cjoint

Publicité


Publicité

Format du document : text/plain

Prévisualisation

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:13-07-2015
Ran by Guizmaai (administrator) on GUIZMAAI-PC on 15-07-2015 11:53:01
Running from C:\Users\Guizmaai\Desktop
Loaded Profiles: Guizmaai (Available Profiles: Guizmaai)
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: Français (France)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
(Hi-Rez Studios) C:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
() C:\Windows\lco.exe
() C:\Windows\mlco.exe
(MICRO-STAR INTERNATIONAL CO., LTD.) C:\Program Files (x86)\MSI\MSITrigger\MSI_Trigger_Service.exe
() C:\Users\Guizmaai\AppData\Roaming\ZHP\Quarantine\YokedIcalceiverdiato.exe
() C:\Users\Guizmaai\AppData\Roaming\ZHP\Quarantine\YokedIcalceiverdiato.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\NisSrv.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
() C:\Users\Guizmaai\Desktop\ZHPCleaner.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_17_0_0_191.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_17_0_0_191.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13423688 2013-02-26] (Realtek Semiconductor)
HKLM\...\Run: [IAStorIcon] => "C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe" "C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe" 60
HKLM\...\Run: [MSC] => c:\Program Files\Microsoft Security Client\msseces.exe [1337000 2015-04-30] (Microsoft Corporation)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [1797064 2014-03-20] (NVIDIA Corporation)
HKLM-x32\...\Run: [IMSS] => "C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PIconStartup.exe"
HKLM-x32\...\Run: [USB3MON] => C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [291128 2013-03-06] (Intel Corporation)
HKLM-x32\...\Run: [ISUSScheduler] => "C:\Program Files (x86)\Common Files\InstallShield\UpdateService\issch.exe" -start
HKLM\...\RunOnce: [ZHPCleaner] => C:\Users\Guizmaai\AppData\Roaming\ZHP\ZHPCleaner.txt [7391 2015-07-15] ()
HKU\S-1-5-19\...\Run: [Sidebar] => %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun
HKU\S-1-5-20\...\Run: [Sidebar] => %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun
HKU\S-1-5-21-2041242220-3382593753-565828920-1000\...\Run: [ISUSPM Startup] => C:\PROGRA~2\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup
HKU\S-1-5-21-2041242220-3382593753-565828920-1000\...\Run: [GoogleUpdater] => C:\Users\Guizmaai\AppData\Roaming\WinApp\GoogleUpdater.exe.lnk
HKU\S-1-5-21-2041242220-3382593753-565828920-1000\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [53282944 2015-06-29] (Skype Technologies S.A.)
HKU\S-1-5-21-2041242220-3382593753-565828920-1000\...\Run: [systemdir] => C:\Windows\Microsoft.NET\Framework\v2.0.50727\AppLaunch.exe [56472 2014-03-21] (Microsoft Corporation)
HKU\S-1-5-21-2041242220-3382593753-565828920-1000\...\Run: [Crystal] => C:\Program Files (x86)\Dofus\Crystal.exe /startup
HKU\S-1-5-21-2041242220-3382593753-565828920-1000\...\Run: [GoogleChromeAutoLaunch_3875FA04262440FB170772645635428E] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [813896 2015-07-13] (Google Inc.)
HKU\S-1-5-21-2041242220-3382593753-565828920-1000\...\MountPoints2: {0fb79e4e-fd36-11e3-b762-806e6f6e6963} - E:\DVDSetup.exe
HKU\S-1-5-21-2041242220-3382593753-565828920-1000\...\MountPoints2: {81049415-fb82-11e3-8e53-806e6f6e6963} - E:\Run.exe
ShellIconOverlayIdentifiers: [GDriveSharedOverlay] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D43} => No File
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

ProxyEnable: [S-1-5-21-2041242220-3382593753-565828920-1000] => Internet Explorer proxy is enabled
ProxyServer: [S-1-5-21-2041242220-3382593753-565828920-1000] => http=127.0.0.1:9880
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Local Page =
HKU\S-1-5-21-2041242220-3382593753-565828920-1000\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-2041242220-3382593753-565828920-1000 -> {B41DC7EC-5B2B-48FD-84E1-A43AE010DA5A} URL = https://www.google.com/search?q={searchTerms}
BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2015-05-01] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\ssv.dll [2015-02-01] (Oracle Corporation)
BHO-x32: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2015-05-01] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\jp2ssv.dll [2015-02-01] (Oracle Corporation)
Toolbar: HKU\S-1-5-21-2041242220-3382593753-565828920-1000 -> No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No File
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2015-05-01] (Microsoft Corporation)
Handler-x32: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2015-05-01] (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1 192.168.1.1
Tcpip\..\Interfaces\{000B4C07-26DC-46EE-AD3E-A17C16B50F97}: [NameServer] 8.8.8.8,8.8.4.4
Tcpip\..\Interfaces\{000B4C07-26DC-46EE-AD3E-A17C16B50F97}: [DhcpNameServer] 192.168.1.1 192.168.1.1
Tcpip\..\Interfaces\{A317D78F-32A2-4D71-8752-6B21329C5165}: [DhcpNameServer] 192.168.42.129

FireFox:
========
FF ProfilePath: C:\Users\Guizmaai\AppData\Roaming\Mozilla\Firefox\Profiles\zvce4vf2.default
FF Homepage: about:home
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_17_0_0_191.dll [2015-07-09] ()
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_17_0_0_191.dll [2015-07-09] ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=3.0.72 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-03-12] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-03-12] (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.31.2 -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\dtplugin\npDeployJava1.dll [2015-02-01] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.31.2 -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\plugin2\npjp2.dll [2015-02-01] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2014-03-04] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2014-03-04] (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-05-16] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-05-16] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.2.0 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-02-27] (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2015-05-01] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-2041242220-3382593753-565828920-1000: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Guizmaai\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2014-12-05] (Unity Technologies ApS)
FF Extension: imageblockererikvoldcom - C:\Users\Guizmaai\AppData\Roaming\Mozilla\Firefox\Profiles\zvce4vf2.default\Extensions\image-blocker@erikvold.com [2015-06-28]
FF Extension: Skype Click to Call - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}.xpi [2015-06-05]

Chrome:
=======
CHR Profile: C:\Users\Guizmaai\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Slides) - C:\Users\Guizmaai\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-07-10]
CHR Extension: (Google Docs) - C:\Users\Guizmaai\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-07-10]
CHR Extension: (Google Drive) - C:\Users\Guizmaai\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-07-10]
CHR Extension: (YouTube) - C:\Users\Guizmaai\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-07-10]
CHR Extension: (Google Search) - C:\Users\Guizmaai\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-07-10]
CHR Extension: (Google Sheets) - C:\Users\Guizmaai\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-07-10]
CHR Extension: (AdBlock) - C:\Users\Guizmaai\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2015-07-10]
CHR Extension: (Chrome Hotword Shared Module) - C:\Users\Guizmaai\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-07-10]
CHR Extension: (Skype Click to Call) - C:\Users\Guizmaai\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2015-07-10]
CHR Extension: (Google Wallet) - C:\Users\Guizmaai\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-07-10]
CHR Extension: (Gmail) - C:\Users\Guizmaai\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-07-10]
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx [2015-05-01]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 AppleChargerSrv; C:\Windows\System32\AppleChargerSrv.exe [31272 2010-04-06] ()
R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1394816 2015-05-01] (Microsoft Corporation)
R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1772672 2015-05-01] (Microsoft Corporation)
S3 EasyAntiCheat; C:\Windows\SysWOW64\EasyAntiCheat.exe [235744 2015-06-29] (EasyAntiCheat Ltd)
U2 HiPatchService; C:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe [9216 2015-03-12] (Hi-Rez Studios) [File not signed]
R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [15344 2013-01-31] (Intel Corporation)
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [731648 2013-02-13] (Intel(R) Corporation) [File not signed]
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [820184 2013-02-13] (Intel(R) Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-03-12] (Intel Corporation)
R2 lco; c:\windows\lco.exe [417792 2015-06-24] () [File not signed]
R2 mlco; c:\windows\mlco.exe [408576 2015-06-24] () [File not signed]
R2 MSI_Trigger_Service; C:\Program Files (x86)\MSI\MSITrigger\MSI_Trigger_Service.exe [30240 2013-09-26] (MICRO-STAR INTERNATIONAL CO., LTD.)
R2 MsMpSvc; c:\Program Files\Microsoft Security Client\MsMpEng.exe [23816 2015-04-30] (Microsoft Corporation)
R3 NisSrv; c:\Program Files\Microsoft Security Client\NisSrv.exe [366544 2015-04-30] (Microsoft Corporation)
S2 Service User Logs; C:\Users\Guizmaai\AppData\Roaming\Windows\userlogs.exe [39936 2014-09-28] (Microsoft Corporation) [File not signed]
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
S3 IDriverT; "C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe" [X]
S2 NqlIQDX; "C:\ProgramData\hWmhYAsdU\NqlIQDX.exe" [X]
S2 TeamViewer9; "C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe" [X]
R4 YokedIcalceiverdiato; C:\Program Files (x86)\YokedIcalceiverdiato\YokedIcalceiverdiato.exe [X]

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R1 AppleCharger; C:\Windows\System32\DRIVERS\AppleCharger.sys [21584 2013-02-19] ()
R0 iaStorF; C:\Windows\System32\DRIVERS\iaStorF.sys [28656 2013-01-31] (Intel Corporation)
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [280376 2015-03-04] (Microsoft Corporation)
R2 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [124568 2015-03-04] (Microsoft Corporation)
S3 RTTEAMPT; C:\Windows\System32\DRIVERS\RtTeam620.sys [58512 2013-02-22] (Realtek Corporation)
S3 taphss6; C:\Windows\System32\DRIVERS\taphss6.sys [42184 2014-05-17] (Anchorfree Inc.)
S1 UsbCharger; C:\Windows\System32\DRIVERS\UsbCharger.sys [21072 2013-03-27] ()
S3 EagleX64; \??\C:\Windows\system32\drivers\EagleX64.sys [X]
S3 gdrv; \??\C:\Windows\gdrv.sys [X]
S3 MBAMSwissArmy; \??\C:\Windows\system32\drivers\MBAMSwissArmy.sys [X]
S3 MSICDSetup; \??\E:\CDriver64.sys [X]
S3 NTIOLib_1_0_C; \??\E:\NTIOLib_X64.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-07-15 11:53 - 2015-07-15 11:53 - 00017558 _____ C:\Users\Guizmaai\Desktop\FRST.txt
2015-07-15 11:52 - 2015-07-15 11:53 - 00000000 ____D C:\FRST
2015-07-15 11:51 - 2015-07-15 11:51 - 02133504 _____ (Farbar) C:\Users\Guizmaai\Desktop\FRST64.exe
2015-07-15 11:47 - 2015-07-15 11:48 - 00007391 _____ C:\Users\Guizmaai\Desktop\ZHPCleaner.txt
2015-07-15 11:42 - 2015-07-15 11:42 - 00000836 _____ C:\Users\Guizmaai\Desktop\ZHPCleaner.lnk
2015-07-15 11:40 - 2015-07-15 11:41 - 01846272 _____ C:\Users\Guizmaai\Desktop\ZHPCleaner.exe
2015-07-14 21:25 - 2015-07-15 11:48 - 00000000 ____D C:\Users\Guizmaai\AppData\Roaming\ZHP
2015-07-14 21:25 - 2015-07-14 21:25 - 00001987 _____ C:\Users\Guizmaai\Desktop\ZHPFix.lnk
2015-07-14 21:25 - 2015-07-14 21:25 - 00001860 _____ C:\Users\Guizmaai\Desktop\ZHPDiag.lnk
2015-07-14 21:25 - 2015-07-14 21:25 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ZHP
2015-07-14 21:25 - 2015-07-14 21:25 - 00000000 ____D C:\Program Files (x86)\ZHPDiag
2015-07-14 21:24 - 2015-07-14 21:25 - 06880102 _____ (Nicolas Coolman ) C:\Users\Guizmaai\Desktop\ZHPDiag2.exe
2015-07-14 21:18 - 2015-07-14 21:18 - 00003980 _____ C:\Users\Guizmaai\Desktop\JRT.txt
2015-07-14 21:16 - 2015-07-14 21:16 - 03034365 _____ (Malwarebytes Corporation) C:\Users\Guizmaai\Desktop\JRT.exe
2015-07-14 21:16 - 2015-07-14 21:16 - 00000207 _____ C:\Windows\tweaking.com-regbackup-GUIZMAAI-PC-Windows-7-Home-Premium-(64-bit).dat
2015-07-14 21:16 - 2015-07-14 21:16 - 00000000 ____D C:\RegBackup
2015-07-14 20:31 - 2015-07-14 20:31 - 00001159 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2015-07-14 20:31 - 2015-07-14 20:31 - 00001147 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk
2015-07-14 20:26 - 2015-07-14 20:29 - 41247256 _____ C:\Users\Guizmaai\Downloads\Firefox Setup 39.0.exe
2015-07-14 20:23 - 2015-07-14 20:23 - 00242904 _____ C:\Users\Guizmaai\Downloads\Firefox Setup Stub 39.0.exe
2015-07-13 15:46 - 2015-07-13 15:54 - 90073040 _____ C:\Users\Guizmaai\Desktop\Gitano xD.wav
2015-07-13 15:42 - 2015-07-13 15:46 - 45640400 _____ C:\Users\Guizmaai\Desktop\karaoke.wav
2015-07-13 15:34 - 2015-07-13 15:40 - 69325520 _____ C:\Users\Guizmaai\Desktop\Boykar fisha.wav
2015-07-13 15:23 - 2015-07-13 15:29 - 63555920 _____ C:\Users\Guizmaai\Desktop\Boykar chante.wav
2015-07-12 11:08 - 2015-07-12 23:31 - 00000024 _____ C:\Users\Guizmaai\AppData\Roaming\.senacraft;bind.txt
2015-07-11 19:03 - 2015-07-11 19:08 - 150514640 _____ C:\Users\Guizmaai\Downloads\ts3_recording_15_07_06_2_59_45.wav
2015-07-11 18:22 - 2015-07-11 18:22 - 02076075 _____ C:\Users\Guizmaai\Desktop\EwiFactions - v6.1.exe
2015-07-10 20:48 - 2015-07-10 20:48 - 00005540 _____ C:\Users\Guizmaai\AppData\Local\transitiontransition_daf8ef376a59fd5aeb9bfd5d8ecf4a3e.ini
2015-07-10 20:48 - 2015-07-10 20:48 - 00001165 _____ C:\Users\Guizmaai\AppData\Roaming\Microsoft\Windows\Start Menu\Krosmaster Arena.lnk
2015-07-10 20:48 - 2015-07-10 20:48 - 00001163 _____ C:\Users\Guizmaai\Desktop\Krosmaster Arena.lnk
2015-07-10 20:47 - 2015-07-10 20:47 - 15167584 _____ (Ankama Studio) C:\Users\Guizmaai\Downloads\krosmaster-arena.exe
2015-07-10 15:28 - 2015-07-14 18:23 - 00002181 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2015-07-10 15:28 - 2015-07-10 15:28 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2015-07-10 15:17 - 2015-07-15 11:35 - 00001068 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-07-10 15:17 - 2015-07-15 03:22 - 00001072 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-07-10 15:17 - 2015-07-10 15:17 - 00004068 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2015-07-10 15:17 - 2015-07-10 15:17 - 00003816 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2015-07-10 10:10 - 2015-07-10 10:56 - 00000008 _____ C:\Users\Guizmaai\AppData\Roaming\DofusAppId0_3
2015-07-10 10:10 - 2015-07-10 10:10 - 00000000 ____D C:\Users\Guizmaai\AppData\Roaming\Dofus-3
2015-07-09 15:21 - 2015-07-15 00:28 - 00000008 _____ C:\Users\Guizmaai\AppData\Roaming\DofusAppId0_1
2015-07-09 12:37 - 2015-07-09 12:37 - 18174128 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerInstaller.exe
2015-07-08 13:18 - 2015-07-08 14:10 - 00000000 ____D C:\Users\Guizmaai\Desktop\fisha
2015-07-08 09:11 - 2015-07-14 21:17 - 00000000 ____D C:\Users\Guizmaai\AppData\Roaming\03000200-1436339513-0500-0006-000700080009
2015-06-29 20:46 - 2015-07-14 22:42 - 00000117 _____ C:\Users\Guizmaai\AppData\Roaming\D2Info0
2015-06-29 20:46 - 2015-07-14 21:47 - 00000008 _____ C:\Users\Guizmaai\AppData\Roaming\DofusAppId0_2
2015-06-29 20:46 - 2015-06-29 20:46 - 00000000 ____D C:\Users\Guizmaai\AppData\Roaming\Dofus-2
2015-06-29 10:06 - 2015-06-29 10:34 - 00000000 ____D C:\Users\Guizmaai\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2015-06-24 22:43 - 2015-07-15 11:35 - 00003024 _____ C:\Windows\setupact.log
2015-06-24 22:43 - 2015-06-24 22:43 - 00000000 _____ C:\Windows\setuperr.log
2015-06-24 22:25 - 2015-06-24 22:25 - 02244096 _____ C:\Users\Guizmaai\Downloads\AdwCleaner-4.207.exe
2015-06-24 22:22 - 2015-06-24 22:23 - 21546080 _____ (Malwarebytes Corporation ) C:\Users\Guizmaai\Downloads\mbam-setup-2.1.6.1022.exe
2015-06-24 21:53 - 2015-06-24 21:53 - 00000000 _____ C:\Users\Guizmaai\AppData\Local\Temp.dat
2015-06-24 15:42 - 2015-06-24 15:42 - 00000000 ____D C:\Program Files (x86)\Photo Zoom for Twitter
2015-06-24 15:40 - 2015-06-24 15:40 - 00003094 _____ C:\Windows\System32\Tasks\tet3008
2015-06-24 15:33 - 2015-06-24 21:52 - 00000004 _____ C:\Windows\SysWOW64\029B560A371F4E00AB32838EBC01B9E7
2015-06-24 15:27 - 2015-06-28 19:21 - 00003468 _____ C:\Windows\System32\Tasks\Cogefaafmlui
2015-06-24 15:24 - 2015-07-09 19:17 - 00000000 ___HD C:\ProgramData\lco
2015-06-24 15:21 - 2015-06-24 15:21 - 00631808 _____ C:\Windows\lco.dat
2015-06-24 15:21 - 2015-06-24 15:21 - 00417792 _____ C:\Windows\lco.exe
2015-06-24 15:21 - 2015-06-24 15:21 - 00408576 _____ C:\Windows\mlco.exe
2015-06-24 15:21 - 2009-06-10 23:00 - 00000824 _____ C:\Windows\system32\Drivers\etc\hp.bak
2015-06-24 15:19 - 2015-06-24 15:20 - 00691296 _____ ( ) C:\Users\Guizmaai\Downloads\FortGuard DDoS Attack Monitor.exe
2015-06-20 22:34 - 2015-07-14 22:22 - 00000000 ____D C:\Users\Guizmaai\Desktop\Nouveau dossier
2015-06-18 22:56 - 2015-06-18 22:56 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\World of Warcraft
2015-06-18 22:42 - 2015-07-08 09:39 - 00000000 ____D C:\Program Files (x86)\World of Warcraft
2015-06-18 22:39 - 2015-06-18 22:39 - 02907704 _____ (Blizzard Entertainment) C:\Users\Guizmaai\Downloads\World-of-Warcraft-Setup-frFR.exe

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-07-15 11:52 - 2014-07-22 16:47 - 00000000 ____D C:\Users\Guizmaai\AppData\Roaming\TS3Client
2015-07-15 11:51 - 2014-07-07 15:14 - 00000000 ____D C:\Users\Guizmaai\AppData\Roaming\Skype
2015-07-15 11:51 - 2014-06-24 11:37 - 01758205 _____ C:\Windows\WindowsUpdate.log
2015-07-15 11:48 - 2014-12-27 13:20 - 00000000 ____D C:\Users\Guizmaai\Downloads\a ranger
2015-07-15 11:45 - 2009-07-14 06:45 - 00021888 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-07-15 11:45 - 2009-07-14 06:45 - 00021888 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-07-15 11:37 - 2014-08-28 11:27 - 00001002 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-07-15 11:35 - 2009-07-14 07:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2015-07-15 11:34 - 2014-07-04 14:25 - 00000000 ____D C:\ProgramData\NVIDIA
2015-07-15 03:23 - 2015-05-08 17:45 - 00000000 ____D C:\Users\Guizmaai\AppData\Roaming\.senacraft
2015-07-14 23:47 - 2014-11-18 19:13 - 00000000 ____D C:\Program Files (x86)\Steam
2015-07-14 22:45 - 2015-04-13 13:39 - 00000000 ____D C:\Users\Guizmaai\AppData\Roaming\vlc
2015-07-14 22:42 - 2014-07-05 16:37 - 00010313 _____ C:\Users\Guizmaai\AppData\Localtransition_085aa15e36d1e9c1cae82121e5ce726d.ini
2015-07-14 22:25 - 2014-11-18 18:13 - 00000000 ____D C:\Users\Guizmaai\Documents\Cours
2015-07-14 22:25 - 2014-09-14 18:38 - 00000000 ____D C:\Users\Guizmaai\Documents\OpenOffice 4.1.1
2015-07-14 22:22 - 2015-05-25 14:46 - 00000000 ____D C:\Users\Guizmaai\Desktop\Playlist PvP by Neozys 2.0
2015-07-14 22:20 - 2015-02-19 22:41 - 00000000 ____D C:\AdwCleaner
2015-07-14 21:33 - 2014-09-17 20:15 - 00000000 ____D C:\Users\Guizmaai\AppData\Local\Adobe
2015-07-14 21:20 - 2015-01-27 10:22 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2015-07-14 20:31 - 2015-06-05 21:44 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2015-07-14 20:19 - 2014-07-07 15:14 - 00000000 ___RD C:\Program Files (x86)\Skype
2015-07-14 20:19 - 2014-07-07 15:14 - 00000000 ____D C:\ProgramData\Skype
2015-07-14 16:16 - 2014-10-21 19:34 - 00000000 ____D C:\Users\Guizmaai\AppData\Roaming\Dofus2
2015-07-14 12:52 - 2015-01-05 20:05 - 00003886 _____ C:\Windows\System32\Tasks\Adobe Acrobat Update Task
2015-07-13 14:06 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\system32\NDF
2015-07-12 00:01 - 2015-03-30 11:30 - 00000000 ____D C:\Users\Guizmaai\AppData\Local\Battle.net
2015-07-11 21:51 - 2015-06-03 16:33 - 00000000 ____D C:\Users\Guizmaai\AppData\Roaming\.launchmycraft
2015-07-11 10:00 - 2010-11-21 05:47 - 00802296 _____ C:\Windows\PFRO.log
2015-07-10 20:48 - 2014-07-05 16:37 - 00000000 ____D C:\Users\Guizmaai\AppData\Local\Ankama
2015-07-10 15:28 - 2014-06-24 14:38 - 00000000 ____D C:\Users\Guizmaai\AppData\Local\Google
2015-07-10 15:28 - 2014-06-24 14:38 - 00000000 ____D C:\Program Files (x86)\Google
2015-07-10 09:47 - 2015-03-29 22:10 - 00000000 ____D C:\Program Files (x86)\Dofus
2015-07-09 12:38 - 2014-08-28 11:27 - 00778416 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-07-09 12:38 - 2014-08-28 11:27 - 00142512 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-07-09 12:38 - 2014-08-28 11:27 - 00003940 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2015-07-08 11:41 - 2015-04-13 12:42 - 00000000 ____D C:\Program Files (x86)\Heroes of the Storm
2015-07-08 09:31 - 2015-03-30 11:30 - 00000000 ____D C:\Program Files (x86)\Battle.net
2015-07-05 12:08 - 2010-11-21 05:27 - 00300704 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2015-06-30 14:02 - 2014-08-03 22:18 - 00000000 ____D C:\Users\Guizmaai\AppData\Local\CrashDumps
2015-06-29 21:07 - 2015-05-18 21:46 - 00000000 ____D C:\Users\Guizmaai\AppData\Roaming\.minecraft
2015-06-29 21:04 - 2014-07-05 17:07 - 00000000 ____D C:\Windows\System32\Tasks\Games
2015-06-29 11:13 - 2015-05-01 10:14 - 00235744 _____ (EasyAntiCheat Ltd) C:\Windows\SysWOW64\EasyAntiCheat.exe
2015-06-24 22:35 - 2014-06-30 17:37 - 00000000 ____D C:\Windows\Minidump
2015-06-24 22:03 - 2015-04-15 19:43 - 00000000 ____D C:\Program Files (x86)\Supraball
2015-06-24 22:00 - 2014-11-02 11:14 - 00000000 ____D C:\Program Files (x86)\Adobe
2015-06-20 23:31 - 2014-08-09 03:57 - 00000000 ____D C:\Users\Guizmaai\Documents\Privée
2015-06-19 15:08 - 2015-03-30 11:41 - 00000000 ____D C:\Program Files (x86)\Hearthstone

==================== Files in the root of some directories =======

2013-06-12 18:10 - 2013-06-12 18:10 - 0097856 _____ () C:\Program Files (x86)\lol.launcher.admin.exe
2013-06-12 18:10 - 2013-06-12 18:10 - 0097856 _____ () C:\Program Files (x86)\lol.launcher.exe
2014-10-21 12:50 - 2014-10-21 12:50 - 0065948 _____ () C:\Program Files (x86)\Sénacraft.exe
2015-07-12 11:08 - 2015-07-12 23:31 - 0000024 _____ () C:\Users\Guizmaai\AppData\Roaming\.senacraft;bind.txt
2015-06-29 20:46 - 2015-07-14 22:42 - 0000117 _____ () C:\Users\Guizmaai\AppData\Roaming\D2Info0
2015-07-09 15:21 - 2015-07-15 00:28 - 0000008 _____ () C:\Users\Guizmaai\AppData\Roaming\DofusAppId0_1
2015-06-29 20:46 - 2015-07-14 21:47 - 0000008 _____ () C:\Users\Guizmaai\AppData\Roaming\DofusAppId0_2
2015-07-10 10:10 - 2015-07-10 10:56 - 0000008 _____ () C:\Users\Guizmaai\AppData\Roaming\DofusAppId0_3
2015-06-24 21:53 - 2015-06-24 21:53 - 0000000 _____ () C:\Users\Guizmaai\AppData\Local\Temp.dat
2015-07-10 20:48 - 2015-07-10 20:48 - 0005540 _____ () C:\Users\Guizmaai\AppData\Local\transitiontransition_daf8ef376a59fd5aeb9bfd5d8ecf4a3e.ini

Some files in TEMP:
====================
C:\Users\Guizmaai\AppData\Local\Temp\tmpD88F.tmp.exe


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2015-07-13 16:29

==================== End of log ============================

Publicité


Signaler le contenu de ce document

Publicité