Publicité
Publicité
Format du document : text/plain
Prévisualisation
Résultats d'analyse de Farbar Recovery Scan Tool (FRST) (x64) Version: 21-12-2016
Exécuté par xoxel (administrateur) sur XOXEL-PC (25-12-2016 15:18:53)
Exécuté depuis C:\Users\xoxel\Downloads
Profils chargés: xoxel (Profils disponibles: xoxel)
Platform: Windows 7 Professional Service Pack 1 (X64) Langue: Français (France)
Internet Explorer Version 11 (Navigateur par défaut: Chrome)
Mode d'amorçage: Normal
Tutoriel pour Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processus (Avec liste blanche) =================
(Si un élément est inclus dans le fichier fixlist.txt, le processus sera arrêté. Le fichier ne sera pas déplacé.)
(AMD) C:\Windows\System32\atiesrxx.exe
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe
(Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
() C:\Program Files (x86)\Canon\IJPLM\ijplmsvc.exe
(Intel Corporation) C:\Windows\System32\IPROSetMonitor.exe
(Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
() C:\Program Files (x86)\Intel Driver Update Utility\SUR\SurSvc.exe
(AMD) C:\Program Files\AMD\amdkmpfd_un\atieclxx.exe
(VMware, Inc.) C:\Windows\SysWOW64\vmnetdhcp.exe
(VMware, Inc.) C:\Windows\SysWOW64\vmnat.exe
(Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
(VMware, Inc.) G:\VMWare\vmware-authd.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\RadeonSettings.exe
(Valve Corporation) G:\Steam\Steam.exe
(hxxp://tortoisesvn.net) C:\Program Files\TortoiseSVN\bin\TSVNCache.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Valve Corporation) G:\Steam\bin\cef\cef.win7\steamwebhelper.exe
(Valve Corporation) G:\Steam\bin\cef\cef.win7\steamwebhelper.exe
() C:\Program Files\Intel\SUR\WILLAMETTE\ESRV\esrv.exe
(Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe
() C:\Program Files\Intel\SUR\WILLAMETTE\ESRV\esrv_svc.exe
(Microsoft Corporation) C:\Windows\System32\DeviceDisplayObjectProvider.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Electronic Arts) G:\Origin\OriginWebHelperService.exe
(Blizzard Entertainment) C:\ProgramData\Battle.net\Agent\Agent.5342\Agent.exe
(Blizzard Entertainment) G:\Battle.net\Battle.net.8180\Battle.net.exe
() G:\Battle.net\Battle.net.8180\Battle.net Helper.exe
() G:\Battle.net\Battle.net.8180\Battle.net Helper.exe
(Hammer & Chisel, Inc.) C:\Users\xoxel\AppData\Local\Discord\app-0.0.296\Discord.exe
(Hammer & Chisel, Inc.) C:\Users\xoxel\AppData\Local\Discord\app-0.0.296\Discord.exe
(Hammer & Chisel, Inc.) C:\Users\xoxel\AppData\Local\Discord\app-0.0.296\Discord.exe
(Hammer & Chisel, Inc.) C:\Users\xoxel\AppData\Local\Discord\app-0.0.296\Discord.exe
(Hammer & Chisel, Inc.) C:\Users\xoxel\AppData\Local\Discord\app-0.0.296\Discord.exe
(Hammer & Chisel, Inc.) C:\Users\xoxel\AppData\Local\Discord\app-0.0.296\Discord.exe
(Lavasoft) C:\Program Files (x86)\AdAware\hms\healthmon.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
==================== Registre (Avec liste blanche) ====================
(Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé. Le fichier ne sera pas déplacé.)
HKLM\...\Run: [Logitech Download Assistant] => C:\Windows\system32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch
HKLM\...\Run: [StartCN] => C:\Program Files\AMD\CNext\CNext\RadeonSettings.exe [6626696 2016-07-18] (Advanced Micro Devices, Inc.)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [3937448 2015-07-23] (Synaptics Incorporated)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [9080768 2016-11-15] (AVAST Software)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [587288 2016-09-22] (Oracle Corporation)
HKLM-x32\...\Run: [YouCam Mirage] => "c:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe"
HKLM-x32\...\Run: [YouCam Tray] => c:\Program Files (x86)\CyberLink\YouCam\YouCamTray.exe [168920 2014-10-06] (CyberLink Corp.)
HKLM-x32\...\Run: [MyMemory] => C:\Program Files (x86)\MyMemory\MyMemory.exe /watch <===== ATTENTION
HKU\S-1-5-21-3944157077-3381171393-2049731925-1000\...\Run: [Steam] => G:\Steam\steam.exe [2876704 2016-12-20] (Valve Corporation)
HKU\S-1-5-21-3944157077-3381171393-2049731925-1000\...\Run: [EADM] => G:\Origin\Origin.exe [3502576 2016-10-31] (Electronic Arts)
HKU\S-1-5-21-3944157077-3381171393-2049731925-1000\...\Run: [f.lux] => C:\Users\xoxel\AppData\Local\FluxSoftware\Flux\flux.exe [1017224 2013-10-23] (Flux Software LLC)
HKU\S-1-5-21-3944157077-3381171393-2049731925-1000\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [8944344 2016-09-28] (Piriform Ltd)
HKU\S-1-5-21-3944157077-3381171393-2049731925-1000\...\MountPoints2: J - J:\setup.exe
HKU\S-1-5-21-3944157077-3381171393-2049731925-1000\...\MountPoints2: {ac93b5c9-fc07-11e5-a4f1-5ce0c583ed9c} - J:\setup.exe
HKLM\...\Providers\d6jqzdco: C:\Program Files (x86)\Hopoentjerzert Update\local64spl.dll [292352 2016-12-24] ()
ShellExecuteHooks: Pas de nom - {E83CCA70-C682-11E6-B2F4-64006A5CFC23} - C:\Users\xoxel\AppData\Roaming\Aramushsojiied\Shervupy.dll -> Pas de fichier
ShellIconOverlayIdentifiers: [ Tortoise1Normal] -> {C5994560-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll [2015-08-25] (hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers: [ Tortoise2Modified] -> {C5994561-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll [2015-08-25] (hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers: [ Tortoise3Conflict] -> {C5994562-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll [2015-08-25] (hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers: [ Tortoise4Locked] -> {C5994563-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll [2015-08-25] (hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers: [ Tortoise5ReadOnly] -> {C5994564-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll [2015-08-25] (hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers: [ Tortoise6Deleted] -> {C5994565-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll [2015-08-25] (hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers: [ Tortoise7Added] -> {C5994566-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll [2015-08-25] (hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers: [ Tortoise8Ignored] -> {C5994567-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll [2015-08-25] (hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers: [ Tortoise9Unversioned] -> {C5994568-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll [2015-08-25] (hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2016-09-02] (AVAST Software)
ShellIconOverlayIdentifiers-x32: [ Tortoise1Normal] -> {C5994560-53D9-4125-87C9-F193FC689CB2} => C:\Program Files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll [2015-08-25] (hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers-x32: [ Tortoise2Modified] -> {C5994561-53D9-4125-87C9-F193FC689CB2} => C:\Program Files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll [2015-08-25] (hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers-x32: [ Tortoise3Conflict] -> {C5994562-53D9-4125-87C9-F193FC689CB2} => C:\Program Files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll [2015-08-25] (hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers-x32: [ Tortoise4Locked] -> {C5994563-53D9-4125-87C9-F193FC689CB2} => C:\Program Files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll [2015-08-25] (hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers-x32: [ Tortoise5ReadOnly] -> {C5994564-53D9-4125-87C9-F193FC689CB2} => C:\Program Files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll [2015-08-25] (hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers-x32: [ Tortoise6Deleted] -> {C5994565-53D9-4125-87C9-F193FC689CB2} => C:\Program Files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll [2015-08-25] (hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers-x32: [ Tortoise7Added] -> {C5994566-53D9-4125-87C9-F193FC689CB2} => C:\Program Files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll [2015-08-25] (hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers-x32: [ Tortoise8Ignored] -> {C5994567-53D9-4125-87C9-F193FC689CB2} => C:\Program Files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll [2015-08-25] (hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers-x32: [ Tortoise9Unversioned] -> {C5994568-53D9-4125-87C9-F193FC689CB2} => C:\Program Files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll [2015-08-25] (hxxp://tortoisesvn.net)
Startup: C:\Users\xoxel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Slack.lnk [2016-12-12]
ShortcutTarget: Slack.lnk -> C:\Users\xoxel\AppData\Local\slack\Update.exe ()
GroupPolicy: Restriction <======= ATTENTION
GroupPolicyScripts: Restriction <======= ATTENTION
==================== Internet (Avec liste blanche) ====================
(Si un élément est inclus dans le fichier fixlist.txt, s'il s'agit d'un élément du Registre, il sera supprimé ou restauré à la valeur par défaut.)
Hosts: Il y a plus d'un élément dans hosts. Voir la section Hosts de Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{5BC078F8-D2CE-46BA-A4BB-B9962AF32F57}: [DhcpNameServer] 192.168.1.1
Internet Explorer:
==================
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\Office16\OCHelper.dll [2016-12-10] (Microsoft Corporation)
BHO: Canon Easy-WebPrint EX BHO -> {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} -> C:\Program Files\Canon\Easy-WebPrint EX\ewpexbho.dll [2015-02-23] (CANON INC.)
BHO: Pas de nom -> {95E84BD3-3604-4AAC-B2CA-D9AC3E55B64B} -> Pas de fichier
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\root\Office16\URLREDIR.DLL [2016-12-10] (Microsoft Corporation)
BHO: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\root\Office16\GROOVEEX.DLL [2016-12-10] (Microsoft Corporation)
BHO-x32: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll [2016-12-09] (Microsoft Corporation)
BHO-x32: Canon Easy-WebPrint EX BHO -> {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} -> C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexbho.dll [2015-02-23] (CANON INC.)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_111\bin\ssv.dll [2016-10-25] (Oracle Corporation)
BHO-x32: Pas de nom -> {95E84BD3-3604-4AAC-B2CA-D9AC3E55B64B} -> Pas de fichier
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\URLREDIR.DLL [2016-12-09] (Microsoft Corporation)
BHO-x32: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\GROOVEEX.DLL [2016-12-09] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_111\bin\jp2ssv.dll [2016-10-25] (Oracle Corporation)
Toolbar: HKLM - Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files\Canon\Easy-WebPrint EX\ewpexhlp.dll [2015-02-23] (CANON INC.)
Toolbar: HKLM-x32 - Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll [2015-02-23] (CANON INC.)
Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2016-12-10] (Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2016-12-09] (Microsoft Corporation)
Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2016-12-10] (Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2016-12-09] (Microsoft Corporation)
Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2016-12-10] (Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2016-12-09] (Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2016-12-10] (Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2016-12-09] (Microsoft Corporation)
FireFox:
========
FF DefaultProfile: cdkuk2xa.default
FF ProfilePath: C:\Users\xoxel\AppData\Roaming\Mozilla\Firefox\naweriweentcofise\Profiles\cdkuk2xa.default\Profiles\cdkuk2xa.default [non trouvé(e)]
FF ProfilePath: C:\Users\xoxel\AppData\Roaming\Mozilla\Firefox\naweriweentcofise\Profiles\cdkuk2xa.default\Profiles\yvmz1i6b.default-1470403802780 [non trouvé(e)]
FF ProfilePath: C:\Users\xoxel\AppData\Roaming\Mozilla\Firefox\Profiles\cdkuk2xa.default [2016-12-25]
FF NewTab: Mozilla\Firefox\Profiles\cdkuk2xa.default -> about:newtab
FF DefaultSearchEngine: Mozilla\Firefox\Profiles\cdkuk2xa.default -> Google
FF DefaultSearchUrl: Mozilla\Firefox\Profiles\cdkuk2xa.default -> hxxps://www.google.com/search?bcutc=sp-006
FF SearchEngineOrder.1: Mozilla\Firefox\Profiles\cdkuk2xa.default -> Google
FF SelectedSearchEngine: Mozilla\Firefox\Profiles\cdkuk2xa.default -> Google
FF Homepage: Mozilla\Firefox\Profiles\cdkuk2xa.default -> hxxps://www.google.com/?bcutc=sp-006
FF Keyword.URL: Mozilla\Firefox\Profiles\cdkuk2xa.default -> hxxps://www.google.com/search?bcutc=sp-006
FF Extension: (Firefox Hotfix) - C:\Users\xoxel\AppData\Roaming\Mozilla\Firefox\Profiles\cdkuk2xa.default\Extensions\firefox-hotfix@mozilla.org.xpi [2016-09-09]
FF SearchPlugin: C:\Users\xoxel\AppData\Roaming\Mozilla\Firefox\Profiles\cdkuk2xa.default\searchplugins\2icmkui5.xml [2016-12-24]
FF SearchPlugin: C:\Users\xoxel\AppData\Roaming\Mozilla\Firefox\Profiles\cdkuk2xa.default\searchplugins\google-avast.xml [2016-12-24]
FF ProfilePath: C:\Users\xoxel\AppData\Roaming\Mozilla\Firefox\Profiles\yvmz1i6b.default-1470403802780 [2016-12-25]
FF SelectedSearchEngine: Mozilla\Firefox\Profiles\yvmz1i6b.default-1470403802780 -> Google
FF DefaultSearchEngine: Mozilla\Firefox\Profiles\yvmz1i6b.default-1470403802780 -> Google
FF DefaultSearchUrl: Mozilla\Firefox\Profiles\yvmz1i6b.default-1470403802780 -> hxxps://www.google.com/search?bcutc=sp-006
FF SearchEngineOrder.1: Mozilla\Firefox\Profiles\yvmz1i6b.default-1470403802780 -> Google
FF Keyword.URL: Mozilla\Firefox\Profiles\yvmz1i6b.default-1470403802780 -> hxxps://www.google.com/search?bcutc=sp-006
FF Homepage: Mozilla\Firefox\Profiles\yvmz1i6b.default-1470403802780 -> hxxps://www.google.com/?bcutc=sp-006
FF NewTab: Mozilla\Firefox\Profiles\yvmz1i6b.default-1470403802780 -> about:newtab
FF SearchPlugin: C:\Users\xoxel\AppData\Roaming\Mozilla\Firefox\Profiles\yvmz1i6b.default-1470403802780\searchplugins\google-avast.xml [2016-12-24]
FF Extension: (Adblocker for Youtube™) - C:\Program Files (x86)\Mozilla Firefox\browser\features\{95E84BD3-3604-4AAC-B2CA-D9AC3E55B64B} [2016-12-24] [non signé]
FF Plugin: @microsoft.com/GENUINE -> disabled [Pas de fichier]
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2016-12-10] (Microsoft Corporation)
FF Plugin-x32: @canon.com/EPPEX -> C:\Program Files (x86)\Canon\My Image Garden\AddOn\CIG\npmigfpi.dll [2011-11-30] (CANON INC.)
FF Plugin-x32: @java.com/DTPlugin,version=11.111.2 -> C:\Program Files (x86)\Java\jre1.8.0_111\bin\dtplugin\npDeployJava1.dll [2016-10-25] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.111.2 -> C:\Program Files (x86)\Java\jre1.8.0_111\bin\plugin2\npjp2.dll [2016-10-25] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [Pas de fichier]
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2016-12-09] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2016-12-10] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2016-12-16] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2016-12-16] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2016-10-01] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-3944157077-3381171393-2049731925-1000: SkypePlugin -> C:\Users\xoxel\AppData\Local\SkypePlugin\7.26.0.48\npGatewayNpapi.dll [2016-09-22] (Skype Technologies S.A.)
FF Plugin HKU\S-1-5-21-3944157077-3381171393-2049731925-1000: SkypePlugin64 -> C:\Users\xoxel\AppData\Local\SkypePlugin\7.26.0.48\npGatewayNpapi-x64.dll [2016-09-22] (Skype Technologies S.A.)
Chrome:
=======
CHR DefaultProfile: Profile 1
CHR HomePage: Profile 1 -> hxxp://www.google.com/
CHR StartupUrls: Profile 1 -> "hxxp://www.google.com/"
CHR Profile: C:\Users\xoxel\AppData\Local\Google\Chrome\User Data\ChromeDefaultData [2016-12-24] <==== ATTENTION
CHR Profile: C:\Users\xoxel\AppData\Local\Google\Chrome\User Data\Default [2016-12-24]
CHR Extension: (Pas de nom) - C:\Users\xoxel\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-03-02]
CHR Extension: (Web Developer) - C:\Users\xoxel\AppData\Local\Google\Chrome\User Data\Default\Extensions\bfbameneiokkgbdmiekhjnmfkcnldhhm [2016-09-12]
CHR Extension: (Pas de nom) - C:\Users\xoxel\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-03-02]
CHR Extension: (Pas de nom) - C:\Users\xoxel\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2016-10-27]
CHR Extension: (Pas de nom) - C:\Users\xoxel\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2016-03-02]
CHR Extension: (Pas de nom) - C:\Users\xoxel\AppData\Local\Google\Chrome\User Data\Default\Extensions\eojeoeddgeaeahpmfabdfpfialkoplcb [2016-12-24]
CHR Extension: (Mech Hero) - C:\Users\xoxel\AppData\Local\Google\Chrome\User Data\Default\Extensions\falbfmgplkcpmcfdbedincgjganegaie [2016-03-02]
CHR Extension: (Pax Britannica) - C:\Users\xoxel\AppData\Local\Google\Chrome\User Data\Default\Extensions\ighmialmbbfaccipgobinbkkcahbinki [2016-03-02]
CHR Extension: (Hacker Vs Hacker) - C:\Users\xoxel\AppData\Local\Google\Chrome\User Data\Default\Extensions\liagglcdcopmflkgefpaifbbmnfpbpdd [2016-03-02]
CHR Extension: (Chroma Wars) - C:\Users\xoxel\AppData\Local\Google\Chrome\User Data\Default\Extensions\mgojhnokgjooglbmjkmapacckddnbihp [2016-03-02]
CHR Extension: (Chrome Web Store Payments) - C:\Users\xoxel\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-04-01]
CHR Extension: (Pas de nom) - C:\Users\xoxel\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-03-02]
CHR Extension: (Chrome Media Router) - C:\Users\xoxel\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2016-12-15]
CHR Profile: C:\Users\xoxel\AppData\Local\Google\Chrome\User Data\Profile 1 [2016-12-25]
CHR Extension: (Google Slides) - C:\Users\xoxel\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2016-12-24]
CHR Extension: (Google Docs) - C:\Users\xoxel\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aohghmighlieiainnegkcijnfilokake [2016-12-24]
CHR Extension: (Google Drive) - C:\Users\xoxel\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-12-24]
CHR Extension: (Web Developer) - C:\Users\xoxel\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\bfbameneiokkgbdmiekhjnmfkcnldhhm [2016-12-24]
CHR Extension: (YouTube) - C:\Users\xoxel\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-12-24]
CHR Extension: (Adblock Plus) - C:\Users\xoxel\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2016-12-24]
CHR Extension: (Mech Hero) - C:\Users\xoxel\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\falbfmgplkcpmcfdbedincgjganegaie [2016-12-24]
CHR Extension: (Avast SafePrice) - C:\Users\xoxel\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\fcoadmpfijfcmokecmkgolhbaeclfage [2016-12-24]
CHR Extension: (Google Sheets) - C:\Users\xoxel\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2016-12-24]
CHR Extension: (Google Docs hors connexion) - C:\Users\xoxel\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-12-24]
CHR Extension: (Pax Britannica) - C:\Users\xoxel\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ighmialmbbfaccipgobinbkkcahbinki [2016-12-24]
CHR Extension: (Hacker Vs Hacker) - C:\Users\xoxel\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\liagglcdcopmflkgefpaifbbmnfpbpdd [2016-12-24]
CHR Extension: (Application Launcher for Drive (by Google)) - C:\Users\xoxel\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh [2016-12-24]
CHR Extension: (Chroma Wars) - C:\Users\xoxel\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\mgojhnokgjooglbmjkmapacckddnbihp [2016-12-24]
CHR Extension: (Paiements via le Chrome Web Store) - C:\Users\xoxel\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-12-24]
CHR Extension: (Gmail) - C:\Users\xoxel\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-12-24]
CHR Extension: (Chrome Media Router) - C:\Users\xoxel\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2016-12-24]
CHR HKU\S-1-5-21-3944157077-3381171393-2049731925-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [fcoadmpfijfcmokecmkgolhbaeclfage] - hxxps://clients2.google.com/service/update2/crx
==================== Services (Avec liste blanche) ====================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [197128 2016-09-02] (AVAST Software)
S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [1405448 2016-07-31] ()
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [2946304 2016-12-09] (Microsoft Corporation)
S3 Disc Soft Lite Bus Service; G:\DAEMON Tools Lite\DiscSoftBusService.exe [1444544 2016-03-01] (Disc Soft Ltd)
R2 ESRV_SVC_WILLAMETTE; C:\Program Files\Intel\SUR\WILLAMETTE\ESRV\esrv_svc.exe [416408 2016-06-08] ()
R2 healthmon; C:\Program Files (x86)\AdAware\hms\healthmon.exe [137560 2016-09-01] (Lavasoft)
R2 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe [344168 2015-10-27] (Intel Corporation)
R2 IJPLMSVC; C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE [140936 2013-05-14] ()
R2 Kgphchujicult; C:\Program Files (x86)\Gcerlearacy\lrfmdl.dll [177664 2016-12-24] () [Fichier non signé]
S2 libusbd; C:\Windows\SysWOW64\libusbd-nt.exe [18944 2005-03-09] (hxxp://libusb-win32.sourceforge.net) [Fichier non signé]
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [268704 2016-08-04] ()
S3 Origin Client Service; G:\Origin\OriginClientService.exe [2142728 2016-10-31] (Electronic Arts)
R2 Origin Web Helper Service; G:\Origin\OriginWebHelperService.exe [2209296 2016-10-31] (Electronic Arts)
R2 SynTPEnhService; C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe [237736 2015-07-23] (Synaptics Incorporated)
R2 SystemUsageReportSvc_WILLAMETTE; C:\Program Files (x86)\Intel Driver Update Utility\SUR\SurSvc.exe [117400 2016-06-08] ()
S3 USER_ESRV_SVC_WILLAMETTE; C:\Program Files\Intel\SUR\WILLAMETTE\ESRV\esrv_svc.exe [416408 2016-06-08] ()
R2 VMAuthdService; G:\VMWare\vmware-authd.exe [97864 2016-09-06] (VMware, Inc.)
S3 VMwareHostd; G:\VMWare\vmware-hostd.exe [12472904 2016-09-06] ()
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
R2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [3732896 2016-08-04] (Intel® Corporation)
S3 wampapache64; "G:\wamp64\bin\apache\apache2.4.23\bin\httpd.exe" -k runservice [X]
S3 wampmysqld64; G:\wamp64\bin\mysql\mysql5.7.14\bin\mysqld.exe wampmysqld64 [X]
===================== Pilotes (Avec liste blanche) ======================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
R0 amdkmpfd; C:\Windows\System32\DRIVERS\amdkmpfd.sys [69320 2016-05-19] (Advanced Micro Devices, Inc.)
S3 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [37656 2016-09-02] (AVAST Software)
R1 aswKbd; C:\Windows\system32\drivers\aswKbd.sys [37144 2016-09-02] (AVAST Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [108816 2016-09-02] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [103064 2016-09-02] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [74544 2016-09-02] (AVAST Software)
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [969184 2016-09-13] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [513632 2016-09-22] (AVAST Software)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [163416 2016-09-02] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [293352 2016-10-13] (AVAST Software)
R3 dtlitescsibus; C:\Windows\System32\DRIVERS\dtlitescsibus.sys [30264 2016-03-25] (Disc Soft Ltd)
R3 dtliteusbbus; C:\Windows\System32\DRIVERS\dtliteusbbus.sys [47672 2016-03-25] (Disc Soft Ltd)
R3 e1dexpress; C:\Windows\System32\DRIVERS\e1d62x64.sys [502256 2016-01-22] (Intel Corporation)
S3 libusb0; C:\Windows\SysWOW64\drivers\libusb0.sys [33792 2005-03-09] () [Fichier non signé]
R3 MEIx64; C:\Windows\System32\DRIVERS\TeeDriverx64.sys [129312 2014-09-30] (Intel Corporation)
R3 NETwNs64; C:\Windows\System32\DRIVERS\Netwsw02.sys [3426576 2016-05-03] (Intel Corporation)
S3 rzendpt; C:\Windows\System32\DRIVERS\rzendpt.sys [50392 2015-08-13] (Razer Inc)
S3 rzmpos; C:\Windows\System32\DRIVERS\rzmpos.sys [48840 2015-08-13] (Razer Inc)
R3 ScpVBus; C:\Windows\System32\DRIVERS\ScpVBus.sys [39168 2013-05-19] (Scarlet.Crush Productions)
R3 semav6msr64; C:\Windows\system32\drivers\semav6msr64.sys [21984 2015-06-04] ()
R3 SmbDrvI; C:\Windows\System32\DRIVERS\Smb_driver_Intel.sys [33960 2015-07-23] (Synaptics Incorporated)
R1 vmkbd3; C:\Windows\System32\DRIVERS\vmkbd.sys [52288 2016-09-06] (VMware, Inc.)
R0 vsock; C:\Windows\System32\drivers\vsock.sys [93248 2016-09-02] (VMware, Inc.)
R2 vstor2-mntapi20-shared; C:\Windows\SysWow64\drivers\vstor2-mntapi20-shared.sys [34520 2015-07-09] (VMware, Inc.)
S3 wdm_usb; C:\Windows\System32\DRIVERS\usb2ser.sys [151184 2016-03-10] (MBB)
S2 MBAMChameleon; \SystemRoot\system32\drivers\MBAMChameleon.sys [X]
==================== NetSvcs (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
==================== Un mois - Créés - fichiers et dossiers ========
(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)
2016-12-25 15:18 - 2016-12-25 15:19 - 00030988 _____ C:\Users\xoxel\Downloads\FRST.txt
2016-12-25 15:18 - 2016-12-25 15:18 - 00000000 ____D C:\FRST
2016-12-25 15:17 - 2016-12-25 15:17 - 02420736 _____ (Farbar) C:\Users\xoxel\Downloads\FRST64.exe
2016-12-25 14:21 - 2016-12-25 14:21 - 00000000 ____D C:\Users\xoxel\AppData\LocalLow\Blizzard Entertainment
2016-12-25 01:05 - 2016-12-25 01:05 - 00000000 ____D C:\Users\xoxel\AppData\Local\ElevatedDiagnostics
2016-12-25 01:04 - 2016-12-25 01:04 - 813725464 _____ C:\Windows\MEMORY.DMP
2016-12-25 01:04 - 2016-12-25 01:04 - 00282064 _____ C:\Windows\Minidump\122516-22089-01.dmp
2016-12-25 01:04 - 2016-12-25 01:04 - 00095494 _____ C:\Windows\ntbtlog.txt
2016-12-25 01:04 - 2016-12-25 01:04 - 00000000 ____D C:\Windows\Minidump
2016-12-25 00:47 - 2016-12-25 00:47 - 00000000 ____D C:\Program Files\Common Files\Intel
2016-12-25 00:47 - 2016-12-25 00:47 - 00000000 ____D C:\Program Files (x86)\Cisco
2016-12-24 22:28 - 2016-12-24 22:29 - 54199488 _____ (Malwarebytes ) C:\Users\xoxel\Downloads\mb3-setup-consumer-3.0.5.1299.exe
2016-12-24 21:37 - 2016-12-24 21:58 - 00000000 ____D C:\Users\xoxel\AppData\Roaming\MyMemoryPackage
2016-12-24 21:37 - 2016-12-24 21:37 - 00001841 _____ C:\Users\xoxel\Desktop\MyMemory.lnk
2016-12-24 21:37 - 2016-12-24 21:37 - 00000000 ____D C:\Users\xoxel\AppData\Roaming\Note-UP
2016-12-24 21:36 - 2016-12-24 22:46 - 00000000 ____D C:\Users\xoxel\AppData\Roaming\Aramushsojiied
2016-12-24 21:36 - 2016-12-24 21:36 - 00006052 _____ C:\Windows\System32\Tasks\Vuepychoperge Nodifier
2016-12-24 21:36 - 2016-12-24 21:36 - 00000000 ____D C:\Program Files (x86)\Hopoentjerzert Update
2016-12-24 21:35 - 2016-12-24 23:14 - 00000000 ____D C:\Program Files (x86)\Gcerlearacy
2016-12-24 21:35 - 2016-12-24 22:06 - 00000000 ____D C:\Windows\system32\SSL
2016-12-24 21:35 - 2016-12-24 21:36 - 00000000 ____D C:\Users\xoxel\AppData\Local\Fatergeanuverph
2016-12-24 21:35 - 2016-12-24 21:35 - 00009528 _____ C:\Windows\SysWOW64\zdengineOff.ini
2016-12-24 21:35 - 2016-12-24 21:35 - 00009528 _____ C:\Windows\system32\zdengineOff.ini
2016-12-24 19:16 - 2016-12-24 19:16 - 00000000 ____D C:\Users\xoxel\Documents\Diablo III
2016-12-23 21:53 - 2016-12-23 21:53 - 01930934 _____ C:\Windows\6b2d32cf3b881e5c157add05547b4236.exe
2016-12-23 12:39 - 2016-12-23 12:39 - 00000000 ____D C:\Users\xoxel\AppData\Local\VSIXInstaller
2016-12-22 09:51 - 2016-12-22 09:51 - 00000000 ____D C:\Program Files\Common Files\DESIGNER
2016-12-22 09:51 - 2016-12-22 09:51 - 00000000 ____D C:\27aecd90628f4aecfa8f39fdd387cb8c
2016-12-18 17:30 - 2016-09-02 14:42 - 00391496 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2016-12-16 10:33 - 2016-12-16 10:33 - 00000828 _____ C:\Users\xoxel\AppData\Local\recently-used.xbel
2016-12-13 09:23 - 2016-12-13 09:23 - 00000000 ____D C:\Users\xoxel\AppData\Local\Chromium
2016-12-06 13:29 - 2016-12-06 13:29 - 00000000 ____D C:\Users\xoxel\Documents\League of Legends
2016-12-02 15:57 - 2016-12-02 15:57 - 00000202 _____ C:\Users\xoxel\Desktop\FINAL FANTASY XIII.url
2016-11-29 09:28 - 2016-11-29 09:51 - 00000000 ____D C:\Users\xoxel\AppData\Local\Solid State Networks
==================== Un mois - Modifiés - fichiers et dossiers ========
(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)
2016-12-25 15:17 - 2016-03-05 17:10 - 00000000 ____D C:\Users\xoxel\AppData\Local\Battle.net
2016-12-25 14:59 - 2014-08-14 11:32 - 00001002 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2016-12-25 14:22 - 2016-06-12 15:18 - 00000000 ____D C:\Users\xoxel\AppData\Roaming\discord
2016-12-25 14:20 - 2016-05-17 14:54 - 00000000 ____D C:\ProgramData\Origin
2016-12-25 13:51 - 2016-09-01 08:38 - 00000000 ____D C:\Users\xoxel\AppData\Roaming\Slack
2016-12-25 13:49 - 2009-07-14 05:45 - 00027104 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2016-12-25 13:49 - 2009-07-14 05:45 - 00027104 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2016-12-25 13:42 - 2011-04-12 10:16 - 00750292 _____ C:\Windows\system32\perfh00C.dat
2016-12-25 13:42 - 2011-04-12 10:16 - 00151310 _____ C:\Windows\system32\perfc00C.dat
2016-12-25 13:42 - 2009-07-14 06:13 - 01676358 _____ C:\Windows\system32\PerfStringBackup.INI
2016-12-25 13:42 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\inf
2016-12-25 13:37 - 2016-03-02 11:44 - 00000000 __SHD C:\Users\xoxel\IntelGraphicsProfiles
2016-12-25 13:36 - 2016-03-17 09:23 - 00000000 ____D C:\ProgramData\VMware
2016-12-25 13:35 - 2009-07-14 06:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2016-12-25 10:55 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\system32\NDF
2016-12-25 10:45 - 2016-09-25 10:11 - 00065536 _____ C:\Windows\system32\spu_storage.bin
2016-12-25 10:39 - 2016-09-02 16:16 - 00000000 ____D C:\Users\xoxel\AppData\Local\TSVNCache
2016-12-25 00:50 - 2014-08-14 17:38 - 00000000 ____D C:\ProgramData\Package Cache
2016-12-25 00:48 - 2016-04-23 14:02 - 00000000 ____D C:\ProgramData\Intel
2016-12-25 00:47 - 2014-08-14 17:39 - 00000000 ____D C:\Program Files (x86)\Intel
2016-12-25 00:40 - 2014-08-14 11:28 - 00000000 ____D C:\Program Files\Intel
2016-12-25 00:38 - 2014-08-14 11:27 - 00000000 ____D C:\SWSetup
2016-12-24 23:12 - 2016-09-01 18:51 - 00000000 ____D C:\Users\xoxel\AppData\Local\CrashDumps
2016-12-24 22:43 - 2016-11-09 15:49 - 00000000 ____D C:\Users\xoxel\AppData\Roaming\Messenger for Desktop
2016-12-24 21:57 - 2016-04-01 17:41 - 00001853 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2016-12-24 21:45 - 2016-03-02 11:21 - 00002229 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-12-24 21:45 - 2016-03-02 11:21 - 00002211 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2016-12-23 21:54 - 2016-06-12 17:15 - 00000000 ____D C:\ProgramData\CanonIJPLM
2016-12-23 21:47 - 2009-07-14 05:45 - 00426208 _____ C:\Windows\system32\FNTCACHE.DAT
2016-12-23 15:41 - 2016-03-02 11:20 - 00111880 _____ C:\Users\xoxel\AppData\Local\GDIPFONTCACHEV1.DAT
2016-12-23 13:05 - 2016-06-25 19:55 - 00000000 ____D C:\Users\xoxel\AppData\Local\Ubisoft Game Launcher
2016-12-23 12:48 - 2016-03-12 18:29 - 00015040 _____ C:\Windows\system32\--traceoff
2016-12-23 12:47 - 2016-09-12 09:15 - 00000000 ____D C:\Program Files (x86)\TeamViewer
2016-12-23 12:41 - 2016-04-14 17:58 - 00000000 ____D C:\Windows\system32\1036
2016-12-23 12:41 - 2016-04-06 16:16 - 00000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2016-12-23 12:41 - 2009-07-14 04:20 - 00000000 ____D C:\Program Files\Common Files\Microsoft Shared
2016-12-23 12:40 - 2016-04-14 18:01 - 00000000 ____D C:\Windows\system32\1033
2016-12-23 12:39 - 2016-04-14 17:55 - 00000000 ____D C:\Program Files (x86)\Microsoft SDKs
2016-12-23 12:39 - 2009-07-14 06:32 - 00000000 ____D C:\Program Files (x86)\MSBuild
2016-12-23 12:38 - 2016-04-14 17:55 - 00000000 ____D C:\Program Files (x86)\Windows Kits
2016-12-23 12:37 - 2016-04-14 18:01 - 00000000 ____D C:\Windows\SysWOW64\1036
2016-12-23 12:15 - 2016-04-14 18:04 - 00000000 ____D C:\Program Files (x86)\Microsoft Visual Studio 12.0
2016-12-23 12:09 - 2016-05-17 14:54 - 00000000 ____D C:\ProgramData\Electronic Arts
2016-12-23 12:09 - 2009-07-14 06:32 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2016-12-23 10:56 - 2016-11-14 16:34 - 00000493 _____ C:\Users\Public\Desktop\Diablo III.lnk
2016-12-23 10:53 - 2014-08-15 17:44 - 00000000 ____D C:\Windows\system32\appmgmt
2016-12-22 09:51 - 2016-11-15 09:36 - 00000000 ___HT C:\Windows\wusa.lock
2016-12-22 09:49 - 2016-04-06 16:14 - 00000000 ____D C:\Program Files\Microsoft Office
2016-12-21 17:24 - 2016-03-10 22:01 - 00000000 ____D C:\Users\xoxel\AppData\Roaming\Skype
2016-12-21 14:06 - 2016-09-12 09:28 - 00000000 ____D C:\Users\xoxel\AppData\Roaming\npm-cache
2016-12-20 09:32 - 2016-08-03 14:02 - 00003916 _____ C:\Windows\System32\Tasks\SafeZone scheduled Autoupdate 1470229375
2016-12-18 18:02 - 2016-03-29 18:35 - 00000000 ____D C:\Users\xoxel\Downloads\game
2016-12-18 18:02 - 2016-03-12 17:33 - 00001035 _____ C:\Users\xoxel\Downloads\nativelog.txt
2016-12-18 17:31 - 2016-08-03 14:01 - 00001922 _____ C:\Users\Public\Desktop\Avast Antivirus Gratuit.lnk
2016-12-18 17:30 - 2016-08-03 14:01 - 00003922 _____ C:\Windows\System32\Tasks\avast! Emergency Update
2016-12-16 10:34 - 2016-07-28 21:25 - 00000000 ____D C:\Users\xoxel\.gimp-2.8
2016-12-16 09:49 - 2016-03-02 11:20 - 00003500 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2016-12-16 09:49 - 2016-03-02 11:20 - 00003372 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2016-12-13 10:59 - 2014-08-14 11:32 - 00802904 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2016-12-13 10:59 - 2014-08-14 11:32 - 00144472 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2016-12-13 10:59 - 2014-08-14 11:32 - 00003940 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2016-12-13 10:59 - 2014-08-14 11:32 - 00000000 ____D C:\Windows\SysWOW64\Macromed
2016-12-13 10:59 - 2014-08-14 11:32 - 00000000 ____D C:\Windows\system32\Macromed
2016-12-13 09:24 - 2016-03-02 11:55 - 00000000 ____D C:\Users\xoxel\AppData\Local\Steam
2016-12-12 09:27 - 2016-09-01 08:38 - 00002116 _____ C:\Users\xoxel\Desktop\Slack.lnk
2016-12-12 09:27 - 2016-09-01 08:38 - 00000000 ____D C:\Users\xoxel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Slack Technologies
2016-12-12 09:27 - 2016-09-01 08:38 - 00000000 ____D C:\Users\xoxel\AppData\Local\slack
2016-12-12 09:25 - 2016-06-12 15:18 - 00000000 ____D C:\Users\xoxel\AppData\Local\SquirrelTemp
2016-12-06 17:25 - 2016-09-01 08:55 - 00000000 ____D C:\Users\xoxel\AppData\Roaming\FileZilla
2016-12-06 12:49 - 2016-03-05 01:29 - 00000000 ____D C:\Users\xoxel\AppData\Roaming\Riot Games
2016-12-02 15:44 - 2016-03-02 12:21 - 00000000 ____D C:\Users\xoxel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2016-11-29 09:39 - 2016-03-21 22:12 - 00000000 ____D C:\Users\xoxel\AppData\Roaming\TS3Client
==================== Fichiers à la racine de certains dossiers =======
2016-07-06 12:58 - 2016-07-15 13:18 - 0000113 _____ () C:\Users\xoxel\AppData\Roaming\D2Info0
2016-07-06 12:58 - 2016-07-15 15:10 - 0000008 _____ () C:\Users\xoxel\AppData\Roaming\DofusAppId0_1
2016-07-06 18:30 - 2016-07-12 13:05 - 0000008 _____ () C:\Users\xoxel\AppData\Roaming\DofusAppId0_2
2016-07-12 20:26 - 2016-07-12 22:05 - 0000008 _____ () C:\Users\xoxel\AppData\Roaming\DofusAppId0_3
2016-11-23 00:42 - 2016-11-23 00:42 - 0003584 _____ () C:\Users\xoxel\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2016-12-16 10:33 - 2016-12-16 10:33 - 0000828 _____ () C:\Users\xoxel\AppData\Local\recently-used.xbel
2016-04-11 18:49 - 2016-11-07 21:11 - 0007619 _____ () C:\Users\xoxel\AppData\Local\Resmon.ResmonCfg
2016-05-14 20:07 - 2016-03-15 20:07 - 0000032 ____R () C:\ProgramData\hash.dat
Fichiers à déplacer ou supprimer:
====================
C:\ProgramData\hash.dat
==================== Bamital & volsnap ======================
(Il n'y a pas de correction automatique pour les fichiers qui ne satisfont pas à la vérification.)
C:\Windows\system32\winlogon.exe => Le fichier est signé numériquement
C:\Windows\system32\wininit.exe => Le fichier est signé numériquement
C:\Windows\SysWOW64\wininit.exe => Le fichier est signé numériquement
C:\Windows\explorer.exe => Le fichier est signé numériquement
C:\Windows\SysWOW64\explorer.exe => Le fichier est signé numériquement
C:\Windows\system32\svchost.exe => Le fichier est signé numériquement
C:\Windows\SysWOW64\svchost.exe => Le fichier est signé numériquement
C:\Windows\system32\services.exe => Le fichier est signé numériquement
C:\Windows\system32\User32.dll => Le fichier est signé numériquement
C:\Windows\SysWOW64\User32.dll => Le fichier est signé numériquement
C:\Windows\system32\userinit.exe => Le fichier est signé numériquement
C:\Windows\SysWOW64\userinit.exe => Le fichier est signé numériquement
C:\Windows\system32\rpcss.dll => Le fichier est signé numériquement
C:\Windows\system32\dnsapi.dll => Le fichier est signé numériquement
C:\Windows\SysWOW64\dnsapi.dll => Le fichier est signé numériquement
C:\Windows\system32\Drivers\volsnap.sys => Le fichier est signé numériquement
LastRegBack: 2016-12-12 14:11
==================== Fin de FRST.txt ============================
Exécuté par xoxel (administrateur) sur XOXEL-PC (25-12-2016 15:18:53)
Exécuté depuis C:\Users\xoxel\Downloads
Profils chargés: xoxel (Profils disponibles: xoxel)
Platform: Windows 7 Professional Service Pack 1 (X64) Langue: Français (France)
Internet Explorer Version 11 (Navigateur par défaut: Chrome)
Mode d'amorçage: Normal
Tutoriel pour Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processus (Avec liste blanche) =================
(Si un élément est inclus dans le fichier fixlist.txt, le processus sera arrêté. Le fichier ne sera pas déplacé.)
(AMD) C:\Windows\System32\atiesrxx.exe
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe
(Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
() C:\Program Files (x86)\Canon\IJPLM\ijplmsvc.exe
(Intel Corporation) C:\Windows\System32\IPROSetMonitor.exe
(Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
() C:\Program Files (x86)\Intel Driver Update Utility\SUR\SurSvc.exe
(AMD) C:\Program Files\AMD\amdkmpfd_un\atieclxx.exe
(VMware, Inc.) C:\Windows\SysWOW64\vmnetdhcp.exe
(VMware, Inc.) C:\Windows\SysWOW64\vmnat.exe
(Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
(VMware, Inc.) G:\VMWare\vmware-authd.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\RadeonSettings.exe
(Valve Corporation) G:\Steam\Steam.exe
(hxxp://tortoisesvn.net) C:\Program Files\TortoiseSVN\bin\TSVNCache.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Valve Corporation) G:\Steam\bin\cef\cef.win7\steamwebhelper.exe
(Valve Corporation) G:\Steam\bin\cef\cef.win7\steamwebhelper.exe
() C:\Program Files\Intel\SUR\WILLAMETTE\ESRV\esrv.exe
(Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe
() C:\Program Files\Intel\SUR\WILLAMETTE\ESRV\esrv_svc.exe
(Microsoft Corporation) C:\Windows\System32\DeviceDisplayObjectProvider.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Electronic Arts) G:\Origin\OriginWebHelperService.exe
(Blizzard Entertainment) C:\ProgramData\Battle.net\Agent\Agent.5342\Agent.exe
(Blizzard Entertainment) G:\Battle.net\Battle.net.8180\Battle.net.exe
() G:\Battle.net\Battle.net.8180\Battle.net Helper.exe
() G:\Battle.net\Battle.net.8180\Battle.net Helper.exe
(Hammer & Chisel, Inc.) C:\Users\xoxel\AppData\Local\Discord\app-0.0.296\Discord.exe
(Hammer & Chisel, Inc.) C:\Users\xoxel\AppData\Local\Discord\app-0.0.296\Discord.exe
(Hammer & Chisel, Inc.) C:\Users\xoxel\AppData\Local\Discord\app-0.0.296\Discord.exe
(Hammer & Chisel, Inc.) C:\Users\xoxel\AppData\Local\Discord\app-0.0.296\Discord.exe
(Hammer & Chisel, Inc.) C:\Users\xoxel\AppData\Local\Discord\app-0.0.296\Discord.exe
(Hammer & Chisel, Inc.) C:\Users\xoxel\AppData\Local\Discord\app-0.0.296\Discord.exe
(Lavasoft) C:\Program Files (x86)\AdAware\hms\healthmon.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
==================== Registre (Avec liste blanche) ====================
(Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé. Le fichier ne sera pas déplacé.)
HKLM\...\Run: [Logitech Download Assistant] => C:\Windows\system32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch
HKLM\...\Run: [StartCN] => C:\Program Files\AMD\CNext\CNext\RadeonSettings.exe [6626696 2016-07-18] (Advanced Micro Devices, Inc.)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [3937448 2015-07-23] (Synaptics Incorporated)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [9080768 2016-11-15] (AVAST Software)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [587288 2016-09-22] (Oracle Corporation)
HKLM-x32\...\Run: [YouCam Mirage] => "c:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe"
HKLM-x32\...\Run: [YouCam Tray] => c:\Program Files (x86)\CyberLink\YouCam\YouCamTray.exe [168920 2014-10-06] (CyberLink Corp.)
HKLM-x32\...\Run: [MyMemory] => C:\Program Files (x86)\MyMemory\MyMemory.exe /watch <===== ATTENTION
HKU\S-1-5-21-3944157077-3381171393-2049731925-1000\...\Run: [Steam] => G:\Steam\steam.exe [2876704 2016-12-20] (Valve Corporation)
HKU\S-1-5-21-3944157077-3381171393-2049731925-1000\...\Run: [EADM] => G:\Origin\Origin.exe [3502576 2016-10-31] (Electronic Arts)
HKU\S-1-5-21-3944157077-3381171393-2049731925-1000\...\Run: [f.lux] => C:\Users\xoxel\AppData\Local\FluxSoftware\Flux\flux.exe [1017224 2013-10-23] (Flux Software LLC)
HKU\S-1-5-21-3944157077-3381171393-2049731925-1000\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [8944344 2016-09-28] (Piriform Ltd)
HKU\S-1-5-21-3944157077-3381171393-2049731925-1000\...\MountPoints2: J - J:\setup.exe
HKU\S-1-5-21-3944157077-3381171393-2049731925-1000\...\MountPoints2: {ac93b5c9-fc07-11e5-a4f1-5ce0c583ed9c} - J:\setup.exe
HKLM\...\Providers\d6jqzdco: C:\Program Files (x86)\Hopoentjerzert Update\local64spl.dll [292352 2016-12-24] ()
ShellExecuteHooks: Pas de nom - {E83CCA70-C682-11E6-B2F4-64006A5CFC23} - C:\Users\xoxel\AppData\Roaming\Aramushsojiied\Shervupy.dll -> Pas de fichier
ShellIconOverlayIdentifiers: [ Tortoise1Normal] -> {C5994560-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll [2015-08-25] (hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers: [ Tortoise2Modified] -> {C5994561-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll [2015-08-25] (hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers: [ Tortoise3Conflict] -> {C5994562-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll [2015-08-25] (hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers: [ Tortoise4Locked] -> {C5994563-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll [2015-08-25] (hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers: [ Tortoise5ReadOnly] -> {C5994564-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll [2015-08-25] (hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers: [ Tortoise6Deleted] -> {C5994565-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll [2015-08-25] (hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers: [ Tortoise7Added] -> {C5994566-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll [2015-08-25] (hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers: [ Tortoise8Ignored] -> {C5994567-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll [2015-08-25] (hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers: [ Tortoise9Unversioned] -> {C5994568-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll [2015-08-25] (hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2016-09-02] (AVAST Software)
ShellIconOverlayIdentifiers-x32: [ Tortoise1Normal] -> {C5994560-53D9-4125-87C9-F193FC689CB2} => C:\Program Files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll [2015-08-25] (hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers-x32: [ Tortoise2Modified] -> {C5994561-53D9-4125-87C9-F193FC689CB2} => C:\Program Files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll [2015-08-25] (hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers-x32: [ Tortoise3Conflict] -> {C5994562-53D9-4125-87C9-F193FC689CB2} => C:\Program Files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll [2015-08-25] (hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers-x32: [ Tortoise4Locked] -> {C5994563-53D9-4125-87C9-F193FC689CB2} => C:\Program Files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll [2015-08-25] (hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers-x32: [ Tortoise5ReadOnly] -> {C5994564-53D9-4125-87C9-F193FC689CB2} => C:\Program Files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll [2015-08-25] (hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers-x32: [ Tortoise6Deleted] -> {C5994565-53D9-4125-87C9-F193FC689CB2} => C:\Program Files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll [2015-08-25] (hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers-x32: [ Tortoise7Added] -> {C5994566-53D9-4125-87C9-F193FC689CB2} => C:\Program Files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll [2015-08-25] (hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers-x32: [ Tortoise8Ignored] -> {C5994567-53D9-4125-87C9-F193FC689CB2} => C:\Program Files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll [2015-08-25] (hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers-x32: [ Tortoise9Unversioned] -> {C5994568-53D9-4125-87C9-F193FC689CB2} => C:\Program Files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll [2015-08-25] (hxxp://tortoisesvn.net)
Startup: C:\Users\xoxel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Slack.lnk [2016-12-12]
ShortcutTarget: Slack.lnk -> C:\Users\xoxel\AppData\Local\slack\Update.exe ()
GroupPolicy: Restriction <======= ATTENTION
GroupPolicyScripts: Restriction <======= ATTENTION
==================== Internet (Avec liste blanche) ====================
(Si un élément est inclus dans le fichier fixlist.txt, s'il s'agit d'un élément du Registre, il sera supprimé ou restauré à la valeur par défaut.)
Hosts: Il y a plus d'un élément dans hosts. Voir la section Hosts de Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{5BC078F8-D2CE-46BA-A4BB-B9962AF32F57}: [DhcpNameServer] 192.168.1.1
Internet Explorer:
==================
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\Office16\OCHelper.dll [2016-12-10] (Microsoft Corporation)
BHO: Canon Easy-WebPrint EX BHO -> {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} -> C:\Program Files\Canon\Easy-WebPrint EX\ewpexbho.dll [2015-02-23] (CANON INC.)
BHO: Pas de nom -> {95E84BD3-3604-4AAC-B2CA-D9AC3E55B64B} -> Pas de fichier
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\root\Office16\URLREDIR.DLL [2016-12-10] (Microsoft Corporation)
BHO: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\root\Office16\GROOVEEX.DLL [2016-12-10] (Microsoft Corporation)
BHO-x32: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll [2016-12-09] (Microsoft Corporation)
BHO-x32: Canon Easy-WebPrint EX BHO -> {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} -> C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexbho.dll [2015-02-23] (CANON INC.)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_111\bin\ssv.dll [2016-10-25] (Oracle Corporation)
BHO-x32: Pas de nom -> {95E84BD3-3604-4AAC-B2CA-D9AC3E55B64B} -> Pas de fichier
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\URLREDIR.DLL [2016-12-09] (Microsoft Corporation)
BHO-x32: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\GROOVEEX.DLL [2016-12-09] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_111\bin\jp2ssv.dll [2016-10-25] (Oracle Corporation)
Toolbar: HKLM - Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files\Canon\Easy-WebPrint EX\ewpexhlp.dll [2015-02-23] (CANON INC.)
Toolbar: HKLM-x32 - Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll [2015-02-23] (CANON INC.)
Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2016-12-10] (Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2016-12-09] (Microsoft Corporation)
Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2016-12-10] (Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2016-12-09] (Microsoft Corporation)
Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2016-12-10] (Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2016-12-09] (Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2016-12-10] (Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2016-12-09] (Microsoft Corporation)
FireFox:
========
FF DefaultProfile: cdkuk2xa.default
FF ProfilePath: C:\Users\xoxel\AppData\Roaming\Mozilla\Firefox\naweriweentcofise\Profiles\cdkuk2xa.default\Profiles\cdkuk2xa.default [non trouvé(e)]
FF ProfilePath: C:\Users\xoxel\AppData\Roaming\Mozilla\Firefox\naweriweentcofise\Profiles\cdkuk2xa.default\Profiles\yvmz1i6b.default-1470403802780 [non trouvé(e)]
FF ProfilePath: C:\Users\xoxel\AppData\Roaming\Mozilla\Firefox\Profiles\cdkuk2xa.default [2016-12-25]
FF NewTab: Mozilla\Firefox\Profiles\cdkuk2xa.default -> about:newtab
FF DefaultSearchEngine: Mozilla\Firefox\Profiles\cdkuk2xa.default -> Google
FF DefaultSearchUrl: Mozilla\Firefox\Profiles\cdkuk2xa.default -> hxxps://www.google.com/search?bcutc=sp-006
FF SearchEngineOrder.1: Mozilla\Firefox\Profiles\cdkuk2xa.default -> Google
FF SelectedSearchEngine: Mozilla\Firefox\Profiles\cdkuk2xa.default -> Google
FF Homepage: Mozilla\Firefox\Profiles\cdkuk2xa.default -> hxxps://www.google.com/?bcutc=sp-006
FF Keyword.URL: Mozilla\Firefox\Profiles\cdkuk2xa.default -> hxxps://www.google.com/search?bcutc=sp-006
FF Extension: (Firefox Hotfix) - C:\Users\xoxel\AppData\Roaming\Mozilla\Firefox\Profiles\cdkuk2xa.default\Extensions\firefox-hotfix@mozilla.org.xpi [2016-09-09]
FF SearchPlugin: C:\Users\xoxel\AppData\Roaming\Mozilla\Firefox\Profiles\cdkuk2xa.default\searchplugins\2icmkui5.xml [2016-12-24]
FF SearchPlugin: C:\Users\xoxel\AppData\Roaming\Mozilla\Firefox\Profiles\cdkuk2xa.default\searchplugins\google-avast.xml [2016-12-24]
FF ProfilePath: C:\Users\xoxel\AppData\Roaming\Mozilla\Firefox\Profiles\yvmz1i6b.default-1470403802780 [2016-12-25]
FF SelectedSearchEngine: Mozilla\Firefox\Profiles\yvmz1i6b.default-1470403802780 -> Google
FF DefaultSearchEngine: Mozilla\Firefox\Profiles\yvmz1i6b.default-1470403802780 -> Google
FF DefaultSearchUrl: Mozilla\Firefox\Profiles\yvmz1i6b.default-1470403802780 -> hxxps://www.google.com/search?bcutc=sp-006
FF SearchEngineOrder.1: Mozilla\Firefox\Profiles\yvmz1i6b.default-1470403802780 -> Google
FF Keyword.URL: Mozilla\Firefox\Profiles\yvmz1i6b.default-1470403802780 -> hxxps://www.google.com/search?bcutc=sp-006
FF Homepage: Mozilla\Firefox\Profiles\yvmz1i6b.default-1470403802780 -> hxxps://www.google.com/?bcutc=sp-006
FF NewTab: Mozilla\Firefox\Profiles\yvmz1i6b.default-1470403802780 -> about:newtab
FF SearchPlugin: C:\Users\xoxel\AppData\Roaming\Mozilla\Firefox\Profiles\yvmz1i6b.default-1470403802780\searchplugins\google-avast.xml [2016-12-24]
FF Extension: (Adblocker for Youtube™) - C:\Program Files (x86)\Mozilla Firefox\browser\features\{95E84BD3-3604-4AAC-B2CA-D9AC3E55B64B} [2016-12-24] [non signé]
FF Plugin: @microsoft.com/GENUINE -> disabled [Pas de fichier]
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2016-12-10] (Microsoft Corporation)
FF Plugin-x32: @canon.com/EPPEX -> C:\Program Files (x86)\Canon\My Image Garden\AddOn\CIG\npmigfpi.dll [2011-11-30] (CANON INC.)
FF Plugin-x32: @java.com/DTPlugin,version=11.111.2 -> C:\Program Files (x86)\Java\jre1.8.0_111\bin\dtplugin\npDeployJava1.dll [2016-10-25] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.111.2 -> C:\Program Files (x86)\Java\jre1.8.0_111\bin\plugin2\npjp2.dll [2016-10-25] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [Pas de fichier]
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2016-12-09] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2016-12-10] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2016-12-16] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2016-12-16] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2016-10-01] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-3944157077-3381171393-2049731925-1000: SkypePlugin -> C:\Users\xoxel\AppData\Local\SkypePlugin\7.26.0.48\npGatewayNpapi.dll [2016-09-22] (Skype Technologies S.A.)
FF Plugin HKU\S-1-5-21-3944157077-3381171393-2049731925-1000: SkypePlugin64 -> C:\Users\xoxel\AppData\Local\SkypePlugin\7.26.0.48\npGatewayNpapi-x64.dll [2016-09-22] (Skype Technologies S.A.)
Chrome:
=======
CHR DefaultProfile: Profile 1
CHR HomePage: Profile 1 -> hxxp://www.google.com/
CHR StartupUrls: Profile 1 -> "hxxp://www.google.com/"
CHR Profile: C:\Users\xoxel\AppData\Local\Google\Chrome\User Data\ChromeDefaultData [2016-12-24] <==== ATTENTION
CHR Profile: C:\Users\xoxel\AppData\Local\Google\Chrome\User Data\Default [2016-12-24]
CHR Extension: (Pas de nom) - C:\Users\xoxel\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-03-02]
CHR Extension: (Web Developer) - C:\Users\xoxel\AppData\Local\Google\Chrome\User Data\Default\Extensions\bfbameneiokkgbdmiekhjnmfkcnldhhm [2016-09-12]
CHR Extension: (Pas de nom) - C:\Users\xoxel\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-03-02]
CHR Extension: (Pas de nom) - C:\Users\xoxel\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2016-10-27]
CHR Extension: (Pas de nom) - C:\Users\xoxel\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2016-03-02]
CHR Extension: (Pas de nom) - C:\Users\xoxel\AppData\Local\Google\Chrome\User Data\Default\Extensions\eojeoeddgeaeahpmfabdfpfialkoplcb [2016-12-24]
CHR Extension: (Mech Hero) - C:\Users\xoxel\AppData\Local\Google\Chrome\User Data\Default\Extensions\falbfmgplkcpmcfdbedincgjganegaie [2016-03-02]
CHR Extension: (Pax Britannica) - C:\Users\xoxel\AppData\Local\Google\Chrome\User Data\Default\Extensions\ighmialmbbfaccipgobinbkkcahbinki [2016-03-02]
CHR Extension: (Hacker Vs Hacker) - C:\Users\xoxel\AppData\Local\Google\Chrome\User Data\Default\Extensions\liagglcdcopmflkgefpaifbbmnfpbpdd [2016-03-02]
CHR Extension: (Chroma Wars) - C:\Users\xoxel\AppData\Local\Google\Chrome\User Data\Default\Extensions\mgojhnokgjooglbmjkmapacckddnbihp [2016-03-02]
CHR Extension: (Chrome Web Store Payments) - C:\Users\xoxel\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-04-01]
CHR Extension: (Pas de nom) - C:\Users\xoxel\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-03-02]
CHR Extension: (Chrome Media Router) - C:\Users\xoxel\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2016-12-15]
CHR Profile: C:\Users\xoxel\AppData\Local\Google\Chrome\User Data\Profile 1 [2016-12-25]
CHR Extension: (Google Slides) - C:\Users\xoxel\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2016-12-24]
CHR Extension: (Google Docs) - C:\Users\xoxel\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aohghmighlieiainnegkcijnfilokake [2016-12-24]
CHR Extension: (Google Drive) - C:\Users\xoxel\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-12-24]
CHR Extension: (Web Developer) - C:\Users\xoxel\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\bfbameneiokkgbdmiekhjnmfkcnldhhm [2016-12-24]
CHR Extension: (YouTube) - C:\Users\xoxel\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-12-24]
CHR Extension: (Adblock Plus) - C:\Users\xoxel\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2016-12-24]
CHR Extension: (Mech Hero) - C:\Users\xoxel\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\falbfmgplkcpmcfdbedincgjganegaie [2016-12-24]
CHR Extension: (Avast SafePrice) - C:\Users\xoxel\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\fcoadmpfijfcmokecmkgolhbaeclfage [2016-12-24]
CHR Extension: (Google Sheets) - C:\Users\xoxel\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2016-12-24]
CHR Extension: (Google Docs hors connexion) - C:\Users\xoxel\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-12-24]
CHR Extension: (Pax Britannica) - C:\Users\xoxel\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ighmialmbbfaccipgobinbkkcahbinki [2016-12-24]
CHR Extension: (Hacker Vs Hacker) - C:\Users\xoxel\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\liagglcdcopmflkgefpaifbbmnfpbpdd [2016-12-24]
CHR Extension: (Application Launcher for Drive (by Google)) - C:\Users\xoxel\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh [2016-12-24]
CHR Extension: (Chroma Wars) - C:\Users\xoxel\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\mgojhnokgjooglbmjkmapacckddnbihp [2016-12-24]
CHR Extension: (Paiements via le Chrome Web Store) - C:\Users\xoxel\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-12-24]
CHR Extension: (Gmail) - C:\Users\xoxel\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-12-24]
CHR Extension: (Chrome Media Router) - C:\Users\xoxel\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2016-12-24]
CHR HKU\S-1-5-21-3944157077-3381171393-2049731925-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [fcoadmpfijfcmokecmkgolhbaeclfage] - hxxps://clients2.google.com/service/update2/crx
==================== Services (Avec liste blanche) ====================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [197128 2016-09-02] (AVAST Software)
S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [1405448 2016-07-31] ()
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [2946304 2016-12-09] (Microsoft Corporation)
S3 Disc Soft Lite Bus Service; G:\DAEMON Tools Lite\DiscSoftBusService.exe [1444544 2016-03-01] (Disc Soft Ltd)
R2 ESRV_SVC_WILLAMETTE; C:\Program Files\Intel\SUR\WILLAMETTE\ESRV\esrv_svc.exe [416408 2016-06-08] ()
R2 healthmon; C:\Program Files (x86)\AdAware\hms\healthmon.exe [137560 2016-09-01] (Lavasoft)
R2 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe [344168 2015-10-27] (Intel Corporation)
R2 IJPLMSVC; C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE [140936 2013-05-14] ()
R2 Kgphchujicult; C:\Program Files (x86)\Gcerlearacy\lrfmdl.dll [177664 2016-12-24] () [Fichier non signé]
S2 libusbd; C:\Windows\SysWOW64\libusbd-nt.exe [18944 2005-03-09] (hxxp://libusb-win32.sourceforge.net) [Fichier non signé]
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [268704 2016-08-04] ()
S3 Origin Client Service; G:\Origin\OriginClientService.exe [2142728 2016-10-31] (Electronic Arts)
R2 Origin Web Helper Service; G:\Origin\OriginWebHelperService.exe [2209296 2016-10-31] (Electronic Arts)
R2 SynTPEnhService; C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe [237736 2015-07-23] (Synaptics Incorporated)
R2 SystemUsageReportSvc_WILLAMETTE; C:\Program Files (x86)\Intel Driver Update Utility\SUR\SurSvc.exe [117400 2016-06-08] ()
S3 USER_ESRV_SVC_WILLAMETTE; C:\Program Files\Intel\SUR\WILLAMETTE\ESRV\esrv_svc.exe [416408 2016-06-08] ()
R2 VMAuthdService; G:\VMWare\vmware-authd.exe [97864 2016-09-06] (VMware, Inc.)
S3 VMwareHostd; G:\VMWare\vmware-hostd.exe [12472904 2016-09-06] ()
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
R2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [3732896 2016-08-04] (Intel® Corporation)
S3 wampapache64; "G:\wamp64\bin\apache\apache2.4.23\bin\httpd.exe" -k runservice [X]
S3 wampmysqld64; G:\wamp64\bin\mysql\mysql5.7.14\bin\mysqld.exe wampmysqld64 [X]
===================== Pilotes (Avec liste blanche) ======================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
R0 amdkmpfd; C:\Windows\System32\DRIVERS\amdkmpfd.sys [69320 2016-05-19] (Advanced Micro Devices, Inc.)
S3 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [37656 2016-09-02] (AVAST Software)
R1 aswKbd; C:\Windows\system32\drivers\aswKbd.sys [37144 2016-09-02] (AVAST Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [108816 2016-09-02] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [103064 2016-09-02] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [74544 2016-09-02] (AVAST Software)
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [969184 2016-09-13] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [513632 2016-09-22] (AVAST Software)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [163416 2016-09-02] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [293352 2016-10-13] (AVAST Software)
R3 dtlitescsibus; C:\Windows\System32\DRIVERS\dtlitescsibus.sys [30264 2016-03-25] (Disc Soft Ltd)
R3 dtliteusbbus; C:\Windows\System32\DRIVERS\dtliteusbbus.sys [47672 2016-03-25] (Disc Soft Ltd)
R3 e1dexpress; C:\Windows\System32\DRIVERS\e1d62x64.sys [502256 2016-01-22] (Intel Corporation)
S3 libusb0; C:\Windows\SysWOW64\drivers\libusb0.sys [33792 2005-03-09] () [Fichier non signé]
R3 MEIx64; C:\Windows\System32\DRIVERS\TeeDriverx64.sys [129312 2014-09-30] (Intel Corporation)
R3 NETwNs64; C:\Windows\System32\DRIVERS\Netwsw02.sys [3426576 2016-05-03] (Intel Corporation)
S3 rzendpt; C:\Windows\System32\DRIVERS\rzendpt.sys [50392 2015-08-13] (Razer Inc)
S3 rzmpos; C:\Windows\System32\DRIVERS\rzmpos.sys [48840 2015-08-13] (Razer Inc)
R3 ScpVBus; C:\Windows\System32\DRIVERS\ScpVBus.sys [39168 2013-05-19] (Scarlet.Crush Productions)
R3 semav6msr64; C:\Windows\system32\drivers\semav6msr64.sys [21984 2015-06-04] ()
R3 SmbDrvI; C:\Windows\System32\DRIVERS\Smb_driver_Intel.sys [33960 2015-07-23] (Synaptics Incorporated)
R1 vmkbd3; C:\Windows\System32\DRIVERS\vmkbd.sys [52288 2016-09-06] (VMware, Inc.)
R0 vsock; C:\Windows\System32\drivers\vsock.sys [93248 2016-09-02] (VMware, Inc.)
R2 vstor2-mntapi20-shared; C:\Windows\SysWow64\drivers\vstor2-mntapi20-shared.sys [34520 2015-07-09] (VMware, Inc.)
S3 wdm_usb; C:\Windows\System32\DRIVERS\usb2ser.sys [151184 2016-03-10] (MBB)
S2 MBAMChameleon; \SystemRoot\system32\drivers\MBAMChameleon.sys [X]
==================== NetSvcs (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
==================== Un mois - Créés - fichiers et dossiers ========
(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)
2016-12-25 15:18 - 2016-12-25 15:19 - 00030988 _____ C:\Users\xoxel\Downloads\FRST.txt
2016-12-25 15:18 - 2016-12-25 15:18 - 00000000 ____D C:\FRST
2016-12-25 15:17 - 2016-12-25 15:17 - 02420736 _____ (Farbar) C:\Users\xoxel\Downloads\FRST64.exe
2016-12-25 14:21 - 2016-12-25 14:21 - 00000000 ____D C:\Users\xoxel\AppData\LocalLow\Blizzard Entertainment
2016-12-25 01:05 - 2016-12-25 01:05 - 00000000 ____D C:\Users\xoxel\AppData\Local\ElevatedDiagnostics
2016-12-25 01:04 - 2016-12-25 01:04 - 813725464 _____ C:\Windows\MEMORY.DMP
2016-12-25 01:04 - 2016-12-25 01:04 - 00282064 _____ C:\Windows\Minidump\122516-22089-01.dmp
2016-12-25 01:04 - 2016-12-25 01:04 - 00095494 _____ C:\Windows\ntbtlog.txt
2016-12-25 01:04 - 2016-12-25 01:04 - 00000000 ____D C:\Windows\Minidump
2016-12-25 00:47 - 2016-12-25 00:47 - 00000000 ____D C:\Program Files\Common Files\Intel
2016-12-25 00:47 - 2016-12-25 00:47 - 00000000 ____D C:\Program Files (x86)\Cisco
2016-12-24 22:28 - 2016-12-24 22:29 - 54199488 _____ (Malwarebytes ) C:\Users\xoxel\Downloads\mb3-setup-consumer-3.0.5.1299.exe
2016-12-24 21:37 - 2016-12-24 21:58 - 00000000 ____D C:\Users\xoxel\AppData\Roaming\MyMemoryPackage
2016-12-24 21:37 - 2016-12-24 21:37 - 00001841 _____ C:\Users\xoxel\Desktop\MyMemory.lnk
2016-12-24 21:37 - 2016-12-24 21:37 - 00000000 ____D C:\Users\xoxel\AppData\Roaming\Note-UP
2016-12-24 21:36 - 2016-12-24 22:46 - 00000000 ____D C:\Users\xoxel\AppData\Roaming\Aramushsojiied
2016-12-24 21:36 - 2016-12-24 21:36 - 00006052 _____ C:\Windows\System32\Tasks\Vuepychoperge Nodifier
2016-12-24 21:36 - 2016-12-24 21:36 - 00000000 ____D C:\Program Files (x86)\Hopoentjerzert Update
2016-12-24 21:35 - 2016-12-24 23:14 - 00000000 ____D C:\Program Files (x86)\Gcerlearacy
2016-12-24 21:35 - 2016-12-24 22:06 - 00000000 ____D C:\Windows\system32\SSL
2016-12-24 21:35 - 2016-12-24 21:36 - 00000000 ____D C:\Users\xoxel\AppData\Local\Fatergeanuverph
2016-12-24 21:35 - 2016-12-24 21:35 - 00009528 _____ C:\Windows\SysWOW64\zdengineOff.ini
2016-12-24 21:35 - 2016-12-24 21:35 - 00009528 _____ C:\Windows\system32\zdengineOff.ini
2016-12-24 19:16 - 2016-12-24 19:16 - 00000000 ____D C:\Users\xoxel\Documents\Diablo III
2016-12-23 21:53 - 2016-12-23 21:53 - 01930934 _____ C:\Windows\6b2d32cf3b881e5c157add05547b4236.exe
2016-12-23 12:39 - 2016-12-23 12:39 - 00000000 ____D C:\Users\xoxel\AppData\Local\VSIXInstaller
2016-12-22 09:51 - 2016-12-22 09:51 - 00000000 ____D C:\Program Files\Common Files\DESIGNER
2016-12-22 09:51 - 2016-12-22 09:51 - 00000000 ____D C:\27aecd90628f4aecfa8f39fdd387cb8c
2016-12-18 17:30 - 2016-09-02 14:42 - 00391496 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2016-12-16 10:33 - 2016-12-16 10:33 - 00000828 _____ C:\Users\xoxel\AppData\Local\recently-used.xbel
2016-12-13 09:23 - 2016-12-13 09:23 - 00000000 ____D C:\Users\xoxel\AppData\Local\Chromium
2016-12-06 13:29 - 2016-12-06 13:29 - 00000000 ____D C:\Users\xoxel\Documents\League of Legends
2016-12-02 15:57 - 2016-12-02 15:57 - 00000202 _____ C:\Users\xoxel\Desktop\FINAL FANTASY XIII.url
2016-11-29 09:28 - 2016-11-29 09:51 - 00000000 ____D C:\Users\xoxel\AppData\Local\Solid State Networks
==================== Un mois - Modifiés - fichiers et dossiers ========
(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)
2016-12-25 15:17 - 2016-03-05 17:10 - 00000000 ____D C:\Users\xoxel\AppData\Local\Battle.net
2016-12-25 14:59 - 2014-08-14 11:32 - 00001002 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2016-12-25 14:22 - 2016-06-12 15:18 - 00000000 ____D C:\Users\xoxel\AppData\Roaming\discord
2016-12-25 14:20 - 2016-05-17 14:54 - 00000000 ____D C:\ProgramData\Origin
2016-12-25 13:51 - 2016-09-01 08:38 - 00000000 ____D C:\Users\xoxel\AppData\Roaming\Slack
2016-12-25 13:49 - 2009-07-14 05:45 - 00027104 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2016-12-25 13:49 - 2009-07-14 05:45 - 00027104 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2016-12-25 13:42 - 2011-04-12 10:16 - 00750292 _____ C:\Windows\system32\perfh00C.dat
2016-12-25 13:42 - 2011-04-12 10:16 - 00151310 _____ C:\Windows\system32\perfc00C.dat
2016-12-25 13:42 - 2009-07-14 06:13 - 01676358 _____ C:\Windows\system32\PerfStringBackup.INI
2016-12-25 13:42 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\inf
2016-12-25 13:37 - 2016-03-02 11:44 - 00000000 __SHD C:\Users\xoxel\IntelGraphicsProfiles
2016-12-25 13:36 - 2016-03-17 09:23 - 00000000 ____D C:\ProgramData\VMware
2016-12-25 13:35 - 2009-07-14 06:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2016-12-25 10:55 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\system32\NDF
2016-12-25 10:45 - 2016-09-25 10:11 - 00065536 _____ C:\Windows\system32\spu_storage.bin
2016-12-25 10:39 - 2016-09-02 16:16 - 00000000 ____D C:\Users\xoxel\AppData\Local\TSVNCache
2016-12-25 00:50 - 2014-08-14 17:38 - 00000000 ____D C:\ProgramData\Package Cache
2016-12-25 00:48 - 2016-04-23 14:02 - 00000000 ____D C:\ProgramData\Intel
2016-12-25 00:47 - 2014-08-14 17:39 - 00000000 ____D C:\Program Files (x86)\Intel
2016-12-25 00:40 - 2014-08-14 11:28 - 00000000 ____D C:\Program Files\Intel
2016-12-25 00:38 - 2014-08-14 11:27 - 00000000 ____D C:\SWSetup
2016-12-24 23:12 - 2016-09-01 18:51 - 00000000 ____D C:\Users\xoxel\AppData\Local\CrashDumps
2016-12-24 22:43 - 2016-11-09 15:49 - 00000000 ____D C:\Users\xoxel\AppData\Roaming\Messenger for Desktop
2016-12-24 21:57 - 2016-04-01 17:41 - 00001853 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2016-12-24 21:45 - 2016-03-02 11:21 - 00002229 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-12-24 21:45 - 2016-03-02 11:21 - 00002211 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2016-12-23 21:54 - 2016-06-12 17:15 - 00000000 ____D C:\ProgramData\CanonIJPLM
2016-12-23 21:47 - 2009-07-14 05:45 - 00426208 _____ C:\Windows\system32\FNTCACHE.DAT
2016-12-23 15:41 - 2016-03-02 11:20 - 00111880 _____ C:\Users\xoxel\AppData\Local\GDIPFONTCACHEV1.DAT
2016-12-23 13:05 - 2016-06-25 19:55 - 00000000 ____D C:\Users\xoxel\AppData\Local\Ubisoft Game Launcher
2016-12-23 12:48 - 2016-03-12 18:29 - 00015040 _____ C:\Windows\system32\--traceoff
2016-12-23 12:47 - 2016-09-12 09:15 - 00000000 ____D C:\Program Files (x86)\TeamViewer
2016-12-23 12:41 - 2016-04-14 17:58 - 00000000 ____D C:\Windows\system32\1036
2016-12-23 12:41 - 2016-04-06 16:16 - 00000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2016-12-23 12:41 - 2009-07-14 04:20 - 00000000 ____D C:\Program Files\Common Files\Microsoft Shared
2016-12-23 12:40 - 2016-04-14 18:01 - 00000000 ____D C:\Windows\system32\1033
2016-12-23 12:39 - 2016-04-14 17:55 - 00000000 ____D C:\Program Files (x86)\Microsoft SDKs
2016-12-23 12:39 - 2009-07-14 06:32 - 00000000 ____D C:\Program Files (x86)\MSBuild
2016-12-23 12:38 - 2016-04-14 17:55 - 00000000 ____D C:\Program Files (x86)\Windows Kits
2016-12-23 12:37 - 2016-04-14 18:01 - 00000000 ____D C:\Windows\SysWOW64\1036
2016-12-23 12:15 - 2016-04-14 18:04 - 00000000 ____D C:\Program Files (x86)\Microsoft Visual Studio 12.0
2016-12-23 12:09 - 2016-05-17 14:54 - 00000000 ____D C:\ProgramData\Electronic Arts
2016-12-23 12:09 - 2009-07-14 06:32 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2016-12-23 10:56 - 2016-11-14 16:34 - 00000493 _____ C:\Users\Public\Desktop\Diablo III.lnk
2016-12-23 10:53 - 2014-08-15 17:44 - 00000000 ____D C:\Windows\system32\appmgmt
2016-12-22 09:51 - 2016-11-15 09:36 - 00000000 ___HT C:\Windows\wusa.lock
2016-12-22 09:49 - 2016-04-06 16:14 - 00000000 ____D C:\Program Files\Microsoft Office
2016-12-21 17:24 - 2016-03-10 22:01 - 00000000 ____D C:\Users\xoxel\AppData\Roaming\Skype
2016-12-21 14:06 - 2016-09-12 09:28 - 00000000 ____D C:\Users\xoxel\AppData\Roaming\npm-cache
2016-12-20 09:32 - 2016-08-03 14:02 - 00003916 _____ C:\Windows\System32\Tasks\SafeZone scheduled Autoupdate 1470229375
2016-12-18 18:02 - 2016-03-29 18:35 - 00000000 ____D C:\Users\xoxel\Downloads\game
2016-12-18 18:02 - 2016-03-12 17:33 - 00001035 _____ C:\Users\xoxel\Downloads\nativelog.txt
2016-12-18 17:31 - 2016-08-03 14:01 - 00001922 _____ C:\Users\Public\Desktop\Avast Antivirus Gratuit.lnk
2016-12-18 17:30 - 2016-08-03 14:01 - 00003922 _____ C:\Windows\System32\Tasks\avast! Emergency Update
2016-12-16 10:34 - 2016-07-28 21:25 - 00000000 ____D C:\Users\xoxel\.gimp-2.8
2016-12-16 09:49 - 2016-03-02 11:20 - 00003500 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2016-12-16 09:49 - 2016-03-02 11:20 - 00003372 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2016-12-13 10:59 - 2014-08-14 11:32 - 00802904 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2016-12-13 10:59 - 2014-08-14 11:32 - 00144472 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2016-12-13 10:59 - 2014-08-14 11:32 - 00003940 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2016-12-13 10:59 - 2014-08-14 11:32 - 00000000 ____D C:\Windows\SysWOW64\Macromed
2016-12-13 10:59 - 2014-08-14 11:32 - 00000000 ____D C:\Windows\system32\Macromed
2016-12-13 09:24 - 2016-03-02 11:55 - 00000000 ____D C:\Users\xoxel\AppData\Local\Steam
2016-12-12 09:27 - 2016-09-01 08:38 - 00002116 _____ C:\Users\xoxel\Desktop\Slack.lnk
2016-12-12 09:27 - 2016-09-01 08:38 - 00000000 ____D C:\Users\xoxel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Slack Technologies
2016-12-12 09:27 - 2016-09-01 08:38 - 00000000 ____D C:\Users\xoxel\AppData\Local\slack
2016-12-12 09:25 - 2016-06-12 15:18 - 00000000 ____D C:\Users\xoxel\AppData\Local\SquirrelTemp
2016-12-06 17:25 - 2016-09-01 08:55 - 00000000 ____D C:\Users\xoxel\AppData\Roaming\FileZilla
2016-12-06 12:49 - 2016-03-05 01:29 - 00000000 ____D C:\Users\xoxel\AppData\Roaming\Riot Games
2016-12-02 15:44 - 2016-03-02 12:21 - 00000000 ____D C:\Users\xoxel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2016-11-29 09:39 - 2016-03-21 22:12 - 00000000 ____D C:\Users\xoxel\AppData\Roaming\TS3Client
==================== Fichiers à la racine de certains dossiers =======
2016-07-06 12:58 - 2016-07-15 13:18 - 0000113 _____ () C:\Users\xoxel\AppData\Roaming\D2Info0
2016-07-06 12:58 - 2016-07-15 15:10 - 0000008 _____ () C:\Users\xoxel\AppData\Roaming\DofusAppId0_1
2016-07-06 18:30 - 2016-07-12 13:05 - 0000008 _____ () C:\Users\xoxel\AppData\Roaming\DofusAppId0_2
2016-07-12 20:26 - 2016-07-12 22:05 - 0000008 _____ () C:\Users\xoxel\AppData\Roaming\DofusAppId0_3
2016-11-23 00:42 - 2016-11-23 00:42 - 0003584 _____ () C:\Users\xoxel\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2016-12-16 10:33 - 2016-12-16 10:33 - 0000828 _____ () C:\Users\xoxel\AppData\Local\recently-used.xbel
2016-04-11 18:49 - 2016-11-07 21:11 - 0007619 _____ () C:\Users\xoxel\AppData\Local\Resmon.ResmonCfg
2016-05-14 20:07 - 2016-03-15 20:07 - 0000032 ____R () C:\ProgramData\hash.dat
Fichiers à déplacer ou supprimer:
====================
C:\ProgramData\hash.dat
==================== Bamital & volsnap ======================
(Il n'y a pas de correction automatique pour les fichiers qui ne satisfont pas à la vérification.)
C:\Windows\system32\winlogon.exe => Le fichier est signé numériquement
C:\Windows\system32\wininit.exe => Le fichier est signé numériquement
C:\Windows\SysWOW64\wininit.exe => Le fichier est signé numériquement
C:\Windows\explorer.exe => Le fichier est signé numériquement
C:\Windows\SysWOW64\explorer.exe => Le fichier est signé numériquement
C:\Windows\system32\svchost.exe => Le fichier est signé numériquement
C:\Windows\SysWOW64\svchost.exe => Le fichier est signé numériquement
C:\Windows\system32\services.exe => Le fichier est signé numériquement
C:\Windows\system32\User32.dll => Le fichier est signé numériquement
C:\Windows\SysWOW64\User32.dll => Le fichier est signé numériquement
C:\Windows\system32\userinit.exe => Le fichier est signé numériquement
C:\Windows\SysWOW64\userinit.exe => Le fichier est signé numériquement
C:\Windows\system32\rpcss.dll => Le fichier est signé numériquement
C:\Windows\system32\dnsapi.dll => Le fichier est signé numériquement
C:\Windows\SysWOW64\dnsapi.dll => Le fichier est signé numériquement
C:\Windows\system32\Drivers\volsnap.sys => Le fichier est signé numériquement
LastRegBack: 2016-12-12 14:11
==================== Fin de FRST.txt ============================