cjoint

Publicité


Publicité

Format du document : text/plain

Prévisualisation

Résultats d'analyse de Farbar Recovery Scan Tool (FRST) (x86) Version: 04-10-2016
Exécuté par pc (administrateur) sur PC-PC (07-10-2016 13:56:53)
Exécuté depuis C:\Users\pc\Desktop
Profils chargés: pc & UpdatusUser (Profils disponibles: pc & UpdatusUser)
Platform: Microsoft Windows 7 Professionnel (X86) Langue: Français (France)
Internet Explorer Version 8 (Navigateur par défaut: Chrome)
Mode d'amorçage: Normal
Tutoriel pour Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processus (Avec liste blanche) =================

(Si un élément est inclus dans le fichier fixlist.txt, le processus sera arrêté. Le fichier ne sera pas déplacé.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\MSSQL10.SQL2008\MSSQL\Binn\sqlservr.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\sqlservr.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlbrowser.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
(Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jusched.exe
(McAfee, Inc.) C:\Program Files\McAfee Security Scan\3.11.309\SSScheduler.exe
(Tonec Inc.) C:\Program Files\Internet Download Manager\IEMonitor.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Tonec Inc.) C:\Program Files\Internet Download Manager\IDMan.exe


==================== Registre (Avec liste blanche) ====================

(Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé. Le fichier ne sera pas déplacé.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe [11746376 2013-02-19] (Realtek Semiconductor)
HKLM\...\Run: [SunJavaUpdateSched] => C:\Program Files\Common Files\Java\Java Update\jusched.exe [271744 2015-04-10] (Oracle Corporation)
HKU\S-1-5-21-2422417732-1841435958-1105847916-1000\...\Run: [IDMan] => C:\Program Files\Internet Download Manager\IDMan.exe [1236560 2015-12-10] (Tonec Inc.)
HKU\S-1-5-21-2422417732-1841435958-1105847916-1000\...\Policies\Explorer: [NoLowDiskSpaceChecks] 1
ShellIconOverlayIdentifiers: [ IDM Shell Extension] -> {CDC95B92-E27C-4745-A8C5-64A52A78855D} => C:\Program Files\Internet Download Manager\IDMShellExt.dll [2015-08-14] (Tonec Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk [2016-04-06]
ShortcutTarget: McAfee Security Scan Plus.lnk -> C:\Program Files\McAfee Security Scan\3.11.309\SSScheduler.exe (McAfee, Inc.)
GroupPolicy: Restriction ? <======= ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Restriction <======= ATTENTION

==================== Internet (Avec liste blanche) ====================

(Si un élément est inclus dans le fichier fixlist.txt, s'il s'agit d'un élément du Registre, il sera supprimé ou restauré à la valeur par défaut.)

ProxyServer: [S-1-5-21-2422417732-1841435958-1105847916-1000] => 118.97.15.106:8080
AutoConfigURL: [S-1-5-21-2422417732-1841435958-1105847916-1000] => 118.97.15.106:8080
Tcpip\..\Interfaces\{5965FFE8-E817-4AC4-AF36-FFB592476BD9}: [NameServer] 8.8.8.8,8.8.4.4

Internet Explorer:
==================
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
HKU\S-1-5-21-2422417732-1841435958-1105847916-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
HKU\S-1-5-21-2422417732-1841435958-1105847916-1000\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\S-1-5-21-2422417732-1841435958-1105847916-1000\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-2422417732-1841435958-1105847916-1000\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://go.microsoft.com
URLSearchHook: [S-1-5-21-2422417732-1841435958-1105847916-1000] ATTENTION => URLSearchHook par défaut est absent
SearchScopes: HKLM -> DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL =
SearchScopes: HKLM -> DefaultScopeBefore {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
SearchScopes: HKU\S-1-5-21-2422417732-1841435958-1105847916-1000 -> DefaultScope {34A4A92F-0BFC-4134-87CD-23D25FA67BA8} URL =
SearchScopes: HKU\S-1-5-21-2422417732-1841435958-1105847916-1000 -> DefaultScopeBefore {E5246579-F4AE-41BB-B414-49A137DBC8D3}
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_12-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0012-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_12-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_12-windows-i586.cab

FireFox:
========
FF ProfilePath: C:\Users\pc\AppData\Roaming\Mozilla\Firefox\Profiles\23oy0sa9.default [2016-10-05]
FF SearchPlugin: C:\Users\pc\AppData\Roaming\Mozilla\Firefox\Profiles\23oy0sa9.default\searchplugins\ask-web-search.xml.bak [2015-05-02]
FF SearchPlugin: C:\Users\pc\AppData\Roaming\Mozilla\Firefox\Profiles\23oy0sa9.default\searchplugins\improvedsearch.xml.bak [2015-03-30]
FF HKU\S-1-5-21-2422417732-1841435958-1105847916-1000\...\Firefox\Extensions: [mozilla_cc2@internetdownloadmanager.com] - C:\Program Files\Internet Download Manager\idmmzcc2.xpi
FF Extension: (IDM integration) - C:\Program Files\Internet Download Manager\idmmzcc2.xpi [2016-03-10]
FF HKU\S-1-5-21-2422417732-1841435958-1105847916-1000\...\SeaMonkey\Extensions: [mozilla_cc@internetdownloadmanager.com] - C:\Users\pc\AppData\Roaming\IDM\idmmzcc5
FF Extension: (IDM CC) - C:\Users\pc\AppData\Roaming\IDM\idmmzcc5 [2016-04-14] [non signé]
FF HKU\S-1-5-21-2422417732-1841435958-1105847916-1000\...\SeaMonkey\Extensions: [mozilla_cc2@internetdownloadmanager.com] - C:\Program Files\Internet Download Manager\idmmzcc2.xpi
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32_22_0_0_209.dll [2016-07-12] ()
FF Plugin: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files\Google\Picasa3\npPicasa3.dll [2015-10-13] (Google, Inc.)
FF Plugin: @java.com/DTPlugin,version=10.80.2 -> C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll [2016-08-06] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.80.2 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll [2016-08-06] (Oracle Corporation)
FF Plugin: @Microsoft.com/DownloadManager,version=1.1 -> C:\Windows\ [] ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll [2012-04-11] ( Microsoft Corporation)
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-07-29] (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-07-29] (Google Inc.)
FF Plugin: @videolan.org/vlc,version=2.1.5 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2014-07-23] (VideoLAN)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll [2014-12-03] (Adobe Systems Inc.)
FF Plugin HKU\.DEFAULT: @hola.org/FlashPlayer -> C:\Users\pc\AppData\Local\Hola\firefox_hola\app\flash\NPSWF32_18_0_0_232.dll [Pas de fichier]
FF Plugin HKU\.DEFAULT: @hola.org/vlc -> C:\Users\pc\AppData\Local\Hola\firefox_hola\app\vlc\npvlc.dll [Pas de fichier]
FF Plugin HKU\S-1-5-21-2422417732-1841435958-1105847916-1000: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\pc\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2015-03-24] (Unity Technologies ApS)

Chrome:
=======
CHR Profile: C:\Users\pc\AppData\Local\Google\Chrome\User Data\Profile 1 [2015-12-06]
CHR Extension: (Google Docs) - C:\Users\pc\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aohghmighlieiainnegkcijnfilokake [2015-09-09]
CHR Extension: (Google Drive) - C:\Users\pc\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-10-25]
CHR Extension: (YouTube) - C:\Users\pc\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-10-25]
CHR Extension: (Recherche Google) - C:\Users\pc\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-10-30]
CHR Extension: (Google Docs hors connexion) - C:\Users\pc\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2015-11-20]
CHR Extension: (IDM Integration Module) - C:\Users\pc\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ngpampappnmepgilojfohadhhmbhlaek [2015-10-07]
CHR Extension: (Paiements via le Chrome Web Store) - C:\Users\pc\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-09-09]
CHR Extension: (Gmail) - C:\Users\pc\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-09-09]
CHR Profile: C:\Users\pc\AppData\Local\Google\Chrome\User Data\Profile 7 [2016-11-10]
CHR Extension: (Stealthy) - C:\Users\pc\AppData\Local\Google\Chrome\User Data\Profile 7\Extensions\ieaebnkibonmpbhdaanjkmedikadnoje [2016-06-20]
CHR Extension: (Piktab) - C:\Users\pc\AppData\Local\Google\Chrome\User Data\Profile 7\Extensions\nkhjnpgcnmdpeikbeegmibjcfjpamjnp [2016-09-07]
CHR Extension: (Service proxy et VPN Hotspot Shield gratuit) - C:\Users\pc\AppData\Local\Google\Chrome\User Data\Profile 7\Extensions\nlbejmccbhkncgokjcmghpfloaajcffj [2016-08-26]
CHR Extension: (Paiements via le Chrome Web Store) - C:\Users\pc\AppData\Local\Google\Chrome\User Data\Profile 7\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-04-14]
CHR Extension: (Simple Startup Password) - C:\Users\pc\AppData\Local\Google\Chrome\User Data\Profile 7\Extensions\ojoalkffommhmdmbohjphohoejjmgepc [2016-06-03]
CHR Extension: (Gmail) - C:\Users\pc\AppData\Local\Google\Chrome\User Data\Profile 7\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-12-06]
CHR Extension: (Chrome Media Router) - C:\Users\pc\AppData\Local\Google\Chrome\User Data\Profile 7\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2016-08-29]
CHR Profile: C:\Users\pc\AppData\Local\Google\Chrome\User Data\Profile 8 [2016-10-07]
CHR Extension: (Google Docs) - C:\Users\pc\AppData\Local\Google\Chrome\User Data\Profile 8\Extensions\aohghmighlieiainnegkcijnfilokake [2016-11-10]
CHR Extension: (Google Drive) - C:\Users\pc\AppData\Local\Google\Chrome\User Data\Profile 8\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-11-10]
CHR Extension: (YouTube) - C:\Users\pc\AppData\Local\Google\Chrome\User Data\Profile 8\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-11-10]
CHR Extension: (Google Docs hors connexion) - C:\Users\pc\AppData\Local\Google\Chrome\User Data\Profile 8\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-11-10]
CHR Extension: (Hotspot Shield Free VPN Proxy – Unblock Sites) - C:\Users\pc\AppData\Local\Google\Chrome\User Data\Profile 8\Extensions\heajfgnegopeedndeahkdjedjkjcmnpb [2016-11-10]
CHR Extension: (anonymoX) - C:\Users\pc\AppData\Local\Google\Chrome\User Data\Profile 8\Extensions\icpklikeghomkemdellmmkoifgfbakio [2016-11-10]
CHR Extension: (Stealthy) - C:\Users\pc\AppData\Local\Google\Chrome\User Data\Profile 8\Extensions\ieaebnkibonmpbhdaanjkmedikadnoje [2016-11-10]
CHR Extension: (Piktab) - C:\Users\pc\AppData\Local\Google\Chrome\User Data\Profile 8\Extensions\nkhjnpgcnmdpeikbeegmibjcfjpamjnp [2016-11-10]
CHR Extension: (Service proxy et VPN Hotspot Shield gratuit) - C:\Users\pc\AppData\Local\Google\Chrome\User Data\Profile 8\Extensions\nlbejmccbhkncgokjcmghpfloaajcffj [2016-09-28]
CHR Extension: (Paiements via le Chrome Web Store) - C:\Users\pc\AppData\Local\Google\Chrome\User Data\Profile 8\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-11-10]
CHR Extension: (Simple Startup Password) - C:\Users\pc\AppData\Local\Google\Chrome\User Data\Profile 8\Extensions\ojoalkffommhmdmbohjphohoejjmgepc [2016-11-10]
CHR Extension: (Gmail) - C:\Users\pc\AppData\Local\Google\Chrome\User Data\Profile 8\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-11-10]
CHR Extension: (Chrome Media Router) - C:\Users\pc\AppData\Local\Google\Chrome\User Data\Profile 8\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2016-09-21]
CHR Profile: C:\Users\pc\AppData\Local\Google\Chrome\User Data\System Profile [2015-09-06]
StartMenuInternet: Google Chrome.4XSR2IL6OZIU3XYN7M4WM23X3E - C:\Documents and Settings\pc\Local Settings\Applic~1\Google\Chrome\Application\chrome.exe

Opera:
=======
OPR Extension: (The Weather) - C:\Users\pc\AppData\Roaming\Opera Software\Opera Stable\Extensions\lnejmennopimdkhecilfhkmmjolebocd [2015-10-05]

==================== Services (Avec liste blanche) ====================

(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)

S3 fussvc; C:\Program Files\Windows Kits\8.0\App Certification Kit\fussvc.exe [133632 2012-07-25] (Microsoft Corporation) [Fichier non signé]
S3 hshld; C:\Program Files\Hotspot Shield\bin\cmw_srv.exe [2710648 2016-08-24] (AnchorFree Inc.)
S3 HssTrayService; C:\Program Files\Hotspot Shield\bin\HssTrayService.EXE [103168 2016-08-24] ()
S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.11.309\McCHSvc.exe [239880 2016-03-11] (McAfee, Inc.)
R2 MSSQL$SQL2008; c:\Program Files\Microsoft SQL Server\MSSQL10.SQL2008\MSSQL\Binn\sqlservr.exe [40999448 2008-07-10] (Microsoft Corporation)
S4 NetMsmqActivator; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [139680 2012-07-09] (Microsoft Corporation) [Fichier non signé]
S4 NetPipeActivator; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [139680 2012-07-09] (Microsoft Corporation) [Fichier non signé]
S4 NetTcpActivator; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [139680 2012-07-09] (Microsoft Corporation) [Fichier non signé]
S4 NetTcpPortSharing; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [139680 2012-07-09] (Microsoft Corporation) [Fichier non signé]
S4 SQLAgent$SQL2008; c:\Program Files\Microsoft SQL Server\MSSQL10.SQL2008\MSSQL\Binn\SQLAGENT.EXE [369688 2008-07-10] (Microsoft Corporation)
S3 Te.Service; C:\Program Files\Windows Kits\8.0\Testing\Runtimes\TAEF\Wex.Services.exe [94208 2012-07-25] (Microsoft Corporation) [Fichier non signé]
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [680960 2009-07-14] (Microsoft Corporation)
S3 AdobeARMservice; "C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe" [X]

===================== Pilotes (Avec liste blanche) ======================

(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)

R1 ISODrive; C:\Program Files\UltraISO\drivers\ISODrive.sys [82168 2013-11-21] (EZB Systems, Inc.)
R0 iusb3hcs; C:\Windows\System32\DRIVERS\iusb3hcs.sys [16440 2012-12-04] (Intel Corporation)
R1 ndisrd; C:\Windows\System32\DRIVERS\ndisrd.sys [37408 2014-08-14] (NT Kernel Resources)
S4 RsFx0102; C:\Windows\System32\DRIVERS\RsFx0102.sys [242712 2008-07-10] (Microsoft Corporation)
R3 taphss6; C:\Windows\System32\DRIVERS\taphss6.sys [36968 2016-01-13] (Anchorfree Inc.)
S3 TrojanKillerDriver; C:\Windows\System32\DRIVERS\gtkdrv.sys [16128 2016-09-15] (Windows (R) Win 7 DDK provider)
S3 VSPerfDrv110; C:\Program Files\Microsoft Visual Studio 11.0\Team Tools\Performance Tools\VSPerfDrv110.sys [55416 2012-07-13] (Microsoft Corporation)
R0 Bhbase; System32\drivers\Bhbase.sys [X]
S3 catchme; \??\C:\Users\pc\AppData\Local\Temp\catchme.sys [X]

==================== NetSvcs (Avec liste blanche) ===================

(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)


==================== Un mois - Créés - fichiers et dossiers ========

(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)

2016-11-12 20:57 - 2016-11-12 20:59 - 10391340 _____ C:\Users\pc\Downloads\الكاسكيطة والسيجار.pdf
2016-11-10 18:14 - 2016-11-10 18:14 - 00000000 ____D C:\Users\pc\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Applications Chrome
2016-11-10 14:17 - 2016-10-05 15:38 - 00001456 _____ C:\Users\pc\AppData\Local\Adobe Save for Web 13.0 Prefs
2016-10-07 13:56 - 2016-10-07 13:57 - 00016662 _____ C:\Users\pc\Desktop\FRST.txt
2016-10-07 13:56 - 2016-10-07 13:56 - 00000000 ____D C:\FRST
2016-10-07 12:13 - 2016-10-07 12:13 - 01755136 _____ (Farbar) C:\Users\pc\Desktop\FRST.exe
2016-10-07 11:53 - 2016-10-07 11:53 - 00002975 _____ C:\Users\pc\Desktop\ZHPFixReport.txt
2016-10-07 01:02 - 2016-10-07 01:04 - 00000000 ____D C:\Program Files\ZHPFix
2016-10-07 01:02 - 2016-10-07 01:02 - 00001799 _____ C:\Users\Public\Desktop\ZHPFix.lnk
2016-10-07 00:32 - 2016-10-07 00:34 - 03521617 _____ (Nicolas Coolman ) C:\Users\pc\Desktop\ZHPFix.exe
2016-10-06 23:52 - 2016-10-06 23:52 - 00111306 _____ C:\Users\pc\Desktop\ZHPDiag.txt
2016-10-06 16:45 - 2016-10-06 16:55 - 00000000 ____D C:\AdwCleaner
2016-10-06 16:44 - 2016-10-06 16:45 - 03861056 _____ C:\Users\pc\Desktop\adwcleaner_6.020.exe
2016-10-06 16:25 - 2016-10-06 16:25 - 00003450 _____ C:\Users\pc\Desktop\JRT.txt
2016-10-06 16:22 - 2016-10-06 16:22 - 00002392 _____ C:\Users\pc\Desktop\Rkill.txt
2016-10-06 16:17 - 2016-10-06 16:18 - 01631928 _____ (Malwarebytes) C:\Users\pc\Desktop\JRT.exe
2016-10-06 16:15 - 2016-10-06 16:16 - 02030536 _____ (Bleeping Computer, LLC) C:\Users\pc\Desktop\rkill.com
2016-10-06 15:51 - 2016-10-07 11:53 - 00000000 ____D C:\Users\pc\AppData\Roaming\ZHP
2016-10-06 15:51 - 2016-10-06 23:49 - 00000814 _____ C:\Users\pc\Desktop\ZHPDiag.lnk
2016-10-06 15:47 - 2016-10-06 15:50 - 02384896 _____ C:\Users\pc\Desktop\ZHPDiag3.exe
2016-10-05 22:37 - 2016-10-05 22:37 - 00000000 ____D C:\Users\Public\Documents\Baidu Security
2016-10-05 15:33 - 2016-10-05 15:33 - 00017587 _____ C:\Users\pc\Desktop\sta.txt
2016-10-05 15:28 - 2016-10-05 15:28 - 00017587 _____ C:\ComboFix.txt
2016-10-05 15:15 - 2016-10-05 15:28 - 00000000 ____D C:\Qoobox
2016-10-05 15:15 - 2011-06-26 07:45 - 00256000 _____ C:\Windows\PEV.exe
2016-10-05 15:15 - 2010-11-07 18:20 - 00208896 _____ C:\Windows\MBR.exe
2016-10-05 15:15 - 2009-04-20 05:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
2016-10-05 15:15 - 2000-08-31 01:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
2016-10-05 15:15 - 2000-08-31 01:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe
2016-10-05 15:15 - 2000-08-31 01:00 - 00098816 _____ C:\Windows\sed.exe
2016-10-05 15:15 - 2000-08-31 01:00 - 00080412 _____ C:\Windows\grep.exe
2016-10-05 15:15 - 2000-08-31 01:00 - 00068096 _____ C:\Windows\zip.exe
2016-10-05 15:14 - 2016-10-05 15:27 - 00000000 ____D C:\Windows\erdnt
2016-10-05 15:07 - 2016-10-05 15:08 - 05659993 ____R (Swearware) C:\Users\pc\Desktop\ComboFix.exe
2016-10-05 13:02 - 2016-10-05 13:02 - 00000000 ____D C:\Users\pc\AppData\LocalLow\Adobe
2016-10-05 12:42 - 2016-10-05 12:42 - 00000000 ____D C:\ProgramData\Adobe
2016-10-05 12:42 - 2016-10-05 12:42 - 00000000 ____D C:\Program Files\Common Files\Adobe
2016-10-05 10:40 - 2016-10-05 10:40 - 02765376 _____ (Xamarin, Inc) C:\Users\pc\Downloads\XamarinInstaller (1).exe
2016-10-05 08:15 - 2016-10-05 08:15 - 02765376 _____ (Xamarin, Inc) C:\Users\pc\Downloads\XamarinInstaller.exe
2016-10-05 06:50 - 2016-10-05 06:50 - 00213904 _____ (Microsoft Corporation) C:\Users\pc\Downloads\vs_community__b609461fa949f94692c29fc7511a8003.exe
2016-10-04 22:39 - 2016-10-05 16:46 - 00000000 ____D C:\Users\pc\AppData\Roaming\Adobe
2016-10-04 22:39 - 2016-10-05 12:42 - 00000000 ____D C:\Users\pc\AppData\Local\Adobe
2016-10-03 21:39 - 2016-10-05 16:42 - 00000000 ____D C:\Users\pc\Desktop\pmb
2016-10-02 15:57 - 2016-10-02 15:57 - 00000000 ____D C:\Users\pc\Desktop\Using Barcode Reader
2016-10-02 15:57 - 2016-09-24 00:38 - 01027452 _____ C:\Users\pc\Desktop\Using Barcode Reader.rar
2016-09-29 12:22 - 2016-04-28 12:07 - 02651644 _____ C:\Users\pc\Desktop\الشرح الوافي .pdf
2016-09-29 12:10 - 2016-04-29 11:45 - 01853509 _____ C:\Users\pc\Desktop\ربط قواعد البيانات Access وSql server بلغة الـ c# باستخدام تقنية (ado.net) .pdf
2016-09-29 12:05 - 2016-04-29 11:57 - 00975700 _____ C:\Users\pc\Desktop\قـواعد البيانات في السي شارب Visual C# 2010.pdf
2016-09-29 12:01 - 2014-04-01 07:52 - 01337999 _____ C:\Users\pc\Desktop\My Program Cpu.pdf
2016-09-29 10:34 - 2016-09-29 10:34 - 00839769 _____ C:\Users\pc\Downloads\How_To_Profit_From_Youtube.pdf
2016-09-29 10:18 - 2016-09-29 10:18 - 03182926 _____ C:\Users\pc\Desktop\Step_By_Step_To_Youtube_World.pdf
2016-09-29 10:16 - 2016-09-29 10:18 - 01656627 _____ C:\Users\pc\Downloads\Ubuntu_Linux_Guide.pdf
2016-09-29 00:43 - 2016-09-29 00:44 - 02067798 _____ C:\Users\pc\Downloads\Beginning_Android_Tablet_Programming.pdf
2016-09-28 15:07 - 2016-09-28 15:07 - 00000000 _____ C:\Users\pc\Desktop\Nouveau document texte (2).txt
2016-09-28 12:26 - 2015-05-14 16:25 - 00882905 _____ C:\Users\pc\Desktop\ملخص علوم إسلامية 2015.pdf
2016-09-28 12:08 - 2016-09-28 12:08 - 00000000 ____D C:\Users\Public\Documents\Baidu
2016-09-27 23:29 - 2016-09-27 23:34 - 02618953 _____ C:\Users\pc\Downloads\Photoshop_CC_2015.5_17.0.1.32bit.rar
2016-09-27 15:07 - 2016-09-27 15:09 - 00000000 ____D C:\Program Files\SAP BusinessObjects
2016-09-27 15:07 - 2016-09-27 15:07 - 00000000 ____D C:\ProgramData\Macrovision
2016-09-27 15:07 - 2016-09-27 15:07 - 00000000 ____D C:\inetpub
2016-09-26 21:27 - 2016-09-26 21:27 - 00002513 _____ C:\Users\Public\Desktop\Microsoft Download Manager.lnk
2016-09-26 21:27 - 2016-09-26 21:27 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Download Manager
2016-09-26 21:27 - 2016-09-26 21:27 - 00000000 ____D C:\Program Files\Microsoft Download Manager
2016-09-26 11:13 - 2016-09-26 11:13 - 00844021 _____ C:\Users\pc\Downloads\Pixiconz-v1.psd
2016-09-25 22:11 - 2016-09-25 22:12 - 01474560 _____ C:\Users\pc\Desktop\روضة الطفل السعيد.mdb
2016-09-24 22:30 - 2016-04-29 11:48 - 02099756 _____ C:\Users\pc\Desktop\ADO.NET.pdf
2016-09-24 22:17 - 2016-04-29 11:46 - 01356496 _____ C:\Users\pc\Desktop\حفظ واسترجاع الصور sql server+C#.pdf
2016-09-24 16:18 - 2016-09-24 16:19 - 00000000 ____D C:\Users\pc\AppData\Local\Apps\Windows 7 USB DVD Download Tool
2016-09-24 16:18 - 2016-09-24 16:18 - 00002488 _____ C:\Users\pc\Desktop\Windows 7 USB DVD Download Tool.lnk
2016-09-24 16:18 - 2016-09-24 16:18 - 00000000 ____D C:\Users\pc\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows 7 USB DVD Download Tool
2016-09-24 16:03 - 2016-09-24 16:07 - 00231744 _____ C:\Users\pc\Downloads\DriverPack-Offline.torrent
2016-09-24 14:47 - 2016-09-24 14:47 - 00000000 ____D C:\Users\pc\Documents\NetBeansProjects
2016-09-24 13:46 - 2016-09-24 13:50 - 00000210 _____ C:\Users\pc\Desktop\مشاريع تنفذ.txt
2016-09-24 13:11 - 2016-09-24 13:11 - 00000000 ____D C:\Program Files\Apache Software Foundation
2016-09-24 13:10 - 2016-09-24 13:11 - 00000000 ____D C:\Program Files\glassfish-4.1.1
2016-09-24 13:08 - 2016-09-24 13:08 - 00002011 _____ C:\Users\Public\Desktop\NetBeans IDE 8.1.lnk
2016-09-24 13:06 - 2016-09-24 13:15 - 00000000 ____D C:\Program Files\NetBeans 8.1
2016-09-24 11:59 - 2016-09-24 12:09 - 00000000 ____D C:\Users\pc\Desktop\lfduhj
2016-09-24 10:02 - 2016-09-24 10:02 - 00000000 ____D C:\Windows\pss
2016-09-24 00:41 - 2016-09-24 00:42 - 00020992 ____H C:\Users\pc\Desktop\Using Barcode Reader.v11.suo
2016-09-24 00:41 - 2014-11-20 00:47 - 00020992 ____H C:\Users\pc\Desktop\Using Barcode Reader.v11 (2).suo
2016-09-22 21:47 - 2016-09-22 21:49 - 07491840 _____ (Intel) C:\Users\pc\Downloads\Intel Driver Update Utility Installer.exe
2016-09-22 16:19 - 2016-09-22 19:53 - 1109803008 _____ C:\Users\pc\Downloads\ubuntu-14.04.5-desktop-i386.iso
2016-09-22 16:18 - 2016-09-22 16:18 - 00106652 _____ C:\Users\pc\Downloads\openssl_1.0.2g-1ubuntu4.4.debian.tar.xz
2016-09-22 16:18 - 2016-09-22 16:18 - 00042679 _____ C:\Users\pc\Downloads\ubuntu-14.04.5-desktop-i386.iso.torrent
2016-09-22 11:29 - 2016-04-29 11:47 - 01300367 _____ C:\Users\pc\Desktop\الهجرة من الفيجوال بسيك إلى السي شارب والعكس.pdf
2016-09-22 11:27 - 2016-09-22 11:27 - 00015872 ___SH C:\Users\pc\Thumbs.db
2016-09-22 09:52 - 2016-09-22 09:52 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GridinSoft Anti-Malware
2016-09-22 09:52 - 2016-09-22 09:52 - 00000000 ____D C:\Program Files\GridinSoft Anti-Malware
2016-09-22 00:21 - 2016-09-22 09:52 - 00000000 ____D C:\ProgramData\GridinSoft
2016-09-20 12:25 - 2016-09-20 12:25 - 00014303 _____ C:\Users\pc\Downloads\Windows 7 Aero Blue Lite Edition 2016 (x86).torrent
2016-09-19 00:29 - 2016-09-25 23:52 - 00000093 _____ C:\Users\pc\Documents\Project1.layout
2016-09-19 00:28 - 2016-09-25 23:12 - 00003448 _____ C:\Users\pc\Documents\main.o
2016-09-19 00:28 - 2016-09-25 23:12 - 00001090 _____ C:\Users\pc\Documents\Makefile.win
2016-09-19 00:25 - 2016-04-30 12:26 - 00693414 _____ C:\Users\pc\Desktop\عالم التروجانات و كل شيء عنه.pdf
2016-09-19 00:17 - 2016-09-19 00:17 - 00000958 _____ C:\Users\UpdatusUser\Desktop\Dev-C++.lnk
2016-09-19 00:17 - 2016-09-19 00:17 - 00000958 _____ C:\Users\pc\Desktop\Dev-C++.lnk
2016-09-19 00:17 - 2016-09-19 00:17 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Bloodshed Dev-C++
2016-09-18 23:00 - 2016-09-21 11:58 - 00000207 _____ C:\Users\pc\Desktop\الوان للتصميم.txt
2016-09-18 13:26 - 2016-09-18 13:26 - 00000028 _____ C:\bilal.txt
2016-09-18 10:48 - 2016-09-18 10:48 - 00000000 ____D C:\Users\pc\AppData\LocalLow\Oracle
2016-09-17 16:05 - 2016-09-17 16:05 - 00000000 ____D C:\Users\pc\AppData\Roaming\Microsoft FxCop
2016-09-17 12:14 - 2016-09-17 12:14 - 00000000 ____D C:\Users\pc\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\YazSale
2016-09-16 12:13 - 2016-09-16 12:13 - 00016384 _____ C:\Users\pc\Downloads\rom-0
2016-09-16 10:37 - 2016-09-16 10:37 - 00001591 _____ C:\Users\pc\Desktop\C# to C++ Converter (Free Edition).lnk
2016-09-12 01:50 - 2016-09-12 01:55 - 00000108 _____ C:\Users\pc\Desktop\Nouveau document texte.txt
2016-09-08 11:22 - 2016-09-08 11:22 - 00000000 ____D C:\Users\pc\AppData\LocalLow\Adobe-BackupByPhotoshopPortable

==================== Un mois - Modifiés - fichiers et dossiers ========

(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)

2016-11-10 17:59 - 2016-06-19 01:54 - 00000000 ____D C:\FiddlerCoreAPI
2016-11-10 17:52 - 2009-07-14 03:37 - 00000000 ____D C:\Program Files\Common Files\microsoft shared
2016-11-10 17:51 - 2016-08-06 23:52 - 00000000 ____D C:\Program Files\Microsoft Visual Studio 9.0
2016-11-10 17:47 - 2016-07-03 19:09 - 00000000 ____D C:\ProgramData\EPS
2016-10-07 13:56 - 2015-03-24 18:31 - 00000000 ____D C:\Users\pc\AppData\Roaming\DMCache
2016-10-07 12:45 - 2015-03-31 18:19 - 00000000 ____D C:\Users\pc\AppData\Roaming\vlc
2016-10-07 10:38 - 2015-03-24 17:39 - 02029918 _____ C:\Windows\system32\PerfStringBackup.INI
2016-10-07 10:38 - 2009-07-14 09:39 - 00866362 _____ C:\Windows\system32\perfh00C.dat
2016-10-07 10:38 - 2009-07-14 09:39 - 00196758 _____ C:\Windows\system32\perfc00C.dat
2016-10-07 10:38 - 2009-07-14 03:37 - 00000000 ____D C:\Windows\inf
2016-10-07 09:47 - 2009-07-14 05:34 - 00020512 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2016-10-07 09:47 - 2009-07-14 05:34 - 00020512 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2016-10-07 09:40 - 2009-07-14 05:53 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2016-10-07 01:02 - 2015-06-20 12:38 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ZHP
2016-10-06 21:44 - 2016-08-10 17:15 - 00000000 ____D C:\Users\pc\Documents\SQL Server Management Studio
2016-10-06 16:57 - 2015-03-24 18:28 - 00000000 ____D C:\Users\UpdatusUser
2016-10-06 10:38 - 2009-07-14 03:37 - 00000000 ____D C:\Windows\system32\NDF
2016-10-06 00:49 - 2016-02-01 12:07 - 00001058 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2016-10-06 00:49 - 2016-02-01 12:07 - 00001054 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2016-10-06 00:49 - 2015-03-24 18:39 - 00001002 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2016-10-06 00:45 - 2015-03-30 20:21 - 00000000 ____D C:\Users\pc\AppData\Roaming\uTorrent
2016-10-06 00:24 - 2015-04-18 10:25 - 00000000 ____D C:\Windows\Minidump
2016-10-06 00:24 - 2015-03-24 17:28 - 00000000 ____D C:\Windows\Panther
2016-10-05 20:28 - 2016-08-11 17:05 - 00000000 ____D C:\Users\pc\AppData\LocalLow\uTorrent
2016-10-05 15:25 - 2009-07-14 03:04 - 00000215 _____ C:\Windows\system.ini
2016-10-05 13:24 - 2015-03-24 18:31 - 00000000 ____D C:\Users\pc\Downloads\Compressed
2016-10-05 12:43 - 2016-09-03 09:44 - 00000000 ____D C:\Users\pc\Desktop\برمجة
2016-10-05 12:28 - 2016-08-03 12:36 - 00000000 ____D C:\Users\pc\AppData\Local\Deployment
2016-10-05 11:56 - 2015-03-24 18:31 - 00000000 ____D C:\Users\pc\AppData\Roaming\IDM
2016-10-05 10:42 - 2016-08-08 21:47 - 00000000 ____D C:\ProgramData\Package Cache
2016-10-05 07:21 - 2016-08-08 22:18 - 00000000 ____D C:\Users\pc\Documents\Visual Studio 2012
2016-10-03 23:40 - 2016-02-01 12:14 - 00002139 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-09-28 14:52 - 2016-03-04 18:05 - 00000000 ____D C:\Users\pc\Desktop\Nouveau dossier (2)
2016-09-27 15:12 - 2015-03-24 17:39 - 00435928 _____ C:\Users\pc\AppData\Local\GDIPFONTCACHEV1.DAT
2016-09-24 14:44 - 2016-08-06 17:32 - 00000000 ____D C:\Users\pc\AppData\Roaming\NetBeans
2016-09-24 14:03 - 2016-08-06 17:16 - 00000000 ____D C:\Users\pc\.nbi
2016-09-24 13:08 - 2016-08-06 17:21 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NetBeans
2016-09-22 11:27 - 2015-03-24 17:35 - 00000000 ____D C:\Users\pc
2016-09-22 10:09 - 2015-03-30 20:45 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\1 Media Player
2016-09-22 10:08 - 2015-03-24 18:38 - 00002100 _____ C:\Users\pc\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-09-19 00:25 - 2016-05-27 14:13 - 00000000 ____D C:\Users\pc\AppData\Roaming\Dev-Cpp
2016-09-19 00:07 - 2016-07-15 20:20 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CodeBlocks
2016-09-19 00:05 - 2016-08-03 11:33 - 00000000 ____D C:\Users\pc\AppData\Roaming\CodeBlocks
2016-09-16 10:37 - 2016-08-02 21:07 - 00000000 ____D C:\Users\pc\AppData\Roaming\Tangible Software Solutions Inc
2016-09-16 10:37 - 2016-08-02 21:07 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tangible Software Solutions
2016-09-16 10:37 - 2016-08-02 21:07 - 00000000 ____D C:\Program Files\Tangible Software Solutions
2016-09-15 20:10 - 2015-03-24 18:31 - 00000000 ____D C:\Users\pc\Downloads\Video
2016-09-15 17:26 - 2015-07-31 16:53 - 00016128 _____ (Windows (R) Win 7 DDK provider) C:\Windows\system32\Drivers\gtkdrv.sys
2016-09-09 13:42 - 2009-07-14 05:53 - 00032482 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2016-09-08 11:22 - 2016-09-03 14:09 - 00000000 ____D C:\ProgramData\Adobe-BackupByPhotoshopPortable
2016-09-08 11:22 - 2015-03-24 18:38 - 00000000 ____D C:\Program Files\Common Files\Adobe-BackupByPhotoshopPortable
2016-09-08 00:11 - 2015-03-24 18:43 - 00000000 ____D C:\The KMPlayer

==================== Fichiers à la racine de certains dossiers =======

2016-05-22 11:26 - 2016-06-01 01:26 - 0000111 _____ () C:\Users\pc\AppData\Roaming\WB.CFG
2016-11-10 14:17 - 2016-10-05 15:38 - 0001456 _____ () C:\Users\pc\AppData\Local\Adobe Save for Web 13.0 Prefs
2016-05-25 11:28 - 2016-05-25 12:14 - 0178749 _____ () C:\Users\pc\AppData\Local\ars.cache
2016-05-25 11:28 - 2016-05-25 12:14 - 0321994 _____ () C:\Users\pc\AppData\Local\census.cache
2015-04-09 17:04 - 2015-08-26 19:00 - 0003584 _____ () C:\Users\pc\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2016-05-25 11:02 - 2016-05-25 11:02 - 0000036 _____ () C:\Users\pc\AppData\Local\housecall.guid.cache
2010-04-01 00:01 - 2010-04-01 00:01 - 0000000 _____ () C:\Users\pc\AppData\Local\{054403D8-23D8-4923-A7DF-308867AB50B3}
2010-03-31 13:01 - 2010-03-31 13:01 - 0000000 _____ () C:\Users\pc\AppData\Local\{479EBA54-C18A-43F4-97FD-5700F9F8406E}
2010-04-01 00:03 - 2010-04-01 00:03 - 0000000 _____ () C:\Users\pc\AppData\Local\{97FD9DB6-C9F1-4F4D-9FF4-9DBD81894169}
2010-04-01 00:01 - 2010-04-01 00:01 - 0000000 _____ () C:\Users\pc\AppData\Local\{CCC177DE-BB7F-430A-88E5-A21F6CEA4646}

==================== Bamital & volsnap ======================

(Il n'y a pas de correction automatique pour les fichiers qui ne satisfont pas à la vérification.)

C:\Windows\explorer.exe => Le fichier est signé numériquement
C:\Windows\system32\winlogon.exe => Le fichier est signé numériquement
C:\Windows\system32\wininit.exe => Le fichier est signé numériquement
C:\Windows\system32\svchost.exe => Le fichier est signé numériquement
C:\Windows\system32\services.exe => Le fichier est signé numériquement
C:\Windows\system32\User32.dll => Le fichier est signé numériquement
C:\Windows\system32\userinit.exe => Le fichier est signé numériquement
C:\Windows\system32\rpcss.dll => Le fichier est signé numériquement
C:\Windows\system32\dnsapi.dll => Le fichier est signé numériquement
C:\Windows\system32\Drivers\volsnap.sys => Le fichier est signé numériquement


LastRegBack: 2016-10-06 16:42

==================== Fin de FRST.txt ============================

Publicité


Signaler le contenu de ce document

Publicité