cjoint

Publicité


Publicité

Format du document : text/plain

Prévisualisation

Résultats d'analyse de Farbar Recovery Scan Tool (FRST) (x86) Version: 02-07-2016
Exécuté par Elise (administrateur) sur SIMF20110713A (07-07-2016 19:12:46)
Exécuté depuis C:\Users\Elise\Downloads
Profils chargés: Elise (Profils disponibles: Elise & Administrateur)
Platform: Microsoft Windows 7 Professionnel Service Pack 1 (X86) Langue: Français (France)
Internet Explorer Version 10 (Navigateur par défaut: FF)
Mode d'amorçage: Normal
Tutoriel pour Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processus (Avec liste blanche) =================

(Si un élément est inclus dans le fichier fixlist.txt, le processus sera arrêté. Le fichier ne sera pas déplacé.)

(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\Wacom\WTabletServicePro.exe
(UPEK Inc.) C:\Program Files\Common Files\SPBA\upeksvr.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Wave Systems Corp.) C:\Program Files\Dell\Dell Data Protection\Access\Advanced\Wave\Trusted Drive Manager\TdmService.exe
(HP) C:\Program Files\HP\HPLaserJetService\HPLaserJetService.exe
(Intel Corporation) C:\Windows\System32\IPROSetMonitor.exe
(Intel(R) Corporation) C:\Program Files\Intel\BCA\pabeSvc.exe
(Intel Corporation) C:\Program Files\Intel\Services\IPT\jhi_service.exe
(Realtek Semiconductor Corp.) C:\Program Files\Realtek\USB Wireless LAN Utility\RtlService.exe
(McAfee, Inc.) C:\Program Files\TrueKey\McAfee.TrueKey.Service.exe
(McAfee, Inc.) C:\Program Files\TrueKey\McAfee.TrueKey.ServiceHelper.exe
(Microsoft Corp.) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVCM.EXE
(Microsoft Corporation) C:\Windows\System32\wbem\unsecapp.exe
(Realtek Semiconductor Corp.) C:\Program Files\Realtek\Audio\HDA\RtDCpl.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Microsoft Corporation) C:\Program Files\Microsoft IntelliPoint\ipoint.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
() C:\Windows\Samsung\PanelMgr\SSMMgr.exe
() C:\Users\Elise\AppData\Roaming\cacaoweb\cacaoweb.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\NisSrv.exe
(Realtek Semiconductor Corp.) C:\Program Files\Realtek\USB Wireless LAN Utility\RtWLan.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\Wacom\Wacom_TabletUser.exe
(Wacom Technology) C:\Program Files\Tablet\Wacom\WacomHost.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\Wacom\Wacom_Tablet.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\Wacom\Wacom_TouchUser.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ink\InputPersonalization.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(McAfee, Inc.) C:\Program Files\TrueKey\McTkSchedulerService.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MpCmdRun.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MpCmdRun.exe


==================== Registre (Avec liste blanche) ===========================

(Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé. Le fichier ne sera pas déplacé.)

HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RtDCpl.exe [2697832 2010-10-04] (Realtek Semiconductor Corp.)
HKLM\...\Run: [] => [X]
HKLM\...\Run: [IntelliPoint] => c:\Program Files\Microsoft IntelliPoint\ipoint.exe [1821576 2011-08-01] (Microsoft Corporation)
HKLM\...\Run: [tvncontrol] => "C:\Program Files\TightVNC\tvnserver.exe" -controlservice -slave
HKLM\...\Run: [MSC] => C:\Program Files\Microsoft Security Client\msseces.exe [986872 2016-01-29] (Microsoft Corporation)
HKLM\...\Run: [Samsung PanelMgr] => C:\Windows\Samsung\PanelMgr\ssmmgr.exe [618496 2010-06-07] ()
HKLM\...\Run: [Adobe ARM] => "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
HKLM\...\Run: [SunJavaUpdateSched] => C:\Program Files\Common Files\Java\Java Update\jusched.exe [594992 2016-01-29] (Oracle Corporation)
Winlogon\Notify\spba: C:\Program Files\Common Files\SPBA\homefus2.dll [2010-09-15] (UPEK Inc.)
HKU\S-1-5-21-3370336550-674394476-552704960-1015\...\Run: [cacaoweb] => C:\Users\Elise\AppData\Roaming\cacaoweb\cacaoweb.exe [564016 2016-07-06] ()
AppInit_DLLs: C:\PROGRA~1\Sophos\SOPHOS~1\SOPHOS~1.DLL => C:\Program Files\Sophos\Sophos Anti-Virus\sophos_detoured.dll [221840 2012-08-08] (Sophos Limited)
Lsa: [Authentication Packages] msv1_0 wvauth
Lsa: [Notification Packages] scecli C:\Program Files\TrueKey\McAfeeTrueKeyPasswordFilter
ShellIconOverlayIdentifiers: [EnabledUnlockedFDEIconOverlay] -> {30D3C2AF-9709-4D05-9CF4-13335F3C1E4A} => C:\Program Files\Dell\Dell Data Protection\Access\Advanced\Wave\Trusted Drive Manager\TdmIconOverlay.dll [2010-10-16] (Wave Systems Corp.)
ShellIconOverlayIdentifiers: [UninitializedFdeIconOverlay] -> {CF08DA3E-C97D-4891-A66B-E39B28DD270F} => C:\Program Files\Dell\Dell Data Protection\Access\Advanced\Wave\Trusted Drive Manager\TdmIconOverlay.dll [2010-10-16] (Wave Systems Corp.)
GroupPolicyScripts: Restriction <======= ATTENTION
GroupPolicyScripts\User: Restriction <======= ATTENTION

==================== Internet (Avec liste blanche) ====================

(Si un élément est inclus dans le fichier fixlist.txt, s'il s'agit d'un élément du Registre, il sera supprimé ou restauré à la valeur par défaut.)

Hosts: Il y a plus d'un élément dans hosts. Voir la section Hosts de Addition.txt
Tcpip\Parameters: [DhcpNameServer] 212.27.40.241 212.27.40.240
Tcpip\..\Interfaces\{DBDD53A5-5B66-4A48-8674-5F73596E51F4}: [DhcpNameServer] 212.27.40.241 212.27.40.240
Tcpip\..\Interfaces\{E281825E-E844-4C17-8FFE-240B6BF6A449}: [DhcpNameServer] 212.27.40.241 212.27.40.240

Internet Explorer:
==================
SearchScopes: HKLM -> DefaultScope {B32638CE-5CD2-43A9-BD50-9BEF939EFE4E} URL = hxxp://www.bing.com/search?q={searchTerms}&form=DLRDF8&pc=MDDR&src=IE-SearchBox
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM -> {B32638CE-5CD2-43A9-BD50-9BEF939EFE4E} URL = hxxp://www.bing.com/search?q={searchTerms}&form=DLRDF8&pc=MDDR&src=IE-SearchBox
SearchScopes: HKU\S-1-5-21-3370336550-674394476-552704960-1015 -> DefaultScope {B32638CE-5CD2-43A9-BD50-9BEF939EFE4E} URL =
BHO: Aide pour le lien d'Adobe PDF Reader -> {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} -> C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [2012-09-23] (Adobe Systems Incorporated)
BHO: True Key Helper -> {0F4B8786-5502-4803-8EBC-F652A1153BB6} -> C:\Program Files\Intel Security\True Key\MSIE\truekey_ie.dll [2016-06-28] (Intel Security)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Users\Elise\AppData\Roaming\.ascentia\bin\ssv.dll [2016-06-21] (Oracle Corporation)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21] (Microsoft Corp.)
BHO: Adobe PDF Conversion Toolbar Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll [2011-08-30] (Adobe Systems Incorporated)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Users\Elise\AppData\Roaming\.ascentia\bin\jp2ssv.dll [2016-06-21] (Oracle Corporation)
Toolbar: HKLM - Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll [2011-08-30] (Adobe Systems Incorporated)
Toolbar: HKLM - True Key - {4BAAC1B8-0800-42C9-8FA6-08B211F356B8} - C:\Program Files\Intel Security\True Key\MSIE\truekey_ie.dll [2016-06-28] (Intel Security)
Toolbar: HKU\S-1-5-21-3370336550-674394476-552704960-1015 -> Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll [2011-08-30] (Adobe Systems Incorporated)
DPF: {CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_33-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_33-windows-i586.cab

FireFox:
========
FF ProfilePath: C:\Users\Elise\AppData\Roaming\Mozilla\Firefox\Profiles\lbvx6e7o.default-1445248648741
FF Homepage: hxxps://www.google.fr/
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32_22_0_0_192.dll [2016-07-06] ()
FF Plugin: @java.com/DTPlugin,version=11.73.2 -> C:\Users\Elise\AppData\Roaming\.ascentia\bin\dtplugin\npDeployJava1.dll [2016-06-21] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.73.2 -> C:\Users\Elise\AppData\Roaming\.ascentia\bin\plugin2\npjp2.dll [2016-06-21] (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE -> disabled [Pas de fichier]
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.50428.0\npctrl.dll [2016-04-27] ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~1\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll [2010-11-10] (Microsoft Corporation)
FF Plugin: @microsoft.com/WLPG,version=15.4.3508.1109 -> C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll [2010-11-10] (Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=2.1.1 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.2.1 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin: @wacom.com/wtPlugin,version=2.1.0.7 -> C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll [2014-03-25] (Wacom)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2014-12-03] (Adobe Systems Inc.)
FF Plugin: wacom.com/WacomTabletPlugin -> C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll [2014-03-25] (Wacom)
FF Extension: cacaoweb - C:\Users\Elise\AppData\Roaming\Mozilla\Firefox\Profiles\lbvx6e7o.default-1445248648741\Extensions\cacaoweb@cacaoweb.org [2016-07-06] [non signé]
FF Extension: Adblock Plus - C:\Users\Elise\AppData\Roaming\Mozilla\Firefox\Profiles\lbvx6e7o.default-1445248648741\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2016-04-29]
FF Extension: Java Console - C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA} [2013-08-22] [non signé]

==================== Services (Avec liste blanche) ========================

(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)

S3 FLEXnet Licensing Service; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [654848 2011-08-10] (Macrovision Europe Ltd.) [Fichier non signé]
R2 HP LaserJet Service; C:\Program Files\HP\HPLaserJetService\HPLaserJetService.exe [136192 2009-06-01] (HP) [Fichier non signé]
R2 Intel(R) PROSet Monitoring Service; C:\Windows\system32\IProsetMonitor.exe [110752 2010-09-22] (Intel Corporation)
R2 IntelBCAsvc; C:\Program Files\Intel\BCA\pabeSvc.exe [2377368 2016-05-06] (Intel(R) Corporation)
R2 jhi_service; C:\Program Files\Intel\Services\IPT\jhi_service.exe [212944 2011-02-24] (Intel Corporation)
R2 MsMpSvc; C:\Program Files\Microsoft Security Client\MsMpEng.exe [22216 2016-01-29] (Microsoft Corporation)
R2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [44032 2009-05-14] (Hewlett-Packard) [Fichier non signé]
R3 NisSrv; C:\Program Files\Microsoft Security Client\NisSrv.exe [292816 2016-01-29] (Microsoft Corporation)
R2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [53760 2009-05-14] (Hewlett-Packard) [Fichier non signé]
R2 RealtekCU; C:\Program Files\Realtek\USB Wireless LAN Utility\RtlService.exe [36864 2012-05-10] (Realtek Semiconductor Corp.) [Fichier non signé]
S3 RoxMediaDB12OEM; C:\Program Files\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxMediaDB12OEM.exe [1116656 2010-11-25] (Sonic Solutions)
S2 RoxWatch12; C:\Program Files\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatch12OEM.exe [219632 2010-11-25] (Sonic Solutions)
S4 SAVAdminService; C:\Program Files\Sophos\Sophos Anti-Virus\SAVAdminService.exe [216640 2012-09-17] (Sophos Limited)
S4 SAVService; C:\Program Files\Sophos\Sophos Anti-Virus\SavService.exe [139840 2012-07-05] (Sophos Limited)
S3 SecureStorageService; C:\Program Files\Dell\Dell Data Protection\Access\Advanced\Wave\Secure Storage Manager\SecureStorageService.exe [1477632 2010-11-03] (Wave Systems Corp.) [Fichier non signé]
S4 Sophos Web Control Service; C:\Program Files\Sophos\Sophos Anti-Virus\Web Control\swc_service.exe [357400 2012-05-14] (Sophos Limited)
S2 tcsd_win32.exe; C:\Program Files\NTRU Cryptosystems\NTRU TCG Software Stack\bin\tcsd_win32.exe [1629696 2010-07-13] () [Fichier non signé]
R2 TdmService; C:\Program Files\Dell\Dell Data Protection\Access\Advanced\Wave\Trusted Drive Manager\TdmService.exe [2336104 2010-10-16] (Wave Systems Corp.)
R2 TrueKey; C:\Program Files\TrueKey\McAfee.TrueKey.Service.exe [906208 2016-06-22] (McAfee, Inc.)
R2 TrueKeyScheduler; C:\Program Files\TrueKey\McTkSchedulerService.exe [16792 2016-06-22] (McAfee, Inc.)
R2 TrueKeyServiceHelper; C:\Program Files\TrueKey\McAfee.TrueKey.ServiceHelper.exe [73968 2016-06-22] (McAfee, Inc.)
S3 uvnc_service; C:\Program Files\UltraVNC\WinVNC.exe [2016504 2011-05-18] (UltraVNC)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [680960 2013-05-27] (Microsoft Corporation)
R2 WTabletServicePro; C:\Program Files\Tablet\Wacom\WTabletServicePro.exe [613568 2015-08-21] (Wacom Technology, Corp.)
S2 InstallerService; "C:\Program Files\TrueKey\Mcafee.TrueKey.InstallerService.exe" [X]
S4 Sophos AutoUpdate Service; "C:\Program Files\Sophos\AutoUpdate\ALsvc.exe" [X]
S4 swi_update; "C:\ProgramData\Sophos\Web Intelligence\swi_update.exe" [X]

===================== Pilotes (Avec liste blanche) ==========================

(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)

S3 blackberryncm; C:\Windows\System32\DRIVERS\blackberryncm6.sys [32776 2016-04-06] (BlackBerry)
R3 e1cexpress; C:\Windows\System32\DRIVERS\e1c6232.sys [268968 2011-07-20] (Intel Corporation)
S3 GTUHSBUS; C:\Windows\System32\DRIVERS\gtuhsbus.sys [66560 2009-05-30] (Option N.V.) [Fichier non signé]
S3 GTUHSNDISIPXP; C:\Windows\System32\DRIVERS\gtuhs51.sys [107520 2009-05-30] (Option N.V.) [Fichier non signé]
S3 GTUHSSER; C:\Windows\System32\DRIVERS\gtuhsser.sys [8064 2009-05-30] (Option N.V.)
S3 hidkmdf; C:\Windows\System32\DRIVERS\hidkmdf.sys [12056 2015-04-28] (Windows (R) Win 7 DDK provider)
R3 IntcAzAudAddService; C:\Windows\System32\drivers\RTDVHDA.sys [2749416 2010-10-04] (Realtek Semiconductor Corp.)
R3 MEI; C:\Windows\System32\DRIVERS\HECI.sys [41088 2010-10-20] (Intel Corporation)
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [253704 2015-11-13] (Microsoft Corporation)
S3 netvsc; C:\Windows\System32\DRIVERS\netvsc60.sys [126464 2010-11-20] (Microsoft Corporation)
R0 PBADRV; C:\Windows\System32\DRIVERS\PBADRV.sys [26608 2008-06-04] (Dell Inc)
S3 rimvndis; C:\Windows\System32\Drivers\rimvndis6.sys [14336 2013-04-26] (Research in Motion Limited)
R3 RtlWlanu; C:\Windows\System32\DRIVERS\rtwlanu.sys [1345168 2012-11-07] (Realtek Semiconductor Corporation )
R1 SAVOnAccess; C:\Windows\System32\DRIVERS\savonaccess.sys [123680 2012-05-14] (Sophos Limited)
S3 SophosBootDriver; C:\Windows\System32\DRIVERS\SophosBootDriver.sys [22536 2011-08-01] (Sophos Plc)
R2 SSPORT; C:\Windows\system32\Drivers\SSPORT.sys [5120 2009-09-10] (Samsung Electronics) [Fichier non signé]
S3 SynthVid; C:\Windows\System32\DRIVERS\VMBusVideoM.sys [19456 2010-11-20] (Microsoft Corporation)
S3 usbrndis6; C:\Windows\system32\drivers\usb80236.sys [15872 2013-02-12] (Microsoft Corporation)
S3 vncmirror; C:\Windows\System32\DRIVERS\vncmirror.sys [4608 2012-08-15] (RealVNC Ltd.)
S3 WacHidRouter; C:\Windows\System32\DRIVERS\wachidrouter.sys [88856 2015-04-28] (Wacom Technology)
S3 wacomrouterfilter; C:\Windows\System32\DRIVERS\wacomrouterfilter.sys [13080 2015-04-28] (Wacom Technology)
S2 DgiVecp; \??\C:\Windows\system32\Drivers\DgiVecp.sys [X]
S3 VMnetAdapter; system32\DRIVERS\vmnetadapter.sys [X]

==================== NetSvcs (Avec liste blanche) ===================

(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)


==================== Un mois - Créés - fichiers et dossiers ========

(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)

2016-07-07 19:12 - 2016-07-07 19:13 - 00017579 _____ C:\Users\Elise\Downloads\FRST.txt
2016-07-07 19:10 - 2016-07-07 19:12 - 00000000 ____D C:\FRST
2016-07-07 19:10 - 2016-07-07 19:10 - 01740288 _____ (Farbar) C:\Users\Elise\Downloads\FRST.exe
2016-07-07 13:41 - 2016-07-07 13:41 - 00000000 ____D C:\ProgramData\Skype
2016-07-06 22:17 - 2016-07-06 22:17 - 00000000 ____D C:\Users\Elise\AppData\Local\CEF
2016-07-06 22:16 - 2016-07-06 22:18 - 00000000 ____D C:\Users\Elise\AppData\Local\tkdata
2016-07-06 22:16 - 2016-07-06 22:16 - 00000000 ____D C:\ProgramData\TrueKey
2016-07-06 22:15 - 2016-07-07 19:01 - 00000000 ____D C:\Program Files\McAfee
2016-07-06 22:15 - 2016-07-07 13:41 - 00000000 ____D C:\Program Files\Common Files\McAfee
2016-07-06 22:15 - 2016-07-06 22:15 - 00000000 ____D C:\Program Files\Intel Security
2016-07-06 22:15 - 2016-07-06 22:15 - 00000000 ____D C:\Program Files\Common Files\AV
2016-07-06 21:56 - 2016-07-06 20:31 - 00000030 _____ C:\AVScanner.ini
2016-07-06 20:31 - 2016-07-07 13:41 - 00000000 ____D C:\ProgramData\McAfee
2016-07-06 20:31 - 2016-07-07 13:36 - 00000000 ____D C:\Program Files\TrueKey
2016-07-06 18:35 - 2016-07-07 19:08 - 00000000 ____D C:\Users\Elise\AppData\Roaming\cacaoweb
2016-07-06 18:35 - 2016-07-07 19:02 - 00564016 _____ C:\Users\Elise\Desktop\cacaoweb.exe
2016-07-06 18:35 - 2016-07-06 18:35 - 00564016 _____ C:\Users\Elise\Downloads\cacaoweb.exe
2016-07-06 18:30 - 2016-07-06 18:30 - 03712064 _____ C:\Users\Elise\Desktop\adwcleaner_5.201.exe
2016-07-06 18:29 - 2016-07-06 18:29 - 00000477 _____ C:\Users\Elise\Desktop\Nouveau nom (E) - Raccourci.lnk
2016-06-22 10:21 - 2008-07-31 10:41 - 00068616 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_1.dll
2016-06-22 10:21 - 2008-07-31 10:40 - 00509448 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_2.dll
2016-06-22 10:21 - 2008-07-12 08:18 - 03851784 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_39.dll
2016-06-22 10:21 - 2008-07-12 08:18 - 01493528 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_39.dll
2016-06-22 10:21 - 2008-07-12 08:18 - 00467984 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_39.dll
2016-06-22 10:19 - 2016-06-22 10:25 - 00000000 ____D C:\Users\Elise\AppData\Roaming\Riot Games
2016-06-21 16:03 - 2016-06-21 16:03 - 00000000 ____D C:\Users\Elise\AppData\Roaming\.azlauncher
2016-06-21 16:02 - 2016-06-21 16:02 - 00095840 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge.dll
2016-06-21 16:02 - 2016-06-21 16:02 - 00000000 ____D C:\Users\Elise\AppData\Roaming\Sun
2016-06-21 16:02 - 2016-06-21 16:02 - 00000000 ____D C:\Users\Elise\.oracle_jre_usage
2016-06-21 16:02 - 2016-06-21 16:02 - 00000000 ____D C:\ProgramData\Oracle
2016-06-21 16:02 - 2016-06-21 16:02 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2016-06-21 16:02 - 2016-06-21 16:02 - 00000000 ____D C:\Program Files\Common Files\Java
2016-06-21 16:00 - 2016-06-21 16:00 - 00000000 ____D C:\Users\Elise\AppData\LocalLow\Oracle
2016-06-17 21:05 - 2016-05-11 17:19 - 00363520 _____ (Microsoft Corporation) C:\Windows\system32\StructuredQuery.dll
2016-06-17 21:05 - 2016-04-09 08:54 - 12881408 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2016-06-17 21:05 - 2016-04-09 08:54 - 01499648 _____ (Microsoft Corporation) C:\Windows\system32\ExplorerFrame.dll
2016-06-17 21:05 - 2016-04-09 07:44 - 02973184 _____ (Microsoft Corporation) C:\Windows\explorer.exe
2016-06-17 21:04 - 2016-06-06 17:26 - 00037096 _____ (Microsoft Corporation) C:\Windows\system32\CompatTelRunner.exe
2016-06-17 21:04 - 2016-06-06 17:23 - 01001472 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2016-06-17 21:04 - 2016-06-03 15:04 - 01225216 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2016-06-17 21:04 - 2016-05-27 15:05 - 00466944 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2016-06-17 21:04 - 2016-05-27 15:05 - 00461824 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2016-06-17 21:04 - 2016-05-27 15:05 - 00235520 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2016-06-17 21:04 - 2016-05-27 15:05 - 00205824 _____ (Microsoft Corporation) C:\Windows\system32\centel.dll
2016-06-17 21:04 - 2016-05-22 15:05 - 00065536 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2016-06-17 21:04 - 2016-05-13 23:54 - 00308456 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2016-06-17 21:04 - 2016-05-13 23:49 - 00070656 _____ (Microsoft Corporation) C:\Windows\system32\fontsub.dll
2016-06-17 21:04 - 2016-05-13 23:49 - 00026112 _____ (Microsoft Corporation) C:\Windows\system32\lpk.dll
2016-06-17 21:04 - 2016-05-13 23:49 - 00010240 _____ (Microsoft Corporation) C:\Windows\system32\dciman32.dll
2016-06-17 21:04 - 2016-05-13 23:27 - 00034304 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2016-06-17 21:04 - 2016-05-12 17:22 - 00137960 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2016-06-17 21:04 - 2016-05-12 17:22 - 00067304 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2016-06-17 21:04 - 2016-05-12 17:18 - 01062400 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2016-06-17 21:04 - 2016-05-12 17:18 - 00690688 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2016-06-17 21:04 - 2016-05-12 17:18 - 00655360 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2016-06-17 21:04 - 2016-05-12 17:18 - 00606720 _____ (Microsoft Corporation) C:\Windows\system32\gpsvc.dll
2016-06-17 21:04 - 2016-05-12 17:18 - 00591872 _____ (Microsoft Corporation) C:\Windows\system32\gpprefcl.dll
2016-06-17 21:04 - 2016-05-12 17:18 - 00553472 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2016-06-17 21:04 - 2016-05-12 17:18 - 00351744 _____ (Microsoft Corporation) C:\Windows\system32\IPSECSVC.DLL
2016-06-17 21:04 - 2016-05-12 17:18 - 00274944 _____ (Microsoft Corporation) C:\Windows\system32\polstore.dll
2016-06-17 21:04 - 2016-05-12 17:18 - 00260608 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2016-06-17 21:04 - 2016-05-12 17:18 - 00251392 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2016-06-17 21:04 - 2016-05-12 17:18 - 00223232 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2016-06-17 21:04 - 2016-05-12 17:18 - 00172032 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2016-06-17 21:04 - 2016-05-12 17:18 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2016-06-17 21:04 - 2016-05-12 17:18 - 00141312 _____ (Microsoft Corporation) C:\Windows\system32\rpchttp.dll
2016-06-17 21:04 - 2016-05-12 17:18 - 00099840 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2016-06-17 21:04 - 2016-05-12 17:18 - 00079360 _____ (Microsoft Corporation) C:\Windows\system32\gpapi.dll
2016-06-17 21:04 - 2016-05-12 17:18 - 00070144 _____ (Microsoft Corporation) C:\Windows\system32\winipsec.dll
2016-06-17 21:04 - 2016-05-12 17:18 - 00065536 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2016-06-17 21:04 - 2016-05-12 17:18 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2016-06-17 21:04 - 2016-05-12 17:18 - 00044032 _____ (Microsoft Corporation) C:\Windows\system32\FwRemoteSvr.dll
2016-06-17 21:04 - 2016-05-12 17:18 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2016-06-17 21:04 - 2016-05-12 17:18 - 00017408 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2016-06-17 21:04 - 2016-05-12 17:18 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2016-06-17 21:04 - 2016-05-12 16:57 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\gpscript.dll
2016-06-17 21:04 - 2016-05-12 16:57 - 00024576 _____ (Microsoft Corporation) C:\Windows\system32\gpscript.exe
2016-06-17 21:04 - 2016-05-12 16:56 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2016-06-17 21:04 - 2016-05-12 16:54 - 02397696 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2016-06-17 21:04 - 2016-05-12 16:52 - 00313856 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv2.sys
2016-06-17 21:04 - 2016-05-12 16:52 - 00310784 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv.sys
2016-06-17 21:04 - 2016-05-12 16:52 - 00226304 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2016-06-17 21:04 - 2016-05-12 16:52 - 00124416 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2016-06-17 21:04 - 2016-05-12 16:52 - 00115712 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srvnet.sys
2016-06-17 21:04 - 2016-05-12 16:52 - 00098304 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2016-06-17 21:04 - 2016-05-12 16:51 - 00036352 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll
2016-06-17 21:04 - 2016-05-12 16:51 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2016-06-17 21:04 - 2016-05-12 16:51 - 00015872 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2016-06-17 21:04 - 2016-05-12 15:04 - 00370784 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys
2016-06-17 21:04 - 2016-05-12 15:04 - 00249352 _____ (Microsoft Corporation) C:\Windows\system32\bcryptprimitives.dll
2016-06-17 21:04 - 2016-03-09 20:40 - 00316416 _____ (Microsoft Corporation) C:\Windows\system32\webio.dll
2016-06-17 21:03 - 2016-05-11 17:19 - 00351744 _____ (Microsoft Corporation) C:\Windows\system32\winhttp.dll
2016-06-17 21:03 - 2016-05-11 17:19 - 00231424 _____ (Microsoft Corporation) C:\Windows\system32\mswsock.dll
2016-06-17 21:03 - 2016-05-11 17:19 - 00206336 _____ (Microsoft Corporation) C:\Windows\system32\ws2_32.dll
2016-06-17 21:03 - 2016-05-11 17:01 - 00026624 _____ (Microsoft Corporation) C:\Windows\system32\netbtugc.exe
2016-06-17 21:03 - 2016-05-11 16:52 - 00188928 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netbt.sys
2016-06-17 21:01 - 2016-04-14 17:38 - 00105192 _____ (Microsoft Corporation) C:\Windows\system32\consent.exe
2016-06-17 21:01 - 2016-04-14 17:33 - 02365440 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2016-06-17 21:01 - 2016-04-14 17:33 - 01806848 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2016-06-17 21:01 - 2016-04-14 17:33 - 00337408 _____ (Microsoft Corporation) C:\Windows\system32\msihnd.dll
2016-06-17 21:01 - 2016-04-14 17:33 - 00047104 _____ (Microsoft Corporation) C:\Windows\system32\appinfo.dll
2016-06-17 21:01 - 2016-04-14 17:33 - 00025088 _____ (Microsoft Corporation) C:\Windows\system32\msimsg.dll
2016-06-17 21:01 - 2016-04-14 17:11 - 00073216 _____ (Microsoft Corporation) C:\Windows\system32\msiexec.exe
2016-06-17 20:54 - 2016-05-18 18:10 - 00306688 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll

==================== Un mois - Modifiés - fichiers et dossiers ========

(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)

2016-07-07 19:12 - 2009-07-14 06:34 - 00031312 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2016-07-07 19:12 - 2009-07-14 06:34 - 00031312 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2016-07-07 19:07 - 2010-11-21 02:30 - 02190862 _____ C:\Windows\system32\perfh00C.dat
2016-07-07 19:07 - 2010-11-21 02:30 - 00622312 _____ C:\Windows\system32\perfc00C.dat
2016-07-07 19:07 - 2010-11-20 23:01 - 00006436 _____ C:\Windows\system32\PerfStringBackup.INI
2016-07-07 19:02 - 2015-09-22 07:45 - 00000282 _____ C:\Windows\Tasks\NUAutoUpdate.job
2016-07-07 19:01 - 2009-07-14 06:53 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2016-07-07 13:43 - 2015-10-19 11:36 - 00000000 ____D C:\AdwCleaner
2016-07-07 13:40 - 2016-03-30 13:41 - 00000000 ____D C:\Users\Elise\AppData\Local\Unity
2016-07-07 02:39 - 2011-07-13 19:02 - 00400552 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2016-07-06 22:16 - 2011-07-09 15:02 - 00000000 ____D C:\Program Files\Intel
2016-07-06 20:31 - 2012-05-24 14:04 - 00796352 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
2016-07-06 20:31 - 2011-08-14 22:58 - 00142528 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl
2016-07-06 20:30 - 2015-11-08 18:22 - 00000000 ____D C:\Users\Elise\AppData\Local\Adobe
2016-07-06 18:25 - 2015-10-08 17:32 - 00000000 ____D C:\Users\Elise\AppData\Roaming\vlc
2016-07-05 18:34 - 2016-02-22 10:14 - 00000000 ____D C:\Program Files\Common Files\InstallShield
2016-07-05 18:34 - 2011-07-09 16:07 - 00000000 ___HD C:\Program Files\InstallShield Installation Information
2016-06-30 21:00 - 2011-08-02 10:44 - 00000532 _____ C:\Windows\Tasks\Nouveau contrôle planifié.job
2016-06-29 21:25 - 2011-07-09 16:18 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2016-06-29 15:05 - 2011-07-09 16:18 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2016-06-21 16:49 - 2015-10-03 18:15 - 00000000 ____D C:\Users\Elise\AppData\Roaming\Skype
2016-06-21 16:02 - 2016-03-07 14:16 - 00000000 ____D C:\Users\Elise\AppData\Roaming\.ascentia
2016-06-21 16:02 - 2015-09-22 20:31 - 00000000 ____D C:\Users\Elise
2016-06-19 17:13 - 2009-07-14 06:33 - 00526472 _____ C:\Windows\system32\FNTCACHE.DAT
2016-06-19 17:12 - 2014-12-13 01:43 - 00000000 ____D C:\Windows\system32\appraiser
2016-06-09 17:58 - 2014-08-19 20:19 - 00000000 ____D C:\Program Files\Mozilla Maintenance Service
2016-06-09 11:53 - 2011-08-01 16:34 - 00000000 ____D C:\Program Files\Mozilla Firefox
2016-06-07 20:10 - 2009-07-14 06:53 - 00032482 _____ C:\Windows\Tasks\SCHEDLGU.TXT

==================== Fichiers à la racine de certains dossiers =======

2016-05-22 13:24 - 2016-05-22 13:24 - 0000132 _____ () C:\Users\Elise\AppData\Roaming\Préfs Format PNG Adobe CS6
2016-03-07 14:18 - 2016-03-07 14:18 - 0000036 _____ () C:\Users\Elise\AppData\Roaming\SuYZkvrV.tmp
2011-08-05 00:48 - 2011-10-04 21:25 - 0003171 _____ () C:\ProgramData\hpzinstall.log

==================== Bamital & volsnap =================

(Il n'y a pas de correction automatique pour les fichiers qui ne satisfont pas à la vérification.)

C:\Windows\explorer.exe => Le fichier est signé numériquement
C:\Windows\system32\winlogon.exe => Le fichier est signé numériquement
C:\Windows\system32\wininit.exe => Le fichier est signé numériquement
C:\Windows\system32\svchost.exe => Le fichier est signé numériquement
C:\Windows\system32\services.exe => Le fichier est signé numériquement
C:\Windows\system32\User32.dll => Le fichier est signé numériquement
C:\Windows\system32\userinit.exe => Le fichier est signé numériquement
C:\Windows\system32\rpcss.dll => Le fichier est signé numériquement
C:\Windows\system32\dnsapi.dll => Le fichier est signé numériquement
C:\Windows\system32\Drivers\volsnap.sys => Le fichier est signé numériquement


LastRegBack: 2016-06-17 23:00

==================== Fin de FRST.txt ============================

Publicité


Signaler le contenu de ce document

Publicité