cjoint

Publicité


Publicité

Format du document : text/plain

Prévisualisation

Résultats d'analyse de Farbar Recovery Scan Tool (FRST) (x64) Version:07-11-2015
Exécuté par MMC (administrateur) sur MMC-PC (07-11-2015 22:13:58)
Exécuté depuis C:\Users\MMC\Downloads\Programs
Profils chargés: MMC (Profils disponibles: MMC)
Platform: Windows 7 Professional Service Pack 1 (X64) Langue: Français (France)
Internet Explorer Version 8 (Navigateur par défaut: Chrome)
Mode d'amorçage: Normal
Tutoriel pour Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processus (Avec liste blanche) =================

(Si un élément est inclus dans le fichier fixlist.txt, le processus sera arrêté. Le fichier ne sera pas déplacé.)

(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 15.0.1\avp.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Microsoft Corporation) C:\Windows\System32\wscript.exe
(McAfee, Inc.) C:\Program Files\McAfee Security Scan\3.11.163\SSScheduler.exe
(Microsoft Corporation) C:\Windows\System32\wscript.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(GlavSoft LLC.) C:\Windows\securitysvc.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
(Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 15.0.1\avpui.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Tonec Inc.) C:\Program Files (x86)\Internet Download Manager\IDMan.exe


==================== Registre (Avec liste blanche) ===========================

(Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé. Le fichier ne sera pas déplacé.)

HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2778864 2014-01-31] (Synaptics Incorporated)
HKLM\...\Run: [VideoLAN] => C:\WINDOWS\system32\wscript.exe /e:VBScript.Encode D:\$RECYCLEBIN\Vlc.rar
HKLM\...\Run: [C-cleaner] => C:\WINDOWS\system32\wscript.exe /e:VBScript.Encode D:\$RECYCLEBIN\Adobe.rar
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2014-05-08] (Adobe Systems Incorporated)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-3209152726-3739861426-614443067-1000\...\MountPoints2: {9ec2c724-95ce-11e4-9e48-3c77e6d97886} - G:\LGAutoRun.exe
HKU\S-1-5-21-3209152726-3739861426-614443067-1000\...\MountPoints2: {df1429ab-810d-11e4-ad0d-806e6f6e6963} - F:\Autorun.exe
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => Pas de fichier
ShellIconOverlayIdentifiers: [IDM Shell Extension] -> {CDC95B92-E27C-4745-A8C5-64A52A78855D} => C:\Program Files (x86)\Internet Download Manager\IDMShellExt64.dll [2012-11-16] (Tonec Inc.)
ShellIconOverlayIdentifiers: [KAVOverlayIcon] -> {014F27E2-6D75-4E42-A0E9-2A2C68498AFA} => C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 15.0.1\x64\shellex.dll [2015-11-07] (Kaspersky Lab ZAO)
ShellIconOverlayIdentifiers-x32: [KAVOverlayIcon] -> {014F27E2-6D75-4E42-A0E9-2A2C68498AFA} => C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 15.0.1\shellex.dll [2015-11-07] (Kaspersky Lab ZAO)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk [2015-09-06]
ShortcutTarget: McAfee Security Scan Plus.lnk -> C:\Program Files\McAfee Security Scan\3.11.163\SSScheduler.exe (McAfee, Inc.)
Startup: C:\Users\MMC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\C-cleaner.lnk [2015-08-24]
ShortcutTarget: C-cleaner.lnk -> C:\Windows\System32\wscript.exe (Microsoft Corporation)
Startup: C:\Users\MMC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\VideoLAN.lnk [2015-08-24]
ShortcutTarget: VideoLAN.lnk -> C:\Windows\System32\wscript.exe (Microsoft Corporation)
BootExecute: autocheck autochk * aswBoot.exe /M:1b49269d2 /wow /dir:"C:\Program Files\AVAST Software\Avast"
GroupPolicy: Restriction - Chrome <======= ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Restriction <======= ATTENTION
CHR HKU\S-1-5-21-3209152726-3739861426-614443067-1000\SOFTWARE\Policies\Google: Restriction <======= ATTENTION

==================== Internet (Avec liste blanche) ====================

(Si un élément est inclus dans le fichier fixlist.txt, s'il s'agit d'un élément du Registre, il sera supprimé ou restauré à la valeur par défaut.)

Hosts: 0.0.0.1 mssplus.mcafee.com
Tcpip\Parameters: [DhcpNameServer] 192.168.1.254
Tcpip\..\Interfaces\{B03D5CB3-D49E-42F0-98BB-298C2BB5AD85}: [DhcpNameServer] 192.168.1.254

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.istartsurf.com/?type=hppp&ts=1434463083&from=xtab&uid=AA69DC05E87B4ed5ADFBAC362B38AE1C
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.istartsurf.com/?type=hppp&ts=1434463083&from=xtab&uid=AA69DC05E87B4ed5ADFBAC362B38AE1C
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://istart.webssearches.com/web/?type=ds&ts=1421614880&from=obw&uid=HitachiXHTS543232A7A384_E20342BM17LWRJ17LWRJX&q={searchTerms}
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxp://istart.webssearches.com/web/?type=ds&ts=1421614880&from=obw&uid=HitachiXHTS543232A7A384_E20342BM17LWRJ17LWRJX&q={searchTerms}
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.istartsurf.com/?type=hppp&ts=1434463083&from=xtab&uid=AA69DC05E87B4ed5ADFBAC362B38AE1C
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.istartsurf.com/?type=hppp&ts=1434463083&from=xtab&uid=AA69DC05E87B4ed5ADFBAC362B38AE1C
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://istart.webssearches.com/web/?type=ds&ts=1421614880&from=obw&uid=HitachiXHTS543232A7A384_E20342BM17LWRJ17LWRJX&q={searchTerms}
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://istart.webssearches.com/web/?type=ds&ts=1421614880&from=obw&uid=HitachiXHTS543232A7A384_E20342BM17LWRJ17LWRJX&q={searchTerms}
HKU\S-1-5-21-3209152726-3739861426-614443067-1000\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://search.delta-homes.com/web/?type=ds&ts=1434109742&z=529c415aa8273e6e55e921ag1z2c6zeg4e7t8mczeq&from=ient06122&uid=HitachiXHTS543232A7A384_E20342BM17LWRJ17LWRJX&q={searchTerms}
HKU\S-1-5-21-3209152726-3739861426-614443067-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.istartsurf.com/?type=hppp&ts=1434463083&from=xtab&uid=AA69DC05E87B4ed5ADFBAC362B38AE1C
HKU\S-1-5-21-3209152726-3739861426-614443067-1000\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.istartsurf.com/?type=hppp&ts=1434463083&from=xtab&uid=AA69DC05E87B4ed5ADFBAC362B38AE1C
HKU\S-1-5-21-3209152726-3739861426-614443067-1000\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://search.delta-homes.com/web/?type=ds&ts=1434109742&z=529c415aa8273e6e55e921ag1z2c6zeg4e7t8mczeq&from=ient06122&uid=HitachiXHTS543232A7A384_E20342BM17LWRJ17LWRJX&q={searchTerms}
SearchScopes: HKLM -> {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL =
SearchScopes: HKLM -> {9BB47C17-9C68-4BB3-B188-DD9AF0FD2492} URL = hxxp://www.default-search.net/search?sid=492&aid=220&itype=a&ver=15511&tm=558&src=ds&p={searchTerms}
SearchScopes: HKLM-x32 -> {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL =
SearchScopes: HKLM-x32 -> {9BB47C17-9C68-4BB3-B188-DD9AF0FD2492} URL = hxxp://www.default-search.net/search?sid=492&aid=220&itype=a&ver=15511&tm=558&src=ds&p={searchTerms}
SearchScopes: HKLM-x32 -> {BB74DE59-BC4C-4172-9AC4-73315F71CFFE} URL = hxxp://websearch.thesearchpage.info/?l=1&q={searchTerms}&pid=2145&r=2015/01/18&hid=8055280291281407054&lg=EN&cc=DZ&unqvl=74
SearchScopes: HKU\S-1-5-21-3209152726-3739861426-614443067-1000 -> DefaultScope {2023ECEC-E06A-4372-A1C7-0B49F9E0FFF0} URL = hxxp://do-search.com/web/?utm_source=b&utm_medium=&utm_campaign=install_ie&utm_content=ds&from=&uid=ST500DM002-1BC142_W2A27G6AXXXXW2A27G6A&ts=1420373293&type=default&q={searchTerms}
SearchScopes: HKU\S-1-5-21-3209152726-3739861426-614443067-1000 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://do-search.com/web/?utm_source=b&utm_medium=&utm_campaign=install_ie&utm_content=ds&from=&uid=ST500DM002-1BC142_W2A27G6AXXXXW2A27G6A&ts=1420373293&type=default&q={searchTerms}
SearchScopes: HKU\S-1-5-21-3209152726-3739861426-614443067-1000 -> {2023ECEC-E06A-4372-A1C7-0B49F9E0FFF0} URL = hxxp://do-search.com/web/?utm_source=b&utm_medium=&utm_campaign=install_ie&utm_content=ds&from=&uid=ST500DM002-1BC142_W2A27G6AXXXXW2A27G6A&ts=1420373293&type=default&q={searchTerms}
SearchScopes: HKU\S-1-5-21-3209152726-3739861426-614443067-1000 -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://do-search.com/web/?utm_source=b&utm_medium=&utm_campaign=install_ie&utm_content=ds&from=&uid=ST500DM002-1BC142_W2A27G6AXXXXW2A27G6A&ts=1420373293&type=default&q={searchTerms}
SearchScopes: HKU\S-1-5-21-3209152726-3739861426-614443067-1000 -> {9BB47C17-9C68-4BB3-B188-DD9AF0FD2492} URL = hxxp://do-search.com/web/?utm_source=b&utm_medium=&utm_campaign=install_ie&utm_content=ds&from=&uid=ST500DM002-1BC142_W2A27G6AXXXXW2A27G6A&ts=1420373293&type=default&q={searchTerms}
SearchScopes: HKU\S-1-5-21-3209152726-3739861426-614443067-1000 -> {BB74DE59-BC4C-4172-9AC4-73315F71CFFE} URL = hxxp://do-search.com/web/?utm_source=b&utm_medium=&utm_campaign=install_ie&utm_content=ds&from=&uid=ST500DM002-1BC142_W2A27G6AXXXXW2A27G6A&ts=1420373293&type=default&q={searchTerms}
BHO: IDM integration (IDMIEHlprObj Class) -> {0055C089-8582-441B-A0BF-17B458C2A3A8} -> C:\Program Files (x86)\Internet Download Manager\IDMIECC64.dll [2014-02-03] (Internet Download Manager, Tonec Inc.)
BHO: Content Blocker Plugin -> {03C04F0A-E2A3-4F7F-BA30-BFA06FFD1358} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 15.0.1\x64\IEExt\ie_plugin.dll [2015-11-07] (Kaspersky Lab ZAO)
BHO: Virtual Keyboard Plugin -> {B5D5BB14-C8E2-478D-9C97-574AC10AF9E8} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 15.0.1\x64\IEExt\ie_plugin.dll [2015-11-07] (Kaspersky Lab ZAO)
BHO: Safe Money Plugin -> {E3D96E85-529D-4269-AC6A-97CF9E2221E3} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 15.0.1\x64\IEExt\ie_plugin.dll [2015-11-07] (Kaspersky Lab ZAO)
BHO-x32: IDM integration (IDMIEHlprObj Class) -> {0055C089-8582-441B-A0BF-17B458C2A3A8} -> C:\Program Files (x86)\Internet Download Manager\IDMIECC.dll [2014-02-03] (Internet Download Manager, Tonec Inc.)
BHO-x32: Content Blocker Plugin -> {03C04F0A-E2A3-4F7F-BA30-BFA06FFD1358} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 15.0.1\IEExt\ie_plugin.dll [2015-11-07] (Kaspersky Lab ZAO)
BHO-x32: Virtual Keyboard Plugin -> {B5D5BB14-C8E2-478D-9C97-574AC10AF9E8} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 15.0.1\IEExt\ie_plugin.dll [2015-11-07] (Kaspersky Lab ZAO)
BHO-x32: Safe Money Plugin -> {E3D96E85-529D-4269-AC6A-97CF9E2221E3} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 15.0.1\IEExt\ie_plugin.dll [2015-11-07] (Kaspersky Lab ZAO)
Toolbar: HKU\S-1-5-21-3209152726-3739861426-614443067-1000 -> Pas de nom - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - Pas de fichier
Filter: deflate - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\system32\urlmon.dll [2010-11-21] (Microsoft Corporation)
Filter-x32: deflate - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\SysWOW64\urlmon.dll [2010-11-21] (Microsoft Corporation)
Filter: gzip - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\system32\urlmon.dll [2010-11-21] (Microsoft Corporation)
Filter-x32: gzip - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\SysWOW64\urlmon.dll [2010-11-21] (Microsoft Corporation)

FireFox:
========
FF ProfilePath: C:\Users\MMC\AppData\Roaming\Mozilla\Firefox\Profiles\iebgn5ws.default
FF NewTab: chrome://quick_start/content/index.html
FF DefaultSearchEngine: istartsurf
FF DefaultSearchEngine,S: WebSearch
FF DefaultSearchUrl: hxxp://websearch.thesearchpage.info/?pid=2145&r=2015/01/18&hid=8055280291281407054&lg=EN&cc=DZ&unqvl=74&l=1&q=
FF SearchEngineOrder.1: default-search.net
FF SearchEngineOrder.1,S: WebSearch
FF SelectedSearchEngine: istartsurf
FF SelectedSearchEngine,S: WebSearch
FF Homepage: hxxp://www.istartsurf.com/?type=hppp&ts=1434463083&from=xtab&uid=AA69DC05E87B4ed5ADFBAC362B38AE1C
FF Keyword.URL: hxxp://www.default-search.net/search?sid=492&aid=220&itype=a&ver=15511&tm=558&src=ds&p=
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_16_0_0_235.dll [2014-12-11] ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.40416.0\npctrl.dll [2015-04-15] ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_16_0_0_235.dll [2014-12-11] ()
FF Plugin-x32: @kaspersky.com/content_blocker_6418E0D362104DADA084DC312DFA8ABC -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 15.0.1\FFExt\content_blocker@kaspersky.com [2015-11-07] ()
FF Plugin-x32: @kaspersky.com/online_banking_69A4E213815F42BD863D889007201D82 -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 15.0.1\FFExt\online_banking@kaspersky.com [2015-11-07] ()
FF Plugin-x32: @kaspersky.com/virtual_keyboard_294FF26A1D5B455495946778FDE7CEDB -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 15.0.1\FFExt\virtual_keyboard@kaspersky.com [2015-11-07] ()
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.40416.0\npctrl.dll [2015-04-15] ( Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-09-16] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-09-16] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2014-05-08] (Adobe Systems Inc.)
FF user.js: detected! => C:\Users\MMC\AppData\Roaming\Mozilla\Firefox\Profiles\iebgn5ws.default\user.js [2015-09-14]
FF SearchPlugin: C:\Users\MMC\AppData\Roaming\Mozilla\Firefox\Profiles\iebgn5ws.default\searchplugins\default-search.xml [2015-02-16]
FF SearchPlugin: C:\Users\MMC\AppData\Roaming\Mozilla\Firefox\Profiles\iebgn5ws.default\searchplugins\delta-homes.xml [2015-06-19]
FF SearchPlugin: C:\Users\MMC\AppData\Roaming\Mozilla\Firefox\Profiles\iebgn5ws.default\searchplugins\istartsurf.xml [2015-11-01]
FF SearchPlugin: C:\Users\MMC\AppData\Roaming\Mozilla\Firefox\Profiles\iebgn5ws.default\searchplugins\WebSearch.xml [2015-01-18]
FF SearchPlugin: C:\Users\MMC\AppData\Roaming\Mozilla\Firefox\Profiles\iebgn5ws.default\searchplugins\webssearches.xml [2015-06-12]
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\.xml [2015-02-17]
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\default-search.xml [2015-02-16]
FF Extension: youtubeadblocker - C:\Users\MMC\AppData\Roaming\Mozilla\Firefox\Profiles\iebgn5ws.default\Extensions\0nFV@Yd6O.net [2015-01-18] [non signé]
FF Extension: unisAles - C:\Users\MMC\AppData\Roaming\Mozilla\Firefox\Profiles\iebgn5ws.default\Extensions\8@85XEO2.org [2015-01-18] [non signé]
FF Extension: FF Toolbar - C:\Users\MMC\AppData\Roaming\Mozilla\Firefox\Profiles\iebgn5ws.default\Extensions\fftoolbar2014@etech.com [2015-01-18] [non signé]
FF Extension: QuickSearch - C:\Users\MMC\AppData\Roaming\Mozilla\Firefox\Profiles\iebgn5ws.default\Extensions\quick_searchff@gmail.com [2015-06-12] [non signé]
FF Extension: Search Enginer - C:\Users\MMC\AppData\Roaming\Mozilla\Firefox\Profiles\iebgn5ws.default\Extensions\sweetsearch@gmail.com [2015-06-16] [non signé]
FF Extension: Mozilla Firefox Hotfixer - C:\Users\MMC\AppData\Roaming\Mozilla\Firefox\Profiles\iebgn5ws.default\Extensions\veggy@veggyAddon.com [2015-04-01] [non signé]
FF Extension: Elegant Advisor - C:\Users\MMC\AppData\Roaming\Mozilla\Firefox\Profiles\iebgn5ws.default\Extensions\{20fec063-c59d-0c63-9ae8-03180eee7f1e} [2015-05-18] [non signé]
FF HKLM-x32\...\Firefox\Extensions: [fftoolbar2014@etech.com] - C:\Users\MMC\AppData\Roaming\Mozilla\Firefox\Profiles\iebgn5ws.default\extensions\fftoolbar2014@etech.com
FF HKLM-x32\...\Firefox\Extensions: [quick_searchff@gmail.com] - C:\Users\MMC\AppData\Roaming\Mozilla\Firefox\Profiles\iebgn5ws.default\extensions\quick_searchff@gmail.com
FF HKLM-x32\...\Firefox\Extensions: [sweetsearch@gmail.com] - C:\Users\MMC\AppData\Roaming\Mozilla\Firefox\Profiles\iebgn5ws.default\extensions\sweetsearch@gmail.com
FF HKLM-x32\...\Firefox\Extensions: [content_blocker_6418E0D362104DADA084DC312DFA8ABC@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 15.0.1\FFExt\content_blocker@kaspersky.com
FF Extension: Dangerous Websites Blocker - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 15.0.1\FFExt\content_blocker@kaspersky.com [2015-11-07] [non signé]
FF HKLM-x32\...\Firefox\Extensions: [virtual_keyboard_294FF26A1D5B455495946778FDE7CEDB@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 15.0.1\FFExt\virtual_keyboard@kaspersky.com
FF Extension: Virtual Keyboard - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 15.0.1\FFExt\virtual_keyboard@kaspersky.com [2015-11-07] [non signé]
FF HKLM-x32\...\Firefox\Extensions: [online_banking_69A4E213815F42BD863D889007201D82@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 15.0.1\FFExt\online_banking@kaspersky.com
FF Extension: Safe Money - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 15.0.1\FFExt\online_banking@kaspersky.com [2015-11-07] [non signé]
FF HKU\S-1-5-21-3209152726-3739861426-614443067-1000\...\Firefox\Extensions: [mozilla_cc@internetdownloadmanager.com] - C:\Users\MMC\AppData\Roaming\IDM\idmmzcc5
FF Extension: IDM CC - C:\Users\MMC\AppData\Roaming\IDM\idmmzcc5 [2015-01-18] [non signé]
FF HKU\S-1-5-21-3209152726-3739861426-614443067-1000\...\SeaMonkey\Extensions: [mozilla_cc@internetdownloadmanager.com] - C:\Users\MMC\AppData\Roaming\IDM\idmmzcc5

Chrome:
=======
CHR dev: Chrome dev build détecté(e)! <======= ATTENTION
CHR HomePage: Default -> hxxp://www.google.fr/
CHR DefaultSearchURL: Default -> hxxp://www.v9.com/web?type=ds&ts=1440416962&from=zzgbkk123&uid=hitachixhts543232a7a384_e20342bm17lwrj17lwrjx&z=f632e99516007f33ac8a5a8g0zfz0ebz2g6qatdq9g&q={searchTerms}
CHR DefaultSearchKeyword: Default -> v9
CHR Profile: C:\Users\MMC\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Slides) - C:\Users\MMC\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-09-25]
CHR Extension: (Google Docs) - C:\Users\MMC\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-09-25]
CHR Extension: (Google Drive) - C:\Users\MMC\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-10-21]
CHR Extension: (YouTube) - C:\Users\MMC\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-09-25]
CHR Extension: (Recherche Google) - C:\Users\MMC\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-10-27]
CHR Extension: (Kaspersky Protection) - C:\Users\MMC\AppData\Local\Google\Chrome\User Data\Default\Extensions\dbhjdbfgekjfcfkkfjjmlmojhbllhbho [2015-11-07]
CHR Extension: (Google Sheets) - C:\Users\MMC\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-09-25]
CHR Extension: (Default-Search) - C:\Users\MMC\AppData\Local\Google\Chrome\User Data\Default\Extensions\fgbcffenncokfocljomejddmgcpppjom [2015-04-07] [UpdateUrl: hxxps://mynamedomain.koko/00] <==== ATTENTION
CHR Extension: (Google Docs hors connexion) - C:\Users\MMC\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2015-09-25]
CHR Extension: (IDM Integration Module) - C:\Users\MMC\AppData\Local\Google\Chrome\User Data\Default\Extensions\jeaohhlajejodfjadcponpnjgkiikocn [2015-02-17]
CHR Extension: (Paiements via le Chrome Web Store) - C:\Users\MMC\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-07-29]
CHR Extension: (Gmail) - C:\Users\MMC\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-09-25]
CHR HKLM\...\Chrome\Extension: [dbhjdbfgekjfcfkkfjjmlmojhbllhbho] - hxxps://chrome.google.com/webstore/detail/dbhjdbfgekjfcfkkfjjmlmojhbllhbho
CHR HKLM-x32\...\Chrome\Extension: [dbhjdbfgekjfcfkkfjjmlmojhbllhbho] - hxxps://chrome.google.com/webstore/detail/dbhjdbfgekjfcfkkfjjmlmojhbllhbho
CHR HKLM-x32\...\Chrome\Extension: [fgbcffenncokfocljomejddmgcpppjom] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [jeaohhlajejodfjadcponpnjgkiikocn] - C:\Program Files (x86)\Internet Download Manager\IDMGCExt.crx [2014-02-05]

==================== Services (Avec liste blanche) ========================

(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)

R2 AVP15.0.1; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 15.0.1\avp.exe [234520 2014-08-30] (Kaspersky Lab ZAO)
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe [69632 2005-11-14] (Macrovision Corporation) [Fichier non signé]
S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.11.163\McCHSvc.exe [289256 2015-07-31] (McAfee, Inc.)
R2 tvnserver; C:\Windows\securitysvc.exe [1690096 2013-07-19] (GlavSoft LLC.)
S2 IHProtect Service; C:\Program Files (x86)\MiuiTab\ProtectService.exe [X]

===================== Pilotes (Avec liste blanche) ==========================

(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)

S3 AndNetDiag; C:\Windows\System32\DRIVERS\lgandnetdiag64.sys [29184 2011-09-06] (LG Electronics Inc.)
S3 ANDNetModem; C:\Windows\System32\DRIVERS\lgandnetmodem64.sys [35840 2011-09-06] (LG Electronics Inc.)
S3 andnetndis; C:\Windows\System32\DRIVERS\lgandnetndis64.sys [93184 2011-09-16] (LG Electronics Inc.)
R3 bcbtums; C:\Windows\System32\drivers\bcbtums.sys [172760 2013-10-02] (Broadcom Corporation.)
R0 cm_km_w; C:\Windows\System32\DRIVERS\cm_km_w.sys [238288 2013-01-14] (Kaspersky Lab UK Ltd)
S3 ebdrv; C:\Windows\system32\drivers\evbda.sys [3286016 2009-06-10] (Broadcom Corporation)
R0 iaStorF; C:\Windows\System32\DRIVERS\iaStorF.sys [28008 2014-04-24] (Intel Corporation)
R0 kl1; C:\Windows\System32\DRIVERS\kl1.sys [468576 2014-03-31] (Kaspersky Lab ZAO)
R2 kldisk; C:\Windows\System32\DRIVERS\kldisk.sys [46144 2014-07-02] (Kaspersky Lab ZAO)
R3 klflt; C:\Windows\System32\DRIVERS\klflt.sys [150536 2015-11-07] (Kaspersky Lab ZAO)
R1 klhk; C:\Windows\System32\DRIVERS\klhk.sys [246456 2014-08-12] (Kaspersky Lab ZAO)
R1 KLIF; C:\Windows\System32\DRIVERS\klif.sys [819896 2015-11-07] (Kaspersky Lab ZAO)
R1 KLIM6; C:\Windows\System32\DRIVERS\klim6.sys [30304 2014-02-25] (Kaspersky Lab ZAO)
R3 klkbdflt; C:\Windows\System32\DRIVERS\klkbdflt.sys [28768 2014-03-28] (Kaspersky Lab ZAO)
R3 klmouflt; C:\Windows\System32\DRIVERS\klmouflt.sys [29280 2013-08-08] (Kaspersky Lab ZAO)
R1 klpd; C:\Windows\System32\DRIVERS\klpd.sys [15456 2013-04-12] (Kaspersky Lab ZAO)
R1 kltdi; C:\Windows\System32\DRIVERS\kltdi.sys [55872 2014-06-05] (Kaspersky Lab ZAO)
R1 Klwtp; C:\Windows\System32\DRIVERS\klwtp.sys [77512 2015-11-07] (Kaspersky Lab ZAO)
R1 kneps; C:\Windows\System32\DRIVERS\kneps.sys [179776 2014-07-09] (Kaspersky Lab ZAO)
R1 lwnfd_1_10_0_14; C:\Windows\System32\drivers\lwnfd_1_10_0_14.sys [58224 2015-04-10] (Link Wiz)
R3 SmbDrvI; C:\Windows\System32\DRIVERS\Smb_driver_Intel.sys [34544 2014-01-31] (Synaptics Incorporated)
S3 IntcAzAudAddService; system32\drivers\RTKVHD64.sys [X]
U4 klkbdflt2; system32\DRIVERS\klkbdflt2.sys [X]

==================== NetSvcs (Avec liste blanche) ===================

(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)


==================== Un mois - Créés - fichiers et dossiers ========

(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)

2015-11-07 22:13 - 2015-11-07 22:14 - 00000000 ____D C:\FRST
2015-11-07 21:59 - 2015-11-07 22:03 - 00000112 _____ C:\Windows\setupact.log
2015-11-07 21:59 - 2015-11-07 21:59 - 00000000 _____ C:\Windows\setuperr.log
2015-11-07 17:00 - 2015-11-07 17:00 - 00001448 _____ C:\Users\MMC\Desktop\UsbFix.lnk
2015-11-07 17:00 - 2015-11-07 17:00 - 00000000 ____D C:\UsbFix
2015-11-07 15:21 - 2015-11-07 15:21 - 00002667 _____ C:\Users\MMC\Desktop\Microsoft Office PowerPoint 2007.lnk
2015-11-07 13:45 - 2015-11-07 13:45 - 00000000 ____D C:\Program Files\Common Files\AV
2015-11-07 12:21 - 2015-11-07 12:21 - 00002303 _____ C:\Users\MMC\Desktop\Protection bancaire.lnk
2015-11-07 12:19 - 2015-11-07 12:19 - 00002053 _____ C:\Users\Public\Desktop\Kaspersky Total Security.lnk
2015-11-07 12:19 - 2015-11-07 12:19 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Kaspersky Total Security
2015-11-07 12:19 - 2013-05-06 09:13 - 00110176 _____ (Kaspersky Lab ZAO) C:\Windows\system32\klfphc.dll
2015-11-07 12:18 - 2015-11-07 22:03 - 00000000 ____D C:\ProgramData\Kaspersky Lab
2015-11-07 12:18 - 2015-11-07 12:18 - 00000000 ____D C:\Windows\ELAMBKUP
2015-11-07 12:18 - 2015-11-07 12:18 - 00000000 ____D C:\Program Files (x86)\Kaspersky Lab
2015-11-07 12:17 - 2014-08-12 18:33 - 00246456 _____ (Kaspersky Lab ZAO) C:\Windows\system32\Drivers\klhk.sys
2015-10-21 18:04 - 2015-10-21 18:04 - 00010866 _____ C:\Users\MMC\Desktop\said.xlsx

==================== Un mois - Modifiés - fichiers et dossiers ========

(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)

2015-11-07 22:14 - 2014-12-11 21:09 - 00000000 ____D C:\Users\MMC\AppData\Roaming\DMCache
2015-11-07 22:11 - 2014-12-11 21:09 - 00000000 ____D C:\Users\MMC\AppData\Roaming\IDM
2015-11-07 22:10 - 2009-07-14 05:45 - 00031088 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-11-07 22:10 - 2009-07-14 05:45 - 00031088 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-11-07 22:08 - 2011-04-12 10:16 - 00704480 _____ C:\Windows\system32\perfh00C.dat
2015-11-07 22:08 - 2011-04-12 10:16 - 00130754 _____ C:\Windows\system32\perfc00C.dat
2015-11-07 22:08 - 2009-07-14 06:13 - 01549700 _____ C:\Windows\system32\PerfStringBackup.INI
2015-11-07 22:06 - 2014-12-11 09:19 - 01055353 _____ C:\Windows\WindowsUpdate.log
2015-11-07 22:03 - 2015-07-29 18:25 - 00001066 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-11-07 22:03 - 2009-07-14 06:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2015-11-07 21:56 - 2014-12-11 09:15 - 00000000 ____D C:\Windows\Panther
2015-11-07 21:42 - 2015-07-29 18:25 - 00001070 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-11-07 16:29 - 2015-05-23 19:06 - 00000000 ____D C:\Program Files\Google
2015-11-07 16:29 - 2014-12-11 10:04 - 00000000 ____D C:\Program Files (x86)\Google
2015-11-07 15:15 - 2014-12-11 10:04 - 00000000 ____D C:\Users\MMC\AppData\Local\Google
2015-11-07 12:38 - 2014-08-20 18:04 - 00819896 _____ (Kaspersky Lab ZAO) C:\Windows\system32\Drivers\klif.sys
2015-11-07 12:38 - 2014-08-18 14:43 - 00150536 _____ (Kaspersky Lab ZAO) C:\Windows\system32\Drivers\klflt.sys
2015-11-07 12:38 - 2014-08-13 19:34 - 00077512 _____ (Kaspersky Lab ZAO) C:\Windows\system32\Drivers\klwtp.sys
2015-11-07 11:32 - 2014-12-11 21:09 - 00000000 ____D C:\Users\MMC\Downloads\Video
2015-11-07 11:29 - 2014-12-11 21:09 - 00000000 ____D C:\Users\MMC\Downloads\Compressed
2015-11-07 11:09 - 2015-07-26 13:08 - 00000000 ____D C:\Program Files (x86)\NeotOCoupoonn
2015-11-07 11:09 - 2014-12-11 10:09 - 00000000 ____D C:\ProgramData\Skype
2015-11-07 11:07 - 2014-12-16 22:53 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2015-11-07 11:06 - 2015-05-20 21:46 - 00000000 ____D C:\Program Files (x86)\Annuaire Djezzy
2015-10-27 13:03 - 2009-07-14 06:08 - 00032482 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2015-10-25 16:50 - 2014-12-11 10:04 - 00002501 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2015-10-23 12:20 - 2015-06-16 13:09 - 00000000 ____D C:\Program Files (x86)\MiuiTab

==================== Fichiers à la racine de certains dossiers =======

2014-09-01 09:18 - 2014-09-01 09:18 - 0001248 _____ () C:\Users\MMC\AppData\Roaming\FMEUD
2014-09-01 09:18 - 2014-09-01 09:18 - 0002086 _____ () C:\Users\MMC\AppData\Roaming\OJEPLM
2015-05-23 18:04 - 2015-05-23 18:04 - 0048203 _____ () C:\ProgramData\1432400668.bdinstall.bin
2014-12-11 09:34 - 2014-12-11 09:34 - 0000000 ____H () C:\ProgramData\DP45977C.lfl

==================== Bamital & volsnap =================

(Il n'y a pas de correction automatique pour les fichiers qui ne satisfont pas à la vérification.)

C:\Windows\system32\winlogon.exe => Le fichier est signé numériquement
C:\Windows\system32\wininit.exe => Le fichier est signé numériquement
C:\Windows\SysWOW64\wininit.exe => Le fichier est signé numériquement
C:\Windows\explorer.exe => Le fichier est signé numériquement
C:\Windows\SysWOW64\explorer.exe => Le fichier est signé numériquement
C:\Windows\system32\svchost.exe => Le fichier est signé numériquement
C:\Windows\SysWOW64\svchost.exe => Le fichier est signé numériquement
C:\Windows\system32\services.exe => Le fichier est signé numériquement
C:\Windows\system32\User32.dll => Le fichier est signé numériquement
C:\Windows\SysWOW64\User32.dll => Le fichier est signé numériquement
C:\Windows\system32\userinit.exe => Le fichier est signé numériquement
C:\Windows\SysWOW64\userinit.exe => Le fichier est signé numériquement
C:\Windows\system32\rpcss.dll => Le fichier est signé numériquement
C:\Windows\system32\dnsapi.dll => Le fichier est signé numériquement
C:\Windows\SysWOW64\dnsapi.dll => Le fichier est signé numériquement
C:\Windows\system32\Drivers\volsnap.sys => Le fichier est signé numériquement


LastRegBack: 2015-10-23 16:21

==================== Fin de FRST.txt ============================

Publicité


Signaler le contenu de ce document

Publicité