Résultats d'analyse de Farbar Recovery Scan Tool (FRST) (x64) Version:07-02-2016 Exécuté par fuikifou (administrateur) sur RÉMI (17-02-2016 12:09:35) Exécuté depuis C:\Users\fuikifou\Downloads Profils chargés: fuikifou (Profils disponibles: fuikifou) Platform: Windows 8 (X64) Langue: Français (France) Internet Explorer Version 10 (Navigateur par défaut: FF) Mode d'amorçage: Normal Tutoriel pour Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processus (Avec liste blanche) ================= (Si un élément est inclus dans le fichier fixlist.txt, le processus sera arrêté. Le fichier ne sera pas déplacé.) (ASUSTeK Computer Inc.) C:\Windows\System32\FBAgent.exe (ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe (ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe (Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe (Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe (Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe (Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe (Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe (ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe (ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\KBFiltr.exe (ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe (ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe (Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.0.1119.516_x64__8wekyb3d8bbwe\LiveComm.exe (Qualcomm®Atheros®) C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe () C:\Program Files (x86)\Bluetooth Suite\ActivateDesktop.exe (Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe (Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.Systray.exe (AMD) C:\Windows\System32\atiesrxx.exe (AMD) C:\Windows\System32\atieclxx.exe () C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.18.159\AsusWSWinService.exe (Windows (R) Win 7 DDK provider) C:\Program Files (x86)\Bluetooth Suite\AdminService.exe (Atheros) C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe (CyberLink Corp.) C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (ASUS) C:\Program Files\ASUS\P4G\BatteryLife.exe (AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPLoader.exe (ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\QuickGesture\x64\QuickGesture64.exe (ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\QuickGesture\x86\QuickGesture.exe (ASUS) C:\Program Files (x86)\ASUS\Splendid\ACMON.exe (ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\Splendid\ColorUService.exe (ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe (AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPHelper.exe (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avguard.exe (Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\officec2rclient.exe (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avshadow.exe (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\sched.exe (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avgnt.exe (Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe (Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPCenter.exe ==================== Registre (Avec liste blanche) =========================== (Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé. Le fichier ne sera pas déplacé.) HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [170256 2015-10-16] (Apple Inc.) HKLM-x32\...\Run: [Avira SystrayStartTrigger] => C:\Program Files (x86)\Avira\Launcher\Avira.SystrayStartTrigger.exe [66328 2016-01-27] (Avira Operations GmbH & Co. KG) HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\Antivirus\avgnt.exe [803200 2015-12-04] (Avira Operations GmbH & Co. KG) HKLM\...\Policies\Explorer\Run: [BtvStack] => C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe [132736 2013-11-28] (Qualcomm®Atheros®) HKU\S-1-5-21-1333113221-283914976-2350023895-1001\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [53729824 2015-08-07] (Skype Technologies S.A.) HKU\S-1-5-21-1333113221-283914976-2350023895-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [8358680 2015-06-01] (Piriform Ltd) HKU\S-1-5-18\...\Run: [EPLTarget\P0000000000000000] => C:\Windows\system32\spool\DRIVERS\x64\3\E_YATIHTE.EXE [239488 2011-04-24] (SEIKO EPSON CORPORATION) HKU\S-1-5-18\...\RunOnce: [Application Restart #0] => C:\Program Files\Common Files\microsoft shared\ink\TabTip.exe [394624 2014-06-11] (Microsoft Corporation) ShellIconOverlayIdentifiers: [!AsusWSShellExt_B] -> {6D4133E5-0742-4ADC-8A8C-9303440F7190} => C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.18.159\ASUSWSShellExt64.dll [2012-09-27] (ASUS Cloud Corporation.) ShellIconOverlayIdentifiers: [!AsusWSShellExt_O] -> {64174815-8D98-4CE6-8646-4C039977D808} => C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.18.159\ASUSWSShellExt64.dll [2012-09-27] (ASUS Cloud Corporation.) ShellIconOverlayIdentifiers: [!AsusWSShellExt_U] -> {1C5AB7B1-0B38-4EC4-9093-7FD277E2AF4D} => C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.18.159\ASUSWSShellExt64.dll [2012-09-27] (ASUS Cloud Corporation.) ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => Pas de fichier ShellIconOverlayIdentifiers: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\fuikifou\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll [2013-09-11] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\fuikifou\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll [2013-09-11] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\fuikifou\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll [2013-09-11] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [DropboxExt4] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\fuikifou\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll [2013-09-11] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\fuikifou\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll [2013-09-11] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\fuikifou\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll [2013-09-11] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\fuikifou\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll [2013-09-11] (Dropbox, Inc.) ==================== Internet (Avec liste blanche) ==================== (Si un élément est inclus dans le fichier fixlist.txt, s'il s'agit d'un élément du Registre, il sera supprimé ou restauré à la valeur par défaut.) Tcpip\..\Interfaces\{2D83F384-1764-4676-903C-D8ED653E62AC}: [DhcpNameServer] 172.20.10.1 Tcpip\..\Interfaces\{A44E61C4-10A0-4309-8663-9971F210F2FC}: [DhcpNameServer] 192.168.1.1 Internet Explorer: ================== HKU\S-1-5-21-1333113221-283914976-2350023895-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://asus13.msn.com SearchScopes: HKU\S-1-5-21-1333113221-283914976-2350023895-1001 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\S-1-5-21-1333113221-283914976-2350023895-1001 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll [2015-10-13] (Microsoft Corporation) BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2016-01-08] (Microsoft Corporation) BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL [2015-10-13] (Microsoft Corporation) BHO-x32: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2010-11-15] (Adobe Systems Incorporated) BHO-x32: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2016-01-08] (Microsoft Corporation) Toolbar: HKU\S-1-5-21-1333113221-283914976-2350023895-1001 -> Pas de nom - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - Pas de fichier Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL [2015-02-03] (Microsoft Corporation) Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2016-01-08] (Microsoft Corporation) Handler-x32: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2016-01-08] (Microsoft Corporation) FireFox: ======== FF ProfilePath: C:\Users\fuikifou\AppData\Roaming\Mozilla\Firefox\Profiles\xc7hf7vr.default FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.41212.0\npctrl.dll [2015-12-11] ( Microsoft Corporation) FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2015-10-08] () FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.41212.0\npctrl.dll [2015-12-11] ( Microsoft Corporation) FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL [2014-09-23] (Microsoft Corporation) FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3505.0912 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-09-12] (Microsoft Corporation) FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll [2012-10-12] () FF Extension: WOT - C:\Users\fuikifou\AppData\Roaming\Mozilla\Firefox\Profiles\xc7hf7vr.default\extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7} [2016-02-17] FF Extension: NoScript - C:\Users\fuikifou\AppData\Roaming\Mozilla\Firefox\Profiles\xc7hf7vr.default\extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi [2016-02-17] FF Extension: Adblock Plus - C:\Users\fuikifou\AppData\Roaming\Mozilla\Firefox\Profiles\xc7hf7vr.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2016-02-17] FF HKLM-x32\...\Thunderbird\Extensions: [msktbird@mcafee.com] - C:\Program Files\McAfee\MSK => non trouvé(e) Chrome: ======= CHR StartupUrls: Default -> "hxxp://www.google.com/" CHR Profile: C:\Users\fuikifou\AppData\Local\Google\Chrome\User Data\Default CHR Extension: (Google Docs) - C:\Users\fuikifou\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-03-17] CHR Extension: (Google Drive) - C:\Users\fuikifou\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-11-04] CHR Extension: (YouTube) - C:\Users\fuikifou\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-10-15] CHR Extension: (Recherche Google) - C:\Users\fuikifou\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-11-04] CHR Extension: (Google Docs hors connexion) - C:\Users\fuikifou\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2015-12-04] CHR Extension: (AdBlock) - C:\Users\fuikifou\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2015-12-14] CHR Extension: (Paiements via le Chrome Web Store) - C:\Users\fuikifou\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-08-13] CHR Extension: (Gmail) - C:\Users\fuikifou\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-03-31] CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx [2016-01-08] ==================== Services (Avec liste blanche) ======================== (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.) S2 AntiVirMailService; C:\Program Files (x86)\Avira\Antivirus\avmailc7.exe [948392 2015-12-04] (Avira Operations GmbH & Co. KG) R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\Antivirus\sched.exe [466408 2015-12-04] (Avira Operations GmbH & Co. KG) R2 AntiVirService; C:\Program Files (x86)\Avira\Antivirus\avguard.exe [466408 2015-12-04] (Avira Operations GmbH & Co. KG) S2 AntiVirWebService; C:\Program Files (x86)\Avira\Antivirus\avwebg7.exe [1418560 2015-12-04] (Avira Operations GmbH & Co. KG) R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [77104 2015-10-07] (Apple Inc.) R3 Asus WebStorage Windows Service; C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.18.159\AsusWSWinService.exe [72192 2012-12-19] () [Fichier non signé] R3 AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [318592 2013-11-28] (Windows (R) Win 7 DDK provider) [Fichier non signé] R2 Avira.ServiceHost; C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe [260456 2016-01-27] (Avira Operations GmbH & Co. KG) R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1433216 2016-01-08] (Microsoft Corporation) R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1773696 2016-01-08] (Microsoft Corporation) R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [2797752 2015-10-13] (Microsoft Corporation) S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-03] (Macrovision Corporation) [Fichier non signé] S2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1135416 2015-10-05] (Malwarebytes) S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [16056 2015-07-06] (Microsoft Corporation) R3 ZAtheros Bt and Wlan Coex Agent; C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe [323584 2013-11-28] (Atheros) [Fichier non signé] ===================== Pilotes (Avec liste blanche) ========================== (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.) R3 AtiHDAudioService; C:\Windows\system32\drivers\AtihdW86.sys [215040 2013-09-24] (Advanced Micro Devices) R3 ATP; C:\Windows\System32\drivers\AsusTP.sys [70928 2013-12-12] (ASUS Corporation) R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [135880 2015-12-04] (Avira Operations GmbH & Co. KG) R1 avipbb; C:\Windows\system32\DRIVERS\avipbb.sys [146696 2015-12-04] (Avira Operations GmbH & Co. KG) R1 avkmgr; C:\Windows\system32\DRIVERS\avkmgr.sys [35488 2015-12-04] (Avira Operations GmbH & Co. KG) R2 avnetflt; C:\Windows\system32\DRIVERS\avnetflt.sys [73032 2015-12-04] (Avira Operations GmbH & Co. KG) R3 BTATH_LWFLT; C:\Windows\system32\DRIVERS\btath_lwflt.sys [77464 2013-11-28] (Qualcomm Atheros) S0 ebdrv; C:\Windows\System32\drivers\evbda.sys [3265256 2013-04-26] (Broadcom Corporation) R3 kbfiltr; C:\Windows\System32\drivers\kbfiltr.sys [14992 2012-08-02] ( ) R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2015-10-05] (Malwarebytes) S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [64216 2015-10-05] (Malwarebytes Corporation) S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44560 2015-07-06] (Microsoft Corporation) S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [281944 2015-07-06] (Microsoft Corporation) U0 msahci; system32\drivers\msahci.sys [X] ==================== NetSvcs (Avec liste blanche) =================== (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.) ==================== Un mois - Créés - fichiers et dossiers ======== (Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.) 2016-02-17 12:09 - 2016-02-17 12:10 - 00017530 _____ C:\Users\fuikifou\Downloads\FRST.txt 2016-02-17 12:08 - 2016-02-17 12:09 - 00000000 ____D C:\FRST 2016-02-17 12:07 - 2016-02-17 12:07 - 02370560 _____ (Farbar) C:\Users\fuikifou\Downloads\FRST64.exe 2016-02-17 10:43 - 2016-02-17 10:43 - 00002788 _____ C:\Windows\System32\Tasks\CCleanerSkipUAC 2016-02-17 10:43 - 2016-02-17 10:43 - 00000784 _____ C:\Users\Public\Desktop\CCleaner.lnk 2016-02-17 10:43 - 2016-02-17 10:43 - 00000000 ____D C:\Users\fuikifou\AppData\Roaming\Avira 2016-02-17 10:43 - 2016-02-17 10:43 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner 2016-02-17 10:43 - 2016-02-17 10:43 - 00000000 ____D C:\Program Files\CCleaner 2016-02-17 10:37 - 2016-02-17 10:37 - 06565736 _____ (Piriform Ltd) C:\Users\fuikifou\Downloads\ccsetup507.exe 2016-02-17 10:35 - 2015-12-04 07:38 - 00146696 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avipbb.sys 2016-02-17 10:35 - 2015-12-04 07:38 - 00135880 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avgntflt.sys 2016-02-17 10:35 - 2015-12-04 07:38 - 00073032 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avnetflt.sys 2016-02-17 10:35 - 2015-12-04 07:38 - 00035488 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avkmgr.sys 2016-02-17 10:30 - 2016-02-17 10:37 - 00000000 ____D C:\Users\fuikifou\AppData\Local\Mozilla 2016-02-17 10:30 - 2016-02-17 10:30 - 00001161 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk 2016-02-17 10:30 - 2016-02-17 10:30 - 00001149 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk 2016-02-17 10:30 - 2016-02-17 10:30 - 00000000 ____D C:\Users\fuikifou\AppData\Roaming\Mozilla 2016-02-17 10:30 - 2016-02-17 10:30 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service 2016-02-17 10:30 - 2016-02-17 10:30 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox 2016-02-17 10:16 - 2016-02-17 10:37 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira 2016-02-17 10:16 - 2016-02-17 10:34 - 00000000 ____D C:\ProgramData\Avira 2016-02-17 10:16 - 2016-02-17 10:34 - 00000000 ____D C:\Program Files (x86)\Avira 2016-02-17 10:16 - 2016-02-17 10:16 - 00001214 _____ C:\Users\Public\Desktop\Avira Launcher.lnk 2016-02-17 10:01 - 2016-02-17 10:01 - 00242320 _____ C:\Users\fuikifou\Downloads\Firefox Setup Stub 44.0.2.exe 2016-02-17 10:00 - 2016-02-17 10:00 - 05404312 _____ (Avira Operations GmbH & Co. KG) C:\Users\fuikifou\Downloads\avira_fr_av_56c43622145ef__ws.exe 2016-02-16 17:50 - 2016-02-16 19:40 - 00289718 _____ C:\Users\fuikifou\ZHPDiag3.exe 2016-02-16 12:45 - 2016-02-16 17:44 - 00192216 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys 2016-02-16 12:44 - 2016-02-16 12:44 - 00001104 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk 2016-02-16 12:44 - 2016-02-16 12:44 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware 2016-02-16 12:44 - 2016-02-16 12:44 - 00000000 ____D C:\ProgramData\Malwarebytes 2016-02-16 12:44 - 2016-02-16 12:44 - 00000000 ____D C:\Program Files (x86)\Malwarebytes Anti-Malware 2016-02-16 12:44 - 2015-10-05 09:50 - 00109272 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamchameleon.sys 2016-02-16 12:44 - 2015-10-05 09:50 - 00064216 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys 2016-02-16 12:44 - 2015-10-05 09:50 - 00025816 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbam.sys 2016-02-16 12:43 - 2016-02-16 13:08 - 00000000 ____D C:\AdwCleaner 2016-02-16 12:37 - 2016-02-16 12:37 - 01508352 _____ C:\Users\fuikifou\Downloads\adwcleaner_5.033.exe 2016-02-16 12:35 - 2016-02-16 12:36 - 22908888 _____ (Malwarebytes ) C:\Users\fuikifou\Downloads\mbam-setup-2.2.0.1024.exe 2016-02-16 12:30 - 2016-02-16 18:35 - 00000797 _____ C:\Users\fuikifou\Desktop\ZHPCleaner.lnk 2016-02-16 12:29 - 2016-02-16 12:29 - 02058240 _____ C:\Users\fuikifou\Downloads\ZHPCleaner.exe 2016-02-16 11:54 - 2016-01-15 02:24 - 00033456 _____ (Microsoft Corporation) C:\Windows\system32\CompatTelRunner.exe 2016-02-16 11:54 - 2016-01-15 01:54 - 00696320 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll 2016-02-16 11:54 - 2016-01-15 01:54 - 00677376 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll 2016-02-16 11:54 - 2016-01-15 01:54 - 00499200 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll 2016-02-16 11:54 - 2016-01-15 01:53 - 01362944 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll 2016-02-16 11:54 - 2016-01-15 01:53 - 00076800 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll 2016-02-16 11:54 - 2016-01-10 05:43 - 01162240 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll 2016-02-16 11:02 - 2016-02-16 19:46 - 00000000 ____D C:\Users\fuikifou\AppData\Roaming\ZHP 2016-02-16 11:02 - 2016-02-16 19:40 - 00000630 _____ C:\Users\fuikifou\Desktop\ZHPDiag.lnk 2016-02-16 11:02 - 2016-02-16 11:02 - 02118144 _____ C:\Users\fuikifou\Downloads\ZHPDiag3.exe 2016-02-16 10:50 - 2016-02-16 10:50 - 00003350 _____ C:\Windows\System32\Tasks\{AC996DEA-F775-45E5-854D-16B6BDBE83F5} 2016-02-04 15:29 - 2016-02-04 15:29 - 00001037 _____ C:\Users\fuikifou\Documents\avast.der 2016-02-04 15:27 - 2016-01-05 21:16 - 00826328 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe 2016-02-04 15:27 - 2016-01-05 21:16 - 00176088 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl 2016-01-30 14:36 - 2015-12-15 01:01 - 14269440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll 2016-01-30 14:36 - 2015-12-15 01:01 - 02240000 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll 2016-01-30 14:36 - 2015-12-15 01:01 - 00513536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll 2016-01-30 14:36 - 2015-12-15 01:00 - 19349504 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll 2016-01-30 14:36 - 2015-12-15 01:00 - 15422976 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll 2016-01-30 14:36 - 2015-12-15 01:00 - 13723648 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll 2016-01-30 14:36 - 2015-12-15 01:00 - 03805696 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll 2016-01-30 14:36 - 2015-12-15 01:00 - 02793984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll 2016-01-30 14:36 - 2015-12-15 01:00 - 02658304 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll 2016-01-30 14:36 - 2015-12-15 01:00 - 02057216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll 2016-01-30 14:36 - 2015-12-15 01:00 - 01409536 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll 2016-01-30 14:36 - 2015-12-15 01:00 - 00592896 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll 2016-01-30 14:36 - 2015-12-09 15:27 - 00210432 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll 2016-01-30 14:36 - 2015-12-08 16:16 - 01303040 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll 2016-01-30 14:36 - 2015-12-05 19:48 - 01024000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll 2016-01-30 14:35 - 2015-12-15 01:01 - 01763328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll 2016-01-30 14:35 - 2015-12-15 01:01 - 01181696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll 2016-01-30 14:35 - 2015-12-15 01:01 - 00493056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll 2016-01-30 14:35 - 2015-12-15 01:01 - 00080384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll 2016-01-30 14:35 - 2015-12-15 01:00 - 00949760 _____ (Microsoft Corporation) C:\Windows\system32\inetcomm.dll 2016-01-30 14:35 - 2015-12-15 01:00 - 00857600 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll 2016-01-30 14:35 - 2015-12-15 01:00 - 00737280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcomm.dll 2016-01-30 14:35 - 2015-12-15 01:00 - 00715776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll 2016-01-30 14:35 - 2015-12-15 01:00 - 00603136 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll 2016-01-30 14:35 - 2015-12-15 01:00 - 00281600 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll 2016-01-30 14:35 - 2015-12-15 01:00 - 00255488 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll 2016-01-30 14:35 - 2015-12-15 01:00 - 00226816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll 2016-01-30 14:35 - 2015-12-15 01:00 - 00226816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll 2016-01-30 14:35 - 2015-12-15 01:00 - 00097280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll 2016-01-30 14:35 - 2015-12-15 00:59 - 01509376 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl 2016-01-30 14:35 - 2015-12-05 23:20 - 00319488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll 2016-01-30 14:35 - 2015-12-05 23:19 - 00089088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll 2016-01-30 14:35 - 2015-12-05 23:19 - 00073728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncryptsslp.dll 2016-01-30 14:35 - 2015-12-05 15:49 - 00416768 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll 2016-01-30 14:35 - 2015-12-05 15:49 - 00130560 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll 2016-01-30 14:35 - 2015-12-05 15:49 - 00089088 _____ (Microsoft Corporation) C:\Windows\system32\ncryptsslp.dll 2016-01-30 14:32 - 2015-12-31 00:29 - 06972760 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe 2016-01-30 14:32 - 2015-12-08 16:43 - 00703488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\advapi32.dll 2016-01-30 14:32 - 2015-12-08 16:16 - 00897024 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll 2016-01-30 14:32 - 2015-12-04 17:29 - 01636784 _____ (Microsoft Corporation) C:\Windows\system32\WMALFXGFXDSP.dll 2016-01-30 14:32 - 2015-12-04 17:12 - 00793312 _____ (Microsoft Corporation) C:\Windows\system32\mfplat.dll 2016-01-30 14:32 - 2015-12-04 17:12 - 00522752 _____ (Microsoft Corporation) C:\Windows\system32\AUDIOKSE.dll 2016-01-30 14:32 - 2015-12-04 17:12 - 00446872 _____ (Microsoft Corporation) C:\Windows\system32\AudioSes.dll 2016-01-30 14:32 - 2015-12-04 17:12 - 00253624 _____ (Microsoft Corporation) C:\Windows\system32\audiodg.exe 2016-01-30 14:32 - 2015-12-04 15:55 - 00612528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfplat.dll 2016-01-30 14:32 - 2015-12-04 15:55 - 00463880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AUDIOKSE.dll 2016-01-30 14:32 - 2015-12-04 15:55 - 00324456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioSes.dll 2016-01-30 14:32 - 2015-12-04 15:52 - 02842112 _____ (Microsoft Corporation) C:\Windows\system32\WMVDECOD.DLL 2016-01-30 14:32 - 2015-12-04 15:52 - 02615808 _____ (Microsoft Corporation) C:\Windows\system32\WMVENCOD.DLL 2016-01-30 14:32 - 2015-12-04 15:52 - 01770496 _____ (Microsoft Corporation) C:\Windows\system32\WMSPDMOE.DLL 2016-01-30 14:32 - 2015-12-04 15:52 - 01376256 _____ (Microsoft Corporation) C:\Windows\system32\WMADMOD.DLL 2016-01-30 14:32 - 2015-12-04 15:52 - 01350656 _____ (Microsoft Corporation) C:\Windows\system32\WMADMOE.DLL 2016-01-30 14:32 - 2015-12-04 15:52 - 01150464 _____ (Microsoft Corporation) C:\Windows\system32\winmde.dll 2016-01-30 14:32 - 2015-12-04 15:52 - 01100800 _____ (Microsoft Corporation) C:\Windows\system32\wmpmde.dll 2016-01-30 14:32 - 2015-12-04 15:52 - 01073664 _____ (Microsoft Corporation) C:\Windows\system32\WMSPDMOD.DLL 2016-01-30 14:32 - 2015-12-04 15:52 - 00625152 _____ (Microsoft Corporation) C:\Windows\system32\WMVXENCD.DLL 2016-01-30 14:32 - 2015-12-04 15:52 - 00577536 _____ (Microsoft Corporation) C:\Windows\system32\WMVSDECD.DLL 2016-01-30 14:32 - 2015-12-04 15:52 - 00431616 _____ (Microsoft Corporation) C:\Windows\system32\WMVSENCD.DLL 2016-01-30 14:32 - 2015-12-04 15:51 - 02893824 _____ (Microsoft Corporation) C:\Windows\system32\msmpeg2vdec.dll 2016-01-30 14:32 - 2015-12-04 15:51 - 01593344 _____ (Microsoft Corporation) C:\Windows\system32\quartz.dll 2016-01-30 14:32 - 2015-12-04 15:51 - 01527808 _____ (Microsoft Corporation) C:\Windows\system32\mfcore.dll 2016-01-30 14:32 - 2015-12-04 15:51 - 01208832 _____ (Microsoft Corporation) C:\Windows\system32\MSMPEG2ENC.DLL 2016-01-30 14:32 - 2015-12-04 15:51 - 01174016 _____ (Microsoft Corporation) C:\Windows\system32\mfnetsrc.dll 2016-01-30 14:32 - 2015-12-04 15:51 - 01138688 _____ (Microsoft Corporation) C:\Windows\system32\msmpeg2adec.dll 2016-01-30 14:32 - 2015-12-04 15:51 - 00783872 _____ (Microsoft Corporation) C:\Windows\system32\audiosrv.dll 2016-01-30 14:32 - 2015-12-04 15:51 - 00685568 _____ (Microsoft Corporation) C:\Windows\system32\evr.dll 2016-01-30 14:32 - 2015-12-04 15:51 - 00677888 _____ (Microsoft Corporation) C:\Windows\system32\mfnetcore.dll 2016-01-30 14:32 - 2015-12-04 15:51 - 00666112 _____ (Microsoft Corporation) C:\Windows\system32\MP4SDECD.DLL 2016-01-30 14:32 - 2015-12-04 15:51 - 00621056 _____ (Microsoft Corporation) C:\Windows\system32\mf.dll 2016-01-30 14:32 - 2015-12-04 15:51 - 00476160 _____ (Microsoft Corporation) C:\Windows\system32\MFWMAAEC.DLL 2016-01-30 14:32 - 2015-12-04 15:51 - 00406016 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Media.dll 2016-01-30 14:32 - 2015-12-04 15:51 - 00355328 _____ (Microsoft Corporation) C:\Windows\system32\mfsvr.dll 2016-01-30 14:32 - 2015-12-04 15:51 - 00323072 _____ (Microsoft Corporation) C:\Windows\system32\qdvd.dll 2016-01-30 14:32 - 2015-12-04 15:51 - 00289792 _____ (Microsoft Corporation) C:\Windows\system32\VIDRESZR.DLL 2016-01-30 14:32 - 2015-12-04 15:51 - 00245248 _____ (Microsoft Corporation) C:\Windows\system32\qasf.dll 2016-01-30 14:32 - 2015-12-04 15:51 - 00239104 _____ (Microsoft Corporation) C:\Windows\system32\ksproxy.ax 2016-01-30 14:32 - 2015-12-04 15:51 - 00231424 _____ (Microsoft Corporation) C:\Windows\system32\MPG4DECD.DLL 2016-01-30 14:32 - 2015-12-04 15:51 - 00230912 _____ (Microsoft Corporation) C:\Windows\system32\MP43DECD.DLL 2016-01-30 14:32 - 2015-12-04 15:51 - 00223744 _____ (Microsoft Corporation) C:\Windows\system32\RESAMPLEDMO.DLL 2016-01-30 14:32 - 2015-12-04 15:51 - 00209408 _____ (Microsoft Corporation) C:\Windows\system32\mfps.dll 2016-01-30 14:32 - 2015-12-04 15:51 - 00186368 _____ (Microsoft Corporation) C:\Windows\system32\COLORCNV.DLL 2016-01-30 14:32 - 2015-12-04 15:51 - 00169472 _____ (Microsoft Corporation) C:\Windows\system32\AudioEndpointBuilder.dll 2016-01-30 14:32 - 2015-12-04 15:51 - 00100352 _____ (Microsoft Corporation) C:\Windows\system32\MP3DMOD.DLL 2016-01-30 14:32 - 2015-12-04 15:51 - 00077312 _____ (Microsoft Corporation) C:\Windows\system32\devenum.dll 2016-01-30 14:32 - 2015-12-04 15:51 - 00069632 _____ (Microsoft Corporation) C:\Windows\system32\mfvdsp.dll 2016-01-30 14:32 - 2015-12-04 15:46 - 02620928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMVDECOD.DLL 2016-01-30 14:32 - 2015-12-04 15:46 - 02312704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMVENCOD.DLL 2016-01-30 14:32 - 2015-12-04 15:46 - 01468928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMSPDMOE.DLL 2016-01-30 14:32 - 2015-12-04 15:46 - 01374208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\quartz.dll 2016-01-30 14:32 - 2015-12-04 15:46 - 00904192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMADMOD.DLL 2016-01-30 14:32 - 2015-12-04 15:46 - 00893952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winmde.dll 2016-01-30 14:32 - 2015-12-04 15:46 - 00846336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMADMOE.DLL 2016-01-30 14:32 - 2015-12-04 15:46 - 00722944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMVXENCD.DLL 2016-01-30 14:32 - 2015-12-04 15:46 - 00677888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMSPDMOD.DLL 2016-01-30 14:32 - 2015-12-04 15:46 - 00487936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMVSDECD.DLL 2016-01-30 14:32 - 2015-12-04 15:46 - 00468992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qdvd.dll 2016-01-30 14:32 - 2015-12-04 15:46 - 00382464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMVSENCD.DLL 2016-01-30 14:32 - 2015-12-04 15:46 - 00260608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Media.dll 2016-01-30 14:32 - 2015-12-04 15:46 - 00208384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RESAMPLEDMO.DLL 2016-01-30 14:32 - 2015-12-04 15:46 - 00189440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qasf.dll 2016-01-30 14:32 - 2015-12-04 15:46 - 00156672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\VIDRESZR.DLL 2016-01-30 14:32 - 2015-12-04 15:45 - 02400256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msmpeg2vdec.dll 2016-01-30 14:32 - 2015-12-04 15:45 - 01453568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfcore.dll 2016-01-30 14:32 - 2015-12-04 15:45 - 00946688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MSMPEG2ENC.DLL 2016-01-30 14:32 - 2015-12-04 15:45 - 00929792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfnetsrc.dll 2016-01-30 14:32 - 2015-12-04 15:45 - 00869888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msmpeg2adec.dll 2016-01-30 14:32 - 2015-12-04 15:45 - 00755712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MFWMAAEC.DLL 2016-01-30 14:32 - 2015-12-04 15:45 - 00571392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\evr.dll 2016-01-30 14:32 - 2015-12-04 15:45 - 00568832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfnetcore.dll 2016-01-30 14:32 - 2015-12-04 15:45 - 00546304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mf.dll 2016-01-30 14:32 - 2015-12-04 15:45 - 00436736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MP4SDECD.DLL 2016-01-30 14:32 - 2015-12-04 15:45 - 00270336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfsvr.dll 2016-01-30 14:32 - 2015-12-04 15:45 - 00251904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MPG4DECD.DLL 2016-01-30 14:32 - 2015-12-04 15:45 - 00251392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MP43DECD.DLL 2016-01-30 14:32 - 2015-12-04 15:45 - 00190464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ksproxy.ax 2016-01-30 14:32 - 2015-12-04 15:45 - 00160256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\COLORCNV.DLL 2016-01-30 14:32 - 2015-12-04 15:45 - 00086016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MP3DMOD.DLL 2016-01-30 14:32 - 2015-12-04 15:45 - 00084480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfps.dll 2016-01-30 14:32 - 2015-12-04 15:45 - 00064512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\devenum.dll 2016-01-30 14:32 - 2015-12-04 15:45 - 00054272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfvdsp.dll 2016-01-30 14:32 - 2015-12-03 20:57 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\drmk.sys 2016-01-30 14:31 - 2015-12-04 01:55 - 00595968 _____ (Microsoft Corporation) C:\Windows\system32\qedit.dll 2016-01-30 14:31 - 2015-12-03 22:47 - 00497152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qedit.dll ==================== Un mois - Modifiés - fichiers et dossiers ======== (Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.) 2016-02-17 11:20 - 2014-07-07 02:01 - 00003598 _____ C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-1333113221-283914976-2350023895-1001 2016-02-17 10:49 - 2014-07-07 03:54 - 00000000 ____D C:\Users\fuikifou\AppData\Local\CrashDumps 2016-02-17 10:49 - 2012-08-02 23:24 - 00000000 ____D C:\Windows\Panther 2016-02-17 10:49 - 2012-07-26 06:37 - 00000000 ____D C:\Windows\Inf 2016-02-17 10:44 - 2014-09-25 16:54 - 00000000 ____D C:\Users\fuikifou\AppData\Roaming\Skype 2016-02-17 10:29 - 2014-07-06 21:07 - 00000074 _____ C:\Users\fuikifou\AppData\Roaming\sp_data.sys 2016-02-17 10:28 - 2015-05-13 16:55 - 00003384 _____ C:\Windows\System32\Tasks\Update Checker 2016-02-17 10:28 - 2014-04-07 18:53 - 00003268 _____ C:\Windows\System32\Tasks\AsusVibeSchedule 2016-02-17 10:28 - 2014-04-07 18:45 - 00003024 _____ C:\Windows\System32\Tasks\ASUS USB Charger Plus 2016-02-17 10:28 - 2014-04-07 18:45 - 00003004 _____ C:\Windows\System32\Tasks\ASUS Splendid ColorU 2016-02-17 10:28 - 2014-04-07 18:45 - 00002988 _____ C:\Windows\System32\Tasks\ASUS Splendid ACMON 2016-02-17 10:28 - 2014-04-07 18:44 - 00003052 _____ C:\Windows\System32\Tasks\ASUS P4G 2016-02-17 10:28 - 2014-04-07 18:32 - 00003540 _____ C:\Windows\System32\Tasks\ASUS Smart Gesture Launcher 2016-02-17 10:28 - 2012-07-26 09:12 - 00000000 ____D C:\Windows\system32\NDF 2016-02-17 10:24 - 2012-07-26 08:22 - 00000006 ____H C:\Windows\Tasks\SA.DAT 2016-02-17 10:23 - 2012-07-26 06:26 - 00524288 ___SH C:\Windows\system32\config\BBI 2016-02-17 10:22 - 2014-07-06 21:08 - 00000000 ____D C:\Users\fuikifou\Documents\Bluetooth Folder 2016-02-17 10:16 - 2014-04-07 18:22 - 00000000 ____D C:\ProgramData\Package Cache 2016-02-17 10:07 - 2014-07-07 02:12 - 00000000 ____D C:\Program Files\Google 2016-02-17 10:07 - 2014-07-07 02:06 - 00000000 ____D C:\Program Files (x86)\Google 2016-02-17 10:07 - 2014-07-07 01:58 - 00000000 ____D C:\ProgramData\AVAST Software 2016-02-17 10:05 - 2014-07-07 02:06 - 00000000 ____D C:\Users\fuikifou\AppData\Local\Google 2016-02-17 10:05 - 2012-07-26 09:12 - 00000000 ____D C:\Windows\rescache 2016-02-16 19:40 - 2014-07-06 21:04 - 00000000 ____D C:\Users\fuikifou 2016-02-16 18:30 - 2012-07-26 08:59 - 00000000 ____D C:\Windows\CbsTemp 2016-02-16 18:29 - 2014-12-12 15:25 - 00000000 ____D C:\Windows\system32\appraiser 2016-02-16 13:12 - 2014-09-29 16:18 - 00000000 ____D C:\Program Files (x86)\360 2016-02-16 12:30 - 2015-05-23 13:29 - 00000000 ____D C:\Users\fuikifou\Desktop\marrakech mai 2015 2016-02-16 12:26 - 2014-07-10 17:31 - 00741800 _____ C:\Windows\system32\perfh007.dat 2016-02-16 12:26 - 2014-07-10 17:31 - 00155360 _____ C:\Windows\system32\perfc007.dat 2016-02-16 12:26 - 2012-08-03 00:06 - 00800978 _____ C:\Windows\system32\perfh00C.dat 2016-02-16 12:26 - 2012-08-03 00:06 - 00155650 _____ C:\Windows\system32\perfc00C.dat 2016-02-16 12:26 - 2012-07-26 08:28 - 02690548 _____ C:\Windows\system32\PerfStringBackup.INI 2016-02-16 12:00 - 2012-07-26 09:12 - 00000000 ____D C:\Windows\AUInstallAgent 2016-02-16 11:55 - 2012-07-26 09:12 - 00000000 ___HD C:\Program Files\WindowsApps 2016-02-16 11:01 - 2014-09-29 16:21 - 00000000 __SHD C:\ProgramData\360Quarant 2016-02-16 11:01 - 2014-09-29 16:21 - 00000000 __SHD C:\$360Section 2016-02-04 15:30 - 2014-07-07 08:49 - 00000000 ____D C:\Users\fuikifou\AppData\Local\PokerStars.FR 2016-02-04 15:30 - 2014-07-07 08:48 - 00000000 ____D C:\Program Files (x86)\PokerStars.FR 2016-02-04 15:24 - 2016-01-07 13:52 - 00000000 ____D C:\Program Files\Microsoft Silverlight 2016-02-04 15:24 - 2016-01-07 13:52 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight 2016-02-04 15:20 - 2014-07-17 22:54 - 00000000 ___SD C:\Windows\system32\CompatTel 2016-01-30 15:41 - 2016-01-07 13:53 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight 2016-01-30 15:12 - 2014-07-10 14:35 - 00000000 ____D C:\Windows\system32\MRT 2016-01-30 14:52 - 2014-07-10 14:35 - 143671360 ____N (Microsoft Corporation) C:\Windows\system32\MRT.exe 2016-01-18 18:34 - 2014-09-25 16:53 - 00000000 ___RD C:\Program Files (x86)\Skype ==================== Fichiers à la racine de certains dossiers ======= 2014-07-06 21:07 - 2016-02-17 10:29 - 0000074 _____ () C:\Users\fuikifou\AppData\Roaming\sp_data.sys 2014-04-07 18:28 - 2014-04-07 18:28 - 0000000 ____H () C:\ProgramData\DP45977C.lfl 2013-04-26 00:15 - 2012-09-07 12:40 - 0000256 _____ () C:\ProgramData\SetStretch.cmd 2013-04-26 00:15 - 2009-07-22 11:04 - 0024576 _____ () C:\ProgramData\SetStretch.exe 2013-04-26 00:15 - 2012-09-07 12:37 - 0000103 _____ () C:\ProgramData\SetStretch.VBS 2014-07-07 15:39 - 2014-07-07 15:39 - 0000073 _____ () C:\ProgramData\{40BF1E83-20EB-11D8-97C5-0009C5020658}.log 2014-07-07 15:38 - 2014-07-07 15:39 - 0000107 _____ () C:\ProgramData\{C59C179C-668D-49A9-B6EA-0121CCFC1243}.log Fichiers à déplacer ou supprimer: ==================== C:\Users\fuikifou\ZHPDiag3.exe Certains fichiers dans TEMP: ==================== C:\Users\fuikifou\AppData\Local\Temp\avgnt.exe C:\Users\fuikifou\AppData\Local\Temp\sqlite3.dll ==================== Bamital & volsnap ================= (Il n'y a pas de correction automatique pour les fichiers qui ne satisfont pas à la vérification.) C:\Windows\system32\winlogon.exe => Le fichier est signé numériquement C:\Windows\system32\wininit.exe => Le fichier est signé numériquement C:\Windows\explorer.exe => Le fichier est signé numériquement C:\Windows\SysWOW64\explorer.exe => Le fichier est signé numériquement C:\Windows\system32\svchost.exe => Le fichier est signé numériquement C:\Windows\SysWOW64\svchost.exe => Le fichier est signé numériquement C:\Windows\system32\services.exe => Le fichier est signé numériquement C:\Windows\system32\User32.dll => Le fichier est signé numériquement C:\Windows\SysWOW64\User32.dll => Le fichier est signé numériquement C:\Windows\system32\userinit.exe => Le fichier est signé numériquement C:\Windows\SysWOW64\userinit.exe => Le fichier est signé numériquement C:\Windows\system32\rpcss.dll => Le fichier est signé numériquement C:\Windows\system32\dnsapi.dll => Le fichier est signé numériquement C:\Windows\SysWOW64\dnsapi.dll => Le fichier est signé numériquement C:\Windows\system32\Drivers\volsnap.sys => Le fichier est signé numériquement LastRegBack: 2016-02-16 18:29 ==================== Fin de FRST.txt ============================