cjoint

Publicité


Publicité

Format du document : text/plain

Prévisualisation

Résultats d'analyse de Farbar Recovery Scan Tool (FRST) (x86) Version:19-05-2016
Exécuté par user (administrateur) sur USER-PC (21-05-2016 02:53:26)
Exécuté depuis C:\Users\user\Downloads\Programs
Profils chargés: user (Profils disponibles: user)
Platform: Microsoft Windows 7 Édition Familiale Premium Service Pack 1 (X86) Langue: Français (France)
Internet Explorer Version 11 (Navigateur par défaut: Chrome)
Mode d'amorçage: Normal
Tutoriel pour Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processus (Avec liste blanche) =================

(Si un élément est inclus dans le fichier fixlist.txt, le processus sera arrêté. Le fichier ne sera pas déplacé.)

(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtHDVBg.exe
(Autodesk Inc.) C:\Program Files\Common Files\Autodesk Shared\AppManager\R1\AdAppMgrSvc.exe
(Andrea Electronics Corporation) C:\Program Files\Realtek\Audio\HDA\AERTSrv.exe
(Autodesk, Inc.) C:\Program Files\Autodesk\Content Service\Connect.Service.ContentService.exe
(ESET) C:\Program Files\ESET\ESET Smart Security\ekrn.exe
(National Instruments Corporation) C:\Windows\System32\lkads.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\VS7DEBUG\mdm.exe
(National Instruments Corporation) C:\Program Files\National Instruments\Shared\niauth\niauth_daemon.exe
(National Instruments Corporation) C:\Program Files\National Instruments\Shared\Security\nidmsrv.exe
(National Instruments Corporation) C:\Program Files\National Instruments\Shared\nisvcloc\nisvcloc.exe
(National Instruments, Inc.) C:\Windows\System32\lkcitdl.exe
(National Instruments Corporation) C:\Windows\System32\lktsrv.exe
(National Instruments Corporation) C:\Program Files\National Instruments\Shared\mDNS Responder\nimdnsResponder.exe
(National Instruments Corporation) C:\Program Files\National Instruments\Shared\NI WebServer\SystemWebServer.exe
(National Instruments Corporation) C:\Program Files\National Instruments\Shared\NI WebServer\ApplicationWebServer.exe
(National Instruments Corporation) C:\Program Files\National Instruments\Shared\NI WebServer\NIWebServiceContainer.exe
(National Instruments Corporation) C:\Program Files\National Instruments\Shared\NI WebServer\NIWebServiceContainer.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtHDVBg.exe
(Adobe Systems Incorporated) C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
(ESET) C:\Program Files\ESET\ESET Smart Security\egui.exe
() C:\Program Files\Common Files\Freemake Shared\ProductUpdater\ProductUpdater.exe
(Zbshareware Lab) C:\Program Files\USB Disk Security\USBGuard.exe
(McAfee, Inc.) C:\Program Files\McAfee Security Scan\3.11.309\SSScheduler.exe
(National Instruments Corporation) C:\Program Files\National Instruments\Shared\NI Error Reporting\nierserver.exe
(Autodesk Inc.) C:\Users\user\AppData\Local\Autodesk\.AdskAppManager\R1\AdAppMgr.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jucheck.exe
(Tonec Inc.) C:\Program Files\Internet Download Manager\IDMan.exe
(Panda Security) C:\Program Files\Panda USB Vaccine\USBVaccine.exe


==================== Registre (Avec liste blanche) ===========================

(Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé. Le fichier ne sera pas déplacé.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI.exe [6741720 2014-07-02] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg] => C:\Program Files\Realtek\Audio\HDA\RtHDVBg.exe [1011416 2014-07-03] (Realtek Semiconductor)
HKLM\...\Run: [Adobe ARM] => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1021128 2014-12-03] (Adobe Systems Incorporated)
HKLM\...\Run: [egui] => C:\Program Files\ESET\ESET Smart Security\egui.exe [5088456 2015-01-28] (ESET)
HKLM\...\Run: [ADSKAppManager] => C:\Program Files\Common Files\Autodesk Shared\AppManager\R1\AdAppMgr.exe [493960 2014-12-05] (Autodesk Inc.)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [558496 2014-02-27] (Adobe Systems Incorporated)
HKLM\...\Run: [APSDaemon] => C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-09-13] (Apple Inc.)
HKLM\...\Run: [QuickTime Task] => C:\Program Files\QuickTime\QTTask.exe [421888 2015-06-17] (Apple Inc.)
HKLM\...\Run: [ProductUpdater] => C:\Program Files\Common Files\Freemake Shared\ProductUpdater\ProductUpdater.exe [71680 2015-10-09] ()
HKLM\...\Run: [SunJavaUpdateSched] => C:\Program Files\Common Files\Java\Java Update\jusched.exe [595480 2016-03-20] (Oracle Corporation)
HKLM\...\Run: [USB Security] => C:\Program Files\USB Disk Security\USBGuard.exe [695528 2015-01-31] (Zbshareware Lab)
HKLM\...\Policies\Explorer: [NoSetFolders] 0
HKLM\...\Policies\Explorer: [NoToolbarCustomize] 0
HKLM\...\Policies\Explorer: [NoFileMenu] 0
HKLM\...\Policies\Explorer: [NoFind] 0
HKLM\...\Policies\Explorer: [HideClock] 0
HKLM\...\Policies\Explorer: [NoChangeStartMenu] 0
HKLM\...\Policies\Explorer: [NoFileUrl] 1
HKU\S-1-5-21-2257662679-3818682232-1060715382-1000\...\Run: [IDMan] => C:\Program Files\Internet Download Manager\IDMan.exe [3903056 2015-05-20] (Tonec Inc.)
HKU\S-1-5-21-2257662679-3818682232-1060715382-1000\...\Run: [AdobeBridge] => [X]
HKU\S-1-5-21-2257662679-3818682232-1060715382-1000\...\Run: [Skype] => C:\Program Files\Skype\Phone\Skype.exe [50509440 2015-11-30] (Skype Technologies S.A.)
HKU\S-1-5-21-2257662679-3818682232-1060715382-1000\...\Run: [Steam] => C:\Program Files\Steam\steam.exe [3077712 2016-04-30] (Valve Corporation)
HKU\S-1-5-21-2257662679-3818682232-1060715382-1000\...\Policies\Explorer: []
HKU\S-1-5-21-2257662679-3818682232-1060715382-1000\...\Policies\Explorer: [NoSetFolders] 0
HKU\S-1-5-21-2257662679-3818682232-1060715382-1000\...\Policies\Explorer: [NoToolbarCustomize] 0
HKU\S-1-5-21-2257662679-3818682232-1060715382-1000\...\Policies\Explorer: [NoFileMenu] 0
HKU\S-1-5-21-2257662679-3818682232-1060715382-1000\...\Policies\Explorer: [NoFind] 0
HKU\S-1-5-21-2257662679-3818682232-1060715382-1000\...\Policies\Explorer: [HideClock] 0
HKU\S-1-5-21-2257662679-3818682232-1060715382-1000\...\Policies\Explorer: [NoChangeStartMenu] 0
HKU\S-1-5-21-2257662679-3818682232-1060715382-1000\...\Policies\Explorer: [NoFileUrl] 1
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => Pas de fichier
ShellIconOverlayIdentifiers: [IDM Shell Extension] -> {CDC95B92-E27C-4745-A8C5-64A52A78855D} => C:\Program Files\Internet Download Manager\IDMShellExt.dll [2014-04-21] (Tonec Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk [2016-04-07]
ShortcutTarget: McAfee Security Scan Plus.lnk -> C:\Program Files\McAfee Security Scan\3.11.309\SSScheduler.exe (McAfee, Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\NI Error Reporting.lnk [2016-01-20]
ShortcutTarget: NI Error Reporting.lnk -> C:\Program Files\National Instruments\Shared\NI Error Reporting\nierserver.exe (National Instruments Corporation)
Startup: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\winlogon.bat [2016-04-09] ()
GroupPolicy: Restriction - Chrome <======= ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Restriction <======= ATTENTION

==================== Internet (Avec liste blanche) ====================

(Si un élément est inclus dans le fichier fixlist.txt, s'il s'agit d'un élément du Registre, il sera supprimé ou restauré à la valeur par défaut.)

ProxyServer: [S-1-5-21-2257662679-3818682232-1060715382-1000] => 188.165.216.161:3128
AutoConfigURL: [S-1-5-21-2257662679-3818682232-1060715382-1000] => 188.165.216.161:3128
Winsock: Catalog5 07 C:\Program Files\National Instruments\Shared\mDNS Responder\nimdnsNSP.dll [26512 2014-06-06] (National Instruments Corporation)
Hosts: 0.0.0.1 mssplus.mcafee.com
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{7D3E897E-93B4-4F46-A97E-4EE16FA5A041}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{C0C6205A-DB2F-4FAF-8710-FFEF30F6BCD2}: [DhcpNameServer] 192.168.1.1

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.com
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO: IDM integration (IDMIEHlprObj Class) -> {0055C089-8582-441B-A0BF-17B458C2A3A8} -> C:\Program Files\Internet Download Manager\IDMIECC.dll [2015-02-21] (Internet Download Manager, Tonec Inc.)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_77\bin\ssv.dll [2016-03-24] (Oracle Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_77\bin\jp2ssv.dll [2016-03-24] (Oracle Corporation)

FireFox:
========
FF ProfilePath: C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\7tjnnqdv.default
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32_21_0_0_242.dll [2016-05-12] ()
FF Plugin: @java.com/DTPlugin,version=11.77.2 -> C:\Program Files\Java\jre1.8.0_77\bin\dtplugin\npDeployJava1.dll [2016-03-24] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.77.2 -> C:\Program Files\Java\jre1.8.0_77\bin\plugin2\npjp2.dll [2016-03-24] (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.41212.0\npctrl.dll [2015-12-12] ( Microsoft Corporation)
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.30.3\npGoogleUpdate3.dll [2016-05-10] (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.30.3\npGoogleUpdate3.dll [2016-05-10] (Google Inc.)
FF Plugin: @videolan.org/vlc,version=2.2.0 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2015-02-27] (VideoLAN)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2014-12-03] (Adobe Systems Inc.)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll [2014-04-29] (Adobe Systems)
FF user.js: detected! => C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\7tjnnqdv.default\user.js [2015-03-30]
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nplv2013win32.dll [2014-11-21] (National Instruments)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nplv2014win32.dll [2015-01-25] (National Instruments)
FF Extension: Cookies Manager+ - C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\7tjnnqdv.default\extensions\{bb6bc1bb-f824-4702-90cd-35e2fb24f25d} [2016-05-18]
FF Extension: MEGA - C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\7tjnnqdv.default\Extensions\firefox@mega.co.nz.xpi [2016-05-18]
FF Extension: Unseen - C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\7tjnnqdv.default\Extensions\unseen@tangrs.xpi [2016-04-27]
FF HKU\S-1-5-21-2257662679-3818682232-1060715382-1000\...\Firefox\Extensions: [mozilla_cc@internetdownloadmanager.com] - C:\Users\user\AppData\Roaming\IDM\idmmzcc5
FF Extension: IDM CC - C:\Users\user\AppData\Roaming\IDM\idmmzcc5 [2016-05-21] [non signé]
FF HKU\S-1-5-21-2257662679-3818682232-1060715382-1000\...\SeaMonkey\Extensions: [mozilla_cc@internetdownloadmanager.com] - C:\Users\user\AppData\Roaming\IDM\idmmzcc5

Chrome:
=======
CHR RestoreOnStartup: Default -> "hxxp://search.yahoo.com/?fr=hp-ddc-bd&type=bg_504_bl-is-20__alt__ddc_dsssyc_bd_com"
CHR StartupUrls: Default -> "","hxxp://search.yahoo.com/?fr=hp-ddc-bd&type=bg_504_bl-is-20__alt__ddc_dsssyc_bd_com"
CHR Profile: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Slides) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-05-13]
CHR Extension: (Google Docs) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-05-13]
CHR Extension: (Google Drive) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-10-25]
CHR Extension: (YouTube) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-10-02]
CHR Extension: (Recherche Google) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-10-30]
CHR Extension: (Google Sheets) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-05-13]
CHR Extension: (Google Docs hors connexion) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-03-16]
CHR Extension: (AdBlock) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2016-04-22]
CHR Extension: (Facebook Unseen) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\iicapmagmhahddefgokbabbgieiogjop [2016-01-05]
CHR Extension: (Marauders Map) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\mliofombcghaamgjkmmmmlepkiacdhkh [2015-06-01]
CHR Extension: (Facebook Chat Pro) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\mmclgeiaglomndjkoanmfchooefjhnki [2015-06-01]
CHR Extension: (IDM Integration Module) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\ngpampappnmepgilojfohadhhmbhlaek [2016-04-22]
CHR Extension: (Curling) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\nhalnajmigjnpjpdbpkpgfhekbjmolhp [2016-01-26]
CHR Extension: (Paiements via le Chrome Web Store) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-04-15]
CHR Extension: (Zapyo) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\ollhbgdkbcafedfpfkjlkcgkmdnhfgfi [2016-01-26]
CHR Extension: (Gmail) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-05-13]
CHR HKLM\...\Chrome\Extension: [ngpampappnmepgilojfohadhhmbhlaek] - C:\Program Files\Internet Download Manager\IDMGCExt.crx [2015-04-18]

Opera:
=======
OPR StartupUrls: "hxxp://search.yahoo.com/?fr=hp-ddc-bd&type=bg_504_bl-is-20__alt__ddc_dsssyc_bd_com"
OPR Session Restore: -> est activé.
OPR Extension: (Adblock Plus) - C:\Users\user\AppData\Roaming\Opera Software\Opera Stable\Extensions\oidhhegpmlfpoeialbgcdocjalghfpkp [2016-03-14]

==================== Services (Avec liste blanche) ========================

(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)

R2 AdAppMgrSvc; C:\Program Files\Common Files\Autodesk Shared\AppManager\R1\AdAppMgrSvc.exe [599944 2014-12-05] (Autodesk Inc.)
R2 Autodesk Content Service; C:\Program Files\Autodesk\Content Service\Connect.Service.ContentService.exe [31192 2014-02-07] (Autodesk, Inc.)
S3 cphs; C:\Windows\system32\IntelCpHeciSvc.exe [279000 2014-07-10] (Intel Corporation)
R2 ekrn; C:\Program Files\ESET\ESET Smart Security\ekrn.exe [1349576 2015-01-28] (ESET)
S3 FLEXnet Licensing Service; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [1087792 2015-06-07] (Flexera Software LLC)
R2 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe [277976 2014-07-10] (Intel Corporation)
R2 LkCitadelServer; C:\Windows\system32\lkcitdl.exe [695136 2014-12-02] (National Instruments, Inc.)
R2 lkClassAds; C:\Windows\system32\lkads.exe [53032 2014-06-09] (National Instruments Corporation)
R2 lkTimeSync; C:\Windows\system32\lktsrv.exe [63280 2014-06-09] (National Instruments Corporation)
S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.11.309\McCHSvc.exe [239880 2016-03-11] (McAfee, Inc.)
R2 MDM; C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe [335872 2006-10-26] (Microsoft Corporation) [Fichier non signé]
R2 NIApplicationWebServer; C:\Program Files\National Instruments\Shared\NI WebServer\ApplicationWebServer.exe [57184 2014-11-21] (National Instruments Corporation)
R2 niauth; C:\Program Files\National Instruments\Shared\niauth\niauth_daemon.exe [569152 2014-10-23] (National Instruments Corporation)
R2 NIDomainService; C:\Program Files\National Instruments\Shared\Security\nidmsrv.exe [394544 2014-06-09] (National Instruments Corporation)
S3 NILM License Manager; C:\Program Files\National Instruments\Shared\License Manager\Bin\lmgrd.exe [1427688 2010-08-02] (Macrovision Corporation)
R2 nimDNSResponder; C:\Program Files\National Instruments\Shared\mDNS Responder\nimdnsResponder.exe [320368 2014-06-06] (National Instruments Corporation)
R2 NiSvcLoc; C:\Program Files\National Instruments\Shared\niSvcLoc\nisvcloc.exe [89928 2014-06-06] (National Instruments Corporation)
R2 NISystemWebServer; C:\Program Files\National Instruments\Shared\NI WebServer\SystemWebServer.exe [57168 2014-11-21] (National Instruments Corporation)
R2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService.exe [251096 2014-01-08] (Realtek Semiconductor)
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [680960 2013-05-27] (Microsoft Corporation)

===================== Pilotes (Avec liste blanche) ==========================

(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)

R2 cvintdrv; C:\Windows\system32\Drivers\cvintdrv.sys [21792 2014-06-25] ()
R1 eamonm; C:\Windows\System32\DRIVERS\eamonm.sys [193464 2015-03-10] (ESET)
R1 ehdrv; C:\Windows\System32\DRIVERS\ehdrv.sys [135808 2015-03-10] (ESET)
R2 epfw; C:\Windows\System32\DRIVERS\epfw.sys [176448 2015-03-10] (ESET)
R1 EpfwLWF; C:\Windows\System32\DRIVERS\EpfwLWF.sys [37928 2015-03-10] (ESET)
R0 epfwwfp; C:\Windows\System32\DRIVERS\epfwwfp.sys [51824 2015-03-10] (ESET)
R3 iusb3xhc; C:\Windows\System32\DRIVERS\iusb3xhc.sys [803312 2014-06-27] (Intel Corporation)
R3 RSP2STOR; C:\Windows\System32\DRIVERS\RtsP2Stor.sys [221912 2014-04-16] (Realtek Semiconductor Corp.)
R3 rtbth; C:\Windows\System32\DRIVERS\rtbth.sys [931952 2014-06-27] (Ralink Technology, Corp.)
S3 tap0901; C:\Windows\System32\DRIVERS\tap0901.sys [35288 2013-08-22] (The OpenVPN Project)
S2 adfs; pas de ImagePath
S3 WinRing0_1_2_0; \??\C:\Users\user\AppData\Local\Temp\Rar$EXa0.505\WinRing0.sys [X]

==================== NetSvcs (Avec liste blanche) ===================

(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)


==================== Un mois - Créés - fichiers et dossiers ========

(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)

2016-05-21 02:53 - 2016-05-21 02:53 - 00000000 ____D C:\FRST
2016-05-21 02:51 - 2016-05-21 02:51 - 00000000 ____D C:\ProgramData\Panda Security
2016-05-21 02:51 - 2016-05-21 02:51 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Panda Security
2016-05-21 02:51 - 2016-05-21 02:51 - 00000000 ____D C:\Program Files\Panda USB Vaccine
2016-05-21 02:45 - 2016-05-21 02:49 - 00000000 ____D C:\Rem-VBSqt
2016-05-21 01:36 - 2016-05-21 01:37 - 00000861 _____ C:\DelFix.txt
2016-05-21 01:11 - 2009-12-01 10:52 - 00621944 _____ (Sysinternals - www.sysinternals.com) C:\Windows\system32\pskill.exe
2016-05-21 01:04 - 2016-05-21 01:04 - 00003304 ____N C:\bootsqm.dat
2016-05-21 00:43 - 2012-10-05 07:24 - 00000000 ____D C:\Users\user\Downloads\Virus Shortcut Remover v2.1(Beta)
2016-05-21 00:42 - 2016-05-21 00:42 - 00913253 _____ C:\Users\user\Downloads\Virus Shortcut Remover v2.1(Beta).rar
2016-05-19 18:39 - 2016-05-19 22:55 - 00027493 ____H C:\Users\user\Desktop\~WRL3352.tmp
2016-05-18 22:04 - 2016-05-18 22:05 - 17861245 _____ C:\Users\user\Downloads\هدف رائع لفريق الفتح الرياضي - المغرب على الملعب المالي FUS 2-0 S.M.mp4
2016-05-17 23:00 - 2016-05-17 23:01 - 03077063 _____ C:\Users\user\Downloads\Présentation2016.pptx
2016-05-17 18:45 - 2016-05-17 18:45 - 00000000 ____D C:\Users\user\AppData\Roaming\Zbshareware Lab
2016-05-17 18:44 - 2016-05-17 18:44 - 00001032 _____ C:\Users\Public\Desktop\USB Disk Security.lnk
2016-05-17 18:44 - 2016-05-17 18:44 - 00001020 _____ C:\Users\Public\Desktop\Web Navigation.lnk
2016-05-17 18:44 - 2016-05-17 18:44 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\USB Disk Security
2016-05-17 18:44 - 2016-05-17 18:44 - 00000000 ____D C:\Program Files\USB Disk Security
2016-05-16 22:51 - 2016-05-16 22:51 - 00057722 _____ C:\Users\user\Downloads\Serie5_ENSA_2013_2014.pdf
2016-05-16 22:50 - 2016-05-16 22:50 - 02073541 _____ C:\Users\user\Downloads\Mecanique-des-fluides.pdf
2016-05-11 00:44 - 2016-05-11 00:44 - 02023214 _____ C:\Users\user\Downloads\LQL0ipu8.mp4
2016-05-10 23:14 - 2016-05-11 03:23 - 00000000 ____D C:\Users\user\Desktop\11 MAI
2016-05-10 17:38 - 2016-05-10 17:38 - 00063343 _____ C:\Users\user\Documents\Sans titre (2).wma
2016-05-10 17:37 - 2016-05-10 17:37 - 00058853 _____ C:\Users\user\Documents\Sans titre.wma
2016-05-05 23:42 - 2016-05-14 00:25 - 00000000 ____D C:\Program Files\Mozilla Firefox
2016-05-04 00:05 - 2016-05-04 00:05 - 00799449 _____ C:\Users\user\Downloads\La-foudre-1.pptx
2016-05-03 23:37 - 2016-05-03 23:37 - 01369802 _____ C:\Users\user\Downloads\أتريتيكو دي مدريد ههههههه.mp4
2016-04-28 17:13 - 2016-04-28 17:14 - 02014654 _____ C:\Users\user\Downloads\Cours_Séries_Fourier_CP1-2012-13.pdf
2016-04-28 17:13 - 2016-04-28 17:13 - 00461921 _____ C:\Users\user\Downloads\Chap 3 série de fourier(3).pdf
2016-04-27 18:54 - 2016-04-27 18:54 - 00119469 _____ C:\Users\user\Downloads\cc2_cp2_-2014-2015_corr.pdf
2016-04-27 16:47 - 2016-04-27 17:22 - 534384790 _____ C:\Users\user\Downloads\qnb.zip
2016-04-26 21:50 - 2016-04-26 21:50 - 00540825 _____ C:\Users\user\Downloads\varBio(1).pdf
2016-04-26 21:38 - 2016-04-26 21:38 - 00088382 _____ C:\Users\user\Downloads\ResumeVAetLois_10.pdf
2016-04-25 17:02 - 2016-04-25 17:02 - 00090303 _____ C:\Users\user\Downloads\Corrige du CC1 2013_2014.pdf
2016-04-25 17:02 - 2016-04-25 17:02 - 00048330 _____ C:\Users\user\Downloads\CC1_2013_2014.pdf
2016-04-25 17:01 - 2016-04-25 17:01 - 00056056 _____ C:\Users\user\Downloads\Corrige controle de rattrapage de Thermodynamique CP2 ENSA 2013 2014.pdf
2016-04-25 17:01 - 2016-04-25 17:01 - 00043596 _____ C:\Users\user\Downloads\Rattrapage de Thermodynamique CP2 ENSA 2013 2014.pdf
2016-04-24 13:18 - 2016-04-24 13:18 - 00275506 _____ C:\Users\user\Downloads\TD ENSA Tétouan correction(1).pdf
2016-04-24 13:17 - 2016-04-24 13:17 - 01166556 _____ C:\Users\user\Downloads\MANAGEMENT 1 ENSA DE TETOUAN COMPLEMENT DE COURS [Mode de compatibilité](1).pdf
2016-04-23 02:43 - 2016-04-23 02:43 - 00275506 _____ C:\Users\user\Downloads\TD ENSA Tétouan correction.pdf
2016-04-22 22:13 - 2016-04-22 22:14 - 00158842 _____ C:\Users\user\Downloads\Séries_entières_winedit-2013-2014.pdf
2016-04-21 11:35 - 2016-04-21 11:35 - 00201670 _____ C:\Users\user\Downloads\rattrapage_qcm_phys1_2015-2016_a.pdf
2016-04-21 03:08 - 2016-04-21 03:08 - 00461921 _____ C:\Users\user\Downloads\Chap 3 série de fourier(2).pdf
2016-04-21 03:08 - 2016-04-21 03:08 - 00272425 _____ C:\Users\user\Downloads\exerices corrigés séries de fourier(1).pdf
2016-04-21 01:24 - 2016-04-21 01:24 - 01143706 _____ C:\Users\user\Downloads\s2-management-2-resume.pdf
2016-04-21 01:21 - 2016-04-21 01:21 - 00513039 _____ C:\Users\user\Downloads\management_s1[fsjes-tanger.com].pdf

==================== Un mois - Modifiés - fichiers et dossiers ========

(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)

2016-05-21 02:54 - 2015-03-17 23:22 - 00000000 ____D C:\Users\user\AppData\Roaming\DMCache
2016-05-21 02:44 - 2016-04-10 13:09 - 00001064 _____ C:\Windows\Tasks\Adobe Flash Player PPAPI Notifier.job
2016-05-21 02:09 - 2015-09-15 20:42 - 00001058 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2016-05-21 02:07 - 2015-03-20 23:55 - 00001002 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2016-05-21 01:52 - 2009-07-14 05:34 - 00024912 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2016-05-21 01:52 - 2009-07-14 05:34 - 00024912 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2016-05-21 01:09 - 2015-10-06 22:42 - 00000000 ____D C:\Program Files\Steam
2016-05-21 01:09 - 2015-02-28 14:14 - 00000000 ____D C:\Users\user\AppData\Roaming\Skype
2016-05-21 01:08 - 2015-10-06 22:42 - 00000000 ____D C:\Program Files\Common Files\Steam
2016-05-21 01:06 - 2015-09-15 20:42 - 00001054 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2016-05-21 01:06 - 2009-07-14 05:53 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2016-05-20 15:15 - 2015-03-18 02:00 - 00000000 ____D C:\Users\user\AppData\Roaming\vlc
2016-05-17 18:20 - 2011-02-07 13:57 - 00747154 _____ C:\Windows\system32\perfh00C.dat
2016-05-17 18:20 - 2011-02-07 13:57 - 00149646 _____ C:\Windows\system32\perfc00C.dat
2016-05-17 18:20 - 2010-11-20 22:01 - 01667292 _____ C:\Windows\system32\PerfStringBackup.INI
2016-05-17 18:20 - 2009-07-14 03:37 - 00000000 ____D C:\Windows\inf
2016-05-16 22:31 - 2015-05-13 20:24 - 00000000 ____D C:\Users\user\Downloads\Video
2016-05-15 01:08 - 2015-03-20 23:55 - 00797376 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
2016-05-15 01:08 - 2015-03-20 23:55 - 00142528 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl
2016-05-14 00:25 - 2015-05-22 20:07 - 00000000 ____D C:\Program Files\Mozilla Maintenance Service
2016-05-14 00:07 - 2015-09-15 15:07 - 00000000 ____D C:\Users\user\AppData\Local\CrashDumps
2016-05-12 23:05 - 2015-09-15 20:45 - 00002139 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-05-12 23:05 - 2015-09-15 20:45 - 00002127 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2016-05-12 22:48 - 2015-03-21 02:07 - 00000000 ____D C:\Program Files\Opera
2016-05-01 15:33 - 2015-05-13 20:24 - 00000000 ____D C:\Users\user\Downloads\Compressed
2016-04-21 15:05 - 2015-02-28 13:48 - 00374944 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe

==================== Fichiers à la racine de certains dossiers =======

2015-03-26 12:48 - 2015-03-26 12:48 - 2174976 _____ (Advanced Micro Devices Inc.) C:\Program Files\Common Files\atimpenc.dll
2015-07-02 05:53 - 2015-07-02 06:43 - 0001456 _____ () C:\Users\user\AppData\Local\Adobe Enregistrer pour le Web 13.0 Prefs
2015-06-07 23:12 - 2015-06-07 23:12 - 0000147 _____ () C:\ProgramData\Microsoft.SqlServer.Compact.351.32.bc
2015-12-30 23:14 - 2015-12-30 23:14 - 0000016 _____ () C:\ProgramData\mntemp
2015-12-30 23:14 - 2015-12-30 23:14 - 0004136 _____ () C:\ProgramData\oqztiqep.adk

==================== Bamital & volsnap =================

(Il n'y a pas de correction automatique pour les fichiers qui ne satisfont pas à la vérification.)

C:\Windows\explorer.exe => Le fichier est signé numériquement
C:\Windows\system32\winlogon.exe => Le fichier est signé numériquement
C:\Windows\system32\wininit.exe => Le fichier est signé numériquement
C:\Windows\system32\svchost.exe => Le fichier est signé numériquement
C:\Windows\system32\services.exe => Le fichier est signé numériquement
C:\Windows\system32\User32.dll => Le fichier est signé numériquement
C:\Windows\system32\userinit.exe => Le fichier est signé numériquement
C:\Windows\system32\rpcss.dll => Le fichier est signé numériquement
C:\Windows\system32\dnsapi.dll => Le fichier est signé numériquement
C:\Windows\system32\Drivers\volsnap.sys => Le fichier est signé numériquement


LastRegBack: 2016-05-14 16:30

==================== Fin de FRST.txt ============================

Publicité


Signaler le contenu de ce document

Publicité