cjoint

Publicité


Publicité

Format du document : text/plain

Prévisualisation

Résultats d'analyse de Farbar Recovery Scan Tool (FRST) (x86) Version: 13-07-2016 02
Exécuté par user (administrateur) sur VERO (14-07-2016 17:37:22)
Exécuté depuis C:\Users\user\Desktop\Virus
Profils chargés: user (Profils disponibles: user & Administrateur)
Platform: Microsoft Windows 8.1 (Update) (X86) Langue: Français (France)
Internet Explorer Version 11 (Navigateur par défaut: Opera)
Mode d'amorçage: Normal
Tutoriel pour Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processus (Avec liste blanche) =================

(Si un élément est inclus dans le fichier fixlist.txt, le processus sera arrêté. Le fichier ne sera pas déplacé.)

() C:\Program Files\REALTEK\REALTEK Bluetooth\BTDevMgr.exe
(Acer Incorporated) C:\Program Files\Acer\AOP Framework\CCDMonitorService.exe
(Intel Corporation) C:\Windows\System32\DptfParticipantProcessorService.exe
(Intel Corporation) C:\Windows\System32\DptfPolicyCriticalService.exe
(Intel Corporation) C:\Windows\System32\DptfPolicyLpmService.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Launch Manager\LMSvc.exe
(McAfee, Inc.) C:\Program Files\Common Files\mcafee\systemcore\mfemms.exe
(McAfee, Inc.) C:\Windows\System32\mfevtps.exe
(McAfee, Inc.) C:\Windows\System32\mfevtps.exe
(Intel Security, Inc.) C:\Program Files\Common Files\Intel Security\PEF\CORE\PEFService.exe
(Safer-Networking Ltd.) C:\Program Files\Spybot - Search & Destroy 2\SDFSSvc.exe
(McAfee, Inc.) C:\Program Files\Common Files\mcafee\systemcore\mfefire.exe
(Safer-Networking Ltd.) C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Touch Tools\TouchToolsLaunchSvc.exe
(McAfee, Inc.) C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe
(Safer-Networking Ltd.) C:\Program Files\Spybot - Search & Destroy 2\SDWSCSvc.exe
(McAfee, Inc.) C:\Program Files\Common Files\mcafee\systemcore\mfefire.exe
(McAfee, Inc.) C:\Program Files\McAfee\SiteAdvisor\McSACore.exe
(McAfee, Inc.) C:\Program Files\McAfee\msc\McAPExe.exe
(McAfee, Inc.) C:\Program Files\Common Files\mcafee\AMCore\mcshield.exe
(McAfee, Inc.) C:\Program Files\Common Files\mcafee\CSP\1.9.741.0\McCSPServiceHost.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Quick Access\QASvc.exe
(McAfee, Inc.) C:\Program Files\Common Files\mcafee\ModuleCore\ModuleCoreService.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Quick Access\RMSvc.exe
(Acer Cloud Technology) C:\Program Files\Acer\AOP Framework\acer\ccd.exe
(acer) C:\Program Files\Acer\User Experience Improvement Program\Framework\UBTService.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20911_x86__8wekyb3d8bbwe\livecomm.exe
(Microsoft Corporation) C:\Windows\System32\SkyDrive.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ink\TabTip.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Hover Access\HoverAccess.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Quick Access\QAEvent.exe
(Microsoft Corporation) C:\Windows\System32\wbem\unsecapp.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Launch Manager\LMEvent.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Launch Manager\LMLockHandler.exe
(Microsoft Corporation) C:\Windows\System32\wbem\unsecapp.exe
(Microsoft Corporation) C:\Windows\System32\wbem\unsecapp.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Launch Manager\LMTray.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Quick Access\QAMsg.exe
(Microsoft Corporation) C:\Windows\System32\WWAHost.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe
(Intel Corporation) C:\Windows\System32\DptfPolicyLpmServiceHelper.exe
(Realtek Semiconductor) C:\Program Files\REALTEK\Audio\AP\RtkNGUI.exe
(Safer-Networking Ltd.) C:\Program Files\Spybot - Search & Destroy 2\SDTray.exe
(Spotify Ltd) C:\Program Files\Spotify\Data\SpotifyWebHelper.exe
(© 2015 Microsoft Corporation) C:\Users\user\AppData\Local\Microsoft\BingSvc\BingSvc.exe
(Acer Incorporated) C:\Program Files\Acer\Screen Grasp\GestureDetection.exe
(Acer Incorporated) C:\Program Files\Acer\Screen Grasp\Launch Screen Grasp.exe
(Microsoft Corporation) C:\Windows\System32\WWAHost.exe
(Acer Incorporated) C:\Program Files\Acer\AOP Framework\BackgroundAgent.exe
() C:\Program Files\Acer\abDocs\abDocsDllLoaderMonitor.exe
(Acer) C:\Program Files\Acer\Acer Portal\AcerPortal.exe
(Microsoft Corporation) C:\Windows\FileManager\PhotosApp.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(McAfee, Inc.) C:\Program Files\Common Files\mcafee\platform\McUICnt.exe
(Opera Software) C:\Program Files\Opera\38.0.2220.41\opera.exe
(Opera Software) C:\Program Files\Opera\38.0.2220.41\opera_crashreporter.exe
(Opera Software) C:\Program Files\Opera\38.0.2220.41\opera.exe
(Opera Software) C:\Program Files\Opera\38.0.2220.41\opera.exe
(Opera Software) C:\Program Files\Opera\38.0.2220.41\opera.exe
(Opera Software) C:\Program Files\Opera\38.0.2220.41\opera.exe
(Opera Software) C:\Program Files\Opera\38.0.2220.41\opera.exe
(Opera Software) C:\Program Files\Opera\38.0.2220.41\opera.exe
(Intel Security) C:\Program Files\Common Files\mcafee\ClientAnalytics\McClientAnalytics.exe
(Intel Security) C:\Program Files\Common Files\mcafee\ClientAnalytics\McClientAnalytics.exe


==================== Registre (Avec liste blanche) ===========================

(Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé. Le fichier ne sera pas déplacé.)

HKLM\...\Run: [DptfPolicyLpmServiceHelper] => C:\windows\System32\DptfPolicyLpmServiceHelper.exe [79672 2014-04-05] (Intel Corporation)
HKLM\...\Run: [RtkNGUI] => C:\Program Files\Realtek\Audio\AP\RtkNGUI.exe [4616192 2014-05-07] (Realtek Semiconductor)
HKLM\...\Run: [SDTray] => C:\Program Files\Spybot - Search & Destroy 2\SDTray.exe [4101576 2014-06-24] (Safer-Networking Ltd.)
Winlogon\Notify\SDWinLogon: SDWinLogon.dll [X]
HKU\S-1-5-21-440628683-1919038133-3357791783-1001\...\Run: [Spotify Web Helper] => C:\Program Files\Spotify\Data\SpotifyWebHelper.exe [1168896 2015-02-26] (Spotify Ltd)
HKU\S-1-5-21-440628683-1919038133-3357791783-1001\...\Run: [Skype] => C:\Program Files\Skype\Phone\Skype.exe [53130368 2016-05-17] (Skype Technologies S.A.)
HKU\S-1-5-21-440628683-1919038133-3357791783-1001\...\Run: [BingSvc] => C:\Users\user\AppData\Local\Microsoft\BingSvc\BingSvc.exe [144008 2015-11-05] (© 2015 Microsoft Corporation)
HKU\S-1-5-18\...\Run: [SpybotPostWindows10UpgradeReInstall] => C:\Program Files\Common Files\AV\Spybot - Search and Destroy\Test.exe [1011200 2015-07-28] (Safer-Networking Ltd.)
ShellIconOverlayIdentifiers: [ ACloudSynced] -> {5CCE71FA-9F61-4F24-9CD1-98D819B40D68} => C:\Program Files\Acer\shellext\Win32\shellext_win.dll [2016-04-20] (Acer Incorporated)
ShellIconOverlayIdentifiers: [ ACloudSyncing] -> {C1E1456F-C2D8-4C96-870D-35F1E13941EE} => C:\Program Files\Acer\shellext\Win32\shellext_win.dll [2016-04-20] (Acer Incorporated)
ShellIconOverlayIdentifiers: [ ACloudToBeSynced] -> {307523FA-DDC0-4068-983F-2A6B34627744} => C:\Program Files\Acer\shellext\Win32\shellext_win.dll [2016-04-20] (Acer Incorporated)
BootExecute: autocheck autochk * sdnclean.exe

==================== Internet (Avec liste blanche) ====================

(Si un élément est inclus dans le fichier fixlist.txt, s'il s'agit d'un élément du Registre, il sera supprimé ou restauré à la valeur par défaut.)

Tcpip\Parameters: [DhcpNameServer] 192.168.1.254
Tcpip\..\Interfaces\{6ACA1CE4-BC48-4D2E-8F55-0E1B126F52F8}: [DhcpNameServer] 192.168.176.1
Tcpip\..\Interfaces\{B70EDC79-F975-4A42-A8F1-87246AE8EE20}: [DhcpNameServer] 192.168.1.254
ManualProxies:

Internet Explorer:
==================
HKU\S-1-5-21-440628683-1919038133-3357791783-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://acer13.msn.com/?pc=ACJB
HKU\S-1-5-21-440628683-1919038133-3357791783-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://acer13.msn.com/?pc=ACJB
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-440628683-1919038133-3357791783-1001 -> DefaultScope {48A994EF-FFA6-4156-B218-B4F315970A11} URL =
SearchScopes: HKU\S-1-5-21-440628683-1919038133-3357791783-1001 -> {48A994EF-FFA6-4156-B218-B4F315970A11} URL =
Handler: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - C:\Program Files\McAfee\SiteAdvisor\mcieplg.dll [2016-04-20] (McAfee, Inc.)
Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - C:\Program Files\McAfee\SiteAdvisor\mcieplg.dll [2016-04-20] (McAfee, Inc.)
Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files\McAfee\msc\McSnIePl.dll [2016-05-24] (McAfee, Inc.)

FireFox:
========
FF Plugin: @mcafee.com/MSC,version=10 -> c:\PROGRA~1\mcafee\msc\NPMCSN~1.DLL [2016-05-24] ()
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.30.3\npGoogleUpdate3.dll [2016-05-25] (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.30.3\npGoogleUpdate3.dll [2016-05-25] (Google Inc.)
FF HKLM\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files\McAfee\SiteAdvisor\saffplg.xpi
FF Extension: McAfee WebAdvisor - C:\Program Files\McAfee\SiteAdvisor\saffplg.xpi [2016-06-07]
FF HKLM\...\Thunderbird\Extensions: [msktbird@mcafee.com] - C:\Program Files\McAfee\MSK
FF Extension: McAfee Anti-Spam Thunderbird Extension - C:\Program Files\McAfee\MSK [2016-06-21] [non signé]

Chrome:
=======
CHR Profile: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Slides) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2016-05-25]
CHR Extension: (Google Docs) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2016-05-25]
CHR Extension: (Google Drive) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-05-25]
CHR Extension: (musicRate) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgmkfadkoajildodokjajpdhncdpepeg [2016-07-08]
CHR Extension: (YouTube) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-05-25]
CHR Extension: (Google Sheets) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2016-05-25]
CHR Extension: (SiteAdvisor) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho [2016-05-30]
CHR Extension: (Google Docs hors connexion) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-05-25]
CHR Extension: (Paiements via le Chrome Web Store) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-05-25]
CHR Extension: (Gmail) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-05-25]
CHR HKLM\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] - C:\Program Files\McAfee\SiteAdvisor\McChPlg.crx [2016-04-20]

Opera:
=======
OPR Extension: (Adblock Plus) - C:\Users\user\AppData\Roaming\Opera Software\Opera Stable\Extensions\oidhhegpmlfpoeialbgcdocjalghfpkp [2016-07-11]

==================== Services (Avec liste blanche) ========================

(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)

R2 BTDevManager; C:\Program Files\REALTEK\REALTEK Bluetooth\BTDevMgr.exe [70144 2014-03-12] () [Fichier non signé]
R2 CCDMonitorService; C:\Program Files\Acer\AOP Framework\CCDMonitorService.exe [2860760 2016-04-18] (Acer Incorporated)
S3 cphs; C:\WINDOWS\system32\IntelCpHeciSvc.exe [279000 2014-01-07] (Intel Corporation)
R2 DptfParticipantProcessorService; C:\WINDOWS\system32\DptfParticipantProcessorService.exe [81720 2014-04-05] (Intel Corporation)
R2 DptfPolicyCriticalService; C:\WINDOWS\system32\DptfPolicyCriticalService.exe [95544 2014-04-05] (Intel Corporation)
R2 DptfPolicyLpmService; C:\WINDOWS\system32\DptfPolicyLpmService.exe [88888 2014-04-05] (Intel Corporation)
R2 HomeNetSvc; C:\Program Files\Common Files\Mcafee\Platform\McSvcHost\McSvHost.exe [490136 2016-04-23] (McAfee, Inc.)
R2 LMSvc; C:\Program Files\Acer\Acer Launch Manager\LMSvc.exe [461544 2014-07-28] (Acer Incorporate)
R2 McAfee SiteAdvisor Service; C:\Program Files\McAfee\SiteAdvisor\McSACore.exe [140552 2016-04-20] (McAfee, Inc.)
R2 McAPExe; C:\Program Files\McAfee\MSC\McAPExe.exe [866592 2016-05-24] (McAfee, Inc.)
S3 McAWFwk; c:\Program Files\Common Files\mcafee\ActWiz\McAWFwk.exe [287728 2013-07-30] (McAfee, Inc.)
R2 McBootDelayStartSvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [490136 2016-04-23] (McAfee, Inc.)
R2 mccspsvc; C:\Program Files\Common Files\McAfee\CSP\1.9.741.0\\McCSPServiceHost.exe [1402168 2016-04-18] (McAfee, Inc.)
R2 McMPFSvc; C:\Program Files\Common Files\Mcafee\Platform\McSvcHost\McSvHost.exe [490136 2016-04-23] (McAfee, Inc.)
R2 McNaiAnn; C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe [490136 2016-04-23] (McAfee, Inc.)
S3 McODS; C:\Program Files\McAfee\VirusScan\mcods.exe [613224 2016-04-20] (McAfee, Inc.)
S2 McOobeSv2; C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe [490136 2016-04-23] (McAfee, Inc.)
R2 mcpltsvc; C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe [490136 2016-04-23] (McAfee, Inc.)
R2 McProxy; C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe [490136 2016-04-23] (McAfee, Inc.)
R3 mfefire; C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe [196848 2016-03-07] (McAfee, Inc.)
R2 mfemms; C:\Program Files\Common Files\McAfee\SystemCore\\mfemms.exe [343304 2016-04-01] (McAfee, Inc.)
R2 mfevtp; C:\Windows\system32\mfevtps.exe [265968 2016-03-07] (McAfee, Inc.)
R2 ModuleCoreService; C:\Program Files\Common Files\McAfee\ModuleCore\ModuleCoreService.exe [1110184 2016-04-21] (McAfee, Inc.)
R2 MSK80Service; C:\Program Files\Common Files\Mcafee\Platform\McSvcHost\McSvHost.exe [490136 2016-04-23] (McAfee, Inc.)
R2 PEFService; C:\Program Files\Common Files\Intel Security\PEF\CORE\PEFService.exe [848040 2016-04-21] (Intel Security, Inc.)
R3 QASvc; C:\Program Files\Acer\Acer Quick Access\QASvc.exe [451816 2014-06-26] (Acer Incorporate)
R3 RMSvc; C:\Program Files\Acer\Acer Quick Access\RMSvc.exe [442088 2014-06-26] (Acer Incorporate)
R2 SDScannerService; C:\Program Files\Spybot - Search & Destroy 2\SDFSSvc.exe [1738168 2014-06-24] (Safer-Networking Ltd.)
R2 SDUpdateService; C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe [2088408 2014-06-27] (Safer-Networking Ltd.)
R2 SDWSCService; C:\Program Files\Spybot - Search & Destroy 2\SDWSCSvc.exe [171928 2014-04-25] (Safer-Networking Ltd.)
R2 TouchToolsLaunchService; C:\Program Files\Acer\Acer Touch Tools\TouchToolsLaunchSvc.exe [247040 2014-01-08] (Acer Incorporated)
R3 UEIPSvc; C:\Program Files\Acer\User Experience Improvement Program\Framework\UBTService.exe [234240 2014-07-15] (acer)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [284520 2015-07-07] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [22224 2015-07-07] (Microsoft Corporation)

===================== Pilotes (Avec liste blanche) ==========================

(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)

S3 AX88179; C:\WINDOWS\system32\DRIVERS\ax88179_178a.sys [60816 2013-07-08] (ASIX Electronics Corp.)
S3 BCMSDH43XX; C:\WINDOWS\system32\DRIVERS\bcmdhd63.sys [296664 2013-08-13] (Broadcom Corp)
R3 BthMini; C:\WINDOWS\System32\Drivers\BTHMINI.sys [23552 2014-10-29] (Microsoft Corporation)
S3 btwampfl; C:\WINDOWS\System32\drivers\btwampfl.sys [145112 2014-02-04] (Broadcom Corporation.)
S3 BtwSerialBus; C:\WINDOWS\System32\drivers\BtwSerialBus.sys [132312 2014-04-24] (Broadcom Corporation.)
R3 camera; C:\WINDOWS\system32\DRIVERS\camera.sys [401408 2013-12-30] (Intel Corporation)
R3 cfwids; C:\WINDOWS\System32\drivers\cfwids.sys [71976 2016-03-11] (McAfee, Inc.)
R3 CM3218x; C:\WINDOWS\system32\DRIVERS\WUDFRd.sys [188416 2014-05-31] (Microsoft Corporation)
R3 CPLMACPI; C:\WINDOWS\system32\DRIVERS\CPLMACPI.sys [16488 2013-09-08] (Capella Microsystems, Inc.)
S3 DptfDevAmbient; C:\WINDOWS\System32\drivers\DptfDevAmbient.sys [44496 2014-03-19] (Intel Corporation)
S3 DptfDevDBPT; C:\WINDOWS\System32\drivers\DptfDevPower.sys [25552 2014-03-19] (Intel Corporation)
R3 DptfDevDisplay; C:\WINDOWS\System32\drivers\DptfDevDisplay.sys [28112 2014-03-19] (Intel Corporation)
R3 DptfDevGen; C:\WINDOWS\System32\drivers\DptfDevGen.sys [36304 2014-03-19] (Intel Corporation)
R3 DptfDevProc; C:\WINDOWS\System32\drivers\DptfDevProc.sys [80848 2014-03-19] (Intel Corporation)
R3 DptfManager; C:\WINDOWS\System32\drivers\DptfManager.sys [181712 2014-03-19] (Intel Corporation)
R3 GPIO; C:\WINDOWS\System32\drivers\iaiogpioe.sys [23552 2014-03-19] (Intel Corporation)
R3 GpioVirtual; C:\WINDOWS\System32\drivers\iaiogpiovirtual.sys [16896 2014-03-19] (Intel Corporation)
S3 HipShieldK; C:\WINDOWS\System32\drivers\HipShieldK.sys [160064 2016-02-24] (McAfee, Inc.)
R3 iaioi2c; C:\WINDOWS\System32\drivers\iaioi2ce.sys [58368 2014-03-19] (Intel Corporation)
R3 iaiospi; C:\WINDOWS\System32\drivers\iaiospi.sys [53760 2014-03-19] (Intel Corporation)
R3 iaiouart; C:\WINDOWS\System32\drivers\iaiouart.sys [87552 2014-03-19] (Intel Corporation)
S3 intaud_WaveExtensible; C:\WINDOWS\system32\drivers\intelaud.sys [32664 2013-12-27] (Intel Corporation)
R3 IntelSST; C:\WINDOWS\system32\drivers\isstrtc.sys [254464 2013-12-30] (Intel(R) Corporation)
R3 INVN_MotionApps; C:\WINDOWS\system32\DRIVERS\WUDFRd.sys [188416 2014-05-31] (Microsoft Corporation)
R3 iwdbus; C:\WINDOWS\System32\drivers\iwdbus.sys [23448 2013-12-27] (Intel Corporation)
S0 Lm3554; C:\WINDOWS\System32\drivers\lm3554.sys [25088 2013-12-30] (Intel Corporation)
R0 MBI; C:\WINDOWS\System32\drivers\MBI.sys [21456 2014-03-19] (Intel Corporation)
R3 mfeaack; C:\WINDOWS\System32\drivers\mfeaack.sys [321320 2016-03-11] (McAfee, Inc.)
R3 mfeavfk; C:\WINDOWS\System32\drivers\mfeavfk.sys [271144 2016-03-11] (McAfee, Inc.)
S0 mfeelamk; C:\WINDOWS\System32\drivers\mfeelamk.sys [72856 2016-03-11] (McAfee, Inc.)
R3 mfefirek; C:\WINDOWS\System32\drivers\mfefirek.sys [379688 2016-03-11] (McAfee, Inc.)
R0 mfehidk; C:\WINDOWS\System32\drivers\mfehidk.sys [647976 2016-03-11] (McAfee, Inc.)
R3 mfencbdc; C:\WINDOWS\System32\DRIVERS\mfencbdc.sys [428320 2016-02-10] (McAfee, Inc.)
S3 mfencrk; C:\WINDOWS\System32\DRIVERS\mfencrk.sys [89552 2016-02-10] (McAfee, Inc.)
R3 mfesapsn; C:\Program Files\McAfee\SiteAdvisor\mfesapsn.sys [41096 2016-03-15] (McAfee, Inc.)
R0 mfewfpk; C:\WINDOWS\System32\drivers\mfewfpk.sys [199464 2016-03-11] (McAfee, Inc.)
R3 ov2722; C:\WINDOWS\System32\drivers\ov2722.sys [43520 2013-12-30] (Intel Corporation)
R3 PMIC; C:\WINDOWS\System32\drivers\PMIC.sys [48128 2014-03-19] (Intel Corporation)
R3 rtii2sac; C:\WINDOWS\system32\DRIVERS\rtii2sac.sys [183000 2014-06-04] (Realtek Semiconductor Corp.)
R3 RtkUart; C:\WINDOWS\System32\drivers\RtkUart.sys [507608 2014-07-11] (Realtek Semiconductor Corporation)
R3 RtlWlans; C:\WINDOWS\system32\DRIVERS\rtwlans.sys [2748120 2014-07-18] (Realtek Semiconductor Corporation )
R3 SensorsServiceDriver; C:\WINDOWS\system32\DRIVERS\WUDFRd.sys [188416 2014-05-31] (Microsoft Corporation)
R3 TXEI; C:\WINDOWS\System32\drivers\TXEI.sys [75792 2014-03-19] (Intel Corporation)
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [38928 2015-07-07] (Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [233304 2015-07-07] (Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [84824 2015-07-07] (Microsoft Corporation)
R3 WUDFSensorLP; C:\WINDOWS\system32\DRIVERS\WUDFRd.sys [188416 2014-05-31] (Microsoft Corporation)

==================== NetSvcs (Avec liste blanche) ===================

(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)


==================== Un mois - Créés - fichiers et dossiers ========

(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)

2016-07-14 17:36 - 2016-07-14 17:37 - 00000000 ____D C:\FRST
2016-07-14 15:33 - 2016-07-14 15:33 - 00002638 _____ C:\Users\user\Desktop\ZHPCleaner.txt
2016-07-14 15:19 - 2016-07-14 15:33 - 00000000 ____D C:\Users\user\AppData\Roaming\ZHP
2016-07-14 15:19 - 2016-07-14 15:19 - 00000841 _____ C:\Users\user\Desktop\ZHPCleaner.lnk
2016-07-14 13:26 - 2016-07-14 13:26 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee
2016-07-13 15:58 - 2016-07-13 15:58 - 00147856 _____ C:\Users\user\Desktop\atesstation.pdf
2016-07-12 22:19 - 2016-07-12 22:23 - 00000000 ____D C:\AdwCleaner
2016-07-11 20:00 - 2016-07-11 21:30 - 00000000 ____D C:\ProgramData\Spybot - Search & Destroy
2016-07-11 20:00 - 2016-07-11 20:03 - 00000000 ____D C:\Program Files\Spybot - Search & Destroy 2
2016-07-11 20:00 - 2016-07-11 20:00 - 00002147 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot-S&D Start Center.lnk
2016-07-11 20:00 - 2016-07-11 20:00 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot - Search & Destroy 2
2016-07-11 20:00 - 2013-09-20 10:49 - 00018968 _____ (Safer Networking Limited) C:\WINDOWS\system32\sdnclean.exe
2016-07-11 19:53 - 2016-07-11 19:54 - 00170200 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2016-07-11 19:53 - 2016-07-11 19:53 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2016-07-11 19:53 - 2016-07-11 19:53 - 00000000 ____D C:\ProgramData\Malwarebytes
2016-07-11 19:53 - 2016-07-11 19:53 - 00000000 ____D C:\Program Files\Malwarebytes Anti-Malware
2016-07-11 19:53 - 2016-03-10 14:09 - 00053120 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mwac.sys
2016-07-11 19:53 - 2016-03-10 14:08 - 00126336 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamchameleon.sys
2016-07-11 19:53 - 2016-03-10 14:08 - 00024448 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbam.sys
2016-07-11 19:51 - 2016-07-14 17:37 - 00000000 ____D C:\Users\user\Desktop\Virus
2016-07-11 19:45 - 2016-07-11 19:45 - 00001109 _____ C:\Users\Public\Desktop\Opera.lnk
2016-07-11 19:45 - 2016-07-11 19:45 - 00001109 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Opera.lnk
2016-07-11 19:45 - 2016-07-11 19:45 - 00000000 ____D C:\Users\user\AppData\Roaming\Opera Software
2016-07-11 19:45 - 2016-07-11 19:45 - 00000000 ____D C:\Users\user\AppData\Local\Opera Software
2016-07-11 19:44 - 2016-07-11 19:45 - 00000000 ____D C:\Program Files\Opera
2016-07-11 19:44 - 2016-07-11 19:44 - 00961960 _____ (Opera Software) C:\Users\user\Downloads\OperaSetup (1).exe
2016-07-11 19:43 - 2016-07-11 19:43 - 00961960 _____ (Opera Software) C:\Users\user\Downloads\OperaSetup.exe
2016-06-27 19:08 - 2016-06-21 14:09 - 00147856 _____ C:\Users\user\Desktop\atesstation elior.pdf
2016-06-15 14:18 - 2016-07-13 15:52 - 00000000 ____D C:\Users\user\AppData\Roaming\Skype
2016-06-15 14:17 - 2016-06-15 14:17 - 00000000 ___RD C:\Program Files\Skype
2016-06-15 14:17 - 2016-06-15 14:17 - 00000000 ____D C:\ProgramData\Skype
2016-06-15 14:17 - 2016-06-15 14:17 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2016-06-15 14:17 - 2016-06-15 14:17 - 00000000 ____D C:\Program Files\Common Files\Skype
2016-06-15 14:14 - 2016-06-15 14:16 - 41774720 _____ (Skype Technologies S.A.) C:\Users\user\Downloads\SkypeSetupFull.exe
2016-06-15 05:14 - 2016-05-16 23:16 - 00479312 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2016-06-15 05:14 - 2016-05-16 23:16 - 00148824 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecpkg.sys
2016-06-15 05:14 - 2016-05-16 23:13 - 00340872 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcryptprimitives.dll
2016-06-15 05:14 - 2016-05-14 22:01 - 00320720 _____ (Microsoft Corporation) C:\WINDOWS\system32\ws2_32.dll
2016-06-15 05:14 - 2016-05-14 00:22 - 00562176 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv2.sys
2016-06-15 05:14 - 2016-05-14 00:22 - 00336896 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv.sys
2016-06-15 05:14 - 2016-05-14 00:22 - 00213504 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\netbt.sys
2016-06-15 05:14 - 2016-05-14 00:21 - 00186880 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srvnet.sys
2016-06-15 05:14 - 2016-05-13 23:35 - 00286208 _____ (Microsoft Corporation) C:\WINDOWS\system32\mswsock.dll
2016-06-15 05:14 - 2016-05-13 23:26 - 00631808 _____ (Microsoft Corporation) C:\WINDOWS\system32\winhttp.dll
2016-06-15 05:14 - 2016-04-12 17:30 - 12879872 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2016-06-15 05:13 - 2016-05-21 18:57 - 20341248 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2016-06-15 05:13 - 2016-05-20 23:57 - 00497664 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2016-06-15 05:13 - 2016-05-20 23:55 - 00064000 _____ (Microsoft Corporation) C:\WINDOWS\system32\MshtmlDac.dll
2016-06-15 05:13 - 2016-05-20 23:50 - 02287104 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2016-06-15 05:13 - 2016-05-20 23:44 - 00663552 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2016-06-15 05:13 - 2016-05-20 23:29 - 13815808 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2016-06-15 05:13 - 2016-05-20 23:21 - 00279040 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtrans.dll
2016-06-15 05:13 - 2016-05-20 23:21 - 00128000 _____ (Microsoft Corporation) C:\WINDOWS\system32\iepeers.dll
2016-06-15 05:13 - 2016-05-20 23:16 - 00880128 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcomm.dll
2016-06-15 05:13 - 2016-05-20 23:14 - 04610048 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2016-06-15 05:13 - 2016-05-20 23:12 - 00230400 _____ (Microsoft Corporation) C:\WINDOWS\system32\webcheck.dll
2016-06-15 05:13 - 2016-05-20 23:09 - 00693248 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2016-06-15 05:13 - 2016-05-20 23:08 - 02055680 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2016-06-15 05:13 - 2016-05-20 22:42 - 02121216 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2016-06-15 05:13 - 2016-05-20 22:38 - 01310208 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2016-06-15 05:13 - 2016-05-20 22:38 - 00710144 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2016-06-15 05:13 - 2016-05-19 00:26 - 01131592 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32.dll
2016-06-15 05:13 - 2016-05-18 07:31 - 00315224 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\atmfd.dll
2016-06-15 05:13 - 2016-05-14 00:24 - 03492864 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2016-06-15 05:13 - 2016-05-14 00:19 - 00035840 _____ (Adobe Systems) C:\WINDOWS\system32\atmlib.dll
2016-06-15 05:13 - 2016-05-12 19:43 - 00115704 _____ (Microsoft Corporation) C:\WINDOWS\system32\gpapi.dll
2016-06-15 05:13 - 2016-05-12 17:43 - 00291328 _____ (Microsoft Corporation) C:\WINDOWS\system32\polstore.dll
2016-06-15 05:13 - 2016-05-12 17:37 - 00050176 _____ (Microsoft Corporation) C:\WINDOWS\system32\FwRemoteSvr.dll
2016-06-15 05:13 - 2016-05-12 17:35 - 01210880 _____ (Microsoft Corporation) C:\WINDOWS\system32\gpsvc.dll
2016-06-15 05:13 - 2016-05-12 17:32 - 00308736 _____ (Microsoft Corporation) C:\WINDOWS\system32\IPSECSVC.DLL
2016-06-15 05:13 - 2016-05-09 22:56 - 05270016 _____ (Microsoft Corporation) C:\WINDOWS\system32\glcndFilter.dll
2016-06-15 05:13 - 2016-05-09 22:23 - 05265920 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll
2016-06-15 05:13 - 2016-05-06 17:23 - 00503808 _____ (Microsoft Corporation) C:\WINDOWS\system32\StructuredQuery.dll
2016-06-15 05:13 - 2016-04-14 17:11 - 02464768 _____ (Microsoft Corporation) C:\WINDOWS\system32\authui.dll
2016-06-15 05:13 - 2016-01-31 20:37 - 00108896 _____ (Microsoft Corporation) C:\WINDOWS\system32\consent.exe
2016-06-15 05:13 - 2016-01-31 19:32 - 00089600 _____ (Microsoft Corporation) C:\WINDOWS\system32\appinfo.dll
2016-06-15 05:13 - 2016-01-31 19:14 - 03607040 _____ (Microsoft Corporation) C:\WINDOWS\system32\msi.dll
2016-06-15 05:12 - 2016-06-03 15:39 - 01225216 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll
2016-06-15 05:12 - 2016-06-02 19:55 - 00045744 _____ (Microsoft Corporation) C:\WINDOWS\system32\CompatTelRunner.exe
2016-06-15 05:12 - 2016-06-01 18:02 - 00385024 _____ (Microsoft Corporation) C:\WINDOWS\system32\pcasvc.dll
2016-06-15 05:12 - 2016-05-26 15:44 - 01001472 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
2016-06-15 05:12 - 2016-05-26 15:44 - 00466944 _____ (Microsoft Corporation) C:\WINDOWS\system32\generaltel.dll
2016-06-15 05:12 - 2016-05-26 15:44 - 00461824 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll
2016-06-15 05:12 - 2016-05-26 15:44 - 00235520 _____ (Microsoft Corporation) C:\WINDOWS\system32\invagent.dll
2016-06-15 05:12 - 2016-05-26 15:44 - 00205824 _____ (Microsoft Corporation) C:\WINDOWS\system32\centel.dll
2016-06-15 05:12 - 2016-05-22 15:57 - 00065536 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll

==================== Un mois - Modifiés - fichiers et dossiers ========

(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)

2016-07-14 17:12 - 2016-05-25 18:02 - 00001074 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2016-07-13 19:32 - 2013-08-22 10:17 - 00000000 ____D C:\WINDOWS\system32\NDF
2016-07-13 18:12 - 2016-05-25 18:02 - 00001070 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2016-07-13 17:16 - 2013-08-22 08:21 - 00000000 ____D C:\WINDOWS\inf
2016-07-13 15:49 - 2015-02-26 21:24 - 00813898 _____ C:\WINDOWS\system32\perfh00C.dat
2016-07-13 15:49 - 2015-02-26 21:24 - 00160262 _____ C:\WINDOWS\system32\perfc00C.dat
2016-07-13 15:49 - 2014-03-18 10:01 - 01824010 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2016-07-13 15:47 - 2016-01-20 18:21 - 00000000 ___DO C:\Users\user\OneDrive
2016-07-13 05:27 - 2013-08-22 10:05 - 00000000 ____D C:\WINDOWS\CbsTemp
2016-07-12 22:24 - 2013-08-22 09:23 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2016-07-12 22:24 - 2013-08-22 08:13 - 00786432 ___SH C:\WINDOWS\system32\config\BBI
2016-07-12 21:31 - 2013-08-22 10:17 - 00000000 ____D C:\WINDOWS\LiveKernelReports
2016-07-11 20:03 - 2016-04-26 20:35 - 00000000 ____D C:\Program Files\Common Files\AV
2016-07-11 17:23 - 2014-08-22 03:24 - 00000000 ___SD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acer
2016-07-10 00:48 - 2016-05-05 15:06 - 00000000 ____D C:\Users\user\AppData\Roaming\Spotify
2016-07-08 21:55 - 2013-08-22 08:13 - 00262144 ___SH C:\WINDOWS\system32\config\ELAM
2016-07-08 20:56 - 2013-08-22 10:17 - 00000000 ____D C:\WINDOWS\AppReadiness
2016-07-08 20:51 - 2015-12-28 15:03 - 00000000 ____D C:\Users\user\AppData\Local\Packages
2016-07-08 20:50 - 2013-08-22 10:17 - 00000000 ___HD C:\Program Files\WindowsApps
2016-07-02 06:29 - 2016-05-05 13:48 - 00828408 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerApp.exe
2016-07-02 06:29 - 2016-05-05 13:48 - 00176632 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerCPLApp.cpl
2016-07-01 07:30 - 2014-08-22 03:27 - 00000000 ____D C:\Program Files\McAfee
2016-06-29 20:12 - 2016-04-25 21:33 - 00000000 ____D C:\Users\user\AppData\Local\CrashDumps
2016-06-27 15:42 - 2016-04-25 21:27 - 00000000 ____D C:\Users\user\AppData\Local\clear.fi
2016-06-26 16:01 - 2013-08-22 10:17 - 00000000 ____D C:\WINDOWS\rescache
2016-06-26 14:44 - 2016-05-25 18:06 - 00000000 ____D C:\Users\user\AppData\Local\ElevatedDiagnostics
2016-06-20 20:01 - 2013-08-22 09:22 - 00335520 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2016-06-20 19:57 - 2016-05-13 16:24 - 00000000 ____D C:\WINDOWS\system32\Appraiser
2016-06-20 19:57 - 2013-08-22 10:17 - 00000000 ___RD C:\WINDOWS\ToastData
2016-06-20 00:17 - 2016-05-25 18:03 - 00002163 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-06-20 00:17 - 2016-05-25 18:03 - 00002151 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2016-06-15 05:51 - 2016-05-09 14:23 - 00000000 ____D C:\WINDOWS\system32\MRT
2016-06-15 05:45 - 2016-05-09 14:23 - 139785240 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe

Certains fichiers dans TEMP:
====================
C:\Users\user\AppData\Local\Temp\libeay32.dll
C:\Users\user\AppData\Local\Temp\msvcr120.dll
C:\Users\user\AppData\Local\Temp\sqlite3.dll


==================== Bamital & volsnap =================

(Il n'y a pas de correction automatique pour les fichiers qui ne satisfont pas à la vérification.)

C:\WINDOWS\explorer.exe => Le fichier est signé numériquement
C:\WINDOWS\system32\winlogon.exe => Le fichier est signé numériquement
C:\WINDOWS\system32\wininit.exe => Le fichier est signé numériquement
C:\WINDOWS\system32\svchost.exe => Le fichier est signé numériquement
C:\WINDOWS\system32\services.exe => Le fichier est signé numériquement
C:\WINDOWS\system32\User32.dll => Le fichier est signé numériquement
C:\WINDOWS\system32\userinit.exe => Le fichier est signé numériquement
C:\WINDOWS\system32\rpcss.dll => Le fichier est signé numériquement
C:\WINDOWS\system32\dnsapi.dll => Le fichier est signé numériquement
C:\WINDOWS\system32\Drivers\volsnap.sys => Le fichier est signé numériquement


LastRegBack: 2016-07-05 22:21

==================== Fin de FRST.txt ============================

Publicité


Signaler le contenu de ce document

Publicité