Résultats d'analyse de  Farbar Recovery Scan Tool (FRST) (x86) Version: 08-03-2017
Exécuté par MOHAMED (administrateur) sur MOHAMED-PC (09-03-2017 20:26:57)
Exécuté depuis C:\Users\MOHAMED\Downloads\Programs
Profils chargés: MOHAMED (Profils disponibles: MOHAMED)
Platform: Microsoft Windows 7 Édition Intégrale  Service Pack 1 (X86) Langue: Français (France)
Internet Explorer Version 8 (Navigateur par défaut: Chrome)
Mode d'amorçage: Normal
Tutoriel pour Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processus (Avec liste blanche) =================

(Si un élément est inclus dans le fichier fixlist.txt, le processus sera arrêté. Le fichier ne sera pas déplacé.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(Arcai.com) D:\netcut\services\aips.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\afwServ.exe
(Nalpeiron Ltd.) C:\Windows\System32\nlssrv32.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
(Google Inc.) C:\Program Files\Google\Update\1.3.32.7\GoogleCrashHandler.exe
(Stardock Corporation) D:\شكل الماوس\Stardock\CursorFX\CursorFX.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
(AVAST Software s.r.o.) C:\Program Files\AVAST Software\Avast\aswidsagent.exe
(Tonec Inc.) C:\Program Files\Internet Download Manager\IDMan.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Mega Limited) C:\ProgramData\MEGAsync\MEGAsync.exe
(Tonec Inc.) C:\Program Files\Internet Download Manager\IEMonitor.exe
(Node.js) C:\Program Files\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe

==================== Registre (Avec liste blanche) ====================

(Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé. Le fichier ne sera pas déplacé.)

HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [205512 2017-02-27] (AVAST Software)
HKLM\...\Run: [ShadowPlay] => "C:\Windows\system32\rundll32.exe" C:\Windows\system32\nvspcap.dll,ShadowPlayOnSystemStart
HKLM\...\Run: [SwitchBoard] => C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
HKLM\...\Run: [AdobeCS5ServiceManager] => "C:\Program Files\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe" -launchedbylogin
HKLM\...\Run: [AdobeAAMUpdater-1.0] => "C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"
HKLM\...\Run: [AdobeCEPServiceManager] => "C:\Program Files\Common Files\Adobe\CEPServiceManager4\CEPServiceManager.exe" -launchedbylogin
HKLM\...\Run: [AdobeCS6ServiceManager] => "C:\Program Files\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe" -launchedbylogin
HKLM\...\Policies\Explorer: [LinkResolveIgnoreLinkInfo] 0
HKLM\...\Policies\Explorer: [NoResolveSearch] 1
HKU\S-1-5-21-2055908500-1034735058-3773382703-1000\...\Run: [CursorFX] => D:\شكل الماوس\Stardock\CursorFX\CursorFX.exe [432784 2011-10-24] (Stardock Corporation)
HKU\S-1-5-21-2055908500-1034735058-3773382703-1000\...\Run: [IDMan] => C:\Program Files\Internet Download Manager\IDMan.exe [3997752 2016-12-09] (Tonec Inc.)
HKU\S-1-5-21-2055908500-1034735058-3773382703-1000\...\Run: [AdobeBridge] => [X]
HKU\S-1-5-21-2055908500-1034735058-3773382703-1000\...\MountPoints2: H - H:\Startme.exe
HKU\S-1-5-21-2055908500-1034735058-3773382703-1000\...\MountPoints2: {1ec73eb7-cc3e-11e5-b92a-00e04c360643} - H:\Startme.exe
HKU\S-1-5-18\...\Policies\Explorer: [NoLowDiskSpaceChecks] 1
HKU\S-1-5-18\...\Policies\Explorer: [LinkResolveIgnoreLinkInfo] 1
HKU\S-1-5-18\...\Policies\Explorer: [NoResolveSearch] 1
HKU\S-1-5-18\...\Policies\Explorer: [NoInternetOpenWith] 1
HKU\S-1-5-18\...\Policies\Explorer: [NoSMBalloonTip] 1
HKU\S-1-5-18\Control Panel\Desktop\\SCRNSAVE.EXE -> 
ShellIconOverlayIdentifiers: [ MEGA (Pending)] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => C:\ProgramData\MEGAsync\ShellExtX32.dll [2016-11-14] ()
ShellIconOverlayIdentifiers: [ MEGA (Synced)] -> {05B38830-F4E9-4329-978B-1DD28605D202} => C:\ProgramData\MEGAsync\ShellExtX32.dll [2016-11-14] ()
ShellIconOverlayIdentifiers: [ MEGA (Syncing)] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => C:\ProgramData\MEGAsync\ShellExtX32.dll [2016-11-14] ()
ShellIconOverlayIdentifiers: [   IDM Shell Extension] -> {CDC95B92-E27C-4745-A8C5-64A52A78855D} => C:\Program Files\Internet Download Manager\IDMShellExt.dll [2015-08-14] (Tonec Inc.)
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2017-02-27] (AVAST Software)
Startup: C:\Users\MOHAMED\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\MEGAsync.lnk [2016-10-29]
ShortcutTarget: MEGAsync.lnk -> C:\ProgramData\MEGAsync\MEGAsync.exe (Mega Limited)
GroupPolicy\User: Restriction ? <======= ATTENTION
GroupPolicyScripts\User: Restriction <======= ATTENTION

==================== Internet (Avec liste blanche) ====================

(Si un élément est inclus dans le fichier fixlist.txt, s'il s'agit d'un élément du Registre, il sera supprimé ou restauré à la valeur par défaut.)

Hosts: Il y a plus d'un élément dans hosts. Voir la section Hosts de Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{F4EEE332-A15F-4527-AFEA-C2F129DC6E2F}: [NameServer] 8.26.56.26,8.20.247.20
Tcpip\..\Interfaces\{F4EEE332-A15F-4527-AFEA-C2F129DC6E2F}: [DhcpNameServer] 192.168.1.1

Internet Explorer:
==================
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.DamasGate.com.com/vb
HKU\S-1-5-21-2055908500-1034735058-3773382703-1000\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://www.msn.com/ar-eg/?ocid=iehp
HKU\S-1-5-21-2055908500-1034735058-3773382703-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.dz/
BHO: IDM integration (IDMIEHlprObj Class) -> {0055C089-8582-441B-A0BF-17B458C2A3A8} -> C:\Program Files\Internet Download Manager\IDMIECC.dll [2016-12-10] (Internet Download Manager, Tonec Inc.)
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26] (Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_91\bin\ssv.dll [2016-06-02] (Oracle Corporation)
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2017-02-27] (AVAST Software)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_91\bin\jp2ssv.dll [2016-06-02] (Oracle Corporation)
Toolbar: HKU\S-1-5-21-2055908500-1034735058-3773382703-1000 -> Pas de nom - {2318C2B1-4965-11D4-9B18-009027A5CD4F} -  Pas de fichier
Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll [2009-02-26] (Microsoft Corporation)

FireFox:
========
FF ProfilePath: C:\Users\MOHAMED\AppData\Roaming\Mozilla\Firefox\Profiles\pafpkx6p.default [2017-03-09]
FF Homepage: Mozilla\Firefox\Profiles\pafpkx6p.default -> hxxps://www.google.dz/
FF NetworkProxy: Mozilla\Firefox\Profiles\pafpkx6p.default -> backup.ftp", ""
FF NetworkProxy: Mozilla\Firefox\Profiles\pafpkx6p.default -> backup.ftp_port", 0
FF NetworkProxy: Mozilla\Firefox\Profiles\pafpkx6p.default -> backup.socks", ""
FF NetworkProxy: Mozilla\Firefox\Profiles\pafpkx6p.default -> backup.socks_port", 0
FF NetworkProxy: Mozilla\Firefox\Profiles\pafpkx6p.default -> backup.ssl", ""
FF NetworkProxy: Mozilla\Firefox\Profiles\pafpkx6p.default -> backup.ssl_port", 0
FF NetworkProxy: Mozilla\Firefox\Profiles\pafpkx6p.default -> ftp", "kproxy.com"
FF NetworkProxy: Mozilla\Firefox\Profiles\pafpkx6p.default -> ftp_port", 80
FF NetworkProxy: Mozilla\Firefox\Profiles\pafpkx6p.default -> http", "kproxy.com"
FF NetworkProxy: Mozilla\Firefox\Profiles\pafpkx6p.default -> http_port", 80
FF NetworkProxy: Mozilla\Firefox\Profiles\pafpkx6p.default -> share_proxy_settings", true
FF NetworkProxy: Mozilla\Firefox\Profiles\pafpkx6p.default -> socks", "kproxy.com"
FF NetworkProxy: Mozilla\Firefox\Profiles\pafpkx6p.default -> socks_port", 80
FF NetworkProxy: Mozilla\Firefox\Profiles\pafpkx6p.default -> ssl", "kproxy.com"
FF NetworkProxy: Mozilla\Firefox\Profiles\pafpkx6p.default -> ssl_port", 80
FF Extension: (SHA-1 deprecation staged rollout) - C:\Users\MOHAMED\AppData\Roaming\Mozilla\Firefox\Profiles\pafpkx6p.default\features\{024fad25-924a-4fd4-a220-949a6c521329}\disableSHA1rollout@mozilla.org.xpi [2017-03-04]
FF Extension: (Pas de nom) - C:\Users\MOHAMED\AppData\Roaming\Mozilla\Firefox\Profiles\pafpkx6p.default\extensions\{cd617375-6743-4ee8-bac4-fbf10f35729e}.xpi [non trouvé(e)]
FF Extension: (Pas de nom) - C:\Users\MOHAMED\AppData\Roaming\Mozilla\Firefox\Profiles\pafpkx6p.default\extensions\{ce7e73df-6a44-4028-8079-5927a588c948}.xpi [non trouvé(e)]
FF Extension: (IDM integration) - C:\Program Files\Internet Download Manager\idmmzcc2.xpi [2016-11-16]
FF Extension: (Pas de nom) - C:\Users\MOHAMED\AppData\Roaming\Mozilla\Firefox\Profiles\pafpkx6p.default\extensions\translator@zoli.bod.xpi [non trouvé(e)]
FF HKLM\...\Firefox\Extensions: [sp@avast.com] - C:\Program Files\AVAST Software\Avast\SafePrice\FF48
FF Extension: (Avast SafePrice) - C:\Program Files\AVAST Software\Avast\SafePrice\FF48 [2017-03-04]
FF HKLM\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF48
FF Extension: (Avast Online Security) - C:\Program Files\AVAST Software\Avast\WebRep\FF48 [2017-03-04]
FF HKU\S-1-5-21-2055908500-1034735058-3773382703-1000\...\Firefox\Extensions: [mozilla_cc2@internetdownloadmanager.com] - C:\Program Files\Internet Download Manager\idmmzcc2.xpi
FF HKU\S-1-5-21-2055908500-1034735058-3773382703-1000\...\SeaMonkey\Extensions: [mozilla_cc2@internetdownloadmanager.com] - C:\Program Files\Internet Download Manager\idmmzcc2.xpi
FF HKU\S-1-5-21-2055908500-1034735058-3773382703-1000\...\SeaMonkey\Extensions: [mozilla_cc@internetdownloadmanager.com] - C:\Users\MOHAMED\AppData\Roaming\IDM\idmmzcc5
FF Extension: (IDM CC) - C:\Users\MOHAMED\AppData\Roaming\IDM\idmmzcc5 [2017-03-09] [non signé]
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32_24_0_0_221.dll [2017-02-23] ()
FF Plugin: @java.com/DTPlugin,version=11.91.2 -> C:\Program Files\Java\jre1.8.0_91\bin\dtplugin\npDeployJava1.dll [2016-06-02] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.91.2 -> C:\Program Files\Java\jre1.8.0_91\bin\plugin2\npjp2.dll [2016-06-02] (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.50901.0\npctrl.dll [2016-08-31] ( Microsoft Corporation)
FF Plugin: @nvidia.com/3DVision -> C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dv.dll [2014-05-20] (NVIDIA Corporation)
FF Plugin: @nvidia.com/3DVisionStreaming -> C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2014-05-20] (NVIDIA Corporation)
FF Plugin: @pages.tvunetworks.com/WebPlayer -> D:\TVUPlayer\npTVUAx.dll [Pas de fichier]
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2016-12-16] (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2016-12-16] (Google Inc.)
FF Plugin: @videolan.org/vlc,version=2.2.1 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.2.4 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll [Pas de fichier]

Chrome: 
=======
CHR DefaultProfile: Profile 1
CHR Profile: C:\Users\MOHAMED\AppData\Local\Google\Chrome\User Data\Default [2016-04-21]
CHR Extension: (Web Boost - Wait Less, Browse Faster!) - C:\Users\MOHAMED\AppData\Local\Google\Chrome\User Data\Default\Extensions\ahbkhnpmoamidjgbneafjipbmdfpefad [2015-10-18]
CHR Extension: (Google Docs) - C:\Users\MOHAMED\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-10-15]
CHR Extension: (Google Drive) - C:\Users\MOHAMED\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-10-23]
CHR Extension: (WOT: Web of Trust, Website Reputation Ratings) - C:\Users\MOHAMED\AppData\Local\Google\Chrome\User Data\Default\Extensions\bhmmomiinigofkjcapegjjndpbikblnp [2015-10-18]
CHR Extension: (YouTube) - C:\Users\MOHAMED\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-10-15]
CHR Extension: (Recherche Google) - C:\Users\MOHAMED\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-10-27]
CHR Extension: (Search by Image (by Google)) - C:\Users\MOHAMED\AppData\Local\Google\Chrome\User Data\Default\Extensions\dajedkncpodkggklbegccjpmnglmnflm [2017-03-09]
CHR Extension: (Instagram Recherche) - C:\Users\MOHAMED\AppData\Local\Google\Chrome\User Data\Default\Extensions\dbphedbdkhieekdgfancmpecnppeinod [2015-11-17]
CHR Extension: (PDF Converter) - C:\Users\MOHAMED\AppData\Local\Google\Chrome\User Data\Default\Extensions\dmgnkfgleaamgbhhojkfijjmjmngokkb [2015-11-17]
CHR Extension: (Wallpaper HD) - C:\Users\MOHAMED\AppData\Local\Google\Chrome\User Data\Default\Extensions\dnbilpdheddjgnakieihlflcolbeenda [2015-11-17]
CHR Extension: (Avast SafePrice) - C:\Users\MOHAMED\AppData\Local\Google\Chrome\User Data\Default\Extensions\eofcbnmajmjmplflapaojjnihcjkigck [2015-10-31]
CHR Extension: (Video Spinner) - C:\Users\MOHAMED\AppData\Local\Google\Chrome\User Data\Default\Extensions\facbikebnknginefgjaafpcmdmnjpiek [2015-11-17]
CHR Extension: (ZenMate Security, Privacy & Unblock VPN) - C:\Users\MOHAMED\AppData\Local\Google\Chrome\User Data\Default\Extensions\fdcgdnkidjaadafnichfpabhfomcebme [2015-11-17]
CHR Extension: (Google Docs hors connexion) - C:\Users\MOHAMED\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2015-11-18]
CHR Extension: (AdBlock) - C:\Users\MOHAMED\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2015-11-17]
CHR Extension: (Avast Online Security) - C:\Users\MOHAMED\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2015-11-04]
CHR Extension: (Bouton Pin It) - C:\Users\MOHAMED\AppData\Local\Google\Chrome\User Data\Default\Extensions\gpdjojdkbbmdfjfahjcgigfpmkopogic [2015-11-06]
CHR Extension: (TinEye Reverse Image Search) - C:\Users\MOHAMED\AppData\Local\Google\Chrome\User Data\Default\Extensions\haebnnbpedcbhciplfhjjkbafijpncjl [2015-10-15]
CHR Extension: (Chromebook Recovery Utility) - C:\Users\MOHAMED\AppData\Local\Google\Chrome\User Data\Default\Extensions\jndclpdbaamdhonoechobihbbiimdgai [2015-11-17]
CHR Extension: (Audio EQ) - C:\Users\MOHAMED\AppData\Local\Google\Chrome\User Data\Default\Extensions\lfafdlnjaliaghpjdajmlcnnblkgcefh [2015-11-06]
CHR Extension: (Speed Dial [FVD] - New Tab Page, 3D, Sync...) - C:\Users\MOHAMED\AppData\Local\Google\Chrome\User Data\Default\Extensions\llaficoajjainaijghjlofdfmbjpebpa [2015-11-14]
CHR Extension: (Ashish Mishra) - C:\Users\MOHAMED\AppData\Local\Google\Chrome\User Data\Default\Extensions\lnkdbjbjpnpjeciipoaflmpcddinpjjp [2015-10-15]
CHR Extension: (IDM Integration Module) - C:\Users\MOHAMED\AppData\Local\Google\Chrome\User Data\Default\Extensions\ngpampappnmepgilojfohadhhmbhlaek [2017-01-13]
CHR Extension: (Paiements via le Chrome Web Store) - C:\Users\MOHAMED\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-10-15]
CHR Extension: (Facebook GIF Button) - C:\Users\MOHAMED\AppData\Local\Google\Chrome\User Data\Default\Extensions\omdfmeimafcmmefpiebpeodknddagimg [2015-11-18]
CHR Extension: (TotalComicBooks) - C:\Users\MOHAMED\AppData\Local\Google\Chrome\User Data\Default\Extensions\onhbkhjpbpaclgnkbmnbklpbcaadcdgc [2015-11-17]
CHR Extension: (Gmail) - C:\Users\MOHAMED\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-10-15]
CHR Profile: C:\Users\MOHAMED\AppData\Local\Google\Chrome\User Data\Guest Profile [2016-04-21]
CHR Profile: C:\Users\MOHAMED\AppData\Local\Google\Chrome\User Data\Profile 1 [2017-03-09]
CHR Extension: (WOT: Web of Trust, Website Reputation Ratings) - C:\Users\MOHAMED\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\bhmmomiinigofkjcapegjjndpbikblnp [2017-03-09]
CHR Extension: (Adblock Plus) - C:\Users\MOHAMED\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2017-03-09]
CHR Extension: (Search by Image (by Google)) - C:\Users\MOHAMED\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\dajedkncpodkggklbegccjpmnglmnflm [2017-03-09]
CHR Extension: (Who Deleted Me - Unfriend Finder for Facebook) - C:\Users\MOHAMED\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\eiepnnbjenknnjgabbodaihlnkkpkgll [2017-03-09]
CHR Extension: (What Facebook Thinks You Like) - C:\Users\MOHAMED\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\eoknmaajkanapojcdeccofmeimpddoim [2017-03-09]
CHR Extension: (ZenMate VPN - Sécurité internet & Unblock) - C:\Users\MOHAMED\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\fdcgdnkidjaadafnichfpabhfomcebme [2017-03-09]
CHR Extension: (TinEye Reverse Image Search) - C:\Users\MOHAMED\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\haebnnbpedcbhciplfhjjkbafijpncjl [2017-03-09]
CHR Extension: (Facebook - Delete All Messages) - C:\Users\MOHAMED\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\hgiidlnejdlfoacoeleopkljhbckmlko [2017-03-09]
CHR Extension: (Unseen) - C:\Users\MOHAMED\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\iicapmagmhahddefgokbabbgieiogjop [2017-03-09]
CHR Extension: (WhatFont) - C:\Users\MOHAMED\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\jabopobgcpjmedljpbcaablpmlmfcogm [2017-03-09]
CHR Extension: (Flatbook) - C:\Users\MOHAMED\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\kadbillinepbjlgenaliokdhejdmmlgp [2017-03-09]
CHR Extension: (Speed Dial [FVD] - New Tab Page, 3D, Sync...) - C:\Users\MOHAMED\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\llaficoajjainaijghjlofdfmbjpebpa [2017-03-09]
CHR Extension: (Ashish Mishra) - C:\Users\MOHAMED\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\lnkdbjbjpnpjeciipoaflmpcddinpjjp [2017-03-09]
CHR Extension: (Messenger (Unofficial)) - C:\Users\MOHAMED\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\mdapmeleikeppmfgadilffngabfpibok [2017-03-09]
CHR Extension: (IDM Integration Module) - C:\Users\MOHAMED\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ngpampappnmepgilojfohadhhmbhlaek [2017-03-09]
CHR Extension: (Paiements via le Chrome Web Store) - C:\Users\MOHAMED\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-03-09]
CHR Extension: (AdF.ly Skipper ★WORKING★) - C:\Users\MOHAMED\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\obnfifcganohemahpomajbhocfkdgmjb [2017-03-09]
CHR Extension: (RightToCopy) - C:\Users\MOHAMED\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\plmcimdddlobkphnofejmeidjblideca [2017-03-09]
CHR Profile: C:\Users\MOHAMED\AppData\Local\Google\Chrome\User Data\System Profile [2016-06-13]
CHR HKLM\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx <non trouvé(e)>
CHR HKLM\...\Chrome\Extension: [ngpampappnmepgilojfohadhhmbhlaek] - C:\Program Files\Internet Download Manager\IDMGCExt.crx [2016-12-10]

Opera: 
=======
OPR Extension: (Middle Rush) - C:\Users\MOHAMED\AppData\Roaming\Opera Software\Opera Stable\Extensions\babjfjehkhodgmckabalkdblemheapdj [2015-12-30]

==================== Services (Avec liste blanche) ====================

(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)

R2 AIPS; D:\netcut\services\AIPS.exe [262144 2011-07-28] (Arcai.com) [Fichier non signé]
R3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\aswidsagent.exe [5545144 2017-02-27] (AVAST Software s.r.o.)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [262736 2017-02-27] (AVAST Software)
R2 avast! Firewall; C:\Program Files\AVAST Software\Avast\afwServ.exe [278784 2017-02-27] (AVAST Software)
R2 nlsX86cc; C:\Windows\system32\nlssrv32.exe [66560 2012-01-31] (Nalpeiron Ltd.) [Fichier non signé]
R2 NvContainerLocalSystem; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [427064 2017-01-06] (NVIDIA Corporation)
S3 NvContainerNetworkService; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [427064 2017-01-06] (NVIDIA Corporation)
S2 NVDisplay.ContainerLocalSystem; C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe [420288 2016-12-11] (NVIDIA Corporation)
S2 NvTelemetryContainer; C:\Program Files\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe [427064 2017-01-06] (NVIDIA Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [680960 2013-05-27] (Microsoft Corporation)
S2 AdobeARMservice; "C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe" [X]
S2 NVIDIA Wireless Controller Service; "C:\Program Files\NVIDIA Corporation\GeForce Experience Service\nvwirelesscontroller.exe" [X]
S2 QQLiveService; C:\Program Files\Tencent\QQLive\9.10.1059.0\LiveService.dll [X]
S3 rpcapd; "%ProgramFiles%\WinPcap\rpcapd.exe" -d -f "%ProgramFiles%\WinPcap\rpcapd.ini" [X]
S3 SwitchBoard; "C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe" [X]

===================== Pilotes (Avec liste blanche) ======================

(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)

R1 aswbidsdriver; C:\Windows\system32\drivers\aswbidsdriverx.sys [257288 2017-02-27] (AVAST Software s.r.o.)
R0 aswbidsh; C:\Windows\system32\drivers\aswbidshx.sys [148720 2017-02-27] (AVAST Software s.r.o.)
R0 aswblog; C:\Windows\system32\drivers\aswblogx.sys [267016 2017-02-27] (AVAST Software s.r.o.)
R0 aswbuniv; C:\Windows\system32\drivers\aswbunivx.sys [41176 2017-02-27] (AVAST Software s.r.o.)
S3 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [34136 2017-02-27] (AVAST Software)
R1 aswKbd; C:\Windows\system32\drivers\aswKbd.sys [31064 2017-02-27] (AVAST Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [106392 2017-02-27] (AVAST Software)
R3 aswNetNd6; C:\Windows\System32\DRIVERS\aswNetNd6.sys [27896 2017-02-24] (AVAST Software)
R1 aswNetSec; C:\Windows\system32\drivers\aswNetSec.sys [355752 2017-02-27] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [90336 2017-02-27] (AVAST Software)
R0 aswRvrt; C:\Windows\system32\drivers\aswRvrt.sys [62152 2017-02-27] (AVAST Software)
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [756200 2017-02-27] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [463936 2017-02-27] (AVAST Software)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [118288 2017-02-27] (AVAST Software)
R0 aswVmm; C:\Windows\system32\drivers\aswVmm.sys [278776 2017-02-27] (AVAST Software)
S3 DFX11_1; C:\Windows\System32\drivers\dfx11_1.sys [24424 2012-08-29] (Windows (R) Win 7 DDK provider)
S3 DFX12; C:\Windows\System32\drivers\dfx12.sys [26104 2015-11-12] (Windows (R) Win 7 DDK provider)
R0 iusb3hcs; C:\Windows\System32\DRIVERS\iusb3hcs.sys [16880 2013-07-17] (Intel Corporation)
R3 ManyCam; C:\Windows\System32\DRIVERS\mcvidrv.sys [40736 2013-11-27] (Visicom Media Inc.)
R3 mcaudrv_simple; C:\Windows\System32\drivers\mcaudrv.sys [29728 2013-12-06] (Visicom Media Inc.)
R2 NPF; C:\Windows\System32\drivers\npf.sys [35088 2010-06-25] (CACE Technologies, Inc.)
S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [27704 2017-01-06] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad32v.sys [42040 2017-01-06] (NVIDIA Corporation)
R3 nvvhci; C:\Windows\System32\DRIVERS\nvvhci.sys [51768 2017-01-06] (NVIDIA Corporation)
S3 SliceDisk5; C:\Program Files\A-FF Find and Mount\slicedisk.sys [26192 2011-02-25] (Atola) [Fichier non signé]
S3 wdm_usb; C:\Windows\System32\DRIVERS\usb2ser.sys [128704 2016-08-16] (MBB)
U4 Messenger; pas de ImagePath
S3 MSICDSetup; \??\G:\CDriver.sys [X]
S3 Synth3dVsc; System32\drivers\synth3dvsc.sys [X]
S3 tsusbhub; system32\drivers\tsusbhub.sys [X]
U5 UnlockerDriver5; C:\Program Files\Unlocker\UnlockerDriver5.sys [4096 2010-07-04] () [Fichier non signé]
S3 VGPU; System32\drivers\rdvgkmd.sys [X]

==================== NetSvcs (Avec liste blanche) ===================

(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)


==================== Un mois - Créés - fichiers et dossiers ========

(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)

2017-03-09 20:26 - 2017-03-09 20:26 - 00000000 ____D C:\FRST
2017-03-09 20:25 - 2017-03-09 20:25 - 00001265 _____ C:\Users\MOHAMED\Desktop\FRST - Raccourci.lnk
2017-03-09 20:03 - 2017-03-09 20:03 - 00000000 ____D C:\ProgramData\SWCUTemp
2017-03-08 23:49 - 2017-03-08 23:49 - 02030536 _____ (Bleeping Computer, LLC) C:\Users\MOHAMED\Downloads\rkill (2).com
2017-03-08 23:48 - 2017-03-08 23:49 - 02030536 _____ (Bleeping Computer, LLC) C:\Users\MOHAMED\Downloads\Non confirmé 23129.crdownload
2017-03-08 23:45 - 2017-03-08 23:46 - 02030536 _____ (Bleeping Computer, LLC) C:\Users\MOHAMED\Downloads\Non confirmé 576753.crdownload
2017-03-08 19:27 - 2017-03-08 22:42 - 00000000 ____D C:\Users\MOHAMED\AppData\Roaming\ZHP
2017-03-08 19:17 - 2017-03-09 19:38 - 00000000 ____D C:\AdwCleaner
2017-03-06 17:34 - 2017-02-08 17:14 - 00000000 ____D C:\Users\MOHAMED\Desktop\avast! Internet Security
2017-03-04 23:05 - 2017-03-04 23:05 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVAST Software
2017-03-04 23:02 - 2017-02-27 17:39 - 00328208 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2017-03-04 18:07 - 2017-03-09 19:31 - 00000000 ____D C:\Users\MOHAMED\Desktop\Nouveau dossier (2)
2017-02-25 11:59 - 2017-02-25 11:59 - 00092448 _____ C:\Users\MOHAMED\Downloads\mohammad bold art 1.TTF
2017-02-25 11:59 - 2017-02-25 11:59 - 00092448 _____ C:\Users\MOHAMED\Downloads\mohammad bold art 1 (1).TTF
2017-02-24 18:03 - 2017-02-27 17:38 - 00267016 _____ (AVAST Software s.r.o.) C:\Windows\system32\Drivers\aswblogx.sys
2017-02-24 18:03 - 2017-02-27 17:38 - 00257288 _____ (AVAST Software s.r.o.) C:\Windows\system32\Drivers\aswbidsdriverx.sys
2017-02-24 18:03 - 2017-02-27 17:38 - 00148720 _____ (AVAST Software s.r.o.) C:\Windows\system32\Drivers\aswbidshx.sys
2017-02-24 18:03 - 2017-02-27 17:38 - 00041176 _____ (AVAST Software s.r.o.) C:\Windows\system32\Drivers\aswbunivx.sys
2017-02-24 18:01 - 2017-02-24 18:01 - 00027896 _____ (AVAST Software) C:\Windows\system32\Drivers\aswNetNd6.sys
2017-02-21 19:37 - 2017-02-21 19:40 - 06579171 _____ C:\Users\MOHAMED\Downloads\keep_walking_by_pshoudini-d5dblfi.psd
2017-02-19 17:39 - 2017-02-27 20:27 - 00000000 ____D C:\Users\MOHAMED\AppData\Roaming\Adobe
2017-02-19 17:39 - 2017-02-25 13:17 - 00000000 ____D C:\Users\MOHAMED\AppData\Local\Adobe
2017-02-19 17:39 - 2017-02-19 17:39 - 00000000 ____D C:\ProgramData\regid.1986-12.com.adobe
2017-02-19 17:39 - 2017-02-19 17:39 - 00000000 ____D C:\ProgramData\Adobe
2017-02-08 18:14 - 2017-02-08 18:14 - 03829638 _____ C:\Users\MOHAMED\Downloads\abstract_brushes_vol__15___5x_by_basstar.abr

==================== Un mois - Modifiés - fichiers et dossiers ========

(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)

2017-03-09 19:47 - 2009-07-14 05:34 - 00017264 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2017-03-09 19:47 - 2009-07-14 05:34 - 00017264 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2017-03-09 19:42 - 2015-10-15 10:32 - 00000000 ____D C:\ProgramData\NVIDIA
2017-03-09 19:39 - 2009-07-14 05:53 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2017-03-09 17:51 - 2015-10-15 12:47 - 00000000 ____D C:\Users\MOHAMED\AppData\Roaming\DMCache
2017-03-09 00:19 - 2016-05-06 00:57 - 00000000 ____D C:\Program Files\BotRevoltFree
2017-03-08 23:47 - 2015-10-15 12:47 - 00000000 ____D C:\Users\MOHAMED\Downloads\Compressed
2017-03-08 22:24 - 2016-12-02 18:33 - 00001432 _____ C:\Users\MOHAMED\AppData\Local\Adobe Save for Web 12.0 Prefs ME
2017-03-08 22:20 - 2016-11-29 22:43 - 00000132 _____ C:\Users\MOHAMED\AppData\Roaming\تفضيلات Adobe PNG Format CS5
2017-03-08 17:59 - 2016-11-12 19:47 - 00040960 ____H C:\Users\MOHAMED\Desktop\photothumb.db
2017-03-07 17:35 - 2016-03-04 16:42 - 00000000 ____D C:\Users\MOHAMED\AppData\Local\CrashDumps
2017-03-05 21:00 - 2015-10-15 12:47 - 00000000 ____D C:\Users\MOHAMED\Downloads\Video
2017-03-04 17:41 - 2017-01-18 21:32 - 00000000 ____D C:\Users\MOHAMED\AppData\LocalLow\Mozilla
2017-03-03 12:36 - 2016-04-08 20:24 - 00000000 ____D C:\ProgramData\AVAST Software
2017-02-27 17:39 - 2016-05-09 23:12 - 00463936 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys
2017-02-27 17:39 - 2016-05-09 23:12 - 00278776 _____ (AVAST Software) C:\Windows\system32\Drivers\aswVmm.sys
2017-02-27 17:39 - 2016-05-09 23:12 - 00118288 _____ (AVAST Software) C:\Windows\system32\Drivers\aswStm.sys
2017-02-27 17:39 - 2016-05-09 23:12 - 00106392 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2017-02-27 17:39 - 2016-05-09 23:12 - 00090336 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2017-02-27 17:39 - 2016-05-09 23:12 - 00062152 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRvrt.sys
2017-02-27 17:39 - 2016-05-09 23:12 - 00034136 _____ (AVAST Software) C:\Windows\system32\Drivers\aswHwid.sys
2017-02-27 17:38 - 2016-05-09 23:12 - 00756200 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys
2017-02-27 17:38 - 2016-05-09 23:12 - 00031064 _____ (AVAST Software) C:\Windows\system32\Drivers\aswKbd.sys
2017-02-27 17:38 - 2016-04-08 20:36 - 00355752 _____ (AVAST Software) C:\Windows\system32\Drivers\aswNetSec.sys
2017-02-26 18:52 - 2015-11-02 19:45 - 00000000 ____D C:\Users\MOHAMED\AppData\Roaming\vlc
2017-02-25 17:34 - 2009-07-14 05:33 - 03997128 _____ C:\Windows\system32\FNTCACHE.DAT
2017-02-25 12:06 - 2016-01-29 16:39 - 00175568 _____ C:\Users\MOHAMED\AppData\Local\GDIPFONTCACHEV1.DAT
2017-02-25 10:45 - 2016-03-25 13:27 - 00000000 ____D C:\temp
2017-02-24 18:06 - 2009-07-14 03:37 - 00000000 ____D C:\Windows\inf
2017-02-24 16:35 - 2017-01-21 11:05 - 00000000 ____D C:\Users\MOHAMED\AppData\Roaming\IDM
2017-02-23 21:18 - 2017-01-13 01:38 - 00000000 ____D C:\Program Files\Common Files\AV
2017-02-23 21:18 - 2016-11-26 23:54 - 00000000 ____D C:\Program Files\McAfee
2017-02-23 21:17 - 2016-11-26 22:57 - 00000000 ____D C:\ProgramData\McAfee
2017-02-23 21:16 - 2015-12-05 21:15 - 00000000 ____D C:\Program Files\Common Files\Adobe
2017-02-23 21:15 - 2015-10-17 15:35 - 00000000 ____D C:\ProgramData\TEMP
2017-02-23 20:44 - 2016-11-26 22:57 - 00000000 ____D C:\Program Files\McAfee Security Scan
2017-02-23 20:41 - 2016-11-26 22:59 - 00000030 _____ C:\AVScanner.ini
2017-02-23 20:41 - 2015-11-08 12:19 - 00802904 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
2017-02-23 20:41 - 2015-11-08 12:19 - 00144472 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl
2017-02-23 20:40 - 2015-10-23 16:44 - 00000000 ____D C:\Windows\system32\Macromed
2017-02-22 23:25 - 2015-12-12 11:13 - 00000000 ____D C:\ProgramData\Skype
2017-02-19 19:31 - 2016-06-02 21:30 - 00000000 ____D C:\Users\MOHAMED\.oracle_jre_usage
2017-02-19 19:22 - 2016-12-03 20:44 - 00000000 ____D C:\Users\MOHAMED\Downloads\Nouveau dossier
2017-02-12 17:16 - 2015-10-15 19:40 - 00000000 ____D C:\Program Files\Mozilla Maintenance Service
2017-02-11 11:05 - 2016-11-19 12:19 - 00000000 ____D C:\Program Files\Mozilla Firefox
2017-02-07 23:30 - 2016-10-29 14:58 - 00000000 ____D C:\ProgramData\MEGAsync

==================== Fichiers à la racine de certains dossiers =======

2015-04-19 13:20 - 2015-04-19 13:20 - 0005872 _____ () C:\Users\MOHAMED\AppData\Roaming\23ncDJHhtJ
2016-02-26 20:09 - 2016-02-26 23:51 - 0001095 _____ () C:\Users\MOHAMED\AppData\Roaming\3D SEX VILLA GAME CRACK.exe.tmp
2016-12-16 19:30 - 2017-01-26 21:28 - 0000132 _____ () C:\Users\MOHAMED\AppData\Roaming\Adobe PNG Format CC Prefs
2015-10-23 16:42 - 2016-01-29 16:12 - 0000056 _____ () C:\Users\MOHAMED\AppData\Roaming\coreavc.ini
2016-12-31 14:22 - 2016-12-31 15:02 - 0000354 _____ () C:\Users\MOHAMED\AppData\Roaming\imagetuner.ini
2016-12-17 20:16 - 2016-12-17 22:11 - 0000132 _____ () C:\Users\MOHAMED\AppData\Roaming\Préfs Format GIF Adobe CS6
2016-12-06 19:52 - 2016-12-06 19:59 - 0000132 _____ () C:\Users\MOHAMED\AppData\Roaming\Préférences Adobe PNG Format CC
2015-04-14 17:28 - 2015-04-14 17:28 - 0004387 _____ () C:\Users\MOHAMED\AppData\Roaming\yT01fINMwwWHanKyuKrtqlnP21r
2016-12-02 00:59 - 2016-12-02 00:59 - 0000132 _____ () C:\Users\MOHAMED\AppData\Roaming\تفضيلات Adobe GIF Format CS5
2016-11-29 22:43 - 2017-03-08 22:20 - 0000132 _____ () C:\Users\MOHAMED\AppData\Roaming\تفضيلات Adobe PNG Format CS5
2016-12-06 19:50 - 2016-12-17 23:59 - 0001456 _____ () C:\Users\MOHAMED\AppData\Local\Adobe Enregistrer pour le Web 13.0 Prefs
2016-12-15 21:00 - 2016-12-15 21:00 - 0001432 _____ () C:\Users\MOHAMED\AppData\Local\Adobe Save for Web 12.0 Prefs
2016-12-02 18:33 - 2017-03-08 22:24 - 0001432 _____ () C:\Users\MOHAMED\AppData\Local\Adobe Save for Web 12.0 Prefs ME
2016-12-16 19:29 - 2017-01-20 22:23 - 0001456 _____ () C:\Users\MOHAMED\AppData\Local\Adobe Save for Web 13.0 Prefs
2016-12-15 18:04 - 2017-01-25 17:25 - 0005068 _____ () C:\ProgramData\NvTelemetryContainer.log
2016-12-15 18:04 - 2017-01-25 01:51 - 0005068 _____ () C:\ProgramData\NvTelemetryContainer.log_backup1

==================== Bamital & volsnap ======================

(Il n'y a pas de correction automatique pour les fichiers qui ne satisfont pas à la vérification.)

C:\Windows\explorer.exe => Le fichier est signé numériquement
C:\Windows\system32\winlogon.exe => Le fichier est signé numériquement
C:\Windows\system32\wininit.exe => Le fichier est signé numériquement
C:\Windows\system32\svchost.exe => Le fichier est signé numériquement
C:\Windows\system32\services.exe => Le fichier est signé numériquement
C:\Windows\system32\User32.dll => Le fichier est signé numériquement
C:\Windows\system32\userinit.exe => Le fichier est signé numériquement
C:\Windows\system32\rpcss.dll => Le fichier est signé numériquement
C:\Windows\system32\dnsapi.dll => Le fichier est signé numériquement
C:\Windows\system32\Drivers\volsnap.sys => Le fichier est signé numériquement

LastRegBack: 2017-03-04 00:50

==================== Fin de FRST.txt ============================