Résultats d'analyse de  Farbar Recovery Scan Tool (FRST) (x64) Version: 20-06-2016 01
Exécuté par Khaoulaa (administrateur) sur KHAOULA (24-06-2016 13:47:24)
Exécuté depuis C:\Users\Khaoulaa\Desktop
Profils chargés: Khaoulaa (Profils disponibles: Khaoulaa)
Platform: Windows 8 Enterprise (X64) Langue: Français (France)
Internet Explorer Version 10 (Navigateur par défaut: Chrome)
Mode d'amorçage: Normal
Tutoriel pour Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processus (Avec liste blanche) =================

(Si un élément est inclus dans le fichier fixlist.txt, le processus sera arrêté. Le fichier ne sera pas déplacé.)

(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\afwServ.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Microsoft Corporation) C:\Program Files\IIS\Microsoft Web Deploy\MsDepSvc.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe
(Microsoft Corporation) C:\Windows\System32\LogonUI.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\Updates\16.0.6965.2058\OfficeClickToRun.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
(Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
(Microsoft Corporation) C:\Windows\System32\StikyNot.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\root\Office16\ONENOTEM.EXE
(Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe
(Avast Software) C:\Program Files\AVAST Software\SZBrowser\1.48.2066.101\SZBrowser.exe
(Avast Software) C:\Program Files\AVAST Software\SZBrowser\1.48.2066.101\SZBrowser_crashreporter.exe
(Avast Software) C:\Program Files\AVAST Software\SZBrowser\1.48.2066.101\SZBrowser.exe
(Avast Software) C:\Program Files\AVAST Software\SZBrowser\1.48.2066.101\SZBrowser.exe
(Avast Software) C:\Program Files\AVAST Software\SZBrowser\1.48.2066.101\SZBrowser.exe
(Avast Software) C:\Program Files\AVAST Software\SZBrowser\1.48.2066.101\SZBrowser.exe
(Avast Software) C:\Program Files\AVAST Software\SZBrowser\1.48.2066.101\SZBrowser.exe
(Avast Software) C:\Program Files\AVAST Software\SZBrowser\1.48.2066.101\SZBrowser.exe
(Avast Software) C:\Program Files\AVAST Software\SZBrowser\1.48.2066.101\SZBrowser.exe
(Avast Software) C:\Program Files\AVAST Software\SZBrowser\1.48.2066.101\SZBrowser.exe
(Avast Software) C:\Program Files\AVAST Software\SZBrowser\1.48.2066.101\SZBrowser.exe
(Avast Software) C:\Program Files\AVAST Software\SZBrowser\1.48.2066.101\SZBrowser.exe
(Avast Software) C:\Program Files\AVAST Software\SZBrowser\1.48.2066.101\SZBrowser.exe
(Avast Software) C:\Program Files\AVAST Software\SZBrowser\1.48.2066.101\SZBrowser.exe
(Microsoft Corporation) C:\Windows\SysWOW64\cmd.exe
(Microsoft Corporation) C:\Windows\SysWOW64\cmd.exe
() C:\Program Files\AVAST Software\Avast\AvastNM.exe
() C:\Program Files\AVAST Software\Avast\AvastNM.exe
(Avast Software) C:\Program Files\AVAST Software\SZBrowser\1.48.2066.101\SZBrowser.exe
(Avast Software) C:\Program Files\AVAST Software\SZBrowser\1.48.2066.101\SZBrowser.exe
(Avast Software) C:\Program Files\AVAST Software\SZBrowser\1.48.2066.101\SZBrowser.exe
(Avast Software) C:\Program Files\AVAST Software\SZBrowser\1.48.2066.101\SZBrowser.exe
(Avast Software) C:\Program Files\AVAST Software\SZBrowser\1.48.2066.101\SZBrowser.exe
(Avast Software) C:\Program Files\AVAST Software\SZBrowser\1.48.2066.101\SZBrowser.exe
(Avast Software) C:\Program Files\AVAST Software\SZBrowser\1.48.2066.101\SZBrowser.exe
(Avast Software) C:\Program Files\AVAST Software\SZBrowser\1.48.2066.101\SZBrowser.exe
(Avast Software) C:\Program Files\AVAST Software\SZBrowser\1.48.2066.101\SZBrowser.exe
(Avast Software) C:\Program Files\AVAST Software\SZBrowser\1.48.2066.101\SZBrowser.exe
(Microsoft Corporation) C:\Windows\SysWOW64\cmd.exe
(Microsoft Corporation) C:\Windows\SysWOW64\cmd.exe
() C:\Program Files\AVAST Software\Avast\AvastNM.exe
() C:\Program Files\AVAST Software\Avast\AvastNM.exe
(Hewlett-Packard) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPSFReport.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\setup\New_c0108e0\instup.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeC2RClient.exe
(Microsoft Corporation) C:\Windows\System32\CompatTelRunner.exe
(Microsoft Corporation) C:\Windows\System32\CompatTelRunner.exe


==================== Registre (Avec liste blanche) ===========================

(Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé. Le fichier ne sera pas déplacé.)

HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [170256 2015-08-13] (Apple Inc.)
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [96056 2013-05-30] (Hewlett-Packard)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [596504 2016-04-01] (Oracle Corporation)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [7405752 2016-06-16] (AVAST Software)
HKLM-x32\...\Run: [ QQPCTray] => "C:\Program Files (x86)\Tencent\QQPCMgr\11.6.17647.229\QQPCTray.exe"  /regrun
HKU\S-1-5-21-861074415-1462165808-2494173468-1001\...\Run: [RESTART_STICKY_NOTES] => C:\Windows\System32\StikyNot.exe [405504 2012-07-26] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [.QMDeskTopGCIcon] -> {B7667919-3765-4815-A66D-98A09BE662D6} =>  Pas de fichier
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2016-06-16] (AVAST Software)
Startup: C:\Users\Khaoulaa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Envoyer à OneNote.lnk [2016-06-14]
ShortcutTarget: Envoyer à OneNote.lnk -> C:\Program Files (x86)\Microsoft Office\root\Office16\ONENOTEM.EXE (Microsoft Corporation)
CHR HKLM\SOFTWARE\Policies\Google: Restriction <======= ATTENTION

==================== Internet (Avec liste blanche) ====================

(Si un élément est inclus dans le fichier fixlist.txt, s'il s'agit d'un élément du Registre, il sera supprimé ou restauré à la valeur par défaut.)

Tcpip\Parameters: [DhcpNameServer] 192.168.1.1 0.0.0.0
Tcpip\..\Interfaces\{C828BEDC-75E9-4144-93A8-97BD8BF893C7}: [DhcpNameServer] 192.168.1.1 0.0.0.0

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-21-861074415-1462165808-2494173468-1001 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2016-06-14] (Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_91\bin\ssv.dll [2016-05-24] (Oracle Corporation)
BHO: Pas de nom -> {7C260B4B-F7A0-40B5-B403-BEFCDC6A4C3B} -> Pas de fichier
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2016-06-16] (AVAST Software)
BHO: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\GROOVEEX.DLL [2016-06-14] (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_91\bin\jp2ssv.dll [2016-05-24] (Oracle Corporation)
BHO: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll [2013-08-28] (Hewlett-Packard)
BHO-x32: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\Office16\OCHelper.dll [2016-06-14] (Microsoft Corporation)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2016-06-16] (AVAST Software)
BHO-x32: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\root\Office16\GROOVEEX.DLL [2016-06-14] (Microsoft Corporation)
BHO-x32: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll [2013-08-28] (Hewlett-Packard)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2016-06-14] (Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2016-06-14] (Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2016-06-14] (Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2016-06-14] (Microsoft Corporation)
StartMenuInternet: IEXPLORE.EXE - iexplore.exe

FireFox:
========
FF ProfilePath: C:\Users\Khaoulaa\AppData\Roaming\Profiles\8oa14fvp.default
FF DefaultSearchEngine: youndoo
FF SelectedSearchEngine: youndoo
FF Plugin: @java.com/DTPlugin,version=11.91.2 -> C:\Program Files\Java\jre1.8.0_91\bin\dtplugin\npDeployJava1.dll [2016-05-24] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.91.2 -> C:\Program Files\Java\jre1.8.0_91\bin\plugin2\npjp2.dll [2016-05-24] (Oracle Corporation)
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2015-07-30] ()
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2016-06-14] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2016-06-14] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.30.3\npGoogleUpdate3.dll [2016-06-16] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.30.3\npGoogleUpdate3.dll [2016-06-16] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2016-05-27] (Adobe Systems Inc.)
FF SearchPlugin: C:\Users\Khaoulaa\AppData\Roaming\Profiles\8oa14fvp.default\searchplugins\81gwv2oh.xml [2016-06-16]
FF HKLM\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2016-06-16]
FF HKLM\...\Firefox\Extensions: [sp@avast.com] - C:\Program Files\AVAST Software\Avast\SafePrice\FF
FF Extension: Avast SafePrice - C:\Program Files\AVAST Software\Avast\SafePrice\FF [2016-06-16]
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF HKLM-x32\...\Firefox\Extensions: [sp@avast.com] - C:\Program Files\AVAST Software\Avast\SafePrice\FF
StartMenuInternet: FIREFOX.EXE - firefox.exe

Chrome: 
=======
CHR HomePage: Default -> hxxp://www.google.com/
CHR StartupUrls: Default -> "hxxp://search.babylon.com/?affID=112060&tt=280612_7_&babsrc=HP_ss&mntrId=48ed69210000000000000013f7635ac8","hxxp://search.babylon.com/?affID=115284&tt=251012_1830_4312_1&babsrc=HP_ss&mntrId=48ed69210000000000000013f7635ac8","hxxp://mysearch.avg.com?cid={591E7168-202A-40CA-B9B7-DD8142A07068}&mid=cd6da233872947d29c4ad168d170a21d-ad1491be2ce6c122f6b66faa90e70c2decf7d34c&lang=fr&ds=co011&coid=avgtbdisco&cmpid=&pr=sa&d=2014-02-09 00:42:55&v=17.3.1.91&pid=safeguard&sg=&sap=hp","hxxp://istart.webssearches.com/?type=hp&ts=1405987796&from=amt&uid=MAXTORXSTM3320613AS_5SZ04Y4BXXXX5SZ04Y4B","hxxp://searchinterneat-a.akamaihd.net/h?eq=U0EeCFZVBB8SRggSJg0NAgkVRRhBcgwJTA1GRwEOIQFeBxRDEVdCeQgNAg5HR1MFIk0FA1oDB0VXfV5bFElXTwhkMlxZFX8YT1E=","hxxp://www.youndoo.com/?z=2f3e4d7f848d0f72bb210f2g2z7qdqbe5bcc8q2c7b&from=wak&uid=HGSTXHTS545050A7E680_RBF50A1N0A04DP0A04DPX&type=hp"
CHR DefaultSearchURL: Default -> hxxp://srch.bar/{searchTerms}
CHR DefaultSuggestURL: Default -> hxxp://srch.bar/?s={searchTerms}
CHR Session Restore: Default -> est activé.
CHR Profile: C:\Users\Khaoulaa\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Music Notation Training) - C:\Users\Khaoulaa\AppData\Local\Google\Chrome\User Data\Default\Extensions\baflflhaeoafhbeiioodmdmjohkoalio [2016-06-20]
CHR Extension: (YouTube) - C:\Users\Khaoulaa\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-06-20]
CHR Extension: (Facebook Unseen) - C:\Users\Khaoulaa\AppData\Local\Google\Chrome\User Data\Default\Extensions\dmdhkalcecemojegheiohcghkamlipof [2016-06-19]
CHR Extension: (Productivity Owl) - C:\Users\Khaoulaa\AppData\Local\Google\Chrome\User Data\Default\Extensions\eoagmdboiealblmpaahjlhajggndaahi [2016-06-19]
CHR Extension: (Avast SafePrice) - C:\Users\Khaoulaa\AppData\Local\Google\Chrome\User Data\Default\Extensions\eofcbnmajmjmplflapaojjnihcjkigck [2016-06-22]
CHR Extension: (Brilliant) - C:\Users\Khaoulaa\AppData\Local\Google\Chrome\User Data\Default\Extensions\eommhbliilafdkodaijeejngbjiiaccl [2016-06-20]
CHR Extension: (Good Morning) - C:\Users\Khaoulaa\AppData\Local\Google\Chrome\User Data\Default\Extensions\gidllfklologdjckenbjmdichamhjllc [2016-06-20]
CHR Extension: (Undrtone) - C:\Users\Khaoulaa\AppData\Local\Google\Chrome\User Data\Default\Extensions\lgmofnojandiebjkejljonkmnappehpb [2016-06-20]
CHR Extension: (My Study Life) - C:\Users\Khaoulaa\AppData\Local\Google\Chrome\User Data\Default\Extensions\mnjdjjiobjicmlhnjlogfgbibihjhkeo [2016-06-20]
CHR Extension: (Paiements via le Chrome Web Store) - C:\Users\Khaoulaa\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-06-19]
CHR Extension: (Gmail) - C:\Users\Khaoulaa\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-06-20]
CHR HKLM\...\Chrome\Extension: [pilplloabdedfmialnfchjomjmpjcoej] - hxxps://clients2.google.com/service/update2/crx
CHR HKU\S-1-5-21-861074415-1462165808-2494173468-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [pilplloabdedfmialnfchjomjmpjcoej] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChromeSp.crx [2016-06-16]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2016-06-16]
CHR HKLM-x32\...\Chrome\Extension: [pilplloabdedfmialnfchjomjmpjcoej] - hxxps://clients2.google.com/service/update2/crx