cjoint

Publicité


Publicité

Format du document : text/plain

Prévisualisation

Résultats d'analyse de Farbar Recovery Scan Tool (FRST) (x64) Version:11-10-2015 01
Exécuté par imane (administrateur) sur IMANE-TOSHIBA (16-10-2015 21:14:12)
Exécuté depuis C:\Users\imane\Downloads
Profils chargés: imane & (Profils disponibles: imane & Invité)
Platform: Windows 7 Home Premium Service Pack 1 (X64) Langue: Français (France)
Internet Explorer Version 10 (Navigateur par défaut: Chrome)
Mode d'amorçage: Normal
Tutoriel pour Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processus (Avec liste blanche) =================

(Si un élément est inclus dans le fichier fixlist.txt, le processus sera arrêté. Le fichier ne sera pas déplacé.)

(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\afwServ.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(CybelSoft) C:\Program Files\ma-config.com\MaConfigAgent.exe
(Malwarebytes) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
(Malwarebytes) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
(Toshiba Europe GmbH) C:\Program Files (x86)\Toshiba TEMPRO\TemproSvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
(Microsoft Corporation) C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE
(Malwarebytes) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Nero AG) C:\Program Files (x86)\Nero\Update\NASvc.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe


==================== Registre (Avec liste blanche) ===========================

(Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé. Le fichier ne sera pas déplacé.)

HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [6134544 2015-10-06] (AVAST Software)
HKLM\...\Policies\Explorer: [NoControlPanel] 0
HKU\S-1-5-18-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [TOPI.EXE] => C:\Program Files (x86)\TOSHIBA\TOSHIBA Online Product Information\topi.exe /STARTUP
HKU\S-1-5-19\...\Run: [TOPI.EXE] => C:\Program Files (x86)\TOSHIBA\TOSHIBA Online Product Information\topi.exe /STARTUP
HKU\S-1-5-19-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [TOPI.EXE] => C:\Program Files (x86)\TOSHIBA\TOSHIBA Online Product Information\topi.exe /STARTUP
HKU\S-1-5-20\...\Run: [TOPI.EXE] => C:\Program Files (x86)\TOSHIBA\TOSHIBA Online Product Information\topi.exe /STARTUP
HKU\S-1-5-20-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [TOPI.EXE] => C:\Program Files (x86)\TOSHIBA\TOSHIBA Online Product Information\topi.exe /STARTUP
HKU\S-1-5-21-3607479210-5047180-1821071610-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [8461224 2015-09-16] (Piriform Ltd)
HKU\S-1-5-21-3607479210-5047180-1821071610-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [8461224 2015-09-16] (Piriform Ltd)
HKU\S-1-5-21-3607479210-5047180-1821071610-501-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [TOPI.EXE] => C:\Program Files (x86)\TOSHIBA\TOSHIBA Online Product Information\topi.exe /STAR
HKU\S-1-5-21-3607479210-5047180-1821071610-501-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\MountPoints2: D - D:\VTP_Manager.exe
HKU\S-1-5-18\...\Run: [TOPI.EXE] => C:\Program Files (x86)\TOSHIBA\TOSHIBA Online Product Information\topi.exe /STARTUP
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2015-10-06] (AVAST Software)
Startup: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\TRDCReminder.lnk [2011-03-31]
ShortcutTarget: TRDCReminder.lnk -> C:\Program Files (x86)\TOSHIBA\TRDCReminder\TRDCReminder.exe (Pas de fichier)
Startup: C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\TRDCReminder.lnk [2011-03-31]
ShortcutTarget: TRDCReminder.lnk -> C:\Program Files (x86)\TOSHIBA\TRDCReminder\TRDCReminder.exe (Pas de fichier)
CHR HKLM\SOFTWARE\Policies\Google: Restriction <======= ATTENTION

==================== Internet (Avec liste blanche) ====================

(Si un élément est inclus dans le fichier fixlist.txt, s'il s'agit d'un élément du Registre, il sera supprimé ou restauré à la valeur par défaut.)

Tcpip\Parameters: [DhcpNameServer] 80.10.46.232
Tcpip\..\Interfaces\{627F7567-DFCA-4DA9-8D65-170C5A0C51EF}: [DhcpNameServer] 80.10.46.232
Tcpip\..\Interfaces\{CF58F03B-45DE-4367-889B-CB4635865D78}: [DhcpNameServer] 172.20.10.1

Internet Explorer:
==================
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxps://www.google.com/?trackid=sp-006
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxps://www.google.com/search?trackid=sp-006&q={searchTerms}
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKU\S-1-5-21-3607479210-5047180-1821071610-1001\Software\Microsoft\Internet Explorer\Main,Search Page = hxxps://www.google.com/search?trackid=sp-006&q={searchTerms}
HKU\S-1-5-21-3607479210-5047180-1821071610-1001\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxps://www.google.com/?trackid=sp-006
HKU\S-1-5-21-3607479210-5047180-1821071610-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://www.google.com/?trackid=sp-006
HKU\S-1-5-21-3607479210-5047180-1821071610-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Internet Explorer\Main,Search Page = hxxps://www.google.com/search?trackid=sp-006&q={searchTerms}
HKU\S-1-5-21-3607479210-5047180-1821071610-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxps://www.google.com/?trackid=sp-006
HKU\S-1-5-21-3607479210-5047180-1821071610-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://www.google.com/?trackid=sp-006
HKU\S-1-5-21-3607479210-5047180-1821071610-501-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://toshiba.msn.com
URLSearchHook: HKU\S-1-5-21-3607479210-5047180-1821071610-501-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 - (Pas de nom) - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - Pas de fichier
SearchScopes: HKLM -> DefaultScope {9BB47C17-9C68-4BB3-B188-DD9AF0FD2406} URL =
SearchScopes: HKLM -> {03611026-6057-4646-880C-2C14E9FB3828} URL = hxxp://www.bing.com/search?q={searchTerms}&form=TSHMDF&pc=MATM&src=IE-SearchBox
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> DefaultScope {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL = hxxps://www.google.com/search?trackid=sp-006&q={searchTerms}
SearchScopes: HKLM-x32 -> {BDA674E6-5AED-4E0C-94AC-A5420C749CCE} URL = hxxp://www.bing.com/search?q={searchTerms}&form=TSHMDF&pc=MATM&src=IE-SearchBox
SearchScopes: HKLM-x32 -> {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL = hxxps://www.google.com/search?trackid=sp-006&q={searchTerms}
SearchScopes: HKU\S-1-5-21-3607479210-5047180-1821071610-1001 -> DefaultScope {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL = hxxps://www.google.com/search?trackid=sp-006&q={searchTerms}
SearchScopes: HKU\S-1-5-21-3607479210-5047180-1821071610-1001 -> {03611026-6057-4646-880C-2C14E9FB3828} URL =
SearchScopes: HKU\S-1-5-21-3607479210-5047180-1821071610-1001 -> {0B431AC7-D9D7-459E-8D49-76647CADF997} URL = hxxp://www.bing.com/search?q={searchTerms}&form=TSHMDF&pc=MATM&src=IE-SearchBox
SearchScopes: HKU\S-1-5-21-3607479210-5047180-1821071610-1001 -> {BDA674E6-5AED-4E0C-94AC-A5420C749CCE} URL =
SearchScopes: HKU\S-1-5-21-3607479210-5047180-1821071610-1001 -> {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL = hxxps://www.google.com/search?trackid=sp-006&q={searchTerms}
SearchScopes: HKU\S-1-5-21-3607479210-5047180-1821071610-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> DefaultScope {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL = hxxps://www.google.com/search?trackid=sp-006&q={searchTerms}
SearchScopes: HKU\S-1-5-21-3607479210-5047180-1821071610-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> {03611026-6057-4646-880C-2C14E9FB3828} URL =
SearchScopes: HKU\S-1-5-21-3607479210-5047180-1821071610-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> {0B431AC7-D9D7-459E-8D49-76647CADF997} URL = hxxp://www.bing.com/search?q={searchTerms}&form=TSHMDF&pc=MATM&src=IE-SearchBox
SearchScopes: HKU\S-1-5-21-3607479210-5047180-1821071610-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> {BDA674E6-5AED-4E0C-94AC-A5420C749CCE} URL =
SearchScopes: HKU\S-1-5-21-3607479210-5047180-1821071610-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL = hxxps://www.google.com/search?trackid=sp-006&q={searchTerms}
SearchScopes: HKU\S-1-5-21-3607479210-5047180-1821071610-501-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> DefaultScope {7A14AD9A-02BD-426D-805E-30C98F4CC465} URL =
SearchScopes: HKU\S-1-5-21-3607479210-5047180-1821071610-501-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> {9711A31A-0721-478E-A06D-BF3CF3F3B6B5} URL = hxxp://rover.ebay.com/rover/1/709-44555-9400-8/4?satitle={searchTerms}
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll [2015-10-06] (Oracle Corporation)
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2015-10-06] (AVAST Software)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll [2015-10-06] (Oracle Corporation)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2015-10-06] (AVAST Software)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll [2011-03-31] (Sun Microsystems, Inc.)
Toolbar: HKLM - Pas de nom - !{ae07101b-46d4-4a98-af68-0333ea26e113} - Pas de fichier
Toolbar: HKLM-x32 - Pas de nom - !{ae07101b-46d4-4a98-af68-0333ea26e113} - Pas de fichier
DPF: HKLM-x32 {C3F79A2B-B9B4-4A66-B012-3EE46475B072} hxxp://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
DPF: HKLM-x32 {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
Handler: livecall - No CLSID Value
Handler: msnim - No CLSID Value

FireFox:
========
FF ProfilePath: C:\Users\imane\AppData\Roaming\Mozilla\Firefox\Profiles\2h17rum8.default
FF SelectedSearchEngine: Google
FF Homepage: www.google.fr
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_19_0_0_207.dll [2015-10-15] ()
FF Plugin: @java.com/DTPlugin,version=10.80.2 -> C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll [2015-10-06] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.80.2 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll [2015-10-06] (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE -> disabled [Pas de fichier]
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] ( Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=2.1.0 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2015-04-16] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.2.1 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2015-04-16] (VideoLAN)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_19_0_0_207.dll [2015-10-15] ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw_1220162.dll [2015-08-31] (Adobe Systems, Inc.)
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2014-10-30] ()
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [Pas de fichier]
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~4\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-03-08] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-03-08] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3538.0513 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-03-08] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3555.0308 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-03-08] (Microsoft Corporation)
FF Plugin-x32: @Nero.com/KM -> C:\PROGRA~2\COMMON~1\Nero\BROWSE~1\NPBROW~1.DLL [2015-04-10] (Nero AG)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-10-07] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-10-07] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.0.2 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Extension: Adblock Plus - C:\Users\imane\AppData\Roaming\Mozilla\Firefox\Profiles\2h17rum8.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2013-10-31]
FF Extension: DownThemAll! - C:\Users\imane\AppData\Roaming\Mozilla\Firefox\Profiles\2h17rum8.default\Extensions\{DDC359D1-844A-42a7-9AA1-88A850A938A8}.xpi [2013-10-31]
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2015-10-06]
FF HKU\S-1-5-21-3607479210-5047180-1821071610-501-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Firefox\Extensions: [{0F827075-B026-42F3-885D-98981EE7B1AE}] - C:\ProgramData\BrowserProtect\2.6.1125.80\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\FirefoxExtension => non trouvé(e)

Chrome:
=======
CHR StartupUrls: Default -> "hxxp://www.google.com/"
CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\45.0.2454.101\PepperFlash\pepflashplayer.dll ()
CHR Plugin: (Native Client) - C:\Program Files (x86)\Google\Chrome\Application\45.0.2454.101\ppGoogleNaClPluginChrome.dll => Pas de fichier
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\45.0.2454.101\pdf.dll => Pas de fichier
CHR Plugin: (Advanced SystemCare 6) - C:\Users\imane\AppData\Local\Google\Chrome\User Data\Default\Extensions\nfengeggddojhakldhlpjdlddgkkjkdd\\1.0.0_0\Plugin/ASCPlugin_Protect.dll => Pas de fichier
CHR Plugin: (Java Deployment Toolkit 6.0.200.2) - C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll (Sun Microsystems, Inc.)
CHR Plugin: (Java(TM) Platform SE 6 U20) - C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
CHR Plugin: (Microsoft Office 2010) - C:\PROGRA~2\MICROS~4\Office14\NPSPWRAP.DLL (Microsoft Corporation)
CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.21.135\npGoogleUpdate3.dll => Pas de fichier
CHR Plugin: (VLC Web Plugin) - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
CHR Plugin: (Windows Live™ Photo Gallery) - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
CHR Plugin: (iTunes Application Detector) - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
CHR Plugin: (Facebook Video Calling Plugin) - C:\Users\imane\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll => Pas de fichier
CHR Plugin: (Shockwave for Director) - C:\Windows\SysWOW64\Adobe\Director\np32dsw_1205146.dll => Pas de fichier
CHR Plugin: (Shockwave Flash) - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_117.dll => Pas de fichier
CHR Plugin: (Silverlight Plug-In) - c:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrl.dll => Pas de fichier
CHR Profile: C:\Users\imane\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Avast Online Security) - C:\Users\imane\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2015-10-07]
CHR Extension: (Chrome Hotword Shared Module) - C:\Users\imane\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-10-07]
CHR Extension: (Paiements via le Chrome Web Store) - C:\Users\imane\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-10-07]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2015-10-06]
CHR HKLM-x32\...\Chrome\Extension: [hbcennhacfaagdopikcegfcobcadeocj] -
CHR HKLM-x32\...\Chrome\Extension: [icdlfehblmklkikfigmjhbmmpmkmpooj] -
CHR HKLM-x32\...\Chrome\Extension: [janmfndmohbaaoocpcgfbghioojoakjg] -
CHR HKLM-x32\...\Chrome\Extension: [onklpkebbeeimgojkmaccmhmoafknihh] -
CHR HKLM-x32\...\Chrome\Extension: [pfndaklgolladniicklehhancnlgocpp] -

==================== Services (Avec liste blanche) ========================

(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)

S2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [77104 2015-09-02] (Apple Inc.)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [146600 2015-10-06] (AVAST Software)
R2 avast! Firewall; C:\Program Files\AVAST Software\Avast\afwServ.exe [109008 2015-10-06] (AVAST Software)
S4 IconMan_R; C:\Program Files (x86)\Realtek\Realtek USB 2.0 Card Reader\RIconMan.exe [1809920 2010-08-04] (Realsil Microelectronics Inc.) [Fichier non signé]
S3 LiveUpdateSvc; C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe [2151200 2013-10-25] (IObit)
U2 MaConfigAgent; C:\Program Files\ma-config.com\MaConfigAgent.exe [2768208 2013-10-25] (CybelSoft)
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1513784 2015-10-05] (Malwarebytes)
R2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1135416 2015-10-05] (Malwarebytes)
R2 TemproMonitoringService; C:\Program Files (x86)\Toshiba TEMPRO\TemproSvc.exe [112080 2011-02-10] (Toshiba Europe GmbH)
R2 Themes; C:\Windows\system32\themeservice.dll [44544 2013-03-22] (Microsoft Corporation) [Fichier non signé]
S4 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)

===================== Pilotes (Avec liste blanche) ==========================

(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)

R3 Apowersoft_AudioDevice; C:\Windows\System32\drivers\Apowersoft_AudioDevice.sys [31968 2012-10-08] (Wondershare)
R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [28656 2015-10-06] (AVAST Software)
R1 aswKbd; C:\Windows\system32\drivers\aswKbd.sys [28144 2015-10-06] (AVAST Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [90968 2015-10-06] (AVAST Software)
R0 aswNdisFlt; C:\Windows\System32\DRIVERS\aswNdisFlt.sys [454528 2015-10-06] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93528 2015-10-06] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65224 2015-10-06] (AVAST Software)
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1049880 2015-10-06] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [448968 2015-10-06] (AVAST Software)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [153744 2015-10-06] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [274808 2015-10-06] (AVAST Software)
S1 ctxzwbcz; pas de ImagePath
S3 ebdrv; C:\Windows\system32\drivers\evbda.sys [3286016 2009-06-10] (Broadcom Corporation)
R1 HWiNFO32; C:\Windows\SysWOW64\drivers\HWiNFO64A.SYS [26528 2015-10-05] (REALiX(tm))
S3 hxctlflt; C:\Windows\System32\Drivers\hxctlflt.sys [111104 2009-02-08] (Guillemot Corporation)
S1 jggkvvhd; pas de ImagePath
S3 ma-config_amd64; pas de ImagePath
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2015-10-05] (Malwarebytes)
R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [192216 2015-10-13] (Malwarebytes)
R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2015-10-05] (Malwarebytes Corporation)
S1 mzqwlkil; pas de ImagePath
S1 nwnmmsom; pas de ImagePath
R3 RTWlanE; C:\Windows\System32\DRIVERS\rtwlane.sys [1514568 2013-05-02] (Realtek Semiconductor Corporation )
S3 SNP2UVC; C:\Windows\System32\DRIVERS\snp2uvc.sys [3552384 2009-04-22] ()
S3 catchme; \??\C:\Users\imane\AppData\Local\Temp\catchmeirwk.sys [X]

==================== NetSvcs (Avec liste blanche) ===================

(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)


==================== Un mois - Créés - fichiers et dossiers ========

(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)

2015-10-15 21:15 - 2015-10-15 21:16 - 00000823 _____ C:\Users\imane\Downloads\zzz (2).txt
2015-10-12 19:55 - 2015-10-12 19:55 - 01943040 _____ C:\Users\imane\ZHPDiag3.exe
2015-10-12 18:11 - 2015-10-12 18:14 - 22908888 _____ (Malwarebytes ) C:\Users\imane\Downloads\mbam-setup-2.2.0.1024.exe
2015-10-12 17:51 - 2015-10-12 17:51 - 00006163 _____ C:\rapport malware.txt
2015-10-12 13:08 - 2015-10-13 18:23 - 00192216 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-10-12 13:02 - 2015-10-12 18:26 - 00001065 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2015-10-12 13:01 - 2015-10-12 18:26 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2015-10-12 13:01 - 2015-10-12 18:26 - 00000000 ____D C:\Program Files (x86)\Malwarebytes Anti-Malware
2015-10-12 13:01 - 2015-10-05 09:50 - 00109272 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamchameleon.sys
2015-10-12 13:01 - 2015-10-05 09:50 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2015-10-12 13:01 - 2015-10-05 09:50 - 00025816 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbam.sys
2015-10-12 12:52 - 2015-10-12 12:56 - 24345872 _____ (Malwarebytes Corporation ) C:\Users\imane\Downloads\mbam-setup-2.1.8.1057.exe
2015-10-12 09:20 - 2014-12-06 06:17 - 00303616 _____ (Microsoft Corporation) C:\Windows\system32\nlasvc.dll
2015-10-12 09:20 - 2014-12-06 05:50 - 00156672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncsi.dll
2015-10-12 09:20 - 2014-12-06 05:50 - 00052224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nlaapi.dll
2015-10-11 20:52 - 2015-10-11 20:52 - 00001812 _____ C:\Users\Public\Desktop\ZHPFix.lnk
2015-10-11 20:51 - 2015-10-11 20:56 - 00000000 ____D C:\Program Files (x86)\ZHPFix
2015-10-11 20:51 - 2015-10-11 20:52 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ZHP
2015-10-11 20:46 - 2015-10-11 20:46 - 03521472 _____ (Nicolas Coolman ) C:\Users\imane\Downloads\ZHPFix.exe
2015-10-11 20:46 - 2015-10-11 20:46 - 00058649 _____ C:\Users\imane\Downloads\zzz.txt
2015-10-11 20:46 - 2015-10-11 20:46 - 00058649 _____ C:\Users\imane\Downloads\zzz (1).txt
2015-10-11 19:37 - 2015-10-11 19:50 - 00037859 _____ C:\Users\imane\Downloads\Addition.txt
2015-10-11 18:57 - 2015-10-16 21:16 - 00023007 _____ C:\Users\imane\Downloads\FRST.txt
2015-10-11 18:56 - 2015-10-16 21:14 - 00000000 ____D C:\FRST
2015-10-11 18:53 - 2015-10-11 18:53 - 02195456 _____ (Farbar) C:\Users\imane\Downloads\FRST64.exe
2015-10-11 16:41 - 2015-10-11 16:41 - 01863680 _____ C:\Users\imane\ZHPCleaner.exe
2015-10-11 01:30 - 2015-10-11 01:30 - 00085913 _____ C:\Users\imane\Downloads\ZHPDiag.txt
2015-10-11 01:30 - 2015-10-11 01:30 - 00085913 _____ C:\Users\imane\Downloads\ZHPDiag (1).txt
2015-10-10 19:29 - 2015-10-10 19:29 - 01969152 _____ C:\Users\imane\Downloads\ZHPCleaner.exe
2015-10-10 18:26 - 2015-10-10 18:26 - 01682432 _____ C:\Users\imane\Downloads\adwcleaner_5.013.exe
2015-10-10 13:30 - 2015-10-10 13:30 - 00000000 _____ C:\Windows\SysWOW64\shoB7FD.tmp
2015-10-10 03:36 - 2015-10-10 03:36 - 01682432 _____ C:\Users\imane\Downloads\Non confirmé 833379.crdownload
2015-10-09 21:02 - 2015-10-15 21:53 - 00000000 ____D C:\Users\imane\AppData\Roaming\ZHP
2015-10-09 20:50 - 2015-10-09 20:50 - 01901056 _____ C:\Users\imane\Downloads\ZHPDiag3.exe
2015-10-09 02:42 - 2015-10-09 02:42 - 00000000 ____D C:\$WINDOWS.~BT
2015-10-09 02:37 - 2015-10-09 02:37 - 00000000 ___HD C:\$Windows.~WS
2015-10-09 02:20 - 2015-10-13 13:02 - 00000560 _____ C:\Windows\setupact.log
2015-10-09 02:20 - 2015-10-13 01:27 - 00004060 _____ C:\Windows\PFRO.log
2015-10-09 02:20 - 2015-10-09 02:20 - 00000000 _____ C:\Windows\setuperr.log
2015-10-09 01:45 - 2015-10-09 01:48 - 19733696 _____ (Microsoft Corporation) C:\Users\imane\Downloads\MediaCreationToolx64.exe
2015-10-08 20:50 - 2015-10-08 20:50 - 00001760 _____ C:\Users\Public\Desktop\iTunes.lnk
2015-10-08 20:50 - 2015-10-08 20:50 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2015-10-08 20:49 - 2015-10-08 20:50 - 00000000 ____D C:\Program Files\iTunes
2015-10-08 20:49 - 2015-10-08 20:49 - 00000000 ____D C:\Program Files\iPod
2015-10-08 20:49 - 2015-10-08 20:49 - 00000000 ____D C:\Program Files (x86)\iTunes
2015-10-08 20:31 - 2015-10-08 20:31 - 00000000 ____D C:\Windows\System32\Tasks\Apple
2015-10-08 20:30 - 2015-10-08 20:30 - 00002519 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Apple Software Update.lnk
2015-10-08 17:39 - 2015-10-08 18:39 - 167601944 _____ (Apple Inc.) C:\Users\imane\Downloads\iTunes6464Setup.exe
2015-10-07 20:24 - 2015-10-07 20:24 - 00000000 ____D C:\78b3e9085278f0caa3
2015-10-07 19:24 - 2015-10-07 19:24 - 00000000 ____D C:\Windows\System32\Tasks\Nero
2015-10-07 19:14 - 2015-10-07 19:14 - 00002216 _____ C:\Users\Public\Desktop\Nero MediaHome.lnk
2015-10-07 19:04 - 2015-10-07 19:04 - 00002237 _____ C:\Users\Public\Desktop\Nero Blu-ray Player.lnk
2015-10-07 18:48 - 2010-05-26 11:41 - 00248672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx11_43.dll
2015-10-07 18:47 - 2010-05-26 11:41 - 00470880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_43.dll
2015-10-07 18:43 - 2010-05-26 11:41 - 01998168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_43.dll
2015-10-07 18:40 - 2010-05-26 11:41 - 01868128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dcsx_43.dll
2015-10-07 18:38 - 2010-05-26 11:41 - 02106216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_43.dll
2015-10-07 17:16 - 2014-07-01 00:24 - 00008856 _____ (Microsoft Corporation) C:\Windows\system32\icardres.dll
2015-10-07 17:16 - 2014-07-01 00:14 - 00008856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardres.dll
2015-10-07 17:16 - 2014-06-06 08:16 - 00035480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TsWpfWrp.exe
2015-10-07 17:16 - 2014-06-06 08:12 - 00035480 _____ (Microsoft Corporation) C:\Windows\system32\TsWpfWrp.exe
2015-10-07 17:16 - 2014-03-09 23:48 - 01389208 _____ (Microsoft Corporation) C:\Windows\system32\icardagt.exe
2015-10-07 17:16 - 2014-03-09 23:48 - 00171160 _____ (Microsoft Corporation) C:\Windows\system32\infocardapi.dll
2015-10-07 17:16 - 2014-03-09 23:47 - 00619672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardagt.exe
2015-10-07 17:16 - 2014-03-09 23:47 - 00099480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\infocardapi.dll
2015-10-07 17:08 - 2015-04-29 20:22 - 14635008 _____ (Microsoft Corporation) C:\Windows\system32\wmp.dll
2015-10-07 17:08 - 2015-04-29 20:21 - 00009728 _____ (Microsoft Corporation) C:\Windows\system32\spwmp.dll
2015-10-07 17:08 - 2015-04-29 20:21 - 00005120 _____ (Microsoft Corporation) C:\Windows\system32\msdxm.ocx
2015-10-07 17:08 - 2015-04-29 20:21 - 00005120 _____ (Microsoft Corporation) C:\Windows\system32\dxmasf.dll
2015-10-07 17:08 - 2015-04-29 20:19 - 12625920 _____ (Microsoft Corporation) C:\Windows\system32\wmploc.DLL
2015-10-07 17:08 - 2015-04-29 20:07 - 11411456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmp.dll
2015-10-07 17:08 - 2015-04-29 20:07 - 00008192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\spwmp.dll
2015-10-07 17:08 - 2015-04-29 20:07 - 00004096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msdxm.ocx
2015-10-07 17:08 - 2015-04-29 20:07 - 00004096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxmasf.dll
2015-10-07 17:08 - 2015-04-29 20:05 - 12625408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmploc.DLL
2015-10-07 17:05 - 2014-12-19 05:06 - 00210432 _____ (Microsoft Corporation) C:\Windows\system32\profsvc.dll
2015-10-07 17:03 - 2015-04-24 20:17 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\comctl32.dll
2015-10-07 17:03 - 2015-04-24 19:56 - 00530432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\comctl32.dll
2015-10-07 17:03 - 2015-01-14 08:09 - 05554112 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-10-07 17:03 - 2015-01-14 08:09 - 00155064 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2015-10-07 17:03 - 2015-01-14 08:05 - 01461760 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2015-10-07 17:03 - 2015-01-14 07:44 - 03972544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2015-10-07 17:03 - 2015-01-14 07:44 - 03917760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2015-10-07 17:03 - 2014-12-30 03:23 - 00459336 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys
2015-10-07 17:03 - 2014-11-11 05:08 - 00728064 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2015-10-07 17:03 - 2014-11-11 04:44 - 00550912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2015-10-07 17:03 - 2014-09-19 11:42 - 00342016 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2015-10-07 17:03 - 2014-09-19 11:42 - 00314880 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2015-10-07 17:03 - 2014-09-19 11:23 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2015-10-07 17:03 - 2014-09-19 11:23 - 00248832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2015-10-07 17:03 - 2014-04-05 04:47 - 01903552 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2015-10-07 17:03 - 2014-04-05 04:47 - 00288192 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\FWPKCLNT.SYS
2015-10-07 17:02 - 2015-01-14 08:09 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2015-10-07 17:02 - 2015-01-14 08:05 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2015-10-07 17:02 - 2015-01-14 08:05 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2015-10-07 17:02 - 2015-01-14 08:05 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2015-10-07 17:02 - 2015-01-14 08:05 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2015-10-07 17:02 - 2015-01-14 08:05 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2015-10-07 17:02 - 2015-01-14 08:04 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2015-10-07 17:02 - 2015-01-14 08:04 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2015-10-07 17:02 - 2015-01-14 08:04 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2015-10-07 17:02 - 2015-01-14 08:02 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2015-10-07 17:02 - 2015-01-14 08:02 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2015-10-07 17:02 - 2015-01-14 07:59 - 00686080 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2015-10-07 17:02 - 2015-01-14 07:41 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2015-10-07 17:02 - 2015-01-14 07:41 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2015-10-07 17:02 - 2015-01-14 07:40 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2015-10-07 17:02 - 2015-01-14 07:40 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2015-10-07 17:02 - 2015-01-14 07:38 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2015-10-07 17:02 - 2015-01-14 07:37 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2015-10-07 17:02 - 2015-01-14 07:36 - 00686080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2015-10-07 17:02 - 2014-09-19 11:42 - 00309760 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2015-10-07 17:02 - 2014-09-19 11:42 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2015-10-07 17:02 - 2014-09-19 11:42 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2015-10-07 17:02 - 2014-09-19 11:42 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2015-10-07 17:02 - 2014-09-19 11:23 - 00221184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2015-10-07 17:02 - 2014-09-19 11:23 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2015-10-07 17:02 - 2014-09-19 11:23 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2015-10-07 17:02 - 2014-09-19 11:23 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2015-10-07 17:01 - 2015-06-09 20:03 - 03180544 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorets.dll
2015-10-07 17:01 - 2015-06-09 20:03 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\RdpGroupPolicyExtension.dll
2015-10-07 17:01 - 2015-06-03 22:17 - 00243200 _____ (Microsoft Corporation) C:\Windows\system32\rdpudd.dll
2015-10-07 16:58 - 2015-07-15 05:19 - 02004992 _____ (Microsoft Corporation) C:\Windows\system32\msxml6.dll
2015-10-07 16:58 - 2015-07-15 05:19 - 01887232 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2015-10-07 16:58 - 2015-07-15 05:14 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml6r.dll
2015-10-07 16:58 - 2015-07-15 05:13 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll
2015-10-07 16:58 - 2015-07-15 04:55 - 01390592 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6.dll
2015-10-07 16:58 - 2015-07-15 04:55 - 01241088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2015-10-07 16:58 - 2015-07-15 04:51 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6r.dll
2015-10-07 16:58 - 2015-07-15 04:51 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3r.dll
2015-10-07 16:57 - 2015-07-01 22:49 - 00260096 _____ (Microsoft Corporation) C:\Windows\system32\WebClnt.dll
2015-10-07 16:57 - 2015-07-01 22:48 - 00102912 _____ (Microsoft Corporation) C:\Windows\system32\davclnt.dll
2015-10-07 16:57 - 2015-07-01 22:30 - 00206848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WebClnt.dll
2015-10-07 16:57 - 2015-07-01 22:30 - 00082432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\davclnt.dll
2015-10-07 16:57 - 2015-06-17 19:47 - 00404992 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2015-10-07 16:57 - 2015-06-17 19:37 - 00312320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2015-10-07 16:57 - 2014-12-08 05:09 - 00406528 _____ (Microsoft Corporation) C:\Windows\system32\scesrv.dll
2015-10-07 16:57 - 2014-12-08 04:46 - 00308224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\scesrv.dll
2015-10-07 16:57 - 2014-08-23 02:59 - 03163648 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2015-10-07 16:57 - 2014-06-19 00:23 - 01943696 _____ (Microsoft Corporation) C:\Windows\system32\dfshim.dll
2015-10-07 16:57 - 2014-06-19 00:23 - 01131664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dfshim.dll
2015-10-07 16:57 - 2014-06-19 00:23 - 00156824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mscorier.dll
2015-10-07 16:57 - 2014-06-19 00:23 - 00156312 _____ (Microsoft Corporation) C:\Windows\system32\mscorier.dll
2015-10-07 16:57 - 2014-06-19 00:23 - 00081560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mscories.dll
2015-10-07 16:57 - 2014-06-19 00:23 - 00073880 _____ (Microsoft Corporation) C:\Windows\system32\mscories.dll
2015-10-07 16:57 - 2014-06-06 12:10 - 00624128 _____ (Microsoft Corporation) C:\Windows\system32\qedit.dll
2015-10-07 16:57 - 2014-06-06 11:44 - 00509440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qedit.dll
2015-10-07 16:57 - 2014-05-30 08:45 - 00497152 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\afd.sys
2015-10-07 16:57 - 2014-04-25 04:34 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\usp10.dll
2015-10-07 16:57 - 2014-04-25 04:06 - 00626688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\usp10.dll
2015-10-07 16:52 - 2015-03-04 06:55 - 00367552 _____ (Microsoft Corporation) C:\Windows\system32\clfs.sys
2015-10-07 16:52 - 2015-03-04 06:41 - 00079360 _____ (Microsoft Corporation) C:\Windows\system32\clfsw32.dll
2015-10-07 16:52 - 2015-03-04 06:10 - 00058880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\clfsw32.dll
2015-10-07 16:51 - 2015-10-07 16:51 - 00929872 _____ (Google Inc.) C:\Users\imane\Downloads\ChromeSetup (1).exe
2015-10-07 01:56 - 2015-10-07 01:56 - 00000000 ____D C:\Users\imane\AppData\Local\Skype
2015-10-07 01:52 - 2015-10-07 01:52 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2015-10-07 01:51 - 2015-10-07 01:52 - 00002697 _____ C:\Users\Public\Desktop\Skype.lnk
2015-10-07 01:51 - 2015-10-07 01:51 - 00000000 ___RD C:\Program Files (x86)\Skype
2015-10-06 18:20 - 2015-10-06 18:20 - 00001989 _____ C:\Users\Public\Desktop\Avast SafeZone.lnk
2015-10-06 18:20 - 2015-10-06 18:20 - 00001929 _____ C:\Users\Public\Desktop\Avast Internet Security.lnk
2015-10-06 18:20 - 2015-10-06 18:20 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVAST Software
2015-10-06 18:10 - 2015-10-06 18:05 - 00028144 _____ (AVAST Software) C:\Windows\system32\Drivers\aswKbd.sys
2015-10-06 18:09 - 2015-10-06 12:58 - 00378880 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2015-10-06 17:57 - 2015-10-06 17:57 - 00454528 _____ (AVAST Software) C:\Windows\system32\Drivers\aswNdisFlt.sys
2015-10-06 16:45 - 2015-10-06 16:43 - 00320424 _____ (Oracle Corporation) C:\Windows\system32\javaws.exe
2015-10-06 16:44 - 2015-10-06 16:43 - 00189864 _____ (Oracle Corporation) C:\Windows\system32\javaw.exe
2015-10-06 16:44 - 2015-10-06 16:43 - 00189864 _____ (Oracle Corporation) C:\Windows\system32\java.exe
2015-10-06 16:44 - 2015-10-06 16:43 - 00111016 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge-64.dll
2015-10-06 13:08 - 2015-10-06 13:08 - 00000000 ____D C:\Users\imane\AppData\Roaming\AVAST Software
2015-10-06 13:02 - 2015-10-16 21:08 - 00004182 _____ C:\Windows\System32\Tasks\avast! Emergency Update
2015-10-06 12:59 - 2015-10-06 12:58 - 01049880 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys
2015-10-06 12:59 - 2015-10-06 12:58 - 00448968 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys
2015-10-06 12:59 - 2015-10-06 12:58 - 00274808 _____ (AVAST Software) C:\Windows\system32\Drivers\aswVmm.sys
2015-10-06 12:59 - 2015-10-06 12:58 - 00153744 _____ (AVAST Software) C:\Windows\system32\Drivers\aswStm.sys
2015-10-06 12:59 - 2015-10-06 12:58 - 00093528 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2015-10-06 12:59 - 2015-10-06 12:58 - 00090968 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2015-10-06 12:59 - 2015-10-06 12:58 - 00065224 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRvrt.sys
2015-10-06 12:59 - 2015-10-06 12:58 - 00028656 _____ (AVAST Software) C:\Windows\system32\Drivers\aswHwid.sys
2015-10-06 12:58 - 2015-10-06 12:58 - 00043112 _____ (AVAST Software) C:\Windows\avastSS.scr
2015-10-06 03:34 - 2015-10-06 03:34 - 00000000 ____D C:\ProgramData\TOSHIBA Tempro
2015-10-06 03:34 - 2015-10-06 03:34 - 00000000 ____D C:\ProgramData\IsolatedStorage
2015-10-06 03:18 - 2015-10-06 03:43 - 154429024 _____ (AVAST Software) C:\Users\Public\Desktop\avast_free_antivirus_setup.exe
2015-10-06 03:18 - 2015-10-06 03:43 - 154429024 _____ (AVAST Software) C:\Users\imane\Downloads\avast_free_antivirus_setup.exe
2015-10-06 02:58 - 2015-10-06 02:58 - 00003288 ____N C:\bootsqm.dat
2015-10-06 02:18 - 2015-10-06 02:18 - 00002800 _____ C:\Windows\System32\Tasks\CCleanerSkipUAC
2015-10-06 02:17 - 2015-10-06 02:17 - 00000829 _____ C:\Users\Public\Desktop\CCleaner.lnk
2015-10-06 02:17 - 2015-10-06 02:17 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2015-10-06 02:16 - 2015-10-06 02:17 - 00000000 ____D C:\Program Files\CCleaner
2015-10-06 02:08 - 2015-10-06 02:13 - 06677440 _____ (Piriform Ltd) C:\Users\imane\Downloads\ccsetup510.exe
2015-10-06 00:52 - 2015-10-09 02:39 - 00000000 ____D C:\Program Files (x86)\Slowin Killer
2015-10-06 00:47 - 2015-10-06 00:47 - 01358336 _____ C:\Users\imane\Downloads\Slowin Killer.exe
2015-10-05 15:17 - 2015-10-05 15:28 - 00002884 _____ C:\Windows\System32\Tasks\Driver Booster SkipUAC (imane)
2015-10-05 15:16 - 2015-10-05 15:16 - 00026528 _____ (REALiX(tm)) C:\Windows\SysWOW64\Drivers\HWiNFO64A.SYS

==================== Un mois - Modifiés - fichiers et dossiers ========

(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)

2015-10-16 21:21 - 2013-10-31 14:23 - 00001002 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-10-16 21:15 - 2013-07-14 21:06 - 01821176 _____ C:\Windows\WindowsUpdate.log
2015-10-16 21:05 - 2013-03-22 18:41 - 00001066 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-10-16 21:05 - 2013-03-22 18:41 - 00001062 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-10-15 22:27 - 2013-10-31 14:23 - 00003940 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2015-10-15 22:26 - 2012-04-03 13:56 - 00780488 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-10-15 22:26 - 2012-02-23 23:27 - 00142536 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-10-13 13:19 - 2009-07-14 06:45 - 00025120 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-10-13 13:19 - 2009-07-14 06:45 - 00025120 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-10-13 13:03 - 2012-04-03 14:05 - 00000324 _____ C:\Windows\Tasks\GlaryInitialize.job
2015-10-13 13:02 - 2009-07-14 07:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2015-10-12 19:55 - 2011-12-20 14:26 - 00000000 ____D C:\Users\imane
2015-10-12 13:01 - 2013-10-31 15:20 - 00000000 ____D C:\ProgramData\Malwarebytes
2015-10-11 23:16 - 2013-10-31 15:21 - 00000000 ____D C:\AdwCleaner
2015-10-11 22:55 - 2010-11-21 08:19 - 00719678 _____ C:\Windows\system32\perfh00C.dat
2015-10-11 22:55 - 2010-11-21 08:19 - 00136066 _____ C:\Windows\system32\perfc00C.dat
2015-10-11 22:55 - 2009-07-14 07:13 - 01580336 _____ C:\Windows\system32\PerfStringBackup.INI
2015-10-11 22:50 - 2009-07-14 07:09 - 00000000 ____D C:\Windows\System32\Tasks\WPD
2015-10-11 03:16 - 2012-02-07 16:49 - 00105984 ___SH C:\Users\imane\Thumbs.db
2015-10-09 02:41 - 2011-03-31 09:08 - 00000000 ____D C:\Windows\Panther
2015-10-09 02:07 - 2012-04-03 14:26 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2015-10-08 20:49 - 2013-03-22 21:44 - 00000000 ____D C:\Program Files\Common Files\Apple
2015-10-08 20:48 - 2015-01-30 16:35 - 00000000 ____D C:\ProgramData\E1864A66-75E3-486a-BD95-D1B7D99A84A7
2015-10-08 20:30 - 2012-07-07 19:00 - 00000000 ____D C:\Program Files (x86)\Apple Software Update
2015-10-08 20:12 - 2012-07-07 18:58 - 00000000 ____D C:\Program Files\Bonjour
2015-10-08 20:12 - 2012-07-07 18:58 - 00000000 ____D C:\Program Files (x86)\Bonjour
2015-10-08 19:52 - 2012-07-07 18:57 - 00000000 ____D C:\ProgramData\Apple
2015-10-08 06:54 - 2013-03-16 04:03 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2015-10-08 06:32 - 2012-12-02 17:58 - 01607822 _____ C:\Windows\SysWOW64\PerfStringBackup.INI
2015-10-08 06:32 - 2012-12-02 17:57 - 00000000 ____D C:\Program Files (x86)\Microsoft Application Virtualization Client
2015-10-08 06:28 - 2013-03-16 04:08 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2015-10-08 06:11 - 2013-03-16 04:03 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight
2015-10-07 21:26 - 2015-02-02 08:01 - 00267816 _____ C:\Windows\system32\FNTCACHE.DAT
2015-10-07 19:14 - 2011-03-31 12:06 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nero
2015-10-07 19:12 - 2011-03-31 12:06 - 00000000 ____D C:\ProgramData\Nero
2015-10-07 19:06 - 2011-03-31 12:06 - 00000000 ____D C:\Program Files (x86)\Nero
2015-10-07 18:36 - 2013-10-31 16:39 - 00000000 ____D C:\ProgramData\Package Cache
2015-10-07 17:35 - 2013-03-22 18:48 - 00002216 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2015-10-07 16:59 - 2013-03-22 18:41 - 00004062 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2015-10-07 16:59 - 2013-03-22 18:41 - 00003810 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2015-10-07 15:21 - 2012-06-03 20:56 - 00000000 ____D C:\Windows\pss
2015-10-07 01:56 - 2012-01-04 17:24 - 00000000 ____D C:\Users\imane\AppData\Roaming\Skype
2015-10-07 01:45 - 2011-03-31 11:31 - 00000000 ____D C:\ProgramData\Skype
2015-10-06 21:14 - 2013-09-03 20:20 - 00000000 ____D C:\Users\imane\AppData\Local\avgchrome
2015-10-06 17:45 - 2013-04-06 16:19 - 00000878 _____ C:\Users\Public\Desktop\VLC media player.lnk
2015-10-06 17:21 - 2013-11-01 18:34 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
2015-10-06 03:49 - 2012-11-03 15:00 - 00000000 ____D C:\ProgramData\AVAST Software
2015-10-06 03:34 - 2013-10-31 13:42 - 00001912 _____ C:\Windows\epplauncher.mif
2015-10-06 02:45 - 2011-12-20 17:06 - 00000000 ____D C:\Users\imane\AppData\Local\Facebook
2015-10-06 02:26 - 2012-02-23 23:36 - 00000000 ____D C:\Users\imane\AppData\Roaming\PhotoScape
2015-10-06 01:53 - 2011-03-31 12:24 - 00000000 ____D C:\Program Files (x86)\TOSHIBA Games
2015-10-06 01:53 - 2009-07-14 07:32 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2015-10-06 01:18 - 2011-03-31 12:23 - 00000000 ____D C:\ProgramData\WildTangent
2015-10-06 01:03 - 2013-10-31 14:08 - 00000000 ____D C:\Program Files (x86)\IObit
2015-10-06 00:29 - 2012-12-02 18:01 - 00000000 ____D C:\Users\imane\AppData\Roaming\SoftGrid Client
2015-10-05 15:26 - 2009-07-14 04:34 - 65798144 _____ C:\Windows\system32\config\SOFTWARE_tureg_old
2015-10-05 15:26 - 2009-07-14 04:34 - 17563648 _____ C:\Windows\system32\config\SYSTEM_tureg_old
2015-10-05 15:26 - 2009-07-14 04:34 - 00028672 _____ C:\Windows\system32\config\SECURITY_tureg_old
2015-10-05 15:19 - 2013-10-31 14:10 - 00000000 ____D C:\Users\imane\AppData\LocalLow\IObit
2015-10-05 15:19 - 2009-07-14 04:34 - 44040192 _____ C:\Windows\system32\config\COMPONENTS_tureg_old
2015-10-05 15:16 - 2013-10-31 14:09 - 00000000 ____D C:\ProgramData\IObit
2015-10-05 15:14 - 2009-07-14 04:34 - 00327680 _____ C:\Windows\system32\config\DEFAULT_tureg_old
2015-10-05 15:09 - 2009-07-14 04:34 - 00098304 _____ C:\Windows\system32\config\SAM_tureg_old

==================== Fichiers à la racine de certains dossiers =======

2012-12-15 23:33 - 2012-12-15 23:33 - 0000006 _____ () C:\Program Files (x86)\Common Files\WPVersion.txt
2012-11-18 21:00 - 2012-11-18 21:00 - 0187087 _____ () C:\Users\imane\AppData\Roaming\UserTile.png
2013-03-21 15:42 - 2013-03-21 15:46 - 0007605 _____ () C:\Users\imane\AppData\Local\resmon.resmoncfg
2012-01-04 17:31 - 2012-01-04 17:31 - 0000048 ____H () C:\ProgramData\ezsidmv.dat

Fichiers à déplacer ou supprimer:
====================
C:\Users\imane\ZHPCleaner.exe
C:\Users\imane\ZHPDiag3.exe


Certains fichiers dans TEMP:
====================
C:\Users\Invité\AppData\Local\Temp\install_flashplayer11x64ax_gtba_aih.exe


==================== Bamital & volsnap =================

(Il n'y a pas de correction automatique pour les fichiers qui ne satisfont pas à la vérification.)

C:\Windows\system32\winlogon.exe => Le fichier est signé numériquement
C:\Windows\system32\wininit.exe => Le fichier est signé numériquement
C:\Windows\SysWOW64\wininit.exe => Le fichier est signé numériquement
C:\Windows\explorer.exe => Le fichier est signé numériquement
C:\Windows\SysWOW64\explorer.exe => Le fichier est signé numériquement
C:\Windows\system32\svchost.exe => Le fichier est signé numériquement
C:\Windows\SysWOW64\svchost.exe => Le fichier est signé numériquement
C:\Windows\system32\services.exe => Le fichier est signé numériquement
C:\Windows\system32\User32.dll => Le fichier est signé numériquement
C:\Windows\SysWOW64\User32.dll => Le fichier est signé numériquement
C:\Windows\system32\userinit.exe => Le fichier est signé numériquement
C:\Windows\SysWOW64\userinit.exe => Le fichier est signé numériquement
C:\Windows\system32\rpcss.dll => Le fichier est signé numériquement
C:\Windows\system32\dnsapi.dll => Le fichier est signé numériquement
C:\Windows\SysWOW64\dnsapi.dll => Le fichier est signé numériquement
C:\Windows\system32\Drivers\volsnap.sys => Le fichier est signé numériquement


LastRegBack: 2013-12-05 13:25

==================== Fin de FRST.txt ============================

Publicité


Signaler le contenu de ce document

Publicité