cjoint

Publicité


Publicité

Format du document : text/plain

Prévisualisation

Résultats d'analyse de Farbar Recovery Scan Tool (FRST) (x64) Version:03-10-2015
Exécuté par user (administrateur) sur USER-PC (03-10-2015 17:45:28)
Exécuté depuis C:\Users\user\Downloads
Profils chargés: user (Profils disponibles: user)
Platform: Windows 7 Ultimate (X64) Langue: Français (France)
Internet Explorer Version 8 (Navigateur par défaut: "C:\Program Files (x86)\Comodo\Dragon\dragon.exe" -- "%1")
Mode d'amorçage: Normal
Tutoriel pour Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processus (Avec liste blanche) =================

(Si un élément est inclus dans le fichier fixlist.txt, le processus sera arrêté. Le fichier ne sera pas déplacé.)

(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Andrea Electronics Corporation) C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_21dba265e7e67cda\AESTSr64.exe
(Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\AdminService.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
(Bandoo Media Inc.) C:\Program Files (x86)\Movies App\Datamngr\DatamngrCoordinator.exe
(Comodo) C:\Program Files (x86)\Comodo\Dragon\dragon_updater.exe
(Atheros Communications) C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Bandoo Media Inc.) C:\Users\user\AppData\Local\iLivid\iLivid.exe
(Softonic) C:\Users\user\AppData\Local\Softonic\Softonic.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
() C:\ProgramData\DatacardService\HWDeviceService64.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
(Huawei Technologies Co., Ltd.) C:\ProgramData\DatacardService\DCSHelper.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Common Files\microsoft shared\VS7DEBUG\mdm.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe
() C:\Program Files (x86)\HSPA USB Modem\HSPALauncher.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Microsoft Corporation) C:\Windows\SysWOW64\rundll32.exe
() C:\ProgramData\MobiConnect\OnlineUpdate\ouc.exe
(Mobogenie.com) C:\Program Files (x86)\Mobogenie3\MobogenieService.exe
(TorchMedia Inc.) C:\Users\user\AppData\Local\Torch\Update\TorchCrashHandler.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Atheros) C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
() C:\Program Files (x86)\Mobogenie3\MoboGenieHelper.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe


==================== Registre (Avec liste blanche) ===========================

(Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé. Le fichier ne sera pas déplacé.)

HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [6134544 2015-10-03] (AVAST Software)
Winlogon\Notify\igfxcui: C:\Windows\SYSTEM32\igfxdev.dll (Intel Corporation)
HKLM\...\Policies\Explorer\Run: [Updates] => C:\system32\SystemProtection.exe [168960 2009-07-14] (Microsoft Corporation)
HKU\S-1-5-21-525511023-1545148274-1875787337-1000\...\Policies\system: [DisableCMD] 0
HKU\S-1-5-21-525511023-1545148274-1875787337-1000\...\MountPoints2: {09372459-4f0e-11e0-a87f-806e6f6e6963} - E:\autorun.exe
HKU\S-1-5-21-525511023-1545148274-1875787337-1000\...\MountPoints2: {1e9dd897-778c-11e2-bbeb-80c16e4e3d76} - G:\autorun.exe
HKU\S-1-5-21-525511023-1545148274-1875787337-1000\...\MountPoints2: {2a596635-76cc-11e2-9c94-80c16e4e3d76} - F:\autorun.exe
HKU\S-1-5-21-525511023-1545148274-1875787337-1000\...\MountPoints2: {409e7220-1138-11e1-ab23-806e6f6e6963} - E:\AUTORUN.EXE
HKU\S-1-5-21-525511023-1545148274-1875787337-1000\...\MountPoints2: {b2253777-8dc5-11e3-a311-80c16e4e3d76} - F:\AutoRun.exe
HKU\S-1-5-21-525511023-1545148274-1875787337-1000\...\MountPoints2: {b22537a9-8dc5-11e3-a311-80c16e4e3d76} - F:\AutoRun.exe
IFEO\bitguard.exe: [Debugger] tasklist.exe
IFEO\bprotect.exe: [Debugger] tasklist.exe
IFEO\bpsvc.exe: [Debugger] tasklist.exe
IFEO\browsemngr.exe: [Debugger] tasklist.exe
IFEO\browserdefender.exe: [Debugger] tasklist.exe
IFEO\browsermngr.exe: [Debugger] tasklist.exe
IFEO\browserprotect.exe: [Debugger] tasklist.exe
IFEO\browsersafeguard.exe: [Debugger] tasklist.exe
IFEO\bundlesweetimsetup.exe: [Debugger] tasklist.exe
IFEO\cltmngsvc.exe: [Debugger] tasklist.exe
IFEO\delta babylon.exe: [Debugger] tasklist.exe
IFEO\delta tb.exe: [Debugger] tasklist.exe
IFEO\delta2.exe: [Debugger] tasklist.exe
IFEO\deltainstaller.exe: [Debugger] tasklist.exe
IFEO\deltasetup.exe: [Debugger] tasklist.exe
IFEO\deltatb.exe: [Debugger] tasklist.exe
IFEO\deltatb_2501-c733154b.exe: [Debugger] tasklist.exe
IFEO\dprotectsvc.exe: [Debugger] tasklist.exe
IFEO\iminentsetup.exe: [Debugger] tasklist.exe
IFEO\jumpflip: [Debugger] tasklist.exe
IFEO\protectedsearch.exe: [Debugger] tasklist.exe
IFEO\rjatydimofu.exe: [Debugger] tasklist.exe
IFEO\searchinstaller.exe: [Debugger] tasklist.exe
IFEO\searchprotection.exe: [Debugger] tasklist.exe
IFEO\searchprotector.exe: [Debugger] tasklist.exe
IFEO\searchsettings.exe: [Debugger] tasklist.exe
IFEO\searchsettings64.exe: [Debugger] tasklist.exe
IFEO\snapdo.exe: [Debugger] tasklist.exe
IFEO\stinst32.exe: [Debugger] tasklist.exe
IFEO\stinst64.exe: [Debugger] tasklist.exe
IFEO\sweetimsetup.exe: [Debugger] tasklist.exe
IFEO\tbdelta.exetoolbar783881609.exe: [Debugger] tasklist.exe
IFEO\umbrella.exe: [Debugger] tasklist.exe
IFEO\utiljumpflip.exe: [Debugger] tasklist.exe
IFEO\volaro: [Debugger] tasklist.exe
IFEO\vonteera: [Debugger] tasklist.exe
IFEO\websteroids.exe: [Debugger] tasklist.exe
IFEO\websteroidsservice.exe: [Debugger] tasklist.exe
Lsa: [Notification Packages] scecli C:\Program Files\WIDCOMM\Bluetooth Software\BtwProximityCP.dll
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2015-10-03] (AVAST Software)
ShellIconOverlayIdentifiers: [IDM Shell Extension] -> {CDC95B92-E27C-4745-A8C5-64A52A78855D} => F:\Internet Download Manager v5.14 [Full Activation]\Internet Download Manager v5.14 [Full Activation]\Crack\IDMShellExt64.dll Pas de fichier

==================== Internet (Avec liste blanche) ====================

(Si un élément est inclus dans le fichier fixlist.txt, s'il s'agit d'un élément du Registre, il sera supprimé ou restauré à la valeur par défaut.)

Tcpip\Parameters: [DhcpNameServer] 192.168.1.1 0.0.0.0
Tcpip\..\Interfaces\{062E0960-E1A1-4281-A451-17B8731F2598}: [NameServer] 192.168.1.1
Tcpip\..\Interfaces\{06FBC39D-F12A-4EB1-A7FD-5745CB6C16E8}: [DhcpNameServer] 192.168.1.1 0.0.0.0
Tcpip\..\Interfaces\{4A634289-42E6-40AF-96D5-9D79868CD026}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{770EB697-53AB-4967-A101-6FBA298851F0}: [NameServer] 8.8.8.8 0.0.0.0
Tcpip\..\Interfaces\{D9F55BDD-5A8E-44BF-A332-18AB1C47D658}: [DhcpNameServer] 192.168.1.1 192.168.1.1

Internet Explorer:
==================
HKU\S-1-5-21-525511023-1545148274-1875787337-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.search.ask.com/?o=APN10645A&gct=hp&d=406-20&v=a15946-282&t=4
HKU\S-1-5-21-525511023-1545148274-1875787337-1000\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://fr.msn.com/?ocid=iehp
SearchScopes: HKLM -> {9BB47C17-9C68-4BB3-B188-DD9AF0FD2406} URL = hxxp://dts.search.ask.com/sr?src=ieb&gct=ds&appid=20&systemid=406&v=a15946-282&apn_uid=3435909551474800&apn_dtid=BND406&o=APN10645&apn_ptnrs=AG6&q={searchTerms}
SearchScopes: HKLM-x32 -> {9BB47C17-9C68-4BB3-B188-DD9AF0FD2406} URL = hxxp://dts.search.ask.com/sr?src=ieb&gct=ds&appid=20&systemid=406&v=a15946-282&apn_uid=3435909551474800&apn_dtid=BND406&o=APN10645&apn_ptnrs=AG6&q={searchTerms}
SearchScopes: HKLM-x32 -> {cf6e4b1c-dbde-457e-9cef-ab8ecac8a5e8} URL = hxxp://search.tb.ask.com/search/GGmain.jhtml?p2=^HJ^xdm477^YYA^dz&si=MA_VDC_INTL_ALG-6&ptb=76EB4F8D-3524-4FB7-B35C-79645CBE1182&ind=2014100314&n=780cbb5a&psa=&st=sb&searchfor={searchTerms}
SearchScopes: HKU\S-1-5-21-525511023-1545148274-1875787337-1000 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?FORM=WLETDF&PC=WLEM&q={searchTerms}&src=IE-SearchBox
SearchScopes: HKU\S-1-5-21-525511023-1545148274-1875787337-1000 -> {9BB47C17-9C68-4BB3-B188-DD9AF0FD2406} URL = hxxp://dts.search.ask.com/sr?src=ieb&gct=ds&appid=20&systemid=406&v=a15946-282&apn_uid=3435909551474800&apn_dtid=BND406&o=APN10645&apn_ptnrs=AG6&q={searchTerms}
SearchScopes: HKU\S-1-5-21-525511023-1545148274-1875787337-1000 -> {cf6e4b1c-dbde-457e-9cef-ab8ecac8a5e8} URL = hxxp://search.tb.ask.com/search/GGmain.jhtml?p2=^HJ^xdm477^YYA^dz&si=MA_VDC_INTL_ALG-6&ptb=76EB4F8D-3524-4FB7-B35C-79645CBE1182&ind=2014100314&n=780cbb5a&psa=&st=sb&searchfor={searchTerms}
BHO: IDM integration (IDMIEHlprObj Class) -> {0055C089-8582-441B-A0BF-17B458C2A3A8} -> F:\Internet Download Manager v5.14 [Full Activation]\Internet Download Manager v5.14 [Full Activation]\Crack\IDMIECC64.dll Pas de fichier
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2015-10-03] (AVAST Software)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21] (Microsoft Corp.)
BHO: Pas de nom -> {d1dac034-9fd9-4c13-a388-d2e10e57707f} -> Pas de fichier
BHO-x32: IDM integration (IDMIEHlprObj Class) -> {0055C089-8582-441B-A0BF-17B458C2A3A8} -> F:\Internet Download Manager v5.14 [Full Activation]\Internet Download Manager v5.14 [Full Activation]\Crack\IDMIECC.dll Pas de fichier
BHO-x32: CIESpeechBHO Class -> {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} -> C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll [2011-10-13] (Atheros Commnucations)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2015-10-03] (AVAST Software)
BHO-x32: Programme d'aide de l'Assistant de connexion Windows Live ID -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21] (Microsoft Corp.)
BHO-x32: Windows Live Messenger Companion Helper -> {9FDDE16B-836F-4806-AB1F-1455CBEFF289} -> C:\Program Files (x86)\Windows Live\Companion\companioncore.dll [2010-09-23] (Microsoft Corporation)
BHO-x32: Pas de nom -> {d1dac034-9fd9-4c13-a388-d2e10e57707f} -> Pas de fichier
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll [2011-03-15] (Sun Microsystems, Inc.)
Toolbar: HKLM - Pas de nom - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - Pas de fichier
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll [2011-11-03] (Skype Technologies)
Filter: deflate - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\system32\urlmon.dll [2009-07-14] (Microsoft Corporation)
Filter-x32: deflate - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\SysWOW64\urlmon.dll [2009-07-14] (Microsoft Corporation)
Filter: gzip - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\system32\urlmon.dll [2009-07-14] (Microsoft Corporation)
Filter-x32: gzip - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\SysWOW64\urlmon.dll [2009-07-14] (Microsoft Corporation)

FireFox:
========
FF ProfilePath: C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\919alshl.default
FF DefaultSearchEngine: Ask.com
FF SearchEngineOrder.1: Ask.com
FF SelectedSearchEngine: Google
FF Homepage: hxxp://home.tb.ask.com/index.jhtml?ptb=752197B1-87C8-4922-A25D-5DF26967D14E&n=781a9d3e&p2=^UX^xdm127^YYA^dz&si=GDND2DINbg5DZ
FF Keyword.URL: hxxp://search.tb.ask.com/search/GGmain.jhtml?st=kwd&ptb=752197B1-87C8-4922-A25D-5DF26967D14E&n=781a9d3e&ind=2015010110&p2=^UX^xdm127^YYA^dz&si=GDND2DINbg5DZ&searchfor=
FF Plugin: @microsoft.com/GENUINE -> disabled [Pas de fichier]
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll [2011-03-15] ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\system32\Adobe\Director\np32dsw.dll [Pas de fichier]
FF Plugin-x32: @java.com/JavaPlugin -> C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll [2011-03-15] (Sun Microsystems, Inc.)
FF Plugin-x32: @messenger.yahoo.com/YahooMessengerStatePlugin;version=1.0.0.6 -> C:\Program Files (x86)\Yahoo!\Shared\npYState.dll [2009-11-10] (Yahoo! Inc.)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [Pas de fichier]
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\4.0.50401.0\npctrl.dll [2010-04-01] ( Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-09-21] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-09-21] (Google Inc.)
FF Plugin-x32: @VideoDownloadConverter_4z.com/Plugin -> C:\Program Files (x86)\VideoDownloadConverter_4z\bar\1.bin\NP4zStub.dll [Pas de fichier]
FF Plugin-x32: @videolan.org/vlc,version=2.0.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2012-07-19] (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll [2014-12-03] (Adobe Systems Inc.)
FF Plugin-x32: TorchVLC -> C:\Users\user\AppData\Local\Torch\Plugins\Video\VLC\npvlc.dll [2013-07-30] (VideoLAN)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npdeployJava1.dll [2011-03-15] (Sun Microsystems, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\NPOFF12.DLL [2006-10-26] (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll [2014-12-03] (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin.dll [2012-10-25] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin2.dll [2012-10-25] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin3.dll [2012-10-25] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin4.dll [2012-10-25] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin5.dll [2012-10-25] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin6.dll [2012-10-25] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin7.dll [2012-10-25] (Apple Inc.)
FF SearchPlugin: C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\919alshl.default\searchplugins\ask-web-search.xml [2015-01-01]
FF SearchPlugin: C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\919alshl.default\searchplugins\Ask.xml [2015-05-02]
FF Extension: MapsGalaxy - C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\919alshl.default\Extensions\39ffxtbr@MapsGalaxy_39.com [2015-01-01]
FF Extension: VideoDownloadConverter - C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\919alshl.default\Extensions\4zffxtbr@VideoDownloadConverter_4z.com [2014-12-19]
FF Extension: Movies Toolbar (Dist. by Bandoo Media, Inc.) - C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\919alshl.default\Extensions\{d1dac034-9fd9-4c13-a388-d2e10e57707f} [2014-03-10]
FF Extension: Test Pilot - C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\919alshl.default\Extensions\testpilot@labs.mozilla.com.xpi [2012-10-25]
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2015-10-03]
FF HKU\S-1-5-21-525511023-1545148274-1875787337-1000\...\Firefox\Extensions: [mozilla_cc@internetdownloadmanager.com] - C:\Users\user\AppData\Roaming\IDM\idmmzcc5
FF Extension: IDM CC - C:\Users\user\AppData\Roaming\IDM\idmmzcc5 [2014-08-01]
FF HKU\S-1-5-21-525511023-1545148274-1875787337-1000\...\SeaMonkey\Extensions: [mozilla_cc@internetdownloadmanager.com] - C:\Users\user\AppData\Roaming\IDM\idmmzcc5

Chrome:
=======
CHR StartupUrls: Default -> "hxxp://www.google.com/"
CHR Profile: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Docs) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-03-11]
CHR Extension: (Google Drive) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-03-11]
CHR Extension: (YouTube) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-03-11]
CHR Extension: (Recherche Google) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-03-11]
CHR Extension: (Google Docs hors connexion) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2015-09-21]
CHR Extension: (Avast Online Security) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2015-10-03]
CHR Extension: (Chrome Hotword Shared Module) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-03-13]
CHR Extension: (Paiements via le Chrome Web Store) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-04-21]
CHR Extension: (Gmail) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-03-11]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2015-10-03]
CHR HKLM-x32\...\Chrome\Extension: [jeaohhlajejodfjadcponpnjgkiikocn] - F:\Internet Download Manager v5.14 [Full Activation]\Internet Download Manager v5.14 [Full Activation]\Crack\IDMGCExt.crx

==================== Services (Avec liste blanche) ========================

(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)

R2 AESTFilters; C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_21dba265e7e67cda\AESTSr64.exe [89600 2009-03-03] (Andrea Electronics Corporation)
R2 AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [105120 2011-10-13] (Atheros Commnucations) [Fichier non signé]
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [146600 2015-10-03] (AVAST Software)
R2 DatamngrCoordinator; C:\Program Files (x86)\Movies App\Datamngr\DatamngrCoordinator.exe [3204296 2015-03-23] (Bandoo Media Inc.)
R2 DragonUpdater; C:\Program Files (x86)\Comodo\Dragon\dragon_updater.exe [1994936 2015-06-26] (Comodo)
R2 HWDeviceService64.exe; C:\ProgramData\DatacardService\HWDeviceService64.exe [346976 2011-03-14] ()
R2 LightScribeService; C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe [73728 2008-06-09] (Hewlett-Packard Company) [Fichier non signé]
R2 MDM; C:\Program Files (x86)\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe [335872 2006-10-26] (Microsoft Corporation) [Fichier non signé]
S2 MobiConnect. RunOuc; C:\Program Files (x86)\MobiConnect\UpdateDog\ouc.exe [240480 2014-02-04] ()
R2 MobogenieService; C:\Program Files (x86)\Mobogenie3\MobogenieService.exe [127680 2015-05-28] (Mobogenie.com) [Fichier non signé]
S3 NMIndexingService; C:\Program Files (x86)\Common Files\Ahead\Lib\NMIndexingService.exe [279848 2007-06-27] (Nero AG)
S2 STacSV; C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_21dba265e7e67cda\STacSV64.exe [244736 2010-01-29] (IDT, Inc.)
R2 Themes; C:\Windows\system32\themeservice.dll [44544 2010-07-09] (Microsoft Corporation) [Fichier non signé]
R2 TorchCrashHandler; C:\Users\user\AppData\Local\Torch\Update\TorchCrashHandler.exe [1217032 2015-04-02] (TorchMedia Inc.) <==== ATTENTION
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2009-07-14] (Microsoft Corporation)
R2 ZAtheros Bt&Wlan Coex Agent; C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe [158880 2011-10-13] (Atheros) [Fichier non signé]

===================== Pilotes (Avec liste blanche) ==========================

(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)

R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [28656 2015-10-03] (AVAST Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [90968 2015-10-03] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93528 2015-10-03] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65224 2015-10-03] (AVAST Software)
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1049880 2015-10-03] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [448968 2015-10-03] (AVAST Software)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [153744 2015-10-03] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [274808 2015-10-03] (AVAST Software)
S3 bcbtums; C:\Windows\System32\drivers\bcbtums.sys [133672 2011-08-30] (Broadcom Corporation.)
S3 BTWDPAN; C:\Windows\System32\DRIVERS\btwdpan.sys [89640 2011-08-30] (Broadcom Corporation.)
S3 cmusbser; C:\Windows\System32\DRIVERS\cmusbser.sys [118144 2008-08-29] (Mobile Connector)
S3 ebdrv; C:\Windows\system32\DRIVERS\evbda.sys [3286016 2009-06-10] (Broadcom Corporation)
R1 F06DEFF2-5B9C-490D-910F-35D3A91196222; C:\Program Files (x86)\Movies App\Datamngr\x64\setmgrc3.cfg [46152 2015-03-23] (Bandoo Media Inc.)
S3 k57nd; C:\Windows\System32\DRIVERS\k57amd64.sys [343080 2010-05-14] (Broadcom Corporation)
S3 Tosrfcom; pas de ImagePath
S3 BTMCOM; System32\Drivers\btmcom.sys [X]
S3 btwaudio; system32\drivers\btwaudio.sys [X]
S3 btwavdt; system32\drivers\btwavdt.sys [X]
S3 btwl2cap; system32\DRIVERS\btwl2cap.sys [X]
S3 btwrchid; system32\DRIVERS\btwrchid.sys [X]
S3 flpydisk; \SystemRoot\system32\DRIVERS\flpydisk.sys [X]

==================== NetSvcs (Avec liste blanche) ===================

(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)


==================== Un mois - Créés - fichiers et dossiers ========

(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)

2015-10-03 17:45 - 2015-10-03 17:46 - 00023720 _____ C:\Users\user\Downloads\FRST.txt
2015-10-03 17:42 - 2015-10-03 17:45 - 00000000 ____D C:\FRST
2015-10-03 17:42 - 2015-10-03 17:42 - 02193408 _____ (Farbar) C:\Users\user\Downloads\FRST64.exe
2015-10-03 17:40 - 2015-10-03 17:41 - 01697280 _____ (Farbar) C:\Users\user\Downloads\FRST (1).exe
2015-10-03 17:38 - 2015-10-03 17:39 - 01697280 _____ (Farbar) C:\Users\user\Downloads\FRST.exe
2015-10-03 17:29 - 2015-10-03 17:29 - 00000000 ____D C:\Windows\pss
2015-10-03 16:52 - 2015-10-03 16:52 - 00004182 _____ C:\Windows\System32\Tasks\avast! Emergency Update
2015-10-03 16:52 - 2015-10-03 16:52 - 00001882 _____ C:\Users\Public\Desktop\Avast Free Antivirus.lnk
2015-10-03 16:52 - 2015-10-03 16:52 - 00000000 ____D C:\Users\user\AppData\Roaming\AVAST Software
2015-10-03 16:52 - 2015-10-03 16:52 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVAST Software
2015-10-03 16:52 - 2015-10-03 16:51 - 00153744 _____ (AVAST Software) C:\Windows\system32\Drivers\aswStm.sys
2015-10-03 16:51 - 2015-10-03 16:51 - 01049880 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys
2015-10-03 16:51 - 2015-10-03 16:51 - 00448968 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys
2015-10-03 16:51 - 2015-10-03 16:51 - 00378880 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2015-10-03 16:51 - 2015-10-03 16:51 - 00274808 _____ (AVAST Software) C:\Windows\system32\Drivers\aswVmm.sys
2015-10-03 16:51 - 2015-10-03 16:51 - 00093528 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2015-10-03 16:51 - 2015-10-03 16:51 - 00090968 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2015-10-03 16:51 - 2015-10-03 16:51 - 00065224 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRvrt.sys
2015-10-03 16:51 - 2015-10-03 16:51 - 00043112 _____ (AVAST Software) C:\Windows\avastSS.scr
2015-10-03 16:51 - 2015-10-03 16:51 - 00028656 _____ (AVAST Software) C:\Windows\system32\Drivers\aswHwid.sys
2015-10-03 16:43 - 2015-10-03 16:43 - 00000000 ____D C:\Program Files\AVAST Software
2015-10-03 16:35 - 2015-10-03 16:36 - 05481336 _____ (Avast Software s.r.o.) C:\Users\user\Downloads\avast_free_antivirus_setup_online_01net.exe
2015-10-03 16:32 - 2015-10-03 16:32 - 01939328 _____ (Kaspersky Lab) C:\Users\user\Downloads\kis16.0.0.614fr_8592.exe
2015-09-19 22:39 - 2015-09-19 22:39 - 00000000 ____D C:\Users\user\AppData\Roaming\Apple Computer

==================== Un mois - Modifiés - fichiers et dossiers ========

(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)

2015-10-03 17:43 - 2011-03-15 15:14 - 01621025 _____ C:\Windows\WindowsUpdate.log
2015-10-03 17:39 - 2011-12-03 14:48 - 00001070 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-10-03 17:14 - 2011-03-15 15:43 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2015-10-03 17:09 - 2014-03-10 10:22 - 00000000 ____D C:\ProgramData\TorchCrashHandler
2015-10-03 17:08 - 2015-05-02 20:54 - 00000000 ____D C:\ProgramData\Datamngr
2015-10-03 17:08 - 2011-12-03 14:48 - 00001066 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-10-03 17:08 - 2011-03-15 17:16 - 00427508 _____ C:\Windows\PFRO.log
2015-10-03 17:08 - 2009-07-14 06:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2015-10-03 17:08 - 2009-07-14 05:51 - 00166651 _____ C:\Windows\setupact.log
2015-10-03 16:36 - 2012-10-25 12:06 - 00000000 ____D C:\ProgramData\AVAST Software
2015-10-03 15:54 - 2014-03-10 10:41 - 00000000 ____D C:\ProgramData\Kaspersky Lab Setup Files
2015-10-03 15:35 - 2015-01-01 08:26 - 00000000 ____D C:\Program Files (x86)\Mobogenie3
2015-10-03 12:02 - 2009-07-14 16:24 - 15923960 _____ C:\Windows\system32\perfh00C.dat
2015-10-03 12:02 - 2009-07-14 16:24 - 05312758 _____ C:\Windows\system32\perfc00C.dat
2015-10-03 12:02 - 2009-07-14 06:13 - 00004760 _____ C:\Windows\system32\PerfStringBackup.INI
2015-10-03 11:38 - 2014-01-10 23:15 - 00000000 ____D C:\Users\user\Documents\ملف خاص
2015-10-03 11:34 - 2014-09-11 22:46 - 00004296 _____ C:\Windows\System32\Tasks\User_Feed_Synchronization-{404BE8DD-7893-4381-A412-1B5E5E2D5056}
2015-10-03 10:40 - 2015-02-20 18:03 - 00000000 ____D C:\Users\user\mobogenieP2sp
2015-10-03 09:45 - 2014-03-11 09:27 - 00002141 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2015-10-01 22:18 - 2009-07-14 06:08 - 00032482 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2015-09-28 15:47 - 2011-03-15 15:43 - 00000000 ____D C:\Users\user\AppData\Roaming\vlc
2015-09-22 21:44 - 2015-05-23 13:23 - 00000000 ____D C:\Users\user\Documents\dossier
2015-09-21 13:34 - 2011-12-03 14:48 - 00004066 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2015-09-21 13:34 - 2011-12-03 14:48 - 00003814 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2015-09-21 13:02 - 2011-03-15 15:43 - 00000000 ____D C:\Users\user\AppData\Local\Google
2015-09-19 22:41 - 2015-01-02 22:12 - 00000000 ____D C:\Users\user\AppData\Local\Apple Computer
2015-09-05 22:12 - 2014-03-17 19:15 - 00000000 ____D C:\Users\user\Documents\Youcam

==================== Fichiers à la racine de certains dossiers =======

2014-02-15 12:56 - 2015-05-09 18:15 - 0005632 _____ () C:\Users\user\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2013-03-10 22:22 - 2013-03-10 22:22 - 0004096 _____ () C:\Users\user\AppData\Local\keyfile3.drm
2014-06-23 19:17 - 2014-06-23 19:17 - 0000051 _____ () C:\Users\user\AppData\Local\Kosong.Bron.Tok.txt
2011-03-15 15:41 - 2011-03-15 17:15 - 0002772 _____ () C:\Users\user\AppData\Local\mbt-actwiz.log

Certains fichiers dans TEMP:
====================
C:\Users\user\AppData\Local\Temp\7za.DLL
C:\Users\user\AppData\Local\Temp\BundleSweetIMSetup.exe
C:\Users\user\AppData\Local\Temp\Delta.exe
C:\Users\user\AppData\Local\Temp\DeltaTB.exe
C:\Users\user\AppData\Local\Temp\DeviceSetup64.exe
C:\Users\user\AppData\Local\Temp\MybabylonTB.exe
C:\Users\user\AppData\Local\Temp\ose00000.exe
C:\Users\user\AppData\Local\Temp\SDL_1.dll
C:\Users\user\AppData\Local\Temp\Softonic_FR_1-5-11_FR-Production_10_CleanRelease.exe
C:\Users\user\AppData\Local\Temp\SQLite3.DLL
C:\Users\user\AppData\Local\Temp\WSSetup.exe
C:\Users\user\AppData\Local\Temp\YouCam3_Setup.exe
C:\Users\user\AppData\Local\Temp\{289EFD62-ED75-4A29-8A7E-06C26E67B08E}-36.0.1985.125_chrome_installer.exe


==================== Bamital & volsnap =================

(Il n'y a pas de correction automatique pour les fichiers qui ne satisfont pas à la vérification.)

C:\Windows\system32\winlogon.exe => Le fichier est signé numériquement
C:\Windows\system32\wininit.exe => Le fichier est signé numériquement
C:\Windows\SysWOW64\wininit.exe => Le fichier est signé numériquement
C:\Windows\explorer.exe => Le fichier est signé numériquement
C:\Windows\SysWOW64\explorer.exe => Le fichier est signé numériquement
C:\Windows\system32\svchost.exe => Le fichier est signé numériquement
C:\Windows\SysWOW64\svchost.exe => Le fichier est signé numériquement
C:\Windows\system32\services.exe => Le fichier est signé numériquement
C:\Windows\system32\User32.dll => Le MD5 est légitime
C:\Windows\SysWOW64\User32.dll => Le MD5 est légitime
C:\Windows\system32\userinit.exe => Le fichier est signé numériquement
C:\Windows\SysWOW64\userinit.exe => Le fichier est signé numériquement
C:\Windows\system32\rpcss.dll => Le fichier est signé numériquement
C:\Windows\system32\dnsapi.dll => Le fichier est signé numériquement
C:\Windows\SysWOW64\dnsapi.dll => Le fichier est signé numériquement
C:\Windows\system32\Drivers\volsnap.sys => Le fichier est signé numériquement


LastRegBack: 2014-12-23 22:00

==================== Fin de FRST.txt ============================

Publicité


Signaler le contenu de ce document

Publicité