cjoint

Publicité


Publicité

Format du document : text/plain

Prévisualisation

Résultats d'analyse de Farbar Recovery Scan Tool (FRST) (x64) Version:04-05-2016
Exécuté par Florentin (administrateur) sur OFLEVER (04-05-2016 23:51:35)
Exécuté depuis C:\Users\Florentin\Desktop
Profils chargés: Florentin (Profils disponibles: Florentin)
Platform: Windows 10 Home (X64) Langue: Français (France)
Internet Explorer Version 11 (Navigateur par défaut: Opera)
Mode d'amorçage: Normal
Tutoriel pour Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processus (Avec liste blanche) =================

(Si un élément est inclus dans le fichier fixlist.txt, le processus sera arrêté. Le fichier ne sera pas déplacé.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Intel Corporation) C:\Windows\System32\DptfParticipantProcessorService.exe
(Intel Corporation) C:\Windows\System32\DptfPolicyConfigTDPService.exe
(Intel Corporation) C:\Windows\System32\DptfPolicyCriticalService.exe
(Intel Corporation) C:\Windows\System32\DptfPolicyLpmService.exe
(ASUS) C:\Program Files\ASUS\P4G\InsOnSrv.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
(Seiko Epson Corporation) C:\Windows\System32\escsvc64.exe
(ASUS Cloud Corporation) C:\Program Files (x86)\ASUS\WebStorage\2.0.3.226\AsusWSWinService.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe
(Atheros) C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe
(ASUS) C:\Program Files\ASUS\P4G\InsOnWMI.exe
(ASUSTek Computer INC.) C:\ProgramData\AsTouchPanel\AsPatchTouchPanel64.exe
(ASUS) C:\Program Files\ASUS\P4G\BatteryLife.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\Splendid\ColorUService.exe
(ASUS) C:\Program Files (x86)\ASUS\Splendid\ACMON.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\KBFiltr.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
() C:\Windows\System32\igfxTray.exe
(Intel Corporation) C:\Windows\System32\DptfPolicyLpmServiceHelper.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(© 2015 Microsoft Corporation) C:\Users\Florentin\AppData\Local\Microsoft\BingSvc\BingSvc.exe
(Microsoft Corporation) C:\Windows\System32\StikyNot.exe
(CyberLink Corp.) C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe
(WildTangent) C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPLoader.exe
(ASUS Cloud Corporation) C:\Program Files (x86)\ASUS\WebStorage\2.0.3.226\AsusWSPanel.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(Opera Software) C:\Program Files (x86)\Opera\34.0.2036.39\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\34.0.2036.39\opera_crashreporter.exe
(AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPCenter.exe
(Opera Software) C:\Program Files (x86)\Opera\34.0.2036.39\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\34.0.2036.39\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\34.0.2036.39\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\34.0.2036.39\opera.exe
(AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPHelper.exe
(Microsoft Corporation) C:\Windows\System32\wuapihost.exe
(Microsoft Corporation) C:\Windows\System32\InstallAgent.exe
(Opera Software) C:\Program Files (x86)\Opera\34.0.2036.39\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\34.0.2036.39\opera.exe


==================== Registre (Avec liste blanche) ===========================

(Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé. Le fichier ne sera pas déplacé.)

HKLM\...\Run: [DptfPolicyLpmServiceHelper] => C:\WINDOWS\system32\DptfPolicyLpmServiceHelper.exe [111976 2013-09-11] (Intel Corporation)
HKLM\...\Run: [IgfxTray] => C:\Windows\system32\igfxtray.exe [405432 2015-10-14] ()
HKLM\...\Run: [HotKeysCmds] => "C:\Windows\system32\hkcmd.exe"
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2771576 2015-12-09] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => C:\WINDOWS\system32\rundll32.exe C:\WINDOWS\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM-x32\...\Run: [ASUSPRP] => C:\Program Files (x86)\ASUS\APRP\APRP.EXE [3216032 2013-12-13] (ASUSTek Computer Inc.)
HKLM-x32\...\Run: [WebStorage] => C:\Program Files (x86)\ASUS\WebStorage\2.0.3.226\ASUSWSLoader.exe [63296 2013-08-16] ()
HKLM-x32\...\Run: [RemoteControl10] => C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe [95192 2013-03-08] (CyberLink Corp.)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [6133520 2015-11-07] (AVAST Software)
HKLM\...\Policies\Explorer\Run: [BtvStack] => C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe
HKU\S-1-5-21-647766365-3863167265-2625791372-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [3013712 2015-12-14] (Valve Corporation)
HKU\S-1-5-21-647766365-3863167265-2625791372-1001\...\Run: [BingSvc] => C:\Users\Florentin\AppData\Local\Microsoft\BingSvc\BingSvc.exe [144008 2015-11-12] (© 2015 Microsoft Corporation)
HKU\S-1-5-21-647766365-3863167265-2625791372-1001\...\Run: [EADM] => C:\Program Files (x86)\Origin\Origin.exe [3639280 2016-05-04] (Electronic Arts)
HKU\S-1-5-21-647766365-3863167265-2625791372-1001\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [51662464 2016-04-08] (Skype Technologies S.A.)
HKU\S-1-5-21-647766365-3863167265-2625791372-1001\...\Run: [RESTART_STICKY_NOTES] => C:\Windows\System32\StikyNot.exe [465920 2015-09-10] (Microsoft Corporation)
HKU\S-1-5-21-647766365-3863167265-2625791372-1001\...\RunOnce: [Uninstall C:\Users\Florentin\AppData\Local\Microsoft\OneDrive\17.3.5892.0626_1\amd64] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Florentin\AppData\Local\Microsoft\OneDrive\17.3.5892.0626_1\amd64"
HKU\S-1-5-21-647766365-3863167265-2625791372-1001\...\RunOnce: [Uninstall C:\Users\Florentin\AppData\Local\Microsoft\OneDrive\17.3.5951.0827\amd64] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Florentin\AppData\Local\Microsoft\OneDrive\17.3.5951.0827\amd64"
HKU\S-1-5-21-647766365-3863167265-2625791372-1001\...\RunOnce: [Uninstall C:\Users\Florentin\AppData\Local\Microsoft\OneDrive\17.3.6201.1019\amd64] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Florentin\AppData\Local\Microsoft\OneDrive\17.3.6201.1019\amd64"
ShellIconOverlayIdentifiers: [!AsusWSShellExt_B] -> {6D4133E5-0742-4ADC-8A8C-9303440F7191} => C:\Program Files (x86)\Common Files\AWS\2.0.3.226\ASUSWSShellExt64.dll [2013-06-26] (ASUS Cloud Corporation.)
ShellIconOverlayIdentifiers: [!AsusWSShellExt_O] -> {64174815-8D98-4CE6-8646-4C039977D809} => C:\Program Files (x86)\Common Files\AWS\2.0.3.226\ASUSWSShellExt64.dll [2013-06-26] (ASUS Cloud Corporation.)
ShellIconOverlayIdentifiers: [!AsusWSShellExt_U] -> {1C5AB7B1-0B38-4EC4-9093-7FD277E2AF4E} => C:\Program Files (x86)\Common Files\AWS\2.0.3.226\ASUSWSShellExt64.dll [2013-06-26] (ASUS Cloud Corporation.)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2015-09-20] (AVAST Software)

==================== Internet (Avec liste blanche) ====================

(Si un élément est inclus dans le fichier fixlist.txt, s'il s'agit d'un élément du Registre, il sera supprimé ou restauré à la valeur par défaut.)

Tcpip\Parameters: [DhcpNameServer] 212.27.40.241 212.27.40.240
Tcpip\..\Interfaces\{bebede66-e051-45eb-bfd2-a1b1d200b72f}: [DhcpNameServer] 212.27.40.241 212.27.40.240

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = www.google.com
HKU\S-1-5-21-647766365-3863167265-2625791372-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://fr.yahoo.com/?fr=yset_ie_syc_oracle&type=orcl_hpset
SearchScopes: HKU\S-1-5-21-647766365-3863167265-2625791372-1001 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?FORM=SK2MDF&PC=SK2M&q={searchTerms}&src=IE-SearchBox
SearchScopes: HKU\S-1-5-21-647766365-3863167265-2625791372-1001 -> {0590015A-9D4C-4173-91F6-5C2E5DDEABFC} URL = hxxps://fr.search.yahoo.com/search?p={searchTerms}&fr=yset_ie_syc_oracle&type=orcl_default
SearchScopes: HKU\S-1-5-21-647766365-3863167265-2625791372-1001 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?FORM=SK2MDF&PC=SK2M&q={searchTerms}&src=IE-SearchBox
SearchScopes: HKU\S-1-5-21-647766365-3863167265-2625791372-1001 -> {F99CFC26-B961-4E32-AEC9-2A460E4D2A20} URL = hxxps://fr.search.yahoo.com/search?fr=mcafee&type=C011FR885D20150730&p={searchTerms}
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll [2015-12-30] (Oracle Corporation)
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2015-09-20] (AVAST Software)
BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2016-01-08] (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll [2015-12-30] (Oracle Corporation)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2015-09-20] (AVAST Software)
BHO-x32: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2016-01-08] (Microsoft Corporation)
Handler: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll [2015-12-02] (McAfee, Inc.)
Handler-x32: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll [2015-12-02] (McAfee, Inc.)
Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll [2015-12-02] (McAfee, Inc.)
Handler-x32: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll [2015-12-02] (McAfee, Inc.)
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2016-01-08] (Microsoft Corporation)
Handler-x32: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2016-01-08] (Microsoft Corporation)
StartMenuInternet: IEXPLORE.EXE - iexplore.exe

FireFox:
========
FF Plugin: @java.com/DTPlugin,version=10.79.2 -> C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll [2015-12-30] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.79.2 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll [2015-12-30] (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.41212.0\npctrl.dll [2015-12-12] ( Microsoft Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-10-23] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-10-23] (Intel Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.41212.0\npctrl.dll [2015-12-12] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-05-04] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-05-04] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.2.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll [Pas de fichier]
FF HKLM\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files (x86)\McAfee\SiteAdvisor\saffplg.xpi
FF Extension: McAfee WebAdvisor - C:\Program Files (x86)\McAfee\SiteAdvisor\saffplg.xpi [2015-11-23]
FF HKLM-x32\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files (x86)\McAfee\SiteAdvisor\saffplg.xpi
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2015-12-11]

Chrome:
=======
CHR DefaultSearchURL: Default -> hxxps://fr.search.yahoo.com/search?p={searchTerms}&fr=yset_chr_syc_oracle&type=orcl_default
CHR DefaultSearchKeyword: Default -> Yahoo
CHR DefaultSuggestURL: Default -> hxxps://fr.search.yahoo.com/sugg/ie?output=fxjson&command={searchTerms}&nResults=10
CHR Profile: C:\Users\Florentin\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Slides) - C:\Users\Florentin\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-09-20]
CHR Extension: (Google Docs) - C:\Users\Florentin\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-10-11]
CHR Extension: (Google Drive) - C:\Users\Florentin\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-12-18]
CHR Extension: (YouTube) - C:\Users\Florentin\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-10-11]
CHR Extension: (Recherche Google) - C:\Users\Florentin\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-12-18]
CHR Extension: (Google Sheets) - C:\Users\Florentin\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2016-01-25]
CHR Extension: (SiteAdvisor) - C:\Users\Florentin\AppData\Local\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho [2015-09-20]
CHR Extension: (Google Docs hors connexion) - C:\Users\Florentin\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2015-12-18]
CHR Extension: (Avast Online Security) - C:\Users\Florentin\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2015-12-18]
CHR Extension: (Paiements via le Chrome Web Store) - C:\Users\Florentin\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-10-11]
CHR Extension: (Yahoo Web) - C:\Users\Florentin\AppData\Local\Google\Chrome\User Data\Default\Extensions\npdicihegicnhaangkdmcgbjceoemeoo [2016-01-25]
CHR Extension: (Gmail) - C:\Users\Florentin\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-10-11]
CHR HKLM\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] - C:\Program Files (x86)\McAfee\SiteAdvisor\McChPlg.crx [2015-12-18]
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChromeSp.crx [2015-09-20]
CHR HKLM-x32\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] - C:\Program Files (x86)\McAfee\SiteAdvisor\McChPlg.crx [2015-12-18]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2015-09-20]
CHR HKLM-x32\...\Chrome\Extension: [npdicihegicnhaangkdmcgbjceoemeoo] - hxxps://clients2.google.com/service/update2/crx

Opera:
=======
OPR Extension: (Reverse Image Search) - C:\Users\Florentin\AppData\Roaming\Opera Software\Opera Stable\Extensions\eimlnkealmbcbkmhihgedbiojljmelnp [2015-09-08]

==================== Services (Avec liste blanche) ========================

(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)

R2 ASUS InstantOn; C:\Program Files\ASUS\P4G\InsOnSrv.exe [277120 2013-08-29] (ASUS)
R2 Asus WebStorage Windows Service; C:\Program Files (x86)\ASUS\WebStorage\2.0.3.226\AsusWSWinService.exe [71680 2013-08-16] (ASUS Cloud Corporation) [Fichier non signé]
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [146600 2015-09-20] (AVAST Software)
S3 AvastVBoxSvc; C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe [4048280 2015-09-20] (Avast Software)
R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1433216 2016-01-08] (Microsoft Corporation)
R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1773696 2016-01-08] (Microsoft Corporation)
R2 DptfParticipantProcessorService; C:\Windows\system32\DptfParticipantProcessorService.exe [115632 2013-09-11] (Intel Corporation)
R2 DptfPolicyConfigTDPService; C:\Windows\system32\DptfPolicyConfigTDPService.exe [116656 2013-09-11] (Intel Corporation)
R2 DptfPolicyCriticalService; C:\Windows\system32\DptfPolicyCriticalService.exe [148688 2013-09-11] (Intel Corporation)
R2 DptfPolicyLpmService; C:\Windows\system32\DptfPolicyLpmService.exe [124880 2013-09-11] (Intel Corporation)
R2 EpsonScanSvc; C:\WINDOWS\system32\EscSvc64.exe [144560 2012-05-17] (Seiko Epson Corporation)
R2 GamesAppIntegrationService; C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe [227936 2013-11-09] (WildTangent)
R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1156216 2015-12-09] (NVIDIA Corporation)
R2 igfxCUIService2.0.0.0; C:\Windows\system32\igfxCUIService.exe [361376 2015-10-14] (Intel Corporation)
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [827392 2013-09-02] (Intel(R) Corporation) [Fichier non signé]
R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [131544 2013-10-23] (Intel Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-10-23] (Intel Corporation)
S2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1135416 2015-10-05] (Malwarebytes)
S3 McAfee SiteAdvisor Service; C:\Program Files (x86)\McAfee\SiteAdvisor\McSACore.exe [157928 2015-12-02] (McAfee, Inc.)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1872504 2015-12-09] (NVIDIA Corporation)
R3 NvStreamNetworkSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe [8185464 2015-12-09] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe [6477432 2015-12-09] (NVIDIA Corporation)
S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2120712 2016-05-04] (Electronic Arts)
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [6889232 2015-12-14] (TeamViewer GmbH)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [362928 2015-07-10] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [24864 2015-07-10] (Microsoft Corporation)
R2 ZAtheros Bt and Wlan Coex Agent; C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe [323584 2013-11-28] (Atheros) [Fichier non signé]

===================== Pilotes (Avec liste blanche) ==========================

(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)

R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [28656 2015-09-20] (AVAST Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [90968 2015-09-20] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93528 2015-09-20] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65224 2015-09-20] (AVAST Software)
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1059656 2015-11-07] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [449992 2015-11-07] (AVAST Software)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [153744 2015-09-20] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [274808 2015-09-20] (AVAST Software)
R3 athr; C:\Windows\System32\drivers\athw10x.sys [4334232 2015-10-14] (Qualcomm Atheros Communications, Inc.)
R3 ATP; C:\Windows\System32\drivers\AsusTP.sys [101368 2015-09-23] (ASUS Corporation)
R3 DptfDevDram; C:\Windows\system32\DRIVERS\DptfDevDram.sys [143568 2013-09-11] (Intel Corporation)
R3 DptfDevPch; C:\Windows\system32\DRIVERS\DptfDevPch.sys [114680 2013-09-11] (Intel Corporation)
R3 DptfDevProc; C:\Windows\system32\DRIVERS\DptfDevProc.sys [287160 2013-09-11] (Intel Corporation)
R3 DptfManager; C:\Windows\system32\DRIVERS\DptfManager.sys [494272 2013-09-11] (Intel Corporation)
S3 HPMoA407; C:\Windows\System32\drivers\HPMoA407.sys [25088 2011-10-31] (Hewlett-Packard.)
S3 HPubA407; C:\Windows\System32\Drivers\HPubA407.sys [18944 2012-06-14] (Hewlett-Packard.)
R3 kbfiltr; C:\Windows\System32\drivers\kbfiltr.sys [17280 2012-08-06] ( )
R3 MBAMProtector; C:\WINDOWS\system32\drivers\mbam.sys [25816 2015-10-05] (Malwarebytes)
S3 MBAMSwissArmy; C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [192216 2015-11-07] (Malwarebytes)
S3 MBAMWebAccessControl; C:\WINDOWS\system32\drivers\mwac.sys [64216 2015-10-05] (Malwarebytes Corporation)
R3 MEIx64; C:\Windows\system32\DRIVERS\TeeDriverx64.sys [99288 2013-10-23] (Intel Corporation)
S0 mfeelamk; C:\Windows\System32\drivers\mfeelamk.sys [80920 2015-07-02] (McAfee, Inc.)
S3 mfesapsn; C:\Program Files (x86)\McAfee\SiteAdvisor\x64\mfesapsn.sys [37960 2015-12-02] (McAfee, Inc.)
R0 ngvss; C:\Windows\System32\Drivers\ngvss.sys [132656 2015-09-20] (AVAST Software)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [19576 2015-12-09] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [50472 2015-08-11] (NVIDIA Corporation)
R2 plctrl; C:\Program Files\ASUS\P4G\plctrl.sys [14136 2013-08-29] (Windows (R) Win 7 DDK provider)
R3 rt640x64; C:\Windows\System32\drivers\rt640x64.sys [895256 2015-10-14] (Realtek )
R3 RTSPER; C:\Windows\system32\DRIVERS\RtsPer.sys [751632 2015-10-14] (Realsil Semiconductor Corporation)
S3 UdeCx; C:\Windows\System32\drivers\udecx.sys [44032 2015-07-10] ()
R2 VBoxAswDrv; C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxAswDrv.sys [274336 2015-09-20] (Avast Software)
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44568 2015-07-10] (Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [291680 2015-07-10] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [119648 2015-07-10] (Microsoft Corporation)
S3 wfpcapture; \SystemRoot\System32\drivers\wfpcapture.sys [X]

==================== NetSvcs (Avec liste blanche) ===================

(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)


==================== Un mois - Créés - fichiers et dossiers ========

(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)

2016-05-04 23:51 - 2016-05-04 23:52 - 00026694 _____ C:\Users\Florentin\Desktop\FRST.txt
2016-05-04 23:51 - 2016-05-04 23:51 - 00000000 ____D C:\FRST
2016-05-04 23:50 - 2016-05-04 23:51 - 02377216 _____ (Farbar) C:\Users\Florentin\Desktop\FRST64.exe
2016-05-04 23:32 - 2016-05-04 23:32 - 00016148 _____ C:\WINDOWS\system32\OFLEVER_Florentin_HistoryPrediction.bin

==================== Un mois - Modifiés - fichiers et dossiers ========

(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)

2016-05-04 23:47 - 2015-12-18 19:37 - 00003980 _____ C:\WINDOWS\System32\Tasks\Opera scheduled Autoupdate 1438208654
2016-05-04 23:47 - 2015-07-30 00:23 - 00000000 ____D C:\Program Files (x86)\Opera
2016-05-04 23:46 - 2015-07-30 00:01 - 00000074 _____ C:\Users\Florentin\AppData\Roaming\sp_data.sys
2016-05-04 23:42 - 2015-08-24 19:02 - 00000000 ____D C:\Users\Florentin\AppData\Roaming\Skype
2016-05-04 23:38 - 2015-10-15 20:54 - 00000000 ____D C:\ProgramData\ASUS Smart Gesture
2016-05-04 23:38 - 2015-10-08 19:47 - 00000000 ____D C:\ProgramData\Origin
2016-05-04 23:38 - 2015-10-08 19:47 - 00000000 ____D C:\Program Files (x86)\Origin
2016-05-04 23:38 - 2015-08-24 19:02 - 00000000 ___RD C:\Program Files (x86)\Skype
2016-05-04 23:38 - 2015-08-24 19:02 - 00000000 ____D C:\ProgramData\Skype
2016-05-04 23:37 - 2015-09-20 22:42 - 00001088 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2016-05-04 23:36 - 2015-08-16 23:12 - 00000000 ____D C:\Program Files (x86)\Steam
2016-05-04 23:33 - 2015-10-15 20:54 - 00000000 __SHD C:\Users\Florentin\IntelGraphicsProfiles
2016-05-04 23:33 - 2015-10-14 23:05 - 00000180 _____ C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2016-05-04 23:32 - 2015-10-14 22:06 - 00000000 ____D C:\Users\Florentin
2016-05-04 23:31 - 2015-09-20 22:42 - 00001092 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2016-05-04 23:31 - 2015-07-30 23:52 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2016-05-04 23:31 - 2015-07-30 23:49 - 00267232 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2016-05-04 23:31 - 2015-07-30 02:01 - 00001064 _____ C:\WINDOWS\Tasks\Adobe Flash Player PPAPI Notifier.job
2016-05-04 23:31 - 2015-07-30 02:01 - 00001002 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2016-05-04 23:14 - 2015-07-31 00:42 - 00000000 ____D C:\WINDOWS\AppReadiness
2016-05-04 23:14 - 2015-07-30 02:01 - 00004146 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player PPAPI Notifier
2016-05-04 23:14 - 2015-07-30 02:01 - 00003988 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater
2016-05-04 23:13 - 2016-01-21 00:13 - 20355776 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerInstaller.exe
2016-05-04 23:11 - 2015-07-31 00:42 - 00000000 ___HD C:\Program Files\WindowsApps
2016-05-04 23:09 - 2015-09-20 22:42 - 00004150 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2016-05-04 23:09 - 2015-09-20 22:42 - 00003918 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
2016-05-04 23:02 - 2015-12-05 22:02 - 00000935 _____ C:\WINDOWS\Tasks\EPSON XP-422 423 425 Series Update {6643ED41-52DE-451B-BB78-8C5DBB033BB5}.job
2016-05-04 23:01 - 2015-07-31 00:25 - 00000000 ____D C:\WINDOWS\CbsTemp
2016-05-04 22:58 - 2015-07-30 00:58 - 00003544 _____ C:\WINDOWS\System32\Tasks\ASUS Live Update1
2016-05-04 22:58 - 2015-07-30 00:58 - 00003534 _____ C:\WINDOWS\System32\Tasks\ASUS Live Update2
2016-05-04 22:56 - 2015-11-29 13:56 - 00000935 _____ C:\WINDOWS\Tasks\EPSON XP-422 423 425 Series Update {67A3C5F9-06A5-453D-B172-448A208398F7}.job
2016-05-04 22:50 - 2015-10-27 23:07 - 00004168 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{37D4FED5-7A14-4560-AA31-3186AA0AF2E2}

==================== Fichiers à la racine de certains dossiers =======

2015-11-04 23:04 - 2015-11-04 23:04 - 0000061 _____ () C:\Users\Florentin\AppData\Roaming\Camdata.ini
2015-11-04 23:04 - 2015-11-04 23:04 - 0000408 _____ () C:\Users\Florentin\AppData\Roaming\CamLayout.ini
2015-11-04 23:04 - 2015-11-04 23:04 - 0000408 _____ () C:\Users\Florentin\AppData\Roaming\CamShapes.ini
2015-11-04 23:04 - 2015-11-04 23:04 - 0004549 _____ () C:\Users\Florentin\AppData\Roaming\CamStudio.cfg
2015-08-16 23:09 - 2016-01-09 21:36 - 0000117 _____ () C:\Users\Florentin\AppData\Roaming\D2Info0
2015-08-16 23:09 - 2016-01-09 22:34 - 0000008 _____ () C:\Users\Florentin\AppData\Roaming\DofusAppId0_1
2015-08-20 01:08 - 2015-12-08 23:47 - 0000000 _____ () C:\Users\Florentin\AppData\Roaming\DofusAppId0_2
2015-08-31 21:52 - 2016-01-08 22:43 - 0000008 _____ () C:\Users\Florentin\AppData\Roaming\DofusAppId0_3
2015-10-16 19:34 - 2016-01-09 22:33 - 0000008 _____ () C:\Users\Florentin\AppData\Roaming\DofusAppId0_4
2015-10-16 19:35 - 2015-10-16 19:36 - 0000008 _____ () C:\Users\Florentin\AppData\Roaming\DofusAppId0_5
2015-07-30 00:01 - 2016-05-04 23:46 - 0000074 _____ () C:\Users\Florentin\AppData\Roaming\sp_data.sys
2015-08-13 19:33 - 2015-08-13 19:33 - 0000036 _____ () C:\Users\Florentin\AppData\Roaming\SuYZkvrV.tmp
2015-10-22 22:07 - 2015-10-22 22:08 - 0001167 _____ () C:\Users\Florentin\AppData\Roaming\trace_FilterInstaller.1.txt
2015-10-22 22:07 - 2015-12-30 23:25 - 0000905 _____ () C:\Users\Florentin\AppData\Roaming\trace_FilterInstaller.txt
2015-10-22 22:07 - 2015-12-30 23:25 - 0000000 _____ () C:\Users\Florentin\AppData\Roaming\trace_FilterInstaller.txt-CRT.txt
2015-11-04 23:03 - 2015-11-04 23:03 - 0000096 _____ () C:\Users\Florentin\AppData\Roaming\version2.xml
2015-04-19 14:20 - 2015-04-19 14:20 - 0005872 _____ () C:\Users\Florentin\AppData\Roaming\wS5DTnFoslw9LQujn8lv
2015-10-14 22:02 - 2015-10-14 22:02 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
2013-12-13 06:09 - 2012-09-07 13:40 - 0000256 _____ () C:\ProgramData\SetStretch.cmd
2013-12-13 06:09 - 2009-07-22 12:04 - 0024576 _____ () C:\ProgramData\SetStretch.exe
2013-12-13 06:09 - 2012-09-07 13:37 - 0000103 _____ () C:\ProgramData\SetStretch.VBS

Fichiers à déplacer ou supprimer:
====================
C:\Users\Florentin\ZHPDiag3.exe


==================== Bamital & volsnap =================

(Il n'y a pas de correction automatique pour les fichiers qui ne satisfont pas à la vérification.)

C:\WINDOWS\system32\winlogon.exe => Le fichier est signé numériquement
C:\WINDOWS\system32\wininit.exe => Le fichier est signé numériquement
C:\WINDOWS\explorer.exe => Le fichier est signé numériquement
C:\WINDOWS\SysWOW64\explorer.exe => Le fichier est signé numériquement
C:\WINDOWS\system32\svchost.exe => Le fichier est signé numériquement
C:\WINDOWS\SysWOW64\svchost.exe => Le fichier est signé numériquement
C:\WINDOWS\system32\services.exe => Le fichier est signé numériquement
C:\WINDOWS\system32\User32.dll => Le fichier est signé numériquement
C:\WINDOWS\SysWOW64\User32.dll => Le fichier est signé numériquement
C:\WINDOWS\system32\userinit.exe => Le fichier est signé numériquement
C:\WINDOWS\SysWOW64\userinit.exe => Le fichier est signé numériquement
C:\WINDOWS\system32\rpcss.dll => Le fichier est signé numériquement
C:\WINDOWS\system32\dnsapi.dll => Le fichier est signé numériquement
C:\WINDOWS\SysWOW64\dnsapi.dll => Le fichier est signé numériquement
C:\WINDOWS\system32\Drivers\volsnap.sys => Le fichier est signé numériquement


LastRegBack: 2016-01-21 21:01

==================== Fin de FRST.txt ============================

Publicité


Signaler le contenu de ce document

Publicité