cjoint

Publicité


Publicité

Format du document : text/plain

Prévisualisation

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 17-05-2014
Ran by asus (administrator) on ASUS-PC on 19-05-2014 18:58:03
Running from C:\Users\asus\Desktop
Platform: Windows 7 Ultimate Service Pack 1 (X64) OS Language: French Standard
Internet Explorer Version 9
Boot Mode: Normal

The only official download link for FRST:
Download link for 32-Bit version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/81/
Download link for 64-Bit Version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/82/
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\AdminService.exe
() C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.24.7\GoogleCrashHandler.exe
(Autodesk) C:\Program Files (x86)\Common Files\Autodesk Shared\Service\AdskScSrv.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Atheros Communications) C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
(Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe
(Intel Corporation) C:\Windows\System32\IPROSetMonitor.exe
() C:\Program Files\Autodesk\3ds Max 2012\mentalimages\satellite\raysat_3dsmax2012_64server.exe
(Microsoft Corporation) C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe
() C:\Program Files\Autodesk\3ds Max 9\mentalray\satellite\raysat_3dsmax9_64server.exe
(Symantec Corporation) C:\Program Files (x86)\Norton Internet Security\Engine\20.5.0.28\ccsvchst.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.24.7\GoogleCrashHandler64.exe
(PasswordBox, Inc.) C:\Program Files (x86)\PasswordBox\pbbtnService.exe
(AMD) C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(BitTorrent Inc.) C:\Users\asus\AppData\Roaming\uTorrent\uTorrent.exe
(AMD) C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM64.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
() C:\Program Files (x86)\Peerinator\peerinator.exe
(Gemalto N.V.) C:\Users\asus\AppData\Roaming\SanDisk\SanDiskSecureAccess_Manager.exe
(Protexis Inc.) C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
() C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe
(WIBU-SYSTEMS AG) C:\Program Files (x86)\WIBUKEY\Server\WkSvMgr.exe
(Skype Technologies S.A.) C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
(Renesas Electronics Corporation) C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(ACD Systems) C:\Program Files (x86)\ACD Systems\ACDSee\14.0\ACDSeeInTouch2.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(RealNetworks, Inc.) C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Symantec Corporation) C:\Program Files (x86)\Norton Internet Security\Engine\20.5.0.28\ccsvchst.exe
(RealNetworks, Inc.) C:\Program Files (x86)\RealNetworks\RealDownloader\recordingmanager.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [11613288 2010-11-19] (Realtek Semiconductor)
HKLM\...\Run: [AtherosBtStack] => C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe [617120 2011-03-13] (Atheros Communications)
HKLM\...\Run: [AthBtTray] => C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe [379552 2011-03-13] (Atheros Commnucations)
HKLM-x32\...\Run: [JMB36X IDE Setup] => C:\Windows\RaidTool\xInsIDE.exe [43608 2010-09-07] ()
HKLM-x32\...\Run: [NUSB3MON] => C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe [113288 2010-11-17] (Renesas Electronics Corporation)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [BCSSync] => C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [91520 2010-03-13] (Microsoft Corporation)
HKLM-x32\...\Run: [ACSW14EN] => C:\Program Files (x86)\ACD Systems\ACDSee\14.0\ACDSeeInTouch2.exe [1231472 2011-09-20] (ACD Systems)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [642808 2012-12-19] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [TkBellExe] => C:\Program Files (x86)\Real\RealPlayer\update\realsched.exe [295512 2013-09-07] (RealNetworks, Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\.DEFAULT\...\RunOnce: [] - [X]
HKU\S-1-5-19\...\RunOnce: [] - [X]
HKU\S-1-5-20\...\RunOnce: [] - [X]
HKU\S-1-5-21-3928126596-1977187859-2143984793-1000\...\Run: [EPSON Stylus DX7400 Series] => C:\Windows\system32\spool\DRIVERS\x64\3\E_IATICDE.EXE [213504 2007-04-12] (SEIKO EPSON CORPORATION)
HKU\S-1-5-21-3928126596-1977187859-2143984793-1000\...\Run: [msnmsgr] => C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe [4280184 2012-03-08] (Microsoft Corporation)
HKU\S-1-5-21-3928126596-1977187859-2143984793-1000\...\Run: [Facebook Update] => C:\Users\asus\AppData\Local\Facebook\Update\FacebookUpdate.exe [138096 2012-07-21] (Facebook Inc.)
HKU\S-1-5-21-3928126596-1977187859-2143984793-1000\...\Run: [HydraVisionDesktopManager] => C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM.exe [393216 2011-12-05] (AMD)
HKU\S-1-5-21-3928126596-1977187859-2143984793-1000\...\Run: [uTorrent] => C:\Users\asus\AppData\Roaming\uTorrent\uTorrent.exe [1272400 2014-05-15] (BitTorrent Inc.)
HKU\S-1-5-21-3928126596-1977187859-2143984793-1000\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [20922016 2014-02-10] (Skype Technologies S.A.)
HKU\S-1-5-21-3928126596-1977187859-2143984793-1000\...\Run: [SanDiskSecureAccess_Manager.exe] => C:\Users\asus\AppData\Roaming\SanDisk\SanDiskSecureAccess_Manager.exe [30705792 2012-02-15] (Gemalto N.V.)
HKU\S-1-5-21-3928126596-1977187859-2143984793-1000\...\Policies\Explorer: [NofolderOptions] 0
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Serveur réseau.lnk
ShortcutTarget: Serveur réseau.lnk -> C:\Program Files (x86)\WIBUKEY\Server\WkSvMgr.exe (WIBU-SYSTEMS AG)
Startup: C:\Users\asus\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Googel+.lnk
ShortcutTarget: Googel+.lnk -> C:\Users\asus\AppData\Local\Temp\Googel+.vbs (No File)

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.facebook.com/
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://fr.msn.com/?ocid=iehp
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = fr-FR
HKCU\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = http://www.google.fr/
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
SearchScopes: HKLM - DefaultScope {9BB47C17-9C68-4BB3-B188-DD9AF0FD2001} URL =
SearchScopes: HKCU - DefaultScope {035E04BC-C5F6-41fa-88A1-BE9B5DD2DB2A} URL = http://www.bing.com/search?q={searchTerms}&form=SPLBR2&pc=SPLH
SearchScopes: HKCU - {035E04BC-C5F6-41fa-88A1-BE9B5DD2DB2A} URL = http://www.bing.com/search?q={searchTerms}&form=SPLBR2&pc=SPLH
SearchScopes: HKCU - {4EC7C6EB-C804-48c2-9353-A8627F1BFE95} URL = http://fr.search.yahoo.com/search?p={searchTerms}&fr=chr-devicevm&type=STDVM
BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Skype add-on for Internet Explorer - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Microsoft Corporation)
BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: RealNetworks Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin.dll (RealDownloader)
BHO-x32: PasswordBox Helper - {5DB69B97-934B-451D-94DB-32EF802A01CD} - C:\Program Files (x86)\PasswordBox\Application\pbbtn.dll (PasswordBox, Inc.)
BHO-x32: Norton Identity Protection - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton Internet Security\Engine\20.5.0.28\coIEPlg.dll (Symantec Corporation)
BHO-x32: Norton Vulnerability Protection - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton Internet Security\Engine\20.5.0.28\IPS\IPSBHO.DLL (Symantec Corporation)
BHO-x32: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: CIESpeechBHO Class - {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll (Atheros Commnucations)
BHO-x32: Programme d'aide de l'Assistant de connexion Windows Live ID - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Windows Live Messenger Companion Helper - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll (Microsoft Corporation)
BHO-x32: Skype Browser Helper - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
BHO-x32: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM-x32 - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine\20.5.0.28\coIEPlg.dll (Symantec Corporation)
DPF: HKLM-x32 {02BCC737-B171-4746-94C9-0D8A0B2C0089} http://office.microsoft.com/_layouts/ClientBin/ieawsdc32.cab
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Microsoft Corporation)
Handler-x32: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1

FireFox:
========
FF Plugin: @java.com/DTPlugin,version=10.9.2 - C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.9.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE - disabled No File
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=2.1.0 - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @Google.com/GoogleEarthPlugin - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @java.com/DTPlugin,version=10.55.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.55.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE - disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files (x86)\Microsoft Silverlight\4.0.60831.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~2\MICROS~3\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~2\MICROS~3\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @real.com/nppl3260;version=16.0.3.51 - c:\program files (x86)\real\realplayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprndlchromebrowserrecordext;version=1.3.3 - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlchromebrowserrecordext.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprndlhtml5videoshim;version=1.3.3 - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlhtml5videoshim.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprndlpepperflashvideoshim;version=1.3.3 - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlpepperflashvideoshim.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprpchromebrowserrecordext;version=15.0.4.53 - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprphtml5videoshim;version=15.0.4.53 - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprpplugin;version=16.0.3.51 - c:\program files (x86)\real\realplayer\Netscape6\nprpplugin.dll (RealPlayer)
FF Plugin-x32: @realnetworks.com/npdlplugin;version=1 - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\npdlplugin.dll (RealDownloader)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @Skype Limited.com/Facebook Video Calling Plugin - C:\Users\asus\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited)
FF HKLM-x32\...\Firefox\Extensions: [{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.2.0.19\coFFPlgn\
FF Extension: Norton Toolbar - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.2.0.19\coFFPlgn\ []
FF HKLM-x32\...\Firefox\Extensions: [{BBDA0591-3099-440a-AA10-41764D9DB4DB}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.2.0.19\IPSFF
FF Extension: Norton Vulnerability Protection - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.2.0.19\IPSFF [2013-10-09]
FF HKLM-x32\...\Firefox\Extensions: [{DF153AFF-6948-45d7-AC98-4FC4AF8A08E2}] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext\
FF Extension: RealDownloader - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext\ []
FF HKLM-x32\...\Firefox\Extensions: [{ABDE892B-13A8-4d1b-88E6-365A6E755758}] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext
FF Extension: RealDownloader - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext [2013-09-07]
FF HKCU\...\Firefox\Extensions: [speedtest4354@BestOffers] - C:\Users\asus\AppData\Roaming\Mozilla\Extensions\speedtest4354@BestOffers
FF Extension: Speed Test 127 - C:\Users\asus\AppData\Roaming\Mozilla\Extensions\speedtest4354@BestOffers [2014-04-25]

Chrome:
=======
CHR Extension: (Documents Google) - C:\Users\asus\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2013-12-29]
CHR Extension: (Google Drive) - C:\Users\asus\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2013-12-29]
CHR Extension: (Norton Identity Protection) - C:\Users\asus\AppData\Local\Google\Chrome\User Data\Default\Extensions\bejnhdlplbjhffionohbdnpcbobfejcc [2014-05-14]
CHR Extension: (YouTube) - C:\Users\asus\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2013-12-29]
CHR Extension: (Recherche Google) - C:\Users\asus\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2013-12-29]
CHR Extension: (RealDownloader) - C:\Users\asus\AppData\Local\Google\Chrome\User Data\Default\Extensions\idhngdhcfkoamngbedgpaokgjbnpdiji [2013-12-29]
CHR Extension: (Skype Click to Call) - C:\Users\asus\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2013-12-29]
CHR Extension: (Google Wallet) - C:\Users\asus\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-12-29]
CHR Extension: (Gmail) - C:\Users\asus\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2013-12-29]
CHR HKLM-x32\...\Chrome\Extension: [bejnhdlplbjhffionohbdnpcbobfejcc] - C:\Program Files (x86)\Norton Internet Security\Engine\20.5.0.28\Exts\Chrome.crx [2014-05-01]
CHR HKLM-x32\...\Chrome\Extension: [idhngdhcfkoamngbedgpaokgjbnpdiji] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Chrome\Ext\realdownloader.crx [2013-08-14]
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx [2014-04-11]

==================== Services (Whitelisted) =================

Locked "fbf35de5565434a5" service could not be unlocked. <===== ATTENTION

R2 Autodesk Content Service; C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe [18656 2011-02-02] ()
R2 Autodesk Licensing Service; C:\Program Files (x86)\Common Files\Autodesk Shared\Service\AdskScSrv.exe [79360 2013-10-29] (Autodesk)
R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1390720 2014-04-11] (Microsoft Corporation)
R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1764992 2014-04-11] (Microsoft Corporation)
R2 mi-raysat_3dsmax2012_64; C:\Program Files\Autodesk\3ds Max 2012\mentalimages\satellite\raysat_3dsmax2012_64server.exe [86016 2011-02-22] ()
R2 mi-raysat_3dsmax9_64; C:\Program Files\Autodesk\3ds Max 9\mentalray\satellite\raysat_3dsmax9_64server.exe [65536 2006-09-29] ()
S4 msvsmon90; C:\Program Files\Microsoft Visual Studio 9.0\Common7\IDE\Remote Debugger\x64\msvsmon.exe [4737024 2008-07-29] (Microsoft Corporation)
R2 NIS; C:\Program Files (x86)\Norton Internet Security\Engine\20.5.0.28\ccSvcHst.exe [144368 2013-05-21] (Symantec Corporation)
R2 PasswordBox; C:\Program Files (x86)\PasswordBox\pbbtnService.exe [67584 2014-05-14] (PasswordBox, Inc.)
R2 Peerinator; C:\Program Files (x86)\Peerinator\Peerinator.exe [53248 2013-04-04] ()
R2 RealNetworks Downloader Resolver Service; C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe [39056 2013-08-14] ()

==================== Drivers (Whitelisted) ====================

S3 61883; C:\Windows\System32\DRIVERS\61883.sys [60288 2009-07-14] (Microsoft Corporation)
R1 aswKbd; C:\Windows\System32\Drivers\aswKbd.sys [28504 2012-02-23] (AVAST Software)
R1 BHDrvx64; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.2.0.19\Definitions\BASHDefs\20131218.001\BHDrvx64.sys [1526488 2013-12-18] (Symantec Corporation)
R1 ccSet_NIS; C:\Windows\system32\drivers\NISx64\1405000.01C\ccSetx64.sys [169048 2013-04-16] (Symantec Corporation)
R1 eeCtrl; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [484952 2013-11-21] (Symantec Corporation)
U5 fbf35de5565434a5; C:\Windows\System32\Drivers\fbf35de5565434a5.sys [79824 2014-03-15] () <===== ATTENTION Necurs Rootkit?
R1 IDSVia64; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.2.0.19\Definitions\IPSDefs\20140103.001\IDSvia64.sys [521944 2013-12-13] (Symantec Corporation)
S3 NAVENG; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.2.0.19\Definitions\VirusDefs\20140106.001\ENG64.SYS [126040 2013-09-13] (Symantec Corporation)
S3 NAVEX15; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.2.0.19\Definitions\VirusDefs\20140106.001\EX64.SYS [2099288 2013-09-13] (Symantec Corporation)
S3 sbp2port; C:\Windows\system32\DRIVERS\sbp2port.sys [103808 2011-01-19] ()
S3 scfilter; C:\Windows\System32\DRIVERS\scfilter.sys [29696 2011-01-19] ()
R2 secdrv; C:\Windows\System32\Drivers\secdrv.sys [23040 2009-06-10] ()
R3 Serenum; C:\Windows\System32\DRIVERS\serenum.sys [23552 2009-07-14] ()
R1 Serial; C:\Windows\System32\DRIVERS\serial.sys [94208 2009-07-14] ()
S3 sermouse; C:\Windows\system32\DRIVERS\sermouse.sys [26624 2009-07-14] ()
S3 sffdisk; C:\Windows\system32\DRIVERS\sffdisk.sys [14336 2009-07-14] ()
S3 sffp_mmc; C:\Windows\system32\DRIVERS\sffp_mmc.sys [13824 2009-07-14] ()
S3 sffp_sd; C:\Windows\system32\DRIVERS\sffp_sd.sys [14336 2011-01-19] ()
S3 sfloppy; C:\Windows\system32\DRIVERS\sfloppy.sys [16896 2009-07-14] ()
S3 SiSRaid2; C:\Windows\system32\DRIVERS\SiSRaid2.sys [43584 2009-07-14] ()
S3 SiSRaid4; C:\Windows\system32\DRIVERS\sisraid4.sys [80464 2009-07-14] ()
S3 Smb; C:\Windows\System32\DRIVERS\smb.sys [93184 2009-07-14] ()
R0 spldr; C:\Windows\System32\Drivers\spldr.sys [19008 2009-07-14] ()
S3 SRTSP; C:\Windows\System32\Drivers\NISx64\1405000.01C\SRTSP64.SYS [796760 2013-05-16] (Symantec Corporation)
R1 SRTSPX; C:\Windows\system32\drivers\NISx64\1405000.01C\SRTSPX64.SYS [36952 2013-03-05] (Symantec Corporation)
R3 srv; C:\Windows\System32\DRIVERS\srv.sys [467456 2011-04-29] ()
R3 srv2; C:\Windows\System32\DRIVERS\srv2.sys [410112 2011-04-29] ()
R3 srvnet; C:\Windows\System32\DRIVERS\srvnet.sys [168448 2011-04-29] ()
S3 stexstor; C:\Windows\system32\DRIVERS\stexstor.sys [24656 2009-07-14] ()
R0 storflt; C:\Windows\System32\DRIVERS\vmstorfl.sys [46464 2011-01-19] ()
S3 storvsc; C:\Windows\system32\DRIVERS\storvsc.sys [34688 2011-01-19] ()
R3 swenum; C:\Windows\System32\DRIVERS\swenum.sys [12496 2009-07-14] ()
R0 SymDS; C:\Windows\System32\drivers\NISx64\1405000.01C\SYMDS64.SYS [493656 2013-05-21] (Symantec Corporation)
R0 SymEFA; C:\Windows\System32\drivers\NISx64\1405000.01C\SYMEFA64.SYS [1139800 2013-05-23] (Symantec Corporation)
R3 SymEvent; C:\Windows\system32\Drivers\SYMEVENT64x86.SYS [177312 2014-05-19] ()
R1 SymIRON; C:\Windows\system32\drivers\NISx64\1405000.01C\Ironx64.SYS [224416 2013-03-05] (Symantec Corporation)
R1 SymNetS; C:\Windows\System32\Drivers\NISx64\1405000.01C\SYMNETS.SYS [433752 2013-04-25] (Symantec Corporation)
S3 Synth3dVsc; C:\Windows\System32\drivers\synth3dvsc.sys [88960 2011-01-19] ()
R0 Tcpip; C:\Windows\System32\drivers\tcpip.sys [1923952 2011-09-29] ()
S3 TCPIP6; C:\Windows\System32\DRIVERS\tcpip.sys [1923952 2011-09-29] ()
R2 tcpipreg; C:\Windows\System32\drivers\tcpipreg.sys [45056 2011-01-19] ()
S3 TDPIPE; C:\Windows\System32\drivers\tdpipe.sys [15872 2009-07-14] ()
S3 TDTCP; C:\Windows\System32\drivers\tdtcp.sys [23552 2009-07-14] ()
R1 tdx; C:\Windows\System32\DRIVERS\tdx.sys [119296 2011-01-19] ()
R1 TermDD; C:\Windows\System32\DRIVERS\termdd.sys [63360 2011-01-19] ()
S3 terminpt; C:\Windows\system32\DRIVERS\terminpt.sys [34816 2011-01-19] ()
S3 tssecsrv; C:\Windows\System32\DRIVERS\tssecsrv.sys [39424 2011-01-19] ()
S3 TsUsbFlt; C:\Windows\System32\drivers\tsusbflt.sys [59392 2011-01-19] ()
S3 TsUsbGD; C:\Windows\system32\DRIVERS\TsUsbGD.sys [31232 2011-01-19] ()
S3 tsusbhub; C:\Windows\System32\drivers\tsusbhub.sys [117248 2011-01-19] ()
S3 tunnel; C:\Windows\System32\DRIVERS\tunnel.sys [125440 2011-01-19] ()
S3 uagp35; C:\Windows\system32\DRIVERS\uagp35.sys [64080 2009-07-14] ()
S4 udfs; C:\Windows\System32\DRIVERS\udfs.sys [328192 2011-01-19] ()
S3 uliagpkx; C:\Windows\system32\DRIVERS\uliagpkx.sys [64592 2009-07-14] ()
R3 umbus; C:\Windows\System32\DRIVERS\umbus.sys [48640 2011-01-19] ()
S3 UmPass; C:\Windows\system32\DRIVERS\umpass.sys [9728 2009-07-14] ()
S3 usbaudio; C:\Windows\System32\drivers\usbaudio.sys [109696 2011-01-19] ()
R3 usbccgp; C:\Windows\System32\DRIVERS\usbccgp.sys [98816 2011-03-25] ()
S3 usbcir; C:\Windows\system32\DRIVERS\usbcir.sys [100352 2009-07-14] ()
R3 usbehci; C:\Windows\system32\drivers\usbehci.sys [52736 2011-03-25] ()
R3 usbhub; C:\Windows\System32\DRIVERS\usbhub.sys [343040 2011-03-25] ()
S3 usbohci; C:\Windows\system32\drivers\usbohci.sys [25600 2011-03-25] ()
S3 usbprint; C:\Windows\System32\DRIVERS\usbprint.sys [25088 2009-07-14] ()
S3 usbscan; C:\Windows\System32\DRIVERS\usbscan.sys [41984 2009-07-14] ()
R3 USBSTOR; C:\Windows\System32\DRIVERS\USBSTOR.SYS [91648 2011-03-11] ()
S3 usbuhci; C:\Windows\system32\drivers\usbuhci.sys [30720 2011-03-25] ()
R3 usbvideo; C:\Windows\System32\Drivers\usbvideo.sys [184960 2011-01-19] ()
R0 vdrvroot; C:\Windows\System32\DRIVERS\vdrvroot.sys [36432 2009-07-14] ()
S3 vga; C:\Windows\System32\DRIVERS\vgapnp.sys [29184 2009-07-14] ()
R1 VgaSave; C:\Windows\System32\drivers\vga.sys [29184 2009-07-14] ()
S3 vhdmp; C:\Windows\system32\DRIVERS\vhdmp.sys [215936 2011-01-19] ()
S3 viaide; C:\Windows\system32\DRIVERS\viaide.sys [17488 2009-07-14] ()
S3 vmbus; C:\Windows\system32\DRIVERS\vmbus.sys [199552 2011-01-19] ()
S3 VMBusHID; C:\Windows\system32\DRIVERS\VMBusHID.sys [21760 2011-01-19] ()
R0 volmgr; C:\Windows\System32\DRIVERS\volmgr.sys [71552 2011-01-19] ()
R0 volmgrx; C:\Windows\System32\drivers\volmgrx.sys [363392 2011-01-19] ()
R0 volsnap; C:\Windows\System32\DRIVERS\volsnap.sys [295808 2011-01-19] ()
S3 vsmraid; C:\Windows\system32\DRIVERS\vsmraid.sys [161872 2009-07-14] ()
S3 vwifibus; C:\Windows\System32\drivers\vwifibus.sys [24576 2009-07-14] ()
S3 WacomPen; C:\Windows\system32\DRIVERS\wacompen.sys [27776 2009-07-14] ()
S3 WANARP; C:\Windows\System32\DRIVERS\wanarp.sys [88576 2011-01-19] ()
R1 Wanarpv6; C:\Windows\System32\DRIVERS\wanarp.sys [88576 2011-01-19] ()
S3 Wd; C:\Windows\system32\DRIVERS\wd.sys [21056 2009-07-14] ()
R0 Wdf01000; C:\Windows\System32\drivers\Wdf01000.sys [654928 2009-07-14] ()
R1 WfpLwf; C:\Windows\System32\DRIVERS\wfplwf.sys [12800 2009-07-14] ()
R2 WIBUKEY; C:\Windows\System32\DRIVERS\WibuKey64.sys [103224 2009-12-03] ()
S3 WIMMount; C:\Windows\System32\drivers\wimmount.sys [22096 2009-07-14] ()
S3 WinUsb; C:\Windows\System32\DRIVERS\WinUsb.sys [41984 2011-01-19] ()
R3 WmiAcpi; C:\Windows\System32\DRIVERS\wmiacpi.sys [14336 2009-07-14] ()
S4 ws2ifsl; C:\Windows\system32\drivers\ws2ifsl.sys [21504 2009-07-14] ()
R3 WudfPf; C:\Windows\System32\drivers\WudfPf.sys [112128 2011-01-19] ()
S3 WUDFRd; C:\Windows\System32\DRIVERS\WUDFRd.sys [172544 2011-01-19] ()
U2 ccEvtMgr;
U2 ccSetMgr;
U3 navapsvc;
U3 SAVRT;
U1 SAVRTPEL;
U3 TlntSvr;
S3 VGPU; System32\drivers\rdvgkmd.sys [X]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-05-19 18:58 - 2014-05-19 18:58 - 00029210 _____ () C:\Users\asus\Desktop\FRST.txt
2014-05-19 18:57 - 2014-05-19 18:58 - 00000000 ____D () C:\FRST
2014-05-19 18:57 - 2014-05-19 18:57 - 02067456 _____ (Farbar) C:\Users\asus\Desktop\FRST64.exe
2014-05-19 15:59 - 2014-05-19 15:59 - 00003336 _____ () C:\Windows\System32\Tasks\RealPlayerRealUpgradeScheduledTaskS-1-5-21-3928126596-1977187859-2143984793-1000
2014-05-19 15:59 - 2014-05-19 15:59 - 00003200 _____ () C:\Windows\System32\Tasks\RealPlayerRealUpgradeLogonTaskS-1-5-21-3928126596-1977187859-2143984793-1000
2014-05-19 15:57 - 2014-05-19 15:57 - 00000000 ___RD () C:\Users\asus\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BT Devices
2014-05-19 10:11 - 2014-05-19 10:32 - 00177312 _____ () C:\Windows\system32\Drivers\SYMEVENT64x86.SYS
2014-05-19 10:01 - 2014-05-19 10:01 - 00000000 ____D () C:\Users\asus\AppData\Local\{4A62B7A8-BF80-4C12-B077-7EEF050C456E}
2014-05-18 23:50 - 2014-05-18 23:50 - 00068034 _____ () C:\Users\asus\Desktop\ZHPDiag.txt
2014-05-18 23:45 - 2014-05-18 23:45 - 00002656 _____ () C:\Users\asus\Desktop\ZHPFixReport.txt
2014-05-18 23:45 - 2014-05-18 23:45 - 00002656 _____ () C:\Users\asus\Desktop\ZHPFix[R2].txt
2014-05-18 23:38 - 2014-05-18 23:38 - 00000000 ____D () C:\Windows\SysWOW64\My Vaults
2014-05-18 23:36 - 2014-05-18 23:42 - 00066593 _____ () C:\Users\asus\Desktop\Shortcut_Module_18_05_2014_23_36_05.txt
2014-05-18 22:40 - 2014-05-18 23:42 - 00000000 ____D () C:\Shortcut_Module
2014-05-18 22:39 - 2014-05-18 22:39 - 02560000 _____ () C:\Users\asus\Desktop\Shortcut_Module.exe
2014-05-18 21:09 - 2014-05-18 21:09 - 00009017 _____ () C:\Users\asus\Desktop\rapport malwaresbytes.txt
2014-05-18 20:49 - 2014-05-18 21:07 - 00119512 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-05-18 20:48 - 2014-05-18 20:48 - 00001066 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-05-18 20:48 - 2014-05-18 20:48 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2014-05-18 20:48 - 2014-05-18 20:48 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-05-18 20:48 - 2014-04-03 09:51 - 00088280 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-05-18 20:48 - 2014-04-03 09:51 - 00063192 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-05-18 20:48 - 2014-04-03 09:50 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-05-18 20:46 - 2014-05-18 20:48 - 17305616 _____ (Malwarebytes Corporation ) C:\Users\asus\Desktop\mbam-setup-2.0.1.1004.exe
2014-05-18 20:44 - 2014-05-18 20:44 - 00027360 _____ () C:\Users\asus\Desktop\JRT.txt
2014-05-18 20:33 - 2014-05-18 20:33 - 01016261 _____ (Thisisu) C:\Users\asus\Desktop\JRT.exe
2014-05-18 20:20 - 2014-05-18 20:20 - 00023144 _____ () C:\Users\asus\Desktop\AdwCleaner[S0].txt
2014-05-18 20:16 - 2010-08-30 08:34 - 00536576 _____ (SQLite Development Team) C:\Windows\SysWOW64\sqlite3.dll
2014-05-18 20:07 - 2014-05-18 20:17 - 00000000 ____D () C:\AdwCleaner
2014-05-18 20:07 - 2014-05-18 20:07 - 01328723 _____ () C:\Users\asus\Desktop\adwcleaner_3.209.exe
2014-05-17 23:07 - 2014-05-17 23:07 - 00028276 _____ () C:\Users\asus\Downloads\Carriers+LiMiTED+FRENCH+XviD-AYMO+.torrent
2014-05-17 22:48 - 2014-05-17 22:48 - 00003358 _____ () C:\Windows\System32\Tasks\RealDownloaderRealUpgradeScheduledTaskS-1-5-21-3928126596-1977187859-2143984793-1000
2014-05-17 22:48 - 2014-05-17 22:48 - 00003222 _____ () C:\Windows\System32\Tasks\RealDownloaderRealUpgradeLogonTaskS-1-5-21-3928126596-1977187859-2143984793-1000
2014-05-17 19:06 - 2014-05-18 23:48 - 00000000 ____D () C:\Program Files (x86)\ZHPDiag
2014-05-17 19:06 - 2014-05-17 19:06 - 00001951 _____ () C:\Users\asus\Desktop\ZHPFix.lnk
2014-05-17 19:06 - 2014-05-17 19:06 - 00001824 _____ () C:\Users\asus\Desktop\ZHPDiag.lnk
2014-05-17 19:06 - 2014-05-17 19:06 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ZHP
2014-05-17 16:43 - 2014-05-17 16:43 - 00041536 _____ () C:\Users\asus\Desktop\UsbFix_Report.txt
2014-05-17 16:02 - 2014-05-17 16:43 - 00000000 ____D () C:\UsbFix
2014-05-17 16:02 - 2014-05-17 16:02 - 00001448 _____ () C:\Users\asus\Desktop\UsbFix.lnk
2014-05-17 00:07 - 2014-05-17 12:43 - 00000046 _____ () C:\Users\asus\Desktop\films.txt
2014-05-16 19:32 - 2014-05-16 19:38 - 00186738 _____ () C:\Windows\DPINST.LOG
2014-05-16 19:29 - 2014-05-16 19:31 - 27874312 _____ (Sony Mobile Communications ) C:\Users\asus\Downloads\Sony PC Companion_Web.exe
2014-05-14 08:18 - 2014-05-14 08:18 - 00000000 ____D () C:\Windows\System32\Tasks\Norton Internet Security
2014-05-13 20:08 - 2014-05-13 20:08 - 02921141 _____ () C:\Users\asus\Downloads\SALLE SEMINAIRE 12-05-2014.dwg
2014-05-13 20:06 - 2014-05-13 20:06 - 00283336 _____ () C:\Users\asus\Downloads\masse-village.dwg
2014-05-12 21:22 - 2014-05-12 21:22 - 00011809 _____ () C:\Users\asus\Downloads\[kickass.to]lumion.4.pro (1).torrent
2014-05-12 21:21 - 2014-05-12 21:21 - 00011809 _____ () C:\Users\asus\Downloads\[kickass.to]lumion.4.pro.torrent
2014-05-02 11:33 - 2014-05-02 11:33 - 00005432 _____ () C:\Windows\SysWOW64\jupdate-1.7.0_55-b14.log
2014-05-02 11:33 - 2014-04-14 20:13 - 00096168 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2014-05-02 11:33 - 2014-04-14 20:05 - 00264616 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2014-05-02 11:33 - 2014-04-14 20:05 - 00175528 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2014-05-02 11:33 - 2014-04-14 20:04 - 00175016 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2014-04-25 23:29 - 2014-04-25 23:29 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ffdshow
2014-04-25 23:29 - 2014-04-25 23:29 - 00000000 ____D () C:\Program Files (x86)\ffdshow
2014-04-25 23:29 - 2012-04-09 00:40 - 00079360 _____ () C:\Windows\SysWOW64\ff_vfw.dll
2014-04-25 23:28 - 2014-04-25 23:28 - 00000000 ____D () C:\Users\asus\AppData\Roaming\Mozilla
2014-04-23 19:09 - 2014-04-23 19:09 - 00000000 ____D () C:\ProgramData\McAfee
2014-04-23 16:20 - 2014-04-23 18:07 - 00000000 ____D () C:\Users\asus\Desktop\265
2014-04-19 16:36 - 2014-04-19 16:38 - 00000000 ____D () C:\Users\asus\Documents\Lumion 4
2014-04-19 16:30 - 2014-04-19 16:30 - 00000000 ____D () C:\ProgramData\Package Cache
2014-04-19 16:29 - 2014-04-19 16:35 - 00000947 _____ () C:\Users\asus\Desktop\Lumion 4.0.2.lnk
2014-04-19 16:29 - 2014-04-19 16:29 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lumion 4.0.2
2014-04-19 16:18 - 2014-04-19 16:29 - 00000000 ____D () C:\Program Files\Lumion 4.0.2

==================== One Month Modified Files and Folders =======

2014-05-19 18:58 - 2014-05-19 18:58 - 00029210 _____ () C:\Users\asus\Desktop\FRST.txt
2014-05-19 18:58 - 2014-05-19 18:57 - 00000000 ____D () C:\FRST
2014-05-19 18:58 - 2012-04-07 22:24 - 00001002 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-05-19 18:58 - 2011-12-21 23:26 - 00000000 ____D () C:\Users\asus\AppData\Roaming\Skype
2014-05-19 18:58 - 2011-12-16 23:57 - 00000000 ____D () C:\Users\asus\AppData\Roaming\uTorrent
2014-05-19 18:57 - 2014-05-19 18:57 - 02067456 _____ (Farbar) C:\Users\asus\Desktop\FRST64.exe
2014-05-19 18:55 - 2009-07-14 17:24 - 00745056 _____ () C:\Windows\system32\perfh00C.dat
2014-05-19 18:55 - 2009-07-14 17:24 - 00148574 _____ () C:\Windows\system32\perfc00C.dat
2014-05-19 18:55 - 2009-07-14 07:13 - 01661710 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-05-19 18:45 - 2011-12-07 18:41 - 00001064 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-05-19 16:38 - 2012-07-21 01:33 - 00000924 _____ () C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3928126596-1977187859-2143984793-1000UA.job
2014-05-19 16:06 - 2009-07-14 06:45 - 00020880 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-05-19 16:06 - 2009-07-14 06:45 - 00020880 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-05-19 15:59 - 2014-05-19 15:59 - 00003336 _____ () C:\Windows\System32\Tasks\RealPlayerRealUpgradeScheduledTaskS-1-5-21-3928126596-1977187859-2143984793-1000
2014-05-19 15:59 - 2014-05-19 15:59 - 00003200 _____ () C:\Windows\System32\Tasks\RealPlayerRealUpgradeLogonTaskS-1-5-21-3928126596-1977187859-2143984793-1000
2014-05-19 15:58 - 2011-12-07 18:41 - 00001060 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-05-19 15:58 - 2011-12-06 22:34 - 00000000 ____D () C:\Users\asus\Tracing
2014-05-19 15:57 - 2014-05-19 15:57 - 00000000 ___RD () C:\Users\asus\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BT Devices
2014-05-19 15:57 - 2013-11-18 17:51 - 00008906 _____ () C:\Windows\PFRO.log
2014-05-19 15:57 - 2013-11-15 12:07 - 00031174 _____ () C:\Windows\setupact.log
2014-05-19 15:57 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-05-19 10:32 - 2014-05-19 10:11 - 00177312 _____ () C:\Windows\system32\Drivers\SYMEVENT64x86.SYS
2014-05-19 10:32 - 2013-01-05 21:28 - 00007631 _____ () C:\Windows\system32\Drivers\SYMEVENT64x86.CAT
2014-05-19 10:03 - 2011-12-05 06:36 - 00003928 _____ () C:\Windows\System32\Tasks\User_Feed_Synchronization-{860F91F4-C27D-4F62-AA38-8960FE8A38A5}
2014-05-19 10:01 - 2014-05-19 10:01 - 00000000 ____D () C:\Users\asus\AppData\Local\{4A62B7A8-BF80-4C12-B077-7EEF050C456E}
2014-05-18 23:50 - 2014-05-18 23:50 - 00068034 _____ () C:\Users\asus\Desktop\ZHPDiag.txt
2014-05-18 23:49 - 2013-10-21 21:03 - 00000000 ____D () C:\Users\asus\AppData\Roaming\ZHP
2014-05-18 23:48 - 2014-05-17 19:06 - 00000000 ____D () C:\Program Files (x86)\ZHPDiag
2014-05-18 23:47 - 2013-12-29 22:29 - 00002141 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-05-18 23:45 - 2014-05-18 23:45 - 00002656 _____ () C:\Users\asus\Desktop\ZHPFixReport.txt
2014-05-18 23:45 - 2014-05-18 23:45 - 00002656 _____ () C:\Users\asus\Desktop\ZHPFix[R2].txt
2014-05-18 23:42 - 2014-05-18 23:36 - 00066593 _____ () C:\Users\asus\Desktop\Shortcut_Module_18_05_2014_23_36_05.txt
2014-05-18 23:42 - 2014-05-18 22:40 - 00000000 ____D () C:\Shortcut_Module
2014-05-18 23:40 - 2011-12-07 18:41 - 00004060 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2014-05-18 23:40 - 2011-12-07 18:41 - 00003808 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2014-05-18 23:38 - 2014-05-18 23:38 - 00000000 ____D () C:\Windows\SysWOW64\My Vaults
2014-05-18 23:30 - 2013-03-22 20:39 - 00000000 ___DC () C:\ProgramData\{BBA0B462-6C7F-4F09-997B-3770643E7176}
2014-05-18 23:24 - 2012-03-23 00:15 - 00000000 ____D () C:\Program Files (x86)\Counter-Strike 1.6
2014-05-18 22:39 - 2014-05-18 22:39 - 02560000 _____ () C:\Users\asus\Desktop\Shortcut_Module.exe
2014-05-18 21:09 - 2014-05-18 21:09 - 00009017 _____ () C:\Users\asus\Desktop\rapport malwaresbytes.txt
2014-05-18 21:07 - 2014-05-18 20:49 - 00119512 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-05-18 20:48 - 2014-05-18 20:48 - 00001066 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-05-18 20:48 - 2014-05-18 20:48 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2014-05-18 20:48 - 2014-05-18 20:48 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-05-18 20:48 - 2014-05-18 20:46 - 17305616 _____ (Malwarebytes Corporation ) C:\Users\asus\Desktop\mbam-setup-2.0.1.1004.exe
2014-05-18 20:48 - 2012-11-12 00:34 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-05-18 20:44 - 2014-05-18 20:44 - 00027360 _____ () C:\Users\asus\Desktop\JRT.txt
2014-05-18 20:33 - 2014-05-18 20:33 - 01016261 _____ (Thisisu) C:\Users\asus\Desktop\JRT.exe
2014-05-18 20:20 - 2014-05-18 20:20 - 00023144 _____ () C:\Users\asus\Desktop\AdwCleaner[S0].txt
2014-05-18 20:17 - 2014-05-18 20:07 - 00000000 ____D () C:\AdwCleaner
2014-05-18 20:07 - 2014-05-18 20:07 - 01328723 _____ () C:\Users\asus\Desktop\adwcleaner_3.209.exe
2014-05-18 09:24 - 2009-07-14 04:34 - 00000505 _____ () C:\Windows\win.ini
2014-05-17 23:07 - 2014-05-17 23:07 - 00028276 _____ () C:\Users\asus\Downloads\Carriers+LiMiTED+FRENCH+XviD-AYMO+.torrent
2014-05-17 22:48 - 2014-05-17 22:48 - 00003358 _____ () C:\Windows\System32\Tasks\RealDownloaderRealUpgradeScheduledTaskS-1-5-21-3928126596-1977187859-2143984793-1000
2014-05-17 22:48 - 2014-05-17 22:48 - 00003222 _____ () C:\Windows\System32\Tasks\RealDownloaderRealUpgradeLogonTaskS-1-5-21-3928126596-1977187859-2143984793-1000
2014-05-17 22:46 - 2013-11-21 13:20 - 00000000 ____D () C:\Program Files (x86)\PasswordBox
2014-05-17 19:06 - 2014-05-17 19:06 - 00001951 _____ () C:\Users\asus\Desktop\ZHPFix.lnk
2014-05-17 19:06 - 2014-05-17 19:06 - 00001824 _____ () C:\Users\asus\Desktop\ZHPDiag.lnk
2014-05-17 19:06 - 2014-05-17 19:06 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ZHP
2014-05-17 16:43 - 2014-05-17 16:43 - 00041536 _____ () C:\Users\asus\Desktop\UsbFix_Report.txt
2014-05-17 16:43 - 2014-05-17 16:02 - 00000000 ____D () C:\UsbFix
2014-05-17 16:19 - 2011-12-07 21:35 - 00005724 _____ () C:\Users\asus\Desktop\Nouveau document texte.txt
2014-05-17 16:02 - 2014-05-17 16:02 - 00001448 _____ () C:\Users\asus\Desktop\UsbFix.lnk
2014-05-17 12:43 - 2014-05-17 00:07 - 00000046 _____ () C:\Users\asus\Desktop\films.txt
2014-05-17 12:36 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\system32\NDF
2014-05-16 19:38 - 2014-05-16 19:32 - 00186738 _____ () C:\Windows\DPINST.LOG
2014-05-16 19:32 - 2013-05-11 21:16 - 00002026 _____ () C:\Users\Public\Desktop\Sony PC Companion 2.1.lnk
2014-05-16 19:32 - 2011-12-04 22:40 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2014-05-16 19:31 - 2014-05-16 19:29 - 27874312 _____ (Sony Mobile Communications ) C:\Users\asus\Downloads\Sony PC Companion_Web.exe
2014-05-16 19:17 - 2011-12-07 18:30 - 00002441 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader X.lnk
2014-05-15 22:45 - 2013-11-17 22:53 - 00000812 _____ () C:\Users\asus\Desktop\µTorrent.lnk
2014-05-15 22:45 - 2013-11-17 22:53 - 00000792 _____ () C:\Users\asus\AppData\Roaming\Microsoft\Windows\Start Menu\µTorrent.lnk
2014-05-14 23:29 - 2011-12-05 18:03 - 00000000 ____D () C:\Users\asus\AppData\Local\CrashDumps
2014-05-14 20:16 - 2014-01-19 21:54 - 00000000 ____D () C:\Users\asus\Desktop\MUSIQUE
2014-05-14 18:59 - 2011-12-04 22:37 - 00000000 ___RD () C:\Users\asus\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-05-14 18:43 - 2011-12-07 18:30 - 00000000 ____D () C:\Users\asus\AppData\Local\Adobe
2014-05-14 18:42 - 2012-04-07 22:24 - 00692400 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-05-14 18:42 - 2012-04-07 22:24 - 00003940 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-05-14 18:42 - 2011-12-05 00:23 - 00070832 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-05-14 08:18 - 2014-05-14 08:18 - 00000000 ____D () C:\Windows\System32\Tasks\Norton Internet Security
2014-05-14 08:11 - 2013-01-06 15:17 - 00003234 _____ () C:\Windows\System32\Tasks\Norton WSC Integration
2014-05-14 08:11 - 2013-01-06 15:17 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Norton Internet Security
2014-05-14 08:11 - 2013-01-05 21:28 - 00002461 _____ () C:\Users\Public\Desktop\Norton Internet Security.lnk
2014-05-13 20:08 - 2014-05-13 20:08 - 02921141 _____ () C:\Users\asus\Downloads\SALLE SEMINAIRE 12-05-2014.dwg
2014-05-13 20:06 - 2014-05-13 20:06 - 00283336 _____ () C:\Users\asus\Downloads\masse-village.dwg
2014-05-13 15:46 - 2011-12-21 23:25 - 00000000 ___RD () C:\Program Files (x86)\Skype
2014-05-12 21:22 - 2014-05-12 21:22 - 00011809 _____ () C:\Users\asus\Downloads\[kickass.to]lumion.4.pro (1).torrent
2014-05-12 21:21 - 2014-05-12 21:21 - 00011809 _____ () C:\Users\asus\Downloads\[kickass.to]lumion.4.pro.torrent
2014-05-10 21:07 - 2011-12-07 19:30 - 00000000 ____D () C:\Users\asus\AppData\Roaming\vlc
2014-05-10 20:47 - 2011-12-04 23:50 - 00000000 ____D () C:\Windows\System32\Tasks\Games
2014-05-09 00:18 - 2013-09-08 20:38 - 00000278 _____ () C:\Users\asus\Desktop\AKram.txt
2014-05-02 11:34 - 2013-12-29 21:55 - 00000000 ____D () C:\ProgramData\Oracle
2014-05-02 11:33 - 2014-05-02 11:33 - 00005432 _____ () C:\Windows\SysWOW64\jupdate-1.7.0_55-b14.log
2014-05-02 11:33 - 2013-07-05 22:41 - 00000000 ____D () C:\Program Files (x86)\Java
2014-05-01 23:52 - 2013-01-05 21:28 - 00000000 ____D () C:\Windows\system32\Drivers\NISx64
2014-04-26 11:48 - 2009-07-14 05:20 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
2014-04-25 23:29 - 2014-04-25 23:29 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ffdshow
2014-04-25 23:29 - 2014-04-25 23:29 - 00000000 ____D () C:\Program Files (x86)\ffdshow
2014-04-25 23:28 - 2014-04-25 23:28 - 00000000 ____D () C:\Users\asus\AppData\Roaming\Mozilla
2014-04-23 19:09 - 2014-04-23 19:09 - 00000000 ____D () C:\ProgramData\McAfee
2014-04-23 18:07 - 2014-04-23 16:20 - 00000000 ____D () C:\Users\asus\Desktop\265
2014-04-19 16:44 - 2011-12-15 22:28 - 00000000 ____D () C:\Users\asus\Documents\3dsMax
2014-04-19 16:38 - 2014-04-19 16:36 - 00000000 ____D () C:\Users\asus\Documents\Lumion 4
2014-04-19 16:36 - 2013-01-24 13:34 - 00000000 ____D () C:\Users\asus\AppData\Roaming\Quest3D
2014-04-19 16:35 - 2014-04-19 16:29 - 00000947 _____ () C:\Users\asus\Desktop\Lumion 4.0.2.lnk
2014-04-19 16:30 - 2014-04-19 16:30 - 00000000 ____D () C:\ProgramData\Package Cache
2014-04-19 16:30 - 2011-12-04 22:25 - 01995185 _____ () C:\Windows\WindowsUpdate.log
2014-04-19 16:29 - 2014-04-19 16:29 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lumion 4.0.2
2014-04-19 16:29 - 2014-04-19 16:18 - 00000000 ____D () C:\Program Files\Lumion 4.0.2

==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys
[2011-01-19 21:51] - [2011-01-19 21:51] - 0295808 ____A () D41D8CD98F00B204E9800998ECF8427E

C:\Windows\System32\Drivers\volsnap.sys No Company Name <===== ATTENTION!



testsigning: ==> Check for possible unsigned rootkit driver <===== ATTENTION!


LastRegBack: 2014-05-19 18:08

==================== End Of Log ============================

Publicité


Signaler le contenu de ce document

Publicité