cjoint

Publicité


Publicité

Format du document : text/plain

Prévisualisation

Résultats d'analyse de Farbar Recovery Scan Tool (FRST) (x64) Version: 20-07-2016
Exécuté par Nathan (administrateur) sur PC-NATHAN (20-07-2016 20:07:17)
Exécuté depuis C:\Users\Nathan\Desktop
Profils chargés: Nathan (Profils disponibles: Nathan)
Platform: Windows 8.1 Connected (Update) (X64) Langue: Français (France)
Internet Explorer Version 11 (Navigateur par défaut: Chrome)
Mode d'amorçage: Normal
Tutoriel pour Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processus (Avec liste blanche) =================

(Si un élément est inclus dans le fichier fixlist.txt, le processus sera arrêté. Le fichier ne sera pas déplacé.)

(Softex Inc.) C:\Program Files\Hewlett-Packard\SimplePass\OmniServ.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Andrea Electronics Corporation) C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP System Event\HPWMISVC.exe
(Intel(R) Corporation) C:\Program Files\Intel\TXE Components\TCS\HeciServer.exe
() C:\Program Files\CyberLink\Shared files\RichVideo64.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(WildTangent) C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Microsoft Corporation) C:\Windows\System32\SkyDrive.exe
() C:\Program Files\Hewlett-Packard\SimplePass\opvapp.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Hewlett-Packard) C:\Program Files\Hewlett-Packard\SimplePass\ClientCore.exe
(Hewlett-Packard) C:\Program Files\Hewlett-Packard\SimplePass\OPBHOBroker.exe
(Hewlett-Packard) C:\Program Files\Hewlett-Packard\SimplePass\OPBHOBrokerDsktop.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(CyberLink Corp.) C:\Program Files (x86)\CyberLink\YouCam\YouCamService.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP System Event\HPMSGSVC.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe


==================== Registre (Avec liste blanche) ===========================

(Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé. Le fichier ne sera pas déplacé.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [7634288 2014-06-24] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1386712 2014-06-24] (Realtek Semiconductor)
HKLM\...\Run: [SimplePass] => C:\Program Files\Hewlett-Packard\SimplePass\ClientCore.exe [3962936 2014-03-28] (Hewlett-Packard)
HKLM\...\Run: [OPBHOBroker] => C:\Program Files\Hewlett-Packard\SimplePass\OPBHOBroker.exe [415288 2014-03-28] (Hewlett-Packard)
HKLM\...\Run: [OPBHOBrokerDesktop] => C:\Program Files\Hewlett-Packard\SimplePass\OPBHOBrokerDsktop.exe [415288 2014-03-28] (Hewlett-Packard)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2818800 2014-05-06] (Synaptics Incorporated)
HKLM-x32\...\Run: [HPMessageService] => C:\Program Files (x86)\Hewlett-Packard\HP System Event\HPMSGSVC.exe [506680 2014-06-19] (Hewlett-Packard Development Company, L.P.)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [8900328 2016-07-11] (AVAST Software)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [595992 2016-05-20] (Oracle Corporation)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-262970921-3956518361-473010714-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [2851408 2016-07-09] (Valve Corporation)
HKU\S-1-5-21-262970921-3956518361-473010714-1001\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [26424960 2016-06-29] (Skype Technologies S.A.)
HKU\S-1-5-21-262970921-3956518361-473010714-1001\...\Run: [Akamai NetSession Interface] => "C:\Users\Nathan\AppData\Local\Akamai\netsession_win.exe"
HKU\S-1-5-21-262970921-3956518361-473010714-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [8641240 2016-02-12] (Piriform Ltd)
HKU\S-1-5-21-262970921-3956518361-473010714-1001\...\MountPoints2: {8e1d502a-8621-11e5-8271-d0bf9cfbd6a8} - "F:\autorun.exe"
HKU\S-1-5-21-262970921-3956518361-473010714-1001\...\MountPoints2: {dd243250-8c26-11e5-8272-d0bf9cfbd6a8} - "G:\iLinker.exe"
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2016-07-11] (AVAST Software)

==================== Internet (Avec liste blanche) ====================

(Si un élément est inclus dans le fichier fixlist.txt, s'il s'agit d'un élément du Registre, il sera supprimé ou restauré à la valeur par défaut.)

Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{0E4404E6-921C-4553-8BD3-E2146318CC11}: [DhcpNameServer] 192.168.1.1

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://g.uk.msn.com/HPNOT14/3
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,First Home Page = hxxp://g.uk.msn.com/HPNOT14/3
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://g.uk.msn.com/HPNOT14/3
HKU\S-1-5-21-262970921-3956518361-473010714-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://g.uk.msn.com/HPNOT14/3
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-262970921-3956518361-473010714-1001 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?PC=WCUG&FORM=WCUGDF&q={searchTerms}
SearchScopes: HKU\S-1-5-21-262970921-3956518361-473010714-1001 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?PC=WCUG&FORM=WCUGDF&q={searchTerms}
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2016-07-11] (AVAST Software)
BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2016-05-25] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_91\bin\ssv.dll [2016-07-15] (Oracle Corporation)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2016-07-11] (AVAST Software)
BHO-x32: Evernote extension -> {92EF2EAD-A7CE-4424-B0DB-499CF856608E} -> C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll [2014-04-04] (Evernote Corp., 305 Walnut Street, Redwood City, CA 94063)
BHO-x32: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2016-05-25] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_91\bin\jp2ssv.dll [2016-07-15] (Oracle Corporation)
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2016-05-25] (Microsoft Corporation)
Handler-x32: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2016-05-25] (Microsoft Corporation)

FireFox:
========
FF ProfilePath: C:\Users\Nathan\AppData\Roaming\Mozilla\Firefox\Profiles\ss7lpnzo.default
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_22_0_0_209.dll [2016-07-12] ()
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_22_0_0_209.dll [2016-07-12] ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\windows\SysWOW64\Adobe\Director\np32dsw_1204144.dll [2013-09-05] (Adobe Systems, Inc.)
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/pdf -> C:\Program Files (x86)\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [2014-05-13] ()
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.fdf -> C:\Program Files (x86)\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [2014-05-13] ()
FF Plugin-x32: @java.com/DTPlugin,version=11.91.2 -> C:\Program Files (x86)\Java\jre1.8.0_91\bin\dtplugin\npDeployJava1.dll [2016-07-15] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.91.2 -> C:\Program Files (x86)\Java\jre1.8.0_91\bin\plugin2\npjp2.dll [2016-07-15] (Oracle Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.30.3\npGoogleUpdate3.dll [2016-05-16] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.30.3\npGoogleUpdate3.dll [2016-05-16] (Google Inc.)
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll [2013-08-06] ()
FF HKLM\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2016-07-11]
FF HKLM\...\Firefox\Extensions: [sp@avast.com] - C:\Program Files\AVAST Software\Avast\SafePrice\FF
FF Extension: Avast SafePrice - C:\Program Files\AVAST Software\Avast\SafePrice\FF [2016-07-11]
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF HKLM-x32\...\Firefox\Extensions: [sp@avast.com] - C:\Program Files\AVAST Software\Avast\SafePrice\FF

Chrome:
=======
CHR Profile: C:\Users\Nathan\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Paiements via le Chrome Web Store) - C:\Users\Nathan\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-07-19]
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChromeSp.crx [2015-08-16]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2015-08-16]
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx [2016-05-25]

==================== Services (Avec liste blanche) ========================

(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)

R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [197128 2016-07-11] (AVAST Software)
R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1364096 2016-05-25] (Microsoft Corporation)
R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1687680 2016-05-25] (Microsoft Corporation)
R2 GamesAppIntegrationService; C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe [227904 2014-04-24] (WildTangent)
R2 HPSupportSolutionsFrameworkService; C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe [28552 2016-04-26] (Hewlett-Packard Company)
R2 HPWMISVC; C:\Program Files (x86)\Hewlett-Packard\HP System Event\HPWMISVC.exe [475960 2014-06-19] (Hewlett-Packard Development Company, L.P.)
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\TXE Components\TCS\HeciServer.exe [733696 2013-07-01] (Intel(R) Corporation) [Fichier non signé]
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\TXE Components\TCS\SocketHeciServer.exe [822232 2013-07-01] (Intel(R) Corporation)
S3 npggsvc; C:\Windows\SysWOW64\GameMon.des [3611808 2015-07-22] (INCA Internet Co., Ltd.)
R2 omniserv; C:\Program Files\Hewlett-Packard\SimplePass\OmniServ.exe [88064 2014-03-28] (Softex Inc.) [Fichier non signé]
R2 RichVideo64; C:\Program Files\CyberLink\Shared files\RichVideo64.exe [389896 2014-04-14] ()
R2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [290520 2014-06-24] (Realtek Semiconductor)
R2 SynTPEnhService; C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe [191728 2014-05-06] (Synaptics Incorporated)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [366552 2015-07-07] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2015-07-07] (Microsoft Corporation)

===================== Pilotes (Avec liste blanche) ==========================

(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)

R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [37656 2016-07-11] (AVAST Software)
R1 aswKbd; C:\Windows\system32\drivers\aswKbd.sys [37144 2016-07-11] (AVAST Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [108304 2016-07-11] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [103064 2016-07-11] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [74544 2016-07-11] (AVAST Software)
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1070904 2016-07-11] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [473592 2016-07-13] (AVAST Software)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [162904 2016-07-11] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [290088 2016-07-11] (AVAST Software)
R1 CLVirtualDrive; C:\Windows\system32\DRIVERS\CLVirtualDrive.sys [91912 2013-11-12] (CyberLink)
S3 dg_ssudbus; C:\Windows\system32\DRIVERS\ssudbus.sys [129152 2016-04-25] (Samsung Electronics Co., Ltd.)
S0 ebdrv; C:\Windows\System32\drivers\evbda.sys [3357024 2013-08-22] (Broadcom Corporation)
R3 GPIO; C:\Windows\System32\drivers\iaiogpioe.sys [31232 2013-11-11] (Intel Corporation)
R0 MBI; C:\Windows\System32\drivers\MBI.sys [29464 2014-01-23] (Intel Corporation)
R3 RSP2STOR; C:\Windows\system32\DRIVERS\RtsP2Stor.sys [294104 2014-04-30] (Realtek Semiconductor Corp.)
R3 RTWlanE; C:\Windows\system32\DRIVERS\rtwlane.sys [3463896 2014-06-21] (Realtek Semiconductor Corporation )
R3 SmbDrvI; C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys [31472 2014-05-06] (Synaptics Incorporated)
S3 ssudmdm; C:\Windows\system32\DRIVERS\ssudmdm.sys [221824 2016-04-25] (Samsung Electronics Co., Ltd.)
R3 TXEIx64; C:\Windows\System32\drivers\TXEIx64.sys [88592 2014-01-15] (Intel Corporation)
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44560 2015-07-07] (Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [270168 2015-07-07] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114520 2015-07-07] (Microsoft Corporation)
R3 WirelessButtonDriver; C:\Windows\System32\drivers\WirelessButtonDriver64.sys [20800 2013-07-22] (Hewlett-Packard Development Company, L.P.)

==================== NetSvcs (Avec liste blanche) ===================

(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)


==================== Un mois - Créés - fichiers et dossiers ========

(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)

2016-07-20 20:07 - 2016-07-20 20:07 - 00000000 ____D C:\Users\Nathan\Desktop\FRST-OlderVersion
2016-07-20 00:24 - 2016-07-20 00:24 - 00001286 _____ C:\Users\Nathan\Desktop\malwarebytes.txt
2016-07-19 23:55 - 2016-07-20 00:00 - 00192216 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2016-07-19 23:55 - 2016-07-19 23:55 - 00001121 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2016-07-19 23:55 - 2016-07-19 23:55 - 00000000 ____D C:\ProgramData\Malwarebytes
2016-07-19 23:55 - 2016-07-19 23:55 - 00000000 ____D C:\Program Files (x86)\Malwarebytes Anti-Malware
2016-07-19 23:55 - 2016-03-10 14:09 - 00065408 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2016-07-19 23:55 - 2016-03-10 14:08 - 00140672 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamchameleon.sys
2016-07-19 23:55 - 2016-03-10 14:08 - 00027008 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbam.sys
2016-07-19 23:45 - 2016-07-19 23:53 - 22851472 _____ (Malwarebytes ) C:\Users\Nathan\Desktop\mbam-setup-2.2.1.1043.exe
2016-07-19 22:32 - 2016-07-19 22:32 - 00002180 _____ C:\Users\Nathan\Desktop\ZHPCleaner.txt
2016-07-19 22:22 - 2016-07-19 22:22 - 00000886 _____ C:\Users\Nathan\Desktop\ZHPCleaner.lnk
2016-07-19 22:21 - 2016-07-19 22:22 - 02283008 _____ C:\Users\Nathan\Desktop\ZHPCleaner.exe
2016-07-19 22:17 - 2016-07-19 22:17 - 00000990 _____ C:\Users\Nathan\Desktop\AdwCleaner[S2].txt
2016-07-19 22:12 - 2016-07-19 22:14 - 03712064 _____ C:\Users\Nathan\Downloads\adwcleaner_5.201.exe
2016-07-19 22:08 - 2016-07-19 22:08 - 00354240 _____ C:\Windows\system32\FNTCACHE.DAT
2016-07-19 22:05 - 2016-07-19 22:06 - 00012427 _____ C:\Users\Nathan\Desktop\Fixlog.txt
2016-07-19 17:31 - 2016-07-19 17:32 - 00032120 _____ C:\Users\Nathan\Desktop\Addition.txt
2016-07-19 17:29 - 2016-07-20 20:07 - 00017556 _____ C:\Users\Nathan\Desktop\FRST.txt
2016-07-19 17:28 - 2016-07-19 17:28 - 00001324 _____ C:\Users\Nathan\Desktop\AdwCleaner[C1].txt
2016-07-19 17:24 - 2016-07-20 20:07 - 00000000 ____D C:\FRST
2016-07-19 17:19 - 2016-07-20 20:07 - 02393600 _____ (Farbar) C:\Users\Nathan\Desktop\FRST64.exe
2016-07-19 16:50 - 2016-07-19 22:32 - 00000000 ____D C:\Users\Nathan\AppData\Roaming\ZHP
2016-07-19 16:41 - 2016-07-19 22:14 - 00000000 ____D C:\AdwCleaner
2016-07-19 16:33 - 2016-07-19 16:35 - 03712064 _____ C:\Users\Nathan\Downloads\Non confirmé 882738.crdownload
2016-07-15 19:03 - 2016-07-15 19:26 - 00000000 ____D C:\Users\Nathan\AppData\Roaming\.MenoriaV2
2016-07-15 19:03 - 2016-07-15 19:03 - 00191857 _____ C:\Users\Nathan\Downloads\MénoriaV2.exe
2016-07-15 18:59 - 2016-07-15 18:59 - 00100346 _____ C:\Users\Nathan\Downloads\Launcher-IYC.exe
2016-07-15 18:15 - 2016-07-15 18:15 - 00003918 _____ C:\Windows\System32\Tasks\SafeZone scheduled Autoupdate 1468599308
2016-07-15 18:15 - 2016-07-15 18:15 - 00001060 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast SafeZone Browser.lnk
2016-07-15 18:05 - 2016-07-15 18:05 - 00097344 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2016-07-15 18:05 - 2016-07-15 18:05 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2016-07-15 18:04 - 2016-07-15 18:04 - 00000000 ____D C:\Program Files (x86)\Java
2016-07-15 17:56 - 2016-07-15 17:57 - 00737856 _____ (Oracle Corporation) C:\Users\Nathan\Downloads\chromeinstall-8u91.exe
2016-07-14 13:57 - 2016-07-15 18:18 - 00000024 _____ C:\Users\Nathan\AppData\AdobeACBCache.dat
2016-07-14 13:56 - 2016-07-14 13:57 - 00000000 ____D C:\Users\Nathan\AppData\Roaming\java
2016-07-14 13:54 - 2016-07-14 13:56 - 00000000 ____D C:\Users\Nathan\AppData\Roaming\.azlauncher
2016-07-14 13:54 - 2016-07-14 13:54 - 00516931 _____ (-) C:\Users\Nathan\Downloads\AZ_Minecraft_Launcher_Offline.exe
2016-07-12 20:13 - 2016-07-12 20:13 - 06079168 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerInstaller.exe
2016-07-12 00:10 - 2016-07-12 00:22 - 00000131 _____ C:\Users\Nathan\Desktop\lol.txt
2016-07-11 19:32 - 2016-07-11 19:32 - 00001945 _____ C:\Users\Public\Desktop\Avast Antivirus Gratuit.lnk
2016-07-11 19:32 - 2016-07-11 19:32 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVAST Software
2016-07-11 19:30 - 2016-07-11 19:30 - 00390984 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2016-07-11 19:30 - 2016-07-11 19:29 - 00037144 _____ (AVAST Software) C:\Windows\system32\Drivers\aswKbd.sys
2016-07-11 19:29 - 2016-07-11 19:29 - 00053208 _____ (AVAST Software) C:\Windows\avastSS.scr
2016-06-29 07:09 - 2016-06-29 07:09 - 00000000 ____D C:\Users\Nathan\Documents\My Games
2016-06-29 07:09 - 2010-02-04 10:01 - 00530776 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_6.dll
2016-06-29 07:09 - 2010-02-04 10:01 - 00176984 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_6.dll
2016-06-29 07:09 - 2010-02-04 10:01 - 00078680 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_4.dll
2016-06-29 07:09 - 2008-10-27 10:04 - 00518480 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_3.dll
2016-06-29 07:09 - 2008-10-27 10:04 - 00514384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_3.dll
2016-06-29 07:09 - 2008-10-27 10:04 - 00235856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_3.dll
2016-06-29 07:09 - 2008-10-27 10:04 - 00175440 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_3.dll
2016-06-29 07:09 - 2008-10-27 10:04 - 00074576 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_2.dll
2016-06-29 07:09 - 2008-10-27 10:04 - 00070992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_2.dll
2016-06-29 07:09 - 2008-10-27 10:04 - 00025936 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_5.dll
2016-06-29 07:09 - 2008-10-27 10:04 - 00023376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_5.dll
2016-06-29 07:09 - 2008-07-31 10:41 - 00238088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_2.dll
2016-06-29 07:09 - 2008-07-31 10:41 - 00177672 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_2.dll
2016-06-29 07:09 - 2008-07-31 10:41 - 00072200 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_1.dll
2016-06-29 07:09 - 2008-07-31 10:40 - 00513544 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_2.dll
2016-06-28 21:25 - 2016-06-28 21:25 - 00000222 _____ C:\Users\Nathan\Desktop\Outlast.url
2016-06-28 21:25 - 2016-06-28 21:25 - 00000000 ____D C:\Users\Nathan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam

==================== Un mois - Modifiés - fichiers et dossiers ========

(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)

2016-07-20 20:06 - 2015-07-13 22:18 - 00001002 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2016-07-20 19:47 - 2015-08-17 21:31 - 00000000 ____D C:\Program Files (x86)\Steam
2016-07-20 19:33 - 2015-07-12 20:43 - 00003800 _____ C:\Windows\System32\Tasks\User_Feed_Synchronization-{EDAA9E25-A778-4CAC-8048-164824DC1742}
2016-07-20 12:50 - 2015-07-12 20:37 - 00003596 _____ C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-262970921-3956518361-473010714-1001
2016-07-20 11:51 - 2015-07-12 20:33 - 00000000 ____D C:\Users\Nathan\Documents\Youcam
2016-07-20 11:50 - 2015-08-19 18:32 - 00000000 ____D C:\Users\Nathan\AppData\Roaming\Skype
2016-07-20 11:48 - 2015-08-16 22:19 - 00001092 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2016-07-20 11:48 - 2015-07-12 20:38 - 00000000 __RDO C:\Users\Nathan\OneDrive
2016-07-19 22:37 - 2015-11-20 23:52 - 00121344 ___SH C:\Users\Nathan\Downloads\Thumbs.db
2016-07-19 22:22 - 2013-08-22 17:36 - 00000000 ____D C:\Windows\AppReadiness
2016-07-19 22:08 - 2013-08-22 16:45 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2016-07-19 22:06 - 2016-05-04 13:55 - 00000000 ____D C:\Users\Nathan\AppData\LocalLow\Temp
2016-07-19 17:40 - 2016-05-08 21:03 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Imperial MT2 v3.0 2015
2016-07-19 17:40 - 2015-08-16 22:44 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nostale(FR)
2016-07-19 17:26 - 2013-08-22 15:25 - 00262144 ___SH C:\Windows\system32\config\BBI
2016-07-19 15:23 - 2015-07-12 21:35 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Gameforge Live
2016-07-19 15:18 - 2016-05-16 17:30 - 00000000 ____D C:\Users\Nathan\AppData\Roaming\uTorrent
2016-07-19 15:18 - 2016-02-18 20:29 - 00000000 ____D C:\Users\Nathan\AppData\Roaming\TS3Client
2016-07-16 19:09 - 2013-08-22 15:36 - 00000000 ____D C:\Windows\Inf
2016-07-15 20:30 - 2015-11-07 12:05 - 00000000 ____D C:\Users\Nathan\AppData\Roaming\.iyc
2016-07-15 18:50 - 2015-11-20 22:06 - 00000000 ____D C:\Users\Nathan\AppData\Roaming\.ascentia
2016-07-15 18:33 - 2015-08-16 22:23 - 00004180 _____ C:\Windows\System32\Tasks\avast! Emergency Update
2016-07-15 18:05 - 2015-11-07 14:41 - 00000000 ____D C:\Users\Nathan\.oracle_jre_usage
2016-07-15 16:29 - 2014-09-03 15:59 - 00846474 _____ C:\Windows\system32\perfh00C.dat
2016-07-15 16:29 - 2014-09-03 15:59 - 00174564 _____ C:\Windows\system32\perfc00C.dat
2016-07-15 16:29 - 2014-03-18 11:53 - 01967058 _____ C:\Windows\system32\PerfStringBackup.INI
2016-07-13 21:47 - 2016-03-20 12:10 - 00000329 _____ C:\Users\Nathan\Desktop\guerre tribale.txt
2016-07-13 19:31 - 2015-08-16 22:19 - 00473592 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsp.sys
2016-07-12 20:13 - 2015-07-13 22:18 - 00003754 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2016-07-12 20:13 - 2013-08-22 17:36 - 00000000 ____D C:\Windows\SysWOW64\Macromed
2016-07-12 20:13 - 2013-08-22 17:36 - 00000000 ____D C:\Windows\system32\Macromed
2016-07-11 19:30 - 2015-08-16 22:19 - 00473592 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsp.sys.146825829445302
2016-07-11 19:30 - 2015-08-16 22:19 - 00290088 _____ (AVAST Software) C:\Windows\system32\Drivers\aswVmm.sys
2016-07-11 19:30 - 2015-08-16 22:19 - 00162904 _____ (AVAST Software) C:\Windows\system32\Drivers\aswStm.sys
2016-07-11 19:30 - 2015-08-16 22:19 - 00108304 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2016-07-11 19:30 - 2015-08-16 22:19 - 00103064 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2016-07-11 19:30 - 2015-08-16 22:19 - 00074544 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRvrt.sys
2016-07-11 19:30 - 2015-08-16 22:19 - 00037656 _____ (AVAST Software) C:\Windows\system32\Drivers\aswHwid.sys
2016-07-11 19:30 - 2015-07-12 20:49 - 00000000 ____D C:\ProgramData\AVAST Software
2016-07-11 19:29 - 2015-08-16 22:19 - 01070904 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys
2016-07-11 19:28 - 2015-08-16 22:10 - 00000000 ____D C:\Program Files\AVAST Software
2016-07-05 15:05 - 2015-07-12 20:30 - 00000000 ____D C:\Users\Nathan\AppData\Local\VirtualStore
2016-07-05 12:54 - 2015-08-19 18:31 - 00000000 ____D C:\ProgramData\Skype
2016-07-03 11:18 - 2013-08-22 17:36 - 00000000 ___HD C:\Program Files\WindowsApps

==================== Fichiers à la racine de certains dossiers =======

2015-08-26 16:41 - 2016-06-08 18:56 - 0000113 _____ () C:\Users\Nathan\AppData\Roaming\D2Info0
2015-08-26 16:41 - 2016-06-08 19:22 - 0000008 _____ () C:\Users\Nathan\AppData\Roaming\DofusAppId0_1
2015-08-26 17:58 - 2016-06-04 22:28 - 0000008 _____ () C:\Users\Nathan\AppData\Roaming\DofusAppId0_2
2015-08-27 12:07 - 2016-04-18 15:14 - 0000008 _____ () C:\Users\Nathan\AppData\Roaming\DofusAppId0_3
2015-12-29 19:29 - 2015-12-29 19:57 - 0000008 _____ () C:\Users\Nathan\AppData\Roaming\DofusAppId0_4
2015-11-21 19:35 - 2015-11-21 19:35 - 0000036 _____ () C:\Users\Nathan\AppData\Roaming\SuYZkvrV.tmp

==================== Bamital & volsnap =================

(Il n'y a pas de correction automatique pour les fichiers qui ne satisfont pas à la vérification.)

C:\Windows\system32\winlogon.exe => Le fichier est signé numériquement
C:\Windows\system32\wininit.exe => Le fichier est signé numériquement
C:\Windows\explorer.exe => Le fichier est signé numériquement
C:\Windows\SysWOW64\explorer.exe => Le fichier est signé numériquement
C:\Windows\system32\svchost.exe => Le fichier est signé numériquement
C:\Windows\SysWOW64\svchost.exe => Le fichier est signé numériquement
C:\Windows\system32\services.exe => Le fichier est signé numériquement
C:\Windows\system32\User32.dll => Le fichier est signé numériquement
C:\Windows\SysWOW64\User32.dll => Le fichier est signé numériquement
C:\Windows\system32\userinit.exe => Le fichier est signé numériquement
C:\Windows\SysWOW64\userinit.exe => Le fichier est signé numériquement
C:\Windows\system32\rpcss.dll => Le fichier est signé numériquement
C:\Windows\system32\dnsapi.dll => Le fichier est signé numériquement
C:\Windows\SysWOW64\dnsapi.dll => Le fichier est signé numériquement
C:\Windows\system32\Drivers\volsnap.sys => Le fichier est signé numériquement


LastRegBack: 2016-07-08 07:54

==================== Fin de FRST.txt ============================

Publicité


Signaler le contenu de ce document

Publicité