Publicité
Publicité
Format du document : text/plain
Prévisualisation
Résultats d'analyse de Farbar Recovery Scan Tool (FRST) (x64) Version: 05-06-2017
Exécuté par TheMasterBlanker (administrateur) sur TMB (06-06-2017 19:45:37)
Exécuté depuis C:\Users\TheMasterBlanker\Desktop
Profils chargés: TheMasterBlanker (Profils disponibles: TheMasterBlanker & Invité)
Platform: Windows 8.1 Pro (Update) (X64) Langue: Français (France)
Internet Explorer Version 11 (Navigateur par défaut: Chrome)
Mode d'amorçage: Normal
Tutoriel pour Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processus (Avec liste blanche) =================
(Si un élément est inclus dans le fichier fixlist.txt, le processus sera arrêté. Le fichier ne sera pas déplacé.)
(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe
(Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
(Microsoft Corporation) C:\Windows\System32\InputMethod\CHS\ChsIME.exe
(BlueStack Systems, Inc.) C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe
(BlueStack Systems, Inc.) C:\Program Files (x86)\BlueStacks\HD-UpdaterService.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.5\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.5\GoogleCrashHandler64.exe
(CybelSoft) C:\Program Files\ma-config.com\MaConfigAgent.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
(CyberGhost S.R.L) C:\Program Files\CyberGhost 5\Service.exe
() C:\Program Files\8DGamingMouse\8DGamingMouse.exe
(AVAST Software s.r.o.) C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Lenovo (Beijing) Limited) C:\Program Files (x86)\Lenovo\Energy Management\Energy Management.exe
(Lenovo(beijing) Limited) C:\Program Files (x86)\Lenovo\Energy Management\utility.exe
(CANON INC.) C:\Windows\System32\spool\drivers\x64\3\CNAP2LAK.EXE
(Gaijin Entertainment) C:\Users\TheMasterBlanker\AppData\Local\Gaijin\Program Files (x86)\NetAgent\gjagent.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(CANON INC.) C:\Windows\System32\spool\drivers\x64\3\CNAP2RPK.EXE
(ROCCAT) C:\Program Files (x86)\ROCCAT\ROCCAT Swarm\ROCCAT_Swarm_Monitor.exe
(Lenovo) C:\Program Files\Lenovo\Lenovo Solution Center\LSCNotify.exe
(CANON INC.) C:\Windows\System32\spool\drivers\x64\3\CNABFSWK.EXE
(ROCCAT GmbH Co., Ltd.) C:\Program Files (x86)\ROCCAT\Roccat Talk\Roccat Talk.exe
(ROCCAT GmbH) C:\Program Files (x86)\ROCCAT\Isku Keyboard\IskuMonitor.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Microsoft Corporation) C:\Windows\System32\WWAHost.exe
(TeamSpeak Systems GmbH) C:\Program Files (x86)\TeamSpeak 3 Client\ts3client_win32.exe
(Valve Corporation) C:\Program Files (x86)\Steam\Steam.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
(Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\SndVol.exe
(Microsoft Corporation) C:\Windows\System32\Taskmgr.exe
() D:\Riot Games\League of Legends\RADS\projects\league_client\releases\0.0.0.78\deploy\LeagueClient.exe
() D:\Riot Games\League of Legends\RADS\projects\league_client\releases\0.0.0.78\deploy\LeagueClientUx.exe
() D:\Riot Games\League of Legends\RADS\projects\league_client\releases\0.0.0.78\deploy\LeagueClientUxRender.exe
() D:\Riot Games\League of Legends\RADS\projects\league_client\releases\0.0.0.78\deploy\LeagueClientUxRender.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
==================== Registre (Avec liste blanche) ====================
(Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé. Le fichier ne sera pas déplacé.)
HKLM\...\Run: [Energy Management] => C:\Program Files (x86)\Lenovo\Energy Management\Energy Management.exe [17080376 2015-05-13] (Lenovo (Beijing) Limited)
HKLM\...\Run: [EnergyUtility] => C:\Program Files (x86)\Lenovo\Energy Management\Utility.exe [191544 2015-05-13] (Lenovo(beijing) Limited)
HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [287592 2013-08-07] (Intel Corporation)
HKLM\...\Run: [CNAP2 Launcher] => C:\Windows\system32\spool\DRIVERS\x64\3\CNAP2LAK.EXE [226784 2010-10-15] (CANON INC.)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [508104 2015-09-04] (Adobe Systems Incorporated)
HKLM\...\Run: [IgfxTray] => C:\Windows\system32\igfxtray.exe [392592 2015-03-31] ()
HKLM\...\Run: [HotKeysCmds] => "C:\Windows\system32\hkcmd.exe"
HKLM\...\Run: [Persistence] => "C:\Windows\system32\igfxpers.exe"
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [213824 2017-05-11] (AVAST Software)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [766688 2014-07-04] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-04-21] (Apple Inc.)
HKLM-x32\...\Run: [Adobe Creative Cloud] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [2292912 2015-09-17] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [BlueStacks Agent] => C:\Program Files (x86)\BlueStacks\HD-Agent.exe [843480 2014-10-08] (BlueStack Systems, Inc.)
HKLM-x32\...\Run: [RoccatIsku] => C:\Program Files (x86)\ROCCAT\Isku Keyboard\IskuMonitor.EXE [536576 2013-10-30] (ROCCAT GmbH)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [587288 2016-12-12] (Oracle Corporation)
Winlogon\Notify\igfxcui: igfxdev.dll [X]
HKU\S-1-5-21-3156663076-1905861534-2114827116-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [3042592 2017-06-01] (Valve Corporation)
HKU\S-1-5-21-3156663076-1905861534-2114827116-1001\...\Run: [CyberGhost] => C:\Program Files\CyberGhost 5\CyberGhost.exe [426600 2016-01-11] (CyberGhost S.R.L.)
HKU\S-1-5-21-3156663076-1905861534-2114827116-1001\...\Run: [DAEMON Tools Lite] => C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [3696912 2014-03-04] (Disc Soft Ltd)
HKU\S-1-5-21-3156663076-1905861534-2114827116-1001\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [27716568 2017-05-04] (Skype Technologies S.A.)
HKU\S-1-5-21-3156663076-1905861534-2114827116-1001\...\Run: [Gaijin.Net Agent] => C:\Users\TheMasterBlanker\AppData\Local\Gaijin\Program Files (x86)\NetAgent\gjagent.exe [2012616 2017-05-25] (Gaijin Entertainment)
HKU\S-1-5-21-3156663076-1905861534-2114827116-1001\...\MountPoints2: H - "H:\AutoRun.exe"
HKU\S-1-5-21-3156663076-1905861534-2114827116-1001\...\MountPoints2: {123ec7b0-ea2f-11e5-83a6-485ab6cc184a} - "F:\AutoRun.exe"
HKU\S-1-5-21-3156663076-1905861534-2114827116-1001\...\MountPoints2: {123ecbc8-ea2f-11e5-83a6-485ab6cc184a} - "F:\AutoRun.exe"
HKU\S-1-5-21-3156663076-1905861534-2114827116-1001\...\MountPoints2: {123eccf3-ea2f-11e5-83a6-485ab6cc184a} - "H:\AutoRun.exe"
HKU\S-1-5-21-3156663076-1905861534-2114827116-1001\...\MountPoints2: {27fc6e38-25da-11e6-83b6-485ab6cc184a} - "F:\AutoRun.exe"
HKU\S-1-5-21-3156663076-1905861534-2114827116-1001\...\MountPoints2: {3331306a-f60e-11e5-83a7-485ab6cc184a} - "F:\AutoRun.exe"
HKU\S-1-5-21-3156663076-1905861534-2114827116-1001\...\MountPoints2: {35c2f4b9-a7ff-11e5-8392-485ab6cc184a} - "F:\AutoRun.exe"
HKU\S-1-5-21-3156663076-1905861534-2114827116-1001\...\MountPoints2: {35c2faba-a7ff-11e5-8392-485ab6cc184a} - "I:\AutoRun.exe"
HKU\S-1-5-21-3156663076-1905861534-2114827116-1001\...\MountPoints2: {35c2fac8-a7ff-11e5-8392-485ab6cc184a} - "F:\AutoRun.exe"
HKU\S-1-5-21-3156663076-1905861534-2114827116-1001\...\MountPoints2: {3f66d816-276a-11e6-83b7-485ab6cc184a} - "F:\AutoRun.exe"
HKU\S-1-5-21-3156663076-1905861534-2114827116-1001\...\MountPoints2: {3f66d831-276a-11e6-83b7-485ab6cc184a} - "F:\AutoRun.exe"
HKU\S-1-5-21-3156663076-1905861534-2114827116-1001\...\MountPoints2: {3f66e8b0-276a-11e6-83b7-485ab6cc184a} - "F:\AutoRun.exe"
HKU\S-1-5-21-3156663076-1905861534-2114827116-1001\...\MountPoints2: {49fb1f3e-4445-11e6-83bd-485ab6cc184a} - "F:\AutoRun.exe"
HKU\S-1-5-21-3156663076-1905861534-2114827116-1001\...\MountPoints2: {49fb1f93-4445-11e6-83bd-485ab6cc184a} - "F:\AutoRun.exe"
HKU\S-1-5-21-3156663076-1905861534-2114827116-1001\...\MountPoints2: {4bfd8d26-de13-11e5-83a3-485ab6cc184a} - "F:\AutoRun.exe"
HKU\S-1-5-21-3156663076-1905861534-2114827116-1001\...\MountPoints2: {4bfd8d3e-de13-11e5-83a3-485ab6cc184a} - "F:\AutoRun.exe"
HKU\S-1-5-21-3156663076-1905861534-2114827116-1001\...\MountPoints2: {77f8afda-40fb-11e6-83bd-485ab6cc184a} - "F:\AutoRun.exe"
HKU\S-1-5-21-3156663076-1905861534-2114827116-1001\...\MountPoints2: {77f8afed-40fb-11e6-83bd-485ab6cc184a} - "F:\AutoRun.exe"
HKU\S-1-5-21-3156663076-1905861534-2114827116-1001\...\MountPoints2: {77f8c3ce-40fb-11e6-83bd-485ab6cc184a} - "F:\AutoRun.exe"
HKU\S-1-5-21-3156663076-1905861534-2114827116-1001\...\MountPoints2: {77f8c3ef-40fb-11e6-83bd-485ab6cc184a} - "F:\AutoRun.exe"
HKU\S-1-5-21-3156663076-1905861534-2114827116-1001\...\MountPoints2: {790020d9-faa3-11e5-83a7-485ab6cc184a} - "H:\AutoRun.exe"
HKU\S-1-5-21-3156663076-1905861534-2114827116-1001\...\MountPoints2: {7ae04f54-ed26-11e5-83a6-485ab6cc184a} - "F:\AutoRun.exe"
HKU\S-1-5-21-3156663076-1905861534-2114827116-1001\...\MountPoints2: {85dcdd1a-1921-11e5-8360-485ab6cc184a} - "F:\AutoRun.exe"
HKU\S-1-5-21-3156663076-1905861534-2114827116-1001\...\MountPoints2: {85dcdd2e-1921-11e5-8360-485ab6cc184a} - "F:\AutoRun.exe"
HKU\S-1-5-21-3156663076-1905861534-2114827116-1001\...\MountPoints2: {944a9b39-dafb-11e4-8251-201a06a225cc} - "F:\AutoRun.exe"
HKU\S-1-5-21-3156663076-1905861534-2114827116-1001\...\MountPoints2: {9c4f6eaa-2ed2-11e5-836c-485ab6cc184a} - "F:\AutoRun.exe"
HKU\S-1-5-21-3156663076-1905861534-2114827116-1001\...\MountPoints2: {9c4f6ec1-2ed2-11e5-836c-485ab6cc184a} - "F:\AutoRun.exe"
HKU\S-1-5-21-3156663076-1905861534-2114827116-1001\...\MountPoints2: {ac107ca0-db09-11e4-8252-201a06a225cc} - "F:\AutoRun.exe"
HKU\S-1-5-21-3156663076-1905861534-2114827116-1001\...\MountPoints2: {ac107cbf-db09-11e4-8252-201a06a225cc} - "F:\AutoRun.exe"
HKU\S-1-5-21-3156663076-1905861534-2114827116-1001\...\MountPoints2: {d6c88a93-45d7-11e6-83be-485ab6cc184a} - "F:\AutoRun.exe"
HKU\S-1-5-21-3156663076-1905861534-2114827116-1001\...\MountPoints2: {da0428b8-1cef-11e5-8364-485ab6cc184a} - "F:\AutoRun.exe"
HKU\S-1-5-21-3156663076-1905861534-2114827116-1001\...\MountPoints2: {da0428c6-1cef-11e5-8364-485ab6cc184a} - "F:\AutoRun.exe"
HKU\S-1-5-21-3156663076-1905861534-2114827116-1001\...\MountPoints2: {f287b1b5-98fb-11e5-8391-485ab6cc184a} - "G:\setup.exe"
HKU\S-1-5-21-3156663076-1905861534-2114827116-1001\...\MountPoints2: {f69b175e-dceb-11e6-8417-485ab6cc184a} - "F:\EMP_UDSe.exe" /autorun
HKU\S-1-5-21-3156663076-1905861534-2114827116-1001\...\MountPoints2: {f9c42414-d960-11e5-83a2-485ab6cc184a} - "F:\AutoRun.exe"
HKU\S-1-5-21-3156663076-1905861534-2114827116-1001\...\MountPoints2: {f9c42428-d960-11e5-83a2-485ab6cc184a} - "F:\AutoRun.exe"
HKU\S-1-5-21-3156663076-1905861534-2114827116-1001\...\MountPoints2: {f9c43527-d960-11e5-83a2-485ab6cc184a} - "F:\AutoRun.exe"
HKU\S-1-5-21-3156663076-1905861534-2114827116-1001\...\MountPoints2: {f9c4353d-d960-11e5-83a2-485ab6cc184a} - "F:\AutoRun.exe"
HKU\S-1-5-21-3156663076-1905861534-2114827116-1001\...\Winlogon: [Shell] C:\Windows\Explorer.exe [2757616 2016-02-09] (Microsoft Corporation) <==== ATTENTION
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2017-05-11] (AVAST Software)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2017-05-11] (AVAST Software)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\LOLRecorder.lnk [2016-02-11]
ShortcutTarget: LOLRecorder.lnk -> C:\Program Files (x86)\LOLReplay\LOLRecorder.exe (LOL Replay)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\ROCCAT Swarm.lnk [2016-07-22]
ShortcutTarget: ROCCAT Swarm.lnk -> C:\Program Files (x86)\ROCCAT\ROCCAT Swarm\ROCCAT_Swarm_Monitor.exe (ROCCAT)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Roccat Talk.lnk [2016-07-22]
ShortcutTarget: Roccat Talk.lnk -> C:\Program Files (x86)\ROCCAT\Roccat Talk\Roccat Talk.exe (ROCCAT GmbH Co., Ltd.)
Startup: C:\Users\TheMasterBlanker\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\C-cleaner.lnk [2016-05-03]
Startup: C:\Users\TheMasterBlanker\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Curse.lnk [2015-07-27]
ShortcutTarget: Curse.lnk -> C:\Users\TheMasterBlanker\AppData\Roaming\Curse Client\Bin\Curse.exe (Curse, Inc)
Startup: C:\Users\TheMasterBlanker\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\VideoLAN.lnk [2016-05-03]
GroupPolicy: Restriction - Windows Defender <======= ATTENTION
GroupPolicy\User: Restriction <======= ATTENTION
GroupPolicyScripts: Restriction <======= ATTENTION
==================== Internet (Avec liste blanche) ====================
(Si un élément est inclus dans le fichier fixlist.txt, s'il s'agit d'un élément du Registre, il sera supprimé ou restauré à la valeur par défaut.)
Hosts: Il y a plus d'un élément dans hosts. Voir la section Hosts de Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.42.129
Tcpip\..\Interfaces\{345BCD39-99D5-4CC6-93D1-A74CC864C336}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{9CEAF38B-DF8A-4508-905F-C38FEA9D4F97}: [DhcpNameServer] 192.168.42.129
Tcpip\..\Interfaces\{F23F5B3E-62BD-49C7-BC47-975165EF8F08}: [DhcpNameServer] 192.168.43.1
Internet Explorer:
==================
HKU\S-1-5-21-3156663076-1905861534-2114827116-1001\Software\Microsoft\Internet Explorer\Main,Start Page =
HKU\S-1-5-21-3156663076-1905861534-2114827116-1001\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://www.msn.com/ar-eg/?ocid=iehp
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2017-04-13] (AVAST Software)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_121\bin\ssv.dll [2017-04-14] (Oracle Corporation)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2017-04-13] (AVAST Software)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_121\bin\jp2ssv.dll [2017-04-14] (Oracle Corporation)
FireFox:
========
FF DefaultProfile: fk4u2ko1.default
FF ProfilePath: C:\Users\TheMasterBlanker\AppData\Roaming\Mozilla\Firefox\Profiles\fk4u2ko1.default [2017-06-02]
FF Keyword.URL: Mozilla\Firefox\Profiles\fk4u2ko1.default -> hxxp://go.mail.ru/distib/ep/?product_id=%7B583E41F1-2D31-41A5-AA68-1960CF884786%7D&gp=811041
FF ProfilePath: C:\Users\TheMasterBlanker\AppData\Roaming\Greyfirst\Celtx\Profiles\fenigxoe.default [2016-01-06]
FF Extension: (Pas de nom) - C:\Program Files (x86)\Celtx\extensions\calendar-timezones@mozilla.org [non trouvé(e)]
FF Extension: (Pas de nom) - C:\Program Files (x86)\Celtx\extensions\default-palette@celtx.com [non trouvé(e)]
FF Extension: (Pas de nom) - C:\Program Files (x86)\Celtx\extensions\emoticons-msn-smileys@m513901.de [non trouvé(e)]
FF Extension: (Pas de nom) - C:\Program Files (x86)\Celtx\extensions\inspector@mozilla.org [non trouvé(e)]
FF Extension: (Pas de nom) - C:\Program Files (x86)\Celtx\extensions\messagestyle-blackened@addons.instantbird.org [non trouvé(e)]
FF Extension: (Pas de nom) - C:\Program Files (x86)\Celtx\extensions\messagestyle-depth@addons.instantbird.org [non trouvé(e)]
FF Extension: (Pas de nom) - C:\Program Files (x86)\Celtx\extensions\messagestyle-minimal20@addons.instantbird.org [non trouvé(e)]
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.41212.0\npctrl.dll [2015-12-12] ( Microsoft Corporation)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll [2015-09-17] (Adobe Systems)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll [2016-09-04] ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.56 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2015-01-06] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2015-01-06] (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.121.2 -> C:\Program Files (x86)\Java\jre1.8.0_121\bin\dtplugin\npDeployJava1.dll [2017-04-14] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.121.2 -> C:\Program Files (x86)\Java\jre1.8.0_121\bin\plugin2\npjp2.dll [2017-04-14] (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.41212.0\npctrl.dll [2015-12-12] ( Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-04-30] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-04-30] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.2.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.4 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2017-04-05] (Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll [2015-09-17] (Adobe Systems)
FF Plugin HKU\S-1-5-21-3156663076-1905861534-2114827116-1001: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\TheMasterBlanker\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2016-05-08] (Unity Technologies ApS)
Chrome:
=======
CHR DefaultProfile: Default
CHR StartupUrls: Default -> "","hxxp://websearch.search-plaza.info/?pid=21422&r=2014/11/23&hid=4964773463589896167&lg=EN&cc=MA&unqvl=69","hxxp://mail.ru/cnt/10445?gp=811036"
CHR Profile: C:\Users\TheMasterBlanker\AppData\Local\Google\Chrome\User Data\Default [2017-06-06]
CHR Extension: (Google Slides) - C:\Users\TheMasterBlanker\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-04-05]
CHR Extension: (Google Docs) - C:\Users\TheMasterBlanker\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-04-05]
CHR Extension: (Google Drive) - C:\Users\TheMasterBlanker\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-10-21]
CHR Extension: (YouTube) - C:\Users\TheMasterBlanker\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-09-24]
CHR Extension: (Adblock Plus) - C:\Users\TheMasterBlanker\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2017-03-23]
CHR Extension: (Recherche Google) - C:\Users\TheMasterBlanker\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-10-27]
CHR Extension: (Google Sheets) - C:\Users\TheMasterBlanker\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-04-05]
CHR Extension: (Google Docs hors connexion) - C:\Users\TheMasterBlanker\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-03-16]
CHR Extension: (agar.io server browser) - C:\Users\TheMasterBlanker\AppData\Local\Google\Chrome\User Data\Default\Extensions\hongpdkjnjhijmdnogoicadboadgllhi [2015-09-01]
CHR Extension: (Paiements via le Chrome Web Store) - C:\Users\TheMasterBlanker\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-03-11]
CHR Extension: (Gmail) - C:\Users\TheMasterBlanker\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-04-05]
CHR Extension: (Chrome Media Router) - C:\Users\TheMasterBlanker\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-05-12]
CHR Profile: C:\Users\TheMasterBlanker\AppData\Local\Google\Chrome\User Data\Guest Profile [2016-04-24]
CHR Profile: C:\Users\TheMasterBlanker\AppData\Local\Google\Chrome\User Data\Profile 1 [2015-12-28]
CHR Extension: (Google Slides) - C:\Users\TheMasterBlanker\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-12-28]
CHR Extension: (Google Docs) - C:\Users\TheMasterBlanker\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aohghmighlieiainnegkcijnfilokake [2015-12-28]
CHR Extension: (Google Drive) - C:\Users\TheMasterBlanker\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-12-28]
CHR Extension: (YouTube) - C:\Users\TheMasterBlanker\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-12-28]
CHR Extension: (Recherche Google) - C:\Users\TheMasterBlanker\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-12-28]
CHR Extension: (Tampermonkey) - C:\Users\TheMasterBlanker\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\dhdgffkkebhmkfjojejmpbldmpobfkfo [2017-06-01]
CHR Extension: (Google Sheets) - C:\Users\TheMasterBlanker\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-12-28]
CHR Extension: (Google Docs hors connexion) - C:\Users\TheMasterBlanker\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2015-12-28]
CHR Extension: (Paiements via le Chrome Web Store) - C:\Users\TheMasterBlanker\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-12-28]
CHR Extension: (Gmail) - C:\Users\TheMasterBlanker\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-12-28]
CHR Profile: C:\Users\TheMasterBlanker\AppData\Local\Google\Chrome\User Data\System Profile [2016-04-24]
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [epgjfmblhacacphaljkdcjllkomdcjpc] - hxxps://clients2.google.com/service/update2/crx
==================== Services (Avec liste blanche) ====================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
R2 AdobeUpdateService; C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe [669872 2015-09-15] (Adobe Systems Incorporated)
R2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [2246256 2017-05-18] (Adobe Systems, Incorporated)
R3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe [7346208 2017-05-11] (AVAST Software s.r.o.)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [263304 2017-05-11] (AVAST Software)
S2 BcmBtRSupport; C:\Windows\system32\BtwRSupportService.exe [2252504 2013-09-04] (Broadcom Corporation.)
S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [1530376 2017-04-14] ()
S2 BstHdAndroidSvc; C:\Program Files (x86)\BlueStacks\HD-Service.exe [409304 2014-10-08] (BlueStack Systems, Inc.)
R2 BstHdLogRotatorSvc; C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe [388824 2014-10-08] (BlueStack Systems, Inc.)
R2 BstHdUpdaterSvc; C:\Program Files (x86)\BlueStacks\HD-UpdaterService.exe [782040 2014-10-08] (BlueStack Systems, Inc.)
R2 CGVPNCliService; C:\Program Files\CyberGhost 5\Service.exe [65128 2016-01-11] (CyberGhost S.R.L)
S3 EasyAntiCheat; C:\Windows\SysWOW64\EasyAntiCheat.exe [245544 2016-09-09] (EasyAntiCheat Ltd)
S2 HiPatchService; C:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe [9728 2016-09-15] (Hi-Rez Studios) [Fichier non signé]
R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [15720 2013-08-07] (Intel Corporation)
R2 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe [344976 2015-03-31] (Intel Corporation)
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [887256 2014-05-13] (Intel(R) Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [158496 2015-01-06] (Intel Corporation)
S3 LSCWinService; C:\Program Files\Lenovo\Lenovo Solution Center\App\LSCWinService.exe [272440 2015-03-09] (Lenovo)
R2 MaConfigAgent; C:\Program Files\ma-config.com\MaConfigAgent.exe [2823496 2015-04-10] (CybelSoft)
S3 npggsvc; C:\Windows\SysWOW64\GameMon.des [3398096 2015-02-10] (INCA Internet Co., Ltd.)
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76152 2015-04-30] ()
S3 rpcapd; C:\Program Files (x86)\WinPcap\rpcapd.exe [117264 2010-06-25] (CACE Technologies, Inc.)
S4 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [7032080 2016-05-12] (TeamViewer GmbH)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [366552 2015-07-07] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2015-07-07] (Microsoft Corporation)
S2 AIPS; C:\Program Files (x86)\netcut\services\AIPS.exe [X]
S2 Hamachi2Svc; "C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe" -s [X]
===================== Pilotes (Avec liste blanche) ======================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
R0 amdkmpfd; C:\Windows\System32\drivers\amdkmpfd.sys [36096 2014-07-21] (Advanced Micro Devices, Inc.)
R1 aswbidsdriver; C:\Windows\system32\drivers\aswbidsdrivera.sys [311808 2017-05-11] (AVAST Software s.r.o.)
R0 aswbidsh; C:\Windows\system32\drivers\aswbidsha.sys [190256 2017-05-11] (AVAST Software s.r.o.)
R0 aswblog; C:\Windows\system32\drivers\aswbloga.sys [334576 2017-05-11] (AVAST Software s.r.o.)
R0 aswbuniv; C:\Windows\system32\drivers\aswbuniva.sys [49016 2017-05-11] (AVAST Software s.r.o.)
S3 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [38296 2017-05-11] (AVAST Software)
R1 aswKbd; C:\Windows\system32\drivers\aswKbd.sys [32600 2017-05-11] (AVAST Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [128648 2017-05-11] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [101152 2017-05-11] (AVAST Software)
R0 aswRvrt; C:\Windows\system32\drivers\aswRvrt.sys [75704 2017-05-11] (AVAST Software)
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1007160 2017-05-11] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [569192 2017-05-11] (AVAST Software)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [158880 2017-05-12] (AVAST Software)
R0 aswVmm; C:\Windows\system32\drivers\aswVmm.sys [339696 2017-05-11] (AVAST Software)
R2 atksgt; C:\Windows\System32\DRIVERS\atksgt.sys [310984 2015-04-10] ()
R3 bcbtums; C:\Windows\system32\drivers\bcbtums.sys [170712 2013-09-04] (Broadcom Corporation.)
R3 BCM43XX; C:\Windows\system32\DRIVERS\bcmwl63a.sys [7474864 2013-08-07] (Broadcom Corporation)
R2 BstHdDrv; C:\Program Files (x86)\BlueStacks\HD-Hypervisor-amd64.sys [122072 2014-10-08] (BlueStack Systems)
R3 dg_ssudbus; C:\Windows\system32\DRIVERS\ssudbus.sys [129152 2016-04-25] (Samsung Electronics Co., Ltd.)
R1 dtsoftbus01; C:\Windows\System32\drivers\dtsoftbus01.sys [283064 2015-12-04] (Disc Soft Ltd)
S3 Hamachi; C:\Windows\system32\DRIVERS\Hamdrv.sys [44296 2015-03-30] (LogMeIn Inc.)
R2 lirsgt; C:\Windows\System32\DRIVERS\lirsgt.sys [42696 2015-04-10] ()
S3 ma-config_amd64; C:\Program Files\ma-config.com\Drivers\ma-config_amd64.sys [17568 2014-02-24] (CybelSoft)
R3 MEIx64; C:\Windows\system32\DRIVERS\TeeDriverx64.sys [129312 2015-01-06] (Intel Corporation)
R2 NPF; C:\Windows\System32\drivers\npf.sys [35344 2010-06-25] (CACE Technologies, Inc.)
S3 ssudmdm; C:\Windows\system32\DRIVERS\ssudmdm.sys [221824 2016-04-25] (Samsung Electronics Co., Ltd.)
S3 ssudserd; C:\Windows\system32\DRIVERS\ssudserd.sys [221824 2016-04-25] (Samsung Electronics Co., Ltd.)
R3 usbrndis6; C:\Windows\system32\DRIVERS\usb80236.sys [20992 2015-04-25] (Microsoft Corporation)
R3 VCSVADHWSer; C:\Windows\system32\DRIVERS\vcsvad.sys [21504 2008-12-26] (Avnex)
R3 voxaldriver; C:\Windows\system32\DRIVERS\voxaldriverx64.sys [34512 2015-06-02] ()
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44560 2015-07-07] (Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [270168 2015-07-07] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114520 2015-07-07] (Microsoft Corporation)
S3 xhunter1; \??\C:\Windows\xhunter1.sys [X]
R3 xspirit; \??\C:\Windows\xspirit.sys [X]
==================== NetSvcs (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
==================== Un mois - Créés - fichiers et dossiers ========
(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)
2017-06-06 19:45 - 2017-06-06 19:47 - 00031899 _____ C:\Users\TheMasterBlanker\Desktop\FRST.txt
2017-06-06 19:45 - 2017-06-06 19:45 - 02433536 _____ (Farbar) C:\Users\TheMasterBlanker\Desktop\FRST64.exe
2017-06-06 19:45 - 2017-06-06 19:45 - 00000000 ____D C:\FRST
2017-06-05 15:17 - 2017-06-05 15:17 - 03521617 _____ (Nicolas Coolman ) C:\Users\TheMasterBlanker\Downloads\zhpfix_2015.10.19.9 (1).exe
2017-06-05 15:16 - 2017-06-05 15:16 - 00002252 _____ C:\Users\TheMasterBlanker\Desktop\ZHPFixReport.txt
2017-06-05 15:14 - 2017-06-05 15:15 - 00000000 ____D C:\Program Files (x86)\ZHPFix
2017-06-05 15:14 - 2017-06-05 15:14 - 00001856 _____ C:\Users\Public\Desktop\ZHPFix.lnk
2017-06-05 15:14 - 2017-06-05 15:14 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ZHP
2017-06-05 15:13 - 2017-06-05 15:13 - 03521617 _____ (Nicolas Coolman ) C:\Users\TheMasterBlanker\Downloads\zhpfix_2015.10.19.9.exe
2017-06-04 20:14 - 2017-06-04 20:14 - 00204710 _____ C:\Users\TheMasterBlanker\Downloads\PointBlankTAM.torrent
2017-06-04 20:14 - 2017-06-04 20:14 - 00204710 _____ C:\Users\TheMasterBlanker\Downloads\PointBlankTAM (1).torrent
2017-06-04 19:55 - 2017-06-04 19:55 - 00748368 _____ C:\Users\TheMasterBlanker\Desktop\PointBlankTAMDownloader.rar
2017-06-04 19:51 - 2017-06-04 19:51 - 02831024 _____ (Microsoft) C:\Users\TheMasterBlanker\Downloads\PointBlankTAMDownloader (3).exe
2017-06-04 19:35 - 2017-06-04 19:35 - 00001355 _____ C:\Users\TheMasterBlanker\Desktop\AdwCleaner[C2].txt
2017-06-04 19:29 - 2017-06-04 19:29 - 04110280 _____ C:\Users\TheMasterBlanker\Downloads\adwcleaner_6.047 (1).exe
2017-06-04 19:27 - 2017-06-04 19:27 - 00011526 _____ C:\Users\TheMasterBlanker\Desktop\depense de merde.xlsx
2017-06-04 19:24 - 2017-06-04 19:29 - 00093578 _____ C:\Users\TheMasterBlanker\Desktop\ZHPCleaner.txt
2017-06-04 19:17 - 2017-06-04 19:18 - 00000000 ____D C:\Users\TheMasterBlanker\AppData\Local\ZHP
2017-06-04 19:17 - 2017-06-04 19:17 - 02771456 _____ C:\Users\TheMasterBlanker\Downloads\zhpcleaner_2017.05.14.81.exe
2017-06-04 19:17 - 2017-06-04 19:17 - 00000950 _____ C:\Users\TheMasterBlanker\Desktop\ZHPCleaner.lnk
2017-06-04 19:15 - 2017-06-04 19:15 - 02831024 _____ (Microsoft) C:\Users\TheMasterBlanker\Downloads\PointBlankTAMDownloader (2).exe
2017-06-04 19:15 - 2017-06-04 19:15 - 00001039 _____ C:\Users\TheMasterBlanker\Downloads\DownLoader.config
2017-06-04 19:14 - 2017-06-04 19:15 - 02831024 _____ (Microsoft) C:\Users\TheMasterBlanker\Downloads\PointBlankTAMDownloader (1).ppt
2017-06-04 19:14 - 2017-06-04 19:14 - 02831024 _____ (Microsoft) C:\Users\TheMasterBlanker\Desktop\PointBlankTAMDownloader.exe
2017-06-04 04:29 - 2017-06-05 15:24 - 00158114 _____ C:\Users\TheMasterBlanker\Desktop\ZHPDiag.txt
2017-06-04 04:22 - 2017-06-05 15:17 - 00000000 ____D C:\Users\TheMasterBlanker\AppData\Roaming\ZHP
2017-06-04 04:22 - 2017-06-05 15:16 - 00000872 _____ C:\Users\TheMasterBlanker\Desktop\ZHPDiag.lnk
2017-06-04 04:21 - 2017-06-04 04:21 - 02105344 _____ C:\Users\TheMasterBlanker\Downloads\ZHPDiag3.exe
2017-06-04 02:16 - 2017-06-04 02:16 - 01707144 _____ C:\Users\TheMasterBlanker\Downloads\Adaware_Installer-11.2.5952.exe
2017-06-04 02:16 - 2017-06-04 02:16 - 00000000 ____D C:\ProgramData\Lavasoft
2017-06-04 02:16 - 2017-06-04 02:16 - 00000000 ____D C:\ProgramData\adaware
2017-06-03 22:27 - 2017-06-04 19:32 - 00000000 ____D C:\AdwCleaner
2017-06-03 22:27 - 2017-06-03 22:27 - 04110280 _____ C:\Users\TheMasterBlanker\Downloads\adwcleaner_6.047.exe
2017-06-01 20:53 - 2017-06-01 20:57 - 00003638 _____ C:\Windows\System32\Tasks\topnews17netpoim
2017-05-26 20:34 - 2017-05-26 20:38 - 288366999 _____ C:\Users\TheMasterBlanker\Desktop\test.zip
2017-05-26 20:33 - 2017-05-26 20:34 - 290644381 _____ C:\Users\TheMasterBlanker\Desktop\compte rendu reunion 25.txt
2017-05-26 06:02 - 2017-05-26 06:02 - 01244714 _____ C:\Users\TheMasterBlanker\Desktop\caca song.camproj
2017-05-25 18:09 - 2017-05-25 19:35 - 984717868 _____ C:\Users\TheMasterBlanker\Desktop\compte rendu reunion 25.wav
2017-05-25 18:08 - 2017-05-25 18:08 - 00000000 _____ C:\Users\TheMasterBlanker\Desktop\CMPT rendu reu 25.txt
2017-05-23 13:57 - 2017-06-03 10:54 - 00000000 ____D C:\Users\TheMasterBlanker\Desktop\HG
2017-05-17 12:39 - 2017-05-17 12:39 - 00005268 _____ C:\Windows\SysWOW64\Default.session
2017-05-17 12:39 - 2017-05-17 12:39 - 00000228 _____ C:\Windows\SysWOW64\SysConfig.xml
2017-05-17 12:39 - 2017-05-17 12:39 - 00000000 _____ C:\Windows\SysWOW64\SysConfig.bak
2017-05-17 12:39 - 2017-05-17 12:39 - 00000000 _____ C:\Windows\SysWOW64\Default.bak
2017-05-12 21:11 - 2017-05-12 21:11 - 01178264 _____ C:\Windows\Minidump\051217-69906-01.dmp
2017-05-12 15:32 - 2017-05-12 15:32 - 00000000 ____D C:\Users\TheMasterBlanker\AppData\Roaming\Google
2017-05-11 17:58 - 2017-05-11 17:58 - 00400456 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
==================== Un mois - Modifiés - fichiers et dossiers ========
(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)
2017-06-06 19:32 - 2015-06-15 12:48 - 00000000 ____D C:\Users\TheMasterBlanker\AppData\Roaming\TS3Client
2017-06-06 18:32 - 2015-04-04 22:04 - 00003960 _____ C:\Windows\System32\Tasks\User_Feed_Synchronization-{35842BFD-D333-4D09-A866-8EED6EDA700F}
2017-06-06 15:55 - 2015-04-06 01:34 - 00000000 ____D C:\Program Files (x86)\Steam
2017-06-06 15:35 - 2013-09-30 06:22 - 01053966 _____ C:\Windows\system32\PerfStringBackup.INI
2017-06-06 15:35 - 2013-09-30 05:59 - 00164604 _____ C:\Windows\system32\perfc00C.dat
2017-06-06 15:35 - 2013-09-30 05:59 - 00030478 _____ C:\Windows\system32\perfh00C.dat
2017-06-06 15:35 - 2013-08-22 15:36 - 00000000 ____D C:\Windows\Inf
2017-06-06 13:17 - 2014-11-11 20:52 - 00000000 ____D C:\Users\TheMasterBlanker\Desktop\Base de Donées
2017-06-05 04:37 - 2015-11-27 19:00 - 00000000 ____D C:\Users\TheMasterBlanker\AppData\Local\osu!
2017-06-05 02:20 - 2015-04-04 20:54 - 00000000 ____D C:\Users\TheMasterBlanker
2017-06-05 02:20 - 2013-08-22 16:45 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2017-06-05 00:49 - 2015-04-05 22:09 - 00000000 ____D C:\Users\TheMasterBlanker\AppData\Roaming\Skype
2017-06-03 21:43 - 2015-04-04 21:00 - 00003600 _____ C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-3156663076-1905861534-2114827116-1001
2017-06-03 21:40 - 2017-04-13 18:32 - 00004172 _____ C:\Windows\System32\Tasks\Avast Emergency Update
2017-06-02 19:27 - 2017-04-13 18:36 - 00003908 _____ C:\Windows\System32\Tasks\SafeZone scheduled Autoupdate 1492101386
2017-06-02 19:27 - 2017-04-13 18:36 - 00001090 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast SafeZone Browser.lnk
2017-06-02 03:11 - 2016-04-27 13:45 - 00000290 __RSH C:\Users\TheMasterBlanker\ntuser.pol
2017-06-02 03:08 - 2015-08-09 11:00 - 00000000 ____D C:\Users\Invité
2017-06-01 23:15 - 2015-07-15 18:08 - 00955992 _____ C:\Users\TheMasterBlanker\Downloads\Intercepter-NG.v099.zip
2017-06-01 23:14 - 2015-08-12 17:22 - 00229304 _____ C:\Users\TheMasterBlanker\Downloads\UDP Unicorn.rar
2017-06-01 21:01 - 2016-04-24 23:56 - 00002284 __RSH C:\ProgramData\ntuser.pol
2017-06-01 00:36 - 2015-04-04 22:34 - 00000000 ____D C:\Users\TheMasterBlanker\AppData\Roaming\Audacity
2017-05-28 21:04 - 2015-05-07 00:26 - 00000000 ____D C:\Users\TheMasterBlanker\AppData\Local\CrashDumps
2017-05-27 15:05 - 2015-04-10 13:43 - 00000000 ____D C:\Program Files (x86)\Ubisoft
2017-05-26 20:34 - 2015-11-12 22:26 - 01295360 ___SH C:\Users\TheMasterBlanker\Desktop\Thumbs.db
2017-05-25 01:49 - 2013-08-22 15:25 - 00262144 ___SH C:\Windows\system32\config\BBI
2017-05-25 00:20 - 2016-09-22 13:10 - 00000000 ____D C:\Users\TheMasterBlanker\AppData\Roaming\discord
2017-05-12 22:22 - 2017-04-13 18:32 - 00158880 _____ (AVAST Software) C:\Windows\system32\Drivers\aswstm.sys
2017-05-12 21:24 - 2017-02-11 20:15 - 00002268 _____ C:\Users\TheMasterBlanker\Desktop\Google Chrome.lnk
2017-05-12 21:11 - 2015-06-03 00:03 - 00000000 ____D C:\Windows\Minidump
2017-05-12 21:10 - 2015-06-03 00:03 - 814013123 ____N C:\Windows\MEMORY.DMP
2017-05-12 14:50 - 2015-09-21 11:55 - 00000000 ___RD C:\Program Files (x86)\Skype
2017-05-12 14:50 - 2015-04-05 22:08 - 00000000 ____D C:\ProgramData\Skype
2017-05-12 13:54 - 2015-04-05 21:22 - 00002204 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2017-05-12 13:44 - 2015-04-14 23:12 - 00004476 _____ C:\Windows\System32\Tasks\Adobe Acrobat Update Task
2017-05-11 18:36 - 2015-11-19 09:12 - 00689664 ___SH C:\Users\TheMasterBlanker\Downloads\Thumbs.db
2017-05-11 17:58 - 2017-04-13 18:32 - 00569192 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys
2017-05-11 17:58 - 2017-04-13 18:32 - 00339696 _____ (AVAST Software) C:\Windows\system32\Drivers\aswVmm.sys
2017-05-11 17:58 - 2017-04-13 18:32 - 00128648 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2017-05-11 17:58 - 2017-04-13 18:32 - 00101152 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2017-05-11 17:58 - 2017-04-13 18:32 - 00075704 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRvrt.sys
2017-05-11 17:58 - 2017-04-13 18:32 - 00038296 _____ (AVAST Software) C:\Windows\system32\Drivers\aswHwid.sys
2017-05-11 17:57 - 2017-04-13 18:35 - 00032600 _____ (AVAST Software) C:\Windows\system32\Drivers\aswKbd.sys
2017-05-11 17:57 - 2017-04-13 18:32 - 01007160 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys
2017-05-11 17:57 - 2017-04-13 18:32 - 00334576 _____ (AVAST Software s.r.o.) C:\Windows\system32\Drivers\aswbloga.sys
2017-05-11 17:57 - 2017-04-13 18:32 - 00311808 _____ (AVAST Software s.r.o.) C:\Windows\system32\Drivers\aswbidsdrivera.sys
2017-05-11 17:57 - 2017-04-13 18:32 - 00190256 _____ (AVAST Software s.r.o.) C:\Windows\system32\Drivers\aswbidsha.sys
2017-05-11 17:57 - 2017-04-13 18:32 - 00049016 _____ (AVAST Software s.r.o.) C:\Windows\system32\Drivers\aswbuniva.sys
==================== Fichiers à la racine de certains dossiers =======
2015-06-27 01:52 - 2015-06-27 02:05 - 0000097 _____ () C:\Users\TheMasterBlanker\AppData\Roaming\LauncherSettings_live.cfg
2015-04-07 22:16 - 2015-04-07 22:16 - 0000036 _____ () C:\Users\TheMasterBlanker\AppData\Roaming\SuYZkvrV.tmp
2015-06-02 19:56 - 2015-06-02 19:56 - 0001167 _____ () C:\Users\TheMasterBlanker\AppData\Roaming\trace_FilterInstaller.txt
2015-06-02 19:56 - 2015-06-02 19:56 - 0000000 _____ () C:\Users\TheMasterBlanker\AppData\Roaming\trace_FilterInstaller.txt-CRT.txt
2015-06-02 18:53 - 2015-12-01 14:57 - 0005632 _____ () C:\Users\TheMasterBlanker\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2015-05-01 20:48 - 2015-05-01 20:48 - 0000000 ___SH () C:\Users\TheMasterBlanker\AppData\Local\LumaEmu
2015-04-06 11:01 - 2016-06-14 07:25 - 0007599 _____ () C:\Users\TheMasterBlanker\AppData\Local\Resmon.ResmonCfg
2015-09-06 23:37 - 2015-09-06 23:37 - 1426411 _____ () C:\Users\TheMasterBlanker\AppData\Local\Tempmusic.ogg
Certains fichiers dans TEMP:
====================
2017-06-06 00:38 - 2017-06-06 15:41 - 0000088 _____ () C:\Users\TheMasterBlanker\AppData\Local\Temp\39a56b5de69b55011da6fd00dcb863a1.dll
2017-06-06 00:38 - 2017-06-06 15:51 - 0000000 _____ () C:\Users\TheMasterBlanker\AppData\Local\Temp\acfddec697c1a5344602e4990b4138a3.dll
==================== Bamital & volsnap ======================
(Il n'y a pas de correction automatique pour les fichiers qui ne satisfont pas à la vérification.)
C:\Windows\system32\winlogon.exe => Le fichier est signé numériquement
C:\Windows\system32\wininit.exe => Le fichier est signé numériquement
C:\Windows\explorer.exe => Le fichier est signé numériquement
C:\Windows\SysWOW64\explorer.exe => Le fichier est signé numériquement
C:\Windows\system32\svchost.exe => Le fichier est signé numériquement
C:\Windows\SysWOW64\svchost.exe => Le fichier est signé numériquement
C:\Windows\system32\services.exe => Le fichier est signé numériquement
C:\Windows\system32\User32.dll => Le fichier est signé numériquement
C:\Windows\SysWOW64\User32.dll => Le fichier est signé numériquement
C:\Windows\system32\userinit.exe => Le fichier est signé numériquement
C:\Windows\SysWOW64\userinit.exe => Le fichier est signé numériquement
C:\Windows\system32\rpcss.dll => Le fichier est signé numériquement
C:\Windows\system32\dnsapi.dll => Le fichier est signé numériquement
C:\Windows\SysWOW64\dnsapi.dll => Le fichier est signé numériquement
C:\Windows\system32\Drivers\volsnap.sys => Le fichier est signé numériquement
LastRegBack: 2017-05-22 14:19
==================== Fin de FRST.txt ============================
Exécuté par TheMasterBlanker (administrateur) sur TMB (06-06-2017 19:45:37)
Exécuté depuis C:\Users\TheMasterBlanker\Desktop
Profils chargés: TheMasterBlanker (Profils disponibles: TheMasterBlanker & Invité)
Platform: Windows 8.1 Pro (Update) (X64) Langue: Français (France)
Internet Explorer Version 11 (Navigateur par défaut: Chrome)
Mode d'amorçage: Normal
Tutoriel pour Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processus (Avec liste blanche) =================
(Si un élément est inclus dans le fichier fixlist.txt, le processus sera arrêté. Le fichier ne sera pas déplacé.)
(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe
(Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
(Microsoft Corporation) C:\Windows\System32\InputMethod\CHS\ChsIME.exe
(BlueStack Systems, Inc.) C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe
(BlueStack Systems, Inc.) C:\Program Files (x86)\BlueStacks\HD-UpdaterService.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.5\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.5\GoogleCrashHandler64.exe
(CybelSoft) C:\Program Files\ma-config.com\MaConfigAgent.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
(CyberGhost S.R.L) C:\Program Files\CyberGhost 5\Service.exe
() C:\Program Files\8DGamingMouse\8DGamingMouse.exe
(AVAST Software s.r.o.) C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Lenovo (Beijing) Limited) C:\Program Files (x86)\Lenovo\Energy Management\Energy Management.exe
(Lenovo(beijing) Limited) C:\Program Files (x86)\Lenovo\Energy Management\utility.exe
(CANON INC.) C:\Windows\System32\spool\drivers\x64\3\CNAP2LAK.EXE
(Gaijin Entertainment) C:\Users\TheMasterBlanker\AppData\Local\Gaijin\Program Files (x86)\NetAgent\gjagent.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(CANON INC.) C:\Windows\System32\spool\drivers\x64\3\CNAP2RPK.EXE
(ROCCAT) C:\Program Files (x86)\ROCCAT\ROCCAT Swarm\ROCCAT_Swarm_Monitor.exe
(Lenovo) C:\Program Files\Lenovo\Lenovo Solution Center\LSCNotify.exe
(CANON INC.) C:\Windows\System32\spool\drivers\x64\3\CNABFSWK.EXE
(ROCCAT GmbH Co., Ltd.) C:\Program Files (x86)\ROCCAT\Roccat Talk\Roccat Talk.exe
(ROCCAT GmbH) C:\Program Files (x86)\ROCCAT\Isku Keyboard\IskuMonitor.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Microsoft Corporation) C:\Windows\System32\WWAHost.exe
(TeamSpeak Systems GmbH) C:\Program Files (x86)\TeamSpeak 3 Client\ts3client_win32.exe
(Valve Corporation) C:\Program Files (x86)\Steam\Steam.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
(Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\SndVol.exe
(Microsoft Corporation) C:\Windows\System32\Taskmgr.exe
() D:\Riot Games\League of Legends\RADS\projects\league_client\releases\0.0.0.78\deploy\LeagueClient.exe
() D:\Riot Games\League of Legends\RADS\projects\league_client\releases\0.0.0.78\deploy\LeagueClientUx.exe
() D:\Riot Games\League of Legends\RADS\projects\league_client\releases\0.0.0.78\deploy\LeagueClientUxRender.exe
() D:\Riot Games\League of Legends\RADS\projects\league_client\releases\0.0.0.78\deploy\LeagueClientUxRender.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
==================== Registre (Avec liste blanche) ====================
(Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé. Le fichier ne sera pas déplacé.)
HKLM\...\Run: [Energy Management] => C:\Program Files (x86)\Lenovo\Energy Management\Energy Management.exe [17080376 2015-05-13] (Lenovo (Beijing) Limited)
HKLM\...\Run: [EnergyUtility] => C:\Program Files (x86)\Lenovo\Energy Management\Utility.exe [191544 2015-05-13] (Lenovo(beijing) Limited)
HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [287592 2013-08-07] (Intel Corporation)
HKLM\...\Run: [CNAP2 Launcher] => C:\Windows\system32\spool\DRIVERS\x64\3\CNAP2LAK.EXE [226784 2010-10-15] (CANON INC.)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [508104 2015-09-04] (Adobe Systems Incorporated)
HKLM\...\Run: [IgfxTray] => C:\Windows\system32\igfxtray.exe [392592 2015-03-31] ()
HKLM\...\Run: [HotKeysCmds] => "C:\Windows\system32\hkcmd.exe"
HKLM\...\Run: [Persistence] => "C:\Windows\system32\igfxpers.exe"
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [213824 2017-05-11] (AVAST Software)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [766688 2014-07-04] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-04-21] (Apple Inc.)
HKLM-x32\...\Run: [Adobe Creative Cloud] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [2292912 2015-09-17] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [BlueStacks Agent] => C:\Program Files (x86)\BlueStacks\HD-Agent.exe [843480 2014-10-08] (BlueStack Systems, Inc.)
HKLM-x32\...\Run: [RoccatIsku] => C:\Program Files (x86)\ROCCAT\Isku Keyboard\IskuMonitor.EXE [536576 2013-10-30] (ROCCAT GmbH)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [587288 2016-12-12] (Oracle Corporation)
Winlogon\Notify\igfxcui: igfxdev.dll [X]
HKU\S-1-5-21-3156663076-1905861534-2114827116-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [3042592 2017-06-01] (Valve Corporation)
HKU\S-1-5-21-3156663076-1905861534-2114827116-1001\...\Run: [CyberGhost] => C:\Program Files\CyberGhost 5\CyberGhost.exe [426600 2016-01-11] (CyberGhost S.R.L.)
HKU\S-1-5-21-3156663076-1905861534-2114827116-1001\...\Run: [DAEMON Tools Lite] => C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [3696912 2014-03-04] (Disc Soft Ltd)
HKU\S-1-5-21-3156663076-1905861534-2114827116-1001\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [27716568 2017-05-04] (Skype Technologies S.A.)
HKU\S-1-5-21-3156663076-1905861534-2114827116-1001\...\Run: [Gaijin.Net Agent] => C:\Users\TheMasterBlanker\AppData\Local\Gaijin\Program Files (x86)\NetAgent\gjagent.exe [2012616 2017-05-25] (Gaijin Entertainment)
HKU\S-1-5-21-3156663076-1905861534-2114827116-1001\...\MountPoints2: H - "H:\AutoRun.exe"
HKU\S-1-5-21-3156663076-1905861534-2114827116-1001\...\MountPoints2: {123ec7b0-ea2f-11e5-83a6-485ab6cc184a} - "F:\AutoRun.exe"
HKU\S-1-5-21-3156663076-1905861534-2114827116-1001\...\MountPoints2: {123ecbc8-ea2f-11e5-83a6-485ab6cc184a} - "F:\AutoRun.exe"
HKU\S-1-5-21-3156663076-1905861534-2114827116-1001\...\MountPoints2: {123eccf3-ea2f-11e5-83a6-485ab6cc184a} - "H:\AutoRun.exe"
HKU\S-1-5-21-3156663076-1905861534-2114827116-1001\...\MountPoints2: {27fc6e38-25da-11e6-83b6-485ab6cc184a} - "F:\AutoRun.exe"
HKU\S-1-5-21-3156663076-1905861534-2114827116-1001\...\MountPoints2: {3331306a-f60e-11e5-83a7-485ab6cc184a} - "F:\AutoRun.exe"
HKU\S-1-5-21-3156663076-1905861534-2114827116-1001\...\MountPoints2: {35c2f4b9-a7ff-11e5-8392-485ab6cc184a} - "F:\AutoRun.exe"
HKU\S-1-5-21-3156663076-1905861534-2114827116-1001\...\MountPoints2: {35c2faba-a7ff-11e5-8392-485ab6cc184a} - "I:\AutoRun.exe"
HKU\S-1-5-21-3156663076-1905861534-2114827116-1001\...\MountPoints2: {35c2fac8-a7ff-11e5-8392-485ab6cc184a} - "F:\AutoRun.exe"
HKU\S-1-5-21-3156663076-1905861534-2114827116-1001\...\MountPoints2: {3f66d816-276a-11e6-83b7-485ab6cc184a} - "F:\AutoRun.exe"
HKU\S-1-5-21-3156663076-1905861534-2114827116-1001\...\MountPoints2: {3f66d831-276a-11e6-83b7-485ab6cc184a} - "F:\AutoRun.exe"
HKU\S-1-5-21-3156663076-1905861534-2114827116-1001\...\MountPoints2: {3f66e8b0-276a-11e6-83b7-485ab6cc184a} - "F:\AutoRun.exe"
HKU\S-1-5-21-3156663076-1905861534-2114827116-1001\...\MountPoints2: {49fb1f3e-4445-11e6-83bd-485ab6cc184a} - "F:\AutoRun.exe"
HKU\S-1-5-21-3156663076-1905861534-2114827116-1001\...\MountPoints2: {49fb1f93-4445-11e6-83bd-485ab6cc184a} - "F:\AutoRun.exe"
HKU\S-1-5-21-3156663076-1905861534-2114827116-1001\...\MountPoints2: {4bfd8d26-de13-11e5-83a3-485ab6cc184a} - "F:\AutoRun.exe"
HKU\S-1-5-21-3156663076-1905861534-2114827116-1001\...\MountPoints2: {4bfd8d3e-de13-11e5-83a3-485ab6cc184a} - "F:\AutoRun.exe"
HKU\S-1-5-21-3156663076-1905861534-2114827116-1001\...\MountPoints2: {77f8afda-40fb-11e6-83bd-485ab6cc184a} - "F:\AutoRun.exe"
HKU\S-1-5-21-3156663076-1905861534-2114827116-1001\...\MountPoints2: {77f8afed-40fb-11e6-83bd-485ab6cc184a} - "F:\AutoRun.exe"
HKU\S-1-5-21-3156663076-1905861534-2114827116-1001\...\MountPoints2: {77f8c3ce-40fb-11e6-83bd-485ab6cc184a} - "F:\AutoRun.exe"
HKU\S-1-5-21-3156663076-1905861534-2114827116-1001\...\MountPoints2: {77f8c3ef-40fb-11e6-83bd-485ab6cc184a} - "F:\AutoRun.exe"
HKU\S-1-5-21-3156663076-1905861534-2114827116-1001\...\MountPoints2: {790020d9-faa3-11e5-83a7-485ab6cc184a} - "H:\AutoRun.exe"
HKU\S-1-5-21-3156663076-1905861534-2114827116-1001\...\MountPoints2: {7ae04f54-ed26-11e5-83a6-485ab6cc184a} - "F:\AutoRun.exe"
HKU\S-1-5-21-3156663076-1905861534-2114827116-1001\...\MountPoints2: {85dcdd1a-1921-11e5-8360-485ab6cc184a} - "F:\AutoRun.exe"
HKU\S-1-5-21-3156663076-1905861534-2114827116-1001\...\MountPoints2: {85dcdd2e-1921-11e5-8360-485ab6cc184a} - "F:\AutoRun.exe"
HKU\S-1-5-21-3156663076-1905861534-2114827116-1001\...\MountPoints2: {944a9b39-dafb-11e4-8251-201a06a225cc} - "F:\AutoRun.exe"
HKU\S-1-5-21-3156663076-1905861534-2114827116-1001\...\MountPoints2: {9c4f6eaa-2ed2-11e5-836c-485ab6cc184a} - "F:\AutoRun.exe"
HKU\S-1-5-21-3156663076-1905861534-2114827116-1001\...\MountPoints2: {9c4f6ec1-2ed2-11e5-836c-485ab6cc184a} - "F:\AutoRun.exe"
HKU\S-1-5-21-3156663076-1905861534-2114827116-1001\...\MountPoints2: {ac107ca0-db09-11e4-8252-201a06a225cc} - "F:\AutoRun.exe"
HKU\S-1-5-21-3156663076-1905861534-2114827116-1001\...\MountPoints2: {ac107cbf-db09-11e4-8252-201a06a225cc} - "F:\AutoRun.exe"
HKU\S-1-5-21-3156663076-1905861534-2114827116-1001\...\MountPoints2: {d6c88a93-45d7-11e6-83be-485ab6cc184a} - "F:\AutoRun.exe"
HKU\S-1-5-21-3156663076-1905861534-2114827116-1001\...\MountPoints2: {da0428b8-1cef-11e5-8364-485ab6cc184a} - "F:\AutoRun.exe"
HKU\S-1-5-21-3156663076-1905861534-2114827116-1001\...\MountPoints2: {da0428c6-1cef-11e5-8364-485ab6cc184a} - "F:\AutoRun.exe"
HKU\S-1-5-21-3156663076-1905861534-2114827116-1001\...\MountPoints2: {f287b1b5-98fb-11e5-8391-485ab6cc184a} - "G:\setup.exe"
HKU\S-1-5-21-3156663076-1905861534-2114827116-1001\...\MountPoints2: {f69b175e-dceb-11e6-8417-485ab6cc184a} - "F:\EMP_UDSe.exe" /autorun
HKU\S-1-5-21-3156663076-1905861534-2114827116-1001\...\MountPoints2: {f9c42414-d960-11e5-83a2-485ab6cc184a} - "F:\AutoRun.exe"
HKU\S-1-5-21-3156663076-1905861534-2114827116-1001\...\MountPoints2: {f9c42428-d960-11e5-83a2-485ab6cc184a} - "F:\AutoRun.exe"
HKU\S-1-5-21-3156663076-1905861534-2114827116-1001\...\MountPoints2: {f9c43527-d960-11e5-83a2-485ab6cc184a} - "F:\AutoRun.exe"
HKU\S-1-5-21-3156663076-1905861534-2114827116-1001\...\MountPoints2: {f9c4353d-d960-11e5-83a2-485ab6cc184a} - "F:\AutoRun.exe"
HKU\S-1-5-21-3156663076-1905861534-2114827116-1001\...\Winlogon: [Shell] C:\Windows\Explorer.exe [2757616 2016-02-09] (Microsoft Corporation) <==== ATTENTION
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2017-05-11] (AVAST Software)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2017-05-11] (AVAST Software)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\LOLRecorder.lnk [2016-02-11]
ShortcutTarget: LOLRecorder.lnk -> C:\Program Files (x86)\LOLReplay\LOLRecorder.exe (LOL Replay)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\ROCCAT Swarm.lnk [2016-07-22]
ShortcutTarget: ROCCAT Swarm.lnk -> C:\Program Files (x86)\ROCCAT\ROCCAT Swarm\ROCCAT_Swarm_Monitor.exe (ROCCAT)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Roccat Talk.lnk [2016-07-22]
ShortcutTarget: Roccat Talk.lnk -> C:\Program Files (x86)\ROCCAT\Roccat Talk\Roccat Talk.exe (ROCCAT GmbH Co., Ltd.)
Startup: C:\Users\TheMasterBlanker\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\C-cleaner.lnk [2016-05-03]
Startup: C:\Users\TheMasterBlanker\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Curse.lnk [2015-07-27]
ShortcutTarget: Curse.lnk -> C:\Users\TheMasterBlanker\AppData\Roaming\Curse Client\Bin\Curse.exe (Curse, Inc)
Startup: C:\Users\TheMasterBlanker\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\VideoLAN.lnk [2016-05-03]
GroupPolicy: Restriction - Windows Defender <======= ATTENTION
GroupPolicy\User: Restriction <======= ATTENTION
GroupPolicyScripts: Restriction <======= ATTENTION
==================== Internet (Avec liste blanche) ====================
(Si un élément est inclus dans le fichier fixlist.txt, s'il s'agit d'un élément du Registre, il sera supprimé ou restauré à la valeur par défaut.)
Hosts: Il y a plus d'un élément dans hosts. Voir la section Hosts de Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.42.129
Tcpip\..\Interfaces\{345BCD39-99D5-4CC6-93D1-A74CC864C336}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{9CEAF38B-DF8A-4508-905F-C38FEA9D4F97}: [DhcpNameServer] 192.168.42.129
Tcpip\..\Interfaces\{F23F5B3E-62BD-49C7-BC47-975165EF8F08}: [DhcpNameServer] 192.168.43.1
Internet Explorer:
==================
HKU\S-1-5-21-3156663076-1905861534-2114827116-1001\Software\Microsoft\Internet Explorer\Main,Start Page =
HKU\S-1-5-21-3156663076-1905861534-2114827116-1001\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://www.msn.com/ar-eg/?ocid=iehp
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2017-04-13] (AVAST Software)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_121\bin\ssv.dll [2017-04-14] (Oracle Corporation)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2017-04-13] (AVAST Software)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_121\bin\jp2ssv.dll [2017-04-14] (Oracle Corporation)
FireFox:
========
FF DefaultProfile: fk4u2ko1.default
FF ProfilePath: C:\Users\TheMasterBlanker\AppData\Roaming\Mozilla\Firefox\Profiles\fk4u2ko1.default [2017-06-02]
FF Keyword.URL: Mozilla\Firefox\Profiles\fk4u2ko1.default -> hxxp://go.mail.ru/distib/ep/?product_id=%7B583E41F1-2D31-41A5-AA68-1960CF884786%7D&gp=811041
FF ProfilePath: C:\Users\TheMasterBlanker\AppData\Roaming\Greyfirst\Celtx\Profiles\fenigxoe.default [2016-01-06]
FF Extension: (Pas de nom) - C:\Program Files (x86)\Celtx\extensions\calendar-timezones@mozilla.org [non trouvé(e)]
FF Extension: (Pas de nom) - C:\Program Files (x86)\Celtx\extensions\default-palette@celtx.com [non trouvé(e)]
FF Extension: (Pas de nom) - C:\Program Files (x86)\Celtx\extensions\emoticons-msn-smileys@m513901.de [non trouvé(e)]
FF Extension: (Pas de nom) - C:\Program Files (x86)\Celtx\extensions\inspector@mozilla.org [non trouvé(e)]
FF Extension: (Pas de nom) - C:\Program Files (x86)\Celtx\extensions\messagestyle-blackened@addons.instantbird.org [non trouvé(e)]
FF Extension: (Pas de nom) - C:\Program Files (x86)\Celtx\extensions\messagestyle-depth@addons.instantbird.org [non trouvé(e)]
FF Extension: (Pas de nom) - C:\Program Files (x86)\Celtx\extensions\messagestyle-minimal20@addons.instantbird.org [non trouvé(e)]
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.41212.0\npctrl.dll [2015-12-12] ( Microsoft Corporation)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll [2015-09-17] (Adobe Systems)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll [2016-09-04] ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.56 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2015-01-06] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2015-01-06] (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.121.2 -> C:\Program Files (x86)\Java\jre1.8.0_121\bin\dtplugin\npDeployJava1.dll [2017-04-14] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.121.2 -> C:\Program Files (x86)\Java\jre1.8.0_121\bin\plugin2\npjp2.dll [2017-04-14] (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.41212.0\npctrl.dll [2015-12-12] ( Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-04-30] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-04-30] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.2.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.4 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2017-04-05] (Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll [2015-09-17] (Adobe Systems)
FF Plugin HKU\S-1-5-21-3156663076-1905861534-2114827116-1001: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\TheMasterBlanker\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2016-05-08] (Unity Technologies ApS)
Chrome:
=======
CHR DefaultProfile: Default
CHR StartupUrls: Default -> "","hxxp://websearch.search-plaza.info/?pid=21422&r=2014/11/23&hid=4964773463589896167&lg=EN&cc=MA&unqvl=69","hxxp://mail.ru/cnt/10445?gp=811036"
CHR Profile: C:\Users\TheMasterBlanker\AppData\Local\Google\Chrome\User Data\Default [2017-06-06]
CHR Extension: (Google Slides) - C:\Users\TheMasterBlanker\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-04-05]
CHR Extension: (Google Docs) - C:\Users\TheMasterBlanker\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-04-05]
CHR Extension: (Google Drive) - C:\Users\TheMasterBlanker\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-10-21]
CHR Extension: (YouTube) - C:\Users\TheMasterBlanker\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-09-24]
CHR Extension: (Adblock Plus) - C:\Users\TheMasterBlanker\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2017-03-23]
CHR Extension: (Recherche Google) - C:\Users\TheMasterBlanker\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-10-27]
CHR Extension: (Google Sheets) - C:\Users\TheMasterBlanker\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-04-05]
CHR Extension: (Google Docs hors connexion) - C:\Users\TheMasterBlanker\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-03-16]
CHR Extension: (agar.io server browser) - C:\Users\TheMasterBlanker\AppData\Local\Google\Chrome\User Data\Default\Extensions\hongpdkjnjhijmdnogoicadboadgllhi [2015-09-01]
CHR Extension: (Paiements via le Chrome Web Store) - C:\Users\TheMasterBlanker\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-03-11]
CHR Extension: (Gmail) - C:\Users\TheMasterBlanker\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-04-05]
CHR Extension: (Chrome Media Router) - C:\Users\TheMasterBlanker\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-05-12]
CHR Profile: C:\Users\TheMasterBlanker\AppData\Local\Google\Chrome\User Data\Guest Profile [2016-04-24]
CHR Profile: C:\Users\TheMasterBlanker\AppData\Local\Google\Chrome\User Data\Profile 1 [2015-12-28]
CHR Extension: (Google Slides) - C:\Users\TheMasterBlanker\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-12-28]
CHR Extension: (Google Docs) - C:\Users\TheMasterBlanker\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aohghmighlieiainnegkcijnfilokake [2015-12-28]
CHR Extension: (Google Drive) - C:\Users\TheMasterBlanker\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-12-28]
CHR Extension: (YouTube) - C:\Users\TheMasterBlanker\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-12-28]
CHR Extension: (Recherche Google) - C:\Users\TheMasterBlanker\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-12-28]
CHR Extension: (Tampermonkey) - C:\Users\TheMasterBlanker\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\dhdgffkkebhmkfjojejmpbldmpobfkfo [2017-06-01]
CHR Extension: (Google Sheets) - C:\Users\TheMasterBlanker\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-12-28]
CHR Extension: (Google Docs hors connexion) - C:\Users\TheMasterBlanker\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2015-12-28]
CHR Extension: (Paiements via le Chrome Web Store) - C:\Users\TheMasterBlanker\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-12-28]
CHR Extension: (Gmail) - C:\Users\TheMasterBlanker\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-12-28]
CHR Profile: C:\Users\TheMasterBlanker\AppData\Local\Google\Chrome\User Data\System Profile [2016-04-24]
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [epgjfmblhacacphaljkdcjllkomdcjpc] - hxxps://clients2.google.com/service/update2/crx
==================== Services (Avec liste blanche) ====================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
R2 AdobeUpdateService; C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe [669872 2015-09-15] (Adobe Systems Incorporated)
R2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [2246256 2017-05-18] (Adobe Systems, Incorporated)
R3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe [7346208 2017-05-11] (AVAST Software s.r.o.)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [263304 2017-05-11] (AVAST Software)
S2 BcmBtRSupport; C:\Windows\system32\BtwRSupportService.exe [2252504 2013-09-04] (Broadcom Corporation.)
S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [1530376 2017-04-14] ()
S2 BstHdAndroidSvc; C:\Program Files (x86)\BlueStacks\HD-Service.exe [409304 2014-10-08] (BlueStack Systems, Inc.)
R2 BstHdLogRotatorSvc; C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe [388824 2014-10-08] (BlueStack Systems, Inc.)
R2 BstHdUpdaterSvc; C:\Program Files (x86)\BlueStacks\HD-UpdaterService.exe [782040 2014-10-08] (BlueStack Systems, Inc.)
R2 CGVPNCliService; C:\Program Files\CyberGhost 5\Service.exe [65128 2016-01-11] (CyberGhost S.R.L)
S3 EasyAntiCheat; C:\Windows\SysWOW64\EasyAntiCheat.exe [245544 2016-09-09] (EasyAntiCheat Ltd)
S2 HiPatchService; C:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe [9728 2016-09-15] (Hi-Rez Studios) [Fichier non signé]
R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [15720 2013-08-07] (Intel Corporation)
R2 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe [344976 2015-03-31] (Intel Corporation)
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [887256 2014-05-13] (Intel(R) Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [158496 2015-01-06] (Intel Corporation)
S3 LSCWinService; C:\Program Files\Lenovo\Lenovo Solution Center\App\LSCWinService.exe [272440 2015-03-09] (Lenovo)
R2 MaConfigAgent; C:\Program Files\ma-config.com\MaConfigAgent.exe [2823496 2015-04-10] (CybelSoft)
S3 npggsvc; C:\Windows\SysWOW64\GameMon.des [3398096 2015-02-10] (INCA Internet Co., Ltd.)
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76152 2015-04-30] ()
S3 rpcapd; C:\Program Files (x86)\WinPcap\rpcapd.exe [117264 2010-06-25] (CACE Technologies, Inc.)
S4 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [7032080 2016-05-12] (TeamViewer GmbH)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [366552 2015-07-07] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2015-07-07] (Microsoft Corporation)
S2 AIPS; C:\Program Files (x86)\netcut\services\AIPS.exe [X]
S2 Hamachi2Svc; "C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe" -s [X]
===================== Pilotes (Avec liste blanche) ======================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
R0 amdkmpfd; C:\Windows\System32\drivers\amdkmpfd.sys [36096 2014-07-21] (Advanced Micro Devices, Inc.)
R1 aswbidsdriver; C:\Windows\system32\drivers\aswbidsdrivera.sys [311808 2017-05-11] (AVAST Software s.r.o.)
R0 aswbidsh; C:\Windows\system32\drivers\aswbidsha.sys [190256 2017-05-11] (AVAST Software s.r.o.)
R0 aswblog; C:\Windows\system32\drivers\aswbloga.sys [334576 2017-05-11] (AVAST Software s.r.o.)
R0 aswbuniv; C:\Windows\system32\drivers\aswbuniva.sys [49016 2017-05-11] (AVAST Software s.r.o.)
S3 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [38296 2017-05-11] (AVAST Software)
R1 aswKbd; C:\Windows\system32\drivers\aswKbd.sys [32600 2017-05-11] (AVAST Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [128648 2017-05-11] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [101152 2017-05-11] (AVAST Software)
R0 aswRvrt; C:\Windows\system32\drivers\aswRvrt.sys [75704 2017-05-11] (AVAST Software)
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1007160 2017-05-11] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [569192 2017-05-11] (AVAST Software)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [158880 2017-05-12] (AVAST Software)
R0 aswVmm; C:\Windows\system32\drivers\aswVmm.sys [339696 2017-05-11] (AVAST Software)
R2 atksgt; C:\Windows\System32\DRIVERS\atksgt.sys [310984 2015-04-10] ()
R3 bcbtums; C:\Windows\system32\drivers\bcbtums.sys [170712 2013-09-04] (Broadcom Corporation.)
R3 BCM43XX; C:\Windows\system32\DRIVERS\bcmwl63a.sys [7474864 2013-08-07] (Broadcom Corporation)
R2 BstHdDrv; C:\Program Files (x86)\BlueStacks\HD-Hypervisor-amd64.sys [122072 2014-10-08] (BlueStack Systems)
R3 dg_ssudbus; C:\Windows\system32\DRIVERS\ssudbus.sys [129152 2016-04-25] (Samsung Electronics Co., Ltd.)
R1 dtsoftbus01; C:\Windows\System32\drivers\dtsoftbus01.sys [283064 2015-12-04] (Disc Soft Ltd)
S3 Hamachi; C:\Windows\system32\DRIVERS\Hamdrv.sys [44296 2015-03-30] (LogMeIn Inc.)
R2 lirsgt; C:\Windows\System32\DRIVERS\lirsgt.sys [42696 2015-04-10] ()
S3 ma-config_amd64; C:\Program Files\ma-config.com\Drivers\ma-config_amd64.sys [17568 2014-02-24] (CybelSoft)
R3 MEIx64; C:\Windows\system32\DRIVERS\TeeDriverx64.sys [129312 2015-01-06] (Intel Corporation)
R2 NPF; C:\Windows\System32\drivers\npf.sys [35344 2010-06-25] (CACE Technologies, Inc.)
S3 ssudmdm; C:\Windows\system32\DRIVERS\ssudmdm.sys [221824 2016-04-25] (Samsung Electronics Co., Ltd.)
S3 ssudserd; C:\Windows\system32\DRIVERS\ssudserd.sys [221824 2016-04-25] (Samsung Electronics Co., Ltd.)
R3 usbrndis6; C:\Windows\system32\DRIVERS\usb80236.sys [20992 2015-04-25] (Microsoft Corporation)
R3 VCSVADHWSer; C:\Windows\system32\DRIVERS\vcsvad.sys [21504 2008-12-26] (Avnex)
R3 voxaldriver; C:\Windows\system32\DRIVERS\voxaldriverx64.sys [34512 2015-06-02] ()
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44560 2015-07-07] (Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [270168 2015-07-07] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114520 2015-07-07] (Microsoft Corporation)
S3 xhunter1; \??\C:\Windows\xhunter1.sys [X]
R3 xspirit; \??\C:\Windows\xspirit.sys [X]
==================== NetSvcs (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
==================== Un mois - Créés - fichiers et dossiers ========
(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)
2017-06-06 19:45 - 2017-06-06 19:47 - 00031899 _____ C:\Users\TheMasterBlanker\Desktop\FRST.txt
2017-06-06 19:45 - 2017-06-06 19:45 - 02433536 _____ (Farbar) C:\Users\TheMasterBlanker\Desktop\FRST64.exe
2017-06-06 19:45 - 2017-06-06 19:45 - 00000000 ____D C:\FRST
2017-06-05 15:17 - 2017-06-05 15:17 - 03521617 _____ (Nicolas Coolman ) C:\Users\TheMasterBlanker\Downloads\zhpfix_2015.10.19.9 (1).exe
2017-06-05 15:16 - 2017-06-05 15:16 - 00002252 _____ C:\Users\TheMasterBlanker\Desktop\ZHPFixReport.txt
2017-06-05 15:14 - 2017-06-05 15:15 - 00000000 ____D C:\Program Files (x86)\ZHPFix
2017-06-05 15:14 - 2017-06-05 15:14 - 00001856 _____ C:\Users\Public\Desktop\ZHPFix.lnk
2017-06-05 15:14 - 2017-06-05 15:14 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ZHP
2017-06-05 15:13 - 2017-06-05 15:13 - 03521617 _____ (Nicolas Coolman ) C:\Users\TheMasterBlanker\Downloads\zhpfix_2015.10.19.9.exe
2017-06-04 20:14 - 2017-06-04 20:14 - 00204710 _____ C:\Users\TheMasterBlanker\Downloads\PointBlankTAM.torrent
2017-06-04 20:14 - 2017-06-04 20:14 - 00204710 _____ C:\Users\TheMasterBlanker\Downloads\PointBlankTAM (1).torrent
2017-06-04 19:55 - 2017-06-04 19:55 - 00748368 _____ C:\Users\TheMasterBlanker\Desktop\PointBlankTAMDownloader.rar
2017-06-04 19:51 - 2017-06-04 19:51 - 02831024 _____ (Microsoft) C:\Users\TheMasterBlanker\Downloads\PointBlankTAMDownloader (3).exe
2017-06-04 19:35 - 2017-06-04 19:35 - 00001355 _____ C:\Users\TheMasterBlanker\Desktop\AdwCleaner[C2].txt
2017-06-04 19:29 - 2017-06-04 19:29 - 04110280 _____ C:\Users\TheMasterBlanker\Downloads\adwcleaner_6.047 (1).exe
2017-06-04 19:27 - 2017-06-04 19:27 - 00011526 _____ C:\Users\TheMasterBlanker\Desktop\depense de merde.xlsx
2017-06-04 19:24 - 2017-06-04 19:29 - 00093578 _____ C:\Users\TheMasterBlanker\Desktop\ZHPCleaner.txt
2017-06-04 19:17 - 2017-06-04 19:18 - 00000000 ____D C:\Users\TheMasterBlanker\AppData\Local\ZHP
2017-06-04 19:17 - 2017-06-04 19:17 - 02771456 _____ C:\Users\TheMasterBlanker\Downloads\zhpcleaner_2017.05.14.81.exe
2017-06-04 19:17 - 2017-06-04 19:17 - 00000950 _____ C:\Users\TheMasterBlanker\Desktop\ZHPCleaner.lnk
2017-06-04 19:15 - 2017-06-04 19:15 - 02831024 _____ (Microsoft) C:\Users\TheMasterBlanker\Downloads\PointBlankTAMDownloader (2).exe
2017-06-04 19:15 - 2017-06-04 19:15 - 00001039 _____ C:\Users\TheMasterBlanker\Downloads\DownLoader.config
2017-06-04 19:14 - 2017-06-04 19:15 - 02831024 _____ (Microsoft) C:\Users\TheMasterBlanker\Downloads\PointBlankTAMDownloader (1).ppt
2017-06-04 19:14 - 2017-06-04 19:14 - 02831024 _____ (Microsoft) C:\Users\TheMasterBlanker\Desktop\PointBlankTAMDownloader.exe
2017-06-04 04:29 - 2017-06-05 15:24 - 00158114 _____ C:\Users\TheMasterBlanker\Desktop\ZHPDiag.txt
2017-06-04 04:22 - 2017-06-05 15:17 - 00000000 ____D C:\Users\TheMasterBlanker\AppData\Roaming\ZHP
2017-06-04 04:22 - 2017-06-05 15:16 - 00000872 _____ C:\Users\TheMasterBlanker\Desktop\ZHPDiag.lnk
2017-06-04 04:21 - 2017-06-04 04:21 - 02105344 _____ C:\Users\TheMasterBlanker\Downloads\ZHPDiag3.exe
2017-06-04 02:16 - 2017-06-04 02:16 - 01707144 _____ C:\Users\TheMasterBlanker\Downloads\Adaware_Installer-11.2.5952.exe
2017-06-04 02:16 - 2017-06-04 02:16 - 00000000 ____D C:\ProgramData\Lavasoft
2017-06-04 02:16 - 2017-06-04 02:16 - 00000000 ____D C:\ProgramData\adaware
2017-06-03 22:27 - 2017-06-04 19:32 - 00000000 ____D C:\AdwCleaner
2017-06-03 22:27 - 2017-06-03 22:27 - 04110280 _____ C:\Users\TheMasterBlanker\Downloads\adwcleaner_6.047.exe
2017-06-01 20:53 - 2017-06-01 20:57 - 00003638 _____ C:\Windows\System32\Tasks\topnews17netpoim
2017-05-26 20:34 - 2017-05-26 20:38 - 288366999 _____ C:\Users\TheMasterBlanker\Desktop\test.zip
2017-05-26 20:33 - 2017-05-26 20:34 - 290644381 _____ C:\Users\TheMasterBlanker\Desktop\compte rendu reunion 25.txt
2017-05-26 06:02 - 2017-05-26 06:02 - 01244714 _____ C:\Users\TheMasterBlanker\Desktop\caca song.camproj
2017-05-25 18:09 - 2017-05-25 19:35 - 984717868 _____ C:\Users\TheMasterBlanker\Desktop\compte rendu reunion 25.wav
2017-05-25 18:08 - 2017-05-25 18:08 - 00000000 _____ C:\Users\TheMasterBlanker\Desktop\CMPT rendu reu 25.txt
2017-05-23 13:57 - 2017-06-03 10:54 - 00000000 ____D C:\Users\TheMasterBlanker\Desktop\HG
2017-05-17 12:39 - 2017-05-17 12:39 - 00005268 _____ C:\Windows\SysWOW64\Default.session
2017-05-17 12:39 - 2017-05-17 12:39 - 00000228 _____ C:\Windows\SysWOW64\SysConfig.xml
2017-05-17 12:39 - 2017-05-17 12:39 - 00000000 _____ C:\Windows\SysWOW64\SysConfig.bak
2017-05-17 12:39 - 2017-05-17 12:39 - 00000000 _____ C:\Windows\SysWOW64\Default.bak
2017-05-12 21:11 - 2017-05-12 21:11 - 01178264 _____ C:\Windows\Minidump\051217-69906-01.dmp
2017-05-12 15:32 - 2017-05-12 15:32 - 00000000 ____D C:\Users\TheMasterBlanker\AppData\Roaming\Google
2017-05-11 17:58 - 2017-05-11 17:58 - 00400456 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
==================== Un mois - Modifiés - fichiers et dossiers ========
(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)
2017-06-06 19:32 - 2015-06-15 12:48 - 00000000 ____D C:\Users\TheMasterBlanker\AppData\Roaming\TS3Client
2017-06-06 18:32 - 2015-04-04 22:04 - 00003960 _____ C:\Windows\System32\Tasks\User_Feed_Synchronization-{35842BFD-D333-4D09-A866-8EED6EDA700F}
2017-06-06 15:55 - 2015-04-06 01:34 - 00000000 ____D C:\Program Files (x86)\Steam
2017-06-06 15:35 - 2013-09-30 06:22 - 01053966 _____ C:\Windows\system32\PerfStringBackup.INI
2017-06-06 15:35 - 2013-09-30 05:59 - 00164604 _____ C:\Windows\system32\perfc00C.dat
2017-06-06 15:35 - 2013-09-30 05:59 - 00030478 _____ C:\Windows\system32\perfh00C.dat
2017-06-06 15:35 - 2013-08-22 15:36 - 00000000 ____D C:\Windows\Inf
2017-06-06 13:17 - 2014-11-11 20:52 - 00000000 ____D C:\Users\TheMasterBlanker\Desktop\Base de Donées
2017-06-05 04:37 - 2015-11-27 19:00 - 00000000 ____D C:\Users\TheMasterBlanker\AppData\Local\osu!
2017-06-05 02:20 - 2015-04-04 20:54 - 00000000 ____D C:\Users\TheMasterBlanker
2017-06-05 02:20 - 2013-08-22 16:45 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2017-06-05 00:49 - 2015-04-05 22:09 - 00000000 ____D C:\Users\TheMasterBlanker\AppData\Roaming\Skype
2017-06-03 21:43 - 2015-04-04 21:00 - 00003600 _____ C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-3156663076-1905861534-2114827116-1001
2017-06-03 21:40 - 2017-04-13 18:32 - 00004172 _____ C:\Windows\System32\Tasks\Avast Emergency Update
2017-06-02 19:27 - 2017-04-13 18:36 - 00003908 _____ C:\Windows\System32\Tasks\SafeZone scheduled Autoupdate 1492101386
2017-06-02 19:27 - 2017-04-13 18:36 - 00001090 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast SafeZone Browser.lnk
2017-06-02 03:11 - 2016-04-27 13:45 - 00000290 __RSH C:\Users\TheMasterBlanker\ntuser.pol
2017-06-02 03:08 - 2015-08-09 11:00 - 00000000 ____D C:\Users\Invité
2017-06-01 23:15 - 2015-07-15 18:08 - 00955992 _____ C:\Users\TheMasterBlanker\Downloads\Intercepter-NG.v099.zip
2017-06-01 23:14 - 2015-08-12 17:22 - 00229304 _____ C:\Users\TheMasterBlanker\Downloads\UDP Unicorn.rar
2017-06-01 21:01 - 2016-04-24 23:56 - 00002284 __RSH C:\ProgramData\ntuser.pol
2017-06-01 00:36 - 2015-04-04 22:34 - 00000000 ____D C:\Users\TheMasterBlanker\AppData\Roaming\Audacity
2017-05-28 21:04 - 2015-05-07 00:26 - 00000000 ____D C:\Users\TheMasterBlanker\AppData\Local\CrashDumps
2017-05-27 15:05 - 2015-04-10 13:43 - 00000000 ____D C:\Program Files (x86)\Ubisoft
2017-05-26 20:34 - 2015-11-12 22:26 - 01295360 ___SH C:\Users\TheMasterBlanker\Desktop\Thumbs.db
2017-05-25 01:49 - 2013-08-22 15:25 - 00262144 ___SH C:\Windows\system32\config\BBI
2017-05-25 00:20 - 2016-09-22 13:10 - 00000000 ____D C:\Users\TheMasterBlanker\AppData\Roaming\discord
2017-05-12 22:22 - 2017-04-13 18:32 - 00158880 _____ (AVAST Software) C:\Windows\system32\Drivers\aswstm.sys
2017-05-12 21:24 - 2017-02-11 20:15 - 00002268 _____ C:\Users\TheMasterBlanker\Desktop\Google Chrome.lnk
2017-05-12 21:11 - 2015-06-03 00:03 - 00000000 ____D C:\Windows\Minidump
2017-05-12 21:10 - 2015-06-03 00:03 - 814013123 ____N C:\Windows\MEMORY.DMP
2017-05-12 14:50 - 2015-09-21 11:55 - 00000000 ___RD C:\Program Files (x86)\Skype
2017-05-12 14:50 - 2015-04-05 22:08 - 00000000 ____D C:\ProgramData\Skype
2017-05-12 13:54 - 2015-04-05 21:22 - 00002204 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2017-05-12 13:44 - 2015-04-14 23:12 - 00004476 _____ C:\Windows\System32\Tasks\Adobe Acrobat Update Task
2017-05-11 18:36 - 2015-11-19 09:12 - 00689664 ___SH C:\Users\TheMasterBlanker\Downloads\Thumbs.db
2017-05-11 17:58 - 2017-04-13 18:32 - 00569192 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys
2017-05-11 17:58 - 2017-04-13 18:32 - 00339696 _____ (AVAST Software) C:\Windows\system32\Drivers\aswVmm.sys
2017-05-11 17:58 - 2017-04-13 18:32 - 00128648 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2017-05-11 17:58 - 2017-04-13 18:32 - 00101152 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2017-05-11 17:58 - 2017-04-13 18:32 - 00075704 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRvrt.sys
2017-05-11 17:58 - 2017-04-13 18:32 - 00038296 _____ (AVAST Software) C:\Windows\system32\Drivers\aswHwid.sys
2017-05-11 17:57 - 2017-04-13 18:35 - 00032600 _____ (AVAST Software) C:\Windows\system32\Drivers\aswKbd.sys
2017-05-11 17:57 - 2017-04-13 18:32 - 01007160 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys
2017-05-11 17:57 - 2017-04-13 18:32 - 00334576 _____ (AVAST Software s.r.o.) C:\Windows\system32\Drivers\aswbloga.sys
2017-05-11 17:57 - 2017-04-13 18:32 - 00311808 _____ (AVAST Software s.r.o.) C:\Windows\system32\Drivers\aswbidsdrivera.sys
2017-05-11 17:57 - 2017-04-13 18:32 - 00190256 _____ (AVAST Software s.r.o.) C:\Windows\system32\Drivers\aswbidsha.sys
2017-05-11 17:57 - 2017-04-13 18:32 - 00049016 _____ (AVAST Software s.r.o.) C:\Windows\system32\Drivers\aswbuniva.sys
==================== Fichiers à la racine de certains dossiers =======
2015-06-27 01:52 - 2015-06-27 02:05 - 0000097 _____ () C:\Users\TheMasterBlanker\AppData\Roaming\LauncherSettings_live.cfg
2015-04-07 22:16 - 2015-04-07 22:16 - 0000036 _____ () C:\Users\TheMasterBlanker\AppData\Roaming\SuYZkvrV.tmp
2015-06-02 19:56 - 2015-06-02 19:56 - 0001167 _____ () C:\Users\TheMasterBlanker\AppData\Roaming\trace_FilterInstaller.txt
2015-06-02 19:56 - 2015-06-02 19:56 - 0000000 _____ () C:\Users\TheMasterBlanker\AppData\Roaming\trace_FilterInstaller.txt-CRT.txt
2015-06-02 18:53 - 2015-12-01 14:57 - 0005632 _____ () C:\Users\TheMasterBlanker\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2015-05-01 20:48 - 2015-05-01 20:48 - 0000000 ___SH () C:\Users\TheMasterBlanker\AppData\Local\LumaEmu
2015-04-06 11:01 - 2016-06-14 07:25 - 0007599 _____ () C:\Users\TheMasterBlanker\AppData\Local\Resmon.ResmonCfg
2015-09-06 23:37 - 2015-09-06 23:37 - 1426411 _____ () C:\Users\TheMasterBlanker\AppData\Local\Tempmusic.ogg
Certains fichiers dans TEMP:
====================
2017-06-06 00:38 - 2017-06-06 15:41 - 0000088 _____ () C:\Users\TheMasterBlanker\AppData\Local\Temp\39a56b5de69b55011da6fd00dcb863a1.dll
2017-06-06 00:38 - 2017-06-06 15:51 - 0000000 _____ () C:\Users\TheMasterBlanker\AppData\Local\Temp\acfddec697c1a5344602e4990b4138a3.dll
==================== Bamital & volsnap ======================
(Il n'y a pas de correction automatique pour les fichiers qui ne satisfont pas à la vérification.)
C:\Windows\system32\winlogon.exe => Le fichier est signé numériquement
C:\Windows\system32\wininit.exe => Le fichier est signé numériquement
C:\Windows\explorer.exe => Le fichier est signé numériquement
C:\Windows\SysWOW64\explorer.exe => Le fichier est signé numériquement
C:\Windows\system32\svchost.exe => Le fichier est signé numériquement
C:\Windows\SysWOW64\svchost.exe => Le fichier est signé numériquement
C:\Windows\system32\services.exe => Le fichier est signé numériquement
C:\Windows\system32\User32.dll => Le fichier est signé numériquement
C:\Windows\SysWOW64\User32.dll => Le fichier est signé numériquement
C:\Windows\system32\userinit.exe => Le fichier est signé numériquement
C:\Windows\SysWOW64\userinit.exe => Le fichier est signé numériquement
C:\Windows\system32\rpcss.dll => Le fichier est signé numériquement
C:\Windows\system32\dnsapi.dll => Le fichier est signé numériquement
C:\Windows\SysWOW64\dnsapi.dll => Le fichier est signé numériquement
C:\Windows\system32\Drivers\volsnap.sys => Le fichier est signé numériquement
LastRegBack: 2017-05-22 14:19
==================== Fin de FRST.txt ============================