Résultats d'analyse de Farbar Recovery Scan Tool (FRST) (x64) Version: 27-02-2017 Exécuté par REDA (administrateur) sur REDA-PC (27-02-2017 21:34:34) Exécuté depuis C:\Users\REDA\Downloads Profils chargés: REDA (Profils disponibles: REDA) Platform: Windows 7 Ultimate Service Pack 1 (X64) Langue: Français (France) Internet Explorer Version 8 (Navigateur par défaut: Chrome) Mode d'amorçage: Normal Tutoriel pour Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processus (Avec liste blanche) ================= (Si un élément est inclus dans le fichier fixlist.txt, le processus sera arrêté. Le fichier ne sera pas déplacé.) (AMD) C:\Windows\System32\atiesrxx.exe (AMD) C:\Windows\System32\atieclxx.exe (Intel Corporation) C:\Windows\System32\igfxCUIService.exe (AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe (Microsoft Corporation) C:\Windows\System32\wlanext.exe (Broadcom Corporation.) C:\Windows\System32\BtwRSupportService.exe (Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe (AnchorFree Inc.) C:\Program Files (x86)\Hotspot Shield\bin\cmw_srv.exe () C:\Windows\SysWOW64\PnkBstrA.exe () C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe () C:\Program Files (x86)\TunnelBear\TBear.Maintenance.exe (Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe (Intel Corporation) C:\Windows\System32\igfxEM.exe (Intel Corporation) C:\Windows\System32\igfxHK.exe (Spotify Ltd) C:\Users\REDA\AppData\Roaming\Spotify\SpotifyWebHelper.exe (Microsoft Corporation) C:\Windows\System32\wscript.exe (Nota Inc.) C:\Program Files (x86)\Gyazo\GyStation.exe (Google) C:\Program Files (x86)\Google\Drive\googledrivesync.exe (Spotify Ltd) C:\Users\REDA\AppData\Roaming\Spotify\Spotify.exe (AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) USB 3.0 3.1 eXtensible Host Controller Driver\Application\iusb3mon.exe (AnchorFree Inc.) C:\Program Files (x86)\Hotspot Shield\bin\HSSCP.exe (Google) C:\Program Files (x86)\Google\Drive\googledrivesync.exe (Spotify Ltd) C:\Users\REDA\AppData\Roaming\Spotify\SpotifyCrashService.exe (Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\RadeonSettings.exe (Spotify Ltd) C:\Users\REDA\AppData\Roaming\Spotify\Spotify.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Spotify Ltd) C:\Users\REDA\AppData\Roaming\Spotify\Spotify.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe () C:\UsbFix\UsbFix.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe () C:\UsbFix\UsbFix.exe () C:\UsbFix\UsbFix.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe ==================== Registre (Avec liste blanche) ==================== (Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé. Le fichier ne sera pas déplacé.) HKLM\...\Run: [IgfxTray] => C:\Windows\system32\igfxtray.exe [391784 2015-05-06] () HKLM\...\Run: [HotKeysCmds] => C:\Windows\system32\hkcmd.exe HKLM\...\Run: [Persistence] => C:\Windows\system32\igfxpers.exe HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [9080768 2016-11-15] (AVAST Software) HKLM-x32\...\Run: [] => [X] HKLM-x32\...\Run: [USB3MON] => C:\Program Files (x86)\Intel\Intel(R) USB 3.0 3.1 eXtensible Host Controller Driver\Application\iusb3mon.exe [299504 2016-08-18] (Intel Corporation) HKLM-x32\...\RunOnce: [] => [X] Winlogon\Notify\igfxcui: igfxdev.dll [X] HKU\S-1-5-21-1809238211-2871968928-588000144-1000\...\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] => "C:\Program Files (x86)\Common Files\Ahead\Lib\NMBgMonitor.exe" HKU\S-1-5-21-1809238211-2871968928-588000144-1000\...\Run: [SysinfY2X] => C:\WINDOWS\system32\cmd.exe /c start wscript /e:VBScript.Encode %temp%\SysinfY2X.db HKU\S-1-5-21-1809238211-2871968928-588000144-1000\...\Run: [Spotify Web Helper] => C:\Users\REDA\AppData\Roaming\Spotify\SpotifyWebHelper.exe [1446000 2017-02-21] (Spotify Ltd) HKU\S-1-5-21-1809238211-2871968928-588000144-1000\...\Run: [Gyazo] => C:\Program Files (x86)\Gyazo\GyStation.exe [5077792 2017-02-03] (Nota Inc.) HKU\S-1-5-21-1809238211-2871968928-588000144-1000\...\Run: [GoogleDriveSync] => C:\Program Files (x86)\Google\Drive\googledrivesync.exe [23818360 2016-11-30] (Google) HKU\S-1-5-21-1809238211-2871968928-588000144-1000\...\Run: [Spotify] => C:\Users\REDA\AppData\Roaming\Spotify\Spotify.exe [7067760 2017-02-21] (Spotify Ltd) HKU\S-1-5-21-1809238211-2871968928-588000144-1000\...\MountPoints2: {78268f35-3396-11e5-80e8-806e6f6e6963} - F:\AutoRun.exe HKU\S-1-5-21-1809238211-2871968928-588000144-1000\...\MountPoints2: {78268f4c-3396-11e5-80e8-485ab6cc199a} - F:\AutoRun.exe HKU\S-1-5-21-1809238211-2871968928-588000144-1000\...\MountPoints2: {f522c85c-0ae8-11e5-b552-806e6f6e6963} - E:\DriverPackSolution.exe ShellIconOverlayIdentifiers: [ GoogleDriveBlacklisted] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2016-11-30] (Google) ShellIconOverlayIdentifiers: [ GoogleDriveSynced] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2016-11-30] (Google) ShellIconOverlayIdentifiers: [ GoogleDriveSyncing] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2016-11-30] (Google) ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2016-09-16] (AVAST Software) ==================== Internet (Avec liste blanche) ==================== (Si un élément est inclus dans le fichier fixlist.txt, s'il s'agit d'un élément du Registre, il sera supprimé ou restauré à la valeur par défaut.) Tcpip\..\Interfaces\{0CF28F11-DC91-4357-9A5A-A15F6BCFC6B0}: [NameServer] 192.168.1.1 Tcpip\..\Interfaces\{187B900E-587B-4A3F-9119-9B29961AD1A5}: [DhcpNameServer] 169.251.1.1 169.251.1.2 Tcpip\..\Interfaces\{6ECDA71A-A320-45CD-A12D-11808726C96A}: [DhcpNameServer] 172.18.12.1 Internet Explorer: ================== HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.istartsurf.com/?type=hp&ts=1434026862&z=3675d435427dd5c6df5a94egfzfc2z3eco1cfo4qag&from=cor&uid=ST1000LM024XHN-M101MBB_S30YJ9BF103112 HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.istartsurf.com/?type=hp&ts=1434026862&z=3675d435427dd5c6df5a94egfzfc2z3eco1cfo4qag&from=cor&uid=ST1000LM024XHN-M101MBB_S30YJ9BF103112 HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.istartsurf.com/web/?type=ds&ts=1434026862&z=3675d435427dd5c6df5a94egfzfc2z3eco1cfo4qag&from=cor&uid=ST1000LM024XHN-M101MBB_S30YJ9BF103112&q={searchTerms} HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.istartsurf.com/web/?type=ds&ts=1434026862&z=3675d435427dd5c6df5a94egfzfc2z3eco1cfo4qag&from=cor&uid=ST1000LM024XHN-M101MBB_S30YJ9BF103112&q={searchTerms} HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.istartsurf.com/?type=hp&ts=1434026862&z=3675d435427dd5c6df5a94egfzfc2z3eco1cfo4qag&from=cor&uid=ST1000LM024XHN-M101MBB_S30YJ9BF103112 HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.istartsurf.com/?type=hp&ts=1434026862&z=3675d435427dd5c6df5a94egfzfc2z3eco1cfo4qag&from=cor&uid=ST1000LM024XHN-M101MBB_S30YJ9BF103112 HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.istartsurf.com/web/?type=ds&ts=1434026862&z=3675d435427dd5c6df5a94egfzfc2z3eco1cfo4qag&from=cor&uid=ST1000LM024XHN-M101MBB_S30YJ9BF103112&q={searchTerms} HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.istartsurf.com/web/?type=ds&ts=1434026862&z=3675d435427dd5c6df5a94egfzfc2z3eco1cfo4qag&from=cor&uid=ST1000LM024XHN-M101MBB_S30YJ9BF103112&q={searchTerms} HKU\S-1-5-21-1809238211-2871968928-588000144-1000\Software\Microsoft\Internet Explorer\Main,Start Page = www.wana.ma HKU\S-1-5-21-1809238211-2871968928-588000144-1000\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://www.msn.com/ar-eg/?ocid=iehp HKU\S-1-5-21-1809238211-2871968928-588000144-1000\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.istartsurf.com/?type=hp&ts=1434026862&z=3675d435427dd5c6df5a94egfzfc2z3eco1cfo4qag&from=cor&uid=ST1000LM024XHN-M101MBB_S30YJ9BF103112 URLSearchHook: HKLM-x32 -> Par défaut = {CCC7B151-1D8C-11E3-B2AD-F3EF3D58318D} SearchScopes: HKLM -> DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.istartsurf.com/web/?type=ds&ts=1434026862&z=3675d435427dd5c6df5a94egfzfc2z3eco1cfo4qag&from=cor&uid=ST1000LM024XHN-M101MBB_S30YJ9BF103112&q={searchTerms} SearchScopes: HKLM -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.istartsurf.com/web/?type=ds&ts=1434026862&z=3675d435427dd5c6df5a94egfzfc2z3eco1cfo4qag&from=cor&uid=ST1000LM024XHN-M101MBB_S30YJ9BF103112&q={searchTerms} SearchScopes: HKLM -> {9BB47C17-9C68-4BB3-B188-DD9AF0FD2492} URL = hxxp://www.default-search.net/search?sid=492&aid=333&itype=n&ver=16186&tm=739&src=ds&p={searchTerms} SearchScopes: HKLM-x32 -> DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.istartsurf.com/web/?type=ds&ts=1434026862&z=3675d435427dd5c6df5a94egfzfc2z3eco1cfo4qag&from=cor&uid=ST1000LM024XHN-M101MBB_S30YJ9BF103112&q={searchTerms} SearchScopes: HKLM-x32 -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.istartsurf.com/web/?type=ds&ts=1434026862&z=3675d435427dd5c6df5a94egfzfc2z3eco1cfo4qag&from=cor&uid=ST1000LM024XHN-M101MBB_S30YJ9BF103112&q={searchTerms} SearchScopes: HKLM-x32 -> {9BB47C17-9C68-4BB3-B188-DD9AF0FD2492} URL = hxxp://www.default-search.net/search?sid=492&aid=333&itype=n&ver=16186&tm=739&src=ds&p={searchTerms} SearchScopes: HKU\S-1-5-21-1809238211-2871968928-588000144-1000 -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.istartsurf.com/web/?type=ds&ts=1434026862&z=3675d435427dd5c6df5a94egfzfc2z3eco1cfo4qag&from=cor&uid=ST1000LM024XHN-M101MBB_S30YJ9BF103112&q={searchTerms} SearchScopes: HKU\S-1-5-21-1809238211-2871968928-588000144-1000 -> {9BB47C17-9C68-4BB3-B188-DD9AF0FD2492} URL = hxxp://www.default-search.net/search?sid=492&aid=333&itype=n&ver=16186&tm=739&src=ds&p={searchTerms} BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2016-10-24] (AVAST Software) BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2016-10-24] (AVAST Software) DPF: HKLM-x32 {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab Filter: deflate - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\system32\urlmon.dll [2010-11-21] (Microsoft Corporation) Filter-x32: deflate - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\SysWOW64\urlmon.dll [2010-11-21] (Microsoft Corporation) Filter: gzip - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\system32\urlmon.dll [2010-11-21] (Microsoft Corporation) Filter-x32: gzip - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\SysWOW64\urlmon.dll [2010-11-21] (Microsoft Corporation) FireFox: ======== FF HKLM\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF FF Extension: (Avast Online Security) - C:\Program Files\AVAST Software\Avast\WebRep\FF [2016-10-07] FF HKLM\...\Firefox\Extensions: [sp@avast.com] - C:\Program Files\AVAST Software\Avast\SafePrice\FF FF Extension: (Avast SafePrice) - C:\Program Files\AVAST Software\Avast\SafePrice\FF [2016-10-07] FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF FF HKLM-x32\...\Firefox\Extensions: [sp@avast.com] - C:\Program Files\AVAST Software\Avast\SafePrice\FF FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_24_0_0_221.dll [2017-02-14] () FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.41212.0\npctrl.dll [2015-12-11] ( Microsoft Corporation) FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_24_0_0_221.dll [2017-02-14] () FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.41212.0\npctrl.dll [2015-12-11] ( Microsoft Corporation) FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2016-12-16] (Google Inc.) FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2016-12-16] (Google Inc.) FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2016-12-23] (Adobe Systems Inc.) Chrome: ======= CHR DefaultProfile: Default CHR HomePage: Default -> hxxp://www.istartsurf.com/?type=hp&ts=1434026862&z=3675d435427dd5c6df5a94egfzfc2z3eco1cfo4qag&from=cor&uid=ST1000LM024XHN-M101MBB_S30YJ9BF103112 CHR StartupUrls: Default -> "hxxp://www.istartsurf.com/?type=hp&ts=1434026862&z=3675d435427dd5c6df5a94egfzfc2z3eco1cfo4qag&from=cor&uid=ST1000LM024XHN-M101MBB_S30YJ9BF103112","hxxps://www.facebook.com/","hxxp://www..twitch.tv/" CHR DefaultSearchURL: Default -> hxxp://www.istartsurf.com/web/?type=ds&ts=1434026862&z=3675d435427dd5c6df5a94egfzfc2z3eco1cfo4qag&from=cor&uid=ST1000LM024XHN-M101MBB_S30YJ9BF103112&q={searchTerms} CHR DefaultSearchKeyword: Default -> istartsurf CHR Profile: C:\Users\REDA\AppData\Local\Google\Chrome\User Data\Default [2017-02-27] CHR Extension: (Google Slides) - C:\Users\REDA\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-06-04] CHR Extension: (Default-Search) - C:\Users\REDA\AppData\Local\Google\Chrome\User Data\Default\Extensions\akfphecggdoefopaooikpjihabjbmjea [2015-06-10] CHR Extension: (Google Docs) - C:\Users\REDA\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-06-04] CHR Extension: (Google Drive) - C:\Users\REDA\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-10-21] CHR Extension: (YouTube) - C:\Users\REDA\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-09-24] CHR Extension: (Recherche Google) - C:\Users\REDA\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-10-27] CHR Extension: (Adobe Acrobat) - C:\Users\REDA\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2017-01-26] CHR Extension: (Avast Passwords) - C:\Users\REDA\AppData\Local\Google\Chrome\User Data\Default\Extensions\emhginjpijfggbofeediiojmdlmlkoik [2017-02-10] CHR Extension: (Google Sheets) - C:\Users\REDA\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-06-04] CHR Extension: (Google Docs hors connexion) - C:\Users\REDA\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-03-15] CHR Extension: (AdBlock) - C:\Users\REDA\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2017-02-26] CHR Extension: (Avast Online Security) - C:\Users\REDA\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2016-12-15] CHR Extension: (Application Launcher for Drive (by Google)) - C:\Users\REDA\AppData\Local\Google\Chrome\User Data\Default\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh [2017-02-08] CHR Extension: (Ask Search) - C:\Users\REDA\AppData\Local\Google\Chrome\User Data\Default\Extensions\mppnoffgpafgpgbaigljliadgbnhljfl [2015-06-05] CHR Extension: (iLivid) - C:\Users\REDA\AppData\Local\Google\Chrome\User Data\Default\Extensions\nafaimnnclfjfedmmabolbppcngeolgf [2015-06-05] CHR Extension: (Paiements via le Chrome Web Store) - C:\Users\REDA\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-01-19] CHR Extension: (Gmail) - C:\Users\REDA\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-06-04] CHR Extension: (Chrome Media Router) - C:\Users\REDA\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-02-08] CHR HKU\S-1-5-21-1809238211-2871968928-588000144-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [kfecnpmgnlnbmipaogfhoacoioifjgko] - hxxp://clients2.google.com/service/update2/crx CHR HKU\S-1-5-21-1809238211-2871968928-588000144-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh] - hxxps://clients2.google.com/service/update2/crx CHR HKLM-x32\...\Chrome\Extension: [akfphecggdoefopaooikpjihabjbmjea] - hxxps://clients2.google.com/service/update2/crx CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - hxxps://clients2.google.com/service/update2/crx CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChromeSp.crx CHR HKLM-x32\...\Chrome\Extension: [fpmeembnagmagppkgghhfjfdfajdfcah] - hxxps://clients2.google.com/service/update2/crx CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx CHR HKLM-x32\...\Chrome\Extension: [kfecnpmgnlnbmipaogfhoacoioifjgko] - hxxp://clients2.google.com/service/update2/crx ==================== Services (Avec liste blanche) ==================== (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.) R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [197128 2016-09-16] (AVAST Software) R2 BcmBtRSupport; C:\Windows\system32\BtwRSupportService.exe [2251992 2015-04-25] (Broadcom Corporation.) R2 hshld; C:\Program Files (x86)\Hotspot Shield\bin\cmw_srv.exe [2710648 2016-08-23] (AnchorFree Inc.) S3 HssTrayService; C:\Program Files (x86)\Hotspot Shield\bin\HssTrayService.EXE [103168 2016-08-23] () R2 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe [344168 2015-05-06] (Intel Corporation) S3 OverwolfUpdater; C:\Program Files (x86)\Overwolf\OverwolfUpdater.exe [1325112 2017-02-20] (Overwolf LTD) R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76888 2016-12-13] () R2 Razer Game Scanner Service; C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe [188072 2015-11-05] () S3 rpcapd; C:\Program Files (x86)\WinPcap\rpcapd.exe [118520 2013-03-01] (Riverbed Technology, Inc.) R2 TunnelBearMaintenance; C:\Program Files (x86)\TunnelBear\TBear.Maintenance.exe [41472 2016-05-11] () S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2009-07-14] (Microsoft Corporation) S3 NMIndexingService; "C:\Program Files (x86)\Common Files\Ahead\Lib\NMIndexingService.exe" [X] ===================== Pilotes (Avec liste blanche) ====================== (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.) S3 AFTrafMgr1.1; C:\Program Files (x86)\Hotspot Shield\bin\TrafMgr_1_1_64.sys [54712 2016-08-23] (AnchorFree Inc.) R0 amdkmpfd; C:\Windows\System32\DRIVERS\amdkmpfd.sys [78216 2016-12-09] (Advanced Micro Devices, Inc.) S3 aswHdsKe; C:\Windows\system32\drivers\aswHdsKe.sys [85040 2017-02-08] (AVAST Software) S3 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [37656 2016-09-16] (AVAST Software) R1 aswKbd; C:\Windows\system32\drivers\aswKbd.sys [37144 2016-09-16] (AVAST Software) R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [108816 2016-09-16] (AVAST Software) R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [103064 2016-09-16] (AVAST Software) R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [74544 2016-09-16] (AVAST Software) R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [969184 2016-09-16] (AVAST Software) R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [513632 2016-09-22] (AVAST Software) S2 aswStm; C:\Windows\system32\drivers\aswStm.sys [163416 2016-09-16] (AVAST Software) R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [293352 2016-10-13] (AVAST Software) R3 bcbtums; C:\Windows\System32\drivers\bcbtums.sys [170712 2015-04-25] (Broadcom Corporation.) U5 ewusbnet; C:\Windows\System32\Drivers\ewusbnet.sys [246224 2009-12-07] (Huawei Technologies Co., Ltd.) S3 hwusbdev; C:\Windows\System32\DRIVERS\ewusbdev.sys [114304 2009-10-12] (Huawei Technologies Co., Ltd.) R0 iaStorF; C:\Windows\System32\DRIVERS\iaStorF.sys [28656 2013-01-22] (Intel Corporation) R3 L1C; C:\Windows\System32\DRIVERS\L1C62x64.sys [118504 2012-12-19] (Qualcomm Atheros Co., Ltd.) S2 LGCoreTemp; C:\Program Files\Logitech Gaming Software\Drivers\LgCoreTemp\lgcoretemp.sys [14184 2015-06-21] (Logitech) S3 LGJoyXlCore; C:\Windows\System32\drivers\LGJoyXlCore.sys [68384 2015-06-10] (Logitech Inc.) S3 NPF; C:\Windows\System32\drivers\npf.sys [36600 2013-03-01] (Riverbed Technology, Inc.) R3 RTSUER; C:\Windows\System32\Drivers\RtsUer.sys [418784 2016-08-05] (Realsil Semiconductor Corporation) R3 rtsuvc; C:\Windows\System32\DRIVERS\rtsuvc.sys [8228240 2012-09-19] (Realtek Semiconductor Corp.) S3 rzendpt; C:\Windows\System32\DRIVERS\rzendpt.sys [51736 2016-06-22] (Razer Inc) R2 rzpmgrk; C:\Windows\system32\drivers\rzpmgrk.sys [37184 2015-09-22] (Razer, Inc.) R2 rzpnk; C:\Windows\system32\drivers\rzpnk.sys [130880 2015-12-14] (Razer, Inc.) R3 tap-tb-0901; C:\Windows\System32\DRIVERS\tap-tb-0901.sys [38656 2015-08-10] (The OpenVPN Project) R3 taphss6; C:\Windows\System32\DRIVERS\taphss6.sys [42064 2016-06-28] (Anchorfree Inc.) S3 USBAAPL64; C:\Windows\System32\Drivers\usbaapl64.sys [54784 2015-11-05] (Apple, Inc.) [Fichier non signé] S3 VGPU; System32\drivers\rdvgkmd.sys [X] ==================== NetSvcs (Avec liste blanche) =================== (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.) ==================== Un mois - Créés - fichiers et dossiers ======== (Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.) 2017-02-27 21:34 - 2017-02-27 21:35 - 00023774 _____ C:\Users\REDA\Downloads\FRST.txt 2017-02-27 21:34 - 2017-02-27 21:34 - 00000000 ____D C:\FRST 2017-02-27 21:31 - 2017-02-27 21:31 - 02423296 _____ (Farbar) C:\Users\REDA\Downloads\FRST64.exe 2017-02-27 21:15 - 2017-02-27 21:15 - 00932190 _____ C:\Users\REDA\Downloads\usb-rescate-8-4-es-win.zip 2017-02-27 21:13 - 2017-02-27 21:13 - 00001448 _____ C:\Users\REDA\Desktop\UsbFix.lnk 2017-02-27 21:12 - 2017-02-27 21:13 - 03124524 _____ (El Desaparecido - SosVirus.net - UsbFix.net) C:\Users\REDA\Downloads\usbfix-8-248 (2).exe 2017-02-27 18:42 - 2017-02-27 18:42 - 00705279 _____ C:\Users\REDA\Desktop\intérêts courus non échus AS.xlsx 2017-02-27 10:54 - 2017-02-27 10:54 - 00091901 _____ C:\Users\REDA\Desktop\Plan cptable Maroc.pdf 2017-02-27 10:07 - 2017-02-27 10:07 - 03124524 _____ (El Desaparecido - SosVirus.net - UsbFix.net) C:\Users\REDA\Downloads\usbfix-8-248 (1).exe 2017-02-27 09:58 - 2017-02-27 21:13 - 00000000 ____D C:\UsbFix 2017-02-27 09:58 - 2017-02-27 09:58 - 03124524 _____ (El Desaparecido - SosVirus.net - UsbFix.net) C:\Users\REDA\Downloads\usbfix-8-248.exe 2017-02-27 09:36 - 2017-02-27 18:50 - 00000000 ____D C:\Users\REDA\Desktop\pepiniere 2017-02-27 09:36 - 2016-08-29 17:15 - 01382351 _____ C:\Users\REDA\Desktop\Comparatif LES PEPINIERES DE L'ATLAS.xlsx 2017-02-24 17:44 - 2017-02-24 17:44 - 00000000 ____D C:\Users\REDA\Desktop\Rapproch bancaire 2017-02-24 16:44 - 2017-02-24 16:44 - 00000439 _____ C:\Users\REDA\Downloads\f_elabbar.vcf 2017-02-24 16:33 - 2017-02-24 16:33 - 00000654 _____ C:\Users\REDA\Desktop\exemple test ERB.lnk 2017-02-24 16:29 - 2017-02-24 17:43 - 00322048 _____ C:\Users\REDA\Downloads\exemple test ERB.xls 2017-02-24 16:29 - 2017-02-24 17:01 - 00705794 _____ C:\Users\REDA\Downloads\EXEMPLE intérêts courus non échus.xlsx 2017-02-24 16:29 - 2017-02-24 16:29 - 00072402 _____ C:\Users\REDA\Desktop\interets CC douja sur kamam.pdf 2017-02-24 16:29 - 2017-02-24 16:29 - 00007813 _____ C:\Users\REDA\Desktop\ERB KAMAM BP AU 31 12 16.pdf 2017-02-24 16:29 - 2017-02-24 16:29 - 00007469 _____ C:\Users\REDA\Desktop\ERB KAMAM AWB AU 31 12 16.pdf 2017-02-24 16:29 - 2017-02-24 16:29 - 00000744 _____ C:\Users\REDA\Desktop\EXEMPLE intérêts courus non échus.lnk 2017-02-24 15:21 - 2017-02-24 15:22 - 00000000 ____D C:\Users\REDA\Desktop\Mémoires stage 2017-02-23 19:46 - 2017-02-23 19:46 - 03034207 _____ C:\Users\REDA\Downloads\The-bigest-data-base.pdf 2017-02-23 17:39 - 2017-02-24 10:31 - 00501354 _____ C:\Users\REDA\Downloads\Classeur1 (3).xlsx 2017-02-23 17:33 - 2017-02-23 17:33 - 00535190 _____ C:\Users\REDA\Downloads\Classeur1 (2).xlsx 2017-02-23 17:30 - 2017-02-24 10:28 - 00000000 ____D C:\Users\REDA\Desktop\Etats de vente 2017-02-23 17:28 - 2017-02-23 17:28 - 00531243 _____ C:\Users\REDA\Downloads\Classeur1 (1).xlsx 2017-02-23 09:27 - 2017-02-23 09:27 - 00000165 ____H C:\Users\REDA\Downloads\~$Classeur1.xlsx 2017-02-23 09:07 - 2017-02-23 09:08 - 01624440 _____ (Tous Les Drivers) C:\Users\REDA\Downloads\Mes_Drivers_3.0.4 (2).exe 2017-02-22 16:05 - 2017-02-25 15:54 - 00599943 _____ C:\Users\REDA\Downloads\Classeur1.xlsx 2017-02-22 15:43 - 2017-02-22 18:48 - 00018339 _____ C:\Users\REDA\Desktop\CA NAJD Ext du 1sem 2016.xlsx 2017-02-22 11:40 - 2017-02-22 11:40 - 04778116 _____ C:\Users\REDA\Desktop\note_circulaire_717_tome1.pdf 2017-02-22 11:29 - 2017-02-22 11:29 - 00166624 _____ C:\Users\REDA\Downloads\2-140-DV-2016-f (1).pdf 2017-02-22 11:28 - 2017-02-22 11:28 - 00166624 _____ C:\Users\REDA\Downloads\2-140-DV-2016-f.pdf 2017-02-22 10:31 - 2017-02-22 10:31 - 00214528 _____ C:\Users\REDA\Desktop\MABANI DET BALANCE GENER.31-12-2016_.xls 2017-02-21 09:59 - 2017-02-21 16:49 - 00326035 _____ C:\Users\REDA\Desktop\Revue analytique MABANI DETROIT.xlsx 2017-02-21 09:27 - 2017-02-21 18:42 - 00000000 ____D C:\Users\REDA\Desktop\Tanger sakan 2017-02-21 09:25 - 2017-02-21 09:25 - 00761344 _____ C:\Users\REDA\Desktop\LEADS MABANI ZELLIDJA 2016.xls 2017-02-21 09:25 - 2017-02-21 09:25 - 00645632 _____ C:\Users\REDA\Desktop\BILAN CPC MABANI ZELLIDJA.xls 2017-02-21 09:18 - 2017-02-21 09:18 - 02629705 _____ C:\Users\REDA\Downloads\Audit S8.rar 2017-02-12 22:30 - 2017-02-12 22:30 - 00000908 _____ C:\Users\REDA\Desktop\PC Chrono.lnk 2017-02-12 22:30 - 2017-02-12 22:30 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PC Chrono 2017-02-12 22:30 - 2017-02-12 22:30 - 00000000 ____D C:\Program Files (x86)\PC Chrono 2017-02-12 22:29 - 2017-02-12 22:29 - 01053510 _____ (highspheres.com ) C:\Users\REDA\Downloads\pcchrono.exe 2017-02-10 01:23 - 2017-02-10 01:23 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Problem Report Wizard 2017-02-10 01:22 - 2017-02-10 01:22 - 00003160 _____ C:\Windows\System32\Tasks\StartCN 2017-02-10 01:22 - 2017-02-10 01:22 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Settings 2017-02-10 01:21 - 2017-02-10 01:21 - 00000000 ____D C:\Program Files (x86)\AMD 2017-02-10 01:18 - 2017-02-10 01:45 - 00000000 ____D C:\Users\REDA\AppData\Local\AMD 2017-02-10 01:18 - 2016-12-09 20:59 - 00078216 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\Drivers\amdkmpfd.sys 2017-02-10 01:17 - 2017-02-27 18:51 - 00065536 _____ C:\Windows\system32\spu_storage.bin 2017-02-10 01:15 - 2017-02-10 01:15 - 00000000 ____D C:\Program Files\Common Files\ATI Technologies 2017-02-10 01:12 - 2017-02-10 01:12 - 00000000 ____D C:\Program Files (x86)\VulkanRT 2017-02-10 01:12 - 2016-12-16 00:33 - 00273696 _____ C:\Windows\SysWOW64\vulkan-1.dll 2017-02-10 01:12 - 2016-12-16 00:33 - 00266528 _____ C:\Windows\system32\vulkan-1.dll 2017-02-10 01:12 - 2016-12-16 00:33 - 00111392 _____ C:\Windows\SysWOW64\vulkaninfo.exe 2017-02-10 01:12 - 2016-12-16 00:32 - 00125728 _____ C:\Windows\system32\vulkaninfo.exe 2017-02-10 01:06 - 2017-02-10 01:23 - 00000000 ____D C:\Program Files\AMD 2017-02-10 01:02 - 2017-02-10 01:06 - 00000000 ____D C:\AMD 2017-02-10 00:23 - 2017-02-10 00:52 - 469494520 _____ (AMD Inc.) C:\Users\REDA\Downloads\whql-win7-64bit-radeon-software-crimson-relive-17.1.2-feb6.exe 2017-02-10 00:21 - 2017-02-10 00:21 - 00000000 ____D C:\Windows\SysWOW64\sda 2017-02-10 00:20 - 2017-02-10 00:20 - 00000000 ____D C:\Program Files (x86)\Realtek 2017-02-10 00:20 - 2016-08-05 01:09 - 00418784 _____ (Realsil Semiconductor Corporation) C:\Windows\system32\Drivers\RtsUer.sys 2017-02-10 00:20 - 2016-07-14 01:40 - 09891328 _____ (Realtek Semiconductor Corp.) C:\Windows\SysWOW64\RsCRIcon.dll 2017-02-10 00:20 - 2016-07-14 01:27 - 00084480 _____ (Realtek Semiconductor.) C:\Windows\system32\RtCRX64.dll 2017-02-10 00:20 - 2016-07-14 01:23 - 04332032 _____ (Realtek Semiconductor Corp.) C:\Windows\RtCRU64.exe 2017-02-10 00:18 - 2017-02-10 00:19 - 16828499 _____ C:\Users\REDA\Downloads\Realtek_RtsUer_10.0.14393.31228.zip 2017-02-10 00:15 - 2017-02-10 00:20 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information 2017-02-10 00:15 - 2017-02-10 00:15 - 00000000 ____D C:\Program Files (x86)\Lenovo 2017-02-10 00:15 - 2015-11-07 07:49 - 10320160 _____ (Broadcom Corporation) C:\Windows\system32\Drivers\BCMWL664.SYS 2017-02-10 00:15 - 2015-11-07 07:49 - 00114048 _____ (Broadcom Corporation) C:\Windows\system32\bcmwlcoi.dll 2017-02-10 00:15 - 2015-11-07 07:48 - 04418080 _____ (Broadcom Corporation) C:\Windows\system32\bcmihvsrv64.dll 2017-02-10 00:15 - 2015-11-07 07:48 - 03685408 _____ (Broadcom Corporation) C:\Windows\system32\bcmihvui64.dll 2017-02-09 23:39 - 2017-02-09 23:45 - 34532359 _____ C:\Users\REDA\Downloads\Broadcom_BCM43xx_7.12.39.28.zip 2017-02-09 23:36 - 2017-02-10 00:00 - 68226458 _____ (AMD Inc.) C:\Users\REDA\Downloads\Non confirmé 376469.crdownload 2017-02-09 23:20 - 2017-02-09 23:34 - 32079872 _____ (AMD Inc.) C:\Users\REDA\Downloads\Non confirmé 144884.crdownload 2017-02-09 23:16 - 2017-02-09 23:26 - 58458112 _____ (AMD Inc.) C:\Users\REDA\Downloads\Non confirmé 280061.crdownload 2017-02-09 23:12 - 2017-02-09 23:21 - 04603904 _____ (AMD Inc.) C:\Users\REDA\Downloads\Non confirmé 995706.crdownload 2017-02-09 23:06 - 2017-02-09 23:07 - 01624440 _____ (Tous Les Drivers) C:\Users\REDA\Downloads\Mes_Drivers_3.0.4 (1).exe 2017-02-09 18:15 - 2016-08-18 04:46 - 00053248 _____ (Intel Corporation) C:\Windows\system32\Drivers\USB3Ver.dll 2017-02-09 18:14 - 2017-02-09 18:14 - 05583822 _____ C:\Users\REDA\Downloads\Intel_USB_3.0_5.0.0.32.zip 2017-02-09 18:12 - 2017-02-09 18:12 - 01624440 _____ (Tous Les Drivers) C:\Users\REDA\Downloads\Mes_Drivers_3.0.4.exe 2017-02-08 17:28 - 2017-02-08 15:29 - 00085040 _____ (AVAST Software) C:\Windows\system32\Drivers\aswHdsKe.sys 2017-02-08 03:57 - 2017-02-08 04:00 - 50608739 _____ C:\Users\REDA\Downloads\Analyse Financière et Audit-20170208T035709Z.zip 2017-02-08 03:48 - 2017-02-08 03:51 - 27864013 _____ C:\Users\REDA\Downloads\Contrôle de gestion-20170208T034816Z.zip 2017-02-08 03:33 - 2017-02-27 20:40 - 00000000 ___RD C:\Users\REDA\Google Drive 2017-02-08 03:33 - 2017-02-08 03:33 - 00001707 _____ C:\Users\REDA\Desktop\Google Drive.lnk 2017-02-08 03:29 - 2017-02-08 03:29 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Drive 2017-02-08 03:26 - 2017-02-08 03:27 - 01129376 _____ (Google Inc.) C:\Users\REDA\Downloads\googledrivesync.exe 2017-02-03 19:26 - 2017-02-03 19:26 - 02535424 _____ C:\Users\REDA\Downloads\AUDIT_FINANCIER_Complet (3).ppt 2017-02-03 19:20 - 2017-02-03 19:20 - 00060516 _____ C:\Users\REDA\Downloads\Planning Rattrapage S9.pdf 2017-01-29 16:20 - 2017-01-29 16:20 - 00001748 _____ C:\Users\REDA\Downloads\bein.m3u ==================== Un mois - Modifiés - fichiers et dossiers ======== (Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.) 2017-02-27 21:11 - 2016-06-29 22:39 - 00000000 ____D C:\Users\REDA\AppData\Local\Spotify 2017-02-27 21:11 - 2016-06-29 22:38 - 00000000 ____D C:\Users\REDA\AppData\Roaming\Spotify 2017-02-27 20:57 - 2016-02-04 11:37 - 00001002 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job 2017-02-27 20:46 - 2009-07-14 04:45 - 00026352 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 2017-02-27 20:46 - 2009-07-14 04:45 - 00026352 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 2017-02-27 20:38 - 2015-06-05 10:22 - 00000000 __SHD C:\Users\REDA\IntelGraphicsProfiles 2017-02-27 20:36 - 2009-07-14 05:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT 2017-02-27 18:49 - 2016-09-03 16:38 - 00000000 ____D C:\Program Files (x86)\TunnelBear 2017-02-27 12:34 - 2015-06-15 00:49 - 00004180 _____ C:\Windows\System32\Tasks\avast! Emergency Update 2017-02-27 09:37 - 2011-04-12 09:16 - 00747328 _____ C:\Windows\system32\perfh00C.dat 2017-02-27 09:37 - 2011-04-12 09:16 - 00149820 _____ C:\Windows\system32\perfc00C.dat 2017-02-27 09:37 - 2009-07-14 05:13 - 01667292 _____ C:\Windows\system32\PerfStringBackup.INI 2017-02-27 09:37 - 2009-07-14 03:20 - 00000000 ____D C:\Windows\inf 2017-02-24 15:15 - 2016-01-05 23:22 - 00000000 ____D C:\Users\REDA\Desktop\Doc Reda 2017-02-23 19:28 - 2015-06-11 12:46 - 00000000 ____D C:\Program Files (x86)\Opera 2017-02-23 09:14 - 2016-01-23 03:14 - 00000000 ____D C:\Program Files (x86)\Overwolf 2017-02-22 18:48 - 2016-12-09 18:29 - 00000000 ____D C:\Users\REDA\AppData\Local\Ubisoft Game Launcher 2017-02-22 16:07 - 2015-06-11 12:52 - 00003870 _____ C:\Windows\System32\Tasks\Opera scheduled Autoupdate 1434027129 2017-02-22 09:00 - 2015-12-27 17:10 - 00002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk 2017-02-16 00:12 - 2016-05-02 03:09 - 00001966 _____ C:\Users\REDA\Desktop\tacos.txt 2017-02-14 15:57 - 2016-02-04 11:37 - 00003940 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater 2017-02-14 15:57 - 2015-12-18 17:35 - 00802904 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe 2017-02-14 15:57 - 2015-12-18 17:35 - 00144472 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl 2017-02-14 15:57 - 2015-12-18 17:35 - 00000000 ____D C:\Windows\SysWOW64\Macromed 2017-02-14 15:57 - 2015-12-18 17:35 - 00000000 ____D C:\Windows\system32\Macromed 2017-02-13 10:51 - 2016-08-10 16:23 - 00003402 _____ C:\Windows\System32\Tasks\GyazoUpdateTaskMachineDaily 2017-02-13 10:51 - 2016-08-10 16:23 - 00003276 _____ C:\Windows\System32\Tasks\GyazoUpdateTaskMachine 2017-02-13 10:51 - 2016-08-10 16:23 - 00000000 ____D C:\Program Files (x86)\Gyazo 2017-02-12 02:47 - 2016-08-08 00:38 - 00000000 ____D C:\Users\REDA\AppData\Roaming\TunnelBear 2017-02-10 01:10 - 2015-07-14 12:04 - 00000000 ____D C:\ProgramData\Package Cache 2017-02-09 18:15 - 2015-06-04 19:02 - 00000000 ____D C:\Program Files (x86)\Intel 2017-02-08 03:33 - 2015-06-04 18:52 - 00000000 ____D C:\Users\REDA 2017-02-08 03:29 - 2015-06-04 20:50 - 00000000 ____D C:\Users\REDA\AppData\Local\Google 2017-02-08 03:29 - 2015-06-04 20:50 - 00000000 ____D C:\Program Files (x86)\Google 2017-02-07 01:31 - 2015-06-04 20:53 - 00002153 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk 2017-02-07 01:31 - 2015-06-04 20:53 - 00002141 _____ C:\Users\Public\Desktop\Google Chrome.lnk 2017-01-29 19:51 - 2016-07-10 19:38 - 00000000 ____D C:\Users\REDA\AppData\Roaming\vlc ==================== Fichiers à la racine de certains dossiers ======= 2016-03-28 11:07 - 2016-03-28 11:22 - 0000172 _____ () C:\Users\REDA\AppData\Roaming\burnaware.ini 2015-06-07 14:32 - 2016-12-05 15:20 - 0000113 _____ () C:\Users\REDA\AppData\Roaming\D2Info0 2015-06-07 14:32 - 2016-12-05 15:41 - 0000008 _____ () C:\Users\REDA\AppData\Roaming\DofusAppId0_1 2015-06-09 20:47 - 2016-05-13 16:21 - 0000008 _____ () C:\Users\REDA\AppData\Roaming\DofusAppId0_2 2016-03-20 01:59 - 2016-09-19 21:12 - 0005632 _____ () C:\Users\REDA\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini 2016-01-04 18:16 - 2016-01-04 18:16 - 0000000 _____ () C:\Users\REDA\AppData\Local\{975E1193-32E4-4F11-924A-84746E7587B7} 2016-03-20 04:29 - 2016-03-20 04:29 - 0000016 _____ () C:\ProgramData\mntemp ==================== Bamital & volsnap ====================== (Il n'y a pas de correction automatique pour les fichiers qui ne satisfont pas à la vérification.) C:\Windows\system32\winlogon.exe => Le fichier est signé numériquement C:\Windows\system32\wininit.exe => Le fichier est signé numériquement C:\Windows\SysWOW64\wininit.exe => Le fichier est signé numériquement C:\Windows\explorer.exe => Le fichier est signé numériquement C:\Windows\SysWOW64\explorer.exe => Le fichier est signé numériquement C:\Windows\system32\svchost.exe => Le fichier est signé numériquement C:\Windows\SysWOW64\svchost.exe => Le fichier est signé numériquement C:\Windows\system32\services.exe => Le fichier est signé numériquement C:\Windows\system32\User32.dll => Le fichier est signé numériquement C:\Windows\SysWOW64\User32.dll => Le fichier est signé numériquement C:\Windows\system32\userinit.exe => Le fichier est signé numériquement C:\Windows\SysWOW64\userinit.exe => Le fichier est signé numériquement C:\Windows\system32\rpcss.dll => Le fichier est signé numériquement C:\Windows\system32\dnsapi.dll => Le fichier est signé numériquement C:\Windows\SysWOW64\dnsapi.dll => Le fichier est signé numériquement C:\Windows\system32\Drivers\volsnap.sys => Le fichier est signé numériquement LastRegBack: 2017-02-23 00:30 ==================== Fin de FRST.txt ============================