cjoint

Publicité


Publicité

Format du document : text/plain

Prévisualisation

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version:03-06-2016
Ran by Administrator (administrator) on LIGHT-SP3 (08-07-2016 08:46:49)
Running from D:\Documents and Settings\Administrator\Desktop
Loaded Profiles: Administrator (Available Profiles: Administrator)
Platform: Microsoft Windows XP Professional Service Pack 3 (X86) Language: Anglais (États-Unis)
Internet Explorer Version 8 (Default browser: "D:\Program Files\Avant Browser\avant.exe" "%1")
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(ESET) D:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
(Malwarebytes) D:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe
(TechSmith Corporation) D:\Program Files\TechSmith\Snagit 10\Snagit32.exe
(Malwarebytes) D:\Program Files\Malwarebytes Anti-Malware\mbam.exe
(TechSmith Corporation) D:\Program Files\TechSmith\Snagit 10\TscHelp.exe
(TechSmith Corporation) D:\Program Files\TechSmith\Snagit 10\SnagPriv.exe
(TechSmith Corporation) D:\Program Files\TechSmith\Snagit 10\SnagitEditor.exe


==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKU\S-1-5-19\...\RunOnce: [_nltide_3] => rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N
HKU\S-1-5-19\...\Policies\Explorer: [LinkResolveIgnoreLinkInfo] 1
HKU\S-1-5-19\...\Policies\Explorer: [NoResolveSearch] 1
HKU\S-1-5-19\...\Policies\Explorer: [NoLowDiskSpaceChecks] 1
HKU\S-1-5-20\...\RunOnce: [_nltide_3] => rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N
HKU\S-1-5-20\...\Policies\Explorer: [LinkResolveIgnoreLinkInfo] 1
HKU\S-1-5-20\...\Policies\Explorer: [NoResolveSearch] 1
HKU\S-1-5-20\...\Policies\Explorer: [NoLowDiskSpaceChecks] 1
HKU\S-1-5-21-1292428093-1220945662-1177238915-500\...\Run: [CCleaner Monitoring] => D:\Program Files\CCleaner\CCleaner.exe [6405912 2015-06-01] (Piriform Ltd)
HKU\S-1-5-21-1292428093-1220945662-1177238915-500\...\Policies\Explorer: [LinkResolveIgnoreLinkInfo] 1
HKU\S-1-5-21-1292428093-1220945662-1177238915-500\...\Policies\Explorer: [NoResolveSearch] 1
HKU\S-1-5-21-1292428093-1220945662-1177238915-500\...\Policies\Explorer: [NoLowDiskSpaceChecks] 1
HKU\S-1-5-21-1292428093-1220945662-1177238915-500\Control Panel\Desktop\\SCRNSAVE.EXE -> D:\WINDOWS\System32\aus_ddss.SCR [750760 2010-11-10] ()
HKU\S-1-5-18\...\RunOnce: [_nltide_3] => rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N
HKU\S-1-5-18\...\Policies\Explorer: [LinkResolveIgnoreLinkInfo] 1
HKU\S-1-5-18\...\Policies\Explorer: [NoResolveSearch] 1
HKU\S-1-5-18\...\Policies\Explorer: [NoLowDiskSpaceChecks] 1
SecurityProviders: msapsspc.dll, schannel.dll, credssp.dll, digest.dll, msnsspc.dll
Startup: D:\Documents and Settings\All Users\Start Menu\Programs\Startup\Snagit 10.lnk [2016-05-18]
ShortcutTarget: Snagit 10.lnk -> D:\Program Files\TechSmith\Snagit 10\Snagit32.exe (TechSmith Corporation)
Startup: D:\Documents and Settings\Default User\Start Menu\Programs\Startup\PandaUSBVaccine.lnk [2016-05-18]
ShortcutTarget: PandaUSBVaccine.lnk -> D:\Program Files\Panda USB Vaccine\USBVaccine.exe (Panda Security)
BootExecute: autocheck autochk * pgdfgsvc D 1

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{932A5E87-6008-4DD8-8179-FFD3140C64A3}: [DhcpNameServer] 192.168.1.1

Internet Explorer:
==================
HKU\.DEFAULT\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
HKU\S-1-5-19\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
HKU\S-1-5-20\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
HKU\S-1-5-21-1292428093-1220945662-1177238915-500\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
HKU\S-1-5-21-1292428093-1220945662-1177238915-500\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
BHO: IE7Pro BHO -> {00011268-E188-40DF-A514-835FCD78B1BF} -> D:\Program Files\IEPro\iepro.dll [2010-06-02] (IE7Pro.com)
BHO: SnagIt Toolbar Loader -> {00C6482D-C502-44C8-8409-FCE54AD9C208} -> D:\Program Files\TechSmith\Snagit 10\SnagitBHO.dll [2011-03-21] (TechSmith Corporation)
BHO: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> D:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2012-04-04] (Adobe Systems Incorporated)
Toolbar: HKLM - Grab Pro - {C55BBCD6-41AD-48AD-9953-3609C48EACC7} - D:\Program Files\IEPro\IEProRecorder.dll [2010-06-02] ()
Toolbar: HKLM - Snagit - {8FF5E183-ABDE-46EB-B09E-D2AAB95CABE3} - D:\Program Files\TechSmith\Snagit 10\SnagitIEAddin.dll [2011-03-21] (TechSmith Corporation)
Toolbar: HKU\S-1-5-21-1292428093-1220945662-1177238915-500 -> No Name - {8FF5E180-ABDE-46EB-B09E-D2AAB95CABE3} - No File

FireFox:
========
FF ProfilePath: D:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\zdxu0fbw.default
FF Plugin: @adobe.com/FlashPlayer -> D:\WINDOWS\system32\Macromed\Flash\NPSWF32_21_0_0_242.dll [2016-07-06] ()
FF Plugin: @videolan.org/vlc,version=2.0.3 -> D:\Program Files\VideoLAN\VLC\npvlc.dll [2012-07-19] (VideoLAN)
FF Plugin: Adobe Reader -> D:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll [2012-04-04] (Adobe Systems Inc.)

Chrome:
=======
StartMenuInternet: chrome.exe - D:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
StartMenuInternet: Google Chrome.GRXFHFHOUMK7YKR5VEDCH2T66A - D:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Chrome\Application\chrome.exe

==================== Services (Whitelisted) ========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 DcomLaunch; D:\WINDOWS\system32\rpcss.dll [401408 2011-06-15] (Microsoft Corporation) [File not signed]
R2 Dhcp; D:\WINDOWS\System32\dhcpcsvc.dll [126976 2011-06-15] (Microsoft Corporation) [File not signed]
R2 Dnscache; D:\WINDOWS\System32\dnsrslvr.dll [45568 2011-06-15] (Microsoft Corporation) [File not signed]
S3 Dot3svc; D:\WINDOWS\System32\dot3svc.dll [132096 2011-06-15] (Microsoft Corporation) [File not signed]
S3 EhttpSrv; D:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe [19200 2008-10-24] (ESET)
R2 ekrn; D:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe [468224 2008-10-24] (ESET)
R2 Eventlog; D:\WINDOWS\system32\services.exe [110592 2011-06-15] (Microsoft Corporation) [File not signed]
R3 EventSystem; D:\WINDOWS\system32\es.dll [253952 2011-06-15] (Microsoft Corporation) [File not signed]
R3 FastUserSwitchingCompatibility; D:\WINDOWS\System32\shsvcs.dll [135168 2011-06-15] (Microsoft Corporation) [File not signed]
R2 LanmanServer; D:\WINDOWS\System32\srvsvc.dll [99840 2011-06-15] (Microsoft Corporation) [File not signed]
R2 lanmanworkstation; D:\WINDOWS\System32\wkssvc.dll [134144 2011-06-15] (Microsoft Corporation) [File not signed]
S2 MBAMService; D:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe [1136608 2016-03-10] (Malwarebytes)
S3 MSIServer; D:\WINDOWS\System32\msiexec.exe [106496 2011-03-01] (Microsoft Corporation) [File not signed]
R3 Nla; D:\WINDOWS\System32\mswsock.dll [245248 2011-06-15] (Microsoft Corporation) [File not signed]
R2 PlugPlay; D:\WINDOWS\system32\services.exe [110592 2011-06-15] (Microsoft Corporation) [File not signed]
R2 RpcSs; D:\WINDOWS\system32\rpcss.dll [401408 2011-06-15] (Microsoft Corporation) [File not signed]
R2 SharedAccess; D:\WINDOWS\System32\ipnathlp.dll [330752 2011-06-15] (Microsoft Corporation) [File not signed]
R2 ShellHWDetection; D:\WINDOWS\System32\shsvcs.dll [135168 2011-06-15] (Microsoft Corporation) [File not signed]
R2 Spooler; D:\WINDOWS\system32\spoolsv.exe [58880 2011-06-15] (Microsoft Corporation) [File not signed]
R3 TapiSrv; D:\WINDOWS\System32\tapisrv.dll [249856 2011-06-15] (Microsoft Corporation) [File not signed]
R3 TermService; D:\WINDOWS\System32\termsrv.dll [296960 2011-06-15] (Microsoft Corporation) [File not signed]
R2 Themes; D:\WINDOWS\System32\shsvcs.dll [135168 2011-06-15] (Microsoft Corporation) [File not signed]
R2 W32Time; D:\WINDOWS\system32\w32time.dll [175616 2011-06-15] (Microsoft Corporation) [File not signed]
R2 WebClient; D:\WINDOWS\System32\webclnt.dll [68096 2011-06-15] (Microsoft Corporation) [File not signed]
S3 Wmi; D:\WINDOWS\System32\advapi32.dll [617472 2011-06-15] (Microsoft Corporation) [File not signed]
R2 WZCSVC; D:\WINDOWS\System32\wzcsvc.dll [483328 2011-03-06] (Microsoft Corporation) [File not signed]
S2 NOD32FiXTemDono; D:\WINDOWS\system32\regedt32.exe /s D:\WINDOWS\nod32fixtemdono.reg

===================== Drivers (Whitelisted) ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R1 AFD; D:\WINDOWS\System32\drivers\afd.sys [138496 2011-06-15] (Microsoft Corporation) [File not signed]
R1 Cdrom; D:\WINDOWS\System32\DRIVERS\cdrom.sys [62976 2011-06-15] (Microsoft Corporation) [File not signed]
S3 CisUtMonitor; D:\WINDOWS\System32\DRIVERS\CisUtMonitor.sys [27600 2014-08-07] (CrystalIdea Software)
R0 Disk; D:\WINDOWS\System32\DRIVERS\disk.sys [36352 2011-06-15] (Microsoft Corporation) [File not signed]
R2 eamon; D:\WINDOWS\System32\DRIVERS\eamon.sys [39944 2008-10-24] (ESET)
R1 easdrv; D:\WINDOWS\System32\DRIVERS\easdrv.sys [53256 2008-10-24] (ESET)
R1 epfwtdir; D:\WINDOWS\System32\DRIVERS\epfwtdir.sys [34824 2008-10-24] ()
S4 exFat; D:\WINDOWS\system32\Drivers\exFat.sys [133632 2011-06-15] (Microsoft Corporation) [File not signed]
U1 Fs_Rec; D:\WINDOWS\system32\Drivers\Fs_Rec.sys [9216 2011-06-15] (Microsoft Corporation) [File not signed]
R3 HTTP; D:\WINDOWS\System32\Drivers\HTTP.sys [265728 2011-06-15] (Microsoft Corporation) [File not signed]
R0 KSecDD; D:\WINDOWS\system32\Drivers\KSecDD.sys [92928 2009-06-24] (Microsoft Corporation) [File not signed]
S3 MBAMProtector; D:\WINDOWS\system32\drivers\mbam.sys [24448 2016-03-10] (Malwarebytes)
R0 MountMgr; D:\WINDOWS\system32\Drivers\MountMgr.sys [42752 2011-06-15] (Microsoft Corporation) [File not signed]
R3 MRxDAV; D:\WINDOWS\System32\DRIVERS\mrxdav.sys [180096 2011-06-15] (Microsoft Corporation) [File not signed]
R1 MRxSmb; D:\WINDOWS\System32\DRIVERS\mrxsmb.sys [457856 2011-06-15] (Microsoft Corporation) [File not signed]
R0 Mup; D:\WINDOWS\system32\Drivers\Mup.sys [105472 2011-06-15] (Microsoft Corporation) [File not signed]
R0 mv61xxmm; D:\WINDOWS\system32\Drivers\mv61xxmm.sys [13616 2011-06-22] (Marvell Semiconductor Inc.)
R0 mv64xxmm; D:\WINDOWS\system32\Drivers\mv64xxmm.sys [5632 2011-06-22] (Marvell Semiconductor Inc.) [File not signed]
R0 mvxxmm; D:\WINDOWS\system32\Drivers\mvxxmm.sys [13616 2011-06-22] (Marvell Semiconductor Inc.)
R3 NDProxy; D:\WINDOWS\system32\Drivers\NDProxy.sys [40960 2011-06-15] (Microsoft Corporation) [File not signed]
S3 nm; D:\WINDOWS\System32\DRIVERS\NMnt.sys [40320 2008-04-13] (Microsoft Corporation)
R4 Ntfs; D:\WINDOWS\system32\Drivers\Ntfs.sys [576384 2008-11-18] (Microsoft Corporation) [File not signed]
R2 NwlnkIpx; D:\WINDOWS\System32\DRIVERS\nwlnkipx.sys [88320 2008-04-13] (Microsoft Corporation)
R2 NwlnkNb; D:\WINDOWS\System32\DRIVERS\nwlnknb.sys [63232 2004-08-04] (Microsoft Corporation)
R2 NwlnkSpx; D:\WINDOWS\System32\DRIVERS\nwlnkspx.sys [55936 2004-08-04] (Microsoft Corporation)
R3 PSched; D:\WINDOWS\System32\DRIVERS\psched.sys [70272 2011-06-15] (Microsoft Corporation) [File not signed]
R1 Rdbss; D:\WINDOWS\System32\DRIVERS\rdbss.sys [174848 2011-06-15] (Microsoft Corporation) [File not signed]
R3 rdpdr; D:\WINDOWS\System32\DRIVERS\rdpdr.sys [195712 2009-09-04] (Microsoft Corporation) [File not signed]
R2 rspndr; D:\WINDOWS\System32\DRIVERS\rspndr.sys [62848 2011-06-15] (Microsoft Corporation) [File not signed]
S3 rtl8139; D:\WINDOWS\System32\DRIVERS\RTL8139.SYS [20992 2008-04-13] (Realtek Semiconductor Corporation)
R1 SCDEmu; D:\WINDOWS\system32\Drivers\SCDEmu.sys [123952 2016-02-10] (Power Software Ltd)
R3 Srv; D:\WINDOWS\System32\DRIVERS\srv.sys [357888 2011-06-15] (Microsoft Corporation) [File not signed]
R1 Tcpip; D:\WINDOWS\System32\DRIVERS\tcpip.sys [361600 2011-06-22] (Microsoft Corporation) [File not signed]
S3 TDTCP; D:\WINDOWS\system32\Drivers\TDTCP.sys [22024 2011-06-15] (Microsoft Corporation) [File not signed]
R3 usbehci; D:\WINDOWS\System32\DRIVERS\usbehci.sys [30464 2011-06-15] (Microsoft Corporation) [File not signed]
R3 w29n51; D:\WINDOWS\System32\DRIVERS\w29n51.sys [2216064 2008-01-07] (Intel® Corporation)
S3 eapihdrv; \??\D:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\ehdrv.sys [X]
U1 WS2IFSL; no ImagePath

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-07-08 08:46 - 2016-07-08 08:47 - 00013465 _____ D:\Documents and Settings\Administrator\Desktop\FRST.txt
2016-07-08 08:46 - 2016-07-08 08:46 - 00000000 ____D D:\FRST
2016-07-07 14:21 - 2016-07-07 14:21 - 00000191 _____ D:\Documents and Settings\Administrator\My Documents\TT;CMD.txt
2016-07-07 14:21 - 2016-07-07 14:21 - 00000191 _____ D:\Documents and Settings\Administrator\My Documents\FF.cmd
2016-07-07 14:00 - 2016-07-07 14:00 - 00081743 _____ D:\Documents and Settings\Administrator\Desktop\ييي.sqf
2016-07-07 13:59 - 2016-07-07 14:22 - 00000000 ____D D:\Documents and Settings\Administrator\My Documents\SWF Quicker SlideShow
2016-07-07 13:55 - 2016-07-07 13:55 - 00000885 _____ D:\Documents and Settings\All Users\Desktop\Sothink SWF Quicker.lnk
2016-07-07 13:54 - 2016-07-07 13:54 - 00000000 ____D D:\Program Files\Common Files\SourceTec
2016-07-07 13:54 - 2016-07-07 13:54 - 00000000 ____D D:\Documents and Settings\All Users\Start Menu\Programs\SourceTec
2016-07-07 13:54 - 2009-06-04 15:28 - 00044544 _____ (Microsoft Corporation) D:\WINDOWS\system32\msxml4a.dll
2016-07-07 13:53 - 2016-07-07 13:53 - 00000000 ____D D:\Program Files\SourceTec
2016-07-07 13:53 - 2016-07-07 13:42 - 01734656 _____ (Farbar) D:\Documents and Settings\Administrator\Desktop\FRST.exe
2016-07-07 10:56 - 2016-07-07 11:00 - 00000000 ____D D:\Documents and Settings\Administrator\Desktop\Nouveau dossier (3)
2016-07-06 13:54 - 2016-07-07 10:55 - 00002673 _____ D:\Documents and Settings\Administrator\Desktop\Transparent Image Converter 1.1.lnk
2016-07-06 12:12 - 2016-07-06 12:12 - 00000000 ____D D:\Documents and Settings\All Users\Application Data\McAfee
2016-07-06 12:11 - 2016-07-06 12:11 - 00797376 _____ (Adobe Systems Incorporated) D:\WINDOWS\system32\FlashPlayerApp.exe
2016-07-06 10:48 - 2016-07-06 10:51 - 00000000 ____D D:\Documents and Settings\Administrator\Application Data\Mozilla
2016-07-06 10:48 - 2016-07-06 10:48 - 00000000 ____D D:\Documents and Settings\Administrator\Local Settings\Application Data\Mozilla
2016-07-05 14:11 - 2016-07-05 14:11 - 00000730 _____ D:\Documents and Settings\All Users\Start Menu\Programs\Mozilla Firefox.lnk
2016-07-05 14:11 - 2016-07-05 14:11 - 00000724 _____ D:\Documents and Settings\All Users\Desktop\Mozilla Firefox.lnk
2016-07-05 14:10 - 2016-07-05 14:11 - 00000000 ____D D:\Program Files\Mozilla Maintenance Service
2016-07-05 14:09 - 2016-07-05 14:10 - 00000000 ____D D:\Program Files\Mozilla Firefox
2016-07-05 12:42 - 2016-07-06 13:57 - 00013824 ___SH D:\Documents and Settings\Administrator\My Documents\Thumbs.db
2016-06-29 06:09 - 2016-07-07 11:40 - 00000438 ____H D:\WINDOWS\Tasks\User_Feed_Synchronization-{1C409140-EAAC-44E0-9E0A-98E2A2BE0273}.job
2016-06-29 06:08 - 2016-06-29 06:08 - 00000000 __SHD D:\Documents and Settings\Administrator\IECompatCache
2016-06-28 13:33 - 2016-07-06 13:51 - 00000000 ____D D:\Documents and Settings\Administrator\Local Settings\Application Data\Google
2016-06-28 12:43 - 2016-06-28 12:43 - 00000000 ____D D:\WINDOWS\pss

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-07-08 08:47 - 2016-05-18 18:51 - 00000000 ____D D:\Documents and Settings\Administrator\Local Settings\Temp
2016-07-08 08:38 - 2016-05-18 20:29 - 00170200 _____ (Malwarebytes) D:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2016-07-08 08:37 - 2016-05-18 18:50 - 00000006 ____H D:\WINDOWS\Tasks\SA.DAT
2016-07-07 14:21 - 2016-05-18 18:51 - 00000000 ___RD D:\Documents and Settings\Administrator\My Documents
2016-07-07 14:21 - 2016-05-18 18:43 - 00000932 _____ D:\WINDOWS\system32\WIN32PAD.INI
2016-07-07 14:20 - 2016-05-20 19:37 - 00000191 _____ D:\Documents and Settings\Administrator\Desktop\Nouveau Text Document.txt
2016-07-07 13:50 - 2016-05-18 18:55 - 00000000 ___RD D:\Documents and Settings\Administrator\My Documents\My Pictures
2016-07-07 13:50 - 2016-05-18 18:55 - 00000000 ___RD D:\Documents and Settings\Administrator\My Documents\My Music
2016-07-07 13:34 - 2016-05-18 18:41 - 00000749 ___RH D:\WINDOWS\WindowsShell.Manifest
2016-07-07 13:34 - 2016-05-18 18:41 - 00000749 ___RH D:\WINDOWS\system32\wuaucpl.cpl.manifest
2016-07-07 13:34 - 2016-05-18 18:41 - 00000749 ___RH D:\WINDOWS\system32\sapi.cpl.manifest
2016-07-07 13:34 - 2016-05-18 18:41 - 00000749 ___RH D:\WINDOWS\system32\nwc.cpl.manifest
2016-07-07 13:34 - 2016-05-18 18:41 - 00000749 ___RH D:\WINDOWS\system32\ncpa.cpl.manifest
2016-07-07 13:34 - 2016-05-18 18:41 - 00000749 ___RH D:\WINDOWS\system32\cdplayer.exe.manifest
2016-07-07 11:07 - 2016-05-21 18:05 - 00114176 ___SH D:\Documents and Settings\Administrator\Desktop\Thumbs.db
2016-07-07 10:28 - 2016-05-18 18:51 - 00000000 ____D D:\Documents and Settings\Administrator
2016-07-07 09:50 - 2016-05-25 21:21 - 00000000 ____D D:\Documents and Settings\Administrator\My Documents\Nouveau dossier
2016-07-07 09:24 - 2016-05-18 20:32 - 00462476 _____ D:\WINDOWS\system32\PerfStringBackup.INI
2016-07-06 13:59 - 2016-05-18 18:50 - 00018284 ____N D:\WINDOWS\SchedLgU.Txt
2016-07-06 12:33 - 2016-05-21 19:24 - 00000000 ____D D:\Documents and Settings\Administrator\Local Settings\Application Data\Adobe
2016-07-06 12:11 - 2011-06-15 08:21 - 00142528 _____ (Adobe Systems Incorporated) D:\WINDOWS\system32\FlashPlayerCPLApp.cpl
2016-07-06 10:41 - 2004-08-04 13:00 - 00002184 _____ D:\WINDOWS\system32\wpa.dbl
2016-07-05 14:12 - 2016-05-18 18:51 - 00000178 ___SH D:\Documents and Settings\Administrator\ntuser.ini
2016-07-05 12:50 - 2016-05-19 18:38 - 00000553 _____ D:\Documents and Settings\Administrator\Desktop\ZHPDiag.txt
2016-07-05 12:44 - 2016-05-18 19:34 - 00000148 _____ D:\Documents and Settings\Administrator\Application Data\licecap.ini
2016-07-05 09:58 - 2016-05-18 18:44 - 00000000 ____D D:\Program Files\ESET
2016-06-28 12:44 - 2004-08-04 13:00 - 00000507 _____ D:\WINDOWS\win.ini
2016-06-28 12:44 - 2004-08-04 13:00 - 00000227 _____ D:\WINDOWS\system.ini
2016-06-28 12:43 - 2016-05-22 00:25 - 00000000 ____D D:\Documents and Settings\Administrator\Application Data\vlc
2016-06-28 12:36 - 2016-05-21 18:01 - 00000000 ____D D:\WINDOWS\Minidump

==================== Files in the root of some directories =======

2016-05-18 19:34 - 2016-07-05 12:44 - 0000148 _____ () D:\Documents and Settings\Administrator\Application Data\licecap.ini
2016-05-18 18:43 - 2010-09-11 14:38 - 0000272 _____ () D:\Documents and Settings\Administrator\Local Settings\Application Data\magnifier.ini

Files to move or delete:
====================
D:\Documents and Settings\Administrator\ZHPDiag3.exe


==================== Bamital & volsnap =================

(There is no automatic fix for files that do not pass verification.)

D:\WINDOWS\explorer.exe
[2011-03-01 04:29] - [2011-03-01 04:29] - 1499136 ____A (Microsoft Corporation) 6DA4FBD985476636DC44303108DB7D05

D:\WINDOWS\system32\winlogon.exe
[2011-06-15 08:20] - [2011-06-15 08:20] - 0509440 ____A (Microsoft Corporation) 53A8857723277B1D6D5EE60A9F85B117

D:\WINDOWS\system32\svchost.exe => File is digitally signed
D:\WINDOWS\system32\services.exe
[2011-06-15 08:20] - [2011-06-15 08:20] - 0110592 ____A (Microsoft Corporation) C519E15665CD89A91AD383FCE3CB556A

D:\WINDOWS\system32\User32.dll
[2011-03-01 04:27] - [2011-03-01 04:27] - 0487424 ____A (Microsoft Corporation) 313EE8F553ECD632CD07841F56EFF405

D:\WINDOWS\system32\userinit.exe => File is digitally signed
D:\WINDOWS\system32\rpcss.dll => MD5 is legit
D:\WINDOWS\system32\dnsapi.dll => MD5 is legit
D:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed

==================== End of FRST.txt ============================

Publicité


Signaler le contenu de ce document

Publicité