cjoint

Publicité


Publicité

Format du document : text/plain

Prévisualisation

Résultats d'analyse de Farbar Recovery Scan Tool (FRST) (x64) Version: 13-09-2017
Exécuté par soule (administrateur) sur DESKTOP-CMJKJDB (13-09-2017 21:40:09)
Exécuté depuis C:\Users\soule\Downloads
Profils chargés: soule (Profils disponibles: soule)
Platform: Windows 10 Pro Version 1511 (X64) Langue: Français (France)
Internet Explorer Version 11 (Navigateur par défaut: Edge)
Mode d'amorçage: Normal
Tutoriel pour Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processus (Avec liste blanche) =================

(Si un élément est inclus dans le fichier fixlist.txt, le processus sera arrêté. Le fichier ne sera pas déplacé.)

() C:\Program Files (x86)\FarStone\TotalRecovery Pro\EFB\FBAgent.exe
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Intel Corporation) C:\Windows\SysWOW64\IntelCpHeciSvc.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsHidSrv.exe
(Intel Corporation) C:\Windows\SysWOW64\esif_uf.exe
() C:\Program Files\ASUS\ASUS Keyboard Lock\SoftKBService.exe
(ASUS Cloud Corporation) C:\Program Files (x86)\ASUS\WebStorage\2.2.6.547\AsusWSWinService.exe
(Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Autodesk Inc.) C:\Program Files (x86)\Autodesk\Autodesk Desktop App\AdAppMgrSvc.exe
(Intel Corporation) C:\Windows\System32\ibtsiva.exe
(Dropbox, Inc.) C:\Windows\System32\DbxSvc.exe
(Zhuhai Kingsoft Office Software Co.,Ltd) C:\Program Files (x86)\Kingsoft\WPS Office\9.1.0.5247\wtoolex\wpsupdatesvr.exe
() C:\Program Files (x86)\FarStone\TotalRecovery Pro\EFB\DCNTranProc.exe
(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe
(Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
() C:\Program Files\ASUS\ASUS Keyboard Lock\ASUSKBLock.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\NisSrv.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Elements 12 Organizer\PhotoshopElementsFileAgent.exe
(Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
(WildTangent) C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Security Assist\isa.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe
(Intel Corporation) C:\Windows\Temp\DPTF\esif_assist_64.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
(Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
(Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
(Autodesk, Inc.) C:\Program Files (x86)\Autodesk\Autodesk Desktop App\AutodeskDesktopApp.exe
(Autodesk) C:\Program Files (x86)\Autodesk\Autodesk Desktop App\AcWebBrowser\acwebbrowser.exe
(Adobe Systems Inc.) C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\acrotray.exe
(Autodesk) C:\Program Files (x86)\Autodesk\Autodesk Desktop App\AcWebBrowser\acwebbrowser.exe
(Autodesk) C:\Program Files (x86)\Autodesk\Autodesk Desktop App\AcWebBrowser\acwebbrowser.exe
() C:\Program Files\WindowsApps\Microsoft.Messaging_2.15.20002.0_x86__8wekyb3d8bbwe\SkypeHost.exe
(ASUS Cloud Corporation) C:\Program Files (x86)\ASUS\WebStorage\2.2.6.547\AsusWSPanel.exe
(Microsoft Corporation) C:\Windows\System32\LockAppHost.exe
() C:\Windows\SystemApps\Microsoft.LockApp_cw5n1h2txyewy\LockApp.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe
(Microsoft Corporation) C:\Windows\System32\browser_broker.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MpCmdRun.exe

==================== Registre (Avec liste blanche) ====================

(Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé. Le fichier ne sera pas déplacé.)

HKLM\...\Run: [Logitech Download Assistant] => C:\Windows\system32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [558496 2014-02-27] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [WebStorage] => C:\Program Files (x86)\ASUS\WebStorage\2.2.6.547\ASUSWSLoader.exe [63272 2015-12-24] ()
HKLM-x32\...\Run: [AsInstCD] => C:\Preload64\Patch\AsInst.exe /inst
HKLM-x32\...\Run: [Dropbox] => C:\Program Files (x86)\Dropbox\Client\Dropbox.exe [3487032 2017-09-06] (Dropbox, Inc.)
HKLM-x32\...\Run: [Autodesk Desktop App] => C:\Program Files (x86)\Autodesk\Autodesk Desktop App\AutodeskDesktopApp.exe [704424 2017-06-15] (Autodesk, Inc.)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1021128 2014-12-03] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [Acrobat Assistant 8.0] => C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Acrotray.exe [3498728 2014-12-03] (Adobe Systems Inc.)
HKU\S-1-5-21-743931366-1272109351-262776411-1001\...\RunOnce: [Adobe Speed Launcher] => 1505234875
HKU\S-1-5-21-743931366-1272109351-262776411-1001\...\Policies\Explorer: []

==================== Internet (Avec liste blanche) ====================

(Si un élément est inclus dans le fichier fixlist.txt, s'il s'agit d'un élément du Registre, il sera supprimé ou restauré à la valeur par défaut.)

HKLM\SOFTWARE\Policies\Microsoft\Windows\CurrentVersion\Internet Settings: [ProxySettingsPerUser] 0 <==== ATTENTION (Restriction - ProxySettings)
Hosts: Il y a plus d'un élément dans hosts. Voir la section Hosts de Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1 192.168.1.1
Tcpip\..\Interfaces\{76c7a769-2707-4811-a384-a39b4f886057}: [DhcpNameServer] 192.168.1.1 192.168.1.1

Internet Explorer:
==================
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <==== ATTENTION
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-743931366-1272109351-262776411-1001\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-743931366-1272109351-262776411-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome
SearchScopes: HKU\S-1-5-21-743931366-1272109351-262776411-1001 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-743931366-1272109351-262776411-1001 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\x64\AcroIEFavClient.dll [2014-12-02] (Adobe Systems Incorporated)
BHO: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\x64\AcroIEFavClient.dll [2014-12-02] (Adobe Systems Incorporated)
BHO-x32: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll [2014-12-03] (Adobe Systems Incorporated)
BHO-x32: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office16\GROOVEEX.DLL [2016-10-18] (Microsoft Corporation)
BHO-x32: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll [2014-12-03] (Adobe Systems Incorporated)
Toolbar: HKLM - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\x64\AcroIEFavClient.dll [2014-12-02] (Adobe Systems Incorporated)
Toolbar: HKLM-x32 - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll [2014-12-03] (Adobe Systems Incorporated)
Handler: mso-minsb.16 - {3459B272-CC19-4448-86C9-DDC3B4B2FAD3} - C:\Program Files\Microsoft Office\Office16\MSOSB.DLL [2016-10-18] (Microsoft Corporation)
Handler-x32: mso-minsb.16 - {3459B272-CC19-4448-86C9-DDC3B4B2FAD3} - C:\Program Files (x86)\Microsoft Office\Office16\MSOSB.DLL [2016-10-18] (Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\Office16\MSOSB.DLL [2016-10-18] (Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\Office16\MSOSB.DLL [2016-10-18] (Microsoft Corporation)

FireFox:
========
FF HKLM-x32\...\Firefox\Extensions: [web2pdfextension@web2pdf.adobedotcom] - C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Browser\WCFirefoxExtn
FF Extension: (Adobe Acrobat - Create PDF) - C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Browser\WCFirefoxExtn [2017-08-10] [non signé]
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~2\Office16\NPSPWRAP.DLL [2015-07-31] (Microsoft Corporation)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll [2014-04-28] (Adobe Systems)
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.xdp -> C:\Program Files (x86)\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [Pas de fichier]
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.xfdf -> C:\Program Files (x86)\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [Pas de fichier]
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office16\NPSPWRAP.DLL [2015-07-31] (Microsoft Corporation)
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll [2015-12-22] ()
FF Plugin-x32: Adobe Acrobat -> C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Air\nppdf32.dll [2014-12-03] (Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll [2014-04-28] (Adobe Systems)

Chrome:
=======
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Browser\WCChromeExtn\WCChromeExtn.crx [2014-12-03]

==================== Services (Avec liste blanche) ====================

(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)

R2 AdAppMgrSvc; C:\Program Files (x86)\Autodesk\Autodesk Desktop App\AdAppMgrSvc.exe [1353208 2017-06-15] (Autodesk Inc.)
R2 AdobeActiveFileMonitor12.0; C:\Program Files (x86)\Adobe\Elements 12 Organizer\PhotoshopElementsFileAgent.exe [181152 2013-09-03] (Adobe Systems Incorporated)
R2 AsHidService; C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsHidSrv.exe [126648 2016-06-16] (ASUSTek Computer Inc.)
R2 ASUS KB Lock Service; C:\Program Files\ASUS\ASUS Keyboard Lock\SoftKBService.exe [17848 2016-09-02] ()
R2 Asus WebStorage Windows Service; C:\Program Files (x86)\ASUS\WebStorage\2.2.6.547\AsusWSWinService.exe [75264 2015-12-24] (ASUS Cloud Corporation) [Fichier non signé]
S3 cplspcon; C:\Windows\system32\IntelCpHDCPSvc.exe [480224 2016-11-30] (Intel Corporation)
S2 dbupdate; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2017-08-08] (Dropbox, Inc.)
S3 dbupdatem; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2017-08-08] (Dropbox, Inc.)
R2 DbxSvc; C:\Windows\system32\DbxSvc.exe [49992 2017-09-06] (Dropbox, Inc.)
R2 esifsvc; C:\Windows\SysWOW64\esif_uf.exe [1392792 2015-11-09] (Intel Corporation)
R2 FBAgent; C:\Program Files (x86)\FarStone\TotalRecovery Pro\EFB\FBAgent.exe [73032 2014-08-13] ()
R2 GamesAppIntegrationService; C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe [349728 2015-12-22] (WildTangent)
R2 igfxCUIService2.0.0.0; C:\Windows\system32\igfxCUIService.exe [341984 2016-11-30] (Intel Corporation)
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [974632 2016-02-19] (Intel(R) Corporation)
R3 Intel(R) Security Assist; C:\Program Files (x86)\Intel\Intel(R) Security Assist\isa.exe [335360 2016-03-18] (Intel Corporation) [Fichier non signé]
S2 isaHelperSvc; C:\Program Files (x86)\Intel\Intel(R) Security Assist\isaHelperService.exe [8704 2016-03-18] (Intel Corporation) [Fichier non signé]
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [209184 2016-05-26] (Intel Corporation)
R2 Kingsoft_WPS_UpdateService; C:\Program Files (x86)\Kingsoft\WPS Office\9.1.0.5247\wtoolex\wpsupdatesvr.exe [133480 2016-04-09] (Zhuhai Kingsoft Office Software Co.,Ltd)
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [268704 2016-08-04] ()
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [5495056 2015-06-17] (TeamViewer GmbH)
S3 ThunderboltService; C:\Program Files (x86)\Intel\Thunderbolt Software\tbtsvc.exe [1897184 2016-05-17] (Intel Corporation)
R2 Tran_Process_Proc; C:\Program Files (x86)\FarStone\TotalRecovery Pro\EFB\DCNTranProc.exe [71024 2014-03-25] ()
R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [364464 2016-10-25] (Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [24864 2017-07-29] (Microsoft Corporation)
R2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [3732896 2016-08-04] (Intel® Corporation)
R2 ibtsiva; %SystemRoot%\system32\ibtsiva [X]
S4 mccspsvc; "C:\Program Files\Common Files\McAfee\CSP\2.5.312.0\\McCSPServiceHost.exe" [X]

===================== Pilotes (Avec liste blanche) ======================

(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)

R2 ASMMAP64; C:\Windows\system32\DRIVERS\ASMMAP64.sys [36696 2016-04-27] (ASUSTek Computer Inc.)
R3 AsusPTPDrv; C:\Windows\System32\drivers\AsusPTPFilter.sys [95224 2016-05-19] (ASUS Corporation)
R3 dptf_acpi; C:\Windows\System32\drivers\dptf_acpi.sys [55784 2015-11-09] (Intel Corporation)
R3 dptf_cpu; C:\Windows\System32\drivers\dptf_cpu.sys [52200 2015-11-09] (Intel Corporation)
R3 esif_lf; C:\Windows\system32\DRIVERS\esif_lf.sys [260072 2015-11-09] (Intel Corporation)
S3 farmntio; C:\Windows\system32\drivers\farmntio.sys [25144 2014-03-25] () [Fichier non signé]
R3 HidEventFilter; C:\Windows\System32\drivers\HidEventFilter.sys [46072 2016-05-11] (Intel Corporation)
R3 HID_PCI; C:\Windows\System32\drivers\HID_PCI.sys [47928 2015-11-04] (Intel)
R3 iaLPSS2_GPIO2; C:\Windows\System32\drivers\iaLPSS2_GPIO2.sys [84264 2015-06-16] (Intel Corporation)
R3 ibtusb; C:\Windows\system32\DRIVERS\ibtusb.sys [341256 2016-03-18] (Intel Corporation)
R3 ISH; C:\Windows\System32\drivers\ISH.sys [135992 2015-11-04] (Intel)
R3 ISH_BusDriver; C:\Windows\System32\drivers\ISH_BusDriver.sys [71992 2015-11-09] (Intel)
R1 MpKsl4fe55036; C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{A1D1C002-1261-4507-AA2D-38756DEE8E00}\MpKsl4fe55036.sys [44928 2017-09-13] (Microsoft Corporation)
S3 NETwNb64; C:\Windows\System32\drivers\Netwbw02.sys [3485696 2015-10-30] (Intel Corporation)
R3 Netwtw04; C:\Windows\System32\drivers\Netwtw04.sys [7298312 2016-08-25] (Intel Corporation)
R3 ov13850; C:\Windows\System32\drivers\ov13850.sys [169928 2016-08-03] (Intel Corporation)
R0 PxHlpa64; C:\Windows\System32\drivers\PxHlpa64.sys [56336 2013-07-19] (Corel Corporation)
R3 rtsuvc; C:\Windows\system32\DRIVERS\rtsuvc.sys [3110144 2016-03-30] (Realtek Semiconductor Corp.)
R3 SensorsAlsDriver; C:\Windows\system32\DRIVERS\WUDFRd.sys [216064 2015-10-30] (Microsoft Corporation)
S0 WdBoot; C:\Windows\System32\drivers\WdBoot.sys [44568 2015-10-30] (Microsoft Corporation)
R0 WdFilter; C:\Windows\System32\drivers\WdFilter.sys [293216 2015-10-30] (Microsoft Corporation)
R3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [118112 2015-10-30] (Microsoft Corporation)
S3 mfeavfk01; \Device\mfeavfk01.sys [X]
U0 msahci; system32\drivers\msahci.sys [X]

==================== NetSvcs (Avec liste blanche) ===================

(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)


==================== Un mois - Créés - fichiers et dossiers ========

(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)

2017-09-13 21:40 - 2017-09-13 21:40 - 000017974 _____ C:\Users\soule\Downloads\FRST.txt
2017-09-13 21:39 - 2017-09-13 21:40 - 000000000 ____D C:\FRST
2017-09-13 21:39 - 2017-09-13 21:39 - 002397696 _____ (Farbar) C:\Users\soule\Downloads\FRST64.exe
2017-09-13 21:39 - 2017-09-13 21:39 - 000000000 ____D C:\Users\soule\Downloads\FRST-OlderVersion
2017-09-13 21:25 - 2017-09-13 21:33 - 000002012 _____ C:\Users\soule\Desktop\ZHPCleaner.txt
2017-09-13 19:58 - 2017-09-13 19:58 - 000004604 _____ C:\Users\soule\Desktop\rk_A22A.tmp.txt
2017-09-13 19:51 - 2017-09-13 19:51 - 000000877 _____ C:\Users\soule\Desktop\ZHPCleaner.lnk
2017-09-13 19:38 - 2017-09-13 19:40 - 000000493 _____ C:\Users\soule\Desktop\detection probleme proxy.txt
2017-09-12 18:47 - 2017-09-12 18:47 - 000000000 ___HD C:\OneDriveTemp
2017-09-10 12:18 - 2017-09-10 12:18 - 000000000 ____D C:\Program Files\KMSpico
2017-09-10 11:41 - 2017-09-13 19:24 - 000000000 ____D C:\AdwCleaner
2017-09-10 11:36 - 2017-09-10 11:38 - 008182736 _____ (Malwarebytes) C:\Users\soule\Downloads\adwcleaner_7.0.2.1.exe
2017-09-10 10:49 - 2017-09-10 10:49 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox
2017-09-07 22:46 - 2017-09-08 21:43 - 000000000 ____D C:\Program Files (x86)\Icecream Screen Recorder
2017-09-07 22:46 - 2017-09-07 22:46 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Xiph.Org
2017-09-07 22:46 - 2017-09-07 22:46 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Icecream Screen Recorder
2017-09-07 22:46 - 2017-09-07 22:46 - 000000000 ____D C:\Program Files (x86)\Xiph.Org
2017-09-07 21:52 - 2017-09-07 21:52 - 000000000 ____D C:\Program Files\Common Files\DESIGNER
2017-09-07 21:51 - 2017-09-07 21:52 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2016
2017-09-07 21:51 - 2017-09-07 21:51 - 000000000 ____D C:\Windows\PCHEALTH
2017-09-07 21:51 - 2017-09-07 21:51 - 000000000 ____D C:\Program Files\Microsoft SQL Server
2017-09-07 21:51 - 2017-09-07 21:51 - 000000000 ____D C:\Program Files (x86)\Microsoft SQL Server
2017-09-07 21:50 - 2017-09-07 21:50 - 000000000 __RHD C:\MSOCache
2017-09-07 21:50 - 2017-09-07 21:50 - 000000000 ____D C:\Program Files\Microsoft Analysis Services
2017-09-07 21:50 - 2017-09-07 21:50 - 000000000 ____D C:\Program Files (x86)\Microsoft Analysis Services
2017-09-06 12:29 - 2017-09-06 12:29 - 000049992 _____ (Dropbox, Inc.) C:\Windows\system32\DbxSvc.exe
2017-09-06 12:29 - 2017-09-06 12:29 - 000045672 _____ (Dropbox, Inc.) C:\Windows\system32\Drivers\dbx-dev.sys
2017-09-06 12:29 - 2017-09-06 12:29 - 000045640 _____ (Dropbox, Inc.) C:\Windows\system32\Drivers\dbx-stable.sys
2017-09-06 12:29 - 2017-09-06 12:29 - 000045640 _____ (Dropbox, Inc.) C:\Windows\system32\Drivers\dbx-canary.sys
2017-09-04 23:21 - 2017-09-05 23:01 - 000000000 ____D C:\Users\soule\Downloads\Microsoft Office 2016 VL ProPlus French (x86-x64) November 2016
2017-09-04 22:18 - 2017-09-07 21:41 - 000000000 ____D C:\Users\soule\AppData\Local\CrashDumps
2017-09-03 16:16 - 2017-09-13 19:27 - 000028272 _____ C:\Windows\system32\Drivers\TrueSight.sys
2017-09-03 16:16 - 2017-09-03 16:42 - 000000000 ____D C:\ProgramData\RogueKiller
2017-09-03 16:12 - 2017-09-03 16:14 - 026636872 _____ C:\Users\soule\Downloads\RogueKiller_portable64.exe
2017-09-01 12:31 - 2017-09-01 14:22 - 000000000 ____D C:\Users\soule\Downloads\Icecream Screen Recorder Pro 4.76 + Patch [CracksNow]
2017-09-01 12:08 - 2017-09-01 12:08 - 000000000 ____D C:\Users\soule\AppData\Local\Icecream
2017-09-01 12:08 - 2017-09-01 12:08 - 000000000 ____D C:\Users\soule\AppData\Local\CrashRpt
2017-09-01 12:08 - 2017-09-01 12:08 - 000000000 ____D C:\Users\soule\.Icecream Screen Recorder
2017-08-31 22:03 - 2017-08-31 22:03 - 000000000 ____D C:\Users\soule\AppData\Roaming\Greenshot
2017-08-31 22:03 - 2017-08-31 22:03 - 000000000 ____D C:\Users\soule\AppData\Local\Greenshot
2017-08-31 21:44 - 2017-08-31 22:18 - 000004520 _____ C:\Users\soule\AppData\Roaming\CamStudio.cfg
2017-08-31 21:44 - 2017-08-31 22:18 - 000000408 _____ C:\Users\soule\AppData\Roaming\CamShapes.ini
2017-08-31 21:44 - 2017-08-31 22:18 - 000000408 _____ C:\Users\soule\AppData\Roaming\CamLayout.ini
2017-08-31 21:44 - 2017-08-31 22:18 - 000000096 _____ C:\Users\soule\AppData\Roaming\Camdata.ini
2017-08-31 21:40 - 2017-08-31 21:54 - 000000000 ____D C:\Program Files\CamStudio 2.7
2017-08-28 15:45 - 2017-08-17 18:35 - 000544424 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2017-08-25 18:13 - 2017-08-25 18:13 - 000000132 _____ C:\Users\soule\AppData\Roaming\Préfs Format PNG Adobe CS5
2017-08-25 17:45 - 2017-08-25 17:45 - 000000000 ____D C:\Program Files\Common Files\Adobe
2017-08-25 17:44 - 2017-08-25 17:44 - 000001928 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Photoshop Elements 12.lnk
2017-08-25 17:44 - 2013-07-19 03:01 - 000056336 ____N (Corel Corporation) C:\Windows\system32\Drivers\PxHlpa64.sys
2017-08-25 17:44 - 2012-04-24 03:01 - 000011376 ____N (Corel Corporation) C:\Windows\system32\Drivers\cdralw2k.sys
2017-08-25 17:44 - 2012-04-24 03:01 - 000010864 ____N (Corel Corporation) C:\Windows\system32\Drivers\cdr4_xp.sys
2017-08-25 17:27 - 2017-08-25 17:27 - 000000000 ____D C:\Users\soule\Documents\Modèles Office personnalisés
2017-08-25 17:03 - 2017-09-13 21:33 - 000000000 ____D C:\Users\soule\AppData\Roaming\ZHP
2017-08-25 17:03 - 2017-08-25 17:03 - 000000000 ____D C:\Users\soule\AppData\Local\ZHP
2017-08-25 17:00 - 2017-08-25 17:02 - 002859904 _____ C:\Users\soule\Downloads\ZHPCleaner.exe
2017-08-25 16:11 - 2017-08-25 16:11 - 000001406 _____ C:\Users\soule\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Desktop Toasts App.lnk

==================== Un mois - Modifiés - fichiers et dossiers ========

(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)

2017-09-13 21:34 - 2015-10-30 09:24 - 000000000 ____D C:\Windows\system32\NDF
2017-09-13 19:22 - 2016-04-09 17:36 - 000810080 _____ C:\Windows\system32\perfh013.dat
2017-09-13 19:22 - 2016-04-09 17:36 - 000159714 _____ C:\Windows\system32\perfc013.dat
2017-09-13 19:22 - 2016-04-09 17:27 - 000803362 _____ C:\Windows\system32\perfh010.dat
2017-09-13 19:22 - 2016-04-09 17:27 - 000151814 _____ C:\Windows\system32\perfc010.dat
2017-09-13 19:22 - 2016-04-09 17:18 - 000826936 _____ C:\Windows\system32\perfh00C.dat
2017-09-13 19:22 - 2016-04-09 17:18 - 000156184 _____ C:\Windows\system32\perfc00C.dat
2017-09-13 19:22 - 2016-04-09 17:09 - 000765958 _____ C:\Windows\system32\perfh007.dat
2017-09-13 19:22 - 2016-04-09 17:09 - 000155498 _____ C:\Windows\system32\perfc007.dat
2017-09-13 19:22 - 2016-04-09 09:08 - 004690294 _____ C:\Windows\system32\PerfStringBackup.INI
2017-09-13 19:22 - 2015-10-30 09:21 - 000000000 ____D C:\Windows\INF
2017-09-12 18:47 - 2017-08-08 23:10 - 000000000 __SHD C:\Users\soule\IntelGraphicsProfiles
2017-09-12 18:47 - 2017-08-08 18:42 - 000000000 ___RD C:\Users\soule\OneDrive
2017-09-10 12:50 - 2016-11-24 20:52 - 000005693 ___RH C:\farstone_pe.letter
2017-09-10 12:50 - 2016-04-09 09:02 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2017-09-10 12:49 - 2015-10-30 08:28 - 000262144 ___SH C:\Windows\system32\config\BBI
2017-09-10 12:00 - 2017-08-08 23:16 - 000003880 _____ C:\Windows\System32\Tasks\Optimize Thumbnail Cache Files
2017-09-10 12:00 - 2017-08-08 23:16 - 000003428 _____ C:\Windows\System32\Tasks\InstallShield® Update Service Scheduler
2017-09-10 10:49 - 2016-04-09 09:32 - 000000000 ____D C:\Program Files (x86)\Dropbox
2017-09-08 21:10 - 2016-04-09 08:59 - 000501032 _____ C:\Windows\system32\FNTCACHE.DAT
2017-09-07 21:52 - 2016-11-24 20:52 - 000000000 ____D C:\Program Files\Microsoft Office
2017-09-07 21:52 - 2015-10-30 09:24 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2017-09-07 21:52 - 2015-10-30 09:24 - 000000000 ____D C:\Program Files\Common Files\microsoft shared
2017-09-07 21:50 - 2016-04-09 09:32 - 000000000 ____D C:\Program Files (x86)\Microsoft Office
2017-09-07 21:50 - 2015-10-30 20:19 - 000000000 ____D C:\Windows\ShellNew
2017-09-05 23:02 - 2017-08-09 19:54 - 000000000 ____D C:\Users\soule\AppData\Roaming\BitTorrent
2017-09-05 23:02 - 2017-08-08 18:42 - 000000000 ____D C:\Windows10Upgrade
2017-09-04 23:04 - 2017-08-08 22:57 - 000000000 ____D C:\Users\soule\AppData\Local\Microsoft Help
2017-09-04 23:02 - 2017-08-10 18:25 - 000000000 ____D C:\Windows\system32\appmgmt
2017-09-03 16:38 - 2015-10-30 09:24 - 000000000 ___HD C:\Windows\system32\GroupPolicy
2017-09-03 15:31 - 2017-08-08 18:34 - 000000000 ____D C:\Users\soule
2017-09-01 12:45 - 2017-08-08 23:47 - 000000000 ____D C:\Users\soule\AppData\Roaming\vlc
2017-08-31 21:34 - 2017-08-08 18:42 - 000002409 _____ C:\Users\soule\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2017-08-29 01:23 - 2017-08-08 18:42 - 000000000 ____D C:\Users\soule\AppData\Local\Comms
2017-08-29 00:05 - 2017-08-10 21:51 - 000000000 ____D C:\Users\soule\AppData\LocalLow\Adobe
2017-08-28 15:45 - 2017-08-08 23:53 - 000000000 ____D C:\Program Files\rempl
2017-08-28 15:38 - 2017-08-10 21:44 - 000000000 ____D C:\Users\soule\AppData\Local\Adobe
2017-08-28 15:37 - 2017-08-10 21:44 - 000000000 ____D C:\ProgramData\Adobe
2017-08-25 17:51 - 2017-08-08 18:40 - 000000000 ____D C:\Users\soule\AppData\Roaming\Adobe
2017-08-25 17:47 - 2017-08-10 21:44 - 000000000 ____D C:\ProgramData\regid.1986-12.com.adobe
2017-08-25 17:44 - 2017-08-10 21:44 - 000000000 ____D C:\Program Files (x86)\Adobe
2017-08-25 16:39 - 2016-11-24 20:49 - 000000000 ____D C:\Windows\System32\Tasks\McAfee
2017-08-25 16:39 - 2016-11-24 20:48 - 000000000 ____D C:\ProgramData\McAfee
2017-08-25 16:39 - 2016-11-24 20:48 - 000000000 ____D C:\Program Files\mcafee
2017-08-25 16:39 - 2015-10-30 09:24 - 000000000 ___HD C:\Windows\ELAMBKUP
2017-08-25 16:39 - 2015-10-30 08:28 - 000032768 ___SH C:\Windows\system32\config\ELAM
2017-08-24 11:01 - 2017-08-08 18:42 - 000000813 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Assistant Mise à niveau de Windows 10.lnk
2017-08-24 10:50 - 2015-10-30 09:24 - 000000000 ____D C:\Windows\AppReadiness
2017-08-15 12:03 - 2017-08-08 18:57 - 000000000 ____D C:\Users\soule\AppData\Local\PackageStaging
2017-08-15 12:03 - 2017-08-08 18:40 - 000000000 ____D C:\Users\soule\AppData\Local\Packages
2017-08-15 12:03 - 2015-10-30 09:24 - 000000000 ___HD C:\Program Files\WindowsApps

==================== Fichiers à la racine de certains dossiers =======

2017-08-31 21:44 - 2017-08-31 22:18 - 000000096 _____ () C:\Users\soule\AppData\Roaming\Camdata.ini
2017-08-31 21:44 - 2017-08-31 22:18 - 000000408 _____ () C:\Users\soule\AppData\Roaming\CamLayout.ini
2017-08-31 21:44 - 2017-08-31 22:18 - 000000408 _____ () C:\Users\soule\AppData\Roaming\CamShapes.ini
2017-08-31 21:44 - 2017-08-31 22:18 - 000004520 _____ () C:\Users\soule\AppData\Roaming\CamStudio.cfg
2017-08-25 18:13 - 2017-08-25 18:13 - 000000132 _____ () C:\Users\soule\AppData\Roaming\Préfs Format PNG Adobe CS5
2017-08-08 18:40 - 2017-08-08 23:11 - 000000188 _____ () C:\Users\soule\AppData\Roaming\sp_data.sys
2016-11-24 20:42 - 2016-11-24 20:42 - 000000000 ____H () C:\ProgramData\DP45977C.lfl

Certains fichiers dans TEMP:
====================
2017-08-10 21:14 - 2017-01-18 13:50 - 000066472 _____ (Autodesk, Inc.) C:\Users\soule\AppData\Local\Temp\AcDeltree.exe
2017-09-03 16:16 - 2016-10-25 11:41 - 001819208 _____ (Microsoft Corporation) C:\Users\soule\AppData\Local\Temp\dllnt_dump.dll
2017-08-10 18:09 - 2017-08-10 18:25 - 000335872 _____ () C:\Users\soule\AppData\Local\Temp\DLMGuardian.exe
2017-09-08 22:00 - 2015-12-10 18:49 - 006153408 _____ (Foxit Corporation) C:\Users\soule\AppData\Local\Temp\FoxitUpdater.exe
2017-08-25 17:43 - 2017-08-25 17:42 - 000111104 _____ () C:\Users\soule\AppData\Local\Temp\readSTILog.dll
2017-08-08 23:54 - 2017-08-08 23:54 - 006457520 _____ (Microsoft Corporation) C:\Users\soule\AppData\Local\Temp\Windows10Upgrade.exe

==================== Bamital & volsnap ======================

(Il n'y a pas de correction automatique pour les fichiers qui ne satisfont pas à la vérification.)

C:\Windows\system32\winlogon.exe => Le fichier est signé numériquement
C:\Windows\system32\wininit.exe => Le fichier est signé numériquement
C:\Windows\explorer.exe => Le fichier est signé numériquement
C:\Windows\SysWOW64\explorer.exe => Le fichier est signé numériquement
C:\Windows\system32\svchost.exe => Le fichier est signé numériquement
C:\Windows\SysWOW64\svchost.exe => Le fichier est signé numériquement
C:\Windows\system32\services.exe => Le fichier est signé numériquement
C:\Windows\system32\User32.dll => Le fichier est signé numériquement
C:\Windows\SysWOW64\User32.dll => Le fichier est signé numériquement
C:\Windows\system32\userinit.exe => Le fichier est signé numériquement
C:\Windows\SysWOW64\userinit.exe => Le fichier est signé numériquement
C:\Windows\system32\rpcss.dll => Le fichier est signé numériquement
C:\Windows\system32\dnsapi.dll => Le fichier est signé numériquement
C:\Windows\SysWOW64\dnsapi.dll => Le fichier est signé numériquement
C:\Windows\system32\Drivers\volsnap.sys => Le fichier est signé numériquement

LastRegBack: 2016-04-09 08:58

==================== Fin de FRST.txt ============================

Publicité


Signaler le contenu de ce document

Publicité