Résultats d'analyse de Farbar Recovery Scan Tool (FRST) (x64) Version:29-12-2015 Exécuté par Nicolas (administrateur) sur PC-NICOLAS (30-12-2015 13:41:44) Exécuté depuis C:\Users\Nicolas\Downloads Profils chargés: Nicolas (Profils disponibles: Nicolas & Administrateur) Platform: Windows 8.1 (X64) Langue: Français (France) Internet Explorer Version 11 (Navigateur par défaut: Chrome) Mode d'amorçage: Normal Tutoriel pour Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processus (Avec liste blanche) ================= (Si un élément est inclus dans le fichier fixlist.txt, le processus sera arrêté. Le fichier ne sera pas déplacé.) (Intel Corporation) C:\Windows\System32\igfxCUIService.exe (ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe (Microsoft Corporation) C:\Windows\System32\wlanext.exe (ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe (AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe (ASUS Cloud Corporation) C:\Program Files (x86)\ASUS\WebStorage\2.1.11.399\AsusWSWinService.exe (Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe (Conexant Systems Inc.) C:\Windows\System32\CxAudMsg64.exe (Intel Corporation) C:\Windows\SysWOW64\esif_uf.exe (Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe (Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\utilities\ibtsiva.exe (Malwarebytes) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe (Malwarebytes) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe (Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe (Conexant Systems, Inc.) C:\Windows\SysWOW64\SASrv.exe (Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe (Avast Software) C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe (ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe (Intel Corporation) C:\Windows\Temp\DPTF\esif_assist.exe (Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe (Malwarebytes) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe (ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\KBFiltr.exe (Microsoft Corporation) C:\Windows\System32\dllhost.exe (Intel Corporation) C:\Windows\System32\igfxEM.exe (Intel Corporation) C:\Windows\System32\igfxHK.exe () C:\Windows\System32\igfxTray.exe (ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe (ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe (Microsoft Corporation) C:\Windows\System32\SkyDrive.exe (ASUS) C:\Program Files (x86)\ASUS\Splendid\ACMON.exe (ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe (ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\ASUS Check Device\ASUS_Check.exe (AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPLoader.exe (AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPCenter.exe (ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusSmartGestureDetector64.exe (AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPHelper.exe (Conexant Systems, Inc.) C:\Program Files\CONEXANT\cAudioFilterAgent\CAudioFilterAgent64.exe (Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\root\Office16\ONENOTEM.EXE (Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe (AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe (Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe (Conexant Systems, Inc) C:\Program Files\CONEXANT\SAII\SmartAudio.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (WildTangent) C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe () C:\Program Files (x86)\ASUS\ASUS Live Update\UpdateChecker.exe (ASUS Cloud Corporation) C:\Program Files (x86)\ASUS\WebStorage\2.1.11.399\AsusWSPanel.exe (Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20911_x64__8wekyb3d8bbwe\livecomm.exe (Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesCommonX86\Microsoft Shared\OFFICE16\CSISYNCCLIENT.EXE (Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSYNC.EXE (Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\root\Office16\WINWORD.EXE (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe ==================== Registre (Avec liste blanche) =========================== (Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé. Le fichier ne sera pas déplacé.) HKLM\...\Run: [cAudioFilterAgent] => C:\Program Files\Conexant\cAudioFilterAgent\cAudioFilterAgent64.exe [919768 2014-10-13] (Conexant Systems, Inc.) HKLM\...\Run: [SmartAudio] => C:\Program Files\CONEXANT\SAII\SACpl.exe [1830616 2014-04-10] (Conexant Systems, Inc.) HKLM-x32\...\Run: [WebStorage] => C:\Program Files (x86)\ASUS\WebStorage\2.1.11.399\ASUSWSLoader.exe [63296 2014-08-20] () HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [6111312 2015-11-14] (AVAST Software) HKU\S-1-5-21-2208342337-2256596435-3857777218-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [8461224 2015-09-16] (Piriform Ltd) HKU\S-1-5-21-2208342337-2256596435-3857777218-1001\...\MountPoints2: E - "E:\setup.EXE" /AUTORUN HKU\S-1-5-21-2208342337-2256596435-3857777218-1001\...\MountPoints2: {c38db948-7ce1-11e5-8270-605718326aad} - "E:\setup.EXE" /AUTORUN ShellIconOverlayIdentifiers: [!AsusWSShellExt_B] -> {6D4133E5-0742-4ADC-8A8C-9303440F7191} => C:\Program Files (x86)\Common Files\AWS\2.1.11.399\ASUSWSShellExt64.dll [2013-06-26] (ASUS Cloud Corporation.) ShellIconOverlayIdentifiers: [!AsusWSShellExt_O] -> {64174815-8D98-4CE6-8646-4C039977D809} => C:\Program Files (x86)\Common Files\AWS\2.1.11.399\ASUSWSShellExt64.dll [2013-06-26] (ASUS Cloud Corporation.) ShellIconOverlayIdentifiers: [!AsusWSShellExt_U] -> {1C5AB7B1-0B38-4EC4-9093-7FD277E2AF4E} => C:\Program Files (x86)\Common Files\AWS\2.1.11.399\ASUSWSShellExt64.dll [2013-06-26] (ASUS Cloud Corporation.) ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2015-09-16] (AVAST Software) Startup: C:\Users\Nicolas\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Envoyer à OneNote.lnk [2015-11-27] ShortcutTarget: Envoyer à OneNote.lnk -> C:\Program Files (x86)\Microsoft Office\root\Office16\ONENOTEM.EXE (Microsoft Corporation) GroupPolicy: Restriction - Chrome <======= ATTENTION ==================== Internet (Avec liste blanche) ==================== (Si un élément est inclus dans le fichier fixlist.txt, s'il s'agit d'un élément du Registre, il sera supprimé ou restauré à la valeur par défaut.) Tcpip\Parameters: [DhcpNameServer] 192.168.0.254 Tcpip\..\Interfaces\{F6CC7525-C90C-41D5-AEEF-CCA1D4760B30}: [DhcpNameServer] 192.168.0.254 Internet Explorer: ================== HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com HKU\S-1-5-21-2208342337-2256596435-3857777218-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://www.google.fr/?gws_rd=ssl SearchScopes: HKLM -> DefaultScope la valeur est absente SearchScopes: HKLM-x32 -> DefaultScope la valeur est absente SearchScopes: HKU\S-1-5-21-2208342337-2256596435-3857777218-1001 -> {012E1000-F331-11DB-8314-0800200C9A66} URL = hxxp://www.google.com/search?q={searchTerms} BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2015-12-20] (Microsoft Corporation) BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2015-09-16] (AVAST Software) BHO: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\GROOVEEX.DLL [2015-12-20] (Microsoft Corporation) BHO-x32: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\Office16\OCHelper.dll [2015-12-20] (Microsoft Corporation) BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2015-09-16] (AVAST Software) BHO-x32: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\root\Office16\GROOVEEX.DLL [2015-12-20] (Microsoft Corporation) Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2015-12-20] (Microsoft Corporation) Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2015-12-20] (Microsoft Corporation) Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2015-12-20] (Microsoft Corporation) Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2015-12-20] (Microsoft Corporation) FireFox: ======== FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/pdf -> C:\Program Files (x86)\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [2013-12-18] () FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.fdf -> C:\Program Files (x86)\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [2013-12-18] () FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.56 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2014-09-03] (Intel Corporation) FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2014-09-03] (Intel Corporation) FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2015-12-20] (Microsoft Corporation) FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2015-12-20] (Microsoft Corporation) FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.29.1\npGoogleUpdate3.dll [2015-12-29] (Google Inc.) FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.29.1\npGoogleUpdate3.dll [2015-12-29] (Google Inc.) FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll [2013-08-06] () FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2015-09-30] (Adobe Systems Inc.) FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2015-12-21] Chrome: ======= CHR StartupUrls: Default -> "hxxp://do-search.com/?type=hp&ts=1446128810&z=e9fff91de7726388022259bgcz1z5q3g0ocbfbcgde&from=dae&uid=sandiskxsd7sn3q128g1002_144425400103","hxxp://www.yoursites123.com/?type=hp&ts=1450757775&z=b63230c3d30b6808e9321eegez3waeam4w7m8mdm5w&from=wpm07173&uid=SanDiskXSD7SN3Q128G1002_144425400103" CHR Profile: C:\Users\Nicolas\AppData\Local\Google\Chrome\User Data\Default CHR Extension: (Google Slides) - C:\Users\Nicolas\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-12-29] CHR Extension: (Google Docs) - C:\Users\Nicolas\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-12-29] CHR Extension: (Google Drive) - C:\Users\Nicolas\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-12-29] CHR Extension: (YouTube) - C:\Users\Nicolas\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-12-29] CHR Extension: (Adblock Plus) - C:\Users\Nicolas\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2015-12-29] CHR Extension: (Recherche Google) - C:\Users\Nicolas\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-12-29] CHR Extension: (Avast SafePrice) - C:\Users\Nicolas\AppData\Local\Google\Chrome\User Data\Default\Extensions\eofcbnmajmjmplflapaojjnihcjkigck [2015-12-29] CHR Extension: (Google Sheets) - C:\Users\Nicolas\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-12-29] CHR Extension: (Google Docs hors connexion) - C:\Users\Nicolas\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2015-12-29] CHR Extension: (AdBlock) - C:\Users\Nicolas\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2015-12-29] CHR Extension: (Avast Online Security) - C:\Users\Nicolas\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2015-12-29] CHR Extension: (Paiements via le Chrome Web Store) - C:\Users\Nicolas\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-12-29] CHR Extension: (Gmail) - C:\Users\Nicolas\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-12-29] CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChromeSp.crx [2015-09-16] CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2015-09-16] ==================== Services (Avec liste blanche) ======================== (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.) R2 Asus WebStorage Windows Service; C:\Program Files (x86)\ASUS\WebStorage\2.1.11.399\AsusWSWinService.exe [71168 2014-08-20] (ASUS Cloud Corporation) [Fichier non signé] R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [146600 2015-09-16] (AVAST Software) R3 AvastVBoxSvc; C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe [4047768 2015-09-16] (Avast Software) R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [2748600 2015-12-04] (Microsoft Corporation) R2 esifsvc; C:\WINDOWS\SysWOW64\esif_uf.exe [1037568 2015-01-13] (Intel Corporation) R2 GamesAppIntegrationService; C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe [227904 2014-04-24] (WildTangent) R2 ibtsiva.exe; C:\Program Files (x86)\Intel\Bluetooth\utilities\ibtsiva.exe [121288 2014-08-13] (Intel Corporation) R2 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe [329104 2014-10-08] (Intel Corporation) S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [887256 2014-05-13] (Intel(R) Corporation) R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [154584 2014-09-03] (Intel Corporation) S3 Lenovo EasyPlus Hotspot; C:\Program Files (x86)\Common Files\LENOVO\easyplussdk\bin\EPHotspot64.exe [625632 2015-07-22] (Lenovo) R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1513784 2015-10-05] (Malwarebytes) R2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1135416 2015-10-05] (Malwarebytes) S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [268192 2014-09-23] () S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [366552 2015-07-07] (Microsoft Corporation) S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2015-07-07] (Microsoft Corporation) R2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [3820960 2014-09-23] (Intel® Corporation) ===================== Pilotes (Avec liste blanche) ========================== (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.) R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [28656 2015-09-16] (AVAST Software) R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [90968 2015-09-16] (AVAST Software) R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93528 2015-09-16] (AVAST Software) R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65224 2015-09-16] (AVAST Software) R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1059656 2015-11-14] (AVAST Software) R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [449992 2015-11-14] (AVAST Software) R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [150672 2015-09-16] (AVAST Software) R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [274808 2015-09-16] (AVAST Software) R3 ATP; C:\Windows\System32\drivers\AsusTP.sys [73512 2014-09-19] (ASUS Corporation) S3 AX88772; C:\Windows\system32\DRIVERS\ax88772.sys [113864 2013-07-18] (ASIX Electronics Corp.) S3 BthA2DP; C:\Windows\system32\drivers\BthA2DP.sys [132608 2015-01-30] (Microsoft Corporation) S3 BthHFAud; C:\Windows\System32\drivers\BthHfAud.sys [32768 2014-10-08] (Microsoft Corporation) R3 dptf_cpu; C:\Windows\System32\drivers\dptf_cpu.sys [38720 2015-01-13] (Intel Corporation) R3 dptf_pch; C:\Windows\System32\drivers\dptf_pch.sys [38208 2015-01-13] (Intel Corporation) S3 dtlitescsibus; C:\Windows\System32\drivers\dtlitescsibus.sys [30264 2015-10-29] (Disc Soft Ltd) S0 ebdrv; C:\Windows\System32\drivers\evbda.sys [3357024 2013-08-22] (Broadcom Corporation) R3 esif_lf; C:\Windows\System32\drivers\esif_lf.sys [216904 2015-01-13] (Intel Corporation) R3 ibtusb; C:\Windows\system32\DRIVERS\ibtusb.sys [219592 2014-08-13] (Intel Corporation) R0 IntelHSWPcc; C:\Windows\System32\drivers\IntelPcc.sys [79528 2014-10-16] (Intel Corporation) R3 kbfiltr; C:\Windows\System32\drivers\kbfiltr.sys [17280 2012-08-06] ( ) R3 MBAMProtector; C:\WINDOWS\system32\drivers\mbam.sys [25816 2015-10-05] (Malwarebytes) R3 MBAMSwissArmy; C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [192216 2015-12-30] (Malwarebytes) R3 MBAMWebAccessControl; C:\WINDOWS\system32\drivers\mwac.sys [64216 2015-10-05] (Malwarebytes Corporation) R3 MEIx64; C:\Windows\system32\DRIVERS\TeeDriverx64.sys [126976 2014-09-03] (Intel Corporation) R3 NETwNb64; C:\Windows\system32\DRIVERS\Netwbw02.sys [3486488 2014-10-06] (Intel Corporation) R0 ngvss; C:\Windows\System32\Drivers\ngvss.sys [115152 2015-09-16] (AVAST Software) R3 SensorsAlsDriver; C:\Windows\System32\drivers\WUDFRd.sys [226304 2014-10-29] (Microsoft Corporation) R2 VBoxAswDrv; C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxAswDrv.sys [273824 2015-09-16] (Avast Software) S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44560 2015-07-07] (Microsoft Corporation) S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [270168 2015-07-07] (Microsoft Corporation) S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114520 2015-07-07] (Microsoft Corporation) U0 msahci; system32\drivers\msahci.sys [X] ==================== NetSvcs (Avec liste blanche) =================== (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.) ==================== Un mois - Créés - fichiers et dossiers ======== (Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.) 2015-12-30 13:41 - 2015-12-30 13:42 - 00021871 _____ C:\Users\Nicolas\Downloads\FRST.txt 2015-12-30 13:41 - 2015-12-30 13:41 - 02370560 _____ (Farbar) C:\Users\Nicolas\Downloads\FRST64.exe 2015-12-30 13:41 - 2015-12-30 13:41 - 00000000 ____D C:\FRST 2015-12-30 13:28 - 2015-12-30 13:28 - 01743360 _____ C:\Users\Nicolas\Downloads\adwcleaner_5.026 (1).exe 2015-12-30 13:25 - 2015-12-30 13:25 - 00000000 ____D C:\Users\Nicolas\AppData\Local\VirtualStore 2015-12-30 13:19 - 2015-12-30 13:19 - 01743360 _____ C:\Users\Nicolas\Downloads\adwcleaner_5.026.exe 2015-12-29 18:34 - 2015-12-29 18:35 - 00000000 ____D C:\Users\Nicolas\AppData\Roaming\ZHP 2015-12-29 18:34 - 2015-12-29 18:34 - 02048000 _____ C:\Users\Nicolas\Downloads\ZHPDiag3.exe 2015-12-29 17:22 - 2015-12-29 17:39 - 00000824 _____ C:\runcheck.txt 2015-12-29 17:22 - 2015-12-29 17:22 - 01309184 _____ C:\Users\Nicolas\Downloads\zoek.exe 2015-12-29 17:22 - 2015-12-29 17:22 - 00000000 ____D C:\zoek_backup 2015-12-29 17:00 - 2015-12-29 17:00 - 00002203 _____ C:\Users\Public\Desktop\Google Chrome.lnk 2015-12-29 17:00 - 2015-12-29 17:00 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome 2015-12-29 16:59 - 2015-12-30 13:32 - 00001094 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job 2015-12-29 16:59 - 2015-12-30 02:10 - 00001098 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job 2015-12-29 16:59 - 2015-12-29 17:05 - 00004070 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA 2015-12-29 16:59 - 2015-12-29 17:05 - 00003834 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore 2015-12-29 16:56 - 2015-12-29 16:57 - 01622528 _____ C:\Users\Nicolas\Downloads\ResetBrowser.exe 2015-12-29 16:33 - 2015-12-30 13:32 - 00192216 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys 2015-12-29 16:10 - 2015-12-29 16:10 - 00001120 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk 2015-12-29 16:10 - 2015-12-29 16:10 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware 2015-12-29 16:10 - 2015-12-29 16:10 - 00000000 ____D C:\ProgramData\Malwarebytes 2015-12-29 16:10 - 2015-12-29 16:10 - 00000000 ____D C:\Program Files (x86)\Malwarebytes Anti-Malware 2015-12-29 16:10 - 2015-10-05 09:50 - 00109272 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamchameleon.sys 2015-12-29 16:10 - 2015-10-05 09:50 - 00064216 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mwac.sys 2015-12-29 16:10 - 2015-10-05 09:50 - 00025816 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbam.sys 2015-12-29 16:09 - 2015-12-29 16:09 - 22908888 _____ (Malwarebytes ) C:\Users\Nicolas\Downloads\mbam-setup-2.2.0.1024.exe 2015-12-29 15:50 - 2015-12-29 15:51 - 00000000 ___HD C:\$WINDOWS.~BT 2015-12-27 16:29 - 2015-12-27 16:29 - 00000290 __RSH C:\ProgramData\ntuser.pol 2015-12-27 16:06 - 2015-12-27 16:06 - 00000000 ____D C:\Users\Nicolas\AppData\LocalLow\uTorrent 2015-12-24 18:43 - 2015-12-24 18:43 - 00049906 _____ C:\Users\Nicolas\Downloads\the-leftovers-s02e10-final-vostfr-hdtv.torrent 2015-12-24 18:43 - 2015-12-24 18:43 - 00045812 _____ C:\Users\Nicolas\Downloads\the-leftovers-s02e09-vostfr-hdtv.torrent 2015-12-24 18:42 - 2015-12-24 18:42 - 00045855 _____ C:\Users\Nicolas\Downloads\the-leftovers-s02e08-vostfr-hdtv.torrent 2015-12-24 18:42 - 2015-12-24 18:42 - 00045835 _____ C:\Users\Nicolas\Downloads\the-leftovers-s02e07-vostfr-hdtv.torrent 2015-12-24 18:42 - 2015-12-24 18:42 - 00045769 _____ C:\Users\Nicolas\Downloads\the-leftovers-s02e06-vostfr-hdtv (1).torrent 2015-12-24 18:41 - 2015-12-24 18:41 - 00045850 _____ C:\Users\Nicolas\Downloads\the-leftovers-s02e03-vostfr-hdtv.torrent 2015-12-24 18:41 - 2015-12-24 18:41 - 00045805 _____ C:\Users\Nicolas\Downloads\the-leftovers-s02e05-vostfr-hdtv.torrent 2015-12-24 18:41 - 2015-12-24 18:41 - 00045762 _____ C:\Users\Nicolas\Downloads\the-leftovers-s02e04-vostfr-hdtv.torrent 2015-12-24 18:39 - 2015-12-24 18:39 - 00049794 _____ C:\Users\Nicolas\Downloads\the-leftovers-s02e01-vostfr-hdtv.torrent 2015-12-24 18:39 - 2015-12-24 18:39 - 00045830 _____ C:\Users\Nicolas\Downloads\the-leftovers-s02e02-vostfr-hdtv.torrent 2015-12-23 19:17 - 2015-12-23 19:17 - 00115529 _____ C:\Users\Nicolas\Downloads\everest-french-dvdrip-2015.torrent 2015-12-23 19:15 - 2015-12-23 19:15 - 00115459 _____ C:\Users\Nicolas\Downloads\seul-sur-mars-french-dvdrip-2015.torrent 2015-12-23 16:38 - 2015-12-23 16:38 - 00038858 _____ C:\Users\Nicolas\Downloads\the-leftovers-s01e10-final-french-hdtv (1).torrent 2015-12-23 16:35 - 2015-12-23 16:35 - 00041266 _____ C:\Users\Nicolas\Downloads\the-leftovers-s01e07-french-hdtv.torrent 2015-12-23 16:35 - 2015-12-23 16:35 - 00038946 _____ C:\Users\Nicolas\Downloads\the-leftovers-s01e09-french-hdtv.torrent 2015-12-23 16:35 - 2015-12-23 16:35 - 00038866 _____ C:\Users\Nicolas\Downloads\the-leftovers-s01e08-french-hdtv.torrent 2015-12-23 16:35 - 2015-12-23 16:35 - 00038858 _____ C:\Users\Nicolas\Downloads\the-leftovers-s01e10-final-french-hdtv.torrent 2015-12-23 16:34 - 2015-12-23 16:34 - 00036226 _____ C:\Users\Nicolas\Downloads\the-leftovers-s01e06-french-hdtv.torrent 2015-12-23 16:33 - 2015-12-23 16:33 - 00045769 _____ C:\Users\Nicolas\Downloads\the-leftovers-s02e06-vostfr-hdtv.torrent 2015-12-23 00:00 - 2015-12-23 00:00 - 00037866 _____ C:\Users\Nicolas\Downloads\the-leftovers-s01e04-french-hdtv.torrent 2015-12-22 23:58 - 2015-12-22 23:58 - 00042306 _____ C:\Users\Nicolas\Downloads\the-leftovers-s01e05-french-hdtv.torrent 2015-12-22 23:57 - 2015-12-22 23:57 - 00038926 _____ C:\Users\Nicolas\Downloads\the-leftovers-s01e03-french-hdtv.torrent 2015-12-22 23:56 - 2015-12-22 23:56 - 00049826 _____ C:\Users\Nicolas\Downloads\the-leftovers-s01e01-french-hdtv.torrent 2015-12-22 23:56 - 2015-12-22 23:56 - 00039646 _____ C:\Users\Nicolas\Downloads\the-leftovers-s01e02-french-hdtv.torrent 2015-12-22 16:23 - 2015-12-22 16:23 - 01229262 _____ C:\Users\Nicolas\Downloads\the.leftovers.saison.1.french.[www.zetorrents.com] (1).torrent 2015-12-22 16:03 - 2015-12-22 16:03 - 01229262 _____ C:\Users\Nicolas\Downloads\the.leftovers.saison.1.french.[www.zetorrents.com].torrent 2015-12-22 05:17 - 2015-12-22 11:19 - 00000001 _____ C:\WINDOWS\SysWOW64\fr.html 2015-12-21 18:12 - 2015-12-21 18:12 - 00000000 ____D C:\WINDOWS\System32\Tasks\AVAST Software 2015-12-21 18:12 - 2015-12-21 18:12 - 00000000 ____D C:\Program Files\Common Files\AV 2015-12-21 14:35 - 2015-12-21 14:35 - 00058448 _____ C:\Users\Nicolas\Downloads\star-wars-episode-iii-la-revanche-des-sith-french-dvdrip-ac3-2011.torrent 2015-12-21 14:34 - 2015-12-21 14:34 - 00058447 _____ C:\Users\Nicolas\Downloads\star-wars-episode-ii-l-attaque-des-clones-french-dvdrip-ac3-2011.torrent 2015-12-21 14:34 - 2015-12-21 14:34 - 00058447 _____ C:\Users\Nicolas\Downloads\star-wars-episode-ii-l-attaque-des-clones-french-dvdrip-ac3-2011 (1).torrent 2015-12-20 22:30 - 2015-12-20 22:30 - 00016544 _____ C:\Users\Nicolas\Downloads\le-diner-de-cons-french-dvdrip-1998 (3).torrent 2015-12-20 20:27 - 2015-12-20 20:27 - 00016544 _____ C:\Users\Nicolas\Downloads\le-diner-de-cons-french-dvdrip-1998 (2).torrent 2015-12-20 20:27 - 2015-12-20 20:27 - 00016544 _____ C:\Users\Nicolas\Downloads\le-diner-de-cons-french-dvdrip-1998 (1).torrent 2015-12-20 20:26 - 2015-12-20 20:26 - 00016544 _____ C:\Users\Nicolas\Downloads\le-diner-de-cons-french-dvdrip-1998.torrent 2015-12-19 13:14 - 2015-10-22 18:43 - 00007168 _____ (Microsoft Corporation) C:\WINDOWS\system32\kbdgeoqw.dll 2015-12-19 13:14 - 2015-10-22 18:43 - 00007168 _____ (Microsoft Corporation) C:\WINDOWS\system32\KBDAZST.DLL 2015-12-19 13:14 - 2015-10-22 18:43 - 00007168 _____ (Microsoft Corporation) C:\WINDOWS\system32\KBDAZEL.DLL 2015-12-19 13:14 - 2015-10-22 18:43 - 00007168 _____ (Microsoft Corporation) C:\WINDOWS\system32\KBDAZE.DLL 2015-12-19 13:14 - 2015-10-22 17:59 - 00007168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kbdgeoqw.dll 2015-12-19 13:14 - 2015-10-22 17:59 - 00007168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KBDAZST.DLL 2015-12-19 13:14 - 2015-10-22 17:59 - 00007168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KBDAZEL.DLL 2015-12-19 13:14 - 2015-10-22 17:59 - 00007168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KBDAZE.DLL 2015-12-19 13:14 - 2015-10-22 17:21 - 01200128 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Globalization.dll 2015-12-19 13:14 - 2015-10-22 17:21 - 00323072 _____ (Microsoft Corporation) C:\WINDOWS\system32\GlobCollationHost.dll 2015-12-19 13:14 - 2015-10-22 16:58 - 00868864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Globalization.dll 2015-12-19 13:14 - 2015-10-22 16:58 - 00200704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GlobCollationHost.dll 2015-12-19 13:14 - 2015-10-22 15:08 - 00513456 _____ C:\WINDOWS\SysWOW64\locale.nls 2015-12-19 13:14 - 2015-10-22 15:08 - 00513456 _____ C:\WINDOWS\system32\locale.nls 2015-12-12 14:00 - 2015-12-12 14:00 - 01844475 _____ C:\Users\Nicolas\Downloads\Présentation Power Point.pptx 2015-12-12 01:59 - 2015-10-10 18:20 - 00186880 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpapisrv.dll 2015-12-12 01:59 - 2015-10-08 17:11 - 00060928 _____ (Microsoft Corporation) C:\WINDOWS\system32\PCPKsp.dll 2015-12-12 01:59 - 2015-10-08 16:50 - 00053248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PCPKsp.dll 2015-12-12 01:58 - 2015-10-11 07:34 - 00468824 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBHUB3.SYS 2015-12-12 01:58 - 2015-10-11 07:34 - 00462168 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbhub.sys 2015-12-12 01:58 - 2015-10-11 07:34 - 00443224 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbport.sys 2015-12-12 01:58 - 2015-10-11 07:34 - 00092504 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbehci.sys 2015-12-12 01:58 - 2015-10-11 07:34 - 00027992 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbd.sys 2015-12-12 01:58 - 2015-10-10 19:41 - 00037376 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbuhci.sys 2015-12-12 01:58 - 2015-10-10 19:41 - 00030208 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbohci.sys 2015-12-12 01:58 - 2015-10-10 19:40 - 00078848 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\winusb.sys 2015-12-12 01:58 - 2015-10-05 19:28 - 00146432 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininit.exe 2015-12-12 01:58 - 2015-10-05 19:25 - 00572928 _____ (Microsoft Corporation) C:\WINDOWS\system32\winlogon.exe 2015-12-12 01:58 - 2015-10-03 20:41 - 01385280 _____ (Microsoft Corporation) C:\WINDOWS\system32\msctf.dll 2015-12-12 01:58 - 2015-10-03 20:41 - 01124384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msctf.dll 2015-12-11 10:17 - 2015-12-09 17:53 - 02741012 _____ C:\Users\Nicolas\Desktop\Projet Class Croute Final.pdf 2015-12-08 23:44 - 2015-11-11 17:21 - 25837568 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll 2015-12-08 23:44 - 2015-11-11 16:41 - 20366848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll 2015-12-08 23:44 - 2015-11-05 09:59 - 00145408 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rmcast.sys 2015-12-08 23:43 - 2015-11-11 17:00 - 12856832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll 2015-12-08 23:43 - 2015-11-11 16:44 - 00279040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtrans.dll 2015-12-08 23:43 - 2015-11-11 16:44 - 00128000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iepeers.dll 2015-12-08 23:43 - 2015-11-11 16:12 - 00092160 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll 2015-12-08 23:43 - 2015-11-10 01:13 - 00496640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll 2015-12-08 23:43 - 2015-11-10 01:11 - 00064000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MshtmlDac.dll 2015-12-08 23:43 - 2015-11-10 01:08 - 02280448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll 2015-12-08 23:43 - 2015-11-10 01:04 - 00476160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieui.dll 2015-12-08 23:43 - 2015-11-10 01:02 - 00663552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll 2015-12-08 23:43 - 2015-11-10 00:46 - 04514816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll 2015-12-08 23:43 - 2015-11-10 00:41 - 00880128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcomm.dll 2015-12-08 23:43 - 2015-11-10 00:37 - 00230400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webcheck.dll 2015-12-08 23:43 - 2015-11-10 00:36 - 02050560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl 2015-12-08 23:43 - 2015-11-10 00:36 - 00687104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll 2015-12-08 23:43 - 2015-11-10 00:36 - 00325632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll 2015-12-08 23:43 - 2015-11-10 00:25 - 01048576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\actxprxy.dll 2015-12-08 23:43 - 2015-11-10 00:17 - 02011136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll 2015-12-08 23:43 - 2015-11-10 00:14 - 01311744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll 2015-12-08 23:43 - 2015-11-10 00:12 - 00710144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll 2015-12-08 23:43 - 2015-11-08 23:15 - 02887168 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll 2015-12-08 23:43 - 2015-11-08 23:15 - 00571392 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll 2015-12-08 23:43 - 2015-11-08 23:04 - 05923840 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll 2015-12-08 23:43 - 2015-11-08 23:02 - 00615936 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieui.dll 2015-12-08 23:43 - 2015-11-08 23:01 - 00817664 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll 2015-12-08 23:43 - 2015-11-08 22:32 - 00315392 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtrans.dll 2015-12-08 23:43 - 2015-11-08 22:32 - 00145408 _____ (Microsoft Corporation) C:\WINDOWS\system32\iepeers.dll 2015-12-08 23:43 - 2015-11-08 22:25 - 01032704 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcomm.dll 2015-12-08 23:43 - 2015-11-08 22:18 - 00262144 _____ (Microsoft Corporation) C:\WINDOWS\system32\webcheck.dll 2015-12-08 23:43 - 2015-11-08 22:16 - 00372224 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll 2015-12-08 23:43 - 2015-11-08 22:15 - 00798208 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll 2015-12-08 23:43 - 2015-11-08 22:15 - 00718336 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe 2015-12-08 23:43 - 2015-11-08 22:14 - 14456832 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll 2015-12-08 23:43 - 2015-11-08 22:13 - 02123264 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl 2015-12-08 23:43 - 2015-11-08 21:53 - 02880000 _____ (Microsoft Corporation) C:\WINDOWS\system32\actxprxy.dll 2015-12-08 23:43 - 2015-11-08 21:53 - 02487808 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll 2015-12-08 23:43 - 2015-11-08 21:41 - 01546752 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll 2015-12-08 23:43 - 2015-11-08 21:30 - 00800768 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll 2015-12-08 23:38 - 2015-11-22 07:59 - 07455064 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe 2015-12-08 23:38 - 2015-11-22 07:59 - 01735000 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll 2015-12-08 23:38 - 2015-11-22 07:59 - 01659568 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi 2015-12-08 23:38 - 2015-11-22 07:59 - 01519592 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe 2015-12-08 23:38 - 2015-11-22 07:59 - 01487008 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi 2015-12-08 23:38 - 2015-11-22 07:59 - 01355848 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe 2015-12-08 23:38 - 2015-11-22 07:58 - 01499920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll 2015-12-08 23:38 - 2015-11-21 19:32 - 00016896 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntvdm64.dll 2015-12-08 23:38 - 2015-11-21 18:50 - 00014336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntvdm64.dll 2015-12-08 23:38 - 2015-11-21 17:59 - 01706496 _____ (Microsoft Corporation) C:\WINDOWS\system32\comsvcs.dll 2015-12-08 23:38 - 2015-11-21 17:49 - 01344000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\comsvcs.dll 2015-12-08 23:38 - 2015-11-21 17:47 - 00522240 _____ (Microsoft Corporation) C:\WINDOWS\system32\catsrvut.dll 2015-12-08 23:38 - 2015-11-21 17:40 - 00414208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\catsrvut.dll 2015-12-08 23:38 - 2015-11-09 01:41 - 01540728 _____ (Microsoft Corporation) C:\WINDOWS\system32\user32.dll 2015-12-08 23:38 - 2015-11-08 23:30 - 04176384 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys 2015-12-08 23:38 - 2015-11-08 22:23 - 01994752 _____ (Microsoft Corporation) C:\WINDOWS\system32\DWrite.dll 2015-12-08 23:38 - 2015-11-08 22:13 - 01383936 _____ (Microsoft Corporation) C:\WINDOWS\system32\FntCache.dll 2015-12-08 23:38 - 2015-11-08 22:01 - 01753600 _____ (Microsoft Corporation) C:\WINDOWS\system32\GdiPlus.dll 2015-12-08 23:38 - 2015-11-08 21:52 - 01559552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DWrite.dll 2015-12-08 23:38 - 2015-11-08 21:48 - 01376256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\user32.dll 2015-12-08 23:38 - 2015-11-08 21:42 - 01490944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GdiPlus.dll 2015-12-08 23:35 - 2015-11-20 23:47 - 00136904 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe 2015-12-08 23:35 - 2015-11-20 19:18 - 00052224 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups2.dll 2015-12-08 23:35 - 2015-11-20 17:58 - 03706880 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll 2015-12-08 23:35 - 2015-11-20 17:47 - 00035840 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapp.exe 2015-12-08 23:35 - 2015-11-20 17:46 - 00140288 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuwebv.dll 2015-12-08 23:35 - 2015-11-20 17:44 - 00409088 _____ (Microsoft Corporation) C:\WINDOWS\system32\WUSettingsProvider.dll 2015-12-08 23:35 - 2015-11-20 17:44 - 00095744 _____ (Microsoft Corporation) C:\WINDOWS\system32\wudriver.dll 2015-12-08 23:35 - 2015-11-20 17:43 - 00897024 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll 2015-12-08 23:35 - 2015-11-20 17:42 - 02243584 _____ (Microsoft Corporation) C:\WINDOWS\system32\wucltux.dll 2015-12-08 23:35 - 2015-11-20 17:30 - 00029696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapp.exe 2015-12-08 23:35 - 2015-11-20 17:29 - 00124928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuwebv.dll 2015-12-08 23:35 - 2015-11-20 17:28 - 00081920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wudriver.dll 2015-12-08 23:35 - 2015-11-20 17:27 - 00726528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapi.dll 2015-12-08 23:35 - 2015-10-28 16:49 - 02775552 _____ (Microsoft Corporation) C:\WINDOWS\system32\authui.dll 2015-12-08 23:35 - 2015-10-28 16:29 - 02462720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\authui.dll ==================== Un mois - Modifiés - fichiers et dossiers ======== (Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.) 2015-12-30 13:41 - 2013-08-22 14:36 - 00000000 ____D C:\Windows 2015-12-30 13:40 - 2015-09-16 17:36 - 00003952 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{5D707A20-DE58-4C70-B0AB-680FD182011E} 2015-12-30 13:39 - 2015-07-22 10:31 - 00000000 ___DO C:\Users\Nicolas\OneDrive 2015-12-30 13:38 - 2014-10-29 13:12 - 00813786 _____ C:\WINDOWS\system32\perfh00C.dat 2015-12-30 13:38 - 2014-10-29 13:12 - 00159832 _____ C:\WINDOWS\system32\perfc00C.dat 2015-12-30 13:38 - 2014-03-18 16:26 - 01824010 _____ C:\WINDOWS\system32\PerfStringBackup.INI 2015-12-30 13:38 - 2013-08-22 14:36 - 00000000 ____D C:\WINDOWS\Inf 2015-12-30 13:37 - 2015-09-15 23:44 - 00003598 _____ C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-2208342337-2256596435-3857777218-1001 2015-12-30 13:32 - 2015-09-15 23:32 - 00001543 _____ C:\Users\Nicolas\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\AsusSmartGestureDetector.lnk 2015-12-30 13:32 - 2015-09-15 23:31 - 00000125 _____ C:\Users\Nicolas\AppData\Roaming\sp_data.sys 2015-12-30 13:32 - 2013-08-22 15:45 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT 2015-12-30 13:32 - 2013-08-22 14:25 - 00524288 ___SH C:\WINDOWS\system32\config\BBI 2015-12-30 13:31 - 2015-07-27 15:41 - 00000000 ____D C:\AdwCleaner 2015-12-30 12:00 - 2015-09-16 18:13 - 00003474 _____ C:\WINDOWS\System32\Tasks\ASUS Live Update1 2015-12-30 12:00 - 2015-09-16 18:13 - 00003464 _____ C:\WINDOWS\System32\Tasks\ASUS Live Update2 2015-12-30 05:36 - 2015-07-22 10:25 - 00000000 ____D C:\Users\Nicolas\AppData\Local\Packages 2015-12-29 16:59 - 2015-09-16 17:47 - 00000000 ____D C:\Program Files (x86)\Google 2015-12-29 16:57 - 2013-08-22 16:36 - 00000000 ____D C:\WINDOWS\SysWOW64\GroupPolicy 2015-12-29 16:06 - 2015-09-16 17:47 - 00000000 ____D C:\Users\Nicolas\AppData\Local\Google 2015-12-29 16:04 - 2015-09-16 17:46 - 00000000 ____D C:\Users\Nicolas\AppData\Local\Deployment 2015-12-29 16:01 - 2015-09-15 23:32 - 00001021 _____ C:\Users\Nicolas\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk 2015-12-29 15:53 - 2014-10-29 14:02 - 00000000 ___DC C:\WINDOWS\Panther 2015-12-29 15:50 - 2013-08-22 16:36 - 00000000 ____D C:\WINDOWS\AppReadiness 2015-12-29 12:17 - 2015-09-16 19:00 - 00000000 ____D C:\Users\Nicolas\AppData\Roaming\Skype 2015-12-28 13:45 - 2013-08-22 15:44 - 00481152 _____ C:\WINDOWS\system32\FNTCACHE.DAT 2015-12-27 16:29 - 2013-08-22 16:36 - 00000000 ___HD C:\WINDOWS\system32\GroupPolicy 2015-12-24 17:52 - 2013-08-22 16:36 - 00000000 ___HD C:\Program Files\WindowsApps 2015-12-22 13:41 - 2015-09-15 23:27 - 00000000 ____D C:\Users\Nicolas 2015-12-22 13:38 - 2015-09-16 17:29 - 00000000 ____D C:\ProgramData\Microsoft Help 2015-12-22 13:38 - 2014-10-29 07:19 - 00000000 ____D C:\Program Files (x86)\Microsoft Office 2015-12-22 13:15 - 2015-09-20 14:16 - 00000000 ___SD C:\WINDOWS\SysWOW64\GWX 2015-12-22 13:15 - 2015-09-20 14:16 - 00000000 ___SD C:\WINDOWS\system32\GWX 2015-12-22 13:15 - 2013-08-22 16:20 - 00000000 ____D C:\WINDOWS\CbsTemp 2015-12-20 21:59 - 2013-08-22 16:36 - 00000000 ____D C:\ProgramData\regid.1991-06.com.microsoft 2015-12-12 23:24 - 2015-09-20 14:12 - 00000000 ____D C:\WINDOWS\system32\MRT 2015-12-12 23:18 - 2015-09-20 14:12 - 140158008 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe 2015-12-11 23:40 - 2015-10-29 15:35 - 00003104 _____ C:\WINDOWS\System32\Tasks\Microsoft OneDrive Auto Update Task-S-1-5-21-2208342337-2256596435-3857777218-1001 2015-12-11 22:23 - 2014-10-29 07:25 - 00000000 ____D C:\ProgramData\Skype 2015-12-06 13:31 - 2015-09-16 18:12 - 00004182 _____ C:\WINDOWS\System32\Tasks\avast! Emergency Update 2015-12-01 18:19 - 2015-09-24 13:51 - 00826872 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe 2015-12-01 18:19 - 2015-09-24 13:51 - 00176632 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl ==================== Fichiers à la racine de certains dossiers ======= 2015-09-15 23:31 - 2015-12-30 13:32 - 0000125 _____ () C:\Users\Nicolas\AppData\Roaming\sp_data.sys 2014-10-29 07:25 - 2012-09-07 12:40 - 0000256 _____ () C:\ProgramData\SetStretch.cmd 2014-10-29 07:25 - 2009-07-22 11:04 - 0024576 _____ () C:\ProgramData\SetStretch.exe 2014-10-29 07:25 - 2012-09-07 12:37 - 0000103 _____ () C:\ProgramData\SetStretch.VBS Certains fichiers dans TEMP: ==================== C:\Users\Nicolas\AppData\Local\Temp\7za.exe C:\Users\Nicolas\AppData\Local\Temp\DaS_21.exe C:\Users\Nicolas\AppData\Local\Temp\hijackthis.exe C:\Users\Nicolas\AppData\Local\Temp\NirCmd.exe C:\Users\Nicolas\AppData\Local\Temp\PEVZ.EXE C:\Users\Nicolas\AppData\Local\Temp\remove.exe C:\Users\Nicolas\AppData\Local\Temp\sed.exe C:\Users\Nicolas\AppData\Local\Temp\shortcut.exe C:\Users\Nicolas\AppData\Local\Temp\sqlite3.dll C:\Users\Nicolas\AppData\Local\Temp\swreg.exe C:\Users\Nicolas\AppData\Local\Temp\swxcacls.exe C:\Users\Nicolas\AppData\Local\Temp\wget.exe C:\Users\Nicolas\AppData\Local\Temp\zoek-delete.exe ==================== Bamital & volsnap ================= (Il n'y a pas de correction automatique pour les fichiers qui ne satisfont pas à la vérification.) C:\WINDOWS\system32\winlogon.exe => Le fichier est signé numériquement C:\WINDOWS\system32\wininit.exe => Le fichier est signé numériquement C:\WINDOWS\explorer.exe => Le fichier est signé numériquement C:\WINDOWS\SysWOW64\explorer.exe => Le fichier est signé numériquement C:\WINDOWS\system32\svchost.exe => Le fichier est signé numériquement C:\WINDOWS\SysWOW64\svchost.exe => Le fichier est signé numériquement C:\WINDOWS\system32\services.exe => Le fichier est signé numériquement C:\WINDOWS\system32\User32.dll => Le fichier est signé numériquement C:\WINDOWS\SysWOW64\User32.dll => Le fichier est signé numériquement C:\WINDOWS\system32\userinit.exe => Le fichier est signé numériquement C:\WINDOWS\SysWOW64\userinit.exe => Le fichier est signé numériquement C:\WINDOWS\system32\rpcss.dll => Le fichier est signé numériquement C:\WINDOWS\system32\dnsapi.dll => Le fichier est signé numériquement C:\WINDOWS\SysWOW64\dnsapi.dll => Le fichier est signé numériquement C:\WINDOWS\system32\Drivers\volsnap.sys => Le fichier est signé numériquement LastRegBack: 2015-12-27 14:35 ==================== Fin de FRST.txt ============================