cjoint

Publicité


Publicité

Format du document : text/plain

Prévisualisation

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 12-07-2015
Ran by van (administrator) on PC-DE-VAN on 17-07-2015 10:04:27
Running from C:\Users\van\Desktop\Downloads
Loaded Profiles: van (Available Profiles: van)
Platform: Microsoft® Windows Vista™ Édition Familiale Basique Service Pack 1 (X86) OS Language: Français (France)
Internet Explorer Version 7 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Microsoft Corporation) C:\Windows\System32\SLsvc.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Agere Systems) C:\Windows\System32\agrsmsvc.exe
() C:\Program Files\Acer Arcade Deluxe\HomeMedia\Kernel\DMP\CLHNService.exe
(Acer Incorporated) C:\Program Files\Acer\Acer PowerSmart Manager\ePowerSvc.exe
() C:\Program Files\McAfee\SiteAdvisor\McSACore.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\McProxy\McProxy.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(McAfee, Inc.) C:\Program Files\McAfee\VirusScan\Mcshield.exe
(McAfee, Inc.) C:\Program Files\McAfee\MPF\MpfSrv.exe
(McAfee, Inc.) C:\Program Files\McAfee\MSK\msksrver.exe
(CyberLink Corp.) C:\Program Files\Acer Arcade Deluxe\Acer Arcade Deluxe\ArcadeDeluxeAgent.exe
(EgisTec Inc.) C:\Program Files\EgisTec\MyWinLocker 3\x86\MWLService.exe
(CyberLink) C:\Program Files\Acer Arcade Deluxe\Acer Arcade Deluxe\Kernel\CLML\CLMLSvc.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(NewTech Infosystems, Inc.) C:\Program Files\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe
(McAfee, Inc.) C:\Program Files\McAfee.com\Agent\mcagent.exe
(Google) C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
(Realtek Semiconductor Corp.) C:\Users\van\AppData\Local\Temp\RtkBtMnt.exe
() C:\Windows\PLFSetI.exe
(Synaptics, Inc.) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(NewTech Infosystems, Inc.) C:\Program Files\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe
(pdfforge GmbH) C:\Program Files\PDF Architect 2\creator-ws.exe
(McAfee, Inc.) C:\Program Files\McAfee\MSC\mcmscsvc.exe
(McAfee, Inc.) C:\Program Files\McAfee\VirusScan\mcsysmon.exe
(Dritek System Inc.) C:\Program Files\Launch Manager\LManager.exe
(NewTech Infosystems, Inc.) C:\Program Files\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe
(Acer Incorporated) C:\Program Files\Acer\Acer PowerSmart Manager\ePowerTray.exe
(EgisTec Inc.) C:\Program Files\EgisTec Egis Software Update\EgisUpdate.exe
(EgisTec Inc.) C:\Program Files\EgisTec\MyWinLocker 3\x86\mwlDaemon.exe
(Acer Corp.) C:\Program Files\Acer Arcade Deluxe\PlayMovie\PMVService.exe
(Hewlett-Packard) C:\Program Files\HP\HP Software Update\hpwuSchd2.exe
(Skype Technologies S.A.) C:\Program Files\Skype\Phone\Skype.exe
(Microsoft Corporation) C:\Program Files\Windows Media Player\wmpnscfg.exe
(Hewlett-Packard Co.) C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
(McAfee, Inc.) C:\Program Files\McAfee Security Scan\3.8.150\SSScheduler.exe
(Microsoft Corporation) C:\Windows\System32\wbem\unsecapp.exe
(Hewlett-Packard Co.) C:\Program Files\HP\Digital Imaging\bin\hpqste08.exe
(Hewlett-Packard Co.) C:\Program Files\HP\Digital Imaging\bin\hpqbam08.exe
(Hewlett-Packard) C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe
(Synaptics, Inc.) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\MNA\McNASvc.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\plugin-container.exe
(Adobe Systems, Inc.) C:\Windows\System32\Macromed\Flash\FlashPlayerPlugin_18_0_0_209.exe
(Adobe Systems, Inc.) C:\Windows\System32\Macromed\Flash\FlashPlayerPlugin_18_0_0_209.exe
(Microsoft Corporation) C:\Windows\System32\conime.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [Windows Defender] => C:\Program Files\Windows Defender\MSASCui.exe [1008184 2008-01-21] (Microsoft Corporation)
HKLM\...\Run: [Adobe Reader Speed Launcher] => C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [34672 2008-06-12] (Adobe Systems Incorporated)
HKLM\...\Run: [ArcadeDeluxeAgent] => C:\Program Files\Acer Arcade Deluxe\Acer Arcade Deluxe\ArcadeDeluxeAgent.exe [156968 2009-01-21] (CyberLink Corp.)
HKLM\...\Run: [CLMLServer] => C:\Program Files\Acer Arcade Deluxe\Acer Arcade Deluxe\Kernel\CLML\CLMLSvc.exe [202024 2009-01-21] (CyberLink)
HKLM\...\Run: [NvCplDaemon] => RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
HKLM\...\Run: [NvMediaCenter] => RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
HKLM\...\Run: [mcagent_exe] => C:\Program Files\McAfee.com\Agent\mcagent.exe [641208 2008-09-23] (McAfee, Inc.)
HKLM\...\Run: [Google Desktop Search] => C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe [30192 2014-07-05] (Google)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe [6814240 2009-02-14] (Realtek Semiconductor)
HKLM\...\Run: [Skytel] => C:\Program Files\Realtek\Audio\HDA\Skytel.exe [1833504 2009-02-14] (Realtek Semiconductor Corp.)
HKLM\...\Run: [PLFSetI] => C:\Windows\PLFSetI.exe [200704 2008-07-29] ()
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [1410344 2008-12-05] (Synaptics, Inc.)
HKLM\...\Run: [LManager] => C:\Program Files\Launch Manager\LManager.exe [866824 2009-02-19] (Dritek System Inc.)
HKLM\...\Run: [BackupManagerTray] => C:\Program Files\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe [248576 2009-02-17] (NewTech Infosystems, Inc.)
HKLM\...\Run: [Acer ePower Management] => C:\Program Files\Acer\Acer PowerSmart Manager\ePowerTray.exe [707104 2009-02-19] (Acer Incorporated)
HKLM\...\Run: [EgisTecLiveUpdate] => C:\Program Files\EgisTec Egis Software Update\EgisUpdate.exe [199464 2008-10-27] (EgisTec Inc.)
HKLM\...\Run: [mwlDaemon] => C:\Program Files\EgisTec\MyWinLocker 3\x86\mwlDaemon.exe [346672 2008-10-27] (EgisTec Inc.)
HKLM\...\Run: [PlayMovie] => C:\Program Files\Acer Arcade Deluxe\PlayMovie\PMVService.exe [173288 2008-12-26] (Acer Corp.)
HKLM\...\Run: [HP Software Update] => C:\Program Files\HP\HP Software Update\HPWuSchd2.exe [49152 2007-10-14] (Hewlett-Packard)
HKLM\...\Run: [hpqSRMon] => C:\Program Files\HP\Digital Imaging\bin\hpqSRMon.exe [80896 2007-08-22] (Hewlett-Packard)
HKU\S-1-5-21-2479039357-964687795-465899863-1000\...\Run: [ProductReg] => C:\Program Files\Acer\WR_PopUp\ProductReg.exe [135168 2008-11-17] (Acer)
HKU\S-1-5-21-2479039357-964687795-465899863-1000\...\Run: [Facebook Update] => C:\Users\van\AppData\Local\Facebook\Update\FacebookUpdate.exe [138096 2014-09-07] (Facebook Inc.)
HKU\S-1-5-21-2479039357-964687795-465899863-1000\...\Run: [Skype] => C:\Program Files\Skype\Phone\Skype.exe [30877280 2014-12-11] (Skype Technologies S.A.)
HKU\S-1-5-21-2479039357-964687795-465899863-1000\...\Run: [WMPNSCFG] => C:\Program Files\Windows Media Player\WMPNSCFG.exe [202240 2008-01-21] (Microsoft Corporation)
HKU\S-1-5-21-2479039357-964687795-465899863-1000\...\MountPoints2: {517cf1a1-6a3f-11e4-a396-001f16929286} - F:\Imageviewer.exe
HKU\S-1-5-21-2479039357-964687795-465899863-1000\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\system32\Acer.scr [413696 2009-01-22] (Acer)
AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~1\GOEC62~1.DLL => C:\Program Files\Google\Google Desktop Search\GoogleDesktopNetwork3.dll [119296 2014-07-05] (Google)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk [2014-07-08]
ShortcutTarget: HP Digital Imaging Monitor.lnk -> C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe (Hewlett-Packard Co.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk [2014-07-07]
ShortcutTarget: McAfee Security Scan Plus.lnk -> C:\Program Files\McAfee Security Scan\3.8.150\SSScheduler.exe (McAfee, Inc.)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => No File
ShellIconOverlayIdentifiers: [egisPSDP] -> {30A0A3F6-38AC-4C53-BB8B-0D95238E25BA} => C:\Program Files\EgisTec\MyWinLocker 3\x86\psdprotect.dll [2008-10-27] (EgisTec Inc.)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://homepage.acer.com/rdr.aspx?b=ACAW&l=040c&s=2&o=vb32&d=0714&m=aspire_5738
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
HKU\S-1-5-21-2479039357-964687795-465899863-1000\Software\Microsoft\Internet Explorer\Main,Start Page = http://fr.msn.com/?pc=UP97&ocid=UP97DHP
HKU\S-1-5-21-2479039357-964687795-465899863-1000\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://homepage.acer.com/rdr.aspx?b=ACAW&l=040c&s=2&o=vb32&d=0714&m=aspire_5738
HKU\S-1-5-21-2479039357-964687795-465899863-1000\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = http://homepage.acer.com/rdr.aspx?b=ACAW&l=040c&s=2&o=vb32&d=0714&m=aspire_5738
http://global.acer.com
HKU\S-1-5-21-2479039357-964687795-465899863-1000\Software\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = http://global.acer.com
SearchScopes: HKLM -> DefaultScope {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL = http://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7ACAW
SearchScopes: HKLM -> {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL = http://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7ACAW
SearchScopes: HKU\S-1-5-21-2479039357-964687795-465899863-1000 -> DefaultScope {105E99FF-8B9A-4492-B155-06194B9056D2} URL = http://www.bing.com/search?FORM=UP97DF&PC=UP97&q={searchTerms}&src=IE-SearchBox
SearchScopes: HKU\S-1-5-21-2479039357-964687795-465899863-1000 -> {105E99FF-8B9A-4492-B155-06194B9056D2} URL = http://www.bing.com/search?FORM=UP97DF&PC=UP97&q={searchTerms}&src=IE-SearchBox
BHO: MSS+ Identifier -> {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} -> C:\Program Files\McAfee Security Scan\3.8.150\McAfeeMSS_IE.dll [2014-04-09] (McAfee, Inc.)
BHO: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2008-06-11] (Adobe Systems Incorporated)
BHO: McAfee Phishing Filter -> {27B4851A-3207-45A2-B947-BE8AFE6163AB} -> C:\Program Files\McAfee\MSK\MskAPBho.dll [2008-09-22] ()
BHO: No Name -> {5C255C8A-E604-49b4-9D64-90988571CECB} -> No File
BHO: PDF Architect Helper -> {691B33B0-B86E-47F3-81C7-56E4FE3B929C} -> C:\Program Files\PDF Architect 2\creator-ie-helper.dll [2014-10-10] (pdfforge GmbH)
BHO: scriptproxy -> {7DB2D5A0-7241-4E79-B68D-6309F01C5231} -> C:\Program Files\McAfee\VirusScan\scriptsn.dll [2008-09-26] (McAfee, Inc.)
BHO: Programme d'aide de l'Assistant de connexion Windows Live -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-02-17] (Microsoft Corporation)
BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2014-07-07] (Google Inc.)
BHO: Google Toolbar Notifier BHO -> {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} -> C:\Program Files\Google\GoogleToolbarNotifier\5.2.4204.1700\swg.dll [2014-07-07] (Google Inc.)
BHO: McAfee SiteAdvisor BHO -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> c:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll [2008-09-04] ()
BHO: Google Dictionary Compression sdch -> {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} -> C:\Program Files\Google\Google Toolbar\Component\fastsearch_B7C5AC242193BB3E.dll [2014-07-07] (Google Inc.)
BHO: HP Smart BHO Class -> {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} -> C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll [2007-11-06] (Hewlett-Packard Co.)
Toolbar: HKLM - McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll [2008-09-04] ()
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2014-07-07] (Google Inc.)
Toolbar: HKLM - PDF Architect Toolbar - {DEEB13D7-CEA9-45FB-B77C-E039BEC85221} - C:\Program Files\PDF Architect 2\creator-ie-plugin.dll [2014-10-10] (pdfforge GmbH)
Toolbar: HKU\S-1-5-21-2479039357-964687795-465899863-1000 -> Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2014-07-07] (Google Inc.)
Handler: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.14.0.8050.1202.dll [2008-12-02] (Microsoft Corporation)
Handler: ms-itss - {0A9007C0-4076-11D3-8789-0000F8105754} - c:\Program Files\Common Files\Microsoft Shared\Information Retrieval\msitss.dll [2007-06-09] (Microsoft Corporation)
Handler: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.14.0.8050.1202.dll [2008-12-02] (Microsoft Corporation)
Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll [2008-09-04] ()
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{46A56247-E573-41A1-9AF9-746DA9CDF9A5}: [DhcpNameServer] 192.168.1.1

FireFox:
========
FF ProfilePath: C:\Users\van\AppData\Roaming\Mozilla\Firefox\Profiles\3e6du8sk.default
FF SearchEngineOrder.3: Bing
FF Homepage: hxxp://www.google.com/
FF Keyword.URL: hxxp://www.bing.com/search?FORM=UP97DF&PC=UP97&q=
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32_18_0_0_209.dll [2015-07-15] ()
FF Plugin: @microsoft.com/WLPG,version=14.0.8051.1204 -> C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll [2008-12-04] (Microsoft Corporation)
FF Plugin: @microsoft.com/WPF,version=3.5 -> c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll [2008-07-29] (Microsoft Corporation)
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.28.1\npGoogleUpdate3.dll [2015-07-16] (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.28.1\npGoogleUpdate3.dll [2015-07-16] (Google Inc.)
FF Plugin: PDF Architect 2 -> C:\Program Files\PDF Architect 2\np-previewer.dll [2014-10-10] (pdfforge GmbH)
FF Plugin HKU\S-1-5-21-2479039357-964687795-465899863-1000: @Skype Limited.com/Facebook Video Calling Plugin -> C:\Users\van\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll [2014-07-24] (Skype Limited)
FF SearchPlugin: C:\Users\van\AppData\Roaming\Mozilla\Firefox\Profiles\3e6du8sk.default\searchplugins\Web Search.xml [2014-11-05]
FF Extension: CinPlus-2.4c - C:\Users\van\AppData\Roaming\Mozilla\Firefox\Profiles\3e6du8sk.default\Extensions\0cd1569197354ecf9be03@d3ee3bc4210848f7b5a58324f064f(23).com [2015-06-18]
FF Extension: CinemaP-1.1c - C:\Users\van\AppData\Roaming\Mozilla\Firefox\Profiles\3e6du8sk.default\Extensions\172cfb0d00604ca2807d96193776c@90fc73dda8c44c58a81f097d.com [2015-07-09]
FF Extension: Fast Start - C:\Users\van\AppData\Roaming\Mozilla\Firefox\Profiles\3e6du8sk.default\Extensions\faststartff@gmail.com [2014-11-04]
FF Extension: less2pay - C:\Users\van\AppData\Roaming\Mozilla\Firefox\Profiles\3e6du8sk.default\Extensions\lB@f.org [2014-11-05]
FF Extension: SaveRonn - C:\Users\van\AppData\Roaming\Mozilla\Firefox\Profiles\3e6du8sk.default\Extensions\n.ouyi@zsgdzraiq.net [2014-09-21]
FF Extension: Browser_Apps_Pro - C:\Users\van\AppData\Roaming\Mozilla\Firefox\Profiles\3e6du8sk.default\Extensions\wrigtdamon@yahoo.com [2015-06-30]
FF Extension: Shopping Helper Smartbar - C:\Users\van\AppData\Roaming\Mozilla\Firefox\Profiles\3e6du8sk.default\Extensions\{4d6d82ea-cce8-77b4-c979-039e56d5f5cd} [2014-11-05]
FF Extension: Groovorio - C:\Users\van\AppData\Roaming\Mozilla\Firefox\Profiles\3e6du8sk.default\Extensions\{73843edf-1075-4a55-947c-e13e0dc9349e} [2014-08-27]
FF Extension: Astrmenda Search - C:\Users\van\AppData\Roaming\Mozilla\Firefox\Profiles\3e6du8sk.default\Extensions\{8dc5c42e-9204-2a64-8b97-fa94ff8a241f} [2014-11-02]
FF HKLM\...\Firefox\Extensions: [{B7082FAA-CB62-4872-9106-E42DD88EDE45}] - C:\Program Files\McAfee\SiteAdvisor
FF Extension: McAfee SiteAdvisor - C:\Program Files\McAfee\SiteAdvisor [2009-03-11]
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF Extension: Microsoft .NET Framework Assistant - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension [2014-07-07]
FF HKLM\...\Firefox\Extensions: [pdf_architect_2_conv@pdfarchitect.org] - C:\Program Files\PDF Architect 2\resources\pdfarchitect2firefoxextension
FF Extension: PDF Architect 2 Creator - C:\Program Files\PDF Architect 2\resources\pdfarchitect2firefoxextension [2015-02-25]
FF HKU\S-1-5-21-2479039357-964687795-465899863-1000\...\Firefox\Extensions: [{e4f94d1e-2f53-401e-8885-681602c0ddd8}] - C:\ProgramData\McAfee Security Scan\Extensions\{e4f94d1e-2f53-401e-8885-681602c0ddd8}.xpi
FF Extension: McAfee Security Scan Plus - C:\ProgramData\McAfee Security Scan\Extensions\{e4f94d1e-2f53-401e-8885-681602c0ddd8}.xpi [2014-04-04]

Chrome:
=======
CHR Profile: C:\Users\van\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Slides) - C:\Users\van\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-07-06]
CHR Extension: (Google Docs) - C:\Users\van\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-07-06]
CHR Extension: (Google Drive) - C:\Users\van\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-07-06]
CHR Extension: (YouTube) - C:\Users\van\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-07-06]
CHR Extension: (Google Search) - C:\Users\van\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-07-06]
CHR Extension: (Google Sheets) - C:\Users\van\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-07-06]
CHR Extension: (Avast Online Security) - C:\Users\van\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2015-07-06]
CHR Extension: (Chrome Hotword Shared Module) - C:\Users\van\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-07-06]
CHR Extension: (Google Wallet) - C:\Users\van\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-07-06]
CHR Extension: (Gmail) - C:\Users\van\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-07-06]
CHR HKLM\...\Chrome\Extension: [bopakagnckmlgajfccecajhnimjiiedh] - http://clients2.google.com/service/update2/crx

========================== Services (Whitelisted) =================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 CLHNService; C:\Program Files\Acer Arcade Deluxe\HomeMedia\Kernel\DMP\CLHNService.exe [75048 2008-12-18] ()
R2 ePowerSvc; C:\Program Files\Acer\Acer PowerSmart Manager\ePowerSvc.exe [666144 2009-02-19] (Acer Incorporated)
S3 GoogleDesktopManager-092308-165331; C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe [30192 2014-07-05] (Google)
R3 hpqcxs08; C:\Program Files\HP\Digital Imaging\bin\hpqcxs08.dll [217088 2007-11-06] (Hewlett-Packard Co.) [File not signed]
R2 hpqddsvc; C:\Program Files\HP\Digital Imaging\bin\hpqddsvc.dll [139264 2007-11-06] (Hewlett-Packard Co.) [File not signed]
R2 McAfee SiteAdvisor Service; C:\Program Files\McAfee\SiteAdvisor\McSACore.exe [198432 2008-09-18] ()
S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.8.150\McCHSvc.exe [235696 2014-04-09] (McAfee, Inc.)
R2 mcmscsvc; C:\Program Files\McAfee\MSC\mcmscsvc.exe [792184 2008-09-23] (McAfee, Inc.)
R2 McNASvc; c:\Program Files\Common Files\McAfee\MNA\McNASvc.exe [2482848 2008-09-12] (McAfee, Inc.)
S3 McODS; C:\Program Files\McAfee\VirusScan\mcods.exe [363024 2008-09-26] (McAfee, Inc.)
R2 McProxy; c:\Program Files\Common Files\McAfee\McProxy\McProxy.exe [359248 2008-09-10] (McAfee, Inc.)
R2 McShield; C:\Program Files\McAfee\VirusScan\Mcshield.exe [144704 2008-09-26] (McAfee, Inc.)
R3 McSysmon; C:\Program Files\McAfee\VirusScan\mcsysmon.exe [606736 2008-09-26] (McAfee, Inc.)
R2 MpfService; C:\Program Files\McAfee\MPF\MPFSrv.exe [884360 2008-09-12] (McAfee, Inc.)
R2 MSK80Service; C:\Program Files\McAfee\MSK\MskSrver.exe [25416 2008-09-22] (McAfee, Inc.)
R2 MWLService; C:\Program Files\EgisTec\MyWinLocker 3\x86\\MWLService.exe [306736 2008-10-27] (EgisTec Inc.)
R2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [43520 2006-11-08] (Hewlett-Packard) [File not signed]
R2 NTI IScheduleSvc; C:\Program Files\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe [44800 2009-02-17] (NewTech Infosystems, Inc.)
R2 NTISchedulerSvc; C:\Program Files\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe [144632 2008-09-23] (NewTech Infosystems, Inc.)
S3 PDF Architect 2; C:\Program Files\PDF Architect 2\ws.exe [1771560 2014-10-10] (pdfforge GmbH)
R2 PDF Architect 2 Creator; C:\Program Files\PDF Architect 2\creator-ws.exe [738856 2014-10-10] (pdfforge GmbH)
S3 pdfforge CrashHandler; C:\Program Files\PDF Architect 2\crash-handler-ws.exe [861736 2014-10-10] (pdfforge GmbH)
R2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [53248 2006-11-08] (Hewlett-Packard) [File not signed]
S2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [272952 2008-01-21] (Microsoft Corporation)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 mfeavfk; C:\Windows\System32\drivers\mfeavfk.sys [79272 2008-09-26] (McAfee, Inc.)
R3 mfebopk; C:\Windows\System32\drivers\mfebopk.sys [35240 2008-09-26] (McAfee, Inc.)
R1 mfehidk; C:\Windows\System32\drivers\mfehidk.sys [212968 2008-09-26] (McAfee, Inc.)
S3 mferkdk; C:\Windows\System32\drivers\mferkdk.sys [34216 2008-09-26] (McAfee, Inc.)
R3 mfesmfk; C:\Windows\System32\drivers\mfesmfk.sys [40488 2008-09-26] (McAfee, Inc.)
R1 MPFP; C:\Windows\System32\Drivers\Mpfp.sys [130424 2008-08-26] (McAfee, Inc.)
R2 mwlPSDFilter; C:\Windows\System32\DRIVERS\mwlPSDFilter.sys [19504 2008-10-09] (Egis Incorporated.)
R2 mwlPSDNServ; C:\Windows\System32\DRIVERS\mwlPSDNServ.sys [16432 2008-10-09] (Egis Incorporated.)
R2 mwlPSDVDisk; C:\Windows\System32\DRIVERS\mwlPSDVDisk.sys [59952 2008-10-09] (Egis Incorporated.)
S3 IpInIp; system32\DRIVERS\ipinip.sys [X]
S3 NwlnkFlt; system32\DRIVERS\nwlnkflt.sys [X]
S3 NwlnkFwd; system32\DRIVERS\nwlnkfwd.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-07-17 10:00 - 2015-07-17 10:04 - 00000000 ____D C:\FRST
2015-07-16 17:45 - 2015-07-16 17:45 - 00024576 _____ C:\Users\van\Desktop\cv OUVRIER polyvalent.wps
2015-07-09 18:25 - 2015-07-09 18:25 - 00175684 _____ C:\Users\van\Desktop\DECATHLON vente d'articles, vêtements et chaussures de sport. Vente en ligne et Magasin de sport.htm
2015-07-09 18:25 - 2015-07-09 18:25 - 00000000 ____D C:\Users\van\Desktop\DECATHLON vente d'articles, vêtements et chaussures de sport. Vente en ligne et Magasin de sport_fichiers
2015-07-09 13:56 - 2015-07-09 13:56 - 00000104 _____ C:\Users\van\Desktop\Ordinateur - Raccourci.lnk
2015-07-06 21:24 - 2015-07-06 21:28 - 00000000 ____D C:\Windows\system32\vbox
2015-07-06 21:23 - 2015-07-15 22:37 - 00001973 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2015-07-06 21:23 - 2015-07-06 21:23 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2015-07-06 21:22 - 2015-07-17 09:41 - 00001056 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-07-06 21:22 - 2015-07-17 09:19 - 00001052 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-07-06 21:15 - 2015-07-09 10:16 - 00000000 ____D C:\ProgramData\AVAST Software
2015-06-24 17:01 - 2015-06-24 17:06 - 00000000 ____D C:\Users\van\Desktop\gdf aide
2015-06-17 01:01 - 2015-06-17 01:01 - 01202856 _____ (Microsoft Corporation) C:\Windows\system32\FM20.DLL

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-07-17 09:58 - 2006-11-02 14:45 - 00003216 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
2015-07-17 09:58 - 2006-11-02 14:45 - 00003216 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
2015-07-17 09:21 - 2009-03-11 22:13 - 00012233 _____ C:\Windows\system32\Config.MPF
2015-07-17 09:19 - 2014-07-10 09:52 - 00079339 _____ C:\ProgramData\nvModes.dat
2015-07-17 09:19 - 2014-07-10 09:52 - 00079339 _____ C:\ProgramData\nvModes.001
2015-07-17 09:19 - 2006-11-02 14:58 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2015-07-16 20:32 - 2014-07-05 16:24 - 01739159 _____ C:\Windows\WindowsUpdate.log
2015-07-16 20:32 - 2006-11-02 14:58 - 00032590 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2015-07-16 20:09 - 2014-07-07 22:46 - 00001002 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-07-16 19:10 - 2014-09-07 01:03 - 00000920 _____ C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2479039357-964687795-465899863-1000UA.job
2015-07-16 17:49 - 2015-02-25 12:05 - 00000000 ____D C:\Users\van\Documents\PDF Architect 2
2015-07-16 17:48 - 2014-07-31 16:50 - 00008184 _____ C:\Users\van\AppData\Roaming\wklnhst.dat
2015-07-16 14:24 - 2014-07-31 09:46 - 00021504 _____ C:\Users\van\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2015-07-15 23:41 - 2014-07-07 22:50 - 00000000 ____D C:\Windows\system32\MRT
2015-07-15 23:31 - 2009-03-11 22:26 - 00000000 ____D C:\ProgramData\Microsoft Help
2015-07-15 23:09 - 2014-07-07 22:46 - 00778416 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
2015-07-15 23:09 - 2014-07-07 22:46 - 00142512 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl
2015-07-15 22:17 - 2008-01-21 05:02 - 01316436 _____ C:\Windows\PFRO.log
2015-07-12 15:59 - 2009-03-11 22:01 - 00000000 ____D C:\Program Files\McAfee
2015-07-07 12:37 - 2014-11-25 20:20 - 00000000 ____D C:\Users\van\Desktop\DOSSIER CHOMAGE ANGE
2015-07-07 10:30 - 2015-05-19 11:30 - 00000000 ____D C:\Program Files\Mozilla Firefox
2015-07-07 10:30 - 2014-09-23 14:58 - 00000000 ____D C:\Program Files\Mozilla Maintenance Service
2015-07-06 21:25 - 2014-07-05 16:37 - 00000000 ____D C:\Users\van\AppData\Local\Google
2015-07-06 21:22 - 2014-07-05 16:35 - 00000000 ____D C:\Program Files\Google
2015-07-06 21:05 - 2014-08-27 10:28 - 00000862 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2015-07-06 21:05 - 2014-08-27 10:28 - 00000850 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk
2015-07-06 14:07 - 2006-11-02 12:33 - 01495948 _____ C:\Windows\system32\PerfStringBackup.INI
2015-07-05 22:23 - 2014-08-28 20:23 - 00000000 ____D C:\Users\van\Desktop\musique
2015-07-03 22:40 - 2009-03-11 22:26 - 00000000 ____D C:\Program Files\Microsoft Office
2015-07-03 08:49 - 2006-11-02 12:24 - 127070192 _____ (Microsoft Corporation) C:\Windows\system32\mrt.exe
2015-06-28 10:46 - 2014-08-08 22:52 - 00007592 _____ C:\Users\van\AppData\Local\d3d9caps.dat
2015-06-26 10:31 - 2015-01-13 11:26 - 00000000 ____D C:\Users\van\Desktop\dossier assu maison
2015-06-24 20:27 - 2014-07-08 10:03 - 00000000 ____D C:\ProgramData\HP Product Assistant
2015-06-24 20:27 - 2014-07-07 22:46 - 00000000 ____D C:\ProgramData\McAfee Security Scan
2015-06-24 20:27 - 2006-11-02 13:18 - 00000000 ____D C:\Windows\system32\spool
2015-06-24 20:27 - 2006-11-02 13:18 - 00000000 ____D C:\Windows\system32\Msdtc
2015-06-24 20:27 - 2006-11-02 13:18 - 00000000 ____D C:\Windows\registration
2015-06-24 20:27 - 2006-11-02 12:22 - 34603008 _____ C:\Windows\system32\config\software_previous
2015-06-24 20:27 - 2006-11-02 12:22 - 19922944 _____ C:\Windows\system32\config\system_previous
2015-06-24 20:20 - 2006-11-02 12:22 - 37224448 _____ C:\Windows\system32\config\components_previous
2015-06-24 20:20 - 2006-11-02 12:22 - 00262144 _____ C:\Windows\system32\config\sam_previous
2015-06-24 10:28 - 2014-07-05 16:34 - 00000000 ____D C:\Users\van
2015-06-24 10:09 - 2006-11-02 12:22 - 00262144 _____ C:\Windows\system32\config\security_previous
2015-06-24 10:09 - 2006-11-02 12:22 - 00262144 _____ C:\Windows\system32\config\default_previous

==================== Files in the root of some directories =======

2014-11-04 10:11 - 2014-11-04 10:12 - 0001304 _____ () C:\Users\van\AppData\Roaming\Bubble Dock.boostrap.log
2014-11-04 10:11 - 2014-11-04 10:12 - 0005758 _____ () C:\Users\van\AppData\Roaming\Bubble Dock.installation.log
2014-09-01 10:18 - 2014-09-01 10:18 - 0002086 _____ () C:\Users\van\AppData\Roaming\CJ
2014-11-05 11:57 - 2014-11-05 11:57 - 0000008 _____ () C:\Users\van\AppData\Roaming\handle.txt
2014-09-01 10:18 - 2014-09-01 10:18 - 0002086 _____ () C:\Users\van\AppData\Roaming\IEMHBS
2014-09-01 10:18 - 2014-09-01 10:18 - 0002086 _____ () C:\Users\van\AppData\Roaming\LWMA
2014-09-01 10:18 - 2014-09-01 10:18 - 0001248 _____ () C:\Users\van\AppData\Roaming\MEERRVDB
2014-11-04 10:11 - 2014-11-04 10:11 - 0000097 _____ () C:\Users\van\AppData\Roaming\WindApp.boostrap.log
2014-11-04 10:12 - 2014-11-04 10:12 - 0000374 _____ () C:\Users\van\AppData\Roaming\WindApp.installation.log
2014-07-31 16:50 - 2015-07-16 17:48 - 0008184 _____ () C:\Users\van\AppData\Roaming\wklnhst.dat
2014-09-01 10:18 - 2014-09-01 10:18 - 0001248 _____ () C:\Users\van\AppData\Roaming\XHSNJRC
2014-09-01 10:18 - 2014-09-01 10:18 - 0001248 _____ () C:\Users\van\AppData\Roaming\ZWNTMI
2014-08-08 22:52 - 2015-06-28 10:46 - 0007592 _____ () C:\Users\van\AppData\Local\d3d9caps.dat
2014-07-31 09:46 - 2015-07-16 14:24 - 0021504 _____ () C:\Users\van\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2014-07-05 16:46 - 2014-07-05 16:46 - 0003070 _____ () C:\Users\van\AppData\Local\MyWinLockerInstaller.txt-20140705.log
2009-03-11 22:41 - 2014-07-05 16:49 - 0004531 _____ () C:\ProgramData\ArcadeDeluxe2.log
2014-07-08 09:59 - 2014-07-08 10:07 - 0000814 _____ () C:\ProgramData\hpzinstall.log
2014-07-10 09:52 - 2015-07-17 09:19 - 0079339 _____ () C:\ProgramData\nvModes.001
2014-07-10 09:52 - 2015-07-17 09:19 - 0079339 _____ () C:\ProgramData\nvModes.dat

Some files in TEMP:
====================
C:\Users\van\AppData\Local\Temp\RtkBtMnt.exe


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\explorer.exe => File is digitally signed
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2015-07-17 09:28

==================== End of log ============================

Publicité


Signaler le contenu de ce document

Publicité