Publicité
Publicité
Format du document : text/plain
Prévisualisation
Résultats d'analyse de Farbar Recovery Scan Tool (FRST) (x86) Version: 20-08-2017
Exécuté par pc (administrateur) sur AHMED (06-09-2017 20:47:24)
Exécuté depuis C:\Users\pc\Desktop
Profils chargés: pc (Profils disponibles: pc)
Platform: Microsoft Windows 7 Professionnel Service Pack 1 (X86) Langue: Français (France)
Internet Explorer Version 11 (Navigateur par défaut: Chrome)
Mode d'amorçage: Normal
Tutoriel pour Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processus (Avec liste blanche) =================
(Si un élément est inclus dans le fichier fixlist.txt, le processus sera arrêté. Le fichier ne sera pas déplacé.)
(IObit) C:\Program Files\IObit\IObit Malware Fighter\IMFsrv.exe
(Arcai.com) C:\Program Files\netcut\services\aips.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe
(IObit) C:\Program Files\IObit\Smart Defrag\SmartDefrag.exe
(Smadsoft) C:\Program Files\SMADAV\SMΔRTP.exe
(Kaspersky Lab ZAO) C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 15.0.2\avp.exe
(AOMEI Tech Co., Ltd.) C:\Program Files\AOMEI Backupper Standard Edition 2.0.2\ABService.exe
(Baidu.com, Inc.) C:\Program Files\baidu\Baidu Browser43.23.1000.500.1\sparkupdate.exe
(VMware, Inc.) C:\Program Files\VMware\VMware Horizon View Client\ClientService\horizon_client_service.exe
(Cucusoft, Inc.) C:\Program Files\Cucusoft\AutoUpdate\AutoUpdateSrvc.exe
(Cucusoft, Inc.) C:\Program Files\Cucusoft\NetGuard\BandwidthGuardSrvc.sys
(Cucusoft, Inc.) C:\Program Files\Cucusoft\NetGuard\SysMsgProxySrvc.sys
() C:\Program Files\Ericom Software\Ericom Access Server\AccessServer32.exe
() C:\Program Files\Ericom Software\Ericom Access Server\LicenseServer.exe
() C:\Program Files\Common Files\VMware\DeviceRedirectionCommon\ftnlsv.exe
(ClanServers Hosting LLC) C:\Program Files\GameTracker\GSInGameService.exe
(Malwarebytes) E:\Program Files\Malwarebytes Anti-Malware\mbamscheduler.exe
() C:\Program Files\Ericom Software\Ericom Access Server\PtLoadBalancerAgent.exe
() C:\Program Files\Razer\Razer Services\GSS\GameScannerService.exe
(Google Inc.) C:\Program Files\Google\Update\1.3.33.5\GoogleCrashHandler.exe
(Baidu Inc.) C:\Program Files\baidu\Baidu Browser43.23.1000.500.1\sparkservice.exe
() C:\Program Files\Ericom Software\Ericom Access Server\TsRemoteBrowser.exe
(VMware, Inc.) C:\Program Files\Common Files\VMware\USB\vmware-usbarbitrator.exe
(CyberGhost S.R.L) C:\Program Files\CyberGhost 6\CyberGhost.Service.exe
(VMware, Inc.) C:\Program Files\VMware\VMware Horizon View Client\vmware-view-usbd.exe
(© 2015 Microsoft Corporation) C:\Users\pc\AppData\Local\Microsoft\BingSvc\BingSvc.exe
() C:\Program Files\VMware\ScannerRedirection\ftscanmgrhv.exe
(VMware) C:\Program Files\Common Files\VMware\SerialPortRedirection\Client\vmwsprrdpwks.exe
(Malwarebytes) E:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe
(Kaspersky Lab ZAO) C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 15.0.2\wmi32.exe
==================== Registre (Avec liste blanche) ====================
(Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé. Le fichier ne sera pas déplacé.)
HKLM\...\Run: [IObit Malware Fighter] => C:\Program Files\IObit\IObit Malware Fighter\IMF.exe [5890848 2016-04-26] (IObit)
HKLM\...\Run: [SMΔRT-Protection] => C:\Program Files\Smadav\SMΔRTP.exe [1879152 2017-07-31] (Smadsoft)
HKU\S-1-5-21-478400719-566235881-3305381028-1000\...\Run: [IDMan] => C:\Program Files\Internet Download Manager\IDMan.exe [3907152 2015-08-29] (Tonec Inc.)
HKU\S-1-5-21-478400719-566235881-3305381028-1000\...\Run: [CyberGhost] => "C:\Program Files\CyberGhost 6\CyberGhost.exe" /autostart /min
HKU\S-1-5-21-478400719-566235881-3305381028-1000\...\Run: [CCleaner Monitoring] => "C:\Program Files\CCleaner\CCleaner.exe" /MONITOR
HKU\S-1-5-21-478400719-566235881-3305381028-1000\...\Run: [BingSvc] => C:\Users\pc\AppData\Local\Microsoft\BingSvc\BingSvc.exe [144008 2017-02-08] (© 2015 Microsoft Corporation)
HKU\S-1-5-21-478400719-566235881-3305381028-1000\...\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] => "C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe"
HKU\S-1-5-21-478400719-566235881-3305381028-1000\...\Policies\Explorer: [NolowDiskSpaceChecks] 1
HKU\S-1-5-21-478400719-566235881-3305381028-1000\...\Policies\Explorer: [DisallowRun] 1
HKU\S-1-5-21-478400719-566235881-3305381028-1000\...\Policies\Explorer\DisallowRun: [1] Mshta.exe
HKU\S-1-5-21-478400719-566235881-3305381028-1000\...\Policies\Explorer\DisallowRun: [2] powershell.exe
HKU\S-1-5-21-478400719-566235881-3305381028-1000\...\Policies\Explorer\DisallowRun: [3] bitsadmin.exe
HKU\S-1-5-18\...\Run: [Dashlane] => "C:\Users\pc\AppData\Roaming\Dashlane\Dashlane.exe" autoLaunchAtStartup
Startup: C:\Users\pc\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Facebook Gameroom.lnk [2017-08-03]
ShortcutTarget: Facebook Gameroom.lnk -> C:\Users\pc\AppData\Local\Facebook\Games\FacebookGameroom.exe (Pas de fichier)
BootExecute: autocheck autochk * SmartDefragBootTime.exe
==================== Internet (Avec liste blanche) ====================
(Si un élément est inclus dans le fichier fixlist.txt, s'il s'agit d'un élément du Registre, il sera supprimé ou restauré à la valeur par défaut.)
Winsock: Catalog9 01 C:\Windows\system32\LavasoftTcpService.dll [345360 2015-09-25] (Lavasoft Limited)
Winsock: Catalog9 02 C:\Windows\system32\LavasoftTcpService.dll [345360 2015-09-25] (Lavasoft Limited)
Winsock: Catalog9 03 C:\Windows\system32\LavasoftTcpService.dll [345360 2015-09-25] (Lavasoft Limited)
Winsock: Catalog9 04 C:\Windows\system32\LavasoftTcpService.dll [345360 2015-09-25] (Lavasoft Limited)
Winsock: Catalog9 15 C:\Windows\system32\LavasoftTcpService.dll [345360 2015-09-25] (Lavasoft Limited)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1 0.0.0.0
Tcpip\..\Interfaces\{BCE84D87-7989-43C0-AF0E-9AB2E72C440A}: [NameServer] 8.8.8.8,8.8.4.4
Tcpip\..\Interfaces\{BCE84D87-7989-43C0-AF0E-9AB2E72C440A}: [DhcpNameServer] 192.168.1.1 0.0.0.0
Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/?LinkID=617910&ResetID=131071654300771484&GUID=00000000-0000-0000-0000-000000000000
HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
HKU\S-1-5-21-478400719-566235881-3305381028-1000\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1
BHO: ExplorerWnd Helper -> {10921475-03CE-4E04-90CE-E2E7EF20C814} -> C:\Program Files\IObit\IObit Uninstaller\UninstallExplorer.dll [2015-11-12] (IObit)
BHO: Dashlane BHO -> {42D79B50-CC4A-4A8E-860F-BE674AF053A2} -> C:\Users\pc\AppData\Roaming\Dashlane\ie\Dashlanei.dll => Pas de fichier
BHO: Pas de nom -> {4A66AD60-A03D-4D01-86F0-5F0F7C0EF1AD} -> Pas de fichier
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_121\bin\ssv.dll => Pas de fichier
BHO: Pas de nom -> {93BC2EA7-2F17-4729-948A-D2E03FFB2412} -> Pas de fichier
BHO: Pas de nom -> {AB379017-4C03-4E00-8EDF-E6D6AF7CCF82} -> Pas de fichier
BHO: Pas de nom -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> Pas de fichier
BHO: IObit Surfing Protection -> {BA0C978D-D909-49B6-AFE2-8BDE245DC7E6} -> C:\PROGRA~1\IObit\ADVANC~1\SURFIN~1\BROWER~1\ASCPLU~1.DLL => Pas de fichier
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_121\bin\jp2ssv.dll => Pas de fichier
BHO: IObit Ads Removal -> {FFCB3198-32F3-4E8B-9539-4324694ED664} -> C:\Program Files\IObit\Advanced SystemCare\Surfing Protection\Adblock\Adblock.dll => Pas de fichier
Toolbar: HKLM - Dashlane Toolbar - {669695BC-A811-4A9D-8CDF-BA8C795F261C} - C:\Users\pc\AppData\Roaming\Dashlane\ie\KWIEBar.dll Pas de fichier
Handler: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - Pas de fichier
Handler: ms-help - {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll Pas de fichier
Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - Pas de fichier
Filter: text/xml - {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL Pas de fichier
FireFox:
========
FF HKLM\...\Firefox\Extensions: [content_blocker_663BE8@kaspersky.com] - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 15.0.2\FFExt\content_blocker@kaspersky.com
FF Extension: (Dangerous Websites Blocker) - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 15.0.2\FFExt\content_blocker@kaspersky.com [2016-12-09]
FF HKLM\...\Firefox\Extensions: [virtual_keyboard_074028@kaspersky.com] - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 15.0.2\FFExt\virtual_keyboard@kaspersky.com
FF Extension: (Virtual Keyboard) - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 15.0.2\FFExt\virtual_keyboard@kaspersky.com [2016-12-09]
FF HKLM\...\Firefox\Extensions: [online_banking_08806E@kaspersky.com] - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 15.0.2\FFExt\online_banking@kaspersky.com
FF Extension: (Safe Money) - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 15.0.2\FFExt\online_banking@kaspersky.com [2016-12-09]
FF HKLM\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files\McAfee\SiteAdvisor\saffplg.xpi => non trouvé(e)
FF HKU\S-1-5-21-478400719-566235881-3305381028-1000\...\Firefox\Extensions: [mozilla_cc2@internetdownloadmanager.com] - C:\Program Files\Internet Download Manager\idmmzcc2.xpi => non trouvé(e)
FF HKU\S-1-5-21-478400719-566235881-3305381028-1000\...\SeaMonkey\Extensions: [mozilla_cc2@internetdownloadmanager.com] - C:\Program Files\Internet Download Manager\idmmzcc2.xpi => non trouvé(e)
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32.dll [2009-02-03] ()
FF Plugin: @java.com/DTPlugin,version=11.121.2 -> C:\Program Files\Java\jre1.8.0_121\bin\dtplugin\npDeployJava1.dll [Pas de fichier]
FF Plugin: @java.com/JavaPlugin,version=11.121.2 -> C:\Program Files\Java\jre1.8.0_121\bin\plugin2\npjp2.dll [Pas de fichier]
FF Plugin: @kaspersky.com/content_blocker_663BE8 -> C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 15.0.2\FFExt\content_blocker@kaspersky.com [2016-12-09] ()
FF Plugin: @kaspersky.com/online_banking_08806E -> C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 15.0.2\FFExt\online_banking@kaspersky.com [2016-12-09] ()
FF Plugin: @kaspersky.com/virtual_keyboard_074028 -> C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 15.0.2\FFExt\virtual_keyboard@kaspersky.com [2016-12-09] ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-13] ( Microsoft Corporation)
FF Plugin: @microsoft.com/WPF,version=3.5 -> C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll [2007-11-07] (Microsoft Corporation)
FF Plugin: @t.garena.com/garenatalk -> C:\Program Files\Garena Plus\bbtalk\plugins\npPlugin\npGarenaTalkPlugin.dll [Pas de fichier]
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-07-01] (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-07-01] (Google Inc.)
FF Plugin: @videolan.org/vlc,version=2.1.5 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.2.4 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2017-08-10] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-478400719-566235881-3305381028-1000: @tools.google.com/Google Update;version=3 -> C:\Users\pc\AppData\Local\Google\Update\1.3.33.5\npGoogleUpdate3.dll [Pas de fichier]
FF Plugin HKU\S-1-5-21-478400719-566235881-3305381028-1000: @tools.google.com/Google Update;version=9 -> C:\Users\pc\AppData\Local\Google\Update\1.3.33.5\npGoogleUpdate3.dll [Pas de fichier]
FF Plugin HKU\S-1-5-21-478400719-566235881-3305381028-1000: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\pc\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [Pas de fichier]
Chrome:
=======
CHR HomePage: Default -> msn.com
CHR DefaultSearchURL: Default -> hxxp://www.bing.com/search?FORM=__PARAM__DF&PC=__PARAM__&q={searchTerms}
CHR DefaultSearchKeyword: Default -> bing.com
CHR DefaultSuggestURL: Default -> hxxp://www.bing.com/osjson.aspx?FORM=__PARAM__DF&PC=__PARAM__&query={searchTerms}
CHR Profile: C:\Users\pc\AppData\Local\Google\Chrome\User Data\Default [2017-09-06]
CHR Extension: (Kaspersky Protection) - C:\Users\pc\AppData\Local\Google\Chrome\User Data\Default\Extensions\dbhjdbfgekjfcfkkfjjmlmojhbllhbho [2017-09-06]
CHR Extension: (Bing) - C:\Users\pc\AppData\Local\Google\Chrome\User Data\Default\Extensions\fcfenmboojpjinhpgggodefccipikbpd [2017-09-06]
CHR Extension: (Paiements via le Chrome Web Store) - C:\Users\pc\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-09-05]
CHR Extension: (Chrome Media Router) - C:\Users\pc\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-09-05]
CHR HKLM\...\Chrome\Extension: [dbhjdbfgekjfcfkkfjjmlmojhbllhbho] - hxxps://chrome.google.com/webstore/detail/dbhjdbfgekjfcfkkfjjmlmojhbllhbho
CHR HKLM\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] - hxxp://clients2.google.com/service/update2/crx
CHR HKLM\...\Chrome\Extension: [icanjjkadceebmhanpekkofdhclnoijl] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - hxxps://clients2.google.com/service/update2/crx
CHR HKU\S-1-5-21-478400719-566235881-3305381028-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [dhdgffkkebhmkfjojejmpbldmpobfkfo] - hxxp://clients2.google.com/service/update2/crx
CHR HKU\S-1-5-21-478400719-566235881-3305381028-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [fcfenmboojpjinhpgggodefccipikbpd] - hxxps://clients2.google.com/service/update2/crx
StartMenuInternet: Google Chrome.TPXLRXPKHYVMUSNFTQ6X22GTI4 - C:\Users\pc\AppData\Local\Google\Chrome\Application\chrome.exe
Opera:
=======
OPR Extension: (SaveFrom.net Helper) - C:\Users\pc\AppData\Roaming\Opera Software\Opera Stable\Extensions\npdpplbicnmpoigidfdjadamgfkilaak [2017-07-27]
StartMenuInternet: (HKLM) Operadeveloper - C:\Program Files\Opera developer\Launcher.exe
==================== Services (Avec liste blanche) ====================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
"botxmjxa" => service a été déverrouillé. <==== ATTENTION
R2 AIPS; C:\Program Files\netcut\services\AIPS.exe [262144 2011-07-28] (Arcai.com) [Fichier non signé]
R2 AVP15.0.2; C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 15.0.2\avp.exe [194000 2015-06-29] (Kaspersky Lab ZAO)
R2 Backupper Service; C:\Program Files\AOMEI Backupper Standard Edition 2.0.2\ABService.exe [29912 2014-08-21] (AOMEI Tech Co., Ltd.) [Fichier non signé]
S2 botxmjxa; C:\Windows\system32\botxmjxa\tlodfdvh.exe [0 ] () <==== ATTENTION (zéro octet Fichier/Dossier)
R2 CG6Service; C:\Program Files\CyberGhost 6\CyberGhost.Service.exe [77872 2017-03-08] (CyberGhost S.R.L)
R2 client_service; C:\Program Files\VMware\VMware Horizon View Client\ClientService\horizon_client_service.exe [490568 2016-09-02] (VMware, Inc.)
R2 CS_AutoUpdate; C:\Program Files\Cucusoft\AutoUpdate\AutoUpdateSrvc.exe [44696 2012-07-17] (Cucusoft, Inc.)
R2 CS_BandwidthGuard; C:\Program Files\Cucusoft\NetGuard\BandwidthGuardSrvc.sys [223392 2013-06-21] (Cucusoft, Inc.)
R2 CS_SysMsgProxy; C:\Program Files\Cucusoft\NetGuard\SysMsgProxySrvc.sys [255136 2013-06-21] (Cucusoft, Inc.)
R2 Ericom Access Server; C:\Program Files\Ericom Software\Ericom Access Server\AccessServer32.exe [3946952 2016-11-09] ()
R2 Ericom Licensing Server; C:\Program Files\Ericom Software\Ericom Access Server\LicenseServer.exe [3253192 2016-11-09] ()
R2 ftnlsv3hv; C:\Program Files\Common Files\VMware\DeviceRedirectionCommon\ftnlsv.exe [188832 2016-07-27] ()
R2 ftscanmgrhv; C:\Program Files\VMware\ScannerRedirection\ftscanmgrhv.exe [6313376 2016-08-04] ()
R2 GS In-Game Service; C:\Program Files\GameTracker\GSInGameService.exe [1677080 2013-12-19] (ClanServers Hosting LLC)
R2 IMFservice; C:\Program Files\IObit\IObit Malware Fighter\IMFsrv.exe [1580320 2016-04-22] (IObit)
S4 InterBaseGuardian; C:\Program Files\Borland\InterBase\bin\ibguard.exe [32796 2005-11-14] (Borland Software Corporation) [Fichier non signé]
S3 InterBaseServer; C:\Program Files\Borland\InterBase\bin\ibserver.exe [1921024 2004-08-11] (Borland Software Corporation) [Fichier non signé]
S2 LiveUpdateSvc; C:\Program Files\IObit\LiveUpdate\LiveUpdate.exe [2960672 2016-04-21] (IObit)
R2 MBAMScheduler; E:\Program Files\Malwarebytes Anti-Malware\mbamscheduler.exe [1514464 2016-03-10] (Malwarebytes)
S2 MBAMService; E:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe [1136608 2016-03-10] (Malwarebytes)
R2 PtLoadBalancerAgent; C:\Program Files\Ericom Software\Ericom Access Server\PtLoadBalancerAgent.exe [733504 2016-11-09] ()
R2 Razer Game Scanner Service; C:\Program Files\Razer\Razer Services\GSS\GameScannerService.exe [187824 2016-07-20] ()
S3 RzKLService; C:\Program Files\Razer\Razer Cortex\RzKLService.exe [133376 2016-07-22] (Razer Inc.)
R2 SparkSvc; C:\Program Files\baidu\Baidu Browser43.23.1000.500.1\sparkservice.exe [96784 2017-09-06] (Baidu Inc.)
S3 SparkUpdater; C:\Program Files\Baidu\SparkUpdate\Sparkupdate.exe [1372176 2017-04-21] (Baidu.com, Inc.)
R2 TsRemoteBrowser; C:\Program Files\Ericom Software\Ericom Access Server\TsRemoteBrowser.exe [330608 2016-11-09] ()
R2 VMUSBArbService; C:\Program Files\Common Files\VMware\USB\vmware-usbarbitrator.exe [727112 2016-08-25] (VMware, Inc.)
R2 vmware-view-usbd; C:\Program Files\VMware\VMware Horizon View Client\vmware-view-usbd.exe [1169992 2016-08-25] (VMware, Inc.)
R2 vmwsprrdpwks; C:\Program Files\Common Files\VMware\SerialPortRedirection\Client\vmwsprrdpwks.exe [275872 2016-07-26] (VMware)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [680960 2013-05-27] (Microsoft Corporation)
S3 BstHdLogRotatorSvc; "C:\Program Files\BlueStacks\HD-LogRotatorService.exe" [X]
S3 cfbackd; C:\Program Files\CleverFiles\Disk Drill\cfbackd.w32.exe [X]
S3 FLEXnet Licensing Service; "C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe" [X]
S3 odserv; "C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE" [X]
S3 ose; "C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE" [X]
S2 PlaysService; "C:\Program Files\Raptr Inc\PlaysTV\plays_service.exe" [X]
S3 rpcapd; "%ProgramFiles%\WinPcap\rpcapd.exe" -d -f "%ProgramFiles%\WinPcap\rpcapd.ini" [X]
S3 SkypeUpdate; "C:\Program Files\Skype\Updater\Updater.exe" [X]
S3 Steam Client Service; "C:\Program Files\Common Files\Steam\SteamService.exe" /RunAsService [X]
S3 SwitchBoard; "C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe" [X]
===================== Pilotes (Avec liste blanche) ======================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
R0 ambakdrv; C:\Windows\System32\ambakdrv.sys [26424 2014-08-19] () [Fichier non signé]
R2 ammntdrv; C:\Windows\system32\ammntdrv.sys [129720 2014-08-19] () [Fichier non signé]
R2 amwrtdrv; C:\Windows\system32\amwrtdrv.sys [14392 2014-08-19] () [Fichier non signé]
R0 cm_km_w; C:\Windows\System32\DRIVERS\cm_km_w.sys [197864 2015-06-29] (Kaspersky Lab UK Ltd)
S3 dg_ssudbus; C:\Windows\System32\DRIVERS\ssudbus.sys [109184 2016-09-05] (Samsung Electronics Co., Ltd.)
S3 dtlitescsibus; C:\Windows\System32\DRIVERS\dtlitescsibus.sys [26168 2016-02-25] (Disc Soft Ltd)
S3 dtliteusbbus; C:\Windows\System32\DRIVERS\dtliteusbbus.sys [40504 2016-02-25] (Disc Soft Ltd)
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [242240 2016-05-09] (DT Soft Ltd)
R1 ehdrv; C:\Windows\System32\DRIVERS\ehdrv.sys [139384 2017-05-04] (ESET)
R1 EpfwLWF; C:\Windows\System32\DRIVERS\EpfwLWF.sys [52680 2017-05-04] (ESET)
R2 hcmon; C:\Windows\system32\drivers\hcmon.sys [58824 2016-08-25] (VMware, Inc.)
R1 HWiNFO32; C:\Windows\system32\drivers\HWiNFO32.SYS [23840 2017-07-01] (REALiX(tm))
S4 IMFFilter; C:\Program Files\IObit\IObit Malware Fighter\Drivers\win7_x86\IMFFilter.sys [21184 2016-03-31] (IObit)
R1 ISODrive; C:\Program Files\UltraISO\drivers\ISODrive.sys [82320 2010-01-29] (EZB Systems, Inc.)
R0 kl1; C:\Windows\System32\DRIVERS\kl1.sys [155304 2016-12-09] (Kaspersky Lab ZAO)
R2 kldisk; C:\Windows\System32\DRIVERS\kldisk.sys [54640 2016-12-09] (Kaspersky Lab ZAO)
R3 klflt; C:\Windows\System32\DRIVERS\klflt.sys [128728 2015-06-29] (Kaspersky Lab ZAO)
R1 klhk; C:\Windows\System32\DRIVERS\klhk.sys [53168 2016-12-09] (AO Kaspersky Lab)
R1 KLIF; C:\Windows\System32\DRIVERS\klif.sys [704432 2016-12-09] (Kaspersky Lab ZAO)
R1 KLIM6; C:\Windows\System32\DRIVERS\klim6.sys [44120 2016-12-09] (AO Kaspersky Lab)
R3 klkbdflt; C:\Windows\System32\DRIVERS\klkbdflt.sys [44920 2016-12-09] (Kaspersky Lab ZAO)
R3 klmouflt; C:\Windows\System32\DRIVERS\klmouflt.sys [44408 2016-12-09] (Kaspersky Lab ZAO)
R1 klpd; C:\Windows\System32\DRIVERS\klpd.sys [23920 2015-06-29] (Kaspersky Lab ZAO)
R1 kltdi; C:\Windows\System32\DRIVERS\kltdi.sys [54328 2015-06-29] (Kaspersky Lab ZAO)
R1 Klwtp; C:\Windows\System32\DRIVERS\klwtp.sys [76472 2016-12-09] (Kaspersky Lab ZAO)
R1 kneps; C:\Windows\System32\DRIVERS\kneps.sys [157240 2016-12-09] (Kaspersky Lab ZAO)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [24448 2016-03-10] (Malwarebytes)
S3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [0 2017-09-06] () <==== ATTENTION (zéro octet Fichier/Dossier)
S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [53120 2016-03-10] (Malwarebytes Corporation)
S3 NPF; C:\Windows\System32\drivers\npf.sys [35088 2010-06-25] (CACE Technologies, Inc.)
R3 RegFilter; C:\Program Files\IObit\IObit Malware Fighter\drivers\win7_x86\regfilter.sys [32288 2016-03-31] (IObit.com)
R2 rzpmgrk; C:\Windows\system32\drivers\rzpmgrk.sys [27248 2016-05-07] (Razer, Inc.)
R2 rzpnk; C:\Windows\system32\drivers\rzpnk.sys [69112 2016-06-28] (Razer, Inc.)
R3 Serenum; C:\Windows\System32\DRIVERS\nuvserenum.sys [17920 2014-01-12] (Windows (R) Win 7 DDK provider)
R3 Serial; C:\Windows\System32\DRIVERS\nuvserial.sys [76288 2014-01-12] (Nuvoton Technology Corp.)
R0 SmartDefragDriver; C:\Windows\System32\Drivers\SmartDefragDriver.sys [18800 2016-03-22] (IObit)
R3 tap0901; C:\Windows\System32\DRIVERS\tap0901.sys [23040 2016-04-21] (The OpenVPN Project)
R1 VBoxNetAdp; C:\Windows\System32\DRIVERS\VBoxNetAdp6.sys [104568 2016-07-21] (Oracle Corporation)
R1 VBoxNetLwf; C:\Windows\System32\DRIVERS\VBoxNetLwf.sys [169016 2016-07-21] (Oracle Corporation)
R1 VBoxUSBMon; C:\Windows\System32\DRIVERS\VBoxUSBMon.sys [104096 2015-09-08] (BigNox Corporation)
R2 WCMVCAM; C:\Windows\System32\DRIVERS\wcmvcam.sys [1068216 2012-04-15] (Windows (R) Win 7 DDK provider)
S3 wdm_usb; C:\Windows\System32\DRIVERS\usb2ser.sys [128704 2016-08-16] (MBB)
R1 XQHDrv; C:\Windows\System32\DRIVERS\XQHDrv.sys [203424 2015-09-08] (BigNox Corporation)
==================== NetSvcs (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
==================== Un mois - Créés - fichiers et dossiers ========
(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)
2017-09-06 20:47 - 2017-09-06 20:48 - 000024806 _____ C:\Users\pc\Desktop\FRST.txt
2017-09-06 20:47 - 2017-09-06 20:47 - 000000000 ____D C:\FRST
2017-09-06 20:44 - 2017-09-06 20:41 - 001792512 _____ (Farbar) C:\Users\pc\Desktop\FRST.exe
2017-09-06 19:54 - 2017-09-06 19:54 - 000170200 _____ (Malwarebytes) C:\Windows\system32\Drivers\76226479.sys
2017-09-06 18:34 - 2017-09-06 19:19 - 000000000 ____D C:\ComboFix
2017-09-06 18:33 - 2011-06-26 08:45 - 000256000 _____ C:\Windows\PEV.exe
2017-09-06 18:33 - 2010-11-07 19:20 - 000208896 _____ C:\Windows\MBR.exe
2017-09-06 18:33 - 2009-04-20 06:56 - 000060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
2017-09-06 18:33 - 2000-08-31 02:00 - 000518144 _____ (SteelWerX) C:\Windows\SWREG.exe
2017-09-06 18:33 - 2000-08-31 02:00 - 000406528 _____ (SteelWerX) C:\Windows\SWSC.exe
2017-09-06 18:33 - 2000-08-31 02:00 - 000098816 _____ C:\Windows\sed.exe
2017-09-06 18:33 - 2000-08-31 02:00 - 000080412 _____ C:\Windows\grep.exe
2017-09-06 18:33 - 2000-08-31 02:00 - 000068096 _____ C:\Windows\zip.exe
2017-09-06 18:32 - 2017-09-06 18:43 - 000000000 ____D C:\Qoobox
2017-09-06 18:29 - 2017-09-06 19:19 - 000000000 ____D C:\Windows\erdnt
2017-09-06 18:09 - 2017-09-06 18:09 - 000175782 _____ C:\Users\pc\Desktop\ZHPDiag.txt
2017-09-06 16:54 - 2017-09-06 16:54 - 000001069 _____ C:\Users\pc\Desktop\malware.txt
2017-09-06 16:42 - 2017-09-06 16:42 - 000000000 ____D C:\Users\Public\Documents\Guid
2017-09-06 16:07 - 2017-09-06 16:09 - 000045764 _____ C:\TDSSKiller.3.1.0.15_06.09.2017_16.07.08_log.txt
2017-09-06 16:03 - 2017-09-06 16:04 - 000045730 _____ C:\TDSSKiller.3.1.0.15_06.09.2017_16.03.45_log.txt
2017-09-06 12:26 - 2017-09-06 12:26 - 000000779 _____ C:\Users\pc\Desktop\ZHPDiag.lnk
2017-09-06 12:25 - 2017-09-05 12:09 - 002831744 _____ C:\Users\pc\Desktop\ZHPDiag3.exe
2017-09-06 11:04 - 2017-09-06 11:04 - 000000000 ____D C:\Users\pc\AppData\Roaming\Smadav
2017-09-05 19:31 - 2017-09-05 19:31 - 000000000 _____ C:\pxldrpow.sys
2017-09-05 18:19 - 2017-09-05 18:19 - 000000000 ____D C:\Users\pc\AppData\Local\Adobe
2017-09-05 18:05 - 2017-09-05 18:05 - 000002263 _____ C:\Users\Public\Desktop\CX4300_5500_DX4400 manual.lnk
2017-09-05 12:49 - 2017-09-05 18:14 - 000000000 ____D C:\Program Files\Common Files\IObit
2017-09-05 12:07 - 2017-09-06 11:56 - 000000000 ____D C:\Users\pc\AppData\Local\ZHP
2017-09-05 11:39 - 2017-09-06 11:05 - 000001308 _____ C:\ CommLog.csv
2017-09-05 11:39 - 2017-09-05 11:39 - 000000000 _____ C:\ CommLog.bck-001.csv
2017-09-04 13:38 - 2017-09-06 19:18 - 000238750 _____ C:\Windows\ntbtlog.txt
2017-09-04 10:45 - 2017-09-06 11:28 - 000000000 ____D C:\Users\pc\AppData\Local\CrashDumps
2017-09-03 22:11 - 2017-09-05 17:26 - 000000123 _____ C:\Windows\system32\PedLog9.txt
2017-09-03 20:20 - 2017-09-03 20:20 - 000000000 ____D C:\Users\pc\AppData\Roaming\Adobe
2017-09-03 20:19 - 2017-09-05 18:16 - 000121128 _____ C:\Users\pc\AppData\Local\GDIPFONTCACHEV1.DAT
2017-09-03 20:19 - 2017-09-03 20:19 - 000000000 ____D C:\Users\pc\AppData\LocalLow\IObit
2017-09-03 20:18 - 2017-09-03 20:18 - 000000000 ____D C:\Users\Public\Documents\PC Faster
2017-09-03 20:18 - 2017-09-03 20:18 - 000000000 ____D C:\Users\Public\Documents\Baidu
2017-09-03 20:18 - 2017-09-03 20:18 - 000000000 ____D C:\Users\pc\AppData\Roaming\IDM
2017-09-03 20:16 - 2017-09-06 18:29 - 000000000 ____D C:\Users\pc\AppData\Roaming\DMCache
2017-09-03 20:16 - 2017-09-03 20:18 - 000000000 ____D C:\Users\pc\AppData\Roaming\IObit
2017-09-03 20:13 - 2017-09-04 22:09 - 000000000 ____D C:\Users\pc\AppData\Local\Google
2017-09-03 20:10 - 2017-09-03 20:10 - 000000000 ____D C:\Users\pc\AppData\Roaming\Baidu
2017-09-03 19:48 - 2017-09-03 19:48 - 000000000 ____D C:\Users\pc\AppData\Local\Steam
2017-09-03 19:48 - 2017-09-03 19:48 - 000000000 ____D C:\Users\pc\AppData\Local\CEF
2017-09-03 19:35 - 2017-09-05 18:11 - 000000000 ____D C:\Users\pc\AppData\Local\VirtualStore
2017-09-02 17:20 - 2017-09-06 16:36 - 000000000 ____D C:\ProgramData\WindowsTask
2017-09-02 17:20 - 2017-09-02 17:55 - 000000000 ____D C:\ProgramData\WindowsTask1
2017-09-02 17:18 - 2017-09-02 17:18 - 000000000 ____D C:\Windows\system32\botxmjxa
2017-09-02 07:35 - 2017-09-02 07:35 - 000000000 ____D C:\Program Files\Common Files\AV
2017-09-01 17:46 - 2017-09-01 17:46 - 000000000 ____D C:\Program Files\Mozilla Maintenance Service
2017-08-31 16:12 - 2017-08-31 16:12 - 000000753 _____ C:\Users\pc\Desktop\AMX Mod X Studio.lnk
2017-08-31 16:12 - 2017-08-31 16:12 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Counter-Strike
2017-08-28 08:58 - 2017-08-14 09:49 - 000005331 _____ C:\Users\pc\Desktop\kyk_temp.cfg
2017-08-28 08:58 - 2011-08-12 09:45 - 000253952 ___RH C:\Users\pc\Desktop\KykHack.exe
2017-08-27 17:35 - 2017-08-27 17:35 - 000000975 _____ C:\Users\Public\Desktop\WinRAR.lnk
2017-08-27 17:35 - 2010-01-12 06:24 - 025267189 _____ C:\Windows\Adob-9.EXE
2017-08-27 17:35 - 2008-06-25 20:31 - 029494203 _____ (Igor Pavlov) C:\Windows\NET-Framework3.5.EXE
2017-08-27 17:35 - 2006-08-24 16:15 - 000150808 _____ (Microsoft Corporation) C:\Windows\system32\rgb9rast_2.dll
2017-08-27 09:39 - 2017-08-27 09:39 - 000000000 ____H C:\Windows\MEMORY.DMP
2017-08-23 11:29 - 2017-08-23 11:29 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Counter-Strike Global Offensive
2017-08-18 13:14 - 2017-08-18 13:14 - 000000000 ____D C:\Users\pc\Documents\My Cheat Tables
2017-08-12 11:27 - 2017-08-12 11:27 - 000001545 _____ C:\Users\Public\Desktop\BlueStacks.lnk
2017-08-12 11:27 - 2017-08-12 11:27 - 000001545 _____ C:\ProgramData\Microsoft\Windows\Start Menu\BlueStacks.lnk
2017-08-12 11:24 - 2017-08-12 11:27 - 000000000 ____D C:\ProgramData\BlueStacksSetup
2017-08-12 11:24 - 2017-08-12 11:25 - 000000000 ____D C:\ProgramData\BlueStacks
2017-08-11 21:04 - 2017-08-11 21:04 - 000000000 ____D C:\found.005
==================== Un mois - Modifiés - fichiers et dossiers ========
(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)
2017-09-06 20:46 - 2017-08-01 12:00 - 000000000 _____ C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2017-09-06 20:02 - 2016-07-28 23:24 - 000000000 ____D C:\ProgramData\Kaspersky Lab
2017-09-06 19:29 - 2009-07-14 06:34 - 000031088 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2017-09-06 19:29 - 2009-07-14 06:34 - 000031088 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2017-09-06 19:21 - 2015-09-03 03:00 - 000000000 ____D C:\ProgramData\ProductData
2017-09-06 19:20 - 2009-07-14 06:53 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2017-09-06 19:18 - 2009-07-14 04:04 - 000000215 _____ C:\Windows\system.ini
2017-09-06 18:06 - 2017-08-02 20:12 - 000000000 ____D C:\Users\pc\AppData\Roaming\ZHP
2017-09-06 16:38 - 2009-07-14 06:34 - 000000000 ____D C:\Windows\Setup
2017-09-06 16:11 - 2017-08-01 11:54 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2017-09-06 15:56 - 2016-08-01 01:53 - 000000000 ____D C:\Program Files\Steam
2017-09-06 15:18 - 2015-09-12 08:57 - 000000000 ____D C:\Users\pc\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Counter-Strike
2017-09-05 19:00 - 2015-07-26 22:40 - 000000000 ____D C:\Program Files\WinRAR
2017-09-05 18:42 - 2009-07-14 04:37 - 000000000 ____D C:\Windows\inf
2017-09-05 18:07 - 2015-09-02 20:49 - 000000000 ____D C:\Program Files\epson
2017-09-05 12:38 - 2009-07-14 04:37 - 000000000 ____D C:\Program Files\Common Files\microsoft shared
2017-09-03 20:26 - 2015-09-15 17:10 - 000000000 ____D C:\Program Files\SMADAV
2017-09-03 20:08 - 2015-09-23 22:45 - 000000000 ____D C:\Users\pc\Documents\Camtasia Studio
2017-09-02 21:10 - 2015-09-03 03:13 - 000000000 ____D C:\Program Files\IObit
2017-09-02 18:09 - 2015-11-08 18:09 - 000000000 ____D C:\Program Files\Adobe
2017-09-02 17:55 - 2015-09-15 17:10 - 000000000 ____D C:\[Smad-Cage]
2017-09-02 17:20 - 2017-07-26 19:12 - 000002319 _____ C:\Users\pc\Desktop\Personne 1 - Chrome.lnk
2017-09-02 15:44 - 2015-08-11 19:42 - 000000000 ____D C:\Program Files\7-Zip
2017-09-02 08:22 - 2016-12-21 11:18 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MyRealGames.com
2017-09-01 17:43 - 2015-07-26 22:58 - 000000000 ____D C:\Program Files\Common Files\Adobe
2017-08-31 13:13 - 2017-07-01 19:22 - 000002139 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2017-08-31 13:07 - 2015-11-08 18:09 - 000002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2017-08-31 12:49 - 2017-07-11 17:38 - 003836496 _____ C:\Windows\system32\FNTCACHE.DAT
2017-08-29 14:54 - 2015-07-26 23:06 - 000000000 ____D C:\Users\pc\AppData\Roaming\vlc
2017-08-28 09:13 - 2015-07-26 21:21 - 000000000 ____D C:\Users\pc
2017-08-28 09:01 - 2016-03-17 10:17 - 000000000 ____D C:\Users\pc\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Half-Life
2017-08-27 17:35 - 2015-09-21 18:31 - 000000000 ____D C:\Program Files\Adobe Flash Player 10
2017-08-27 17:35 - 2015-07-26 22:54 - 000000981 _____ C:\ProgramData\Microsoft\Windows\Start Menu\WinRAR.lnk
2017-08-27 16:19 - 2017-07-09 22:57 - 000032496 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2017-08-22 19:14 - 2016-07-03 14:43 - 000000000 ____D C:\Users\pc\Desktop\Nouveau dossier
2017-08-18 10:57 - 2016-07-29 22:44 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2017-08-18 10:56 - 2015-08-23 22:21 - 000000000 ____D C:\Program Files\Google
2017-08-18 10:50 - 2016-01-22 21:04 - 000000000 ___RD C:\Users\pc\Documents\Scanned Documents
2017-08-11 21:16 - 2015-08-30 19:47 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office
==================== Fichiers à la racine de certains dossiers =======
2015-07-26 23:51 - 2015-07-26 23:51 - 000000000 ____H () C:\ProgramData\DP45977C.lfl
2016-03-02 11:11 - 2016-03-02 11:11 - 000002045 ____H () C:\ProgramData\whlb32g.dll
2015-09-03 22:23 - 2015-09-03 22:23 - 000000102 _____ () C:\ProgramData\{262E20B8-6E20-4CEF-B1FD-D022AB1085F5}.dat
Fichiers à déplacer ou supprimer:
====================
C:\ProgramData\whlb32g.dll
C:\ProgramData\{262E20B8-6E20-4CEF-B1FD-D022AB1085F5}.dat
Certains fichiers dans TEMP:
====================
2017-09-06 20:41 - 2017-09-06 20:41 - 000000000 _____ () C:\Users\pc\AppData\Local\Temp\FRST.exe
Certains de taille zéro octet fichiers/dossiers:
==========================
C:\Windows\System32\Drivers\MBAMSwissArmy.sys
==================== Bamital & volsnap ======================
(Il n'y a pas de correction automatique pour les fichiers qui ne satisfont pas à la vérification.)
C:\Windows\explorer.exe => Le fichier est signé numériquement
C:\Windows\system32\winlogon.exe => Le fichier est signé numériquement
C:\Windows\system32\wininit.exe => Le fichier est signé numériquement
C:\Windows\system32\svchost.exe => Le fichier est signé numériquement
C:\Windows\system32\services.exe => Le fichier est signé numériquement
C:\Windows\system32\User32.dll => Le fichier est signé numériquement
C:\Windows\system32\userinit.exe => Le fichier est signé numériquement
C:\Windows\system32\rpcss.dll => Le fichier est signé numériquement
C:\Windows\system32\dnsapi.dll => Le fichier est signé numériquement
C:\Windows\system32\Drivers\volsnap.sys => Le fichier est signé numériquement
LastRegBack: 2017-08-16 06:31
==================== Fin de FRST.txt ============================
Exécuté par pc (administrateur) sur AHMED (06-09-2017 20:47:24)
Exécuté depuis C:\Users\pc\Desktop
Profils chargés: pc (Profils disponibles: pc)
Platform: Microsoft Windows 7 Professionnel Service Pack 1 (X86) Langue: Français (France)
Internet Explorer Version 11 (Navigateur par défaut: Chrome)
Mode d'amorçage: Normal
Tutoriel pour Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processus (Avec liste blanche) =================
(Si un élément est inclus dans le fichier fixlist.txt, le processus sera arrêté. Le fichier ne sera pas déplacé.)
(IObit) C:\Program Files\IObit\IObit Malware Fighter\IMFsrv.exe
(Arcai.com) C:\Program Files\netcut\services\aips.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe
(IObit) C:\Program Files\IObit\Smart Defrag\SmartDefrag.exe
(Smadsoft) C:\Program Files\SMADAV\SMΔRTP.exe
(Kaspersky Lab ZAO) C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 15.0.2\avp.exe
(AOMEI Tech Co., Ltd.) C:\Program Files\AOMEI Backupper Standard Edition 2.0.2\ABService.exe
(Baidu.com, Inc.) C:\Program Files\baidu\Baidu Browser43.23.1000.500.1\sparkupdate.exe
(VMware, Inc.) C:\Program Files\VMware\VMware Horizon View Client\ClientService\horizon_client_service.exe
(Cucusoft, Inc.) C:\Program Files\Cucusoft\AutoUpdate\AutoUpdateSrvc.exe
(Cucusoft, Inc.) C:\Program Files\Cucusoft\NetGuard\BandwidthGuardSrvc.sys
(Cucusoft, Inc.) C:\Program Files\Cucusoft\NetGuard\SysMsgProxySrvc.sys
() C:\Program Files\Ericom Software\Ericom Access Server\AccessServer32.exe
() C:\Program Files\Ericom Software\Ericom Access Server\LicenseServer.exe
() C:\Program Files\Common Files\VMware\DeviceRedirectionCommon\ftnlsv.exe
(ClanServers Hosting LLC) C:\Program Files\GameTracker\GSInGameService.exe
(Malwarebytes) E:\Program Files\Malwarebytes Anti-Malware\mbamscheduler.exe
() C:\Program Files\Ericom Software\Ericom Access Server\PtLoadBalancerAgent.exe
() C:\Program Files\Razer\Razer Services\GSS\GameScannerService.exe
(Google Inc.) C:\Program Files\Google\Update\1.3.33.5\GoogleCrashHandler.exe
(Baidu Inc.) C:\Program Files\baidu\Baidu Browser43.23.1000.500.1\sparkservice.exe
() C:\Program Files\Ericom Software\Ericom Access Server\TsRemoteBrowser.exe
(VMware, Inc.) C:\Program Files\Common Files\VMware\USB\vmware-usbarbitrator.exe
(CyberGhost S.R.L) C:\Program Files\CyberGhost 6\CyberGhost.Service.exe
(VMware, Inc.) C:\Program Files\VMware\VMware Horizon View Client\vmware-view-usbd.exe
(© 2015 Microsoft Corporation) C:\Users\pc\AppData\Local\Microsoft\BingSvc\BingSvc.exe
() C:\Program Files\VMware\ScannerRedirection\ftscanmgrhv.exe
(VMware) C:\Program Files\Common Files\VMware\SerialPortRedirection\Client\vmwsprrdpwks.exe
(Malwarebytes) E:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe
(Kaspersky Lab ZAO) C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 15.0.2\wmi32.exe
==================== Registre (Avec liste blanche) ====================
(Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé. Le fichier ne sera pas déplacé.)
HKLM\...\Run: [IObit Malware Fighter] => C:\Program Files\IObit\IObit Malware Fighter\IMF.exe [5890848 2016-04-26] (IObit)
HKLM\...\Run: [SMΔRT-Protection] => C:\Program Files\Smadav\SMΔRTP.exe [1879152 2017-07-31] (Smadsoft)
HKU\S-1-5-21-478400719-566235881-3305381028-1000\...\Run: [IDMan] => C:\Program Files\Internet Download Manager\IDMan.exe [3907152 2015-08-29] (Tonec Inc.)
HKU\S-1-5-21-478400719-566235881-3305381028-1000\...\Run: [CyberGhost] => "C:\Program Files\CyberGhost 6\CyberGhost.exe" /autostart /min
HKU\S-1-5-21-478400719-566235881-3305381028-1000\...\Run: [CCleaner Monitoring] => "C:\Program Files\CCleaner\CCleaner.exe" /MONITOR
HKU\S-1-5-21-478400719-566235881-3305381028-1000\...\Run: [BingSvc] => C:\Users\pc\AppData\Local\Microsoft\BingSvc\BingSvc.exe [144008 2017-02-08] (© 2015 Microsoft Corporation)
HKU\S-1-5-21-478400719-566235881-3305381028-1000\...\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] => "C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe"
HKU\S-1-5-21-478400719-566235881-3305381028-1000\...\Policies\Explorer: [NolowDiskSpaceChecks] 1
HKU\S-1-5-21-478400719-566235881-3305381028-1000\...\Policies\Explorer: [DisallowRun] 1
HKU\S-1-5-21-478400719-566235881-3305381028-1000\...\Policies\Explorer\DisallowRun: [1] Mshta.exe
HKU\S-1-5-21-478400719-566235881-3305381028-1000\...\Policies\Explorer\DisallowRun: [2] powershell.exe
HKU\S-1-5-21-478400719-566235881-3305381028-1000\...\Policies\Explorer\DisallowRun: [3] bitsadmin.exe
HKU\S-1-5-18\...\Run: [Dashlane] => "C:\Users\pc\AppData\Roaming\Dashlane\Dashlane.exe" autoLaunchAtStartup
Startup: C:\Users\pc\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Facebook Gameroom.lnk [2017-08-03]
ShortcutTarget: Facebook Gameroom.lnk -> C:\Users\pc\AppData\Local\Facebook\Games\FacebookGameroom.exe (Pas de fichier)
BootExecute: autocheck autochk * SmartDefragBootTime.exe
==================== Internet (Avec liste blanche) ====================
(Si un élément est inclus dans le fichier fixlist.txt, s'il s'agit d'un élément du Registre, il sera supprimé ou restauré à la valeur par défaut.)
Winsock: Catalog9 01 C:\Windows\system32\LavasoftTcpService.dll [345360 2015-09-25] (Lavasoft Limited)
Winsock: Catalog9 02 C:\Windows\system32\LavasoftTcpService.dll [345360 2015-09-25] (Lavasoft Limited)
Winsock: Catalog9 03 C:\Windows\system32\LavasoftTcpService.dll [345360 2015-09-25] (Lavasoft Limited)
Winsock: Catalog9 04 C:\Windows\system32\LavasoftTcpService.dll [345360 2015-09-25] (Lavasoft Limited)
Winsock: Catalog9 15 C:\Windows\system32\LavasoftTcpService.dll [345360 2015-09-25] (Lavasoft Limited)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1 0.0.0.0
Tcpip\..\Interfaces\{BCE84D87-7989-43C0-AF0E-9AB2E72C440A}: [NameServer] 8.8.8.8,8.8.4.4
Tcpip\..\Interfaces\{BCE84D87-7989-43C0-AF0E-9AB2E72C440A}: [DhcpNameServer] 192.168.1.1 0.0.0.0
Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/?LinkID=617910&ResetID=131071654300771484&GUID=00000000-0000-0000-0000-000000000000
HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
HKU\S-1-5-21-478400719-566235881-3305381028-1000\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1
BHO: ExplorerWnd Helper -> {10921475-03CE-4E04-90CE-E2E7EF20C814} -> C:\Program Files\IObit\IObit Uninstaller\UninstallExplorer.dll [2015-11-12] (IObit)
BHO: Dashlane BHO -> {42D79B50-CC4A-4A8E-860F-BE674AF053A2} -> C:\Users\pc\AppData\Roaming\Dashlane\ie\Dashlanei.dll => Pas de fichier
BHO: Pas de nom -> {4A66AD60-A03D-4D01-86F0-5F0F7C0EF1AD} -> Pas de fichier
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_121\bin\ssv.dll => Pas de fichier
BHO: Pas de nom -> {93BC2EA7-2F17-4729-948A-D2E03FFB2412} -> Pas de fichier
BHO: Pas de nom -> {AB379017-4C03-4E00-8EDF-E6D6AF7CCF82} -> Pas de fichier
BHO: Pas de nom -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> Pas de fichier
BHO: IObit Surfing Protection -> {BA0C978D-D909-49B6-AFE2-8BDE245DC7E6} -> C:\PROGRA~1\IObit\ADVANC~1\SURFIN~1\BROWER~1\ASCPLU~1.DLL => Pas de fichier
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_121\bin\jp2ssv.dll => Pas de fichier
BHO: IObit Ads Removal -> {FFCB3198-32F3-4E8B-9539-4324694ED664} -> C:\Program Files\IObit\Advanced SystemCare\Surfing Protection\Adblock\Adblock.dll => Pas de fichier
Toolbar: HKLM - Dashlane Toolbar - {669695BC-A811-4A9D-8CDF-BA8C795F261C} - C:\Users\pc\AppData\Roaming\Dashlane\ie\KWIEBar.dll Pas de fichier
Handler: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - Pas de fichier
Handler: ms-help - {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll Pas de fichier
Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - Pas de fichier
Filter: text/xml - {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL Pas de fichier
FireFox:
========
FF HKLM\...\Firefox\Extensions: [content_blocker_663BE8@kaspersky.com] - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 15.0.2\FFExt\content_blocker@kaspersky.com
FF Extension: (Dangerous Websites Blocker) - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 15.0.2\FFExt\content_blocker@kaspersky.com [2016-12-09]
FF HKLM\...\Firefox\Extensions: [virtual_keyboard_074028@kaspersky.com] - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 15.0.2\FFExt\virtual_keyboard@kaspersky.com
FF Extension: (Virtual Keyboard) - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 15.0.2\FFExt\virtual_keyboard@kaspersky.com [2016-12-09]
FF HKLM\...\Firefox\Extensions: [online_banking_08806E@kaspersky.com] - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 15.0.2\FFExt\online_banking@kaspersky.com
FF Extension: (Safe Money) - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 15.0.2\FFExt\online_banking@kaspersky.com [2016-12-09]
FF HKLM\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files\McAfee\SiteAdvisor\saffplg.xpi => non trouvé(e)
FF HKU\S-1-5-21-478400719-566235881-3305381028-1000\...\Firefox\Extensions: [mozilla_cc2@internetdownloadmanager.com] - C:\Program Files\Internet Download Manager\idmmzcc2.xpi => non trouvé(e)
FF HKU\S-1-5-21-478400719-566235881-3305381028-1000\...\SeaMonkey\Extensions: [mozilla_cc2@internetdownloadmanager.com] - C:\Program Files\Internet Download Manager\idmmzcc2.xpi => non trouvé(e)
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32.dll [2009-02-03] ()
FF Plugin: @java.com/DTPlugin,version=11.121.2 -> C:\Program Files\Java\jre1.8.0_121\bin\dtplugin\npDeployJava1.dll [Pas de fichier]
FF Plugin: @java.com/JavaPlugin,version=11.121.2 -> C:\Program Files\Java\jre1.8.0_121\bin\plugin2\npjp2.dll [Pas de fichier]
FF Plugin: @kaspersky.com/content_blocker_663BE8 -> C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 15.0.2\FFExt\content_blocker@kaspersky.com [2016-12-09] ()
FF Plugin: @kaspersky.com/online_banking_08806E -> C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 15.0.2\FFExt\online_banking@kaspersky.com [2016-12-09] ()
FF Plugin: @kaspersky.com/virtual_keyboard_074028 -> C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 15.0.2\FFExt\virtual_keyboard@kaspersky.com [2016-12-09] ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-13] ( Microsoft Corporation)
FF Plugin: @microsoft.com/WPF,version=3.5 -> C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll [2007-11-07] (Microsoft Corporation)
FF Plugin: @t.garena.com/garenatalk -> C:\Program Files\Garena Plus\bbtalk\plugins\npPlugin\npGarenaTalkPlugin.dll [Pas de fichier]
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-07-01] (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-07-01] (Google Inc.)
FF Plugin: @videolan.org/vlc,version=2.1.5 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.2.4 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2017-08-10] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-478400719-566235881-3305381028-1000: @tools.google.com/Google Update;version=3 -> C:\Users\pc\AppData\Local\Google\Update\1.3.33.5\npGoogleUpdate3.dll [Pas de fichier]
FF Plugin HKU\S-1-5-21-478400719-566235881-3305381028-1000: @tools.google.com/Google Update;version=9 -> C:\Users\pc\AppData\Local\Google\Update\1.3.33.5\npGoogleUpdate3.dll [Pas de fichier]
FF Plugin HKU\S-1-5-21-478400719-566235881-3305381028-1000: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\pc\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [Pas de fichier]
Chrome:
=======
CHR HomePage: Default -> msn.com
CHR DefaultSearchURL: Default -> hxxp://www.bing.com/search?FORM=__PARAM__DF&PC=__PARAM__&q={searchTerms}
CHR DefaultSearchKeyword: Default -> bing.com
CHR DefaultSuggestURL: Default -> hxxp://www.bing.com/osjson.aspx?FORM=__PARAM__DF&PC=__PARAM__&query={searchTerms}
CHR Profile: C:\Users\pc\AppData\Local\Google\Chrome\User Data\Default [2017-09-06]
CHR Extension: (Kaspersky Protection) - C:\Users\pc\AppData\Local\Google\Chrome\User Data\Default\Extensions\dbhjdbfgekjfcfkkfjjmlmojhbllhbho [2017-09-06]
CHR Extension: (Bing) - C:\Users\pc\AppData\Local\Google\Chrome\User Data\Default\Extensions\fcfenmboojpjinhpgggodefccipikbpd [2017-09-06]
CHR Extension: (Paiements via le Chrome Web Store) - C:\Users\pc\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-09-05]
CHR Extension: (Chrome Media Router) - C:\Users\pc\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-09-05]
CHR HKLM\...\Chrome\Extension: [dbhjdbfgekjfcfkkfjjmlmojhbllhbho] - hxxps://chrome.google.com/webstore/detail/dbhjdbfgekjfcfkkfjjmlmojhbllhbho
CHR HKLM\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] - hxxp://clients2.google.com/service/update2/crx
CHR HKLM\...\Chrome\Extension: [icanjjkadceebmhanpekkofdhclnoijl] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - hxxps://clients2.google.com/service/update2/crx
CHR HKU\S-1-5-21-478400719-566235881-3305381028-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [dhdgffkkebhmkfjojejmpbldmpobfkfo] - hxxp://clients2.google.com/service/update2/crx
CHR HKU\S-1-5-21-478400719-566235881-3305381028-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [fcfenmboojpjinhpgggodefccipikbpd] - hxxps://clients2.google.com/service/update2/crx
StartMenuInternet: Google Chrome.TPXLRXPKHYVMUSNFTQ6X22GTI4 - C:\Users\pc\AppData\Local\Google\Chrome\Application\chrome.exe
Opera:
=======
OPR Extension: (SaveFrom.net Helper) - C:\Users\pc\AppData\Roaming\Opera Software\Opera Stable\Extensions\npdpplbicnmpoigidfdjadamgfkilaak [2017-07-27]
StartMenuInternet: (HKLM) Operadeveloper - C:\Program Files\Opera developer\Launcher.exe
==================== Services (Avec liste blanche) ====================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
"botxmjxa" => service a été déverrouillé. <==== ATTENTION
R2 AIPS; C:\Program Files\netcut\services\AIPS.exe [262144 2011-07-28] (Arcai.com) [Fichier non signé]
R2 AVP15.0.2; C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 15.0.2\avp.exe [194000 2015-06-29] (Kaspersky Lab ZAO)
R2 Backupper Service; C:\Program Files\AOMEI Backupper Standard Edition 2.0.2\ABService.exe [29912 2014-08-21] (AOMEI Tech Co., Ltd.) [Fichier non signé]
S2 botxmjxa; C:\Windows\system32\botxmjxa\tlodfdvh.exe [0 ] () <==== ATTENTION (zéro octet Fichier/Dossier)
R2 CG6Service; C:\Program Files\CyberGhost 6\CyberGhost.Service.exe [77872 2017-03-08] (CyberGhost S.R.L)
R2 client_service; C:\Program Files\VMware\VMware Horizon View Client\ClientService\horizon_client_service.exe [490568 2016-09-02] (VMware, Inc.)
R2 CS_AutoUpdate; C:\Program Files\Cucusoft\AutoUpdate\AutoUpdateSrvc.exe [44696 2012-07-17] (Cucusoft, Inc.)
R2 CS_BandwidthGuard; C:\Program Files\Cucusoft\NetGuard\BandwidthGuardSrvc.sys [223392 2013-06-21] (Cucusoft, Inc.)
R2 CS_SysMsgProxy; C:\Program Files\Cucusoft\NetGuard\SysMsgProxySrvc.sys [255136 2013-06-21] (Cucusoft, Inc.)
R2 Ericom Access Server; C:\Program Files\Ericom Software\Ericom Access Server\AccessServer32.exe [3946952 2016-11-09] ()
R2 Ericom Licensing Server; C:\Program Files\Ericom Software\Ericom Access Server\LicenseServer.exe [3253192 2016-11-09] ()
R2 ftnlsv3hv; C:\Program Files\Common Files\VMware\DeviceRedirectionCommon\ftnlsv.exe [188832 2016-07-27] ()
R2 ftscanmgrhv; C:\Program Files\VMware\ScannerRedirection\ftscanmgrhv.exe [6313376 2016-08-04] ()
R2 GS In-Game Service; C:\Program Files\GameTracker\GSInGameService.exe [1677080 2013-12-19] (ClanServers Hosting LLC)
R2 IMFservice; C:\Program Files\IObit\IObit Malware Fighter\IMFsrv.exe [1580320 2016-04-22] (IObit)
S4 InterBaseGuardian; C:\Program Files\Borland\InterBase\bin\ibguard.exe [32796 2005-11-14] (Borland Software Corporation) [Fichier non signé]
S3 InterBaseServer; C:\Program Files\Borland\InterBase\bin\ibserver.exe [1921024 2004-08-11] (Borland Software Corporation) [Fichier non signé]
S2 LiveUpdateSvc; C:\Program Files\IObit\LiveUpdate\LiveUpdate.exe [2960672 2016-04-21] (IObit)
R2 MBAMScheduler; E:\Program Files\Malwarebytes Anti-Malware\mbamscheduler.exe [1514464 2016-03-10] (Malwarebytes)
S2 MBAMService; E:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe [1136608 2016-03-10] (Malwarebytes)
R2 PtLoadBalancerAgent; C:\Program Files\Ericom Software\Ericom Access Server\PtLoadBalancerAgent.exe [733504 2016-11-09] ()
R2 Razer Game Scanner Service; C:\Program Files\Razer\Razer Services\GSS\GameScannerService.exe [187824 2016-07-20] ()
S3 RzKLService; C:\Program Files\Razer\Razer Cortex\RzKLService.exe [133376 2016-07-22] (Razer Inc.)
R2 SparkSvc; C:\Program Files\baidu\Baidu Browser43.23.1000.500.1\sparkservice.exe [96784 2017-09-06] (Baidu Inc.)
S3 SparkUpdater; C:\Program Files\Baidu\SparkUpdate\Sparkupdate.exe [1372176 2017-04-21] (Baidu.com, Inc.)
R2 TsRemoteBrowser; C:\Program Files\Ericom Software\Ericom Access Server\TsRemoteBrowser.exe [330608 2016-11-09] ()
R2 VMUSBArbService; C:\Program Files\Common Files\VMware\USB\vmware-usbarbitrator.exe [727112 2016-08-25] (VMware, Inc.)
R2 vmware-view-usbd; C:\Program Files\VMware\VMware Horizon View Client\vmware-view-usbd.exe [1169992 2016-08-25] (VMware, Inc.)
R2 vmwsprrdpwks; C:\Program Files\Common Files\VMware\SerialPortRedirection\Client\vmwsprrdpwks.exe [275872 2016-07-26] (VMware)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [680960 2013-05-27] (Microsoft Corporation)
S3 BstHdLogRotatorSvc; "C:\Program Files\BlueStacks\HD-LogRotatorService.exe" [X]
S3 cfbackd; C:\Program Files\CleverFiles\Disk Drill\cfbackd.w32.exe [X]
S3 FLEXnet Licensing Service; "C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe" [X]
S3 odserv; "C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE" [X]
S3 ose; "C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE" [X]
S2 PlaysService; "C:\Program Files\Raptr Inc\PlaysTV\plays_service.exe" [X]
S3 rpcapd; "%ProgramFiles%\WinPcap\rpcapd.exe" -d -f "%ProgramFiles%\WinPcap\rpcapd.ini" [X]
S3 SkypeUpdate; "C:\Program Files\Skype\Updater\Updater.exe" [X]
S3 Steam Client Service; "C:\Program Files\Common Files\Steam\SteamService.exe" /RunAsService [X]
S3 SwitchBoard; "C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe" [X]
===================== Pilotes (Avec liste blanche) ======================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
R0 ambakdrv; C:\Windows\System32\ambakdrv.sys [26424 2014-08-19] () [Fichier non signé]
R2 ammntdrv; C:\Windows\system32\ammntdrv.sys [129720 2014-08-19] () [Fichier non signé]
R2 amwrtdrv; C:\Windows\system32\amwrtdrv.sys [14392 2014-08-19] () [Fichier non signé]
R0 cm_km_w; C:\Windows\System32\DRIVERS\cm_km_w.sys [197864 2015-06-29] (Kaspersky Lab UK Ltd)
S3 dg_ssudbus; C:\Windows\System32\DRIVERS\ssudbus.sys [109184 2016-09-05] (Samsung Electronics Co., Ltd.)
S3 dtlitescsibus; C:\Windows\System32\DRIVERS\dtlitescsibus.sys [26168 2016-02-25] (Disc Soft Ltd)
S3 dtliteusbbus; C:\Windows\System32\DRIVERS\dtliteusbbus.sys [40504 2016-02-25] (Disc Soft Ltd)
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [242240 2016-05-09] (DT Soft Ltd)
R1 ehdrv; C:\Windows\System32\DRIVERS\ehdrv.sys [139384 2017-05-04] (ESET)
R1 EpfwLWF; C:\Windows\System32\DRIVERS\EpfwLWF.sys [52680 2017-05-04] (ESET)
R2 hcmon; C:\Windows\system32\drivers\hcmon.sys [58824 2016-08-25] (VMware, Inc.)
R1 HWiNFO32; C:\Windows\system32\drivers\HWiNFO32.SYS [23840 2017-07-01] (REALiX(tm))
S4 IMFFilter; C:\Program Files\IObit\IObit Malware Fighter\Drivers\win7_x86\IMFFilter.sys [21184 2016-03-31] (IObit)
R1 ISODrive; C:\Program Files\UltraISO\drivers\ISODrive.sys [82320 2010-01-29] (EZB Systems, Inc.)
R0 kl1; C:\Windows\System32\DRIVERS\kl1.sys [155304 2016-12-09] (Kaspersky Lab ZAO)
R2 kldisk; C:\Windows\System32\DRIVERS\kldisk.sys [54640 2016-12-09] (Kaspersky Lab ZAO)
R3 klflt; C:\Windows\System32\DRIVERS\klflt.sys [128728 2015-06-29] (Kaspersky Lab ZAO)
R1 klhk; C:\Windows\System32\DRIVERS\klhk.sys [53168 2016-12-09] (AO Kaspersky Lab)
R1 KLIF; C:\Windows\System32\DRIVERS\klif.sys [704432 2016-12-09] (Kaspersky Lab ZAO)
R1 KLIM6; C:\Windows\System32\DRIVERS\klim6.sys [44120 2016-12-09] (AO Kaspersky Lab)
R3 klkbdflt; C:\Windows\System32\DRIVERS\klkbdflt.sys [44920 2016-12-09] (Kaspersky Lab ZAO)
R3 klmouflt; C:\Windows\System32\DRIVERS\klmouflt.sys [44408 2016-12-09] (Kaspersky Lab ZAO)
R1 klpd; C:\Windows\System32\DRIVERS\klpd.sys [23920 2015-06-29] (Kaspersky Lab ZAO)
R1 kltdi; C:\Windows\System32\DRIVERS\kltdi.sys [54328 2015-06-29] (Kaspersky Lab ZAO)
R1 Klwtp; C:\Windows\System32\DRIVERS\klwtp.sys [76472 2016-12-09] (Kaspersky Lab ZAO)
R1 kneps; C:\Windows\System32\DRIVERS\kneps.sys [157240 2016-12-09] (Kaspersky Lab ZAO)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [24448 2016-03-10] (Malwarebytes)
S3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [0 2017-09-06] () <==== ATTENTION (zéro octet Fichier/Dossier)
S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [53120 2016-03-10] (Malwarebytes Corporation)
S3 NPF; C:\Windows\System32\drivers\npf.sys [35088 2010-06-25] (CACE Technologies, Inc.)
R3 RegFilter; C:\Program Files\IObit\IObit Malware Fighter\drivers\win7_x86\regfilter.sys [32288 2016-03-31] (IObit.com)
R2 rzpmgrk; C:\Windows\system32\drivers\rzpmgrk.sys [27248 2016-05-07] (Razer, Inc.)
R2 rzpnk; C:\Windows\system32\drivers\rzpnk.sys [69112 2016-06-28] (Razer, Inc.)
R3 Serenum; C:\Windows\System32\DRIVERS\nuvserenum.sys [17920 2014-01-12] (Windows (R) Win 7 DDK provider)
R3 Serial; C:\Windows\System32\DRIVERS\nuvserial.sys [76288 2014-01-12] (Nuvoton Technology Corp.)
R0 SmartDefragDriver; C:\Windows\System32\Drivers\SmartDefragDriver.sys [18800 2016-03-22] (IObit)
R3 tap0901; C:\Windows\System32\DRIVERS\tap0901.sys [23040 2016-04-21] (The OpenVPN Project)
R1 VBoxNetAdp; C:\Windows\System32\DRIVERS\VBoxNetAdp6.sys [104568 2016-07-21] (Oracle Corporation)
R1 VBoxNetLwf; C:\Windows\System32\DRIVERS\VBoxNetLwf.sys [169016 2016-07-21] (Oracle Corporation)
R1 VBoxUSBMon; C:\Windows\System32\DRIVERS\VBoxUSBMon.sys [104096 2015-09-08] (BigNox Corporation)
R2 WCMVCAM; C:\Windows\System32\DRIVERS\wcmvcam.sys [1068216 2012-04-15] (Windows (R) Win 7 DDK provider)
S3 wdm_usb; C:\Windows\System32\DRIVERS\usb2ser.sys [128704 2016-08-16] (MBB)
R1 XQHDrv; C:\Windows\System32\DRIVERS\XQHDrv.sys [203424 2015-09-08] (BigNox Corporation)
==================== NetSvcs (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
==================== Un mois - Créés - fichiers et dossiers ========
(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)
2017-09-06 20:47 - 2017-09-06 20:48 - 000024806 _____ C:\Users\pc\Desktop\FRST.txt
2017-09-06 20:47 - 2017-09-06 20:47 - 000000000 ____D C:\FRST
2017-09-06 20:44 - 2017-09-06 20:41 - 001792512 _____ (Farbar) C:\Users\pc\Desktop\FRST.exe
2017-09-06 19:54 - 2017-09-06 19:54 - 000170200 _____ (Malwarebytes) C:\Windows\system32\Drivers\76226479.sys
2017-09-06 18:34 - 2017-09-06 19:19 - 000000000 ____D C:\ComboFix
2017-09-06 18:33 - 2011-06-26 08:45 - 000256000 _____ C:\Windows\PEV.exe
2017-09-06 18:33 - 2010-11-07 19:20 - 000208896 _____ C:\Windows\MBR.exe
2017-09-06 18:33 - 2009-04-20 06:56 - 000060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
2017-09-06 18:33 - 2000-08-31 02:00 - 000518144 _____ (SteelWerX) C:\Windows\SWREG.exe
2017-09-06 18:33 - 2000-08-31 02:00 - 000406528 _____ (SteelWerX) C:\Windows\SWSC.exe
2017-09-06 18:33 - 2000-08-31 02:00 - 000098816 _____ C:\Windows\sed.exe
2017-09-06 18:33 - 2000-08-31 02:00 - 000080412 _____ C:\Windows\grep.exe
2017-09-06 18:33 - 2000-08-31 02:00 - 000068096 _____ C:\Windows\zip.exe
2017-09-06 18:32 - 2017-09-06 18:43 - 000000000 ____D C:\Qoobox
2017-09-06 18:29 - 2017-09-06 19:19 - 000000000 ____D C:\Windows\erdnt
2017-09-06 18:09 - 2017-09-06 18:09 - 000175782 _____ C:\Users\pc\Desktop\ZHPDiag.txt
2017-09-06 16:54 - 2017-09-06 16:54 - 000001069 _____ C:\Users\pc\Desktop\malware.txt
2017-09-06 16:42 - 2017-09-06 16:42 - 000000000 ____D C:\Users\Public\Documents\Guid
2017-09-06 16:07 - 2017-09-06 16:09 - 000045764 _____ C:\TDSSKiller.3.1.0.15_06.09.2017_16.07.08_log.txt
2017-09-06 16:03 - 2017-09-06 16:04 - 000045730 _____ C:\TDSSKiller.3.1.0.15_06.09.2017_16.03.45_log.txt
2017-09-06 12:26 - 2017-09-06 12:26 - 000000779 _____ C:\Users\pc\Desktop\ZHPDiag.lnk
2017-09-06 12:25 - 2017-09-05 12:09 - 002831744 _____ C:\Users\pc\Desktop\ZHPDiag3.exe
2017-09-06 11:04 - 2017-09-06 11:04 - 000000000 ____D C:\Users\pc\AppData\Roaming\Smadav
2017-09-05 19:31 - 2017-09-05 19:31 - 000000000 _____ C:\pxldrpow.sys
2017-09-05 18:19 - 2017-09-05 18:19 - 000000000 ____D C:\Users\pc\AppData\Local\Adobe
2017-09-05 18:05 - 2017-09-05 18:05 - 000002263 _____ C:\Users\Public\Desktop\CX4300_5500_DX4400 manual.lnk
2017-09-05 12:49 - 2017-09-05 18:14 - 000000000 ____D C:\Program Files\Common Files\IObit
2017-09-05 12:07 - 2017-09-06 11:56 - 000000000 ____D C:\Users\pc\AppData\Local\ZHP
2017-09-05 11:39 - 2017-09-06 11:05 - 000001308 _____ C:\ CommLog.csv
2017-09-05 11:39 - 2017-09-05 11:39 - 000000000 _____ C:\ CommLog.bck-001.csv
2017-09-04 13:38 - 2017-09-06 19:18 - 000238750 _____ C:\Windows\ntbtlog.txt
2017-09-04 10:45 - 2017-09-06 11:28 - 000000000 ____D C:\Users\pc\AppData\Local\CrashDumps
2017-09-03 22:11 - 2017-09-05 17:26 - 000000123 _____ C:\Windows\system32\PedLog9.txt
2017-09-03 20:20 - 2017-09-03 20:20 - 000000000 ____D C:\Users\pc\AppData\Roaming\Adobe
2017-09-03 20:19 - 2017-09-05 18:16 - 000121128 _____ C:\Users\pc\AppData\Local\GDIPFONTCACHEV1.DAT
2017-09-03 20:19 - 2017-09-03 20:19 - 000000000 ____D C:\Users\pc\AppData\LocalLow\IObit
2017-09-03 20:18 - 2017-09-03 20:18 - 000000000 ____D C:\Users\Public\Documents\PC Faster
2017-09-03 20:18 - 2017-09-03 20:18 - 000000000 ____D C:\Users\Public\Documents\Baidu
2017-09-03 20:18 - 2017-09-03 20:18 - 000000000 ____D C:\Users\pc\AppData\Roaming\IDM
2017-09-03 20:16 - 2017-09-06 18:29 - 000000000 ____D C:\Users\pc\AppData\Roaming\DMCache
2017-09-03 20:16 - 2017-09-03 20:18 - 000000000 ____D C:\Users\pc\AppData\Roaming\IObit
2017-09-03 20:13 - 2017-09-04 22:09 - 000000000 ____D C:\Users\pc\AppData\Local\Google
2017-09-03 20:10 - 2017-09-03 20:10 - 000000000 ____D C:\Users\pc\AppData\Roaming\Baidu
2017-09-03 19:48 - 2017-09-03 19:48 - 000000000 ____D C:\Users\pc\AppData\Local\Steam
2017-09-03 19:48 - 2017-09-03 19:48 - 000000000 ____D C:\Users\pc\AppData\Local\CEF
2017-09-03 19:35 - 2017-09-05 18:11 - 000000000 ____D C:\Users\pc\AppData\Local\VirtualStore
2017-09-02 17:20 - 2017-09-06 16:36 - 000000000 ____D C:\ProgramData\WindowsTask
2017-09-02 17:20 - 2017-09-02 17:55 - 000000000 ____D C:\ProgramData\WindowsTask1
2017-09-02 17:18 - 2017-09-02 17:18 - 000000000 ____D C:\Windows\system32\botxmjxa
2017-09-02 07:35 - 2017-09-02 07:35 - 000000000 ____D C:\Program Files\Common Files\AV
2017-09-01 17:46 - 2017-09-01 17:46 - 000000000 ____D C:\Program Files\Mozilla Maintenance Service
2017-08-31 16:12 - 2017-08-31 16:12 - 000000753 _____ C:\Users\pc\Desktop\AMX Mod X Studio.lnk
2017-08-31 16:12 - 2017-08-31 16:12 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Counter-Strike
2017-08-28 08:58 - 2017-08-14 09:49 - 000005331 _____ C:\Users\pc\Desktop\kyk_temp.cfg
2017-08-28 08:58 - 2011-08-12 09:45 - 000253952 ___RH C:\Users\pc\Desktop\KykHack.exe
2017-08-27 17:35 - 2017-08-27 17:35 - 000000975 _____ C:\Users\Public\Desktop\WinRAR.lnk
2017-08-27 17:35 - 2010-01-12 06:24 - 025267189 _____ C:\Windows\Adob-9.EXE
2017-08-27 17:35 - 2008-06-25 20:31 - 029494203 _____ (Igor Pavlov) C:\Windows\NET-Framework3.5.EXE
2017-08-27 17:35 - 2006-08-24 16:15 - 000150808 _____ (Microsoft Corporation) C:\Windows\system32\rgb9rast_2.dll
2017-08-27 09:39 - 2017-08-27 09:39 - 000000000 ____H C:\Windows\MEMORY.DMP
2017-08-23 11:29 - 2017-08-23 11:29 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Counter-Strike Global Offensive
2017-08-18 13:14 - 2017-08-18 13:14 - 000000000 ____D C:\Users\pc\Documents\My Cheat Tables
2017-08-12 11:27 - 2017-08-12 11:27 - 000001545 _____ C:\Users\Public\Desktop\BlueStacks.lnk
2017-08-12 11:27 - 2017-08-12 11:27 - 000001545 _____ C:\ProgramData\Microsoft\Windows\Start Menu\BlueStacks.lnk
2017-08-12 11:24 - 2017-08-12 11:27 - 000000000 ____D C:\ProgramData\BlueStacksSetup
2017-08-12 11:24 - 2017-08-12 11:25 - 000000000 ____D C:\ProgramData\BlueStacks
2017-08-11 21:04 - 2017-08-11 21:04 - 000000000 ____D C:\found.005
==================== Un mois - Modifiés - fichiers et dossiers ========
(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)
2017-09-06 20:46 - 2017-08-01 12:00 - 000000000 _____ C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2017-09-06 20:02 - 2016-07-28 23:24 - 000000000 ____D C:\ProgramData\Kaspersky Lab
2017-09-06 19:29 - 2009-07-14 06:34 - 000031088 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2017-09-06 19:29 - 2009-07-14 06:34 - 000031088 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2017-09-06 19:21 - 2015-09-03 03:00 - 000000000 ____D C:\ProgramData\ProductData
2017-09-06 19:20 - 2009-07-14 06:53 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2017-09-06 19:18 - 2009-07-14 04:04 - 000000215 _____ C:\Windows\system.ini
2017-09-06 18:06 - 2017-08-02 20:12 - 000000000 ____D C:\Users\pc\AppData\Roaming\ZHP
2017-09-06 16:38 - 2009-07-14 06:34 - 000000000 ____D C:\Windows\Setup
2017-09-06 16:11 - 2017-08-01 11:54 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2017-09-06 15:56 - 2016-08-01 01:53 - 000000000 ____D C:\Program Files\Steam
2017-09-06 15:18 - 2015-09-12 08:57 - 000000000 ____D C:\Users\pc\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Counter-Strike
2017-09-05 19:00 - 2015-07-26 22:40 - 000000000 ____D C:\Program Files\WinRAR
2017-09-05 18:42 - 2009-07-14 04:37 - 000000000 ____D C:\Windows\inf
2017-09-05 18:07 - 2015-09-02 20:49 - 000000000 ____D C:\Program Files\epson
2017-09-05 12:38 - 2009-07-14 04:37 - 000000000 ____D C:\Program Files\Common Files\microsoft shared
2017-09-03 20:26 - 2015-09-15 17:10 - 000000000 ____D C:\Program Files\SMADAV
2017-09-03 20:08 - 2015-09-23 22:45 - 000000000 ____D C:\Users\pc\Documents\Camtasia Studio
2017-09-02 21:10 - 2015-09-03 03:13 - 000000000 ____D C:\Program Files\IObit
2017-09-02 18:09 - 2015-11-08 18:09 - 000000000 ____D C:\Program Files\Adobe
2017-09-02 17:55 - 2015-09-15 17:10 - 000000000 ____D C:\[Smad-Cage]
2017-09-02 17:20 - 2017-07-26 19:12 - 000002319 _____ C:\Users\pc\Desktop\Personne 1 - Chrome.lnk
2017-09-02 15:44 - 2015-08-11 19:42 - 000000000 ____D C:\Program Files\7-Zip
2017-09-02 08:22 - 2016-12-21 11:18 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MyRealGames.com
2017-09-01 17:43 - 2015-07-26 22:58 - 000000000 ____D C:\Program Files\Common Files\Adobe
2017-08-31 13:13 - 2017-07-01 19:22 - 000002139 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2017-08-31 13:07 - 2015-11-08 18:09 - 000002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2017-08-31 12:49 - 2017-07-11 17:38 - 003836496 _____ C:\Windows\system32\FNTCACHE.DAT
2017-08-29 14:54 - 2015-07-26 23:06 - 000000000 ____D C:\Users\pc\AppData\Roaming\vlc
2017-08-28 09:13 - 2015-07-26 21:21 - 000000000 ____D C:\Users\pc
2017-08-28 09:01 - 2016-03-17 10:17 - 000000000 ____D C:\Users\pc\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Half-Life
2017-08-27 17:35 - 2015-09-21 18:31 - 000000000 ____D C:\Program Files\Adobe Flash Player 10
2017-08-27 17:35 - 2015-07-26 22:54 - 000000981 _____ C:\ProgramData\Microsoft\Windows\Start Menu\WinRAR.lnk
2017-08-27 16:19 - 2017-07-09 22:57 - 000032496 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2017-08-22 19:14 - 2016-07-03 14:43 - 000000000 ____D C:\Users\pc\Desktop\Nouveau dossier
2017-08-18 10:57 - 2016-07-29 22:44 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2017-08-18 10:56 - 2015-08-23 22:21 - 000000000 ____D C:\Program Files\Google
2017-08-18 10:50 - 2016-01-22 21:04 - 000000000 ___RD C:\Users\pc\Documents\Scanned Documents
2017-08-11 21:16 - 2015-08-30 19:47 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office
==================== Fichiers à la racine de certains dossiers =======
2015-07-26 23:51 - 2015-07-26 23:51 - 000000000 ____H () C:\ProgramData\DP45977C.lfl
2016-03-02 11:11 - 2016-03-02 11:11 - 000002045 ____H () C:\ProgramData\whlb32g.dll
2015-09-03 22:23 - 2015-09-03 22:23 - 000000102 _____ () C:\ProgramData\{262E20B8-6E20-4CEF-B1FD-D022AB1085F5}.dat
Fichiers à déplacer ou supprimer:
====================
C:\ProgramData\whlb32g.dll
C:\ProgramData\{262E20B8-6E20-4CEF-B1FD-D022AB1085F5}.dat
Certains fichiers dans TEMP:
====================
2017-09-06 20:41 - 2017-09-06 20:41 - 000000000 _____ () C:\Users\pc\AppData\Local\Temp\FRST.exe
Certains de taille zéro octet fichiers/dossiers:
==========================
C:\Windows\System32\Drivers\MBAMSwissArmy.sys
==================== Bamital & volsnap ======================
(Il n'y a pas de correction automatique pour les fichiers qui ne satisfont pas à la vérification.)
C:\Windows\explorer.exe => Le fichier est signé numériquement
C:\Windows\system32\winlogon.exe => Le fichier est signé numériquement
C:\Windows\system32\wininit.exe => Le fichier est signé numériquement
C:\Windows\system32\svchost.exe => Le fichier est signé numériquement
C:\Windows\system32\services.exe => Le fichier est signé numériquement
C:\Windows\system32\User32.dll => Le fichier est signé numériquement
C:\Windows\system32\userinit.exe => Le fichier est signé numériquement
C:\Windows\system32\rpcss.dll => Le fichier est signé numériquement
C:\Windows\system32\dnsapi.dll => Le fichier est signé numériquement
C:\Windows\system32\Drivers\volsnap.sys => Le fichier est signé numériquement
LastRegBack: 2017-08-16 06:31
==================== Fin de FRST.txt ============================