Résultats d'analyse de Farbar Recovery Scan Tool (FRST) (x86) Version:12-06-2016 01 Exécuté par QUSAI BARKA (administrateur) sur QUSAIBARKA-PC (12-06-2016 21:14:45) Exécuté depuis C:\Users\QUSAI BARKA\Desktop Profils chargés: QUSAI BARKA (Profils disponibles: QUSAI BARKA) Platform: Microsoft Windows 7 Professionnel Service Pack 1 (X86) Langue: Français (France) Internet Explorer Version 11 (Navigateur par défaut: FF) Mode d'amorçage: Normal Tutoriel pour Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processus (Avec liste blanche) ================= (Si un élément est inclus dans le fichier fixlist.txt, le processus sera arrêté. Le fichier ne sera pas déplacé.) (Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\sched.exe (Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avguard.exe (BlueStack Systems, Inc.) C:\Program Files\BlueStacks\HD-LogRotatorService.exe (Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe (BlueStack Systems, Inc.) C:\Program Files\BlueStacks\HD-UpdaterService.exe (Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe () C:\Program Files\RealNetworks\RealDownloader\rndlresolversvc.exe (RealNetworks, Inc.) C:\Program Files\Real\RealPlayer\RPDS\Bin\rpdsvc.exe () C:\Program Files\Real\UpdateService\RealPlayerUpdateSvc.exe (Avira Operations GmbH & Co. KG) C:\Program Files\Avira\Launcher\Avira.ServiceHost.exe (Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avshadow.exe (Microsoft Corporation) C:\Windows\System32\rundll32.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe () C:\Program Files\RealNetworks\RealDownloader\downloader2.exe (Power Software Ltd) C:\Program Files\PowerISO\PWRISOVM.EXE (Skype Technologies S.A.) C:\Program Files\Skype\Phone\Skype.exe (BlueStack Systems, Inc.) C:\Program Files\BlueStacks\HD-Agent.exe (RealNetworks, Inc.) C:\Program Files\Real\RealPlayer\RPDS\Bin\rpsystray.exe (Avira Operations GmbH & Co. KG) C:\Program Files\Avira\Launcher\Avira.Systray.exe (RealNetworks, Inc.) C:\Program Files\Real\RealPlayer\Update\realsched.exe (Google Inc.) C:\Users\QUSAI BARKA\AppData\Local\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Users\QUSAI BARKA\AppData\Local\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Users\QUSAI BARKA\AppData\Local\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Users\QUSAI BARKA\AppData\Local\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Users\QUSAI BARKA\AppData\Local\Google\Chrome\Application\chrome.exe () C:\Program Files\RealNetworks\RealDownloader\videodl.exe ==================== Registre (Avec liste blanche) =========================== (Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé. Le fichier ne sera pas déplacé.) HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe [6707744 2009-01-06] (Realtek Semiconductor) HKLM\...\Run: [avgnt] => C:\Program Files\Avira\AntiVir Desktop\avgnt.exe [814608 2016-06-02] (Avira Operations GmbH & Co. KG) HKLM\...\Run: [Avira SystrayStartTrigger] => C:\Program Files\Avira\Launcher\Avira.SystrayStartTrigger.exe [67840 2016-05-19] (Avira Operations GmbH & Co. KG) HKLM\...\Run: [TkBellExe] => C:\Program Files\Real\RealPlayer\update\realsched.exe [296520 2015-11-13] (RealNetworks, Inc.) HKLM\...\Run: [RealDownloader] => C:\Program Files\RealNetworks\RealDownloader\downloader2.exe [560192 2014-10-29] () HKLM\...\Run: [PWRISOVM.EXE] => C:\Program Files\PowerISO\PWRISOVM.EXE [366904 2015-02-28] (Power Software Ltd) HKU\S-1-5-21-1087414920-4244440857-1596309313-1000\...\Run: [] => C:\Program Files\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe HKU\S-1-5-21-1087414920-4244440857-1596309313-1000\...\Run: [Qsocial] => "C:\Program Files\QSocial\QSocial.exe" /auto HKU\S-1-5-21-1087414920-4244440857-1596309313-1000\...\Run: [Skype] => C:\Program Files\Skype\Phone\Skype.exe [55349888 2015-09-04] (Skype Technologies S.A.) HKU\S-1-5-21-1087414920-4244440857-1596309313-1000\...\Run: [BlueStacks Agent] => C:\Program Files\BlueStacks\HD-Agent.exe [957976 2016-04-26] (BlueStack Systems, Inc.) HKU\S-1-5-21-1087414920-4244440857-1596309313-1000\...\MountPoints2: F - F:\AutoRun.exe HKU\S-1-5-21-1087414920-4244440857-1596309313-1000\...\MountPoints2: G - G:\AutoRun.exe HKU\S-1-5-21-1087414920-4244440857-1596309313-1000\...\MountPoints2: {20fdced9-2c80-11e5-a89a-002622fa9141} - F:\AutoRun.exe HKU\S-1-5-21-1087414920-4244440857-1596309313-1000\...\MountPoints2: {3a7b0b59-f678-11e4-a3c7-002622fa9141} - F:\AutoRun.exe HKU\S-1-5-21-1087414920-4244440857-1596309313-1000\...\MountPoints2: {3a7b0b78-f678-11e4-a3c7-002622fa9141} - F:\AutoRun.exe HKU\S-1-5-21-1087414920-4244440857-1596309313-1000\...\MountPoints2: {3a7b0b82-f678-11e4-a3c7-002622fa9141} - F:\AutoRun.exe HKU\S-1-5-21-1087414920-4244440857-1596309313-1000\...\MountPoints2: {3a7b0b86-f678-11e4-a3c7-002622fa9141} - F:\AutoRun.exe HKU\S-1-5-21-1087414920-4244440857-1596309313-1000\...\MountPoints2: {3a7b0b9b-f678-11e4-a3c7-002622fa9141} - F:\AutoRun.exe HKU\S-1-5-21-1087414920-4244440857-1596309313-1000\...\MountPoints2: {650c3809-f663-11e4-b195-002622fa9141} - F:\AutoRun.exe HKU\S-1-5-21-1087414920-4244440857-1596309313-1000\...\MountPoints2: {ffa976a3-2330-11e6-ac2f-002622fa9141} - F:\AutoRun.exe HKU\S-1-5-21-1087414920-4244440857-1596309313-1000\...\MountPoints2: {ffa976a7-2330-11e6-ac2f-002622fa9141} - F:\AutoRun.exe HKU\S-1-5-18\...\RunOnce: [SPReview] => C:\Windows\System32\SPReview\SPReview.exe [280576 2015-04-13] (Microsoft Corporation) Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\RealPlayer Cloud Service UI.lnk [2015-11-13] ShortcutTarget: RealPlayer Cloud Service UI.lnk -> C:\Program Files\Real\RealPlayer\RPDS\Bin\rpsystray.exe (RealNetworks, Inc.) ==================== Internet (Avec liste blanche) ==================== (Si un élément est inclus dans le fichier fixlist.txt, s'il s'agit d'un élément du Registre, il sera supprimé ou restauré à la valeur par défaut.) Tcpip\Parameters: [DhcpNameServer] 192.168.1.1 Tcpip\..\Interfaces\{4B3BB436-567B-4F47-9075-2FFE34EC9615}: [DhcpNameServer] 192.168.1.1 Internet Explorer: ================== SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = BHO: RealNetworks Download and Record Plugin for Internet Explorer -> {3049C3E9-B461-4BC5-8870-4C09146192CA} -> C:\Program Files\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin.dll [2014-10-26] (RealDownloader) BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\root\Office16\URLREDIR.DLL [2016-06-06] (Microsoft Corporation) Toolbar: HKU\S-1-5-21-1087414920-4244440857-1596309313-1000 -> Pas de nom - {5245414C-352D-5900-76A7-7A786E7484D7} - Pas de fichier Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2016-06-06] (Microsoft Corporation) Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2016-06-06] (Microsoft Corporation) Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2016-06-06] (Microsoft Corporation) Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2016-06-06] (Microsoft Corporation) FireFox: ======== FF ProfilePath: C:\Users\QUSAI BARKA\AppData\Roaming\Mozilla\Firefox\Profiles\5ae4tgo3.default FF DefaultSearchEngine: Yahoo® FF SelectedSearchEngine: Yahoo® FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32_21_0_0_242.dll [2016-05-14] () FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2016-06-06] (Microsoft Corporation) FF Plugin: @real.com/nppl3260;version=17.0.15.10 -> C:\Program Files\Real\RealPlayer\Netscape6\nppl3260.dll [2015-11-13] (RealNetworks, Inc.) FF Plugin: @real.com/nprndlhtml5videoshim;version=17.0.15 -> C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlhtml5videoshim.dll [2014-10-26] (RealNetworks, Inc.) FF Plugin: @real.com/nprpplugin;version=17.0.15.10 -> C:\Program Files\Real\RealPlayer\Netscape6\nprpplugin.dll [2015-11-13] (RealPlayer Cloud) FF Plugin HKU\S-1-5-21-1087414920-4244440857-1596309313-1000: @tools.google.com/Google Update;version=3 -> C:\Users\QUSAI BARKA\AppData\Local\Google\Update\1.3.30.3\npGoogleUpdate3.dll [2016-05-11] (Google Inc.) FF Plugin HKU\S-1-5-21-1087414920-4244440857-1596309313-1000: @tools.google.com/Google Update;version=9 -> C:\Users\QUSAI BARKA\AppData\Local\Google\Update\1.3.30.3\npGoogleUpdate3.dll [2016-05-11] (Google Inc.) FF Extension: Facebook Translate - C:\Users\QUSAI BARKA\AppData\Roaming\Mozilla\Firefox\Profiles\5ae4tgo3.default\extensions\facebook-translate@oliver.schloebe.de [2015-07-20] FF Extension: leethax.net extension - C:\Users\QUSAI BARKA\AppData\Roaming\Mozilla\Firefox\Profiles\5ae4tgo3.default\extensions\leethax@leethax.net.xpi [2016-03-07] FF Extension: IE Tab - C:\Users\QUSAI BARKA\AppData\Roaming\Mozilla\Firefox\Profiles\5ae4tgo3.default\extensions\{77b819fa-95ad-4f2c-ac7c-486b356188a9} [2016-04-28] FF Extension: Avira Browser Safety - C:\Users\QUSAI BARKA\AppData\Roaming\Mozilla\Firefox\Profiles\5ae4tgo3.default\Extensions\abs@avira.com [2016-05-12] FF Extension: Facebook Secret Emoticons - C:\Users\QUSAI BARKA\AppData\Roaming\Mozilla\Firefox\Profiles\5ae4tgo3.default\Extensions\jid0-XZn6pYCdV3ANrfYigxlyyGDrxAM@jetpack.xpi [2016-04-27] FF HKLM\...\Firefox\Extensions: [{338950EA-82DB-44C1-930D-0C28E023C9F0}] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext FF Extension: RealDownloader - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext [2015-11-13] [non signé] Chrome: ======= CHR HomePage: Default -> hxxps://www.google.com/ CHR StartupUrls: Default -> "hxxps://www.facebook.com/" CHR Profile: C:\Users\QUSAI BARKA\AppData\Local\Google\Chrome\User Data\Default CHR Extension: (Google Slides) - C:\Users\QUSAI BARKA\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-04-08] CHR Extension: (Google Docs) - C:\Users\QUSAI BARKA\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-04-08] CHR Extension: (Google Drive) - C:\Users\QUSAI BARKA\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-10-21] CHR Extension: (YouTube) - C:\Users\QUSAI BARKA\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-09-27] CHR Extension: (Facebook Secret Emoticons) - C:\Users\QUSAI BARKA\AppData\Local\Google\Chrome\User Data\Default\Extensions\bpgpffljkgjmijjdmjbdppndoojdgboe [2016-06-06] CHR Extension: (Recherche Google) - C:\Users\QUSAI BARKA\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-10-28] CHR Extension: (Facebook Customizer (by Adblock Plus)) - C:\Users\QUSAI BARKA\AppData\Local\Google\Chrome\User Data\Default\Extensions\deoeenbkoccjaefmmhpmlegngdjohdcm [2015-07-15] CHR Extension: (Google Sheets) - C:\Users\QUSAI BARKA\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-04-08] CHR Extension: (Protection Web Avira) - C:\Users\QUSAI BARKA\AppData\Local\Google\Chrome\User Data\Default\Extensions\flliilndjeohchalpbbcdekjklbdgfkk [2016-05-12] CHR Extension: (Google Docs hors connexion) - C:\Users\QUSAI BARKA\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-03-15] CHR Extension: (F.B. Purity For Facebook) - C:\Users\QUSAI BARKA\AppData\Local\Google\Chrome\User Data\Default\Extensions\ncdlagniojmheiklojdcpdaeepochckl [2016-06-08] CHR Extension: (Paiements via le Chrome Web Store) - C:\Users\QUSAI BARKA\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-04-01] CHR Extension: (Gmail) - C:\Users\QUSAI BARKA\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-04-08] CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx StartMenuInternet: Google Chrome.CNWT6PCD3THW7U6PTSOJ5YAEV4 - C:\Users\QUSAI BARKA\AppData\Local\Google\Chrome\Application\chrome.exe Opera: ======= OPR StartupUrls: "hxxp://www.google.com/" ==================== Services (Avec liste blanche) ======================== (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.) S2 AntiVirMailService; C:\Program Files\Avira\AntiVir Desktop\avmailc7.exe [970656 2016-06-02] (Avira Operations GmbH & Co. KG) R2 AntiVirSchedulerService; C:\Program Files\Avira\AntiVir Desktop\sched.exe [467016 2016-06-02] (Avira Operations GmbH & Co. KG) R2 AntiVirService; C:\Program Files\Avira\AntiVir Desktop\avguard.exe [467016 2016-06-02] (Avira Operations GmbH & Co. KG) S2 AntiVirWebService; C:\Program Files\Avira\AntiVir Desktop\avwebg7.exe [1435704 2016-06-02] (Avira Operations GmbH & Co. KG) R2 Avira.ServiceHost; C:\Program Files\Avira\Launcher\Avira.ServiceHost.exe [285176 2016-05-19] (Avira Operations GmbH & Co. KG) S3 BstHdAndroidSvc; C:\Program Files\BlueStacks\HD-Service.exe [437784 2016-04-26] (BlueStack Systems, Inc.) R2 BstHdLogRotatorSvc; C:\Program Files\BlueStacks\HD-LogRotatorService.exe [417304 2016-04-26] (BlueStack Systems, Inc.) S3 BstHdPlusAndroidSvc; C:\Program Files\BlueStacks\HD-Plus-Service.exe [437784 2016-04-26] (BlueStack Systems, Inc.) R2 BstHdUpdaterSvc; C:\Program Files\BlueStacks\HD-UpdaterService.exe [921112 2016-04-26] (BlueStack Systems, Inc.) R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [2115840 2016-05-22] (Microsoft Corporation) S3 ose; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [200240 2016-05-25] (Microsoft Corporation) [Fichier non signé] R2 RealNetworks Downloader Resolver Service; C:\Program Files\RealNetworks\RealDownloader\rndlresolversvc.exe [39568 2014-10-26] () R2 RealPlayer Cloud Service; C:\Program Files\Real\RealPlayer\RPDS\Bin\rpdsvc.exe [1141848 2015-11-13] (RealNetworks, Inc.) R2 RealPlayerUpdateSvc; C:\Program Files\Real\UpdateService\RealPlayerUpdateSvc.exe [31856 2014-10-30] () S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [680960 2013-05-27] (Microsoft Corporation) ===================== Pilotes (Avec liste blanche) ========================== (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.) R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [109016 2016-03-17] (Avira Operations GmbH & Co. KG) R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [137240 2016-06-02] (Avira Operations GmbH & Co. KG) R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [37896 2015-05-20] (Avira Operations GmbH & Co. KG) R2 avnetflt; C:\Windows\System32\DRIVERS\avnetflt.sys [60088 2016-06-02] (Avira Operations GmbH & Co. KG) R2 BstHdDrv; C:\Program Files\BlueStacks\HD-Hypervisor-x86.sys [140856 2016-04-26] (BlueStack Systems) R2 BstkDrv; C:\Program Files\BlueStacks\BstkDrv.sys [220216 2016-04-06] (Bluestack System Inc. ) R1 SCDEmu; C:\Windows\system32\Drivers\SCDEmu.sys [113984 2015-02-28] (Power Software Ltd) R1 ssmdrv; C:\Windows\System32\DRIVERS\ssmdrv.sys [31848 2015-07-03] (Avira Operations GmbH & Co. KG) S3 ewusbmbb; system32\DRIVERS\ewusbwwan.sys [X] U5 ewusbnet; C:\Windows\System32\Drivers\ewusbnet.sys [201168 2009-12-07] (Huawei Technologies Co., Ltd.) S3 ew_hwusbdev; system32\DRIVERS\ew_hwusbdev.sys [X] S3 huawei_enumerator; system32\DRIVERS\ew_jubusenum.sys [X] ==================== NetSvcs (Avec liste blanche) =================== (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.) ==================== Un mois - Créés - fichiers et dossiers ======== (Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.) 2016-06-12 21:14 - 2016-06-12 21:15 - 00016671 _____ C:\Users\QUSAI BARKA\Desktop\FRST.txt 2016-06-12 21:13 - 2016-06-12 21:14 - 00000000 ____D C:\FRST 2016-06-12 21:12 - 2016-06-12 21:12 - 01735680 _____ (Farbar) C:\Users\QUSAI BARKA\Desktop\FRST.exe 2016-06-12 17:46 - 2016-06-12 17:46 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Game Graphic Studio 2016-06-12 16:55 - 2016-06-12 16:55 - 00001759 _____ C:\Users\Public\Desktop\ZHPFix.lnk 2016-06-12 16:55 - 2016-06-12 16:55 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ZHP 2016-06-12 16:55 - 2016-06-12 16:55 - 00000000 ____D C:\Program Files\ZHPFix 2016-06-12 15:16 - 2016-06-12 17:05 - 00000000 ____D C:\Users\QUSAI BARKA\AppData\Roaming\ZHP 2016-06-12 15:16 - 2016-06-12 15:16 - 00000788 _____ C:\Users\QUSAI BARKA\Desktop\ZHPDiag.lnk 2016-06-12 15:16 - 2016-06-12 15:16 - 00000220 _____ C:\Users\QUSAI 2016-06-12 15:14 - 2016-06-12 15:14 - 02213888 _____ C:\Users\QUSAI BARKA\Desktop\ZHPDiag3.exe 2016-06-12 03:39 - 2016-06-12 15:12 - 00170200 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys 2016-06-12 03:22 - 2016-06-12 03:22 - 00001024 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk 2016-06-12 03:22 - 2016-06-12 03:22 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware 2016-06-12 03:22 - 2016-06-12 03:22 - 00000000 ____D C:\ProgramData\Malwarebytes 2016-06-12 03:22 - 2016-06-12 03:22 - 00000000 ____D C:\Program Files\Malwarebytes Anti-Malware 2016-06-12 03:22 - 2016-03-10 14:09 - 00053120 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys 2016-06-12 03:22 - 2016-03-10 14:08 - 00126336 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamchameleon.sys 2016-06-12 03:22 - 2016-03-10 14:08 - 00024448 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbam.sys 2016-06-12 03:21 - 2016-06-12 03:37 - 00000000 ____D C:\AdwCleaner 2016-06-12 03:04 - 2016-06-12 03:06 - 03677248 _____ C:\Users\QUSAI BARKA\Desktop\adwcleaner_5.119.exe 2016-06-12 02:23 - 2016-06-12 03:03 - 00024688 _____ C:\Windows\system32\Drivers\TrueSight.sys 2016-06-12 02:23 - 2016-06-12 02:53 - 00000000 ____D C:\ProgramData\RogueKiller 2016-06-12 02:18 - 2016-06-12 02:21 - 19906632 _____ C:\Users\QUSAI BARKA\Desktop\RogueKiller.exe 2016-06-12 01:58 - 2016-06-12 01:58 - 02452893 _____ C:\Users\QUSAI BARKA\Desktop\video-1465692666.mp4 2016-06-12 00:47 - 2016-06-12 00:48 - 01130160 _____ C:\Windows\Minidump\061216-19624-01.dmp 2016-06-11 22:56 - 2016-06-11 22:57 - 00131072 _____ C:\Windows\Minidump\061116-23462-01.dmp 2016-06-11 22:49 - 2016-06-11 22:49 - 00000000 ____D C:\Users\QUSAI BARKA\Documents\EGY-HD 2016-06-11 21:13 - 2015-12-21 19:28 - 1816244224 _____ C:\Users\QUSAI BARKA\Downloads\0_sound.afs 2016-06-11 03:01 - 2016-06-11 03:02 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PES 2016 Gameplay Mod 2016-06-11 03:01 - 2016-06-11 03:01 - 00000000 ____D C:\Users\QUSAI BARKA\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PES 2016 Gameplay Mod 2016-06-11 03:01 - 2016-06-11 03:01 - 00000000 ____D C:\Program Files\Data 2016-06-11 02:49 - 2016-06-11 02:49 - 00000000 ____D C:\Users\QUSAI BARKA\AppData\Roaming\Pro Evolution Soccer 6 2016-06-11 02:49 - 2016-06-11 02:49 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\R.G. Mechanics 2016-06-11 02:03 - 2016-06-12 19:00 - 00000000 ____D C:\Program Files\Akonami 2016-06-10 23:47 - 2016-06-10 23:47 - 01506704 _____ C:\Windows\Minidump\061016-18080-01.dmp 2016-06-10 12:42 - 2016-06-11 22:52 - 00000000 ____D C:\Program Files\Mozilla Firefox 2016-06-09 22:42 - 2016-06-11 18:22 - 00000000 ____D C:\Users\QUSAI BARKA\Documents\KONAMI 2016-06-09 01:45 - 2016-06-09 01:45 - 00000000 __RSH C:\MSDOS.SYS 2016-06-09 01:45 - 2016-06-09 01:45 - 00000000 __RSH C:\IO.SYS 2016-06-06 17:52 - 2016-06-10 15:39 - 00000000 ____D C:\Windows\system32\appmgmt 2016-06-06 02:10 - 2016-06-06 02:10 - 00000000 ____D C:\Program Files\Common Files\DESIGNER 2016-06-05 17:40 - 2016-06-05 20:27 - 00008192 ____H C:\Users\QUSAI BARKA\Desktop\photothumb.db 2016-06-05 17:39 - 2016-06-06 01:04 - 00000000 ____D C:\Users\QUSAI BARKA\AppData\Roaming\PhotoScape 2016-06-05 17:38 - 2016-06-06 01:04 - 00000000 ____D C:\Program Files\PhotoScape 2016-06-05 01:35 - 2016-06-06 01:04 - 00000000 ____D C:\Program Files\PhotoBrush 2016-06-03 14:50 - 2016-06-03 14:52 - 40605640 _____ (Samsung Electronics Co., Ltd.) C:\Users\QUSAI BARKA\Desktop\samsung-kies3_3-2-16044-2_fr_414000.exe 2016-06-02 20:38 - 2016-06-02 20:38 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PESEdit.com 2013 Patch 2016-06-02 18:03 - 2016-06-10 23:54 - 00000000 ____D C:\ProgramData\KONAMI 2016-06-02 17:21 - 2016-06-02 17:21 - 00000000 ____D C:\Users\QUSAI BARKA\AppData\Roaming\PowerISO 2016-06-02 17:21 - 2016-06-02 17:21 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PowerISO 2016-06-02 17:21 - 2016-06-02 17:21 - 00000000 ____D C:\Program Files\PowerISO 2016-06-02 17:11 - 2016-06-08 14:06 - 00000000 ____D C:\Users\QUSAI BARKA\Downloads\Nouveau dossier 2016-05-31 16:12 - 2016-05-31 16:12 - 00000000 ____D C:\NVIDIA 2016-05-31 15:55 - 2016-05-31 15:55 - 00000000 ____D C:\ProgramData\NVIDIA 2016-05-31 15:53 - 2016-05-31 15:53 - 00000000 ____D C:\Windows\Sun 2016-05-31 15:40 - 2016-05-31 15:40 - 00000000 ____D C:\Users\QUSAI BARKA\AppData\Roaming\Sun 2016-05-31 15:40 - 2016-05-31 15:40 - 00000000 ____D C:\Users\QUSAI BARKA\AppData\LocalLow\Sun 2016-05-31 15:40 - 2016-05-31 15:40 - 00000000 ____D C:\Users\QUSAI BARKA\.oracle_jre_usage 2016-05-31 15:39 - 2016-05-31 15:39 - 00000000 ____D C:\ProgramData\Oracle 2016-05-31 15:31 - 2016-05-31 15:31 - 00000000 ____D C:\Users\QUSAI BARKA\AppData\LocalLow\Oracle 2016-05-31 14:51 - 2016-05-31 14:55 - 00000000 ____D C:\Windows\system32\directx 2016-05-31 14:51 - 2016-05-31 14:51 - 00000000 ___HD C:\Windows\msdownld.tmp 2016-05-31 14:29 - 2016-06-06 17:42 - 00000000 ____D C:\Users\QUSAI BARKA\AppData\Local\ElevatedDiagnostics 2016-05-31 13:42 - 2010-06-02 03:55 - 00527192 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_7.dll 2016-05-31 13:42 - 2010-06-02 03:55 - 00239960 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_7.dll 2016-05-31 13:42 - 2010-06-02 03:55 - 00074072 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_5.dll 2016-05-31 13:42 - 2010-05-26 10:41 - 01868128 _____ (Microsoft Corporation) C:\Windows\system32\d3dcsx_43.dll 2016-05-31 13:42 - 2010-05-26 10:41 - 00470880 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_43.dll 2016-05-31 13:42 - 2010-05-26 10:41 - 00248672 _____ (Microsoft Corporation) C:\Windows\system32\d3dx11_43.dll 2016-05-31 13:42 - 2010-02-04 09:01 - 00528216 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_6.dll 2016-05-31 13:42 - 2010-02-04 09:01 - 00238936 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_6.dll 2016-05-31 13:42 - 2010-02-04 09:01 - 00074072 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_4.dll 2016-05-31 13:42 - 2010-02-04 09:01 - 00022360 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_7.dll 2016-05-31 13:42 - 2009-09-04 16:44 - 00515416 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_5.dll 2016-05-31 13:42 - 2009-09-04 16:44 - 00238936 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_5.dll 2016-05-31 13:42 - 2009-09-04 16:44 - 00069464 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_3.dll 2016-05-31 13:42 - 2009-09-04 16:29 - 05501792 _____ (Microsoft Corporation) C:\Windows\system32\d3dcsx_42.dll 2016-05-31 13:42 - 2009-09-04 16:29 - 01974616 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_42.dll 2016-05-31 13:42 - 2009-09-04 16:29 - 01892184 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_42.dll 2016-05-31 13:42 - 2009-09-04 16:29 - 00453456 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_42.dll 2016-05-31 13:42 - 2009-09-04 16:29 - 00235344 _____ (Microsoft Corporation) C:\Windows\system32\d3dx11_42.dll 2016-05-31 13:42 - 2009-03-16 13:18 - 00517448 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_4.dll 2016-05-31 13:42 - 2009-03-16 13:18 - 00235352 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_4.dll 2016-05-31 13:42 - 2009-03-16 13:18 - 00022360 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_6.dll 2016-05-31 13:42 - 2009-03-09 14:27 - 04178264 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_41.dll 2016-05-31 13:42 - 2009-03-09 14:27 - 01846632 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_41.dll 2016-05-31 13:42 - 2009-03-09 14:27 - 00453456 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_41.dll 2016-05-31 13:42 - 2008-10-27 09:04 - 00514384 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_3.dll 2016-05-31 13:42 - 2008-10-27 09:04 - 00235856 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_3.dll 2016-05-31 13:42 - 2008-10-27 09:04 - 00070992 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_2.dll 2016-05-31 13:42 - 2008-10-27 09:04 - 00023376 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_5.dll 2016-05-31 13:42 - 2008-10-15 05:22 - 04379984 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_40.dll 2016-05-31 13:42 - 2008-10-15 05:22 - 02036576 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_40.dll 2016-05-31 13:42 - 2008-10-15 05:22 - 00452440 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_40.dll 2016-05-31 13:42 - 2008-07-31 09:41 - 00238088 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_2.dll 2016-05-31 13:42 - 2008-07-31 09:41 - 00068616 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_1.dll 2016-05-31 13:42 - 2008-07-31 09:40 - 00509448 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_2.dll 2016-05-31 13:42 - 2008-07-10 10:01 - 00467984 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_39.dll 2016-05-31 13:42 - 2008-07-10 10:00 - 03851784 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_39.dll 2016-05-31 13:42 - 2008-07-10 10:00 - 01493528 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_39.dll 2016-05-31 13:42 - 2008-05-30 13:19 - 00507400 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_1.dll 2016-05-31 13:42 - 2008-05-30 13:18 - 00238088 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_1.dll 2016-05-31 13:42 - 2008-05-30 13:17 - 00065032 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_0.dll 2016-05-31 13:42 - 2008-05-30 13:17 - 00025608 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_4.dll 2016-05-31 13:42 - 2008-05-30 13:11 - 03850760 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_38.dll 2016-05-31 13:42 - 2008-05-30 13:11 - 01491992 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_38.dll 2016-05-31 13:42 - 2008-05-30 13:11 - 00467984 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_38.dll 2016-05-31 13:42 - 2008-03-05 15:03 - 00479752 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_0.dll 2016-05-31 13:42 - 2008-03-05 15:03 - 00238088 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_0.dll 2016-05-31 13:42 - 2008-03-05 15:00 - 00025608 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_3.dll 2016-05-31 13:42 - 2008-03-05 14:56 - 03786760 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_37.dll 2016-05-31 13:42 - 2008-03-05 14:56 - 01420824 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_37.dll 2016-05-31 13:42 - 2008-02-05 22:07 - 00462864 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_37.dll 2016-05-31 13:42 - 2007-10-22 02:39 - 00267272 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_10.dll 2016-05-31 13:42 - 2007-10-22 02:37 - 00017928 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_2.dll 2016-05-31 13:42 - 2007-10-12 14:14 - 03734536 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_36.dll 2016-05-31 13:42 - 2007-10-12 14:14 - 01374232 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_36.dll 2016-05-31 13:42 - 2007-10-02 08:56 - 00444776 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_36.dll 2016-05-31 13:42 - 2007-07-19 23:57 - 00267112 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_9.dll 2016-05-31 13:42 - 2007-07-19 17:14 - 03727720 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_35.dll 2016-05-31 13:42 - 2007-07-19 17:14 - 01358192 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_35.dll 2016-05-31 13:42 - 2007-07-19 17:14 - 00444776 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_35.dll 2016-05-31 13:42 - 2007-06-20 19:46 - 00266088 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_8.dll 2016-05-31 13:42 - 2007-05-16 15:45 - 03497832 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_34.dll 2016-05-31 13:42 - 2007-05-16 15:45 - 01124720 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_34.dll 2016-05-31 13:42 - 2007-05-16 15:45 - 00443752 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_34.dll 2016-05-31 13:42 - 2007-04-04 17:55 - 00261480 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_7.dll 2016-05-31 13:42 - 2007-04-04 17:53 - 00081768 _____ (Microsoft Corporation) C:\Windows\system32\xinput1_3.dll 2016-05-31 13:42 - 2007-03-15 15:57 - 00443752 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_33.dll 2016-05-31 13:42 - 2007-03-12 15:42 - 03495784 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_33.dll 2016-05-31 13:42 - 2007-03-12 15:42 - 01123696 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_33.dll 2016-05-31 13:42 - 2007-03-05 11:42 - 00015128 _____ (Microsoft Corporation) C:\Windows\system32\x3daudio1_1.dll 2016-05-31 13:42 - 2007-01-24 14:27 - 00255848 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_6.dll 2016-05-31 13:42 - 2006-12-08 11:02 - 00251672 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_5.dll 2016-05-31 13:42 - 2006-11-29 12:06 - 03426072 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_32.dll 2016-05-31 13:42 - 2006-11-29 12:06 - 00440080 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10.dll 2016-05-31 13:42 - 2006-09-28 15:05 - 02414360 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_31.dll 2016-05-31 13:42 - 2006-09-28 15:05 - 00237848 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_4.dll 2016-05-31 13:42 - 2006-07-28 08:30 - 00236824 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_3.dll 2016-05-31 13:42 - 2006-07-28 08:30 - 00062744 _____ (Microsoft Corporation) C:\Windows\system32\xinput1_2.dll 2016-05-31 13:42 - 2006-05-31 06:24 - 00230168 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_2.dll 2016-05-31 13:42 - 2006-03-31 11:40 - 02388176 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_30.dll 2016-05-31 13:42 - 2006-03-31 11:39 - 00229584 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_1.dll 2016-05-31 13:42 - 2006-03-31 11:39 - 00062672 _____ (Microsoft Corporation) C:\Windows\system32\xinput1_1.dll 2016-05-31 13:42 - 2006-02-03 07:43 - 02332368 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_29.dll 2016-05-31 13:42 - 2006-02-03 07:42 - 00230096 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_0.dll 2016-05-31 13:42 - 2006-02-03 07:41 - 00014032 _____ (Microsoft Corporation) C:\Windows\system32\x3daudio1_0.dll 2016-05-31 13:42 - 2005-12-05 17:09 - 02323664 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_28.dll 2016-05-31 13:42 - 2005-07-22 18:59 - 02319568 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_27.dll 2016-05-31 13:42 - 2005-05-26 14:34 - 02297552 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_26.dll 2016-05-31 13:42 - 2005-03-18 16:19 - 02337488 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_25.dll 2016-05-31 13:42 - 2005-02-05 18:45 - 02222800 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_24.dll 2016-05-27 22:18 - 2016-05-27 22:18 - 00001701 _____ C:\Users\QUSAI BARKA\AppData\Roaming\Microsoft\Windows\Start Menu\BlueStacks.lnk 2016-05-27 22:17 - 2016-05-27 22:20 - 00000000 ____D C:\ProgramData\BlueStacksGameManager 2016-05-27 22:16 - 2016-05-27 22:16 - 00000000 ____D C:\ProgramData\BlueStacks 2016-05-27 22:16 - 2016-05-27 22:16 - 00000000 ____D C:\Program Files\BlueStacks 2016-05-27 22:15 - 2016-06-12 17:13 - 00000000 ____D C:\ProgramData\BlueStacksSetup 2016-05-27 22:14 - 2016-05-27 22:14 - 00000000 ____D C:\Users\QUSAI BARKA\AppData\Local\Bluestacks 2016-05-27 00:58 - 2016-05-27 00:59 - 00000000 ____D C:\Program Files\HDM Connection Manager 2016-05-27 00:58 - 2016-05-27 00:58 - 00001097 _____ C:\Users\Public\Desktop\HDM Connection Manager.lnk 2016-05-27 00:58 - 2016-05-27 00:58 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HDM Connection Manager 2016-05-27 00:58 - 2009-12-07 18:53 - 00103168 _____ (Huawei Technologies Co., Ltd.) C:\Windows\system32\Drivers\ewusbmdm.sys 2016-05-27 00:58 - 2009-12-07 18:36 - 00201168 _____ (Huawei Technologies Co., Ltd.) C:\Windows\system32\Drivers\ewusbnet.sys 2016-05-27 00:58 - 2009-10-12 14:22 - 00101120 _____ (Huawei Technologies Co., Ltd.) C:\Windows\system32\Drivers\ewusbdev.sys 2016-05-27 00:58 - 2007-08-09 03:06 - 00023424 _____ (Huawei Tech. Co., Ltd.) C:\Windows\system32\Drivers\ewdcsc.sys 2016-05-14 15:42 - 2016-05-14 15:42 - 05995712 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerInstaller.exe 2016-05-13 18:46 - 2016-05-13 18:46 - 00002297 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Access 2016.lnk 2016-05-13 18:46 - 2016-05-13 18:46 - 00002290 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Outlook 2016.lnk 2016-05-13 18:46 - 2016-05-13 18:46 - 00002284 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Publisher 2016.lnk 2016-05-13 18:46 - 2016-05-13 18:46 - 00002276 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneNote 2016.lnk ==================== Un mois - Modifiés - fichiers et dossiers ======== (Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.) 2016-06-12 21:09 - 2009-07-14 04:34 - 00021360 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 2016-06-12 21:09 - 2009-07-14 04:34 - 00021360 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 2016-06-12 20:47 - 2015-04-08 21:03 - 00001102 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1087414920-4244440857-1596309313-1000UA.job 2016-06-12 20:41 - 2015-04-08 22:23 - 00001002 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job 2016-06-12 17:46 - 2015-08-11 15:21 - 00000000 ____D C:\Program Files\Game Graphic Studio 2016-06-12 17:09 - 2015-04-17 22:28 - 00000374 _____ C:\Windows\system32\Drivers\etc\hosts.ics 2016-06-12 17:08 - 2009-07-14 04:53 - 00000006 ____H C:\Windows\Tasks\SA.DAT 2016-06-12 00:47 - 2015-08-11 15:50 - 181790546 _____ C:\Windows\MEMORY.DMP 2016-06-12 00:47 - 2015-08-11 15:50 - 00000000 ____D C:\Windows\Minidump 2016-06-11 22:59 - 2015-04-09 21:05 - 00000000 ____D C:\ProgramData\Package Cache 2016-06-11 22:51 - 2016-04-12 13:17 - 00002562 _____ C:\Users\QUSAI BARKA\Desktop\Google Chrome.lnk 2016-06-11 22:51 - 2016-01-31 14:09 - 00001634 _____ C:\Users\QUSAI BARKA\Desktop\firefox.lnk 2016-06-11 22:51 - 2015-04-08 20:49 - 00001637 _____ C:\Users\QUSAI BARKA\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk 2016-06-11 21:27 - 2015-04-09 21:05 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira 2016-06-10 23:54 - 2015-04-08 20:52 - 01676056 _____ C:\Windows\system32\PerfStringBackup.INI 2016-06-10 23:54 - 2009-07-14 08:39 - 00750512 _____ C:\Windows\system32\perfh00C.dat 2016-06-10 23:54 - 2009-07-14 08:39 - 00150944 _____ C:\Windows\system32\perfc00C.dat 2016-06-10 23:54 - 2009-07-14 02:37 - 00000000 ____D C:\Windows\inf 2016-06-10 23:53 - 2009-07-14 04:52 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games 2016-06-10 15:40 - 2015-04-08 22:12 - 00000000 ____D C:\Program Files\Mozilla Maintenance Service 2016-06-10 11:59 - 2015-04-08 21:03 - 00001050 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1087414920-4244440857-1596309313-1000Core.job 2016-06-09 16:17 - 2015-04-17 22:04 - 00000000 ____D C:\Users\QUSAI BARKA\AppData\Local\Downloaded Installations 2016-06-09 13:56 - 2015-04-08 20:59 - 00000000 ___HD C:\Program Files\InstallShield Installation Information 2016-06-06 21:13 - 2016-03-30 18:19 - 00000000 ____D C:\Users\QUSAI BARKA\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Skype 2016-06-06 02:10 - 2009-07-14 02:37 - 00000000 ____D C:\Program Files\Common Files\microsoft shared 2016-06-06 02:07 - 2016-03-22 19:49 - 00000000 ____D C:\Program Files\Microsoft Office 2016-06-06 01:07 - 2015-04-08 20:48 - 00000000 ____D C:\Users\QUSAI BARKA 2016-06-06 01:06 - 2015-04-17 20:13 - 00000000 ___SD C:\Windows\system32\GWX 2016-06-06 01:05 - 2015-04-10 21:43 - 00000000 ____D C:\Program Files\Total Video Converter 2016-06-06 01:04 - 2015-04-17 22:06 - 00000000 ____D C:\Program Files\Samsung 2016-06-06 01:04 - 2009-07-14 02:37 - 00000000 ____D C:\Windows\registration 2016-06-06 01:03 - 2015-04-09 23:30 - 00000000 ____D C:\ProgramData\Real 2016-06-06 01:03 - 2015-04-08 21:03 - 00000000 ____D C:\Users\QUSAI BARKA\AppData\Local\Google 2016-06-05 17:41 - 2015-12-05 06:49 - 00000000 ____D C:\Program Files\Google 2016-06-04 04:57 - 2016-03-22 21:03 - 00000000 ____D C:\ProgramData\regid.1991-06.com.microsoft 2016-06-03 14:58 - 2015-04-17 22:17 - 00000000 ____D C:\Users\QUSAI BARKA\AppData\Roaming\Samsung 2016-06-02 12:04 - 2015-04-09 21:11 - 00137240 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avipbb.sys 2016-06-02 12:04 - 2015-04-09 21:11 - 00060088 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avnetflt.sys 2016-05-31 14:04 - 2015-04-09 23:29 - 00000000 ____D C:\Users\QUSAI BARKA\AppData\Roaming\vlc 2016-05-29 00:25 - 2015-12-14 21:29 - 00000000 ____D C:\Windows\system32\javava 2016-05-28 22:33 - 2016-01-23 22:15 - 00000000 ____D C:\Windows\system32\Nouveau dossier 2016-05-27 22:16 - 2009-07-14 02:37 - 00000000 __RHD C:\Users\Public\Libraries 2016-05-24 04:26 - 2015-04-09 21:33 - 00000000 ____D C:\Users\QUSAI BARKA\AppData\Roaming\Skype 2016-05-21 04:25 - 2015-10-20 14:44 - 00841356 _____ C:\Windows\ntbtlog.txt 2016-05-14 15:42 - 2015-04-08 22:23 - 00797376 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe 2016-05-14 15:42 - 2015-04-08 22:23 - 00142528 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl ==================== Fichiers à la racine de certains dossiers ======= 2015-05-10 10:55 - 2015-05-10 10:55 - 0033193 _____ () C:\Users\QUSAI BARKA\AppData\Roaming\UserTile.png 2015-04-10 23:04 - 2015-04-10 23:04 - 0069441 _____ () C:\Users\QUSAI BARKA\AppData\Local\1DC8B7A7_stp.CIS 2015-04-10 23:04 - 2015-04-10 23:04 - 0000309 _____ () C:\Users\QUSAI BARKA\AppData\Local\1DC8B7A7_stp.CIS.part 2015-04-10 23:04 - 2015-04-10 23:04 - 0385602 _____ () C:\Users\QUSAI BARKA\AppData\Local\5D515C96_stp.CIS 2015-04-10 23:04 - 2015-04-10 23:04 - 0000220 _____ () C:\Users\QUSAI BARKA\AppData\Local\5D515C96_stp.CIS.part 2015-04-10 23:04 - 2015-04-10 23:04 - 0000199 _____ () C:\Users\QUSAI BARKA\AppData\Local\694C50D0_stp.EXE.part 2015-04-10 23:04 - 2015-04-10 23:04 - 0178814 _____ () C:\Users\QUSAI BARKA\AppData\Local\754A5C3C_stp.CIS 2015-04-10 23:04 - 2015-04-10 23:04 - 0000254 _____ () C:\Users\QUSAI BARKA\AppData\Local\754A5C3C_stp.CIS.part ==================== Bamital & volsnap ================= (Il n'y a pas de correction automatique pour les fichiers qui ne satisfont pas à la vérification.) C:\Windows\explorer.exe => Le fichier est signé numériquement C:\Windows\system32\winlogon.exe => Le fichier est signé numériquement C:\Windows\system32\wininit.exe => Le fichier est signé numériquement C:\Windows\system32\svchost.exe => Le fichier est signé numériquement C:\Windows\system32\services.exe => Le fichier est signé numériquement C:\Windows\system32\User32.dll => Le fichier est signé numériquement C:\Windows\system32\userinit.exe => Le fichier est signé numériquement C:\Windows\system32\rpcss.dll => Le fichier est signé numériquement C:\Windows\system32\dnsapi.dll => Le fichier est signé numériquement C:\Windows\system32\Drivers\volsnap.sys => Le fichier est signé numériquement LastRegBack: 2016-06-07 02:03 ==================== Fin de FRST.txt ============================