Publicité
Publicité
Format du document : text/plain
Prévisualisation
Résultats d'analyse de Farbar Recovery Scan Tool (FRST) (x86) Version:05-03-2016 01
Exécuté par user (administrateur) sur PC-DE-USER (07-04-2016 21:10:47)
Exécuté depuis C:\Users\user.PC-de-user\Desktop
Profils chargés: user (Profils disponibles: user & Invité)
Platform: Microsoft® Windows Vista™ Édition Familiale Premium Service Pack 2 (X86) Langue: Français (France)
Internet Explorer Version 9 (Navigateur par défaut: Chrome)
Mode d'amorçage: Normal
Tutoriel pour Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processus (Avec liste blanche) =================
(Si un élément est inclus dans le fichier fixlist.txt, le processus sera arrêté. Le fichier ne sera pas déplacé.)
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
(AMD) C:\Windows\System32\atiesrxx.exe
(Microsoft Corporation) C:\Windows\System32\SLsvc.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Arachnoid Biometrics Identification Group Corp.) C:\Program Files\VitaKey\AC5031\CompPtcVUI.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
() C:\Program Files\OSD\Service1.exe
(CybelSoft) C:\Program Files\ma-config.com\MaConfigAgent.exe
(PC Tools) C:\Program Files\Common Files\PC Tools\sMonitor\StartManSvc.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\NisSrv.exe
(Google Inc.) C:\Program Files\Google\Update\1.3.29.5\GoogleCrashHandler.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
(Microsoft) C:\Program Files\OSD\OSD_Main.exe
(Piriform Ltd) C:\Users\user.PC-de-user\Desktop\CCleaner\CCleaner.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ink\InputPersonalization.exe
(Microsoft Corporation) C:\Program Files\Windows Media Player\wmpnscfg.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\conime.exe
(Farbar) C:\Users\user.PC-de-user\Desktop\FRST (2).exe
==================== Registre (Avec liste blanche) ===========================
(Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé. Le fichier ne sera pas déplacé.)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe [12205784 2015-05-15] (Realtek Semiconductor)
Winlogon\Notify\AWinNotifyVitaKey AC5031: C:\Program Files\VitaKey\AC5031\WinNotify.dll [2012-06-17] (Arachnoid Biometrics Identification Group Corp.)
HKLM\...D6A79037F57F\InprocServer32: [Default-fastprox] <==== ATTENTION
HKU\S-1-5-21-394029494-1414032695-2043843957-1000\...\Run: [CCleaner Monitoring] => C:\Users\user.PC-de-user\Desktop\CCleaner\CCleaner.exe [6638296 2016-02-12] (Piriform Ltd)
Lsa: [Notification Packages] scecli C:\Program Files\VitaKey\AC5031\PwdFilter
ShellIconOverlayIdentifiers: [IconOvrly1] -> {A4EEBF66-92EB-4F2A-9F1E-2F6D14B30DA6} => C:\Program Files\VitaKey\AC5031\{IconOvrly.dll} Pas de fichier
GroupPolicy: Restriction - Chrome <======= ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Restriction <======= ATTENTION
==================== Internet (Avec liste blanche) ====================
(Si un élément est inclus dans le fichier fixlist.txt, s'il s'agit d'un élément du Registre, il sera supprimé ou restauré à la valeur par défaut.)
Tcpip\Parameters: [DhcpNameServer] 212.27.40.241 212.27.40.240
Tcpip\..\Interfaces\{4398D592-EEE6-49D6-B2FD-178483DB2165}: [DhcpNameServer] 192.168.1.254
Tcpip\..\Interfaces\{9EDB0D47-4E3B-493C-9154-69F09B3122C6}: [DhcpNameServer] 212.27.40.241 212.27.40.240
Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com
HKU\S-1-5-19\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://v9.com?type=hp&ts=1450613477&from=mych123&uid=st9160411asg_5tg0j6d6xxxx5tg0j6d6&z=2edbd0fceaf4da70c977cf9gez9w7e0m6e2efedtfb
HKU\S-1-5-19\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://v9.com?type=hp&ts=1450613477&from=mych123&uid=st9160411asg_5tg0j6d6xxxx5tg0j6d6&z=2edbd0fceaf4da70c977cf9gez9w7e0m6e2efedtfb
HKU\S-1-5-20\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://v9.com?type=hp&ts=1450613477&from=mych123&uid=st9160411asg_5tg0j6d6xxxx5tg0j6d6&z=2edbd0fceaf4da70c977cf9gez9w7e0m6e2efedtfb
HKU\S-1-5-20\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://v9.com?type=hp&ts=1450613477&from=mych123&uid=st9160411asg_5tg0j6d6xxxx5tg0j6d6&z=2edbd0fceaf4da70c977cf9gez9w7e0m6e2efedtfb
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\.DEFAULT -> {483830EE-A4CD-4b71-B0A3-3D82E62A6909} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-394029494-1414032695-2043843957-1000 -> {015DB5FA-EAFB-4592-A95B-F44D3EE87FA9} URL =
BHO: MSS+ Identifier -> {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} -> Pas de fichier
BHO: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2012-07-27] (Adobe Systems Incorporated)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\ssv.dll [2012-07-05] (Oracle Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jp2ssv.dll [2012-07-05] (Oracle Corporation)
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll [2012-10-02] (Skype Technologies S.A.)
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll [2014-05-02] (Skype Technologies)
FireFox:
========
FF ProfilePath: C:\Users\user.PC-de-user\AppData\Roaming\Mozilla\Firefox\Profiles\n8qosqgg.default
FF NewTab: hxxp://www.nicesearches.com/search.php?q=keyword&type=hp&ts=1458575883&from=mych123&uid=st9160411asg_5tg0j6d6xxxx5tg0j6d6&z=bd770818cf329682b126137g2z4w6b4w1m3qco8gcq
FF SearchEngineOrder.1: nice
FF SelectedSearchEngine: nice
FF Homepage: hxxp://www.nicesearches.com/search.php?q=keyword&type=hp&ts=1458575883&from=mych123&uid=st9160411asg_5tg0j6d6xxxx5tg0j6d6&z=bd770818cf329682b126137g2z4w6b4w1m3qco8gcq
FF NetworkProxy: "type", 4
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32_21_0_0_197.dll [2016-03-23] ()
FF Plugin: @adobe.com/ShockwavePlayer -> C:\Windows\system32\Adobe\Director\np32dsw_1165635.dll [2012-07-05] (Adobe Systems, Inc.)
FF Plugin: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files\Google\Picasa3\npPicasa3.dll [Pas de fichier]
FF Plugin: @java.com/DTPlugin,version=10.5.1 -> C:\Windows\system32\npDeployJava1.dll [2012-07-05] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.5.1 -> C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\plugin2\npjp2.dll [2012-07-05] (Oracle Corporation)
FF Plugin: @microsoft.com/WPF,version=3.5 -> c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll [2008-07-29] (Microsoft Corporation)
FF Plugin: @pandonetworks.com/PandoWebPlugin -> C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll [Pas de fichier]
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-03-31] (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-03-31] (Google Inc.)
FF Plugin: @videolan.org/vlc,version=2.0.1 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2012-03-17] (VideoLAN)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll [2012-07-27] (Adobe Systems Inc.)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll [2013-03-21] (Adobe Systems)
FF SearchPlugin: C:\Users\user.PC-de-user\AppData\Roaming\Mozilla\Firefox\Profiles\n8qosqgg.default\searchplugins\nice.xml [2016-03-06]
FF Extension: Adblock Plus - C:\Users\user.PC-de-user\AppData\Roaming\Mozilla\Firefox\Profiles\n8qosqgg.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2016-02-23]
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF Extension: Microsoft .NET Framework Assistant - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension [2012-07-22] [non signé]
FF HKLM\...\Firefox\Extensions: [ext@MediaViewV1alpha5146.net] - C:\Program Files\MediaViewV1\MediaViewV1alpha5146\ff => non trouvé(e)
Chrome:
=======
CHR DefaultSearchURL: Default -> hxxp://www.nicesearches.com/search.php?type=ds&ts=1459889123&from=58740405&uid=st9160411asg_5tg0j6d6xxxx5tg0j6d6&z=5c8ad5fe9e0003ed867605bgezbw6t2bab3t5z0m2c&q={searchTerms}
CHR DefaultSearchKeyword: Default -> nice
CHR Profile: C:\Users\user.PC-de-user\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Docs) - C:\Users\user.PC-de-user\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-12-18]
CHR Extension: (Google Drive) - C:\Users\user.PC-de-user\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-12-18]
CHR Extension: (YouTube) - C:\Users\user.PC-de-user\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-12-18]
CHR Extension: (Recherche Google) - C:\Users\user.PC-de-user\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-12-18]
CHR Extension: (Google Docs hors connexion) - C:\Users\user.PC-de-user\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-03-31]
CHR Extension: (Paiements via le Chrome Web Store) - C:\Users\user.PC-de-user\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-04-04]
CHR Extension: (Gmail) - C:\Users\user.PC-de-user\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-12-18]
CHR HKLM\...\Chrome\Extension: [edjpphmbkljkefpiocmdgioacdmocpbk] - C:\Program Files\MediaViewV1\MediaViewV1alpha5146\ch\MediaViewV1alpha5146.crx
==================== Services (Avec liste blanche) ========================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
R2 customsvc; C:\Program Files\OSD\Service1.exe [13312 2008-09-30] () [Fichier non signé]
S2 FFModules; C:\Program Files\ffgogogo Browser\bin\browserServer.exe [1522392 2016-03-29] ()
R2 MaConfigAgent; C:\Program Files\ma-config.com\MaConfigAgent.exe [2117760 2015-06-04] (CybelSoft)
R2 MsMpSvc; c:\Program Files\Microsoft Security Client\MsMpEng.exe [22216 2014-03-11] (Microsoft Corporation)
R3 NisSrv; c:\Program Files\Microsoft Security Client\NisSrv.exe [279776 2014-03-11] (Microsoft Corporation)
R2 PCToolsSSDMonitorSvc; C:\Program Files\Common Files\PC Tools\sMonitor\StartManSvc.exe [794272 2012-08-21] (PC Tools)
S3 Steam Client Service; C:\Program Files\Common Files\Steam\SteamService.exe [836176 2015-12-14] (Valve Corporation) [Fichier non signé]
S3 gusvc; "C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe" [X]
===================== Pilotes (Avec liste blanche) ==========================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
R0 AlfaFF; C:\Windows\System32\Drivers\AlfaFF.sys [42608 2012-06-17] (Alfa Corporation)
R3 AtiHDAudioService; C:\Windows\System32\drivers\AtihdLH3.sys [83984 2012-02-23] (Advanced Micro Devices)
R3 ATSWPDRV; C:\Windows\System32\DRIVERS\ATSwpDrv.sys [146688 2008-04-25] (AuthenTec, Inc.)
R0 JRAID; C:\Windows\System32\DRIVERS\jraid.sys [79448 2008-07-03] (JMicron Technology Corp.)
R3 LGBusEnum; C:\Windows\System32\drivers\LGBusEnum.sys [19720 2009-11-24] (Logitech Inc.)
S3 LGSHidFilt; C:\Windows\System32\DRIVERS\LGSHidFilt.Sys [42480 2013-01-17] (Logitech Inc.)
S3 LGSUsbFilt; C:\Windows\System32\DRIVERS\LGSUsbFilt.Sys [32496 2013-01-17] (Logitech Inc.)
S3 LGVirHid; C:\Windows\System32\drivers\LGVirHid.sys [14856 2009-11-24] (Logitech Inc.)
S3 ma-config_x86; C:\Program Files\ma-config.com\Drivers\ma-config_x86.sys [16160 2014-02-24] (CybelSoft)
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [231960 2014-01-25] (Microsoft Corporation)
R1 MpKsl218dbc55; c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{6E119519-75B2-4ADC-8D72-025DF42B6B53}\MpKsl218dbc55.sys [39168 2016-04-07] (Microsoft Corporation)
S1 MpKsl59e5380e; c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{6E119519-75B2-4ADC-8D72-025DF42B6B53}\MpKsl59e5380e.sys [39168 2016-04-06] () [Fichier non signé]
S3 Netaapl; C:\Windows\System32\DRIVERS\netaapl.sys [18432 2012-03-26] (Apple Inc.) [Fichier non signé]
R3 RTL8187Se; C:\Windows\System32\DRIVERS\RTL8187Se.sys [333312 2008-08-18] (Realtek Semiconductor Corporation )
R1 StarOpen; C:\Windows\system32\Drivers\StarOpen.sys [5632 2006-07-24] () [Fichier non signé]
R3 WinRing0_1_2_0; C:\Program Files\OSD\WinRing0.sys [14416 2008-07-26] (OpenLibSys.org)
S1 difojdzp; \??\C:\Windows\system32\drivers\difojdzp.sys [X]
S3 ESEADriver2; \??\C:\Users\user\AppData\Local\Temp\ESEADriver2.sys [X]
S3 IpInIp; system32\DRIVERS\ipinip.sys [X]
S3 NwlnkFlt; system32\DRIVERS\nwlnkflt.sys [X]
S3 NwlnkFwd; system32\DRIVERS\nwlnkfwd.sys [X]
S3 taphss6; system32\DRIVERS\taphss6.sys [X]
S3 USBAAPL; System32\Drivers\usbaapl.sys [X]
==================== NetSvcs (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
==================== Un mois - Créés - fichiers et dossiers ========
(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)
2016-04-07 21:10 - 2016-04-07 21:11 - 00014906 _____ C:\Users\user.PC-de-user\Desktop\FRST.txt
2016-04-07 21:09 - 2016-04-07 21:13 - 01725440 _____ (Farbar) C:\Users\user.PC-de-user\Desktop\FRST (2).exe
2016-04-07 21:09 - 2016-04-07 21:10 - 00000000 ___DC C:\FRST
2016-04-07 20:58 - 2016-04-07 20:58 - 00019022 _____ C:\Users\user.PC-de-user\Desktop\MTB.txt
2016-04-07 20:57 - 2016-04-07 20:59 - 00891392 _____ (Farbar) C:\Users\user.PC-de-user\Desktop\MiniToolBox.exe
2016-04-07 20:31 - 2016-04-07 20:31 - 00000325 _____ C:\Users\user.PC-de-user\Desktop\netadapter-log-2016-04-07-20-31-33.txt
2016-04-07 20:08 - 2016-04-07 20:10 - 00000937 _____ C:\Users\user.PC-de-user\Desktop\netadapter-log-2016-04-07-20-08-56.txt
2016-04-07 20:08 - 2016-04-07 20:09 - 02091520 _____ (Conner Bernhard) C:\Users\user.PC-de-user\Desktop\NetAdapterRepair1.2.exe
2016-04-07 20:08 - 2016-04-07 20:08 - 00061504 _____ C:\Users\user.PC-de-user\AppData\Local\GDIPFONTCACHEV1.DAT
2016-04-07 20:08 - 2016-04-07 20:08 - 00000325 _____ C:\Users\user.PC-de-user\Desktop\netadapter-log-2016-04-07-20-08-42.txt
2016-04-07 17:30 - 2016-04-07 17:30 - 00010894 _____ C:\ProgramData\1460043005.bdinstall.bin
2016-04-07 17:29 - 2016-04-07 17:29 - 00010894 _____ C:\ProgramData\1460042984.bdinstall.bin
2016-04-07 17:28 - 2016-04-07 17:29 - 00000000 ____D C:\Users\user.PC-de-user\Desktop\Bitdefender Agent
2016-04-07 17:21 - 2016-04-07 17:24 - 03637432 _____ C:\Windows\system32\FNTCACHE.DAT
2016-04-07 17:17 - 2016-04-07 17:19 - 00000000 ___DC C:\AdwCleaner
2016-04-07 17:15 - 2016-04-07 17:17 - 00000000 ____D C:\Users\user.PC-de-user\Desktop\AdwCleaner
2016-04-07 17:14 - 2016-04-07 17:19 - 00000000 ___DC C:\3590F75ABA9E485486C100C1A9D4FF06Z.ZZZZZ..Z.ZZZ.Z
2016-04-07 16:58 - 2016-04-07 16:58 - 00013912 _____ C:\Users\user.PC-de-user\Desktop\report.dat
2016-04-07 16:57 - 2014-07-02 02:35 - 00729920 _____ (Reason Software Company Inc.) C:\Users\user.PC-de-user\Desktop\ShouldIRemoveIt.exe
2016-04-06 22:50 - 2016-04-06 22:50 - 343610244 _____ C:\Users\user.PC-de-user\Documents\savereg.reg
2016-04-06 22:35 - 2016-04-06 22:35 - 00001400 _____ C:\Users\user.PC-de-user\Desktop\SOFIANE-PC - Raccourci.lnk
2016-04-06 22:34 - 2016-04-06 22:42 - 00000000 ___DC C:\3590F75ABA9E485486C100C1A9D4FF06ZZ.Z.Z.Z.ZZ..ZZZ
2016-04-06 22:22 - 2016-04-06 22:22 - 00000000 ____D C:\Users\user.PC-de-user\Desktop\CCleaner
2016-04-06 22:12 - 2016-04-06 22:12 - 00010894 _____ C:\ProgramData\1459973523.bdinstall.bin
2016-04-06 22:11 - 2016-04-06 22:11 - 00010894 _____ C:\ProgramData\1459973509.bdinstall.bin
2016-04-06 22:11 - 2016-04-06 22:11 - 00010894 _____ C:\ProgramData\1459973493.bdinstall.bin
2016-04-05 23:11 - 2016-04-05 23:11 - 00005416 _____ C:\Users\user.PC-de-user\Downloads\ad61b0d32635d01a1d90ac00aaf4f518.jpeg
2016-04-05 23:11 - 2016-04-05 23:11 - 00005416 _____ C:\Users\user.PC-de-user\Downloads\ad61b0d32635d01a1d90ac00aaf4f518 (1).jpeg
2016-04-05 22:45 - 2016-04-07 20:14 - 00000888 _____ C:\Windows\Tasks\ffgogogoBrowserUpdateUA.job
2016-04-03 20:40 - 2016-04-03 20:40 - 00018374 _____ C:\Users\user.PC-de-user\Downloads\f1c2f4e5ec1eb20451caaf4502e96477.jpeg
2016-04-03 20:40 - 2016-04-03 20:40 - 00018374 _____ C:\Users\user.PC-de-user\Downloads\f1c2f4e5ec1eb20451caaf4502e96477 (1).jpeg
2016-04-03 20:40 - 2016-04-03 20:40 - 00018374 _____ C:\Users\user.PC-de-user\Desktop\f1c2f4e5ec1eb20451caaf4502e96477 (1).jpeg
2016-03-31 13:44 - 2016-04-06 13:58 - 00002011 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-03-31 13:41 - 2016-03-31 13:41 - 00000000 ____D C:\Users\user.PC-de-user\AppData\Roaming\WinRAR
2016-03-31 13:41 - 2016-03-29 22:05 - 00000000 ____D C:\Users\user.PC-de-user\Desktop\DAY6 - DAYDREAM [www.k2nblog.com]
2016-03-31 13:39 - 2016-03-31 13:40 - 52547719 _____ C:\Users\user.PC-de-user\Downloads\DAY6 - DAYDREAM [www.k2nblog.com].rar
2016-03-31 13:21 - 2016-03-31 13:21 - 00987728 _____ (Google Inc.) C:\Users\user.PC-de-user\Downloads\ChromeSetup.exe
2016-03-30 13:08 - 2016-04-05 22:41 - 00000874 _____ C:\Windows\Tasks\ffgogogoBrowserUpdateCore.job
2016-03-30 13:07 - 2016-04-07 21:07 - 00000874 _____ C:\Windows\Tasks\ffgogogoCheckTask.job
2016-03-30 13:03 - 2016-03-30 13:03 - 00000000 ____D C:\Users\user.PC-de-user\AppData\Local\ffgogogo
2016-03-30 13:01 - 2016-03-30 13:01 - 00000000 ____D C:\Users\user.PC-de-user\AppData\Roaming\ffgogogo
2016-03-30 12:59 - 2016-03-30 13:00 - 00000000 ____D C:\Users\Public\Documents\ffgogogo
2016-03-30 12:58 - 2016-03-30 12:59 - 00000000 ___DC C:\Program Files\ffgogogo Browser
2016-03-29 14:35 - 2016-03-29 19:35 - 00000000 ____D C:\Users\user.PC-de-user\Desktop\BTOB - Remember that (8th Mini Album) [www.k2nblog.com]
2016-03-27 23:57 - 2016-03-27 23:57 - 00000000 ____D C:\Users\user.PC-de-user\Desktop\Block B - A Few Years Later [www.k2nblog.com]
2016-03-25 19:53 - 2016-03-25 19:53 - 00000000 ____D C:\Users\user.PC-de-user\Desktop\Vasco - anti [www.k2nblog.com]
2016-03-23 22:22 - 2016-03-23 22:22 - 00000000 ____D C:\Users\user.PC-de-user\Desktop\DEAN - 130 mood TRBL [www.k2nblog.com]
2016-03-22 23:25 - 2016-04-05 23:19 - 00000000 ____D C:\Users\user.PC-de-user\Desktop\Anime Image
2016-03-17 00:21 - 2016-03-17 00:21 - 00347810 ____R C:\Users\user.PC-de-user\Desktop\convoc-167800975-6923-400773e2bb83547901965f3cf02db646.pdf
2016-03-16 13:48 - 2016-03-16 13:48 - 00000000 ___DC C:\Program Files\7-Zip
2016-03-16 13:48 - 2016-03-16 13:48 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\7-Zip
2016-03-16 13:47 - 2016-03-16 13:47 - 01093126 _____ (Igor Pavlov) C:\Users\user.PC-de-user\Desktop\7z1512.exe
2016-03-12 17:16 - 2016-03-12 17:16 - 00006263 _____ C:\Users\user.PC-de-user\Downloads\inscription-TSA.pdf
2016-03-08 16:22 - 2016-02-19 23:34 - 01208776 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2016-03-08 16:22 - 2016-02-06 04:17 - 03609024 _____ (Microsoft Corporation) C:\Windows\system32\ntkrnlpa.exe
2016-03-08 16:22 - 2016-02-06 04:17 - 03556800 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2016-03-08 16:22 - 2016-02-06 04:12 - 00783872 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2016-03-08 16:22 - 2016-02-06 04:11 - 00802304 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
2016-03-08 16:22 - 2016-02-06 04:11 - 00049664 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2016-03-08 16:22 - 2016-02-06 02:32 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2016-03-08 16:22 - 2015-11-20 16:15 - 00066400 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-private-l1-1-0.dll
2016-03-08 16:22 - 2015-11-20 16:15 - 00022368 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-math-l1-1-0.dll
2016-03-08 16:22 - 2015-11-20 16:15 - 00019808 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-multibyte-l1-1-0.dll
2016-03-08 16:22 - 2015-11-20 16:15 - 00017760 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-string-l1-1-0.dll
2016-03-08 16:22 - 2015-11-20 16:15 - 00017760 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-stdio-l1-1-0.dll
2016-03-08 16:22 - 2015-11-20 16:15 - 00016224 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-runtime-l1-1-0.dll
2016-03-08 16:22 - 2015-11-20 16:15 - 00015712 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-convert-l1-1-0.dll
2016-03-08 16:22 - 2015-11-20 16:15 - 00015200 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2016-03-08 16:22 - 2015-11-20 16:15 - 00014176 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-time-l1-1-0.dll
2016-03-08 16:22 - 2015-11-20 16:15 - 00014176 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-2-0.dll
2016-03-08 16:22 - 2015-11-20 16:15 - 00013664 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-filesystem-l1-1-0.dll
2016-03-08 16:22 - 2015-11-20 16:15 - 00013664 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2016-03-08 16:22 - 2015-11-20 16:15 - 00013664 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2016-03-08 16:22 - 2015-11-20 16:15 - 00012640 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-process-l1-1-0.dll
2016-03-08 16:22 - 2015-11-20 16:15 - 00012640 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-heap-l1-1-0.dll
2016-03-08 16:22 - 2015-11-20 16:15 - 00012640 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-conio-l1-1-0.dll
2016-03-08 16:22 - 2015-11-20 16:15 - 00012640 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2016-03-08 16:22 - 2015-11-20 16:15 - 00012640 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2016-03-08 16:22 - 2015-11-20 16:15 - 00012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-utility-l1-1-0.dll
2016-03-08 16:22 - 2015-11-20 16:15 - 00012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-locale-l1-1-0.dll
2016-03-08 16:22 - 2015-11-20 16:15 - 00012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-environment-l1-1-0.dll
2016-03-08 16:22 - 2015-11-20 16:15 - 00012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-2-0.dll
2016-03-08 16:22 - 2015-11-20 16:15 - 00012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-1.dll
2016-03-08 16:22 - 2015-11-20 16:15 - 00012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2016-03-08 16:22 - 2015-11-20 16:15 - 00012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2016-03-08 16:22 - 2015-11-20 16:15 - 00012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2016-03-08 16:22 - 2015-11-20 16:15 - 00012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2016-03-08 16:22 - 2015-11-20 16:15 - 00012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2016-03-08 16:22 - 2015-11-20 16:15 - 00011616 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l2-1-0.dll
2016-03-08 16:22 - 2015-11-20 16:15 - 00011616 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2016-03-08 16:22 - 2015-11-20 16:15 - 00011616 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-timezone-l1-1-0.dll
2016-03-08 16:22 - 2015-11-20 16:15 - 00011616 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2016-03-08 16:22 - 2015-11-20 16:15 - 00011616 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2016-03-08 16:22 - 2015-11-20 16:15 - 00011616 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2016-03-08 16:22 - 2015-11-20 16:15 - 00011616 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l2-1-0.dll
2016-03-08 16:22 - 2015-11-20 16:15 - 00011616 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-2-0.dll
2016-03-08 16:22 - 2015-11-20 16:15 - 00011616 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2016-03-08 16:22 - 2015-11-20 16:15 - 00011616 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2016-03-08 16:22 - 2015-11-20 16:15 - 00011616 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2016-03-08 16:22 - 2015-11-20 16:15 - 00011104 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2016-03-08 16:22 - 2015-11-20 16:15 - 00011104 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2016-03-08 16:21 - 2016-02-06 04:12 - 00019968 _____ (Microsoft Corporation) C:\Windows\system32\seclogon.dll
2016-03-08 16:21 - 2016-02-06 04:11 - 00034304 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2016-03-08 16:21 - 2016-02-06 02:33 - 00297472 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2016-03-08 16:21 - 2016-02-02 17:30 - 00071680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\USBSTOR.SYS
2016-03-08 16:21 - 2015-11-20 16:15 - 00922432 _____ (Microsoft Corporation) C:\Windows\system32\ucrtbase.dll
2016-03-08 16:20 - 2016-02-03 19:06 - 00564736 _____ (Microsoft Corporation) C:\Windows\system32\oleaut32.dll
2016-03-08 16:20 - 2016-02-03 19:06 - 00089600 _____ (Microsoft Corporation) C:\Windows\system32\olepro32.dll
2016-03-08 16:20 - 2016-02-03 19:05 - 00067072 _____ (Microsoft Corporation) C:\Windows\system32\asycfilt.dll
2016-03-08 16:03 - 2016-02-04 17:25 - 02068992 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
==================== Un mois - Modifiés - fichiers et dossiers ========
(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)
2016-04-07 21:03 - 2012-10-21 14:09 - 00001002 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2016-04-07 20:30 - 2014-07-14 00:54 - 00001052 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2016-04-07 20:13 - 2014-07-14 00:54 - 00001048 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2016-04-07 20:12 - 2006-11-02 15:01 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2016-04-07 20:12 - 2006-11-02 14:47 - 00004240 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
2016-04-07 20:12 - 2006-11-02 14:47 - 00004240 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
2016-04-07 20:10 - 2012-06-17 20:38 - 00000012 _____ C:\Windows\bthservsdp.dat
2016-04-07 20:10 - 2006-11-02 15:01 - 00032492 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2016-04-07 20:09 - 2006-11-02 13:18 - 00000000 ____D C:\Windows\inf
2016-04-07 17:23 - 2012-07-25 19:00 - 00000000 ____D C:\Program Files\Google
2016-04-07 17:14 - 2012-07-25 19:00 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Picasa 3
2016-04-07 14:40 - 2015-12-18 18:03 - 00000000 ____D C:\Users\user.PC-de-user\AppData\Local\Adobe
2016-04-06 22:34 - 2016-01-26 02:59 - 00000000 ____D C:\Users\user.PC-de-user\AppData\Local\CrashDumps
2016-04-06 22:34 - 2015-12-26 00:47 - 00000000 ____D C:\Users\user.PC-de-user\AppData\Roaming\TS3Client
2016-04-06 22:34 - 2015-12-21 04:30 - 00000000 ____D C:\Users\user.PC-de-user\AppData\Roaming\uTorrent
2016-04-06 22:34 - 2012-07-21 18:39 - 00000000 ____D C:\Program Files\Steam
2016-04-06 22:08 - 2009-04-11 18:25 - 01614892 _____ C:\Windows\system32\PerfStringBackup.INI
2016-04-06 22:08 - 2009-04-11 18:24 - 00722218 _____ C:\Windows\system32\perfh00C.dat
2016-04-06 22:08 - 2009-04-11 18:24 - 00146048 _____ C:\Windows\system32\perfc00C.dat
2016-04-06 21:47 - 2015-12-19 02:09 - 00000000 ____D C:\Users\user.PC-de-user\AppData\Roaming\Skype
2016-04-06 19:14 - 2014-09-05 16:25 - 00001969 _____ C:\Users\Invité\Desktop\Google Chrome.lnk
2016-04-06 17:45 - 2016-02-21 12:49 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinZip
2016-04-06 16:09 - 2012-06-17 21:59 - 00319456 _____ (Microsoft Corporation) C:\Windows\DIFxAPI.dll
2016-03-31 19:33 - 2015-12-21 04:31 - 00000000 ____D C:\Users\user.PC-de-user\AppData\LocalLow\uTorrent
2016-03-31 14:12 - 2015-12-18 17:54 - 00000000 ____D C:\Users\user.PC-de-user\AppData\Local\Google
2016-03-30 22:46 - 2015-12-19 18:34 - 00000000 ____D C:\Users\user.PC-de-user\AppData\Roaming\vlc
2016-03-30 13:10 - 2016-02-17 01:31 - 00001704 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2016-03-30 13:06 - 2016-02-17 01:31 - 00001692 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk
2016-03-25 14:44 - 2015-05-06 19:55 - 00000000 ____D C:\ProgramData\boost_interprocess
2016-03-23 21:03 - 2012-10-21 14:09 - 00797376 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
2016-03-23 21:03 - 2012-10-21 14:09 - 00142528 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl
2016-03-08 16:50 - 2006-11-02 13:18 - 00000000 ____D C:\Windows\rescache
2016-03-08 16:27 - 2006-11-02 14:37 - 00000000 ____D C:\Windows\system32\XPSViewer
2016-03-08 16:27 - 2006-11-02 13:18 - 00000000 ____D C:\Program Files\Common Files\System
2016-03-08 16:17 - 2013-07-21 03:00 - 00000000 ____D C:\Windows\system32\MRT
2016-03-08 16:06 - 2006-11-02 12:24 - 141270216 _____ (Microsoft Corporation) C:\Windows\system32\mrt.exe
==================== Fichiers à la racine de certains dossiers =======
2016-04-06 22:11 - 2016-04-06 22:11 - 0010894 _____ () C:\ProgramData\1459973493.bdinstall.bin
2016-04-06 22:11 - 2016-04-06 22:11 - 0010894 _____ () C:\ProgramData\1459973509.bdinstall.bin
2016-04-06 22:12 - 2016-04-06 22:12 - 0010894 _____ () C:\ProgramData\1459973523.bdinstall.bin
2016-04-07 17:29 - 2016-04-07 17:29 - 0010894 _____ () C:\ProgramData\1460042984.bdinstall.bin
2016-04-07 17:30 - 2016-04-07 17:30 - 0010894 _____ () C:\ProgramData\1460043005.bdinstall.bin
2015-06-09 15:13 - 2015-06-09 15:13 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
2014-01-22 21:07 - 2014-01-22 21:11 - 0000000 _____ () C:\ProgramData\LauncherAccess.dt
ZeroAccess:
C:\$Recycle.Bin\S-1-5-21-394029494-1414032695-2043843957-1000\$9aa91e1f6278c028ddd364d6d49cadcb
ZeroAccess:
C:\$Recycle.Bin\S-1-5-18\$9aa91e1f6278c028ddd364d6d49cadcb
Certains fichiers dans TEMP:
====================
C:\Users\Invité\AppData\Local\Temp\i4jdel0.exe
C:\Users\user.PC-de-user\AppData\Local\Temp\Quarantine.exe
C:\Users\user.PC-de-user\AppData\Local\Temp\sqlite3.dll
==================== Bamital & volsnap =================
(Il n'y a pas de correction automatique pour les fichiers qui ne satisfont pas à la vérification.)
C:\Windows\explorer.exe => Le fichier est signé numériquement
C:\Windows\system32\winlogon.exe => Le fichier est signé numériquement
C:\Windows\system32\wininit.exe => Le fichier est signé numériquement
C:\Windows\system32\svchost.exe => Le fichier est signé numériquement
C:\Windows\system32\services.exe => Le fichier est signé numériquement
C:\Windows\system32\User32.dll => Le fichier est signé numériquement
C:\Windows\system32\userinit.exe => Le fichier est signé numériquement
C:\Windows\system32\rpcss.dll => Le fichier est signé numériquement
C:\Windows\system32\dnsapi.dll => Le fichier est signé numériquement
C:\Windows\system32\Drivers\volsnap.sys => Le fichier est signé numériquement
LastRegBack: 2016-04-07 20:19
==================== Fin de FRST.txt ============================
Exécuté par user (administrateur) sur PC-DE-USER (07-04-2016 21:10:47)
Exécuté depuis C:\Users\user.PC-de-user\Desktop
Profils chargés: user (Profils disponibles: user & Invité)
Platform: Microsoft® Windows Vista™ Édition Familiale Premium Service Pack 2 (X86) Langue: Français (France)
Internet Explorer Version 9 (Navigateur par défaut: Chrome)
Mode d'amorçage: Normal
Tutoriel pour Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processus (Avec liste blanche) =================
(Si un élément est inclus dans le fichier fixlist.txt, le processus sera arrêté. Le fichier ne sera pas déplacé.)
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
(AMD) C:\Windows\System32\atiesrxx.exe
(Microsoft Corporation) C:\Windows\System32\SLsvc.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Arachnoid Biometrics Identification Group Corp.) C:\Program Files\VitaKey\AC5031\CompPtcVUI.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
() C:\Program Files\OSD\Service1.exe
(CybelSoft) C:\Program Files\ma-config.com\MaConfigAgent.exe
(PC Tools) C:\Program Files\Common Files\PC Tools\sMonitor\StartManSvc.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\NisSrv.exe
(Google Inc.) C:\Program Files\Google\Update\1.3.29.5\GoogleCrashHandler.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
(Microsoft) C:\Program Files\OSD\OSD_Main.exe
(Piriform Ltd) C:\Users\user.PC-de-user\Desktop\CCleaner\CCleaner.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ink\InputPersonalization.exe
(Microsoft Corporation) C:\Program Files\Windows Media Player\wmpnscfg.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\conime.exe
(Farbar) C:\Users\user.PC-de-user\Desktop\FRST (2).exe
==================== Registre (Avec liste blanche) ===========================
(Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé. Le fichier ne sera pas déplacé.)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe [12205784 2015-05-15] (Realtek Semiconductor)
Winlogon\Notify\AWinNotifyVitaKey AC5031: C:\Program Files\VitaKey\AC5031\WinNotify.dll [2012-06-17] (Arachnoid Biometrics Identification Group Corp.)
HKLM\...D6A79037F57F\InprocServer32: [Default-fastprox] <==== ATTENTION
HKU\S-1-5-21-394029494-1414032695-2043843957-1000\...\Run: [CCleaner Monitoring] => C:\Users\user.PC-de-user\Desktop\CCleaner\CCleaner.exe [6638296 2016-02-12] (Piriform Ltd)
Lsa: [Notification Packages] scecli C:\Program Files\VitaKey\AC5031\PwdFilter
ShellIconOverlayIdentifiers: [IconOvrly1] -> {A4EEBF66-92EB-4F2A-9F1E-2F6D14B30DA6} => C:\Program Files\VitaKey\AC5031\{IconOvrly.dll} Pas de fichier
GroupPolicy: Restriction - Chrome <======= ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Restriction <======= ATTENTION
==================== Internet (Avec liste blanche) ====================
(Si un élément est inclus dans le fichier fixlist.txt, s'il s'agit d'un élément du Registre, il sera supprimé ou restauré à la valeur par défaut.)
Tcpip\Parameters: [DhcpNameServer] 212.27.40.241 212.27.40.240
Tcpip\..\Interfaces\{4398D592-EEE6-49D6-B2FD-178483DB2165}: [DhcpNameServer] 192.168.1.254
Tcpip\..\Interfaces\{9EDB0D47-4E3B-493C-9154-69F09B3122C6}: [DhcpNameServer] 212.27.40.241 212.27.40.240
Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com
HKU\S-1-5-19\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://v9.com?type=hp&ts=1450613477&from=mych123&uid=st9160411asg_5tg0j6d6xxxx5tg0j6d6&z=2edbd0fceaf4da70c977cf9gez9w7e0m6e2efedtfb
HKU\S-1-5-19\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://v9.com?type=hp&ts=1450613477&from=mych123&uid=st9160411asg_5tg0j6d6xxxx5tg0j6d6&z=2edbd0fceaf4da70c977cf9gez9w7e0m6e2efedtfb
HKU\S-1-5-20\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://v9.com?type=hp&ts=1450613477&from=mych123&uid=st9160411asg_5tg0j6d6xxxx5tg0j6d6&z=2edbd0fceaf4da70c977cf9gez9w7e0m6e2efedtfb
HKU\S-1-5-20\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://v9.com?type=hp&ts=1450613477&from=mych123&uid=st9160411asg_5tg0j6d6xxxx5tg0j6d6&z=2edbd0fceaf4da70c977cf9gez9w7e0m6e2efedtfb
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\.DEFAULT -> {483830EE-A4CD-4b71-B0A3-3D82E62A6909} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-394029494-1414032695-2043843957-1000 -> {015DB5FA-EAFB-4592-A95B-F44D3EE87FA9} URL =
BHO: MSS+ Identifier -> {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} -> Pas de fichier
BHO: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2012-07-27] (Adobe Systems Incorporated)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\ssv.dll [2012-07-05] (Oracle Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jp2ssv.dll [2012-07-05] (Oracle Corporation)
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll [2012-10-02] (Skype Technologies S.A.)
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll [2014-05-02] (Skype Technologies)
FireFox:
========
FF ProfilePath: C:\Users\user.PC-de-user\AppData\Roaming\Mozilla\Firefox\Profiles\n8qosqgg.default
FF NewTab: hxxp://www.nicesearches.com/search.php?q=keyword&type=hp&ts=1458575883&from=mych123&uid=st9160411asg_5tg0j6d6xxxx5tg0j6d6&z=bd770818cf329682b126137g2z4w6b4w1m3qco8gcq
FF SearchEngineOrder.1: nice
FF SelectedSearchEngine: nice
FF Homepage: hxxp://www.nicesearches.com/search.php?q=keyword&type=hp&ts=1458575883&from=mych123&uid=st9160411asg_5tg0j6d6xxxx5tg0j6d6&z=bd770818cf329682b126137g2z4w6b4w1m3qco8gcq
FF NetworkProxy: "type", 4
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32_21_0_0_197.dll [2016-03-23] ()
FF Plugin: @adobe.com/ShockwavePlayer -> C:\Windows\system32\Adobe\Director\np32dsw_1165635.dll [2012-07-05] (Adobe Systems, Inc.)
FF Plugin: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files\Google\Picasa3\npPicasa3.dll [Pas de fichier]
FF Plugin: @java.com/DTPlugin,version=10.5.1 -> C:\Windows\system32\npDeployJava1.dll [2012-07-05] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.5.1 -> C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\plugin2\npjp2.dll [2012-07-05] (Oracle Corporation)
FF Plugin: @microsoft.com/WPF,version=3.5 -> c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll [2008-07-29] (Microsoft Corporation)
FF Plugin: @pandonetworks.com/PandoWebPlugin -> C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll [Pas de fichier]
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-03-31] (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-03-31] (Google Inc.)
FF Plugin: @videolan.org/vlc,version=2.0.1 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2012-03-17] (VideoLAN)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll [2012-07-27] (Adobe Systems Inc.)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll [2013-03-21] (Adobe Systems)
FF SearchPlugin: C:\Users\user.PC-de-user\AppData\Roaming\Mozilla\Firefox\Profiles\n8qosqgg.default\searchplugins\nice.xml [2016-03-06]
FF Extension: Adblock Plus - C:\Users\user.PC-de-user\AppData\Roaming\Mozilla\Firefox\Profiles\n8qosqgg.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2016-02-23]
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF Extension: Microsoft .NET Framework Assistant - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension [2012-07-22] [non signé]
FF HKLM\...\Firefox\Extensions: [ext@MediaViewV1alpha5146.net] - C:\Program Files\MediaViewV1\MediaViewV1alpha5146\ff => non trouvé(e)
Chrome:
=======
CHR DefaultSearchURL: Default -> hxxp://www.nicesearches.com/search.php?type=ds&ts=1459889123&from=58740405&uid=st9160411asg_5tg0j6d6xxxx5tg0j6d6&z=5c8ad5fe9e0003ed867605bgezbw6t2bab3t5z0m2c&q={searchTerms}
CHR DefaultSearchKeyword: Default -> nice
CHR Profile: C:\Users\user.PC-de-user\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Docs) - C:\Users\user.PC-de-user\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-12-18]
CHR Extension: (Google Drive) - C:\Users\user.PC-de-user\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-12-18]
CHR Extension: (YouTube) - C:\Users\user.PC-de-user\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-12-18]
CHR Extension: (Recherche Google) - C:\Users\user.PC-de-user\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-12-18]
CHR Extension: (Google Docs hors connexion) - C:\Users\user.PC-de-user\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-03-31]
CHR Extension: (Paiements via le Chrome Web Store) - C:\Users\user.PC-de-user\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-04-04]
CHR Extension: (Gmail) - C:\Users\user.PC-de-user\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-12-18]
CHR HKLM\...\Chrome\Extension: [edjpphmbkljkefpiocmdgioacdmocpbk] - C:\Program Files\MediaViewV1\MediaViewV1alpha5146\ch\MediaViewV1alpha5146.crx
==================== Services (Avec liste blanche) ========================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
R2 customsvc; C:\Program Files\OSD\Service1.exe [13312 2008-09-30] () [Fichier non signé]
S2 FFModules; C:\Program Files\ffgogogo Browser\bin\browserServer.exe [1522392 2016-03-29] ()
R2 MaConfigAgent; C:\Program Files\ma-config.com\MaConfigAgent.exe [2117760 2015-06-04] (CybelSoft)
R2 MsMpSvc; c:\Program Files\Microsoft Security Client\MsMpEng.exe [22216 2014-03-11] (Microsoft Corporation)
R3 NisSrv; c:\Program Files\Microsoft Security Client\NisSrv.exe [279776 2014-03-11] (Microsoft Corporation)
R2 PCToolsSSDMonitorSvc; C:\Program Files\Common Files\PC Tools\sMonitor\StartManSvc.exe [794272 2012-08-21] (PC Tools)
S3 Steam Client Service; C:\Program Files\Common Files\Steam\SteamService.exe [836176 2015-12-14] (Valve Corporation) [Fichier non signé]
S3 gusvc; "C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe" [X]
===================== Pilotes (Avec liste blanche) ==========================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
R0 AlfaFF; C:\Windows\System32\Drivers\AlfaFF.sys [42608 2012-06-17] (Alfa Corporation)
R3 AtiHDAudioService; C:\Windows\System32\drivers\AtihdLH3.sys [83984 2012-02-23] (Advanced Micro Devices)
R3 ATSWPDRV; C:\Windows\System32\DRIVERS\ATSwpDrv.sys [146688 2008-04-25] (AuthenTec, Inc.)
R0 JRAID; C:\Windows\System32\DRIVERS\jraid.sys [79448 2008-07-03] (JMicron Technology Corp.)
R3 LGBusEnum; C:\Windows\System32\drivers\LGBusEnum.sys [19720 2009-11-24] (Logitech Inc.)
S3 LGSHidFilt; C:\Windows\System32\DRIVERS\LGSHidFilt.Sys [42480 2013-01-17] (Logitech Inc.)
S3 LGSUsbFilt; C:\Windows\System32\DRIVERS\LGSUsbFilt.Sys [32496 2013-01-17] (Logitech Inc.)
S3 LGVirHid; C:\Windows\System32\drivers\LGVirHid.sys [14856 2009-11-24] (Logitech Inc.)
S3 ma-config_x86; C:\Program Files\ma-config.com\Drivers\ma-config_x86.sys [16160 2014-02-24] (CybelSoft)
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [231960 2014-01-25] (Microsoft Corporation)
R1 MpKsl218dbc55; c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{6E119519-75B2-4ADC-8D72-025DF42B6B53}\MpKsl218dbc55.sys [39168 2016-04-07] (Microsoft Corporation)
S1 MpKsl59e5380e; c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{6E119519-75B2-4ADC-8D72-025DF42B6B53}\MpKsl59e5380e.sys [39168 2016-04-06] () [Fichier non signé]
S3 Netaapl; C:\Windows\System32\DRIVERS\netaapl.sys [18432 2012-03-26] (Apple Inc.) [Fichier non signé]
R3 RTL8187Se; C:\Windows\System32\DRIVERS\RTL8187Se.sys [333312 2008-08-18] (Realtek Semiconductor Corporation )
R1 StarOpen; C:\Windows\system32\Drivers\StarOpen.sys [5632 2006-07-24] () [Fichier non signé]
R3 WinRing0_1_2_0; C:\Program Files\OSD\WinRing0.sys [14416 2008-07-26] (OpenLibSys.org)
S1 difojdzp; \??\C:\Windows\system32\drivers\difojdzp.sys [X]
S3 ESEADriver2; \??\C:\Users\user\AppData\Local\Temp\ESEADriver2.sys [X]
S3 IpInIp; system32\DRIVERS\ipinip.sys [X]
S3 NwlnkFlt; system32\DRIVERS\nwlnkflt.sys [X]
S3 NwlnkFwd; system32\DRIVERS\nwlnkfwd.sys [X]
S3 taphss6; system32\DRIVERS\taphss6.sys [X]
S3 USBAAPL; System32\Drivers\usbaapl.sys [X]
==================== NetSvcs (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
==================== Un mois - Créés - fichiers et dossiers ========
(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)
2016-04-07 21:10 - 2016-04-07 21:11 - 00014906 _____ C:\Users\user.PC-de-user\Desktop\FRST.txt
2016-04-07 21:09 - 2016-04-07 21:13 - 01725440 _____ (Farbar) C:\Users\user.PC-de-user\Desktop\FRST (2).exe
2016-04-07 21:09 - 2016-04-07 21:10 - 00000000 ___DC C:\FRST
2016-04-07 20:58 - 2016-04-07 20:58 - 00019022 _____ C:\Users\user.PC-de-user\Desktop\MTB.txt
2016-04-07 20:57 - 2016-04-07 20:59 - 00891392 _____ (Farbar) C:\Users\user.PC-de-user\Desktop\MiniToolBox.exe
2016-04-07 20:31 - 2016-04-07 20:31 - 00000325 _____ C:\Users\user.PC-de-user\Desktop\netadapter-log-2016-04-07-20-31-33.txt
2016-04-07 20:08 - 2016-04-07 20:10 - 00000937 _____ C:\Users\user.PC-de-user\Desktop\netadapter-log-2016-04-07-20-08-56.txt
2016-04-07 20:08 - 2016-04-07 20:09 - 02091520 _____ (Conner Bernhard) C:\Users\user.PC-de-user\Desktop\NetAdapterRepair1.2.exe
2016-04-07 20:08 - 2016-04-07 20:08 - 00061504 _____ C:\Users\user.PC-de-user\AppData\Local\GDIPFONTCACHEV1.DAT
2016-04-07 20:08 - 2016-04-07 20:08 - 00000325 _____ C:\Users\user.PC-de-user\Desktop\netadapter-log-2016-04-07-20-08-42.txt
2016-04-07 17:30 - 2016-04-07 17:30 - 00010894 _____ C:\ProgramData\1460043005.bdinstall.bin
2016-04-07 17:29 - 2016-04-07 17:29 - 00010894 _____ C:\ProgramData\1460042984.bdinstall.bin
2016-04-07 17:28 - 2016-04-07 17:29 - 00000000 ____D C:\Users\user.PC-de-user\Desktop\Bitdefender Agent
2016-04-07 17:21 - 2016-04-07 17:24 - 03637432 _____ C:\Windows\system32\FNTCACHE.DAT
2016-04-07 17:17 - 2016-04-07 17:19 - 00000000 ___DC C:\AdwCleaner
2016-04-07 17:15 - 2016-04-07 17:17 - 00000000 ____D C:\Users\user.PC-de-user\Desktop\AdwCleaner
2016-04-07 17:14 - 2016-04-07 17:19 - 00000000 ___DC C:\3590F75ABA9E485486C100C1A9D4FF06Z.ZZZZZ..Z.ZZZ.Z
2016-04-07 16:58 - 2016-04-07 16:58 - 00013912 _____ C:\Users\user.PC-de-user\Desktop\report.dat
2016-04-07 16:57 - 2014-07-02 02:35 - 00729920 _____ (Reason Software Company Inc.) C:\Users\user.PC-de-user\Desktop\ShouldIRemoveIt.exe
2016-04-06 22:50 - 2016-04-06 22:50 - 343610244 _____ C:\Users\user.PC-de-user\Documents\savereg.reg
2016-04-06 22:35 - 2016-04-06 22:35 - 00001400 _____ C:\Users\user.PC-de-user\Desktop\SOFIANE-PC - Raccourci.lnk
2016-04-06 22:34 - 2016-04-06 22:42 - 00000000 ___DC C:\3590F75ABA9E485486C100C1A9D4FF06ZZ.Z.Z.Z.ZZ..ZZZ
2016-04-06 22:22 - 2016-04-06 22:22 - 00000000 ____D C:\Users\user.PC-de-user\Desktop\CCleaner
2016-04-06 22:12 - 2016-04-06 22:12 - 00010894 _____ C:\ProgramData\1459973523.bdinstall.bin
2016-04-06 22:11 - 2016-04-06 22:11 - 00010894 _____ C:\ProgramData\1459973509.bdinstall.bin
2016-04-06 22:11 - 2016-04-06 22:11 - 00010894 _____ C:\ProgramData\1459973493.bdinstall.bin
2016-04-05 23:11 - 2016-04-05 23:11 - 00005416 _____ C:\Users\user.PC-de-user\Downloads\ad61b0d32635d01a1d90ac00aaf4f518.jpeg
2016-04-05 23:11 - 2016-04-05 23:11 - 00005416 _____ C:\Users\user.PC-de-user\Downloads\ad61b0d32635d01a1d90ac00aaf4f518 (1).jpeg
2016-04-05 22:45 - 2016-04-07 20:14 - 00000888 _____ C:\Windows\Tasks\ffgogogoBrowserUpdateUA.job
2016-04-03 20:40 - 2016-04-03 20:40 - 00018374 _____ C:\Users\user.PC-de-user\Downloads\f1c2f4e5ec1eb20451caaf4502e96477.jpeg
2016-04-03 20:40 - 2016-04-03 20:40 - 00018374 _____ C:\Users\user.PC-de-user\Downloads\f1c2f4e5ec1eb20451caaf4502e96477 (1).jpeg
2016-04-03 20:40 - 2016-04-03 20:40 - 00018374 _____ C:\Users\user.PC-de-user\Desktop\f1c2f4e5ec1eb20451caaf4502e96477 (1).jpeg
2016-03-31 13:44 - 2016-04-06 13:58 - 00002011 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-03-31 13:41 - 2016-03-31 13:41 - 00000000 ____D C:\Users\user.PC-de-user\AppData\Roaming\WinRAR
2016-03-31 13:41 - 2016-03-29 22:05 - 00000000 ____D C:\Users\user.PC-de-user\Desktop\DAY6 - DAYDREAM [www.k2nblog.com]
2016-03-31 13:39 - 2016-03-31 13:40 - 52547719 _____ C:\Users\user.PC-de-user\Downloads\DAY6 - DAYDREAM [www.k2nblog.com].rar
2016-03-31 13:21 - 2016-03-31 13:21 - 00987728 _____ (Google Inc.) C:\Users\user.PC-de-user\Downloads\ChromeSetup.exe
2016-03-30 13:08 - 2016-04-05 22:41 - 00000874 _____ C:\Windows\Tasks\ffgogogoBrowserUpdateCore.job
2016-03-30 13:07 - 2016-04-07 21:07 - 00000874 _____ C:\Windows\Tasks\ffgogogoCheckTask.job
2016-03-30 13:03 - 2016-03-30 13:03 - 00000000 ____D C:\Users\user.PC-de-user\AppData\Local\ffgogogo
2016-03-30 13:01 - 2016-03-30 13:01 - 00000000 ____D C:\Users\user.PC-de-user\AppData\Roaming\ffgogogo
2016-03-30 12:59 - 2016-03-30 13:00 - 00000000 ____D C:\Users\Public\Documents\ffgogogo
2016-03-30 12:58 - 2016-03-30 12:59 - 00000000 ___DC C:\Program Files\ffgogogo Browser
2016-03-29 14:35 - 2016-03-29 19:35 - 00000000 ____D C:\Users\user.PC-de-user\Desktop\BTOB - Remember that (8th Mini Album) [www.k2nblog.com]
2016-03-27 23:57 - 2016-03-27 23:57 - 00000000 ____D C:\Users\user.PC-de-user\Desktop\Block B - A Few Years Later [www.k2nblog.com]
2016-03-25 19:53 - 2016-03-25 19:53 - 00000000 ____D C:\Users\user.PC-de-user\Desktop\Vasco - anti [www.k2nblog.com]
2016-03-23 22:22 - 2016-03-23 22:22 - 00000000 ____D C:\Users\user.PC-de-user\Desktop\DEAN - 130 mood TRBL [www.k2nblog.com]
2016-03-22 23:25 - 2016-04-05 23:19 - 00000000 ____D C:\Users\user.PC-de-user\Desktop\Anime Image
2016-03-17 00:21 - 2016-03-17 00:21 - 00347810 ____R C:\Users\user.PC-de-user\Desktop\convoc-167800975-6923-400773e2bb83547901965f3cf02db646.pdf
2016-03-16 13:48 - 2016-03-16 13:48 - 00000000 ___DC C:\Program Files\7-Zip
2016-03-16 13:48 - 2016-03-16 13:48 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\7-Zip
2016-03-16 13:47 - 2016-03-16 13:47 - 01093126 _____ (Igor Pavlov) C:\Users\user.PC-de-user\Desktop\7z1512.exe
2016-03-12 17:16 - 2016-03-12 17:16 - 00006263 _____ C:\Users\user.PC-de-user\Downloads\inscription-TSA.pdf
2016-03-08 16:22 - 2016-02-19 23:34 - 01208776 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2016-03-08 16:22 - 2016-02-06 04:17 - 03609024 _____ (Microsoft Corporation) C:\Windows\system32\ntkrnlpa.exe
2016-03-08 16:22 - 2016-02-06 04:17 - 03556800 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2016-03-08 16:22 - 2016-02-06 04:12 - 00783872 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2016-03-08 16:22 - 2016-02-06 04:11 - 00802304 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
2016-03-08 16:22 - 2016-02-06 04:11 - 00049664 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2016-03-08 16:22 - 2016-02-06 02:32 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2016-03-08 16:22 - 2015-11-20 16:15 - 00066400 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-private-l1-1-0.dll
2016-03-08 16:22 - 2015-11-20 16:15 - 00022368 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-math-l1-1-0.dll
2016-03-08 16:22 - 2015-11-20 16:15 - 00019808 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-multibyte-l1-1-0.dll
2016-03-08 16:22 - 2015-11-20 16:15 - 00017760 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-string-l1-1-0.dll
2016-03-08 16:22 - 2015-11-20 16:15 - 00017760 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-stdio-l1-1-0.dll
2016-03-08 16:22 - 2015-11-20 16:15 - 00016224 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-runtime-l1-1-0.dll
2016-03-08 16:22 - 2015-11-20 16:15 - 00015712 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-convert-l1-1-0.dll
2016-03-08 16:22 - 2015-11-20 16:15 - 00015200 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2016-03-08 16:22 - 2015-11-20 16:15 - 00014176 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-time-l1-1-0.dll
2016-03-08 16:22 - 2015-11-20 16:15 - 00014176 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-2-0.dll
2016-03-08 16:22 - 2015-11-20 16:15 - 00013664 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-filesystem-l1-1-0.dll
2016-03-08 16:22 - 2015-11-20 16:15 - 00013664 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2016-03-08 16:22 - 2015-11-20 16:15 - 00013664 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2016-03-08 16:22 - 2015-11-20 16:15 - 00012640 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-process-l1-1-0.dll
2016-03-08 16:22 - 2015-11-20 16:15 - 00012640 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-heap-l1-1-0.dll
2016-03-08 16:22 - 2015-11-20 16:15 - 00012640 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-conio-l1-1-0.dll
2016-03-08 16:22 - 2015-11-20 16:15 - 00012640 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2016-03-08 16:22 - 2015-11-20 16:15 - 00012640 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2016-03-08 16:22 - 2015-11-20 16:15 - 00012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-utility-l1-1-0.dll
2016-03-08 16:22 - 2015-11-20 16:15 - 00012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-locale-l1-1-0.dll
2016-03-08 16:22 - 2015-11-20 16:15 - 00012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-environment-l1-1-0.dll
2016-03-08 16:22 - 2015-11-20 16:15 - 00012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-2-0.dll
2016-03-08 16:22 - 2015-11-20 16:15 - 00012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-1.dll
2016-03-08 16:22 - 2015-11-20 16:15 - 00012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2016-03-08 16:22 - 2015-11-20 16:15 - 00012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2016-03-08 16:22 - 2015-11-20 16:15 - 00012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2016-03-08 16:22 - 2015-11-20 16:15 - 00012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2016-03-08 16:22 - 2015-11-20 16:15 - 00012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2016-03-08 16:22 - 2015-11-20 16:15 - 00011616 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l2-1-0.dll
2016-03-08 16:22 - 2015-11-20 16:15 - 00011616 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2016-03-08 16:22 - 2015-11-20 16:15 - 00011616 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-timezone-l1-1-0.dll
2016-03-08 16:22 - 2015-11-20 16:15 - 00011616 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2016-03-08 16:22 - 2015-11-20 16:15 - 00011616 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2016-03-08 16:22 - 2015-11-20 16:15 - 00011616 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2016-03-08 16:22 - 2015-11-20 16:15 - 00011616 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l2-1-0.dll
2016-03-08 16:22 - 2015-11-20 16:15 - 00011616 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-2-0.dll
2016-03-08 16:22 - 2015-11-20 16:15 - 00011616 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2016-03-08 16:22 - 2015-11-20 16:15 - 00011616 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2016-03-08 16:22 - 2015-11-20 16:15 - 00011616 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2016-03-08 16:22 - 2015-11-20 16:15 - 00011104 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2016-03-08 16:22 - 2015-11-20 16:15 - 00011104 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2016-03-08 16:21 - 2016-02-06 04:12 - 00019968 _____ (Microsoft Corporation) C:\Windows\system32\seclogon.dll
2016-03-08 16:21 - 2016-02-06 04:11 - 00034304 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2016-03-08 16:21 - 2016-02-06 02:33 - 00297472 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2016-03-08 16:21 - 2016-02-02 17:30 - 00071680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\USBSTOR.SYS
2016-03-08 16:21 - 2015-11-20 16:15 - 00922432 _____ (Microsoft Corporation) C:\Windows\system32\ucrtbase.dll
2016-03-08 16:20 - 2016-02-03 19:06 - 00564736 _____ (Microsoft Corporation) C:\Windows\system32\oleaut32.dll
2016-03-08 16:20 - 2016-02-03 19:06 - 00089600 _____ (Microsoft Corporation) C:\Windows\system32\olepro32.dll
2016-03-08 16:20 - 2016-02-03 19:05 - 00067072 _____ (Microsoft Corporation) C:\Windows\system32\asycfilt.dll
2016-03-08 16:03 - 2016-02-04 17:25 - 02068992 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
==================== Un mois - Modifiés - fichiers et dossiers ========
(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)
2016-04-07 21:03 - 2012-10-21 14:09 - 00001002 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2016-04-07 20:30 - 2014-07-14 00:54 - 00001052 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2016-04-07 20:13 - 2014-07-14 00:54 - 00001048 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2016-04-07 20:12 - 2006-11-02 15:01 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2016-04-07 20:12 - 2006-11-02 14:47 - 00004240 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
2016-04-07 20:12 - 2006-11-02 14:47 - 00004240 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
2016-04-07 20:10 - 2012-06-17 20:38 - 00000012 _____ C:\Windows\bthservsdp.dat
2016-04-07 20:10 - 2006-11-02 15:01 - 00032492 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2016-04-07 20:09 - 2006-11-02 13:18 - 00000000 ____D C:\Windows\inf
2016-04-07 17:23 - 2012-07-25 19:00 - 00000000 ____D C:\Program Files\Google
2016-04-07 17:14 - 2012-07-25 19:00 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Picasa 3
2016-04-07 14:40 - 2015-12-18 18:03 - 00000000 ____D C:\Users\user.PC-de-user\AppData\Local\Adobe
2016-04-06 22:34 - 2016-01-26 02:59 - 00000000 ____D C:\Users\user.PC-de-user\AppData\Local\CrashDumps
2016-04-06 22:34 - 2015-12-26 00:47 - 00000000 ____D C:\Users\user.PC-de-user\AppData\Roaming\TS3Client
2016-04-06 22:34 - 2015-12-21 04:30 - 00000000 ____D C:\Users\user.PC-de-user\AppData\Roaming\uTorrent
2016-04-06 22:34 - 2012-07-21 18:39 - 00000000 ____D C:\Program Files\Steam
2016-04-06 22:08 - 2009-04-11 18:25 - 01614892 _____ C:\Windows\system32\PerfStringBackup.INI
2016-04-06 22:08 - 2009-04-11 18:24 - 00722218 _____ C:\Windows\system32\perfh00C.dat
2016-04-06 22:08 - 2009-04-11 18:24 - 00146048 _____ C:\Windows\system32\perfc00C.dat
2016-04-06 21:47 - 2015-12-19 02:09 - 00000000 ____D C:\Users\user.PC-de-user\AppData\Roaming\Skype
2016-04-06 19:14 - 2014-09-05 16:25 - 00001969 _____ C:\Users\Invité\Desktop\Google Chrome.lnk
2016-04-06 17:45 - 2016-02-21 12:49 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinZip
2016-04-06 16:09 - 2012-06-17 21:59 - 00319456 _____ (Microsoft Corporation) C:\Windows\DIFxAPI.dll
2016-03-31 19:33 - 2015-12-21 04:31 - 00000000 ____D C:\Users\user.PC-de-user\AppData\LocalLow\uTorrent
2016-03-31 14:12 - 2015-12-18 17:54 - 00000000 ____D C:\Users\user.PC-de-user\AppData\Local\Google
2016-03-30 22:46 - 2015-12-19 18:34 - 00000000 ____D C:\Users\user.PC-de-user\AppData\Roaming\vlc
2016-03-30 13:10 - 2016-02-17 01:31 - 00001704 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2016-03-30 13:06 - 2016-02-17 01:31 - 00001692 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk
2016-03-25 14:44 - 2015-05-06 19:55 - 00000000 ____D C:\ProgramData\boost_interprocess
2016-03-23 21:03 - 2012-10-21 14:09 - 00797376 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
2016-03-23 21:03 - 2012-10-21 14:09 - 00142528 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl
2016-03-08 16:50 - 2006-11-02 13:18 - 00000000 ____D C:\Windows\rescache
2016-03-08 16:27 - 2006-11-02 14:37 - 00000000 ____D C:\Windows\system32\XPSViewer
2016-03-08 16:27 - 2006-11-02 13:18 - 00000000 ____D C:\Program Files\Common Files\System
2016-03-08 16:17 - 2013-07-21 03:00 - 00000000 ____D C:\Windows\system32\MRT
2016-03-08 16:06 - 2006-11-02 12:24 - 141270216 _____ (Microsoft Corporation) C:\Windows\system32\mrt.exe
==================== Fichiers à la racine de certains dossiers =======
2016-04-06 22:11 - 2016-04-06 22:11 - 0010894 _____ () C:\ProgramData\1459973493.bdinstall.bin
2016-04-06 22:11 - 2016-04-06 22:11 - 0010894 _____ () C:\ProgramData\1459973509.bdinstall.bin
2016-04-06 22:12 - 2016-04-06 22:12 - 0010894 _____ () C:\ProgramData\1459973523.bdinstall.bin
2016-04-07 17:29 - 2016-04-07 17:29 - 0010894 _____ () C:\ProgramData\1460042984.bdinstall.bin
2016-04-07 17:30 - 2016-04-07 17:30 - 0010894 _____ () C:\ProgramData\1460043005.bdinstall.bin
2015-06-09 15:13 - 2015-06-09 15:13 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
2014-01-22 21:07 - 2014-01-22 21:11 - 0000000 _____ () C:\ProgramData\LauncherAccess.dt
ZeroAccess:
C:\$Recycle.Bin\S-1-5-21-394029494-1414032695-2043843957-1000\$9aa91e1f6278c028ddd364d6d49cadcb
ZeroAccess:
C:\$Recycle.Bin\S-1-5-18\$9aa91e1f6278c028ddd364d6d49cadcb
Certains fichiers dans TEMP:
====================
C:\Users\Invité\AppData\Local\Temp\i4jdel0.exe
C:\Users\user.PC-de-user\AppData\Local\Temp\Quarantine.exe
C:\Users\user.PC-de-user\AppData\Local\Temp\sqlite3.dll
==================== Bamital & volsnap =================
(Il n'y a pas de correction automatique pour les fichiers qui ne satisfont pas à la vérification.)
C:\Windows\explorer.exe => Le fichier est signé numériquement
C:\Windows\system32\winlogon.exe => Le fichier est signé numériquement
C:\Windows\system32\wininit.exe => Le fichier est signé numériquement
C:\Windows\system32\svchost.exe => Le fichier est signé numériquement
C:\Windows\system32\services.exe => Le fichier est signé numériquement
C:\Windows\system32\User32.dll => Le fichier est signé numériquement
C:\Windows\system32\userinit.exe => Le fichier est signé numériquement
C:\Windows\system32\rpcss.dll => Le fichier est signé numériquement
C:\Windows\system32\dnsapi.dll => Le fichier est signé numériquement
C:\Windows\system32\Drivers\volsnap.sys => Le fichier est signé numériquement
LastRegBack: 2016-04-07 20:19
==================== Fin de FRST.txt ============================