Publicité
Publicité
Format du document : text/plain
Prévisualisation
Résultats d'analyse de Farbar Recovery Scan Tool (FRST) (x86) Version: 20-06-2016 01
Exécuté par ANDRE (administrateur) sur PC-DE-ANDRE (22-06-2016 17:59:15)
Exécuté depuis C:\Users\ANDRE\Desktop
Profils chargés: ANDRE (Profils disponibles: ANDRE)
Platform: Microsoft® Windows Vista™ Édition Familiale Basique Service Pack 2 (X86) Langue: Français (France)
Internet Explorer Version 8 (Navigateur par défaut: FF)
Mode d'amorçage: Normal
Tutoriel pour Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processus (Avec liste blanche) =================
(Si un élément est inclus dans le fichier fixlist.txt, le processus sera arrêté. Le fichier ne sera pas déplacé.)
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
(Microsoft Corporation) C:\Windows\System32\SLsvc.exe
(ArcSoft Inc.) C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
() C:\Program Files\Adobe\Photoshop Elements 6.0\PhotoshopElementsFileAgent.exe
(Nero AG) C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
(Prolific Technology Inc.) C:\Windows\System32\IoctlSvc.exe
(SupportSoft, Inc.) C:\Program Files\Belgacom\bin\sprtsvc.exe
(X10) C:\Program Files\Common Files\X10\Common\X10nets.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\NisSrv.exe
(Synaptics, Inc.) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Realtek Semiconductor) C:\Windows\RtHDVCpl.exe
(CyberLink Corp.) C:\Program Files\CyberLink\PlayMovie\PMVService.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(CyberLink) C:\Program Files\CyberLink\PowerCinema\Kernel\CLML\CLMLSvc.exe
(SupportSoft, Inc.) C:\Program Files\Belgacom\bin\sprtcmd.exe
(ArcSoft Inc.) C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe
(Adobe Systems Incorporated) C:\Program Files\Adobe\Reader 9.0\Reader\reader_sl.exe
(Microsoft Corporation) C:\Program Files\Windows Media Player\wmpnscfg.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
(Microsoft Corporation) C:\Windows\System32\wbem\unsecapp.exe
(OpenOffice.org) C:\Program Files\OpenOffice.org 3\program\soffice.exe
(OpenOffice.org) C:\Program Files\OpenOffice.org 3\program\soffice.bin
(ArcSoft Inc.) C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ArcCon.ac
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner.exe
(Microsoft Corporation) C:\Windows\System32\conime.exe
==================== Registre (Avec liste blanche) ===========================
(Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé. Le fichier ne sera pas déplacé.)
HKLM\...\Run: [Windows Defender] => C:\Program Files\Windows Defender\MSASCui.exe [1008184 2008-01-21] (Microsoft Corporation)
HKLM\...\Run: [toolbar_eula_launcher] => C:\Program Files\Packard Bell\GOOGLE_EULA\EULALauncher.exe [28672 2007-02-20] ( )
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [894512 2007-06-08] (Synaptics, Inc.)
HKLM\...\Run: [Skytel] => C:\Windows\Skytel.exe [1833504 2008-08-04] (Realtek Semiconductor Corp.)
HKLM\...\Run: [RtHDVCpl] => C:\Windows\RtHDVCpl.exe [6265376 2008-08-04] (Realtek Semiconductor)
HKLM\...\Run: [PlayMovie] => C:\Program Files\CyberLink\PlayMovie\PMVService.exe [172032 2008-03-31] (CyberLink Corp.)
HKLM\...\Run: [MSC] => c:\Program Files\Microsoft Security Client\msseces.exe [981688 2015-04-30] (Microsoft Corporation)
HKLM\...\Run: [CLMLServer] => C:\Program Files\CyberLink\PowerCinema\Kernel\CLML\CLMLSvc.exe [196608 2008-04-11] (CyberLink)
HKLM\...\Run: [Belgacom] => C:\Program Files\Belgacom\bin\sprtcmd.exe [202016 2008-05-29] (SupportSoft, Inc.)
HKLM\...\Run: [ArcSoft Connection Service] => C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe [207424 2010-10-27] (ArcSoft Inc.)
HKLM\...\Run: [Adobe Reader Speed Launcher] => C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [41056 2013-05-08] (Adobe Systems Incorporated)
HKU\S-1-5-21-3767530475-1508882058-3786705566-1000\...\Run: [WMPNSCFG] => C:\Program Files\Windows Media Player\WMPNSCFG.exe [202240 2008-01-21] (Microsoft Corporation)
HKU\S-1-5-21-3767530475-1508882058-3786705566-1000\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner.exe [6638296 2016-02-12] (Piriform Ltd)
HKU\S-1-5-21-3767530475-1508882058-3786705566-1000\...\MountPoints2: {d5357398-9547-11de-8ee1-0017c443b3a6} - E:\EmDesk.exe
ShellIconOverlayIdentifiers: [ GoogleDriveBlacklisted] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files\Google\Drive\googledrivesync32.dll [2016-05-17] (Google)
ShellIconOverlayIdentifiers: [ GoogleDriveSynced] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files\Google\Drive\googledrivesync32.dll [2016-05-17] (Google)
ShellIconOverlayIdentifiers: [ GoogleDriveSyncing] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files\Google\Drive\googledrivesync32.dll [2016-05-17] (Google)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => Pas de fichier
Startup: C:\Users\ANDRE\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2007 - Capture d'écran et lancement.lnk [2011-10-24]
ShortcutTarget: OneNote 2007 - Capture d'écran et lancement.lnk -> C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE (Microsoft Corporation)
Startup: C:\Users\ANDRE\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2010 - Capture d’écran et lancement.lnk [2014-12-09]
ShortcutTarget: OneNote 2010 - Capture d’écran et lancement.lnk -> C:\Program Files\Microsoft Office\Office14\ONENOTEM.EXE (Microsoft Corporation)
Startup: C:\Users\ANDRE\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.2.lnk [2010-11-28]
ShortcutTarget: OpenOffice.org 3.2.lnk -> C:\Program Files\OpenOffice.org 3\program\quickstart.exe ()
Startup: C:\Users\ANDRE\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Sommaire de OneNote.onetoc2 [2014-11-28] ()
==================== Internet (Avec liste blanche) ====================
(Si un élément est inclus dans le fichier fixlist.txt, s'il s'agit d'un élément du Registre, il sera supprimé ou restauré à la valeur par défaut.)
Tcpip\Parameters: [DhcpNameServer] 62.197.111.140 109.88.203.3
Tcpip\..\Interfaces\{9F3E69EB-0CEB-4BBA-A15B-021CAD48B50E}: [DhcpNameServer] 62.197.111.140 109.88.203.3
Internet Explorer:
==================
HKU\S-1-5-21-3767530475-1508882058-3786705566-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.be/
HKU\S-1-5-21-3767530475-1508882058-3786705566-1000\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://go.packardbell.com/?id=9489
HKU\S-1-5-21-3767530475-1508882058-3786705566-1000\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxp://www.google.com/ie
SearchScopes: HKLM -> DefaultScope {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage}
SearchScopes: HKLM -> {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL = hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7ACAW
SearchScopes: HKLM -> {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage}
SearchScopes: HKU\S-1-5-21-3767530475-1508882058-3786705566-1000 -> {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL = hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7ACAW
BHO: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2013-05-08] (Adobe Systems Incorporated)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO: Pas de nom -> {CA6319C0-31B7-401E-A518-A07C3DB8F777} -> Pas de fichier
Toolbar: HKU\S-1-5-21-3767530475-1508882058-3786705566-1000 -> Pas de nom - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - Pas de fichier
Handler: ms-itss - {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Program Files\Common Files\Microsoft Shared\Information Retrieval\msitss.dll [2007-06-08] (Microsoft Corporation)
FireFox:
========
FF ProfilePath: C:\Users\ANDRE\AppData\Roaming\Mozilla\Firefox\Profiles\hz9cwvhu.default
FF DefaultSearchEngine: Google (avast)
FF DefaultSearchUrl: hxxps://www.google.com/search/?trackid=sp-006
FF SearchEngineOrder.1: Google (avast)
FF SelectedSearchEngine: Google (avast)
FF Homepage: hxxps://www.google.com/?trackid=sp-006
FF Keyword.URL: hxxps://www.google.com/search/?trackid=sp-006
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin: @microsoft.com/WPF,version=3.5 -> c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll [2008-07-29] (Microsoft Corporation)
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.30.3\npGoogleUpdate3.dll [2016-06-19] (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.30.3\npGoogleUpdate3.dll [2016-06-19] (Google Inc.)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll [2013-05-08] (Adobe Systems Inc.)
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF Extension: Microsoft .NET Framework Assistant - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension [2015-02-14] [non signé]
Chrome:
=======
CHR HomePage: Default -> hxxp://www.msn.com/?pc=AV01
CHR StartupUrls: Default -> "hxxp://www.msn.com/?pc=AV01"
CHR Plugin: (Shockwave Flash) - C:\Program Files\Google\Chrome\Application\47.0.2526.73\gcswf32.dll => Pas de fichier
CHR Plugin: (Adobe Acrobat) - C:\Program Files\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll (Adobe Systems Inc.)
CHR Plugin: (Native Client) - C:\Program Files\Google\Chrome\Application\47.0.2526.73\ppGoogleNaClPluginChrome.dll => Pas de fichier
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files\Google\Chrome\Application\47.0.2526.73\pdf.dll => Pas de fichier
CHR Plugin: (Google Earth Plugin) - C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll => Pas de fichier
CHR Plugin: (Google Update) - C:\Program Files\Google\Update\1.3.21.79\npGoogleUpdate3.dll => Pas de fichier
CHR Plugin: (Windows Presentation Foundation) - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
CHR Profile: C:\Users\ANDRE\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (YouTube) - C:\Users\ANDRE\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-12-13]
CHR Extension: (Recherche Google) - C:\Users\ANDRE\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-12-13]
CHR Extension: (Google Wallet) - C:\Users\ANDRE\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-12-13]
CHR Extension: (Gmail) - C:\Users\ANDRE\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-12-13]
==================== Services (Avec liste blanche) ========================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
R2 ACDaemon; C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe [113152 2010-03-18] (ArcSoft Inc.)
R2 AdobeActiveFileMonitor6.0; C:\Program Files\Adobe\Photoshop Elements 6.0\PhotoshopElementsFileAgent.exe [124832 2007-09-11] ()
S3 FLEXnet Licensing Service; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [647680 2008-05-22] (Macrovision Europe Ltd.) [Fichier non signé]
R2 MsMpSvc; c:\Program Files\Microsoft Security Client\MsMpEng.exe [22216 2015-04-30] (Microsoft Corporation)
R3 NisSrv; c:\Program Files\Microsoft Security Client\NisSrv.exe [284504 2015-04-30] (Microsoft Corporation)
R2 PLFlash DeviceIoControl Service; C:\Windows\system32\IoctlSvc.exe [81920 2006-12-19] (Prolific Technology Inc.) [Fichier non signé]
R2 sprtsvc_belgacom; C:\Program Files\Belgacom\bin\sprtsvc.exe [202016 2008-05-29] (SupportSoft, Inc.)
S2 SupportSoft RemoteAssist; C:\Program Files\Common Files\Supportsoft\bin\ssrc.exe [382320 2008-05-29] (SupportSoft, Inc.)
S2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [272952 2008-01-21] (Microsoft Corporation)
R2 x10nets; C:\Program Files\Common Files\X10\Common\X10nets.exe [20480 2001-11-12] (X10) [Fichier non signé]
===================== Pilotes (Avec liste blanche) ==========================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
R3 Afc; C:\Windows\System32\drivers\Afc.sys [18688 2006-11-10] (Arcsoft, Inc.)
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [245096 2015-03-04] (Microsoft Corporation)
S3 NuidFltr; C:\Windows\System32\DRIVERS\NuidFltr.sys [14736 2009-05-09] (Microsoft Corporation)
R3 RTL8187B; C:\Windows\System32\DRIVERS\RTL8187B.sys [288768 2007-11-08] (Realtek Semiconductor Corporation )
R3 X10Hid; C:\Windows\System32\Drivers\x10hid.sys [13976 2006-11-17] (X10 Wireless Technology, Inc.)
R2 {49DE1C67-83F8-4102-99E0-C16DCC7EEC796}; C:\Program Files\CyberLink\PlayMovie\000.fcl [41456 2008-03-31] (Cyberlink Corp.)
S3 IpInIp; system32\DRIVERS\ipinip.sys [X]
S3 NwlnkFlt; system32\DRIVERS\nwlnkflt.sys [X]
S3 NwlnkFwd; system32\DRIVERS\nwlnkfwd.sys [X]
==================== NetSvcs (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
==================== Un mois - Créés - fichiers et dossiers ========
(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)
2016-06-22 17:59 - 2016-06-22 18:00 - 00014819 _____ C:\Users\ANDRE\Desktop\FRST.txt
2016-06-22 17:58 - 2016-06-22 17:59 - 00000000 ____D C:\FRST
2016-06-22 17:58 - 2016-06-22 17:57 - 01738240 _____ (Farbar) C:\Users\ANDRE\Desktop\FRST.exe
2016-06-21 18:15 - 2016-06-21 18:12 - 03703360 _____ C:\Users\ANDRE\Desktop\adwcleaner_5.200.exe
2016-06-21 17:59 - 2016-06-21 18:00 - 00000000 ____D C:\Program Files\ZHPFix
2016-06-21 17:59 - 2016-06-21 17:59 - 00001597 _____ C:\Users\Public\Desktop\ZHPFix.lnk
2016-06-21 17:59 - 2016-06-21 17:59 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ZHP
2016-06-21 17:58 - 2016-06-21 17:58 - 03521617 _____ (Nicolas Coolman ) C:\Users\ANDRE\Desktop\ZHPFix.exe
2016-06-19 20:53 - 2016-06-20 19:20 - 00077168 _____ C:\Users\ANDRE\Desktop\ZHPDiag.txt
2016-06-19 20:32 - 2016-06-19 20:32 - 02219008 _____ C:\Users\ANDRE\ZHPDiag3.exe
2016-06-19 20:32 - 2016-06-19 20:32 - 00000729 _____ C:\Users\ANDRE\Desktop\ZHPDiag.lnk
2016-06-19 20:22 - 2016-06-19 20:20 - 02216960 _____ C:\Users\ANDRE\Desktop\ZHPDiag3.exe
2016-06-19 19:37 - 2016-06-19 20:24 - 00060262 _____ C:\Windows\ntbtlog.txt
2016-06-19 19:36 - 2016-06-22 17:54 - 00001052 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore1d1ca51251cd7c0.job
2016-06-19 19:22 - 2016-06-19 19:22 - 06748160 _____ C:\Program Files\GUT6FB4.tmp
2016-06-19 19:22 - 2016-06-19 19:22 - 00000000 ____D C:\Program Files\GUM6F74.tmp
2016-06-16 19:56 - 2016-06-16 19:56 - 00000000 ____D C:\Program Files\WhoCrashed
==================== Un mois - Modifiés - fichiers et dossiers ========
(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)
2016-06-22 18:00 - 2008-11-29 19:38 - 00000340 _____ C:\Windows\Tasks\Recovery DVD Creator-ANDRE.job
2016-06-22 18:00 - 2008-11-29 19:38 - 00000340 _____ C:\Windows\Tasks\Extension de garantie-ANDRE.job
2016-06-22 17:54 - 2015-07-27 18:09 - 00001052 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore1d0c886a906ac53.job
2016-06-22 17:54 - 2010-02-01 19:00 - 00001052 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2016-06-22 17:53 - 2006-11-02 14:58 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2016-06-22 17:53 - 2006-11-02 14:45 - 00003216 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
2016-06-22 17:53 - 2006-11-02 14:45 - 00003216 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
2016-06-22 17:50 - 2006-11-02 14:58 - 00032596 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2016-06-22 17:48 - 2016-04-27 20:38 - 00000000 ____D C:\AdwCleaner
2016-06-22 17:48 - 2010-08-26 12:53 - 00000432 ____H C:\Windows\Tasks\User_Feed_Synchronization-{B3C62503-5232-4EB9-AF98-F29FFC9F8CF2}.job
2016-06-21 22:26 - 2012-04-17 13:35 - 00001002 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2016-06-21 22:26 - 2010-02-01 19:00 - 00001056 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2016-06-21 18:15 - 2008-05-22 17:52 - 00722296 _____ C:\Windows\system32\perfh00C.dat
2016-06-21 18:15 - 2008-05-22 17:52 - 00146098 _____ C:\Windows\system32\perfc00C.dat
2016-06-21 18:15 - 2006-11-02 13:18 - 00000000 ____D C:\Windows\inf
2016-06-21 18:15 - 2006-11-02 12:33 - 01615124 _____ C:\Windows\system32\PerfStringBackup.INI
2016-06-21 18:10 - 2016-04-27 20:07 - 00000000 ____D C:\Users\ANDRE\AppData\Roaming\ZHP
2016-06-21 18:07 - 2011-12-04 12:09 - 00001944 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-06-21 18:07 - 2011-12-04 12:09 - 00001932 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2016-06-20 22:50 - 2008-05-22 08:35 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Packard Bell - Internet
2016-06-20 22:49 - 2008-05-22 09:08 - 00000000 ____D C:\ProgramData\Skype
2016-06-20 20:09 - 2012-04-17 13:35 - 00796352 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
2016-06-20 20:09 - 2012-04-17 13:35 - 00142528 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl
2016-06-20 20:04 - 2013-06-18 16:20 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Drive
2016-06-20 18:54 - 2015-05-30 12:08 - 00000000 ____D C:\Program Files\avast software
2016-06-20 18:54 - 2013-11-24 11:46 - 00000000 ____D C:\ProgramData\AVAST Software
2016-06-20 18:42 - 2008-05-22 08:43 - 00000000 ____D C:\Program Files\Google
2016-06-19 20:32 - 2008-11-29 19:30 - 00000000 ____D C:\Users\ANDRE
2016-06-19 20:31 - 2012-09-12 17:24 - 00005972 _____ C:\Users\ANDRE\AppData\Local\d3d9caps.dat
2016-06-19 20:24 - 2009-10-04 16:36 - 00000069 _____ C:\Windows\NeroDigital.ini
2016-06-19 20:24 - 2009-01-18 14:36 - 00021504 _____ C:\Users\ANDRE\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2016-06-19 20:24 - 2008-05-22 08:40 - 00000000 ____D C:\Windows\system32\Macromed
2016-06-19 19:12 - 2012-09-26 13:45 - 00000000 ____D C:\Users\ANDRE\AppData\Roaming\Skype
2016-06-19 19:07 - 2015-03-20 17:25 - 00000000 ____D C:\Users\ANDRE\AppData\Local\Skype
2016-06-16 22:21 - 2008-11-29 19:37 - 00094264 _____ C:\Users\ANDRE\AppData\Local\GDIPFONTCACHEV1.DAT
2016-06-16 21:15 - 2006-11-02 12:22 - 53477376 _____ C:\Windows\system32\config\software_previous
2016-06-16 21:15 - 2006-11-02 12:22 - 50069504 _____ C:\Windows\system32\config\components_previous
2016-06-16 21:15 - 2006-11-02 12:22 - 28573696 _____ C:\Windows\system32\config\system_previous
2016-06-16 21:15 - 2006-11-02 12:22 - 00524288 _____ C:\Windows\system32\config\default_previous
2016-06-16 21:15 - 2006-11-02 12:22 - 00262144 _____ C:\Windows\system32\config\security_previous
2016-06-16 21:15 - 2006-11-02 12:22 - 00262144 _____ C:\Windows\system32\config\sam_previous
2016-06-16 21:14 - 2016-03-06 12:07 - 00000000 ____D C:\Program Files\Mozilla Firefox
2016-06-16 21:14 - 2016-02-28 11:47 - 00000000 ____D C:\Program Files\CCleaner
2016-06-16 21:14 - 2014-10-27 22:50 - 00000000 ____D C:\Program Files\Mozilla Maintenance Service
2016-06-16 21:14 - 2013-11-24 12:57 - 00000000 ____D C:\Program Files\Microsoft Security Client
2016-06-16 21:14 - 2008-12-06 19:13 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Belgacom
2016-06-16 21:14 - 2008-12-06 19:12 - 00000000 ____D C:\Program Files\Belgacom
2016-06-16 21:14 - 2008-12-06 18:39 - 00000000 ____D C:\Users\ANDRE\AppData\Local\SupportSoft
2016-06-16 21:14 - 2008-05-22 08:42 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Packard Bell - Divertissement & Loisirs
2016-06-16 21:14 - 2008-05-22 08:37 - 00000000 ____D C:\Program Files\Common Files\Adobe
2016-06-16 21:14 - 2008-05-22 08:37 - 00000000 ____D C:\Program Files\Adobe
2016-06-16 21:14 - 2006-11-02 14:35 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2016-06-16 21:14 - 2006-11-02 13:18 - 00000000 ____D C:\Windows\system32\spool
2016-06-16 21:14 - 2006-11-02 13:18 - 00000000 ____D C:\Windows\system32\Msdtc
2016-06-16 21:14 - 2006-11-02 13:18 - 00000000 ____D C:\Windows\rescache
2016-06-16 21:14 - 2006-11-02 13:18 - 00000000 ____D C:\Windows\registration
2016-06-16 21:14 - 2006-11-02 13:18 - 00000000 ____D C:\Program Files\Common Files\Services
2016-06-16 21:13 - 2008-12-04 20:20 - 00000000 ____D C:\Users\ANDRE\AppData\Roaming\Adobe
2016-06-16 21:13 - 2008-05-22 08:37 - 00000000 ____D C:\ProgramData\Adobe
2016-06-16 21:13 - 2006-11-02 13:18 - 00000000 ____D C:\Program Files\Common Files\System
==================== Fichiers à la racine de certains dossiers =======
2016-06-19 19:22 - 2016-06-19 19:22 - 6748160 _____ () C:\Program Files\GUT6FB4.tmp
2009-08-26 17:47 - 2014-01-08 17:38 - 0003666 _____ () C:\Users\ANDRE\AppData\Roaming\wklnhst.dat
2012-09-12 17:24 - 2016-06-19 20:31 - 0005972 _____ () C:\Users\ANDRE\AppData\Local\d3d9caps.dat
2009-01-18 14:36 - 2016-06-19 20:24 - 0021504 _____ () C:\Users\ANDRE\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
Fichiers à déplacer ou supprimer:
====================
C:\Users\ANDRE\ZHPDiag3.exe
C:\Users\Public\active.dat
C:\Users\Public\AglSwf.dll
C:\Users\Public\AlbumBase.dll
C:\Users\Public\AMVSdll.dll
C:\Users\Public\ArcExif.dll
C:\Users\Public\ArcMDM.dll
C:\Users\Public\ArcSurface.dll
C:\Users\Public\ArcTitle.dll
C:\Users\Public\ArcTitleEffect.dll
C:\Users\Public\ArcWpdMgr.dll
C:\Users\Public\ArcWpdMgrXp.dll
C:\Users\Public\CheckUpdate.dll
C:\Users\Public\CheckUpdate.exe
C:\Users\Public\dtype32.dll
C:\Users\Public\dtype32x.dll
C:\Users\Public\DVDContentRes.dll
C:\Users\Public\EffectMgr.dll
C:\Users\Public\ExportMgr.dll
C:\Users\Public\Filefpx.dll
C:\Users\Public\fpxlib.dll
C:\Users\Public\G726DLL.dll
C:\Users\Public\gdiplus.dll
C:\Users\Public\guid.dat
C:\Users\Public\ImgCtrl.dll
C:\Users\Public\ImportMgr.dll
C:\Users\Public\JPEGLIB.DLL
C:\Users\Public\kgl.dll
C:\Users\Public\kglu.dll
C:\Users\Public\MagAppFramework.dll
C:\Users\Public\MagCore.dll
C:\Users\Public\magengin.dll
C:\Users\Public\magFileIO.dll
C:\Users\Public\magFpxio.dll
C:\Users\Public\MagicFrame.dll
C:\Users\Public\MagPCMac.dll
C:\Users\Public\magPltfm.dll
C:\Users\Public\magTools.dll
C:\Users\Public\MagUIEngine.dll
C:\Users\Public\MagUIImage.dll
C:\Users\Public\MagUIInter.dll
C:\Users\Public\MediaClubSetting.dll
C:\Users\Public\MediaImpression.exe
C:\Users\Public\MediaImpressionRes.dll
C:\Users\Public\MediaImpressionUpdate.exe
C:\Users\Public\MediaPlayer.exe
C:\Users\Public\MFC42LU.DLL
C:\Users\Public\mfc42u.dll
C:\Users\Public\MIArcCon.dll
C:\Users\Public\MIDownload.exe
C:\Users\Public\MIMenu.dll
C:\Users\Public\MP3Writer.DLL
C:\Users\Public\MsgDll.dll
C:\Users\Public\MSLUIRT.dll
C:\Users\Public\MSLUP60.dll
C:\Users\Public\MSLURT.dll
C:\Users\Public\msvcp60.dll
C:\Users\Public\msvcp71.dll
C:\Users\Public\msvcr71.dll
C:\Users\Public\mvideo.dll
C:\Users\Public\Pcdlib32.dll
C:\Users\Public\PEVector.dll
C:\Users\Public\PhotoViewer.exe
C:\Users\Public\PICSDK.dll
C:\Users\Public\PICSDK3.dll
C:\Users\Public\PlayerMgr.dll
C:\Users\Public\RawEngine.dll
C:\Users\Public\RctBrowser.dll
C:\Users\Public\RctXMLBase.dll
C:\Users\Public\Res_Dll.dll
C:\Users\Public\Res_SD.dll
C:\Users\Public\SaveAndShare.dll
C:\Users\Public\ScreenSaverDll.dll
C:\Users\Public\SettingDecryption.dll
C:\Users\Public\ShadowWndDll.dll
C:\Users\Public\SlideShowPlayer.exe
C:\Users\Public\TEAspect.dll
C:\Users\Public\TECharEngine.dll
C:\Users\Public\TETextEngine.dll
C:\Users\Public\TETransUtility.dll
C:\Users\Public\ThemeMgr.dll
C:\Users\Public\ToolsCtrl.dll
C:\Users\Public\TransitionMgr.dll
C:\Users\Public\uafc.dll
C:\Users\Public\uafcrc.dll
C:\Users\Public\uAlignSplit.dll
C:\Users\Public\uAmc2Rct.dll
C:\Users\Public\uArcPrintManager.dll
C:\Users\Public\uASFWriter.dll
C:\Users\Public\uASF_SDK.dll
C:\Users\Public\uaudioplyDll.dll
C:\Users\Public\uBasicDVD.dll
C:\Users\Public\uCaptureWDM.dll
C:\Users\Public\uDiscapi.dll
C:\Users\Public\uDiscClub.dll
C:\Users\Public\uDvdIfo.dll
C:\Users\Public\uDVDMinusVR.dll
C:\Users\Public\uDVDPlusVR.dll
C:\Users\Public\uDVRMSAttr.dll
C:\Users\Public\uDVRMSSave.dll
C:\Users\Public\uDXPubTool.dll
C:\Users\Public\uEXIF.dll
C:\Users\Public\uEzDll.dll
C:\Users\Public\uFile2Frame.dll
C:\Users\Public\uMediaClub.dll
C:\Users\Public\uMediaEVR.dll
C:\Users\Public\uMediaExport.dll
C:\Users\Public\uMediaImport.dll
C:\Users\Public\uMediaInfo.dll
C:\Users\Public\umpegapi.dll
C:\Users\Public\Umpegcheck.dll
C:\Users\Public\uMyExtrasCtrl.dll
C:\Users\Public\unicows.dll
C:\Users\Public\uPI6CommonDll.dll
C:\Users\Public\uPlusVRImp.dll
C:\Users\Public\uRTRIfo.dll
C:\Users\Public\USBStorageManager.dll
C:\Users\Public\uVDibTool.dll
C:\Users\Public\uvobapi.dll
C:\Users\Public\uWMFDll2.dll
C:\Users\Public\uWMVDLL.dll
C:\Users\Public\vedArtistTextMgr.dll
C:\Users\Public\vedArtistTextProducer.dll
C:\Users\Public\vedFramework.dll
C:\Users\Public\vedGrabber.dll
C:\Users\Public\vedLocalization.dll
C:\Users\Public\vedMediaInfo.dll
C:\Users\Public\vedNavigator.dll
C:\Users\Public\WMCDDBLib.dll
C:\Users\Public\WMGenProfileLib.dll
C:\Users\Public\X3FSDK.dll
C:\Users\Public\XMLWrapper.dll
C:\Users\Public\YouTubeAgent.dll
Certains fichiers dans TEMP:
====================
C:\Users\ANDRE\AppData\Local\Temp\libeay32.dll
C:\Users\ANDRE\AppData\Local\Temp\msvcr120.dll
C:\Users\ANDRE\AppData\Local\Temp\sqlite3.dll
==================== Bamital & volsnap =================
(Il n'y a pas de correction automatique pour les fichiers qui ne satisfont pas à la vérification.)
C:\Windows\explorer.exe => Le fichier est signé numériquement
C:\Windows\system32\winlogon.exe => Le fichier est signé numériquement
C:\Windows\system32\wininit.exe => Le fichier est signé numériquement
C:\Windows\system32\svchost.exe => Le fichier est signé numériquement
C:\Windows\system32\services.exe => Le fichier est signé numériquement
C:\Windows\system32\User32.dll => Le fichier est signé numériquement
C:\Windows\system32\userinit.exe => Le fichier est signé numériquement
C:\Windows\system32\rpcss.dll => Le fichier est signé numériquement
C:\Windows\system32\dnsapi.dll => Le fichier est signé numériquement
C:\Windows\system32\Drivers\volsnap.sys => Le fichier est signé numériquement
LastRegBack: 2016-06-22 17:59
==================== Fin de FRST.txt ============================
Exécuté par ANDRE (administrateur) sur PC-DE-ANDRE (22-06-2016 17:59:15)
Exécuté depuis C:\Users\ANDRE\Desktop
Profils chargés: ANDRE (Profils disponibles: ANDRE)
Platform: Microsoft® Windows Vista™ Édition Familiale Basique Service Pack 2 (X86) Langue: Français (France)
Internet Explorer Version 8 (Navigateur par défaut: FF)
Mode d'amorçage: Normal
Tutoriel pour Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processus (Avec liste blanche) =================
(Si un élément est inclus dans le fichier fixlist.txt, le processus sera arrêté. Le fichier ne sera pas déplacé.)
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
(Microsoft Corporation) C:\Windows\System32\SLsvc.exe
(ArcSoft Inc.) C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
() C:\Program Files\Adobe\Photoshop Elements 6.0\PhotoshopElementsFileAgent.exe
(Nero AG) C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
(Prolific Technology Inc.) C:\Windows\System32\IoctlSvc.exe
(SupportSoft, Inc.) C:\Program Files\Belgacom\bin\sprtsvc.exe
(X10) C:\Program Files\Common Files\X10\Common\X10nets.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\NisSrv.exe
(Synaptics, Inc.) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Realtek Semiconductor) C:\Windows\RtHDVCpl.exe
(CyberLink Corp.) C:\Program Files\CyberLink\PlayMovie\PMVService.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(CyberLink) C:\Program Files\CyberLink\PowerCinema\Kernel\CLML\CLMLSvc.exe
(SupportSoft, Inc.) C:\Program Files\Belgacom\bin\sprtcmd.exe
(ArcSoft Inc.) C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe
(Adobe Systems Incorporated) C:\Program Files\Adobe\Reader 9.0\Reader\reader_sl.exe
(Microsoft Corporation) C:\Program Files\Windows Media Player\wmpnscfg.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
(Microsoft Corporation) C:\Windows\System32\wbem\unsecapp.exe
(OpenOffice.org) C:\Program Files\OpenOffice.org 3\program\soffice.exe
(OpenOffice.org) C:\Program Files\OpenOffice.org 3\program\soffice.bin
(ArcSoft Inc.) C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ArcCon.ac
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner.exe
(Microsoft Corporation) C:\Windows\System32\conime.exe
==================== Registre (Avec liste blanche) ===========================
(Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé. Le fichier ne sera pas déplacé.)
HKLM\...\Run: [Windows Defender] => C:\Program Files\Windows Defender\MSASCui.exe [1008184 2008-01-21] (Microsoft Corporation)
HKLM\...\Run: [toolbar_eula_launcher] => C:\Program Files\Packard Bell\GOOGLE_EULA\EULALauncher.exe [28672 2007-02-20] ( )
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [894512 2007-06-08] (Synaptics, Inc.)
HKLM\...\Run: [Skytel] => C:\Windows\Skytel.exe [1833504 2008-08-04] (Realtek Semiconductor Corp.)
HKLM\...\Run: [RtHDVCpl] => C:\Windows\RtHDVCpl.exe [6265376 2008-08-04] (Realtek Semiconductor)
HKLM\...\Run: [PlayMovie] => C:\Program Files\CyberLink\PlayMovie\PMVService.exe [172032 2008-03-31] (CyberLink Corp.)
HKLM\...\Run: [MSC] => c:\Program Files\Microsoft Security Client\msseces.exe [981688 2015-04-30] (Microsoft Corporation)
HKLM\...\Run: [CLMLServer] => C:\Program Files\CyberLink\PowerCinema\Kernel\CLML\CLMLSvc.exe [196608 2008-04-11] (CyberLink)
HKLM\...\Run: [Belgacom] => C:\Program Files\Belgacom\bin\sprtcmd.exe [202016 2008-05-29] (SupportSoft, Inc.)
HKLM\...\Run: [ArcSoft Connection Service] => C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe [207424 2010-10-27] (ArcSoft Inc.)
HKLM\...\Run: [Adobe Reader Speed Launcher] => C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [41056 2013-05-08] (Adobe Systems Incorporated)
HKU\S-1-5-21-3767530475-1508882058-3786705566-1000\...\Run: [WMPNSCFG] => C:\Program Files\Windows Media Player\WMPNSCFG.exe [202240 2008-01-21] (Microsoft Corporation)
HKU\S-1-5-21-3767530475-1508882058-3786705566-1000\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner.exe [6638296 2016-02-12] (Piriform Ltd)
HKU\S-1-5-21-3767530475-1508882058-3786705566-1000\...\MountPoints2: {d5357398-9547-11de-8ee1-0017c443b3a6} - E:\EmDesk.exe
ShellIconOverlayIdentifiers: [ GoogleDriveBlacklisted] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files\Google\Drive\googledrivesync32.dll [2016-05-17] (Google)
ShellIconOverlayIdentifiers: [ GoogleDriveSynced] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files\Google\Drive\googledrivesync32.dll [2016-05-17] (Google)
ShellIconOverlayIdentifiers: [ GoogleDriveSyncing] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files\Google\Drive\googledrivesync32.dll [2016-05-17] (Google)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => Pas de fichier
Startup: C:\Users\ANDRE\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2007 - Capture d'écran et lancement.lnk [2011-10-24]
ShortcutTarget: OneNote 2007 - Capture d'écran et lancement.lnk -> C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE (Microsoft Corporation)
Startup: C:\Users\ANDRE\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2010 - Capture d’écran et lancement.lnk [2014-12-09]
ShortcutTarget: OneNote 2010 - Capture d’écran et lancement.lnk -> C:\Program Files\Microsoft Office\Office14\ONENOTEM.EXE (Microsoft Corporation)
Startup: C:\Users\ANDRE\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.2.lnk [2010-11-28]
ShortcutTarget: OpenOffice.org 3.2.lnk -> C:\Program Files\OpenOffice.org 3\program\quickstart.exe ()
Startup: C:\Users\ANDRE\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Sommaire de OneNote.onetoc2 [2014-11-28] ()
==================== Internet (Avec liste blanche) ====================
(Si un élément est inclus dans le fichier fixlist.txt, s'il s'agit d'un élément du Registre, il sera supprimé ou restauré à la valeur par défaut.)
Tcpip\Parameters: [DhcpNameServer] 62.197.111.140 109.88.203.3
Tcpip\..\Interfaces\{9F3E69EB-0CEB-4BBA-A15B-021CAD48B50E}: [DhcpNameServer] 62.197.111.140 109.88.203.3
Internet Explorer:
==================
HKU\S-1-5-21-3767530475-1508882058-3786705566-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.be/
HKU\S-1-5-21-3767530475-1508882058-3786705566-1000\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://go.packardbell.com/?id=9489
HKU\S-1-5-21-3767530475-1508882058-3786705566-1000\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxp://www.google.com/ie
SearchScopes: HKLM -> DefaultScope {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage}
SearchScopes: HKLM -> {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL = hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7ACAW
SearchScopes: HKLM -> {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage}
SearchScopes: HKU\S-1-5-21-3767530475-1508882058-3786705566-1000 -> {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL = hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7ACAW
BHO: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2013-05-08] (Adobe Systems Incorporated)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO: Pas de nom -> {CA6319C0-31B7-401E-A518-A07C3DB8F777} -> Pas de fichier
Toolbar: HKU\S-1-5-21-3767530475-1508882058-3786705566-1000 -> Pas de nom - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - Pas de fichier
Handler: ms-itss - {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Program Files\Common Files\Microsoft Shared\Information Retrieval\msitss.dll [2007-06-08] (Microsoft Corporation)
FireFox:
========
FF ProfilePath: C:\Users\ANDRE\AppData\Roaming\Mozilla\Firefox\Profiles\hz9cwvhu.default
FF DefaultSearchEngine: Google (avast)
FF DefaultSearchUrl: hxxps://www.google.com/search/?trackid=sp-006
FF SearchEngineOrder.1: Google (avast)
FF SelectedSearchEngine: Google (avast)
FF Homepage: hxxps://www.google.com/?trackid=sp-006
FF Keyword.URL: hxxps://www.google.com/search/?trackid=sp-006
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin: @microsoft.com/WPF,version=3.5 -> c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll [2008-07-29] (Microsoft Corporation)
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.30.3\npGoogleUpdate3.dll [2016-06-19] (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.30.3\npGoogleUpdate3.dll [2016-06-19] (Google Inc.)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll [2013-05-08] (Adobe Systems Inc.)
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF Extension: Microsoft .NET Framework Assistant - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension [2015-02-14] [non signé]
Chrome:
=======
CHR HomePage: Default -> hxxp://www.msn.com/?pc=AV01
CHR StartupUrls: Default -> "hxxp://www.msn.com/?pc=AV01"
CHR Plugin: (Shockwave Flash) - C:\Program Files\Google\Chrome\Application\47.0.2526.73\gcswf32.dll => Pas de fichier
CHR Plugin: (Adobe Acrobat) - C:\Program Files\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll (Adobe Systems Inc.)
CHR Plugin: (Native Client) - C:\Program Files\Google\Chrome\Application\47.0.2526.73\ppGoogleNaClPluginChrome.dll => Pas de fichier
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files\Google\Chrome\Application\47.0.2526.73\pdf.dll => Pas de fichier
CHR Plugin: (Google Earth Plugin) - C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll => Pas de fichier
CHR Plugin: (Google Update) - C:\Program Files\Google\Update\1.3.21.79\npGoogleUpdate3.dll => Pas de fichier
CHR Plugin: (Windows Presentation Foundation) - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
CHR Profile: C:\Users\ANDRE\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (YouTube) - C:\Users\ANDRE\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-12-13]
CHR Extension: (Recherche Google) - C:\Users\ANDRE\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-12-13]
CHR Extension: (Google Wallet) - C:\Users\ANDRE\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-12-13]
CHR Extension: (Gmail) - C:\Users\ANDRE\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-12-13]
==================== Services (Avec liste blanche) ========================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
R2 ACDaemon; C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe [113152 2010-03-18] (ArcSoft Inc.)
R2 AdobeActiveFileMonitor6.0; C:\Program Files\Adobe\Photoshop Elements 6.0\PhotoshopElementsFileAgent.exe [124832 2007-09-11] ()
S3 FLEXnet Licensing Service; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [647680 2008-05-22] (Macrovision Europe Ltd.) [Fichier non signé]
R2 MsMpSvc; c:\Program Files\Microsoft Security Client\MsMpEng.exe [22216 2015-04-30] (Microsoft Corporation)
R3 NisSrv; c:\Program Files\Microsoft Security Client\NisSrv.exe [284504 2015-04-30] (Microsoft Corporation)
R2 PLFlash DeviceIoControl Service; C:\Windows\system32\IoctlSvc.exe [81920 2006-12-19] (Prolific Technology Inc.) [Fichier non signé]
R2 sprtsvc_belgacom; C:\Program Files\Belgacom\bin\sprtsvc.exe [202016 2008-05-29] (SupportSoft, Inc.)
S2 SupportSoft RemoteAssist; C:\Program Files\Common Files\Supportsoft\bin\ssrc.exe [382320 2008-05-29] (SupportSoft, Inc.)
S2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [272952 2008-01-21] (Microsoft Corporation)
R2 x10nets; C:\Program Files\Common Files\X10\Common\X10nets.exe [20480 2001-11-12] (X10) [Fichier non signé]
===================== Pilotes (Avec liste blanche) ==========================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
R3 Afc; C:\Windows\System32\drivers\Afc.sys [18688 2006-11-10] (Arcsoft, Inc.)
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [245096 2015-03-04] (Microsoft Corporation)
S3 NuidFltr; C:\Windows\System32\DRIVERS\NuidFltr.sys [14736 2009-05-09] (Microsoft Corporation)
R3 RTL8187B; C:\Windows\System32\DRIVERS\RTL8187B.sys [288768 2007-11-08] (Realtek Semiconductor Corporation )
R3 X10Hid; C:\Windows\System32\Drivers\x10hid.sys [13976 2006-11-17] (X10 Wireless Technology, Inc.)
R2 {49DE1C67-83F8-4102-99E0-C16DCC7EEC796}; C:\Program Files\CyberLink\PlayMovie\000.fcl [41456 2008-03-31] (Cyberlink Corp.)
S3 IpInIp; system32\DRIVERS\ipinip.sys [X]
S3 NwlnkFlt; system32\DRIVERS\nwlnkflt.sys [X]
S3 NwlnkFwd; system32\DRIVERS\nwlnkfwd.sys [X]
==================== NetSvcs (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
==================== Un mois - Créés - fichiers et dossiers ========
(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)
2016-06-22 17:59 - 2016-06-22 18:00 - 00014819 _____ C:\Users\ANDRE\Desktop\FRST.txt
2016-06-22 17:58 - 2016-06-22 17:59 - 00000000 ____D C:\FRST
2016-06-22 17:58 - 2016-06-22 17:57 - 01738240 _____ (Farbar) C:\Users\ANDRE\Desktop\FRST.exe
2016-06-21 18:15 - 2016-06-21 18:12 - 03703360 _____ C:\Users\ANDRE\Desktop\adwcleaner_5.200.exe
2016-06-21 17:59 - 2016-06-21 18:00 - 00000000 ____D C:\Program Files\ZHPFix
2016-06-21 17:59 - 2016-06-21 17:59 - 00001597 _____ C:\Users\Public\Desktop\ZHPFix.lnk
2016-06-21 17:59 - 2016-06-21 17:59 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ZHP
2016-06-21 17:58 - 2016-06-21 17:58 - 03521617 _____ (Nicolas Coolman ) C:\Users\ANDRE\Desktop\ZHPFix.exe
2016-06-19 20:53 - 2016-06-20 19:20 - 00077168 _____ C:\Users\ANDRE\Desktop\ZHPDiag.txt
2016-06-19 20:32 - 2016-06-19 20:32 - 02219008 _____ C:\Users\ANDRE\ZHPDiag3.exe
2016-06-19 20:32 - 2016-06-19 20:32 - 00000729 _____ C:\Users\ANDRE\Desktop\ZHPDiag.lnk
2016-06-19 20:22 - 2016-06-19 20:20 - 02216960 _____ C:\Users\ANDRE\Desktop\ZHPDiag3.exe
2016-06-19 19:37 - 2016-06-19 20:24 - 00060262 _____ C:\Windows\ntbtlog.txt
2016-06-19 19:36 - 2016-06-22 17:54 - 00001052 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore1d1ca51251cd7c0.job
2016-06-19 19:22 - 2016-06-19 19:22 - 06748160 _____ C:\Program Files\GUT6FB4.tmp
2016-06-19 19:22 - 2016-06-19 19:22 - 00000000 ____D C:\Program Files\GUM6F74.tmp
2016-06-16 19:56 - 2016-06-16 19:56 - 00000000 ____D C:\Program Files\WhoCrashed
==================== Un mois - Modifiés - fichiers et dossiers ========
(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)
2016-06-22 18:00 - 2008-11-29 19:38 - 00000340 _____ C:\Windows\Tasks\Recovery DVD Creator-ANDRE.job
2016-06-22 18:00 - 2008-11-29 19:38 - 00000340 _____ C:\Windows\Tasks\Extension de garantie-ANDRE.job
2016-06-22 17:54 - 2015-07-27 18:09 - 00001052 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore1d0c886a906ac53.job
2016-06-22 17:54 - 2010-02-01 19:00 - 00001052 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2016-06-22 17:53 - 2006-11-02 14:58 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2016-06-22 17:53 - 2006-11-02 14:45 - 00003216 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
2016-06-22 17:53 - 2006-11-02 14:45 - 00003216 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
2016-06-22 17:50 - 2006-11-02 14:58 - 00032596 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2016-06-22 17:48 - 2016-04-27 20:38 - 00000000 ____D C:\AdwCleaner
2016-06-22 17:48 - 2010-08-26 12:53 - 00000432 ____H C:\Windows\Tasks\User_Feed_Synchronization-{B3C62503-5232-4EB9-AF98-F29FFC9F8CF2}.job
2016-06-21 22:26 - 2012-04-17 13:35 - 00001002 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2016-06-21 22:26 - 2010-02-01 19:00 - 00001056 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2016-06-21 18:15 - 2008-05-22 17:52 - 00722296 _____ C:\Windows\system32\perfh00C.dat
2016-06-21 18:15 - 2008-05-22 17:52 - 00146098 _____ C:\Windows\system32\perfc00C.dat
2016-06-21 18:15 - 2006-11-02 13:18 - 00000000 ____D C:\Windows\inf
2016-06-21 18:15 - 2006-11-02 12:33 - 01615124 _____ C:\Windows\system32\PerfStringBackup.INI
2016-06-21 18:10 - 2016-04-27 20:07 - 00000000 ____D C:\Users\ANDRE\AppData\Roaming\ZHP
2016-06-21 18:07 - 2011-12-04 12:09 - 00001944 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-06-21 18:07 - 2011-12-04 12:09 - 00001932 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2016-06-20 22:50 - 2008-05-22 08:35 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Packard Bell - Internet
2016-06-20 22:49 - 2008-05-22 09:08 - 00000000 ____D C:\ProgramData\Skype
2016-06-20 20:09 - 2012-04-17 13:35 - 00796352 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
2016-06-20 20:09 - 2012-04-17 13:35 - 00142528 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl
2016-06-20 20:04 - 2013-06-18 16:20 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Drive
2016-06-20 18:54 - 2015-05-30 12:08 - 00000000 ____D C:\Program Files\avast software
2016-06-20 18:54 - 2013-11-24 11:46 - 00000000 ____D C:\ProgramData\AVAST Software
2016-06-20 18:42 - 2008-05-22 08:43 - 00000000 ____D C:\Program Files\Google
2016-06-19 20:32 - 2008-11-29 19:30 - 00000000 ____D C:\Users\ANDRE
2016-06-19 20:31 - 2012-09-12 17:24 - 00005972 _____ C:\Users\ANDRE\AppData\Local\d3d9caps.dat
2016-06-19 20:24 - 2009-10-04 16:36 - 00000069 _____ C:\Windows\NeroDigital.ini
2016-06-19 20:24 - 2009-01-18 14:36 - 00021504 _____ C:\Users\ANDRE\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2016-06-19 20:24 - 2008-05-22 08:40 - 00000000 ____D C:\Windows\system32\Macromed
2016-06-19 19:12 - 2012-09-26 13:45 - 00000000 ____D C:\Users\ANDRE\AppData\Roaming\Skype
2016-06-19 19:07 - 2015-03-20 17:25 - 00000000 ____D C:\Users\ANDRE\AppData\Local\Skype
2016-06-16 22:21 - 2008-11-29 19:37 - 00094264 _____ C:\Users\ANDRE\AppData\Local\GDIPFONTCACHEV1.DAT
2016-06-16 21:15 - 2006-11-02 12:22 - 53477376 _____ C:\Windows\system32\config\software_previous
2016-06-16 21:15 - 2006-11-02 12:22 - 50069504 _____ C:\Windows\system32\config\components_previous
2016-06-16 21:15 - 2006-11-02 12:22 - 28573696 _____ C:\Windows\system32\config\system_previous
2016-06-16 21:15 - 2006-11-02 12:22 - 00524288 _____ C:\Windows\system32\config\default_previous
2016-06-16 21:15 - 2006-11-02 12:22 - 00262144 _____ C:\Windows\system32\config\security_previous
2016-06-16 21:15 - 2006-11-02 12:22 - 00262144 _____ C:\Windows\system32\config\sam_previous
2016-06-16 21:14 - 2016-03-06 12:07 - 00000000 ____D C:\Program Files\Mozilla Firefox
2016-06-16 21:14 - 2016-02-28 11:47 - 00000000 ____D C:\Program Files\CCleaner
2016-06-16 21:14 - 2014-10-27 22:50 - 00000000 ____D C:\Program Files\Mozilla Maintenance Service
2016-06-16 21:14 - 2013-11-24 12:57 - 00000000 ____D C:\Program Files\Microsoft Security Client
2016-06-16 21:14 - 2008-12-06 19:13 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Belgacom
2016-06-16 21:14 - 2008-12-06 19:12 - 00000000 ____D C:\Program Files\Belgacom
2016-06-16 21:14 - 2008-12-06 18:39 - 00000000 ____D C:\Users\ANDRE\AppData\Local\SupportSoft
2016-06-16 21:14 - 2008-05-22 08:42 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Packard Bell - Divertissement & Loisirs
2016-06-16 21:14 - 2008-05-22 08:37 - 00000000 ____D C:\Program Files\Common Files\Adobe
2016-06-16 21:14 - 2008-05-22 08:37 - 00000000 ____D C:\Program Files\Adobe
2016-06-16 21:14 - 2006-11-02 14:35 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2016-06-16 21:14 - 2006-11-02 13:18 - 00000000 ____D C:\Windows\system32\spool
2016-06-16 21:14 - 2006-11-02 13:18 - 00000000 ____D C:\Windows\system32\Msdtc
2016-06-16 21:14 - 2006-11-02 13:18 - 00000000 ____D C:\Windows\rescache
2016-06-16 21:14 - 2006-11-02 13:18 - 00000000 ____D C:\Windows\registration
2016-06-16 21:14 - 2006-11-02 13:18 - 00000000 ____D C:\Program Files\Common Files\Services
2016-06-16 21:13 - 2008-12-04 20:20 - 00000000 ____D C:\Users\ANDRE\AppData\Roaming\Adobe
2016-06-16 21:13 - 2008-05-22 08:37 - 00000000 ____D C:\ProgramData\Adobe
2016-06-16 21:13 - 2006-11-02 13:18 - 00000000 ____D C:\Program Files\Common Files\System
==================== Fichiers à la racine de certains dossiers =======
2016-06-19 19:22 - 2016-06-19 19:22 - 6748160 _____ () C:\Program Files\GUT6FB4.tmp
2009-08-26 17:47 - 2014-01-08 17:38 - 0003666 _____ () C:\Users\ANDRE\AppData\Roaming\wklnhst.dat
2012-09-12 17:24 - 2016-06-19 20:31 - 0005972 _____ () C:\Users\ANDRE\AppData\Local\d3d9caps.dat
2009-01-18 14:36 - 2016-06-19 20:24 - 0021504 _____ () C:\Users\ANDRE\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
Fichiers à déplacer ou supprimer:
====================
C:\Users\ANDRE\ZHPDiag3.exe
C:\Users\Public\active.dat
C:\Users\Public\AglSwf.dll
C:\Users\Public\AlbumBase.dll
C:\Users\Public\AMVSdll.dll
C:\Users\Public\ArcExif.dll
C:\Users\Public\ArcMDM.dll
C:\Users\Public\ArcSurface.dll
C:\Users\Public\ArcTitle.dll
C:\Users\Public\ArcTitleEffect.dll
C:\Users\Public\ArcWpdMgr.dll
C:\Users\Public\ArcWpdMgrXp.dll
C:\Users\Public\CheckUpdate.dll
C:\Users\Public\CheckUpdate.exe
C:\Users\Public\dtype32.dll
C:\Users\Public\dtype32x.dll
C:\Users\Public\DVDContentRes.dll
C:\Users\Public\EffectMgr.dll
C:\Users\Public\ExportMgr.dll
C:\Users\Public\Filefpx.dll
C:\Users\Public\fpxlib.dll
C:\Users\Public\G726DLL.dll
C:\Users\Public\gdiplus.dll
C:\Users\Public\guid.dat
C:\Users\Public\ImgCtrl.dll
C:\Users\Public\ImportMgr.dll
C:\Users\Public\JPEGLIB.DLL
C:\Users\Public\kgl.dll
C:\Users\Public\kglu.dll
C:\Users\Public\MagAppFramework.dll
C:\Users\Public\MagCore.dll
C:\Users\Public\magengin.dll
C:\Users\Public\magFileIO.dll
C:\Users\Public\magFpxio.dll
C:\Users\Public\MagicFrame.dll
C:\Users\Public\MagPCMac.dll
C:\Users\Public\magPltfm.dll
C:\Users\Public\magTools.dll
C:\Users\Public\MagUIEngine.dll
C:\Users\Public\MagUIImage.dll
C:\Users\Public\MagUIInter.dll
C:\Users\Public\MediaClubSetting.dll
C:\Users\Public\MediaImpression.exe
C:\Users\Public\MediaImpressionRes.dll
C:\Users\Public\MediaImpressionUpdate.exe
C:\Users\Public\MediaPlayer.exe
C:\Users\Public\MFC42LU.DLL
C:\Users\Public\mfc42u.dll
C:\Users\Public\MIArcCon.dll
C:\Users\Public\MIDownload.exe
C:\Users\Public\MIMenu.dll
C:\Users\Public\MP3Writer.DLL
C:\Users\Public\MsgDll.dll
C:\Users\Public\MSLUIRT.dll
C:\Users\Public\MSLUP60.dll
C:\Users\Public\MSLURT.dll
C:\Users\Public\msvcp60.dll
C:\Users\Public\msvcp71.dll
C:\Users\Public\msvcr71.dll
C:\Users\Public\mvideo.dll
C:\Users\Public\Pcdlib32.dll
C:\Users\Public\PEVector.dll
C:\Users\Public\PhotoViewer.exe
C:\Users\Public\PICSDK.dll
C:\Users\Public\PICSDK3.dll
C:\Users\Public\PlayerMgr.dll
C:\Users\Public\RawEngine.dll
C:\Users\Public\RctBrowser.dll
C:\Users\Public\RctXMLBase.dll
C:\Users\Public\Res_Dll.dll
C:\Users\Public\Res_SD.dll
C:\Users\Public\SaveAndShare.dll
C:\Users\Public\ScreenSaverDll.dll
C:\Users\Public\SettingDecryption.dll
C:\Users\Public\ShadowWndDll.dll
C:\Users\Public\SlideShowPlayer.exe
C:\Users\Public\TEAspect.dll
C:\Users\Public\TECharEngine.dll
C:\Users\Public\TETextEngine.dll
C:\Users\Public\TETransUtility.dll
C:\Users\Public\ThemeMgr.dll
C:\Users\Public\ToolsCtrl.dll
C:\Users\Public\TransitionMgr.dll
C:\Users\Public\uafc.dll
C:\Users\Public\uafcrc.dll
C:\Users\Public\uAlignSplit.dll
C:\Users\Public\uAmc2Rct.dll
C:\Users\Public\uArcPrintManager.dll
C:\Users\Public\uASFWriter.dll
C:\Users\Public\uASF_SDK.dll
C:\Users\Public\uaudioplyDll.dll
C:\Users\Public\uBasicDVD.dll
C:\Users\Public\uCaptureWDM.dll
C:\Users\Public\uDiscapi.dll
C:\Users\Public\uDiscClub.dll
C:\Users\Public\uDvdIfo.dll
C:\Users\Public\uDVDMinusVR.dll
C:\Users\Public\uDVDPlusVR.dll
C:\Users\Public\uDVRMSAttr.dll
C:\Users\Public\uDVRMSSave.dll
C:\Users\Public\uDXPubTool.dll
C:\Users\Public\uEXIF.dll
C:\Users\Public\uEzDll.dll
C:\Users\Public\uFile2Frame.dll
C:\Users\Public\uMediaClub.dll
C:\Users\Public\uMediaEVR.dll
C:\Users\Public\uMediaExport.dll
C:\Users\Public\uMediaImport.dll
C:\Users\Public\uMediaInfo.dll
C:\Users\Public\umpegapi.dll
C:\Users\Public\Umpegcheck.dll
C:\Users\Public\uMyExtrasCtrl.dll
C:\Users\Public\unicows.dll
C:\Users\Public\uPI6CommonDll.dll
C:\Users\Public\uPlusVRImp.dll
C:\Users\Public\uRTRIfo.dll
C:\Users\Public\USBStorageManager.dll
C:\Users\Public\uVDibTool.dll
C:\Users\Public\uvobapi.dll
C:\Users\Public\uWMFDll2.dll
C:\Users\Public\uWMVDLL.dll
C:\Users\Public\vedArtistTextMgr.dll
C:\Users\Public\vedArtistTextProducer.dll
C:\Users\Public\vedFramework.dll
C:\Users\Public\vedGrabber.dll
C:\Users\Public\vedLocalization.dll
C:\Users\Public\vedMediaInfo.dll
C:\Users\Public\vedNavigator.dll
C:\Users\Public\WMCDDBLib.dll
C:\Users\Public\WMGenProfileLib.dll
C:\Users\Public\X3FSDK.dll
C:\Users\Public\XMLWrapper.dll
C:\Users\Public\YouTubeAgent.dll
Certains fichiers dans TEMP:
====================
C:\Users\ANDRE\AppData\Local\Temp\libeay32.dll
C:\Users\ANDRE\AppData\Local\Temp\msvcr120.dll
C:\Users\ANDRE\AppData\Local\Temp\sqlite3.dll
==================== Bamital & volsnap =================
(Il n'y a pas de correction automatique pour les fichiers qui ne satisfont pas à la vérification.)
C:\Windows\explorer.exe => Le fichier est signé numériquement
C:\Windows\system32\winlogon.exe => Le fichier est signé numériquement
C:\Windows\system32\wininit.exe => Le fichier est signé numériquement
C:\Windows\system32\svchost.exe => Le fichier est signé numériquement
C:\Windows\system32\services.exe => Le fichier est signé numériquement
C:\Windows\system32\User32.dll => Le fichier est signé numériquement
C:\Windows\system32\userinit.exe => Le fichier est signé numériquement
C:\Windows\system32\rpcss.dll => Le fichier est signé numériquement
C:\Windows\system32\dnsapi.dll => Le fichier est signé numériquement
C:\Windows\system32\Drivers\volsnap.sys => Le fichier est signé numériquement
LastRegBack: 2016-06-22 17:59
==================== Fin de FRST.txt ============================