cjoint

Publicité


Publicité

Format du document : text/plain

Prévisualisation

Résultats d'analyse de Farbar Recovery Scan Tool (FRST) (x64) Version:27-01-2016
Exécuté par HADJIRA (administrateur) sur SAYAH (31-01-2016 19:59:21)
Exécuté depuis C:\Users\HADJIRA\Downloads
Profils chargés: HADJIRA (Profils disponibles: HADJIRA)
Platform: Windows 8.1 (X64) Langue: Français (France)
Internet Explorer Version 11 (Navigateur par défaut: FF)
Mode d'amorçage: Normal
Tutoriel pour Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processus (Avec liste blanche) =================

(Si un élément est inclus dans le fichier fixlist.txt, le processus sera arrêté. Le fichier ne sera pas déplacé.)

(AMD) C:\Windows\System32\atiesrxx.exe
(Advanced Micro Devices, Inc.) C:\Windows\SysWOW64\tbaseprovisioning.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Avast Software s.r.o.) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
() C:\Program Files (x86)\Realtek\Realtek Bluetooth\BTDevMgr.exe
(Acer Incorporated) C:\Program Files (x86)\Acer\AOP Framework\CCDMonitorService.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Launch Manager\LMSvc.exe
(Malwarebytes) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
() C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Launch Manager\LMEvent.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Quick Access\QASvc.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Launch Manager\LMLockHandler.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Quick Access\QAEvent.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Launch Manager\LMTray.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Quick Access\QAMsg.exe
(Microsoft Corporation) C:\Windows\System32\SkyDrive.exe
(Realtek Semiconductor Corporation) C:\Program Files (x86)\Realtek\Realtek Bluetooth\BTServer.exe
() C:\Windows\SysWOW64\UMonit64.exe
(Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Spotify Ltd) C:\Program Files (x86)\Spotify\Data\SpotifyWebHelper.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerTray.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerEvent.exe
(Avast Software s.r.o.) C:\Program Files\AVAST Software\Avast\avastui.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerWinMonitor.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Quick Access\RMSvc.exe
(IBM Corp.) C:\Program Files (x86)\Trusteer\Rapport\bin\RapportMgmtService.exe
() C:\Program Files (x86)\Acer\abDocs\abDocsDllLoaderMonitor.exe
(Acer Incorporated) C:\Program Files (x86)\Acer\AOP Framework\BackgroundAgent.exe
(Acer Cloud Technology) C:\Program Files (x86)\Acer\AOP Framework\acer\ccd.exe
(IBM Corp.) C:\Program Files (x86)\Trusteer\Rapport\bin\RapportService.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(acer) C:\Program Files\Acer\User Experience Improvement Program\Framework\UBTService.exe
(TODO: ) C:\Program Files\Acer\User Experience Improvement Program\Plugin\AppMonitor\AppMonitorPlugIn.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20911_x64__8wekyb3d8bbwe\livecomm.exe


==================== Registre (Avec liste blanche) ===========================

(Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé. Le fichier ne sera pas déplacé.)

HKLM\...\Run: [BtServer] => C:\Program Files (x86)\REALTEK\Realtek Bluetooth\BTServer.exe [217088 2014-06-06] (Realtek Semiconductor Corporation)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13672304 2014-03-21] (Realtek Semiconductor)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [766688 2014-05-22] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [5515496 2015-07-05] (Avast Software s.r.o.)
HKU\S-1-5-21-2659718442-1096092316-2331325113-1001\...\Run: [Spotify Web Helper] => C:\Program Files (x86)\Spotify\Data\SpotifyWebHelper.exe [1168896 2014-10-24] (Spotify Ltd)
HKU\S-1-5-21-2659718442-1096092316-2331325113-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [8619224 2016-01-15] (Piriform Ltd)
ShellIconOverlayIdentifiers: [ ACloudSynced] -> {5CCE71FA-9F61-4F24-9CD1-98D819B40D68} => C:\Program Files (x86)\Acer\shellext\x64\shellext_win.dll [2015-11-19] (Acer Incorporated)
ShellIconOverlayIdentifiers: [ ACloudSyncing] -> {C1E1456F-C2D8-4C96-870D-35F1E13941EE} => C:\Program Files (x86)\Acer\shellext\x64\shellext_win.dll [2015-11-19] (Acer Incorporated)
ShellIconOverlayIdentifiers: [ ACloudToBeSynced] -> {307523FA-DDC0-4068-983F-2A6B34627744} => C:\Program Files (x86)\Acer\shellext\x64\shellext_win.dll [2015-11-19] (Acer Incorporated)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2015-07-05] (Avast Software s.r.o.)

==================== Internet (Avec liste blanche) ====================

(Si un élément est inclus dans le fichier fixlist.txt, s'il s'agit d'un élément du Registre, il sera supprimé ou restauré à la valeur par défaut.)

Tcpip\Parameters: [DhcpNameServer] 192.168.0.254
Tcpip\..\Interfaces\{14C62CEC-3719-4089-B04E-7C7A5D8830D5}: [DhcpNameServer] 192.168.0.254

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxps://www.google.com/?trackid=sp-006
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxps://www.google.com/search?trackid=sp-006&q={searchTerms}
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKU\S-1-5-21-2659718442-1096092316-2331325113-1001\Software\Microsoft\Internet Explorer\Main,Search Page = hxxps://www.google.com/search?trackid=sp-006&q={searchTerms}
HKU\S-1-5-21-2659718442-1096092316-2331325113-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.bing.com/search?FORM=INCOH1&PC=IC05&PTAG=ICO-38151176
HKU\S-1-5-21-2659718442-1096092316-2331325113-1001\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxps://www.google.com/?trackid=sp-006
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM -> {AA9A4890-4262-4441-8977-E2FFCBFB706C} URL = hxxp://fr.yhs4.search.yahoo.com/yhs/search?hspart=acer&hsimp=yhs-acer_001&p={searchTerms}
SearchScopes: HKLM -> {fcd9f10e-0daa-405f-bca0-0dd3f37c59d9} URL =
SearchScopes: HKLM-x32 -> DefaultScope {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL = hxxps://www.google.com/search?trackid=sp-006&q={searchTerms}
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> {AA9A4890-4262-4441-8977-E2FFCBFB706C} URL = hxxp://fr.yhs4.search.yahoo.com/yhs/search?hspart=acer&hsimp=yhs-acer_001&p={searchTerms}
SearchScopes: HKLM-x32 -> {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL = hxxps://www.google.com/search?trackid=sp-006&q={searchTerms}
SearchScopes: HKU\S-1-5-21-2659718442-1096092316-2331325113-1001 -> DefaultScope {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL = hxxp://www.bing.com/search?FORM=INCOH2&PC=IC05&PTAG=ICO-38151176&q={searchTerms}
SearchScopes: HKU\S-1-5-21-2659718442-1096092316-2331325113-1001 -> {8CDE19E6-71C2-4B46-89B7-35F6A18C571A} URL =
SearchScopes: HKU\S-1-5-21-2659718442-1096092316-2331325113-1001 -> {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL = hxxp://www.bing.com/search?FORM=INCOH2&PC=IC05&PTAG=ICO-38151176&q={searchTerms}
SearchScopes: HKU\S-1-5-21-2659718442-1096092316-2331325113-1001 -> {fcd9f10e-0daa-405f-bca0-0dd3f37c59d9} URL = hxxps://www.google.com/search?trackid=sp-006&q={searchTerms}
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\Office15\OCHelper.dll [2012-10-01] (Microsoft Corporation)
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2015-07-05] (Avast Software s.r.o.)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office15\URLREDIR.DLL [2012-10-01] (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL [2012-10-01] (Microsoft Corporation)
BHO-x32: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll [2012-10-01] (Microsoft Corporation)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2015-07-05] (Avast Software s.r.o.)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office15\URLREDIR.DLL [2012-10-01] (Microsoft Corporation)
BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL [2012-10-01] (Microsoft Corporation)
Handler: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - Pas de fichier
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL [2012-10-01] (Microsoft Corporation)
Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - Pas de fichier
StartMenuInternet: IEXPLORE.EXE - iexplore.exe

FireFox:
========
FF ProfilePath: C:\Users\HADJIRA\AppData\Roaming\Mozilla\Firefox\Profiles\t4laum7h.default
FF DefaultSearchUrl: hxxps://www.google.com/search/?trackid=sp-006
FF SearchEngineOrder.1: Google (avast)
FF SelectedSearchEngine: Google (avast)
FF Homepage: hxxps://www.google.fr
FF Keyword.URL: hxxps://www.google.com/search/?trackid=sp-006
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_20_0_0_286.dll [2016-01-21] ()
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~2\Office15\NPSPWRAP.DLL [2012-10-01] (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_20_0_0_286.dll [2016-01-21] ()
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/pdf -> C:\Program Files (x86)\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [2014-05-13] ()
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.fdf -> C:\Program Files (x86)\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [2014-05-13] ()
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2012-10-01] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office15\NPSPWRAP.DLL [2012-10-01] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.29.1\npGoogleUpdate3.dll [2015-12-04] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.29.1\npGoogleUpdate3.dll [2015-12-04] (Google Inc.)
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\1\NP_wtapp.dll [2015-04-24] ()
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npMeetingJoinPluginOC.dll [2012-10-01] (Microsoft Corporation)
FF SearchPlugin: C:\Users\HADJIRA\AppData\Roaming\Mozilla\Firefox\Profiles\t4laum7h.default\searchplugins\google-avast.xml [2015-07-20]
FF SearchPlugin: C:\Users\HADJIRA\AppData\Roaming\Mozilla\Firefox\Profiles\t4laum7h.default\searchplugins\search-provided-by-bing.xml [2015-10-30]
FF Extension: Adblock Plus - C:\Users\HADJIRA\AppData\Roaming\Mozilla\Firefox\Profiles\t4laum7h.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2016-01-21]
FF HKLM\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files (x86)\McAfee\SiteAdvisor => non trouvé(e)
FF HKLM-x32\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files (x86)\McAfee\SiteAdvisor => non trouvé(e)
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2015-12-14]

Chrome:
=======
CHR HomePage: Default -> hxxps://www.google.com/?trackid=sp-006
CHR StartupUrls: Default -> "hxxps://www.google.com/?trackid=sp-006"
CHR DefaultSearchURL: Default -> hxxps://www.google.de/search?q={searchTerms}&trackid=sp-006
CHR DefaultSuggestURL: Default -> hxxps://www.google.com/complete/search?client=chrome&q={searchTerms}
CHR Profile: C:\Users\HADJIRA\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Slides) - C:\Users\HADJIRA\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-07-05]
CHR Extension: (Google Docs) - C:\Users\HADJIRA\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-07-11]
CHR Extension: (Google Drive) - C:\Users\HADJIRA\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-09-24]
CHR Extension: (YouTube) - C:\Users\HADJIRA\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-09-24]
CHR Extension: (Recherche Google) - C:\Users\HADJIRA\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-07-11]
CHR Extension: (Google Sheets) - C:\Users\HADJIRA\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-07-05]
CHR Extension: (SiteAdvisor) - C:\Users\HADJIRA\AppData\Local\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho [2015-07-05]
CHR Extension: (Google Docs hors connexion) - C:\Users\HADJIRA\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2015-09-24]
CHR Extension: (Paiements via le Chrome Web Store) - C:\Users\HADJIRA\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-09-24]
CHR Extension: (Gmail) - C:\Users\HADJIRA\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-07-11]
CHR HKLM\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] - C:\Program Files (x86)\McAfee\SiteAdvisor\McChPlg.crx
CHR HKU\S-1-5-21-2659718442-1096092316-2331325113-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [bbjllphbppobebmjpjcijfbakobcheof] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChromeSp.crx [2015-06-05]
CHR HKLM-x32\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] - C:\Program Files (x86)\McAfee\SiteAdvisor\McChPlg.crx
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2015-06-05]

==================== Services (Avec liste blanche) ========================

(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)

R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [343336 2015-07-05] (Avast Software s.r.o.)
R2 BTDevManager; C:\Program Files (x86)\REALTEK\Realtek Bluetooth\BTDevMgr.exe [94208 2014-05-06] () [Fichier non signé]
R2 CCDMonitorService; C:\Program Files (x86)\Acer\AOP Framework\CCDMonitorService.exe [2860760 2015-11-17] (Acer Incorporated)
R3 ePowerSvc; C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe [2573032 2014-06-12] (Acer Incorporated)
R2 LMSvc; C:\Program Files\Acer\Acer Launch Manager\LMSvc.exe [466664 2014-06-10] (Acer Incorporate)
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1513784 2015-10-05] (Malwarebytes)
S2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1135416 2015-10-05] (Malwarebytes)
S2 mfevtp; C:\Windows\system32\mfevtps.exe [189920 2014-10-01] (McAfee, Inc.)
R3 QASvc; C:\Program Files\Acer\Acer Quick Access\QASvc.exe [458984 2014-06-26] (Acer Incorporate)
R2 RapportMgmtService; C:\Program Files (x86)\Trusteer\Rapport\bin\RapportMgmtService.exe [2258840 2016-01-22] (IBM Corp.)
R2 RichVideo; C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe [254512 2012-04-24] ()
R3 RMSvc; C:\Program Files\Acer\Acer Quick Access\RMSvc.exe [449768 2014-06-26] (Acer Incorporate)
R2 tbaseprovisioning; C:\Windows\SysWOW64\tbaseprovisioning.exe [51712 2014-04-16] (Advanced Micro Devices, Inc.)
R3 UEIPSvc; C:\Program Files\Acer\User Experience Improvement Program\Framework\UBTService.exe [233216 2014-06-23] (acer)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [366552 2015-07-07] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2015-07-07] (Microsoft Corporation)
S2 mfecore; C:\Program Files\Common Files\McAfee\AMCore\mcshield.exe [X]
S2 mfefire; "C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe" [X]

===================== Pilotes (Avec liste blanche) ==========================

(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)

S3 amdkmcsp; C:\Windows\system32\DRIVERS\amdkmcsp.sys [85704 2014-04-16] (Advanced Micro Devices, Inc. )
R0 amdkmpfd; C:\Windows\System32\drivers\amdkmpfd.sys [36608 2013-12-12] (Advanced Micro Devices, Inc.)
R0 amdpsp; C:\Windows\System32\DRIVERS\amdpsp.sys [230088 2014-04-16] (Advanced Micro Devices, Inc. )
R2 APXACC; C:\Windows\system32\DRIVERS\appexDrv.sys [224992 2013-11-01] (AppEx Networks Corporation)
R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29168 2015-07-05] ()
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [89944 2015-07-05] (Avast Software s.r.o.)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93528 2015-07-05] (Avast Software s.r.o.)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65736 2015-07-05] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1047320 2015-07-05] (Avast Software s.r.o.)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [442264 2015-07-05] (Avast Software s.r.o.)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [137288 2015-07-05] (Avast Software s.r.o.)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [272248 2015-07-05] ()
R3 AtiHDAudioService; C:\Windows\system32\drivers\AtihdWB6.sys [222720 2013-12-19] (Advanced Micro Devices)
S3 BCM43XX; C:\Windows\system32\DRIVERS\bcmwl63a.sys [8536752 2013-07-01] (Broadcom Corporation)
S3 cfwids; C:\Windows\System32\drivers\cfwids.sys [72136 2014-10-01] (McAfee, Inc.)
S0 ebdrv; C:\Windows\System32\drivers\evbda.sys [3357024 2013-08-22] (Broadcom Corporation)
S3 GeneStor; C:\Windows\System32\drivers\GeneStor.sys [111336 2014-04-28] (GenesysLogic)
R3 LMDriver; C:\Windows\System32\drivers\LMDriver.sys [21360 2013-07-17] (Acer Incorporated)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2015-10-05] (Malwarebytes)
S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [64216 2015-10-05] (Malwarebytes Corporation)
S3 mfeapfk; C:\Windows\System32\drivers\mfeapfk.sys [181584 2014-10-01] (McAfee, Inc.)
S0 mfeelamk; C:\Windows\System32\drivers\mfeelamk.sys [70608 2014-10-01] (McAfee, Inc.)
S3 mfefirek; C:\Windows\System32\drivers\mfefirek.sys [526360 2014-10-01] (McAfee, Inc.)
S3 mfencbdc; C:\Windows\system32\DRIVERS\mfencbdc.sys [447440 2014-09-19] (McAfee, Inc.)
S3 mfencrk; C:\Windows\system32\DRIVERS\mfencrk.sys [96600 2014-09-19] (McAfee, Inc.)
R0 mfewfpk; C:\Windows\System32\drivers\mfewfpk.sys [348560 2014-10-01] (McAfee, Inc.)
S3 QRDCIO; C:\Windows\System32\drivers\QRDCIO.sys [9728 2009-10-20] (QUANTA)
R3 RadioShim; C:\Windows\System32\drivers\RadioShim.sys [14680 2013-07-17] (Acer Incorporated)
R1 RapportCerberus_1507079; C:\ProgramData\Trusteer\Rapport\store\exts\RapportCerberus\baseline\RapportCerberus64_1507079.sys [961880 2016-01-02] (IBM Corp.)
R1 RapportEI64; C:\Program Files (x86)\Trusteer\Rapport\bin\x64\RapportEI64.sys [504504 2016-01-22] (IBM Corp.)
R0 RapportHades64; C:\Windows\System32\Drivers\RapportHades64.sys [142488 2016-01-22] (IBM Corp.)
R0 RapportKE64; C:\Windows\System32\Drivers\RapportKE64.sys [397336 2016-01-22] (IBM Corp.)
R1 RapportPG64; C:\Program Files (x86)\Trusteer\Rapport\bin\x64\RapportPG64.sys [497592 2016-01-22] (IBM Corp.)
R3 RtkBtFilter; C:\Windows\system32\DRIVERS\RtkBtfilter.sys [573144 2014-04-18] (Realtek Semiconductor Corporation)
R3 RTWlanE; C:\Windows\system32\DRIVERS\rtwlane.sys [3468504 2014-05-22] (Realtek Semiconductor Corporation )
R3 SynRMIHID; C:\Windows\system32\DRIVERS\SynRMIHID.sys [42224 2014-02-20] (Synaptics Incorporated)
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44560 2015-07-07] (Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [270168 2015-07-07] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114520 2015-07-07] (Microsoft Corporation)

==================== NetSvcs (Avec liste blanche) ===================

(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)


==================== Un mois - Créés - fichiers et dossiers ========

(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)

2016-01-31 19:59 - 2016-01-31 19:59 - 00022768 _____ C:\Users\HADJIRA\Downloads\FRST.txt
2016-01-31 19:59 - 2016-01-31 19:59 - 00000000 ____D C:\FRST
2016-01-31 19:58 - 2016-01-31 19:58 - 02370560 _____ (Farbar) C:\Users\HADJIRA\Downloads\FRST64.exe
2016-01-30 09:21 - 2016-01-30 09:21 - 00002788 _____ C:\Windows\System32\Tasks\CCleanerSkipUAC
2016-01-30 09:21 - 2016-01-30 09:21 - 00000838 _____ C:\Users\Public\Desktop\CCleaner.lnk
2016-01-30 09:20 - 2016-01-30 09:21 - 00000000 ____D C:\Program Files\CCleaner
2016-01-30 09:18 - 2016-01-30 09:18 - 06828320 _____ (Piriform Ltd) C:\Users\HADJIRA\Downloads\ccsetup_514.exe
2016-01-29 13:23 - 2016-01-29 13:38 - 1472028232 _____ C:\Users\HADJIRA\Downloads\Burnt.2015.FRENCH.BDRip.XViD.AC3-FUNKKY.zone-telechargement.com.avi
2016-01-29 13:06 - 2016-01-29 13:21 - 737175582 _____ C:\Users\HADJIRA\Downloads\The.Rite.zone-telechargement.com.avi
2016-01-21 21:59 - 2016-01-21 21:59 - 04499648 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerInstaller.exe
2016-01-15 10:17 - 2015-12-10 01:40 - 00033456 _____ (Microsoft Corporation) C:\Windows\system32\CompatTelRunner.exe
2016-01-15 10:17 - 2015-11-17 22:07 - 01380864 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2016-01-15 10:17 - 2015-11-17 22:07 - 01164800 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2016-01-15 10:17 - 2015-11-17 22:07 - 00792064 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2016-01-15 10:17 - 2015-11-17 22:07 - 00705024 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2016-01-15 10:17 - 2015-11-17 22:07 - 00505344 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2016-01-15 10:17 - 2015-11-17 22:07 - 00210432 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll
2016-01-15 10:17 - 2015-11-17 22:07 - 00076800 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2016-01-13 21:41 - 2015-12-11 05:38 - 25837568 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2016-01-13 21:41 - 2015-12-11 05:00 - 00571904 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2016-01-13 21:41 - 2015-12-11 04:55 - 06051328 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2016-01-13 21:41 - 2015-12-11 04:50 - 20367360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2016-01-13 21:41 - 2015-12-11 04:45 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2016-01-13 21:41 - 2015-12-11 04:21 - 00496640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2016-01-13 21:41 - 2015-12-11 04:18 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2016-01-13 21:41 - 2015-12-11 04:09 - 01032704 _____ (Microsoft Corporation) C:\Windows\system32\inetcomm.dll
2016-01-13 21:41 - 2015-12-11 04:09 - 00663552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2016-01-13 21:41 - 2015-12-11 04:03 - 14456832 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2016-01-13 21:41 - 2015-12-11 03:59 - 00798208 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2016-01-13 21:41 - 2015-12-11 03:43 - 04610560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2016-01-13 21:41 - 2015-12-11 03:43 - 00880128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcomm.dll
2016-01-13 21:41 - 2015-12-11 03:38 - 02487808 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2016-01-13 21:41 - 2015-12-11 03:37 - 00687104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2016-01-13 21:41 - 2015-12-11 03:35 - 12856320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2016-01-13 21:41 - 2015-12-11 03:26 - 01546752 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2016-01-13 21:41 - 2015-12-11 03:14 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2016-01-13 21:41 - 2015-12-11 03:12 - 02011136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2016-01-13 21:41 - 2015-12-11 03:08 - 01311744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2016-01-13 21:41 - 2015-12-11 03:07 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2016-01-13 21:40 - 2015-12-05 06:58 - 02745184 _____ (Microsoft Corporation) C:\Windows\system32\WMVDECOD.DLL
2016-01-13 21:40 - 2015-12-05 06:58 - 02528784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMVDECOD.DLL
2016-01-13 21:40 - 2015-12-05 06:58 - 02334104 _____ (Microsoft Corporation) C:\Windows\system32\mfcore.dll
2016-01-13 21:40 - 2015-12-05 06:58 - 02324744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfcore.dll
2016-01-13 21:40 - 2015-12-05 06:58 - 01877504 _____ (Microsoft Corporation) C:\Windows\system32\msmpeg2adec.dll
2016-01-13 21:40 - 2015-12-05 06:58 - 01484888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msmpeg2adec.dll
2016-01-13 21:40 - 2015-12-05 06:58 - 01288128 _____ (Microsoft Corporation) C:\Windows\system32\mfnetsrc.dll
2016-01-13 21:40 - 2015-12-05 06:58 - 01210200 _____ (Microsoft Corporation) C:\Windows\system32\WMADMOD.DLL
2016-01-13 21:40 - 2015-12-05 06:58 - 01115640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfnetsrc.dll
2016-01-13 21:40 - 2015-12-05 06:58 - 01037680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMADMOD.DLL
2016-01-13 21:40 - 2015-12-05 06:58 - 00850680 _____ (Microsoft Corporation) C:\Windows\system32\mfnetcore.dll
2016-01-13 21:40 - 2015-12-05 06:58 - 00735496 _____ (Microsoft Corporation) C:\Windows\system32\evr.dll
2016-01-13 21:40 - 2015-12-05 06:58 - 00700360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfnetcore.dll
2016-01-13 21:40 - 2015-12-02 16:04 - 00670208 _____ (Microsoft Corporation) C:\Windows\system32\qedit.dll
2016-01-13 21:40 - 2015-12-02 16:01 - 00561664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qedit.dll
2016-01-13 21:39 - 2015-12-07 11:56 - 01380600 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2016-01-13 21:39 - 2015-12-05 06:58 - 02450240 _____ (Microsoft Corporation) C:\Windows\system32\WMVENCOD.DLL
2016-01-13 21:39 - 2015-12-05 06:58 - 02447136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMVENCOD.DLL
2016-01-13 21:39 - 2015-12-05 06:58 - 01798480 _____ (Microsoft Corporation) C:\Windows\system32\WMALFXGFXDSP.dll
2016-01-13 21:39 - 2015-12-05 06:58 - 01150232 _____ (Microsoft Corporation) C:\Windows\system32\WMADMOE.DLL
2016-01-13 21:39 - 2015-12-05 06:58 - 00914672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMADMOE.DLL
2016-01-13 21:39 - 2015-12-05 06:58 - 00629600 _____ (Microsoft Corporation) C:\Windows\system32\MP4SDECD.DLL
2016-01-13 21:39 - 2015-12-05 06:58 - 00584656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\evr.dll
2016-01-13 21:39 - 2015-12-05 06:58 - 00557856 _____ (Microsoft Corporation) C:\Windows\system32\WMVSDECD.DLL
2016-01-13 21:39 - 2015-12-05 06:58 - 00498472 _____ (Microsoft Corporation) C:\Windows\system32\mfsvr.dll
2016-01-13 21:39 - 2015-12-05 06:58 - 00492736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMVSDECD.DLL
2016-01-13 21:39 - 2015-12-05 06:58 - 00463776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MP4SDECD.DLL
2016-01-13 21:39 - 2015-12-05 06:58 - 00399776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfsvr.dll
2016-01-13 21:39 - 2015-12-05 06:58 - 00299080 _____ (Microsoft Corporation) C:\Windows\system32\VIDRESZR.DLL
2016-01-13 21:39 - 2015-12-05 06:58 - 00275312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MPG4DECD.DLL
2016-01-13 21:39 - 2015-12-05 06:58 - 00274280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MP43DECD.DLL
2016-01-13 21:39 - 2015-12-05 06:58 - 00250520 _____ (Microsoft Corporation) C:\Windows\system32\MPG4DECD.DLL
2016-01-13 21:39 - 2015-12-05 06:58 - 00248432 _____ (Microsoft Corporation) C:\Windows\system32\MP43DECD.DLL
2016-01-13 21:39 - 2015-12-05 06:58 - 00246856 _____ (Microsoft Corporation) C:\Windows\system32\RESAMPLEDMO.DLL
2016-01-13 21:39 - 2015-12-05 06:58 - 00244296 _____ (Microsoft Corporation) C:\Windows\system32\mfps.dll
2016-01-13 21:39 - 2015-12-05 06:58 - 00229272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RESAMPLEDMO.DLL
2016-01-13 21:39 - 2015-12-05 06:58 - 00203016 _____ (Microsoft Corporation) C:\Windows\system32\COLORCNV.DLL
2016-01-13 21:39 - 2015-12-05 06:58 - 00184912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\COLORCNV.DLL
2016-01-13 21:39 - 2015-12-05 06:58 - 00183856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\VIDRESZR.DLL
2016-01-13 21:39 - 2015-12-05 06:58 - 00116720 _____ (Microsoft Corporation) C:\Windows\system32\MP3DMOD.DLL
2016-01-13 21:39 - 2015-12-05 06:58 - 00110544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfps.dll
2016-01-13 21:39 - 2015-12-05 06:58 - 00099136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MP3DMOD.DLL
2016-01-13 21:39 - 2015-12-05 06:58 - 00090904 _____ (Microsoft Corporation) C:\Windows\system32\devenum.dll
2016-01-13 21:39 - 2015-12-05 06:58 - 00090392 _____ (Microsoft Corporation) C:\Windows\system32\mfvdsp.dll
2016-01-13 21:39 - 2015-12-05 06:58 - 00081032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\devenum.dll
2016-01-13 21:39 - 2015-12-05 06:58 - 00076936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfvdsp.dll
2016-01-13 21:39 - 2015-12-04 16:00 - 01097216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2016-01-13 21:39 - 2015-12-03 20:42 - 00561952 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys
2016-01-13 21:39 - 2015-12-03 20:42 - 00397224 _____ (Microsoft Corporation) C:\Windows\system32\bcryptprimitives.dll
2016-01-13 21:39 - 2015-12-03 20:42 - 00137968 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2016-01-13 21:39 - 2015-12-03 20:42 - 00106960 _____ (Microsoft Corporation) C:\Windows\system32\ncryptsslp.dll
2016-01-13 21:39 - 2015-12-03 20:41 - 00177488 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2016-01-13 21:39 - 2015-12-03 19:52 - 00340872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\bcryptprimitives.dll
2016-01-13 21:39 - 2015-12-03 19:52 - 00120376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2016-01-13 21:39 - 2015-12-03 19:52 - 00091416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncryptsslp.dll
2016-01-13 21:39 - 2015-12-03 19:28 - 00401920 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2016-01-13 21:39 - 2015-12-03 19:28 - 00202240 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2016-01-13 21:39 - 2015-12-03 19:07 - 00340992 _____ (Microsoft Corporation) C:\Windows\system32\qdvd.dll
2016-01-13 21:39 - 2015-12-03 19:07 - 00289792 _____ (Microsoft Corporation) C:\Windows\system32\ksproxy.ax
2016-01-13 21:39 - 2015-12-03 19:05 - 00644608 _____ (Microsoft Corporation) C:\Windows\system32\WMVXENCD.DLL
2016-01-13 21:39 - 2015-12-03 19:02 - 01664000 _____ (Microsoft Corporation) C:\Windows\system32\WMSPDMOE.DLL
2016-01-13 21:39 - 2015-12-03 19:00 - 00451072 _____ (Microsoft Corporation) C:\Windows\system32\WMVSENCD.DLL
2016-01-13 21:39 - 2015-12-03 18:58 - 00378880 ____C (Microsoft Corporation) C:\Windows\system32\SysFxUI.dll
2016-01-13 21:39 - 2015-12-03 18:51 - 00445440 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll
2016-01-13 21:39 - 2015-12-03 18:36 - 01697792 _____ (Microsoft Corporation) C:\Windows\system32\quartz.dll
2016-01-13 21:39 - 2015-12-03 18:30 - 00468480 _____ (Microsoft Corporation) C:\Windows\system32\MFWMAAEC.DLL
2016-01-13 21:39 - 2015-12-03 18:28 - 00519680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qdvd.dll
2016-01-13 21:39 - 2015-12-03 18:28 - 00245760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ksproxy.ax
2016-01-13 21:39 - 2015-12-03 18:27 - 00736256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMVXENCD.DLL
2016-01-13 21:39 - 2015-12-03 18:24 - 01411584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMSPDMOE.DLL
2016-01-13 21:39 - 2015-12-03 18:23 - 00402432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMVSENCD.DLL
2016-01-13 21:39 - 2015-12-03 18:16 - 00324096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certcli.dll
2016-01-13 21:39 - 2015-12-03 18:13 - 01441280 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2016-01-13 21:39 - 2015-12-03 18:07 - 00432128 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2016-01-13 21:39 - 2015-12-03 18:06 - 01501184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\quartz.dll
2016-01-13 21:39 - 2015-12-03 18:01 - 00743936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MFWMAAEC.DLL
2016-01-13 21:39 - 2015-12-03 17:45 - 00357888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2016-01-13 21:39 - 2015-12-03 17:40 - 01010688 _____ (Microsoft Corporation) C:\Windows\system32\WMSPDMOD.DLL
2016-01-13 21:39 - 2015-12-03 17:29 - 00887296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMSPDMOD.DLL
2016-01-13 21:38 - 2015-12-30 20:32 - 07453016 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2016-01-13 21:38 - 2015-12-30 20:32 - 01735000 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2016-01-13 21:38 - 2015-12-30 20:32 - 01499912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2016-01-13 21:38 - 2015-12-08 20:08 - 00685432 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
2016-01-13 21:38 - 2015-12-08 20:07 - 00507176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\advapi32.dll
2016-01-10 22:08 - 2016-01-10 22:22 - 00000000 ____D C:\Users\HADJIRA\Documents\ogif paiment carte
2016-01-08 20:10 - 2016-01-08 20:10 - 00000000 ____D C:\Users\Default\AppData\Local\Trusteer
2016-01-08 20:10 - 2016-01-08 20:10 - 00000000 ____D C:\Users\Default User\AppData\Local\Trusteer
2016-01-08 10:08 - 2016-01-08 20:05 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2016-01-03 20:06 - 2016-01-03 20:07 - 00000000 ____D C:\Users\HADJIRA\Documents\EXAMENS SANG
2016-01-02 14:07 - 2016-01-22 23:49 - 00397336 _____ (IBM Corp.) C:\Windows\system32\Drivers\RapportKE64.sys
2016-01-02 14:07 - 2016-01-22 23:49 - 00142488 _____ (IBM Corp.) C:\Windows\system32\Drivers\RapportHades64.sys
2016-01-02 14:06 - 2016-01-31 16:57 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Trusteer Sécurité des points d'accès
2016-01-02 14:06 - 2016-01-02 14:06 - 00000000 ____D C:\Users\HADJIRA\AppData\Local\Trusteer
2016-01-02 14:06 - 2016-01-02 14:06 - 00000000 ____D C:\Program Files (x86)\Trusteer
2016-01-02 14:03 - 2016-01-02 14:03 - 00000000 ____D C:\ProgramData\Trusteer

==================== Un mois - Modifiés - fichiers et dossiers ========

(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)

2016-01-31 19:59 - 2015-04-25 07:39 - 00001002 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2016-01-31 18:17 - 2015-07-05 07:55 - 00001088 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2016-01-31 17:12 - 2015-04-05 16:14 - 00003600 _____ C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-2659718442-1096092316-2331325113-1001
2016-01-31 17:01 - 2014-10-25 06:32 - 00812350 _____ C:\Windows\system32\perfh00C.dat
2016-01-31 17:01 - 2014-10-25 06:32 - 00159412 _____ C:\Windows\system32\perfc00C.dat
2016-01-31 17:01 - 2014-03-18 11:03 - 01824010 _____ C:\Windows\system32\PerfStringBackup.INI
2016-01-31 17:01 - 2013-08-22 14:36 - 00000000 ____D C:\Windows\Inf
2016-01-31 16:59 - 2015-04-05 16:16 - 00000000 ___RD C:\Users\HADJIRA\OneDrive
2016-01-31 16:58 - 2015-04-05 16:08 - 00000000 ____D C:\Users\HADJIRA
2016-01-31 16:56 - 2014-10-24 21:40 - 03390319 _____ C:\Windows\SysWOW64\rootpa.e2e
2016-01-31 16:53 - 2013-08-22 15:45 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2016-01-31 15:00 - 2015-04-05 16:17 - 00003932 _____ C:\Windows\System32\Tasks\User_Feed_Synchronization-{30B16011-D9BA-43CC-A83D-844B39F48576}
2016-01-31 08:42 - 2015-05-03 16:29 - 00072704 ___SH C:\Users\HADJIRA\Desktop\Thumbs.db
2016-01-30 11:27 - 2015-07-19 12:32 - 00192216 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2016-01-30 09:24 - 2015-04-06 10:59 - 00000000 ____D C:\Windows\Minidump
2016-01-30 09:24 - 2015-04-05 16:17 - 00000000 ____D C:\Users\HADJIRA\AppData\Local\CrashDumps
2016-01-30 09:24 - 2014-07-14 19:34 - 00000000 ____D C:\Windows\Panther
2016-01-29 07:18 - 2015-07-05 07:56 - 00002540 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-01-29 07:04 - 2013-08-22 16:36 - 00000000 ___HD C:\Program Files\WindowsApps
2016-01-29 07:04 - 2013-08-22 16:36 - 00000000 ____D C:\Windows\AppReadiness
2016-01-21 21:59 - 2015-04-25 07:39 - 00003890 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2016-01-18 22:31 - 2015-05-02 10:06 - 00000000 ____D C:\Users\HADJIRA\Documents\sayah abdelhak
2016-01-18 22:28 - 2015-04-05 16:08 - 00000000 ____D C:\Users\HADJIRA\AppData\Local\Packages
2016-01-16 09:51 - 2013-08-22 16:36 - 00000000 ____D C:\Windows\rescache
2016-01-15 22:55 - 2013-08-22 16:36 - 00000000 ____D C:\Windows\System
2016-01-15 20:49 - 2013-08-22 14:25 - 00262144 ___SH C:\Windows\system32\config\BBI
2016-01-15 20:46 - 2015-04-10 11:48 - 00000000 ___SD C:\Windows\system32\CompatTel
2016-01-15 20:46 - 2015-04-10 11:48 - 00000000 ____D C:\Windows\system32\appraiser
2016-01-15 10:35 - 2013-08-22 16:20 - 00000000 ____D C:\Windows\CbsTemp
2016-01-15 10:33 - 2015-04-09 17:31 - 00000000 ____D C:\Windows\system32\MRT
2016-01-15 10:28 - 2015-04-09 17:31 - 143671360 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2016-01-10 22:14 - 2015-12-26 12:47 - 00000000 ____D C:\Users\HADJIRA\Desktop\Justificatif du règlement de l'amende_fichiers
2016-01-10 18:07 - 2015-07-05 07:57 - 00004182 _____ C:\Windows\System32\Tasks\avast! Emergency Update
2016-01-08 20:05 - 2015-04-06 11:45 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2016-01-05 21:04 - 2015-04-09 18:02 - 00826872 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2016-01-05 21:04 - 2015-04-09 18:02 - 00176632 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2016-01-02 10:10 - 2014-10-24 21:31 - 00000000 ____D C:\ProgramData\Realtek

==================== Fichiers à la racine de certains dossiers =======

2015-04-05 16:09 - 2016-01-31 19:55 - 0703828 _____ () C:\Users\HADJIRA\AppData\Local\BTServer.log
2014-10-24 21:37 - 2014-10-24 21:37 - 0000000 ____H () C:\ProgramData\DP45977C.lfl

==================== Bamital & volsnap =================

(Il n'y a pas de correction automatique pour les fichiers qui ne satisfont pas à la vérification.)

C:\Windows\system32\winlogon.exe => Le fichier est signé numériquement
C:\Windows\system32\wininit.exe => Le fichier est signé numériquement
C:\Windows\explorer.exe => Le fichier est signé numériquement
C:\Windows\SysWOW64\explorer.exe => Le fichier est signé numériquement
C:\Windows\system32\svchost.exe => Le fichier est signé numériquement
C:\Windows\SysWOW64\svchost.exe => Le fichier est signé numériquement
C:\Windows\system32\services.exe => Le fichier est signé numériquement
C:\Windows\system32\User32.dll => Le fichier est signé numériquement
C:\Windows\SysWOW64\User32.dll => Le fichier est signé numériquement
C:\Windows\system32\userinit.exe => Le fichier est signé numériquement
C:\Windows\SysWOW64\userinit.exe => Le fichier est signé numériquement
C:\Windows\system32\rpcss.dll => Le fichier est signé numériquement
C:\Windows\system32\dnsapi.dll => Le fichier est signé numériquement
C:\Windows\SysWOW64\dnsapi.dll => Le fichier est signé numériquement
C:\Windows\system32\Drivers\volsnap.sys => Le fichier est signé numériquement


LastRegBack: 2016-01-30 12:51

==================== Fin de FRST.txt ============================

Publicité


Signaler le contenu de ce document

Publicité