Publicité
Publicité
Format du document : text/plain
Prévisualisation
Résultats d'analyse de Farbar Recovery Scan Tool (FRST) (x64) Version: 11-08-2016 01
Exécuté par Mathéo (administrateur) sur PC_MATHÉO (14-08-2016 00:04:34)
Exécuté depuis C:\Users\Mathéo\Downloads
Profils chargés: Mathéo (Profils disponibles: Mathéo & Invité)
Platform: Windows 8.1 Pro (Update) (X64) Langue: Français (France)
Internet Explorer Version 11 (Navigateur par défaut: Chrome)
Mode d'amorçage: Normal
Tutoriel pour Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processus (Avec liste blanche) =================
(Si un élément est inclus dans le fichier fixlist.txt, le processus sera arrêté. Le fichier ne sera pas déplacé.)
(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(BlueStack Systems, Inc.) C:\Program Files (x86)\Bluestacks\HD-LogRotatorService.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
(Valve Corporation) C:\Program Files (x86)\Steam\Steam.exe
(Nota Inc.) C:\Program Files (x86)\Gyazo\GyStation.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
(Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe
(BlueStack Systems, Inc.) C:\Program Files (x86)\Bluestacks\HD-Agent.exe
(Hammer & Chisel, Inc.) C:\Users\Mathéo\AppData\Local\Discord\app-0.0.295\Discord.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Hammer & Chisel, Inc.) C:\Users\Mathéo\AppData\Local\Discord\app-0.0.295\Discord.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Hammer & Chisel, Inc.) C:\Users\Mathéo\AppData\Local\Discord\app-0.0.295\Discord.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe
==================== Registre (Avec liste blanche) ===========================
(Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé. Le fichier ne sera pas déplacé.)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [766688 2014-07-04] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [8900328 2016-08-08] (AVAST Software)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [596528 2015-12-22] (Oracle Corporation)
HKU\S-1-5-21-2905555755-1986049447-1681868783-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [2852128 2016-08-03] (Valve Corporation)
HKU\S-1-5-21-2905555755-1986049447-1681868783-1001\...\Run: [Gyazo] => C:\Program Files (x86)\Gyazo\GyStation.exe [3582240 2016-06-02] (Nota Inc.)
HKU\S-1-5-21-2905555755-1986049447-1681868783-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [7394584 2014-12-12] (Piriform Ltd)
HKU\S-1-5-21-2905555755-1986049447-1681868783-1001\...\Run: [BlueStacks Agent] => C:\Program Files (x86)\Bluestacks\HD-Agent.exe [974360 2016-07-21] (BlueStack Systems, Inc.)
HKU\S-1-5-21-2905555755-1986049447-1681868783-1001\...\Run: [Discord] => C:\Users\Mathéo\AppData\Local\Discord\app-0.0.295\Discord.exe [62385336 2016-08-01] (Hammer & Chisel, Inc.)
ShellIconOverlayIdentifiers: [###MegaShellExtPending] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => C:\Users\Mathéo\AppData\Local\MEGAsync\ShellExtX64.dll [2014-05-01] ()
ShellIconOverlayIdentifiers: [###MegaShellExtSynced] -> {05B38830-F4E9-4329-978B-1DD28605D202} => C:\Users\Mathéo\AppData\Local\MEGAsync\ShellExtX64.dll [2014-05-01] ()
ShellIconOverlayIdentifiers: [###MegaShellExtSyncing] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => C:\Users\Mathéo\AppData\Local\MEGAsync\ShellExtX64.dll [2014-05-01] ()
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2016-07-11] (AVAST Software)
ShellIconOverlayIdentifiers: [MyOverlayIcon] -> {B41B3408-923F-4B8B-85F2-146C509FA18C} => C:\Program Files (x86)\Bagerry\Katochdrcuk\Zoeght.dll [2016-08-13] ()
ShellIconOverlayIdentifiers-x32: [###MegaShellExtPending] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => C:\Users\Mathéo\AppData\Local\MEGAsync\ShellExtX32.dll [2014-05-01] ()
ShellIconOverlayIdentifiers-x32: [###MegaShellExtSynced] -> {05B38830-F4E9-4329-978B-1DD28605D202} => C:\Users\Mathéo\AppData\Local\MEGAsync\ShellExtX32.dll [2014-05-01] ()
ShellIconOverlayIdentifiers-x32: [###MegaShellExtSyncing] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => C:\Users\Mathéo\AppData\Local\MEGAsync\ShellExtX32.dll [2014-05-01] ()
==================== Internet (Avec liste blanche) ====================
(Si un élément est inclus dans le fichier fixlist.txt, s'il s'agit d'un élément du Registre, il sera supprimé ou restauré à la valeur par défaut.)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{40AAEA26-FEAF-44A9-9B69-5BF5CC31F1A2}: [DhcpNameServer] 192.168.1.1
Internet Explorer:
==================
HKU\S-1-5-21-2905555755-1986049447-1681868783-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://www.google.fr/
SearchScopes: HKU\S-1-5-21-2905555755-1986049447-1681868783-1001 -> {012E1000-F331-11DB-8314-0800200C9A66} URL = hxxp://www.google.com/search?q={searchTerms}
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2016-07-11] (AVAST Software)
BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2016-05-25] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_71\bin\ssv.dll [2016-01-26] (Oracle Corporation)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2016-07-11] (AVAST Software)
BHO-x32: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2016-05-25] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_71\bin\jp2ssv.dll [2016-01-26] (Oracle Corporation)
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2016-05-25] (Microsoft Corporation)
Handler-x32: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2016-05-25] (Microsoft Corporation)
FireFox:
========
FF ProfilePath: C:\Users\Mathéo\AppData\Roaming\Mozilla\Firefox\Profiles\61i47hxk.default-1464806750651
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_22_0_0_209.dll [2016-07-12] ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.50428.0\npctrl.dll [2016-04-27] ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_22_0_0_209.dll [2016-07-12] ()
FF Plugin-x32: @java.com/DTPlugin,version=11.71.2 -> C:\Program Files (x86)\Java\jre1.8.0_71\bin\dtplugin\npDeployJava1.dll [2016-01-26] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.71.2 -> C:\Program Files (x86)\Java\jre1.8.0_71\bin\plugin2\npjp2.dll [2016-01-26] (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.50428.0\npctrl.dll [2016-04-27] ( Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-07-29] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-07-29] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.2.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Extension: BetterTTV - C:\Users\Mathéo\AppData\Roaming\Mozilla\Firefox\Profiles\61i47hxk.default-1464806750651\Extensions\firefox@betterttv.net.xpi [2016-08-03]
FF Extension: Adblock Plus - C:\Users\Mathéo\AppData\Roaming\Mozilla\Firefox\Profiles\61i47hxk.default-1464806750651\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2016-06-01]
FF Extension: Skype - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}.xpi [2016-05-25]
FF HKLM\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2016-07-11]
FF HKLM\...\Firefox\Extensions: [sp@avast.com] - C:\Program Files\AVAST Software\Avast\SafePrice\FF
FF Extension: Avast SafePrice - C:\Program Files\AVAST Software\Avast\SafePrice\FF [2016-07-11]
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF HKLM-x32\...\Firefox\Extensions: [sp@avast.com] - C:\Program Files\AVAST Software\Avast\SafePrice\FF
Chrome:
=======
CHR Profile: C:\Users\Mathéo\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Slides) - C:\Users\Mathéo\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-10-27]
CHR Extension: (Google Docs) - C:\Users\Mathéo\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-10-27]
CHR Extension: (Google Drive) - C:\Users\Mathéo\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-10-27]
CHR Extension: (YouTube) - C:\Users\Mathéo\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-10-27]
CHR Extension: (Recherche Google) - C:\Users\Mathéo\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-10-27]
CHR Extension: (Avast SafePrice) - C:\Users\Mathéo\AppData\Local\Google\Chrome\User Data\Default\Extensions\eofcbnmajmjmplflapaojjnihcjkigck [2016-02-28]
CHR Extension: (Google Sheets) - C:\Users\Mathéo\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-10-27]
CHR Extension: (Google Docs hors connexion) - C:\Users\Mathéo\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-04-02]
CHR Extension: (Avast Online Security) - C:\Users\Mathéo\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2016-07-25]
CHR Extension: (Paiements via le Chrome Web Store) - C:\Users\Mathéo\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-05-17]
CHR Extension: (Gmail) - C:\Users\Mathéo\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-10-27]
CHR Extension: (Chrome Media Router) - C:\Users\Mathéo\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2016-08-13]
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChromeSp.crx [2015-08-02]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2015-08-02]
==================== Services (Avec liste blanche) ========================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [197128 2016-07-11] (AVAST Software)
S3 BstHdAndroidSvc; C:\Program Files (x86)\Bluestacks\HD-Service.exe [445976 2016-07-21] (BlueStack Systems, Inc.)
R2 BstHdLogRotatorSvc; C:\Program Files (x86)\Bluestacks\HD-LogRotatorService.exe [425496 2016-07-21] (BlueStack Systems, Inc.)
S3 BstHdPlusAndroidSvc; C:\Program Files (x86)\Bluestacks\HD-Plus-Service.exe [462360 2016-07-21] (BlueStack Systems, Inc.)
R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1364096 2016-05-25] (Microsoft Corporation)
R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1687680 2016-05-25] (Microsoft Corporation)
S3 Katochdrcuk System; C:\Program Files (x86)\Bagerry\Katochdrcuk\KtcsysCljagh.exe [291520 2016-08-13] ()
S2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1133880 2015-06-18] (Malwarebytes Corporation)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [366552 2015-07-07] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2015-07-07] (Microsoft Corporation)
===================== Pilotes (Avec liste blanche) ==========================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [37656 2016-07-11] (AVAST Software)
R1 aswKbd; C:\Windows\system32\drivers\aswKbd.sys [37144 2016-07-11] (AVAST Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [108304 2016-07-11] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [103064 2016-07-11] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [74544 2016-07-11] (AVAST Software)
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1070904 2016-07-11] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [473592 2016-07-13] (AVAST Software)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [162904 2016-07-11] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [292704 2016-08-05] (AVAST Software)
R3 athr; C:\Windows\system32\DRIVERS\athwnx.sys [3680256 2013-06-18] (Qualcomm Atheros Communications, Inc.)
S3 BstHdDrv; C:\Program Files (x86)\Bluestacks\HD-Hypervisor-amd64.sys [152672 2016-07-21] (BlueStack Systems)
S3 BstkDrv; C:\Program Files (x86)\Bluestacks\BstkDrv.sys [270904 2016-07-21] (Bluestack System Inc. )
S3 dtlitescsibus; C:\Windows\System32\drivers\dtlitescsibus.sys [30264 2016-08-12] (Disc Soft Ltd)
S3 dtliteusbbus; C:\Windows\System32\drivers\dtliteusbbus.sys [47672 2016-08-12] (Disc Soft Ltd)
S0 ebdrv; C:\Windows\System32\drivers\evbda.sys [3357024 2013-08-22] (Broadcom Corporation)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2015-06-18] (Malwarebytes Corporation)
S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [64216 2015-06-18] (Malwarebytes Corporation)
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44560 2015-07-07] (Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [270168 2015-07-07] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114520 2015-07-07] (Microsoft Corporation)
==================== NetSvcs (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
==================== Un mois - Créés - fichiers et dossiers ========
(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)
2016-08-14 00:04 - 2016-08-14 00:04 - 00015957 _____ C:\Users\Mathéo\Downloads\FRST.txt
2016-08-14 00:03 - 2016-08-14 00:04 - 00000000 ____D C:\FRST
2016-08-14 00:03 - 2016-08-14 00:03 - 02393600 _____ (Farbar) C:\Users\Mathéo\Downloads\FRST64.exe
2016-08-14 00:03 - 2016-08-14 00:03 - 02393600 _____ (Farbar) C:\Users\Mathéo\Downloads\FRST64 (1).exe
2016-08-13 23:09 - 2016-08-13 23:09 - 00000878 _____ C:\Users\Mathéo\Desktop\ZHPCleaner.lnk
2016-08-13 22:42 - 2016-08-13 23:23 - 00000868 _____ C:\Users\Mathéo\Desktop\ZHPDiag.lnk
2016-08-13 22:42 - 2016-08-13 22:42 - 02292224 _____ C:\Users\Mathéo\Downloads\ZHPDiag3(3).exe
2016-08-13 22:16 - 2016-08-13 22:16 - 00281048 _____ C:\Windows\Minidump\081316-21734-01.dmp
2016-08-13 22:04 - 2016-08-13 22:04 - 00621568 _____ (The OpenSSL Project, hxxp://www.openssl.org/) C:\Users\Mathéo\Downloads\libeay32.dll
2016-08-13 22:04 - 2016-08-13 22:04 - 00162304 _____ (The OpenSSL Project, hxxp://www.openssl.org/) C:\Users\Mathéo\Downloads\ssleay32.dll
2016-08-13 22:03 - 2016-08-14 00:04 - 00000000 ____D C:\Users\Mathéo\AppData\Local\Anicok
2016-08-13 22:03 - 2016-08-13 22:16 - 00000000 ____D C:\Program Files (x86)\Bagerry
2016-08-13 22:03 - 2016-08-13 22:03 - 00000000 ____D C:\Users\Math←o\AppData\Local\Anicok
2016-08-13 22:03 - 2016-08-13 22:03 - 00000000 ____D C:\Users\Math←o
2016-08-13 12:21 - 2016-08-13 12:21 - 00281048 _____ C:\Windows\Minidump\081316-22750-01.dmp
2016-08-12 15:21 - 2016-08-12 15:21 - 00000000 ____D C:\Users\Mathéo\AppData\Local\Disc_Soft_Ltd
2016-08-12 15:12 - 2016-08-12 15:12 - 00047672 _____ (Disc Soft Ltd) C:\Windows\system32\Drivers\dtliteusbbus.sys
2016-08-12 15:07 - 2016-08-12 15:07 - 00000000 ____D C:\Users\Public\Documents\Daemon Tools Images
2016-08-12 15:06 - 2016-08-12 15:12 - 00030264 _____ (Disc Soft Ltd) C:\Windows\system32\Drivers\dtlitescsibus.sys
2016-08-12 15:06 - 2016-08-12 15:12 - 00000000 ____D C:\Users\Mathéo\AppData\Roaming\DAEMON Tools Lite
2016-08-12 15:06 - 2016-08-12 15:06 - 00000000 ____D C:\ProgramData\DAEMON Tools Lite
2016-08-12 15:02 - 2016-08-12 15:02 - 00692072 _____ (Disc Soft Ltd.) C:\Users\Mathéo\Downloads\DTLiteInstaller-10.4.0.exe
2016-08-12 14:57 - 2016-08-12 15:10 - 1834647552 ____R C:\Users\Mathéo\Downloads\Rayman 3 jeu pc game Multi 5 verifier par bro.iso
2016-08-12 14:56 - 2016-08-12 14:57 - 00000000 ____D C:\Users\Mathéo\AppData\LocalLow\uTorrent
2016-08-12 14:54 - 2016-08-12 14:54 - 02370560 _____ (BitTorrent Inc.) C:\Users\Mathéo\Downloads\uTorrent.exe
2016-08-12 14:47 - 2016-08-12 14:47 - 00072361 _____ C:\Users\Mathéo\Downloads\rayman-3-hoodlum-havoc-pc.torrent
2016-08-12 14:37 - 2016-08-12 14:37 - 04463952 _____ (Igor Pavlov) C:\Users\Mathéo\Downloads\dolphin-4.0-win64.exe
2016-08-12 14:37 - 2016-08-12 14:37 - 00000000 ____D C:\Users\Mathéo\Documents\Dolphin Emulator
2016-08-12 14:37 - 2013-09-23 20:20 - 13477888 _____ C:\Users\Mathéo\Downloads\Dolphin.exe
2016-08-12 14:37 - 2013-09-23 20:20 - 00806912 _____ C:\Users\Mathéo\Downloads\DSPTool.exe
2016-08-12 14:37 - 2013-09-23 20:20 - 00000000 ____D C:\Users\Mathéo\Downloads\Sys
2016-08-12 14:37 - 2013-09-23 20:20 - 00000000 ____D C:\Users\Mathéo\Downloads\Languages
2016-08-12 14:37 - 2013-09-22 20:28 - 00057168 _____ (Microsoft Corporation) C:\Users\Mathéo\Downloads\vcomp100.dll
2016-08-12 14:37 - 2013-09-20 01:01 - 00417320 _____ C:\Users\Mathéo\Downloads\OpenAL32.dll
2016-08-12 14:37 - 2013-01-04 15:09 - 00000451 _____ C:\Users\Mathéo\Downloads\cpack_package_description.txt
2016-08-12 14:37 - 2011-09-29 00:53 - 00397824 _____ C:\Users\Mathéo\Downloads\SDL.dll
2016-08-12 14:37 - 2011-09-29 00:53 - 00018326 _____ C:\Users\Mathéo\Downloads\license.txt
2016-08-12 04:29 - 2016-08-12 04:29 - 00281048 _____ C:\Windows\Minidump\081216-19968-01.dmp
2016-08-12 01:36 - 2016-08-12 01:36 - 00000367 _____ C:\Users\Mathéo\Desktop\Nouveau document texte.txt
2016-08-11 19:55 - 2016-08-12 14:56 - 00000000 ____D C:\Users\Mathéo\Desktop\PAINT
2016-08-11 19:50 - 2016-08-11 19:51 - 00000000 ____D C:\Users\Mathéo\Documents\ShareX
2016-08-11 19:49 - 2016-08-11 19:49 - 04795684 _____ (ShareX Team ) C:\Users\Mathéo\Downloads\ShareX-11.1.0-setup.exe
2016-08-11 19:49 - 2016-08-11 19:49 - 00662208 _____ () C:\Users\Mathéo\Downloads\puush-installer.exe
2016-08-11 15:10 - 2016-08-11 15:10 - 00281048 _____ C:\Windows\Minidump\081116-23312-01.dmp
2016-08-11 03:02 - 2016-08-11 03:02 - 00281048 _____ C:\Windows\Minidump\081116-41906-01.dmp
2016-08-10 15:34 - 2016-08-10 15:34 - 00281048 _____ C:\Windows\Minidump\081016-28078-01.dmp
2016-08-10 13:22 - 2016-08-10 13:22 - 00281048 _____ C:\Windows\Minidump\081016-28843-01.dmp
2016-08-10 11:17 - 2016-06-18 22:06 - 00590688 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\fvevol.sys
2016-08-10 11:17 - 2016-06-18 22:06 - 00072408 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dumpfve.sys
2016-08-10 11:17 - 2016-06-11 21:52 - 00379232 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\storport.sys
2016-08-10 11:17 - 2016-06-11 21:52 - 00057184 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\stornvme.sys
2016-08-10 11:17 - 2016-06-11 20:05 - 00216576 _____ (Microsoft Corporation) C:\Windows\system32\gpresult.exe
2016-08-10 11:17 - 2016-06-11 18:50 - 00987136 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2016-08-10 11:17 - 2016-06-11 18:46 - 00482304 _____ (Microsoft Corporation) C:\Windows\system32\tpmvsc.dll
2016-08-10 11:17 - 2016-06-11 18:44 - 00509440 _____ (Microsoft Corporation) C:\Windows\system32\webio.dll
2016-08-10 11:17 - 2016-06-11 18:37 - 00796672 _____ (Microsoft Corporation) C:\Windows\system32\winhttp.dll
2016-08-10 11:17 - 2016-06-11 18:24 - 00800768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2016-08-10 11:17 - 2016-06-11 18:20 - 00413184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webio.dll
2016-08-10 11:17 - 2016-06-11 18:16 - 00626176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winhttp.dll
2016-08-10 11:17 - 2016-06-11 05:44 - 00107984 _____ (Microsoft Corporation) C:\Windows\system32\ncryptsslp.dll
2016-08-10 11:17 - 2016-06-11 05:44 - 00091416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncryptsslp.dll
2016-08-10 11:17 - 2016-06-10 23:34 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\storvsp.sys
2016-08-10 11:17 - 2016-06-10 22:07 - 03820544 _____ (Microsoft Corporation) C:\Windows\system32\rdpcore.dll
2016-08-10 11:17 - 2016-06-10 22:03 - 00432128 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2016-08-10 11:17 - 2016-06-10 21:04 - 03547136 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorets.dll
2016-08-10 11:17 - 2016-06-10 20:11 - 06521800 _____ (Microsoft Corporation) C:\Windows\system32\sppsvc.exe
2016-08-10 11:17 - 2016-06-10 20:11 - 01487992 _____ (Microsoft Corporation) C:\Windows\system32\sppobjs.dll
2016-08-10 11:17 - 2016-06-10 20:11 - 00261376 _____ (Microsoft Corporation) C:\Windows\system32\sppwinob.dll
2016-08-10 11:17 - 2016-06-10 20:11 - 00125024 _____ (Microsoft Corporation) C:\Windows\system32\cryptxml.dll
2016-08-10 11:17 - 2016-06-10 20:10 - 00099136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptxml.dll
2016-08-10 11:17 - 2016-06-10 20:07 - 03273728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rdpcore.dll
2016-08-10 11:17 - 2016-06-10 20:04 - 00357376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2016-08-10 11:17 - 2016-06-04 02:38 - 01613528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2016-08-10 11:17 - 2016-06-04 02:37 - 01970968 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2016-08-10 11:17 - 2016-05-29 09:08 - 22361344 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2016-08-10 11:17 - 2016-05-28 20:31 - 19788688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2016-08-10 11:17 - 2016-05-18 22:56 - 01291776 _____ (Microsoft Corporation) C:\Windows\system32\certutil.exe
2016-08-10 11:17 - 2016-05-18 22:28 - 02635264 _____ (Microsoft Corporation) C:\Windows\system32\CertEnroll.dll
2016-08-10 11:17 - 2016-05-18 22:16 - 02317824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\CertEnroll.dll
2016-08-10 11:17 - 2016-05-14 07:19 - 01134768 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2016-08-10 11:17 - 2016-05-14 01:08 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidclass.sys
2016-08-10 11:17 - 2016-05-14 01:08 - 00032768 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidusb.sys
2016-08-10 11:17 - 2016-05-14 00:24 - 00862720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2016-08-10 11:17 - 2016-05-13 23:42 - 03667968 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2016-08-10 11:17 - 2016-05-13 23:26 - 02230784 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2016-08-10 11:17 - 2016-05-13 23:26 - 00897024 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2016-08-10 11:17 - 2016-05-13 23:16 - 00727040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2016-08-10 11:17 - 2016-05-12 20:36 - 00034600 _____ (Microsoft Corporation) C:\Windows\system32\UserAccountBroker.exe
2016-08-10 11:17 - 2016-05-12 19:39 - 00030984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UserAccountBroker.exe
2016-08-10 11:17 - 2016-05-06 23:59 - 00331608 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Classpnp.sys
2016-08-10 11:17 - 2016-05-06 19:13 - 00138240 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dfsc.sys
2016-08-10 11:17 - 2016-05-05 20:28 - 01661072 _____ (Microsoft Corporation) C:\Windows\system32\ole32.dll
2016-08-10 11:17 - 2016-05-05 19:39 - 01212256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ole32.dll
2016-08-10 11:17 - 2016-05-05 19:18 - 00065024 _____ (Microsoft Corporation) C:\Windows\system32\msiexec.exe
2016-08-10 11:17 - 2016-05-05 19:02 - 03320832 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2016-08-10 11:17 - 2016-05-05 18:37 - 00059904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msiexec.exe
2016-08-10 11:17 - 2016-05-05 18:29 - 03607040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
2016-08-10 11:17 - 2016-04-16 15:56 - 01080320 _____ (Microsoft Corporation) C:\Windows\system32\IKEEXT.DLL
2016-08-10 11:17 - 2016-04-10 00:14 - 00306176 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Devices.Geolocation.dll
2016-08-10 11:17 - 2016-04-10 00:10 - 00816128 _____ (Microsoft Corporation) C:\Windows\system32\rpcss.dll
2016-08-10 11:17 - 2016-04-10 00:02 - 00346112 _____ (Microsoft Corporation) C:\Windows\system32\LocationApi.dll
2016-08-10 11:17 - 2016-04-09 23:59 - 00218112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Devices.Geolocation.dll
2016-08-10 11:17 - 2016-04-09 23:55 - 00881152 _____ (Microsoft Corporation) C:\Windows\system32\MPSSVC.dll
2016-08-10 11:17 - 2016-04-09 23:52 - 00281088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\LocationApi.dll
2016-08-10 11:17 - 2016-04-07 18:06 - 00927744 _____ (Microsoft Corporation) C:\Windows\system32\iphlpsvc.dll
2016-08-10 11:17 - 2016-04-06 23:21 - 00114528 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mup.sys
2016-08-10 11:17 - 2016-04-06 20:20 - 00559104 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\csc.sys
2016-08-10 11:17 - 2016-04-06 20:20 - 00402432 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdbss.sys
2016-08-10 11:17 - 2016-04-06 20:17 - 18825216 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Xaml.dll
2016-08-10 11:17 - 2016-04-06 18:25 - 15158272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.Xaml.dll
2016-08-10 11:17 - 2016-04-06 00:37 - 00205824 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ndiswan.sys
2016-08-10 11:16 - 2016-06-11 19:14 - 00192512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gpresult.exe
2016-08-10 11:16 - 2016-06-09 21:32 - 00228864 _____ (Microsoft Corporation) C:\Windows\system32\WebClnt.dll
2016-08-10 11:16 - 2016-06-09 20:18 - 00199168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WebClnt.dll
2016-08-10 11:16 - 2016-06-07 20:10 - 00083456 _____ (Microsoft Corporation) C:\Windows\system32\hbaapi.dll
2016-08-10 11:16 - 2016-06-07 19:13 - 00066560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\hbaapi.dll
2016-08-10 11:16 - 2016-05-18 23:54 - 00053248 _____ (Microsoft Corporation) C:\Windows\system32\certenc.dll
2016-08-10 11:16 - 2016-05-18 23:15 - 00044032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certenc.dll
2016-08-10 11:16 - 2016-05-18 22:33 - 01060352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certutil.exe
2016-08-10 11:16 - 2016-05-14 22:26 - 00136904 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2016-08-10 11:16 - 2016-05-14 01:08 - 00032512 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidparse.sys
2016-08-10 11:16 - 2016-05-13 23:30 - 00035840 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2016-08-10 11:16 - 2016-05-13 23:29 - 00140288 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2016-08-10 11:16 - 2016-05-13 23:27 - 00409088 _____ (Microsoft Corporation) C:\Windows\system32\WUSettingsProvider.dll
2016-08-10 11:16 - 2016-05-13 23:27 - 00095744 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2016-08-10 11:16 - 2016-05-13 23:18 - 00124928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2016-08-10 11:16 - 2016-05-13 23:18 - 00029696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2016-08-10 11:16 - 2016-05-13 23:16 - 00081920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2016-08-10 11:16 - 2016-05-05 18:34 - 00086016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\olepro32.dll
2016-08-10 11:16 - 2016-05-05 17:28 - 02778624 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2016-08-10 11:16 - 2016-05-05 17:16 - 02464768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2016-08-10 11:16 - 2016-04-10 07:35 - 00551256 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\vhdmp.sys
2016-08-10 11:16 - 2016-04-10 00:15 - 00026112 _____ (Microsoft Corporation) C:\Windows\system32\wfapigp.dll
2016-08-10 11:16 - 2016-04-10 00:09 - 00754176 _____ (Microsoft Corporation) C:\Windows\system32\FirewallAPI.dll
2016-08-10 11:16 - 2016-04-09 23:59 - 00020480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wfapigp.dll
2016-08-10 11:16 - 2016-04-09 23:56 - 00543232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\FirewallAPI.dll
2016-08-10 11:16 - 2016-04-02 16:09 - 00130560 _____ (Microsoft Corporation) C:\Windows\system32\BdeHdCfg.exe
2016-08-10 11:16 - 2016-04-02 15:58 - 00108032 _____ (Microsoft Corporation) C:\Windows\system32\BdeHdCfgLib.dll
2016-08-10 11:16 - 2016-04-01 19:40 - 00322048 _____ (Microsoft Corporation) C:\Windows\system32\fvecpl.dll
2016-08-10 11:16 - 2016-04-01 18:53 - 00348672 _____ (Microsoft Corporation) C:\Windows\system32\bdesvc.dll
2016-08-10 11:16 - 2016-04-01 18:50 - 00737280 _____ (Microsoft Corporation) C:\Windows\system32\fveapi.dll
2016-08-10 11:16 - 2016-02-04 18:57 - 00018944 _____ (Microsoft Corporation) C:\Windows\system32\httpprxp.dll
2016-08-10 11:16 - 2016-02-04 18:49 - 00125440 _____ (Microsoft Corporation) C:\Windows\system32\httpprxm.dll
2016-08-10 11:16 - 2016-02-04 18:39 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\adhsvc.dll
2016-08-10 11:13 - 2016-08-02 08:54 - 25808384 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2016-08-10 11:13 - 2016-08-02 08:32 - 02894336 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2016-08-10 11:13 - 2016-08-02 08:31 - 00572416 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2016-08-10 11:13 - 2016-08-02 08:20 - 00615936 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2016-08-10 11:13 - 2016-08-02 08:18 - 06047744 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2016-08-10 11:13 - 2016-08-02 08:18 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2016-08-10 11:13 - 2016-08-02 07:55 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2016-08-10 11:13 - 2016-08-02 07:54 - 20343808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2016-08-10 11:13 - 2016-08-02 07:51 - 00497664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2016-08-10 11:13 - 2016-08-02 07:47 - 02286592 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2016-08-10 11:13 - 2016-08-02 07:46 - 01032704 _____ (Microsoft Corporation) C:\Windows\system32\inetcomm.dll
2016-08-10 11:13 - 2016-08-02 07:41 - 00663552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2016-08-10 11:13 - 2016-08-02 07:40 - 00262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2016-08-10 11:13 - 2016-08-02 07:39 - 00378880 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2016-08-10 11:13 - 2016-08-02 07:38 - 00806400 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2016-08-10 11:13 - 2016-08-02 07:38 - 00724992 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2016-08-10 11:13 - 2016-08-02 07:36 - 02131456 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2016-08-10 11:13 - 2016-08-02 07:28 - 15412224 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2016-08-10 11:13 - 2016-08-02 07:23 - 02868224 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2016-08-10 11:13 - 2016-08-02 07:21 - 04608000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2016-08-10 11:13 - 2016-08-02 07:20 - 00880128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcomm.dll
2016-08-10 11:13 - 2016-08-02 07:15 - 00692736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2016-08-10 11:13 - 2016-08-02 07:15 - 00330752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2016-08-10 11:13 - 2016-08-02 07:14 - 02055680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2016-08-10 11:13 - 2016-08-02 07:11 - 13808128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2016-08-10 11:13 - 2016-08-02 07:10 - 01550848 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2016-08-10 11:13 - 2016-08-02 06:59 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2016-08-10 11:13 - 2016-08-02 06:56 - 02393088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2016-08-10 11:13 - 2016-08-02 06:53 - 01316352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2016-08-10 11:13 - 2016-08-02 06:51 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2016-08-10 11:13 - 2016-07-08 16:18 - 04169216 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2016-08-10 11:12 - 2016-07-12 16:08 - 00175616 _____ (Microsoft Corporation) C:\Windows\system32\TpmTasks.dll
2016-08-10 11:12 - 2016-07-09 02:09 - 00442712 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2016-08-10 11:12 - 2016-07-09 02:08 - 00332632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2016-08-10 11:12 - 2016-07-08 16:32 - 01753600 _____ (Microsoft Corporation) C:\Windows\system32\GdiPlus.dll
2016-08-10 11:12 - 2016-07-08 16:25 - 01491456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\GdiPlus.dll
2016-08-10 11:12 - 2016-07-08 16:22 - 01445376 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2016-08-10 11:12 - 2016-07-08 16:19 - 00840704 _____ (Microsoft Corporation) C:\Windows\system32\netlogon.dll
2016-08-10 11:12 - 2016-07-08 16:17 - 00696832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\netlogon.dll
2016-08-10 11:12 - 2016-07-08 00:33 - 00201728 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2016-08-10 11:12 - 2016-07-07 23:53 - 00445440 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll
2016-08-10 11:12 - 2016-07-07 22:06 - 00324096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certcli.dll
2016-08-10 11:12 - 2016-07-06 16:26 - 07793152 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Data.Pdf.dll
2016-08-10 11:12 - 2016-07-06 16:26 - 07075328 _____ (Microsoft Corporation) C:\Windows\system32\glcndFilter.dll
2016-08-10 11:12 - 2016-07-06 16:23 - 05270016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\glcndFilter.dll
2016-08-10 11:12 - 2016-07-06 16:21 - 05265920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Data.Pdf.dll
2016-08-10 11:12 - 2016-05-19 01:18 - 00563024 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys
2016-08-10 11:12 - 2016-05-19 01:18 - 00397232 _____ (Microsoft Corporation) C:\Windows\system32\bcryptprimitives.dll
2016-08-10 11:12 - 2016-05-19 01:16 - 00178016 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2016-08-10 11:12 - 2016-05-19 00:28 - 00340880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\bcryptprimitives.dll
2016-08-10 02:41 - 2016-08-10 02:41 - 00281048 _____ C:\Windows\Minidump\081016-23078-01.dmp
2016-08-09 14:39 - 2016-08-09 14:39 - 00281048 _____ C:\Windows\Minidump\080916-17500-01.dmp
2016-08-08 19:23 - 2016-08-13 22:16 - 00000000 ____D C:\Program Files\GamingMouse
2016-08-08 19:23 - 2016-08-13 22:09 - 00000000 ____D C:\Program Files (x86)\GamingMouse
2016-08-08 19:23 - 2016-08-08 19:23 - 00003552 _____ C:\Windows\System32\Tasks\GM-753TaskPlan
2016-08-06 17:58 - 2016-08-06 17:58 - 00281048 _____ C:\Windows\Minidump\080616-18406-01.dmp
2016-08-05 00:27 - 2016-08-05 00:27 - 00281048 _____ C:\Windows\Minidump\080516-21375-01.dmp
2016-08-03 15:53 - 2016-08-03 15:53 - 00281048 _____ C:\Windows\Minidump\080316-22015-01.dmp
2016-08-03 15:52 - 2016-08-13 22:16 - 819427606 _____ C:\Windows\MEMORY.DMP
2016-08-02 16:42 - 2016-08-02 16:42 - 00000000 ____D C:\Users\Mathéo\AppData\Roaming\Logitech
2016-08-02 16:42 - 2016-08-02 16:42 - 00000000 ____D C:\Users\Mathéo\AppData\Roaming\Logishrd
2016-08-02 16:39 - 2016-08-02 16:41 - 111858768 _____ (Logitech Inc.) C:\Users\Mathéo\Downloads\LGS_8.83.85_x86_Logitech.exe
2016-08-02 00:07 - 2016-08-02 00:07 - 00798912 _____ (Adobe Systems Incorporated) C:\Users\Mathéo\Downloads\CreativeCloudSet-Up.exe
2016-08-02 00:04 - 2016-08-02 00:04 - 02588472 _____ C:\Users\Mathéo\Downloads\AdobeDownloadAssistant-CC.exe
2016-08-01 21:40 - 2016-08-01 22:47 - 00000000 ____D C:\Users\Mathéo\AppData\Local\Discord
2016-07-31 18:52 - 2016-07-31 23:39 - 00000000 ____D C:\Users\Mathéo\Desktop\Game Of Thrones
2016-07-30 21:17 - 2016-08-01 22:47 - 00002216 _____ C:\Users\Mathéo\Desktop\Discord.lnk
2016-07-24 10:17 - 2016-07-24 10:17 - 05522887 _____ C:\Users\Mathéo\Downloads\com.kingroot.kinguser-4.5.0-120-minAPI8.apk
2016-07-24 10:07 - 2016-07-24 10:07 - 00001838 _____ C:\Users\Public\Desktop\BlueStacks.lnk
2016-07-24 10:07 - 2016-07-24 10:07 - 00001838 _____ C:\ProgramData\Microsoft\Windows\Start Menu\BlueStacks.lnk
2016-07-24 10:07 - 2016-07-24 10:07 - 00000000 ____D C:\ProgramData\Bluestacks
2016-07-24 10:07 - 2016-07-24 10:07 - 00000000 ____D C:\Program Files (x86)\Bluestacks
2016-07-23 21:52 - 2016-07-24 10:06 - 280942232 _____ (BlueStack Systems Inc.) C:\Users\Mathéo\Downloads\BlueStacks2_native_074331af4373fa3b51cda36b059502d0.exe
2016-07-23 21:40 - 2015-09-16 08:07 - 00127432 _____ (BigNox Corporation) C:\Windows\system32\Drivers\VBoxUSBMon.sys
2016-07-23 21:40 - 2015-09-16 05:29 - 00253384 _____ (BigNox Corporation) C:\Windows\system32\Drivers\XQHDrv.sys
2016-07-23 21:13 - 2016-07-23 21:33 - 361482512 _____ (Duodian Technology Co. Ltd.) C:\Users\Mathéo\Downloads\nox_setup_v3.7.0.0_full_En_0720_pokemon(1).exe
2016-07-23 20:52 - 2016-07-23 20:52 - 00003274 _____ C:\Windows\System32\Tasks\{4CAC647B-0045-4E60-A357-816ECDBB871A}
2016-07-23 20:44 - 2016-07-23 21:47 - 00000000 ____D C:\Users\Mathéo\vmlogs
2016-07-23 20:44 - 2016-07-23 20:44 - 00000000 ____D C:\Users\Math�o\AppData\Local\Nox
2016-07-23 20:44 - 2016-07-23 20:44 - 00000000 ____D C:\Users\Mathéo\Nox_share
2016-07-23 20:44 - 2016-07-23 20:44 - 00000000 ____D C:\Users\Mathéo\AppData\Roaming\Microsoft\Windows\Start Menu\Nox
2016-07-23 20:43 - 2016-07-23 20:43 - 00000000 ____D C:\Program Files\DIFX
2016-07-23 20:42 - 2016-07-31 21:13 - 00000000 ____D C:\Users\Mathéo\AppData\Roaming\Nox
2016-07-23 20:42 - 2016-07-23 21:51 - 00000000 ____D C:\Users\Mathéo\AppData\Local\Nox
2016-07-23 20:32 - 2016-07-23 20:42 - 361482512 _____ (Duodian Technology Co. Ltd.) C:\Users\Mathéo\Downloads\nox_setup_v3.7.0.0_full_En_0720_pokemon.exe
2016-07-22 20:19 - 2016-07-22 20:19 - 00000000 ____D C:\Windows\EOONotify
==================== Un mois - Modifiés - fichiers et dossiers ========
(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)
2016-08-14 00:03 - 2015-10-27 23:35 - 00001096 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2016-08-13 23:42 - 2015-10-25 15:04 - 00001002 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2016-08-13 23:25 - 2016-06-02 21:19 - 00070868 _____ C:\Users\Mathéo\Desktop\ZHPDiag.txt
2016-08-13 23:24 - 2015-07-31 12:50 - 00000000 ____D C:\Users\Mathéo\AppData\Roaming\ZHP
2016-08-13 23:21 - 2015-10-27 23:35 - 00001092 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2016-08-13 23:21 - 2015-07-27 12:54 - 00000000 ____D C:\Program Files (x86)\Steam
2016-08-13 23:20 - 2013-08-22 16:45 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2016-08-13 23:19 - 2015-06-27 19:41 - 00000000 ____D C:\Users\Mathéo
2016-08-13 23:12 - 2016-06-29 16:57 - 00002485 _____ C:\Users\Mathéo\Desktop\ZHPCleaner.txt
2016-08-13 23:06 - 2015-06-27 21:20 - 00000000 ____D C:\Users\Mathéo\AppData\Roaming\Skype
2016-08-13 22:41 - 2015-06-29 00:05 - 02108928 ___SH C:\Users\Mathéo\Desktop\Thumbs.db
2016-08-13 22:29 - 2015-06-27 19:57 - 00003600 _____ C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-2905555755-1986049447-1681868783-1001
2016-08-13 22:18 - 2016-07-13 19:48 - 00000000 ____D C:\Users\Mathéo\AppData\Roaming\discord
2016-08-13 22:16 - 2015-06-27 21:31 - 00000000 ____D C:\Windows\Minidump
2016-08-13 22:04 - 2016-06-07 18:48 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2016-08-13 19:18 - 2015-06-27 21:18 - 00000000 ____D C:\Users\Mathéo\AppData\Local\Battle.net
2016-08-13 18:29 - 2015-06-27 20:01 - 00003944 _____ C:\Windows\System32\Tasks\User_Feed_Synchronization-{6AA305DD-7F2F-43A0-8BD2-1F89CE695CA2}
2016-08-13 18:08 - 2015-06-27 21:18 - 00000000 ____D C:\Program Files (x86)\Battle.net
2016-08-12 15:21 - 2016-06-10 20:16 - 00039936 ___SH C:\Users\Mathéo\Downloads\Thumbs.db
2016-08-12 15:12 - 2013-08-22 15:36 - 00000000 ____D C:\Windows\Inf
2016-08-12 14:23 - 2015-07-06 21:50 - 00000000 ____D C:\RomStation
2016-08-12 14:21 - 2014-03-18 12:12 - 01734474 _____ C:\Windows\system32\PerfStringBackup.INI
2016-08-12 14:21 - 2014-03-18 11:27 - 00774688 _____ C:\Windows\system32\perfh00C.dat
2016-08-12 14:21 - 2014-03-18 11:27 - 00151426 _____ C:\Windows\system32\perfc00C.dat
2016-08-11 22:58 - 2013-08-22 17:36 - 00000000 ____D C:\Windows\rescache
2016-08-11 19:56 - 2015-09-30 14:16 - 00000000 ____D C:\Users\Mathéo\Desktop\IMAGE-SCREEN
2016-08-10 21:20 - 2016-06-25 02:27 - 00000000 ____D C:\Users\Mathéo\BrawlhallaReplays
2016-08-10 14:31 - 2015-06-29 00:38 - 00000000 ____D C:\Program Files (x86)\Hearthstone
2016-08-10 13:29 - 2013-08-22 16:44 - 00337960 _____ C:\Windows\system32\FNTCACHE.DAT
2016-08-10 13:26 - 2013-08-22 17:36 - 00000000 ___RD C:\Windows\ToastData
2016-08-10 12:43 - 2013-08-22 17:36 - 00000000 ___HD C:\Program Files\WindowsApps
2016-08-10 12:43 - 2013-08-22 17:36 - 00000000 ____D C:\Windows\AppReadiness
2016-08-10 12:42 - 2013-08-22 17:20 - 00000000 ____D C:\Windows\CbsTemp
2016-08-10 12:41 - 2015-06-29 20:47 - 00000000 ____D C:\Windows\system32\MRT
2016-08-10 12:38 - 2015-06-29 20:47 - 147640136 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2016-08-10 12:37 - 2013-08-22 17:36 - 00000000 ____D C:\Windows\system32\SecureBootUpdates
2016-08-10 01:38 - 2016-05-05 08:29 - 00000000 ____D C:\Program Files (x86)\Overwatch
2016-08-09 14:50 - 2015-06-30 15:11 - 00000000 ____D C:\Users\Mathéo\AppData\Roaming\.minecraft
2016-08-08 22:07 - 2015-10-27 23:36 - 00002213 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-08-08 22:07 - 2015-10-27 23:36 - 00002201 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2016-08-08 12:28 - 2013-08-22 17:36 - 00000000 ____D C:\Windows\system32\NDF
2016-08-07 15:55 - 2015-07-10 00:53 - 00000810 _____ C:\Users\Mathéo\Desktop\Texte secret.txt
2016-08-05 12:53 - 2016-05-05 12:39 - 00001116 _____ C:\Users\Public\Desktop\Overwatch.lnk
2016-08-05 11:24 - 2015-08-02 11:08 - 00292704 _____ (AVAST Software) C:\Windows\system32\Drivers\aswvmm.sys
2016-08-05 01:08 - 2015-10-16 20:45 - 00000615 _____ C:\Users\Mathéo\Desktop\Anime !.txt
2016-08-03 14:02 - 2016-02-06 20:16 - 00000106 _____ C:\Users\Mathéo\Desktop\COMPTE KGS.txt
2016-08-02 00:07 - 2015-07-02 10:40 - 00000000 ____D C:\Users\Mathéo\AppData\Local\Adobe
2016-08-02 00:04 - 2015-06-27 19:41 - 00000000 ____D C:\Users\Mathéo\AppData\Roaming\Adobe
2016-08-01 22:47 - 2016-07-13 19:48 - 00000000 ____D C:\Users\Mathéo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Hammer & Chisel, Inc
2016-08-01 21:41 - 2016-07-13 19:47 - 00000000 ____D C:\Users\Mathéo\AppData\Local\SquirrelTemp
2016-07-31 19:21 - 2016-06-30 09:30 - 00000000 ____D C:\Users\Mathéo\Desktop\ALL RÊVES
2016-07-30 21:08 - 2013-08-22 15:25 - 00262144 ___SH C:\Windows\system32\config\BBI
2016-07-29 21:35 - 2016-03-24 18:09 - 00000000 ____D C:\ProgramData\BlueStacksSetup
2016-07-29 01:58 - 2015-10-27 23:35 - 00004068 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2016-07-29 01:58 - 2015-10-27 23:35 - 00003832 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2016-07-27 18:06 - 2015-06-27 21:20 - 00000000 ___RD C:\Program Files (x86)\Skype
2016-07-27 18:05 - 2015-06-27 21:20 - 00000000 ____D C:\ProgramData\Skype
2016-07-27 14:55 - 2016-07-02 18:06 - 00000000 ____D C:\Users\Mathéo\AppData\Local\osu!
2016-07-27 00:24 - 2015-06-27 20:07 - 00000000 ____D C:\Users\Mathéo\AppData\Local\ElevatedDiagnostics
2016-07-26 00:35 - 2015-07-30 13:58 - 00000008 _____ C:\Users\Mathéo\AppData\Roaming\DofusAppId1_1
2016-07-26 00:35 - 2015-06-29 10:05 - 00229850 _____ C:\Users\Mathéo\AppData\Localtransition_6ab9706d6cb0ecf5980ce4f6d1592009.ini
2016-07-26 00:34 - 2015-07-30 13:58 - 00000000 ____D C:\Users\Mathéo\AppData\Roaming\Dofus Beta
2016-07-26 00:28 - 2015-07-30 13:58 - 00000121 _____ C:\Users\Mathéo\AppData\Roaming\D2Info1
2016-07-24 10:07 - 2013-08-22 17:36 - 00000000 __RHD C:\Users\Public\Libraries
2016-07-23 20:54 - 2016-06-05 19:29 - 00000000 ____D C:\Windows\system32\appmgmt
2016-07-23 20:44 - 2015-07-09 00:57 - 00000000 ____D C:\Users\Mathéo\.android
2016-07-22 20:19 - 2015-06-29 22:35 - 00000000 ___SD C:\Windows\SysWOW64\GWX
2016-07-22 20:19 - 2015-06-29 22:35 - 00000000 ___SD C:\Windows\system32\GWX
==================== Fichiers à la racine de certains dossiers =======
2015-06-29 18:37 - 2016-04-30 16:32 - 0000117 _____ () C:\Users\Mathéo\AppData\Roaming\D2Info0
2015-07-30 13:58 - 2016-07-26 00:28 - 0000121 _____ () C:\Users\Mathéo\AppData\Roaming\D2Info1
2015-06-29 18:37 - 2016-04-30 16:31 - 0000008 _____ () C:\Users\Mathéo\AppData\Roaming\DofusAppId0_1
2015-07-06 01:15 - 2016-04-30 18:45 - 0000008 _____ () C:\Users\Mathéo\AppData\Roaming\DofusAppId0_2
2015-08-03 11:48 - 2016-04-17 19:54 - 0000008 _____ () C:\Users\Mathéo\AppData\Roaming\DofusAppId0_3
2016-02-18 11:01 - 2016-03-04 22:24 - 0000008 _____ () C:\Users\Mathéo\AppData\Roaming\DofusAppId0_4
2015-07-30 13:58 - 2016-07-26 00:35 - 0000008 _____ () C:\Users\Mathéo\AppData\Roaming\DofusAppId1_1
2015-10-02 18:48 - 2016-05-27 22:23 - 0000008 _____ () C:\Users\Mathéo\AppData\Roaming\DofusAppId1_2
2016-02-27 20:19 - 2016-05-18 22:12 - 0000008 _____ () C:\Users\Mathéo\AppData\Roaming\DofusAppId1_3
2016-04-19 19:37 - 2016-04-19 19:51 - 0000008 _____ () C:\Users\Mathéo\AppData\Roaming\DofusAppId1_4
==================== Bamital & volsnap =================
(Il n'y a pas de correction automatique pour les fichiers qui ne satisfont pas à la vérification.)
C:\Windows\system32\winlogon.exe => Le fichier est signé numériquement
C:\Windows\system32\wininit.exe => Le fichier est signé numériquement
C:\Windows\explorer.exe => Le fichier est signé numériquement
C:\Windows\SysWOW64\explorer.exe => Le fichier est signé numériquement
C:\Windows\system32\svchost.exe => Le fichier est signé numériquement
C:\Windows\SysWOW64\svchost.exe => Le fichier est signé numériquement
C:\Windows\system32\services.exe => Le fichier est signé numériquement
C:\Windows\system32\User32.dll => Le fichier est signé numériquement
C:\Windows\SysWOW64\User32.dll => Le fichier est signé numériquement
C:\Windows\system32\userinit.exe => Le fichier est signé numériquement
C:\Windows\SysWOW64\userinit.exe => Le fichier est signé numériquement
C:\Windows\system32\rpcss.dll => Le fichier est signé numériquement
C:\Windows\system32\dnsapi.dll => Le fichier est signé numériquement
C:\Windows\SysWOW64\dnsapi.dll => Le fichier est signé numériquement
C:\Windows\system32\Drivers\volsnap.sys => Le fichier est signé numériquement
LastRegBack: 2016-08-13 14:53
==================== Fin de FRST.txt ============================
Exécuté par Mathéo (administrateur) sur PC_MATHÉO (14-08-2016 00:04:34)
Exécuté depuis C:\Users\Mathéo\Downloads
Profils chargés: Mathéo (Profils disponibles: Mathéo & Invité)
Platform: Windows 8.1 Pro (Update) (X64) Langue: Français (France)
Internet Explorer Version 11 (Navigateur par défaut: Chrome)
Mode d'amorçage: Normal
Tutoriel pour Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processus (Avec liste blanche) =================
(Si un élément est inclus dans le fichier fixlist.txt, le processus sera arrêté. Le fichier ne sera pas déplacé.)
(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(BlueStack Systems, Inc.) C:\Program Files (x86)\Bluestacks\HD-LogRotatorService.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
(Valve Corporation) C:\Program Files (x86)\Steam\Steam.exe
(Nota Inc.) C:\Program Files (x86)\Gyazo\GyStation.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
(Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe
(BlueStack Systems, Inc.) C:\Program Files (x86)\Bluestacks\HD-Agent.exe
(Hammer & Chisel, Inc.) C:\Users\Mathéo\AppData\Local\Discord\app-0.0.295\Discord.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Hammer & Chisel, Inc.) C:\Users\Mathéo\AppData\Local\Discord\app-0.0.295\Discord.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Hammer & Chisel, Inc.) C:\Users\Mathéo\AppData\Local\Discord\app-0.0.295\Discord.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe
==================== Registre (Avec liste blanche) ===========================
(Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé. Le fichier ne sera pas déplacé.)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [766688 2014-07-04] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [8900328 2016-08-08] (AVAST Software)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [596528 2015-12-22] (Oracle Corporation)
HKU\S-1-5-21-2905555755-1986049447-1681868783-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [2852128 2016-08-03] (Valve Corporation)
HKU\S-1-5-21-2905555755-1986049447-1681868783-1001\...\Run: [Gyazo] => C:\Program Files (x86)\Gyazo\GyStation.exe [3582240 2016-06-02] (Nota Inc.)
HKU\S-1-5-21-2905555755-1986049447-1681868783-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [7394584 2014-12-12] (Piriform Ltd)
HKU\S-1-5-21-2905555755-1986049447-1681868783-1001\...\Run: [BlueStacks Agent] => C:\Program Files (x86)\Bluestacks\HD-Agent.exe [974360 2016-07-21] (BlueStack Systems, Inc.)
HKU\S-1-5-21-2905555755-1986049447-1681868783-1001\...\Run: [Discord] => C:\Users\Mathéo\AppData\Local\Discord\app-0.0.295\Discord.exe [62385336 2016-08-01] (Hammer & Chisel, Inc.)
ShellIconOverlayIdentifiers: [###MegaShellExtPending] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => C:\Users\Mathéo\AppData\Local\MEGAsync\ShellExtX64.dll [2014-05-01] ()
ShellIconOverlayIdentifiers: [###MegaShellExtSynced] -> {05B38830-F4E9-4329-978B-1DD28605D202} => C:\Users\Mathéo\AppData\Local\MEGAsync\ShellExtX64.dll [2014-05-01] ()
ShellIconOverlayIdentifiers: [###MegaShellExtSyncing] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => C:\Users\Mathéo\AppData\Local\MEGAsync\ShellExtX64.dll [2014-05-01] ()
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2016-07-11] (AVAST Software)
ShellIconOverlayIdentifiers: [MyOverlayIcon] -> {B41B3408-923F-4B8B-85F2-146C509FA18C} => C:\Program Files (x86)\Bagerry\Katochdrcuk\Zoeght.dll [2016-08-13] ()
ShellIconOverlayIdentifiers-x32: [###MegaShellExtPending] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => C:\Users\Mathéo\AppData\Local\MEGAsync\ShellExtX32.dll [2014-05-01] ()
ShellIconOverlayIdentifiers-x32: [###MegaShellExtSynced] -> {05B38830-F4E9-4329-978B-1DD28605D202} => C:\Users\Mathéo\AppData\Local\MEGAsync\ShellExtX32.dll [2014-05-01] ()
ShellIconOverlayIdentifiers-x32: [###MegaShellExtSyncing] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => C:\Users\Mathéo\AppData\Local\MEGAsync\ShellExtX32.dll [2014-05-01] ()
==================== Internet (Avec liste blanche) ====================
(Si un élément est inclus dans le fichier fixlist.txt, s'il s'agit d'un élément du Registre, il sera supprimé ou restauré à la valeur par défaut.)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{40AAEA26-FEAF-44A9-9B69-5BF5CC31F1A2}: [DhcpNameServer] 192.168.1.1
Internet Explorer:
==================
HKU\S-1-5-21-2905555755-1986049447-1681868783-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://www.google.fr/
SearchScopes: HKU\S-1-5-21-2905555755-1986049447-1681868783-1001 -> {012E1000-F331-11DB-8314-0800200C9A66} URL = hxxp://www.google.com/search?q={searchTerms}
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2016-07-11] (AVAST Software)
BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2016-05-25] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_71\bin\ssv.dll [2016-01-26] (Oracle Corporation)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2016-07-11] (AVAST Software)
BHO-x32: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2016-05-25] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_71\bin\jp2ssv.dll [2016-01-26] (Oracle Corporation)
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2016-05-25] (Microsoft Corporation)
Handler-x32: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2016-05-25] (Microsoft Corporation)
FireFox:
========
FF ProfilePath: C:\Users\Mathéo\AppData\Roaming\Mozilla\Firefox\Profiles\61i47hxk.default-1464806750651
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_22_0_0_209.dll [2016-07-12] ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.50428.0\npctrl.dll [2016-04-27] ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_22_0_0_209.dll [2016-07-12] ()
FF Plugin-x32: @java.com/DTPlugin,version=11.71.2 -> C:\Program Files (x86)\Java\jre1.8.0_71\bin\dtplugin\npDeployJava1.dll [2016-01-26] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.71.2 -> C:\Program Files (x86)\Java\jre1.8.0_71\bin\plugin2\npjp2.dll [2016-01-26] (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.50428.0\npctrl.dll [2016-04-27] ( Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-07-29] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-07-29] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.2.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Extension: BetterTTV - C:\Users\Mathéo\AppData\Roaming\Mozilla\Firefox\Profiles\61i47hxk.default-1464806750651\Extensions\firefox@betterttv.net.xpi [2016-08-03]
FF Extension: Adblock Plus - C:\Users\Mathéo\AppData\Roaming\Mozilla\Firefox\Profiles\61i47hxk.default-1464806750651\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2016-06-01]
FF Extension: Skype - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}.xpi [2016-05-25]
FF HKLM\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2016-07-11]
FF HKLM\...\Firefox\Extensions: [sp@avast.com] - C:\Program Files\AVAST Software\Avast\SafePrice\FF
FF Extension: Avast SafePrice - C:\Program Files\AVAST Software\Avast\SafePrice\FF [2016-07-11]
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF HKLM-x32\...\Firefox\Extensions: [sp@avast.com] - C:\Program Files\AVAST Software\Avast\SafePrice\FF
Chrome:
=======
CHR Profile: C:\Users\Mathéo\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Slides) - C:\Users\Mathéo\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-10-27]
CHR Extension: (Google Docs) - C:\Users\Mathéo\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-10-27]
CHR Extension: (Google Drive) - C:\Users\Mathéo\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-10-27]
CHR Extension: (YouTube) - C:\Users\Mathéo\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-10-27]
CHR Extension: (Recherche Google) - C:\Users\Mathéo\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-10-27]
CHR Extension: (Avast SafePrice) - C:\Users\Mathéo\AppData\Local\Google\Chrome\User Data\Default\Extensions\eofcbnmajmjmplflapaojjnihcjkigck [2016-02-28]
CHR Extension: (Google Sheets) - C:\Users\Mathéo\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-10-27]
CHR Extension: (Google Docs hors connexion) - C:\Users\Mathéo\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-04-02]
CHR Extension: (Avast Online Security) - C:\Users\Mathéo\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2016-07-25]
CHR Extension: (Paiements via le Chrome Web Store) - C:\Users\Mathéo\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-05-17]
CHR Extension: (Gmail) - C:\Users\Mathéo\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-10-27]
CHR Extension: (Chrome Media Router) - C:\Users\Mathéo\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2016-08-13]
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChromeSp.crx [2015-08-02]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2015-08-02]
==================== Services (Avec liste blanche) ========================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [197128 2016-07-11] (AVAST Software)
S3 BstHdAndroidSvc; C:\Program Files (x86)\Bluestacks\HD-Service.exe [445976 2016-07-21] (BlueStack Systems, Inc.)
R2 BstHdLogRotatorSvc; C:\Program Files (x86)\Bluestacks\HD-LogRotatorService.exe [425496 2016-07-21] (BlueStack Systems, Inc.)
S3 BstHdPlusAndroidSvc; C:\Program Files (x86)\Bluestacks\HD-Plus-Service.exe [462360 2016-07-21] (BlueStack Systems, Inc.)
R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1364096 2016-05-25] (Microsoft Corporation)
R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1687680 2016-05-25] (Microsoft Corporation)
S3 Katochdrcuk System; C:\Program Files (x86)\Bagerry\Katochdrcuk\KtcsysCljagh.exe [291520 2016-08-13] ()
S2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1133880 2015-06-18] (Malwarebytes Corporation)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [366552 2015-07-07] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2015-07-07] (Microsoft Corporation)
===================== Pilotes (Avec liste blanche) ==========================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [37656 2016-07-11] (AVAST Software)
R1 aswKbd; C:\Windows\system32\drivers\aswKbd.sys [37144 2016-07-11] (AVAST Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [108304 2016-07-11] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [103064 2016-07-11] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [74544 2016-07-11] (AVAST Software)
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1070904 2016-07-11] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [473592 2016-07-13] (AVAST Software)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [162904 2016-07-11] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [292704 2016-08-05] (AVAST Software)
R3 athr; C:\Windows\system32\DRIVERS\athwnx.sys [3680256 2013-06-18] (Qualcomm Atheros Communications, Inc.)
S3 BstHdDrv; C:\Program Files (x86)\Bluestacks\HD-Hypervisor-amd64.sys [152672 2016-07-21] (BlueStack Systems)
S3 BstkDrv; C:\Program Files (x86)\Bluestacks\BstkDrv.sys [270904 2016-07-21] (Bluestack System Inc. )
S3 dtlitescsibus; C:\Windows\System32\drivers\dtlitescsibus.sys [30264 2016-08-12] (Disc Soft Ltd)
S3 dtliteusbbus; C:\Windows\System32\drivers\dtliteusbbus.sys [47672 2016-08-12] (Disc Soft Ltd)
S0 ebdrv; C:\Windows\System32\drivers\evbda.sys [3357024 2013-08-22] (Broadcom Corporation)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2015-06-18] (Malwarebytes Corporation)
S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [64216 2015-06-18] (Malwarebytes Corporation)
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44560 2015-07-07] (Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [270168 2015-07-07] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114520 2015-07-07] (Microsoft Corporation)
==================== NetSvcs (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
==================== Un mois - Créés - fichiers et dossiers ========
(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)
2016-08-14 00:04 - 2016-08-14 00:04 - 00015957 _____ C:\Users\Mathéo\Downloads\FRST.txt
2016-08-14 00:03 - 2016-08-14 00:04 - 00000000 ____D C:\FRST
2016-08-14 00:03 - 2016-08-14 00:03 - 02393600 _____ (Farbar) C:\Users\Mathéo\Downloads\FRST64.exe
2016-08-14 00:03 - 2016-08-14 00:03 - 02393600 _____ (Farbar) C:\Users\Mathéo\Downloads\FRST64 (1).exe
2016-08-13 23:09 - 2016-08-13 23:09 - 00000878 _____ C:\Users\Mathéo\Desktop\ZHPCleaner.lnk
2016-08-13 22:42 - 2016-08-13 23:23 - 00000868 _____ C:\Users\Mathéo\Desktop\ZHPDiag.lnk
2016-08-13 22:42 - 2016-08-13 22:42 - 02292224 _____ C:\Users\Mathéo\Downloads\ZHPDiag3(3).exe
2016-08-13 22:16 - 2016-08-13 22:16 - 00281048 _____ C:\Windows\Minidump\081316-21734-01.dmp
2016-08-13 22:04 - 2016-08-13 22:04 - 00621568 _____ (The OpenSSL Project, hxxp://www.openssl.org/) C:\Users\Mathéo\Downloads\libeay32.dll
2016-08-13 22:04 - 2016-08-13 22:04 - 00162304 _____ (The OpenSSL Project, hxxp://www.openssl.org/) C:\Users\Mathéo\Downloads\ssleay32.dll
2016-08-13 22:03 - 2016-08-14 00:04 - 00000000 ____D C:\Users\Mathéo\AppData\Local\Anicok
2016-08-13 22:03 - 2016-08-13 22:16 - 00000000 ____D C:\Program Files (x86)\Bagerry
2016-08-13 22:03 - 2016-08-13 22:03 - 00000000 ____D C:\Users\Math←o\AppData\Local\Anicok
2016-08-13 22:03 - 2016-08-13 22:03 - 00000000 ____D C:\Users\Math←o
2016-08-13 12:21 - 2016-08-13 12:21 - 00281048 _____ C:\Windows\Minidump\081316-22750-01.dmp
2016-08-12 15:21 - 2016-08-12 15:21 - 00000000 ____D C:\Users\Mathéo\AppData\Local\Disc_Soft_Ltd
2016-08-12 15:12 - 2016-08-12 15:12 - 00047672 _____ (Disc Soft Ltd) C:\Windows\system32\Drivers\dtliteusbbus.sys
2016-08-12 15:07 - 2016-08-12 15:07 - 00000000 ____D C:\Users\Public\Documents\Daemon Tools Images
2016-08-12 15:06 - 2016-08-12 15:12 - 00030264 _____ (Disc Soft Ltd) C:\Windows\system32\Drivers\dtlitescsibus.sys
2016-08-12 15:06 - 2016-08-12 15:12 - 00000000 ____D C:\Users\Mathéo\AppData\Roaming\DAEMON Tools Lite
2016-08-12 15:06 - 2016-08-12 15:06 - 00000000 ____D C:\ProgramData\DAEMON Tools Lite
2016-08-12 15:02 - 2016-08-12 15:02 - 00692072 _____ (Disc Soft Ltd.) C:\Users\Mathéo\Downloads\DTLiteInstaller-10.4.0.exe
2016-08-12 14:57 - 2016-08-12 15:10 - 1834647552 ____R C:\Users\Mathéo\Downloads\Rayman 3 jeu pc game Multi 5 verifier par bro.iso
2016-08-12 14:56 - 2016-08-12 14:57 - 00000000 ____D C:\Users\Mathéo\AppData\LocalLow\uTorrent
2016-08-12 14:54 - 2016-08-12 14:54 - 02370560 _____ (BitTorrent Inc.) C:\Users\Mathéo\Downloads\uTorrent.exe
2016-08-12 14:47 - 2016-08-12 14:47 - 00072361 _____ C:\Users\Mathéo\Downloads\rayman-3-hoodlum-havoc-pc.torrent
2016-08-12 14:37 - 2016-08-12 14:37 - 04463952 _____ (Igor Pavlov) C:\Users\Mathéo\Downloads\dolphin-4.0-win64.exe
2016-08-12 14:37 - 2016-08-12 14:37 - 00000000 ____D C:\Users\Mathéo\Documents\Dolphin Emulator
2016-08-12 14:37 - 2013-09-23 20:20 - 13477888 _____ C:\Users\Mathéo\Downloads\Dolphin.exe
2016-08-12 14:37 - 2013-09-23 20:20 - 00806912 _____ C:\Users\Mathéo\Downloads\DSPTool.exe
2016-08-12 14:37 - 2013-09-23 20:20 - 00000000 ____D C:\Users\Mathéo\Downloads\Sys
2016-08-12 14:37 - 2013-09-23 20:20 - 00000000 ____D C:\Users\Mathéo\Downloads\Languages
2016-08-12 14:37 - 2013-09-22 20:28 - 00057168 _____ (Microsoft Corporation) C:\Users\Mathéo\Downloads\vcomp100.dll
2016-08-12 14:37 - 2013-09-20 01:01 - 00417320 _____ C:\Users\Mathéo\Downloads\OpenAL32.dll
2016-08-12 14:37 - 2013-01-04 15:09 - 00000451 _____ C:\Users\Mathéo\Downloads\cpack_package_description.txt
2016-08-12 14:37 - 2011-09-29 00:53 - 00397824 _____ C:\Users\Mathéo\Downloads\SDL.dll
2016-08-12 14:37 - 2011-09-29 00:53 - 00018326 _____ C:\Users\Mathéo\Downloads\license.txt
2016-08-12 04:29 - 2016-08-12 04:29 - 00281048 _____ C:\Windows\Minidump\081216-19968-01.dmp
2016-08-12 01:36 - 2016-08-12 01:36 - 00000367 _____ C:\Users\Mathéo\Desktop\Nouveau document texte.txt
2016-08-11 19:55 - 2016-08-12 14:56 - 00000000 ____D C:\Users\Mathéo\Desktop\PAINT
2016-08-11 19:50 - 2016-08-11 19:51 - 00000000 ____D C:\Users\Mathéo\Documents\ShareX
2016-08-11 19:49 - 2016-08-11 19:49 - 04795684 _____ (ShareX Team ) C:\Users\Mathéo\Downloads\ShareX-11.1.0-setup.exe
2016-08-11 19:49 - 2016-08-11 19:49 - 00662208 _____ () C:\Users\Mathéo\Downloads\puush-installer.exe
2016-08-11 15:10 - 2016-08-11 15:10 - 00281048 _____ C:\Windows\Minidump\081116-23312-01.dmp
2016-08-11 03:02 - 2016-08-11 03:02 - 00281048 _____ C:\Windows\Minidump\081116-41906-01.dmp
2016-08-10 15:34 - 2016-08-10 15:34 - 00281048 _____ C:\Windows\Minidump\081016-28078-01.dmp
2016-08-10 13:22 - 2016-08-10 13:22 - 00281048 _____ C:\Windows\Minidump\081016-28843-01.dmp
2016-08-10 11:17 - 2016-06-18 22:06 - 00590688 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\fvevol.sys
2016-08-10 11:17 - 2016-06-18 22:06 - 00072408 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dumpfve.sys
2016-08-10 11:17 - 2016-06-11 21:52 - 00379232 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\storport.sys
2016-08-10 11:17 - 2016-06-11 21:52 - 00057184 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\stornvme.sys
2016-08-10 11:17 - 2016-06-11 20:05 - 00216576 _____ (Microsoft Corporation) C:\Windows\system32\gpresult.exe
2016-08-10 11:17 - 2016-06-11 18:50 - 00987136 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2016-08-10 11:17 - 2016-06-11 18:46 - 00482304 _____ (Microsoft Corporation) C:\Windows\system32\tpmvsc.dll
2016-08-10 11:17 - 2016-06-11 18:44 - 00509440 _____ (Microsoft Corporation) C:\Windows\system32\webio.dll
2016-08-10 11:17 - 2016-06-11 18:37 - 00796672 _____ (Microsoft Corporation) C:\Windows\system32\winhttp.dll
2016-08-10 11:17 - 2016-06-11 18:24 - 00800768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2016-08-10 11:17 - 2016-06-11 18:20 - 00413184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webio.dll
2016-08-10 11:17 - 2016-06-11 18:16 - 00626176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winhttp.dll
2016-08-10 11:17 - 2016-06-11 05:44 - 00107984 _____ (Microsoft Corporation) C:\Windows\system32\ncryptsslp.dll
2016-08-10 11:17 - 2016-06-11 05:44 - 00091416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncryptsslp.dll
2016-08-10 11:17 - 2016-06-10 23:34 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\storvsp.sys
2016-08-10 11:17 - 2016-06-10 22:07 - 03820544 _____ (Microsoft Corporation) C:\Windows\system32\rdpcore.dll
2016-08-10 11:17 - 2016-06-10 22:03 - 00432128 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2016-08-10 11:17 - 2016-06-10 21:04 - 03547136 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorets.dll
2016-08-10 11:17 - 2016-06-10 20:11 - 06521800 _____ (Microsoft Corporation) C:\Windows\system32\sppsvc.exe
2016-08-10 11:17 - 2016-06-10 20:11 - 01487992 _____ (Microsoft Corporation) C:\Windows\system32\sppobjs.dll
2016-08-10 11:17 - 2016-06-10 20:11 - 00261376 _____ (Microsoft Corporation) C:\Windows\system32\sppwinob.dll
2016-08-10 11:17 - 2016-06-10 20:11 - 00125024 _____ (Microsoft Corporation) C:\Windows\system32\cryptxml.dll
2016-08-10 11:17 - 2016-06-10 20:10 - 00099136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptxml.dll
2016-08-10 11:17 - 2016-06-10 20:07 - 03273728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rdpcore.dll
2016-08-10 11:17 - 2016-06-10 20:04 - 00357376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2016-08-10 11:17 - 2016-06-04 02:38 - 01613528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2016-08-10 11:17 - 2016-06-04 02:37 - 01970968 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2016-08-10 11:17 - 2016-05-29 09:08 - 22361344 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2016-08-10 11:17 - 2016-05-28 20:31 - 19788688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2016-08-10 11:17 - 2016-05-18 22:56 - 01291776 _____ (Microsoft Corporation) C:\Windows\system32\certutil.exe
2016-08-10 11:17 - 2016-05-18 22:28 - 02635264 _____ (Microsoft Corporation) C:\Windows\system32\CertEnroll.dll
2016-08-10 11:17 - 2016-05-18 22:16 - 02317824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\CertEnroll.dll
2016-08-10 11:17 - 2016-05-14 07:19 - 01134768 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2016-08-10 11:17 - 2016-05-14 01:08 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidclass.sys
2016-08-10 11:17 - 2016-05-14 01:08 - 00032768 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidusb.sys
2016-08-10 11:17 - 2016-05-14 00:24 - 00862720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2016-08-10 11:17 - 2016-05-13 23:42 - 03667968 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2016-08-10 11:17 - 2016-05-13 23:26 - 02230784 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2016-08-10 11:17 - 2016-05-13 23:26 - 00897024 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2016-08-10 11:17 - 2016-05-13 23:16 - 00727040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2016-08-10 11:17 - 2016-05-12 20:36 - 00034600 _____ (Microsoft Corporation) C:\Windows\system32\UserAccountBroker.exe
2016-08-10 11:17 - 2016-05-12 19:39 - 00030984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UserAccountBroker.exe
2016-08-10 11:17 - 2016-05-06 23:59 - 00331608 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Classpnp.sys
2016-08-10 11:17 - 2016-05-06 19:13 - 00138240 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dfsc.sys
2016-08-10 11:17 - 2016-05-05 20:28 - 01661072 _____ (Microsoft Corporation) C:\Windows\system32\ole32.dll
2016-08-10 11:17 - 2016-05-05 19:39 - 01212256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ole32.dll
2016-08-10 11:17 - 2016-05-05 19:18 - 00065024 _____ (Microsoft Corporation) C:\Windows\system32\msiexec.exe
2016-08-10 11:17 - 2016-05-05 19:02 - 03320832 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2016-08-10 11:17 - 2016-05-05 18:37 - 00059904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msiexec.exe
2016-08-10 11:17 - 2016-05-05 18:29 - 03607040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
2016-08-10 11:17 - 2016-04-16 15:56 - 01080320 _____ (Microsoft Corporation) C:\Windows\system32\IKEEXT.DLL
2016-08-10 11:17 - 2016-04-10 00:14 - 00306176 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Devices.Geolocation.dll
2016-08-10 11:17 - 2016-04-10 00:10 - 00816128 _____ (Microsoft Corporation) C:\Windows\system32\rpcss.dll
2016-08-10 11:17 - 2016-04-10 00:02 - 00346112 _____ (Microsoft Corporation) C:\Windows\system32\LocationApi.dll
2016-08-10 11:17 - 2016-04-09 23:59 - 00218112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Devices.Geolocation.dll
2016-08-10 11:17 - 2016-04-09 23:55 - 00881152 _____ (Microsoft Corporation) C:\Windows\system32\MPSSVC.dll
2016-08-10 11:17 - 2016-04-09 23:52 - 00281088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\LocationApi.dll
2016-08-10 11:17 - 2016-04-07 18:06 - 00927744 _____ (Microsoft Corporation) C:\Windows\system32\iphlpsvc.dll
2016-08-10 11:17 - 2016-04-06 23:21 - 00114528 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mup.sys
2016-08-10 11:17 - 2016-04-06 20:20 - 00559104 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\csc.sys
2016-08-10 11:17 - 2016-04-06 20:20 - 00402432 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdbss.sys
2016-08-10 11:17 - 2016-04-06 20:17 - 18825216 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Xaml.dll
2016-08-10 11:17 - 2016-04-06 18:25 - 15158272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.Xaml.dll
2016-08-10 11:17 - 2016-04-06 00:37 - 00205824 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ndiswan.sys
2016-08-10 11:16 - 2016-06-11 19:14 - 00192512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gpresult.exe
2016-08-10 11:16 - 2016-06-09 21:32 - 00228864 _____ (Microsoft Corporation) C:\Windows\system32\WebClnt.dll
2016-08-10 11:16 - 2016-06-09 20:18 - 00199168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WebClnt.dll
2016-08-10 11:16 - 2016-06-07 20:10 - 00083456 _____ (Microsoft Corporation) C:\Windows\system32\hbaapi.dll
2016-08-10 11:16 - 2016-06-07 19:13 - 00066560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\hbaapi.dll
2016-08-10 11:16 - 2016-05-18 23:54 - 00053248 _____ (Microsoft Corporation) C:\Windows\system32\certenc.dll
2016-08-10 11:16 - 2016-05-18 23:15 - 00044032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certenc.dll
2016-08-10 11:16 - 2016-05-18 22:33 - 01060352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certutil.exe
2016-08-10 11:16 - 2016-05-14 22:26 - 00136904 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2016-08-10 11:16 - 2016-05-14 01:08 - 00032512 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidparse.sys
2016-08-10 11:16 - 2016-05-13 23:30 - 00035840 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2016-08-10 11:16 - 2016-05-13 23:29 - 00140288 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2016-08-10 11:16 - 2016-05-13 23:27 - 00409088 _____ (Microsoft Corporation) C:\Windows\system32\WUSettingsProvider.dll
2016-08-10 11:16 - 2016-05-13 23:27 - 00095744 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2016-08-10 11:16 - 2016-05-13 23:18 - 00124928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2016-08-10 11:16 - 2016-05-13 23:18 - 00029696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2016-08-10 11:16 - 2016-05-13 23:16 - 00081920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2016-08-10 11:16 - 2016-05-05 18:34 - 00086016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\olepro32.dll
2016-08-10 11:16 - 2016-05-05 17:28 - 02778624 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2016-08-10 11:16 - 2016-05-05 17:16 - 02464768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2016-08-10 11:16 - 2016-04-10 07:35 - 00551256 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\vhdmp.sys
2016-08-10 11:16 - 2016-04-10 00:15 - 00026112 _____ (Microsoft Corporation) C:\Windows\system32\wfapigp.dll
2016-08-10 11:16 - 2016-04-10 00:09 - 00754176 _____ (Microsoft Corporation) C:\Windows\system32\FirewallAPI.dll
2016-08-10 11:16 - 2016-04-09 23:59 - 00020480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wfapigp.dll
2016-08-10 11:16 - 2016-04-09 23:56 - 00543232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\FirewallAPI.dll
2016-08-10 11:16 - 2016-04-02 16:09 - 00130560 _____ (Microsoft Corporation) C:\Windows\system32\BdeHdCfg.exe
2016-08-10 11:16 - 2016-04-02 15:58 - 00108032 _____ (Microsoft Corporation) C:\Windows\system32\BdeHdCfgLib.dll
2016-08-10 11:16 - 2016-04-01 19:40 - 00322048 _____ (Microsoft Corporation) C:\Windows\system32\fvecpl.dll
2016-08-10 11:16 - 2016-04-01 18:53 - 00348672 _____ (Microsoft Corporation) C:\Windows\system32\bdesvc.dll
2016-08-10 11:16 - 2016-04-01 18:50 - 00737280 _____ (Microsoft Corporation) C:\Windows\system32\fveapi.dll
2016-08-10 11:16 - 2016-02-04 18:57 - 00018944 _____ (Microsoft Corporation) C:\Windows\system32\httpprxp.dll
2016-08-10 11:16 - 2016-02-04 18:49 - 00125440 _____ (Microsoft Corporation) C:\Windows\system32\httpprxm.dll
2016-08-10 11:16 - 2016-02-04 18:39 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\adhsvc.dll
2016-08-10 11:13 - 2016-08-02 08:54 - 25808384 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2016-08-10 11:13 - 2016-08-02 08:32 - 02894336 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2016-08-10 11:13 - 2016-08-02 08:31 - 00572416 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2016-08-10 11:13 - 2016-08-02 08:20 - 00615936 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2016-08-10 11:13 - 2016-08-02 08:18 - 06047744 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2016-08-10 11:13 - 2016-08-02 08:18 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2016-08-10 11:13 - 2016-08-02 07:55 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2016-08-10 11:13 - 2016-08-02 07:54 - 20343808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2016-08-10 11:13 - 2016-08-02 07:51 - 00497664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2016-08-10 11:13 - 2016-08-02 07:47 - 02286592 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2016-08-10 11:13 - 2016-08-02 07:46 - 01032704 _____ (Microsoft Corporation) C:\Windows\system32\inetcomm.dll
2016-08-10 11:13 - 2016-08-02 07:41 - 00663552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2016-08-10 11:13 - 2016-08-02 07:40 - 00262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2016-08-10 11:13 - 2016-08-02 07:39 - 00378880 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2016-08-10 11:13 - 2016-08-02 07:38 - 00806400 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2016-08-10 11:13 - 2016-08-02 07:38 - 00724992 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2016-08-10 11:13 - 2016-08-02 07:36 - 02131456 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2016-08-10 11:13 - 2016-08-02 07:28 - 15412224 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2016-08-10 11:13 - 2016-08-02 07:23 - 02868224 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2016-08-10 11:13 - 2016-08-02 07:21 - 04608000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2016-08-10 11:13 - 2016-08-02 07:20 - 00880128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcomm.dll
2016-08-10 11:13 - 2016-08-02 07:15 - 00692736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2016-08-10 11:13 - 2016-08-02 07:15 - 00330752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2016-08-10 11:13 - 2016-08-02 07:14 - 02055680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2016-08-10 11:13 - 2016-08-02 07:11 - 13808128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2016-08-10 11:13 - 2016-08-02 07:10 - 01550848 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2016-08-10 11:13 - 2016-08-02 06:59 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2016-08-10 11:13 - 2016-08-02 06:56 - 02393088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2016-08-10 11:13 - 2016-08-02 06:53 - 01316352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2016-08-10 11:13 - 2016-08-02 06:51 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2016-08-10 11:13 - 2016-07-08 16:18 - 04169216 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2016-08-10 11:12 - 2016-07-12 16:08 - 00175616 _____ (Microsoft Corporation) C:\Windows\system32\TpmTasks.dll
2016-08-10 11:12 - 2016-07-09 02:09 - 00442712 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2016-08-10 11:12 - 2016-07-09 02:08 - 00332632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2016-08-10 11:12 - 2016-07-08 16:32 - 01753600 _____ (Microsoft Corporation) C:\Windows\system32\GdiPlus.dll
2016-08-10 11:12 - 2016-07-08 16:25 - 01491456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\GdiPlus.dll
2016-08-10 11:12 - 2016-07-08 16:22 - 01445376 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2016-08-10 11:12 - 2016-07-08 16:19 - 00840704 _____ (Microsoft Corporation) C:\Windows\system32\netlogon.dll
2016-08-10 11:12 - 2016-07-08 16:17 - 00696832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\netlogon.dll
2016-08-10 11:12 - 2016-07-08 00:33 - 00201728 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2016-08-10 11:12 - 2016-07-07 23:53 - 00445440 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll
2016-08-10 11:12 - 2016-07-07 22:06 - 00324096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certcli.dll
2016-08-10 11:12 - 2016-07-06 16:26 - 07793152 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Data.Pdf.dll
2016-08-10 11:12 - 2016-07-06 16:26 - 07075328 _____ (Microsoft Corporation) C:\Windows\system32\glcndFilter.dll
2016-08-10 11:12 - 2016-07-06 16:23 - 05270016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\glcndFilter.dll
2016-08-10 11:12 - 2016-07-06 16:21 - 05265920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Data.Pdf.dll
2016-08-10 11:12 - 2016-05-19 01:18 - 00563024 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys
2016-08-10 11:12 - 2016-05-19 01:18 - 00397232 _____ (Microsoft Corporation) C:\Windows\system32\bcryptprimitives.dll
2016-08-10 11:12 - 2016-05-19 01:16 - 00178016 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2016-08-10 11:12 - 2016-05-19 00:28 - 00340880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\bcryptprimitives.dll
2016-08-10 02:41 - 2016-08-10 02:41 - 00281048 _____ C:\Windows\Minidump\081016-23078-01.dmp
2016-08-09 14:39 - 2016-08-09 14:39 - 00281048 _____ C:\Windows\Minidump\080916-17500-01.dmp
2016-08-08 19:23 - 2016-08-13 22:16 - 00000000 ____D C:\Program Files\GamingMouse
2016-08-08 19:23 - 2016-08-13 22:09 - 00000000 ____D C:\Program Files (x86)\GamingMouse
2016-08-08 19:23 - 2016-08-08 19:23 - 00003552 _____ C:\Windows\System32\Tasks\GM-753TaskPlan
2016-08-06 17:58 - 2016-08-06 17:58 - 00281048 _____ C:\Windows\Minidump\080616-18406-01.dmp
2016-08-05 00:27 - 2016-08-05 00:27 - 00281048 _____ C:\Windows\Minidump\080516-21375-01.dmp
2016-08-03 15:53 - 2016-08-03 15:53 - 00281048 _____ C:\Windows\Minidump\080316-22015-01.dmp
2016-08-03 15:52 - 2016-08-13 22:16 - 819427606 _____ C:\Windows\MEMORY.DMP
2016-08-02 16:42 - 2016-08-02 16:42 - 00000000 ____D C:\Users\Mathéo\AppData\Roaming\Logitech
2016-08-02 16:42 - 2016-08-02 16:42 - 00000000 ____D C:\Users\Mathéo\AppData\Roaming\Logishrd
2016-08-02 16:39 - 2016-08-02 16:41 - 111858768 _____ (Logitech Inc.) C:\Users\Mathéo\Downloads\LGS_8.83.85_x86_Logitech.exe
2016-08-02 00:07 - 2016-08-02 00:07 - 00798912 _____ (Adobe Systems Incorporated) C:\Users\Mathéo\Downloads\CreativeCloudSet-Up.exe
2016-08-02 00:04 - 2016-08-02 00:04 - 02588472 _____ C:\Users\Mathéo\Downloads\AdobeDownloadAssistant-CC.exe
2016-08-01 21:40 - 2016-08-01 22:47 - 00000000 ____D C:\Users\Mathéo\AppData\Local\Discord
2016-07-31 18:52 - 2016-07-31 23:39 - 00000000 ____D C:\Users\Mathéo\Desktop\Game Of Thrones
2016-07-30 21:17 - 2016-08-01 22:47 - 00002216 _____ C:\Users\Mathéo\Desktop\Discord.lnk
2016-07-24 10:17 - 2016-07-24 10:17 - 05522887 _____ C:\Users\Mathéo\Downloads\com.kingroot.kinguser-4.5.0-120-minAPI8.apk
2016-07-24 10:07 - 2016-07-24 10:07 - 00001838 _____ C:\Users\Public\Desktop\BlueStacks.lnk
2016-07-24 10:07 - 2016-07-24 10:07 - 00001838 _____ C:\ProgramData\Microsoft\Windows\Start Menu\BlueStacks.lnk
2016-07-24 10:07 - 2016-07-24 10:07 - 00000000 ____D C:\ProgramData\Bluestacks
2016-07-24 10:07 - 2016-07-24 10:07 - 00000000 ____D C:\Program Files (x86)\Bluestacks
2016-07-23 21:52 - 2016-07-24 10:06 - 280942232 _____ (BlueStack Systems Inc.) C:\Users\Mathéo\Downloads\BlueStacks2_native_074331af4373fa3b51cda36b059502d0.exe
2016-07-23 21:40 - 2015-09-16 08:07 - 00127432 _____ (BigNox Corporation) C:\Windows\system32\Drivers\VBoxUSBMon.sys
2016-07-23 21:40 - 2015-09-16 05:29 - 00253384 _____ (BigNox Corporation) C:\Windows\system32\Drivers\XQHDrv.sys
2016-07-23 21:13 - 2016-07-23 21:33 - 361482512 _____ (Duodian Technology Co. Ltd.) C:\Users\Mathéo\Downloads\nox_setup_v3.7.0.0_full_En_0720_pokemon(1).exe
2016-07-23 20:52 - 2016-07-23 20:52 - 00003274 _____ C:\Windows\System32\Tasks\{4CAC647B-0045-4E60-A357-816ECDBB871A}
2016-07-23 20:44 - 2016-07-23 21:47 - 00000000 ____D C:\Users\Mathéo\vmlogs
2016-07-23 20:44 - 2016-07-23 20:44 - 00000000 ____D C:\Users\Math�o\AppData\Local\Nox
2016-07-23 20:44 - 2016-07-23 20:44 - 00000000 ____D C:\Users\Mathéo\Nox_share
2016-07-23 20:44 - 2016-07-23 20:44 - 00000000 ____D C:\Users\Mathéo\AppData\Roaming\Microsoft\Windows\Start Menu\Nox
2016-07-23 20:43 - 2016-07-23 20:43 - 00000000 ____D C:\Program Files\DIFX
2016-07-23 20:42 - 2016-07-31 21:13 - 00000000 ____D C:\Users\Mathéo\AppData\Roaming\Nox
2016-07-23 20:42 - 2016-07-23 21:51 - 00000000 ____D C:\Users\Mathéo\AppData\Local\Nox
2016-07-23 20:32 - 2016-07-23 20:42 - 361482512 _____ (Duodian Technology Co. Ltd.) C:\Users\Mathéo\Downloads\nox_setup_v3.7.0.0_full_En_0720_pokemon.exe
2016-07-22 20:19 - 2016-07-22 20:19 - 00000000 ____D C:\Windows\EOONotify
==================== Un mois - Modifiés - fichiers et dossiers ========
(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)
2016-08-14 00:03 - 2015-10-27 23:35 - 00001096 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2016-08-13 23:42 - 2015-10-25 15:04 - 00001002 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2016-08-13 23:25 - 2016-06-02 21:19 - 00070868 _____ C:\Users\Mathéo\Desktop\ZHPDiag.txt
2016-08-13 23:24 - 2015-07-31 12:50 - 00000000 ____D C:\Users\Mathéo\AppData\Roaming\ZHP
2016-08-13 23:21 - 2015-10-27 23:35 - 00001092 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2016-08-13 23:21 - 2015-07-27 12:54 - 00000000 ____D C:\Program Files (x86)\Steam
2016-08-13 23:20 - 2013-08-22 16:45 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2016-08-13 23:19 - 2015-06-27 19:41 - 00000000 ____D C:\Users\Mathéo
2016-08-13 23:12 - 2016-06-29 16:57 - 00002485 _____ C:\Users\Mathéo\Desktop\ZHPCleaner.txt
2016-08-13 23:06 - 2015-06-27 21:20 - 00000000 ____D C:\Users\Mathéo\AppData\Roaming\Skype
2016-08-13 22:41 - 2015-06-29 00:05 - 02108928 ___SH C:\Users\Mathéo\Desktop\Thumbs.db
2016-08-13 22:29 - 2015-06-27 19:57 - 00003600 _____ C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-2905555755-1986049447-1681868783-1001
2016-08-13 22:18 - 2016-07-13 19:48 - 00000000 ____D C:\Users\Mathéo\AppData\Roaming\discord
2016-08-13 22:16 - 2015-06-27 21:31 - 00000000 ____D C:\Windows\Minidump
2016-08-13 22:04 - 2016-06-07 18:48 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2016-08-13 19:18 - 2015-06-27 21:18 - 00000000 ____D C:\Users\Mathéo\AppData\Local\Battle.net
2016-08-13 18:29 - 2015-06-27 20:01 - 00003944 _____ C:\Windows\System32\Tasks\User_Feed_Synchronization-{6AA305DD-7F2F-43A0-8BD2-1F89CE695CA2}
2016-08-13 18:08 - 2015-06-27 21:18 - 00000000 ____D C:\Program Files (x86)\Battle.net
2016-08-12 15:21 - 2016-06-10 20:16 - 00039936 ___SH C:\Users\Mathéo\Downloads\Thumbs.db
2016-08-12 15:12 - 2013-08-22 15:36 - 00000000 ____D C:\Windows\Inf
2016-08-12 14:23 - 2015-07-06 21:50 - 00000000 ____D C:\RomStation
2016-08-12 14:21 - 2014-03-18 12:12 - 01734474 _____ C:\Windows\system32\PerfStringBackup.INI
2016-08-12 14:21 - 2014-03-18 11:27 - 00774688 _____ C:\Windows\system32\perfh00C.dat
2016-08-12 14:21 - 2014-03-18 11:27 - 00151426 _____ C:\Windows\system32\perfc00C.dat
2016-08-11 22:58 - 2013-08-22 17:36 - 00000000 ____D C:\Windows\rescache
2016-08-11 19:56 - 2015-09-30 14:16 - 00000000 ____D C:\Users\Mathéo\Desktop\IMAGE-SCREEN
2016-08-10 21:20 - 2016-06-25 02:27 - 00000000 ____D C:\Users\Mathéo\BrawlhallaReplays
2016-08-10 14:31 - 2015-06-29 00:38 - 00000000 ____D C:\Program Files (x86)\Hearthstone
2016-08-10 13:29 - 2013-08-22 16:44 - 00337960 _____ C:\Windows\system32\FNTCACHE.DAT
2016-08-10 13:26 - 2013-08-22 17:36 - 00000000 ___RD C:\Windows\ToastData
2016-08-10 12:43 - 2013-08-22 17:36 - 00000000 ___HD C:\Program Files\WindowsApps
2016-08-10 12:43 - 2013-08-22 17:36 - 00000000 ____D C:\Windows\AppReadiness
2016-08-10 12:42 - 2013-08-22 17:20 - 00000000 ____D C:\Windows\CbsTemp
2016-08-10 12:41 - 2015-06-29 20:47 - 00000000 ____D C:\Windows\system32\MRT
2016-08-10 12:38 - 2015-06-29 20:47 - 147640136 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2016-08-10 12:37 - 2013-08-22 17:36 - 00000000 ____D C:\Windows\system32\SecureBootUpdates
2016-08-10 01:38 - 2016-05-05 08:29 - 00000000 ____D C:\Program Files (x86)\Overwatch
2016-08-09 14:50 - 2015-06-30 15:11 - 00000000 ____D C:\Users\Mathéo\AppData\Roaming\.minecraft
2016-08-08 22:07 - 2015-10-27 23:36 - 00002213 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-08-08 22:07 - 2015-10-27 23:36 - 00002201 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2016-08-08 12:28 - 2013-08-22 17:36 - 00000000 ____D C:\Windows\system32\NDF
2016-08-07 15:55 - 2015-07-10 00:53 - 00000810 _____ C:\Users\Mathéo\Desktop\Texte secret.txt
2016-08-05 12:53 - 2016-05-05 12:39 - 00001116 _____ C:\Users\Public\Desktop\Overwatch.lnk
2016-08-05 11:24 - 2015-08-02 11:08 - 00292704 _____ (AVAST Software) C:\Windows\system32\Drivers\aswvmm.sys
2016-08-05 01:08 - 2015-10-16 20:45 - 00000615 _____ C:\Users\Mathéo\Desktop\Anime !.txt
2016-08-03 14:02 - 2016-02-06 20:16 - 00000106 _____ C:\Users\Mathéo\Desktop\COMPTE KGS.txt
2016-08-02 00:07 - 2015-07-02 10:40 - 00000000 ____D C:\Users\Mathéo\AppData\Local\Adobe
2016-08-02 00:04 - 2015-06-27 19:41 - 00000000 ____D C:\Users\Mathéo\AppData\Roaming\Adobe
2016-08-01 22:47 - 2016-07-13 19:48 - 00000000 ____D C:\Users\Mathéo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Hammer & Chisel, Inc
2016-08-01 21:41 - 2016-07-13 19:47 - 00000000 ____D C:\Users\Mathéo\AppData\Local\SquirrelTemp
2016-07-31 19:21 - 2016-06-30 09:30 - 00000000 ____D C:\Users\Mathéo\Desktop\ALL RÊVES
2016-07-30 21:08 - 2013-08-22 15:25 - 00262144 ___SH C:\Windows\system32\config\BBI
2016-07-29 21:35 - 2016-03-24 18:09 - 00000000 ____D C:\ProgramData\BlueStacksSetup
2016-07-29 01:58 - 2015-10-27 23:35 - 00004068 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2016-07-29 01:58 - 2015-10-27 23:35 - 00003832 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2016-07-27 18:06 - 2015-06-27 21:20 - 00000000 ___RD C:\Program Files (x86)\Skype
2016-07-27 18:05 - 2015-06-27 21:20 - 00000000 ____D C:\ProgramData\Skype
2016-07-27 14:55 - 2016-07-02 18:06 - 00000000 ____D C:\Users\Mathéo\AppData\Local\osu!
2016-07-27 00:24 - 2015-06-27 20:07 - 00000000 ____D C:\Users\Mathéo\AppData\Local\ElevatedDiagnostics
2016-07-26 00:35 - 2015-07-30 13:58 - 00000008 _____ C:\Users\Mathéo\AppData\Roaming\DofusAppId1_1
2016-07-26 00:35 - 2015-06-29 10:05 - 00229850 _____ C:\Users\Mathéo\AppData\Localtransition_6ab9706d6cb0ecf5980ce4f6d1592009.ini
2016-07-26 00:34 - 2015-07-30 13:58 - 00000000 ____D C:\Users\Mathéo\AppData\Roaming\Dofus Beta
2016-07-26 00:28 - 2015-07-30 13:58 - 00000121 _____ C:\Users\Mathéo\AppData\Roaming\D2Info1
2016-07-24 10:07 - 2013-08-22 17:36 - 00000000 __RHD C:\Users\Public\Libraries
2016-07-23 20:54 - 2016-06-05 19:29 - 00000000 ____D C:\Windows\system32\appmgmt
2016-07-23 20:44 - 2015-07-09 00:57 - 00000000 ____D C:\Users\Mathéo\.android
2016-07-22 20:19 - 2015-06-29 22:35 - 00000000 ___SD C:\Windows\SysWOW64\GWX
2016-07-22 20:19 - 2015-06-29 22:35 - 00000000 ___SD C:\Windows\system32\GWX
==================== Fichiers à la racine de certains dossiers =======
2015-06-29 18:37 - 2016-04-30 16:32 - 0000117 _____ () C:\Users\Mathéo\AppData\Roaming\D2Info0
2015-07-30 13:58 - 2016-07-26 00:28 - 0000121 _____ () C:\Users\Mathéo\AppData\Roaming\D2Info1
2015-06-29 18:37 - 2016-04-30 16:31 - 0000008 _____ () C:\Users\Mathéo\AppData\Roaming\DofusAppId0_1
2015-07-06 01:15 - 2016-04-30 18:45 - 0000008 _____ () C:\Users\Mathéo\AppData\Roaming\DofusAppId0_2
2015-08-03 11:48 - 2016-04-17 19:54 - 0000008 _____ () C:\Users\Mathéo\AppData\Roaming\DofusAppId0_3
2016-02-18 11:01 - 2016-03-04 22:24 - 0000008 _____ () C:\Users\Mathéo\AppData\Roaming\DofusAppId0_4
2015-07-30 13:58 - 2016-07-26 00:35 - 0000008 _____ () C:\Users\Mathéo\AppData\Roaming\DofusAppId1_1
2015-10-02 18:48 - 2016-05-27 22:23 - 0000008 _____ () C:\Users\Mathéo\AppData\Roaming\DofusAppId1_2
2016-02-27 20:19 - 2016-05-18 22:12 - 0000008 _____ () C:\Users\Mathéo\AppData\Roaming\DofusAppId1_3
2016-04-19 19:37 - 2016-04-19 19:51 - 0000008 _____ () C:\Users\Mathéo\AppData\Roaming\DofusAppId1_4
==================== Bamital & volsnap =================
(Il n'y a pas de correction automatique pour les fichiers qui ne satisfont pas à la vérification.)
C:\Windows\system32\winlogon.exe => Le fichier est signé numériquement
C:\Windows\system32\wininit.exe => Le fichier est signé numériquement
C:\Windows\explorer.exe => Le fichier est signé numériquement
C:\Windows\SysWOW64\explorer.exe => Le fichier est signé numériquement
C:\Windows\system32\svchost.exe => Le fichier est signé numériquement
C:\Windows\SysWOW64\svchost.exe => Le fichier est signé numériquement
C:\Windows\system32\services.exe => Le fichier est signé numériquement
C:\Windows\system32\User32.dll => Le fichier est signé numériquement
C:\Windows\SysWOW64\User32.dll => Le fichier est signé numériquement
C:\Windows\system32\userinit.exe => Le fichier est signé numériquement
C:\Windows\SysWOW64\userinit.exe => Le fichier est signé numériquement
C:\Windows\system32\rpcss.dll => Le fichier est signé numériquement
C:\Windows\system32\dnsapi.dll => Le fichier est signé numériquement
C:\Windows\SysWOW64\dnsapi.dll => Le fichier est signé numériquement
C:\Windows\system32\Drivers\volsnap.sys => Le fichier est signé numériquement
LastRegBack: 2016-08-13 14:53
==================== Fin de FRST.txt ============================