cjoint

Publicité


Publicité

Format du document : text/plain

Prévisualisation

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 11-03-2015
Ran by cezki (administrator) on PC-DE-CEZKI on 15-03-2015 14:56:22
Running from C:\Users\cezki\bureau
Loaded Profiles: cezki (Available profiles: cezki)
Platform: Microsoft® Windows Vista™ Édition Familiale Basique Service Pack 2 (X86) OS Language: Français (France)
Internet Explorer Version 9 (Default browser: IE)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Microsoft Corporation) C:\Windows\System32\SLsvc.exe
(Hewlett-Packard Company) C:\Program Files\Common Files\LightScribe\LSSrvc.exe
(Microsoft Corp.) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVCM.EXE
(Microsoft Corporation) C:\Windows\System32\wbem\unsecapp.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner.exe
(Microsoft Corporation.) C:\Program Files\Microsoft\BingBar\7.3.132.0\SeaPort.EXE
(Microsoft Corporation) C:\Windows\System32\conime.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [] => [X]
HKLM\...\Run: [QuickTime Task] => C:\Program Files\VistaCodecPack\QT\QTTask.exe [421888 2014-01-17] (Apple Inc.)
HKU\S-1-5-21-230460946-3536391274-1308363112-1000\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner.exe [5489944 2014-12-12] (Piriform Ltd)
HKU\S-1-5-21-230460946-3536391274-1308363112-1000\...\Run: [ccleaner] => C:\Program Files\CCleaner\CCleaner.exe [5489944 2014-12-12] (Piriform Ltd)
HKU\S-1-5-21-230460946-3536391274-1308363112-1000\...\MountPoints2: {b0799589-5bed-11de-b894-001921da85da} - C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL J:\launcher.exe
HKU\S-1-5-21-230460946-3536391274-1308363112-1000\...\MountPoints2: {f418b0ba-a421-11de-bce9-001921da85da} - J:\Memorybar.exe
HKU\S-1-5-21-230460946-3536391274-1308363112-1000\...\InprocServer32: [Default-pngfilt] <==== ATTENTION!

ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => No File
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
CHR HKU\S-1-5-21-230460946-3536391274-1308363112-1000\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKU\S-1-5-21-230460946-3536391274-1308363112-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com
HKU\S-1-5-21-230460946-3536391274-1308363112-1000\Software\Microsoft\Internet Explorer\Main,Search Bar = https://fr.yahoo.com?fr=hp-avast&type=avastbcl
HKU\S-1-5-21-230460946-3536391274-1308363112-1000\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://fr.msn.com/?ocid=iehp
URLSearchHook: HKLM - (No Name) - {33727f97-486d-4d19-97c3-23f432ef93fc} - No File
SearchScopes: HKLM -> {91E3C76E-B1B6-414F-9AAF-E0E3B87B1C23} URL = http://fr.search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=cb-hp06
SearchScopes: HKLM -> {9CB96984-43C3-4D44-90EF-01466EFCF7BB} URL = https://fr.search.yahoo.com/yhs/search?type=avastbcl&hspart=avast&hsimp=yhs-001&p={searchTerms}
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\.DEFAULT -> {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-230460946-3536391274-1308363112-1000 -> E7408E019B754A4D9379AE9E6624614D URL = http://www.google.fr/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7&rlz=1I7GGLL_fr
SearchScopes: HKU\S-1-5-21-230460946-3536391274-1308363112-1000 -> Live Search URL = http://search.live.com/results.aspx?q={searchTerms}&mkt=fr-fr&FORM=MIMWA2
SearchScopes: HKU\S-1-5-21-230460946-3536391274-1308363112-1000 -> {6424E0C4-0C27-4691-AD1F-A4F09B9E017C} URL = http://www.google.fr/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7&rlz=1I7GGLL_fr
SearchScopes: HKU\S-1-5-21-230460946-3536391274-1308363112-1000 -> {814C76CB-2623-43F4-AAD0-58A0E5190A20} URL = http://r.orange.fr/r?ref=O_OI_hook_openSearchIE&url=http%3A//rws.search.ke.voila.fr/RW/S/opensearch_orange?rdata={searchTerms}
SearchScopes: HKU\S-1-5-21-230460946-3536391274-1308363112-1000 -> {91E3C76E-B1B6-414F-9AAF-E0E3B87B1C23} URL = http://fr.search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=cb-hp06
SearchScopes: HKU\S-1-5-21-230460946-3536391274-1308363112-1000 -> {9CB96984-43C3-4D44-90EF-01466EFCF7BB} URL = https://fr.search.yahoo.com/yhs/search?type=avastbcl&hspart=avast&hsimp=yhs-001&p={searchTerms}
BHO: No Name -> {33727f97-486d-4d19-97c3-23f432ef93fc} -> No File
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21] (Microsoft Corp.)
BHO: Windows Live Messenger Companion Helper -> {9FDDE16B-836F-4806-AB1F-1455CBEFF289} -> C:\Program Files\Windows Live\Companion\companioncore.dll [2010-11-10] (Microsoft Corporation)
BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2015-03-14] (Google Inc.)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre6\bin\jp2ssv.dll [2010-03-09] (Sun Microsystems, Inc.)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2015-03-14] (Google Inc.)
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_19-windows-i586.cab
Handler: ms-itss - {0A9007C0-4076-11D3-8789-0000F8105754} - c:\Program Files\Common Files\Microsoft Shared\Information Retrieval\msitss.dll [2001-06-20] (Microsoft Corporation)
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - No File []
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1 192.168.1.1

FireFox:
========
FF ProfilePath: C:\Users\cezki\AppData\Roaming\Mozilla\Firefox\Profiles\1ugain1c.default
FF SearchEngineOrder.3: Bing
FF Keyword.URL: hxxp://www.bing.com/search?FORM=UP97DF&PC=UP97&q=
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-13] ( Microsoft Corporation)
FF Plugin: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll [2010-11-10] (Microsoft Corporation)
FF Plugin: @microsoft.com/WLPG,version=15.4.3508.1109 -> C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll [2010-11-10] (Microsoft Corporation)
FF Plugin: @microsoft.com/WPF,version=3.5 -> c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll [2008-07-29] (Microsoft Corporation)
FF Plugin: @real.com/nppl3260;version=6.0.11.2105 -> C:\Program Files\VistaCodecPack\rm\browser\plugins\nppl3260.dll [2006-11-03] (RealNetworks, Inc.)
FF Plugin: @real.com/nppl3260;version=6.0.11.2571 -> C:\Program Files\VistaCodecPack\rm\browser\plugins\nppl3260.dll [2006-11-03] (RealNetworks, Inc.)
FF Plugin: @real.com/nprjplug;version=1.0.2.2629 -> C:\Program Files\Real\RealPlayer\Netscape6\nprjplug.dll [2007-03-08] (RealNetworks, Inc.)
FF Plugin: @real.com/nprpjplug;version=6.0.12.1739 -> C:\Program Files\VistaCodecPack\rm\browser\plugins\nprpjplug.dll [2006-11-03] (RealNetworks, Inc.)
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-03-10] (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-03-10] (Google Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin.dll [2014-06-18] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin2.dll [2014-06-18] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin3.dll [2014-06-18] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin4.dll [2014-06-18] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin5.dll [2014-06-18] (Apple Inc.)
FF SearchPlugin: C:\Users\cezki\AppData\Roaming\Mozilla\Firefox\Profiles\1ugain1c.default\searchplugins\orange.xml [2012-07-28]
FF Extension: No Name - C:\Users\cezki\AppData\Roaming\Mozilla\Firefox\Profiles\1ugain1c.default\Extensions\menu_contextuel_orange@orange.fr [2012-04-26]
FF Extension: barre d'outils Orange - C:\Users\cezki\AppData\Roaming\Mozilla\Firefox\Profiles\1ugain1c.default\Extensions\toolbar@Orange.fr [2012-07-22]
FF Extension: Plugin Orange Installeur - C:\Users\cezki\AppData\Roaming\Mozilla\Firefox\Profiles\1ugain1c.default\Extensions\{4D9AE42B-F4C0-40e6-AEDB-4EC6E42B77AF} [2012-04-26]
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF Extension: Microsoft .NET Framework Assistant - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension [2009-01-30]
FF Extension: No Name - C:\Users\cezki\AppData\Roaming\Mozilla\Firefox\Profiles\1ugain1c.default\extensions\{906000a4-88d9-4d52-b209-7a772970d91f} [Not Found]
FF Extension: No Name - C:\Users\cezki\AppData\Roaming\Mozilla\Firefox\Profiles\1ugain1c.default\extensions\wrigtdamon@yahoo.com [Not Found]
FF Extension: No Name - C:\Users\cezki\AppData\Roaming\Mozilla\Firefox\Profiles\1ugain1c.default\extensions\faststartff@gmail.com [Not Found]

Chrome:
=======
CHR HomePage: Default -> https://fr.yahoo.com?fr=hp-avast&type=avastbcl
CHR StartupUrls: Default -> "https://fr.yahoo.com?fr=hp-avast&type=avastbcl"
CHR Plugin: (Shockwave Flash) - C:\Program Files\Google\Chrome\Application\41.0.2272.89\PepperFlash\pepflashplayer.dll ()
CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Program Files\Google\Chrome\Application\41.0.2272.89\ppGoogleNaClPluginChrome.dll No File
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files\Google\Chrome\Application\41.0.2272.89\pdf.dll ()
CHR Plugin: (Orange Installer Plugin) - C:\Users\cezki\AppData\Local\Google\Chrome\User Data\Default\Extensions\flgckaanghhcpoadadiendjemegkccmf\1.2.5.0_0\/plugins/npOrangeInstaller.dll (Orange IT&L@bs)
CHR Plugin: (Java(TM) Platform SE 6 U19) - C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
CHR Plugin: (QuickTime Plug-in 7.1.5) - C:\Program Files\Mozilla Firefox\plugins\npqtplugin.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.1.5) - C:\Program Files\Mozilla Firefox\plugins\npqtplugin2.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.1.5) - C:\Program Files\Mozilla Firefox\plugins\npqtplugin3.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.1.5) - C:\Program Files\Mozilla Firefox\plugins\npqtplugin4.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.1.5) - C:\Program Files\Mozilla Firefox\plugins\npqtplugin5.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.1.5) - C:\Program Files\Mozilla Firefox\plugins\npqtplugin6.dll No File
CHR Plugin: (QuickTime Plug-in 7.1.5) - C:\Program Files\Mozilla Firefox\plugins\npqtplugin7.dll No File
CHR Plugin: (Adobe Acrobat) - C:\Program Files\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll No File
CHR Plugin: (RealJukebox NS Plugin) - C:\Program Files\Real\RealPlayer\Netscape6\nprjplug.dll (RealNetworks, Inc.)
CHR Plugin: (RealPlayer(tm) G2 LiveConnect-Enabled Plug-In (32-bit) ) - C:\Program Files\VistaCodecPack\rm\browser\plugins\nppl3260.dll (RealNetworks, Inc.)
CHR Plugin: (RealPlayer Version Plugin) - C:\Program Files\VistaCodecPack\rm\browser\plugins\nprpjplug.dll (RealNetworks, Inc.)
CHR Plugin: (Windows Live™ Photo Gallery) - C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
CHR Plugin: (iTunes Application Detector) - C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll No File
CHR Plugin: (Google Update) - C:\Users\cezki\AppData\Local\Google\Update\1.3.21.153\npGoogleUpdate3.dll No File
CHR Plugin: (Shockwave Flash) - C:\Windows\system32\Macromed\Flash\NPSWF32.dll No File
CHR Plugin: (Silverlight Plug-In) - c:\Program Files\Microsoft Silverlight\5.1.20513.0\npctrl.dll No File
CHR Plugin: (Windows Presentation Foundation) - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
CHR Profile: C:\Users\cezki\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (YouTube) - C:\Users\cezki\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2011-12-17]
CHR Extension: (Google Search) - C:\Users\cezki\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2011-12-17]
CHR Extension: (Plugin Orange Installeur) - C:\Users\cezki\AppData\Local\Google\Chrome\User Data\Default\Extensions\flgckaanghhcpoadadiendjemegkccmf [2012-07-22]
CHR Extension: (Portail Orange) - C:\Users\cezki\AppData\Local\Google\Chrome\User Data\Default\Extensions\jafdhbipfdlldljdanpnlipdinjcjjid [2012-07-22]
CHR Extension: (Chrome Hotword Shared Module) - C:\Users\cezki\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-03-11]
CHR Extension: (Menu Contextuel Orange) - C:\Users\cezki\AppData\Local\Google\Chrome\User Data\Default\Extensions\nfkdglgjjpicgkbfdflchobhdiblbjgf [2012-07-22]
CHR Extension: (Google Wallet) - C:\Users\cezki\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-29]
CHR Extension: (Gmail) - C:\Users\cezki\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2011-12-17]

========================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

S4 CLSched; C:\Program Files\CyberLink\PowerCinema\Kernel\TV\CLSched.exe [118880 2006-11-28] () [File not signed]
S4 CyberLink Media Library Service; C:\Program Files\CyberLink\PowerCinema\Kernel\CLML_NTService\CLMLServer.exe [1073152 2006-11-28] (Cyberlink) [File not signed]
S4 FTRTSVC; C:\Program Files\Common Files\France Telecom\Shared Modules\FTRTSVC\0\FTRTSVC.exe [69632 2009-08-24] (France Telecom SA) [File not signed]
S3 IDriverT; c:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe [73728 2004-10-22] (Macrovision Corporation) [File not signed]
R2 LightScribeService; c:\Program Files\Common Files\LightScribe\LSSrvc.exe [61440 2007-01-17] (Hewlett-Packard Company) [File not signed]
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [272952 2008-01-19] (Microsoft Corporation)
S2 CLCapSvc; "C:\Program Files\CyberLink\PowerCinema\Kernel\TV\CLCapSvc.exe" [X]

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

S3 CA561; C:\Windows\System32\Drivers\SPCA561.SYS [119798 2002-10-01] (SP)
S3 Netaapl; C:\Windows\System32\DRIVERS\netaapl.sys [18432 2012-03-26] (Apple Inc.) [File not signed]
S3 PCAMp50; C:\Windows\System32\Drivers\PCAMp50.sys [28224 2009-08-24] (Printing Communications Assoc., Inc. (PCAUSA))
S3 PCASp50; C:\Windows\System32\Drivers\PCASp50.sys [27072 2009-08-24] (Printing Communications Assoc., Inc. (PCAUSA))
R0 PxHelp20; C:\Windows\System32\Drivers\PxHelp20.sys [20640 2005-10-26] (Sonic Solutions) [File not signed]
S4 blbdrive; \SystemRoot\system32\drivers\blbdrive.sys [X]
S3 IpInIp; system32\DRIVERS\ipinip.sys [X]
S3 NwlnkFlt; system32\DRIVERS\nwlnkflt.sys [X]
S3 NwlnkFwd; system32\DRIVERS\nwlnkfwd.sys [X]
S3 USBAAPL; System32\Drivers\usbaapl.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-03-15 14:56 - 2015-03-15 14:56 - 00017280 _____ () C:\Users\cezki\bureau\FRST.txt
2015-03-15 14:54 - 2015-03-15 14:56 - 00000000 ____D () C:\FRST
2015-03-15 14:53 - 2015-03-15 14:49 - 01135104 _____ (Farbar) C:\Users\cezki\bureau\FRST.exe
2015-03-15 14:16 - 2015-03-15 14:17 - 00005429 _____ () C:\Windows\WindowsUpdate.log
2015-03-15 00:33 - 2015-03-15 00:33 - 00000800 _____ () C:\Users\cezki\bureau\ZHP.lnk
2015-03-15 00:29 - 2015-03-15 00:29 - 00004720 _____ () C:\Users\cezki\Documents\Documents\cc_20150315_002910.reg
2015-03-15 00:15 - 2015-03-15 00:15 - 00022374 _____ () C:\Users\cezki\Documents\Documents\cc_20150315_001545.reg
2015-03-14 23:58 - 2015-03-14 23:58 - 00028905 _____ () C:\Users\cezki\bureau\ZHPDiag retest.txt
2015-03-14 23:54 - 2015-03-14 23:54 - 00028905 _____ () C:\Users\cezki\bureau\ZHPDiag.txt
2015-03-14 19:02 - 2015-03-14 19:02 - 00000000 ____D () C:\Users\cezki\bureau\desinstal SECURITOOL
2015-03-14 19:02 - 2015-03-14 19:02 - 00000000 ____D () C:\ProgramData\F-Secure-UninstallationTool
2015-03-14 16:32 - 2015-03-15 00:04 - 00001029 _____ () C:\Users\cezki\bureau\ZHPFixReport.txt
2015-03-14 16:30 - 2015-03-14 16:31 - 00000000 ____D () C:\Program Files\ZHPFix
2015-03-14 16:29 - 2015-03-14 16:27 - 03521480 _____ (Nicolas Coolman ) C:\Users\cezki\bureau\ZHPFix.exe
2015-03-14 15:34 - 2015-03-14 15:34 - 00041469 _____ () C:\Users\cezki\bureau\ZHPCleaner.txt
2015-03-14 15:16 - 2015-03-14 15:17 - 00000742 _____ () C:\Users\cezki\bureau\ZHPCleaner.lnk
2015-03-14 15:14 - 2015-03-14 15:10 - 01697792 _____ () C:\Users\cezki\bureau\ZHPCleaner.exe
2015-03-14 14:16 - 2015-03-14 13:55 - 00001992 _____ () C:\Users\cezki\bureau\AdwCleaner[S1].txt
2015-03-14 13:50 - 2015-03-14 13:45 - 06876430 _____ (Nicolas Coolman ) C:\Users\cezki\bureau\ZHPDiag2.exe
2015-03-14 13:50 - 2015-03-14 13:45 - 02171392 _____ () C:\Users\cezki\bureau\adwcleaner_4.112.exe
2015-03-11 11:15 - 2015-03-11 11:16 - 00000000 ____D () C:\Windows\system32\vbox
2015-03-11 10:57 - 2015-01-29 02:35 - 00369664 _____ (Microsoft Corporation) C:\Windows\system32\WMPhoto.dll
2015-03-11 10:56 - 2015-02-26 01:18 - 02064384 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2015-03-11 10:56 - 2015-01-29 02:35 - 00975360 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll
2015-03-11 10:55 - 2014-06-15 23:18 - 01131664 _____ (Microsoft Corporation) C:\Windows\system32\dfshim.dll
2015-03-11 10:55 - 2014-06-13 19:22 - 00156824 _____ (Microsoft Corporation) C:\Windows\system32\mscorier.dll
2015-03-11 10:55 - 2014-06-13 19:22 - 00081560 _____ (Microsoft Corporation) C:\Windows\system32\mscories.dll
2015-03-11 10:54 - 2014-10-10 02:01 - 00449536 _____ (Microsoft Corporation) C:\Windows\system32\termsrv.dll
2015-03-11 10:54 - 2014-10-10 02:00 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2015-03-11 10:54 - 2014-10-10 00:22 - 00619520 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2015-03-11 10:53 - 2014-12-19 01:25 - 00115200 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxdav.sys
2015-03-11 10:52 - 2014-11-04 01:19 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2015-03-11 10:47 - 2014-10-24 02:03 - 00499200 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2015-03-11 10:47 - 2014-08-27 01:55 - 01249280 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2015-03-11 10:47 - 2014-08-27 01:55 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll
2015-03-11 10:46 - 2014-11-26 03:05 - 00564224 _____ (Microsoft Corporation) C:\Windows\system32\oleaut32.dll
2015-03-11 10:46 - 2014-10-24 02:04 - 00067072 _____ (Microsoft Corporation) C:\Windows\system32\packager.dll
2015-03-11 10:45 - 2015-02-20 03:03 - 00034304 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2015-03-11 10:45 - 2015-02-20 01:28 - 00296960 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2015-03-11 10:44 - 2015-02-26 03:01 - 03604408 _____ (Microsoft Corporation) C:\Windows\system32\ntkrnlpa.exe
2015-03-11 10:44 - 2015-02-26 03:01 - 03552184 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-03-11 10:44 - 2015-01-21 03:02 - 00807936 _____ (Microsoft Corporation) C:\Windows\system32\msctf.dll
2015-03-11 10:44 - 2015-01-09 03:04 - 00049152 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2015-03-11 10:44 - 2015-01-09 01:18 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2015-03-11 10:43 - 2014-08-12 03:25 - 00729600 _____ (Microsoft Corporation) C:\Windows\system32\IMJP10K.DLL
2015-03-11 10:40 - 2015-03-06 05:01 - 00279040 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2015-03-11 10:40 - 2015-01-15 05:13 - 00440760 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2015-03-11 10:40 - 2014-10-10 02:00 - 01259008 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2015-03-11 10:39 - 2014-10-13 02:12 - 02264064 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2015-03-11 10:37 - 2014-12-06 04:14 - 00174080 _____ (Microsoft Corporation) C:\Windows\system32\nlasvc.dll
2015-03-11 10:37 - 2014-12-06 04:14 - 00093184 _____ (Microsoft Corporation) C:\Windows\system32\ncsi.dll
2015-03-11 10:37 - 2014-12-06 04:14 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\nlaapi.dll
2015-03-11 10:37 - 2014-10-03 02:18 - 00274432 _____ (Microsoft Corporation) C:\Windows\system32\AUDIOKSE.dll
2015-03-11 10:37 - 2014-10-03 02:17 - 00396800 _____ (Microsoft Corporation) C:\Windows\system32\AudioEng.dll
2015-03-11 10:37 - 2014-10-03 02:17 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\audiosrv.dll
2015-03-11 10:37 - 2014-10-03 02:17 - 00170496 _____ (Microsoft Corporation) C:\Windows\system32\EncDump.dll
2015-03-11 10:36 - 2015-02-18 03:02 - 11587584 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2015-03-11 10:36 - 2014-09-05 00:27 - 00143360 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\fastfat.sys
2015-03-11 10:31 - 2014-12-08 02:59 - 00306176 _____ (Microsoft Corporation) C:\Windows\system32\scesrv.dll
2015-03-11 10:30 - 2014-12-06 04:14 - 00153600 _____ (Microsoft Corporation) C:\Windows\system32\profsvc.dll
2015-03-11 10:28 - 2015-02-21 18:37 - 12375040 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-03-11 10:28 - 2015-02-21 18:34 - 00367104 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2015-03-11 10:28 - 2015-02-21 18:29 - 09747968 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-03-11 10:28 - 2015-02-21 18:28 - 01810944 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-03-11 10:28 - 2015-02-21 18:22 - 01139200 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-03-11 10:28 - 2015-02-21 18:21 - 01427968 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-03-11 10:28 - 2015-02-21 18:21 - 01129472 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-03-11 10:28 - 2015-02-21 18:20 - 00231936 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2015-03-11 10:28 - 2015-02-21 18:20 - 00065536 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2015-03-11 10:28 - 2015-02-21 18:19 - 01803264 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-03-11 10:28 - 2015-02-21 18:19 - 00717824 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2015-03-11 10:28 - 2015-02-21 18:19 - 00607744 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-03-11 10:28 - 2015-02-21 18:19 - 00421376 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-03-11 10:28 - 2015-02-21 18:19 - 00142848 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2015-03-11 10:28 - 2015-02-21 18:18 - 02382848 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2015-03-11 10:28 - 2015-02-21 18:18 - 00353792 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2015-03-11 10:28 - 2015-02-21 18:18 - 00223232 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-03-11 10:28 - 2015-02-21 18:18 - 00073216 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-03-11 10:28 - 2015-02-21 18:18 - 00041472 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll
2015-03-11 10:28 - 2015-02-21 18:18 - 00011776 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe
2015-03-11 10:28 - 2015-02-21 18:18 - 00010752 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe
2015-03-11 10:28 - 2015-02-21 18:17 - 00176640 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2015-03-10 10:34 - 2015-03-10 10:34 - 00000472 _____ () C:\Users\cezki\bureau\Connexion au réseau local - Raccourci.lnk
2015-02-27 10:26 - 2015-03-11 11:50 - 00013030 _____ () C:\PDOXUSRS.NET
2015-02-27 10:25 - 2015-03-11 11:48 - 00000000 ____D () C:\Program Files\ZebHelpProcess
2015-02-27 10:25 - 2015-02-27 10:25 - 00000000 ____D () C:\Program Files\Common Files\Borland Shared
2015-02-27 10:25 - 1999-11-12 05:11 - 00183808 _____ () C:\Windows\system32\BDEADMIN.CPL
2015-02-27 10:25 - 1999-01-20 05:01 - 00210032 _____ () C:\Windows\system32\DBCLIENT.DLL
2015-02-25 09:25 - 2015-03-14 13:55 - 00000000 ____D () C:\AdwCleaner
2015-02-23 11:42 - 2015-02-23 11:44 - 00000000 ____D () C:\OETemp
2015-02-19 19:18 - 2015-02-19 19:18 - 00001023 _____ () C:\Users\cezki\bureau\Revo Uninstaller.lnk
2015-02-19 19:18 - 2015-02-19 19:18 - 00000000 ____D () C:\Program Files\VS Revo Group

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-03-15 14:56 - 2007-06-15 18:10 - 00000000 ___RD () C:\Users\cezki\bureau
2015-03-15 14:37 - 2010-02-02 13:40 - 00001056 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-03-15 14:14 - 2010-02-02 13:40 - 00001052 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-03-15 14:14 - 2006-11-02 13:58 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2015-03-15 14:14 - 2006-11-02 13:45 - 00003552 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
2015-03-15 14:14 - 2006-11-02 13:45 - 00003552 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
2015-03-15 14:13 - 2006-11-02 13:58 - 00032572 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2015-03-15 00:04 - 2015-01-21 21:07 - 00000000 ____D () C:\Users\cezki\AppData\Roaming\ZHP
2015-03-14 23:53 - 2015-01-21 21:17 - 00000512 _____ () C:\PhysicalDisk0_MBR.bin
2015-03-14 23:53 - 2015-01-21 21:07 - 00000000 ____D () C:\Program Files\ZHPDiag
2015-03-14 21:38 - 2015-01-19 21:17 - 00114904 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-03-14 20:32 - 2012-06-14 18:32 - 00000000 ____D () C:\ProgramData\Apple
2015-03-14 19:53 - 2010-04-22 17:24 - 00000000 ____D () C:\ProgramData\Adobe
2015-03-14 19:53 - 2007-07-25 16:09 - 00000000 ____D () C:\Users\cezki\AppData\Local\Adobe
2015-03-14 19:53 - 2007-03-08 06:14 - 00000000 ____D () C:\Program Files\Adobe
2015-03-14 19:16 - 2007-07-02 16:01 - 00000000 ____D () C:\ProgramData\Skype
2015-03-14 19:06 - 2007-07-01 19:01 - 00000000 ____D () C:\ProgramData\F-Secure
2015-03-14 18:21 - 2011-03-26 18:28 - 00000000 ____D () C:\ProgramData\tmp
2015-03-14 18:21 - 2008-01-10 19:06 - 00000000 ____D () C:\ProgramData\TEMP
2015-03-14 18:21 - 2007-07-02 16:37 - 00000000 ____D () C:\Users\cezki\AppData\Roaming\Skype
2015-03-14 18:21 - 2007-06-15 18:30 - 00000000 ____D () C:\Users\cezki\AppData\Local\PowerCinema
2015-03-14 17:41 - 2015-02-02 21:02 - 00000000 ____D () C:\Users\cezki\AppData\Local\CrashDumps
2015-03-14 16:30 - 2015-01-21 21:07 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ZHP
2015-03-14 14:02 - 2015-01-21 21:07 - 00001611 _____ () C:\Users\cezki\bureau\ZHPDiag.lnk
2015-03-14 12:18 - 2006-11-02 12:18 - 00000000 ____D () C:\Windows\Microsoft.NET
2015-03-12 23:40 - 2007-06-15 18:10 - 00000000 ____D () C:\Users\cezki
2015-03-11 13:17 - 2013-08-15 17:07 - 00000000 ____D () C:\Windows\system32\MRT
2015-03-11 13:05 - 2006-11-02 12:18 - 00000000 ____D () C:\Windows\rescache
2015-03-11 12:57 - 2006-11-02 11:33 - 01615574 _____ () C:\Windows\system32\PerfStringBackup.INI
2015-03-11 12:05 - 2007-06-30 16:49 - 00000000 ____D () C:\Program Files\Orange
2015-03-11 11:02 - 2006-11-02 13:44 - 00331152 _____ () C:\Windows\system32\FNTCACHE.DAT
2015-03-11 10:58 - 2006-11-02 12:18 - 00000000 ____D () C:\Windows\system32\fr-FR
2015-03-10 11:44 - 2010-07-15 15:12 - 00000000 ____D () C:\Users\cezki\AppData\Local\Orange
2015-02-27 09:57 - 2015-01-21 21:40 - 00035064 _____ () C:\Windows\system32\Drivers\TrueSight.sys
2015-02-26 21:20 - 2006-11-02 11:24 - 119837696 _____ (Microsoft Corporation) C:\Windows\system32\mrt.exe
2015-02-25 12:06 - 2007-07-01 18:59 - 00001356 _____ () C:\Users\cezki\AppData\Local\d3d9caps.dat
2015-02-25 09:25 - 2015-01-19 19:16 - 00000000 ____D () C:\Users\cezki\bureau\sala
2015-02-24 04:23 - 2009-10-03 08:26 - 00246920 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2015-02-23 11:29 - 2007-07-31 20:12 - 00000000 ____D () C:\Windows\Google Toolbar

==================== Files in the root of some directories =======

2014-09-01 09:18 - 2014-09-01 09:18 - 0002086 _____ () C:\Users\cezki\AppData\Roaming\ASCCJT
2014-09-01 09:18 - 2014-09-01 09:18 - 0001248 _____ () C:\Users\cezki\AppData\Roaming\DEPX
2008-12-10 17:57 - 2008-12-10 17:58 - 0114414 _____ () C:\Users\cezki\AppData\Roaming\install.txt
2009-01-21 13:21 - 2009-01-21 13:21 - 0029239 _____ () C:\Users\cezki\AppData\Roaming\UserTile.png
2013-12-20 19:31 - 2014-09-23 08:37 - 0000165 _____ () C:\Users\cezki\AppData\Roaming\WB.CFG
2008-01-21 22:21 - 2013-05-06 19:07 - 0000892 _____ () C:\Users\cezki\AppData\Roaming\wklnhst.dat
2007-07-01 18:59 - 2015-02-25 12:06 - 0001356 _____ () C:\Users\cezki\AppData\Local\d3d9caps.dat
2007-06-17 20:01 - 2015-02-09 11:20 - 0090112 _____ () C:\Users\cezki\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2007-10-21 09:26 - 2007-10-21 17:31 - 0002245 _____ () C:\Users\cezki\AppData\Local\fdcafdclki.dat
2007-10-23 17:44 - 2007-10-23 21:08 - 0002244 _____ () C:\Users\cezki\AppData\Local\moavxumep.dat
2007-11-08 13:52 - 2007-11-08 21:56 - 0002244 _____ () C:\Users\cezki\AppData\Local\nqxmjmham.dat
2008-03-17 18:14 - 2008-03-17 18:14 - 0000032 _____ () C:\ProgramData\ezsid.dat
2008-09-27 17:14 - 2008-09-27 17:14 - 0000056 ____H () C:\ProgramData\ezsidmv.dat

Files to move or delete:
====================
C:\ProgramData\ezsid.dat


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\explorer.exe => File is digitally signed
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2015-03-15 14:20

==================== End Of Log ============================

Publicité


Signaler le contenu de ce document

Publicité