Résultats d'analyse de Farbar Recovery Scan Tool (FRST) (x64) Version: 17-12-2017 Exécuté par Yassine (administrateur) sur YASSINE (17-12-2017 16:28:41) Exécuté depuis C:\Users\Yassine\Desktop Profils chargés: Yassine (Profils disponibles: Yassine) Platform: Windows 8.1 Pro (Update) (X64) Langue: Français (France) Internet Explorer Version 11 (Navigateur par défaut: Chrome) Mode d'amorçage: Normal Tutoriel pour Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processus (Avec liste blanche) ================= (Si un élément est inclus dans le fichier fixlist.txt, le processus sera arrêté. Le fichier ne sera pas déplacé.) (AMD) C:\Windows\System32\atiesrxx.exe (Intel Corporation) C:\Windows\System32\igfxCUIService.exe (AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Antivirus\AVGSvc.exe (AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Antivirus\afwServ.exe (AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Framework\Common\avgsvca.exe (Broadcom Corporation.) C:\Program Files\Lenovo\Bluetooth Software\btwdins.exe () C:\Program Files (x86)\ExpressVPN\bootstrap\AMD64\nssm.exe () C:\Program Files (x86)\ExpressVPN\xvpnd\xvpnd.exe (AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesService64.exe (Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe (Microsoft Corporation) C:\Windows\System32\wlanext.exe (Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.7\GoogleCrashHandler.exe (Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.7\GoogleCrashHandler64.exe (AMD) C:\Windows\System32\atieclxx.exe (AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesApp64.exe (Intel Corporation) C:\Windows\System32\igfxEM.exe (Intel Corporation) C:\Windows\System32\igfxHK.exe () C:\Windows\System32\igfxTray.exe (Microsoft Corporation) C:\Windows\System32\SkyDrive.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Framework\Common\avguix.exe (Broadcom Corporation.) C:\Program Files\Lenovo\Bluetooth Software\BTTray.exe (Akamai Technologies, Inc.) C:\Users\Yassine\AppData\Local\Akamai\netsession_win.exe (ExpressVPN) C:\Program Files (x86)\ExpressVPN\xvpn-ui\ExpressVpn.exe (Akamai Technologies, Inc.) C:\Users\Yassine\AppData\Local\Akamai\netsession_win.exe (AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Antivirus\AVGUI.exe (Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe (Microsoft Corporation) C:\Windows\SysWOW64\rundll32.exe (Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\RadeonSettings.exe (Enigma Software Group USA, LLC.) C:\Program Files\SpyHunter\SpyHunter4.exe (Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe (Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe (Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe (AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Antivirus\x64\aswidsagenta.exe (AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Antivirus\AVGUI.exe (The OpenVPN Project) C:\Program Files (x86)\ExpressVPN\xvpnd\windows\openvpn.exe (Microsoft Corporation) C:\Windows\WinSxS\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_6.3.9600.17246_none_fa4ae8e99b1f603c\TiWorker.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe ==================== Registre (Avec liste blanche) =========================== (Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé. Le fichier ne sera pas déplacé.) HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [322104 2016-02-03] (Intel Corporation) HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [16781824 2017-01-11] (Realtek Semiconductor) HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [446392 2012-04-04] (Adobe Systems Incorporated) HKLM\...\Run: [AvgUi] => C:\Program Files (x86)\AVG\Framework\Common\avguirna.exe [239592 2017-10-31] (AVG Technologies CZ, s.r.o.) HKLM\...\Run: [AVGUI.exe] => C:\Program Files (x86)\AVG\Antivirus\AvLaunch.exe [302744 2017-12-11] (AVG Technologies CZ, s.r.o.) HKLM\...\Run: [Bluetooth] => C:\Program Files\Lenovo\Bluetooth Software\bttray.exe [535808 2015-09-24] (Broadcom Corporation.) HKLM-x32\...\Run: [AvgUi] => C:\Program Files (x86)\AVG\Framework\Common\avguirna.exe [239592 2017-10-31] (AVG Technologies CZ, s.r.o.) HKLM-x32\...\Run: [Dropbox] => C:\Program Files (x86)\Dropbox\Client\Dropbox.exe [3567928 2017-12-05] (Dropbox, Inc.) HKLM-x32\...\Run: [SwitchBoard] => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) HKLM-x32\...\Run: [AdobeCS6ServiceManager] => C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe [1073312 2012-03-09] (Adobe Systems Incorporated) HKLM-x32\...\Run: [DivXMediaServer] => C:\Program Files (x86)\DivX\DivX Media Server\DivXMediaServer.exe HKLM-x32\...\Run: [NBKeyScan] => "C:\Program Files (x86)\Nero\Nero8\Nero BackItUp\NBKeyScan.exe" HKU\S-1-5-21-2446385367-2199033129-166284951-1001\...\Run: [Akamai NetSession Interface] => C:\Users\Yassine\AppData\Local\Akamai\netsession_win.exe [4490200 2017-01-03] (Akamai Technologies, Inc.) HKU\S-1-5-21-2446385367-2199033129-166284951-1001\...\Run: [Autodesk Sync] => C:\Program Files\Autodesk\Autodesk Sync\AdSync.exe [1081224 2013-02-05] (Autodesk, Inc.) HKU\S-1-5-21-2446385367-2199033129-166284951-1001\...\Run: [ApplePhotoStreams] => C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe HKU\S-1-5-21-2446385367-2199033129-166284951-1001\...\Run: [iCloudDrive] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudDrive.exe HKU\S-1-5-21-2446385367-2199033129-166284951-1001\...\Run: [iCloudPhotos] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudPhotos.exe HKU\S-1-5-21-2446385367-2199033129-166284951-1001\...\Run: [ExpressVPN4] => C:\Program Files (x86)\ExpressVPN\xvpn-ui\ExpressVpn.exe [809088 2017-11-03] (ExpressVPN) HKU\S-1-5-21-2446385367-2199033129-166284951-1001\...\Run: [IndxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] => C:\Program Files (x86)\Common Files\Nero\Lib\NMIndexStoreSvr.exe [1688872 2007-12-13] (Nero AG) HKU\S-1-5-21-2446385367-2199033129-166284951-1001\...\Policies\Explorer: [] HKU\S-1-5-18\...\Run: [Autodesk Sync] => C:\Program Files\Autodesk\Autodesk Sync\AdSync.exe [1081224 2013-02-05] (Autodesk, Inc.) IFEO: [Debugger] "C:\Program Files (x86)\AVG\AVG PC TuneUp\TUAutoReactivator64.exe" IFEO\3dsmax.exe: [Debugger] "C:\Program Files (x86)\AVG\AVG PC TuneUp\TUAutoReactivator64.exe" IFEO\AcroRd32.exe: [Debugger] "C:\Program Files (x86)\AVG\AVG PC TuneUp\TUAutoReactivator64.exe" IFEO\adsync.exe: [Debugger] "C:\Program Files (x86)\AVG\AVG PC TuneUp\TUAutoReactivator64.exe" IFEO\codectweaktool.exe: [Debugger] "C:\Program Files (x86)\AVG\AVG PC TuneUp\TUAutoReactivator64.exe" IFEO\connect.service.contentservice.admin.exe: [Debugger] "C:\Program Files (x86)\AVG\AVG PC TuneUp\TUAutoReactivator64.exe" IFEO\dropbox.exe: [Debugger] "C:\Program Files (x86)\AVG\AVG PC TuneUp\TUAutoReactivator64.exe" IFEO\ltu.exe: [Debugger] "C:\Program Files (x86)\AVG\AVG PC TuneUp\TUAutoReactivator64.exe" IFEO\maxfind.exe: [Debugger] "C:\Program Files (x86)\AVG\AVG PC TuneUp\TUAutoReactivator64.exe" IFEO\switchboard.exe: [Debugger] "C:\Program Files (x86)\AVG\AVG PC TuneUp\TUAutoReactivator64.exe" IFEO\UninstallTool.exe: [Debugger] "C:\Program Files (x86)\AVG\AVG PC TuneUp\TUAutoReactivator64.exe" IFEO\wksvmgr.exe: [Debugger] "C:\Program Files (x86)\AVG\AVG PC TuneUp\TUAutoReactivator64.exe" IFEO\wksvmon.exe: [Debugger] "C:\Program Files (x86)\AVG\AVG PC TuneUp\TUAutoReactivator64.exe" Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Serveur réseau.lnk [2017-01-24] ShortcutTarget: Serveur réseau.lnk -> C:\Program Files (x86)\WIBUKEY\Server\WkSvMgr.exe (WIBU-SYSTEMS AG) GroupPolicy: Restriction - Chrome <==== ATTENTION CHR HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION ==================== Internet (Avec liste blanche) ==================== (Si un élément est inclus dans le fichier fixlist.txt, s'il s'agit d'un élément du Registre, il sera supprimé ou restauré à la valeur par défaut.) Hosts: 0.0.0.0 telemetry.malwarebytes.com Tcpip\Parameters: [DhcpNameServer] 192.168.1.1 Tcpip\..\Interfaces\{9BE604DA-0663-442F-935D-D210152AC024}: [DhcpNameServer] 192.168.1.1 Tcpip\..\Interfaces\{AA1A6F2F-E269-40F7-93BF-AB156D876186}: [DhcpNameServer] 10.54.0.1 Internet Explorer: ================== HKU\S-1-5-21-2446385367-2199033129-166284951-1001\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://www.msn.com/fr-fr/?ocid=iehp HKU\S-1-5-21-2446385367-2199033129-166284951-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://google.fr/ BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [2010-03-25] (Microsoft Corporation) BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2010-02-28] (Microsoft Corporation) BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL [2010-03-25] (Microsoft Corporation) BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2010-02-28] (Microsoft Corporation) FireFox: ======== FF DefaultProfile: vb3g8244.default FF ProfilePath: C:\Users\Yassine\AppData\Roaming\Mozilla\Firefox\Profiles\vb3g8244.default [2017-12-17] FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation) FF Plugin: @videolan.org/vlc,version=2.2.4 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN) FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation) FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation) FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.7\npGoogleUpdate3.dll [2017-12-17] (Google Inc.) FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.7\npGoogleUpdate3.dll [2017-12-17] (Google Inc.) FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2017-11-04] (Adobe Systems Inc.) Chrome: ======= CHR Profile: C:\Users\Yassine\AppData\Local\Google\Chrome\User Data\Default [2017-12-17] CHR Extension: (Google Drive) - C:\Users\Yassine\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2017-12-17] CHR Extension: (YouTube) - C:\Users\Yassine\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2017-12-17] CHR Extension: (Paiements via le Chrome Web Store) - C:\Users\Yassine\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-12-17] CHR Extension: (Gmail) - C:\Users\Yassine\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2017-12-17] CHR Extension: (Chrome Media Router) - C:\Users\Yassine\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-12-17] CHR HKLM\...\Chrome\Extension: [looohgelibjoplmkhecmalapkgadkfcc] - hxxps://clients2.google.com/service/update2/crx CHR HKLM-x32\...\Chrome\Extension: [ccjleegmemocfpghkhpjmiccjcacackp] - hxxps://clients2.google.com/service/update2/crx CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - hxxps://clients2.google.com/service/update2/crx CHR HKLM-x32\...\Chrome\Extension: [looohgelibjoplmkhecmalapkgadkfcc] - hxxps://clients2.google.com/service/update2/crx ==================== Services (Avec liste blanche) ==================== (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.) S4 Autodesk Content Service; C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe [12288 2012-12-13] (Autodesk, Inc.) [Fichier non signé] R2 AVG Antivirus; C:\Program Files (x86)\AVG\Antivirus\AVGSvc.exe [282536 2017-12-11] (AVG Technologies CZ, s.r.o.) R2 AVG Firewall; C:\Program Files (x86)\AVG\Antivirus\afwServ.exe [333488 2017-12-11] (AVG Technologies CZ, s.r.o.) R3 avgbIDSAgent; C:\Program Files (x86)\AVG\Antivirus\x64\aswidsagenta.exe [7600584 2017-12-11] (AVG Technologies CZ, s.r.o.) R2 avgsvc; C:\Program Files (x86)\AVG\Framework\Common\avgsvca.exe [1428656 2017-10-31] (AVG Technologies CZ, s.r.o.) S2 BcmBtRSupport; C:\Windows\system32\BtwRSupportService.exe [2297104 2015-09-25] (Broadcom Corporation.) R2 btwdins; C:\Program Files\Lenovo\Bluetooth Software\btwdins.exe [980224 2015-09-24] (Broadcom Corporation.) S4 dbupdate; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2017-01-24] (Dropbox, Inc.) S4 dbupdatem; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2017-01-24] (Dropbox, Inc.) S4 DbxSvc; C:\Windows\system32\DbxSvc.exe [51016 2017-12-05] (Dropbox, Inc.) R2 ExpressVpnService; C:\Program Files (x86)\ExpressVPN\bootstrap\AMD64\nssm.exe [339168 2017-11-03] () S2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [18488 2016-02-03] (Intel Corporation) R2 igfxCUIService2.0.0.0; C:\Windows\system32\igfxCUIService.exe [350312 2017-01-23] (Intel Corporation) S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [987432 2016-07-26] (Intel(R) Corporation) S4 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [177440 2016-10-05] (Intel Corporation) S2 KMService; C:\Windows\SysWOW64\srvany.exe [8192 2017-01-23] () [Fichier non signé] R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [6234056 2017-11-01] (Malwarebytes) S4 mi-raysat_3dsmax2014_64; C:\Program Files\Autodesk\3ds Max 2014\NVIDIA\Satellite\raysat_3dsmax2014_64server.exe [86016 2011-09-15] () [Fichier non signé] S3 NMIndexingService; C:\Program Files (x86)\Common Files\Nero\Lib\NMIndexingService.exe [447784 2007-12-13] (Nero AG) S2 SpyHunter 4 Service; C:\Program Files\SpyHunter\SH4Service.exe [685752 2017-08-12] (Enigma Software Group USA, LLC.) S3 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [Fichier non signé] R2 TuneUp.UtilitiesSvc; C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesService64.exe [5618960 2017-11-15] (AVG Technologies CZ, s.r.o.) S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [347880 2014-11-21] (Microsoft Corporation) S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2014-11-21] (Microsoft Corporation) S4 Nero BackItUp Scheduler 3; C:\Program Files (x86)\Nero\Nero8\Nero BackItUp\NBService.exe [X] ===================== Pilotes (Avec liste blanche) ====================== (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.) R1 avgArPot; C:\Windows\System32\drivers\avgArPot.sys [176000 2017-12-11] (AVG Technologies CZ, s.r.o.) R1 avgbdisk; C:\Windows\System32\drivers\avgbdiska.sys [166624 2017-12-11] (AVG Technologies CZ, s.r.o.) R1 avgbidsdriver; C:\Windows\System32\drivers\avgbidsdrivera.sys [314640 2017-12-11] (AVG Technologies CZ, s.r.o.) R0 avgbidsh; C:\Windows\System32\drivers\avgbidsha.sys [192584 2017-12-11] (AVG Technologies CZ, s.r.o.) R0 avgblog; C:\Windows\System32\drivers\avgbloga.sys [336896 2017-12-11] (AVG Technologies CZ, s.r.o.) R0 avgbuniv; C:\Windows\System32\drivers\avgbuniva.sys [51336 2017-12-11] (AVG Technologies CZ, s.r.o.) S3 avgHwid; C:\Windows\System32\drivers\avgHwid.sys [39424 2017-12-11] (AVG Technologies CZ, s.r.o.) R2 avgMonFlt; C:\Windows\System32\drivers\avgMonFlt.sys [140704 2017-12-11] (AVG Technologies CZ, s.r.o.) R1 avgNetSec; C:\Windows\System32\drivers\avgNetSec.sys [562568 2017-12-11] (AVG Technologies CZ, s.r.o.) R1 avgRdr; C:\Windows\System32\drivers\avgRdr2.sys [102792 2017-12-11] (AVG Technologies CZ, s.r.o.) R0 avgRvrt; C:\Windows\System32\drivers\avgRvrt.sys [76832 2017-12-11] (AVG Technologies CZ, s.r.o.) R1 avgSnx; C:\Windows\System32\drivers\avgSnx.sys [1018648 2017-12-11] (AVG Technologies CZ, s.r.o.) R1 avgSP; C:\Windows\System32\drivers\avgSP.sys [447800 2017-12-11] (AVG Technologies CZ, s.r.o.) R2 avgStm; C:\Windows\System32\drivers\avgStm.sys [196392 2017-12-11] (AVG Technologies CZ, s.r.o.) R0 avgVmm; C:\Windows\System32\drivers\avgVmm.sys [356880 2017-12-11] (AVG Technologies CZ, s.r.o.) R3 bcbtums; C:\Windows\system32\drivers\bcbtums.sys [227144 2015-09-25] (Broadcom Corporation.) R3 BCM43XX; C:\Windows\system32\DRIVERS\bcmwl63a.sys [7474352 2017-01-23] (Broadcom Corporation) S3 dg_ssudbus; C:\Windows\system32\DRIVERS\ssudbus.sys [131984 2017-05-18] (Samsung Electronics Co., Ltd.) S3 EsgScanner; C:\Windows\SysWOW64\DRIVERS\EsgScanner.sys [22704 2016-10-15] () R1 ESProtectionDriver; C:\Windows\system32\drivers\mbae64.sys [77432 2017-12-17] () R3 expressvpnsplittunnel; C:\Program Files (x86)\ExpressVpn SplitTunnel Driver\driver\expressvpnsplittunnel.sys [28160 2017-11-03] () R2 MBAMChameleon; C:\Windows\System32\Drivers\MbamChameleon.sys [193968 2017-12-17] (Malwarebytes) R3 MBAMFarflt; C:\Windows\system32\DRIVERS\farflt.sys [110016 2017-12-17] (Malwarebytes) R3 MBAMProtection; C:\Windows\system32\DRIVERS\mbam.sys [46008 2017-12-17] (Malwarebytes) R3 MBAMSwissArmy; C:\Windows\System32\Drivers\mbamswissarmy.sys [253880 2017-12-17] (Malwarebytes) R3 MBAMWebProtection; C:\Windows\system32\DRIVERS\mwac.sys [94144 2017-12-17] (Malwarebytes) R3 RSP2STOR; C:\Windows\system32\DRIVERS\RtsP2Stor.sys [302808 2017-01-23] (Realtek Semiconductor Corp.) S3 ssudmdm; C:\Windows\system32\DRIVERS\ssudmdm.sys [166288 2017-05-18] (Samsung Electronics Co., Ltd.) S3 SWDUMon; C:\Windows\system32\DRIVERS\SWDUMon.sys [25608 2017-12-11] (SlimWare Utilities, Inc.) R3 tapexpressvpn; C:\Windows\system32\DRIVERS\tapexpressvpn.sys [35696 2017-11-21] (The OpenVPN Project) R3 Thotkey; C:\Windows\System32\drivers\Thotkey.sys [27136 2014-03-24] (Windows (R) Win 7 DDK provider) R3 TuneUpUtilitiesDrv; C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesDriver64.sys [32304 2017-11-15] (AVG Netherlands B.V.) S3 USBAAPL64; C:\Windows\System32\Drivers\usbaapl64.sys [54784 2017-10-11] (Apple, Inc.) [Fichier non signé] S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [35856 2014-11-21] (Microsoft Corporation) S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [257880 2014-11-21] (Microsoft Corporation) S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [123224 2014-11-21] (Microsoft Corporation) R2 WIBUKEY; C:\Windows\System32\DRIVERS\WibuKey64.sys [105008 2017-01-24] (WIBU-SYSTEMS AG) U0 aswVmm; pas de ImagePath S3 dbx; system32\DRIVERS\dbx.sys [X] S3 esgiguard; \??\C:\Program Files (x86)\Enigma Software Group\SpyHunter\esgiguard.sys [X] ==================== NetSvcs (Avec liste blanche) =================== (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.) ==================== Un mois - Créés - fichiers et dossiers ======== (Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.) 2017-12-17 16:24 - 2017-12-17 16:28 - 000060387 _____ C:\Users\Yassine\Desktop\Addition.txt 2017-12-17 16:22 - 2017-12-17 16:28 - 000020663 _____ C:\Users\Yassine\Desktop\FRST.txt 2017-12-17 16:21 - 2017-12-17 16:28 - 000000000 ____D C:\FRST 2017-12-17 16:20 - 2017-12-17 16:20 - 002392064 _____ (Farbar) C:\Users\Yassine\Desktop\FRST64.exe 2017-12-17 16:00 - 2017-12-17 16:16 - 000193968 _____ (Malwarebytes) C:\Windows\system32\Drivers\MbamChameleon.sys 2017-12-17 16:00 - 2017-12-17 16:16 - 000110016 _____ (Malwarebytes) C:\Windows\system32\Drivers\farflt.sys 2017-12-17 16:00 - 2017-12-17 16:16 - 000094144 _____ (Malwarebytes) C:\Windows\system32\Drivers\mwac.sys 2017-12-17 16:00 - 2017-12-17 16:16 - 000046008 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbam.sys 2017-12-17 16:00 - 2017-12-17 16:00 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes 2017-12-17 15:57 - 2017-12-17 16:16 - 000253880 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamswissarmy.sys 2017-12-17 15:57 - 2017-12-17 16:16 - 000077432 _____ C:\Windows\system32\Drivers\mbae64.sys 2017-12-17 15:57 - 2017-12-17 16:00 - 000001883 _____ C:\Users\Public\Desktop\Malwarebytes.lnk 2017-12-17 15:57 - 2017-12-17 16:00 - 000000000 ____D C:\ProgramData\Malwarebytes 2017-12-17 15:37 - 2017-12-17 15:37 - 000002285 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk 2017-12-17 15:37 - 2017-12-17 15:37 - 000002273 _____ C:\Users\Public\Desktop\Google Chrome.lnk 2017-12-17 15:15 - 2017-12-17 15:37 - 000000000 ____D C:\Users\Yassine\AppData\Local\Google 2017-12-17 15:15 - 2017-12-17 15:37 - 000000000 ____D C:\Program Files (x86)\Google 2017-12-17 15:15 - 2017-12-17 15:15 - 000003500 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA 2017-12-17 15:15 - 2017-12-17 15:15 - 000003372 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore 2017-12-17 15:14 - 2017-12-17 15:15 - 001129816 _____ (Google Inc.) C:\Users\Yassine\Downloads\ChromeSetup(1).exe 2017-12-17 15:13 - 2017-12-17 15:14 - 001129816 _____ (Google Inc.) C:\Users\Yassine\Downloads\ChromeSetup.exe 2017-12-17 15:10 - 2017-12-17 15:17 - 000000000 ____D C:\Users\Yassine\AppData\LocalLow\Mozilla 2017-12-17 15:10 - 2017-12-17 15:10 - 000000000 ____D C:\Users\Yassine\AppData\Roaming\Mozilla 2017-12-17 15:09 - 2017-12-17 15:09 - 000000948 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk 2017-12-17 15:09 - 2017-12-17 15:09 - 000000936 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk 2017-12-17 15:09 - 2017-12-17 15:09 - 000000000 ____D C:\Program Files\Mozilla Firefox 2017-12-17 15:09 - 2017-12-17 15:09 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service 2017-12-17 14:39 - 2017-12-17 15:08 - 039236952 _____ (Mozilla) C:\Users\Yassine\Downloads\Firefox Setup 57.0.2.exe 2017-12-17 14:36 - 2017-12-17 14:36 - 000000000 ____D C:\Windows\Panther 2017-12-17 02:11 - 2017-12-17 02:21 - 000000841 _____ C:\Users\Public\Desktop\SpyHunter4.lnk 2017-12-17 02:11 - 2017-12-17 02:11 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SpyHunter4 2017-12-17 02:10 - 2017-12-17 16:02 - 000000000 ____D C:\Program Files\SpyHunter 2017-12-17 01:07 - 2017-12-17 02:49 - 000000000 ____D C:\Program Files\Malwarebytes 2017-12-17 00:23 - 2017-12-17 00:23 - 000000000 ____D C:\ProgramData\MB3CoreBackup 2017-12-17 00:18 - 2017-12-17 00:18 - 000000000 ____D C:\Users\Yassine\AppData\Roaming\Obsidium 2017-12-16 23:19 - 2017-12-17 03:06 - 734497342 _____ C:\Users\Yassine\Downloads\[ Torrent9.tv ] Trespass.Against.Us.2016.FRENCH.BDRip.XviD-GZR.avi 2017-12-16 23:19 - 2017-12-17 03:06 - 726767834 _____ C:\Users\Yassine\Downloads\[ Torrent9.tv ] Le.Serpent.aux.Mille.Coupures.2017.FRENCH.BDRip.XviD.ACOOL.avi 2017-12-15 16:40 - 2017-12-15 16:40 - 000000916 _____ C:\Users\Yassine\Documents\hosts.txt 2017-12-15 16:04 - 2016-01-14 01:27 - 000003118 _____ C:\Windows\system32\Drivers\etc\license.conf 2017-12-15 16:00 - 2017-12-15 16:43 - 000000000 ____D C:\Program Files (x86)\Malwarebytes Anti-Malware 2017-12-15 15:52 - 2017-12-15 15:54 - 000000000 ____D C:\ProgramData\Malwarebytes Anti-Exploit 2017-12-15 13:27 - 2017-12-17 01:46 - 000000000 ____D C:\Users\Yassine\AppData\Local\Deployment 2017-12-15 13:27 - 2017-12-15 13:27 - 000000000 ____D C:\Users\Yassine\AppData\Local\Apps\2.0 2017-12-15 13:18 - 2017-12-17 14:27 - 000003940 _____ C:\Windows\System32\Tasks\User_Feed_Synchronization-{9929489A-75E1-4396-B00C-AB73A6043A4E} 2017-12-15 03:53 - 2017-12-15 14:02 - 000000000 ____D C:\Windows\ADAFC0B4FC1545D9BAB3BC7A8829D0C4.TMP 2017-12-15 02:22 - 2017-12-17 03:07 - 000000000 ____D C:\Users\Yassine\AppData\Roaming\BitTorrent 2017-12-15 02:22 - 2017-12-15 02:22 - 000000918 _____ C:\Users\Yassine\Desktop\BitTorrent.lnk 2017-12-15 02:22 - 2017-12-15 02:22 - 000000898 _____ C:\Users\Yassine\AppData\Roaming\Microsoft\Windows\Start Menu\BitTorrent.lnk 2017-12-15 00:52 - 2017-12-15 00:52 - 000000000 _____ C:\autoexec.bat 2017-12-14 11:44 - 2017-12-14 11:44 - 000035747 _____ C:\Windows\uninstaller.dat 2017-12-11 23:15 - 2017-12-11 23:15 - 000000000 ____D C:\Users\Yassine\AppData\Roaming\Canneverbe Limited 2017-12-11 23:15 - 2017-12-11 23:15 - 000000000 ____D C:\ProgramData\Canneverbe Limited 2017-12-11 22:46 - 2017-12-11 22:46 - 000000000 ____D C:\Users\Yassine\AppData\Local\Ahead 2017-12-11 22:45 - 2017-12-11 22:47 - 000007867 _____ C:\Windows\Irremote.ini 2017-12-11 22:44 - 2017-12-15 01:22 - 000001024 _____ C:\Users\Yassine\.rnd 2017-12-11 22:31 - 2017-12-15 01:03 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MagicISO 2017-12-11 18:22 - 2017-12-11 18:23 - 005175456 _____ C:\Windows\system32\FNTCACHE.DAT 2017-12-11 18:21 - 2017-12-17 00:07 - 000000000 _____ C:\Windows\SysWOW64\last.dump 2017-12-11 18:00 - 2017-12-11 18:00 - 000000000 ____D C:\Users\Yassine\Documents\Dossier Echanges Bluetooth 2017-12-11 18:00 - 2017-12-11 18:00 - 000000000 ____D C:\Users\Yassine\AppData\Local\Broadcom 2017-12-11 17:58 - 2015-09-25 11:56 - 002297104 _____ (Broadcom Corporation.) C:\Windows\system32\BtwRSupportService.exe 2017-12-11 17:58 - 2015-09-25 11:56 - 000248104 _____ (Broadcom Corporation.) C:\Windows\system32\Drivers\btwavdt.sys 2017-12-11 17:58 - 2015-09-25 11:56 - 000234800 _____ (Broadcom Corporation.) C:\Windows\system32\Drivers\btwampfl.sys 2017-12-11 17:58 - 2015-09-25 11:56 - 000227144 _____ (Broadcom Corporation.) C:\Windows\system32\Drivers\bcbtums.sys 2017-12-11 17:58 - 2015-09-25 11:56 - 000220448 _____ (Broadcom Corporation.) C:\Windows\system32\Drivers\btwaudio.sys 2017-12-11 17:58 - 2015-09-25 11:56 - 000112896 _____ (Broadcom Corporation.) C:\Windows\system32\btwdi.dll 2017-12-11 17:58 - 2015-08-06 02:18 - 000047392 _____ (Broadcom Corporation.) C:\Windows\system32\Drivers\btwrchid.sys 2017-12-11 17:58 - 2015-07-08 20:43 - 000048984 _____ (Broadcom Corporation.) C:\Windows\system32\Drivers\btwl2cap.sys 2017-12-11 17:57 - 2017-12-11 17:57 - 000000000 ____D C:\Program Files\Lenovo 2017-12-11 17:33 - 2017-12-11 17:33 - 000000540 _____ C:\Windows\Tasks\AVG Driver Updater Scan.job 2017-12-11 17:30 - 2017-12-11 17:43 - 000000486 _____ C:\Windows\Tasks\AVG Driver Updater Startup.job 2017-12-11 17:29 - 2017-12-11 17:29 - 000002513 _____ C:\Users\Public\Desktop\AVG Driver Updater.lnk 2017-12-11 17:29 - 2017-12-11 17:29 - 000000000 ____D C:\Users\Public\Documents\Downloaded Installers 2017-12-11 17:29 - 2017-12-11 17:29 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG Driver Updater 2017-12-11 16:36 - 2017-12-11 18:08 - 000003740 _____ C:\Windows\System32\Tasks\DivX Update 2017-12-11 16:25 - 2017-12-11 16:25 - 000000000 _____ C:\Windows\SysWOW64\__00000000__C0000005.dmp 2017-12-11 16:23 - 2017-12-11 16:23 - 000000000 ___HD C:\$AV_AVG 2017-12-11 16:22 - 2017-12-11 16:22 - 000140800 _____ C:\Users\Yassine\AppData\Local\installer.dat 2017-12-11 16:21 - 2017-12-11 16:25 - 000000000 ____D C:\Windows\SysWOW64\SSL 2017-12-11 16:15 - 2017-12-11 16:15 - 000002618 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG PC TuneUp.lnk 2017-12-11 16:15 - 2017-12-11 16:15 - 000002606 _____ C:\Users\Public\Desktop\AVG PC TuneUp.lnk 2017-12-11 16:15 - 2017-11-15 08:59 - 000053008 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\TURegOpt.exe 2017-12-11 16:01 - 2017-12-11 16:01 - 000001984 _____ C:\Users\Public\Desktop\AVG Internet Security.lnk 2017-12-11 16:00 - 2017-12-11 16:00 - 000366288 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\avgBoot.exe 2017-12-11 16:00 - 2017-12-11 16:00 - 000176000 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgArPot.sys 2017-12-11 15:52 - 2017-12-17 00:51 - 000004178 _____ C:\Windows\System32\Tasks\Antivirus Emergency Update 2017-12-11 15:51 - 2017-12-11 16:01 - 000447800 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgSP.sys 2017-12-11 15:51 - 2017-12-11 16:00 - 001018648 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgSnx.sys 2017-12-11 15:51 - 2017-12-11 16:00 - 000562568 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgNetSec.sys 2017-12-11 15:51 - 2017-12-11 16:00 - 000447800 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgSP.sys.151300806901502 2017-12-11 15:51 - 2017-12-11 16:00 - 000356880 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgVmm.sys 2017-12-11 15:51 - 2017-12-11 16:00 - 000336896 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgbloga.sys 2017-12-11 15:51 - 2017-12-11 16:00 - 000314640 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgbidsdrivera.sys 2017-12-11 15:51 - 2017-12-11 16:00 - 000196392 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgStm.sys 2017-12-11 15:51 - 2017-12-11 16:00 - 000192584 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgbidsha.sys 2017-12-11 15:51 - 2017-12-11 16:00 - 000166624 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgbdiska.sys 2017-12-11 15:51 - 2017-12-11 16:00 - 000140704 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgMonFlt.sys 2017-12-11 15:51 - 2017-12-11 16:00 - 000102792 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgRdr2.sys 2017-12-11 15:51 - 2017-12-11 16:00 - 000076832 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgRvrt.sys 2017-12-11 15:51 - 2017-12-11 16:00 - 000051336 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgbuniva.sys 2017-12-11 15:51 - 2017-12-11 16:00 - 000039424 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgHwid.sys 2017-12-11 15:49 - 2017-12-11 16:14 - 000001028 _____ C:\Users\Public\Desktop\AVG.lnk 2017-12-11 15:49 - 2017-12-11 16:14 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG 2017-12-11 15:48 - 2017-12-17 03:15 - 000003590 _____ C:\Windows\System32\Tasks\AVG EUpdate Task 2017-12-11 15:40 - 2017-12-11 15:40 - 000024963 _____ C:\Windows\SysWOW64\servers.def.lkg 2017-12-11 15:40 - 2017-12-11 15:40 - 000024963 _____ C:\Windows\SysWOW64\servers.def 2017-12-11 15:40 - 2017-12-11 15:40 - 000002847 _____ C:\Windows\SysWOW64\servers.def.vpx 2017-12-11 15:40 - 2017-12-11 15:40 - 000001627 _____ C:\Windows\SysWOW64\uat.vpx 2017-12-11 15:40 - 2017-12-11 15:40 - 000000446 _____ C:\Windows\SysWOW64\prod-pgm.vpx 2017-12-11 15:40 - 2017-12-11 15:40 - 000000039 _____ C:\Windows\SysWOW64\Stats.ini 2017-12-11 15:40 - 2017-12-11 15:40 - 000000000 ____D C:\Windows\SysWOW64\uat.vpx.dll 2017-12-11 14:36 - 2017-12-15 02:48 - 000001736 __RSH C:\ProgramData\ntuser.pol 2017-12-11 14:12 - 2017-12-11 14:12 - 000000000 ____D C:\ProgramData\SecuritySuite 2017-12-11 14:08 - 2017-12-11 14:08 - 000000000 ____D C:\Users\Yassine\Documents\TotalAV 2017-12-11 14:07 - 2017-12-11 14:07 - 000000000 ____D C:\Users\Yassine\AppData\Roaming\TotalAV 2017-12-11 13:58 - 2017-12-11 13:58 - 000002023 _____ C:\Users\Public\Desktop\ExpressVPN.lnk 2017-12-11 13:58 - 2017-12-11 13:58 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ExpressVPN 2017-12-11 13:58 - 2017-12-11 13:58 - 000000000 ____D C:\ProgramData\ExpressVPN 2017-12-11 13:58 - 2017-12-11 13:58 - 000000000 ____D C:\Program Files (x86)\ExpressVpn Tap Driver 2017-12-11 13:58 - 2017-12-11 13:58 - 000000000 ____D C:\Program Files (x86)\ExpressVpn SplitTunnel Driver 2017-12-11 13:58 - 2017-12-11 13:58 - 000000000 ____D C:\Program Files (x86)\ExpressVPN 2017-12-11 01:07 - 2017-12-11 01:09 - 000000000 _____ C:\Users\Yassine\ping 2017-12-10 02:52 - 2017-12-10 02:53 - 000000000 ____D C:\Users\Yassine\AppData\Local\Mozilla 2017-12-10 02:36 - 2017-12-13 13:24 - 000000000 ____D C:\Users\Yassine\Desktop\tor 2017-12-07 03:16 - 2017-12-07 03:16 - 000000000 ____D C:\Users\Yassine\AppData\Local\ExpressVPN 2017-12-07 02:25 - 2017-12-07 02:25 - 000000000 ____D C:\Users\Yassine\AppData\Local\IsolatedStorage 2017-12-07 02:20 - 2017-12-11 14:56 - 000000000 ____D C:\Users\Yassine\Desktop\telechargement 2017-12-07 00:58 - 2017-12-07 00:58 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox 2017-12-05 02:38 - 2017-12-08 18:11 - 000000000 ____D C:\Users\Yassine\AppData\Local\pangu 2017-12-05 02:33 - 2017-12-15 00:10 - 000000000 ___RD C:\Users\Yassine\iCloudDrive 2017-12-05 02:33 - 2017-12-05 15:49 - 000000000 ____D C:\Users\Yassine\AppData\Local\861CC0FB-5EAF-4FF8-BC42-D44154829508.aplzod 2017-12-05 02:33 - 2017-12-05 02:33 - 000000000 ____D C:\Users\Yassine\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\iCloud 2017-12-05 02:04 - 2017-12-15 00:34 - 000000000 ____D C:\ProgramData\Apple Computer 2017-12-05 01:32 - 2017-12-15 00:59 - 000000000 ____D C:\Users\Yassine\AppData\Roaming\Apple Computer 2017-12-05 01:20 - 2017-12-05 01:21 - 000000000 ____D C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69 2017-12-05 01:06 - 2017-12-05 01:06 - 000051016 _____ (Dropbox, Inc.) C:\Windows\system32\DbxSvc.exe 2017-12-05 01:06 - 2017-12-05 01:06 - 000045672 _____ (Dropbox, Inc.) C:\Windows\system32\Drivers\dbx-dev.sys 2017-12-05 01:06 - 2017-12-05 01:06 - 000045640 _____ (Dropbox, Inc.) C:\Windows\system32\Drivers\dbx-stable.sys 2017-12-05 01:06 - 2017-12-05 01:06 - 000045640 _____ (Dropbox, Inc.) C:\Windows\system32\Drivers\dbx-canary.sys 2017-12-05 00:40 - 2017-12-15 03:49 - 000000000 ____D C:\Users\Yassine\AppData\Roaming\DivX 2017-12-05 00:40 - 2017-12-15 00:58 - 000000000 ____D C:\Program Files\DivX 2017-12-05 00:40 - 2017-12-15 00:58 - 000000000 ____D C:\Program Files (x86)\DivX 2017-12-05 00:39 - 2017-12-15 00:58 - 000000000 ____D C:\ProgramData\DivX 2017-12-03 14:53 - 2012-08-21 13:01 - 000033240 _____ (GEAR Software Inc.) C:\Windows\system32\Drivers\GEARAspiWDM.sys 2017-12-03 13:55 - 2017-12-15 01:05 - 000000000 ____D C:\Windows\system32\appmgmt 2017-12-03 13:11 - 2017-12-03 13:11 - 000000000 ____D C:\Program Files\Bonjour 2017-12-03 13:11 - 2017-12-03 13:11 - 000000000 ____D C:\Program Files (x86)\Bonjour 2017-12-03 13:10 - 2017-12-15 00:59 - 000000000 ____D C:\Program Files\Common Files\Apple 2017-12-03 13:10 - 2017-12-15 00:51 - 000000000 ____D C:\ProgramData\Apple 2017-12-02 00:09 - 2017-12-17 03:21 - 000000000 ____D C:\Users\Yassine\Desktop\Nouveau dossier 2017-11-21 15:48 - 2017-11-21 15:48 - 000035696 _____ (The OpenVPN Project) C:\Windows\system32\Drivers\tapexpressvpn.sys ==================== Un mois - Modifiés - fichiers et dossiers ======== (Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.) 2017-12-17 16:04 - 2017-01-23 17:55 - 000003596 _____ C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-2446385367-2199033129-166284951-1001 2017-12-17 15:53 - 2017-01-23 16:28 - 000000000 ___RD C:\Users\Yassine\OneDrive 2017-12-17 15:50 - 2017-01-23 21:21 - 000000180 _____ C:\Windows\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat 2017-12-17 15:50 - 2017-01-23 19:16 - 000000000 __SHD C:\Users\Yassine\IntelGraphicsProfiles 2017-12-17 14:24 - 2017-01-23 21:32 - 000000000 ____D C:\Users\Yassine\AppData\Local\Akamai 2017-12-17 14:22 - 2013-08-22 13:36 - 000000000 ____D C:\Windows\Inf 2017-12-17 04:51 - 2017-09-10 22:32 - 000000000 ____D C:\Users\Yassine\AppData\Roaming\vlc 2017-12-17 04:00 - 2013-08-22 15:36 - 000000000 ___HD C:\Program Files\WindowsApps 2017-12-17 04:00 - 2013-08-22 15:36 - 000000000 ____D C:\Windows\AppReadiness 2017-12-17 03:13 - 2013-08-22 14:45 - 000000006 ____H C:\Windows\Tasks\SA.DAT 2017-12-17 02:43 - 2017-01-23 16:19 - 000000000 ____D C:\Users\Yassine 2017-12-17 00:07 - 2017-01-24 00:25 - 000004478 _____ C:\Windows\System32\Tasks\Adobe Acrobat Update Task 2017-12-17 00:07 - 2013-08-22 13:25 - 000262144 ___SH C:\Windows\system32\config\BBI 2017-12-15 13:53 - 2017-01-23 18:46 - 000000000 ____D C:\Users\Yassine\AppData\Local\AvgSetupLog 2017-12-15 13:27 - 2013-08-22 15:36 - 000000000 ____D C:\Windows\tracing 2017-12-15 03:53 - 2017-01-23 19:51 - 000003160 _____ C:\Windows\System32\Tasks\StartCN 2017-12-15 03:49 - 2017-09-02 23:59 - 000000000 ____D C:\Program Files (x86)\BlueStacks 2017-12-13 13:10 - 2017-01-24 22:39 - 000324608 ___SH C:\Users\Yassine\Desktop\Thumbs.db 2017-12-11 22:43 - 2013-08-22 15:36 - 000000000 ____D C:\Windows\Cursors 2017-12-11 18:23 - 2017-01-24 21:49 - 000001204 _____ C:\Windows\Tasks\DropboxUpdateTaskMachineUA.job 2017-12-11 18:23 - 2017-01-24 21:49 - 000001200 _____ C:\Windows\Tasks\DropboxUpdateTaskMachineCore.job 2017-12-11 18:08 - 2017-01-24 21:49 - 000004178 _____ C:\Windows\System32\Tasks\DropboxUpdateTaskMachineUA 2017-12-11 18:08 - 2017-01-24 21:49 - 000003942 _____ C:\Windows\System32\Tasks\DropboxUpdateTaskMachineCore 2017-12-11 18:01 - 2013-08-22 15:20 - 000000000 ____D C:\Windows\CbsTemp 2017-12-11 17:43 - 2017-01-23 18:46 - 000025608 _____ (SlimWare Utilities, Inc.) C:\Windows\system32\Drivers\SWDUMon.sys 2017-12-11 17:42 - 2017-01-23 18:44 - 000000000 ____D C:\Program Files (x86)\AVG Driver Updater 2017-12-11 16:50 - 2013-08-22 15:36 - 000000000 ____D C:\Windows\system32\NDF 2017-12-11 16:42 - 2017-01-23 18:46 - 000000000 ____D C:\ProgramData\Avg 2017-12-11 16:36 - 2017-01-23 23:31 - 000000000 ____D C:\Windows\Minidump 2017-12-11 16:36 - 2017-01-23 21:35 - 000000000 ____D C:\Users\Yassine\AppData\Local\Microsoft Help 2017-12-11 16:36 - 2017-01-23 19:51 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Problem Report Wizard 2017-12-11 16:36 - 2013-08-22 13:36 - 000000000 ____D C:\Windows\system32\Sysprep 2017-12-11 16:32 - 2014-11-20 22:46 - 001827432 _____ C:\Windows\system32\PerfStringBackup.INI 2017-12-11 16:32 - 2014-11-20 22:03 - 000813388 _____ C:\Windows\system32\perfh00C.dat 2017-12-11 16:32 - 2014-11-20 22:03 - 000159948 _____ C:\Windows\system32\perfc00C.dat 2017-12-11 16:15 - 2017-01-23 18:47 - 000000000 ____D C:\Program Files (x86)\AVG 2017-12-11 16:15 - 2017-01-23 18:46 - 000000000 ____D C:\Users\Yassine\AppData\Local\Avg 2017-12-11 15:53 - 2017-01-23 18:50 - 000000000 ____D C:\Users\Yassine\AppData\Roaming\AVG 2017-12-11 15:28 - 2017-01-23 18:47 - 000000000 ____D C:\ProgramData\MFAData 2017-12-11 15:28 - 2017-01-23 18:35 - 000000000 ____D C:\Program Files\Common Files\AV 2017-12-11 15:26 - 2013-08-22 15:36 - 000000000 ___HD C:\Windows\ELAMBKUP 2017-12-11 14:36 - 2013-08-22 15:36 - 000000000 ___HD C:\Windows\system32\GroupPolicy 2017-12-11 14:36 - 2013-08-22 15:36 - 000000000 ____D C:\Windows\SysWOW64\GroupPolicy 2017-12-11 13:58 - 2017-01-23 18:51 - 000000000 ____D C:\ProgramData\Package Cache 2017-12-09 03:51 - 2013-08-22 13:25 - 000262144 ___SH C:\Windows\system32\config\ELAM 2017-12-07 00:58 - 2017-01-24 21:49 - 000000000 ____D C:\Program Files (x86)\Dropbox 2017-12-04 04:22 - 2017-09-10 23:33 - 000030208 ___SH C:\Users\Yassine\Downloads\Thumbs.db 2017-12-02 00:48 - 2017-04-13 22:25 - 000002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk ==================== Fichiers à la racine de certains dossiers ======= 2017-09-26 01:16 - 2017-09-26 01:16 - 000000132 _____ () C:\Users\Yassine\AppData\Roaming\Préfs Format AIFF Adobe CS6 2017-12-11 16:22 - 2017-12-11 16:22 - 000140800 _____ () C:\Users\Yassine\AppData\Local\installer.dat Certains fichiers dans TEMP: ==================== 2017-12-15 00:57 - 2017-08-30 10:29 - 000961592 _____ (BlueStack Systems, Inc.) C:\Users\Yassine\AppData\Local\Temp\BlueStacksClientUninstaller.exe 2017-12-15 00:57 - 2017-08-30 10:29 - 000421400 _____ (CodeTitans) C:\Users\Yassine\AppData\Local\Temp\JSON.dll 2017-12-17 00:19 - 2017-11-02 20:21 - 078346672 _____ (Malwarebytes ) C:\Users\Yassine\AppData\Local\Temp\MalwareBytes_Anti-Malware_mb3-setup-consumer-3.3.1.2183.exe 2017-10-26 08:07 - 2017-10-26 08:07 - 000488960 _____ () C:\Users\Yassine\AppData\Local\Temp\sqlite3.exe Certains de taille zéro octet fichiers/dossiers: ========================== C:\Windows\SysWOW64\uat.vpx.dll ==================== Bamital & volsnap ====================== (Il n'y a pas de correction automatique pour les fichiers qui ne satisfont pas à la vérification.) C:\Windows\system32\winlogon.exe => Le fichier est signé numériquement C:\Windows\system32\wininit.exe => Le fichier est signé numériquement C:\Windows\explorer.exe => Le fichier est signé numériquement C:\Windows\SysWOW64\explorer.exe => Le fichier est signé numériquement C:\Windows\system32\svchost.exe => Le fichier est signé numériquement C:\Windows\SysWOW64\svchost.exe => Le fichier est signé numériquement C:\Windows\system32\services.exe => Le fichier est signé numériquement C:\Windows\system32\User32.dll => Le fichier est signé numériquement C:\Windows\SysWOW64\User32.dll => Le fichier est signé numériquement C:\Windows\system32\userinit.exe => Le fichier est signé numériquement C:\Windows\SysWOW64\userinit.exe => Le fichier est signé numériquement C:\Windows\system32\rpcss.dll => Le fichier est signé numériquement C:\Windows\system32\dnsapi.dll => Le fichier est signé numériquement C:\Windows\SysWOW64\dnsapi.dll => Le fichier est signé numériquement C:\Windows\system32\Drivers\volsnap.sys => Le fichier est signé numériquement LastRegBack: 2017-12-15 15:25 ==================== Fin de FRST.txt ============================