Publicité
Publicité
Format du document : text/plain
Prévisualisation
Résultats d'analyse de Farbar Recovery Scan Tool (FRST) (x64) Version:04-05-2016
Exécuté par Guillaume (administrateur) sur PC-DE-GUILLAUME (04-05-2016 19:58:18)
Exécuté depuis C:\Users\Guillaume\Desktop
Profils chargés: Guillaume (Profils disponibles: Guillaume)
Platform: Windows Vista (TM) Home Premium Service Pack 2 (X64) Langue: Français (France)
Internet Explorer Version 9 (Navigateur par défaut: FF)
Mode d'amorçage: Safe Mode (with Networking)
Tutoriel pour Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processus (Avec liste blanche) =================
(Si un élément est inclus dans le fichier fixlist.txt, le processus sera arrêté. Le fichier ne sera pas déplacé.)
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
==================== Registre (Avec liste blanche) ===========================
(Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé. Le fichier ne sera pas déplacé.)
HKLM\...\Run: [Windows Defender] => C:\Program Files\Windows Defender\MSASCui.exe [1584184 2008-01-21] (Microsoft Corporation)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [7574048 2009-03-30] (Realtek Semiconductor)
HKLM\...\Run: [FijiKeyboard] => c:\Acer\Preload\Autorun\DRV\FIJI Keyboard\ABoard.exe [79416 2008-09-18] (Packard Bell BV)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2685072 2015-05-01] (NVIDIA Corporation)
HKLM\...\Run: [Skytel] => C:\Program Files\Realtek\Audio\HDA\Skytel.exe [1833504 2009-03-30] (Realtek Semiconductor Corp.)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [5227648 2015-03-31] (AVAST Software)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [595480 2016-03-20] (Oracle Corporation)
HKU\S-1-5-21-3398291942-3088011309-892675740-1000\...\Run: [OrangeInside] => C:\Users\Guillaume\AppData\Roaming\Orange\OrangeInside\one\OrangeInside.exe [1526272 2012-11-22] (Orange)
HKU\S-1-5-21-3398291942-3088011309-892675740-1000\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [6482200 2014-09-26] (Piriform Ltd)
HKU\S-1-5-21-3398291942-3088011309-892675740-1000\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [3077712 2016-03-31] (Valve Corporation)
HKU\S-1-5-21-3398291942-3088011309-892675740-1000\...\Policies\system: [LogonHoursAction] 2
HKU\S-1-5-21-3398291942-3088011309-892675740-1000\...\Policies\system: [DontDisplayLogonHoursWarnings] 1
HKU\S-1-5-21-3398291942-3088011309-892675740-1000\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\system32\Aurora.scr [1391616 2006-11-02] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2014-11-28] (AVAST Software)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\RIM.lnk [2014-04-28]
ShortcutTarget: RIM.lnk -> C:\Program Files (x86)\Orange\RIM\fscommand\RIM.exe (WebToGo Mobiles Internet GmbH)
BootExecute: autocheck autochk * ø˸
==================== Internet (Avec liste blanche) ====================
(Si un élément est inclus dans le fichier fixlist.txt, s'il s'agit d'un élément du Registre, il sera supprimé ou restauré à la valeur par défaut.)
Hosts: Il y a plus d'un élément dans hosts. Voir la section Hosts de Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1 192.168.1.1
Tcpip\..\Interfaces\{1CDCC957-7A65-49B4-96BB-1636957A2978}: [DhcpNameServer] 192.168.1.1 192.168.1.1
Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://homepage.packardbell.com/rdr.aspx?b=ACPW&l=040c&s=1&o=vp64&d=0609&m=imedia_s1710
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://homepage.packardbell.com/rdr.aspx?b=ACPW&l=040c&s=1&o=vp64&d=0609&m=imedia_s1710
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://homepage.packardbell.com/rdr.aspx?b=ACPW&l=040c&s=1&o=vp64&d=0609&m=imedia_s1710
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://homepage.packardbell.com/rdr.aspx?b=ACPW&l=040c&s=1&o=vp64&d=0609&m=imedia_s1710
HKU\S-1-5-21-3398291942-3088011309-892675740-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://r.orange.fr/r/Ohome_portail?ref=O_OI_defaultPage_IE
SearchScopes: HKLM-x32 -> {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL = hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7ACPW
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-3398291942-3088011309-892675740-1000 -> DefaultScope {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL = hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7ACPW
SearchScopes: HKU\S-1-5-21-3398291942-3088011309-892675740-1000 -> {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL = hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7ACPW
BHO: Désactivation du cookie publicitaire -> {8E425EB4-ADBD-4816-B1E8-49BB9DECF034} -> C:\Program Files\Google\Advertising Cookie Opt-out\opt_out.dll [2013-01-11] (Google Inc)
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2014-11-28] (AVAST Software)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21] (Microsoft Corp.)
BHO: Google Toolbar Notifier BHO -> {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} -> C:\Program Files\Google\GoogleToolbarNotifier\5.2.4204.1700\swg64.dll [2009-09-12] (Google Inc.)
BHO: Pas de nom -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> Pas de fichier
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_77\bin\ssv.dll [2016-03-24] (Oracle Corporation)
BHO-x32: Désactivation du cookie publicitaire -> {8E425EB4-ADBD-4816-B1E8-49BB9DECF034} -> C:\Program Files (x86)\Google\Advertising Cookie Opt-out\opt_out.dll [2013-01-11] (Google Inc)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2014-11-28] (AVAST Software)
BHO-x32: Programme d'aide de l'Assistant de connexion Windows Live ID -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21] (Microsoft Corp.)
BHO-x32: Google Toolbar Notifier BHO -> {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} -> C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.2.4204.1700\swg.dll [2009-09-12] (Google Inc.)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_77\bin\jp2ssv.dll [2016-03-24] (Oracle Corporation)
Toolbar: HKU\S-1-5-21-3398291942-3088011309-892675740-1000 -> Pas de nom - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - Pas de fichier
Handler-x32: http - {E1D2BF42-A96B-11D1-9C6B-0000F875AC61} - C:\PROGRA~2\COMMON~1\System\OLEDB~1\MSDAIPP.DLL [1999-12-02] (Microsoft Corporation)
Handler-x32: http - {E1D2BF40-A96B-11D1-9C6B-0000F875AC61} - C:\PROGRA~2\COMMON~1\System\OLEDB~1\MSDAIPP.DLL [1999-12-02] (Microsoft Corporation)
Handler-x32: https - {E1D2BF42-A96B-11D1-9C6B-0000F875AC61} - C:\PROGRA~2\COMMON~1\System\OLEDB~1\MSDAIPP.DLL [1999-12-02] (Microsoft Corporation)
Handler-x32: https - {E1D2BF40-A96B-11D1-9C6B-0000F875AC61} - C:\PROGRA~2\COMMON~1\System\OLEDB~1\MSDAIPP.DLL [1999-12-02] (Microsoft Corporation)
Handler-x32: ipp - {E1D2BF42-A96B-11D1-9C6B-0000F875AC61} - C:\PROGRA~2\COMMON~1\System\OLEDB~1\MSDAIPP.DLL [1999-12-02] (Microsoft Corporation)
Handler-x32: msdaipp - {E1D2BF42-A96B-11D1-9C6B-0000F875AC61} - C:\PROGRA~2\COMMON~1\System\OLEDB~1\MSDAIPP.DLL [1999-12-02] (Microsoft Corporation)
Handler-x32: msdaipp - {E1D2BF40-A96B-11D1-9C6B-0000F875AC61} - C:\PROGRA~2\COMMON~1\System\OLEDB~1\MSDAIPP.DLL [1999-12-02] (Microsoft Corporation)
FireFox:
========
FF ProfilePath: C:\Users\Guillaume\AppData\Roaming\Mozilla\Firefox\Profiles\7ziug170.default
FF DefaultSearchEngine: Yahoo! (Avast)
FF DefaultSearchUrl: hxxps://fr.search.yahoo.com/yhs/search
FF SearchEngineOrder.1: Yahoo! (Avast)
FF SelectedSearchEngine: Yahoo! (Avast)
FF Homepage: hxxp://r.orange.fr/r/Ohome_portail?ref=O_OI_defaultPage_FF
FF Keyword.URL: hxxp://r.orange.fr/r?ref=O_OI_hook_openSearchFF&url=http%3A//rws.search.ke.voila.fr/RW/S/opensearch_orange?rdata=
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_21_0_0_213.dll [2016-04-08] ()
FF Plugin: @microsoft.com/VirtualEarth3D,version=4.0 -> C:\Program Files (x86)\Virtual Earth 3D\ [] ()
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_21_0_0_213.dll [2016-04-08] ()
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll [2013-10-07] (Google)
FF Plugin-x32: @java.com/DTPlugin,version=11.77.2 -> C:\Program Files (x86)\Java\jre1.8.0_77\bin\dtplugin\npDeployJava1.dll [2016-03-24] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.77.2 -> C:\Program Files (x86)\Java\jre1.8.0_77\bin\plugin2\npjp2.dll [2016-03-24] (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.41212.0\npctrl.dll [2015-12-12] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/VirtualEarth3D,version=4.0 -> C:\Program Files (x86)\Virtual Earth 3D\ [] ()
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2010-09-23] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WPF,version=3.5 -> C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll [2008-07-29] (Microsoft Corporation)
FF Plugin-x32: @pack.google.com/Google Updater;version=14 -> C:\Program Files (x86)\Google\Google Updater\2.4.2432.1652\npCIDetect14.dll [2011-09-15] (Google)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-02-02] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-02-02] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll [2015-09-24] (Adobe Systems Inc.)
FF user.js: detected! => C:\Users\Guillaume\AppData\Roaming\Mozilla\Firefox\Profiles\7ziug170.default\user.js [2016-05-04]
FF SearchPlugin: C:\Users\Guillaume\AppData\Roaming\Mozilla\Firefox\Profiles\7ziug170.default\searchplugins\yahoo-avast.xml [2014-09-15]
FF Extension: MEGA - C:\Users\Guillaume\AppData\Roaming\Mozilla\Firefox\Profiles\7ziug170.default\Extensions\firefox@mega.co.nz.xpi [2016-04-27]
FF HKLM-x32\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF Extension: Microsoft .NET Framework Assistant - C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension [2009-09-03] [non signé]
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2016-05-04]
Chrome:
=======
CHR DefaultSearchURL: Default -> hxxps://fr.search.yahoo.com/yhs/search?type=avastbcl&hspart=avast&hsimp=yhs-001&p={searchTerms}
CHR DefaultSearchKeyword: Default -> www.yahoo.com
CHR DefaultSuggestURL: Default -> hxxp://ff.search.yahoo.com/gossip?output=fxjson&command={searchTerms}
CHR Profile: C:\Users\Guillaume\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (avast! WebRep) - C:\Users\Guillaume\AppData\Local\Google\Chrome\User Data\Default\Extensions\icmlaeflemplmjndnaapfdbbnpncnbda [2013-09-22]
CHR Extension: (Portail Orange) - C:\Users\Guillaume\AppData\Local\Google\Chrome\User Data\Default\Extensions\jafdhbipfdlldljdanpnlipdinjcjjid [2014-04-28]
CHR Extension: (Pas de nom) - C:\Users\Guillaume\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-09-15]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2014-11-28]
==================== Services (Avec liste blanche) ========================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
S2 AdobeActiveFileMonitor6.0; C:\Program Files (x86)\Adobe\Photoshop Elements 6.0\PhotoshopElementsFileAgent.exe [124832 2007-09-11] ()
S2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-11-28] (AVAST Software)
S3 FLEXnet Licensing Service; C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [647680 2009-04-28] (Macrovision Europe Ltd.) [Fichier non signé]
S2 GenericHidService; C:\Windows\system32\HidService.exe [83264 2008-05-29] (Packard Bell Services)
S2 GenericHidService; C:\Windows\SysWOW64\HidService.exe [83264 2008-05-29] (Packard Bell Services)
S2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1152656 2015-05-01] (NVIDIA Corporation)
S2 MaConfigAgent; C:\Program Files\ma-config.com\MaConfigAgent.exe [2820424 2014-06-24] (CybelSoft)
S2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1884304 2015-05-01] (NVIDIA Corporation)
S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2104840 2015-12-24] (Electronic Arts)
S3 wampapache; c:\wamp\bin\apache\apache2.4.2\bin\httpd.exe [24576 2012-05-13] (Apache Software Foundation) [Fichier non signé]
S3 wampmysqld; c:\wamp\bin\mysql\mysql5.5.24\bin\mysqld.exe [9693696 2012-04-19] () [Fichier non signé]
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [383544 2008-01-21] (Microsoft Corporation)
===================== Pilotes (Avec liste blanche) ==========================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
S2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29208 2014-11-28] ()
S2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [83280 2014-11-28] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr.sys [64752 2014-11-28] (AVAST Software)
S0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2014-11-28] ()
S1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1050432 2014-11-28] (AVAST Software)
S1 aswSP; C:\Windows\system32\drivers\aswSP.sys [436624 2014-11-28] (AVAST Software)
S1 aswTdi; C:\Windows\system32\drivers\aswTdi.sys [65264 2014-11-28] (AVAST Software)
S0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [267632 2014-11-28] ()
S3 ma-config_amd64; C:\Program Files\ma-config.com\Drivers\ma-config_amd64.sys [17568 2014-02-24] (CybelSoft)
S3 IpInIp; system32\DRIVERS\ipinip.sys [X]
S3 NwlnkFlt; system32\DRIVERS\nwlnkflt.sys [X]
S3 NwlnkFwd; system32\DRIVERS\nwlnkfwd.sys [X]
U3 wampapache64; pas de ImagePath
==================== NetSvcs (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
==================== Un mois - Créés - fichiers et dossiers ========
(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)
2016-05-04 19:58 - 2016-05-04 19:59 - 00016383 _____ C:\Users\Guillaume\Desktop\FRST.txt
2016-05-04 19:57 - 2016-05-04 19:57 - 02377216 _____ (Farbar) C:\Users\Guillaume\Desktop\FRST64.exe
2016-05-04 17:52 - 2014-11-28 16:26 - 00364512 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2016-05-03 22:37 - 2016-05-03 22:37 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVAST Software
2016-05-03 10:17 - 2016-05-03 10:17 - 00000000 ____D C:\Users\Guillaume\AppData\Roaming\Apple Computer
2016-05-02 07:32 - 2016-05-02 07:32 - 00000000 ____D C:\Users\Guillaume\AppData\Local\Apple
2016-05-02 07:32 - 2016-05-02 07:32 - 00000000 ____D C:\Program Files (x86)\Apple Software Update
2016-05-02 07:28 - 2016-05-02 07:28 - 00000000 ____D C:\Users\Guillaume\AppData\LocalLow\Apple Computer
2016-04-30 07:34 - 2016-04-30 07:34 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2016-04-29 13:10 - 2016-04-29 13:20 - 00039448 _____ C:\Users\Guillaume\Documents\RQTH.pdf
2016-04-29 13:08 - 2016-04-29 13:17 - 00026570 _____ C:\Users\Guillaume\Documents\RQTH.odt
2016-04-13 12:34 - 2016-03-22 01:00 - 01589168 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2016-04-13 12:34 - 2016-03-22 01:00 - 01171488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2016-04-13 12:34 - 2016-03-18 20:15 - 01915392 _____ (Microsoft Corporation) C:\Windows\system32\ole32.dll
2016-04-13 12:34 - 2016-03-18 20:14 - 01212928 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2016-04-13 12:34 - 2016-03-18 19:10 - 01316864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ole32.dll
2016-04-13 12:34 - 2016-03-18 19:10 - 00861696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2016-04-13 12:33 - 2016-03-18 18:44 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2016-04-13 12:33 - 2016-03-18 17:32 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2016-04-13 12:32 - 2016-03-29 23:48 - 02800640 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2016-04-13 12:31 - 2016-03-18 20:15 - 00660480 _____ (Microsoft Corporation) C:\Windows\system32\samsrv.dll
2016-04-13 12:31 - 2016-03-18 20:15 - 00258048 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2016-04-13 12:31 - 2016-03-18 20:15 - 00099328 _____ (Microsoft Corporation) C:\Windows\system32\samlib.dll
2016-04-13 12:31 - 2016-03-18 20:15 - 00094720 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2016-04-13 12:31 - 2016-03-18 20:14 - 01689600 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2016-04-13 12:31 - 2016-03-18 19:10 - 00206336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2016-04-13 12:31 - 2016-03-18 19:10 - 00077312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2016-04-13 12:31 - 2016-03-18 19:10 - 00057344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\samlib.dll
2016-04-13 12:31 - 2016-03-04 18:40 - 01875968 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2016-04-13 12:30 - 2016-03-04 18:52 - 01253376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2016-04-13 12:29 - 2016-03-17 21:00 - 00152064 _____ (Microsoft Corporation) C:\Windows\system32\mtxoci.dll
2016-04-13 12:29 - 2016-03-17 19:45 - 00180224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msorcl32.dll
2016-04-13 12:29 - 2016-03-17 19:45 - 00105472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mtxoci.dll
2016-04-13 06:24 - 2016-03-24 23:17 - 18804736 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2016-04-13 06:24 - 2016-03-24 23:14 - 02351616 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2016-04-13 06:24 - 2016-03-24 23:09 - 10938880 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2016-04-13 06:24 - 2016-03-24 23:09 - 00448512 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2016-04-13 06:24 - 2016-03-24 23:08 - 01392128 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2016-04-13 06:24 - 2016-03-24 23:08 - 01389056 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2016-04-13 06:24 - 2016-03-24 23:07 - 02382848 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2016-04-13 06:24 - 2016-03-24 23:07 - 02159104 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2016-04-13 06:24 - 2016-03-24 23:07 - 01494528 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2016-04-13 06:24 - 2016-03-24 23:07 - 00816128 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2016-04-13 06:24 - 2016-03-24 23:07 - 00728576 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2016-04-13 06:24 - 2016-03-24 23:07 - 00579584 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2016-04-13 06:24 - 2016-03-24 23:07 - 00452608 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2016-04-13 06:24 - 2016-03-24 23:07 - 00281600 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2016-04-13 06:24 - 2016-03-24 23:07 - 00248320 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2016-04-13 06:24 - 2016-03-24 23:07 - 00237056 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2016-04-13 06:24 - 2016-03-24 23:07 - 00173568 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2016-04-13 06:24 - 2016-03-24 23:07 - 00096256 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2016-04-13 06:24 - 2016-03-24 23:07 - 00086016 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2016-04-13 06:24 - 2016-03-24 23:07 - 00055296 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll
2016-04-13 06:24 - 2016-03-24 23:07 - 00012800 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe
2016-04-13 06:24 - 2016-03-24 23:07 - 00011264 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe
2016-04-13 06:24 - 2016-03-24 22:40 - 01815552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2016-04-13 06:24 - 2016-03-24 22:38 - 12841472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2016-04-13 06:24 - 2016-03-24 22:36 - 00367616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2016-04-13 06:24 - 2016-03-24 22:35 - 09753600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2016-04-13 06:24 - 2016-03-24 22:35 - 01140224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2016-04-13 06:24 - 2016-03-24 22:34 - 01129984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2016-04-13 06:24 - 2016-03-24 22:33 - 01804800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2016-04-13 06:24 - 2016-03-24 22:33 - 01427968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2016-04-13 06:24 - 2016-03-24 22:33 - 00718848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2016-04-13 06:24 - 2016-03-24 22:33 - 00424960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2016-04-13 06:24 - 2016-03-24 22:33 - 00231936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\url.dll
2016-04-13 06:24 - 2016-03-24 22:33 - 00142848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2016-04-13 06:24 - 2016-03-24 22:33 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2016-04-13 06:24 - 2016-03-24 22:32 - 02382848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2016-04-13 06:24 - 2016-03-24 22:32 - 00607744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2016-04-13 06:24 - 2016-03-24 22:32 - 00354304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2016-04-13 06:24 - 2016-03-24 22:32 - 00223744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2016-04-13 06:24 - 2016-03-24 22:32 - 00176640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2016-04-13 06:24 - 2016-03-24 22:32 - 00072704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2016-04-13 06:24 - 2016-03-24 22:32 - 00041472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedsbs.dll
2016-04-13 06:24 - 2016-03-24 22:32 - 00011776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshta.exe
2016-04-13 06:24 - 2016-03-24 22:32 - 00010752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedssync.exe
2016-04-11 23:56 - 2016-04-12 12:45 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2016-04-08 08:12 - 2016-04-08 08:11 - 03119168 _____ C:\Users\Guillaume\Desktop\adwcleaner_5.109.exe
==================== Un mois - Modifiés - fichiers et dossiers ========
(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)
2016-05-05 03:46 - 2014-09-18 11:10 - 00000000 ____D C:\AdwCleaner
2016-05-05 03:46 - 2006-11-02 15:34 - 00000000 ____D C:\Windows\system32\spool
2016-05-05 03:46 - 2006-11-02 15:34 - 00000000 ____D C:\Windows\system32\Msdtc
2016-05-05 03:46 - 2006-11-02 14:33 - 79167488 _____ C:\Windows\system32\config\software_previous
2016-05-05 03:46 - 2006-11-02 14:33 - 36700160 _____ C:\Windows\system32\config\system_previous
2016-05-05 03:37 - 2006-11-02 14:33 - 76283904 _____ C:\Windows\system32\config\components_previous
2016-05-05 03:37 - 2006-11-02 14:33 - 00262144 _____ C:\Windows\system32\config\sam_previous
2016-05-04 19:58 - 2014-09-19 11:14 - 00000000 ____D C:\FRST
2016-05-04 19:07 - 2014-09-27 09:32 - 00000732 _____ C:\Users\Guillaume\AppData\Local\d3d9caps64.dat
2016-05-04 18:40 - 2008-01-21 12:01 - 01615904 _____ C:\Windows\system32\PerfStringBackup.INI
2016-05-04 18:40 - 2008-01-21 12:00 - 00721474 _____ C:\Windows\system32\perfh00C.dat
2016-05-04 18:40 - 2008-01-21 12:00 - 00145678 _____ C:\Windows\system32\perfc00C.dat
2016-05-04 18:40 - 2006-11-02 15:33 - 00000000 ____D C:\Windows\inf
2016-05-04 18:36 - 2009-12-27 19:33 - 03364638 _____ C:\Windows\ntbtlog.txt
2016-05-04 18:14 - 2014-09-21 14:02 - 00001002 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2016-05-04 18:10 - 2014-09-18 16:52 - 00000000 ____D C:\Users\Guillaume\AppData\Local\CrashDumps
2016-05-04 18:04 - 2009-09-12 13:27 - 00001068 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2016-05-04 17:53 - 2014-11-28 16:27 - 00001789 _____ C:\Users\Public\Desktop\Avast Free Antivirus.lnk
2016-05-04 17:52 - 2014-09-09 06:34 - 00003838 _____ C:\Windows\System32\Tasks\avast! Emergency Update
2016-05-04 17:50 - 2015-09-01 16:19 - 00000000 ____D C:\Program Files (x86)\Steam
2016-05-04 17:50 - 2014-04-28 11:29 - 00000184 _____ C:\Users\Public\Documents\rim_expiry.xml
2016-05-04 17:48 - 2009-09-12 13:27 - 00001064 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2016-05-04 17:48 - 2009-08-28 13:36 - 00000000 ____D C:\Users\Guillaume
2016-05-04 17:48 - 2006-11-02 17:42 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2016-05-04 17:48 - 2006-11-02 17:22 - 00003216 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
2016-05-04 17:48 - 2006-11-02 17:22 - 00003216 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
2016-05-04 17:10 - 2010-08-16 18:35 - 00001356 _____ C:\Users\Guillaume\AppData\Local\d3d9caps.dat
2016-05-04 17:10 - 2006-11-02 14:33 - 00524288 _____ C:\Windows\system32\config\default_previous
2016-05-04 17:07 - 2006-11-02 14:33 - 00262144 _____ C:\Windows\system32\config\security_previous
2016-05-04 15:31 - 2009-10-27 17:53 - 00000000 ____D C:\Windows\Minidump
2016-05-04 02:23 - 2016-01-24 11:33 - 00000000 ____D C:\Users\Guillaume\Documents\Pronostics 2016
2016-05-03 22:29 - 2011-05-05 11:15 - 00000000 ____D C:\Windows\SysWOW64\QuickTime
2016-05-03 22:26 - 2011-05-05 11:15 - 00000000 ____D C:\Program Files (x86)\QuickTime
2016-05-03 21:21 - 2014-09-21 13:54 - 00000000 ____D C:\Program Files (x86)\Java
2016-05-03 21:21 - 2014-02-25 09:09 - 00000000 ____D C:\Program Files\CCleaner
2016-05-03 21:21 - 2011-05-05 11:15 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickTime
2016-05-02 07:24 - 2009-08-28 13:36 - 00000000 ____D C:\Users\Guillaume\AppData\Local\VirtualStore
2016-04-25 18:40 - 2014-09-21 13:55 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2016-04-25 18:39 - 2016-01-30 16:34 - 00000000 ____D C:\Users\Guillaume\.oracle_jre_usage
2016-04-21 15:05 - 2012-12-05 06:58 - 00453288 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2016-04-16 21:24 - 2006-11-02 17:42 - 00032526 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2016-04-16 11:20 - 2009-09-12 13:25 - 00001012 _____ C:\Windows\Tasks\Google Software Updater.job
2016-04-13 14:06 - 2006-11-02 15:33 - 00000000 ____D C:\Windows\rescache
2016-04-13 13:42 - 2006-11-02 17:21 - 00330600 _____ C:\Windows\system32\FNTCACHE.DAT
2016-04-13 13:38 - 2006-11-02 17:07 - 00000000 ____D C:\Windows\SysWOW64\XPSViewer
2016-04-13 12:41 - 2013-07-29 03:00 - 00000000 ____D C:\Windows\system32\MRT
2016-04-13 12:35 - 2006-11-02 14:35 - 135176864 _____ (Microsoft Corporation) C:\Windows\system32\mrt.exe
2016-04-12 12:45 - 2014-10-24 13:44 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2016-04-12 12:45 - 2012-01-12 04:31 - 00003767 _____ C:\Windows\wininit.ini
2016-04-12 01:08 - 2009-09-12 13:29 - 00002037 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-04-08 17:58 - 2014-09-21 14:02 - 00797376 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2016-04-08 17:58 - 2014-09-21 14:02 - 00003854 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2016-04-08 17:58 - 2012-02-19 09:19 - 00142528 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2016-04-08 08:27 - 2014-09-18 17:10 - 00192216 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2016-04-08 08:26 - 2015-05-29 12:05 - 00000943 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2016-04-08 08:26 - 2014-09-18 17:09 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2016-04-08 08:26 - 2014-09-18 17:09 - 00000000 ____D C:\Program Files (x86)\Malwarebytes Anti-Malware
==================== Fichiers à la racine de certains dossiers =======
2014-01-09 16:03 - 2014-01-09 16:04 - 35404078 _____ () C:\Program Files (x86)\algoboxwin32_install.exe
2011-05-27 11:51 - 2011-05-27 11:51 - 0024576 _____ () C:\Program Files (x86)\removekey.exe
2015-09-01 16:19 - 2015-09-01 16:19 - 1476720 _____ () C:\Program Files (x86)\SteamSetup-1440016726.exe
2010-01-08 13:02 - 2013-06-01 08:10 - 0024492 _____ () C:\Users\Guillaume\AppData\Roaming\wklnhst.dat
2009-08-28 18:33 - 2013-10-28 12:42 - 0000552 _____ () C:\Users\Guillaume\AppData\Local\d3d8caps.dat
2010-08-16 18:35 - 2016-05-04 17:10 - 0001356 _____ () C:\Users\Guillaume\AppData\Local\d3d9caps.dat
2014-09-27 09:32 - 2016-05-04 19:07 - 0000732 _____ () C:\Users\Guillaume\AppData\Local\d3d9caps64.dat
2009-08-28 22:52 - 2015-10-16 06:01 - 0025088 _____ () C:\Users\Guillaume\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2014-05-10 16:58 - 2014-05-10 16:58 - 0432722 _____ () C:\Users\Guillaume\AppData\Local\dd_vcredistMSI0A47.txt
2011-03-01 07:57 - 2011-03-01 07:58 - 0438682 _____ () C:\Users\Guillaume\AppData\Local\dd_vcredistMSI0D54.txt
2015-03-06 17:14 - 2015-03-06 17:14 - 0416850 _____ () C:\Users\Guillaume\AppData\Local\dd_vcredistMSI2631.txt
2011-09-21 13:03 - 2011-09-21 13:03 - 0431332 _____ () C:\Users\Guillaume\AppData\Local\dd_vcredistMSI3A3D.txt
2012-10-29 14:57 - 2012-10-29 14:58 - 0386868 _____ () C:\Users\Guillaume\AppData\Local\dd_vcredistMSI5FC7.txt
2014-04-28 11:30 - 2014-04-28 11:30 - 0415152 _____ () C:\Users\Guillaume\AppData\Local\dd_vcredistMSI65AE.txt
2014-05-12 21:34 - 2014-05-12 21:34 - 0413956 _____ () C:\Users\Guillaume\AppData\Local\dd_vcredistMSI796A.txt
2014-05-10 16:58 - 2014-05-10 16:58 - 0011488 _____ () C:\Users\Guillaume\AppData\Local\dd_vcredistUI0A47.txt
2011-03-01 07:57 - 2011-03-01 07:58 - 0011722 _____ () C:\Users\Guillaume\AppData\Local\dd_vcredistUI0D54.txt
2015-03-06 17:14 - 2015-03-06 17:14 - 0011248 _____ () C:\Users\Guillaume\AppData\Local\dd_vcredistUI2631.txt
2011-09-21 13:03 - 2011-09-21 13:03 - 0011494 _____ () C:\Users\Guillaume\AppData\Local\dd_vcredistUI3A3D.txt
2012-10-29 14:57 - 2012-10-29 14:58 - 0011376 _____ () C:\Users\Guillaume\AppData\Local\dd_vcredistUI5FC7.txt
2014-04-28 11:30 - 2014-04-28 11:30 - 0011656 _____ () C:\Users\Guillaume\AppData\Local\dd_vcredistUI65AE.txt
2014-05-12 21:34 - 2014-05-12 21:34 - 0011964 _____ () C:\Users\Guillaume\AppData\Local\dd_vcredistUI796A.txt
2012-12-13 13:24 - 2012-12-13 13:24 - 0002251 _____ () C:\Users\Guillaume\AppData\Local\recently-used.xbel
Fichiers à déplacer ou supprimer:
====================
C:\Users\Guillaume\Apache_OpenOffice_4.1.1_Win_x86_install_fr.exe
C:\Users\Guillaume\avast_free6_01Net.exe
C:\Users\Guillaume\install_flash_player.exe
Certains fichiers dans TEMP:
====================
C:\Users\Guillaume\AppData\Local\Temp\AutoEdManager14.exe
C:\Users\Guillaume\AppData\Local\Temp\jre-7u71-windows-i586-iftw.exe
C:\Users\Guillaume\AppData\Local\Temp\jre-8u51-windows-au.exe
C:\Users\Guillaume\AppData\Local\Temp\jre-8u65-windows-au.exe
C:\Users\Guillaume\AppData\Local\Temp\jre-8u71-windows-au.exe
C:\Users\Guillaume\AppData\Local\Temp\jre-8u73-windows-au.exe
C:\Users\Guillaume\AppData\Local\Temp\jre-8u77-windows-au.exe
C:\Users\Guillaume\AppData\Local\Temp\libeay32.dll
C:\Users\Guillaume\AppData\Local\Temp\msvcr120.dll
C:\Users\Guillaume\AppData\Local\Temp\Quarantine.exe
C:\Users\Guillaume\AppData\Local\Temp\sqlite3.dll
==================== Bamital & volsnap =================
(Il n'y a pas de correction automatique pour les fichiers qui ne satisfont pas à la vérification.)
C:\Windows\system32\winlogon.exe => Le fichier est signé numériquement
C:\Windows\system32\wininit.exe => Le fichier est signé numériquement
C:\Windows\SysWOW64\wininit.exe => Le fichier est signé numériquement
C:\Windows\explorer.exe => Le fichier est signé numériquement
C:\Windows\SysWOW64\explorer.exe => Le fichier est signé numériquement
C:\Windows\system32\svchost.exe => Le fichier est signé numériquement
C:\Windows\SysWOW64\svchost.exe => Le fichier est signé numériquement
C:\Windows\system32\services.exe => Le fichier est signé numériquement
C:\Windows\system32\User32.dll => Le fichier est signé numériquement
C:\Windows\SysWOW64\User32.dll => Le fichier est signé numériquement
C:\Windows\system32\userinit.exe => Le fichier est signé numériquement
C:\Windows\SysWOW64\userinit.exe => Le fichier est signé numériquement
C:\Windows\system32\rpcss.dll => Le fichier est signé numériquement
C:\Windows\system32\dnsapi.dll => Le fichier est signé numériquement
C:\Windows\SysWOW64\dnsapi.dll => Le fichier est signé numériquement
C:\Windows\system32\Drivers\volsnap.sys => Le fichier est signé numériquement
LastRegBack: 2016-05-04 18:55
==================== Fin de FRST.txt ============================
Exécuté par Guillaume (administrateur) sur PC-DE-GUILLAUME (04-05-2016 19:58:18)
Exécuté depuis C:\Users\Guillaume\Desktop
Profils chargés: Guillaume (Profils disponibles: Guillaume)
Platform: Windows Vista (TM) Home Premium Service Pack 2 (X64) Langue: Français (France)
Internet Explorer Version 9 (Navigateur par défaut: FF)
Mode d'amorçage: Safe Mode (with Networking)
Tutoriel pour Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processus (Avec liste blanche) =================
(Si un élément est inclus dans le fichier fixlist.txt, le processus sera arrêté. Le fichier ne sera pas déplacé.)
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
==================== Registre (Avec liste blanche) ===========================
(Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé. Le fichier ne sera pas déplacé.)
HKLM\...\Run: [Windows Defender] => C:\Program Files\Windows Defender\MSASCui.exe [1584184 2008-01-21] (Microsoft Corporation)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [7574048 2009-03-30] (Realtek Semiconductor)
HKLM\...\Run: [FijiKeyboard] => c:\Acer\Preload\Autorun\DRV\FIJI Keyboard\ABoard.exe [79416 2008-09-18] (Packard Bell BV)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2685072 2015-05-01] (NVIDIA Corporation)
HKLM\...\Run: [Skytel] => C:\Program Files\Realtek\Audio\HDA\Skytel.exe [1833504 2009-03-30] (Realtek Semiconductor Corp.)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [5227648 2015-03-31] (AVAST Software)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [595480 2016-03-20] (Oracle Corporation)
HKU\S-1-5-21-3398291942-3088011309-892675740-1000\...\Run: [OrangeInside] => C:\Users\Guillaume\AppData\Roaming\Orange\OrangeInside\one\OrangeInside.exe [1526272 2012-11-22] (Orange)
HKU\S-1-5-21-3398291942-3088011309-892675740-1000\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [6482200 2014-09-26] (Piriform Ltd)
HKU\S-1-5-21-3398291942-3088011309-892675740-1000\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [3077712 2016-03-31] (Valve Corporation)
HKU\S-1-5-21-3398291942-3088011309-892675740-1000\...\Policies\system: [LogonHoursAction] 2
HKU\S-1-5-21-3398291942-3088011309-892675740-1000\...\Policies\system: [DontDisplayLogonHoursWarnings] 1
HKU\S-1-5-21-3398291942-3088011309-892675740-1000\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\system32\Aurora.scr [1391616 2006-11-02] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2014-11-28] (AVAST Software)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\RIM.lnk [2014-04-28]
ShortcutTarget: RIM.lnk -> C:\Program Files (x86)\Orange\RIM\fscommand\RIM.exe (WebToGo Mobiles Internet GmbH)
BootExecute: autocheck autochk * ø˸
==================== Internet (Avec liste blanche) ====================
(Si un élément est inclus dans le fichier fixlist.txt, s'il s'agit d'un élément du Registre, il sera supprimé ou restauré à la valeur par défaut.)
Hosts: Il y a plus d'un élément dans hosts. Voir la section Hosts de Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1 192.168.1.1
Tcpip\..\Interfaces\{1CDCC957-7A65-49B4-96BB-1636957A2978}: [DhcpNameServer] 192.168.1.1 192.168.1.1
Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://homepage.packardbell.com/rdr.aspx?b=ACPW&l=040c&s=1&o=vp64&d=0609&m=imedia_s1710
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://homepage.packardbell.com/rdr.aspx?b=ACPW&l=040c&s=1&o=vp64&d=0609&m=imedia_s1710
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://homepage.packardbell.com/rdr.aspx?b=ACPW&l=040c&s=1&o=vp64&d=0609&m=imedia_s1710
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://homepage.packardbell.com/rdr.aspx?b=ACPW&l=040c&s=1&o=vp64&d=0609&m=imedia_s1710
HKU\S-1-5-21-3398291942-3088011309-892675740-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://r.orange.fr/r/Ohome_portail?ref=O_OI_defaultPage_IE
SearchScopes: HKLM-x32 -> {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL = hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7ACPW
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-3398291942-3088011309-892675740-1000 -> DefaultScope {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL = hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7ACPW
SearchScopes: HKU\S-1-5-21-3398291942-3088011309-892675740-1000 -> {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL = hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7ACPW
BHO: Désactivation du cookie publicitaire -> {8E425EB4-ADBD-4816-B1E8-49BB9DECF034} -> C:\Program Files\Google\Advertising Cookie Opt-out\opt_out.dll [2013-01-11] (Google Inc)
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2014-11-28] (AVAST Software)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21] (Microsoft Corp.)
BHO: Google Toolbar Notifier BHO -> {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} -> C:\Program Files\Google\GoogleToolbarNotifier\5.2.4204.1700\swg64.dll [2009-09-12] (Google Inc.)
BHO: Pas de nom -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> Pas de fichier
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_77\bin\ssv.dll [2016-03-24] (Oracle Corporation)
BHO-x32: Désactivation du cookie publicitaire -> {8E425EB4-ADBD-4816-B1E8-49BB9DECF034} -> C:\Program Files (x86)\Google\Advertising Cookie Opt-out\opt_out.dll [2013-01-11] (Google Inc)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2014-11-28] (AVAST Software)
BHO-x32: Programme d'aide de l'Assistant de connexion Windows Live ID -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21] (Microsoft Corp.)
BHO-x32: Google Toolbar Notifier BHO -> {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} -> C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.2.4204.1700\swg.dll [2009-09-12] (Google Inc.)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_77\bin\jp2ssv.dll [2016-03-24] (Oracle Corporation)
Toolbar: HKU\S-1-5-21-3398291942-3088011309-892675740-1000 -> Pas de nom - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - Pas de fichier
Handler-x32: http - {E1D2BF42-A96B-11D1-9C6B-0000F875AC61} - C:\PROGRA~2\COMMON~1\System\OLEDB~1\MSDAIPP.DLL [1999-12-02] (Microsoft Corporation)
Handler-x32: http - {E1D2BF40-A96B-11D1-9C6B-0000F875AC61} - C:\PROGRA~2\COMMON~1\System\OLEDB~1\MSDAIPP.DLL [1999-12-02] (Microsoft Corporation)
Handler-x32: https - {E1D2BF42-A96B-11D1-9C6B-0000F875AC61} - C:\PROGRA~2\COMMON~1\System\OLEDB~1\MSDAIPP.DLL [1999-12-02] (Microsoft Corporation)
Handler-x32: https - {E1D2BF40-A96B-11D1-9C6B-0000F875AC61} - C:\PROGRA~2\COMMON~1\System\OLEDB~1\MSDAIPP.DLL [1999-12-02] (Microsoft Corporation)
Handler-x32: ipp - {E1D2BF42-A96B-11D1-9C6B-0000F875AC61} - C:\PROGRA~2\COMMON~1\System\OLEDB~1\MSDAIPP.DLL [1999-12-02] (Microsoft Corporation)
Handler-x32: msdaipp - {E1D2BF42-A96B-11D1-9C6B-0000F875AC61} - C:\PROGRA~2\COMMON~1\System\OLEDB~1\MSDAIPP.DLL [1999-12-02] (Microsoft Corporation)
Handler-x32: msdaipp - {E1D2BF40-A96B-11D1-9C6B-0000F875AC61} - C:\PROGRA~2\COMMON~1\System\OLEDB~1\MSDAIPP.DLL [1999-12-02] (Microsoft Corporation)
FireFox:
========
FF ProfilePath: C:\Users\Guillaume\AppData\Roaming\Mozilla\Firefox\Profiles\7ziug170.default
FF DefaultSearchEngine: Yahoo! (Avast)
FF DefaultSearchUrl: hxxps://fr.search.yahoo.com/yhs/search
FF SearchEngineOrder.1: Yahoo! (Avast)
FF SelectedSearchEngine: Yahoo! (Avast)
FF Homepage: hxxp://r.orange.fr/r/Ohome_portail?ref=O_OI_defaultPage_FF
FF Keyword.URL: hxxp://r.orange.fr/r?ref=O_OI_hook_openSearchFF&url=http%3A//rws.search.ke.voila.fr/RW/S/opensearch_orange?rdata=
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_21_0_0_213.dll [2016-04-08] ()
FF Plugin: @microsoft.com/VirtualEarth3D,version=4.0 -> C:\Program Files (x86)\Virtual Earth 3D\ [] ()
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_21_0_0_213.dll [2016-04-08] ()
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll [2013-10-07] (Google)
FF Plugin-x32: @java.com/DTPlugin,version=11.77.2 -> C:\Program Files (x86)\Java\jre1.8.0_77\bin\dtplugin\npDeployJava1.dll [2016-03-24] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.77.2 -> C:\Program Files (x86)\Java\jre1.8.0_77\bin\plugin2\npjp2.dll [2016-03-24] (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.41212.0\npctrl.dll [2015-12-12] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/VirtualEarth3D,version=4.0 -> C:\Program Files (x86)\Virtual Earth 3D\ [] ()
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2010-09-23] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WPF,version=3.5 -> C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll [2008-07-29] (Microsoft Corporation)
FF Plugin-x32: @pack.google.com/Google Updater;version=14 -> C:\Program Files (x86)\Google\Google Updater\2.4.2432.1652\npCIDetect14.dll [2011-09-15] (Google)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-02-02] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-02-02] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll [2015-09-24] (Adobe Systems Inc.)
FF user.js: detected! => C:\Users\Guillaume\AppData\Roaming\Mozilla\Firefox\Profiles\7ziug170.default\user.js [2016-05-04]
FF SearchPlugin: C:\Users\Guillaume\AppData\Roaming\Mozilla\Firefox\Profiles\7ziug170.default\searchplugins\yahoo-avast.xml [2014-09-15]
FF Extension: MEGA - C:\Users\Guillaume\AppData\Roaming\Mozilla\Firefox\Profiles\7ziug170.default\Extensions\firefox@mega.co.nz.xpi [2016-04-27]
FF HKLM-x32\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF Extension: Microsoft .NET Framework Assistant - C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension [2009-09-03] [non signé]
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2016-05-04]
Chrome:
=======
CHR DefaultSearchURL: Default -> hxxps://fr.search.yahoo.com/yhs/search?type=avastbcl&hspart=avast&hsimp=yhs-001&p={searchTerms}
CHR DefaultSearchKeyword: Default -> www.yahoo.com
CHR DefaultSuggestURL: Default -> hxxp://ff.search.yahoo.com/gossip?output=fxjson&command={searchTerms}
CHR Profile: C:\Users\Guillaume\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (avast! WebRep) - C:\Users\Guillaume\AppData\Local\Google\Chrome\User Data\Default\Extensions\icmlaeflemplmjndnaapfdbbnpncnbda [2013-09-22]
CHR Extension: (Portail Orange) - C:\Users\Guillaume\AppData\Local\Google\Chrome\User Data\Default\Extensions\jafdhbipfdlldljdanpnlipdinjcjjid [2014-04-28]
CHR Extension: (Pas de nom) - C:\Users\Guillaume\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-09-15]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2014-11-28]
==================== Services (Avec liste blanche) ========================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
S2 AdobeActiveFileMonitor6.0; C:\Program Files (x86)\Adobe\Photoshop Elements 6.0\PhotoshopElementsFileAgent.exe [124832 2007-09-11] ()
S2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-11-28] (AVAST Software)
S3 FLEXnet Licensing Service; C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [647680 2009-04-28] (Macrovision Europe Ltd.) [Fichier non signé]
S2 GenericHidService; C:\Windows\system32\HidService.exe [83264 2008-05-29] (Packard Bell Services)
S2 GenericHidService; C:\Windows\SysWOW64\HidService.exe [83264 2008-05-29] (Packard Bell Services)
S2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1152656 2015-05-01] (NVIDIA Corporation)
S2 MaConfigAgent; C:\Program Files\ma-config.com\MaConfigAgent.exe [2820424 2014-06-24] (CybelSoft)
S2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1884304 2015-05-01] (NVIDIA Corporation)
S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2104840 2015-12-24] (Electronic Arts)
S3 wampapache; c:\wamp\bin\apache\apache2.4.2\bin\httpd.exe [24576 2012-05-13] (Apache Software Foundation) [Fichier non signé]
S3 wampmysqld; c:\wamp\bin\mysql\mysql5.5.24\bin\mysqld.exe [9693696 2012-04-19] () [Fichier non signé]
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [383544 2008-01-21] (Microsoft Corporation)
===================== Pilotes (Avec liste blanche) ==========================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
S2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29208 2014-11-28] ()
S2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [83280 2014-11-28] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr.sys [64752 2014-11-28] (AVAST Software)
S0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2014-11-28] ()
S1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1050432 2014-11-28] (AVAST Software)
S1 aswSP; C:\Windows\system32\drivers\aswSP.sys [436624 2014-11-28] (AVAST Software)
S1 aswTdi; C:\Windows\system32\drivers\aswTdi.sys [65264 2014-11-28] (AVAST Software)
S0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [267632 2014-11-28] ()
S3 ma-config_amd64; C:\Program Files\ma-config.com\Drivers\ma-config_amd64.sys [17568 2014-02-24] (CybelSoft)
S3 IpInIp; system32\DRIVERS\ipinip.sys [X]
S3 NwlnkFlt; system32\DRIVERS\nwlnkflt.sys [X]
S3 NwlnkFwd; system32\DRIVERS\nwlnkfwd.sys [X]
U3 wampapache64; pas de ImagePath
==================== NetSvcs (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
==================== Un mois - Créés - fichiers et dossiers ========
(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)
2016-05-04 19:58 - 2016-05-04 19:59 - 00016383 _____ C:\Users\Guillaume\Desktop\FRST.txt
2016-05-04 19:57 - 2016-05-04 19:57 - 02377216 _____ (Farbar) C:\Users\Guillaume\Desktop\FRST64.exe
2016-05-04 17:52 - 2014-11-28 16:26 - 00364512 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2016-05-03 22:37 - 2016-05-03 22:37 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVAST Software
2016-05-03 10:17 - 2016-05-03 10:17 - 00000000 ____D C:\Users\Guillaume\AppData\Roaming\Apple Computer
2016-05-02 07:32 - 2016-05-02 07:32 - 00000000 ____D C:\Users\Guillaume\AppData\Local\Apple
2016-05-02 07:32 - 2016-05-02 07:32 - 00000000 ____D C:\Program Files (x86)\Apple Software Update
2016-05-02 07:28 - 2016-05-02 07:28 - 00000000 ____D C:\Users\Guillaume\AppData\LocalLow\Apple Computer
2016-04-30 07:34 - 2016-04-30 07:34 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2016-04-29 13:10 - 2016-04-29 13:20 - 00039448 _____ C:\Users\Guillaume\Documents\RQTH.pdf
2016-04-29 13:08 - 2016-04-29 13:17 - 00026570 _____ C:\Users\Guillaume\Documents\RQTH.odt
2016-04-13 12:34 - 2016-03-22 01:00 - 01589168 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2016-04-13 12:34 - 2016-03-22 01:00 - 01171488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2016-04-13 12:34 - 2016-03-18 20:15 - 01915392 _____ (Microsoft Corporation) C:\Windows\system32\ole32.dll
2016-04-13 12:34 - 2016-03-18 20:14 - 01212928 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2016-04-13 12:34 - 2016-03-18 19:10 - 01316864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ole32.dll
2016-04-13 12:34 - 2016-03-18 19:10 - 00861696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2016-04-13 12:33 - 2016-03-18 18:44 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2016-04-13 12:33 - 2016-03-18 17:32 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2016-04-13 12:32 - 2016-03-29 23:48 - 02800640 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2016-04-13 12:31 - 2016-03-18 20:15 - 00660480 _____ (Microsoft Corporation) C:\Windows\system32\samsrv.dll
2016-04-13 12:31 - 2016-03-18 20:15 - 00258048 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2016-04-13 12:31 - 2016-03-18 20:15 - 00099328 _____ (Microsoft Corporation) C:\Windows\system32\samlib.dll
2016-04-13 12:31 - 2016-03-18 20:15 - 00094720 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2016-04-13 12:31 - 2016-03-18 20:14 - 01689600 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2016-04-13 12:31 - 2016-03-18 19:10 - 00206336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2016-04-13 12:31 - 2016-03-18 19:10 - 00077312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2016-04-13 12:31 - 2016-03-18 19:10 - 00057344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\samlib.dll
2016-04-13 12:31 - 2016-03-04 18:40 - 01875968 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2016-04-13 12:30 - 2016-03-04 18:52 - 01253376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2016-04-13 12:29 - 2016-03-17 21:00 - 00152064 _____ (Microsoft Corporation) C:\Windows\system32\mtxoci.dll
2016-04-13 12:29 - 2016-03-17 19:45 - 00180224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msorcl32.dll
2016-04-13 12:29 - 2016-03-17 19:45 - 00105472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mtxoci.dll
2016-04-13 06:24 - 2016-03-24 23:17 - 18804736 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2016-04-13 06:24 - 2016-03-24 23:14 - 02351616 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2016-04-13 06:24 - 2016-03-24 23:09 - 10938880 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2016-04-13 06:24 - 2016-03-24 23:09 - 00448512 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2016-04-13 06:24 - 2016-03-24 23:08 - 01392128 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2016-04-13 06:24 - 2016-03-24 23:08 - 01389056 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2016-04-13 06:24 - 2016-03-24 23:07 - 02382848 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2016-04-13 06:24 - 2016-03-24 23:07 - 02159104 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2016-04-13 06:24 - 2016-03-24 23:07 - 01494528 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2016-04-13 06:24 - 2016-03-24 23:07 - 00816128 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2016-04-13 06:24 - 2016-03-24 23:07 - 00728576 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2016-04-13 06:24 - 2016-03-24 23:07 - 00579584 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2016-04-13 06:24 - 2016-03-24 23:07 - 00452608 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2016-04-13 06:24 - 2016-03-24 23:07 - 00281600 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2016-04-13 06:24 - 2016-03-24 23:07 - 00248320 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2016-04-13 06:24 - 2016-03-24 23:07 - 00237056 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2016-04-13 06:24 - 2016-03-24 23:07 - 00173568 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2016-04-13 06:24 - 2016-03-24 23:07 - 00096256 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2016-04-13 06:24 - 2016-03-24 23:07 - 00086016 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2016-04-13 06:24 - 2016-03-24 23:07 - 00055296 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll
2016-04-13 06:24 - 2016-03-24 23:07 - 00012800 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe
2016-04-13 06:24 - 2016-03-24 23:07 - 00011264 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe
2016-04-13 06:24 - 2016-03-24 22:40 - 01815552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2016-04-13 06:24 - 2016-03-24 22:38 - 12841472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2016-04-13 06:24 - 2016-03-24 22:36 - 00367616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2016-04-13 06:24 - 2016-03-24 22:35 - 09753600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2016-04-13 06:24 - 2016-03-24 22:35 - 01140224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2016-04-13 06:24 - 2016-03-24 22:34 - 01129984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2016-04-13 06:24 - 2016-03-24 22:33 - 01804800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2016-04-13 06:24 - 2016-03-24 22:33 - 01427968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2016-04-13 06:24 - 2016-03-24 22:33 - 00718848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2016-04-13 06:24 - 2016-03-24 22:33 - 00424960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2016-04-13 06:24 - 2016-03-24 22:33 - 00231936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\url.dll
2016-04-13 06:24 - 2016-03-24 22:33 - 00142848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2016-04-13 06:24 - 2016-03-24 22:33 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2016-04-13 06:24 - 2016-03-24 22:32 - 02382848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2016-04-13 06:24 - 2016-03-24 22:32 - 00607744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2016-04-13 06:24 - 2016-03-24 22:32 - 00354304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2016-04-13 06:24 - 2016-03-24 22:32 - 00223744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2016-04-13 06:24 - 2016-03-24 22:32 - 00176640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2016-04-13 06:24 - 2016-03-24 22:32 - 00072704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2016-04-13 06:24 - 2016-03-24 22:32 - 00041472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedsbs.dll
2016-04-13 06:24 - 2016-03-24 22:32 - 00011776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshta.exe
2016-04-13 06:24 - 2016-03-24 22:32 - 00010752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedssync.exe
2016-04-11 23:56 - 2016-04-12 12:45 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2016-04-08 08:12 - 2016-04-08 08:11 - 03119168 _____ C:\Users\Guillaume\Desktop\adwcleaner_5.109.exe
==================== Un mois - Modifiés - fichiers et dossiers ========
(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)
2016-05-05 03:46 - 2014-09-18 11:10 - 00000000 ____D C:\AdwCleaner
2016-05-05 03:46 - 2006-11-02 15:34 - 00000000 ____D C:\Windows\system32\spool
2016-05-05 03:46 - 2006-11-02 15:34 - 00000000 ____D C:\Windows\system32\Msdtc
2016-05-05 03:46 - 2006-11-02 14:33 - 79167488 _____ C:\Windows\system32\config\software_previous
2016-05-05 03:46 - 2006-11-02 14:33 - 36700160 _____ C:\Windows\system32\config\system_previous
2016-05-05 03:37 - 2006-11-02 14:33 - 76283904 _____ C:\Windows\system32\config\components_previous
2016-05-05 03:37 - 2006-11-02 14:33 - 00262144 _____ C:\Windows\system32\config\sam_previous
2016-05-04 19:58 - 2014-09-19 11:14 - 00000000 ____D C:\FRST
2016-05-04 19:07 - 2014-09-27 09:32 - 00000732 _____ C:\Users\Guillaume\AppData\Local\d3d9caps64.dat
2016-05-04 18:40 - 2008-01-21 12:01 - 01615904 _____ C:\Windows\system32\PerfStringBackup.INI
2016-05-04 18:40 - 2008-01-21 12:00 - 00721474 _____ C:\Windows\system32\perfh00C.dat
2016-05-04 18:40 - 2008-01-21 12:00 - 00145678 _____ C:\Windows\system32\perfc00C.dat
2016-05-04 18:40 - 2006-11-02 15:33 - 00000000 ____D C:\Windows\inf
2016-05-04 18:36 - 2009-12-27 19:33 - 03364638 _____ C:\Windows\ntbtlog.txt
2016-05-04 18:14 - 2014-09-21 14:02 - 00001002 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2016-05-04 18:10 - 2014-09-18 16:52 - 00000000 ____D C:\Users\Guillaume\AppData\Local\CrashDumps
2016-05-04 18:04 - 2009-09-12 13:27 - 00001068 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2016-05-04 17:53 - 2014-11-28 16:27 - 00001789 _____ C:\Users\Public\Desktop\Avast Free Antivirus.lnk
2016-05-04 17:52 - 2014-09-09 06:34 - 00003838 _____ C:\Windows\System32\Tasks\avast! Emergency Update
2016-05-04 17:50 - 2015-09-01 16:19 - 00000000 ____D C:\Program Files (x86)\Steam
2016-05-04 17:50 - 2014-04-28 11:29 - 00000184 _____ C:\Users\Public\Documents\rim_expiry.xml
2016-05-04 17:48 - 2009-09-12 13:27 - 00001064 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2016-05-04 17:48 - 2009-08-28 13:36 - 00000000 ____D C:\Users\Guillaume
2016-05-04 17:48 - 2006-11-02 17:42 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2016-05-04 17:48 - 2006-11-02 17:22 - 00003216 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
2016-05-04 17:48 - 2006-11-02 17:22 - 00003216 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
2016-05-04 17:10 - 2010-08-16 18:35 - 00001356 _____ C:\Users\Guillaume\AppData\Local\d3d9caps.dat
2016-05-04 17:10 - 2006-11-02 14:33 - 00524288 _____ C:\Windows\system32\config\default_previous
2016-05-04 17:07 - 2006-11-02 14:33 - 00262144 _____ C:\Windows\system32\config\security_previous
2016-05-04 15:31 - 2009-10-27 17:53 - 00000000 ____D C:\Windows\Minidump
2016-05-04 02:23 - 2016-01-24 11:33 - 00000000 ____D C:\Users\Guillaume\Documents\Pronostics 2016
2016-05-03 22:29 - 2011-05-05 11:15 - 00000000 ____D C:\Windows\SysWOW64\QuickTime
2016-05-03 22:26 - 2011-05-05 11:15 - 00000000 ____D C:\Program Files (x86)\QuickTime
2016-05-03 21:21 - 2014-09-21 13:54 - 00000000 ____D C:\Program Files (x86)\Java
2016-05-03 21:21 - 2014-02-25 09:09 - 00000000 ____D C:\Program Files\CCleaner
2016-05-03 21:21 - 2011-05-05 11:15 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickTime
2016-05-02 07:24 - 2009-08-28 13:36 - 00000000 ____D C:\Users\Guillaume\AppData\Local\VirtualStore
2016-04-25 18:40 - 2014-09-21 13:55 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2016-04-25 18:39 - 2016-01-30 16:34 - 00000000 ____D C:\Users\Guillaume\.oracle_jre_usage
2016-04-21 15:05 - 2012-12-05 06:58 - 00453288 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2016-04-16 21:24 - 2006-11-02 17:42 - 00032526 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2016-04-16 11:20 - 2009-09-12 13:25 - 00001012 _____ C:\Windows\Tasks\Google Software Updater.job
2016-04-13 14:06 - 2006-11-02 15:33 - 00000000 ____D C:\Windows\rescache
2016-04-13 13:42 - 2006-11-02 17:21 - 00330600 _____ C:\Windows\system32\FNTCACHE.DAT
2016-04-13 13:38 - 2006-11-02 17:07 - 00000000 ____D C:\Windows\SysWOW64\XPSViewer
2016-04-13 12:41 - 2013-07-29 03:00 - 00000000 ____D C:\Windows\system32\MRT
2016-04-13 12:35 - 2006-11-02 14:35 - 135176864 _____ (Microsoft Corporation) C:\Windows\system32\mrt.exe
2016-04-12 12:45 - 2014-10-24 13:44 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2016-04-12 12:45 - 2012-01-12 04:31 - 00003767 _____ C:\Windows\wininit.ini
2016-04-12 01:08 - 2009-09-12 13:29 - 00002037 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-04-08 17:58 - 2014-09-21 14:02 - 00797376 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2016-04-08 17:58 - 2014-09-21 14:02 - 00003854 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2016-04-08 17:58 - 2012-02-19 09:19 - 00142528 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2016-04-08 08:27 - 2014-09-18 17:10 - 00192216 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2016-04-08 08:26 - 2015-05-29 12:05 - 00000943 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2016-04-08 08:26 - 2014-09-18 17:09 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2016-04-08 08:26 - 2014-09-18 17:09 - 00000000 ____D C:\Program Files (x86)\Malwarebytes Anti-Malware
==================== Fichiers à la racine de certains dossiers =======
2014-01-09 16:03 - 2014-01-09 16:04 - 35404078 _____ () C:\Program Files (x86)\algoboxwin32_install.exe
2011-05-27 11:51 - 2011-05-27 11:51 - 0024576 _____ () C:\Program Files (x86)\removekey.exe
2015-09-01 16:19 - 2015-09-01 16:19 - 1476720 _____ () C:\Program Files (x86)\SteamSetup-1440016726.exe
2010-01-08 13:02 - 2013-06-01 08:10 - 0024492 _____ () C:\Users\Guillaume\AppData\Roaming\wklnhst.dat
2009-08-28 18:33 - 2013-10-28 12:42 - 0000552 _____ () C:\Users\Guillaume\AppData\Local\d3d8caps.dat
2010-08-16 18:35 - 2016-05-04 17:10 - 0001356 _____ () C:\Users\Guillaume\AppData\Local\d3d9caps.dat
2014-09-27 09:32 - 2016-05-04 19:07 - 0000732 _____ () C:\Users\Guillaume\AppData\Local\d3d9caps64.dat
2009-08-28 22:52 - 2015-10-16 06:01 - 0025088 _____ () C:\Users\Guillaume\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2014-05-10 16:58 - 2014-05-10 16:58 - 0432722 _____ () C:\Users\Guillaume\AppData\Local\dd_vcredistMSI0A47.txt
2011-03-01 07:57 - 2011-03-01 07:58 - 0438682 _____ () C:\Users\Guillaume\AppData\Local\dd_vcredistMSI0D54.txt
2015-03-06 17:14 - 2015-03-06 17:14 - 0416850 _____ () C:\Users\Guillaume\AppData\Local\dd_vcredistMSI2631.txt
2011-09-21 13:03 - 2011-09-21 13:03 - 0431332 _____ () C:\Users\Guillaume\AppData\Local\dd_vcredistMSI3A3D.txt
2012-10-29 14:57 - 2012-10-29 14:58 - 0386868 _____ () C:\Users\Guillaume\AppData\Local\dd_vcredistMSI5FC7.txt
2014-04-28 11:30 - 2014-04-28 11:30 - 0415152 _____ () C:\Users\Guillaume\AppData\Local\dd_vcredistMSI65AE.txt
2014-05-12 21:34 - 2014-05-12 21:34 - 0413956 _____ () C:\Users\Guillaume\AppData\Local\dd_vcredistMSI796A.txt
2014-05-10 16:58 - 2014-05-10 16:58 - 0011488 _____ () C:\Users\Guillaume\AppData\Local\dd_vcredistUI0A47.txt
2011-03-01 07:57 - 2011-03-01 07:58 - 0011722 _____ () C:\Users\Guillaume\AppData\Local\dd_vcredistUI0D54.txt
2015-03-06 17:14 - 2015-03-06 17:14 - 0011248 _____ () C:\Users\Guillaume\AppData\Local\dd_vcredistUI2631.txt
2011-09-21 13:03 - 2011-09-21 13:03 - 0011494 _____ () C:\Users\Guillaume\AppData\Local\dd_vcredistUI3A3D.txt
2012-10-29 14:57 - 2012-10-29 14:58 - 0011376 _____ () C:\Users\Guillaume\AppData\Local\dd_vcredistUI5FC7.txt
2014-04-28 11:30 - 2014-04-28 11:30 - 0011656 _____ () C:\Users\Guillaume\AppData\Local\dd_vcredistUI65AE.txt
2014-05-12 21:34 - 2014-05-12 21:34 - 0011964 _____ () C:\Users\Guillaume\AppData\Local\dd_vcredistUI796A.txt
2012-12-13 13:24 - 2012-12-13 13:24 - 0002251 _____ () C:\Users\Guillaume\AppData\Local\recently-used.xbel
Fichiers à déplacer ou supprimer:
====================
C:\Users\Guillaume\Apache_OpenOffice_4.1.1_Win_x86_install_fr.exe
C:\Users\Guillaume\avast_free6_01Net.exe
C:\Users\Guillaume\install_flash_player.exe
Certains fichiers dans TEMP:
====================
C:\Users\Guillaume\AppData\Local\Temp\AutoEdManager14.exe
C:\Users\Guillaume\AppData\Local\Temp\jre-7u71-windows-i586-iftw.exe
C:\Users\Guillaume\AppData\Local\Temp\jre-8u51-windows-au.exe
C:\Users\Guillaume\AppData\Local\Temp\jre-8u65-windows-au.exe
C:\Users\Guillaume\AppData\Local\Temp\jre-8u71-windows-au.exe
C:\Users\Guillaume\AppData\Local\Temp\jre-8u73-windows-au.exe
C:\Users\Guillaume\AppData\Local\Temp\jre-8u77-windows-au.exe
C:\Users\Guillaume\AppData\Local\Temp\libeay32.dll
C:\Users\Guillaume\AppData\Local\Temp\msvcr120.dll
C:\Users\Guillaume\AppData\Local\Temp\Quarantine.exe
C:\Users\Guillaume\AppData\Local\Temp\sqlite3.dll
==================== Bamital & volsnap =================
(Il n'y a pas de correction automatique pour les fichiers qui ne satisfont pas à la vérification.)
C:\Windows\system32\winlogon.exe => Le fichier est signé numériquement
C:\Windows\system32\wininit.exe => Le fichier est signé numériquement
C:\Windows\SysWOW64\wininit.exe => Le fichier est signé numériquement
C:\Windows\explorer.exe => Le fichier est signé numériquement
C:\Windows\SysWOW64\explorer.exe => Le fichier est signé numériquement
C:\Windows\system32\svchost.exe => Le fichier est signé numériquement
C:\Windows\SysWOW64\svchost.exe => Le fichier est signé numériquement
C:\Windows\system32\services.exe => Le fichier est signé numériquement
C:\Windows\system32\User32.dll => Le fichier est signé numériquement
C:\Windows\SysWOW64\User32.dll => Le fichier est signé numériquement
C:\Windows\system32\userinit.exe => Le fichier est signé numériquement
C:\Windows\SysWOW64\userinit.exe => Le fichier est signé numériquement
C:\Windows\system32\rpcss.dll => Le fichier est signé numériquement
C:\Windows\system32\dnsapi.dll => Le fichier est signé numériquement
C:\Windows\SysWOW64\dnsapi.dll => Le fichier est signé numériquement
C:\Windows\system32\Drivers\volsnap.sys => Le fichier est signé numériquement
LastRegBack: 2016-05-04 18:55
==================== Fin de FRST.txt ============================