Résultats d'analyse de Farbar Recovery Scan Tool (FRST) (x64) Version: 16-11-2016 Exécuté par Aleister Dardé (administrateur) sur PC-ALEISTER (18-11-2016 23:36:45) Exécuté depuis C:\Users\Aleister Dardé\Desktop Profils chargés: Aleister Dardé (Profils disponibles: Aleister Dardé) Platform: Windows 10 Home Version 1607 (X64) Langue: Français (France) Internet Explorer Version 11 (Navigateur par défaut: Chrome) Mode d'amorçage: Normal Tutoriel pour Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processus (Avec liste blanche) ================= (Si un élément est inclus dans le fichier fixlist.txt, le processus sera arrêté. Le fichier ne sera pas déplacé.) (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvscpapisvr.exe (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe (Intel Corporation) C:\Windows\System32\igfxCUIService.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe (AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe (AVAST Software) C:\Program Files\AVAST Software\Avast\afwServ.exe (Intel Corporation) C:\Windows\System32\ibtsiva.exe (Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe (Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe (Andrea Electronics Corporation) C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe (Qualcomm Atheros) C:\Program Files\Qualcomm Atheros\Network Manager\KillerService.exe (Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe (Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe (Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe (Alienware) C:\Program Files\Alienware\Command Center\AlienFusionService.exe (Dell) C:\Program Files\Dell\Dell Foundation Services\DFSSvc.exe (Dell Products, LP.) C:\Program Files (x86)\Dell Digital Delivery\DeliveryService.exe (Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (CyberLink) C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe (SoftThinks SAS) C:\Program Files (x86)\AlienRespawn\SftService.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe (Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe (Intel Corporation) C:\Windows\System32\igfxEM.exe (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe (Intel Corporation) C:\Windows\System32\igfxHK.exe () C:\Windows\System32\igfxTray.exe (Dolby Laboratories Inc.) C:\Program Files\Dolby Digital Plus\ddp.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe (Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe (Alienware) C:\Program Files\Alienware\Command Center\AWCCServiceController.exe (Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe (Alienware) C:\Program Files\Alienware\Command Center\AlienwareAlienFXController.exe (Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe (Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe () C:\Program Files (x86)\puush\puush.exe (Alienware) C:\Program Files\Alienware\Command Center\AlienwareTactXMacroController.exe (Alienware) C:\Program Files\Alienware\Command Center\AWCCApplicationWatcher32.exe (Skillbrains) C:\Program Files (x86)\Skillbrains\lightshot\5.4.0.1\Lightshot.exe (AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe (Alienware) C:\Program Files\Alienware\Command Center\AWCCApplicationWatcher64.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.4.86.0_x64__kzf8qxf38zg5c\SkypeHost.exe (CyberLink) C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe (Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe (Alienware) C:\Program Files\Alienware\Command Center\AlienFusionController.exe (Microsoft Corporation) C:\Windows\System32\InstallAgent.exe (Microsoft Corporation) C:\Windows\System32\InstallAgentUserBroker.exe (Dell Inc.) C:\Program Files (x86)\Dell\SupportAssistAgent\bin\SupportAssistAgent.exe (Skype Technologies) C:\Program Files (x86)\Skype\Browser\SkypeBrowserHost.exe (Skype Technologies) C:\Program Files (x86)\Skype\Browser\SkypeBrowserHost.exe (Microsoft Corporation) C:\Windows\System32\cmd.exe (Microsoft Corporation) C:\Windows\System32\PING.EXE (SoftThinks - Dell) C:\Program Files (x86)\AlienRespawn\Components\DBRUpdate\DBRUpd.exe (SoftThinks - Dell) C:\Program Files (x86)\AlienRespawn\Toaster.exe (Dell Inc.) C:\Program Files\Dell\DellDataVault\DellDataVaultWiz.exe (Dell Inc.) C:\Program Files\Dell\DellDataVault\DellDataVault.exe () C:\Program Files (x86)\AlienRespawn\Components\Shell\DBRCrawler.exe (Microsoft Corporation) C:\Windows\System32\perfmon.exe (Microsoft Corporation) C:\Windows\System32\dllhost.exe (AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_16.722.10060.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe (Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsStore_11608.1001.49.0_x64__8wekyb3d8bbwe\WinStore.Mobile.exe (Malwarebytes) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe (Malwarebytes) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe (Malwarebytes) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe () C:\Program Files (x86)\Azote\Azote.exe () C:\Riot Games\League of Legends\RADS\system\rads_user_kernel.exe () C:\Riot Games\League of Legends\RADS\projects\lol_launcher\releases\0.0.1.32\deploy\LoLLauncher.exe () C:\Riot Games\League of Legends\RADS\projects\lol_patcher\releases\0.0.0.72\deploy\LoLPatcher.exe () C:\Riot Games\League of Legends\RADS\projects\lol_air_client\releases\0.0.1.230\deploy\LolClient.exe (Microsoft Corporation) C:\Windows\System32\GameBarPresenceWriter.exe (Microsoft Corporation) C:\Windows\System32\smartscreen.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe ==================== Registre (Avec liste blanche) ==================== (Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé. Le fichier ne sera pas déplacé.) HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [8512760 2015-08-03] (Realtek Semiconductor) HKLM\...\Run: [RtHDVBg_Dolby] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1411320 2015-08-03] (Realtek Semiconductor) HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [287592 2013-08-07] (Intel Corporation) HKLM\...\Run: [Command Center Controllers] => C:\Program Files\Alienware\Command Center\AWCCStartupOrchestrator.exe [13840 2013-11-04] (Alienware) HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2234144 2014-01-21] (NVIDIA Corporation) HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart HKLM\...\Run: [StageLightUpdate] => C:\Program Files\Stagelight\StagelightUpdate.exe [1397208 2014-08-21] () HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [176952 2016-06-01] (Apple Inc.) HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2774256 2013-08-13] (Synaptics Incorporated) HKLM-x32\...\Run: [Lightshot] => C:\Program Files (x86)\Skillbrains\lightshot\Lightshot.exe HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [9107616 2016-09-30] (AVAST Software) HKU\S-1-5-21-210949152-4154492894-2679096414-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [8853208 2016-05-13] (Piriform Ltd) HKU\S-1-5-21-210949152-4154492894-2679096414-1001\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [27021952 2016-10-17] (Skype Technologies S.A.) HKU\S-1-5-21-210949152-4154492894-2679096414-1001\...\Run: [BingSvc] => C:\Users\Aleister Dardé\AppData\Local\Microsoft\BingSvc\BingSvc.exe [144008 2015-11-05] (© 2015 Microsoft Corporation) HKU\S-1-5-21-210949152-4154492894-2679096414-1001\...\Run: [puush] => C:\Program Files (x86)\puush\puush.exe [568904 2016-07-02] () HKU\S-1-5-21-210949152-4154492894-2679096414-1001\...\Run: [Saharash Updater] => C:\Program Files (x86)\Summer\Summer Updater.exe HKU\S-1-5-21-210949152-4154492894-2679096414-1001\...\Policies\Explorer: [NoInternetOpenWith] 1 AppInit_DLLs: C:\Windows\system32\nvinitx.dll => C:\Windows\system32\nvinitx.dll [198880 2016-07-28] (NVIDIA Corporation) ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2016-09-10] (AVAST Software) ShellIconOverlayIdentifiers: [DBARFileBackuped] -> {831cebdd-6baf-4432-be76-9e0989c14aef} => C:\WINDOWS\system32\mscoree.dll [2016-07-16] (Microsoft Corporation) ShellIconOverlayIdentifiers: [DBARFileNotBackuped] -> {275e4fd7-21ef-45cf-a836-832e5d2cc1b3} => C:\WINDOWS\system32\mscoree.dll [2016-07-16] (Microsoft Corporation) Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Killer Network Manager.lnk [2014-11-19] ShortcutTarget: Killer Network Manager.lnk -> C:\Windows\Installer\{F9D8E17A-8670-4D39-AFBE-9B599BB85B1A}\NetworkManager.exe_130C27D738F34C89BDDF21BCFD74B56D.exe (Flexera Software LLC) GroupPolicy: Restriction <======= ATTENTION ==================== Internet (Avec liste blanche) ==================== (Si un élément est inclus dans le fichier fixlist.txt, s'il s'agit d'un élément du Registre, il sera supprimé ou restauré à la valeur par défaut.) Tcpip\Parameters: [DhcpNameServer] 192.168.1.1 192.168.1.1 Tcpip\..\Interfaces\{33bcda30-f417-4d3d-9bc5-b63216feda7c}: [DhcpNameServer] 192.168.1.1 192.168.1.1 Tcpip\..\Interfaces\{758b7dd5-8b67-42e7-9495-1d97df76758f}: [NameServer] 82.163.143.171 82.163.142.173 Tcpip\..\Interfaces\{758b7dd5-8b67-42e7-9495-1d97df76758f}: [DhcpNameServer] 82.163.143.171 Tcpip\..\Interfaces\{a86583a2-3d8e-47db-9203-d6712c5a3452}: [NameServer] 82.163.143.171 82.163.142.173 Tcpip\..\Interfaces\{c90527db-381a-42b7-ac60-6355efd10b4f}: [DhcpNameServer] 172.20.10.1 Tcpip\..\Interfaces\{dc411e37-a5c2-461a-bd26-43e1801da558}: [DhcpNameServer] 192.168.1.1 192.168.1.1 Internet Explorer: ================== HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://fr.search.yahoo.com/yhs/web?hspart=iry&hsimp=yhs-fullyhosted_003&type=wbf_togoo_16_21¶m1=1¶m2=f%3D1%26b%3DIE%26cc%3Dfr%26pa%3DWincy%26cd%3D2XzuyEtN2Y1L1QzuyEzzyDtC0ByBtDyEzzyCtBzytBtAyDtBtN0D0Tzu0StCyCtDyCtN1L2XzutAtFtBtCtFtCtFyCtN1L1Czu1TtN1L1G1B1V1N2Y1L1Qzu2StCyD0F0B0FtA0C0EtGyDtCyB0EtGzy0E0F0EtGtA0B0DtBtG0D0F0D0ByEtCyCyBzz0DyEzy2QtN1M1F1B2Z1V1N2Y1L1Qzu2S0DyE0FyD0D0B0A0EtGzy0CyByCtGyE0A0C0DtGzy0E0AzytGyByE0EtCyCzztBzyzztBtDyE2QtN0A0LzuyE%26cr%3D1628008856%26a%3Dwbf_togoo_16_21%26os_ver%3D10.0%26os%3DWindows%2B10%2BHome HKU\S-1-5-21-210949152-4154492894-2679096414-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.msn.com/?pc=SK216&ocid=SK216DHP&osmkt=fr-fr HKU\S-1-5-21-210949152-4154492894-2679096414-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://dell13.msn.com/?pc=DCJB HKU\S-1-5-21-210949152-4154492894-2679096414-1001\Software\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = hxxp://www.alienwarearena.com/welcome-fr HKU\S-1-5-21-210949152-4154492894-2679096414-1001\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://www.alienwarearena.com/welcome-fr SearchScopes: HKLM -> DefaultScope {BD4871B2-3B65-4360-8CF5-30555D0F43E7} URL = hxxps://fr.search.yahoo.com/yhs/search?hspart=iry&hsimp=yhs-fullyhosted_003&type=wbf_togoo_16_21¶m1=1¶m2=f%3D4%26b%3DIE%26cc%3Dfr%26pa%3DWincy%26cd%3D2XzuyEtN2Y1L1QzuyEzzyDtC0ByBtDyEzzyCtBzytBtAyDtBtN0D0Tzu0StCyCtDyCtN1L2XzutAtFtBtCtFtCtFyCtN1L1Czu1TtN1L1G1B1V1N2Y1L1Qzu2StCyD0F0B0FtA0C0EtGyDtCyB0EtGzy0E0F0EtGtA0B0DtBtG0D0F0D0ByEtCyCyBzz0DyEzy2QtN1M1F1B2Z1V1N2Y1L1Qzu2S0DyE0FyD0D0B0A0EtGzy0CyByCtGyE0A0C0DtGzy0E0AzytGyByE0EtCyCzztBzyzztBtDyE2QtN0A0LzuyE%26cr%3D1628008856%26a%3Dwbf_togoo_16_21%26os_ver%3D10.0%26os%3DWindows%2B10%2BHome&p={searchTerms} SearchScopes: HKLM -> {BD4871B2-3B65-4360-8CF5-30555D0F43E7} URL = hxxps://fr.search.yahoo.com/yhs/search?hspart=iry&hsimp=yhs-fullyhosted_003&type=wbf_togoo_16_21¶m1=1¶m2=f%3D4%26b%3DIE%26cc%3Dfr%26pa%3DWincy%26cd%3D2XzuyEtN2Y1L1QzuyEzzyDtC0ByBtDyEzzyCtBzytBtAyDtBtN0D0Tzu0StCyCtDyCtN1L2XzutAtFtBtCtFtCtFyCtN1L1Czu1TtN1L1G1B1V1N2Y1L1Qzu2StCyD0F0B0FtA0C0EtGyDtCyB0EtGzy0E0F0EtGtA0B0DtBtG0D0F0D0ByEtCyCyBzz0DyEzy2QtN1M1F1B2Z1V1N2Y1L1Qzu2S0DyE0FyD0D0B0A0EtGzy0CyByCtGyE0A0C0DtGzy0E0AzytGyByE0EtCyCzztBzyzztBtDyE2QtN0A0LzuyE%26cr%3D1628008856%26a%3Dwbf_togoo_16_21%26os_ver%3D10.0%26os%3DWindows%2B10%2BHome&p={searchTerms} SearchScopes: HKLM-x32 -> DefaultScope {BD4871B2-3B65-4360-8CF5-30555D0F43E7} URL = hxxps://fr.search.yahoo.com/yhs/search?hspart=iry&hsimp=yhs-fullyhosted_003&type=wbf_togoo_16_21¶m1=1¶m2=f%3D4%26b%3DIE%26cc%3Dfr%26pa%3DWincy%26cd%3D2XzuyEtN2Y1L1QzuyEzzyDtC0ByBtDyEzzyCtBzytBtAyDtBtN0D0Tzu0StCyCtDyCtN1L2XzutAtFtBtCtFtCtFyCtN1L1Czu1TtN1L1G1B1V1N2Y1L1Qzu2StCyD0F0B0FtA0C0EtGyDtCyB0EtGzy0E0F0EtGtA0B0DtBtG0D0F0D0ByEtCyCyBzz0DyEzy2QtN1M1F1B2Z1V1N2Y1L1Qzu2S0DyE0FyD0D0B0A0EtGzy0CyByCtGyE0A0C0DtGzy0E0AzytGyByE0EtCyCzztBzyzztBtDyE2QtN0A0LzuyE%26cr%3D1628008856%26a%3Dwbf_togoo_16_21%26os_ver%3D10.0%26os%3DWindows%2B10%2BHome&p={searchTerms} SearchScopes: HKLM-x32 -> {BD4871B2-3B65-4360-8CF5-30555D0F43E7} URL = hxxps://fr.search.yahoo.com/yhs/search?hspart=iry&hsimp=yhs-fullyhosted_003&type=wbf_togoo_16_21¶m1=1¶m2=f%3D4%26b%3DIE%26cc%3Dfr%26pa%3DWincy%26cd%3D2XzuyEtN2Y1L1QzuyEzzyDtC0ByBtDyEzzyCtBzytBtAyDtBtN0D0Tzu0StCyCtDyCtN1L2XzutAtFtBtCtFtCtFyCtN1L1Czu1TtN1L1G1B1V1N2Y1L1Qzu2StCyD0F0B0FtA0C0EtGyDtCyB0EtGzy0E0F0EtGtA0B0DtBtG0D0F0D0ByEtCyCyBzz0DyEzy2QtN1M1F1B2Z1V1N2Y1L1Qzu2S0DyE0FyD0D0B0A0EtGzy0CyByCtGyE0A0C0DtGzy0E0AzytGyByE0EtCyCzztBzyzztBtDyE2QtN0A0LzuyE%26cr%3D1628008856%26a%3Dwbf_togoo_16_21%26os_ver%3D10.0%26os%3DWindows%2B10%2BHome&p={searchTerms} SearchScopes: HKU\S-1-5-21-210949152-4154492894-2679096414-1001 -> {BD4871B2-3B65-4360-8CF5-30555D0F43E7} URL = hxxps://fr.search.yahoo.com/yhs/search?hspart=iry&hsimp=yhs-fullyhosted_003&type=wbf_togoo_16_21¶m1=1¶m2=f%3D4%26b%3DIE%26cc%3Dfr%26pa%3DWincy%26cd%3D2XzuyEtN2Y1L1QzuyEzzyDtC0ByBtDyEzzyCtBzytBtAyDtBtN0D0Tzu0StCyCtDyCtN1L2XzutAtFtBtCtFtCtFyCtN1L1Czu1TtN1L1G1B1V1N2Y1L1Qzu2StCyD0F0B0FtA0C0EtGyDtCyB0EtGzy0E0F0EtGtA0B0DtBtG0D0F0D0ByEtCyCyBzz0DyEzy2QtN1M1F1B2Z1V1N2Y1L1Qzu2S0DyE0FyD0D0B0A0EtGzy0CyByCtGyE0A0C0DtGzy0E0AzytGyByE0EtCyCzztBzyzztBtDyE2QtN0A0LzuyE%26cr%3D1628008856%26a%3Dwbf_togoo_16_21%26os_ver%3D10.0%26os%3DWindows%2B10%2BHome&p={searchTerms} FireFox: ======== FF HKLM\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF FF Extension: (Avast Online Security) - C:\Program Files\AVAST Software\Avast\WebRep\FF [2016-09-10] FF HKLM\...\Firefox\Extensions: [sp@avast.com] - C:\Program Files\AVAST Software\Avast\SafePrice\FF FF Extension: (Avast SafePrice) - C:\Program Files\AVAST Software\Avast\SafePrice\FF [2016-09-10] FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF FF HKLM-x32\...\Firefox\Extensions: [sp@avast.com] - C:\Program Files\AVAST Software\Avast\SafePrice\FF FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2015-12-18] () FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-09-18] (Intel Corporation) FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-09-18] (Intel Corporation) FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2016-06-29] (NVIDIA Corporation) FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2016-06-29] (NVIDIA Corporation) FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-07-28] (Google Inc.) FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-07-28] (Google Inc.) Chrome: ======= CHR Profile: C:\Users\Aleister Dardé\AppData\Local\Google\Chrome\User Data\Default [2016-11-18] CHR Extension: (Google Docs) - C:\Users\Aleister Dardé\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2016-05-28] CHR Extension: (Google Drive) - C:\Users\Aleister Dardé\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-05-28] CHR Extension: (YouTube) - C:\Users\Aleister Dardé\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-05-28] CHR Extension: (Google Sheets) - C:\Users\Aleister Dardé\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2016-05-28] CHR Extension: (Google Docs hors connexion) - C:\Users\Aleister Dardé\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-05-28] CHR Extension: (Paiements via le Chrome Web Store) - C:\Users\Aleister Dardé\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-05-28] CHR Extension: (Gmail) - C:\Users\Aleister Dardé\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-05-28] CHR Extension: (Chrome Media Router) - C:\Users\Aleister Dardé\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2016-11-16] CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - hxxps://clients2.google.com/service/update2/crx CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - hxxps://clients2.google.com/service/update2/crx ==================== Services (Avec liste blanche) ==================== (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.) R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [83768 2016-03-02] (Apple Inc.) R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [197128 2016-09-10] (AVAST Software) R2 avast! Firewall; C:\Program Files\AVAST Software\Avast\afwServ.exe [223600 2016-09-10] (AVAST Software) R2 Dell Foundation Services; C:\Program Files\Dell\Dell Foundation Services\DFSSvc.exe [153960 2016-04-29] (Dell) R2 DellDataVault; C:\Program Files\Dell\DellDataVault\DellDataVault.exe [2572024 2016-06-23] (Dell Inc.) R2 DellDataVaultWiz; C:\Program Files\Dell\DellDataVault\DellDataVaultWiz.exe [202488 2016-06-23] (Dell Inc.) R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [15720 2013-08-07] (Intel Corporation) S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe [73728 2004-10-22] (Macrovision Corporation) [Fichier non signé] R2 igfxCUIService2.0.0.0; C:\WINDOWS\system32\igfxCUIService.exe [374360 2016-05-27] (Intel Corporation) R2 Intel(R) Capability Licensing Service Interface; c:\Program Files\Intel\iCLS Client\HeciServer.exe [747520 2013-08-27] (Intel(R) Corporation) [Fichier non signé] S3 Intel(R) Capability Licensing Service TCP IP Interface; c:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [828376 2013-08-27] (Intel(R) Corporation) S3 ioloEnergyBooster; C:\Program Files\Alienware\Command Center\ioloEnergyBooster.exe [6145872 2012-11-01] (iolo technologies, LLC) R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-09-18] (Intel Corporation) R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1514464 2016-03-10] (Malwarebytes) R2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1136608 2016-03-10] (Malwarebytes) R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1593632 2014-01-21] (NVIDIA Corporation) R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [16939296 2014-01-21] (NVIDIA Corporation) R2 Qualcomm Atheros Killer Service V2; C:\Program Files\Qualcomm Atheros\Network Manager\KillerService.exe [343040 2013-08-07] (Qualcomm Atheros) [Fichier non signé] R2 RichVideo; C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe [253776 2013-07-30] (CyberLink) R2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [312056 2015-08-03] (Realtek Semiconductor) R2 SupportAssistAgent; C:\Program Files (x86)\Dell\SupportAssistAgent\bin\SupportAssistAgent.exe [31704 2016-09-09] (Dell Inc.) S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [347328 2016-07-16] (Microsoft Corporation) S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [103720 2016-07-16] (Microsoft Corporation) R2 ibtsiva; %SystemRoot%\system32\ibtsiva [X] ===================== Pilotes (Avec liste blanche) ====================== (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.) S3 aswHwid; C:\WINDOWS\system32\drivers\aswHwid.sys [37656 2016-09-10] (AVAST Software) R1 aswKbd; C:\WINDOWS\system32\drivers\aswKbd.sys [37144 2016-09-10] (AVAST Software) R2 aswMonFlt; C:\WINDOWS\system32\drivers\aswMonFlt.sys [108816 2016-09-10] (AVAST Software) R1 aswNetSec; C:\WINDOWS\system32\drivers\aswNetSec.sys [453192 2016-09-10] (AVAST Software) R1 aswRdr; C:\WINDOWS\system32\drivers\aswRdr2.sys [103064 2016-09-10] (AVAST Software) R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [74544 2016-09-10] (AVAST Software) R1 aswSnx; C:\WINDOWS\system32\drivers\aswSnx.sys [969184 2016-09-30] (AVAST Software) R1 aswSP; C:\WINDOWS\system32\drivers\aswSP.sys [513632 2016-09-30] (AVAST Software) R2 aswStm; C:\WINDOWS\system32\drivers\aswStm.sys [163416 2016-09-10] (AVAST Software) R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [293352 2016-11-18] (AVAST Software) R1 BfLwf; C:\WINDOWS\system32\DRIVERS\bwcW8x64.sys [75056 2013-02-13] (Qualcomm Atheros, Inc.) R1 CLVirtualDrive; C:\WINDOWS\system32\DRIVERS\CLVirtualDrive.sys [91712 2013-03-05] (CyberLink) R3 DDDriver; C:\WINDOWS\system32\drivers\DDDriver64Dcsa.sys [32464 2016-01-05] (Dell Computer Corporation) R3 DellProf; C:\WINDOWS\system32\drivers\DellProf.sys [24240 2016-01-05] (Dell Computer Corporation) R3 DellRbtn; C:\WINDOWS\System32\drivers\DellRbtn.sys [10752 2013-01-25] (OSR Open Systems Resources, Inc.) R0 EMSC; C:\WINDOWS\System32\drivers\EMSC.SYS [17720 2012-07-10] () R0 EMSC; C:\Windows\SysWOW64\drivers\EMSC.SYS [15160 2012-07-10] () R3 ibtusb; C:\WINDOWS\system32\DRIVERS\ibtusb.sys [349960 2016-07-12] (Intel Corporation) R3 Ke2200; C:\WINDOWS\System32\drivers\e22w8x64.sys [163536 2013-03-20] (Qualcomm Atheros, Inc.) R3 MBAMProtector; C:\WINDOWS\system32\drivers\mbam.sys [27008 2016-03-10] (Malwarebytes) R3 MBAMSwissArmy; C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [192216 2016-11-18] (Malwarebytes) R3 MBAMWebAccessControl; C:\WINDOWS\system32\drivers\mwac.sys [65408 2016-03-10] (Malwarebytes Corporation) R3 MEIx64; C:\WINDOWS\system32\DRIVERS\TeeDriverx64.sys [99288 2013-09-18] (Intel Corporation) S3 NetAdapterCx; C:\WINDOWS\System32\drivers\NetAdapterCx.sys [90624 2016-07-16] () R3 NETwNb64; C:\WINDOWS\System32\drivers\Netwbw02.sys [3485696 2016-07-16] (Intel Corporation) R3 nvvad_WaveExtensible; C:\WINDOWS\system32\drivers\nvvad64v.sys [39200 2013-12-27] (NVIDIA Corporation) R3 SmbDrvI; C:\WINDOWS\system32\DRIVERS\Smb_driver_Intel.sys [34544 2013-08-13] (Synaptics Incorporated) R3 ST_Accel; C:\WINDOWS\system32\DRIVERS\ST_Accel.sys [83456 2013-08-06] (STMicroelectronics) S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [44056 2016-07-16] (Microsoft Corporation) S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [290144 2016-07-16] (Microsoft Corporation) S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [123232 2016-07-16] (Microsoft Corporation) ==================== NetSvcs (Avec liste blanche) =================== (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.) ==================== Un mois - Créés - fichiers et dossiers ======== (Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.) 2016-11-18 23:36 - 2016-11-18 23:37 - 00026226 _____ C:\Users\Aleister Dardé\Desktop\FRST.txt 2016-11-18 23:36 - 2016-11-18 23:36 - 00000204 _____ C:\Users\Aleister Dardé\Downloads\fixlist.txt 2016-11-18 23:36 - 2016-11-18 23:36 - 00000204 _____ C:\Users\Aleister Dardé\Desktop\fixlist.txt 2016-11-18 22:29 - 2016-11-18 22:29 - 00019489 _____ C:\Users\Aleister Dardé\Documents\MBAM.txt 2016-11-18 22:26 - 2016-11-18 22:38 - 00000000 ____D C:\Users\Aleister Dardé\AppData\Local\CrashDumps 2016-11-18 22:20 - 2016-11-18 23:25 - 00192216 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys 2016-11-18 22:19 - 2016-11-18 22:19 - 00001173 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk 2016-11-18 22:19 - 2016-11-18 22:19 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware 2016-11-18 22:19 - 2016-11-18 22:19 - 00000000 ____D C:\ProgramData\Malwarebytes 2016-11-18 22:19 - 2016-11-18 22:19 - 00000000 ____D C:\Program Files (x86)\Malwarebytes Anti-Malware 2016-11-18 22:19 - 2016-03-10 14:09 - 00065408 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mwac.sys 2016-11-18 22:19 - 2016-03-10 14:08 - 00140672 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamchameleon.sys 2016-11-18 22:19 - 2016-03-10 14:08 - 00027008 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbam.sys 2016-11-18 22:18 - 2016-11-18 22:19 - 22851472 _____ (Malwarebytes ) C:\Users\Aleister Dardé\Downloads\mbam-setup-cnet.35891-2.2.1.1043.exe 2016-11-18 22:17 - 2016-11-18 22:17 - 00007582 _____ C:\Users\Aleister Dardé\Documents\RogueKiller.txt 2016-11-18 21:42 - 2016-11-18 22:21 - 00000000 ____D C:\ProgramData\RogueKiller 2016-11-18 21:42 - 2016-11-18 21:42 - 00028272 _____ C:\WINDOWS\system32\Drivers\TrueSight.sys 2016-11-18 21:41 - 2016-11-18 21:42 - 25537096 _____ C:\Users\Aleister Dardé\Downloads\RogueKillerX64.exe 2016-11-18 21:37 - 2016-11-18 21:38 - 00000000 ____D C:\AdwCleaner 2016-11-18 21:37 - 2016-11-18 21:37 - 03910208 _____ C:\Users\Aleister Dardé\Downloads\adwcleaner_6.030.exe 2016-11-18 21:24 - 2016-11-18 21:24 - 00007179 _____ C:\Users\Aleister Dardé\Desktop\ZHPCleaner.txt 2016-11-18 21:19 - 2016-11-18 21:19 - 02504704 _____ C:\Users\Aleister Dardé\Downloads\ZHPCleaner.exe 2016-11-18 21:19 - 2016-11-18 21:19 - 00000886 _____ C:\Users\Aleister Dardé\Desktop\ZHPCleaner.lnk 2016-11-18 21:12 - 2016-11-18 23:36 - 00000000 ____D C:\FRST 2016-11-18 21:12 - 2016-11-18 21:12 - 02412032 _____ (Farbar) C:\Users\Aleister Dardé\Desktop\FRST64.exe 2016-11-18 21:07 - 2016-11-18 21:08 - 00000000 ____D C:\Program Files (x86)\Azote 2016-11-18 21:07 - 2016-11-18 21:07 - 00001034 _____ C:\Users\Public\Desktop\Azote.lnk 2016-11-18 21:07 - 2016-11-18 21:07 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AzoteLauncher 2016-11-18 21:05 - 2016-11-18 21:06 - 07282463 _____ (Azote ) C:\Users\Aleister Dardé\Downloads\Azote_Setup.exe 2016-11-18 21:03 - 2016-11-18 21:03 - 00000000 __HDC C:\ProgramData\{A328A61B-C332-4C8C-A740-42F7F71DC398} 2016-11-16 14:42 - 2016-11-16 14:42 - 00132091 _____ C:\Users\Aleister Dardé\Documents\rapport.txt 2016-11-16 14:33 - 2016-11-16 14:33 - 00132677 _____ C:\Users\Aleister Dardé\Desktop\ZHPDiag.txt 2016-11-16 14:28 - 2016-11-18 21:25 - 00000000 ____D C:\Users\Aleister Dardé\AppData\Roaming\ZHP 2016-11-16 14:28 - 2016-11-16 14:32 - 00000876 _____ C:\Users\Aleister Dardé\Desktop\ZHPDiag.lnk 2016-11-16 14:28 - 2016-11-16 14:32 - 00000212 _____ C:\Users\Aleister 2016-11-16 14:27 - 2016-11-16 14:28 - 02449408 _____ C:\Users\Aleister Dardé\Downloads\ZHPDiag3.exe ==================== Un mois - Modifiés - fichiers et dossiers ======== (Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.) 2016-11-18 23:37 - 2016-05-27 19:27 - 00000000 ____D C:\Users\Aleister Dardé\AppData\Roaming\Skype 2016-11-18 23:20 - 2016-07-16 23:40 - 00744664 _____ C:\WINDOWS\system32\perfh00C.dat 2016-11-18 23:20 - 2016-07-16 23:40 - 00147268 _____ C:\WINDOWS\system32\perfc00C.dat 2016-11-18 23:20 - 2016-05-22 09:41 - 01889880 _____ C:\WINDOWS\system32\PerfStringBackup.INI 2016-11-18 23:11 - 2016-09-25 17:15 - 00000000 ____D C:\WINDOWS\system32\SleepStudy 2016-11-18 23:06 - 2016-07-16 12:36 - 00000000 ____D C:\WINDOWS\CbsTemp 2016-11-18 21:59 - 2016-05-28 11:19 - 00293352 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswvmm.sys 2016-11-18 21:05 - 2016-05-28 11:35 - 00002272 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk 2016-11-18 21:05 - 2016-05-28 11:35 - 00002260 _____ C:\Users\Public\Desktop\Google Chrome.lnk 2016-11-18 21:04 - 2014-11-19 03:04 - 00000000 ____D C:\Program Files (x86)\AlienRespawn 2016-11-18 21:02 - 2016-09-25 17:22 - 00000000 ____D C:\Users\Aleister Dardé 2016-11-18 21:02 - 2016-05-22 10:06 - 00000000 ____D C:\ProgramData\SupportAssistAgent 2016-11-18 20:58 - 2016-09-25 17:17 - 00000180 _____ C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat 2016-11-18 20:58 - 2016-05-21 20:03 - 00000000 __SHD C:\Users\Aleister Dardé\IntelGraphicsProfiles 2016-11-16 14:31 - 2016-07-05 21:34 - 00000000 ____D C:\Program Files (x86)\Summer 2016-11-16 14:25 - 2016-09-09 20:45 - 00000000 ____D C:\Program Files (x86)\Kelba 2016-11-16 14:20 - 2016-09-25 17:34 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT 2016-11-16 14:17 - 2016-09-25 17:18 - 00000000 ____D C:\ProgramData\NVIDIA 2016-11-16 14:17 - 2016-07-16 07:04 - 00786432 _____ C:\WINDOWS\system32\config\BBI 2016-11-16 14:16 - 2016-09-25 18:13 - 00000000 ___DC C:\WINDOWS\Panther 2016-11-16 14:16 - 2016-07-16 12:45 - 00000000 ____D C:\WINDOWS\INF 2016-11-16 14:16 - 2014-11-19 03:02 - 00000000 ____D C:\Program Files (x86)\Steam 2016-11-16 14:15 - 2016-08-30 14:31 - 00007598 _____ C:\Users\Aleister Dardé\AppData\Local\Resmon.ResmonCfg 2016-11-16 13:58 - 2016-06-24 12:07 - 00000000 ____D C:\ProgramData\{02b156a9-712c-0} 2016-11-16 13:58 - 2016-06-24 12:07 - 00000000 ____D C:\ProgramData\{010d7beb-412c-0} 2016-11-16 13:58 - 2016-06-24 12:07 - 00000000 ____D C:\ProgramData\{009ed95c-512c-1} 2016-11-05 15:22 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\AppReadiness 2016-11-05 15:20 - 2016-05-27 19:27 - 00000000 ___RD C:\Program Files (x86)\Skype 2016-11-05 15:20 - 2016-05-27 19:27 - 00000000 ____D C:\ProgramData\Skype 2016-11-02 19:37 - 2016-07-16 12:47 - 00000000 ___HD C:\Program Files\WindowsApps 2016-11-02 19:32 - 2016-02-13 14:18 - 00000000 __RHD C:\Users\Public\AccountPictures ==================== Fichiers à la racine de certains dossiers ======= 2016-05-28 12:07 - 2016-10-02 11:06 - 0000137 _____ () C:\Users\Aleister Dardé\AppData\Roaming\D2Info0 2016-10-01 19:03 - 2016-10-02 11:54 - 0000133 _____ () C:\Users\Aleister Dardé\AppData\Roaming\D2Info1 2016-05-28 16:20 - 2016-10-01 01:13 - 0000008 _____ () C:\Users\Aleister Dardé\AppData\Roaming\DofusAppId0_1 2016-05-28 12:07 - 2016-10-02 11:06 - 0000008 _____ () C:\Users\Aleister Dardé\AppData\Roaming\DofusAppId0_2 2016-05-28 16:52 - 2016-10-01 01:13 - 0000008 _____ () C:\Users\Aleister Dardé\AppData\Roaming\DofusAppId0_3 2016-05-29 11:38 - 2016-10-02 12:06 - 0000008 _____ () C:\Users\Aleister Dardé\AppData\Roaming\DofusAppId0_4 2016-06-17 11:41 - 2016-09-08 09:11 - 0000008 _____ () C:\Users\Aleister Dardé\AppData\Roaming\DofusAppId0_5 2016-06-19 18:12 - 2016-08-31 09:23 - 0000008 _____ () C:\Users\Aleister Dardé\AppData\Roaming\DofusAppId0_6 2016-06-25 10:46 - 2016-08-30 09:16 - 0000008 _____ () C:\Users\Aleister Dardé\AppData\Roaming\DofusAppId0_7 2016-06-25 10:46 - 2016-08-30 09:16 - 0000008 _____ () C:\Users\Aleister Dardé\AppData\Roaming\DofusAppId0_8 2016-06-25 11:49 - 2016-06-25 11:52 - 0000008 _____ () C:\Users\Aleister Dardé\AppData\Roaming\DofusAppId0_9 2016-10-01 19:03 - 2016-10-02 11:59 - 0000008 _____ () C:\Users\Aleister Dardé\AppData\Roaming\DofusAppId1_1 2016-10-01 19:03 - 2016-10-02 11:52 - 0000008 _____ () C:\Users\Aleister Dardé\AppData\Roaming\DofusAppId1_2 2016-10-01 22:19 - 2016-10-01 22:30 - 0000008 _____ () C:\Users\Aleister Dardé\AppData\Roaming\DofusAppId1_3 2016-05-25 22:55 - 2016-05-25 22:55 - 0032936 _____ () C:\Users\Aleister Dardé\AppData\Roaming\ICSW_0T2Y1N2Y2YtJ1V0P1C1L1R1P0F1F2Y1G2Z1T1L1G1V0P0P0I.txt 2016-05-26 00:11 - 2016-05-26 23:11 - 0000068 _____ () C:\Users\Aleister Dardé\AppData\Roaming\WB.CFG 2016-08-30 14:31 - 2016-11-16 14:15 - 0007598 _____ () C:\Users\Aleister Dardé\AppData\Local\Resmon.ResmonCfg 2016-05-27 19:43 - 2016-05-27 19:43 - 0000003 _____ () C:\Users\Aleister Dardé\AppData\Local\updater.log 2016-05-27 19:43 - 2016-08-12 23:22 - 0000424 _____ () C:\Users\Aleister Dardé\AppData\Local\UserProducts.xml 2016-09-25 17:18 - 2016-09-25 17:18 - 0000000 ____H () C:\ProgramData\DP45977C.lfl 2014-11-19 02:58 - 2014-11-19 02:59 - 0000121 _____ () C:\ProgramData\{1FBF6C24-C1fD-4101-A42B-0C564F9E8E79}.log 2014-11-19 02:55 - 2014-11-19 02:56 - 0000106 _____ () C:\ProgramData\{2A87D48D-3FDF-41fd-97CD-A1E370EFFFE2}.log 2014-11-19 02:56 - 2014-11-19 02:57 - 0000111 _____ () C:\ProgramData\{B0B4F6D2-F2AE-451A-9496-6F2F6A897B32}.log 2014-11-19 02:57 - 2014-11-19 02:58 - 0000108 _____ () C:\ProgramData\{B46BEA36-0B71-4A4E-AE41-87241643FA0A}.log 2014-11-19 02:55 - 2014-11-19 02:55 - 0000107 _____ () C:\ProgramData\{C59C179C-668D-49A9-B6EA-0121CCFC1243}.log Certains fichiers dans TEMP: ==================== C:\Users\Aleister Dardé\AppData\Local\Temp\dllnt_dump.dll ==================== Bamital & volsnap ====================== (Il n'y a pas de correction automatique pour les fichiers qui ne satisfont pas à la vérification.) C:\WINDOWS\system32\winlogon.exe => Le fichier est signé numériquement C:\WINDOWS\system32\wininit.exe => Le fichier est signé numériquement C:\WINDOWS\explorer.exe => Le fichier est signé numériquement C:\WINDOWS\SysWOW64\explorer.exe => Le fichier est signé numériquement C:\WINDOWS\system32\svchost.exe => Le fichier est signé numériquement C:\WINDOWS\SysWOW64\svchost.exe => Le fichier est signé numériquement C:\WINDOWS\system32\services.exe => Le fichier est signé numériquement C:\WINDOWS\system32\User32.dll => Le fichier est signé numériquement C:\WINDOWS\SysWOW64\User32.dll => Le fichier est signé numériquement C:\WINDOWS\system32\userinit.exe => Le fichier est signé numériquement C:\WINDOWS\SysWOW64\userinit.exe => Le fichier est signé numériquement C:\WINDOWS\system32\rpcss.dll => Le fichier est signé numériquement C:\WINDOWS\system32\dnsapi.dll => Le fichier est signé numériquement C:\WINDOWS\SysWOW64\dnsapi.dll => Le fichier est signé numériquement C:\WINDOWS\system32\Drivers\volsnap.sys => Le fichier est signé numériquement LastRegBack: 2016-11-18 22:46 ==================== Fin de FRST.txt ============================