cjoint

Publicité


Publicité

Format du document : text/plain

Prévisualisation

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 11-03-2015
Ran by Collégien (administrator) on SIRISE on 11-04-2015 20:20:21
Running from C:\Users\Collégien\Downloads
Loaded Profiles: Collégien (Available profiles: Collégien)
Platform: Microsoft Windows 7 Professionnel Service Pack 1 (X86) OS Language: Français (France)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Hewlett-Packard) C:\Windows\System32\hpservice.exe
(AVAST Software) C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
(Andrea Electronics Corporation) C:\Windows\System32\AEADISRV.EXE
(LSI Corporation) C:\Program Files\LSI SoftModem\agrsmsvc.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Microsoft Corporation) C:\Program Files\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
(Microsoft Corporation) C:\Program Files\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
(Hewlett-Packard Company) C:\Program Files\Hewlett-Packard\Shared\HPDrvMntSvc.exe
(LogMeIn, Inc.) C:\Program Files\LogMeIn Hamachi\LMIGuardianSvc.exe
(PDF Complete Inc) C:\Program Files\PDF Complete\pdfsvc.exe
() C:\Windows\System32\PnkBstrA.exe
(tzuk) C:\ProgramData\youxihe\Box\SafeMode\SbieSvc.exe
(Microsoft Corp.) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE
(Useful Technology) C:\ProgramData\OPcFKXHdtE\GUGloeH.exe
(Microsoft Corp.) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVCM.EXE
(LogMeIn Inc.) C:\Program Files\LogMeIn Hamachi\hamachi-2.exe
(Intel Corporation) C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTmon.exe
() C:\ProgramData\NetEngine\bin\D6\trz429F.tmp
( Hewlett-Packard Development Company, L.P.) C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QLBCtrl.exe
(Intel Corporation) C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
(Hewlett-Packard) C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
( Hewlett-Packard Development Company, L.P.) C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\VolCtrl.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Hewlett-Packard Company) C:\Program Files\Hewlett-Packard\Shared\hpqWmiEx.exe
(Analog Devices, Inc.) C:\Program Files\Analog Devices\Core\smax4pnp.exe
(Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jusched.exe
(AVAST Software) C:\Program Files\Alwil Software\Avast5\avastui.exe
(Akamai Technologies, Inc.) C:\Users\Collégien\AppData\Local\Akamai\netsession_win.exe
(Akamai Technologies, Inc.) C:\Users\Collégien\AppData\Local\Akamai\netsession_win.exe
(Skype Technologies S.A.) C:\Program Files\Skype\Phone\Skype.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe
() C:\Program Files\RocketDock\RocketDock.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
() C:\Program Files\Hewlett-Packard\Shared\HpqToaster.exe
(Hewlett-Packard Development Company L.P.) C:\Program Files\Hewlett-Packard\Shared\hpCaslNotification.exe
() C:\ProgramData\NetEngine\bin\D6\trz429F.tmp
(Microsoft Corporation) C:\Windows\System32\wbem\unsecapp.exe
(Advanced Micro Devices Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(ATI Technologies Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Aeria Games & Entertainment) C:\Program Files\Aeria Games\Ignite\aeriaignite.exe
(Valve Corporation) C:\Program Files\Steam\Steam.exe
(Valve Corporation) C:\Program Files\Steam\bin\steamwebhelper.exe
(Valve Corporation) C:\Program Files\Steam\bin\steamwebhelper.exe
(Valve Corporation) C:\Program Files\Steam\bin\steamwebhelper.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [QlbCtrl.exe] => C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe [288312 2009-07-28] ( Hewlett-Packard Development Company, L.P.)
HKLM\...\Run: [IAAnotif] => C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe [186904 2009-08-25] (Intel Corporation)
HKLM\...\Run: [WirelessAssistant] => C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe [498744 2009-07-23] (Hewlett-Packard)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [1545512 2009-07-30] (Synaptics Incorporated)
HKLM\...\Run: [StartCCC] => C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [98304 2009-08-04] (Advanced Micro Devices, Inc.)
HKLM\...\Run: [SoundMAX] => C:\Program Files\Analog Devices\SoundMAX\soundmax.exe [3866624 2009-05-18] (Analog Devices, Inc.)
HKLM\...\Run: [Pstart] => c:\ordinateur-collegiens\lanceur\pstart.exe
HKLM\...\Run: [SoundMAXPnP] => C:\Program Files\Analog Devices\Core\smax4pnp.exe [1314816 2009-05-18] (Analog Devices, Inc.)
HKLM\...\Run: [4StoryPrePatch] => C:\Program Files\Gameforge4D\4Story_FR\PrePatch.exe
HKLM\...\Run: [SunJavaUpdateSched] => C:\Program Files\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\Alwil Software\Avast5\AvastUI.exe [4085896 2014-07-31] (AVAST Software)
HKLM\...\Run: [LogMeIn Hamachi Ui] => C:\Program Files\LogMeIn Hamachi\hamachi-2-ui.exe [3978600 2015-03-30] (LogMeIn Inc.)
HKLM\...\runonceex: [ContentMerger] => c:\Program Files\Common Files\Roxio Shared\10.0\SharedCOM\ContentMerger10.exe [19952 2009-06-13] (Sonic Solutions)
HKLM\...\Policies\Explorer: [EnableShellExecuteHooks] 1
HKU\S-1-5-21-2166575320-1284758574-954507884-1001\...\Run: [msnmsgr] => "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
HKU\S-1-5-21-2166575320-1284758574-954507884-1001\...\Run: [KPeerNexonEU] => C:\Nexon\NEXON_EU_Downloader\nxEULauncher.exe
HKU\S-1-5-21-2166575320-1284758574-954507884-1001\...\Run: [Akamai NetSession Interface] => C:\Users\Collégien\AppData\Local\Akamai\netsession_win.exe [4673432 2014-10-30] (Akamai Technologies, Inc.)
HKU\S-1-5-21-2166575320-1284758574-954507884-1001\...\Run: [Thunder] => C:\Program Files\Thunder Network\Thunder\Program\Thunder.exe [1340944 2012-07-30] (深圳市迅雷网络技术有限公司)
HKU\S-1-5-21-2166575320-1284758574-954507884-1001\...\Run: [Skype] => C:\Program Files\Skype\Phone\Skype.exe [31346784 2015-02-26] (Skype Technologies S.A.)
HKU\S-1-5-21-2166575320-1284758574-954507884-1001\...\Run: [RocketDock] => C:\Program Files\RocketDock\RocketDock.exe [495616 2007-09-02] ()
HKU\S-1-5-21-2166575320-1284758574-954507884-1001\...\Run: [Steam] => C:\Program Files\Steam\steam.exe [2889408 2015-04-09] (Valve Corporation)
HKU\S-1-5-21-2166575320-1284758574-954507884-1001\...\Policies\Explorer: [NoLowDiskSpaceChecks] 1
HKU\S-1-5-21-2166575320-1284758574-954507884-1001\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\windows\system32\Bubbles.scr [878592 2010-11-20] (Microsoft Corporation)
HKU\S-1-5-21-2166575320-1284758574-954507884-1001\...409d6c4515e9\InprocServer32: [Default-shell32] <==== ATTENTION!
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Alwil Software\Avast5\ashShell.dll (AVAST Software)
ShellIconOverlayIdentifiers: [AAADesktopTips] -> {4562B511-62E9-4533-B7B2-56A8BB10B482} => C:\Users\Public\Thunder Network\KanKan\reghelper\xappex.1.1.1.82.(325).dll (深圳市迅雷网络技术有限公司)
BootExecute: autocheck autochk * aswBoot.exe /M:bc4ed7d41 /dir:"C:\Program Files\Alwil Software\Avast5"
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com
HKU\S-1-5-21-2166575320-1284758574-954507884-1001\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.2345.com/y.htm?32
HKU\S-1-5-21-2166575320-1284758574-954507884-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=fr_FR&c=92&bd=all&pf=cmnb
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO: ѸÀ×FLVÊÓƵÐá̽¼°ÏÂÔØÖ§³Ö -> {0EA37B17-6B8B-4085-8257-F3A4AA69C27A} -> C:\Program Files\Thunder Network\Thunder\BHO\XlBrowserAddin1.0.8.71.dll [2012-07-30] (ShenZhen Xunlei Networking Technologies,LTD)
BHO: No Name -> {0FEF2D2C-CDA6-45E4-B2ED-9DF7C50C95FF} -> No File
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\ssv.dll [2012-04-04] (Oracle Corporation)
BHO: ѸÀ×ÏÂÔØÖ§³Ö -> {889D2FEB-5411-4565-8998-1DD2C5261283} -> C:\Program Files\Thunder Network\Thunder\BHO\XunleiBHO7.2.9.3634.dll [2012-07-30] (深圳市迅雷网络技术有限公司)
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll [2014-07-27] (AVAST Software)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28] (Microsoft Corp.)
BHO: Windows Live Messenger Companion Helper -> {9FDDE16B-836F-4806-AB1F-1455CBEFF289} -> C:\Program Files\Windows Live\Companion\companioncore.dll No File
BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2014-07-14] (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jp2ssv.dll [2012-04-04] (Oracle Corporation)
Toolbar: HKLM - No Name - {0BF43445-2F28-4351-9252-17FE6E806AA0} - No File
Toolbar: HKLM - No Name - {0FEF2D2C-CDA6-45E4-B2ED-9DF7C50C95FF} - No File
Toolbar: HKU\S-1-5-21-2166575320-1284758574-954507884-1001 -> No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No File
Toolbar: HKU\S-1-5-21-2166575320-1284758574-954507884-1001 -> No Name - {65F8A3D2-4C22-4A33-9633-73167EAEEC45} - No File
Toolbar: HKU\S-1-5-21-2166575320-1284758574-954507884-1001 -> No Name - {0FEF2D2C-CDA6-45E4-B2ED-9DF7C50C95FF} - No File
DPF: {5D6F45B3-9043-443D-A792-115447494D24} http://messenger.zone.msn.com/MessengerGamesContent/GameContent/fr/uno1/GAME_UNO1.cab
DPF: {784797A8-342D-4072-9486-03C8D0F2F0A1} https://www.battlefieldheroes.com/static/updater/BFHUpdater_5.0.67.0.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab
DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
DPF: {CAFEEFAC-0016-0000-0018-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_18-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0030-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab
DPF: {D4323BF2-006A-4440-A2F5-27E3E7AB25F8} http://3dlifeplayer.dl.3dvia.com/player/install/3DVIA_player_installer.exe
DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
Handler: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.dll No File []
Handler: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.dll No File []
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll [2014-05-02] (Skype Technologies)
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2014-07-14] (Microsoft Corporation)
Handler: wlmailhtml - {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - C:\Program Files\Windows Live\Mail\mailcomm.dll No File []
Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll No File []
ATTENTION: There are more than 99 Catalog9 entries. Turn off the whitelisting to see all the entries. You may check Device Manager for presence of unusual amount of "Microsoft 6to4 Adapter" devices.
Winsock: Catalog5 06 C:\Program Files\Bonjour\mdnsNSP.dll [152864] (Apple Inc.)
Hosts: 127.0.0.1 localhost
Tcpip\Parameters: [DhcpNameServer] 192.168.1.254

FireFox:
========
FF ProfilePath: C:\Users\Collégien\AppData\Roaming\Mozilla\Firefox\Profiles\ra5jczbf.default-1428421094107
FF NewTab: google.fr
FF Homepage: https://www.google.fr/?gws_rd=ssl
FF Plugin: @adobe.com/FlashPlayer -> C:\windows\system32\Macromed\Flash\NPSWF32_17_0_0_134.dll [2015-04-07] ()
FF Plugin: @java.com/DTPlugin,version=10.4.1 -> C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\dtplugin\npDeployJava1.dll [2012-04-04] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.4.1 -> C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\plugin2\npjp2.dll [2012-04-04] (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-13] ( Microsoft Corporation)
FF Plugin: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll No File
FF Plugin: @microsoft.com/WLPG,version=15.4.3508.1109 -> C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll No File
FF Plugin: @microsoft.com/WLPG,version=15.4.3538.0513 -> C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll No File
FF Plugin: @microsoft.com/WLPG,version=15.4.3555.0308 -> C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll No File
FF Plugin: @nexon.net/NxGame -> C:\ProgramData\NexonUS\NGM\npNxGameUS.dll No File
FF Plugin: @ngm.nexoneu.com/NxGame -> C:\ProgramData\NexonEU\NGM\npNxGameeu.dll No File
FF Plugin: @pandonetworks.com/PandoWebPlugin -> C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll No File
FF Plugin: @real.com/nppl3260;version=6.0.12.448 -> C:\Program Files\Real Alternative\browser\plugins\nppl3260.dll [2009-10-09] (RealNetworks, Inc.)
FF Plugin: @real.com/nprpjplug;version=6.0.12.448 -> C:\Program Files\Real Alternative\browser\plugins\nprpjplug.dll [2009-10-09] (RealNetworks, Inc.)
FF Plugin: @t.garena.com/garenatalk -> C:\Program Files\Garena Plus\bbtalk\plugins\npPlugin\npGarenaTalkPlugin.dll No File
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.21.165\npGoogleUpdate3.dll [2013-10-11] (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.21.165\npGoogleUpdate3.dll [2013-10-11] (Google Inc.)
FF Plugin: @videolan.org/vlc,version=1.0.3 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2009-10-30] (the VideoLAN Team)
FF Plugin: @virtools.com/3DviaPlayer -> C:\Program Files\Virtools\3D Life Player\npvirtools.dll [2009-11-14] (Dassault Systèmes)
FF Plugin: @Webzen.com/NPBrowserExt -> C:\Program Files\WEBZEN\BrowserExtension\NPWZCmnCtrl.dll [2012-03-27] (WEBZEN)
FF Plugin: @xunlei.com/DapCtrlPlugin -> C:\Program Files\Common Files\Thunder Network\KanKan\npDapCtrlFirefox.2.0.5901.12.(626).dll [2010-03-18] (ShenZhen Thunder Networking Technologies Ltd.)
FF Plugin: @xunlei.com/KKVA -> C:\Program Files\Common Files\Thunder Network\KanKan\npKKVA.1.0.0.6.(854).dll [2012-11-16] (ShenZhen Thunder Networking Technologies Ltd.)
FF Plugin: @xunlei.com/npaplayer -> C:\Users\Public\Thunder Network\APlayer\codecs\npaplayer.dll [2013-07-06] (ShenZhen Thunder Networking Technologies, LTD)
FF Plugin: @xunlei.com/npxunlei;version=1.0.0.1 -> C:\ProgramData\Thunder Network\Thunder\data\npxunlei1.0.0.1.dll [2012-07-30] ( )
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2014-12-03] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-2166575320-1284758574-954507884-1001: 4399Plugin -> C:\Program Files\4399\Box\np4399Plugin.dll No File
FF Plugin HKU\S-1-5-21-2166575320-1284758574-954507884-1001: @eximion.com/KalydoPlayer -> C:\Users\Collégien\AppData\Roaming\Kalydo\KalydoPlayer\bin2\npkalydo.dll [2012-08-30] (Eximion B.V.)
FF Plugin HKU\S-1-5-21-2166575320-1284758574-954507884-1001: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Collégien\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2014-06-13] (Unity Technologies ApS)
FF Plugin HKU\S-1-5-21-2166575320-1284758574-954507884-1001: @xunlei.com/npxunlei;version=1.0.0.1 -> C:\ProgramData\Thunder Network\Thunder\data\npxunlei1.0.0.1.dll [2012-07-30] ( )
FF Plugin HKU\S-1-5-21-2166575320-1284758574-954507884-1001: thehappycloud.com/HappyCloudPlugin -> C:\ProgramData\HappyCloud\Application\npHappyCloudPlugin.dll [2013-01-03] (The Happy Cloud)
FF Plugin HKU\S-1-5-21-2166575320-1284758574-954507884-1001: ubisoft.com/uplaypc -> C:\Program Files\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll No File
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npijjiautoinstallpluginff.dll [2010-07-27] (NHN USA Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nppdf32.dll [2014-12-03] (Adobe Systems Inc.)
FF Extension: Adblock Plus - C:\Users\Collégien\AppData\Roaming\Mozilla\Firefox\Profiles\ra5jczbf.default-1428421094107\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2015-04-07]
FF Extension: FrameFox - C:\Program Files\Mozilla Firefox\extensions\{D6F4FFAF-E3C9-4f3d-AD5B-F78CD969D7BF} [2013-11-24]
FF Extension: FrameFox - C:\Program Files\Mozilla Firefox\browser\extensions\{D6F4FFAF-E3C9-4f3d-AD5B-F78CD969D7BF} [2013-11-24]
FF Extension: No Name - C:\Program Files\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}.xpi [2014-07-14]
FF HKLM\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\Alwil Software\Avast5\WebRep\FF
FF Extension: avast! Online Security - C:\Program Files\Alwil Software\Avast5\WebRep\FF [2011-06-19]

Chrome:
=======
CHR Profile: C:\Users\Collégien\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Docs) - C:\Users\Collégien\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2013-08-30]
CHR Extension: (Google Drive) - C:\Users\Collégien\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2013-08-30]
CHR Extension: (YouTube) - C:\Users\Collégien\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2013-08-30]
CHR Extension: (Google Search) - C:\Users\Collégien\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2013-08-30]
CHR Extension: (avast! Online Security) - C:\Users\Collégien\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2014-10-05]
CHR Extension: (Thunder Download Extension for Chrome) - C:\Users\Collégien\AppData\Local\Google\Chrome\User Data\Default\Extensions\hmbifdmobcbjlhplmlnbjbofnnoolink [2013-08-30]
CHR Extension: (Skype Click to Call) - C:\Users\Collégien\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2013-08-30]
CHR Extension: (Chrome In-App Payments service) - C:\Users\Collégien\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-30]
CHR Extension: (Gmail) - C:\Users\Collégien\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2013-08-30]
CHR HKLM\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\Alwil Software\Avast5\WebRep\Chrome\aswWebRepChrome.crx [2014-07-27]
CHR HKLM\...\Chrome\Extension: [hmbifdmobcbjlhplmlnbjbofnnoolink] - C:\Program Files\Thunder Network\Thunder\BHO\xl_plugin_chrome.crx [2012-07-09]
CHR HKLM\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx [2014-07-14]

========================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 AgereModemAudio; C:\Program Files\LSI SoftModem\agrsmsvc.exe [14336 2009-07-27] (LSI Corporation)
R2 avast! Antivirus; C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [50344 2014-07-27] (AVAST Software)
R2 c2cautoupdatesvc; C:\Program Files\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1390176 2014-07-14] (Microsoft Corporation)
R2 c2cpnrsvc; C:\Program Files\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1767520 2014-07-14] (Microsoft Corporation)
R2 GUGloeH; C:\ProgramData\OPcFKXHdtE\GUGloeH.exe [2731488 2015-04-07] (Useful Technology)
R2 Hamachi2Svc; C:\Program Files\LogMeIn Hamachi\hamachi-2.exe [1848168 2015-03-30] (LogMeIn Inc.)
S3 IDriverT; C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-04] (Macrovision Corporation) [File not signed]
S3 LightScribeService; C:\Program Files\Common Files\LightScribe\LSSrvc.exe [73728 2009-06-17] (Hewlett-Packard Company) [File not signed]
R2 LMIGuardianSvc; C:\Program Files\LogMeIn Hamachi\LMIGuardianSvc.exe [411920 2015-03-30] (LogMeIn, Inc.)
S3 MSCSPTISRV; C:\Program Files\Common Files\Sony Shared\AVLib\MSCSPTISRV.exe [53248 2007-11-28] (Sony Corporation) [File not signed]
S3 npggsvc; C:\windows\system32\GameMon.des [3890920 2010-06-17] (INCA Internet Co., Ltd.) [File not signed]
S3 PACSPTISVR; C:\Program Files\Common Files\Sony Shared\AVLib\PACSPTISVR.exe [53248 2007-11-28] (Sony Corporation) [File not signed]
R2 pdfcDispatcher; C:\Program Files\PDF Complete\pdfsvc.exe [635416 2009-06-18] (PDF Complete Inc)
R2 PnkBstrA; C:\windows\system32\PnkBstrA.exe [76888 2014-08-22] ()
R2 SbieSvc; C:\ProgramData\youxihe\Box\SafeMode\SbieSvc.exe [73960 2010-04-14] (tzuk)
S3 SonicStage Back-End Service; C:\Program Files\Common Files\Sony Shared\AVLib\SsBeSvc.exe [112184 2007-02-05] (Sony Corporation)
S3 SSScsiSV; C:\Program Files\Common Files\Sony Shared\AVLib\SSScsiSV.exe [75320 2007-02-05] (Sony Corporation)
S4 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [680960 2013-05-27] (Microsoft Corporation)
R2 XLServicePlatform; C:\Program Files\Common Files\Thunder Network\ServicePlatform\XLSP.dll [88080 2012-07-30] (ShenZhen Xunlei Networking Technologies,LTD)
S3 fsssvc; "C:\Program Files\Windows Live\Family Safety\fsssvc.exe" [X]
S4 wlcrasvc; "C:\Program Files\Windows Live\Mesh\wlcrasvc.exe" [X]

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

S3 5U876UVC; C:\windows\System32\DRIVERS\5U876.sys [118656 2009-06-30] (Ricoh co.,Ltd.)
R2 aswHwid; C:\windows\system32\drivers\aswHwid.sys [24184 2014-07-27] ()
R2 aswMonFlt; C:\windows\system32\drivers\aswMonFlt.sys [67824 2014-07-27] (AVAST Software)
R1 aswRdr; C:\windows\system32\drivers\aswRdr2.sys [81768 2014-07-27] (AVAST Software)
R0 aswRvrt; C:\windows\system32\Drivers\aswRvrt.sys [49944 2014-07-27] ()
R1 aswSnx; C:\windows\system32\drivers\aswSnx.sys [779536 2014-11-21] (AVAST Software)
R1 aswSP; C:\windows\system32\drivers\aswSP.sys [414520 2014-07-28] (AVAST Software)
R2 aswStm; C:\windows\system32\drivers\aswStm.sys [71944 2014-07-27] (AVAST Software)
R0 aswVmm; C:\windows\system32\Drivers\aswVmm.sys [192352 2014-07-27] ()
R3 hamachi; C:\windows\System32\DRIVERS\hamachi.sys [26176 2009-03-18] (LogMeIn, Inc.)
S3 HaozipVirtualCDBus; C:\windows\System32\DRIVERS\HaoZipVirtualCDBus.sys [115288 2012-07-24] (Shanghai RuiChuang)
S3 MfeAVFK; C:\windows\System32\drivers\MfeAVFK.sys [79816 2009-05-16] (McAfee, Inc.)
S3 MfeBOPK; C:\windows\System32\drivers\MfeBOPK.sys [35272 2009-05-16] (McAfee, Inc.)
R1 mfehidk; C:\windows\System32\drivers\mfehidk.sys [214024 2009-05-16] (McAfee, Inc.)
S3 MfeRKDK; C:\windows\System32\drivers\MfeRKDK.sys [34248 2009-05-16] (McAfee, Inc.)
R1 mfetdik; C:\windows\System32\drivers\mfetdik.sys [55336 2009-05-16] (McAfee, Inc.)
S3 NETw1v32; C:\windows\System32\DRIVERS\NETw1v32.sys [5958656 2009-07-21] (Intel Corporation)
R3 SbieDrv; C:\ProgramData\youxihe\Box\SafeMode\SbieDrv.sys [117480 2010-04-14] (tzuk)
S0 sptd; C:\windows\System32\Drivers\sptd.sys [716272 2013-11-23] (Duplex Secure Ltd.)
R3 tap0901; C:\windows\System32\DRIVERS\tap0901.sys [31360 2013-01-14] (The OpenVPN Project)
R3 yukonw7; C:\windows\System32\DRIVERS\yk62x86.sys [315392 2009-09-28] ()
S3 apf001; \??\C:\Game\SoftnyxGame\GunBoundIS\apf001.sys [X]
S3 btwaudio; system32\drivers\btwaudio.sys [X]
S3 btwavdt; system32\DRIVERS\btwavdt.sys [X]
S3 btwl2cap; system32\DRIVERS\btwl2cap.sys [X]
S3 btwrchid; system32\DRIVERS\btwrchid.sys [X]
S3 ComputerZ; \??\C:\Program Files\LuDaShi\ComputerZ.sys [X]
S3 EagleNT; \??\C:\windows\system32\drivers\EagleNT.sys [X]
S3 EagleXNt; \??\C:\windows\system32\drivers\EagleXNt.sys [X]
S3 GGSAFERDriver; \??\C:\Program Files\Garena Plus\Room\safedrv.sys [X]
S3 tcphoc; \??\C:\Program Files\Thunder Network\Thunder\XLDoctor\7.1.4.2104_1\Program\tcphoc.sys [X]
S3 vtany; \??\C:\windows\vtany.sys [X]
S3 WinRing0_1_2_0; \??\C:\Program Files\NoteBook FanControl\NbfcService.sys [X]
S3 XDva359; \??\C:\windows\system32\XDva359.sys [X]
S3 XDva362; \??\C:\windows\system32\XDva362.sys [X]
S3 XDva380; \??\C:\windows\system32\XDva380.sys [X]
S3 XDva388; \??\C:\windows\system32\XDva388.sys [X]
S3 XDva389; \??\C:\windows\system32\XDva389.sys [X]
S3 XDva391; \??\C:\windows\system32\XDva391.sys [X]
S3 XDva405; \??\C:\windows\system32\XDva405.sys [X]
S3 XDva409; \??\C:\windows\system32\XDva409.sys [X]
S3 xhunter1; \??\C:\windows\xhunter1.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-04-10 18:55 - 2015-04-10 18:55 - 00000000 ____D () C:\Users\Collégien\AppData\Local\BreakingNewsAlert
2015-04-10 14:00 - 2015-04-10 14:00 - 00000000 ____D () C:\Users\Collégien\Documents\DeadIsland
2015-04-10 10:05 - 2015-04-10 10:05 - 00000565 _____ () C:\windows\wmsetup.log
2015-04-09 20:48 - 2015-04-09 20:48 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\2K Games
2015-04-09 20:47 - 2015-04-09 20:47 - 00000000 ____D () C:\Program Files\2K Games
2015-04-08 20:04 - 2015-04-08 20:44 - 00000000 ____D () C:\Users\Collégien\AppData\Roaming\ZHP
2015-04-08 20:03 - 2015-04-08 20:03 - 01707520 _____ () C:\Users\Collégien\Downloads\ZHPCleaner.exe
2015-04-08 19:09 - 2015-04-08 19:10 - 00052858 _____ () C:\Users\Collégien\Downloads\Addition.txt
2015-04-08 19:06 - 2015-04-11 20:20 - 00027327 _____ () C:\Users\Collégien\Downloads\FRST.txt
2015-04-08 19:06 - 2015-04-11 20:20 - 00000000 ____D () C:\FRST
2015-04-08 19:06 - 2015-04-08 19:06 - 01135104 _____ (Farbar) C:\Users\Collégien\Downloads\FRST.exe
2015-04-08 14:47 - 2015-04-08 14:48 - 00000000 ____D () C:\ProgramData\NetEngine
2015-04-08 14:33 - 2015-04-08 14:33 - 02217984 _____ () C:\Users\Collégien\Downloads\adwcleaner_4.201.exe
2015-04-07 22:18 - 2015-04-11 13:06 - 00000504 _____ () C:\windows\setupact.log
2015-04-07 22:18 - 2015-04-07 22:18 - 00000000 _____ () C:\windows\setuperr.log
2015-04-07 22:17 - 2015-04-07 22:17 - 00003730 _____ () C:\windows\PFRO.log
2015-04-07 22:10 - 2015-04-08 14:39 - 00000000 ____D () C:\AdwCleaner
2015-04-07 18:08 - 2015-04-08 08:52 - 00000000 ____D () C:\Program Files\CCleaner
2015-04-07 18:07 - 2015-04-07 18:07 - 05344528 _____ (Piriform Ltd) C:\Users\Collégien\Downloads\ccsetup504(1).exe
2015-04-07 18:06 - 2015-04-07 18:06 - 00701888 _____ (Web ) C:\Users\Collégien\Downloads\ccsetup504.exe
2015-04-07 17:38 - 2015-04-07 21:39 - 00000000 ____D () C:\ProgramData\T122078ED
2015-04-07 17:33 - 2015-04-07 17:37 - 00000000 ____D () C:\ProgramData\OPcFKXHdtE
2015-04-07 16:59 - 2015-04-07 17:00 - 00000000 ____D () C:\Users\Collégien\AppData\Local\6284D73B-1428425971-11DF-915F-2CC05F0600CA
2015-04-07 16:57 - 2015-04-07 16:57 - 00000000 ____D () C:\Users\Collégien\AppData\Local\6284D73B-1428425821-11DF-915F-2CC05F0600CA
2015-04-05 22:19 - 2015-04-05 22:19 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dungeon Siege 2
2015-04-05 22:16 - 2015-04-09 20:53 - 00000000 ____D () C:\Program Files\10101660
2015-04-05 11:20 - 2015-04-07 22:16 - 00000984 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2015-04-05 11:20 - 2015-04-05 11:20 - 00000000 ____D () C:\Program Files\Mozilla Maintenance Service
2015-04-05 11:15 - 2015-04-05 11:15 - 00243544 _____ () C:\Users\Collégien\Downloads\Firefox Setup Stub 37.0.1.exe
2015-04-05 10:16 - 2015-04-05 10:57 - 00000000 ____D () C:\Program Files\Runic Games
2015-04-04 19:04 - 2015-04-04 19:04 - 00000000 ____D () C:\download
2015-04-04 18:51 - 2012-03-27 19:13 - 00230920 _____ (WEBZEN, INC.) C:\windows\system32\EPWZCmnCtrl.dll
2015-04-04 12:45 - 2015-04-04 12:45 - 00000000 ___SD () C:\windows\system32\GWX
2015-03-31 13:32 - 2015-03-31 13:32 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LogMeIn Hamachi
2015-03-31 13:32 - 2015-03-31 13:32 - 00000000 ____D () C:\Program Files\LogMeIn Hamachi
2015-03-29 14:44 - 2015-03-29 16:00 - 00000000 ____D () C:\Users\Collégien\Documents\Endless Space
2015-03-29 14:23 - 2015-03-29 14:23 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Amplitude Studios
2015-03-29 14:19 - 2015-03-29 14:19 - 00000000 ____D () C:\Program Files\Amplitude Studios
2015-03-25 09:42 - 2015-03-11 05:30 - 00623616 _____ (Microsoft Corporation) C:\windows\system32\invagent.dll
2015-03-25 09:42 - 2015-03-11 05:30 - 00534528 _____ (Microsoft Corporation) C:\windows\system32\generaltel.dll
2015-03-25 09:42 - 2015-03-11 05:29 - 00818176 _____ (Microsoft Corporation) C:\windows\system32\appraiser.dll
2015-03-25 09:42 - 2015-03-11 05:29 - 00327168 _____ (Microsoft Corporation) C:\windows\system32\devinv.dll
2015-03-25 09:42 - 2015-03-11 05:29 - 00202752 _____ (Microsoft Corporation) C:\windows\system32\aepdu.dll
2015-03-25 09:42 - 2015-03-11 05:29 - 00159744 _____ (Microsoft Corporation) C:\windows\system32\aepic.dll
2015-03-25 09:42 - 2015-03-11 05:29 - 00026112 _____ (Microsoft Corporation) C:\windows\system32\acmigration.dll
2015-03-25 09:42 - 2015-03-11 05:26 - 00892928 _____ (Microsoft Corporation) C:\windows\system32\aeinv.dll

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-04-11 20:18 - 2012-07-18 13:44 - 00001058 _____ () C:\windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-04-11 20:17 - 2014-06-14 11:49 - 00000232 _____ () C:\Users\Coll‚gien\BullseyeCoverageError.txt
2015-04-11 20:16 - 2013-03-08 17:00 - 00000000 ____D () C:\Users\Collégien\AppData\Roaming\Skype
2015-04-11 19:44 - 2012-04-16 08:31 - 00001002 _____ () C:\windows\Tasks\Adobe Flash Player Updater.job
2015-04-11 19:15 - 2015-02-12 19:36 - 00000000 ____D () C:\Program Files\Steam
2015-04-11 18:18 - 2012-07-18 13:44 - 00001054 _____ () C:\windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-04-11 16:12 - 2014-04-17 17:01 - 00000000 ____D () C:\Users\Collégien\AppData\Local\Battle.net
2015-04-11 16:08 - 2011-11-26 21:35 - 00000000 ____D () C:\Users\Collégien\AppData\Roaming\TS3Client
2015-04-11 13:17 - 2015-01-19 20:03 - 00000000 ____D () C:\Users\Collégien\AppData\Local\LogMeIn Hamachi
2015-04-11 13:14 - 2009-07-14 06:34 - 00025648 ____H () C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-04-11 13:14 - 2009-07-14 06:34 - 00025648 ____H () C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-04-11 13:06 - 2009-07-14 06:53 - 00000006 ____H () C:\windows\Tasks\SA.DAT
2015-04-10 21:39 - 2010-10-18 12:13 - 01796653 _____ () C:\windows\WindowsUpdate.log
2015-04-10 15:55 - 2010-06-20 17:05 - 00000000 ____D () C:\Users\Collégien\Desktop\Sirise
2015-04-09 20:51 - 2010-06-21 08:09 - 00000000 ____D () C:\Users\Collégien\Documents\My Games
2015-04-09 20:47 - 2009-09-17 05:45 - 00000000 ___HD () C:\Program Files\InstallShield Installation Information
2015-04-07 22:16 - 2014-12-30 10:28 - 00000000 ____D () C:\Users\Collégien\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Warframe
2015-04-07 22:16 - 2012-01-20 19:02 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Legend of Edda
2015-04-07 22:16 - 2009-12-22 11:27 - 00001129 _____ () C:\Users\Collégien\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2015-04-07 21:19 - 2009-09-17 05:52 - 01700198 _____ () C:\windows\system32\PerfStringBackup.INI
2015-04-07 18:29 - 2012-05-23 12:12 - 00000000 ____D () C:\Users\Collégien\AppData\Roaming\TeamViewer
2015-04-07 18:29 - 2010-12-01 16:46 - 00000000 ____D () C:\Users\Collégien\Tracing
2015-04-07 18:29 - 2010-10-11 18:05 - 00000000 ____D () C:\windows\Minidump
2015-04-07 18:29 - 2009-12-30 19:29 - 00000000 ____D () C:\Users\Collégien\AppData\Roaming\Media Player Classic
2015-04-07 18:29 - 2009-12-24 17:06 - 00000000 ____D () C:\Users\Collégien\AppData\Roaming\XnView
2015-04-07 18:29 - 2009-07-27 10:31 - 00000000 ____D () C:\windows\Panther
2015-04-07 17:49 - 2014-09-08 17:19 - 00000000 ____D () C:\Users\Collégien\AppData\Local\Adobe
2015-04-07 17:48 - 2012-04-16 08:31 - 00778928 _____ (Adobe Systems Incorporated) C:\windows\system32\FlashPlayerApp.exe
2015-04-07 17:48 - 2011-06-15 13:11 - 00142512 _____ (Adobe Systems Incorporated) C:\windows\system32\FlashPlayerCPLApp.cpl
2015-04-07 13:54 - 2014-04-17 17:01 - 00000000 ____D () C:\Program Files\Battle.net
2015-04-07 13:51 - 2011-09-01 10:35 - 00000000 ____D () C:\Users\Collégien\Desktop\Romstation
2015-04-06 15:40 - 2011-11-07 19:27 - 00000000 ____D () C:\Program Files\osu!
2015-04-06 10:00 - 2009-09-17 05:53 - 00000000 ____D () C:\ProgramData\PDFC
2015-04-05 19:38 - 2010-06-17 11:49 - 00000000 ___SD () C:\TDDOWNLOAD
2015-04-05 11:20 - 2013-11-16 11:49 - 00000000 ____D () C:\Program Files\Mozilla Firefox
2015-04-05 10:57 - 2010-09-04 11:56 - 00000000 ____D () C:\Users\Collégien\AppData\Roaming\runic games
2015-03-31 20:47 - 2014-04-17 18:49 - 00000000 ____D () C:\Program Files\Hearthstone
2015-03-30 15:25 - 2012-08-30 08:33 - 00026176 ____H (LogMeIn, Inc.) C:\windows\system32\hamachi.sys
2015-03-27 15:44 - 2009-07-14 06:46 - 00001515 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
2015-03-26 18:16 - 2014-12-11 17:08 - 00000000 ____D () C:\windows\system32\appraiser
2015-03-26 18:16 - 2014-06-10 10:57 - 00000000 ___SD () C:\windows\system32\CompatTel
2015-03-25 10:20 - 2015-02-03 21:33 - 00000000 ____D () C:\Program Files\StarCraft II
2015-03-18 09:51 - 2014-07-17 09:28 - 00000000 ____D () C:\AeriaGames
2015-03-18 09:40 - 2015-01-21 22:53 - 00000000 ____D () C:\ProgramData\Origin
2015-03-18 09:40 - 2015-01-21 22:53 - 00000000 ____D () C:\ProgramData\Electronic Arts
2015-03-17 15:23 - 2011-08-11 12:11 - 00000000 ___RD () C:\Program Files\Skype
2015-03-17 15:22 - 2009-12-22 11:24 - 00000000 ____D () C:\ProgramData\Skype
2015-03-12 22:30 - 2014-04-10 13:03 - 00000000 ____D () C:\windows\rescache
2015-03-12 09:25 - 2009-07-14 06:33 - 00478928 _____ () C:\windows\system32\FNTCACHE.DAT
2015-03-12 09:23 - 2009-07-14 04:37 - 00000000 ____D () C:\windows\system32\fr-FR

==================== Files in the root of some directories =======

2014-07-31 21:47 - 2014-08-01 09:45 - 0000035 _____ () C:\Users\Collégien\AppData\Roaming\CoreAVC.ini
2014-01-06 20:02 - 2014-01-24 19:39 - 0000121 _____ () C:\Users\Collégien\AppData\Roaming\D2Info0
2014-01-06 20:02 - 2014-01-24 18:54 - 0000008 _____ () C:\Users\Collégien\AppData\Roaming\DofusAppId0_1
2014-01-07 17:25 - 2014-01-24 19:48 - 0000008 _____ () C:\Users\Collégien\AppData\Roaming\DofusAppId0_2
2014-01-21 17:13 - 2014-01-21 17:27 - 0000008 _____ () C:\Users\Collégien\AppData\Roaming\DofusAppId0_3
2015-02-23 12:49 - 2015-02-23 12:49 - 0000036 _____ () C:\Users\Collégien\AppData\Roaming\SuYZkvrV.tmp
2009-12-22 11:28 - 2009-12-22 11:28 - 0000000 _____ () C:\Users\Collégien\AppData\Local\AtStart.txt
2009-12-22 11:28 - 2009-12-22 11:28 - 0000000 _____ () C:\Users\Collégien\AppData\Local\DSwitch.txt
2012-03-01 11:28 - 2012-03-01 11:28 - 0000097 _____ () C:\Users\Collégien\AppData\Local\fusioncache.dat
2009-12-22 11:28 - 2009-12-22 11:28 - 0000000 _____ () C:\Users\Collégien\AppData\Local\QSwitch.txt
2010-01-13 18:01 - 2013-02-23 09:30 - 0007597 _____ () C:\Users\Collégien\AppData\Local\resmon.resmoncfg
2014-06-09 16:12 - 2014-06-09 16:13 - 0000000 _____ () C:\Users\Collégien\AppData\Local\{E63DC0C3-8323-4DB1-826F-EDEFD1A1D3BC}
2014-06-13 20:28 - 2014-04-14 20:28 - 0000032 ____R () C:\ProgramData\hash.dat
2010-01-04 17:36 - 2015-04-11 13:15 - 0000182 _____ () C:\ProgramData\HPWALog.txt
2013-10-17 19:30 - 2013-10-17 19:30 - 0000060 _____ () C:\ProgramData\Update.ini

Files to move or delete:
====================
C:\ProgramData\hash.dat
C:\Users\Collégien\xobglu16.dll
C:\Users\Collégien\xobglu32.dll


Some content of TEMP:
====================
C:\Users\Collégien\AppData\Local\Temp\4c2459bebc146bfd821d90e28a2411ab.dll
C:\Users\Collégien\AppData\Local\Temp\ASIns.exe
C:\Users\Collégien\AppData\Local\Temp\BullseyeCoverage-2-x86.dll
C:\Users\Collégien\AppData\Local\Temp\cff0dcb3d91da839860bbeb3e7b2558a.dll
C:\Users\Collégien\AppData\Local\Temp\dl_peer_id.dll
C:\Users\Collégien\AppData\Local\Temp\efcabfiegi.exe
C:\Users\Collégien\AppData\Local\Temp\SkypeSetup.exe
C:\Users\Collégien\AppData\Local\Temp\SRLDetectionLibrary8292868989463964502.dll
C:\Users\Collégien\AppData\Local\Temp\torchlight 1.15 crack only__10924_i1491879451_il1737739.exe
C:\Users\Collégien\AppData\Local\Temp\XmpSetupHelper.dll
C:\Users\Collégien\AppData\Local\Temp\ytdieamodc_amodc_setup.exe


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\windows\explorer.exe => File is digitally signed
C:\windows\system32\winlogon.exe => File is digitally signed
C:\windows\system32\wininit.exe => File is digitally signed
C:\windows\system32\svchost.exe => File is digitally signed
C:\windows\system32\services.exe => File is digitally signed
C:\windows\system32\User32.dll => File is digitally signed
C:\windows\system32\userinit.exe => File is digitally signed
C:\windows\system32\rpcss.dll => File is digitally signed
C:\windows\system32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2015-04-04 23:41

==================== End Of Log ============================

Publicité


Signaler le contenu de ce document

Publicité