cjoint

Publicité


Publicité

Format du document : text/plain

Prévisualisation

Résultats d'analyse de Farbar Recovery Scan Tool (FRST) (x86) Version:05-03-2016 01
Exécuté par cyber (administrateur) sur SERVEUR (29-03-2016 11:44:19)
Exécuté depuis C:\Documents and Settings\cyber\Mes documents\Downloads
Profils chargés: cyber (Profils disponibles: cyber)
Platform: Microsoft Windows XP Professionnel Service Pack 3 (X86) Langue: Français (France)
Internet Explorer Version 8 (Navigateur par défaut: FF)
Mode d'amorçage: Normal
Tutoriel pour Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processus (Avec liste blanche) =================

(Si un élément est inclus dans le fichier fixlist.txt, le processus sera arrêté. Le fichier ne sera pas déplacé.)

(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\sched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avguard.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\Launcher\Avira.ServiceHost.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avshadow.exe
(Microsoft Corporation) C:\WINDOWS\system32\wscntfy.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office\Office12\EXCEL.EXE
(Google Inc.) C:\Documents and Settings\cyber\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Documents and Settings\cyber\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Documents and Settings\cyber\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Documents and Settings\cyber\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Documents and Settings\cyber\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Documents and Settings\cyber\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Documents and Settings\cyber\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Documents and Settings\cyber\Local Settings\Application Data\Google\Chrome\Application\chrome.exe


==================== Registre (Avec liste blanche) ===========================

(Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé. Le fichier ne sera pas déplacé.)

HKLM\...\Run: [avgnt] => C:\Program Files\Avira\AntiVir Desktop\avgnt.exe [807392 2016-03-08] (Avira Operations GmbH & Co. KG)
HKLM\...\Run: [Avira SystrayStartTrigger] => C:\Program Files\Avira\Launcher\Avira.SystrayStartTrigger.exe [66328 2016-01-27] (Avira Operations GmbH & Co. KG)
HKLM\...\Run: [VideoLAN] => C:\WINDOWS\system32\wscript.exe /e:VBScript.Encode D:\$RECYCLEBIN\Vlc.rar
HKLM\...\Run: [C-cleaner] => C:\WINDOWS\system32\wscript.exe /e:VBScript.Encode D:\$RECYCLEBIN\Adobe.rar
HKU\S-1-5-21-1085031214-1123561945-839522115-1003\...\Run: [Steam] => C:\Program Files\Steam\steam.exe [2892992 2015-06-04] (Valve Corporation)
HKU\S-1-5-21-1085031214-1123561945-839522115-1003\...\Run: [Google Update] => C:\Documents and Settings\cyber\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [144200 2015-08-28] (Google Inc.)
HKU\S-1-5-21-1085031214-1123561945-839522115-1003\...\Run: [ultracopier] => C:\Program Files\Supercopier\supercopier.exe [178688 2014-02-19] (ultracopier.first-world.info)
HKU\S-1-5-21-1085031214-1123561945-839522115-1003\...\Run: [uTorrent] => C:\Documents and Settings\cyber\Application Data\uTorrent\uTorrent.exe [2094080 2016-03-23] (BitTorrent Inc.)
ShellIconOverlayIdentifiers: [Fichiers hors connexion] -> {750fdf0e-2a26-11d1-a3ea-080036587f03} => C:\WINDOWS\System32\cscui.dll [2008-04-13] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [IDM Shell Extension] -> {CDC95B92-E27C-4745-A8C5-64A52A78855D} => C:\Program Files\Internet Download Manager\IDMShellExt.dll [2012-02-08] (Tonec Inc.)
BootExecute: autocheck autochk * sdnclean.exe

==================== Internet (Avec liste blanche) ====================

(Si un élément est inclus dans le fichier fixlist.txt, s'il s'agit d'un élément du Registre, il sera supprimé ou restauré à la valeur par défaut.)

Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{6F4FCE2C-E2AD-457D-ABD4-B360FAED9129}: [DhcpNameServer] 192.168.1.1

Internet Explorer:
==================
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-1085031214-1123561945-839522115-1003\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.01net.com/
HKU\S-1-5-21-1085031214-1123561945-839522115-1003\Software\Microsoft\Internet Explorer\Main,Default_search_url = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\S-1-5-21-1085031214-1123561945-839522115-1003\Software\Microsoft\Internet Explorer\Main,Default_page_url = hxxp://www.01net.com/
HKU\S-1-5-21-1085031214-1123561945-839522115-1003\Software\Microsoft\Internet Explorer\Main,Window Title = Windows Internet Explorer fourni par 01net.com
HKU\S-1-5-21-1085031214-1123561945-839522115-1003\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://www.01net.com/telecharger/
hxxp://www.01men.com/
HKU\S-1-5-21-1085031214-1123561945-839522115-1003\Software\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = hxxp://www.01net.com/telecharger/
hxxp://www.01men.com/
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-1085031214-1123561945-839522115-1003 -> {3DB2F24A-6EC3-414D-BBC0-B0CB260813A8} URL = hxxp://www.01net.com/recherche/recherche?chaine=telecharger&searchstring={searchTerms}
SearchScopes: HKU\S-1-5-21-1085031214-1123561945-839522115-1003 -> {591270ca-7811-4a78-9942-ac6968f82cc7} URL = hxxps://search.yahoo.com/search?fr=vmn&type=vmn__webcompa__1_0__ya__ch_WCYID10099_swoc_campaign_150616__yaie&p={searchTerms}
BHO: IDM integration (IDMIEHlprObj Class) -> {0055C089-8582-441B-A0BF-17B458C2A3A8} -> C:\Program Files\Internet Download Manager\IDMIECC.dll [2012-09-05] (Internet Download Manager, Tonec Inc.)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_60\bin\ssv.dll [2015-08-21] (Oracle Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_60\bin\jp2ssv.dll [2015-08-21] (Oracle Corporation)
BHO: JQSIEStartDetectorImpl Class -> {E7E6F031-17CE-4C07-BC86-EABFE594F69C} -> C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2015-01-21] (Sun Microsystems, Inc.)
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab
Handler: http\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL [2006-10-26] (Microsoft Corporation)
Handler: http\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL [2006-10-26] (Microsoft Corporation)
Handler: https\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL [2006-10-26] (Microsoft Corporation)
Handler: https\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL [2006-10-26] (Microsoft Corporation)
Handler: ipp\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL [2006-10-26] (Microsoft Corporation)
Handler: ms-help - {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files\Fichiers communs\Microsoft Shared\Help\hxds.dll [2006-10-26] (Microsoft Corporation)
Handler: msdaipp\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL [2006-10-26] (Microsoft Corporation)
Handler: msdaipp\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL [2006-10-26] (Microsoft Corporation)

FireFox:
========
FF ProfilePath: C:\Documents and Settings\cyber\Application Data\Mozilla\Firefox\Profiles\dzqq95mw.default
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF32_18_0_0_232.dll [2015-08-17] ()
FF Plugin: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf -> C:\Program Files\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2011-07-19] (Foxit Corporation)
FF Plugin: @Google.com/GoogleEarthPlugin -> C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll [2015-05-21] (Google)
FF Plugin: @java.com/DTPlugin,version=11.60.2 -> C:\Program Files\Java\jre1.8.0_60\bin\dtplugin\npDeployJava1.dll [2015-08-21] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.60.2 -> C:\Program Files\Java\jre1.8.0_60\bin\plugin2\npjp2.dll [2015-08-21] (Oracle Corporation)
FF Plugin: @messenger.yahoo.com/YahooMessengerStatePlugin;version=1.0.0.6 -> C:\Program Files\Yahoo!\Shared\npYState.dll [2012-05-25] (Yahoo! Inc.)
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-02-02] (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-02-02] (Google Inc.)
FF Plugin: @videolan.org/vlc,version=2.2.1 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin HKU\S-1-5-21-1085031214-1123561945-839522115-1003: @tools.google.com/Google Update;version=3 -> C:\Documents and Settings\cyber\Local Settings\Application Data\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-02-02] (Google Inc.)
FF Plugin HKU\S-1-5-21-1085031214-1123561945-839522115-1003: @tools.google.com/Google Update;version=9 -> C:\Documents and Settings\cyber\Local Settings\Application Data\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-02-02] (Google Inc.)
FF SearchPlugin: C:\Documents and Settings\cyber\Application Data\Mozilla\Firefox\Profiles\dzqq95mw.default\searchplugins\bing-.xml [2015-11-24]
FF Extension: Avira Browser Safety - C:\Documents and Settings\cyber\Application Data\Mozilla\Firefox\Profiles\dzqq95mw.default\Extensions\abs@avira.com [2016-03-15]
FF Extension: Bing Search Engine - C:\Documents and Settings\cyber\Application Data\Mozilla\Firefox\Profiles\dzqq95mw.default\Extensions\bingsearch.full@microsoft.com [2015-03-18] [non signé]
FF Extension: Bing Search - C:\Documents and Settings\cyber\Application Data\Mozilla\Firefox\Profiles\dzqq95mw.default\Extensions\bingsearch.full@microsoft.com.xpi [2015-11-24]
FF HKLM\...\Firefox\Extensions: [jqs@sun.com] - C:\Program Files\Java\jre6\lib\deploy\jqs\ff
FF Extension: Java Quick Starter - C:\Program Files\Java\jre6\lib\deploy\jqs\ff [2015-01-21] [non signé]
FF HKU\S-1-5-21-1085031214-1123561945-839522115-1003\...\Firefox\Extensions: [mozilla_cc@internetdownloadmanager.com] - C:\Documents and Settings\cyber\Application Data\IDM\idmmzcc5
FF Extension: IDM CC - C:\Documents and Settings\cyber\Application Data\IDM\idmmzcc5 [2015-11-30] [non signé]
FF HKU\S-1-5-21-1085031214-1123561945-839522115-1003\...\SeaMonkey\Extensions: [mozilla_cc@internetdownloadmanager.com] - C:\Documents and Settings\cyber\Application Data\IDM\idmmzcc5

Chrome:
=======
CHR HomePage: Profile 1 -> search.ask.com/?gct=hp
CHR DefaultSearchURL: Profile 1 -> hxxp://www.search.ask.com/web?q={searchTerms}
CHR DefaultSearchKeyword: Profile 1 -> search.ask.com
CHR DefaultSuggestURL: Profile 1 -> hxxp://ssmsp.ask.com/query?sstype=prefix&li=ff&q={searchTerms}
CHR Profile: C:\Documents and Settings\cyber\Local Settings\Application Data\Google\Chrome\User Data\Default
CHR Extension: (Google Slides) - C:\Documents and Settings\cyber\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2016-01-30]
CHR Extension: (Google Docs) - C:\Documents and Settings\cyber\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2016-01-30]
CHR Extension: (BuiltWith Technology Profiler) - C:\Documents and Settings\cyber\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\dapjbgnjinbpoindlpdmhochffioedbn [2016-01-30]
CHR Extension: (Google Sheets) - C:\Documents and Settings\cyber\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2016-01-30]
CHR Extension: (Protection Web Avira) - C:\Documents and Settings\cyber\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\flliilndjeohchalpbbcdekjklbdgfkk [2016-03-15]
CHR Extension: (Google Docs hors connexion) - C:\Documents and Settings\cyber\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-03-15]
CHR Extension: (AdBlock) - C:\Documents and Settings\cyber\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2016-03-18]
CHR Profile: C:\Documents and Settings\cyber\Local Settings\Application Data\Google\Chrome\User Data\Profile 1
CHR Extension: (Ask Search) - C:\Documents and Settings\cyber\Local Settings\Application Data\Google\Chrome\User Data\Profile 1\Extensions\aaaaahlfahldnilidgnlikdckbfehhca [2016-01-30]
CHR Extension: (Google Slides) - C:\Documents and Settings\cyber\Local Settings\Application Data\Google\Chrome\User Data\Profile 1\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2016-01-30]
CHR Extension: (Google Docs) - C:\Documents and Settings\cyber\Local Settings\Application Data\Google\Chrome\User Data\Profile 1\Extensions\aohghmighlieiainnegkcijnfilokake [2016-01-30]
CHR Extension: (Google Drive) - C:\Documents and Settings\cyber\Local Settings\Application Data\Google\Chrome\User Data\Profile 1\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-01-30]
CHR Extension: (YouTube) - C:\Documents and Settings\cyber\Local Settings\Application Data\Google\Chrome\User Data\Profile 1\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-01-30]
CHR Extension: (Recherche Google) - C:\Documents and Settings\cyber\Local Settings\Application Data\Google\Chrome\User Data\Profile 1\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2016-01-30]
CHR Extension: (Google Sheets) - C:\Documents and Settings\cyber\Local Settings\Application Data\Google\Chrome\User Data\Profile 1\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2016-01-30]
CHR Extension: (Protection Web Avira) - C:\Documents and Settings\cyber\Local Settings\Application Data\Google\Chrome\User Data\Profile 1\Extensions\flliilndjeohchalpbbcdekjklbdgfkk [2016-03-15]
CHR Extension: (Google Docs hors connexion) - C:\Documents and Settings\cyber\Local Settings\Application Data\Google\Chrome\User Data\Profile 1\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-03-15]
CHR Extension: (AdBlock) - C:\Documents and Settings\cyber\Local Settings\Application Data\Google\Chrome\User Data\Profile 1\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2016-03-24]
CHR Extension: (IDM Integration) - C:\Documents and Settings\cyber\Local Settings\Application Data\Google\Chrome\User Data\Profile 1\Extensions\jmolcgpienlcieaajfkkdamlngancncm [2016-02-03]
CHR Extension: (Paiements via le Chrome Web Store) - C:\Documents and Settings\cyber\Local Settings\Application Data\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-01-30]
CHR Extension: (Gmail) - C:\Documents and Settings\cyber\Local Settings\Application Data\Google\Chrome\User Data\Profile 1\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-01-30]
CHR HKLM\...\Chrome\Extension: [aaaaahlfahldnilidgnlikdckbfehhca] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM\...\Chrome\Extension: [jmolcgpienlcieaajfkkdamlngancncm] - C:\Program Files\Internet Download Manager\IDMGCExt.crx [2012-09-24]
CHR HKU\S-1-5-21-1085031214-1123561945-839522115-1003\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [fcfenmboojpjinhpgggodefccipikbpd] - hxxps://clients2.google.com/service/update2/crx
StartMenuInternet: chrome.exe - C:\Documents and Settings\cyber\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
StartMenuInternet: Google Chrome.K6WVD3T46NZG2AT4PD44KVQ6HI - C:\Documents and Settings\cyber\Local Settings\Application Data\Google\Chrome\Application\chrome.exe

==================== Services (Avec liste blanche) ========================

(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)

S4 AcuWVSSchedulerv10; C:\Program Files\Acunetix\Web Vulnerability Scanner 10\WVSScheduler.exe [1750760 2015-06-23] ()
S2 AntiVirMailService; C:\Program Files\Avira\AntiVir Desktop\avmailc.exe [940304 2016-03-08] (Avira Operations GmbH & Co. KG)
R2 AntiVirSchedulerService; C:\Program Files\Avira\AntiVir Desktop\sched.exe [466504 2016-03-08] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files\Avira\AntiVir Desktop\avguard.exe [466504 2016-03-08] (Avira Operations GmbH & Co. KG)
S2 AntiVirWebService; C:\Program Files\Avira\AntiVir Desktop\AVWEBGRD.EXE [1236896 2016-03-08] (Avira Operations GmbH & Co. KG)
R2 Avira.ServiceHost; C:\Program Files\Avira\Launcher\Avira.ServiceHost.exe [260456 2016-01-27] (Avira Operations GmbH & Co. KG)
S4 JavaQuickStarterService; C:\Program Files\Java\jre6\bin\jqs.exe [153376 2015-01-21] (Sun Microsystems, Inc.)
S4 odserv; C:\Program Files\Fichiers communs\Microsoft Shared\OFFICE12\ODSERV.EXE [441136 2006-10-26] (Microsoft Corporation)
S4 ose; C:\Program Files\Fichiers communs\Microsoft Shared\Source Engine\OSE.EXE [145184 2006-10-26] (Microsoft Corporation)
S2 vguyvox; C:\WINDOWS\system32\svchost.exe [14336 2008-04-13] (Microsoft Corporation)

===================== Pilotes (Avec liste blanche) ==========================

(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)

S3 Ambfilt; C:\WINDOWS\System32\drivers\Ambfilt.sys [1691480 2009-11-18] (Creative)
R2 avgntflt; C:\WINDOWS\System32\DRIVERS\avgntflt.sys [109016 2016-03-08] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\WINDOWS\System32\DRIVERS\avipbb.sys [136272 2016-03-08] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\WINDOWS\System32\DRIVERS\avkmgr.sys [37896 2015-05-05] (Avira Operations GmbH & Co. KG)
S3 CCDECODE; C:\WINDOWS\System32\DRIVERS\CCDECODE.sys [17024 2008-04-13] (Microsoft Corporation)
S3 IDMTDI; C:\WINDOWS\System32\DRIVERS\idmtdi.sys [111072 2012-09-24] (Tonec Inc.)
S3 Monfilt; C:\WINDOWS\System32\drivers\Monfilt.sys [1395800 2009-11-18] (Creative Technology Ltd.)
S3 NdisIP; C:\WINDOWS\System32\DRIVERS\NdisIP.sys [10880 2008-04-13] (Microsoft Corporation)
R0 sptd; C:\WINDOWS\System32\Drivers\sptd.sys [443448 2015-06-16] () [Fichier non signé]
R1 ssmdrv; C:\WINDOWS\System32\DRIVERS\ssmdrv.sys [31848 2015-06-09] (Avira Operations GmbH & Co. KG)
S4 IntelIde; pas de ImagePath
S3 mocsavyj; \??\C:\WINDOWS\system32\0AC.tmp [X]
S3 nrpja; \??\C:\WINDOWS\system32\01.tmp [X]
U5 ScsiPort; C:\WINDOWS\system32\drivers\scsiport.sys [96384 2008-04-13] (Microsoft Corporation)
S3 USBAAPL; System32\Drivers\usbaapl.sys [X]

==================== NetSvcs (Avec liste blanche) ===================

(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)

NETSVC: vguyvox -> pas de chemin du fichier.

==================== Un mois - Créés - fichiers et dossiers ========

(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)

2016-03-29 11:44 - 2016-03-29 11:44 - 00000000 ____D C:\FRST
2016-03-28 23:37 - 2016-03-29 00:00 - 356372784 ____R C:\Documents and Settings\cyber\Bureau\[ www.CpasBien.cm ] Scorpion.S02E10.FRENCH.LD.WEB-DL.XviD-ZT.avi
2016-03-28 23:36 - 2016-03-29 00:02 - 363902284 ____R C:\Documents and Settings\cyber\Bureau\[ www.CpasBien.cm ] Scorpion.S02E11.FRENCH.LD.WEB-DL.XviD-ZT.avi
2016-03-27 22:01 - 2016-03-27 22:01 - 00000648 _____ C:\Documents and Settings\cyber\Bureau\Raccourci vers DSC_0011.lnk
2016-03-27 22:01 - 2016-03-27 22:01 - 00000648 _____ C:\Documents and Settings\cyber\Bureau\Raccourci vers DSC_0010.lnk
2016-03-27 14:07 - 2016-03-27 21:34 - 00000000 ____D C:\Documents and Settings\cyber\Mes documents\Téléchargements
2016-03-25 22:33 - 2016-03-25 22:33 - 00000000 ____D C:\Program Files\Fichiers communs\Skype
2016-03-20 20:18 - 2016-03-20 20:18 - 00000000 ____D C:\Program Files\HyperCam 2
2016-03-20 20:18 - 2016-03-20 20:18 - 00000000 ____D C:\Documents and Settings\cyber\Menu Démarrer\Programmes\HyperCam 2
2016-03-15 13:40 - 2016-03-15 13:40 - 00000000 ____D C:\Documents and Settings\cyber\Bureau\musique
2016-03-08 14:29 - 2016-03-08 14:29 - 00090112 _____ C:\WINDOWS\Minidump\Mini030816-01.dmp
2016-03-07 13:12 - 2016-03-07 13:12 - 00000000 ___RD C:\Documents and Settings\LocalService\Favoris
2016-03-07 13:11 - 2016-03-07 13:11 - 00000000 ____D C:\Documents and Settings\LocalService\Application Data\Adobe
2016-03-07 13:08 - 2016-03-07 13:08 - 00000000 ____D C:\TMP
2016-03-06 16:18 - 2016-03-06 16:18 - 00090112 _____ C:\WINDOWS\Minidump\Mini030616-01.dmp
2016-03-04 10:40 - 2016-03-04 10:40 - 00000388 _____ C:\Documents and Settings\cyber\Bureau\Raccourci vers mars-2016.lnk

==================== Un mois - Modifiés - fichiers et dossiers ========

(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)

2016-03-29 11:44 - 2015-01-20 23:18 - 00000000 ____D C:\Documents and Settings\cyber\Local Settings\Temp
2016-03-29 11:28 - 2015-05-07 12:58 - 00001056 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2016-03-29 11:26 - 2015-01-21 15:22 - 00078848 _____ C:\Documents and Settings\cyber\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2016-03-29 11:26 - 2015-01-21 13:52 - 00000000 ____D C:\Documents and Settings\cyber\Application Data\uTorrent
2016-03-29 11:25 - 2016-01-21 15:22 - 00000000 ____D C:\Program Files\Steam
2016-03-29 11:25 - 2015-10-26 11:30 - 00000260 _____ C:\WINDOWS\Tasks\WGASetup.job
2016-03-29 11:25 - 2015-01-20 23:18 - 00000000 ____D C:\Documents and Settings\cyber\Bureau
2016-03-29 11:09 - 2015-01-21 15:01 - 00001148 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-1085031214-1123561945-839522115-1003UA.job
2016-03-29 11:04 - 2015-10-27 11:03 - 00000222 _____ C:\WINDOWS\Tasks\Notification de fin de service de Microsoft Windows XP - à la connexion.job
2016-03-29 11:04 - 2015-05-07 12:58 - 00001052 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2016-03-29 11:04 - 2015-01-20 23:17 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2016-03-29 11:04 - 2002-09-07 01:00 - 00002206 _____ C:\WINDOWS\system32\wpa.dbl
2016-03-29 02:17 - 2015-05-21 21:25 - 00000000 ____D C:\Documents and Settings\cyber\Application Data\vlc
2016-03-29 02:17 - 2015-01-20 23:18 - 00000184 ___SH C:\Documents and Settings\cyber\ntuser.ini
2016-03-29 02:17 - 2015-01-20 23:18 - 00000000 ____D C:\Documents and Settings\cyber
2016-03-29 02:17 - 2015-01-20 23:17 - 00032470 _____ C:\WINDOWS\SchedLgU.Txt
2016-03-28 23:05 - 2015-01-21 15:01 - 00001096 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-1085031214-1123561945-839522115-1003Core.job
2016-03-28 17:31 - 2015-01-20 23:18 - 00000000 ___RD C:\Documents and Settings\cyber\Mes documents
2016-03-27 20:38 - 2015-01-20 23:18 - 00000000 ___HD C:\Documents and Settings\cyber\Voisinage réseau
2016-03-27 14:07 - 2015-01-21 21:52 - 03193290 ___SH C:\Documents and Settings\cyber\Bureau\Thumbs.db
2016-03-26 14:33 - 2015-01-21 17:23 - 00000000 ____D C:\Documents and Settings\cyber\Application Data\Skype
2016-03-26 14:33 - 2015-01-21 12:17 - 00000000 ____D C:\Documents and Settings\All Users\Application Data\Skype
2016-03-26 14:32 - 2015-12-11 18:35 - 00002265 _____ C:\Documents and Settings\All Users\Bureau\Skype.lnk
2016-03-25 22:33 - 2015-12-11 18:35 - 00000000 ___RD C:\Program Files\Skype
2016-03-25 22:33 - 2015-01-20 23:53 - 00000000 ____D C:\Program Files\Fichiers communs
2016-03-24 01:28 - 2015-11-24 01:56 - 00000000 ____D C:\Documents and Settings\cyber\Bureau\Nouveau dossier
2016-03-23 19:36 - 2015-01-22 13:59 - 00002642 _____ C:\Documents and Settings\cyber\Menu Démarrer\µTorrent.lnk
2016-03-21 17:15 - 2015-02-07 21:45 - 00136704 ___SH C:\Documents and Settings\cyber\Mes documents\Thumbs.db
2016-03-20 20:18 - 2015-01-20 23:18 - 00000000 ___RD C:\Documents and Settings\cyber\Menu Démarrer\Programmes
2016-03-17 17:59 - 2015-03-02 18:12 - 00000000 ____D C:\WINDOWS\system32\NtmsData
2016-03-17 17:59 - 2015-01-20 23:05 - 00000000 ____D C:\WINDOWS\Registration
2016-03-13 20:10 - 2016-02-01 16:54 - 00002250 _____ C:\Documents and Settings\cyber\Bureau\Google Chrome.lnk
2016-03-13 20:10 - 2016-01-23 21:56 - 00001713 _____ C:\Documents and Settings\cyber\Bureau\Internet Explorer.lnk
2016-03-13 20:10 - 2015-08-05 21:05 - 00001684 _____ C:\Documents and Settings\cyber\Bureau\Mozilla Firefox.lnk
2016-03-09 14:46 - 2015-01-21 12:15 - 00000000 ____D C:\Documents and Settings\cyber\Mes documents\FFOutput
2016-03-09 12:07 - 2015-01-21 12:16 - 00002288 _____ C:\Documents and Settings\cyber\Menu Démarrer\Programmes\Google Chrome.lnk
2016-03-08 15:00 - 2015-10-27 11:03 - 00000216 _____ C:\WINDOWS\Tasks\Notification de fin de service de Microsoft Windows XP -mensuellement.job
2016-03-08 14:29 - 2015-03-02 18:10 - 00000000 ____D C:\WINDOWS\Minidump
2016-03-08 09:52 - 2015-01-21 12:56 - 00000000 ____D C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Avira
2016-03-08 09:47 - 2015-01-21 13:03 - 00136272 _____ (Avira Operations GmbH & Co. KG) C:\WINDOWS\system32\Drivers\avipbb.sys
2016-03-08 09:47 - 2015-01-21 13:03 - 00109016 _____ (Avira Operations GmbH & Co. KG) C:\WINDOWS\system32\Drivers\avgntflt.sys
2016-03-07 19:27 - 2015-05-30 13:35 - 00000000 ____D C:\Program Files\Recuva
2016-03-07 13:12 - 2015-01-20 23:17 - 00000000 __SHD C:\Documents and Settings\LocalService

==================== Fichiers à la racine de certains dossiers =======

2015-01-21 15:22 - 2016-03-29 11:26 - 0078848 _____ () C:\Documents and Settings\cyber\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2015-09-23 01:28 - 2015-09-23 01:28 - 0000036 _____ () C:\Documents and Settings\cyber\Local Settings\Application Data\housecall.guid.cache

Certains fichiers dans TEMP:
====================
C:\Documents and Settings\cyber\Local Settings\Temp\avgnt.exe
C:\Documents and Settings\cyber\Local Settings\Temp\SkypeSetup.exe
C:\Documents and Settings\cyber\Local Settings\Temp\utt517.tmp.exe


==================== Bamital & volsnap =================

(Il n'y a pas de correction automatique pour les fichiers qui ne satisfont pas à la vérification.)

C:\WINDOWS\explorer.exe => Le fichier est signé numériquement
C:\WINDOWS\system32\winlogon.exe => Le fichier est signé numériquement
C:\WINDOWS\system32\svchost.exe => Le fichier est signé numériquement
C:\WINDOWS\system32\services.exe => Le fichier est signé numériquement
C:\WINDOWS\system32\User32.dll => Le fichier est signé numériquement
C:\WINDOWS\system32\userinit.exe => Le fichier est signé numériquement
C:\WINDOWS\system32\rpcss.dll => Le fichier est signé numériquement
C:\WINDOWS\system32\dnsapi.dll => Le fichier est signé numériquement
C:\WINDOWS\system32\Drivers\volsnap.sys => Le fichier est signé numériquement

==================== Fin de FRST.txt ============================

Publicité


Signaler le contenu de ce document

Publicité