Résultats d'analyse de Farbar Recovery Scan Tool (FRST) (x86) Version:17-01-2015 Exécuté par ninine (administrateur) sur PC-DE-NININE (17-01-2016 18:49:26) Exécuté depuis C:\Users\ninine\Desktop Profils chargés: ninine (Profils disponibles: ninine) Platform: Microsoft® Windows Vista™ Édition Familiale Premium Service Pack 2 (X86) Langue: Français (France) Internet Explorer Version 8 (Navigateur par défaut: Chrome) Mode d'amorçage: Normal Tutoriel pour Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processus (Avec liste blanche) ================= (Si un élément est inclus dans le fichier fixlist.txt, le processus sera arrêté. Le fichier ne sera pas déplacé.) (IDT, Inc.) C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_b9d13b43\stacsv.exe (Microsoft Corporation) C:\Windows\System32\SLsvc.exe (Microsoft Corporation) C:\Windows\System32\wlanext.exe (AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe (ArcSoft Inc.) C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe (Andrea Electronics Corporation) C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_b9d13b43\AEstSrv.exe (Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe (Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe (Hewlett-Packard Company) C:\Program Files\Common Files\LightScribe\LSSrvc.exe () C:\Program Files\SMINST\BLService.exe () C:\Program Files\CyberLink\Shared files\RichVideo.exe (TomTom) C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe (RaMMicHaeL) C:\Program Files\Unchecky\bin\unchecky_svc.exe (Microsoft Corp.) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE (RaMMicHaeL) C:\Program Files\Unchecky\bin\unchecky_bg.exe (Microsoft Corp.) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVCM.EXE (Intel Corporation) C:\Windows\System32\hkcmd.exe (Intel Corporation) C:\Windows\System32\igfxpers.exe (Synaptics, Inc.) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe (CyberLink Corp.) C:\Program Files\HP\QuickPlay\QPService.exe (Microsoft Corporation) C:\Program Files\Windows Defender\MSASCui.exe ( Hewlett-Packard Development Company, L.P.) C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QLBCTRL.exe (Hewlett-Packard) C:\Program Files\HP\HP Software Update\hpwuSchd2.exe (Hewlett-Packard) C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe (Microsoft Corporation) C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe (Microsoft Corporation) C:\Windows\WindowsMobile\wmdSync.exe (AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe (Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe (IDT, Inc.) C:\Program Files\IDT\WDM\sttray.exe (Microsoft Corporation) C:\Windows\ehome\ehtray.exe () C:\Program Files\FileHippo.com\FileHippo.AppManager.exe (Nico Mak Computing) C:\Program Files\WinZip\WZUpdateNotifier.exe (WinZip Computing, S.L.) C:\Program Files\WinZip\WzPreloader.exe (Intel Corporation) C:\Windows\System32\igfxsrvc.exe (Microsoft Corporation) C:\Windows\System32\wbem\unsecapp.exe (Piriform Ltd) C:\Program Files\CCleaner\CCleaner.exe (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe (Nico Mak Computing) C:\Program Files\WinZip\FAHWindow32.exe (Microsoft Corporation) C:\Windows\ehome\ehmsas.exe (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe (Synaptics, Inc.) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe (Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe (Hewlett-Packard Development Company, L.P.) C:\Program Files\Hewlett-Packard\Shared\hpqWmiEx.exe (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe (Microsoft Corporation) C:\Windows\System32\wbem\unsecapp.exe (Hewlett-Packard Development Company, L.P.) C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe () C:\Program Files\Hewlett-Packard\Shared\HpqToaster.exe (Hewlett-Packard) C:\Program Files\Hewlett-Packard\HP Health Check\HPHC_Service.exe (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe (Microsoft Corporation) C:\Windows\System32\wuauclt.exe (Microsoft Corporation) C:\Windows\System32\conime.exe ==================== Registre (Avec liste blanche) =========================== (Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé. Le fichier ne sera pas déplacé.) HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [1410344 2008-12-04] (Synaptics, Inc.) HKLM\...\Run: [QPService] => C:\Program Files\HP\QuickPlay\QPService.exe [468264 2008-09-23] (CyberLink Corp.) HKLM\...\Run: [UpdateLBPShortCut] => C:\Program Files\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe [210216 2008-06-13] (CyberLink Corp.) HKLM\...\Run: [UpdatePSTShortCut] => C:\Program Files\CyberLink\DVD Suite\MUITransfer\MUIStartMenu.exe [210216 2008-12-24] (CyberLink Corp.) HKLM\...\Run: [UCam_Menu] => C:\Program Files\CyberLink\YouCam\MUITransfer\MUIStartMenu.exe [218408 2008-12-03] (CyberLink Corp.) HKLM\...\Run: [Windows Defender] => C:\Program Files\Windows Defender\MSASCui.exe [1008184 2008-01-21] (Microsoft Corporation) HKLM\...\Run: [QlbCtrl.exe] => C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe [206128 2008-10-10] ( Hewlett-Packard Development Company, L.P.) HKLM\...\Run: [UpdateP2GoShortCut] => C:\Program Files\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe [210216 2008-10-30] (CyberLink Corp.) HKLM\...\Run: [UpdatePDIRShortCut] => C:\Program Files\CyberLink\PowerDirector\MUITransfer\MUIStartMenu.exe [210216 2008-06-13] (CyberLink Corp.) HKLM\...\Run: [HP Health Check Scheduler] => c:\Program Files\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe [75008 2008-10-09] (Hewlett-Packard) HKLM\...\Run: [HP Software Update] => C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe [54576 2008-12-08] (Hewlett-Packard) HKLM\...\Run: [WirelessAssistant] => C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe [432432 2008-12-08] (Hewlett-Packard) HKLM\...\Run: [GrooveMonitor] => C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe [30040 2009-02-26] (Microsoft Corporation) HKLM\...\Run: [Windows Mobile-based device management] => C:\Windows\WindowsMobile\wmdSync.exe [215552 2008-01-21] (Microsoft Corporation) HKLM\...\Run: [NPSStartup] => [X] HKLM\...\Run: [Nikon Message Center 2] => C:\Program Files\Nikon\Nikon Message Center 2\NkMC2.exe [619008 2010-05-25] (Nikon Corporation) HKLM\...\Run: [APSDaemon] => C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe [60712 2015-03-20] (Apple Inc.) HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [7021880 2015-12-08] (AVAST Software) HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [157456 2015-09-12] (Apple Inc.) HKLM\...\Run: [SysTrayApp] => C:\Program Files\IDT\WDM\sttray.exe [483420 2009-02-23] (IDT, Inc.) HKU\S-1-5-21-1328600180-2053625278-3114697095-1000\...\Run: [ehTray.exe] => C:\Windows\ehome\ehTray.exe [125952 2008-01-21] (Microsoft Corporation) HKU\S-1-5-21-1328600180-2053625278-3114697095-1000\...\Run: [Facebook Update] => "C:\Users\ninine\AppData\Local\Facebook\Update\FacebookUpdate.exe" /c /nocrashserver HKU\S-1-5-21-1328600180-2053625278-3114697095-1000\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner.exe [6602152 2015-12-08] (Piriform Ltd) HKU\S-1-5-21-1328600180-2053625278-3114697095-1000\...\Run: [FileHippo.com] => C:\Program Files\FileHippo.com\FileHippo.AppManager.exe [10566352 2015-09-02] () HKU\S-1-5-21-1328600180-2053625278-3114697095-1000\...\MountPoints2: {49462c1d-5e75-11e2-94ec-00238bfb70a3} - "G:\WD SmartWare.exe" autoplay=true HKU\S-1-5-21-1328600180-2053625278-3114697095-1000\...\MountPoints2: {9c2f4e93-d3bf-11df-852f-00238bfb70a3} - F:\Setup.exe HKU\S-1-5-21-1328600180-2053625278-3114697095-1000\...\MountPoints2: {9f121f64-b9fd-11e0-9ad4-00238bfb70a3} - F:\Startme.exe HKU\S-1-5-21-1328600180-2053625278-3114697095-1000\...\MountPoints2: {c590d754-7369-11e2-ba57-00238bfb70a3} - G:\LaunchU3.exe -a HKU\S-1-5-21-1328600180-2053625278-3114697095-1000\...\MountPoints2: {e02e3241-cf90-11e2-bb08-00238bfb70a3} - F:\Startme.exe HKU\S-1-5-21-1328600180-2053625278-3114697095-1000\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\system32\PhotoScreensaver.scr [704512 2009-04-11] (Microsoft Corporation) HKU\S-1-5-18\...\Run: [GarminExpressTrayApp] => C:\Program Files\Garmin\Express Tray\ExpressTray.exe [1403304 2015-10-29] (Garmin Ltd. or its subsidiaries) ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2015-12-08] (AVAST Software) ShellIconOverlayIdentifiers: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => Pas de fichier ShellIconOverlayIdentifiers: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => Pas de fichier ShellIconOverlayIdentifiers: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => Pas de fichier Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\FAH.lnk [2015-12-19] ShortcutTarget: FAH.lnk -> C:\Program Files\WinZip\FAHConsole.exe (Nico Mak Computing) Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Notifications de Mises à jour.lnk [2015-12-19] ShortcutTarget: Notifications de Mises à jour.lnk -> C:\Program Files\WinZip\WZUpdateNotifier.exe (Nico Mak Computing) Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\WinZip Préchargeur.lnk [2015-12-19] ShortcutTarget: WinZip Préchargeur.lnk -> C:\Program Files\WinZip\WzPreloader.exe (WinZip Computing, S.L.) BootExecute: autocheck autochk /p \??\F:autocheck autochk * sdnclean.exe ==================== Internet (Avec liste blanche) ==================== (Si un élément est inclus dans le fichier fixlist.txt, s'il s'agit d'un élément du Registre, il sera supprimé ou restauré à la valeur par défaut.) Winsock: Catalog5 07 C:\Program Files\Bonjour\mdnsNSP.dll [121704 2011-08-30] (Apple Inc.) Hosts: Il y a plus d'un élément dans hosts. Voir la section Hosts de Addition.txt Tcpip\Parameters: [DhcpNameServer] 192.168.1.254 Tcpip\..\Interfaces\{0EFB7B22-3D5A-495B-8F36-C7FF35AADB45}: [DhcpNameServer] 192.168.0.1 Tcpip\..\Interfaces\{99D9CFC7-EC83-4571-AF6C-87CBA2DF6F2B}: [DhcpNameServer] 192.168.42.129 Tcpip\..\Interfaces\{9D510677-BFC6-4787-986B-11A0F8E6CABE}: [DhcpNameServer] 192.168.1.254 Internet Explorer: ================== HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://www.google.com/?trackid=sp-006 HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxps://www.google.com/search?trackid=sp-006&q={searchTerms} HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = HKU\S-1-5-21-1328600180-2053625278-3114697095-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://www.google.com/?trackid=sp-006 HKU\S-1-5-21-1328600180-2053625278-3114697095-1000\Software\Microsoft\Internet Explorer\Main,Search Page = hxxps://www.google.com/search?trackid=sp-006&q={searchTerms} HKU\S-1-5-21-1328600180-2053625278-3114697095-1000\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxps://www.google.com/?trackid=sp-006 URLSearchHook: [S-1-5-21-1328600180-2053625278-3114697095-1000] ATTENTION => URLSearchHook par défaut est absent SearchScopes: HKLM -> DefaultScope {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL = hxxps://www.google.com/search?trackid=sp-006&q={searchTerms} SearchScopes: HKLM -> {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL = hxxps://www.google.com/search?trackid=sp-006&q={searchTerms} SearchScopes: HKU\S-1-5-21-1328600180-2053625278-3114697095-1000 -> DefaultScope {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL = hxxps://www.google.com/search?trackid=sp-006&q={searchTerms} SearchScopes: HKU\S-1-5-21-1328600180-2053625278-3114697095-1000 -> {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL = hxxps://www.google.com/search?trackid=sp-006&q={searchTerms} BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26] (Microsoft Corporation) BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_31\bin\ssv.dll [2015-02-22] (Oracle Corporation) BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2015-11-07] (AVAST Software) BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28] (Microsoft Corp.) BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_31\bin\jp2ssv.dll [2015-02-22] (Oracle Corporation) Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll [2009-02-26] (Microsoft Corporation) Handler: ms-itss - {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Program Files\Common Files\Microsoft Shared\Information Retrieval\msitss.dll [2007-06-08] (Microsoft Corporation) StartMenuInternet: IEXPLORE.EXE - iexplore.exe FireFox: ======== FF ProfilePath: C:\Users\ninine\AppData\Roaming\Mozilla\Firefox\Profiles\n6kbgode.default FF DefaultSearchEngine: Yahoo! FF SelectedSearchEngine: Yahoo! FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32_20_0_0_267.dll [2015-12-30] () FF Plugin: @Apple.com/iTunes,version=1.0 -> C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll [2015-09-04] () FF Plugin: @Google.com/GoogleEarthPlugin -> C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll [2010-12-11] (Google) FF Plugin: @java.com/DTPlugin,version=11.31.2 -> C:\Program Files\Java\jre1.8.0_31\bin\dtplugin\npDeployJava1.dll [2015-02-22] (Oracle Corporation) FF Plugin: @java.com/JavaPlugin,version=11.31.2 -> C:\Program Files\Java\jre1.8.0_31\bin\plugin2\npjp2.dll [2015-02-22] (Oracle Corporation) FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.41212.0\npctrl.dll [2015-12-11] ( Microsoft Corporation) FF Plugin: @microsoft.com/WPF,version=3.5 -> c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll [2008-07-29] (Microsoft Corporation) FF Plugin: @SonyCreativeSoftware.com/Media Go,version=1.0 -> C:\Program Files\Sony\Media Go\npmediago.dll [2011-03-09] (Sony Network Entertainment International LLC) FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.29.1\npGoogleUpdate3.dll [2015-12-06] (Google Inc.) FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.29.1\npGoogleUpdate3.dll [2015-12-06] (Google Inc.) FF Plugin: @videolan.org/vlc,version=2.1.0 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN) FF Plugin: @videolan.org/vlc,version=2.1.3 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN) FF Plugin: @videolan.org/vlc,version=2.1.5 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN) FF Plugin: @videolan.org/vlc,version=2.2.1 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN) FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2014-12-03] (Adobe Systems Inc.) FF Plugin HKU\S-1-5-21-1328600180-2053625278-3114697095-1000: @Skype Limited.com/Facebook Video Calling Plugin -> C:\Users\ninine\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll [Pas de fichier] FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npdeployJava1.dll [2012-03-19] (Sun Microsystems, Inc.) FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npLegitCheckPlugin.dll [2009-06-25] (Microsoft Corporation) FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\NPMyrMus.dll [2011-04-04] (Myriad Software.) FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\NPOFF12.DLL [2006-10-26] (Microsoft Corporation) FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nppdf32.dll [2011-06-07] (Adobe Systems Inc.) FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin.dll [2010-10-27] (Apple Inc.) FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin2.dll [2010-10-27] (Apple Inc.) FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin3.dll [2010-10-27] (Apple Inc.) FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin4.dll [2010-10-27] (Apple Inc.) FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin5.dll [2010-10-27] (Apple Inc.) FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin6.dll [2010-10-27] (Apple Inc.) FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin7.dll [2010-10-27] (Apple Inc.) FF Extension: Microsoft .NET Framework Assistant - C:\Users\ninine\AppData\Roaming\Mozilla\Firefox\Profiles\n6kbgode.default\Extensions\{20a82645-c095-46ed-80e3-08825760534b}.xpi [2012-02-02] [non signé] FF Extension: Java Console - C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} [2012-03-19] [non signé] FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension FF Extension: Microsoft .NET Framework Assistant - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension [2009-10-10] [non signé] FF HKLM\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2015-12-08] Chrome: ======= CHR Profile: C:\Users\ninine\AppData\Local\Google\Chrome\User Data\Default CHR Extension: (WOT: Web of Trust, Website Reputation Ratings) - C:\Users\ninine\AppData\Local\Google\Chrome\User Data\Default\Extensions\bhmmomiinigofkjcapegjjndpbikblnp [2015-11-22] CHR Extension: (Avast Online Security) - C:\Users\ninine\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2015-11-07] CHR Extension: (Paiements via le Chrome Web Store) - C:\Users\ninine\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-08-22] CHR Profile: C:\Users\ninine\AppData\Local\Google\Chrome\User Data\Profile 1 CHR Extension: (Plus-HD-5.7) - C:\Users\ninine\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\eeibjhjmddgcdbniedjoghdgbofbecad [2014-01-12] CHR Extension: (Pas de nom) - C:\Users\ninine\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ehdmaehkiiampolokajdcelladmnopgp [2013-01-04] CHR Extension: (Pas de nom) - C:\Users\ninine\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\iibmmjhgclhlahmjniokmhleigemjpbh [2013-02-07] CHR HKLM\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2015-11-07] ==================== Services (Avec liste blanche) ======================== (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.) R2 ACDaemon; C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe [113152 2010-03-18] (ArcSoft Inc.) R2 AESTFilters; C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_b9d13b43\aestsrv.exe [81920 2009-02-12] (Andrea Electronics Corporation) R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [226440 2015-12-08] (AVAST Software) R2 ezSharedSvc; C:\Windows\System32\ezsvc7.dll [129992 2008-02-03] (EasyBits Sofware AS) [Fichier non signé] S2 Garmin Device Interaction Service; C:\Program Files\Garmin\Device Interaction Service\GarminService.exe [777744 2015-10-29] (Garmin Ltd. or its subsidiaries) R2 HP Health Check Service; c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe [94208 2008-10-09] (Hewlett-Packard) [Fichier non signé] S3 HP Port Resolver; C:\WINDOWS\SYSTEM32\SPOOL\DRIVERS\W32X86\3\HPBPRO.EXE [81920 2005-05-20] (Hewlett-Packard Company) S3 HP Status Server; C:\WINDOWS\SYSTEM32\SPOOL\DRIVERS\W32X86\3\HPBOID.EXE [73728 2004-10-16] (Hewlett-Packard Company) R3 hpqwmiex; C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe [223232 2008-10-23] (Hewlett-Packard Development Company, L.P.) [Fichier non signé] S3 IDriverT; C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-04] (Macrovision Corporation) [Fichier non signé] R2 LightScribeService; C:\Program Files\Common Files\LightScribe\LSSrvc.exe [73728 2008-06-09] (Hewlett-Packard Company) [Fichier non signé] S2 MBAMService; C:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe [1135416 2015-10-05] (Malwarebytes) R2 Recovery Service for Windows; C:\Program Files\SMINST\BLService.exe [365952 2008-12-23] () R2 RichVideo; C:\Program Files\CyberLink\Shared files\RichVideo.exe [247152 2008-11-26] () R2 STacSV; C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_b9d13b43\STacSV.exe [254034 2009-02-23] (IDT, Inc.) R2 Unchecky; C:\Program Files\Unchecky\bin\unchecky_svc.exe [243448 2015-12-30] (RaMMicHaeL) R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [272952 2008-01-21] (Microsoft Corporation) U4 AvastVBoxSvc; "C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe" [X] S2 Norton Internet Security; "C:\Program Files\Norton Internet Security\Engine\16.0.0.125\ccSvcHst.exe" /s "Norton Internet Security" /m "C:\Program Files\Norton Internet Security\Engine\16.0.0.125\diMaster.dll" /prefetch:1 ===================== Pilotes (Avec liste blanche) ========================== (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.) R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [24016 2015-12-08] (AVAST Software) R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [81168 2015-12-19] (AVAST Software) R1 aswRdr; C:\Windows\system32\drivers\aswRdr.sys [55200 2015-12-08] (AVAST Software) R0 aswRvrt; C:\Windows\system32\Drivers\aswRvrt.sys [49776 2015-12-08] (AVAST Software) R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [794952 2015-12-08] (AVAST Software) R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [436360 2015-12-19] (AVAST Software) R3 aswStmXP; C:\Windows\system32\drivers\aswStmXP.sys [165104 2015-12-08] (AVAST Software) S3 aswTdi; C:\Windows\system32\drivers\aswTdi.sys [58016 2015-12-08] (AVAST Software) R0 aswVmm; C:\Windows\system32\Drivers\aswVmm.sys [209432 2015-12-08] (AVAST Software) S3 FsUsbExDisk; C:\Windows\system32\FsUsbExDisk.SYS [36608 2009-10-05] () [Fichier non signé] S3 HPZid412; C:\Windows\System32\DRIVERS\HPZid412.sys [49664 2006-04-13] (HP) [Fichier non signé] S3 HPZipr12; C:\Windows\System32\DRIVERS\HPZipr12.sys [16496 2006-04-13] (HP) [Fichier non signé] S3 HPZius12; C:\Windows\System32\DRIVERS\HPZius12.sys [21568 2006-04-13] (HP) R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [23256 2015-10-05] (Malwarebytes) S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [51928 2015-10-05] (Malwarebytes Corporation) S3 Netaapl; C:\Windows\System32\DRIVERS\netaapl.sys [18432 2012-09-10] (Apple Inc.) [Fichier non signé] S3 NAVENG; \??\C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\VirusDefs\20080829.024\NAVENG.SYS [X] S3 NAVEX15; \??\C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\VirusDefs\20080829.024\NAVEX15.SYS [X] S1 SRTSP; \??\C:\Windows\system32\drivers\NIS\1000000.07D\SRTSP.SYS [X] S1 SRTSPX; \??\C:\Windows\system32\drivers\NIS\1000000.07D\SRTSPX.SYS [X] U4 VBoxAswDrv; \??\C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxAswDrv.sys [X] ==================== NetSvcs (Avec liste blanche) =================== (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.) ==================== Un mois - Créés - fichiers et dossiers ======== (Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.) 2016-01-17 18:49 - 2016-01-17 18:50 - 00024799 _____ C:\Users\ninine\Desktop\FRST.txt 2016-01-17 18:48 - 2016-01-17 18:49 - 00000000 ____D C:\FRST 2016-01-17 18:48 - 2016-01-17 18:48 - 01721856 _____ (Farbar) C:\Users\ninine\Desktop\FRST.exe 2016-01-17 12:24 - 2015-12-05 18:03 - 02873344 _____ (Microsoft Corporation) C:\Windows\system32\mf.dll 2016-01-17 12:24 - 2015-12-05 18:03 - 01567744 _____ (Microsoft Corporation) C:\Windows\system32\WMVENCOD.DLL 2016-01-17 12:24 - 2015-12-05 18:03 - 01548288 _____ (Microsoft Corporation) C:\Windows\system32\WMVDECOD.DLL 2016-01-17 12:24 - 2015-12-05 18:03 - 01377792 _____ (Microsoft Corporation) C:\Windows\system32\WMVSDECD.DLL 2016-01-17 12:24 - 2015-12-05 18:03 - 01326080 _____ (Microsoft Corporation) C:\Windows\system32\WMSPDMOE.DLL 2016-01-17 12:24 - 2015-12-05 18:03 - 01314816 _____ (Microsoft Corporation) C:\Windows\system32\quartz.dll 2016-01-17 12:24 - 2015-12-05 18:03 - 01114624 _____ (Microsoft Corporation) C:\Windows\system32\WMADMOE.DLL 2016-01-17 12:24 - 2015-12-05 18:03 - 00867328 _____ (Microsoft Corporation) C:\Windows\system32\wmpmde.dll 2016-01-17 12:24 - 2015-12-05 18:03 - 00767488 _____ (Microsoft Corporation) C:\Windows\system32\WMVSENCD.DLL 2016-01-17 12:24 - 2015-12-05 18:03 - 00759296 _____ (Microsoft Corporation) C:\Windows\system32\WMADMOD.DLL 2016-01-17 12:24 - 2015-12-05 18:03 - 00650240 _____ (Microsoft Corporation) C:\Windows\system32\WMVXENCD.DLL 2016-01-17 12:24 - 2015-12-05 18:03 - 00605184 _____ (Microsoft Corporation) C:\Windows\system32\WMSPDMOD.DLL 2016-01-17 12:24 - 2015-12-05 18:03 - 00506880 _____ (Microsoft Corporation) C:\Windows\system32\qedit.dll 2016-01-17 12:24 - 2015-12-05 18:03 - 00497152 _____ (Microsoft Corporation) C:\Windows\system32\qdvd.dll 2016-01-17 12:24 - 2015-12-05 18:03 - 00243200 _____ (Microsoft Corporation) C:\Windows\system32\VIDRESZR.DLL 2016-01-17 12:24 - 2015-12-05 18:03 - 00212992 _____ (Microsoft Corporation) C:\Windows\system32\RESAMPLEDMO.DLL 2016-01-17 12:24 - 2015-12-05 18:03 - 00208896 _____ (Microsoft Corporation) C:\Windows\system32\qasf.dll 2016-01-17 12:24 - 2015-12-05 18:02 - 00853504 _____ (Microsoft Corporation) C:\Windows\system32\mcmde.dll 2016-01-17 12:24 - 2015-12-05 18:02 - 00613888 _____ (Microsoft Corporation) C:\Windows\system32\MSMPEG2VDEC.DLL 2016-01-17 12:24 - 2015-12-05 18:02 - 00606208 _____ (Microsoft Corporation) C:\Windows\system32\MFWMAAEC.DLL 2016-01-17 12:24 - 2015-12-05 18:02 - 00506880 _____ (Microsoft Corporation) C:\Windows\system32\MSMPEG2ENC.DLL 2016-01-17 12:24 - 2015-12-05 18:02 - 00480256 _____ (Microsoft Corporation) C:\Windows\system32\evr.dll 2016-01-17 12:24 - 2015-12-05 18:02 - 00391680 _____ (Microsoft Corporation) C:\Windows\system32\MSMPEG2ADEC.DLL 2016-01-17 12:24 - 2015-12-05 18:02 - 00314880 _____ (Microsoft Corporation) C:\Windows\system32\MP4SDECD.DLL 2016-01-17 12:24 - 2015-12-05 18:02 - 00254976 _____ (Microsoft Corporation) C:\Windows\system32\MPG4DECD.DLL 2016-01-17 12:24 - 2015-12-05 18:02 - 00254976 _____ (Microsoft Corporation) C:\Windows\system32\MP43DECD.DLL 2016-01-17 12:24 - 2015-12-05 18:02 - 00209920 _____ (Microsoft Corporation) C:\Windows\system32\mfplat.dll 2016-01-17 12:24 - 2015-12-05 18:02 - 00158208 _____ (Microsoft Corporation) C:\Windows\system32\COLORCNV.DLL 2016-01-17 12:24 - 2015-12-05 18:02 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ksproxy.ax 2016-01-17 12:24 - 2015-12-05 18:02 - 00080896 _____ (Microsoft Corporation) C:\Windows\system32\MP3DMOD.DLL 2016-01-17 12:24 - 2015-12-05 18:02 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\devenum.dll 2016-01-17 12:24 - 2015-12-05 18:02 - 00059392 _____ (Microsoft Corporation) C:\Windows\system32\mfvdsp.dll 2016-01-17 12:24 - 2015-12-05 17:44 - 00130048 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\drmk.sys 2016-01-17 12:22 - 2015-11-13 17:56 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\mapistub.dll 2016-01-17 12:22 - 2015-11-13 17:56 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\mapi32.dll 2016-01-17 12:22 - 2015-11-13 16:27 - 00013824 _____ (Microsoft Corporation) C:\Windows\system32\fixmapi.exe 2016-01-17 12:20 - 2015-12-08 18:01 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll 2016-01-17 12:20 - 2015-12-05 16:24 - 02068480 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys 2016-01-17 12:07 - 2015-12-05 18:02 - 00298496 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll 2016-01-17 11:56 - 2016-01-17 11:56 - 00001686 _____ C:\Users\Public\Desktop\QuickTime Player.lnk 2016-01-17 11:56 - 2016-01-17 11:56 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickTime 2016-01-17 11:55 - 2016-01-17 11:56 - 00000000 ____D C:\Program Files\QuickTime 2016-01-15 15:32 - 2015-12-16 23:00 - 01214976 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll 2016-01-15 15:32 - 2015-12-16 23:00 - 00916992 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll 2016-01-15 15:32 - 2015-12-16 23:00 - 00423936 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll 2016-01-15 15:32 - 2015-12-16 23:00 - 00236544 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll 2016-01-15 15:32 - 2015-12-16 23:00 - 00105984 _____ (Microsoft Corporation) C:\Windows\system32\url.dll 2016-01-15 15:32 - 2015-12-16 22:58 - 00206848 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll 2016-01-15 15:32 - 2015-12-16 22:56 - 00630784 _____ (Microsoft Corporation) C:\Windows\system32\mstime.dll 2016-01-15 15:32 - 2015-12-16 22:56 - 00193536 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll 2016-01-15 15:32 - 2015-12-16 22:55 - 06012416 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll 2016-01-15 15:32 - 2015-12-16 22:55 - 00630272 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll 2016-01-15 15:32 - 2015-12-16 22:55 - 00067072 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll 2016-01-15 15:32 - 2015-12-16 22:55 - 00055296 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll 2016-01-15 15:32 - 2015-12-16 22:54 - 11086848 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll 2016-01-15 15:32 - 2015-12-16 22:54 - 02006016 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll 2016-01-15 15:32 - 2015-12-16 22:54 - 01469440 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl 2016-01-15 15:32 - 2015-12-16 22:54 - 00729600 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll 2016-01-15 15:32 - 2015-12-16 22:54 - 00387584 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll 2016-01-15 15:32 - 2015-12-16 22:54 - 00184320 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll 2016-01-15 15:32 - 2015-12-16 22:54 - 00164352 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll 2016-01-15 15:32 - 2015-12-16 22:54 - 00109056 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll 2016-01-15 15:32 - 2015-12-16 22:54 - 00071680 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll 2016-01-15 15:32 - 2015-12-16 22:54 - 00055808 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll 2016-01-15 15:32 - 2015-12-16 22:54 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\licmgr10.dll 2016-01-15 15:32 - 2015-12-16 22:54 - 00025600 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll 2016-01-15 15:32 - 2015-12-16 22:52 - 00348160 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll 2016-01-15 15:32 - 2015-12-16 22:52 - 00216576 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll 2016-01-15 15:32 - 2015-12-16 22:51 - 00019456 _____ (Microsoft Corporation) C:\Windows\system32\corpol.dll 2016-01-15 15:32 - 2015-12-16 20:06 - 00385024 _____ (Microsoft Corporation) C:\Windows\system32\html.iec 2016-01-15 15:32 - 2015-12-16 18:20 - 00174080 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe 2016-01-15 15:32 - 2015-12-16 18:20 - 00133632 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe 2016-01-15 15:32 - 2015-12-16 18:18 - 01638912 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb 2016-01-15 15:32 - 2015-12-16 18:18 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe 2016-01-05 21:05 - 2016-01-05 21:05 - 00135252 _____ C:\Users\ninine\Desktop\arecours2016.pdf 2016-01-05 20:18 - 2016-01-05 20:18 - 00157793 _____ C:\Users\ninine\Desktop\Conditions_delivrance_assurances_passcircuit_2015v2.pdf 2015-12-19 12:37 - 2015-12-19 14:14 - 00000000 ____D C:\Users\ninine\AppData\Local\WinZip 2015-12-19 12:37 - 2015-12-19 14:14 - 00000000 ____D C:\ProgramData\WinZip 2015-12-19 12:37 - 2015-12-19 12:37 - 00001836 _____ C:\ProgramData\Microsoft\Windows\Start Menu\WinZip.lnk 2015-12-19 12:37 - 2015-12-19 12:37 - 00000000 ____D C:\Users\ninine\AppData\Local\Nico Mak Computing 2015-12-19 12:37 - 2015-12-19 12:37 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinZip 2015-12-19 12:37 - 2015-12-19 12:37 - 00000000 ____D C:\Program Files\WinZip ==================== Un mois - Modifiés - fichiers et dossiers ======== (Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.) 2016-01-17 18:49 - 2006-11-02 12:18 - 00000000 ____D C:\Windows 2016-01-17 18:43 - 2014-03-23 12:00 - 00001002 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job 2016-01-17 18:28 - 2009-07-10 03:13 - 00000286 _____ C:\ProgramData\hpqp.ini 2016-01-17 18:25 - 2013-01-04 18:15 - 00001052 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job 2016-01-17 18:25 - 2006-11-02 14:01 - 00000006 ____H C:\Windows\Tasks\SA.DAT 2016-01-17 18:25 - 2006-11-02 13:47 - 00003344 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0 2016-01-17 18:25 - 2006-11-02 13:47 - 00003344 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0 2016-01-17 13:59 - 2006-11-02 14:01 - 00032500 _____ C:\Windows\Tasks\SCHEDLGU.TXT 2016-01-17 13:13 - 2013-01-04 18:15 - 00001056 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job 2016-01-17 13:03 - 2009-02-28 15:38 - 00725244 _____ C:\Windows\system32\perfh00C.dat 2016-01-17 13:03 - 2009-02-28 15:38 - 00147168 _____ C:\Windows\system32\perfc00C.dat 2016-01-17 13:03 - 2006-11-02 12:18 - 00000000 ____D C:\Windows\inf 2016-01-17 13:03 - 2006-11-02 11:33 - 01623618 _____ C:\Windows\system32\PerfStringBackup.INI 2016-01-17 12:56 - 2006-11-02 13:47 - 00393776 _____ C:\Windows\system32\FNTCACHE.DAT 2016-01-17 12:54 - 2010-10-26 17:48 - 00000000 ____D C:\Program Files\Microsoft Silverlight 2016-01-17 12:31 - 2009-02-28 08:47 - 00000000 ____D C:\ProgramData\Microsoft Help 2016-01-17 12:28 - 2010-10-26 17:49 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight 2016-01-17 12:20 - 2013-08-12 21:16 - 00000000 ____D C:\Windows\system32\MRT 2016-01-17 12:10 - 2006-11-02 11:24 - 141317472 _____ (Microsoft Corporation) C:\Windows\system32\mrt.exe 2016-01-17 11:41 - 2015-10-29 11:33 - 00000000 ____D C:\Users\ninine\Documents\Mes téléchargements Filehippo 2016-01-15 14:58 - 2014-04-14 17:22 - 00170200 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys 2016-01-15 14:46 - 2015-11-22 15:36 - 00000000 ____D C:\Windows\Minidump 2016-01-15 14:18 - 2015-11-14 14:14 - 00001929 _____ C:\Users\Public\Desktop\Google Chrome.lnk 2016-01-09 20:41 - 2012-01-29 12:49 - 00000000 ____D C:\Users\ninine\5.COMPTES 2016-01-09 19:34 - 2010-04-03 13:12 - 00000000 ____D C:\Users\ninine\3.PHOTOS 2016-01-09 19:11 - 2014-02-05 18:50 - 00000764 _____ C:\Users\Public\Desktop\CCleaner.lnk 2016-01-03 11:10 - 2015-10-29 11:43 - 00000542 ____H C:\Windows\Tasks\Norton Product InstallerIdle.job 2016-01-02 22:14 - 2009-11-21 13:34 - 00000000 ____D C:\Users\ninine\2.FILMS 2016-01-02 22:06 - 2009-09-26 16:49 - 00000000 ____D C:\Users\ninine\AppData\Roaming\vlc 2016-01-02 10:43 - 2012-04-12 08:54 - 00796864 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe 2016-01-02 10:43 - 2011-05-17 05:02 - 00142528 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl 2015-12-30 21:13 - 2006-11-02 13:37 - 00000000 ___RD C:\Users\Public\Recorded TV 2015-12-20 01:33 - 2015-12-15 21:38 - 00000000 ____D C:\Users\ninine\Documents\Lidl-Photos (lidl-photos.fr) 2015-12-20 01:23 - 2015-12-15 21:38 - 00000000 ____D C:\Users\ninine\Desktop\lidl 2015-12-19 11:44 - 2014-06-01 09:48 - 00436360 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsp.sys 2015-12-19 11:44 - 2014-06-01 09:48 - 00081168 _____ (AVAST Software) C:\Windows\system32\Drivers\aswmonflt.sys ==================== Fichiers à la racine de certains dossiers ======= 2010-07-28 18:06 - 2010-07-28 18:06 - 0002528 _____ () C:\Users\ninine\AppData\Roaming\$_hpcst$.hpc 2010-12-25 18:32 - 2011-06-18 18:56 - 0000000 _____ () C:\Users\ninine\AppData\Roaming\Ambient 2010-12-25 18:32 - 2011-06-18 18:56 - 0000000 _____ () C:\Users\ninine\AppData\Roaming\Analog Mono 2010-12-25 18:32 - 2011-06-18 18:56 - 0000000 _____ () C:\Users\ninine\AppData\Roaming\Analog Pad 2011-06-03 17:49 - 2013-11-10 17:49 - 0003906 _____ () C:\Users\ninine\AppData\Roaming\wklnhst.dat 2009-09-23 18:57 - 2009-09-23 18:57 - 0000000 _____ () C:\Users\ninine\AppData\Local\AtStart.txt 2009-10-21 22:07 - 2014-02-04 23:13 - 0006080 _____ () C:\Users\ninine\AppData\Local\d3d9caps.dat 2009-09-26 16:47 - 2015-10-16 08:22 - 0155648 _____ () C:\Users\ninine\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini 2009-09-23 18:57 - 2009-09-23 18:57 - 0000000 _____ () C:\Users\ninine\AppData\Local\DSwitch.txt 2009-09-23 18:57 - 2009-09-23 18:57 - 0000000 _____ () C:\Users\ninine\AppData\Local\QSwitch.txt 2011-06-18 18:56 - 2011-06-18 18:56 - 0000000 _____ () C:\ProgramData\Ambient 2011-06-18 18:56 - 2011-06-18 18:56 - 0000000 _____ () C:\ProgramData\grep 2009-07-10 03:13 - 2016-01-17 18:28 - 0000286 _____ () C:\ProgramData\hpqp.ini 2009-12-20 15:57 - 2011-02-06 10:02 - 0000021 _____ () C:\ProgramData\hpqp.txt 2009-09-23 18:57 - 2014-02-15 15:33 - 0008983 _____ () C:\ProgramData\HPWALog.txt 2011-09-18 18:32 - 2011-09-18 18:33 - 0000348 _____ () C:\ProgramData\hpzinstall.log 2010-12-25 18:32 - 2011-06-18 18:56 - 0000000 ____H () C:\ProgramData\PKP_DLes.DAT 2010-12-25 18:32 - 2011-06-18 18:56 - 0000000 ____H () C:\ProgramData\PKP_DLet.DAT 2010-12-25 18:32 - 2011-06-18 18:56 - 0000000 ____H () C:\ProgramData\PKP_DLev.DAT 2009-07-10 03:16 - 2009-07-10 03:16 - 0000032 _____ () C:\ProgramData\{051B9612-4D82-42AC-8C63-CD2DCEDC1CB3}.log 2009-02-28 09:01 - 2009-02-28 09:01 - 0000109 _____ () C:\ProgramData\{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}.log 2009-07-10 03:15 - 2009-07-10 03:15 - 0000032 _____ () C:\ProgramData\{23F3DA62-2D9E-4A69-B8D5-BE8E9E148092}.log 2009-02-28 08:54 - 2009-02-28 08:56 - 0000105 _____ () C:\ProgramData\{40BF1E83-20EB-11D8-97C5-0009C5020658}.log 2009-07-10 03:13 - 2009-07-10 03:13 - 0000032 _____ () C:\ProgramData\{4FC670EB-5F02-4B07-90DB-022B86BFEFD0}.log 2009-07-10 03:15 - 2009-07-10 03:15 - 0000032 _____ () C:\ProgramData\{9867824A-C86D-4A83-8F3C-E7A86BE0AFD3}.log 2009-02-28 08:53 - 2009-02-28 08:54 - 0000107 _____ () C:\ProgramData\{C59C179C-668D-49A9-B6EA-0121CCFC1243}.log 2009-02-28 08:56 - 2009-02-28 09:00 - 0000110 _____ () C:\ProgramData\{CB099890-1D5F-11D5-9EA9-0050BAE317E1}.log 2009-07-10 03:15 - 2009-07-10 03:15 - 0000105 _____ () C:\ProgramData\{d36dd326-7280-11d8-97c8-000129760cbe}.log Fichiers à déplacer ou supprimer: ==================== C:\Users\ninine\GarminExpressInstaller.exe ==================== Bamital & volsnap ================= (Il n'y a pas de correction automatique pour les fichiers qui ne satisfont pas à la vérification.) C:\Windows\explorer.exe => Le fichier est signé numériquement C:\Windows\system32\winlogon.exe => Le fichier est signé numériquement C:\Windows\system32\wininit.exe => Le fichier est signé numériquement C:\Windows\system32\svchost.exe => Le fichier est signé numériquement C:\Windows\system32\services.exe => Le fichier est signé numériquement C:\Windows\system32\User32.dll => Le fichier est signé numériquement C:\Windows\system32\userinit.exe => Le fichier est signé numériquement C:\Windows\system32\rpcss.dll => Le fichier est signé numériquement C:\Windows\system32\dnsapi.dll => Le fichier est signé numériquement C:\Windows\system32\Drivers\volsnap.sys => Le fichier est signé numériquement LastRegBack: 2016-01-17 18:30 ==================== Fin de FRST.txt ============================