cjoint

Publicité


Publicité

Format du document : text/plain

Prévisualisation

Résultats d'analyse de Farbar Recovery Scan Tool (FRST) (x86) Version:10-06-2016
Exécuté par Christophe (administrateur) sur PC-DE-CHRISTOPH (11-06-2016 07:45:25)
Exécuté depuis C:\Users\Christophe\Desktop
Profils chargés: Christophe (Profils disponibles: Christophe)
Platform: Microsoft® Windows Vista™ Édition Familiale Premium Service Pack 2 (X86) Langue: Français (France)
Internet Explorer Version 9 (Navigateur par défaut: Chrome)
Mode d'amorçage: Normal
Tutoriel pour Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processus (Avec liste blanche) =================

(Si un élément est inclus dans le fichier fixlist.txt, le processus sera arrêté. Le fichier ne sera pas déplacé.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(IDT, Inc.) C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_a7e996cd\stacsv.exe
(Microsoft Corporation) C:\Windows\System32\SLsvc.exe
(Hewlett-Packard Corporation) C:\Windows\System32\hpservice.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(AVAST Software) C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
(Andrea Electronics Corporation) C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_a7e996cd\AEstSrv.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Teruten) C:\Windows\System32\FsUsbExService.Exe
(Aladdin Knowledge Systems Ltd.) C:\Windows\System32\hasplms.exe
(Hewlett-Packard Company) C:\Program Files\Common Files\LightScribe\LSSrvc.exe
() C:\Program Files\HP\QuickPlay\Kernel\TV\QPCapSvc.exe
() C:\Program Files\HP\QuickPlay\Kernel\TV\QPSched.exe
() C:\Windows\SMINST\BLService.exe
(Avast Software) C:\Program Files\Alwil Software\Avast5\ng\vbox\AvastVBoxSVC.exe
(Synaptics, Inc.) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MSASCui.exe
( Hewlett-Packard Development Company, L.P.) C:\Program Files\Hewlett-Packard\HP QuickTouch\HPKBDAPP.exe
( Hewlett-Packard Development Company, L.P.) C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QLBCTRL.exe
(CyberLink Corp.) C:\Program Files\HP\QuickPlay\QPService.exe
(Nuance Communications, Inc.) C:\Program Files\ScanSoft\PaperPort\pptd40nt.exe
(Microsoft Corporation) C:\Windows\System32\wbem\unsecapp.exe
(Brother Industries, Ltd.) C:\Program Files\Brother\Brmfcmon\BrMfcWnd.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\sttray.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Hewlett-Packard) C:\Program Files\Hewlett-Packard\HP Health Check\HPHC_Service.exe
(Brother Industries, Ltd.) C:\Program Files\Brother\Brmfcmon\BrMfimon.exe
(Synaptics, Inc.) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files\Hewlett-Packard\Shared\hpqWmiEx.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe
(Microsoft Corporation) C:\Windows\System32\wuauclt.exe
(Microsoft Corporation) C:\Windows\System32\conime.exe


==================== Registre (Avec liste blanche) ===========================

(Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé. Le fichier ne sera pas déplacé.)

HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [1033512 2008-01-18] (Synaptics, Inc.)
HKLM\...\Run: [Windows Defender] => C:\Program Files\Windows Defender\MSASCui.exe [1008184 2008-01-21] (Microsoft Corporation)
HKLM\...\Run: [OnScreenDisplay] => C:\Program Files\Hewlett-Packard\HP QuickTouch\HPKBDAPP.exe [554288 2007-11-01] ( Hewlett-Packard Development Company, L.P.)
HKLM\...\Run: [QlbCtrl.exe] => C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe [202032 2008-03-14] ( Hewlett-Packard Development Company, L.P.)
HKLM\...\Run: [QPService] => C:\Program Files\HP\QuickPlay\QPService.exe [468264 2008-06-25] (CyberLink Corp.)
HKLM\...\Run: [HP Health Check Scheduler] => c:\Program Files\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe [75008 2008-10-09] (Hewlett-Packard)
HKLM\...\Run: [SSBkgdUpdate] => C:\Program Files\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe [210472 2006-10-25] (Nuance Communications, Inc.)
HKLM\...\Run: [PaperPort PTD] => C:\Program Files\ScanSoft\PaperPort\pptd40nt.exe [29984 2008-07-10] (Nuance Communications, Inc.)
HKLM\...\Run: [IndexSearch] => C:\Program Files\ScanSoft\PaperPort\IndexSearch.exe [46368 2008-07-10] (Nuance Communications, Inc.)
HKLM\...\Run: [PPort11reminder] => "C:\Program Files\ScanSoft\PaperPort\Ereg\Ereg.exe" -r "C:\ProgramData\ScanSoft\PaperPort\11\Config\Ereg\Ereg.ini"
HKLM\...\Run: [BrMfcWnd] => C:\Program Files\Brother\Brmfcmon\BrMfcWnd.exe [1089536 2008-02-19] (Brother Industries, Ltd.)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\Alwil Software\Avast5\AvastUI.exe [6111312 2015-11-06] (AVAST Software)
HKLM\...\Run: [SysTrayApp] => C:\Program Files\IDT\WDM\sttray.exe [442467 2008-06-27] (IDT, Inc.)
HKLM\...\Run: [NvCplDaemon] => RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
HKLM\...\Run: [NvMediaCenter] => RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
HKLM\...\Run: [Adobe ARM] => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1021128 2014-12-03] (Adobe Systems Incorporated)
HKU\S-1-5-21-2917768417-143092652-2065364547-1000\...\RunOnce: [Adobe Speed Launcher] => 1465623583
HKU\S-1-5-21-2917768417-143092652-2065364547-1000\...\MountPoints2: R - R:\INSTALLE.EXE
HKU\S-1-5-21-2917768417-143092652-2065364547-1000\...\MountPoints2: V - V:\CDSecuriteIncendie_install.exe
HKU\S-1-5-21-2917768417-143092652-2065364547-1000\...\MountPoints2: {0d5bd820-54bd-11de-ad7a-001eece6a5c3} - G:\LaunchU3.exe -a
HKU\S-1-5-21-2917768417-143092652-2065364547-1000\...\MountPoints2: {0edbf0cd-2599-11de-89f0-001eece6a5c3} - C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL AdobeR.exe e
HKU\S-1-5-21-2917768417-143092652-2065364547-1000\...\MountPoints2: {3a7a4e05-6218-11de-97ab-001eece6a5c3} - G:\LaunchU3.exe -a
HKU\S-1-5-21-2917768417-143092652-2065364547-1000\...\MountPoints2: {d53bb5c5-0954-11de-9f52-001eece6a5c3} - G:\setupSNK.exe
HKU\S-1-5-21-2917768417-143092652-2065364547-1000\...409d6c4515e9\InprocServer32: [Default-shell32] <==== ATTENTION
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Alwil Software\Avast5\ashShell.dll [2015-08-08] (AVAST Software)
ShellIconOverlayIdentifiers: [AutoCAD Digital Signatures Icon Overlay Handler] -> {36A21736-36C2-4C11-8ACB-D4136F2B57BD} => C:\Windows\system32\AcSignIcon.dll [2007-02-12] (Autodesk, Inc.)

==================== Internet (Avec liste blanche) ====================

(Si un élément est inclus dans le fichier fixlist.txt, s'il s'agit d'un élément du Registre, il sera supprimé ou restauré à la valeur par défaut.)

ProxyEnable: [.DEFAULT] => Proxy est activé.
ProxyServer: [.DEFAULT] => http=127.0.0.1:63840;https=127.0.0.1:63840
AutoConfigURL: [.DEFAULT] => http=127.0.0.1:63840;https=127.0.0.1:63840
Winsock: Catalog5 08 C:\Program Files\Bonjour\mdnsNSP.dll [121704 2011-08-30] (Apple Inc.)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1 192.168.1.1
Tcpip\..\Interfaces\{39EB0582-A156-47CE-9833-0FCDD1DA993B}: [DhcpNameServer] 192.168.1.1 192.168.1.1
Tcpip\..\Interfaces\{BE5860C4-8062-46E4-A8BC-9B879EFB330D}: [NameServer] 8.8.8.8,8.8.4.4,4.2.2.1,4.2.2.2,208.67.222.222,208.67.220.220,8.26.56.26,8.20.247.20,156.154.70.1,156.154.71.1

Internet Explorer:
==================
SearchScopes: HKU\S-1-5-21-2917768417-143092652-2065364547-1000 -> DefaultScope {78AC76A5-9F45-4C2F-B5CC-5C3F05635EC8} URL = hxxps://www.google.com/search?q={searchTerms}
SearchScopes: HKU\S-1-5-21-2917768417-143092652-2065364547-1000 -> {012E1000-F331-11DB-8314-0800200C9A66} URL = hxxp://www.google.com/search?q={searchTerms}
SearchScopes: HKU\S-1-5-21-2917768417-143092652-2065364547-1000 -> {78AC76A5-9F45-4C2F-B5CC-5C3F05635EC8} URL = hxxps://www.google.com/search?q={searchTerms}
BHO: PDFXChange 4.0 -> {42DFA04F-0F16-418e-B80C-AB97A5AFAD39} -> C:\Program Files\Tracker Software\PDF-XChange 4\PXCIEAddin4.dll [2011-09-16] (Tracker Softaware)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_25\bin\ssv.dll [2014-11-11] (Oracle Corporation)
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll [2015-08-08] (AVAST Software)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_25\bin\jp2ssv.dll [2014-11-11] (Oracle Corporation)
Toolbar: HKLM - PDFXChange 4.0 - {42DFA04F-0F16-418e-B80C-AB97A5AFAD39} - C:\Program Files\Tracker Software\PDF-XChange 4\PXCIEAddin4.dll [2011-09-16] (Tracker Softaware)
DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll [2013-02-26] (Skype Technologies)

FireFox:
========
FF ProfilePath: C:\Users\Christophe\AppData\Roaming\Mozilla\Firefox\Profiles\txd2fmqg.default
FF Plugin: @adobe.com/ShockwavePlayer -> C:\Windows\system32\Adobe\Director\np32dsw_1202122.dll [2013-04-03] (Adobe Systems, Inc.)
FF Plugin: @Apple.com/iTunes,version=1.0 -> C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll [2013-10-01] ()
FF Plugin: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\npPDFXCviewNPPlugin.dll [2000-01-01] (Tracker Software Products Ltd.)
FF Plugin: @Google.com/GoogleEarthPlugin -> C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll [2015-05-21] (Google)
FF Plugin: @java.com/DTPlugin,version=11.25.2 -> C:\Program Files\Java\jre1.8.0_25\bin\dtplugin\npDeployJava1.dll [2014-11-11] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.25.2 -> C:\Program Files\Java\jre1.8.0_25\bin\plugin2\npjp2.dll [2014-11-11] (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-13] ( Microsoft Corporation)
FF Plugin: @microsoft.com/WPF,version=3.5 -> c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll [2008-07-30] (Microsoft Corporation)
FF Plugin: @pack.google.com/Google Updater;version=13 -> C:\Program Files\Google\Google Updater\2.4.1536.6592\npCIDetect13.dll [2009-03-26] (Google)
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.30.3\npGoogleUpdate3.dll [2016-05-14] (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.30.3\npGoogleUpdate3.dll [2016-05-14] (Google Inc.)
FF Plugin: @videolan.org/vlc,version=2.0.8 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2014-07-23] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.1 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2014-07-23] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.5 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2014-07-23] (VideoLAN)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2014-12-03] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-2917768417-143092652-2065364547-1000: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\npPDFXCviewNPPlugin.dll [2000-01-01] (Tracker Software Products Ltd.)
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF Extension: Microsoft .NET Framework Assistant - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension [2009-07-29] [non signé]
FF HKLM\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\Alwil Software\Avast5\WebRep\FF
FF Extension: Avast Online Security - C:\Program Files\Alwil Software\Avast5\WebRep\FF [2015-12-10]

Chrome:
=======
CHR Profile: C:\Users\Christophe\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Drive) - C:\Users\Christophe\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-10-22]
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\Christophe\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-10-22]
CHR Extension: (YouTube) - C:\Users\Christophe\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-10-22]
CHR Extension: (Google Search) - C:\Users\Christophe\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-10-22]
CHR Extension: (AdBlock) - C:\Users\Christophe\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2014-12-31]
CHR Extension: (Google Wallet) - C:\Users\Christophe\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-10-22]
CHR Extension: (My Chrome Theme) - C:\Users\Christophe\AppData\Local\Google\Chrome\User Data\Default\Extensions\oehpjpccmlcalbenfhnacjeocbjdonic [2014-12-31]
CHR Extension: (Gmail) - C:\Users\Christophe\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-10-22]
CHR Profile: C:\Users\Christophe\AppData\Local\Google\Chrome\User Data\Profile 2
CHR Extension: (Google Slides) - C:\Users\Christophe\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2016-06-09]
CHR Extension: (Google Docs) - C:\Users\Christophe\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\aohghmighlieiainnegkcijnfilokake [2016-06-09]
CHR Extension: (Google Drive) - C:\Users\Christophe\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-06-09]
CHR Extension: (YouTube) - C:\Users\Christophe\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-06-09]
CHR Extension: (Google Sheets) - C:\Users\Christophe\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2016-06-09]
CHR Extension: (Google Docs hors connexion) - C:\Users\Christophe\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-06-09]
CHR Extension: (Avast Online Security) - C:\Users\Christophe\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\gomekmidlodglbbmalcneegieacbdmki [2016-06-09]
CHR Extension: (Paiements via le Chrome Web Store) - C:\Users\Christophe\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-06-09]
CHR Extension: (Gmail) - C:\Users\Christophe\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-06-09]
CHR Profile: C:\Users\Christophe\AppData\Local\Google\Chrome\User Data\_Default
CHR Extension: (Google Docs) - C:\Users\Christophe\AppData\Local\Google\Chrome\User Data\_Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-10-21]
CHR Extension: (Nyan Cat Adventure) - C:\Users\Christophe\AppData\Local\Google\Chrome\User Data\_Default\Extensions\bcbkjabifpfdofalbfkhpdpmopnbflkd [2013-08-03]
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\Christophe\AppData\Local\Google\Chrome\User Data\_Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-09-06]
CHR Extension: (YouTube) - C:\Users\Christophe\AppData\Local\Google\Chrome\User Data\_Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2013-04-12]
CHR Extension: (Recherche Google) - C:\Users\Christophe\AppData\Local\Google\Chrome\User Data\_Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2013-04-05]
CHR Extension: (AdBlock) - C:\Users\Christophe\AppData\Local\Google\Chrome\User Data\_Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2014-10-11]
CHR Extension: (LEGO Star Wars - The Quest for R2-D2) - C:\Users\Christophe\AppData\Local\Google\Chrome\User Data\_Default\Extensions\jcjbcgfmgdinmcljnafppclcmckchoca [2013-06-06]
CHR Extension: (Build with Chrome) - C:\Users\Christophe\AppData\Local\Google\Chrome\User Data\_Default\Extensions\lbbbhbjeecagnlfgggogfclkdjamoapf [2013-06-06]
CHR Extension: (Plants vs Zombies) - C:\Users\Christophe\AppData\Local\Google\Chrome\User Data\_Default\Extensions\mmcegpfdgcoclcdfkjahiimlikdpnina [2013-06-06]
CHR Extension: (Google Wallet) - C:\Users\Christophe\AppData\Local\Google\Chrome\User Data\_Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-02-21]
CHR Extension: (Gmail) - C:\Users\Christophe\AppData\Local\Google\Chrome\User Data\_Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2012-11-10]
CHR HKLM\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\Alwil Software\Avast5\WebRep\Chrome\aswWebRepChrome.crx [2015-03-20]

==================== Services (Avec liste blanche) ========================

(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)

R2 AESTFilters; C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_a7e996cd\aestsrv.exe [77824 2008-06-27] (Andrea Electronics Corporation)
R2 avast! Antivirus; C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [146600 2015-08-08] (AVAST Software)
R3 AvastVBoxSvc; C:\Program Files\Alwil Software\Avast5\ng\vbox\AvastVBoxSVC.exe [3218624 2015-08-08] (Avast Software)
R2 ezSharedSvc; C:\Windows\System32\ezsvc7.dll [129992 2008-02-03] (EasyBits Sofware AS) [Fichier non signé]
S3 FLEXnet Licensing Service; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [654848 2009-01-09] (Macrovision Europe Ltd.) [Fichier non signé]
R2 FsUsbExService; C:\Windows\system32\FsUsbExService.Exe [217088 2010-05-13] (Teruten) [Fichier non signé]
S4 gupdate1c98f4372412e23; C:\Program Files\Google\Update\GoogleUpdate.exe [144200 2015-08-30] (Google Inc.)
R2 hasplms; C:\Windows\system32\hasplms.exe [535807 2007-03-15] (Aladdin Knowledge Systems Ltd.)
R2 HP Health Check Service; c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe [94208 2008-10-09] (Hewlett-Packard) [Fichier non signé]
S3 IDriverT; C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe [69632 2005-11-14] (Macrovision Corporation) [Fichier non signé]
R2 LightScribeService; C:\Program Files\Common Files\LightScribe\LSSrvc.exe [73728 2008-06-09] (Hewlett-Packard Company) [Fichier non signé]
R2 QPCapSvc; C:\Program Files\HP\QuickPlay\Kernel\TV\QPCapSvc.exe [292216 2008-06-25] ()
R2 QPSched; C:\Program Files\HP\QuickPlay\Kernel\TV\QPSched.exe [116080 2008-06-25] ()
R2 Recovery Service for Windows; C:\Windows\SMINST\BLService.exe [361808 2008-04-26] ()
R2 STacSV; C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_a7e996cd\STacSV.exe [221273 2008-06-27] (IDT, Inc.)
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [272952 2008-01-21] (Microsoft Corporation)
S2 TomTomHOMEService; "C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe" [X]

===================== Pilotes (Avec liste blanche) ==========================

(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)

R2 aksfridge; C:\Windows\system32\drivers\aksfridge.sys [351744 2007-03-12] (Aladdin Knowledge Systems Ltd.)
S3 akshasp; C:\Windows\System32\DRIVERS\akshasp.sys [329856 2007-03-06] (Aladdin Knowledge Systems Ltd.)
S3 aksusb; C:\Windows\System32\DRIVERS\aksusb.sys [99712 2007-03-06] (Aladdin Knowledge Systems Ltd.)
R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [24016 2015-08-08] (AVAST Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [76000 2015-08-08] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr.sys [55200 2015-08-08] (AVAST Software)
R0 aswRvrt; C:\Windows\system32\Drivers\aswRvrt.sys [49776 2015-08-08] (AVAST Software)
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [794952 2015-11-06] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [435464 2015-11-06] (AVAST Software)
R3 aswStmXP; C:\Windows\system32\drivers\aswStmXP.sys [161472 2015-08-08] (AVAST Software)
S3 aswTdi; C:\Windows\system32\drivers\aswTdi.sys [57888 2015-08-08] (AVAST Software)
R0 aswVmm; C:\Windows\system32\Drivers\aswVmm.sys [208664 2015-08-08] (AVAST Software)
R3 FsUsbExDisk; C:\Windows\system32\FsUsbExDisk.SYS [36640 2010-05-13] () [Fichier non signé]
S3 hamachi; C:\Windows\System32\DRIVERS\hamachi.sys [26176 2009-03-18] (LogMeIn, Inc.)
R2 Hardlock; C:\Windows\system32\drivers\hardlock.sys [693760 2006-11-22] (Aladdin Knowledge Systems Ltd.)
R3 NETw5v32; C:\Windows\System32\DRIVERS\NETw5v32.sys [3658752 2008-04-28] (Intel Corporation) [Fichier non signé]
R0 ngvss; C:\Windows\system32\Drivers\ngvss.sys [95112 2015-08-08] (AVAST Software)
S3 silabenm; C:\Windows\System32\DRIVERS\silabenm.sys [47176 2011-10-14] (Silicon Laboratories) [Fichier non signé]
S3 silabser; C:\Windows\System32\DRIVERS\silabser.sys [61312 2011-10-14] (Silicon Laboratories) [Fichier non signé]
R0 sptd; C:\Windows\System32\Drivers\sptd.sys [716272 2009-03-04] () [Fichier non signé]
S3 ssudserd; C:\Windows\System32\DRIVERS\ssudserd.sys [184248 2013-12-26] (DEVGURU Co., LTD.(www.devguru.co.kr))
R1 StarOpen; C:\Windows\system32\Drivers\StarOpen.sys [5632 2006-07-24] () [Fichier non signé]
R2 VBoxAswDrv; C:\Program Files\Alwil Software\Avast5\ng\vbox\VBoxAswDrv.sys [220752 2015-08-08] (Avast Software)
S3 cleanhlp; \??\C:\Program Files\Emsisoft Anti-Malware\cleanhlp32.sys [X]
S3 dgderdrv; System32\drivers\dgderdrv.sys [X]
U1 eabfiltr; pas de ImagePath
S3 IpInIp; system32\DRIVERS\ipinip.sys [X]
S3 NwlnkFlt; system32\DRIVERS\nwlnkflt.sys [X]
S3 NwlnkFwd; system32\DRIVERS\nwlnkfwd.sys [X]

==================== NetSvcs (Avec liste blanche) ===================

(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)


==================== Un mois - Créés - fichiers et dossiers ========

(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)

2016-06-11 07:45 - 2016-06-11 07:46 - 00022542 _____ C:\Users\Christophe\Desktop\FRST.txt
2016-06-11 07:44 - 2016-06-11 07:45 - 00000000 ____D C:\FRST
2016-06-11 07:42 - 2016-06-11 07:43 - 01735680 _____ (Farbar) C:\Users\Christophe\Desktop\FRST.exe
2016-06-11 07:27 - 2016-06-11 07:27 - 00000818 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2016-06-11 07:27 - 2016-06-11 07:27 - 00000806 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk
2016-06-11 07:27 - 2016-06-11 07:27 - 00000000 ____D C:\Users\Christophe\AppData\Local\Mozilla
2016-06-11 07:27 - 2016-06-11 07:27 - 00000000 ____D C:\Program Files\Mozilla Maintenance Service
2016-06-11 07:22 - 2016-06-11 07:25 - 45811976 _____ C:\Users\Christophe\Downloads\Firefox Setup 43.0.1.exe
2016-06-09 20:49 - 2016-06-09 20:49 - 00006833 _____ C:\Users\Christophe\Desktop\MGADiag.txt
2016-06-09 20:48 - 2016-06-09 20:48 - 00000000 ____D C:\MGADiagToolOutput
2016-06-09 20:47 - 2016-06-09 20:47 - 00000000 ____D C:\ProgramData\Office Genuine Advantage
2016-06-09 20:46 - 2016-06-09 20:46 - 00000000 ____D C:\Users\Christophe\AppData\LocalLow\Adobe
2016-06-09 20:44 - 2016-06-09 20:46 - 01607032 _____ (Microsoft Corporation) C:\Users\Christophe\Desktop\MGADiag.exe
2016-06-09 20:41 - 2016-06-09 20:41 - 00001852 _____ C:\Users\Public\Desktop\Adobe Reader XI.lnk
2016-06-09 20:41 - 2016-06-09 20:41 - 00001804 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
2016-06-09 20:07 - 2016-06-09 20:07 - 00001017 _____ C:\Users\Christophe\Desktop\Revo Uninstaller.lnk
2016-06-09 20:07 - 2016-06-09 20:07 - 00000000 ____D C:\Users\Christophe\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Revo Uninstaller
2016-06-09 20:07 - 2016-06-09 20:07 - 00000000 ____D C:\Program Files\VS Revo Group
2016-06-09 19:59 - 2016-06-09 20:06 - 02623656 _____ (VS Revo Group Ltd.) C:\Users\Christophe\Desktop\revosetup.exe
2016-06-09 00:28 - 2016-06-09 00:28 - 00019674 _____ C:\Users\Christophe\Desktop\zoek-results.txt
2016-06-09 00:22 - 2016-06-08 23:56 - 00024064 _____ C:\Windows\zoek-delete.exe
2016-06-08 23:57 - 2016-06-08 23:57 - 00000201 _____ C:\Users\Christophe\Downloads\Zoek_Script-2.txt
2016-06-08 23:56 - 2016-06-09 00:20 - 00000000 ____D C:\zoek_backup
2016-06-08 23:54 - 2016-06-08 23:55 - 01309184 _____ C:\Users\Christophe\Desktop\zoek.exe
2016-06-07 23:22 - 2016-06-07 23:22 - 00001114 _____ C:\Users\Christophe\Desktop\ZHPFixReport.txt
2016-06-06 22:36 - 2016-06-06 22:47 - 00918824 _____ C:\Users\Christophe\Desktop\esetsmartinstaller_fra.exe
2016-06-05 23:50 - 2016-06-05 23:50 - 00001092 _____ C:\Users\Christophe\Desktop\MBAM.txt
2016-06-05 22:57 - 2016-06-05 22:57 - 00003769 _____ C:\Users\Christophe\Desktop\JRT.txt
2016-06-05 22:50 - 2016-06-05 22:51 - 01610816 _____ (Malwarebytes) C:\Users\Christophe\Desktop\JRT.exe
2016-06-05 13:35 - 2016-06-05 13:35 - 00001980 _____ C:\Users\Christophe\Desktop\ZHPFix[R1].txt
2016-06-05 13:30 - 2016-06-05 13:30 - 00002754 _____ C:\Users\Christophe\Downloads\ZHPFix.txt
2016-06-05 13:30 - 2016-06-05 13:30 - 00002754 _____ C:\Users\Christophe\Downloads\ZHPFix (2).txt
2016-06-05 13:30 - 2016-06-05 13:30 - 00002754 _____ C:\Users\Christophe\Downloads\ZHPFix (1).txt
2016-06-05 13:29 - 2016-06-07 23:20 - 00001594 _____ C:\Users\Public\Desktop\ZHPFix.lnk
2016-06-05 13:29 - 2016-06-07 23:20 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ZHP
2016-06-05 13:29 - 2016-06-07 23:20 - 00000000 ____D C:\Program Files\ZHPFix
2016-06-05 13:25 - 2016-06-05 13:28 - 03521617 _____ (Nicolas Coolman ) C:\Users\Christophe\Downloads\ZHPFix.exe
2016-06-05 00:02 - 2016-06-05 00:08 - 03521617 _____ (Nicolas Coolman ) C:\Users\Christophe\Desktop\ZHPFix.exe
2016-06-04 23:50 - 2016-06-04 23:50 - 00007197 _____ C:\Users\Christophe\Desktop\AdwCleaner[C1].txt
2016-06-04 23:35 - 2016-06-04 23:39 - 03677248 _____ C:\Users\Christophe\Desktop\adwcleaner_5.119.exe
2016-06-04 21:52 - 2016-06-07 21:47 - 00112270 _____ C:\Users\Christophe\Desktop\ZHPDiag.txt
2016-06-04 21:43 - 2016-06-07 23:22 - 00000000 ____D C:\Users\Christophe\AppData\Roaming\ZHP
2016-06-04 21:43 - 2016-06-07 21:35 - 00000477 _____ C:\Users\Christophe\Desktop\ZHPDiag.lnk
2016-06-04 21:26 - 2016-06-04 21:29 - 02212352 _____ C:\Users\Christophe\Downloads\ZHPDiag3.exe
2016-06-03 18:16 - 2016-06-03 18:16 - 00038346 _____ C:\Users\Christophe\Downloads\rglement-trans-2015 (2).pdf
2016-05-30 21:46 - 2016-05-30 21:48 - 00786922 _____ C:\Users\Christophe\Downloads\cerfa_13406-05.pdf

==================== Un mois - Modifiés - fichiers et dossiers ========

(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)

2016-06-11 07:39 - 2009-06-30 08:28 - 00001052 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2016-06-11 07:39 - 2008-10-16 15:15 - 00153578 _____ C:\ProgramData\nvModes.001
2016-06-11 07:36 - 2006-11-02 15:01 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2016-06-11 07:36 - 2006-11-02 14:47 - 00003216 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
2016-06-11 07:36 - 2006-11-02 14:47 - 00003216 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
2016-06-11 07:27 - 2013-01-05 14:05 - 00000000 ____D C:\Program Files\Mozilla Firefox
2016-06-11 07:21 - 2013-03-20 22:34 - 00001002 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2016-06-11 07:21 - 2009-06-30 08:28 - 00001056 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2016-06-10 14:02 - 2009-02-15 09:58 - 00001000 _____ C:\Windows\Tasks\Google Software Updater.job
2016-06-10 00:34 - 2014-09-14 16:32 - 00000000 ____D C:\Users\Christophe\AppData\Roaming\vlc
2016-06-09 23:36 - 2008-07-30 10:06 - 00722488 _____ C:\Windows\system32\perfh00C.dat
2016-06-09 23:36 - 2008-07-30 10:06 - 00146290 _____ C:\Windows\system32\perfc00C.dat
2016-06-09 23:36 - 2006-11-02 13:18 - 00000000 ____D C:\Windows\inf
2016-06-09 23:36 - 2006-11-02 12:33 - 01615904 _____ C:\Windows\system32\PerfStringBackup.INI
2016-06-09 23:33 - 2009-01-07 22:23 - 00089600 _____ C:\Users\Christophe\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2016-06-09 23:26 - 2008-07-30 01:58 - 00000000 ____D C:\ProgramData\Adobe
2016-06-09 20:46 - 2009-01-05 21:30 - 00000000 ____D C:\Users\Christophe\AppData\Roaming\Adobe
2016-06-09 20:43 - 2009-01-08 22:48 - 00000000 ____D C:\Users\Christophe\AppData\Local\Adobe
2016-06-09 20:40 - 2008-07-30 01:58 - 00000000 ____D C:\Program Files\Common Files\Adobe
2016-06-09 20:40 - 2008-07-30 01:58 - 00000000 ____D C:\Program Files\Adobe
2016-06-09 00:23 - 2008-07-30 00:20 - 00000012 _____ C:\Windows\bthservsdp.dat
2016-06-09 00:23 - 2006-11-02 15:01 - 00032614 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2016-06-09 00:17 - 2009-01-05 21:27 - 00000000 ____D C:\Users\Christophe
2016-06-05 23:24 - 2014-10-21 22:50 - 00114904 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2016-06-04 23:43 - 2014-08-24 19:48 - 00000000 ____D C:\AdwCleaner
2016-06-01 21:42 - 2014-05-29 22:17 - 00000000 ____D C:\Users\Christophe\Documents\impots
2016-05-25 20:22 - 2009-08-16 20:27 - 00000000 ____D C:\Users\Christophe\photo
2016-05-22 15:29 - 2011-12-28 16:57 - 00000000 ___RD C:\Program Files\Skype
2016-05-22 15:29 - 2011-12-28 16:57 - 00000000 ____D C:\ProgramData\Skype
2016-05-22 15:27 - 2009-05-16 11:03 - 00000000 ____D C:\ProgramData\Nero
2016-05-22 15:27 - 2009-05-16 11:03 - 00000000 ____D C:\Program Files\Common Files\Nero
2016-05-22 15:16 - 2009-05-16 11:20 - 00000039 _____ C:\Windows\Irremote.ini
2016-05-22 15:16 - 2009-05-16 11:04 - 00000000 ____D C:\Program Files\Nero
2016-05-22 15:05 - 2009-08-31 09:58 - 00000000 ____D C:\Windows\Minidump
2016-05-18 20:46 - 2010-01-17 18:39 - 00000000 ____D C:\Users\Christophe\AppData\Roaming\uTorrent
2016-05-15 18:14 - 2008-10-16 15:15 - 00153578 _____ C:\ProgramData\nvModes.dat

==================== Fichiers à la racine de certains dossiers =======

2009-01-31 09:56 - 2009-01-31 09:56 - 0003954 _____ () C:\Program Files\unins000.dat
2009-01-31 09:56 - 2009-01-31 09:56 - 0685591 _____ () C:\Program Files\unins000.exe
2011-12-23 19:06 - 2011-12-23 19:06 - 0000006 _____ () C:\Program Files\Common Files\WPVersion.txt
2009-10-01 08:31 - 2016-01-24 22:44 - 0000192 _____ () C:\Users\Christophe\AppData\Roaming\default.rss
2009-12-23 16:27 - 2009-12-23 16:46 - 0087608 _____ () C:\Users\Christophe\AppData\Roaming\inst.exe
2009-12-23 16:27 - 2009-12-23 16:46 - 0007887 _____ () C:\Users\Christophe\AppData\Roaming\pcouffin.cat
2009-12-23 16:27 - 2009-12-23 16:46 - 0001144 _____ () C:\Users\Christophe\AppData\Roaming\pcouffin.inf
2009-12-23 16:27 - 2009-12-23 16:46 - 0047360 _____ (VSO Software) C:\Users\Christophe\AppData\Roaming\pcouffin.sys
2009-01-05 21:34 - 2009-01-05 21:34 - 0000000 _____ () C:\Users\Christophe\AppData\Local\AtStart.txt
2009-05-13 14:49 - 2009-05-13 14:50 - 0930838 _____ () C:\Users\Christophe\AppData\Local\cooliris-win-ie-release-1.10.0.24532.en-US.msi
2010-02-12 18:21 - 2010-04-16 22:14 - 2268672 _____ () C:\Users\Christophe\AppData\Local\cooliris-win-iefull-release-1.11.5.29501.en-US.msi
2009-01-06 22:02 - 2013-05-07 18:13 - 0000680 _____ () C:\Users\Christophe\AppData\Local\d3d9caps.dat
2009-01-07 22:23 - 2016-06-09 23:33 - 0089600 _____ () C:\Users\Christophe\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2009-01-05 21:34 - 2009-01-05 21:34 - 0000000 _____ () C:\Users\Christophe\AppData\Local\DSwitch.txt
2010-01-06 15:13 - 2016-02-29 23:16 - 0000000 _____ () C:\Users\Christophe\AppData\Local\FnF4.txt
2009-01-05 21:34 - 2009-01-05 21:34 - 0000000 _____ () C:\Users\Christophe\AppData\Local\QSwitch.txt
2008-10-16 15:23 - 2008-10-16 15:23 - 0000249 _____ () C:\ProgramData\hpqp.ini
2009-10-20 13:15 - 2009-12-24 11:16 - 0003371 _____ () C:\ProgramData\hpzinstall.log
2010-09-17 19:19 - 2010-09-18 08:35 - 0000000 _____ () C:\ProgramData\LauncherAccess.dt
2008-10-16 15:15 - 2016-06-11 07:39 - 0153578 _____ () C:\ProgramData\nvModes.001
2008-10-16 15:15 - 2016-05-15 18:14 - 0153578 _____ () C:\ProgramData\nvModes.dat

==================== Bamital & volsnap =================

(Il n'y a pas de correction automatique pour les fichiers qui ne satisfont pas à la vérification.)

C:\Windows\explorer.exe => Le fichier est signé numériquement
C:\Windows\system32\winlogon.exe => Le fichier est signé numériquement
C:\Windows\system32\wininit.exe => Le fichier est signé numériquement
C:\Windows\system32\svchost.exe => Le fichier est signé numériquement
C:\Windows\system32\services.exe => Le fichier est signé numériquement
C:\Windows\system32\User32.dll => Le fichier est signé numériquement
C:\Windows\system32\userinit.exe => Le fichier est signé numériquement
C:\Windows\system32\rpcss.dll => Le fichier est signé numériquement
C:\Windows\system32\dnsapi.dll => Le fichier est signé numériquement
C:\Windows\system32\Drivers\volsnap.sys => Le fichier est signé numériquement


LastRegBack: 2016-06-11 07:44

==================== Fin de FRST.txt ============================

Publicité


Signaler le contenu de ce document

Publicité