Résultats d'analyse de Farbar Recovery Scan Tool (FRST) (x64) Version:14-05-2016 Exécuté par General (administrateur) sur GENERAL-PC (14-05-2016 15:39:59) Exécuté depuis C:\Users\General\Desktop Profils chargés: UpdatusUser & General (Profils disponibles: UpdatusUser & General) Platform: Windows 7 Home Premium Service Pack 1 (X64) Langue: Français (France) Internet Explorer Version 9 (Navigateur par défaut: IE) Mode d'amorçage: Normal Tutoriel pour Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processus (Avec liste blanche) ================= (Si un élément est inclus dans le fichier fixlist.txt, le processus sera arrêté. Le fichier ne sera pas déplacé.) (Bitdefender) C:\Program Files\Bitdefender\Bitdefender 2012\vsserv.exe (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\NvXDSync.exe (ASUSTeK Computer Inc.) C:\Windows\System32\FBAgent.exe (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe (ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe (ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe (Acronis) C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe (Bitdefender) C:\Program Files\Bitdefender\Bitdefender 2012\bdagent.exe (Acronis) C:\Program Files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe (ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe (Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe (PcWinTech.com) C:\Program Files (x86)\cleanmem_v2.2.0\Mini_Monitor.exe (ASUS) C:\Program Files (x86)\ASUS\Splendid\ACMON.exe (ASUS) C:\Program Files\P4G\BatteryLife.exe () C:\Program Files (x86)\ASUS\ASUS Live Update\ALU.exe (ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe (Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe () C:\Program Files (x86)\Canon\IJPLM\ijplmsvc.exe () C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe (Acronis) C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe (Microsoft Corporation) C:\Windows\System32\rundll32.exe (Stealth Software) C:\Users\General\AppData\Roaming\Stealth Software\HTC Home 2.4\HTCHome.exe (Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe (Bitdefender) C:\Program Files\Bitdefender\Bitdefender 2012\updatesrv.exe (Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE (Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe (ASUS) C:\Windows\AsScrPro.exe (ASUS) C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe (ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe (Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE (CyberLink) C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Microsoft Corporation) C:\Windows\SysWOW64\rundll32.exe (ASUSTeK) C:\Windows\SysWOW64\ACEngSvr.exe (Microsoft Corporation) C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE (ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ATKOSD.exe (ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\KBFiltr.exe (ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\WDC.exe (Microsoft Corporation) C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVH.EXE () Q:\140066.fra\Office14\WINWORDC.EXE (Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE () Q:\140066.FRA\OFFICE14\OffSpon.EXE (Microsoft Corporation) C:\Windows\splwow64.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe (Bitdefender) C:\Program Files\Bitdefender\Bitdefender 2012\seccenter.exe (Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe () C:\Users\General\Desktop\ZHPDiag3.exe (Microsoft Corporation) C:\Windows\System32\mspaint.exe (Microsoft Corporation) C:\Windows\System32\StikyNot.exe ==================== Registre (Avec liste blanche) =========================== (Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé. Le fichier ne sera pas déplacé.) HKLM\...\Run: [RtHDVBg] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2213992 2011-05-12] (Realtek Semiconductor) HKLM\...\Run: [Service Scheduler2 Acronis] => C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe [391120 2011-02-01] (Acronis) HKLM\...\Run: [BDAgent] => C:\Program Files\Bitdefender\Bitdefender 2012\bdagent.exe [1091200 2012-12-13] (Bitdefender) HKLM-x32\...\Run: [Wireless Console 3] => C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe [2255360 2011-06-10] (ASUS) HKLM-x32\...\Run: [USBChargerPlusTray] => C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe [496560 2011-04-19] (ASUSTek Computer Inc.) HKLM-x32\...\Run: [TrueImageMonitor.exe] => C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe [5582392 2011-02-01] (Acronis) Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation) HKU\S-1-5-21-3382478990-3944324356-317180300-1000\...\Run: [ISUSPM] => C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe [222496 2009-05-06] (Acresso Corporation) HKU\S-1-5-21-3382478990-3944324356-317180300-1001\...\Run: [Clock Widget (HTC Home)] => C:\Program Files (x86)\HTC Home\Clock.exe [2036736 2011-11-28] () HKU\S-1-5-21-3382478990-3944324356-317180300-1001\...\Run: [Photos Widget (HTC Home)] => C:\Program Files (x86)\HTC Home\Photos.exe [946688 2011-06-20] () HKU\S-1-5-21-3382478990-3944324356-317180300-1001\...\Run: [lniobbe] => rundll32 "C:\Users\General\AppData\Local\lniobbe.dll",lniobbe <===== ATTENTION HKU\S-1-5-21-3382478990-3944324356-317180300-1001\...\Run: [HTC Home] => C:\Users\General\AppData\Roaming\Stealth Software\HTC Home 2.4\HTCHome.exe [281088 2011-03-04] (Stealth Software) HKU\S-1-5-21-3382478990-3944324356-317180300-1001\...\Run: [RESTART_STICKY_NOTES] => C:\Windows\System32\StikyNot.exe [427520 2009-07-14] (Microsoft Corporation) HKU\S-1-5-21-3382478990-3944324356-317180300-1001\...\MountPoints2: {542f9251-0acb-11e4-8e60-14dae955980e} - E:\setup.exe HKU\S-1-5-21-3382478990-3944324356-317180300-1001\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\system32\Bubbles.scr [899584 2010-11-20] (Microsoft Corporation) AppInit_DLLs: C:\Windows\system32\nvinitx.dll => C:\Windows\system32\nvinitx.dll [226920 2011-04-28] (NVIDIA Corporation) AppInit_DLLs-x32: C:\Windows\SysWOW64\nvinit.dll => C:\Windows\SysWOW64\nvinit.dll [193128 2011-04-28] (NVIDIA Corporation) ShellIconOverlayIdentifiers: [__SafeBox1] -> {152C96EB-288E-4EDC-B7C6-D21F8250ADF3} => C:\Program Files\Bitdefender\Bitdefender SafeBox\safeboxshell.dll [2012-07-11] (Bitdefender) ShellIconOverlayIdentifiers: [__SafeBox2] -> {342DAA0B-D796-460D-8566-901E08A1CCAD} => C:\Program Files\Bitdefender\Bitdefender SafeBox\safeboxshell.dll [2012-07-11] (Bitdefender) ShellIconOverlayIdentifiers: [__SafeBox3] -> {57595DAE-1AE1-4D97-A49E-67CBB53B52DF} => C:\Program Files\Bitdefender\Bitdefender SafeBox\safeboxshell.dll [2012-07-11] (Bitdefender) ShellIconOverlayIdentifiers: [__SafeBox4] -> {33816773-98AE-4723-ADE0-EBE54C8B5A67} => C:\Program Files\Bitdefender\Bitdefender SafeBox\safeboxshell.dll [2012-07-11] (Bitdefender) ==================== Internet (Avec liste blanche) ==================== (Si un élément est inclus dans le fichier fixlist.txt, s'il s'agit d'un élément du Registre, il sera supprimé ou restauré à la valeur par défaut.) AutoConfigURL: [S-1-5-21-3382478990-3944324356-317180300-1001] => file://C:\Program Files (x86)\NetCrawl\bin\Pac9064.js Tcpip\Parameters: [DhcpNameServer] 192.168.0.254 Tcpip\..\Interfaces\{79F6EE31-FF98-4A0B-A283-99B9F3E98642}: [NameServer] 8.8.8.8,8.8.4.4 Tcpip\..\Interfaces\{79F6EE31-FF98-4A0B-A283-99B9F3E98642}: [DhcpNameServer] 192.168.0.254 Tcpip\..\Interfaces\{AAD0255E-EAA9-41A5-9E4A-901A126BDBED}: [DhcpNameServer] 172.20.10.1 Tcpip\..\Interfaces\{D5813CD6-D61E-433B-B6EF-1BD237AE039E}: [DhcpNameServer] 172.20.10.1 ManualProxies: 0file://C:\Program Files (x86)\NetCrawl\bin\Pac9064.js Internet Explorer: ================== HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = HKU\S-1-5-21-3382478990-3944324356-317180300-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://asus.msn.com HKU\S-1-5-21-3382478990-3944324356-317180300-1000\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://asus.msn.com HKU\S-1-5-21-3382478990-3944324356-317180300-1001\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=ASUTDF&pc=NP06&src=IE-SearchBox SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=ASUTDF&pc=NP06&src=IE-SearchBox SearchScopes: HKLM-x32 -> {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL = hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7ASUT SearchScopes: HKU\.DEFAULT -> DefaultScope {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = SearchScopes: HKU\S-1-5-21-3382478990-3944324356-317180300-1000 -> DefaultScope {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL = hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7ASUT SearchScopes: HKU\S-1-5-21-3382478990-3944324356-317180300-1000 -> {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL = hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7ASUT SearchScopes: HKU\S-1-5-21-3382478990-3944324356-317180300-1001 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\S-1-5-21-3382478990-3944324356-317180300-1001 -> {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL = BHO: KeyScramblerBHO Class -> {2B9F5787-88A5-4945-90E7-C4B18563BC5E} -> C:\Program Files (x86)\KeyScrambler\x64\KeyScramblerIE.dll [2011-09-16] (QFX Software Corporation) BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17] (Microsoft Corp.) BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll [2011-10-01] (Oracle Corporation) BHO-x32: KeyScramblerBHO Class -> {2B9F5787-88A5-4945-90E7-C4B18563BC5E} -> C:\Program Files (x86)\KeyScrambler\KeyScramblerIE.dll [2011-10-01] (QFX Software Corporation) BHO-x32: Programme d’aide de l’Assistant de connexion au compte Microsoft -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17] (Microsoft Corp.) BHO-x32: Babylon IE plugin -> {9CFACCB6-2F3F-4177-94EA-0D2B72D384C1} -> C:\Program Files (x86)\Babylon\Babylon-Pro\Utils\BabylonIEPI.dll [2010-10-17] (Babylon Ltd.) Toolbar: HKU\S-1-5-21-3382478990-3944324356-317180300-1001 -> Pas de nom - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - Pas de fichier IE Session Restore: HKU\S-1-5-21-3382478990-3944324356-317180300-1001 -> est activé. DPF: HKLM-x32 {1E54D648-B804-468d-BC78-4AFFED8E262F} hxxp://www.nvidia.com/content/DriverDownload/srl/3.0.0.4/srl_bin/sysreqlab_nvd.cab DPF: HKLM-x32 {74DBCB52-F298-4110-951D-AD2FF67BC8AB} hxxp://www.nvidia.com/content/DriverDownload/nforce/NvidiaSmartScan.cab FireFox: ======== FF ProfilePath: C:\Users\General\AppData\Roaming\Mozilla\Firefox\Profiles\febeprof.Patrick FF Homepage: hxxp://www.google.fr/ FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_21_0_0_213.dll [2016-04-11] () FF Plugin: @java.com/JavaPlugin -> C:\Program Files\Java\jre7\bin\new_plugin\npjp2.dll [2011-10-01] (Oracle Corporation) FF Plugin: @microsoft.com/GENUINE -> disabled [Pas de fichier] FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.20125.0\npctrl.dll [2013-01-24] ( Microsoft Corporation) FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_21_0_0_213.dll [2016-04-11] () FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\system32\Adobe\Director\np32dsw.dll [Pas de fichier] FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2014-02-20] () FF Plugin-x32: @java.com/DTPlugin,version=10.5.1 -> C:\Windows\SysWOW64\npDeployJava1.dll [2012-05-04] (Oracle Corporation) FF Plugin-x32: @java.com/JavaPlugin,version=10.5.1 -> C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\plugin2\npjp2.dll [2012-05-04] (Oracle Corporation) FF Plugin-x32: @microsoft.com/GENUINE -> disabled [Pas de fichier] FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.20125.0\npctrl.dll [Pas de fichier] FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation) FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2013-02-05] (Microsoft Corporation) FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3508.0205 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2013-02-05] (Microsoft Corporation) FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2011-04-28] (NVIDIA Corporation) FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2011-04-28] (NVIDIA Corporation) FF Plugin-x32: @videolan.org/vlc,version=1.1.11 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2011-07-14] (the VideoLAN Team) FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll [2015-09-24] (Adobe Systems Inc.) FF Plugin-x32: ZEON/PDF,version=2.0 -> C:\Program Files (x86)\Nuance\PDF Reader\bin\nppdf.dll [2010-01-23] (Zeon Corporation) FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll [2015-09-24] (Adobe Systems Inc.) FF SearchPlugin: C:\Users\General\AppData\Roaming\Mozilla\Firefox\Profiles\febeprof.Patrick\searchplugins\google-france---francophones.xml [2015-09-07] FF SearchPlugin: C:\Users\General\AppData\Roaming\Mozilla\Firefox\Profiles\febeprof.Patrick\searchplugins\imdb.xml [2011-03-24] FF Extension: AutoPager - C:\Users\General\AppData\Roaming\Mozilla\Firefox\Profiles\febeprof.Patrick\extensions\autopager@mozilla.org.xpi [2015-06-26] FF Extension: QuickDrag - C:\Users\General\AppData\Roaming\Mozilla\Firefox\Profiles\febeprof.Patrick\extensions\quickdrag@mozilla.ktechcomputing.com.xpi [2015-06-26] FF Extension: Uppity - C:\Users\General\AppData\Roaming\Mozilla\Firefox\Profiles\febeprof.Patrick\extensions\{16cbd87c-eb99-4f5c-9825-83cf13ab7ff8}.xpi [2015-06-26] FF Extension: Remove It Permanently - C:\Users\General\AppData\Roaming\Mozilla\Firefox\Profiles\febeprof.Patrick\extensions\{1dbc4a33-ea62-4330-966c-7bdad3455322} [2015-06-26] FF Extension: Memory Fox - C:\Users\General\AppData\Roaming\Mozilla\Firefox\Profiles\febeprof.Patrick\extensions\{E173B749-DB5B-4fd2-BA0E-94ECEA0CA55B} [2015-06-26] FF Extension: Memory Restart - C:\Users\General\AppData\Roaming\Mozilla\Firefox\Profiles\febeprof.Patrick\extensions\memoryrestart@teamextension.com.xpi [2015-06-26] FF Extension: Omnibar - C:\Users\General\AppData\Roaming\Mozilla\Firefox\Profiles\febeprof.Patrick\extensions\omnibar@ajitk.com.xpi [2015-06-26] FF Extension: Flashblock - C:\Users\General\AppData\Roaming\Mozilla\Firefox\Profiles\febeprof.Patrick\extensions\{3d7eb24f-2740-49df-8937-200b1cc08f8a} [2016-01-26] FF Extension: WOT - C:\Users\General\AppData\Roaming\Mozilla\Firefox\Profiles\febeprof.Patrick\extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7} [2016-01-26] FF Extension: X-notifier - C:\Users\General\AppData\Roaming\Mozilla\Firefox\Profiles\febeprof.Patrick\extensions\{37fa1426-b82d-11db-8314-0800200c9a66}.xpi [2016-01-26] FF Extension: IE Tab 2 (FF 3.6+) - C:\Users\General\AppData\Roaming\Mozilla\Firefox\Profiles\febeprof.Patrick\extensions\{1BC9BA34-1EED-42ca-A505-6D2F1A935BBB} [2016-03-19] FF Extension: Text Link - C:\Users\General\AppData\Roaming\Mozilla\Firefox\Profiles\febeprof.Patrick\extensions\{54BB9F3F-07E5-486c-9B39-C7398B99391C}.xpi [2016-03-20] FF Extension: FEBE - C:\Users\General\AppData\Roaming\Mozilla\Firefox\Profiles\febeprof.Patrick\extensions\{4BBDD651-70CF-4821-84F8-2B918CF89CA3} [2016-04-18] FF Extension: NoScript - C:\Users\General\AppData\Roaming\Mozilla\Firefox\Profiles\febeprof.Patrick\extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi [2016-04-18] FF Extension: FEBE - C:\Users\General\AppData\Roaming\Mozilla\Firefox\Profiles\1tewb0bn.default\Extensions\{4BBDD651-70CF-4821-84F8-2B918CF89CA3} [2011-10-01] [non signé] FF Extension: Alldebrid - C:\Users\General\AppData\Roaming\Mozilla\Firefox\Profiles\febeprof.Patrick\Extensions\alldebrid@alldebrid.com [2011-10-01] [non signé] FF Extension: Element Hiding Helper for Adblock Plus - C:\Users\General\AppData\Roaming\Mozilla\Firefox\Profiles\febeprof.Patrick\Extensions\elemhidehelper@adblockplus.org.xpi [2016-02-17] FF Extension: United States English Spellchecker - C:\Users\General\AppData\Roaming\Mozilla\Firefox\Profiles\febeprof.Patrick\Extensions\en-US@dictionaries.addons.mozilla.org [2016-03-19] FF Extension: KeyScrambler - C:\Users\General\AppData\Roaming\Mozilla\Firefox\Profiles\febeprof.Patrick\Extensions\keyscrambler@qfx.software.corporation [2011-10-01] [non signé] FF Extension: Noia 2.0 eXtreme OPT - C:\Users\General\AppData\Roaming\Mozilla\Firefox\Profiles\febeprof.Patrick\Extensions\noia2_option@kk.noia [2011-10-01] [non signé] FF Extension: CookieSafe - C:\Users\General\AppData\Roaming\Mozilla\Firefox\Profiles\febeprof.Patrick\Extensions\{9D23D0AA-D8F5-11DA-B3FC-0928ABF316DD} [2011-10-01] [non signé] FF Extension: Noia 2.0 (eXtreme) - C:\Users\General\AppData\Roaming\Mozilla\Firefox\Profiles\febeprof.Patrick\Extensions\{9f08cb5a-76b1-4bcf-aff9-90e1a5d60b1e} [2011-10-01] [non signé] FF Extension: Video DownloadHelper - C:\Users\General\AppData\Roaming\Mozilla\Firefox\Profiles\febeprof.Patrick\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}.xpi [2016-04-18] FF Extension: Adblock Plus - C:\Users\General\AppData\Roaming\Mozilla\Firefox\Profiles\febeprof.Patrick\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2016-02-25] FF Extension: Download Statusbar - C:\Users\General\AppData\Roaming\Mozilla\Firefox\Profiles\febeprof.Patrick\Extensions\{D4DD63FA-01E4-46a7-B6B1-EDAB7D6AD389} [2011-11-04] [non signé] FF HKLM\...\Thunderbird\Extensions: [bdThunderbird@bitdefender.com] - C:\Program Files\Bitdefender\Bitdefender 2012\bdtbext FF Extension: bdToolbar - C:\Program Files\Bitdefender\Bitdefender 2012\bdtbext [2011-12-11] [non signé] FF HKLM-x32\...\Thunderbird\Extensions: [bdThunderbird@bitdefender.com] - C:\Program Files\Bitdefender\Bitdefender 2012\bdtbext ==================== Services (Avec liste blanche) ======================== (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.) S2 CLKMSVC10_38F51D56; C:\Program Files (x86)\CyberLink\PowerDVD10\NavFilter\kmsvc.exe [241648 2010-11-13] (CyberLink) R2 IJPLMSVC; C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE [140456 2011-09-06] () R2 PassThru Service; C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe [166912 2013-10-17] () [Fichier non signé] S3 SafeBox; C:\Program Files\Bitdefender\Bitdefender SafeBox\safeboxservice.exe [75384 2012-07-11] (Bitdefender) S3 Update Server; C:\Program Files\Common Files\Bitdefender\Bitdefender Arrakis Server\bin\arrakis3.exe [466736 2011-11-01] (BitDefender) R2 UPDATESRV; C:\Program Files\Bitdefender\Bitdefender 2012\updatesrv.exe [67904 2012-07-11] (Bitdefender) R2 VSSERV; C:\Program Files\Bitdefender\Bitdefender 2012\vsserv.exe [1958352 2015-09-01] (Bitdefender) S4 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2009-07-14] (Microsoft Corporation) ===================== Pilotes (Avec liste blanche) ========================== (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.) R0 avc3; C:\Windows\System32\DRIVERS\avc3.sys [705552 2012-12-13] (BitDefender) R3 avchv; C:\Windows\System32\DRIVERS\avchv.sys [261056 2012-12-13] (BitDefender) R3 avckf; C:\Windows\System32\DRIVERS\avckf.sys [587024 2012-12-13] (BitDefender) R1 BdfNdisf; c:\program files\common files\bitdefender\bitdefender firewall\bdfndisf6.sys [93160 2012-09-01] (BitDefender LLC) R0 bdfsfltr; C:\Windows\System32\DRIVERS\bdfsfltr.sys [442088 2012-02-07] (BitDefender) R1 bdfwfpf; C:\Program Files\Common Files\Bitdefender\Bitdefender Firewall\bdfwfpf.sys [103504 2011-11-24] (BitDefender LLC) S3 bdsandbox; C:\Windows\system32\drivers\bdsandbox.sys [79952 2012-02-07] (BitDefender SRL) R1 BDVEDISK; C:\Windows\System32\DRIVERS\bdvedisk.sys [103944 2010-01-19] (BitDefender) R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [270912 2011-10-01] (DT Soft Ltd) S3 ebdrv; C:\Windows\system32\drivers\evbda.sys [3286016 2009-06-10] (Broadcom Corporation) S3 epmntdrv; C:\Windows\system32\epmntdrv.sys [16776 2011-07-29] () [Fichier non signé] S3 epmntdrv; C:\Windows\SysWOW64\epmntdrv.sys [14216 2011-07-29] () [Fichier non signé] S3 EuGdiDrv; C:\Windows\system32\EuGdiDrv.sys [9096 2011-07-29] () [Fichier non signé] S3 EuGdiDrv; C:\Windows\SysWOW64\EuGdiDrv.sys [8456 2011-07-29] () [Fichier non signé] R3 kbfiltr; C:\Windows\System32\DRIVERS\kbfiltr.sys [15416 2009-07-20] ( ) R3 KeyScrambler; C:\Windows\System32\drivers\keyscrambler.sys [274616 2011-09-14] (QFX Software Corporation) R0 trufos; C:\Windows\System32\DRIVERS\trufos.sys [329800 2011-11-24] (BitDefender S.R.L.) R2 WinRing0_1_2_0; C:\Users\General\AppData\Local\Microsoft\Windows Sidebar\Gadgets\IntelCoreSeries25.gadget\WinRing0x64.sys [14544 2011-10-01] (OpenLibSys.org) ==================== NetSvcs (Avec liste blanche) =================== (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.) ==================== Un mois - Créés - fichiers et dossiers ======== (Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.) 2016-05-14 15:39 - 2016-05-14 15:42 - 00023904 _____ C:\Users\General\Desktop\FRST.txt 2016-05-14 15:27 - 2016-05-14 15:27 - 00144457 _____ C:\Users\General\Desktop\ZHPDiag.txt 2016-05-14 15:14 - 2016-05-14 15:14 - 02382336 _____ (Farbar) C:\Users\General\Desktop\FRST64.exe 2016-05-14 15:13 - 2016-05-14 15:17 - 00000000 ____D C:\Users\General\AppData\Roaming\ZHP 2016-05-14 15:13 - 2016-05-14 15:16 - 00000828 _____ C:\Users\General\Desktop\ZHPDiag.lnk 2016-05-14 15:11 - 2016-05-14 15:13 - 02205184 _____ C:\Users\General\Desktop\ZHPDiag3.exe 2016-05-10 23:27 - 2016-05-14 15:33 - 00000000 ____D C:\FRST 2016-05-08 18:14 - 2016-05-08 18:14 - 00000000 ____D C:\Users\General\AppData\Local\ElevatedDiagnostics 2016-05-06 15:43 - 2016-05-06 15:44 - 00276568 _____ C:\Windows\system32\FNTCACHE.DAT 2016-05-05 22:57 - 2016-05-08 12:24 - 00058408 _____ C:\Users\General\AppData\Local\GDIPFONTCACHEV1.DAT 2016-05-01 17:53 - 2016-05-01 17:53 - 00003040 _____ C:\Windows\System32\Tasks\{6CA44503-BF6A-4272-A347-C5F112EE9367} 2016-04-23 12:27 - 2016-04-23 12:27 - 00002978 _____ C:\Windows\System32\Tasks\{8714EB95-185D-4F8E-8F82-C9FBFB4A5768} 2016-04-18 12:09 - 2016-05-10 22:12 - 00003886 _____ C:\Windows\System32\Tasks\Adobe Acrobat Update Task ==================== Un mois - Modifiés - fichiers et dossiers ======== (Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.) 2016-05-14 15:19 - 2009-07-14 06:45 - 00018736 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 2016-05-14 15:19 - 2009-07-14 06:45 - 00018736 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 2016-05-14 14:51 - 2011-10-01 16:15 - 00000000 ____D C:\Windows\system32\log 2016-05-14 14:51 - 2011-10-01 14:59 - 00000000 ____D C:\Program Files (x86)\HTC Home 2016-05-14 14:50 - 2011-07-27 11:33 - 00000000 ____D C:\ProgramData\NVIDIA 2016-05-14 14:50 - 2009-07-14 07:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT 2016-05-12 09:59 - 2009-07-14 07:08 - 00032482 _____ C:\Windows\Tasks\SCHEDLGU.TXT 2016-05-12 09:52 - 2012-12-14 22:18 - 00001002 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job 2016-05-11 10:50 - 2011-02-19 06:29 - 00716336 _____ C:\Windows\system32\perfh00C.dat 2016-05-11 10:50 - 2011-02-19 06:29 - 00134692 _____ C:\Windows\system32\perfc00C.dat 2016-05-11 10:50 - 2009-07-14 07:13 - 01582036 _____ C:\Windows\system32\PerfStringBackup.INI 2016-05-11 10:50 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\inf 2016-05-11 00:14 - 2011-10-01 20:09 - 00063058 _____ C:\bdlog.txt 2016-05-11 00:13 - 2011-10-01 11:57 - 00000000 ____D C:\Users\General\AppData\Roaming\SoftGrid Client 2016-05-10 22:45 - 2011-10-02 09:53 - 00000376 _____ C:\Users\General\AppData\Roamingprivacy.xml 2016-05-10 22:45 - 2011-07-27 11:47 - 00045056 _____ C:\Windows\system32\acovcnt.exe 2016-05-08 18:14 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\system32\NDF 2016-05-08 17:19 - 2014-04-24 14:26 - 00000000 ____D C:\ProgramData\CanonIJPLM 2016-05-08 12:19 - 2011-10-01 13:12 - 00000000 ____D C:\ProgramData\Babylon 2016-05-08 12:15 - 2011-10-02 10:52 - 00000000 ____D C:\Windows\pss 2016-05-06 18:31 - 2011-09-23 18:51 - 00000000 ___HD C:\ASUS.DAT 2016-05-01 17:30 - 2011-10-01 13:12 - 00000000 ____D C:\Users\General\AppData\Roaming\Babylon 2016-04-23 17:17 - 2014-11-02 12:33 - 00192216 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys 2016-04-23 14:10 - 2011-10-02 15:30 - 00000000 ____D C:\Users\General\AppData\Roaming\uTorrent 2016-04-18 22:32 - 2016-03-20 17:50 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox 2016-04-14 01:23 - 2011-10-01 13:30 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DU Meter 2016-04-14 01:21 - 2016-04-13 22:51 - 00007626 _____ C:\Users\General\AppData\Local\Resmon.ResmonCfg ==================== Fichiers à la racine de certains dossiers ======= 2014-12-09 19:13 - 2014-12-09 19:13 - 0000162 ____H () C:\Program Files (x86)\~$nversation.docx 2011-10-01 15:16 - 2011-10-01 15:17 - 0000297 _____ () C:\Users\General\AppData\Roaming\Network Meter_Settings.ini 2011-11-22 23:41 - 2012-01-10 01:40 - 0005120 _____ () C:\Users\General\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini 2013-03-09 15:37 - 2013-03-09 15:37 - 0017408 _____ () C:\Users\General\AppData\Local\lniobbe.dll 2016-04-13 22:51 - 2016-04-14 01:21 - 0007626 _____ () C:\Users\General\AppData\Local\Resmon.ResmonCfg 2011-10-01 18:55 - 2011-10-01 18:55 - 0210237 _____ () C:\ProgramData\1317487874.bdinstall.bin 2011-04-13 04:48 - 2010-07-07 01:10 - 0131472 _____ () C:\ProgramData\FullRemove.exe 2014-06-30 21:56 - 2014-07-03 22:21 - 0000003 _____ () C:\ProgramData\Red Crucible Update Settings.bin 2011-07-27 11:51 - 2011-07-27 11:52 - 0000105 _____ () C:\ProgramData\{40BF1E83-20EB-11D8-97C5-0009C5020658}.log 2011-07-27 11:51 - 2011-07-27 11:51 - 0000107 _____ () C:\ProgramData\{C59C179C-668D-49A9-B6EA-0121CCFC1243}.log Fichiers à déplacer ou supprimer: ==================== C:\Users\General\7915990.exe ==================== Bamital & volsnap ================= (Il n'y a pas de correction automatique pour les fichiers qui ne satisfont pas à la vérification.) C:\Windows\system32\winlogon.exe => Le fichier est signé numériquement C:\Windows\system32\wininit.exe => Le fichier est signé numériquement C:\Windows\SysWOW64\wininit.exe => Le fichier est signé numériquement C:\Windows\explorer.exe => Le fichier est signé numériquement C:\Windows\SysWOW64\explorer.exe => Le fichier est signé numériquement C:\Windows\system32\svchost.exe => Le fichier est signé numériquement C:\Windows\SysWOW64\svchost.exe => Le fichier est signé numériquement C:\Windows\system32\services.exe => Le fichier est signé numériquement C:\Windows\system32\User32.dll => Le fichier est signé numériquement C:\Windows\SysWOW64\User32.dll => Le fichier est signé numériquement C:\Windows\system32\userinit.exe => Le fichier est signé numériquement C:\Windows\SysWOW64\userinit.exe => Le fichier est signé numériquement C:\Windows\system32\rpcss.dll => Le fichier est signé numériquement C:\Windows\system32\dnsapi.dll => Le fichier est signé numériquement C:\Windows\SysWOW64\dnsapi.dll => Le fichier est signé numériquement C:\Windows\system32\Drivers\volsnap.sys => Le fichier est signé numériquement LastRegBack: 2016-04-23 18:15 ==================== Fin de FRST.txt ============================