cjoint

Publicité


Publicité

Format du document : text/plain

Prévisualisation

Résultats d'analyse de Farbar Recovery Scan Tool (FRST) (x64) Version: 27.01.2018
Exécuté par Xavier (administrateur) sur XAVIER-PC (27-01-2018 20:18:09)
Exécuté depuis C:\Users\Xavier\Desktop
Profils chargés: Xavier (Profils disponibles: Xavier)
Platform: Windows 7 Ultimate Service Pack 1 (X64) Langue: Français (France)
Internet Explorer Version 11 (Navigateur par défaut: Opera)
Mode d'amorçage: Normal
Tutoriel pour Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processus (Avec liste blanche) =================

(Si un élément est inclus dans le fichier fixlist.txt, le processus sera arrêté. Le fichier ne sera pas déplacé.)

(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\sched.exe
(Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avguard.exe
() C:\Program Files (x86)\ASUS\AXSP\1.02.00\atkexComSvc.exe
(Nero AG) C:\Program Files (x86)\HTC\HTC Sync Manager\HSMServiceEntry.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe
(Microsoft Corporation) C:\Program Files\Microsoft Xbox 360 Accessories\XBoxStat.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
() C:\Program Files (x86)\HTC\HTC Sync Manager\HTC Sync\adb.exe
(Discord Inc.) C:\Users\Xavier\AppData\Local\Discord\app-0.0.300\Discord.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvContainer\nvcontainer.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvContainer\nvcontainer.exe
(Hewlett-Packard Co.) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
(Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuSchd.exe
(Discord Inc.) C:\Users\Xavier\AppData\Local\Discord\app-0.0.300\Discord.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\ShadowPlay\nvsphelper64.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avgnt.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avshadow.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
() C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.Systray.exe
(HP Inc.) C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Discord Inc.) C:\Users\Xavier\AppData\Local\Discord\app-0.0.300\Discord.exe
(Opera Software) C:\Program Files\Opera\50.0.2762.67\opera.exe
(Opera Software) C:\Program Files\Opera\50.0.2762.67\opera_crashreporter.exe
(Opera Software) C:\Program Files\Opera\50.0.2762.67\opera.exe
(Opera Software) C:\Program Files\Opera\50.0.2762.67\opera.exe
(Opera Software) C:\Program Files\Opera\50.0.2762.67\opera.exe
(Opera Software) C:\Program Files\Opera\50.0.2762.67\opera.exe
(Opera Software) C:\Program Files\Opera\50.0.2762.67\opera.exe
(Opera Software) C:\Program Files\Opera\50.0.2762.67\opera.exe
(Opera Software) C:\Program Files\Opera\50.0.2762.67\opera.exe
(Opera Software) C:\Program Files\Opera\50.0.2762.67\opera.exe
(Opera Software) C:\Program Files\Opera\50.0.2762.67\opera.exe
(Opera Software) C:\Program Files\Opera\50.0.2762.67\opera.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe

==================== Registre (Avec liste blanche) ===========================

(Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé. Le fichier ne sera pas déplacé.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [8447192 2015-01-28] (Realtek Semiconductor)
HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [287592 2014-05-28] (Intel Corporation)
HKLM\...\Run: [DolbyHid] => C:\Program Files\Plantronics\RIG Surround\DolbyHid\PLT_RIG_DolbyHID64.exe
HKLM\...\Run: [XboxStat] => C:\Program Files\Microsoft Xbox 360 Accessories\XboxStat.exe [825184 2009-09-30] (Microsoft Corporation)
HKLM-x32\...\Run: [USB3MON] => C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [293872 2014-08-25] (Intel Corporation)
HKLM-x32\...\Run: [DXDllRegExe] => dxdllreg.exe
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\HP\HP Software Update\HPWuSchd.exe [49152 2003-08-04] (Hewlett-Packard)
HKLM-x32\...\Run: [HP Component Manager] => C:\Program Files (x86)\HP\hpcoretech\hpcmpmgr.exe [241664 2003-12-22] (Hewlett-Packard Company)
HKLM-x32\...\Run: [Avira SystrayStartTrigger] => C:\Program Files (x86)\Avira\Launcher\Avira.SystrayStartTrigger.exe [98024 2017-12-21] (Avira Operations GmbH & Co. KG)
HKU\S-1-5-21-3148635408-1925725567-240680785-1000\...\Run: [Discord] => C:\Users\Xavier\AppData\Local\Discord\app-0.0.300\Discord.exe [57821176 2018-01-08] (Discord Inc.)
HKU\S-1-5-21-3148635408-1925725567-240680785-1000\...\MountPoints2: F - F:\setup.exe
HKU\S-1-5-21-3148635408-1925725567-240680785-1000\...\MountPoints2: {2320afea-1795-11e7-9289-f832e48dd5ed} - F:\setup.exe
HKU\S-1-5-21-3148635408-1925725567-240680785-1000\...\MountPoints2: {511436d6-6ee3-11e7-a680-f832e48dd5ed} - F:\setup.exe
HKU\S-1-5-21-3148635408-1925725567-240680785-1000\...\MountPoints2: {62835593-663a-11e7-a5b8-f832e48dd5ed} - F:\setup_yooka-laylee_1.0_(11171).exe
HKU\S-1-5-21-3148635408-1925725567-240680785-1000\...\MountPoints2: {7b534063-66fa-11e7-8352-f832e48dd5ed} - F:\stpdh2.exe
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk [2017-02-22]
ShortcutTarget: HP Digital Imaging Monitor.lnk -> C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe (Hewlett-Packard Co.)

==================== Internet (Avec liste blanche) ====================

(Si un élément est inclus dans le fichier fixlist.txt, s'il s'agit d'un élément du Registre, il sera supprimé ou restauré à la valeur par défaut.)

Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{2E398C69-D6EC-4AED-AE80-BD414C070A85}: [DhcpNameServer] 192.168.42.129
Tcpip\..\Interfaces\{7E25AAE8-21F5-470B-9D3F-7EEB35E04A4D}: [DhcpNameServer] 192.168.42.129
Tcpip\..\Interfaces\{9B4873AC-433A-4D87-9A38-10199EF694A5}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{B44F6B6E-BB3F-411E-B938-6247817FF2AB}: [DhcpNameServer] 192.168.1.1 192.168.1.1
Tcpip\..\Interfaces\{CDBDA4E7-EF9D-4515-A5CF-C0136F3E2319}: [DhcpNameServer] 192.168.42.129

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = www.google.com
HKU\S-1-5-21-3148635408-1925725567-240680785-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.bing.com/?pc=COSP&ptag=D011618-A5AF4E3D53C&form=CONMHP&conlogo=CT3335878
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-3148635408-1925725567-240680785-1000 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?pc=COSP&ptag=D011618-A5AF4E3D53C&form=CONBDF&conlogo=CT3335878&q={searchTerms}
SearchScopes: HKU\S-1-5-21-3148635408-1925725567-240680785-1000 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?pc=COSP&ptag=D011618-A5AF4E3D53C&form=CONBDF&conlogo=CT3335878&q={searchTerms}

FireFox:
========
FF DefaultProfile: lccpj8ja.default
FF ProfilePath: C:\Users\Xavier\AppData\Roaming\Mozilla\Firefox\Profiles\lccpj8ja.default [2018-01-16]
FF Homepage: Mozilla\Firefox\Profiles\lccpj8ja.default -> hxxp://www.bing.com/?pc=COSP&ptag=D011618-A5AF4E3D53C&form=CONMHP&conlogo=CT3335878
FF NewTab: Mozilla\Firefox\Profiles\lccpj8ja.default -> hxxp://www.bing.com/?pc=COSP&ptag=D011618-A5AF4E3D53C&form=CONMHP&conlogo=CT3335878
FF Extension: (Avira SafeSearch Plus) - C:\Users\Xavier\AppData\Roaming\Mozilla\Firefox\Profiles\lccpj8ja.default\Extensions\safesearchplus2@avira.com.xpi [2017-09-13] [Legacy]
FF Extension: (Avast SafePrice) - C:\Users\Xavier\AppData\Roaming\Mozilla\Firefox\Profiles\lccpj8ja.default\Extensions\sp@avast.com.xpi [2017-08-31]
FF Extension: (Avast Online Security) - C:\Users\Xavier\AppData\Roaming\Mozilla\Firefox\Profiles\lccpj8ja.default\Extensions\wrc@avast.com.xpi [2017-08-31]
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_28_0_0_137.dll [2018-01-10] ()
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_28_0_0_137.dll [2018-01-10] ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2014-04-29] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2014-04-29] (Intel Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2018-01-04] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2018-01-04] (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.7\npGoogleUpdate3.dll [2017-12-31] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.7\npGoogleUpdate3.dll [2017-12-31] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2017-11-04] (Adobe Systems Inc.)

Chrome:
=======
CHR HomePage: Default -> hxxp://www.google.fr/
CHR StartupUrls: Default -> "hxxps://www.google.fr/"
CHR Profile: C:\Users\Xavier\AppData\Local\Google\Chrome\User Data\Default [2018-01-27]
CHR Extension: (Slides) - C:\Users\Xavier\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-12-31]
CHR Extension: (Docs) - C:\Users\Xavier\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-12-31]
CHR Extension: (Google Drive) - C:\Users\Xavier\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2017-12-31]
CHR Extension: (YouTube) - C:\Users\Xavier\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2017-12-31]
CHR Extension: (Twitter Web - Night Mode) - C:\Users\Xavier\AppData\Local\Google\Chrome\User Data\Default\Extensions\cadmiljohldbooihfbkjkobepojailca [2018-01-07]
CHR Extension: (uBlock Origin) - C:\Users\Xavier\AppData\Local\Google\Chrome\User Data\Default\Extensions\cjpalhdlnbpafiamejdnhcphjbkeiagm [2018-01-16]
CHR Extension: (Corobizar.com - Alerte Live) - C:\Users\Xavier\AppData\Local\Google\Chrome\User Data\Default\Extensions\dflnhmchphajjkfadohcpiobjdhnfaed [2018-01-06]
CHR Extension: (Adobe Acrobat) - C:\Users\Xavier\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2017-12-31]
CHR Extension: (JeanBaptisteShow Live Extension) - C:\Users\Xavier\AppData\Local\Google\Chrome\User Data\Default\Extensions\fajfahbdhgohkpikdldoednclnenmbdk [2018-01-06]
CHR Extension: (Sheets) - C:\Users\Xavier\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-12-31]
CHR Extension: (Google Docs hors connexion) - C:\Users\Xavier\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2017-12-31]
CHR Extension: (Unlimited Free VPN - Hola) - C:\Users\Xavier\AppData\Local\Google\Chrome\User Data\Default\Extensions\gkojfkhlekighikafcpjkiklfbnlmeio [2018-01-22]
CHR Extension: (Morpheon Dark) - C:\Users\Xavier\AppData\Local\Google\Chrome\User Data\Default\Extensions\mafbdhjdkjnoafhfelkjpchpaepjknad [2018-01-07]
CHR Extension: (Paiements via le Chrome Web Store) - C:\Users\Xavier\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-12-31]
CHR Extension: (AdBlocker Ultimate) - C:\Users\Xavier\AppData\Local\Google\Chrome\User Data\Default\Extensions\ohahllgiabjaoigichmmfljhkcfikeof [2018-01-06]
CHR Extension: (9gag Night Mode) - C:\Users\Xavier\AppData\Local\Google\Chrome\User Data\Default\Extensions\pdoebgohinaejdpncadbahijijgoffke [2018-01-27]
CHR Extension: (Gmail) - C:\Users\Xavier\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2017-12-31]
CHR Extension: (Chrome Media Router) - C:\Users\Xavier\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-12-31]
CHR HKLM\...\Chrome\Extension: [ipmkfpcnmccejididiaagpgchgjfajgp] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - hxxps://clients2.google.com/service/update2/crx

Opera:
=======
OPR StartupUrls: "hxxp://google.fr/"
OPR Extension: (AdBlock) - C:\Users\Xavier\AppData\Roaming\Opera Software\Opera Stable\Extensions\aobdicepooefnbaeokijohmhjlleamfj [2017-09-13]
OPR Extension: (Unlimited Free VPN - Hola) - C:\Users\Xavier\AppData\Roaming\Opera Software\Opera Stable\Extensions\ekmmelpnmfdegjhnmadddcfjcahpajnm [2018-01-18]
OPR Extension: (Reddit Enhancement Suite) - C:\Users\Xavier\AppData\Roaming\Opera Software\Opera Stable\Extensions\gfdcmdcpehpkengmkhkbpifajmbhfgae [2018-01-23]
OPR Extension: (uBlock Origin) - C:\Users\Xavier\AppData\Roaming\Opera Software\Opera Stable\Extensions\kccohkcpppjjkkjppopfnflnebibpida [2018-01-15]
OPR Extension: (Youtube to MP3 Converter) - C:\Users\Xavier\AppData\Roaming\Opera Software\Opera Stable\Extensions\lemijcdigjkjafpnjaepmpmhmladcfdh [2017-09-21]
OPR Extension: (9GAG Nightmode) - C:\Users\Xavier\AppData\Roaming\Opera Software\Opera Stable\Extensions\olhfnbneacbbckpdajmmjllcelnloafl [2017-11-02]
OPR Extension: (AdBlocker Ultimate) - C:\Users\Xavier\AppData\Roaming\Opera Software\Opera Stable\Extensions\pmpmnoinbkdojlnknogfeoagmhmhgakc [2017-09-13]
StartMenuInternet: (HKLM) OperaStable - C:\Program Files\Opera\Launcher.exe

Publicité


Signaler le contenu de ce document

Publicité