Résultats d'analyse de Farbar Recovery Scan Tool (FRST) (x86) Version:25-08-2015 02 Exécuté par Guy (administrateur) sur HEDEN (26-08-2015 19:06:18) Exécuté depuis D:\Utilisateurs\Guy\Téléchargements Profils chargés: Guy (Profils disponibles: Guy) Platform: Microsoft Windows XP Professionnel Service Pack 3 (X86) Langue: Français (France) Internet Explorer Version 8 (Navigateur par défaut: FF) Mode d'amorçage: Normal Tutoriel pour Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processus (Avec liste blanche) ================= (Si un élément est inclus dans le fichier fixlist.txt, le processus sera arrêté. Le fichier ne sera pas déplacé.) (Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\sched.exe (Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avguard.exe (Schneider Electric) C:\Program Files\APC\PowerChute Personal Edition\mainserv.exe (BonSoft) C:\Program Files\ClocX\ClocX.exe (Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Symantec Corporation) C:\Program Files\Norton Ghost\Agent\VProTray.exe (Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AviraSpeedup\avira_system_speedup.exe (Microsoft Corporation) C:\WINDOWS\system32\dllhost.exe () C:\Program Files\Orange\Assistance Livebox\dedicarz\DedicarzService.exe (Microsoft Corporation) C:\Program Files\Messenger\msmsgs.exe (Piriform Ltd) C:\Program Files\CCleaner\CCleaner.exe (Nero AG) C:\Program Files\Nero\Nero 7\InCD\InCDsrv.exe (Hewlett-Packard Company) C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe (Malwarebytes Corporation) C:\Program Files\Malwarebytes Anti-Malware\mbamscheduler.exe (Malwarebytes Corporation) C:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe (Microsoft Corporation) C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE (Symantec Corporation) C:\Program Files\Norton Ghost\Agent\VProSvc.exe (Malwarebytes Corporation) C:\Program Files\Malwarebytes Anti-Malware\mbam.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NetService\NvNetworkService.exe (NVIDIA Corporation) C:\WINDOWS\system32\nvsvc32.exe (Symantec Corporation) C:\Program Files\Symantec\LiveUpdate\AluSchedulerSvc.exe (TeamViewer GmbH) C:\Program Files\TeamViewer\TeamViewer_Service.exe (Schneider Electric) C:\Program Files\APC\PowerChute Personal Edition\dataserv.exe (Avira Operations GmbH & Co. KG) C:\Program Files\Avira\Launcher\Avira.ServiceHost.exe (Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avshadow.exe (Microsoft Corporation) C:\WINDOWS\system32\imapi.exe (Avira Operations GmbH & Co. KG) C:\Program Files\Avira\Launcher\Avira.Systray.exe (Microsoft Corporation) C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe (Microsoft Corporation) C:\Program Files\Outlook Express\msimn.exe (Microsoft Corporation) C:\WINDOWS\system32\dllhost.exe ==================== Registre (Avec liste blanche) =========================== (Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé. Le fichier ne sera pas déplacé.) HKLM\...\Run: [ClocX] => C:\Program Files\ClocX\ClocX.exe [270336 2007-07-26] (BonSoft) HKLM\...\Run: [avgnt] => C:\Program Files\Avira\AntiVir Desktop\avgnt.exe [730416 2015-06-18] (Avira Operations GmbH & Co. KG) HKLM\...\Run: [Norton Ghost 12.0] => C:\Program Files\Norton Ghost\Agent\VProTray.exe [2037096 2008-11-12] (Symantec Corporation) HKLM\...\Run: [NvCplDaemon] => RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup HKLM\...\Run: [QuickTime Task] => C:\Program Files\QuickTime\qttask.exe [421888 2014-10-02] (Apple Inc.) HKLM\...\Run: [] => [X] HKLM\...\Run: [Avira SystrayStartTrigger] => C:\Program Files\Avira\Launcher\Avira.SystrayStartTrigger.exe [66936 2015-08-03] (Avira Operations GmbH & Co. KG) HKLM\...\Run: [Avira System Speedup] => C:\Program Files\Avira\AviraSpeedup\avira_system_speedup.exe [10551008 2015-06-17] (Avira Operations GmbH & Co. KG) HKLM\...\Run: [Speedup_umh] => C:\Program Files\Avira\AviraSpeedup\Speedup_umh.exe [194832 2015-06-17] (Avira Operations GmbH & Co. KG) HKU\S-1-5-21-1935655697-1383384898-1801674531-1003\...\Run: [MSMSGS] => C:\Program Files\Messenger\msmsgs.exe [1695232 2008-04-13] (Microsoft Corporation) HKU\S-1-5-21-1935655697-1383384898-1801674531-1003\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner.exe [6453528 2015-07-17] (Piriform Ltd) ShellIconOverlayIdentifiers: [Fichiers hors connexion] -> {750fdf0e-2a26-11d1-a3ea-080036587f03} => C:\WINDOWS\System32\cscui.dll [2008-04-13] (Microsoft Corporation) ==================== Internet (Avec liste blanche) ==================== (Si un élément est inclus dans le fichier fixlist.txt, s'il s'agit d'un élément du Registre, il sera supprimé ou restauré à la valeur par défaut.) HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = about:blank HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = about:blank HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank HKU\S-1-5-21-1935655697-1383384898-1801674531-1003\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.orange.fr/ HKU\S-1-5-21-1935655697-1383384898-1801674531-1003\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://fr.msn.com/?ocid=iehp HKLM\SOFTWARE\Microsoft\Internet Explorer\AboutURLs,Tabs: "about:newtab" <======= ATTENTION SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\S-1-5-21-1935655697-1383384898-1801674531-1003 -> {012E1000-F331-11DB-8314-0800200C9A66} URL = hxxp://www.google.com/search?q={searchTerms} BHO: HP Print Enhancer -> {0347C33E-8762-4905-BF09-768834316C61} -> C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll [2009-10-22] (Hewlett-Packard Co.) BHO: Module complémentaire de navigateur pour la désactivation de Google Analytics -> {75EF13CE-B59E-41ba-8A5A-A944031BD8B4} -> C:\Program Files\Google\Google Analytics Opt-Out\gaoptout.dll [2014-04-03] (Google, Inc.) BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_25\bin\ssv.dll [2014-12-12] (Oracle Corporation) BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2015-07-15] (Google Inc.) BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_25\bin\jp2ssv.dll [2014-12-12] (Oracle Corporation) BHO: HP Smart BHO Class -> {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} -> C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll [2009-10-22] (Hewlett-Packard Co.) Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2015-07-15] (Google Inc.) DPF: {166B1BCA-3F9C-11CF-8075-444553540000} hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab DPF: {42F2D240-B23C-11D6-8C73-70A05DC10000} hxxp://dl.logicielsgratuits.orange.fr/softs/orangeinstaller/src/win/Orange_Install.exe DPF: {5AE58FCF-6F6A-49B2-B064-02492C66E3F4} hxxp://catalog.update.microsoft.com/v7/site/ClientControl/en/x86/MuCatalogWebControl.cab?1426059605625 DPF: {867E13F2-7F31-44FB-AC97-CD38E0DC46EF} hxxp://fichiers2.touslesdrivers.com/maconfig/MaConfig_6_5_0_3.cab Handler: http\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL [2009-02-26] (Microsoft Corporation) Handler: http\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL [2009-02-26] (Microsoft Corporation) Handler: https\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL [2009-02-26] (Microsoft Corporation) Handler: https\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL [2009-02-26] (Microsoft Corporation) Handler: ipp\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL [2009-02-26] (Microsoft Corporation) Handler: mctp - {d7b95390-b1c5-11d0-b111-0080c712fe82} - Pas de fichier Handler: ms-help - {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files\Fichiers communs\Microsoft Shared\Help\hxds.dll [2006-10-26] (Microsoft Corporation) Handler: ms-itss - {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Program Files\Fichiers communs\Microsoft Shared\Information Retrieval\MSITSS.DLL [2000-04-19] (Microsoft Corporation) Handler: msdaipp\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL [2009-02-26] (Microsoft Corporation) Handler: msdaipp\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL [2009-02-26] (Microsoft Corporation) Tcpip\Parameters: [DhcpNameServer] 192.168.1.1 Tcpip\..\Interfaces\{D69D8822-2030-4DF9-9A21-308D4C8F92DA}: [DhcpNameServer] 192.168.1.1 FireFox: ======== FF ProfilePath: C:\Documents and Settings\Guy.HEDEN\Application Data\Mozilla\Firefox\Profiles\etkfrf04.default-1434707507531 FF Homepage: about:home FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF32_18_0_0_232.dll [2015-08-16] () FF Plugin: @adobe.com/ShockwavePlayer -> C:\WINDOWS\system32\Adobe\Director\np32dsw_1218158.dll [2015-04-17] (Adobe Systems, Inc.) FF Plugin: @Google.com/GoogleEarthPlugin -> C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll [2015-05-21] (Google) FF Plugin: @java.com/DTPlugin,version=11.25.2 -> C:\Program Files\Java\jre1.8.0_25\bin\dtplugin\npDeployJava1.dll [2014-12-12] (Oracle Corporation) FF Plugin: @java.com/JavaPlugin,version=11.25.2 -> C:\Program Files\Java\jre1.8.0_25\bin\plugin2\npjp2.dll [2014-12-12] (Oracle Corporation) FF Plugin: @Microsoft.com/DownloadManager,version=1.1 -> C:\WINDOWS\ [2014-12-12] () FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-13] ( Microsoft Corporation) FF Plugin: @microsoft.com/WPF,version=3.5 -> C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll [2008-07-30] (Microsoft Corporation) FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.28.1\npGoogleUpdate3.dll [2015-07-15] (Google Inc.) FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.28.1\npGoogleUpdate3.dll [2015-07-15] (Google Inc.) FF Plugin: @videolan.org/vlc,version=2.0.7 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2015-02-27] (VideoLAN) FF Plugin: @videolan.org/vlc,version=2.1.3 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2015-02-27] (VideoLAN) FF Plugin: @videolan.org/vlc,version=2.2.0 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2015-02-27] (VideoLAN) FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2014-12-03] (Adobe Systems Inc.) FF Extension: Adblock Plus - C:\Documents and Settings\Guy.HEDEN\Application Data\Mozilla\Firefox\Profiles\etkfrf04.default-1434707507531\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2015-06-20] FF HKLM\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 FF Extension: HP Smart Web Printing - C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2015-08-16] FF HKU\S-1-5-21-1935655697-1383384898-1801674531-1003\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 Chrome: ======= CHR Profile: C:\Documents and Settings\Guy.HEDEN\Local Settings\Application Data\Google\Chrome\User Data\Default CHR Extension: (Google Docs) - C:\Documents and Settings\Guy.HEDEN\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2013-06-22] CHR Extension: (Google Drive) - C:\Documents and Settings\Guy.HEDEN\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2013-06-22] CHR Extension: (Google Search) - C:\Documents and Settings\Guy.HEDEN\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2013-06-22] CHR Extension: (Chrome Hotword Shared Module) - C:\Documents and Settings\Guy.HEDEN\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-03-22] CHR Extension: (Chrome Web Store Payments) - C:\Documents and Settings\Guy.HEDEN\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-22] CHR Extension: (Gmail) - C:\Documents and Settings\Guy.HEDEN\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2013-06-22] CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - https://clients2.google.com/service/update2/crx ==================== Services (Avec liste blanche) ======================== (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.) S2 AntiVirMailService; C:\Program Files\Avira\AntiVir Desktop\avmailc.exe [825136 2015-06-18] (Avira Operations GmbH & Co. KG) R2 AntiVirSchedulerService; C:\Program Files\Avira\AntiVir Desktop\sched.exe [450808 2015-06-18] (Avira Operations GmbH & Co. KG) R2 AntiVirService; C:\Program Files\Avira\AntiVir Desktop\avguard.exe [450808 2015-06-18] (Avira Operations GmbH & Co. KG) S2 AntiVirWebService; C:\Program Files\Avira\AntiVir Desktop\AVWEBGRD.EXE [1187336 2015-06-18] (Avira Operations GmbH & Co. KG) R2 APC Data Service; C:\Program Files\APC\PowerChute Personal Edition\dataserv.exe [21880 2012-01-24] (Schneider Electric) R2 APC UPS Service; C:\Program Files\APC\PowerChute Personal Edition\mainserv.exe [705912 2012-01-24] (Schneider Electric) R2 Avira.ServiceHost; C:\Program Files\Avira\Launcher\Avira.ServiceHost.exe [227592 2015-08-03] (Avira Operations GmbH & Co. KG) R2 Dedicarz Service; C:\Program Files\Orange\Assistance Livebox\dedicarz\DedicarzService.exe [1966960 2013-06-10] () [Fichier non signé] S3 IDriverT; C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-04] (Macrovision Corporation) [Fichier non signé] R2 InCDsrv; C:\Program Files\Nero\Nero 7\InCD\InCDsrv.exe [1550896 2007-05-15] (Nero AG) R2 LightScribeService; C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe [75304 2007-04-19] (Hewlett-Packard Company) S3 LiveUpdate; C:\Program Files\Symantec\LiveUpdate\LuComServer_3_2.EXE [2999664 2007-09-26] (Symantec Corporation) R2 MBAMScheduler; C:\Program Files\Malwarebytes Anti-Malware\mbamscheduler.exe [1871160 2015-06-18] (Malwarebytes Corporation) R2 MBAMService; C:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe [1133880 2015-06-18] (Malwarebytes Corporation) R2 MDM; C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE [322120 2003-06-19] (Microsoft Corporation) R2 Net Driver HPZ12; C:\WINDOWS\system32\HPZinw12.dll [44032 2010-08-06] (Hewlett-Packard) [Fichier non signé] S3 NMIndexingService; C:\Program Files\Fichiers communs\Ahead\Lib\NMIndexingService.exe [271920 2007-05-08] (Nero AG) R2 Norton Ghost; C:\Program Files\Norton Ghost\Agent\VProSvc.exe [3425632 2008-11-12] (Symantec Corporation) R2 NvNetworkService; C:\Program Files\NVIDIA Corporation\NetService\NvNetworkService.exe [1617696 2014-04-30] (NVIDIA Corporation) S3 odserv; C:\Program Files\Fichiers communs\Microsoft Shared\OFFICE12\ODSERV.EXE [440696 2011-07-20] (Microsoft Corporation) S3 ose; C:\Program Files\Fichiers communs\Microsoft Shared\Source Engine\OSE.EXE [145184 2006-10-26] (Microsoft Corporation) R2 Planificateur LiveUpdate automatique; C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe [554352 2007-09-26] (Symantec Corporation) R2 Pml Driver HPZ12; C:\WINDOWS\system32\HPZipm12.dll [53760 2010-08-06] (Hewlett-Packard) [Fichier non signé] R2 TeamViewer; C:\Program Files\TeamViewer\TeamViewer_Service.exe [5495056 2015-06-01] (TeamViewer GmbH) S2 HOSTS Anti-PUPs; C:\Program Files\Hosts_Anti_Adwares_PUPs\HOSTS_Anti-Adware.exe -update [X] ===================== Pilotes (Avec liste blanche) ========================== (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.) R1 AmdPPM; C:\WINDOWS\System32\DRIVERS\AmdPPM.sys [33792 2007-04-16] (Advanced Micro Devices) R2 avgntflt; C:\WINDOWS\System32\DRIVERS\avgntflt.sys [108448 2015-06-18] (Avira Operations GmbH & Co. KG) R1 avipbb; C:\WINDOWS\System32\DRIVERS\avipbb.sys [136728 2015-06-18] (Avira Operations GmbH & Co. KG) R1 avkmgr; C:\WINDOWS\System32\DRIVERS\avkmgr.sys [37896 2015-05-19] (Avira Operations GmbH & Co. KG) S3 CCDECODE; C:\WINDOWS\System32\DRIVERS\CCDECODE.sys [17024 2008-04-13] (Microsoft Corporation) S3 FsUsbExDisk; C:\WINDOWS\system32\FsUsbExDisk.SYS [36608 2010-06-14] () [Fichier non signé] S3 HPZid412; C:\WINDOWS\System32\DRIVERS\HPZid412.sys [49920 2009-08-05] (HP) S3 HPZipr12; C:\WINDOWS\System32\DRIVERS\HPZipr12.sys [16496 2009-08-05] (HP) S3 HPZius12; C:\WINDOWS\System32\DRIVERS\HPZius12.sys [21568 2009-08-05] (HP) R4 InCDfs; C:\WINDOWS\System32\drivers\InCDFs.sys [118576 2007-05-15] (Nero AG) R1 InCDPass; C:\WINDOWS\System32\drivers\InCDPass.sys [37040 2007-05-15] (Nero AG) U1 InCDrec; C:\WINDOWS\system32\Drivers\InCDrec.sys [16304 2007-05-15] (Nero AG) R1 incdrm; C:\WINDOWS\System32\drivers\InCDRm.sys [38576 2007-05-15] (Nero AG) R2 mbamchameleon; C:\WINDOWS\system32\drivers\mbamchameleon.sys [121560 2015-06-18] (Malwarebytes Corporation) R3 MBAMProtector; C:\WINDOWS\system32\drivers\mbam.sys [23256 2015-06-18] (Malwarebytes Corporation) R3 MBAMSwissArmy; C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [98520 2015-08-26] (Malwarebytes Corporation) R3 MTsensor; C:\WINDOWS\System32\DRIVERS\ASACPI.sys [5810 2006-02-26] () [Fichier non signé] S3 NdisIP; C:\WINDOWS\System32\DRIVERS\NdisIP.sys [10880 2008-04-13] (Microsoft Corporation) R3 NVENETFD; C:\WINDOWS\System32\DRIVERS\NVENETFD.sys [66688 2009-07-01] (NVIDIA Corporation) R3 NVHDA; C:\WINDOWS\System32\drivers\nvhda32.sys [129312 2014-05-20] (NVIDIA Corporation) R3 nvnetbus; C:\WINDOWS\System32\DRIVERS\nvnetbus.sys [13824 2009-07-01] (NVIDIA Corporation) R1 ssmdrv; C:\WINDOWS\System32\DRIVERS\ssmdrv.sys [31848 2015-06-18] (Avira Operations GmbH & Co. KG) R2 StarOpen; C:\WINDOWS\system32\Drivers\StarOpen.sys [13120 2013-08-25] () S1 UimBus; C:\WINDOWS\System32\DRIVERS\UimBus.sys [45240 2012-02-21] (Windows (R) 2000 DDK provider) S1 Uim_IM; C:\WINDOWS\System32\Drivers\Uim_IM.sys [441608 2012-02-21] (Paragon) S1 Uim_Vim; C:\WINDOWS\System32\Drivers\Uim_Vim.sys [277576 2012-02-21] (Paragon) R2 v2imount; C:\WINDOWS\System32\DRIVERS\v2imount.sys [37864 2007-03-28] (Symantec Corporation) R3 VIAHdAudAddService; C:\WINDOWS\System32\drivers\viahduaa.sys [1390976 2009-08-17] (VIA Technologies, Inc.) S3 VProEventMonitor; C:\WINDOWS\System32\DRIVERS\vproeventmonitor.sys [14072 2007-07-31] (Symantec Corporation) S3 wceusbsh; C:\WINDOWS\System32\DRIVERS\wceusbsh.sys [104064 2004-12-06] (Microsoft Corporation) S3 WPRO_41_2001; C:\WINDOWS\System32\drivers\WPRO_41_2001.sys [35088 2013-09-24] () S4 IntelIde; pas de ImagePath S3 NPF; system32\drivers\NPF.sys [X] U5 UnlockerDriver5; C:\Program Files\Unlocker\UnlockerDriver5.sys [4096 2010-07-04] () [Fichier non signé] U1 WS2IFSL; pas de ImagePath ========================== MD5 Pilotes ======================= C:\WINDOWS\System32\DRIVERS\ACPI.sys E5E6DBFC41EA8AAD005CB9A57A96B43B C:\WINDOWS\system32\Drivers\ACPIEC.sys E4ABC1212B70BB03D35E60681C447210 C:\WINDOWS\System32\drivers\aec.sys 8BED39E3C35D6A489438B8141717A557 C:\WINDOWS\System32\drivers\afd.sys D80ED631D3AFD47C27311B0614AFA89F C:\WINDOWS\System32\DRIVERS\AmdPPM.sys 033448D435E65C4BD72E70521FD05C76 C:\WINDOWS\System32\DRIVERS\asyncmac.sys B153AFFAC761E7F5FCFA822B9C4E97BC C:\WINDOWS\System32\DRIVERS\atapi.sys 9F3A2F5AA6875C72BF062C712CFA2674 C:\WINDOWS\System32\DRIVERS\atmarpc.sys 9916C1225104BA14794209CFA8012159 C:\WINDOWS\System32\DRIVERS\audstub.sys D9F724AA26C010A217C97606B160ED68 C:\WINDOWS\System32\DRIVERS\avgntflt.sys 18FB1022DAFC9036ADA9ECF432FAFD06 C:\WINDOWS\System32\DRIVERS\avipbb.sys 062494C204553210FFC0FC33EA58EB36 C:\WINDOWS\System32\DRIVERS\avkmgr.sys F80F5DCA8A5D9D93CC5BE933D20CAF05 C:\WINDOWS\system32\Drivers\Beep.sys DA1F27D85E0D1525F6621372E7B685E9 C:\WINDOWS\system32\Drivers\cbidf2k.sys 90A673FC8E12A79AFBED2576F6A7AAF9 C:\WINDOWS\System32\DRIVERS\CCDECODE.sys 0BE5AEF125BE881C4F854C554F2B025C C:\WINDOWS\system32\Drivers\Cdaudio.sys C1B486A7658353D33A10CC15211A873B C:\WINDOWS\system32\Drivers\Cdfs.sys C885B02847F5D2FD45A24E219ED93B32 C:\WINDOWS\System32\DRIVERS\cdrom.sys 1F4260CC5B42272D71F79E570A27A4FE C:\WINDOWS\System32\DRIVERS\compbatt.sys 6E4C9F21F0FAE8940661144F41B13203 C:\WINDOWS\System32\DRIVERS\disk.sys 044452051F3E02E7963599FC8F4F3E25 C:\WINDOWS\System32\drivers\dmboot.sys F5DEADD42335FB33EDCA74ECB2F36CBA C:\WINDOWS\System32\drivers\dmio.sys 5A7C47C9B3F9FB92A66410A7509F0C71 C:\WINDOWS\System32\drivers\dmload.sys E9317282A63CA4D188C0DF5E09C6AC5F C:\WINDOWS\System32\drivers\DMusic.sys 8A208DFCF89792A484E76C40E5F50B45 C:\WINDOWS\System32\drivers\drmkaud.sys 8F5FCFF8E8848AFAC920905FBD9D33C8 C:\WINDOWS\system32\Drivers\Fastfat.sys B2336BF17761662133F7646B503E3BE0 C:\WINDOWS\System32\DRIVERS\fdc.sys 92CDD60B6730B9F50F6A1A0C1F8CDC81 C:\WINDOWS\system32\Drivers\Fips.sys 31F923EB2170FC172C81ABDA0045D18C C:\WINDOWS\system32\Drivers\Flpydisk.sys 9D27E7B80BFCDF1CDD9B555862D5E7F0 C:\WINDOWS\System32\DRIVERS\fltMgr.sys B2CF4B0786F8212CB92ED2B50C6DB6B0 C:\WINDOWS\system32\FsUsbExDisk.SYS CBE5F69A5E5B918225F420BA748F3742 C:\WINDOWS\system32\Drivers\Fs_Rec.sys 3E1E2BD4F39B0E2B7DC4F4D2BCC2779A C:\WINDOWS\System32\DRIVERS\ftdisk.sys A86859B77B908C18C2657F284AA29FE3 C:\WINDOWS\System32\DRIVERS\GEARAspiWDM.sys F877C945233039914DBE63B76F9A1065 C:\WINDOWS\System32\DRIVERS\msgpc.sys 0A02C63C8B144BD8C86B103DEE7C86A2 C:\WINDOWS\System32\DRIVERS\HDAudBus.sys 573C7D0A32852B48F3058CFD8026F511 C:\WINDOWS\System32\DRIVERS\HidBatt.sys 748031FF4FE45CCC47546294905FEAB8 C:\WINDOWS\System32\DRIVERS\hidusb.sys CCF82C5EC8A7326C3066DE870C06DAF1 C:\WINDOWS\System32\DRIVERS\HPZid412.sys D03D10F7DED688FECF50F8FBF1EA9B8A C:\WINDOWS\System32\DRIVERS\HPZipr12.sys 89F41658929393487B6B7D13C8528CE3 C:\WINDOWS\System32\DRIVERS\HPZius12.sys ABCB05CCDBF03000354B9553820E39F8 C:\WINDOWS\System32\Drivers\HTTP.sys F80A415EF82CD06FFAF0D971528EAD38 C:\WINDOWS\System32\DRIVERS\i8042prt.sys A09BDC4ED10E3B2E0EC27BB94AF32516 C:\WINDOWS\System32\DRIVERS\imapi.sys 083A052659F5310DD8B6A6CB05EDCF8E C:\WINDOWS\System32\drivers\InCDFs.sys 7BFC3EDA22190C0FE8C2CA19E5379DA5 C:\WINDOWS\System32\drivers\InCDPass.sys FC4DBF18A4EB0D2FE3171471A3D0F9A8 C:\WINDOWS\system32\Drivers\InCDrec.sys F8E7C551DEF07FDC12CA5CC7AE5D975B C:\WINDOWS\System32\drivers\InCDRm.sys 31A5A3809249A326EB0EF58D563A9654 C:\WINDOWS\System32\DRIVERS\Ip6Fw.sys 3BB22519A194418D5FEC05D800A19AD0 C:\WINDOWS\System32\DRIVERS\ipfltdrv.sys 731F22BA402EE4B62748ADAF6363C182 C:\WINDOWS\System32\DRIVERS\ipinip.sys B87AB476DCF76E72010632B5550955F5 C:\WINDOWS\System32\DRIVERS\ipnat.sys CC748EA12C6EFFDE940EE98098BF96BB C:\WINDOWS\System32\DRIVERS\ipsec.sys 23C74D75E36E7158768DD63D92789A91 C:\WINDOWS\System32\DRIVERS\irenum.sys C93C9FF7B04D772627A3646D89F7BF89 C:\WINDOWS\System32\DRIVERS\isapnp.sys 355836975A67B6554BCA60328CD6CB74 C:\WINDOWS\System32\DRIVERS\kbdclass.sys 16813155807C6881F4BFBF6657424659 C:\WINDOWS\System32\DRIVERS\kbdhid.sys 94C59CB884BA010C063687C3A50DCE8E C:\WINDOWS\System32\drivers\kmixer.sys 692BCF44383D056AED41B045A323D378 C:\WINDOWS\system32\Drivers\KSecDD.sys F37A4B1F159578A554A9CE66E5BD5194 C:\WINDOWS\system32\drivers\mbamchameleon.sys E62A30916250120E2E1F99A140C4DD13 C:\WINDOWS\system32\drivers\mbam.sys B4CD87E78A01562E3DA67FE1C2779204 C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys 739164A8B8FB2F1B50A498F20AF7B21E C:\WINDOWS\system32\Drivers\mnmdd.sys 4AE068242760A1FB6E1A44BF4E16AFA6 C:\WINDOWS\system32\Drivers\Modem.sys 510ADE9327FE84C10254E1902697E25F C:\WINDOWS\System32\DRIVERS\mouclass.sys 027C01BD7EF3349AAEBC883D8A799EFB C:\WINDOWS\System32\DRIVERS\mouhid.sys 124D6846040C79B9C997F78EF4B2A4E5 C:\WINDOWS\system32\Drivers\MountMgr.sys A80B9A0BAD1B73637DBCBBA7DF72D3FD C:\WINDOWS\System32\DRIVERS\mrxdav.sys C134BAAB6E262E44B45B71E99FB6C2F9 C:\WINDOWS\System32\DRIVERS\mrxsmb.sys 7D304A5EB4344EBEEAB53A2FE3FFB9F0 C:\WINDOWS\system32\Drivers\Msfs.sys C941EA2454BA8350021D774DAF0F1027 C:\WINDOWS\System32\drivers\MSKSSRV.sys D1575E71568F4D9E14CA56B7B0453BF1 C:\WINDOWS\System32\drivers\MSPCLOCK.sys 325BB26842FC7CCC1FCCE2C457317F3E C:\WINDOWS\System32\drivers\MSPQM.sys BAD59648BA099DA4A17680B39730CB3D C:\WINDOWS\System32\DRIVERS\mssmbios.sys AF5F4F3F14A8EA2C26DE30F7A1E17136 C:\WINDOWS\System32\drivers\MSTEE.sys E53736A9E30C45FA9E7B5EAC55056D1D C:\WINDOWS\System32\DRIVERS\ASACPI.sys D48659BB24C48345D926ECB45C1EBDF5 C:\WINDOWS\system32\Drivers\Mup.sys DE6A75F5C270E756C5508D94B6CF68F5 C:\WINDOWS\System32\DRIVERS\NABTSFEC.sys 5B50F1B2A2ED47D560577B221DA734DB C:\WINDOWS\system32\Drivers\NDIS.sys 1DF7F42665C94B825322FAE71721130D C:\WINDOWS\System32\DRIVERS\NdisIP.sys 7FF1F1FD8609C149AA432F95A8163D97 C:\WINDOWS\System32\DRIVERS\ndistapi.sys 0109C4F3850DFBAB279542515386AE22 C:\WINDOWS\System32\DRIVERS\ndisuio.sys F927A4434C5028758A842943EF1A3849 C:\WINDOWS\System32\DRIVERS\ndiswan.sys EDC1531A49C80614B2CFDA43CA8659AB C:\WINDOWS\system32\Drivers\NDProxy.sys 2F597BB467E05B1FE3830EABD821B8E0 C:\WINDOWS\System32\DRIVERS\netbios.sys 5D81CF9A2F1A3A756B66CF684911CDF0 C:\WINDOWS\System32\DRIVERS\netbt.sys 74B2B2F5BEA5E9A3DC021D685551BD3D C:\WINDOWS\system32\Drivers\Npfs.sys 3182D64AE053D6FB034F44B6DEF8034A C:\WINDOWS\system32\Drivers\Ntfs.sys 78A08DD6A8D65E697C18E1DB01C5CDCA C:\WINDOWS\system32\Drivers\Null.sys 73C1E1F395918BC2C6DD67AF7591A3AD C:\WINDOWS\System32\DRIVERS\nv4_mini.sys 4CB14045191C2C8F31F5409D242C4119 C:\WINDOWS\System32\DRIVERS\NVENETFD.sys A12EC731BB00ADAD2D016D41C1F18FA4 C:\WINDOWS\System32\drivers\nvhda32.sys 47FEB587AAE06F6717FCABF8BCF184FD C:\WINDOWS\System32\DRIVERS\nvnetbus.sys 5DC6A149897820DE315916B6EC984EC9 C:\WINDOWS\System32\DRIVERS\nvsmu.sys F13618F0CB1E95232F4C2401592A59E9 C:\WINDOWS\System32\DRIVERS\nwlnkflt.sys B305F3FAD35083837EF46A0BBCE2FC57 C:\WINDOWS\System32\DRIVERS\nwlnkfwd.sys C99B3415198D1AAB7227F2C88FD664B9 C:\WINDOWS\system32\Drivers\Parport.sys 8FD0BDBEA875D06CCF6C945CA9ABAF75 C:\WINDOWS\system32\Drivers\PartMgr.sys BEB3BA25197665D82EC7065B724171C6 C:\WINDOWS\system32\Drivers\ParVdm.sys 9575C5630DB8FB804649A6959737154C C:\WINDOWS\System32\DRIVERS\pci.sys 043410877BDA580C528F45165F7125BC C:\WINDOWS\System32\DRIVERS\pciide.sys F4BFDE7209C14A07AAA61E4D6AE69EAC C:\WINDOWS\system32\Drivers\Pcmcia.sys F0406CBC60BDB0394A0E17FFB04CDD3D C:\WINDOWS\System32\DRIVERS\raspptp.sys EFEEC01B1D3CF84F16DDD24D9D9D8F99 C:\WINDOWS\System32\DRIVERS\processr.sys E19C9632AC828F6F214391E2BDDA11CB C:\WINDOWS\System32\DRIVERS\psched.sys 09298EC810B07E5D582CB3A3F9255424 C:\WINDOWS\System32\DRIVERS\ptilink.sys 80D317BD1C3DBC5D4FE7B1678C60CADD C:\WINDOWS\System32\DRIVERS\rasacd.sys FE0D99D6F31E4FAD8159F690D68DED9C C:\WINDOWS\System32\DRIVERS\rasl2tp.sys 11B4A627BC9614B885C4969BFA5FF8A6 C:\WINDOWS\System32\DRIVERS\raspppoe.sys 5BC962F2654137C9909C3D4603587DEE C:\WINDOWS\System32\DRIVERS\raspti.sys FDBB1D60066FCFBB7452FD8F9829B242 C:\WINDOWS\System32\DRIVERS\rdbss.sys 7AD224AD1A1437FE28D89CF22B17780A C:\WINDOWS\System32\DRIVERS\RDPCDD.sys 4912D5B403614CE99C28420F75353332 C:\WINDOWS\System32\DRIVERS\rdpdr.sys 15CABD0F7C00C47C70124907916AF3F1 C:\WINDOWS\system32\Drivers\RDPWD.sys 43AF5212BD8FB5BA6EED9754358BD8F7 C:\WINDOWS\System32\DRIVERS\redbook.sys D8EB2A7904DB6C916EB5361878DDCBAE C:\WINDOWS\System32\DRIVERS\secdrv.sys ==> Le MD5 est légitime C:\WINDOWS\System32\DRIVERS\serenum.sys 0F29512CCD6BEAD730039FB4BD2C85CE C:\WINDOWS\System32\DRIVERS\serial.sys 93D313C31F7AD9EA2B75F26075413C7C C:\WINDOWS\system32\Drivers\Sfloppy.sys 8E6B8C671615D126FDC553D1E2DE5562 C:\WINDOWS\System32\DRIVERS\SLIP.sys 866D538EBE33709A5C9F5C62B73B7D14 C:\WINDOWS\System32\drivers\splitter.sys AB8B92451ECB048A4D1DE7C3FFCB4A9F C:\WINDOWS\System32\DRIVERS\sr.sys 39626E6DC1FB39434EC40C42722B660A C:\WINDOWS\System32\DRIVERS\srv.sys DC9A6DCF6CBB2BF50CD5967C3C584454 C:\WINDOWS\System32\DRIVERS\ssmdrv.sys 424566865D82AA4BD8D6546C1F2065FA C:\WINDOWS\system32\Drivers\StarOpen.sys 1F730FDDC8E4602ECFD8D143F970CF82 C:\WINDOWS\System32\DRIVERS\serscan.sys 3F669C9FC6411BDBC0155544AA876E46 C:\WINDOWS\System32\DRIVERS\StreamIP.sys 77813007BA6265C4B6098187E6ED79D2 C:\WINDOWS\System32\DRIVERS\swenum.sys 3941D127AEF12E93ADDF6FE6EE027E0F C:\WINDOWS\System32\drivers\swmidi.sys 8CE882BCC6CF8A62F2B2323D95CB3D01 C:\WINDOWS\System32\DRIVERS\symsnap.sys 4B016FA3594B04506B9246D8E3EB0B66 C:\WINDOWS\System32\drivers\sysaudio.sys 8B83F3ED0F1688B4958F77CD6D2BF290 C:\WINDOWS\System32\DRIVERS\tcpip.sys 406A54311ABD7AF52F8E42E13AA2339A C:\WINDOWS\system32\Drivers\TDPIPE.sys 6471A66807F5E104E4885F5B67349397 C:\WINDOWS\system32\Drivers\TDTCP.sys C56B6D0402371CF3700EB322EF3AAF61 C:\WINDOWS\System32\DRIVERS\termdd.sys 88155247177638048422893737429D9E C:\WINDOWS\system32\Drivers\Udfs.sys 5787B80C2E3C5E2F56C2A233D91FA2C9 C:\WINDOWS\System32\DRIVERS\UimBus.sys 0A1822D12CF103633893CAF9CAE4E69D C:\WINDOWS\System32\Drivers\Uim_IM.sys 42F7398A76D279E0F63FC600920AB90C C:\WINDOWS\System32\Drivers\Uim_Vim.sys 48AD04132FCAC71E0EEC3DE5FB22D66E C:\WINDOWS\System32\DRIVERS\update.sys 402DDC88356B1BAC0EE3DD1580C76A31 C:\WINDOWS\System32\drivers\usbaudio.sys 65898A183FBF1D1F7759D5CCB364DCD4 C:\WINDOWS\System32\DRIVERS\usbccgp.sys 1B611611C28D2DF25BC057D79C6F13FC C:\WINDOWS\System32\DRIVERS\usbehci.sys 4BAC8DF07F1D8434FC640E677A62204E C:\WINDOWS\System32\DRIVERS\usbhub.sys 1AB3CDDE553B6E064D2E754EFE20285C C:\WINDOWS\System32\DRIVERS\usbohci.sys 0DAECCE65366EA32B162F85F07C6753B C:\WINDOWS\System32\DRIVERS\usbprint.sys A717C8721046828520C9EDF31288FC00 C:\WINDOWS\System32\DRIVERS\usbscan.sys F8EDE2B6928970DCE3D5614C27D9E7F6 C:\WINDOWS\System32\DRIVERS\USBSTOR.SYS A32426D9B14A089EAA1D922E0C5801A9 C:\WINDOWS\System32\Drivers\usbvideo.sys 813236B1183CFCF289E367BD5DE6E29E C:\WINDOWS\System32\DRIVERS\v2imount.sys 16662738E1AB857FB91ED2D4065440B0 C:\WINDOWS\System32\drivers\vga.sys 0D3A8FAFCEACD8B7625CD549757A7DF1 C:\WINDOWS\System32\drivers\viahduaa.sys 8586D10602FF4994E0F56A13A47D2B28 C:\WINDOWS\system32\Drivers\VolSnap.sys 46DE1126684369BACE4849E4FC8C43CA C:\WINDOWS\System32\DRIVERS\vproeventmonitor.sys E14B7AE35BE1E97830D42EC191D0DEA2 C:\WINDOWS\System32\DRIVERS\wanarp.sys E20B95BAEDB550F32DD489265C1DA1F6 C:\WINDOWS\System32\DRIVERS\wceusbsh.sys DC7F91B2ED24A738C807EA07F298928C C:\WINDOWS\System32\drivers\wdmaud.sys 6768ACF64B18196494413695F0C3A00F C:\WINDOWS\System32\DRIVERS\wimfltr.sys F9AD3A5E3FD7E0BDB18B8202B0FDD4E4 C:\WINDOWS\System32\DRIVERS\wmiacpi.sys C42584FD66CE9E17403AEBCA199F7BDB C:\WINDOWS\System32\drivers\WPRO_41_2001.sys 47CC68138DADC5A0680ACDEDC7A924CF C:\WINDOWS\System32\DRIVERS\WSTCODEC.SYS C98B39829C2BBD34E454150633C62C78 C:\WINDOWS\System32\DRIVERS\WudfPf.sys F15FEAFFFBB3644CCC80C5DA584E6311 C:\WINDOWS\System32\DRIVERS\wudfrd.sys 28B524262BCE6DE1F7EF9F510BA3985B ==================== NetSvcs (Avec liste blanche) =================== (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.) ==================== Trois mois - Créés - fichiers et dossiers ======== (Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.) 2015-08-26 19:01 - 2015-08-26 19:01 - 00097766 _____ C:\Documents and Settings\Guy.HEDEN\Bureau\ZHPDiag.txt 2015-08-26 18:44 - 2015-08-26 18:44 - 00017792 _____ C:\Documents and Settings\Guy.HEDEN\Bureau\Zoek.txt 2015-08-26 18:43 - 2015-08-26 18:43 - 00000000 ____D C:\Documents and Settings\Guy.HEDEN\Menu Démarrer\Programmes\Démarrage 2015-08-26 18:22 - 2015-08-26 19:06 - 00000000 ____D C:\Documents and Settings\Guy.HEDEN\Local Settings\Temp 2015-08-26 18:22 - 2015-08-26 18:22 - 00000000 ____D C:\Documents and Settings\TEMP\Local Settings\Temp 2015-08-26 18:22 - 2015-08-26 18:22 - 00000000 ____D C:\Documents and Settings\NetworkService\Local Settings\Temp 2015-08-26 18:22 - 2015-08-26 18:22 - 00000000 ____D C:\Documents and Settings\LocalService\Local Settings\Temp 2015-08-26 18:22 - 2015-08-26 17:09 - 00024064 _____ C:\WINDOWS\zoek-delete.exe 2015-08-26 17:13 - 2015-08-26 18:43 - 00017792 _____ C:\zoek-results.log 2015-08-26 17:09 - 2015-08-26 18:01 - 00000000 ____D C:\zoek_backup 2015-08-26 16:58 - 2015-08-26 17:05 - 00001632 _____ C:\WINDOWS\setupapi.log 2015-08-26 16:50 - 2015-08-26 16:50 - 00023417 _____ C:\Documents and Settings\Guy.HEDEN\Bureau\ZHPCleaner.txt 2015-08-26 13:45 - 2015-08-26 13:49 - 00000000 ____D C:\AdwCleaner 2015-08-26 10:06 - 2015-08-26 19:06 - 00000000 ____D C:\FRST 2015-08-25 18:27 - 2015-08-25 19:13 - 00000000 ____D C:\Documents and Settings\Guy.HEDEN\Local Settings\Application Data\AviraSpeedup 2015-08-25 18:25 - 2015-08-25 18:25 - 00000000 ____D C:\Documents and Settings\LocalService\Menu Démarrer\Programmes 2015-08-25 18:25 - 2015-08-25 18:25 - 00000000 ____D C:\Documents and Settings\LocalService\Menu Démarrer 2015-08-25 18:25 - 2015-08-25 18:25 - 00000000 ____D C:\Documents and Settings\LocalService\Bureau 2015-08-25 18:25 - 2015-08-25 18:25 - 00000000 ____D C:\Documents and Settings\All Users\Menu Démarrer\Programmes\AviraSpeedup 2015-08-25 10:16 - 2015-08-25 10:17 - 00000981 _____ C:\Documents and Settings\Guy.HEDEN\Bureau\Raccourci vers Disque amovible (E).lnk 2015-08-24 08:47 - 2015-08-24 08:47 - 00000000 _____ C:\Program Files\TempWmicBatchFile.bat 2015-08-23 21:53 - 2015-08-23 21:53 - 00000869 _____ C:\Documents and Settings\Guy.HEDEN\Local Settings\Application Data\recently-used.xbel 2015-08-16 16:49 - 2009-08-05 16:22 - 00309760 ____R (Microsoft Corporation) C:\WINDOWS\system32\difxapi.dll 2015-08-16 16:44 - 2015-08-16 16:44 - 00001118 _____ C:\Documents and Settings\All Users\Menu Démarrer\Centre de solutions HP.lnk 2015-08-16 16:44 - 2015-08-16 16:44 - 00001118 _____ C:\Documents and Settings\All Users\Bureau\Centre de solutions HP.lnk 2015-08-16 16:44 - 2015-08-16 16:44 - 00000000 ____D C:\Documents and Settings\All Users\Application Data\HP Product Assistant 2015-08-16 16:42 - 2015-08-16 16:42 - 00000000 ____D C:\Program Files\Fichiers communs\HP 2015-08-16 16:36 - 2015-08-16 16:53 - 00231730 _____ C:\WINDOWS\hpoins47.dat 2015-08-16 16:36 - 2009-12-01 09:00 - 00000601 ____N C:\WINDOWS\hpomdl47.dat 2015-08-16 16:06 - 2009-12-01 09:00 - 00000601 ____N C:\WINDOWS\hpomdl47.dat.temp 2015-08-14 08:43 - 2015-08-15 08:05 - 00000000 ____D C:\Program Files\Mozilla Firefox 2015-08-11 09:24 - 2015-08-11 09:24 - 00000000 ___SD C:\Documents and Settings\All Users\Menu Démarrer\Programmes\LibreOffice 5.0 2015-08-11 09:22 - 2015-08-11 09:23 - 00000000 ____D C:\Program Files\LibreOffice 5 2015-08-10 16:14 - 2015-08-10 16:14 - 00000000 ____D C:\Program Files\Avery 2015-08-08 09:18 - 2015-08-08 09:18 - 00000000 ____D C:\Documents and Settings\All Users\Application Data\Unchecky 2015-07-30 18:42 - 2015-07-30 18:45 - 00000000 ____D C:\Documents and Settings\Guy.HEDEN\Application Data\WinPatrol 2015-07-29 10:04 - 2015-08-26 18:52 - 00098520 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys 2015-07-29 10:04 - 2015-07-29 10:04 - 00000783 _____ C:\Documents and Settings\All Users\Bureau\Malwarebytes Anti-Malware.lnk 2015-07-29 10:04 - 2015-07-29 10:04 - 00000000 ____D C:\Program Files\Malwarebytes Anti-Malware 2015-07-29 10:04 - 2015-07-29 10:04 - 00000000 ____D C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Malwarebytes Anti-Malware 2015-07-29 10:04 - 2015-06-18 08:41 - 00121560 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbamchameleon.sys 2015-07-29 10:04 - 2015-06-18 08:41 - 00023256 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbam.sys 2015-06-30 11:06 - 2015-07-13 15:02 - 00000000 ____D C:\Program Files\CitroenMapUpdate 2015-06-30 11:06 - 2015-06-30 11:06 - 00000000 ____D C:\Documents and Settings\Guy.HEDEN\Application Data\com.nokia.ce.citroenmapupdate 2015-06-25 17:55 - 2015-06-25 17:59 - 00000153 _____ C:\Documents and Settings\Guy.HEDEN\Bureau\Annuaires.URL 2015-06-11 18:57 - 2015-06-11 18:57 - 00000000 ____D C:\Documents and Settings\All Users\Menu Démarrer\Programmes\TeamViewer 10 2015-06-10 07:44 - 2015-07-21 00:13 - 00233984 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\jsprofilerui.dll 2015-06-04 09:42 - 2015-06-04 09:42 - 00000000 ____D C:\Documents and Settings\All Users\Application Data\GlarySoft 2015-06-04 08:05 - 2015-06-04 08:05 - 00001859 _____ C:\Documents and Settings\Guy.HEDEN\Bureau\Google Earth.lnk 2015-06-04 07:39 - 2015-06-04 07:39 - 00000000 ____D C:\Documents and Settings\Guy.HEDEN\Application Data\CrystalIdea Software 2015-06-01 09:35 - 2015-06-01 09:35 - 00001658 _____ C:\Documents and Settings\Guy.HEDEN\Mégane.txt ==================== Trois mois - Modifiés - fichiers et dossiers ======== (Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.) 2015-08-26 19:01 - 2015-02-09 11:24 - 00000000 ____D C:\Documents and Settings\Guy.HEDEN\Application Data\ZHP 2015-08-26 19:01 - 2012-12-06 20:32 - 00000000 ____D C:\Documents and Settings\Guy.HEDEN\Bureau 2015-08-26 18:57 - 2013-07-23 09:10 - 00033846 ____C C:\WINDOWS\system32\nvAppTimestamps 2015-08-26 18:47 - 2012-12-04 17:12 - 01371224 ____C C:\WINDOWS\system32\PerfStringBackup.INI 2015-08-26 18:46 - 2012-12-04 16:24 - 01436223 ____C C:\WINDOWS\WindowsUpdate.log 2015-08-26 18:44 - 2006-03-02 14:00 - 00013646 ____C C:\WINDOWS\system32\wpa.dbl 2015-08-26 18:43 - 2015-05-01 07:28 - 00000159 _____ C:\WINDOWS\wiadebug.log 2015-08-26 18:43 - 2015-05-01 07:28 - 00000050 _____ C:\WINDOWS\wiaservc.log 2015-08-26 18:43 - 2012-12-13 10:32 - 00001052 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job 2015-08-26 18:43 - 2012-12-06 20:32 - 00000000 ___RD C:\Documents and Settings\Guy.HEDEN\Menu Démarrer\Programmes 2015-08-26 18:43 - 2012-12-04 16:28 - 00000006 ___HC C:\WINDOWS\Tasks\SA.DAT 2015-08-26 18:43 - 2012-12-04 16:23 - 00000000 ____D C:\WINDOWS\Registration 2015-08-26 18:42 - 2014-05-19 22:03 - 00004096 ___SH C:\VSNAP.IDX 2015-08-26 18:42 - 2014-01-07 14:34 - 09466432 ____C C:\Documents and Settings\LocalService\Local Settings\Application Data\WPFFontCache_v0400-S-1-5-21-1935655697-1383384898-1801674531-1003-0.dat 2015-08-26 18:42 - 2014-01-07 00:14 - 00472866 ____C C:\Documents and Settings\LocalService\Local Settings\Application Data\WPFFontCache_v0400-System.dat 2015-08-26 18:42 - 2012-12-04 16:28 - 00032432 _____ C:\WINDOWS\SchedLgU.Txt 2015-08-26 18:41 - 2012-12-06 20:32 - 00000284 __SHC C:\Documents and Settings\Guy.HEDEN\ntuser.ini 2015-08-26 18:33 - 2015-02-26 15:08 - 00000008 __RSH C:\Documents and Settings\All Users\ntuser.pol 2015-08-26 18:09 - 2013-07-02 18:07 - 00000000 ____D C:\Documents and Settings\Guy.HEDEN\Application Data\vlc 2015-08-26 18:09 - 2012-12-13 10:32 - 00001056 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job 2015-08-26 18:01 - 2015-02-26 15:08 - 00000000 ___HD C:\WINDOWS\system32\GroupPolicy 2015-08-26 16:46 - 2012-12-04 17:11 - 00000000 ____D C:\Documents and Settings\All Users\Bureau 2015-08-26 12:15 - 2012-12-11 20:18 - 00000000 ____D C:\Documents and Settings\Guy.HEDEN\Application Data\XnView 2015-08-26 09:24 - 2015-02-09 11:24 - 00000000 ____D C:\Program Files\ZHPDiag 2015-08-26 09:22 - 2012-12-20 13:35 - 00000000 ____D C:\WINDOWS\system32\NtmsData 2015-08-26 08:00 - 2013-06-09 18:26 - 00000000 ____D C:\Documents and Settings\Guy.HEDEN\Application Data\GlarySoft 2015-08-26 08:00 - 2012-12-04 17:11 - 00000000 ___RD C:\Documents and Settings\All Users\Menu Démarrer\Programmes 2015-08-26 07:59 - 2012-12-06 20:32 - 00000000 ___HD C:\Documents and Settings\Guy.HEDEN\Modèles 2015-08-25 18:40 - 2012-12-06 20:32 - 00000000 __SHD C:\Documents and Settings\Guy.HEDEN\Local Settings\Historique 2015-08-25 18:38 - 2013-11-15 12:41 - 00000000 ____D C:\Documents and Settings\Guy.HEDEN\Application Data\TeamViewer 2015-08-25 18:27 - 2015-04-30 15:41 - 00134072 _____ C:\Documents and Settings\Guy.HEDEN\Local Settings\Application Data\GDIPFONTCACHEV1.DAT 2015-08-25 18:26 - 2015-05-01 07:27 - 00522520 _____ C:\WINDOWS\system32\FNTCACHE.DAT 2015-08-25 18:25 - 2012-12-16 18:03 - 00000000 ____D C:\Program Files\Avira 2015-08-25 18:25 - 2012-12-04 16:28 - 00000000 __SHD C:\Documents and Settings\LocalService 2015-08-25 18:24 - 2015-04-02 08:10 - 00000000 ____D C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Avira 2015-08-25 09:52 - 2012-12-13 10:32 - 00000000 ____D C:\Program Files\Google 2015-08-25 09:52 - 2012-12-13 10:32 - 00000000 ____D C:\Documents and Settings\All Users\Application Data\Google 2015-08-25 09:52 - 2012-12-06 22:44 - 00000000 ____D C:\Documents and Settings\Guy.HEDEN\Local Settings\Application Data\Google 2015-08-25 09:52 - 2012-12-04 16:27 - 00000000 __SHD C:\Documents and Settings\NetworkService 2015-08-25 09:41 - 2012-12-04 17:11 - 00000000 ___RD C:\Documents and Settings\All Users\Menu Démarrer 2015-08-24 16:55 - 2014-05-30 13:05 - 00000000 ____D C:\Documents and Settings\Guy.HEDEN\Application Data\Azureus 2015-08-23 21:56 - 2014-11-23 10:30 - 00000000 ____D C:\Documents and Settings\Guy.HEDEN\.gimp-2.8 2015-08-22 09:01 - 2012-12-16 11:23 - 00000000 ____D C:\Program Files\Recuva 2015-08-21 17:15 - 2012-12-16 11:23 - 00001518 ____C C:\Documents and Settings\All Users\Bureau\Recuva.lnk 2015-08-19 16:43 - 2013-06-11 16:08 - 00002827 ____C C:\Documents and Settings\Guy.HEDEN\Bureau\Microsoft Office Document Scanning.lnk 2015-08-19 09:33 - 2012-12-11 20:00 - 00000000 ____D C:\Program Files\CCleaner 2015-08-19 08:47 - 2012-12-05 17:28 - 00000000 ____D C:\WINDOWS\ie8updates 2015-08-17 18:44 - 2012-12-12 11:01 - 00000000 ____D C:\WINDOWS\pss 2015-08-17 18:44 - 2012-12-04 17:11 - 00000000 ___RD C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage 2015-08-16 17:49 - 2012-12-11 19:38 - 00000000 ____D C:\Documents and Settings\Guy.HEDEN\Application Data\HpUpdate 2015-08-16 16:53 - 2012-12-11 19:33 - 00000000 ____D C:\Program Files\HP 2015-08-16 16:53 - 2012-12-11 19:32 - 00032041 ____C C:\Documents and Settings\All Users\Application Data\hpzinstall.log 2015-08-16 16:52 - 2006-03-02 14:00 - 00000638 ____C C:\WINDOWS\win.ini 2015-08-16 16:50 - 2012-12-04 17:07 - 00000000 ____D C:\WINDOWS\twain_32 2015-08-16 16:47 - 2012-12-11 19:36 - 00000000 ____D C:\Documents and Settings\All Users\Menu Démarrer\Programmes\HP 2015-08-16 16:45 - 2012-12-11 19:36 - 00000000 ____D C:\Documents and Settings\All Users\Application Data\HP 2015-08-16 16:42 - 2012-12-04 17:12 - 00000000 ___RD C:\Program Files\Fichiers communs 2015-08-16 15:37 - 2012-12-05 10:29 - 00778440 ____C (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerApp.exe 2015-08-16 15:37 - 2012-12-05 10:29 - 00142536 ____C (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerCPLApp.cpl 2015-08-15 08:05 - 2014-10-14 19:12 - 00000000 ____D C:\Program Files\Mozilla Maintenance Service 2015-08-14 01:52 - 2008-04-13 19:33 - 06012928 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\mshtml.dll 2015-08-14 01:52 - 2008-04-13 19:33 - 06012928 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll 2015-08-12 16:08 - 2012-12-06 20:32 - 00000000 ___HD C:\Documents and Settings\Guy.HEDEN\Voisinage réseau 2015-08-12 08:55 - 2013-07-10 08:31 - 00000000 ____D C:\WINDOWS\system32\MRT 2015-08-12 08:45 - 2012-12-05 17:26 - 129304528 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe 2015-08-11 09:18 - 2014-01-14 13:37 - 00000000 ____D C:\Program Files\LibreOffice 4 2015-08-10 17:09 - 2013-06-11 16:08 - 00002573 ____C C:\Documents and Settings\Guy.HEDEN\Bureau\Microsoft Office Word 2003.lnk 2015-08-09 17:30 - 2012-12-04 17:07 - 00000000 ____D C:\WINDOWS\Help 2015-08-05 07:46 - 2014-01-07 12:38 - 00000000 ____D C:\Program Files\CDBurnerXP 2015-08-04 18:30 - 2014-01-07 12:38 - 00001622 _____ C:\Documents and Settings\All Users\Bureau\CDBurnerXP.lnk 2015-08-04 18:30 - 2014-01-07 12:38 - 00001562 _____ C:\Documents and Settings\All Users\Menu Démarrer\Programmes\CDBurnerXP.lnk 2015-08-04 17:48 - 2013-08-04 15:30 - 00000000 ____D C:\Documents and Settings\Guy.HEDEN\Application Data\dvdcss 2015-07-30 07:29 - 2012-12-04 16:28 - 00000184 __SHC C:\Documents and Settings\LocalService\ntuser.ini 2015-07-29 10:31 - 2015-03-13 20:46 - 00000000 ____D C:\WINDOWS\Minidump ==================== Fichiers à la racine de certains dossiers ======= 2015-08-24 08:47 - 2015-08-24 08:47 - 0000000 _____ () C:\Program Files\TempWmicBatchFile.bat 2012-12-27 12:35 - 2012-12-27 12:35 - 0002528 ____C () C:\Documents and Settings\Guy.HEDEN\Application Data\$_hpcst$.hpc 2014-01-14 09:51 - 2014-01-14 09:51 - 0000005 ____C () C:\Documents and Settings\Guy.HEDEN\Application Data\WBPU-TTL.DAT 2015-08-23 21:53 - 2015-08-23 21:53 - 0000869 _____ () C:\Documents and Settings\Guy.HEDEN\Local Settings\Application Data\recently-used.xbel Certains fichiers dans TEMP: ==================== C:\Documents and Settings\Guy.HEDEN\Local Settings\Temp\avgnt.exe ==================== Bamital & volsnap ================= (Il n'y a pas de correction automatique pour les fichiers qui ne satisfont pas à la vérification.) C:\WINDOWS\explorer.exe => Le fichier est signé numériquement C:\WINDOWS\system32\winlogon.exe => Le fichier est signé numériquement C:\WINDOWS\system32\svchost.exe => Le fichier est signé numériquement C:\WINDOWS\system32\services.exe => Le fichier est signé numériquement C:\WINDOWS\system32\User32.dll => Le fichier est signé numériquement C:\WINDOWS\system32\userinit.exe => Le fichier est signé numériquement C:\WINDOWS\system32\rpcss.dll => Le fichier est signé numériquement C:\WINDOWS\system32\dnsapi.dll => Le fichier est signé numériquement C:\WINDOWS\system32\Drivers\volsnap.sys => Le fichier est signé numériquement ==================== Fin de FRST.txt ============================