPlugin_18_0_0_194.exe
(Microsoft Corporation) C:\Windows\System32\conime.exe
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [] => [X]
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI.exe [6336216 2013-11-04] (Realtek Semiconductor)
HKLM\...\Run: [SSDMonitor] => C:\Users\Public\Norton Utilities 16\sMonitor\SSDMonitor.exe [106072 2015-03-17] (Symantec Corporation)
HKLM\...\Run: [SunJavaUpdateSched] => C:\Program Files\Common Files\Java\Java Update\jusched.exe [334896 2015-04-30] (Oracle Corporation)
HKLM\...\Run: [HP Software Update] => C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe [96056 2013-05-30] (Hewlett-Packard)
HKU\S-1-5-19\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\system32\logon.scr
HKU\S-1-5-20\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\system32\logon.scr
HKU\S-1-5-21-3427801323-731345876-450246096-1000\...\Run: [WMPNSCFG] => C:\Program Files\Windows Media Player\WMPNSCFG.exe [202240 2008-01-21] (Microsoft Corporation)
HKU\S-1-5-21-3427801323-731345876-450246096-1000\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner.exe [4826904 2014-10-30] (Piriform Ltd)
HKU\S-1-5-21-3427801323-731345876-450246096-1000\...\Run: [SUPERAntiSpyware] => C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe [6715160 2015-07-09] (SUPERAntiSpyware)
HKU\S-1-5-21-3427801323-731345876-450246096-1000\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\system32\logon.scr
HKU\S-1-5-18\...\Run: [AviraSpeedup] => "C:\Program Files\Avira\AviraSpeedup\avira_system_speedup.exe" -autorun
HKU\S-1-5-18\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\system32\logon.scr
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => No File
ShellIconOverlayIdentifiers: [KAVOverlayIcon] -> {014F27E2-6D75-4E42-A0E9-2A2C68498AFA} => No File
ShellIconOverlayIdentifiers: [OverlayExcluded] -> {4433A54A-1AC8-432F-90FC-85F045CF383C} => C:\Program Files\Norton Security with Backup\Engine\22.0.0.110\buShell.dll [2014-08-20] (Symantec Corporation)
ShellIconOverlayIdentifiers: [OverlayPending] -> {F17C0B1E-EF8E-4AD4-8E1B-7D7E8CB23225} => C:\Program Files\Norton Security with Backup\Engine\22.0.0.110\buShell.dll [2014-08-20] (Symantec Corporation)
ShellIconOverlayIdentifiers: [OverlayProtected] -> {476D0EA3-80F9-48B5-B70B-05E677C9C148} => C:\Program Files\Norton Security with Backup\Engine\22.0.0.110\buShell.dll [2014-08-20] (Symantec Corporation)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKU\.DEFAULT\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKU\S-1-5-21-3427801323-731345876-450246096-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
ProxyEnable: [S-1-5-21-3427801323-731345876-450246096-1000] => Internet Explorer proxy is enabled
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Bar = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm
HKU\S-1-5-21-3427801323-731345876-450246096-1000\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\S-1-5-21-3427801323-731345876-450246096-1000\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://fr.msn.com/?ocid=iehp
HKU\S-1-5-21-3427801323-731345876-450246096-1000\Software\Microsoft\Internet Explorer\Main,Search Bar = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm
HKU\S-1-5-21-3427801323-731345876-450246096-1000\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO: Virtual Keyboard Plugin -> {4A66AD60-A03D-4D01-86F0-5F0F7C0EF1AD} -> C:\Program Files\Kaspersky Lab\Kaspersky Total Security 15.0.2\IEExt\ie_plugin.dll [2014-12-23] (Kaspersky Lab ZAO)
BHO: Norton Identity Protection -> {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} -> C:\Program Files\Norton Security with Backup\Engine\22.0.0.110\coIEPlg.dll [2014-09-13] (Symantec Corporation)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_45\bin\ssv.dll [2015-06-11] (Oracle Corporation)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28] (Microsoft Corp.)
BHO: Content Blocker Plugin -> {93BC2EA7-2F17-4729-948A-D2E03FFB2412} -> C:\Program Files\Kaspersky Lab\Kaspersky Total Security 15.0.2\IEExt\ie_plugin.dll [2014-12-23] (Kaspersky Lab ZAO)
BHO: Windows Live Messenger Companion Helper -> {9FDDE16B-836F-4806-AB1F-1455CBEFF289} -> C:\Program Files\Windows Live\Companion\companioncore.dll [2012-03-08] (Microsoft Corporation)
BHO: Safe Money Plugin -> {AB379017-4C03-4E00-8EDF-E6D6AF7CCF82} -> C:\Program Files\Kaspersky Lab\Kaspersky Total Security 15.0.2\IEExt\ie_plugin.dll [2014-12-23] (Kaspersky Lab ZAO)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_45\bin\jp2ssv.dll [2015-06-11] (Oracle Corporation)
Toolbar: HKLM - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Norton Security with Backup\Engine\22.0.0.110\coIEPlg.dll [2014-09-13] (Symantec Corporation)
Tcpip\Parameters: [DhcpNameServer] 89.2.0.1 89.2.0.2
Tcpip\..\Interfaces\{3C812D06-8E44-435C-AD62-CC21EEFE049D}: [DhcpNameServer] 89.2.0.1 89.2.0.2
FireFox:
========
FF ProfilePath: C:\Users\Utilisateur\AppData\Roaming\Mozilla\Firefox\Profiles\skbms4dg.default-1436021748754
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32_18_0_0_194.dll [2015-06-26] ()
FF Plugin: @java.com/DTPlugin,version=11.45.2 -> C:\Program Files\Java\jre1.8.0_45\bin\dtplugin\npDeployJava1.dll [2015-06-11] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.45.2 -> C:\Program Files\Java\jre1.8.0_45\bin\plugin2\npjp2.dll [2015-06-11] (Oracle Corporation)
FF Plugin: @kaspersky.com/content_blocker_663BE84DBCC949E88C7600F63CA7F098 -> C:\Program Files\Kaspersky Lab\Kaspersky Total Security 15.0.2\FFExt\content_blocker@kaspersky.com [2015-07-04] ()
FF Plugin: @kaspersky.com/online_banking_08806E753BE44495B44E90AA2513BDC5 -> C:\Program Files\Kaspersky Lab\Kaspersky Total Security 15.0.2\FFExt\online_banking@kaspersky.com [2015-07-04] ()
FF Plugin: @kaspersky.com/virtual_keyboard_07402848C2F6470194F131B0F3DE025E -> C:\Program Files\Kaspersky Lab\Kaspersky Total Security 15.0.2\FFExt\virtual_keyboard@kaspersky.com [2015-07-04] ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.40416.0\npctrl.dll [2015-04-15] ( Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll [2012-03-08] (Microsoft Corporation)
FF Plugin: @microsoft.com/WLPG,version=15.4.3555.0308 -> C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll [2012-03-08] (Microsoft Corporation)
FF Plugin: @microsoft.com/WPF,version=3.5 -> C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll [2008-07-30] (Microsoft Corporation)
FF Plugin: @nvidia.com/3DVision -> C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dv.dll [2013-01-18] (NVIDIA Corporation)
FF Plugin: @nvidia.com/3DVisionStreaming -> C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2013-01-18] (NVIDIA Corporation)
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-05-19] (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-05-19] (Google Inc.)
FF Plugin: @videolan.org/vlc,version=2.0.7 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.2.0 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.2.1 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2014-12-03] (Adobe Systems Inc.)
FF user.js: detected! => C:\Users\Utilisateur\AppData\Roaming\Mozilla\Firefox\Profiles\skbms4dg.default-1436021748754\user.js [2015-07-04]
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF Extension: Microsoft .NET Framework Assistant - C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension [2015-05-07]
FF HKLM\...\Firefox\Extensions: [{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NSBU_22.0.0.110\coFFPlgn
FF HKLM\...\Firefox\Extensions: [content_blocker_663BE84DBCC949E88C7600F63CA7F098@kaspersky.com] - C:\Program Files\Kaspersky Lab\Kaspersky Total Security 15.0.2\FFExt\content_blocker@kaspersky.com
FF Extension: Dangerous Websites Blocker - C:\Program Files\Kaspersky Lab\Kaspersky Total Security 15.0.2\FFExt\content_blocker@kaspersky.com [2015-07-04]
FF HKLM\...\Firefox\Extensions: [virtual_keyboard_07402848C2F6470194F131B0F3DE025E@kaspersky.com] - C:\Program Files\Kaspersky Lab\Kaspersky Total Security 15.0.2\FFExt\virtual_keyboard@kaspersky.com
FF Extension: Virtual Keyboard - C:\Program Files\Kaspersky Lab\Kaspersky Total Security 15.0.2\FFExt\virtual_keyboard@kaspersky.com [2015-07-04]
FF HKLM\...\Firefox\Extensions: [online_banking_08806E753BE44495B44E90AA2513BDC5@kaspersky.com] - C:\Program Files\Kaspersky Lab\Kaspersky Total Security 15.0.2\FFExt\online_banking@kaspersky.com
FF Extension: Safe Money - C:\Program Files\Kaspersky Lab\Kaspersky Total Security 15.0.2\FFExt\online_banking@kaspersky.com [2015-07-04]
Chrome:
=======
CHR Profile: C:\Users\Utilisateur\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Drive) - C:\Users\Utilisateur\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-04-23]
CHR Extension: (YouTube) - C:\Users\Utilisateur\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-04-23]
CHR Extension: (Norton Security Toolbar) - C:\Users\Utilisateur\AppData\Local\Google\Chrome\User Data\Default\Extensions\cjabmdjcfcfdmffimndhafhblfmpjdpe [2015-06-07]
CHR Extension: (No Name) - C:\Users\Utilisateur\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-04-23]
CHR Extension: (No Name) - C:\Users\Utilisateur\AppData\Local\Google\Chrome\User Data\Default\Extensions\dbhjdbfgekjfcfkkfjjmlmojhbllhbho [2015-04-23]
CHR Extension: (Avast Online Security) - C:\Users\Utilisateur\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2015-04-23]
CHR Extension: (Chrome Hotword Shared Module) - C:\Users\Utilisateur\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-04-23]
CHR Extension: (No Name) - C:\Users\Utilisateur\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-04-23]
CHR Extension: (Gmail) - C:\Users\Utilisateur\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-04-23]
CHR HKLM\...\Chrome\Extension: [cjabmdjcfcfdmffimndhafhblfmpjdpe] - C:\Program Files\Norton Security with Backup\Engine\22.0.0.110\Exts\Chrome.crx [2015-06-07]
CHR HKLM\...\Chrome\Extension: [dbhjdbfgekjfcfkkfjjmlmojhbllhbho] - https://chrome.google.com/webstore/detail/dbhjdbfgekjfcfkkfjjmlmojhbllhbho
CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - https://clients2.google.com/service/update2/crx
========================== Services (Whitelisted) =================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 !SASCORE; C:\Program Files\SUPERAntiSpyware\SASCORE.EXE [142648 2014-07-23] (SUPERAntiSpyware.com)
S2 AntiVirSchedulerService; C:\Program Files\Avira\AntiVir Desktop\sched.exe [432888 2015-03-20] (Avira Operations GmbH & Co. KG)
S2 AntiVirService; C:\Program Files\Avira\AntiVir Desktop\avguard.exe [432888 2015-03-20] (Avira Operations GmbH & Co. KG)
R2 AVP15.0.2; C:\Program Files\Kaspersky Lab\Kaspersky Total Security 15.0.2\avp.exe [194000 2015-07-04] (Kaspersky Lab ZAO)
S3 DiskDoctorService; C:\Users\Public\Norton Utilities 16\Tools\Disk Doctor\DiskDoctorSrv.exe [1150552 2015-03-17] (Symantec Corporation)
R2 iprip; C:\Windows\System32\iprip.dll [29696 2006-11-02] (Microsoft Corporation)
S2 MBAMService; C:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe [1133880 2015-06-18] (Malwarebytes Corporation)
S2 MsMpSvc; C:\Program Files\Microsoft Security Client\MsMpEng.exe [22216 2015-04-30] (Microsoft Corporation)
R2 NU16StartManagerSvc; C:\Users\Public\Norton Utilities 16\sMonitor\StartManSvc.exe [795736 2015-03-17] (PC Tools)
R2 ReimageRealTimeProtector; C:\Program Files\Reimage\Reimage Protector\ReiGuard.exe [6086640 2015-05-19] (Reimage®)
S3 SpeedDiskService; C:\Users\Public\Norton Utilities 16\Tools\SpeedDisk\SpeedDiskSrv.exe [1163864 2015-03-17] (Symantec Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [272952 2008-01-21] (Microsoft Corporation)
==================== Drivers (Whitelisted) ====================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [105864 2015-03-04] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [136216 2015-03-04] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [37352 2014-11-24] (Avira Operations GmbH & Co. KG)
R0 cm_km_w; C:\Windows\System32\DRIVERS\cm_km_w.sys [197864 2015-07-04] (Kaspersky Lab UK Ltd)
R0 kl1; C:\Windows\System32\DRIVERS\kl1.sys [153784 2015-07-04] (Kaspersky Lab ZAO)
R2 kldisk; C:\Windows\System32\DRIVERS\kldisk.sys [54640 2015-07-04] (Kaspersky Lab ZAO)
R3 klflt; C:\Windows\System32\DRIVERS\klflt.sys [128728 2015-07-04] (Kaspersky Lab ZAO)
R1 klhk; C:\Windows\System32\DRIVERS\klhk.sys [44208 2015-07-04] (Kaspersky Lab ZAO)
R1 KLIF; C:\Windows\System32\DRIVERS\klif.sys [705208 2015-07-04] (Kaspersky Lab ZAO)
R1 KLIM6; C:\Windows\System32\DRIVERS\klim6.sys [34160 2015-07-04] (Kaspersky Lab ZAO)
R3 klkbdflt; C:\Windows\System32\DRIVERS\klkbdflt.sys [36208 2015-07-04] (Kaspersky Lab ZAO)
R3 klmouflt; C:\Windows\System32\DRIVERS\klmouflt.sys [35696 2015-07-04] (Kaspersky Lab ZAO)
R1 klpd; C:\Windows\System32\DRIVERS\klpd.sys [23920 2015-07-04] (Kaspersky Lab ZAO)
R1 kltdf; C:\Windows\System32\DRIVERS\kltdf.sys [68808 2014-11-06] (Kaspersky Lab ZAO)
R1 kltdi; C:\Windows\System32\DRIVERS\kltdi.sys [54328 2015-07-04] (Kaspersky Lab ZAO)
R1 kneps; C:\Windows\System32\DRIVERS\kneps.sys [157240 2015-07-04] (Kaspersky Lab ZAO)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [23256 2015-06-18] (Malwarebytes Corporation)
S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [51928 2015-06-18] (Malwarebytes Corporation)
R3 MEI; C:\Windows\System32\DRIVERS\HECI.sys [56432 2013-01-11] (Intel Corporation)
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [245096 2015-03-04] (Microsoft Corporation)
R1 SASDIFSV; C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS [12880 2011-07-22] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
R1 SASKUTIL; C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS [67664 2011-07-12] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
R1 ssmdrv; C:\Windows\System32\DRIVERS\ssmdrv.sys [28520 2014-11-24] (Avira GmbH)
R1 veracrypt; C:\Windows\System32\drivers\veracrypt.sys [196568 2015-05-29] (IDRIX)
S3 WIMMount; C:\Program Files\Windows Kits\8.0\Assessment and Deployment Kit\Deployment Tools\x86\DISM\wimmount.sys [34248 2012-07-25] (Microsoft Corporation)
S3 IpInIp; system32\DRIVERS\ipinip.sys [X]
S3 NwlnkFlt; system32\DRIVERS\nwlnkflt.sys [X]
S3 NwlnkFwd; system32\DRIVERS\nwlnkfwd.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2015-07-09 13:03 - 2015-07-09 13:03 - 00021671 _____ C:\Users\Utilisateur\Downloads\FRST.txt
2015-07-09 13:02 - 2015-07-09 13:03 - 00000000 ____D C:\FRST
2015-07-09 12:59 - 2015-07-09 13:02 - 01636352 _____ (Farbar) C:\Users\Utilisateur\Downloads\FRST.exe
2015-07-09 11:52 - 2015-07-09 12:53 - 00007756 _____ C:\Windows\WindowsUpdate.log
2015-07-09 01:15 - 2015-07-09 01:15 - 00098520 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-07-09 01:15 - 2015-07-09 01:15 - 00000000 ____D C:\Program Files\Malwarebytes Anti-Malware
2015-07-09 01:15 - 2015-06-18 08:41 - 00094936 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2015-07-09 01:15 - 2015-06-18 08:41 - 00051928 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2015-07-09 01:15 - 2015-06-18 08:41 - 00023256 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2015-07-09 01:14 - 2015-07-09 01:14 - 24345872 _____ (Malwarebytes Corporation ) C:\Users\Utilisateur\Downloads\mbam-setup-2.1.8.1057.exe
2015-07-08 12:05 - 2015-07-08 12:05 - 00000000 ____D C:\ProgramData\Kaspersky Lab Setup Files
2015-07-08 12:03 - 2015-07-08 12:04 - 197145208 _____ (Kaspersky Lab) C:\Users\Utilisateur\Downloads\kts15.0.2.361fr-fr.exe
2015-07-07 07:25 - 2015-07-07 07:26 - 00000000 ____D C:\ProgramData\MFAData
2015-07-07 07:25 - 2015-07-07 07:25 - 05017672 _____ (AVG Technologies) C:\Users\Utilisateur\Downloads\avg_free_stb_all_2015_ltst_639.exe
2015-07-07 07:25 - 2015-07-07 07:25 - 00000000 ____D C:\Users\Utilisateur\AppData\Local\MFAData
2015-07-07 07:25 - 2015-07-07 07:25 - 00000000 ____D C:\Users\Utilisateur\AppData\Local\Avg2015
2015-07-07 07:16 - 2015-07-07 07:17 - 00190042 _____ C:\Users\Utilisateur\Downloads\avgremover.log
2015-07-07 07:16 - 2015-07-07 07:16 - 03681088 _____ (AVG Technologies CZ, s.r.o.) C:\Users\Utilisateur\Downloads\avg_remover_stf_x86_2015_5501.exe
2015-07-07 07:11 - 2015-07-07 07:11 - 00416576 _____ (Kaspersky Lab) C:\Users\Utilisateur\Downloads\fr-fr.kaspersky_free_scan.setup.exe
2015-07-06 16:43 - 2015-07-06 16:43 - 01845248 _____ C:\Users\Utilisateur\Downloads\ZHPCleaner.exe
2015-07-06 13:36 - 2015-07-09 11:43 - 00000432 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2015-07-06 13:09 - 2015-07-09 11:11 - 00000000 ____D C:\Program Files\SUPERAntiSpyware
2015-07-06 13:09 - 2015-07-09 02:00 - 00000522 _____ C:\Windows\Tasks\SUPERAntiSpyware Scheduled Task d529a919-8d31-4c3f-8f16-3ba8ee2264f4.job
2015-07-06 13:09 - 2015-07-06 13:20 - 00000522 _____ C:\Windows\Tasks\SUPERAntiSpyware Scheduled Task 55b9eb30-ea91-47e5-8657-e492ed5816ad.job
2015-07-06 13:09 - 2015-07-06 13:09 - 00001820 _____ C:\Users\Public\Desktop\SUPERAntiSpyware Free Edition.lnk
2015-07-06 13:09 - 2015-07-06 13:09 - 00000000 ____D C:\Users\Utilisateur\AppData\Roaming\SUPERAntiSpyware.com
2015-07-06 13:09 - 2015-07-06 13:09 - 00000000 ____D C:\ProgramData\SUPERAntiSpyware.com
2015-07-06 13:09 - 2015-07-06 13:09 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SUPERAntiSpyware
2015-07-06 13:08 - 2015-07-06 13:08 - 22329136 _____ (SUPERAntiSpyware) C:\Users\Public\SUPERAntiSpyware.exe
2015-07-06 12:19 - 2015-07-08 20:48 - 00000000 ____D C:\Program Files\Mozilla Firefox
2015-07-04 18:14 - 2015-07-04 18:14 - 00001896 _____ C:\Users\Public\Desktop\Adobe Reader XI.lnk
2015-07-04 18:14 - 2015-07-04 18:14 - 00001804 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
2015-07-04 18:14 - 2015-07-04 18:14 - 00000000 ____D C:\Program Files\Common Files\Adobe
2015-07-04 18:14 - 2015-07-04 18:14 - 00000000 ____D C:\Program Files\Adobe
2015-07-04 18:12 - 2015-07-04 18:12 - 75858112 _____ (Adobe Systems Incorporated) C:\Users\Utilisateur\Downloads\AdbeRdr11010_en_US.exe
2015-07-04 17:24 - 2015-07-04 17:24 - 00000000 _____ C:\Windows\system32\FAPE793.tmp
2015-07-04 16:45 - 2015-07-04 16:45 - 00002108 _____ C:\Users\Utilisateur\Desktop\Protection bancaire.lnk
2015-07-04 16:42 - 2015-07-07 07:06 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Kaspersky Total Security
2015-07-04 16:42 - 2015-07-04 16:41 - 00001954 _____ C:\Users\Public\Desktop\Kaspersky Total Security.lnk
2015-07-04 16:08 - 2015-07-04 16:08 - 01005568 _____ (Microsoft Corporation) C:\Users\Public\dotNetFx45_Full_setup(2).exe
2015-07-04 16:00 - 2015-07-04 16:00 - 01005568 _____ (Microsoft Corporation) C:\Users\Public\dotNetFx45_Full_setup(1).exe
2015-07-04 15:58 - 2015-07-04 15:58 - 01005568 _____ (Microsoft Corporation) C:\Users\Public\dotNetFx45_Full_setup.exe
2015-07-04 15:32 - 2015-07-04 15:32 - 01594688 _____ (Kaspersky Lab) C:\Users\Public\kts15.0.2.361fr_7383(2).exe
2015-07-04 15:25 - 2015-07-04 15:25 - 01594688 _____ (Kaspersky Lab) C:\Users\Public\kts15.0.2.361fr_7383(1).exe
2015-07-04 13:05 - 2015-07-04 13:05 - 01594688 _____ (Kaspersky Lab) C:\Users\Public\kts15.0.2.361fr_7383.exe
2015-06-30 19:36 - 2015-06-30 19:36 - 01183744 _____ C:\Users\Utilisateur\s-1-5-21-3427801323-731345876-450246096-1000.rrr
2015-06-30 19:36 - 2015-06-30 19:36 - 00585728 _____ C:\Users\Administrateur\s-1-5-21-3427801323-731345876-450246096-500.rrr
2015-06-30 18:22 - 2015-06-30 18:23 - 00000000 ____D C:\Zeb Restore
2015-06-30 17:51 - 2015-06-30 18:15 - 00000000 ____D C:\Users\Utilisateur\Documents\Zeb-Restore
2015-06-30 17:28 - 2015-06-30 17:36 - 00254216 _____ C:\Users\Public\DriverTurboSetup.exe
2015-06-30 17:15 - 2015-06-30 18:24 - 00074505 _____ C:\Users\Public\Zeb-Restore.zip
2015-06-30 16:45 - 2015-06-30 16:45 - 04197016 _____ (Kaspersky Lab ZAO) C:\Users\Utilisateur\Downloads\tdsskiller.exe
2015-06-30 16:40 - 2009-04-11 15:18 - 02926592 _____ (Microsoft Corporation) C:\Windows\expl2.exe
2015-06-30 15:47 - 2015-06-30 15:47 - 00000968 _____ C:\Users\Utilisateur\Desktop\Fichiers d’installation Norton.lnk
2015-06-30 15:43 - 2015-06-30 15:43 - 01111048 _____ (Symantec Corporation) C:\Users\Utilisateur\Downloads\NBRT-Retail-Downloader(2).exe
2015-06-30 15:37 - 2015-06-30 15:38 - 01111048 _____ (Symantec Corporation) C:\Users\Utilisateur\Downloads\NBRT-Retail-Downloader(1).exe
2015-06-30 15:17 - 2015-06-30 15:19 - 10087400 _____ (Symantec Corporation) C:\Users\Utilisateur\Downloads\NPE(2).exe
2015-06-30 15:10 - 2015-06-30 15:10 - 10087400 _____ (Symantec Corporation) C:\Users\Utilisateur\Downloads\NPE(1).exe
2015-06-30 15:01 - 2015-06-30 15:01 - 00000900 _____ C:\Users\Utilisateur\Documents\cc_20150630_150059.reg
2015-06-28 13:41 - 2015-06-28 13:41 - 00000000 ____D C:\Windows\CheckSur
2015-06-27 18:08 - 2015-06-27 18:08 - 00000000 _____ C:\Users\Utilisateur\sfc
2015-06-27 13:37 - 2015-06-27 13:37 - 00262144 _____ C:\Windows\system32\config\elam
2015-06-27 13:09 - 2015-06-27 13:09 - 00000207 _____ C:\Windows\tweaking.com-regbackup-PC-DE-UTILISATE-Windows-Vista-(TM)-Home-Premium-(32-bit).dat
2015-06-27 13:09 - 2015-06-27 13:09 - 00000000 ____D C:\RegBackup
2015-06-27 12:04 - 2015-06-27 12:04 - 04197016 _____ (Kaspersky Lab ZAO) C:\Users\Public\tdsskiller.exe
2015-06-27 11:16 - 2015-06-27 11:16 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tweaking.com
2015-06-27 11:16 - 2015-06-27 11:16 - 00000000 ____D C:\Program Files\Tweaking.com
2015-06-27 11:13 - 2015-06-27 11:13 - 12907304 _____ C:\Users\Public\tweaking.com_windows_repair_aio_setup.exe
2015-06-19 20:49 - 2015-06-19 20:49 - 00000000 ____D C:\Users\Utilisateur\AppData\Local\LogMeIn Rescue Applet
2015-06-19 20:29 - 2015-06-19 20:31 - 00002351 _____ C:\Users\Utilisateur\Desktop\Windows 7 USB DVD Download Tool.lnk
2015-06-19 20:29 - 2015-06-19 20:31 - 00000000 ____D C:\Users\Utilisateur\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows 7 USB DVD Download Tool
2015-06-19 20:29 - 2015-06-19 20:31 - 00000000 ____D C:\Users\Utilisateur\AppData\Local\Apps\Windows 7 USB DVD Download Tool
2015-06-19 20:28 - 2015-06-19 20:28 - 02721168 _____ (Microsoft Corporation) C:\Users\Public\Windows7-USB-DVD-Download-Tool-Installer-en-US.exe
2015-06-18 14:29 - 2015-06-18 14:29 - 05817064 _____ (ParetoLogic Inc.) C:\Users\Public\ParetoLogic PC Health Advisor_fr.exe
2015-06-17 17:17 - 2015-07-09 11:29 - 00001958 _____ C:\Windows\system32\ScanResults.xml
2015-06-17 17:09 - 2015-07-09 11:26 - 00000464 _____ C:\Windows\system32\ScannerSettings
2015-06-16 18:03 - 2015-06-16 18:04 - 140852175 _____ C:\Users\Public\Apache_OpenOffice_4.1.1_Win_x86_install_en-US.exe
2015-06-16 17:58 - 2015-06-16 17:59 - 132488258 _____ C:\Users\Public\Apache_OpenOffice_4.1.1_Win_x86_install_fr.exe
2015-06-15 17:34 - 2015-06-15 17:34 - 00000673 _____ C:\Users\Public\Desktop\Norton Utilities 16.lnk
2015-06-15 17:31 - 2015-06-15 17:31 - 18887256 _____ (Symantec) C:\Users\Public\nu16.0.2.39-SMUI.exe
2015-06-14 12:27 - 2015-06-18 18:06 - 10087400 _____ (Symantec Corporation) C:\Users\Public\NPE.exe
2015-06-13 20:40 - 2015-06-13 20:40 - 00002246 _____ C:\GUDownLoaddebug.txt
2015-06-13 20:40 - 2015-06-13 20:40 - 00001066 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Registry Repair.lnk
2015-06-13 20:40 - 2015-06-13 20:40 - 00001054 _____ C:\Users\Public\Desktop\Registry Repair.lnk
2015-06-13 20:40 - 2015-06-13 20:40 - 00000000 ____D C:\Users\Utilisateur\AppData\Roaming\GlarySoft
2015-06-13 20:40 - 2015-06-13 20:40 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Glarysoft
2015-06-13 20:40 - 2015-06-13 20:40 - 00000000 ____D C:\Program Files\Glarysoft
2015-06-13 20:38 - 2015-06-13 20:38 - 04828912 _____ C:\Users\Public\rrsetup.exe
2015-06-13 20:21 - 2015-06-13 20:21 - 00000000 ____D C:\ProgramData\Reimage Protector
2015-06-13 20:20 - 2015-06-14 13:00 - 00000000 ____D C:\Program Files\Reimage
2015-06-13 20:20 - 2015-06-13 20:22 - 00000000 ____D C:\rei
2015-06-13 20:19 - 2015-06-29 18:12 - 00000165 _____ C:\Windows\Reimage.ini
2015-06-13 20:19 - 2015-06-13 20:19 - 00768512 _____ (Reimage®) C:\Users\Public\ReimageRepair.exe
2015-06-13 19:57 - 2015-07-09 11:43 - 00000095 _____ C:\Users\Utilisateur\.accessibility.properties
2015-06-13 09:41 - 2015-06-13 09:41 - 10087400 _____ (Symantec Corporation) C:\Users\Utilisateur\Downloads\NPE (9).exe
2015-06-13 09:41 - 2015-06-13 09:41 - 10087400 _____ (Symantec Corporation) C:\Users\Utilisateur\Downloads\NPE (8).exe
2015-06-13 09:37 - 2015-06-13 09:37 - 00465560 _____ (Muddy Software) C:\Users\Utilisateur\Downloads\EasySecureEraser (1).exe
2015-06-13 09:32 - 2015-06-13 10:53 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Easy & Secure Eraser
2015-06-13 09:31 - 2015-06-13 09:31 - 00465560 _____ (Muddy Software) C:\Users\Utilisateur\Downloads\EasySecureEraser.exe
2015-06-13 07:32 - 2015-06-13 07:32 - 10087400 _____ (Symantec Corporation) C:\Users\Utilisateur\Downloads\NPE (7).exe
2015-06-13 07:20 - 2015-06-13 07:20 - 10087400 _____ (Symantec Corporation) C:\Users\Utilisateur\Downloads\NPE (6).exe
2015-06-13 07:20 - 2015-06-13 07:20 - 10087400 _____ (Symantec Corporation) C:\Users\Utilisateur\Downloads\NPE (2).exe
2015-06-11 19:06 - 2015-06-11 19:06 - 00912696 _____ (Symantec Corporation) C:\Users\Utilisateur\Downloads\NBRT-Retail-Downloader (4).exe
2015-06-11 19:04 - 2015-06-11 19:04 - 00912696 _____ (Symantec Corporation) C:\Users\Utilisateur\Downloads\NBRT-Retail-Downloader (3).exe
2015-06-11 19:00 - 2015-06-11 19:00 - 00912696 _____ (Symantec Corporation) C:\Users\Utilisateur\Downloads\NBRT-Retail-Downloader (2).exe
2015-06-11 18:00 - 2015-06-30 15:54 - 00000000 ____D C:\Users\Utilisateur\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Norton
2015-06-11 18:00 - 2015-06-30 15:38 - 00000000 ____D C:\Users\Public\Downloads\Norton
2015-06-11 18:00 - 2015-06-11 18:00 - 00912696 _____ (Symantec Corporation) C:\Users\Utilisateur\Downloads\NBRT-Retail-Downloader.exe
2015-06-11 18:00 - 2015-06-11 18:00 - 00912696 _____ (Symantec Corporation) C:\Users\Utilisateur\Downloads\NBRT-Retail-Downloader (1).exe
2015-06-11 17:50 - 2015-06-11 17:50 - 00000000 ____D C:\Program Files\Common Files\Java
2015-06-11 17:47 - 2015-06-11 17:47 - 00561248 _____ (Oracle Corporation) C:\Users\Public\jxpiinstall.exe
2015-06-11 17:42 - 2015-06-11 17:42 - 00938408 _____ (Oracle Corporation) C:\Users\Public\jre-7u79-windows-i586-iftw.exe
2015-06-11 16:29 - 2015-07-04 11:13 - 00000298 ___SH C:\grub2.cfg
2015-06-11 16:23 - 2015-06-11 16:23 - 10087400 _____ (Symantec Corporation) C:\Users\Utilisateur\Downloads\NPE (5).exe
2015-06-11 16:23 - 2015-06-11 16:23 - 10087400 _____ (Symantec Corporation) C:\Users\Utilisateur\Downloads\NPE (4).exe
2015-06-11 16:22 - 2015-06-11 16:22 - 10087400 _____ (Symantec Corporation) C:\Users\Utilisateur\Downloads\NPE (3).exe
2015-06-10 14:49 - 2015-04-24 17:54 - 00532480 _____ (Microsoft Corporation) C:\Windows\system32\comctl32.dll
2015-06-10 14:48 - 2015-05-21 16:22 - 02066432 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2015-06-10 14:47 - 2015-05-09 01:08 - 00894464 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2015-06-10 14:40 - 2015-05-05 00:51 - 10628608 _____ (Microsoft Corporation) C:\Windows\system32\wmp.dll
2015-06-10 14:40 - 2015-05-05 00:50 - 00007680 _____ (Microsoft Corporation) C:\Windows\system32\spwmp.dll
2015-06-10 14:40 - 2015-05-05 00:50 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\msdxm.ocx
2015-06-10 14:40 - 2015-05-05 00:50 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\dxmasf.dll
2015-06-10 14:40 - 2015-05-04 23:21 - 08147456 _____ (Microsoft Corporation) C:\Windows\system32\wmploc.DLL
2015-06-10 14:04 - 2015-05-31 02:03 - 12385280 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-06-10 14:04 - 2015-05-31 01:55 - 01809920 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-06-10 14:04 - 2015-05-31 01:54 - 00367616 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2015-06-10 14:04 - 2015-05-31 01:53 - 09750528 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-06-10 14:04 - 2015-05-31 01:50 - 01139712 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-06-10 14:04 - 2015-05-31 01:49 - 01427968 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-06-10 14:04 - 2015-05-31 01:49 - 01129472 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-06-10 14:04 - 2015-05-31 01:49 - 00718336 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2015-06-10 14:04 - 2015-05-31 01:49 - 00421888 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-06-10 14:04 - 2015-05-31 01:48 - 01804288 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-06-10 14:04 - 2015-05-31 01:48 - 00607744 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-06-10 14:04 - 2015-05-31 01:48 - 00353792 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2015-06-10 14:04 - 2015-05-31 01:48 - 00231936 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2015-06-10 14:04 - 2015-05-31 01:48 - 00223232 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-06-10 14:04 - 2015-05-31 01:48 - 00142848 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2015-06-10 14:04 - 2015-05-31 01:48 - 00065024 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2015-06-10 14:04 - 2015-05-31 01:48 - 00041472 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll
2015-06-10 14:04 - 2015-05-31 01:47 - 02382848 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2015-06-10 14:04 - 2015-05-31 01:47 - 00176640 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2015-06-10 14:04 - 2015-05-31 01:47 - 00073216 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-06-10 14:04 - 2015-05-31 01:47 - 00011776 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe
2015-06-10 14:04 - 2015-05-31 01:47 - 00010752 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe
2015-06-09 19:11 - 2015-06-09 19:11 - 10087400 _____ (Symantec Corporation) C:\Users\Utilisateur\Downloads\NPE (1).exe
2015-06-09 14:59 - 2015-06-09 14:59 - 01402880 _____ C:\Users\Public\hijackthis_hijackthis_2.0.4_anglais_17891.msi
2015-06-09 14:33 - 2015-06-09 14:33 - 00022577 _____ C:\Users\Public\hijackthis.log
2015-06-09 14:32 - 2015-06-09 14:32 - 00388608 _____ (Trend Micro Inc.) C:\Users\Public\HijackThis.exe
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2015-07-09 12:48 - 2015-04-23 17:39 - 00001056 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-07-09 11:47 - 2009-04-11 18:25 - 01705958 _____ C:\Windows\system32\PerfStringBackup.INI
2015-07-09 11:43 - 2015-06-05 01:11 - 00000268 _____ C:\Windows\Tasks\NUAutoUpdate.job
2015-07-09 11:43 - 2015-06-05 00:25 - 00000000 ____D C:\Users\Public\Norton Utilities 16
2015-07-09 11:43 - 2015-06-04 17:04 - 00000000 ____D C:\ProgramData\TEMP
2015-07-09 11:43 - 2015-05-29 04:45 - 00000000 ___RD C:\Users\Public\Recorded TV
2015-07-09 11:43 - 2015-04-23 17:39 - 00001052 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-07-09 11:43 - 2014-11-29 17:10 - 00000000 ____D C:\ProgramData\Kaspersky Lab
2015-07-09 11:43 - 2013-12-07 12:33 - 00778416 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
2015-07-09 11:43 - 2013-12-07 12:33 - 00142512 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl
2015-07-09 11:43 - 2013-12-07 12:33 - 00001002 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-07-09 11:43 - 2013-12-06 17:07 - 00000000 ____D C:\ProgramData\NVIDIA
2015-07-09 11:43 - 2013-12-06 14:57 - 00000000 ____D C:\Users\Utilisateur
2015-07-09 11:43 - 2006-11-02 15:01 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2015-07-09 11:43 - 2006-11-02 14:47 - 00003760 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
2015-07-09 11:43 - 2006-11-02 14:47 - 00003760 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
2015-07-09 11:43 - 2006-11-02 13:18 - 00000000 ____D C:\Windows\registration
2015-07-09 02:00 - 2015-03-24 17:38 - 00000338 _____ C:\Windows\Tasks\Défragmentation PC Health Advisor_sch_E14652F2-D23B-11E4-B2BA-AC220B4F2792.job
2015-07-09 01:17 - 2015-06-05 00:26 - 00000000 ____D C:\Users\Utilisateur\AppData\Roaming\Norton Utilities 16
2015-07-08 19:30 - 2015-06-05 19:00 - 00000374 _____ C:\Windows\system32\AppLog.log
2015-07-08 19:30 - 2015-06-05 01:11 - 00000262 _____ C:\Windows\Tasks\NUSchedule.job
2015-07-07 10:33 - 2015-06-05 18:06 - 00000310 _____ C:\Windows\Tasks\SpeedDiskSchedule.job
2015-07-07 07:04 - 2015-06-04 13:13 - 00000000 ____D C:\Users\Utilisateur\AppData\Local\CrashDumps
2015-07-06 13:36 - 2015-04-21 16:30 - 00000000 ____D C:\Program Files\Mozilla Maintenance Service
2015-07-06 13:08 - 2006-11-02 13:18 - 00000000 ___RD C:\Users\Public
2015-07-04 19:20 - 2006-11-02 13:18 - 00000000 __RHD C:\Users\Default
2015-07-04 19:12 - 2014-12-14 14:44 - 00052136 _____ C:\Windows\system32\GDIPFONTCACHEV1.DAT
2015-07-04 18:14 - 2013-12-06 18:31 - 00000000 ____D C:\ProgramData\Adobe
2015-07-04 17:50 - 2015-03-25 12:03 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OpenOffice 4.1.1
2015-07-04 17:50 - 2015-03-25 12:00 - 00000000 ____D C:\Program Files\OpenOffice 4
2015-07-04 16:59 - 2014-11-10 17:48 - 00157240 _____ (Kaspersky Lab ZAO) C:\Windows\system32\Drivers\kneps.sys
2015-07-04 16:59 - 2014-10-10 17:02 - 00034160 _____ (Kaspersky Lab ZAO) C:\Windows\system32\Drivers\klim6.sys
2015-07-04 16:59 - 2014-10-09 12:31 - 00054328 _____ (Kaspersky Lab ZAO) C:\Windows\system32\Drivers\kltdi.sys
2015-07-04 16:59 - 2014-08-19 12:31 - 00054640 _____ (Kaspersky Lab ZAO) C:\Windows\system32\Drivers\kldisk.sys
2015-07-04 16:59 - 2014-03-31 10:47 - 00153784 _____ (Kaspersky Lab ZAO) C:\Windows\system32\Drivers\kl1.sys
2015-07-04 16:59 - 2013-04-12 14:34 - 00023920 _____ (Kaspersky Lab ZAO) C:\Windows\system32\Drivers\klpd.sys
2015-07-04 16:58 - 2014-12-13 18:21 - 00705208 _____ (Kaspersky Lab ZAO) C:\Windows\system32\Drivers\klif.sys
2015-07-04 16:58 - 2014-11-28 18:19 - 00128728 _____ (Kaspersky Lab ZAO) C:\Windows\system32\Drivers\klflt.sys
2015-07-04 16:58 - 2014-10-30 04:22 - 00036208 _____ (Kaspersky Lab ZAO) C:\Windows\system32\Drivers\klkbdflt.sys
2015-07-04 16:58 - 2014-10-22 21:13 - 00044208 _____ (Kaspersky Lab ZAO) C:\Windows\system32\Drivers\klhk.sys
2015-07-04 16:58 - 2013-08-08 16:10 - 00035696 _____ (Kaspersky Lab ZAO) C:\Windows\system32\Drivers\klmouflt.sys
2015-07-04 16:58 - 2013-01-14 20:10 - 00197864 _____ (Kaspersky Lab UK Ltd) C:\Windows\system32\Drivers\cm_km_w.sys
2015-07-04 16:55 - 2015-05-05 14:26 - 00000000 ____D C:\Users\Utilisateur\Desktop\Anciennes données de Firefox
2015-07-04 16:42 - 2014-11-29 17:10 - 00000000 ____D C:\Program Files\Kaspersky Lab
2015-07-04 15:46 - 2015-05-16 20:56 - 00000000 ____D C:\ProgramData\AVAST Software
2015-07-04 15:40 - 2015-06-04 12:29 - 00000000 ____D C:\ProgramData\Norton
2015-07-04 15:39 - 2013-12-06 18:39 - 00001912 _____ C:\Windows\epplauncher.mif
2015-07-04 15:39 - 2013-12-06 18:38 - 00000000 ____D C:\Program Files\Microsoft Security Client
2015-06-30 19:36 - 2015-06-05 14:30 - 37515264 _____ C:\Windows\system32\config\software.rrr
2015-06-30 19:36 - 2015-06-05 14:30 - 00880640 _____ C:\Windows\system32\config\default.rrr
2015-06-30 19:36 - 2015-05-28 21:15 - 00000000 ____D C:\Users\Administrateur
2015-06-30 18:25 - 2008-03-21 20:47 - 00000000 ____D C:\Acer
2015-06-30 15:34 - 2015-06-04 12:29 - 00000000 ____D C:\Users\Utilisateur\AppData\Local\NPE
2015-06-30 15:25 - 2015-06-04 12:37 - 00000000 ____D C:\NPE
2015-06-29 18:46 - 2006-11-02 13:18 - 00000000 ____D C:\Windows\system32\LogFiles
2015-06-23 13:27 - 2013-12-06 17:12 - 00246952 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2015-06-19 20:49 - 2015-06-08 17:14 - 01532224 _____ (LogMeIn, Inc.) C:\Users\Public\Support-LogMeInRescue.exe
2015-06-16 18:09 - 2006-11-02 13:18 - 00000000 ____D C:\Program Files\Common Files\microsoft shared
2015-06-15 18:54 - 2015-06-05 00:26 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Norton Utilities 16
2015-06-15 18:08 - 2015-03-16 16:55 - 00000000 ____D C:\Users\Utilisateur\AppData\Roaming\SoftGrid Client
2015-06-13 13:59 - 2006-11-02 13:18 - 00000000 ____D C:\Windows\system32\fr-FR
2015-06-13 13:59 - 2006-11-02 13:18 - 00000000 ____D C:\Windows\system32\el-GR
2015-06-13 13:59 - 2006-11-02 13:18 - 00000000 ____D C:\Windows\system32\de-DE
2015-06-13 11:01 - 2009-04-11 18:23 - 00000000 ____D C:\Windows\fr-FR
2015-06-13 08:17 - 2014-03-03 12:19 - 00000000 ____D C:\Windows\pss
2015-06-11 17:50 - 2014-09-05 16:10 - 00000000 ____D C:\ProgramData\Oracle
2015-06-11 17:49 - 2015-04-29 11:14 - 00096352 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge.dll
2015-06-11 17:48 - 2013-12-06 18:30 - 00000000 ____D C:\Program Files\Java
2015-06-10 23:11 - 2006-11-02 13:18 - 00000000 ____D C:\Windows\rescache
2015-06-10 14:47 - 2013-12-06 17:35 - 00000000 ____D C:\Windows\system32\MRT
2015-06-10 14:41 - 2006-11-02 12:24 - 136900096 _____ (Microsoft Corporation) C:\Windows\system32\mrt.exe
2015-06-09 15:05 - 2015-03-17 13:13 - 00000000 ____D C:\Users\Utilisateur\AppData\Local\VirtualStore
==================== Files in the root of some directories =======
2015-05-18 18:45 - 2015-05-18 18:45 - 6420480 _____ () C:\Program Files\GUTC88D.tmp
2015-03-23 23:16 - 2015-06-07 23:11 - 0000680 _____ () C:\Users\Utilisateur\AppData\Local\d3d9caps.dat
2015-05-27 16:54 - 2015-05-27 16:54 - 0004608 _____ () C:\Users\Utilisateur\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2013-12-07 12:46 - 2013-12-07 12:46 - 0000057 _____ () C:\ProgramData\Ament.ini
2013-12-06 16:24 - 2013-12-06 16:24 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
Files to move or delete:
====================
C:\Users\Public\adwcleaner-4-202-multi-win.exe
C:\Users\Public\adwcleaner_4.205 (1).exe
C:\Users\Public\adwcleaner_4.205.exe
C:\Users\Public\Apache_OpenOffice_4.1.1_Win_x86_install_en-US.exe
C:\Users\Public\Apache_OpenOffice_4.1.1_Win_x86_install_fr.exe
C:\Users\Public\cc_20150528_231238.erreur.registre.mai.2015.reg
C:\Users\Public\cc_20150601_155455.reg
C:\Users\Public\ChromeSetup.exe
C:\Users\Public\CleanMyPCSetup.exe
C:\Users\Public\cryptoasetup.exe
C:\Users\Public\dotNetFx45_Full_setup(1).exe
C:\Users\Public\dotNetFx45_Full_setup(2).exe
C:\Users\Public\dotNetFx45_Full_setup.exe
C:\Users\Public\DriverTurboSetup.exe
C:\Users\Public\DuplicateCleaner3_setup.exe
C:\Users\Public\edfSetup.exe
C:\Users\Public\Firefox Setup Stub 37.0.2.exe
C:\Users\Public\HijackThis.exe
C:\Users\Public\jre-7u79-windows-i586-iftw.exe
C:\Users\Public\jxpiinstall.exe
C:\Users\Public\kts15.0.2.361fr_7383(1).exe
C:\Users\Public\kts15.0.2.361fr_7383(2).exe
C:\Users\Public\kts15.0.2.361fr_7383.exe
C:\Users\Public\mbam-setup-2.1.6.1022.exe
C:\Users\Public\NPE (1).exe
C:\Users\Public\NPE.exe
C:\Users\Public\nu16.0.2.39-SMUI.exe
C:\Users\Public\ParetoLogic PC Health Advisor_fr.exe
C:\Users\Public\ReimageRepair.exe
C:\Users\Public\rrsetup.exe
C:\Users\Public\spybot-2.4.exe
C:\Users\Public\SUPERAntiSpyware.exe
C:\Users\Public\Support-LogMeInRescue (1).exe
C:\Users\Public\Support-LogMeInRescue (5).exe
C:\Users\Public\Support-LogMeInRescue.exe
C:\Users\Public\tdsskiller.exe
C:\Users\Public\Traqueur_3.1.13.exe
C:\Users\Public\tweaking.com_windows_repair_aio_setup.exe
C:\Users\Public\VeraCrypt Setup 1.0f-2 (1).exe
C:\Users\Public\VeraCrypt Setup 1.0f-2.exe
C:\Users\Public\Windows7-USB-DVD-Download-Tool-Installer-en-US.exe
==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2015-07-09 11:56
==================== End of log ============================
Ran by Utilisateur (administrator) on PC-DE-UTILISATE on 09-07-2015 13:03:05
Running from C:\Users\Utilisateur\Downloads
Loaded Profiles: Utilisateur (Available Profiles: Utilisateur & Administrateur)
Platform: Windows Vista (TM) Home Premium Service Pack 2 (X86) OS Language: Français (France)
Internet Explorer Version 9 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(Microsoft Corporation) C:\Windows\System32\SLsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(SUPERAntiSpyware.com) C:\Program Files\SUPERAntiSpyware\SASCore.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe
(Kaspersky Lab ZAO) C:\Program Files\Kaspersky Lab\Kaspersky Total Security 15.0.2\avp.exe
(Microsoft Corporation) C:\Windows\System32\CISVC.EXE
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\ehome\ehrecvr.exe
(Microsoft Corporation) C:\Windows\ehome\ehsched.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
(Microsoft Corporation) C:\Program Files\Windows Live\Family Safety\fsssvc.exe
(PC Tools) C:\Users\Public\Norton Utilities 16\sMonitor\StartManSvc.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
(Reimage®) C:\Program Files\Reimage\Reimage Protector\ReiGuard.exe
(Microsoft Corporation) C:\Windows\System32\Locator.exe
(Reimage®) C:\Program Files\Reimage\Reimage Protector\ReiSystem.exe
(Microsoft Corporation) C:\Program Files\Microsoft Application Virtualization Client\sftvsa.exe
(Microsoft Corporation) C:\Windows\System32\UI0Detect.exe
(Microsoft Corp.) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVCM.EXE
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
(Kaspersky Lab ZAO) C:\Program Files\Kaspersky Lab\Kaspersky Total Security 15.0.2\avpui.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI.exe
(Symantec Corporation) C:\Users\Public\Norton Utilities 16\sMonitor\SSDMonitor.exe
(Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jusched.exe
(Hewlett-Packard) C:\Program Files\HP\HP Software Update\hpwuschd2.exe
(Microsoft Corporation) C:\Program Files\Windows Media Player\wmpnscfg.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(SUPERAntiSpyware) C:\Program Files\SUPERAntiSpyware\SUPERANTISPYWARE.EXE
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner.exe
(Microsoft Corporation) C:\Program Files\Microsoft Application Virtualization Client\sftlist.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE
(Tweaking.com) C:\Program Files\Tweaking.com\Windows Repair (All in One)\WR_Tray_Icon.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe
(Microsoft Corporation) C:\Windows\System32\wbem\unsecapp.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\plugin-container.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\plugin-container.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\plugin-container.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\plugin-container.exe
(Adobe Systems, Inc.) C:\Windows\System32\Macromed\Flash\FlashPlayerPlugin_18_0_0_194.exe
(Adobe Systems, Inc.) C:\Windows\System32\Macromed\Flash\FlashPlayerPlugin_18_0_0_194.exe
(Microsoft Corporation) C:\Windows\System32\conime.exe
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [] => [X]
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI.exe [6336216 2013-11-04] (Realtek Semiconductor)
HKLM\...\Run: [SSDMonitor] => C:\Users\Public\Norton Utilities 16\sMonitor\SSDMonitor.exe [106072 2015-03-17] (Symantec Corporation)
HKLM\...\Run: [SunJavaUpdateSched] => C:\Program Files\Common Files\Java\Java Update\jusched.exe [334896 2015-04-30] (Oracle Corporation)
HKLM\...\Run: [HP Software Update] => C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe [96056 2013-05-30] (Hewlett-Packard)
HKU\S-1-5-19\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\system32\logon.scr
HKU\S-1-5-20\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\system32\logon.scr
HKU\S-1-5-21-3427801323-731345876-450246096-1000\...\Run: [WMPNSCFG] => C:\Program Files\Windows Media Player\WMPNSCFG.exe [202240 2008-01-21] (Microsoft Corporation)
HKU\S-1-5-21-3427801323-731345876-450246096-1000\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner.exe [4826904 2014-10-30] (Piriform Ltd)
HKU\S-1-5-21-3427801323-731345876-450246096-1000\...\Run: [SUPERAntiSpyware] => C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe [6715160 2015-07-09] (SUPERAntiSpyware)
HKU\S-1-5-21-3427801323-731345876-450246096-1000\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\system32\logon.scr
HKU\S-1-5-18\...\Run: [AviraSpeedup] => "C:\Program Files\Avira\AviraSpeedup\avira_system_speedup.exe" -autorun
HKU\S-1-5-18\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\system32\logon.scr
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => No File
ShellIconOverlayIdentifiers: [KAVOverlayIcon] -> {014F27E2-6D75-4E42-A0E9-2A2C68498AFA} => No File
ShellIconOverlayIdentifiers: [OverlayExcluded] -> {4433A54A-1AC8-432F-90FC-85F045CF383C} => C:\Program Files\Norton Security with Backup\Engine\22.0.0.110\buShell.dll [2014-08-20] (Symantec Corporation)
ShellIconOverlayIdentifiers: [OverlayPending] -> {F17C0B1E-EF8E-4AD4-8E1B-7D7E8CB23225} => C:\Program Files\Norton Security with Backup\Engine\22.0.0.110\buShell.dll [2014-08-20] (Symantec Corporation)
ShellIconOverlayIdentifiers: [OverlayProtected] -> {476D0EA3-80F9-48B5-B70B-05E677C9C148} => C:\Program Files\Norton Security with Backup\Engine\22.0.0.110\buShell.dll [2014-08-20] (Symantec Corporation)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKU\.DEFAULT\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKU\S-1-5-21-3427801323-731345876-450246096-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
ProxyEnable: [S-1-5-21-3427801323-731345876-450246096-1000] => Internet Explorer proxy is enabled
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Bar = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm
HKU\S-1-5-21-3427801323-731345876-450246096-1000\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\S-1-5-21-3427801323-731345876-450246096-1000\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://fr.msn.com/?ocid=iehp
HKU\S-1-5-21-3427801323-731345876-450246096-1000\Software\Microsoft\Internet Explorer\Main,Search Bar = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm
HKU\S-1-5-21-3427801323-731345876-450246096-1000\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO: Virtual Keyboard Plugin -> {4A66AD60-A03D-4D01-86F0-5F0F7C0EF1AD} -> C:\Program Files\Kaspersky Lab\Kaspersky Total Security 15.0.2\IEExt\ie_plugin.dll [2014-12-23] (Kaspersky Lab ZAO)
BHO: Norton Identity Protection -> {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} -> C:\Program Files\Norton Security with Backup\Engine\22.0.0.110\coIEPlg.dll [2014-09-13] (Symantec Corporation)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_45\bin\ssv.dll [2015-06-11] (Oracle Corporation)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28] (Microsoft Corp.)
BHO: Content Blocker Plugin -> {93BC2EA7-2F17-4729-948A-D2E03FFB2412} -> C:\Program Files\Kaspersky Lab\Kaspersky Total Security 15.0.2\IEExt\ie_plugin.dll [2014-12-23] (Kaspersky Lab ZAO)
BHO: Windows Live Messenger Companion Helper -> {9FDDE16B-836F-4806-AB1F-1455CBEFF289} -> C:\Program Files\Windows Live\Companion\companioncore.dll [2012-03-08] (Microsoft Corporation)
BHO: Safe Money Plugin -> {AB379017-4C03-4E00-8EDF-E6D6AF7CCF82} -> C:\Program Files\Kaspersky Lab\Kaspersky Total Security 15.0.2\IEExt\ie_plugin.dll [2014-12-23] (Kaspersky Lab ZAO)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_45\bin\jp2ssv.dll [2015-06-11] (Oracle Corporation)
Toolbar: HKLM - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Norton Security with Backup\Engine\22.0.0.110\coIEPlg.dll [2014-09-13] (Symantec Corporation)
Tcpip\Parameters: [DhcpNameServer] 89.2.0.1 89.2.0.2
Tcpip\..\Interfaces\{3C812D06-8E44-435C-AD62-CC21EEFE049D}: [DhcpNameServer] 89.2.0.1 89.2.0.2
FireFox:
========
FF ProfilePath: C:\Users\Utilisateur\AppData\Roaming\Mozilla\Firefox\Profiles\skbms4dg.default-1436021748754
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32_18_0_0_194.dll [2015-06-26] ()
FF Plugin: @java.com/DTPlugin,version=11.45.2 -> C:\Program Files\Java\jre1.8.0_45\bin\dtplugin\npDeployJava1.dll [2015-06-11] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.45.2 -> C:\Program Files\Java\jre1.8.0_45\bin\plugin2\npjp2.dll [2015-06-11] (Oracle Corporation)
FF Plugin: @kaspersky.com/content_blocker_663BE84DBCC949E88C7600F63CA7F098 -> C:\Program Files\Kaspersky Lab\Kaspersky Total Security 15.0.2\FFExt\content_blocker@kaspersky.com [2015-07-04] ()
FF Plugin: @kaspersky.com/online_banking_08806E753BE44495B44E90AA2513BDC5 -> C:\Program Files\Kaspersky Lab\Kaspersky Total Security 15.0.2\FFExt\online_banking@kaspersky.com [2015-07-04] ()
FF Plugin: @kaspersky.com/virtual_keyboard_07402848C2F6470194F131B0F3DE025E -> C:\Program Files\Kaspersky Lab\Kaspersky Total Security 15.0.2\FFExt\virtual_keyboard@kaspersky.com [2015-07-04] ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.40416.0\npctrl.dll [2015-04-15] ( Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll [2012-03-08] (Microsoft Corporation)
FF Plugin: @microsoft.com/WLPG,version=15.4.3555.0308 -> C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll [2012-03-08] (Microsoft Corporation)
FF Plugin: @microsoft.com/WPF,version=3.5 -> C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll [2008-07-30] (Microsoft Corporation)
FF Plugin: @nvidia.com/3DVision -> C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dv.dll [2013-01-18] (NVIDIA Corporation)
FF Plugin: @nvidia.com/3DVisionStreaming -> C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2013-01-18] (NVIDIA Corporation)
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-05-19] (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-05-19] (Google Inc.)
FF Plugin: @videolan.org/vlc,version=2.0.7 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.2.0 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.2.1 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2014-12-03] (Adobe Systems Inc.)
FF user.js: detected! => C:\Users\Utilisateur\AppData\Roaming\Mozilla\Firefox\Profiles\skbms4dg.default-1436021748754\user.js [2015-07-04]
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF Extension: Microsoft .NET Framework Assistant - C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension [2015-05-07]
FF HKLM\...\Firefox\Extensions: [{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NSBU_22.0.0.110\coFFPlgn
FF HKLM\...\Firefox\Extensions: [content_blocker_663BE84DBCC949E88C7600F63CA7F098@kaspersky.com] - C:\Program Files\Kaspersky Lab\Kaspersky Total Security 15.0.2\FFExt\content_blocker@kaspersky.com
FF Extension: Dangerous Websites Blocker - C:\Program Files\Kaspersky Lab\Kaspersky Total Security 15.0.2\FFExt\content_blocker@kaspersky.com [2015-07-04]
FF HKLM\...\Firefox\Extensions: [virtual_keyboard_07402848C2F6470194F131B0F3DE025E@kaspersky.com] - C:\Program Files\Kaspersky Lab\Kaspersky Total Security 15.0.2\FFExt\virtual_keyboard@kaspersky.com
FF Extension: Virtual Keyboard - C:\Program Files\Kaspersky Lab\Kaspersky Total Security 15.0.2\FFExt\virtual_keyboard@kaspersky.com [2015-07-04]
FF HKLM\...\Firefox\Extensions: [online_banking_08806E753BE44495B44E90AA2513BDC5@kaspersky.com] - C:\Program Files\Kaspersky Lab\Kaspersky Total Security 15.0.2\FFExt\online_banking@kaspersky.com
FF Extension: Safe Money - C:\Program Files\Kaspersky Lab\Kaspersky Total Security 15.0.2\FFExt\online_banking@kaspersky.com [2015-07-04]
Chrome:
=======
CHR Profile: C:\Users\Utilisateur\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Drive) - C:\Users\Utilisateur\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-04-23]
CHR Extension: (YouTube) - C:\Users\Utilisateur\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-04-23]
CHR Extension: (Norton Security Toolbar) - C:\Users\Utilisateur\AppData\Local\Google\Chrome\User Data\Default\Extensions\cjabmdjcfcfdmffimndhafhblfmpjdpe [2015-06-07]
CHR Extension: (No Name) - C:\Users\Utilisateur\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-04-23]
CHR Extension: (No Name) - C:\Users\Utilisateur\AppData\Local\Google\Chrome\User Data\Default\Extensions\dbhjdbfgekjfcfkkfjjmlmojhbllhbho [2015-04-23]
CHR Extension: (Avast Online Security) - C:\Users\Utilisateur\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2015-04-23]
CHR Extension: (Chrome Hotword Shared Module) - C:\Users\Utilisateur\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-04-23]
CHR Extension: (No Name) - C:\Users\Utilisateur\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-04-23]
CHR Extension: (Gmail) - C:\Users\Utilisateur\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-04-23]
CHR HKLM\...\Chrome\Extension: [cjabmdjcfcfdmffimndhafhblfmpjdpe] - C:\Program Files\Norton Security with Backup\Engine\22.0.0.110\Exts\Chrome.crx [2015-06-07]
CHR HKLM\...\Chrome\Extension: [dbhjdbfgekjfcfkkfjjmlmojhbllhbho] - https://chrome.google.com/webstore/detail/dbhjdbfgekjfcfkkfjjmlmojhbllhbho
CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - https://clients2.google.com/service/update2/crx
========================== Services (Whitelisted) =================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 !SASCORE; C:\Program Files\SUPERAntiSpyware\SASCORE.EXE [142648 2014-07-23] (SUPERAntiSpyware.com)
S2 AntiVirSchedulerService; C:\Program Files\Avira\AntiVir Desktop\sched.exe [432888 2015-03-20] (Avira Operations GmbH & Co. KG)
S2 AntiVirService; C:\Program Files\Avira\AntiVir Desktop\avguard.exe [432888 2015-03-20] (Avira Operations GmbH & Co. KG)
R2 AVP15.0.2; C:\Program Files\Kaspersky Lab\Kaspersky Total Security 15.0.2\avp.exe [194000 2015-07-04] (Kaspersky Lab ZAO)
S3 DiskDoctorService; C:\Users\Public\Norton Utilities 16\Tools\Disk Doctor\DiskDoctorSrv.exe [1150552 2015-03-17] (Symantec Corporation)
R2 iprip; C:\Windows\System32\iprip.dll [29696 2006-11-02] (Microsoft Corporation)
S2 MBAMService; C:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe [1133880 2015-06-18] (Malwarebytes Corporation)
S2 MsMpSvc; C:\Program Files\Microsoft Security Client\MsMpEng.exe [22216 2015-04-30] (Microsoft Corporation)
R2 NU16StartManagerSvc; C:\Users\Public\Norton Utilities 16\sMonitor\StartManSvc.exe [795736 2015-03-17] (PC Tools)
R2 ReimageRealTimeProtector; C:\Program Files\Reimage\Reimage Protector\ReiGuard.exe [6086640 2015-05-19] (Reimage®)
S3 SpeedDiskService; C:\Users\Public\Norton Utilities 16\Tools\SpeedDisk\SpeedDiskSrv.exe [1163864 2015-03-17] (Symantec Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [272952 2008-01-21] (Microsoft Corporation)
==================== Drivers (Whitelisted) ====================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [105864 2015-03-04] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [136216 2015-03-04] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [37352 2014-11-24] (Avira Operations GmbH & Co. KG)
R0 cm_km_w; C:\Windows\System32\DRIVERS\cm_km_w.sys [197864 2015-07-04] (Kaspersky Lab UK Ltd)
R0 kl1; C:\Windows\System32\DRIVERS\kl1.sys [153784 2015-07-04] (Kaspersky Lab ZAO)
R2 kldisk; C:\Windows\System32\DRIVERS\kldisk.sys [54640 2015-07-04] (Kaspersky Lab ZAO)
R3 klflt; C:\Windows\System32\DRIVERS\klflt.sys [128728 2015-07-04] (Kaspersky Lab ZAO)
R1 klhk; C:\Windows\System32\DRIVERS\klhk.sys [44208 2015-07-04] (Kaspersky Lab ZAO)
R1 KLIF; C:\Windows\System32\DRIVERS\klif.sys [705208 2015-07-04] (Kaspersky Lab ZAO)
R1 KLIM6; C:\Windows\System32\DRIVERS\klim6.sys [34160 2015-07-04] (Kaspersky Lab ZAO)
R3 klkbdflt; C:\Windows\System32\DRIVERS\klkbdflt.sys [36208 2015-07-04] (Kaspersky Lab ZAO)
R3 klmouflt; C:\Windows\System32\DRIVERS\klmouflt.sys [35696 2015-07-04] (Kaspersky Lab ZAO)
R1 klpd; C:\Windows\System32\DRIVERS\klpd.sys [23920 2015-07-04] (Kaspersky Lab ZAO)
R1 kltdf; C:\Windows\System32\DRIVERS\kltdf.sys [68808 2014-11-06] (Kaspersky Lab ZAO)
R1 kltdi; C:\Windows\System32\DRIVERS\kltdi.sys [54328 2015-07-04] (Kaspersky Lab ZAO)
R1 kneps; C:\Windows\System32\DRIVERS\kneps.sys [157240 2015-07-04] (Kaspersky Lab ZAO)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [23256 2015-06-18] (Malwarebytes Corporation)
S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [51928 2015-06-18] (Malwarebytes Corporation)
R3 MEI; C:\Windows\System32\DRIVERS\HECI.sys [56432 2013-01-11] (Intel Corporation)
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [245096 2015-03-04] (Microsoft Corporation)
R1 SASDIFSV; C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS [12880 2011-07-22] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
R1 SASKUTIL; C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS [67664 2011-07-12] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
R1 ssmdrv; C:\Windows\System32\DRIVERS\ssmdrv.sys [28520 2014-11-24] (Avira GmbH)
R1 veracrypt; C:\Windows\System32\drivers\veracrypt.sys [196568 2015-05-29] (IDRIX)
S3 WIMMount; C:\Program Files\Windows Kits\8.0\Assessment and Deployment Kit\Deployment Tools\x86\DISM\wimmount.sys [34248 2012-07-25] (Microsoft Corporation)
S3 IpInIp; system32\DRIVERS\ipinip.sys [X]
S3 NwlnkFlt; system32\DRIVERS\nwlnkflt.sys [X]
S3 NwlnkFwd; system32\DRIVERS\nwlnkfwd.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2015-07-09 13:03 - 2015-07-09 13:03 - 00021671 _____ C:\Users\Utilisateur\Downloads\FRST.txt
2015-07-09 13:02 - 2015-07-09 13:03 - 00000000 ____D C:\FRST
2015-07-09 12:59 - 2015-07-09 13:02 - 01636352 _____ (Farbar) C:\Users\Utilisateur\Downloads\FRST.exe
2015-07-09 11:52 - 2015-07-09 12:53 - 00007756 _____ C:\Windows\WindowsUpdate.log
2015-07-09 01:15 - 2015-07-09 01:15 - 00098520 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-07-09 01:15 - 2015-07-09 01:15 - 00000000 ____D C:\Program Files\Malwarebytes Anti-Malware
2015-07-09 01:15 - 2015-06-18 08:41 - 00094936 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2015-07-09 01:15 - 2015-06-18 08:41 - 00051928 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2015-07-09 01:15 - 2015-06-18 08:41 - 00023256 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2015-07-09 01:14 - 2015-07-09 01:14 - 24345872 _____ (Malwarebytes Corporation ) C:\Users\Utilisateur\Downloads\mbam-setup-2.1.8.1057.exe
2015-07-08 12:05 - 2015-07-08 12:05 - 00000000 ____D C:\ProgramData\Kaspersky Lab Setup Files
2015-07-08 12:03 - 2015-07-08 12:04 - 197145208 _____ (Kaspersky Lab) C:\Users\Utilisateur\Downloads\kts15.0.2.361fr-fr.exe
2015-07-07 07:25 - 2015-07-07 07:26 - 00000000 ____D C:\ProgramData\MFAData
2015-07-07 07:25 - 2015-07-07 07:25 - 05017672 _____ (AVG Technologies) C:\Users\Utilisateur\Downloads\avg_free_stb_all_2015_ltst_639.exe
2015-07-07 07:25 - 2015-07-07 07:25 - 00000000 ____D C:\Users\Utilisateur\AppData\Local\MFAData
2015-07-07 07:25 - 2015-07-07 07:25 - 00000000 ____D C:\Users\Utilisateur\AppData\Local\Avg2015
2015-07-07 07:16 - 2015-07-07 07:17 - 00190042 _____ C:\Users\Utilisateur\Downloads\avgremover.log
2015-07-07 07:16 - 2015-07-07 07:16 - 03681088 _____ (AVG Technologies CZ, s.r.o.) C:\Users\Utilisateur\Downloads\avg_remover_stf_x86_2015_5501.exe
2015-07-07 07:11 - 2015-07-07 07:11 - 00416576 _____ (Kaspersky Lab) C:\Users\Utilisateur\Downloads\fr-fr.kaspersky_free_scan.setup.exe
2015-07-06 16:43 - 2015-07-06 16:43 - 01845248 _____ C:\Users\Utilisateur\Downloads\ZHPCleaner.exe
2015-07-06 13:36 - 2015-07-09 11:43 - 00000432 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2015-07-06 13:09 - 2015-07-09 11:11 - 00000000 ____D C:\Program Files\SUPERAntiSpyware
2015-07-06 13:09 - 2015-07-09 02:00 - 00000522 _____ C:\Windows\Tasks\SUPERAntiSpyware Scheduled Task d529a919-8d31-4c3f-8f16-3ba8ee2264f4.job
2015-07-06 13:09 - 2015-07-06 13:20 - 00000522 _____ C:\Windows\Tasks\SUPERAntiSpyware Scheduled Task 55b9eb30-ea91-47e5-8657-e492ed5816ad.job
2015-07-06 13:09 - 2015-07-06 13:09 - 00001820 _____ C:\Users\Public\Desktop\SUPERAntiSpyware Free Edition.lnk
2015-07-06 13:09 - 2015-07-06 13:09 - 00000000 ____D C:\Users\Utilisateur\AppData\Roaming\SUPERAntiSpyware.com
2015-07-06 13:09 - 2015-07-06 13:09 - 00000000 ____D C:\ProgramData\SUPERAntiSpyware.com
2015-07-06 13:09 - 2015-07-06 13:09 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SUPERAntiSpyware
2015-07-06 13:08 - 2015-07-06 13:08 - 22329136 _____ (SUPERAntiSpyware) C:\Users\Public\SUPERAntiSpyware.exe
2015-07-06 12:19 - 2015-07-08 20:48 - 00000000 ____D C:\Program Files\Mozilla Firefox
2015-07-04 18:14 - 2015-07-04 18:14 - 00001896 _____ C:\Users\Public\Desktop\Adobe Reader XI.lnk
2015-07-04 18:14 - 2015-07-04 18:14 - 00001804 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
2015-07-04 18:14 - 2015-07-04 18:14 - 00000000 ____D C:\Program Files\Common Files\Adobe
2015-07-04 18:14 - 2015-07-04 18:14 - 00000000 ____D C:\Program Files\Adobe
2015-07-04 18:12 - 2015-07-04 18:12 - 75858112 _____ (Adobe Systems Incorporated) C:\Users\Utilisateur\Downloads\AdbeRdr11010_en_US.exe
2015-07-04 17:24 - 2015-07-04 17:24 - 00000000 _____ C:\Windows\system32\FAPE793.tmp
2015-07-04 16:45 - 2015-07-04 16:45 - 00002108 _____ C:\Users\Utilisateur\Desktop\Protection bancaire.lnk
2015-07-04 16:42 - 2015-07-07 07:06 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Kaspersky Total Security
2015-07-04 16:42 - 2015-07-04 16:41 - 00001954 _____ C:\Users\Public\Desktop\Kaspersky Total Security.lnk
2015-07-04 16:08 - 2015-07-04 16:08 - 01005568 _____ (Microsoft Corporation) C:\Users\Public\dotNetFx45_Full_setup(2).exe
2015-07-04 16:00 - 2015-07-04 16:00 - 01005568 _____ (Microsoft Corporation) C:\Users\Public\dotNetFx45_Full_setup(1).exe
2015-07-04 15:58 - 2015-07-04 15:58 - 01005568 _____ (Microsoft Corporation) C:\Users\Public\dotNetFx45_Full_setup.exe
2015-07-04 15:32 - 2015-07-04 15:32 - 01594688 _____ (Kaspersky Lab) C:\Users\Public\kts15.0.2.361fr_7383(2).exe
2015-07-04 15:25 - 2015-07-04 15:25 - 01594688 _____ (Kaspersky Lab) C:\Users\Public\kts15.0.2.361fr_7383(1).exe
2015-07-04 13:05 - 2015-07-04 13:05 - 01594688 _____ (Kaspersky Lab) C:\Users\Public\kts15.0.2.361fr_7383.exe
2015-06-30 19:36 - 2015-06-30 19:36 - 01183744 _____ C:\Users\Utilisateur\s-1-5-21-3427801323-731345876-450246096-1000.rrr
2015-06-30 19:36 - 2015-06-30 19:36 - 00585728 _____ C:\Users\Administrateur\s-1-5-21-3427801323-731345876-450246096-500.rrr
2015-06-30 18:22 - 2015-06-30 18:23 - 00000000 ____D C:\Zeb Restore
2015-06-30 17:51 - 2015-06-30 18:15 - 00000000 ____D C:\Users\Utilisateur\Documents\Zeb-Restore
2015-06-30 17:28 - 2015-06-30 17:36 - 00254216 _____ C:\Users\Public\DriverTurboSetup.exe
2015-06-30 17:15 - 2015-06-30 18:24 - 00074505 _____ C:\Users\Public\Zeb-Restore.zip
2015-06-30 16:45 - 2015-06-30 16:45 - 04197016 _____ (Kaspersky Lab ZAO) C:\Users\Utilisateur\Downloads\tdsskiller.exe
2015-06-30 16:40 - 2009-04-11 15:18 - 02926592 _____ (Microsoft Corporation) C:\Windows\expl2.exe
2015-06-30 15:47 - 2015-06-30 15:47 - 00000968 _____ C:\Users\Utilisateur\Desktop\Fichiers d’installation Norton.lnk
2015-06-30 15:43 - 2015-06-30 15:43 - 01111048 _____ (Symantec Corporation) C:\Users\Utilisateur\Downloads\NBRT-Retail-Downloader(2).exe
2015-06-30 15:37 - 2015-06-30 15:38 - 01111048 _____ (Symantec Corporation) C:\Users\Utilisateur\Downloads\NBRT-Retail-Downloader(1).exe
2015-06-30 15:17 - 2015-06-30 15:19 - 10087400 _____ (Symantec Corporation) C:\Users\Utilisateur\Downloads\NPE(2).exe
2015-06-30 15:10 - 2015-06-30 15:10 - 10087400 _____ (Symantec Corporation) C:\Users\Utilisateur\Downloads\NPE(1).exe
2015-06-30 15:01 - 2015-06-30 15:01 - 00000900 _____ C:\Users\Utilisateur\Documents\cc_20150630_150059.reg
2015-06-28 13:41 - 2015-06-28 13:41 - 00000000 ____D C:\Windows\CheckSur
2015-06-27 18:08 - 2015-06-27 18:08 - 00000000 _____ C:\Users\Utilisateur\sfc
2015-06-27 13:37 - 2015-06-27 13:37 - 00262144 _____ C:\Windows\system32\config\elam
2015-06-27 13:09 - 2015-06-27 13:09 - 00000207 _____ C:\Windows\tweaking.com-regbackup-PC-DE-UTILISATE-Windows-Vista-(TM)-Home-Premium-(32-bit).dat
2015-06-27 13:09 - 2015-06-27 13:09 - 00000000 ____D C:\RegBackup
2015-06-27 12:04 - 2015-06-27 12:04 - 04197016 _____ (Kaspersky Lab ZAO) C:\Users\Public\tdsskiller.exe
2015-06-27 11:16 - 2015-06-27 11:16 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tweaking.com
2015-06-27 11:16 - 2015-06-27 11:16 - 00000000 ____D C:\Program Files\Tweaking.com
2015-06-27 11:13 - 2015-06-27 11:13 - 12907304 _____ C:\Users\Public\tweaking.com_windows_repair_aio_setup.exe
2015-06-19 20:49 - 2015-06-19 20:49 - 00000000 ____D C:\Users\Utilisateur\AppData\Local\LogMeIn Rescue Applet
2015-06-19 20:29 - 2015-06-19 20:31 - 00002351 _____ C:\Users\Utilisateur\Desktop\Windows 7 USB DVD Download Tool.lnk
2015-06-19 20:29 - 2015-06-19 20:31 - 00000000 ____D C:\Users\Utilisateur\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows 7 USB DVD Download Tool
2015-06-19 20:29 - 2015-06-19 20:31 - 00000000 ____D C:\Users\Utilisateur\AppData\Local\Apps\Windows 7 USB DVD Download Tool
2015-06-19 20:28 - 2015-06-19 20:28 - 02721168 _____ (Microsoft Corporation) C:\Users\Public\Windows7-USB-DVD-Download-Tool-Installer-en-US.exe
2015-06-18 14:29 - 2015-06-18 14:29 - 05817064 _____ (ParetoLogic Inc.) C:\Users\Public\ParetoLogic PC Health Advisor_fr.exe
2015-06-17 17:17 - 2015-07-09 11:29 - 00001958 _____ C:\Windows\system32\ScanResults.xml
2015-06-17 17:09 - 2015-07-09 11:26 - 00000464 _____ C:\Windows\system32\ScannerSettings
2015-06-16 18:03 - 2015-06-16 18:04 - 140852175 _____ C:\Users\Public\Apache_OpenOffice_4.1.1_Win_x86_install_en-US.exe
2015-06-16 17:58 - 2015-06-16 17:59 - 132488258 _____ C:\Users\Public\Apache_OpenOffice_4.1.1_Win_x86_install_fr.exe
2015-06-15 17:34 - 2015-06-15 17:34 - 00000673 _____ C:\Users\Public\Desktop\Norton Utilities 16.lnk
2015-06-15 17:31 - 2015-06-15 17:31 - 18887256 _____ (Symantec) C:\Users\Public\nu16.0.2.39-SMUI.exe
2015-06-14 12:27 - 2015-06-18 18:06 - 10087400 _____ (Symantec Corporation) C:\Users\Public\NPE.exe
2015-06-13 20:40 - 2015-06-13 20:40 - 00002246 _____ C:\GUDownLoaddebug.txt
2015-06-13 20:40 - 2015-06-13 20:40 - 00001066 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Registry Repair.lnk
2015-06-13 20:40 - 2015-06-13 20:40 - 00001054 _____ C:\Users\Public\Desktop\Registry Repair.lnk
2015-06-13 20:40 - 2015-06-13 20:40 - 00000000 ____D C:\Users\Utilisateur\AppData\Roaming\GlarySoft
2015-06-13 20:40 - 2015-06-13 20:40 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Glarysoft
2015-06-13 20:40 - 2015-06-13 20:40 - 00000000 ____D C:\Program Files\Glarysoft
2015-06-13 20:38 - 2015-06-13 20:38 - 04828912 _____ C:\Users\Public\rrsetup.exe
2015-06-13 20:21 - 2015-06-13 20:21 - 00000000 ____D C:\ProgramData\Reimage Protector
2015-06-13 20:20 - 2015-06-14 13:00 - 00000000 ____D C:\Program Files\Reimage
2015-06-13 20:20 - 2015-06-13 20:22 - 00000000 ____D C:\rei
2015-06-13 20:19 - 2015-06-29 18:12 - 00000165 _____ C:\Windows\Reimage.ini
2015-06-13 20:19 - 2015-06-13 20:19 - 00768512 _____ (Reimage®) C:\Users\Public\ReimageRepair.exe
2015-06-13 19:57 - 2015-07-09 11:43 - 00000095 _____ C:\Users\Utilisateur\.accessibility.properties
2015-06-13 09:41 - 2015-06-13 09:41 - 10087400 _____ (Symantec Corporation) C:\Users\Utilisateur\Downloads\NPE (9).exe
2015-06-13 09:41 - 2015-06-13 09:41 - 10087400 _____ (Symantec Corporation) C:\Users\Utilisateur\Downloads\NPE (8).exe
2015-06-13 09:37 - 2015-06-13 09:37 - 00465560 _____ (Muddy Software) C:\Users\Utilisateur\Downloads\EasySecureEraser (1).exe
2015-06-13 09:32 - 2015-06-13 10:53 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Easy & Secure Eraser
2015-06-13 09:31 - 2015-06-13 09:31 - 00465560 _____ (Muddy Software) C:\Users\Utilisateur\Downloads\EasySecureEraser.exe
2015-06-13 07:32 - 2015-06-13 07:32 - 10087400 _____ (Symantec Corporation) C:\Users\Utilisateur\Downloads\NPE (7).exe
2015-06-13 07:20 - 2015-06-13 07:20 - 10087400 _____ (Symantec Corporation) C:\Users\Utilisateur\Downloads\NPE (6).exe
2015-06-13 07:20 - 2015-06-13 07:20 - 10087400 _____ (Symantec Corporation) C:\Users\Utilisateur\Downloads\NPE (2).exe
2015-06-11 19:06 - 2015-06-11 19:06 - 00912696 _____ (Symantec Corporation) C:\Users\Utilisateur\Downloads\NBRT-Retail-Downloader (4).exe
2015-06-11 19:04 - 2015-06-11 19:04 - 00912696 _____ (Symantec Corporation) C:\Users\Utilisateur\Downloads\NBRT-Retail-Downloader (3).exe
2015-06-11 19:00 - 2015-06-11 19:00 - 00912696 _____ (Symantec Corporation) C:\Users\Utilisateur\Downloads\NBRT-Retail-Downloader (2).exe
2015-06-11 18:00 - 2015-06-30 15:54 - 00000000 ____D C:\Users\Utilisateur\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Norton
2015-06-11 18:00 - 2015-06-30 15:38 - 00000000 ____D C:\Users\Public\Downloads\Norton
2015-06-11 18:00 - 2015-06-11 18:00 - 00912696 _____ (Symantec Corporation) C:\Users\Utilisateur\Downloads\NBRT-Retail-Downloader.exe
2015-06-11 18:00 - 2015-06-11 18:00 - 00912696 _____ (Symantec Corporation) C:\Users\Utilisateur\Downloads\NBRT-Retail-Downloader (1).exe
2015-06-11 17:50 - 2015-06-11 17:50 - 00000000 ____D C:\Program Files\Common Files\Java
2015-06-11 17:47 - 2015-06-11 17:47 - 00561248 _____ (Oracle Corporation) C:\Users\Public\jxpiinstall.exe
2015-06-11 17:42 - 2015-06-11 17:42 - 00938408 _____ (Oracle Corporation) C:\Users\Public\jre-7u79-windows-i586-iftw.exe
2015-06-11 16:29 - 2015-07-04 11:13 - 00000298 ___SH C:\grub2.cfg
2015-06-11 16:23 - 2015-06-11 16:23 - 10087400 _____ (Symantec Corporation) C:\Users\Utilisateur\Downloads\NPE (5).exe
2015-06-11 16:23 - 2015-06-11 16:23 - 10087400 _____ (Symantec Corporation) C:\Users\Utilisateur\Downloads\NPE (4).exe
2015-06-11 16:22 - 2015-06-11 16:22 - 10087400 _____ (Symantec Corporation) C:\Users\Utilisateur\Downloads\NPE (3).exe
2015-06-10 14:49 - 2015-04-24 17:54 - 00532480 _____ (Microsoft Corporation) C:\Windows\system32\comctl32.dll
2015-06-10 14:48 - 2015-05-21 16:22 - 02066432 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2015-06-10 14:47 - 2015-05-09 01:08 - 00894464 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2015-06-10 14:40 - 2015-05-05 00:51 - 10628608 _____ (Microsoft Corporation) C:\Windows\system32\wmp.dll
2015-06-10 14:40 - 2015-05-05 00:50 - 00007680 _____ (Microsoft Corporation) C:\Windows\system32\spwmp.dll
2015-06-10 14:40 - 2015-05-05 00:50 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\msdxm.ocx
2015-06-10 14:40 - 2015-05-05 00:50 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\dxmasf.dll
2015-06-10 14:40 - 2015-05-04 23:21 - 08147456 _____ (Microsoft Corporation) C:\Windows\system32\wmploc.DLL
2015-06-10 14:04 - 2015-05-31 02:03 - 12385280 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-06-10 14:04 - 2015-05-31 01:55 - 01809920 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-06-10 14:04 - 2015-05-31 01:54 - 00367616 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2015-06-10 14:04 - 2015-05-31 01:53 - 09750528 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-06-10 14:04 - 2015-05-31 01:50 - 01139712 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-06-10 14:04 - 2015-05-31 01:49 - 01427968 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-06-10 14:04 - 2015-05-31 01:49 - 01129472 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-06-10 14:04 - 2015-05-31 01:49 - 00718336 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2015-06-10 14:04 - 2015-05-31 01:49 - 00421888 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-06-10 14:04 - 2015-05-31 01:48 - 01804288 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-06-10 14:04 - 2015-05-31 01:48 - 00607744 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-06-10 14:04 - 2015-05-31 01:48 - 00353792 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2015-06-10 14:04 - 2015-05-31 01:48 - 00231936 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2015-06-10 14:04 - 2015-05-31 01:48 - 00223232 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-06-10 14:04 - 2015-05-31 01:48 - 00142848 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2015-06-10 14:04 - 2015-05-31 01:48 - 00065024 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2015-06-10 14:04 - 2015-05-31 01:48 - 00041472 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll
2015-06-10 14:04 - 2015-05-31 01:47 - 02382848 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2015-06-10 14:04 - 2015-05-31 01:47 - 00176640 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2015-06-10 14:04 - 2015-05-31 01:47 - 00073216 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-06-10 14:04 - 2015-05-31 01:47 - 00011776 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe
2015-06-10 14:04 - 2015-05-31 01:47 - 00010752 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe
2015-06-09 19:11 - 2015-06-09 19:11 - 10087400 _____ (Symantec Corporation) C:\Users\Utilisateur\Downloads\NPE (1).exe
2015-06-09 14:59 - 2015-06-09 14:59 - 01402880 _____ C:\Users\Public\hijackthis_hijackthis_2.0.4_anglais_17891.msi
2015-06-09 14:33 - 2015-06-09 14:33 - 00022577 _____ C:\Users\Public\hijackthis.log
2015-06-09 14:32 - 2015-06-09 14:32 - 00388608 _____ (Trend Micro Inc.) C:\Users\Public\HijackThis.exe
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2015-07-09 12:48 - 2015-04-23 17:39 - 00001056 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-07-09 11:47 - 2009-04-11 18:25 - 01705958 _____ C:\Windows\system32\PerfStringBackup.INI
2015-07-09 11:43 - 2015-06-05 01:11 - 00000268 _____ C:\Windows\Tasks\NUAutoUpdate.job
2015-07-09 11:43 - 2015-06-05 00:25 - 00000000 ____D C:\Users\Public\Norton Utilities 16
2015-07-09 11:43 - 2015-06-04 17:04 - 00000000 ____D C:\ProgramData\TEMP
2015-07-09 11:43 - 2015-05-29 04:45 - 00000000 ___RD C:\Users\Public\Recorded TV
2015-07-09 11:43 - 2015-04-23 17:39 - 00001052 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-07-09 11:43 - 2014-11-29 17:10 - 00000000 ____D C:\ProgramData\Kaspersky Lab
2015-07-09 11:43 - 2013-12-07 12:33 - 00778416 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
2015-07-09 11:43 - 2013-12-07 12:33 - 00142512 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl
2015-07-09 11:43 - 2013-12-07 12:33 - 00001002 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-07-09 11:43 - 2013-12-06 17:07 - 00000000 ____D C:\ProgramData\NVIDIA
2015-07-09 11:43 - 2013-12-06 14:57 - 00000000 ____D C:\Users\Utilisateur
2015-07-09 11:43 - 2006-11-02 15:01 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2015-07-09 11:43 - 2006-11-02 14:47 - 00003760 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
2015-07-09 11:43 - 2006-11-02 14:47 - 00003760 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
2015-07-09 11:43 - 2006-11-02 13:18 - 00000000 ____D C:\Windows\registration
2015-07-09 02:00 - 2015-03-24 17:38 - 00000338 _____ C:\Windows\Tasks\Défragmentation PC Health Advisor_sch_E14652F2-D23B-11E4-B2BA-AC220B4F2792.job
2015-07-09 01:17 - 2015-06-05 00:26 - 00000000 ____D C:\Users\Utilisateur\AppData\Roaming\Norton Utilities 16
2015-07-08 19:30 - 2015-06-05 19:00 - 00000374 _____ C:\Windows\system32\AppLog.log
2015-07-08 19:30 - 2015-06-05 01:11 - 00000262 _____ C:\Windows\Tasks\NUSchedule.job
2015-07-07 10:33 - 2015-06-05 18:06 - 00000310 _____ C:\Windows\Tasks\SpeedDiskSchedule.job
2015-07-07 07:04 - 2015-06-04 13:13 - 00000000 ____D C:\Users\Utilisateur\AppData\Local\CrashDumps
2015-07-06 13:36 - 2015-04-21 16:30 - 00000000 ____D C:\Program Files\Mozilla Maintenance Service
2015-07-06 13:08 - 2006-11-02 13:18 - 00000000 ___RD C:\Users\Public
2015-07-04 19:20 - 2006-11-02 13:18 - 00000000 __RHD C:\Users\Default
2015-07-04 19:12 - 2014-12-14 14:44 - 00052136 _____ C:\Windows\system32\GDIPFONTCACHEV1.DAT
2015-07-04 18:14 - 2013-12-06 18:31 - 00000000 ____D C:\ProgramData\Adobe
2015-07-04 17:50 - 2015-03-25 12:03 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OpenOffice 4.1.1
2015-07-04 17:50 - 2015-03-25 12:00 - 00000000 ____D C:\Program Files\OpenOffice 4
2015-07-04 16:59 - 2014-11-10 17:48 - 00157240 _____ (Kaspersky Lab ZAO) C:\Windows\system32\Drivers\kneps.sys
2015-07-04 16:59 - 2014-10-10 17:02 - 00034160 _____ (Kaspersky Lab ZAO) C:\Windows\system32\Drivers\klim6.sys
2015-07-04 16:59 - 2014-10-09 12:31 - 00054328 _____ (Kaspersky Lab ZAO) C:\Windows\system32\Drivers\kltdi.sys
2015-07-04 16:59 - 2014-08-19 12:31 - 00054640 _____ (Kaspersky Lab ZAO) C:\Windows\system32\Drivers\kldisk.sys
2015-07-04 16:59 - 2014-03-31 10:47 - 00153784 _____ (Kaspersky Lab ZAO) C:\Windows\system32\Drivers\kl1.sys
2015-07-04 16:59 - 2013-04-12 14:34 - 00023920 _____ (Kaspersky Lab ZAO) C:\Windows\system32\Drivers\klpd.sys
2015-07-04 16:58 - 2014-12-13 18:21 - 00705208 _____ (Kaspersky Lab ZAO) C:\Windows\system32\Drivers\klif.sys
2015-07-04 16:58 - 2014-11-28 18:19 - 00128728 _____ (Kaspersky Lab ZAO) C:\Windows\system32\Drivers\klflt.sys
2015-07-04 16:58 - 2014-10-30 04:22 - 00036208 _____ (Kaspersky Lab ZAO) C:\Windows\system32\Drivers\klkbdflt.sys
2015-07-04 16:58 - 2014-10-22 21:13 - 00044208 _____ (Kaspersky Lab ZAO) C:\Windows\system32\Drivers\klhk.sys
2015-07-04 16:58 - 2013-08-08 16:10 - 00035696 _____ (Kaspersky Lab ZAO) C:\Windows\system32\Drivers\klmouflt.sys
2015-07-04 16:58 - 2013-01-14 20:10 - 00197864 _____ (Kaspersky Lab UK Ltd) C:\Windows\system32\Drivers\cm_km_w.sys
2015-07-04 16:55 - 2015-05-05 14:26 - 00000000 ____D C:\Users\Utilisateur\Desktop\Anciennes données de Firefox
2015-07-04 16:42 - 2014-11-29 17:10 - 00000000 ____D C:\Program Files\Kaspersky Lab
2015-07-04 15:46 - 2015-05-16 20:56 - 00000000 ____D C:\ProgramData\AVAST Software
2015-07-04 15:40 - 2015-06-04 12:29 - 00000000 ____D C:\ProgramData\Norton
2015-07-04 15:39 - 2013-12-06 18:39 - 00001912 _____ C:\Windows\epplauncher.mif
2015-07-04 15:39 - 2013-12-06 18:38 - 00000000 ____D C:\Program Files\Microsoft Security Client
2015-06-30 19:36 - 2015-06-05 14:30 - 37515264 _____ C:\Windows\system32\config\software.rrr
2015-06-30 19:36 - 2015-06-05 14:30 - 00880640 _____ C:\Windows\system32\config\default.rrr
2015-06-30 19:36 - 2015-05-28 21:15 - 00000000 ____D C:\Users\Administrateur
2015-06-30 18:25 - 2008-03-21 20:47 - 00000000 ____D C:\Acer
2015-06-30 15:34 - 2015-06-04 12:29 - 00000000 ____D C:\Users\Utilisateur\AppData\Local\NPE
2015-06-30 15:25 - 2015-06-04 12:37 - 00000000 ____D C:\NPE
2015-06-29 18:46 - 2006-11-02 13:18 - 00000000 ____D C:\Windows\system32\LogFiles
2015-06-23 13:27 - 2013-12-06 17:12 - 00246952 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2015-06-19 20:49 - 2015-06-08 17:14 - 01532224 _____ (LogMeIn, Inc.) C:\Users\Public\Support-LogMeInRescue.exe
2015-06-16 18:09 - 2006-11-02 13:18 - 00000000 ____D C:\Program Files\Common Files\microsoft shared
2015-06-15 18:54 - 2015-06-05 00:26 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Norton Utilities 16
2015-06-15 18:08 - 2015-03-16 16:55 - 00000000 ____D C:\Users\Utilisateur\AppData\Roaming\SoftGrid Client
2015-06-13 13:59 - 2006-11-02 13:18 - 00000000 ____D C:\Windows\system32\fr-FR
2015-06-13 13:59 - 2006-11-02 13:18 - 00000000 ____D C:\Windows\system32\el-GR
2015-06-13 13:59 - 2006-11-02 13:18 - 00000000 ____D C:\Windows\system32\de-DE
2015-06-13 11:01 - 2009-04-11 18:23 - 00000000 ____D C:\Windows\fr-FR
2015-06-13 08:17 - 2014-03-03 12:19 - 00000000 ____D C:\Windows\pss
2015-06-11 17:50 - 2014-09-05 16:10 - 00000000 ____D C:\ProgramData\Oracle
2015-06-11 17:49 - 2015-04-29 11:14 - 00096352 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge.dll
2015-06-11 17:48 - 2013-12-06 18:30 - 00000000 ____D C:\Program Files\Java
2015-06-10 23:11 - 2006-11-02 13:18 - 00000000 ____D C:\Windows\rescache
2015-06-10 14:47 - 2013-12-06 17:35 - 00000000 ____D C:\Windows\system32\MRT
2015-06-10 14:41 - 2006-11-02 12:24 - 136900096 _____ (Microsoft Corporation) C:\Windows\system32\mrt.exe
2015-06-09 15:05 - 2015-03-17 13:13 - 00000000 ____D C:\Users\Utilisateur\AppData\Local\VirtualStore
==================== Files in the root of some directories =======
2015-05-18 18:45 - 2015-05-18 18:45 - 6420480 _____ () C:\Program Files\GUTC88D.tmp
2015-03-23 23:16 - 2015-06-07 23:11 - 0000680 _____ () C:\Users\Utilisateur\AppData\Local\d3d9caps.dat
2015-05-27 16:54 - 2015-05-27 16:54 - 0004608 _____ () C:\Users\Utilisateur\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2013-12-07 12:46 - 2013-12-07 12:46 - 0000057 _____ () C:\ProgramData\Ament.ini
2013-12-06 16:24 - 2013-12-06 16:24 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
Files to move or delete:
====================
C:\Users\Public\adwcleaner-4-202-multi-win.exe
C:\Users\Public\adwcleaner_4.205 (1).exe
C:\Users\Public\adwcleaner_4.205.exe
C:\Users\Public\Apache_OpenOffice_4.1.1_Win_x86_install_en-US.exe
C:\Users\Public\Apache_OpenOffice_4.1.1_Win_x86_install_fr.exe
C:\Users\Public\cc_20150528_231238.erreur.registre.mai.2015.reg
C:\Users\Public\cc_20150601_155455.reg
C:\Users\Public\ChromeSetup.exe
C:\Users\Public\CleanMyPCSetup.exe
C:\Users\Public\cryptoasetup.exe
C:\Users\Public\dotNetFx45_Full_setup(1).exe
C:\Users\Public\dotNetFx45_Full_setup(2).exe
C:\Users\Public\dotNetFx45_Full_setup.exe
C:\Users\Public\DriverTurboSetup.exe
C:\Users\Public\DuplicateCleaner3_setup.exe
C:\Users\Public\edfSetup.exe
C:\Users\Public\Firefox Setup Stub 37.0.2.exe
C:\Users\Public\HijackThis.exe
C:\Users\Public\jre-7u79-windows-i586-iftw.exe
C:\Users\Public\jxpiinstall.exe
C:\Users\Public\kts15.0.2.361fr_7383(1).exe
C:\Users\Public\kts15.0.2.361fr_7383(2).exe
C:\Users\Public\kts15.0.2.361fr_7383.exe
C:\Users\Public\mbam-setup-2.1.6.1022.exe
C:\Users\Public\NPE (1).exe
C:\Users\Public\NPE.exe
C:\Users\Public\nu16.0.2.39-SMUI.exe
C:\Users\Public\ParetoLogic PC Health Advisor_fr.exe
C:\Users\Public\ReimageRepair.exe
C:\Users\Public\rrsetup.exe
C:\Users\Public\spybot-2.4.exe
C:\Users\Public\SUPERAntiSpyware.exe
C:\Users\Public\Support-LogMeInRescue (1).exe
C:\Users\Public\Support-LogMeInRescue (5).exe
C:\Users\Public\Support-LogMeInRescue.exe
C:\Users\Public\tdsskiller.exe
C:\Users\Public\Traqueur_3.1.13.exe
C:\Users\Public\tweaking.com_windows_repair_aio_setup.exe
C:\Users\Public\VeraCrypt Setup 1.0f-2 (1).exe
C:\Users\Public\VeraCrypt Setup 1.0f-2.exe
C:\Users\Public\Windows7-USB-DVD-Download-Tool-Installer-en-US.exe
==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2015-07-09 11:56
==================== End of log ============================