Résultats d'analyse de Farbar Recovery Scan Tool (FRST) (x86) Version: 07-01-2019 Exécuté par Robert (administrateur) sur USER (08-01-2019 21:25:56) Exécuté depuis C:\Documents and Settings\Robert\Bureau Profils chargés: Robert (Profils disponibles: Robert & Administrateur) Platform: Microsoft Windows XP Édition familiale Service Pack 3 (X86) Langue: Français (France) Internet Explorer Version 8 (Navigateur par défaut: FF) Mode d'amorçage: Normal Tutoriel pour Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processus (Avec liste blanche) ================= (Si un élément est inclus dans le fichier fixlist.txt, le processus sera arrêté. Le fichier ne sera pas déplacé.) (Microsoft Corporation) C:\WINDOWS\system32\netdde.exe (AO Kaspersky Lab) C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 19.0.0\avp.exe (Microsoft Corporation) C:\WINDOWS\system32\dllhost.exe (Microsoft Corporation) C:\WINDOWS\system32\locator.exe (Microsoft Corporation) C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe (Copyright 2017.) C:\Program Files\Zemana AntiMalware\ZAM.exe (AO Kaspersky Lab) C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 19.0.0\avpui.exe ==================== Registre (Avec liste blanche) =========================== (Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé. Le fichier ne sera pas déplacé.) HKU\S-1-5-21-2000478354-1844823847-1801674531-1004\...\Policies\Explorer: [NoLowDiskSpaceChecks] 1 HKU\S-1-5-21-2000478354-1844823847-1801674531-1004\...\Policies\Explorer: [NoDriveAutoRun] 03feff03 HKLM\...\Drivers32: [msacm.trspch] => C:\WINDOWS\system32\tssoft32.acm [8192 2008-04-14] (DSP GROUP, INC.) HKLM\...\Drivers32: [vidc.I420] => C:\WINDOWS\system32\msh263.drv [294912 2008-04-14] (Microsoft Corporation) HKLM\...\Drivers32: [vidc.iv31] => C:\WINDOWS\system32\ir32_32.dll [199168 2008-04-14] () HKLM\...\Drivers32: [vidc.iv32] => C:\WINDOWS\system32\ir32_32.dll [199168 2008-04-14] () HKLM\...\Drivers32: [vidc.iv41] => C:\WINDOWS\system32\ir41_32.ax [848384 2008-04-14] (Intel Corporation) HKLM\...\Drivers32: [msacm.msg723] => C:\WINDOWS\system32\msg723.acm [118784 2008-04-14] (Microsoft Corporation) HKLM\...\Drivers32: [vidc.M263] => C:\WINDOWS\system32\msh263.drv [294912 2008-04-14] (Microsoft Corporation) HKLM\...\Drivers32: [vidc.M261] => C:\WINDOWS\system32\msh261.drv [188416 2008-04-14] (Microsoft Corporation) HKLM\...\Drivers32: [msacm.msaudio1] => C:\WINDOWS\system32\msaud32.acm [282654 2009-09-01] (Microsoft Corporation) HKLM\...\Drivers32: [msacm.sl_anet] => C:\WINDOWS\system32\sl_anet.acm [86016 2008-04-14] (Sipro Lab Telecom Inc.) HKLM\...\Drivers32: [msacm.iac2] => C:\WINDOWS\system32\iac25_32.ax [199680 2008-04-14] (Intel Corporation) HKLM\...\Drivers32: [vidc.iv50] => C:\WINDOWS\system32\ir50_32.dll [755200 2008-04-14] (Intel Corporation) HKLM\...\Drivers32: [vidc.XVID] => C:\WINDOWS\system32\xvidvfw.dll [251575 2014-12-15] () HKLM\Software\Microsoft\Active Setup\Installed Components: [<{12d0ed0d-0ee0-4f90-8827-78cefb8f4988}] -> C:\WINDOWS\system32\ieudinit.exe [2009-03-08] (Microsoft Corporation) HKLM\Software\Microsoft\Active Setup\Installed Components: [>{22d6f312-b0f6-11d0-94ab-0080c74c7e95}] -> C:\WINDOWS\inf\unregmp2.exe [2007-06-29] (Microsoft Corporation) HKLM\Software\Microsoft\Active Setup\Installed Components: [>{60B49E34-C7CC-11D0-8953-00A0C90347FF}] -> C:\WINDOWS\system32\iedkcs32.dll [2018-12-14] (Microsoft Corporation) HKLM\Software\Microsoft\Active Setup\Installed Components: [>{84CEDFFB-2061-4D35-9E03-E4A359014E0B}] -> C:\WINDOWS\system32\IEDKCS32.DLL [2018-12-14] (Microsoft Corporation) HKLM\Software\Microsoft\Active Setup\Installed Components: [>{881dd1c5-3dcf-431b-b061-f3f88e8be88a}] -> C:\WINDOWS\system32\shmgrate.exe [2008-04-14] (Microsoft Corporation) HKLM\Software\Microsoft\Active Setup\Installed Components: [{2179C5D3-EBFF-11CF-B6FD-00AA00B4E220}] -> HKLM\Software\Microsoft\Active Setup\Installed Components: [{22d6f312-b0f6-11d0-94ab-0080c74c7e95}] -> HKLM\Software\Microsoft\Active Setup\Installed Components: [{44BBA842-CC51-11CF-AAFA-00AA00B6015B}] -> C:\WINDOWS\system32\advpack.dll [2009-03-08] (Microsoft Corporation) HKLM\Software\Microsoft\Active Setup\Installed Components: [{5945c046-1e7d-11d1-bc44-00c04fd912be}] -> C:\WINDOWS\system32\advpack.dll [2009-03-08] (Microsoft Corporation) HKLM\Software\Microsoft\Active Setup\Installed Components: [{6BF52A52-394A-11d3-B153-00C04F79FAA6}] -> C:\WINDOWS\system32\advpack.dll [2009-03-08] (Microsoft Corporation) HKLM\Software\...\Winlogon\GPExtensions: [AutorunsDisabled] -> HKLM\Software\...\Winlogon\GPExtensions: [{C631DF4C-088F-4156-B058-4375F0853CD8}] -> C:\WINDOWS\System32\cscui.dll [2008-04-14] (Microsoft Corporation) ==================== Internet (Avec liste blanche) ==================== (Si un élément est inclus dans le fichier fixlist.txt, s'il s'agit d'un élément du Registre, il sera supprimé ou restauré à la valeur par défaut.) Tcpip\Parameters: [DhcpNameServer] 192.168.1.1 192.168.1.1 Tcpip\..\Interfaces\{20D35303-78E7-4D02-9141-964E63161CAE}: [NameServer] 8.8.8.8,8.8.4.4 Tcpip\..\Interfaces\{2753AC6F-7F31-446B-9194-36F582AAD2F6}: [DhcpNameServer] 192.168.1.1 192.168.1.1 Internet Explorer: ================== HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = HKU\S-1-5-21-2000478354-1844823847-1801674531-1004\Software\Microsoft\Internet Explorer\Main,Search Page = www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch HKU\S-1-5-21-2000478354-1844823847-1801674531-1004\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://google.fr/ SearchScopes: HKLM -> DefaultScope la valeur est absente SearchScopes: HKU\S-1-5-21-2000478354-1844823847-1801674531-1004 -> {D3B853EB-72B6-48E1-A53D-A35FE74083FA} URL = BHO: Kaspersky Protection -> {EC1E29BB-F56A-45D8-B023-D3EF710FA0E0} -> C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 19.0.0\IEExt\ie_plugin.dll [2018-12-06] (AO Kaspersky Lab) Toolbar: HKLM - Kaspersky Protection Toolbar - {C500C267-63BF-451F-8797-4D720C9A2ED9} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 19.0.0\IEExt\ie_plugin.dll [2018-12-06] (AO Kaspersky Lab) Toolbar: HKU\S-1-5-21-2000478354-1844823847-1801674531-1004 -> Pas de nom - {093F479D-712E-46CD-9E06-62E734A05F68} - Pas de fichier Toolbar: HKU\S-1-5-21-2000478354-1844823847-1801674531-1004 -> Kaspersky Protection Toolbar - {C500C267-63BF-451F-8797-4D720C9A2ED9} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 19.0.0\IEExt\ie_plugin.dll [2018-12-06] (AO Kaspersky Lab) Handler: AutorunsDisabled\file - {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll [2018-12-14] (Microsoft Corporation) Handler: AutorunsDisabled\ftp - {79eac9e3-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll [2018-12-14] (Microsoft Corporation) Handler: AutorunsDisabled\gopher - {79eac9e4-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll [2018-12-14] (Microsoft Corporation) Handler: AutorunsDisabled\http - {79eac9e2-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll [2018-12-14] (Microsoft Corporation) Handler: AutorunsDisabled\https - {79eac9e5-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll [2018-12-14] (Microsoft Corporation) Handler: AutorunsDisabled\local - {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll [2018-12-14] (Microsoft Corporation) Handler: AutorunsDisabled\mailto - {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\system32\mshtml.dll [2018-12-14] (Microsoft Corporation) Handler: AutorunsDisabled\mk - {79eac9e6-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll [2018-12-14] (Microsoft Corporation) Handler: AutorunsDisabled\res - {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\system32\mshtml.dll [2018-12-14] (Microsoft Corporation) Handler: AutorunsDisabled\sysimage - {76E67A63-06E9-11D2-A840-006008059382} - C:\WINDOWS\system32\mshtml.dll [2018-12-14] (Microsoft Corporation) Handler: AutorunsDisabled\vbscript - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\system32\mshtml.dll [2018-12-14] (Microsoft Corporation) Handler: http\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL [2002-05-23] (Microsoft Corporation) Handler: http\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL [2002-05-23] (Microsoft Corporation) Handler: https\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL [2002-05-23] (Microsoft Corporation) Handler: https\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL [2002-05-23] (Microsoft Corporation) Handler: ipp\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL [2002-05-23] (Microsoft Corporation) Handler: msdaipp\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL [2002-05-23] (Microsoft Corporation) Handler: msdaipp\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL [2002-05-23] (Microsoft Corporation) Filter: AutorunsDisabled\application/x-complus - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\WINDOWS\system32\mscoree.dll [2010-03-18] (Microsoft Corporation) Filter: AutorunsDisabled\application/x-msdownload - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\WINDOWS\system32\mscoree.dll [2010-03-18] (Microsoft Corporation) Filter: AutorunsDisabled\Class Install Handler - {32B533BB-EDAE-11d0-BD5A-00AA00B92AF1} - C:\WINDOWS\system32\urlmon.dll [2018-12-14] (Microsoft Corporation) Filter: AutorunsDisabled\deflate - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\WINDOWS\system32\urlmon.dll [2018-12-14] (Microsoft Corporation) Filter: AutorunsDisabled\gzip - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\WINDOWS\system32\urlmon.dll [2018-12-14] (Microsoft Corporation) FireFox: ======== FF ProfilePath: C:\Documents and Settings\Robert\Application Data\Mozilla\Firefox\Profiles\c8h1oczz.default-1545737687390 [2019-01-08] FF Homepage: C:\Documents and Settings\Robert\Application Data\Mozilla\Firefox\Profiles\c8h1oczz.default-1545737687390 -> hxxp://www.google.fr FF NetworkProxy: C:\Documents and Settings\Robert\Application Data\Mozilla\Firefox\Profiles\c8h1oczz.default-1545737687390 -> type", 0 FF Extension: (Privacy Possum) - C:\Documents and Settings\Robert\Application Data\Mozilla\Firefox\Profiles\c8h1oczz.default-1545737687390\Extensions\woop-NoopscooPsnSXQ@jetpack.xpi [2018-12-25] FF Extension: (Imagus) - C:\Documents and Settings\Robert\Application Data\Mozilla\Firefox\Profiles\c8h1oczz.default-1545737687390\Extensions\{00000f2a-7cde-4f20-83ed-434fcb420d71}.xpi [2018-12-25] FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension FF Extension: (Microsoft .NET Framework Assistant) - C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension [2014-10-17] [Legacy] [non signé] FF HKLM\...\Firefox\Extensions: [light_plugin_F88CEF8523DE460F9FA1D6E48BF8D340@kaspersky.com] - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 19.0.0\FFExt\light_plugin_firefox\addon.xpi FF Extension: (Kaspersky Protection) - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 19.0.0\FFExt\light_plugin_firefox\addon.xpi [2018-12-06] FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF32_32_0_0_101.dll [2018-12-18] () FF Plugin: @adobe.com/ShockwavePlayer -> C:\WINDOWS\system32\Adobe\Director\np32dsw_1234204.dll [2018-06-06] (Adobe Systems, Inc.) FF Plugin: @Apple.com/iTunes,version=1.0 -> E:\Program Files\iTunes\Mozilla Plugins\npitunes.dll [Pas de fichier] FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.50907.0\npctrl.dll [2017-05-03] ( Microsoft Corporation) FF Plugin: @microsoft.com/WPF,version=3.5 -> C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll [2008-07-29] (Microsoft Corporation) FF Plugin: @real.com/nppl3260;version=6.0.12.450 -> E:\Program Files\Real Alternative\browser\plugins\nppl3260.dll [Pas de fichier] FF Plugin: @real.com/nprpjplug;version=6.0.12.448 -> E:\Program Files\Real Alternative\browser\plugins\nprpjplug.dll [Pas de fichier] FF Plugin: @videolan.org/vlc,version=2.2.3 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [Pas de fichier] FF Plugin: @videolan.org/vlc,version=2.2.4 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [Pas de fichier] FF Plugin: @videolan.org/vlc,version=2.2.6 -> D:\Program Files\VideoLAN\VLC\npvlc.dll [2018-12-20] (VideoLAN) FF Plugin: @videolan.org/vlc,version=2.2.8 -> D:\Program Files\VideoLAN\VLC\npvlc.dll [2018-12-20] (VideoLAN) FF Plugin: @videolan.org/vlc,version=3.0.1 -> D:\Program Files\VideoLAN\VLC\npvlc.dll [2018-12-20] (VideoLAN) FF Plugin: @videolan.org/vlc,version=3.0.2 -> D:\Program Files\VideoLAN\VLC\npvlc.dll [2018-12-20] (VideoLAN) FF Plugin: @videolan.org/vlc,version=3.0.3 -> D:\Program Files\VideoLAN\VLC\npvlc.dll [2018-12-20] (VideoLAN) FF Plugin: @videolan.org/vlc,version=3.0.4 -> D:\Program Files\VideoLAN\VLC\npvlc.dll [2018-12-20] (VideoLAN) FF Plugin: @videolan.org/vlc,version=3.0.5 -> D:\Program Files\VideoLAN\VLC\npvlc.dll [2018-12-20] (VideoLAN) FF ExtraCheck: C:\Program Files\mozilla firefox\defaults\pref\kl_prefs_62fbb8f7_c917_4cf7_957a_aad2b8fa768c.js [2019-01-05] <==== ATTENTION (Pointe vers un fichier *.cfg) FF ExtraCheck: C:\Program Files\mozilla firefox\kl_config_62fbb8f7_c917_4cf7_957a_aad2b8fa768c.cfg [2019-01-05] <==== ATTENTION Chrome: ======= CHR DefaultProfile: Default CHR HKLM\...\Chrome\Extension: [amkpcclbbgegoafihnpgomddadjhcadd] - hxxps://chrome.google.com/webstore/detail/amkpcclbbgegoafihnpgomddadjhcadd ==================== Services (Avec liste blanche) ==================== (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.) S4 Apple Mobile Device; C:\Program Files\Fichiers communs\Apple\Mobile Device Support\AppleMobileDeviceService.exe [60720 2015-09-02] (Apple Inc.) R2 AVP19.0.0; C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 19.0.0\avp.exe [619640 2018-02-28] (AO Kaspersky Lab) S4 Backupper Service; C:\Program Files\AOMEI Backupper\ABService.exe [384880 2018-08-20] (AOMEI Tech Co., Ltd.) S4 Browser; C:\WINDOWS\System32\browser.dll [78336 2012-07-06] (Microsoft Corporation) [Fichier non signé] R2 Eventlog; C:\WINDOWS\system32\services.exe [111104 2009-02-09] (Microsoft Corporation) [Fichier non signé] R2 EventSystem; C:\WINDOWS\system32\es.dll [253952 2008-07-07] (Microsoft Corporation) [Fichier non signé] S4 FastUserSwitchingCompatibility; C:\WINDOWS\System32\shsvcs.dll [135680 2009-07-28] (Microsoft Corporation) [Fichier non signé] S4 KSDE3.0.0; C:\Program Files\Kaspersky Lab\Kaspersky Secure Connection 3.0\ksde.exe [617016 2018-02-28] (AO Kaspersky Lab) R2 LanmanServer; C:\WINDOWS\System32\srvsvc.dll [99840 2010-08-27] (Microsoft Corporation) [Fichier non signé] R2 lanmanworkstation; C:\WINDOWS\System32\wkssvc.dll [132096 2009-06-10] (Microsoft Corporation) [Fichier non signé] R2 NwSapAgent; C:\WINDOWS\System32\ipxsap.dll [66560 2008-04-14] (Microsoft Corporation) R2 PlugPlay; C:\WINDOWS\system32\services.exe [111104 2009-02-09] (Microsoft Corporation) [Fichier non signé] R2 seclogon; C:\WINDOWS\System32\seclogon.dll [18944 2016-02-17] (Microsoft Corporation) [Fichier non signé] S3 SerialKeys; C:\WINDOWS\system32\skeys.exe [26112 2008-04-14] (Microsoft Corporation) R3 ShellHWDetection; C:\WINDOWS\System32\shsvcs.dll [135680 2009-07-28] (Microsoft Corporation) [Fichier non signé] S4 Spooler; C:\WINDOWS\system32\spoolsv.exe [58880 2010-08-17] (Microsoft Corporation) [Fichier non signé] S4 Themes; C:\WINDOWS\System32\shsvcs.dll [135680 2009-07-28] (Microsoft Corporation) [Fichier non signé] S3 WinRM; C:\WINDOWS\system32\WsmSvc.dll [1107456 2009-10-09] (Microsoft Corporation) [Fichier non signé] S3 WmdmPmSN; C:\WINDOWS\system32\MsPMSNSv.dll [27136 2006-10-18] (Microsoft Corporation) [Fichier non signé] S3 WMPNetworkSvc; C:\Program Files\Windows Media Player\WMPNetwk.exe [918016 2006-11-03] (Microsoft Corporation) [Fichier non signé] R2 WudfSvc; C:\WINDOWS\System32\WUDFSvc.dll [64512 2009-07-13] (Microsoft Corporation) [Fichier non signé] S4 WZCSVC; C:\WINDOWS\System32\wzcsvc.dll [483840 2017-09-19] (Microsoft Corporation) [Fichier non signé] R2 ZAMSvc; C:\Program Files\Zemana AntiMalware\ZAM.exe [15775888 2017-08-09] (Copyright 2017.) ===================== Pilotes (Avec liste blanche) ====================== (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.) R0 ambakdrv; C:\WINDOWS\System32\ambakdrv.sys [46896 2016-12-21] () S3 Ambfilt; C:\WINDOWS\System32\drivers\Ambfilt.sys [1691480 2015-01-06] (Creative) R2 ammntdrv; C:\WINDOWS\system32\ammntdrv.sys [150192 2016-12-21] () R2 amwrtdrv; C:\WINDOWS\system32\amwrtdrv.sys [34864 2017-09-01] () R3 AtcL001; C:\WINDOWS\System32\DRIVERS\l151x86.sys [37376 2015-01-06] (Atheros Communications, Inc.) [Fichier non signé] R1 Cdrom; C:\WINDOWS\System32\DRIVERS\cdrom.sys [62976 2008-05-02] (Microsoft Corporation) [Fichier non signé] R0 cm_km; C:\WINDOWS\System32\DRIVERS\cm_km.sys [178368 2018-01-27] (AO Kaspersky Lab) S4 Fastfat; C:\WINDOWS\system32\Drivers\Fastfat.sys [143744 2014-09-02] (Microsoft Corporation) [Fichier non signé] R0 giveio; C:\WINDOWS\System32\giveio.sys [5248 1996-04-03] () [Fichier non signé] R3 HTTP; C:\WINDOWS\System32\Drivers\HTTP.sys [265728 2009-10-20] (Microsoft Corporation) [Fichier non signé] R1 HWiNFO32; C:\WINDOWS\system32\drivers\HWiNFO32.SYS [23840 2015-01-06] (REALiX(tm)) R0 kl1; C:\WINDOWS\System32\DRIVERS\kl1.sys [151240 2018-02-20] (AO Kaspersky Lab) R0 klbackupdisk; C:\WINDOWS\System32\DRIVERS\klbackupdisk.sys [63688 2018-10-02] (AO Kaspersky Lab) R1 klbackupflt; C:\WINDOWS\System32\DRIVERS\klbackupflt.sys [102704 2018-10-02] (AO Kaspersky Lab) R1 kldisk; C:\WINDOWS\System32\DRIVERS\kldisk.sys [76880 2018-10-02] (AO Kaspersky Lab) R3 klflt; C:\WINDOWS\System32\DRIVERS\klflt.sys [177440 2018-12-06] (AO Kaspersky Lab) R1 klhk; C:\WINDOWS\System32\DRIVERS\klhk.sys [313952 2018-10-02] (AO Kaspersky Lab) R1 KLIF; C:\WINDOWS\System32\DRIVERS\klif.sys [863528 2018-12-06] (AO Kaspersky Lab) R3 klim5; C:\WINDOWS\System32\DRIVERS\klim5.sys [54744 2017-06-02] (AO Kaspersky Lab) R3 klkbdflt; C:\WINDOWS\System32\DRIVERS\klkbdflt.sys [50888 2018-01-15] (AO Kaspersky Lab) R3 klmouflt; C:\WINDOWS\System32\DRIVERS\klmouflt.sys [76336 2017-12-11] (AO Kaspersky Lab) R1 klpd; C:\WINDOWS\System32\DRIVERS\klpd.sys [45520 2017-05-30] (AO Kaspersky Lab) S3 kltap; C:\WINDOWS\System32\DRIVERS\kltap.sys [42336 2016-06-22] (The OpenVPN Project) R1 kltdf; C:\WINDOWS\System32\DRIVERS\kltdf.sys [86240 2017-11-21] (AO Kaspersky Lab) R1 kltdi; C:\WINDOWS\System32\DRIVERS\kltdi.sys [75488 2017-11-07] (AO Kaspersky Lab) R1 kneps; C:\WINDOWS\System32\DRIVERS\kneps.sys [168640 2018-02-24] (AO Kaspersky Lab) S3 Monfilt; C:\WINDOWS\System32\drivers\Monfilt.sys [1395800 2015-01-06] (Creative Technology Ltd.) S3 MRxDAV; C:\WINDOWS\System32\DRIVERS\mrxdav.sys [180096 2016-09-08] (Microsoft Corporation) [Fichier non signé] R3 MTsensor; C:\WINDOWS\System32\DRIVERS\ASACPI.sys [5810 2004-08-13] () [Fichier non signé] R0 Mup; C:\WINDOWS\system32\Drivers\Mup.sys [106112 2016-09-08] (Microsoft Corporation) [Fichier non signé] R3 NdisTapi; C:\WINDOWS\System32\DRIVERS\ndistapi.sys [10496 2011-07-08] (Microsoft Corporation) [Fichier non signé] R3 NdisWan; C:\WINDOWS\System32\DRIVERS\ndiswan.sys [91776 2017-06-07] (Microsoft Corporation) [Fichier non signé] R3 NDProxy; C:\WINDOWS\system32\Drivers\NDProxy.sys [40960 2013-11-27] (Microsoft Corporation) [Fichier non signé] S3 Netaapl; C:\WINDOWS\System32\DRIVERS\netaapl.sys [18944 2014-08-15] (Apple Inc.) [Fichier non signé] R1 NetBT; C:\WINDOWS\System32\DRIVERS\netbt.sys [163200 2016-05-10] (Microsoft Corporation) [Fichier non signé] R2 NwlnkIpx; C:\WINDOWS\System32\DRIVERS\nwlnkipx.sys [88320 2008-04-14] (Microsoft Corporation) R2 NwlnkNb; C:\WINDOWS\System32\DRIVERS\nwlnknb.sys [63232 2008-04-14] (Microsoft Corporation) R2 NwlnkSpx; C:\WINDOWS\System32\DRIVERS\nwlnkspx.sys [55936 2008-04-14] (Microsoft Corporation) R0 speedfan; C:\WINDOWS\System32\speedfan.sys [24184 2012-12-29] (Almico Software) R3 Srv; C:\WINDOWS\System32\DRIVERS\srv.sys [359552 2017-09-07] (Microsoft Corporation) [Fichier non signé] R1 UimBus; C:\WINDOWS\System32\DRIVERS\UimBus.sys [91016 2014-07-09] () R1 Uim_DEVIM; C:\WINDOWS\System32\DRIVERS\uim_devim.sys [20616 2014-07-09] () R1 Uim_IM; C:\WINDOWS\System32\DRIVERS\uim_im.sys [540040 2014-07-09] () S1 Uim_Vim; C:\WINDOWS\System32\Drivers\Uim_Vim.sys [283600 2013-10-07] (Paragon) S3 USBAAPL; C:\WINDOWS\System32\Drivers\usbaapl.sys [45056 2015-06-17] (Apple, Inc.) [Fichier non signé] R3 usbccgp; C:\WINDOWS\System32\DRIVERS\usbccgp.sys [32384 2013-08-09] (Microsoft Corporation) [Fichier non signé] R3 usbehci; C:\WINDOWS\System32\DRIVERS\usbehci.sys [30336 2009-03-18] (Microsoft Corporation) [Fichier non signé] S3 usbscan; C:\WINDOWS\System32\DRIVERS\usbscan.sys [14976 2013-07-03] (Microsoft Corporation) [Fichier non signé] S3 USBSTOR; C:\WINDOWS\System32\DRIVERS\USBSTOR.SYS [26496 2016-01-29] (Microsoft Corporation) [Fichier non signé] S3 usb_rndisx; C:\WINDOWS\System32\DRIVERS\usb8023x.sys [12928 2013-02-12] (Microsoft Corporation) [Fichier non signé] S3 ute3mjk3; C:\WINDOWS\system32\Drivers\ute3mjk3.sys [7168 2018-07-07] () [Fichier non signé] R2 WiseFs; C:\WINDOWS\WiseFs32.sys [11184 2016-05-17] (WiseCleaner.com) [Fichier non signé] R3 WudfPf; C:\WINDOWS\System32\DRIVERS\WudfPf.sys [91904 2009-07-13] (Microsoft Corporation) [Fichier non signé] R3 WudfRd; C:\WINDOWS\System32\DRIVERS\wudfrd.sys [132224 2009-07-13] (Microsoft Corporation) [Fichier non signé] R1 ZAM; C:\WINDOWS\System32\drivers\zam32.sys [181496 2018-12-31] (Zemana Ltd.) R1 ZAM_Guard; C:\WINDOWS\System32\drivers\zamguard32.sys [181496 2018-12-31] (Zemana Ltd.) U5 FontCache3.0.0.0; C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [46104 2008-07-29] (Microsoft Corporation) S2 StarOpen; pas de ImagePath U5 UnlockerDriver5; D:\Program Files\Unlocker\UnlockerDriver5.sys [4096 2010-07-04] () [Fichier non signé] ==================== NetSvcs (Avec liste blanche) =================== (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.) ==================== Un mois - Créés - fichiers et dossiers ======== (Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.) 2019-01-08 21:25 - 2019-01-08 21:26 - 000023542 _____ C:\Documents and Settings\Robert\Bureau\FRST.txt 2019-01-08 21:25 - 2019-01-08 21:25 - 000000000 ____D C:\FRST 2019-01-08 21:23 - 2019-01-08 21:21 - 001784320 _____ (Farbar) C:\Documents and Settings\Robert\Bureau\FRST.exe 2019-01-08 14:30 - 2019-01-08 19:51 - 000002087 _____ C:\Documents and Settings\Robert\Bureau\ZHPCleaner.txt 2019-01-08 14:23 - 2019-01-08 19:51 - 000000000 ____D C:\Documents and Settings\Robert\Application Data\ZHP 2019-01-08 14:23 - 2019-01-08 14:23 - 000000824 _____ C:\Documents and Settings\Robert\Bureau\ZHPCleaner.lnk 2019-01-08 14:23 - 2019-01-08 14:23 - 000000000 ____D C:\Documents and Settings\Robert\Local Settings\Application Data\ZHP 2019-01-08 14:20 - 2019-01-08 14:23 - 000000000 ____D C:\AdwCleaner 2019-01-08 14:19 - 2018-01-23 10:21 - 004110280 _____ C:\Documents and Settings\Robert\Bureau\adwcleaner_6.047.exe 2019-01-08 14:18 - 2017-11-02 10:30 - 000797760 _____ C:\Documents and Settings\Robert\Bureau\delfix_1.013.exe 2019-01-08 14:17 - 2019-01-08 14:17 - 003300224 _____ C:\Documents and Settings\Robert\Bureau\ZHPCleaner.exe 2019-01-08 11:44 - 2019-01-08 11:44 - 000000000 ____D C:\Documents and Settings\Robert\Application Data\FastStone 2019-01-05 08:55 - 2019-01-05 08:55 - 000001777 _____ C:\MENACES dans MBAM 5 janv 2019.txt 2019-01-03 09:29 - 2019-01-03 09:29 - 000000663 _____ C:\Documents and Settings\All Users\Menu Démarrer\Programmes\PrivaZer.lnk 2018-12-31 22:07 - 2018-12-31 22:07 - 000181496 _____ (Zemana Ltd.) C:\WINDOWS\system32\Drivers\zamguard32.sys 2018-12-31 22:07 - 2018-12-31 22:07 - 000181496 _____ (Zemana Ltd.) C:\WINDOWS\system32\Drivers\zam32.sys 2018-12-31 22:07 - 2018-12-31 22:07 - 000001617 _____ C:\Documents and Settings\All Users\Bureau\Zemana AntiMalware.lnk 2018-12-31 22:07 - 2018-12-31 22:07 - 000000000 ____D C:\Program Files\Zemana AntiMalware 2018-12-31 22:07 - 2018-12-31 22:07 - 000000000 ____D C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Zemana AntiMalware 2018-12-31 21:21 - 2019-01-08 21:25 - 000022529 _____ C:\WINDOWS\ZAM.krnl.trace 2018-12-31 21:21 - 2019-01-08 21:25 - 000005887 _____ C:\WINDOWS\ZAM_Guard.krnl.trace 2018-12-31 21:20 - 2018-12-31 21:20 - 000000000 ____D C:\Documents and Settings\Robert\Local Settings\Application Data\Zemana 2018-12-31 19:59 - 2018-12-31 20:00 - 000297451 _____ C:\eluxer.net canada le supprimer.pdf 2018-12-30 10:39 - 2018-12-30 10:39 - 000000043 _____ C:\ONFRAY Video.txt 2018-12-28 22:16 - 2018-12-28 22:16 - 000021984 _____ C:\Documents and Settings\Robert\Local Settings\Application Data\GDIPFONTCACHEV1.DAT 2018-12-25 12:34 - 2018-12-25 12:34 - 000000000 ____D C:\Documents and Settings\Robert\Bureau\Anciennes données de Firefox 2018-12-23 14:19 - 2018-12-23 14:19 - 000133280 _____ C:\WINDOWS\system32\FNTCACHE.DAT 2018-12-23 14:17 - 2018-12-27 21:13 - 000012872 _____ (SurfRight B.V.) C:\WINDOWS\system32\bootdelete.exe 2018-12-23 10:37 - 2018-12-23 10:37 - 000001670 _____ C:\Documents and Settings\All Users\Bureau\HitmanPro.lnk 2018-12-23 10:37 - 2018-12-23 10:37 - 000000000 ____D C:\Program Files\HitmanPro 2018-12-23 10:35 - 2018-12-29 16:00 - 000000000 ____D C:\Documents and Settings\All Users\Application Data\HitmanPro 2018-12-20 22:30 - 2018-12-20 22:30 - 000000622 _____ C:\Documents and Settings\Robert\Bureau\PhotoFiltre 7.lnk 2018-12-20 22:30 - 2018-12-20 22:30 - 000000000 ____D C:\Documents and Settings\Robert\Application Data\PhotoFiltre 7 2018-12-20 10:57 - 2018-12-20 10:57 - 000000619 _____ C:\Documents and Settings\All Users\Menu Démarrer\Q-Dir.lnk 2018-12-19 20:53 - 2018-12-19 20:53 - 000000595 _____ C:\WINDOWS\system32\clipbrd.exe.lnk 2018-12-18 15:00 - 2019-01-06 19:53 - 000000492 _____ C:\Documents and Settings\Robert\Bureau\Majuscule accentuée.txt 2018-12-18 14:22 - 2018-12-18 14:22 - 000000000 ____D C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Accessoires 2018-12-17 21:13 - 2018-12-17 21:13 - 000000000 ____D C:\Documents and Settings\All Users\Menu Démarrer\Defraggler 2018-12-16 22:24 - 2018-12-16 22:24 - 000000602 _____ C:\WINDOWS\system32\shutdown.exe.lnk 2018-12-16 21:40 - 2018-12-16 21:41 - 000000000 __HDC C:\WINDOWS\ie8 2018-12-16 21:04 - 2018-12-16 21:04 - 000000000 ____D C:\Documents and Settings\Robert\Local Settings\Application Data\FastStone 2018-12-16 20:37 - 2018-12-16 20:37 - 000000504 _____ C:\WINDOWS\NOTEPAD.EXE.lnk 2018-12-16 20:35 - 2018-12-16 20:35 - 000000000 ____D C:\Documents and Settings\All Users\Menu Démarrer\Programmes\FastStone Capture 2018-12-16 20:27 - 2018-12-16 20:27 - 000000713 _____ C:\Documents and Settings\All Users\Bureau\OpenOffice 4.1.6.lnk 2018-12-16 20:27 - 2018-12-16 20:27 - 000000000 ___SD C:\Documents and Settings\All Users\Menu Démarrer\Programmes\OpenOffice 4.1.6 2018-12-16 19:21 - 2018-12-16 19:21 - 000000000 ____D C:\Program Files\Mozilla Maintenance Service 2018-12-16 18:25 - 2018-12-16 18:25 - 000000511 _____ C:\WINDOWS\explorer.exe.lnk 2018-12-11 10:34 - 2018-12-11 10:34 - 000000000 ____D C:\Documents and Settings\Robert\Menu Démarrer\Programmes\PrivaZer ==================== Un mois - Modifiés - fichiers et dossiers ======== (Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.) 2019-01-08 21:26 - 2016-08-06 14:52 - 000000000 ____D C:\Documents and Settings\Robert\Local Settings\Temp 2019-01-08 21:25 - 2014-10-07 09:43 - 000000000 ____D C:\Documents and Settings\Robert\Bureau 2019-01-08 21:24 - 2014-10-07 09:43 - 000000000 ____D C:\Documents and Settings\Robert 2019-01-08 21:20 - 2014-10-08 12:24 - 000052462 _____ C:\WINDOWS\system32\nvAppTimestamps 2019-01-08 21:17 - 2018-07-13 08:19 - 000000000 ____D C:\Documents and Settings\All Users\Application Data\Kaspersky Lab 2019-01-08 21:16 - 2014-10-07 09:36 - 000000000 ____D C:\WINDOWS\Registration 2019-01-08 19:52 - 2016-06-20 21:42 - 000065536 _____ C:\WINDOWS\system32\config\Kaspersk.evt 2019-01-08 19:52 - 2014-12-16 00:25 - 000000184 ___SH C:\Documents and Settings\Robert\ntuser.ini 2019-01-08 10:56 - 2018-07-12 10:12 - 000170200 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys 2019-01-07 19:09 - 2014-10-07 09:34 - 000000000 ___RD C:\Documents and Settings\All Users\Menu Démarrer\Accessoires 2019-01-07 12:30 - 2008-04-14 13:00 - 000012984 _____ C:\WINDOWS\system32\wpa.dbl 2019-01-06 19:41 - 2018-11-25 14:47 - 000023040 ___SH C:\Thumbs.db 2019-01-06 19:41 - 2018-11-25 14:47 - 000007168 ___SH C:\WINDOWS\Thumbs.db 2019-01-06 18:15 - 2014-10-07 11:13 - 000000227 ___SH C:\boot.ini 2019-01-06 18:15 - 2008-04-14 13:00 - 000000570 ____C C:\WINDOWS\win.ini 2019-01-06 18:15 - 2008-04-14 13:00 - 000000227 ____C C:\WINDOWS\system.ini 2019-01-06 15:45 - 2014-10-07 09:43 - 000000000 ___RD C:\Documents and Settings\Robert\Mes documents 2019-01-06 10:14 - 2017-08-08 17:00 - 000000000 ____D C:\Documents and Settings\Robert\Application Data\vlc 2019-01-05 00:10 - 2018-04-19 21:27 - 000000000 ____D C:\Program Files\Mozilla Firefox 2019-01-03 19:46 - 2014-10-12 22:28 - 000001324 _____ C:\WINDOWS\system32\d3d9caps.dat 2019-01-03 09:29 - 2018-08-08 08:40 - 000000663 _____ C:\Documents and Settings\All Users\Bureau\PrivaZer.lnk 2019-01-03 09:29 - 2018-08-08 08:40 - 000000000 ____D C:\Documents and Settings\Robert\Local Settings\Application Data\PrivaZer 2019-01-03 09:29 - 2014-10-07 11:16 - 000000000 ____D C:\Documents and Settings\All Users\Menu Démarrer\Programmes 2018-12-31 22:07 - 2014-10-07 11:16 - 000000000 ____D C:\Documents and Settings\All Users\Bureau 2018-12-31 21:35 - 2014-11-23 23:12 - 000000000 ____D C:\Program Files\Windows Desktop Search 2018-12-29 16:15 - 2018-05-07 19:06 - 000000000 ____D C:\Documents and Settings\Robert\Local Settings\Application Data\ESET 2018-12-29 11:55 - 2014-10-09 10:38 - 000000000 ____D C:\WINDOWS\system32\NtmsData 2018-12-23 22:27 - 2018-11-17 17:48 - 000000000 __SHD C:\Documents and Settings\Robert\IECompatCache 2018-12-23 22:27 - 2018-11-17 10:54 - 000000000 __SHD C:\Documents and Settings\Robert\IETldCache 2018-12-23 22:27 - 2016-09-03 09:04 - 000000000 __SHD C:\Documents and Settings\Robert\PrivacIE 2018-12-23 14:18 - 2014-11-23 23:13 - 000065536 _____ C:\WINDOWS\system32\config\WindowsPowerShell.evt 2018-12-23 14:18 - 2014-11-23 23:13 - 000065536 _____ C:\WINDOWS\system32\config\EventForwarding-Operational.Evt 2018-12-23 13:42 - 2014-10-08 02:12 - 000000000 ____D C:\WINDOWS\ie8updates 2018-12-23 13:41 - 2014-10-07 09:43 - 000000000 __SHD C:\Documents and Settings\Robert\Local Settings\Historique 2018-12-20 23:13 - 2014-10-07 09:43 - 000000000 ___RD C:\Documents and Settings\Robert\Menu Démarrer\Programmes 2018-12-20 10:57 - 2014-10-07 11:16 - 000000000 ___RD C:\Documents and Settings\All Users\Menu Démarrer 2018-12-20 09:53 - 2014-10-07 11:09 - 000000000 RSHDC C:\WINDOWS\system32\dllcache 2018-12-20 09:53 - 2014-10-07 11:09 - 000000000 ___HD C:\WINDOWS\inf 2018-12-19 20:57 - 2018-09-20 13:31 - 000001024 ____H C:\SYSTAG.BIN 2018-12-19 20:57 - 2018-09-20 13:29 - 000000208 _____ C:\WINDOWS\system32\AbBakConfig.dat 2018-12-19 20:57 - 2018-09-20 13:29 - 000000150 _____ C:\WINDOWS\system32\winsevr.dat 2018-12-19 20:56 - 2018-09-20 13:28 - 000000000 ____D C:\Program Files\AOMEI Backupper 2018-12-18 15:18 - 2017-06-16 22:37 - 000842240 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerApp.exe 2018-12-18 15:18 - 2017-06-16 22:37 - 000175104 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerCPLApp.cpl 2018-12-18 15:18 - 2014-10-11 17:42 - 000000000 ____D C:\Documents and Settings\Robert\Local Settings\Application Data\Adobe 2018-12-18 15:18 - 2014-10-07 09:37 - 000000000 ____D C:\WINDOWS\system32\Macromed 2018-12-18 14:22 - 2014-10-07 11:09 - 000000000 ____D C:\WINDOWS\security 2018-12-17 16:15 - 2015-06-05 15:45 - 000520318 _____ C:\WINDOWS\system32\perfh040.dat 2018-12-17 16:15 - 2015-06-05 15:45 - 000086462 _____ C:\WINDOWS\system32\perfc040.dat 2018-12-17 15:59 - 2014-10-16 22:02 - 000000045 ____C C:\WINDOWS\SOL.INI 2018-12-16 21:42 - 2014-10-07 09:43 - 000000000 ___RD C:\Documents and Settings\Robert\Favoris 2018-12-16 21:41 - 2014-10-07 11:09 - 000000000 ____D C:\WINDOWS\Media 2018-12-16 21:41 - 2014-10-07 11:09 - 000000000 ____D C:\WINDOWS\Help 2018-12-16 20:27 - 2014-10-07 11:16 - 000000000 ___HD C:\Documents and Settings\All Users\Modèles 2018-12-16 18:30 - 2014-10-12 13:46 - 000000000 ____D C:\Program Files\Windows Games 2018-12-16 18:30 - 2014-10-11 22:09 - 000000000 ____D C:\Program Files\Defraggler 2018-12-14 20:33 - 2015-06-10 15:10 - 000233984 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\jsprofilerui.dll 2018-12-14 20:33 - 2014-10-08 02:12 - 011092480 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\ieframe.dll 2018-12-14 20:33 - 2014-10-08 02:12 - 002007040 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\iertutil.dll 2018-12-14 20:33 - 2014-10-08 02:12 - 000743424 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\iedvtool.dll 2018-12-14 20:33 - 2014-10-08 02:12 - 000630272 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\msfeeds.dll 2018-12-14 20:33 - 2014-10-08 02:12 - 000522240 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\jsdbgui.dll 2018-12-14 20:33 - 2014-10-08 02:12 - 000247808 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\ieproxy.dll 2018-12-14 20:33 - 2014-10-08 02:12 - 000055296 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\msfeedsbs.dll 2018-12-14 20:33 - 2014-10-08 02:12 - 000012800 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\xpshims.dll 2018-12-14 20:33 - 2014-10-07 09:37 - 000759296 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\vgx.dll 2018-12-14 20:33 - 2014-10-07 09:36 - 000692736 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\inetcomm.dll 2018-12-14 20:33 - 2014-10-07 09:36 - 000692736 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcomm.dll 2018-12-14 20:33 - 2009-03-08 04:32 - 000630272 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll 2018-12-14 20:33 - 2009-03-08 04:31 - 000055296 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeedsbs.dll 2018-12-14 20:33 - 2009-03-08 03:39 - 011092480 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll 2018-12-14 20:33 - 2009-03-08 03:32 - 002007040 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll 2018-12-14 20:33 - 2008-04-14 13:00 - 006017536 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\mshtml.dll 2018-12-14 20:33 - 2008-04-14 13:00 - 006017536 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll 2018-12-14 20:33 - 2008-04-14 13:00 - 001469440 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\inetcpl.cpl 2018-12-14 20:33 - 2008-04-14 13:00 - 001469440 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl 2018-12-14 20:33 - 2008-04-14 13:00 - 001218048 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\urlmon.dll 2018-12-14 20:33 - 2008-04-14 13:00 - 001218048 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll 2018-12-14 20:33 - 2008-04-14 13:00 - 000921088 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\wininet.dll 2018-12-14 20:33 - 2008-04-14 13:00 - 000921088 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll 2018-12-14 20:33 - 2008-04-14 13:00 - 000732160 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\jscript.dll 2018-12-14 20:33 - 2008-04-14 13:00 - 000732160 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll 2018-12-14 20:33 - 2008-04-14 13:00 - 000630784 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\mstime.dll 2018-12-14 20:33 - 2008-04-14 13:00 - 000630784 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstime.dll 2018-12-14 20:33 - 2008-04-14 13:00 - 000428544 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\vbscript.dll 2018-12-14 20:33 - 2008-04-14 13:00 - 000428544 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll 2018-12-14 20:33 - 2008-04-14 13:00 - 000387584 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\iedkcs32.dll 2018-12-14 20:33 - 2008-04-14 13:00 - 000387584 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll 2018-12-14 20:33 - 2008-04-14 13:00 - 000348160 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\dxtmsft.dll 2018-12-14 20:33 - 2008-04-14 13:00 - 000348160 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtmsft.dll 2018-12-14 20:33 - 2008-04-14 13:00 - 000236544 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\webcheck.dll 2018-12-14 20:33 - 2008-04-14 13:00 - 000236544 _____ (Microsoft Corporation) C:\WINDOWS\system32\webcheck.dll 2018-12-14 20:33 - 2008-04-14 13:00 - 000216576 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\dxtrans.dll 2018-12-14 20:33 - 2008-04-14 13:00 - 000216576 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtrans.dll 2018-12-14 20:33 - 2008-04-14 13:00 - 000206848 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\occache.dll 2018-12-14 20:33 - 2008-04-14 13:00 - 000206848 _____ (Microsoft Corporation) C:\WINDOWS\system32\occache.dll 2018-12-14 20:33 - 2008-04-14 13:00 - 000193536 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\msrating.dll 2018-12-14 20:33 - 2008-04-14 13:00 - 000193536 _____ (Microsoft Corporation) C:\WINDOWS\system32\msrating.dll 2018-12-14 20:33 - 2008-04-14 13:00 - 000184320 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\iepeers.dll 2018-12-14 20:33 - 2008-04-14 13:00 - 000184320 _____ (Microsoft Corporation) C:\WINDOWS\system32\iepeers.dll 2018-12-14 20:33 - 2008-04-14 13:00 - 000105984 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\url.dll 2018-12-14 20:33 - 2008-04-14 13:00 - 000105984 _____ (Microsoft Corporation) C:\WINDOWS\system32\url.dll 2018-12-14 20:33 - 2008-04-14 13:00 - 000083968 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\hlink.dll 2018-12-14 20:33 - 2008-04-14 13:00 - 000083968 _____ (Microsoft Corporation) C:\WINDOWS\system32\hlink.dll 2018-12-14 20:33 - 2008-04-14 13:00 - 000067072 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\mshtmled.dll 2018-12-14 20:33 - 2008-04-14 13:00 - 000067072 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll 2018-12-14 20:33 - 2008-04-14 13:00 - 000066560 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\tdc.ocx 2018-12-14 20:33 - 2008-04-14 13:00 - 000066560 _____ (Microsoft Corporation) C:\WINDOWS\system32\tdc.ocx 2018-12-14 20:33 - 2008-04-14 13:00 - 000043520 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\licmgr10.dll 2018-12-14 20:33 - 2008-04-14 13:00 - 000043520 _____ (Microsoft Corporation) C:\WINDOWS\system32\licmgr10.dll 2018-12-14 20:33 - 2008-04-14 13:00 - 000025600 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\jsproxy.dll 2018-12-14 20:33 - 2008-04-14 13:00 - 000025600 _____ (Microsoft Corporation) C:\WINDOWS\system32\jsproxy.dll 2018-12-14 20:33 - 2008-04-14 13:00 - 000019456 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\corpol.dll 2018-12-14 20:33 - 2008-04-14 13:00 - 000019456 _____ (Microsoft Corporation) C:\WINDOWS\system32\corpol.dll 2018-12-14 17:31 - 2008-04-14 13:00 - 000385024 _____ (Microsoft Corporation) C:\WINDOWS\system32\html.iec 2018-12-14 17:31 - 2008-04-14 13:00 - 000174592 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\ie4uinit.exe 2018-12-14 17:31 - 2008-04-14 13:00 - 000174592 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe 2018-12-14 08:31 - 2014-10-07 09:36 - 000638648 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\iexplore.exe 2018-12-13 13:43 - 2014-10-27 10:47 - 000000000 ____D C:\Documents and Settings\Administrateur\Local Settings\Temp 2018-12-13 13:39 - 2014-10-27 10:47 - 000000000 __SHD C:\Documents and Settings\Administrateur\Local Settings\Historique 2018-12-12 21:10 - 2014-10-07 11:14 - 000000000 ____D C:\Documents and Settings 2018-12-12 10:19 - 2014-10-07 11:16 - 001362414 _____ C:\WINDOWS\system32\PerfStringBackup.INI 2018-12-12 10:19 - 2008-04-14 13:00 - 000626802 _____ C:\WINDOWS\system32\perfh00C.dat 2018-12-12 10:19 - 2008-04-14 13:00 - 000135628 _____ C:\WINDOWS\system32\perfc00C.dat 2018-12-09 00:11 - 2016-06-15 08:55 - 000000000 ____D C:\Program Files\Google ==================== Fichiers à la racine de certains dossiers ======= 2014-11-08 23:50 - 2014-11-08 23:50 - 000000050 _____ () C:\Documents and Settings\Robert\Application Data\Camdata.ini 2014-11-08 23:50 - 2014-11-08 23:50 - 000000408 _____ () C:\Documents and Settings\Robert\Application Data\CamLayout.ini 2014-11-08 23:50 - 2014-11-08 23:50 - 000000408 _____ () C:\Documents and Settings\Robert\Application Data\CamShapes.ini 2014-11-08 23:47 - 2014-11-08 23:47 - 000004416 _____ () C:\Documents and Settings\Robert\Application Data\CamStudio.cfg 2016-01-12 21:49 - 2016-01-13 15:06 - 000000193 _____ () C:\Documents and Settings\All Users\Application Data\Microsoft.SqlServer.Compact.351.32.bc ==================== Bamital & volsnap ====================== (Il n'y a pas de correction automatique pour les fichiers qui ne satisfont pas à la vérification.) C:\WINDOWS\explorer.exe => Le fichier est signé numériquement C:\WINDOWS\system32\winlogon.exe => Le fichier est signé numériquement C:\WINDOWS\system32\svchost.exe => Le fichier est signé numériquement C:\WINDOWS\system32\services.exe => Le MD5 est légitime C:\WINDOWS\system32\User32.dll [2008-04-14 13:00] - [2016-08-16 01:40] - 000579584 _____ (Microsoft Corporation) 020A619D88B59CB8D98199055FEF3BFB C:\WINDOWS\system32\userinit.exe => Le fichier est signé numériquement C:\WINDOWS\system32\rpcss.dll => Le fichier est signé numériquement C:\WINDOWS\system32\dnsapi.dll => Le fichier est signé numériquement C:\WINDOWS\system32\Drivers\volsnap.sys => Le fichier est signé numériquement ==================== Fin de FRST.txt ============================