Publicité
Publicité
Format du document : text/plain
Prévisualisation
Résultats d'analyse de Farbar Recovery Scan Tool (FRST) (x64) Version:07-02-2016
Exécuté par phil (administrateur) sur FLEXI2202 (16-02-2016 19:02:10)
Exécuté depuis C:\Users\phil\Desktop
Profils chargés: phil (Profils disponibles: phil)
Platform: Windows 8.1 (X64) Langue: Français (France)
Internet Explorer Version 11 (Navigateur par défaut: FF)
Mode d'amorçage: Normal
Tutoriel pour Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processus (Avec liste blanche) =================
(Si un élément est inclus dans le fichier fixlist.txt, le processus sera arrêté. Le fichier ne sera pas déplacé.)
Impossible d'accéder au processus -> csrss.exe
Impossible d'accéder au processus -> csrss.exe
(Faronics Corporation) C:\Program Files (x86)\Faronics\Deep Freeze\Install C-0\DFServ.exe
Impossible d'accéder au processus -> dwm.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(COMODO) C:\Program Files\COMODO\COMODO Internet Security\CisTray.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\sched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avguard.exe
(COMODO) C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
Impossible d'accéder au processus -> WmiPrvSE.exe
(Faronics Corporation) C:\Program Files (x86)\Faronics\Deep Freeze\Install C-0\_$Df\FrzState2k.exe
(Faronics Corporation) C:\Windows\Temp\DFLocker64.exe
Impossible d'accéder au processus -> cavwp.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avshadow.exe
Impossible d'accéder au processus -> NvStreamNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
Impossible d'accéder au processus -> conhost.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(COMODO) C:\Program Files\COMODO\COMODO Internet Security\cis.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avgnt.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.Systray.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Mario Groleau) C:\Users\phil\Desktop\imprimeur.exe
Impossible d'accéder au processus -> WmiPrvSE.exe
==================== Registre (Avec liste blanche) ===========================
(Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé. Le fichier ne sera pas déplacé.)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13662936 2014-02-07] (Realtek Semiconductor)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2655520 2015-11-16] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [323056 2016-02-16] (Intel Corporation)
HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\Antivirus\avgnt.exe [803200 2015-12-16] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [594992 2016-02-09] (Oracle Corporation)
HKLM-x32\...\Run: [Avira SystrayStartTrigger] => C:\Program Files (x86)\Avira\Launcher\Avira.SystrayStartTrigger.exe [66328 2016-02-09] (Avira Operations GmbH & Co. KG)
IFEO\foxitreader.exe: [Debugger] "C:\Program Files (x86)\AVG\AVG PC TuneUp\TUAutoReactivator64.exe"
IFEO\hpwucli.exe: [Debugger] "C:\Program Files (x86)\AVG\AVG PC TuneUp\TUAutoReactivator64.exe"
IFEO\unins000.exe: [Debugger] "C:\Program Files (x86)\AVG\AVG PC TuneUp\TUAutoReactivator64.exe"
IFEO\vmnetcfg.exe: [Debugger] "C:\Program Files (x86)\AVG\AVG PC TuneUp\TUAutoReactivator64.exe"
IFEO\vmplayer.exe: [Debugger] "C:\Program Files (x86)\AVG\AVG PC TuneUp\TUAutoReactivator64.exe"
IFEO\vmware.exe: [Debugger] "C:\Program Files (x86)\AVG\AVG PC TuneUp\TUAutoReactivator64.exe"
BootExecute: autocheck autochk /k:C /k:D /k:E *
==================== Internet (Avec liste blanche) ====================
(Si un élément est inclus dans le fichier fixlist.txt, s'il s'agit d'un élément du Registre, il sera supprimé ou restauré à la valeur par défaut.)
Tcpip\Parameters: [DhcpNameServer] 109.88.203.3 62.197.111.140
Tcpip\..\Interfaces\{1948F731-1CB5-4F46-8AD5-FE6DBCACDFB8}: [DhcpNameServer] 109.88.203.3 62.197.111.140
Internet Explorer:
==================
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_73\bin\ssv.dll [2016-02-09] (Oracle Corporation)
BHO-x32: FlashGetBHO -> {b070d3e3-fec0-47d9-8e8a-99d4eeb3d3b0} -> C:\Users\phil\AppData\Roaming\FlashGetBHO\FlashGetBHO.dll [2012-01-06] (Trend Media Group)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_73\bin\jp2ssv.dll [2016-02-09] (Oracle Corporation)
FireFox:
========
FF ProfilePath: C:\Users\phil\AppData\Roaming\Mozilla\Firefox\Profiles\vs8mcgoz.default
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_20_0_0_286.dll [2016-02-09] ()
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_20_0_0_286.dll [2016-02-09] ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2014-02-07] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2014-02-07] (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.73.2 -> C:\Program Files (x86)\Java\jre1.8.0_73\bin\dtplugin\npDeployJava1.dll [2016-02-09] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.73.2 -> C:\Program Files (x86)\Java\jre1.8.0_73\bin\plugin2\npjp2.dll [2016-02-09] (Oracle Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2015-11-16] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2015-11-16] (NVIDIA Corporation)
FF Plugin-x32: @videolan.org/vlc,version=2.1.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Extension: SkipScreen - C:\Users\phil\AppData\Roaming\Mozilla\Firefox\Profiles\vs8mcgoz.default\extensions\SkipScreen@SkipScreen.xpi [2015-10-20]
FF Extension: Web Developer - C:\Users\phil\AppData\Roaming\Mozilla\Firefox\Profiles\vs8mcgoz.default\extensions\{c45c406e-ab73-11d8-be73-000a95be3b12}.xpi [2015-10-20]
FF Extension: FlashGot - C:\Users\phil\AppData\Roaming\Mozilla\Firefox\Profiles\vs8mcgoz.default\extensions\{19503e42-ca3c-4c27-b1e2-9cdb2170ee34}.xpi [2015-10-20]
FF Extension: Manage Folders - C:\Users\phil\AppData\Roaming\Mozilla\Firefox\Profiles\vs8mcgoz.default\extensions\firefox-managefolders@googlecode.com.xpi [2015-10-20]
FF Extension: MetaProducts Integration - C:\Users\phil\AppData\Roaming\Mozilla\Firefox\Profiles\vs8mcgoz.default\extensions\{D249FD00-4DF9-11D9-9FDC-0080481ADA61}.xpi [2015-10-20]
FF Extension: ReloadEvery - C:\Users\phil\AppData\Roaming\Mozilla\Firefox\Profiles\vs8mcgoz.default\extensions\{888d99e7-e8b5-46a3-851e-1ec45da1e644}.xpi [2015-10-20]
FF Extension: InFormEnter - C:\Users\phil\AppData\Roaming\Mozilla\Firefox\Profiles\vs8mcgoz.default\extensions\{5546F97E-11A5-46b0-9082-32AD74AAA920} [2015-10-20]
FF Extension: DownThemAll! - C:\Users\phil\AppData\Roaming\Mozilla\Firefox\Profiles\vs8mcgoz.default\extensions\{DDC359D1-844A-42a7-9AA1-88A850A938A8}.xpi [2015-12-15]
FF Extension: Boox - C:\Users\phil\AppData\Roaming\Mozilla\Firefox\Profiles\vs8mcgoz.default\extensions\{53c4d698-0a74-873e-7946-7d19bb035667}.xpi [2015-12-15]
FF Extension: WOT - C:\Users\phil\AppData\Roaming\Mozilla\Firefox\Profiles\vs8mcgoz.default\extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7} [2015-12-15]
FF Extension: FEBE - C:\Users\phil\AppData\Roaming\Mozilla\Firefox\Profiles\vs8mcgoz.default\extensions\{4BBDD651-70CF-4821-84F8-2B918CF89CA3} [2016-02-02]
FF Extension: NoScript - C:\Users\phil\AppData\Roaming\Mozilla\Firefox\Profiles\vs8mcgoz.default\extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi [2016-02-15]
FF Extension: Firebug - C:\Users\phil\AppData\Roaming\Mozilla\Firefox\Profiles\vs8mcgoz.default\Extensions\firebug@software.joehewitt.com.xpi [2016-02-09]
FF Extension: Video DownloadHelper - C:\Users\phil\AppData\Roaming\Mozilla\Firefox\Profiles\vs8mcgoz.default\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}.xpi [2015-11-16]
FF Extension: Adblock Plus - C:\Users\phil\AppData\Roaming\Mozilla\Firefox\Profiles\vs8mcgoz.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2016-01-21]
Chrome:
=======
CHR Profile: C:\Users\phil\AppData\Local\Google\Chrome\User Data\Default
==================== Services (Avec liste blanche) ========================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
S2 AntiVirMailService; C:\Program Files (x86)\Avira\Antivirus\avmailc7.exe [948392 2015-12-16] (Avira Operations GmbH & Co. KG)
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\Antivirus\sched.exe [466408 2015-12-16] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\Antivirus\avguard.exe [466408 2015-12-16] (Avira Operations GmbH & Co. KG)
S2 AntiVirWebService; C:\Program Files (x86)\Avira\Antivirus\avwebg7.exe [1418560 2015-12-16] (Avira Operations GmbH & Co. KG)
S3 avgsvc; C:\Program Files (x86)\AVG\Framework\Common\avgsvca.exe [1046952 2015-10-23] (AVG Technologies CZ, s.r.o.)
R2 Avira.ServiceHost; C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe [249120 2016-02-09] (Avira Operations GmbH & Co. KG)
R2 CmdAgent; C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe [5542472 2015-09-03] (COMODO)
S3 cmdvirth; C:\Program Files\COMODO\COMODO Internet Security\cmdvirth.exe [2265792 2015-08-05] (COMODO)
R2 DFServ; C:\Program Files (x86)\Faronics\Deep Freeze\Install C-0\DFServ.exe [1404792 2015-11-22] (Faronics Corporation) [Fichier non signé]
S4 FoxitCloudUpdateService; C:\Program Files (x86)\Foxit Software\Foxit Reader\Foxit Cloud\FCUpdateService.exe [244448 2014-10-28] (Foxit Software Inc.)
R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1156384 2015-11-16] (NVIDIA Corporation)
R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [19440 2016-02-16] (Intel Corporation)
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [733696 2013-05-11] (Intel(R) Corporation) [Fichier non signé]
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [822232 2013-05-11] (Intel(R) Corporation)
R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [131544 2014-02-07] (Intel Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2014-02-07] (Intel Corporation)
R2 Net Driver HPZ12; C:\Windows\System32\HPZinw12.dll [71680 2010-08-06] (Hewlett-Packard) [Fichier non signé]
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1873696 2015-11-16] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe [5568288 2015-11-16] (NVIDIA Corporation)
R2 Pml Driver HPZ12; C:\Windows\System32\HPZipm12.dll [89600 2010-08-06] (Hewlett-Packard) [Fichier non signé]
S3 TuneUp.UtilitiesSvc; C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesService64.exe [4368808 2015-10-23] (AVG Technologies CZ, s.r.o.)
S4 VMwareHostd; C:\Program Files (x86)\VMware\VMware Workstation\vmware-hostd.exe [12465344 2015-10-20] ()
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [346872 2013-08-22] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23840 2013-08-22] (Microsoft Corporation)
===================== Pilotes (Avec liste blanche) ==========================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [135880 2015-12-16] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\system32\DRIVERS\avipbb.sys [146696 2015-12-04] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\system32\DRIVERS\avkmgr.sys [35488 2015-12-04] (Avira Operations GmbH & Co. KG)
R2 avnetflt; C:\Windows\system32\DRIVERS\avnetflt.sys [73032 2015-12-16] (Avira Operations GmbH & Co. KG)
R1 cmderd; C:\Windows\System32\DRIVERS\cmderd.sys [21720 2015-11-18] (COMODO)
R1 cmdGuard; C:\Windows\System32\DRIVERS\cmdguard.sys [828144 2015-11-18] (COMODO)
R1 cmdhlp; C:\Windows\system32\DRIVERS\cmdhlp.sys [35056 2015-08-05] (COMODO)
R0 DeepFrz; C:\Windows\System32\Drivers\DeepFrz.sys [218088 2015-10-30] (Faronics Corporation)
R0 DfDiskLo; C:\Windows\System32\Drivers\DfDiskLo.sys [38632 2015-10-30] (Faronics Corporation)
R1 DFFilter; C:\Windows\System32\Drivers\DFFilter.sys [43240 2015-10-30] (Faronics Corporation)
S0 ebdrv; C:\Windows\System32\drivers\evbda.sys [3357024 2013-08-22] (Broadcom Corporation)
R0 FarDisk; C:\Windows\System32\Drivers\FarDisk.sys [31464 2015-10-30] (Faronics Corporation)
R0 FarSpace; C:\Windows\System32\Drivers\FarSpace.sys [117992 2015-10-30] (Faronics Corporation)
R1 inspect; C:\Windows\system32\DRIVERS\inspect.sys [127232 2015-08-05] (COMODO)
R3 MEIx64; C:\Windows\system32\DRIVERS\TeeDriverx64.sys [99288 2014-02-07] (Intel Corporation)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [20768 2015-11-05] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [50472 2015-10-20] (NVIDIA Corporation)
R3 RtlWlanu; C:\Windows\system32\DRIVERS\rtwlanu.sys [2968280 2014-02-07] (Realtek Semiconductor Corporation )
S3 TuneUpUtilitiesDrv; C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesDriver64.sys [31144 2015-10-14] (TuneUp Software)
U5 UnlockerDriver5; C:\Program Files\Unlocker\UnlockerDriver5.sys [12352 2010-07-01] ()
R0 vsock; C:\Windows\System32\drivers\vsock.sys [75512 2015-08-04] (VMware, Inc.)
R2 vstor2-mntapi20-shared; C:\Windows\SysWow64\drivers\vstor2-mntapi20-shared.sys [34520 2015-07-09] (VMware, Inc.)
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [34760 2013-08-22] (Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [265056 2013-08-22] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [124256 2013-08-22] (Microsoft Corporation)
==================== NetSvcs (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
==================== Un mois - Créés - fichiers et dossiers ========
(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)
2016-02-16 19:02 - 2016-02-16 19:02 - 00017181 _____ C:\Users\phil\Desktop\FRST.txt
2016-02-16 19:01 - 2016-02-16 19:02 - 00000000 ____D C:\FRST
2016-02-16 18:45 - 2016-02-16 18:45 - 02370560 _____ (Farbar) C:\Users\phil\Desktop\FRST64.exe
2016-02-16 17:12 - 2016-02-16 17:12 - 00002162 _____ C:\Users\phil\Desktop\ProRealTime.lnk
2016-02-16 17:12 - 2016-02-16 17:12 - 00000000 ____D C:\Users\phil\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ProRealTime
2016-02-16 17:11 - 2016-02-16 17:12 - 00000000 ____D C:\Users\phil\AppData\Local\IT-Finance
2016-02-16 17:10 - 2016-02-16 17:14 - 00000000 ____D C:\ProgramData\F-Secure
2016-02-16 17:10 - 2016-02-16 17:10 - 00511448 _____ (F-Secure Corporation) C:\Users\phil\Desktop\onlinescanner.exe
2016-02-16 17:10 - 2016-02-16 17:10 - 00000000 ____D C:\Users\phil\AppData\Local\F-Secure
2016-02-16 17:10 - 2016-02-16 17:10 - 00000000 ____D C:\Users\phil\AppData\Local\FSDART
2016-02-16 16:39 - 2016-02-16 16:39 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel
2016-02-16 16:36 - 2016-02-16 16:36 - 00000000 ____D C:\Users\phil\Desktop\SetupRST
2016-02-16 16:36 - 2016-02-16 14:08 - 13423713 _____ C:\Users\phil\Desktop\SetupRST.zip
2016-02-16 16:33 - 2016-02-16 16:33 - 583319800 _____ C:\Windows\MEMORY.DMP
2016-02-16 16:33 - 2016-02-16 16:33 - 00343312 _____ C:\Windows\Minidump\021616-19031-01.dmp
2016-02-15 08:59 - 2016-02-15 08:59 - 00414528 _____ C:\Windows\system32\FNTCACHE.DAT
2016-02-15 07:01 - 2016-02-15 07:01 - 25839104 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2016-02-15 07:01 - 2016-02-15 07:01 - 20366848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2016-02-15 07:01 - 2016-02-15 07:01 - 14458368 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2016-02-15 07:01 - 2016-02-15 07:01 - 12857856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2016-02-15 07:01 - 2016-02-15 07:01 - 02887680 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2016-02-15 07:01 - 2016-02-15 07:01 - 02280448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2016-02-15 07:01 - 2016-02-15 07:01 - 01547264 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2016-02-15 07:01 - 2016-02-15 07:01 - 01312256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2016-02-15 06:59 - 2016-02-15 06:59 - 00267776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wincorlib.dll
2016-02-15 06:59 - 2016-01-19 20:14 - 07453024 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2016-02-15 06:59 - 2016-01-19 20:13 - 02175008 _____ (Microsoft Corporation) C:\Windows\system32\combase.dll
2016-02-15 06:59 - 2016-01-19 20:13 - 01063464 _____ (Microsoft Corporation) C:\Windows\system32\WinTypes.dll
2016-02-15 06:59 - 2016-01-19 20:12 - 01737088 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2016-02-15 06:59 - 2016-01-19 20:12 - 01133744 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2016-02-15 06:59 - 2016-01-19 19:23 - 01564496 _____ (Microsoft Corporation) C:\Windows\SysWOW64\combase.dll
2016-02-15 06:59 - 2016-01-19 19:23 - 01501496 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2016-02-15 06:59 - 2016-01-19 19:23 - 00548024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WinTypes.dll
2016-02-15 06:59 - 2016-01-19 19:15 - 00246784 _____ (Microsoft Corporation) C:\Windows\system32\microsoft-windows-system-events.dll
2016-02-15 06:59 - 2016-01-19 18:30 - 00862720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2016-02-15 06:59 - 2016-01-10 18:50 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\cfgbkend.dll
2016-02-15 06:59 - 2016-01-10 18:31 - 00162304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msorcl32.dll
2016-02-15 06:59 - 2016-01-10 18:16 - 00898048 _____ (Microsoft Corporation) C:\Windows\system32\CPFilters.dll
2016-02-15 06:59 - 2016-01-10 18:14 - 00048640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cfgbkend.dll
2016-02-15 06:59 - 2016-01-10 18:12 - 00532480 _____ (Microsoft Corporation) C:\Windows\system32\EncDec.dll
2016-02-15 06:59 - 2016-01-10 18:02 - 00987648 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2016-02-15 06:59 - 2016-01-10 17:58 - 00166400 _____ (Microsoft Corporation) C:\Windows\system32\mtxoci.dll
2016-02-15 06:59 - 2016-01-10 17:51 - 00702976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\CPFilters.dll
2016-02-15 06:59 - 2016-01-10 17:49 - 00443392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\EncDec.dll
2016-02-15 06:59 - 2016-01-10 17:43 - 00801792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2016-02-15 06:59 - 2016-01-10 17:40 - 00116736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mtxoci.dll
2016-02-15 06:59 - 2016-01-07 19:34 - 04175872 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2016-02-15 06:59 - 2016-01-06 19:25 - 00140800 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxdav.sys
2016-02-15 06:59 - 2015-12-29 16:45 - 07783936 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Data.Pdf.dll
2016-02-15 06:59 - 2015-12-29 16:45 - 07075328 _____ (Microsoft Corporation) C:\Windows\system32\glcndFilter.dll
2016-02-15 06:59 - 2015-12-29 16:43 - 05267968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\glcndFilter.dll
2016-02-15 06:59 - 2015-12-29 16:42 - 05264384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Data.Pdf.dll
2016-02-15 06:58 - 2016-02-15 06:58 - 06052352 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2016-02-15 06:58 - 2016-02-15 06:58 - 04611072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2016-02-15 06:58 - 2016-02-15 06:58 - 02880000 _____ (Microsoft Corporation) C:\Windows\system32\actxprxy.dll
2016-02-15 06:58 - 2016-02-15 06:58 - 02597376 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2016-02-15 06:58 - 2016-02-15 06:58 - 02123264 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2016-02-15 06:58 - 2016-02-15 06:58 - 02120704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2016-02-15 06:58 - 2016-02-15 06:58 - 02050560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2016-02-15 06:58 - 2016-02-15 06:58 - 01032704 _____ (Microsoft Corporation) C:\Windows\system32\inetcomm.dll
2016-02-15 06:58 - 2016-02-15 06:58 - 00880128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcomm.dll
2016-02-15 06:58 - 2016-02-15 06:58 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2016-02-15 06:58 - 2016-02-15 06:58 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2016-02-15 06:58 - 2016-02-15 06:58 - 00798208 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2016-02-15 06:58 - 2016-02-15 06:58 - 00718336 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2016-02-15 06:58 - 2016-02-15 06:58 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2016-02-15 06:58 - 2016-02-15 06:58 - 00687104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2016-02-15 06:58 - 2016-02-15 06:58 - 00663552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2016-02-15 06:58 - 2016-02-15 06:58 - 00571904 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2016-02-15 06:58 - 2016-02-15 06:58 - 00496640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2016-02-15 06:58 - 2016-02-15 06:58 - 00372224 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2016-02-15 06:58 - 2016-02-15 06:58 - 00325632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2016-02-15 06:58 - 2016-02-15 06:58 - 00262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2016-02-15 06:58 - 2016-02-15 06:58 - 00230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2016-02-15 06:58 - 2016-02-15 06:58 - 00131584 _____ (Microsoft Corporation) C:\Windows\system32\rdpudd.dll
2016-02-15 06:58 - 2016-02-15 06:58 - 00108544 _____ (Microsoft Corporation) C:\Windows\system32\hlink.dll
2016-02-15 06:58 - 2016-02-15 06:58 - 00099328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\hlink.dll
2016-02-15 06:58 - 2015-12-28 22:42 - 00713216 _____ (Microsoft Corporation) C:\Windows\system32\WinSync.dll
2016-02-15 06:58 - 2015-12-28 21:31 - 00578048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WinSync.dll
2016-02-15 06:58 - 2015-12-17 17:17 - 03547648 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorets.dll
2016-02-02 12:06 - 2016-02-02 12:06 - 00000000 ____D C:\Users\phil\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Unlocker
2016-02-02 12:06 - 2016-02-02 12:06 - 00000000 ____D C:\Program Files\Unlocker
2016-02-02 06:23 - 2016-02-16 16:33 - 00000000 ____D C:\Windows\Minidump
2016-01-21 09:36 - 2016-01-21 09:36 - 01200128 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Globalization.dll
2016-01-21 09:36 - 2016-01-21 09:36 - 00868864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Globalization.dll
==================== Un mois - Modifiés - fichiers et dossiers ========
(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)
2016-02-16 18:43 - 2013-08-22 16:36 - 00000000 ____D C:\Windows\rescache
2016-02-16 17:42 - 2014-04-04 17:04 - 00003600 _____ C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-1829065414-1029609543-2641321589-1001
2016-02-16 17:02 - 2015-11-16 09:31 - 00000000 ____D C:\ProgramData\NVIDIA
2016-02-16 17:02 - 2013-08-22 15:45 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2016-02-16 16:40 - 2013-08-22 14:25 - 00262144 ___SH C:\Windows\system32\config\BBI
2016-02-16 16:39 - 2014-04-04 17:16 - 00000000 ____D C:\Program Files\Intel
2016-02-16 16:39 - 2013-08-22 14:36 - 00000000 ____D C:\Windows\Inf
2016-02-15 08:47 - 2015-10-20 02:20 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2016-02-15 07:05 - 2013-08-22 16:20 - 00000000 ____D C:\Windows\CbsTemp
2016-02-15 07:04 - 2013-08-22 21:59 - 00000000 ____D C:\Program Files\Windows Journal
2016-02-15 07:03 - 2015-10-19 22:22 - 00000000 ____D C:\Windows\system32\MRT
2016-02-15 07:01 - 2015-10-19 22:22 - 146614896 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2016-02-15 06:59 - 2013-08-22 16:38 - 00828920 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2016-02-15 06:51 - 2014-04-06 06:23 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2016-02-09 06:15 - 2016-01-14 07:39 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2016-02-09 06:15 - 2015-10-20 14:54 - 00000000 ____D C:\ProgramData\Oracle
2016-02-09 06:14 - 2016-01-14 07:39 - 00097888 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2016-02-09 06:14 - 2015-10-20 14:54 - 00000000 ____D C:\Users\phil\.oracle_jre_usage
2016-02-09 06:14 - 2015-10-20 14:53 - 00000000 ____D C:\Program Files (x86)\Java
2016-02-09 06:13 - 2015-10-19 21:53 - 00000000 ____D C:\ProgramData\Package Cache
2016-02-09 06:13 - 2015-10-19 21:52 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2016-02-03 15:36 - 2015-10-20 14:56 - 00000000 ____D C:\Users\phil\AppData\Local\CrashDumps
2016-02-02 16:18 - 2013-08-22 21:57 - 00000000 ____D C:\Windows\SysWOW64\winrm
2016-02-02 16:18 - 2013-08-22 21:57 - 00000000 ____D C:\Windows\SysWOW64\WCN
2016-02-02 16:18 - 2013-08-22 21:57 - 00000000 ____D C:\Windows\SysWOW64\slmgr
2016-02-02 16:18 - 2013-08-22 21:57 - 00000000 ____D C:\Windows\system32\winrm
2016-02-02 16:18 - 2013-08-22 21:57 - 00000000 ____D C:\Windows\system32\WCN
2016-02-02 16:18 - 2013-08-22 21:57 - 00000000 ____D C:\Windows\system32\slmgr
2016-02-02 16:18 - 2013-08-22 16:36 - 00000000 ___SD C:\Windows\system32\dsc
2016-02-02 16:18 - 2013-08-22 16:36 - 00000000 ___RD C:\Windows\ImmersiveControlPanel
2016-02-02 16:18 - 2013-08-22 16:36 - 00000000 ____D C:\Windows\WinStore
2016-02-02 16:18 - 2013-08-22 16:36 - 00000000 ____D C:\Windows\SysWOW64\en-GB
2016-02-02 16:18 - 2013-08-22 16:36 - 00000000 ____D C:\Windows\system32\migwiz
2016-02-02 16:18 - 2013-08-22 16:36 - 00000000 ____D C:\Windows\system32\en-GB
2016-02-02 16:18 - 2013-08-22 16:36 - 00000000 ____D C:\Windows\PolicyDefinitions
2016-02-02 16:18 - 2013-08-22 16:36 - 00000000 ____D C:\Program Files\Windows Defender
2016-02-02 16:18 - 2013-08-22 16:36 - 00000000 ____D C:\Program Files (x86)\Windows Defender
2016-02-02 16:18 - 2013-08-22 14:36 - 00000000 ____D C:\Windows\system32\oobe
2016-02-02 16:18 - 2013-08-22 14:36 - 00000000 ____D C:\Windows\servicing
2016-02-02 15:18 - 2015-10-20 16:42 - 00000000 ____D C:\Windows\SysWOW64\XPSViewer
2016-02-02 15:18 - 2013-08-22 21:57 - 00000000 ____D C:\Windows\SysWOW64\Printing_Admin_Scripts
2016-02-02 15:18 - 2013-08-22 21:57 - 00000000 ____D C:\Windows\system32\Printing_Admin_Scripts
2016-02-02 15:18 - 2013-08-22 16:36 - 00000000 ____D C:\Windows\SysWOW64\MUI
2016-02-02 15:18 - 2013-08-22 16:36 - 00000000 ____D C:\Windows\SysWOW64\Com
2016-02-02 15:18 - 2013-08-22 16:36 - 00000000 ____D C:\Windows\system32\SystemResetPlatform
2016-02-02 15:18 - 2013-08-22 16:36 - 00000000 ____D C:\Windows\system32\MUI
2016-02-02 15:18 - 2013-08-22 16:36 - 00000000 ____D C:\Windows\system32\Com
2016-02-02 15:18 - 2013-08-22 16:36 - 00000000 ____D C:\Windows\IME
2016-02-02 15:18 - 2013-08-22 16:36 - 00000000 ____D C:\Windows\Help
2016-02-02 15:18 - 2013-08-22 16:36 - 00000000 ____D C:\Program Files\Windows Photo Viewer
2016-02-02 15:18 - 2013-08-22 16:36 - 00000000 ____D C:\Program Files\Common Files\System
2016-02-02 15:18 - 2013-08-22 16:36 - 00000000 ____D C:\Program Files (x86)\Windows Photo Viewer
2016-02-02 15:18 - 2013-08-22 14:36 - 00000000 ____D C:\Windows\SysWOW64\oobe
2016-02-02 15:18 - 2013-08-22 14:36 - 00000000 ____D C:\Windows\SysWOW64\Dism
2016-02-02 15:18 - 2013-08-22 14:36 - 00000000 ____D C:\Windows\system32\Sysprep
2016-02-02 15:18 - 2013-08-22 14:36 - 00000000 ____D C:\Windows\system32\Dism
2016-02-02 13:24 - 2013-08-22 16:36 - 00000000 ____D C:\Windows\LiveKernelReports
2016-02-02 06:34 - 2015-10-20 09:09 - 00000000 ____D C:\Users\phil\AppData\Roaming\Skype
2016-02-02 03:37 - 2013-08-22 16:38 - 00176632 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
==================== Fichiers à la racine de certains dossiers =======
2015-10-20 09:07 - 2015-10-20 09:07 - 0007859 _____ () C:\Users\phil\AppData\Roaming\pcouffin.cat
2015-10-20 09:07 - 2015-10-20 09:07 - 0001167 _____ () C:\Users\phil\AppData\Roaming\pcouffin.inf
2015-10-20 09:07 - 2015-10-20 09:07 - 0000055 _____ () C:\Users\phil\AppData\Roaming\pcouffin.log
2015-10-20 09:07 - 2015-10-20 09:07 - 0082816 _____ (VSO Software) C:\Users\phil\AppData\Roaming\pcouffin.sys
2014-04-04 17:20 - 2014-04-04 17:20 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
2015-10-23 20:49 - 2015-10-23 20:49 - 0000032 _____ () C:\ProgramData\Temp.log
Certains fichiers dans TEMP:
====================
C:\Users\phil\AppData\Local\Temp\avgnt.exe
==================== Bamital & volsnap =================
(Il n'y a pas de correction automatique pour les fichiers qui ne satisfont pas à la vérification.)
C:\Windows\system32\winlogon.exe => Le fichier est signé numériquement
C:\Windows\system32\wininit.exe => Le fichier est signé numériquement
C:\Windows\explorer.exe => Le fichier est signé numériquement
C:\Windows\SysWOW64\explorer.exe => Le fichier est signé numériquement
C:\Windows\system32\svchost.exe => Le fichier est signé numériquement
C:\Windows\SysWOW64\svchost.exe => Le fichier est signé numériquement
C:\Windows\system32\services.exe => Le fichier est signé numériquement
C:\Windows\system32\User32.dll => Le fichier est signé numériquement
C:\Windows\SysWOW64\User32.dll => Le fichier est signé numériquement
C:\Windows\system32\userinit.exe => Le fichier est signé numériquement
C:\Windows\SysWOW64\userinit.exe => Le fichier est signé numériquement
C:\Windows\system32\rpcss.dll => Le fichier est signé numériquement
C:\Windows\system32\dnsapi.dll => Le fichier est signé numériquement
C:\Windows\SysWOW64\dnsapi.dll => Le fichier est signé numériquement
C:\Windows\system32\Drivers\volsnap.sys => Le fichier est signé numériquement
ATTENTION: ==> Impossible d'accéder au BCD.
LastRegBack: 2016-02-16 17:43
==================== Fin de FRST.txt ============================
Exécuté par phil (administrateur) sur FLEXI2202 (16-02-2016 19:02:10)
Exécuté depuis C:\Users\phil\Desktop
Profils chargés: phil (Profils disponibles: phil)
Platform: Windows 8.1 (X64) Langue: Français (France)
Internet Explorer Version 11 (Navigateur par défaut: FF)
Mode d'amorçage: Normal
Tutoriel pour Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processus (Avec liste blanche) =================
(Si un élément est inclus dans le fichier fixlist.txt, le processus sera arrêté. Le fichier ne sera pas déplacé.)
Impossible d'accéder au processus -> csrss.exe
Impossible d'accéder au processus -> csrss.exe
(Faronics Corporation) C:\Program Files (x86)\Faronics\Deep Freeze\Install C-0\DFServ.exe
Impossible d'accéder au processus -> dwm.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(COMODO) C:\Program Files\COMODO\COMODO Internet Security\CisTray.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\sched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avguard.exe
(COMODO) C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
Impossible d'accéder au processus -> WmiPrvSE.exe
(Faronics Corporation) C:\Program Files (x86)\Faronics\Deep Freeze\Install C-0\_$Df\FrzState2k.exe
(Faronics Corporation) C:\Windows\Temp\DFLocker64.exe
Impossible d'accéder au processus -> cavwp.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avshadow.exe
Impossible d'accéder au processus -> NvStreamNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
Impossible d'accéder au processus -> conhost.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(COMODO) C:\Program Files\COMODO\COMODO Internet Security\cis.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avgnt.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.Systray.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Mario Groleau) C:\Users\phil\Desktop\imprimeur.exe
Impossible d'accéder au processus -> WmiPrvSE.exe
==================== Registre (Avec liste blanche) ===========================
(Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé. Le fichier ne sera pas déplacé.)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13662936 2014-02-07] (Realtek Semiconductor)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2655520 2015-11-16] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [323056 2016-02-16] (Intel Corporation)
HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\Antivirus\avgnt.exe [803200 2015-12-16] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [594992 2016-02-09] (Oracle Corporation)
HKLM-x32\...\Run: [Avira SystrayStartTrigger] => C:\Program Files (x86)\Avira\Launcher\Avira.SystrayStartTrigger.exe [66328 2016-02-09] (Avira Operations GmbH & Co. KG)
IFEO\foxitreader.exe: [Debugger] "C:\Program Files (x86)\AVG\AVG PC TuneUp\TUAutoReactivator64.exe"
IFEO\hpwucli.exe: [Debugger] "C:\Program Files (x86)\AVG\AVG PC TuneUp\TUAutoReactivator64.exe"
IFEO\unins000.exe: [Debugger] "C:\Program Files (x86)\AVG\AVG PC TuneUp\TUAutoReactivator64.exe"
IFEO\vmnetcfg.exe: [Debugger] "C:\Program Files (x86)\AVG\AVG PC TuneUp\TUAutoReactivator64.exe"
IFEO\vmplayer.exe: [Debugger] "C:\Program Files (x86)\AVG\AVG PC TuneUp\TUAutoReactivator64.exe"
IFEO\vmware.exe: [Debugger] "C:\Program Files (x86)\AVG\AVG PC TuneUp\TUAutoReactivator64.exe"
BootExecute: autocheck autochk /k:C /k:D /k:E *
==================== Internet (Avec liste blanche) ====================
(Si un élément est inclus dans le fichier fixlist.txt, s'il s'agit d'un élément du Registre, il sera supprimé ou restauré à la valeur par défaut.)
Tcpip\Parameters: [DhcpNameServer] 109.88.203.3 62.197.111.140
Tcpip\..\Interfaces\{1948F731-1CB5-4F46-8AD5-FE6DBCACDFB8}: [DhcpNameServer] 109.88.203.3 62.197.111.140
Internet Explorer:
==================
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_73\bin\ssv.dll [2016-02-09] (Oracle Corporation)
BHO-x32: FlashGetBHO -> {b070d3e3-fec0-47d9-8e8a-99d4eeb3d3b0} -> C:\Users\phil\AppData\Roaming\FlashGetBHO\FlashGetBHO.dll [2012-01-06] (Trend Media Group)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_73\bin\jp2ssv.dll [2016-02-09] (Oracle Corporation)
FireFox:
========
FF ProfilePath: C:\Users\phil\AppData\Roaming\Mozilla\Firefox\Profiles\vs8mcgoz.default
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_20_0_0_286.dll [2016-02-09] ()
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_20_0_0_286.dll [2016-02-09] ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2014-02-07] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2014-02-07] (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.73.2 -> C:\Program Files (x86)\Java\jre1.8.0_73\bin\dtplugin\npDeployJava1.dll [2016-02-09] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.73.2 -> C:\Program Files (x86)\Java\jre1.8.0_73\bin\plugin2\npjp2.dll [2016-02-09] (Oracle Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2015-11-16] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2015-11-16] (NVIDIA Corporation)
FF Plugin-x32: @videolan.org/vlc,version=2.1.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Extension: SkipScreen - C:\Users\phil\AppData\Roaming\Mozilla\Firefox\Profiles\vs8mcgoz.default\extensions\SkipScreen@SkipScreen.xpi [2015-10-20]
FF Extension: Web Developer - C:\Users\phil\AppData\Roaming\Mozilla\Firefox\Profiles\vs8mcgoz.default\extensions\{c45c406e-ab73-11d8-be73-000a95be3b12}.xpi [2015-10-20]
FF Extension: FlashGot - C:\Users\phil\AppData\Roaming\Mozilla\Firefox\Profiles\vs8mcgoz.default\extensions\{19503e42-ca3c-4c27-b1e2-9cdb2170ee34}.xpi [2015-10-20]
FF Extension: Manage Folders - C:\Users\phil\AppData\Roaming\Mozilla\Firefox\Profiles\vs8mcgoz.default\extensions\firefox-managefolders@googlecode.com.xpi [2015-10-20]
FF Extension: MetaProducts Integration - C:\Users\phil\AppData\Roaming\Mozilla\Firefox\Profiles\vs8mcgoz.default\extensions\{D249FD00-4DF9-11D9-9FDC-0080481ADA61}.xpi [2015-10-20]
FF Extension: ReloadEvery - C:\Users\phil\AppData\Roaming\Mozilla\Firefox\Profiles\vs8mcgoz.default\extensions\{888d99e7-e8b5-46a3-851e-1ec45da1e644}.xpi [2015-10-20]
FF Extension: InFormEnter - C:\Users\phil\AppData\Roaming\Mozilla\Firefox\Profiles\vs8mcgoz.default\extensions\{5546F97E-11A5-46b0-9082-32AD74AAA920} [2015-10-20]
FF Extension: DownThemAll! - C:\Users\phil\AppData\Roaming\Mozilla\Firefox\Profiles\vs8mcgoz.default\extensions\{DDC359D1-844A-42a7-9AA1-88A850A938A8}.xpi [2015-12-15]
FF Extension: Boox - C:\Users\phil\AppData\Roaming\Mozilla\Firefox\Profiles\vs8mcgoz.default\extensions\{53c4d698-0a74-873e-7946-7d19bb035667}.xpi [2015-12-15]
FF Extension: WOT - C:\Users\phil\AppData\Roaming\Mozilla\Firefox\Profiles\vs8mcgoz.default\extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7} [2015-12-15]
FF Extension: FEBE - C:\Users\phil\AppData\Roaming\Mozilla\Firefox\Profiles\vs8mcgoz.default\extensions\{4BBDD651-70CF-4821-84F8-2B918CF89CA3} [2016-02-02]
FF Extension: NoScript - C:\Users\phil\AppData\Roaming\Mozilla\Firefox\Profiles\vs8mcgoz.default\extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi [2016-02-15]
FF Extension: Firebug - C:\Users\phil\AppData\Roaming\Mozilla\Firefox\Profiles\vs8mcgoz.default\Extensions\firebug@software.joehewitt.com.xpi [2016-02-09]
FF Extension: Video DownloadHelper - C:\Users\phil\AppData\Roaming\Mozilla\Firefox\Profiles\vs8mcgoz.default\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}.xpi [2015-11-16]
FF Extension: Adblock Plus - C:\Users\phil\AppData\Roaming\Mozilla\Firefox\Profiles\vs8mcgoz.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2016-01-21]
Chrome:
=======
CHR Profile: C:\Users\phil\AppData\Local\Google\Chrome\User Data\Default
==================== Services (Avec liste blanche) ========================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
S2 AntiVirMailService; C:\Program Files (x86)\Avira\Antivirus\avmailc7.exe [948392 2015-12-16] (Avira Operations GmbH & Co. KG)
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\Antivirus\sched.exe [466408 2015-12-16] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\Antivirus\avguard.exe [466408 2015-12-16] (Avira Operations GmbH & Co. KG)
S2 AntiVirWebService; C:\Program Files (x86)\Avira\Antivirus\avwebg7.exe [1418560 2015-12-16] (Avira Operations GmbH & Co. KG)
S3 avgsvc; C:\Program Files (x86)\AVG\Framework\Common\avgsvca.exe [1046952 2015-10-23] (AVG Technologies CZ, s.r.o.)
R2 Avira.ServiceHost; C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe [249120 2016-02-09] (Avira Operations GmbH & Co. KG)
R2 CmdAgent; C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe [5542472 2015-09-03] (COMODO)
S3 cmdvirth; C:\Program Files\COMODO\COMODO Internet Security\cmdvirth.exe [2265792 2015-08-05] (COMODO)
R2 DFServ; C:\Program Files (x86)\Faronics\Deep Freeze\Install C-0\DFServ.exe [1404792 2015-11-22] (Faronics Corporation) [Fichier non signé]
S4 FoxitCloudUpdateService; C:\Program Files (x86)\Foxit Software\Foxit Reader\Foxit Cloud\FCUpdateService.exe [244448 2014-10-28] (Foxit Software Inc.)
R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1156384 2015-11-16] (NVIDIA Corporation)
R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [19440 2016-02-16] (Intel Corporation)
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [733696 2013-05-11] (Intel(R) Corporation) [Fichier non signé]
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [822232 2013-05-11] (Intel(R) Corporation)
R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [131544 2014-02-07] (Intel Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2014-02-07] (Intel Corporation)
R2 Net Driver HPZ12; C:\Windows\System32\HPZinw12.dll [71680 2010-08-06] (Hewlett-Packard) [Fichier non signé]
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1873696 2015-11-16] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe [5568288 2015-11-16] (NVIDIA Corporation)
R2 Pml Driver HPZ12; C:\Windows\System32\HPZipm12.dll [89600 2010-08-06] (Hewlett-Packard) [Fichier non signé]
S3 TuneUp.UtilitiesSvc; C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesService64.exe [4368808 2015-10-23] (AVG Technologies CZ, s.r.o.)
S4 VMwareHostd; C:\Program Files (x86)\VMware\VMware Workstation\vmware-hostd.exe [12465344 2015-10-20] ()
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [346872 2013-08-22] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23840 2013-08-22] (Microsoft Corporation)
===================== Pilotes (Avec liste blanche) ==========================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [135880 2015-12-16] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\system32\DRIVERS\avipbb.sys [146696 2015-12-04] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\system32\DRIVERS\avkmgr.sys [35488 2015-12-04] (Avira Operations GmbH & Co. KG)
R2 avnetflt; C:\Windows\system32\DRIVERS\avnetflt.sys [73032 2015-12-16] (Avira Operations GmbH & Co. KG)
R1 cmderd; C:\Windows\System32\DRIVERS\cmderd.sys [21720 2015-11-18] (COMODO)
R1 cmdGuard; C:\Windows\System32\DRIVERS\cmdguard.sys [828144 2015-11-18] (COMODO)
R1 cmdhlp; C:\Windows\system32\DRIVERS\cmdhlp.sys [35056 2015-08-05] (COMODO)
R0 DeepFrz; C:\Windows\System32\Drivers\DeepFrz.sys [218088 2015-10-30] (Faronics Corporation)
R0 DfDiskLo; C:\Windows\System32\Drivers\DfDiskLo.sys [38632 2015-10-30] (Faronics Corporation)
R1 DFFilter; C:\Windows\System32\Drivers\DFFilter.sys [43240 2015-10-30] (Faronics Corporation)
S0 ebdrv; C:\Windows\System32\drivers\evbda.sys [3357024 2013-08-22] (Broadcom Corporation)
R0 FarDisk; C:\Windows\System32\Drivers\FarDisk.sys [31464 2015-10-30] (Faronics Corporation)
R0 FarSpace; C:\Windows\System32\Drivers\FarSpace.sys [117992 2015-10-30] (Faronics Corporation)
R1 inspect; C:\Windows\system32\DRIVERS\inspect.sys [127232 2015-08-05] (COMODO)
R3 MEIx64; C:\Windows\system32\DRIVERS\TeeDriverx64.sys [99288 2014-02-07] (Intel Corporation)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [20768 2015-11-05] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [50472 2015-10-20] (NVIDIA Corporation)
R3 RtlWlanu; C:\Windows\system32\DRIVERS\rtwlanu.sys [2968280 2014-02-07] (Realtek Semiconductor Corporation )
S3 TuneUpUtilitiesDrv; C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesDriver64.sys [31144 2015-10-14] (TuneUp Software)
U5 UnlockerDriver5; C:\Program Files\Unlocker\UnlockerDriver5.sys [12352 2010-07-01] ()
R0 vsock; C:\Windows\System32\drivers\vsock.sys [75512 2015-08-04] (VMware, Inc.)
R2 vstor2-mntapi20-shared; C:\Windows\SysWow64\drivers\vstor2-mntapi20-shared.sys [34520 2015-07-09] (VMware, Inc.)
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [34760 2013-08-22] (Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [265056 2013-08-22] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [124256 2013-08-22] (Microsoft Corporation)
==================== NetSvcs (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
==================== Un mois - Créés - fichiers et dossiers ========
(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)
2016-02-16 19:02 - 2016-02-16 19:02 - 00017181 _____ C:\Users\phil\Desktop\FRST.txt
2016-02-16 19:01 - 2016-02-16 19:02 - 00000000 ____D C:\FRST
2016-02-16 18:45 - 2016-02-16 18:45 - 02370560 _____ (Farbar) C:\Users\phil\Desktop\FRST64.exe
2016-02-16 17:12 - 2016-02-16 17:12 - 00002162 _____ C:\Users\phil\Desktop\ProRealTime.lnk
2016-02-16 17:12 - 2016-02-16 17:12 - 00000000 ____D C:\Users\phil\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ProRealTime
2016-02-16 17:11 - 2016-02-16 17:12 - 00000000 ____D C:\Users\phil\AppData\Local\IT-Finance
2016-02-16 17:10 - 2016-02-16 17:14 - 00000000 ____D C:\ProgramData\F-Secure
2016-02-16 17:10 - 2016-02-16 17:10 - 00511448 _____ (F-Secure Corporation) C:\Users\phil\Desktop\onlinescanner.exe
2016-02-16 17:10 - 2016-02-16 17:10 - 00000000 ____D C:\Users\phil\AppData\Local\F-Secure
2016-02-16 17:10 - 2016-02-16 17:10 - 00000000 ____D C:\Users\phil\AppData\Local\FSDART
2016-02-16 16:39 - 2016-02-16 16:39 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel
2016-02-16 16:36 - 2016-02-16 16:36 - 00000000 ____D C:\Users\phil\Desktop\SetupRST
2016-02-16 16:36 - 2016-02-16 14:08 - 13423713 _____ C:\Users\phil\Desktop\SetupRST.zip
2016-02-16 16:33 - 2016-02-16 16:33 - 583319800 _____ C:\Windows\MEMORY.DMP
2016-02-16 16:33 - 2016-02-16 16:33 - 00343312 _____ C:\Windows\Minidump\021616-19031-01.dmp
2016-02-15 08:59 - 2016-02-15 08:59 - 00414528 _____ C:\Windows\system32\FNTCACHE.DAT
2016-02-15 07:01 - 2016-02-15 07:01 - 25839104 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2016-02-15 07:01 - 2016-02-15 07:01 - 20366848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2016-02-15 07:01 - 2016-02-15 07:01 - 14458368 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2016-02-15 07:01 - 2016-02-15 07:01 - 12857856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2016-02-15 07:01 - 2016-02-15 07:01 - 02887680 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2016-02-15 07:01 - 2016-02-15 07:01 - 02280448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2016-02-15 07:01 - 2016-02-15 07:01 - 01547264 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2016-02-15 07:01 - 2016-02-15 07:01 - 01312256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2016-02-15 06:59 - 2016-02-15 06:59 - 00267776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wincorlib.dll
2016-02-15 06:59 - 2016-01-19 20:14 - 07453024 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2016-02-15 06:59 - 2016-01-19 20:13 - 02175008 _____ (Microsoft Corporation) C:\Windows\system32\combase.dll
2016-02-15 06:59 - 2016-01-19 20:13 - 01063464 _____ (Microsoft Corporation) C:\Windows\system32\WinTypes.dll
2016-02-15 06:59 - 2016-01-19 20:12 - 01737088 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2016-02-15 06:59 - 2016-01-19 20:12 - 01133744 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2016-02-15 06:59 - 2016-01-19 19:23 - 01564496 _____ (Microsoft Corporation) C:\Windows\SysWOW64\combase.dll
2016-02-15 06:59 - 2016-01-19 19:23 - 01501496 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2016-02-15 06:59 - 2016-01-19 19:23 - 00548024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WinTypes.dll
2016-02-15 06:59 - 2016-01-19 19:15 - 00246784 _____ (Microsoft Corporation) C:\Windows\system32\microsoft-windows-system-events.dll
2016-02-15 06:59 - 2016-01-19 18:30 - 00862720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2016-02-15 06:59 - 2016-01-10 18:50 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\cfgbkend.dll
2016-02-15 06:59 - 2016-01-10 18:31 - 00162304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msorcl32.dll
2016-02-15 06:59 - 2016-01-10 18:16 - 00898048 _____ (Microsoft Corporation) C:\Windows\system32\CPFilters.dll
2016-02-15 06:59 - 2016-01-10 18:14 - 00048640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cfgbkend.dll
2016-02-15 06:59 - 2016-01-10 18:12 - 00532480 _____ (Microsoft Corporation) C:\Windows\system32\EncDec.dll
2016-02-15 06:59 - 2016-01-10 18:02 - 00987648 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2016-02-15 06:59 - 2016-01-10 17:58 - 00166400 _____ (Microsoft Corporation) C:\Windows\system32\mtxoci.dll
2016-02-15 06:59 - 2016-01-10 17:51 - 00702976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\CPFilters.dll
2016-02-15 06:59 - 2016-01-10 17:49 - 00443392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\EncDec.dll
2016-02-15 06:59 - 2016-01-10 17:43 - 00801792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2016-02-15 06:59 - 2016-01-10 17:40 - 00116736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mtxoci.dll
2016-02-15 06:59 - 2016-01-07 19:34 - 04175872 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2016-02-15 06:59 - 2016-01-06 19:25 - 00140800 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxdav.sys
2016-02-15 06:59 - 2015-12-29 16:45 - 07783936 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Data.Pdf.dll
2016-02-15 06:59 - 2015-12-29 16:45 - 07075328 _____ (Microsoft Corporation) C:\Windows\system32\glcndFilter.dll
2016-02-15 06:59 - 2015-12-29 16:43 - 05267968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\glcndFilter.dll
2016-02-15 06:59 - 2015-12-29 16:42 - 05264384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Data.Pdf.dll
2016-02-15 06:58 - 2016-02-15 06:58 - 06052352 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2016-02-15 06:58 - 2016-02-15 06:58 - 04611072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2016-02-15 06:58 - 2016-02-15 06:58 - 02880000 _____ (Microsoft Corporation) C:\Windows\system32\actxprxy.dll
2016-02-15 06:58 - 2016-02-15 06:58 - 02597376 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2016-02-15 06:58 - 2016-02-15 06:58 - 02123264 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2016-02-15 06:58 - 2016-02-15 06:58 - 02120704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2016-02-15 06:58 - 2016-02-15 06:58 - 02050560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2016-02-15 06:58 - 2016-02-15 06:58 - 01032704 _____ (Microsoft Corporation) C:\Windows\system32\inetcomm.dll
2016-02-15 06:58 - 2016-02-15 06:58 - 00880128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcomm.dll
2016-02-15 06:58 - 2016-02-15 06:58 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2016-02-15 06:58 - 2016-02-15 06:58 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2016-02-15 06:58 - 2016-02-15 06:58 - 00798208 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2016-02-15 06:58 - 2016-02-15 06:58 - 00718336 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2016-02-15 06:58 - 2016-02-15 06:58 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2016-02-15 06:58 - 2016-02-15 06:58 - 00687104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2016-02-15 06:58 - 2016-02-15 06:58 - 00663552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2016-02-15 06:58 - 2016-02-15 06:58 - 00571904 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2016-02-15 06:58 - 2016-02-15 06:58 - 00496640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2016-02-15 06:58 - 2016-02-15 06:58 - 00372224 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2016-02-15 06:58 - 2016-02-15 06:58 - 00325632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2016-02-15 06:58 - 2016-02-15 06:58 - 00262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2016-02-15 06:58 - 2016-02-15 06:58 - 00230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2016-02-15 06:58 - 2016-02-15 06:58 - 00131584 _____ (Microsoft Corporation) C:\Windows\system32\rdpudd.dll
2016-02-15 06:58 - 2016-02-15 06:58 - 00108544 _____ (Microsoft Corporation) C:\Windows\system32\hlink.dll
2016-02-15 06:58 - 2016-02-15 06:58 - 00099328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\hlink.dll
2016-02-15 06:58 - 2015-12-28 22:42 - 00713216 _____ (Microsoft Corporation) C:\Windows\system32\WinSync.dll
2016-02-15 06:58 - 2015-12-28 21:31 - 00578048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WinSync.dll
2016-02-15 06:58 - 2015-12-17 17:17 - 03547648 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorets.dll
2016-02-02 12:06 - 2016-02-02 12:06 - 00000000 ____D C:\Users\phil\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Unlocker
2016-02-02 12:06 - 2016-02-02 12:06 - 00000000 ____D C:\Program Files\Unlocker
2016-02-02 06:23 - 2016-02-16 16:33 - 00000000 ____D C:\Windows\Minidump
2016-01-21 09:36 - 2016-01-21 09:36 - 01200128 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Globalization.dll
2016-01-21 09:36 - 2016-01-21 09:36 - 00868864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Globalization.dll
==================== Un mois - Modifiés - fichiers et dossiers ========
(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)
2016-02-16 18:43 - 2013-08-22 16:36 - 00000000 ____D C:\Windows\rescache
2016-02-16 17:42 - 2014-04-04 17:04 - 00003600 _____ C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-1829065414-1029609543-2641321589-1001
2016-02-16 17:02 - 2015-11-16 09:31 - 00000000 ____D C:\ProgramData\NVIDIA
2016-02-16 17:02 - 2013-08-22 15:45 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2016-02-16 16:40 - 2013-08-22 14:25 - 00262144 ___SH C:\Windows\system32\config\BBI
2016-02-16 16:39 - 2014-04-04 17:16 - 00000000 ____D C:\Program Files\Intel
2016-02-16 16:39 - 2013-08-22 14:36 - 00000000 ____D C:\Windows\Inf
2016-02-15 08:47 - 2015-10-20 02:20 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2016-02-15 07:05 - 2013-08-22 16:20 - 00000000 ____D C:\Windows\CbsTemp
2016-02-15 07:04 - 2013-08-22 21:59 - 00000000 ____D C:\Program Files\Windows Journal
2016-02-15 07:03 - 2015-10-19 22:22 - 00000000 ____D C:\Windows\system32\MRT
2016-02-15 07:01 - 2015-10-19 22:22 - 146614896 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2016-02-15 06:59 - 2013-08-22 16:38 - 00828920 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2016-02-15 06:51 - 2014-04-06 06:23 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2016-02-09 06:15 - 2016-01-14 07:39 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2016-02-09 06:15 - 2015-10-20 14:54 - 00000000 ____D C:\ProgramData\Oracle
2016-02-09 06:14 - 2016-01-14 07:39 - 00097888 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2016-02-09 06:14 - 2015-10-20 14:54 - 00000000 ____D C:\Users\phil\.oracle_jre_usage
2016-02-09 06:14 - 2015-10-20 14:53 - 00000000 ____D C:\Program Files (x86)\Java
2016-02-09 06:13 - 2015-10-19 21:53 - 00000000 ____D C:\ProgramData\Package Cache
2016-02-09 06:13 - 2015-10-19 21:52 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2016-02-03 15:36 - 2015-10-20 14:56 - 00000000 ____D C:\Users\phil\AppData\Local\CrashDumps
2016-02-02 16:18 - 2013-08-22 21:57 - 00000000 ____D C:\Windows\SysWOW64\winrm
2016-02-02 16:18 - 2013-08-22 21:57 - 00000000 ____D C:\Windows\SysWOW64\WCN
2016-02-02 16:18 - 2013-08-22 21:57 - 00000000 ____D C:\Windows\SysWOW64\slmgr
2016-02-02 16:18 - 2013-08-22 21:57 - 00000000 ____D C:\Windows\system32\winrm
2016-02-02 16:18 - 2013-08-22 21:57 - 00000000 ____D C:\Windows\system32\WCN
2016-02-02 16:18 - 2013-08-22 21:57 - 00000000 ____D C:\Windows\system32\slmgr
2016-02-02 16:18 - 2013-08-22 16:36 - 00000000 ___SD C:\Windows\system32\dsc
2016-02-02 16:18 - 2013-08-22 16:36 - 00000000 ___RD C:\Windows\ImmersiveControlPanel
2016-02-02 16:18 - 2013-08-22 16:36 - 00000000 ____D C:\Windows\WinStore
2016-02-02 16:18 - 2013-08-22 16:36 - 00000000 ____D C:\Windows\SysWOW64\en-GB
2016-02-02 16:18 - 2013-08-22 16:36 - 00000000 ____D C:\Windows\system32\migwiz
2016-02-02 16:18 - 2013-08-22 16:36 - 00000000 ____D C:\Windows\system32\en-GB
2016-02-02 16:18 - 2013-08-22 16:36 - 00000000 ____D C:\Windows\PolicyDefinitions
2016-02-02 16:18 - 2013-08-22 16:36 - 00000000 ____D C:\Program Files\Windows Defender
2016-02-02 16:18 - 2013-08-22 16:36 - 00000000 ____D C:\Program Files (x86)\Windows Defender
2016-02-02 16:18 - 2013-08-22 14:36 - 00000000 ____D C:\Windows\system32\oobe
2016-02-02 16:18 - 2013-08-22 14:36 - 00000000 ____D C:\Windows\servicing
2016-02-02 15:18 - 2015-10-20 16:42 - 00000000 ____D C:\Windows\SysWOW64\XPSViewer
2016-02-02 15:18 - 2013-08-22 21:57 - 00000000 ____D C:\Windows\SysWOW64\Printing_Admin_Scripts
2016-02-02 15:18 - 2013-08-22 21:57 - 00000000 ____D C:\Windows\system32\Printing_Admin_Scripts
2016-02-02 15:18 - 2013-08-22 16:36 - 00000000 ____D C:\Windows\SysWOW64\MUI
2016-02-02 15:18 - 2013-08-22 16:36 - 00000000 ____D C:\Windows\SysWOW64\Com
2016-02-02 15:18 - 2013-08-22 16:36 - 00000000 ____D C:\Windows\system32\SystemResetPlatform
2016-02-02 15:18 - 2013-08-22 16:36 - 00000000 ____D C:\Windows\system32\MUI
2016-02-02 15:18 - 2013-08-22 16:36 - 00000000 ____D C:\Windows\system32\Com
2016-02-02 15:18 - 2013-08-22 16:36 - 00000000 ____D C:\Windows\IME
2016-02-02 15:18 - 2013-08-22 16:36 - 00000000 ____D C:\Windows\Help
2016-02-02 15:18 - 2013-08-22 16:36 - 00000000 ____D C:\Program Files\Windows Photo Viewer
2016-02-02 15:18 - 2013-08-22 16:36 - 00000000 ____D C:\Program Files\Common Files\System
2016-02-02 15:18 - 2013-08-22 16:36 - 00000000 ____D C:\Program Files (x86)\Windows Photo Viewer
2016-02-02 15:18 - 2013-08-22 14:36 - 00000000 ____D C:\Windows\SysWOW64\oobe
2016-02-02 15:18 - 2013-08-22 14:36 - 00000000 ____D C:\Windows\SysWOW64\Dism
2016-02-02 15:18 - 2013-08-22 14:36 - 00000000 ____D C:\Windows\system32\Sysprep
2016-02-02 15:18 - 2013-08-22 14:36 - 00000000 ____D C:\Windows\system32\Dism
2016-02-02 13:24 - 2013-08-22 16:36 - 00000000 ____D C:\Windows\LiveKernelReports
2016-02-02 06:34 - 2015-10-20 09:09 - 00000000 ____D C:\Users\phil\AppData\Roaming\Skype
2016-02-02 03:37 - 2013-08-22 16:38 - 00176632 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
==================== Fichiers à la racine de certains dossiers =======
2015-10-20 09:07 - 2015-10-20 09:07 - 0007859 _____ () C:\Users\phil\AppData\Roaming\pcouffin.cat
2015-10-20 09:07 - 2015-10-20 09:07 - 0001167 _____ () C:\Users\phil\AppData\Roaming\pcouffin.inf
2015-10-20 09:07 - 2015-10-20 09:07 - 0000055 _____ () C:\Users\phil\AppData\Roaming\pcouffin.log
2015-10-20 09:07 - 2015-10-20 09:07 - 0082816 _____ (VSO Software) C:\Users\phil\AppData\Roaming\pcouffin.sys
2014-04-04 17:20 - 2014-04-04 17:20 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
2015-10-23 20:49 - 2015-10-23 20:49 - 0000032 _____ () C:\ProgramData\Temp.log
Certains fichiers dans TEMP:
====================
C:\Users\phil\AppData\Local\Temp\avgnt.exe
==================== Bamital & volsnap =================
(Il n'y a pas de correction automatique pour les fichiers qui ne satisfont pas à la vérification.)
C:\Windows\system32\winlogon.exe => Le fichier est signé numériquement
C:\Windows\system32\wininit.exe => Le fichier est signé numériquement
C:\Windows\explorer.exe => Le fichier est signé numériquement
C:\Windows\SysWOW64\explorer.exe => Le fichier est signé numériquement
C:\Windows\system32\svchost.exe => Le fichier est signé numériquement
C:\Windows\SysWOW64\svchost.exe => Le fichier est signé numériquement
C:\Windows\system32\services.exe => Le fichier est signé numériquement
C:\Windows\system32\User32.dll => Le fichier est signé numériquement
C:\Windows\SysWOW64\User32.dll => Le fichier est signé numériquement
C:\Windows\system32\userinit.exe => Le fichier est signé numériquement
C:\Windows\SysWOW64\userinit.exe => Le fichier est signé numériquement
C:\Windows\system32\rpcss.dll => Le fichier est signé numériquement
C:\Windows\system32\dnsapi.dll => Le fichier est signé numériquement
C:\Windows\SysWOW64\dnsapi.dll => Le fichier est signé numériquement
C:\Windows\system32\Drivers\volsnap.sys => Le fichier est signé numériquement
ATTENTION: ==> Impossible d'accéder au BCD.
LastRegBack: 2016-02-16 17:43
==================== Fin de FRST.txt ============================