Publicité
Publicité
Commentaire : problème de virus dans google
Format du document : text/plain
Prévisualisation
Résultats d'analyse de Farbar Recovery Scan Tool (FRST) (x64) Version: 17-12-2017
Exécuté par Yassine (administrateur) sur YASSINE (17-12-2017 16:28:41)
Exécuté depuis C:\Users\Yassine\Desktop
Profils chargés: Yassine (Profils disponibles: Yassine)
Platform: Windows 8.1 Pro (Update) (X64) Langue: Français (France)
Internet Explorer Version 11 (Navigateur par défaut: Chrome)
Mode d'amorçage: Normal
Tutoriel pour Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processus (Avec liste blanche) =================
(Si un élément est inclus dans le fichier fixlist.txt, le processus sera arrêté. Le fichier ne sera pas déplacé.)
(AMD) C:\Windows\System32\atiesrxx.exe
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Antivirus\AVGSvc.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Antivirus\afwServ.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Framework\Common\avgsvca.exe
(Broadcom Corporation.) C:\Program Files\Lenovo\Bluetooth Software\btwdins.exe
() C:\Program Files (x86)\ExpressVPN\bootstrap\AMD64\nssm.exe
() C:\Program Files (x86)\ExpressVPN\xvpnd\xvpnd.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesService64.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.7\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.7\GoogleCrashHandler64.exe
(AMD) C:\Windows\System32\atieclxx.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesApp64.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
() C:\Windows\System32\igfxTray.exe
(Microsoft Corporation) C:\Windows\System32\SkyDrive.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Framework\Common\avguix.exe
(Broadcom Corporation.) C:\Program Files\Lenovo\Bluetooth Software\BTTray.exe
(Akamai Technologies, Inc.) C:\Users\Yassine\AppData\Local\Akamai\netsession_win.exe
(ExpressVPN) C:\Program Files (x86)\ExpressVPN\xvpn-ui\ExpressVpn.exe
(Akamai Technologies, Inc.) C:\Users\Yassine\AppData\Local\Akamai\netsession_win.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Antivirus\AVGUI.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Microsoft Corporation) C:\Windows\SysWOW64\rundll32.exe
(Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\RadeonSettings.exe
(Enigma Software Group USA, LLC.) C:\Program Files\SpyHunter\SpyHunter4.exe
(Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Antivirus\x64\aswidsagenta.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Antivirus\AVGUI.exe
(The OpenVPN Project) C:\Program Files (x86)\ExpressVPN\xvpnd\windows\openvpn.exe
(Microsoft Corporation) C:\Windows\WinSxS\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_6.3.9600.17246_none_fa4ae8e99b1f603c\TiWorker.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
==================== Registre (Avec liste blanche) ===========================
(Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé. Le fichier ne sera pas déplacé.)
HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [322104 2016-02-03] (Intel Corporation)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [16781824 2017-01-11] (Realtek Semiconductor)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [446392 2012-04-04] (Adobe Systems Incorporated)
HKLM\...\Run: [AvgUi] => C:\Program Files (x86)\AVG\Framework\Common\avguirna.exe [239592 2017-10-31] (AVG Technologies CZ, s.r.o.)
HKLM\...\Run: [AVGUI.exe] => C:\Program Files (x86)\AVG\Antivirus\AvLaunch.exe [302744 2017-12-11] (AVG Technologies CZ, s.r.o.)
HKLM\...\Run: [Bluetooth] => C:\Program Files\Lenovo\Bluetooth Software\bttray.exe [535808 2015-09-24] (Broadcom Corporation.)
HKLM-x32\...\Run: [AvgUi] => C:\Program Files (x86)\AVG\Framework\Common\avguirna.exe [239592 2017-10-31] (AVG Technologies CZ, s.r.o.)
HKLM-x32\...\Run: [Dropbox] => C:\Program Files (x86)\Dropbox\Client\Dropbox.exe [3567928 2017-12-05] (Dropbox, Inc.)
HKLM-x32\...\Run: [SwitchBoard] => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [AdobeCS6ServiceManager] => C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe [1073312 2012-03-09] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [DivXMediaServer] => C:\Program Files (x86)\DivX\DivX Media Server\DivXMediaServer.exe
HKLM-x32\...\Run: [NBKeyScan] => "C:\Program Files (x86)\Nero\Nero8\Nero BackItUp\NBKeyScan.exe"
HKU\S-1-5-21-2446385367-2199033129-166284951-1001\...\Run: [Akamai NetSession Interface] => C:\Users\Yassine\AppData\Local\Akamai\netsession_win.exe [4490200 2017-01-03] (Akamai Technologies, Inc.)
HKU\S-1-5-21-2446385367-2199033129-166284951-1001\...\Run: [Autodesk Sync] => C:\Program Files\Autodesk\Autodesk Sync\AdSync.exe [1081224 2013-02-05] (Autodesk, Inc.)
HKU\S-1-5-21-2446385367-2199033129-166284951-1001\...\Run: [ApplePhotoStreams] => C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe
HKU\S-1-5-21-2446385367-2199033129-166284951-1001\...\Run: [iCloudDrive] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudDrive.exe
HKU\S-1-5-21-2446385367-2199033129-166284951-1001\...\Run: [iCloudPhotos] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudPhotos.exe
HKU\S-1-5-21-2446385367-2199033129-166284951-1001\...\Run: [ExpressVPN4] => C:\Program Files (x86)\ExpressVPN\xvpn-ui\ExpressVpn.exe [809088 2017-11-03] (ExpressVPN)
HKU\S-1-5-21-2446385367-2199033129-166284951-1001\...\Run: [IndxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] => C:\Program Files (x86)\Common Files\Nero\Lib\NMIndexStoreSvr.exe [1688872 2007-12-13] (Nero AG)
HKU\S-1-5-21-2446385367-2199033129-166284951-1001\...\Policies\Explorer: []
HKU\S-1-5-18\...\Run: [Autodesk Sync] => C:\Program Files\Autodesk\Autodesk Sync\AdSync.exe [1081224 2013-02-05] (Autodesk, Inc.)
IFEO: [Debugger] "C:\Program Files (x86)\AVG\AVG PC TuneUp\TUAutoReactivator64.exe"
IFEO\3dsmax.exe: [Debugger] "C:\Program Files (x86)\AVG\AVG PC TuneUp\TUAutoReactivator64.exe"
IFEO\AcroRd32.exe: [Debugger] "C:\Program Files (x86)\AVG\AVG PC TuneUp\TUAutoReactivator64.exe"
IFEO\adsync.exe: [Debugger] "C:\Program Files (x86)\AVG\AVG PC TuneUp\TUAutoReactivator64.exe"
IFEO\codectweaktool.exe: [Debugger] "C:\Program Files (x86)\AVG\AVG PC TuneUp\TUAutoReactivator64.exe"
IFEO\connect.service.contentservice.admin.exe: [Debugger] "C:\Program Files (x86)\AVG\AVG PC TuneUp\TUAutoReactivator64.exe"
IFEO\dropbox.exe: [Debugger] "C:\Program Files (x86)\AVG\AVG PC TuneUp\TUAutoReactivator64.exe"
IFEO\ltu.exe: [Debugger] "C:\Program Files (x86)\AVG\AVG PC TuneUp\TUAutoReactivator64.exe"
IFEO\maxfind.exe: [Debugger] "C:\Program Files (x86)\AVG\AVG PC TuneUp\TUAutoReactivator64.exe"
IFEO\switchboard.exe: [Debugger] "C:\Program Files (x86)\AVG\AVG PC TuneUp\TUAutoReactivator64.exe"
IFEO\UninstallTool.exe: [Debugger] "C:\Program Files (x86)\AVG\AVG PC TuneUp\TUAutoReactivator64.exe"
IFEO\wksvmgr.exe: [Debugger] "C:\Program Files (x86)\AVG\AVG PC TuneUp\TUAutoReactivator64.exe"
IFEO\wksvmon.exe: [Debugger] "C:\Program Files (x86)\AVG\AVG PC TuneUp\TUAutoReactivator64.exe"
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Serveur réseau.lnk [2017-01-24]
ShortcutTarget: Serveur réseau.lnk -> C:\Program Files (x86)\WIBUKEY\Server\WkSvMgr.exe (WIBU-SYSTEMS AG)
GroupPolicy: Restriction - Chrome <==== ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION
==================== Internet (Avec liste blanche) ====================
(Si un élément est inclus dans le fichier fixlist.txt, s'il s'agit d'un élément du Registre, il sera supprimé ou restauré à la valeur par défaut.)
Hosts: 0.0.0.0 telemetry.malwarebytes.com
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{9BE604DA-0663-442F-935D-D210152AC024}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{AA1A6F2F-E269-40F7-93BF-AB156D876186}: [DhcpNameServer] 10.54.0.1
Internet Explorer:
==================
HKU\S-1-5-21-2446385367-2199033129-166284951-1001\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://www.msn.com/fr-fr/?ocid=iehp
HKU\S-1-5-21-2446385367-2199033129-166284951-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://google.fr/
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [2010-03-25] (Microsoft Corporation)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2010-02-28] (Microsoft Corporation)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL [2010-03-25] (Microsoft Corporation)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2010-02-28] (Microsoft Corporation)
FireFox:
========
FF DefaultProfile: vb3g8244.default
FF ProfilePath: C:\Users\Yassine\AppData\Roaming\Mozilla\Firefox\Profiles\vb3g8244.default [2017-12-17]
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=2.2.4 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.7\npGoogleUpdate3.dll [2017-12-17] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.7\npGoogleUpdate3.dll [2017-12-17] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2017-11-04] (Adobe Systems Inc.)
Chrome:
=======
CHR Profile: C:\Users\Yassine\AppData\Local\Google\Chrome\User Data\Default [2017-12-17]
CHR Extension: (Google Drive) - C:\Users\Yassine\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2017-12-17]
CHR Extension: (YouTube) - C:\Users\Yassine\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2017-12-17]
CHR Extension: (Paiements via le Chrome Web Store) - C:\Users\Yassine\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-12-17]
CHR Extension: (Gmail) - C:\Users\Yassine\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2017-12-17]
CHR Extension: (Chrome Media Router) - C:\Users\Yassine\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-12-17]
CHR HKLM\...\Chrome\Extension: [looohgelibjoplmkhecmalapkgadkfcc] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [ccjleegmemocfpghkhpjmiccjcacackp] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [looohgelibjoplmkhecmalapkgadkfcc] - hxxps://clients2.google.com/service/update2/crx
==================== Services (Avec liste blanche) ====================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
S4 Autodesk Content Service; C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe [12288 2012-12-13] (Autodesk, Inc.) [Fichier non signé]
R2 AVG Antivirus; C:\Program Files (x86)\AVG\Antivirus\AVGSvc.exe [282536 2017-12-11] (AVG Technologies CZ, s.r.o.)
R2 AVG Firewall; C:\Program Files (x86)\AVG\Antivirus\afwServ.exe [333488 2017-12-11] (AVG Technologies CZ, s.r.o.)
R3 avgbIDSAgent; C:\Program Files (x86)\AVG\Antivirus\x64\aswidsagenta.exe [7600584 2017-12-11] (AVG Technologies CZ, s.r.o.)
R2 avgsvc; C:\Program Files (x86)\AVG\Framework\Common\avgsvca.exe [1428656 2017-10-31] (AVG Technologies CZ, s.r.o.)
S2 BcmBtRSupport; C:\Windows\system32\BtwRSupportService.exe [2297104 2015-09-25] (Broadcom Corporation.)
R2 btwdins; C:\Program Files\Lenovo\Bluetooth Software\btwdins.exe [980224 2015-09-24] (Broadcom Corporation.)
S4 dbupdate; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2017-01-24] (Dropbox, Inc.)
S4 dbupdatem; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2017-01-24] (Dropbox, Inc.)
S4 DbxSvc; C:\Windows\system32\DbxSvc.exe [51016 2017-12-05] (Dropbox, Inc.)
R2 ExpressVpnService; C:\Program Files (x86)\ExpressVPN\bootstrap\AMD64\nssm.exe [339168 2017-11-03] ()
S2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [18488 2016-02-03] (Intel Corporation)
R2 igfxCUIService2.0.0.0; C:\Windows\system32\igfxCUIService.exe [350312 2017-01-23] (Intel Corporation)
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [987432 2016-07-26] (Intel(R) Corporation)
S4 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [177440 2016-10-05] (Intel Corporation)
S2 KMService; C:\Windows\SysWOW64\srvany.exe [8192 2017-01-23] () [Fichier non signé]
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [6234056 2017-11-01] (Malwarebytes)
S4 mi-raysat_3dsmax2014_64; C:\Program Files\Autodesk\3ds Max 2014\NVIDIA\Satellite\raysat_3dsmax2014_64server.exe [86016 2011-09-15] () [Fichier non signé]
S3 NMIndexingService; C:\Program Files (x86)\Common Files\Nero\Lib\NMIndexingService.exe [447784 2007-12-13] (Nero AG)
S2 SpyHunter 4 Service; C:\Program Files\SpyHunter\SH4Service.exe [685752 2017-08-12] (Enigma Software Group USA, LLC.)
S3 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [Fichier non signé]
R2 TuneUp.UtilitiesSvc; C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesService64.exe [5618960 2017-11-15] (AVG Technologies CZ, s.r.o.)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [347880 2014-11-21] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2014-11-21] (Microsoft Corporation)
S4 Nero BackItUp Scheduler 3; C:\Program Files (x86)\Nero\Nero8\Nero BackItUp\NBService.exe [X]
===================== Pilotes (Avec liste blanche) ======================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
R1 avgArPot; C:\Windows\System32\drivers\avgArPot.sys [176000 2017-12-11] (AVG Technologies CZ, s.r.o.)
R1 avgbdisk; C:\Windows\System32\drivers\avgbdiska.sys [166624 2017-12-11] (AVG Technologies CZ, s.r.o.)
R1 avgbidsdriver; C:\Windows\System32\drivers\avgbidsdrivera.sys [314640 2017-12-11] (AVG Technologies CZ, s.r.o.)
R0 avgbidsh; C:\Windows\System32\drivers\avgbidsha.sys [192584 2017-12-11] (AVG Technologies CZ, s.r.o.)
R0 avgblog; C:\Windows\System32\drivers\avgbloga.sys [336896 2017-12-11] (AVG Technologies CZ, s.r.o.)
R0 avgbuniv; C:\Windows\System32\drivers\avgbuniva.sys [51336 2017-12-11] (AVG Technologies CZ, s.r.o.)
S3 avgHwid; C:\Windows\System32\drivers\avgHwid.sys [39424 2017-12-11] (AVG Technologies CZ, s.r.o.)
R2 avgMonFlt; C:\Windows\System32\drivers\avgMonFlt.sys [140704 2017-12-11] (AVG Technologies CZ, s.r.o.)
R1 avgNetSec; C:\Windows\System32\drivers\avgNetSec.sys [562568 2017-12-11] (AVG Technologies CZ, s.r.o.)
R1 avgRdr; C:\Windows\System32\drivers\avgRdr2.sys [102792 2017-12-11] (AVG Technologies CZ, s.r.o.)
R0 avgRvrt; C:\Windows\System32\drivers\avgRvrt.sys [76832 2017-12-11] (AVG Technologies CZ, s.r.o.)
R1 avgSnx; C:\Windows\System32\drivers\avgSnx.sys [1018648 2017-12-11] (AVG Technologies CZ, s.r.o.)
R1 avgSP; C:\Windows\System32\drivers\avgSP.sys [447800 2017-12-11] (AVG Technologies CZ, s.r.o.)
R2 avgStm; C:\Windows\System32\drivers\avgStm.sys [196392 2017-12-11] (AVG Technologies CZ, s.r.o.)
R0 avgVmm; C:\Windows\System32\drivers\avgVmm.sys [356880 2017-12-11] (AVG Technologies CZ, s.r.o.)
R3 bcbtums; C:\Windows\system32\drivers\bcbtums.sys [227144 2015-09-25] (Broadcom Corporation.)
R3 BCM43XX; C:\Windows\system32\DRIVERS\bcmwl63a.sys [7474352 2017-01-23] (Broadcom Corporation)
S3 dg_ssudbus; C:\Windows\system32\DRIVERS\ssudbus.sys [131984 2017-05-18] (Samsung Electronics Co., Ltd.)
S3 EsgScanner; C:\Windows\SysWOW64\DRIVERS\EsgScanner.sys [22704 2016-10-15] ()
R1 ESProtectionDriver; C:\Windows\system32\drivers\mbae64.sys [77432 2017-12-17] ()
R3 expressvpnsplittunnel; C:\Program Files (x86)\ExpressVpn SplitTunnel Driver\driver\expressvpnsplittunnel.sys [28160 2017-11-03] ()
R2 MBAMChameleon; C:\Windows\System32\Drivers\MbamChameleon.sys [193968 2017-12-17] (Malwarebytes)
R3 MBAMFarflt; C:\Windows\system32\DRIVERS\farflt.sys [110016 2017-12-17] (Malwarebytes)
R3 MBAMProtection; C:\Windows\system32\DRIVERS\mbam.sys [46008 2017-12-17] (Malwarebytes)
R3 MBAMSwissArmy; C:\Windows\System32\Drivers\mbamswissarmy.sys [253880 2017-12-17] (Malwarebytes)
R3 MBAMWebProtection; C:\Windows\system32\DRIVERS\mwac.sys [94144 2017-12-17] (Malwarebytes)
R3 RSP2STOR; C:\Windows\system32\DRIVERS\RtsP2Stor.sys [302808 2017-01-23] (Realtek Semiconductor Corp.)
S3 ssudmdm; C:\Windows\system32\DRIVERS\ssudmdm.sys [166288 2017-05-18] (Samsung Electronics Co., Ltd.)
S3 SWDUMon; C:\Windows\system32\DRIVERS\SWDUMon.sys [25608 2017-12-11] (SlimWare Utilities, Inc.)
R3 tapexpressvpn; C:\Windows\system32\DRIVERS\tapexpressvpn.sys [35696 2017-11-21] (The OpenVPN Project)
R3 Thotkey; C:\Windows\System32\drivers\Thotkey.sys [27136 2014-03-24] (Windows (R) Win 7 DDK provider)
R3 TuneUpUtilitiesDrv; C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesDriver64.sys [32304 2017-11-15] (AVG Netherlands B.V.)
S3 USBAAPL64; C:\Windows\System32\Drivers\usbaapl64.sys [54784 2017-10-11] (Apple, Inc.) [Fichier non signé]
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [35856 2014-11-21] (Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [257880 2014-11-21] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [123224 2014-11-21] (Microsoft Corporation)
R2 WIBUKEY; C:\Windows\System32\DRIVERS\WibuKey64.sys [105008 2017-01-24] (WIBU-SYSTEMS AG)
U0 aswVmm; pas de ImagePath
S3 dbx; system32\DRIVERS\dbx.sys [X]
S3 esgiguard; \??\C:\Program Files (x86)\Enigma Software Group\SpyHunter\esgiguard.sys [X]
==================== NetSvcs (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
==================== Un mois - Créés - fichiers et dossiers ========
(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)
2017-12-17 16:24 - 2017-12-17 16:28 - 000060387 _____ C:\Users\Yassine\Desktop\Addition.txt
2017-12-17 16:22 - 2017-12-17 16:28 - 000020663 _____ C:\Users\Yassine\Desktop\FRST.txt
2017-12-17 16:21 - 2017-12-17 16:28 - 000000000 ____D C:\FRST
2017-12-17 16:20 - 2017-12-17 16:20 - 002392064 _____ (Farbar) C:\Users\Yassine\Desktop\FRST64.exe
2017-12-17 16:00 - 2017-12-17 16:16 - 000193968 _____ (Malwarebytes) C:\Windows\system32\Drivers\MbamChameleon.sys
2017-12-17 16:00 - 2017-12-17 16:16 - 000110016 _____ (Malwarebytes) C:\Windows\system32\Drivers\farflt.sys
2017-12-17 16:00 - 2017-12-17 16:16 - 000094144 _____ (Malwarebytes) C:\Windows\system32\Drivers\mwac.sys
2017-12-17 16:00 - 2017-12-17 16:16 - 000046008 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbam.sys
2017-12-17 16:00 - 2017-12-17 16:00 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes
2017-12-17 15:57 - 2017-12-17 16:16 - 000253880 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamswissarmy.sys
2017-12-17 15:57 - 2017-12-17 16:16 - 000077432 _____ C:\Windows\system32\Drivers\mbae64.sys
2017-12-17 15:57 - 2017-12-17 16:00 - 000001883 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2017-12-17 15:57 - 2017-12-17 16:00 - 000000000 ____D C:\ProgramData\Malwarebytes
2017-12-17 15:37 - 2017-12-17 15:37 - 000002285 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2017-12-17 15:37 - 2017-12-17 15:37 - 000002273 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2017-12-17 15:15 - 2017-12-17 15:37 - 000000000 ____D C:\Users\Yassine\AppData\Local\Google
2017-12-17 15:15 - 2017-12-17 15:37 - 000000000 ____D C:\Program Files (x86)\Google
2017-12-17 15:15 - 2017-12-17 15:15 - 000003500 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2017-12-17 15:15 - 2017-12-17 15:15 - 000003372 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2017-12-17 15:14 - 2017-12-17 15:15 - 001129816 _____ (Google Inc.) C:\Users\Yassine\Downloads\ChromeSetup(1).exe
2017-12-17 15:13 - 2017-12-17 15:14 - 001129816 _____ (Google Inc.) C:\Users\Yassine\Downloads\ChromeSetup.exe
2017-12-17 15:10 - 2017-12-17 15:17 - 000000000 ____D C:\Users\Yassine\AppData\LocalLow\Mozilla
2017-12-17 15:10 - 2017-12-17 15:10 - 000000000 ____D C:\Users\Yassine\AppData\Roaming\Mozilla
2017-12-17 15:09 - 2017-12-17 15:09 - 000000948 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2017-12-17 15:09 - 2017-12-17 15:09 - 000000936 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk
2017-12-17 15:09 - 2017-12-17 15:09 - 000000000 ____D C:\Program Files\Mozilla Firefox
2017-12-17 15:09 - 2017-12-17 15:09 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2017-12-17 14:39 - 2017-12-17 15:08 - 039236952 _____ (Mozilla) C:\Users\Yassine\Downloads\Firefox Setup 57.0.2.exe
2017-12-17 14:36 - 2017-12-17 14:36 - 000000000 ____D C:\Windows\Panther
2017-12-17 02:11 - 2017-12-17 02:21 - 000000841 _____ C:\Users\Public\Desktop\SpyHunter4.lnk
2017-12-17 02:11 - 2017-12-17 02:11 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SpyHunter4
2017-12-17 02:10 - 2017-12-17 16:02 - 000000000 ____D C:\Program Files\SpyHunter
2017-12-17 01:07 - 2017-12-17 02:49 - 000000000 ____D C:\Program Files\Malwarebytes
2017-12-17 00:23 - 2017-12-17 00:23 - 000000000 ____D C:\ProgramData\MB3CoreBackup
2017-12-17 00:18 - 2017-12-17 00:18 - 000000000 ____D C:\Users\Yassine\AppData\Roaming\Obsidium
2017-12-16 23:19 - 2017-12-17 03:06 - 734497342 _____ C:\Users\Yassine\Downloads\[ Torrent9.tv ] Trespass.Against.Us.2016.FRENCH.BDRip.XviD-GZR.avi
2017-12-16 23:19 - 2017-12-17 03:06 - 726767834 _____ C:\Users\Yassine\Downloads\[ Torrent9.tv ] Le.Serpent.aux.Mille.Coupures.2017.FRENCH.BDRip.XviD.ACOOL.avi
2017-12-15 16:40 - 2017-12-15 16:40 - 000000916 _____ C:\Users\Yassine\Documents\hosts.txt
2017-12-15 16:04 - 2016-01-14 01:27 - 000003118 _____ C:\Windows\system32\Drivers\etc\license.conf
2017-12-15 16:00 - 2017-12-15 16:43 - 000000000 ____D C:\Program Files (x86)\Malwarebytes Anti-Malware
2017-12-15 15:52 - 2017-12-15 15:54 - 000000000 ____D C:\ProgramData\Malwarebytes Anti-Exploit
2017-12-15 13:27 - 2017-12-17 01:46 - 000000000 ____D C:\Users\Yassine\AppData\Local\Deployment
2017-12-15 13:27 - 2017-12-15 13:27 - 000000000 ____D C:\Users\Yassine\AppData\Local\Apps\2.0
2017-12-15 13:18 - 2017-12-17 14:27 - 000003940 _____ C:\Windows\System32\Tasks\User_Feed_Synchronization-{9929489A-75E1-4396-B00C-AB73A6043A4E}
2017-12-15 03:53 - 2017-12-15 14:02 - 000000000 ____D C:\Windows\ADAFC0B4FC1545D9BAB3BC7A8829D0C4.TMP
2017-12-15 02:22 - 2017-12-17 03:07 - 000000000 ____D C:\Users\Yassine\AppData\Roaming\BitTorrent
2017-12-15 02:22 - 2017-12-15 02:22 - 000000918 _____ C:\Users\Yassine\Desktop\BitTorrent.lnk
2017-12-15 02:22 - 2017-12-15 02:22 - 000000898 _____ C:\Users\Yassine\AppData\Roaming\Microsoft\Windows\Start Menu\BitTorrent.lnk
2017-12-15 00:52 - 2017-12-15 00:52 - 000000000 _____ C:\autoexec.bat
2017-12-14 11:44 - 2017-12-14 11:44 - 000035747 _____ C:\Windows\uninstaller.dat
2017-12-11 23:15 - 2017-12-11 23:15 - 000000000 ____D C:\Users\Yassine\AppData\Roaming\Canneverbe Limited
2017-12-11 23:15 - 2017-12-11 23:15 - 000000000 ____D C:\ProgramData\Canneverbe Limited
2017-12-11 22:46 - 2017-12-11 22:46 - 000000000 ____D C:\Users\Yassine\AppData\Local\Ahead
2017-12-11 22:45 - 2017-12-11 22:47 - 000007867 _____ C:\Windows\Irremote.ini
2017-12-11 22:44 - 2017-12-15 01:22 - 000001024 _____ C:\Users\Yassine\.rnd
2017-12-11 22:31 - 2017-12-15 01:03 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MagicISO
2017-12-11 18:22 - 2017-12-11 18:23 - 005175456 _____ C:\Windows\system32\FNTCACHE.DAT
2017-12-11 18:21 - 2017-12-17 00:07 - 000000000 _____ C:\Windows\SysWOW64\last.dump
2017-12-11 18:00 - 2017-12-11 18:00 - 000000000 ____D C:\Users\Yassine\Documents\Dossier Echanges Bluetooth
2017-12-11 18:00 - 2017-12-11 18:00 - 000000000 ____D C:\Users\Yassine\AppData\Local\Broadcom
2017-12-11 17:58 - 2015-09-25 11:56 - 002297104 _____ (Broadcom Corporation.) C:\Windows\system32\BtwRSupportService.exe
2017-12-11 17:58 - 2015-09-25 11:56 - 000248104 _____ (Broadcom Corporation.) C:\Windows\system32\Drivers\btwavdt.sys
2017-12-11 17:58 - 2015-09-25 11:56 - 000234800 _____ (Broadcom Corporation.) C:\Windows\system32\Drivers\btwampfl.sys
2017-12-11 17:58 - 2015-09-25 11:56 - 000227144 _____ (Broadcom Corporation.) C:\Windows\system32\Drivers\bcbtums.sys
2017-12-11 17:58 - 2015-09-25 11:56 - 000220448 _____ (Broadcom Corporation.) C:\Windows\system32\Drivers\btwaudio.sys
2017-12-11 17:58 - 2015-09-25 11:56 - 000112896 _____ (Broadcom Corporation.) C:\Windows\system32\btwdi.dll
2017-12-11 17:58 - 2015-08-06 02:18 - 000047392 _____ (Broadcom Corporation.) C:\Windows\system32\Drivers\btwrchid.sys
2017-12-11 17:58 - 2015-07-08 20:43 - 000048984 _____ (Broadcom Corporation.) C:\Windows\system32\Drivers\btwl2cap.sys
2017-12-11 17:57 - 2017-12-11 17:57 - 000000000 ____D C:\Program Files\Lenovo
2017-12-11 17:33 - 2017-12-11 17:33 - 000000540 _____ C:\Windows\Tasks\AVG Driver Updater Scan.job
2017-12-11 17:30 - 2017-12-11 17:43 - 000000486 _____ C:\Windows\Tasks\AVG Driver Updater Startup.job
2017-12-11 17:29 - 2017-12-11 17:29 - 000002513 _____ C:\Users\Public\Desktop\AVG Driver Updater.lnk
2017-12-11 17:29 - 2017-12-11 17:29 - 000000000 ____D C:\Users\Public\Documents\Downloaded Installers
2017-12-11 17:29 - 2017-12-11 17:29 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG Driver Updater
2017-12-11 16:36 - 2017-12-11 18:08 - 000003740 _____ C:\Windows\System32\Tasks\DivX Update
2017-12-11 16:25 - 2017-12-11 16:25 - 000000000 _____ C:\Windows\SysWOW64\__00000000__C0000005.dmp
2017-12-11 16:23 - 2017-12-11 16:23 - 000000000 ___HD C:\$AV_AVG
2017-12-11 16:22 - 2017-12-11 16:22 - 000140800 _____ C:\Users\Yassine\AppData\Local\installer.dat
2017-12-11 16:21 - 2017-12-11 16:25 - 000000000 ____D C:\Windows\SysWOW64\SSL
2017-12-11 16:15 - 2017-12-11 16:15 - 000002618 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG PC TuneUp.lnk
2017-12-11 16:15 - 2017-12-11 16:15 - 000002606 _____ C:\Users\Public\Desktop\AVG PC TuneUp.lnk
2017-12-11 16:15 - 2017-11-15 08:59 - 000053008 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\TURegOpt.exe
2017-12-11 16:01 - 2017-12-11 16:01 - 000001984 _____ C:\Users\Public\Desktop\AVG Internet Security.lnk
2017-12-11 16:00 - 2017-12-11 16:00 - 000366288 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\avgBoot.exe
2017-12-11 16:00 - 2017-12-11 16:00 - 000176000 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgArPot.sys
2017-12-11 15:52 - 2017-12-17 00:51 - 000004178 _____ C:\Windows\System32\Tasks\Antivirus Emergency Update
2017-12-11 15:51 - 2017-12-11 16:01 - 000447800 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgSP.sys
2017-12-11 15:51 - 2017-12-11 16:00 - 001018648 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgSnx.sys
2017-12-11 15:51 - 2017-12-11 16:00 - 000562568 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgNetSec.sys
2017-12-11 15:51 - 2017-12-11 16:00 - 000447800 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgSP.sys.151300806901502
2017-12-11 15:51 - 2017-12-11 16:00 - 000356880 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgVmm.sys
2017-12-11 15:51 - 2017-12-11 16:00 - 000336896 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgbloga.sys
2017-12-11 15:51 - 2017-12-11 16:00 - 000314640 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgbidsdrivera.sys
2017-12-11 15:51 - 2017-12-11 16:00 - 000196392 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgStm.sys
2017-12-11 15:51 - 2017-12-11 16:00 - 000192584 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgbidsha.sys
2017-12-11 15:51 - 2017-12-11 16:00 - 000166624 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgbdiska.sys
2017-12-11 15:51 - 2017-12-11 16:00 - 000140704 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgMonFlt.sys
2017-12-11 15:51 - 2017-12-11 16:00 - 000102792 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgRdr2.sys
2017-12-11 15:51 - 2017-12-11 16:00 - 000076832 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgRvrt.sys
2017-12-11 15:51 - 2017-12-11 16:00 - 000051336 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgbuniva.sys
2017-12-11 15:51 - 2017-12-11 16:00 - 000039424 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgHwid.sys
2017-12-11 15:49 - 2017-12-11 16:14 - 000001028 _____ C:\Users\Public\Desktop\AVG.lnk
2017-12-11 15:49 - 2017-12-11 16:14 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG
2017-12-11 15:48 - 2017-12-17 03:15 - 000003590 _____ C:\Windows\System32\Tasks\AVG EUpdate Task
2017-12-11 15:40 - 2017-12-11 15:40 - 000024963 _____ C:\Windows\SysWOW64\servers.def.lkg
2017-12-11 15:40 - 2017-12-11 15:40 - 000024963 _____ C:\Windows\SysWOW64\servers.def
2017-12-11 15:40 - 2017-12-11 15:40 - 000002847 _____ C:\Windows\SysWOW64\servers.def.vpx
2017-12-11 15:40 - 2017-12-11 15:40 - 000001627 _____ C:\Windows\SysWOW64\uat.vpx
2017-12-11 15:40 - 2017-12-11 15:40 - 000000446 _____ C:\Windows\SysWOW64\prod-pgm.vpx
2017-12-11 15:40 - 2017-12-11 15:40 - 000000039 _____ C:\Windows\SysWOW64\Stats.ini
2017-12-11 15:40 - 2017-12-11 15:40 - 000000000 ____D C:\Windows\SysWOW64\uat.vpx.dll
2017-12-11 14:36 - 2017-12-15 02:48 - 000001736 __RSH C:\ProgramData\ntuser.pol
2017-12-11 14:12 - 2017-12-11 14:12 - 000000000 ____D C:\ProgramData\SecuritySuite
2017-12-11 14:08 - 2017-12-11 14:08 - 000000000 ____D C:\Users\Yassine\Documents\TotalAV
2017-12-11 14:07 - 2017-12-11 14:07 - 000000000 ____D C:\Users\Yassine\AppData\Roaming\TotalAV
2017-12-11 13:58 - 2017-12-11 13:58 - 000002023 _____ C:\Users\Public\Desktop\ExpressVPN.lnk
2017-12-11 13:58 - 2017-12-11 13:58 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ExpressVPN
2017-12-11 13:58 - 2017-12-11 13:58 - 000000000 ____D C:\ProgramData\ExpressVPN
2017-12-11 13:58 - 2017-12-11 13:58 - 000000000 ____D C:\Program Files (x86)\ExpressVpn Tap Driver
2017-12-11 13:58 - 2017-12-11 13:58 - 000000000 ____D C:\Program Files (x86)\ExpressVpn SplitTunnel Driver
2017-12-11 13:58 - 2017-12-11 13:58 - 000000000 ____D C:\Program Files (x86)\ExpressVPN
2017-12-11 01:07 - 2017-12-11 01:09 - 000000000 _____ C:\Users\Yassine\ping
2017-12-10 02:52 - 2017-12-10 02:53 - 000000000 ____D C:\Users\Yassine\AppData\Local\Mozilla
2017-12-10 02:36 - 2017-12-13 13:24 - 000000000 ____D C:\Users\Yassine\Desktop\tor
2017-12-07 03:16 - 2017-12-07 03:16 - 000000000 ____D C:\Users\Yassine\AppData\Local\ExpressVPN
2017-12-07 02:25 - 2017-12-07 02:25 - 000000000 ____D C:\Users\Yassine\AppData\Local\IsolatedStorage
2017-12-07 02:20 - 2017-12-11 14:56 - 000000000 ____D C:\Users\Yassine\Desktop\telechargement
2017-12-07 00:58 - 2017-12-07 00:58 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox
2017-12-05 02:38 - 2017-12-08 18:11 - 000000000 ____D C:\Users\Yassine\AppData\Local\pangu
2017-12-05 02:33 - 2017-12-15 00:10 - 000000000 ___RD C:\Users\Yassine\iCloudDrive
2017-12-05 02:33 - 2017-12-05 15:49 - 000000000 ____D C:\Users\Yassine\AppData\Local\861CC0FB-5EAF-4FF8-BC42-D44154829508.aplzod
2017-12-05 02:33 - 2017-12-05 02:33 - 000000000 ____D C:\Users\Yassine\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\iCloud
2017-12-05 02:04 - 2017-12-15 00:34 - 000000000 ____D C:\ProgramData\Apple Computer
2017-12-05 01:32 - 2017-12-15 00:59 - 000000000 ____D C:\Users\Yassine\AppData\Roaming\Apple Computer
2017-12-05 01:20 - 2017-12-05 01:21 - 000000000 ____D C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2017-12-05 01:06 - 2017-12-05 01:06 - 000051016 _____ (Dropbox, Inc.) C:\Windows\system32\DbxSvc.exe
2017-12-05 01:06 - 2017-12-05 01:06 - 000045672 _____ (Dropbox, Inc.) C:\Windows\system32\Drivers\dbx-dev.sys
2017-12-05 01:06 - 2017-12-05 01:06 - 000045640 _____ (Dropbox, Inc.) C:\Windows\system32\Drivers\dbx-stable.sys
2017-12-05 01:06 - 2017-12-05 01:06 - 000045640 _____ (Dropbox, Inc.) C:\Windows\system32\Drivers\dbx-canary.sys
2017-12-05 00:40 - 2017-12-15 03:49 - 000000000 ____D C:\Users\Yassine\AppData\Roaming\DivX
2017-12-05 00:40 - 2017-12-15 00:58 - 000000000 ____D C:\Program Files\DivX
2017-12-05 00:40 - 2017-12-15 00:58 - 000000000 ____D C:\Program Files (x86)\DivX
2017-12-05 00:39 - 2017-12-15 00:58 - 000000000 ____D C:\ProgramData\DivX
2017-12-03 14:53 - 2012-08-21 13:01 - 000033240 _____ (GEAR Software Inc.) C:\Windows\system32\Drivers\GEARAspiWDM.sys
2017-12-03 13:55 - 2017-12-15 01:05 - 000000000 ____D C:\Windows\system32\appmgmt
2017-12-03 13:11 - 2017-12-03 13:11 - 000000000 ____D C:\Program Files\Bonjour
2017-12-03 13:11 - 2017-12-03 13:11 - 000000000 ____D C:\Program Files (x86)\Bonjour
2017-12-03 13:10 - 2017-12-15 00:59 - 000000000 ____D C:\Program Files\Common Files\Apple
2017-12-03 13:10 - 2017-12-15 00:51 - 000000000 ____D C:\ProgramData\Apple
2017-12-02 00:09 - 2017-12-17 03:21 - 000000000 ____D C:\Users\Yassine\Desktop\Nouveau dossier
2017-11-21 15:48 - 2017-11-21 15:48 - 000035696 _____ (The OpenVPN Project) C:\Windows\system32\Drivers\tapexpressvpn.sys
==================== Un mois - Modifiés - fichiers et dossiers ========
(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)
2017-12-17 16:04 - 2017-01-23 17:55 - 000003596 _____ C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-2446385367-2199033129-166284951-1001
2017-12-17 15:53 - 2017-01-23 16:28 - 000000000 ___RD C:\Users\Yassine\OneDrive
2017-12-17 15:50 - 2017-01-23 21:21 - 000000180 _____ C:\Windows\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2017-12-17 15:50 - 2017-01-23 19:16 - 000000000 __SHD C:\Users\Yassine\IntelGraphicsProfiles
2017-12-17 14:24 - 2017-01-23 21:32 - 000000000 ____D C:\Users\Yassine\AppData\Local\Akamai
2017-12-17 14:22 - 2013-08-22 13:36 - 000000000 ____D C:\Windows\Inf
2017-12-17 04:51 - 2017-09-10 22:32 - 000000000 ____D C:\Users\Yassine\AppData\Roaming\vlc
2017-12-17 04:00 - 2013-08-22 15:36 - 000000000 ___HD C:\Program Files\WindowsApps
2017-12-17 04:00 - 2013-08-22 15:36 - 000000000 ____D C:\Windows\AppReadiness
2017-12-17 03:13 - 2013-08-22 14:45 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2017-12-17 02:43 - 2017-01-23 16:19 - 000000000 ____D C:\Users\Yassine
2017-12-17 00:07 - 2017-01-24 00:25 - 000004478 _____ C:\Windows\System32\Tasks\Adobe Acrobat Update Task
2017-12-17 00:07 - 2013-08-22 13:25 - 000262144 ___SH C:\Windows\system32\config\BBI
2017-12-15 13:53 - 2017-01-23 18:46 - 000000000 ____D C:\Users\Yassine\AppData\Local\AvgSetupLog
2017-12-15 13:27 - 2013-08-22 15:36 - 000000000 ____D C:\Windows\tracing
2017-12-15 03:53 - 2017-01-23 19:51 - 000003160 _____ C:\Windows\System32\Tasks\StartCN
2017-12-15 03:49 - 2017-09-02 23:59 - 000000000 ____D C:\Program Files (x86)\BlueStacks
2017-12-13 13:10 - 2017-01-24 22:39 - 000324608 ___SH C:\Users\Yassine\Desktop\Thumbs.db
2017-12-11 22:43 - 2013-08-22 15:36 - 000000000 ____D C:\Windows\Cursors
2017-12-11 18:23 - 2017-01-24 21:49 - 000001204 _____ C:\Windows\Tasks\DropboxUpdateTaskMachineUA.job
2017-12-11 18:23 - 2017-01-24 21:49 - 000001200 _____ C:\Windows\Tasks\DropboxUpdateTaskMachineCore.job
2017-12-11 18:08 - 2017-01-24 21:49 - 000004178 _____ C:\Windows\System32\Tasks\DropboxUpdateTaskMachineUA
2017-12-11 18:08 - 2017-01-24 21:49 - 000003942 _____ C:\Windows\System32\Tasks\DropboxUpdateTaskMachineCore
2017-12-11 18:01 - 2013-08-22 15:20 - 000000000 ____D C:\Windows\CbsTemp
2017-12-11 17:43 - 2017-01-23 18:46 - 000025608 _____ (SlimWare Utilities, Inc.) C:\Windows\system32\Drivers\SWDUMon.sys
2017-12-11 17:42 - 2017-01-23 18:44 - 000000000 ____D C:\Program Files (x86)\AVG Driver Updater
2017-12-11 16:50 - 2013-08-22 15:36 - 000000000 ____D C:\Windows\system32\NDF
2017-12-11 16:42 - 2017-01-23 18:46 - 000000000 ____D C:\ProgramData\Avg
2017-12-11 16:36 - 2017-01-23 23:31 - 000000000 ____D C:\Windows\Minidump
2017-12-11 16:36 - 2017-01-23 21:35 - 000000000 ____D C:\Users\Yassine\AppData\Local\Microsoft Help
2017-12-11 16:36 - 2017-01-23 19:51 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Problem Report Wizard
2017-12-11 16:36 - 2013-08-22 13:36 - 000000000 ____D C:\Windows\system32\Sysprep
2017-12-11 16:32 - 2014-11-20 22:46 - 001827432 _____ C:\Windows\system32\PerfStringBackup.INI
2017-12-11 16:32 - 2014-11-20 22:03 - 000813388 _____ C:\Windows\system32\perfh00C.dat
2017-12-11 16:32 - 2014-11-20 22:03 - 000159948 _____ C:\Windows\system32\perfc00C.dat
2017-12-11 16:15 - 2017-01-23 18:47 - 000000000 ____D C:\Program Files (x86)\AVG
2017-12-11 16:15 - 2017-01-23 18:46 - 000000000 ____D C:\Users\Yassine\AppData\Local\Avg
2017-12-11 15:53 - 2017-01-23 18:50 - 000000000 ____D C:\Users\Yassine\AppData\Roaming\AVG
2017-12-11 15:28 - 2017-01-23 18:47 - 000000000 ____D C:\ProgramData\MFAData
2017-12-11 15:28 - 2017-01-23 18:35 - 000000000 ____D C:\Program Files\Common Files\AV
2017-12-11 15:26 - 2013-08-22 15:36 - 000000000 ___HD C:\Windows\ELAMBKUP
2017-12-11 14:36 - 2013-08-22 15:36 - 000000000 ___HD C:\Windows\system32\GroupPolicy
2017-12-11 14:36 - 2013-08-22 15:36 - 000000000 ____D C:\Windows\SysWOW64\GroupPolicy
2017-12-11 13:58 - 2017-01-23 18:51 - 000000000 ____D C:\ProgramData\Package Cache
2017-12-09 03:51 - 2013-08-22 13:25 - 000262144 ___SH C:\Windows\system32\config\ELAM
2017-12-07 00:58 - 2017-01-24 21:49 - 000000000 ____D C:\Program Files (x86)\Dropbox
2017-12-04 04:22 - 2017-09-10 23:33 - 000030208 ___SH C:\Users\Yassine\Downloads\Thumbs.db
2017-12-02 00:48 - 2017-04-13 22:25 - 000002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
==================== Fichiers à la racine de certains dossiers =======
2017-09-26 01:16 - 2017-09-26 01:16 - 000000132 _____ () C:\Users\Yassine\AppData\Roaming\Préfs Format AIFF Adobe CS6
2017-12-11 16:22 - 2017-12-11 16:22 - 000140800 _____ () C:\Users\Yassine\AppData\Local\installer.dat
Certains fichiers dans TEMP:
====================
2017-12-15 00:57 - 2017-08-30 10:29 - 000961592 _____ (BlueStack Systems, Inc.) C:\Users\Yassine\AppData\Local\Temp\BlueStacksClientUninstaller.exe
2017-12-15 00:57 - 2017-08-30 10:29 - 000421400 _____ (CodeTitans) C:\Users\Yassine\AppData\Local\Temp\JSON.dll
2017-12-17 00:19 - 2017-11-02 20:21 - 078346672 _____ (Malwarebytes ) C:\Users\Yassine\AppData\Local\Temp\MalwareBytes_Anti-Malware_mb3-setup-consumer-3.3.1.2183.exe
2017-10-26 08:07 - 2017-10-26 08:07 - 000488960 _____ () C:\Users\Yassine\AppData\Local\Temp\sqlite3.exe
Certains de taille zéro octet fichiers/dossiers:
==========================
C:\Windows\SysWOW64\uat.vpx.dll
==================== Bamital & volsnap ======================
(Il n'y a pas de correction automatique pour les fichiers qui ne satisfont pas à la vérification.)
C:\Windows\system32\winlogon.exe => Le fichier est signé numériquement
C:\Windows\system32\wininit.exe => Le fichier est signé numériquement
C:\Windows\explorer.exe => Le fichier est signé numériquement
C:\Windows\SysWOW64\explorer.exe => Le fichier est signé numériquement
C:\Windows\system32\svchost.exe => Le fichier est signé numériquement
C:\Windows\SysWOW64\svchost.exe => Le fichier est signé numériquement
C:\Windows\system32\services.exe => Le fichier est signé numériquement
C:\Windows\system32\User32.dll => Le fichier est signé numériquement
C:\Windows\SysWOW64\User32.dll => Le fichier est signé numériquement
C:\Windows\system32\userinit.exe => Le fichier est signé numériquement
C:\Windows\SysWOW64\userinit.exe => Le fichier est signé numériquement
C:\Windows\system32\rpcss.dll => Le fichier est signé numériquement
C:\Windows\system32\dnsapi.dll => Le fichier est signé numériquement
C:\Windows\SysWOW64\dnsapi.dll => Le fichier est signé numériquement
C:\Windows\system32\Drivers\volsnap.sys => Le fichier est signé numériquement
LastRegBack: 2017-12-15 15:25
==================== Fin de FRST.txt ============================
Exécuté par Yassine (administrateur) sur YASSINE (17-12-2017 16:28:41)
Exécuté depuis C:\Users\Yassine\Desktop
Profils chargés: Yassine (Profils disponibles: Yassine)
Platform: Windows 8.1 Pro (Update) (X64) Langue: Français (France)
Internet Explorer Version 11 (Navigateur par défaut: Chrome)
Mode d'amorçage: Normal
Tutoriel pour Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processus (Avec liste blanche) =================
(Si un élément est inclus dans le fichier fixlist.txt, le processus sera arrêté. Le fichier ne sera pas déplacé.)
(AMD) C:\Windows\System32\atiesrxx.exe
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Antivirus\AVGSvc.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Antivirus\afwServ.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Framework\Common\avgsvca.exe
(Broadcom Corporation.) C:\Program Files\Lenovo\Bluetooth Software\btwdins.exe
() C:\Program Files (x86)\ExpressVPN\bootstrap\AMD64\nssm.exe
() C:\Program Files (x86)\ExpressVPN\xvpnd\xvpnd.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesService64.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.7\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.7\GoogleCrashHandler64.exe
(AMD) C:\Windows\System32\atieclxx.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesApp64.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
() C:\Windows\System32\igfxTray.exe
(Microsoft Corporation) C:\Windows\System32\SkyDrive.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Framework\Common\avguix.exe
(Broadcom Corporation.) C:\Program Files\Lenovo\Bluetooth Software\BTTray.exe
(Akamai Technologies, Inc.) C:\Users\Yassine\AppData\Local\Akamai\netsession_win.exe
(ExpressVPN) C:\Program Files (x86)\ExpressVPN\xvpn-ui\ExpressVpn.exe
(Akamai Technologies, Inc.) C:\Users\Yassine\AppData\Local\Akamai\netsession_win.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Antivirus\AVGUI.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Microsoft Corporation) C:\Windows\SysWOW64\rundll32.exe
(Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\RadeonSettings.exe
(Enigma Software Group USA, LLC.) C:\Program Files\SpyHunter\SpyHunter4.exe
(Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Antivirus\x64\aswidsagenta.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Antivirus\AVGUI.exe
(The OpenVPN Project) C:\Program Files (x86)\ExpressVPN\xvpnd\windows\openvpn.exe
(Microsoft Corporation) C:\Windows\WinSxS\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_6.3.9600.17246_none_fa4ae8e99b1f603c\TiWorker.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
==================== Registre (Avec liste blanche) ===========================
(Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé. Le fichier ne sera pas déplacé.)
HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [322104 2016-02-03] (Intel Corporation)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [16781824 2017-01-11] (Realtek Semiconductor)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [446392 2012-04-04] (Adobe Systems Incorporated)
HKLM\...\Run: [AvgUi] => C:\Program Files (x86)\AVG\Framework\Common\avguirna.exe [239592 2017-10-31] (AVG Technologies CZ, s.r.o.)
HKLM\...\Run: [AVGUI.exe] => C:\Program Files (x86)\AVG\Antivirus\AvLaunch.exe [302744 2017-12-11] (AVG Technologies CZ, s.r.o.)
HKLM\...\Run: [Bluetooth] => C:\Program Files\Lenovo\Bluetooth Software\bttray.exe [535808 2015-09-24] (Broadcom Corporation.)
HKLM-x32\...\Run: [AvgUi] => C:\Program Files (x86)\AVG\Framework\Common\avguirna.exe [239592 2017-10-31] (AVG Technologies CZ, s.r.o.)
HKLM-x32\...\Run: [Dropbox] => C:\Program Files (x86)\Dropbox\Client\Dropbox.exe [3567928 2017-12-05] (Dropbox, Inc.)
HKLM-x32\...\Run: [SwitchBoard] => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [AdobeCS6ServiceManager] => C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe [1073312 2012-03-09] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [DivXMediaServer] => C:\Program Files (x86)\DivX\DivX Media Server\DivXMediaServer.exe
HKLM-x32\...\Run: [NBKeyScan] => "C:\Program Files (x86)\Nero\Nero8\Nero BackItUp\NBKeyScan.exe"
HKU\S-1-5-21-2446385367-2199033129-166284951-1001\...\Run: [Akamai NetSession Interface] => C:\Users\Yassine\AppData\Local\Akamai\netsession_win.exe [4490200 2017-01-03] (Akamai Technologies, Inc.)
HKU\S-1-5-21-2446385367-2199033129-166284951-1001\...\Run: [Autodesk Sync] => C:\Program Files\Autodesk\Autodesk Sync\AdSync.exe [1081224 2013-02-05] (Autodesk, Inc.)
HKU\S-1-5-21-2446385367-2199033129-166284951-1001\...\Run: [ApplePhotoStreams] => C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe
HKU\S-1-5-21-2446385367-2199033129-166284951-1001\...\Run: [iCloudDrive] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudDrive.exe
HKU\S-1-5-21-2446385367-2199033129-166284951-1001\...\Run: [iCloudPhotos] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudPhotos.exe
HKU\S-1-5-21-2446385367-2199033129-166284951-1001\...\Run: [ExpressVPN4] => C:\Program Files (x86)\ExpressVPN\xvpn-ui\ExpressVpn.exe [809088 2017-11-03] (ExpressVPN)
HKU\S-1-5-21-2446385367-2199033129-166284951-1001\...\Run: [IndxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] => C:\Program Files (x86)\Common Files\Nero\Lib\NMIndexStoreSvr.exe [1688872 2007-12-13] (Nero AG)
HKU\S-1-5-21-2446385367-2199033129-166284951-1001\...\Policies\Explorer: []
HKU\S-1-5-18\...\Run: [Autodesk Sync] => C:\Program Files\Autodesk\Autodesk Sync\AdSync.exe [1081224 2013-02-05] (Autodesk, Inc.)
IFEO: [Debugger] "C:\Program Files (x86)\AVG\AVG PC TuneUp\TUAutoReactivator64.exe"
IFEO\3dsmax.exe: [Debugger] "C:\Program Files (x86)\AVG\AVG PC TuneUp\TUAutoReactivator64.exe"
IFEO\AcroRd32.exe: [Debugger] "C:\Program Files (x86)\AVG\AVG PC TuneUp\TUAutoReactivator64.exe"
IFEO\adsync.exe: [Debugger] "C:\Program Files (x86)\AVG\AVG PC TuneUp\TUAutoReactivator64.exe"
IFEO\codectweaktool.exe: [Debugger] "C:\Program Files (x86)\AVG\AVG PC TuneUp\TUAutoReactivator64.exe"
IFEO\connect.service.contentservice.admin.exe: [Debugger] "C:\Program Files (x86)\AVG\AVG PC TuneUp\TUAutoReactivator64.exe"
IFEO\dropbox.exe: [Debugger] "C:\Program Files (x86)\AVG\AVG PC TuneUp\TUAutoReactivator64.exe"
IFEO\ltu.exe: [Debugger] "C:\Program Files (x86)\AVG\AVG PC TuneUp\TUAutoReactivator64.exe"
IFEO\maxfind.exe: [Debugger] "C:\Program Files (x86)\AVG\AVG PC TuneUp\TUAutoReactivator64.exe"
IFEO\switchboard.exe: [Debugger] "C:\Program Files (x86)\AVG\AVG PC TuneUp\TUAutoReactivator64.exe"
IFEO\UninstallTool.exe: [Debugger] "C:\Program Files (x86)\AVG\AVG PC TuneUp\TUAutoReactivator64.exe"
IFEO\wksvmgr.exe: [Debugger] "C:\Program Files (x86)\AVG\AVG PC TuneUp\TUAutoReactivator64.exe"
IFEO\wksvmon.exe: [Debugger] "C:\Program Files (x86)\AVG\AVG PC TuneUp\TUAutoReactivator64.exe"
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Serveur réseau.lnk [2017-01-24]
ShortcutTarget: Serveur réseau.lnk -> C:\Program Files (x86)\WIBUKEY\Server\WkSvMgr.exe (WIBU-SYSTEMS AG)
GroupPolicy: Restriction - Chrome <==== ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION
==================== Internet (Avec liste blanche) ====================
(Si un élément est inclus dans le fichier fixlist.txt, s'il s'agit d'un élément du Registre, il sera supprimé ou restauré à la valeur par défaut.)
Hosts: 0.0.0.0 telemetry.malwarebytes.com
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{9BE604DA-0663-442F-935D-D210152AC024}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{AA1A6F2F-E269-40F7-93BF-AB156D876186}: [DhcpNameServer] 10.54.0.1
Internet Explorer:
==================
HKU\S-1-5-21-2446385367-2199033129-166284951-1001\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://www.msn.com/fr-fr/?ocid=iehp
HKU\S-1-5-21-2446385367-2199033129-166284951-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://google.fr/
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [2010-03-25] (Microsoft Corporation)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2010-02-28] (Microsoft Corporation)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL [2010-03-25] (Microsoft Corporation)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2010-02-28] (Microsoft Corporation)
FireFox:
========
FF DefaultProfile: vb3g8244.default
FF ProfilePath: C:\Users\Yassine\AppData\Roaming\Mozilla\Firefox\Profiles\vb3g8244.default [2017-12-17]
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=2.2.4 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.7\npGoogleUpdate3.dll [2017-12-17] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.7\npGoogleUpdate3.dll [2017-12-17] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2017-11-04] (Adobe Systems Inc.)
Chrome:
=======
CHR Profile: C:\Users\Yassine\AppData\Local\Google\Chrome\User Data\Default [2017-12-17]
CHR Extension: (Google Drive) - C:\Users\Yassine\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2017-12-17]
CHR Extension: (YouTube) - C:\Users\Yassine\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2017-12-17]
CHR Extension: (Paiements via le Chrome Web Store) - C:\Users\Yassine\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-12-17]
CHR Extension: (Gmail) - C:\Users\Yassine\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2017-12-17]
CHR Extension: (Chrome Media Router) - C:\Users\Yassine\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-12-17]
CHR HKLM\...\Chrome\Extension: [looohgelibjoplmkhecmalapkgadkfcc] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [ccjleegmemocfpghkhpjmiccjcacackp] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [looohgelibjoplmkhecmalapkgadkfcc] - hxxps://clients2.google.com/service/update2/crx
==================== Services (Avec liste blanche) ====================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
S4 Autodesk Content Service; C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe [12288 2012-12-13] (Autodesk, Inc.) [Fichier non signé]
R2 AVG Antivirus; C:\Program Files (x86)\AVG\Antivirus\AVGSvc.exe [282536 2017-12-11] (AVG Technologies CZ, s.r.o.)
R2 AVG Firewall; C:\Program Files (x86)\AVG\Antivirus\afwServ.exe [333488 2017-12-11] (AVG Technologies CZ, s.r.o.)
R3 avgbIDSAgent; C:\Program Files (x86)\AVG\Antivirus\x64\aswidsagenta.exe [7600584 2017-12-11] (AVG Technologies CZ, s.r.o.)
R2 avgsvc; C:\Program Files (x86)\AVG\Framework\Common\avgsvca.exe [1428656 2017-10-31] (AVG Technologies CZ, s.r.o.)
S2 BcmBtRSupport; C:\Windows\system32\BtwRSupportService.exe [2297104 2015-09-25] (Broadcom Corporation.)
R2 btwdins; C:\Program Files\Lenovo\Bluetooth Software\btwdins.exe [980224 2015-09-24] (Broadcom Corporation.)
S4 dbupdate; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2017-01-24] (Dropbox, Inc.)
S4 dbupdatem; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2017-01-24] (Dropbox, Inc.)
S4 DbxSvc; C:\Windows\system32\DbxSvc.exe [51016 2017-12-05] (Dropbox, Inc.)
R2 ExpressVpnService; C:\Program Files (x86)\ExpressVPN\bootstrap\AMD64\nssm.exe [339168 2017-11-03] ()
S2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [18488 2016-02-03] (Intel Corporation)
R2 igfxCUIService2.0.0.0; C:\Windows\system32\igfxCUIService.exe [350312 2017-01-23] (Intel Corporation)
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [987432 2016-07-26] (Intel(R) Corporation)
S4 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [177440 2016-10-05] (Intel Corporation)
S2 KMService; C:\Windows\SysWOW64\srvany.exe [8192 2017-01-23] () [Fichier non signé]
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [6234056 2017-11-01] (Malwarebytes)
S4 mi-raysat_3dsmax2014_64; C:\Program Files\Autodesk\3ds Max 2014\NVIDIA\Satellite\raysat_3dsmax2014_64server.exe [86016 2011-09-15] () [Fichier non signé]
S3 NMIndexingService; C:\Program Files (x86)\Common Files\Nero\Lib\NMIndexingService.exe [447784 2007-12-13] (Nero AG)
S2 SpyHunter 4 Service; C:\Program Files\SpyHunter\SH4Service.exe [685752 2017-08-12] (Enigma Software Group USA, LLC.)
S3 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [Fichier non signé]
R2 TuneUp.UtilitiesSvc; C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesService64.exe [5618960 2017-11-15] (AVG Technologies CZ, s.r.o.)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [347880 2014-11-21] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2014-11-21] (Microsoft Corporation)
S4 Nero BackItUp Scheduler 3; C:\Program Files (x86)\Nero\Nero8\Nero BackItUp\NBService.exe [X]
===================== Pilotes (Avec liste blanche) ======================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
R1 avgArPot; C:\Windows\System32\drivers\avgArPot.sys [176000 2017-12-11] (AVG Technologies CZ, s.r.o.)
R1 avgbdisk; C:\Windows\System32\drivers\avgbdiska.sys [166624 2017-12-11] (AVG Technologies CZ, s.r.o.)
R1 avgbidsdriver; C:\Windows\System32\drivers\avgbidsdrivera.sys [314640 2017-12-11] (AVG Technologies CZ, s.r.o.)
R0 avgbidsh; C:\Windows\System32\drivers\avgbidsha.sys [192584 2017-12-11] (AVG Technologies CZ, s.r.o.)
R0 avgblog; C:\Windows\System32\drivers\avgbloga.sys [336896 2017-12-11] (AVG Technologies CZ, s.r.o.)
R0 avgbuniv; C:\Windows\System32\drivers\avgbuniva.sys [51336 2017-12-11] (AVG Technologies CZ, s.r.o.)
S3 avgHwid; C:\Windows\System32\drivers\avgHwid.sys [39424 2017-12-11] (AVG Technologies CZ, s.r.o.)
R2 avgMonFlt; C:\Windows\System32\drivers\avgMonFlt.sys [140704 2017-12-11] (AVG Technologies CZ, s.r.o.)
R1 avgNetSec; C:\Windows\System32\drivers\avgNetSec.sys [562568 2017-12-11] (AVG Technologies CZ, s.r.o.)
R1 avgRdr; C:\Windows\System32\drivers\avgRdr2.sys [102792 2017-12-11] (AVG Technologies CZ, s.r.o.)
R0 avgRvrt; C:\Windows\System32\drivers\avgRvrt.sys [76832 2017-12-11] (AVG Technologies CZ, s.r.o.)
R1 avgSnx; C:\Windows\System32\drivers\avgSnx.sys [1018648 2017-12-11] (AVG Technologies CZ, s.r.o.)
R1 avgSP; C:\Windows\System32\drivers\avgSP.sys [447800 2017-12-11] (AVG Technologies CZ, s.r.o.)
R2 avgStm; C:\Windows\System32\drivers\avgStm.sys [196392 2017-12-11] (AVG Technologies CZ, s.r.o.)
R0 avgVmm; C:\Windows\System32\drivers\avgVmm.sys [356880 2017-12-11] (AVG Technologies CZ, s.r.o.)
R3 bcbtums; C:\Windows\system32\drivers\bcbtums.sys [227144 2015-09-25] (Broadcom Corporation.)
R3 BCM43XX; C:\Windows\system32\DRIVERS\bcmwl63a.sys [7474352 2017-01-23] (Broadcom Corporation)
S3 dg_ssudbus; C:\Windows\system32\DRIVERS\ssudbus.sys [131984 2017-05-18] (Samsung Electronics Co., Ltd.)
S3 EsgScanner; C:\Windows\SysWOW64\DRIVERS\EsgScanner.sys [22704 2016-10-15] ()
R1 ESProtectionDriver; C:\Windows\system32\drivers\mbae64.sys [77432 2017-12-17] ()
R3 expressvpnsplittunnel; C:\Program Files (x86)\ExpressVpn SplitTunnel Driver\driver\expressvpnsplittunnel.sys [28160 2017-11-03] ()
R2 MBAMChameleon; C:\Windows\System32\Drivers\MbamChameleon.sys [193968 2017-12-17] (Malwarebytes)
R3 MBAMFarflt; C:\Windows\system32\DRIVERS\farflt.sys [110016 2017-12-17] (Malwarebytes)
R3 MBAMProtection; C:\Windows\system32\DRIVERS\mbam.sys [46008 2017-12-17] (Malwarebytes)
R3 MBAMSwissArmy; C:\Windows\System32\Drivers\mbamswissarmy.sys [253880 2017-12-17] (Malwarebytes)
R3 MBAMWebProtection; C:\Windows\system32\DRIVERS\mwac.sys [94144 2017-12-17] (Malwarebytes)
R3 RSP2STOR; C:\Windows\system32\DRIVERS\RtsP2Stor.sys [302808 2017-01-23] (Realtek Semiconductor Corp.)
S3 ssudmdm; C:\Windows\system32\DRIVERS\ssudmdm.sys [166288 2017-05-18] (Samsung Electronics Co., Ltd.)
S3 SWDUMon; C:\Windows\system32\DRIVERS\SWDUMon.sys [25608 2017-12-11] (SlimWare Utilities, Inc.)
R3 tapexpressvpn; C:\Windows\system32\DRIVERS\tapexpressvpn.sys [35696 2017-11-21] (The OpenVPN Project)
R3 Thotkey; C:\Windows\System32\drivers\Thotkey.sys [27136 2014-03-24] (Windows (R) Win 7 DDK provider)
R3 TuneUpUtilitiesDrv; C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesDriver64.sys [32304 2017-11-15] (AVG Netherlands B.V.)
S3 USBAAPL64; C:\Windows\System32\Drivers\usbaapl64.sys [54784 2017-10-11] (Apple, Inc.) [Fichier non signé]
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [35856 2014-11-21] (Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [257880 2014-11-21] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [123224 2014-11-21] (Microsoft Corporation)
R2 WIBUKEY; C:\Windows\System32\DRIVERS\WibuKey64.sys [105008 2017-01-24] (WIBU-SYSTEMS AG)
U0 aswVmm; pas de ImagePath
S3 dbx; system32\DRIVERS\dbx.sys [X]
S3 esgiguard; \??\C:\Program Files (x86)\Enigma Software Group\SpyHunter\esgiguard.sys [X]
==================== NetSvcs (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
==================== Un mois - Créés - fichiers et dossiers ========
(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)
2017-12-17 16:24 - 2017-12-17 16:28 - 000060387 _____ C:\Users\Yassine\Desktop\Addition.txt
2017-12-17 16:22 - 2017-12-17 16:28 - 000020663 _____ C:\Users\Yassine\Desktop\FRST.txt
2017-12-17 16:21 - 2017-12-17 16:28 - 000000000 ____D C:\FRST
2017-12-17 16:20 - 2017-12-17 16:20 - 002392064 _____ (Farbar) C:\Users\Yassine\Desktop\FRST64.exe
2017-12-17 16:00 - 2017-12-17 16:16 - 000193968 _____ (Malwarebytes) C:\Windows\system32\Drivers\MbamChameleon.sys
2017-12-17 16:00 - 2017-12-17 16:16 - 000110016 _____ (Malwarebytes) C:\Windows\system32\Drivers\farflt.sys
2017-12-17 16:00 - 2017-12-17 16:16 - 000094144 _____ (Malwarebytes) C:\Windows\system32\Drivers\mwac.sys
2017-12-17 16:00 - 2017-12-17 16:16 - 000046008 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbam.sys
2017-12-17 16:00 - 2017-12-17 16:00 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes
2017-12-17 15:57 - 2017-12-17 16:16 - 000253880 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamswissarmy.sys
2017-12-17 15:57 - 2017-12-17 16:16 - 000077432 _____ C:\Windows\system32\Drivers\mbae64.sys
2017-12-17 15:57 - 2017-12-17 16:00 - 000001883 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2017-12-17 15:57 - 2017-12-17 16:00 - 000000000 ____D C:\ProgramData\Malwarebytes
2017-12-17 15:37 - 2017-12-17 15:37 - 000002285 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2017-12-17 15:37 - 2017-12-17 15:37 - 000002273 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2017-12-17 15:15 - 2017-12-17 15:37 - 000000000 ____D C:\Users\Yassine\AppData\Local\Google
2017-12-17 15:15 - 2017-12-17 15:37 - 000000000 ____D C:\Program Files (x86)\Google
2017-12-17 15:15 - 2017-12-17 15:15 - 000003500 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2017-12-17 15:15 - 2017-12-17 15:15 - 000003372 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2017-12-17 15:14 - 2017-12-17 15:15 - 001129816 _____ (Google Inc.) C:\Users\Yassine\Downloads\ChromeSetup(1).exe
2017-12-17 15:13 - 2017-12-17 15:14 - 001129816 _____ (Google Inc.) C:\Users\Yassine\Downloads\ChromeSetup.exe
2017-12-17 15:10 - 2017-12-17 15:17 - 000000000 ____D C:\Users\Yassine\AppData\LocalLow\Mozilla
2017-12-17 15:10 - 2017-12-17 15:10 - 000000000 ____D C:\Users\Yassine\AppData\Roaming\Mozilla
2017-12-17 15:09 - 2017-12-17 15:09 - 000000948 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2017-12-17 15:09 - 2017-12-17 15:09 - 000000936 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk
2017-12-17 15:09 - 2017-12-17 15:09 - 000000000 ____D C:\Program Files\Mozilla Firefox
2017-12-17 15:09 - 2017-12-17 15:09 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2017-12-17 14:39 - 2017-12-17 15:08 - 039236952 _____ (Mozilla) C:\Users\Yassine\Downloads\Firefox Setup 57.0.2.exe
2017-12-17 14:36 - 2017-12-17 14:36 - 000000000 ____D C:\Windows\Panther
2017-12-17 02:11 - 2017-12-17 02:21 - 000000841 _____ C:\Users\Public\Desktop\SpyHunter4.lnk
2017-12-17 02:11 - 2017-12-17 02:11 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SpyHunter4
2017-12-17 02:10 - 2017-12-17 16:02 - 000000000 ____D C:\Program Files\SpyHunter
2017-12-17 01:07 - 2017-12-17 02:49 - 000000000 ____D C:\Program Files\Malwarebytes
2017-12-17 00:23 - 2017-12-17 00:23 - 000000000 ____D C:\ProgramData\MB3CoreBackup
2017-12-17 00:18 - 2017-12-17 00:18 - 000000000 ____D C:\Users\Yassine\AppData\Roaming\Obsidium
2017-12-16 23:19 - 2017-12-17 03:06 - 734497342 _____ C:\Users\Yassine\Downloads\[ Torrent9.tv ] Trespass.Against.Us.2016.FRENCH.BDRip.XviD-GZR.avi
2017-12-16 23:19 - 2017-12-17 03:06 - 726767834 _____ C:\Users\Yassine\Downloads\[ Torrent9.tv ] Le.Serpent.aux.Mille.Coupures.2017.FRENCH.BDRip.XviD.ACOOL.avi
2017-12-15 16:40 - 2017-12-15 16:40 - 000000916 _____ C:\Users\Yassine\Documents\hosts.txt
2017-12-15 16:04 - 2016-01-14 01:27 - 000003118 _____ C:\Windows\system32\Drivers\etc\license.conf
2017-12-15 16:00 - 2017-12-15 16:43 - 000000000 ____D C:\Program Files (x86)\Malwarebytes Anti-Malware
2017-12-15 15:52 - 2017-12-15 15:54 - 000000000 ____D C:\ProgramData\Malwarebytes Anti-Exploit
2017-12-15 13:27 - 2017-12-17 01:46 - 000000000 ____D C:\Users\Yassine\AppData\Local\Deployment
2017-12-15 13:27 - 2017-12-15 13:27 - 000000000 ____D C:\Users\Yassine\AppData\Local\Apps\2.0
2017-12-15 13:18 - 2017-12-17 14:27 - 000003940 _____ C:\Windows\System32\Tasks\User_Feed_Synchronization-{9929489A-75E1-4396-B00C-AB73A6043A4E}
2017-12-15 03:53 - 2017-12-15 14:02 - 000000000 ____D C:\Windows\ADAFC0B4FC1545D9BAB3BC7A8829D0C4.TMP
2017-12-15 02:22 - 2017-12-17 03:07 - 000000000 ____D C:\Users\Yassine\AppData\Roaming\BitTorrent
2017-12-15 02:22 - 2017-12-15 02:22 - 000000918 _____ C:\Users\Yassine\Desktop\BitTorrent.lnk
2017-12-15 02:22 - 2017-12-15 02:22 - 000000898 _____ C:\Users\Yassine\AppData\Roaming\Microsoft\Windows\Start Menu\BitTorrent.lnk
2017-12-15 00:52 - 2017-12-15 00:52 - 000000000 _____ C:\autoexec.bat
2017-12-14 11:44 - 2017-12-14 11:44 - 000035747 _____ C:\Windows\uninstaller.dat
2017-12-11 23:15 - 2017-12-11 23:15 - 000000000 ____D C:\Users\Yassine\AppData\Roaming\Canneverbe Limited
2017-12-11 23:15 - 2017-12-11 23:15 - 000000000 ____D C:\ProgramData\Canneverbe Limited
2017-12-11 22:46 - 2017-12-11 22:46 - 000000000 ____D C:\Users\Yassine\AppData\Local\Ahead
2017-12-11 22:45 - 2017-12-11 22:47 - 000007867 _____ C:\Windows\Irremote.ini
2017-12-11 22:44 - 2017-12-15 01:22 - 000001024 _____ C:\Users\Yassine\.rnd
2017-12-11 22:31 - 2017-12-15 01:03 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MagicISO
2017-12-11 18:22 - 2017-12-11 18:23 - 005175456 _____ C:\Windows\system32\FNTCACHE.DAT
2017-12-11 18:21 - 2017-12-17 00:07 - 000000000 _____ C:\Windows\SysWOW64\last.dump
2017-12-11 18:00 - 2017-12-11 18:00 - 000000000 ____D C:\Users\Yassine\Documents\Dossier Echanges Bluetooth
2017-12-11 18:00 - 2017-12-11 18:00 - 000000000 ____D C:\Users\Yassine\AppData\Local\Broadcom
2017-12-11 17:58 - 2015-09-25 11:56 - 002297104 _____ (Broadcom Corporation.) C:\Windows\system32\BtwRSupportService.exe
2017-12-11 17:58 - 2015-09-25 11:56 - 000248104 _____ (Broadcom Corporation.) C:\Windows\system32\Drivers\btwavdt.sys
2017-12-11 17:58 - 2015-09-25 11:56 - 000234800 _____ (Broadcom Corporation.) C:\Windows\system32\Drivers\btwampfl.sys
2017-12-11 17:58 - 2015-09-25 11:56 - 000227144 _____ (Broadcom Corporation.) C:\Windows\system32\Drivers\bcbtums.sys
2017-12-11 17:58 - 2015-09-25 11:56 - 000220448 _____ (Broadcom Corporation.) C:\Windows\system32\Drivers\btwaudio.sys
2017-12-11 17:58 - 2015-09-25 11:56 - 000112896 _____ (Broadcom Corporation.) C:\Windows\system32\btwdi.dll
2017-12-11 17:58 - 2015-08-06 02:18 - 000047392 _____ (Broadcom Corporation.) C:\Windows\system32\Drivers\btwrchid.sys
2017-12-11 17:58 - 2015-07-08 20:43 - 000048984 _____ (Broadcom Corporation.) C:\Windows\system32\Drivers\btwl2cap.sys
2017-12-11 17:57 - 2017-12-11 17:57 - 000000000 ____D C:\Program Files\Lenovo
2017-12-11 17:33 - 2017-12-11 17:33 - 000000540 _____ C:\Windows\Tasks\AVG Driver Updater Scan.job
2017-12-11 17:30 - 2017-12-11 17:43 - 000000486 _____ C:\Windows\Tasks\AVG Driver Updater Startup.job
2017-12-11 17:29 - 2017-12-11 17:29 - 000002513 _____ C:\Users\Public\Desktop\AVG Driver Updater.lnk
2017-12-11 17:29 - 2017-12-11 17:29 - 000000000 ____D C:\Users\Public\Documents\Downloaded Installers
2017-12-11 17:29 - 2017-12-11 17:29 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG Driver Updater
2017-12-11 16:36 - 2017-12-11 18:08 - 000003740 _____ C:\Windows\System32\Tasks\DivX Update
2017-12-11 16:25 - 2017-12-11 16:25 - 000000000 _____ C:\Windows\SysWOW64\__00000000__C0000005.dmp
2017-12-11 16:23 - 2017-12-11 16:23 - 000000000 ___HD C:\$AV_AVG
2017-12-11 16:22 - 2017-12-11 16:22 - 000140800 _____ C:\Users\Yassine\AppData\Local\installer.dat
2017-12-11 16:21 - 2017-12-11 16:25 - 000000000 ____D C:\Windows\SysWOW64\SSL
2017-12-11 16:15 - 2017-12-11 16:15 - 000002618 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG PC TuneUp.lnk
2017-12-11 16:15 - 2017-12-11 16:15 - 000002606 _____ C:\Users\Public\Desktop\AVG PC TuneUp.lnk
2017-12-11 16:15 - 2017-11-15 08:59 - 000053008 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\TURegOpt.exe
2017-12-11 16:01 - 2017-12-11 16:01 - 000001984 _____ C:\Users\Public\Desktop\AVG Internet Security.lnk
2017-12-11 16:00 - 2017-12-11 16:00 - 000366288 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\avgBoot.exe
2017-12-11 16:00 - 2017-12-11 16:00 - 000176000 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgArPot.sys
2017-12-11 15:52 - 2017-12-17 00:51 - 000004178 _____ C:\Windows\System32\Tasks\Antivirus Emergency Update
2017-12-11 15:51 - 2017-12-11 16:01 - 000447800 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgSP.sys
2017-12-11 15:51 - 2017-12-11 16:00 - 001018648 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgSnx.sys
2017-12-11 15:51 - 2017-12-11 16:00 - 000562568 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgNetSec.sys
2017-12-11 15:51 - 2017-12-11 16:00 - 000447800 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgSP.sys.151300806901502
2017-12-11 15:51 - 2017-12-11 16:00 - 000356880 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgVmm.sys
2017-12-11 15:51 - 2017-12-11 16:00 - 000336896 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgbloga.sys
2017-12-11 15:51 - 2017-12-11 16:00 - 000314640 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgbidsdrivera.sys
2017-12-11 15:51 - 2017-12-11 16:00 - 000196392 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgStm.sys
2017-12-11 15:51 - 2017-12-11 16:00 - 000192584 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgbidsha.sys
2017-12-11 15:51 - 2017-12-11 16:00 - 000166624 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgbdiska.sys
2017-12-11 15:51 - 2017-12-11 16:00 - 000140704 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgMonFlt.sys
2017-12-11 15:51 - 2017-12-11 16:00 - 000102792 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgRdr2.sys
2017-12-11 15:51 - 2017-12-11 16:00 - 000076832 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgRvrt.sys
2017-12-11 15:51 - 2017-12-11 16:00 - 000051336 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgbuniva.sys
2017-12-11 15:51 - 2017-12-11 16:00 - 000039424 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgHwid.sys
2017-12-11 15:49 - 2017-12-11 16:14 - 000001028 _____ C:\Users\Public\Desktop\AVG.lnk
2017-12-11 15:49 - 2017-12-11 16:14 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG
2017-12-11 15:48 - 2017-12-17 03:15 - 000003590 _____ C:\Windows\System32\Tasks\AVG EUpdate Task
2017-12-11 15:40 - 2017-12-11 15:40 - 000024963 _____ C:\Windows\SysWOW64\servers.def.lkg
2017-12-11 15:40 - 2017-12-11 15:40 - 000024963 _____ C:\Windows\SysWOW64\servers.def
2017-12-11 15:40 - 2017-12-11 15:40 - 000002847 _____ C:\Windows\SysWOW64\servers.def.vpx
2017-12-11 15:40 - 2017-12-11 15:40 - 000001627 _____ C:\Windows\SysWOW64\uat.vpx
2017-12-11 15:40 - 2017-12-11 15:40 - 000000446 _____ C:\Windows\SysWOW64\prod-pgm.vpx
2017-12-11 15:40 - 2017-12-11 15:40 - 000000039 _____ C:\Windows\SysWOW64\Stats.ini
2017-12-11 15:40 - 2017-12-11 15:40 - 000000000 ____D C:\Windows\SysWOW64\uat.vpx.dll
2017-12-11 14:36 - 2017-12-15 02:48 - 000001736 __RSH C:\ProgramData\ntuser.pol
2017-12-11 14:12 - 2017-12-11 14:12 - 000000000 ____D C:\ProgramData\SecuritySuite
2017-12-11 14:08 - 2017-12-11 14:08 - 000000000 ____D C:\Users\Yassine\Documents\TotalAV
2017-12-11 14:07 - 2017-12-11 14:07 - 000000000 ____D C:\Users\Yassine\AppData\Roaming\TotalAV
2017-12-11 13:58 - 2017-12-11 13:58 - 000002023 _____ C:\Users\Public\Desktop\ExpressVPN.lnk
2017-12-11 13:58 - 2017-12-11 13:58 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ExpressVPN
2017-12-11 13:58 - 2017-12-11 13:58 - 000000000 ____D C:\ProgramData\ExpressVPN
2017-12-11 13:58 - 2017-12-11 13:58 - 000000000 ____D C:\Program Files (x86)\ExpressVpn Tap Driver
2017-12-11 13:58 - 2017-12-11 13:58 - 000000000 ____D C:\Program Files (x86)\ExpressVpn SplitTunnel Driver
2017-12-11 13:58 - 2017-12-11 13:58 - 000000000 ____D C:\Program Files (x86)\ExpressVPN
2017-12-11 01:07 - 2017-12-11 01:09 - 000000000 _____ C:\Users\Yassine\ping
2017-12-10 02:52 - 2017-12-10 02:53 - 000000000 ____D C:\Users\Yassine\AppData\Local\Mozilla
2017-12-10 02:36 - 2017-12-13 13:24 - 000000000 ____D C:\Users\Yassine\Desktop\tor
2017-12-07 03:16 - 2017-12-07 03:16 - 000000000 ____D C:\Users\Yassine\AppData\Local\ExpressVPN
2017-12-07 02:25 - 2017-12-07 02:25 - 000000000 ____D C:\Users\Yassine\AppData\Local\IsolatedStorage
2017-12-07 02:20 - 2017-12-11 14:56 - 000000000 ____D C:\Users\Yassine\Desktop\telechargement
2017-12-07 00:58 - 2017-12-07 00:58 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox
2017-12-05 02:38 - 2017-12-08 18:11 - 000000000 ____D C:\Users\Yassine\AppData\Local\pangu
2017-12-05 02:33 - 2017-12-15 00:10 - 000000000 ___RD C:\Users\Yassine\iCloudDrive
2017-12-05 02:33 - 2017-12-05 15:49 - 000000000 ____D C:\Users\Yassine\AppData\Local\861CC0FB-5EAF-4FF8-BC42-D44154829508.aplzod
2017-12-05 02:33 - 2017-12-05 02:33 - 000000000 ____D C:\Users\Yassine\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\iCloud
2017-12-05 02:04 - 2017-12-15 00:34 - 000000000 ____D C:\ProgramData\Apple Computer
2017-12-05 01:32 - 2017-12-15 00:59 - 000000000 ____D C:\Users\Yassine\AppData\Roaming\Apple Computer
2017-12-05 01:20 - 2017-12-05 01:21 - 000000000 ____D C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2017-12-05 01:06 - 2017-12-05 01:06 - 000051016 _____ (Dropbox, Inc.) C:\Windows\system32\DbxSvc.exe
2017-12-05 01:06 - 2017-12-05 01:06 - 000045672 _____ (Dropbox, Inc.) C:\Windows\system32\Drivers\dbx-dev.sys
2017-12-05 01:06 - 2017-12-05 01:06 - 000045640 _____ (Dropbox, Inc.) C:\Windows\system32\Drivers\dbx-stable.sys
2017-12-05 01:06 - 2017-12-05 01:06 - 000045640 _____ (Dropbox, Inc.) C:\Windows\system32\Drivers\dbx-canary.sys
2017-12-05 00:40 - 2017-12-15 03:49 - 000000000 ____D C:\Users\Yassine\AppData\Roaming\DivX
2017-12-05 00:40 - 2017-12-15 00:58 - 000000000 ____D C:\Program Files\DivX
2017-12-05 00:40 - 2017-12-15 00:58 - 000000000 ____D C:\Program Files (x86)\DivX
2017-12-05 00:39 - 2017-12-15 00:58 - 000000000 ____D C:\ProgramData\DivX
2017-12-03 14:53 - 2012-08-21 13:01 - 000033240 _____ (GEAR Software Inc.) C:\Windows\system32\Drivers\GEARAspiWDM.sys
2017-12-03 13:55 - 2017-12-15 01:05 - 000000000 ____D C:\Windows\system32\appmgmt
2017-12-03 13:11 - 2017-12-03 13:11 - 000000000 ____D C:\Program Files\Bonjour
2017-12-03 13:11 - 2017-12-03 13:11 - 000000000 ____D C:\Program Files (x86)\Bonjour
2017-12-03 13:10 - 2017-12-15 00:59 - 000000000 ____D C:\Program Files\Common Files\Apple
2017-12-03 13:10 - 2017-12-15 00:51 - 000000000 ____D C:\ProgramData\Apple
2017-12-02 00:09 - 2017-12-17 03:21 - 000000000 ____D C:\Users\Yassine\Desktop\Nouveau dossier
2017-11-21 15:48 - 2017-11-21 15:48 - 000035696 _____ (The OpenVPN Project) C:\Windows\system32\Drivers\tapexpressvpn.sys
==================== Un mois - Modifiés - fichiers et dossiers ========
(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)
2017-12-17 16:04 - 2017-01-23 17:55 - 000003596 _____ C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-2446385367-2199033129-166284951-1001
2017-12-17 15:53 - 2017-01-23 16:28 - 000000000 ___RD C:\Users\Yassine\OneDrive
2017-12-17 15:50 - 2017-01-23 21:21 - 000000180 _____ C:\Windows\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2017-12-17 15:50 - 2017-01-23 19:16 - 000000000 __SHD C:\Users\Yassine\IntelGraphicsProfiles
2017-12-17 14:24 - 2017-01-23 21:32 - 000000000 ____D C:\Users\Yassine\AppData\Local\Akamai
2017-12-17 14:22 - 2013-08-22 13:36 - 000000000 ____D C:\Windows\Inf
2017-12-17 04:51 - 2017-09-10 22:32 - 000000000 ____D C:\Users\Yassine\AppData\Roaming\vlc
2017-12-17 04:00 - 2013-08-22 15:36 - 000000000 ___HD C:\Program Files\WindowsApps
2017-12-17 04:00 - 2013-08-22 15:36 - 000000000 ____D C:\Windows\AppReadiness
2017-12-17 03:13 - 2013-08-22 14:45 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2017-12-17 02:43 - 2017-01-23 16:19 - 000000000 ____D C:\Users\Yassine
2017-12-17 00:07 - 2017-01-24 00:25 - 000004478 _____ C:\Windows\System32\Tasks\Adobe Acrobat Update Task
2017-12-17 00:07 - 2013-08-22 13:25 - 000262144 ___SH C:\Windows\system32\config\BBI
2017-12-15 13:53 - 2017-01-23 18:46 - 000000000 ____D C:\Users\Yassine\AppData\Local\AvgSetupLog
2017-12-15 13:27 - 2013-08-22 15:36 - 000000000 ____D C:\Windows\tracing
2017-12-15 03:53 - 2017-01-23 19:51 - 000003160 _____ C:\Windows\System32\Tasks\StartCN
2017-12-15 03:49 - 2017-09-02 23:59 - 000000000 ____D C:\Program Files (x86)\BlueStacks
2017-12-13 13:10 - 2017-01-24 22:39 - 000324608 ___SH C:\Users\Yassine\Desktop\Thumbs.db
2017-12-11 22:43 - 2013-08-22 15:36 - 000000000 ____D C:\Windows\Cursors
2017-12-11 18:23 - 2017-01-24 21:49 - 000001204 _____ C:\Windows\Tasks\DropboxUpdateTaskMachineUA.job
2017-12-11 18:23 - 2017-01-24 21:49 - 000001200 _____ C:\Windows\Tasks\DropboxUpdateTaskMachineCore.job
2017-12-11 18:08 - 2017-01-24 21:49 - 000004178 _____ C:\Windows\System32\Tasks\DropboxUpdateTaskMachineUA
2017-12-11 18:08 - 2017-01-24 21:49 - 000003942 _____ C:\Windows\System32\Tasks\DropboxUpdateTaskMachineCore
2017-12-11 18:01 - 2013-08-22 15:20 - 000000000 ____D C:\Windows\CbsTemp
2017-12-11 17:43 - 2017-01-23 18:46 - 000025608 _____ (SlimWare Utilities, Inc.) C:\Windows\system32\Drivers\SWDUMon.sys
2017-12-11 17:42 - 2017-01-23 18:44 - 000000000 ____D C:\Program Files (x86)\AVG Driver Updater
2017-12-11 16:50 - 2013-08-22 15:36 - 000000000 ____D C:\Windows\system32\NDF
2017-12-11 16:42 - 2017-01-23 18:46 - 000000000 ____D C:\ProgramData\Avg
2017-12-11 16:36 - 2017-01-23 23:31 - 000000000 ____D C:\Windows\Minidump
2017-12-11 16:36 - 2017-01-23 21:35 - 000000000 ____D C:\Users\Yassine\AppData\Local\Microsoft Help
2017-12-11 16:36 - 2017-01-23 19:51 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Problem Report Wizard
2017-12-11 16:36 - 2013-08-22 13:36 - 000000000 ____D C:\Windows\system32\Sysprep
2017-12-11 16:32 - 2014-11-20 22:46 - 001827432 _____ C:\Windows\system32\PerfStringBackup.INI
2017-12-11 16:32 - 2014-11-20 22:03 - 000813388 _____ C:\Windows\system32\perfh00C.dat
2017-12-11 16:32 - 2014-11-20 22:03 - 000159948 _____ C:\Windows\system32\perfc00C.dat
2017-12-11 16:15 - 2017-01-23 18:47 - 000000000 ____D C:\Program Files (x86)\AVG
2017-12-11 16:15 - 2017-01-23 18:46 - 000000000 ____D C:\Users\Yassine\AppData\Local\Avg
2017-12-11 15:53 - 2017-01-23 18:50 - 000000000 ____D C:\Users\Yassine\AppData\Roaming\AVG
2017-12-11 15:28 - 2017-01-23 18:47 - 000000000 ____D C:\ProgramData\MFAData
2017-12-11 15:28 - 2017-01-23 18:35 - 000000000 ____D C:\Program Files\Common Files\AV
2017-12-11 15:26 - 2013-08-22 15:36 - 000000000 ___HD C:\Windows\ELAMBKUP
2017-12-11 14:36 - 2013-08-22 15:36 - 000000000 ___HD C:\Windows\system32\GroupPolicy
2017-12-11 14:36 - 2013-08-22 15:36 - 000000000 ____D C:\Windows\SysWOW64\GroupPolicy
2017-12-11 13:58 - 2017-01-23 18:51 - 000000000 ____D C:\ProgramData\Package Cache
2017-12-09 03:51 - 2013-08-22 13:25 - 000262144 ___SH C:\Windows\system32\config\ELAM
2017-12-07 00:58 - 2017-01-24 21:49 - 000000000 ____D C:\Program Files (x86)\Dropbox
2017-12-04 04:22 - 2017-09-10 23:33 - 000030208 ___SH C:\Users\Yassine\Downloads\Thumbs.db
2017-12-02 00:48 - 2017-04-13 22:25 - 000002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
==================== Fichiers à la racine de certains dossiers =======
2017-09-26 01:16 - 2017-09-26 01:16 - 000000132 _____ () C:\Users\Yassine\AppData\Roaming\Préfs Format AIFF Adobe CS6
2017-12-11 16:22 - 2017-12-11 16:22 - 000140800 _____ () C:\Users\Yassine\AppData\Local\installer.dat
Certains fichiers dans TEMP:
====================
2017-12-15 00:57 - 2017-08-30 10:29 - 000961592 _____ (BlueStack Systems, Inc.) C:\Users\Yassine\AppData\Local\Temp\BlueStacksClientUninstaller.exe
2017-12-15 00:57 - 2017-08-30 10:29 - 000421400 _____ (CodeTitans) C:\Users\Yassine\AppData\Local\Temp\JSON.dll
2017-12-17 00:19 - 2017-11-02 20:21 - 078346672 _____ (Malwarebytes ) C:\Users\Yassine\AppData\Local\Temp\MalwareBytes_Anti-Malware_mb3-setup-consumer-3.3.1.2183.exe
2017-10-26 08:07 - 2017-10-26 08:07 - 000488960 _____ () C:\Users\Yassine\AppData\Local\Temp\sqlite3.exe
Certains de taille zéro octet fichiers/dossiers:
==========================
C:\Windows\SysWOW64\uat.vpx.dll
==================== Bamital & volsnap ======================
(Il n'y a pas de correction automatique pour les fichiers qui ne satisfont pas à la vérification.)
C:\Windows\system32\winlogon.exe => Le fichier est signé numériquement
C:\Windows\system32\wininit.exe => Le fichier est signé numériquement
C:\Windows\explorer.exe => Le fichier est signé numériquement
C:\Windows\SysWOW64\explorer.exe => Le fichier est signé numériquement
C:\Windows\system32\svchost.exe => Le fichier est signé numériquement
C:\Windows\SysWOW64\svchost.exe => Le fichier est signé numériquement
C:\Windows\system32\services.exe => Le fichier est signé numériquement
C:\Windows\system32\User32.dll => Le fichier est signé numériquement
C:\Windows\SysWOW64\User32.dll => Le fichier est signé numériquement
C:\Windows\system32\userinit.exe => Le fichier est signé numériquement
C:\Windows\SysWOW64\userinit.exe => Le fichier est signé numériquement
C:\Windows\system32\rpcss.dll => Le fichier est signé numériquement
C:\Windows\system32\dnsapi.dll => Le fichier est signé numériquement
C:\Windows\SysWOW64\dnsapi.dll => Le fichier est signé numériquement
C:\Windows\system32\Drivers\volsnap.sys => Le fichier est signé numériquement
LastRegBack: 2017-12-15 15:25
==================== Fin de FRST.txt ============================