cjoint

Publicité


Publicité

Format du document : text/plain

Prévisualisation

Résultats d'analyse de Farbar Recovery Scan Tool (FRST) (x64) Version:17-02-2016
Exécuté par derrien (administrateur) sur JIMI-VALENTIN (19-02-2016 10:38:42)
Exécuté depuis C:\Users\derrien\Desktop
Profils chargés: derrien (Profils disponibles: derrien)
Platform: Windows 10 Home Version 1511 (X64) Langue: Français (France)
Internet Explorer Version 11 (Navigateur par défaut: Edge)
Mode d'amorçage: Normal
Tutoriel pour Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processus (Avec liste blanche) =================

(Si un élément est inclus dans le fichier fixlist.txt, le processus sera arrêté. Le fichier ne sera pas déplacé.)

(Softex Inc.) C:\Program Files\Hewlett-Packard\SimplePass\OmniServ.exe
(Intel Corporation) C:\Windows\SysWOW64\IntelCpHeciSvc.exe
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Hewlett-Packard Company) C:\Windows\System32\hpservice.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Broadcom Corporation.) C:\Windows\System32\BtwRSupportService.exe
(Intel(R) Corporation) C:\Program Files\Intel\TXE Components\TCS\HeciServer.exe
(Intel(R) Corporation) C:\Program Files\Intel Corporation\Intel(R) Technology Access\LegacyCsLoaderService.exe
(McAfee, Inc.) C:\Windows\System32\mfevtps.exe
(McAfee, Inc.) C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Intel(R) Corporation) C:\Program Files\Intel Corporation\Intel(R) Technology Access\IntelTechnologyAccessService.exe
(LogMeIn, Inc.) C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
(LogMeIn Inc.) C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP System Event\HPWMISVC.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Pokki) C:\Users\derrien\AppData\Local\SweetLabs App Platform\Engine\ServiceHostAppUpdater.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
() C:\Program Files\WindowsApps\Microsoft.Messaging_2.13.20000.0_x86__8wekyb3d8bbwe\SkypeHost.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(McAfee, Inc.) C:\Program Files\Common Files\mcafee\systemcore\mfefire.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
(Intel Corporation) C:\Windows\System32\igfxTray.exe
() C:\Program Files\Hewlett-Packard\SimplePass\opvapp.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP CoolSense\CoolSense.exe
(CyberLink Corp.) C:\Program Files (x86)\CyberLink\YouCam\YouCamService.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Hewlett-Packard) C:\Program Files\Hewlett-Packard\SimplePass\ClientCore.exe
(Hewlett-Packard) C:\Program Files\Hewlett-Packard\SimplePass\OPBHOBroker.exe
(Hewlett-Packard) C:\Program Files\Hewlett-Packard\SimplePass\OPBHOBrokerDsktop.exe
(Nosibay) C:\Users\derrien\AppData\Roaming\WTools\Selection Tools\Selection Tools.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP 3D DriveGuard\AccelerometerSt.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP System Event\HPMSGSVC.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(LogMeIn Inc.) C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe
(WildTangent) C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe
(Microsoft Corporation) C:\Windows\System32\Taskmgr.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe
(Pokki) C:\Users\derrien\AppData\Local\SweetLabs App Platform\Engine\ServiceHostApp.exe
(Pokki) C:\Users\derrien\AppData\Local\SweetLabs App Platform\Engine\ServiceHostApp.exe
(Pokki) C:\Users\derrien\AppData\Local\SweetLabs App Platform\Engine\ServiceStartMenuIndexer.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsStore_2016.27.2.0_x64__8wekyb3d8bbwe\WinStore.Mobile.exe
(Microsoft Corporation) C:\Windows\System32\WWAHost.exe
(Valve Corporation) C:\Program Files (x86)\Steam\Steam.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
(Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
() C:\Program Files\WindowsApps\Microsoft.WindowsPhone_10.1602.3010.0_x64__8wekyb3d8bbwe\CompanionApp.exe


==================== Registre (Avec liste blanche) ===========================

(Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé. Le fichier ne sera pas déplacé.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [7573208 2014-04-22] (Realtek Semiconductor)
HKLM\...\Run: [SimplePass] => C:\Program Files\Hewlett-Packard\SimplePass\ClientCore.exe [3962936 2014-03-28] (Hewlett-Packard)
HKLM\...\Run: [OPBHOBroker] => C:\Program Files\Hewlett-Packard\SimplePass\OPBHOBroker.exe [415288 2014-03-28] (Hewlett-Packard)
HKLM\...\Run: [OPBHOBrokerDesktop] => C:\Program Files\Hewlett-Packard\SimplePass\OPBHOBrokerDsktop.exe [415288 2014-03-28] (Hewlett-Packard)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [3945656 2015-08-11] (Synaptics Incorporated)
HKLM\...\Run: [SpaceSoundPro] => "C:\Program Files\SpaceSoundPro\SpaceSoundPro.exe"
HKLM-x32\...\Run: [AccelerometerSysTrayApplet] => C:\Program Files (x86)\Hewlett-Packard\HP 3D DriveGuard\AccelerometerST.exe [126240 2014-02-13] (Hewlett-Packard Company)
HKLM-x32\...\Run: [HPMessageService] => C:\Program Files (x86)\Hewlett-Packard\HP System Event\HPMSGSVC.exe [475448 2014-03-26] (Hewlett-Packard Development Company, L.P.)
HKLM-x32\...\Run: [mcpltui_exe] => "C:\Program Files\Common Files\mcafee\platform\mcuicnt.exe" /platui
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [7139768 2016-02-19] (AVAST Software)
HKLM-x32\...\Run: [LogMeIn Hamachi Ui] => C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe [5565448 2015-11-12] (LogMeIn Inc.)
HKLM-x32\...\Run: [mbot_en_037050241] => [X]
HKLM-x32\...\Run: [sun3] => [X]
HKU\S-1-5-21-361793254-2370995334-3555378747-1001\...\Run: [Dropbox Update] => C:\Users\derrien\AppData\Local\Dropbox\Update\DropboxUpdate.exe [134512 2015-06-19] (Dropbox, Inc.)
HKU\S-1-5-21-361793254-2370995334-3555378747-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [8591272 2015-11-16] (Piriform Ltd)
HKU\S-1-5-21-361793254-2370995334-3555378747-1001\...\Run: [Bubble Dock] => "C:\Users\derrien\AppData\Roaming\Nosibay\Bubble Dock\LBubble Dock.exe" /winstartup
HKU\S-1-5-21-361793254-2370995334-3555378747-1001\...\Run: [WindApp] => "C:\Users\derrien\AppData\Roaming\Store\WindApp\WindApp.exe" /winstartup
HKU\S-1-5-21-361793254-2370995334-3555378747-1001\...\Run: [Selection Tools] => C:\Users\derrien\AppData\Roaming\WTools\Selection Tools\Selection Tools.exe [3260144 2016-01-04] (Nosibay)
HKU\S-1-5-21-361793254-2370995334-3555378747-1001\...\RunOnce: [Uninstall C:\Users\derrien\AppData\Local\Microsoft\OneDrive\17.3.5892.0626\amd64] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\derrien\AppData\Local\Microsoft\OneDrive\17.3.5892.0626\amd64"
HKU\S-1-5-21-361793254-2370995334-3555378747-1001\...\RunOnce: [Uninstall C:\Users\derrien\AppData\Local\Microsoft\OneDrive\17.3.6201.1019\amd64] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\derrien\AppData\Local\Microsoft\OneDrive\17.3.6201.1019\amd64"
HKU\S-1-5-21-361793254-2370995334-3555378747-1001\...\RunOnce: [Uninstall C:\Users\derrien\AppData\Local\Microsoft\OneDrive\17.3.6281.1202\amd64] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\derrien\AppData\Local\Microsoft\OneDrive\17.3.6281.1202\amd64"
ShellIconOverlayIdentifiers: ["DropboxExt1"] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\derrien\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll [2015-12-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt2"] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\derrien\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll [2015-12-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt3"] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\derrien\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll [2015-12-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt4"] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\derrien\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll [2015-12-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt5"] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\derrien\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll [2015-12-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt6"] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\derrien\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll [2015-12-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt7"] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\derrien\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll [2015-12-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt8"] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\derrien\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll [2015-12-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2016-02-19] (AVAST Software)
Startup: C:\Users\derrien\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk [2015-12-12]
ShortcutTarget: Dropbox.lnk -> C:\Users\derrien\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)

==================== Internet (Avec liste blanche) ====================

(Si un élément est inclus dans le fichier fixlist.txt, s'il s'agit d'un élément du Registre, il sera supprimé ou restauré à la valeur par défaut.)

Hosts: Il y a plus d'un élément dans hosts. Voir la section Hosts de Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.0.254
Tcpip\..\Interfaces\{0e173a80-fde6-4954-8526-921a0dc0a114}: [NameServer] 104.197.191.4
Tcpip\..\Interfaces\{0e173a80-fde6-4954-8526-921a0dc0a114}: [DhcpNameServer] 192.168.0.254
Tcpip\..\Interfaces\{10b32ffa-2415-42df-a1ee-645dfb82ef55}: [NameServer] 104.197.191.4
Tcpip\..\Interfaces\{32018fe7-95a3-47b3-a465-3b41e9e19796}: [NameServer] 104.197.191.4
Tcpip\..\Interfaces\{4aed76ad-c8b5-4cf5-82ef-4099aa327e3f}: [NameServer] 104.197.191.4
Tcpip\..\Interfaces\{6be9adde-b202-4542-b99b-f5c48848ec28}: [NameServer] 104.197.191.4
Tcpip\..\Interfaces\{6be9adde-b202-4542-b99b-f5c48848ec28}: [DhcpNameServer] 40.20.1.201 40.20.1.202
Tcpip\..\Interfaces\{76a867bf-b668-45a5-8955-cf1f11de2460}: [NameServer] 104.197.191.4
Tcpip\..\Interfaces\{8718928d-cbeb-45ea-a621-800a9249001d}: [NameServer] 104.197.191.4
Tcpip\..\Interfaces\{b3da47a8-91f9-11e5-9f54-806e6f6e6963}: [NameServer] 104.197.191.4
Tcpip\..\Interfaces\{b6ee7ba5-1d54-43b0-a29f-e338f8a23674}: [NameServer] 104.197.191.4

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://g.uk.msn.com/HPNOT14/3
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxps://www.google.com/?trackid=sp-006
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxps://www.google.com/search?trackid=sp-006&q={searchTerms}
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://g.uk.msn.com/HPNOT14/3
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKU\S-1-5-21-361793254-2370995334-3555378747-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://www.google.com/?trackid=sp-006
HKU\S-1-5-21-361793254-2370995334-3555378747-1001\Software\Microsoft\Internet Explorer\Main,Search Page = hxxps://www.google.com/search?trackid=sp-006&q={searchTerms}
HKU\S-1-5-21-361793254-2370995334-3555378747-1001\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxps://www.google.com/?trackid=sp-006
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://Lasaoren.com/results.php?f=4&q={searchTerms}&a=lrn_clu_14_46_ff&cd=2XzuyEtN2Y1L1Qzuzy0E0A0DzyyB0CyB0A0E0DyDyC0F0A0FtN0D0Tzu0StCtDyEyBtN1L2XzutAtFyCtFtCtFtCtN1L1CzutCyEtBzytDyD1V1TtN1L1G1B1V1N2Y1L1Qzu2SyC0AyD0ByC0CtA0AtG0EtB0D0EtGyB0EyEtAtG0A0F0DyBtGtC0DyE0CyDzzyDzz0FyD0AyC2QtN1M1F1B2Z1V1N2Y1L1Qzu2SyD0CtC0EyEyBtDtDtG0ByD0EtCtGyE0D0A0FtG0ByEtA0DtG0CzyzzyCtAzytAzzzyzz0EtD2Q&cr=880969286&ir=
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://Lasaoren.com/results.php?f=4&q={searchTerms}&a=lrn_clu_14_46_ff&cd=2XzuyEtN2Y1L1Qzuzy0E0A0DzyyB0CyB0A0E0DyDyC0F0A0FtN0D0Tzu0StCtDyEyBtN1L2XzutAtFyCtFtCtFtCtN1L1CzutCyEtBzytDyD1V1TtN1L1G1B1V1N2Y1L1Qzu2SyC0AyD0ByC0CtA0AtG0EtB0D0EtGyB0EyEtAtG0A0F0DyBtGtC0DyE0CyDzzyDzz0FyD0AyC2QtN1M1F1B2Z1V1N2Y1L1Qzu2SyD0CtC0EyEyBtDtDtG0ByD0EtCtGyE0D0A0FtG0ByEtA0DtG0CzyzzyCtAzytAzzzyzz0EtD2Q&cr=880969286&ir=
SearchScopes: HKLM -> {D23B3DA5-53EC-4037-8C9A-8848153EB5B9} URL = hxxp://www.amazon.fr/s/ref=azs_osd_ieafr?ie=UTF-8&tag=hp-fr2-vsb-21&link%5Fcode=qs&index=aps&field-keywords={searchTerms}
SearchScopes: HKLM-x32 -> DefaultScope {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL = hxxps://www.google.com/search?trackid=sp-006&q={searchTerms}
SearchScopes: HKLM-x32 -> {D23B3DA5-53EC-4037-8C9A-8848153EB5B9} URL = hxxp://www.amazon.fr/s/ref=azs_osd_ieafr?ie=UTF-8&tag=hp-fr2-vsb-21&link%5Fcode=qs&index=aps&field-keywords={searchTerms}
SearchScopes: HKLM-x32 -> {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL = hxxps://www.google.com/search?trackid=sp-006&q={searchTerms}
SearchScopes: HKU\S-1-5-21-361793254-2370995334-3555378747-1001 -> DefaultScope {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL = hxxps://www.google.com/search?trackid=sp-006&q={searchTerms}
SearchScopes: HKU\S-1-5-21-361793254-2370995334-3555378747-1001 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://Lasaoren.com/results.php?f=4&q={searchTerms}&a=lrn_clu_14_46_ff&cd=2XzuyEtN2Y1L1Qzuzy0E0A0DzyyB0CyB0A0E0DyDyC0F0A0FtN0D0Tzu0StCtDyEyBtN1L2XzutAtFyCtFtCtFtCtN1L1CzutCyEtBzytDyD1V1TtN1L1G1B1V1N2Y1L1Qzu2SyC0AyD0ByC0CtA0AtG0EtB0D0EtGyB0EyEtAtG0A0F0DyBtGtC0DyE0CyDzzyDzz0FyD0AyC2QtN1M1F1B2Z1V1N2Y1L1Qzu2SyD0CtC0EyEyBtDtDtG0ByD0EtCtGyE0D0A0FtG0ByEtA0DtG0CzyzzyCtAzytAzzzyzz0EtD2Q&cr=880969286&ir=
SearchScopes: HKU\S-1-5-21-361793254-2370995334-3555378747-1001 -> {2DDF553A-C06A-49AB-8D3D-D8BAC5593698} URL = hxxp://www.trovi.com/Results.aspx?q={searchTerms}&GD=SY1000167&SearchSource=56&UM=2
SearchScopes: HKU\S-1-5-21-361793254-2370995334-3555378747-1001 -> {D23B3DA5-53EC-4037-8C9A-8848153EB5B9} URL = hxxp://www.amazon.fr/s/ref=azs_osd_ieafr?ie=UTF-8&tag=hp-fr2-vsb-21&link%5Fcode=qs&index=aps&field-keywords={searchTerms}
SearchScopes: HKU\S-1-5-21-361793254-2370995334-3555378747-1001 -> {E57CB052-D2CD-11E4-827F-9CAD97C7AED6} URL = hxxps://secure.homepage-web.com/?src=omnibox&partner=hp&q={searchTerms}
SearchScopes: HKU\S-1-5-21-361793254-2370995334-3555378747-1001 -> {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL = hxxps://www.google.com/search?trackid=sp-006&q={searchTerms}
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2016-02-19] (AVAST Software)
BHO: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll [2013-08-28] (Hewlett-Packard)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_40\bin\ssv.dll [2015-03-14] (Oracle Corporation)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2016-02-19] (AVAST Software)
BHO-x32: Evernote extension -> {92EF2EAD-A7CE-4424-B0DB-499CF856608E} -> C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll [2014-03-04] (Evernote Corp., 305 Walnut Street, Redwood City, CA 94063)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_40\bin\jp2ssv.dll [2015-03-14] (Oracle Corporation)
BHO-x32: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll [2013-08-28] (Hewlett-Packard)
StartMenuInternet: IEXPLORE.EXE - C:\Program Files\Internet Explorer\iexplore.exe hxxp://www.yoursearching.com/?type=sc&ts=1455807617&z=4f5ab8ab2113c0416293f2fg3zcwewcb6efm7q5g0q&from=brd&uid=ST750LM022XHN-M750MBB_S31PJ9FF601862

FireFox:
========
FF ProfilePath: C:\Users\derrien\AppData\Roaming\Mozilla\Firefox\Profiles\wei5lin8.default
FF NewTab: hxxp://www.yoursearching.com/newtab/?type=nt&ts=1455807617&z=4f5ab8ab2113c0416293f2fg3zcwewcb6efm7q5g0q&from=brd&uid=ST750LM022XHN-M750MBB_S31PJ9FF601862
FF DefaultSearchUrl: hxxps://www.google.com/search/?trackid=sp-006
FF SearchEngineOrder.1: Google (avast)
FF SelectedSearchEngine: Web Search
FF Homepage: hxxp://www.yoursearching.com/?type=hp&ts=1455807617&z=4f5ab8ab2113c0416293f2fg3zcwewcb6efm7q5g0q&from=brd&uid=ST750LM022XHN-M750MBB_S31PJ9FF601862
FF Keyword.URL: hxxps://www.google.com/search/?trackid=sp-006
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_20_0_0_306.dll [2016-02-10] ()
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_20_0_0_306.dll [2016-02-10] ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\windows\SysWOW64\Adobe\Director\np32dsw_1204144.dll [2013-09-05] (Adobe Systems, Inc.)
FF Plugin-x32: @java.com/DTPlugin,version=10.40.2 -> C:\Windows\SysWOW64\npDeployJava1.dll [2014-11-10] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.40.2 -> C:\Program Files (x86)\Java\jre1.8.0_40\bin\plugin2\npjp2.dll [2015-03-14] (Oracle Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-02-03] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-02-03] (Google Inc.)
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\1\NP_wtapp.dll [2013-08-06] ()
FF Plugin HKU\S-1-5-21-361793254-2370995334-3555378747-1001: @nsroblox.roblox.com/launcher -> C:\Users\derrien\AppData\Local\Roblox\Versions\version-a171864306c74d84\\NPRobloxProxy.dll [2013-01-01] ( ROBLOX Corporation)
FF Plugin HKU\S-1-5-21-361793254-2370995334-3555378747-1001: @nsroblox.roblox.com/launcher64 -> C:\Users\derrien\AppData\Local\Roblox\Versions\version-a171864306c74d84\\NPRobloxProxy64.dll [2013-01-01] ( ROBLOX Corporation)
FF SearchPlugin: C:\Users\derrien\AppData\Roaming\Mozilla\Firefox\Profiles\wei5lin8.default\searchplugins\bingcom.xml [2016-02-18]
FF SearchPlugin: C:\Users\derrien\AppData\Roaming\Mozilla\Firefox\Profiles\wei5lin8.default\searchplugins\google-avast.xml [2015-07-26]
FF SearchPlugin: C:\Users\derrien\AppData\Roaming\Mozilla\Firefox\Profiles\wei5lin8.default\searchplugins\Lasaoren.xml [2014-11-12]
FF SearchPlugin: C:\Users\derrien\AppData\Roaming\Mozilla\Firefox\Profiles\wei5lin8.default\searchplugins\mysites123.xml [2016-02-18]
FF SearchPlugin: C:\Users\derrien\AppData\Roaming\Mozilla\Firefox\Profiles\wei5lin8.default\searchplugins\Web Search.xml [2015-03-25]
FF HKLM\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2016-02-19]
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF HKLM-x32\...\Firefox\Extensions: [sp@avast.com] - C:\Program Files\AVAST Software\Avast\SafePrice\FF
FF Extension: Avast SafePrice - C:\Program Files\AVAST Software\Avast\SafePrice\FF [2016-02-19]
FF HKLM-x32\...\Firefox\Extensions: [deskCutv2@gmail.com] - C:\Users\derrien\AppData\Roaming\Mozilla\Firefox\Profiles\wei5lin8.default\extensions\deskCutv2@gmail.com => non trouvé(e)
FF HKLM-x32\...\Firefox\Extensions: [yahooprotected@gmail.com] - C:\Users\derrien\AppData\Roaming\Mozilla\Firefox\Profiles\wei5lin8.default\extensions\yahooprotected@gmail.com => non trouvé(e)
StartMenuInternet: FIREFOX.EXE - C:\Program Files (x86)\Mozilla Firefox\firefox.exe hxxp://www.yoursearching.com/?type=sc&ts=1455807617&z=4f5ab8ab2113c0416293f2fg3zcwewcb6efm7q5g0q&from=brd&uid=ST750LM022XHN-M750MBB_S31PJ9FF601862

Chrome:
=======
CHR HomePage: Default -> hxxp://www.yoursearching.com/?type=hp&ts=1455807617&z=4f5ab8ab2113c0416293f2fg3zcwewcb6efm7q5g0q&from=brd&uid=ST750LM022XHN-M750MBB_S31PJ9FF601862
CHR StartupUrls: Default -> "hxxp://www.yoursearching.com/?type=hp&ts=1455807617&z=4f5ab8ab2113c0416293f2fg3zcwewcb6efm7q5g0q&from=brd&uid=ST750LM022XHN-M750MBB_S31PJ9FF601862"
CHR DefaultSearchURL: Default -> hxxp://yoursearching.com/web?type=ds&ts=1455807617&z=4f5ab8ab2113c0416293f2fg3zcwewcb6efm7q5g0q&from=brd&uid=ST750LM022XHN-M750MBB_S31PJ9FF601862&q={searchTerms}
CHR DefaultSearchKeyword: Default -> yoursearching
CHR Profile: C:\Users\derrien\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Slides) - C:\Users\derrien\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-07-07]
CHR Extension: (Google Docs) - C:\Users\derrien\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-05-31]
CHR Extension: (Google Drive) - C:\Users\derrien\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-11-20]
CHR Extension: (YouTube) - C:\Users\derrien\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-11-20]
CHR Extension: (Recherche Google) - C:\Users\derrien\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-11-20]
CHR Extension: (Avast SafePrice) - C:\Users\derrien\AppData\Local\Google\Chrome\User Data\Default\Extensions\eofcbnmajmjmplflapaojjnihcjkigck [2015-11-20]
CHR Extension: (Google Sheets) - C:\Users\derrien\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-07-07]
CHR Extension: (Google Docs hors connexion) - C:\Users\derrien\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2015-11-20]
CHR Extension: (Avast Online Security) - C:\Users\derrien\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2015-11-20]
CHR Extension: (Custom Google™ Background) - C:\Users\derrien\AppData\Local\Google\Chrome\User Data\Default\Extensions\jepibmfmhopgkplegmkjgifmhabbjadg [2015-11-20]
CHR Extension: (Paiements via le Chrome Web Store) - C:\Users\derrien\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-11-20]
CHR Extension: (Gmail) - C:\Users\derrien\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-07-07]
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChromeSp.crx [2016-02-19]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2016-02-19]
StartMenuInternet: Google Chrome - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe hxxp://www.yoursearching.com/?type=sc&ts=1455807617&z=4f5ab8ab2113c0416293f2fg3zcwewcb6efm7q5g0q&from=brd&uid=ST750LM022XHN-M750MBB_S31PJ9FF601862

==================== Services (Avec liste blanche) ========================

(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)

R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [237096 2016-02-19] (AVAST Software)
R2 BcmBtRSupport; C:\Windows\system32\BtwRSupportService.exe [2286848 2015-10-01] (Broadcom Corporation.)
S3 EasyAntiCheat; C:\WINDOWS\SysWOW64\EasyAntiCheat.exe [245544 2016-02-16] (EasyAntiCheat Ltd)
R2 GamesAppIntegrationService; C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe [254016 2014-10-26] (WildTangent)
R2 HomeNetSvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.)
R2 HP Support Assistant Service; C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe [92160 2014-01-13] (Hewlett-Packard Company) [Fichier non signé]
R2 HPWMISVC; C:\Program Files (x86)\Hewlett-Packard\HP System Event\HPWMISVC.exe [469304 2014-03-26] (Hewlett-Packard Development Company, L.P.)
R2 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe [330136 2015-08-27] (Intel Corporation)
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\TXE Components\TCS\HeciServer.exe [733696 2013-07-01] (Intel(R) Corporation) [Fichier non signé]
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\TXE Components\TCS\SocketHeciServer.exe [822232 2013-07-01] (Intel(R) Corporation)
S3 Intel(R) TA SAM; C:\Program Files (x86)\Intel Corporation\Intel(R) Technology Access\Intel(R) Software Asset Manager\bin\IntelSoftwareAssetManagerService.exe [18064 2015-04-18] ()
R2 Intel(R) Technology Access Legacy CS Loader; C:\Program Files\Intel Corporation\Intel(R) Technology Access\LegacyCsLoaderService.exe [144128 2015-07-31] (Intel(R) Corporation)
R2 Intel(R) TechnologyAccessService; C:\Program Files\Intel Corporation\Intel(R) Technology Access\IntelTechnologyAccessService.exe [481536 2015-07-31] (Intel(R) Corporation)
S3 iumsvc; C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe [178312 2015-09-25] (Intel Corporation)
R2 LMIGuardianSvc; C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe [417552 2015-11-12] (LogMeIn, Inc.)
S3 McAWFwk; C:\Program Files\Common Files\mcafee\ActWiz\McAWFwk.exe [334608 2013-07-29] (McAfee, Inc.)
R2 mcbootdelaystartsvc; C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.)
S4 McOobeSv2; C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.)
S2 mcpltsvc; C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.)
R2 McProxy; C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.)
R2 mfefire; C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe [219752 2014-06-20] (McAfee, Inc.)
R2 mfevtp; C:\Windows\system32\mfevtps.exe [189912 2014-06-20] (McAfee, Inc.)
R2 omniserv; C:\Program Files\Hewlett-Packard\SimplePass\OmniServ.exe [88064 2014-03-28] (Softex Inc.) [Fichier non signé]
R2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [290520 2014-01-08] (Realtek Semiconductor)
R2 SynTPEnhService; C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe [246472 2015-08-11] (Synaptics Incorporated)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [364464 2015-10-30] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [24864 2015-10-30] (Microsoft Corporation)
S2 Lekreij; "C:\Users\derrien\AppData\Roaming\EreejLisyxu\Moufji.exe" -cms [X]
S2 wofigudyzbt; C:\Program Files (x86)\34444335-1455800147-4B30-4E56-6CC21776E933\knsa245E.tmpfs [X]

===================== Pilotes (Avec liste blanche) ==========================

(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)

R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [37656 2016-02-19] (AVAST Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [107792 2016-02-19] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [103064 2016-02-19] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [74544 2016-02-19] (AVAST Software)
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1065720 2016-02-19] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [463744 2016-02-19] (AVAST Software)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [165344 2016-02-19] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [287016 2016-02-19] (AVAST Software)
R3 bcbtums; C:\Windows\system32\drivers\bcbtums.sys [208176 2015-10-01] (Broadcom Corporation.)
R3 BCM43XX; C:\Windows\system32\DRIVERS\bcmwl63a.sys [7532760 2014-08-07] (Broadcom Corporation)
S3 cfwids; C:\Windows\System32\drivers\cfwids.sys [72128 2014-06-20] (McAfee, Inc.)
R1 CLVirtualDrive; C:\Windows\system32\DRIVERS\CLVirtualDrive.sys [91912 2013-11-12] (CyberLink)
R3 Hamachi; C:\Windows\system32\DRIVERS\Hamdrv.sys [45680 2015-11-12] (LogMeIn Inc.)
R3 ikbevent; C:\Windows\system32\DRIVERS\ikbevent.sys [21408 2013-08-13] ()
R3 imsevent; C:\Windows\system32\DRIVERS\imsevent.sys [21920 2013-08-13] ()
R3 ISCT; C:\Windows\System32\drivers\ISCTD64.sys [46568 2013-08-13] ()
R0 MBI; C:\Windows\System32\drivers\MBI.sys [29464 2013-10-11] (Intel Corporation)
S2 mfeapfk; C:\Windows\System32\drivers\mfeapfk.sys [181704 2014-06-20] (McAfee, Inc.)
R2 mfeavfk; C:\Windows\System32\drivers\mfeavfk.sys [313544 2014-06-20] (McAfee, Inc.)
S0 mfeelamk; C:\Windows\System32\drivers\mfeelamk.sys [70600 2014-06-20] (McAfee, Inc.)
R3 mfefirek; C:\Windows\System32\drivers\mfefirek.sys [523792 2014-06-20] (McAfee, Inc.)
R2 mfehidk; C:\Windows\System32\drivers\mfehidk.sys [786296 2014-06-20] (McAfee, Inc.)
R2 mfewfpk; C:\Windows\System32\drivers\mfewfpk.sys [348552 2014-06-20] (McAfee, Inc.)
R1 ndisrd; C:\Windows\system32\DRIVERS\ndisrfl.sys [41688 2015-04-30] (Intel Corporation)
R3 NetTap630; C:\Windows\system32\DRIVERS\nettap630.sys [76560 2015-07-29] (Intel Corporation)
R3 RSP2STOR; C:\Windows\system32\DRIVERS\RtsP2Stor.sys [310528 2015-06-05] (Realtek Semiconductor Corp.)
S3 SmbDrv; C:\Windows\System32\drivers\Smb_driver_AMDASF.sys [30448 2014-03-13] (Synaptics Incorporated)
R3 SmbDrvI; C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys [44216 2015-08-11] (Synaptics Incorporated)
R3 TXEIx64; C:\Windows\System32\drivers\TXEIx64.sys [88592 2014-01-15] (Intel Corporation)
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44568 2015-10-30] (Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [293216 2015-10-30] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [118112 2015-10-30] (Microsoft Corporation)
R3 WirelessButtonDriver; C:\Windows\System32\drivers\WirelessButtonDriver64.sys [20800 2013-07-22] (Hewlett-Packard Development Company, L.P.)

==================== NetSvcs (Avec liste blanche) ===================

(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)


==================== Un mois - Créés - fichiers et dossiers ========

(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)

2016-02-19 10:38 - 2016-02-19 10:39 - 00032231 _____ C:\Users\derrien\Desktop\FRST.txt
2016-02-19 10:38 - 2016-02-19 10:38 - 00000000 ____D C:\FRST
2016-02-19 10:37 - 2016-02-19 10:35 - 02371072 ____N (Farbar) C:\Users\derrien\Desktop\FRST64.exe
2016-02-19 10:05 - 2016-02-19 10:05 - 00000000 ____D C:\WINDOWS\LastGood
2016-02-19 08:56 - 2016-02-19 08:56 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\7-Zip
2016-02-19 08:56 - 2016-02-19 08:56 - 00000000 ____D C:\Program Files\7-Zip
2016-02-19 08:21 - 2016-02-19 08:21 - 00001986 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast Free Antivirus.lnk
2016-02-19 08:19 - 2016-02-19 08:19 - 00398152 _____ (AVAST Software) C:\WINDOWS\system32\aswBoot.exe
2016-02-19 08:19 - 2016-02-19 08:19 - 00052184 _____ (AVAST Software) C:\WINDOWS\avastSS.scr
2016-02-18 18:54 - 2016-02-18 18:54 - 00000000 ____D C:\WINDOWS\system32\eef
2016-02-18 16:59 - 2016-02-18 16:59 - 00007636 _____ C:\Users\derrien\AppData\Local\Resmon.ResmonCfg
2016-02-18 16:06 - 2016-02-18 16:06 - 00003846 _____ C:\WINDOWS\System32\Tasks\Selection Tools Update
2016-02-18 16:06 - 2016-02-18 16:06 - 00003796 _____ C:\WINDOWS\System32\Tasks\WindApp Update
2016-02-18 16:06 - 2016-02-18 16:06 - 00000000 ____D C:\Users\derrien\AppData\Roaming\WTools
2016-02-18 16:06 - 2016-02-18 16:06 - 00000000 ____D C:\Users\derrien\AppData\Roaming\Store
2016-02-18 16:04 - 2016-02-18 16:04 - 00000000 ____D C:\Users\derrien\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Bubble Dock
2016-02-18 16:00 - 2016-02-18 16:09 - 00000000 ____D C:\Program Files (x86)\SystemHealer
2016-02-18 16:00 - 2016-02-18 16:01 - 00000000 ____D C:\Users\derrien\AppData\Local\Tempfolder
2016-02-18 16:00 - 2016-02-18 16:00 - 00000000 ____D C:\ProgramData\a82d8571-2b81-0
2016-02-18 16:00 - 2016-02-18 16:00 - 00000000 ____D C:\ProgramData\a82d8571-27c7-1
2016-02-18 15:59 - 2016-02-18 16:01 - 00000000 ____D C:\Users\derrien\AppData\Roaming\yoursearching
2016-02-18 15:59 - 2016-02-18 15:59 - 00000366 _____ C:\WINDOWS\SysWOW64\data.bin
2016-02-18 15:58 - 2016-02-18 16:11 - 00000000 ____D C:\Program Files\SpaceSoundPro
2016-02-18 13:56 - 2016-02-18 15:52 - 00010280 _____ C:\WINDOWS\SysWOW64\BoxoreServiceOff.ini
2016-02-18 13:56 - 2016-02-18 15:52 - 00010280 _____ C:\WINDOWS\system32\BoxoreServiceOff.ini
2016-02-18 13:56 - 2016-02-18 13:57 - 00000000 ____D C:\Users\derrien\AppData\Local\TrailerTime
2016-02-18 13:56 - 2016-02-18 13:56 - 00000000 ____D C:\Users\derrien\AppData\Local\Boxore
2016-02-18 13:56 - 2016-01-19 03:22 - 00303984 _____ (Boxore OU) C:\WINDOWS\SysWOW64\BoxoreService.dll
2016-02-18 13:55 - 2016-02-18 17:13 - 00000000 ____D C:\ProgramData\Boxore
2016-02-18 13:55 - 2016-02-18 13:55 - 00000000 ____D C:\Users\derrien\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ASPackage
2016-02-18 13:55 - 2016-02-18 13:55 - 00000000 ____D C:\Users\derrien\AppData\Roaming\ASPackage
2016-02-18 13:52 - 2016-02-18 13:53 - 00000000 ____D C:\Users\derrien\AppData\Roaming\mysites123
2016-02-18 13:51 - 2016-02-18 16:40 - 00000000 ____D C:\Program Files\Sound+
2016-02-18 13:50 - 2016-02-18 13:50 - 00000000 ____D C:\Users\derrien\AppData\Local\Modern UI Test
2016-02-18 13:47 - 2016-02-18 13:47 - 01232610 _____ C:\Users\derrien\Desktop\Chisel-Mod-1.8.jar
2016-02-17 16:39 - 2016-02-17 16:39 - 00000000 ____D C:\Users\derrien\AppData\LocalLow\Unity
2016-02-17 16:39 - 2016-02-17 16:39 - 00000000 ____D C:\Users\derrien\AppData\LocalLow\Hyper Hippo Productions Ltd_
2016-02-17 14:31 - 2016-02-17 14:31 - 00000222 _____ C:\Users\derrien\Desktop\AdVenture Capitalist.url
2016-02-17 11:25 - 2016-02-17 11:25 - 00000000 ____D C:\WINDOWS\LastGood.Tmp
2016-02-16 20:50 - 2016-02-16 20:50 - 00000000 ____D C:\Users\derrien\AppData\LocalLow\Freejam
2016-02-16 20:48 - 2016-02-18 18:09 - 00259320 _____ C:\WINDOWS\system32\Drivers\EasyAntiCheat.sys
2016-02-16 20:48 - 2016-02-16 20:04 - 00245544 _____ (EasyAntiCheat Ltd) C:\WINDOWS\SysWOW64\EasyAntiCheat.exe
2016-02-16 20:04 - 2016-02-16 20:04 - 00000222 _____ C:\Users\derrien\Desktop\Robocraft.url
2016-02-15 18:38 - 2016-02-15 18:38 - 00000000 ____D C:\Users\derrien\AppData\LocalLow\Monomi Park
2016-02-15 18:33 - 2016-02-17 16:39 - 00000000 ____D C:\Users\derrien\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2016-02-15 18:33 - 2016-02-15 18:33 - 00000222 _____ C:\Users\derrien\Desktop\Slime Rancher.url
2016-02-12 10:40 - 2016-02-16 12:02 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2016-02-10 11:50 - 2016-01-29 07:57 - 04502352 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe
2016-02-10 11:50 - 2016-01-29 07:33 - 04064320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe
2016-02-10 11:50 - 2016-01-27 07:15 - 01557776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
2016-02-10 11:50 - 2016-01-27 07:15 - 01542816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
2016-02-10 11:50 - 2016-01-27 07:01 - 07476064 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2016-02-10 11:50 - 2016-01-27 07:01 - 01997328 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2016-02-10 11:50 - 2016-01-27 07:01 - 01819720 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2016-02-10 11:50 - 2016-01-27 06:57 - 02919320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2016-02-10 11:50 - 2016-01-27 06:57 - 01824264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\combase.dll
2016-02-10 11:50 - 2016-01-27 06:56 - 21124344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2016-02-10 11:50 - 2016-01-27 06:55 - 05242496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll
2016-02-10 11:50 - 2016-01-27 06:54 - 00295264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msv1_0.dll
2016-02-10 11:50 - 2016-01-27 06:46 - 02606824 _____ (Microsoft Corporation) C:\WINDOWS\system32\combase.dll
2016-02-10 11:50 - 2016-01-27 06:46 - 01270072 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinTypes.dll
2016-02-10 11:50 - 2016-01-27 06:45 - 22564328 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2016-02-10 11:50 - 2016-01-27 06:45 - 06605544 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll
2016-02-10 11:50 - 2016-01-27 06:43 - 00359776 _____ (Microsoft Corporation) C:\WINDOWS\system32\msv1_0.dll
2016-02-10 11:50 - 2016-01-27 06:10 - 22394368 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2016-02-10 11:50 - 2016-01-27 06:05 - 19339776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2016-02-10 11:50 - 2016-01-27 06:05 - 18678272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2016-02-10 11:50 - 2016-01-27 06:04 - 09918976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2016-02-10 11:50 - 2016-01-27 06:01 - 00792064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kerberos.dll
2016-02-10 11:50 - 2016-01-27 05:58 - 11545088 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2016-02-10 11:50 - 2016-01-27 05:55 - 12125696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2016-02-10 11:50 - 2016-01-27 05:55 - 03666432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2016-02-10 11:50 - 2016-01-27 05:54 - 24603136 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2016-02-10 11:50 - 2016-01-27 05:52 - 00970752 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll
2016-02-10 11:50 - 2016-01-27 05:50 - 02230784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2016-02-10 11:50 - 2016-01-27 05:49 - 05662208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2016-02-10 11:50 - 2016-01-27 05:48 - 13382656 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2016-02-10 11:50 - 2016-01-27 05:42 - 01387520 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2016-02-10 11:50 - 2016-01-27 05:41 - 03592704 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2016-02-10 11:50 - 2016-01-27 05:39 - 02275328 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2016-02-10 11:50 - 2016-01-27 05:38 - 07835648 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2016-02-10 11:50 - 2016-01-27 05:37 - 04894720 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2016-02-10 11:50 - 2016-01-27 05:36 - 02757120 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2016-02-10 11:49 - 2016-01-27 06:59 - 00304752 _____ (Microsoft Corporation) C:\WINDOWS\system32\systemreset.exe
2016-02-10 11:49 - 2016-01-27 06:57 - 00820704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WinTypes.dll
2016-02-10 11:49 - 2016-01-27 06:55 - 00081112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\OpenWith.exe
2016-02-10 11:49 - 2016-01-27 06:44 - 00604928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2016-02-10 11:49 - 2016-01-27 06:44 - 00085320 _____ (Microsoft Corporation) C:\WINDOWS\system32\OpenWith.exe
2016-02-10 11:49 - 2016-01-27 06:37 - 01998176 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2016-02-10 11:49 - 2016-01-27 06:37 - 00576352 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys
2016-02-10 11:49 - 2016-01-27 06:21 - 00162816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msorcl32.dll
2016-02-10 11:49 - 2016-01-27 06:15 - 00031232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ztrace_maps.dll
2016-02-10 11:49 - 2016-01-27 06:13 - 00065536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininetlui.dll
2016-02-10 11:49 - 2016-01-27 06:12 - 00045568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jsproxy.dll
2016-02-10 11:49 - 2016-01-27 06:11 - 00118272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mtxoci.dll
2016-02-10 11:49 - 2016-01-27 06:10 - 00099840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\hlink.dll
2016-02-10 11:49 - 2016-01-27 06:08 - 00299008 _____ (Microsoft Corporation) C:\WINDOWS\system32\microsoft-windows-system-events.dll
2016-02-10 11:49 - 2016-01-27 06:08 - 00036864 _____ (Microsoft Corporation) C:\WINDOWS\system32\ztrace_maps.dll
2016-02-10 11:49 - 2016-01-27 06:07 - 00203264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iassam.dll
2016-02-10 11:49 - 2016-01-27 06:05 - 00069632 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininetlui.dll
2016-02-10 11:49 - 2016-01-27 06:05 - 00052224 _____ (Microsoft Corporation) C:\WINDOWS\system32\jsproxy.dll
2016-02-10 11:49 - 2016-01-27 06:04 - 00147456 _____ (Microsoft Corporation) C:\WINDOWS\system32\mtxoci.dll
2016-02-10 11:49 - 2016-01-27 06:03 - 00099328 _____ (Microsoft Corporation) C:\WINDOWS\system32\ngckeyenum.dll
2016-02-10 11:49 - 2016-01-27 06:02 - 00109056 _____ (Microsoft Corporation) C:\WINDOWS\system32\hlink.dll
2016-02-10 11:49 - 2016-01-27 05:59 - 00258048 _____ (Microsoft Corporation) C:\WINDOWS\system32\iassam.dll
2016-02-10 11:49 - 2016-01-27 05:57 - 00764928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
2016-02-10 11:49 - 2016-01-27 05:50 - 01504768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2016-02-10 11:49 - 2016-01-27 05:50 - 00144384 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxdav.sys
2016-02-10 11:49 - 2016-01-27 05:44 - 00063488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cfgbkend.dll
2016-02-10 11:49 - 2016-01-27 05:38 - 01734656 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2016-02-10 11:49 - 2016-01-27 05:32 - 01087488 _____ (Microsoft Corporation) C:\WINDOWS\system32\reseteng.dll
2016-02-10 11:49 - 2016-01-27 05:31 - 00079360 _____ (Microsoft Corporation) C:\WINDOWS\system32\cfgbkend.dll
2016-02-06 08:56 - 2016-02-19 08:36 - 00000000 ____D C:\Users\derrien\Documents\Youcam
2016-02-03 15:11 - 2016-02-03 15:11 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Notepad++
2016-02-03 15:10 - 2016-02-07 18:44 - 00000000 ____D C:\Program Files (x86)\Notepad++
2016-02-03 15:10 - 2016-02-03 15:21 - 00000000 ____D C:\Users\derrien\AppData\Roaming\Notepad++
2016-02-03 15:05 - 2016-02-03 15:05 - 00000000 ____D C:\Users\derrien\AppData\Roaming\privé
2016-01-28 17:11 - 2016-01-16 07:20 - 06971752 _____ (Microsoft Corp.) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2016-01-28 17:11 - 2016-01-16 07:20 - 00652312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\evr.dll
2016-01-28 17:11 - 2016-01-16 07:20 - 00431240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WWanAPI.dll
2016-01-28 17:11 - 2016-01-16 07:20 - 00366224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AUDIOKSE.dll
2016-01-28 17:11 - 2016-01-16 07:19 - 00709688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsvr.dll
2016-01-28 17:11 - 2016-01-16 07:19 - 00405568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioSes.dll
2016-01-28 17:11 - 2016-01-16 07:08 - 01174008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msctf.dll
2016-01-28 17:11 - 2016-01-16 06:36 - 00011776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rastlsext.dll
2016-01-28 17:11 - 2016-01-16 06:35 - 13018624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2016-01-28 17:11 - 2016-01-16 06:35 - 00013312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasadhlp.dll
2016-01-28 17:11 - 2016-01-16 06:34 - 00079360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winhttpcom.dll
2016-01-28 17:11 - 2016-01-16 06:33 - 00087040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapsBtSvc.dll
2016-01-28 17:11 - 2016-01-16 06:32 - 00041984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\pcaui.exe
2016-01-28 17:11 - 2016-01-16 06:31 - 00017408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasautou.exe
2016-01-28 17:11 - 2016-01-16 06:30 - 00157696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SimCfg.dll
2016-01-28 17:11 - 2016-01-16 06:30 - 00093696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winbio.dll
2016-01-28 17:11 - 2016-01-16 06:29 - 00200704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DisplayManager.dll
2016-01-28 17:11 - 2016-01-16 06:28 - 00129024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SimAuth.dll
2016-01-28 17:11 - 2016-01-16 06:27 - 00335872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll
2016-01-28 17:11 - 2016-01-16 06:26 - 00535040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rastls.dll
2016-01-28 17:11 - 2016-01-16 06:25 - 00510976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlidcli.dll
2016-01-28 17:11 - 2016-01-16 06:24 - 00613888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winhttp.dll
2016-01-28 17:11 - 2016-01-16 06:24 - 00350720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CredProvDataModel.dll
2016-01-28 17:11 - 2016-01-16 06:24 - 00273408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SensorsApi.dll
2016-01-28 17:11 - 2016-01-16 06:23 - 02050048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2016-01-28 17:11 - 2016-01-16 06:23 - 00687616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2016-01-28 17:11 - 2016-01-16 06:21 - 06297088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mos.dll
2016-01-28 17:11 - 2016-01-16 06:20 - 01944576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InputService.dll
2016-01-28 17:11 - 2016-01-16 06:20 - 00799744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasdlg.dll
2016-01-28 17:11 - 2016-01-16 06:19 - 00245760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TextInputFramework.dll
2016-01-28 17:11 - 2016-01-16 06:19 - 00162816 _____ C:\WINDOWS\SysWOW64\MTF.dll
2016-01-28 17:11 - 2016-01-16 06:19 - 00133632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Core.TextInput.dll
2016-01-28 17:11 - 2016-01-16 06:16 - 05202944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BingMaps.dll
2016-01-28 17:11 - 2016-01-16 06:16 - 01542656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\quartz.dll
2016-01-28 17:11 - 2016-01-16 06:15 - 04759040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d2d1.dll
2016-01-28 17:11 - 2016-01-16 06:14 - 01626624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmcore.dll
2016-01-28 17:11 - 2016-01-16 06:11 - 00653312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasapi32.dll
2016-01-28 17:07 - 2016-01-16 07:37 - 00202472 _____ (Microsoft Corporation) C:\WINDOWS\system32\wscapi.dll
2016-01-28 17:07 - 2016-01-16 07:24 - 00538632 _____ (Microsoft Corporation) C:\WINDOWS\system32\WWanAPI.dll
2016-01-28 17:07 - 2016-01-16 07:23 - 08728920 _____ (Microsoft Corp.) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2016-01-28 17:07 - 2016-01-16 07:21 - 01750440 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcMon.exe
2016-01-28 17:07 - 2016-01-16 07:12 - 01415200 _____ (Microsoft Corporation) C:\WINDOWS\system32\msctf.dll
2016-01-28 17:07 - 2016-01-16 07:08 - 00440152 _____ (Microsoft Corporation) C:\WINDOWS\system32\services.exe
2016-01-28 17:07 - 2016-01-16 06:46 - 00067072 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbser.sys
2016-01-28 17:07 - 2016-01-16 06:44 - 00166400 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotification.exe
2016-01-28 17:07 - 2016-01-16 06:44 - 00017408 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasadhlp.dll
2016-01-28 17:07 - 2016-01-16 06:44 - 00013824 _____ (Microsoft Corporation) C:\WINDOWS\system32\rastlsext.dll
2016-01-28 17:07 - 2016-01-16 06:43 - 00097280 _____ (Microsoft Corporation) C:\WINDOWS\system32\winhttpcom.dll
2016-01-28 17:07 - 2016-01-16 06:42 - 00013824 _____ (Microsoft Corporation) C:\WINDOWS\system32\sscoreext.dll
2016-01-28 17:07 - 2016-01-16 06:41 - 00055296 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotificationUx.exe
2016-01-28 17:07 - 2016-01-16 06:40 - 00106496 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasauto.dll
2016-01-28 17:07 - 2016-01-16 06:40 - 00019456 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasautou.exe
2016-01-28 17:07 - 2016-01-16 06:38 - 00406528 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusUpdateHandlers.dll
2016-01-28 17:07 - 2016-01-16 06:38 - 00193024 _____ (Microsoft Corporation) C:\WINDOWS\system32\SimCfg.dll
2016-01-28 17:07 - 2016-01-16 06:38 - 00130560 _____ (Microsoft Corporation) C:\WINDOWS\system32\winbio.dll
2016-01-28 17:07 - 2016-01-16 06:37 - 00617984 _____ (Microsoft Corporation) C:\WINDOWS\system32\StorSvc.dll
2016-01-28 17:07 - 2016-01-16 06:37 - 00190464 _____ (Microsoft Corporation) C:\WINDOWS\system32\wscsvc.dll
2016-01-28 17:07 - 2016-01-16 06:36 - 00160768 _____ (Microsoft Corporation) C:\WINDOWS\system32\SimAuth.dll
2016-01-28 17:07 - 2016-01-16 06:34 - 00610816 _____ (Microsoft Corporation) C:\WINDOWS\system32\rastls.dll
2016-01-28 17:07 - 2016-01-16 06:34 - 00477696 _____ (Microsoft Corporation) C:\WINDOWS\system32\srcore.dll
2016-01-28 17:07 - 2016-01-16 06:33 - 00726528 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlidcli.dll
2016-01-28 17:07 - 2016-01-16 06:33 - 00574976 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.UX.EapRequestHandler.dll
2016-01-28 17:07 - 2016-01-16 06:32 - 00621568 _____ (Microsoft Corporation) C:\WINDOWS\system32\wbiosrvc.dll
2016-01-28 17:07 - 2016-01-16 06:31 - 00794112 _____ (Microsoft Corporation) C:\WINDOWS\system32\winhttp.dll
2016-01-28 17:07 - 2016-01-16 06:29 - 01500672 _____ (Microsoft Corporation) C:\WINDOWS\system32\RecoveryDrive.exe
2016-01-28 17:07 - 2016-01-16 06:28 - 01318912 _____ (Microsoft Corporation) C:\WINDOWS\system32\wifinetworkmanager.dll
2016-01-28 17:07 - 2016-01-16 06:28 - 00884736 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasdlg.dll
2016-01-28 17:07 - 2016-01-16 06:25 - 00457728 _____ (Microsoft Corporation) C:\WINDOWS\system32\ipnathlp.dll
2016-01-28 17:07 - 2016-01-16 06:25 - 00235008 _____ C:\WINDOWS\system32\MTF.dll
2016-01-28 17:07 - 2016-01-16 06:24 - 02057216 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlidsvc.dll
2016-01-28 17:07 - 2016-01-16 06:20 - 02597888 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetworkMobileSettings.dll
2016-01-28 17:07 - 2016-01-16 06:19 - 00733184 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasapi32.dll
2016-01-28 17:06 - 2016-01-16 07:23 - 00848160 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsvr.dll
2016-01-28 17:06 - 2016-01-16 07:23 - 00785088 _____ (Microsoft Corporation) C:\WINDOWS\system32\evr.dll
2016-01-28 17:06 - 2016-01-16 07:09 - 01089880 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\http.sys
2016-01-28 17:06 - 2016-01-16 06:45 - 16986112 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2016-01-28 17:06 - 2016-01-16 06:42 - 00120320 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsBtSvc.dll
2016-01-28 17:06 - 2016-01-16 06:39 - 00149504 _____ (Microsoft Corporation) C:\WINDOWS\system32\FilterDS.dll
2016-01-28 17:06 - 2016-01-16 06:38 - 07979008 _____ (Microsoft Corporation) C:\WINDOWS\system32\mos.dll
2016-01-28 17:06 - 2016-01-16 06:37 - 00274944 _____ (Microsoft Corporation) C:\WINDOWS\system32\DisplayManager.dll
2016-01-28 17:06 - 2016-01-16 06:37 - 00073728 _____ (Microsoft Corporation) C:\WINDOWS\system32\SMSRouter.dll
2016-01-28 17:06 - 2016-01-16 06:36 - 00638464 _____ (Microsoft Corporation) C:\WINDOWS\system32\enterprisecsps.dll
2016-01-28 17:06 - 2016-01-16 06:36 - 00475648 _____ (Microsoft Corporation) C:\WINDOWS\system32\DDDS.dll
2016-01-28 17:06 - 2016-01-16 06:36 - 00221696 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2016-01-28 17:06 - 2016-01-16 06:35 - 00383488 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2016-01-28 17:06 - 2016-01-16 06:34 - 00590848 _____ (Microsoft Corporation) C:\WINDOWS\system32\SmsRouterSvc.dll
2016-01-28 17:06 - 2016-01-16 06:31 - 00851456 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsStore.dll
2016-01-28 17:06 - 2016-01-16 06:31 - 00440320 _____ (Microsoft Corporation) C:\WINDOWS\system32\CredProvDataModel.dll
2016-01-28 17:06 - 2016-01-16 06:31 - 00343552 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorsApi.dll
2016-01-28 17:06 - 2016-01-16 06:30 - 02127360 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2016-01-28 17:06 - 2016-01-16 06:30 - 00784384 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2016-01-28 17:06 - 2016-01-16 06:28 - 02624512 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputService.dll
2016-01-28 17:06 - 2016-01-16 06:26 - 00345600 _____ (Microsoft Corporation) C:\WINDOWS\system32\TextInputFramework.dll
2016-01-28 17:06 - 2016-01-16 06:26 - 00260608 _____ C:\WINDOWS\system32\MTFServer.dll
2016-01-28 17:06 - 2016-01-16 06:26 - 00175616 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Core.TextInput.dll
2016-01-28 17:06 - 2016-01-16 06:20 - 07199232 _____ (Microsoft Corporation) C:\WINDOWS\system32\BingMaps.dll
2016-01-28 17:06 - 2016-01-16 06:18 - 01674240 _____ (Microsoft Corporation) C:\WINDOWS\system32\quartz.dll
2016-01-28 17:06 - 2016-01-16 06:17 - 05503488 _____ (Microsoft Corporation) C:\WINDOWS\system32\d2d1.dll
2016-01-28 17:06 - 2016-01-16 06:14 - 01946624 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll
2016-01-28 17:05 - 2016-01-16 07:36 - 01173344 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
2016-01-28 17:05 - 2016-01-16 07:36 - 00713568 _____ (Microsoft Corporation) C:\WINDOWS\system32\invagent.dll
2016-01-28 17:05 - 2016-01-16 07:34 - 00513888 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll
2016-01-28 17:05 - 2016-01-16 07:23 - 00536256 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioSes.dll
2016-01-28 17:05 - 2016-01-16 07:23 - 00408120 _____ (Microsoft Corporation) C:\WINDOWS\system32\AUDIOKSE.dll
2016-01-28 17:05 - 2016-01-16 07:23 - 00369912 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiodg.exe
2016-01-28 17:05 - 2016-01-16 06:40 - 00049152 _____ (Microsoft Corporation) C:\WINDOWS\system32\pcaui.exe
2016-01-28 17:05 - 2016-01-16 06:34 - 00275456 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEndpointBuilder.dll
2016-01-28 17:05 - 2016-01-16 06:30 - 01053696 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2016-01-22 16:56 - 2016-01-22 16:57 - 01027161 _____ C:\Users\derrien\Downloads\NationsGlory.exe
2016-01-22 14:05 - 2016-01-22 14:06 - 01027161 _____ C:\Users\derrien\Desktop\NationsGlory.exe

==================== Un mois - Modifiés - fichiers et dossiers ========

(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)

2016-02-19 10:40 - 2014-11-12 21:50 - 00001104 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2016-02-19 10:35 - 2015-06-15 10:54 - 00001002 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2016-02-19 10:29 - 2015-06-19 08:19 - 00001232 _____ C:\WINDOWS\Tasks\DropboxUpdateTaskUserS-1-5-21-361793254-2370995334-3555378747-1001UA.job
2016-02-19 10:05 - 2015-10-30 08:21 - 00000000 ____D C:\WINDOWS\INF
2016-02-19 10:03 - 2014-10-25 18:13 - 00000000 ____D C:\Users\derrien\AppData\Local\SweetLabs App Platform
2016-02-19 09:34 - 2015-12-01 18:24 - 00000950 _____ C:\Users\derrien\Desktop\nativelog.txt
2016-02-19 09:33 - 2015-11-30 17:25 - 00000000 ____D C:\Users\derrien\AppData\Roaming\.minecraft
2016-02-19 09:31 - 2015-11-22 11:37 - 00000000 ____D C:\Program Files (x86)\Steam
2016-02-19 09:00 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\AppReadiness
2016-02-19 08:50 - 2014-10-25 18:14 - 00000000 ____D C:\Users\derrien\AppData\Local\Packages
2016-02-19 08:49 - 2015-10-30 08:24 - 00000000 ___HD C:\Program Files\WindowsApps
2016-02-19 08:29 - 2015-02-27 09:51 - 00000000 ____D C:\Users\derrien\AppData\Local\LogMeIn Hamachi
2016-02-19 08:29 - 2014-11-12 21:50 - 00001100 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2016-02-19 08:28 - 2015-11-23 19:01 - 00000000 __SHD C:\Users\derrien\IntelGraphicsProfiles
2016-02-19 08:27 - 2015-11-23 17:28 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2016-02-19 08:23 - 2015-07-20 14:15 - 00000000 ____D C:\Users\derrien\AppData\Roaming\TS3Client
2016-02-19 08:20 - 2014-11-14 11:18 - 00287016 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswvmm.sys
2016-02-19 08:20 - 2014-11-14 11:18 - 00004006 _____ C:\WINDOWS\System32\Tasks\avast! Emergency Update
2016-02-19 08:19 - 2014-11-14 11:18 - 01065720 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSnx.sys
2016-02-19 08:19 - 2014-11-14 11:18 - 00463744 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSP.sys
2016-02-19 08:19 - 2014-11-14 11:18 - 00165344 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswStm.sys
2016-02-19 08:19 - 2014-11-14 11:18 - 00107792 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswMonFlt.sys
2016-02-19 08:19 - 2014-11-14 11:18 - 00103064 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRdr2.sys
2016-02-19 08:19 - 2014-11-14 11:18 - 00074544 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRvrt.sys
2016-02-19 08:19 - 2014-11-14 11:18 - 00037656 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswHwid.sys
2016-02-19 08:13 - 2014-10-25 18:23 - 00004176 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{CDDD58C9-C90D-4DF0-A169-9966512CB894}
2016-02-18 21:03 - 2014-10-25 18:23 - 00000000 __SHD C:\Users\derrien\AppData\LocalLow\EmieUserList
2016-02-18 21:03 - 2014-10-25 18:23 - 00000000 __SHD C:\Users\derrien\AppData\LocalLow\EmieSiteList
2016-02-18 20:43 - 2014-10-25 18:04 - 00000000 __RHD C:\Users\Public\AccountPictures
2016-02-18 18:54 - 2015-10-30 08:18 - 00535088 _____ C:\WINDOWS\SysWOW64\dnsapi.dll
2016-02-18 17:38 - 2014-11-12 17:49 - 00000000 ____D C:\Users\derrien\AppData\Local\Lasaoren
2016-02-18 16:00 - 2014-11-12 22:14 - 00002571 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-02-18 16:00 - 2014-10-28 15:02 - 00001472 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2016-02-18 16:00 - 2014-10-28 15:02 - 00001460 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk
2016-02-18 15:58 - 2015-02-27 11:22 - 00000000 ___RD C:\Users\derrien\Dropbox
2016-02-18 15:58 - 2015-02-27 11:11 - 00000000 ____D C:\Users\derrien\AppData\Roaming\Dropbox
2016-02-18 13:57 - 2015-11-23 17:00 - 00000000 ____D C:\Users\derrien
2016-02-18 13:57 - 2015-10-30 07:28 - 00524288 ___SH C:\WINDOWS\system32\config\BBI
2016-02-18 00:20 - 2014-11-02 13:00 - 00000000 ____D C:\Users\derrien\AppData\Roaming\Skype
2016-02-17 19:29 - 2015-06-19 08:19 - 00001180 _____ C:\WINDOWS\Tasks\DropboxUpdateTaskUserS-1-5-21-361793254-2370995334-3555378747-1001Core.job
2016-02-17 16:35 - 2014-10-25 18:23 - 00000000 __SHD C:\Users\derrien\AppData\Local\EmieUserList
2016-02-17 16:35 - 2014-10-25 18:23 - 00000000 __SHD C:\Users\derrien\AppData\Local\EmieSiteList
2016-02-17 13:07 - 2015-12-26 15:50 - 00000000 ____D C:\Users\derrien\AppData\Roaming\.hovercraft
2016-02-17 10:19 - 2016-01-17 18:54 - 00000000 ____D C:\Users\derrien\AppData\Roaming\.ng
2016-02-16 12:02 - 2014-10-28 15:02 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2016-02-15 09:36 - 2015-10-07 14:47 - 00002470 _____ C:\Users\derrien\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PC App Store.lnk
2016-02-15 09:34 - 2015-11-01 18:12 - 00003412 _____ C:\WINDOWS\System32\Tasks\SweetLabs App Platform
2016-02-14 15:00 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\rescache
2016-02-11 13:41 - 2015-10-30 20:03 - 00000000 ____D C:\Program Files\Windows Journal
2016-02-11 12:11 - 2015-10-30 08:11 - 00000000 ____D C:\WINDOWS\CbsTemp
2016-02-11 11:01 - 2015-11-23 19:11 - 00002420 _____ C:\Users\derrien\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2016-02-11 11:01 - 2014-10-25 18:18 - 00000000 __RDO C:\Users\derrien\OneDrive
2016-02-06 10:49 - 2014-10-26 14:22 - 00000000 ____D C:\ProgramData\Wizard101(FR)
2016-02-03 20:01 - 2015-10-30 08:26 - 00828920 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2016-02-03 20:01 - 2015-10-30 08:26 - 00176632 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2016-02-03 15:23 - 2015-11-23 16:59 - 02049398 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2016-02-03 15:23 - 2015-10-30 20:00 - 00899370 _____ C:\WINDOWS\system32\perfh00C.dat
2016-02-03 15:23 - 2015-10-30 20:00 - 00188262 _____ C:\WINDOWS\system32\perfc00C.dat
2016-02-03 13:35 - 2014-11-12 21:50 - 00004162 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2016-02-03 13:35 - 2014-11-12 21:50 - 00003930 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
2016-01-29 20:15 - 2015-10-30 08:24 - 00000000 ___SD C:\WINDOWS\system32\F12
2016-01-29 20:15 - 2015-10-30 08:24 - 00000000 ___RD C:\WINDOWS\PurchaseDialog
2016-01-29 20:15 - 2015-10-30 08:24 - 00000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2016-01-29 20:15 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2016-01-29 20:15 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\system32\oobe
2016-01-29 20:15 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\system32\appraiser
2016-01-29 20:15 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\bcastdvr
2016-01-22 16:33 - 2015-11-29 22:24 - 00000000 ____D C:\Users\derrien\AppData\Local\MicrosoftEdge

==================== Fichiers à la racine de certains dossiers =======

2016-02-18 16:03 - 2016-02-18 16:06 - 0001281 _____ () C:\Users\derrien\AppData\Roaming\Bubble Dock.boostrap.log
2016-02-18 16:03 - 2016-02-18 16:04 - 0005723 _____ () C:\Users\derrien\AppData\Roaming\Bubble Dock.installation.log
2016-02-18 16:06 - 2016-02-18 16:06 - 0000078 _____ () C:\Users\derrien\AppData\Roaming\Selection Tools.installation.log
2015-01-17 16:24 - 2015-01-17 16:24 - 0000036 _____ () C:\Users\derrien\AppData\Roaming\SuYZkvrV.tmp
2014-11-12 18:48 - 2014-11-26 12:48 - 0000175 _____ () C:\Users\derrien\AppData\Roaming\WB.CFG
2016-02-18 16:03 - 2016-02-18 16:03 - 0000097 _____ () C:\Users\derrien\AppData\Roaming\WindApp.boostrap.log
2016-02-18 16:04 - 2016-02-18 16:06 - 0000078 _____ () C:\Users\derrien\AppData\Roaming\WindApp.installation.log
2014-11-14 10:48 - 2014-11-14 10:48 - 0022528 _____ () C:\Users\derrien\AppData\Local\131394875dsisetup1313996872.exe
2014-11-14 10:48 - 2014-11-22 10:48 - 0000010 _____ () C:\Users\derrien\AppData\Local\DSI.DAT
2014-11-22 10:48 - 2014-11-22 10:48 - 0022528 _____ () C:\Users\derrien\AppData\Local\dsisetup614178282.exe
2016-02-18 16:59 - 2016-02-18 16:59 - 0007636 _____ () C:\Users\derrien\AppData\Local\Resmon.ResmonCfg

Certains fichiers dans TEMP:
====================
C:\Users\derrien\AppData\Local\Temp\1CBF.tmp.exe
C:\Users\derrien\AppData\Local\Temp\310.tmp.exe
C:\Users\derrien\AppData\Local\Temp\364A.tmp.exe
C:\Users\derrien\AppData\Local\Temp\3CA3.tmp.exe
C:\Users\derrien\AppData\Local\Temp\3FC5.tmp.exe
C:\Users\derrien\AppData\Local\Temp\4896.tmp.exe
C:\Users\derrien\AppData\Local\Temp\5871.tmp.exe
C:\Users\derrien\AppData\Local\Temp\99B9.tmp.exe
C:\Users\derrien\AppData\Local\Temp\B29B.tmp.exe
C:\Users\derrien\AppData\Local\Temp\bc.exe
C:\Users\derrien\AppData\Local\Temp\F27.tmp.exe
C:\Users\derrien\AppData\Local\Temp\FA1.tmp.exe
C:\Users\derrien\AppData\Local\Temp\hibDB82.exe
C:\Users\derrien\AppData\Local\Temp\PA33QUQHV8.exe


==================== Bamital & volsnap =================

(Il n'y a pas de correction automatique pour les fichiers qui ne satisfont pas à la vérification.)

C:\WINDOWS\system32\winlogon.exe => Le fichier est signé numériquement
C:\WINDOWS\system32\wininit.exe => Le fichier est signé numériquement
C:\WINDOWS\explorer.exe => Le fichier est signé numériquement
C:\WINDOWS\SysWOW64\explorer.exe => Le fichier est signé numériquement
C:\WINDOWS\system32\svchost.exe => Le fichier est signé numériquement
C:\WINDOWS\SysWOW64\svchost.exe => Le fichier est signé numériquement
C:\WINDOWS\system32\services.exe => Le fichier est signé numériquement
C:\WINDOWS\system32\User32.dll => Le fichier est signé numériquement
C:\WINDOWS\SysWOW64\User32.dll => Le fichier est signé numériquement
C:\WINDOWS\system32\userinit.exe => Le fichier est signé numériquement
C:\WINDOWS\SysWOW64\userinit.exe => Le fichier est signé numériquement
C:\WINDOWS\system32\rpcss.dll => Le fichier est signé numériquement
C:\WINDOWS\system32\dnsapi.dll
[2015-10-30 08:18] - [2015-10-30 08:18] - 0686984 ____A (Microsoft Corporation) 0F00E21B4366D4D3E6FFD8B88278FC54

C:\WINDOWS\SysWOW64\dnsapi.dll
[2015-10-30 08:18] - [2016-02-18 18:54] - 0535088 ____A () D41D8CD98F00B204E9800998ECF8427E

C:\WINDOWS\SysWOW64\dnsapi.dll => pas de Nom Entreprise <===== ATTENTION

C:\WINDOWS\system32\Drivers\volsnap.sys => Le fichier est signé numériquement


LastRegBack: 2016-02-17 20:15

==================== Fin de FRST.txt ============================

Publicité


Signaler le contenu de ce document

Publicité