cjoint

Publicité


Publicité

Format du document : text/plain

Prévisualisation

Résultats d'analyse de Farbar Recovery Scan Tool (FRST) (x86) Version:18-10-2015
Exécuté par Pc (administrateur) sur PC-DE-PC (21-10-2015 15:16:00)
Exécuté depuis C:\Users\Pc\Downloads
Profils chargés: Pc (Profils disponibles: Pc)
Platform: Microsoft® Windows Vista™ Édition Familiale Premium Service Pack 2 (X86) Langue: Français (France)
Internet Explorer Version 9 (Navigateur par défaut: Chrome)
Mode d'amorçage: Normal
Tutoriel pour Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processus (Avec liste blanche) =================

(Si un élément est inclus dans le fichier fixlist.txt, le processus sera arrêté. Le fichier ne sera pas déplacé.)

(ATI Technologies Inc.) C:\WINDOWS\System32\Ati2evxx.exe
(Microsoft Corporation) C:\WINDOWS\System32\SLsvc.exe
(ATI Technologies Inc.) C:\WINDOWS\System32\Ati2evxx.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Hewlett-Packard Company) C:\hp\support\hpsysdrv.exe
(OsdMaestro) C:\Program Files\Hewlett-Packard\On-Screen OSD Indicator\OSD.exe
(Intel Corporation) C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
(Realtek Semiconductor) C:\WINDOWS\RtHDVCpl.exe
(Hewlett-Packard Co.) C:\Program Files\Hewlett-Packard\HP Software Update\hpwuSchd2.exe
(PC Tools) C:\Program Files\Common Files\PC Tools\sMonitor\SSDMonitor.exe
(Adobe Systems Incorporated) C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe
(Advanced Micro Devices Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(Hewlett-Packard) C:\Program Files\Hewlett-Packard\HP Advisor\HPAdvisor.exe
(Hewlett-Packard Co.) C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpqtra08.exe
(Intel Corporation) C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTmon.exe
(Hewlett-Packard Company) C:\Program Files\Common Files\LightScribe\LSSrvc.exe
(OpenOffice.org) C:\Program Files\OpenOffice.org 3\program\soffice.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(OpenOffice.org) C:\Program Files\OpenOffice.org 3\program\soffice.bin
(PC Tools) C:\Program Files\Common Files\PC Tools\sMonitor\StartManSvc.exe
(ATI Technologies Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Microsoft Corporation) C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
(Hewlett-Packard Co.) C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpqste08.exe
(Microsoft Corporation) C:\WINDOWS\System32\wbem\unsecapp.exe
(Microsoft Corporation) C:\WINDOWS\System32\conime.exe
(Hewlett-Packard Company) C:\hp\KBD\kbd.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Hewlett-Packard) C:\Program Files\Hewlett-Packard\HP Health Check\HPHC_Service.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe


==================== Registre (Avec liste blanche) ===========================

(Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé. Le fichier ne sera pas déplacé.)

HKLM\...\Run: [Windows Defender] => C:\Program Files\Windows Defender\MSASCui.exe [1008184 2008-01-19] (Microsoft Corporation)
HKLM\...\Run: [hpsysdrv] => c:\hp\support\hpsysdrv.exe [65536 2007-04-18] (Hewlett-Packard Company)
HKLM\...\Run: [KBD] => C:\HP\KBD\KbdStub.EXE [65536 2006-12-08] ()
HKLM\...\Run: [OsdMaestro] => C:\Program Files\Hewlett-Packard\On-Screen OSD Indicator\OSD.exe [118784 2007-02-15] (OsdMaestro)
HKLM\...\Run: [IAAnotif] => C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe [178712 2007-07-12] (Intel Corporation)
HKLM\...\Run: [StartCCC] => c:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [90112 2006-11-10] ()
HKLM\...\Run: [RtHDVCpl] => C:\Windows\RtHDVCpl.exe [4702208 2007-10-25] (Realtek Semiconductor)
HKLM\...\Run: [SunJavaUpdateReg] => C:\Windows\system32\jureg.exe [54936 2007-04-07] (Sun Microsystems, Inc.)
HKLM\...\Run: [HP Software Update] => C:\Program Files\Hewlett-Packard\HP Software Update\HPWuSchd2.exe [49152 2007-03-11] (Hewlett-Packard Co.)
HKLM\...\Run: [SweetIM] => C:\Program Files\SweetIM\Messenger\SweetIM.exe [114992 2012-01-19] (SweetIM Technologies Ltd.)
HKLM\...\Run: [SSDMonitor] => C:\Program Files\Common Files\PC Tools\sMonitor\SSDMonitor.exe [105120 2012-08-21] (PC Tools)
HKLM\...\Run: [Adobe ARM] => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1022152 2014-12-19] (Adobe Systems Incorporated)
HKLM\...\Run: [Search Protection] => C:\ProgramData\Search Protection\SearchProtection.exe
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [5227648 2015-03-30] (AVAST Software)
HKU\S-1-5-21-235350172-305313625-1485855854-1000\...\Run: [HPAdvisor] => C:\Program Files\Hewlett-Packard\HP Advisor\HPAdvisor.exe [1783136 2007-10-03] (Hewlett-Packard)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2014-11-25] (AVAST Software)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk [2012-01-29]
ShortcutTarget: HP Digital Imaging Monitor.lnk -> C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpqtra08.exe (Hewlett-Packard Co.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\hpoddt01.exe.lnk [2011-12-28]
ShortcutTarget: hpoddt01.exe.lnk -> C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpotdd01.exe (Hewlett-Packard)
Startup: C:\Users\Pc\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.3.lnk [2012-01-30]
ShortcutTarget: OpenOffice.org 3.3.lnk -> C:\Program Files\OpenOffice.org 3\program\quickstart.exe ()

==================== Internet (Avec liste blanche) ====================

(Si un élément est inclus dans le fichier fixlist.txt, s'il s'agit d'un élément du Registre, il sera supprimé ou restauré à la valeur par défaut.)

Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{F25CD6E3-0B97-4C5E-989A-99773D1F2902}: [DhcpNameServer] 192.168.1.1

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxps://www.google.com/search?trackid=sp-006&q={searchTerms}
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKU\S-1-5-21-235350172-305313625-1485855854-1000\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxps://www.google.com/?trackid=sp-006
HKU\S-1-5-21-235350172-305313625-1485855854-1000\Software\Microsoft\Internet Explorer\Main,Search Page = hxxps://www.google.com/search?trackid=sp-006&q={searchTerms}
SearchScopes: HKLM -> DefaultScope {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL = hxxps://www.google.com/search?trackid=sp-006&q={searchTerms}
SearchScopes: HKLM -> {157A9396-C2C3-4D32-91A9-F40C72601999} URL = hxxp://slirsredirect.search.aol.com/slirs_http/sredir?sredir=1156&query={searchTerms}&invocationType=tb50hpcndtie7-fr-fr
SearchScopes: HKLM -> {C3EEE889-3F4B-4B32-A143-FD8188D4A4D1} URL = hxxp://fr.kelkoopartners.net/ctl/do/search?siteSearchQuery={searchTerms}&fromform=true&x=true&y=true&partner=hp&partnerId=96913932
SearchScopes: HKLM -> {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL = hxxps://www.google.com/search?trackid=sp-006&q={searchTerms}
SearchScopes: HKLM -> {EEE6C360-6118-11DC-9C72-001320C79847} URL = hxxp://search.sweetim.com/search.asp?src=6&q={searchTerms}
SearchScopes: HKU\S-1-5-21-235350172-305313625-1485855854-1000 -> DefaultScope {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL = hxxps://www.google.com/search?trackid=sp-006&q={searchTerms}
SearchScopes: HKU\S-1-5-21-235350172-305313625-1485855854-1000 -> {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} URL = hxxp://do-search.com/web/?utm_source=b&utm_medium=&utm_campaign=install_ie&utm_content=ds&from=&uid=ST500DM002-1BC142_W2A27G6AXXXXW2A27G6A&ts=1420373293&type=default&q={searchTerms}
SearchScopes: HKU\S-1-5-21-235350172-305313625-1485855854-1000 -> {157A9396-C2C3-4D32-91A9-F40C72601999} URL = hxxp://do-search.com/web/?utm_source=b&utm_medium=&utm_campaign=install_ie&utm_content=ds&from=&uid=ST500DM002-1BC142_W2A27G6AXXXXW2A27G6A&ts=1420373293&type=default&q={searchTerms}
SearchScopes: HKU\S-1-5-21-235350172-305313625-1485855854-1000 -> {171DEBEB-C3D4-40b7-AC73-056A5EBA4A7E} URL = hxxp://do-search.com/web/?utm_source=b&utm_medium=&utm_campaign=install_ie&utm_content=ds&from=&uid=ST500DM002-1BC142_W2A27G6AXXXXW2A27G6A&ts=1420373293&type=default&q={searchTerms}
SearchScopes: HKU\S-1-5-21-235350172-305313625-1485855854-1000 -> {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = hxxp://do-search.com/web/?utm_source=b&utm_medium=&utm_campaign=install_ie&utm_content=ds&from=&uid=ST500DM002-1BC142_W2A27G6AXXXXW2A27G6A&ts=1420373293&type=default&q={searchTerms}
SearchScopes: HKU\S-1-5-21-235350172-305313625-1485855854-1000 -> {95B7759C-8C7F-4BF1-B163-73684A933233} URL = hxxp://do-search.com/web/?utm_source=b&utm_medium=&utm_campaign=install_ie&utm_content=ds&from=&uid=ST500DM002-1BC142_W2A27G6AXXXXW2A27G6A&ts=1420373293&type=default&q={searchTerms}
SearchScopes: HKU\S-1-5-21-235350172-305313625-1485855854-1000 -> {9D5BD211-422C-4164-9298-BB4186A30F31} URL = hxxp://do-search.com/web/?utm_source=b&utm_medium=&utm_campaign=install_ie&utm_content=ds&from=&uid=ST500DM002-1BC142_W2A27G6AXXXXW2A27G6A&ts=1420373293&type=default&q={searchTerms}
SearchScopes: HKU\S-1-5-21-235350172-305313625-1485855854-1000 -> {be9eb279-27ee-4be0-8136-e6b23f8b2525} URL = hxxp://do-search.com/web/?utm_source=b&utm_medium=&utm_campaign=install_ie&utm_content=ds&from=&uid=ST500DM002-1BC142_W2A27G6AXXXXW2A27G6A&ts=1420373293&type=default&q={searchTerms}
SearchScopes: HKU\S-1-5-21-235350172-305313625-1485855854-1000 -> {C3EEE889-3F4B-4B32-A143-FD8188D4A4D1} URL = hxxp://do-search.com/web/?utm_source=b&utm_medium=&utm_campaign=install_ie&utm_content=ds&from=&uid=ST500DM002-1BC142_W2A27G6AXXXXW2A27G6A&ts=1420373293&type=default&q={searchTerms}
SearchScopes: HKU\S-1-5-21-235350172-305313625-1485855854-1000 -> {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL = hxxps://www.google.com/search?trackid=sp-006&q={searchTerms}
SearchScopes: HKU\S-1-5-21-235350172-305313625-1485855854-1000 -> {EEE6C360-6118-11DC-9C72-001320C79847} URL = hxxp://do-search.com/web/?utm_source=b&utm_medium=&utm_campaign=install_ie&utm_content=ds&from=&uid=ST500DM002-1BC142_W2A27G6AXXXXW2A27G6A&ts=1420373293&type=default&q={searchTerms}
BHO: Pas de nom -> {51D26BB4-4D2C-4AE4-9873-5FF41B6DED1F} -> Pas de fichier
BHO: Pas de nom -> {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} -> Pas de fichier
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2014-11-25] (AVAST Software)
BHO: Pas de nom -> {EEE6C35C-6118-11DC-9C72-001320C79847} -> Pas de fichier
Toolbar: HKLM - Pas de nom - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - Pas de fichier
Toolbar: HKU\S-1-5-21-235350172-305313625-1485855854-1000 -> Pas de nom - {E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} - Pas de fichier
Toolbar: HKU\S-1-5-21-235350172-305313625-1485855854-1000 -> Pas de nom - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - Pas de fichier
Toolbar: HKU\S-1-5-21-235350172-305313625-1485855854-1000 -> Pas de nom - {D4027C7F-154A-4066-A1AD-4243D8127440} - Pas de fichier
DPF: {166B1BCA-3F9C-11CF-8075-444553540000} hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab
Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG2012\avgpp.dll Pas de fichier
Handler: ms-itss - {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Program Files\Common Files\Microsoft Shared\Information Retrieval\msitss.dll [2007-06-08] (Microsoft Corporation)
StartMenuInternet: IEXPLORE.EXE - C:\Program Files\Internet Explorer\iexplore.exe hxxp://www.delta-homes.com/?type=sc&ts=1433786020&z=4e7986d14d689231b4014aagfz5cfc1mbb1qdeeo1m&from=wpm06083&uid=ST3500630AS_9QG79DWQ

FireFox:
========
FF Plugin: @adobe.com/ShockwavePlayer -> C:\Windows\system32\Adobe\Director\np32dsw_1200112.dll [2013-02-18] (Adobe Systems, Inc.)
FF Plugin: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files\Google\Picasa3\npPicasa3.dll [2012-05-02] (Google, Inc.)
FF Plugin: @microsoft.com/WPF,version=3.5 -> c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll [2008-07-30] (Microsoft Corporation)
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-09-19] (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-09-19] (Google Inc.)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll [2014-12-03] (Adobe Systems Inc.)
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF Extension: Microsoft .NET Framework Assistant - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension [2012-02-20] [non signé]
FF HKLM\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2014-11-25] [non signé]

Chrome:
=======
CHR HomePage: Default -> hxxps://www.google.com/?trackid=sp-006
CHR StartupUrls: Default -> "hxxps://www.google.com/?trackid=sp-006"
CHR Profile: C:\Users\Pc\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Slides) - C:\Users\Pc\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-02-09]
CHR Extension: (Google Docs) - C:\Users\Pc\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-05-27]
CHR Extension: (Google Drive) - C:\Users\Pc\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-09-07]
CHR Extension: (YouTube) - C:\Users\Pc\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-09-07]
CHR Extension: (Recherche Google) - C:\Users\Pc\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-09-07]
CHR Extension: (Google Sheets) - C:\Users\Pc\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-02-09]
CHR Extension: (Google Docs hors connexion) - C:\Users\Pc\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2015-09-07]
CHR Extension: (Avast Online Security) - C:\Users\Pc\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2014-11-25]
CHR Extension: (MapsGalaxy) - C:\Users\Pc\AppData\Local\Google\Chrome\User Data\Default\Extensions\ijjnmdphpnlnelhbhefnfmimenjgbfcn [2015-09-07]
CHR Extension: (Paiements via le Chrome Web Store) - C:\Users\Pc\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-09-09]
CHR Extension: (Gmail) - C:\Users\Pc\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-09-07]
CHR HKLM\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChromeSp.crx [2014-11-25]
CHR HKLM\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2014-11-25]

==================== Services (Avec liste blanche) ========================

(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)

R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-11-25] (AVAST Software)
R2 HP Health Check Service; c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe [65536 2007-09-19] (Hewlett-Packard) [Fichier non signé]
R3 hpqcxs08; C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpqcxs08.dll [217088 2007-06-04] (Hewlett-Packard Co.) [Fichier non signé]
R2 hpqddsvc; C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpqddsvc.dll [131072 2007-06-04] (Hewlett-Packard Co.) [Fichier non signé]
R2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [43520 2006-11-08] (Hewlett-Packard) [Fichier non signé]
R2 PCToolsSSDMonitorSvc; C:\Program Files\Common Files\PC Tools\sMonitor\StartManSvc.exe [794272 2012-08-21] (PC Tools)
R2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [53248 2006-11-08] (Hewlett-Packard) [Fichier non signé]
S2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [272952 2008-01-19] (Microsoft Corporation)

===================== Pilotes (Avec liste blanche) ==========================

(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)

R3 Afc; C:\Windows\System32\drivers\Afc.sys [11776 2005-02-23] (Arcsoft, Inc.) [Fichier non signé]
R0 AFS; C:\Windows\system32\Drivers\AFS.sys [77004 2011-12-28] (Oak Technology Inc.) [Fichier non signé]
S3 ARCSOFTVIRTUALCAPTURE; C:\Windows\System32\DRIVERS\ArcSoftVirtualCapture.sys [17024 2006-12-07] (ArcSoft, Inc.)
R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [24184 2014-11-25] ()
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [70384 2014-11-25] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr.sys [55240 2014-11-25] (AVAST Software)
R0 aswRvrt; C:\Windows\system32\Drivers\aswRvrt.sys [49944 2014-11-25] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [787800 2014-11-25] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [423784 2014-11-25] (AVAST Software)
S3 aswTap; C:\Windows\System32\DRIVERS\aswTap.sys [35272 2014-03-02] (The OpenVPN Project)
R1 aswTdi; C:\Windows\system32\drivers\aswTdi.sys [57928 2014-11-25] (AVAST Software)
R0 aswVmm; C:\Windows\system32\Drivers\aswVmm.sys [206248 2014-11-25] ()
R1 {6fcd6092-9615-4f7f-8898-8df53980e5d2}Gt; C:\Windows\System32\drivers\{6fcd6092-9615-4f7f-8898-8df53980e5d2}Gt.sys [55224 2014-07-05] (StdLib)
S4 blbdrive; \SystemRoot\system32\drivers\blbdrive.sys [X]
S3 IpInIp; system32\DRIVERS\ipinip.sys [X]
S3 NwlnkFlt; system32\DRIVERS\nwlnkflt.sys [X]
S3 NwlnkFwd; system32\DRIVERS\nwlnkfwd.sys [X]
S3 SymIM; system32\DRIVERS\SymIM.sys [X]
S3 SymIMMP; system32\DRIVERS\SymIM.sys [X]

==================== NetSvcs (Avec liste blanche) ===================

(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)


==================== Un mois - Créés - fichiers et dossiers ========

(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)

2015-10-21 15:16 - 2015-10-21 15:16 - 00019311 _____ C:\Users\Pc\Downloads\FRST.txt
2015-10-21 15:14 - 2015-10-21 15:16 - 00000000 ____D C:\FRST
2015-10-21 15:14 - 2015-10-21 15:14 - 01700864 _____ (Farbar) C:\Users\Pc\Downloads\FRST.exe
2015-10-20 15:40 - 2015-10-20 15:40 - 02001540 _____ C:\Users\Pc\Downloads\pc-decrapifier-3.0.0.exe
2015-10-19 21:14 - 2015-10-19 21:14 - 00145848 _____ C:\Windows\Minidump\Mini101915-01.dmp
2015-10-15 15:56 - 2015-09-28 19:17 - 01206192 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2015-10-15 15:56 - 2015-09-26 18:09 - 03606464 _____ (Microsoft Corporation) C:\Windows\system32\ntkrnlpa.exe
2015-10-15 15:56 - 2015-09-26 18:09 - 03554240 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-10-15 15:55 - 2015-07-29 02:46 - 11588096 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2015-10-14 11:43 - 2015-09-11 09:22 - 01814016 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-10-14 11:43 - 2015-09-11 09:21 - 12388352 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-10-14 11:43 - 2015-09-11 09:19 - 00367616 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2015-10-14 11:43 - 2015-09-11 09:17 - 09751552 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-10-14 11:43 - 2015-09-11 09:16 - 01139712 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-10-14 11:43 - 2015-09-11 09:16 - 01129472 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-10-14 11:43 - 2015-09-11 09:15 - 01427968 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-10-14 11:43 - 2015-09-11 09:15 - 00422912 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-10-14 11:43 - 2015-09-11 09:14 - 02382848 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2015-10-14 11:43 - 2015-09-11 09:14 - 01804288 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-10-14 11:43 - 2015-09-11 09:14 - 00718848 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2015-10-14 11:43 - 2015-09-11 09:14 - 00607744 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-10-14 11:43 - 2015-09-11 09:14 - 00353792 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2015-10-14 11:43 - 2015-09-11 09:14 - 00231936 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2015-10-14 11:43 - 2015-09-11 09:14 - 00223232 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-10-14 11:43 - 2015-09-11 09:14 - 00176640 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2015-10-14 11:43 - 2015-09-11 09:14 - 00142848 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2015-10-14 11:43 - 2015-09-11 09:14 - 00073216 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-10-14 11:43 - 2015-09-11 09:14 - 00065536 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2015-10-14 11:43 - 2015-09-11 09:14 - 00041472 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll
2015-10-14 11:43 - 2015-09-11 09:14 - 00011776 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe
2015-10-14 11:43 - 2015-09-11 09:14 - 00010752 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe
2015-09-30 11:54 - 2015-09-30 11:54 - 00012148 _____ C:\Users\Pc\Downloads\Tableau SF 2016 N3.xlsx
2015-09-24 09:40 - 2015-08-13 16:15 - 00304640 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv.sys
2015-09-24 09:40 - 2015-08-13 16:15 - 00102912 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srvnet.sys
2015-09-24 09:37 - 2015-07-10 16:21 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2015-09-24 09:35 - 2015-09-02 23:26 - 00034304 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2015-09-24 09:35 - 2015-09-02 21:55 - 02067456 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2015-09-24 09:35 - 2015-09-02 21:54 - 00297472 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2015-09-24 09:34 - 2015-08-05 17:59 - 00602112 _____ (Microsoft Corporation) C:\Windows\system32\schedsvc.dll

==================== Un mois - Modifiés - fichiers et dossiers ========

(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)

2015-10-21 15:01 - 2011-11-14 11:21 - 01357651 _____ C:\Windows\WindowsUpdate.log
2015-10-21 14:57 - 2013-06-03 23:15 - 00000350 _____ C:\Windows\Tasks\AVG-Secure-Search-Update_JUNE2013_TB_rmv.job
2015-10-21 14:57 - 2013-04-01 19:00 - 00000266 _____ C:\Windows\Tasks\RMAutoUpdate.job
2015-10-21 14:57 - 2013-03-07 21:40 - 00000000 ____D C:\Program Files\PC Tools Registry Mechanic
2015-10-21 14:57 - 2011-11-30 22:00 - 00001052 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-10-21 14:57 - 2006-11-02 15:01 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2015-10-21 14:57 - 2006-11-02 14:47 - 00003568 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
2015-10-21 14:57 - 2006-11-02 14:47 - 00003568 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
2015-10-20 15:45 - 2006-11-02 15:01 - 00032580 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2015-10-20 15:29 - 2011-12-04 19:36 - 00001919 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2015-10-20 15:29 - 2011-11-14 11:35 - 00000909 _____ C:\Users\Pc\Desktop\Internet Explorer.lnk
2015-10-20 15:26 - 2012-03-28 15:48 - 00000000 ____D C:\ProgramData\TEMP
2015-10-20 15:22 - 2014-04-02 18:57 - 00000000 ____D C:\Users\Pc\AppData\Roaming\Dropbox
2015-10-20 15:21 - 2011-11-30 22:00 - 00001056 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-10-20 15:21 - 2007-11-24 13:22 - 00000000 ____D C:\Program Files\CyberLink
2015-10-20 15:21 - 2007-11-24 13:15 - 00000000 ___HD C:\Program Files\InstallShield Installation Information
2015-10-19 21:14 - 2012-01-29 17:05 - 173008500 _____ C:\Windows\MEMORY.DMP
2015-10-19 21:14 - 2012-01-29 17:05 - 00000000 ____D C:\Windows\Minidump
2015-10-18 17:01 - 2006-11-02 13:18 - 00000000 ____D C:\Windows\rescache
2015-10-15 16:13 - 2013-08-15 12:14 - 00000000 ____D C:\Windows\system32\MRT
2015-10-15 15:59 - 2006-11-02 12:24 - 141105520 _____ (Microsoft Corporation) C:\Windows\system32\mrt.exe
2015-10-07 12:23 - 2006-11-02 12:23 - 00000301 _____ C:\Windows\win.ini
2015-09-30 11:55 - 2012-03-08 14:49 - 00011828 _____ C:\Users\Pc\AppData\Roaming\wklnhst.dat
2015-09-24 09:59 - 2006-11-02 14:47 - 00303632 _____ C:\Windows\system32\FNTCACHE.DAT
2015-09-24 09:56 - 2006-11-02 14:37 - 00000000 ____D C:\Program Files\Windows Journal
2015-09-24 09:56 - 2006-11-02 13:18 - 00000000 ____D C:\Windows\system32\fr-FR
2015-09-24 09:28 - 2011-11-30 21:59 - 00000000 ____D C:\Users\Pc\AppData\Local\Google

==================== Fichiers à la racine de certains dossiers =======

2011-11-30 22:03 - 2011-11-30 22:03 - 0002256 _____ () C:\Users\Pc\AppData\Roaming\Bubble Dock.boostrap.log
2011-11-30 22:03 - 2011-11-30 22:59 - 0024934 _____ () C:\Users\Pc\AppData\Roaming\Bubble Dock.installation.log
2012-03-08 14:49 - 2015-09-30 11:55 - 0011828 _____ () C:\Users\Pc\AppData\Roaming\wklnhst.dat
2011-11-14 12:23 - 2011-12-27 11:35 - 0000680 _____ () C:\Users\Pc\AppData\Local\d3d9caps.dat
2011-11-18 13:03 - 2015-02-08 18:06 - 0013312 _____ () C:\Users\Pc\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2014-04-26 11:18 - 2014-04-26 11:18 - 0575816 _____ () C:\ProgramData\1398503319.bdinstall.bin
2014-05-26 12:44 - 2014-05-26 12:44 - 0482920 _____ () C:\ProgramData\1401100722.bdinstall.bin
2014-05-26 19:07 - 2014-05-26 19:07 - 0245895 _____ () C:\ProgramData\1401123978.bdinstall.bin
2007-11-24 13:21 - 2014-11-25 12:05 - 0007954 _____ () C:\ProgramData\hpzinstall.log

Certains fichiers dans TEMP:
====================
C:\Users\Pc\AppData\Local\Temp\5ccf9eab-234f-4f05-be65-f16d03c0694f.exe
C:\Users\Pc\AppData\Local\Temp\avguidx.dll
C:\Users\Pc\AppData\Local\Temp\CommonInstaller.exe
C:\Users\Pc\AppData\Local\Temp\conduitinstaller.exe
C:\Users\Pc\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpg3arpk.dll
C:\Users\Pc\AppData\Local\Temp\GoogleToolbarInstaller_en32_signed.exe
C:\Users\Pc\AppData\Local\Temp\iGearedHelper.dll
C:\Users\Pc\AppData\Local\Temp\InstallerBT.exe
C:\Users\Pc\AppData\Local\Temp\install_reader10_fr_mssa_awc_aih.exe
C:\Users\Pc\AppData\Local\Temp\MachineIdCreator.exe
C:\Users\Pc\AppData\Local\Temp\msvcp120.dll
C:\Users\Pc\AppData\Local\Temp\msvcr120.dll
C:\Users\Pc\AppData\Local\Temp\MyBabylonTB.exe
C:\Users\Pc\AppData\Local\Temp\MyBabylonTB_I.exe
C:\Users\Pc\AppData\Local\Temp\oi_{6695E1D9-AAAB-4B12-83D2-0D38EA25E91B}.exe
C:\Users\Pc\AppData\Local\Temp\oi_{6A59554D-9524-4F65-B6BF-9565AAF43CEA}.exe
C:\Users\Pc\AppData\Local\Temp\oi_{7ACA5BE7-6A3B-4F80-96D2-BCF0AF1821AF}.exe
C:\Users\Pc\AppData\Local\Temp\pc-decrapifier.exe
C:\Users\Pc\AppData\Local\Temp\stubhelper.dll
C:\Users\Pc\AppData\Local\Temp\tempmessage.bfg
C:\Users\Pc\AppData\Local\Temp\ToolbarInstaller.exe
C:\Users\Pc\AppData\Local\Temp\UNINSTALL.EXE
C:\Users\Pc\AppData\Local\Temp\WLM2011Installer.exe
C:\Users\Pc\AppData\Local\Temp\wlsetup.exe
C:\Users\Pc\AppData\Local\Temp\wlsetupc.exe
C:\Users\Pc\AppData\Local\Temp\_is4C1C.exe
C:\Users\Pc\AppData\Local\Temp\{07A4F574-4BE3-401E-B407-2FFC02795680}-27.0.1453.110_chrome_installer.exe
C:\Users\Pc\AppData\Local\Temp\{0908E672-1EA7-46CB-9D9B-20F25F55BDE5}-chrome_updater.exe
C:\Users\Pc\AppData\Local\Temp\{3AFE3162-B5DA-41B9-95FE-A1C76C8B706D}-32.0.1700.107_32.0.1700.102_chrome_updater.exe
C:\Users\Pc\AppData\Local\Temp\{C7566806-E9FD-46D8-9E9B-EC9584A5730F}-41.0.2272.118_41.0.2272.101_chrome_updater.exe
C:\Users\Pc\AppData\Local\Temp\{CC7685A5-109C-4EFC-AB80-659D2CF43B01}-chrome_updater.exe


==================== Bamital & volsnap =================

(Il n'y a pas de correction automatique pour les fichiers qui ne satisfont pas à la vérification.)

C:\Windows\explorer.exe => Le fichier est signé numériquement
C:\Windows\system32\winlogon.exe => Le fichier est signé numériquement
C:\Windows\system32\wininit.exe => Le fichier est signé numériquement
C:\Windows\system32\svchost.exe => Le fichier est signé numériquement
C:\Windows\system32\services.exe => Le fichier est signé numériquement
C:\Windows\system32\User32.dll => Le fichier est signé numériquement
C:\Windows\system32\userinit.exe => Le fichier est signé numériquement
C:\Windows\system32\rpcss.dll => Le fichier est signé numériquement
C:\Windows\system32\dnsapi.dll => Le fichier est signé numériquement
C:\Windows\system32\Drivers\volsnap.sys => Le fichier est signé numériquement


LastRegBack: 2015-10-21 15:04

==================== Fin de FRST.txt ============================

Publicité


Signaler le contenu de ce document

Publicité