Résultats d'analyse de Farbar Recovery Scan Tool (FRST) (x86) Version:19-05-2016 Exécuté par user (administrateur) sur USER-PC (21-05-2016 02:53:26) Exécuté depuis C:\Users\user\Downloads\Programs Profils chargés: user (Profils disponibles: user) Platform: Microsoft Windows 7 Édition Familiale Premium Service Pack 1 (X86) Langue: Français (France) Internet Explorer Version 11 (Navigateur par défaut: Chrome) Mode d'amorçage: Normal Tutoriel pour Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processus (Avec liste blanche) ================= (Si un élément est inclus dans le fichier fixlist.txt, le processus sera arrêté. Le fichier ne sera pas déplacé.) (Intel Corporation) C:\Windows\System32\igfxCUIService.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtHDVBg.exe (Autodesk Inc.) C:\Program Files\Common Files\Autodesk Shared\AppManager\R1\AdAppMgrSvc.exe (Andrea Electronics Corporation) C:\Program Files\Realtek\Audio\HDA\AERTSrv.exe (Autodesk, Inc.) C:\Program Files\Autodesk\Content Service\Connect.Service.ContentService.exe (ESET) C:\Program Files\ESET\ESET Smart Security\ekrn.exe (National Instruments Corporation) C:\Windows\System32\lkads.exe (Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\VS7DEBUG\mdm.exe (National Instruments Corporation) C:\Program Files\National Instruments\Shared\niauth\niauth_daemon.exe (National Instruments Corporation) C:\Program Files\National Instruments\Shared\Security\nidmsrv.exe (National Instruments Corporation) C:\Program Files\National Instruments\Shared\nisvcloc\nisvcloc.exe (National Instruments, Inc.) C:\Windows\System32\lkcitdl.exe (National Instruments Corporation) C:\Windows\System32\lktsrv.exe (National Instruments Corporation) C:\Program Files\National Instruments\Shared\mDNS Responder\nimdnsResponder.exe (National Instruments Corporation) C:\Program Files\National Instruments\Shared\NI WebServer\SystemWebServer.exe (National Instruments Corporation) C:\Program Files\National Instruments\Shared\NI WebServer\ApplicationWebServer.exe (National Instruments Corporation) C:\Program Files\National Instruments\Shared\NI WebServer\NIWebServiceContainer.exe (National Instruments Corporation) C:\Program Files\National Instruments\Shared\NI WebServer\NIWebServiceContainer.exe (Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe (Intel Corporation) C:\Windows\System32\igfxEM.exe (Intel Corporation) C:\Windows\System32\igfxHK.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtHDVBg.exe (Adobe Systems Incorporated) C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe (ESET) C:\Program Files\ESET\ESET Smart Security\egui.exe () C:\Program Files\Common Files\Freemake Shared\ProductUpdater\ProductUpdater.exe (Zbshareware Lab) C:\Program Files\USB Disk Security\USBGuard.exe (McAfee, Inc.) C:\Program Files\McAfee Security Scan\3.11.309\SSScheduler.exe (National Instruments Corporation) C:\Program Files\National Instruments\Shared\NI Error Reporting\nierserver.exe (Autodesk Inc.) C:\Users\user\AppData\Local\Autodesk\.AdskAppManager\R1\AdAppMgr.exe (Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe (Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jucheck.exe (Tonec Inc.) C:\Program Files\Internet Download Manager\IDMan.exe (Panda Security) C:\Program Files\Panda USB Vaccine\USBVaccine.exe ==================== Registre (Avec liste blanche) =========================== (Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé. Le fichier ne sera pas déplacé.) HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI.exe [6741720 2014-07-02] (Realtek Semiconductor) HKLM\...\Run: [RtHDVBg] => C:\Program Files\Realtek\Audio\HDA\RtHDVBg.exe [1011416 2014-07-03] (Realtek Semiconductor) HKLM\...\Run: [Adobe ARM] => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1021128 2014-12-03] (Adobe Systems Incorporated) HKLM\...\Run: [egui] => C:\Program Files\ESET\ESET Smart Security\egui.exe [5088456 2015-01-28] (ESET) HKLM\...\Run: [ADSKAppManager] => C:\Program Files\Common Files\Autodesk Shared\AppManager\R1\AdAppMgr.exe [493960 2014-12-05] (Autodesk Inc.) HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [558496 2014-02-27] (Adobe Systems Incorporated) HKLM\...\Run: [APSDaemon] => C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-09-13] (Apple Inc.) HKLM\...\Run: [QuickTime Task] => C:\Program Files\QuickTime\QTTask.exe [421888 2015-06-17] (Apple Inc.) HKLM\...\Run: [ProductUpdater] => C:\Program Files\Common Files\Freemake Shared\ProductUpdater\ProductUpdater.exe [71680 2015-10-09] () HKLM\...\Run: [SunJavaUpdateSched] => C:\Program Files\Common Files\Java\Java Update\jusched.exe [595480 2016-03-20] (Oracle Corporation) HKLM\...\Run: [USB Security] => C:\Program Files\USB Disk Security\USBGuard.exe [695528 2015-01-31] (Zbshareware Lab) HKLM\...\Policies\Explorer: [NoSetFolders] 0 HKLM\...\Policies\Explorer: [NoToolbarCustomize] 0 HKLM\...\Policies\Explorer: [NoFileMenu] 0 HKLM\...\Policies\Explorer: [NoFind] 0 HKLM\...\Policies\Explorer: [HideClock] 0 HKLM\...\Policies\Explorer: [NoChangeStartMenu] 0 HKLM\...\Policies\Explorer: [NoFileUrl] 1 HKU\S-1-5-21-2257662679-3818682232-1060715382-1000\...\Run: [IDMan] => C:\Program Files\Internet Download Manager\IDMan.exe [3903056 2015-05-20] (Tonec Inc.) HKU\S-1-5-21-2257662679-3818682232-1060715382-1000\...\Run: [AdobeBridge] => [X] HKU\S-1-5-21-2257662679-3818682232-1060715382-1000\...\Run: [Skype] => C:\Program Files\Skype\Phone\Skype.exe [50509440 2015-11-30] (Skype Technologies S.A.) HKU\S-1-5-21-2257662679-3818682232-1060715382-1000\...\Run: [Steam] => C:\Program Files\Steam\steam.exe [3077712 2016-04-30] (Valve Corporation) HKU\S-1-5-21-2257662679-3818682232-1060715382-1000\...\Policies\Explorer: [] HKU\S-1-5-21-2257662679-3818682232-1060715382-1000\...\Policies\Explorer: [NoSetFolders] 0 HKU\S-1-5-21-2257662679-3818682232-1060715382-1000\...\Policies\Explorer: [NoToolbarCustomize] 0 HKU\S-1-5-21-2257662679-3818682232-1060715382-1000\...\Policies\Explorer: [NoFileMenu] 0 HKU\S-1-5-21-2257662679-3818682232-1060715382-1000\...\Policies\Explorer: [NoFind] 0 HKU\S-1-5-21-2257662679-3818682232-1060715382-1000\...\Policies\Explorer: [HideClock] 0 HKU\S-1-5-21-2257662679-3818682232-1060715382-1000\...\Policies\Explorer: [NoChangeStartMenu] 0 HKU\S-1-5-21-2257662679-3818682232-1060715382-1000\...\Policies\Explorer: [NoFileUrl] 1 ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => Pas de fichier ShellIconOverlayIdentifiers: [IDM Shell Extension] -> {CDC95B92-E27C-4745-A8C5-64A52A78855D} => C:\Program Files\Internet Download Manager\IDMShellExt.dll [2014-04-21] (Tonec Inc.) Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk [2016-04-07] ShortcutTarget: McAfee Security Scan Plus.lnk -> C:\Program Files\McAfee Security Scan\3.11.309\SSScheduler.exe (McAfee, Inc.) Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\NI Error Reporting.lnk [2016-01-20] ShortcutTarget: NI Error Reporting.lnk -> C:\Program Files\National Instruments\Shared\NI Error Reporting\nierserver.exe (National Instruments Corporation) Startup: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\winlogon.bat [2016-04-09] () GroupPolicy: Restriction - Chrome <======= ATTENTION CHR HKLM\SOFTWARE\Policies\Google: Restriction <======= ATTENTION ==================== Internet (Avec liste blanche) ==================== (Si un élément est inclus dans le fichier fixlist.txt, s'il s'agit d'un élément du Registre, il sera supprimé ou restauré à la valeur par défaut.) ProxyServer: [S-1-5-21-2257662679-3818682232-1060715382-1000] => 188.165.216.161:3128 AutoConfigURL: [S-1-5-21-2257662679-3818682232-1060715382-1000] => 188.165.216.161:3128 Winsock: Catalog5 07 C:\Program Files\National Instruments\Shared\mDNS Responder\nimdnsNSP.dll [26512 2014-06-06] (National Instruments Corporation) Hosts: 0.0.0.1 mssplus.mcafee.com Tcpip\Parameters: [DhcpNameServer] 192.168.1.1 Tcpip\..\Interfaces\{7D3E897E-93B4-4F46-A97E-4EE16FA5A041}: [DhcpNameServer] 192.168.1.1 Tcpip\..\Interfaces\{C0C6205A-DB2F-4FAF-8710-FFEF30F6BCD2}: [DhcpNameServer] 192.168.1.1 Internet Explorer: ================== HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.com SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = BHO: IDM integration (IDMIEHlprObj Class) -> {0055C089-8582-441B-A0BF-17B458C2A3A8} -> C:\Program Files\Internet Download Manager\IDMIECC.dll [2015-02-21] (Internet Download Manager, Tonec Inc.) BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_77\bin\ssv.dll [2016-03-24] (Oracle Corporation) BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_77\bin\jp2ssv.dll [2016-03-24] (Oracle Corporation) FireFox: ======== FF ProfilePath: C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\7tjnnqdv.default FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32_21_0_0_242.dll [2016-05-12] () FF Plugin: @java.com/DTPlugin,version=11.77.2 -> C:\Program Files\Java\jre1.8.0_77\bin\dtplugin\npDeployJava1.dll [2016-03-24] (Oracle Corporation) FF Plugin: @java.com/JavaPlugin,version=11.77.2 -> C:\Program Files\Java\jre1.8.0_77\bin\plugin2\npjp2.dll [2016-03-24] (Oracle Corporation) FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.41212.0\npctrl.dll [2015-12-12] ( Microsoft Corporation) FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.30.3\npGoogleUpdate3.dll [2016-05-10] (Google Inc.) FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.30.3\npGoogleUpdate3.dll [2016-05-10] (Google Inc.) FF Plugin: @videolan.org/vlc,version=2.2.0 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2015-02-27] (VideoLAN) FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2014-12-03] (Adobe Systems Inc.) FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll [2014-04-29] (Adobe Systems) FF user.js: detected! => C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\7tjnnqdv.default\user.js [2015-03-30] FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nplv2013win32.dll [2014-11-21] (National Instruments) FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nplv2014win32.dll [2015-01-25] (National Instruments) FF Extension: Cookies Manager+ - C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\7tjnnqdv.default\extensions\{bb6bc1bb-f824-4702-90cd-35e2fb24f25d} [2016-05-18] FF Extension: MEGA - C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\7tjnnqdv.default\Extensions\firefox@mega.co.nz.xpi [2016-05-18] FF Extension: Unseen - C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\7tjnnqdv.default\Extensions\unseen@tangrs.xpi [2016-04-27] FF HKU\S-1-5-21-2257662679-3818682232-1060715382-1000\...\Firefox\Extensions: [mozilla_cc@internetdownloadmanager.com] - C:\Users\user\AppData\Roaming\IDM\idmmzcc5 FF Extension: IDM CC - C:\Users\user\AppData\Roaming\IDM\idmmzcc5 [2016-05-21] [non signé] FF HKU\S-1-5-21-2257662679-3818682232-1060715382-1000\...\SeaMonkey\Extensions: [mozilla_cc@internetdownloadmanager.com] - C:\Users\user\AppData\Roaming\IDM\idmmzcc5 Chrome: ======= CHR RestoreOnStartup: Default -> "hxxp://search.yahoo.com/?fr=hp-ddc-bd&type=bg_504_bl-is-20__alt__ddc_dsssyc_bd_com" CHR StartupUrls: Default -> "","hxxp://search.yahoo.com/?fr=hp-ddc-bd&type=bg_504_bl-is-20__alt__ddc_dsssyc_bd_com" CHR Profile: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default CHR Extension: (Google Slides) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-05-13] CHR Extension: (Google Docs) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-05-13] CHR Extension: (Google Drive) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-10-25] CHR Extension: (YouTube) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-10-02] CHR Extension: (Recherche Google) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-10-30] CHR Extension: (Google Sheets) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-05-13] CHR Extension: (Google Docs hors connexion) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-03-16] CHR Extension: (AdBlock) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2016-04-22] CHR Extension: (Facebook Unseen) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\iicapmagmhahddefgokbabbgieiogjop [2016-01-05] CHR Extension: (Marauders Map) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\mliofombcghaamgjkmmmmlepkiacdhkh [2015-06-01] CHR Extension: (Facebook Chat Pro) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\mmclgeiaglomndjkoanmfchooefjhnki [2015-06-01] CHR Extension: (IDM Integration Module) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\ngpampappnmepgilojfohadhhmbhlaek [2016-04-22] CHR Extension: (Curling) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\nhalnajmigjnpjpdbpkpgfhekbjmolhp [2016-01-26] CHR Extension: (Paiements via le Chrome Web Store) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-04-15] CHR Extension: (Zapyo) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\ollhbgdkbcafedfpfkjlkcgkmdnhfgfi [2016-01-26] CHR Extension: (Gmail) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-05-13] CHR HKLM\...\Chrome\Extension: [ngpampappnmepgilojfohadhhmbhlaek] - C:\Program Files\Internet Download Manager\IDMGCExt.crx [2015-04-18] Opera: ======= OPR StartupUrls: "hxxp://search.yahoo.com/?fr=hp-ddc-bd&type=bg_504_bl-is-20__alt__ddc_dsssyc_bd_com" OPR Session Restore: -> est activé. OPR Extension: (Adblock Plus) - C:\Users\user\AppData\Roaming\Opera Software\Opera Stable\Extensions\oidhhegpmlfpoeialbgcdocjalghfpkp [2016-03-14] ==================== Services (Avec liste blanche) ======================== (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.) R2 AdAppMgrSvc; C:\Program Files\Common Files\Autodesk Shared\AppManager\R1\AdAppMgrSvc.exe [599944 2014-12-05] (Autodesk Inc.) R2 Autodesk Content Service; C:\Program Files\Autodesk\Content Service\Connect.Service.ContentService.exe [31192 2014-02-07] (Autodesk, Inc.) S3 cphs; C:\Windows\system32\IntelCpHeciSvc.exe [279000 2014-07-10] (Intel Corporation) R2 ekrn; C:\Program Files\ESET\ESET Smart Security\ekrn.exe [1349576 2015-01-28] (ESET) S3 FLEXnet Licensing Service; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [1087792 2015-06-07] (Flexera Software LLC) R2 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe [277976 2014-07-10] (Intel Corporation) R2 LkCitadelServer; C:\Windows\system32\lkcitdl.exe [695136 2014-12-02] (National Instruments, Inc.) R2 lkClassAds; C:\Windows\system32\lkads.exe [53032 2014-06-09] (National Instruments Corporation) R2 lkTimeSync; C:\Windows\system32\lktsrv.exe [63280 2014-06-09] (National Instruments Corporation) S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.11.309\McCHSvc.exe [239880 2016-03-11] (McAfee, Inc.) R2 MDM; C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe [335872 2006-10-26] (Microsoft Corporation) [Fichier non signé] R2 NIApplicationWebServer; C:\Program Files\National Instruments\Shared\NI WebServer\ApplicationWebServer.exe [57184 2014-11-21] (National Instruments Corporation) R2 niauth; C:\Program Files\National Instruments\Shared\niauth\niauth_daemon.exe [569152 2014-10-23] (National Instruments Corporation) R2 NIDomainService; C:\Program Files\National Instruments\Shared\Security\nidmsrv.exe [394544 2014-06-09] (National Instruments Corporation) S3 NILM License Manager; C:\Program Files\National Instruments\Shared\License Manager\Bin\lmgrd.exe [1427688 2010-08-02] (Macrovision Corporation) R2 nimDNSResponder; C:\Program Files\National Instruments\Shared\mDNS Responder\nimdnsResponder.exe [320368 2014-06-06] (National Instruments Corporation) R2 NiSvcLoc; C:\Program Files\National Instruments\Shared\niSvcLoc\nisvcloc.exe [89928 2014-06-06] (National Instruments Corporation) R2 NISystemWebServer; C:\Program Files\National Instruments\Shared\NI WebServer\SystemWebServer.exe [57168 2014-11-21] (National Instruments Corporation) R2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService.exe [251096 2014-01-08] (Realtek Semiconductor) R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [680960 2013-05-27] (Microsoft Corporation) ===================== Pilotes (Avec liste blanche) ========================== (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.) R2 cvintdrv; C:\Windows\system32\Drivers\cvintdrv.sys [21792 2014-06-25] () R1 eamonm; C:\Windows\System32\DRIVERS\eamonm.sys [193464 2015-03-10] (ESET) R1 ehdrv; C:\Windows\System32\DRIVERS\ehdrv.sys [135808 2015-03-10] (ESET) R2 epfw; C:\Windows\System32\DRIVERS\epfw.sys [176448 2015-03-10] (ESET) R1 EpfwLWF; C:\Windows\System32\DRIVERS\EpfwLWF.sys [37928 2015-03-10] (ESET) R0 epfwwfp; C:\Windows\System32\DRIVERS\epfwwfp.sys [51824 2015-03-10] (ESET) R3 iusb3xhc; C:\Windows\System32\DRIVERS\iusb3xhc.sys [803312 2014-06-27] (Intel Corporation) R3 RSP2STOR; C:\Windows\System32\DRIVERS\RtsP2Stor.sys [221912 2014-04-16] (Realtek Semiconductor Corp.) R3 rtbth; C:\Windows\System32\DRIVERS\rtbth.sys [931952 2014-06-27] (Ralink Technology, Corp.) S3 tap0901; C:\Windows\System32\DRIVERS\tap0901.sys [35288 2013-08-22] (The OpenVPN Project) S2 adfs; pas de ImagePath S3 WinRing0_1_2_0; \??\C:\Users\user\AppData\Local\Temp\Rar$EXa0.505\WinRing0.sys [X] ==================== NetSvcs (Avec liste blanche) =================== (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.) ==================== Un mois - Créés - fichiers et dossiers ======== (Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.) 2016-05-21 02:53 - 2016-05-21 02:53 - 00000000 ____D C:\FRST 2016-05-21 02:51 - 2016-05-21 02:51 - 00000000 ____D C:\ProgramData\Panda Security 2016-05-21 02:51 - 2016-05-21 02:51 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Panda Security 2016-05-21 02:51 - 2016-05-21 02:51 - 00000000 ____D C:\Program Files\Panda USB Vaccine 2016-05-21 02:45 - 2016-05-21 02:49 - 00000000 ____D C:\Rem-VBSqt 2016-05-21 01:36 - 2016-05-21 01:37 - 00000861 _____ C:\DelFix.txt 2016-05-21 01:11 - 2009-12-01 10:52 - 00621944 _____ (Sysinternals - www.sysinternals.com) C:\Windows\system32\pskill.exe 2016-05-21 01:04 - 2016-05-21 01:04 - 00003304 ____N C:\bootsqm.dat 2016-05-21 00:43 - 2012-10-05 07:24 - 00000000 ____D C:\Users\user\Downloads\Virus Shortcut Remover v2.1(Beta) 2016-05-21 00:42 - 2016-05-21 00:42 - 00913253 _____ C:\Users\user\Downloads\Virus Shortcut Remover v2.1(Beta).rar 2016-05-19 18:39 - 2016-05-19 22:55 - 00027493 ____H C:\Users\user\Desktop\~WRL3352.tmp 2016-05-18 22:04 - 2016-05-18 22:05 - 17861245 _____ C:\Users\user\Downloads\هدف رائع لفريق الفتح الرياضي - المغرب على الملعب المالي FUS 2-0 S.M.mp4 2016-05-17 23:00 - 2016-05-17 23:01 - 03077063 _____ C:\Users\user\Downloads\Présentation2016.pptx 2016-05-17 18:45 - 2016-05-17 18:45 - 00000000 ____D C:\Users\user\AppData\Roaming\Zbshareware Lab 2016-05-17 18:44 - 2016-05-17 18:44 - 00001032 _____ C:\Users\Public\Desktop\USB Disk Security.lnk 2016-05-17 18:44 - 2016-05-17 18:44 - 00001020 _____ C:\Users\Public\Desktop\Web Navigation.lnk 2016-05-17 18:44 - 2016-05-17 18:44 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\USB Disk Security 2016-05-17 18:44 - 2016-05-17 18:44 - 00000000 ____D C:\Program Files\USB Disk Security 2016-05-16 22:51 - 2016-05-16 22:51 - 00057722 _____ C:\Users\user\Downloads\Serie5_ENSA_2013_2014.pdf 2016-05-16 22:50 - 2016-05-16 22:50 - 02073541 _____ C:\Users\user\Downloads\Mecanique-des-fluides.pdf 2016-05-11 00:44 - 2016-05-11 00:44 - 02023214 _____ C:\Users\user\Downloads\LQL0ipu8.mp4 2016-05-10 23:14 - 2016-05-11 03:23 - 00000000 ____D C:\Users\user\Desktop\11 MAI 2016-05-10 17:38 - 2016-05-10 17:38 - 00063343 _____ C:\Users\user\Documents\Sans titre (2).wma 2016-05-10 17:37 - 2016-05-10 17:37 - 00058853 _____ C:\Users\user\Documents\Sans titre.wma 2016-05-05 23:42 - 2016-05-14 00:25 - 00000000 ____D C:\Program Files\Mozilla Firefox 2016-05-04 00:05 - 2016-05-04 00:05 - 00799449 _____ C:\Users\user\Downloads\La-foudre-1.pptx 2016-05-03 23:37 - 2016-05-03 23:37 - 01369802 _____ C:\Users\user\Downloads\أتريتيكو دي مدريد ههههههه.mp4 2016-04-28 17:13 - 2016-04-28 17:14 - 02014654 _____ C:\Users\user\Downloads\Cours_Séries_Fourier_CP1-2012-13.pdf 2016-04-28 17:13 - 2016-04-28 17:13 - 00461921 _____ C:\Users\user\Downloads\Chap 3 série de fourier(3).pdf 2016-04-27 18:54 - 2016-04-27 18:54 - 00119469 _____ C:\Users\user\Downloads\cc2_cp2_-2014-2015_corr.pdf 2016-04-27 16:47 - 2016-04-27 17:22 - 534384790 _____ C:\Users\user\Downloads\qnb.zip 2016-04-26 21:50 - 2016-04-26 21:50 - 00540825 _____ C:\Users\user\Downloads\varBio(1).pdf 2016-04-26 21:38 - 2016-04-26 21:38 - 00088382 _____ C:\Users\user\Downloads\ResumeVAetLois_10.pdf 2016-04-25 17:02 - 2016-04-25 17:02 - 00090303 _____ C:\Users\user\Downloads\Corrige du CC1 2013_2014.pdf 2016-04-25 17:02 - 2016-04-25 17:02 - 00048330 _____ C:\Users\user\Downloads\CC1_2013_2014.pdf 2016-04-25 17:01 - 2016-04-25 17:01 - 00056056 _____ C:\Users\user\Downloads\Corrige controle de rattrapage de Thermodynamique CP2 ENSA 2013 2014.pdf 2016-04-25 17:01 - 2016-04-25 17:01 - 00043596 _____ C:\Users\user\Downloads\Rattrapage de Thermodynamique CP2 ENSA 2013 2014.pdf 2016-04-24 13:18 - 2016-04-24 13:18 - 00275506 _____ C:\Users\user\Downloads\TD ENSA Tétouan correction(1).pdf 2016-04-24 13:17 - 2016-04-24 13:17 - 01166556 _____ C:\Users\user\Downloads\MANAGEMENT 1 ENSA DE TETOUAN COMPLEMENT DE COURS [Mode de compatibilité](1).pdf 2016-04-23 02:43 - 2016-04-23 02:43 - 00275506 _____ C:\Users\user\Downloads\TD ENSA Tétouan correction.pdf 2016-04-22 22:13 - 2016-04-22 22:14 - 00158842 _____ C:\Users\user\Downloads\Séries_entières_winedit-2013-2014.pdf 2016-04-21 11:35 - 2016-04-21 11:35 - 00201670 _____ C:\Users\user\Downloads\rattrapage_qcm_phys1_2015-2016_a.pdf 2016-04-21 03:08 - 2016-04-21 03:08 - 00461921 _____ C:\Users\user\Downloads\Chap 3 série de fourier(2).pdf 2016-04-21 03:08 - 2016-04-21 03:08 - 00272425 _____ C:\Users\user\Downloads\exerices corrigés séries de fourier(1).pdf 2016-04-21 01:24 - 2016-04-21 01:24 - 01143706 _____ C:\Users\user\Downloads\s2-management-2-resume.pdf 2016-04-21 01:21 - 2016-04-21 01:21 - 00513039 _____ C:\Users\user\Downloads\management_s1[fsjes-tanger.com].pdf ==================== Un mois - Modifiés - fichiers et dossiers ======== (Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.) 2016-05-21 02:54 - 2015-03-17 23:22 - 00000000 ____D C:\Users\user\AppData\Roaming\DMCache 2016-05-21 02:44 - 2016-04-10 13:09 - 00001064 _____ C:\Windows\Tasks\Adobe Flash Player PPAPI Notifier.job 2016-05-21 02:09 - 2015-09-15 20:42 - 00001058 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job 2016-05-21 02:07 - 2015-03-20 23:55 - 00001002 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job 2016-05-21 01:52 - 2009-07-14 05:34 - 00024912 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 2016-05-21 01:52 - 2009-07-14 05:34 - 00024912 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 2016-05-21 01:09 - 2015-10-06 22:42 - 00000000 ____D C:\Program Files\Steam 2016-05-21 01:09 - 2015-02-28 14:14 - 00000000 ____D C:\Users\user\AppData\Roaming\Skype 2016-05-21 01:08 - 2015-10-06 22:42 - 00000000 ____D C:\Program Files\Common Files\Steam 2016-05-21 01:06 - 2015-09-15 20:42 - 00001054 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job 2016-05-21 01:06 - 2009-07-14 05:53 - 00000006 ____H C:\Windows\Tasks\SA.DAT 2016-05-20 15:15 - 2015-03-18 02:00 - 00000000 ____D C:\Users\user\AppData\Roaming\vlc 2016-05-17 18:20 - 2011-02-07 13:57 - 00747154 _____ C:\Windows\system32\perfh00C.dat 2016-05-17 18:20 - 2011-02-07 13:57 - 00149646 _____ C:\Windows\system32\perfc00C.dat 2016-05-17 18:20 - 2010-11-20 22:01 - 01667292 _____ C:\Windows\system32\PerfStringBackup.INI 2016-05-17 18:20 - 2009-07-14 03:37 - 00000000 ____D C:\Windows\inf 2016-05-16 22:31 - 2015-05-13 20:24 - 00000000 ____D C:\Users\user\Downloads\Video 2016-05-15 01:08 - 2015-03-20 23:55 - 00797376 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe 2016-05-15 01:08 - 2015-03-20 23:55 - 00142528 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl 2016-05-14 00:25 - 2015-05-22 20:07 - 00000000 ____D C:\Program Files\Mozilla Maintenance Service 2016-05-14 00:07 - 2015-09-15 15:07 - 00000000 ____D C:\Users\user\AppData\Local\CrashDumps 2016-05-12 23:05 - 2015-09-15 20:45 - 00002139 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk 2016-05-12 23:05 - 2015-09-15 20:45 - 00002127 _____ C:\Users\Public\Desktop\Google Chrome.lnk 2016-05-12 22:48 - 2015-03-21 02:07 - 00000000 ____D C:\Program Files\Opera 2016-05-01 15:33 - 2015-05-13 20:24 - 00000000 ____D C:\Users\user\Downloads\Compressed 2016-04-21 15:05 - 2015-02-28 13:48 - 00374944 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe ==================== Fichiers à la racine de certains dossiers ======= 2015-03-26 12:48 - 2015-03-26 12:48 - 2174976 _____ (Advanced Micro Devices Inc.) C:\Program Files\Common Files\atimpenc.dll 2015-07-02 05:53 - 2015-07-02 06:43 - 0001456 _____ () C:\Users\user\AppData\Local\Adobe Enregistrer pour le Web 13.0 Prefs 2015-06-07 23:12 - 2015-06-07 23:12 - 0000147 _____ () C:\ProgramData\Microsoft.SqlServer.Compact.351.32.bc 2015-12-30 23:14 - 2015-12-30 23:14 - 0000016 _____ () C:\ProgramData\mntemp 2015-12-30 23:14 - 2015-12-30 23:14 - 0004136 _____ () C:\ProgramData\oqztiqep.adk ==================== Bamital & volsnap ================= (Il n'y a pas de correction automatique pour les fichiers qui ne satisfont pas à la vérification.) C:\Windows\explorer.exe => Le fichier est signé numériquement C:\Windows\system32\winlogon.exe => Le fichier est signé numériquement C:\Windows\system32\wininit.exe => Le fichier est signé numériquement C:\Windows\system32\svchost.exe => Le fichier est signé numériquement C:\Windows\system32\services.exe => Le fichier est signé numériquement C:\Windows\system32\User32.dll => Le fichier est signé numériquement C:\Windows\system32\userinit.exe => Le fichier est signé numériquement C:\Windows\system32\rpcss.dll => Le fichier est signé numériquement C:\Windows\system32\dnsapi.dll => Le fichier est signé numériquement C:\Windows\system32\Drivers\volsnap.sys => Le fichier est signé numériquement LastRegBack: 2016-05-14 16:30 ==================== Fin de FRST.txt ============================