Publicité
Publicité
Format du document : text/plain
Prévisualisation
Résultats d'analyse de Farbar Recovery Scan Tool (FRST) (x64) Version: 15-03-2017
Exécuté par TOF (administrateur) sur DESKTOP-GS5LBEP (04-04-2017 06:29:20)
Exécuté depuis C:\Users\TOF\Desktop
Profils chargés: TOF (Profils disponibles: jake2 & TOF)
Platform: Windows 10 Home Version 1511 (X64) Langue: Français (France)
Internet Explorer Version 11 (Navigateur par défaut: Chrome)
Mode d'amorçage: Normal
Tutoriel pour Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processus (Avec liste blanche) =================
(Si un élément est inclus dans le fichier fixlist.txt, le processus sera arrêté. Le fichier ne sera pas déplacé.)
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(ASUS Cloud Corporation) C:\Program Files (x86)\ASUS\WebStorage\2.2.6.547\AsusWSWinService.exe
(Intel Corporation) C:\Windows\SysWOW64\esif_uf.exe
(Zhuhai Kingsoft Office Software Co.,Ltd) C:\Program Files (x86)\Kingsoft\WPS Office\9.1.0.5247\wtoolex\wpsupdatesvr.exe
(Intel Corporation) C:\Windows\System32\ibtsiva.exe
(Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(WildTangent) C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\TXE Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Security Assist\isa.exe
(AVAST Software s.r.o.) C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe
(Intel Corporation) C:\Windows\Temp\DPTF\esif_assist_64.exe
(ASUS) C:\Program Files (x86)\ASUS\Splendid\ACMON.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe
(ASUSTek Computer Inc) C:\Program Files (x86)\ASUS\Giftbox\Asusgiftbox.exe
(ASUSTek Computer Inc) C:\Program Files (x86)\ASUS\Giftbox\Asusgiftbox.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPLoader.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
() C:\Windows\System32\igfxTray.exe
(ASUSTek Computer Inc) C:\Program Files (x86)\ASUS\Giftbox\Asusgiftbox.exe
(AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPCenter.exe
(ASUSTek Computer Inc) C:\Program Files (x86)\ASUS\Giftbox\Asusgiftbox.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPHelper.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
() C:\Program Files (x86)\Dropbox\DropboxOEM\DropboxOEM.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(ASUS Cloud Corporation) C:\Program Files (x86)\ASUS\WebStorage\2.2.6.547\AsusWSPanel.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\Updates\16.0.7870.2031\OfficeClickToRun.exe
==================== Registre (Avec liste blanche) ====================
(Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé. Le fichier ne sera pas déplacé.)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [213824 2017-03-29] (AVAST Software)
HKLM-x32\...\Run: [WebStorage] => C:\Program Files (x86)\ASUS\WebStorage\2.2.6.547\ASUSWSLoader.exe [63272 2015-12-24] ()
HKLM-x32\...\Run: [AsInstCD] => C:\Preload64\Patch\AsInst.exe /inst
ShellIconOverlayIdentifiers: [!AsusWSShellExt_B] -> {6D4133E5-0742-4ADC-8A8C-9303440F7191} => C:\Program Files (x86)\Common Files\AWS\2.2.6.547\ASUSWSShellExt64.dll [2015-04-22] (ASUS Cloud Corporation.)
ShellIconOverlayIdentifiers: [!AsusWSShellExt_O] -> {64174815-8D98-4CE6-8646-4C039977D809} => C:\Program Files (x86)\Common Files\AWS\2.2.6.547\ASUSWSShellExt64.dll [2015-04-22] (ASUS Cloud Corporation.)
ShellIconOverlayIdentifiers: [!AsusWSShellExt_U] -> {1C5AB7B1-0B38-4EC4-9093-7FD277E2AF4E} => C:\Program Files (x86)\Common Files\AWS\2.2.6.547\ASUSWSShellExt64.dll [2015-04-22] (ASUS Cloud Corporation.)
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2017-03-29] (AVAST Software)
==================== Internet (Avec liste blanche) ====================
(Si un élément est inclus dans le fichier fixlist.txt, s'il s'agit d'un élément du Registre, il sera supprimé ou restauré à la valeur par défaut.)
AutoConfigURL: [S-1-5-21-3737769620-1569259712-1830570360-1003] => hxxp://noblok.biz/wpad.dat?1c2a383efdf47fb5cb47af94438f039527436286
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{3ca13224-8425-45d9-8e58-e11c2f50206d}: [DhcpNameServer] 10.66.64.1
Tcpip\..\Interfaces\{4abb113d-8d56-40b4-9abc-4a0fea821ec6}: [DhcpNameServer] 10.66.64.1
Tcpip\..\Interfaces\{5c464ae5-617f-40eb-8537-30b467fa611a}: [DhcpNameServer] 192.168.1.1
ManualProxies: 0hxxp://noblok.biz/wpad.dat?1c2a383efdf47fb5cb47af94438f039527436286
Internet Explorer:
==================
HKU\S-1-5-21-3737769620-1569259712-1830570360-1003\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://asus15.msn.com/?pc=ASTE
HKU\S-1-5-21-3737769620-1569259712-1830570360-1003\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://asus15.msn.com/?pc=ASTE
SearchScopes: HKU\S-1-5-21-3737769620-1569259712-1830570360-1003 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-3737769620-1569259712-1830570360-1003 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO-x32: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll [2017-01-11] (Microsoft Corporation)
BHO-x32: Evernote extension -> {92EF2EAD-A7CE-4424-B0DB-499CF856608E} -> C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll [2015-09-03] (Evernote Corp., 305 Walnut Street, Redwood City, CA 94063)
BHO-x32: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\GROOVEEX.DLL [2017-01-11] (Microsoft Corporation)
Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2017-01-11] (Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2017-01-11] (Microsoft Corporation)
Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2017-01-11] (Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2017-01-11] (Microsoft Corporation)
Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2017-01-11] (Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2017-01-11] (Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2017-01-11] (Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2017-01-11] (Microsoft Corporation)
FireFox:
========
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2017-01-11] (Microsoft Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/pdf -> C:\Program Files (x86)\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [2015-07-10] (Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.fdf -> C:\Program Files (x86)\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [2015-07-10] (Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.xdp -> C:\Program Files (x86)\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [2015-07-10] (Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.xfdf -> C:\Program Files (x86)\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [2015-07-10] (Foxit Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.56 -> C:\Program Files (x86)\Intel\TXE Components\IPT\npIntelWebAPIIPT.dll [2014-07-02] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\TXE Components\IPT\npIntelWebAPIUpdater.dll [2014-07-02] (Intel Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2017-01-11] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2017-03-29] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2017-03-29] (Google Inc.)
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll [2015-12-22] ()
Chrome:
=======
CHR HomePage: Default -> hxxps://www.google.fr/
CHR Profile: C:\Users\TOF\AppData\Local\Google\Chrome\User Data\Default [2017-04-04]
CHR Extension: (Google Slides) - C:\Users\TOF\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-03-29]
CHR Extension: (Google Docs) - C:\Users\TOF\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-03-29]
CHR Extension: (Google Drive) - C:\Users\TOF\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2017-03-29]
CHR Extension: (YouTube) - C:\Users\TOF\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2017-03-29]
CHR Extension: (Tampermonkey) - C:\Users\TOF\AppData\Local\Google\Chrome\User Data\Default\Extensions\dhdgffkkebhmkfjojejmpbldmpobfkfo [2017-03-29]
CHR Extension: (Google Sheets) - C:\Users\TOF\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-03-29]
CHR Extension: (Google Docs hors connexion) - C:\Users\TOF\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2017-03-29]
CHR Extension: (AdBlock) - C:\Users\TOF\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2017-04-03]
CHR Extension: (Avast Online Security) - C:\Users\TOF\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2017-03-30]
CHR Extension: (Paiements via le Chrome Web Store) - C:\Users\TOF\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-03-29]
CHR Extension: (Gmail) - C:\Users\TOF\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2017-03-29]
CHR Extension: (Chrome Media Router) - C:\Users\TOF\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-03-29]
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - hxxps://clients2.google.com/service/update2/crx
Opera:
=======
OPR Extension: (Tampermonkey) - C:\Users\TOF\AppData\Roaming\Opera Software\Opera Stable\Extensions\mfdhdgbonjidekjkjmjaneanmdmpmidf [2017-04-01]
StartMenuInternet: (HKLM) OperaStable - C:\Program Files\Opera\Launcher.exe
==================== Services (Avec liste blanche) ====================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
R2 Asus WebStorage Windows Service; C:\Program Files (x86)\ASUS\WebStorage\2.2.6.547\AsusWSWinService.exe [75264 2015-12-24] (ASUS Cloud Corporation) [Fichier non signé]
R3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe [7398336 2017-03-29] (AVAST Software s.r.o.)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [261712 2017-03-29] (AVAST Software)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [2912496 2016-03-06] (Microsoft Corporation)
S2 dbupdate; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2017-03-28] (Dropbox, Inc.)
S3 dbupdatem; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2017-03-28] (Dropbox, Inc.)
R2 esifsvc; C:\Windows\SysWOW64\esif_uf.exe [1385640 2015-07-13] (Intel Corporation)
R2 GamesAppIntegrationService; C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe [349728 2015-12-22] (WildTangent)
R2 ibtsiva; C:\Windows\system32\ibtsiva.exe [165616 2015-11-12] (Intel Corporation)
R2 igfxCUIService2.0.0.0; C:\Windows\system32\igfxCUIService.exe [356336 2016-10-06] (Intel Corporation)
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\TXE Components\TCS\SocketHeciServer.exe [881152 2015-05-22] (Intel(R) Corporation)
R3 Intel(R) Security Assist; C:\Program Files (x86)\Intel\Intel(R) Security Assist\isa.exe [335872 2015-05-19] (Intel Corporation) [Fichier non signé]
S2 isaHelperSvc; C:\Program Files (x86)\Intel\Intel(R) Security Assist\isaHelperService.exe [7680 2015-05-19] () [Fichier non signé]
R2 jhi_service; C:\Program Files (x86)\Intel\TXE Components\DAL\jhi_service.exe [174368 2015-04-21] (Intel Corporation)
R2 Kingsoft_WPS_UpdateService; C:\Program Files (x86)\Kingsoft\WPS Office\9.1.0.5247\wtoolex\wpsupdatesvr.exe [133480 2016-03-24] (Zhuhai Kingsoft Office Software Co.,Ltd)
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [268192 2015-12-02] ()
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [5495056 2015-06-17] (TeamViewer GmbH)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [364464 2015-10-30] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [24864 2015-10-30] (Microsoft Corporation)
R2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [3832224 2015-12-02] (Intel® Corporation)
S4 mccspsvc; "C:\Program Files\Common Files\McAfee\CSP\1.9.741.0\\McCSPServiceHost.exe" [X]
S4 McProxy; "C:\Program Files\Common Files\McAfee\platform\McSvcHost\McSvHost.exe" /McCoreSvc [X]
===================== Pilotes (Avec liste blanche) ======================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
R3 AsusSGDrv; C:\Windows\system32\DRIVERS\AsusSGDrv.sys [142840 2016-03-04] (ASUS Corporation)
R1 aswbidsdriver; C:\Windows\system32\drivers\aswbidsdrivera.sys [307736 2017-03-29] (AVAST Software s.r.o.)
R0 aswbidsh; C:\Windows\system32\drivers\aswbidsha.sys [189768 2017-03-29] (AVAST Software s.r.o.)
R0 aswblog; C:\Windows\system32\drivers\aswbloga.sys [334088 2017-03-29] (AVAST Software s.r.o.)
R0 aswbuniv; C:\Windows\system32\drivers\aswbuniva.sys [48528 2017-03-29] (AVAST Software s.r.o.)
S3 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [38296 2017-03-29] (AVAST Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [127112 2017-03-29] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [101152 2017-03-29] (AVAST Software)
R0 aswRvrt; C:\Windows\system32\drivers\aswRvrt.sys [75704 2017-03-29] (AVAST Software)
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1005048 2017-03-29] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [556784 2017-03-29] (AVAST Software)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [164064 2017-03-29] (AVAST Software)
R0 aswVmm; C:\Windows\system32\drivers\aswVmm.sys [339696 2017-03-29] (AVAST Software)
S3 AX88772; C:\Windows\System32\drivers\ax88772.sys [111616 2015-10-30] (ASIX Electronics Corp.)
R3 dptf_cpu; C:\Windows\System32\drivers\dptf_cpu.sys [43512 2015-07-13] (Intel Corporation)
R3 esif_lf; C:\Windows\system32\DRIVERS\esif_lf.sys [251384 2015-07-13] (Intel Corporation)
R3 iagpioe; C:\Windows\System32\drivers\iagpioe.sys [41984 2015-06-03] (Intel(R) Corporation)
R3 iai2ce; C:\Windows\System32\drivers\iai2ce.sys [90112 2015-07-07] (Intel(R) Corporation)
R3 ibtusb; C:\Windows\system32\DRIVERS\ibtusb.sys [300304 2015-11-13] (Intel Corporation)
R3 igfxLP; C:\Windows\system32\DRIVERS\igdkmd64lp.sys [7394296 2016-10-06] (Intel Corporation)
R3 NETwNb64; C:\Windows\System32\drivers\Netwbw02.sys [3515152 2015-12-25] (Intel Corporation)
R3 RTSUER; C:\Windows\system32\Drivers\RtsUer.sys [418784 2016-08-05] (Realsil Semiconductor Corporation)
R3 TXEIx64; C:\Windows\System32\drivers\TXEIx64.sys [146232 2015-06-26] (Intel Corporation)
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44568 2015-10-30] (Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [293216 2015-10-30] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [118112 2015-10-30] (Microsoft Corporation)
U0 msahci; system32\drivers\msahci.sys [X]
==================== NetSvcs (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
==================== Un mois - Créés - fichiers et dossiers ========
(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)
2017-04-04 06:29 - 2017-04-04 06:29 - 00020070 _____ C:\Users\TOF\Desktop\FRST.txt
2017-04-04 06:28 - 2017-04-04 06:29 - 00000000 ____D C:\FRST
2017-04-04 06:21 - 2017-04-04 06:28 - 02424832 _____ (Farbar) C:\Users\TOF\Desktop\FRST64.exe
2017-04-02 21:37 - 2017-04-02 21:37 - 00000000 ____D C:\Users\TOF\AppData\Local\ElevatedDiagnostics
2017-04-02 09:50 - 2017-04-02 09:50 - 00876544 _____ C:\Users\TOF\Downloads\Office_365_Serial_Key_plus_Product_Key_Free_Download.iso
2017-04-02 09:42 - 2017-04-02 09:42 - 00000000 ____D C:\Users\TOF\AppData\LocalLow\Evernote
2017-04-02 09:36 - 2017-04-02 09:36 - 00000622 _____ C:\Users\TOF\Downloads\KMSAutoLite.ini
2017-04-02 09:32 - 2017-04-02 09:32 - 06166016 _____ (Ratiborus, MSFree Inc.) C:\Users\TOF\Downloads\KMSAuto.exe
2017-04-02 09:12 - 2017-04-02 09:12 - 00000000 ____D C:\Users\TOF\AppData\Local\Microsoft Help
2017-04-02 09:08 - 2017-04-02 09:08 - 00000000 ____D C:\ProgramData\Microsoft Toolkit
2017-04-01 19:20 - 2017-04-01 19:20 - 00199328 _____ C:\Users\TOF\Downloads\kingsage_enhancement_sui (1).user.js
2017-04-01 19:10 - 2017-04-02 09:51 - 00001374 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Opera.lnk
2017-04-01 19:10 - 2017-04-02 09:51 - 00001362 _____ C:\Users\Public\Desktop\Opera.lnk
2017-04-01 19:10 - 2017-04-01 19:10 - 00003970 _____ C:\Windows\System32\Tasks\Opera scheduled Autoupdate 1491066648
2017-04-01 19:10 - 2017-04-01 19:10 - 00000000 ____D C:\Users\TOF\AppData\Roaming\Opera Software
2017-04-01 19:10 - 2017-04-01 19:10 - 00000000 ____D C:\Users\TOF\AppData\Local\Opera Software
2017-04-01 18:57 - 2017-04-01 19:11 - 00000000 ____D C:\Program Files\Opera
2017-04-01 18:57 - 2017-04-01 18:57 - 01186800 _____ (Opera Software) C:\Users\TOF\Downloads\OperaSetup.exe
2017-03-30 18:52 - 2017-03-30 19:04 - 00004822 _____ C:\Windows\System32\Tasks\Adobe Flash Player PPAPI Notifier
2017-03-30 18:52 - 2017-03-30 19:04 - 00004594 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2017-03-30 18:47 - 2017-03-30 19:04 - 00000000 ____D C:\Users\TOF\AppData\Local\Adobe
2017-03-29 21:42 - 2017-03-29 21:42 - 00000000 ____D C:\Windows\system32\SleepStudy
2017-03-29 19:26 - 2017-03-29 19:26 - 00000000 ____D C:\Users\TOF\AppData\Roaming\Foxit Software
2017-03-29 17:52 - 2017-03-29 17:52 - 00000000 ____D C:\Users\TOF\AppData\Local\Crashpad
2017-03-29 17:04 - 2017-03-29 17:04 - 00000000 ____D C:\ProgramData\SWCUTemp
2017-03-29 17:03 - 2017-03-29 17:03 - 00001981 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast Antivirus Gratuit.lnk
2017-03-29 17:03 - 2017-03-29 17:03 - 00001969 _____ C:\Users\Public\Desktop\Avast Antivirus Gratuit.lnk
2017-03-29 17:03 - 2017-03-29 17:03 - 00000000 ____D C:\Windows\System32\Tasks\AVAST Software
2017-03-29 17:03 - 2017-03-29 17:03 - 00000000 ____D C:\Users\TOF\AppData\Roaming\AVAST Software
2017-03-29 17:03 - 2017-03-29 17:03 - 00000000 ____D C:\Users\TOF\AppData\Local\CEF
2017-03-29 17:03 - 2017-03-29 17:03 - 00000000 ____D C:\Program Files\Common Files\AV
2017-03-29 17:02 - 2017-03-29 18:00 - 00004268 _____ C:\Windows\System32\Tasks\Avast Emergency Update
2017-03-29 17:02 - 2017-03-29 17:02 - 01005048 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys
2017-03-29 17:02 - 2017-03-29 17:02 - 00556784 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys
2017-03-29 17:02 - 2017-03-29 17:02 - 00399944 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2017-03-29 17:02 - 2017-03-29 17:02 - 00339696 _____ (AVAST Software) C:\Windows\system32\Drivers\aswVmm.sys
2017-03-29 17:02 - 2017-03-29 17:02 - 00164064 _____ (AVAST Software) C:\Windows\system32\Drivers\aswStm.sys
2017-03-29 17:02 - 2017-03-29 17:02 - 00127112 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2017-03-29 17:02 - 2017-03-29 17:02 - 00101152 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2017-03-29 17:02 - 2017-03-29 17:02 - 00075704 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRvrt.sys
2017-03-29 17:02 - 2017-03-29 17:02 - 00038296 _____ (AVAST Software) C:\Windows\system32\Drivers\aswHwid.sys
2017-03-29 17:02 - 2017-03-29 17:01 - 00334088 _____ (AVAST Software s.r.o.) C:\Windows\system32\Drivers\aswbloga.sys
2017-03-29 17:02 - 2017-03-29 17:01 - 00307736 _____ (AVAST Software s.r.o.) C:\Windows\system32\Drivers\aswbidsdrivera.sys
2017-03-29 17:02 - 2017-03-29 17:01 - 00189768 _____ (AVAST Software s.r.o.) C:\Windows\system32\Drivers\aswbidsha.sys
2017-03-29 17:02 - 2017-03-29 17:01 - 00048528 _____ (AVAST Software s.r.o.) C:\Windows\system32\Drivers\aswbuniva.sys
2017-03-29 16:51 - 2017-03-29 16:51 - 00000000 ___HD C:\OneDriveTemp
2017-03-29 16:41 - 2017-03-29 16:41 - 00000000 ____D C:\Users\jake2\AppData\Roaming\awsRun
2017-03-29 16:39 - 2017-03-29 16:39 - 00000000 ____D C:\Users\jake2\AppData\Roaming\Macromedia
2017-03-29 16:37 - 2017-03-29 16:37 - 00000000 ____D C:\Users\jake2\AppData\Local\MicrosoftEdge
2017-03-29 16:36 - 2017-03-29 17:03 - 00000000 ___RD C:\Users\jake2\OneDrive
2017-03-29 16:36 - 2017-03-29 16:36 - 00002384 _____ C:\Users\jake2\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2017-03-29 16:35 - 2017-03-29 16:35 - 00000801 _____ C:\Users\jake2\Desktop\Assistant Mise à niveau de Windows 10.lnk
2017-03-29 16:35 - 2017-03-29 16:35 - 00000000 ____D C:\Users\jake2\AppData\Local\Comms
2017-03-29 16:35 - 2017-03-29 16:35 - 00000000 ____D C:\Users\jake2\AppData\Local\ActiveSync
2017-03-29 16:34 - 2017-03-29 16:34 - 00000000 ____D C:\Users\jake2\AppData\Local\VirtualStore
2017-03-29 16:34 - 2017-03-29 16:34 - 00000000 ____D C:\Users\jake2\AppData\Local\Publishers
2017-03-29 16:34 - 2017-03-29 16:34 - 00000000 ____D C:\Users\jake2\AppData\Local\Google
2017-03-29 16:33 - 2017-03-29 17:02 - 00000206 _____ C:\Users\jake2\AppData\Roaming\sp_data.sys
2017-03-29 16:33 - 2017-03-29 16:52 - 00000000 ____D C:\Users\jake2\AppData\Local\Packages
2017-03-29 16:33 - 2017-03-29 16:33 - 00000000 __SHD C:\Users\jake2\IntelGraphicsProfiles
2017-03-29 16:33 - 2017-03-29 16:33 - 00000000 ____D C:\Users\jake2\AppData\Roaming\WebStorage
2017-03-29 16:33 - 2017-03-29 16:33 - 00000000 ____D C:\Users\jake2\AppData\Roaming\Intel
2017-03-29 16:33 - 2017-03-29 16:33 - 00000000 ____D C:\Users\jake2\AppData\Roaming\Adobe
2017-03-29 16:33 - 2017-03-29 16:33 - 00000000 ____D C:\Users\jake2\AppData\Local\TileDataLayer
2017-03-29 16:18 - 2017-03-29 16:18 - 00003976 _____ C:\Windows\System32\Tasks\Update Checker
2017-03-29 16:08 - 2017-03-29 16:09 - 00199328 _____ C:\Users\TOF\Downloads\kingsage_enhancement_sui.user.js
2017-03-29 16:01 - 2017-03-29 16:01 - 00000000 ____D C:\Program Files\AVAST Software
2017-03-29 15:57 - 2017-03-29 21:28 - 00000000 ____D C:\ProgramData\AVAST Software
2017-03-29 15:51 - 2017-04-02 09:51 - 00002554 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2017-03-29 15:40 - 2017-03-29 15:40 - 00003586 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2017-03-29 15:40 - 2017-03-29 15:40 - 00003462 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2017-03-29 15:32 - 2017-03-29 15:57 - 06654960 _____ (AVAST Software) C:\Users\TOF\Downloads\avast_free_antivirus_setup_online.exe
2017-03-29 15:21 - 2017-03-29 15:21 - 00000000 ____D C:\Users\TOF\AppData\Local\NetworkTiles
2017-03-29 15:14 - 2017-03-29 15:14 - 00000000 ____H C:\Windows\system32\Drivers\Msft_User_WpdFs_01_11_00.Wdf
2017-03-29 14:50 - 2017-03-29 14:50 - 00000000 ___HD C:\$GetCurrent
2017-03-29 14:44 - 2017-04-04 06:10 - 00004174 _____ C:\Windows\System32\Tasks\User_Feed_Synchronization-{4A11163B-676F-44C8-9D00-F517B46C52DA}
2017-03-28 21:30 - 2017-03-28 21:30 - 00245640 _____ C:\Users\TOF\Downloads\Firefox Setup Stub 52.0.2.exe
2017-03-28 20:18 - 2017-03-28 20:18 - 00002365 _____ C:\Users\TOF\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Leboncoin.lnk
2017-03-28 20:11 - 2017-03-28 20:11 - 00000000 ____D C:\Users\TOF\AppData\Local\Comms
2017-03-28 20:10 - 2017-03-29 19:09 - 00000000 ____D C:\Users\TOF\AppData\Local\Google
2017-03-28 20:10 - 2017-03-29 15:51 - 00000000 ____D C:\Program Files (x86)\Google
2017-03-28 20:10 - 2017-03-28 20:10 - 00003286 _____ C:\Windows\System32\Tasks\OneDrive Standalone Update Task v2
2017-03-28 20:09 - 2017-03-28 20:09 - 00000000 ____D C:\Users\TOF\AppData\Roaming\Skype
2017-03-28 20:09 - 2015-10-29 19:43 - 06238720 _____ (Microsoft Corporation) C:\Windows\system32\NlsLexicons000c.dll
2017-03-28 20:09 - 2015-10-29 19:41 - 06238720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\NlsLexicons000c.dll
2017-03-28 20:09 - 2015-10-29 19:30 - 02354176 _____ (Microsoft Corporation) C:\Windows\system32\NlsData000c.dll
2017-03-28 20:09 - 2015-10-29 19:27 - 02268672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\NlsData000c.dll
2017-03-28 20:07 - 2017-03-28 20:07 - 00000000 ____D C:\Users\TOF\AppData\Local\MicrosoftEdge
2017-03-28 19:59 - 2017-03-28 19:59 - 00001053 _____ C:\Users\TOF\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Fonctionnalités optionnelles.lnk
2017-03-28 19:59 - 2017-03-28 19:59 - 00000000 ____D C:\Users\TOF\AppData\Roaming\awsRun
2017-03-28 19:55 - 2017-03-28 20:10 - 00002407 _____ C:\Users\TOF\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2017-03-28 19:55 - 2017-03-28 20:10 - 00000000 ___RD C:\Users\TOF\OneDrive
2017-03-28 19:54 - 2017-03-29 16:35 - 00000813 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Assistant Mise à niveau de Windows 10.lnk
2017-03-28 19:54 - 2017-03-29 16:35 - 00000000 ____D C:\Windows10Upgrade
2017-03-28 19:54 - 2017-03-28 19:54 - 00000801 _____ C:\Users\TOF\Desktop\Assistant Mise à niveau de Windows 10.lnk
2017-03-28 19:53 - 2017-03-28 19:53 - 00000000 ____D C:\Users\TOF\AppData\Local\ActiveSync
2017-03-28 19:52 - 2017-03-28 19:52 - 00002138 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox 25 GB.lnk
2017-03-28 19:52 - 2017-03-28 19:52 - 00000000 ____D C:\Users\TOF\AppData\Roaming\Macromedia
2017-03-28 19:52 - 2017-03-28 19:52 - 00000000 ____D C:\Users\TOF\AppData\Roaming\DropboxOEM
2017-03-28 19:52 - 2017-03-28 19:52 - 00000000 ____D C:\Users\TOF\AppData\Local\Publishers
2017-03-28 19:52 - 2017-03-28 19:52 - 00000000 ____D C:\Users\TOF\AppData\Local\DropboxOEM
2017-03-28 19:52 - 2017-03-28 19:52 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Outils Microsoft Office 2016
2017-03-28 19:51 - 2017-04-04 06:08 - 00000206 _____ C:\Users\TOF\AppData\Roaming\sp_data.sys
2017-03-28 19:51 - 2017-04-04 06:08 - 00000000 ____D C:\Users\TOF\AppData\Local\ASUS GIFTBOX
2017-03-28 19:51 - 2017-04-04 06:07 - 00000000 __SHD C:\Users\TOF\IntelGraphicsProfiles
2017-03-28 19:51 - 2017-03-28 21:11 - 00000000 ____D C:\Users\TOF\AppData\Local\Packages
2017-03-28 19:51 - 2017-03-28 19:55 - 00000000 ____D C:\Users\TOF
2017-03-28 19:51 - 2017-03-28 19:51 - 00000020 ___SH C:\Users\TOF\ntuser.ini
2017-03-28 19:51 - 2017-03-28 19:51 - 00000000 _SHDL C:\Users\TOF\Voisinage réseau
2017-03-28 19:51 - 2017-03-28 19:51 - 00000000 _SHDL C:\Users\TOF\Voisinage d'impression
2017-03-28 19:51 - 2017-03-28 19:51 - 00000000 _SHDL C:\Users\TOF\Modèles
2017-03-28 19:51 - 2017-03-28 19:51 - 00000000 _SHDL C:\Users\TOF\Mes documents
2017-03-28 19:51 - 2017-03-28 19:51 - 00000000 _SHDL C:\Users\TOF\Menu Démarrer
2017-03-28 19:51 - 2017-03-28 19:51 - 00000000 _SHDL C:\Users\TOF\Documents\Mes vidéos
2017-03-28 19:51 - 2017-03-28 19:51 - 00000000 _SHDL C:\Users\TOF\Documents\Mes images
2017-03-28 19:51 - 2017-03-28 19:51 - 00000000 _SHDL C:\Users\TOF\Documents\Ma musique
2017-03-28 19:51 - 2017-03-28 19:51 - 00000000 _SHDL C:\Users\TOF\AppData\Roaming\Microsoft\Windows\Start Menu\Programmes
2017-03-28 19:51 - 2017-03-28 19:51 - 00000000 _SHDL C:\Users\TOF\AppData\Local\Historique
2017-03-28 19:51 - 2017-03-28 19:51 - 00000000 ____D C:\Users\TOF\AppData\Roaming\WebStorage
2017-03-28 19:51 - 2017-03-28 19:51 - 00000000 ____D C:\Users\TOF\AppData\Roaming\Intel
2017-03-28 19:51 - 2017-03-28 19:51 - 00000000 ____D C:\Users\TOF\AppData\Roaming\Adobe
2017-03-28 19:51 - 2017-03-28 19:51 - 00000000 ____D C:\Users\TOF\AppData\Local\VirtualStore
2017-03-28 19:51 - 2017-03-28 19:51 - 00000000 ____D C:\Users\TOF\AppData\Local\TileDataLayer
2017-03-28 19:47 - 2017-03-29 16:36 - 00000000 ____D C:\Users\jake2
2017-03-28 19:47 - 2017-03-28 19:47 - 00000020 ___SH C:\Users\jake2\ntuser.ini
2017-03-28 19:47 - 2017-03-28 19:47 - 00000000 _SHDL C:\Users\jake2\Voisinage réseau
2017-03-28 19:47 - 2017-03-28 19:47 - 00000000 _SHDL C:\Users\jake2\Voisinage d'impression
2017-03-28 19:47 - 2017-03-28 19:47 - 00000000 _SHDL C:\Users\jake2\Modèles
2017-03-28 19:47 - 2017-03-28 19:47 - 00000000 _SHDL C:\Users\jake2\Mes documents
2017-03-28 19:47 - 2017-03-28 19:47 - 00000000 _SHDL C:\Users\jake2\Menu Démarrer
2017-03-28 19:47 - 2017-03-28 19:47 - 00000000 _SHDL C:\Users\jake2\Documents\Mes vidéos
2017-03-28 19:47 - 2017-03-28 19:47 - 00000000 _SHDL C:\Users\jake2\Documents\Mes images
2017-03-28 19:47 - 2017-03-28 19:47 - 00000000 _SHDL C:\Users\jake2\Documents\Ma musique
2017-03-28 19:47 - 2017-03-28 19:47 - 00000000 _SHDL C:\Users\jake2\AppData\Roaming\Microsoft\Windows\Start Menu\Programmes
2017-03-28 19:47 - 2017-03-28 19:47 - 00000000 _SHDL C:\Users\jake2\AppData\Local\Historique
2017-03-28 19:39 - 2017-03-28 19:51 - 00000000 ____D C:\ProgramData\USBChargerPlus
2017-03-28 19:39 - 2017-03-28 19:39 - 00000000 ____D C:\ProgramData\ASUS Smart Gesture
2017-03-28 19:38 - 2017-04-04 06:07 - 00000180 _____ C:\Windows\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2017-03-28 19:37 - 2017-03-28 19:37 - 00000000 ___SD C:\Windows\UpdateAssistantV2
2017-03-28 19:37 - 2016-12-20 11:09 - 00025952 _____ (Microsoft Corporation) C:\Windows\system32\OOBEUpdater.exe
==================== Un mois - Modifiés - fichiers et dossiers ========
(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)
2017-04-04 06:28 - 2016-03-24 14:06 - 00000424 _____ C:\Windows\Tasks\WpsUpdateTask_Administrator.job
2017-04-04 06:07 - 2016-03-24 14:06 - 00001222 _____ C:\Windows\Tasks\DropboxUpdateTaskMachineCore.job
2017-04-03 22:37 - 2016-03-24 14:06 - 00001226 _____ C:\Windows\Tasks\DropboxUpdateTaskMachineUA.job
2017-04-03 21:32 - 2016-03-24 14:06 - 00000424 _____ C:\Windows\Tasks\WpsNotifyTask_Administrator.job
2017-04-03 14:55 - 2017-01-11 14:53 - 00003550 _____ C:\Windows\System32\Tasks\ASUS Live Update1
2017-04-03 14:55 - 2017-01-11 14:53 - 00003540 _____ C:\Windows\System32\Tasks\ASUS Live Update2
2017-04-02 21:37 - 2015-10-30 09:24 - 00000000 ____D C:\Windows\system32\NDF
2017-04-02 18:15 - 2015-10-30 09:21 - 00000000 ____D C:\Windows\INF
2017-04-02 09:09 - 2016-03-24 21:21 - 00810080 _____ C:\Windows\system32\perfh013.dat
2017-04-02 09:09 - 2016-03-24 21:21 - 00159714 _____ C:\Windows\system32\perfc013.dat
2017-04-02 09:09 - 2016-03-24 21:14 - 00803362 _____ C:\Windows\system32\perfh010.dat
2017-04-02 09:09 - 2016-03-24 21:14 - 00151814 _____ C:\Windows\system32\perfc010.dat
2017-04-02 09:09 - 2016-03-24 21:07 - 00826936 _____ C:\Windows\system32\perfh00C.dat
2017-04-02 09:09 - 2016-03-24 21:07 - 00156184 _____ C:\Windows\system32\perfc00C.dat
2017-04-02 09:09 - 2016-03-24 21:00 - 00765958 _____ C:\Windows\system32\perfh007.dat
2017-04-02 09:09 - 2016-03-24 21:00 - 00155498 _____ C:\Windows\system32\perfc007.dat
2017-04-02 09:09 - 2016-03-24 13:50 - 04690294 _____ C:\Windows\system32\PerfStringBackup.INI
2017-04-02 09:07 - 2015-10-30 09:24 - 00000000 ____D C:\Windows\rescache
2017-04-02 09:06 - 2015-10-30 09:11 - 00000000 ____D C:\Windows\CbsTemp
2017-04-02 09:04 - 2015-10-30 20:19 - 00000000 ____D C:\Program Files\Windows Journal
2017-04-02 09:04 - 2015-10-30 20:10 - 00000000 ____D C:\Windows\system32\Drivers\en-GB
2017-04-02 09:04 - 2015-10-30 20:10 - 00000000 ____D C:\Windows\en-GB
2017-04-02 09:04 - 2015-10-30 09:24 - 00000000 ___SD C:\Windows\system32\DiagSvcs
2017-04-02 09:04 - 2015-10-30 09:24 - 00000000 ___RD C:\Windows\PurchaseDialog
2017-04-02 09:04 - 2015-10-30 09:24 - 00000000 ___RD C:\Windows\MiracastView
2017-04-02 09:04 - 2015-10-30 09:24 - 00000000 ___RD C:\Windows\ImmersiveControlPanel
2017-04-02 09:04 - 2015-10-30 09:24 - 00000000 ___RD C:\Windows\DevicesFlow
2017-04-02 09:04 - 2015-10-30 09:24 - 00000000 ____D C:\Windows\system32\en-GB
2017-04-02 09:04 - 2015-10-30 09:24 - 00000000 ____D C:\Windows\PolicyDefinitions
2017-04-02 09:04 - 2015-10-30 09:24 - 00000000 ____D C:\Windows\IME
2017-04-02 09:04 - 2015-10-30 09:24 - 00000000 ____D C:\Windows\Help
2017-04-02 09:04 - 2015-10-30 09:24 - 00000000 ____D C:\Program Files\Windows Photo Viewer
2017-04-02 09:04 - 2015-10-30 09:24 - 00000000 ____D C:\Program Files\Windows Defender
2017-04-02 09:04 - 2015-10-30 09:24 - 00000000 ____D C:\Program Files\Common Files\System
2017-04-02 09:04 - 2015-10-30 09:24 - 00000000 ____D C:\Program Files (x86)\Windows Photo Viewer
2017-04-02 09:04 - 2015-10-30 09:24 - 00000000 ____D C:\Program Files (x86)\Windows Defender
2017-04-02 09:04 - 2015-10-30 08:28 - 00000000 ____D C:\Windows\servicing
2017-04-02 08:49 - 2015-10-30 09:24 - 00000000 ___HD C:\Program Files\WindowsApps
2017-03-30 19:04 - 2015-10-30 09:24 - 00000000 ____D C:\Windows\system32\Macromed
2017-03-30 19:03 - 2015-10-30 09:24 - 00000000 ____D C:\Windows\SysWOW64\Macromed
2017-03-29 17:22 - 2016-03-24 13:44 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2017-03-29 17:22 - 2015-10-30 08:28 - 00524288 ___SH C:\Windows\system32\config\BBI
2017-03-29 16:57 - 2015-10-30 09:24 - 00000000 ____D C:\Windows\AppReadiness
2017-03-29 16:34 - 2017-01-11 14:29 - 00000000 __RHD C:\Users\Public\AccountPictures
2017-03-29 16:18 - 2016-03-24 14:04 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ASUS
2017-03-29 16:18 - 2016-03-24 14:04 - 00000000 ____D C:\Program Files (x86)\ASUS
2017-03-29 15:57 - 2017-01-11 15:00 - 00000000 ____D C:\ProgramData\McAfee
2017-03-29 15:57 - 2017-01-11 15:00 - 00000000 ____D C:\Program Files\mcafee
2017-03-29 15:57 - 2017-01-11 15:00 - 00000000 ____D C:\Program Files\Common Files\McAfee
2017-03-29 15:55 - 2015-10-30 09:24 - 00000000 ___HD C:\Windows\ELAMBKUP
2017-03-29 15:55 - 2015-10-30 08:28 - 00032768 ___SH C:\Windows\system32\config\ELAM
2017-03-28 20:09 - 2015-10-30 20:11 - 00000000 ____D C:\Windows\OCR
2017-03-28 19:55 - 2017-01-11 15:09 - 00000000 ____D C:\Program Files\Microsoft Office
2017-03-28 19:52 - 2017-01-11 15:11 - 00002474 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PowerPoint 2016.lnk
2017-03-28 19:52 - 2017-01-11 15:11 - 00002474 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Access 2016.lnk
2017-03-28 19:52 - 2017-01-11 15:11 - 00002459 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Outlook 2016.lnk
2017-03-28 19:52 - 2017-01-11 15:11 - 00002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Word 2016.lnk
2017-03-28 19:52 - 2017-01-11 15:11 - 00002447 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneNote 2016.lnk
2017-03-28 19:52 - 2017-01-11 15:11 - 00002447 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Excel 2016.lnk
2017-03-28 19:52 - 2017-01-11 15:11 - 00002397 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Publisher 2016.lnk
2017-03-28 19:52 - 2016-03-24 14:06 - 00003186 _____ C:\Windows\System32\Tasks\DropboxOEM
2017-03-28 19:52 - 2016-03-24 14:06 - 00000000 ____D C:\Program Files (x86)\Dropbox
2017-03-28 19:52 - 2015-10-30 09:24 - 00000000 ___RD C:\Windows\PrintDialog
2017-03-28 19:48 - 2015-10-30 09:24 - 00000000 ____D C:\Windows\system32\WinBioDatabase
2017-03-28 19:42 - 2016-03-24 14:06 - 00004286 _____ C:\Windows\System32\Tasks\DropboxUpdateTaskMachineUA
2017-03-28 19:42 - 2016-03-24 14:06 - 00004054 _____ C:\Windows\System32\Tasks\DropboxUpdateTaskMachineCore
2017-03-28 19:37 - 2015-10-30 09:24 - 00000000 ____D C:\Windows\system32\oobe
==================== Fichiers à la racine de certains dossiers =======
2017-03-28 19:51 - 2017-04-04 06:08 - 0000206 _____ () C:\Users\TOF\AppData\Roaming\sp_data.sys
2017-01-11 14:41 - 2017-01-11 14:41 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
Certains fichiers dans TEMP:
====================
2017-04-02 09:08 - 2017-04-02 09:08 - 1042784 _____ (Microsoft Corporation) C:\Users\TOF\AppData\Local\Temp\PidGenX.dll
==================== Bamital & volsnap ======================
(Il n'y a pas de correction automatique pour les fichiers qui ne satisfont pas à la vérification.)
C:\Windows\system32\winlogon.exe => Le fichier est signé numériquement
C:\Windows\system32\wininit.exe => Le fichier est signé numériquement
C:\Windows\explorer.exe => Le fichier est signé numériquement
C:\Windows\SysWOW64\explorer.exe => Le fichier est signé numériquement
C:\Windows\system32\svchost.exe => Le fichier est signé numériquement
C:\Windows\SysWOW64\svchost.exe => Le fichier est signé numériquement
C:\Windows\system32\services.exe => Le fichier est signé numériquement
C:\Windows\system32\User32.dll => Le fichier est signé numériquement
C:\Windows\SysWOW64\User32.dll => Le fichier est signé numériquement
C:\Windows\system32\userinit.exe => Le fichier est signé numériquement
C:\Windows\SysWOW64\userinit.exe => Le fichier est signé numériquement
C:\Windows\system32\rpcss.dll => Le fichier est signé numériquement
C:\Windows\system32\dnsapi.dll => Le fichier est signé numériquement
C:\Windows\SysWOW64\dnsapi.dll => Le fichier est signé numériquement
C:\Windows\system32\Drivers\volsnap.sys => Le fichier est signé numériquement
LastRegBack: 2016-03-24 13:40
==================== Fin de FRST.txt ============================
Exécuté par TOF (administrateur) sur DESKTOP-GS5LBEP (04-04-2017 06:29:20)
Exécuté depuis C:\Users\TOF\Desktop
Profils chargés: TOF (Profils disponibles: jake2 & TOF)
Platform: Windows 10 Home Version 1511 (X64) Langue: Français (France)
Internet Explorer Version 11 (Navigateur par défaut: Chrome)
Mode d'amorçage: Normal
Tutoriel pour Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processus (Avec liste blanche) =================
(Si un élément est inclus dans le fichier fixlist.txt, le processus sera arrêté. Le fichier ne sera pas déplacé.)
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(ASUS Cloud Corporation) C:\Program Files (x86)\ASUS\WebStorage\2.2.6.547\AsusWSWinService.exe
(Intel Corporation) C:\Windows\SysWOW64\esif_uf.exe
(Zhuhai Kingsoft Office Software Co.,Ltd) C:\Program Files (x86)\Kingsoft\WPS Office\9.1.0.5247\wtoolex\wpsupdatesvr.exe
(Intel Corporation) C:\Windows\System32\ibtsiva.exe
(Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(WildTangent) C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\TXE Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Security Assist\isa.exe
(AVAST Software s.r.o.) C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe
(Intel Corporation) C:\Windows\Temp\DPTF\esif_assist_64.exe
(ASUS) C:\Program Files (x86)\ASUS\Splendid\ACMON.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe
(ASUSTek Computer Inc) C:\Program Files (x86)\ASUS\Giftbox\Asusgiftbox.exe
(ASUSTek Computer Inc) C:\Program Files (x86)\ASUS\Giftbox\Asusgiftbox.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPLoader.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
() C:\Windows\System32\igfxTray.exe
(ASUSTek Computer Inc) C:\Program Files (x86)\ASUS\Giftbox\Asusgiftbox.exe
(AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPCenter.exe
(ASUSTek Computer Inc) C:\Program Files (x86)\ASUS\Giftbox\Asusgiftbox.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPHelper.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
() C:\Program Files (x86)\Dropbox\DropboxOEM\DropboxOEM.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(ASUS Cloud Corporation) C:\Program Files (x86)\ASUS\WebStorage\2.2.6.547\AsusWSPanel.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\Updates\16.0.7870.2031\OfficeClickToRun.exe
==================== Registre (Avec liste blanche) ====================
(Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé. Le fichier ne sera pas déplacé.)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [213824 2017-03-29] (AVAST Software)
HKLM-x32\...\Run: [WebStorage] => C:\Program Files (x86)\ASUS\WebStorage\2.2.6.547\ASUSWSLoader.exe [63272 2015-12-24] ()
HKLM-x32\...\Run: [AsInstCD] => C:\Preload64\Patch\AsInst.exe /inst
ShellIconOverlayIdentifiers: [!AsusWSShellExt_B] -> {6D4133E5-0742-4ADC-8A8C-9303440F7191} => C:\Program Files (x86)\Common Files\AWS\2.2.6.547\ASUSWSShellExt64.dll [2015-04-22] (ASUS Cloud Corporation.)
ShellIconOverlayIdentifiers: [!AsusWSShellExt_O] -> {64174815-8D98-4CE6-8646-4C039977D809} => C:\Program Files (x86)\Common Files\AWS\2.2.6.547\ASUSWSShellExt64.dll [2015-04-22] (ASUS Cloud Corporation.)
ShellIconOverlayIdentifiers: [!AsusWSShellExt_U] -> {1C5AB7B1-0B38-4EC4-9093-7FD277E2AF4E} => C:\Program Files (x86)\Common Files\AWS\2.2.6.547\ASUSWSShellExt64.dll [2015-04-22] (ASUS Cloud Corporation.)
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2017-03-29] (AVAST Software)
==================== Internet (Avec liste blanche) ====================
(Si un élément est inclus dans le fichier fixlist.txt, s'il s'agit d'un élément du Registre, il sera supprimé ou restauré à la valeur par défaut.)
AutoConfigURL: [S-1-5-21-3737769620-1569259712-1830570360-1003] => hxxp://noblok.biz/wpad.dat?1c2a383efdf47fb5cb47af94438f039527436286
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{3ca13224-8425-45d9-8e58-e11c2f50206d}: [DhcpNameServer] 10.66.64.1
Tcpip\..\Interfaces\{4abb113d-8d56-40b4-9abc-4a0fea821ec6}: [DhcpNameServer] 10.66.64.1
Tcpip\..\Interfaces\{5c464ae5-617f-40eb-8537-30b467fa611a}: [DhcpNameServer] 192.168.1.1
ManualProxies: 0hxxp://noblok.biz/wpad.dat?1c2a383efdf47fb5cb47af94438f039527436286
Internet Explorer:
==================
HKU\S-1-5-21-3737769620-1569259712-1830570360-1003\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://asus15.msn.com/?pc=ASTE
HKU\S-1-5-21-3737769620-1569259712-1830570360-1003\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://asus15.msn.com/?pc=ASTE
SearchScopes: HKU\S-1-5-21-3737769620-1569259712-1830570360-1003 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-3737769620-1569259712-1830570360-1003 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO-x32: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll [2017-01-11] (Microsoft Corporation)
BHO-x32: Evernote extension -> {92EF2EAD-A7CE-4424-B0DB-499CF856608E} -> C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll [2015-09-03] (Evernote Corp., 305 Walnut Street, Redwood City, CA 94063)
BHO-x32: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\GROOVEEX.DLL [2017-01-11] (Microsoft Corporation)
Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2017-01-11] (Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2017-01-11] (Microsoft Corporation)
Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2017-01-11] (Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2017-01-11] (Microsoft Corporation)
Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2017-01-11] (Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2017-01-11] (Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2017-01-11] (Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2017-01-11] (Microsoft Corporation)
FireFox:
========
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2017-01-11] (Microsoft Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/pdf -> C:\Program Files (x86)\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [2015-07-10] (Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.fdf -> C:\Program Files (x86)\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [2015-07-10] (Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.xdp -> C:\Program Files (x86)\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [2015-07-10] (Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.xfdf -> C:\Program Files (x86)\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [2015-07-10] (Foxit Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.56 -> C:\Program Files (x86)\Intel\TXE Components\IPT\npIntelWebAPIIPT.dll [2014-07-02] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\TXE Components\IPT\npIntelWebAPIUpdater.dll [2014-07-02] (Intel Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2017-01-11] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2017-03-29] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2017-03-29] (Google Inc.)
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll [2015-12-22] ()
Chrome:
=======
CHR HomePage: Default -> hxxps://www.google.fr/
CHR Profile: C:\Users\TOF\AppData\Local\Google\Chrome\User Data\Default [2017-04-04]
CHR Extension: (Google Slides) - C:\Users\TOF\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-03-29]
CHR Extension: (Google Docs) - C:\Users\TOF\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-03-29]
CHR Extension: (Google Drive) - C:\Users\TOF\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2017-03-29]
CHR Extension: (YouTube) - C:\Users\TOF\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2017-03-29]
CHR Extension: (Tampermonkey) - C:\Users\TOF\AppData\Local\Google\Chrome\User Data\Default\Extensions\dhdgffkkebhmkfjojejmpbldmpobfkfo [2017-03-29]
CHR Extension: (Google Sheets) - C:\Users\TOF\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-03-29]
CHR Extension: (Google Docs hors connexion) - C:\Users\TOF\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2017-03-29]
CHR Extension: (AdBlock) - C:\Users\TOF\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2017-04-03]
CHR Extension: (Avast Online Security) - C:\Users\TOF\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2017-03-30]
CHR Extension: (Paiements via le Chrome Web Store) - C:\Users\TOF\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-03-29]
CHR Extension: (Gmail) - C:\Users\TOF\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2017-03-29]
CHR Extension: (Chrome Media Router) - C:\Users\TOF\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-03-29]
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - hxxps://clients2.google.com/service/update2/crx
Opera:
=======
OPR Extension: (Tampermonkey) - C:\Users\TOF\AppData\Roaming\Opera Software\Opera Stable\Extensions\mfdhdgbonjidekjkjmjaneanmdmpmidf [2017-04-01]
StartMenuInternet: (HKLM) OperaStable - C:\Program Files\Opera\Launcher.exe
==================== Services (Avec liste blanche) ====================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
R2 Asus WebStorage Windows Service; C:\Program Files (x86)\ASUS\WebStorage\2.2.6.547\AsusWSWinService.exe [75264 2015-12-24] (ASUS Cloud Corporation) [Fichier non signé]
R3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe [7398336 2017-03-29] (AVAST Software s.r.o.)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [261712 2017-03-29] (AVAST Software)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [2912496 2016-03-06] (Microsoft Corporation)
S2 dbupdate; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2017-03-28] (Dropbox, Inc.)
S3 dbupdatem; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2017-03-28] (Dropbox, Inc.)
R2 esifsvc; C:\Windows\SysWOW64\esif_uf.exe [1385640 2015-07-13] (Intel Corporation)
R2 GamesAppIntegrationService; C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe [349728 2015-12-22] (WildTangent)
R2 ibtsiva; C:\Windows\system32\ibtsiva.exe [165616 2015-11-12] (Intel Corporation)
R2 igfxCUIService2.0.0.0; C:\Windows\system32\igfxCUIService.exe [356336 2016-10-06] (Intel Corporation)
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\TXE Components\TCS\SocketHeciServer.exe [881152 2015-05-22] (Intel(R) Corporation)
R3 Intel(R) Security Assist; C:\Program Files (x86)\Intel\Intel(R) Security Assist\isa.exe [335872 2015-05-19] (Intel Corporation) [Fichier non signé]
S2 isaHelperSvc; C:\Program Files (x86)\Intel\Intel(R) Security Assist\isaHelperService.exe [7680 2015-05-19] () [Fichier non signé]
R2 jhi_service; C:\Program Files (x86)\Intel\TXE Components\DAL\jhi_service.exe [174368 2015-04-21] (Intel Corporation)
R2 Kingsoft_WPS_UpdateService; C:\Program Files (x86)\Kingsoft\WPS Office\9.1.0.5247\wtoolex\wpsupdatesvr.exe [133480 2016-03-24] (Zhuhai Kingsoft Office Software Co.,Ltd)
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [268192 2015-12-02] ()
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [5495056 2015-06-17] (TeamViewer GmbH)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [364464 2015-10-30] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [24864 2015-10-30] (Microsoft Corporation)
R2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [3832224 2015-12-02] (Intel® Corporation)
S4 mccspsvc; "C:\Program Files\Common Files\McAfee\CSP\1.9.741.0\\McCSPServiceHost.exe" [X]
S4 McProxy; "C:\Program Files\Common Files\McAfee\platform\McSvcHost\McSvHost.exe" /McCoreSvc [X]
===================== Pilotes (Avec liste blanche) ======================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
R3 AsusSGDrv; C:\Windows\system32\DRIVERS\AsusSGDrv.sys [142840 2016-03-04] (ASUS Corporation)
R1 aswbidsdriver; C:\Windows\system32\drivers\aswbidsdrivera.sys [307736 2017-03-29] (AVAST Software s.r.o.)
R0 aswbidsh; C:\Windows\system32\drivers\aswbidsha.sys [189768 2017-03-29] (AVAST Software s.r.o.)
R0 aswblog; C:\Windows\system32\drivers\aswbloga.sys [334088 2017-03-29] (AVAST Software s.r.o.)
R0 aswbuniv; C:\Windows\system32\drivers\aswbuniva.sys [48528 2017-03-29] (AVAST Software s.r.o.)
S3 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [38296 2017-03-29] (AVAST Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [127112 2017-03-29] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [101152 2017-03-29] (AVAST Software)
R0 aswRvrt; C:\Windows\system32\drivers\aswRvrt.sys [75704 2017-03-29] (AVAST Software)
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1005048 2017-03-29] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [556784 2017-03-29] (AVAST Software)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [164064 2017-03-29] (AVAST Software)
R0 aswVmm; C:\Windows\system32\drivers\aswVmm.sys [339696 2017-03-29] (AVAST Software)
S3 AX88772; C:\Windows\System32\drivers\ax88772.sys [111616 2015-10-30] (ASIX Electronics Corp.)
R3 dptf_cpu; C:\Windows\System32\drivers\dptf_cpu.sys [43512 2015-07-13] (Intel Corporation)
R3 esif_lf; C:\Windows\system32\DRIVERS\esif_lf.sys [251384 2015-07-13] (Intel Corporation)
R3 iagpioe; C:\Windows\System32\drivers\iagpioe.sys [41984 2015-06-03] (Intel(R) Corporation)
R3 iai2ce; C:\Windows\System32\drivers\iai2ce.sys [90112 2015-07-07] (Intel(R) Corporation)
R3 ibtusb; C:\Windows\system32\DRIVERS\ibtusb.sys [300304 2015-11-13] (Intel Corporation)
R3 igfxLP; C:\Windows\system32\DRIVERS\igdkmd64lp.sys [7394296 2016-10-06] (Intel Corporation)
R3 NETwNb64; C:\Windows\System32\drivers\Netwbw02.sys [3515152 2015-12-25] (Intel Corporation)
R3 RTSUER; C:\Windows\system32\Drivers\RtsUer.sys [418784 2016-08-05] (Realsil Semiconductor Corporation)
R3 TXEIx64; C:\Windows\System32\drivers\TXEIx64.sys [146232 2015-06-26] (Intel Corporation)
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44568 2015-10-30] (Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [293216 2015-10-30] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [118112 2015-10-30] (Microsoft Corporation)
U0 msahci; system32\drivers\msahci.sys [X]
==================== NetSvcs (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
==================== Un mois - Créés - fichiers et dossiers ========
(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)
2017-04-04 06:29 - 2017-04-04 06:29 - 00020070 _____ C:\Users\TOF\Desktop\FRST.txt
2017-04-04 06:28 - 2017-04-04 06:29 - 00000000 ____D C:\FRST
2017-04-04 06:21 - 2017-04-04 06:28 - 02424832 _____ (Farbar) C:\Users\TOF\Desktop\FRST64.exe
2017-04-02 21:37 - 2017-04-02 21:37 - 00000000 ____D C:\Users\TOF\AppData\Local\ElevatedDiagnostics
2017-04-02 09:50 - 2017-04-02 09:50 - 00876544 _____ C:\Users\TOF\Downloads\Office_365_Serial_Key_plus_Product_Key_Free_Download.iso
2017-04-02 09:42 - 2017-04-02 09:42 - 00000000 ____D C:\Users\TOF\AppData\LocalLow\Evernote
2017-04-02 09:36 - 2017-04-02 09:36 - 00000622 _____ C:\Users\TOF\Downloads\KMSAutoLite.ini
2017-04-02 09:32 - 2017-04-02 09:32 - 06166016 _____ (Ratiborus, MSFree Inc.) C:\Users\TOF\Downloads\KMSAuto.exe
2017-04-02 09:12 - 2017-04-02 09:12 - 00000000 ____D C:\Users\TOF\AppData\Local\Microsoft Help
2017-04-02 09:08 - 2017-04-02 09:08 - 00000000 ____D C:\ProgramData\Microsoft Toolkit
2017-04-01 19:20 - 2017-04-01 19:20 - 00199328 _____ C:\Users\TOF\Downloads\kingsage_enhancement_sui (1).user.js
2017-04-01 19:10 - 2017-04-02 09:51 - 00001374 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Opera.lnk
2017-04-01 19:10 - 2017-04-02 09:51 - 00001362 _____ C:\Users\Public\Desktop\Opera.lnk
2017-04-01 19:10 - 2017-04-01 19:10 - 00003970 _____ C:\Windows\System32\Tasks\Opera scheduled Autoupdate 1491066648
2017-04-01 19:10 - 2017-04-01 19:10 - 00000000 ____D C:\Users\TOF\AppData\Roaming\Opera Software
2017-04-01 19:10 - 2017-04-01 19:10 - 00000000 ____D C:\Users\TOF\AppData\Local\Opera Software
2017-04-01 18:57 - 2017-04-01 19:11 - 00000000 ____D C:\Program Files\Opera
2017-04-01 18:57 - 2017-04-01 18:57 - 01186800 _____ (Opera Software) C:\Users\TOF\Downloads\OperaSetup.exe
2017-03-30 18:52 - 2017-03-30 19:04 - 00004822 _____ C:\Windows\System32\Tasks\Adobe Flash Player PPAPI Notifier
2017-03-30 18:52 - 2017-03-30 19:04 - 00004594 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2017-03-30 18:47 - 2017-03-30 19:04 - 00000000 ____D C:\Users\TOF\AppData\Local\Adobe
2017-03-29 21:42 - 2017-03-29 21:42 - 00000000 ____D C:\Windows\system32\SleepStudy
2017-03-29 19:26 - 2017-03-29 19:26 - 00000000 ____D C:\Users\TOF\AppData\Roaming\Foxit Software
2017-03-29 17:52 - 2017-03-29 17:52 - 00000000 ____D C:\Users\TOF\AppData\Local\Crashpad
2017-03-29 17:04 - 2017-03-29 17:04 - 00000000 ____D C:\ProgramData\SWCUTemp
2017-03-29 17:03 - 2017-03-29 17:03 - 00001981 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast Antivirus Gratuit.lnk
2017-03-29 17:03 - 2017-03-29 17:03 - 00001969 _____ C:\Users\Public\Desktop\Avast Antivirus Gratuit.lnk
2017-03-29 17:03 - 2017-03-29 17:03 - 00000000 ____D C:\Windows\System32\Tasks\AVAST Software
2017-03-29 17:03 - 2017-03-29 17:03 - 00000000 ____D C:\Users\TOF\AppData\Roaming\AVAST Software
2017-03-29 17:03 - 2017-03-29 17:03 - 00000000 ____D C:\Users\TOF\AppData\Local\CEF
2017-03-29 17:03 - 2017-03-29 17:03 - 00000000 ____D C:\Program Files\Common Files\AV
2017-03-29 17:02 - 2017-03-29 18:00 - 00004268 _____ C:\Windows\System32\Tasks\Avast Emergency Update
2017-03-29 17:02 - 2017-03-29 17:02 - 01005048 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys
2017-03-29 17:02 - 2017-03-29 17:02 - 00556784 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys
2017-03-29 17:02 - 2017-03-29 17:02 - 00399944 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2017-03-29 17:02 - 2017-03-29 17:02 - 00339696 _____ (AVAST Software) C:\Windows\system32\Drivers\aswVmm.sys
2017-03-29 17:02 - 2017-03-29 17:02 - 00164064 _____ (AVAST Software) C:\Windows\system32\Drivers\aswStm.sys
2017-03-29 17:02 - 2017-03-29 17:02 - 00127112 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2017-03-29 17:02 - 2017-03-29 17:02 - 00101152 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2017-03-29 17:02 - 2017-03-29 17:02 - 00075704 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRvrt.sys
2017-03-29 17:02 - 2017-03-29 17:02 - 00038296 _____ (AVAST Software) C:\Windows\system32\Drivers\aswHwid.sys
2017-03-29 17:02 - 2017-03-29 17:01 - 00334088 _____ (AVAST Software s.r.o.) C:\Windows\system32\Drivers\aswbloga.sys
2017-03-29 17:02 - 2017-03-29 17:01 - 00307736 _____ (AVAST Software s.r.o.) C:\Windows\system32\Drivers\aswbidsdrivera.sys
2017-03-29 17:02 - 2017-03-29 17:01 - 00189768 _____ (AVAST Software s.r.o.) C:\Windows\system32\Drivers\aswbidsha.sys
2017-03-29 17:02 - 2017-03-29 17:01 - 00048528 _____ (AVAST Software s.r.o.) C:\Windows\system32\Drivers\aswbuniva.sys
2017-03-29 16:51 - 2017-03-29 16:51 - 00000000 ___HD C:\OneDriveTemp
2017-03-29 16:41 - 2017-03-29 16:41 - 00000000 ____D C:\Users\jake2\AppData\Roaming\awsRun
2017-03-29 16:39 - 2017-03-29 16:39 - 00000000 ____D C:\Users\jake2\AppData\Roaming\Macromedia
2017-03-29 16:37 - 2017-03-29 16:37 - 00000000 ____D C:\Users\jake2\AppData\Local\MicrosoftEdge
2017-03-29 16:36 - 2017-03-29 17:03 - 00000000 ___RD C:\Users\jake2\OneDrive
2017-03-29 16:36 - 2017-03-29 16:36 - 00002384 _____ C:\Users\jake2\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2017-03-29 16:35 - 2017-03-29 16:35 - 00000801 _____ C:\Users\jake2\Desktop\Assistant Mise à niveau de Windows 10.lnk
2017-03-29 16:35 - 2017-03-29 16:35 - 00000000 ____D C:\Users\jake2\AppData\Local\Comms
2017-03-29 16:35 - 2017-03-29 16:35 - 00000000 ____D C:\Users\jake2\AppData\Local\ActiveSync
2017-03-29 16:34 - 2017-03-29 16:34 - 00000000 ____D C:\Users\jake2\AppData\Local\VirtualStore
2017-03-29 16:34 - 2017-03-29 16:34 - 00000000 ____D C:\Users\jake2\AppData\Local\Publishers
2017-03-29 16:34 - 2017-03-29 16:34 - 00000000 ____D C:\Users\jake2\AppData\Local\Google
2017-03-29 16:33 - 2017-03-29 17:02 - 00000206 _____ C:\Users\jake2\AppData\Roaming\sp_data.sys
2017-03-29 16:33 - 2017-03-29 16:52 - 00000000 ____D C:\Users\jake2\AppData\Local\Packages
2017-03-29 16:33 - 2017-03-29 16:33 - 00000000 __SHD C:\Users\jake2\IntelGraphicsProfiles
2017-03-29 16:33 - 2017-03-29 16:33 - 00000000 ____D C:\Users\jake2\AppData\Roaming\WebStorage
2017-03-29 16:33 - 2017-03-29 16:33 - 00000000 ____D C:\Users\jake2\AppData\Roaming\Intel
2017-03-29 16:33 - 2017-03-29 16:33 - 00000000 ____D C:\Users\jake2\AppData\Roaming\Adobe
2017-03-29 16:33 - 2017-03-29 16:33 - 00000000 ____D C:\Users\jake2\AppData\Local\TileDataLayer
2017-03-29 16:18 - 2017-03-29 16:18 - 00003976 _____ C:\Windows\System32\Tasks\Update Checker
2017-03-29 16:08 - 2017-03-29 16:09 - 00199328 _____ C:\Users\TOF\Downloads\kingsage_enhancement_sui.user.js
2017-03-29 16:01 - 2017-03-29 16:01 - 00000000 ____D C:\Program Files\AVAST Software
2017-03-29 15:57 - 2017-03-29 21:28 - 00000000 ____D C:\ProgramData\AVAST Software
2017-03-29 15:51 - 2017-04-02 09:51 - 00002554 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2017-03-29 15:40 - 2017-03-29 15:40 - 00003586 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2017-03-29 15:40 - 2017-03-29 15:40 - 00003462 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2017-03-29 15:32 - 2017-03-29 15:57 - 06654960 _____ (AVAST Software) C:\Users\TOF\Downloads\avast_free_antivirus_setup_online.exe
2017-03-29 15:21 - 2017-03-29 15:21 - 00000000 ____D C:\Users\TOF\AppData\Local\NetworkTiles
2017-03-29 15:14 - 2017-03-29 15:14 - 00000000 ____H C:\Windows\system32\Drivers\Msft_User_WpdFs_01_11_00.Wdf
2017-03-29 14:50 - 2017-03-29 14:50 - 00000000 ___HD C:\$GetCurrent
2017-03-29 14:44 - 2017-04-04 06:10 - 00004174 _____ C:\Windows\System32\Tasks\User_Feed_Synchronization-{4A11163B-676F-44C8-9D00-F517B46C52DA}
2017-03-28 21:30 - 2017-03-28 21:30 - 00245640 _____ C:\Users\TOF\Downloads\Firefox Setup Stub 52.0.2.exe
2017-03-28 20:18 - 2017-03-28 20:18 - 00002365 _____ C:\Users\TOF\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Leboncoin.lnk
2017-03-28 20:11 - 2017-03-28 20:11 - 00000000 ____D C:\Users\TOF\AppData\Local\Comms
2017-03-28 20:10 - 2017-03-29 19:09 - 00000000 ____D C:\Users\TOF\AppData\Local\Google
2017-03-28 20:10 - 2017-03-29 15:51 - 00000000 ____D C:\Program Files (x86)\Google
2017-03-28 20:10 - 2017-03-28 20:10 - 00003286 _____ C:\Windows\System32\Tasks\OneDrive Standalone Update Task v2
2017-03-28 20:09 - 2017-03-28 20:09 - 00000000 ____D C:\Users\TOF\AppData\Roaming\Skype
2017-03-28 20:09 - 2015-10-29 19:43 - 06238720 _____ (Microsoft Corporation) C:\Windows\system32\NlsLexicons000c.dll
2017-03-28 20:09 - 2015-10-29 19:41 - 06238720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\NlsLexicons000c.dll
2017-03-28 20:09 - 2015-10-29 19:30 - 02354176 _____ (Microsoft Corporation) C:\Windows\system32\NlsData000c.dll
2017-03-28 20:09 - 2015-10-29 19:27 - 02268672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\NlsData000c.dll
2017-03-28 20:07 - 2017-03-28 20:07 - 00000000 ____D C:\Users\TOF\AppData\Local\MicrosoftEdge
2017-03-28 19:59 - 2017-03-28 19:59 - 00001053 _____ C:\Users\TOF\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Fonctionnalités optionnelles.lnk
2017-03-28 19:59 - 2017-03-28 19:59 - 00000000 ____D C:\Users\TOF\AppData\Roaming\awsRun
2017-03-28 19:55 - 2017-03-28 20:10 - 00002407 _____ C:\Users\TOF\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2017-03-28 19:55 - 2017-03-28 20:10 - 00000000 ___RD C:\Users\TOF\OneDrive
2017-03-28 19:54 - 2017-03-29 16:35 - 00000813 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Assistant Mise à niveau de Windows 10.lnk
2017-03-28 19:54 - 2017-03-29 16:35 - 00000000 ____D C:\Windows10Upgrade
2017-03-28 19:54 - 2017-03-28 19:54 - 00000801 _____ C:\Users\TOF\Desktop\Assistant Mise à niveau de Windows 10.lnk
2017-03-28 19:53 - 2017-03-28 19:53 - 00000000 ____D C:\Users\TOF\AppData\Local\ActiveSync
2017-03-28 19:52 - 2017-03-28 19:52 - 00002138 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox 25 GB.lnk
2017-03-28 19:52 - 2017-03-28 19:52 - 00000000 ____D C:\Users\TOF\AppData\Roaming\Macromedia
2017-03-28 19:52 - 2017-03-28 19:52 - 00000000 ____D C:\Users\TOF\AppData\Roaming\DropboxOEM
2017-03-28 19:52 - 2017-03-28 19:52 - 00000000 ____D C:\Users\TOF\AppData\Local\Publishers
2017-03-28 19:52 - 2017-03-28 19:52 - 00000000 ____D C:\Users\TOF\AppData\Local\DropboxOEM
2017-03-28 19:52 - 2017-03-28 19:52 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Outils Microsoft Office 2016
2017-03-28 19:51 - 2017-04-04 06:08 - 00000206 _____ C:\Users\TOF\AppData\Roaming\sp_data.sys
2017-03-28 19:51 - 2017-04-04 06:08 - 00000000 ____D C:\Users\TOF\AppData\Local\ASUS GIFTBOX
2017-03-28 19:51 - 2017-04-04 06:07 - 00000000 __SHD C:\Users\TOF\IntelGraphicsProfiles
2017-03-28 19:51 - 2017-03-28 21:11 - 00000000 ____D C:\Users\TOF\AppData\Local\Packages
2017-03-28 19:51 - 2017-03-28 19:55 - 00000000 ____D C:\Users\TOF
2017-03-28 19:51 - 2017-03-28 19:51 - 00000020 ___SH C:\Users\TOF\ntuser.ini
2017-03-28 19:51 - 2017-03-28 19:51 - 00000000 _SHDL C:\Users\TOF\Voisinage réseau
2017-03-28 19:51 - 2017-03-28 19:51 - 00000000 _SHDL C:\Users\TOF\Voisinage d'impression
2017-03-28 19:51 - 2017-03-28 19:51 - 00000000 _SHDL C:\Users\TOF\Modèles
2017-03-28 19:51 - 2017-03-28 19:51 - 00000000 _SHDL C:\Users\TOF\Mes documents
2017-03-28 19:51 - 2017-03-28 19:51 - 00000000 _SHDL C:\Users\TOF\Menu Démarrer
2017-03-28 19:51 - 2017-03-28 19:51 - 00000000 _SHDL C:\Users\TOF\Documents\Mes vidéos
2017-03-28 19:51 - 2017-03-28 19:51 - 00000000 _SHDL C:\Users\TOF\Documents\Mes images
2017-03-28 19:51 - 2017-03-28 19:51 - 00000000 _SHDL C:\Users\TOF\Documents\Ma musique
2017-03-28 19:51 - 2017-03-28 19:51 - 00000000 _SHDL C:\Users\TOF\AppData\Roaming\Microsoft\Windows\Start Menu\Programmes
2017-03-28 19:51 - 2017-03-28 19:51 - 00000000 _SHDL C:\Users\TOF\AppData\Local\Historique
2017-03-28 19:51 - 2017-03-28 19:51 - 00000000 ____D C:\Users\TOF\AppData\Roaming\WebStorage
2017-03-28 19:51 - 2017-03-28 19:51 - 00000000 ____D C:\Users\TOF\AppData\Roaming\Intel
2017-03-28 19:51 - 2017-03-28 19:51 - 00000000 ____D C:\Users\TOF\AppData\Roaming\Adobe
2017-03-28 19:51 - 2017-03-28 19:51 - 00000000 ____D C:\Users\TOF\AppData\Local\VirtualStore
2017-03-28 19:51 - 2017-03-28 19:51 - 00000000 ____D C:\Users\TOF\AppData\Local\TileDataLayer
2017-03-28 19:47 - 2017-03-29 16:36 - 00000000 ____D C:\Users\jake2
2017-03-28 19:47 - 2017-03-28 19:47 - 00000020 ___SH C:\Users\jake2\ntuser.ini
2017-03-28 19:47 - 2017-03-28 19:47 - 00000000 _SHDL C:\Users\jake2\Voisinage réseau
2017-03-28 19:47 - 2017-03-28 19:47 - 00000000 _SHDL C:\Users\jake2\Voisinage d'impression
2017-03-28 19:47 - 2017-03-28 19:47 - 00000000 _SHDL C:\Users\jake2\Modèles
2017-03-28 19:47 - 2017-03-28 19:47 - 00000000 _SHDL C:\Users\jake2\Mes documents
2017-03-28 19:47 - 2017-03-28 19:47 - 00000000 _SHDL C:\Users\jake2\Menu Démarrer
2017-03-28 19:47 - 2017-03-28 19:47 - 00000000 _SHDL C:\Users\jake2\Documents\Mes vidéos
2017-03-28 19:47 - 2017-03-28 19:47 - 00000000 _SHDL C:\Users\jake2\Documents\Mes images
2017-03-28 19:47 - 2017-03-28 19:47 - 00000000 _SHDL C:\Users\jake2\Documents\Ma musique
2017-03-28 19:47 - 2017-03-28 19:47 - 00000000 _SHDL C:\Users\jake2\AppData\Roaming\Microsoft\Windows\Start Menu\Programmes
2017-03-28 19:47 - 2017-03-28 19:47 - 00000000 _SHDL C:\Users\jake2\AppData\Local\Historique
2017-03-28 19:39 - 2017-03-28 19:51 - 00000000 ____D C:\ProgramData\USBChargerPlus
2017-03-28 19:39 - 2017-03-28 19:39 - 00000000 ____D C:\ProgramData\ASUS Smart Gesture
2017-03-28 19:38 - 2017-04-04 06:07 - 00000180 _____ C:\Windows\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2017-03-28 19:37 - 2017-03-28 19:37 - 00000000 ___SD C:\Windows\UpdateAssistantV2
2017-03-28 19:37 - 2016-12-20 11:09 - 00025952 _____ (Microsoft Corporation) C:\Windows\system32\OOBEUpdater.exe
==================== Un mois - Modifiés - fichiers et dossiers ========
(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)
2017-04-04 06:28 - 2016-03-24 14:06 - 00000424 _____ C:\Windows\Tasks\WpsUpdateTask_Administrator.job
2017-04-04 06:07 - 2016-03-24 14:06 - 00001222 _____ C:\Windows\Tasks\DropboxUpdateTaskMachineCore.job
2017-04-03 22:37 - 2016-03-24 14:06 - 00001226 _____ C:\Windows\Tasks\DropboxUpdateTaskMachineUA.job
2017-04-03 21:32 - 2016-03-24 14:06 - 00000424 _____ C:\Windows\Tasks\WpsNotifyTask_Administrator.job
2017-04-03 14:55 - 2017-01-11 14:53 - 00003550 _____ C:\Windows\System32\Tasks\ASUS Live Update1
2017-04-03 14:55 - 2017-01-11 14:53 - 00003540 _____ C:\Windows\System32\Tasks\ASUS Live Update2
2017-04-02 21:37 - 2015-10-30 09:24 - 00000000 ____D C:\Windows\system32\NDF
2017-04-02 18:15 - 2015-10-30 09:21 - 00000000 ____D C:\Windows\INF
2017-04-02 09:09 - 2016-03-24 21:21 - 00810080 _____ C:\Windows\system32\perfh013.dat
2017-04-02 09:09 - 2016-03-24 21:21 - 00159714 _____ C:\Windows\system32\perfc013.dat
2017-04-02 09:09 - 2016-03-24 21:14 - 00803362 _____ C:\Windows\system32\perfh010.dat
2017-04-02 09:09 - 2016-03-24 21:14 - 00151814 _____ C:\Windows\system32\perfc010.dat
2017-04-02 09:09 - 2016-03-24 21:07 - 00826936 _____ C:\Windows\system32\perfh00C.dat
2017-04-02 09:09 - 2016-03-24 21:07 - 00156184 _____ C:\Windows\system32\perfc00C.dat
2017-04-02 09:09 - 2016-03-24 21:00 - 00765958 _____ C:\Windows\system32\perfh007.dat
2017-04-02 09:09 - 2016-03-24 21:00 - 00155498 _____ C:\Windows\system32\perfc007.dat
2017-04-02 09:09 - 2016-03-24 13:50 - 04690294 _____ C:\Windows\system32\PerfStringBackup.INI
2017-04-02 09:07 - 2015-10-30 09:24 - 00000000 ____D C:\Windows\rescache
2017-04-02 09:06 - 2015-10-30 09:11 - 00000000 ____D C:\Windows\CbsTemp
2017-04-02 09:04 - 2015-10-30 20:19 - 00000000 ____D C:\Program Files\Windows Journal
2017-04-02 09:04 - 2015-10-30 20:10 - 00000000 ____D C:\Windows\system32\Drivers\en-GB
2017-04-02 09:04 - 2015-10-30 20:10 - 00000000 ____D C:\Windows\en-GB
2017-04-02 09:04 - 2015-10-30 09:24 - 00000000 ___SD C:\Windows\system32\DiagSvcs
2017-04-02 09:04 - 2015-10-30 09:24 - 00000000 ___RD C:\Windows\PurchaseDialog
2017-04-02 09:04 - 2015-10-30 09:24 - 00000000 ___RD C:\Windows\MiracastView
2017-04-02 09:04 - 2015-10-30 09:24 - 00000000 ___RD C:\Windows\ImmersiveControlPanel
2017-04-02 09:04 - 2015-10-30 09:24 - 00000000 ___RD C:\Windows\DevicesFlow
2017-04-02 09:04 - 2015-10-30 09:24 - 00000000 ____D C:\Windows\system32\en-GB
2017-04-02 09:04 - 2015-10-30 09:24 - 00000000 ____D C:\Windows\PolicyDefinitions
2017-04-02 09:04 - 2015-10-30 09:24 - 00000000 ____D C:\Windows\IME
2017-04-02 09:04 - 2015-10-30 09:24 - 00000000 ____D C:\Windows\Help
2017-04-02 09:04 - 2015-10-30 09:24 - 00000000 ____D C:\Program Files\Windows Photo Viewer
2017-04-02 09:04 - 2015-10-30 09:24 - 00000000 ____D C:\Program Files\Windows Defender
2017-04-02 09:04 - 2015-10-30 09:24 - 00000000 ____D C:\Program Files\Common Files\System
2017-04-02 09:04 - 2015-10-30 09:24 - 00000000 ____D C:\Program Files (x86)\Windows Photo Viewer
2017-04-02 09:04 - 2015-10-30 09:24 - 00000000 ____D C:\Program Files (x86)\Windows Defender
2017-04-02 09:04 - 2015-10-30 08:28 - 00000000 ____D C:\Windows\servicing
2017-04-02 08:49 - 2015-10-30 09:24 - 00000000 ___HD C:\Program Files\WindowsApps
2017-03-30 19:04 - 2015-10-30 09:24 - 00000000 ____D C:\Windows\system32\Macromed
2017-03-30 19:03 - 2015-10-30 09:24 - 00000000 ____D C:\Windows\SysWOW64\Macromed
2017-03-29 17:22 - 2016-03-24 13:44 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2017-03-29 17:22 - 2015-10-30 08:28 - 00524288 ___SH C:\Windows\system32\config\BBI
2017-03-29 16:57 - 2015-10-30 09:24 - 00000000 ____D C:\Windows\AppReadiness
2017-03-29 16:34 - 2017-01-11 14:29 - 00000000 __RHD C:\Users\Public\AccountPictures
2017-03-29 16:18 - 2016-03-24 14:04 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ASUS
2017-03-29 16:18 - 2016-03-24 14:04 - 00000000 ____D C:\Program Files (x86)\ASUS
2017-03-29 15:57 - 2017-01-11 15:00 - 00000000 ____D C:\ProgramData\McAfee
2017-03-29 15:57 - 2017-01-11 15:00 - 00000000 ____D C:\Program Files\mcafee
2017-03-29 15:57 - 2017-01-11 15:00 - 00000000 ____D C:\Program Files\Common Files\McAfee
2017-03-29 15:55 - 2015-10-30 09:24 - 00000000 ___HD C:\Windows\ELAMBKUP
2017-03-29 15:55 - 2015-10-30 08:28 - 00032768 ___SH C:\Windows\system32\config\ELAM
2017-03-28 20:09 - 2015-10-30 20:11 - 00000000 ____D C:\Windows\OCR
2017-03-28 19:55 - 2017-01-11 15:09 - 00000000 ____D C:\Program Files\Microsoft Office
2017-03-28 19:52 - 2017-01-11 15:11 - 00002474 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PowerPoint 2016.lnk
2017-03-28 19:52 - 2017-01-11 15:11 - 00002474 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Access 2016.lnk
2017-03-28 19:52 - 2017-01-11 15:11 - 00002459 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Outlook 2016.lnk
2017-03-28 19:52 - 2017-01-11 15:11 - 00002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Word 2016.lnk
2017-03-28 19:52 - 2017-01-11 15:11 - 00002447 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneNote 2016.lnk
2017-03-28 19:52 - 2017-01-11 15:11 - 00002447 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Excel 2016.lnk
2017-03-28 19:52 - 2017-01-11 15:11 - 00002397 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Publisher 2016.lnk
2017-03-28 19:52 - 2016-03-24 14:06 - 00003186 _____ C:\Windows\System32\Tasks\DropboxOEM
2017-03-28 19:52 - 2016-03-24 14:06 - 00000000 ____D C:\Program Files (x86)\Dropbox
2017-03-28 19:52 - 2015-10-30 09:24 - 00000000 ___RD C:\Windows\PrintDialog
2017-03-28 19:48 - 2015-10-30 09:24 - 00000000 ____D C:\Windows\system32\WinBioDatabase
2017-03-28 19:42 - 2016-03-24 14:06 - 00004286 _____ C:\Windows\System32\Tasks\DropboxUpdateTaskMachineUA
2017-03-28 19:42 - 2016-03-24 14:06 - 00004054 _____ C:\Windows\System32\Tasks\DropboxUpdateTaskMachineCore
2017-03-28 19:37 - 2015-10-30 09:24 - 00000000 ____D C:\Windows\system32\oobe
==================== Fichiers à la racine de certains dossiers =======
2017-03-28 19:51 - 2017-04-04 06:08 - 0000206 _____ () C:\Users\TOF\AppData\Roaming\sp_data.sys
2017-01-11 14:41 - 2017-01-11 14:41 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
Certains fichiers dans TEMP:
====================
2017-04-02 09:08 - 2017-04-02 09:08 - 1042784 _____ (Microsoft Corporation) C:\Users\TOF\AppData\Local\Temp\PidGenX.dll
==================== Bamital & volsnap ======================
(Il n'y a pas de correction automatique pour les fichiers qui ne satisfont pas à la vérification.)
C:\Windows\system32\winlogon.exe => Le fichier est signé numériquement
C:\Windows\system32\wininit.exe => Le fichier est signé numériquement
C:\Windows\explorer.exe => Le fichier est signé numériquement
C:\Windows\SysWOW64\explorer.exe => Le fichier est signé numériquement
C:\Windows\system32\svchost.exe => Le fichier est signé numériquement
C:\Windows\SysWOW64\svchost.exe => Le fichier est signé numériquement
C:\Windows\system32\services.exe => Le fichier est signé numériquement
C:\Windows\system32\User32.dll => Le fichier est signé numériquement
C:\Windows\SysWOW64\User32.dll => Le fichier est signé numériquement
C:\Windows\system32\userinit.exe => Le fichier est signé numériquement
C:\Windows\SysWOW64\userinit.exe => Le fichier est signé numériquement
C:\Windows\system32\rpcss.dll => Le fichier est signé numériquement
C:\Windows\system32\dnsapi.dll => Le fichier est signé numériquement
C:\Windows\SysWOW64\dnsapi.dll => Le fichier est signé numériquement
C:\Windows\system32\Drivers\volsnap.sys => Le fichier est signé numériquement
LastRegBack: 2016-03-24 13:40
==================== Fin de FRST.txt ============================