Résultats d'analyse de Farbar Recovery Scan Tool (FRST) (x64) Version: 14.03.2018
Exécuté par rabia (administrateur) sur RABIA (03-04-2018 11:07:05)
Exécuté depuis C:\Users\rabia\Desktop
Profils chargés: rabia (Profils disponibles: UpdatusUser & rabia)
Platform: Windows 8.1 (Update) (X64) Langue: Français (France)
Internet Explorer Version 11 (Navigateur par défaut: FF)
Mode d'amorçage: Normal
Tutoriel pour Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processus (Avec liste blanche) =================

(Si un élément est inclus dans le fichier fixlist.txt, le processus sera arrêté. Le fichier ne sera pas déplacé.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Qualcomm Atheros Commnucations) C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\AdminService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Acer Incorporated) C:\Program Files (x86)\Acer\Acer Cloud\CCDMonitorService.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\dsiwmis.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(McAfee, Inc.) C:\Program Files\mcafee\AppStats\MfeASUM.exe
(McAfee, Inc.) C:\Windows\System32\mfevtps.exe
(NTI Corporation) C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe
(pdfforge GmbH) C:\Program Files\PDF Architect 5\creator-ws.exe
(© pdfforge GmbH.) C:\ProgramData\pdfforge\PDF Architect 5 Manager\PDF Architect 5\Architect Manager.exe
(Dritek System INC.) C:\Windows\RfBtnSvc64.exe
(Atheros) C:\Program Files (x86)\Qualcomm Atheros\Ath_WlanAgent.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LMutilps32.exe
(McAfee, Inc.) C:\Program Files\Common Files\mcafee\systemcore\mfefire.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LManager.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\MMDx64Fx.exe
(Intel Corporation) C:\Windows\System32\igfxext.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerTray.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\SkyDrive.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(CyberLink) C:\Program Files (x86)\CyberLink\MediaEspresso\DeviceDetector\DeviceDetector.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(NTI Corporation) C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe
(Dolby Laboratories Inc.) C:\Dolby PCEE4\pcee4.exe
(Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe
() C:\Program Files (x86)\PDF Pro 10\vspdfprsrv.exe
() C:\Program Files (x86)\Aiseesoft Studio\FoneLab\AppService.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
() C:\Program Files\Acer\Acer Instant Service\InstantUpdate\iuBrowserIEAgent.exe
() C:\Program Files\Acer\Acer Instant Service\InstantUpdate\iuEmailOutlookAgent.exe
(Qualcomm Atheros) C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\BtTray.exe
(Qualcomm Atheros Commnucations) C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\BtvStack.exe
() C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\ActivateDesktop.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(WildTangent) C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe
(Realsil Microelectronics Inc.) C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Symantec Corporation) C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerEvent.exe
(Symantec Corporation) C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuClient.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
() C:\Users\rabia\AppData\Roaming\ZHP\ZHPDiag3.exe
(Egis Technology Inc.) C:\Program Files\EgisTec IPS\PmmUpdate.exe
(Egis Technology Inc.) C:\Program Files\EgisTec IPS\EgisUpdate.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Google) C:\Users\rabia\AppData\Local\Google\Chrome\User Data\SwReporter\26.144.201\software_reporter_tool.exe
(Google) C:\Users\rabia\AppData\Local\Google\Chrome\User Data\SwReporter\26.144.201\software_reporter_tool.exe
(Google) C:\Users\rabia\AppData\Local\Google\Chrome\User Data\SwReporter\26.144.201\software_reporter_tool.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

==================== Registre (Avec liste blanche) ===========================

(Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé. Le fichier ne sera pas déplacé.)

HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [12937872 2012-07-27] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_Dolby] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1214608 2012-07-10] (Realtek Semiconductor)
HKLM\...\Run: [ETDCtrl] => C:\Program Files\Elantech\ETDCtrl.exe [2873744 2012-11-20] (ELAN Microelectronics Corp.)
HKLM\...\Run: [BtPreLoad] => C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\BtPreLoad.exe [64640 2012-11-09] ()
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [245608 2018-03-13] (AVAST Software)
HKLM-x32\...\Run: [mcui_exe] => "C:\Program Files\McAfee.com\Agent\mcagent.exe" /runkey
HKLM-x32\...\Run: [LManager] => [X]
HKLM-x32\...\Run: [Dolby Home Theater v4] => C:\Dolby PCEE4\pcee4.exe [508656 2012-07-25] (Dolby Laboratories Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [96056 2013-05-30] (Hewlett-Packard)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [157456 2015-12-17] (Apple Inc.)
HKLM-x32\...\Run: [vspdfprsrv.exe] => C:\Program Files (x86)\PDF Pro 10\vspdfprsrv.exe [7215616 2014-01-07] ()
HKLM-x32\...\Run: [FoneLabAppService] => C:\Program Files (x86)\Aiseesoft Studio\FoneLab\AppService.exe [87208 2017-05-04] ()
Winlogon\Notify\igfxcui: C:\WINDOWS\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-2623663855-967007592-3233144525-1002\...\MountPoints2: {71539656-9009-11e2-be69-806e6f6e6963} - "D:\autorun.bat"
HKU\S-1-5-21-2623663855-967007592-3233144525-1002\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\system32\Bubbles.scr [786432 2013-08-22] (Microsoft Corporation)
HKU\S-1-5-18\...\Run: [SpybotPostWindows10UpgradeReInstall] => C:\Program Files\Common Files\AV\Spybot - Search and Destroy\Test.exe [1011200 2015-07-28] (Safer-Networking Ltd.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Acer Backup Manager Tray.lnk [2012-12-20]
ShortcutTarget: Acer Backup Manager Tray.lnk -> C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe (NTI Corporation)
BootExecute: autocheck autochk * sdnclean64.exe
CHR HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION
CHR HKU\S-1-5-21-2623663855-967007592-3233144525-1002\SOFTWARE\Policies\Google: Restriction <==== ATTENTION

==================== Internet (Avec liste blanche) ====================

(Si un élément est inclus dans le fichier fixlist.txt, s'il s'agit d'un élément du Registre, il sera supprimé ou restauré à la valeur par défaut.)

ProxyServer: [S-1-5-21-2623663855-967007592-3233144525-1002] => 127.0.0.1:8080
Hosts: Il y a plus d'un élément dans hosts. Voir la section Hosts de Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.0.254
Tcpip\..\Interfaces\{6A642DFC-BB69-45F0-A2E2-845B259A2784}: [DhcpNameServer] 192.168.0.254
Tcpip\..\Interfaces\{F9FC21E7-319A-40C0-8694-ADD5F6BA8345}: [DhcpNameServer] 192.168.1.254

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxps://www.google.com/?trackid=sp-006
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxps://www.google.com/search?trackid=sp-006&q={searchTerms}
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKU\S-1-5-21-2623663855-967007592-3233144525-1002\Software\Microsoft\Internet Explorer\Main,Search Page = hxxps://www.google.com/search?trackid=sp-006&q={searchTerms}
HKU\S-1-5-21-2623663855-967007592-3233144525-1002\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://google/
URLSearchHook: HKLM-x32 - (Pas de nom) - {da7f5ae1-3be3-43c0-8098-c1d183616e97} - Pas de fichier
URLSearchHook: HKU\S-1-5-21-2623663855-967007592-3233144525-1002 - (Pas de nom) - {da7f5ae1-3be3-43c0-8098-c1d183616e97} - Pas de fichier
SearchScopes: HKLM-x32 -> DefaultScope {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL = hxxps://www.google.com/search?trackid=sp-006&q={searchTerms}
SearchScopes: HKLM-x32 -> {632F07F3-19A1-4d16-A23F-E6CE9486BAB5} URL = hxxp://www.bing.com/search?q={searchTerms}&FORM=AVASDF&PC=AV01
SearchScopes: HKLM-x32 -> {9CB96984-43C3-4D44-90EF-01466EFCF7BB} URL = hxxps://fr.search.yahoo.com/yhs/search?type=avastbcl&hspart=avast&hsimp=yhs-001&p={searchTerms}
SearchScopes: HKLM-x32 -> {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL = hxxps://www.google.com/search?trackid=sp-006&q={searchTerms}
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-2623663855-967007592-3233144525-1002 -> DefaultScope {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL = hxxps://www.google.com/search?trackid=sp-006&q={searchTerms}
SearchScopes: HKU\S-1-5-21-2623663855-967007592-3233144525-1002 -> OldSearch URL = hxxps://www.google.com/search?trackid=sp-006&q={searchTerms}
SearchScopes: HKU\S-1-5-21-2623663855-967007592-3233144525-1002 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-2623663855-967007592-3233144525-1002 -> {2D64003E-A733-44AB-926A-1D14768606F1} URL =
SearchScopes: HKU\S-1-5-21-2623663855-967007592-3233144525-1002 -> {346F03ED-3DD1-484F-ABD0-DD4BB294D6B3} URL = hxxp://fr.search.yahoo.com/search?fr=mcafee&p={SearchTerms}
SearchScopes: HKU\S-1-5-21-2623663855-967007592-3233144525-1002 -> {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL = hxxps://www.google.com/search?trackid=sp-006&q={searchTerms}
SearchScopes: HKU\S-1-5-21-2623663855-967007592-3233144525-1002 -> ÛŸÆîZ§’2¹Þpv¨IÍá*X(Ž2s(ÛÎÀJºÔÓµ± vË°!×—(ä¼48иpatm6êo^Mp`Ëõ÷_i£w˜¾!„Áû†x¢8€ÙjÀÿþ ´Ñ;áa´[¦†8 º~RÙxœòÜ8'£-)x­ä­ URL =
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll [2017-12-05] (Microsoft Corporation)
BHO: CIESpeechBHO Class -> {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} -> C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\IEPlugIn.dll [2012-11-09] (Qualcomm Atheros Commnucations)
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2018-02-26] (AVAST Software)
BHO: McAfee SiteAdvisor BHO -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll [2013-11-21] (McAfee, Inc.)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL [2017-12-05] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2014-02-02] (Oracle Corporation)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2018-02-26] (AVAST Software)
BHO-x32: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2013-10-13] (Google Inc.)
BHO-x32: PDF Architect 5 Helper -> {AEA429F3-D2D4-4BD7-A03E-5357DA017733} -> C:\Program Files (x86)\PDF Architect 5\creator-ie-helper.dll [2017-02-10] (pdfforge GmbH)
BHO-x32: McAfee SiteAdvisor BHO -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll [2013-11-21] (McAfee, Inc.)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2014-02-02] (Oracle Corporation)
Toolbar: HKLM - McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll [2013-11-21] (McAfee, Inc.)
Toolbar: HKLM - Pas de nom - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - Pas de fichier
Toolbar: HKLM-x32 - McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll [2013-11-21] (McAfee, Inc.)
Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2013-10-13] (Google Inc.)
Toolbar: HKLM-x32 - PDF Architect 5 Toolbar - {84F23192-A475-4038-B5C0-8584777F2DF4} - C:\Program Files (x86)\PDF Architect 5\creator-ie-plugin.dll [2017-02-10] (pdfforge GmbH)
Toolbar: HKU\S-1-5-21-2623663855-967007592-3233144525-1002 -> Pas de nom - {DA7F5AE1-3BE3-43C0-8098-C1D183616E97} - Pas de fichier
Handler: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll [2013-11-21] (McAfee, Inc.)
Handler-x32: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll [2013-11-21] (McAfee, Inc.)
Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL [2017-07-18] (Microsoft Corporation)
Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll [2013-11-21] (McAfee, Inc.)
Handler-x32: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll [2013-11-21] (McAfee, Inc.)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll [2017-07-18] (Skype Technologies)

FireFox:
========
FF ProfilePath: C:\Users\rabia\AppData\Roaming\Mozilla\Firefox\Profiles\kc3mpygx.default [2018-04-03]
FF Homepage: Mozilla\Firefox\Profiles\kc3mpygx.default -> hxxp://www.google.com
FF NewTab: Mozilla\Firefox\Profiles\kc3mpygx.default -> hxxp://www.bing.com/?pc=COSP&ptag=D032216-A510D0E105D5B4CC49CF&form=CONMHP&conlogo=CT3330941
FF NetworkProxy: Mozilla\Firefox\Profiles\kc3mpygx.default -> type", 0
FF Extension: (Avast SafePrice) - C:\Users\rabia\AppData\Roaming\Mozilla\Firefox\Profiles\kc3mpygx.default\Extensions\sp@avast.com.xpi [2018-04-02]
FF Extension: (Avast Online Security) - C:\Users\rabia\AppData\Roaming\Mozilla\Firefox\Profiles\kc3mpygx.default\Extensions\wrc@avast.com.xpi [2017-12-01]
FF Extension: (Adblock Plus) - C:\Users\rabia\AppData\Roaming\Mozilla\Firefox\Profiles\kc3mpygx.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2018-03-30]
FF Extension: (DownThemAll!) - C:\Users\rabia\AppData\Roaming\Mozilla\Firefox\Profiles\kc3mpygx.default\Extensions\{DDC359D1-844A-42a7-9AA1-88A850A938A8}.xpi [2017-05-04] [Legacy]
FF HKLM-x32\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files (x86)\McAfee\SiteAdvisor
FF Extension: (McAfee SiteAdvisor) - C:\Program Files (x86)\McAfee\SiteAdvisor [2014-08-28] [Legacy] [non signé]
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_29_0_0_113.dll [2018-03-14] ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.50907.0\npctrl.dll [2017-05-03] ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_29_0_0_113.dll [2018-03-14] ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2015-10-14] ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2012-06-06] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2012-06-06] (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=10.51.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll [2014-02-02] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.51.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll [2014-02-02] (Oracle Corporation)
FF Plugin-x32: @mcafee.com/SAFFPlugin -> C:\Program Files (x86)\McAfee\SiteAdvisor\npmcffplg32.dll [2013-11-21] (McAfee, Inc.)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.50907.0\npctrl.dll [2017-05-03] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL [2014-01-17] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.7\npGoogleUpdate3.dll [2017-12-01] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.7\npGoogleUpdate3.dll [2017-12-01] (Google Inc.)
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\3\NP_wtapp.dll [2013-09-18] ()
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2018-02-22] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-2623663855-967007592-3233144525-1002: @rocketlife.com/RocketLife Secure Plug-In Layer;version=1.0.5 -> C:\Users\rabia\AppData\Roaming\Visan\plugins\npRLSecurePluginLayer.dll [2011-10-21] (RocketLife, LLP)

Chrome:
=======
CHR DefaultProfile: Default
CHR HomePage: Default -> hxxps://fr.yahoo.com/?fr=hp-avast&type=avastbcl
CHR RestoreOnStartup: Default -> "hxxp://fr.search.yahoo.com/?fr=hp-ddc-bd&type=bl-bcr-is__alt__ddc_dsssyc_bd_com"
CHR StartupUrls: Default -> "hxxp://fr.search.yahoo.com/?fr=hp-ddc-bd&type=bl-bcr-is__alt__ddc_dsssyc_bd_com"
CHR Profile: C:\Users\rabia\AppData\Local\Google\Chrome\User Data\Default [2018-04-03]
CHR Extension: (Slides) - C:\Users\rabia\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-10-18]
CHR Extension: (Docs) - C:\Users\rabia\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-10-18]
CHR Extension: (Google Drive) - C:\Users\rabia\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-10-07]
CHR Extension: (YouTube) - C:\Users\rabia\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-11-02]
CHR Extension: (Avast SafePrice) - C:\Users\rabia\AppData\Local\Google\Chrome\User Data\Default\Extensions\eofcbnmajmjmplflapaojjnihcjkigck [2018-04-03]
CHR Extension: (Google Docs hors connexion) - C:\Users\rabia\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-10-07]
CHR Extension: (Default) - C:\Users\rabia\AppData\Local\Google\Chrome\User Data\Default\Extensions\nladljmabboanhihfkjacnnkgjhnokhj [2018-04-03]
CHR Extension: (Paiements via le Chrome Web Store) - C:\Users\rabia\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-04-03]
CHR Extension: (Gmail) - C:\Users\rabia\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-10-07]
CHR Extension: (Chrome Media Router) - C:\Users\rabia\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2018-04-03]
CHR HKLM\...\Chrome\Extension: [nladljmabboanhihfkjacnnkgjhnokhj] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx
CHR HKLM-x32\...\Chrome\Extension: [nladljmabboanhihfkjacnnkgjhnokhj] - hxxps://clients2.google.com/service/update2/crx

==================== Services (Avec liste blanche) ====================

(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)

S3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe [7556704 2018-03-13] (AVAST Software)
R2 AtherosSvc; C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\adminservice.exe [231040 2012-11-09] (Qualcomm Atheros Commnucations) [Fichier non signé]
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [303728 2018-03-13] (AVAST Software)
R2 CCDMonitorService; C:\Program Files (x86)\Acer\Acer Cloud\CCDMonitorService.exe [2449552 2012-10-25] (Acer Incorporated)
R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [3058416 2017-09-05] (Microsoft Corporation)
S3 DeviceFastLaneService; C:\Program Files\Acer\Acer Device Fast-lane\DeviceFastLaneSvc.exe [469648 2012-11-17] (Acer Incorporated)
R3 ePowerSvc; C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe [658064 2012-10-23] (Acer Incorporated)
R2 GamesAppIntegrationService; C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe [227904 2014-02-09] (WildTangent)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [165760 2012-07-17] (Intel Corporation)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [6479136 2018-03-27] (Malwarebytes)
R2 MfeASUM; C:\Program Files\McAfee\AppStats\MfeASUM.exe [335216 2013-09-03] (McAfee, Inc.)
R2 mfefire; C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe [219272 2013-09-24] (McAfee, Inc.)
R2 mfevtp; C:\windows\system32\mfevtps.exe [182752 2013-09-24] (McAfee, Inc.)
R2 NOBU; C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe [4359360 2017-06-02] (Symantec Corporation)
R2 NTI IScheduleSvc; C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe [259136 2012-11-03] (NTI Corporation)
S3 PDF Architect 5; C:\Program Files\PDF Architect 5\ws.exe [2706824 2017-02-10] (pdfforge GmbH)
S3 PDF Architect 5 CrashHandler; C:\Program Files\PDF Architect 5\crash-handler-ws.exe [1048976 2017-02-10] (pdfforge GmbH)
R2 PDF Architect 5 Creator; C:\Program Files\PDF Architect 5\creator-ws.exe [856976 2017-02-10] (pdfforge GmbH)
R2 PDF Architect 5 Manager; C:\ProgramData\pdfforge\PDF Architect 5 Manager\PDF Architect 5\Architect Manager.exe [985904 2017-02-28] (© pdfforge GmbH.)
R2 RfButtonDriverService; C:\Windows\RfBtnSvc64.exe [93296 2013-03-18] (Dritek System INC.)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [366552 2015-07-07] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2015-07-07] (Microsoft Corporation)
R2 ZAtheros Wlan Agent; C:\Program Files (x86)\Qualcomm Atheros\Ath_WlanAgent.exe [81536 2012-11-09] (Atheros) [Fichier non signé]
S2 JSWLQayq; "C:\ProgramData\hKiBnkvja\JSWLQayq.exe" [X]

===================== Pilotes (Avec liste blanche) ======================

(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)

R1 aswArPot; C:\WINDOWS\System32\drivers\aswArPot.sys [196648 2018-03-13] (AVAST Software)
R1 aswbidsdriver; C:\WINDOWS\System32\drivers\aswbidsdrivera.sys [227504 2018-03-13] (AVAST Software)
R0 aswbidsh; C:\WINDOWS\System32\drivers\aswbidsha.sys [199440 2018-03-13] (AVAST Software)
R0 aswblog; C:\WINDOWS\System32\drivers\aswbloga.sys [343752 2018-03-13] (AVAST Software)
R0 aswbuniv; C:\WINDOWS\System32\drivers\aswbuniva.sys [57680 2018-03-13] (AVAST Software)
R1 aswHdsKe; C:\WINDOWS\System32\drivers\aswHdsKe.sys [215320 2018-03-13] (AVAST Software)
S3 aswHwid; C:\WINDOWS\System32\drivers\aswHwid.sys [46968 2018-03-13] (AVAST Software)
R2 aswMonFlt; C:\WINDOWS\System32\drivers\aswMonFlt.sys [146656 2018-03-13] (AVAST Software)
R1 aswRdr; C:\WINDOWS\System32\drivers\aswRdr2.sys [110328 2018-03-13] (AVAST Software)
R0 aswRvrt; C:\WINDOWS\System32\drivers\aswRvrt.sys [84368 2018-03-13] (AVAST Software)
R1 aswSnx; C:\WINDOWS\System32\drivers\aswSnx.sys [1026696 2018-03-13] (AVAST Software)
R1 aswSP; C:\WINDOWS\System32\drivers\aswSP.sys [460520 2018-03-13] (AVAST Software)
R2 aswStm; C:\WINDOWS\System32\drivers\aswStm.sys [205976 2018-03-13] (AVAST Software)
R0 aswVmm; C:\WINDOWS\System32\drivers\aswVmm.sys [380528 2018-03-13] (AVAST Software)
R3 BTATH_LWFLT; C:\WINDOWS\system32\DRIVERS\btath_lwflt.sys [76952 2012-11-09] (Qualcomm Atheros)
R1 ccSet_NARA; C:\WINDOWS\system32\drivers\NARAx64\0401000.00E\ccSetx64.sys [168608 2012-05-26] (Symantec Corporation)
S3 cfwids; C:\WINDOWS\System32\drivers\cfwids.sys [70112 2013-09-24] (McAfee, Inc.)
S3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus.sys [131712 2016-09-05] (Samsung Electronics Co., Ltd.)
S3 dot4; C:\WINDOWS\system32\DRIVERS\Dot4.sys [151968 2012-10-19] (Windows (R) Win 7 DDK provider)
S3 Dot4Print; C:\WINDOWS\System32\drivers\Dot4Prt.sys [27040 2012-10-19] (Windows (R) Win 7 DDK provider)
R0 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [253664 2018-04-01] (Malwarebytes)
S3 mfeapfk; C:\WINDOWS\System32\drivers\mfeapfk.sys [179664 2013-09-24] (McAfee, Inc.)
R1 MfeASKM; C:\Program Files\McAfee\AppStats\MfeASKM.sys [31408 2013-09-03] (McAfee, Inc.)
R3 mfeavfk; C:\WINDOWS\System32\drivers\mfeavfk.sys [310224 2013-09-24] (McAfee, Inc.)
S0 mfeelamk; C:\WINDOWS\System32\drivers\mfeelamk.sys [69264 2013-09-24] (McAfee, Inc.)
R3 mfefirek; C:\WINDOWS\System32\drivers\mfefirek.sys [519192 2013-09-24] (McAfee, Inc.)
R0 mfehidk; C:\WINDOWS\System32\drivers\mfehidk.sys [781312 2013-09-24] (McAfee, Inc.)
R3 mfencbdc; C:\WINDOWS\system32\DRIVERS\mfencbdc.sys [390552 2013-09-20] (McAfee, Inc.)
S3 mfencrk; C:\WINDOWS\system32\DRIVERS\mfencrk.sys [95984 2013-09-20] (McAfee, Inc.)
R0 mfewfpk; C:\WINDOWS\System32\drivers\mfewfpk.sys [343568 2013-09-24] (McAfee, Inc.)
R3 Ps2Kb2Hid; C:\WINDOWS\System32\drivers\aPs2Kb2Hid.sys [26736 2013-03-18] (Dritek System Inc.)
S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [165504 2016-09-05] (Samsung Electronics Co., Ltd.)
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [44560 2015-07-07] (Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [270168 2015-07-07] (Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [114520 2015-07-07] (Microsoft Corporation)

==================== NetSvcs (Avec liste blanche) ===================

(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)


==================== Un mois - Créés - fichiers et dossiers ========

(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)

2018-04-03 11:07 - 2018-04-03 11:09 - 000030331 _____ C:\Users\rabia\Desktop\FRST.txt
2018-04-03 11:05 - 2018-04-03 11:05 - 002403328 _____ (Farbar) C:\Users\rabia\Desktop\FRST64.exe
2018-04-02 10:05 - 2018-04-02 10:05 - 000089766 _____ C:\Users\rabia\Desktop\Programme Francais Cycle 2.pdf
2018-04-02 09:56 - 2018-04-02 09:57 - 000354986 _____ C:\Users\rabia\Desktop\Programme de C1 REVISIONS.pdf
2018-04-01 19:10 - 2018-04-01 19:14 - 000001643 _____ C:\Users\rabia\Desktop\nettoyage malwarebytes.txt
2018-04-01 18:35 - 2018-04-01 18:38 - 072097648 _____ (Malwarebytes ) C:\Users\rabia\Desktop\malwarebytes.exe
2018-04-01 18:21 - 2018-04-01 19:14 - 000000290 __RSH C:\ProgramData\ntuser.pol
2018-04-01 17:36 - 2018-04-01 17:36 - 000253664 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamswissarmy.sys
2018-04-01 17:35 - 2018-04-01 17:35 - 000001887 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2018-04-01 17:35 - 2018-04-01 17:35 - 000001887 _____ C:\ProgramData\Desktop\Malwarebytes.lnk
2018-04-01 17:35 - 2018-04-01 17:35 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes
2018-04-01 17:35 - 2018-04-01 17:35 - 000000000 ____D C:\ProgramData\Malwarebytes
2018-04-01 17:35 - 2018-04-01 17:35 - 000000000 ____D C:\Program Files\Malwarebytes
2018-04-01 17:35 - 2018-03-19 12:57 - 000076192 _____ C:\WINDOWS\system32\Drivers\mbae64.sys
2018-04-01 17:33 - 2018-04-01 17:35 - 072097648 _____ (Malwarebytes ) C:\Users\rabia\Desktop\mb3-setup-consumer-3.4.5.2467-1.0.342-1.0.4566.exe
2018-04-01 17:14 - 2018-04-01 17:14 - 008222496 _____ (Malwarebytes) C:\Users\rabia\Desktop\adwcleaner_7.0.8.0.exe
2018-04-01 14:58 - 2018-04-02 21:52 - 000059013 _____ C:\Users\rabia\Desktop\ZHPCleaner.html
2018-04-01 14:58 - 2018-04-02 21:52 - 000027077 _____ C:\Users\rabia\Desktop\ZHPCleaner.txt
2018-04-01 14:37 - 2018-04-01 16:55 - 000000877 _____ C:\Users\rabia\Desktop\ZHPCleaner.lnk
2018-04-01 14:27 - 2018-04-01 14:27 - 003106176 _____ C:\Users\rabia\Desktop\ZHPCleaner.exe
2018-04-01 14:27 - 2017-10-04 10:21 - 000029352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aspnet_counters.dll
2018-04-01 14:27 - 2017-10-04 10:21 - 000019088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvcr100_clr0400.dll
2018-04-01 14:27 - 2017-10-04 05:45 - 000030888 _____ (Microsoft Corporation) C:\WINDOWS\system32\aspnet_counters.dll
2018-04-01 14:27 - 2017-10-04 05:45 - 000019088 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvcr100_clr0400.dll
2018-03-30 18:34 - 2018-03-30 18:34 - 007197480 _____ (VS Revo Group ) C:\Users\rabia\Desktop\revosetup.exe
2018-03-30 18:34 - 2018-03-30 18:34 - 000001054 _____ C:\Users\Public\Desktop\Revo Uninstaller.lnk
2018-03-30 18:34 - 2018-03-30 18:34 - 000001054 _____ C:\ProgramData\Desktop\Revo Uninstaller.lnk
2018-03-30 18:34 - 2018-03-30 18:34 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Revo Uninstaller
2018-03-30 18:34 - 2018-03-30 18:34 - 000000000 ____D C:\Program Files\VS Revo Group
2018-03-30 15:50 - 2018-04-03 09:58 - 000361275 _____ C:\Users\rabia\Desktop\ZHPDiag.html
2018-03-30 15:50 - 2018-04-03 09:58 - 000253220 _____ C:\Users\rabia\Desktop\ZHPDiag.txt
2018-03-30 15:42 - 2018-04-03 09:58 - 000000000 ____D C:\Users\rabia\AppData\Roaming\ZHP
2018-03-30 15:42 - 2018-04-01 14:37 - 000000000 ____D C:\Users\rabia\AppData\Local\ZHP
2018-03-30 15:42 - 2018-04-01 14:34 - 000000867 _____ C:\Users\rabia\Desktop\ZHPDiag.lnk
2018-03-30 15:42 - 2018-04-01 14:33 - 003041664 _____ C:\Users\rabia\Desktop\ZHPDiag3.exe
2018-03-30 14:20 - 2018-04-03 09:47 - 000000000 ____D C:\Users\rabia\AppData\LocalLow\Mozilla
2018-03-30 14:19 - 2018-04-01 18:20 - 000000000 ____D C:\Program Files (x86)\Mozilla Firefox
2018-03-30 14:04 - 2018-03-13 16:18 - 000380768 _____ (AVAST Software) C:\WINDOWS\system32\aswBoot.exe
2018-03-30 13:51 - 2018-03-30 13:51 - 007302848 _____ (AVAST Software) C:\Users\rabia\Desktop\avast_free_antivirus_setup_online_e2c.exe
2018-03-30 13:51 - 2018-03-30 13:51 - 007302848 _____ (AVAST Software) C:\Users\Public\Desktop\avast_free_antivirus_setup_online_e2c.exe
2018-03-30 13:51 - 2018-03-30 13:51 - 007302848 _____ (AVAST Software) C:\ProgramData\Desktop\avast_free_antivirus_setup_online_e2c.exe
2018-03-30 13:23 - 2018-03-30 13:59 - 000000000 ____D C:\FRST
2018-03-29 08:56 - 2018-03-29 08:56 - 000000000 _____ C:\WINDOWS\SysWOW64\last.dump
2018-03-16 12:27 - 2018-03-16 12:27 - 000107847 _____ C:\Users\rabia\Downloads\images égalité_003
2018-03-14 16:29 - 2018-02-13 16:20 - 001994752 _____ (Microsoft Corporation) C:\WINDOWS\system32\aitstatic.exe
2018-03-14 16:29 - 2018-02-13 16:20 - 001560064 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll
2018-03-14 16:29 - 2018-02-13 16:20 - 000740864 _____ (Microsoft Corporation) C:\WINDOWS\system32\generaltel.dll
2018-03-14 16:29 - 2018-02-13 16:20 - 000655872 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
2018-03-14 16:29 - 2018-02-13 16:20 - 000600576 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll
2018-03-14 16:29 - 2018-02-13 16:20 - 000451072 _____ (Microsoft Corporation) C:\WINDOWS\system32\centel.dll
2018-03-14 16:29 - 2018-02-13 16:20 - 000380928 _____ (Microsoft Corporation) C:\WINDOWS\system32\invagent.dll
2018-03-14 16:29 - 2018-02-13 16:20 - 000262144 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
2018-03-14 16:29 - 2018-02-13 16:20 - 000237568 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepic.dll
2018-03-14 16:29 - 2018-01-02 06:16 - 000464384 _____ (Microsoft Corporation) C:\WINDOWS\system32\pcasvc.dll
2018-03-14 16:28 - 2018-02-14 23:45 - 000145024 _____ (Microsoft Corporation) C:\WINDOWS\system32\CompatTelRunner.exe
2018-03-14 16:28 - 2018-01-02 07:28 - 000013312 _____ (Microsoft Corporation) C:\WINDOWS\system32\pcalua.exe
2018-03-14 10:07 - 2018-03-14 10:07 - 000004628 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player NPAPI Notifier

==================== Un mois - Modifiés - fichiers et dossiers ========

(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)

2018-04-03 11:06 - 2015-12-10 14:52 - 000000000 ____D C:\Users\rabia\Desktop\Discours de Najat Vallaud-Belkacem à l'Observatoire de la Laïcité - Ministère de l'Éducation nationale, de l'Enseignement supérieur et de la Recherche_fichiers
2018-04-03 09:47 - 2013-03-18 23:17 - 000000000 ____D C:\ProgramData\boost_interprocess
2018-04-03 09:46 - 2014-09-25 13:25 - 000000000 ____D C:\Users\rabia\OneDrive
2018-04-03 09:44 - 2013-08-22 16:45 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2018-04-03 09:41 - 2013-08-22 15:25 - 000524288 ___SH C:\WINDOWS\system32\config\BBI
2018-04-03 08:57 - 2012-07-26 09:59 - 000000000 ____D C:\WINDOWS\CbsTemp
2018-04-02 20:52 - 2013-12-26 23:54 - 003246080 ___SH C:\Users\rabia\Desktop\Thumbs.db
2018-04-02 19:27 - 2016-05-02 21:51 - 000000000 ____D C:\Users\rabia\Desktop\La classe de Marion - Ressources pour le cycle 1 petits, moyens, grands_fichiers
2018-04-01 21:02 - 2013-08-22 15:36 - 000000000 ____D C:\WINDOWS\Inf
2018-04-01 19:36 - 2013-08-26 10:00 - 000003598 _____ C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-2623663855-967007592-3233144525-1002
2018-04-01 17:35 - 2014-03-18 12:02 - 001826754 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2018-04-01 17:35 - 2014-03-18 11:26 - 000813248 _____ C:\WINDOWS\system32\perfh00C.dat
2018-04-01 17:35 - 2014-03-18 11:26 - 000159750 _____ C:\WINDOWS\system32\perfc00C.dat
2018-04-01 17:28 - 2014-11-16 15:23 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2018-04-01 17:20 - 2016-03-22 15:26 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lavasoft
2018-04-01 17:20 - 2016-03-22 15:25 - 000000000 ____D C:\Users\rabia\AppData\Roaming\Lavasoft
2018-04-01 17:20 - 2016-03-22 15:25 - 000000000 ____D C:\Program Files (x86)\Lavasoft
2018-04-01 17:18 - 2015-09-03 09:19 - 000000000 ____D C:\ProgramData\Lavasoft
2018-04-01 17:15 - 2015-09-07 10:52 - 000000000 ____D C:\AdwCleaner
2018-04-01 14:26 - 2013-08-30 13:50 - 000000000 ____D C:\WINDOWS\system32\MRT
2018-04-01 14:16 - 2017-12-07 12:22 - 130364688 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT-KB890830.exe
2018-04-01 14:16 - 2013-08-30 13:50 - 130364688 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2018-03-30 19:07 - 2014-11-16 15:23 - 000001175 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2018-03-30 19:07 - 2014-04-05 20:58 - 000000000 ____D C:\Users\rabia\AppData\Roaming\Mozilla
2018-03-30 18:38 - 2015-09-03 09:36 - 000000085 _____ C:\WINDOWS\wininit.ini
2018-03-30 14:06 - 2016-09-28 09:17 - 000001942 _____ C:\Users\Public\Desktop\Avast Antivirus Gratuit.lnk
2018-03-30 14:06 - 2016-09-28 09:17 - 000001942 _____ C:\ProgramData\Desktop\Avast Antivirus Gratuit.lnk
2018-03-30 14:05 - 2018-01-09 12:06 - 000003910 _____ C:\WINDOWS\System32\Tasks\Avast Emergency Update
2018-03-30 11:32 - 2013-08-26 09:50 - 000000000 ____D C:\Users\rabia\AppData\Local\Packages
2018-03-22 10:12 - 2013-12-21 23:12 - 000002246 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2018-03-22 10:12 - 2013-12-21 23:12 - 000002205 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2018-03-22 10:12 - 2013-12-21 23:12 - 000002205 _____ C:\ProgramData\Desktop\Google Chrome.lnk
2018-03-21 15:09 - 2017-11-02 11:22 - 000002381 _____ C:\Users\rabia\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive Entreprise.lnk
2018-03-21 15:09 - 2017-08-13 15:28 - 000003166 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-2623663855-967007592-3233144525-1002
2018-03-20 12:00 - 2014-12-15 14:50 - 000000000 ____D C:\WINDOWS\system32\appraiser
2018-03-20 11:38 - 2014-09-24 23:33 - 000000000 ____D C:\Users\rabia
2018-03-16 11:54 - 2016-05-14 18:40 - 000000000 ____D C:\Users\rabia\Desktop\vivre l'eps - 8 ans GYM_fichiers
2018-03-16 11:54 - 2016-04-26 10:32 - 000000000 ____D C:\Users\rabia\Desktop\Vinz et Lou, le site !_fichiers
2018-03-16 11:53 - 2016-05-24 11:34 - 000000000 ____D C:\Users\rabia\Desktop\Le parcours d'éducation artistique et culturelle - Éduscol_fichiers
2018-03-16 11:36 - 2016-02-01 15:00 - 000000000 ____D C:\Users\rabia\Desktop\Un décret limite fortement le redoublement_fichiers
2018-03-16 11:36 - 2016-01-27 09:29 - 000000000 ____D C:\Users\rabia\Desktop\La chronique de Véronique Soulé Une bonne note pour la réforme de l'éducation prioritaire_fichiers
2018-03-16 11:36 - 2016-01-14 17:08 - 000000000 ____D C:\Users\rabia\Desktop\Changer la dictée pour mieux apprendre l'orthographe_fichiers
2018-03-16 09:35 - 2013-08-22 17:36 - 000000000 ___HD C:\Program Files\WindowsApps
2018-03-16 09:35 - 2013-08-22 17:36 - 000000000 ____D C:\WINDOWS\AppReadiness
2018-03-15 15:14 - 2015-01-07 09:41 - 000004476 _____ C:\WINDOWS\System32\Tasks\Adobe Acrobat Update Task
2018-03-15 14:59 - 2014-09-24 23:33 - 000000000 ____D C:\Users\UpdatusUser
2018-03-14 10:07 - 2013-09-08 14:29 - 000004460 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater
2018-03-14 10:07 - 2013-08-22 17:36 - 000000000 ____D C:\WINDOWS\SysWOW64\Macromed
2018-03-14 10:07 - 2013-08-22 17:36 - 000000000 ____D C:\WINDOWS\system32\Macromed
2018-03-13 16:18 - 2017-12-01 13:14 - 000196648 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswArPot.sys
2018-03-13 16:18 - 2014-08-22 23:56 - 000046968 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswHwid.sys
2018-03-13 16:18 - 2013-12-21 23:24 - 000460520 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSP.sys
2018-03-13 16:18 - 2013-12-21 23:24 - 000380528 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswVmm.sys
2018-03-13 16:18 - 2013-12-21 23:24 - 000205976 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswStm.sys
2018-03-13 16:18 - 2013-12-21 23:24 - 000146656 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswMonFlt.sys
2018-03-13 16:18 - 2013-12-21 23:24 - 000110328 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRdr2.sys
2018-03-13 16:18 - 2013-12-21 23:24 - 000084368 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRvrt.sys
2018-03-13 16:12 - 2013-12-21 23:24 - 001026696 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSnx.sys
2018-03-13 16:11 - 2018-01-09 12:03 - 000215320 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswHdsKe.sys
2018-03-13 16:10 - 2017-04-07 22:06 - 000343752 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbloga.sys
2018-03-13 16:10 - 2017-04-07 22:06 - 000227504 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbidsdrivera.sys
2018-03-13 16:10 - 2017-04-07 22:06 - 000199440 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbidsha.sys
2018-03-13 16:10 - 2017-04-07 22:06 - 000057680 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbuniva.sys
2018-03-09 11:10 - 2016-07-14 11:19 - 000000000 ____D C:\Users\rabia\Desktop\RENTREE M. Bruno Seweryn on Vimeo_fichiers
2018-03-09 11:09 - 2016-06-04 09:51 - 000000000 ____D C:\Users\rabia\Desktop\Enseignement Moral et Civique & interdisciplinarité- Pédagogie - Direction des services départementaux de l’éducation nationale du 79 - Pédagogie - Académie de Poitiers_fichiers
2018-03-09 11:09 - 2016-05-21 16:32 - 000000000 ____D C:\Users\rabia\Desktop\Enfants, Chercheurs et Citoyens - Georges Charpak - Google Livres_fichiers
2018-03-09 11:09 - 2016-05-03 21:27 - 000000000 ____D C:\Users\rabia\Desktop\eps-ecole_fichiers
2018-03-09 10:34 - 2016-04-16 14:15 - 000000000 ____D C:\Users\rabia\Desktop\Twictée la dictée collaborative et active en 140 caractères » VousNousIls_fichiers

==================== Fichiers à la racine de certains dossiers =======

2014-09-09 09:21 - 2015-06-03 11:31 - 000000154 _____ () C:\Users\rabia\AppData\Roaming\WB.CFG
2014-12-22 17:25 - 2014-12-22 17:25 - 000000010 _____ () C:\Users\rabia\AppData\Local\DSI.DAT

Certains fichiers dans TEMP:
====================
2016-05-03 11:15 - 2016-05-03 11:15 - 002614136 _____ (Microsoft Corporation) C:\Users\rabia\AppData\Local\Temp\DefaultPack.EXE
2018-03-30 13:23 - 2018-03-30 13:23 - 002403328 ____R (Farbar) C:\Users\rabia\AppData\Local\Temp\FRST64-1.exe
2018-03-30 13:22 - 2018-03-30 13:23 - 002403328 ____R (Farbar) C:\Users\rabia\AppData\Local\Temp\FRST64.exe
2016-03-22 12:06 - 2016-03-22 12:06 - 007384608 _____ () C:\Users\rabia\AppData\Local\Temp\HPPSdr.exe
2014-12-22 16:08 - 2014-12-22 16:08 - 001071568 _____ (Solid State Networks) C:\Users\rabia\AppData\Local\Temp\install_reader11_fr_mssa_aaa_aih.exe
2015-04-07 08:27 - 2015-04-07 08:28 - 045209696 _____ (Skype Technologies S.A.) C:\Users\rabia\AppData\Local\Temp\SkypeSetup.exe
2015-08-14 14:29 - 2015-07-29 22:08 - 000681097 _____ (SQLite Development Team) C:\Users\rabia\AppData\Local\Temp\sqlite3.dll
2017-04-09 18:26 - 2017-04-09 18:26 - 014456872 _____ (Microsoft Corporation) C:\Users\rabia\AppData\Local\Temp\vc_redist.x86.exe
2016-09-17 12:23 - 2016-09-17 12:30 - 016333400 _____ (Google Inc.) C:\Users\rabia\AppData\Local\Temp\{761BAD64-FDF9-457E-A2F9-AA2FA3876840}-53.0.2785.116_52.0.2743.116_chrome_updater.exe
2016-09-01 09:43 - 2016-09-01 09:44 - 044198488 _____ (Google Inc.) C:\Users\rabia\AppData\Local\Temp\{CD997509-44D1-4FB7-AF14-C9B7ECDAC1B3}-52.0.2743.116_chrome_installer.exe

==================== Bamital & volsnap ======================

(Il n'y a pas de correction automatique pour les fichiers qui ne satisfont pas à la vérification.)

C:\WINDOWS\system32\winlogon.exe => Le fichier est signé numériquement
C:\WINDOWS\system32\wininit.exe => Le fichier est signé numériquement
C:\WINDOWS\explorer.exe => Le fichier est signé numériquement
C:\WINDOWS\SysWOW64\explorer.exe => Le fichier est signé numériquement
C:\WINDOWS\system32\svchost.exe => Le fichier est signé numériquement
C:\WINDOWS\SysWOW64\svchost.exe => Le fichier est signé numériquement
C:\WINDOWS\system32\services.exe => Le fichier est signé numériquement
C:\WINDOWS\system32\User32.dll => Le fichier est signé numériquement
C:\WINDOWS\SysWOW64\User32.dll => Le fichier est signé numériquement
C:\WINDOWS\system32\userinit.exe => Le fichier est signé numériquement
C:\WINDOWS\SysWOW64\userinit.exe => Le fichier est signé numériquement
C:\WINDOWS\system32\rpcss.dll => Le fichier est signé numériquement
C:\WINDOWS\system32\dnsapi.dll => Le fichier est signé numériquement
C:\WINDOWS\SysWOW64\dnsapi.dll => Le fichier est signé numériquement
C:\WINDOWS\system32\Drivers\volsnap.sys => Le fichier est signé numériquement

LastRegBack: 2015-01-14 18:32

==================== Fin de FRST.txt ============================