Publicité
Publicité
Format du document : text/plain
Prévisualisation
Résultats d'analyse de Farbar Recovery Scan Tool (FRST) (x64) Version: 16-11-2016
Exécuté par Aleister Dardé (administrateur) sur PC-ALEISTER (18-11-2016 23:36:45)
Exécuté depuis C:\Users\Aleister Dardé\Desktop
Profils chargés: Aleister Dardé (Profils disponibles: Aleister Dardé)
Platform: Windows 10 Home Version 1607 (X64) Langue: Français (France)
Internet Explorer Version 11 (Navigateur par défaut: Chrome)
Mode d'amorçage: Normal
Tutoriel pour Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processus (Avec liste blanche) =================
(Si un élément est inclus dans le fichier fixlist.txt, le processus sera arrêté. Le fichier ne sera pas déplacé.)
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvscpapisvr.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\afwServ.exe
(Intel Corporation) C:\Windows\System32\ibtsiva.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Andrea Electronics Corporation) C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Qualcomm Atheros) C:\Program Files\Qualcomm Atheros\Network Manager\KillerService.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Alienware) C:\Program Files\Alienware\Command Center\AlienFusionService.exe
(Dell) C:\Program Files\Dell\Dell Foundation Services\DFSSvc.exe
(Dell Products, LP.) C:\Program Files (x86)\Dell Digital Delivery\DeliveryService.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(CyberLink) C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
(SoftThinks SAS) C:\Program Files (x86)\AlienRespawn\SftService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
() C:\Windows\System32\igfxTray.exe
(Dolby Laboratories Inc.) C:\Program Files\Dolby Digital Plus\ddp.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Alienware) C:\Program Files\Alienware\Command Center\AWCCServiceController.exe
(Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
(Alienware) C:\Program Files\Alienware\Command Center\AlienwareAlienFXController.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
() C:\Program Files (x86)\puush\puush.exe
(Alienware) C:\Program Files\Alienware\Command Center\AlienwareTactXMacroController.exe
(Alienware) C:\Program Files\Alienware\Command Center\AWCCApplicationWatcher32.exe
(Skillbrains) C:\Program Files (x86)\Skillbrains\lightshot\5.4.0.1\Lightshot.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe
(Alienware) C:\Program Files\Alienware\Command Center\AWCCApplicationWatcher64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
() C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.4.86.0_x64__kzf8qxf38zg5c\SkypeHost.exe
(CyberLink) C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Alienware) C:\Program Files\Alienware\Command Center\AlienFusionController.exe
(Microsoft Corporation) C:\Windows\System32\InstallAgent.exe
(Microsoft Corporation) C:\Windows\System32\InstallAgentUserBroker.exe
(Dell Inc.) C:\Program Files (x86)\Dell\SupportAssistAgent\bin\SupportAssistAgent.exe
(Skype Technologies) C:\Program Files (x86)\Skype\Browser\SkypeBrowserHost.exe
(Skype Technologies) C:\Program Files (x86)\Skype\Browser\SkypeBrowserHost.exe
(Microsoft Corporation) C:\Windows\System32\cmd.exe
(Microsoft Corporation) C:\Windows\System32\PING.EXE
(SoftThinks - Dell) C:\Program Files (x86)\AlienRespawn\Components\DBRUpdate\DBRUpd.exe
(SoftThinks - Dell) C:\Program Files (x86)\AlienRespawn\Toaster.exe
(Dell Inc.) C:\Program Files\Dell\DellDataVault\DellDataVaultWiz.exe
(Dell Inc.) C:\Program Files\Dell\DellDataVault\DellDataVault.exe
() C:\Program Files (x86)\AlienRespawn\Components\Shell\DBRCrawler.exe
(Microsoft Corporation) C:\Windows\System32\perfmon.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe
() C:\Program Files\WindowsApps\Microsoft.Windows.Photos_16.722.10060.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
(Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsStore_11608.1001.49.0_x64__8wekyb3d8bbwe\WinStore.Mobile.exe
(Malwarebytes) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
(Malwarebytes) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
(Malwarebytes) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
() C:\Program Files (x86)\Azote\Azote.exe
() C:\Riot Games\League of Legends\RADS\system\rads_user_kernel.exe
() C:\Riot Games\League of Legends\RADS\projects\lol_launcher\releases\0.0.1.32\deploy\LoLLauncher.exe
() C:\Riot Games\League of Legends\RADS\projects\lol_patcher\releases\0.0.0.72\deploy\LoLPatcher.exe
() C:\Riot Games\League of Legends\RADS\projects\lol_air_client\releases\0.0.1.230\deploy\LolClient.exe
(Microsoft Corporation) C:\Windows\System32\GameBarPresenceWriter.exe
(Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
==================== Registre (Avec liste blanche) ====================
(Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé. Le fichier ne sera pas déplacé.)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [8512760 2015-08-03] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_Dolby] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1411320 2015-08-03] (Realtek Semiconductor)
HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [287592 2013-08-07] (Intel Corporation)
HKLM\...\Run: [Command Center Controllers] => C:\Program Files\Alienware\Command Center\AWCCStartupOrchestrator.exe [13840 2013-11-04] (Alienware)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2234144 2014-01-21] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM\...\Run: [StageLightUpdate] => C:\Program Files\Stagelight\StagelightUpdate.exe [1397208 2014-08-21] ()
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [176952 2016-06-01] (Apple Inc.)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2774256 2013-08-13] (Synaptics Incorporated)
HKLM-x32\...\Run: [Lightshot] => C:\Program Files (x86)\Skillbrains\lightshot\Lightshot.exe
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [9107616 2016-09-30] (AVAST Software)
HKU\S-1-5-21-210949152-4154492894-2679096414-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [8853208 2016-05-13] (Piriform Ltd)
HKU\S-1-5-21-210949152-4154492894-2679096414-1001\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [27021952 2016-10-17] (Skype Technologies S.A.)
HKU\S-1-5-21-210949152-4154492894-2679096414-1001\...\Run: [BingSvc] => C:\Users\Aleister Dardé\AppData\Local\Microsoft\BingSvc\BingSvc.exe [144008 2015-11-05] (© 2015 Microsoft Corporation)
HKU\S-1-5-21-210949152-4154492894-2679096414-1001\...\Run: [puush] => C:\Program Files (x86)\puush\puush.exe [568904 2016-07-02] ()
HKU\S-1-5-21-210949152-4154492894-2679096414-1001\...\Run: [Saharash Updater] => C:\Program Files (x86)\Summer\Summer Updater.exe
HKU\S-1-5-21-210949152-4154492894-2679096414-1001\...\Policies\Explorer: [NoInternetOpenWith] 1
AppInit_DLLs: C:\Windows\system32\nvinitx.dll => C:\Windows\system32\nvinitx.dll [198880 2016-07-28] (NVIDIA Corporation)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2016-09-10] (AVAST Software)
ShellIconOverlayIdentifiers: [DBARFileBackuped] -> {831cebdd-6baf-4432-be76-9e0989c14aef} => C:\WINDOWS\system32\mscoree.dll [2016-07-16] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [DBARFileNotBackuped] -> {275e4fd7-21ef-45cf-a836-832e5d2cc1b3} => C:\WINDOWS\system32\mscoree.dll [2016-07-16] (Microsoft Corporation)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Killer Network Manager.lnk [2014-11-19]
ShortcutTarget: Killer Network Manager.lnk -> C:\Windows\Installer\{F9D8E17A-8670-4D39-AFBE-9B599BB85B1A}\NetworkManager.exe_130C27D738F34C89BDDF21BCFD74B56D.exe (Flexera Software LLC)
GroupPolicy: Restriction <======= ATTENTION
==================== Internet (Avec liste blanche) ====================
(Si un élément est inclus dans le fichier fixlist.txt, s'il s'agit d'un élément du Registre, il sera supprimé ou restauré à la valeur par défaut.)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1 192.168.1.1
Tcpip\..\Interfaces\{33bcda30-f417-4d3d-9bc5-b63216feda7c}: [DhcpNameServer] 192.168.1.1 192.168.1.1
Tcpip\..\Interfaces\{758b7dd5-8b67-42e7-9495-1d97df76758f}: [NameServer] 82.163.143.171 82.163.142.173
Tcpip\..\Interfaces\{758b7dd5-8b67-42e7-9495-1d97df76758f}: [DhcpNameServer] 82.163.143.171
Tcpip\..\Interfaces\{a86583a2-3d8e-47db-9203-d6712c5a3452}: [NameServer] 82.163.143.171 82.163.142.173
Tcpip\..\Interfaces\{c90527db-381a-42b7-ac60-6355efd10b4f}: [DhcpNameServer] 172.20.10.1
Tcpip\..\Interfaces\{dc411e37-a5c2-461a-bd26-43e1801da558}: [DhcpNameServer] 192.168.1.1 192.168.1.1
Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://fr.search.yahoo.com/yhs/web?hspart=iry&hsimp=yhs-fullyhosted_003&type=wbf_togoo_16_21¶m1=1¶m2=f%3D1%26b%3DIE%26cc%3Dfr%26pa%3DWincy%26cd%3D2XzuyEtN2Y1L1QzuyEzzyDtC0ByBtDyEzzyCtBzytBtAyDtBtN0D0Tzu0StCyCtDyCtN1L2XzutAtFtBtCtFtCtFyCtN1L1Czu1TtN1L1G1B1V1N2Y1L1Qzu2StCyD0F0B0FtA0C0EtGyDtCyB0EtGzy0E0F0EtGtA0B0DtBtG0D0F0D0ByEtCyCyBzz0DyEzy2QtN1M1F1B2Z1V1N2Y1L1Qzu2S0DyE0FyD0D0B0A0EtGzy0CyByCtGyE0A0C0DtGzy0E0AzytGyByE0EtCyCzztBzyzztBtDyE2QtN0A0LzuyE%26cr%3D1628008856%26a%3Dwbf_togoo_16_21%26os_ver%3D10.0%26os%3DWindows%2B10%2BHome
HKU\S-1-5-21-210949152-4154492894-2679096414-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.msn.com/?pc=SK216&ocid=SK216DHP&osmkt=fr-fr
HKU\S-1-5-21-210949152-4154492894-2679096414-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://dell13.msn.com/?pc=DCJB
HKU\S-1-5-21-210949152-4154492894-2679096414-1001\Software\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = hxxp://www.alienwarearena.com/welcome-fr
HKU\S-1-5-21-210949152-4154492894-2679096414-1001\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://www.alienwarearena.com/welcome-fr
SearchScopes: HKLM -> DefaultScope {BD4871B2-3B65-4360-8CF5-30555D0F43E7} URL = hxxps://fr.search.yahoo.com/yhs/search?hspart=iry&hsimp=yhs-fullyhosted_003&type=wbf_togoo_16_21¶m1=1¶m2=f%3D4%26b%3DIE%26cc%3Dfr%26pa%3DWincy%26cd%3D2XzuyEtN2Y1L1QzuyEzzyDtC0ByBtDyEzzyCtBzytBtAyDtBtN0D0Tzu0StCyCtDyCtN1L2XzutAtFtBtCtFtCtFyCtN1L1Czu1TtN1L1G1B1V1N2Y1L1Qzu2StCyD0F0B0FtA0C0EtGyDtCyB0EtGzy0E0F0EtGtA0B0DtBtG0D0F0D0ByEtCyCyBzz0DyEzy2QtN1M1F1B2Z1V1N2Y1L1Qzu2S0DyE0FyD0D0B0A0EtGzy0CyByCtGyE0A0C0DtGzy0E0AzytGyByE0EtCyCzztBzyzztBtDyE2QtN0A0LzuyE%26cr%3D1628008856%26a%3Dwbf_togoo_16_21%26os_ver%3D10.0%26os%3DWindows%2B10%2BHome&p={searchTerms}
SearchScopes: HKLM -> {BD4871B2-3B65-4360-8CF5-30555D0F43E7} URL = hxxps://fr.search.yahoo.com/yhs/search?hspart=iry&hsimp=yhs-fullyhosted_003&type=wbf_togoo_16_21¶m1=1¶m2=f%3D4%26b%3DIE%26cc%3Dfr%26pa%3DWincy%26cd%3D2XzuyEtN2Y1L1QzuyEzzyDtC0ByBtDyEzzyCtBzytBtAyDtBtN0D0Tzu0StCyCtDyCtN1L2XzutAtFtBtCtFtCtFyCtN1L1Czu1TtN1L1G1B1V1N2Y1L1Qzu2StCyD0F0B0FtA0C0EtGyDtCyB0EtGzy0E0F0EtGtA0B0DtBtG0D0F0D0ByEtCyCyBzz0DyEzy2QtN1M1F1B2Z1V1N2Y1L1Qzu2S0DyE0FyD0D0B0A0EtGzy0CyByCtGyE0A0C0DtGzy0E0AzytGyByE0EtCyCzztBzyzztBtDyE2QtN0A0LzuyE%26cr%3D1628008856%26a%3Dwbf_togoo_16_21%26os_ver%3D10.0%26os%3DWindows%2B10%2BHome&p={searchTerms}
SearchScopes: HKLM-x32 -> DefaultScope {BD4871B2-3B65-4360-8CF5-30555D0F43E7} URL = hxxps://fr.search.yahoo.com/yhs/search?hspart=iry&hsimp=yhs-fullyhosted_003&type=wbf_togoo_16_21¶m1=1¶m2=f%3D4%26b%3DIE%26cc%3Dfr%26pa%3DWincy%26cd%3D2XzuyEtN2Y1L1QzuyEzzyDtC0ByBtDyEzzyCtBzytBtAyDtBtN0D0Tzu0StCyCtDyCtN1L2XzutAtFtBtCtFtCtFyCtN1L1Czu1TtN1L1G1B1V1N2Y1L1Qzu2StCyD0F0B0FtA0C0EtGyDtCyB0EtGzy0E0F0EtGtA0B0DtBtG0D0F0D0ByEtCyCyBzz0DyEzy2QtN1M1F1B2Z1V1N2Y1L1Qzu2S0DyE0FyD0D0B0A0EtGzy0CyByCtGyE0A0C0DtGzy0E0AzytGyByE0EtCyCzztBzyzztBtDyE2QtN0A0LzuyE%26cr%3D1628008856%26a%3Dwbf_togoo_16_21%26os_ver%3D10.0%26os%3DWindows%2B10%2BHome&p={searchTerms}
SearchScopes: HKLM-x32 -> {BD4871B2-3B65-4360-8CF5-30555D0F43E7} URL = hxxps://fr.search.yahoo.com/yhs/search?hspart=iry&hsimp=yhs-fullyhosted_003&type=wbf_togoo_16_21¶m1=1¶m2=f%3D4%26b%3DIE%26cc%3Dfr%26pa%3DWincy%26cd%3D2XzuyEtN2Y1L1QzuyEzzyDtC0ByBtDyEzzyCtBzytBtAyDtBtN0D0Tzu0StCyCtDyCtN1L2XzutAtFtBtCtFtCtFyCtN1L1Czu1TtN1L1G1B1V1N2Y1L1Qzu2StCyD0F0B0FtA0C0EtGyDtCyB0EtGzy0E0F0EtGtA0B0DtBtG0D0F0D0ByEtCyCyBzz0DyEzy2QtN1M1F1B2Z1V1N2Y1L1Qzu2S0DyE0FyD0D0B0A0EtGzy0CyByCtGyE0A0C0DtGzy0E0AzytGyByE0EtCyCzztBzyzztBtDyE2QtN0A0LzuyE%26cr%3D1628008856%26a%3Dwbf_togoo_16_21%26os_ver%3D10.0%26os%3DWindows%2B10%2BHome&p={searchTerms}
SearchScopes: HKU\S-1-5-21-210949152-4154492894-2679096414-1001 -> {BD4871B2-3B65-4360-8CF5-30555D0F43E7} URL = hxxps://fr.search.yahoo.com/yhs/search?hspart=iry&hsimp=yhs-fullyhosted_003&type=wbf_togoo_16_21¶m1=1¶m2=f%3D4%26b%3DIE%26cc%3Dfr%26pa%3DWincy%26cd%3D2XzuyEtN2Y1L1QzuyEzzyDtC0ByBtDyEzzyCtBzytBtAyDtBtN0D0Tzu0StCyCtDyCtN1L2XzutAtFtBtCtFtCtFyCtN1L1Czu1TtN1L1G1B1V1N2Y1L1Qzu2StCyD0F0B0FtA0C0EtGyDtCyB0EtGzy0E0F0EtGtA0B0DtBtG0D0F0D0ByEtCyCyBzz0DyEzy2QtN1M1F1B2Z1V1N2Y1L1Qzu2S0DyE0FyD0D0B0A0EtGzy0CyByCtGyE0A0C0DtGzy0E0AzytGyByE0EtCyCzztBzyzztBtDyE2QtN0A0LzuyE%26cr%3D1628008856%26a%3Dwbf_togoo_16_21%26os_ver%3D10.0%26os%3DWindows%2B10%2BHome&p={searchTerms}
FireFox:
========
FF HKLM\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: (Avast Online Security) - C:\Program Files\AVAST Software\Avast\WebRep\FF [2016-09-10]
FF HKLM\...\Firefox\Extensions: [sp@avast.com] - C:\Program Files\AVAST Software\Avast\SafePrice\FF
FF Extension: (Avast SafePrice) - C:\Program Files\AVAST Software\Avast\SafePrice\FF [2016-09-10]
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF HKLM-x32\...\Firefox\Extensions: [sp@avast.com] - C:\Program Files\AVAST Software\Avast\SafePrice\FF
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2015-12-18] ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-09-18] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-09-18] (Intel Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2016-06-29] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2016-06-29] (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-07-28] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-07-28] (Google Inc.)
Chrome:
=======
CHR Profile: C:\Users\Aleister Dardé\AppData\Local\Google\Chrome\User Data\Default [2016-11-18]
CHR Extension: (Google Docs) - C:\Users\Aleister Dardé\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2016-05-28]
CHR Extension: (Google Drive) - C:\Users\Aleister Dardé\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-05-28]
CHR Extension: (YouTube) - C:\Users\Aleister Dardé\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-05-28]
CHR Extension: (Google Sheets) - C:\Users\Aleister Dardé\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2016-05-28]
CHR Extension: (Google Docs hors connexion) - C:\Users\Aleister Dardé\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-05-28]
CHR Extension: (Paiements via le Chrome Web Store) - C:\Users\Aleister Dardé\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-05-28]
CHR Extension: (Gmail) - C:\Users\Aleister Dardé\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-05-28]
CHR Extension: (Chrome Media Router) - C:\Users\Aleister Dardé\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2016-11-16]
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - hxxps://clients2.google.com/service/update2/crx
==================== Services (Avec liste blanche) ====================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [83768 2016-03-02] (Apple Inc.)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [197128 2016-09-10] (AVAST Software)
R2 avast! Firewall; C:\Program Files\AVAST Software\Avast\afwServ.exe [223600 2016-09-10] (AVAST Software)
R2 Dell Foundation Services; C:\Program Files\Dell\Dell Foundation Services\DFSSvc.exe [153960 2016-04-29] (Dell)
R2 DellDataVault; C:\Program Files\Dell\DellDataVault\DellDataVault.exe [2572024 2016-06-23] (Dell Inc.)
R2 DellDataVaultWiz; C:\Program Files\Dell\DellDataVault\DellDataVaultWiz.exe [202488 2016-06-23] (Dell Inc.)
R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [15720 2013-08-07] (Intel Corporation)
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe [73728 2004-10-22] (Macrovision Corporation) [Fichier non signé]
R2 igfxCUIService2.0.0.0; C:\WINDOWS\system32\igfxCUIService.exe [374360 2016-05-27] (Intel Corporation)
R2 Intel(R) Capability Licensing Service Interface; c:\Program Files\Intel\iCLS Client\HeciServer.exe [747520 2013-08-27] (Intel(R) Corporation) [Fichier non signé]
S3 Intel(R) Capability Licensing Service TCP IP Interface; c:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [828376 2013-08-27] (Intel(R) Corporation)
S3 ioloEnergyBooster; C:\Program Files\Alienware\Command Center\ioloEnergyBooster.exe [6145872 2012-11-01] (iolo technologies, LLC)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-09-18] (Intel Corporation)
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1514464 2016-03-10] (Malwarebytes)
R2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1136608 2016-03-10] (Malwarebytes)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1593632 2014-01-21] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [16939296 2014-01-21] (NVIDIA Corporation)
R2 Qualcomm Atheros Killer Service V2; C:\Program Files\Qualcomm Atheros\Network Manager\KillerService.exe [343040 2013-08-07] (Qualcomm Atheros) [Fichier non signé]
R2 RichVideo; C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe [253776 2013-07-30] (CyberLink)
R2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [312056 2015-08-03] (Realtek Semiconductor)
R2 SupportAssistAgent; C:\Program Files (x86)\Dell\SupportAssistAgent\bin\SupportAssistAgent.exe [31704 2016-09-09] (Dell Inc.)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [347328 2016-07-16] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [103720 2016-07-16] (Microsoft Corporation)
R2 ibtsiva; %SystemRoot%\system32\ibtsiva [X]
===================== Pilotes (Avec liste blanche) ======================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
S3 aswHwid; C:\WINDOWS\system32\drivers\aswHwid.sys [37656 2016-09-10] (AVAST Software)
R1 aswKbd; C:\WINDOWS\system32\drivers\aswKbd.sys [37144 2016-09-10] (AVAST Software)
R2 aswMonFlt; C:\WINDOWS\system32\drivers\aswMonFlt.sys [108816 2016-09-10] (AVAST Software)
R1 aswNetSec; C:\WINDOWS\system32\drivers\aswNetSec.sys [453192 2016-09-10] (AVAST Software)
R1 aswRdr; C:\WINDOWS\system32\drivers\aswRdr2.sys [103064 2016-09-10] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [74544 2016-09-10] (AVAST Software)
R1 aswSnx; C:\WINDOWS\system32\drivers\aswSnx.sys [969184 2016-09-30] (AVAST Software)
R1 aswSP; C:\WINDOWS\system32\drivers\aswSP.sys [513632 2016-09-30] (AVAST Software)
R2 aswStm; C:\WINDOWS\system32\drivers\aswStm.sys [163416 2016-09-10] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [293352 2016-11-18] (AVAST Software)
R1 BfLwf; C:\WINDOWS\system32\DRIVERS\bwcW8x64.sys [75056 2013-02-13] (Qualcomm Atheros, Inc.)
R1 CLVirtualDrive; C:\WINDOWS\system32\DRIVERS\CLVirtualDrive.sys [91712 2013-03-05] (CyberLink)
R3 DDDriver; C:\WINDOWS\system32\drivers\DDDriver64Dcsa.sys [32464 2016-01-05] (Dell Computer Corporation)
R3 DellProf; C:\WINDOWS\system32\drivers\DellProf.sys [24240 2016-01-05] (Dell Computer Corporation)
R3 DellRbtn; C:\WINDOWS\System32\drivers\DellRbtn.sys [10752 2013-01-25] (OSR Open Systems Resources, Inc.)
R0 EMSC; C:\WINDOWS\System32\drivers\EMSC.SYS [17720 2012-07-10] ()
R0 EMSC; C:\Windows\SysWOW64\drivers\EMSC.SYS [15160 2012-07-10] ()
R3 ibtusb; C:\WINDOWS\system32\DRIVERS\ibtusb.sys [349960 2016-07-12] (Intel Corporation)
R3 Ke2200; C:\WINDOWS\System32\drivers\e22w8x64.sys [163536 2013-03-20] (Qualcomm Atheros, Inc.)
R3 MBAMProtector; C:\WINDOWS\system32\drivers\mbam.sys [27008 2016-03-10] (Malwarebytes)
R3 MBAMSwissArmy; C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [192216 2016-11-18] (Malwarebytes)
R3 MBAMWebAccessControl; C:\WINDOWS\system32\drivers\mwac.sys [65408 2016-03-10] (Malwarebytes Corporation)
R3 MEIx64; C:\WINDOWS\system32\DRIVERS\TeeDriverx64.sys [99288 2013-09-18] (Intel Corporation)
S3 NetAdapterCx; C:\WINDOWS\System32\drivers\NetAdapterCx.sys [90624 2016-07-16] ()
R3 NETwNb64; C:\WINDOWS\System32\drivers\Netwbw02.sys [3485696 2016-07-16] (Intel Corporation)
R3 nvvad_WaveExtensible; C:\WINDOWS\system32\drivers\nvvad64v.sys [39200 2013-12-27] (NVIDIA Corporation)
R3 SmbDrvI; C:\WINDOWS\system32\DRIVERS\Smb_driver_Intel.sys [34544 2013-08-13] (Synaptics Incorporated)
R3 ST_Accel; C:\WINDOWS\system32\DRIVERS\ST_Accel.sys [83456 2013-08-06] (STMicroelectronics)
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [44056 2016-07-16] (Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [290144 2016-07-16] (Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [123232 2016-07-16] (Microsoft Corporation)
==================== NetSvcs (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
==================== Un mois - Créés - fichiers et dossiers ========
(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)
2016-11-18 23:36 - 2016-11-18 23:37 - 00026226 _____ C:\Users\Aleister Dardé\Desktop\FRST.txt
2016-11-18 23:36 - 2016-11-18 23:36 - 00000204 _____ C:\Users\Aleister Dardé\Downloads\fixlist.txt
2016-11-18 23:36 - 2016-11-18 23:36 - 00000204 _____ C:\Users\Aleister Dardé\Desktop\fixlist.txt
2016-11-18 22:29 - 2016-11-18 22:29 - 00019489 _____ C:\Users\Aleister Dardé\Documents\MBAM.txt
2016-11-18 22:26 - 2016-11-18 22:38 - 00000000 ____D C:\Users\Aleister Dardé\AppData\Local\CrashDumps
2016-11-18 22:20 - 2016-11-18 23:25 - 00192216 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2016-11-18 22:19 - 2016-11-18 22:19 - 00001173 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2016-11-18 22:19 - 2016-11-18 22:19 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2016-11-18 22:19 - 2016-11-18 22:19 - 00000000 ____D C:\ProgramData\Malwarebytes
2016-11-18 22:19 - 2016-11-18 22:19 - 00000000 ____D C:\Program Files (x86)\Malwarebytes Anti-Malware
2016-11-18 22:19 - 2016-03-10 14:09 - 00065408 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mwac.sys
2016-11-18 22:19 - 2016-03-10 14:08 - 00140672 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamchameleon.sys
2016-11-18 22:19 - 2016-03-10 14:08 - 00027008 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbam.sys
2016-11-18 22:18 - 2016-11-18 22:19 - 22851472 _____ (Malwarebytes ) C:\Users\Aleister Dardé\Downloads\mbam-setup-cnet.35891-2.2.1.1043.exe
2016-11-18 22:17 - 2016-11-18 22:17 - 00007582 _____ C:\Users\Aleister Dardé\Documents\RogueKiller.txt
2016-11-18 21:42 - 2016-11-18 22:21 - 00000000 ____D C:\ProgramData\RogueKiller
2016-11-18 21:42 - 2016-11-18 21:42 - 00028272 _____ C:\WINDOWS\system32\Drivers\TrueSight.sys
2016-11-18 21:41 - 2016-11-18 21:42 - 25537096 _____ C:\Users\Aleister Dardé\Downloads\RogueKillerX64.exe
2016-11-18 21:37 - 2016-11-18 21:38 - 00000000 ____D C:\AdwCleaner
2016-11-18 21:37 - 2016-11-18 21:37 - 03910208 _____ C:\Users\Aleister Dardé\Downloads\adwcleaner_6.030.exe
2016-11-18 21:24 - 2016-11-18 21:24 - 00007179 _____ C:\Users\Aleister Dardé\Desktop\ZHPCleaner.txt
2016-11-18 21:19 - 2016-11-18 21:19 - 02504704 _____ C:\Users\Aleister Dardé\Downloads\ZHPCleaner.exe
2016-11-18 21:19 - 2016-11-18 21:19 - 00000886 _____ C:\Users\Aleister Dardé\Desktop\ZHPCleaner.lnk
2016-11-18 21:12 - 2016-11-18 23:36 - 00000000 ____D C:\FRST
2016-11-18 21:12 - 2016-11-18 21:12 - 02412032 _____ (Farbar) C:\Users\Aleister Dardé\Desktop\FRST64.exe
2016-11-18 21:07 - 2016-11-18 21:08 - 00000000 ____D C:\Program Files (x86)\Azote
2016-11-18 21:07 - 2016-11-18 21:07 - 00001034 _____ C:\Users\Public\Desktop\Azote.lnk
2016-11-18 21:07 - 2016-11-18 21:07 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AzoteLauncher
2016-11-18 21:05 - 2016-11-18 21:06 - 07282463 _____ (Azote ) C:\Users\Aleister Dardé\Downloads\Azote_Setup.exe
2016-11-18 21:03 - 2016-11-18 21:03 - 00000000 __HDC C:\ProgramData\{A328A61B-C332-4C8C-A740-42F7F71DC398}
2016-11-16 14:42 - 2016-11-16 14:42 - 00132091 _____ C:\Users\Aleister Dardé\Documents\rapport.txt
2016-11-16 14:33 - 2016-11-16 14:33 - 00132677 _____ C:\Users\Aleister Dardé\Desktop\ZHPDiag.txt
2016-11-16 14:28 - 2016-11-18 21:25 - 00000000 ____D C:\Users\Aleister Dardé\AppData\Roaming\ZHP
2016-11-16 14:28 - 2016-11-16 14:32 - 00000876 _____ C:\Users\Aleister Dardé\Desktop\ZHPDiag.lnk
2016-11-16 14:28 - 2016-11-16 14:32 - 00000212 _____ C:\Users\Aleister
2016-11-16 14:27 - 2016-11-16 14:28 - 02449408 _____ C:\Users\Aleister Dardé\Downloads\ZHPDiag3.exe
==================== Un mois - Modifiés - fichiers et dossiers ========
(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)
2016-11-18 23:37 - 2016-05-27 19:27 - 00000000 ____D C:\Users\Aleister Dardé\AppData\Roaming\Skype
2016-11-18 23:20 - 2016-07-16 23:40 - 00744664 _____ C:\WINDOWS\system32\perfh00C.dat
2016-11-18 23:20 - 2016-07-16 23:40 - 00147268 _____ C:\WINDOWS\system32\perfc00C.dat
2016-11-18 23:20 - 2016-05-22 09:41 - 01889880 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2016-11-18 23:11 - 2016-09-25 17:15 - 00000000 ____D C:\WINDOWS\system32\SleepStudy
2016-11-18 23:06 - 2016-07-16 12:36 - 00000000 ____D C:\WINDOWS\CbsTemp
2016-11-18 21:59 - 2016-05-28 11:19 - 00293352 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswvmm.sys
2016-11-18 21:05 - 2016-05-28 11:35 - 00002272 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-11-18 21:05 - 2016-05-28 11:35 - 00002260 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2016-11-18 21:04 - 2014-11-19 03:04 - 00000000 ____D C:\Program Files (x86)\AlienRespawn
2016-11-18 21:02 - 2016-09-25 17:22 - 00000000 ____D C:\Users\Aleister Dardé
2016-11-18 21:02 - 2016-05-22 10:06 - 00000000 ____D C:\ProgramData\SupportAssistAgent
2016-11-18 20:58 - 2016-09-25 17:17 - 00000180 _____ C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2016-11-18 20:58 - 2016-05-21 20:03 - 00000000 __SHD C:\Users\Aleister Dardé\IntelGraphicsProfiles
2016-11-16 14:31 - 2016-07-05 21:34 - 00000000 ____D C:\Program Files (x86)\Summer
2016-11-16 14:25 - 2016-09-09 20:45 - 00000000 ____D C:\Program Files (x86)\Kelba
2016-11-16 14:20 - 2016-09-25 17:34 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2016-11-16 14:17 - 2016-09-25 17:18 - 00000000 ____D C:\ProgramData\NVIDIA
2016-11-16 14:17 - 2016-07-16 07:04 - 00786432 _____ C:\WINDOWS\system32\config\BBI
2016-11-16 14:16 - 2016-09-25 18:13 - 00000000 ___DC C:\WINDOWS\Panther
2016-11-16 14:16 - 2016-07-16 12:45 - 00000000 ____D C:\WINDOWS\INF
2016-11-16 14:16 - 2014-11-19 03:02 - 00000000 ____D C:\Program Files (x86)\Steam
2016-11-16 14:15 - 2016-08-30 14:31 - 00007598 _____ C:\Users\Aleister Dardé\AppData\Local\Resmon.ResmonCfg
2016-11-16 13:58 - 2016-06-24 12:07 - 00000000 ____D C:\ProgramData\{02b156a9-712c-0}
2016-11-16 13:58 - 2016-06-24 12:07 - 00000000 ____D C:\ProgramData\{010d7beb-412c-0}
2016-11-16 13:58 - 2016-06-24 12:07 - 00000000 ____D C:\ProgramData\{009ed95c-512c-1}
2016-11-05 15:22 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\AppReadiness
2016-11-05 15:20 - 2016-05-27 19:27 - 00000000 ___RD C:\Program Files (x86)\Skype
2016-11-05 15:20 - 2016-05-27 19:27 - 00000000 ____D C:\ProgramData\Skype
2016-11-02 19:37 - 2016-07-16 12:47 - 00000000 ___HD C:\Program Files\WindowsApps
2016-11-02 19:32 - 2016-02-13 14:18 - 00000000 __RHD C:\Users\Public\AccountPictures
==================== Fichiers à la racine de certains dossiers =======
2016-05-28 12:07 - 2016-10-02 11:06 - 0000137 _____ () C:\Users\Aleister Dardé\AppData\Roaming\D2Info0
2016-10-01 19:03 - 2016-10-02 11:54 - 0000133 _____ () C:\Users\Aleister Dardé\AppData\Roaming\D2Info1
2016-05-28 16:20 - 2016-10-01 01:13 - 0000008 _____ () C:\Users\Aleister Dardé\AppData\Roaming\DofusAppId0_1
2016-05-28 12:07 - 2016-10-02 11:06 - 0000008 _____ () C:\Users\Aleister Dardé\AppData\Roaming\DofusAppId0_2
2016-05-28 16:52 - 2016-10-01 01:13 - 0000008 _____ () C:\Users\Aleister Dardé\AppData\Roaming\DofusAppId0_3
2016-05-29 11:38 - 2016-10-02 12:06 - 0000008 _____ () C:\Users\Aleister Dardé\AppData\Roaming\DofusAppId0_4
2016-06-17 11:41 - 2016-09-08 09:11 - 0000008 _____ () C:\Users\Aleister Dardé\AppData\Roaming\DofusAppId0_5
2016-06-19 18:12 - 2016-08-31 09:23 - 0000008 _____ () C:\Users\Aleister Dardé\AppData\Roaming\DofusAppId0_6
2016-06-25 10:46 - 2016-08-30 09:16 - 0000008 _____ () C:\Users\Aleister Dardé\AppData\Roaming\DofusAppId0_7
2016-06-25 10:46 - 2016-08-30 09:16 - 0000008 _____ () C:\Users\Aleister Dardé\AppData\Roaming\DofusAppId0_8
2016-06-25 11:49 - 2016-06-25 11:52 - 0000008 _____ () C:\Users\Aleister Dardé\AppData\Roaming\DofusAppId0_9
2016-10-01 19:03 - 2016-10-02 11:59 - 0000008 _____ () C:\Users\Aleister Dardé\AppData\Roaming\DofusAppId1_1
2016-10-01 19:03 - 2016-10-02 11:52 - 0000008 _____ () C:\Users\Aleister Dardé\AppData\Roaming\DofusAppId1_2
2016-10-01 22:19 - 2016-10-01 22:30 - 0000008 _____ () C:\Users\Aleister Dardé\AppData\Roaming\DofusAppId1_3
2016-05-25 22:55 - 2016-05-25 22:55 - 0032936 _____ () C:\Users\Aleister Dardé\AppData\Roaming\ICSW_0T2Y1N2Y2YtJ1V0P1C1L1R1P0F1F2Y1G2Z1T1L1G1V0P0P0I.txt
2016-05-26 00:11 - 2016-05-26 23:11 - 0000068 _____ () C:\Users\Aleister Dardé\AppData\Roaming\WB.CFG
2016-08-30 14:31 - 2016-11-16 14:15 - 0007598 _____ () C:\Users\Aleister Dardé\AppData\Local\Resmon.ResmonCfg
2016-05-27 19:43 - 2016-05-27 19:43 - 0000003 _____ () C:\Users\Aleister Dardé\AppData\Local\updater.log
2016-05-27 19:43 - 2016-08-12 23:22 - 0000424 _____ () C:\Users\Aleister Dardé\AppData\Local\UserProducts.xml
2016-09-25 17:18 - 2016-09-25 17:18 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
2014-11-19 02:58 - 2014-11-19 02:59 - 0000121 _____ () C:\ProgramData\{1FBF6C24-C1fD-4101-A42B-0C564F9E8E79}.log
2014-11-19 02:55 - 2014-11-19 02:56 - 0000106 _____ () C:\ProgramData\{2A87D48D-3FDF-41fd-97CD-A1E370EFFFE2}.log
2014-11-19 02:56 - 2014-11-19 02:57 - 0000111 _____ () C:\ProgramData\{B0B4F6D2-F2AE-451A-9496-6F2F6A897B32}.log
2014-11-19 02:57 - 2014-11-19 02:58 - 0000108 _____ () C:\ProgramData\{B46BEA36-0B71-4A4E-AE41-87241643FA0A}.log
2014-11-19 02:55 - 2014-11-19 02:55 - 0000107 _____ () C:\ProgramData\{C59C179C-668D-49A9-B6EA-0121CCFC1243}.log
Certains fichiers dans TEMP:
====================
C:\Users\Aleister Dardé\AppData\Local\Temp\dllnt_dump.dll
==================== Bamital & volsnap ======================
(Il n'y a pas de correction automatique pour les fichiers qui ne satisfont pas à la vérification.)
C:\WINDOWS\system32\winlogon.exe => Le fichier est signé numériquement
C:\WINDOWS\system32\wininit.exe => Le fichier est signé numériquement
C:\WINDOWS\explorer.exe => Le fichier est signé numériquement
C:\WINDOWS\SysWOW64\explorer.exe => Le fichier est signé numériquement
C:\WINDOWS\system32\svchost.exe => Le fichier est signé numériquement
C:\WINDOWS\SysWOW64\svchost.exe => Le fichier est signé numériquement
C:\WINDOWS\system32\services.exe => Le fichier est signé numériquement
C:\WINDOWS\system32\User32.dll => Le fichier est signé numériquement
C:\WINDOWS\SysWOW64\User32.dll => Le fichier est signé numériquement
C:\WINDOWS\system32\userinit.exe => Le fichier est signé numériquement
C:\WINDOWS\SysWOW64\userinit.exe => Le fichier est signé numériquement
C:\WINDOWS\system32\rpcss.dll => Le fichier est signé numériquement
C:\WINDOWS\system32\dnsapi.dll => Le fichier est signé numériquement
C:\WINDOWS\SysWOW64\dnsapi.dll => Le fichier est signé numériquement
C:\WINDOWS\system32\Drivers\volsnap.sys => Le fichier est signé numériquement
LastRegBack: 2016-11-18 22:46
==================== Fin de FRST.txt ============================
Exécuté par Aleister Dardé (administrateur) sur PC-ALEISTER (18-11-2016 23:36:45)
Exécuté depuis C:\Users\Aleister Dardé\Desktop
Profils chargés: Aleister Dardé (Profils disponibles: Aleister Dardé)
Platform: Windows 10 Home Version 1607 (X64) Langue: Français (France)
Internet Explorer Version 11 (Navigateur par défaut: Chrome)
Mode d'amorçage: Normal
Tutoriel pour Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processus (Avec liste blanche) =================
(Si un élément est inclus dans le fichier fixlist.txt, le processus sera arrêté. Le fichier ne sera pas déplacé.)
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvscpapisvr.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\afwServ.exe
(Intel Corporation) C:\Windows\System32\ibtsiva.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Andrea Electronics Corporation) C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Qualcomm Atheros) C:\Program Files\Qualcomm Atheros\Network Manager\KillerService.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Alienware) C:\Program Files\Alienware\Command Center\AlienFusionService.exe
(Dell) C:\Program Files\Dell\Dell Foundation Services\DFSSvc.exe
(Dell Products, LP.) C:\Program Files (x86)\Dell Digital Delivery\DeliveryService.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(CyberLink) C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
(SoftThinks SAS) C:\Program Files (x86)\AlienRespawn\SftService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
() C:\Windows\System32\igfxTray.exe
(Dolby Laboratories Inc.) C:\Program Files\Dolby Digital Plus\ddp.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Alienware) C:\Program Files\Alienware\Command Center\AWCCServiceController.exe
(Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
(Alienware) C:\Program Files\Alienware\Command Center\AlienwareAlienFXController.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
() C:\Program Files (x86)\puush\puush.exe
(Alienware) C:\Program Files\Alienware\Command Center\AlienwareTactXMacroController.exe
(Alienware) C:\Program Files\Alienware\Command Center\AWCCApplicationWatcher32.exe
(Skillbrains) C:\Program Files (x86)\Skillbrains\lightshot\5.4.0.1\Lightshot.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe
(Alienware) C:\Program Files\Alienware\Command Center\AWCCApplicationWatcher64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
() C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.4.86.0_x64__kzf8qxf38zg5c\SkypeHost.exe
(CyberLink) C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Alienware) C:\Program Files\Alienware\Command Center\AlienFusionController.exe
(Microsoft Corporation) C:\Windows\System32\InstallAgent.exe
(Microsoft Corporation) C:\Windows\System32\InstallAgentUserBroker.exe
(Dell Inc.) C:\Program Files (x86)\Dell\SupportAssistAgent\bin\SupportAssistAgent.exe
(Skype Technologies) C:\Program Files (x86)\Skype\Browser\SkypeBrowserHost.exe
(Skype Technologies) C:\Program Files (x86)\Skype\Browser\SkypeBrowserHost.exe
(Microsoft Corporation) C:\Windows\System32\cmd.exe
(Microsoft Corporation) C:\Windows\System32\PING.EXE
(SoftThinks - Dell) C:\Program Files (x86)\AlienRespawn\Components\DBRUpdate\DBRUpd.exe
(SoftThinks - Dell) C:\Program Files (x86)\AlienRespawn\Toaster.exe
(Dell Inc.) C:\Program Files\Dell\DellDataVault\DellDataVaultWiz.exe
(Dell Inc.) C:\Program Files\Dell\DellDataVault\DellDataVault.exe
() C:\Program Files (x86)\AlienRespawn\Components\Shell\DBRCrawler.exe
(Microsoft Corporation) C:\Windows\System32\perfmon.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe
() C:\Program Files\WindowsApps\Microsoft.Windows.Photos_16.722.10060.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
(Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsStore_11608.1001.49.0_x64__8wekyb3d8bbwe\WinStore.Mobile.exe
(Malwarebytes) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
(Malwarebytes) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
(Malwarebytes) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
() C:\Program Files (x86)\Azote\Azote.exe
() C:\Riot Games\League of Legends\RADS\system\rads_user_kernel.exe
() C:\Riot Games\League of Legends\RADS\projects\lol_launcher\releases\0.0.1.32\deploy\LoLLauncher.exe
() C:\Riot Games\League of Legends\RADS\projects\lol_patcher\releases\0.0.0.72\deploy\LoLPatcher.exe
() C:\Riot Games\League of Legends\RADS\projects\lol_air_client\releases\0.0.1.230\deploy\LolClient.exe
(Microsoft Corporation) C:\Windows\System32\GameBarPresenceWriter.exe
(Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
==================== Registre (Avec liste blanche) ====================
(Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé. Le fichier ne sera pas déplacé.)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [8512760 2015-08-03] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_Dolby] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1411320 2015-08-03] (Realtek Semiconductor)
HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [287592 2013-08-07] (Intel Corporation)
HKLM\...\Run: [Command Center Controllers] => C:\Program Files\Alienware\Command Center\AWCCStartupOrchestrator.exe [13840 2013-11-04] (Alienware)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2234144 2014-01-21] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM\...\Run: [StageLightUpdate] => C:\Program Files\Stagelight\StagelightUpdate.exe [1397208 2014-08-21] ()
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [176952 2016-06-01] (Apple Inc.)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2774256 2013-08-13] (Synaptics Incorporated)
HKLM-x32\...\Run: [Lightshot] => C:\Program Files (x86)\Skillbrains\lightshot\Lightshot.exe
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [9107616 2016-09-30] (AVAST Software)
HKU\S-1-5-21-210949152-4154492894-2679096414-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [8853208 2016-05-13] (Piriform Ltd)
HKU\S-1-5-21-210949152-4154492894-2679096414-1001\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [27021952 2016-10-17] (Skype Technologies S.A.)
HKU\S-1-5-21-210949152-4154492894-2679096414-1001\...\Run: [BingSvc] => C:\Users\Aleister Dardé\AppData\Local\Microsoft\BingSvc\BingSvc.exe [144008 2015-11-05] (© 2015 Microsoft Corporation)
HKU\S-1-5-21-210949152-4154492894-2679096414-1001\...\Run: [puush] => C:\Program Files (x86)\puush\puush.exe [568904 2016-07-02] ()
HKU\S-1-5-21-210949152-4154492894-2679096414-1001\...\Run: [Saharash Updater] => C:\Program Files (x86)\Summer\Summer Updater.exe
HKU\S-1-5-21-210949152-4154492894-2679096414-1001\...\Policies\Explorer: [NoInternetOpenWith] 1
AppInit_DLLs: C:\Windows\system32\nvinitx.dll => C:\Windows\system32\nvinitx.dll [198880 2016-07-28] (NVIDIA Corporation)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2016-09-10] (AVAST Software)
ShellIconOverlayIdentifiers: [DBARFileBackuped] -> {831cebdd-6baf-4432-be76-9e0989c14aef} => C:\WINDOWS\system32\mscoree.dll [2016-07-16] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [DBARFileNotBackuped] -> {275e4fd7-21ef-45cf-a836-832e5d2cc1b3} => C:\WINDOWS\system32\mscoree.dll [2016-07-16] (Microsoft Corporation)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Killer Network Manager.lnk [2014-11-19]
ShortcutTarget: Killer Network Manager.lnk -> C:\Windows\Installer\{F9D8E17A-8670-4D39-AFBE-9B599BB85B1A}\NetworkManager.exe_130C27D738F34C89BDDF21BCFD74B56D.exe (Flexera Software LLC)
GroupPolicy: Restriction <======= ATTENTION
==================== Internet (Avec liste blanche) ====================
(Si un élément est inclus dans le fichier fixlist.txt, s'il s'agit d'un élément du Registre, il sera supprimé ou restauré à la valeur par défaut.)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1 192.168.1.1
Tcpip\..\Interfaces\{33bcda30-f417-4d3d-9bc5-b63216feda7c}: [DhcpNameServer] 192.168.1.1 192.168.1.1
Tcpip\..\Interfaces\{758b7dd5-8b67-42e7-9495-1d97df76758f}: [NameServer] 82.163.143.171 82.163.142.173
Tcpip\..\Interfaces\{758b7dd5-8b67-42e7-9495-1d97df76758f}: [DhcpNameServer] 82.163.143.171
Tcpip\..\Interfaces\{a86583a2-3d8e-47db-9203-d6712c5a3452}: [NameServer] 82.163.143.171 82.163.142.173
Tcpip\..\Interfaces\{c90527db-381a-42b7-ac60-6355efd10b4f}: [DhcpNameServer] 172.20.10.1
Tcpip\..\Interfaces\{dc411e37-a5c2-461a-bd26-43e1801da558}: [DhcpNameServer] 192.168.1.1 192.168.1.1
Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://fr.search.yahoo.com/yhs/web?hspart=iry&hsimp=yhs-fullyhosted_003&type=wbf_togoo_16_21¶m1=1¶m2=f%3D1%26b%3DIE%26cc%3Dfr%26pa%3DWincy%26cd%3D2XzuyEtN2Y1L1QzuyEzzyDtC0ByBtDyEzzyCtBzytBtAyDtBtN0D0Tzu0StCyCtDyCtN1L2XzutAtFtBtCtFtCtFyCtN1L1Czu1TtN1L1G1B1V1N2Y1L1Qzu2StCyD0F0B0FtA0C0EtGyDtCyB0EtGzy0E0F0EtGtA0B0DtBtG0D0F0D0ByEtCyCyBzz0DyEzy2QtN1M1F1B2Z1V1N2Y1L1Qzu2S0DyE0FyD0D0B0A0EtGzy0CyByCtGyE0A0C0DtGzy0E0AzytGyByE0EtCyCzztBzyzztBtDyE2QtN0A0LzuyE%26cr%3D1628008856%26a%3Dwbf_togoo_16_21%26os_ver%3D10.0%26os%3DWindows%2B10%2BHome
HKU\S-1-5-21-210949152-4154492894-2679096414-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.msn.com/?pc=SK216&ocid=SK216DHP&osmkt=fr-fr
HKU\S-1-5-21-210949152-4154492894-2679096414-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://dell13.msn.com/?pc=DCJB
HKU\S-1-5-21-210949152-4154492894-2679096414-1001\Software\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = hxxp://www.alienwarearena.com/welcome-fr
HKU\S-1-5-21-210949152-4154492894-2679096414-1001\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://www.alienwarearena.com/welcome-fr
SearchScopes: HKLM -> DefaultScope {BD4871B2-3B65-4360-8CF5-30555D0F43E7} URL = hxxps://fr.search.yahoo.com/yhs/search?hspart=iry&hsimp=yhs-fullyhosted_003&type=wbf_togoo_16_21¶m1=1¶m2=f%3D4%26b%3DIE%26cc%3Dfr%26pa%3DWincy%26cd%3D2XzuyEtN2Y1L1QzuyEzzyDtC0ByBtDyEzzyCtBzytBtAyDtBtN0D0Tzu0StCyCtDyCtN1L2XzutAtFtBtCtFtCtFyCtN1L1Czu1TtN1L1G1B1V1N2Y1L1Qzu2StCyD0F0B0FtA0C0EtGyDtCyB0EtGzy0E0F0EtGtA0B0DtBtG0D0F0D0ByEtCyCyBzz0DyEzy2QtN1M1F1B2Z1V1N2Y1L1Qzu2S0DyE0FyD0D0B0A0EtGzy0CyByCtGyE0A0C0DtGzy0E0AzytGyByE0EtCyCzztBzyzztBtDyE2QtN0A0LzuyE%26cr%3D1628008856%26a%3Dwbf_togoo_16_21%26os_ver%3D10.0%26os%3DWindows%2B10%2BHome&p={searchTerms}
SearchScopes: HKLM -> {BD4871B2-3B65-4360-8CF5-30555D0F43E7} URL = hxxps://fr.search.yahoo.com/yhs/search?hspart=iry&hsimp=yhs-fullyhosted_003&type=wbf_togoo_16_21¶m1=1¶m2=f%3D4%26b%3DIE%26cc%3Dfr%26pa%3DWincy%26cd%3D2XzuyEtN2Y1L1QzuyEzzyDtC0ByBtDyEzzyCtBzytBtAyDtBtN0D0Tzu0StCyCtDyCtN1L2XzutAtFtBtCtFtCtFyCtN1L1Czu1TtN1L1G1B1V1N2Y1L1Qzu2StCyD0F0B0FtA0C0EtGyDtCyB0EtGzy0E0F0EtGtA0B0DtBtG0D0F0D0ByEtCyCyBzz0DyEzy2QtN1M1F1B2Z1V1N2Y1L1Qzu2S0DyE0FyD0D0B0A0EtGzy0CyByCtGyE0A0C0DtGzy0E0AzytGyByE0EtCyCzztBzyzztBtDyE2QtN0A0LzuyE%26cr%3D1628008856%26a%3Dwbf_togoo_16_21%26os_ver%3D10.0%26os%3DWindows%2B10%2BHome&p={searchTerms}
SearchScopes: HKLM-x32 -> DefaultScope {BD4871B2-3B65-4360-8CF5-30555D0F43E7} URL = hxxps://fr.search.yahoo.com/yhs/search?hspart=iry&hsimp=yhs-fullyhosted_003&type=wbf_togoo_16_21¶m1=1¶m2=f%3D4%26b%3DIE%26cc%3Dfr%26pa%3DWincy%26cd%3D2XzuyEtN2Y1L1QzuyEzzyDtC0ByBtDyEzzyCtBzytBtAyDtBtN0D0Tzu0StCyCtDyCtN1L2XzutAtFtBtCtFtCtFyCtN1L1Czu1TtN1L1G1B1V1N2Y1L1Qzu2StCyD0F0B0FtA0C0EtGyDtCyB0EtGzy0E0F0EtGtA0B0DtBtG0D0F0D0ByEtCyCyBzz0DyEzy2QtN1M1F1B2Z1V1N2Y1L1Qzu2S0DyE0FyD0D0B0A0EtGzy0CyByCtGyE0A0C0DtGzy0E0AzytGyByE0EtCyCzztBzyzztBtDyE2QtN0A0LzuyE%26cr%3D1628008856%26a%3Dwbf_togoo_16_21%26os_ver%3D10.0%26os%3DWindows%2B10%2BHome&p={searchTerms}
SearchScopes: HKLM-x32 -> {BD4871B2-3B65-4360-8CF5-30555D0F43E7} URL = hxxps://fr.search.yahoo.com/yhs/search?hspart=iry&hsimp=yhs-fullyhosted_003&type=wbf_togoo_16_21¶m1=1¶m2=f%3D4%26b%3DIE%26cc%3Dfr%26pa%3DWincy%26cd%3D2XzuyEtN2Y1L1QzuyEzzyDtC0ByBtDyEzzyCtBzytBtAyDtBtN0D0Tzu0StCyCtDyCtN1L2XzutAtFtBtCtFtCtFyCtN1L1Czu1TtN1L1G1B1V1N2Y1L1Qzu2StCyD0F0B0FtA0C0EtGyDtCyB0EtGzy0E0F0EtGtA0B0DtBtG0D0F0D0ByEtCyCyBzz0DyEzy2QtN1M1F1B2Z1V1N2Y1L1Qzu2S0DyE0FyD0D0B0A0EtGzy0CyByCtGyE0A0C0DtGzy0E0AzytGyByE0EtCyCzztBzyzztBtDyE2QtN0A0LzuyE%26cr%3D1628008856%26a%3Dwbf_togoo_16_21%26os_ver%3D10.0%26os%3DWindows%2B10%2BHome&p={searchTerms}
SearchScopes: HKU\S-1-5-21-210949152-4154492894-2679096414-1001 -> {BD4871B2-3B65-4360-8CF5-30555D0F43E7} URL = hxxps://fr.search.yahoo.com/yhs/search?hspart=iry&hsimp=yhs-fullyhosted_003&type=wbf_togoo_16_21¶m1=1¶m2=f%3D4%26b%3DIE%26cc%3Dfr%26pa%3DWincy%26cd%3D2XzuyEtN2Y1L1QzuyEzzyDtC0ByBtDyEzzyCtBzytBtAyDtBtN0D0Tzu0StCyCtDyCtN1L2XzutAtFtBtCtFtCtFyCtN1L1Czu1TtN1L1G1B1V1N2Y1L1Qzu2StCyD0F0B0FtA0C0EtGyDtCyB0EtGzy0E0F0EtGtA0B0DtBtG0D0F0D0ByEtCyCyBzz0DyEzy2QtN1M1F1B2Z1V1N2Y1L1Qzu2S0DyE0FyD0D0B0A0EtGzy0CyByCtGyE0A0C0DtGzy0E0AzytGyByE0EtCyCzztBzyzztBtDyE2QtN0A0LzuyE%26cr%3D1628008856%26a%3Dwbf_togoo_16_21%26os_ver%3D10.0%26os%3DWindows%2B10%2BHome&p={searchTerms}
FireFox:
========
FF HKLM\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: (Avast Online Security) - C:\Program Files\AVAST Software\Avast\WebRep\FF [2016-09-10]
FF HKLM\...\Firefox\Extensions: [sp@avast.com] - C:\Program Files\AVAST Software\Avast\SafePrice\FF
FF Extension: (Avast SafePrice) - C:\Program Files\AVAST Software\Avast\SafePrice\FF [2016-09-10]
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF HKLM-x32\...\Firefox\Extensions: [sp@avast.com] - C:\Program Files\AVAST Software\Avast\SafePrice\FF
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2015-12-18] ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-09-18] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-09-18] (Intel Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2016-06-29] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2016-06-29] (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-07-28] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-07-28] (Google Inc.)
Chrome:
=======
CHR Profile: C:\Users\Aleister Dardé\AppData\Local\Google\Chrome\User Data\Default [2016-11-18]
CHR Extension: (Google Docs) - C:\Users\Aleister Dardé\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2016-05-28]
CHR Extension: (Google Drive) - C:\Users\Aleister Dardé\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-05-28]
CHR Extension: (YouTube) - C:\Users\Aleister Dardé\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-05-28]
CHR Extension: (Google Sheets) - C:\Users\Aleister Dardé\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2016-05-28]
CHR Extension: (Google Docs hors connexion) - C:\Users\Aleister Dardé\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-05-28]
CHR Extension: (Paiements via le Chrome Web Store) - C:\Users\Aleister Dardé\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-05-28]
CHR Extension: (Gmail) - C:\Users\Aleister Dardé\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-05-28]
CHR Extension: (Chrome Media Router) - C:\Users\Aleister Dardé\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2016-11-16]
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - hxxps://clients2.google.com/service/update2/crx
==================== Services (Avec liste blanche) ====================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [83768 2016-03-02] (Apple Inc.)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [197128 2016-09-10] (AVAST Software)
R2 avast! Firewall; C:\Program Files\AVAST Software\Avast\afwServ.exe [223600 2016-09-10] (AVAST Software)
R2 Dell Foundation Services; C:\Program Files\Dell\Dell Foundation Services\DFSSvc.exe [153960 2016-04-29] (Dell)
R2 DellDataVault; C:\Program Files\Dell\DellDataVault\DellDataVault.exe [2572024 2016-06-23] (Dell Inc.)
R2 DellDataVaultWiz; C:\Program Files\Dell\DellDataVault\DellDataVaultWiz.exe [202488 2016-06-23] (Dell Inc.)
R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [15720 2013-08-07] (Intel Corporation)
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe [73728 2004-10-22] (Macrovision Corporation) [Fichier non signé]
R2 igfxCUIService2.0.0.0; C:\WINDOWS\system32\igfxCUIService.exe [374360 2016-05-27] (Intel Corporation)
R2 Intel(R) Capability Licensing Service Interface; c:\Program Files\Intel\iCLS Client\HeciServer.exe [747520 2013-08-27] (Intel(R) Corporation) [Fichier non signé]
S3 Intel(R) Capability Licensing Service TCP IP Interface; c:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [828376 2013-08-27] (Intel(R) Corporation)
S3 ioloEnergyBooster; C:\Program Files\Alienware\Command Center\ioloEnergyBooster.exe [6145872 2012-11-01] (iolo technologies, LLC)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-09-18] (Intel Corporation)
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1514464 2016-03-10] (Malwarebytes)
R2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1136608 2016-03-10] (Malwarebytes)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1593632 2014-01-21] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [16939296 2014-01-21] (NVIDIA Corporation)
R2 Qualcomm Atheros Killer Service V2; C:\Program Files\Qualcomm Atheros\Network Manager\KillerService.exe [343040 2013-08-07] (Qualcomm Atheros) [Fichier non signé]
R2 RichVideo; C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe [253776 2013-07-30] (CyberLink)
R2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [312056 2015-08-03] (Realtek Semiconductor)
R2 SupportAssistAgent; C:\Program Files (x86)\Dell\SupportAssistAgent\bin\SupportAssistAgent.exe [31704 2016-09-09] (Dell Inc.)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [347328 2016-07-16] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [103720 2016-07-16] (Microsoft Corporation)
R2 ibtsiva; %SystemRoot%\system32\ibtsiva [X]
===================== Pilotes (Avec liste blanche) ======================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
S3 aswHwid; C:\WINDOWS\system32\drivers\aswHwid.sys [37656 2016-09-10] (AVAST Software)
R1 aswKbd; C:\WINDOWS\system32\drivers\aswKbd.sys [37144 2016-09-10] (AVAST Software)
R2 aswMonFlt; C:\WINDOWS\system32\drivers\aswMonFlt.sys [108816 2016-09-10] (AVAST Software)
R1 aswNetSec; C:\WINDOWS\system32\drivers\aswNetSec.sys [453192 2016-09-10] (AVAST Software)
R1 aswRdr; C:\WINDOWS\system32\drivers\aswRdr2.sys [103064 2016-09-10] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [74544 2016-09-10] (AVAST Software)
R1 aswSnx; C:\WINDOWS\system32\drivers\aswSnx.sys [969184 2016-09-30] (AVAST Software)
R1 aswSP; C:\WINDOWS\system32\drivers\aswSP.sys [513632 2016-09-30] (AVAST Software)
R2 aswStm; C:\WINDOWS\system32\drivers\aswStm.sys [163416 2016-09-10] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [293352 2016-11-18] (AVAST Software)
R1 BfLwf; C:\WINDOWS\system32\DRIVERS\bwcW8x64.sys [75056 2013-02-13] (Qualcomm Atheros, Inc.)
R1 CLVirtualDrive; C:\WINDOWS\system32\DRIVERS\CLVirtualDrive.sys [91712 2013-03-05] (CyberLink)
R3 DDDriver; C:\WINDOWS\system32\drivers\DDDriver64Dcsa.sys [32464 2016-01-05] (Dell Computer Corporation)
R3 DellProf; C:\WINDOWS\system32\drivers\DellProf.sys [24240 2016-01-05] (Dell Computer Corporation)
R3 DellRbtn; C:\WINDOWS\System32\drivers\DellRbtn.sys [10752 2013-01-25] (OSR Open Systems Resources, Inc.)
R0 EMSC; C:\WINDOWS\System32\drivers\EMSC.SYS [17720 2012-07-10] ()
R0 EMSC; C:\Windows\SysWOW64\drivers\EMSC.SYS [15160 2012-07-10] ()
R3 ibtusb; C:\WINDOWS\system32\DRIVERS\ibtusb.sys [349960 2016-07-12] (Intel Corporation)
R3 Ke2200; C:\WINDOWS\System32\drivers\e22w8x64.sys [163536 2013-03-20] (Qualcomm Atheros, Inc.)
R3 MBAMProtector; C:\WINDOWS\system32\drivers\mbam.sys [27008 2016-03-10] (Malwarebytes)
R3 MBAMSwissArmy; C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [192216 2016-11-18] (Malwarebytes)
R3 MBAMWebAccessControl; C:\WINDOWS\system32\drivers\mwac.sys [65408 2016-03-10] (Malwarebytes Corporation)
R3 MEIx64; C:\WINDOWS\system32\DRIVERS\TeeDriverx64.sys [99288 2013-09-18] (Intel Corporation)
S3 NetAdapterCx; C:\WINDOWS\System32\drivers\NetAdapterCx.sys [90624 2016-07-16] ()
R3 NETwNb64; C:\WINDOWS\System32\drivers\Netwbw02.sys [3485696 2016-07-16] (Intel Corporation)
R3 nvvad_WaveExtensible; C:\WINDOWS\system32\drivers\nvvad64v.sys [39200 2013-12-27] (NVIDIA Corporation)
R3 SmbDrvI; C:\WINDOWS\system32\DRIVERS\Smb_driver_Intel.sys [34544 2013-08-13] (Synaptics Incorporated)
R3 ST_Accel; C:\WINDOWS\system32\DRIVERS\ST_Accel.sys [83456 2013-08-06] (STMicroelectronics)
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [44056 2016-07-16] (Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [290144 2016-07-16] (Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [123232 2016-07-16] (Microsoft Corporation)
==================== NetSvcs (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
==================== Un mois - Créés - fichiers et dossiers ========
(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)
2016-11-18 23:36 - 2016-11-18 23:37 - 00026226 _____ C:\Users\Aleister Dardé\Desktop\FRST.txt
2016-11-18 23:36 - 2016-11-18 23:36 - 00000204 _____ C:\Users\Aleister Dardé\Downloads\fixlist.txt
2016-11-18 23:36 - 2016-11-18 23:36 - 00000204 _____ C:\Users\Aleister Dardé\Desktop\fixlist.txt
2016-11-18 22:29 - 2016-11-18 22:29 - 00019489 _____ C:\Users\Aleister Dardé\Documents\MBAM.txt
2016-11-18 22:26 - 2016-11-18 22:38 - 00000000 ____D C:\Users\Aleister Dardé\AppData\Local\CrashDumps
2016-11-18 22:20 - 2016-11-18 23:25 - 00192216 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2016-11-18 22:19 - 2016-11-18 22:19 - 00001173 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2016-11-18 22:19 - 2016-11-18 22:19 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2016-11-18 22:19 - 2016-11-18 22:19 - 00000000 ____D C:\ProgramData\Malwarebytes
2016-11-18 22:19 - 2016-11-18 22:19 - 00000000 ____D C:\Program Files (x86)\Malwarebytes Anti-Malware
2016-11-18 22:19 - 2016-03-10 14:09 - 00065408 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mwac.sys
2016-11-18 22:19 - 2016-03-10 14:08 - 00140672 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamchameleon.sys
2016-11-18 22:19 - 2016-03-10 14:08 - 00027008 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbam.sys
2016-11-18 22:18 - 2016-11-18 22:19 - 22851472 _____ (Malwarebytes ) C:\Users\Aleister Dardé\Downloads\mbam-setup-cnet.35891-2.2.1.1043.exe
2016-11-18 22:17 - 2016-11-18 22:17 - 00007582 _____ C:\Users\Aleister Dardé\Documents\RogueKiller.txt
2016-11-18 21:42 - 2016-11-18 22:21 - 00000000 ____D C:\ProgramData\RogueKiller
2016-11-18 21:42 - 2016-11-18 21:42 - 00028272 _____ C:\WINDOWS\system32\Drivers\TrueSight.sys
2016-11-18 21:41 - 2016-11-18 21:42 - 25537096 _____ C:\Users\Aleister Dardé\Downloads\RogueKillerX64.exe
2016-11-18 21:37 - 2016-11-18 21:38 - 00000000 ____D C:\AdwCleaner
2016-11-18 21:37 - 2016-11-18 21:37 - 03910208 _____ C:\Users\Aleister Dardé\Downloads\adwcleaner_6.030.exe
2016-11-18 21:24 - 2016-11-18 21:24 - 00007179 _____ C:\Users\Aleister Dardé\Desktop\ZHPCleaner.txt
2016-11-18 21:19 - 2016-11-18 21:19 - 02504704 _____ C:\Users\Aleister Dardé\Downloads\ZHPCleaner.exe
2016-11-18 21:19 - 2016-11-18 21:19 - 00000886 _____ C:\Users\Aleister Dardé\Desktop\ZHPCleaner.lnk
2016-11-18 21:12 - 2016-11-18 23:36 - 00000000 ____D C:\FRST
2016-11-18 21:12 - 2016-11-18 21:12 - 02412032 _____ (Farbar) C:\Users\Aleister Dardé\Desktop\FRST64.exe
2016-11-18 21:07 - 2016-11-18 21:08 - 00000000 ____D C:\Program Files (x86)\Azote
2016-11-18 21:07 - 2016-11-18 21:07 - 00001034 _____ C:\Users\Public\Desktop\Azote.lnk
2016-11-18 21:07 - 2016-11-18 21:07 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AzoteLauncher
2016-11-18 21:05 - 2016-11-18 21:06 - 07282463 _____ (Azote ) C:\Users\Aleister Dardé\Downloads\Azote_Setup.exe
2016-11-18 21:03 - 2016-11-18 21:03 - 00000000 __HDC C:\ProgramData\{A328A61B-C332-4C8C-A740-42F7F71DC398}
2016-11-16 14:42 - 2016-11-16 14:42 - 00132091 _____ C:\Users\Aleister Dardé\Documents\rapport.txt
2016-11-16 14:33 - 2016-11-16 14:33 - 00132677 _____ C:\Users\Aleister Dardé\Desktop\ZHPDiag.txt
2016-11-16 14:28 - 2016-11-18 21:25 - 00000000 ____D C:\Users\Aleister Dardé\AppData\Roaming\ZHP
2016-11-16 14:28 - 2016-11-16 14:32 - 00000876 _____ C:\Users\Aleister Dardé\Desktop\ZHPDiag.lnk
2016-11-16 14:28 - 2016-11-16 14:32 - 00000212 _____ C:\Users\Aleister
2016-11-16 14:27 - 2016-11-16 14:28 - 02449408 _____ C:\Users\Aleister Dardé\Downloads\ZHPDiag3.exe
==================== Un mois - Modifiés - fichiers et dossiers ========
(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)
2016-11-18 23:37 - 2016-05-27 19:27 - 00000000 ____D C:\Users\Aleister Dardé\AppData\Roaming\Skype
2016-11-18 23:20 - 2016-07-16 23:40 - 00744664 _____ C:\WINDOWS\system32\perfh00C.dat
2016-11-18 23:20 - 2016-07-16 23:40 - 00147268 _____ C:\WINDOWS\system32\perfc00C.dat
2016-11-18 23:20 - 2016-05-22 09:41 - 01889880 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2016-11-18 23:11 - 2016-09-25 17:15 - 00000000 ____D C:\WINDOWS\system32\SleepStudy
2016-11-18 23:06 - 2016-07-16 12:36 - 00000000 ____D C:\WINDOWS\CbsTemp
2016-11-18 21:59 - 2016-05-28 11:19 - 00293352 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswvmm.sys
2016-11-18 21:05 - 2016-05-28 11:35 - 00002272 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-11-18 21:05 - 2016-05-28 11:35 - 00002260 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2016-11-18 21:04 - 2014-11-19 03:04 - 00000000 ____D C:\Program Files (x86)\AlienRespawn
2016-11-18 21:02 - 2016-09-25 17:22 - 00000000 ____D C:\Users\Aleister Dardé
2016-11-18 21:02 - 2016-05-22 10:06 - 00000000 ____D C:\ProgramData\SupportAssistAgent
2016-11-18 20:58 - 2016-09-25 17:17 - 00000180 _____ C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2016-11-18 20:58 - 2016-05-21 20:03 - 00000000 __SHD C:\Users\Aleister Dardé\IntelGraphicsProfiles
2016-11-16 14:31 - 2016-07-05 21:34 - 00000000 ____D C:\Program Files (x86)\Summer
2016-11-16 14:25 - 2016-09-09 20:45 - 00000000 ____D C:\Program Files (x86)\Kelba
2016-11-16 14:20 - 2016-09-25 17:34 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2016-11-16 14:17 - 2016-09-25 17:18 - 00000000 ____D C:\ProgramData\NVIDIA
2016-11-16 14:17 - 2016-07-16 07:04 - 00786432 _____ C:\WINDOWS\system32\config\BBI
2016-11-16 14:16 - 2016-09-25 18:13 - 00000000 ___DC C:\WINDOWS\Panther
2016-11-16 14:16 - 2016-07-16 12:45 - 00000000 ____D C:\WINDOWS\INF
2016-11-16 14:16 - 2014-11-19 03:02 - 00000000 ____D C:\Program Files (x86)\Steam
2016-11-16 14:15 - 2016-08-30 14:31 - 00007598 _____ C:\Users\Aleister Dardé\AppData\Local\Resmon.ResmonCfg
2016-11-16 13:58 - 2016-06-24 12:07 - 00000000 ____D C:\ProgramData\{02b156a9-712c-0}
2016-11-16 13:58 - 2016-06-24 12:07 - 00000000 ____D C:\ProgramData\{010d7beb-412c-0}
2016-11-16 13:58 - 2016-06-24 12:07 - 00000000 ____D C:\ProgramData\{009ed95c-512c-1}
2016-11-05 15:22 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\AppReadiness
2016-11-05 15:20 - 2016-05-27 19:27 - 00000000 ___RD C:\Program Files (x86)\Skype
2016-11-05 15:20 - 2016-05-27 19:27 - 00000000 ____D C:\ProgramData\Skype
2016-11-02 19:37 - 2016-07-16 12:47 - 00000000 ___HD C:\Program Files\WindowsApps
2016-11-02 19:32 - 2016-02-13 14:18 - 00000000 __RHD C:\Users\Public\AccountPictures
==================== Fichiers à la racine de certains dossiers =======
2016-05-28 12:07 - 2016-10-02 11:06 - 0000137 _____ () C:\Users\Aleister Dardé\AppData\Roaming\D2Info0
2016-10-01 19:03 - 2016-10-02 11:54 - 0000133 _____ () C:\Users\Aleister Dardé\AppData\Roaming\D2Info1
2016-05-28 16:20 - 2016-10-01 01:13 - 0000008 _____ () C:\Users\Aleister Dardé\AppData\Roaming\DofusAppId0_1
2016-05-28 12:07 - 2016-10-02 11:06 - 0000008 _____ () C:\Users\Aleister Dardé\AppData\Roaming\DofusAppId0_2
2016-05-28 16:52 - 2016-10-01 01:13 - 0000008 _____ () C:\Users\Aleister Dardé\AppData\Roaming\DofusAppId0_3
2016-05-29 11:38 - 2016-10-02 12:06 - 0000008 _____ () C:\Users\Aleister Dardé\AppData\Roaming\DofusAppId0_4
2016-06-17 11:41 - 2016-09-08 09:11 - 0000008 _____ () C:\Users\Aleister Dardé\AppData\Roaming\DofusAppId0_5
2016-06-19 18:12 - 2016-08-31 09:23 - 0000008 _____ () C:\Users\Aleister Dardé\AppData\Roaming\DofusAppId0_6
2016-06-25 10:46 - 2016-08-30 09:16 - 0000008 _____ () C:\Users\Aleister Dardé\AppData\Roaming\DofusAppId0_7
2016-06-25 10:46 - 2016-08-30 09:16 - 0000008 _____ () C:\Users\Aleister Dardé\AppData\Roaming\DofusAppId0_8
2016-06-25 11:49 - 2016-06-25 11:52 - 0000008 _____ () C:\Users\Aleister Dardé\AppData\Roaming\DofusAppId0_9
2016-10-01 19:03 - 2016-10-02 11:59 - 0000008 _____ () C:\Users\Aleister Dardé\AppData\Roaming\DofusAppId1_1
2016-10-01 19:03 - 2016-10-02 11:52 - 0000008 _____ () C:\Users\Aleister Dardé\AppData\Roaming\DofusAppId1_2
2016-10-01 22:19 - 2016-10-01 22:30 - 0000008 _____ () C:\Users\Aleister Dardé\AppData\Roaming\DofusAppId1_3
2016-05-25 22:55 - 2016-05-25 22:55 - 0032936 _____ () C:\Users\Aleister Dardé\AppData\Roaming\ICSW_0T2Y1N2Y2YtJ1V0P1C1L1R1P0F1F2Y1G2Z1T1L1G1V0P0P0I.txt
2016-05-26 00:11 - 2016-05-26 23:11 - 0000068 _____ () C:\Users\Aleister Dardé\AppData\Roaming\WB.CFG
2016-08-30 14:31 - 2016-11-16 14:15 - 0007598 _____ () C:\Users\Aleister Dardé\AppData\Local\Resmon.ResmonCfg
2016-05-27 19:43 - 2016-05-27 19:43 - 0000003 _____ () C:\Users\Aleister Dardé\AppData\Local\updater.log
2016-05-27 19:43 - 2016-08-12 23:22 - 0000424 _____ () C:\Users\Aleister Dardé\AppData\Local\UserProducts.xml
2016-09-25 17:18 - 2016-09-25 17:18 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
2014-11-19 02:58 - 2014-11-19 02:59 - 0000121 _____ () C:\ProgramData\{1FBF6C24-C1fD-4101-A42B-0C564F9E8E79}.log
2014-11-19 02:55 - 2014-11-19 02:56 - 0000106 _____ () C:\ProgramData\{2A87D48D-3FDF-41fd-97CD-A1E370EFFFE2}.log
2014-11-19 02:56 - 2014-11-19 02:57 - 0000111 _____ () C:\ProgramData\{B0B4F6D2-F2AE-451A-9496-6F2F6A897B32}.log
2014-11-19 02:57 - 2014-11-19 02:58 - 0000108 _____ () C:\ProgramData\{B46BEA36-0B71-4A4E-AE41-87241643FA0A}.log
2014-11-19 02:55 - 2014-11-19 02:55 - 0000107 _____ () C:\ProgramData\{C59C179C-668D-49A9-B6EA-0121CCFC1243}.log
Certains fichiers dans TEMP:
====================
C:\Users\Aleister Dardé\AppData\Local\Temp\dllnt_dump.dll
==================== Bamital & volsnap ======================
(Il n'y a pas de correction automatique pour les fichiers qui ne satisfont pas à la vérification.)
C:\WINDOWS\system32\winlogon.exe => Le fichier est signé numériquement
C:\WINDOWS\system32\wininit.exe => Le fichier est signé numériquement
C:\WINDOWS\explorer.exe => Le fichier est signé numériquement
C:\WINDOWS\SysWOW64\explorer.exe => Le fichier est signé numériquement
C:\WINDOWS\system32\svchost.exe => Le fichier est signé numériquement
C:\WINDOWS\SysWOW64\svchost.exe => Le fichier est signé numériquement
C:\WINDOWS\system32\services.exe => Le fichier est signé numériquement
C:\WINDOWS\system32\User32.dll => Le fichier est signé numériquement
C:\WINDOWS\SysWOW64\User32.dll => Le fichier est signé numériquement
C:\WINDOWS\system32\userinit.exe => Le fichier est signé numériquement
C:\WINDOWS\SysWOW64\userinit.exe => Le fichier est signé numériquement
C:\WINDOWS\system32\rpcss.dll => Le fichier est signé numériquement
C:\WINDOWS\system32\dnsapi.dll => Le fichier est signé numériquement
C:\WINDOWS\SysWOW64\dnsapi.dll => Le fichier est signé numériquement
C:\WINDOWS\system32\Drivers\volsnap.sys => Le fichier est signé numériquement
LastRegBack: 2016-11-18 22:46
==================== Fin de FRST.txt ============================