cjoint

Publicité


Publicité

Format du document : text/plain

Prévisualisation

Résultats d'analyse de Farbar Recovery Scan Tool (FRST) (x86) Version:30-09-2015
Exécuté par EMILIE ROGER (administrateur) sur PCEMILIE (01-10-2015 18:49:51)
Exécuté depuis E:\Desktop
Profils chargés: EMILIE ROGER (Profils disponibles: EMILIE ROGER)
Platform: Microsoft® Windows Vista™ Édition Familiale Premium Service Pack 2 (X86) Langue: Français (France)
Internet Explorer Version 9 (Navigateur par défaut: FF)
Mode d'amorçage: Normal
Tutoriel pour Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processus (Avec liste blanche) =================

(Si un élément est inclus dans le fichier fixlist.txt, le processus sera arrêté. Le fichier ne sera pas déplacé.)

(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
(ATI Technologies Inc.) C:\Windows\System32\Ati2evxx.exe
(Microsoft Corporation) C:\Windows\System32\SLsvc.exe
(ATI Technologies Inc.) C:\Windows\System32\Ati2evxx.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Agere Systems) C:\Windows\System32\agrsmsvc.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(TOSHIBA CORPORATION) C:\Program Files\Toshiba\ConfigFree\CFSvcs.exe
(Microsoft Corporation) C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
(Toshiba Europe GmbH) C:\Program Files\Toshiba TEMPRO\TempoSVC.exe
(TOSHIBA Corporation) C:\Program Files\Toshiba\TOSHIBA DVD PLAYER\TNaviSrv.exe
(TOSHIBA Corporation) C:\Windows\System32\TODDSrv.exe
(TOSHIBA Corporation) C:\Program Files\Toshiba\Power Saver\TosCoSrv.exe
(TOSHIBA Corporation) C:\Program Files\Toshiba\SMARTLogService\TosIPCSrv.exe
(Ulead Systems, Inc.) C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
(Microsoft Corp.) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE
(Toshiba) C:\Program Files\Toshiba\SmartFaceV\SmartFaceVWatchSrv.exe
(Microsoft Corp.) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVCM.EXE
(Avast Software) C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Microsoft Corporation) C:\Windows\System32\wbem\unsecapp.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Microsoft Corporation) C:\Windows\System32\conime.exe


==================== Registre (Avec liste blanche) ===========================

(Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé. Le fichier ne sera pas déplacé.)

HKLM\...\Run: [00TCrdMain] => C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe [726904 2008-07-15] (TOSHIBA Corporation)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [6111824 2015-09-15] (AVAST Software)
HKU\S-1-5-21-3380765469-3988984057-3575610650-1000\...\MountPoints2: {042e6333-df2a-11dd-b14b-00215d637eb4} - D:\LaunchU3.exe -a
HKU\S-1-5-21-3380765469-3988984057-3575610650-1000\...\MountPoints2: {75f26732-df1e-11dd-bdc0-806e6f6e6963} - F:\bdf.exe
HKU\S-1-5-21-3380765469-3988984057-3575610650-1000\...\MountPoints2: {87cf3886-152f-11de-9a46-000000000000} - G:\RESTORE\S-1-5-21-1482476501-1644491937-682003330-1013\wmplayer32.exe
HKU\S-1-5-21-3380765469-3988984057-3575610650-1000\...\MountPoints2: {9d65d7b7-8bd7-11e1-a60f-00215d637eb4} - G:\AutoRunCardDetector.exe
HKU\S-1-5-21-3380765469-3988984057-3575610650-1000\...\MountPoints2: {9d65d7c4-8bd7-11e1-a60f-00215d637eb4} - D:\AutoRunCardDetector.exe
HKU\S-1-5-21-3380765469-3988984057-3575610650-1000\...\MountPoints2: {a4b571b2-c0b7-11de-95a9-00215d637eb4} - D:\AutoRunCardDetector.exe
HKU\S-1-5-21-3380765469-3988984057-3575610650-1000\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\system32\Bubbles.scr [879616 2008-01-21] (Microsoft Corporation)
HKU\S-1-5-21-3380765469-3988984057-3575610650-1000\...409d6c4515e9\InprocServer32: [Default-shell32] <==== ATTENTION
AppInit_DLLs: C:/PROGRA~2/{C17F2~1/171~1.0/lomi.dll => C:\ProgramData\{C17F29BC-91FD-F83A-207B-88B8F0F95B36}\1.7.1.0\lomi.dll [649216 2015-01-08] ()
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2015-09-15] (AVAST Software)
ShellIconOverlayIdentifiers: [GDriveSharedOverlay] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44} => Pas de fichier
Startup: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\TRDCReminder.lnk [2008-09-17]
ShortcutTarget: TRDCReminder.lnk -> C:\Program Files\Toshiba\TRDCReminder\TRDCReminder.exe (TOSHIBA Europe)
Startup: C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\TRDCReminder.lnk [2008-09-17]
ShortcutTarget: TRDCReminder.lnk -> C:\Program Files\Toshiba\TRDCReminder\TRDCReminder.exe (TOSHIBA Europe)

==================== Internet (Avec liste blanche) ====================

(Si un élément est inclus dans le fichier fixlist.txt, s'il s'agit d'un élément du Registre, il sera supprimé ou restauré à la valeur par défaut.)

Winsock: Catalog5 07 C:\Program Files\Bonjour\mdnsNSP.dll [121704 2011-08-30] (Apple Inc.)
Hosts: Il y a plus d'un élément dans hosts. Voir la section Hosts de Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{2E77DC8D-D5EF-443D-B776-1C0BE5100833}: [DhcpNameServer] 192.168.1.1

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://www.google.com/?trackid=sp-006
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxps://www.google.com/search?trackid=sp-006&q={searchTerms}
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKU\S-1-5-21-3380765469-3988984057-3575610650-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://www.google.com/?trackid=sp-006
HKU\S-1-5-21-3380765469-3988984057-3575610650-1000\Software\Microsoft\Internet Explorer\Main,Search bar = hxxps://www.google.com/?trackid=sp-006
HKU\S-1-5-21-3380765469-3988984057-3575610650-1000\Software\Microsoft\Internet Explorer\Main,Search Page = hxxps://www.google.com/search?trackid=sp-006&q={searchTerms}
SearchScopes: HKLM -> DefaultScope {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL = hxxps://www.google.com/search?trackid=sp-006&q={searchTerms}
SearchScopes: HKLM -> {2381E4B7-5C04-459E-9D46-2F9AC1608B66} URL = hxxp://search.yahoo.com/search?p={searchTerms}&ei=utf-8&fr=ysp
SearchScopes: HKLM -> {DC91FAFB-6CEA-49E5-BB74-9CEE75D09B77} URL = hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7TSEA;
SearchScopes: HKLM -> {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL = hxxps://www.google.com/search?trackid=sp-006&q={searchTerms}
SearchScopes: HKU\.DEFAULT -> {2381E4B7-5C04-459E-9D46-2F9AC1608B66} URL = hxxp://search.yahoo.com/search?p={searchTerms}&ei=utf-8&fr=ysp
SearchScopes: HKU\S-1-5-19 -> {2381E4B7-5C04-459E-9D46-2F9AC1608B66} URL = hxxp://search.yahoo.com/search?p={searchTerms}&ei=utf-8&fr=ysp
SearchScopes: HKU\S-1-5-20 -> {2381E4B7-5C04-459E-9D46-2F9AC1608B66} URL = hxxp://search.yahoo.com/search?p={searchTerms}&ei=utf-8&fr=ysp
SearchScopes: HKU\S-1-5-21-3380765469-3988984057-3575610650-1000 -> DefaultScope {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL = hxxps://www.google.com/search?trackid=sp-006&q={searchTerms}
SearchScopes: HKU\S-1-5-21-3380765469-3988984057-3575610650-1000 -> {2381E4B7-5C04-459E-9D46-2F9AC1608B66} URL =
SearchScopes: HKU\S-1-5-21-3380765469-3988984057-3575610650-1000 -> {3329573D-13ED-4655-A41D-873196475564} URL = hxxp://search.yahoo.com/search?p={searchTerms}&ei=utf-8&fr=b1ie7
SearchScopes: HKU\S-1-5-21-3380765469-3988984057-3575610650-1000 -> {DC91FAFB-6CEA-49E5-BB74-9CEE75D09B77} URL = hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7TSEA_frFR309
SearchScopes: HKU\S-1-5-21-3380765469-3988984057-3575610650-1000 -> {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL = hxxps://www.google.com/search?trackid=sp-006&q={searchTerms}
BHO: Aide pour le lien d'Adobe PDF Reader -> {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} -> C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [2011-08-30] (Adobe Systems Incorporated)
BHO: Canon Easy-WebPrint EX BHO -> {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} -> C:\Program Files\Canon\Easy-WebPrint EX\ewpexbho.dll [2010-11-08] (CANON INC.)
BHO: Search Helper -> {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} -> C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll [2010-09-22] (Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll [2014-09-01] (Oracle Corporation)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21] (Microsoft Corp.)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll [2014-09-01] (Oracle Corporation)
Toolbar: HKLM - Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files\Canon\Easy-WebPrint EX\ewpexhlp.dll [2010-11-08] (CANON INC.)
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_38-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0006-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_06-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0038-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_38-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_38-windows-i586.cab
StartMenuInternet: IEXPLORE.EXE - iexplore.exe

FireFox:
========
FF ProfilePath: C:\Users\EMILIE ROGER\AppData\Roaming\Mozilla\Firefox\Profiles\lxv5h1xs.default
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32_19_0_0_185.dll [2015-09-23] ()
FF Plugin: @adobe.com/ShockwavePlayer -> C:\Windows\system32\Adobe\Director\np32dsw.dll [2010-04-01] (Adobe Systems, Inc.)
FF Plugin: @canon.com/EPPEX -> C:\Program Files\Canon\My Image Garden\AddOn\CIG\npmigfpi.dll [2011-11-30] (CANON INC.)
FF Plugin: @Google.com/GoogleEarthPlugin -> C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll [2013-10-07] (Google)
FF Plugin: @java.com/DTPlugin,version=10.67.2 -> C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll [2014-09-01] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.67.2 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll [2014-09-01] (Oracle Corporation)
FF Plugin: @messenger.yahoo.com/YahooMessengerStatePlugin;version=1.0.0.6 -> C:\Program Files\Yahoo!\Shared\npYState.dll [2009-01-08] (Yahoo! Inc.)
FF Plugin: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll [2010-11-10] (Microsoft Corporation)
FF Plugin: @microsoft.com/WLPG,version=15.4.3508.1109 -> C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll [2010-11-10] (Microsoft Corporation)
FF Plugin: @microsoft.com/WPF,version=3.5 -> C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll [2008-07-29] (Microsoft Corporation)
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-09-15] (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-09-15] (Google Inc.)
FF Plugin: @videolan.org/vlc,version=2.1.3 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2014-02-05] (VideoLAN)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll [2012-09-20] (Adobe Systems)
FF Extension: WOT - C:\Users\EMILIE ROGER\AppData\Roaming\Mozilla\Firefox\Profiles\lxv5h1xs.default\Extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7} [2015-10-01]
FF Extension: Adblock Plus - C:\Users\EMILIE ROGER\AppData\Roaming\Mozilla\Firefox\Profiles\lxv5h1xs.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2015-10-01]
FF Extension: WOT - C:\Users\EMILIE ROGER\AppData\Roaming\Mozilla\Firefox\Profiles\lxv5h1xs.default\Extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7} [2015-10-01]
FF Extension: Adblock Plus - C:\Users\EMILIE ROGER\AppData\Roaming\Mozilla\Firefox\Profiles\lxv5h1xs.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2015-10-01]
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF Extension: Microsoft .NET Framework Assistant - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension [2015-01-28]
FF HKLM\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2012-05-09]

Chrome:
=======
CHR HKLM\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswwebrepchrome-sp.crx [2014-08-05]
CHR HKLM\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2015-04-23]

==================== Services (Avec liste blanche) ========================

(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)

S3 Adobe LM Service; C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe [72704 2010-07-17] (Adobe Systems) [Fichier non signé]
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [146600 2015-09-15] (AVAST Software)
R3 AvastVBoxSvc; C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe [3218624 2015-09-15] (Avast Software)
R2 ConfigFree Service; C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe [40960 2008-07-10] (TOSHIBA CORPORATION) [Fichier non signé]
R3 SmartFaceVWatchSrv; C:\Program Files\Toshiba\SmartFaceV\SmartFaceVWatchSrv.exe [77824 2008-08-25] (Toshiba) [Fichier non signé]
S3 SwitchBoard; C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [Fichier non signé]
R2 TempoMonitoringService; C:\Program Files\Toshiba TEMPRO\TempoSVC.exe [99720 2008-08-26] (Toshiba Europe GmbH)
R2 TOSHIBA SMART Log Service; C:\Program Files\TOSHIBA\SMARTLogService\TosIPCSrv.exe [106496 2008-07-15] (TOSHIBA Corporation) [Fichier non signé]
R2 UleadBurningHelper; C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe [49152 2006-08-23] (Ulead Systems, Inc.) [Fichier non signé]
S2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [272952 2008-01-21] (Microsoft Corporation)
S2 TOSHIBA Bluetooth Service; c:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe [X]

===================== Pilotes (Avec liste blanche) ==========================

(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)

R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [24016 2015-09-15] (AVAST Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [76000 2015-09-15] (AVAST Software)
R1 AswRdr; C:\Windows\system32\drivers\aswRdr.sys [55200 2015-09-15] (AVAST Software)
R0 aswRvrt; C:\Windows\system32\Drivers\aswRvrt.sys [49776 2015-09-15] (AVAST Software)
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [788784 2015-09-15] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [433264 2015-09-15] (AVAST Software)
R3 aswStmXP; C:\Windows\system32\drivers\aswStmXP.sys [161472 2015-09-15] (AVAST Software)
S3 aswTdi; C:\Windows\system32\drivers\aswTdi.sys [57888 2015-09-15] (AVAST Software)
R0 aswVmm; C:\Windows\system32\Drivers\aswVmm.sys [208664 2015-09-15] (AVAST Software)
S3 hwdatacard; C:\Windows\System32\DRIVERS\ewusbmdm.sys [101504 2008-11-12] (Huawei Technologies Co., Ltd.) [Fichier non signé]
S3 hwusbfake; C:\Windows\System32\DRIVERS\ewusbfake.sys [100224 2008-11-12] (Huawei Technologies Co., Ltd.) [Fichier non signé]
R0 LPCFilter; C:\Windows\System32\DRIVERS\LPCFilter.sys [25896 2008-05-07] (COMPAL ELECTRONIC INC.)
R0 ngvss; C:\Windows\system32\Drivers\ngvss.sys [95112 2015-09-15] (AVAST Software)
S3 PCAMp50; C:\Windows\System32\Drivers\PCAMp50.sys [28224 2006-11-28] (Printing Communications Assoc., Inc. (PCAUSA))
S3 PCASp50; C:\Windows\System32\Drivers\PCASp50.sys [27072 2006-11-28] (Printing Communications Assoc., Inc. (PCAUSA))
R3 UVCFTR; C:\Windows\System32\Drivers\UVCFTR_S.SYS [17960 2008-07-15] (Chicony Electronics Co., Ltd.)
R2 VBoxAswDrv; C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxAswDrv.sys [220752 2015-09-15] (Avast Software)
S3 e4usbaw; system32\DRIVERS\e4usbaw.sys [X]
S2 IKANLOADER2; System32\Drivers\e4ldr.sys [X]
S3 IpInIp; system32\DRIVERS\ipinip.sys [X]
S3 NwlnkFlt; system32\DRIVERS\nwlnkflt.sys [X]
S3 NwlnkFwd; system32\DRIVERS\nwlnkfwd.sys [X]
S3 Tosrfcom; pas de ImagePath
S3 TpChoice; system32\DRIVERS\TpChoice.sys [X]
S3 USBAAPL; System32\Drivers\usbaapl.sys [X]

==================== NetSvcs (Avec liste blanche) ===================

(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)


==================== Un mois - Créés - fichiers et dossiers ========

(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)

2015-10-01 18:49 - 2015-10-01 18:49 - 00000000 ____D C:\FRST
2015-10-01 09:45 - 2015-10-01 09:45 - 00000000 ____D C:\Users\EMILIE ROGER\AppData\Local\Mozilla
2015-10-01 09:41 - 2015-10-01 09:41 - 00000823 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2015-10-01 09:41 - 2015-10-01 09:41 - 00000000 ____D C:\Program Files\Mozilla Maintenance Service
2015-10-01 09:41 - 2015-10-01 09:41 - 00000000 ____D C:\Program Files\Mozilla Firefox
2015-10-01 09:13 - 2015-10-01 15:59 - 00001772 _____ C:\Windows\PFRO.log
2015-09-30 22:43 - 2015-09-30 22:44 - 00000000 ____D C:\Program Files\ZHPFix
2015-09-30 22:43 - 2015-09-30 22:43 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ZHP
2015-09-30 12:48 - 2015-10-01 13:45 - 00000237 _____ C:\Users\EMILIE
2015-09-30 12:48 - 2015-10-01 13:45 - 00000000 ____D C:\Users\EMILIE ROGER\AppData\Roaming\ZHP
2015-09-17 09:14 - 2015-09-17 09:14 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVAST Software
2015-09-17 09:12 - 2015-09-15 11:22 - 00313472 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2015-09-15 11:23 - 2015-09-15 11:22 - 00161472 _____ (AVAST Software) C:\Windows\system32\Drivers\aswStmXP.sys
2015-09-15 11:23 - 2015-09-15 11:22 - 00095112 _____ (AVAST Software) C:\Windows\system32\Drivers\ngvss.sys
2015-09-15 11:22 - 2015-09-15 11:22 - 00043112 _____ (AVAST Software) C:\Windows\avastSS.scr
2015-09-10 08:56 - 2015-08-13 16:15 - 00304640 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv.sys
2015-09-10 08:56 - 2015-08-13 16:15 - 00102912 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srvnet.sys
2015-09-10 08:55 - 2015-09-02 23:26 - 01402368 _____ (Microsoft Corporation) C:\Windows\system32\msxml6.dll
2015-09-10 08:55 - 2015-09-02 23:26 - 01253376 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2015-09-10 08:51 - 2015-07-10 16:21 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2015-09-10 08:49 - 2015-09-02 23:26 - 00034304 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2015-09-10 08:49 - 2015-09-02 21:55 - 02067456 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2015-09-10 08:49 - 2015-09-02 21:54 - 00297472 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2015-09-10 08:49 - 2015-08-05 17:59 - 00602112 _____ (Microsoft Corporation) C:\Windows\system32\schedsvc.dll
2015-09-09 18:16 - 2015-08-17 19:18 - 01814016 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-09-09 18:16 - 2015-08-17 19:17 - 12388352 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-09-09 18:16 - 2015-08-17 19:14 - 00367616 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2015-09-09 18:16 - 2015-08-17 19:13 - 09751040 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-09-09 18:16 - 2015-08-17 19:12 - 01139712 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-09-09 18:16 - 2015-08-17 19:12 - 01129472 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-09-09 18:16 - 2015-08-17 19:11 - 01427968 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-09-09 18:16 - 2015-08-17 19:11 - 00422400 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-09-09 18:16 - 2015-08-17 19:10 - 01804288 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-09-09 18:16 - 2015-08-17 19:10 - 00718848 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2015-09-09 18:16 - 2015-08-17 19:10 - 00607744 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-09-09 18:16 - 2015-08-17 19:10 - 00353792 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2015-09-09 18:16 - 2015-08-17 19:10 - 00231936 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2015-09-09 18:16 - 2015-08-17 19:10 - 00223232 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-09-09 18:16 - 2015-08-17 19:10 - 00176640 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2015-09-09 18:16 - 2015-08-17 19:10 - 00142848 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2015-09-09 18:16 - 2015-08-17 19:10 - 00073216 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-09-09 18:16 - 2015-08-17 19:10 - 00065536 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2015-09-09 18:16 - 2015-08-17 19:10 - 00041472 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll
2015-09-09 18:16 - 2015-08-17 19:10 - 00011776 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe
2015-09-09 18:16 - 2015-08-17 19:10 - 00010752 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe
2015-09-09 18:16 - 2015-08-17 19:09 - 02382848 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb

==================== Un mois - Modifiés - fichiers et dossiers ========

(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)

2015-10-01 18:49 - 2006-11-02 13:18 - 00000000 ____D C:\Windows\tracing
2015-10-01 18:43 - 2012-01-03 19:42 - 00001056 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-10-01 17:59 - 2009-01-10 15:51 - 01064210 _____ C:\Windows\WindowsUpdate.log
2015-10-01 17:48 - 2014-01-06 20:10 - 00001052 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-10-01 17:48 - 2009-04-15 12:05 - 00065536 _____ C:\Windows\system32\Ikeext.etl
2015-10-01 17:48 - 2006-11-02 15:01 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2015-10-01 17:48 - 2006-11-02 14:47 - 00003216 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
2015-10-01 17:48 - 2006-11-02 14:47 - 00003216 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
2015-10-01 16:25 - 2006-11-02 13:18 - 00000000 ____D C:\Windows\system32\Msdtc
2015-10-01 16:25 - 2006-11-02 12:22 - 54525952 _____ C:\Windows\system32\config\components_previous
2015-10-01 16:25 - 2006-11-02 12:22 - 52428800 _____ C:\Windows\system32\config\software_previous
2015-10-01 16:25 - 2006-11-02 12:22 - 37486592 _____ C:\Windows\system32\config\system_previous
2015-10-01 16:25 - 2006-11-02 12:22 - 00524288 _____ C:\Windows\system32\config\default_previous
2015-10-01 16:25 - 2006-11-02 12:22 - 00262144 _____ C:\Windows\system32\config\security_previous
2015-10-01 16:25 - 2006-11-02 12:22 - 00262144 _____ C:\Windows\system32\config\sam_previous
2015-10-01 16:24 - 2014-04-04 17:02 - 00000000 ____D C:\Program Files\Bonjour
2015-10-01 16:24 - 2009-01-10 17:09 - 00000000 ____D C:\Users\EMILIE ROGER
2015-10-01 16:24 - 2006-11-02 13:18 - 00000000 ____D C:\Windows\registration
2015-10-01 10:14 - 2009-01-11 14:05 - 00000000 ____D C:\Users\EMILIE ROGER\AppData\Local\Adobe
2015-10-01 09:45 - 2009-01-10 19:29 - 00000000 ____D C:\Users\EMILIE ROGER\AppData\Roaming\Mozilla
2015-09-30 23:00 - 2006-11-02 15:01 - 00032588 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2015-09-30 22:44 - 2009-01-10 19:40 - 00000000 ____D C:\Program Files\Spybot - Search & Destroy
2015-09-30 17:48 - 2013-08-14 09:09 - 00000000 ____D C:\AdwCleaner
2015-09-30 17:24 - 2009-01-15 13:16 - 00000000 ____D C:\Program Files\Yahoo!
2015-09-29 20:43 - 2009-01-10 20:19 - 00000000 ____D C:\Program Files\Windows Live
2015-09-25 11:03 - 2009-01-11 14:00 - 00000000 ____D C:\Users\EMILIE ROGER\AppData\Roaming\Winamp
2015-09-23 14:33 - 2012-09-14 15:14 - 00780488 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
2015-09-23 14:33 - 2012-01-02 23:49 - 00142536 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl
2015-09-17 19:06 - 2015-04-23 17:01 - 00000000 ____D C:\Windows\system32\vbox
2015-09-17 19:06 - 2006-11-02 13:18 - 00000000 ____D C:\Windows\system32\spool
2015-09-15 11:22 - 2014-08-05 10:20 - 00024016 _____ (AVAST Software) C:\Windows\system32\Drivers\aswHwid.sys
2015-09-15 11:22 - 2013-05-18 12:06 - 00208664 _____ (AVAST Software) C:\Windows\system32\Drivers\aswVmm.sys
2015-09-15 11:22 - 2013-05-18 12:06 - 00049776 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRvrt.sys
2015-09-15 11:22 - 2012-05-09 20:07 - 00433264 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys
2015-09-15 11:22 - 2012-05-09 20:06 - 00788784 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys
2015-09-15 11:22 - 2012-05-09 20:06 - 00076000 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2015-09-15 11:22 - 2012-05-09 20:06 - 00057888 _____ (AVAST Software) C:\Windows\system32\Drivers\aswTdi.sys
2015-09-15 11:22 - 2012-05-09 20:06 - 00055200 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr.sys
2015-09-10 09:23 - 2006-11-02 13:18 - 00000000 ____D C:\Windows\rescache
2015-09-10 09:15 - 2006-11-02 13:18 - 00000000 ____D C:\Windows\Microsoft.NET
2015-09-10 09:08 - 2006-11-02 14:47 - 05879744 _____ C:\Windows\system32\FNTCACHE.DAT
2015-09-10 09:02 - 2006-11-02 14:37 - 00000000 ____D C:\Program Files\Windows Journal
2015-09-10 09:02 - 2006-11-02 13:18 - 00000000 ____D C:\Windows\system32\fr-FR
2015-09-10 08:46 - 2013-08-29 19:14 - 00000000 ____D C:\Windows\system32\MRT
2015-09-04 12:46 - 2009-01-10 19:47 - 00000000 ____D C:\Users\EMILIE ROGER\AppData\Roaming\vlc

==================== Fichiers à la racine de certains dossiers =======

2002-09-19 15:13 - 2002-09-04 09:14 - 1206784 _____ (Auto FX Software) C:\Program Files\AutoEye_PlugIn.8bf
2011-05-06 12:08 - 2012-02-12 23:24 - 0000132 _____ () C:\Users\EMILIE ROGER\AppData\Roaming\Adobe BMP Format CS5 Prefs
2012-02-12 23:24 - 2012-02-12 23:24 - 0000132 _____ () C:\Users\EMILIE ROGER\AppData\Roaming\Adobe GIF Format CS5 Prefs
2012-01-09 15:22 - 2012-02-14 22:56 - 0000132 _____ () C:\Users\EMILIE ROGER\AppData\Roaming\Adobe PNG Format CS5 Prefs
2012-05-12 19:43 - 2012-06-01 15:15 - 0000132 _____ () C:\Users\EMILIE ROGER\AppData\Roaming\Préfs Format GIF Adobe CS6
2014-01-20 19:16 - 2014-12-15 15:43 - 0000132 _____ () C:\Users\EMILIE ROGER\AppData\Roaming\Préfs Format PNG Adobe CS6
2015-01-08 14:56 - 2015-01-08 14:56 - 0000046 _____ () C:\Users\EMILIE ROGER\AppData\Roaming\WB.CFG
2012-05-11 07:29 - 2012-05-11 07:29 - 0001456 _____ () C:\Users\EMILIE ROGER\AppData\Local\Adobe Enregistrer pour le Web 13.0 Prefs
2010-08-05 11:07 - 2015-08-28 20:10 - 0001356 _____ () C:\Users\EMILIE ROGER\AppData\Local\d3d9caps.dat
2009-01-10 17:56 - 2015-06-25 20:42 - 0203264 _____ () C:\Users\EMILIE ROGER\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2011-10-19 17:44 - 2011-10-19 17:45 - 0000600 _____ () C:\Users\EMILIE ROGER\AppData\Local\PUTTY.RND
2013-01-21 14:38 - 2013-01-21 14:38 - 0000114 _____ () C:\ProgramData\Microsoft.SqlServer.Compact.351.32.bc

Certains fichiers dans TEMP:
====================
C:\Users\EMILIE ROGER\AppData\Local\Temp\FireFox_Setup.exe


==================== Bamital & volsnap =================

(Il n'y a pas de correction automatique pour les fichiers qui ne satisfont pas à la vérification.)

C:\Windows\explorer.exe => Le fichier est signé numériquement
C:\Windows\system32\winlogon.exe => Le fichier est signé numériquement
C:\Windows\system32\wininit.exe => Le fichier est signé numériquement
C:\Windows\system32\svchost.exe => Le fichier est signé numériquement
C:\Windows\system32\services.exe => Le fichier est signé numériquement
C:\Windows\system32\User32.dll => Le fichier est signé numériquement
C:\Windows\system32\userinit.exe => Le fichier est signé numériquement
C:\Windows\system32\rpcss.dll => Le fichier est signé numériquement
C:\Windows\system32\dnsapi.dll => Le fichier est signé numériquement
C:\Windows\system32\Drivers\volsnap.sys => Le fichier est signé numériquement


LastRegBack: 2015-10-01 17:58

==================== Fin de FRST.txt ============================

Publicité


Signaler le contenu de ce document

Publicité