cjoint

Publicité


Publicité

Format du document : text/plain

Prévisualisation

Résultats d'analyse de Farbar Recovery Scan Tool (FRST) (x64) Version: 15-03-2017
Exécuté par Léa (administrateur) sur MAMAN (16-03-2017 19:00:21)
Exécuté depuis C:\Users\Léa\Desktop
Profils chargés: Léa (Profils disponibles: Léa)
Platform: Windows 7 Home Premium Service Pack 1 (X64) Langue: Français (France)
Internet Explorer Version 11 (Navigateur par défaut: FF)
Mode d'amorçage: Normal
Tutoriel pour Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processus (Avec liste blanche) =================

(Si un élément est inclus dans le fichier fixlist.txt, le processus sera arrêté. Le fichier ne sera pas déplacé.)

(AMD) C:\Windows\System32\atiesrxx.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\stacsv64.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(Advanced Micro Devices, Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\VPN\Avira.VpnService.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\sttray64.exe
(BitTorrent Inc.) C:\Users\Léa\AppData\Roaming\uTorrent\uTorrent.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(BitTorrent Inc.) C:\Users\Léa\AppData\Roaming\uTorrent\updates\3.4.9_43295\utorrentie.exe
(BitTorrent Inc.) C:\Users\Léa\AppData\Roaming\uTorrent\updates\3.4.9_43295\utorrentie.exe
(EasyBits Software AS) C:\Windows\SysWOW64\ezSharedSvcHost.exe
(WildTangent, Inc.) C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe
(Hewlett-Packard Company) C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe
(CyberLink) C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP QuickWeb\hpqwutils.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe
(Realsil Microelectronics Inc.) C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
(Microsoft Corporation) C:\Windows\SysWOW64\perfhost.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
(Microsoft Corporation) C:\Program Files\Windows Live\Mesh\wlcrasvc.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
(Nuance Communications, Inc.) C:\Program Files (x86)\ScanSoft\PaperPort\pptd40nt.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe
(Spotify Ltd) C:\Users\Léa\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.Systray.exe
(HP Inc.) C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe
(Microsoft Corporation) C:\Windows\SysWOW64\schtasks.exe
(Avira Operations GmbH & Co. KG ) C:\ProgramData\Avira\SystemSpeedup\Update\avira_speedup_setup_update.exe
() C:\Windows\Temp\is-VTGKI.tmp\avira_speedup_setup_update.tmp
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\System Speedup\Avira.SystemSpeedup.SpeedupService.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe

==================== Registre (Avec liste blanche) ====================

(Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé. Le fichier ne sera pas déplacé.)

HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2799912 2011-06-10] (Synaptics Incorporated)
HKLM\...\Run: [SysTrayApp] => C:\Program Files\IDT\WDM\sttray64.exe [1128448 2011-05-27] (IDT, Inc.)
HKLM\...\Run: [SetDefault] => C:\Program Files\Hewlett-Packard\HP LaunchBox\SetDefault.exe [43320 2011-09-30] (Hewlett-Packard Development Company, L.P.)
HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [704512 2015-03-19] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [Avira SystrayStartTrigger] => C:\Program Files (x86)\Avira\Launcher\Avira.SystrayStartTrigger.exe [61896 2016-12-29] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [Avira System Speedup User Starter] => C:\Program Files (x86)\Avira\System Speedup\Avira.SystemSpeedup.Core.Common.Starter.exe [64648 2017-03-14] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [587288 2016-12-12] (Oracle Corporation)
HKLM\...\Policies\Explorer: [EnableShellExecuteHooks] 1
HKU\S-1-5-21-2750912237-3753086291-2337184347-1002\...\Run: [uTorrent] => C:\Users\Léa\AppData\Roaming\uTorrent\uTorrent.exe [2143936 2017-02-04] (BitTorrent Inc.)
HKU\S-1-5-18\...\Run: [SpybotPostWindows10UpgradeReInstall] => C:\Program Files\Common Files\AV\Spybot - Search and Destroy\Test.exe [1011200 2015-07-28] (Safer-Networking Ltd.)
HKU\S-1-5-18\...\Run: [uTorrent] => C:\Users\Léa\AppData\Roaming\uTorrent\uTorrent.exe [2143936 2017-02-04] (BitTorrent Inc.)
HKU\S-1-5-18\...\RunOnce: [SpUninstallDeleteDir] => rmdir /s /q "\SearchProtect"
ShellExecuteHooks-x32: EasyBits ShellExecute Hook - {E54729E8-BB3D-4270-9D49-7389EA579090} - C:\Windows\SysWOW64\ezUPBHook.dll [52920 2011-10-14] (EasyBits Software Corp.)
Startup: C:\Users\Léa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\zSpeedup.lnk [2017-03-16]
ShortcutTarget: zSpeedup.lnk -> C:\Program Files (x86)\Avira\System Speedup\Avira.SystemSpeedup.Core.Common.Starter.exe (Avira Operations GmbH & Co. KG)
BootExecute: autocheck autochk * sdnclean64.exe
CHR HKLM\SOFTWARE\Policies\Google: Restriction <======= ATTENTION

==================== Internet (Avec liste blanche) ====================

(Si un élément est inclus dans le fichier fixlist.txt, s'il s'agit d'un élément du Registre, il sera supprimé ou restauré à la valeur par défaut.)

Hosts: Il y a plus d'un élément dans hosts. Voir la section Hosts de Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.1.254
Tcpip\..\Interfaces\{50E2999E-F885-4178-B6BC-260CC5A3DBB7}: [DhcpNameServer] 192.168.1.254
Tcpip\..\Interfaces\{5EB393B1-FAAB-44F2-96F6-564F43473571}: [DhcpNameServer] 40.21.1.201 40.21.1.202

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com
HKU\S-1-5-21-2750912237-3753086291-2337184347-1002\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=HPNTDF&pc=HPNTDF&src=IE-SearchBox
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=HPNTDF&pc=HPNTDF&src=IE-SearchBox
SearchScopes: HKLM -> {d43b3890-80c7-4010-a95d-1e77b5924dc3} URL = hxxp://fr.wikipedia.org/wiki/Special:Search?search={searchTerms}
SearchScopes: HKLM -> {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = hxxp://rover.ebay.com/rover/1/709-111075-12437-3/4?mpre=hxxp://www.ebay.fr/sch/i.html?_nkw={searchTerms}
SearchScopes: HKLM -> {FB36B2D3-D2B2-4EAC-9CE2-D3B15D6EEEFC} URL = hxxp://www.amazon.fr/s/ref=azs_osd_ieafr?ie=UTF-8&tag=hp-fr2-vsb-21&link%5Fcode=qs&index=aps&field-keywords={searchTerms}
SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=HPNTDF&pc=HPNTDF&src=IE-SearchBox
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=HPNTDF&pc=HPNTDF&src=IE-SearchBox
SearchScopes: HKLM-x32 -> {d43b3890-80c7-4010-a95d-1e77b5924dc3} URL = hxxp://fr.wikipedia.org/wiki/Special:Search?search={searchTerms}
SearchScopes: HKLM-x32 -> {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = hxxp://rover.ebay.com/rover/1/709-111075-12437-3/4?mpre=hxxp://www.ebay.fr/sch/i.html?_nkw={searchTerms}
SearchScopes: HKLM-x32 -> {FB36B2D3-D2B2-4EAC-9CE2-D3B15D6EEEFC} URL = hxxp://www.amazon.fr/s/ref=azs_osd_ieafr?ie=UTF-8&tag=hp-fr2-vsb-21&link%5Fcode=qs&index=aps&field-keywords={searchTerms}
SearchScopes: HKU\S-1-5-21-2750912237-3753086291-2337184347-1002 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=HPNTDF&pc=HPNTDF&src=IE-SearchBox
SearchScopes: HKU\S-1-5-21-2750912237-3753086291-2337184347-1002 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=HPNTDF&pc=HPNTDF&src=IE-SearchBox
SearchScopes: HKU\S-1-5-21-2750912237-3753086291-2337184347-1002 -> {483830EE-A4CD-4b71-B0A3-3D82E62A6909} URL =
SearchScopes: HKU\S-1-5-21-2750912237-3753086291-2337184347-1002 -> {d43b3890-80c7-4010-a95d-1e77b5924dc3} URL = hxxp://fr.wikipedia.org/wiki/Special:Search?search={searchTerms}
SearchScopes: HKU\S-1-5-21-2750912237-3753086291-2337184347-1002 -> {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = hxxp://rover.ebay.com/rover/1/709-111075-12437-3/4?mpre=hxxp://www.ebay.fr/sch/i.html?_nkw={searchTerms}
SearchScopes: HKU\S-1-5-21-2750912237-3753086291-2337184347-1002 -> {FB36B2D3-D2B2-4EAC-9CE2-D3B15D6EEEFC} URL = hxxp://www.amazon.fr/s/ref=azs_osd_ieafr?ie=UTF-8&tag=hp-fr2-vsb-21&link%5Fcode=qs&index=aps&field-keywords={searchTerms}
BHO: SteadyVideoBHO Class -> {6C680BAE-655C-4E3D-8FC4-E6A520C3D928} -> C:\Program Files\AMD\SteadyVideo\SteadyVideo.dll [2011-06-07] (Advanced Micro Devices)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28] (Microsoft Corp.)
BHO: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll [2016-12-06] (HP Inc.)
BHO-x32: SteadyVideoBHO Class -> {6C680BAE-655C-4E3D-8FC4-E6A520C3D928} -> C:\Program Files (x86)\amd\SteadyVideo\SteadyVideo.dll [2011-06-07] (Advanced Micro Devices)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_121\bin\ssv.dll [2017-01-26] (Oracle Corporation)
BHO-x32: Programme d'aide de l'Assistant de connexion Windows Live ID -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28] (Microsoft Corp.)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_121\bin\jp2ssv.dll [2017-01-26] (Oracle Corporation)
BHO-x32: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll [2016-12-06] (HP Inc.)
Toolbar: HKU\S-1-5-21-2750912237-3753086291-2337184347-1002 -> Pas de nom - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - Pas de fichier
Filter: video/mp4 - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files\AMD\SteadyVideo\VideoMIMEFilter.dll [2011-06-07] (Advanced Micro Devices)
Filter-x32: video/mp4 - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files (x86)\amd\SteadyVideo\VideoMIMEFilter.dll [2011-06-07] (Advanced Micro Devices)
Filter: video/x-flv - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files\AMD\SteadyVideo\VideoMIMEFilter.dll [2011-06-07] (Advanced Micro Devices)
Filter-x32: video/x-flv - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files (x86)\amd\SteadyVideo\VideoMIMEFilter.dll [2011-06-07] (Advanced Micro Devices)
StartMenuInternet: IEXPLORE.EXE - iexplore.exe

FireFox:
========
FF ProfilePath: C:\Users\Léa\AppData\Roaming\Mozilla\Firefox\Profiles\1sc1l515.default-1489674838579 [2017-03-16]
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_25_0_0_127.dll [2017-03-15] ()
FF Plugin: @java.com/DTPlugin,version=10.21.2 -> C:\Windows\system32\npDeployJava1.dll [2015-02-27] (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE -> disabled [Pas de fichier]
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.50901.0\npctrl.dll [2016-08-31] ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_25_0_0_127.dll [2017-03-15] ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\system32\Adobe\Director\np32dsw.dll [Pas de fichier]
FF Plugin-x32: @java.com/DTPlugin,version=11.121.2 -> C:\Program Files (x86)\Java\jre1.8.0_121\bin\dtplugin\npDeployJava1.dll [2017-01-26] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.121.2 -> C:\Program Files (x86)\Java\jre1.8.0_121\bin\plugin2\npjp2.dll [2017-01-26] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [Pas de fichier]
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.50901.0\npctrl.dll [2016-08-31] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-03-08] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3538.0513 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-03-08] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3555.0308 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-03-08] (Microsoft Corporation)
FF Plugin-x32: @videolan.org/vlc,version=2.0.7 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.4 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll [2016-05-23] ()
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2017-02-17] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-2750912237-3753086291-2337184347-1002: @tools.google.com/Google Update;version=3 -> C:\Users\Léa\AppData\Local\Google\Update\1.3.22.3\npGoogleUpdate3.dll [2017-02-20] (Google Inc.)
FF Plugin HKU\S-1-5-21-2750912237-3753086291-2337184347-1002: @tools.google.com/Google Update;version=9 -> C:\Users\Léa\AppData\Local\Google\Update\1.3.22.3\npGoogleUpdate3.dll [2017-02-20] (Google Inc.)

Chrome:
=======
CHR Profile: C:\Users\Léa\AppData\Local\Google\Chrome\User Data\Default [2017-02-22]
CHR Extension: (Docs) - C:\Users\Léa\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2016-08-04]
CHR Extension: (Google Drive) - C:\Users\Léa\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-08-04]
CHR Extension: (YouTube) - C:\Users\Léa\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-08-04]
CHR Extension: (Gmail) - C:\Users\Léa\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-08-04]
CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx

==================== Services (Avec liste blanche) ====================

(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)

R2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [361984 2011-09-28] (Advanced Micro Devices, Inc.) [Fichier non signé]
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [432888 2015-03-19] (Avira Operations GmbH & Co. KG)
S2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [432888 2015-03-19] (Avira Operations GmbH & Co. KG)
S4 AntiVirWebService; C:\Program Files (x86)\Avira\AntiVir Desktop\AVWEBGRD.EXE [992504 2015-03-19] (Avira Operations GmbH & Co. KG)
R2 Avira.ServiceHost; C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe [372272 2016-12-29] (Avira Operations GmbH & Co. KG)
R2 AviraPhantomVPN; C:\Program Files (x86)\Avira\VPN\Avira.VpnService.exe [310152 2017-02-10] (Avira Operations GmbH & Co. KG)
R2 ezSharedSvc; C:\Windows\SysWOW64\ezSharedSvcHost.exe [514232 2010-04-23] (EasyBits Software AS) [Fichier non signé]
S2 hpqcaslwmiex; C:\Program Files (x86)\HP\Shared\hpqwmiex.exe [1031704 2016-06-03] (HP)
U2 HPSupportSolutionsFrameworkService; C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe [31776 2016-12-07] (HP Inc.)
R2 IconMan_R; C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe [2413056 2011-06-29] (Realsil Microelectronics Inc.) [Fichier non signé]
R2 SpeedupService; C:\Program Files (x86)\Avira\System Speedup\Avira.SystemSpeedup.SpeedupService.exe [74800 2017-03-14] (Avira Operations GmbH & Co. KG)
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)

===================== Pilotes (Avec liste blanche) ======================

(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)

R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [128536 2015-03-10] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [132120 2015-03-10] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2013-11-28] (Avira Operations GmbH & Co. KG)
S3 BlueletAudio; system32\DRIVERS\blueletaudio.sys [X]
S3 BlueletSCOAudio; system32\DRIVERS\BlueletSCOAudio.sys [X]
S3 BT; system32\DRIVERS\btnetdrv.sys [X]
S3 Btcsrusb; System32\Drivers\btcusb.sys [X]
S0 BTHidEnum; System32\Drivers\vbtenum.sys [X]
S0 BTHidMgr; System32\Drivers\BTHidMgr.sys [X]
S3 catchme; \??\C:\Users\LAB9CF~1\AppData\Local\Temp\catchme.sys [X] <==== ATTENTION
S3 VComm; system32\DRIVERS\VComm.sys [X]
S3 VcommMgr; System32\Drivers\VcommMgr.sys [X]

==================== NetSvcs (Avec liste blanche) ===================

(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)


==================== Un mois - Créés - fichiers et dossiers ========

(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)

2017-03-16 19:00 - 2017-03-16 19:01 - 00021052 _____ C:\Users\Léa\Desktop\FRST.txt
2017-03-16 19:00 - 2017-03-16 19:00 - 00000000 ____D C:\FRST
2017-03-16 18:58 - 2017-03-16 18:58 - 02424832 _____ (Farbar) C:\Users\Léa\Desktop\FRST64.exe
2017-03-16 17:36 - 2017-03-16 17:36 - 00000000 ____D C:\Users\Public\Speedup Sessions
2017-03-16 17:15 - 2017-03-16 17:15 - 00000000 ____D C:\Users\Léa\AppData\LocalLow\uTorrent
2017-03-16 16:31 - 2017-03-16 16:31 - 00001853 _____ C:\Users\Public\Desktop\ZHPFix.lnk
2017-03-16 16:31 - 2017-03-16 16:31 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ZHP
2017-03-16 16:31 - 2017-03-16 16:31 - 00000000 ____D C:\Program Files (x86)\ZHPFix
2017-03-16 16:24 - 2017-03-16 16:24 - 03521617 _____ (Nicolas Coolman ) C:\Users\Léa\Downloads\zhpfix_2015.10.19.9.exe
2017-03-16 15:34 - 2017-03-16 15:34 - 00000000 ____D C:\Users\Léa\Desktop\Anciennes données de Firefox
2017-03-16 15:31 - 2017-03-16 15:31 - 04502242 _____ C:\Users\Léa\Desktop\Sans titre 1.bmp
2017-03-16 15:30 - 2017-03-16 15:30 - 00044566 _____ C:\Users\Léa\Desktop\bookmarks-2017-03-16.json
2017-03-16 12:08 - 2017-03-16 14:24 - 00000815 _____ C:\Users\Léa\Desktop\ZHPDiag.lnk
2017-03-16 12:07 - 2017-03-16 12:07 - 02709504 _____ C:\Users\Léa\Downloads\ZHPDiag3.exe
2017-03-15 23:07 - 2017-03-15 23:27 - 525264888 _____ C:\Users\Léa\Downloads\Black.Sails.S04E07.VOSTFR.WEB-DL.XviD-T9.www.torrent9.biz.avi
2017-03-13 21:31 - 2017-03-13 21:31 - 00000000 __SHD C:\Users\Léa\AppData\LocalLow\EmieUserList
2017-03-13 21:31 - 2017-03-13 21:31 - 00000000 __SHD C:\Users\Léa\AppData\LocalLow\EmieSiteList
2017-03-13 21:31 - 2017-03-13 21:31 - 00000000 __SHD C:\Users\Léa\AppData\LocalLow\EmieBrowserModeList
2017-03-13 21:31 - 2017-03-13 21:31 - 00000000 __SHD C:\Users\Léa\AppData\Local\EmieUserList
2017-03-13 21:31 - 2017-03-13 21:31 - 00000000 __SHD C:\Users\Léa\AppData\Local\EmieSiteList
2017-03-13 21:31 - 2017-03-13 21:31 - 00000000 __SHD C:\Users\Léa\AppData\Local\EmieBrowserModeList
2017-03-13 20:47 - 2017-03-13 21:37 - 576275680 _____ C:\Users\Léa\Downloads\Black.Sails.S04E06.VOSTFR.HDTV.XviD-T9.avi
2017-03-09 21:48 - 2017-03-09 21:48 - 00000000 ____D C:\Users\Léa\Downloads\ccsetup527
2017-03-09 21:46 - 2017-03-09 21:47 - 08076319 _____ C:\Users\Léa\Downloads\ccsetup527.zip
2017-03-09 21:45 - 2017-03-10 15:28 - 00002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2017-03-09 21:45 - 2017-03-09 21:45 - 00002047 _____ C:\Users\Public\Desktop\Acrobat Reader DC.lnk
2017-03-09 20:50 - 2017-03-09 20:51 - 04031440 _____ C:\Users\Léa\Downloads\adwcleaner_6.044.exe
2017-03-08 15:30 - 2017-03-08 15:30 - 00209151 _____ C:\Users\Léa\Downloads\diagnose-des-categories.pdf
2017-03-06 17:13 - 2017-03-06 17:13 - 00000000 ____D C:\Users\Léa\Downloads\Black Sails S04E05 VOSTFR WEB-DL XviD-T9
2017-03-06 17:10 - 2017-03-06 17:10 - 00000000 ____D C:\Users\Léa\Downloads\The 100 S04E05 FASTSUB VOSTFR HDTV XviD-T9
2017-03-04 23:52 - 2017-03-04 23:52 - 00031135 _____ C:\Users\Léa\Downloads\vampire-diaries-s08e15-vostfr-hdtv.torrent
2017-03-01 22:14 - 2017-03-01 22:14 - 00000000 ____D C:\Users\Léa\Downloads\Arrow_5x06_HDTV.LOL+DiMENSiON.fr
2017-03-01 22:13 - 2017-03-01 22:13 - 00024976 _____ C:\Users\Léa\Downloads\Arrow_5x06_HDTV.LOL+DiMENSiON.fr.zip
2017-03-01 21:00 - 2017-03-01 21:42 - 798504705 _____ C:\Users\Léa\Downloads\Arrow.S05E09.720p.HDTV.X264-DIMENSION[eztv].mkv
2017-03-01 21:00 - 2017-03-01 21:37 - 839786459 _____ C:\Users\Léa\Downloads\Arrow.S05E10.720p.HDTV.X264-DIMENSION[eztv].mkv
2017-03-01 20:59 - 2017-03-01 21:41 - 1074011455 _____ C:\Users\Léa\Downloads\Arrow.S05E08.720p.HDTV.X264-DIMENSION[eztv].mkv
2017-03-01 20:57 - 2017-03-01 20:57 - 00066145 _____ C:\Users\Léa\Downloads\Arrow - 05x09 - What We Leave Behind.DIMENSION.French.HI.C.updated.Addic7ed.com.srt
2017-03-01 20:57 - 2017-03-01 20:57 - 00062032 _____ C:\Users\Léa\Downloads\Arrow - 05x10 - Who Are You_.DIMENSION.French.orig.Addic7ed.com.srt
2017-03-01 20:55 - 2017-03-01 20:55 - 00061292 _____ C:\Users\Léa\Downloads\Arrow - 05x08 - Invasion!.DIMENSION.French.orig.Addic7ed.com.srt
2017-02-26 10:07 - 2017-02-26 10:07 - 00000822 _____ C:\Users\Public\Desktop\CCleaner.lnk
2017-02-26 10:07 - 2017-02-26 10:07 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2017-02-26 10:06 - 2017-02-26 10:07 - 00000000 ____D C:\Program Files\CCleaner
2017-02-26 10:06 - 2017-02-26 10:06 - 00001724 _____ C:\Users\Public\Desktop\Defraggler.lnk
2017-02-26 10:06 - 2017-02-26 10:06 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Defraggler
2017-02-26 10:06 - 2017-02-26 10:06 - 00000000 ____D C:\Program Files\Defraggler
2017-02-26 10:04 - 2017-02-26 10:04 - 04619752 _____ (Piriform Ltd) C:\Users\Léa\Downloads\dfsetup221.exe
2017-02-26 01:29 - 2017-02-26 01:29 - 09261616 _____ (Piriform Ltd) C:\Users\Léa\Downloads\ccsetup527(2).exe
2017-02-26 01:07 - 2017-02-26 01:13 - 00106284 _____ C:\Users\Léa\Desktop\ZHPCleaner.txt
2017-02-26 00:50 - 2017-03-16 17:28 - 00000000 ____D C:\Users\Léa\AppData\Roaming\ZHP
2017-02-26 00:25 - 2017-02-26 00:25 - 02744320 _____ C:\Users\Léa\Desktop\ZHPCleaner.exe
2017-02-22 21:15 - 2017-02-22 21:15 - 01201256 _____ (Adobe Systems Incorporated) C:\Users\Léa\Downloads\flashplayer24_xa_install.exe
2017-02-21 01:13 - 2017-02-21 01:14 - 00000000 ____D C:\cc724fcda693903ce3660edf99
2017-02-20 22:00 - 2017-03-16 18:05 - 00001070 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2750912237-3753086291-2337184347-1002UA.job
2017-02-20 22:00 - 2017-03-16 00:29 - 00001018 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2750912237-3753086291-2337184347-1002Core.job
2017-02-20 22:00 - 2017-02-20 22:00 - 00004036 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2750912237-3753086291-2337184347-1002UA
2017-02-20 22:00 - 2017-02-20 22:00 - 00003640 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2750912237-3753086291-2337184347-1002Core
2017-02-20 22:00 - 2017-02-20 22:00 - 00000000 ____D C:\Users\Léa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Photos Backup
2017-02-18 20:40 - 2017-03-14 19:15 - 00000000 ____D C:\Users\Léa\Desktop\Nouveau dossier

==================== Un mois - Modifiés - fichiers et dossiers ========

(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)

2017-03-16 18:57 - 2012-09-12 21:51 - 00000000 ____D C:\Users\Léa\AppData\Roaming\uTorrent
2017-03-16 18:53 - 2009-07-14 05:45 - 00032064 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2017-03-16 18:53 - 2009-07-14 05:45 - 00032064 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2017-03-16 18:16 - 2012-09-12 21:49 - 00001002 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2017-03-16 17:41 - 2016-11-18 20:38 - 00000000 ____D C:\Users\Léa\AppData\LocalLow\Mozilla
2017-03-16 17:15 - 2009-07-14 06:09 - 00000000 ____D C:\Windows\System32\Tasks\WPD
2017-03-16 17:15 - 2009-07-14 06:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2017-03-16 16:25 - 2011-10-15 06:25 - 00748346 _____ C:\Windows\system32\perfh00C.dat
2017-03-16 16:25 - 2011-10-15 06:25 - 00150580 _____ C:\Windows\system32\perfc00C.dat
2017-03-16 16:25 - 2009-07-14 06:13 - 01671200 _____ C:\Windows\system32\PerfStringBackup.INI
2017-03-16 16:25 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\inf
2017-03-16 15:01 - 2012-09-12 20:19 - 00000000 ____D C:\Users\Léa\AppData\Local\CrashDumps
2017-03-16 00:12 - 2012-09-12 22:46 - 00000000 ____D C:\Users\Léa\AppData\Roaming\vlc
2017-03-15 14:56 - 2013-12-04 20:45 - 00000000 ____D C:\AdwCleaner
2017-03-15 09:16 - 2012-09-12 21:49 - 00802904 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2017-03-15 09:16 - 2012-09-12 21:49 - 00000000 ____D C:\Windows\system32\Macromed
2017-03-15 09:16 - 2011-10-14 21:12 - 00144472 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2017-03-15 09:16 - 2011-10-14 21:12 - 00000000 ____D C:\Windows\SysWOW64\Macromed
2017-03-15 08:56 - 2016-11-17 22:41 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2017-03-15 08:56 - 2012-04-21 20:05 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2017-03-11 20:15 - 2016-11-23 00:03 - 00000000 ____D C:\Program Files (x86)\Mozilla Thunderbird
2017-03-10 19:38 - 2017-01-01 21:02 - 00000000 ____D C:\Users\Léa\Desktop\Photos importées
2017-03-10 15:26 - 2012-09-12 20:19 - 00000000 ____D C:\Users\Léa\AppData\Roaming\Adobe
2017-03-10 15:24 - 2012-10-01 18:35 - 00000000 ____D C:\Users\Léa\AppData\Local\Adobe
2017-03-09 21:45 - 2011-10-14 21:30 - 00000000 ____D C:\ProgramData\Adobe
2017-03-09 21:45 - 2011-10-14 21:30 - 00000000 ____D C:\Program Files (x86)\Adobe
2017-03-08 15:34 - 2009-07-14 06:32 - 00000000 ____D C:\Windows\system32\FxsTmp
2017-03-08 15:28 - 2017-01-12 15:12 - 00000000 ____D C:\Users\Léa\Documents\Fax
2017-03-08 15:28 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\ModemLogs
2017-03-07 10:18 - 2013-10-24 20:49 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2017-03-07 10:18 - 2013-10-24 20:49 - 00000000 ____D C:\Program Files (x86)\Avira
2017-03-07 09:54 - 2009-07-14 06:08 - 00032496 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2017-03-06 08:23 - 2016-12-22 21:17 - 00000324 _____ C:\Windows\Tasks\HPCeeScheduleForLéa.job
2017-03-01 08:53 - 2017-01-19 11:47 - 00001040 _____ C:\Users\Public\Desktop\Avira Phantom VPN.lnk
2017-02-28 23:25 - 2013-06-03 21:29 - 00000000 ____D C:\Users\Léa\AppData\Roaming\SoftGrid Client
2017-02-24 00:01 - 2013-08-15 13:19 - 00000000 ____D C:\Windows\system32\MRT
2017-02-24 00:01 - 2012-11-06 17:30 - 138020592 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2017-02-23 23:31 - 2016-08-04 16:59 - 00004476 _____ C:\Windows\System32\Tasks\Adobe Acrobat Update Task
2017-02-23 20:30 - 2016-12-22 21:17 - 00003174 _____ C:\Windows\System32\Tasks\HPCeeScheduleForLéa
2017-02-22 19:57 - 2012-09-12 21:49 - 00003940 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2017-02-21 09:37 - 2012-03-24 00:23 - 01646268 _____ C:\Windows\SysWOW64\PerfStringBackup.INI
2017-02-19 11:05 - 2012-09-12 19:55 - 00000000 ____D C:\Users\Léa\AppData\Roaming\hpqlog
2017-02-18 16:16 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\rescache
2017-02-18 16:11 - 2016-10-09 20:16 - 00000000 ____D C:\Users\Léa\AppData\Local\ElevatedDiagnostics

==================== Fichiers à la racine de certains dossiers =======

2014-09-28 18:27 - 2014-09-28 18:27 - 0000696 _____ () C:\Users\Léa\AppData\Roaming\mbam.context.scan
2016-12-26 01:03 - 2016-12-26 01:03 - 0109852 _____ () C:\Users\Léa\AppData\Local\ars.cache
2016-12-26 01:03 - 2016-12-26 01:03 - 0315030 _____ () C:\Users\Léa\AppData\Local\census.cache
2016-12-25 20:52 - 2016-12-25 20:52 - 0000036 _____ () C:\Users\Léa\AppData\Local\housecall.guid.cache

Certains fichiers dans TEMP:
====================
2014-03-01 21:30 - 2017-01-18 10:18 - 0000000 ____D () C:\Users\Léa\AppData\Local\Temp\avgnt.exe

==================== Bamital & volsnap ======================

(Il n'y a pas de correction automatique pour les fichiers qui ne satisfont pas à la vérification.)

C:\Windows\system32\winlogon.exe => Le fichier est signé numériquement
C:\Windows\system32\wininit.exe => Le fichier est signé numériquement
C:\Windows\SysWOW64\wininit.exe => Le fichier est signé numériquement
C:\Windows\explorer.exe => Le fichier est signé numériquement
C:\Windows\SysWOW64\explorer.exe => Le fichier est signé numériquement
C:\Windows\system32\svchost.exe => Le fichier est signé numériquement
C:\Windows\SysWOW64\svchost.exe => Le fichier est signé numériquement
C:\Windows\system32\services.exe => Le fichier est signé numériquement
C:\Windows\system32\User32.dll => Le fichier est signé numériquement
C:\Windows\SysWOW64\User32.dll => Le fichier est signé numériquement
C:\Windows\system32\userinit.exe => Le fichier est signé numériquement
C:\Windows\SysWOW64\userinit.exe => Le fichier est signé numériquement
C:\Windows\system32\rpcss.dll => Le fichier est signé numériquement
C:\Windows\system32\dnsapi.dll => Le fichier est signé numériquement
C:\Windows\SysWOW64\dnsapi.dll => Le fichier est signé numériquement
C:\Windows\system32\Drivers\volsnap.sys => Le fichier est signé numériquement

LastRegBack: 2017-03-15 09:51

==================== Fin de FRST.txt ============================

Publicité


Signaler le contenu de ce document

Publicité