Format du document : text/plain
Prévisualisation
Résultats d'analyse de Farbar Recovery Scan Tool (FRST) (x86) Version: 16-10-2016
Exécuté par francine (administrateur) sur PC-DE-FRANCINE (23-10-2016 09:47:04)
Exécuté depuis C:\Users\francine\Desktop
Profils chargés: francine (Profils disponibles: francine)
Platform: Microsoft® Windows Vista™ Édition Familiale Basique Service Pack 2 (X86) Langue: Français (France)
Internet Explorer Version 9 (Navigateur par défaut: FF)
Mode d'amorçage: Normal
Tutoriel pour Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processus (Avec liste blanche) =================
(Si un élément est inclus dans le fichier fixlist.txt, le processus sera arrêté. Le fichier ne sera pas déplacé.)
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\Av\avgrsx.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\Av\avgcsrvx.exe
(ATI Technologies Inc.) C:\Windows\System32\Ati2evxx.exe
(Microsoft Corporation) C:\Windows\System32\SLsvc.exe
(ATI Technologies Inc.) C:\Windows\System32\Ati2evxx.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\Av\avgidsagent.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\Framework\Common\avgsvcx.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\Av\avgwdsvcx.exe
(NewTech Infosystems, Inc.) C:\Program Files\NewTech Infosystems\NTI Backup Now 5\Client\Agentsvc.exe
(Egis Incorporated) C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDSService.exe
() C:\Program Files\Acer\Empowering Technology\Service\ETService.exe
(Freemake) C:\ProgramData\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe
(Lavasoft Limited) C:\Program Files\Lavasoft\Web Companion\TcpService\2.3.4.7\LavasoftTcpService.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\Av\avgnsx.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\Av\avgemcx.exe
(Hewlett-Packard Company) C:\Program Files\Common Files\LightScribe\LSSrvc.exe
(NewTech InfoSystems, Inc.) C:\Program Files\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe
() C:\Program Files\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe
() C:\Program Files\Cyberlink\Shared files\RichVideo.exe
() C:\Program Files\Acer\Empowering Technology\SysMonitor.exe
(Realtek Semiconductor) C:\Windows\RtHDVCpl.exe
(Nuance Communications, Inc.) C:\Program Files\ScanSoft\OmniPageSE4\OpWareSE4.exe
() C:\Program Files\Lavasoft\Web Companion\Application\Lavasoft.WCAssistant.WinService.exe
(Hewlett-Packard) C:\Program Files\HP\HP Software Update\hpwuschd2.exe
(Microsoft Corporation) C:\Program Files\Windows Media Player\wmpnscfg.exe
(Lavasoft) C:\Program Files\Lavasoft\Web Companion\Application\WebCompanion.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\Framework\Common\avguix.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\Av\avgui.exe
(Microsoft Corp.) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVCM.EXE
(Microsoft Corporation) C:\Program Files\Windows Media Player\wmplayer.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe
(Microsoft Corporation) C:\Windows\System32\UI0Detect.exe
(Mozilla Corporation) C:\Program Files\Mozilla Thunderbird\thunderbird.exe
==================== Registre (Avec liste blanche) ====================
(Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé. Le fichier ne sera pas déplacé.)
HKLM\...\Run: [Windows Defender] => C:\Program Files\Windows Defender\MSASCui.exe [1008184 2008-01-21] (Microsoft Corporation)
HKLM\...\Run: [Acer Empowering Technology Monitor] => C:\Program Files\Acer\Empowering Technology\SysMonitor.exe [319488 2008-04-25] ()
HKLM\...\Run: [RtHDVCpl] => C:\Windows\RtHDVCpl.exe [4911104 2008-01-29] (Realtek Semiconductor)
HKLM\...\Run: [WarReg_PopUp] => C:\Program Files\Acer\WR_PopUp\WarReg_PopUp.exe [303104 2008-01-29] (Acer Incorporated)
HKLM\...\Run: [Setresolution] => C:\ACER\config\1440x900.cmd [240 2008-02-27] ()
HKLM\...\Run: [SSBkgdUpdate] => C:\Program Files\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe [210472 2006-10-25] (Nuance Communications, Inc.)
HKLM\...\Run: [OpwareSE4] => C:\Program Files\ScanSoft\OmniPageSE4\OpwareSE4.exe [79400 2007-02-04] (Nuance Communications, Inc.)
HKLM\...\Run: [Skytel] => C:\Windows\Skytel.exe [1826816 2007-11-20] (Realtek Semiconductor Corp.)
HKLM\...\Run: [APSDaemon] => C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-09-13] (Apple Inc.)
HKLM\...\Run: [HP Software Update] => C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe [96056 2013-05-30] (Hewlett-Packard)
HKLM\...\Run: [] => [X]
HKLM\...\Run: [AvgUi] => C:\Program Files\AVG\Framework\Common\avguirnx.exe [187152 2016-09-13] (AVG Technologies CZ, s.r.o.)
HKLM\...\Run: [AVG_UI] => C:\Program Files\AVG\Framework\Common\avguirnx.exe [187152 2016-09-13] (AVG Technologies CZ, s.r.o.)
HKU\S-1-5-19\...\Run: [WindowsWelcomeCenter] => C:\Windows\system32\oobefldr.dll [2153472 2009-04-11] (Microsoft Corporation)
HKU\S-1-5-20\...\Run: [WindowsWelcomeCenter] => C:\Windows\system32\oobefldr.dll [2153472 2009-04-11] (Microsoft Corporation)
HKU\S-1-5-21-3629343305-3452528987-3318794603-1000\...\Run: [tkkhh] => rundll32
HKU\S-1-5-21-3629343305-3452528987-3318794603-1000\...\Run: [WMPNSCFG] => C:\Program Files\Windows Media Player\WMPNSCFG.exe [202240 2008-01-21] (Microsoft Corporation)
HKU\S-1-5-21-3629343305-3452528987-3318794603-1000\...\Run: [Web Companion] => C:\Program Files\Lavasoft\Web Companion\Application\WebCompanion.exe [1790616 2016-10-21] (Lavasoft)
HKU\S-1-5-21-3629343305-3452528987-3318794603-1000\...\MountPoints2: {4a032651-c52a-11de-acec-001fe2041d79} - J:\mostick.exe
HKU\S-1-5-21-3629343305-3452528987-3318794603-1000\...\MountPoints2: {9f536af0-09d5-11e5-8a22-001fe2041d79} - D:\HTC_Sync_Manager_PC.exe
ShellIconOverlayIdentifiers: [egisPSDP] -> {30A0A3F6-38AC-4C53-BB8B-0D95238E25BA} => C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\PSDProtect.dll [2008-03-04] (Egis Incorporated)
Startup: C:\Users\francine\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Alertes de surveillance de l'encre - .lnk [2013-09-07]
ShortcutTarget: Alertes de surveillance de l'encre - .lnk -> C:\Program Files\HP\HP Deskjet 3050A J611 series\Bin\HPStatusBL.dll (Hewlett-Packard Co.)
==================== Internet (Avec liste blanche) ====================
(Si un élément est inclus dans le fichier fixlist.txt, s'il s'agit d'un élément du Registre, il sera supprimé ou restauré à la valeur par défaut.)
Winsock: Catalog9 01 C:\Windows\system32\LavasoftTcpService.dll [345360 2016-10-21] (Lavasoft Limited)
Winsock: Catalog9 02 C:\Windows\system32\LavasoftTcpService.dll [345360 2016-10-21] (Lavasoft Limited)
Winsock: Catalog9 03 C:\Windows\system32\LavasoftTcpService.dll [345360 2016-10-21] (Lavasoft Limited)
Winsock: Catalog9 04 C:\Windows\system32\LavasoftTcpService.dll [345360 2016-10-21] (Lavasoft Limited)
Winsock: Catalog9 29 C:\Windows\system32\LavasoftTcpService.dll [345360 2016-10-21] (Lavasoft Limited)
Tcpip\Parameters: [DhcpNameServer] 212.27.40.241 212.27.40.240
Tcpip\..\Interfaces\{37745DC5-0243-46B0-BE5A-5ECCE988FB09}: [DhcpNameServer] 212.27.40.241 212.27.40.240
Tcpip\..\Interfaces\{597325EF-9901-4DEE-A5C7-C3AEA3E71DEF}: [DhcpNameServer] 212.27.40.241 212.27.40.240
Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://fr.fr.acer.yahoo.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://fr.fr.acer.yahoo.com
HKU\S-1-5-21-3629343305-3452528987-3318794603-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.bing.com/?pc=COSP&ptag=D102116-A295234DE60&form=CONMHP&conlogo=CT3334485
SearchScopes: HKLM -> DefaultScope la valeur est absente
SearchScopes: HKU\.DEFAULT -> {483830EE-A4CD-4b71-B0A3-3D82E62A6909} URL =
SearchScopes: HKU\S-1-5-21-3629343305-3452528987-3318794603-1000 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?pc=COSP&ptag=D102116-A295234DE60&form=CONBDF&conlogo=CT3334485&q={searchTerms}
SearchScopes: HKU\S-1-5-21-3629343305-3452528987-3318794603-1000 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?pc=COSP&ptag=D102116-A295234DE60&form=CONBDF&conlogo=CT3334485&q={searchTerms}
SearchScopes: HKU\S-1-5-21-3629343305-3452528987-3318794603-1000 -> {DECA3892-BA8F-44b8-A993-A466AD694AE4} URL = hxxp://fr.search.yahoo.com/search?p={searchTerms}&fr=chr-acer
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21] (Microsoft Corp.)
BHO: Windows Live Messenger Companion Helper -> {9FDDE16B-836F-4806-AB1F-1455CBEFF289} -> C:\Program Files\Windows Live\Companion\companioncore.dll [2010-11-10] (Microsoft Corporation)
Toolbar: HKLM - Acer eDataSecurity Management - {5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDStoolbar.dll [2008-03-04] (Egis Incorporated.)
Handler: avgsecuritytoolbar - Y - Pas de fichier
Handler: ms-itss - {0A9007C0-4076-11D3-8789-0000F8105754} - c:\Program Files\Common Files\Microsoft Shared\Information Retrieval\msitss.dll [2001-06-20] (Microsoft Corporation)
FireFox:
========
FF ProfilePath: C:\Users\francine\AppData\Roaming\Mozilla\Firefox\Profiles\z6nr9qrz.default-1472375335728 [2016-10-23]
FF NewTab: Mozilla\Firefox\Profiles\z6nr9qrz.default-1472375335728 -> hxxp://www.bing.com/?pc=COSP&ptag=D102116-A295234DE60&form=CONMHP&conlogo=CT3334485
FF DefaultSearchEngine: Mozilla\Firefox\Profiles\z6nr9qrz.default-1472375335728 -> Google
FF SelectedSearchEngine: Mozilla\Firefox\Profiles\z6nr9qrz.default-1472375335728 -> Google
FF Homepage: Mozilla\Firefox\Profiles\z6nr9qrz.default-1472375335728 -> google
FF Keyword.URL: Mozilla\Firefox\Profiles\z6nr9qrz.default-1472375335728 -> hxxps://www.google.com/search?q=
FF SearchPlugin: C:\Users\francine\AppData\Roaming\Mozilla\Firefox\Profiles\z6nr9qrz.default-1472375335728\searchplugins\bing-lavasoft.xml [2016-10-21]
FF SearchPlugin: C:\Users\francine\AppData\Roaming\Mozilla\Firefox\Profiles\z6nr9qrz.default-1472375335728\searchplugins\Google_1.xml [2016-10-22]
FF SearchPlugin: C:\Users\francine\AppData\Roaming\Mozilla\Firefox\Profiles\z6nr9qrz.default-1472375335728\searchplugins\Google_2.xml [2016-10-22]
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF Extension: (Microsoft .NET Framework Assistant) - C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension [2009-09-02] [non signé]
FF HKLM\...\Firefox\Extensions: [avg@igeared] - C:\Program Files\AVG\AVG10\Toolbar\Firefox\avg@igeared => non trouvé(e)
FF HKLM\...\Firefox\Extensions: [quickprint@hp.com] - C:\Program Files\Hewlett-Packard\SmartPrint\QPExtension
FF Extension: (SmartPrintButton) - C:\Program Files\Hewlett-Packard\SmartPrint\QPExtension [2015-04-17] [non signé]
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32_23_0_0_185.dll [2016-10-11] ()
FF Plugin: @java.com/DTPlugin,version=10.13.2 -> C:\Windows\system32\npDeployJava1.dll [2013-02-02] (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.50428.0\npctrl.dll [2016-04-27] ( Microsoft Corporation)
FF Plugin: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll [2010-11-10] (Microsoft Corporation)
FF Plugin: @microsoft.com/WLPG,version=15.4.3508.1109 -> C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll [2010-11-10] (Microsoft Corporation)
FF Plugin: @microsoft.com/WPF,version=3.5 -> c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll [2008-07-29] (Microsoft Corporation)
FF Plugin: @pack.google.com/Google Updater;version=14 -> C:\Program Files\Google\Google Updater\2.4.2432.1652\npCIDetect14.dll [2011-09-05] (Google)
FF Plugin: @real.com/nppl3260;version=6.0.12.69 -> C:\Program Files\K-Lite Codec Pack\Real\browser\plugins\nppl3260.dll [2008-09-10] (RealNetworks, Inc.)
FF Plugin: @real.com/nprpjplug;version=6.0.12.69 -> C:\Program Files\K-Lite Codec Pack\Real\browser\plugins\nprpjplug.dll [2008-09-10] (RealNetworks, Inc.)
FF Plugin: @rocketlife.com/RocketLife Secure Plug-In Layer;version=1.0.5 -> C:\ProgramData\Visan\plugins\npRLSecurePluginLayer.dll [2012-06-21] (RocketLife, LLP)
FF Plugin: @tools.google.com/Google Update;version=8 -> C:\Program Files\Google\Update\1.2.183.29\npGoogleOneClick8.dll [Pas de fichier]
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\np-mswmp.dll [2007-04-10] (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\NPOFF12.DLL [2006-10-26] (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nppl3260.dll [2008-09-10] (RealNetworks, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin.dll [2015-01-30] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin2.dll [2015-01-30] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin3.dll [2015-01-30] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin4.dll [2015-01-30] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin5.dll [2015-01-30] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nprpjplug.dll [2008-09-10] (RealNetworks, Inc.)
Chrome:
=======
CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx
==================== Services (Avec liste blanche) ====================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
R2 AVGIDSAgent; C:\Program Files\AVG\Av\avgidsagent.exe [4149312 2016-10-13] (AVG Technologies CZ, s.r.o.)
R2 avgsvc; C:\Program Files\AVG\Framework\Common\avgsvcx.exe [945936 2016-09-13] (AVG Technologies CZ, s.r.o.)
R2 avgwd; C:\Program Files\AVG\Av\avgwdsvcx.exe [605336 2016-10-13] (AVG Technologies CZ, s.r.o.)
R2 ETService; C:\Program Files\Acer\Empowering Technology\Service\ETService.exe [24576 2008-04-25] () [Fichier non signé]
R2 Freemake Improver; C:\ProgramData\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe [108032 2014-08-13] (Freemake) [Fichier non signé]
R2 LavasoftTcpService; C:\Program Files\Lavasoft\Web Companion\TcpService\2.3.4.7\LavasoftTcpService.exe [2751760 2016-10-21] (Lavasoft Limited)
R2 LightScribeService; C:\Program Files\Common Files\LightScribe\LSSrvc.exe [61440 2007-01-17] (Hewlett-Packard Company) [Fichier non signé]
R2 NTIBackupSvc; C:\Program Files\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe [49152 2008-02-25] (NewTech InfoSystems, Inc.) [Fichier non signé]
R2 NTISchedulerSvc; C:\Program Files\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe [131072 2008-02-25] () [Fichier non signé]
R2 RichVideo; C:\Program Files\Cyberlink\Shared files\RichVideo.exe [272024 2007-01-09] ()
R2 WCAssistantService; C:\Program Files\Lavasoft\Web Companion\Application\Lavasoft.WCAssistant.WinService.exe [25240 2016-10-21] ()
S2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [272952 2008-01-21] (Microsoft Corporation)
===================== Pilotes (Avec liste blanche) ======================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
S4 ahcix86s; C:\Windows\system32\drivers\ahcix86s.sys [170000 2007-12-19] (AMD Technologies Inc.)
R1 Avgdiskx; C:\Windows\System32\DRIVERS\avgdiskx.sys [134912 2016-05-13] (AVG Technologies CZ, s.r.o.)
R1 AVGIDSDriver; C:\Windows\System32\DRIVERS\avgidsdriverx.sys [257792 2016-09-22] (AVG Technologies CZ, s.r.o.)
R0 AVGIDSHX; C:\Windows\System32\DRIVERS\avgidshx.sys [210176 2016-07-27] (AVG Technologies CZ, s.r.o.)
R1 AVGIDSShim; C:\Windows\System32\DRIVERS\avgidsshimx.sys [31664 2015-11-20] (AVG Technologies CZ, s.r.o.)
R1 Avgldx86; C:\Windows\System32\DRIVERS\avgldx86.sys [218880 2016-09-20] (AVG Technologies CZ, s.r.o.)
R0 Avglogx; C:\Windows\System32\DRIVERS\avglogx.sys [287008 2016-02-16] (AVG Technologies CZ, s.r.o.)
R0 Avgmfx86; C:\Windows\System32\DRIVERS\avgmfx86.sys [197376 2016-09-26] (AVG Technologies CZ, s.r.o.)
R0 Avgrkx86; C:\Windows\System32\DRIVERS\avgrkx86.sys [47360 2016-06-01] (AVG Technologies CZ, s.r.o.)
R1 Avgtdix; C:\Windows\System32\DRIVERS\avgtdix.sys [231680 2016-07-27] (AVG Technologies CZ, s.r.o.)
R0 avgunivx; C:\Windows\System32\DRIVERS\avgunivx.sys [65280 2016-06-20] (AVG Technologies CZ, s.r.o.)
S3 fbxusb; C:\Windows\System32\DRIVERS\fbxusb32.sys [31128 2007-08-27] (FreeBox SA)
S3 grmnusb; C:\Windows\System32\drivers\grmnusb.sys [8320 2007-03-08] (GARMIN Corp.) [Fichier non signé]
S3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [170200 2016-10-09] (Malwarebytes)
R2 tvicport; C:\Windows\system32\drivers\tvicport.sys [14544 2008-02-25] (EnTech Taiwan) [Fichier non signé]
R2 zntport; C:\Windows\system32\drivers\zntport.sys [6080 2008-02-25] (Zeal SoftStudio) [Fichier non signé]
S3 catchme; \??\C:\Users\francine\AppData\Local\Temp\catchme.sys [X]
S3 IpInIp; system32\DRIVERS\ipinip.sys [X]
S3 NwlnkFlt; system32\DRIVERS\nwlnkflt.sys [X]
S3 NwlnkFwd; system32\DRIVERS\nwlnkfwd.sys [X]
==================== NetSvcs (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
==================== Un mois - Créés - fichiers et dossiers ========
(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)
2016-10-23 09:47 - 2016-10-23 09:59 - 00018487 _____ C:\Users\francine\Desktop\FRST.txt
2016-10-23 09:38 - 2016-10-23 09:46 - 00000000 ____D C:\Users\francine\Desktop\envoi 23 oct
2016-10-22 09:22 - 2016-10-22 09:22 - 02467840 _____ C:\Users\francine\Desktop\ZHPCleaner.exe
2016-10-21 18:03 - 2016-10-21 18:03 - 00000000 ____D C:\Users\francine\AppData\Local\Lavasoft
2016-10-21 18:03 - 2016-10-21 18:03 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lavasoft
2016-10-21 18:02 - 2016-10-21 18:02 - 00002880 _____ C:\Windows\system32\LavasoftTcpServiceOff.ini
2016-10-21 18:02 - 2016-10-21 18:02 - 00000000 ____D C:\Users\francine\AppData\Roaming\Lavasoft
2016-10-21 18:02 - 2016-10-21 18:01 - 00345360 _____ (Lavasoft Limited) C:\Windows\system32\LavasoftTcpService.dll
2016-10-21 18:01 - 2016-10-21 18:01 - 00000000 ____D C:\Program Files\Lavasoft
2016-10-21 18:00 - 2016-10-21 18:00 - 00000000 ____D C:\ProgramData\Lavasoft
2016-10-21 17:59 - 2016-10-22 21:01 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Auslogics
2016-10-21 17:59 - 2016-10-22 21:01 - 00000000 ____D C:\Program Files\Auslogics
2016-10-21 17:59 - 2016-10-21 18:02 - 00000000 ____D C:\ProgramData\Auslogics
2016-10-21 17:59 - 2016-10-21 17:59 - 00000973 _____ C:\Users\francine\Desktop\Auslogics Disk Defrag.lnk
2016-10-21 17:46 - 2016-10-21 17:46 - 00001638 _____ C:\Users\Public\Desktop\ZHPFix.lnk
2016-10-21 17:46 - 2016-10-21 17:46 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ZHP
2016-10-21 17:45 - 2016-10-21 17:45 - 03521617 _____ (Nicolas Coolman ) C:\Users\francine\Desktop\ZHPFix.exe
2016-10-21 15:59 - 2016-10-23 09:47 - 00000000 ____D C:\FRST
2016-10-21 15:57 - 2016-10-21 15:58 - 01756672 _____ (Farbar) C:\Users\francine\Desktop\FRST.exe
2016-10-20 19:01 - 2016-10-20 19:01 - 07900192 _____ (Auslogics Labs Pty Ltd ) C:\Users\francine\Downloads\auslogics-disk-defrag_7-0-0-0_en_26672.exe
2016-10-20 18:20 - 2016-10-20 18:21 - 00477822 _____ C:\Users\francine\Desktop\cc_20161020_182045.reg
2016-10-20 18:09 - 2016-10-20 18:09 - 00000691 _____ C:\Users\Public\Desktop\CCleaner.lnk
2016-10-20 18:08 - 2016-10-20 18:08 - 08282352 _____ (Piriform Ltd) C:\Users\francine\Downloads\ccsetup_523.exe
2016-10-20 16:38 - 2016-10-20 18:09 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2016-10-20 16:38 - 2016-10-20 16:38 - 00000000 ____D C:\Users\francine\Desktop\Nouveau dossier (3)
2016-10-20 12:32 - 2016-10-20 12:32 - 02418176 _____ C:\Users\francine\ZHPDiag3.exe
2016-10-19 19:10 - 2016-10-19 19:10 - 01060925 _____ C:\Users\francine\Desktop\RésuméSpeccy.txt
2016-10-19 18:51 - 2016-10-19 18:50 - 01060899 _____ C:\Users\francine\Desktop\PC-DE-FRANCINE - Copie.txt
2016-10-19 18:50 - 2016-10-19 18:50 - 01060899 _____ C:\Users\francine\Desktop\PC-DE-FRANCINE.txt
2016-10-19 17:44 - 2016-10-19 17:44 - 00000780 _____ C:\Users\Public\Desktop\Speccy.lnk
2016-10-19 17:44 - 2016-10-19 17:44 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Speccy
2016-10-19 17:44 - 2016-10-19 17:44 - 00000000 ____D C:\Program Files\Speccy
2016-10-19 17:40 - 2016-10-19 17:40 - 05201280 _____ (Piriform Ltd) C:\Users\francine\Downloads\spsetup129.exe
2016-10-19 16:37 - 2016-10-19 16:37 - 01531079 _____ C:\Users\francine\Downloads\Enrichir-sa-terre_inter-jardiniers.pdf
2016-10-18 18:33 - 2016-10-18 18:33 - 00000000 ____D C:\Users\francine\AppData\Roaming\AVG
2016-10-18 18:31 - 2016-10-18 18:31 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG
2016-10-18 18:29 - 2016-10-18 18:29 - 00000000 ___HD C:\$AVG
2016-10-18 18:22 - 2016-10-23 08:49 - 00000000 ____D C:\ProgramData\MFAData
2016-10-18 18:22 - 2016-10-18 18:22 - 00000000 ____D C:\Users\francine\AppData\Local\MFAData
2016-10-18 18:16 - 2016-10-18 18:16 - 00000735 _____ C:\Users\Public\Desktop\AVG.lnk
2016-10-18 18:16 - 2016-10-18 18:16 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG Zen
2016-10-18 18:14 - 2016-10-18 18:24 - 00000000 ____D C:\Program Files\AVG
2016-10-18 18:10 - 2016-10-18 18:33 - 00000000 ____D C:\Users\francine\AppData\Local\Avg
2016-10-18 18:10 - 2016-10-18 18:29 - 00000000 ____D C:\ProgramData\Avg
2016-10-18 18:10 - 2016-10-18 18:21 - 00000000 ____D C:\Users\francine\AppData\Local\AvgSetupLog
2016-10-18 16:48 - 2016-10-21 17:46 - 00000000 ____D C:\Program Files\ZHPFix
2016-10-17 14:44 - 2016-10-17 14:45 - 04702544 _____ (Avira Operations GmbH & Co. KG) C:\Users\francine\Downloads\avira_fr_av_5804e3ce0ddb6__ws.exe
2016-10-17 12:15 - 2016-10-17 12:15 - 03143504 _____ (AVG Technologies CZ, s.r.o.) C:\Users\francine\Downloads\AVG_Protection_Free_1597.exe
2016-10-17 10:38 - 2016-10-17 10:38 - 07301864 _____ C:\Users\francine\Downloads\Startups-vf(1).chm
2016-10-13 23:26 - 2016-10-13 23:26 - 00000000 ____D C:\Users\francine\Desktop\Anciennes données de Firefox
2016-10-13 15:20 - 2016-10-13 15:23 - 00123075 _____ C:\Users\francine\Downloads\desinstaller-ask-toolbar-25714-odr5oh.pdf
2016-10-12 13:28 - 2016-10-22 09:28 - 00000000 ____D C:\Users\francine\AppData\Roaming\ZHP
2016-10-12 11:39 - 2016-10-12 11:39 - 01270466 _____ C:\Users\francine\Downloads\ProcessExplorer.zip
2016-10-11 16:21 - 2016-10-11 16:21 - 00000856 _____ C:\Users\francine\AppData\Local\recently-used.xbel
2016-10-11 12:55 - 2016-10-11 12:56 - 03874368 _____ C:\Users\francine\Downloads\adwcleaner_6.021.exe
2016-10-10 16:42 - 2009-06-17 15:26 - 00828928 _____ (Neuber Software) C:\Users\francine\Downloads\svchostviewer.exe
2016-10-09 19:14 - 2016-10-09 19:14 - 07272464 _____ C:\Users\francine\Downloads\Startups-vf.chm
2016-10-03 14:03 - 2016-10-03 14:03 - 00358794 _____ C:\Users\francine\Downloads\Ivanhov Mikhaël - Le devoir d'être heureux.pdf
2016-09-28 18:19 - 2016-09-28 18:19 - 00345925 _____ C:\Users\francine\Downloads\Napoleon Hill les lois du succès.La Règled'or.pdf
2016-09-28 14:23 - 2016-09-28 14:24 - 00000000 ____D C:\Program Files\QuickTime(2)
2016-09-28 14:10 - 2016-09-28 14:10 - 00001830 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Apple Software Update.lnk
2016-09-28 14:10 - 2016-09-28 14:10 - 00000000 ____D C:\Program Files\Apple Software Update
2016-09-26 18:19 - 2016-09-26 18:19 - 00197376 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgmfx86.sys
2016-09-24 16:41 - 2016-09-24 16:41 - 00000271 _____ C:\Users\francine\Desktop\METEO VERT-EN-DROUAIS.URL
==================== Un mois - Modifiés - fichiers et dossiers ========
(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)
2099-07-22 10:17 - 2009-01-19 11:50 - 00524288 ___SH C:\Users\Public\NTUSER.DAT{6b82c917-e60c-11dd-bfd9-001fe2041d79}.TMContainer00000000000000000001.regtrans-ms
2099-07-22 10:17 - 2009-01-19 11:50 - 00065536 ___SH C:\Users\Public\NTUSER.DAT{6b82c917-e60c-11dd-bfd9-001fe2041d79}.TM.blf
2099-07-22 10:17 - 2008-10-25 14:06 - 00262144 _____ C:\Users\Public\NTUSER.DAT
2099-07-22 10:17 - 2008-10-25 14:06 - 00005120 ____H C:\Users\Public\NTUSER.DAT.LOG1
2016-10-23 10:01 - 2012-11-04 23:13 - 00000262 _____ C:\Windows\Tasks\HP Photo Creations Messager.job
2016-10-23 08:44 - 2008-07-07 11:14 - 00000000 _____ C:\Windows\system32\LogConfigTemp.xml
2016-10-23 08:44 - 2006-11-02 14:58 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2016-10-23 08:44 - 2006-11-02 14:45 - 00003216 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
2016-10-23 08:44 - 2006-11-02 14:45 - 00003216 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
2016-10-22 21:05 - 2006-11-02 14:58 - 00032502 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2016-10-22 18:47 - 2013-11-06 11:47 - 00000000 ____D C:\Program Files\Mozilla Firefox
2016-10-22 18:47 - 2012-05-03 09:35 - 00000000 ____D C:\Program Files\Mozilla Maintenance Service
2016-10-21 20:25 - 2010-02-20 16:43 - 00002687 _____ C:\Users\francine\Desktop\Word.lnk
2016-10-21 20:09 - 2009-12-03 21:49 - 00000000 ____D C:\Users\francine\AppData\Local\Paint.NET
2016-10-21 18:28 - 2006-11-02 13:18 - 00000000 ____D C:\Windows\inf
2016-10-21 18:17 - 2006-11-02 13:18 - 00000000 ____D C:\Windows\registration
2016-10-20 20:37 - 2012-10-25 21:24 - 00000000 ____D C:\Users\francine\Pictures PC
2016-10-20 19:27 - 2010-05-26 16:59 - 00000000 ____D C:\Users\francine\AppData\Roaming\PhotoScape
2016-10-20 19:20 - 2012-09-08 19:19 - 00007168 ____H C:\Users\francine\photothumb.db
2016-10-20 19:20 - 2008-10-08 11:20 - 00000000 ____D C:\Users\francine
2016-10-20 18:17 - 2009-08-15 11:29 - 00000000 ____D C:\Users\francine\AppData\Roaming\Media Player Classic
2016-10-20 12:12 - 2008-01-21 09:24 - 01615904 _____ C:\Windows\system32\PerfStringBackup.INI
2016-10-20 12:12 - 2008-01-21 09:23 - 00722238 _____ C:\Windows\system32\perfh00C.dat
2016-10-20 12:12 - 2008-01-21 09:23 - 00146072 _____ C:\Windows\system32\perfc00C.dat
2016-10-18 18:09 - 2014-08-20 18:29 - 00000000 ____D C:\ProgramData\Package Cache
2016-10-17 16:00 - 2015-04-24 08:51 - 00000000 ____D C:\Users\francine\Desktop\MATTHIEU
2016-10-17 09:28 - 2008-10-08 12:42 - 00157184 _____ C:\Users\francine\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2016-10-16 20:29 - 2016-02-07 11:41 - 00000000 ____D C:\Users\francine\{afdb3f64-63d7-442b-b3d0-7e1dcc4623b4}
2016-10-16 20:29 - 2015-09-25 13:05 - 00000000 ____D C:\Users\francine\AppData\Roaming\vlc
2016-10-16 20:29 - 2015-08-27 20:49 - 00000000 ____D C:\Users\francine\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\NCH Toolbox
2016-10-16 20:29 - 2015-08-21 15:22 - 00000000 ____D C:\Users\francine\Downloads\logiciels
2016-10-16 20:29 - 2015-08-21 15:14 - 00000000 ____D C:\Users\francine\Downloads\AVG ET logiciels nettoyage
2016-10-16 20:29 - 2015-07-18 12:48 - 00000000 ____D C:\Users\francine\Downloads\ancien
2016-10-16 20:29 - 2013-12-01 18:21 - 00000000 ____D C:\Users\francine\AppData\Roaming\PhotoFiltre 7
2016-10-16 20:29 - 2013-09-12 15:44 - 00000000 ____D C:\Users\francine\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Revo Uninstaller
2016-10-16 20:29 - 2012-06-02 21:20 - 00000000 ____D C:\Users\francine\AppData\Roaming\Audacity
2016-10-16 20:29 - 2011-01-18 19:07 - 00000000 ____D C:\Users\francine\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\eTeks Sweet Home 3D
2016-10-16 20:29 - 2010-10-25 14:31 - 00000000 ____D C:\Users\francine\AppData\Roaming\PhotoFiltre
2016-10-16 20:29 - 2010-01-09 16:18 - 00000000 ____D C:\Users\francine\AppData\Roaming\mp3keyshifter
2016-10-16 20:29 - 2009-10-08 15:56 - 00000000 ____D C:\Users\francine\AppData\Roaming\Thunderbird
2016-10-16 20:29 - 2009-08-05 18:57 - 00000000 ____D C:\Users\francine\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\CyberLink PowerDVD
2016-10-16 20:29 - 2009-02-04 13:53 - 00000000 ____D C:\Users\francine\AppData\Roaming\OpenAlchemist
2016-10-16 20:29 - 2008-12-25 17:03 - 00000000 ____D C:\Users\francine\Desktop\PhotoScape
2016-10-16 20:29 - 2008-11-10 20:24 - 00000000 ____D C:\Users\francine\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Jeux
2016-10-16 20:29 - 2008-10-08 14:12 - 00000000 ____D C:\Users\francine\AppData\Local\Microsoft Help
2016-10-16 20:29 - 2008-10-08 11:20 - 00000000 ____D C:\Users\francine\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\CyberLink PowerDirector
2016-10-16 20:29 - 2008-03-16 16:03 - 00000000 ____D C:\ACER
2016-10-16 20:29 - 2006-11-02 13:18 - 00000000 ____D C:\Windows\system32\spool
2016-10-16 20:29 - 2006-11-02 13:18 - 00000000 ____D C:\Windows\system32\Msdtc
2016-10-16 20:29 - 2006-11-02 12:22 - 63700992 _____ C:\Windows\system32\config\software_previous
2016-10-16 20:29 - 2006-11-02 12:22 - 25165824 _____ C:\Windows\system32\config\system_previous
2016-10-16 20:25 - 2006-11-02 12:22 - 49020928 _____ C:\Windows\system32\config\components_previous
2016-10-16 20:25 - 2006-11-02 12:22 - 00262144 _____ C:\Windows\system32\config\sam_previous
2016-10-16 09:35 - 2006-11-02 12:22 - 00524288 _____ C:\Windows\system32\config\default_previous
2016-10-16 09:35 - 2006-11-02 12:22 - 00262144 _____ C:\Windows\system32\config\security_previous
2016-10-13 21:55 - 2014-04-04 18:52 - 00000000 ____D C:\AdwCleaner
2016-10-13 16:40 - 2008-03-16 23:44 - 00000000 ____D C:\Windows\system32\Macromed
2016-10-11 17:10 - 2011-07-14 13:50 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SDLL
2016-10-11 16:21 - 2012-06-01 00:08 - 00000000 ____D C:\Users\francine\.gimp-2.8
2016-10-11 16:18 - 2009-07-28 16:32 - 00000000 ____D C:\Program Files\Garmin
2016-10-11 08:49 - 2012-04-12 09:26 - 00796352 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
2016-10-11 08:49 - 2012-03-14 12:16 - 00142528 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl
2016-10-10 10:21 - 2008-01-21 04:43 - 00000000 ____D C:\PerfLogs
2016-10-09 20:26 - 2016-08-31 20:50 - 00000000 ____D C:\Users\francine\Downloads\DIVERS
2016-10-09 17:52 - 2012-01-06 15:00 - 00745254 _____ C:\Users\francine\AppData\Local\census.cache
2016-10-09 17:52 - 2012-01-06 14:59 - 00209407 _____ C:\Users\francine\AppData\Local\ars.cache
2016-10-09 15:55 - 2015-10-22 20:29 - 00170200 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2016-10-05 14:45 - 2015-08-26 15:28 - 00000000 ____D C:\Mes documents
2016-09-30 10:43 - 2015-06-26 21:35 - 00000000 ____D C:\Users\francine\dwhelper
2016-09-29 12:53 - 2011-12-04 12:45 - 00000000 ____D C:\MP Navigator
==================== Fichiers à la racine de certains dossiers =======
2013-12-26 11:51 - 2014-12-16 10:35 - 0000081 _____ () C:\Users\francine\AppData\Roaming\Camdata.ini
2013-12-26 11:51 - 2014-12-16 10:35 - 0000408 _____ () C:\Users\francine\AppData\Roaming\CamLayout.ini
2013-12-26 11:51 - 2014-12-16 10:35 - 0000408 _____ () C:\Users\francine\AppData\Roaming\CamShapes.ini
2013-12-26 11:51 - 2014-12-16 10:34 - 0004416 _____ () C:\Users\francine\AppData\Roaming\CamStudio.cfg
2016-10-14 11:38 - 2016-10-14 11:51 - 0000115 _____ () C:\Users\francine\AppData\Roaming\LogFile.txt
2009-02-06 15:46 - 2010-11-16 10:05 - 0079693 _____ () C:\Users\francine\AppData\Roaming\UserTile.png
2010-01-19 20:06 - 2010-01-19 22:23 - 0001028 _____ () C:\Users\francine\AppData\Roaming\WavCodec.wff
2013-07-01 10:28 - 2013-07-01 10:28 - 0000005 _____ () C:\Users\francine\AppData\Roaming\WBPU-TTL.DAT
2008-10-08 11:53 - 2016-04-11 09:22 - 0000780 _____ () C:\Users\francine\AppData\Roaming\wklnhst.dat
2012-01-06 14:59 - 2016-10-09 17:52 - 0209407 _____ () C:\Users\francine\AppData\Local\ars.cache
2012-01-06 15:00 - 2016-10-09 17:52 - 0745254 _____ () C:\Users\francine\AppData\Local\census.cache
2009-04-23 09:44 - 2010-09-29 12:33 - 0000680 _____ () C:\Users\francine\AppData\Local\d3d9caps.dat
2008-10-08 12:42 - 2016-10-17 09:28 - 0157184 _____ () C:\Users\francine\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2012-01-06 14:41 - 2012-01-06 14:41 - 0000036 _____ () C:\Users\francine\AppData\Local\housecall.guid.cache
2010-12-23 18:54 - 2010-12-23 18:54 - 0004096 ____H () C:\Users\francine\AppData\Local\keyfile3.drm
2015-08-19 19:41 - 2015-08-19 20:09 - 37329920 _____ () C:\Users\francine\AppData\Local\Microsoft Office 2010 Toolkit.exe
2016-10-11 16:21 - 2016-10-11 16:21 - 0000856 _____ () C:\Users\francine\AppData\Local\recently-used.xbel
2012-07-08 14:51 - 2012-07-08 14:51 - 0000057 _____ () C:\ProgramData\Ament.ini
Fichiers à déplacer ou supprimer:
====================
C:\Users\francine\ZHPDiag3.exe
==================== Bamital & volsnap ======================
(Il n'y a pas de correction automatique pour les fichiers qui ne satisfont pas à la vérification.)
C:\Windows\explorer.exe => Le fichier est signé numériquement
C:\Windows\system32\winlogon.exe => Le fichier est signé numériquement
C:\Windows\system32\wininit.exe => Le fichier est signé numériquement
C:\Windows\system32\svchost.exe => Le fichier est signé numériquement
C:\Windows\system32\services.exe => Le fichier est signé numériquement
C:\Windows\system32\User32.dll => Le fichier est signé numériquement
C:\Windows\system32\userinit.exe => Le fichier est signé numériquement
C:\Windows\system32\rpcss.dll => Le fichier est signé numériquement
C:\Windows\system32\dnsapi.dll => Le fichier est signé numériquement
C:\Windows\system32\Drivers\volsnap.sys => Le fichier est signé numériquement
LastRegBack: 2016-10-23 09:02
==================== Fin de FRST.txt ============================