Résultats d'analyse de Farbar Recovery Scan Tool (FRST) (x64) Version: 21-11-2019 Exécuté par willy (administrateur) sur ORDINATEUR (TOSHIBA SATELLITE C55D-A-13Q) (22-11-2019 18:51:19) Exécuté depuis C:\Users\willy\Bureau Profils chargés: willy (Profils disponibles: willy) Platform: Windows 8.1 (Update) (X64) Langue: Français (France) Navigateur par défaut: FF Mode d'amorçage: Normal Tutoriel pour Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processus (Avec liste blanche) ================= (Si un élément est inclus dans le fichier fixlist.txt, le processus sera arrêté. Le fichier ne sera pas déplacé.) () [Fichier non signé] C:\Program Files\ATI Technologies\ATI.ACE\a4\AdaptiveSleepService.exe (Advanced Micro Devices Inc.) [Fichier non signé] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe (AlcorMicro, Corp. -> Alcor Micro Corp.) C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe (Alps Electric Co., LTD. -> Alps Electric Co., Ltd.) C:\Program Files\Apoint2K\ApMsgFwd.exe (Alps Electric Co., LTD. -> Alps Electric Co., Ltd.) C:\Program Files\Apoint2K\ApntEx.exe (Alps Electric Co., LTD. -> Alps Electric Co., Ltd.) C:\Program Files\Apoint2K\Apoint.exe (Alps Electric Co., LTD. -> Alps Electric Co., Ltd.) C:\Program Files\Apoint2K\hidfind.exe (ATI Technologies Inc.) [Fichier non signé] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avgnt.exe (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avguard.exe (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avshadow.exe (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\ProtectedService.exe (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\sched.exe (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.Systray.exe (DTS, Inc. -> ) C:\Program Files (x86)\DTS, Inc\DTS Studio Sound\dts_apo_service.exe (IDT, Inc.) [Fichier non signé] C:\Program Files\IDT\WDM\stacsv64.exe (Microsoft Windows Hardware Compatibility Publisher -> AMD) C:\Windows\System32\atieclxx.exe (Microsoft Windows Hardware Compatibility Publisher -> AMD) C:\Windows\System32\atiesrxx.exe (Qualcomm Atheros -> Windows (R) Win 7 DDK provider) [Fichier non signé] C:\Program Files (x86)\Bluetooth Suite\AdminService.exe (TOSHIBA CORPORATION -> ) C:\Program Files (x86)\TOSHIBA\PasswordUtility\GFNEXSrv.exe (TOSHIBA CORPORATION -> TOSHIBA Corporation) C:\Program Files\TOSHIBA\Hotkey\TCrdMain_Win8.exe (TOSHIBA CORPORATION -> TOSHIBA Corporation) C:\Program Files\TOSHIBA\Teco\TecoResident.exe (TOSHIBA CORPORATION -> Toshiba Corporation) C:\Program Files\TOSHIBA\Teco\TecoService.exe (TOSHIBA CORPORATION -> TOSHIBA Corporation) C:\Windows\System32\TODDSrv.exe (TOSHIBA CORPORATION -> TOSHIBA) C:\Program Files (x86)\TOSHIBA\PasswordUtility\readLM.exe (Toshiba Europe GmbH -> Toshiba Europe GmbH) C:\Program Files (x86)\Toshiba TEMPRO\Toshiba.Tempro.UI.CommonNotifier.exe ==================== Registre (Avec liste blanche) =================== (Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé. Le fichier ne sera pas déplacé.) HKLM\...\Run: [Apoint] => C:\Program Files\Apoint2K\Apoint.exe [688472 2013-07-23] (Alps Electric Co., LTD. -> Alps Electric Co., Ltd.) HKLM\...\Run: [TCrdMain] => C:\Program Files\TOSHIBA\Hotkey\TCrdMain_Win8.exe [2556768 2013-08-18] (TOSHIBA CORPORATION -> TOSHIBA Corporation) HKLM\...\Run: [TecoResident] => C:\Program Files\TOSHIBA\Teco\TecoResident.exe [178016 2013-08-21] (TOSHIBA CORPORATION -> TOSHIBA Corporation) HKLM\...\Run: [TSSSrv] => C:\Program Files (x86)\TOSHIBA\System Setting\TSSSrv.exe [296520 2013-09-12] (TOSHIBA CORPORATION -> TOSHIBA Corporation) HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [766208 2013-08-31] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.) HKLM-x32\...\Run: [AmIcoSinglun64] => C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe [383768 2002-04-12] (AlcorMicro, Corp. -> Alcor Micro Corp.) HKLM-x32\...\Run: [1.TPUReg] => C:\Program Files (x86)\TOSHIBA\PasswordUtility\readLM.exe [2216800 2013-03-27] (TOSHIBA CORPORATION -> TOSHIBA) HKLM-x32\...\Run: [TSVU] => c:\Program Files\TOSHIBA\TOSHIBA Smart View Utility\TosSmartViewLauncher.exe [516512 2013-07-23] (TOSHIBA CORPORATION -> TOSHIBA) HKLM-x32\...\Run: [Avira SystrayStartTrigger] => C:\Program Files (x86)\Avira\Launcher\Avira.SystrayStartTrigger.exe [228728 2019-10-17] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) ==================== Tâches planifiées (Avec liste blanche) ============ (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.) Task: {0252273F-E12B-4832-9F7B-99AECE1BF989} - System32\Tasks\Avira_Antivirus_Systray => C:\Program Files (x86)\Avira\Antivirus\avgnt.exe [2757672 2019-11-22] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) Task: {33B7EC3B-52E1-4112-BA2A-559A2D9AB8E0} - System32\Tasks\TOSHIBA\Service Station => C:\Program Files\TOSHIBA\Toshiba Service Station\ToshibaServiceStation.exe [655464 2013-07-31] (TOSHIBA CORPORATION -> TOSHIBA Corporation) Task: {9F64C6E4-AA6C-47E8-9A11-CF7A3101129E} - System32\Tasks\Toshiba\CommonNotifier => C:\Program Files (x86)\Toshiba TEMPRO\Toshiba.Tempro.UI.CommonNotifier.exe [471416 2013-07-19] (Toshiba Europe GmbH -> Toshiba Europe GmbH) Task: {E2BFF55A-164F-4DB8-B0E3-6EAC7423BEE1} - System32\Tasks\Adobe Flash Player NPAPI Notifier => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_293_Plugin.exe [1457720 2019-11-15] (Adobe Inc. -> Adobe) (Si un élément est inclus dans le fichier fixlist.txt, le fichier tâche (.job) sera déplacé. Le fichier exécuté par la tâche ne sera pas déplacé.) ==================== Internet (Avec liste blanche) ==================== (Si un élément est inclus dans le fichier fixlist.txt, s'il s'agit d'un élément du Registre, il sera supprimé ou restauré à la valeur par défaut.) Tcpip\Parameters: [DhcpNameServer] 192.168.1.254 Tcpip\..\Interfaces\{57BFD367-3267-4FD9-A088-2CA4437D4912}: [DhcpNameServer] 192.168.1.254 Internet Explorer: ================== HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://google.com HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://google.com HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://google.com HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxp://google.com HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://google.com HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://google.com HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://google.com HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://google.com FireFox: ======== FF DefaultProfile: p0rz4upp.willy FF ProfilePath: C:\Users\willy\AppData\Roaming\Mozilla\Firefox\Profiles\p0rz4upp.willy [2019-11-22] FF DownloadDir: C:\Users\willy\Desktop FF Homepage: Mozilla\Firefox\Profiles\p0rz4upp.willy -> hxxps://www.google.fr/ FF Extension: (hotfix-update-xpi-intermediate) - C:\Users\willy\AppData\Roaming\Mozilla\Firefox\Profiles\p0rz4upp.willy\Extensions\hotfix-update-xpi-intermediate@mozilla.com.xpi [2019-05-15] FF Extension: (I don't care about cookies) - C:\Users\willy\AppData\Roaming\Mozilla\Firefox\Profiles\p0rz4upp.willy\Extensions\jid1-KKzOGWgsW3Ao4Q@jetpack.xpi [2019-11-15] FF Extension: (Adblock Plus - bloqueur de publicités gratuit) - C:\Users\willy\AppData\Roaming\Mozilla\Firefox\Profiles\p0rz4upp.willy\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2019-10-23] FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_32_0_0_293.dll [2019-11-15] (Adobe Inc. -> ) FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_32_0_0_293.dll [2019-11-15] (Adobe Inc. -> ) FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll [Pas de fichier] ==================== Services (Avec liste blanche) =================== (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.) R2 AdaptiveSleepService; C:\Program Files\ATI Technologies\ATI.ACE\A4\AdaptiveSleepService.exe [99328 2013-08-31] () [Fichier non signé] R2 AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [240128 2014-05-01] (Microsoft Windows Hardware Compatibility Publisher -> AMD) S2 AntiVirMailService; C:\Program Files (x86)\Avira\Antivirus\avmailc7.exe [1207984 2019-11-22] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) R2 AntivirProtectedService; C:\Program Files (x86)\Avira\Antivirus\ProtectedService.exe [535352 2019-11-12] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\Antivirus\sched.exe [484768 2019-11-12] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) R2 AntiVirService; C:\Program Files (x86)\Avira\Antivirus\avguard.exe [484768 2019-11-12] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) S2 AntiVirWebService; C:\Program Files (x86)\Avira\Antivirus\avwebg7.exe [567872 2019-11-22] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) R2 AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [312448 2013-10-01] (Qualcomm Atheros -> Windows (R) Win 7 DDK provider) [Fichier non signé] R2 Avira.ServiceHost; C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe [591872 2019-10-17] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) R2 dts_apo_service; C:\Program Files (x86)\DTS, Inc\DTS Studio Sound\dts_apo_service.exe [19792 2013-09-10] (DTS, Inc. -> ) R2 GFNEXSrv; C:\Program Files (x86)\TOSHIBA\PasswordUtility\GFNEXSrv.exe [163168 2013-03-27] (TOSHIBA CORPORATION -> ) S3 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [6960640 2019-11-06] (Malwarebytes Inc -> Malwarebytes) R2 STacSV; C:\Program Files\IDT\WDM\STacSV64.exe [339456 2013-08-16] (IDT, Inc.) [Fichier non signé] S3 TemproMonitoringService; C:\Program Files (x86)\Toshiba TEMPRO\TemproSvc.exe [116088 2013-07-19] (Toshiba Europe GmbH -> Toshiba Europe GmbH) S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [361824 2017-01-12] (Microsoft Corporation -> Microsoft Corporation) S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [119872 2017-01-12] (Microsoft Corporation -> Microsoft Corporation) S3 GamesAppService; "C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe" [X] ===================== Pilotes (Avec liste blanche) =================== (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.) R3 AmdAS4; C:\Windows\System32\drivers\AmdAS4.sys [17504 2013-02-06] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, INC.) R3 amdkmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [13941760 2014-05-01] (Microsoft Windows Hardware Compatibility Publisher -> Advanced Micro Devices, Inc.) R3 amdkmdap; C:\Windows\system32\DRIVERS\atikmpag.sys [628224 2014-05-01] (Microsoft Windows Hardware Compatibility Publisher -> Advanced Micro Devices, Inc.) R2 APXACC; C:\Windows\system32\DRIVERS\appexDrv.sys [219360 2013-04-18] (APPEX NETWORKS CORPORATION -> AppEx Networks Corporation) R3 athr; C:\Windows\system32\DRIVERS\athwbx.sys [3858944 2013-10-24] (Microsoft Windows Hardware Compatibility Publisher -> Qualcomm Atheros Communications, Inc.) R3 AtiHDAudioService; C:\Windows\system32\drivers\AtihdWB6.sys [138240 2013-06-22] (Microsoft Windows Hardware Compatibility Publisher -> Advanced Micro Devices) R0 avdevprot; C:\Windows\System32\DRIVERS\avdevprot.sys [78936 2019-06-17] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) S0 avelam; C:\Windows\System32\drivers\avelam.sys [22336 2019-02-21] (Microsoft Windows Early Launch Anti-malware Publisher -> Avira Operations GmbH & Co. KG) R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [208176 2019-11-12] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) R1 avipbb; C:\Windows\system32\DRIVERS\avipbb.sys [197176 2019-09-24] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) R1 avkmgr; C:\Windows\system32\DRIVERS\avkmgr.sys [46704 2019-02-21] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) R2 avnetflt; C:\Windows\system32\DRIVERS\avnetflt.sys [89736 2019-02-21] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) S3 bcmfn2; C:\Windows\System32\drivers\bcmfn2.sys [17624 2013-08-13] (Broadcom Corporation -> Windows (R) Win 7 DDK provider) R2 MBAMChameleon; C:\Windows\System32\Drivers\MbamChameleon.sys [248480 2019-11-05] (Malwarebytes Inc -> Malwarebytes) S3 MBAMSwissArmy; C:\Windows\System32\Drivers\mbamswissarmy.sys [278344 2019-11-17] (Malwarebytes Inc -> Malwarebytes) R2 PEGAGFN; C:\Program Files (x86)\TOSHIBA\PasswordUtility\PEGAGFN.sys [14344 2009-09-11] (PEGATRON CORPORATION -> PEGATRON) S3 RTWlanE; C:\Windows\system32\DRIVERS\rtwlane.sys [1936088 2013-07-31] (Realtek Semiconductor Corp -> Realtek Semiconductor Corporation ) R3 STHDA; C:\Windows\system32\DRIVERS\stwrt64.sys [551936 2013-08-16] (Microsoft Windows Hardware Compatibility Publisher -> IDT, Inc.) R3 Thotkey; C:\Windows\System32\drivers\Thotkey.sys [32624 2013-08-19] (TOSHIBA CORPORATION -> Windows (R) Win 7 DDK provider) S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [46600 2017-02-10] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation) S3 WDC_SAM; C:\Windows\System32\drivers\wdcsam64.sys [14464 2015-01-27] (Microsoft Windows Hardware Compatibility Publisher -> Western Digital Technologies) S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [274776 2017-01-12] (Microsoft Windows -> Microsoft Corporation) S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [117592 2017-01-12] (Microsoft Windows -> Microsoft Corporation) ==================== NetSvcs (Avec liste blanche) =================== (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.) ==================== Un mois (créés) =================== (Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.) 2019-11-22 18:51 - 2019-11-22 18:52 - 000015277 _____ C:\Users\willy\Bureau\FRST.txt 2019-11-22 18:50 - 2019-11-22 18:52 - 000000000 ____D C:\FRST 2019-11-22 18:50 - 2019-11-22 18:50 - 002261504 _____ (Farbar) C:\Users\willy\Bureau\FRST64.exe 2019-11-17 14:26 - 2019-11-17 14:26 - 000278344 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamswissarmy.sys 2019-11-15 08:31 - 2019-11-15 08:31 - 000004596 _____ C:\Windows\system32\Tasks\Adobe Flash Player NPAPI Notifier 2019-11-12 20:59 - 2019-10-28 04:20 - 000121040 _____ (Microsoft Corporation) C:\Windows\system32\userenv.dll 2019-11-12 20:59 - 2019-10-28 03:40 - 000098296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\userenv.dll 2019-11-12 20:59 - 2019-10-25 08:54 - 001208320 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\bthport.sys 2019-11-12 20:59 - 2019-10-24 05:07 - 025753088 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll 2019-11-12 20:59 - 2019-10-24 04:43 - 002910720 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll 2019-11-12 20:59 - 2019-10-24 04:41 - 000580096 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll 2019-11-12 20:59 - 2019-10-24 04:30 - 000797184 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll 2019-11-12 20:59 - 2019-10-24 04:29 - 005500928 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll 2019-11-12 20:59 - 2019-10-24 04:23 - 020290048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll 2019-11-12 20:59 - 2019-10-24 04:08 - 000496640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll 2019-11-12 20:59 - 2019-10-24 04:04 - 002304000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll 2019-11-12 20:59 - 2019-10-24 04:01 - 001033216 _____ (Microsoft Corporation) C:\Windows\system32\inetcomm.dll 2019-11-12 20:59 - 2019-10-24 03:58 - 000662528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll 2019-11-12 20:59 - 2019-10-24 03:55 - 000262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll 2019-11-12 20:59 - 2019-10-24 03:53 - 000809472 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll 2019-11-12 20:59 - 2019-10-24 03:53 - 000728064 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe 2019-11-12 20:59 - 2019-10-24 03:53 - 000381952 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll 2019-11-12 20:59 - 2019-10-24 03:51 - 002132992 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl 2019-11-12 20:59 - 2019-10-24 03:47 - 015445504 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll 2019-11-12 20:59 - 2019-10-24 03:39 - 004859392 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll 2019-11-12 20:59 - 2019-10-24 03:37 - 000880640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcomm.dll 2019-11-12 20:59 - 2019-10-24 03:35 - 004112384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll 2019-11-12 20:59 - 2019-10-24 03:33 - 000230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll 2019-11-12 20:59 - 2019-10-24 03:32 - 002058752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl 2019-11-12 20:59 - 2019-10-24 03:32 - 000696320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll 2019-11-12 20:59 - 2019-10-24 03:32 - 000333312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll 2019-11-12 20:59 - 2019-10-24 03:28 - 001566720 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll 2019-11-12 20:59 - 2019-10-24 03:27 - 013838336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll 2019-11-12 20:59 - 2019-10-24 03:17 - 000800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll 2019-11-12 20:59 - 2019-10-24 03:13 - 004387840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll 2019-11-12 20:59 - 2019-10-24 03:10 - 001331712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll 2019-11-12 20:59 - 2019-10-24 03:09 - 000710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll 2019-11-12 20:59 - 2019-10-22 05:29 - 001541352 _____ (Microsoft Corporation) C:\Windows\system32\user32.dll 2019-11-12 20:59 - 2019-10-22 01:42 - 001376768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user32.dll 2019-11-12 20:59 - 2019-10-17 03:43 - 001368800 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll 2019-11-12 20:59 - 2019-10-17 01:53 - 001085440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll 2019-11-12 20:59 - 2019-10-15 10:03 - 001311768 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll 2019-11-12 20:59 - 2019-10-15 07:15 - 007363536 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe 2019-11-12 20:59 - 2019-10-15 06:55 - 001308256 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll 2019-11-12 20:59 - 2019-10-15 06:54 - 000355576 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\msrpc.sys 2019-11-12 20:59 - 2019-10-15 04:48 - 004169216 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys 2019-11-12 20:59 - 2019-10-15 04:24 - 000129024 _____ (Microsoft Corporation) C:\Windows\splwow64.exe 2019-11-12 20:59 - 2019-10-15 04:08 - 001040384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll 2019-11-12 20:59 - 2019-10-15 03:56 - 001994240 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll 2019-11-12 20:59 - 2019-10-15 03:47 - 001384960 _____ (Microsoft Corporation) C:\Windows\system32\FntCache.dll 2019-11-12 20:59 - 2019-10-15 03:28 - 001560064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll 2019-11-12 20:59 - 2019-10-15 03:27 - 000747520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll 2019-11-12 20:59 - 2019-10-15 03:17 - 000827392 _____ (Microsoft Corporation) C:\Windows\system32\spoolsv.exe 2019-11-12 20:59 - 2019-10-11 17:29 - 000024576 _____ (Microsoft Corporation) C:\Windows\system32\upnpcont.exe 2019-11-12 20:59 - 2019-10-11 17:17 - 000067584 _____ (Microsoft Corporation) C:\Windows\system32\udhisapi.dll 2019-11-12 20:59 - 2019-10-11 16:45 - 000022528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\upnpcont.exe 2019-11-12 20:59 - 2019-10-11 16:37 - 000058880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\udhisapi.dll 2019-11-12 20:59 - 2019-10-11 16:17 - 000458752 _____ (Microsoft Corporation) C:\Windows\system32\upnphost.dll 2019-11-12 20:59 - 2019-10-11 15:59 - 000332288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\upnphost.dll 2019-11-12 20:59 - 2019-10-11 05:53 - 000430840 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll 2019-11-12 20:59 - 2019-10-11 04:56 - 000320248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll 2019-11-12 20:59 - 2019-10-11 03:36 - 000445440 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll 2019-11-12 20:59 - 2019-10-11 03:08 - 000324096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certcli.dll 2019-11-12 20:59 - 2019-10-11 03:02 - 000840704 _____ (Microsoft Corporation) C:\Windows\system32\netlogon.dll 2019-11-12 20:59 - 2019-10-11 02:44 - 000697344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\netlogon.dll 2019-11-12 20:59 - 2019-10-11 02:28 - 000605184 _____ (Microsoft Corporation) C:\Windows\system32\cryptui.dll 2019-11-12 20:59 - 2019-10-11 02:23 - 000565760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptui.dll 2019-11-12 20:59 - 2019-10-10 23:35 - 000374000 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll 2019-11-12 20:59 - 2019-10-10 23:32 - 000316144 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll 2019-11-12 20:59 - 2019-10-10 17:20 - 000044032 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll 2019-11-12 20:59 - 2019-10-10 16:50 - 000035840 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll 2019-11-12 20:59 - 2019-10-09 20:38 - 000470256 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netio.sys 2019-11-12 20:59 - 2019-10-09 14:35 - 000111616 _____ (Microsoft Corporation) C:\Windows\system32\AxInstSv.dll 2019-11-12 20:59 - 2019-10-04 14:35 - 000929280 _____ (Microsoft Corporation) C:\Windows\system32\iphlpsvc.dll 2019-11-12 20:59 - 2019-10-04 14:18 - 001312256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msjet40.dll 2019-11-12 20:59 - 2019-09-27 18:53 - 003325440 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll 2019-11-12 20:59 - 2019-09-27 17:52 - 002779648 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll 2019-11-12 20:59 - 2019-09-27 17:50 - 003619328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll 2019-11-12 20:59 - 2019-09-27 17:07 - 002464256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll 2019-11-12 20:59 - 2019-09-25 13:34 - 000162392 _____ (Microsoft Corporation) C:\Windows\system32\CompatTelRunner.exe 2019-11-12 20:59 - 2019-09-25 05:18 - 002863104 _____ (Microsoft Corporation) C:\Windows\system32\aitstatic.exe 2019-11-12 20:59 - 2019-09-25 05:18 - 001717760 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll 2019-11-12 20:59 - 2019-09-25 05:18 - 000802816 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll 2019-11-12 20:59 - 2019-09-25 05:18 - 000738816 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll 2019-11-12 20:59 - 2019-09-25 05:18 - 000634368 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll 2019-11-12 20:59 - 2019-09-25 05:18 - 000503808 _____ (Microsoft Corporation) C:\Windows\system32\centel.dll 2019-11-12 20:59 - 2019-09-25 05:18 - 000456704 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll 2019-11-12 20:59 - 2019-09-25 05:18 - 000315904 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll 2019-11-12 20:59 - 2019-09-25 05:18 - 000257024 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll 2019-11-12 20:59 - 2019-09-19 07:21 - 000098304 _____ (Microsoft Corporation) C:\Windows\system32\setupcl.exe 2019-11-12 20:59 - 2019-09-19 07:11 - 000229888 _____ (Microsoft Corporation) C:\Windows\system32\ActionQueue.dll 2019-11-12 20:59 - 2019-09-19 07:10 - 000020992 _____ (Microsoft Corporation) C:\Windows\system32\spopk.dll 2019-11-12 20:59 - 2019-09-19 07:00 - 000169472 _____ (Microsoft Corporation) C:\Windows\system32\uxlib.dll 2019-11-12 20:59 - 2019-09-19 06:59 - 000246784 _____ (Microsoft Corporation) C:\Windows\system32\unattend.dll 2019-11-12 20:59 - 2019-09-19 06:48 - 000475648 _____ (Microsoft Corporation) C:\Windows\system32\spwizeng.dll 2019-11-12 20:59 - 2019-09-19 06:26 - 000848896 _____ (Microsoft Corporation) C:\Windows\system32\samsrv.dll 2019-11-12 20:59 - 2019-09-19 06:20 - 000333312 _____ (Microsoft Corporation) C:\Windows\system32\winsku.dll 2019-11-12 20:59 - 2019-09-19 06:16 - 000712192 _____ (Microsoft Corporation) C:\Windows\system32\DismApi.dll 2019-11-12 20:59 - 2019-09-19 04:26 - 000469504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DismApi.dll 2019-11-12 20:59 - 2019-09-19 04:26 - 000279040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winsku.dll 2019-11-12 20:59 - 2019-09-12 23:46 - 000017920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\spopk.dll 2019-11-12 20:59 - 2019-09-12 23:36 - 000126464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\uxlib.dll 2019-11-12 20:59 - 2019-09-12 23:25 - 000380928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\spwizeng.dll 2019-11-12 20:59 - 2019-09-10 22:34 - 000354544 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\fltMgr.sys 2019-11-12 20:59 - 2019-09-07 16:18 - 015441408 _____ (Microsoft Corporation) C:\Windows\system32\wmp.dll 2019-11-12 20:59 - 2019-09-07 16:09 - 013321728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmp.dll 2019-11-12 20:59 - 2019-09-06 14:17 - 000249856 _____ (Gracenote, Inc.) C:\Windows\SysWOW64\gnsdk_fp.dll 2019-11-07 19:59 - 2019-11-07 19:59 - 000000000 ____D C:\Program Files (x86)\Mozilla Thunderbird 2019-11-06 13:45 - 2019-11-06 13:45 - 000000000 ____D C:\Program Files\Malwarebytes 2019-11-05 12:55 - 2019-11-05 12:55 - 000248480 _____ (Malwarebytes) C:\Windows\system32\Drivers\MbamChameleon.sys 2019-11-05 12:55 - 2019-11-05 12:55 - 000000000 ____D C:\Users\willy\AppData\Local\cache 2019-11-05 12:55 - 2019-11-05 12:55 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes 2019-11-05 12:54 - 2019-11-06 13:45 - 000153312 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbae64.sys 2019-10-31 22:14 - 2019-11-01 19:47 - 000000000 ____D C:\Program Files (x86)\Mozilla Firefox 2019-10-27 14:24 - 2019-11-22 14:21 - 000000873 _____ C:\Users\willy\Bureau\ZHPLite.lnk 2019-10-23 16:56 - 2019-11-07 19:59 - 000001192 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Thunderbird.lnk ==================== Un mois (modifiés) ================== (Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.) 2019-11-22 23:00 - 2015-09-03 09:01 - 000000000 ____D C:\Windows\Minidump 2019-11-22 18:51 - 2014-02-22 19:03 - 000000000 ___RD C:\Users\willy\Bureau 2019-11-22 18:50 - 2018-01-12 10:34 - 000000000 ____D C:\Users\willy\AppData\LocalLow\Mozilla 2019-11-22 18:48 - 2018-05-07 07:56 - 000000000 ____D C:\Users\willy\AppData\Roaming\ZHP 2019-11-22 18:48 - 2013-12-05 18:26 - 001817064 _____ C:\Windows\system32\PerfStringBackup.INI 2019-11-22 18:48 - 2013-08-28 23:29 - 000806842 _____ C:\Windows\system32\perfh00C.dat 2019-11-22 18:48 - 2013-08-28 23:29 - 000156662 _____ C:\Windows\system32\perfc00C.dat 2019-11-22 18:48 - 2013-08-22 14:36 - 000000000 ____D C:\Windows\Inf 2019-11-22 18:43 - 2014-02-22 19:03 - 000000000 ____D C:\Users\willy 2019-11-22 18:43 - 2013-08-22 15:45 - 000000006 ____H C:\Windows\Tasks\SA.DAT 2019-11-22 14:20 - 2014-02-22 19:10 - 000003594 _____ C:\Windows\system32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-89347571-1240567110-2988699886-1001 2019-11-22 14:15 - 2015-06-29 15:25 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira 2019-11-15 09:51 - 2018-05-07 07:58 - 000000890 _____ C:\Users\willy\Bureau\ZHPCleaner.lnk 2019-11-15 08:31 - 2014-09-09 14:17 - 000000000 ____D C:\Users\willy\AppData\Local\Adobe 2019-11-15 08:31 - 2013-08-22 16:36 - 000000000 ____D C:\Windows\SysWOW64\Macromed 2019-11-15 08:31 - 2013-08-22 16:36 - 000000000 ____D C:\Windows\system32\Macromed 2019-11-14 23:15 - 2018-05-07 08:47 - 003249536 _____ (Nicolas Coolman) C:\Users\willy\ZHPDiag3.exe 2019-11-14 23:15 - 2018-05-07 07:58 - 000000711 _____ C:\Users\willy\Bureau\ZHPDiag.lnk 2019-11-13 13:16 - 2013-08-22 16:36 - 000000000 ____D C:\Windows\rescache 2019-11-13 09:17 - 2014-01-09 22:01 - 000065536 _____ C:\Windows\system32\spu_storage.bin 2019-11-12 21:27 - 2013-08-22 16:20 - 000000000 ____D C:\Windows\CbsTemp 2019-11-12 21:22 - 2018-05-29 07:38 - 000337960 _____ C:\Windows\system32\FNTCACHE.DAT 2019-11-12 21:18 - 2014-02-25 21:01 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service 2019-11-12 21:12 - 2017-06-01 14:34 - 000000000 ____D C:\Windows\system32\appraiser 2019-11-12 21:12 - 2013-08-22 16:36 - 000000000 ____D C:\Windows\PolicyDefinitions 2019-11-12 21:12 - 2013-08-22 14:36 - 000000000 ____D C:\Windows\SysWOW64\Dism 2019-11-12 21:12 - 2013-08-22 14:36 - 000000000 ____D C:\Windows\system32\oobe 2019-11-12 21:12 - 2013-08-22 14:36 - 000000000 ____D C:\Windows\system32\Dism 2019-11-12 21:02 - 2014-02-23 04:44 - 128443096 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe 2019-11-12 21:02 - 2014-02-23 04:44 - 000000000 ____D C:\Windows\system32\MRT 2019-11-12 17:32 - 2015-06-29 15:28 - 000208176 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avgntflt.sys 2019-11-09 12:21 - 2018-05-07 08:09 - 003330432 _____ (Nicolas Coolman) C:\Users\willy\ZHPCleaner.exe 2019-11-05 12:54 - 2017-12-04 17:08 - 000000000 ____D C:\ProgramData\Malwarebytes 2019-10-31 22:15 - 2016-08-29 13:57 - 000001142 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk 2019-10-28 16:29 - 2014-01-09 22:00 - 000000000 ____D C:\ProgramData\Package Cache 2019-10-28 14:34 - 2013-08-22 14:25 - 000262144 ___SH C:\Windows\system32\config\BBI 2019-10-23 16:58 - 2014-02-26 00:16 - 000000000 ____D C:\Users\willy\AppData\Roaming\Thunderbird ==================== Fichiers à la racine de certains dossiers ======== 2018-05-07 08:09 - 2019-11-09 12:21 - 003330432 _____ (Nicolas Coolman) C:\Users\willy\ZHPCleaner.exe 2018-05-07 08:47 - 2019-11-14 23:15 - 003249536 _____ (Nicolas Coolman) C:\Users\willy\ZHPDiag3.exe 2018-05-08 08:11 - 2019-08-22 07:39 - 001707904 _____ (Nicolas Coolman) C:\Users\willy\ZHPFix2.exe 2014-03-03 09:59 - 2014-03-03 09:59 - 000003584 _____ () C:\Users\willy\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini 2017-04-01 12:44 - 2015-03-01 20:05 - 000000761 _____ () C:\Users\willy\AppData\Local\FB.png 2017-04-01 12:44 - 2015-03-01 20:02 - 000001615 _____ () C:\Users\willy\AppData\Local\Google.png 2018-05-12 19:15 - 2018-05-16 09:49 - 000024496 _____ () C:\Users\willy\AppData\Local\ZHPCquarantine.jpg ==================== SigCheckExt ========================= 2013-08-31 04:58 - 2013-08-31 04:58 - 000051200 _____ C:\Windows\system32\kdbsdk64.dll 2014-01-09 22:07 - 2013-08-16 14:21 - 006101504 _____ (IDT, Inc.) C:\Windows\system32\stlang64.dll 2014-02-23 20:07 - 1999-01-20 14:01 - 000210032 _____ C:\Windows\SysWOW64\DBCLIENT.DLL 2013-08-31 04:53 - 2013-08-31 04:53 - 000038912 _____ C:\Windows\SysWOW64\kdbsdk32.dll 1999-10-13 03:45 - 1999-10-13 03:45 - 000024576 _____ (Toshiba) C:\Windows\SysWOW64\Thci.dll 1999-10-13 03:47 - 1999-10-13 03:47 - 000024576 _____ (Toshiba) C:\Windows\SysWOW64\TSCI.DLL 2018-05-07 08:09 - 2019-11-09 12:21 - 003330432 _____ (Nicolas Coolman) C:\Users\willy\ZHPCleaner.exe 2018-05-07 08:47 - 2019-11-14 23:15 - 003249536 _____ (Nicolas Coolman) C:\Users\willy\ZHPDiag3.exe 2018-05-08 08:11 - 2019-08-22 07:39 - 001707904 _____ (Nicolas Coolman) C:\Users\willy\ZHPFix2.exe 2019-11-22 18:50 - 2019-11-22 18:50 - 002261504 _____ (Farbar) C:\Users\willy\Bureau\FRST64.exe ==================== SigCheck ============================ (Il n'y a pas de correction automatique pour les fichiers qui ne satisfont pas à la vérification.) LastRegBack: 2019-11-17 05:07 ==================== Fin de FRST.txt ========================