cjoint

Publicité


Publicité

Format du document : text/plain

Prévisualisation

Résultats d'analyse de Farbar Recovery Scan Tool (FRST) (x64) Version:19-12-2015
Exécuté par remy (administrateur) sur REMY-PC (19-12-2015 15:56:36)
Exécuté depuis C:\Users\remy\Downloads
Profils chargés: remy (Profils disponibles: remy)
Platform: Windows Se7en Titan (X64) Langue: Français (France)
Internet Explorer Version 9 (Navigateur par défaut non détecté(e)!)
Mode d'amorçage: Normal
Tutoriel pour Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processus (Avec liste blanche) =================

(Si un élément est inclus dans le fichier fixlist.txt, le processus sera arrêté. Le fichier ne sera pas déplacé.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
() C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Little transparency.exe
(McAfee, Inc.) C:\Program Files\McAfee Security Scan\3.11.266\SSScheduler.exe
(Disc Soft Ltd) C:\Program Files\DAEMON Tools Lite\DiscSoftBusService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(Valve Corporation) C:\Program Files (x86)\Steam\Steam.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
(Epic Games, Inc.) C:\Program Files (x86)\Steam\SteamApps\common\ARK\ShooterGame\Binaries\Win64\ShooterGame.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
(Valve Corporation) C:\Program Files (x86)\Steam\GameOverlayUI.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
(Microsoft Corporation) C:\Windows\SysWOW64\notepad.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe


==================== Registre (Avec liste blanche) ===========================

(Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé. Le fichier ne sera pas déplacé.)

HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2279712 2013-12-10] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKU\S-1-5-21-2842208047-251789452-3667377711-1000\...\Run: [Overwolf] => C:\Program Files (x86)\Overwolf\Overwolf.exe -silent
HKU\S-1-5-21-2842208047-251789452-3667377711-1000\...\Run: [LSI] => C:\Program Files (x86)\LSI\LolSummonerInfo.exe
HKU\S-1-5-21-2842208047-251789452-3667377711-1000\...\Run: [Akamai NetSession Interface] => "C:\Users\remy\AppData\Local\Akamai\netsession_win.exe"
HKU\S-1-5-21-2842208047-251789452-3667377711-1000\...\Run: [DAEMON Tools Lite] => C:\Program Files\DAEMON Tools Lite\DTLite.exe [5583120 2015-02-26] (Disc Soft Ltd)
HKU\S-1-5-21-2842208047-251789452-3667377711-1000\...\Policies\Explorer: [NoLowDiskSpaceChecks] 1
HKU\S-1-5-21-2842208047-251789452-3667377711-1000\...\Policies\Explorer: [LinkResolveIgnoreLinkInfo] 1
HKU\S-1-5-21-2842208047-251789452-3667377711-1000\...\Policies\Explorer: [NoResolveSearch] 1
HKU\S-1-5-21-2842208047-251789452-3667377711-1000\...\Policies\Explorer: [NoInternetOpenWith] 1
HKU\S-1-5-21-2842208047-251789452-3667377711-1000\...\MountPoints2: E - E:\setup.exe
HKU\S-1-5-21-2842208047-251789452-3667377711-1000\...\MountPoints2: {36e40ec0-6bf6-11e4-b0d5-806e6f6e6963} - E:\setup_the_witcher_2_ee_3.0.1.17.exe
HKU\S-1-5-21-2842208047-251789452-3667377711-1000\...\MountPoints2: {ab928368-d9f4-11e3-ab79-60a44c3e1777} - E:\Startme.exe
HKU\S-1-5-21-2842208047-251789452-3667377711-1000\...\MountPoints2: {fabcd96f-015b-11e5-bbef-60a44c3e1777} - E:\setup.exe
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Little transparency.exe [2009-09-10] ()
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk [2015-12-17]
ShortcutTarget: McAfee Security Scan Plus.lnk -> C:\Program Files\McAfee Security Scan\3.11.266\SSScheduler.exe (McAfee, Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\RocketDock.lnk [2015-12-17]
ShortcutTarget: RocketDock.lnk -> C:\Program Files\RocketDock\RocketDock.exe (Pas de fichier)
CHR HKLM\SOFTWARE\Policies\Google: Restriction <======= ATTENTION

==================== Internet (Avec liste blanche) ====================

(Si un élément est inclus dans le fichier fixlist.txt, s'il s'agit d'un élément du Registre, il sera supprimé ou restauré à la valeur par défaut.)

Hosts: 0.0.0.1 mssplus.mcafee.com
Tcpip\Parameters: [DhcpNameServer] 192.168.1.254
Tcpip\Parameters: [NameServer] 8.8.8.8
Tcpip\..\Interfaces\{6C58A52C-0DF4-454A-A7F7-7202740ADB4F}: [DhcpNameServer] 192.168.1.254
Tcpip\..\Interfaces\{C168953E-DA06-453C-B9FE-B7DF7AC8F551}: [DhcpNameServer] 7.254.254.254

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = www.google.com
HKU\S-1-5-21-2842208047-251789452-3667377711-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://fr.search.yahoo.com/yhs/web?hspart=elm&hsimp=yhs-001&type=hdr_s_15_50_hdr_s_15_36_orgnl¶m1=1¶m2=f%3D1%26b%3DIE%26cc%3Dfr%26pa%3DHodor%26cd%3D2XzuyEtN2Y1L1QzuyCtD0AyEyE0CtA0EtCyByByBzz0CtByBtN0D0Tzu0StCyEtAzytN1L2XzutAtFtCtAtFyBtFtDtN1L1Czu1M1Q1CtCyDtN1L1G1B1V1N2Y1L1Qzu2StA0B0DzztA0FyDyDtGyByC0FtBtGyBtCyB0AtGtB0AtByBtGyCyBtD0CyEyEyE0F0ByByEtD2QtN1M1F1B2Z1V1N2Y1L1Qzu2S0EyBzytB0FtAyB0AtG0EzzzytBtGyEtCyE0AtG0B0F0D0CtGzyyDyC0FtB0AyCzzzz0BtBtA2QtN0A0LzuyEtN1B2Z1V1T1S1NzutCtBtBtD%26cr%3D1869872621%26a%3Dhdr_s_15_50_hdr_s_15_36_orgnl%26os%3DWindows%2B7%2BUltimate
HKU\S-1-5-21-2842208047-251789452-3667377711-1000\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxp://www.google.fr/ie
SearchScopes: HKLM -> DefaultScope {80c554b9-c7f8-4a21-9471-06d606da78a2} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSSE
SearchScopes: HKLM -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxps://fr.search.yahoo.com/yhs/search?hspart=elm&hsimp=yhs-001&type=hdr_s_15_50_hdr_s_15_36_orgnl¶m1=1¶m2=f%3D4%26b%3DIE%26cc%3Dfr%26pa%3DHodor%26cd%3D2XzuyEtN2Y1L1QzuyCtD0AyEyE0CtA0EtCyByByBzz0CtByBtN0D0Tzu0StCyEtAzytN1L2XzutAtFtCtAtFyBtFtDtN1L1Czu1M1Q1CtCyDtN1L1G1B1V1N2Y1L1Qzu2StA0B0DzztA0FyDyDtGyByC0FtBtGyBtCyB0AtGtB0AtByBtGyCyBtD0CyEyEyE0F0ByByEtD2QtN1M1F1B2Z1V1N2Y1L1Qzu2S0EyBzytB0FtAyB0AtG0EzzzytBtGyEtCyE0AtG0B0F0D0CtGzyyDyC0FtB0AyCzzzz0BtBtA2QtN0A0LzuyEtN1B2Z1V1T1S1NzutCtBtBtD%26cr%3D1869872621%26a%3Dhdr_s_15_50_hdr_s_15_36_orgnl%26os%3DWindows%2B7%2BUltimate&p={searchTerms}
SearchScopes: HKLM -> {80c554b9-c7f8-4a21-9471-06d606da78a2} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSSE
SearchScopes: HKLM-x32 -> DefaultScope {80c554b9-c7f8-4a21-9471-06d606da78a2} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSSE
SearchScopes: HKLM-x32 -> {80c554b9-c7f8-4a21-9471-06d606da78a2} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSSE
SearchScopes: HKU\S-1-5-21-2842208047-251789452-3667377711-1000 -> DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxps://fr.search.yahoo.com/yhs/search?hspart=elm&hsimp=yhs-001&type=hdr_s_15_50_hdr_s_15_36_orgnl¶m1=1¶m2=f%3D4%26b%3DIE%26cc%3Dfr%26pa%3DHodor%26cd%3D2XzuyEtN2Y1L1QzuyCtD0AyEyE0CtA0EtCyByByBzz0CtByBtN0D0Tzu0StCyEtAzytN1L2XzutAtFtCtAtFyBtFtDtN1L1Czu1M1Q1CtCyDtN1L1G1B1V1N2Y1L1Qzu2StA0B0DzztA0FyDyDtGyByC0FtBtGyBtCyB0AtGtB0AtByBtGyCyBtD0CyEyEyE0F0ByByEtD2QtN1M1F1B2Z1V1N2Y1L1Qzu2S0EyBzytB0FtAyB0AtG0EzzzytBtGyEtCyE0AtG0B0F0D0CtGzyyDyC0FtB0AyCzzzz0BtBtA2QtN0A0LzuyEtN1B2Z1V1T1S1NzutCtBtBtD%26cr%3D1869872621%26a%3Dhdr_s_15_50_hdr_s_15_36_orgnl%26os%3DWindows%2B7%2BUltimate&p={searchTerms}
SearchScopes: HKU\S-1-5-21-2842208047-251789452-3667377711-1000 -> {1b31c9d2-7135-442b-bb93-7c002172adc6} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1
SearchScopes: HKU\S-1-5-21-2842208047-251789452-3667377711-1000 -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxps://fr.search.yahoo.com/yhs/search?hspart=elm&hsimp=yhs-001&type=hdr_s_15_50_hdr_s_15_36_orgnl¶m1=1¶m2=f%3D4%26b%3DIE%26cc%3Dfr%26pa%3DHodor%26cd%3D2XzuyEtN2Y1L1QzuyCtD0AyEyE0CtA0EtCyByByBzz0CtByBtN0D0Tzu0StCyEtAzytN1L2XzutAtFtCtAtFyBtFtDtN1L1Czu1M1Q1CtCyDtN1L1G1B1V1N2Y1L1Qzu2StA0B0DzztA0FyDyDtGyByC0FtBtGyBtCyB0AtGtB0AtByBtGyCyBtD0CyEyEyE0F0ByByEtD2QtN1M1F1B2Z1V1N2Y1L1Qzu2S0EyBzytB0FtAyB0AtG0EzzzytBtGyEtCyE0AtG0B0F0D0CtGzyyDyC0FtB0AyCzzzz0BtBtA2QtN0A0LzuyEtN1B2Z1V1T1S1NzutCtBtBtD%26cr%3D1869872621%26a%3Dhdr_s_15_50_hdr_s_15_36_orgnl%26os%3DWindows%2B7%2BUltimate&p={searchTerms}
SearchScopes: HKU\S-1-5-21-2842208047-251789452-3667377711-1000 -> {80c554b9-c7f8-4a21-9471-06d606da78a2} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSSE
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll [2014-05-02] (Skype Technologies)
StartMenuInternet: IEXPLORE.EXE - iexplore.exe

FireFox:
========
FF ProfilePath: C:\Users\remy\AppData\Roaming\Mozilla\Firefox\Profiles\1bkky8b2.default
FF Session Restore: -> est activé.
FF NetworkProxy: "type", 5
FF Homepage: hxxps://www.malwarebytes.org/restorebrowser//
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_20_0_0_235.dll [2015-12-08] ()
FF Plugin: @esn/npbattlelog,version=2.5.1 -> C:\Program Files (x86)\Battlelog Web Plugins\2.5.1\npbattlelogx64.dll [2014-09-01] (EA Digital Illusions CE AB)
FF Plugin: @microsoft.com/GENUINE -> disabled [Pas de fichier]
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.41105.0\npctrl.dll [2015-11-04] ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_20_0_0_235.dll [2015-12-08] ()
FF Plugin-x32: @esn/npbattlelog,version=2.5.1 -> C:\Program Files (x86)\Battlelog Web Plugins\2.5.1\npbattlelog.dll [2014-09-01] (EA Digital Illusions CE AB)
FF Plugin-x32: @ma-config.com/HardwareDetection -> C:\Program Files (x86)\ma-config.com\nphardwaredetection.dll [2010-12-20] (Cybelsoft)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [Pas de fichier]
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.41105.0\npctrl.dll [2015-11-04] ( Microsoft Corporation)
FF Plugin-x32: @ngm.nexoneu.com/NxGame -> C:\ProgramData\NexonEU\NGM\npNxGameEU.dll [2014-01-24] (Nexon)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2013-12-19] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2013-12-19] (NVIDIA Corporation)
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll [Pas de fichier]
FF Plugin-x32: @real.com/nppl3260;version=6.0.11.2852 -> C:\Program Files (x86)\K-Lite Codec Pack\Real\browser\plugins\nppl3260.dll [2008-08-08] (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nppl3260;version=6.0.12.46 -> C:\Program Files (x86)\K-Lite Codec Pack\Real\browser\plugins\nppl3260.dll [2008-08-08] (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprpjplug;version=6.0.12.1662 -> C:\Program Files (x86)\K-Lite Codec Pack\Real\browser\plugins\nprpjplug.dll [2008-08-08] (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprpjplug;version=6.0.12.46 -> C:\Program Files (x86)\K-Lite Codec Pack\Real\browser\plugins\nprpjplug.dll [2008-08-08] (RealNetworks, Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.29.1\npGoogleUpdate3.dll [2015-12-17] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.29.1\npGoogleUpdate3.dll [2015-12-17] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.1.2 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2013-12-09] (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2015-09-27] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-2842208047-251789452-3667377711-1000: ubisoft.com/uplaypc -> C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll [2015-09-30] ()
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll [2014-09-12] (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppl3260.dll [2008-08-08] (RealNetworks, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nprpjplug.dll [2008-08-08] (RealNetworks, Inc.)
FF Extension: Twitch.tv Stream Browser - C:\Users\remy\AppData\Roaming\Mozilla\Firefox\Profiles\1bkky8b2.default\Extensions\jid0-5q424C3HVeyE2T4d9bkO7CpXNjU@jetpack.xpi [2014-10-21] [non signé]
FF Extension: Recherche de vitesse - C:\Users\remy\AppData\Roaming\Mozilla\Firefox\Profiles\1bkky8b2.default\Extensions\{1de9eb85-6499-49ad-a1b7-7178fad329b2}.xpi [2014-08-29] [non signé]
FF Extension: Adblock Plus - C:\Users\remy\AppData\Roaming\Mozilla\Firefox\Profiles\1bkky8b2.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2014-11-14] [non signé]

Chrome:
=======
CHR HomePage: Default -> hxxp://vosteran.com/?f=1&a=&cd=&cr=&ir=
CHR StartupUrls: Default -> "hxxp://vosteran.com/?f=7&a=&cd=&cr=&ir=","hxxps://fr.search.yahoo.com/yhs/web?hspart=iry&hsimp=yhs-fullyhosted_003&type=hdr_s_15_36_orgnl¶m1=1¶m2=f%3D7%26b%3DChrome%26cc%3Dfr%26pa%3DHodor%26cd%3D2XzuyEtN2Y1L1QzuyCtD0AyEyE0CtA0EtCyByByBzz0CtByBtN0D0Tzu0StCtAtAzytN1L2XzutAtFtCtBtFyDtFyBtN1L1Czu1M1Q1CtCtCtN1L1G1B1V1N2Y1L1Qzu2StBtDyEyC0F0CyB0DtGzy0ByByDtGyE0C0E0DtG0BtD0E0EtGtCzz0AyCtDtCtA0Ezzzy0C0F2QtN1M1F1B2Z1V1N2Y1L1Qzu2S0EyBzytB0FtAyB0AtG0EzzzytBtGyEtCyE0AtG0B0F0D0CtGzyyDyC0FtB0AyCzzzz0BtBtA2QtN0A0LzuyEtN1B2Z1V1T1S1NzuzyyBtC%26cr%3D339638983%26a%3Dhdr_s_15_36_orgnl%26os%3DWindows%2B7%2BUltimate","hxxps://fr.search.yahoo.com/yhs/web?hspart=elm&hsimp=yhs-001&type=hdr_s_15_50_hdr_s_15_36_orgnl¶m1=1¶m2=f%3D7%26b%3DChrome%26cc%3Dfr%26pa%3DHodor%26cd%3D2XzuyEtN2Y1L1QzuyCtD0AyEyE0CtA0EtCyByByBzz0CtByBtN0D0Tzu0StCyEtAzytN1L2XzutAtFtCtAtFyBtFtDtN1L1Czu1M1Q1CtCyDtN1L1G1B1V1N2Y1L1Qzu2StA0B0DzztA0FyDyDtGyByC0FtBtGyBtCyB0AtGtB0AtByBtGyCyBtD0CyEyEyE0F0ByByEtD2QtN1M1F1B2Z1V1N2Y1L1Qzu2S0EyBzytB0FtAyB0AtG0EzzzytBtGyEtCyE0AtG0B0F0D0CtGzyyDyC0FtB0AyCzzzz0BtBtA2QtN0A0LzuyEtN1B2Z1V1T1S1NzutCtBtBtD%26cr%3D1869872621%26a%3Dhdr_s_15_50_hdr_s_15_36_orgnl%26os%3DWindows%2B7%2BUltimate"
CHR NewTab: Default -> "chrome-extension://ajcmdlkeklfmbjffnlofgfkjcnpfckab/newtab.html"
CHR DefaultSearchURL: Default -> hxxps://fr.search.yahoo.com/yhs/search?hspart=iry&hsimp=yhs-fullyhosted_003&type=hdr_s_15_36_orgnl¶m1=1¶m2=f%3D4%26b%3DChrome%26cc%3Dfr%26pa%3DHodor%26cd%3D2XzuyEtN2Y1L1QzuyCtD0AyEyE0CtA0EtCyByByBzz0CtByBtN0D0Tzu0StCtAtAzytN1L2XzutAtFtCtBtFyDtFyBtN1L1Czu1M1Q1CtCtCtN1L1G1B1V1N2Y1L1Qzu2StBtDyEyC0F0CyB0DtGzy0ByByDtGyE0C0E0DtG0BtD0E0EtGtCzz0AyCtDtCtA0Ezzzy0C0F2QtN1M1F1B2Z1V1N2Y1L1Qzu2S0EyBzytB0FtAyB0AtG0EzzzytBtGyEtCyE0AtG0B0F0D0CtGzyyDyC0FtB0AyCzzzz0BtBtA2QtN0A0LzuyEtN1B2Z1V1T1S1NzuzyyBtC%26cr%3D339638983%26a%3Dhdr_s_15_36_orgnl%26os%3DWindows%2B7%2BUltimate&p={searchTerms}
CHR DefaultSearchKeyword: Default -> search provided by yahoo.com
CHR DefaultSuggestURL: Default -> {google:baseSuggestURL}search?client=chrome&hl={language}&q={searchTerms}
CHR Profile: C:\Users\remy\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (BestY NewTab) - C:\Users\remy\AppData\Local\Google\Chrome\User Data\Default\Extensions\ajcmdlkeklfmbjffnlofgfkjcnpfckab [2015-12-11]
CHR Extension: (BetterTTV) - C:\Users\remy\AppData\Local\Google\Chrome\User Data\Default\Extensions\ajopnjidmegmdimjlfnijceegpefgped [2015-07-08]
CHR Extension: (YouTube) - C:\Users\remy\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-09-25]
CHR Extension: (Recherche Google) - C:\Users\remy\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-10-27]
CHR Extension: (Google Docs hors connexion) - C:\Users\remy\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2015-11-17]
CHR Extension: (AdBlock) - C:\Users\remy\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2015-12-03]
CHR Extension: (Gmail) - C:\Users\remy\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-03-28]
CHR HKLM\...\Chrome\Extension: [ajcmdlkeklfmbjffnlofgfkjcnpfckab] - hxxps://clients2.google.com/service/update2/crx
CHR HKU\S-1-5-21-2842208047-251789452-3667377711-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [ajcmdlkeklfmbjffnlofgfkjcnpfckab] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [ajcmdlkeklfmbjffnlofgfkjcnpfckab] - hxxps://clients2.google.com/service/update2/crx

==================== Services (Avec liste blanche) ========================

(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)

S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [1125888 2015-07-22] ()
R3 Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusService.exe [1272592 2015-02-26] (Disc Soft Ltd)
S3 maconfservice; C:\Program Files (x86)\ma-config.com\maconfservice.exe [251760 2010-12-20] (CybelSoft)
S2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1135416 2015-10-05] (Malwarebytes)
S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.11.266\McCHSvc.exe [289256 2015-12-02] (McAfee, Inc.)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1494304 2013-12-10] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [15129376 2013-12-10] (NVIDIA Corporation)
S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2078216 2015-09-30] (Electronic Arts)
R2 PnkBstrA; C:\Windows\system32\PnkBstrA.exe [76152 2014-11-10] ()
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76888 2014-12-24] ()
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [5426448 2014-12-15] (TeamViewer GmbH)
S3 TunngleService; C:\Program Files (x86)\Tunngle\TnglCtrl.exe [805840 2015-09-26] (Tunngle.net GmbH) [Fichier non signé]
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2009-07-14] (Microsoft Corporation)

===================== Pilotes (Avec liste blanche) ==========================

(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)

S3 driverhardwarev2x64; C:\Program Files (x86)\ma-config.com\Drivers\driverhardwarev2x64.sys [15872 2010-08-30] (CybelSoft)
R3 dtlitescsibus; C:\Windows\System32\DRIVERS\dtlitescsibus.sys [30352 2015-05-23] (Disc Soft Ltd)
S3 ebdrv; C:\Windows\system32\DRIVERS\evbda.sys [3286016 2009-06-10] (Broadcom Corporation)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2015-10-05] (Malwarebytes)
S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2015-10-05] (Malwarebytes Corporation)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [39200 2013-12-05] (NVIDIA Corporation)
R0 sptd; C:\Windows\System32\Drivers\sptd.sys [381608 2015-05-23] (Duplex Secure Ltd.)
R3 tap0901t; C:\Windows\System32\DRIVERS\tap0901t.sys [31232 2009-09-16] (Tunngle.net)
S3 EagleX64; \??\C:\Windows\system32\drivers\EagleX64.sys [X]
U4 Messenger; pas de ImagePath
S3 xhunter1; \??\C:\Windows\xhunter1.sys [X]

==================== NetSvcs (Avec liste blanche) ===================

(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)


==================== Un mois - Créés - fichiers et dossiers ========

(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)

2015-12-19 15:56 - 2015-12-19 15:56 - 00022117 _____ C:\Users\remy\Downloads\FRST.txt
2015-12-19 15:55 - 2015-12-19 15:56 - 00000000 ____D C:\FRST
2015-12-19 15:55 - 2015-12-19 15:55 - 02370048 _____ (Farbar) C:\Users\remy\Downloads\FRST64.exe
2015-12-19 15:45 - 2015-12-19 15:45 - 00106564 _____ C:\Users\remy\Desktop\ZHPDiag rapport.txt
2015-12-19 15:44 - 2015-12-19 15:44 - 00106561 _____ C:\Users\remy\Desktop\ZHPDiag.txt
2015-12-19 15:35 - 2015-12-19 15:46 - 00000000 ____D C:\Users\remy\AppData\Roaming\ZHP
2015-12-19 15:35 - 2015-12-19 15:39 - 00000818 _____ C:\Users\remy\Desktop\ZHPDiag.lnk
2015-12-19 15:35 - 2015-12-19 15:35 - 02026496 _____ C:\Users\remy\Downloads\ZHPDiag3.exe
2015-12-19 15:29 - 2015-12-19 15:29 - 00022977 _____ C:\Users\remy\Desktop\AdwCleaner 19 12 Rapport.txt
2015-12-19 15:22 - 2015-12-19 15:26 - 00000000 ____D C:\AdwCleaner
2015-12-19 15:22 - 2015-12-19 15:22 - 01740288 _____ C:\Users\remy\Downloads\adwcleaner_5.025.exe
2015-12-17 22:06 - 2015-12-18 03:08 - 00192216 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-12-17 22:06 - 2015-12-17 22:28 - 00001118 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2015-12-17 22:06 - 2015-12-17 22:06 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2015-12-17 22:06 - 2015-12-17 22:06 - 00000000 ____D C:\ProgramData\Malwarebytes
2015-12-17 22:06 - 2015-12-17 22:06 - 00000000 ____D C:\Program Files (x86)\Malwarebytes Anti-Malware
2015-12-17 22:06 - 2015-10-05 09:50 - 00109272 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamchameleon.sys
2015-12-17 22:06 - 2015-10-05 09:50 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2015-12-17 22:06 - 2015-10-05 09:50 - 00025816 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbam.sys
2015-12-17 22:05 - 2015-12-17 22:28 - 00002255 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2015-12-17 22:05 - 2015-12-17 22:05 - 22908888 _____ (Malwarebytes ) C:\Users\remy\Downloads\mbam-setup-2.2.0.1024.exe
2015-12-17 22:05 - 2015-12-17 22:05 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2015-12-17 22:04 - 2015-12-19 15:27 - 00001066 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-12-17 22:04 - 2015-12-19 15:24 - 00001070 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-12-17 22:04 - 2015-12-17 22:19 - 00004066 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2015-12-17 22:04 - 2015-12-17 22:19 - 00003814 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2015-12-16 22:00 - 2015-12-16 22:01 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee Security Scan Plus
2015-12-14 22:08 - 2015-12-14 22:08 - 00000000 ____D C:\ProgramData\{17ca0fda-10c8-1}
2015-12-14 22:08 - 2015-12-14 22:08 - 00000000 ____D C:\ProgramData\{023cc810-30c8-0}

==================== Un mois - Modifiés - fichiers et dossiers ========

(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)

2015-12-19 15:55 - 2009-07-14 04:20 - 00000000 ____D C:\Windows
2015-12-19 15:43 - 2014-05-30 19:20 - 00000000 ____D C:\temp
2015-12-19 15:41 - 2009-07-14 05:45 - 00017360 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-12-19 15:41 - 2009-07-14 05:45 - 00017360 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-12-19 15:31 - 2014-01-21 17:27 - 00000000 ____D C:\Users\remy\AppData\Roaming\Skype
2015-12-19 15:31 - 2014-01-17 16:50 - 00000000 ____D C:\Program Files (x86)\Steam
2015-12-19 15:27 - 2014-01-17 16:32 - 00000000 ____D C:\ProgramData\NVIDIA
2015-12-19 15:27 - 2009-07-14 06:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2015-12-19 14:57 - 2014-10-22 10:22 - 00001002 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-12-18 22:00 - 2014-03-09 22:47 - 00000290 __RSH C:\ProgramData\ntuser.pol
2015-12-18 21:59 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\schemas
2015-12-18 04:00 - 2014-01-19 13:03 - 00000000 ____D C:\Users\remy\AppData\Roaming\vlc
2015-12-18 03:09 - 2014-01-19 12:27 - 00000000 ____D C:\Users\remy\AppData\Roaming\TS3Client
2015-12-17 22:28 - 2015-10-01 02:32 - 00000991 _____ C:\Users\Public\Desktop\Tunngle.lnk
2015-12-17 22:28 - 2015-09-07 14:02 - 00001980 _____ C:\Users\Public\Desktop\McAfee Security Scan Plus.lnk
2015-12-17 22:28 - 2015-08-22 16:07 - 00001388 _____ C:\Users\Public\Desktop\StarCraft II - Legacy of the Void Beta.lnk
2015-12-17 22:28 - 2015-06-14 21:15 - 00002163 _____ C:\Users\Public\Desktop\Zoo Tycoon Demo.lnk
2015-12-17 22:28 - 2015-05-23 20:44 - 00001969 _____ C:\Users\Public\Desktop\The Witcher® 3 - Wild Hunt.lnk
2015-12-17 22:28 - 2015-05-23 16:04 - 00001753 _____ C:\Users\Public\Desktop\Oddworld - New 'n' Tasty.lnk
2015-12-17 22:28 - 2015-05-23 15:19 - 00001795 _____ C:\Users\Public\Desktop\DAEMON Tools Lite.lnk
2015-12-17 22:28 - 2015-02-10 01:22 - 00001205 _____ C:\Users\Public\Desktop\Hearthstone.lnk
2015-12-17 22:28 - 2015-01-11 14:47 - 00001215 _____ C:\Users\Public\Desktop\Heroes of the Storm.lnk
2015-12-17 22:28 - 2015-01-08 18:48 - 00000799 _____ C:\Users\remy\Desktop\lol.launcher.lnk
2015-12-17 22:28 - 2014-12-20 13:38 - 00001047 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 10.lnk
2015-12-17 22:28 - 2014-12-20 13:38 - 00001035 _____ C:\Users\Public\Desktop\TeamViewer 10.lnk
2015-12-17 22:28 - 2014-12-01 19:32 - 00001465 _____ C:\Users\remy\Desktop\Shadow Of Mordor.lnk
2015-12-17 22:28 - 2014-11-14 13:35 - 00002245 _____ C:\Users\Public\Desktop\The Witcher 2 - Assassins of Kings Enhanced Edition.lnk
2015-12-17 22:28 - 2014-11-10 15:25 - 00000979 _____ C:\Users\Public\Desktop\Origin.lnk
2015-12-17 22:28 - 2014-07-19 17:30 - 00000000 ____D C:\Users\remy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games
2015-12-17 22:28 - 2014-06-06 20:09 - 00000936 _____ C:\Users\Public\Desktop\Guild Wars 2.lnk
2015-12-17 22:28 - 2014-03-16 14:27 - 00002545 _____ C:\Users\Public\Desktop\Skype.lnk
2015-12-17 22:28 - 2014-02-15 12:09 - 00000935 _____ C:\Users\remy\Desktop\Open Broadcaster Software.lnk
2015-12-17 22:28 - 2014-02-09 20:39 - 00002537 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Movie Maker 2.6.lnk
2015-12-17 22:28 - 2014-02-07 18:57 - 00001107 _____ C:\Users\Public\Desktop\StarCraft II.lnk
2015-12-17 22:28 - 2014-02-07 17:47 - 00001164 _____ C:\Users\Public\Desktop\Diablo III.lnk
2015-12-17 22:28 - 2014-01-27 20:58 - 00001156 _____ C:\Users\Public\Desktop\Battle.net.lnk
2015-12-17 22:28 - 2014-01-27 20:04 - 00002471 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
2015-12-17 22:28 - 2014-01-20 22:55 - 00002775 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office Word Viewer 2003.lnk
2015-12-17 22:28 - 2014-01-20 22:19 - 00001819 _____ C:\Users\Public\Desktop\Assassin's Creed IV - Black Flag.lnk
2015-12-17 22:28 - 2014-01-20 19:18 - 00001213 _____ C:\Users\remy\Desktop\Uplay.lnk
2015-12-17 22:28 - 2014-01-19 12:31 - 00002265 _____ C:\Users\remy\Desktop\Warframe.lnk
2015-12-17 22:28 - 2014-01-19 12:27 - 00001182 _____ C:\Users\remy\Desktop\TeamSpeak 3 Client.lnk
2015-12-17 22:28 - 2014-01-17 16:50 - 00000963 _____ C:\Users\Public\Desktop\Steam.lnk
2015-12-17 22:28 - 2014-01-17 16:13 - 00002052 _____ C:\Users\remy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2015-12-17 22:28 - 2014-01-17 16:13 - 00001901 _____ C:\Users\remy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer (64-bit).lnk
2015-12-17 22:28 - 2010-12-22 17:30 - 00001345 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Media Center.lnk
2015-12-17 22:28 - 2010-12-22 17:30 - 00001326 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows DVD Maker.lnk
2015-12-17 22:28 - 2009-07-14 06:32 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2015-12-17 22:28 - 2009-07-14 06:01 - 00001218 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Default Programs.lnk
2015-12-17 22:28 - 2009-07-14 05:57 - 00001523 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
2015-12-17 22:28 - 2009-07-14 05:57 - 00001304 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sidebar.lnk
2015-12-17 22:28 - 2009-07-14 05:57 - 00001246 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\XPS Viewer.lnk
2015-12-17 22:28 - 2009-07-14 05:54 - 00001210 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Fax and Scan.lnk
2015-12-17 22:28 - 2009-07-14 05:49 - 00001246 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Windows Update.lnk
2015-12-17 22:27 - 2014-12-20 13:58 - 00000000 ____D C:\ProgramData\1837308050
2015-12-17 22:05 - 2014-01-19 11:58 - 00000000 ____D C:\Program Files (x86)\Google
2015-12-16 22:00 - 2015-11-18 21:45 - 00000000 ____D C:\Program Files\McAfee Security Scan
2015-12-11 00:38 - 2014-02-09 20:38 - 00000457 _____ C:\Users\remy\AppData\Roaming\WB.CFG
2015-12-09 21:40 - 2014-01-17 18:24 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2015-12-09 21:40 - 2014-01-17 18:24 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight
2015-12-09 03:02 - 2014-01-17 18:24 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2015-12-09 02:41 - 2014-01-27 20:58 - 00000000 ____D C:\Users\remy\AppData\Local\Battle.net
2015-12-09 02:41 - 2014-01-27 20:58 - 00000000 ____D C:\Program Files (x86)\Battle.net
2015-12-09 00:32 - 2009-07-14 16:24 - 00747644 _____ C:\Windows\system32\perfh00C.dat
2015-12-09 00:32 - 2009-07-14 16:24 - 00150168 _____ C:\Windows\system32\perfc00C.dat
2015-12-09 00:32 - 2009-07-14 06:13 - 01669584 _____ C:\Windows\system32\PerfStringBackup.INI
2015-12-09 00:32 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\inf
2015-12-08 22:57 - 2014-10-22 10:22 - 00796864 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-12-08 22:57 - 2014-10-22 10:22 - 00142528 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-12-08 22:57 - 2014-10-22 10:22 - 00003940 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2015-12-08 21:59 - 2015-09-01 23:59 - 00000000 ____D C:\Users\remy\AppData\Local\{D58AE3D6-F122-8F6E-9CBA-AA86B8D2561E}
2015-12-02 21:53 - 2014-12-20 13:38 - 00000000 ____D C:\Program Files (x86)\TeamViewer
2015-12-02 13:18 - 2010-12-22 17:48 - 00301728 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2015-11-29 02:02 - 2015-01-11 14:37 - 00000000 ____D C:\Program Files (x86)\Heroes of the Storm
2015-11-23 01:33 - 2014-02-07 17:46 - 00000000 ____D C:\Program Files (x86)\Diablo III

==================== Fichiers à la racine de certains dossiers =======

2015-02-09 22:18 - 2015-02-14 01:14 - 0000020 _____ () C:\Users\remy\AppData\Roaming\appdataFr3.bin
2014-05-30 22:04 - 2015-06-01 13:12 - 0000113 _____ () C:\Users\remy\AppData\Roaming\D2Info0
2014-07-23 01:27 - 2014-07-23 01:27 - 0000117 _____ () C:\Users\remy\AppData\Roaming\D2Info1
2014-05-30 22:04 - 2015-05-30 14:59 - 0000008 _____ () C:\Users\remy\AppData\Roaming\DofusAppId0_1
2014-07-25 11:32 - 2014-08-17 02:31 - 0000008 _____ () C:\Users\remy\AppData\Roaming\DofusAppId0_10
2014-05-31 14:11 - 2015-06-01 13:16 - 0000008 _____ () C:\Users\remy\AppData\Roaming\DofusAppId0_2
2014-06-08 10:33 - 2015-05-28 15:21 - 0000008 _____ () C:\Users\remy\AppData\Roaming\DofusAppId0_3
2014-06-16 00:54 - 2015-05-30 14:55 - 0000008 _____ () C:\Users\remy\AppData\Roaming\DofusAppId0_4
2014-06-17 17:26 - 2014-11-04 23:23 - 0000008 _____ () C:\Users\remy\AppData\Roaming\DofusAppId0_5
2014-06-23 23:02 - 2014-11-07 19:27 - 0000008 _____ () C:\Users\remy\AppData\Roaming\DofusAppId0_6
2014-06-23 23:03 - 2014-10-04 18:23 - 0000008 _____ () C:\Users\remy\AppData\Roaming\DofusAppId0_7
2014-06-23 23:03 - 2014-09-02 18:34 - 0000008 _____ () C:\Users\remy\AppData\Roaming\DofusAppId0_8
2014-06-24 11:15 - 2014-08-26 20:38 - 0000008 _____ () C:\Users\remy\AppData\Roaming\DofusAppId0_9
2014-07-23 01:27 - 2014-07-23 01:31 - 0000008 _____ () C:\Users\remy\AppData\Roaming\DofusAppId1_1
2014-02-09 20:38 - 2015-12-11 00:38 - 0000457 _____ () C:\Users\remy\AppData\Roaming\WB.CFG
2014-02-09 20:42 - 2014-02-09 20:52 - 0004608 _____ () C:\Users\remy\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2014-12-02 00:59 - 2014-12-17 00:59 - 0000010 _____ () C:\Users\remy\AppData\Local\DSI.DAT

Certains fichiers dans TEMP:
====================
C:\Users\remy\AppData\Local\Temp\27fff54a706caf16275619fa9b79269c.dll
C:\Users\remy\AppData\Local\Temp\of3w16716.exe
C:\Users\remy\AppData\Local\Temp\of3w34487.exe
C:\Users\remy\AppData\Local\Temp\of3w39032.exe
C:\Users\remy\AppData\Local\Temp\of3w39250.exe
C:\Users\remy\AppData\Local\Temp\of3w43084.exe
C:\Users\remy\AppData\Local\Temp\of3w60189.exe
C:\Users\remy\AppData\Local\Temp\of3w60781.exe
C:\Users\remy\AppData\Local\Temp\ofwz18273.exe
C:\Users\remy\AppData\Local\Temp\ofwz40035.exe
C:\Users\remy\AppData\Local\Temp\SkypeSetup.exe
C:\Users\remy\AppData\Local\Temp\sqlite3.dll


==================== Bamital & volsnap =================

(Il n'y a pas de correction automatique pour les fichiers qui ne satisfont pas à la vérification.)

C:\Windows\system32\winlogon.exe => Le fichier est signé numériquement
C:\Windows\system32\wininit.exe => Le fichier est signé numériquement
C:\Windows\SysWOW64\wininit.exe => Le fichier est signé numériquement
C:\Windows\explorer.exe
[2010-12-22 17:45] - [2009-07-14 02:39] - 2868224 ____A (Microsoft Corporation) B6E7FEE1CAE4895CC6C644F0244F7591

C:\Windows\SysWOW64\explorer.exe => Le fichier est signé numériquement
C:\Windows\system32\svchost.exe => Le fichier est signé numériquement
C:\Windows\SysWOW64\svchost.exe => Le fichier est signé numériquement
C:\Windows\system32\services.exe => Le fichier est signé numériquement
C:\Windows\system32\User32.dll => Le fichier est signé numériquement
C:\Windows\SysWOW64\User32.dll => Le fichier est signé numériquement
C:\Windows\system32\userinit.exe => Le fichier est signé numériquement
C:\Windows\SysWOW64\userinit.exe => Le fichier est signé numériquement
C:\Windows\system32\rpcss.dll => Le fichier est signé numériquement
C:\Windows\system32\dnsapi.dll => Le fichier est signé numériquement
C:\Windows\SysWOW64\dnsapi.dll => Le fichier est signé numériquement
C:\Windows\system32\Drivers\volsnap.sys => Le fichier est signé numériquement


LastRegBack: 2015-12-12 13:07

==================== Fin de FRST.txt ============================

Publicité


Signaler le contenu de ce document

Publicité