cjoint

Publicité

Priorité au Logiciel Libre! Je soutiens l'April.

Publicité

Priorité au Logiciel Libre! Je soutiens l'April.

Format du document : text/plain

Prévisualisation

Résultats d'analyse de Farbar Recovery Scan Tool (FRST) (x86) Version:07-02-2016
Exécuté par yas (administrateur) sur MAROC-PC (15-02-2016 11:26:07)
Exécuté depuis C:\Users\yas.yas-PC\Desktop
Profils chargés: yas (Profils disponibles: yas)
Platform: Microsoft Windows 7 Édition Intégrale (X86) Langue: Français (France)
Internet Explorer Version 9 (Navigateur par défaut: Chrome)
Mode d'amorçage: Normal
Tutoriel pour Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processus (Avec liste blanche) =================

(Si un élément est inclus dans le fichier fixlist.txt, le processus sera arrêté. Le fichier ne sera pas déplacé.)

(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
(Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\ZCfgSvc7.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Microsoft Corporation) C:\Windows\System32\wbem\unsecapp.exe
(Google Inc.) C:\Program Files\Google\Update\1.3.29.5\GoogleCrashHandler.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Foxit Software Inc.) C:\Program Files\Foxit Software\Foxit Reader\Foxit Cloud\FCUpdateService.exe
(LogMeIn Inc.) C:\Program Files\LogMeIn Hamachi\hamachi-2.exe
(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
() C:\ProgramData\DatacardService\HWDeviceService.exe
(Huawei Technologies Co., Ltd.) C:\ProgramData\DatacardService\DCSHelper.exe
(LogMeIn Inc.) C:\Program Files\LogMeIn Hamachi\hamachi-2-ui.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
() C:\ProgramData\Internet Mobile\OnlineUpdate\ouc.exe
(LogMeIn, Inc.) C:\Program Files\LogMeIn Hamachi\LMIGuardianSvc.exe
(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(Microsoft Corporation) C:\Program Files\Microsoft Application Virtualization Client\sftvsa.exe
(Murray Hurps Software Pty Ltd) C:\Program Files\Ad Muncher\AdMunch.exe
(Microsoft Corporation) C:\Windows\System32\wbem\unsecapp.exe
() C:\Program Files\Aiseesoft Studio\FoneLab\AppService.exe
(Hewlett-Packard) C:\Program Files\HP\HP Software Update\hpwuschd2.exe
(Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
(Microsoft Corporation) C:\Program Files\Microsoft Application Virtualization Client\sftlist.exe
(Facebook Inc.) C:\Users\yas.yas-PC\AppData\Local\Facebook\Update\FacebookUpdate.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Internet Services\ApplePhotoStreams.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE
(Apple Inc.) C:\Program Files\Common Files\Apple\Internet Services\iCloudServices.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\NisSrv.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Nero AG) C:\Program Files\Nero\Update\NASvc.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Internet Services\ApplePhotoStreamsDownloader.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MpCmdRun.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MpCmdRun.exe
(Microsoft Corporation) C:\Windows\System32\wuauclt.exe
(Microsoft Corporation) C:\Windows\System32\wuauclt.exe
(Microsoft Corporation) C:\Windows\SoftwareDistribution\Download\Install\AM_Delta_Patch_1.213.6186.0.exe
(Microsoft Corporation) C:\Windows\System32\MpSigStub.exe


==================== Registre (Avec liste blanche) ===========================

(Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé. Le fichier ne sera pas déplacé.)

HKLM\...\Run: [IntelPROSet] => C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe [1210640 2010-12-23] (Intel(R) Corporation)
HKLM\...\Run: [MSC] => c:\Program Files\Microsoft Security Client\msseces.exe [981688 2015-04-29] (Microsoft Corporation)
HKLM\...\Run: [Logitech Download Assistant] => C:\Windows\system32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch
HKLM\...\Run: [Ad Muncher] => C:\Program Files\Ad Muncher\AdMunch.exe [595144 2014-07-29] (Murray Hurps Software Pty Ltd)
HKLM\...\Run: [FoneLabAppService] => C:\Program Files\Aiseesoft Studio\FoneLab\AppService.exe [78472 2014-09-30] ()
HKLM\...\Run: [LogMeIn Hamachi Ui] => C:\Program Files\LogMeIn Hamachi\hamachi-2-ui.exe [3835728 2014-11-03] (LogMeIn Inc.)
HKLM\...\Run: [HP Software Update] => C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe [96056 2013-05-30] (Hewlett-Packard)
HKLM\...\Run: [] => [X]
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [157968 2015-08-13] (Apple Inc.)
HKLM\...\Run: [pcmgr] => C:\Program Files\ppt\Uninst.exe [1571296 2015-12-28] (Tencent)
HKLM\...\Run: [setup] => C:\Users\YAS~1.YAS\AppData\Local\Temp\setup.exe /start <===== ATTENTION
HKU\S-1-5-21-867478414-427001765-3327074332-1000\...\Run: [Facebook Update] => C:\Users\yas.yas-PC\AppData\Local\Facebook\Update\FacebookUpdate.exe [138096 2013-07-19] (Facebook Inc.)
HKU\S-1-5-21-867478414-427001765-3327074332-1000\...\Run: [ApplePhotoStreams] => C:\Program Files\Common Files\Apple\Internet Services\ApplePhotoStreams.exe [43816 2015-04-26] (Apple Inc.)
HKU\S-1-5-21-867478414-427001765-3327074332-1000\...\Run: [DAEMON Tools Lite] => C:\Program Files\DAEMON Tools Lite\DTLite.exe [3696912 2014-03-04] (Disc Soft Ltd)
HKU\S-1-5-21-867478414-427001765-3327074332-1000\...\Run: [iCloudServices] => C:\Program Files\Common Files\Apple\Internet Services\iCloudServices.exe [43816 2015-04-26] (Apple Inc.)
HKU\S-1-5-21-867478414-427001765-3327074332-1000\...\Run: [AvgUpdater0814tb] => C:\ProgramData\Avg_Update_0814tb\0814tb_{5BC5BD0D-F377-42CA-80D0-D6A9F61518DF}.exe /SETINFO /CMPID=0814tb /INFORETRY=-139
HKU\S-1-5-21-867478414-427001765-3327074332-1000\...\MountPoints2: F - F:\AutoRun.exe
HKU\S-1-5-21-867478414-427001765-3327074332-1000\...\MountPoints2: {0457a03f-fb10-11e2-bedc-e006e6da5e9e} - F:\AutoRun.exe
HKU\S-1-5-21-867478414-427001765-3327074332-1000\...\MountPoints2: {0457a04c-fb10-11e2-bedc-e006e6da5e9e} - F:\AutoRun.exe
HKU\S-1-5-21-867478414-427001765-3327074332-1000\...\MountPoints2: {1b23a89f-7a27-11e4-ad3f-e006e6da5e9e} - F:\setup.exe
HKU\S-1-5-21-867478414-427001765-3327074332-1000\...\MountPoints2: {9f0baac5-fb1f-11e2-bef1-e006e6da5e9e} - F:\AutoRun.exe
HKU\S-1-5-21-867478414-427001765-3327074332-1000\...\MountPoints2: {c5e6643f-0151-11e3-bf3d-e006e6da5e9e} - F:\AutoRun.exe

==================== Internet (Avec liste blanche) ====================

(Si un élément est inclus dans le fichier fixlist.txt, s'il s'agit d'un élément du Registre, il sera supprimé ou restauré à la valeur par défaut.)

Winsock: Catalog5 08 C:\Program Files\Bonjour\mdnsNSP.dll [121704 2011-08-30] (Apple Inc.)
Hosts: 127.0.0.1 gs.apple.com #iHelper Added.
Tcpip\Parameters: [DhcpNameServer] 212.76.224.172 89.2.0.1 89.2.0.2
Tcpip\..\Interfaces\{26D49D06-E01A-4336-8845-97982E8A94C5}: [DhcpNameServer] 212.76.224.172 89.2.0.1 89.2.0.2
Tcpip\..\Interfaces\{4DB1CFE0-A200-4E47-83ED-E379C7F97DE8}: [NameServer] 212.217.0.1 212.217.1.1
Tcpip\..\Interfaces\{A9A53FA1-83AC-42F9-9C47-73C55BB21731}: [DhcpNameServer] 212.76.224.172 89.2.0.1 89.2.0.2
Tcpip\..\Interfaces\{DD3F47CC-BBC8-4345-BF07-F18F7875B381}: [NameServer] 212.217.0.1 212.217.1.1
Tcpip\..\Interfaces\{F483F383-6D5D-494C-851D-2DFE602D56E0}: [NameServer] 212.217.0.1 212.217.1.1

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.hao123.com/?tn=99136537_hao_pg
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKU\S-1-5-21-867478414-427001765-3327074332-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.hao123.com/?tn=99136537_hao_pg
SearchScopes: HKLM -> DefaultScope {80c554b9-c7f8-4a21-9471-06d606da78a2} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSSE
SearchScopes: HKLM -> {80c554b9-c7f8-4a21-9471-06d606da78a2} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSSE
SearchScopes: HKU\S-1-5-21-867478414-427001765-3327074332-1000 -> DefaultScope {A060E7FB-91F5-4c7c-BD0F-4A11A581D878} URL = hxxps://www.baidu.com/s?wd={searchTerms}&tn=98012088_5_dg&ch=11
SearchScopes: HKU\S-1-5-21-867478414-427001765-3327074332-1000 -> {3BD44F0E-0596-4008-AEE0-45D47E3A8F0E} URL = hxxp://securedsearch2.lavasoft.com/results.php?pr=vmn&id=adawaretb&v=3_8&idate=2014-02-03&hsimp=yhs-lavasoft&ent=ch&q={searchTerms}
SearchScopes: HKU\S-1-5-21-867478414-427001765-3327074332-1000 -> {80c554b9-c7f8-4a21-9471-06d606da78a2} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSSE
SearchScopes: HKU\S-1-5-21-867478414-427001765-3327074332-1000 -> {A060E7FB-91F5-4c7c-BD0F-4A11A581D878} URL = hxxps://www.baidu.com/s?wd={searchTerms}&tn=98012088_5_dg&ch=11
StartMenuInternet: IEXPLORE.EXE - C:\Program Files\Internet Explorer\iexplore.exe

FireFox:
========
FF Plugin: @Apple.com/iTunes,version=1.0 -> C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll [2015-07-30] ()
FF Plugin: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf -> C:\Program Files\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [Pas de fichier]
FF Plugin: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.fdf -> C:\Program Files\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [Pas de fichier]
FF Plugin: @Google.com/GoogleEarthPlugin -> C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll [2015-05-20] (Google)
FF Plugin: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files\Google\Picasa3\npPicasa3.dll [2014-08-13] (Google, Inc.)
FF Plugin: @microsoft.com/GENUINE -> disabled [Pas de fichier]
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MIF5BA~1\Office14\NPSPWRAP.DLL [2011-04-05] (Microsoft Corporation)
FF Plugin: @Nero.com/KM -> C:\PROGRA~1\COMMON~1\Nero\BROWSE~1\NPBROW~1.DLL [2012-08-10] (Nero AG)
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-02-03] (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-02-03] (Google Inc.)
FF Plugin HKU\S-1-5-21-867478414-427001765-3327074332-1000: @Skype Limited.com/Facebook Video Calling Plugin -> C:\Users\yas.yas-PC\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll [2014-07-24] (Skype Limited)

Chrome:
=======
CHR Profile: C:\Users\yas.yas-PC\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Adblock Plus) - C:\Users\yas.yas-PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2016-02-14]
CHR Extension: (AdBlock) - C:\Users\yas.yas-PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2016-02-14]
CHR Extension: (Paiements via le Chrome Web Store) - C:\Users\yas.yas-PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-01-25]

==================== Services (Avec liste blanche) ========================

(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)

S3 cphs; C:\Windows\system32\IntelCpHeciSvc.exe [277616 2012-12-14] (Intel Corporation)
R2 FoxitCloudUpdateService; C:\Program Files\Foxit Software\Foxit Reader\Foxit Cloud\FCUpdateService.exe [244392 2015-04-14] (Foxit Software Inc.)
R2 Hamachi2Svc; C:\Program Files\LogMeIn Hamachi\hamachi-2.exe [1894224 2014-11-03] (LogMeIn Inc.)
R2 HWDeviceService.exe; C:\ProgramData\DatacardService\HWDeviceService.exe [271712 2011-03-14] ()
S2 Internet Mobile. RunOuc; C:\Program Files\Internet Mobile\UpdateDog\ouc.exe [655712 2013-08-02] ()
R2 LMIGuardianSvc; C:\Program Files\LogMeIn Hamachi\LMIGuardianSvc.exe [411920 2014-10-21] (LogMeIn, Inc.)
S2 MBAMService; C:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe [1135416 2015-10-05] (Malwarebytes)
R2 MsMpSvc; c:\Program Files\Microsoft Security Client\MsMpEng.exe [22216 2015-04-30] (Microsoft Corporation)
R2 NAUpdate; C:\Program Files\Nero\Update\NASvc.exe [769432 2012-07-13] (Nero AG)
R3 NisSrv; c:\Program Files\Microsoft Security Client\NisSrv.exe [284504 2015-04-30] (Microsoft Corporation)
R2 Themes; C:\Windows\system32\themeservice.dll [37376 2009-09-21] (Microsoft Corporation) [Fichier non signé]
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [680960 2009-07-14] (Microsoft Corporation)
R2 ZcfgSvc7; C:\Program Files\Intel\WiFi\bin\ZCfgSvc7.exe [577536 2010-12-23] (Intel(R) Corporation) [Fichier non signé]

===================== Pilotes (Avec liste blanche) ==========================

(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)

R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [243128 2014-12-03] (Disc Soft Ltd)
R3 e1cexpress; C:\Windows\System32\DRIVERS\e1c6232.sys [358224 2012-08-10] (Intel Corporation)
R3 hamachi; C:\Windows\System32\DRIVERS\hamachi.sys [26176 2009-03-18] (LogMeIn, Inc.)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [23256 2015-10-05] (Malwarebytes)
S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [51928 2015-10-05] (Malwarebytes Corporation)
R3 MEI; C:\Windows\System32\DRIVERS\HECI.sys [41088 2010-10-19] (Intel Corporation)
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [245096 2015-03-04] (Microsoft Corporation)
R3 NETwNs32; C:\Windows\System32\DRIVERS\NETwNs32.sys [7434240 2010-12-21] (Intel Corporation)
R3 Sftfs; C:\Windows\System32\DRIVERS\Sftfswin7.sys [584872 2013-06-26] (Microsoft Corporation)
R3 Sftplay; C:\Windows\System32\DRIVERS\Sftplaywin7.sys [197800 2013-06-26] (Microsoft Corporation)
R3 Sftredir; C:\Windows\System32\DRIVERS\Sftredirwin7.sys [24232 2013-06-26] (Microsoft Corporation)
R3 Sftvol; C:\Windows\System32\DRIVERS\Sftvolwin7.sys [20136 2013-06-26] (Microsoft Corporation)
S3 USB_FPRd; C:\Windows\System32\Drivers\UT_FPRd.sys [16128 2007-02-13] (USBest Corporation)
R3 vpcbus; C:\Windows\System32\DRIVERS\vpchbus.sys [165376 2009-11-12] (Microsoft Corporation)
R1 vpcnfltr; C:\Windows\System32\DRIVERS\vpcnfltr.sys [55040 2009-11-12] (Microsoft Corporation)
R3 vpcusb; C:\Windows\System32\DRIVERS\vpcusb.sys [78336 2009-11-12] (Microsoft Corporation)
R1 vpcvmm; C:\Windows\System32\drivers\vpcvmm.sys [294912 2009-11-12] (Microsoft Corporation)
S1 BAPIDRV; system32\DRIVERS\BAPIDRV.sys [X]
S3 catchme; \??\C:\Users\YAS~1.YAS\AppData\Local\Temp\catchme.sys [X]
R1 QMUdisk; \??\C:\Program Files\Tencent\QQPCMgr\11.3.17207.222\QMUdisk.sys [X]
R1 softaal; \??\C:\Program Files\Tencent\QQPCMgr\11.3.17207.222\softaal.sys [X]
R4 TAOKernelDriver; \??\C:\Windows\system32\Drivers\TAOKernel.sys [X]
R4 TsFltMgr; System32\drivers\TsFltMgr.sys [X]
R2 tsnethlp; \??\C:\Program Files\Tencent\QQPCMgr\11.3.17207.222\TsNetHlp.sys [X]

==================== NetSvcs (Avec liste blanche) ===================

(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)


==================== Un mois - Créés - fichiers et dossiers ========

(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)

2016-02-15 11:26 - 2016-02-15 11:27 - 00016291 _____ C:\Users\yas.yas-PC\Desktop\FRST.txt
2016-02-14 21:24 - 2016-02-15 11:26 - 00000000 ____D C:\FRST
2016-02-14 21:23 - 2016-02-14 21:23 - 01721344 _____ (Farbar) C:\Users\yas.yas-PC\Desktop\FRST.exe
2016-02-14 21:21 - 2016-02-14 21:21 - 01721344 _____ (Farbar) C:\Users\yas.yas-PC\Downloads\BA21.tmp
2016-02-10 11:28 - 2016-01-12 18:22 - 00022464 _____ (Microsoft Corporation) C:\Windows\system32\CompatTelRunner.exe
2016-02-10 11:28 - 2016-01-12 18:19 - 01198592 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2016-02-10 11:28 - 2016-01-12 18:19 - 00591872 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2016-02-10 11:28 - 2016-01-12 18:19 - 00544768 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2016-02-10 11:28 - 2016-01-12 18:19 - 00425472 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2016-02-10 11:28 - 2016-01-12 18:19 - 00065536 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2016-02-10 11:28 - 2016-01-12 18:16 - 00949760 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2016-02-03 01:44 - 2016-02-03 01:44 - 00141736 _____ (Rentabiliweb) C:\Users\yas.yas-PC\Downloads\Setupplansq (3).exe
2016-02-02 16:07 - 2016-02-02 16:07 - 00141736 _____ (Rentabiliweb) C:\Users\yas.yas-PC\Downloads\Setupplansq (2).exe
2016-02-02 16:06 - 2016-02-02 16:06 - 00141736 _____ (Rentabiliweb) C:\Users\yas.yas-PC\Downloads\Setupplansq (1).exe
2016-02-02 15:48 - 2016-02-02 15:48 - 00152358 _____ C:\Users\yas.yas-PC\Desktop\image1.jpeg
2016-02-02 15:35 - 2016-02-03 12:22 - 00000000 ____D C:\Users\yas.yas-PC\AppData\Local\plansq
2016-02-02 15:35 - 2016-02-02 15:35 - 00141736 _____ (Rentabiliweb) C:\Users\yas.yas-PC\Downloads\Setupplansq.exe
2016-01-29 07:54 - 2016-01-29 07:54 - 00155472 _____ C:\Windows\Minidump\012916-39873-01.dmp
2016-01-29 07:36 - 2016-01-29 07:36 - 00001795 _____ C:\Users\Public\Desktop\ZHPFix.lnk
2016-01-29 07:36 - 2016-01-29 07:36 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ZHP
2016-01-29 07:35 - 2016-01-29 07:38 - 00000000 ____D C:\Program Files\ZHPFix
2016-01-29 07:34 - 2016-01-29 07:35 - 03521617 _____ (Nicolas Coolman ) C:\Users\yas.yas-PC\Downloads\ZHPFix.exe
2016-01-25 22:07 - 2016-02-02 06:22 - 02105344 _____ C:\Users\yas.yas-PC\ZHPDiag3.exe
2016-01-25 21:57 - 2016-01-25 21:57 - 00001022 _____ C:\anti-malware-fichier-analyse.txt
2016-01-25 21:15 - 2016-01-25 21:15 - 00000000 ____D C:\Users\yas.yas-PC\AppData\LocalLow\TENCENT
2016-01-25 21:00 - 2016-01-25 21:54 - 00170200 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2016-01-25 21:00 - 2016-01-25 21:49 - 00001060 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2016-01-25 21:00 - 2016-01-25 21:00 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2016-01-25 20:59 - 2016-01-25 21:00 - 00000000 ____D C:\Program Files\Malwarebytes Anti-Malware
2016-01-25 20:59 - 2016-01-25 20:59 - 00000000 ____D C:\ProgramData\Malwarebytes
2016-01-25 20:59 - 2015-10-05 09:50 - 00094936 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamchameleon.sys
2016-01-25 20:59 - 2015-10-05 09:50 - 00051928 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2016-01-25 20:59 - 2015-10-05 09:50 - 00023256 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbam.sys
2016-01-25 20:54 - 2016-01-25 20:58 - 22908888 _____ (Malwarebytes ) C:\Users\yas.yas-PC\Downloads\mbam-setup-2.2.0.1024.exe
2016-01-25 20:52 - 2016-02-14 22:34 - 00030392 _____ (Tencent) C:\Windows\system32\Drivers\TS888.sys
2016-01-25 20:52 - 2016-01-25 21:08 - 00000000 ____D C:\Program Files\Common Files\Tencent
2016-01-25 20:49 - 2016-01-25 20:49 - 00000000 ____D C:\ProgramData\TXQMPC
2016-01-25 20:37 - 2016-01-25 20:46 - 00000000 ____D C:\AdwCleaner
2016-01-25 20:35 - 2016-01-25 20:35 - 01507840 _____ C:\Users\yas.yas-PC\Downloads\adwcleaner_5.031.exe
2016-01-25 20:20 - 2016-01-25 20:20 - 00087154 _____ C:\Users\yas.yas-PC\Desktop\ZHPCleaner.txt
2016-01-25 19:36 - 2016-01-25 22:23 - 00000835 _____ C:\Users\yas.yas-PC\Desktop\ZHPCleaner.lnk
2016-01-25 19:35 - 2016-01-25 19:36 - 02019840 _____ C:\Users\yas.yas-PC\Downloads\ZHPCleaner.exe
2016-01-24 23:01 - 2016-01-28 08:24 - 00000564 _____ C:\Users\yas.yas-PC\Desktop\ZHPDiag.txt.lnk
2016-01-24 22:56 - 2016-02-02 06:29 - 00097174 _____ C:\Users\yas.yas-PC\Desktop\ZHPDiag.txt
2016-01-24 22:34 - 2016-01-24 22:34 - 00005120 _____ C:\Users\yas.yas-PC\AppData\Roaming\GiftBag.db
2016-01-24 22:17 - 2016-02-02 06:24 - 00000000 ____D C:\Users\yas.yas-PC\AppData\Roaming\ZHP
2016-01-24 22:17 - 2016-02-02 06:22 - 00000825 _____ C:\Users\yas.yas-PC\Desktop\ZHPDiag.lnk
2016-01-24 22:17 - 2016-01-24 22:17 - 02088960 _____ C:\Users\yas.yas-PC\Downloads\ZHPDiag3.exe
2016-01-22 02:35 - 2016-01-25 21:50 - 00001429 _____ C:\Users\yas.yas-PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2016-01-22 02:29 - 2015-12-28 16:38 - 00074040 ____N (电脑管家) C:\Windows\system32\TSSK.sys
2016-01-22 02:27 - 2016-01-25 22:04 - 00000000 ____D C:\Users\yas.yas-PC\AppData\Roaming\Tencent
2016-01-22 02:27 - 2016-01-25 22:04 - 00000000 ____D C:\ProgramData\Tencent
2016-01-22 02:27 - 2016-01-22 02:27 - 00000000 ____D C:\Program Files\Tencent
2016-01-22 02:25 - 2016-01-22 02:25 - 00000000 ____D C:\Program Files\t_201601220225
2016-01-22 02:24 - 2016-01-22 02:24 - 00000000 ____D C:\Users\yas.yas-PC\Angelina Black (Velvet touch 12.03.11)SD
2016-01-22 02:24 - 2016-01-22 02:24 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ÃÀͼä¯ÀÀ
2016-01-22 02:22 - 2016-01-25 21:43 - 00000000 ____D C:\Program Files\ppt
2016-01-22 02:22 - 2016-01-22 02:22 - 00000000 ____D C:\ProgramData\kingsoft
2016-01-22 02:17 - 2016-01-22 02:18 - 01047526 _____ C:\Users\yas.yas-PC\Downloads\IEvade Activator Downloader.rar
2016-01-19 18:09 - 2016-01-19 18:11 - 00000000 ____D C:\Users\yas.yas-PC\Desktop\cd 012016

==================== Un mois - Modifiés - fichiers et dossiers ========

(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)

2016-02-15 11:14 - 2013-07-19 03:48 - 00000912 _____ C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-867478414-427001765-3327074332-1000Core.job
2016-02-15 11:14 - 2013-07-07 22:58 - 00001058 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2016-02-15 00:42 - 2013-07-07 22:58 - 00001054 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2016-02-14 22:41 - 2009-07-14 05:34 - 00013952 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2016-02-14 22:41 - 2009-07-14 05:34 - 00013952 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2016-02-14 22:34 - 2013-07-07 04:49 - 00000000 ___HD C:\Windows\system32\WLANProfiles
2016-02-14 22:33 - 2014-12-03 00:34 - 00000000 ____D C:\Users\yas.yas-PC\AppData\Local\LogMeIn Hamachi
2016-02-14 22:33 - 2009-07-14 05:53 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2016-02-12 07:33 - 2013-07-13 02:35 - 00000000 ____D C:\Windows\system32\MRT
2016-02-12 07:24 - 2014-12-11 04:46 - 00000000 ____D C:\Windows\system32\appraiser
2016-02-12 07:24 - 2014-07-29 02:10 - 00000000 ___SD C:\Windows\system32\CompatTel
2016-02-12 07:24 - 2009-11-12 00:39 - 144254680 _____ (Microsoft Corporation) C:\Windows\system32\mrt.exe
2016-02-11 07:01 - 2013-07-07 22:59 - 00002156 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-02-11 07:01 - 2013-07-07 22:59 - 00002127 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2016-02-07 23:05 - 2013-12-22 12:25 - 00000000 ____D C:\Users\yas.yas-PC\Desktop\PHOTO
2016-02-02 06:22 - 2013-07-07 02:50 - 00000000 ____D C:\Users\yas.yas-PC
2016-02-01 10:17 - 2015-01-17 12:26 - 00000000 ____D C:\Users\yas.yas-PC\AppData\Local\HP
2016-02-01 00:58 - 2014-09-09 09:00 - 00000000 ____D C:\ProgramData\Avg_Update_0814tb
2016-01-31 22:13 - 2015-04-06 14:45 - 00000000 ____D C:\Users\yas.yas-PC\Desktop\b
2016-01-29 07:54 - 2014-01-10 13:17 - 450177883 _____ C:\Windows\MEMORY.DMP
2016-01-29 07:54 - 2014-01-10 13:17 - 00000000 ____D C:\Windows\Minidump
2016-01-25 21:51 - 2015-01-17 12:46 - 00001153 _____ C:\Users\Public\Desktop\Achat de consommables - HP Deskjet 2540 series.lnk
2016-01-25 21:51 - 2014-12-03 00:17 - 00000816 _____ C:\Users\Public\Desktop\Age of Empires II HD.lnk
2016-01-25 21:51 - 2013-07-07 11:15 - 00000959 _____ C:\Users\Public\Desktop\CCleaner.lnk
2016-01-25 21:50 - 2015-06-13 07:21 - 00002114 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Earth.lnk
2016-01-25 21:50 - 2014-12-03 00:17 - 00000834 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Age of Empires II HD.lnk
2016-01-25 21:50 - 2014-08-29 22:15 - 00002519 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Apple Software Update.lnk
2016-01-25 21:50 - 2013-07-07 10:45 - 00002117 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Security Essentials.lnk
2016-01-25 21:50 - 2013-07-07 00:48 - 00001345 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Media Center.lnk
2016-01-25 21:50 - 2013-07-07 00:48 - 00001326 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows DVD Maker.lnk
2016-01-25 21:50 - 2009-07-14 05:46 - 00001491 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
2016-01-25 21:50 - 2009-07-14 05:46 - 00001218 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Default Programs.lnk
2016-01-25 21:50 - 2009-07-14 05:42 - 00001304 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sidebar.lnk
2016-01-25 21:50 - 2009-07-14 05:42 - 00001246 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\XPS Viewer.lnk
2016-01-25 21:50 - 2009-07-14 05:42 - 00001210 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Fax and Scan.lnk
2016-01-25 21:50 - 2009-07-14 05:37 - 00001246 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Windows Update.lnk
2016-01-25 21:49 - 2015-09-16 00:07 - 00001753 _____ C:\Users\Public\Desktop\iTunes.lnk
2016-01-25 21:49 - 2015-01-17 12:48 - 00001949 _____ C:\Users\Public\Desktop\HP Photo Creations.lnk
2016-01-25 21:49 - 2015-01-17 12:46 - 00002170 _____ C:\Users\Public\Desktop\HP Deskjet 2540 series.lnk
2016-01-25 21:49 - 2014-12-21 12:59 - 00001156 _____ C:\Users\yas.yas-PC\Desktop\lettre de motivation.docx.lnk
2016-01-25 21:49 - 2014-12-05 01:30 - 00000397 _____ C:\Users\yas.yas-PC\Desktop\Lecteur de CD - Raccourci.lnk
2016-01-25 21:49 - 2014-12-03 00:32 - 00000896 _____ C:\Users\Public\Desktop\LogMeIn Hamachi.lnk
2016-01-25 21:49 - 2014-12-03 00:04 - 00001896 _____ C:\Users\Public\Desktop\DAEMON Tools Lite.lnk
2016-01-25 21:49 - 2014-11-27 16:44 - 00001120 _____ C:\Users\yas.yas-PC\Desktop\curiculum vitae.lnk
2016-01-25 21:49 - 2014-11-18 04:31 - 00002024 _____ C:\Users\Public\Desktop\FoneLab.lnk
2016-01-25 21:49 - 2014-10-21 04:19 - 00001064 _____ C:\Users\Public\Desktop\Picasa 3.lnk
2016-01-25 21:49 - 2014-07-29 02:55 - 00001126 _____ C:\Users\yas.yas-PC\Desktop\Nero Burning ROM.lnk
2016-01-25 21:49 - 2014-07-29 02:33 - 00002785 _____ C:\Users\Public\Desktop\Nero Video 12.lnk
2016-01-25 21:49 - 2014-07-29 02:32 - 00002889 _____ C:\Users\Public\Desktop\Nero Recode 12.lnk
2016-01-25 21:49 - 2014-07-29 02:31 - 00002055 _____ C:\Users\Public\Desktop\Nero Kwik Media.lnk
2016-01-25 21:49 - 2014-07-29 02:30 - 00002771 _____ C:\Users\Public\Desktop\Nero BackItUp 12.lnk
2016-01-25 21:49 - 2014-07-29 02:29 - 00002857 _____ C:\Users\Public\Desktop\Nero 12.lnk
2016-01-25 21:49 - 2014-07-29 02:29 - 00002831 _____ C:\Users\Public\Desktop\Nero Burning ROM 12.lnk
2016-01-25 21:49 - 2014-06-18 00:01 - 00002122 _____ C:\Users\yas.yas-PC\Desktop\FLV Player.lnk
2016-01-25 21:49 - 2013-08-20 17:47 - 00002178 _____ C:\Users\yas.yas-PC\Desktop\Microsoft Age of Empires II Trial.lnk
2016-01-25 21:49 - 2013-08-18 22:56 - 00000944 _____ C:\Users\Public\Desktop\PPÖúÊÖ.lnk
2016-01-25 21:49 - 2013-08-02 02:10 - 00001049 _____ C:\Users\Public\Desktop\Internet Mobile.lnk
2016-01-25 21:49 - 2013-07-07 09:47 - 00001734 _____ C:\Users\Public\Desktop\Choix de navigateur .lnk
2016-01-25 21:49 - 2013-07-07 02:51 - 00001399 _____ C:\Users\yas.yas-PC\Desktop\Internet Explorer.lnk
2016-01-25 21:47 - 2009-07-14 05:52 - 00000000 ____D C:\Windows\Downloaded Program Files
2016-01-25 21:45 - 2015-09-16 00:07 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2016-01-25 21:45 - 2009-07-14 05:52 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2016-01-24 22:01 - 2014-02-03 06:20 - 00000000 ____D C:\ProgramData\Ad-Aware Browsing Protection
2016-01-22 02:36 - 2013-07-07 10:47 - 00112224 _____ C:\Users\yas.yas-PC\AppData\Local\GDIPFONTCACHEV1.DAT
2016-01-22 02:35 - 2013-07-07 02:51 - 00000000 ___RD C:\Users\yas.yas-PC\Virtual Machines
2016-01-22 02:33 - 2009-07-14 05:33 - 00434464 _____ C:\Windows\system32\FNTCACHE.DAT
2016-01-22 02:22 - 2014-07-29 02:54 - 00000000 ____D C:\Users\yas.yas-PC\Desktop\Patch

==================== Fichiers à la racine de certains dossiers =======

2013-12-04 07:16 - 2013-12-04 07:16 - 4216840 _____ (Microsoft Corporation) C:\Program Files\Common Files\vcredist.exe
2016-01-24 22:34 - 2016-01-24 22:34 - 0005120 _____ () C:\Users\yas.yas-PC\AppData\Roaming\GiftBag.db
2013-12-19 03:29 - 2014-01-27 00:32 - 0000118 _____ () C:\Users\yas.yas-PC\AppData\Roaming\WB.CFG
2015-12-21 21:45 - 2015-12-21 21:45 - 0000000 ____H () C:\Users\yas.yas-PC\AppData\Local\BIT4293.tmp
2015-12-21 21:44 - 2015-12-21 21:44 - 0000000 _____ () C:\Users\yas.yas-PC\AppData\Local\{A1FE73AC-38FF-4E37-8D24-4C1ACC9E1166}
2015-03-13 08:19 - 2015-03-13 08:20 - 0000000 _____ () C:\Users\yas.yas-PC\AppData\Local\{D3DC73D7-6E8B-4DE3-B5E8-8B1E17F7D44B}
2013-11-06 02:48 - 2014-05-02 00:49 - 0000041 ___SH () C:\ProgramData\.zreglib
2015-01-17 12:45 - 2015-01-17 12:45 - 0000057 _____ () C:\ProgramData\Ament.ini

Fichiers à déplacer ou supprimer:
====================
C:\Users\yas.yas-PC\ZHPDiag3.exe


Certains fichiers dans TEMP:
====================
C:\Users\yas.yas-PC\AppData\Local\Temp\YesMessenger-full-installer-sign.exe


==================== Bamital & volsnap =================

(Il n'y a pas de correction automatique pour les fichiers qui ne satisfont pas à la vérification.)

C:\Windows\explorer.exe => Le fichier est signé numériquement
C:\Windows\system32\winlogon.exe => Le fichier est signé numériquement
C:\Windows\system32\wininit.exe => Le fichier est signé numériquement
C:\Windows\system32\svchost.exe => Le fichier est signé numériquement
C:\Windows\system32\services.exe => Le fichier est signé numériquement
C:\Windows\system32\User32.dll => Le fichier est signé numériquement
C:\Windows\system32\userinit.exe => Le fichier est signé numériquement
C:\Windows\system32\rpcss.dll => Le fichier est signé numériquement
C:\Windows\system32\dnsapi.dll => Le fichier est signé numériquement
C:\Windows\system32\Drivers\volsnap.sys => Le fichier est signé numériquement


LastRegBack: 2015-10-12 22:24

==================== Fin de FRST.txt ============================

Publicité

Soutenons La Quadrature du Net ! Soutenons La Quadrature du Net !

Signaler le contenu de ce document

Publicité

Soutenons La Quadrature du Net !