cjoint

Publicité


Publicité

Format du document : text/plain

Prévisualisation

Résultats d'analyse de Farbar Recovery Scan Tool (FRST) (x86) Version:08-06-2016
Exécuté par ghazi (administrateur) sur GHAZI-PC (07-06-2016 20:51:33)
Exécuté depuis C:\Users\ghazi\Desktop
Profils chargés: ghazi (Profils disponibles: ghazi)
Platform: Microsoft Windows 7 Édition Intégrale Service Pack 1 (X86) Langue: Français (France)
Internet Explorer Version 11 (Navigateur par défaut: Chrome)
Mode d'amorçage: Normal
Tutoriel pour Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processus (Avec liste blanche) =================

(Si un élément est inclus dans le fichier fixlist.txt, le processus sera arrêté. Le fichier ne sera pas déplacé.)

(BeeDoctor Private Limited ) C:\Program Files\BeeDoctor\0.1.1411.1712\PcgRtp.exe
(BeeDoctor Private Limited ) C:\Program Files\BeeDoctor\0.1.1411.1712\PCG.exe
(Smadsoft) C:\Program Files\SMADAV\SMΔRTP.exe
(Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jusched.exe
(SoftPerfect) C:\Program Files\NetWorx\networx.exe
() C:\Program Files\DFX\DFX.exe
(Murray Hurps Software Pty Ltd) C:\Program Files\Ad Muncher\AdMunch.exe
(Tonec Inc.) C:\Program Files\Internet Download Manager\IDMan.exe
(Tonec Inc.) C:\Program Files\Internet Download Manager\IEMonitor.exe
() C:\Program Files\DFX\Universal\Apps\DfxSharedApp32.exe
() C:\Program Files\DFX\Universal\Apps\dfxItunesSong.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Tweaking.com) C:\Program Files\Tweaking.com\Windows Repair (All in One)\WR_Tray_Icon.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jucheck.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Malwarebytes Corporation) C:\Program Files\Malwarebytes Anti-Malware\mbam.exe
(ESET) C:\Program Files\ESET\ESET Smart Security\ekrn.exe
(ESET) C:\Program Files\ESET\ESET Smart Security\egui.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe


==================== Registre (Avec liste blanche) ===========================

(Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé. Le fichier ne sera pas déplacé.)

HKLM\...\Run: [BeeDoctor-Tray] => C:\Program Files\BeeDoctor\0.1.1411.1712\pcgstartup.exe [831056 2014-11-16] (BeeDoctor Private Limited )
HKLM\...\Run: [SunJavaUpdateSched] => C:\Program Files\Common Files\Java\Java Update\jusched.exe [334896 2015-04-30] (Oracle Corporation)
HKLM\...\Run: [NetWorx] => C:\Program Files\NetWorx\networx.exe [4469440 2015-07-01] (SoftPerfect)
HKLM\...\Run: [DFX] => C:\Program Files\DFX\DFX.exe [1274840 2013-08-21] ()
HKLM\...\Run: [Ad Muncher] => C:\Program Files\Ad Muncher\AdMunch.exe [560760 2015-07-04] (Murray Hurps Software Pty Ltd)
HKLM\...\Run: [DriverChecker.exe] => C:\Program Files\Driver Checker\DriverChecker.exe [11707336 2012-11-08] ()
HKLM\...\Run: [SM�RT-Protection] => C:\Program Files\Smadav\SMΔRTP.exe [1772072 2016-06-02] (Smadsoft)
HKU\S-1-5-21-3154110856-3011521184-2105027530-1000\...\Run: [IDMan] => C:\Program Files\Internet Download Manager\IDMan.exe [3903056 2015-05-20] (Tonec Inc.)
HKU\S-1-5-21-3154110856-3011521184-2105027530-1000\...\Policies\Explorer: [NoLowDiskSpaceChecks] 1
ShellIconOverlayIdentifiers: [IDM Shell Extension] -> {CDC95B92-E27C-4745-A8C5-64A52A78855D} => C:\Program Files\Internet Download Manager\IDMShellExt.dll [2014-04-21] (Tonec Inc.)

==================== Internet (Avec liste blanche) ====================

(Si un élément est inclus dans le fichier fixlist.txt, s'il s'agit d'un élément du Registre, il sera supprimé ou restauré à la valeur par défaut.)

Winsock: Catalog5 08 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL Pas de fichier
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{29E02B18-48C5-4EFF-932C-E36909618721}: [NameServer] 4.2.2.3,4.2.2.4
Tcpip\..\Interfaces\{5453B48F-A94F-4753-9B7E-BDC725D36EC0}: [DhcpNameServer] 192.168.1.1

Internet Explorer:
==================
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
HKU\.DEFAULT\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
HKU\S-1-5-21-3154110856-3011521184-2105027530-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = www.bing.com
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = www.bing.com
HKU\S-1-5-21-3154110856-3011521184-2105027530-1000\Software\Microsoft\Internet Explorer\Main,Search Page = www.bing.com
HKU\S-1-5-21-3154110856-3011521184-2105027530-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://mido-online-trading.blogspot.com
BHO: Pas de nom -> {0055C089-8582-441B-A0BF-17B458C2A3A8} -> Pas de fichier
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_45\bin\ssv.dll [2015-07-04] (Oracle Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_45\bin\jp2ssv.dll [2015-07-04] (Oracle Corporation)

FireFox:
========
FF Plugin: @java.com/DTPlugin,version=11.45.2 -> C:\Program Files\Java\jre1.8.0_45\bin\dtplugin\npDeployJava1.dll [2015-07-04] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.45.2 -> C:\Program Files\Java\jre1.8.0_45\bin\plugin2\npjp2.dll [2015-07-04] (Oracle Corporation)
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.30.3\npGoogleUpdate3.dll [2016-05-14] (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.30.3\npGoogleUpdate3.dll [2016-05-14] (Google Inc.)
FF Plugin: @videolan.org/vlc,version=2.1.3 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2014-02-04] (VideoLAN)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2016-05-27] (Adobe Systems Inc.)
FF HKU\S-1-5-21-3154110856-3011521184-2105027530-1000\...\SeaMonkey\Extensions: [mozilla_cc@internetdownloadmanager.com] - C:\Users\ghazi\AppData\Roaming\IDM\idmmzcc5
FF Extension: IDM CC - C:\Users\ghazi\AppData\Roaming\IDM\idmmzcc5 [2016-06-07] [non signé]

Chrome:
=======
CHR Profile: C:\Users\ghazi\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Slides) - C:\Users\ghazi\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-06-30]
CHR Extension: (Google Docs) - C:\Users\ghazi\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-06-30]
CHR Extension: (Google Drive) - C:\Users\ghazi\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-11-29]
CHR Extension: (YouTube) - C:\Users\ghazi\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-10-06]
CHR Extension: (Recherche Google) - C:\Users\ghazi\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-11-29]
CHR Extension: (Disable Youtube™ HTML5 Player) - C:\Users\ghazi\AppData\Local\Google\Chrome\User Data\Default\Extensions\enmofgaijnbjpblfljopnpdogpldapoc [2015-07-11]
CHR Extension: (Google Docs hors connexion) - C:\Users\ghazi\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-03-17]
CHR Extension: (Turbo.net Extension) - C:\Users\ghazi\AppData\Local\Google\Chrome\User Data\Default\Extensions\ldibmiofagdkgiphkcokpooepankmacl [2016-05-21]
CHR Extension: (IDM Integration Module) - C:\Users\ghazi\AppData\Local\Google\Chrome\User Data\Default\Extensions\ngpampappnmepgilojfohadhhmbhlaek [2016-06-07]
CHR Extension: (Paiements via le Chrome Web Store) - C:\Users\ghazi\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-04-16]
CHR Extension: (Gmail) - C:\Users\ghazi\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-06-30]
CHR HKLM\...\Chrome\Extension: [ngpampappnmepgilojfohadhhmbhlaek] - C:\Program Files\Internet Download Manager\IDMGCExt.crx [2015-04-17]

==================== Services (Avec liste blanche) ========================

(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)

R2 ekrn; C:\Program Files\ESET\ESET Smart Security\ekrn.exe [1982752 2016-04-13] (ESET)
S2 MBAMService; C:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe [1133880 2015-06-18] (Malwarebytes Corporation)
R2 PCGRTP; C:\Program Files\BeeDoctor\0.1.1411.1712\PcgRtp.exe [1044688 2014-11-16] (BeeDoctor Private Limited )
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [680960 2014-08-03] (Microsoft Corporation)
S2 Update service; C:\Program Files\Popcorn Time\Updater.exe [X]

===================== Pilotes (Avec liste blanche) ==========================

(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)

R3 DFX11_1; C:\Windows\System32\drivers\dfx11_1.sys [24424 2012-12-13] (Windows (R) Win 7 DDK provider)
R1 eamonm; C:\Windows\System32\DRIVERS\eamonm.sys [206312 2016-05-12] (ESET)
R1 ehdrv; C:\Windows\System32\DRIVERS\ehdrv.sys [146024 2016-05-12] (ESET)
S2 ekbdflt; C:\Windows\System32\DRIVERS\ekbdflt.sys [111040 2016-05-12] (ESET)
R1 epfw; C:\Windows\System32\DRIVERS\epfw.sys [152728 2016-05-12] (ESET)
R1 EpfwLWF; C:\Windows\System32\DRIVERS\EpfwLWF.sys [44608 2016-05-12] (ESET)
R0 epfwwfp; C:\Windows\System32\DRIVERS\epfwwfp.sys [71488 2016-05-12] (ESET)
S3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [23256 2015-06-18] (Malwarebytes Corporation)
R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [98520 2016-06-07] (Malwarebytes Corporation)
S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [51928 2015-06-18] (Malwarebytes Corporation)
R1 networx; C:\Windows\System32\drivers\networx.sys [65256 2015-06-15] (NetFilterSDK.com)
R2 PcgSysMon; C:\Program Files\BeeDoctor\0.1.1411.1712\PcgSysMon.sys [116432 2014-08-21] (BeeDoctor Private Limited )
R3 RTL8187B; C:\Windows\System32\DRIVERS\RTL8187B.sys [379904 2010-03-31] (Realtek Semiconductor Corporation )
S0 TsFltMgr; C:\Windows\System32\drivers\TsFltMgr.sys [121424 2014-08-21] (BeeDoctor Private Limited )
S3 VGPU; System32\drivers\rdvgkmd.sys [X]

==================== NetSvcs (Avec liste blanche) ===================

(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)


==================== Un mois - Créés - fichiers et dossiers ========

(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)

2016-06-07 20:51 - 2016-06-07 20:51 - 00011365 _____ C:\Users\ghazi\Desktop\FRST.txt
2016-06-07 20:49 - 2016-06-07 20:51 - 00000000 ____D C:\FRST
2016-06-07 20:48 - 2016-06-07 20:46 - 01735680 _____ (Farbar) C:\Users\ghazi\Desktop\FRST.exe
2016-06-07 17:27 - 2016-06-07 17:27 - 00002027 _____ C:\Users\Public\Desktop\ESET Protection des transactions bancaires.lnk
2016-06-07 17:27 - 2016-06-07 17:27 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ESET
2016-06-07 17:27 - 2016-06-07 17:27 - 00000000 ____D C:\ProgramData\ESET
2016-06-07 16:56 - 2016-06-07 16:57 - 00001390 _____ C:\Users\ghazi\Desktop\malwr.txt
2016-06-07 16:56 - 2016-06-07 16:56 - 00001390 _____ C:\malwr.txt
2016-06-07 16:25 - 2016-06-07 16:39 - 00098520 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2016-06-07 16:25 - 2016-06-07 16:25 - 00001064 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2016-06-07 16:25 - 2016-06-07 16:25 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2016-06-07 16:25 - 2016-06-07 16:25 - 00000000 ____D C:\ProgramData\Malwarebytes
2016-06-07 16:25 - 2016-06-07 16:25 - 00000000 ____D C:\Program Files\Malwarebytes Anti-Malware
2016-06-07 16:25 - 2015-06-18 08:41 - 00094936 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2016-06-07 16:25 - 2015-06-18 08:41 - 00051928 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2016-06-07 16:25 - 2015-06-18 08:41 - 00023256 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2016-06-07 16:14 - 2016-06-07 16:11 - 00002367 _____ C:\Users\ghazi\Desktop\AdwCleaner[C1].txt
2016-06-07 16:10 - 2016-06-07 16:10 - 00001983 _____ C:\Users\ghazi\Desktop\AdwCleaner1[S2].txt
2016-06-07 16:08 - 2016-06-07 16:04 - 03677248 _____ C:\Users\ghazi\Desktop\adwcleaner_5.119.exe
2016-06-07 15:36 - 2016-06-07 15:37 - 00269280 _____ C:\Windows\system32\FNTCACHE.DAT
2016-06-07 15:33 - 2016-06-07 15:33 - 00000000 __SHD C:\[Smad-Cage]
2016-06-07 15:33 - 2016-06-07 15:33 - 00000000 ____D C:\Users\ghazi\AppData\Roaming\Smadav
2016-06-07 15:32 - 2016-06-07 15:32 - 00001022 _____ C:\Users\Public\Desktop\SMADΔV.lnk
2016-06-07 15:32 - 2016-06-07 15:32 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SMADAV Antivirus
2016-06-07 15:32 - 2016-06-07 15:32 - 00000000 ____D C:\Program Files\SMADAV
2016-06-07 14:59 - 2016-06-07 14:59 - 00000882 _____ C:\Users\ghazi\Desktop\ZHPDiag.lnk
2016-06-07 14:58 - 2016-06-07 14:57 - 02213888 _____ C:\Users\ghazi\Desktop\ZHPDiag3 (2).exe
2016-06-07 14:57 - 2016-06-07 14:57 - 02213888 _____ C:\Users\ghazi\Downloads\ZHPDiag3 (2).exe
2016-05-26 22:57 - 2016-06-07 15:02 - 00067924 _____ C:\Users\ghazi\Desktop\ZHPDiag.txt
2016-05-26 22:55 - 2016-06-07 15:08 - 00000000 ____D C:\Users\ghazi\AppData\Roaming\ZHP
2016-05-26 22:53 - 2016-05-26 22:53 - 02210304 _____ C:\Users\ghazi\Desktop\ZHPDiag3 (1).exe
2016-05-26 22:52 - 2016-05-26 22:53 - 02210304 _____ C:\Users\ghazi\Downloads\ZHPDiag3 (1).exe
2016-05-26 22:52 - 2016-05-26 22:52 - 02210304 _____ C:\Users\ghazi\Downloads\ZHPDiag3.exe
2016-05-26 14:51 - 2016-05-26 14:51 - 00024675 _____ C:\Users\ghazi\Desktop\DxDiag.txt
2016-05-22 15:55 - 2016-05-22 15:55 - 00000000 ____D C:\Users\ghazi\AppData\LocalLow\uTorrent
2016-05-16 02:55 - 2016-04-23 09:24 - 00346312 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2016-05-16 02:55 - 2016-04-22 21:20 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2016-05-16 02:55 - 2016-04-22 21:20 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2016-05-16 02:55 - 2016-04-22 21:11 - 20350464 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2016-05-16 02:55 - 2016-04-22 21:08 - 00497152 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2016-05-16 02:55 - 2016-04-22 21:08 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2016-05-16 02:55 - 2016-04-22 21:08 - 00047616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2016-05-16 02:55 - 2016-04-22 21:07 - 00341504 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2016-05-16 02:55 - 2016-04-22 21:07 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2016-05-16 02:55 - 2016-04-22 21:04 - 02285568 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2016-05-16 02:55 - 2016-04-22 21:02 - 00047104 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2016-05-16 02:55 - 2016-04-22 21:01 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2016-05-16 02:55 - 2016-04-22 20:59 - 00476160 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2016-05-16 02:55 - 2016-04-22 20:58 - 00663552 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2016-05-16 02:55 - 2016-04-22 20:58 - 00620032 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2016-05-16 02:55 - 2016-04-22 20:58 - 00115712 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2016-05-16 02:55 - 2016-04-22 20:58 - 00102912 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2016-05-16 02:55 - 2016-04-22 20:53 - 00667648 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2016-05-16 02:55 - 2016-04-22 20:50 - 00416256 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2016-05-16 02:55 - 2016-04-22 20:45 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2016-05-16 02:55 - 2016-04-22 20:44 - 00091136 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2016-05-16 02:55 - 2016-04-22 20:43 - 00168960 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2016-05-16 02:55 - 2016-04-22 20:41 - 00076288 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2016-05-16 02:55 - 2016-04-22 20:40 - 00279040 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2016-05-16 02:55 - 2016-04-22 20:39 - 00130048 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2016-05-16 02:55 - 2016-04-22 20:36 - 04611072 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2016-05-16 02:55 - 2016-04-22 20:33 - 00230400 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2016-05-16 02:55 - 2016-04-22 20:31 - 00693248 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2016-05-16 02:55 - 2016-04-22 20:31 - 00689664 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2016-05-16 02:55 - 2016-04-22 20:30 - 02056192 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2016-05-16 02:55 - 2016-04-22 20:30 - 01155072 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2016-05-16 02:55 - 2016-04-22 20:26 - 13811200 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2016-05-16 02:55 - 2016-04-22 20:12 - 02121216 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2016-05-16 02:55 - 2016-04-22 20:09 - 01312256 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2016-05-16 02:55 - 2016-04-22 20:07 - 00710144 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2016-05-16 02:43 - 2016-04-08 23:54 - 00306176 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2016-05-16 02:42 - 2016-04-14 06:49 - 00603648 _____ (Microsoft Corporation) C:\Windows\system32\d3d10level9.dll
2016-05-16 02:42 - 2016-04-08 22:40 - 02397696 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2016-05-16 02:42 - 2016-04-08 21:20 - 01230848 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll
2016-05-16 02:42 - 2016-04-06 03:36 - 00019968 _____ (Microsoft Corporation) C:\Windows\system32\jnwmon.dll
2016-05-16 02:42 - 2016-03-17 15:30 - 00171008 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2016-05-16 02:42 - 2016-03-17 15:28 - 01414144 _____ (Microsoft Corporation) C:\Windows\system32\ole32.dll
2016-05-16 02:42 - 2016-03-17 15:26 - 00872448 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2016-05-16 02:42 - 2016-03-17 15:26 - 00294400 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2016-05-16 02:42 - 2016-03-17 15:24 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2016-05-16 02:42 - 2016-03-17 15:24 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2016-05-16 02:42 - 2016-03-17 15:24 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2016-05-16 02:42 - 2016-03-17 15:24 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2016-05-16 02:42 - 2016-03-17 15:24 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2016-05-16 02:42 - 2016-03-17 15:24 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2016-05-16 02:42 - 2016-03-17 15:24 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2016-05-16 02:42 - 2016-03-17 15:24 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2016-05-16 02:42 - 2016-03-17 15:24 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2016-05-16 02:42 - 2016-03-17 15:24 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2016-05-16 02:42 - 2016-03-17 15:24 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2016-05-16 02:42 - 2016-03-17 15:24 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2016-05-16 02:42 - 2016-03-17 15:24 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2016-05-16 02:42 - 2016-03-17 15:24 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2016-05-16 02:42 - 2016-03-17 15:24 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2016-05-16 02:42 - 2016-03-17 15:24 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2016-05-16 02:42 - 2016-03-17 15:24 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2016-05-16 02:42 - 2016-03-17 15:24 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2016-05-16 02:42 - 2016-03-17 15:24 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2016-05-16 02:42 - 2016-03-17 15:24 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2016-05-16 02:42 - 2016-03-17 15:24 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2016-05-16 02:42 - 2016-03-17 15:24 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2016-05-16 02:42 - 2016-03-17 15:24 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2016-05-16 02:42 - 2016-03-17 15:24 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2016-05-16 02:42 - 2016-03-17 14:36 - 00271360 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2016-05-16 02:42 - 2016-03-17 14:29 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2016-05-16 02:42 - 2016-03-17 14:29 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2016-05-16 02:42 - 2016-03-17 14:29 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2016-05-16 02:42 - 2016-03-17 14:29 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2016-05-16 02:37 - 2016-04-08 23:54 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2016-05-16 02:37 - 2016-03-15 16:53 - 00566272 _____ (Microsoft Corporation) C:\Windows\system32\samsrv.dll
2016-05-16 02:37 - 2016-03-15 16:53 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\samlib.dll
2016-05-16 02:32 - 2016-04-08 23:59 - 03998952 _____ (Microsoft Corporation) C:\Windows\system32\ntkrnlpa.exe
2016-05-16 02:32 - 2016-04-08 23:59 - 03943144 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2016-05-16 02:32 - 2016-04-08 23:59 - 00730344 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys
2016-05-16 02:32 - 2016-04-08 23:59 - 00218856 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgmms1.sys
2016-05-16 02:32 - 2016-04-08 23:59 - 00137960 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2016-05-16 02:32 - 2016-04-08 23:59 - 00067304 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2016-05-16 02:32 - 2016-04-08 23:57 - 01310528 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2016-05-16 02:32 - 2016-04-08 23:54 - 01062400 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2016-05-16 02:32 - 2016-04-08 23:54 - 00690688 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2016-05-16 02:32 - 2016-04-08 23:54 - 00655360 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2016-05-16 02:32 - 2016-04-08 23:54 - 00644096 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
2016-05-16 02:32 - 2016-04-08 23:54 - 00553472 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2016-05-16 02:32 - 2016-04-08 23:54 - 00400896 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2016-05-16 02:32 - 2016-04-08 23:54 - 00260608 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2016-05-16 02:32 - 2016-04-08 23:54 - 00251392 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2016-05-16 02:32 - 2016-04-08 23:54 - 00223232 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2016-05-16 02:32 - 2016-04-08 23:54 - 00171520 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2016-05-16 02:32 - 2016-04-08 23:54 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2016-05-16 02:32 - 2016-04-08 23:54 - 00141312 _____ (Microsoft Corporation) C:\Windows\system32\rpchttp.dll
2016-05-16 02:32 - 2016-04-08 23:54 - 00107520 _____ (Microsoft Corporation) C:\Windows\system32\cdd.dll
2016-05-16 02:32 - 2016-04-08 23:54 - 00099840 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2016-05-16 02:32 - 2016-04-08 23:54 - 00065536 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2016-05-16 02:32 - 2016-04-08 23:54 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2016-05-16 02:32 - 2016-04-08 23:54 - 00050688 _____ (Microsoft Corporation) C:\Windows\system32\appidapi.dll
2016-05-16 02:32 - 2016-04-08 23:54 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\setbcdlocale.dll
2016-05-16 02:32 - 2016-04-08 23:54 - 00043008 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2016-05-16 02:32 - 2016-04-08 23:54 - 00038912 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2016-05-16 02:32 - 2016-04-08 23:54 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2016-05-16 02:32 - 2016-04-08 23:54 - 00017408 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2016-05-16 02:32 - 2016-04-08 23:54 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2016-05-16 02:32 - 2016-04-08 22:42 - 00097792 _____ (Microsoft Corporation) C:\Windows\system32\appidpolicyconverter.exe
2016-05-16 02:32 - 2016-04-08 22:42 - 00050688 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\appid.sys
2016-05-16 02:32 - 2016-04-08 22:42 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2016-05-16 02:32 - 2016-04-08 22:42 - 00029696 _____ (Microsoft Corporation) C:\Windows\system32\appidsvc.dll
2016-05-16 02:32 - 2016-04-08 22:42 - 00016896 _____ (Microsoft Corporation) C:\Windows\system32\appidcertstorecheck.exe
2016-05-16 02:32 - 2016-04-08 22:40 - 00262656 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2016-05-16 02:32 - 2016-04-08 22:38 - 00226304 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2016-05-16 02:32 - 2016-04-08 22:38 - 00124416 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2016-05-16 02:32 - 2016-04-08 22:38 - 00098304 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2016-05-16 02:32 - 2016-04-08 22:37 - 00069632 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2016-05-16 02:32 - 2016-04-08 22:37 - 00036352 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll
2016-05-16 02:32 - 2016-04-08 22:37 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2016-05-16 02:32 - 2016-04-08 22:37 - 00015872 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2016-05-16 02:32 - 2016-03-06 11:38 - 01240576 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2016-05-16 02:32 - 2016-03-06 11:38 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll
2016-05-12 10:48 - 2016-05-12 10:48 - 00206312 _____ (ESET) C:\Windows\system32\Drivers\eamonm.sys
2016-05-12 10:48 - 2016-05-12 10:48 - 00152728 _____ (ESET) C:\Windows\system32\Drivers\epfw.sys
2016-05-12 10:48 - 2016-05-12 10:48 - 00146024 _____ (ESET) C:\Windows\system32\Drivers\ehdrv.sys
2016-05-12 10:48 - 2016-05-12 10:48 - 00111040 _____ (ESET) C:\Windows\system32\Drivers\ekbdflt.sys
2016-05-12 10:48 - 2016-05-12 10:48 - 00071488 _____ (ESET) C:\Windows\system32\Drivers\epfwwfp.sys
2016-05-12 10:48 - 2016-05-12 10:48 - 00044608 _____ (ESET) C:\Windows\system32\Drivers\EpfwLWF.sys

==================== Un mois - Modifiés - fichiers et dossiers ========

(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)

2016-06-07 20:49 - 2015-06-30 09:32 - 00000000 ____D C:\ProgramData\BeeDoctor
2016-06-07 20:41 - 2009-07-13 21:34 - 00022528 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2016-06-07 20:41 - 2009-07-13 21:34 - 00022528 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2016-06-07 17:29 - 2009-07-13 19:37 - 00000000 ____D C:\Windows\inf
2016-06-07 17:27 - 2015-06-30 08:52 - 00000000 ____D C:\Users\ghazi\AppData\Roaming\DMCache
2016-06-07 16:12 - 2009-07-13 21:53 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2016-06-07 16:11 - 2015-06-30 09:19 - 00000000 ____D C:\AdwCleaner
2016-06-07 15:41 - 2011-04-11 18:35 - 00691180 _____ C:\Windows\system32\perfh00C.dat
2016-06-07 15:41 - 2011-04-11 18:35 - 00126666 _____ C:\Windows\system32\perfc00C.dat
2016-06-07 15:41 - 2010-11-20 14:01 - 01549700 _____ C:\Windows\system32\PerfStringBackup.INI
2016-06-07 15:26 - 2015-06-30 08:52 - 00000000 ____D C:\Users\ghazi\Downloads\Compressed
2016-06-04 22:06 - 2016-01-22 00:54 - 00000000 ____D C:\Users\ghazi\Desktop\art
2016-06-04 03:06 - 2016-03-17 14:13 - 00002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2016-06-02 04:05 - 2016-02-13 10:15 - 00000000 ____D C:\Users\ghazi\Downloads\Video
2016-06-01 20:58 - 2015-06-30 09:40 - 00000000 ____D C:\Users\ghazi\AppData\Roaming\vlc
2016-05-22 18:22 - 2015-06-30 08:07 - 00001058 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2016-05-22 18:22 - 2015-06-30 08:07 - 00001054 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2016-05-22 15:56 - 2015-07-07 19:27 - 00000000 ____D C:\Users\ghazi\AppData\Roaming\uTorrent
2016-05-16 05:52 - 2009-07-13 19:37 - 00000000 ____D C:\Windows\rescache
2016-05-16 05:07 - 2011-04-11 18:44 - 00000000 ____D C:\Program Files\Windows Journal
2016-05-15 04:43 - 2015-06-30 08:16 - 00002139 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-05-09 21:58 - 2015-07-04 06:41 - 00000000 ____D C:\Users\ghazi\AppData\Roaming\SPlayer

==================== Fichiers à la racine de certains dossiers =======

2014-06-17 21:30 - 2014-06-17 21:30 - 0010375 _____ () C:\ProgramData\regid.2008-04.com.caricaturesoft_4ECD9E60-F79E-481F-B428-F04A7E9EF846.swidtag

Certains fichiers dans TEMP:
====================
C:\Users\ghazi\AppData\Local\Temp\libeay32.dll
C:\Users\ghazi\AppData\Local\Temp\msvcr120.dll
C:\Users\ghazi\AppData\Local\Temp\sqlite3.dll


==================== Bamital & volsnap =================

(Il n'y a pas de correction automatique pour les fichiers qui ne satisfont pas à la vérification.)

C:\Windows\explorer.exe => Le fichier est signé numériquement
C:\Windows\system32\winlogon.exe => Le fichier est signé numériquement
C:\Windows\system32\wininit.exe => Le fichier est signé numériquement
C:\Windows\system32\svchost.exe => Le fichier est signé numériquement
C:\Windows\system32\services.exe => Le fichier est signé numériquement
C:\Windows\system32\User32.dll => Le fichier est signé numériquement
C:\Windows\system32\userinit.exe => Le fichier est signé numériquement
C:\Windows\system32\rpcss.dll => Le fichier est signé numériquement
C:\Windows\system32\dnsapi.dll => Le fichier est signé numériquement
C:\Windows\system32\Drivers\volsnap.sys => Le fichier est signé numériquement


LastRegBack: 2016-06-07 07:03

==================== Fin de FRST.txt ============================

Publicité


Signaler le contenu de ce document

Publicité