cjoint

Publicité


Publicité

Format du document : text/plain

Prévisualisation

Résultats d'analyse de Farbar Recovery Scan Tool (FRST) (x86) Version:31-12-2015
Exécuté par Filip (administrateur) sur FILIP-PC (03-01-2016 22:43:51)
Exécuté depuis F:\
Profils chargés: Filip (Profils disponibles: Filip & UpdatusUser & postgres)
Platform: Microsoft Windows 7 Édition Familiale Premium Service Pack 1 (X86) Langue: Français (France)
Internet Explorer Version 11 (Navigateur par défaut non détecté(e)!)
Mode d'amorçage: Safe Mode (with Networking)
Tutoriel pour Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processus (Avec liste blanche) =================

(Si un élément est inclus dans le fichier fixlist.txt, le processus sera arrêté. Le fichier ne sera pas déplacé.)

(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe


==================== Registre (Avec liste blanche) ===========================

(Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé. Le fichier ne sera pas déplacé.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe [11930696 2013-03-29] (Realtek Semiconductor)
HKLM\...\Run: [APSDaemon] => C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe [60712 2014-10-11] (Apple Inc.)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [157480 2014-10-15] (Apple Inc.)
HKLM\...\Run: [MSC] => C:\Program Files\Microsoft Security Client\msseces.exe [981688 2015-04-29] (Microsoft Corporation)
HKLM\...\Run: [IJNetworkScannerSelectorEX] => C:\Program Files\Canon\IJ Network Scanner Selector EX\CNMNSST.exe [453736 2013-02-19] (CANON INC.)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [558496 2014-02-27] (Adobe Systems Incorporated)
HKLM\...\Run: [Adobe Creative Cloud] => C:\Program Files\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [2691480 2014-03-21] (Adobe Systems Incorporated)
HKLM\...\Run: [QuickTime Task] => C:\Program Files\QuickTime\QTTask.exe [421888 2014-10-02] (Apple Inc.)
HKU\S-1-5-21-793026920-3970744245-3492773303-1000\...\RunOnce: [FlashPlayerUpdate] => C:\Windows\system32\Macromed\Flash\FlashUtil32_11_5_502_135_ActiveX.exe [697272 2013-10-10] (Adobe Systems Incorporated)
HKU\S-1-5-21-793026920-3970744245-3492773303-1000\...\MountPoints2: {16f6536c-126b-11e4-86a3-001b3859ac6d} - "F:\WD SmartWare.exe" autoplay=true
ShellExecuteHooks: - {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - Pas de fichier [ ]
ShellIconOverlayIdentifiers: [ AccExtIco1] -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files\Adobe\Adobe Creative Cloud\CoreSync\CoreSync_x86.dll [2014-03-20] ()
ShellIconOverlayIdentifiers: [ AccExtIco2] -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files\Adobe\Adobe Creative Cloud\CoreSync\CoreSync_x86.dll [2014-03-20] ()
ShellIconOverlayIdentifiers: [ AccExtIco3] -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files\Adobe\Adobe Creative Cloud\CoreSync\CoreSync_x86.dll [2014-03-20] ()
Startup: C:\Users\Filip\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\how_recover+fst.html [2015-12-11] ()
Startup: C:\Users\Filip\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\how_recover+fst.txt [2015-12-11] ()
Startup: C:\Users\Filip\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\how_recover+hlg.html [2015-12-10] ()
Startup: C:\Users\Filip\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\how_recover+hlg.txt [2015-12-10] ()

==================== Internet (Avec liste blanche) ====================

(Si un élément est inclus dans le fichier fixlist.txt, s'il s'agit d'un élément du Registre, il sera supprimé ou restauré à la valeur par défaut.)

Winsock: Catalog5 07 C:\Program Files\Bonjour\mdnsNSP.dll [121704 2011-08-30] (Apple Inc.)
Hosts: Il y a plus d'un élément dans hosts. Voir la section Hosts de Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{0C0ABD8B-B6D8-40C4-8D6D-6997A7A1688E}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{872C6ABE-2C0C-41A3-A58B-3E3DF1133732}: [DhcpNameServer] 172.20.10.1

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.msn.com/?pc=MSSE
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = www.google.com
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.msn.com/?pc=MSSE
HKU\S-1-5-19\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.msn.com/?pc=MSSE
HKU\S-1-5-20\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.msn.com/?pc=MSSE
HKU\S-1-5-21-793026920-3970744245-3492773303-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://google.fr/
SearchScopes: HKLM -> DefaultScope {425ED333-6083-428a-92C9-0CFC28B9D1BF} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSSE
SearchScopes: HKLM -> {425ED333-6083-428a-92C9-0CFC28B9D1BF} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSSE
SearchScopes: HKU\.DEFAULT -> DefaultScope {425ED333-6083-428a-92C9-0CFC28B9D1BF} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSSE
SearchScopes: HKU\.DEFAULT -> {425ED333-6083-428a-92C9-0CFC28B9D1BF} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSSE
SearchScopes: HKU\S-1-5-19 -> DefaultScope {425ED333-6083-428a-92C9-0CFC28B9D1BF} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSSE
SearchScopes: HKU\S-1-5-19 -> {425ED333-6083-428a-92C9-0CFC28B9D1BF} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSSE
SearchScopes: HKU\S-1-5-20 -> DefaultScope {425ED333-6083-428a-92C9-0CFC28B9D1BF} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSSE
SearchScopes: HKU\S-1-5-20 -> {425ED333-6083-428a-92C9-0CFC28B9D1BF} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSSE
SearchScopes: HKU\S-1-5-21-793026920-3970744245-3492773303-1000 -> DefaultScope {425ED333-6083-428a-92C9-0CFC28B9D1BF} URL =
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll [2013-02-26] (Skype Technologies)
StartMenuInternet: IEXPLORE.EXE - iexplore.exe

FireFox:
========
FF Plugin: @Apple.com/iTunes,version=1.0 -> C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll [2014-02-21] ()
FF Plugin: @canon.com/EPPEX -> C:\Program Files\Canon\My Image Garden\AddOn\CIG\npmigfpi.dll [2011-11-30] (CANON INC.)
FF Plugin: @Google.com/GoogleEarthPlugin -> C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll [2015-05-20] (Google)
FF Plugin: @microsoft.com/GENUINE -> disabled [Pas de fichier]
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] ( Microsoft Corporation)
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.29.1\npGoogleUpdate3.dll [2015-12-04] (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.29.1\npGoogleUpdate3.dll [2015-12-04] (Google Inc.)
FF Plugin: @videolan.org/vlc,version=2.0.4 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2012-10-15] (VideoLAN)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2015-09-27] (Adobe Systems Inc.)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll [2014-03-20] (Adobe Systems)
FF Plugin HKU\S-1-5-21-793026920-3970744245-3492773303-1000: @Skype Limited.com/Facebook Video Calling Plugin -> C:\Users\Filip\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll [Pas de fichier]
FF Plugin HKU\S-1-5-21-793026920-3970744245-3492773303-1000: @tools.google.com/Google Update;version=3 -> C:\Users\Filip\AppData\Local\Google\Update\1.3.29.1\npGoogleUpdate3.dll [Pas de fichier]

Chrome:
=======
CHR HomePage: Profile 1 -> hxxp://google/
CHR StartupUrls: Profile 1 -> "hxxp://www.istartsurf.com/?type=hppp&ts=1437657244&from=xtab&uid=HitachiXHTS542525K9SA00_070912BB0F00WDG4EWTAX"
CHR Profile: C:\Users\Filip\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Bookmark Manager) - C:\Users\Filip\AppData\Local\Google\Chrome\User Data\Default\Extensions\gmlllbghnfkpflemihljekbapjopfjik [2015-12-11]
CHR Extension: (Chrome Hotword Shared Module) - C:\Users\Filip\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-12-11]
CHR Extension: (Google Wallet) - C:\Users\Filip\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-12-11]
CHR Profile: C:\Users\Filip\AppData\Local\Google\Chrome\User Data\Profile 1
CHR Extension: (Google Slides) - C:\Users\Filip\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-12-11]
CHR Extension: (Google Docs) - C:\Users\Filip\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aohghmighlieiainnegkcijnfilokake [2015-12-11]
CHR Extension: (Google Drive) - C:\Users\Filip\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-12-11]
CHR Extension: (YouTube) - C:\Users\Filip\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-12-11]
CHR Extension: (Recherche Google) - C:\Users\Filip\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-12-11]
CHR Extension: (Google Sheets) - C:\Users\Filip\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-12-11]
CHR Extension: (Google Docs hors connexion) - C:\Users\Filip\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2015-12-11]
CHR Extension: (Paiements via le Chrome Web Store) - C:\Users\Filip\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-12-11]
CHR Extension: (Security Protection) - C:\Users\Filip\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\noajmlkipclmeolfcnflkjhijkigpfjh [2015-12-11]
CHR Extension: (Gmail) - C:\Users\Filip\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-12-11]

==================== Services (Avec liste blanche) ========================

(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)

S3 Fax; C:\Windows\system32\fxssvc.exe [523264 2010-11-20] (Microsoft Corporation) [Fichier non signé]
S2 MBAMScheduler; C:\Program Files\Malwarebytes Anti-Malware\mbamscheduler.exe [1513784 2015-10-05] (Malwarebytes)
S2 MBAMService; C:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe [1135416 2015-10-05] (Malwarebytes)
R2 MsMpSvc; C:\Program Files\Microsoft Security Client\MsMpEng.exe [22216 2015-04-30] (Microsoft Corporation)
S3 NisSrv; C:\Program Files\Microsoft Security Client\NisSrv.exe [284504 2015-04-30] (Microsoft Corporation)
S2 postgresql-8.4; c:\postgreSQL\bin\pg_ctl.exe [81920 2013-04-02] (PostgreSQL Global Development Group) [Fichier non signé]
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [680960 2013-05-27] (Microsoft Corporation)

===================== Pilotes (Avec liste blanche) ==========================

(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)

S3 DrvSnSht; C:\Program Files\R-Drive Image\DrvSnSht.sys [102848 2010-05-31] (R-TT Inc.) [Fichier non signé]
S3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [23256 2015-10-05] (Malwarebytes)
S3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [170200 2016-01-02] (Malwarebytes)
S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [51928 2015-10-05] (Malwarebytes Corporation)
S0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [245096 2015-03-04] (Microsoft Corporation)
S3 R-ImageDisk; C:\Program Files\R-Drive Image\R-ImageDisk.sys [181376 2014-10-10] (R-TT Inc.) [Fichier non signé]
S0 gkkagulm; System32\drivers\dawden.sys [X]
S1 hgndadkk; \??\C:\Windows\system32\drivers\hgndadkk.sys [X]
U2 sppspv; pas de ImagePath
U5 VWiFiFlt; C:\Windows\System32\Drivers\VWiFiFlt.sys [48128 2009-07-14] (Microsoft Corporation)

==================== NetSvcs (Avec liste blanche) ===================

(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)


==================== Un mois - Créés - fichiers et dossiers ========

(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)

2016-01-03 22:34 - 2016-01-03 22:43 - 00000000 ____D C:\FRST
2016-01-03 14:58 - 2016-01-03 14:58 - 00000000 __SHD C:\found.006
2016-01-02 20:35 - 2016-01-02 20:35 - 00000000 _____ C:\Users\Filip\AppData\Local\{A5748294-50D3-4660-BB8E-92B939E36AC4}
2015-12-21 13:46 - 2016-01-02 20:43 - 00170200 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-12-21 13:44 - 2015-12-21 13:44 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2015-12-21 13:44 - 2015-12-21 13:44 - 00000000 ____D C:\ProgramData\Malwarebytes
2015-12-21 13:44 - 2015-12-21 13:44 - 00000000 ____D C:\Program Files\Malwarebytes Anti-Malware
2015-12-21 13:44 - 2015-10-05 09:50 - 00094936 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamchameleon.sys
2015-12-21 13:44 - 2015-10-05 09:50 - 00051928 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2015-12-21 13:44 - 2015-10-05 09:50 - 00023256 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbam.sys
2015-12-18 18:12 - 2015-12-19 14:13 - 00000000 ____D C:\Program Files\R-Drive Image
2015-12-18 18:12 - 2015-12-18 18:12 - 00000000 ____D C:\Users\Filip\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\R-Drive Image
2015-12-18 17:50 - 2015-12-18 17:50 - 00000000 ____D C:\Program Files\Acer Inc
2015-12-14 08:19 - 2015-12-14 08:19 - 00016584 ____N C:\bootsqm.dat
2015-12-14 08:17 - 2015-12-14 08:17 - 00000000 __SHD C:\found.016
2015-12-11 01:12 - 2015-12-11 01:12 - 00009990 _____ C:\Users\Public\how_recover+fst.html
2015-12-11 01:12 - 2015-12-11 01:12 - 00009990 _____ C:\Users\Filip\how_recover+fst.html
2015-12-11 01:12 - 2015-12-11 01:12 - 00009990 _____ C:\Users\Filip\AppData\Roaming\how_recover+fst.html
2015-12-11 01:12 - 2015-12-11 01:12 - 00009990 _____ C:\Users\Filip\AppData\how_recover+fst.html
2015-12-11 01:12 - 2015-12-11 01:12 - 00002231 _____ C:\Users\Public\how_recover+fst.txt
2015-12-11 01:12 - 2015-12-11 01:12 - 00002231 _____ C:\Users\Filip\how_recover+fst.txt
2015-12-11 01:12 - 2015-12-11 01:12 - 00002231 _____ C:\Users\Filip\AppData\Roaming\how_recover+fst.txt
2015-12-11 01:12 - 2015-12-11 01:12 - 00002231 _____ C:\Users\Filip\AppData\how_recover+fst.txt
2015-12-11 01:02 - 2015-12-11 01:02 - 00009990 _____ C:\Users\Filip\AppData\LocalLow\how_recover+fst.html
2015-12-11 01:02 - 2015-12-11 01:02 - 00002231 _____ C:\Users\Filip\AppData\LocalLow\how_recover+fst.txt
2015-12-11 00:51 - 2015-12-11 01:12 - 00009990 _____ C:\Users\Filip\AppData\Local\how_recover+fst.html
2015-12-11 00:51 - 2015-12-11 01:12 - 00002231 _____ C:\Users\Filip\AppData\Local\how_recover+fst.txt
2015-12-11 00:51 - 2015-12-11 00:51 - 00009990 _____ C:\ProgramData\how_recover+fst.html
2015-12-11 00:51 - 2015-12-11 00:51 - 00002231 _____ C:\ProgramData\how_recover+fst.txt
2015-12-10 23:38 - 2015-12-10 23:38 - 00009990 _____ C:\Users\Public\how_recover+hlg.html
2015-12-10 23:38 - 2015-12-10 23:38 - 00009990 _____ C:\Users\Filip\how_recover+hlg.html
2015-12-10 23:38 - 2015-12-10 23:38 - 00009990 _____ C:\Users\Filip\AppData\Roaming\how_recover+hlg.html
2015-12-10 23:38 - 2015-12-10 23:38 - 00009990 _____ C:\Users\Filip\AppData\how_recover+hlg.html
2015-12-10 23:38 - 2015-12-10 23:38 - 00002231 _____ C:\Users\Public\how_recover+hlg.txt
2015-12-10 23:38 - 2015-12-10 23:38 - 00002231 _____ C:\Users\Filip\how_recover+hlg.txt
2015-12-10 23:38 - 2015-12-10 23:38 - 00002231 _____ C:\Users\Filip\AppData\Roaming\how_recover+hlg.txt
2015-12-10 23:38 - 2015-12-10 23:38 - 00002231 _____ C:\Users\Filip\AppData\how_recover+hlg.txt
2015-12-10 23:07 - 2015-12-10 23:07 - 00009990 _____ C:\Users\Filip\AppData\LocalLow\how_recover+hlg.html
2015-12-10 23:07 - 2015-12-10 23:07 - 00002231 _____ C:\Users\Filip\AppData\LocalLow\how_recover+hlg.txt
2015-12-10 23:01 - 2015-12-18 17:15 - 00000000 ____D C:\Users\Filip\AppData\Local\Odics
2015-12-10 23:01 - 2015-12-10 23:38 - 00009990 _____ C:\Users\Filip\AppData\Local\how_recover+hlg.html
2015-12-10 23:01 - 2015-12-10 23:38 - 00002231 _____ C:\Users\Filip\AppData\Local\how_recover+hlg.txt
2015-12-10 23:01 - 2015-12-10 23:01 - 00009990 _____ C:\ProgramData\how_recover+hlg.html
2015-12-10 23:01 - 2015-12-10 23:01 - 00002231 _____ C:\ProgramData\how_recover+hlg.txt
2015-12-10 23:00 - 2015-12-11 00:51 - 00000000 ___HD C:\ProgramData\{D9E629DC-CB1C-4A97-9900-81922B4EFFD4}
2015-12-07 13:57 - 2015-12-07 13:57 - 00000000 __SHD C:\found.015

==================== Un mois - Modifiés - fichiers et dossiers ========

(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)

2016-01-03 22:43 - 2009-07-14 03:37 - 00000000 ____D C:\Windows
2016-01-03 15:07 - 2013-07-23 14:17 - 00001054 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2016-01-03 15:06 - 2009-07-14 05:53 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2016-01-02 23:45 - 2013-10-17 21:30 - 00000000 ____D C:\Users\Filip\AppData\Roaming\BitTorrent
2016-01-02 23:45 - 2013-06-24 15:24 - 00000000 ____D C:\ProgramData\Spybot - Search & Destroy
2016-01-02 23:45 - 2009-07-14 03:37 - 00000000 ____D C:\Windows\inf
2016-01-02 20:55 - 2009-07-14 05:34 - 00022784 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2016-01-02 20:52 - 2013-06-27 15:55 - 00000000 ____D C:\Users\Filip\AppData\Local\Adobe
2016-01-02 20:52 - 2013-06-24 15:29 - 00006252 _____ C:\Windows\system32\PerfStringBackup.INI
2016-01-02 20:52 - 2009-07-14 09:39 - 07020802 _____ C:\Windows\system32\perfh00C.dat
2016-01-02 20:52 - 2009-07-14 09:39 - 02263910 _____ C:\Windows\system32\perfc00C.dat
2016-01-02 20:49 - 2013-07-23 14:17 - 00001058 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2016-01-02 20:49 - 2009-07-14 05:34 - 00022784 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2016-01-02 20:30 - 2009-07-14 05:52 - 00000000 ____D C:\Windows\Downloaded Program Files
2015-12-22 08:08 - 2013-06-24 15:22 - 00000000 ____D C:\Users\Filip
2015-12-20 13:27 - 2013-06-27 23:10 - 00000000 ____D C:\Users\Filip\AppData\Roaming\vlc
2015-12-20 11:38 - 2014-01-07 18:19 - 00000000 ____D C:\AdwCleaner
2015-12-20 02:04 - 2015-05-06 14:33 - 00000000 ____D C:\Windows\system32\MpEngineStore
2015-12-19 14:33 - 2013-10-03 17:03 - 00000000 ____D C:\Windows\Minidump
2015-12-14 13:32 - 2013-06-27 16:23 - 00000000 ____D C:\Users\postgres
2015-12-14 10:57 - 2013-10-10 14:26 - 00001002 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-12-14 09:12 - 2013-12-15 18:07 - 00000928 _____ C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-793026920-3970744245-3492773303-1000UA.job
2015-12-14 09:08 - 2009-07-14 05:53 - 00032482 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2015-12-14 08:33 - 2013-06-24 18:17 - 00000000 ____D C:\Users\UpdatusUser
2015-12-11 05:23 - 2013-06-24 16:56 - 00000000 ____D C:\Users\Filip\AppData\Local\Google
2015-12-11 01:12 - 2015-10-15 15:06 - 00000000 ____D C:\Users\Filip\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Amazon
2015-12-11 01:12 - 2015-09-02 20:20 - 00000000 ____D C:\Users\Filip\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Winamax
2015-12-11 01:12 - 2015-02-09 20:48 - 00000000 ____D C:\Users\Filip\Winamax
2015-12-11 01:12 - 2014-11-19 17:41 - 00000000 ____D C:\Users\Filip\AppData\Roaming\mulehome
2015-12-11 01:12 - 2014-07-27 17:38 - 00000000 ____D C:\Users\Filip\AppData\Roaming\SitNGoWizard
2015-12-11 01:12 - 2014-06-05 20:06 - 00000000 ____D C:\Users\Filip\AppData\Roaming\PDAppFlex
2015-12-11 01:12 - 2014-05-16 15:32 - 00000000 __RHD C:\Users\Public\Libraries
2015-12-11 01:12 - 2014-05-13 16:32 - 00000000 ____D C:\Users\Filip\AppData\Roaming\PDF Architect
2015-12-11 01:12 - 2014-04-01 15:25 - 00000000 ____D C:\Users\Filip\AppData\Roaming\XnView
2015-12-11 01:12 - 2014-01-07 18:20 - 00000000 ____D C:\Users\Filip\AppData\Roaming\ZHP
2015-12-11 01:12 - 2013-11-18 12:40 - 00000000 ____D C:\Users\Filip\AppData\Roaming\Summitsoft
2015-12-11 01:12 - 2013-10-13 13:12 - 00000000 ____D C:\Users\Filip\AppData\Roaming\Malwarebytes
2015-12-11 01:12 - 2013-10-10 14:36 - 00000000 ____D C:\Users\Filip\AppData\Roaming\NVIDIA
2015-12-11 01:12 - 2013-07-26 15:42 - 00000000 ____D C:\Users\Filip\AppData\Roaming\wam
2015-12-11 01:12 - 2013-07-08 10:07 - 00000000 ____D C:\Users\Filip\AppData\Roaming\Media Player Classic
2015-12-11 01:12 - 2013-06-27 16:42 - 00000000 ____D C:\Users\Filip\AppData\Roaming\HoldemManager
2015-12-11 01:12 - 2013-06-27 15:57 - 00000000 ____D C:\Users\Filip\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2015-12-11 01:12 - 2013-06-27 15:56 - 00000000 ____D C:\Users\Filip\AppData\Roaming\wam.04351C371E530C3762CBA45FA283ED972DCDEFB6.1
2015-12-11 01:12 - 2013-06-27 15:55 - 00000000 ____D C:\Users\Filip\AppData\Roaming\Macromedia
2015-12-11 01:12 - 2013-06-24 15:24 - 00000000 ____D C:\Users\Filip\AppData\Roaming\WinRAR
2015-12-11 01:12 - 2013-06-24 15:22 - 00000000 ____D C:\Users\Filip\AppData\Roaming\Media Center Programs
2015-12-11 01:02 - 2015-06-17 15:46 - 00000000 ____D C:\Users\Filip\AppData\Roaming\Apple Computer
2015-12-11 01:02 - 2015-02-09 20:50 - 00000000 ____D C:\Users\Filip\AppData\Roaming\com.winamax.chat
2015-12-11 01:02 - 2014-04-01 15:20 - 00000000 ____D C:\Users\Filip\AppData\Roaming\com.adobe.downloadassistant.AdobeDownloadAssistant
2015-12-11 01:02 - 2014-04-01 15:20 - 00000000 ____D C:\Users\Filip\AppData\LocalLow\Temp
2015-12-11 01:02 - 2014-04-01 12:22 - 00000000 ____D C:\Users\Filip\AppData\Roaming\dvdcss
2015-12-11 01:02 - 2014-03-17 19:32 - 00000000 ____D C:\Users\Filip\AppData\Local\WDSetup
2015-12-11 01:02 - 2014-03-07 14:00 - 00000000 ____D C:\Users\Filip\AppData\Roaming\Canon
2015-12-11 01:02 - 2014-03-07 13:56 - 00000000 ____D C:\Users\Filip\AppData\LocalLow\Canon Easy-WebPrint EX2
2015-12-11 01:02 - 2014-03-07 13:56 - 00000000 ____D C:\Users\Filip\AppData\LocalLow\Canon Easy-WebPrint EX
2015-12-11 01:02 - 2013-10-10 14:36 - 00000000 ____D C:\Users\Filip\AppData\Roaming\Google
2015-12-11 01:02 - 2013-10-10 14:26 - 00000000 ____D C:\Users\Filip\AppData\LocalLow\SIEN SA
2015-12-11 01:02 - 2013-07-23 15:02 - 00000000 ____D C:\Users\Filip\AppData\LocalLow\Google
2015-12-11 01:02 - 2013-07-01 22:46 - 00000000 ____D C:\Users\Filip\AppData\LocalLow\Adobe
2015-12-11 01:02 - 2013-06-28 14:34 - 00000000 ____D C:\Users\Filip\AppData\LocalLow\Apple Computer
2015-12-11 01:02 - 2013-06-27 16:44 - 00000000 ____D C:\Users\Filip\AppData\Roaming\HEM Data
2015-12-11 01:02 - 2013-06-25 10:11 - 00000000 ____D C:\Users\Filip\AppData\Local\Microsoft Help
2015-12-11 01:02 - 2013-06-24 20:02 - 00000000 ____D C:\Users\Filip\AppData\Roaming\Adobe
2015-12-11 01:02 - 2013-06-24 16:53 - 00000000 ____D C:\Users\Filip\AppData\Roaming\ESET
2015-12-11 01:02 - 2013-06-24 15:22 - 00000000 ____D C:\Users\Filip\AppData\Local\VirtualStore
2015-12-11 00:51 - 2015-10-15 15:06 - 00000000 ____D C:\Users\Filip\AppData\Local\Amazon
2015-12-11 00:51 - 2015-09-02 22:44 - 00000000 ___HD C:\ProgramData\CanonBJ
2015-12-11 00:51 - 2015-05-06 14:32 - 00000000 ____D C:\ProgramData\boost_interprocess
2015-12-11 00:51 - 2015-04-20 01:12 - 00000000 ____D C:\ProgramData\Adobe
2015-12-11 00:51 - 2015-04-19 17:00 - 00000000 ____D C:\ProgramData\Apple
2015-12-11 00:51 - 2014-11-19 17:43 - 00000000 ____D C:\Users\Filip\AppData\Local\eMule0.60
2015-12-11 00:51 - 2014-04-02 19:10 - 00000000 ____D C:\ProgramData\regid.1986-12.com.adobe
2015-12-11 00:51 - 2014-04-01 18:56 - 00000000 ____D C:\ProgramData\TEMP
2015-12-11 00:51 - 2013-12-07 09:16 - 00000000 ____D C:\Users\Filip\AppData\Local\gtk-2.0
2015-12-11 00:51 - 2013-12-07 09:16 - 00000000 ____D C:\Users\Filip\.thumbnails
2015-12-11 00:51 - 2013-11-18 18:32 - 00000000 ____D C:\Users\Filip\AppData\Local\gegl-0.2
2015-12-11 00:51 - 2013-11-18 18:32 - 00000000 ____D C:\Users\Filip\.gimp-2.8
2015-12-11 00:51 - 2013-08-14 13:40 - 00000000 ____D C:\Users\Filip\AppData\Local\eMule
2015-12-11 00:51 - 2013-06-28 09:07 - 00000000 ____D C:\Users\Filip\AppData\Local\Apple Computer
2015-12-11 00:51 - 2013-06-28 09:06 - 00000000 ____D C:\Users\Filip\AppData\Local\Apple
2015-12-11 00:51 - 2013-06-27 16:47 - 00000000 ____D C:\Users\Filip\AppData\Local\Hold'em_Manager
2015-12-11 00:51 - 2013-06-27 16:42 - 00000000 ____D C:\Users\Filip\AppData\Local\IsolatedStorage
2015-12-11 00:51 - 2013-06-27 16:42 - 00000000 ____D C:\ProgramData\XHEO INC
2015-12-11 00:51 - 2013-06-27 16:20 - 00000000 ____D C:\postgreSQL
2015-12-11 00:51 - 2013-06-27 16:19 - 00000000 ____D C:\PostgreSQL-prev-2013-05-Jun-12-19-24
2015-12-11 00:51 - 2013-06-24 18:19 - 00000000 ____D C:\Intel
2015-12-11 00:51 - 2013-06-24 18:17 - 00000000 ____D C:\ProgramData\NVIDIA
2015-12-11 00:51 - 2013-06-24 18:15 - 00000000 ____D C:\ProgramData\NVIDIA Corporation
2015-12-11 00:51 - 2013-06-24 16:53 - 00000000 ____D C:\Users\Filip\AppData\Local\ESET
2015-12-11 00:51 - 2013-06-24 15:25 - 00000000 ____D C:\ProgramData\Skype
2015-12-10 18:12 - 2013-12-15 18:07 - 00000906 _____ C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-793026920-3970744245-3492773303-1000Core.job

==================== Fichiers à la racine de certains dossiers =======

2015-12-11 01:12 - 2015-12-11 01:12 - 0009990 _____ () C:\Users\Filip\AppData\Roaming\how_recover+fst.html
2015-12-11 01:12 - 2015-12-11 01:12 - 0002231 _____ () C:\Users\Filip\AppData\Roaming\how_recover+fst.txt
2015-12-10 23:38 - 2015-12-10 23:38 - 0009990 _____ () C:\Users\Filip\AppData\Roaming\how_recover+hlg.html
2015-12-10 23:38 - 2015-12-10 23:38 - 0002231 _____ () C:\Users\Filip\AppData\Roaming\how_recover+hlg.txt
2015-12-11 01:12 - 2015-12-11 01:12 - 0009990 _____ () C:\Users\Filip\AppData\Roaming\Microsoft\how_recover+fst.html
2015-12-11 01:12 - 2015-12-11 01:12 - 0002231 _____ () C:\Users\Filip\AppData\Roaming\Microsoft\how_recover+fst.txt
2015-12-10 23:37 - 2015-12-10 23:37 - 0009990 _____ () C:\Users\Filip\AppData\Roaming\Microsoft\how_recover+hlg.html
2015-12-10 23:37 - 2015-12-10 23:37 - 0002231 _____ () C:\Users\Filip\AppData\Roaming\Microsoft\how_recover+hlg.txt
2015-12-11 00:51 - 2015-12-11 01:12 - 0009990 _____ () C:\Users\Filip\AppData\Local\how_recover+fst.html
2015-12-11 00:51 - 2015-12-11 01:12 - 0002231 _____ () C:\Users\Filip\AppData\Local\how_recover+fst.txt
2015-12-10 23:01 - 2015-12-10 23:38 - 0009990 _____ () C:\Users\Filip\AppData\Local\how_recover+hlg.html
2015-12-10 23:01 - 2015-12-10 23:38 - 0002231 _____ () C:\Users\Filip\AppData\Local\how_recover+hlg.txt
2014-04-01 15:30 - 2014-04-01 15:30 - 0001526 _____ () C:\Users\Filip\AppData\Local\recently-used.xbel
2015-05-30 14:24 - 2015-05-30 14:26 - 0007599 _____ () C:\Users\Filip\AppData\Local\Resmon.ResmonCfg
2015-04-17 14:49 - 2015-04-17 14:49 - 0000000 _____ () C:\Users\Filip\AppData\Local\{4B73639A-2DAA-44A9-8B41-C35E38C20266}
2016-01-02 20:35 - 2016-01-02 20:35 - 0000000 _____ () C:\Users\Filip\AppData\Local\{A5748294-50D3-4660-BB8E-92B939E36AC4}
2015-11-30 13:20 - 2015-11-30 13:20 - 0000000 _____ () C:\Users\Filip\AppData\Local\{BD4FCE9A-8E34-41D5-B121-1D56EEA73DE5}
2015-02-19 15:56 - 2015-02-19 15:56 - 0000000 _____ () C:\Users\Filip\AppData\Local\{D5DA3DB3-0458-437E-93BB-F2B60313E48D}
2015-12-11 00:51 - 2015-12-11 00:51 - 0009990 _____ () C:\ProgramData\how_recover+fst.html
2015-12-11 00:51 - 2015-12-11 00:51 - 0002231 _____ () C:\ProgramData\how_recover+fst.txt
2015-12-10 23:01 - 2015-12-10 23:01 - 0009990 _____ () C:\ProgramData\how_recover+hlg.html
2015-12-10 23:01 - 2015-12-10 23:01 - 0002231 _____ () C:\ProgramData\how_recover+hlg.txt

==================== Bamital & volsnap =================

(Il n'y a pas de correction automatique pour les fichiers qui ne satisfont pas à la vérification.)

C:\Windows\explorer.exe => Le fichier est signé numériquement
C:\Windows\system32\winlogon.exe => Le fichier est signé numériquement
C:\Windows\system32\wininit.exe => Le fichier est signé numériquement
C:\Windows\system32\svchost.exe => Le fichier est signé numériquement
C:\Windows\system32\services.exe => Le fichier est signé numériquement
C:\Windows\system32\User32.dll => Le fichier est signé numériquement
C:\Windows\system32\userinit.exe => Le fichier est signé numériquement
C:\Windows\system32\rpcss.dll => Le fichier est signé numériquement
C:\Windows\system32\dnsapi.dll => Le fichier est signé numériquement
C:\Windows\system32\Drivers\volsnap.sys => Le fichier est signé numériquement


LastRegBack: 2015-12-10 00:50

==================== Fin de FRST.txt ============================

Publicité


Signaler le contenu de ce document

Publicité