Résultats d'analyse de Farbar Recovery Scan Tool (FRST) (x64) Version:10-01-2015 01 Exécuté par Augustin (administrateur) sur PCDEAUGUSTIN (13-01-2016 13:52:13) Exécuté depuis C:\Users\Augustin\Desktop Profils chargés: Augustin (Profils disponibles: Augustin) Platform: Windows 8.1 (X64) Langue: Français (France) Internet Explorer Version 11 (Navigateur par défaut: FF) Mode d'amorçage: Normal Tutoriel pour Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processus (Avec liste blanche) ================= (Si un élément est inclus dans le fichier fixlist.txt, le processus sera arrêté. Le fichier ne sera pas déplacé.) (Bitdefender) C:\Program Files\Bitdefender\Antivirus Essential\gzserv.exe (AMD) C:\windows\System32\atiesrxx.exe (Microsoft Corporation) C:\windows\System32\wlanext.exe (Advanced Micro Devices, Inc.) C:\Program Files\AMD\ATI.ACE\Fuel\Fuel.Service.exe (Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe (Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe (Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe (Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe (Hi-Rez Studios) C:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe (LogMeIn, Inc.) C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe (Malwarebytes) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe (Popcorn Time) C:\Program Files (x86)\Popcorn Time\Updater.exe () C:\Program Files (x86)\Edimax\Edimax AC600 Wireless LAN Driver\WPSService20.exe (LogMeIn Inc.) C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe (CyberGhost S.R.L) C:\Program Files\CyberGhost 5\Service.exe (Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe (Microsoft Corporation) C:\windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe (AMD) C:\windows\System32\atieclxx.exe (Bitdefender) C:\Program Files\Bitdefender\Antivirus Essential\gziface.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe (Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe (Logitech Inc.) C:\Program Files\Logitech Gaming Software\LCore.exe (Valve Corporation) C:\Program Files (x86)\Steam\Steam.exe (© 2015 Microsoft Corporation) C:\Users\Augustin\AppData\Local\Microsoft\BingSvc\BingSvc.exe (Nota Inc.) C:\Program Files (x86)\Gyazo\GyStation.exe (Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe (Visicom Media Inc.) C:\Program Files (x86)\ManyCam\ManyCam.exe (Advanced Micro Devices Inc.) C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\MOM.exe (Microsoft Corporation) C:\ProgramData\Microsoft\Windows\WER\wermgr.exe (Advanced Micro Devices Inc.) C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\CCC.exe (Microsoft Corporation) C:\windows\System32\GWX\GWX.exe (Valve Corporation) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe (Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe (Malwarebytes) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe (Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe (Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\AAM Updates Notifier.exe (TeamSpeak Systems GmbH) C:\Program Files (x86)\TeamSpeak 3 Client\ts3client_win32.exe (Valve Corporation) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe (Valve Corporation) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe (Scarlet.Crush Productions) C:\Users\Augustin\Desktop\Manette\ScpServer\bin\ScpServer.exe (Overwolf LTD) C:\Program Files (x86)\Overwolf\Overwolf.exe (Overwolf LTD) C:\Program Files (x86)\Overwolf\0.91.145.0\OverwolfTSHelper.exe (Overwolf LTD) C:\Program Files (x86)\Overwolf\0.91.145.0\OverwolfBrowser.exe (Overwolf LTD) C:\Program Files (x86)\Overwolf\0.91.145.0\OverwolfBrowser.exe (Overwolf LTD) C:\Program Files (x86)\Common Files\Overwolf\0.91.145.0\OverwolfHelper.exe (Overwolf LTD) C:\Program Files (x86)\Common Files\Overwolf\0.91.145.0\OverwolfHelper64.exe (Overwolf LTD) C:\Program Files (x86)\Overwolf\0.91.145.0\Purplizer\Purplizer.exe (Adobe Systems, Inc.) C:\windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_20_0_0_267.exe (Adobe Systems, Inc.) C:\windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_20_0_0_267.exe ==================== Registre (Avec liste blanche) =========================== (Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé. Le fichier ne sera pas déplacé.) HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [7575768 2014-05-14] (Realtek Semiconductor) HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [558496 2014-02-27] (Adobe Systems Incorporated) HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [169768 2015-04-06] (Apple Inc.) HKLM\...\Run: [Launch LCore] => C:\Program Files\Logitech Gaming Software\LCore.exe [13318424 2015-03-12] (Logitech Inc.) HKLM-x32\...\Run: [SwitchBoard] => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) HKLM-x32\...\Run: [AdobeCS6ServiceManager] => C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe [1073312 2012-03-09] (Adobe Systems Incorporated) HKLM-x32\...\Run: [Adobe Reader Speed Launcher] => C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe [34672 2008-06-12] (Adobe Systems Incorporated) HKLM-x32\...\Run: [AdobeCEPServiceManager] => C:\Program Files (x86)\Common Files\Adobe\CEPServiceManager4\CEPServiceManager.exe [1039248 2013-03-13] (Adobe Systems Incorporated) HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\amd64\CLIStart.exe [767176 2015-08-04] (Advanced Micro Devices, Inc.) HKLM-x32\...\Run: [LogMeIn Hamachi Ui] => C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe [5565448 2015-11-12] (LogMeIn Inc.) HKLM-x32\...\Run: [wermgr] => C:\ProgramData\Microsoft\Windows\WER\wermgr.exe [6786560 2015-01-09] (Microsoft Corporation) HKU\S-1-5-21-1583502381-828870983-559118416-1002\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [3013712 2015-12-14] (Valve Corporation) HKU\S-1-5-21-1583502381-828870983-559118416-1002\...\Run: [AdobeBridge] => [X] HKU\S-1-5-21-1583502381-828870983-559118416-1002\...\Run: [Overwolf] => C:\Program Files (x86)\Overwolf\Overwolf.exe [45296 2015-12-15] (Overwolf LTD) HKU\S-1-5-21-1583502381-828870983-559118416-1002\...\Run: [DAEMON Tools Lite] => C:\Program Files\DAEMON Tools Lite\DTLite.exe [5583120 2015-02-26] (Disc Soft Ltd) HKU\S-1-5-21-1583502381-828870983-559118416-1002\...\Run: [BingSvc] => C:\Users\Augustin\AppData\Local\Microsoft\BingSvc\BingSvc.exe [144008 2015-11-12] (© 2015 Microsoft Corporation) HKU\S-1-5-21-1583502381-828870983-559118416-1002\...\Run: [Gyazo] => C:\Program Files (x86)\Gyazo\GyStation.exe [3098424 2015-08-19] (Nota Inc.) HKU\S-1-5-21-1583502381-828870983-559118416-1002\...\Run: [CyberGhost] => C:\Program Files\CyberGhost 5\CyberGhost.exe [430048 2015-08-10] (CyberGhost S.R.L.) HKU\S-1-5-21-1583502381-828870983-559118416-1002\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [50385536 2015-12-17] (Skype Technologies S.A.) HKU\S-1-5-21-1583502381-828870983-559118416-1002\...\Run: [ManyCam] => C:\Program Files (x86)\ManyCam\ManyCam.exe [9726760 2014-12-23] (Visicom Media Inc.) HKU\S-1-5-21-1583502381-828870983-559118416-1002\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [8590760 2015-12-08] (Piriform Ltd) HKU\S-1-5-21-1583502381-828870983-559118416-1002\...\MountPoints2: {508354c1-c9b9-11e4-827c-448a5bd4289a} - "D:\INSTALL.EXE" HKU\S-1-5-21-1583502381-828870983-559118416-1002\...\Winlogon: [Shell] C:\windows\Explorer.exe [2501368 2015-01-28] (Microsoft Corporation) <==== ATTENTION ShellIconOverlayIdentifiers: [ SkyDrive1] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => Pas de fichier ShellIconOverlayIdentifiers: [ SkyDrive2] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => Pas de fichier ShellIconOverlayIdentifiers: [ SkyDrive3] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => Pas de fichier ShellIconOverlayIdentifiers-x32: [ SkyDrive1] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => Pas de fichier ShellIconOverlayIdentifiers-x32: [ SkyDrive2] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => Pas de fichier ShellIconOverlayIdentifiers-x32: [ SkyDrive3] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => Pas de fichier GroupPolicy: Restriction - Chrome <======= ATTENTION ==================== Internet (Avec liste blanche) ==================== (Si un élément est inclus dans le fichier fixlist.txt, s'il s'agit d'un élément du Registre, il sera supprimé ou restauré à la valeur par défaut.) Hosts: 127.0.0.1 gsin256345.elasticbeanstalk.com Tcpip\..\Interfaces\{029CA7EF-836E-44A3-A1F5-27634265C95B}: [DhcpNameServer] 192.168.1.1 192.168.1.1 Tcpip\..\Interfaces\{CAC7DBBA-05DC-42A3-8D55-727B1B4D6558}: [DhcpNameServer] 192.168.1.1 192.168.1.1 Internet Explorer: ================== HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.fr/ HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.fr/ HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.fr/?q={searchTerms} HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.fr/?q={searchTerms} HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.fr/ HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.fr/ HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.fr/ HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.fr/ HKU\S-1-5-21-1583502381-828870983-559118416-1002\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.fr/ SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\ssv.dll [2015-04-20] (Oracle Corporation) BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\jp2ssv.dll [2015-04-20] (Oracle Corporation) Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2015-10-12] (Microsoft Corporation) Handler-x32: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2015-10-12] (Microsoft Corporation) StartMenuInternet: IEXPLORE.EXE - iexplore.exe FireFox: ======== FF ProfilePath: C:\Users\Augustin\AppData\Roaming\Mozilla\Firefox\Profiles\nh0li3z3.default FF Plugin: @adobe.com/FlashPlayer -> C:\windows\system32\Macromed\Flash\NPSWF64_20_0_0_267.dll [2015-12-29] () FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll [2014-04-28] (Adobe Systems) FF Plugin-x32: @adobe.com/FlashPlayer -> C:\windows\SysWOW64\Macromed\Flash\NPSWF32_20_0_0_267.dll [2015-12-29] () FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\windows\SysWOW64\Adobe\Director\np32dsw_1219160.dll [2015-07-23] (Adobe Systems, Inc.) FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2014-10-30] () FF Plugin-x32: @java.com/DTPlugin,version=11.45.2 -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\dtplugin\npDeployJava1.dll [2015-04-20] (Oracle Corporation) FF Plugin-x32: @java.com/JavaPlugin,version=11.45.2 -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\plugin2\npjp2.dll [2015-04-20] (Oracle Corporation) FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation) FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.29.1\npGoogleUpdate3.dll [2016-01-12] (Google Inc.) FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.29.1\npGoogleUpdate3.dll [2016-01-12] (Google Inc.) FF Plugin-x32: @videolan.org/vlc,version=2.2.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN) FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll [2014-04-28] (Adobe Systems) FF Extension: Adblock Plus - C:\Users\Augustin\AppData\Roaming\Mozilla\Firefox\Profiles\nh0li3z3.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2016-01-12] Chrome: ======= CHR Profile: C:\Users\Augustin\AppData\Local\Google\Chrome\User Data\Default ==================== Services (Avec liste blanche) ======================== (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.) R2 AMD FUEL Service; C:\Program Files\AMD\ATI.ACE\Fuel\Fuel.Service.exe [344064 2015-08-03] (Advanced Micro Devices, Inc.) [Fichier non signé] R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [77128 2015-01-19] (Apple Inc.) R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1433216 2015-10-12] (Microsoft Corporation) R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1773696 2015-10-12] (Microsoft Corporation) R2 CGVPNCliService; C:\Program Files\CyberGhost 5\Service.exe [63968 2015-08-10] (CyberGhost S.R.L) S3 Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusService.exe [1272592 2015-02-26] (Disc Soft Ltd) S3 EasyAntiCheat; C:\windows\SysWOW64\EasyAntiCheat.exe [174624 2015-02-04] (EasyAntiCheat Ltd) R2 gzserv; C:\Program Files\Bitdefender\Antivirus Essential\gzserv.exe [69368 2015-02-04] (Bitdefender) R2 HiPatchService; C:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe [8704 2015-09-02] (Hi-Rez Studios) [Fichier non signé] S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-04] (Macrovision Corporation) [Fichier non signé] R2 LMIGuardianSvc; C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe [417552 2015-11-12] (LogMeIn, Inc.) R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1513784 2015-10-05] (Malwarebytes) S2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1135416 2015-10-05] (Malwarebytes) S3 OverwolfUpdater; C:\Program Files (x86)\Overwolf\OverwolfUpdater.exe [1008880 2015-12-15] (Overwolf LTD) S3 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [Fichier non signé] R2 Update service; C:\Program Files (x86)\Popcorn Time\Updater.exe [339968 2015-07-17] (Popcorn Time) [Fichier non signé] S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [366552 2015-07-07] (Microsoft Corporation) S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2015-07-07] (Microsoft Corporation) R2 WPSService20; C:\Program Files (x86)\Edimax\Edimax AC600 Wireless LAN Driver\WPSService20.exe [96768 2013-05-15] () [Fichier non signé] ===================== Pilotes (Avec liste blanche) ========================== (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.) S0 amdkmafd; C:\Windows\System32\drivers\amdkmafd.sys [21160 2012-09-23] (Advanced Micro Devices, Inc.) R2 AODDriver4.3; C:\Program Files\AMD\ATI.ACE\Fuel\amd64\AODDriver2.sys [59616 2014-02-11] (Advanced Micro Devices) R3 AtiHDAudioService; C:\Windows\system32\drivers\AtihdWB6.sys [102912 2015-07-15] (Advanced Micro Devices) R0 avc3; C:\Windows\System32\DRIVERS\avc3.sys [718840 2013-04-17] (BitDefender) U5 avchv; C:\Windows\System32\Drivers\avchv.sys [261056 2016-01-09] (BitDefender) R3 avckf; C:\Windows\System32\DRIVERS\avckf.sys [593144 2013-04-17] (BitDefender) S1 bdfwfpf; C:\Program Files\Bitdefender\Antivirus Essential\bdfwfpf.sys [121928 2016-01-09] (Bitdefender SRL) R3 dtlitescsibus; C:\Windows\System32\drivers\dtlitescsibus.sys [30352 2015-03-21] (Disc Soft Ltd) S0 ebdrv; C:\Windows\System32\drivers\evbda.sys [3357024 2013-08-22] (Broadcom Corporation) R3 gzflt; C:\Windows\System32\DRIVERS\gzflt.sys [148696 2013-04-22] (BitDefender LLC) R3 Hamachi; C:\Windows\system32\DRIVERS\Hamdrv.sys [45680 2015-11-12] (LogMeIn Inc.) R3 ManyCam; C:\Windows\system32\DRIVERS\mcvidrv.sys [49312 2014-11-10] (Visicom Media Inc.) R3 MBAMProtector; C:\windows\system32\drivers\mbam.sys [25816 2015-10-05] (Malwarebytes) R3 MBAMSwissArmy; C:\windows\system32\drivers\MBAMSwissArmy.sys [192216 2016-01-13] (Malwarebytes) S3 MBAMWebAccessControl; C:\windows\system32\drivers\mwac.sys [64216 2015-10-05] (Malwarebytes Corporation) R3 mcaudrv_simple; C:\Windows\system32\drivers\mcaudrv_x64.sys [36000 2014-11-10] (Visicom Media Inc.) S3 RimUsb; C:\Windows\System32\Drivers\RimUsb_AMD64.sys [27520 2007-05-14] (Research In Motion Limited) R3 RtlWlanu; C:\Windows\system32\DRIVERS\rtwlanu.sys [2961112 2013-12-20] (Realtek Semiconductor Corporation ) S3 rusb3hub; C:\Windows\System32\drivers\rusb3hub.sys [101376 2011-11-21] (Renesas Electronics Corporation) S3 rusb3xhc; C:\Windows\system32\DRIVERS\rusb3xhc.sys [217088 2011-11-21] (Renesas Electronics Corporation) R3 ScpVBus; C:\Windows\System32\drivers\ScpVBus.sys [39168 2013-05-19] (Scarlet.Crush Productions) R0 trufos; C:\Windows\System32\DRIVERS\trufos.sys [382536 2013-05-28] (BitDefender S.R.L.) R3 VBAudioVACMME; C:\Windows\system32\DRIVERS\vbaudio_cable64_win7.sys [41192 2013-07-11] (Windows (R) Win 7 DDK provider) S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44560 2015-07-07] (Microsoft Corporation) S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [270168 2015-07-07] (Microsoft Corporation) S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114520 2015-07-07] (Microsoft Corporation) S3 cpuz136; \??\C:\Users\Augustin\AppData\Local\Temp\cpuz136\cpuz136_x64.sys [X] S0 qqruvmkf; System32\drivers\iyslccj.sys [X] ==================== NetSvcs (Avec liste blanche) =================== (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.) ==================== Un mois - Créés - fichiers et dossiers ======== (Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.) 2016-01-13 13:52 - 2016-01-13 13:52 - 00019454 _____ C:\Users\Augustin\Desktop\FRST.txt 2016-01-13 13:52 - 2016-01-13 13:52 - 00000000 ____D C:\FRST 2016-01-13 13:51 - 2016-01-13 13:51 - 02370560 _____ (Farbar) C:\Users\Augustin\Desktop\FRST64.exe 2016-01-12 23:30 - 2013-05-19 08:02 - 00039168 _____ (Scarlet.Crush Productions) C:\windows\system32\Drivers\ScpVBus.sys 2016-01-12 23:30 - 2013-01-07 15:56 - 01721576 _____ (Microsoft Corporation) C:\windows\system32\WdfCoInstaller01009.dll 2016-01-12 23:30 - 2013-01-07 15:56 - 01002728 _____ (Microsoft Corporation) C:\windows\system32\WinUSBCoInstaller2.dll 2016-01-12 23:29 - 2016-01-12 23:30 - 00000000 ____D C:\Users\Augustin\Desktop\Manette 2016-01-12 23:23 - 2016-01-12 23:23 - 00000000 ____D C:\Program Files (x86)\AGEIA Technologies 2016-01-12 19:40 - 2016-01-12 19:40 - 00000222 _____ C:\Users\Augustin\Desktop\Rocket League.url 2016-01-12 19:31 - 2016-01-12 19:31 - 00001456 _____ C:\Users\Augustin\AppData\Local\Adobe Enregistrer pour le Web 13.0 Prefs 2016-01-12 18:42 - 2016-01-13 12:53 - 00001102 _____ C:\windows\Tasks\GoogleUpdateTaskMachineUA.job 2016-01-12 18:42 - 2016-01-13 12:29 - 00001098 _____ C:\windows\Tasks\GoogleUpdateTaskMachineCore.job 2016-01-12 18:42 - 2016-01-12 18:48 - 00004074 _____ C:\windows\System32\Tasks\GoogleUpdateTaskMachineUA 2016-01-12 18:42 - 2016-01-12 18:48 - 00003838 _____ C:\windows\System32\Tasks\GoogleUpdateTaskMachineCore 2016-01-12 18:42 - 2016-01-12 18:42 - 00002208 _____ C:\Users\Public\Desktop\Google Chrome.lnk 2016-01-12 18:42 - 2016-01-12 18:42 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome 2016-01-12 18:39 - 2016-01-12 18:45 - 00000000 ____D C:\Users\Augustin\AppData\Local\Mozilla 2016-01-12 18:39 - 2016-01-12 18:39 - 00001178 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk 2016-01-12 18:39 - 2016-01-12 18:39 - 00001166 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk 2016-01-12 18:39 - 2016-01-12 18:39 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox 2016-01-12 18:35 - 2016-01-12 18:36 - 01622528 _____ C:\Users\Augustin\Desktop\ResetBrowser.exe 2016-01-11 23:56 - 2016-01-11 23:56 - 02067968 _____ C:\Users\Augustin\ZHPDiag3.exe 2016-01-11 23:25 - 2016-01-11 23:25 - 00002804 _____ C:\windows\System32\Tasks\CCleanerSkipUAC 2016-01-11 23:25 - 2016-01-11 23:25 - 00000841 _____ C:\Users\Public\Desktop\CCleaner.lnk 2016-01-11 23:25 - 2016-01-11 23:25 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner 2016-01-11 23:25 - 2016-01-11 23:25 - 00000000 ____D C:\Program Files\CCleaner 2016-01-11 18:01 - 2016-01-11 18:31 - 00002842 _____ C:\windows\system32\lic2.xml20678 2016-01-10 22:35 - 2016-01-10 22:35 - 01993728 _____ C:\Users\Augustin\ZHPCleaner.exe 2016-01-10 18:59 - 2016-01-10 18:59 - 00000000 ____D C:\Program Files\VB 2016-01-10 18:59 - 2013-07-11 07:57 - 00041192 _____ (Windows (R) Win 7 DDK provider) C:\windows\system32\Drivers\vbaudio_cable64_win7.sys 2016-01-10 18:52 - 2016-01-10 18:52 - 00005262 _____ C:\Users\Augustin\Desktop\ZHPCleaner.txt 2016-01-10 18:34 - 2016-01-10 22:35 - 00000848 _____ C:\Users\Augustin\Desktop\ZHPCleaner.lnk 2016-01-10 18:34 - 2016-01-10 18:34 - 01992192 _____ C:\Users\Augustin\Desktop\ZHPCleaner.exe 2016-01-10 18:19 - 2016-01-11 23:56 - 00000838 _____ C:\Users\Augustin\Desktop\ZHPDiag.lnk 2016-01-10 12:28 - 2016-01-12 00:01 - 00120054 _____ C:\Users\Augustin\Desktop\ZHPDiag.txt 2016-01-10 12:21 - 2016-01-11 23:57 - 00000000 ____D C:\Users\Augustin\AppData\Roaming\ZHP 2016-01-10 12:19 - 2016-01-10 12:19 - 02065920 _____ C:\Users\Augustin\Desktop\ZHPDiag3.exe 2016-01-09 16:45 - 2016-01-11 18:48 - 00000000 ____D C:\Users\Augustin\AppData\Local\ManyCam 2016-01-09 16:44 - 2016-01-09 16:44 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ManyCam 2016-01-09 16:44 - 2016-01-09 16:44 - 00000000 ____D C:\Program Files (x86)\ManyCam 2016-01-09 00:12 - 2016-01-09 00:12 - 00261056 _____ (BitDefender) C:\windows\system32\Drivers\avchv.sys 2016-01-06 22:12 - 2016-01-06 22:12 - 00000000 ____D C:\Users\Augustin\Desktop\SiteMistral 2016-01-02 03:14 - 2016-01-02 05:07 - 3190519808 ____R C:\Users\Augustin\Downloads\A03III_3xp4ns10ns.iso 2015-12-31 13:11 - 2015-12-31 13:15 - 00002842 _____ C:\windows\system32\lic2.xml9743 2015-12-26 22:07 - 2015-12-26 22:07 - 00000000 ____D C:\Users\Augustin\Documents\Klei 2015-12-21 23:46 - 2015-12-21 23:50 - 00000000 ____D C:\Users\Augustin\Downloads\Eagles_Of_Death_Metal-Heart_On-2008-MTD 2015-12-21 23:37 - 2015-12-21 23:39 - 00000000 ____D C:\Users\Augustin\Downloads\Eagles of Death Metal - Peace Love Death Metal 2015-12-21 23:31 - 2015-12-21 23:32 - 00000000 ____D C:\Users\Augustin\Downloads\Queens of the stone age - Songs for the deaf 2015-12-21 23:28 - 2015-12-21 23:29 - 00000000 ____D C:\Users\Augustin\Downloads\Queens of the Stone Age - ...Like Clockwork (2013) [MP3 320] 2015-12-21 11:57 - 2015-12-21 11:57 - 00002741 ____T C:\windows\system32\lic2tmp.xml25712 2015-12-19 02:20 - 2015-12-19 02:34 - 00002741 ____T C:\windows\system32\lic2tmp.xml3684 2015-12-18 20:49 - 2016-01-09 16:45 - 00000000 ____D C:\ProgramData\ManyCam 2015-12-18 20:49 - 2015-12-18 20:49 - 00000000 ____D C:\Users\Augustin\AppData\Roaming\ManyCam 2015-12-18 20:46 - 2015-12-18 20:46 - 00000000 ____D C:\Users\Augustin\Downloads\ManyCam 4.1.0.12 Setup+Crack 2015-12-15 22:34 - 2016-01-10 22:44 - 00000000 ____D C:\Users\Augustin\Desktop\Icons 2015-12-15 07:24 - 2015-12-18 20:46 - 00000000 ____D C:\Users\Augustin\Downloads\Rosenrot ==================== Un mois - Modifiés - fichiers et dossiers ======== (Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.) 2016-01-13 13:52 - 2013-08-22 14:36 - 00000000 ____D C:\windows 2016-01-13 13:50 - 2015-02-04 11:46 - 00000000 ____D C:\Users\Augustin\AppData\Roaming\Skype 2016-01-13 13:44 - 2015-02-04 11:55 - 00001002 _____ C:\windows\Tasks\Adobe Flash Player Updater.job 2016-01-13 13:36 - 2015-02-21 17:33 - 00000000 ____D C:\Users\Augustin\AppData\Local\Purplizer 2016-01-13 13:36 - 2015-02-11 13:08 - 00000000 ____D C:\Users\Augustin\AppData\Local\Overwolf 2016-01-13 13:35 - 2015-10-08 00:08 - 00192216 _____ (Malwarebytes) C:\windows\system32\Drivers\MBAMSwissArmy.sys 2016-01-13 13:30 - 2015-02-11 13:08 - 00000000 ____D C:\Users\Augustin\AppData\Roaming\TS3Client 2016-01-13 12:54 - 2015-02-04 11:23 - 00000000 ____D C:\Program Files (x86)\Steam 2016-01-13 12:32 - 2015-02-04 11:49 - 00000000 ____D C:\Users\Augustin\AppData\Local\Adobe 2016-01-13 12:32 - 2015-02-04 11:13 - 00003820 _____ C:\windows\System32\Tasks\User_Feed_Synchronization-{21FE7D94-3554-49C9-A3AD-9BD73EF2A4CD} 2016-01-13 12:30 - 2015-10-15 22:02 - 00000000 ____D C:\Users\Augustin\Desktop\Applications 2016-01-13 12:28 - 2013-08-22 14:36 - 00000000 ____D C:\windows\Inf 2016-01-12 23:23 - 2015-02-16 11:44 - 00000000 ____D C:\Users\Augustin\Documents\My Games 2016-01-12 19:42 - 2015-09-03 18:43 - 00000000 ____D C:\Users\Augustin\AppData\Local\Popcorn-Time 2016-01-12 19:40 - 2015-02-04 11:32 - 00000000 ____D C:\Users\Augustin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam 2016-01-12 19:31 - 2015-02-04 10:47 - 00000000 ____D C:\Users\Augustin\AppData\Roaming\Adobe 2016-01-12 18:43 - 2015-02-04 10:52 - 00003594 _____ C:\windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-1583502381-828870983-559118416-1002 2016-01-12 18:42 - 2015-03-08 23:08 - 00000000 ____D C:\Program Files (x86)\Google 2016-01-12 18:39 - 2015-02-04 11:17 - 00000000 ____D C:\Users\Augustin\AppData\Roaming\Mozilla 2016-01-12 18:39 - 2015-02-04 11:16 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service 2016-01-12 09:36 - 2015-02-04 11:46 - 00000000 ____D C:\ProgramData\Skype 2016-01-11 23:56 - 2015-02-04 10:46 - 00000000 ____D C:\Users\Augustin 2016-01-11 23:55 - 2015-06-27 13:56 - 00000000 ____D C:\Users\Augustin\Desktop\Design 2016-01-11 23:31 - 2015-05-14 18:48 - 00000000 ____D C:\Users\Augustin\AppData\Local\LogMeIn Hamachi 2016-01-11 23:31 - 2015-03-21 20:33 - 00000000 ____D C:\Users\Augustin\AppData\Roaming\DAEMON Tools Lite 2016-01-11 23:31 - 2015-02-05 23:06 - 00000000 ____D C:\Users\Augustin\AppData\Roaming\uTorrent 2016-01-11 23:28 - 2015-04-22 13:54 - 00000000 ___DC C:\Users\Augustin\AppData\Local\MigWiz 2016-01-11 23:28 - 2015-04-14 10:01 - 00000000 ____D C:\windows\Minidump 2016-01-11 23:28 - 2015-01-21 12:54 - 00000000 ____D C:\windows\Panther 2016-01-10 22:44 - 2015-04-18 14:39 - 00000132 _____ C:\Users\Augustin\AppData\Roaming\Préférences Adobe PNG Format CC 2016-01-10 21:50 - 2014-11-20 23:46 - 01824010 _____ C:\windows\system32\PerfStringBackup.INI 2016-01-10 21:50 - 2014-11-20 23:03 - 00811108 _____ C:\windows\system32\perfh00C.dat 2016-01-10 21:50 - 2014-11-20 23:03 - 00159206 _____ C:\windows\system32\perfc00C.dat 2016-01-10 21:44 - 2013-08-22 15:45 - 00000006 ____H C:\windows\Tasks\SA.DAT 2016-01-10 21:43 - 2013-08-22 14:25 - 00262144 ___SH C:\windows\system32\config\BBI 2016-01-10 20:07 - 2015-03-08 23:08 - 00000000 ____D C:\Users\Augustin\AppData\Local\Google 2016-01-10 15:33 - 2015-12-08 14:09 - 00000080 _____ C:\Users\Augustin\AppData\Local剜捯獫慴⁲慇敭屳呇⁁屖湥楴汴浥湥⹴湩潦 2016-01-09 23:53 - 2013-08-22 16:20 - 00000000 ____D C:\windows\CbsTemp 2016-01-09 19:53 - 2015-02-04 11:13 - 00000000 __SHD C:\Users\Augustin\AppData\Local\EmieUserList 2016-01-09 19:53 - 2015-02-04 11:13 - 00000000 __SHD C:\Users\Augustin\AppData\Local\EmieSiteList 2016-01-09 19:53 - 2015-02-04 11:13 - 00000000 __SHD C:\Users\Augustin\AppData\Local\EmieBrowserModeList 2016-01-07 18:26 - 2015-06-24 21:40 - 00000000 ___RD C:\Users\Augustin\Desktop\  2016-01-04 20:07 - 2015-10-15 21:57 - 00000000 ____D C:\Users\Augustin\Desktop\Conneries 2016-01-02 00:40 - 2015-10-24 00:01 - 00000000 ____D C:\Users\Augustin\AppData\LocalLow\uTorrent 2016-01-01 15:09 - 2015-10-15 21:59 - 00000000 ____D C:\Users\Augustin\Desktop\jeux 2015-12-30 18:55 - 2015-01-22 13:57 - 00000000 ____D C:\ProgramData\Package Cache 2015-12-29 13:59 - 2013-08-22 15:44 - 05061736 _____ C:\windows\system32\FNTCACHE.DAT 2015-12-29 13:58 - 2015-04-07 17:53 - 00000000 ____D C:\AdwCleaner 2015-12-29 02:44 - 2015-02-04 11:55 - 00003754 _____ C:\windows\System32\Tasks\Adobe Flash Player Updater 2015-12-26 14:19 - 2015-02-27 18:18 - 00000000 ____D C:\Users\Augustin\AppData\Local\Game Dev Tycoon - Steam 2015-12-26 09:48 - 2014-11-21 07:02 - 00826872 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerApp.exe 2015-12-26 09:48 - 2014-11-21 07:02 - 00176632 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerCPLApp.cpl 2015-12-25 02:22 - 2015-06-10 13:31 - 00000000 ____D C:\Users\Augustin\AppData\Roaming\Sidebar 2015-12-24 22:09 - 2015-04-18 23:06 - 00000000 ____D C:\Users\Augustin\Downloads\PopcornTime 2015-12-23 23:50 - 2015-12-05 21:51 - 00000000 ____D C:\Users\Augustin\BrawlhallaReplays 2015-12-22 23:09 - 2015-02-11 13:11 - 00000000 ____D C:\Program Files (x86)\Overwolf 2015-12-22 21:30 - 2015-09-03 18:33 - 00000000 ____D C:\Users\Augustin\AppData\Roaming\vlc 2015-12-22 18:51 - 2015-09-04 17:20 - 00000000 ____D C:\Users\Augustin\AppData\Roaming\Battle.net 2015-12-22 18:51 - 2015-09-04 17:20 - 00000000 ____D C:\Users\Augustin\AppData\Local\Battle.net 2015-12-22 18:49 - 2015-09-04 17:19 - 00000000 ____D C:\Program Files (x86)\Battle.net 2015-12-18 08:48 - 2015-04-04 14:16 - 00000000 ___SD C:\windows\SysWOW64\GWX 2015-12-18 08:48 - 2015-04-04 14:16 - 00000000 ___SD C:\windows\system32\GWX 2015-12-15 18:54 - 2015-12-08 14:09 - 00000000 ____D C:\Program Files\Rockstar Games 2015-12-15 18:54 - 2015-12-08 14:09 - 00000000 ____D C:\Program Files (x86)\Rockstar Games 2015-12-14 07:12 - 2015-05-13 06:20 - 00000000 ___RD C:\Users\Augustin\OneDrive 2015-12-14 07:12 - 2015-02-04 22:55 - 00003110 _____ C:\windows\System32\Tasks\Microsoft OneDrive Auto Update Task-S-1-5-21-1583502381-828870983-559118416-1002 ==================== Fichiers à la racine de certains dossiers ======= 2015-04-18 14:47 - 2015-04-18 14:47 - 0000112 _____ () C:\Users\Augustin\AppData\Roaming\Préfs JP2K CS6 2015-04-18 14:39 - 2016-01-10 22:44 - 0000132 _____ () C:\Users\Augustin\AppData\Roaming\Préférences Adobe PNG Format CC 2015-10-02 12:06 - 2015-10-04 16:00 - 0005875 _____ () C:\Users\Augustin\AppData\Roaming\SpeedRunnersLog.txt 2015-10-24 22:41 - 2015-10-24 22:41 - 0000036 _____ () C:\Users\Augustin\AppData\Roaming\SuYZkvrV.tmp 2015-10-02 12:07 - 2015-10-02 12:07 - 0002982 _____ () C:\Users\Augustin\AppData\Roaming\TargetInvocationLog.txt 2016-01-12 19:31 - 2016-01-12 19:31 - 0001456 _____ () C:\Users\Augustin\AppData\Local\Adobe Enregistrer pour le Web 13.0 Prefs 2015-02-09 17:51 - 2015-02-09 17:51 - 0000000 ___SH () C:\Users\Augustin\AppData\Local\LumaEmu 2015-06-05 20:38 - 2015-06-05 20:38 - 0000017 _____ () C:\Users\Augustin\AppData\Local\resmon.resmoncfg 2015-02-04 11:03 - 2015-02-04 11:03 - 1577699 _____ () C:\ProgramData\1423044073.bdinstall.bin 2015-06-21 23:27 - 2015-06-21 23:27 - 0000006 __RSH () C:\ProgramData\7433cdb324b04dd5e3c3db213381216c7c539baa 2015-01-22 14:01 - 2015-01-22 14:01 - 0000000 ____H () C:\ProgramData\DP45977C.lfl Fichiers à déplacer ou supprimer: ==================== C:\Users\Augustin\ZHPCleaner.exe C:\Users\Augustin\ZHPDiag3.exe Certains fichiers dans TEMP: ==================== C:\Users\Augustin\AppData\Local\Temp\SkypeSetup.exe ==================== Bamital & volsnap ================= (Il n'y a pas de correction automatique pour les fichiers qui ne satisfont pas à la vérification.) C:\windows\system32\winlogon.exe => Le fichier est signé numériquement C:\windows\system32\wininit.exe => Le fichier est signé numériquement C:\windows\explorer.exe => Le fichier est signé numériquement C:\windows\SysWOW64\explorer.exe => Le fichier est signé numériquement C:\windows\system32\svchost.exe => Le fichier est signé numériquement C:\windows\SysWOW64\svchost.exe => Le fichier est signé numériquement C:\windows\system32\services.exe => Le fichier est signé numériquement C:\windows\system32\User32.dll => Le fichier est signé numériquement C:\windows\SysWOW64\User32.dll => Le fichier est signé numériquement C:\windows\system32\userinit.exe => Le fichier est signé numériquement C:\windows\SysWOW64\userinit.exe => Le fichier est signé numériquement C:\windows\system32\rpcss.dll => Le fichier est signé numériquement C:\windows\system32\dnsapi.dll => Le fichier est signé numériquement C:\windows\SysWOW64\dnsapi.dll => Le fichier est signé numériquement C:\windows\system32\Drivers\volsnap.sys => Le fichier est signé numériquement LastRegBack: 2016-01-09 14:01 ==================== Fin de FRST.txt ============================