Résultats d'analyse de Farbar Recovery Scan Tool (FRST) (x64) Version: 15-06-2017 01 ([color=red]ATTENTION: ====> FRSTla version date de 63 jours et est peut-être périmée[/color]) Exécuté par ASMAA (administrateur) sur ASSUS (17-08-2017 04:31:34) Exécuté depuis C:\Users\ASMAA\Desktop Profils chargés: ASMAA (Profils disponibles: ASMAA & terba_000 & Administrateur) Platform: Windows 8.1 Single Language (Update) (X64) Langue: Français (France) Internet Explorer Version 11 (Navigateur par défaut: Opera) Mode d'amorçage: Safe Mode (with Networking) Tutoriel pour Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processus (Avec liste blanche) ================= (Si un élément est inclus dans le fichier fixlist.txt, le processus sera arrêté. Le fichier ne sera pas déplacé.) (McAfee, Inc.) C:\Program Files\Common Files\mcafee\systemcore\mfemms.exe (McAfee, Inc.) C:\Windows\System32\mfevtps.exe (Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe (McAfee, Inc.) C:\Windows\System32\mfevtps.exe (McAfee, Inc.) C:\Program Files\Common Files\mcafee\systemcore\mfefire.exe (Microsoft Corporation) C:\Windows\System32\dllhost.exe (PageBites, Inc.) C:\Users\ASMAA\AppData\Roaming\Imo Messenger\ImoDesktopApp.exe (McAfee, Inc.) C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe (McAfee, Inc.) C:\Program Files\Common Files\mcafee\platform\McUICnt.exe (Opera Software) C:\Program Files (x86)\Opera\45.0.2552.898\opera.exe (Opera Software) C:\Program Files (x86)\Opera\45.0.2552.898\opera_crashreporter.exe (Opera Software) C:\Program Files (x86)\Opera\45.0.2552.898\opera.exe (Opera Software) C:\Program Files (x86)\Opera\45.0.2552.898\opera.exe (Opera Software) C:\Program Files (x86)\Opera\45.0.2552.898\opera.exe (Opera Software) C:\Program Files (x86)\Opera\45.0.2552.898\opera.exe (Opera Software) C:\Program Files (x86)\Opera\45.0.2552.898\opera.exe (Opera Software) C:\Program Files (x86)\Opera\45.0.2552.898\opera.exe (Opera Software) C:\Program Files (x86)\Opera\45.0.2552.898\opera.exe (Opera Software) C:\Program Files (x86)\Opera\45.0.2552.898\opera.exe (Microsoft Corporation) C:\Program Files\Windows Defender\MpCmdRun.exe ==================== Registre (Avec liste blanche) ==================== (Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé. Le fichier ne sera pas déplacé.) HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13632216 2013-07-23] (Realtek Semiconductor) HKLM\...\Run: [RtHDVBg] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1321688 2013-07-04] (Realtek Semiconductor) HKLM\...\Run: [gpuminer] => C:\Users\ASMAA\AppData\Roaming\cpuminer\sgminer\sgminer.cmd [96 2015-05-02] () HKLM\...\Run: [ActivManager] => C:\Program Files\Activ Software\ActivDriver\ActivMgr.exe [1002848 2015-03-04] () HKLM\...\Run: [WindowsDefender] => "%ProgramFiles%\Windows Defender\MSASCuiL.exe" HKLM\...\Run: [Wondershare Helper Compact.exe] => C:\Program Files\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe HKLM-x32\...\Run: [Adobe Reader Speed Launcher] => "C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe" HKLM-x32\...\Run: [ASUSPRP] => "C:\Program Files (x86)\ASUS\APRP\APRP.EXE" HKLM-x32\...\Run: [ASUSWebStorage] => C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.18.159\AsusWSPanel.exe /S HKLM-x32\...\Run: [RemoteControl10] => C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe [95192 2013-03-09] (CyberLink Corp.) HKLM-x32\...\Run: [Chedot] => C:\Users\ASMAA\AppData\Local\Chedot\Application\chedot.exe HKLM-x32\...\Run: [ADSKAppManager] => "C:\Program Files (x86)\Common Files\Autodesk Shared\AppManager\R1\AdAppMgr.exe" -showminimized -checkautorun HKLM-x32\...\Run: [Wondershare Helper Compact.exe] => C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe [2137744 2016-10-08] (Wondershare) HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [597040 2015-10-06] (Oracle Corporation) HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [5225064 2017-06-15] (AVAST Software) Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation) HKLM\...\Policies\Explorer\Run: [BtvStack] => C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe [132736 2013-11-29] (Qualcomm®Atheros®) HKU\S-1-5-21-623354990-389639077-3624291495-1001\...\Run: [ManyCam] => C:\Program Files (x86)\ManyCam\ManyCam.exe [10116392 2015-12-21] (Visicom Media Inc.) HKU\S-1-5-21-623354990-389639077-3624291495-1001\...\Run: [f.lux] => C:\Users\ASMAA\AppData\Local\FluxSoftware\Flux\flux.exe [1017224 2013-10-24] (Flux Software LLC) HKU\S-1-5-21-623354990-389639077-3624291495-1001\...\Run: [Adobe Acrobat Synchronizer] => "C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\AdobeCollabSync.exe" HKU\S-1-5-21-623354990-389639077-3624291495-1001\...\Run: [Imo Messenger] => C:\Users\ASMAA\AppData\Roaming\Imo Messenger\ImoDesktopApp.exe [5692304 2016-11-22] (PageBites, Inc.) HKU\S-1-5-21-623354990-389639077-3624291495-1001\...\Policies\Explorer: [] HKU\S-1-5-21-623354990-389639077-3624291495-1001\...\MountPoints2: {5468a45b-39e8-11e5-be84-54271ec06698} - "C:\WINDOWS\system32\RunDLL32.EXE" Shell32.DLL,ShellExec_RunDLL F:\start.exe HKU\S-1-5-21-623354990-389639077-3624291495-1001\...\MountPoints2: {8aa8c953-4cc4-11e6-bf80-10c37bb10ea9} - "F:\AutoRun.exe" HKU\S-1-5-21-623354990-389639077-3624291495-1001\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\windows\system32\SUPERM~1.SCR HKU\S-1-5-18\...\Run: [KSS] => "C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Scan\kss.exe" autorun ShellIconOverlayIdentifiers: [ AccExtIco1] -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2016-10-25] () ShellIconOverlayIdentifiers: [ AccExtIco2] -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2016-10-25] () ShellIconOverlayIdentifiers: [ AccExtIco3] -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2016-10-25] () ShellIconOverlayIdentifiers: [ SkyDrive1] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => -> Pas de fichier ShellIconOverlayIdentifiers: [ SkyDrive2] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => -> Pas de fichier ShellIconOverlayIdentifiers: [ SkyDrive3] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => -> Pas de fichier ShellIconOverlayIdentifiers: [!AsusWSShellExt_B] -> {6D4133E5-0742-4ADC-8A8C-9303440F7190} => C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.18.159\ASUSWSShellExt64.dll [2012-09-27] (ASUS Cloud Corporation.) ShellIconOverlayIdentifiers: [!AsusWSShellExt_O] -> {64174815-8D98-4CE6-8646-4C039977D808} => C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.18.159\ASUSWSShellExt64.dll [2012-09-27] (ASUS Cloud Corporation.) ShellIconOverlayIdentifiers: [!AsusWSShellExt_U] -> {1C5AB7B1-0B38-4EC4-9093-7FD277E2AF4D} => C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.18.159\ASUSWSShellExt64.dll [2012-09-27] (ASUS Cloud Corporation.) ShellIconOverlayIdentifiers: [###MegaShellExtPending] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => C:\ProgramData\MEGAsync\ShellExtX64.dll -> Pas de fichier ShellIconOverlayIdentifiers: [###MegaShellExtSynced] -> {05B38830-F4E9-4329-978B-1DD28605D202} => C:\ProgramData\MEGAsync\ShellExtX64.dll -> Pas de fichier ShellIconOverlayIdentifiers: [###MegaShellExtSyncing] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => C:\ProgramData\MEGAsync\ShellExtX64.dll -> Pas de fichier ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2017-06-15] (AVAST Software) ShellIconOverlayIdentifiers: [AutoCAD Digital Signatures Icon Overlay Handler] -> {36A21736-36C2-4C11-8ACB-D4136F2B57BD} => C:\Windows\system32\AcSignIcon.dll [2014-02-07] (Autodesk, Inc.) ShellIconOverlayIdentifiers-x32: [ SkyDrive1] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => -> Pas de fichier ShellIconOverlayIdentifiers-x32: [ SkyDrive2] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => -> Pas de fichier ShellIconOverlayIdentifiers-x32: [ SkyDrive3] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => -> Pas de fichier ShellIconOverlayIdentifiers-x32: [###MegaShellExtPending] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => C:\ProgramData\MEGAsync\ShellExtX32.dll -> Pas de fichier ShellIconOverlayIdentifiers-x32: [###MegaShellExtSynced] -> {05B38830-F4E9-4329-978B-1DD28605D202} => C:\ProgramData\MEGAsync\ShellExtX32.dll -> Pas de fichier ShellIconOverlayIdentifiers-x32: [###MegaShellExtSyncing] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => C:\ProgramData\MEGAsync\ShellExtX32.dll -> Pas de fichier Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\ActivSDK Flash Extension.lnk [2016-07-14] ShortcutTarget: ActivSDK Flash Extension.lnk -> C:\Windows\Installer\{37A1709B-2DF7-4A97-9E79-BC3F0A048FB5}\NewShortcut1_08A9BB67B3284FEA9EC29BCD3F863A4A.exe (Flexera Software, Inc.) Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk [2017-05-29] ShortcutTarget: McAfee Security Scan Plus.lnk -> C:\Program Files\McAfee Security Scan\3.11.569\SSScheduler.exe (McAfee, Inc.) GroupPolicy: Restriction - Chrome <======= ATTENTION CHR HKLM\SOFTWARE\Policies\Google: Restriction <======= ATTENTION ==================== Internet (Avec liste blanche) ==================== (Si un élément est inclus dans le fichier fixlist.txt, s'il s'agit d'un élément du Registre, il sera supprimé ou restauré à la valeur par défaut.) Hosts: Il y a plus d'un élément dans hosts. Voir la section Hosts de Addition.txt Tcpip\Parameters: [DhcpNameServer] 192.168.1.1 Tcpip\..\Interfaces\{1A06FAC2-2C69-4AA2-BA6C-14B17565414F}: [DhcpNameServer] 192.168.1.1 Tcpip\..\Interfaces\{79FA2DC0-34E8-404B-B1F3-3FEAC72F101B}: [DhcpNameServer] 192.168.1.1 Tcpip\..\Interfaces\{FA811D99-4AA7-4F6F-896A-3262A18707A7}: [DhcpNameServer] 192.168.1.1 Internet Explorer: ================== HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.com HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = www.google.com HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = www.google.com HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = www.google.com HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.com HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.com HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = www.google.com HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = www.google.com HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/?LinkID=617910&ResetID=131211919543304057&GUID=CBACE0FB-AA0B-47C4-95CD-943712FD130F SearchScopes: HKLM -> DefaultScope {425ED333-6083-428a-92C9-0CFC28B9D1BF} URL = SearchScopes: HKLM -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = SearchScopes: HKLM-x32 -> DefaultScope {425ED333-6083-428a-92C9-0CFC28B9D1BF} URL = SearchScopes: HKLM-x32 -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = SearchScopes: HKU\S-1-5-21-623354990-389639077-3624291495-1001 -> {2023ECEC-E06A-4372-A1C7-0B49F9E0FFF0} URL = SearchScopes: HKU\S-1-5-21-623354990-389639077-3624291495-1001 -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = SearchScopes: HKU\S-1-5-21-623354990-389639077-3624291495-1001 -> {D17577CA-F151-4596-8CFC-CD2D79964696} URL = SearchScopes: HKU\S-1-5-21-623354990-389639077-3624291495-1001 -> {E733165D-CBCF-4FDA-883E-ADEF965B476C} URL = BHO: McAfee WebAdvisor BHO -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> c:\PROGRA~2\mcafee\SITEAD~1\x64\mcieplg.dll => Pas de fichier BHO-x32: Yahoo! Toolbar Helper -> {02478D38-C3F9-4EFB-9B51-7695ECA05670} -> C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn\yt.dll => Pas de fichier BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_65\bin\ssv.dll [2017-05-28] (Oracle Corporation) BHO-x32: McAfee WebAdvisor BHO -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll => Pas de fichier BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_65\bin\jp2ssv.dll [2017-05-28] (Oracle Corporation) Toolbar: HKLM-x32 - Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn\yt.dll Pas de fichier Handler: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll Pas de fichier Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll Pas de fichier Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll Pas de fichier Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files\mcafee\msc\McSnIePl64.dll [2015-08-21] (McAfee, Inc.) Filter-x32: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files (x86)\McAfee\msc\McSnIePl.dll [2015-08-21] (McAfee, Inc.) FireFox: ======== FF ProfilePath: C:\Users\ASMAA\AppData\Roaming\Mozilla\Firefox\Profiles\g63vyix0.default [2017-01-04] FF user.js: detected! => C:\Users\ASMAA\AppData\Roaming\Mozilla\Firefox\Profiles\g63vyix0.default\user.js [2017-01-04] FF NewTab: Mozilla\Firefox\Profiles\g63vyix0.default -> hxxp://www.nicesearches.com?type=hp&ts=1463387038&from=87640516&uid=toshibaxmq01abf050_44g4s5vmsxx44g4s5vms&z=1724c1c38221ec65859bc14g6z4qacbc7tde2qab8o FF DefaultSearchEngine: Mozilla\Firefox\Profiles\g63vyix0.default -> luck FF SearchEngineOrder.1: Mozilla\Firefox\Profiles\g63vyix0.default -> luck FF SelectedSearchEngine: Mozilla\Firefox\Profiles\g63vyix0.default -> luck FF Homepage: Mozilla\Firefox\Profiles\g63vyix0.default -> hxxp://www.nicesearches.com?type=hp&ts=1463387038&from=87640516&uid=toshibaxmq01abf050_44g4s5vmsxx44g4s5vms&z=1724c1c38221ec65859bc14g6z4qacbc7tde2qab8o FF Extension: (xRocket Toolbar) - C:\Users\ASMAA\AppData\Roaming\Mozilla\Firefox\Profiles\g63vyix0.default\Extensions\arthurj8283@gmail.com [2017-01-04] [non signé] FF Extension: (Advanced Cookie Manager) - C:\Users\ASMAA\AppData\Roaming\Mozilla\Firefox\Profiles\g63vyix0.default\Extensions\cookiemgr@jayapal.com [2016-03-05] FF Extension: (Firefox Hotfix) - C:\Users\ASMAA\AppData\Roaming\Mozilla\Firefox\Profiles\g63vyix0.default\Extensions\firefox-hotfix@mozilla.org.xpi [2016-11-04] FF Extension: (Cookies Manager+) - C:\Users\ASMAA\AppData\Roaming\Mozilla\Firefox\Profiles\g63vyix0.default\Extensions\{bb6bc1bb-f824-4702-90cd-35e2fb24f25d} [2016-11-04] FF Extension: (Pas de nom) - C:\Program Files (x86)\McAfee\SiteAdvisor\saffplg.xpi [non trouvé(e)] FF SearchPlugin: C:\Users\ASMAA\AppData\Roaming\Mozilla\Firefox\Profiles\g63vyix0.default\searchplugins\luck.xml [2017-01-04] FF SearchPlugin: C:\Users\ASMAA\AppData\Roaming\Mozilla\Firefox\Profiles\g63vyix0.default\searchplugins\McSiteAdvisor.xml [2016-04-19] FF SearchPlugin: C:\Users\ASMAA\AppData\Roaming\Mozilla\Firefox\Profiles\g63vyix0.default\searchplugins\nice.xml [2016-06-29] FF HKLM\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files (x86)\McAfee\SiteAdvisor\saffplg.xpi => non trouvé(e) FF HKLM-x32\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files (x86)\McAfee\SiteAdvisor\saffplg.xpi => non trouvé(e) FF HKLM-x32\...\Firefox\Extensions: [arthurj8283@gmail.com] - C:\Users\ASMAA\AppData\Roaming\Mozilla\Firefox\Profiles\g63vyix0.default\extensions\arthurj8283@gmail.com FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF FF Extension: (Avast Online Security) - C:\Program Files\AVAST Software\Avast\WebRep\FF [2017-06-16] [non signé] FF HKU\S-1-5-21-623354990-389639077-3624291495-1001\...\SeaMonkey\Extensions: [mozilla_cc2@internetdownloadmanager.com] - C:\Program Files (x86)\Internet Download Manager\idmmzcc2.xpi => non trouvé(e) FF Plugin: @mcafee.com/MSC,version=10 -> c:\PROGRA~1\mcafee\msc\NPMCSN~1.DLL [2015-08-21] () FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll [Pas de fichier] FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [Pas de fichier] FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [Pas de fichier] FF Plugin-x32: @java.com/DTPlugin,version=11.65.2 -> C:\Program Files (x86)\Java\jre1.8.0_65\bin\dtplugin\npDeployJava1.dll [2017-05-28] (Oracle Corporation) FF Plugin-x32: @java.com/JavaPlugin,version=11.65.2 -> C:\Program Files (x86)\Java\jre1.8.0_65\bin\plugin2\npjp2.dll [2017-05-28] (Oracle Corporation) FF Plugin-x32: @mcafee.com/MSC,version=10 -> c:\PROGRA~2\mcafee\msc\NPMCSN~1.DLL [2015-08-21] () FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3505.0912 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [Pas de fichier] FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-04-28] (Google Inc.) FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-04-28] (Google Inc.) FF Plugin-x32: @videolan.org/vlc,version=2.2.4 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [Pas de fichier] FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll [Pas de fichier] FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2017-04-05] (Adobe Systems Inc.) FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll [Pas de fichier] Chrome: ======= CHR DefaultProfile: Default CHR HomePage: Default -> s.piesearch.com CHR StartupUrls: Default -> "hxxp://www.nicesearches.com?type=hp&ts=1463387038&from=87640516&uid=toshibaxmq01abf050_44g4s5vmsxx44g4s5vms&z=1724c1c38221ec65859bc14g6z4qacbc7tde2qab8o" CHR DefaultSearchURL: Default -> hxxp://www.nicesearches.com/search.php?type=ds&ts=1463387038&from=87640516&uid=toshibaxmq01abf050_44g4s5vmsxx44g4s5vms&z=1724c1c38221ec65859bc14g6z4qacbc7tde2qab8o&q={searchTerms} CHR DefaultSearchKeyword: Default -> nice CHR Profile: C:\Users\ASMAA\AppData\Local\Google\Chrome\User Data\Default [2017-04-19] CHR Extension: (Adobe Acrobat) - C:\Users\ASMAA\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2017-04-19] CHR Extension: (McAfee® WebAdvisor) - C:\Users\ASMAA\AppData\Local\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho [2017-04-19] CHR Extension: (ZenMate Web Firewall (Free, Plus Ad Blocker)) - C:\Users\ASMAA\AppData\Local\Google\Chrome\User Data\Default\Extensions\hphffohcfcaeoekbkfibilcmmoakhmfc [2016-11-16] CHR Extension: (Visiteurs pour Facebook) - C:\Users\ASMAA\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihjbpjahiibmjdlcgodcnmpelpmilamk [2017-02-19] CHR Extension: (F___book Post Manager) - C:\Users\ASMAA\AppData\Local\Google\Chrome\User Data\Default\Extensions\ljfidlkcmdmmibngdfikhffffdmphjae [2017-04-19] CHR Extension: (Smart Search) - C:\Users\ASMAA\AppData\Local\Google\Chrome\User Data\Default\Extensions\ljnfelhdldlokjkohcmjpogkdjgbgjpj [2016-10-19] CHR Extension: (Paiements via le Chrome Web Store) - C:\Users\ASMAA\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-04-19] CHR Extension: (MyStart New Tab) - C:\Users\ASMAA\AppData\Local\Google\Chrome\User Data\Default\Extensions\peefembmkccmkodbcpgilfjgkligpbba [2017-04-19] CHR Extension: (Chrome Media Router) - C:\Users\ASMAA\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-04-19] CHR HKLM\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] - C:\Program Files (x86)\McAfee\SiteAdvisor\McChPlg.crx CHR HKLM\...\Chrome\Extension: [ljnfelhdldlokjkohcmjpogkdjgbgjpj] - C:\Users\ASMAA\AppData\Local\Google\Chrome\User Data\Default\Extensions\ljnfelhdldlokjkohcmjpogkdjgbgjpj.crx [2015-10-01] CHR HKLM\...\Chrome\Extension: [ngpampappnmepgilojfohadhhmbhlaek] - C:\Program Files (x86)\Internet Download Manager\IDMGCExt.crx CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - hxxps://clients2.google.com/service/update2/crx CHR HKLM-x32\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] - C:\Program Files (x86)\McAfee\SiteAdvisor\McChPlg.crx CHR HKLM-x32\...\Chrome\Extension: [ljnfelhdldlokjkohcmjpogkdjgbgjpj] - C:\Users\ASMAA\AppData\Local\Google\Chrome\User Data\Default\Extensions\ljnfelhdldlokjkohcmjpogkdjgbgjpj.crx [2015-10-01] CHR HKLM-x32\...\Chrome\Extension: [peefembmkccmkodbcpgilfjgkligpbba] - hxxps://clients2.google.com/service/update2/crx HKU\S-1-5-21-623354990-389639077-3624291495-1001\...\StartMenuInternet\ChromeHTML: -> C:\Program Files (x86)\Legpat\Application\chrome.exe <==== ATTENTION Opera: ======= OPR Extension: (Adblock Plus) - C:\Users\ASMAA\AppData\Roaming\Opera Software\Opera Stable\Extensions\oidhhegpmlfpoeialbgcdocjalghfpkp [2017-05-07] ==================== Services (Avec liste blanche) ==================== (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.) S2 ActivControl; C:\Program Files\Activ Software\ActivDriver\ActivControlsvc.exe [21864 2015-03-04] (Promethean) S2 AdAppMgrSvc; C:\Program Files (x86)\Common Files\Autodesk Shared\AppManager\R1\AdAppMgrSvc.exe [1145928 2016-02-24] (Autodesk Inc.) S2 AdobeUpdateService; C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe [744640 2016-10-25] (Adobe Systems Incorporated) S2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [2246256 2017-05-18] (Adobe Systems, Incorporated) S2 ASUS InstantOn; C:\Program Files\ASUS\P4G\InsOnSrv.exe [277120 2013-08-30] (ASUS) S2 Asus WebStorage Windows Service; C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.18.159\AsusWSWinService.exe [72192 2012-12-19] () [Fichier non signé] S2 AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [318592 2013-11-29] (Windows (R) Win 7 DDK provider) [Fichier non signé] S4 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2017-06-15] (AVAST Software) S2 DigitalWave.Update.Service; C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\app_updater.exe [437224 2016-10-27] (Digital Wave Ltd.) S2 HomeNetSvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [368048 2015-07-21] (McAfee, Inc.) S2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [129856 2012-06-27] (Intel Corporation) S2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [166720 2012-06-25] (Intel Corporation) S2 ManyCam Service; C:\ProgramData\ManyCam\Service\service.exe [77528 2015-12-15] (Visicom Media Inc.) S2 McAfee SiteAdvisor Service; C:\Program Files (x86)\McAfee\SiteAdvisor\McSACore.exe [188352 2017-02-06] (McAfee, Inc.) S2 McAPExe; C:\Program Files\McAfee\MSC\McAPExe.exe [782608 2015-08-21] (McAfee, Inc.) S3 McAWFwk; C:\Program Files\Common Files\mcafee\ActWiz\McAWFwk.exe [334760 2012-12-21] (McAfee, Inc.) S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.11.569\McCHSvc.exe [404376 2017-05-25] (McAfee, Inc.) S2 mccspsvc; C:\Program Files\Common Files\McAfee\CSP\1.6.1008.0\McCSPServiceHost.exe [1694152 2015-07-23] (McAfee, Inc.) S4 McOobeSv2; C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe [368048 2015-07-21] (McAfee, Inc.) R2 mcpltsvc; C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe [368048 2015-07-21] (McAfee, Inc.) S2 McProxy; C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe [368048 2015-07-21] (McAfee, Inc.) S3 mfefire; C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe [232656 2015-06-29] (McAfee, Inc.) R2 mfemms; C:\Program Files\Common Files\McAfee\SystemCore\\mfemms.exe [373704 2015-07-06] (McAfee, Inc.) R2 mfevtp; C:\windows\system32\mfevtps.exe [254792 2015-06-29] (McAfee, Inc.) S2 Update service; C:\Program Files (x86)\Popcorn Time\Updater.exe [339968 2015-07-17] (Popcorn Time) [Fichier non signé] S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [361824 2017-01-12] (Microsoft Corporation) R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [119872 2017-01-12] (Microsoft Corporation) S2 ZAtheros Bt and Wlan Coex Agent; C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe [323584 2013-11-29] (Atheros) [Fichier non signé] S3 Adobe LM Service; "C:\Program Files (x86)\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe" [X] S2 ASLDRService; C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe [X] S2 ATKGFNEXSrv; C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe [X] S3 GamesAppService; "C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe" [X] S2 kss; "C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Scan\kss.exe" -r [X] S3 MozillaMaintenance; "C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe" [X] S3 Steam Client Service; "C:\Program Files (x86)\Common Files\Steam\SteamService.exe" /RunAsService [X] S2 WSModules; C:\Program Files (x86)\crxbro Browser\crxbro\bin\browserServer.exe [X] ===================== Pilotes (Avec liste blanche) ====================== (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.) S3 ACTIVhidmini; C:\Windows\System32\drivers\ACTIVhidmini.sys [102384 2012-10-30] (Promethean Technologies Ltd) S2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29208 2017-06-15] () S2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [83280 2017-06-15] (AVAST Software) R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93568 2017-06-15] (AVAST Software) S0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2017-06-15] () S1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1050432 2017-06-15] (AVAST Software) S1 aswSP; C:\Windows\system32\drivers\aswSP.sys [436624 2017-06-15] (AVAST Software) S2 aswStm; C:\Windows\system32\drivers\aswStm.sys [116728 2017-06-15] (AVAST Software) S0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [267632 2017-06-15] () R3 ATP; C:\Windows\System32\drivers\AsusTP.sys [70928 2013-12-12] (ASUS Corporation) S3 BTATH_LWFLT; C:\Windows\system32\DRIVERS\btath_lwflt.sys [77464 2013-11-29] (Qualcomm Atheros) S3 cfwids; C:\Windows\System32\drivers\cfwids.sys [77536 2015-07-02] (McAfee, Inc.) S3 dg_ssudbus; C:\Windows\system32\DRIVERS\ssudbus.sys [131712 2016-09-05] (Samsung Electronics Co., Ltd.) R3 kbfiltr; C:\Windows\System32\drivers\kbfiltr.sys [14992 2012-08-02] ( ) S3 ManyCam; C:\Windows\system32\DRIVERS\mcvidrv.sys [49272 2014-12-29] (Visicom Media Inc.) S3 mcaudrv_simple; C:\Windows\system32\drivers\mcaudrv_x64.sys [35960 2014-12-29] (Visicom Media Inc.) R3 mfeaack; C:\Windows\System32\drivers\mfeaack.sys [412440 2015-07-02] (McAfee, Inc.) S3 mfeavfk; C:\Windows\System32\drivers\mfeavfk.sys [347800 2015-07-02] (McAfee, Inc.) S0 mfeelamk; C:\Windows\System32\drivers\mfeelamk.sys [80920 2015-07-02] (McAfee, Inc.) R3 mfefirek; C:\Windows\System32\drivers\mfefirek.sys [496888 2015-07-02] (McAfee, Inc.) R0 mfehidk; C:\Windows\System32\drivers\mfehidk.sys [875928 2015-07-02] (McAfee, Inc.) R0 mfewfpk; C:\Windows\System32\drivers\mfewfpk.sys [344704 2015-07-02] (McAfee, Inc.) S3 prmvmouse; C:\Windows\System32\drivers\activmouse.sys [10992 2012-10-30] (Promethean Technologies Ltd) S3 RimUsb; C:\Windows\System32\Drivers\RimUsb_AMD64.sys [27520 2007-05-14] (Research In Motion Limited) S3 RtlWlanu; C:\Windows\system32\DRIVERS\rtwlanu.sys [3860224 2015-08-05] (Realtek Semiconductor Corporation ) S3 ssudmdm; C:\Windows\system32\DRIVERS\ssudmdm.sys [165504 2016-09-05] (Samsung Electronics Co., Ltd.) S0 WdBoot; C:\Windows\System32\drivers\WdBoot.sys [46600 2017-02-10] (Microsoft Corporation) S0 WdFilter; C:\Windows\System32\drivers\WdFilter.sys [274776 2017-01-12] (Microsoft Corporation) S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [117592 2017-01-12] (Microsoft Corporation) S2 ASMMAP64; \??\C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys [X] S1 ATKWMIACPIIO; \??\C:\Program Files (x86)\ASUS\ATK Package\ATK WMIACPI\atkwmiacpi64.sys [X] S3 mfesapsn; \??\C:\Program Files (x86)\McAfee\SiteAdvisor\x64\mfesapsn.sys [X] ==================== NetSvcs (Avec liste blanche) =================== (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.) ==================== Un mois - Créés - fichiers et dossiers ======== (Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.) 2017-08-17 04:31 - 2017-08-17 04:33 - 00029938 _____ C:\Users\ASMAA\Desktop\FRST.txt 2017-08-17 04:31 - 2017-08-17 04:31 - 00000000 ____D C:\FRST 2017-08-17 04:30 - 2017-08-17 04:30 - 02438656 _____ (Farbar) C:\Users\ASMAA\Desktop\FRST64.exe 2017-08-16 20:24 - 2017-04-21 23:53 - 00029376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\aspnet_counters.dll 2017-08-16 20:24 - 2017-04-21 23:50 - 00030912 _____ (Microsoft Corporation) C:\Windows\system32\aspnet_counters.dll 2017-08-16 20:23 - 2017-04-21 23:53 - 00018600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvcr100_clr0400.dll 2017-08-16 20:23 - 2017-04-21 23:50 - 00018592 _____ (Microsoft Corporation) C:\Windows\system32\msvcr100_clr0400.dll 2017-08-16 20:23 - 2017-04-11 20:27 - 00987840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvcr120_clr0400.dll 2017-08-16 20:23 - 2017-04-11 20:27 - 00485576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvcp120_clr0400.dll 2017-08-16 20:23 - 2017-03-15 20:15 - 00993632 _____ (Microsoft Corporation) C:\Windows\system32\msvcr120_clr0400.dll 2017-08-16 20:23 - 2017-03-15 20:15 - 00690008 _____ (Microsoft Corporation) C:\Windows\system32\msvcp120_clr0400.dll 2017-08-16 18:06 - 2017-06-02 14:15 - 00337408 _____ (Microsoft Corporation) C:\Windows\system32\SearchProtocolHost.exe 2017-08-16 18:06 - 2017-06-02 14:12 - 00468992 _____ (Microsoft Corporation) C:\Windows\system32\mssph.dll 2017-08-16 18:06 - 2017-06-02 14:12 - 00248832 _____ (Microsoft Corporation) C:\Windows\system32\mssphtb.dll 2017-08-16 18:06 - 2017-06-02 14:06 - 01001984 _____ (Microsoft Corporation) C:\Windows\HelpPane.exe 2017-08-16 18:06 - 2017-06-02 14:01 - 00774144 _____ (Microsoft Corporation) C:\Windows\system32\mssvp.dll 2017-08-16 18:06 - 2017-06-02 13:30 - 03635200 _____ (Microsoft Corporation) C:\Windows\system32\tquery.dll 2017-08-16 18:06 - 2017-06-02 13:03 - 00903168 _____ (Microsoft Corporation) C:\Windows\system32\SearchIndexer.exe 2017-08-16 18:06 - 2017-06-02 12:58 - 02551808 _____ (Microsoft Corporation) C:\Windows\system32\mssrch.dll 2017-08-16 18:06 - 2017-06-02 12:25 - 00272896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SearchProtocolHost.exe 2017-08-16 18:06 - 2017-06-02 12:24 - 00391680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssph.dll 2017-08-16 18:06 - 2017-06-02 12:17 - 00699392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssvp.dll 2017-08-16 18:06 - 2017-06-02 12:02 - 02751488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tquery.dll 2017-08-16 18:06 - 2017-06-02 11:43 - 01920000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssrch.dll 2017-08-16 18:06 - 2017-06-02 11:43 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SearchIndexer.exe 2017-08-16 18:06 - 2017-05-15 21:58 - 00121184 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tm.sys 2017-08-16 18:06 - 2017-05-14 22:44 - 04170240 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys 2017-08-16 18:06 - 2017-05-14 22:42 - 00107520 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tdx.sys 2017-08-16 18:06 - 2017-05-14 22:26 - 00576512 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll 2017-08-16 18:06 - 2017-05-14 22:19 - 25738752 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll 2017-08-16 18:06 - 2017-05-14 22:19 - 01364040 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll 2017-08-16 18:06 - 2017-05-14 22:10 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll 2017-08-16 18:06 - 2017-05-14 21:55 - 05975040 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll 2017-08-16 18:06 - 2017-05-14 21:32 - 07077376 _____ (Microsoft Corporation) C:\Windows\system32\glcndFilter.dll 2017-08-16 18:06 - 2017-05-14 21:31 - 01033216 _____ (Microsoft Corporation) C:\Windows\system32\inetcomm.dll 2017-08-16 18:06 - 2017-05-14 21:22 - 00499200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll 2017-08-16 18:06 - 2017-05-14 21:19 - 00806912 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll 2017-08-16 18:06 - 2017-05-14 21:11 - 20274688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll 2017-08-16 18:06 - 2017-05-14 21:10 - 00663552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll 2017-08-16 18:06 - 2017-05-14 21:04 - 00315224 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll 2017-08-16 18:06 - 2017-05-14 21:03 - 00373080 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll 2017-08-16 18:06 - 2017-05-14 20:54 - 15252992 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll 2017-08-16 18:06 - 2017-05-14 20:52 - 03240960 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll 2017-08-16 18:06 - 2017-05-14 20:48 - 05274112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\glcndFilter.dll 2017-08-16 18:06 - 2017-05-14 20:46 - 00880640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcomm.dll 2017-08-16 18:06 - 2017-05-14 20:44 - 04549120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll 2017-08-16 18:06 - 2017-05-14 20:40 - 00693248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll 2017-08-16 18:06 - 2017-05-14 20:38 - 07796736 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Data.Pdf.dll 2017-08-16 18:06 - 2017-05-14 20:37 - 01544704 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll 2017-08-16 18:06 - 2017-05-14 20:30 - 13664768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll 2017-08-16 18:06 - 2017-05-14 20:27 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll 2017-08-16 18:06 - 2017-05-14 20:16 - 05268992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Data.Pdf.dll 2017-08-16 18:06 - 2017-05-14 20:15 - 02767872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll 2017-08-16 18:06 - 2017-05-14 20:13 - 00136904 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe 2017-08-16 18:06 - 2017-05-14 20:11 - 01314816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll 2017-08-16 18:06 - 2017-05-14 20:11 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll 2017-08-16 18:06 - 2017-05-14 20:06 - 07441240 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe 2017-08-16 18:06 - 2017-05-14 20:06 - 01737600 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll 2017-08-16 18:06 - 2017-05-14 20:06 - 01502000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll 2017-08-16 18:06 - 2017-05-12 19:05 - 00035840 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll 2017-08-16 18:06 - 2017-05-12 18:16 - 01084928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll 2017-08-16 18:06 - 2017-05-12 18:13 - 01559552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll 2017-08-16 18:06 - 2017-05-12 17:51 - 00029696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe 2017-08-16 18:06 - 2017-05-12 17:50 - 00124928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll 2017-08-16 18:06 - 2017-05-12 17:48 - 00081920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll 2017-08-16 18:06 - 2017-05-12 17:47 - 00726528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll 2017-08-16 18:06 - 2017-05-12 06:10 - 00044032 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll 2017-08-16 18:06 - 2017-05-12 04:58 - 01985536 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll 2017-08-16 18:06 - 2017-05-12 04:48 - 01377792 _____ (Microsoft Corporation) C:\Windows\system32\FntCache.dll 2017-08-16 18:06 - 2017-05-12 04:18 - 03714560 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll 2017-08-16 18:06 - 2017-05-12 04:11 - 00035840 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe 2017-08-16 18:06 - 2017-05-12 04:10 - 00140288 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll 2017-08-16 18:06 - 2017-05-12 04:07 - 00409088 _____ (Microsoft Corporation) C:\Windows\system32\WUSettingsProvider.dll 2017-08-16 18:06 - 2017-05-12 04:06 - 00095744 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll 2017-08-16 18:06 - 2017-05-12 04:04 - 00897024 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll 2017-08-16 18:06 - 2017-05-12 04:00 - 02240512 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll 2017-08-16 18:06 - 2017-05-12 01:36 - 22361848 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll 2017-08-16 18:06 - 2017-05-12 01:32 - 19788672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll 2017-08-16 18:06 - 2017-05-10 20:19 - 00101720 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mountmgr.sys 2017-08-16 18:06 - 2017-05-06 18:05 - 01094656 _____ (Microsoft Corporation) C:\Windows\system32\localspl.dll 2017-08-16 18:06 - 2017-05-06 18:04 - 00865792 _____ (Microsoft Corporation) C:\Windows\system32\win32spl.dll 2017-08-16 18:06 - 2017-04-06 19:37 - 00445440 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll 2017-08-16 18:06 - 2017-04-06 19:16 - 00615936 _____ (Microsoft Corporation) C:\Windows\system32\wpd_ci.dll 2017-08-16 18:06 - 2017-04-06 18:50 - 01436672 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll 2017-08-16 18:06 - 2017-04-06 18:46 - 00434688 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll 2017-08-16 18:06 - 2017-04-06 18:46 - 00324096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certcli.dll 2017-08-16 18:06 - 2017-04-06 18:35 - 01362432 _____ (Microsoft Corporation) C:\Windows\system32\gpsvc.dll 2017-08-16 18:06 - 2017-04-06 18:15 - 00358912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll 2017-08-16 18:06 - 2017-04-06 17:44 - 00087040 _____ (Microsoft Corporation) C:\Windows\system32\wpdbusenum.dll 2017-08-16 18:06 - 2017-04-02 16:49 - 00186880 _____ (Microsoft Corporation) C:\Windows\system32\dpapisrv.dll 2017-08-16 18:06 - 2017-04-02 15:40 - 02013016 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ntfs.sys 2017-08-16 15:56 - 2017-08-17 04:16 - 00654306 _____ C:\Windows\ntbtlog.txt ==================== Un mois - Modifiés - fichiers et dossiers ======== (Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.) 2017-08-17 04:30 - 2016-11-16 18:41 - 00000000 ____D C:\Users\ASMAA\AppData\Roaming\WhatsApp 2017-08-17 04:29 - 2016-11-05 14:17 - 00000000 ____D C:\Users\ASMAA\Desktop\Asmaa 2017-08-17 04:23 - 2015-11-08 13:07 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee 2017-08-17 04:08 - 2015-08-02 12:33 - 00003924 _____ C:\Windows\System32\Tasks\User_Feed_Synchronization-{09E5C835-6385-4809-BDFE-874D585D5FAB} 2017-08-17 04:02 - 2015-08-06 13:02 - 00000000 ____D C:\Program Files (x86)\Opera 2017-08-17 03:59 - 2015-06-14 14:43 - 00000074 _____ C:\Users\ASMAA\AppData\Roaming\sp_data.sys 2017-08-17 03:58 - 2015-08-06 11:06 - 00001026 _____ C:\Windows\Tasks\Xzo0q071wvn40hG7B7lV0.job 2017-08-17 03:57 - 2013-08-22 16:45 - 00000006 ____H C:\Windows\Tasks\SA.DAT 2017-08-16 22:04 - 2014-11-21 02:18 - 00068410 _____ C:\Windows\system32\perfh00C.dat 2017-08-16 22:04 - 2014-11-21 02:18 - 00018046 _____ C:\Windows\system32\perfc00C.dat 2017-08-16 22:03 - 2013-08-22 16:44 - 00606896 _____ C:\Windows\system32\FNTCACHE.DAT 2017-08-16 21:59 - 2013-08-22 15:36 - 00000000 ____D C:\Windows\Inf 2017-08-16 21:51 - 2013-08-22 17:36 - 00000000 ___RD C:\Windows\ToastData 2017-08-16 20:33 - 2012-07-26 09:59 - 00000000 ____D C:\Windows\CbsTemp 2017-08-16 17:31 - 2015-06-14 14:52 - 00003596 _____ C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-623354990-389639077-3624291495-1001 2017-08-16 16:59 - 2013-08-22 17:36 - 00000000 ____D C:\Windows\AppReadiness 2017-08-16 16:56 - 2017-05-27 23:56 - 00432128 ___SH C:\Users\ASMAA\Desktop\Thumbs.db 2017-08-16 16:46 - 2015-06-14 22:29 - 00000000 ____D C:\Users\ASMAA\AppData\Local\CrashDumps 2017-08-16 16:21 - 2013-08-22 15:25 - 00524288 ___SH C:\Windows\system32\config\BBI 2017-08-16 16:17 - 2017-06-02 21:57 - 00000000 ____D C:\Users\ASMAA\Desktop\note 4 2017-08-16 16:05 - 2016-11-05 14:19 - 00000000 ____D C:\Users\ASMAA\Desktop\Zak ==================== Fichiers à la racine de certains dossiers ======= 2015-11-27 13:27 - 2016-06-07 20:33 - 0000117 _____ () C:\Users\ASMAA\AppData\Roaming\D2Info0 2015-11-27 13:27 - 2016-06-07 19:52 - 0000008 _____ () C:\Users\ASMAA\AppData\Roaming\DofusAppId0_1 2015-11-27 18:19 - 2016-06-07 21:18 - 0000008 _____ () C:\Users\ASMAA\AppData\Roaming\DofusAppId0_2 2015-11-27 18:19 - 2016-03-16 18:20 - 0000008 _____ () C:\Users\ASMAA\AppData\Roaming\DofusAppId0_3 2016-01-11 13:28 - 2016-02-19 04:53 - 0000008 _____ () C:\Users\ASMAA\AppData\Roaming\DofusAppId0_4 2015-06-14 14:43 - 2017-08-17 03:59 - 0000074 _____ () C:\Users\ASMAA\AppData\Roaming\sp_data.sys 2015-04-19 14:20 - 2016-03-22 16:21 - 0000554 _____ () C:\Users\ASMAA\AppData\Roaming\Xzo0q071wvn40hG7B7lV0 2015-09-20 00:53 - 2015-10-23 01:19 - 0000000 _____ () C:\Users\ASMAA\AppData\Local\package.nw.new 2016-07-31 20:49 - 2016-07-31 20:49 - 0000000 _____ () C:\Users\ASMAA\AppData\Local\{5D33A0E6-3714-48F6-8BE3-E69CA07F887A} 2015-07-14 11:49 - 2015-07-14 11:49 - 0000000 ____H () C:\ProgramData\DP45977C.lfl 2016-10-19 10:43 - 2016-10-19 10:43 - 0000153 _____ () C:\ProgramData\Microsoft.SqlServer.Compact.351.32.bc 2016-10-14 18:46 - 2016-10-14 18:46 - 0000016 _____ () C:\ProgramData\mntemp 2016-10-14 18:46 - 2016-10-14 18:46 - 0004929 _____ () C:\ProgramData\mudtcpaz.vzs 2013-04-25 16:05 - 2012-09-07 13:40 - 0000256 _____ () C:\ProgramData\SetStretch.cmd 2013-04-25 16:05 - 2009-07-22 12:04 - 0024576 _____ () C:\ProgramData\SetStretch.exe 2013-04-25 16:05 - 2012-09-07 13:37 - 0000103 _____ () C:\ProgramData\SetStretch.VBS 2015-10-13 05:05 - 2015-10-27 04:30 - 0000098 _____ () C:\ProgramData\{262E20B8-6E20-4CEF-B1FD-D022AB1085F5}.dat Fichiers à déplacer ou supprimer: ==================== C:\ProgramData\{262E20B8-6E20-4CEF-B1FD-D022AB1085F5}.dat Certains fichiers dans TEMP: ==================== 2016-11-14 22:24 - 2016-11-14 22:24 - 0344984 _____ (Adobe Systems Incorporated) C:\Users\ASMAA\AppData\Local\Temp\AAMHelper.exe 2016-11-21 18:47 - 2013-11-25 17:43 - 0060296 _____ (Autodesk, Inc.) C:\Users\ASMAA\AppData\Local\Temp\AcDeltree.exe 2016-11-14 21:50 - 2013-03-21 06:25 - 2101632 _____ (Adobe Systems Incorporated) C:\Users\ASMAA\AppData\Local\Temp\AdobeApplicationManager.exe 2015-08-03 23:37 - 2013-04-17 18:01 - 37025440 ____R (Research In Motion Ltd. ) C:\Users\ASMAA\AppData\Local\Temp\BlackBerryDeviceManager.exe 2015-08-03 23:37 - 2013-04-17 18:01 - 2038440 ____R () C:\Users\ASMAA\AppData\Local\Temp\BlackBerryLauncher.exe 2016-03-30 20:19 - 2006-10-28 03:58 - 0145184 ____R (Microsoft Corporation) C:\Users\ASMAA\AppData\Local\Temp\ose00000.exe 2017-02-25 17:36 - 2006-01-12 14:51 - 3051520 _____ (Nero AG) C:\Users\ASMAA\AppData\Local\Temp\UNNERO.exe ==================== Bamital & volsnap ====================== (Il n'y a pas de correction automatique pour les fichiers qui ne satisfont pas à la vérification.) C:\Windows\system32\winlogon.exe => Le fichier est signé numériquement C:\Windows\system32\wininit.exe => Le fichier est signé numériquement C:\Windows\explorer.exe => Le fichier est signé numériquement C:\Windows\SysWOW64\explorer.exe => Le fichier est signé numériquement C:\Windows\system32\svchost.exe => Le fichier est signé numériquement C:\Windows\SysWOW64\svchost.exe => Le fichier est signé numériquement C:\Windows\system32\services.exe => Le fichier est signé numériquement C:\Windows\system32\User32.dll => Le fichier est signé numériquement C:\Windows\SysWOW64\User32.dll => Le fichier est signé numériquement C:\Windows\system32\userinit.exe => Le fichier est signé numériquement C:\Windows\SysWOW64\userinit.exe => Le fichier est signé numériquement C:\Windows\system32\rpcss.dll => Le fichier est signé numériquement C:\Windows\system32\dnsapi.dll => Le fichier est signé numériquement C:\Windows\SysWOW64\dnsapi.dll => Le fichier est signé numériquement C:\Windows\system32\Drivers\volsnap.sys => Le fichier est signé numériquement LastRegBack: 2017-06-15 22:17 ==================== Fin de FRST.txt ============================