cjoint

Publicité


Publicité

Format du document : text/plain

Prévisualisation

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 13-04-2015
Ran by ) (administrator) on PC on 14-04-2015 20:32:52
Running from C:\Users\)\Downloads\FRST-OlderVersion\FRST-OlderVersion\FRST-OlderVersion
Loaded Profiles: ) (Available profiles: ))
Platform: Microsoft Windows 7 Ultimate Service Pack 1 (X86) OS Language: English (United States)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(Avast Software s.r.o.) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Malwarebytes Corporation) C:\Program Files\Malwarebytes Anti-Malware\mbamscheduler.exe
(Avast Software s.r.o.) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Update Core\NvBackend.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Malwarebytes Corporation) C:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Malwarebytes Corporation) C:\Program Files\Malwarebytes Anti-Malware\mbam.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Avast Software) C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe
(Microsoft Corporation) C:\Windows\System32\wbem\unsecapp.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\plugin-container.exe
(Adobe Systems, Inc.) C:\Windows\System32\Macromed\Flash\FlashPlayerPlugin_16_0_0_305.exe
(Adobe Systems, Inc.) C:\Windows\System32\Macromed\Flash\FlashPlayerPlugin_16_0_0_305.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [5512912 2015-04-12] (Avast Software s.r.o.)
HKLM\...\Run: [NvBackend] => C:\Program Files\NVIDIA Corporation\Update Core\NvBackend.exe [2199840 2014-04-30] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap.dll,ShadowPlayOnSystemStart
HKU\S-1-5-21-2409887406-2123350535-2978357673-1000\...\Run: [Steam] => C:\Program Files\Steam\Steam.exe [2889408 2015-04-14] (Valve Corporation)
HKU\S-1-5-21-2409887406-2123350535-2978357673-1000\...\MountPoints2: {fd1653c9-db6d-11dd-8ded-806e6f6e6963} - D:\baldur.exe
AppInit_DLLs: C:\Program => C:\Program File Not Found
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll (Avast Software s.r.o.)
BootExecute: autocheck autochk * sdnclean.exe

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = www.google.com
HKU\S-1-5-21-2409887406-2123350535-2978357673-1000\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://fr.msn.com/?ocid=iehp
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2015-04-12] (Avast Software s.r.o.)
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 212.27.40.240 212.27.40.241

FireFox:
========
FF ProfilePath: C:\Users\)\AppData\Roaming\Mozilla\Firefox\Profiles\7am8op94.default-1428958874831
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32_16_0_0_305.dll [2015-02-05] ()
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: @nvidia.com/3DVision -> C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dv.dll [2014-11-03] (NVIDIA Corporation)
FF Plugin: @nvidia.com/3DVisionStreaming -> C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2014-11-03] (NVIDIA Corporation)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2014-12-03] (Adobe Systems Inc.)
FF HKLM\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2013-11-22]

Chrome:
=======
CHR Profile: C:\Users\)\AppData\Local\Google\Chrome\User Data\default
CHR Extension: (Google Docs) - C:\Users\)\AppData\Local\Google\Chrome\User Data\default\Extensions\aohghmighlieiainnegkcijnfilokake [2013-11-22]
CHR Extension: (Google Drive) - C:\Users\)\AppData\Local\Google\Chrome\User Data\default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2013-11-22]
CHR Extension: (YouTube) - C:\Users\)\AppData\Local\Google\Chrome\User Data\default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2013-11-22]
CHR Extension: (Google Search) - C:\Users\)\AppData\Local\Google\Chrome\User Data\default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2013-11-22]
CHR Extension: (avast! Online Security) - C:\Users\)\AppData\Local\Google\Chrome\User Data\default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2013-11-22]
CHR Extension: (Google Wallet) - C:\Users\)\AppData\Local\Google\Chrome\User Data\default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-11-22]
CHR Extension: (Gmail) - C:\Users\)\AppData\Local\Google\Chrome\User Data\default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2013-11-22]
CHR HKLM\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2015-04-12]

========================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [343336 2015-04-12] (Avast Software s.r.o.)
R3 AvastVBoxSvc; C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe [3205216 2015-04-12] (Avast Software)
R2 MBAMScheduler; C:\Program Files\Malwarebytes Anti-Malware\mbamscheduler.exe [1871160 2015-03-17] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe [1080120 2015-03-17] (Malwarebytes Corporation)
R2 NvNetworkService; C:\Program Files\NVIDIA Corporation\NetService\NvNetworkService.exe [1617696 2014-04-30] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [19702048 2014-04-30] (NVIDIA Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [680960 2013-05-27] (Microsoft Corporation)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [24144 2015-04-12] ()
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [73440 2015-04-12] (Avast Software s.r.o.)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [81728 2015-04-12] (Avast Software s.r.o.)
R0 aswRvrt; C:\Windows\system32\Drivers\aswRvrt.sys [49904 2015-04-12] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [788272 2015-04-12] (Avast Software s.r.o.)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [427736 2015-04-12] (Avast Software s.r.o.)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [106912 2015-04-12] (Avast Software s.r.o.)
R0 aswVmm; C:\Windows\system32\Drivers\aswVmm.sys [208024 2015-04-12] ()
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [23256 2015-03-17] (Malwarebytes Corporation)
R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [119512 2015-04-14] (Malwarebytes Corporation)
R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [51928 2015-03-17] (Malwarebytes Corporation)
R3 MEI; C:\Windows\System32\DRIVERS\HECI.sys [55104 2012-07-17] (Intel Corporation)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [17240 2014-04-30] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad32v.sys [34080 2014-03-31] (NVIDIA Corporation)
R2 VBoxAswDrv; C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxAswDrv.sys [220240 2015-04-12] (Avast Software)
S3 MSICDSetup; \??\D:\CDriver.sys [X]
S3 VGPU; System32\drivers\rdvgkmd.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-04-13 23:01 - 2015-04-13 23:01 - 00000000 ____D () C:\Users\)\Desktop\Anciennes données de Firefox
2015-04-13 22:59 - 2015-04-13 22:59 - 00012872 _____ (SurfRight B.V.) C:\Windows\system32\bootdelete.exe
2015-04-13 22:50 - 2015-04-13 22:59 - 00000000 ____D () C:\ProgramData\HitmanPro
2015-04-13 22:50 - 2015-04-13 22:50 - 10109856 _____ (SurfRight B.V.) C:\Users\)\Downloads\HitmanPro.exe
2015-04-13 22:35 - 2015-04-13 22:35 - 02217984 _____ () C:\Users\)\Downloads\adwcleaner_4.201.exe
2015-04-13 19:36 - 2015-04-13 19:40 - 00000000 ____D () C:\Users\)\Downloads\FRST-OlderVersion
2015-04-12 20:31 - 2015-04-12 20:31 - 00000000 ____D () C:\Windows\system32\vbox
2015-04-12 20:17 - 2015-04-12 20:17 - 00002007 _____ () C:\Users\Public\Desktop\Avast Free Antivirus.lnk
2015-04-12 20:17 - 2015-04-12 20:17 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVAST Software
2015-04-12 20:16 - 2015-04-12 20:16 - 00291312 _____ (Avast Software s.r.o.) C:\Windows\system32\aswBoot.exe
2015-04-12 20:16 - 2015-04-12 20:16 - 00043112 _____ (Avast Software s.r.o.) C:\Windows\avastSS.scr
2015-04-09 00:16 - 2015-04-09 00:16 - 00030404 _____ () C:\Users\)\Desktop\FRST4.txt
2015-04-08 00:04 - 2015-04-08 00:05 - 00000000 ___SD () C:\Windows\system32\GWX
2015-04-07 23:32 - 2015-04-07 23:32 - 00030478 _____ () C:\Users\)\Desktop\FRST3.txt
2015-04-07 22:20 - 2015-04-07 22:20 - 00000000 ____D () C:\Program Files\Mozilla Firefox
2015-04-04 08:57 - 2015-04-04 08:57 - 00029824 _____ () C:\Users\)\Desktop\FRST2.txt
2015-04-04 08:21 - 2015-04-04 08:21 - 00001234 _____ () C:\Users\)\Desktop\ZHPCleaner3.txt
2015-04-04 08:10 - 2015-04-04 08:07 - 00000857 _____ () C:\Users\)\Desktop\ZHPCleaner-[S]-04042015-08_10_59.txt
2015-04-03 22:16 - 2015-04-04 08:18 - 00001234 _____ () C:\Users\)\Desktop\ZHPCleaner.txt
2015-04-03 22:13 - 2015-04-04 08:07 - 00000788 _____ () C:\Users\)\Desktop\ZHPCleaner.lnk
2015-04-03 22:12 - 2015-04-03 22:12 - 01705984 _____ () C:\Users\)\Downloads\ZHPCleaner.exe
2015-04-03 22:00 - 2015-04-03 22:00 - 00000079 _____ () C:\Windows\wininit.ini
2015-04-02 20:40 - 2015-04-02 20:40 - 00024909 _____ () C:\Users\)\Downloads\Addition.txt
2015-04-02 20:39 - 2015-04-09 00:22 - 00030490 _____ () C:\Users\)\Downloads\FRST.txt
2015-04-02 20:38 - 2015-04-14 20:32 - 00000000 ____D () C:\FRST
2015-04-01 23:29 - 2015-04-01 23:29 - 02208768 _____ () C:\Users\)\Downloads\AdwCleaner-4.200.exe
2015-04-01 23:09 - 2015-04-14 20:30 - 00119512 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-04-01 23:09 - 2015-04-01 23:09 - 00001068 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2015-04-01 23:09 - 2015-04-01 23:09 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2015-04-01 23:09 - 2015-04-01 23:09 - 00000000 ____D () C:\ProgramData\Malwarebytes
2015-04-01 23:09 - 2015-04-01 23:09 - 00000000 ____D () C:\Program Files\Malwarebytes Anti-Malware
2015-04-01 23:09 - 2015-03-17 06:15 - 00092888 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2015-04-01 23:09 - 2015-03-17 06:15 - 00051928 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2015-04-01 23:09 - 2015-03-17 06:15 - 00023256 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2015-04-01 23:08 - 2015-04-01 23:09 - 21540440 _____ (Malwarebytes Corporation ) C:\Users\)\Downloads\mbam-setup-2.1.4.1018.exe
2015-04-01 22:58 - 2015-04-13 22:36 - 00000000 ____D () C:\AdwCleaner
2015-04-01 22:57 - 2015-04-01 22:57 - 02208768 _____ () C:\Users\)\Downloads\adwcleaner_4.200.exe
2015-04-01 22:49 - 2015-04-12 20:28 - 00000004 _____ () C:\Windows\system32\029B560A371F4E00AB32838EBC01B9E7
2015-03-24 20:56 - 2015-03-11 05:30 - 00623616 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2015-03-24 20:56 - 2015-03-11 05:30 - 00534528 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2015-03-24 20:56 - 2015-03-11 05:29 - 00818176 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2015-03-24 20:56 - 2015-03-11 05:29 - 00327168 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2015-03-24 20:56 - 2015-03-11 05:29 - 00202752 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2015-03-24 20:56 - 2015-03-11 05:29 - 00159744 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll
2015-03-24 20:56 - 2015-03-11 05:29 - 00026112 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2015-03-24 20:56 - 2015-03-11 05:26 - 00892928 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2015-03-24 20:50 - 2015-04-13 19:39 - 00037382 _____ () C:\Windows\PFRO.log

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-04-14 20:30 - 2014-11-19 21:15 - 00030688 _____ () C:\Windows\setupact.log
2015-04-14 20:30 - 2013-03-12 12:42 - 00000000 ____D () C:\ProgramData\NVIDIA
2015-04-14 20:30 - 2013-03-11 22:54 - 00000000 ____D () C:\Program Files\Steam
2015-04-14 20:30 - 2013-03-11 22:54 - 00000000 ____D () C:\Program Files\Common Files\Steam
2015-04-14 20:30 - 2009-07-14 06:53 - 00032608 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2015-04-14 20:30 - 2009-07-14 06:53 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2015-04-14 07:51 - 2009-01-05 23:28 - 01764693 _____ () C:\Windows\WindowsUpdate.log
2015-04-14 07:22 - 2009-07-14 06:34 - 00026768 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-04-14 07:22 - 2009-07-14 06:34 - 00026768 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-04-14 07:21 - 2010-11-20 23:01 - 00781790 _____ () C:\Windows\system32\PerfStringBackup.INI
2015-04-14 00:14 - 2013-10-16 16:08 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-04-13 19:11 - 2009-07-14 04:37 - 00000000 ____D () C:\Windows\L2Schemas
2015-04-12 20:16 - 2014-06-02 19:35 - 00024144 _____ () C:\Windows\system32\Drivers\aswHwid.sys
2015-04-12 20:16 - 2014-01-07 20:43 - 00106912 _____ (Avast Software s.r.o.) C:\Windows\system32\Drivers\aswStm.sys
2015-04-12 20:16 - 2013-11-22 22:55 - 00788272 _____ (Avast Software s.r.o.) C:\Windows\system32\Drivers\aswSnx.sys
2015-04-12 20:16 - 2013-11-22 22:55 - 00427736 _____ (Avast Software s.r.o.) C:\Windows\system32\Drivers\aswSP.sys
2015-04-12 20:16 - 2013-11-22 22:55 - 00208024 _____ () C:\Windows\system32\Drivers\aswVmm.sys
2015-04-12 20:16 - 2013-11-22 22:55 - 00081728 _____ (Avast Software s.r.o.) C:\Windows\system32\Drivers\aswRdr2.sys
2015-04-12 20:16 - 2013-11-22 22:55 - 00073440 _____ (Avast Software s.r.o.) C:\Windows\system32\Drivers\aswMonFlt.sys
2015-04-12 20:16 - 2013-11-22 22:55 - 00049904 _____ () C:\Windows\system32\Drivers\aswRvrt.sys
2015-04-08 00:38 - 2013-10-16 16:03 - 00000000 ____D () C:\Program Files\Mozilla Maintenance Service
2015-04-01 23:03 - 2009-07-14 04:37 - 00000000 ____D () C:\Program Files\Common Files\microsoft shared
2015-03-26 21:38 - 2014-12-10 08:22 - 00000000 ____D () C:\Windows\system32\appraiser
2015-03-26 21:38 - 2014-05-07 01:45 - 00000000 ___SD () C:\Windows\system32\CompatTel
2015-03-15 15:56 - 2009-07-14 04:37 - 00000000 ____D () C:\Windows\rescache

==================== Files in the root of some directories =======

2014-01-06 23:03 - 2014-09-25 19:19 - 0000197 _____ () C:\Users\)\AppData\Roaming\rftg
2015-03-31 10:14 - 2015-03-31 10:14 - 0004387 _____ () C:\Users\)\AppData\Roaming\VtbgHdQLF5qnIpE6dwYLJ
2014-01-18 19:41 - 2014-01-18 19:41 - 0000095 _____ () C:\ProgramData\Microsoft.SqlServer.Compact.351.32.bc

==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\explorer.exe => File is digitally signed
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2015-04-10 07:36

==================== End Of Log ============================

Publicité


Signaler le contenu de ce document

Publicité