Adware suite installation logiciels
mathos33
Messages postés
119
Date d'inscription
Statut
Membre
Dernière intervention
-
Malekal_morte- Messages postés 180304 Date d'inscription Statut Modérateur, Contributeur sécurité Dernière intervention -
Malekal_morte- Messages postés 180304 Date d'inscription Statut Modérateur, Contributeur sécurité Dernière intervention -
Bonjour,
J'ai voulu installer un super outil pour fabriquer du karaoké et ... j'aurai pas dû ! Depuis des fenêtres intempestives, des applications en chinois se sont installées sur min PC, un antivirus etc... Impossible de tout nettoyer correctement. J'ai fait le tour de base : ADWCLEANER et MalwareBytes, qui ont pas mal nettoyé mais il en reste !
Pouvez-vous m'apporter votre aide
si ça peut aider :
Rapport R1 Adwcleaner : http://www.cjoint.com/c/EGqjTNvAkH8
Rapport S1 Adwcleaner : http://www.cjoint.com/c/EGqjVfaVVr8
Rapport malwarebyte's : http://www.cjoint.com/c/EGqj0vDEB68
En vous remerciant par avance
J'ai voulu installer un super outil pour fabriquer du karaoké et ... j'aurai pas dû ! Depuis des fenêtres intempestives, des applications en chinois se sont installées sur min PC, un antivirus etc... Impossible de tout nettoyer correctement. J'ai fait le tour de base : ADWCLEANER et MalwareBytes, qui ont pas mal nettoyé mais il en reste !
Pouvez-vous m'apporter votre aide
si ça peut aider :
Rapport R1 Adwcleaner : http://www.cjoint.com/c/EGqjTNvAkH8
Rapport S1 Adwcleaner : http://www.cjoint.com/c/EGqjVfaVVr8
Rapport malwarebyte's : http://www.cjoint.com/c/EGqj0vDEB68
En vous remerciant par avance
A voir également:
- Adware suite installation logiciels
- Adware cleaner - Télécharger - Antivirus & Antimalwares
- Logiciels sauvegarde - Guide
- Installation windows 10 sans compte microsoft - Guide
- Installation chromecast - Guide
- Installation clavier arabe - Télécharger - Divers Web & Internet
7 réponses
Salut,
Pour vérifier l'ordinateur :
Suis le tutoriel FRST.
(et bien prendre le temps de lire afin d'appliquer correctement - tout y est expliqué).
Télécharge et lance le scan FRST, cela va générer trois rapports FRST :
Envoie, comme expliqué, ces trois rapports sur le site http://pjjoint.malekal.com et en retour donne les trois liens pjjoint qui mènent à ses rapports ici dans une nouvelle réponse afin que l'on puisse les consulter.
Pour vérifier l'ordinateur :
Suis le tutoriel FRST.
(et bien prendre le temps de lire afin d'appliquer correctement - tout y est expliqué).
Télécharge et lance le scan FRST, cela va générer trois rapports FRST :
- FRST.txt
- Shortcut.txt
- Additionnal.txt
Envoie, comme expliqué, ces trois rapports sur le site http://pjjoint.malekal.com et en retour donne les trois liens pjjoint qui mènent à ses rapports ici dans une nouvelle réponse afin que l'on puisse les consulter.
Rapide et efficace, encore merci !
Voici les rapports :
FRST : https://pjjoint.malekal.com/files.php?id=20150716_p98p6v12d10
addition : https://pjjoint.malekal.com/files.php?id=20150716_k13h136g12r5
shortcut : https://pjjoint.malekal.com/files.php?id=20150716_d13m13k14y8x14
A très vite
Voici les rapports :
FRST : https://pjjoint.malekal.com/files.php?id=20150716_p98p6v12d10
addition : https://pjjoint.malekal.com/files.php?id=20150716_k13h136g12r5
shortcut : https://pjjoint.malekal.com/files.php?id=20150716_d13m13k14y8x14
A très vite
Humm ça a installé Rising -- Tecent :/
Pas bon ça.
Panneau de configuration puis programmes et fonctionnalités.
Désinstalle Rising.
Voici la correction à effectuer avec FRST.
Tu peux t'inspirer de cette note explicative avec des captures d'écran pour t'aider: https://www.malekal.com/tutoriel-farbar-recovery-scan-tool-frst/#fix
Ouvre le bloc-notes : Touche Windows + R, dans le champs executer, tape notepad et OK.
Copie/colle dedans ce qui suit :
HKLM-x32\...\Run: [gmsd_fr_005010031] => C:\Program Files (x86)\gmsd_fr_005010031\gmsd_fr_005010031.exe [3984528 2015-07-14] ()
R2 wsasvc_1.10.0.19; C:\Program Files (x86)\WordSurfer_1.10.0.19\Service\wsasvc.exe [299608 2015-06-16] (Word Surfer)
R2 xukilepe; C:\Users\maroze\AppData\Roaming\3C4B12FF-1436814652-11E3-B007-45E32C0000FF\knsmEEC7.tmp [272384 2015-07-15] () [File not signed]
2015-07-15 19:52 - 2015-07-15 19:52 - 00000000 ____D C:\Users\maroze\AppData\Local\gmsd_fr_005010031
2015-07-15 19:52 - 2015-07-15 19:52 - 00000000 ____D C:\Program Files (x86)\gmsd_fr_005010031
2015-07-15 19:50 - 2015-07-15 19:50 - 00004182 _____ C:\Windows\System32\Tasks\WordSurfer Auto Updater 1.10.0.19 Pending Update
2015-07-15 19:50 - 2015-07-15 19:50 - 00004172 _____ C:\Windows\System32\Tasks\WordSurfer Auto Updater 1.10.0.19 Core
2015-07-15 19:50 - 2015-07-15 19:50 - 00000000 ____D C:\Program Files (x86)\WordSurfer_1.10.0.19
2015-07-13 21:51 - 2015-07-16 09:03 - 00003320 _____ C:\Windows\System32\Tasks\RsDelayLauncher_{8A34248E-7D35-4832-8378-7659E0B0A380}
2015-07-13 21:50 - 2015-07-16 11:52 - 00119256 ____N (Beijing Rising Information Technology Co., Ltd.) C:\Windows\system32\Drivers\sysmon.sys
2015-07-13 21:50 - 2015-07-16 11:52 - 00071760 ____N (Beijing Rising Information Technology Co., Ltd.) C:\Windows\system32\Drivers\rsutils.sys
2015-07-13 21:50 - 2015-07-15 19:52 - 00000000 ___RD C:\RavBin
2015-07-13 21:50 - 2015-07-13 21:50 - 00000150 __RSH C:\rising.ini
2015-07-13 21:50 - 2015-07-13 21:50 - 00000134 _____ C:\Windows\SysWOW64\BsMain.ini
2015-07-13 21:50 - 2014-07-30 04:44 - 00091928 ____N (Beijing Rising Information Technology Co., Ltd.) C:\Windows\SysWOW64\vpatch.dll
2015-07-13 21:50 - 2014-01-02 09:37 - 00325400 ____N (Beijing Rising Information Technology Co., Ltd.) C:\Windows\system32\ravext64.dll
2015-07-13 21:50 - 2013-12-30 09:33 - 00256280 ____N (Beijing Rising Information Technology Co., Ltd.) C:\Windows\SysWOW64\ravext.dll
2015-07-13 21:50 - 2012-09-06 02:30 - 00240472 ____N (Beijing Rising Information Technology Co., Ltd.) C:\Windows\SysWOW64\bsmain.exe
2015-07-13 21:50 - 2012-02-29 09:49 - 00011888 ____N (Beijing Rising Information Technology Co., Ltd.) C:\Windows\system32\Drivers\rsndisp.sys
2015-07-13 21:46 - 2015-07-14 01:19 - 00000000 ____D C:\ProgramData\Rising
2015-07-13 21:46 - 2015-07-13 21:47 - 00000000 ____D C:\Program Files (x86)\Rising
2015-07-13 21:45 - 2015-07-13 21:45 - 00000000 ____D C:\Program Files\Common Files\Tencent
2015-07-13 21:45 - 2015-07-13 21:44 - 00174392 _____ (Tencent Technology(Shenzhen) Company Limited) C:\Windows\system32\Drivers\TAOKernel64.sys
2015-07-13 21:45 - 2015-07-13 21:44 - 00099640 _____ (Tencent) C:\Windows\system32\Drivers\TAOAccelerator64.sys
2015-07-13 21:45 - 2015-07-13 21:44 - 00038200 _____ (????) C:\Windows\system32\Drivers\TSSKX64.sys
2015-07-13 21:44 - 2015-07-13 21:44 - 00087864 _____ (????) C:\Windows\system32\Drivers\TFsFltX64.sys
2015-07-13 21:31 - 2015-07-13 21:31 - 00004242 _____ C:\Windows\System32\Tasks\SPBIW_UpdateTask_Time_313738353830383732302d3223572a23456c4155572a32
2015-07-13 21:29 - 2015-07-13 21:29 - 00000000 ____D C:\Users\maroze\AppData\Local\CrashRpt
2015-07-13 21:22 - 2015-07-14 10:26 - 00000000 ____D C:\Users\maroze\AppData\Local\SmartWeb
2015-07-13 21:22 - 2015-07-13 21:22 - 00004042 _____ C:\Windows\System32\Tasks\SmartWeb Upgrade Trigger Task
2015-07-13 21:12 - 2015-07-14 10:27 - 00000000 __SHD C:\Program Files (x86)\Rnalacetariness
2015-07-13 21:12 - 2015-07-14 10:10 - 00000000 ____D C:\Users\maroze\AppData\Local\Unity
2015-07-13 21:12 - 2015-07-14 01:19 - 00000000 ____D C:\Users\maroze\AppData\Local\SysassistByHotWheel
2015-07-13 21:12 - 2015-07-13 22:56 - 00000000 ____D C:\IQIYI Video
2015-07-13 21:12 - 2015-07-13 21:12 - 00000000 ____D C:\ppsfile
2015-07-13 21:11 - 2015-07-13 22:56 - 00000000 ____D C:\ProgramData\IQIYI Video
2015-07-13 21:11 - 2015-07-13 21:12 - 00000000 ____D C:\Users\maroze\AppData\Roaming\IQIYI Video
2015-07-13 21:11 - 2015-07-13 21:11 - 00000000 ____D C:\Users\Public\QiYi
2015-07-13 21:10 - 2015-07-15 02:15 - 00000000 ____D C:\Users\maroze\AppData\Roaming\3C4B12FF-1436814652-11E3-B007-45E32C0000FF
2015-07-11 19:38 - 2015-01-17 22:22 - 00000000 ____D C:\ProgramData\E1864A66-75E3-486a-BD95-D1B7D99A84A7
R1 rsutils; C:\Windows\System32\DRIVERS\rsutils.sys [71760 2015-07-16] (Beijing Rising Information Technology Co., Ltd.)
R2 TAOAccelerator; C:\Windows\system32\Drivers\TAOAccelerator64.sys [99640 2015-07-13] (Tencent)
R1 TAOKernelDriver; C:\Windows\System32\Drivers\TAOKernel64.sys [174392 2015-07-13] (Tencent Technology(Shenzhen) Company Limited)
S3 TFsFlt; C:\Windows\System32\Drivers\TFsFltX64.sys [87864 2015-07-13] (????)
R1 wsafd_1_10_0_19; C:\Windows\System32\drivers\wsafd_1_10_0_19.sys [61312 2015-06-16] (Word Surfer)
R2 RsMgrSvc; C:\Program Files (x86)\Rising\RSD\RsMgrSvc.exe [184088 2015-07-16] (Beijing Rising Information Technology Co., Ltd.)
R2 RsRavMon; C:\Program Files (x86)\Rising\RAV\ravmond.exe [277552 2014-05-15] (Beijing Rising Information Technology Co., Ltd.)
S2 QQPCRTP; C:\Program Files (x86)\Tencent\QQPCMgr\10.10.16434.218\QQPCRtp.exe -r [X]
CreateRestorePoint:
Une fois, le texte coller dans le bloc-note.
Menu Fichier puis Enregistrer sous.
A gauche, place toi sur le bureau.F
Dans le champs en bas, nom du fichier mets : fixlist.txt
Clic sur Enregistrer - cela va créer un fichier fixlist.txt sur le bureau.
Relance FRST et clic sur le bouton Fix
Selon comment un redémarrage est nécessaire (pas obligatoire).
Un fichier texte apparaît, copie/colle le contenu ici dans un nouveau message.
Redémarre l'ordinateur
puis réinitialise tes navigateurs:
==================================
Réinitialise tes navigateurs et ou manuellement reparamètre tes navigateurs WEB (page de démarrage, moteur de recherche etc) mais aussi supprimer/désactiver les extensions inutiles/parasites :
Trend-Micro tu l'as acheté ?
Like the angel you are, you laugh creating a lightness in my chest,
Your eyes they penetrate me,
(Your answer's always 'maybe')
That's when I got up and left
Pas bon ça.
Panneau de configuration puis programmes et fonctionnalités.
Désinstalle Rising.
Voici la correction à effectuer avec FRST.
Tu peux t'inspirer de cette note explicative avec des captures d'écran pour t'aider: https://www.malekal.com/tutoriel-farbar-recovery-scan-tool-frst/#fix
Ouvre le bloc-notes : Touche Windows + R, dans le champs executer, tape notepad et OK.
Copie/colle dedans ce qui suit :
HKLM-x32\...\Run: [gmsd_fr_005010031] => C:\Program Files (x86)\gmsd_fr_005010031\gmsd_fr_005010031.exe [3984528 2015-07-14] ()
R2 wsasvc_1.10.0.19; C:\Program Files (x86)\WordSurfer_1.10.0.19\Service\wsasvc.exe [299608 2015-06-16] (Word Surfer)
R2 xukilepe; C:\Users\maroze\AppData\Roaming\3C4B12FF-1436814652-11E3-B007-45E32C0000FF\knsmEEC7.tmp [272384 2015-07-15] () [File not signed]
2015-07-15 19:52 - 2015-07-15 19:52 - 00000000 ____D C:\Users\maroze\AppData\Local\gmsd_fr_005010031
2015-07-15 19:52 - 2015-07-15 19:52 - 00000000 ____D C:\Program Files (x86)\gmsd_fr_005010031
2015-07-15 19:50 - 2015-07-15 19:50 - 00004182 _____ C:\Windows\System32\Tasks\WordSurfer Auto Updater 1.10.0.19 Pending Update
2015-07-15 19:50 - 2015-07-15 19:50 - 00004172 _____ C:\Windows\System32\Tasks\WordSurfer Auto Updater 1.10.0.19 Core
2015-07-15 19:50 - 2015-07-15 19:50 - 00000000 ____D C:\Program Files (x86)\WordSurfer_1.10.0.19
2015-07-13 21:51 - 2015-07-16 09:03 - 00003320 _____ C:\Windows\System32\Tasks\RsDelayLauncher_{8A34248E-7D35-4832-8378-7659E0B0A380}
2015-07-13 21:50 - 2015-07-16 11:52 - 00119256 ____N (Beijing Rising Information Technology Co., Ltd.) C:\Windows\system32\Drivers\sysmon.sys
2015-07-13 21:50 - 2015-07-16 11:52 - 00071760 ____N (Beijing Rising Information Technology Co., Ltd.) C:\Windows\system32\Drivers\rsutils.sys
2015-07-13 21:50 - 2015-07-15 19:52 - 00000000 ___RD C:\RavBin
2015-07-13 21:50 - 2015-07-13 21:50 - 00000150 __RSH C:\rising.ini
2015-07-13 21:50 - 2015-07-13 21:50 - 00000134 _____ C:\Windows\SysWOW64\BsMain.ini
2015-07-13 21:50 - 2014-07-30 04:44 - 00091928 ____N (Beijing Rising Information Technology Co., Ltd.) C:\Windows\SysWOW64\vpatch.dll
2015-07-13 21:50 - 2014-01-02 09:37 - 00325400 ____N (Beijing Rising Information Technology Co., Ltd.) C:\Windows\system32\ravext64.dll
2015-07-13 21:50 - 2013-12-30 09:33 - 00256280 ____N (Beijing Rising Information Technology Co., Ltd.) C:\Windows\SysWOW64\ravext.dll
2015-07-13 21:50 - 2012-09-06 02:30 - 00240472 ____N (Beijing Rising Information Technology Co., Ltd.) C:\Windows\SysWOW64\bsmain.exe
2015-07-13 21:50 - 2012-02-29 09:49 - 00011888 ____N (Beijing Rising Information Technology Co., Ltd.) C:\Windows\system32\Drivers\rsndisp.sys
2015-07-13 21:46 - 2015-07-14 01:19 - 00000000 ____D C:\ProgramData\Rising
2015-07-13 21:46 - 2015-07-13 21:47 - 00000000 ____D C:\Program Files (x86)\Rising
2015-07-13 21:45 - 2015-07-13 21:45 - 00000000 ____D C:\Program Files\Common Files\Tencent
2015-07-13 21:45 - 2015-07-13 21:44 - 00174392 _____ (Tencent Technology(Shenzhen) Company Limited) C:\Windows\system32\Drivers\TAOKernel64.sys
2015-07-13 21:45 - 2015-07-13 21:44 - 00099640 _____ (Tencent) C:\Windows\system32\Drivers\TAOAccelerator64.sys
2015-07-13 21:45 - 2015-07-13 21:44 - 00038200 _____ (????) C:\Windows\system32\Drivers\TSSKX64.sys
2015-07-13 21:44 - 2015-07-13 21:44 - 00087864 _____ (????) C:\Windows\system32\Drivers\TFsFltX64.sys
2015-07-13 21:31 - 2015-07-13 21:31 - 00004242 _____ C:\Windows\System32\Tasks\SPBIW_UpdateTask_Time_313738353830383732302d3223572a23456c4155572a32
2015-07-13 21:29 - 2015-07-13 21:29 - 00000000 ____D C:\Users\maroze\AppData\Local\CrashRpt
2015-07-13 21:22 - 2015-07-14 10:26 - 00000000 ____D C:\Users\maroze\AppData\Local\SmartWeb
2015-07-13 21:22 - 2015-07-13 21:22 - 00004042 _____ C:\Windows\System32\Tasks\SmartWeb Upgrade Trigger Task
2015-07-13 21:12 - 2015-07-14 10:27 - 00000000 __SHD C:\Program Files (x86)\Rnalacetariness
2015-07-13 21:12 - 2015-07-14 10:10 - 00000000 ____D C:\Users\maroze\AppData\Local\Unity
2015-07-13 21:12 - 2015-07-14 01:19 - 00000000 ____D C:\Users\maroze\AppData\Local\SysassistByHotWheel
2015-07-13 21:12 - 2015-07-13 22:56 - 00000000 ____D C:\IQIYI Video
2015-07-13 21:12 - 2015-07-13 21:12 - 00000000 ____D C:\ppsfile
2015-07-13 21:11 - 2015-07-13 22:56 - 00000000 ____D C:\ProgramData\IQIYI Video
2015-07-13 21:11 - 2015-07-13 21:12 - 00000000 ____D C:\Users\maroze\AppData\Roaming\IQIYI Video
2015-07-13 21:11 - 2015-07-13 21:11 - 00000000 ____D C:\Users\Public\QiYi
2015-07-13 21:10 - 2015-07-15 02:15 - 00000000 ____D C:\Users\maroze\AppData\Roaming\3C4B12FF-1436814652-11E3-B007-45E32C0000FF
2015-07-11 19:38 - 2015-01-17 22:22 - 00000000 ____D C:\ProgramData\E1864A66-75E3-486a-BD95-D1B7D99A84A7
R1 rsutils; C:\Windows\System32\DRIVERS\rsutils.sys [71760 2015-07-16] (Beijing Rising Information Technology Co., Ltd.)
R2 TAOAccelerator; C:\Windows\system32\Drivers\TAOAccelerator64.sys [99640 2015-07-13] (Tencent)
R1 TAOKernelDriver; C:\Windows\System32\Drivers\TAOKernel64.sys [174392 2015-07-13] (Tencent Technology(Shenzhen) Company Limited)
S3 TFsFlt; C:\Windows\System32\Drivers\TFsFltX64.sys [87864 2015-07-13] (????)
R1 wsafd_1_10_0_19; C:\Windows\System32\drivers\wsafd_1_10_0_19.sys [61312 2015-06-16] (Word Surfer)
R2 RsMgrSvc; C:\Program Files (x86)\Rising\RSD\RsMgrSvc.exe [184088 2015-07-16] (Beijing Rising Information Technology Co., Ltd.)
R2 RsRavMon; C:\Program Files (x86)\Rising\RAV\ravmond.exe [277552 2014-05-15] (Beijing Rising Information Technology Co., Ltd.)
S2 QQPCRTP; C:\Program Files (x86)\Tencent\QQPCMgr\10.10.16434.218\QQPCRtp.exe -r [X]
CreateRestorePoint:
Une fois, le texte coller dans le bloc-note.
Menu Fichier puis Enregistrer sous.
A gauche, place toi sur le bureau.F
Dans le champs en bas, nom du fichier mets : fixlist.txt
Clic sur Enregistrer - cela va créer un fichier fixlist.txt sur le bureau.
Relance FRST et clic sur le bouton Fix
Selon comment un redémarrage est nécessaire (pas obligatoire).
Un fichier texte apparaît, copie/colle le contenu ici dans un nouveau message.
Redémarre l'ordinateur
puis réinitialise tes navigateurs:
==================================
Réinitialise tes navigateurs et ou manuellement reparamètre tes navigateurs WEB (page de démarrage, moteur de recherche etc) mais aussi supprimer/désactiver les extensions inutiles/parasites :
- Internet Explorer et modules complémentaires / moteurs de recherche : https://forum.malekal.com/viewtopic.php?t=41399&start=
- Firefox : https://www.malekal.com/reparer-firefox/?t=36057&start=
- Google Chrome : https://www.malekal.com/reparer-google-chrome/?t=35837&start=
Trend-Micro tu l'as acheté ?
Like the angel you are, you laugh creating a lightness in my chest,
Your eyes they penetrate me,
(Your answer's always 'maybe')
That's when I got up and left
Super ! j'ai suivi pas à pas tes instructions, ça semble aller mieux !
Oui j'ai une licence trend micro achetée.
Voici le résultat du FIX :
Fix result of Farbar Recovery Scan Tool (x64) Version:13-07-2015
Ran by lemenn at 2015-07-16 12:54:22 Run:1
Running from C:\Users\maroze\Desktop
Loaded Profiles: lemenn (Available Profiles: lemenn)
Boot Mode: Normal
==============================================
fixlist content:
HKLM-x32\...\Run: [gmsd_fr_005010031] => C:\Program Files (x86)\gmsd_fr_005010031\gmsd_fr_005010031.exe [3984528 2015-07-14] ()
R2 wsasvc_1.10.0.19; C:\Program Files (x86)\WordSurfer_1.10.0.19\Service\wsasvc.exe [299608 2015-06-16] (Word Surfer)
R2 xukilepe; C:\Users\maroze\AppData\Roaming\3C4B12FF-1436814652-11E3-B007-45E32C0000FF\knsmEEC7.tmp [272384 2015-07-15] () [File not signed]
2015-07-15 19:52 - 2015-07-15 19:52 - 00000000 ____D C:\Users\maroze\AppData\Local\gmsd_fr_005010031
2015-07-15 19:52 - 2015-07-15 19:52 - 00000000 ____D C:\Program Files (x86)\gmsd_fr_005010031
2015-07-15 19:50 - 2015-07-15 19:50 - 00004182 _____ C:\Windows\System32\Tasks\WordSurfer Auto Updater 1.10.0.19 Pending Update
2015-07-15 19:50 - 2015-07-15 19:50 - 00004172 _____ C:\Windows\System32\Tasks\WordSurfer Auto Updater 1.10.0.19 Core
2015-07-15 19:50 - 2015-07-15 19:50 - 00000000 ____D C:\Program Files (x86)\WordSurfer_1.10.0.19
2015-07-13 21:51 - 2015-07-16 09:03 - 00003320 _____ C:\Windows\System32\Tasks\RsDelayLauncher_{8A34248E-7D35-4832-8378-7659E0B0A380}
2015-07-13 21:50 - 2015-07-16 11:52 - 00119256 ____N (Beijing Rising Information Technology Co., Ltd.) C:\Windows\system32\Drivers\sysmon.sys
2015-07-13 21:50 - 2015-07-16 11:52 - 00071760 ____N (Beijing Rising Information Technology Co., Ltd.) C:\Windows\system32\Drivers\rsutils.sys
2015-07-13 21:50 - 2015-07-15 19:52 - 00000000 ___RD C:\RavBin
2015-07-13 21:50 - 2015-07-13 21:50 - 00000150 __RSH C:\rising.ini
2015-07-13 21:50 - 2015-07-13 21:50 - 00000134 _____ C:\Windows\SysWOW64\BsMain.ini
2015-07-13 21:50 - 2014-07-30 04:44 - 00091928 ____N (Beijing Rising Information Technology Co., Ltd.) C:\Windows\SysWOW64\vpatch.dll
2015-07-13 21:50 - 2014-01-02 09:37 - 00325400 ____N (Beijing Rising Information Technology Co., Ltd.) C:\Windows\system32\ravext64.dll
2015-07-13 21:50 - 2013-12-30 09:33 - 00256280 ____N (Beijing Rising Information Technology Co., Ltd.) C:\Windows\SysWOW64\ravext.dll
2015-07-13 21:50 - 2012-09-06 02:30 - 00240472 ____N (Beijing Rising Information Technology Co., Ltd.) C:\Windows\SysWOW64\bsmain.exe
2015-07-13 21:50 - 2012-02-29 09:49 - 00011888 ____N (Beijing Rising Information Technology Co., Ltd.) C:\Windows\system32\Drivers\rsndisp.sys
2015-07-13 21:46 - 2015-07-14 01:19 - 00000000 ____D C:\ProgramData\Rising
2015-07-13 21:46 - 2015-07-13 21:47 - 00000000 ____D C:\Program Files (x86)\Rising
2015-07-13 21:45 - 2015-07-13 21:45 - 00000000 ____D C:\Program Files\Common Files\Tencent
2015-07-13 21:45 - 2015-07-13 21:44 - 00174392 _____ (Tencent Technology(Shenzhen) Company Limited) C:\Windows\system32\Drivers\TAOKernel64.sys
2015-07-13 21:45 - 2015-07-13 21:44 - 00099640 _____ (Tencent) C:\Windows\system32\Drivers\TAOAccelerator64.sys
2015-07-13 21:45 - 2015-07-13 21:44 - 00038200 _____ (????) C:\Windows\system32\Drivers\TSSKX64.sys
2015-07-13 21:44 - 2015-07-13 21:44 - 00087864 _____ (????) C:\Windows\system32\Drivers\TFsFltX64.sys
2015-07-13 21:31 - 2015-07-13 21:31 - 00004242 _____ C:\Windows\System32\Tasks\SPBIW_UpdateTask_Time_313738353830383732302d3223572a23456c4155572a32
2015-07-13 21:29 - 2015-07-13 21:29 - 00000000 ____D C:\Users\maroze\AppData\Local\CrashRpt
2015-07-13 21:22 - 2015-07-14 10:26 - 00000000 ____D C:\Users\maroze\AppData\Local\SmartWeb
2015-07-13 21:22 - 2015-07-13 21:22 - 00004042 _____ C:\Windows\System32\Tasks\SmartWeb Upgrade Trigger Task
2015-07-13 21:12 - 2015-07-14 10:27 - 00000000 __SHD C:\Program Files (x86)\Rnalacetariness
2015-07-13 21:12 - 2015-07-14 10:10 - 00000000 ____D C:\Users\maroze\AppData\Local\Unity
2015-07-13 21:12 - 2015-07-14 01:19 - 00000000 ____D C:\Users\maroze\AppData\Local\SysassistByHotWheel
2015-07-13 21:12 - 2015-07-13 22:56 - 00000000 ____D C:\IQIYI Video
2015-07-13 21:12 - 2015-07-13 21:12 - 00000000 ____D C:\ppsfile
2015-07-13 21:11 - 2015-07-13 22:56 - 00000000 ____D C:\ProgramData\IQIYI Video
2015-07-13 21:11 - 2015-07-13 21:12 - 00000000 ____D C:\Users\maroze\AppData\Roaming\IQIYI Video
2015-07-13 21:11 - 2015-07-13 21:11 - 00000000 ____D C:\Users\Public\QiYi
2015-07-13 21:10 - 2015-07-15 02:15 - 00000000 ____D C:\Users\maroze\AppData\Roaming\3C4B12FF-1436814652-11E3-B007-45E32C0000FF
2015-07-11 19:38 - 2015-01-17 22:22 - 00000000 ____D C:\ProgramData\E1864A66-75E3-486a-BD95-D1B7D99A84A7
R1 rsutils; C:\Windows\System32\DRIVERS\rsutils.sys [71760 2015-07-16] (Beijing Rising Information Technology Co., Ltd.)
R2 TAOAccelerator; C:\Windows\system32\Drivers\TAOAccelerator64.sys [99640 2015-07-13] (Tencent)
R1 TAOKernelDriver; C:\Windows\System32\Drivers\TAOKernel64.sys [174392 2015-07-13] (Tencent Technology(Shenzhen) Company Limited)
S3 TFsFlt; C:\Windows\System32\Drivers\TFsFltX64.sys [87864 2015-07-13] (????)
R1 wsafd_1_10_0_19; C:\Windows\System32\drivers\wsafd_1_10_0_19.sys [61312 2015-06-16] (Word Surfer)
R2 RsMgrSvc; C:\Program Files (x86)\Rising\RSD\RsMgrSvc.exe [184088 2015-07-16] (Beijing Rising Information Technology Co., Ltd.)
R2 RsRavMon; C:\Program Files (x86)\Rising\RAV\ravmond.exe [277552 2014-05-15] (Beijing Rising Information Technology Co., Ltd.)
S2 QQPCRTP; C:\Program Files (x86)\Tencent\QQPCMgr\10.10.16434.218\QQPCRtp.exe -r [X]
CreateRestorePoint:
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\gmsd_fr_005010031 => value removed successfully
wsasvc_1.10.0.19 => Service not found.
xukilepe => Service stopped successfully.
xukilepe => Service removed successfully
"C:\Users\maroze\AppData\Local\gmsd_fr_005010031" => File/Folder not found.
"C:\Program Files (x86)\gmsd_fr_005010031" => File/Folder not found.
"C:\Windows\System32\Tasks\WordSurfer Auto Updater 1.10.0.19 Pending Update" => File/Folder not found.
"C:\Windows\System32\Tasks\WordSurfer Auto Updater 1.10.0.19 Core" => File/Folder not found.
"C:\Program Files (x86)\WordSurfer_1.10.0.19" => File/Folder not found.
C:\Windows\System32\Tasks\RsDelayLauncher_{8A34248E-7D35-4832-8378-7659E0B0A380} => moved successfully.
"C:\Windows\system32\Drivers\sysmon.sys" => File/Folder not found.
"C:\Windows\system32\Drivers\rsutils.sys" => File/Folder not found.
C:\RavBin => moved successfully.
"C:\rising.ini" => File/Folder not found.
"C:\Windows\SysWOW64\BsMain.ini" => File/Folder not found.
C:\Windows\SysWOW64\vpatch.dll => moved successfully.
C:\Windows\system32\ravext64.dll => moved successfully.
"C:\Windows\SysWOW64\ravext.dll" => File/Folder not found.
"C:\Windows\SysWOW64\bsmain.exe" => File/Folder not found.
"C:\Windows\system32\Drivers\rsndisp.sys" => File/Folder not found.
C:\ProgramData\Rising => moved successfully.
"C:\Program Files (x86)\Rising" folder move:
Could not move "C:\Program Files (x86)\Rising" folder => Scheduled to move on reboot.
C:\Program Files\Common Files\Tencent => moved successfully.
C:\Windows\system32\Drivers\TAOKernel64.sys => moved successfully.
C:\Windows\system32\Drivers\TAOAccelerator64.sys => moved successfully.
C:\Windows\system32\Drivers\TSSKX64.sys => moved successfully.
C:\Windows\system32\Drivers\TFsFltX64.sys => moved successfully.
C:\Windows\System32\Tasks\SPBIW_UpdateTask_Time_313738353830383732302d3223572a23456c4155572a32 => moved successfully.
C:\Users\maroze\AppData\Local\CrashRpt => moved successfully.
C:\Users\maroze\AppData\Local\SmartWeb => moved successfully.
C:\Windows\System32\Tasks\SmartWeb Upgrade Trigger Task => moved successfully.
C:\Program Files (x86)\Rnalacetariness => moved successfully.
C:\Users\maroze\AppData\Local\Unity => moved successfully.
C:\Users\maroze\AppData\Local\SysassistByHotWheel => moved successfully.
C:\IQIYI Video => moved successfully.
C:\ppsfile => moved successfully.
C:\ProgramData\IQIYI Video => moved successfully.
C:\Users\maroze\AppData\Roaming\IQIYI Video => moved successfully.
C:\Users\Public\QiYi => moved successfully.
C:\Users\maroze\AppData\Roaming\3C4B12FF-1436814652-11E3-B007-45E32C0000FF => moved successfully.
C:\ProgramData\E1864A66-75E3-486a-BD95-D1B7D99A84A7 => moved successfully.
rsutils => Service not found.
TAOAccelerator => Service stopped successfully.
TAOAccelerator => Service removed successfully
TAOKernelDriver => Unable to stop service.
TAOKernelDriver => Service removed successfully
TFsFlt => Service removed successfully
wsafd_1_10_0_19 => Unable to stop service.
wsafd_1_10_0_19 => Service removed successfully
RsMgrSvc => Service stopped successfully.
RsMgrSvc => Service removed successfully
RsRavMon => Service removed successfully
QQPCRTP => Service removed successfully
Restore point was successfully created.
Result of scheduled files to move (Boot Mode: Normal) (Date&Time: 2015-07-16 12:58:32)<=
C:\Program Files (x86)\Rising => Is moved successfully
Oui j'ai une licence trend micro achetée.
Voici le résultat du FIX :
Fix result of Farbar Recovery Scan Tool (x64) Version:13-07-2015
Ran by lemenn at 2015-07-16 12:54:22 Run:1
Running from C:\Users\maroze\Desktop
Loaded Profiles: lemenn (Available Profiles: lemenn)
Boot Mode: Normal
==============================================
fixlist content:
HKLM-x32\...\Run: [gmsd_fr_005010031] => C:\Program Files (x86)\gmsd_fr_005010031\gmsd_fr_005010031.exe [3984528 2015-07-14] ()
R2 wsasvc_1.10.0.19; C:\Program Files (x86)\WordSurfer_1.10.0.19\Service\wsasvc.exe [299608 2015-06-16] (Word Surfer)
R2 xukilepe; C:\Users\maroze\AppData\Roaming\3C4B12FF-1436814652-11E3-B007-45E32C0000FF\knsmEEC7.tmp [272384 2015-07-15] () [File not signed]
2015-07-15 19:52 - 2015-07-15 19:52 - 00000000 ____D C:\Users\maroze\AppData\Local\gmsd_fr_005010031
2015-07-15 19:52 - 2015-07-15 19:52 - 00000000 ____D C:\Program Files (x86)\gmsd_fr_005010031
2015-07-15 19:50 - 2015-07-15 19:50 - 00004182 _____ C:\Windows\System32\Tasks\WordSurfer Auto Updater 1.10.0.19 Pending Update
2015-07-15 19:50 - 2015-07-15 19:50 - 00004172 _____ C:\Windows\System32\Tasks\WordSurfer Auto Updater 1.10.0.19 Core
2015-07-15 19:50 - 2015-07-15 19:50 - 00000000 ____D C:\Program Files (x86)\WordSurfer_1.10.0.19
2015-07-13 21:51 - 2015-07-16 09:03 - 00003320 _____ C:\Windows\System32\Tasks\RsDelayLauncher_{8A34248E-7D35-4832-8378-7659E0B0A380}
2015-07-13 21:50 - 2015-07-16 11:52 - 00119256 ____N (Beijing Rising Information Technology Co., Ltd.) C:\Windows\system32\Drivers\sysmon.sys
2015-07-13 21:50 - 2015-07-16 11:52 - 00071760 ____N (Beijing Rising Information Technology Co., Ltd.) C:\Windows\system32\Drivers\rsutils.sys
2015-07-13 21:50 - 2015-07-15 19:52 - 00000000 ___RD C:\RavBin
2015-07-13 21:50 - 2015-07-13 21:50 - 00000150 __RSH C:\rising.ini
2015-07-13 21:50 - 2015-07-13 21:50 - 00000134 _____ C:\Windows\SysWOW64\BsMain.ini
2015-07-13 21:50 - 2014-07-30 04:44 - 00091928 ____N (Beijing Rising Information Technology Co., Ltd.) C:\Windows\SysWOW64\vpatch.dll
2015-07-13 21:50 - 2014-01-02 09:37 - 00325400 ____N (Beijing Rising Information Technology Co., Ltd.) C:\Windows\system32\ravext64.dll
2015-07-13 21:50 - 2013-12-30 09:33 - 00256280 ____N (Beijing Rising Information Technology Co., Ltd.) C:\Windows\SysWOW64\ravext.dll
2015-07-13 21:50 - 2012-09-06 02:30 - 00240472 ____N (Beijing Rising Information Technology Co., Ltd.) C:\Windows\SysWOW64\bsmain.exe
2015-07-13 21:50 - 2012-02-29 09:49 - 00011888 ____N (Beijing Rising Information Technology Co., Ltd.) C:\Windows\system32\Drivers\rsndisp.sys
2015-07-13 21:46 - 2015-07-14 01:19 - 00000000 ____D C:\ProgramData\Rising
2015-07-13 21:46 - 2015-07-13 21:47 - 00000000 ____D C:\Program Files (x86)\Rising
2015-07-13 21:45 - 2015-07-13 21:45 - 00000000 ____D C:\Program Files\Common Files\Tencent
2015-07-13 21:45 - 2015-07-13 21:44 - 00174392 _____ (Tencent Technology(Shenzhen) Company Limited) C:\Windows\system32\Drivers\TAOKernel64.sys
2015-07-13 21:45 - 2015-07-13 21:44 - 00099640 _____ (Tencent) C:\Windows\system32\Drivers\TAOAccelerator64.sys
2015-07-13 21:45 - 2015-07-13 21:44 - 00038200 _____ (????) C:\Windows\system32\Drivers\TSSKX64.sys
2015-07-13 21:44 - 2015-07-13 21:44 - 00087864 _____ (????) C:\Windows\system32\Drivers\TFsFltX64.sys
2015-07-13 21:31 - 2015-07-13 21:31 - 00004242 _____ C:\Windows\System32\Tasks\SPBIW_UpdateTask_Time_313738353830383732302d3223572a23456c4155572a32
2015-07-13 21:29 - 2015-07-13 21:29 - 00000000 ____D C:\Users\maroze\AppData\Local\CrashRpt
2015-07-13 21:22 - 2015-07-14 10:26 - 00000000 ____D C:\Users\maroze\AppData\Local\SmartWeb
2015-07-13 21:22 - 2015-07-13 21:22 - 00004042 _____ C:\Windows\System32\Tasks\SmartWeb Upgrade Trigger Task
2015-07-13 21:12 - 2015-07-14 10:27 - 00000000 __SHD C:\Program Files (x86)\Rnalacetariness
2015-07-13 21:12 - 2015-07-14 10:10 - 00000000 ____D C:\Users\maroze\AppData\Local\Unity
2015-07-13 21:12 - 2015-07-14 01:19 - 00000000 ____D C:\Users\maroze\AppData\Local\SysassistByHotWheel
2015-07-13 21:12 - 2015-07-13 22:56 - 00000000 ____D C:\IQIYI Video
2015-07-13 21:12 - 2015-07-13 21:12 - 00000000 ____D C:\ppsfile
2015-07-13 21:11 - 2015-07-13 22:56 - 00000000 ____D C:\ProgramData\IQIYI Video
2015-07-13 21:11 - 2015-07-13 21:12 - 00000000 ____D C:\Users\maroze\AppData\Roaming\IQIYI Video
2015-07-13 21:11 - 2015-07-13 21:11 - 00000000 ____D C:\Users\Public\QiYi
2015-07-13 21:10 - 2015-07-15 02:15 - 00000000 ____D C:\Users\maroze\AppData\Roaming\3C4B12FF-1436814652-11E3-B007-45E32C0000FF
2015-07-11 19:38 - 2015-01-17 22:22 - 00000000 ____D C:\ProgramData\E1864A66-75E3-486a-BD95-D1B7D99A84A7
R1 rsutils; C:\Windows\System32\DRIVERS\rsutils.sys [71760 2015-07-16] (Beijing Rising Information Technology Co., Ltd.)
R2 TAOAccelerator; C:\Windows\system32\Drivers\TAOAccelerator64.sys [99640 2015-07-13] (Tencent)
R1 TAOKernelDriver; C:\Windows\System32\Drivers\TAOKernel64.sys [174392 2015-07-13] (Tencent Technology(Shenzhen) Company Limited)
S3 TFsFlt; C:\Windows\System32\Drivers\TFsFltX64.sys [87864 2015-07-13] (????)
R1 wsafd_1_10_0_19; C:\Windows\System32\drivers\wsafd_1_10_0_19.sys [61312 2015-06-16] (Word Surfer)
R2 RsMgrSvc; C:\Program Files (x86)\Rising\RSD\RsMgrSvc.exe [184088 2015-07-16] (Beijing Rising Information Technology Co., Ltd.)
R2 RsRavMon; C:\Program Files (x86)\Rising\RAV\ravmond.exe [277552 2014-05-15] (Beijing Rising Information Technology Co., Ltd.)
S2 QQPCRTP; C:\Program Files (x86)\Tencent\QQPCMgr\10.10.16434.218\QQPCRtp.exe -r [X]
CreateRestorePoint:
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\gmsd_fr_005010031 => value removed successfully
wsasvc_1.10.0.19 => Service not found.
xukilepe => Service stopped successfully.
xukilepe => Service removed successfully
"C:\Users\maroze\AppData\Local\gmsd_fr_005010031" => File/Folder not found.
"C:\Program Files (x86)\gmsd_fr_005010031" => File/Folder not found.
"C:\Windows\System32\Tasks\WordSurfer Auto Updater 1.10.0.19 Pending Update" => File/Folder not found.
"C:\Windows\System32\Tasks\WordSurfer Auto Updater 1.10.0.19 Core" => File/Folder not found.
"C:\Program Files (x86)\WordSurfer_1.10.0.19" => File/Folder not found.
C:\Windows\System32\Tasks\RsDelayLauncher_{8A34248E-7D35-4832-8378-7659E0B0A380} => moved successfully.
"C:\Windows\system32\Drivers\sysmon.sys" => File/Folder not found.
"C:\Windows\system32\Drivers\rsutils.sys" => File/Folder not found.
C:\RavBin => moved successfully.
"C:\rising.ini" => File/Folder not found.
"C:\Windows\SysWOW64\BsMain.ini" => File/Folder not found.
C:\Windows\SysWOW64\vpatch.dll => moved successfully.
C:\Windows\system32\ravext64.dll => moved successfully.
"C:\Windows\SysWOW64\ravext.dll" => File/Folder not found.
"C:\Windows\SysWOW64\bsmain.exe" => File/Folder not found.
"C:\Windows\system32\Drivers\rsndisp.sys" => File/Folder not found.
C:\ProgramData\Rising => moved successfully.
"C:\Program Files (x86)\Rising" folder move:
Could not move "C:\Program Files (x86)\Rising" folder => Scheduled to move on reboot.
C:\Program Files\Common Files\Tencent => moved successfully.
C:\Windows\system32\Drivers\TAOKernel64.sys => moved successfully.
C:\Windows\system32\Drivers\TAOAccelerator64.sys => moved successfully.
C:\Windows\system32\Drivers\TSSKX64.sys => moved successfully.
C:\Windows\system32\Drivers\TFsFltX64.sys => moved successfully.
C:\Windows\System32\Tasks\SPBIW_UpdateTask_Time_313738353830383732302d3223572a23456c4155572a32 => moved successfully.
C:\Users\maroze\AppData\Local\CrashRpt => moved successfully.
C:\Users\maroze\AppData\Local\SmartWeb => moved successfully.
C:\Windows\System32\Tasks\SmartWeb Upgrade Trigger Task => moved successfully.
C:\Program Files (x86)\Rnalacetariness => moved successfully.
C:\Users\maroze\AppData\Local\Unity => moved successfully.
C:\Users\maroze\AppData\Local\SysassistByHotWheel => moved successfully.
C:\IQIYI Video => moved successfully.
C:\ppsfile => moved successfully.
C:\ProgramData\IQIYI Video => moved successfully.
C:\Users\maroze\AppData\Roaming\IQIYI Video => moved successfully.
C:\Users\Public\QiYi => moved successfully.
C:\Users\maroze\AppData\Roaming\3C4B12FF-1436814652-11E3-B007-45E32C0000FF => moved successfully.
C:\ProgramData\E1864A66-75E3-486a-BD95-D1B7D99A84A7 => moved successfully.
rsutils => Service not found.
TAOAccelerator => Service stopped successfully.
TAOAccelerator => Service removed successfully
TAOKernelDriver => Unable to stop service.
TAOKernelDriver => Service removed successfully
TFsFlt => Service removed successfully
wsafd_1_10_0_19 => Unable to stop service.
wsafd_1_10_0_19 => Service removed successfully
RsMgrSvc => Service stopped successfully.
RsMgrSvc => Service removed successfully
RsRavMon => Service removed successfully
QQPCRTP => Service removed successfully
Restore point was successfully created.
Result of scheduled files to move (Boot Mode: Normal) (Date&Time: 2015-07-16 12:58:32)<=
C:\Program Files (x86)\Rising => Is moved successfully
End of Fixlog 12:58:33
Encore merci à toi, y a t-il d'autres choses à faire ?Vous n’avez pas trouvé la réponse que vous recherchez ?
Posez votre question
Je reviens un peu tard, tu trouveras les résultats du scan :
FRST : https://pjjoint.malekal.com/files.php?id=20150717_9t13c6c5q14
Addition : https://pjjoint.malekal.com/files.php?id=20150717_h10y8i8v9f15
Shortcut : https://pjjoint.malekal.com/files.php?id=20150717_n7e12x8t12x13
Merci !
FRST : https://pjjoint.malekal.com/files.php?id=20150717_9t13c6c5q14
Addition : https://pjjoint.malekal.com/files.php?id=20150717_h10y8i8v9f15
Shortcut : https://pjjoint.malekal.com/files.php?id=20150717_n7e12x8t12x13
Merci !
Voici la correction à effectuer avec FRST.
Tu peux t'inspirer de cette note explicative avec des captures d'écran pour t'aider: https://www.malekal.com/tutoriel-farbar-recovery-scan-tool-frst/#fix
Ouvre le bloc-notes : Touche Windows + R, dans le champs executer, tape notepad et OK.
Copie/colle dedans ce qui suit :
S1 QMUdisk; \??\C:\Program Files (x86)\Tencent\QQPCMgr\10.10.16434.218\QMUdisk64.sys [X]
S2 QQSysMonX64; \??\C:\Program Files (x86)\Tencent\QQPCMgr\10.10.16434.218\QQSysMonX64.sys [X]
S2 SPDRIVER_1.42.1.2124; \??\C:\Program Files (x86)\ShopperPro\JSDriver\1.42.1.2124\jsdrv.sys [X]
S0 TMEBC; system32\DRIVERS\TMEBC64.sys [X]
S3 TS888x64; \??\C:\Program Files (x86)\Tencent\QQPCMgr\10.10.16434.218\TS888x64.sys [X]
S1 TSCPM; \??\C:\Program Files (x86)\Tencent\QQPCMgr\10.10.16434.218\tscpm64.sys [X]
S1 TSDefenseBt; \??\C:\Program Files (x86)\Tencent\QQPCMgr\10.10.16434.218\TsDefenseBT64.sys [X]
S3 TSSKX64; System32\drivers\tsskx64.sys [X]
2015-07-16 12:53 - 2015-07-16 12:53 - 00000000 ____D C:\Program Files (x86)\predm
2015-07-14 00:54 - 2015-07-14 09:38 - 00028984 _____ (Tencent) C:\Windows\SysWOW64\Drivers\TS888x64.sys
CreateRestorePoint:
Une fois, le texte coller dans le bloc-note.
Menu Fichier puis Enregistrer sous.
A gauche, place toi sur le bureau.F
Dans le champs en bas, nom du fichier mets : fixlist.txt
Clic sur Enregistrer - cela va créer un fichier fixlist.txt sur le bureau.
Relance FRST et clic sur le bouton Fix
Selon comment un redémarrage est nécessaire (pas obligatoire).
Un fichier texte apparaît, copie/colle le contenu ici dans un nouveau message.
Redémarre l'ordinateur
Like the angel you are, you laugh creating a lightness in my chest,
Your eyes they penetrate me,
(Your answer's always 'maybe')
That's when I got up and left
Tu peux t'inspirer de cette note explicative avec des captures d'écran pour t'aider: https://www.malekal.com/tutoriel-farbar-recovery-scan-tool-frst/#fix
Ouvre le bloc-notes : Touche Windows + R, dans le champs executer, tape notepad et OK.
Copie/colle dedans ce qui suit :
S1 QMUdisk; \??\C:\Program Files (x86)\Tencent\QQPCMgr\10.10.16434.218\QMUdisk64.sys [X]
S2 QQSysMonX64; \??\C:\Program Files (x86)\Tencent\QQPCMgr\10.10.16434.218\QQSysMonX64.sys [X]
S2 SPDRIVER_1.42.1.2124; \??\C:\Program Files (x86)\ShopperPro\JSDriver\1.42.1.2124\jsdrv.sys [X]
S0 TMEBC; system32\DRIVERS\TMEBC64.sys [X]
S3 TS888x64; \??\C:\Program Files (x86)\Tencent\QQPCMgr\10.10.16434.218\TS888x64.sys [X]
S1 TSCPM; \??\C:\Program Files (x86)\Tencent\QQPCMgr\10.10.16434.218\tscpm64.sys [X]
S1 TSDefenseBt; \??\C:\Program Files (x86)\Tencent\QQPCMgr\10.10.16434.218\TsDefenseBT64.sys [X]
S3 TSSKX64; System32\drivers\tsskx64.sys [X]
2015-07-16 12:53 - 2015-07-16 12:53 - 00000000 ____D C:\Program Files (x86)\predm
2015-07-14 00:54 - 2015-07-14 09:38 - 00028984 _____ (Tencent) C:\Windows\SysWOW64\Drivers\TS888x64.sys
CreateRestorePoint:
Une fois, le texte coller dans le bloc-note.
Menu Fichier puis Enregistrer sous.
A gauche, place toi sur le bureau.F
Dans le champs en bas, nom du fichier mets : fixlist.txt
Clic sur Enregistrer - cela va créer un fichier fixlist.txt sur le bureau.
Relance FRST et clic sur le bouton Fix
Selon comment un redémarrage est nécessaire (pas obligatoire).
Un fichier texte apparaît, copie/colle le contenu ici dans un nouveau message.
Redémarre l'ordinateur
Like the angel you are, you laugh creating a lightness in my chest,
Your eyes they penetrate me,
(Your answer's always 'maybe')
That's when I got up and left