cjoint

Publicité


Publicité

Format du document : text/plain

Prévisualisation

Résultats d'analyse de Farbar Recovery Scan Tool (FRST) (x86) Version:05-03-2016 01
Exécuté par Gérard (administrateur) sur STEPHANE (07-03-2016 19:41:11)
Exécuté depuis C:\Program Files\Wanadoo\Utilisateur1\Téléchargements
Profils chargés: Gérard (Profils disponibles: Gérard)
Platform: Microsoft Windows XP Édition familiale Service Pack 3 (X86) Langue: Français (France)
Internet Explorer Version 8 (Navigateur par défaut: FF)
Mode d'amorçage: Normal
Tutoriel pour Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processus (Avec liste blanche) =================

(Si un élément est inclus dans le fichier fixlist.txt, le processus sera arrêté. Le fichier ne sera pas déplacé.)

(IObit) C:\Program Files\IObit\Advanced SystemCare\ASCService.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\Antivirus\sched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\Antivirus\avguard.exe
(Microsoft Corporation) C:\Program Files\Microsoft\BingBar\SeaPort.EXE
(IObit) C:\Program Files\IObit\Smart Defrag 4\SmartDefrag.exe
(IObit) C:\Program Files\IObit\Advanced SystemCare\Monitor.exe
(ASUSTeK COMPUTER INC.) D:\Center.exe
(Oracle Corporation) C:\Program Files\Fichiers communs\Java\Java Update\jusched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\Antivirus\avgnt.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner.exe
(IObit) C:\Program Files\IObit\Advanced SystemCare\Suo10_SmartRAM.exe
(IObit) C:\Program Files\IObit\Advanced SystemCare\ASCTray.exe
(LULU Software Limited) C:\Documents and Settings\All Users\Application Data\LULU Software\Soda PDF 8 Manager\Soda PDF 8\Soda Manager.exe
(Microsoft Corporation) C:\WINDOWS\system32\wbem\unsecapp.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\Antivirus\avshadow.exe
(IObit) C:\Program Files\IObit\IObit Malware Fighter\IMFsrv.exe
(IObit) C:\Program Files\IObit\IObit Uninstaller\UninstallMonitor.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe


==================== Registre (Avec liste blanche) ===========================

(Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé. Le fichier ne sera pas déplacé.)

HKLM\...\Run: [IObit Malware Fighter] => C:\Program Files\IObit\IObit Malware Fighter\IMF.exe [5889824 2015-07-28] (IObit)
HKLM\...\Run: [Control Center] => D:\Center.exe [1667584 2006-03-02] (ASUSTeK COMPUTER INC.)
HKLM\...\Run: [NvCplDaemon] => RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
HKLM\...\Run: [SunJavaUpdateSched] => C:\Program Files\Fichiers communs\Java\Java Update\jusched.exe [595504 2016-01-29] (Oracle Corporation)
HKLM\...\Run: [avgnt] => C:\Program Files\Avira\Antivirus\avgnt.exe [804168 2016-02-18] (Avira Operations GmbH & Co. KG)
HKLM\...\Policies\Explorer: [NoCDBurning] 0
HKU\S-1-5-21-2000478354-436374069-1343024091-1004\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner.exe [6638296 2016-02-12] (Piriform Ltd)
HKU\S-1-5-21-2000478354-436374069-1343024091-1004\...\Run: [SmartRAM] => C:\Program Files\IObit\Advanced SystemCare\Suo10_SmartRAM.exe [561440 2016-01-05] (IObit)
HKU\S-1-5-21-2000478354-436374069-1343024091-1004\...\Run: [Advanced SystemCare 9] => C:\Program Files\IObit\Advanced SystemCare\ASCTray.exe [2019616 2016-01-11] (IObit)
HKU\S-1-5-21-2000478354-436374069-1343024091-1004\...\Policies\Explorer: [NoInstrumentation] 1
HKU\S-1-5-21-2000478354-436374069-1343024091-1004\...\Policies\Explorer: [NolowDiskSpaceChecks] 1
HKU\S-1-5-21-2000478354-436374069-1343024091-1004\...\MountPoints2: {24ed5cf3-d790-11de-b220-0040f46b1595} - G:\InstallTomTomHOME.exe
HKU\S-1-5-21-2000478354-436374069-1343024091-1004\...\MountPoints2: {ba192000-ebb1-11dc-af45-0040f46b1595} - G:\LaunchU3.exe -a
HKU\S-1-5-21-2000478354-436374069-1343024091-1004\...\MountPoints2: {bc34b586-2f4e-11df-b2ae-0040f46b1595} - G:\VIRTUAL_OPTICIAN.exe
HKU\S-1-5-21-2000478354-436374069-1343024091-1004\...\MountPoints2: {bfc65310-ebb2-11dc-af46-0040f46b1595} - G:\LaunchU3.exe -a
SecurityProviders: msapsspc.dll, schannel.dll, msnsspc.dll
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => Pas de fichier
ShellIconOverlayIdentifiers: [Fichiers hors connexion] -> {750fdf0e-2a26-11d1-a3ea-080036587f03} => C:\WINDOWS\System32\cscui.dll [2008-04-14] (Microsoft Corporation)

==================== Internet (Avec liste blanche) ====================

(Si un élément est inclus dans le fichier fixlist.txt, s'il s'agit d'un élément du Registre, il sera supprimé ou restauré à la valeur par défaut.)

Tcpip\Parameters: [DhcpNameServer] 192.168.1.254
Tcpip\..\Interfaces\{11FC4A46-3D27-45BD-9271-2FD166C63547}: [DhcpNameServer] 192.168.1.254
Tcpip\..\Interfaces\{6EA67383-19F0-485B-A77A-E68B112026C7}: [DhcpNameServer] 192.168.30.1 0.0.0.0

Internet Explorer:
==================
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
HKU\S-1-5-21-2000478354-436374069-1343024091-1004\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.fr/?q={searchTerms}
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.fr/
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.fr/
HKU\S-1-5-21-2000478354-436374069-1343024091-1004\Software\Microsoft\Internet Explorer\Main,SearchMigratedDefaultURL = hxxp://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8
HKU\S-1-5-21-2000478354-436374069-1343024091-1004\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxp://www.wanadoo.fr/go/page_recherche/
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-2000478354-436374069-1343024091-1004 -> DefaultScope {6586d803-df30-46d3-a89a-4136c8571d45} URL = hxxps://fr.search.yahoo.com/yhs/search?hspart=iry&hsimp=yhs-fullyhosted_003&type=wch_nxtad_16_05¶m1=1¶m2=f%3D4%26b%3DIE%26cc%3Dfr%26pa%3DWincy%26cd%3D2XzuyEtN2Y1L1QzutDtDyEtD0C0AyE0E0C0F0D0F0F0EtAtDtN0D0Tzu0StCyEzyyCtN1L2XzutAtFtCyBtFzytFtDtN1L1Czu1ByEtN1L1G1B1V1N2Y1L1Qzu2SyDyDtAyD0DtC0C0DtGtAyB0DzztG0EzytCtAtGtC0EzztCtGyE0A0FyDyE0A0D0DyE0E0C0D2QtN1M1F1B2Z1V1N2Y1L1Qzu2S0CyE0BtAyBtBtD0EtGtDtC0A0FtGyEtBtAtAtGzyyE0FtCtG0Dzy0EzyyC0D0ByByE0Fzz0C2QtN0A0LzutB%26cr%3D990388799%26a%3Dwch_nxtad_16_05%26os_ver%3D5.1%26os%3DWindows%2BXP&p={searchTerms}
SearchScopes: HKU\S-1-5-21-2000478354-436374069-1343024091-1004 -> {41689134-1F0E-4FCF-BFC7-6D807DD792CF} URL = hxxp://www.bing.com/search?FORM=WLETDF&PC=WLEM&q={searchTerms}&src=IE-SearchBox
SearchScopes: HKU\S-1-5-21-2000478354-436374069-1343024091-1004 -> {6586d803-df30-46d3-a89a-4136c8571d45} URL = hxxps://fr.search.yahoo.com/yhs/search?hspart=iry&hsimp=yhs-fullyhosted_003&type=wch_nxtad_16_05¶m1=1¶m2=f%3D4%26b%3DIE%26cc%3Dfr%26pa%3DWincy%26cd%3D2XzuyEtN2Y1L1QzutDtDyEtD0C0AyE0E0C0F0D0F0F0EtAtDtN0D0Tzu0StCyEzyyCtN1L2XzutAtFtCyBtFzytFtDtN1L1Czu1ByEtN1L1G1B1V1N2Y1L1Qzu2SyDyDtAyD0DtC0C0DtGtAyB0DzztG0EzytCtAtGtC0EzztCtGyE0A0FyDyE0A0D0DyE0E0C0D2QtN1M1F1B2Z1V1N2Y1L1Qzu2S0CyE0BtAyBtBtD0EtGtDtC0A0FtGyEtBtAtAtGzyyE0FtCtG0Dzy0EzyyC0D0ByByE0Fzz0C2QtN0A0LzutB%26cr%3D990388799%26a%3Dwch_nxtad_16_05%26os_ver%3D5.1%26os%3DWindows%2BXP&p={searchTerms}
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_74\bin\ssv.dll [2016-02-16] (Oracle Corporation)
BHO: Bing Bar Helper -> {d2ce3e00-f94a-4740-988e-03dc2f38c34f} -> C:\Program Files\Microsoft\BingBar\BingExt.dll [2011-10-21] (Microsoft Corporation.)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_74\bin\jp2ssv.dll [2016-02-16] (Oracle Corporation)
Toolbar: HKLM - Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files\Microsoft\BingBar\BingExt.dll [2011-10-21] (Microsoft Corporation.)
Toolbar: HKU\.DEFAULT -> Pas de nom - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - Pas de fichier
Toolbar: HKU\S-1-5-21-2000478354-436374069-1343024091-1004 -> Pas de nom - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - Pas de fichier
Toolbar: HKU\S-1-5-21-2000478354-436374069-1343024091-1004 -> Pas de nom - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - Pas de fichier
Toolbar: HKU\S-1-5-21-2000478354-436374069-1343024091-1004 -> Pas de nom - {D3028143-6145-4318-99D3-3EDCE54A95A9} - Pas de fichier
DPF: {5A779DC0-837B-4590-AC42-C7C0847478C5} hxxp://logicielsgratuits.orange.fr/download_service/Install/OrangeInstaller.cab
Handler: http\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\SYSTEM\OLE DB\msdaipp.dll [2005-09-20] (Microsoft Corporation)
Handler: http\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\SYSTEM\OLE DB\msdaipp.dll [2005-09-20] (Microsoft Corporation)
Handler: https\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\SYSTEM\OLE DB\msdaipp.dll [2005-09-20] (Microsoft Corporation)
Handler: https\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\SYSTEM\OLE DB\msdaipp.dll [2005-09-20] (Microsoft Corporation)
Handler: ipp\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\SYSTEM\OLE DB\msdaipp.dll [2005-09-20] (Microsoft Corporation)
Handler: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.14.0.8089.0726.dll [2009-07-26] (Microsoft Corporation)
Handler: msdaipp\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\SYSTEM\OLE DB\msdaipp.dll [2005-09-20] (Microsoft Corporation)
Handler: msdaipp\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\SYSTEM\OLE DB\msdaipp.dll [2005-09-20] (Microsoft Corporation)
Handler: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.14.0.8089.0726.dll [2009-07-26] (Microsoft Corporation)

FireFox:
========
FF ProfilePath: C:\Documents and Settings\Gérard\Application Data\Mozilla\Firefox\Profiles\2k4q46bz.default-1453744868576
FF DefaultSearchEngine: Google
FF SelectedSearchEngine: Google
FF Homepage: hxxp://www.google.com
FF NetworkProxy: "type", 0
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF32_20_0_0_306.dll [2016-02-16] ()
FF Plugin: @java.com/DTPlugin,version=11.74.2 -> C:\Program Files\Java\jre1.8.0_74\bin\dtplugin\npDeployJava1.dll [2016-02-16] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.74.2 -> C:\Program Files\Java\jre1.8.0_74\bin\plugin2\npjp2.dll [2016-02-16] (Oracle Corporation)
FF Plugin: @microsoft.com/WLPG,version=14.0.8081.0709 -> C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll [2009-07-10] (Microsoft Corporation)
FF Plugin: @microsoft.com/WPF,version=3.5 -> C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll [2008-07-29] (Microsoft Corporation)
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.29.1\npGoogleUpdate3.dll [2015-12-21] (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.29.1\npGoogleUpdate3.dll [2015-12-21] (Google Inc.)
FF Plugin: @videolan.org/vlc,version=2.2.2 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2016-01-21] (VideoLAN)
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF Extension: Microsoft .NET Framework Assistant - C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension [2010-03-13] [non signé]
FF HKLM\...\Firefox\Extensions: [soda_pdf_8_conv@sodapdf.com] - C:\Program Files\Soda PDF 8\resources\sodapdf8firefoxextension => non trouvé(e)

==================== Services (Avec liste blanche) ========================

(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)

R2 AdvancedSystemCareService9; C:\Program Files\IObit\Advanced SystemCare\ASCService.exe [446240 2016-01-05] (IObit)
S2 AntiVirMailService; C:\Program Files\Avira\Antivirus\avmailc.exe [930944 2016-02-18] (Avira Operations GmbH & Co. KG)
R2 AntiVirSchedulerService; C:\Program Files\Avira\Antivirus\sched.exe [466408 2016-02-18] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files\Avira\Antivirus\avguard.exe [466408 2016-02-18] (Avira Operations GmbH & Co. KG)
S4 AntiVirWebService; C:\Program Files\Avira\Antivirus\AVWEBGRD.EXE [1223920 2016-02-18] (Avira Operations GmbH & Co. KG)
S3 AppMgmt; C:\WINDOWS\system32\svchost.exe [14336 2008-04-14] (Microsoft Corporation)
R3 IMFservice; C:\Program Files\IObit\IObit Malware Fighter\IMFsrv.exe [882464 2015-07-17] (IObit)
S2 LiveUpdateSvc; C:\Program Files\IObit\LiveUpdate\LiveUpdate.exe [2945312 2016-01-15] (IObit)
S4 Pml Driver HPZ12; C:\WINDOWS\system32\HPZipm12.exe [73728 2007-08-09] (HP) [Fichier non signé]
R2 Soda PDF 8 Manager; C:\Documents and Settings\All Users\Application Data\LULU Software\Soda PDF 8 Manager\Soda PDF 8\Soda Manager.exe [876024 2015-12-21] (LULU Software Limited)
S3 WsAppService; C:\Program Files\Wondershare\WAF\WsAppService.exe [252816 2015-04-30] (Wondershare)

===================== Pilotes (Avec liste blanche) ==========================

(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)

R2 AegisP; C:\WINDOWS\System32\DRIVERS\AegisP.sys [20747 2015-08-19] (Meetinghouse Data Communications) [Fichier non signé]
R3 Afc; C:\WINDOWS\System32\drivers\Afc.sys [18688 2006-11-10] (Arcsoft, Inc.)
R3 ALCXWDM; C:\WINDOWS\System32\drivers\ALCXWDM.SYS [4122368 2015-08-20] (Realtek Semiconductor Corp.)
R3 ASNDIS5; C:\WINDOWS\system32\ASNDIS5.SYS [16269 2002-09-09] (Printing Communications Assoc., Inc. (PCAUSA)) [Fichier non signé]
R2 avgntflt; C:\WINDOWS\System32\DRIVERS\avgntflt.sys [106968 2016-02-18] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\WINDOWS\System32\DRIVERS\avipbb.sys [135760 2016-02-18] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\WINDOWS\System32\DRIVERS\avkmgr.sys [37896 2016-02-18] (Avira Operations GmbH & Co. KG)
R3 BCM43XX; C:\WINDOWS\System32\DRIVERS\bcmwl5.sys [371712 2005-02-11] (Broadcom Corporation)
S3 CCDECODE; C:\WINDOWS\System32\DRIVERS\CCDECODE.sys [17024 2008-04-13] (Microsoft Corporation)
S4 FileMonitor; C:\Program Files\IObit\IObit Malware Fighter\Drivers\wxp_x86\FileMonitor.sys [247968 2015-03-25] (IObit)
R2 fssfltr; C:\WINDOWS\System32\DRIVERS\fssfltr_tdi.sys [54752 2009-08-05] (Microsoft Corporation)
S3 gameenum; C:\WINDOWS\System32\DRIVERS\gameenum.sys [10624 2008-04-13] (Microsoft Corporation)
S3 gfiutil; C:\WINDOWS\System32\drivers\gfiutil.sys [24040 2013-09-04] (ThreatTrack Security)
S3 HPZid412; C:\WINDOWS\System32\DRIVERS\HPZid412.sys [49920 2007-11-01] (HP)
S3 HPZipr12; C:\WINDOWS\System32\DRIVERS\HPZipr12.sys [16496 2007-11-01] (HP)
S3 HPZius12; C:\WINDOWS\System32\DRIVERS\HPZius12.sys [21568 2007-11-01] (HP)
R1 HWiNFO32; C:\WINDOWS\system32\drivers\HWiNFO32.SYS [23840 2015-08-20] (REALiX(tm))
S3 ms_mpu401; C:\WINDOWS\System32\drivers\msmpu401.sys [2944 2001-08-17] (Microsoft Corporation)
S3 NdisIP; C:\WINDOWS\System32\DRIVERS\NdisIP.sys [10880 2008-04-13] (Microsoft Corporation)
R3 pfc; C:\WINDOWS\System32\drivers\pfc.sys [9856 2007-07-25] (Padus, Inc.) [Fichier non signé]
R1 prodrv06; C:\WINDOWS\System32\drivers\prodrv06.sys [77184 2004-03-09] (Protection Technology) [Fichier non signé]
R0 prohlp02; C:\WINDOWS\System32\drivers\prohlp02.sys [65504 2004-03-09] (Protection Technology) [Fichier non signé]
R0 prosync1; C:\WINDOWS\System32\drivers\prosync1.sys [6944 2003-09-06] (Protection Technology) [Fichier non signé]
S3 RegFilter; C:\Program Files\IObit\IObit Malware Fighter\drivers\wxp_x86\regfilter.sys [31776 2015-03-25] (IObit.com)
S3 RT2500USB; C:\WINDOWS\System32\DRIVERS\rt2500usb.sys [140544 2004-08-13] (Ralink Technology Inc.)
S3 rtl8139; C:\WINDOWS\System32\DRIVERS\RTL8139.SYS [20992 2004-08-03] (Realtek Semiconductor Corporation)
R0 sfhlp01; C:\WINDOWS\System32\drivers\sfhlp01.sys [4832 2003-12-01] (Protection Technology) [Fichier non signé]
R0 SmartDefragDriver; C:\WINDOWS\System32\Drivers\SmartDefragDriver.sys [15808 2014-06-04] (IObit)
S3 UrlFilter; C:\Program Files\IObit\IObit Malware Fighter\drivers\wxp_x86\UrlFilter.sys [17360 2015-03-25] (IObit.com)
R0 viaagp1; C:\WINDOWS\System32\DRIVERS\viaagp1.sys [27904 2015-08-23] (VIA Technologies, Inc.)
R0 ViaIde; C:\WINDOWS\System32\DRIVERS\viaidexp.sys [6144 2001-10-18] (VIA Technologies, Inc.)
R1 VIAPFD; C:\WINDOWS\System32\Drivers\VIAPFD.SYS [3279 2001-12-18] (VIA Technologies. Inc.) [Fichier non signé]
S3 VIAudio; C:\WINDOWS\System32\drivers\viaudio.sys [54272 2002-05-22] (VIA Technologies, Inc.)
R0 videX32; C:\WINDOWS\System32\DRIVERS\videX32.sys [13976 2015-08-20] (VIA Technologies, Inc.)
S3 VNic; C:\WINDOWS\System32\DRIVERS\VNic.sys [57516 2003-06-03] (Provider) [Fichier non signé]
S1 wceusbsh; C:\WINDOWS\System32\DRIVERS\wceusbsh.sys [32128 2008-04-14] (Microsoft Corporation)
S3 xusb20; C:\WINDOWS\System32\DRIVERS\xusb20.sys [50048 2006-10-13] (Microsoft Corporation)
S3 APL531; System32\Drivers\ov550i.sys [X]
S4 IntelIde; pas de ImagePath
U4 RemoteRegistry; pas de ImagePath
U5 ScsiPort; C:\WINDOWS\system32\drivers\scsiport.sys [96384 2008-04-13] (Microsoft Corporation)

==================== NetSvcs (Avec liste blanche) ===================

(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)


==================== Un mois - Créés - fichiers et dossiers ========

(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)

2016-03-06 18:31 - 2016-03-06 18:35 - 00000000 ____D C:\Program Files\AdwCleaner
2016-03-03 19:44 - 2016-03-03 19:44 - 00000000 ____D C:\Documents and Settings\Gérard\Application Data\Avira
2016-03-03 19:43 - 2016-03-03 19:43 - 00000000 ____D C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Avira
2016-03-03 19:41 - 2016-02-18 09:49 - 00031848 _____ (Avira Operations GmbH & Co. KG) C:\WINDOWS\system32\Drivers\ssmdrv.sys
2016-03-03 19:40 - 2016-03-03 19:40 - 00000000 ____D C:\Program Files\Avira
2016-03-03 19:40 - 2016-02-18 09:49 - 00135760 _____ (Avira Operations GmbH & Co. KG) C:\WINDOWS\system32\Drivers\avipbb.sys
2016-03-03 19:40 - 2016-02-18 09:49 - 00106968 _____ (Avira Operations GmbH & Co. KG) C:\WINDOWS\system32\Drivers\avgntflt.sys
2016-03-03 19:40 - 2016-02-18 09:49 - 00037896 _____ (Avira Operations GmbH & Co. KG) C:\WINDOWS\system32\Drivers\avkmgr.sys
2016-03-03 18:06 - 2016-03-03 18:10 - 00000000 ____D C:\Program Files\Driver Magician
2016-03-03 18:06 - 2016-03-03 18:06 - 00000778 _____ C:\Documents and Settings\Gérard\Bureau\Driver Magician.lnk
2016-03-03 18:06 - 2016-03-03 18:06 - 00000000 ____D C:\Documents and Settings\Gérard\Application Data\Driver Magician
2016-03-03 18:06 - 2016-03-03 18:06 - 00000000 ____D C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Driver Magician
2016-03-03 18:06 - 2011-02-08 14:58 - 01882104 _____ (Codejock Software) C:\WINDOWS\system32\Codejock.Controls.v15.0.1.ocx
2016-03-03 18:06 - 2004-09-28 11:13 - 00526184 _____ (Xceed Software Inc (450) 442-2626 support@xceedsoft.com www.xceedsoft.com) C:\WINDOWS\system32\XceedCry.dll
2016-03-03 18:06 - 2004-08-11 15:55 - 00110602 _____ C:\WINDOWS\system32\xcdsfx32.bin
2016-03-02 18:21 - 2016-03-02 18:21 - 00000000 ___HD C:\WINDOWS\PIF
2016-02-26 03:42 - 2016-02-26 03:42 - 00000000 ____D C:\Documents and Settings\All Users\Menu Démarrer\Programmes\CCleaner
2016-02-25 22:18 - 2016-02-25 22:18 - 00000000 ____D C:\Documents and Settings\Gérard\Application Data\Wondershare
2016-02-25 22:17 - 2016-02-25 22:20 - 00000000 ___DC C:\Documents and Settings\All Users\Application Data\wondershare
2016-02-25 22:17 - 2015-02-27 10:35 - 00000232 _____ C:\WINDOWS\system32\dllhost.exe.config
2016-02-25 22:17 - 2015-02-25 14:38 - 00076288 _____ (Wondershare Software) C:\WINDOWS\system32\WSMonEditor.dll
2016-02-25 22:16 - 2016-02-25 22:16 - 00000842 _____ C:\Documents and Settings\All Users\Bureau\Wondershare PDFelement.lnk
2016-02-25 22:16 - 2016-02-25 22:16 - 00000000 ___DC C:\Documents and Settings\All Users\Application Data\PDFelement
2016-02-25 22:16 - 2016-02-25 22:16 - 00000000 ____D C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Wondershare
2016-02-25 22:15 - 2016-02-25 22:16 - 00000000 ____D C:\Program Files\Wondershare
2016-02-25 14:10 - 2016-02-25 14:10 - 00000000 ___DC C:\Documents and Settings\All Users\Application Data\LULU Software
2016-02-25 14:06 - 2016-02-28 23:27 - 00000000 ____D C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Soda PDF 8
2016-02-25 14:04 - 2016-02-25 14:04 - 00000000 ____D C:\Program Files\Fichiers communs\PDF Software
2016-02-25 14:00 - 2016-02-25 14:00 - 00000000 ___DC C:\Documents and Settings\All Users\Application Data\Soda PDF 8
2016-02-25 13:01 - 2016-02-25 13:01 - 00000000 ____D C:\Documents and Settings\Gérard\Local Settings\Application Data\Setup3661014
2016-02-25 12:33 - 2016-02-25 12:33 - 00000000 ____D C:\Documents and Settings\Gérard\Local Settings\Application Data\Setup1999304
2016-02-25 12:19 - 2016-02-25 12:19 - 00000000 ____D C:\Documents and Settings\Gérard\Local Settings\Application Data\Setup1178704
2016-02-21 04:23 - 2016-03-07 12:03 - 00032106 _____ C:\WINDOWS\SchedLgU.Txt
2016-02-19 13:21 - 2016-03-07 13:49 - 00000282 _____ C:\WINDOWS\Tasks\Driver Booster Scheduler.job
2016-02-19 13:20 - 2016-03-02 19:05 - 00000000 ____D C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Driver Booster 3
2016-02-19 13:18 - 2016-02-19 13:18 - 00000000 ____D C:\Documents and Settings\Gérard\IObit
2016-02-19 13:17 - 2016-02-22 18:57 - 00001813 _____ C:\Documents and Settings\All Users\Menu Démarrer\Programmes\IObit Uninstaller.lnk
2016-02-19 13:17 - 2016-02-22 18:57 - 00001807 _____ C:\Documents and Settings\All Users\Bureau\IObit Uninstaller.lnk
2016-02-19 13:17 - 2016-02-22 18:57 - 00000000 ____D C:\Documents and Settings\All Users\Menu Démarrer\Programmes\IObit Uninstaller
2016-02-17 02:34 - 2016-02-17 02:34 - 00000788 _____ C:\Documents and Settings\Gérard\Menu Démarrer\Programmes\Windows Media Player.lnk
2016-02-17 01:51 - 2016-03-07 13:08 - 02080256 _____ C:\Documents and Settings\Gérard\ZHPCleaner.exe
2016-02-16 21:09 - 2016-02-16 21:09 - 00000000 ____D C:\Documents and Settings\Gérard\Application Data\OpenOffice
2016-02-16 13:23 - 2016-03-07 19:42 - 00001002 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2016-02-16 13:21 - 2016-02-16 13:21 - 00000000 ____D C:\Program Files\Fichiers communs\Java
2016-02-16 12:33 - 2016-03-07 14:14 - 00000000 ____D C:\Documents and Settings\Gérard\Application Data\vlc
2016-02-16 12:32 - 2016-02-16 12:32 - 00000719 _____ C:\Documents and Settings\All Users\Bureau\VLC media player.lnk
2016-02-16 12:32 - 2016-02-16 12:32 - 00000000 ____D C:\Documents and Settings\All Users\Menu Démarrer\Programmes\VideoLAN
2016-02-12 13:20 - 2016-02-12 13:20 - 00000000 ____D C:\Documents and Settings\Gérard\Local Settings\Application Data\Setup10758489
2016-02-12 12:28 - 2016-02-12 12:28 - 00000000 ____D C:\Documents and Settings\Gérard\Application Data\SumatraPDF
2016-02-12 10:55 - 2016-02-12 13:21 - 00000000 ____D C:\Program Files\Mozilla Firefox
2016-02-11 19:41 - 2016-02-11 19:42 - 00000000 ___SD C:\Documents and Settings\All Users\Menu Démarrer\Programmes\OpenOffice 4.1.2
2016-02-11 19:41 - 2016-02-11 19:41 - 00000841 _____ C:\Documents and Settings\All Users\Bureau\OpenOffice 4.1.2.lnk
2016-02-11 19:39 - 2016-02-11 19:39 - 00000000 ____D C:\Program Files\OpenOffice 4
2016-02-11 19:29 - 2016-02-11 19:29 - 00000000 ____D C:\Documents and Settings\All Users\Menu Démarrer\Programmes\CutePDF
2016-02-11 19:29 - 2016-01-22 16:56 - 00089008 _____ C:\WINDOWS\system32\cpwmon2k.dll
2016-02-11 19:28 - 2016-02-11 19:28 - 00000000 ____D C:\Program Files\GPLGS
2016-02-11 19:28 - 2016-02-11 19:28 - 00000000 ____D C:\Program Files\Acro Software
2016-02-11 19:10 - 2016-02-25 18:43 - 00065536 _____ C:\WINDOWS\system32\config\Reason.evt
2016-02-11 18:58 - 2016-02-11 18:58 - 00000000 ____D C:\Documents and Settings\Gérard\Local Settings\Application Data\Setup103988167
2016-02-10 19:31 - 2016-03-04 19:42 - 00001804 _____ C:\Documents and Settings\All Users\Bureau\Advanced SystemCare 9.lnk
2016-02-06 12:52 - 2016-02-06 12:52 - 00000000 ___DC C:\Documents and Settings\Gérard\Application Data\updates
2016-02-06 12:52 - 2016-02-06 12:52 - 00000000 ___DC C:\Documents and Settings\Gérard

==================== Un mois - Modifiés - fichiers et dossiers ========

(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)

2016-03-07 19:42 - 2006-08-24 11:01 - 00000000 ____D C:\Documents and Settings\Gérard\Local Settings\Temp
2016-03-07 19:41 - 2015-12-25 12:41 - 00000000 ___DC C:\FRST
2016-03-07 13:52 - 2015-08-19 10:28 - 00000174 ____C C:\ASWL2K.ini
2016-03-07 13:51 - 2004-08-05 13:00 - 00012044 _____ C:\WINDOWS\system32\wpa.dbl
2016-03-07 13:50 - 2015-08-20 17:10 - 00000280 _____ C:\WINDOWS\Tasks\SmartDefrag4_Update.job
2016-03-07 13:49 - 2015-12-21 13:53 - 00000278 _____ C:\WINDOWS\Tasks\ASC9_PerformanceMonitor.job
2016-03-07 13:49 - 2015-08-20 17:28 - 00000000 _____ C:\WINDOWS\system32\NvApps.xml
2016-03-07 13:49 - 2015-08-20 17:10 - 00000282 _____ C:\WINDOWS\Tasks\SmartDefrag4_Startup.job
2016-03-07 13:49 - 2006-08-24 10:02 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2016-03-07 13:23 - 2016-01-26 12:47 - 00003776 _____ C:\Documents and Settings\Gérard\Bureau\ZHPCleaner.txt
2016-03-07 13:23 - 2015-12-25 16:15 - 00000000 ____D C:\Documents and Settings\Gérard\Application Data\ZHP
2016-03-07 13:23 - 2006-08-24 11:01 - 00000000 ____D C:\Documents and Settings\Gérard\Bureau
2016-03-07 13:08 - 2006-08-24 11:01 - 00000000 ____D C:\Documents and Settings\Gérard
2016-03-07 12:13 - 2006-08-24 09:57 - 00023392 _____ C:\WINDOWS\system32\nscompat.tlb
2016-03-07 12:13 - 2006-08-24 09:57 - 00016832 _____ C:\WINDOWS\system32\amcompat.tlb
2016-03-07 12:01 - 2006-08-24 11:01 - 00000284 ___SH C:\Documents and Settings\Gérard\ntuser.ini
2016-03-06 18:47 - 2015-08-20 19:52 - 32419840 _____ C:\WINDOWS\system32\config\software.iobit
2016-03-06 18:47 - 2015-08-20 19:52 - 01982464 _____ C:\WINDOWS\system32\config\default.iobit
2016-03-06 18:47 - 2015-08-20 19:52 - 00053248 _____ C:\WINDOWS\system32\config\SECURITY.iobit
2016-03-06 18:47 - 2015-08-20 19:52 - 00024576 _____ C:\WINDOWS\system32\config\SAM.iobit
2016-03-06 18:47 - 2006-08-24 10:02 - 00000000 __SHD C:\Documents and Settings\NetworkService
2016-03-06 18:47 - 2006-08-24 10:02 - 00000000 __SHD C:\Documents and Settings\LocalService
2016-03-06 18:37 - 2006-08-24 10:02 - 00000184 __SHC C:\Documents and Settings\LocalService\ntuser.ini
2016-03-04 21:32 - 2006-08-24 11:43 - 00000000 ____D C:\Documents and Settings\All Users\Bureau
2016-03-03 19:43 - 2006-08-24 11:43 - 00000000 ____D C:\Documents and Settings\All Users\Menu Démarrer\Programmes
2016-03-03 19:40 - 2015-08-19 11:11 - 00000000 ___DC C:\Documents and Settings\All Users\Application Data\Avira
2016-03-03 19:24 - 2016-01-02 13:09 - 00000000 ___DC C:\Documents and Settings\All Users\Application Data\AVAST Software
2016-03-02 19:05 - 2015-08-20 16:41 - 00000000 ___DC C:\Documents and Settings\All Users\Application Data\IObit
2016-03-02 19:05 - 2015-08-20 16:41 - 00000000 ____D C:\Program Files\IObit
2016-03-02 19:02 - 2015-08-20 16:42 - 00000000 ___DC C:\Documents and Settings\All Users\Application Data\ProductData
2016-02-27 11:28 - 2006-08-24 11:43 - 00512976 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2016-02-26 03:52 - 2015-12-30 13:01 - 00000000 ____D C:\Program Files\CCleaner
2016-02-26 03:42 - 2015-12-30 13:01 - 00000682 _____ C:\Documents and Settings\All Users\Bureau\CCleaner.lnk
2016-02-26 02:47 - 2015-12-24 18:40 - 00000000 ____D C:\Program Files\WinRAR
2016-02-25 22:18 - 2012-08-01 19:42 - 00125856 _____ C:\Documents and Settings\Gérard\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
2016-02-25 14:04 - 2006-08-24 11:44 - 00000000 ____D C:\Program Files\Fichiers communs
2016-02-25 13:03 - 2006-08-24 17:21 - 00000000 ____D C:\Documents and Settings\Gérard\Local Settings\Application Data\Adobe
2016-02-25 13:01 - 2015-12-29 03:51 - 00000000 ____D C:\Documents and Settings\Gérard\Local Settings\Application Data\ceta
2016-02-25 12:58 - 2016-01-05 19:37 - 00000141 _____ C:\Documents and Settings\NetworkService\Application Data\WB.CFG
2016-02-22 18:57 - 2006-08-24 11:01 - 00000000 ___HD C:\Documents and Settings\Gérard\Modèles
2016-02-21 05:06 - 2016-01-02 17:55 - 00000000 ____D C:\WINDOWS\system32\config\SM Registry Backup
2016-02-17 02:34 - 2006-08-24 11:01 - 00000000 ___RD C:\Documents and Settings\Gérard\Menu Démarrer\Programmes
2016-02-17 02:27 - 2015-08-20 16:41 - 00000000 ____D C:\Documents and Settings\Gérard\Application Data\IObit
2016-02-17 02:24 - 2006-08-24 11:32 - 00000000 RSHDC C:\WINDOWS\system32\dllcache
2016-02-17 01:51 - 2015-12-25 16:15 - 00000587 _____ C:\Documents and Settings\Gérard\Bureau\ZHPCleaner.lnk
2016-02-17 01:49 - 2016-01-26 04:13 - 00289718 _____ C:\Documents and Settings\Gérard\ZHPDiag3.exe
2016-02-17 01:49 - 2016-01-01 16:31 - 00000575 _____ C:\Documents and Settings\Gérard\Bureau\ZHPDiag.lnk
2016-02-16 13:24 - 2015-08-19 11:56 - 00796864 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerApp.exe
2016-02-16 13:24 - 2015-08-19 11:56 - 00142528 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerCPLApp.cpl
2016-02-16 13:20 - 2015-08-23 20:43 - 00000000 ____D C:\Documents and Settings\Gérard\.oracle_jre_usage
2016-02-16 13:19 - 2015-08-23 20:42 - 00000000 ____D C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Java
2016-02-16 13:18 - 2015-08-23 20:43 - 00153088 _____ (Oracle Corporation) C:\WINDOWS\system32\javacpl.cpl
2016-02-16 13:18 - 2015-08-23 20:42 - 00095840 _____ (Oracle Corporation) C:\WINDOWS\system32\WindowsAccessBridge.dll
2016-02-16 13:15 - 2015-08-23 20:40 - 00000000 ____D C:\Program Files\Java
2016-02-16 12:33 - 2012-02-11 21:13 - 00000000 ____D C:\Documents and Settings\Gérard\Application Data\dvdcss
2016-02-16 12:30 - 2006-08-24 11:09 - 00000000 ____D C:\Program Files\VideoLAN
2016-02-13 13:02 - 2015-08-20 16:25 - 00000000 ____D C:\Program Files\Mozilla Maintenance Service
2016-02-13 04:33 - 2015-12-27 16:47 - 00431136 _____ C:\Documents and Settings\LocalService\Local Settings\Application Data\FontCache3.0.0.0.dat
2016-02-12 13:21 - 2016-01-02 16:52 - 00000000 ____D C:\Documents and Settings\Gérard\Local Settings\Application Data\lore
2016-02-11 19:41 - 2006-08-24 11:43 - 00000000 ___HD C:\Documents and Settings\All Users\Modèles
2016-02-10 19:31 - 2015-12-21 13:53 - 00000000 ____D C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Advanced SystemCare
2016-02-10 10:51 - 2015-08-19 13:58 - 00000000 ____D C:\WINDOWS\system32\MRT
2016-02-10 10:27 - 2006-08-24 14:23 - 144254680 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2016-02-09 11:34 - 2015-12-27 18:30 - 00000000 ____D C:\WINDOWS\Tasks\IObitDisabled
2016-02-06 13:46 - 2016-02-05 19:31 - 00000000 ___DC C:\Documents and Settings\All Users\Application Data\Unchecky
2016-02-06 12:52 - 2006-08-24 11:43 - 00000000 ___DC C:\Documents and Settings

==================== Fichiers à la racine de certains dossiers =======

2007-01-19 22:00 - 2007-01-19 22:00 - 0000104 ____C () C:\Program Files\Internet.lnk
2006-08-24 16:33 - 2006-08-24 16:33 - 0000756 ____C () C:\Program Files\Nero Express.lnk
2009-07-17 17:48 - 2009-07-17 17:48 - 0000788 ____C () C:\Program Files\Windows Media Player.lnk
2012-08-01 19:31 - 2016-01-27 09:04 - 0020480 _____ () C:\Documents and Settings\Gérard\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2016-01-29 13:40 - 2016-01-29 13:40 - 0050608 ____C () C:\Documents and Settings\All Users\Application Data\1454071152.bdinstall.bin
2016-01-29 19:20 - 2016-01-29 19:20 - 0056721 ____C () C:\Documents and Settings\All Users\Application Data\1454071304.bdinstall.bin
2016-01-31 02:19 - 2016-01-31 02:19 - 0056204 ____C () C:\Documents and Settings\All Users\Application Data\1454202881.bdinstall.bin
2008-04-02 18:13 - 2008-04-02 18:13 - 0000305 ____C () C:\Documents and Settings\All Users\Application Data\addr_file.html
2015-08-26 12:02 - 2015-08-26 12:02 - 0000057 ____C () C:\Documents and Settings\All Users\Application Data\Ament.ini

Fichiers à déplacer ou supprimer:
====================
C:\Documents and Settings\Gérard\ZHPCleaner.exe
C:\Documents and Settings\Gérard\ZHPDiag3.exe


Certains fichiers dans TEMP:
====================
C:\Documents and Settings\Gérard\Local Settings\Temp\avgnt.exe
C:\Documents and Settings\Gérard\Local Settings\Temp\sqlite3.dll


==================== Bamital & volsnap =================

(Il n'y a pas de correction automatique pour les fichiers qui ne satisfont pas à la vérification.)

C:\WINDOWS\explorer.exe => Le fichier est signé numériquement
C:\WINDOWS\system32\winlogon.exe => Le fichier est signé numériquement
C:\WINDOWS\system32\svchost.exe => Le fichier est signé numériquement
C:\WINDOWS\system32\services.exe => Le fichier est signé numériquement
C:\WINDOWS\system32\User32.dll => Le fichier est signé numériquement
C:\WINDOWS\system32\userinit.exe => Le fichier est signé numériquement
C:\WINDOWS\system32\rpcss.dll => Le fichier est signé numériquement
C:\WINDOWS\system32\dnsapi.dll => Le fichier est signé numériquement
C:\WINDOWS\system32\Drivers\volsnap.sys => Le fichier est signé numériquement

==================== Fin de FRST.txt ============================

Publicité


Signaler le contenu de ce document

Publicité