Résultats d'analyse de Farbar Recovery Scan Tool (FRST) (x64) Version: 06-08-2017 Exécuté par asus pc (administrateur) sur ASUS (08-08-2017 18:16:16) Exécuté depuis C:\Users\asus pc\Desktop Profils chargés: asus pc (Profils disponibles: asus pc) Platform: Windows 8.1 (Update) (X64) Langue: Français (France) Internet Explorer Version 11 (Navigateur par défaut: IE) Mode d'amorçage: Normal Tutoriel pour Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processus (Avec liste blanche) ================= (Si un élément est inclus dans le fichier fixlist.txt, le processus sera arrêté. Le fichier ne sera pas déplacé.) (ASUS Cloud Corporation) C:\Program Files (x86)\ASUS\WebStorage\2.1.11.399\AsusWSWinService.exe (Cambridge Silicon Radio Limited) C:\Program Files\CSR\CSR Harmony Wireless Software Stack\BtSwitcherService.exe (Cambridge Silicon Radio Limited) C:\Program Files\CSR\CSR Harmony Wireless Software Stack\CsrBtService.exe (Intel(R) Corporation) C:\Program Files\Intel\TXE Components\TCS\HeciServer.exe (PointGrab LTD) C:\Program Files (x86)\PointGrab\Hand Gesture Control\PGService.exe (Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe (Cambridge Silicon Radio Limited) C:\Program Files\CSR\CSR Harmony Wireless Software Stack\CsrBtAudioService.exe (Microsoft Corporation) C:\Program Files\Windows Defender\NisSrv.exe (MAGIX AG) C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe (WildTangent) C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe (Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe (ASUSTek Computer Inc.) C:\Program Files (x86)\InstallShield Installation Information\{9AF45D7C-34F1-4BA0-B799-825C8C04494C}\AiChargerDT.exe (ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\ASUS Manager\SyncUp\Server\SyncUp Server.exe () C:\Program Files (x86)\ASUS\ASUS Manager\PC Cleanup\SecureDeleteBackground.exe (ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\ASUS Key Suite\AsKeySuite.exe (ASUSTeK) C:\Program Files (x86)\ASUS\ASUS Manager\Power Manager\Power Manager_background.exe (ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\ASUS Manager\AsHKService.exe (ASUSTeK) C:\Program Files (x86)\ASUS\ASUS Manager\Ai Charger II\Ai_ChargerII_TrayIcon(ASUS_Manager).exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe (Intel Corporation) C:\Windows\System32\igfxsrvc.exe (Intel Corporation) C:\Windows\System32\hkcmd.exe (Intel Corporation) C:\Windows\System32\igfxpers.exe (Cambridge Silicon Radio Limited) C:\Program Files\CSR\CSR Harmony Wireless Software Stack\CsrHCRPServer.exe (Cambridge Silicon Radio Limited) C:\Program Files\CSR\CSR Harmony Wireless Software Stack\CsrAudioguiCtrl.exe () C:\Program Files\CSR\CSR Harmony Wireless Software Stack\CsrSyncMLServer.exe (Cambridge Silicon Radio Limited) C:\Program Files\CSR\CSR Harmony Wireless Software Stack\CsrBtOBEXService.exe (Cambridge Silicon Radio Limited) C:\Program Files\CSR\CSR Harmony Wireless Software Stack\vksts.exe (Cambridge Silicon Radio Limited) C:\Program Files\CSR\CSR Harmony Wireless Software Stack\HarmonyUserStartup.exe (Cambridge Silicon Radio Limited) C:\Program Files (x86)\CSR\CSR Harmony Wireless Software Stack\CSRHarmonySkypePlugin.exe (Cambridge Silicon Radio Limited) C:\Program Files\CSR\CSR Harmony Wireless Software Stack\TrayApplication.exe (Microsoft Corporation) C:\Program Files\Windows Defender\MpCmdRun.exe (Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe (VideoLAN) C:\Program Files (x86)\VideoLAN\VLC\vlc.exe ==================== Registre (Avec liste blanche) ==================== (Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé. Le fichier ne sera pas déplacé.) HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [7659736 2014-11-26] (RealtekSemiconductor) HKLM\...\Run: [CsrHCRPServer] => C:\Program Files\CSR\CSR Harmony Wireless Software Stack\CsrHCRPServer.exe [1134288 2012-03-22] (CambridgeSiliconRadioLimited) HKLM\...\Run: [CsrAudioguiCtrl] => C:\Program Files\CSR\CSR Harmony Wireless Software Stack\CsrAudioguiCtrl.exe [511696 2012-03-22] (CambridgeSiliconRadioLimited) HKLM\...\Run: [CsrSyncMLServer] => C:\Program Files\CSR\CSR Harmony Wireless Software Stack\CsrSyncMLServer.exe [244944 2012-03-22] () HKLM\...\Run: [vksts] => C:\Program Files\CSR\CSR Harmony Wireless Software Stack\vksts.exe [25792 2012-03-22] (CambridgeSiliconRadioLimited) HKLM\...\Run: [HarmonyUserStartup] => C:\Program Files\CSR\CSR Harmony Wireless Software Stack\HarmonyUserStartup.exe [39128 2012-03-22] (CambridgeSiliconRadioLimited) HKLM\...\Run: [CSRHarmonySkypePlugin] => C:\Program Files (x86)\CSR\CSR Harmony Wireless Software Stack\CSRHarmonySkypePlugin.exe [146656 2012-03-22] (CambridgeSiliconRadioLimited) HKLM\...\Run: [TrayApplication] => C:\Program Files\CSR\CSR Harmony Wireless Software Stack\TrayApplication.exe [529616 2012-03-22] (CambridgeSiliconRadioLimited) HKLM\...\Run: [WindowsDefender] => "%ProgramFiles%\Windows Defender\MSASCuiL.exe" HKLM-x32\...\Run: [ASUSPRP] => C:\Program Files (x86)\ASUS\APRP\APRP.EXE [3216032 2015-02-27] (ASUSTekComputerInc.) HKLM-x32\...\Run: [WebStorage] => C:\Program Files (x86)\ASUS\WebStorage\2.1.11.399\ASUSWSLoader.exe [63296 2014-08-20] () Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation) HKU\S-1-5-21-2924303899-3138398312-1967464413-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [8591272 2015-11-16] (PiriformLtd) HKU\S-1-5-18\...\Run: [GarminExpressTrayApp] => "C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe" ==================== Internet (Avec liste blanche) ==================== (Si un élément est inclus dans le fichier fixlist.txt, s'il s'agit d'un élément du Registre, il sera supprimé ou restauré à la valeur par défaut.) Tcpip\Parameters: [DhcpNameServer] 5.254.133.64 80.67.14.78 Tcpip\..\Interfaces\{7E0882CD-887C-4464-BE49-F23223E228A1}: [NameServer] 212.27.40.241,212.27.40.240 Tcpip\..\Interfaces\{D03BAB8C-229C-44B9-AAB6-13EBFF61F45F}: [DhcpNameServer] 5.254.133.64 80.67.14.78 Internet Explorer: ================== HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank HKU\S-1-5-21-2924303899-3138398312-1967464413-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://www.google.fr/?gws_rd=ssl HKU\S-1-5-21-2924303899-3138398312-1967464413-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://asus13.msn.com/?pc=ASJB SearchScopes: HKU\S-1-5-21-2924303899-3138398312-1967464413-1001 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\S-1-5-21-2924303899-3138398312-1967464413-1001 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = Handler: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - Pas de fichier Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - Pas de fichier Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll [2014-05-02] (SkypeTechnologies) Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - Pas de fichier FireFox: ======== FF ProfilePath: C:\Users\asus pc\AppData\Roaming\Oxylane\ONconnect\Profiles\vbpuf8jy.default [2016-03-12] FF HKLM\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files (x86)\McAfee\SiteAdvisor\saffplg.xpi => non trouvé(e) FF HKLM-x32\...\Firefox\Extensions: [PointGrab@PointGrab.com] - C:\Program Files (x86)\PointGrab\Hand Gesture Control\PointGrab.xpi FF Extension: (PointGrab) - C:\Program Files (x86)\PointGrab\Hand Gesture Control\PointGrab.xpi [2014-04-23] [non signé] FF HKLM-x32\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files (x86)\McAfee\SiteAdvisor\saffplg.xpi => non trouvé(e) FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/pdf -> C:\Program Files (x86)\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [2013-12-18] () FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.fdf -> C:\Program Files (x86)\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [2013-12-18] () FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-04-01] (Microsoft Corporation) FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll [2016-04-01] () Chrome: ======= CHR HKLM\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] - C:\Program Files (x86)\McAfee\SiteAdvisor\McChPlg.crx CHR HKLM-x32\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] - C:\Program Files (x86)\McAfee\SiteAdvisor\McChPlg.crx ==================== Services (Avec liste blanche) ==================== (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.) R2 Asus WebStorage Windows Service; C:\Program Files (x86)\ASUS\WebStorage\2.1.11.399\AsusWSWinService.exe [71168 2014-08-20] (ASUSCloudCorporation) [Fichier non signé] R2 BtSwitcherService; C:\Program Files\CSR\CSR Harmony Wireless Software Stack\BtSwitcherService.exe [64216 2012-03-22] (CambridgeSiliconRadioLimited) R2 CSRBtAudioService; C:\Program Files\CSR\CSR Harmony Wireless Software Stack\CsrBtAudioService.exe [465624 2012-03-22] (CambridgeSiliconRadioLimited) R2 CsrBtOBEXService; C:\Program Files\CSR\CSR Harmony Wireless Software Stack\CsrBtOBEXService.exe [1041616 2012-03-22] (CambridgeSiliconRadioLimited) R2 CsrBtService; C:\Program Files\CSR\CSR Harmony Wireless Software Stack\CsrBtService.exe [825032 2012-03-22] (CambridgeSiliconRadioLimited) R2 Fabs; C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe [1858048 2012-01-24] (MAGIXAG) [Fichier non signé] S3 FirebirdServerMAGIXInstance; C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\fbserver.exe [2702848 2011-04-26] (MAGIX®) [Fichier non signé] R2 GamesAppIntegrationService; C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe [350064 2016-04-01] (WildTangent) S2 HomeNetSvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [340744 2015-04-02] (McAfee,Inc.) R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\TXE Components\TCS\HeciServer.exe [733696 2013-07-02] (Intel(R)Corporation) [Fichier non signé] S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\TXE Components\TCS\SocketHeciServer.exe [822232 2013-07-02] (Intel(R)Corporation) S2 McAPExe; C:\Program Files\McAfee\MSC\McAPExe.exe [753768 2015-04-07] (McAfee,Inc.) S3 McAWFwk; c:\Program Files\Common Files\McAfee\ActWiz\McAWFwk.exe [332528 2014-03-13] (McAfee,Inc.) S2 mccspsvc; C:\Program Files\Common Files\McAfee\CSP\1.5.495.0\McCSPServiceHost.exe [207344 2015-06-04] (McAfee,Inc.) S4 McNaiAnn; C:\Program Files\Common Files\McAfee\platform\McSvcHost\McSvHost.exe [340744 2015-04-02] (McAfee,Inc.) S3 McODS; C:\Program Files\mcafee\VirusScan\mcods.exe [612688 2015-04-09] (McAfee,Inc.) S2 McProxy; C:\Program Files\Common Files\McAfee\platform\McSvcHost\McSvHost.exe [340744 2015-04-02] (McAfee,Inc.) S2 MSK80Service; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [340744 2015-04-02] (McAfee,Inc.) S3 OpenVPNService; C:\Program Files (x86)\OpenVPN\bin\openvpnserv.exe [32384 2016-05-10] (TheOpenVPNProject) R2 PGService; C:\Program Files (x86)\PointGrab\Hand Gesture Control\PGService.exe [64776 2014-04-23] (PointGrabLTD) S3 PrintNotify; C:\Windows\system32\spool\drivers\x64\3\PrintConfig.dll [2988544 2015-09-08] (MicrosoftCorporation) [Fichier non signé] S3 VPNTunnel; C:\Program Files (x86)\VPNTunnel\vpn.service.exe [12504 2016-06-01] () R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [361824 2017-01-12] (MicrosoftCorporation) R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [119872 2017-01-12] (MicrosoftCorporation) ===================== Pilotes (Avec liste blanche) ====================== (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.) R3 AiChargerDT; C:\Windows\SysWow64\drivers\AiChargerDT.sys [14880 2012-10-18] (ASUSTekComputerInc.) S3 AmUStor; C:\Windows\system32\drivers\AmUStor.SYS [98984 2016-08-16] (AlcorMicro,Corp.) R1 AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [15232 2012-08-22] () R0 assdv2; C:\Windows\System32\Drivers\assdv2.sys [21816 2013-12-05] () R1 AsUpIO; C:\Windows\SysWow64\drivers\AsUpIO.sys [14464 2010-08-03] () R3 athr; C:\Windows\system32\DRIVERS\athwbx.sys [4226560 2014-10-17] (QualcommAtherosCommunications,Inc.) S3 csravrcp; C:\Windows\System32\drivers\csravrcp.sys [26304 2012-03-22] (CambridgeSiliconRadioLimited) S3 CsrBtPort; C:\Windows\system32\DRIVERS\CsrBtPort.sys [2784968 2012-03-22] (CambridgeSiliconRadioLimited) S3 csrpan; C:\Windows\system32\DRIVERS\csrpan.sys [39616 2012-03-22] (CambridgeSiliconRadioLimited) S3 csrserial; C:\Windows\system32\DRIVERS\csrserial.sys [61128 2012-03-22] (CambridgeSiliconRadioLimited) S3 csrusb; C:\Windows\System32\Drivers\csrusb.sys [47296 2012-03-22] (CambridgeSiliconRadioLimited) S3 csrusbfilter; C:\Windows\System32\Drivers\csrusbfilter.sys [23752 2012-03-22] (CambridgeSiliconRadioLimited) S3 csr_bthav; C:\Windows\system32\drivers\csrbthav.sys [99520 2012-03-22] (CambridgeSiliconRadioLimited) S3 dg_ssudbus; C:\Windows\system32\DRIVERS\ssudbus.sys [131984 2017-05-18] (SamsungElectronicsCo.,Ltd.) S3 HipShieldK; C:\Windows\System32\drivers\HipShieldK.sys [197704 2013-09-23] (McAfee,Inc.) R3 libusb0; C:\Windows\system32\DRIVERS\libusb0.sys [44480 2011-05-17] (hxxp://libusb-win32.sourceforge.net) S3 mfeaack; C:\Windows\System32\drivers\mfeaack.sys [401736 2015-02-17] (McAfee,Inc.) R0 mfedisk; C:\Windows\System32\DRIVERS\mfedisk.sys [101872 2015-02-17] (McAfee,Inc.) S3 mfencrk; C:\Windows\System32\DRIVERS\mfencrk.sys [100720 2015-01-16] (McAfee,Inc.) R1 MpKsl901a7103; C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{3B217D0D-E9E0-44D8-A324-51BC96108C4B}\MpKsl901a7103.sys [44928 2017-08-08] (MicrosoftCorporation) S3 ssudmdm; C:\Windows\system32\DRIVERS\ssudmdm.sys [166288 2017-05-18] (SamsungElectronicsCo.,Ltd.) R3 TXEIx64; C:\Windows\System32\drivers\TXEIx64.sys [88592 2014-01-16] (IntelCorporation) S0 viaide; C:\Windows\System32\drivers\viaide.sys [19808 2013-08-22] (VIATechnologies,Inc.) S0 vsmraid; C:\Windows\System32\drivers\vsmraid.sys [168800 2013-08-22] (VIATechnologiesInc.,Ltd) S0 WdBoot; C:\Windows\System32\drivers\WdBoot.sys [46600 2017-02-10] (MicrosoftCorporation) R0 WdFilter; C:\Windows\System32\drivers\WdFilter.sys [274776 2017-01-12] (MicrosoftCorporation) R3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [117592 2017-01-12] (MicrosoftCorporation) ==================== NetSvcs (Avec liste blanche) =================== (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.) ==================== Un mois - Créés - fichiers et dossiers ======== (Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.) 2017-08-08 18:16 - 2017-08-08 18:17 - 000015681 _____ C:\Users\asus pc\Desktop\FRST.txt 2017-08-08 18:16 - 2017-08-08 18:16 - 000000000 ____D C:\FRST 2017-08-08 18:15 - 2017-08-08 18:15 - 002381312 _____ (Farbar) C:\Users\asus pc\Desktop\FRST64.exe 2017-08-08 15:37 - 2017-08-08 15:37 - 006263976 _____ ( ) C:\Users\asus pc\Downloads\adblockplusie-1.6.exe 2017-08-02 18:02 - 2017-08-02 18:03 - 000000000 ____D C:\Users\asus pc\AppData\Local\ZHP 2017-08-02 18:02 - 2017-08-02 18:02 - 000000872 _____ C:\Users\asus pc\Desktop\ZHPDiag.lnk 2017-08-02 18:02 - 2017-08-02 18:02 - 000000210 _____ C:\Users\asus 2017-08-02 18:01 - 2017-08-02 18:01 - 002804096 _____ C:\Users\asus pc\Downloads\ZHPDiag3.exe 2017-08-02 14:29 - 2017-06-05 07:00 - 001232985 _____ C:\Users\asus pc\Downloads\bp.exe 2017-08-02 14:27 - 2017-08-02 07:04 - 008185288 _____ (Malwarebytes) C:\Users\asus pc\Downloads\adwcleaner_7.0.1.0.exe 2017-08-02 14:10 - 2017-08-02 14:10 - 065033984 _____ (Malwarebytes ) C:\Users\asus pc\Downloads\mb3-setup-consumer-3.1.2.1733-1.0.160-1.0.2251.exe 2017-08-02 12:47 - 2017-08-02 12:47 - 000429296 _____ C:\Windows\system32\FNTCACHE.DAT 2017-08-02 09:26 - 2017-08-02 09:26 - 000115216 _____ C:\Users\asus pc\AppData\Local\GDIPFONTCACHEV1.DAT 2017-08-02 09:20 - 2017-08-02 16:00 - 000000000 ____D C:\AdwCleaner 2017-07-12 15:16 - 2017-06-29 08:27 - 025734656 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll 2017-07-12 15:16 - 2017-06-29 07:44 - 005975552 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll 2017-07-12 15:16 - 2017-06-29 07:23 - 020270592 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll 2017-07-12 15:16 - 2017-06-29 06:52 - 004549632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll 2017-07-12 15:16 - 2017-06-22 16:22 - 004169216 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys 2017-07-12 15:16 - 2017-06-17 18:45 - 003631616 _____ (Microsoft Corporation) C:\Windows\system32\tquery.dll 2017-07-12 15:15 - 2017-07-06 10:52 - 000119296 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\bthpan.sys 2017-07-12 15:15 - 2017-06-29 08:02 - 000576512 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll 2017-07-12 15:15 - 2017-06-29 07:50 - 000817664 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll 2017-07-12 15:15 - 2017-06-29 07:23 - 000499200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll 2017-07-12 15:15 - 2017-06-29 07:17 - 001033216 _____ (Microsoft Corporation) C:\Windows\system32\inetcomm.dll 2017-07-12 15:15 - 2017-06-29 07:13 - 000663552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll 2017-07-12 15:15 - 2017-06-29 07:09 - 000806912 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll 2017-07-12 15:15 - 2017-06-29 06:58 - 015253504 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll 2017-07-12 15:15 - 2017-06-29 06:53 - 003240960 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll 2017-07-12 15:15 - 2017-06-29 06:51 - 000880640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcomm.dll 2017-07-12 15:15 - 2017-06-29 06:47 - 000693248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll 2017-07-12 15:15 - 2017-06-29 06:43 - 013663744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll 2017-07-12 15:15 - 2017-06-29 06:41 - 001545728 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll 2017-07-12 15:15 - 2017-06-29 06:29 - 000800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll 2017-07-12 15:15 - 2017-06-29 06:28 - 002767872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll 2017-07-12 15:15 - 2017-06-29 06:24 - 001314816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll 2017-07-12 15:15 - 2017-06-29 06:23 - 000710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll 2017-07-12 15:15 - 2017-06-27 16:29 - 007796736 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Data.Pdf.dll 2017-07-12 15:15 - 2017-06-27 16:29 - 007077376 _____ (Microsoft Corporation) C:\Windows\system32\glcndFilter.dll 2017-07-12 15:15 - 2017-06-27 16:26 - 005274112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\glcndFilter.dll 2017-07-12 15:15 - 2017-06-27 16:26 - 005268992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Data.Pdf.dll 2017-07-12 15:15 - 2017-06-17 18:34 - 002749952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tquery.dll 2017-07-12 15:15 - 2017-06-17 18:11 - 002551808 _____ (Microsoft Corporation) C:\Windows\system32\mssrch.dll 2017-07-12 15:15 - 2017-06-17 18:05 - 001920000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssrch.dll 2017-07-12 15:15 - 2017-06-16 00:02 - 000990040 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\http.sys 2017-07-12 15:15 - 2017-06-15 15:45 - 007440728 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe 2017-07-12 15:15 - 2017-06-15 15:45 - 001674520 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi 2017-07-12 15:15 - 2017-06-15 15:45 - 001534064 _____ (Microsoft Corporation) C:\Windows\system32\winload.exe 2017-07-12 15:15 - 2017-06-15 15:45 - 001499920 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi 2017-07-12 15:15 - 2017-06-15 15:45 - 001370320 _____ (Microsoft Corporation) C:\Windows\system32\winresume.exe 2017-07-12 15:15 - 2017-06-15 15:45 - 000086360 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\pdc.sys 2017-07-12 15:15 - 2017-06-12 02:06 - 000376672 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\clfs.sys 2017-07-12 15:15 - 2017-06-12 00:21 - 000590848 _____ (Microsoft Corporation) C:\Windows\system32\wvc.dll 2017-07-12 15:15 - 2017-06-11 23:43 - 000371200 _____ (Microsoft Corporation) C:\Windows\system32\msinfo32.exe 2017-07-12 15:15 - 2017-06-11 23:25 - 000478720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wvc.dll 2017-07-12 15:15 - 2017-06-11 23:15 - 001436672 _____ (Microsoft Corporation) C:\Windows\system32\wdc.dll 2017-07-12 15:15 - 2017-06-11 23:08 - 000358912 _____ (Microsoft Corporation) C:\Windows\system32\Wldap32.dll 2017-07-12 15:15 - 2017-06-11 23:07 - 000416256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sysmon.ocx 2017-07-12 15:15 - 2017-06-11 23:00 - 000962560 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll 2017-07-12 15:15 - 2017-06-11 22:58 - 000334336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msinfo32.exe 2017-07-12 15:15 - 2017-06-11 22:40 - 001323008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdc.dll 2017-07-12 15:15 - 2017-06-11 22:35 - 000325120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Wldap32.dll 2017-07-12 15:15 - 2017-06-11 22:31 - 000781312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll 2017-07-12 15:15 - 2017-06-11 17:15 - 002013528 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ntfs.sys 2017-07-12 15:15 - 2017-06-06 22:52 - 003120640 _____ (Microsoft Corporation) C:\Windows\system32\ExplorerFrame.dll 2017-07-12 15:15 - 2017-06-06 22:42 - 000925696 _____ (Microsoft Corporation) C:\Windows\system32\autoconv.exe 2017-07-12 15:15 - 2017-06-06 22:38 - 000039424 _____ (Microsoft Corporation) C:\Windows\system32\cnvfat.dll 2017-07-12 15:15 - 2017-06-06 22:36 - 000168448 _____ (Microsoft Corporation) C:\Windows\system32\uudf.dll 2017-07-12 15:15 - 2017-06-06 22:36 - 000020992 _____ (Microsoft Corporation) C:\Windows\system32\convert.exe 2017-07-12 15:15 - 2017-06-06 22:35 - 000517120 _____ (Microsoft Corporation) C:\Windows\system32\uReFS.dll 2017-07-12 15:15 - 2017-06-06 21:13 - 000177664 _____ (Microsoft Corporation) C:\Windows\system32\ulib.dll 2017-07-12 15:15 - 2017-06-06 21:11 - 000557568 _____ (Microsoft Corporation) C:\Windows\system32\untfs.dll 2017-07-12 15:15 - 2017-06-06 21:11 - 000220672 _____ (Microsoft Corporation) C:\Windows\system32\ifsutil.dll 2017-07-12 15:15 - 2017-06-06 21:11 - 000131072 _____ (Microsoft Corporation) C:\Windows\system32\ufat.dll 2017-07-12 15:15 - 2017-06-06 21:11 - 000088064 _____ (Microsoft Corporation) C:\Windows\system32\uexfat.dll 2017-07-12 15:15 - 2017-06-06 21:08 - 002712576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ExplorerFrame.dll 2017-07-12 15:15 - 2017-06-06 21:03 - 000837632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\autoconv.exe 2017-07-12 15:15 - 2017-06-06 20:59 - 000034816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cnvfat.dll 2017-07-12 15:15 - 2017-06-06 20:57 - 000141824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\uudf.dll 2017-07-12 15:15 - 2017-06-06 20:56 - 000375296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\uReFS.dll 2017-07-12 15:15 - 2017-06-06 20:03 - 000143360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ulib.dll 2017-07-12 15:15 - 2017-06-06 20:02 - 000513536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\untfs.dll 2017-07-12 15:15 - 2017-06-06 20:02 - 000197120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ifsutil.dll 2017-07-12 15:15 - 2017-06-06 20:02 - 000106496 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ufat.dll 2017-07-12 15:15 - 2017-06-06 20:02 - 000074240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\uexfat.dll 2017-07-12 15:15 - 2017-06-03 18:27 - 002346496 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll 2017-07-12 15:15 - 2017-06-03 18:03 - 001549312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll 2017-07-12 15:15 - 2017-05-31 23:20 - 000470360 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netio.sys 2017-07-12 15:15 - 2017-05-16 00:09 - 000057688 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\stornvme.sys 2017-07-12 15:15 - 2017-05-15 22:03 - 000379744 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\storport.sys 2017-07-12 15:15 - 2017-05-09 16:37 - 000658432 _____ (Microsoft Corporation) C:\Windows\system32\WSDApi.dll 2017-07-12 15:15 - 2017-05-09 16:35 - 000555520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSDApi.dll 2017-07-12 15:15 - 2017-05-09 16:29 - 000025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wsdchngr.dll 2017-07-12 15:15 - 2017-05-09 16:29 - 000014848 _____ (Microsoft Corporation) C:\Windows\system32\snmptrap.exe 2017-07-12 15:15 - 2017-05-09 16:28 - 000193024 _____ (Microsoft Corporation) C:\Windows\system32\DAFWSD.dll 2017-07-12 15:15 - 2017-05-09 16:28 - 000030208 _____ (Microsoft Corporation) C:\Windows\system32\wsdchngr.dll 2017-07-12 15:15 - 2017-05-09 16:12 - 000448576 _____ C:\Windows\system32\ApnDatabase.xml 2017-07-12 15:15 - 2017-05-06 18:45 - 001114624 _____ (Microsoft Corporation) C:\Windows\system32\termsrv.dll 2017-07-12 15:15 - 2017-05-06 18:41 - 000056832 _____ (Microsoft Corporation) C:\Windows\system32\rdsdwmdr.dll 2017-07-12 15:15 - 2017-05-02 22:09 - 000686592 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv2.sys 2017-07-12 15:15 - 2017-05-02 22:08 - 000415744 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv.sys 2017-07-12 15:15 - 2017-05-02 22:08 - 000243200 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srvnet.sys 2017-07-12 15:15 - 2017-05-02 20:41 - 000044032 _____ (Microsoft Corporation) C:\Windows\system32\sscore.dll 2017-07-12 15:15 - 2017-05-02 20:31 - 000329216 _____ (Microsoft Corporation) C:\Windows\system32\srvsvc.dll 2017-07-12 15:15 - 2017-05-02 20:31 - 000207360 _____ (Microsoft Corporation) C:\Windows\system32\smbwmiv2.dll 2017-07-12 15:15 - 2017-05-02 19:35 - 000031744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sscore.dll 2017-07-12 15:15 - 2017-04-30 18:48 - 000080078 _____ C:\Windows\system32\normidna.nls 2017-07-12 15:15 - 2017-04-28 03:13 - 001292288 _____ (Microsoft Corporation) C:\Windows\system32\certutil.exe 2017-07-12 15:15 - 2017-04-28 03:11 - 001060352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certutil.exe ==================== Un mois - Modifiés - fichiers et dossiers ======== (Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.) 2017-08-08 18:07 - 2017-04-01 10:29 - 000000000 ____D C:\Users\asus pc\AppData\Roaming\vlc 2017-08-08 17:50 - 2015-11-22 15:24 - 000003928 _____ C:\Windows\System32\Tasks\User_Feed_Synchronization-{8FA8FA5C-4768-4DAC-B340-83022E4F72F4} 2017-08-05 15:04 - 2014-09-06 20:34 - 000805600 _____ C:\Windows\system32\perfh00C.dat 2017-08-05 15:04 - 2014-09-06 20:34 - 000156456 _____ C:\Windows\system32\perfc00C.dat 2017-08-05 15:04 - 2014-03-18 12:03 - 001817064 _____ C:\Windows\system32\PerfStringBackup.INI 2017-08-05 15:04 - 2013-08-22 15:36 - 000000000 ____D C:\Windows\Inf 2017-08-03 11:15 - 2015-09-30 08:04 - 000003600 _____ C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-2924303899-3138398312-1967464413-1001 2017-08-02 18:04 - 2015-12-27 18:54 - 000000000 ____D C:\Users\asus pc\AppData\Roaming\ZHP 2017-08-02 14:26 - 2013-08-22 16:45 - 000000006 ____H C:\Windows\Tasks\SA.DAT 2017-08-02 14:25 - 2013-08-22 15:25 - 000262144 ___SH C:\Windows\system32\config\BBI 2017-07-24 16:22 - 2013-08-22 17:36 - 000000000 ____D C:\Windows\AppReadiness 2017-07-21 15:41 - 2017-07-02 17:31 - 000000061 _____ C:\Users\asus pc\Desktop\SNCF.txt 2017-07-20 15:57 - 2013-08-22 17:36 - 000000000 ___HD C:\Program Files\WindowsApps 2017-07-14 08:06 - 2013-08-22 17:36 - 000000000 ____D C:\Windows\rescache 2017-07-12 17:52 - 2017-04-30 09:13 - 000000134 _____ C:\Users\asus pc\Desktop\Nettoyage monnaie.txt 2017-07-12 15:20 - 2015-11-21 18:32 - 000000000 ____D C:\Windows\system32\MRT 2017-07-12 15:18 - 2015-11-21 18:32 - 135225752 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe 2017-07-12 15:18 - 2013-08-22 17:20 - 000000000 ____D C:\Windows\CbsTemp ==================== Fichiers à la racine de certains dossiers ======= 2015-02-27 03:33 - 2015-02-27 03:33 - 000000000 ____H () C:\ProgramData\DP45977C.lfl Fichiers à déplacer ou supprimer: ==================== C:\Users\asus pc\ZHPCleaner.exe Certains fichiers dans TEMP: ==================== 2017-08-04 16:22 - 2014-08-03 20:33 - 006726720 _____ (Foxit Corporation) C:\Users\asus pc\AppData\Local\Temp\Foxit PhantomPDF Updater.exe ==================== Bamital & volsnap ====================== (Il n'y a pas de correction automatique pour les fichiers qui ne satisfont pas à la vérification.) C:\Windows\system32\winlogon.exe => Le fichier est signé numériquement C:\Windows\system32\wininit.exe => Le fichier est signé numériquement C:\Windows\explorer.exe => Le fichier est signé numériquement C:\Windows\SysWOW64\explorer.exe => Le fichier est signé numériquement C:\Windows\system32\svchost.exe => Le fichier est signé numériquement C:\Windows\SysWOW64\svchost.exe => Le fichier est signé numériquement C:\Windows\system32\services.exe => Le fichier est signé numériquement C:\Windows\system32\User32.dll => Le fichier est signé numériquement C:\Windows\SysWOW64\User32.dll => Le fichier est signé numériquement C:\Windows\system32\userinit.exe => Le fichier est signé numériquement C:\Windows\SysWOW64\userinit.exe => Le fichier est signé numériquement C:\Windows\system32\rpcss.dll => Le fichier est signé numériquement C:\Windows\system32\dnsapi.dll => Le fichier est signé numériquement C:\Windows\SysWOW64\dnsapi.dll => Le fichier est signé numériquement C:\Windows\system32\Drivers\volsnap.sys => Le fichier est signé numériquement LastRegBack: 2017-08-03 11:15 ==================== Fin de FRST.txt ============================