Résultats d'analyse de Farbar Recovery Scan Tool (FRST) (x86) Version:05-03-2016 01 Exécuté par Administrateur (administrateur) sur CFDD7CCA7C3F417 (29-03-2016 20:45:30) Exécuté depuis C:\Documents and Settings\Administrateur\Mes documents\Downloads Profils chargés: Administrateur (Profils disponibles: Administrateur) Platform: Microsoft Windows XP Professionnel Service Pack 3 (X86) Langue: Français (France) Internet Explorer Version 8 (Navigateur par défaut: FF) Mode d'amorçage: Normal Tutoriel pour Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processus (Avec liste blanche) ================= (Si un élément est inclus dans le fichier fixlist.txt, le processus sera arrêté. Le fichier ne sera pas déplacé.) (AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe (Apple Inc.) C:\Program Files\Fichiers communs\Apple\Mobile Device Support\AppleMobileDeviceService.exe (Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe () C:\Program Files\UberIcon\UberIcon Manager.exe (VisualTaskTips.com) C:\WINDOWS\system32\VisualTaskTips.exe (Analog Devices, Inc.) C:\Program Files\Analog Devices\SoundMAX\SMax4PNP.exe (Analog Devices, Inc.) C:\Program Files\Analog Devices\SoundMAX\SMax4.exe () C:\WINDOWS\ATK0100\HControl.exe (Synaptics, Inc.) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe (AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe () C:\Program Files\Orange\Orange Installer\OrangeInstaller.exe (Piriform Ltd) C:\Program Files\CCleaner\CCleaner.exe (Silicon Integrated Systems Corporation) C:\WINDOWS\system32\sistray.exe (Analog Devices, Inc.) C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe (TeamViewer GmbH) C:\Program Files\TeamViewer\Version9\TeamViewer_Service.exe () C:\WINDOWS\ATK0100\ATKOSD.exe (Microsoft Corporation) C:\WINDOWS\system32\wbem\unsecapp.exe (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe ==================== Registre (Avec liste blanche) =========================== (Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé. Le fichier ne sera pas déplacé.) HKLM\...\Run: [Sidebar] => C:\Program Files\Windows Sidebar\sidebar.exe [1235456 2007-01-10] (Microsoft Corporation) HKLM\...\Run: [UberIcon] => C:\Program Files\UberIcon\UberIcon Manager.exe [122880 2006-07-17] () HKLM\...\Run: [VisualTaskTips] => C:\Windows\System32\VisualTaskTips.exe [36864 2007-12-18] (VisualTaskTips.com) HKLM\...\Run: [SiSPower] => Rundll32.exe SiSPower.dll,ModeAgent HKLM\...\Run: [SoundMAXPnP] => C:\Program Files\Analog Devices\SoundMAX\SMax4PNP.exe [1388544 2004-10-14] (Analog Devices, Inc.) HKLM\...\Run: [SoundMAX] => C:\Program Files\Analog Devices\SoundMAX\Smax4.exe [860160 2004-09-23] (Analog Devices, Inc.) HKLM\...\Run: [HControl] => C:\WINDOWS\ATK0100\HControl.exe [102400 2005-07-28] () HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [708697 2005-05-11] (Synaptics, Inc.) HKLM\...\Run: [APSDaemon] => C:\Program Files\Fichiers communs\Apple\Apple Application Support\APSDaemon.exe [59240 2012-02-20] (Apple Inc.) HKLM\...\Run: [Vistadrv] => C:\WINDOWS\system32\Vistadrive\vsdrv.exe [121089 2006-07-30] () HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [7139256 2016-03-27] (AVAST Software) HKLM\...\Policies\Explorer: [NoRemoteRecursiveEvents] 1 HKU\S-1-5-19\...\Run: [MsnMsgr] => C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe [5724184 2007-10-18] (Microsoft Corporation) HKU\S-1-5-19\...\RunOnce: [TSClientMSIUninstaller] => cmd.exe /C "cscript %systemroot%\Installer\TSClientMsiTrans\tscuinst.vbs" HKU\S-1-5-19\...\RunOnce: [tscuninstall] => C:\WINDOWS\system32\tscupgrd.exe [44544 2007-12-18] (Microsoft Corporation) HKU\S-1-5-19\...\RunOnce: [nltide3] => cmd.exe /C rundll32 advpack.dll,LaunchINFSection nLite.inf,C HKU\S-1-5-19\...\RunOnce: [nltide_2] => regsvr32 /s /n /i:U shell32 HKU\S-1-5-19\...\RunOnce: [nltide_3] => rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N HKU\S-1-5-19\...\Policies\Explorer: [NoUserNameInStartMenu] 1 HKU\S-1-5-20\...\Run: [MsnMsgr] => C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe [5724184 2007-10-18] (Microsoft Corporation) HKU\S-1-5-20\...\RunOnce: [TSClientMSIUninstaller] => cmd.exe /C "cscript %systemroot%\Installer\TSClientMsiTrans\tscuinst.vbs" HKU\S-1-5-20\...\RunOnce: [tscuninstall] => C:\WINDOWS\system32\tscupgrd.exe [44544 2007-12-18] (Microsoft Corporation) HKU\S-1-5-20\...\RunOnce: [nltide3] => cmd.exe /C rundll32 advpack.dll,LaunchINFSection nLite.inf,C HKU\S-1-5-20\...\RunOnce: [nltide_2] => regsvr32 /s /n /i:U shell32 HKU\S-1-5-20\...\RunOnce: [nltide_3] => rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N HKU\S-1-5-20\...\Policies\Explorer: [NoUserNameInStartMenu] 1 HKU\S-1-5-21-73586283-630328440-725345543-500\...\Run: [Orange Installer] => C:\Program Files\Orange\Orange Installer\OrangeInstaller.exe [561320 2012-11-27] () HKU\S-1-5-21-73586283-630328440-725345543-500\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner.exe [6667992 2016-03-11] (Piriform Ltd) HKU\S-1-5-21-73586283-630328440-725345543-500\...\Policies\Explorer: [NoUserNameInStartMenu] 1 HKU\S-1-5-21-73586283-630328440-725345543-500\...\MountPoints2: {1ae33b4d-70a9-11df-8f87-0015f24b9123} - F:\Toshiba\more4you.exe HKU\S-1-5-21-73586283-630328440-725345543-500\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\WINDOWS\system32\plasma.scr [57344 2007-12-18] () HKU\S-1-5-18\...\Run: [MsnMsgr] => C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe [5724184 2007-10-18] (Microsoft Corporation) HKU\S-1-5-18\...\RunOnce: [TSClientMSIUninstaller] => cmd.exe /C "cscript %systemroot%\Installer\TSClientMsiTrans\tscuinst.vbs" HKU\S-1-5-18\...\RunOnce: [tscuninstall] => C:\WINDOWS\system32\tscupgrd.exe [44544 2007-12-18] (Microsoft Corporation) HKU\S-1-5-18\...\RunOnce: [nltide3] => cmd.exe /C rundll32 advpack.dll,LaunchINFSection nLite.inf,C HKU\S-1-5-18\...\RunOnce: [nltide_2] => regsvr32 /s /n /i:U shell32 HKU\S-1-5-18\...\RunOnce: [nltide_3] => rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N HKU\S-1-5-18\...\Policies\Explorer: [NoUserNameInStartMenu] 1 ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2016-03-27] (AVAST Software) ShellIconOverlayIdentifiers: [Fichiers hors connexion] -> {750fdf0e-2a26-11d1-a3ea-080036587f03} => C:\WINDOWS\System32\cscui.dll [2008-04-14] (Microsoft Corporation) Startup: C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\Utility Tray.lnk [2008-07-12] ShortcutTarget: Utility Tray.lnk -> C:\WINDOWS\system32\sistray.exe (Silicon Integrated Systems Corporation) ==================== Internet (Avec liste blanche) ==================== (Si un élément est inclus dans le fichier fixlist.txt, s'il s'agit d'un élément du Registre, il sera supprimé ou restauré à la valeur par défaut.) Tcpip\Parameters: [DhcpNameServer] 192.168.1.1 Tcpip\..\Interfaces\{AE6B219A-1EA3-43AC-98A5-AD30D7DDBD93}: [DhcpNameServer] 192.168.1.1 Internet Explorer: ================== HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://www.google.com/?trackid=sp-006 HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxps://www.google.com/search?trackid=sp-006&q={searchTerms} HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.fr HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxp://www.google.fr HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.fr HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.fr/keyword/%s HKU\S-1-5-19\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.fr HKU\S-1-5-19\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxp://www.google.fr HKU\S-1-5-19\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.fr HKU\S-1-5-19\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.fr/keyword/%s HKU\S-1-5-20\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.fr HKU\S-1-5-20\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxp://www.google.fr HKU\S-1-5-20\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.fr HKU\S-1-5-20\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.fr/keyword/%s HKU\S-1-5-21-73586283-630328440-725345543-500\Software\Microsoft\Internet Explorer\Main,Search Page = hxxps://www.google.com/search?trackid=sp-006&q={searchTerms} HKU\S-1-5-21-73586283-630328440-725345543-500\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxps://www.google.com/?trackid=sp-006 HKU\S-1-5-21-73586283-630328440-725345543-500\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://www.google.fr/ HKLM\SOFTWARE\Microsoft\Internet Explorer\AboutURLs,Tabs: "about:newtab" <======= ATTENTION SearchScopes: HKLM -> DefaultScope {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL = hxxps://www.google.com/search?trackid=sp-006&q={searchTerms} SearchScopes: HKLM -> {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL = hxxps://www.google.com/search?trackid=sp-006&q={searchTerms} SearchScopes: HKU\S-1-5-21-73586283-630328440-725345543-500 -> DefaultScope {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL = hxxps://www.google.com/search?trackid=sp-006&q={searchTerms} SearchScopes: HKU\S-1-5-21-73586283-630328440-725345543-500 -> {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL = hxxps://www.google.com/search?trackid=sp-006&q={searchTerms} BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2016-03-27] (AVAST Software) Toolbar: HKLM - StylerToolBar - {D2F8F919-690B-4EA2-9FA7-A203D1E04F75} - C:\Program Files\styler\TB\StylerTB.dll [2006-05-02] (StyleFantasist) DPF: {17492023-C23A-453E-A040-C7C580BBF700} hxxp://download.microsoft.com/download/E/5/6/E5611B10-0D6D-4117-8430-A67417AA88CD/LegitCheckControl.cab DPF: {867E13F2-7F31-44FB-AC97-CD38E0DC46EF} hxxp://fichiers.touslesdrivers.com/fichiers/hardwaredetection/hardwaredetection_3_0_2_0.cab Handler: http\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\msdaipp.dll [2008-04-14] (Microsoft Corporation) Handler: http\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\msdaipp.dll [2008-04-14] (Microsoft Corporation) Handler: https\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\msdaipp.dll [2008-04-14] (Microsoft Corporation) Handler: https\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\msdaipp.dll [2008-04-14] (Microsoft Corporation) Handler: ipp\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\msdaipp.dll [2008-04-14] (Microsoft Corporation) Handler: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.8.5.1302.1018.dll [2007-10-18] (Microsoft Corporation) Handler: msdaipp\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\msdaipp.dll [2008-04-14] (Microsoft Corporation) Handler: msdaipp\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\msdaipp.dll [2008-04-14] (Microsoft Corporation) Handler: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.8.5.1302.1018.dll [2007-10-18] (Microsoft Corporation) FireFox: ======== FF ProfilePath: C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\mcdoxzou.default-1459256715578 FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF32_21_0_0_197.dll [2016-03-28] () FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-13] ( Microsoft Corporation) FF Plugin: @microsoft.com/WPF,version=3.5 -> C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll [2008-07-29] (Microsoft Corporation) FF Plugin: @real.com/nppl3260;version=6.0.11.3088 -> C:\Program Files\Real Alternative\browser\plugins\nppl3260.dll [2007-12-21] (RealNetworks, Inc.) FF Plugin: @real.com/nprpjplug;version=6.0.11.3006 -> C:\Program Files\Real Alternative\browser\plugins\nprpjplug.dll [2007-12-21] (RealNetworks, Inc.) FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-03-27] (Google Inc.) FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-03-27] (Google Inc.) FF Plugin: @videolan.org/vlc,version=2.2.2 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2016-01-21] (VideoLAN) FF Plugin HKU\S-1-5-21-73586283-630328440-725345543-500: @citrixonline.com/appdetectorplugin -> C:\Documents and Settings\Administrateur\Local Settings\Application Data\Citrix\Plugins\104\npappdetector.dll [2014-04-09] (Citrix Online) FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nppl3260.dll [2007-12-21] (RealNetworks, Inc.) FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin.dll [2007-12-13] (Apple Inc.) FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin2.dll [2007-12-13] (Apple Inc.) FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin3.dll [2007-12-13] (Apple Inc.) FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin4.dll [2007-12-13] (Apple Inc.) FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin5.dll [2007-12-13] (Apple Inc.) FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nprpjplug.dll [2007-12-21] (RealNetworks, Inc.) FF Extension: Pas de nom - C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\mcdoxzou.default-1459256715578\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2016-03-29] [non signé] FF Extension: Pas de nom - C:\Program Files\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}.xpi [2016-03-27] [non signé] FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension FF Extension: Microsoft .NET Framework Assistant - C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension [2009-09-20] [non signé] FF HKLM\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2016-03-27] Chrome: ======= CHR Profile: C:\Documents and Settings\Administrateur\Local Settings\Application Data\Google\Chrome\User Data\Default CHR Extension: (Paiements via le Chrome Web Store) - C:\Documents and Settings\Administrateur\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-03-28] CHR HKLM\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2016-03-27] ==================== Services (Avec liste blanche) ======================== (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.) R2 Apple Mobile Device; C:\Program Files\Fichiers communs\Apple\Mobile Device Support\AppleMobileDeviceService.exe [55144 2012-02-27] (Apple Inc.) R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [237096 2016-03-27] (AVAST Software) S3 idsvc; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [864256 2007-10-11] (Microsoft Corporation) [Fichier non signé] S4 NetTcpPortSharing; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [122880 2007-10-11] (Microsoft Corporation) [Fichier non signé] R2 SoundMAX Agent Service (default); C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe [45056 2002-09-20] (Analog Devices, Inc.) [Fichier non signé] S3 usnjsvc; C:\Program Files\Windows Live\Messenger\usnsvc.exe [98328 2007-10-18] (Microsoft Corporation) S3 WLSetupSvc; C:\Program Files\Windows Live\installer\WLSetupSvc.exe [228208 2007-05-16] () S3 WmdmPmSN; C:\WINDOWS\system32\mspmsnsv.dll [27136 2007-12-18] (Microsoft Corporation) [Fichier non signé] S3 WMPNetworkSvc; C:\Program Files\Windows Media Player\WMPNetwk.exe [918016 2006-11-03] (Microsoft Corporation) [Fichier non signé] S3 WudfSvc; C:\WINDOWS\System32\WUDFSvc.dll [55808 2007-12-18] (Microsoft Corporation) [Fichier non signé] ===================== Pilotes (Avec liste blanche) ========================== (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.) R3 ASNDIS5; C:\WINDOWS\ATK0100\ASNDIS5.SYS [16269 2004-05-28] (Printing Communications Assoc., Inc. (PCAUSA)) R2 aswHwid; C:\WINDOWS\system32\drivers\aswHwid.sys [32792 2016-03-27] (AVAST Software) R1 aswKbd; C:\WINDOWS\system32\drivers\aswKbd.sys [35096 2016-03-28] (AVAST Software) R2 aswMonFlt; C:\WINDOWS\system32\drivers\aswMonFlt.sys [91168 2016-03-27] (AVAST Software) R1 aswRdr; C:\WINDOWS\system32\drivers\aswRdr.sys [64272 2016-03-27] (AVAST Software) R0 aswRvrt; C:\WINDOWS\system32\Drivers\aswRvrt.sys [58776 2016-03-27] (AVAST Software) R1 aswSnx; C:\WINDOWS\system32\drivers\aswSnx.sys [816304 2016-03-27] (AVAST Software) R1 aswSP; C:\WINDOWS\system32\drivers\aswSP.sys [447848 2016-03-27] (AVAST Software) R3 aswStmXP; C:\WINDOWS\system32\drivers\aswStmXP.sys [171608 2016-03-27] (AVAST Software) S3 aswTdi; C:\WINDOWS\system32\drivers\aswTdi.sys [67088 2016-03-27] (AVAST Software) R0 aswVmm; C:\WINDOWS\system32\Drivers\aswVmm.sys [221240 2016-03-27] (AVAST Software) R0 atapi; C:\WINDOWS\System32\DRIVERS\atapi.sys [95744 2006-06-27] (Microsoft Corporation) [Fichier non signé] R3 HSFHWSIS; C:\WINDOWS\System32\DRIVERS\HSFHWSIS.sys [216320 2005-06-22] (Conexant Systems, Inc.) R3 HSF_DPV; C:\WINDOWS\System32\DRIVERS\HSF_DPV.sys [1034752 2005-06-22] (Conexant Systems, Inc.) S3 MidiSyn; C:\WINDOWS\System32\drivers\MidiSyn.sys [88960 2004-09-14] (Analog Devices, Inc.) R3 MTsensor; C:\WINDOWS\System32\DRIVERS\ATKACPI.sys [5632 2005-02-17] () S3 nm; C:\WINDOWS\System32\DRIVERS\NMnt.sys [40320 2008-04-13] (Microsoft Corporation) R2 npf; C:\WINDOWS\System32\drivers\npf.sys [35088 2011-02-11] (CACE Technologies, Inc.) R3 senfilt; C:\WINDOWS\System32\drivers\senfilt.sys [392704 2005-03-01] (Sensaura) R0 Si3112; C:\WINDOWS\system32\Drivers\Si3112.sys [69296 2007-12-18] (Silicon Image, Inc.) R0 Si3114r5; C:\WINDOWS\system32\Drivers\Si3114r5.sys [202032 2007-12-18] (Silicon Image, Inc) R0 Si3124; C:\WINDOWS\system32\Drivers\Si3124.sys [76208 2007-12-18] (Silicon Image, Inc.) R0 Si3132; C:\WINDOWS\system32\Drivers\Si3132.sys [74672 2007-12-18] (Silicon Image, Inc.) R0 Si3132r5; C:\WINDOWS\system32\Drivers\Si3132r5.sys [208688 2007-12-18] (Silicon Image, Inc) R0 Si3531; C:\WINDOWS\system32\Drivers\Si3531.sys [210224 2007-12-18] (Silicon Image, Inc) R3 SiS315; C:\WINDOWS\System32\DRIVERS\sisgrp.sys [257024 2005-07-13] (Silicon Integrated Systems Corporation) R3 SISNIC; C:\WINDOWS\System32\DRIVERS\sisnic.sys [32768 2004-08-04] (SiS Corporation) S3 WudfPf; C:\WINDOWS\System32\DRIVERS\WudfPf.sys [77568 2007-12-18] (Microsoft Corporation) [Fichier non signé] S3 WudfRd; C:\WINDOWS\System32\DRIVERS\wudfrd.sys [82944 2007-12-18] (Microsoft Corporation) [Fichier non signé] S3 ZD1211U(ASUS); C:\WINDOWS\System32\DRIVERS\zd1211u.sys [276992 2005-08-04] (ZyDAS Technology Corporation) [Fichier non signé] U4 Alerter; pas de ImagePath U4 Ati HotKey Poller; pas de ImagePath U4 Dnscache; pas de ImagePath U4 ERSvc; pas de ImagePath U4 helpsvc; pas de ImagePath S4 IntelIde; pas de ImagePath U4 MDM; pas de ImagePath U4 Messenger; pas de ImagePath U4 mnmsrvc; pas de ImagePath U4 NVSvc; pas de ImagePath U5 ScsiPort; C:\WINDOWS\system32\drivers\scsiport.sys [96384 2008-04-13] (Microsoft Corporation) U4 uploadmgr; pas de ImagePath ==================== NetSvcs (Avec liste blanche) =================== (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.) ==================== Un mois - Créés - fichiers et dossiers ======== (Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.) 2016-03-29 20:45 - 2016-03-29 20:45 - 00000000 ____D C:\FRST 2016-03-29 14:59 - 2016-03-29 14:59 - 00000705 _____ C:\Documents and Settings\Administrateur\Bureau\RegSeeker.lnk 2016-03-29 14:59 - 2016-03-29 14:59 - 00000000 ____D C:\Documents and Settings\Administrateur\Menu Démarrer\Programmes\RegSeeker 2016-03-29 14:01 - 2007-07-30 10:42 - 00043008 _____ (REDC) C:\WINDOWS\system32\Drivers\rimsptsk.sys 2016-03-29 14:01 - 2004-09-04 03:00 - 00090112 _____ (Sony Corporation) C:\WINDOWS\system32\snymsico.dll 2016-03-29 13:59 - 2016-03-29 13:59 - 00000000 ____D C:\swsetup 2016-03-29 13:52 - 2016-03-29 13:52 - 00000000 ____D C:\Documents and Settings\Administrateur\Mes documents\Drivers Ordinateur Mary Anne 2016-03-29 13:18 - 2016-03-29 13:18 - 00000000 __SHD C:\Documents and Settings\Administrateur\IECompatCache 2016-03-28 21:07 - 2016-03-28 21:07 - 00001897 _____ C:\Documents and Settings\Administrateur\Bureau\AdwCleaner[C2].txt 2016-03-28 20:26 - 2016-03-28 20:26 - 00001820 _____ C:\Documents and Settings\Administrateur\Bureau\ZHPCleaner.txt 2016-03-28 19:52 - 2016-03-28 19:52 - 00000829 _____ C:\Documents and Settings\Administrateur\Bureau\ZHPCleaner.lnk 2016-03-28 00:54 - 2016-03-29 13:27 - 00000000 ____D C:\Documents and Settings\Administrateur\Application Data\vlc 2016-03-28 00:51 - 2016-03-28 00:51 - 00000730 _____ C:\Documents and Settings\All Users\Bureau\VLC media player.lnk 2016-03-28 00:51 - 2016-03-28 00:51 - 00000000 ____D C:\Documents and Settings\All Users\Menu Démarrer\Programmes\VideoLAN 2016-03-28 00:47 - 2016-03-28 00:47 - 00000000 ____D C:\Program Files\VideoLAN 2016-03-28 00:32 - 2016-03-28 00:32 - 00000000 ____D C:\Documents and Settings\Administrateur\Local Settings\Application Data\Temp 2016-03-28 00:08 - 2016-03-28 00:07 - 00035096 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswKbd.sys 2016-03-28 00:05 - 2016-03-28 00:05 - 00000000 __SHD C:\Documents and Settings\LocalService\IETldCache 2016-03-27 20:46 - 2016-03-27 20:46 - 00000000 ____D C:\Documents and Settings\Administrateur\Application Data\AVAST Software 2016-03-27 20:44 - 2016-03-27 20:44 - 00001700 _____ C:\Documents and Settings\All Users\Bureau\Avast Free Antivirus.lnk 2016-03-27 20:44 - 2016-03-27 20:44 - 00000000 ____D C:\Documents and Settings\All Users\Menu Démarrer\Programmes\AVAST Software 2016-03-27 20:44 - 2008-11-07 18:55 - 00016928 ____N (Microsoft Corporation) C:\WINDOWS\system32\spmsgXP_2k3.dll 2016-03-27 20:43 - 2016-03-27 20:43 - 00000000 __HDC C:\WINDOWS\$NtUninstallWdf01009$ 2016-03-27 20:42 - 2016-03-29 20:42 - 00000380 ____H C:\WINDOWS\Tasks\avast! Emergency Update.job 2016-03-27 20:41 - 2016-03-29 20:30 - 00001828 _____ C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Google Chrome.lnk 2016-03-27 20:41 - 2016-03-29 20:30 - 00001822 _____ C:\Documents and Settings\All Users\Bureau\Google Chrome.lnk 2016-03-27 20:38 - 2016-03-29 20:48 - 00001056 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job 2016-03-27 20:38 - 2016-03-29 20:48 - 00001052 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job 2016-03-27 20:35 - 2016-03-27 20:42 - 00816304 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswsnx.sys 2016-03-27 20:35 - 2016-03-27 20:42 - 00447848 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswsp.sys 2016-03-27 20:35 - 2016-03-27 20:42 - 00221240 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswvmm.sys 2016-03-27 20:35 - 2016-03-27 20:42 - 00091168 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswmonflt.sys 2016-03-27 20:35 - 2016-03-27 20:34 - 00171608 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswStmXP.sys 2016-03-27 20:35 - 2016-03-27 20:34 - 00067088 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswTdi.sys 2016-03-27 20:35 - 2016-03-27 20:34 - 00064272 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRdr.sys 2016-03-27 20:35 - 2016-03-27 20:34 - 00058776 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRvrt.sys 2016-03-27 20:35 - 2016-03-27 20:34 - 00032792 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswHwid.sys 2016-03-27 20:34 - 2016-03-27 20:33 - 00334280 _____ (AVAST Software) C:\WINDOWS\system32\aswBoot.exe 2016-03-27 20:33 - 2016-03-27 20:33 - 00052184 _____ (AVAST Software) C:\WINDOWS\avastSS.scr 2016-03-27 20:31 - 2016-03-28 00:06 - 00000000 ____D C:\Program Files\AVAST Software 2016-03-27 20:29 - 2016-03-27 20:29 - 00447848 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\suuauzrd.sys 2016-03-27 20:28 - 2016-03-28 00:07 - 00000000 ____D C:\Documents and Settings\All Users\Application Data\AVAST Software 2016-03-27 18:31 - 2016-03-27 18:31 - 00000048 _____ C:\Documents and Settings\Administrateur\Bureau\everest.url 2016-03-27 17:32 - 2016-03-27 17:32 - 00000000 __SHD C:\Documents and Settings\Administrateur\PrivacIE 2016-03-27 17:29 - 2016-03-27 17:29 - 00000000 __SHD C:\Documents and Settings\Administrateur\IETldCache 2016-03-27 16:47 - 2016-03-27 19:14 - 00000000 ____D C:\WINDOWS\ie8updates 2016-03-27 16:42 - 2016-03-27 16:45 - 00000000 __HDC C:\WINDOWS\ie8 2016-03-27 16:31 - 2014-02-06 01:19 - 00522240 ____N (Microsoft Corporation) C:\WINDOWS\system32\dllcache\jsdbgui.dll 2016-03-27 16:30 - 2014-02-06 01:20 - 00012800 ____N (Microsoft Corporation) C:\WINDOWS\system32\dllcache\xpshims.dll 2016-03-27 16:30 - 2014-02-06 01:19 - 00247808 ____N (Microsoft Corporation) C:\WINDOWS\system32\dllcache\ieproxy.dll 2016-03-27 16:30 - 2014-02-06 01:18 - 00743424 ____N (Microsoft Corporation) C:\WINDOWS\system32\dllcache\iedvtool.dll 2016-03-27 16:30 - 2011-08-16 12:45 - 00006144 ____N (Microsoft Corporation) C:\WINDOWS\system32\dllcache\iecompat.dll 2016-03-27 15:47 - 2016-03-27 15:47 - 00000697 _____ C:\Documents and Settings\Administrateur\Bureau\RstHosts.txt 2016-03-27 15:46 - 2016-03-27 15:46 - 00000697 _____ C:\RstHosts.txt 2016-03-27 14:24 - 2016-03-27 14:24 - 00089341 _____ C:\Documents and Settings\Administrateur\Bureau\ZHPDiag.txt 2016-03-27 14:18 - 2016-03-28 20:26 - 00000000 ____D C:\Documents and Settings\Administrateur\Application Data\ZHP 2016-03-27 14:18 - 2016-03-27 14:18 - 00000819 _____ C:\Documents and Settings\Administrateur\Bureau\ZHPDiag.lnk 2016-03-27 12:29 - 2016-03-27 12:29 - 00000000 ____D C:\Documents and Settings\Administrateur\Application Data\Nero 2016-03-27 12:29 - 2008-07-12 11:18 - 00001615 _____ C:\Documents and Settings\Administrateur\Bureau\Nero Express.lnk 2016-03-27 11:35 - 2016-03-27 11:38 - 00000000 ____D C:\Program Files\Mozilla Firefox 2016-03-27 10:41 - 2016-03-29 19:08 - 00000000 ____D C:\Documents and Settings\Administrateur\Local Settings\Application Data\Google 2016-03-27 10:35 - 2016-03-27 20:40 - 00000000 ____D C:\Program Files\Google 2016-03-27 01:05 - 2016-03-27 01:04 - 00001509 _____ C:\Documents and Settings\Administrateur\Bureau\Calculatrice.lnk 2016-03-27 00:52 - 2016-03-27 00:52 - 00000693 _____ C:\Documents and Settings\All Users\Bureau\CCleaner.lnk 2016-03-27 00:52 - 2016-03-27 00:52 - 00000000 ____D C:\Program Files\CCleaner 2016-03-27 00:52 - 2016-03-27 00:52 - 00000000 ____D C:\Documents and Settings\All Users\Menu Démarrer\Programmes\CCleaner 2016-03-27 00:21 - 2016-03-27 00:21 - 00000000 ___HD C:\WINDOWS\PIF 2016-03-26 23:39 - 2016-03-29 15:05 - 00000000 ____D C:\Documents and Settings\Administrateur\Bureau\Anciennes données de Firefox 2016-03-26 21:58 - 2008-04-14 04:33 - 00021504 _____ (Microsoft Corporation) C:\WINDOWS\system32\hidserv.dll ==================== Un mois - Modifiés - fichiers et dossiers ======== (Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.) 2016-03-29 20:47 - 2008-07-12 11:26 - 00000000 ____D C:\Documents and Settings\Administrateur\Local Settings\Temp 2016-03-29 20:41 - 2008-07-12 11:26 - 00000000 ___RD C:\Documents and Settings\Administrateur\Mes documents 2016-03-29 20:00 - 2012-08-12 15:28 - 00001002 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job 2016-03-29 20:00 - 2008-07-12 15:31 - 00000522 _____ C:\WINDOWS\Tasks\Maintenance en 1 clic.job 2016-03-29 19:46 - 2014-04-07 15:21 - 00000240 _____ C:\WINDOWS\Tasks\Notification de fin de service de Microsoft Windows XP - à la connexion.job 2016-03-29 19:46 - 2008-07-12 15:08 - 00004844 _____ C:\WINDOWS\ModemLog_AC97 Soft Data Fax Modem with SmartCP.txt 2016-03-29 19:46 - 2008-07-12 11:26 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT 2016-03-29 18:56 - 2007-12-18 04:04 - 00002206 _____ C:\WINDOWS\system32\wpa.dbl 2016-03-29 16:07 - 2012-04-22 16:45 - 00000284 _____ C:\WINDOWS\Tasks\AppleSoftwareUpdate.job 2016-03-29 16:00 - 2008-07-12 11:26 - 00032324 _____ C:\WINDOWS\SchedLgU.Txt 2016-03-29 14:59 - 2013-11-17 17:51 - 00000000 ____D C:\Program Files\RegSeeker 2016-03-29 14:59 - 2008-07-12 11:26 - 00000000 ____D C:\Documents and Settings\Administrateur\Menu Démarrer\Programmes 2016-03-29 14:59 - 2008-07-12 11:26 - 00000000 ____D C:\Documents and Settings\Administrateur\Bureau 2016-03-29 14:55 - 2012-04-22 15:33 - 00000000 ____D C:\Documents and Settings\Administrateur\Mes documents\Téléchargements 2016-03-29 14:24 - 2008-07-12 11:26 - 00000000 ____D C:\Documents and Settings\Administrateur 2016-03-29 14:11 - 2008-07-12 11:58 - 00000000 ____D C:\WINDOWS\system32\NtmsData 2016-03-29 14:02 - 2008-07-12 11:27 - 00000184 ___SH C:\Documents and Settings\Administrateur\ntuser.ini 2016-03-29 14:01 - 2008-07-12 12:50 - 00000000 ___HD C:\WINDOWS\inf 2016-03-29 14:00 - 2008-07-12 13:54 - 00000000 ___HD C:\Program Files\InstallShield Installation Information 2016-03-29 12:58 - 2014-10-22 16:40 - 00114904 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys 2016-03-29 10:30 - 2012-04-22 16:20 - 00000000 ____D C:\Documents and Settings\Administrateur\Mes documents\Sauvclean 2016-03-29 10:20 - 2008-07-12 11:26 - 00000000 ___RD C:\Documents and Settings\Administrateur\Favoris 2016-03-29 09:54 - 2010-06-05 17:07 - 00000000 ____D C:\Program Files\PopCap Games 2016-03-29 09:54 - 2008-07-12 12:57 - 00000000 ____D C:\Documents and Settings\All Users\Menu Démarrer\Programmes 2016-03-28 21:56 - 2008-09-15 17:36 - 00000000 ____D C:\Documents and Settings\Administrateur\Mes documents\Microsoft Games 2016-03-28 21:51 - 2009-06-30 17:54 - 00000000 ____D C:\Documents and Settings\Administrateur\Mes documents\Mes fichiers reçus 2016-03-28 21:50 - 2008-07-12 11:39 - 00000000 ___RD C:\Documents and Settings\Administrateur\Mes documents\Mes images 2016-03-28 21:00 - 2013-11-17 17:19 - 00000000 ____D C:\AdwCleaner 2016-03-28 20:28 - 2012-04-22 16:24 - 00000000 ____D C:\Documents and Settings\Administrateur\Mes documents\Logiciels télécharger 2016-03-28 01:02 - 2012-08-12 15:28 - 00797376 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerApp.exe 2016-03-28 01:02 - 2012-08-12 15:28 - 00142528 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerCPLApp.cpl 2016-03-28 00:51 - 2008-07-12 12:57 - 00000000 ____D C:\Documents and Settings\All Users\Bureau 2016-03-28 00:23 - 2008-07-12 11:22 - 00000000 ____D C:\Documents and Settings\All Users\Application Data\Apple Computer 2016-03-28 00:16 - 2012-04-22 16:49 - 00054156 ____H C:\WINDOWS\QTFont.qfn 2016-03-28 00:05 - 2008-07-12 11:25 - 00000000 __SHD C:\Documents and Settings\LocalService 2016-03-27 22:39 - 2008-07-12 11:08 - 00000000 ____D C:\WINDOWS\i386 2016-03-27 19:14 - 2008-07-12 11:07 - 00000000 ____D C:\WINDOWS\system32\dllcache 2016-03-27 19:13 - 2008-07-12 11:07 - 00000000 ___HD C:\WINDOWS\$hf_mig$ 2016-03-27 18:27 - 2014-08-26 19:54 - 00000000 ____D C:\Documents and Settings\Administrateur\Application Data\Orange 2016-03-27 18:26 - 2014-08-26 19:57 - 00000000 ____D C:\Documents and Settings\Administrateur\Menu Démarrer\Programmes\Orange 2016-03-27 18:26 - 2014-08-26 19:53 - 00000000 ____D C:\Program Files\Orange 2016-03-27 18:26 - 2008-07-12 11:26 - 00000000 ___RD C:\Documents and Settings\Administrateur\Menu Démarrer\Programmes\Démarrage 2016-03-27 18:25 - 2008-07-12 12:58 - 00000000 ____D C:\Program Files\Fichiers communs 2016-03-27 18:15 - 2008-07-12 11:17 - 00000000 ____D C:\Program Files\Fichiers communs\Nero 2016-03-27 18:10 - 2008-07-12 16:40 - 00000000 ____D C:\Documents and Settings\All Users\Application Data\ma-config.com 2016-03-27 17:29 - 2013-11-17 17:11 - 00000000 ____D C:\Program Files\Mozilla Maintenance Service 2016-03-27 17:29 - 2008-07-12 11:39 - 00000814 _____ C:\Documents and Settings\Administrateur\Menu Démarrer\Programmes\Internet Explorer.lnk 2016-03-27 17:29 - 2008-07-12 11:39 - 00000000 ___RD C:\Documents and Settings\Administrateur\Mes documents\Ma musique 2016-03-27 16:44 - 2008-07-12 12:50 - 00000000 ____D C:\WINDOWS\Help 2016-03-27 12:44 - 2008-07-12 11:26 - 00000000 ___HD C:\Documents and Settings\Administrateur\Voisinage réseau 2016-03-27 09:07 - 2008-07-12 12:58 - 01119046 _____ C:\WINDOWS\system32\PerfStringBackup.INI 2016-03-27 09:07 - 2007-12-18 04:04 - 00510112 _____ C:\WINDOWS\system32\perfh00C.dat 2016-03-27 09:07 - 2007-12-18 04:04 - 00084586 _____ C:\WINDOWS\system32\perfc00C.dat 2016-03-26 22:32 - 2013-08-21 19:30 - 00000000 ____D C:\WINDOWS\system32\MRT 2016-03-26 22:24 - 2007-12-18 04:04 - 141270216 _____ (Microsoft Corporation) C:\WINDOWS\system32\mrt.exe 2016-03-26 21:29 - 2008-07-12 11:25 - 00000000 ____D C:\Documents and Settings\NetworkService\Local Settings\Temp 2016-03-26 20:56 - 2014-04-07 15:21 - 00000234 _____ C:\WINDOWS\Tasks\Notification de fin de service de Microsoft Windows XP -mensuellement.job ==================== Fichiers à la racine de certains dossiers ======= 2008-07-12 13:14 - 2011-08-10 21:29 - 0012288 _____ () C:\Documents and Settings\Administrateur\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini 2011-07-20 15:18 - 2011-08-16 10:24 - 0000012 _____ () C:\Documents and Settings\All Users\Application Data\ReminderNextRun Certains fichiers dans TEMP: ==================== C:\Documents and Settings\Administrateur\Local Settings\Temp\{79E16F0A-EC10-4883-8C39-914EFB5C7A2C}-49.0.2623.110_chrome_installer.exe ==================== Bamital & volsnap ================= (Il n'y a pas de correction automatique pour les fichiers qui ne satisfont pas à la vérification.) C:\WINDOWS\explorer.exe => Le fichier est signé numériquement C:\WINDOWS\system32\winlogon.exe => Le fichier est signé numériquement C:\WINDOWS\system32\svchost.exe => Le fichier est signé numériquement C:\WINDOWS\system32\services.exe => Le fichier est signé numériquement C:\WINDOWS\system32\User32.dll => Le fichier est signé numériquement C:\WINDOWS\system32\userinit.exe => Le fichier est signé numériquement C:\WINDOWS\system32\rpcss.dll => Le fichier est signé numériquement C:\WINDOWS\system32\dnsapi.dll => Le fichier est signé numériquement C:\WINDOWS\system32\Drivers\volsnap.sys => Le fichier est signé numériquement ==================== Fin de FRST.txt ============================