cjoint

Publicité


Publicité

Format du document : text/plain

Prévisualisation

Résultats d'analyse de Farbar Recovery Scan Tool (FRST) (x86) Version: 13-07-2016 02
Exécuté par k (administrateur) sur BAMBA-PC (15-07-2016 09:13:39)
Exécuté depuis E:\Users\k\Desktop
Profils chargés: k (Profils disponibles: k)
Platform: Microsoft Windows 7 Édition Intégrale Service Pack 1 (X86) Langue: Français (France)
Internet Explorer Version 11 (Navigateur par défaut: FF)
Mode d'amorçage: Normal
Tutoriel pour Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processus (Avec liste blanche) =================

(Si un élément est inclus dans le fichier fixlist.txt, le processus sera arrêté. Le fichier ne sera pas déplacé.)

(Broadcom Corporation) E:\Program Files\Broadcom\Broadcom 802.11 Network Adapter\WLTRYSVC.EXE
(Broadcom Corporation) E:\Program Files\Broadcom\Broadcom 802.11 Network Adapter\BCMWLTRY.EXE
(Microsoft Corporation) E:\Windows\System32\wlanext.exe
(AVAST Software) E:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Apple Inc.) E:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) E:\Program Files\Bonjour\mDNSResponder.exe
(Microsoft Corporation) E:\Program Files\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
(Microsoft Corporation) E:\Program Files\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
() E:\Program Files\Connectify\ConnectifyService.exe
(Connectify) E:\Program Files\Connectify\Connectifyd.exe
(New Softwares.net) E:\Windows\System32\WinFLService.exe
() E:\Program Files\InternetEverywhere\InternetEverywhere_Service.exe
(COMPANYVERS_NAME) E:\Program Files\MapsGalaxy_39\bar\2.bin\39barsvc.exe
() E:\ProgramData\MobileBrServ\mbbService.exe
() E:\Program Files\MOOV INTERNET\BackgroundService\ServiceManager.exe
(Microsoft Corporation) E:\Windows\System32\system\svchost.exe
(TeamViewer GmbH) E:\Program Files\TeamViewer\Version8\TeamViewer_Service.exe
(TOSHIBA CORPORATION) E:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe
(Atheros) E:\Program Files\Atheros\Ath_WlanAgent.exe
(Avast Software) E:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe
(Google Inc.) E:\Program Files\Google\Update\1.3.30.3\GoogleCrashHandler.exe
() E:\Program Files\MOOV INTERNET\BackgroundService\ModemListener.exe
(Broadcom Corporation) E:\Program Files\Broadcom\Broadcom 802.11 Network Adapter\WLTRAY.EXE
(Intel Corporation) E:\Windows\System32\hkcmd.exe
(Intel Corporation) E:\Windows\System32\igfxpers.exe
(AVAST Software) E:\Program Files\AVAST Software\Avast\avastui.exe
( TOSHIBA CORPORATION) E:\Program Files\Toshiba\Bluetooth Toshiba Stack\ItSecMng.exe
() E:\Program Files\InternetEverywhere\InternetEverywhere_Launcher.exe
(Hewlett-Packard) E:\Program Files\HP\HP Software Update\hpwuschd2.exe
(BitTorrent Inc.) E:\Users\k\AppData\Roaming\uTorrent\uTorrent.exe
( New Softwares.net) E:\Windows\System32\WinFLTray.exe
(New Softwares.net) E:\Program Files\NewSoftware's\Folder Lock\FLComServCtrl.exe
(Microsoft Corporation) E:\Windows\System32\GWX\GWX.exe
(Connectify) E:\Program Files\Connectify\Connectify.exe
( New Softwares.net) E:\Program Files\NewSoftware's\Folder Lock\FLComServ.exe
(Hewlett-Packard Co.) E:\Program Files\HP\HP Officejet 7500 E910\Bin\ScanToPCActivationApp.exe
(McAfee, Inc.) E:\Program Files\McAfee Security Scan\3.11.309\SSScheduler.exe
(Microsoft Corporation) E:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
(Microsoft Corporation) E:\Windows\System32\rundll32.exe
(Hewlett-Packard Co.) E:\Program Files\HP\HP Officejet 7500 E910\Bin\HPNetworkCommunicatorCom.exe
(Hewlett-Packard Co.) E:\Program Files\HP\HP Officejet 7500 E910\Bin\HPNetworkCommunicator.exe
(Microsoft Corporation) E:\Windows\System32\wbem\unsecapp.exe
(BitTorrent Inc.) E:\Users\k\AppData\Roaming\uTorrent\updates\3.4.7_42330\utorrentie.exe
(BitTorrent Inc.) E:\Users\k\AppData\Roaming\uTorrent\updates\3.4.7_42330\utorrentie.exe
(BitTorrent Inc.) E:\Users\k\AppData\Roaming\uTorrent\updates\3.4.7_42330\utorrentie.exe
(Microsoft Corporation.) E:\Program Files\Microsoft\BingBar\7.1.355.0\SeaPort.EXE
(Adobe Systems Incorporated) E:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe


==================== Registre (Avec liste blanche) ===========================

(Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé. Le fichier ne sera pas déplacé.)

HKLM\...\Run: [Moov_Group Imola ModemListener] => E:\Program Files\MOOV INTERNET\BackgroundService\ModemListener.exe [109120 2012-03-14] ()
HKLM\...\Run: [Broadcom Wireless Manager UI] => E:\Program Files\Broadcom\Broadcom 802.11 Network Adapter\WLTRAY.exe [6477312 2013-03-21] (Broadcom Corporation)
HKLM\...\Run: [MapsGalaxy Search Scope Monitor] => E:\Program Files\MapsGalaxy_39\bar\2.bin\39SrchMn.exe [44784 2013-09-12] (MindSpark)
HKLM\...\Run: [APSDaemon] => E:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-04-21] (Apple Inc.)
HKLM\...\Run: [AvastUI.exe] => E:\Program Files\AVAST Software\Avast\AvastUI.exe [7408312 2016-06-28] (AVAST Software)
HKLM\...\Run: [ITSecMng] => E:\Program Files\TOSHIBA\Bluetooth Toshiba Stack\ItSecMng.exe [75136 2007-09-28] ( TOSHIBA CORPORATION)
HKLM\...\Run: [InternetEverywhere_InternetEverywhere_Launcher.exe] => E:\Program Files\InternetEverywhere\InternetEverywhere_Launcher.exe [928312 2014-04-07] ()
HKLM\...\Run: [HP Software Update] => E:\Program Files\Hp\HP Software Update\HPWuSchd2.exe [96056 2013-05-30] (Hewlett-Packard)
HKLM\...\Run: [] => [X]
HKLM\...\Winlogon: [Userinit] e:\windows\system32\userinit.exe,,e:\program files\microsoft\watermark.exe
HKLM\...\Policies\Explorer\Run: [rescue] => E:\ProgramData\rescue.vbe [1890 2014-03-19] ()
HKLM\...\Policies\Explorer\Run: [Updates] => E:\Windows\svchost .exe [141824 2013-10-12] (Microsoft Corporation)
HKU\S-1-5-21-2928640820-2594297707-84836597-1000\...\Run: [E09FXLRD_16996496] => "E:\Program Files\Microsoft Encarta\Microsoft Encarta 2009 - Collection DVD\EDICT.EXE" -m
HKU\S-1-5-21-2928640820-2594297707-84836597-1000\...\Run: [uTorrent] => E:\Users\k\AppData\Roaming\uTorrent\uTorrent.exe [2133504 2016-05-31] (BitTorrent Inc.)
HKU\S-1-5-21-2928640820-2594297707-84836597-1000\...\Run: [LMDVox] => E:\Program Files\Micro Application\Votre PC prend la parole\LMDVox.exe [456704 2007-12-18] (L'Aventure Multimedia)
HKU\S-1-5-21-2928640820-2594297707-84836597-1000\...\Run: [IDMan] => E:\Users\k\AppData\Local\Temp\Rar$EXa0.115\IDM+Crak\Internet Download Manager v.5.14.3\IDMan.exe /onboot <===== ATTENTION
HKU\S-1-5-21-2928640820-2594297707-84836597-1000\...\Run: [WinFLTray] => E:\Windows\system32\WinFLTray.exe [321736 2014-03-01] ( New Softwares.net)
HKU\S-1-5-21-2928640820-2594297707-84836597-1000\...\Run: [FLBackup] => E:\Program Files\NewSoftware's\Folder Lock\FLComServCtrl.exe [275656 2014-03-01] (New Softwares.net)
HKU\S-1-5-21-2928640820-2594297707-84836597-1000\...\Run: [Connectify] => E:\Program Files\Connectify\Connectify.exe [4013928 2012-11-09] (Connectify)
HKU\S-1-5-21-2928640820-2594297707-84836597-1000\...\Run: [Facebook Update] => E:\Users\k\AppData\Local\Facebook\Update\FacebookUpdate.exe [138096 2015-04-01] (Facebook Inc.)
HKU\S-1-5-21-2928640820-2594297707-84836597-1000\...\Run: [HP Officejet 7500 E910 (NET)] => E:\Program Files\HP\HP Officejet 7500 E910\Bin\ScanToPCActivationApp.exe [1837672 2012-10-17] (Hewlett-Packard Co.)
HKU\S-1-5-21-2928640820-2594297707-84836597-1000\...\MountPoints2: G - G:\.\Setup.exe AUTORUN=1
HKU\S-1-5-21-2928640820-2594297707-84836597-1000\...\MountPoints2: {209a67e7-a6ce-11e2-9319-206a8a86e1ee} - G:\VDFPcAssistant.exe
HKU\S-1-5-21-2928640820-2594297707-84836597-1000\...\MountPoints2: {2d4afa37-8055-11e2-89ab-d91157e19f05} - G:\VDFPcAssistant.exe
HKU\S-1-5-21-2928640820-2594297707-84836597-1000\...\MountPoints2: {2f3ad0a0-77ac-11e2-bb1d-9bd5daf7eccf} - G:\autorun.exe
HKU\S-1-5-21-2928640820-2594297707-84836597-1000\...\MountPoints2: {3eae2347-bda8-11e3-8b62-446d57ee2112} - J:\LGAutoRun.exe
HKU\S-1-5-21-2928640820-2594297707-84836597-1000\...\MountPoints2: {6020f9ff-50b6-11e4-b61a-206a8a86e1ee} - G:\AutoRun.exe {D2D77DC2-8299-11D1-8949-444553540000} 5.2066.1.A11B02 PID_0083
HKU\S-1-5-21-2928640820-2594297707-84836597-1000\...\MountPoints2: {84824010-5faf-11e4-929f-206a8a86e1ee} - G:\AutoRun.exe
HKU\S-1-5-21-2928640820-2594297707-84836597-1000\...\MountPoints2: {98efeda1-998c-11e5-8571-206a8a86e1ee} - I:\.\Setup.exe AUTORUN=1
HKU\S-1-5-21-2928640820-2594297707-84836597-1000\...\MountPoints2: {a46b1ed3-9710-11e3-9161-446d57ee2112} - G:\.\Setup.exe AUTORUN=1
HKU\S-1-5-21-2928640820-2594297707-84836597-1000\...\MountPoints2: {e6cbe463-77a4-11e2-bcbd-950da12a6e02} - G:\Setup.exe
HKU\S-1-5-21-2928640820-2594297707-84836597-1000\...\MountPoints2: {edb1a49c-7d1a-11e2-891a-c2bf0dce7a05} - G:\VDFPcAssistant.exe
HKU\S-1-5-21-2928640820-2594297707-84836597-1000\...\MountPoints2: {f07c977a-a5ef-11e2-a17e-206a8a86e1ee} - G:\.\Setup.exe AUTORUN=1
HKU\S-1-5-21-2928640820-2594297707-84836597-1000\...\MountPoints2: {f07c9792-a5ef-11e2-a17e-206a8a86e1ee} - G:\.\Setup.exe AUTORUN=1
HKU\S-1-5-21-2928640820-2594297707-84836597-1000\...\MountPoints2: {f9bb0ea6-5751-11e3-b50f-446d57ee2112} - G:\.\Setup.exe AUTORUN=1
HKU\S-1-5-18\...\RunOnce: [SPReview] => E:\Windows\System32\SPReview\SPReview.exe [280576 2013-07-16] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => E:\Program Files\AVAST Software\Avast\ashShell.dll [2016-06-09] (AVAST Software)
ShellIconOverlayIdentifiers: [AutoCAD Digital Signatures Icon Overlay Handler] -> {36A21736-36C2-4C11-8ACB-D4136F2B57BD} => E:\Windows\system32\AcSignIcon.dll [2007-02-12] (Autodesk, Inc.)
ShellIconOverlayIdentifiers: [IDM Shell Extension] -> {CDC95B92-E27C-4745-A8C5-64A52A78855D} => E:\Users\k\AppData\Local\Temp\Rar$EXa0.115\IDM+Crak\Internet Download Manager v.5.14.3\IDMShellExt.dll [2012-11-15] (Tonec Inc.)
Startup: E:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Launcher.lnk [2013-04-15]
ShortcutTarget: Launcher.lnk -> E:\Program Files\InternetEverywhere\InternetEverywhere_Launcher.exe ()
Startup: E:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk [2016-05-30]
ShortcutTarget: McAfee Security Scan Plus.lnk -> E:\Program Files\McAfee Security Scan\3.11.309\SSScheduler.exe (McAfee, Inc.)
Startup: E:\Users\k\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Alertes de surveillance de l'encre - HP Officejet 7500 E910 (réseau).lnk [2016-07-15]
ShortcutTarget: Alertes de surveillance de l'encre - HP Officejet 7500 E910 (réseau).lnk -> E:\Program Files\HP\HP Officejet 7500 E910\Bin\HPStatusBL.dll (Hewlett-Packard Co.)

==================== Internet (Avec liste blanche) ====================

(Si un élément est inclus dans le fichier fixlist.txt, s'il s'agit d'un élément du Registre, il sera supprimé ou restauré à la valeur par défaut.)

Winsock: Catalog5 08 E:\Program Files\Bonjour\mdnsNSP.dll [121704 2011-08-30] (Apple Inc.)
Hosts: 0.0.0.1 mssplus.mcafee.com
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1 192.168.1.1
Tcpip\..\Interfaces\{08F6DE73-331D-4388-B3D6-235062B88E59}: [NameServer] 213.136.96.8 213.136.96.7
Tcpip\..\Interfaces\{21F53C94-459D-4A14-AE06-5482EF2419C5}: [DhcpNameServer] 213.136.96.8 213.136.96.7
Tcpip\..\Interfaces\{44470A33-E261-47B7-9839-E1452CE2B292}: [DhcpNameServer] 192.168.8.1 192.168.8.1
Tcpip\..\Interfaces\{4D72268E-7C03-4510-8592-C2231B666BDA}: [DhcpNameServer] 192.168.8.1 192.168.8.1
Tcpip\..\Interfaces\{51802A05-BD82-4DC9-81B9-E0F13B4850EF}: [NameServer] 213.136.96.8 213.136.96.7
Tcpip\..\Interfaces\{61511442-80B2-470B-A444-DDA2AB03714B}: [DhcpNameServer] 192.168.42.129
Tcpip\..\Interfaces\{643589F7-5A5B-4E8C-946C-548E106E1E18}: [NameServer] 213.136.96.8 213.136.96.7
Tcpip\..\Interfaces\{79CD89F4-8AA1-4DE2-B2AB-73CBB62163C7}: [DhcpNameServer] 213.136.96.8 213.136.96.7
Tcpip\..\Interfaces\{7A3412E4-6519-400C-9937-3178E2AE814A}: [DhcpNameServer] 192.168.42.129
Tcpip\..\Interfaces\{7FCCEA73-9A43-46A4-995B-5BE7041AD2AA}: [DhcpNameServer] 192.168.1.1 192.168.1.1
Tcpip\..\Interfaces\{E7CC1B72-80DD-408F-84E2-85211B49E102}: [DhcpNameServer] 192.168.8.1 192.168.8.1
Tcpip\..\Interfaces\{FD4BFCAB-4728-45B7-AFEA-9644D9603397}: [DhcpNameServer] 192.168.42.129

Internet Explorer:
==================
HKU\S-1-5-21-2928640820-2594297707-84836597-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.msn.com/en-za/?pc=UP97&ocid=UP97DHP
URLSearchHook: HKU\S-1-5-21-2928640820-2594297707-84836597-1000 - (Pas de nom) - {26842a09-ffa8-4e2c-ae12-0c80f01c3295} - E:\Program Files\MapsGalaxy_39\bar\2.bin\39SrcAs.dll (MindSpark)
BHO: IDM integration (IDMIEHlprObj Class) -> {0055C089-8582-441B-A0BF-17B458C2A3A8} -> E:\Users\k\AppData\Local\Temp\Rar$EXa0.115\IDM+Crak\Internet Download Manager v.5.14.3\IDMIECC.dll => Pas de fichier
BHO: Toolbar BHO -> {1e91a655-bb4b-4693-a05e-2edebc4c9d89} -> E:\Program Files\MapsGalaxy_39\bar\2.bin\39bar.dll [2013-09-12] (MindSpark)
BHO: Search Assistant BHO -> {71c1d63a-c944-428a-a5bd-ba513190e5d2} -> E:\Program Files\MapsGalaxy_39\bar\2.bin\39SrcAs.dll [2013-09-12] (MindSpark)
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> E:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2016-06-09] (AVAST Software)
BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> E:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2016-05-25] (Microsoft Corporation)
BHO: Bing Bar Helper -> {d2ce3e00-f94a-4740-988e-03dc2f38c34f} -> E:\Program Files\Microsoft\BingBar\7.1.355.0\BingExt.dll [2012-01-25] (Microsoft Corporation.)
Toolbar: HKLM - MapsGalaxy - {364ea597-e728-4ce4-bb4a-ed846ef47970} - E:\Program Files\MapsGalaxy_39\bar\2.bin\39bar.dll [2013-09-12] (MindSpark)
Toolbar: HKLM - Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - E:\Program Files\Microsoft\BingBar\7.1.355.0\BingExt.dll [2012-01-25] (Microsoft Corporation.)
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - E:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2016-05-25] (Microsoft Corporation)

FireFox:
========
FF ProfilePath: E:\Users\k\AppData\Roaming\Mozilla\Firefox\Profiles\4j2l6myy.default
FF SearchEngineOrder.3: Bing
FF SelectedSearchEngine: Bing
FF Homepage: hxxp://www.msn.com/en-za/?pc=UP97&ocid=UP97DHP
hxxp://home.tb.ask.com/index.jhtml?ptb=45B42F2B-335B-4D63-88E0-B3C0F5414192&n=780b87f4&p2=^UX^fox000^YYA^
FF Keyword.URL: hxxp://search.tb.ask.com/search/GGmain.jhtml?st=kwd&ptb=45B42F2B-335B-4D63-88E0-B3C0F5414192&n=780b87f4&ind=2014021620&p2=^UX^fox000^YYA^&searchfor=
FF Plugin: @adobe.com/FlashPlayer -> E:\Windows\system32\Macromed\Flash\NPSWF32_22_0_0_192.dll [2016-06-17] ()
FF Plugin: @adobe.com/ShockwavePlayer -> E:\Windows\system32\Adobe\Director\np32dsw.dll [2011-06-10] (Adobe Systems, Inc.)
FF Plugin: @Google.com/GoogleEarthPlugin -> E:\Program Files\Google\Google Earth\plugin\npgeplugin.dll [2011-10-17] (Google)
FF Plugin: @ma-config.com/HardwareDetection -> E:\Program Files\ma-config.com\nphardwaredetection.dll [2011-11-25] (Cybelsoft)
FF Plugin: @MapsGalaxy_39.com/Plugin -> E:\Program Files\MapsGalaxy_39\bar\2.bin\NP39Stub.dll [2013-09-12] (MindSpark)
FF Plugin: @microsoft.com/GENUINE -> disabled [Pas de fichier]
FF Plugin: @tools.google.com/Google Update;version=3 -> E:\Program Files\Google\Update\1.3.30.3\npGoogleUpdate3.dll [2016-05-11] (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> E:\Program Files\Google\Update\1.3.30.3\npGoogleUpdate3.dll [2016-05-11] (Google Inc.)
FF Plugin: @videolan.org/vlc,version=1.1.11 -> E:\Program Files\VideoLAN\VLC\npvlc.dll [2014-07-22] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.3 -> E:\Program Files\VideoLAN\VLC\npvlc.dll [2014-07-22] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.5 -> E:\Program Files\VideoLAN\VLC\npvlc.dll [2014-07-22] (VideoLAN)
FF Plugin: Adobe Reader -> E:\Program Files\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2016-05-27] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-2928640820-2594297707-84836597-1000: @Skype Limited.com/Facebook Video Calling Plugin -> E:\Users\k\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll [2014-07-24] (Skype Limited)
FF SearchPlugin: E:\Users\k\AppData\Roaming\Mozilla\Firefox\Profiles\4j2l6myy.default\searchplugins\ask-web-search.xml [2013-09-12]
FF SearchPlugin: E:\Users\k\AppData\Roaming\Mozilla\Firefox\Profiles\4j2l6myy.default\searchplugins\bingp.xml [2014-11-01]
FF Extension: MapsGalaxy - E:\Users\k\AppData\Roaming\Mozilla\Firefox\Profiles\4j2l6myy.default\Extensions\_39Members_@www.mapsgalaxy.com [2016-02-08]
FF Extension: Video DownloadHelper - E:\Users\k\AppData\Roaming\Mozilla\Firefox\Profiles\4j2l6myy.default\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}.xpi [2016-06-02]
FF Extension: Skype - E:\Program Files\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}.xpi [2016-05-25]
FF HKLM\...\Firefox\Extensions: [wrc@avast.com] - E:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: Avast Online Security - E:\Program Files\AVAST Software\Avast\WebRep\FF [2016-06-09]
FF HKLM\...\Firefox\Extensions: [39ffxtbr@MapsGalaxy_39.com] - E:\Program Files\MapsGalaxy_39\bar\2.bin
FF Extension: Pas de nom - E:\Program Files\MapsGalaxy_39\bar\2.bin [2013-09-12] [non signé]
FF HKLM\...\Firefox\Extensions: [sp@avast.com] - E:\Program Files\AVAST Software\Avast\SafePrice\FF
FF Extension: Avast SafePrice - E:\Program Files\AVAST Software\Avast\SafePrice\FF [2016-06-09]
FF HKU\S-1-5-21-2928640820-2594297707-84836597-1000\...\Firefox\Extensions: [mozilla_cc@internetdownloadmanager.com] - E:\Users\k\AppData\Roaming\IDM\idmmzcc5
FF Extension: IDM CC - E:\Users\k\AppData\Roaming\IDM\idmmzcc5 [2014-02-27] [non signé]
FF HKU\S-1-5-21-2928640820-2594297707-84836597-1000\...\SeaMonkey\Extensions: [mozilla_cc@internetdownloadmanager.com] - E:\Users\k\AppData\Roaming\IDM\idmmzcc5

Chrome:
=======
CHR HomePage: Default -> msn.com/?pc=__PARAM__&ocid=__PARAM__DHP&osmkt=fr-fr
CHR StartupUrls: Default -> "hxxp://www.google.com/"
CHR DefaultSearchURL: Default -> hxxp://www.bing.com/search?FORM=__PARAM__DF&PC=__PARAM__&q={searchTerms}
CHR DefaultSearchKeyword: Default -> bing.com
CHR Profile: E:\Users\k\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Docs) - E:\Users\k\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-02-06]
CHR Extension: (Google Drive) - E:\Users\k\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-11-14]
CHR Extension: (FilmFanatic) - E:\Users\k\AppData\Local\Google\Chrome\User Data\Default\Extensions\blgkblimeaijgefaoiedchmmemmikpdg [2015-02-19]
CHR Extension: (YouTube) - E:\Users\k\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-09-28]
CHR Extension: (Recherche Google) - E:\Users\k\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-11-14]
CHR Extension: (Bing) - E:\Users\k\AppData\Local\Google\Chrome\User Data\Default\Extensions\fcfenmboojpjinhpgggodefccipikbpd [2015-07-02]
CHR Extension: (Google Docs hors connexion) - E:\Users\k\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-03-16]
CHR Extension: (Avast Online Security) - E:\Users\k\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2016-06-03]
CHR Extension: (Skype) - E:\Users\k\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2016-05-23]
CHR Extension: (HowToSimplified) - E:\Users\k\AppData\Local\Google\Chrome\User Data\Default\Extensions\mmgkbcihahpocjmclehpjejmgjmijcib [2016-06-20]
CHR Extension: (PConverter) - E:\Users\k\AppData\Local\Google\Chrome\User Data\Default\Extensions\mpkhmmacbjndakceaikggpnnnddijeen [2016-06-23]
CHR Extension: (Paiements via le Chrome Web Store) - E:\Users\k\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-04-05]
CHR Extension: (Gmail) - E:\Users\k\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-04-01]
CHR Extension: (ProductivityBoss) - E:\Users\k\AppData\Local\Google\Chrome\User Data\Default\Extensions\poickeeehimalfeceghopkmbjdbpbpie [2016-04-05]
CHR HKLM\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - E:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2016-06-09]
CHR HKLM\...\Chrome\Extension: [jeaohhlajejodfjadcponpnjgkiikocn] - E:\Users\k\AppData\Local\Temp\Rar$EXa0.115\IDM+Crak\Internet Download Manager v.5.14.3\IDMGCExt.crx
CHR HKLM\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - E:\Program Files\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx [2016-05-25]
CHR HKU\S-1-5-21-2928640820-2594297707-84836597-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [fcfenmboojpjinhpgggodefccipikbpd] - hxxps://clients2.google.com/service/update2/crx

==================== Services (Avec liste blanche) ========================

(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)

R2 avast! Antivirus; E:\Program Files\AVAST Software\Avast\AvastSvc.exe [243296 2016-06-09] (AVAST Software)
R3 AvastVBoxSvc; E:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe [4422704 2016-06-09] (Avast Software)
R2 c2cautoupdatesvc; E:\Program Files\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1364096 2016-05-25] (Microsoft Corporation)
R2 c2cpnrsvc; E:\Program Files\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1687680 2016-05-25] (Microsoft Corporation)
R2 Connectify; E:\Program Files\Connectify\ConnectifyService.exe [65536 2012-11-09] () [Fichier non signé]
S3 cphs; E:\Windows\system32\IntelCpHeciSvc.exe [277616 2012-12-14] (Intel Corporation)
S3 FlexNet Licensing Service; E:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [1045840 2013-04-09] (Flexera Software LLC.)
R2 InternetEverywhere_Service; E:\Program Files\InternetEverywhere\InternetEverywhere_Service.exe [346680 2014-04-07] ()
S3 maconfservice; E:\Program Files\ma-config.com\maconfservice.exe [311928 2011-11-25] (CybelSoft)
R2 MapsGalaxy_39Service; E:\Program Files\MapsGalaxy_39\bar\2.bin\39barsvc.exe [42504 2013-09-12] (COMPANYVERS_NAME)
S3 McComponentHostService; E:\Program Files\McAfee Security Scan\3.11.309\McCHSvc.exe [239880 2016-03-11] (McAfee, Inc.)
R2 Mobile Broadband HL Service; E:\ProgramData\MobileBrServ\mbbservice.exe [239184 2014-02-15] ()
R2 Moov_Group Imola Modem Device Helper; E:\Program Files\MOOV INTERNET\BackgroundService\ServiceManager.exe [53312 2012-03-14] ()
R2 system; E:\Windows\System32\system\svchost.exe [86880 2014-01-29] (Microsoft Corporation) [Fichier non signé]
R2 WinDefend; E:\Program Files\Windows Defender\mpsvc.dll [680960 2013-05-27] (Microsoft Corporation)
R2 wltrysvc; E:\Program Files\Broadcom\Broadcom 802.11 Network Adapter\bcmwltry.exe [5189632 2013-03-21] (Broadcom Corporation) [Fichier non signé]
R2 ZAtheros Wlan Agent; E:\Program Files\Atheros\Ath_WlanAgent.exe [76960 2012-02-27] (Atheros) [Fichier non signé]

===================== Pilotes (Avec liste blanche) ==========================

(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)

R2 aswHwid; E:\Windows\system32\drivers\aswHwid.sys [32792 2016-06-09] (AVAST Software)
R1 aswKbd; E:\Windows\system32\drivers\aswKbd.sys [35096 2016-06-09] (AVAST Software)
R2 aswMonFlt; E:\Windows\system32\drivers\aswMonFlt.sys [91168 2016-06-09] (AVAST Software)
R1 aswRdr; E:\Windows\system32\drivers\aswRdr2.sys [91232 2016-06-09] (AVAST Software)
R0 aswRvrt; E:\Windows\system32\Drivers\aswRvrt.sys [58776 2016-06-09] (AVAST Software)
R1 aswSnx; E:\Windows\system32\drivers\aswSnx.sys [815792 2016-06-09] (AVAST Software)
R1 aswSP; E:\Windows\system32\drivers\aswSP.sys [449640 2016-06-09] (AVAST Software)
R2 aswStm; E:\Windows\system32\drivers\aswStm.sys [124808 2016-06-09] (AVAST Software)
R0 aswVmm; E:\Windows\system32\Drivers\aswVmm.sys [221368 2016-06-09] (AVAST Software)
R3 athr; E:\Windows\System32\DRIVERS\athr.sys [2846720 2012-02-23] (Qualcomm Atheros Communications, Inc.)
S3 bcm; E:\Windows\System32\DRIVERS\drxvi314.sys [318976 2010-01-30] (Beceem communications pvt ltd.)
R3 BCM42RLY; E:\Windows\System32\drivers\BCM42RLY.sys [18496 2013-03-21] (Broadcom Corporation)
S3 bcmbusctr; E:\Windows\System32\DRIVERS\BcmBusCtr.sys [51456 2010-01-30] (Beceem communications pvt ltd.)
R1 cnnctfy2; E:\Windows\System32\DRIVERS\cnnctfy2.sys [27248 2014-03-01] (Connectify)
S3 driverhardwarev2; E:\Program Files\ma-config.com\Drivers\driverhardwarev2.sys [16640 2011-07-21] (CybelSoft)
S3 grmnusb; E:\Windows\System32\drivers\grmnusb.sys [15720 2012-04-18] (GARMIN Corp.)
S3 hwusb_cdcacm; E:\Windows\System32\DRIVERS\ew_cdcacm.sys [108032 2013-10-23] (Huawei Technologies Co., Ltd.)
S3 hwusb_wwanecm; E:\Windows\System32\DRIVERS\ew_wwanecm.sys [316544 2013-11-01] (Huawei Technologies Co., Ltd.)
S3 jrdusbser; E:\Windows\System32\DRIVERS\jrdusbser.sys [106112 2011-06-20] (TCT International Mobile Ltd)
R3 MEI; E:\Windows\System32\DRIVERS\HECI.sys [55104 2012-07-17] (Intel Corporation)
R2 NEWDRIVER; E:\Windows\system32\WinVDEdrv6.sys [188176 2014-03-01] ()
R0 ngvss; E:\Windows\system32\Drivers\ngvss.sys [136432 2016-06-09] (AVAST Software)
S3 orange_zte_cdc_acm; E:\Windows\System32\DRIVERS\orange_zte_cdc_acm.sys [66432 2012-03-30] (ZTE)
S3 orange_zte_cdc_ecm; E:\Windows\System32\DRIVERS\orange_zte_cdc_ecm.sys [32768 2012-03-30] (ZTE)
S3 orange_zte_ecm_enum; E:\Windows\System32\DRIVERS\orange_zte_ecm_enum.sys [44800 2012-03-30] (ZTE)
S3 orange_zte_ecm_enum_filter; E:\Windows\System32\DRIVERS\orange_zte_ecm_enum_filter.sys [44800 2012-03-30] (ZTE)
S3 orange_zte_wcpo; E:\Windows\System32\DRIVERS\orange_zte_wcpo.sys [9600 2012-03-30] (ZTE)
R3 SNTNLUSB; E:\Windows\System32\DRIVERS\SNTNLUSB.SYS [33504 2006-05-07] (SafeNet, Inc.)
U3 TrueSight; E:\Windows\System32\drivers\TrueSight.sys [24688 2016-07-14] ()
R2 VBoxAswDrv; E:\Program Files\AVAST Software\Avast\ng\vbox\VBoxAswDrv.sys [262984 2016-06-09] (Avast Software)
R3 vusbbus; E:\Windows\System32\DRIVERS\vusbbus.sys [171520 2008-04-06] (Chingachguk & Denger2k) [Fichier non signé]
R1 WinFLAdrv; E:\Windows\System32\WinFLAdrv.sys [29184 2014-03-01] ()
S3 flpydisk; \SystemRoot\system32\DRIVERS\flpydisk.sys [X]
S3 Synth3dVsc; System32\drivers\synth3dvsc.sys [X]
S3 Tosrfcom; pas de ImagePath
S3 tsusbhub; system32\drivers\tsusbhub.sys [X]
S3 VGPU; System32\drivers\rdvgkmd.sys [X]

==================== NetSvcs (Avec liste blanche) ===================

(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)


==================== Un mois - Créés - fichiers et dossiers ========

(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)

2016-07-15 09:13 - 2016-07-15 09:15 - 00027463 _____ E:\Users\k\Desktop\FRST.txt
2016-07-15 09:09 - 2016-07-15 09:01 - 01741312 _____ (Farbar) E:\Users\k\Desktop\FRST.exe
2016-07-15 09:03 - 2016-07-15 09:13 - 00000000 ____D E:\FRST
2016-07-15 09:00 - 2016-07-15 09:01 - 01741312 _____ (Farbar) E:\Users\k\Downloads\FRST.exe
2016-07-15 08:55 - 2016-07-15 08:57 - 01406135 _____ E:\Users\k\Downloads\Non confirmé 725147.crdownload
2016-07-14 11:28 - 2016-07-14 11:28 - 00069032 _____ E:\Users\k\Desktop\rapport_roguekiller.txt
2016-07-14 11:16 - 2016-07-14 11:18 - 03712064 _____ E:\Users\k\Downloads\adwcleaner_5.201(1).exe
2016-07-14 10:24 - 2016-06-14 14:57 - 02398208 _____ (Microsoft Corporation) E:\Windows\system32\win32k.sys
2016-07-14 08:31 - 2016-06-25 20:01 - 00037096 _____ (Microsoft Corporation) E:\Windows\system32\CompatTelRunner.exe
2016-07-14 08:31 - 2016-06-25 19:53 - 01004544 _____ (Microsoft Corporation) E:\Windows\system32\aeinv.dll
2016-07-14 08:31 - 2016-06-22 13:06 - 00208896 _____ (Microsoft Corporation) E:\Windows\system32\centel.dll
2016-07-14 08:31 - 2016-06-17 18:23 - 01288192 _____ (Microsoft Corporation) E:\Windows\system32\appraiser.dll
2016-07-14 08:31 - 2016-06-17 18:23 - 00468992 _____ (Microsoft Corporation) E:\Windows\system32\generaltel.dll
2016-07-14 08:31 - 2016-06-17 18:23 - 00461312 _____ (Microsoft Corporation) E:\Windows\system32\devinv.dll
2016-07-14 08:31 - 2016-06-17 18:23 - 00251392 _____ (Microsoft Corporation) E:\Windows\system32\invagent.dll
2016-07-14 08:31 - 2016-06-17 18:23 - 00179712 _____ (Microsoft Corporation) E:\Windows\system32\aepic.dll
2016-07-14 08:31 - 2016-06-17 18:23 - 00065536 _____ (Microsoft Corporation) E:\Windows\system32\acmigration.dll
2016-07-13 16:07 - 2016-07-13 16:14 - 03712064 _____ E:\Users\k\Downloads\adwcleaner_5.201.exe
2016-07-13 15:47 - 2016-07-14 11:32 - 14466289 _____ (Malwarebytes ) E:\Users\k\Downloads\mbam-setup-2.2.1.1043.exe.part
2016-07-13 15:06 - 2016-06-25 19:54 - 00497152 _____ (Microsoft Corporation) E:\Windows\system32\win32spl.dll
2016-07-13 15:06 - 2016-06-25 19:53 - 00779776 _____ (Microsoft Corporation) E:\Windows\system32\localspl.dll
2016-07-13 15:06 - 2016-06-25 19:53 - 00297472 _____ (Microsoft Corporation) E:\Windows\system32\ntprint.dll
2016-07-13 15:06 - 2016-06-25 19:53 - 00126464 _____ (Microsoft Corporation) E:\Windows\system32\inetpp.dll
2016-07-13 15:06 - 2016-06-25 19:42 - 00039424 _____ (Microsoft Corporation) E:\Windows\system32\wpnpinst.exe
2016-07-13 15:06 - 2016-06-25 19:41 - 00061952 _____ (Microsoft Corporation) E:\Windows\system32\ntprint.exe
2016-07-13 15:06 - 2016-06-25 19:41 - 00018944 _____ (Microsoft Corporation) E:\Windows\system32\inetppui.dll
2016-07-13 10:04 - 2016-07-14 08:42 - 00024688 _____ E:\Windows\system32\Drivers\TrueSight.sys
2016-07-13 09:57 - 2016-07-14 11:27 - 00000000 ____D E:\Program Files\RogueKiller
2016-07-13 09:57 - 2016-07-13 09:57 - 00000973 _____ E:\Users\Public\Desktop\RogueKiller.lnk
2016-07-13 09:57 - 2016-07-13 09:57 - 00000000 ____D E:\ProgramData\RogueKiller
2016-07-13 09:57 - 2016-07-13 09:57 - 00000000 ____D E:\ProgramData\Microsoft\Windows\Start Menu\Programs\RogueKiller
2016-07-13 09:41 - 2016-07-13 09:56 - 31211544 _____ (Adlice Software ) E:\Users\k\Downloads\setup.exe
2016-07-07 15:19 - 2016-07-07 15:19 - 00002431 _____ E:\Users\k\Downloads\V1DE0-6461.html
2016-07-07 13:44 - 2016-07-07 13:45 - 00400480 _____ E:\Windows\Minidump\070716-69248-01.dmp
2016-07-07 12:09 - 2016-07-07 12:09 - 00000000 ____D E:\Users\k\Desktop\Dossier koun-Fao (Scoops-Coomici)
2016-07-04 14:34 - 2016-07-04 14:35 - 00400480 _____ E:\Windows\Minidump\070416-67486-01.dmp
2016-07-01 15:36 - 2016-07-01 15:37 - 00440429 _____ E:\Users\k\Downloads\Courrier d'information.pdf
2016-07-01 08:45 - 2016-07-01 16:24 - 177716715 _____ E:\Users\k\Downloads\Yopougon dans le quartier - episode 3.mp4 (2).crdownload
2016-06-30 16:54 - 2016-06-30 17:26 - 20502309 _____ E:\Users\k\Downloads\Yopougon dans le quartier - episode 3.mp4.crdownload
2016-06-30 16:51 - 2016-06-30 17:08 - 11318875 _____ E:\Users\k\Downloads\Films 2016 Action, Adventure, Sci Fi Thrill , Crime Watch Now.mp4.crdownload
2016-06-30 15:14 - 2016-06-30 16:05 - 08096709 _____ E:\Users\k\Downloads\Yopougon dans le quartier - episode 2.mp4.crdownload
2016-06-30 09:14 - 2016-06-30 11:53 - 83849256 _____ E:\Users\k\Downloads\videoplayback (3).mp4.crdownload
2016-06-29 12:28 - 2016-06-29 16:20 - 35716848 _____ E:\Users\k\Downloads\videoplayback (2).mp4
2016-06-29 08:12 - 2016-06-29 14:51 - 146929689 _____ E:\Users\k\Downloads\videoplayback (2).mp4 (2).crdownload
2016-06-29 08:08 - 2016-06-29 09:12 - 35783589 _____ E:\Users\k\Downloads\Yopougon dans le quartier - Episode 1.mp4
2016-06-29 08:07 - 2016-06-29 11:52 - 298020963 _____ E:\Users\k\Downloads\Meilleurs films d'action complet en francais 2016 HD - Film nouveauté d'action 20156 HD.mp4
2016-06-27 09:44 - 2016-06-27 12:02 - 72971676 _____ E:\Users\k\Downloads\videoplayback (1).mp4
2016-06-24 16:25 - 2016-06-24 16:26 - 00409000 _____ E:\Windows\Minidump\062416-57751-01.dmp
2016-06-23 15:43 - 2016-06-23 15:48 - 27952719 _____ E:\Users\k\Downloads\videoplayback.mp4
2016-06-23 15:09 - 2016-06-23 15:09 - 00000000 ____H E:\Windows\system32\Drivers\Msft_Kernel_WinUsb_01009.Wdf
2016-06-21 11:04 - 2016-04-20 16:55 - 225316562 _____ E:\Users\k\Desktop\Amelioré ma vie de prière - Mohammed Sanogo.mp4
2016-06-21 09:20 - 2016-06-21 09:20 - 00000000 ____D E:\Users\k\Tracing
2016-06-17 13:09 - 2016-06-17 13:09 - 09717952 _____ (Adobe Systems Incorporated) E:\Windows\system32\FlashPlayerInstaller.exe
2016-06-17 08:49 - 2016-06-17 08:58 - 10508868 _____ E:\Users\k\Downloads\Gadji Celi - Femme de feu.mp4
2016-06-15 15:12 - 2016-06-15 15:12 - 00002685 _____ E:\Users\Public\Desktop\Skype.lnk
2016-06-15 15:12 - 2016-06-15 15:12 - 00000000 ____D E:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2016-06-15 15:12 - 2016-06-15 15:12 - 00000000 ____D E:\Program Files\Common Files\Skype
2016-06-15 11:46 - 2016-05-23 22:54 - 00346312 _____ (Microsoft Corporation) E:\Windows\system32\iedkcs32.dll
2016-06-15 11:46 - 2016-05-21 16:57 - 20341248 _____ (Microsoft Corporation) E:\Windows\system32\mshtml.dll
2016-06-15 11:46 - 2016-05-20 22:14 - 02724864 _____ (Microsoft Corporation) E:\Windows\system32\mshtml.tlb
2016-06-15 11:46 - 2016-05-20 22:14 - 00004096 _____ (Microsoft Corporation) E:\Windows\system32\ieetwcollectorres.dll
2016-06-15 11:46 - 2016-05-20 21:57 - 00497664 _____ (Microsoft Corporation) E:\Windows\system32\vbscript.dll
2016-06-15 11:46 - 2016-05-20 21:57 - 00062464 _____ (Microsoft Corporation) E:\Windows\system32\iesetup.dll
2016-06-15 11:46 - 2016-05-20 21:57 - 00047616 _____ (Microsoft Corporation) E:\Windows\system32\ieetwproxystub.dll
2016-06-15 11:46 - 2016-05-20 21:56 - 00341504 _____ (Microsoft Corporation) E:\Windows\system32\html.iec
2016-06-15 11:46 - 2016-05-20 21:55 - 00064000 _____ (Microsoft Corporation) E:\Windows\system32\MshtmlDac.dll
2016-06-15 11:46 - 2016-05-20 21:50 - 02287104 _____ (Microsoft Corporation) E:\Windows\system32\iertutil.dll
2016-06-15 11:46 - 2016-05-20 21:49 - 00047104 _____ (Microsoft Corporation) E:\Windows\system32\jsproxy.dll
2016-06-15 11:46 - 2016-05-20 21:48 - 00030720 _____ (Microsoft Corporation) E:\Windows\system32\iernonce.dll
2016-06-15 11:46 - 2016-05-20 21:45 - 00476160 _____ (Microsoft Corporation) E:\Windows\system32\ieui.dll
2016-06-15 11:46 - 2016-05-20 21:44 - 00663552 _____ (Microsoft Corporation) E:\Windows\system32\jscript.dll
2016-06-15 11:46 - 2016-05-20 21:44 - 00115712 _____ (Microsoft Corporation) E:\Windows\system32\ieUnatt.exe
2016-06-15 11:46 - 2016-05-20 21:44 - 00102912 _____ (Microsoft Corporation) E:\Windows\system32\ieetwcollector.exe
2016-06-15 11:46 - 2016-05-20 21:43 - 00620032 _____ (Microsoft Corporation) E:\Windows\system32\jscript9diag.dll
2016-06-15 11:46 - 2016-05-20 21:36 - 00667648 _____ (Microsoft Corporation) E:\Windows\system32\MsSpellCheckingFacility.exe
2016-06-15 11:46 - 2016-05-20 21:33 - 00416256 _____ (Microsoft Corporation) E:\Windows\system32\dxtmsft.dll
2016-06-15 11:46 - 2016-05-20 21:29 - 13815808 _____ (Microsoft Corporation) E:\Windows\system32\ieframe.dll
2016-06-15 11:46 - 2016-05-20 21:27 - 00060416 _____ (Microsoft Corporation) E:\Windows\system32\JavaScriptCollectionAgent.dll
2016-06-15 11:46 - 2016-05-20 21:26 - 00091136 _____ (Microsoft Corporation) E:\Windows\system32\inseng.dll
2016-06-15 11:46 - 2016-05-20 21:23 - 00168960 _____ (Microsoft Corporation) E:\Windows\system32\msrating.dll
2016-06-15 11:46 - 2016-05-20 21:23 - 00076288 _____ (Microsoft Corporation) E:\Windows\system32\mshtmled.dll
2016-06-15 11:46 - 2016-05-20 21:21 - 00279040 _____ (Microsoft Corporation) E:\Windows\system32\dxtrans.dll
2016-06-15 11:46 - 2016-05-20 21:19 - 00130048 _____ (Microsoft Corporation) E:\Windows\system32\occache.dll
2016-06-15 11:46 - 2016-05-20 21:14 - 04610048 _____ (Microsoft Corporation) E:\Windows\system32\jscript9.dll
2016-06-15 11:46 - 2016-05-20 21:12 - 00230400 _____ (Microsoft Corporation) E:\Windows\system32\webcheck.dll
2016-06-15 11:46 - 2016-05-20 21:09 - 00693248 _____ (Microsoft Corporation) E:\Windows\system32\msfeeds.dll
2016-06-15 11:46 - 2016-05-20 21:09 - 00689664 _____ (Microsoft Corporation) E:\Windows\system32\ie4uinit.exe
2016-06-15 11:46 - 2016-05-20 21:08 - 02055680 _____ (Microsoft Corporation) E:\Windows\system32\inetcpl.cpl
2016-06-15 11:46 - 2016-05-20 21:07 - 01155072 _____ (Microsoft Corporation) E:\Windows\system32\mshtmlmedia.dll
2016-06-15 11:46 - 2016-05-20 20:42 - 02121216 _____ (Microsoft Corporation) E:\Windows\system32\wininet.dll
2016-06-15 11:46 - 2016-05-20 20:38 - 01310208 _____ (Microsoft Corporation) E:\Windows\system32\urlmon.dll
2016-06-15 11:46 - 2016-05-20 20:38 - 00710144 _____ (Microsoft Corporation) E:\Windows\system32\ieapfltr.dll
2016-06-15 11:32 - 2016-04-09 06:54 - 12881408 _____ (Microsoft Corporation) E:\Windows\system32\shell32.dll
2016-06-15 11:32 - 2016-04-09 06:54 - 01499648 _____ (Microsoft Corporation) E:\Windows\system32\ExplorerFrame.dll
2016-06-15 11:32 - 2016-04-09 05:44 - 02973184 _____ (Microsoft Corporation) E:\Windows\explorer.exe
2016-06-15 11:13 - 2016-05-11 15:19 - 00363520 _____ (Microsoft Corporation) E:\Windows\system32\StructuredQuery.dll
2016-06-15 10:36 - 2016-05-13 21:54 - 00308456 _____ (Adobe Systems Incorporated) E:\Windows\system32\atmfd.dll
2016-06-15 10:36 - 2016-05-13 21:49 - 00070656 _____ (Microsoft Corporation) E:\Windows\system32\fontsub.dll
2016-06-15 10:36 - 2016-05-13 21:49 - 00026112 _____ (Microsoft Corporation) E:\Windows\system32\lpk.dll
2016-06-15 10:36 - 2016-05-13 21:49 - 00010240 _____ (Microsoft Corporation) E:\Windows\system32\dciman32.dll
2016-06-15 10:36 - 2016-05-13 21:27 - 00034304 _____ (Adobe Systems) E:\Windows\system32\atmlib.dll
2016-06-15 10:36 - 2016-05-12 15:18 - 00606720 _____ (Microsoft Corporation) E:\Windows\system32\gpsvc.dll
2016-06-15 10:36 - 2016-05-12 15:18 - 00591872 _____ (Microsoft Corporation) E:\Windows\system32\gpprefcl.dll
2016-06-15 10:36 - 2016-05-12 15:18 - 00351744 _____ (Microsoft Corporation) E:\Windows\system32\IPSECSVC.DLL
2016-06-15 10:36 - 2016-05-12 15:18 - 00274944 _____ (Microsoft Corporation) E:\Windows\system32\polstore.dll
2016-06-15 10:36 - 2016-05-12 15:18 - 00079360 _____ (Microsoft Corporation) E:\Windows\system32\gpapi.dll
2016-06-15 10:36 - 2016-05-12 15:18 - 00070144 _____ (Microsoft Corporation) E:\Windows\system32\winipsec.dll
2016-06-15 10:36 - 2016-05-12 15:18 - 00044032 _____ (Microsoft Corporation) E:\Windows\system32\FwRemoteSvr.dll
2016-06-15 10:36 - 2016-05-12 14:57 - 00030720 _____ (Microsoft Corporation) E:\Windows\system32\gpscript.dll
2016-06-15 10:36 - 2016-05-12 14:57 - 00024576 _____ (Microsoft Corporation) E:\Windows\system32\gpscript.exe
2016-06-15 10:36 - 2016-03-09 18:40 - 00316416 _____ (Microsoft Corporation) E:\Windows\system32\webio.dll
2016-06-15 10:35 - 2016-05-12 15:22 - 00137960 _____ (Microsoft Corporation) E:\Windows\system32\Drivers\ksecpkg.sys
2016-06-15 10:35 - 2016-05-12 15:22 - 00067304 _____ (Microsoft Corporation) E:\Windows\system32\Drivers\ksecdd.sys
2016-06-15 10:35 - 2016-05-12 15:18 - 01062400 _____ (Microsoft Corporation) E:\Windows\system32\lsasrv.dll
2016-06-15 10:35 - 2016-05-12 15:18 - 00690688 _____ (Microsoft Corporation) E:\Windows\system32\adtschema.dll
2016-06-15 10:35 - 2016-05-12 15:18 - 00655360 _____ (Microsoft Corporation) E:\Windows\system32\rpcrt4.dll
2016-06-15 10:35 - 2016-05-12 15:18 - 00553472 _____ (Microsoft Corporation) E:\Windows\system32\kerberos.dll
2016-06-15 10:35 - 2016-05-12 15:18 - 00260608 _____ (Microsoft Corporation) E:\Windows\system32\msv1_0.dll
2016-06-15 10:35 - 2016-05-12 15:18 - 00251392 _____ (Microsoft Corporation) E:\Windows\system32\schannel.dll
2016-06-15 10:35 - 2016-05-12 15:18 - 00223232 _____ (Microsoft Corporation) E:\Windows\system32\ncrypt.dll
2016-06-15 10:35 - 2016-05-12 15:18 - 00172032 _____ (Microsoft Corporation) E:\Windows\system32\wdigest.dll
2016-06-15 10:35 - 2016-05-12 15:18 - 00146432 _____ (Microsoft Corporation) E:\Windows\system32\msaudite.dll
2016-06-15 10:35 - 2016-05-12 15:18 - 00141312 _____ (Microsoft Corporation) E:\Windows\system32\rpchttp.dll
2016-06-15 10:35 - 2016-05-12 15:18 - 00099840 _____ (Microsoft Corporation) E:\Windows\system32\sspicli.dll
2016-06-15 10:35 - 2016-05-12 15:18 - 00065536 _____ (Microsoft Corporation) E:\Windows\system32\TSpkg.dll
2016-06-15 10:35 - 2016-05-12 15:18 - 00060416 _____ (Microsoft Corporation) E:\Windows\system32\msobjs.dll
2016-06-15 10:35 - 2016-05-12 15:18 - 00022016 _____ (Microsoft Corporation) E:\Windows\system32\secur32.dll
2016-06-15 10:35 - 2016-05-12 15:18 - 00017408 _____ (Microsoft Corporation) E:\Windows\system32\credssp.dll
2016-06-15 10:35 - 2016-05-12 14:56 - 00050176 _____ (Microsoft Corporation) E:\Windows\system32\auditpol.exe
2016-06-15 10:35 - 2016-05-12 14:52 - 00313856 _____ (Microsoft Corporation) E:\Windows\system32\Drivers\srv2.sys
2016-06-15 10:35 - 2016-05-12 14:52 - 00310784 _____ (Microsoft Corporation) E:\Windows\system32\Drivers\srv.sys
2016-06-15 10:35 - 2016-05-12 14:52 - 00226304 _____ (Microsoft Corporation) E:\Windows\system32\Drivers\mrxsmb10.sys
2016-06-15 10:35 - 2016-05-12 14:52 - 00124416 _____ (Microsoft Corporation) E:\Windows\system32\Drivers\mrxsmb.sys
2016-06-15 10:35 - 2016-05-12 14:52 - 00115712 _____ (Microsoft Corporation) E:\Windows\system32\Drivers\srvnet.sys
2016-06-15 10:35 - 2016-05-12 14:52 - 00098304 _____ (Microsoft Corporation) E:\Windows\system32\Drivers\mrxsmb20.sys
2016-06-15 10:35 - 2016-05-12 14:51 - 00036352 _____ (Microsoft Corporation) E:\Windows\system32\cryptbase.dll
2016-06-15 10:35 - 2016-05-12 14:51 - 00022016 _____ (Microsoft Corporation) E:\Windows\system32\lsass.exe
2016-06-15 10:35 - 2016-05-12 14:51 - 00015872 _____ (Microsoft Corporation) E:\Windows\system32\sspisrv.dll
2016-06-15 10:35 - 2016-05-12 13:04 - 00370784 _____ (Microsoft Corporation) E:\Windows\system32\Drivers\cng.sys
2016-06-15 10:35 - 2016-05-12 13:04 - 00249352 _____ (Microsoft Corporation) E:\Windows\system32\bcryptprimitives.dll
2016-06-15 10:25 - 2016-05-12 15:18 - 00002048 _____ (Microsoft Corporation) E:\Windows\system32\tzres.dll
2016-06-15 10:23 - 2016-05-11 15:19 - 00351744 _____ (Microsoft Corporation) E:\Windows\system32\winhttp.dll
2016-06-15 10:23 - 2016-05-11 15:19 - 00231424 _____ (Microsoft Corporation) E:\Windows\system32\mswsock.dll
2016-06-15 10:23 - 2016-05-11 15:19 - 00206336 _____ (Microsoft Corporation) E:\Windows\system32\ws2_32.dll
2016-06-15 10:23 - 2016-05-11 15:01 - 00026624 _____ (Microsoft Corporation) E:\Windows\system32\netbtugc.exe
2016-06-15 10:23 - 2016-05-11 14:52 - 00188928 _____ (Microsoft Corporation) E:\Windows\system32\Drivers\netbt.sys
2016-06-15 10:23 - 2016-04-14 15:38 - 00105192 _____ (Microsoft Corporation) E:\Windows\system32\consent.exe
2016-06-15 10:23 - 2016-04-14 15:33 - 02365440 _____ (Microsoft Corporation) E:\Windows\system32\msi.dll
2016-06-15 10:23 - 2016-04-14 15:33 - 01806848 _____ (Microsoft Corporation) E:\Windows\system32\authui.dll
2016-06-15 10:23 - 2016-04-14 15:33 - 00337408 _____ (Microsoft Corporation) E:\Windows\system32\msihnd.dll
2016-06-15 10:23 - 2016-04-14 15:33 - 00047104 _____ (Microsoft Corporation) E:\Windows\system32\appinfo.dll
2016-06-15 10:23 - 2016-04-14 15:33 - 00025088 _____ (Microsoft Corporation) E:\Windows\system32\msimsg.dll
2016-06-15 10:23 - 2016-04-14 15:11 - 00073216 _____ (Microsoft Corporation) E:\Windows\system32\msiexec.exe
2016-06-15 10:19 - 2016-05-18 16:10 - 00306688 _____ (Microsoft Corporation) E:\Windows\system32\gdi32.dll

==================== Un mois - Modifiés - fichiers et dossiers ========

(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)

2016-07-15 09:15 - 2013-11-25 17:45 - 00000000 ____D E:\Users\k\AppData\Roaming\uTorrent
2016-07-15 09:08 - 2013-10-06 11:56 - 00001002 _____ E:\Windows\Tasks\Adobe Flash Player Updater.job
2016-07-15 09:00 - 2014-10-10 20:15 - 00000912 _____ E:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2928640820-2594297707-84836597-1000UA.job
2016-07-15 08:53 - 2014-02-19 16:11 - 00002562 _____ E:\Windows\diagwrn.xml
2016-07-15 08:53 - 2014-02-19 16:11 - 00001908 _____ E:\Windows\diagerr.xml
2016-07-15 08:26 - 2013-02-04 18:19 - 00001058 _____ E:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2016-07-15 08:26 - 2013-02-04 18:19 - 00001054 _____ E:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2016-07-15 08:26 - 2009-07-14 04:34 - 00020704 ____H E:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2016-07-15 08:26 - 2009-07-14 04:34 - 00020704 ____H E:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2016-07-15 08:19 - 2015-09-21 10:03 - 00000000 ____D E:\Users\k\AppData\LocalLow\uTorrent
2016-07-15 08:16 - 2009-07-14 04:33 - 00533136 _____ E:\Windows\system32\FNTCACHE.DAT
2016-07-15 08:15 - 2015-01-30 09:17 - 00000000 ____D E:\Windows\system32\appraiser
2016-07-15 08:15 - 2009-07-14 04:53 - 00000006 ____H E:\Windows\Tasks\SA.DAT
2016-07-14 17:10 - 2013-08-23 18:46 - 00000000 ____D E:\Windows\system32\MRT
2016-07-14 17:00 - 2013-04-09 12:58 - 141983760 _____ (Microsoft Corporation) E:\Windows\system32\MRT.exe
2016-07-14 13:11 - 2009-07-14 09:01 - 00000000 ____D E:\Program Files\Windows Journal
2016-07-08 10:44 - 2013-02-04 23:15 - 00000000 ____D E:\Users\k\AppData\Roaming\vlc
2016-07-07 13:44 - 2016-04-05 09:14 - 00000000 ____D E:\Windows\Minidump
2016-07-07 13:43 - 2016-04-18 11:22 - 423048044 _____ E:\Windows\MEMORY.DMP
2016-07-07 11:51 - 2013-02-04 02:22 - 01298006 _____ E:\Windows\system32\PerfStringBackup.INI
2016-07-07 11:51 - 2009-07-14 08:39 - 00751190 _____ E:\Windows\system32\perfh00C.dat
2016-07-07 11:51 - 2009-07-14 08:39 - 00156250 _____ E:\Windows\system32\perfc00C.dat
2016-07-07 11:51 - 2009-07-14 02:37 - 00000000 ____D E:\Windows\inf
2016-07-01 08:42 - 2014-10-10 20:15 - 00000890 _____ E:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2928640820-2594297707-84836597-1000Core.job
2016-06-21 13:05 - 2014-01-11 09:18 - 00000000 ____D E:\Users\k\AppData\Roaming\Skype
2016-06-21 12:13 - 2013-02-04 08:48 - 00400552 ____N (Microsoft Corporation) E:\Windows\system32\MpSigStub.exe
2016-06-21 09:20 - 2014-11-01 21:40 - 00000000 ___RD E:\Program Files\Skype
2016-06-21 09:20 - 2014-01-11 09:18 - 00000000 ____D E:\ProgramData\Skype
2016-06-21 09:20 - 2013-02-04 02:18 - 00000000 ____D E:\Users\k
2016-06-20 08:43 - 2014-07-18 05:09 - 00002111 _____ E:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-06-17 13:09 - 2013-10-06 11:56 - 00796352 _____ (Adobe Systems Incorporated) E:\Windows\system32\FlashPlayerApp.exe
2016-06-17 13:09 - 2013-10-06 11:56 - 00142528 _____ (Adobe Systems Incorporated) E:\Windows\system32\FlashPlayerCPLApp.cpl
2016-06-17 09:00 - 2013-03-04 19:48 - 00000000 ____D E:\Users\k\AMD_Catalyst_13.2_Beta3
2016-06-15 15:12 - 2014-11-01 21:41 - 00000000 ____D E:\Users\k\AppData\Local\Skype

==================== Fichiers à la racine de certains dossiers =======

2015-11-18 13:27 - 2015-11-18 13:27 - 0000061 _____ () E:\Users\k\AppData\Local\HackLogs.dat
2014-03-01 21:37 - 2015-11-19 09:19 - 0000700 ___SH () E:\Users\k\AppData\Local\systemFL7.dat
2014-03-01 21:37 - 2014-03-03 13:28 - 0000520 ___SH () E:\Users\k\AppData\Local\win_fldb_sys.dat
2014-03-01 21:36 - 2015-11-19 09:19 - 0003465 ___SH () E:\Users\k\AppData\Local\win_stlthdb_sys.dat
2015-12-11 14:29 - 2015-12-11 14:29 - 0000057 _____ () E:\ProgramData\Ament.ini
2013-04-24 20:54 - 2014-03-19 19:33 - 0001890 _____ () E:\ProgramData\rescue.vbe
2014-03-01 21:37 - 2014-03-01 21:37 - 0002568 ___SH () E:\ProgramData\win_mpwd_sys.dat

Fichiers à déplacer ou supprimer:
====================
E:\ProgramData\win_mpwd_sys.dat


Certains fichiers dans TEMP:
====================
E:\Users\k\AppData\Local\Temp\dllnt_dump.dll
E:\Users\k\AppData\Local\Temp\h-syykrc.dll
E:\Users\k\AppData\Local\Temp\hr7ouzbf.dll
E:\Users\k\AppData\Local\Temp\libeay32.dll
E:\Users\k\AppData\Local\Temp\MBSetup_helper-loader.exe
E:\Users\k\AppData\Local\Temp\msvcr120.dll
E:\Users\k\AppData\Local\Temp\sqlite3.dll
E:\Users\k\AppData\Local\Temp\v70fh0n3.dll
E:\Users\k\AppData\Local\Temp\whjwk9at.dll
E:\Users\k\AppData\Local\Temp\{7DBD128F-B50E-415F-9E3C-06825599BC9E}-47.0.2526.80_46.0.2490.86_chrome_updater_3stage.exe


==================== Bamital & volsnap =================

(Il n'y a pas de correction automatique pour les fichiers qui ne satisfont pas à la vérification.)

E:\Windows\explorer.exe => Le fichier est signé numériquement
E:\Windows\system32\winlogon.exe => Le fichier est signé numériquement
E:\Windows\system32\wininit.exe => Le fichier est signé numériquement
E:\Windows\system32\svchost.exe => Le fichier est signé numériquement
E:\Windows\system32\services.exe => Le fichier est signé numériquement
E:\Windows\system32\User32.dll => Le fichier est signé numériquement
E:\Windows\system32\userinit.exe => Le fichier est signé numériquement
E:\Windows\system32\rpcss.dll => Le fichier est signé numériquement
E:\Windows\system32\dnsapi.dll => Le fichier est signé numériquement
E:\Windows\system32\Drivers\volsnap.sys => Le fichier est signé numériquement


LastRegBack: 2015-12-13 13:02

==================== Fin de FRST.txt ============================

Publicité


Signaler le contenu de ce document

Publicité