cjoint

Publicité


Publicité

Format du document : text/plain

Prévisualisation

Résultats d'analyse de Farbar Recovery Scan Tool (FRST) (x86) Version:05-03-2016 01
Exécuté par Poppy (administrateur) sur PC-DE-POPPY (13-03-2016 09:58:21)
Exécuté depuis C:\Users\Poppy\Desktop
Profils chargés: Poppy (Profils disponibles: Poppy)
Platform: Microsoft® Windows Vista™ Édition Familiale Premium Service Pack 2 (X86) Langue: Français (France)
Internet Explorer Version 9 (Navigateur par défaut: Chrome)
Mode d'amorçage: Normal
Tutoriel pour Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processus (Avec liste blanche) =================

(Si un élément est inclus dans le fichier fixlist.txt, le processus sera arrêté. Le fichier ne sera pas déplacé.)

(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
(AMD) C:\Windows\System32\atiesrxx.exe
(Microsoft Corporation) C:\Windows\System32\SLsvc.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jusched.exe
(RealNetworks, Inc.) C:\Program Files\Real\RealPlayer\Update\realsched.exe
(Advanced Micro Devices, Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
(O2Micro International) C:\Program Files\O2Micro Flash Memory Card Driver\o2flash.exe
() C:\Program Files\RealNetworks\RealDownloader\rndlresolversvc.exe
(Ulead Systems, Inc.) C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
(Microsoft Corp.) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE
(Conexant Systems, Inc.) C:\Windows\System32\drivers\XAudio.exe
(Microsoft Corp.) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVCM.EXE
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner.exe
(Microsoft Corporation) C:\Windows\System32\wbem\unsecapp.exe
(Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jucheck.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\Launcher\Avira.ServiceHost.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\Launcher\Avira.Systray.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\Antivirus\avguard.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\Antivirus\avshadow.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\Antivirus\sched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\Antivirus\avgnt.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\conime.exe


==================== Registre (Avec liste blanche) ===========================

(Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé. Le fichier ne sera pas déplacé.)

HKLM\...\Run: [Windows Defender] => C:\Program Files\Windows Defender\MSASCui.exe [1008184 2008-01-21] (Microsoft Corporation)
HKLM\...\Run: [] => [X]
HKLM\...\Run: [SunJavaUpdateSched] => C:\Program Files\Common Files\Java\Java Update\jusched.exe [596528 2015-10-06] (Oracle Corporation)
HKLM\...\Run: [TkBellExe] => C:\Program Files\Real\RealPlayer\update\realsched.exe [295072 2013-01-06] (RealNetworks, Inc.)
HKLM\...\Run: [Avira SystrayStartTrigger] => C:\Program Files\Avira\Launcher\Avira.SystrayStartTrigger.exe [66328 2016-01-27] (Avira Operations GmbH & Co. KG)
HKLM\...\Run: [avgnt] => C:\Program Files\Avira\Antivirus\avgnt.exe [804168 2016-02-18] (Avira Operations GmbH & Co. KG)
HKU\S-1-5-21-1100827013-3711432402-1006570387-1000\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner.exe [5529880 2015-03-13] (Piriform Ltd)
HKU\S-1-5-21-1100827013-3711432402-1006570387-1000\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\system32\PhotoScreensaver.scr [704512 2009-04-11] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => Pas de fichier
Startup: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\TRDCReminder.lnk [2008-05-29]
ShortcutTarget: TRDCReminder.lnk -> C:\Program Files\Toshiba\TRDCReminder\TRDCReminder.exe (TOSHIBA Europe)
Startup: C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\TRDCReminder.lnk [2008-05-29]
ShortcutTarget: TRDCReminder.lnk -> C:\Program Files\Toshiba\TRDCReminder\TRDCReminder.exe (TOSHIBA Europe)
CHR HKLM\SOFTWARE\Policies\Google: Restriction <======= ATTENTION
CHR HKU\S-1-5-21-1100827013-3711432402-1006570387-1000\SOFTWARE\Policies\Google: Restriction <======= ATTENTION

==================== Internet (Avec liste blanche) ====================

(Si un élément est inclus dans le fichier fixlist.txt, s'il s'agit d'un élément du Registre, il sera supprimé ou restauré à la valeur par défaut.)

Winsock: Catalog9 01 C:\Program Files\Avira\Antivirus\avsda.dll [507984 2016-02-18] (Avira Operations GmbH & Co. KG)
Winsock: Catalog9 02 C:\Program Files\Avira\Antivirus\avsda.dll [507984 2016-02-18] (Avira Operations GmbH & Co. KG)
Winsock: Catalog9 03 C:\Program Files\Avira\Antivirus\avsda.dll [507984 2016-02-18] (Avira Operations GmbH & Co. KG)
Winsock: Catalog9 04 C:\Program Files\Avira\Antivirus\avsda.dll [507984 2016-02-18] (Avira Operations GmbH & Co. KG)
Winsock: Catalog9 05 C:\Program Files\Avira\Antivirus\avsda.dll [507984 2016-02-18] (Avira Operations GmbH & Co. KG)
Winsock: Catalog9 06 C:\Program Files\Avira\Antivirus\avsda.dll [507984 2016-02-18] (Avira Operations GmbH & Co. KG)
Winsock: Catalog9 07 C:\Program Files\Avira\Antivirus\avsda.dll [507984 2016-02-18] (Avira Operations GmbH & Co. KG)
Winsock: Catalog9 08 C:\Program Files\Avira\Antivirus\avsda.dll [507984 2016-02-18] (Avira Operations GmbH & Co. KG)
Winsock: Catalog9 29 C:\Program Files\Avira\Antivirus\avsda.dll [507984 2016-02-18] (Avira Operations GmbH & Co. KG)
Tcpip\Parameters: [DhcpNameServer] 89.2.0.1 89.2.0.2
Tcpip\..\Interfaces\{6F3F245E-E11F-4655-83ED-07AC2B174BC5}: [DhcpNameServer] 89.2.0.1 89.2.0.2
Tcpip\..\Interfaces\{DA61D57B-5450-4E92-9FA4-5CA1B5ECA64B}: [DhcpNameServer] 89.2.0.1 89.2.0.2

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://www.google.com/?trackid=sp-006
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxps://www.google.com/search?trackid=sp-006&q={searchTerms}
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKU\S-1-5-21-1100827013-3711432402-1006570387-1000\Software\Microsoft\Internet Explorer\Main,Search Page = hxxps://www.google.com/search?trackid=sp-006&q={searchTerms}
HKU\S-1-5-21-1100827013-3711432402-1006570387-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://www.google.com/?trackid=sp-006
HKU\S-1-5-21-1100827013-3711432402-1006570387-1000\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxps://www.google.com/?trackid=sp-006
SearchScopes: HKLM -> {DC91FAFB-6CEA-49E5-BB74-9CEE75D09B77} URL =
SearchScopes: HKLM -> {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL = hxxps://www.google.com/search?trackid=sp-006&q={searchTerms}
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-1100827013-3711432402-1006570387-1000 -> {DC91FAFB-6CEA-49E5-BB74-9CEE75D09B77} URL =
SearchScopes: HKU\S-1-5-21-1100827013-3711432402-1006570387-1000 -> {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL = hxxps://www.google.com/search?trackid=sp-006&q={searchTerms}
SearchScopes: HKU\S-1-5-21-1100827013-3711432402-1006570387-1000 -> ÛŸÆîZ§’2¹Þpv¨IÍá*X(Ž2s(ÛÎÀJºÔÓµ± vË°!×—(ä¼48иpatm6êo^Mp`Ëõ÷_i£w˜¾!„Áû†x¢8€ÙjÀÿþ ´Ñ;áa´[¦†8 º~RÙxœòÜ8'£-)x­ä­ URL =
BHO: RealNetworks Download and Record Plugin for Internet Explorer -> {3049C3E9-B461-4BC5-8870-4C09146192CA} -> C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin.dll [2012-11-29] (RealDownloader)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_66\bin\ssv.dll [2015-11-15] (Oracle Corporation)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28] (Microsoft Corp.)
BHO: Windows Live Messenger Companion Helper -> {9FDDE16B-836F-4806-AB1F-1455CBEFF289} -> C:\Program Files\Windows Live\Companion\companioncore.dll [2012-03-08] (Microsoft Corporation)
BHO: Skype Browser Helper -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll [2012-01-17] (Skype Technologies S.A.)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_66\bin\jp2ssv.dll [2015-11-15] (Oracle Corporation)
Toolbar: HKU\S-1-5-21-1100827013-3711432402-1006570387-1000 -> Pas de nom - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - Pas de fichier
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.8.0/jinstall-1_8_0_45-windows-i586.cab
DPF: {CAFEEFAC-0018-0000-0045-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.8.0/jinstall-1_8_0_45-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.8.0/jinstall-1_8_0_45-windows-i586.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
Handler: livecall - {828030A1-22C1-4009-854F-8E305202313F} - Pas de fichier
Handler: ms-itss - {0A9007C0-4076-11D3-8789-0000F8105754} - c:\Program Files\Common Files\Microsoft Shared\Information Retrieval\msitss.dll [2007-06-08] (Microsoft Corporation)
Handler: msnim - {828030A1-22C1-4009-854F-8E305202313F} - Pas de fichier
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll [2012-01-17] (Skype Technologies S.A.)
StartMenuInternet: IEXPLORE.EXE - iexplore.exe

FireFox:
========
FF ProfilePath: C:\Users\Poppy\AppData\Roaming\Mozilla\Firefox\Profiles\hhctf8hf.default
FF Plugin: @java.com/DTPlugin,version=11.66.2 -> C:\Program Files\Java\jre1.8.0_66\bin\dtplugin\npDeployJava1.dll [2015-11-15] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.66.2 -> C:\Program Files\Java\jre1.8.0_66\bin\plugin2\npjp2.dll [2015-11-15] (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.41212.0\npctrl.dll [2015-12-11] ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeLive,version=1.5 -> C:\Program Files\Microsoft\Office Live\npOLW.dll [2010-04-26] (Microsoft Corp.)
FF Plugin: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll [2012-03-08] (Microsoft Corporation)
FF Plugin: @microsoft.com/WLPG,version=15.4.3508.1109 -> C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll [2012-03-08] (Microsoft Corporation)
FF Plugin: @microsoft.com/WLPG,version=15.4.3538.0513 -> C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll [2012-03-08] (Microsoft Corporation)
FF Plugin: @microsoft.com/WLPG,version=15.4.3555.0308 -> C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll [2012-03-08] (Microsoft Corporation)
FF Plugin: @microsoft.com/WPF,version=3.5 -> C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll [2008-07-29] (Microsoft Corporation)
FF Plugin: @real.com/nppl3260;version=16.0.0.282 -> c:\program files\real\realplayer\Netscape6\nppl3260.dll [2013-01-06] (RealNetworks, Inc.)
FF Plugin: @real.com/nprndlchromebrowserrecordext;version=1.3.0 -> C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlchromebrowserrecordext.dll [2012-11-29] (RealNetworks, Inc.)
FF Plugin: @real.com/nprndlhtml5videoshim;version=1.3.0 -> C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlhtml5videoshim.dll [2012-11-29] (RealNetworks, Inc.)
FF Plugin: @real.com/nprndlpepperflashvideoshim;version=1.3.0 -> C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlpepperflashvideoshim.dll [2012-11-29] (RealNetworks, Inc.)
FF Plugin: @real.com/nprpplugin;version=16.0.0.282 -> c:\program files\real\realplayer\Netscape6\nprpplugin.dll [2013-01-06] (RealPlayer)
FF Plugin: @realnetworks.com/npdlplugin;version=1 -> C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\npdlplugin.dll [2012-11-29] (RealDownloader)
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-03-10] (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-03-10] (Google Inc.)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll [2015-09-24] (Adobe Systems Inc.)
FF Extension: Avira Browser Safety - C:\Users\Poppy\AppData\Roaming\Mozilla\Firefox\Profiles\hhctf8hf.default\Extensions\abs@avira.com.xpi [2016-03-13]
FF Extension: Default - C:\Program Files\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}.xpi [2016-03-04] [non signé]
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF Extension: Microsoft .NET Framework Assistant - C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension [2009-09-02] [non signé]
FF HKLM\...\Firefox\Extensions: [{34712C68-7391-4c47-94F3-8F88D49AD632}] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext
FF Extension: RealDownloader - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext [2013-01-06] [non signé]
FF HKLM\...\Firefox\Extensions: [{ABDE892B-13A8-4d1b-88E6-365A6E755758}] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext

Chrome:
=======
CHR Profile: C:\Users\Poppy\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Appel Skype) - C:\Users\Poppy\AppData\Local\Google\Chrome\User Data\Default\Extensions\blakpkgjpemejpbmfiglncklihnhjkij [2015-11-04]
CHR Extension: (Adblock Plus) - C:\Users\Poppy\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2016-03-13]
CHR Extension: (Paiements via le Chrome Web Store) - C:\Users\Poppy\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-07-27]
CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx

==================== Services (Avec liste blanche) ========================

(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)

R2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [291840 2013-04-29] (Advanced Micro Devices, Inc.) [Fichier non signé]
S2 AntiVirMailService; C:\Program Files\Avira\Antivirus\avmailc.exe [930944 2016-02-18] (Avira Operations GmbH & Co. KG)
R2 AntiVirSchedulerService; C:\Program Files\Avira\Antivirus\sched.exe [466408 2016-02-18] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files\Avira\Antivirus\avguard.exe [466408 2016-02-18] (Avira Operations GmbH & Co. KG)
S2 AntiVirWebService; C:\Program Files\Avira\Antivirus\AVWEBGRD.EXE [1223920 2016-02-18] (Avira Operations GmbH & Co. KG)
R2 Avira.ServiceHost; C:\Program Files\Avira\Launcher\Avira.ServiceHost.exe [260456 2016-01-27] (Avira Operations GmbH & Co. KG)
S4 ConfigFree Service; C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe [40960 2008-04-16] (TOSHIBA CORPORATION) [Fichier non signé]
S3 GoogleDesktopManager; C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe [1836544 2008-05-29] (Google) [Fichier non signé]
S3 IDriverT; C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-03] (Macrovision Corporation) [Fichier non signé]
S3 IJPLMSVC; C:\Program Files\Canon\IJPLM\IJPLMSVC.EXE [103808 2008-01-22] ()
S2 MsMpSvc; C:\Program Files\Microsoft Security Client\MsMpEng.exe [22216 2016-01-29] (Microsoft Corporation)
R2 o2flash; C:\Program Files\O2Micro Flash Memory Card Driver\o2flash.exe [65536 2007-02-12] (O2Micro International) [Fichier non signé]
R2 RealNetworks Downloader Resolver Service; C:\Program Files\RealNetworks\RealDownloader\rndlresolversvc.exe [38608 2012-11-29] ()
S4 SmartFaceVWatchSrv; C:\Program Files\Toshiba\SmartFaceV\SmartFaceVWatchSrv.exe [73728 2008-04-24] (Toshiba) [Fichier non signé]
S4 TempoMonitoringService; C:\Program Files\Toshiba TEMPRO\TempoSVC.exe [99720 2008-04-24] (Toshiba Europe GmbH)
S4 TOSHIBA SMART Log Service; C:\Program Files\TOSHIBA\SMARTLogService\TosIPCSrv.exe [126976 2007-12-03] (TOSHIBA Corporation) [Fichier non signé]
R2 UleadBurningHelper; C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe [49152 2006-08-23] (Ulead Systems, Inc.) [Fichier non signé]
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [272952 2008-01-21] (Microsoft Corporation)

===================== Pilotes (Avec liste blanche) ==========================

(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)

R3 AtiHDAudioService; C:\Windows\System32\drivers\AtihdLH3.sys [83984 2012-02-23] (Advanced Micro Devices)
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [106968 2016-02-18] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [135760 2016-02-18] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [37896 2016-02-18] (Avira Operations GmbH & Co. KG)
R1 BTOWSFF; C:\Windows\system32\Drivers\BTOWSFF.sys [27200 2013-01-08] (Toolwiz.com)
R0 BTOWSVF; C:\Windows\System32\Drivers\BTOWSVF.sys [43584 2013-01-08] (Toolwiz.com)
R0 KSafeDISK; C:\Windows\System32\Drivers\KSafeDISK.sys [48192 2013-01-08] (Toolwiz.com)
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [253704 2015-11-13] (Microsoft Corporation)
R3 QIOMem; C:\Windows\System32\DRIVERS\QIOMem.sys [8192 2007-04-09] (TOSHIBA)
R3 RTL8187B; C:\Windows\System32\DRIVERS\RTL8187B.sys [292864 2008-03-18] (Realtek Semiconductor Corporation )
R1 RtlProt; C:\Windows\System32\DRIVERS\rtlprot.sys [25896 2007-04-23] (Windows (R) Codename Longhorn DDK provider)
S1 ssmdrv; C:\Windows\System32\DRIVERS\ssmdrv.sys [31848 2016-02-18] (Avira Operations GmbH & Co. KG)
R3 UVCFTR; C:\Windows\System32\Drivers\UVCFTR_S.SYS [18432 2007-12-17] (Chicony Electronics Co., Ltd.)
S3 IpInIp; system32\DRIVERS\ipinip.sys [X]
S3 NwlnkFlt; system32\DRIVERS\nwlnkflt.sys [X]
S3 NwlnkFwd; system32\DRIVERS\nwlnkfwd.sys [X]
S3 Tosrfcom; pas de ImagePath

==================== NetSvcs (Avec liste blanche) ===================

(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)


==================== Un mois - Créés - fichiers et dossiers ========

(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)

2016-03-13 09:58 - 2016-03-13 10:00 - 00019949 _____ C:\Users\Poppy\Desktop\FRST.txt
2016-03-13 09:58 - 2016-03-13 09:58 - 00000000 ____D C:\FRST
2016-03-13 09:57 - 2016-03-13 09:57 - 01725440 _____ (Farbar) C:\Users\Poppy\Desktop\FRST.exe
2016-03-13 09:24 - 2016-03-13 09:24 - 00000000 ____D C:\Users\Poppy\AppData\Roaming\Avira
2016-03-13 08:15 - 2016-02-18 09:49 - 00135760 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avipbb.sys
2016-03-13 08:15 - 2016-02-18 09:49 - 00106968 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avgntflt.sys
2016-03-13 08:15 - 2016-02-18 09:49 - 00037896 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avkmgr.sys
2016-03-13 08:15 - 2016-02-18 09:49 - 00031848 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\ssmdrv.sys
2016-03-13 08:08 - 2016-03-13 08:17 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2016-03-13 08:08 - 2016-03-13 08:15 - 00000000 ____D C:\Program Files\Avira
2016-03-13 08:08 - 2016-03-13 08:08 - 00001010 _____ C:\Users\Public\Desktop\Avira Launcher.lnk
2016-03-13 08:07 - 2016-03-13 08:17 - 00000000 ____D C:\ProgramData\Avira
2016-03-13 08:07 - 2016-03-13 08:07 - 00000000 ____D C:\ProgramData\Package Cache
2016-03-13 08:05 - 2016-03-13 08:06 - 05404312 _____ (Avira Operations GmbH & Co. KG) C:\Users\Poppy\Downloads\avira_fr_av_56e51125086e7__ws.exe
2016-03-13 07:48 - 2016-03-13 07:48 - 05956080 _____ (AVAST Software) C:\Users\Poppy\Desktop\avastclear(1).exe
2016-03-12 21:16 - 2016-03-12 21:23 - 201900432 _____ (AVAST Software) C:\Users\Poppy\Downloads\avast_free_antivirus_setup.exe
2016-03-12 07:50 - 2016-03-12 07:51 - 11614040 _____ (Microsoft Corporation) C:\Users\Poppy\Desktop\mseinstall.exe
2016-03-12 03:44 - 2016-02-19 22:34 - 01208776 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2016-03-12 03:44 - 2016-02-06 03:12 - 00783872 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2016-03-12 03:44 - 2016-02-06 03:11 - 00802304 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
2016-03-12 03:44 - 2016-02-06 03:11 - 00049664 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2016-03-12 03:44 - 2016-02-06 01:32 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2016-03-12 03:43 - 2016-02-06 03:17 - 03609024 _____ (Microsoft Corporation) C:\Windows\system32\ntkrnlpa.exe
2016-03-12 03:43 - 2016-02-06 03:17 - 03556800 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2016-03-12 03:43 - 2015-11-20 15:15 - 00922432 _____ (Microsoft Corporation) C:\Windows\system32\ucrtbase.dll
2016-03-12 03:43 - 2015-11-20 15:15 - 00066400 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-private-l1-1-0.dll
2016-03-12 03:43 - 2015-11-20 15:15 - 00022368 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-math-l1-1-0.dll
2016-03-12 03:43 - 2015-11-20 15:15 - 00019808 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-multibyte-l1-1-0.dll
2016-03-12 03:43 - 2015-11-20 15:15 - 00017760 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-string-l1-1-0.dll
2016-03-12 03:43 - 2015-11-20 15:15 - 00017760 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-stdio-l1-1-0.dll
2016-03-12 03:43 - 2015-11-20 15:15 - 00016224 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-runtime-l1-1-0.dll
2016-03-12 03:43 - 2015-11-20 15:15 - 00015712 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-convert-l1-1-0.dll
2016-03-12 03:43 - 2015-11-20 15:15 - 00015200 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2016-03-12 03:43 - 2015-11-20 15:15 - 00014176 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-time-l1-1-0.dll
2016-03-12 03:43 - 2015-11-20 15:15 - 00014176 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-2-0.dll
2016-03-12 03:43 - 2015-11-20 15:15 - 00013664 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-filesystem-l1-1-0.dll
2016-03-12 03:43 - 2015-11-20 15:15 - 00013664 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2016-03-12 03:43 - 2015-11-20 15:15 - 00013664 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2016-03-12 03:43 - 2015-11-20 15:15 - 00012640 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-process-l1-1-0.dll
2016-03-12 03:43 - 2015-11-20 15:15 - 00012640 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-heap-l1-1-0.dll
2016-03-12 03:43 - 2015-11-20 15:15 - 00012640 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-conio-l1-1-0.dll
2016-03-12 03:43 - 2015-11-20 15:15 - 00012640 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2016-03-12 03:43 - 2015-11-20 15:15 - 00012640 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2016-03-12 03:43 - 2015-11-20 15:15 - 00012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-utility-l1-1-0.dll
2016-03-12 03:43 - 2015-11-20 15:15 - 00012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-locale-l1-1-0.dll
2016-03-12 03:43 - 2015-11-20 15:15 - 00012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-environment-l1-1-0.dll
2016-03-12 03:43 - 2015-11-20 15:15 - 00012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-2-0.dll
2016-03-12 03:43 - 2015-11-20 15:15 - 00012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-1.dll
2016-03-12 03:43 - 2015-11-20 15:15 - 00012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2016-03-12 03:43 - 2015-11-20 15:15 - 00012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2016-03-12 03:43 - 2015-11-20 15:15 - 00012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2016-03-12 03:43 - 2015-11-20 15:15 - 00012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2016-03-12 03:43 - 2015-11-20 15:15 - 00012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2016-03-12 03:43 - 2015-11-20 15:15 - 00011616 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l2-1-0.dll
2016-03-12 03:43 - 2015-11-20 15:15 - 00011616 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2016-03-12 03:43 - 2015-11-20 15:15 - 00011616 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-timezone-l1-1-0.dll
2016-03-12 03:43 - 2015-11-20 15:15 - 00011616 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2016-03-12 03:43 - 2015-11-20 15:15 - 00011616 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2016-03-12 03:43 - 2015-11-20 15:15 - 00011616 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2016-03-12 03:43 - 2015-11-20 15:15 - 00011616 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l2-1-0.dll
2016-03-12 03:43 - 2015-11-20 15:15 - 00011616 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-2-0.dll
2016-03-12 03:43 - 2015-11-20 15:15 - 00011616 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2016-03-12 03:43 - 2015-11-20 15:15 - 00011616 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2016-03-12 03:43 - 2015-11-20 15:15 - 00011616 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2016-03-12 03:43 - 2015-11-20 15:15 - 00011104 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2016-03-12 03:43 - 2015-11-20 15:15 - 00011104 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2016-03-12 03:37 - 2016-02-06 03:12 - 00019968 _____ (Microsoft Corporation) C:\Windows\system32\seclogon.dll
2016-03-12 03:36 - 2016-02-06 03:11 - 00034304 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2016-03-12 03:36 - 2016-02-06 01:33 - 00297472 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2016-03-12 03:33 - 2016-02-02 16:30 - 00071680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\USBSTOR.SYS
2016-03-12 03:31 - 2016-02-03 18:06 - 00564736 _____ (Microsoft Corporation) C:\Windows\system32\oleaut32.dll
2016-03-12 03:31 - 2016-02-03 18:06 - 00089600 _____ (Microsoft Corporation) C:\Windows\system32\olepro32.dll
2016-03-12 03:31 - 2016-02-03 18:05 - 00067072 _____ (Microsoft Corporation) C:\Windows\system32\asycfilt.dll
2016-03-12 03:03 - 2016-02-04 16:25 - 02068992 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2016-03-11 08:41 - 2016-03-13 07:58 - 00000000 ____D C:\Program Files\AVAST Software
2016-03-11 08:38 - 2016-03-11 08:38 - 05956080 _____ (AVAST Software) C:\Users\Poppy\Downloads\avastclear.exe
2016-03-11 08:09 - 2016-03-11 08:08 - 00001804 _____ C:\Users\Poppy\Desktop\ZHPFixReport.txt
2016-03-11 08:06 - 2016-03-11 08:07 - 00000000 ____D C:\Program Files\ZHPFix
2016-03-11 08:06 - 2016-03-11 08:06 - 00001639 _____ C:\Users\Public\Desktop\ZHPFix.lnk
2016-03-11 08:06 - 2016-03-11 08:06 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ZHP
2016-03-11 08:05 - 2016-03-11 08:05 - 03521617 _____ (Nicolas Coolman ) C:\Users\Poppy\Downloads\ZHPFix.exe
2016-03-11 07:59 - 2016-03-11 07:59 - 00448512 _____ (OldTimer Tools) C:\Users\Poppy\Desktop\TFC.exe
2016-03-11 03:08 - 2016-02-09 01:17 - 01815552 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2016-03-11 03:08 - 2016-02-09 01:15 - 12392960 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2016-03-11 03:08 - 2016-02-09 01:13 - 00367616 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2016-03-11 03:08 - 2016-02-09 01:12 - 09753600 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2016-03-11 03:08 - 2016-02-09 01:12 - 01140224 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2016-03-11 03:08 - 2016-02-09 01:11 - 01129472 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2016-03-11 03:08 - 2016-02-09 01:10 - 01804800 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2016-03-11 03:08 - 2016-02-09 01:10 - 01427968 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2016-03-11 03:08 - 2016-02-09 01:10 - 00718848 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2016-03-11 03:08 - 2016-02-09 01:10 - 00424960 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2016-03-11 03:08 - 2016-02-09 01:10 - 00231936 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2016-03-11 03:08 - 2016-02-09 01:10 - 00142848 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2016-03-11 03:08 - 2016-02-09 01:10 - 00065536 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2016-03-11 03:08 - 2016-02-09 01:09 - 02382848 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2016-03-11 03:08 - 2016-02-09 01:09 - 00607744 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2016-03-11 03:08 - 2016-02-09 01:09 - 00353792 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2016-03-11 03:08 - 2016-02-09 01:09 - 00223232 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2016-03-11 03:08 - 2016-02-09 01:09 - 00176640 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2016-03-11 03:08 - 2016-02-09 01:09 - 00073216 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2016-03-11 03:08 - 2016-02-09 01:09 - 00041472 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll
2016-03-11 03:08 - 2016-02-09 01:09 - 00011776 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe
2016-03-11 03:08 - 2016-02-09 01:09 - 00010752 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe
2016-03-10 22:57 - 2016-03-10 22:57 - 00163582 _____ C:\Users\Poppy\Desktop\ZHPDiag.txt
2016-03-10 22:50 - 2016-03-10 22:50 - 00000731 _____ C:\Users\Poppy\Desktop\ZHPDiag.lnk
2016-03-10 22:49 - 2016-03-10 22:49 - 02148352 _____ C:\Users\Poppy\Downloads\ZHPDiag3.exe
2016-03-10 22:42 - 2016-03-10 22:42 - 00001986 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-03-10 22:42 - 2016-03-10 22:42 - 00001974 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2016-03-10 22:39 - 2016-03-13 09:44 - 00001054 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2016-03-10 22:39 - 2016-03-13 08:00 - 00001050 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2016-03-10 22:38 - 2016-03-10 22:38 - 00987728 _____ (Google Inc.) C:\Users\Poppy\Downloads\ChromeSetup(1).exe
2016-03-10 22:00 - 2016-03-10 22:01 - 05207096 _____ (AVAST Software) C:\Users\Poppy\Downloads\avast_free_antivirus_setup_online(4).exe
2016-03-10 21:55 - 2016-03-10 21:55 - 05207096 _____ (AVAST Software) C:\Users\Poppy\Downloads\avast_free_antivirus_setup_online(3).exe
2016-03-10 21:21 - 2016-03-10 21:21 - 05207096 _____ (AVAST Software) C:\Users\Public\Desktop\avast_free_antivirus_setup_online(2).exe
2016-03-10 21:21 - 2016-03-10 21:21 - 05207096 _____ (AVAST Software) C:\Users\Poppy\Downloads\avast_free_antivirus_setup_online(2).exe
2016-03-10 21:19 - 2016-03-10 21:20 - 05207096 _____ (AVAST Software) C:\Users\Public\Desktop\avast_free_antivirus_setup_online(1).exe
2016-03-10 21:19 - 2016-03-10 21:20 - 05207096 _____ (AVAST Software) C:\Users\Poppy\Downloads\avast_free_antivirus_setup_online(1).exe
2016-03-10 21:04 - 2016-03-10 21:04 - 05207096 _____ (AVAST Software) C:\Users\Poppy\Downloads\avast_free_antivirus_setup_online.exe
2016-03-10 21:00 - 2016-03-10 21:01 - 00000000 ____D C:\Users\Poppy\AppData\Roaming\Mozilla
2016-03-10 21:00 - 2016-03-10 21:00 - 00000000 ____D C:\Users\Poppy\AppData\Local\Mozilla
2016-03-10 20:59 - 2016-03-10 20:59 - 00000863 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2016-03-10 20:59 - 2016-03-10 20:59 - 00000851 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk
2016-03-10 20:59 - 2016-03-10 20:59 - 00000000 ____D C:\Program Files\Mozilla Maintenance Service
2016-02-24 11:27 - 2016-01-30 04:09 - 00429056 _____ (Microsoft Corporation) C:\Windows\system32\EncDec.dll
2016-02-24 11:27 - 2016-01-30 04:09 - 00324608 _____ (Microsoft Corporation) C:\Windows\system32\sdohlp.dll
2016-02-24 11:27 - 2016-01-30 04:09 - 00323072 _____ (Microsoft Corporation) C:\Windows\system32\sbe.dll
2016-02-24 11:27 - 2016-01-30 04:09 - 00293376 _____ (Microsoft Corporation) C:\Windows\system32\psisdecd.dll
2016-02-24 11:27 - 2016-01-30 04:09 - 00217600 _____ (Microsoft Corporation) C:\Windows\system32\psisrndr.ax
2016-02-24 11:27 - 2016-01-30 04:09 - 00153088 _____ (Microsoft Corporation) C:\Windows\system32\sbeio.dll
2016-02-24 11:27 - 2016-01-30 04:08 - 00180224 _____ (Microsoft Corporation) C:\Windows\system32\msorcl32.dll
2016-02-24 11:27 - 2016-01-30 04:08 - 00119296 _____ (Microsoft Corporation) C:\Windows\system32\iasrecst.dll
2016-02-24 11:27 - 2016-01-30 04:08 - 00107520 _____ (Microsoft Corporation) C:\Windows\system32\mtxoci.dll
2016-02-24 11:27 - 2016-01-30 04:08 - 00080896 _____ (Microsoft Corporation) C:\Windows\system32\MSNP.ax
2016-02-24 11:27 - 2016-01-30 04:08 - 00069632 _____ (Microsoft Corporation) C:\Windows\system32\Mpeg2Data.ax
2016-02-24 11:27 - 2016-01-30 04:08 - 00057856 _____ (Microsoft Corporation) C:\Windows\system32\MSDvbNP.ax
2016-02-24 11:27 - 2016-01-30 04:08 - 00057344 _____ (Microsoft Corporation) C:\Windows\system32\iasads.dll
2016-02-24 11:27 - 2016-01-30 04:08 - 00048128 _____ (Microsoft Corporation) C:\Windows\system32\iasdatastore.dll
2016-02-24 11:27 - 2016-01-30 02:32 - 00017408 _____ (Microsoft Corporation) C:\Windows\system32\iashost.exe
2016-02-24 11:24 - 2016-01-30 04:09 - 01316864 _____ (Microsoft Corporation) C:\Windows\system32\ole32.dll
2016-02-24 11:24 - 2016-01-30 04:08 - 00894976 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2016-02-24 11:01 - 2016-01-07 16:18 - 00115200 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxdav.sys
2016-02-24 10:58 - 2016-01-09 18:06 - 00501760 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2016-02-21 19:10 - 2016-02-21 19:11 - 00000000 ____D C:\Program Files\GUMA83F.tmp
2016-02-21 19:10 - 2016-02-21 19:10 - 06871040 _____ C:\Program Files\GUTAAD0.tmp

==================== Un mois - Modifiés - fichiers et dossiers ========

(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)

2016-03-13 08:17 - 2006-11-02 12:18 - 00000000 ____D C:\Windows\inf
2016-03-13 08:07 - 2008-01-21 09:41 - 01616032 _____ C:\Windows\system32\PerfStringBackup.INI
2016-03-13 08:07 - 2008-01-21 09:40 - 00722518 _____ C:\Windows\system32\perfh00C.dat
2016-03-13 08:07 - 2008-01-21 09:40 - 00146320 _____ C:\Windows\system32\perfc00C.dat
2016-03-13 08:00 - 2006-11-02 14:01 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2016-03-13 08:00 - 2006-11-02 13:47 - 00003616 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
2016-03-13 08:00 - 2006-11-02 13:47 - 00003616 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
2016-03-13 07:58 - 2010-01-02 19:44 - 00001356 _____ C:\Users\Poppy\AppData\Local\d3d9caps.dat
2016-03-13 07:54 - 2006-11-02 14:01 - 00032502 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2016-03-12 11:38 - 2013-01-08 16:34 - 00000440 ____H C:\Windows\Tasks\Norton Security Scan for Poppy.job
2016-03-12 08:49 - 2011-01-28 19:18 - 00001912 _____ C:\Windows\epplauncher.mif
2016-03-12 08:41 - 2008-07-19 16:28 - 00008554 _____ C:\Users\Poppy\AppData\Roaming\wklnhst.dat
2016-03-12 04:23 - 2006-11-02 12:18 - 00000000 ____D C:\Windows\rescache
2016-03-12 04:07 - 2006-11-02 13:47 - 00350904 _____ C:\Windows\system32\FNTCACHE.DAT
2016-03-12 04:03 - 2006-11-02 13:37 - 00000000 ____D C:\Windows\system32\XPSViewer
2016-03-12 04:03 - 2006-11-02 12:18 - 00000000 ____D C:\Program Files\Common Files\System
2016-03-12 03:26 - 2013-08-15 12:13 - 00000000 ____D C:\Windows\system32\MRT
2016-03-12 03:06 - 2006-11-02 11:24 - 141270216 _____ (Microsoft Corporation) C:\Windows\system32\mrt.exe
2016-03-11 08:09 - 2015-04-17 19:15 - 00000000 ____D C:\Users\Poppy\AppData\Roaming\ZHP
2016-03-10 22:41 - 2008-05-29 10:45 - 00000000 ____D C:\Program Files\Google
2016-03-10 21:08 - 2011-01-28 19:16 - 00000000 ____D C:\Program Files\Microsoft Security Client
2016-03-10 20:59 - 2013-05-01 10:18 - 00000000 ____D C:\Program Files\Mozilla Firefox
2016-03-10 20:31 - 2014-02-23 18:47 - 00000290 __RSH C:\ProgramData\ntuser.pol
2016-03-10 20:29 - 2006-11-02 12:18 - 00000000 ____D C:\Windows\ModemLogs
2016-03-10 19:35 - 2015-01-13 16:13 - 00098520 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2016-03-10 19:34 - 2006-11-02 13:37 - 00000000 ____D C:\Program Files\Windows Collaboration
2016-03-10 10:51 - 2006-11-02 13:37 - 00000000 ____D C:\Program Files\Windows Journal
2016-02-22 04:06 - 2008-07-18 17:51 - 00000000 ____D C:\Users\Poppy
2016-02-22 04:06 - 2006-11-02 13:37 - 00000000 ____D C:\Windows\ShellNew
2016-02-22 04:06 - 2006-11-02 12:18 - 00000000 __RSD C:\Windows\Media
2016-02-22 04:06 - 2006-11-02 12:18 - 00000000 ____D C:\Windows\system32\spool
2016-02-22 04:06 - 2006-11-02 12:18 - 00000000 ____D C:\Windows\system32\Msdtc
2016-02-22 04:06 - 2006-11-02 12:18 - 00000000 ____D C:\Windows\system32\ias
2016-02-22 04:06 - 2006-11-02 12:18 - 00000000 ____D C:\Windows\PolicyDefinitions
2016-02-22 04:06 - 2006-11-02 11:22 - 56360960 _____ C:\Windows\system32\config\software_previous
2016-02-22 04:06 - 2006-11-02 11:22 - 33554432 _____ C:\Windows\system32\config\system_previous
2016-02-22 04:05 - 2009-09-22 15:45 - 00000000 ____D C:\ProgramData\Real
2016-02-22 04:05 - 2006-11-02 12:18 - 00000000 ____D C:\Windows\registration
2016-02-22 03:58 - 2006-11-02 11:22 - 48758784 _____ C:\Windows\system32\config\components_previous
2016-02-22 03:58 - 2006-11-02 11:22 - 00262144 _____ C:\Windows\system32\config\sam_previous
2016-02-21 18:50 - 2006-11-02 11:22 - 00524288 _____ C:\Windows\system32\config\default_previous
2016-02-21 18:50 - 2006-11-02 11:22 - 00262144 _____ C:\Windows\system32\config\security_previous
2016-02-21 18:13 - 2009-06-14 18:47 - 00000000 ____D C:\Users\Poppy\AppData\Roaming\Skype

==================== Fichiers à la racine de certains dossiers =======

2016-02-21 19:10 - 2016-02-21 19:10 - 6871040 _____ () C:\Program Files\GUTAAD0.tmp
2014-02-24 22:28 - 2015-04-17 17:42 - 0000148 _____ () C:\Users\Poppy\AppData\Roaming\WB.CFG
2008-07-19 16:28 - 2016-03-12 08:41 - 0008554 _____ () C:\Users\Poppy\AppData\Roaming\wklnhst.dat
2010-01-02 19:44 - 2016-03-13 07:58 - 0001356 _____ () C:\Users\Poppy\AppData\Local\d3d9caps.dat
2008-08-22 18:05 - 2015-03-01 17:08 - 0013824 _____ () C:\Users\Poppy\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2015-01-26 09:16 - 2015-02-08 16:03 - 0000010 _____ () C:\Users\Poppy\AppData\Local\DSI.DAT
2009-03-08 17:12 - 2009-03-08 17:12 - 0000056 ____H () C:\ProgramData\ezsidmv.dat

Certains fichiers dans TEMP:
====================
C:\Users\Poppy\AppData\Local\Temp\avgnt.exe


==================== Bamital & volsnap =================

(Il n'y a pas de correction automatique pour les fichiers qui ne satisfont pas à la vérification.)

C:\Windows\explorer.exe => Le fichier est signé numériquement
C:\Windows\system32\winlogon.exe => Le fichier est signé numériquement
C:\Windows\system32\wininit.exe => Le fichier est signé numériquement
C:\Windows\system32\svchost.exe => Le fichier est signé numériquement
C:\Windows\system32\services.exe => Le fichier est signé numériquement
C:\Windows\system32\User32.dll => Le fichier est signé numériquement
C:\Windows\system32\userinit.exe => Le fichier est signé numériquement
C:\Windows\system32\rpcss.dll => Le fichier est signé numériquement
C:\Windows\system32\dnsapi.dll => Le fichier est signé numériquement
C:\Windows\system32\Drivers\volsnap.sys => Le fichier est signé numériquement


LastRegBack: 2016-03-13 08:07

==================== Fin de FRST.txt ============================

Publicité


Signaler le contenu de ce document

Publicité