cjoint

Publicité


Publicité

Format du document : text/plain

Prévisualisation

Résultats d'analyse de Farbar Recovery Scan Tool (FRST) (x86) Version:31-12-2015
Exécuté par claude (administrateur) sur PC-DE-CLAUDE (05-01-2016 19:23:32)
Exécuté depuis C:\Users\claude\Downloads
Profils chargés: claude (Profils disponibles: claude)
Platform: Microsoft® Windows Vista™ Édition Familiale Premium Service Pack 2 (X86) Langue: Français (France)
Internet Explorer Version 9 (Navigateur par défaut: FF)
Mode d'amorçage: Normal
Tutoriel pour Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processus (Avec liste blanche) =================

(Si un élément est inclus dans le fichier fixlist.txt, le processus sera arrêté. Le fichier ne sera pas déplacé.)

(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
(Microsoft Corporation) C:\Windows\System32\SLsvc.exe
(ABBYY) C:\Program Files\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe
(TomTom) C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\NisSrv.exe
(SEIKO EPSON CORPORATION) C:\Program Files\Epson Software\Event Manager\EEventManager.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(TomTom) C:\Program Files\TomTom HOME 2\TomTomHOMERunner.exe
(Microsoft Corporation) C:\Program Files\Windows Media Player\wmpnscfg.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
() C:\Program Files\Canon\ImageBrowser EX\MFManager.exe
(Canon INC.) C:\Program Files\Canon\EOS Utility\EOS Utility.exe
() C:\Users\claude\Downloads\firemin_2086\firemin_2086\Firemin.exe
(Sony Corporation) C:\Program Files\Sony\Sony Picture Utility\VolumeWatcher\SPUVolumeWatcher.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner.exe
(Microsoft Corporation) C:\Windows\System32\conime.exe


==================== Registre (Avec liste blanche) ===========================

(Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé. Le fichier ne sera pas déplacé.)

HKLM\...\Run: [Windows Defender] => C:\Program Files\Windows Defender\MSASCui.exe [1008184 2008-01-19] (Microsoft Corporation)
HKLM\...\Run: [EEventManager] => C:\Program Files\Epson Software\Event Manager\EEventManager.exe [979328 2010-10-12] (SEIKO EPSON CORPORATION)
HKLM\...\Run: [AvastUI.exe] => "AvastUI.exe" /nogui
HKLM\...\Run: [MSC] => c:\Program Files\Microsoft Security Client\msseces.exe [981688 2015-04-30] (Microsoft Corporation)
HKU\S-1-5-21-3307136319-771593786-475523697-1000\...\Run: [EPSON SX430 Series] => C:\Windows\system32\spool\DRIVERS\W32X86\3\E_FATIHAE.EXE [212480 2011-01-21] (SEIKO EPSON CORPORATION)
HKU\S-1-5-21-3307136319-771593786-475523697-1000\...\Run: [WMPNSCFG] => C:\Program Files\Windows Media Player\WMPNSCFG.exe [202240 2008-01-19] (Microsoft Corporation)
HKU\S-1-5-21-3307136319-771593786-475523697-1000\...\Run: [TomTomHOME.exe] => C:\Program Files\TomTom HOME 2\TomTomHOMERunner.exe [248176 2015-04-30] (TomTom)
HKU\S-1-5-21-3307136319-771593786-475523697-1000\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner.exe [6602152 2015-11-16] (Piriform Ltd)
HKU\S-1-5-18\...\Run: [AviraSpeedup] => "C:\Program Files\Avira\AviraSpeedup\avira_system_speedup.exe" -autorun
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => ashShell.dll Pas de fichier
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\ImageBrowser EX Agent.lnk [2015-01-09]
ShortcutTarget: ImageBrowser EX Agent.lnk -> C:\Program Files\Canon\ImageBrowser EX\MFManager.exe ()
Startup: C:\Users\claude\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\EOS Utility.lnk [2015-01-09]
ShortcutTarget: EOS Utility.lnk -> C:\Program Files\Canon\EOS Utility\EOS Utility.exe (Canon INC.)
Startup: C:\Users\claude\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Firemin.lnk [2014-11-21]
ShortcutTarget: Firemin.lnk -> C:\Users\claude\Downloads\firemin_2086\firemin_2086\Firemin.exe ()
Startup: C:\Users\claude\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Outil de détection de support Picture Motion Browser.lnk [2012-07-16]
ShortcutTarget: Outil de détection de support Picture Motion Browser.lnk -> C:\Program Files\Sony\Sony Picture Utility\VolumeWatcher\SPUVolumeWatcher.exe (Sony Corporation)

==================== Internet (Avec liste blanche) ====================

(Si un élément est inclus dans le fichier fixlist.txt, s'il s'agit d'un élément du Registre, il sera supprimé ou restauré à la valeur par défaut.)

Tcpip\Parameters: [DhcpNameServer] 192.168.1.1 192.168.1.1
Tcpip\..\Interfaces\{4E147F85-E2BF-449C-A103-F098F1F49077}: [NameServer] 8.8.8.8,8.8.4.4
Tcpip\..\Interfaces\{4E147F85-E2BF-449C-A103-F098F1F49077}: [DhcpNameServer] 192.168.1.1 192.168.1.1

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = about:blank
HKU\S-1-5-21-3307136319-771593786-475523697-1000\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.bing.com/search?q={searchTerms}&FORM=AVASDF&PC=AV01
HKU\S-1-5-21-3307136319-771593786-475523697-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://mysearch.avg.com/?cid={17A9611F-FB67-419A-9E71-E34C35D71957}&mid=cf2d1270b52b47cca03fd153e6743306-cde80eb5844d6b2e75886e9dba65c2b2ebc7baf8&lang=fr&ds=AVG&coid=avgtbavg&cmpid=0615pit&pr=fr&d=2015-11-05 01:28:36&v=4.1.8.599&pid=wtu&sg=&sap=hp
HKU\S-1-5-21-3307136319-771593786-475523697-1000\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxp://www.msn.com/?pc=AV01
SearchScopes: HKLM -> {A25AC313-DD19-4238-ACA2-401D6BEE4321} URL = hxxp://www.bing.com/search?q={searchTerms}&FORM=AVASDF&PC=AV01
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-3307136319-771593786-475523697-1000 -> {A25AC313-DD19-4238-ACA2-401D6BEE4321} URL = hxxp://www.bing.com/search?q={searchTerms}&FORM=AVASDF&PC=AV01
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2015-10-07] (AVAST Software)
BHO: Easy Photo Print -> {9421DD08-935F-4701-A9CA-22DF90AC4EA6} -> C:\Program Files\Epson Software\Easy Photo Print\EPTBL.dll [2008-03-30] (SEIKO EPSON CORPORATION / CyCom Technology Corp.)
Toolbar: HKLM - Easy Photo Print - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files\Epson Software\Easy Photo Print\EPTBL.dll [2008-03-30] (SEIKO EPSON CORPORATION / CyCom Technology Corp.)
StartMenuInternet: IEXPLORE.EXE - iexplore.exe

FireFox:
========
FF ProfilePath: C:\Users\claude\AppData\Roaming\Mozilla\Firefox\Profiles\lgcx6zav.default-1444926975545
FF DefaultSearchEngine: Qwant.com
FF Homepage: hxxp://www.orange.fr/portail?&utm_medium=cpc&gclid=CJOH3d_M-MgCFScTwwodrwEDWw
about:preferences
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32_20_0_0_267.dll [2015-12-29] ()
FF Plugin: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf -> C:\Program Files\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2015-02-11] (Foxit Corporation)
FF Plugin: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.fdf -> C:\Program Files\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2015-02-11] (Foxit Corporation)
FF Plugin: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xdp -> C:\Program Files\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2015-02-11] (Foxit Corporation)
FF Plugin: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xfdf -> C:\Program Files\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2015-02-11] (Foxit Corporation)
FF Plugin: @microsoft.com/WPF,version=3.5 -> c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll [2008-07-29] (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npFoxitReaderPlugin.dll [2009-09-07] (Foxit Software Company)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\NPOFF12.DLL [2006-10-26] (Microsoft Corporation)
FF SearchPlugin: C:\Users\claude\AppData\Roaming\Mozilla\Firefox\Profiles\lgcx6zav.default-1444926975545\searchplugins\qwantcom.xml [2015-11-11]
FF Extension: NewsFox - C:\Users\claude\AppData\Roaming\Mozilla\Firefox\Profiles\lgcx6zav.default-1444926975545\Extensions\{899DF1F8-2F43-4394-8315-37F6744E6319}.xpi [2015-10-22]
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF Extension: Microsoft .NET Framework Assistant - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension [2011-05-03] [non signé]
FF HKLM\...\Firefox\Extensions: [wrc@avast.com] - WebRep\FF
FF Extension: Avast Online Security - WebRep\FF [2015-11-04]

Chrome:
=======
CHR Profile: C:\Users\claude\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Docs) - C:\Users\claude\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-07-07]
CHR Extension: (Google Drive) - C:\Users\claude\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-07-07]
CHR Extension: (YouTube) - C:\Users\claude\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-07-07]
CHR Extension: (Recherche Google) - C:\Users\claude\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-07-07]
CHR Extension: (avast! Online Security) - C:\Users\claude\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2013-11-19]
CHR Extension: (Google Wallet) - C:\Users\claude\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-01-27]
CHR Extension: (Gmail) - C:\Users\claude\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-07-07]
CHR HKLM\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChromeSp.crx [2015-04-22]
CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - WebRep\Chrome\aswWebRepChrome.crx [2015-11-04]

==================== Services (Avec liste blanche) ========================

(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)

R2 ABBYY.Licensing.FineReader.Sprint.9.0; C:\Program Files\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe [759048 2009-05-14] (ABBYY)
S3 AvastVBoxSvc; C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe [3219136 2015-10-07] (Avast Software)
S2 MBAMService; C:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe [1135416 2015-10-05] (Malwarebytes)
R2 MsMpSvc; c:\Program Files\Microsoft Security Client\MsMpEng.exe [22216 2015-04-30] (Microsoft Corporation)
R3 NisSrv; c:\Program Files\Microsoft Security Client\NisSrv.exe [284504 2015-04-30] (Microsoft Corporation)
S2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [272952 2008-01-19] (Microsoft Corporation)
S2 avast! Antivirus; "AvastSvc.exe" [X]

===================== Pilotes (Avec liste blanche) ==========================

(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)

R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [24016 2015-11-04] (AVAST Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [81168 2015-11-04] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr.sys [55200 2015-11-04] (AVAST Software)
R0 aswRvrt; C:\Windows\system32\Drivers\aswRvrt.sys [49776 2015-11-04] (AVAST Software)
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [794952 2015-11-04] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [435464 2015-11-04] (AVAST Software)
S3 aswStmXP; C:\Windows\system32\drivers\aswStmXP.sys [167152 2015-11-04] (AVAST Software)
S3 aswTdi; C:\Windows\system32\drivers\aswTdi.sys [57888 2015-11-04] (AVAST Software)
R0 aswVmm; C:\Windows\system32\Drivers\aswVmm.sys [209432 2015-11-04] (AVAST Software)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [23256 2015-10-05] (Malwarebytes)
S3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [170200 2015-12-29] (Malwarebytes)
S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [51928 2015-10-05] (Malwarebytes Corporation)
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [245096 2015-03-04] (Microsoft Corporation)
R0 PxHelp20; C:\Windows\System32\Drivers\PxHelp20.sys [36624 2006-11-02] (Sonic Solutions) [Fichier non signé]
R2 VBoxAswDrv; C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxAswDrv.sys [220752 2015-10-07] (Avast Software)
S4 blbdrive; \SystemRoot\system32\drivers\blbdrive.sys [X]
S3 IpInIp; system32\DRIVERS\ipinip.sys [X]
S3 Nbdrv; system32\DRIVERS\nbdrv.sys [X]
S3 NwlnkFlt; system32\DRIVERS\nwlnkflt.sys [X]
S3 NwlnkFwd; system32\DRIVERS\nwlnkfwd.sys [X]

==================== NetSvcs (Avec liste blanche) ===================

(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)


==================== Un mois - Créés - fichiers et dossiers ========

(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)

2016-01-05 18:45 - 2016-01-05 18:45 - 00037156 _____ C:\Users\claude\Downloads\Shortcut.txt
2016-01-05 18:44 - 2016-01-05 18:45 - 00030922 _____ C:\Users\claude\Downloads\Addition.txt
2016-01-05 18:42 - 2016-01-05 19:23 - 00014499 _____ C:\Users\claude\Downloads\FRST.txt
2016-01-05 18:42 - 2016-01-05 19:23 - 00000000 ____D C:\FRST
2016-01-05 18:42 - 2016-01-05 18:42 - 00000824 _____ C:\Users\claude\Desktop\FRST.lnk
2016-01-05 18:40 - 2016-01-05 18:41 - 01721856 _____ (Farbar) C:\Users\claude\Downloads\FRST.exe
2016-01-05 12:29 - 2016-01-05 12:33 - 161199376 _____ (AVAST Software) C:\Users\claude\Downloads\avast_free_antivirus_setup.exe
2016-01-04 12:25 - 2016-01-04 12:27 - 00116214 _____ C:\Windows\ntbtlog.txt
2016-01-04 07:34 - 2016-01-04 07:34 - 00000858 _____ C:\Users\claude\Desktop\avastclear.lnk
2016-01-04 07:32 - 2016-01-04 07:32 - 05762544 _____ (AVAST Software) C:\Users\claude\Downloads\avastclear.exe
2016-01-04 06:46 - 2016-01-04 06:46 - 01745920 _____ C:\Users\claude\Downloads\adwcleaner_5.027.exe
2015-12-29 12:49 - 2015-12-29 12:49 - 01972736 _____ C:\Users\claude\ZHPCleaner.exe
2015-12-29 06:59 - 2015-12-29 12:19 - 00000000 ____D C:\Program Files\Mozilla Firefox
2015-12-29 06:29 - 2015-12-29 06:30 - 02048000 _____ C:\Users\claude\Downloads\ZHPDiag3(3).exe
2015-12-28 06:30 - 2015-12-28 06:30 - 00000888 _____ C:\Users\claude\Desktop\adwcleaner_5.026.lnk
2015-12-28 06:24 - 2015-12-28 06:24 - 01743360 _____ C:\Users\claude\Downloads\adwcleaner_5.026.exe
2015-12-16 08:02 - 2015-12-16 08:04 - 45826552 _____ C:\Users\claude\Downloads\Firefox_Setup_43.0.exe
2015-12-15 07:31 - 2015-12-15 07:31 - 01740288 _____ C:\Users\claude\Downloads\adwcleaner_5.025.exe
2015-12-14 12:31 - 2015-11-06 18:05 - 00627712 _____ (Microsoft Corporation) C:\Windows\system32\user32.dll
2015-12-14 12:31 - 2015-11-06 17:32 - 01029120 _____ (Microsoft Corporation) C:\Windows\system32\d3d10.dll
2015-12-14 12:31 - 2015-11-06 17:32 - 00219648 _____ (Microsoft Corporation) C:\Windows\system32\d3d10_1core.dll
2015-12-14 12:31 - 2015-11-06 17:32 - 00189952 _____ (Microsoft Corporation) C:\Windows\system32\d3d10core.dll
2015-12-14 12:31 - 2015-11-06 17:32 - 00160768 _____ (Microsoft Corporation) C:\Windows\system32\d3d10_1.dll
2015-12-14 12:31 - 2015-11-06 16:27 - 01172480 _____ (Microsoft Corporation) C:\Windows\system32\d3d10warp.dll
2015-12-14 12:31 - 2015-11-06 16:26 - 00486400 _____ (Microsoft Corporation) C:\Windows\system32\d3d10level9.dll
2015-12-14 12:31 - 2015-11-06 16:24 - 02068480 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2015-12-14 12:31 - 2015-11-06 16:20 - 01073152 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll
2015-12-14 12:31 - 2015-11-06 16:20 - 00682496 _____ (Microsoft Corporation) C:\Windows\system32\d2d1.dll
2015-12-14 12:31 - 2015-11-06 16:19 - 00802304 _____ (Microsoft Corporation) C:\Windows\system32\FntCache.dll
2015-12-14 12:31 - 2015-11-02 18:04 - 00179200 _____ (Microsoft Corporation) C:\Windows\system32\els.dll
2015-12-14 12:28 - 2015-11-10 18:03 - 01208832 _____ (Microsoft Corporation) C:\Windows\system32\comsvcs.dll
2015-12-14 12:28 - 2015-11-10 18:03 - 00488448 _____ (Microsoft Corporation) C:\Windows\system32\catsrvut.dll
2015-12-14 12:27 - 2015-11-05 08:34 - 00113664 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rmcast.sys
2015-12-14 08:09 - 2015-12-14 08:09 - 00000000 ____D C:\e4a4ca99c708435866e69b8dbb
2015-12-11 07:56 - 2015-11-12 21:39 - 01814528 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-12-11 07:56 - 2015-11-12 21:37 - 12389376 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-12-11 07:56 - 2015-11-12 21:36 - 00367616 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2015-12-11 07:56 - 2015-11-12 21:34 - 09753088 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-12-11 07:56 - 2015-11-12 21:34 - 01140224 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-12-11 07:56 - 2015-11-12 21:33 - 01129472 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-12-11 07:56 - 2015-11-12 21:32 - 01804288 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-12-11 07:56 - 2015-11-12 21:32 - 01427968 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-12-11 07:56 - 2015-11-12 21:32 - 00718848 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2015-12-11 07:56 - 2015-11-12 21:32 - 00607744 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-12-11 07:56 - 2015-11-12 21:32 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-12-11 07:56 - 2015-11-12 21:32 - 00231936 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2015-12-11 07:56 - 2015-11-12 21:32 - 00142848 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2015-12-11 07:56 - 2015-11-12 21:32 - 00065536 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2015-12-11 07:56 - 2015-11-12 21:32 - 00041472 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll
2015-12-11 07:56 - 2015-11-12 21:32 - 00011776 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe
2015-12-11 07:56 - 2015-11-12 21:31 - 02382848 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2015-12-11 07:56 - 2015-11-12 21:31 - 00353792 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2015-12-11 07:56 - 2015-11-12 21:31 - 00223232 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-12-11 07:56 - 2015-11-12 21:31 - 00176640 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2015-12-11 07:56 - 2015-11-12 21:31 - 00073216 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-12-11 07:56 - 2015-11-12 21:31 - 00010752 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe
2015-12-10 07:22 - 2015-12-10 07:23 - 06801752 _____ (Piriform Ltd) C:\Users\claude\Downloads\ccsetup512.exe
2015-12-09 06:43 - 2015-12-09 06:43 - 00000422 _____ C:\Windows\DCEBOOT.RST
2015-12-09 06:41 - 2015-12-09 06:41 - 00025088 _____ (Trend Micro Inc.) C:\Windows\DCEBoot.exe
2015-12-09 06:33 - 2015-12-09 06:33 - 00234264 _____ C:\Users\claude\AppData\Local\census.cache
2015-12-09 06:33 - 2015-12-09 06:33 - 00159603 _____ C:\Users\claude\AppData\Local\ars.cache
2015-12-09 05:40 - 2015-12-09 05:40 - 00000036 _____ C:\Users\claude\AppData\Local\housecall.guid.cache
2015-12-09 05:40 - 2011-06-21 05:09 - 00200976 _____ (Trend Micro Inc.) C:\Windows\system32\Drivers\tmcomm.sys
2015-12-07 07:05 - 2015-12-07 07:05 - 00000888 _____ C:\Users\claude\Desktop\adwcleaner_5.023 - Raccourci.lnk
2015-12-06 19:48 - 2015-12-06 19:48 - 00001786 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Security Essentials.lnk
2015-12-06 19:48 - 2015-12-06 19:48 - 00000000 ____D C:\Program Files\Microsoft Security Client
2015-12-06 19:45 - 2015-12-06 19:46 - 11614040 _____ (Microsoft Corporation) C:\Users\claude\Downloads\mseinstall(1).exe

==================== Un mois - Modifiés - fichiers et dossiers ========

(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)

2016-01-05 19:20 - 2006-11-02 14:01 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2016-01-05 19:20 - 2006-11-02 13:47 - 00003568 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
2016-01-05 19:20 - 2006-11-02 13:47 - 00003568 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
2016-01-05 18:59 - 2006-11-02 14:01 - 00032564 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2016-01-05 18:42 - 2006-11-02 12:18 - 00000000 ____D C:\Windows
2016-01-05 18:35 - 2015-10-19 12:23 - 00001002 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2016-01-05 12:34 - 2015-11-04 07:46 - 00000284 _____ C:\Users\claude\Downloads\.tmp
2016-01-04 07:10 - 2014-06-04 06:48 - 00000000 ____D C:\Users\claude\Documents\foncia
2016-01-04 06:47 - 2013-08-28 16:57 - 00000000 ____D C:\AdwCleaner
2016-01-04 06:41 - 2012-06-06 05:52 - 00796864 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
2016-01-04 06:41 - 2011-11-30 07:17 - 00142528 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl
2015-12-30 07:28 - 2009-09-08 17:44 - 00000000 ____D C:\Users\claude\Documents\courriers
2015-12-29 21:15 - 2009-09-08 17:44 - 00000000 ____D C:\Users\claude\Documents\ccleaner
2015-12-29 20:58 - 2015-06-30 17:51 - 00000002 _____ C:\runcheck.txt
2015-12-29 13:25 - 2013-10-08 17:43 - 00000000 ____D C:\Users\claude\AppData\Roaming\ZHP
2015-12-29 13:09 - 2015-11-18 05:29 - 00000737 _____ C:\Users\claude\Desktop\ZHPCleaner.lnk
2015-12-29 12:49 - 2009-09-06 16:42 - 00000000 ____D C:\Users\claude
2015-12-29 12:22 - 2015-08-20 16:48 - 00170200 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-12-29 12:19 - 2012-05-11 19:53 - 00000000 ____D C:\Program Files\Mozilla Maintenance Service
2015-12-29 06:33 - 2015-10-01 06:22 - 00000727 _____ C:\Users\claude\Desktop\ZHPDiag.lnk
2015-12-29 06:32 - 2015-10-07 06:33 - 02048000 _____ C:\Users\claude\ZHPDiag3.exe
2015-12-28 07:18 - 2009-09-08 17:44 - 00000000 ____D C:\Users\claude\Documents\informatique
2015-12-18 06:43 - 2006-11-02 16:48 - 00669328 _____ C:\Windows\system32\perfh00C.dat
2015-12-18 06:43 - 2006-11-02 16:48 - 00123350 _____ C:\Windows\system32\perfc00C.dat
2015-12-18 06:43 - 2006-11-02 12:18 - 00000000 ____D C:\Windows\inf
2015-12-18 06:43 - 2006-11-02 11:33 - 01470810 _____ C:\Windows\system32\PerfStringBackup.INI
2015-12-17 07:12 - 2015-04-27 06:12 - 00000000 ____D C:\Users\claude\Documents\immodefrance
2015-12-16 08:08 - 2009-09-06 20:40 - 00000806 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk
2015-12-14 13:01 - 2006-11-02 12:18 - 00000000 ____D C:\Windows\rescache
2015-12-14 12:40 - 2006-11-02 13:47 - 00265464 _____ C:\Windows\system32\FNTCACHE.DAT
2015-12-14 12:37 - 2006-11-02 13:37 - 00000000 ____D C:\Windows\system32\XPSViewer
2015-12-14 12:34 - 2009-09-07 18:00 - 00000000 ____D C:\ProgramData\Microsoft Help
2015-12-11 08:06 - 2013-08-30 06:31 - 00000000 ____D C:\Windows\system32\MRT
2015-12-11 07:59 - 2006-11-02 11:24 - 137798368 _____ (Microsoft Corporation) C:\Windows\system32\mrt.exe
2015-12-11 07:10 - 2012-05-29 17:42 - 00000000 ____D C:\Users\claude\Documents\analyse de sang
2015-12-10 07:25 - 2013-08-27 12:09 - 00000764 _____ C:\Users\Public\Desktop\CCleaner.lnk
2015-12-06 19:48 - 2015-10-27 19:23 - 00001912 _____ C:\Windows\epplauncher.mif
2015-12-06 19:36 - 2015-11-04 18:23 - 00000000 ____D C:\ProgramData\Avg
2015-12-06 19:36 - 2015-11-04 18:22 - 00000000 ____D C:\Users\claude\AppData\Local\Avg
2015-12-06 19:36 - 2015-11-04 18:22 - 00000000 ____D C:\ProgramData\MFAData
2015-12-06 19:29 - 2015-11-04 18:22 - 00000000 ____D C:\Users\claude\AppData\Local\AvgSetupLog

==================== Fichiers à la racine de certains dossiers =======

2015-11-04 07:48 - 2015-11-04 07:48 - 6420480 _____ () C:\Program Files\GUT9A0E.tmp
2014-11-11 15:55 - 2014-11-17 05:55 - 0000130 _____ () C:\Users\claude\AppData\Roaming\WB.CFG
2015-12-09 06:33 - 2015-12-09 06:33 - 0159603 _____ () C:\Users\claude\AppData\Local\ars.cache
2015-12-09 06:33 - 2015-12-09 06:33 - 0234264 _____ () C:\Users\claude\AppData\Local\census.cache
2010-04-10 17:06 - 2010-04-10 17:06 - 0000552 _____ () C:\Users\claude\AppData\Local\d3d8caps.dat
2009-09-06 17:01 - 2014-05-14 16:55 - 0000680 _____ () C:\Users\claude\AppData\Local\d3d9caps.dat
2009-09-08 17:43 - 2012-02-08 18:19 - 0011264 _____ () C:\Users\claude\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2014-11-13 07:55 - 2014-11-13 07:55 - 0000001 _____ () C:\Users\claude\AppData\Local\DSI.DAT
2015-12-09 05:40 - 2015-12-09 05:40 - 0000036 _____ () C:\Users\claude\AppData\Local\housecall.guid.cache
2011-07-06 18:44 - 2011-07-06 18:45 - 0000000 _____ () C:\Users\claude\AppData\Local\{EBD75D7B-89B9-4995-805E-FCBC55592922}

Fichiers à déplacer ou supprimer:
====================
C:\Users\claude\FastStoneCapture.exe
C:\Users\claude\ZHPCleaner.exe
C:\Users\claude\ZHPDiag3.exe


Certains fichiers dans TEMP:
====================
C:\Users\claude\AppData\Local\Temp\7za.exe
C:\Users\claude\AppData\Local\Temp\DaS_21.exe
C:\Users\claude\AppData\Local\Temp\hijackthis.exe
C:\Users\claude\AppData\Local\Temp\NirCmd.exe
C:\Users\claude\AppData\Local\Temp\PEVZ.EXE
C:\Users\claude\AppData\Local\Temp\remove.exe
C:\Users\claude\AppData\Local\Temp\sed.exe
C:\Users\claude\AppData\Local\Temp\shortcut.exe
C:\Users\claude\AppData\Local\Temp\swreg.exe
C:\Users\claude\AppData\Local\Temp\swxcacls.exe
C:\Users\claude\AppData\Local\Temp\wget.exe
C:\Users\claude\AppData\Local\Temp\zoek-delete.exe


==================== Bamital & volsnap =================

(Il n'y a pas de correction automatique pour les fichiers qui ne satisfont pas à la vérification.)

C:\Windows\explorer.exe => Le fichier est signé numériquement
C:\Windows\system32\winlogon.exe => Le fichier est signé numériquement
C:\Windows\system32\wininit.exe => Le fichier est signé numériquement
C:\Windows\system32\svchost.exe => Le fichier est signé numériquement
C:\Windows\system32\services.exe => Le fichier est signé numériquement
C:\Windows\system32\User32.dll => Le fichier est signé numériquement
C:\Windows\system32\userinit.exe => Le fichier est signé numériquement
C:\Windows\system32\rpcss.dll => Le fichier est signé numériquement
C:\Windows\system32\dnsapi.dll => Le fichier est signé numériquement
C:\Windows\system32\Drivers\volsnap.sys => Le fichier est signé numériquement


LastRegBack: 2016-01-05 18:17

==================== Fin de FRST.txt ============================

Publicité


Signaler le contenu de ce document

Publicité