Résultats d'analyse de Farbar Recovery Scan Tool (FRST) (x86) Version:17-04-2016 Exécuté par HsN (administrateur) sur HSN-PC (18-04-2016 14:01:14) Exécuté depuis C:\Users\HsN\Downloads\Programs Profils chargés: HsN (Profils disponibles: HsN) Platform: Microsoft Windows 7 Édition Intégrale Service Pack 1 (X86) Langue: Français (France) Internet Explorer Version 11 (Navigateur par défaut: IE) Mode d'amorçage: Normal Tutoriel pour Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processus (Avec liste blanche) ================= (Si un élément est inclus dans le fichier fixlist.txt, le processus sera arrêté. Le fichier ne sera pas déplacé.) (SurfRight B.V.) C:\Program Files\HitmanPro\hmpsched.exe () C:\Program Files\Common Files\Microsoft\Care Suite\ADUService\ADUService.exe (Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe () C:\ProgramData\DatacardService\HWDeviceService.exe () C:\Program Files\ThinkSky\iTools 3\iToolsDaemon.exe (Huawei Technologies Co., Ltd.) C:\ProgramData\DatacardService\DCSHelper.exe () C:\ProgramData\Internet Mobile\OnlineUpdate\ouc.exe () C:\Program Files\MeditelInternet\MeditelInternet_Service.exe () C:\ProgramData\MobileBrServ\mbbService.exe (Ralink Technology, Corp.) C:\Program Files\Ralink\Common\RaRegistry.exe (Intel Corporation) C:\Windows\System32\igfxtray.exe (Intel Corporation) C:\Windows\System32\hkcmd.exe (Intel Corporation) C:\Windows\System32\igfxpers.exe () C:\Program Files\Internet Haut Débit Mobile\AutoDect.exe (Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jusched.exe (Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe (Intel Corporation) C:\Windows\System32\igfxsrvc.exe (© 2015 Microsoft Corporation) C:\Users\HsN\AppData\Local\Microsoft\BingSvc\BingSvc.exe (Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe (Nokia) C:\Program Files\Nokia\Nokia Suite\NokiaSuite.exe () C:\Program Files\Samsung\SideSync4\SideSync.exe (Piriform Ltd) C:\Program Files\CCleaner\CCleaner.exe (DEVGURU Co., LTD.) C:\Program Files\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe (VMware, Inc.) C:\Windows\System32\vmnat.exe (Microsoft Corp.) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE (WIBU-SYSTEMS AG) C:\Program Files\CodeMeter\Runtime\bin\CodeMeter.exe (Microsoft Corp.) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVCM.EXE (VMware, Inc.) C:\Windows\System32\vmnetdhcp.exe (VMware, Inc.) C:\Program Files\Common Files\VMware\USB\vmware-usbarbitrator.exe (Microsoft Corporation) C:\Windows\System32\wbem\unsecapp.exe () C:\Program Files\VMware\VMware Workstation\vmware-hostd.exe (Nokia) C:\Program Files\PC Connectivity Solution\ServiceLayer.exe (Nokia) C:\Program Files\PC Connectivity Solution\Transports\NclUSBSrv.exe (Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe (Nokia) C:\Program Files\PC Connectivity Solution\Transports\NclRSSrv.exe (Microsoft Corporation) C:\Windows\System32\dllhost.exe (Nokia) C:\Program Files\PC Connectivity Solution\Transports\NclMSBTSrvEx.exe (Tonec Inc.) C:\Program Files\Internet Download Manager\IDMan.exe (Tonec Inc.) C:\Program Files\Internet Download Manager\IEMonitor.exe (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe (Malwarebytes) C:\Program Files\Malwarebytes Anti-Malware\mbam.exe (Malwarebytes) C:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe ==================== Registre (Avec liste blanche) =========================== (Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé. Le fichier ne sera pas déplacé.) HKLM\...\Run: [autodetect] => C:\Program Files\Internet Haut Débit Mobile\AutoDect.exe [129872 2010-11-24] () HKLM\...\Run: [SunJavaUpdateSched] => C:\Program Files\Common Files\Java\Java Update\jusched.exe [597552 2015-08-04] (Oracle Corporation) HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [157456 2015-12-17] (Apple Inc.) HKU\S-1-5-21-2895724298-3870826659-66027776-1000\...\Run: [BingSvc] => C:\Users\HsN\AppData\Local\Microsoft\BingSvc\BingSvc.exe [144008 2015-11-15] (© 2015 Microsoft Corporation) HKU\S-1-5-21-2895724298-3870826659-66027776-1000\...\Run: [IDMan] => C:\Program Files\Internet Download Manager\IDMan.exe [3911248 2015-10-21] (Tonec Inc.) HKU\S-1-5-21-2895724298-3870826659-66027776-1000\...\Run: [] => [X] HKU\S-1-5-21-2895724298-3870826659-66027776-1000\...\Run: [NokiaSuite.exe] => C:\Program Files\Nokia\Nokia Suite\NokiaSuite.exe [1053056 2011-11-01] (Nokia) HKU\S-1-5-21-2895724298-3870826659-66027776-1000\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner.exe [6667992 2016-03-11] (Piriform Ltd) HKU\S-1-5-21-2895724298-3870826659-66027776-1000\...\Run: [SideSync] => C:\Program Files\Samsung\SideSync4\SideSync.exe [10952880 2016-03-18] () HKU\S-1-5-21-2895724298-3870826659-66027776-1000\...\MountPoints2: H - H:\Startme.exe HKU\S-1-5-21-2895724298-3870826659-66027776-1000\...\MountPoints2: {48c70ab7-6d9e-11e5-a76d-0019b94b0189} - H:\AutoRun.exe HKU\S-1-5-21-2895724298-3870826659-66027776-1000\...\MountPoints2: {6188ae7d-e6b0-11e5-91ce-005056c00008} - H:\AutoRun.exe HKU\S-1-5-21-2895724298-3870826659-66027776-1000\...\MountPoints2: {6188ae88-e6b0-11e5-91ce-005056c00008} - I:\VZW_Software_upgrade_assistant.exe HKU\S-1-5-21-2895724298-3870826659-66027776-1000\...\MountPoints2: {82736fa5-8c46-11e5-a465-005056c00008} - H:\.\Setup.exe AUTORUN=1 HKU\S-1-5-21-2895724298-3870826659-66027776-1000\...\MountPoints2: {87aee7ff-77cc-11e5-acee-0019b94b0189} - H:\autorun.exe HKU\S-1-5-21-2895724298-3870826659-66027776-1000\...\MountPoints2: {ae6ee6fe-7bf9-11e5-a7d4-0019b94b0189} - H:\Windows/AutoRun.exe HKU\S-1-5-21-2895724298-3870826659-66027776-1000\...\MountPoints2: {bebe5f97-8c7a-11e5-8612-005056c00008} - H:\AutoRun.exe HKU\S-1-5-21-2895724298-3870826659-66027776-1000\...\MountPoints2: {e1a79dc1-85fe-11e5-9ab0-005056c00008} - H:\AutoRun.exe HKU\S-1-5-21-2895724298-3870826659-66027776-1000\...\MountPoints2: {e1a79dd1-85fe-11e5-9ab0-005056c00008} - H:\AutoRun.exe HKU\S-1-5-21-2895724298-3870826659-66027776-1000\...\MountPoints2: {e1a79ddf-85fe-11e5-9ab0-005056c00008} - H:\AutoRun.exe HKU\S-1-5-21-2895724298-3870826659-66027776-1000\...\MountPoints2: {e4b7bd65-8ae6-11e5-a5c6-af69480e352f} - H:\Startme.exe HKU\S-1-5-21-2895724298-3870826659-66027776-1000\...\MountPoints2: {fa2c72c8-abb9-11e5-85c2-005056c00008} - H:\AutoRun.exe ShellIconOverlayIdentifiers: [ IDM Shell Extension] -> {CDC95B92-E27C-4745-A8C5-64A52A78855D} => C:\Program Files\Internet Download Manager\IDMShellExt.dll [2015-08-14] (Tonec Inc.) BootExecute: autocheck autochk * bootdelete ==================== Internet (Avec liste blanche) ==================== (Si un élément est inclus dans le fichier fixlist.txt, s'il s'agit d'un élément du Registre, il sera supprimé ou restauré à la valeur par défaut.) ATTENTION: There are more than 99 Catalog9 entries. Turn off the whitelisting to see all the entries. You may check Device Manager for presence of unusual amount of "Microsoft 6to4 Adapter" devices. Winsock: Catalog5 01 C:\Windows\system32\NLAapi.dll [52224 2012-10-03] (Microsoft Corporation) ATTENTION: LibraryPath devrait être "C:\Windows)\system32\NLAapi.dll" Hosts: Il y a plus d'un élément dans hosts. Voir la section Hosts de Addition.txt Tcpip\Parameters: [DhcpNameServer] 192.168.1.1 Tcpip\..\Interfaces\{10AE43FE-41FF-44F3-9BFF-9E20F6FBD86C}: [DhcpNameServer] 192.168.8.1 192.168.8.1 Tcpip\..\Interfaces\{6AB7C07A-FE49-405A-929D-441AE3208BAF}: [DhcpNameServer] 192.168.43.1 Tcpip\..\Interfaces\{AD2F1453-2500-414C-90AA-63ED613C1E8D}: [DhcpNameServer] 192.168.1.1 Tcpip\..\Interfaces\{AF5A6EF8-536B-470B-9156-636BBF427371}: [DhcpNameServer] 192.168.1.1 192.168.1.1 Tcpip\..\Interfaces\{D0FDBAC5-5B30-402B-AE85-8F05B0342D63}: [DhcpNameServer] 192.168.1.1 Tcpip\..\Interfaces\{E899C5ED-8D1A-4952-B0D5-973139729862}: [DhcpNameServer] 192.168.8.1 192.168.8.1 Tcpip\..\Interfaces\{EF5D8F3A-BE4E-4BAD-B400-5EEB09B7BAC3}: [DhcpNameServer] 172.20.10.1 Internet Explorer: ================== HKU\S-1-5-21-2895724298-3870826659-66027776-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.msn.com/?pc=SL5M&ocid=SL5MDHP&osmkt=fr-fr BHO: IDM integration (IDMIEHlprObj Class) -> {0055C089-8582-441B-A0BF-17B458C2A3A8} -> C:\Program Files\Internet Download Manager\IDMIECC.dll [2015-12-08] (Internet Download Manager, Tonec Inc.) BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_66\bin\ssv.dll [2016-01-05] (Oracle Corporation) BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17] (Microsoft Corp.) BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_66\bin\jp2ssv.dll [2016-01-05] (Oracle Corporation) BHO: BHOImpl Class -> {E1499FE7-129D-4B6E-B681-DDF21E14172C} -> C:\Program Files\ThinkSky\iTools 3\Extensions\iToolsBHO.dll [2016-04-11] (iTools.hk) FireFox: ======== FF ProfilePath: C:\Users\HsN\AppData\Roaming\Mozilla\Firefox\Profiles\e8vs0k0g.default FF SearchEngineOrder.3: Bing FF SelectedSearchEngine: Bing FF Homepage: hxxp://www.msn.com/?pc=SL5M&ocid=SL5MDHP&osmkt=fr-fr FF Keyword.URL: hxxp://www.bing.com/search?FORM=SL5MDF&PC=SL5M&q= FF Plugin: @Apple.com/iTunes,version=1.0 -> C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll [2015-10-14] () FF Plugin: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf -> C:\Program Files\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2015-02-11] (Foxit Corporation) FF Plugin: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.fdf -> C:\Program Files\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2015-02-11] (Foxit Corporation) FF Plugin: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xdp -> C:\Program Files\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2015-02-11] (Foxit Corporation) FF Plugin: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xfdf -> C:\Program Files\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2015-02-11] (Foxit Corporation) FF Plugin: @itools.hk/npiTools, version=1.0.0 -> C:\Program Files\ThinkSky\iTools 3\Extensions\npiTools.dll [2016-04-11] () FF Plugin: @java.com/DTPlugin,version=11.66.2 -> C:\Program Files\Java\jre1.8.0_66\bin\dtplugin\npDeployJava1.dll [2016-01-05] (Oracle Corporation) FF Plugin: @java.com/JavaPlugin,version=11.66.2 -> C:\Program Files\Java\jre1.8.0_66\bin\plugin2\npjp2.dll [2016-01-05] (Oracle Corporation) FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.41212.0\npctrl.dll [2015-12-12] ( Microsoft Corporation) FF Plugin: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation) FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-02-03] (Google Inc.) FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-02-03] (Google Inc.) FF Plugin: @videolan.org/vlc,version=2.2.1 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN) FF SearchPlugin: C:\Users\HsN\AppData\Roaming\Mozilla\Firefox\Profiles\e8vs0k0g.default\searchplugins\bing-.xml [2015-11-15] FF Extension: Bing Search - C:\Users\HsN\AppData\Roaming\Mozilla\Firefox\Profiles\e8vs0k0g.default\Extensions\bingsearch.full@microsoft.com.xpi [2015-11-15] FF HKLM\...\Thunderbird\Extensions: [te_7.0@nokia.com] - C:\Program Files\Nokia\Nokia Suite\Connectors\Thunderbird Connector\ThunderbirdExtension_7.0 FF Extension: Pas de nom - C:\Program Files\Nokia\Nokia Suite\Connectors\Thunderbird Connector\ThunderbirdExtension_7.0 [2016-03-31] [non signé] FF HKU\S-1-5-21-2895724298-3870826659-66027776-1000\...\Firefox\Extensions: [mozilla_cc2@internetdownloadmanager.com] - C:\Program Files\Internet Download Manager\idmmzcc2.xpi FF Extension: IDM integration - C:\Program Files\Internet Download Manager\idmmzcc2.xpi [2015-12-09] FF HKU\S-1-5-21-2895724298-3870826659-66027776-1000\...\SeaMonkey\Extensions: [mozilla_cc@internetdownloadmanager.com] - C:\Users\HsN\AppData\Roaming\IDM\idmmzcc5 FF Extension: IDM CC - C:\Users\HsN\AppData\Roaming\IDM\idmmzcc5 [2016-04-18] [non signé] FF HKU\S-1-5-21-2895724298-3870826659-66027776-1000\...\SeaMonkey\Extensions: [mozilla_cc2@internetdownloadmanager.com] - C:\Program Files\Internet Download Manager\idmmzcc2.xpi Chrome: ======= CHR HomePage: Default -> msn.com/?pc=__PARAM__&ocid=__PARAM__DHP&osmkt=ar-xl CHR DefaultSearchURL: Default -> hxxp://www.bing.com/search?FORM=__PARAM__DF&PC=__PARAM__&q={searchTerms} CHR DefaultSearchKeyword: Default -> bing.com CHR Profile: C:\Users\HsN\AppData\Local\Google\Chrome\User Data\Default CHR Extension: (عروض Google التقديمية) - C:\Users\HsN\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-09-30] CHR Extension: (محرّر مستندات Google) - C:\Users\HsN\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-09-30] CHR Extension: (Google Drive) - C:\Users\HsN\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-10-22] CHR Extension: (Youtube) - C:\Users\HsN\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-09-30] CHR Extension: (بحث Google) - C:\Users\HsN\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-10-27] CHR Extension: (جداول بيانات Google ) - C:\Users\HsN\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-09-30] CHR Extension: (EditThisCookie) - C:\Users\HsN\AppData\Local\Google\Chrome\User Data\Default\Extensions\fngmhnnpilhplaeedifhccceomclgfbg [2016-01-09] CHR Extension: (مستندات Google في وضع عدم الاتصال) - C:\Users\HsN\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-03-16] CHR Extension: (IDM Integration Module) - C:\Users\HsN\AppData\Local\Google\Chrome\User Data\Default\Extensions\ngpampappnmepgilojfohadhhmbhlaek [2016-04-10] CHR Extension: (Chrome Web Store Payments) - C:\Users\HsN\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-04-02] CHR Extension: (电脑管家上网防护) - C:\Users\HsN\AppData\Local\Google\Chrome\User Data\Default\Extensions\ooebklgpfnbcnpokahmdidgbmlcdepkm [2016-02-24] CHR Extension: (Gmail) - C:\Users\HsN\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-09-30] CHR HKLM\...\Chrome\Extension: [ngpampappnmepgilojfohadhhmbhlaek] - C:\Program Files\Internet Download Manager\IDMGCExt.crx [2015-12-29] CHR HKU\S-1-5-21-2895724298-3870826659-66027776-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [fcfenmboojpjinhpgggodefccipikbpd] - hxxps://clients2.google.com/service/update2/crx ==================== Services (Avec liste blanche) ======================== (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.) R2 ADUServiceNSRT; C:\Program Files\Common Files\Microsoft\Care Suite\ADUService\ADUService.exe [94888 2015-10-12] () R2 CodeMeter.exe; C:\Program Files\CodeMeter\Runtime\bin\CodeMeter.exe [2568120 2012-07-19] (WIBU-SYSTEMS AG) R2 HitmanProScheduler; C:\Program Files\HitmanPro\hmpsched.exe [113632 2016-04-18] (SurfRight B.V.) R2 HWDeviceService.exe; C:\ProgramData\DatacardService\HWDeviceService.exe [271712 2011-03-14] () S2 Internet Mobile. RunOuc; C:\Program Files\Internet Mobile\UpdateDog\ouc.exe [655712 2015-11-08] () R2 MBAMService; C:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe [1136608 2016-03-10] (Malwarebytes) R2 MeditelInternet_Service; C:\Program Files\MeditelInternet\MeditelInternet_Service.exe [346680 2014-05-22] () R2 Mobile Broadband HL Service; C:\ProgramData\MobileBrServ\mbbservice.exe [230240 2015-10-08] () R2 RalinkRegistryWriter; C:\Program Files\Ralink\Common\RaRegistry.exe [391472 2013-06-26] (Ralink Technology, Corp.) S2 RaMediaServer; C:\Program Files\Ralink\Common\RaMediaServer.exe [1863680 2012-07-06] (Ralink) [Fichier non signé] R2 ss_conn_service; C:\Program Files\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe [754784 2016-01-08] (DEVGURU Co., LTD.) R2 VMAuthdService; C:\Program Files\VMware\VMware Workstation\vmware-authd.exe [86744 2014-04-14] (VMware, Inc.) R2 VMnetDHCP; C:\Windows\system32\vmnetdhcp.exe [359128 2014-04-14] (VMware, Inc.) R2 VMUSBArbService; C:\Program Files\Common Files\VMware\USB\vmware-usbarbitrator.exe [722624 2014-02-27] (VMware, Inc.) R2 VMware NAT Service; C:\Windows\system32\vmnat.exe [437976 2014-04-14] (VMware, Inc.) R2 VMwareHostd; C:\Program Files\VMware\VMware Workstation\vmware-hostd.exe [14407384 2014-04-14] () R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [680960 2013-05-27] (Microsoft Corporation) S2 avgsvc; "C:\Program Files\AVG\Framework\Common\avgsvcx.exe" [X] S2 TuneUp.UtilitiesSvc; "C:\Program Files\AVG\AVG PC TuneUp\TuneUpUtilitiesService32.exe" [X] ===================== Pilotes (Avec liste blanche) ========================== (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.) S3 FlashUSB; C:\Windows\System32\DRIVERS\FlashUSB.sys [16384 2015-05-21] (Intel Mobile Communications) R3 FTDIBUS; C:\Windows\System32\drivers\ftdibus.sys [62216 2013-03-06] (FTDI Ltd.) S3 ggsomc; C:\Windows\System32\DRIVERS\ggsomc.sys [26328 2016-02-28] (Sony Mobile Communications) R2 hcmon; C:\Windows\system32\drivers\hcmon.sys [43840 2014-02-27] (VMware, Inc.) S3 hwusb_cdcacm; C:\Windows\System32\DRIVERS\ew_cdcacm.sys [108032 2013-10-23] (Huawei Technologies Co., Ltd.) S3 hwusb_wwanecm; C:\Windows\System32\DRIVERS\ew_wwanecm.sys [316544 2013-11-01] (Huawei Technologies Co., Ltd.) S3 massfilter; C:\Windows\System32\drivers\massfilter.sys [9216 2011-08-29] (MBB Incorporated) R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [24448 2016-03-10] (Malwarebytes) R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [170200 2016-04-18] (Malwarebytes) S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [53120 2016-03-10] (Malwarebytes Corporation) S3 netr28u; C:\Windows\System32\DRIVERS\netr28u.sys [1635632 2013-09-06] (Ralink Technology Corp.) S3 qcusbser; C:\Windows\System32\DRIVERS\ZTEusbmdm.sys [99584 2012-04-26] (ZTE Incorporated) R1 SCDEmu; C:\Windows\system32\Drivers\SCDEmu.sys [114368 2015-10-08] (Power Software Ltd) S3 SciCmpst; C:\Windows\System32\DRIVERS\SciCmpst.sys [117248 2012-04-13] (Spreadtrum Communication Inc.) [Fichier non signé] S3 SciModem; C:\Windows\System32\DRIVERS\SciModem.sys [117248 2012-04-13] (Spreadtrum Communication Inc.) [Fichier non signé] S3 SciU2S; C:\Windows\System32\DRIVERS\SciU2S.sys [117248 2012-04-13] (Spreadtrum Communication Inc.) [Fichier non signé] S3 ssdudfu; C:\Windows\System32\DRIVERS\ssdudfu.sys [80968 2015-05-21] (MCCI) S3 ssm_bus; C:\Windows\System32\DRIVERS\ssm_bus.sys [104448 2010-08-27] (MCCI Corporation) S3 ssm_mdfl; C:\Windows\System32\DRIVERS\ssm_mdfl.sys [14848 2010-08-27] (MCCI Corporation) S3 ssm_mdm; C:\Windows\System32\DRIVERS\ssm_mdm.sys [132608 2010-08-27] (MCCI Corporation) S3 ss_bbus; C:\Windows\System32\DRIVERS\ss_bbus.sys [98432 2010-08-27] (MCCI) S3 ss_bmdfl; C:\Windows\System32\DRIVERS\ss_bmdfl.sys [14848 2010-08-27] (MCCI Corporation) S3 ss_bmdm; C:\Windows\System32\DRIVERS\ss_bmdm.sys [123648 2010-08-27] (MCCI Corporation) S3 TSSK; C:\Windows\System32\tssk.sys [74040 2016-02-09] (电脑管家) R3 VMnetAdapter; C:\Windows\System32\DRIVERS\vmnetadapter.sys [17104 2014-04-14] (VMware, Inc.) R2 VMnetBridge; C:\Windows\System32\DRIVERS\vmnetbridge.sys [37456 2014-04-14] (VMware, Inc.) R2 VMnetuserif; C:\Windows\system32\drivers\vmnetuserif.sys [26968 2014-04-14] (VMware, Inc.) R2 VMparport; C:\Windows\system32\Drivers\VMparport.sys [24920 2014-04-14] (VMware, Inc.) S3 vmusb; C:\Windows\System32\DRIVERS\vmusb.sys [32320 2014-02-27] (VMware, Inc.) R2 vmx86; C:\Windows\system32\Drivers\vmx86.sys [66136 2014-04-14] (VMware, Inc.) R0 vsock; C:\Windows\System32\drivers\vsock.sys [63824 2013-10-08] (VMware, Inc.) R2 vstor2-mntapi20-shared; C:\Windows\System32\drivers\vstor2-mntapi20-shared.sys [23632 2013-02-22] (VMware, Inc.) S3 SCDModem; system32\DRIVERS\SCDModem.sys [X] S3 SCDSerials; system32\DRIVERS\SCDSerials.sys [X] S3 SCDUsbHub; system32\DRIVERS\SCDUsbHub.sys [X] S3 softaal; \??\C:\Program Files\Tencent\QQPCMgr\11.3.17207.222\softaal.sys [X] S2 tsnethlp; \??\C:\Program Files\Tencent\QQPCMgr\11.3.17207.222\TsNetHlp.sys [X] R3 TuneUpUtilitiesDrv; \??\C:\Program Files\AVG\AVG PC TuneUp\TuneUpUtilitiesDriver32.sys [X] U5 UnlockerDriver5; C:\Program Files\Unlocker\UnlockerDriver5.sys [4096 2010-07-04] () [Fichier non signé] S3 VGPU; System32\drivers\rdvgkmd.sys [X] ==================== NetSvcs (Avec liste blanche) =================== (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.) ==================== Un mois - Créés - fichiers et dossiers ======== (Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.) 2016-04-18 14:00 - 2016-04-18 14:01 - 00000000 ____D C:\FRST 2016-04-18 13:28 - 2016-04-18 13:28 - 00001118 _____ C:\Users\HsN\Desktop\MALW.txt 2016-04-18 12:42 - 2016-04-18 12:42 - 00000000 ____H C:\ProgramData\cm-lock 2016-04-18 12:39 - 2016-04-18 12:39 - 00118028 _____ C:\Windows\system32\.crusader 2016-04-18 12:27 - 2016-04-18 12:40 - 00000000 ____D C:\ProgramData\HitmanPro 2016-04-18 12:27 - 2016-04-18 12:27 - 00001941 _____ C:\Users\Public\Desktop\HitmanPro.lnk 2016-04-18 12:27 - 2016-04-18 12:27 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HitmanPro 2016-04-18 12:27 - 2016-04-18 12:27 - 00000000 ____D C:\Program Files\HitmanPro 2016-04-18 12:17 - 2016-04-18 12:17 - 00001230 _____ C:\Users\Public\Desktop\Revo Uninstaller Pro.lnk 2016-04-18 12:17 - 2016-04-18 12:17 - 00000000 ____D C:\Users\HsN\AppData\Local\VS Revo Group 2016-04-18 12:17 - 2016-04-18 12:17 - 00000000 ____D C:\ProgramData\VS Revo Group 2016-04-18 12:17 - 2016-04-18 12:17 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Revo Uninstaller Pro 2016-04-18 12:17 - 2016-04-18 12:17 - 00000000 ____D C:\Program Files\VS Revo Group 2016-04-18 12:17 - 2009-12-30 10:21 - 00027192 _____ (VS Revo Group) C:\Windows\system32\Drivers\revoflt.sys 2016-04-18 12:02 - 2016-04-18 12:02 - 00128279 _____ C:\Users\HsN\Desktop\ZHPDiag.txt 2016-04-17 20:41 - 2016-04-18 12:00 - 00000000 ____D C:\Users\HsN\AppData\Roaming\ZHP 2016-04-17 20:41 - 2016-04-18 11:59 - 00000816 _____ C:\Users\HsN\Desktop\ZHPDiag.lnk 2016-04-17 20:40 - 2016-04-17 20:41 - 02187264 _____ C:\Users\HsN\Downloads\ZHPDiag3.exe 2016-04-17 20:11 - 2016-04-18 11:29 - 00000000 ____D C:\UsbFix 2016-04-17 20:11 - 2016-04-17 20:11 - 00001448 _____ C:\Users\HsN\Desktop\UsbFix.lnk 2016-04-17 17:24 - 2015-09-12 20:27 - 00000000 ____D C:\Users\HsN\Desktop\J200HXXU0AOI6_ODD0AOI2 2016-04-17 15:25 - 2010-11-30 20:19 - 00000000 ____D C:\Users\HsN\Desktop\S5600AEIF1 2016-04-17 14:27 - 2016-03-29 12:06 - 00049936 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\TURegOpt.exe 2016-04-17 14:27 - 2016-03-29 11:53 - 00039696 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\authuitu.dll 2016-04-17 14:24 - 2016-04-18 12:54 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG Zen 2016-04-17 14:24 - 2016-04-17 14:24 - 00000832 _____ C:\Users\Public\Desktop\AVG.lnk 2016-04-17 14:22 - 2016-04-18 12:54 - 00000000 ____D C:\Program Files\AVG 2016-04-17 14:22 - 2016-04-17 14:28 - 00000000 ____D C:\ProgramData\Avg 2016-04-17 14:21 - 2016-04-18 12:53 - 00000000 ____D C:\Users\HsN\AppData\Local\AvgSetupLog 2016-04-17 14:20 - 2016-04-17 14:20 - 00000000 ____D C:\Users\HsN\AppData\Roaming\Opera Software 2016-04-16 20:41 - 2016-03-12 11:07 - 2064422485 ____N C:\Users\HsN\Desktop\J500FXXU1APB4_J500FOJV1APC2_J500FXXU1APB2_HOME.tar.md5 2016-04-16 18:55 - 2015-12-29 15:31 - 2018288725 ____N C:\Users\HsN\Desktop\J500FXXU1AOL3_J500FODD1AOL3_J500FDDU1AOL3_HOME.tar.md5 2016-04-16 16:41 - 2016-04-16 16:42 - 00000000 ____D C:\Users\HsN\Desktop\J120F 2016-04-14 20:50 - 2016-04-14 20:50 - 00000000 ____D C:\Users\HsN\Documents\SideSync 2016-04-14 20:43 - 2016-04-14 20:43 - 00001094 _____ C:\Users\Public\Desktop\SideSync.lnk 2016-04-14 20:42 - 2016-01-08 09:51 - 00191200 _____ (DEVGURU Co., LTD.(www.devguru.co.kr)) C:\Windows\system32\Drivers\ssudmdm.sys 2016-04-14 20:42 - 2016-01-08 09:51 - 00099296 _____ (DEVGURU Co., LTD.(www.devguru.co.kr)) C:\Windows\system32\Drivers\ssudbus.sys 2016-04-14 20:36 - 2016-04-14 20:40 - 00000000 ____D C:\Users\HsN\Desktop\J120F 4 2016-04-14 20:33 - 2016-04-14 20:35 - 48364048 _____ (Samsung) C:\Users\HsN\Downloads\SideSync_4.3.0.92.exe 2016-04-14 18:19 - 2014-02-05 06:51 - 00000000 ____D C:\Users\HsN\Desktop\E1205TJXMG1_OJXMG1 2016-04-14 11:48 - 2016-01-16 13:50 - 00000000 ____D C:\Users\HsN\Desktop\e1207t 2016-04-13 17:49 - 2012-12-13 00:30 - 00000000 ____D C:\Users\HsN\Desktop\E1207TJPLI6_OJPLI6 2016-04-13 13:13 - 2016-03-17 23:36 - 03998952 _____ (Microsoft Corporation) C:\Windows\system32\ntkrnlpa.exe 2016-04-13 13:13 - 2016-03-17 23:36 - 03943144 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe 2016-04-13 13:13 - 2016-03-17 23:36 - 00137960 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys 2016-04-13 13:13 - 2016-03-17 23:36 - 00067304 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys 2016-04-13 13:13 - 2016-03-17 23:33 - 01310528 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll 2016-04-13 13:13 - 2016-03-17 23:30 - 00400896 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll 2016-04-13 13:13 - 2016-03-17 23:30 - 00171520 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll 2016-04-13 13:13 - 2016-03-17 23:30 - 00171008 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll 2016-04-13 13:13 - 2016-03-17 23:30 - 00099840 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll 2016-04-13 13:13 - 2016-03-17 23:30 - 00065536 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll 2016-04-13 13:13 - 2016-03-17 23:30 - 00043008 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll 2016-04-13 13:13 - 2016-03-17 23:29 - 00655360 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll 2016-04-13 13:13 - 2016-03-17 23:29 - 00251392 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll 2016-04-13 13:13 - 2016-03-17 23:29 - 00141312 _____ (Microsoft Corporation) C:\Windows\system32\rpchttp.dll 2016-04-13 13:13 - 2016-03-17 23:29 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\setbcdlocale.dll 2016-04-13 13:13 - 2016-03-17 23:29 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll 2016-04-13 13:13 - 2016-03-17 23:28 - 01414144 _____ (Microsoft Corporation) C:\Windows\system32\ole32.dll 2016-04-13 13:13 - 2016-03-17 23:27 - 00260608 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll 2016-04-13 13:13 - 2016-03-17 23:27 - 00223232 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll 2016-04-13 13:13 - 2016-03-17 23:27 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll 2016-04-13 13:13 - 2016-03-17 23:27 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll 2016-04-13 13:13 - 2016-03-17 23:26 - 01062400 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll 2016-04-13 13:13 - 2016-03-17 23:26 - 00872448 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll 2016-04-13 13:13 - 2016-03-17 23:26 - 00553984 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll 2016-04-13 13:13 - 2016-03-17 23:26 - 00294400 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll 2016-04-13 13:13 - 2016-03-17 23:25 - 00038912 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll 2016-04-13 13:13 - 2016-03-17 23:25 - 00017408 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll 2016-04-13 13:13 - 2016-03-17 23:24 - 00690688 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll 2016-04-13 13:13 - 2016-03-17 23:24 - 00644096 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll 2016-04-13 13:13 - 2016-03-17 23:24 - 00050688 _____ (Microsoft Corporation) C:\Windows\system32\appidapi.dll 2016-04-13 13:13 - 2016-03-17 23:24 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll 2016-04-13 13:13 - 2016-03-17 23:24 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll 2016-04-13 13:13 - 2016-03-17 23:24 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll 2016-04-13 13:13 - 2016-03-17 23:24 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll 2016-04-13 13:13 - 2016-03-17 23:24 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll 2016-04-13 13:13 - 2016-03-17 23:24 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll 2016-04-13 13:13 - 2016-03-17 23:24 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll 2016-04-13 13:13 - 2016-03-17 23:24 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll 2016-04-13 13:13 - 2016-03-17 23:24 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll 2016-04-13 13:13 - 2016-03-17 23:24 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll 2016-04-13 13:13 - 2016-03-17 23:24 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll 2016-04-13 13:13 - 2016-03-17 23:24 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll 2016-04-13 13:13 - 2016-03-17 23:24 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll 2016-04-13 13:13 - 2016-03-17 23:24 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll 2016-04-13 13:13 - 2016-03-17 23:24 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll 2016-04-13 13:13 - 2016-03-17 23:24 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll 2016-04-13 13:13 - 2016-03-17 23:24 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll 2016-04-13 13:13 - 2016-03-17 23:24 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll 2016-04-13 13:13 - 2016-03-17 23:24 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll 2016-04-13 13:13 - 2016-03-17 23:24 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll 2016-04-13 13:13 - 2016-03-17 23:24 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll 2016-04-13 13:13 - 2016-03-17 23:24 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll 2016-04-13 13:13 - 2016-03-17 23:24 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll 2016-04-13 13:13 - 2016-03-17 23:24 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll 2016-04-13 13:13 - 2016-03-17 23:24 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll 2016-04-13 13:13 - 2016-03-17 22:42 - 00097792 _____ (Microsoft Corporation) C:\Windows\system32\appidpolicyconverter.exe 2016-04-13 13:13 - 2016-03-17 22:42 - 00050688 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\appid.sys 2016-04-13 13:13 - 2016-03-17 22:42 - 00029696 _____ (Microsoft Corporation) C:\Windows\system32\appidsvc.dll 2016-04-13 13:13 - 2016-03-17 22:42 - 00016896 _____ (Microsoft Corporation) C:\Windows\system32\appidcertstorecheck.exe 2016-04-13 13:13 - 2016-03-17 22:41 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe 2016-04-13 13:13 - 2016-03-17 22:36 - 00271360 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe 2016-04-13 13:13 - 2016-03-17 22:35 - 00262656 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe 2016-04-13 13:13 - 2016-03-17 22:30 - 00226304 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys 2016-04-13 13:13 - 2016-03-17 22:30 - 00124416 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys 2016-04-13 13:13 - 2016-03-17 22:30 - 00098304 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys 2016-04-13 13:13 - 2016-03-17 22:29 - 00069632 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe 2016-04-13 13:13 - 2016-03-17 22:29 - 00036352 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll 2016-04-13 13:13 - 2016-03-17 22:29 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe 2016-04-13 13:13 - 2016-03-17 22:29 - 00015872 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll 2016-04-13 13:13 - 2016-03-17 22:29 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll 2016-04-13 13:13 - 2016-03-17 22:29 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll 2016-04-13 13:13 - 2016-03-17 22:29 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll 2016-04-13 13:13 - 2016-03-17 22:29 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll 2016-04-13 13:13 - 2016-03-16 19:28 - 00176128 _____ (Microsoft Corporation) C:\Windows\system32\msorcl32.dll 2016-04-13 13:13 - 2016-03-16 19:28 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\mtxoci.dll 2016-04-13 13:13 - 2016-03-16 00:53 - 00566272 _____ (Microsoft Corporation) C:\Windows\system32\samsrv.dll 2016-04-13 13:13 - 2016-03-16 00:53 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\samlib.dll 2016-04-13 13:13 - 2016-03-11 19:35 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll 2016-04-13 13:13 - 2016-02-02 19:48 - 00376320 _____ (Microsoft Corporation) C:\Windows\system32\rpcss.dll 2016-04-13 13:13 - 2016-01-21 01:51 - 00057280 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\disk.sys 2016-04-13 13:07 - 2016-04-04 18:54 - 00034024 _____ (Microsoft Corporation) C:\Windows\system32\CompatTelRunner.exe 2016-04-13 13:07 - 2016-04-04 18:42 - 00957952 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll 2016-04-13 13:07 - 2016-04-02 14:07 - 01218048 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll 2016-04-13 13:07 - 2016-03-29 18:35 - 02397184 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys 2016-04-13 13:07 - 2016-03-23 15:02 - 00177664 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll 2016-04-13 13:07 - 2016-03-17 19:04 - 00560640 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll 2016-04-13 13:07 - 2016-03-17 19:04 - 00424960 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll 2016-04-13 13:07 - 2016-03-17 19:04 - 00232960 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll 2016-04-13 13:07 - 2016-03-17 19:04 - 00065536 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll 2016-04-13 13:07 - 2016-03-06 19:38 - 01240576 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll 2016-04-13 13:07 - 2016-03-06 19:38 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll 2016-04-13 13:07 - 2016-02-05 19:44 - 00097792 _____ (Microsoft Corporation) C:\Windows\system32\fveapibase.dll 2016-04-13 13:07 - 2016-02-05 18:33 - 00015360 _____ (Microsoft Corporation) C:\Windows\system32\tbs.dll 2016-04-13 13:07 - 2015-06-03 21:22 - 00355456 _____ (Microsoft Corporation) C:\Windows\system32\fveapi.dll 2016-04-12 20:25 - 2016-04-12 20:29 - 00000414 _____ C:\Users\HsN\Downloads\cccam (2).server 2016-04-12 15:20 - 2016-04-12 15:21 - 00000000 ____D C:\Users\HsN\Desktop\S1 2016-04-12 14:40 - 2016-04-12 14:41 - 00000000 ____D C:\Users\HsN\Desktop\Nouveau dossier 2016-04-12 14:25 - 2012-03-12 15:58 - 00000000 ____D C:\Users\HsN\Desktop\I9000DXJVA_OLBJV9 2016-04-12 14:11 - 2012-02-29 11:11 - 300013056 ____N C:\Users\HsN\Desktop\JVC_JV7_JV6.tar 2016-04-05 18:01 - 2015-12-19 12:21 - 23633920 _____ C:\Users\HsN\Desktop\KU1.9_SM-G318H_4.4.4.tar 2016-04-05 17:44 - 2016-04-05 17:44 - 00276519 _____ C:\Users\HsN\Desktop\jp.co.c_lis.ccl.morelocale_2.3.1_free-www.apkhere.com.apk 2016-04-05 14:44 - 2016-04-05 14:44 - 04194360 _____ C:\Users\HsN\Downloads\20160302__3119_GUI_D_3510_Wifi_V_USB.abs 2016-04-05 14:41 - 2016-04-05 14:41 - 04194360 _____ C:\Users\HsN\Downloads\X210HD.abs 2016-04-05 13:51 - 2012-04-30 12:59 - 00000000 ____D C:\Users\HsN\Desktop\S5369BULA1_VDRLA1 2016-04-04 10:16 - 2016-04-04 10:16 - 00000000 ____D C:\Program Files\MSXML 4.0 2016-04-02 14:13 - 2015-11-18 09:09 - 03674112 _____ C:\Users\HsN\Desktop\VISIONTNT.bin 2016-04-02 14:11 - 2016-04-02 14:11 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\7-Zip 2016-04-02 14:11 - 2016-04-02 14:11 - 00000000 ____D C:\Program Files\7-Zip 2016-04-02 11:13 - 2016-04-02 11:13 - 00332146 _____ C:\Users\HsN\Documents\cc_20160402_111353.reg 2016-04-02 11:07 - 2016-04-02 11:08 - 00000000 ____D C:\Program Files\CCleaner 2016-04-02 11:07 - 2016-04-02 11:07 - 00000965 _____ C:\Users\Public\Desktop\CCleaner.lnk 2016-04-02 11:07 - 2016-04-02 11:07 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner 2016-03-31 19:09 - 2016-03-31 19:09 - 00000000 ____D C:\Users\HsN\AppData\Local\NokiaAccount 2016-03-31 19:09 - 2016-03-31 19:09 - 00000000 ____D C:\Users\HsN\AppData\Local\Nokia 2016-03-31 19:08 - 2016-03-31 19:08 - 00002047 _____ C:\Users\Public\Desktop\Nokia Suite.lnk 2016-03-31 19:08 - 2016-03-31 19:08 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nokia 2016-03-31 19:07 - 2016-03-31 19:07 - 00000000 ____D C:\ProgramData\NokiaInstallerCache 2016-03-31 17:59 - 2016-03-31 17:59 - 00000000 ____H C:\Windows\system32\Drivers\Msft_Kernel_ccdcmb_01009.Wdf 2016-03-31 17:58 - 2016-03-31 17:58 - 00001996 _____ C:\Users\Public\Desktop\Nokia PC Suite.lnk 2016-03-31 17:02 - 2016-04-14 10:19 - 00000000 ____D C:\Program Files\Mozilla Maintenance Service 2016-03-31 17:02 - 2016-03-31 17:02 - 00001117 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk 2016-03-31 17:02 - 2016-03-31 17:02 - 00001105 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk 2016-03-31 15:40 - 2016-03-31 15:40 - 01911016 _____ C:\Users\HsN\Downloads\whatsapp-n.jar 2016-03-30 11:13 - 2016-03-30 11:13 - 00001863 _____ C:\Users\HsN\Desktop\DiskPlayer.lnk 2016-03-30 11:13 - 2016-03-30 11:13 - 00001795 _____ C:\Users\HsN\Desktop\Player.lnk 2016-03-30 11:13 - 2016-03-30 11:13 - 00001739 _____ C:\Users\HsN\Desktop\CMS.lnk 2016-03-30 11:13 - 2016-03-30 11:13 - 00000000 ____D C:\Users\HsN\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\DiskPlayer 2016-03-30 11:13 - 2016-03-30 11:13 - 00000000 ____D C:\Users\HsN\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\CMS 2016-03-30 11:13 - 2016-03-30 11:13 - 00000000 ____D C:\Program Files\DiskPlayer 2016-03-30 11:08 - 2016-03-30 11:08 - 00017268 _____ C:\Users\HsN\Downloads\3d_collection.mkv (1).torrent 2016-03-29 21:40 - 2016-03-29 21:40 - 14066452 _____ C:\Users\HsN\Downloads\Galaxy j2 Root by road2blogg.rar 2016-03-23 13:32 - 2016-03-23 13:33 - 14999552 _____ C:\Users\HsN\Desktop\CLEVER3 MINI+.bin 2016-03-20 15:16 - 2016-03-20 15:16 - 00014145 _____ C:\Users\HsN\Downloads\G531FXXU1AOF7_ROOT_SYSTEM.ZIP.torrent ==================== Un mois - Modifiés - fichiers et dossiers ======== (Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.) 2016-04-18 13:53 - 2015-12-10 13:00 - 00000302 _____ C:\Windows\Tasks\iToolsDaemon.job 2016-04-18 13:09 - 2015-09-30 18:51 - 00001058 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job 2016-04-18 13:03 - 2015-10-03 20:40 - 00000000 ___HD C:\Program Files\InstallShield Installation Information 2016-04-18 12:51 - 2015-09-30 16:54 - 00000000 ____D C:\Users\HsN\AppData\Roaming\DMCache 2016-04-18 12:43 - 2015-09-30 17:16 - 00000000 ____D C:\Program Files\Z3X 2016-04-18 12:42 - 2015-11-01 11:40 - 00000000 ____D C:\ProgramData\VMware 2016-04-18 12:41 - 2015-09-30 18:51 - 00001054 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job 2016-04-18 12:41 - 2009-07-14 05:53 - 00000006 ____H C:\Windows\Tasks\SA.DAT 2016-04-18 12:39 - 2015-10-15 12:14 - 00000000 ____D C:\Users\HsN\AppData\Roaming\mgyun 2016-04-18 12:38 - 2015-09-30 17:05 - 00170200 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys 2016-04-18 12:37 - 2015-09-30 16:54 - 00000000 ____D C:\Users\HsN\Downloads\Compressed 2016-04-18 12:25 - 2015-09-30 17:04 - 00001060 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk 2016-04-18 12:25 - 2015-09-30 17:04 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware 2016-04-18 12:25 - 2015-09-30 17:04 - 00000000 ____D C:\Program Files\Malwarebytes Anti-Malware 2016-04-18 11:50 - 2009-07-14 05:34 - 00026944 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 2016-04-18 11:50 - 2009-07-14 05:34 - 00026944 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 2016-04-17 21:00 - 2015-11-16 13:18 - 00000000 ____D C:\Program Files\CMS 2016-04-17 20:17 - 2011-04-12 02:35 - 00904186 _____ C:\Windows\system32\perfh00C.dat 2016-04-17 20:17 - 2011-04-12 02:35 - 00307152 _____ C:\Windows\system32\perfc00C.dat 2016-04-17 20:17 - 2010-11-20 22:01 - 00006394 _____ C:\Windows\system32\PerfStringBackup.INI 2016-04-17 12:32 - 2009-07-14 03:37 - 00000000 ____D C:\Windows\rescache 2016-04-16 11:49 - 2009-07-14 03:37 - 00000000 ____D C:\Windows\ModemLogs 2016-04-14 20:50 - 2015-10-03 12:48 - 00000000 ____D C:\Users\HsN\AppData\Roaming\Samsung 2016-04-14 20:43 - 2015-10-03 20:40 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Samsung 2016-04-14 20:42 - 2009-07-14 03:37 - 00000000 ____D C:\Windows\inf 2016-04-14 20:38 - 2015-10-03 12:31 - 00000000 ____D C:\Program Files\Samsung 2016-04-14 14:51 - 2009-07-14 05:33 - 00274992 _____ C:\Windows\system32\FNTCACHE.DAT 2016-04-14 14:49 - 2015-10-05 11:09 - 00000000 ____D C:\Windows\system32\appraiser 2016-04-14 12:05 - 2015-10-22 19:29 - 00000000 ____D C:\Users\HsN\AppData\Roaming\EurekaLog 2016-04-13 20:39 - 2015-10-26 22:22 - 00000000 ____D C:\Program Files\Internet Haut Débit Mobile 2016-04-13 17:48 - 2015-11-15 17:07 - 00000000 ____D C:\Program Files\Mozilla Firefox 2016-04-13 12:23 - 2015-11-01 12:07 - 00000000 ____D C:\Users\HsN\AppData\Roaming\VMware 2016-04-13 12:23 - 2015-11-01 12:07 - 00000000 ____D C:\Users\HsN\AppData\Local\VMware 2016-04-12 11:17 - 2015-09-30 16:53 - 00002141 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk 2016-04-12 11:17 - 2015-09-30 16:53 - 00002129 _____ C:\Users\Public\Desktop\Google Chrome.lnk 2016-04-11 20:40 - 2016-01-05 11:34 - 00000000 ____D C:\Users\HsN\AppData\Roaming\IDM 2016-04-10 18:06 - 2015-09-30 17:46 - 00001249 _____ C:\Users\Public\Desktop\Samsung Tool PRO.lnk 2016-04-06 10:18 - 2015-10-03 12:21 - 00374944 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe 2016-04-02 11:12 - 2016-01-07 11:28 - 00000000 ____D C:\Windows\Minidump 2016-04-02 11:12 - 2015-09-30 17:25 - 00000000 ____D C:\Windows\Panther 2016-03-31 19:08 - 2015-11-03 19:07 - 00000000 ____D C:\ProgramData\Nokia 2016-03-31 19:08 - 2015-11-03 19:06 - 00000000 ____D C:\Program Files\Nokia 2016-03-31 17:59 - 2015-11-03 19:12 - 00000000 ____D C:\Users\HsN\AppData\Roaming\PC Suite 2016-03-31 17:59 - 2015-11-03 19:12 - 00000000 ____D C:\Users\HsN\AppData\Roaming\Nokia 2016-03-31 17:58 - 2015-11-03 19:11 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nokia PC Suite 2016-03-30 15:36 - 2015-09-30 19:28 - 00000000 ____D C:\Users\HsN\AppData\Roaming\vlc 2016-03-30 15:36 - 2015-09-30 16:54 - 00000000 ____D C:\Users\HsN\Downloads\Video 2016-03-30 11:13 - 2015-11-16 13:18 - 00137742 _____ C:\Program Files\CMS Setup Log.txt 2016-03-30 11:13 - 2015-11-16 11:50 - 00018731 _____ C:\Program Files\Player Setup Log.txt 2016-03-30 11:13 - 2015-11-16 11:50 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Player 2016-03-30 11:13 - 2015-11-16 11:50 - 00000000 ____D C:\Program Files\Player 2016-03-30 11:13 - 2015-10-06 12:10 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DiskPlayer 2016-03-30 11:12 - 2015-12-10 17:01 - 00014510 _____ C:\Program Files\CMS Uninstall Log.txt 2016-03-30 10:33 - 2016-01-04 14:57 - 00000000 ____D C:\Program Files\Emsisoft Internet Security 2016-03-30 10:32 - 2015-11-03 19:06 - 00000000 ____D C:\Program Files\Microsoft Care Suite 2016-03-30 10:32 - 2015-11-03 19:02 - 00000000 ____D C:\ProgramData\Package Cache 2016-03-28 15:09 - 2015-11-05 21:50 - 00000000 ____D C:\AdvanceBox Turbo Flasher 2016-03-28 11:18 - 2015-10-04 13:12 - 00000000 ___SD C:\Windows\system32\GWX ==================== Fichiers à la racine de certains dossiers ======= 2015-11-16 13:18 - 2016-03-30 11:13 - 0137742 _____ () C:\Program Files\CMS Setup Log.txt 2015-12-10 17:01 - 2016-03-30 11:12 - 0014510 _____ () C:\Program Files\CMS Uninstall Log.txt 2015-11-16 11:50 - 2016-03-30 11:13 - 0018731 _____ () C:\Program Files\Player Setup Log.txt 2015-12-10 13:34 - 2015-12-10 13:34 - 0005120 _____ () C:\Users\HsN\AppData\Roaming\GiftBag.db 2016-04-18 12:42 - 2016-04-18 12:42 - 0000000 ____H () C:\ProgramData\cm-lock Certains fichiers dans TEMP: ==================== C:\Users\HsN\AppData\Local\Temp\NOSEventMessages.dll ==================== Bamital & volsnap ================= (Il n'y a pas de correction automatique pour les fichiers qui ne satisfont pas à la vérification.) C:\Windows\explorer.exe => Le fichier est signé numériquement C:\Windows\system32\winlogon.exe => Le fichier est signé numériquement C:\Windows\system32\wininit.exe => Le fichier est signé numériquement C:\Windows\system32\svchost.exe => Le fichier est signé numériquement C:\Windows\system32\services.exe => Le fichier est signé numériquement C:\Windows\system32\User32.dll => Le fichier est signé numériquement C:\Windows\system32\userinit.exe => Le fichier est signé numériquement C:\Windows\system32\rpcss.dll => Le fichier est signé numériquement C:\Windows\system32\dnsapi.dll => Le fichier est signé numériquement C:\Windows\system32\Drivers\volsnap.sys => Le fichier est signé numériquement LastRegBack: 2016-04-17 12:24 ==================== Fin de FRST.txt ============================