cjoint

Publicité


Publicité

Format du document : text/plain

Prévisualisation

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 09-03-2015 01
Ran by christelle (administrator) on DENISCHRISTELLE on 09-03-2015 21:15:29
Running from C:\Documents and Settings\christelle\Bureau
Loaded Profiles: christelle (Available profiles: christelle & eMule_Secure & Administrateur)
Platform: Microsoft Windows XP Édition familiale Service Pack 3 (X86) OS Language: Français (France)
Internet Explorer Version 8 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(ATI Technologies Inc.) C:\WINDOWS\system32\ati2evxx.exe
(Avast Software s.r.o.) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(ATI Technologies Inc.) C:\WINDOWS\system32\ati2evxx.exe
(Apple Inc.) C:\Program Files\Fichiers communs\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Logitech Inc.) C:\WINDOWS\system32\LVCOMSX.EXE
(Logitech Inc.) C:\WINDOWS\system32\ElkCtrl.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
(Avast Software s.r.o.) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Terra Virtual) C:\Program Files\Cegetel\C-BOX\Wizard\QuickAccess.exe
(Oracle Corporation) C:\Program Files\Java\jre7\bin\jqs.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Microsoft Corporation) C:\WINDOWS\system32\wbem\unsecapp.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [Recguard] => C:\WINDOWS\SMINST\RECGUARD.EXE [237568 2005-07-22] ()
HKLM\...\Run: [LVCOMSX] => C:\WINDOWS\system32\LVCOMSX.EXE [225280 2005-12-09] (Logitech Inc.)
HKLM\...\Run: [LogitechCameraService(E)] => C:\WINDOWS\system32\ElkCtrl.exe [262144 2004-11-01] (Logitech Inc.)
HKLM\...\Run: [QuickTime Task] => C:\Program Files\QuickTime\QTTask.exe [421888 2012-04-18] (Apple Inc.)
HKLM\...\Run: [APSDaemon] => C:\Program Files\Fichiers communs\Apple\Apple Application Support\APSDaemon.exe [60712 2014-10-11] (Apple Inc.)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [152392 2013-09-17] (Apple Inc.)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [5513424 2015-03-06] (Avast Software s.r.o.)
HKLM\...\RunOnce: [ZHPCleaner] => C:\Documents and Settings\christelle\Application Data\ZHP\ZHPCleaner.txt [8204 2015-03-09] ()
Winlogon\Notify\AtiExtEvent: C:\WINDOWS\system32\Ati2evxx.dll (ATI Technologies Inc.)
HKLM\...\Policies\Explorer: [NoCDBurning] 0
HKU\S-1-5-21-954205609-2775621011-387984521-1009\...\Run: [Configuration de la C-BOX] => C:\Program Files\Cegetel\C-BOX\Wizard\QuickAccess.exe [395264 2004-12-21] (Terra Virtual)
HKU\S-1-5-21-954205609-2775621011-387984521-1009\...\Run: [swg] => C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [68856 2007-03-31] (Google Inc.)
HKU\S-1-5-21-954205609-2775621011-387984521-1009\...\Policies\Explorer: [NoLowDiskSpaceChecks] 1
HKU\S-1-5-21-954205609-2775621011-387984521-1009\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\WINDOWS\system32\ssstars.scr [14336 2008-04-14] (Microsoft Corporation)
HKU\S-1-5-18\...\Run: [DWQueuedReporting] => C:\Program Files\Fichiers communs\Microsoft Shared\DW\DWTRIG20.EXE [437160 2007-02-26] (Microsoft Corporation)
HKU\S-1-5-18\...\Policies\Explorer: [CDRAutoRun] 0
Startup: C:\Documents and Settings\Administrateur\Menu Démarrer\Programmes\Démarrage\Pin.lnk
ShortcutTarget: Pin.lnk -> C:\hp\bin\cloaker.exe (Hewlett-Packard Co.)
Startup: C:\Documents and Settings\christelle\Menu Démarrer\Programmes\Démarrage\GigaTribe.lnk
ShortcutTarget: GigaTribe.lnk -> C:\Program Files\GigaTribe\gigatribe.exe (Gigatribe)
Startup: C:\Documents and Settings\Default User\Menu Démarrer\Programmes\Démarrage\Pin.lnk
ShortcutTarget: Pin.lnk -> C:\hp\bin\cloaker.exe (Hewlett-Packard Co.)
Startup: C:\Documents and Settings\eMule_Secure\Menu Démarrer\Programmes\Démarrage\Pin.lnk
ShortcutTarget: Pin.lnk -> C:\hp\bin\cloaker.exe (Hewlett-Packard Co.)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll (Avast Software s.r.o.)
ShellIconOverlayIdentifiers: [Fichiers hors connexion] -> {750fdf0e-2a26-11d1-a3ea-080036587f03} => C:\WINDOWS\System32\cscui.dll (Microsoft Corporation)
BootExecute: autocheck autochk * SsiEfr.
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKU\S-1-5-21-954205609-2775621011-387984521-1009\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://google.fr
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://fr.search.yahoo.com/yhs/search?type=avastbcl&hspart=avast&hsimp=yhs-001&p={searchTerms}
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
HKU\S-1-5-21-954205609-2775621011-387984521-1009\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-954205609-2775621011-387984521-1009\Software\Microsoft\Internet Explorer\Main,Search Page = https://fr.search.yahoo.com/yhs/search?type=avastbcl&hspart=avast&hsimp=yhs-001&p={searchTerms}
HKU\S-1-5-21-954205609-2775621011-387984521-1009\Software\Microsoft\Internet Explorer\Main,Search Bar = https://fr.yahoo.com?fr=hp-avast&type=avastbcl
URLSearchHook: [S-1-5-21-954205609-2775621011-387984521-1009] ATTENTION ==> Default URLSearchHook is missing.
SearchScopes: HKLM -> {77AA745B-F4F8-45DA-9B14-61D2D95054C8} URL =
SearchScopes: HKLM -> {9CB96984-43C3-4D44-90EF-01466EFCF7BB} URL = https://fr.search.yahoo.com/yhs/search?type=avastbcl&hspart=avast&hsimp=yhs-001&p={searchTerms}
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-954205609-2775621011-387984521-1009 -> {9CB96984-43C3-4D44-90EF-01466EFCF7BB} URL = https://fr.search.yahoo.com/yhs/search?type=avastbcl&hspart=avast&hsimp=yhs-001&p={searchTerms}
BHO: Aide pour le lien d'Adobe PDF Reader -> {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} -> C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [2012-09-23] (Adobe Systems Incorporated)
BHO: No Name -> {089FD14D-132B-48FC-8861-0048AE113215} -> C:\Program Files\SiteAdvisor\6261\SiteAdv.dll [2008-05-16] ()
BHO: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2012-09-23] (Adobe Systems Incorporated)
BHO: dsWebAllowBHO Class -> {2F85D76C-0569-466F-A488-493E6BD0E955} -> C:\Program Files\Windows Desktop Search\dsWebAllow.dll [2006-03-26] (Microsoft Corporation)
BHO: No Name -> {5C255C8A-E604-49b4-9D64-90988571CECB} -> No File
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2015-03-06] (Avast Software s.r.o.)
BHO: Programme d'aide de l'Assistant de connexion Windows Live -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-01-22] (Microsoft Corporation)
BHO: No Name -> {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} -> No File
Toolbar: HKLM - McAfee SiteAdvisor - {0BF43445-2F28-4351-9252-17FE6E806AA0} - C:\Program Files\SiteAdvisor\6261\SiteAdv.dll [2008-05-16] ()
Toolbar: HKU\S-1-5-21-954205609-2775621011-387984521-1009 -> No Name - {C4069E3A-68F1-403E-B40E-20066696354B} - No File
DPF: {17492023-C23A-453E-A040-C7C580BBF700} http://go.microsoft.com/fwlink/?linkid=39204
DPF: {2250C29C-C5E9-4F55-BE4E-01E45A40FCF1} http://musicmix.messenger.msn.com/Medialogic.CAB
DPF: {5ED80217-570B-4DA9-BF44-BE107C0EC166} http://cdn.scan.safety.live.com/resource/download/scanner/wlscbase8460.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab
DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
DPF: {EF791A6B-FC12-4C68-99EF-FB9E207A39E6}
Handler: http\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\SYSTEM\OLE DB\msdaipp.dll [2005-09-20] (Microsoft Corporation)
Handler: http\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\SYSTEM\OLE DB\msdaipp.dll [2005-09-20] (Microsoft Corporation)
Handler: https\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\SYSTEM\OLE DB\msdaipp.dll [2005-09-20] (Microsoft Corporation)
Handler: https\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\SYSTEM\OLE DB\msdaipp.dll [2005-09-20] (Microsoft Corporation)
Handler: ipp\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\SYSTEM\OLE DB\msdaipp.dll [2005-09-20] (Microsoft Corporation)
Handler: livecall - {828030A1-22C1-4009-854F-8E305202313F} - No File []
Handler: ms-itss - {0A9007C0-4076-11D3-8789-0000F8105754} - c:\Program Files\Fichiers communs\Microsoft Shared\Information Retrieval\msitss.dll [2001-06-20] (Microsoft Corporation)
Handler: msdaipp\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\SYSTEM\OLE DB\msdaipp.dll [2005-09-20] (Microsoft Corporation)
Handler: msdaipp\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\SYSTEM\OLE DB\msdaipp.dll [2005-09-20] (Microsoft Corporation)
Handler: msnim - {828030A1-22C1-4009-854F-8E305202313F} - No File []
Handler: siteadvisor - {3A5DC592-7723-4EAA-9EE6-AF4222BCF879} - C:\Program Files\SiteAdvisor\6261\SiteAdv.dll [2008-05-16] ()
ShellExecuteHooks: Windows Desktop Search Namespace Manager - {56F9679E-7826-4C84-81F3-532071A8BCC5} - C:\Program Files\Windows Desktop Search\MSNLNamespaceMgr.dll [233472 2006-03-13] (Microsoft Corporation)
ShellExecuteHooks: Microsoft AntiMalware ShellExecuteHook - {091EB208-39DD-417D-A5DD-7E2C2D8FB9CB} - C:\Program Files\Windows Defender\MpShHook.dll [83224 2006-11-03] (Microsoft Corporation)
Winsock: Catalog5 04 C:\Program Files\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)
Hosts: Hosts file not detected in the default directory
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1

FireFox:
========
FF ProfilePath: C:\Documents and Settings\christelle\Application Data\Mozilla\Firefox\Profiles\o88r8qki.default-1399979294234
FF DefaultSearchUrl: https://fr.search.yahoo.com/yhs/search
FF SearchEngineOrder.1: Yahoo! (Avast)
FF Keyword.URL: https://fr.search.yahoo.com/yhs/search
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF32_16_0_0_305.dll [2015-03-06] ()
FF Plugin: @adobe.com/ShockwavePlayer -> C:\WINDOWS\system32\Adobe\Director\np32dsw_1212152.dll [2014-05-30] (Adobe Systems, Inc.)
FF Plugin: @Apple.com/iTunes,version=1.0 -> C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll [2013-09-09] ()
FF Plugin: @divx.com/DivX Browser Plugin,version=1.0.0 -> C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll No File
FF Plugin: @divx.com/DivX Player Plugin,version=1.0.0 -> C:\Program Files\DivX\DivX Player\npDivxPlayerPlugin.dll No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-13] ( Microsoft Corporation)
FF Plugin: @microsoft.com/WPF,version=3.5 -> c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll [2008-07-29] (Microsoft Corporation)
FF Plugin: @pack.google.com/Google Updater;version=14 -> C:\Program Files\Google\Google Updater\2.4.2432.1652\npCIDetect14.dll [2011-09-18] (Google)
FF Plugin: @real.com/npracplug;version=1.0.0.0 -> C:\Program Files\Real\RealArcade\Plugins\Mozilla\npracplug.dll No File
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.24.15\npGoogleUpdate3.dll No File
FF Plugin: @videolan.org/vlc,version=2.0.3 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2014-07-23] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.3 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2014-07-23] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.5 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2014-07-23] (VideoLAN)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2012-09-23] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-954205609-2775621011-387984521-1009: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll No File
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\np-mswmp.dll [2007-04-10] (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npornap.dll [2007-03-27] (UNISYS France)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nppdf32.dll [2012-09-23] (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin.dll [2014-11-13] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin2.dll [2014-11-13] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin3.dll [2014-11-13] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin4.dll [2014-11-13] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin5.dll [2014-11-13] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin6.dll [2014-11-13] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin7.dll [2014-11-13] (Apple Inc.)
FF SearchPlugin: C:\Documents and Settings\christelle\Application Data\Mozilla\Firefox\Profiles\o88r8qki.default-1399979294234\searchplugins\yahoo-avast.xml [2014-06-15]
FF HKLM\...\Firefox\Extensions: [jqs@sun.com] - C:\Program Files\Java\jre6\lib\deploy\jqs\ff
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF Extension: Microsoft .NET Framework Assistant - c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension [2010-06-29]
FF HKLM\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2013-10-02]
FF HKU\.DEFAULT\...\Firefox\Extensions: [{1650a312-02bc-40ee-977e-83f158701739}] - C:\Program Files\SiteAdvisor\6261\FF
FF Extension: McAfee SiteAdvisor - C:\Program Files\SiteAdvisor\6261\FF [2008-05-22]
FF HKU\S-1-5-19\...\Firefox\Extensions: [{1650a312-02bc-40ee-977e-83f158701739}] - C:\Program Files\SiteAdvisor\6261\FF
FF HKU\S-1-5-20\...\Firefox\Extensions: [{1650a312-02bc-40ee-977e-83f158701739}] - C:\Program Files\SiteAdvisor\6261\FF
FF HKU\S-1-5-21-954205609-2775621011-387984521-1009\...\Firefox\Extensions: [{1650a312-02bc-40ee-977e-83f158701739}] - C:\Program Files\SiteAdvisor\6261\FF

Chrome:
=======
CHR HKLM\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2015-03-06]
CHR HKU\S-1-5-21-954205609-2775621011-387984521-1009\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [gaiilaahiahdejapggenmdmafpmbipje] - C:\Program Files\DealPly\DealPly.crx [Not Found]
CHR HKU\S-1-5-21-954205609-2775621011-387984521-1009\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [pflphaooapbgpeakohlggbpidpppgdff] - C:\DOCUME~1\CHRIST~1\LOCALS~1\APPLIC~1\mysearchdial-speeddial.crx [Not Found]

========================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 Apple Mobile Device; C:\Program Files\Fichiers communs\Apple\Mobile Device Support\AppleMobileDeviceService.exe [60744 2014-10-07] (Apple Inc.)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [343336 2015-03-06] (Avast Software s.r.o.)
S4 IDriverT; C:\Program Files\Fichiers communs\InstallShield\Driver\1150\Intel 32\IDriverT.exe [69632 2005-11-14] (Macrovision Corporation) [File not signed]
R2 JavaQuickStarterService; C:\Program Files\Java\jre7\bin\jqs.exe [182696 2015-01-12] (Oracle Corporation)
S4 LVPrcSrv; c:\program files\fichiers communs\logitech\lvmvfm\LVPrcSrv.exe [81920 2005-12-09] (Logitech Inc.) [File not signed]
S3 ose; C:\Program Files\Fichiers communs\Microsoft Shared\Source Engine\OSE.EXE [89136 2003-07-28] (Microsoft Corporation)
S4 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [13592 2006-11-03] (Microsoft Corporation)
S4 WLSetupSvc; C:\Program Files\Windows Live\installer\WLSetupSvc.exe [266240 2007-10-25] (Microsoft Corporation) [File not signed]
S3 getPlusHelper; C:\Program Files\NOS\bin\getPlus_Helper.dll [X]

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R3 ALCXWDM; C:\WINDOWS\System32\drivers\ALCXWDM.SYS [3644928 2005-08-29] (Realtek Semiconductor Corp.)
R1 AmdK8; C:\WINDOWS\System32\DRIVERS\AmdK8.sys [43008 2005-03-09] (Advanced Micro Devices)
R2 aswHwid; C:\WINDOWS\system32\drivers\aswHwid.sys [24144 2015-03-06] ()
R2 aswMonFlt; C:\WINDOWS\system32\drivers\aswMonFlt.sys [73440 2015-03-06] (Avast Software s.r.o.)
R1 AswRdr; C:\WINDOWS\system32\drivers\aswRdr.sys [55200 2015-03-06] (Avast Software s.r.o.)
R0 aswRvrt; C:\WINDOWS\system32\Drivers\aswRvrt.sys [49904 2015-03-06] ()
R1 aswSnx; C:\WINDOWS\system32\drivers\aswSnx.sys [788272 2015-03-06] (Avast Software s.r.o.)
R1 aswSP; C:\WINDOWS\system32\drivers\aswSP.sys [427480 2015-03-06] (Avast Software s.r.o.)
R1 aswTdi; C:\WINDOWS\system32\drivers\aswTdi.sys [57888 2015-03-06] (Avast Software s.r.o.)
R0 aswVmm; C:\WINDOWS\system32\Drivers\aswVmm.sys [206976 2015-03-06] ()
R0 BtHidBus; C:\WINDOWS\System32\Drivers\BtHidBus.sys [20616 2008-07-31] (IVT Corporation.)
S3 CCDECODE; C:\WINDOWS\System32\DRIVERS\CCDECODE.sys [17024 2008-04-13] (Microsoft Corporation)
R1 Cdr4_xp; C:\WINDOWS\system32\Drivers\Cdr4_xp.sys [2432 2007-01-26] (Sonic Solutions) [File not signed]
R1 Cdralw2k; C:\WINDOWS\system32\Drivers\Cdralw2k.sys [2560 2007-01-26] (Sonic Solutions) [File not signed]
R1 cdudf_xp; C:\WINDOWS\system32\Drivers\cdudf_xp.sys [249344 2003-02-27] (Roxio) [File not signed]
R3 dvd_2K; C:\WINDOWS\system32\Drivers\dvd_2K.sys [21654 2003-02-27] (Roxio) [File not signed]
S3 ezplay; C:\WINDOWS\System32\Drivers\ezplay.sys [94208 2007-07-05] (VSO Software) [File not signed]
S3 IvtBtBUs; C:\WINDOWS\System32\Drivers\IvtBtBus.sys [26248 2008-07-02] (IVT Corporation.)
S3 k750bus; C:\WINDOWS\System32\DRIVERS\k750bus.sys [55216 2006-09-14] (MCCI) [File not signed]
S3 k750mdfl; C:\WINDOWS\System32\DRIVERS\k750mdfl.sys [6576 2006-09-14] (MCCI) [File not signed]
S3 k750mdm; C:\WINDOWS\System32\DRIVERS\k750mdm.sys [89872 2006-09-14] (MCCI) [File not signed]
S3 k750mgmt; C:\WINDOWS\System32\DRIVERS\k750mgmt.sys [81728 2006-09-14] (MCCI) [File not signed]
S3 k750obex; C:\WINDOWS\System32\DRIVERS\k750obex.sys [79488 2006-09-14] (MCCI) [File not signed]
S3 LHidUsbK; C:\WINDOWS\System32\Drivers\LHidUsbK.Sys [36480 2004-12-10] (Logitech, Inc.)
S3 ltmodem5; C:\WINDOWS\System32\DRIVERS\ltmdmnt.sys [607452 2004-08-04] (LT)
S3 LUsbKbd; C:\WINDOWS\System32\Drivers\LUsbKbd.Sys [15744 2004-12-10] (Logitech, Inc.)
S3 Lvckap; C:\WINDOWS\system32\drivers\Lvckap.sys [2174464 2005-12-09] () [File not signed]
S3 lvmvdrv; C:\WINDOWS\system32\drivers\lvmvdrv.sys [2400256 2005-12-09] () [File not signed]
S3 LVPrcMon; C:\WINDOWS\system32\drivers\LVPrcMon.sys [16768 2005-12-09] () [File not signed]
S3 LVUSBSta; C:\WINDOWS\System32\drivers\lvusbsta.sys [22016 2005-05-27] (Logitech Inc.)
S3 mmc_2K; C:\WINDOWS\system32\Drivers\mmc_2K.sys [22758 2003-02-27] (Roxio) [File not signed]
S3 NdisIP; C:\WINDOWS\System32\DRIVERS\NdisIP.sys [10880 2008-04-13] (Microsoft Corporation)
S3 PCASp50; C:\WINDOWS\System32\Drivers\PCASp50.sys [20096 2005-11-19] (Printing Communications Assoc., Inc. (PCAUSA)) [File not signed]
S3 pcouffin; C:\WINDOWS\System32\Drivers\pcouffin.sys [47360 2007-07-05] (VSO Software) [File not signed]
S3 pepifilter; C:\WINDOWS\System32\DRIVERS\lv302af.sys [7136 2005-05-27] (Logitech Inc.)
S3 pfc; C:\WINDOWS\system32\drivers\pfc.sys [10368 2003-10-24] (Padus, Inc.) [File not signed]
S3 PID_08A0; C:\WINDOWS\System32\DRIVERS\LV302AV.SYS [913280 2005-05-27] (Logitech Inc.)
R1 pwd_2k; C:\WINDOWS\system32\Drivers\pwd_2k.sys [118422 2003-02-27] (Roxio) [File not signed]
S3 rtl8139; C:\WINDOWS\System32\DRIVERS\RTL8139.SYS [20992 2004-08-03] (Realtek Semiconductor Corporation)
S3 se44bus; C:\WINDOWS\System32\DRIVERS\se44bus.sys [61536 2006-11-30] (MCCI) [File not signed]
S3 se44mdfl; C:\WINDOWS\System32\DRIVERS\se44mdfl.sys [9360 2006-11-30] (MCCI) [File not signed]
S3 se44mdm; C:\WINDOWS\System32\DRIVERS\se44mdm.sys [97088 2006-11-30] (MCCI) [File not signed]
S3 se44mgmt; C:\WINDOWS\System32\DRIVERS\se44mgmt.sys [88624 2006-11-30] (MCCI) [File not signed]
S3 se44nd5; C:\WINDOWS\System32\DRIVERS\se44nd5.sys [18704 2006-11-30] (MCCI) [File not signed]
S3 se44obex; C:\WINDOWS\System32\DRIVERS\se44obex.sys [86432 2006-11-30] (MCCI) [File not signed]
S3 se44unic; C:\WINDOWS\System32\DRIVERS\se44unic.sys [90800 2006-11-30] (MCCI) [File not signed]
S3 SONYPVU1; C:\WINDOWS\System32\DRIVERS\SONYPVU1.SYS [7552 2001-08-17] (Sony Corporation)
R1 UdfReadr_xp; C:\WINDOWS\system32\Drivers\UdfReadr_xp.sys [206464 2003-02-27] (Roxio)
S3 USB_RNDIS; C:\WINDOWS\System32\DRIVERS\usb8023.sys [12928 2013-02-12] (Microsoft Corporation)
S3 Ad-Watch Connect Filter; \??\C:\WINDOWS\system32\drivers\NSDriver.sys [X]
S3 BT; system32\DRIVERS\btnetdrv.sys [X]
S3 MEMSWEEP2; \??\C:\WINDOWS\system32\A2.tmp [X]
U5 ScsiPort; C:\WINDOWS\system32\drivers\scsiport.sys [96384 2008-04-13] (Microsoft Corporation)
S3 VComm; system32\DRIVERS\VComm.sys [X]
S3 VcommMgr; System32\Drivers\VcommMgr.sys [X]
S3 ZSMC301b; System32\Drivers\usbVM31b.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-03-09 21:15 - 2015-03-09 21:17 - 00023736 ____C () C:\Documents and Settings\christelle\Bureau\FRST.txt
2015-03-09 21:15 - 2015-03-09 21:16 - 00000000 ___DC () C:\FRST
2015-03-09 21:12 - 2015-03-09 21:13 - 01134592 ____C (Farbar) C:\Documents and Settings\christelle\Bureau\FRST.exe
2015-03-09 19:29 - 2015-03-09 19:29 - 00003043 ____C () C:\Documents and Settings\christelle\Bureau\DelFix.txt
2015-03-09 19:27 - 2015-03-09 19:28 - 00003043 ____C () C:\DelFix.txt
2015-03-09 18:12 - 2015-03-09 18:12 - 00004783 ____C () C:\WINDOWS\system32\hs_err_pid188.log
2015-03-09 18:12 - 2015-03-09 18:12 - 00004683 ____C () C:\WINDOWS\system32\hs_err_pid1692.log
2015-03-09 14:59 - 2015-03-09 14:59 - 00004787 ____C () C:\WINDOWS\system32\hs_err_pid2668.log
2015-03-09 14:59 - 2015-03-09 14:59 - 00004686 ____C () C:\WINDOWS\system32\hs_err_pid2132.log
2015-03-07 11:46 - 2015-03-07 11:46 - 00004782 ____C () C:\WINDOWS\system32\hs_err_pid468.log
2015-03-07 11:46 - 2015-03-07 11:46 - 00004683 ____C () C:\WINDOWS\system32\hs_err_pid1908.log
2015-03-06 12:07 - 2015-03-06 13:53 - 00000120 ____C () C:\WINDOWS\setupact.log
2015-03-06 12:07 - 2015-03-06 12:07 - 00000000 ____C () C:\WINDOWS\setuperr.log
2015-03-06 11:45 - 2015-03-09 18:32 - 00000000 ___DC () C:\Documents and Settings\christelle\Application Data\ZHP
2015-03-06 00:34 - 2015-03-06 00:33 - 00291312 ____C (Avast Software s.r.o.) C:\WINDOWS\system32\aswBoot.exe
2015-03-06 00:33 - 2015-03-06 00:33 - 00043112 ____C (Avast Software s.r.o.) C:\WINDOWS\avastSS.scr
2015-03-06 00:28 - 2015-03-06 00:28 - 00027817 ____C () C:\Documents and Settings\christelle\Mes documents\AdwCleaner[S0].txt
2015-03-06 00:00 - 2015-03-06 00:02 - 00000000 ___DC () C:\Program Files\Mozilla Firefox
2015-03-05 21:48 - 2015-03-05 21:48 - 00001804 ____C () C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Adobe Reader XI.lnk
2015-03-05 21:48 - 2015-03-05 21:48 - 00001742 ____C () C:\Documents and Settings\All Users\Bureau\Adobe Reader XI.lnk
2015-03-05 10:13 - 2015-03-05 21:27 - 00000000 ___DC () C:\Program Files\ReactorSubs

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-03-09 21:17 - 2010-10-23 21:09 - 00000000 ___DC () C:\Documents and Settings\christelle\Local Settings\temp
2015-03-09 21:15 - 2006-08-18 21:03 - 00000000 ___DC () C:\Documents and Settings\christelle\Bureau
2015-03-09 21:13 - 2012-04-06 15:50 - 00001002 ____C () C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2015-03-09 21:13 - 2009-08-29 16:07 - 00000000 ___DC () C:\Documents and Settings\christelle\Mes documents\Téléchargements
2015-03-09 19:27 - 2006-08-18 21:03 - 00000000 ___DC () C:\Documents and Settings\christelle
2015-03-09 19:27 - 2005-10-26 23:34 - 00000000 ___DC () C:\Documents and Settings\All Users\Menu Démarrer\Programmes
2015-03-09 18:43 - 2014-12-21 16:21 - 00394874 ____C () C:\WINDOWS\WindowsUpdate.log
2015-03-09 18:19 - 2013-10-02 17:04 - 00000364 ___HC () C:\WINDOWS\Tasks\avast! Emergency Update.job
2015-03-09 18:13 - 2004-11-23 15:25 - 00001158 ____C () C:\WINDOWS\system32\wpa.dbl
2015-03-09 18:12 - 2014-12-23 20:50 - 00000159 ____C () C:\WINDOWS\wiadebug.log
2015-03-09 18:12 - 2014-12-23 20:50 - 00000050 ____C () C:\WINDOWS\wiaservc.log
2015-03-09 18:12 - 2005-01-01 18:33 - 00000000 ___DC () C:\WINDOWS\Microsoft.NET
2015-03-09 18:11 - 2004-11-23 15:29 - 00000006 ___HC () C:\WINDOWS\Tasks\SA.DAT
2015-03-09 18:10 - 2014-12-23 20:49 - 00032524 ____C () C:\WINDOWS\SchedLgU.Txt
2015-03-09 18:09 - 2006-08-18 21:03 - 00000284 __SHC () C:\Documents and Settings\christelle\ntuser.ini
2015-03-09 15:30 - 2005-10-26 23:35 - 00000000 ___DC () C:\Program Files\Fichiers communs
2015-03-06 14:24 - 2010-06-19 11:25 - 00000000 ___DC () C:\Documents and Settings\christelle\Application Data\vlc
2015-03-06 14:01 - 2006-10-06 13:16 - 04777598 __SHC () C:\Documents and Settings\christelle\Mes documents\Thumbs.db
2015-03-06 11:37 - 2013-08-25 19:23 - 00000000 ___DC () C:\WINDOWS\system32\MRT
2015-03-06 11:13 - 2006-09-10 14:35 - 113756392 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2015-03-06 01:16 - 2013-07-31 10:27 - 00000000 ___DC () C:\Documents and Settings\christelle\Application Data\Skype
2015-03-06 01:16 - 2013-07-31 10:24 - 00000000 ___DC () C:\Documents and Settings\All Users\Application Data\Skype
2015-03-06 01:16 - 2005-10-20 20:05 - 00000000 ___DC () C:\Documents and Settings\All Users\Bureau
2015-03-06 01:16 - 2005-01-01 18:59 - 00000000 ___DC () C:\Program Files\Fichiers communs\Adobe
2015-03-06 00:34 - 2014-04-25 12:42 - 00024144 ____C () C:\WINDOWS\system32\Drivers\aswHwid.sys
2015-03-06 00:34 - 2013-10-02 17:04 - 00427480 ____C (Avast Software s.r.o.) C:\WINDOWS\system32\Drivers\aswSP.sys
2015-03-06 00:34 - 2013-10-02 17:04 - 00206976 ____C () C:\WINDOWS\system32\Drivers\aswVmm.sys
2015-03-06 00:34 - 2013-10-02 17:04 - 00073440 ____C (Avast Software s.r.o.) C:\WINDOWS\system32\Drivers\aswMonFlt.sys
2015-03-06 00:34 - 2013-10-02 17:04 - 00057888 ____C (Avast Software s.r.o.) C:\WINDOWS\system32\Drivers\aswTdi.sys
2015-03-06 00:34 - 2013-10-02 17:04 - 00055200 ____C (Avast Software s.r.o.) C:\WINDOWS\system32\Drivers\aswRdr.sys
2015-03-06 00:34 - 2013-10-02 17:04 - 00049904 ____C () C:\WINDOWS\system32\Drivers\aswRvrt.sys
2015-03-06 00:33 - 2013-10-02 17:04 - 00788272 ____C (Avast Software s.r.o.) C:\WINDOWS\system32\Drivers\aswSnx.sys
2015-03-06 00:27 - 2012-04-06 15:50 - 00701616 ____C (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerApp.exe
2015-03-06 00:27 - 2011-06-16 07:38 - 00071344 ____C (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerCPLApp.cpl
2015-03-06 00:23 - 2012-05-06 23:25 - 00000000 ___DC () C:\Program Files\Mozilla Maintenance Service
2015-03-06 00:21 - 2007-03-07 09:34 - 00000000 __RDC () C:\Documents and Settings\eMule_Secure\Favoris
2015-03-06 00:21 - 2007-01-04 00:00 - 00000000 ___DC () C:\Documents and Settings\Administrateur\Favoris
2015-03-06 00:21 - 2006-08-18 21:03 - 00000000 ___DC () C:\Documents and Settings\christelle\Menu Démarrer\Programmes
2015-03-06 00:21 - 2006-08-18 21:03 - 00000000 ___DC () C:\Documents and Settings\christelle\Menu Démarrer
2015-03-06 00:21 - 2005-10-26 23:34 - 00000000 ___DC () C:\Documents and Settings\Default User\Favoris
2015-03-06 00:21 - 2005-10-26 23:34 - 00000000 ___DC () C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage
2015-03-05 21:48 - 2004-11-23 15:21 - 00001727 ____C () C:\WINDOWS\win.ini
2015-03-05 21:46 - 2006-09-14 07:55 - 00000000 ___DC () C:\Documents and Settings\All Users\Application Data\Adobe
2015-03-05 21:45 - 2005-01-01 18:59 - 00000000 ___DC () C:\Program Files\Adobe
2015-03-05 21:42 - 2015-01-12 14:48 - 00000000 ___DC () C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Java

==================== Files in the root of some directories =======

2006-09-08 08:00 - 2006-09-08 08:00 - 0774144 ____C (RealNetworks, Inc.) C:\Program Files\RngInterstitial.dll
2007-10-13 23:52 - 2011-12-26 23:55 - 0036864 ____C () C:\Documents and Settings\christelle\Application Data\CDRusersDB.v12
2007-07-05 23:44 - 2007-07-05 23:52 - 0007861 ____C () C:\Documents and Settings\christelle\Application Data\ezplay.cat
2007-07-05 23:44 - 2007-07-05 23:52 - 0001104 ____C () C:\Documents and Settings\christelle\Application Data\ezplay.inf
2007-07-05 23:44 - 2007-07-05 23:44 - 0000125 ____C () C:\Documents and Settings\christelle\Application Data\ezplay.ini
2007-07-05 23:45 - 2007-07-05 23:52 - 0000033 ____C () C:\Documents and Settings\christelle\Application Data\ezplay.log
2007-07-05 23:44 - 2007-07-05 23:52 - 0094208 ____C (VSO Software) C:\Documents and Settings\christelle\Application Data\ezplay.sys
2007-07-05 23:44 - 2007-07-05 23:52 - 0007887 ____C () C:\Documents and Settings\christelle\Application Data\pcouffin.cat
2007-07-05 23:44 - 2007-07-05 23:52 - 0001144 ____C () C:\Documents and Settings\christelle\Application Data\pcouffin.inf
2007-07-05 23:44 - 2007-07-05 23:52 - 0000033 ____C () C:\Documents and Settings\christelle\Application Data\pcouffin.log
2007-07-05 23:44 - 2007-07-05 23:52 - 0047360 ____C (VSO Software) C:\Documents and Settings\christelle\Application Data\pcouffin.sys
2011-10-23 19:01 - 2014-03-31 16:46 - 0000556 ____C () C:\Documents and Settings\christelle\Application Data\trueburner.ini
2014-03-31 17:40 - 2014-03-31 17:40 - 0000045 ____C () C:\Documents and Settings\christelle\Application Data\WB.CFG
2006-08-20 00:27 - 2014-03-31 17:58 - 0007510 ____C () C:\Documents and Settings\christelle\Application Data\wklnhst.dat
2006-09-08 15:11 - 2013-08-25 14:45 - 0152576 ____C () C:\Documents and Settings\christelle\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2006-08-18 21:03 - 2006-08-18 21:03 - 0000133 ____C () C:\Documents and Settings\christelle\Local Settings\Application Data\fusioncache.dat

Some content of TEMP:
====================
C:\Documents and Settings\christelle\Local Settings\temp\GLB1A2B.EXE
C:\Documents and Settings\christelle\Local Settings\temp\Quarantine.exe
C:\Documents and Settings\christelle\Local Settings\temp\sqlite3.dll


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed

==================== End Of Log ============================

Publicité


Signaler le contenu de ce document

Publicité