cjoint

Publicité


Publicité

Format du document : text/plain

Prévisualisation

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 11-03-2015
Ran by luc (administrator) on LUC-PC on 07-04-2015 20:29:18
Running from C:\Users\luc.luc-PC\Desktop
Loaded Profiles: luc (Available profiles: UpdatusUser & luc)
Platform: Windows 7 Home Premium (X64) OS Language: Français (France)
Internet Explorer Version 9 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\NvXDSync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Index Education) C:\Program Files (x86)\Index Education\Mise a jour automatique\ServiceMiseAJourIndex.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Elements Organizer 8.0\PhotoshopElementsFileAgent.exe
(Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 15.0.2\avp.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\dsiwmis.exe
(Acer Incorporated) C:\Program Files\Packard Bell\Packard Bell Power Management\ePowerSvc.exe
(Acer Incorporated) C:\Program Files (x86)\Packard Bell\Registration\GREGsvc.exe
(Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.21.145\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.21.145\GoogleCrashHandler64.exe
(NTI Corporation) C:\Program Files (x86)\NTI\Packard Bell MyBackup\IScheduleSvc.exe
(pdfforge GmbH) C:\Program Files (x86)\PDF Architect\HelperService.exe
(pdfforge GmbH) C:\Program Files (x86)\PDF Architect\ConversionService.exe
(Acer Group) C:\Program Files\Packard Bell\Packard Bell Updater\UpdaterService.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Acer Incorporated) C:\Program Files\Packard Bell\Packard Bell Power Management\ePowerTray.exe
(Spotify Ltd) C:\Users\luc.luc-PC\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe
(Hewlett-Packard Co.) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(NTI Corporation) C:\Program Files (x86)\NTI\Packard Bell MyBackup\BackupManagerTray.exe
(Renesas Electronics Corporation) C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LManager.exe
(Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\MMDx64Fx.exe
(Goto.Games) C:\Program Files (x86)\Goto.Games\Funbridge2\FbNotificationsComServer.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(OpenOffice.org) C:\Program Files (x86)\OpenOffice.org 3\program\soffice.exe
(OpenOffice.org) C:\Program Files (x86)\OpenOffice.org 3\program\soffice.bin
(Intel Corporation) C:\Windows\System32\igfxext.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LMworker.exe
(Acer Incorporated) C:\Program Files\Packard Bell\Packard Bell Power Management\ePowerEvent.exe
(Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 15.0.2\avpui.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Hewlett-Packard Co.) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqste08.exe
(Hewlett-Packard Co.) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqbam08.exe
(Hewlett-Packard) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgpc01.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_16_0_0_305.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_16_0_0_305.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(http://www.emule-project.net) C:\Program Files (x86)\eMule\emule.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [11619432 2010-11-27] (Realtek Semiconductor)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2392360 2010-10-09] (Synaptics Incorporated)
HKLM\...\Run: [Acer ePower Management] => C:\Program Files\Packard Bell\Packard Bell Power Management\ePowerTray.exe [860040 2010-10-29] (Acer Incorporated)
HKLM\...\Run: [BCSSync] => C:\Program Files\Microsoft Office\Office14\BCSSync.exe [108144 2012-11-05] (Microsoft Corporation)
HKLM-x32\...\Run: [Adobe Reader Speed Launcher] => C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe [41056 2013-05-08] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [BackupManagerTray] => C:\Program Files (x86)\NTI\Packard Bell MyBackup\BackupManagerTray.exe [295232 2010-11-12] (NTI Corporation)
HKLM-x32\...\Run: [NUSB3MON] => C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe [113288 2010-11-17] (Renesas Electronics Corporation)
HKLM-x32\...\Run: [LManager] => C:\Program Files (x86)\Launch Manager\LManager.exe [1078352 2011-02-24] (Dritek System Inc.)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-04-04] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe [49208 2011-10-28] (Hewlett-Packard)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [FbNotifications] => C:\Program Files (x86)\Goto.Games\Funbridge2\FbNotificationsComServer.exe [491008 2012-04-05] (Goto.Games)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-2249959051-3488735749-356246145-1001\...\Run: [Spotify Web Helper] => C:\Users\luc.luc-PC\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe [1676344 2015-01-27] (Spotify Ltd)
HKU\S-1-5-21-2249959051-3488735749-356246145-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [7451928 2015-03-13] (Piriform Ltd)
HKU\S-1-5-21-2249959051-3488735749-356246145-1001\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\system32\Mystify.scr [242688 2009-07-14] (Microsoft Corporation)
AppInit_DLLs: C:\Windows\system32\nvinitx.dll => C:\Windows\system32\nvinitx.dll [226920 2010-12-13] (NVIDIA Corporation)
AppInit_DLLs-x32: C:\Windows\SysWOW64\nvinit.dll => C:\Windows\SysWOW64\nvinit.dll [192616 2010-12-13] (NVIDIA Corporation)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk
ShortcutTarget: HP Digital Imaging Monitor.lnk -> C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe (Hewlett-Packard Co.)
Startup: C:\Users\luc.luc-PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.4.1.lnk
ShortcutTarget: OpenOffice.org 3.4.1.lnk -> C:\Program Files (x86)\OpenOffice.org 3\program\quickstart.exe ()
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com
HKU\S-1-5-21-2249959051-3488735749-356246145-1001\Software\Microsoft\Internet Explorer\Main,Start Page = http://google.fr/
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO: Virtual Keyboard Plugin -> {4A66AD60-A03D-4D01-86F0-5F0F7C0EF1AD} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 15.0.2\x64\IEExt\ie_plugin.dll [2014-12-23] (Kaspersky Lab ZAO)
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-19] (Microsoft Corporation)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21] (Microsoft Corp.)
BHO: Content Blocker Plugin -> {93BC2EA7-2F17-4729-948A-D2E03FFB2412} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 15.0.2\x64\IEExt\ie_plugin.dll [2014-12-23] (Kaspersky Lab ZAO)
BHO: Safe Money Plugin -> {AB379017-4C03-4E00-8EDF-E6D6AF7CCF82} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 15.0.2\x64\IEExt\ie_plugin.dll [2014-12-23] (Kaspersky Lab ZAO)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO-x32: HP Print Enhancer -> {0347C33E-8762-4905-BF09-768834316C61} -> C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll [2009-05-21] (Hewlett-Packard Co.)
BHO-x32: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2013-05-08] (Adobe Systems Incorporated)
BHO-x32: PDF Architect Helper -> {3A2D5EBA-F86D-4BD3-A177-019765996711} -> C:\Program Files (x86)\PDF Architect\PDFIEHelper.dll [2013-04-08] (pdfforge GmbH)
BHO-x32: Virtual Keyboard Plugin -> {4A66AD60-A03D-4D01-86F0-5F0F7C0EF1AD} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 15.0.2\IEExt\ie_plugin.dll [2014-12-23] (Kaspersky Lab ZAO)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-19] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\ssv.dll [2015-02-13] (Oracle Corporation)
BHO-x32: Programme d'aide de l'Assistant de connexion Windows Live ID -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21] (Microsoft Corp.)
BHO-x32: Content Blocker Plugin -> {93BC2EA7-2F17-4729-948A-D2E03FFB2412} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 15.0.2\IEExt\ie_plugin.dll [2014-12-23] (Kaspersky Lab ZAO)
BHO-x32: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2013-05-13] (Google Inc.)
BHO-x32: Safe Money Plugin -> {AB379017-4C03-4E00-8EDF-E6D6AF7CCF82} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 15.0.2\IEExt\ie_plugin.dll [2014-12-23] (Kaspersky Lab ZAO)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\jp2ssv.dll [2015-02-13] (Oracle Corporation)
BHO-x32: HP Smart BHO Class -> {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} -> C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll [2009-05-21] (Hewlett-Packard Co.)
Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2013-05-13] (Google Inc.)
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1 192.168.1.1

FireFox:
========
FF ProfilePath: C:\Users\luc.luc-PC\AppData\Roaming\Mozilla\Firefox\Profiles\0wrmz07z.default-1428430351496
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_16_0_0_305.dll [2015-02-04] ()
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_16_0_0_305.dll [2015-02-04] ()
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll [2013-04-20] (Google)
FF Plugin-x32: @java.com/DTPlugin,version=11.31.2 -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\dtplugin\npDeployJava1.dll [2015-02-13] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.31.2 -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\plugin2\npjp2.dll [2015-02-13] (Oracle Corporation)
FF Plugin-x32: @kaspersky.com/content_blocker_663BE84DBCC949E88C7600F63CA7F098 -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 15.0.2\FFExt\content_blocker@kaspersky.com [2015-03-04] ()
FF Plugin-x32: @kaspersky.com/virtual_keyboard_07402848C2F6470194F131B0F3DE025E -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 15.0.2\FFExt\virtual_keyboard@kaspersky.com [2015-03-04] ()
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~4\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~4\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2010-09-23] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.21.145\npGoogleUpdate3.dll [2013-05-21] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.21.145\npGoogleUpdate3.dll [2013-05-21] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.0.6 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2013-04-14] (VideoLAN)
FF Plugin-x32: @zylom.com/ZylomGamesPlayer -> C:\ProgramData\Zylom\ZylomGamesPlayer\npzylomgamesplayer.dll [2006-09-26] (Zylom)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll [2013-05-08] (Adobe Systems Inc.)
FF user.js: detected! => C:\Users\luc.luc-PC\AppData\Roaming\Mozilla\Firefox\Profiles\0wrmz07z.default-1428430351496\user.js [2015-04-07]
FF Extension: Adblock Plus - C:\Users\luc.luc-PC\AppData\Roaming\Mozilla\Firefox\Profiles\0wrmz07z.default-1428430351496\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2015-04-07]
FF HKLM-x32\...\Firefox\Extensions: [FFPDFArchitectConverter@pdfarchitect.com] - C:\Program Files (x86)\PDF Architect\FFPDFArchitectExt
FF Extension: PDF Architect Converter For Firefox - C:\Program Files (x86)\PDF Architect\FFPDFArchitectExt [2013-04-26]
FF HKLM-x32\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF Extension: HP Smart Web Printing - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2013-04-26]
FF HKLM-x32\...\Firefox\Extensions: [content_blocker_663BE84DBCC949E88C7600F63CA7F098@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 15.0.2\FFExt\content_blocker@kaspersky.com
FF Extension: Module de blocage des sites Internet dangereux - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 15.0.2\FFExt\content_blocker@kaspersky.com [2015-03-04]
FF HKLM-x32\...\Firefox\Extensions: [virtual_keyboard_07402848C2F6470194F131B0F3DE025E@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 15.0.2\FFExt\virtual_keyboard@kaspersky.com
FF Extension: Clavier virtuel - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 15.0.2\FFExt\virtual_keyboard@kaspersky.com [2015-03-04]
FF HKU\S-1-5-21-2249959051-3488735749-356246145-1001\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3

Chrome:
=======
CHR Profile: C:\Users\luc.luc-PC\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (ebeenikkcpgaekfgbnflbaaihalfifkk) - C:\Users\luc.luc-PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\ebeenikkcpgaekfgbnflbaaihalfifkk [2015-04-01]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 AVP15.0.2; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 15.0.2\avp.exe [193400 2014-12-23] (Kaspersky Lab ZAO)
R2 ePowerSvc; C:\Program Files\Packard Bell\Packard Bell Power Management\ePowerSvc.exe [868224 2010-10-29] (Acer Incorporated)
R2 GREGService; C:\Program Files (x86)\Packard Bell\Registration\GREGsvc.exe [23584 2010-01-08] (Acer Incorporated)
R3 hpqcxs08; C:\Program Files (x86)\HP\Digital Imaging\bin\hpqcxs08.dll [248832 2009-05-21] (Hewlett-Packard Co.) [File not signed]
R2 hpqddsvc; C:\Program Files (x86)\HP\Digital Imaging\bin\hpqddsvc.dll [133120 2009-05-21] (Hewlett-Packard Co.) [File not signed]
R2 HPSLPSVC; C:\Program Files (x86)\HP\Digital Imaging\bin\HPSLPSVC64.DLL [1039360 2010-10-22] (Hewlett-Packard Co.) [File not signed]
R2 MajIndexEducationService; C:\Program Files (x86)\Index Education\Mise a jour automatique\ServiceMiseAJourIndex.exe [2930176 2014-11-10] (Index Education) [File not signed]
R2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [71680 2010-08-06] (Hewlett-Packard) [File not signed]
R2 NTI IScheduleSvc; C:\Program Files (x86)\NTI\Packard Bell MyBackup\IScheduleSvc.exe [257344 2010-11-12] (NTI Corporation)
R2 PDF Architect Helper Service; C:\Program Files (x86)\PDF Architect\HelperService.exe [1320496 2013-04-08] (pdfforge GmbH)
R2 PDF Architect Service; C:\Program Files (x86)\PDF Architect\ConversionService.exe [799280 2013-04-08] (pdfforge GmbH)
R2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [89600 2010-08-06] (Hewlett-Packard) [File not signed]
R2 Updater Service; C:\Program Files\Packard Bell\Packard Bell Updater\UpdaterService.exe [243232 2010-01-29] (Acer Group)
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2009-07-14] (Microsoft Corporation)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R0 cm_km_w; C:\Windows\System32\DRIVERS\cm_km_w.sys [238288 2013-01-14] (Kaspersky Lab UK Ltd)
R0 kl1; C:\Windows\System32\DRIVERS\kl1.sys [468576 2014-03-31] (Kaspersky Lab ZAO)
R2 kldisk; C:\Windows\System32\DRIVERS\kldisk.sys [56008 2015-03-27] (Kaspersky Lab ZAO)
R3 klflt; C:\Windows\System32\DRIVERS\klflt.sys [151240 2014-11-28] (Kaspersky Lab ZAO)
R1 klhk; C:\Windows\System32\DRIVERS\klhk.sys [245960 2014-10-22] (Kaspersky Lab ZAO)
R1 KLIF; C:\Windows\System32\DRIVERS\klif.sys [842440 2015-03-27] (Kaspersky Lab ZAO)
R1 KLIM6; C:\Windows\System32\DRIVERS\klim6.sys [30920 2014-10-10] (Kaspersky Lab ZAO)
R3 klkbdflt; C:\Windows\System32\DRIVERS\klkbdflt.sys [30920 2014-10-30] (Kaspersky Lab ZAO)
R3 klmouflt; C:\Windows\System32\DRIVERS\klmouflt.sys [29280 2013-08-08] (Kaspersky Lab ZAO)
R1 klpd; C:\Windows\System32\DRIVERS\klpd.sys [15456 2013-04-12] (Kaspersky Lab ZAO)
R1 kltdi; C:\Windows\System32\DRIVERS\kltdi.sys [57032 2014-10-09] (Kaspersky Lab ZAO)
R1 Klwtp; C:\Windows\System32\DRIVERS\klwtp.sys [77000 2014-11-22] (Kaspersky Lab ZAO)
R1 kneps; C:\Windows\System32\DRIVERS\kneps.sys [181960 2014-11-10] (Kaspersky Lab ZAO)
S3 b57xdbd; system32\DRIVERS\b57xdbd.sys [X]
S3 b57xdmp; system32\DRIVERS\b57xdmp.sys [X]
S3 bScsiMSa; system32\DRIVERS\bScsiMSa.sys [X]
S3 bScsiSDa; system32\DRIVERS\bScsiSDa.sys [X]
S3 k57nd60a; system32\DRIVERS\k57nd60a.sys [X]
U2 TMAgent; No ImagePath

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-04-07 20:29 - 2015-04-07 20:29 - 00021529 _____ () C:\Users\luc.luc-PC\Desktop\FRST.txt
2015-04-06 21:00 - 2015-04-04 23:17 - 02095616 _____ (Farbar) C:\Users\luc.luc-PC\Desktop\FRST64.exe
2015-04-06 14:54 - 2015-04-06 14:54 - 00000000 ___HD () C:\ProgramData\htq
2015-04-06 13:42 - 2015-04-06 13:42 - 02095616 _____ (Farbar) C:\Users\luc.luc-PC\Downloads\FRST64(1).exe
2015-04-05 20:42 - 2015-04-05 20:42 - 00001131 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2015-04-05 20:42 - 2015-04-05 20:42 - 00001119 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk
2015-04-05 20:42 - 2015-04-05 20:42 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2015-04-05 10:14 - 2015-04-05 21:52 - 00000000 ____D () C:\Users\luc.luc-PC\AppData\Roaming\ZHP
2015-04-05 10:14 - 2015-04-05 21:46 - 00000845 _____ () C:\Users\luc.luc-PC\Desktop\ZHPCleaner.lnk
2015-04-05 10:14 - 2015-04-05 10:14 - 01706496 _____ () C:\Users\luc.luc-PC\Downloads\ZHPCleaner.exe
2015-04-05 10:03 - 2015-04-07 20:12 - 00000000 ____D () C:\Users\luc.luc-PC\Desktop\Anciennes données de Firefox
2015-04-04 23:28 - 2015-04-04 23:28 - 00048325 _____ () C:\Users\luc.luc-PC\Downloads\Shortcut.txt
2015-04-04 23:19 - 2015-04-04 23:28 - 00035907 _____ () C:\Users\luc.luc-PC\Downloads\Addition.txt
2015-04-04 23:18 - 2015-04-07 20:29 - 00000000 ____D () C:\FRST
2015-04-04 23:18 - 2015-04-06 15:11 - 00033425 _____ () C:\Users\luc.luc-PC\Downloads\FRST.txt
2015-04-04 23:17 - 2015-04-04 23:17 - 02095616 _____ (Farbar) C:\Users\luc.luc-PC\Downloads\FRST64.exe
2015-04-04 23:01 - 2015-04-04 23:01 - 00243544 _____ () C:\Users\luc.luc-PC\Downloads\Firefox Setup Stub 37.0.1.exe
2015-04-04 22:47 - 2015-04-04 22:47 - 00013441 _____ () C:\Users\luc.luc-PC\Desktop\AdwCleaner[S0].txt
2015-04-04 22:46 - 2015-04-07 20:14 - 00002174 _____ () C:\Windows\setupact.log
2015-04-04 22:46 - 2015-04-05 20:35 - 00003252 _____ () C:\Windows\PFRO.log
2015-04-04 22:46 - 2015-04-04 22:46 - 00000000 _____ () C:\Windows\setuperr.log
2015-04-04 22:42 - 2015-04-06 20:57 - 00000000 ____D () C:\AdwCleaner
2015-04-04 22:42 - 2015-04-04 22:42 - 02208768 _____ () C:\Users\luc.luc-PC\Downloads\adwcleaner_4.200.exe
2015-04-04 22:01 - 2015-04-04 22:01 - 00130426 _____ () C:\Users\luc.luc-PC\Documents\cc_20150404_220140.reg
2015-04-04 21:57 - 2015-04-04 21:57 - 00002782 _____ () C:\Windows\System32\Tasks\CCleanerSkipUAC
2015-04-04 21:57 - 2015-04-04 21:57 - 00000834 _____ () C:\Users\Public\Desktop\CCleaner.lnk
2015-04-04 21:57 - 2015-04-04 21:57 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2015-04-04 21:57 - 2015-04-04 21:57 - 00000000 ____D () C:\Program Files\CCleaner
2015-04-04 21:56 - 2015-04-04 21:55 - 05344528 _____ (Piriform Ltd) C:\Users\luc.luc-PC\Downloads\ccsetup504 [1].exe
2015-04-04 21:51 - 2015-04-04 21:51 - 00706664 _____ (Internet ) C:\Users\luc.luc-PC\Downloads\ccsetup504.exe
2015-04-04 12:01 - 2015-04-04 12:01 - 00468536 _____ () C:\Users\luc.luc-PC\Downloads\Adblock-Plus-1-7-2.exe
2015-04-01 23:29 - 2015-04-01 23:29 - 00262144 _____ () C:\Windows\system32\config\elam
2015-04-01 23:27 - 2015-04-04 10:07 - 00000004 _____ () C:\Windows\SysWOW64\029B560A371F4E00AB32838EBC01B9E7
2015-03-28 15:47 - 2015-03-28 15:48 - 00000000 ____D () C:\Users\luc.luc-PC\Desktop\cle usb verte
2015-03-28 12:55 - 2015-03-28 12:56 - 00000000 ____D () C:\Users\luc.luc-PC\Desktop\victornounou
2015-03-28 12:09 - 2015-03-28 15:32 - 00000000 ____D () C:\Users\luc.luc-PC\Desktop\Chester mars 2015
2015-03-25 01:33 - 2015-03-11 04:39 - 00943616 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2015-03-25 01:33 - 2015-03-11 04:39 - 00760832 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2015-03-25 01:33 - 2015-03-11 04:39 - 00677888 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2015-03-25 01:33 - 2015-03-11 04:39 - 00414720 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2015-03-25 01:33 - 2015-03-11 04:39 - 00227328 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2015-03-25 01:33 - 2015-03-11 04:39 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2015-03-25 01:33 - 2015-03-11 04:34 - 01107456 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2015-03-21 17:02 - 2015-03-21 22:12 - 00000000 ____D () C:\Users\luc.luc-PC\Desktop\photoshiver2015
2015-03-20 21:13 - 2015-03-20 21:14 - 00243600 _____ () C:\Users\luc.luc-PC\Downloads\Firefox Setup Stub 36.0.1.exe

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-04-07 20:29 - 2011-08-16 14:20 - 00000000 ____D () C:\ProgramData\Kaspersky Lab
2015-04-07 20:21 - 2009-07-14 06:45 - 00022896 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-04-07 20:21 - 2009-07-14 06:45 - 00022896 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-04-07 20:17 - 2013-04-25 21:18 - 01306845 _____ () C:\Windows\WindowsUpdate.log
2015-04-07 20:15 - 2013-04-26 22:26 - 00001002 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-04-07 20:14 - 2013-05-13 08:15 - 00001058 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-04-07 20:14 - 2013-04-25 21:37 - 00000000 ____D () C:\ProgramData\boost_interprocess
2015-04-07 20:14 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2015-04-07 19:41 - 2013-05-13 08:15 - 00001062 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-04-06 18:45 - 2013-04-26 07:08 - 00704480 _____ () C:\Windows\system32\perfh00C.dat
2015-04-06 18:45 - 2013-04-26 07:08 - 00130754 _____ () C:\Windows\system32\perfc00C.dat
2015-04-06 18:45 - 2009-07-14 07:13 - 01549700 _____ () C:\Windows\system32\PerfStringBackup.INI
2015-04-06 15:27 - 2013-09-02 18:03 - 00000000 ____D () C:\ProgramData\IndexEducation
2015-04-05 20:42 - 2013-07-03 18:18 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2015-04-05 20:34 - 2013-05-13 08:15 - 00000000 ____D () C:\Program Files (x86)\Google
2015-04-04 22:01 - 2013-04-26 15:09 - 00000000 ____D () C:\Program Files (x86)\PDFCreator
2015-04-04 22:00 - 2014-02-19 14:22 - 00000000 ____D () C:\Windows\Minidump
2015-04-04 22:00 - 2009-07-27 22:41 - 00000000 ____D () C:\Windows\Panther
2015-03-29 14:19 - 2013-08-20 10:43 - 00000000 ____D () C:\Users\luc.luc-PC\dwhelper
2015-03-27 14:51 - 2015-03-04 11:49 - 00842440 _____ (Kaspersky Lab ZAO) C:\Windows\system32\Drivers\klif.sys
2015-03-27 14:51 - 2014-08-19 13:31 - 00056008 _____ (Kaspersky Lab ZAO) C:\Windows\system32\Drivers\kldisk.sys
2015-03-25 04:00 - 2014-12-11 04:26 - 00000000 ____D () C:\Windows\system32\appraiser
2015-03-25 04:00 - 2014-07-10 03:06 - 00000000 ___SD () C:\Windows\system32\CompatTel
2015-03-22 13:22 - 2013-04-26 15:01 - 00000000 ____D () C:\Users\luc.luc-PC\AppData\Roaming\vlc
2015-03-21 22:17 - 2015-03-04 17:38 - 00000000 ____D () C:\Users\luc.luc-PC\Desktop\MARS2015TATINGHEM
2015-03-20 21:16 - 2013-04-26 13:43 - 00000000 ____D () C:\Users\luc.luc-PC\AppData\Local\Mozilla
2015-03-20 21:11 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\system32\NDF
2015-03-18 09:48 - 2013-04-26 14:41 - 00000290 __RSH () C:\ProgramData\ntuser.pol
2015-03-14 17:22 - 2014-08-27 16:07 - 00000000 ____D () C:\Users\luc.luc-PC\Desktop\agreg
2015-03-11 23:00 - 2013-04-26 17:13 - 00000000 ____D () C:\ProgramData\Microsoft Help
2015-03-11 22:58 - 2013-08-20 09:26 - 00000000 ____D () C:\Windows\system32\MRT
2015-03-11 22:52 - 2013-05-01 14:27 - 122905848 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2015-03-11 22:51 - 2009-07-14 04:34 - 00000513 _____ () C:\Windows\win.ini
2015-03-10 15:44 - 2011-08-27 20:14 - 00000000 ____D () C:\cours LN

==================== Files in the root of some directories =======

2013-04-26 14:38 - 2013-04-26 14:38 - 0000036 _____ () C:\Users\luc.luc-PC\AppData\Local\housecall.guid.cache
2013-04-26 15:24 - 2013-08-31 10:21 - 0002325 _____ () C:\ProgramData\hpzinstall.log

Files to move or delete:
====================
C:\Users\luc.luc-PC\timeseal.exe


Some content of TEMP:
====================
C:\Users\luc.luc-PC\AppData\Local\Temp\Quarantine.exe
C:\Users\luc.luc-PC\AppData\Local\Temp\sqlite3.dll


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2015-04-04 13:35

==================== End Of Log ============================

Publicité


Signaler le contenu de ce document

Publicité