cjoint

Publicité


Publicité

Format du document : text/plain

Prévisualisation

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 27-05-2015 01
Ran by ecole2 (administrator) on ECOLE on 27-05-2015 21:09:40
Running from C:\Users\ecole2\Desktop
Loaded Profiles: ecole2 (Available Profiles: ecole2)
Platform: Microsoft Windows 7 Professionnel Service Pack 1 (X86) OS Language: Français (France)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(AuthenTec, Inc.) C:\Program Files\Fingerprint Sensor\AtService.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(LSI Corporation) C:\Program Files\LSI SoftModem\agrsmsvc.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Protexis Inc.) C:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe
(TOSHIBA Corporation) C:\Windows\System32\ThpSrv.exe
(TOSHIBA Corporation) C:\Windows\System32\TODDSrv.exe
(TOSHIBA Corporation) C:\Program Files\Toshiba\Power Saver\TosCoSrv.exe
(TOSHIBA Corporation) C:\Program Files\Toshiba\TECO\TecoService.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\NisSrv.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
(Alps Electric Co., Ltd.) C:\Program Files\Apoint2K\Apoint.exe
(Alps Electric Co., Ltd.) C:\Program Files\Apoint2K\ApMsgFwd.exe
(TOSHIBA) C:\Program Files\Toshiba\TFPU\TFPUTaskMonitor.exe
(TOSHIBA Corporation) C:\Windows\System32\ThpSrv.exe
(Alps Electric Co., Ltd.) C:\Program Files\Apoint2K\ApntEx.exe
(TOSHIBA Corporation) C:\Program Files\Toshiba\ReelTime\TosReelTimeMonitor.exe
(Alps Electric Co., Ltd.) C:\Program Files\Apoint2K\hidfind.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(Flux Software LLC) C:\Users\ecole2\AppData\Local\FluxSoftware\Flux\flux.exe
(Microsoft Corporation) C:\Windows\System32\StikyNot.exe
(Microsoft Corporation) C:\Windows\System32\mobsync.exe
(TOSHIBA Corporation) C:\Program Files\Toshiba\TOSHIBA HDD SSD Alert\TosSmartSrv.exe
(TOSHIBA Corporation) C:\Program Files\Toshiba\TOSHIBA HDD SSD Alert\TosSENotify.exe
(TOSHIBA CORPORATION) C:\Program Files\Toshiba\ConfigFree\CFIWmxSvcs.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
(TOSHIBA CORPORATION) C:\Program Files\Toshiba\ConfigFree\CFSvcs.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(TOSHIBA Corporation) C:\Program Files\Toshiba\RSelect\RSelSvc.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Microsoft Corporation) C:\Windows\System32\wuauclt.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [] => [X]
HKLM\...\Run: [HSON] => C:\Program Files\TOSHIBA\TBS\HSON.exe [55160 2009-03-09] (TOSHIBA Corporation)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe [10025576 2011-01-18] (Realtek Semiconductor)
HKLM\...\Run: [Apoint] => C:\Program Files\Apoint2K\Apoint.exe [241664 2009-09-11] (Alps Electric Co., Ltd.)
HKLM\...\Run: [TFPUService] => C:\Program Files\TOSHIBA\TFPU\TFPUTaskMonitor.exe [784304 2009-12-23] (TOSHIBA)
HKLM\...\Run: [TosSENotify] => C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosWaitSrv.exe [611672 2010-02-05] (TOSHIBA Corporation)
HKLM\...\Run: [ThpSrv] => C:\windows\system32\thpsrv /logon
HKLM\...\Run: [TosReelTimeMonitor] => C:\Program Files\TOSHIBA\ReelTime\TosReelTimeMonitor.exe [30040 2010-03-03] (TOSHIBA Corporation)
HKLM\...\Run: [TosVolRegulator] => C:\Program Files\TOSHIBA\TosVolRegulator\TosVolRegulator.exe [22840 2009-11-11] (TOSHIBA Corporation)
HKLM\...\Run: [MSC] => c:\Program Files\Microsoft Security Client\msseces.exe [981688 2015-04-30] (Microsoft Corporation)
HKU\S-1-5-21-473619063-2125426363-4285563858-1000\...\Run: [F.lux] => C:\Users\ecole2\AppData\Local\FluxSoftware\Flux\flux.exe [1016712 2013-10-16] (Flux Software LLC)
HKU\S-1-5-21-473619063-2125426363-4285563858-1000\...\Run: [RESTART_STICKY_NOTES] => C:\Windows\System32\StikyNot.exe [354304 2009-07-14] (Microsoft Corporation)
HKU\S-1-5-21-473619063-2125426363-4285563858-1000\Control Panel\Desktop\\SCRNSAVE.EXE ->
HKU\S-1-5-18\...\Run: [TOSHIBA Online Product Information] => C:\Program Files\TOSHIBA\Toshiba Online Product Information\topi.exe [6203296 2009-08-12] (TOSHIBA)
Startup: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\TRDCReminder.lnk [2010-08-10]
ShortcutTarget: TRDCReminder.lnk -> C:\Program Files\Toshiba\TRDCReminder\TRDCReminder.exe (TOSHIBA Europe)
Startup: C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\TRDCReminder.lnk [2010-08-10]
ShortcutTarget: TRDCReminder.lnk -> C:\Program Files\Toshiba\TRDCReminder\TRDCReminder.exe (TOSHIBA Europe)
ShellIconOverlayIdentifiers: [ATFPUOverlayIcon] -> {3239DBC1-B76D-4dc7-8B29-D99CBA3C7336} => C:\Program Files\TOSHIBA\TFPU\TFPUOverlayIcon.dll [2009-12-23] (TOSHIBA)
BootExecute: autocheck autochk * aswBoot.exe /M:5bb336336

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKU\S-1-5-21-473619063-2125426363-4285563858-1000\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/
HKU\S-1-5-21-473619063-2125426363-4285563858-1000\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://toshiba.msn.com
URLSearchHook: [S-1-5-21-473619063-2125426363-4285563858-1000] ATTENTION ==> Default URLSearchHook is missing.
SearchScopes: HKLM -> {114371C8-04EC-46F3-AF8D-27EAAE3F0239} URL = http://www.bing.com/search?q={searchTerms}&form=TSHMDF&pc=MATM&src=IE-SearchBox
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-473619063-2125426363-4285563858-1000 -> DefaultScope {578BA0DC-E74B-48BC-9A4C-96FDE81DA4BB} URL = http://www.google.com/search?hl=en&q={searchTerms}
SearchScopes: HKU\S-1-5-21-473619063-2125426363-4285563858-1000 -> {114371C8-04EC-46F3-AF8D-27EAAE3F0239} URL =
SearchScopes: HKU\S-1-5-21-473619063-2125426363-4285563858-1000 -> {578BA0DC-E74B-48BC-9A4C-96FDE81DA4BB} URL = http://www.google.com/search?hl=en&q={searchTerms}
BHO: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2012-09-23] (Adobe Systems Incorporated)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_45\bin\ssv.dll [2015-04-25] (Oracle Corporation)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2010-12-21] (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_45\bin\jp2ssv.dll [2015-04-25] (Oracle Corporation)
Tcpip\Parameters: [DhcpNameServer] 212.27.40.240 212.27.40.241

FireFox:
========
FF ProfilePath: C:\Users\ecole2\AppData\Roaming\Mozilla\Firefox\Profiles\083c53nx.default-1387573788277
FF Homepage: https://www.google.fr/
FF NetworkProxy: "type", 4
FF Plugin: @adobe.com/FlashPlayer -> C:\windows\system32\Macromed\Flash\NPSWF32_17_0_0_169.dll [2015-04-16] ()
FF Plugin: @java.com/DTPlugin,version=11.45.2 -> C:\Program Files\Java\jre1.8.0_45\bin\dtplugin\npDeployJava1.dll [2015-04-25] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.45.2 -> C:\Program Files\Java\jre1.8.0_45\bin\plugin2\npjp2.dll [2015-04-25] (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.40416.0\npctrl.dll [2015-04-15] ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~4\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~4\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-05-17] (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-05-17] (Google Inc.)
FF Plugin: @videolan.org/vlc,version=2.0.8 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2014-02-05] (VideoLAN)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2013-02-16] (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nppdf32.dll [2013-02-16] (Adobe Systems Inc.)
FF Extension: EPUBReader - C:\Users\ecole2\AppData\Roaming\Mozilla\Firefox\Profiles\083c53nx.default-1387573788277\Extensions\{5384767E-00D9-40E9-B72F-9CC39D655D6F} [2015-04-18]
FF Extension: WOT - C:\Users\ecole2\AppData\Roaming\Mozilla\Firefox\Profiles\083c53nx.default-1387573788277\Extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7} [2014-10-15]
FF Extension: about:addons-memory - C:\Users\ecole2\AppData\Roaming\Mozilla\Firefox\Profiles\083c53nx.default-1387573788277\Extensions\about-addons-memory@tn123.org.xpi [2014-10-15]
FF Extension: FireGestures - C:\Users\ecole2\AppData\Roaming\Mozilla\Firefox\Profiles\083c53nx.default-1387573788277\Extensions\firegestures@xuldev.org.xpi [2014-01-18]
FF Extension: Official My JDownloader Add-On - C:\Users\ecole2\AppData\Roaming\Mozilla\Firefox\Profiles\083c53nx.default-1387573788277\Extensions\jid1-OY8Xu5BsKZQa6A@jetpack.xpi [2014-02-08]
FF Extension: Quick Maps - C:\Users\ecole2\AppData\Roaming\Mozilla\Firefox\Profiles\083c53nx.default-1387573788277\Extensions\map@quickmaps.me.xpi [2014-02-08]
FF Extension: X-notifier - C:\Users\ecole2\AppData\Roaming\Mozilla\Firefox\Profiles\083c53nx.default-1387573788277\Extensions\{37fa1426-b82d-11db-8314-0800200c9a66}.xpi [2014-10-15]
FF Extension: Text Link - C:\Users\ecole2\AppData\Roaming\Mozilla\Firefox\Profiles\083c53nx.default-1387573788277\Extensions\{54BB9F3F-07E5-486c-9B39-C7398B99391C}.xpi [2014-01-18]
FF Extension: Download YouTube Videos as MP4 - C:\Users\ecole2\AppData\Roaming\Mozilla\Firefox\Profiles\083c53nx.default-1387573788277\Extensions\{b9bfaf1c-a63f-47cd-8b9a-29526ced9060}.xpi [2014-10-15]
FF Extension: Space Next - C:\Users\ecole2\AppData\Roaming\Mozilla\Firefox\Profiles\083c53nx.default-1387573788277\Extensions\{c71ff04d-f001-1fc1-1fc1-c71ff04df005}.xpi [2014-04-21]
FF Extension: Adblock Plus - C:\Users\ecole2\AppData\Roaming\Mozilla\Firefox\Profiles\083c53nx.default-1387573788277\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2013-12-20]
FF Extension: Menu Editor - C:\Users\ecole2\AppData\Roaming\Mozilla\Firefox\Profiles\083c53nx.default-1387573788277\Extensions\{EDA7B1D7-F793-4e03-B074-E6F303317FB0}.xpi [2014-01-18]
FF Extension: Java Console - C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA} [2015-05-21]
FF Extension: No Name - C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA} [2015-05-21]
FF Extension: No Name - C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0037-ABCDEFFEDCBA} [2015-05-21]
FF HKLM\...\Firefox\Extensions: [{C1CA7765-44E4-452e-9D00-A04F3D434281}] - C:\Program Files\TOSHIBA\TFPU\FirefoxAddin
FF Extension: Automatic password input in Fx - C:\Program Files\TOSHIBA\TFPU\FirefoxAddin [2010-08-10]

Chrome:
=======
CHR Profile: C:\Users\ecole2\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Docs) - C:\Users\ecole2\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2013-06-10]
CHR Extension: (Google Drive) - C:\Users\ecole2\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2013-06-10]
CHR Extension: (WOT) - C:\Users\ecole2\AppData\Local\Google\Chrome\User Data\Default\Extensions\bhmmomiinigofkjcapegjjndpbikblnp [2014-10-19]
CHR Extension: (YouTube) - C:\Users\ecole2\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2013-06-10]
CHR Extension: (Adblock Plus) - C:\Users\ecole2\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2013-07-10]
CHR Extension: (Google Search) - C:\Users\ecole2\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2013-06-10]
CHR Extension: (Gmail Offline) - C:\Users\ecole2\AppData\Local\Google\Chrome\User Data\Default\Extensions\ejidjjhkpiempkbhmpbfngldlkglhimk [2013-07-23]
CHR Extension: (Google Analytics Opt-out Add-on (by Google)) - C:\Users\ecole2\AppData\Local\Google\Chrome\User Data\Default\Extensions\fllaojicojecljbmefodhfapmkghcbnh [2013-09-23]
CHR Extension: (IBA Opt-out (by Google)) - C:\Users\ecole2\AppData\Local\Google\Chrome\User Data\Default\Extensions\gbiekjoijknlhijdjbaadobpkdhmoebb [2014-04-26]
CHR Extension: (Bookmark Manager) - C:\Users\ecole2\AppData\Local\Google\Chrome\User Data\Default\Extensions\gmlllbghnfkpflemihljekbapjopfjik [2015-05-22]
CHR Extension: (Chrome Hotword Shared Module) - C:\Users\ecole2\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-03-21]
CHR Extension: (Google Wallet) - C:\Users\ecole2\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-23]
CHR Extension: (LookTrend) - C:\Users\ecole2\AppData\Local\Google\Chrome\User Data\Default\Extensions\pfibohocbdllmaecdfhbbpaohkjbjiac [2014-12-31]
CHR Extension: (Gmail) - C:\Users\ecole2\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2013-06-10]

========================== Services (Whitelisted) =================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AgereModemAudio; C:\Program Files\LSI SoftModem\agrsmsvc.exe [14336 2009-03-27] (LSI Corporation)
R2 ATService; C:\Program Files\Fingerprint Sensor\AtService.exe [2034936 2009-12-22] (AuthenTec, Inc.)
R2 cfWiMAXService; C:\Program Files\TOSHIBA\ConfigFree\CFIWmxSvcs.exe [185712 2010-01-28] (TOSHIBA CORPORATION)
R2 ConfigFree Service; C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe [46448 2009-03-10] (TOSHIBA CORPORATION)
R2 DiagTrack; C:\windows\system32\diagtrack.dll [851456 2015-04-27] (Microsoft Corporation)
S3 GameConsoleService; C:\Program Files\TOSHIBA Games\TOSHIBA Game Console\GameConsoleService.exe [238328 2009-12-04] (WildTangent, Inc.)
S3 IDriverT; C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe [69632 2005-11-14] (Macrovision Corporation) [File not signed]
R2 LMS; C:\Program Files\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [262144 2009-09-30] (Intel Corporation) [File not signed]
S3 MaConfigAgent; C:\Program Files\ma-config.com\MaConfigAgent.exe [2077008 2013-10-25] (CybelSoft)
S3 MSCSPTISRV; C:\Program Files\Common Files\Sony Shared\AVLib\MSCSPTISRV.exe [45056 2006-12-14] (Sony Corporation) [File not signed]
R2 MsMpSvc; c:\Program Files\Microsoft Security Client\MsMpEng.exe [22216 2015-04-30] (Microsoft Corporation)
R3 NisSrv; c:\Program Files\Microsoft Security Client\NisSrv.exe [284504 2015-04-30] (Microsoft Corporation)
S3 PACSPTISVR; C:\Program Files\Common Files\Sony Shared\AVLib\PACSPTISVR.exe [57344 2006-12-14] () [File not signed]
R2 RSELSVC; C:\Program Files\TOSHIBA\RSelect\RSelSvc.exe [62832 2009-07-07] (TOSHIBA Corporation)
S3 SonicStage Back-End Service; C:\Program Files\Common Files\Sony Shared\AVLib\SsBeSvc.exe [112184 2007-02-05] (Sony Corporation)
S3 SPTISRV; C:\Program Files\Common Files\Sony Shared\AVLib\SPTISRV.exe [69632 2006-12-14] (Sony Corporation) [File not signed]
S3 SSScsiSV; C:\Program Files\Common Files\Sony Shared\AVLib\SSScsiSV.exe [75320 2007-02-05] (Sony Corporation)
S3 TemproMonitoringService; C:\Program Files\Toshiba TEMPRO\TemproSvc.exe [124368 2010-05-11] (Toshiba Europe GmbH)
S3 TMachInfo; C:\Program Files\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe [51512 2009-10-06] (TOSHIBA Corporation)
R2 TOSHIBA eco Utility Service; C:\Program Files\TOSHIBA\TECO\TecoService.exe [189808 2010-04-06] (TOSHIBA Corporation)
R3 TOSHIBA HDD SSD Alert Service; C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe [111960 2010-02-05] (TOSHIBA Corporation)
R2 UNS; C:\Program Files\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2314240 2009-09-30] (Intel Corporation) [File not signed]
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [680960 2013-05-27] (Microsoft Corporation)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 dtsoftbus01; C:\windows\System32\DRIVERS\dtsoftbus01.sys [239168 2011-12-14] (DT Soft Ltd)
R0 giveio; C:\windows\System32\giveio.sys [5248 1996-04-03] () [File not signed]
S3 ma-config_x86; C:\Program Files\ma-config.com\Drivers\ma-config_x86.sys [16160 2013-10-23] (CybelSoft)
R0 MpFilter; C:\windows\System32\DRIVERS\MpFilter.sys [245096 2015-03-04] (Microsoft Corporation)
R3 PGEffect; C:\windows\System32\DRIVERS\pgeffect.sys [24064 2009-06-22] (TOSHIBA Corporation)
R0 PxHelp20; C:\windows\System32\Drivers\PxHelp20.sys [36624 2006-10-18] (Sonic Solutions) [File not signed]
R2 risdpcie; C:\windows\System32\DRIVERS\risdpe86.sys [47616 2009-10-28] (REDC)
R2 rixdpcie; C:\windows\System32\DRIVERS\rixdpe86.sys [45056 2011-04-26] (REDC)
S3 SIS163u; C:\windows\System32\DRIVERS\sis163u.sys [215040 2005-06-20] (SiS Corporation)
R0 speedfan; C:\windows\System32\speedfan.sys [25240 2011-03-18] (Almico Software)
R0 sptd; C:\windows\System32\Drivers\sptd.sys [428088 2011-12-14] () [File not signed]
U3 ask5e7cl; C:\windows\system32\Drivers\ask5e7cl.sys [0 ] (Advanced Micro Devices) <==== ATTENTION (zero byte File/Folder)
S1 MpKslb8e886b3; \??\c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{7555260C-83C7-4698-BFFC-51E04D5C3753}\MpKslb8e886b3.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-05-27 21:09 - 2015-05-27 21:10 - 00019406 _____ () C:\Users\ecole2\Desktop\FRST.txt
2015-05-27 21:09 - 2015-05-27 21:09 - 00000000 ____D () C:\FRST
2015-05-27 21:06 - 2015-05-27 21:06 - 01147392 _____ (Farbar) C:\Users\ecole2\Desktop\FRST.exe
2015-05-27 20:36 - 2015-05-27 21:03 - 00001237 _____ () C:\Users\ecole2\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\chrome.exe.lnk
2015-05-27 18:13 - 2015-05-27 18:13 - 00000512 _____ () C:\PhysicalDisk0_MBR.bin
2015-05-27 18:02 - 2015-05-27 20:37 - 00000000 ____D () C:\Users\ecole2\AppData\Roaming\ZHP
2015-05-27 18:02 - 2015-05-27 18:13 - 00000000 ____D () C:\Program Files\ZHPDiag
2015-05-27 18:01 - 2015-05-27 18:01 - 06882129 _____ (Nicolas Coolman ) C:\Users\ecole2\Downloads\ZHPDiag2.exe
2015-05-23 08:43 - 2015-05-27 21:01 - 00001064 _____ () C:\windows\setupact.log
2015-05-23 08:43 - 2015-05-23 08:43 - 00000000 _____ () C:\windows\setuperr.log
2015-05-22 21:57 - 2015-05-01 15:16 - 00102608 _____ (Microsoft Corporation) C:\windows\system32\PresentationCFFRasterizerNative_v0300.dll
2015-05-22 21:38 - 2015-04-27 21:11 - 03989440 _____ (Microsoft Corporation) C:\windows\system32\ntkrnlpa.exe
2015-05-22 21:38 - 2015-04-27 21:11 - 03934144 _____ (Microsoft Corporation) C:\windows\system32\ntoskrnl.exe
2015-05-22 21:38 - 2015-04-27 21:11 - 00137664 _____ (Microsoft Corporation) C:\windows\system32\Drivers\ksecpkg.sys
2015-05-22 21:38 - 2015-04-27 21:11 - 00067520 _____ (Microsoft Corporation) C:\windows\system32\Drivers\ksecdd.sys
2015-05-22 21:38 - 2015-04-27 21:08 - 01307648 _____ (Microsoft Corporation) C:\windows\system32\ntdll.dll
2015-05-22 21:38 - 2015-04-27 21:05 - 00851456 _____ (Microsoft Corporation) C:\windows\system32\diagtrack.dll
2015-05-22 21:38 - 2015-04-27 21:05 - 00635392 _____ (Microsoft Corporation) C:\windows\system32\tdh.dll
2015-05-22 21:38 - 2015-04-27 21:05 - 00400896 _____ (Microsoft Corporation) C:\windows\system32\srcore.dll
2015-05-22 21:38 - 2015-04-27 21:05 - 00259584 _____ (Microsoft Corporation) C:\windows\system32\msv1_0.dll
2015-05-22 21:38 - 2015-04-27 21:05 - 00221184 _____ (Microsoft Corporation) C:\windows\system32\ncrypt.dll
2015-05-22 21:38 - 2015-04-27 21:05 - 00172032 _____ (Microsoft Corporation) C:\windows\system32\wdigest.dll
2015-05-22 21:38 - 2015-04-27 21:05 - 00100352 _____ (Microsoft Corporation) C:\windows\system32\sspicli.dll
2015-05-22 21:38 - 2015-04-27 21:05 - 00092160 _____ (Microsoft Corporation) C:\windows\system32\sechost.dll
2015-05-22 21:38 - 2015-04-27 21:05 - 00065536 _____ (Microsoft Corporation) C:\windows\system32\TSpkg.dll
2015-05-22 21:38 - 2015-04-27 21:05 - 00043008 _____ (Microsoft Corporation) C:\windows\system32\srclient.dll
2015-05-22 21:38 - 2015-04-27 21:05 - 00022016 _____ (Microsoft Corporation) C:\windows\system32\secur32.dll
2015-05-22 21:38 - 2015-04-27 21:05 - 00015872 _____ (Microsoft Corporation) C:\windows\system32\sspisrv.dll
2015-05-22 21:38 - 2015-04-27 21:04 - 01061376 _____ (Microsoft Corporation) C:\windows\system32\lsasrv.dll
2015-05-22 21:38 - 2015-04-27 21:04 - 00641536 _____ (Microsoft Corporation) C:\windows\system32\advapi32.dll
2015-05-22 21:38 - 2015-04-27 21:04 - 00550912 _____ (Microsoft Corporation) C:\windows\system32\kerberos.dll
2015-05-22 21:38 - 2015-04-27 21:04 - 00364544 _____ (Microsoft Corporation) C:\windows\system32\tracerpt.exe
2015-05-22 21:38 - 2015-04-27 21:04 - 00262656 _____ (Microsoft Corporation) C:\windows\system32\rstrui.exe
2015-05-22 21:38 - 2015-04-27 21:04 - 00082944 _____ (Microsoft Corporation) C:\windows\system32\logman.exe
2015-05-22 21:38 - 2015-04-27 21:04 - 00069632 _____ (Microsoft Corporation) C:\windows\system32\smss.exe
2015-05-22 21:38 - 2015-04-27 21:04 - 00040448 _____ (Microsoft Corporation) C:\windows\system32\typeperf.exe
2015-05-22 21:38 - 2015-04-27 21:04 - 00038912 _____ (Microsoft Corporation) C:\windows\system32\csrsrv.dll
2015-05-22 21:38 - 2015-04-27 21:04 - 00037888 _____ (Microsoft Corporation) C:\windows\system32\relog.exe
2015-05-22 21:38 - 2015-04-27 21:04 - 00022528 _____ (Microsoft Corporation) C:\windows\system32\lsass.exe
2015-05-22 21:38 - 2015-04-27 21:04 - 00017408 _____ (Microsoft Corporation) C:\windows\system32\credssp.dll
2015-05-22 21:38 - 2015-04-27 21:03 - 00050176 _____ (Microsoft Corporation) C:\windows\system32\auditpol.exe
2015-05-22 21:38 - 2015-04-27 21:03 - 00017408 _____ (Microsoft Corporation) C:\windows\system32\diskperf.exe
2015-05-22 21:38 - 2015-04-27 21:01 - 00146432 _____ (Microsoft Corporation) C:\windows\system32\msaudite.dll
2015-05-22 21:38 - 2015-04-27 21:01 - 00060416 _____ (Microsoft Corporation) C:\windows\system32\msobjs.dll
2015-05-22 21:38 - 2015-04-27 20:59 - 00686080 _____ (Microsoft Corporation) C:\windows\system32\adtschema.dll
2015-05-22 21:38 - 2015-04-27 20:59 - 00006656 _____ (Microsoft Corporation) C:\windows\system32\apisetschema.dll
2015-05-22 21:38 - 2015-04-27 20:00 - 00036864 _____ (Microsoft Corporation) C:\windows\system32\UtcResources.dll
2015-05-22 21:38 - 2015-04-13 05:19 - 00259072 _____ (Microsoft Corporation) C:\windows\system32\services.exe
2015-05-22 21:38 - 2015-04-11 05:07 - 00054656 _____ (Microsoft Corporation) C:\windows\system32\Drivers\stream.sys
2015-05-22 21:38 - 2015-01-09 04:48 - 00635904 _____ (Microsoft Corporation) C:\windows\system32\perftrack.dll
2015-05-22 21:38 - 2015-01-09 04:48 - 00076800 _____ (Microsoft Corporation) C:\windows\system32\wdi.dll
2015-05-22 21:38 - 2015-01-09 04:48 - 00027136 _____ (Microsoft Corporation) C:\windows\system32\powertracker.dll
2015-05-22 21:37 - 2015-05-05 03:12 - 00248832 _____ (Microsoft Corporation) C:\windows\system32\schannel.dll
2015-05-22 21:37 - 2015-04-20 04:56 - 01250816 _____ (Microsoft Corporation) C:\windows\system32\DWrite.dll
2015-05-22 21:37 - 2015-04-20 04:56 - 00909312 _____ (Microsoft Corporation) C:\windows\system32\FntCache.dll
2015-05-22 21:37 - 2015-04-20 04:03 - 02382336 _____ (Microsoft Corporation) C:\windows\system32\win32k.sys
2015-05-22 21:37 - 2015-04-18 04:56 - 00342016 _____ (Microsoft Corporation) C:\windows\system32\certcli.dll
2015-05-22 21:37 - 2015-03-04 06:11 - 00005120 _____ (Microsoft Corporation) C:\windows\system32\shimeng.dll
2015-05-22 21:37 - 2015-03-04 06:10 - 00295936 _____ (Microsoft Corporation) C:\windows\system32\apphelp.dll
2015-05-22 21:37 - 2015-03-04 06:10 - 00062464 _____ (Microsoft Corporation) C:\windows\system32\aelupsvc.dll
2015-05-22 21:37 - 2015-03-04 06:10 - 00020992 _____ (Microsoft Corporation) C:\windows\system32\sdbinst.exe
2015-05-22 21:34 - 2015-02-18 09:06 - 00123904 _____ (Microsoft Corporation) C:\windows\system32\poqexec.exe
2015-05-22 21:26 - 2015-05-22 21:26 - 02223104 _____ () C:\Users\ecole2\Downloads\adwcleaner_4.205.exe
2015-05-22 21:16 - 2015-05-22 21:16 - 00110296 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\MBAMSwissArmy.sys
2015-05-22 21:15 - 2015-05-22 21:15 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2015-05-22 21:15 - 2015-05-22 21:15 - 00000000 ____D () C:\Program Files\Malwarebytes Anti-Malware
2015-05-22 21:15 - 2014-05-12 07:26 - 00051928 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\mwac.sys
2015-05-22 21:15 - 2014-05-12 07:25 - 00074456 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\mbamchameleon.sys
2015-05-21 17:57 - 2015-05-21 17:57 - 00000000 ____D () C:\Program Files\Mozilla Firefox
2015-05-19 21:32 - 2015-05-27 19:52 - 00000000 ____D () C:\Users\ecole2\Desktop\Projet musique 2015

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-05-27 21:07 - 2013-12-20 23:45 - 00000000 ____D () C:\Users\ecole2\Documents\saves
2015-05-27 21:05 - 2014-04-21 09:46 - 01966791 _____ () C:\windows\WindowsUpdate.log
2015-05-27 21:01 - 2009-07-14 06:53 - 00000006 ____H () C:\windows\Tasks\SA.DAT
2015-05-27 21:00 - 2009-07-14 06:34 - 00022208 ____H () C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-05-27 21:00 - 2009-07-14 06:34 - 00022208 ____H () C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-05-27 20:56 - 2011-04-12 15:47 - 00000000 ____D () C:\Users\ecole2\Desktop\Administratif.ecole .perso
2015-05-26 20:43 - 2013-06-10 21:14 - 00002138 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2015-05-25 20:22 - 2015-04-11 20:28 - 00000000 ____D () C:\Users\ecole2\Desktop\PRET
2015-05-23 16:36 - 2009-07-14 04:37 - 00000000 ____D () C:\windows\Microsoft.NET
2015-05-23 09:34 - 2013-07-22 21:13 - 00000000 ____D () C:\Users\ecole2\Desktop\Progressions en musique
2015-05-23 09:33 - 2013-03-18 22:19 - 00000000 ____D () C:\Users\ecole2\Desktop\Dossier musique
2015-05-22 22:12 - 2010-07-06 23:50 - 01677370 _____ () C:\windows\system32\PerfStringBackup.INI
2015-05-22 22:05 - 2013-06-10 21:13 - 00001058 _____ () C:\windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-05-22 22:05 - 2013-06-10 21:13 - 00001054 _____ () C:\windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-05-22 22:05 - 2012-03-28 23:17 - 00001002 _____ () C:\windows\Tasks\Adobe Flash Player Updater.job
2015-05-22 22:04 - 2010-07-07 00:09 - 00000000 ____D () C:\Program Files\Microsoft Silverlight
2015-05-22 22:04 - 2009-07-14 06:33 - 00469888 _____ () C:\windows\system32\FNTCACHE.DAT
2015-05-22 22:01 - 2009-07-14 04:37 - 00000000 ____D () C:\windows\tracing
2015-05-22 22:01 - 2009-07-14 04:37 - 00000000 ____D () C:\windows\system32\fr-FR
2015-05-22 21:59 - 2012-10-01 19:50 - 00002155 _____ () C:\windows\epplauncher.mif
2015-05-22 21:59 - 2012-10-01 19:50 - 00002128 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Security Essentials.lnk
2015-05-22 21:58 - 2012-10-01 19:50 - 00000000 ____D () C:\Program Files\Microsoft Security Client
2015-05-22 21:56 - 2013-07-13 22:22 - 00000000 ____D () C:\windows\system32\MRT
2015-05-22 21:49 - 2010-12-07 19:12 - 137310008 _____ (Microsoft Corporation) C:\windows\system32\MRT.exe
2015-05-22 21:48 - 2010-11-16 10:39 - 00000000 ____D () C:\ProgramData\Microsoft Help
2015-05-22 21:46 - 2015-04-25 18:37 - 00000000 ___SD () C:\windows\system32\GWX
2015-05-22 21:44 - 2010-11-23 14:11 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2015-05-22 21:28 - 2014-10-20 11:52 - 00000000 ____D () C:\AdwCleaner
2015-05-22 21:15 - 2010-12-20 19:52 - 00000000 ____D () C:\Users\ecole2\AppData\Roaming\Malwarebytes
2015-05-22 21:15 - 2010-12-20 19:52 - 00000000 ____D () C:\ProgramData\Malwarebytes
2015-05-22 21:15 - 2010-12-20 19:52 - 00000000 ____D () C:\Program Files\Malwarebytes' Anti-Malware
2015-05-22 21:10 - 2013-05-03 22:21 - 00000000 ____D () C:\Users\ecole2\AppData\Roaming\Notepad++
2015-05-22 20:33 - 2014-10-20 11:43 - 00000000 ____D () C:\Program Files\Mozilla Maintenance Service
2015-05-21 20:42 - 2015-03-20 22:52 - 00000000 ____D () C:\Users\ecole2\Desktop\Magistere graph
2015-05-21 19:52 - 2015-04-25 12:10 - 00000000 ____D () C:\Program Files\Mozilla Firefox.bak
2015-05-20 19:00 - 2013-01-15 22:10 - 00000000 ____D () C:\Users\ecole2\Desktop\Anniv enfants
2015-05-19 21:34 - 2011-03-05 02:15 - 00475648 ___SH () C:\Users\ecole2\Documents\Thumbs.db
2015-05-18 18:36 - 2014-04-18 21:18 - 00000000 ____D () C:\Users\ecole2\Desktop\Rentrée 2014
2015-05-14 10:13 - 2014-12-03 22:24 - 00000000 ____D () C:\Users\ecole2\Desktop\Petit poisson blanc
2015-04-29 09:39 - 2009-07-14 06:53 - 00032496 _____ () C:\windows\Tasks\SCHEDLGU.TXT

==================== Files in the root of some directories =======

2012-08-12 01:00 - 2013-08-20 23:17 - 0033280 ___SH () C:\Users\ecole2\AppData\Roaming\Thumbs.db
2011-12-17 12:28 - 2011-12-17 12:28 - 0027623 _____ () C:\Users\ecole2\AppData\Roaming\UserTile.png
2014-03-16 10:40 - 2014-04-11 20:49 - 0000791 _____ () C:\Users\ecole2\AppData\Local\cookies.ini
2010-12-31 02:47 - 2010-12-31 02:47 - 0007665 _____ () C:\Users\ecole2\AppData\Local\Resmon.ResmonCfg
2010-11-23 12:23 - 2010-11-23 12:28 - 0000333 _____ () C:\ProgramData\hpzinstall.log

==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\windows\explorer.exe => File is digitally signed
C:\windows\system32\winlogon.exe => File is digitally signed
C:\windows\system32\wininit.exe => File is digitally signed
C:\windows\system32\svchost.exe => File is digitally signed
C:\windows\system32\services.exe => File is digitally signed
C:\windows\system32\User32.dll => File is digitally signed
C:\windows\system32\userinit.exe => File is digitally signed
C:\windows\system32\rpcss.dll => File is digitally signed
C:\windows\system32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2014-09-03 16:11

==================== End of log ============================

Publicité


Signaler le contenu de ce document

Publicité