Résultats d'analyse de Farbar Recovery Scan Tool (FRST) (x64) Version: 11-09-2017 Exécuté par Phong (administrateur) sur DESKTOP-V6GIC6J (11-09-2017 14:53:57) Exécuté depuis C:\Users\garfi\Desktop Profils chargés: Phong (Profils disponibles: Phong) Platform: Windows 10 Home Version 1703 (X64) Langue: Français (France) Internet Explorer Version 11 (Navigateur par défaut: Chrome) Mode d'amorçage: Normal Tutoriel pour Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processus (Avec liste blanche) ================= (Si un élément est inclus dans le fichier fixlist.txt, le processus sera arrêté. Le fichier ne sera pas déplacé.) (AMD) C:\Windows\System32\atiesrxx.exe (AMD) C:\Windows\System32\atieclxx.exe (Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe (Micro-Star Int'l Co., Ltd.) C:\Program Files (x86)\MSI\Gaming APP\GamingApp_Service.exe () C:\Windows\SysWOW64\PnkBstrA.exe (Micro-Star INT'L CO., LTD.) C:\Program Files (x86)\MSI\MSI OC Kit\ActiveX_Service\MSI_ActiveX_Service.exe (MSI) C:\Program Files (x86)\MSI\Super Charger\ChargeService.exe (Rivet Networks) C:\Program Files\Killer Networking\Network Manager\KillerService.exe (MSI) C:\Program Files (x86)\MSI\Fast Boot\FastBootService.exe (Micro-Star INT'L CO., LTD.) C:\Program Files (x86)\MSI\Gaming APP\GamingHotkey_Service.exe (Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe (MSI) C:\Program Files (x86)\MSI\Command Center\MSIControlService.exe (Micro-Star INT'L CO., LTD.) C:\Program Files (x86)\MSI\Live Update\MSI_LiveUpdate_Service.exe (Hi-Rez Studios) D:\HiRez\HiPatchService.exe (Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe (Micro-Star INT'L CO., LTD.) C:\Program Files (x86)\MSI\Gaming APP\GamingHotkey.exe (Micro-Star INT'L CO., LTD.) C:\Program Files (x86)\MSI\Gaming APP\OSD\x64\MsiGamingOSD_x64.exe (Micro-Star INT'L CO., LTD.) C:\Program Files (x86)\MSI\Gaming APP\OSD\x86\MsiGamingOSD_x86.exe (MSI) C:\Windows\SysWOW64\muachost.exe (Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe (Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe (Micro-Star INT'L CO., LTD.) C:\Program Files (x86)\MSI\MSI OC Kit\ActiveX_Service\VideoCardMonitorII.exe (Micro-Star INT'L CO., LTD.) C:\Program Files (x86)\MSI\MSI OC Kit\ActiveX_Service\EyeRest.exe (Micro-Star INT'L CO., LTD.) C:\Program Files (x86)\MSI\MSI OC Kit\ActiveX_Service\TriggerModeMonitor.exe (Microsoft Corporation) C:\Program Files\Windows Defender\NisSrv.exe () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.19.856.0_x64__kzf8qxf38zg5c\SkypeHost.exe (Microsoft Corporation) C:\Windows\System32\smartscreen.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe (Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe (Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\RadeonSettings.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe (Valve Corporation) C:\Program Files (x86)\Steam\Steam.exe (Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe (Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe (Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe (Akamai Technologies, Inc.) C:\Users\garfi\AppData\Local\Akamai\netsession_win.exe (Akamai Technologies, Inc.) C:\Users\garfi\AppData\Local\Akamai\netsession_win.exe (MY.COM B.V.) C:\Users\garfi\AppData\Local\MyComGames\MyComGames.exe (BlueStack Systems, Inc.) C:\Program Files (x86)\BlueStacks\HD-Agent.exe (Rivet Networks) C:\Program Files\Killer Networking\Network Manager\NetworkManager.exe (Micro-Star INT'L CO., LTD.) C:\Program Files (x86)\MSI\Live Update\Live Update.exe (Nexon America) D:\Nexon Launcher\nexon_runtime.exe (Micro-Star INT'L CO.,LTD.) C:\Program Files (x86)\MSI\Fast Boot\FastBoot.exe (MSI) C:\Program Files (x86)\MSI\Super Charger\Super Charger.exe (Aeria Games & Entertainment) C:\Program Files (x86)\Aeria Games\Ignite\aeriaignite.exe (Nexon) D:\Nexon Launcher\bin\nexon_client\nexon_client.exe (Nexon) D:\Nexon Launcher\bin\nexon_client\nexon_client.exe (Nexon) D:\Nexon Launcher\bin\nexon_client\nexon_client.exe (Nexon) D:\Nexon Launcher\bin\nexon_client\nexon_client.exe () C:\Program Files\ATI Technologies\ATI.ACE\a4\AdaptiveSleepService.exe (Intel(R) Corporation) C:\Program Files (x86)\Intel\Intel(R) Extreme Tuning Utility\XtuService.exe (Microsoft Corporation) C:\Windows\System32\dllhost.exe (Microsoft Corporation) C:\Windows\System32\Taskmgr.exe (Microsoft Corporation) C:\Program Files\Windows Defender\MpCmdRun.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe (Microsoft Corporation) C:\Windows\System32\browser_broker.exe (Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe (Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe (Microsoft Corporation) C:\Windows\System32\InstallAgent.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe ==================== Registre (Avec liste blanche) ==================== (Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé. Le fichier ne sera pas déplacé.) HKLM\...\Run: [SecurityHealth] => C:\Program Files\Windows Defender\MSASCuiL.exe [629152 2017-03-18] (Microsoft Corporation) HKLM\...\Run: [StartCN] => C:\Program Files\AMD\CNext\CNext\RadeonSettings.exe [8027016 2016-11-21] (Advanced Micro Devices, Inc.) HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [9181696 2016-12-02] (Realtek Semiconductor) HKLM\...\Run: [Malwarebytes TrayApp] => C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\mbamtray.exe [3146704 2017-05-09] (Malwarebytes) HKLM-x32\...\Run: [Adobe Reader Speed Launcher] => C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe [34672 2008-06-12] (Adobe Systems Incorporated) HKLM-x32\...\Run: [Command Center] => C:\Program Files (x86)\MSI\Command Center\StartCommandCenter.exe [835680 2016-06-14] (MSI) HKLM-x32\...\Run: [Live Update] => C:\Program Files (x86)\MSI\Live Update\Live Update.exe [15367120 2017-05-15] (Micro-Star INT'L CO., LTD.) HKLM-x32\...\Run: [Fast Boot] => C:\Program Files (x86)\MSI\Fast Boot\StartFastBoot.exe [759120 2015-04-22] () HKLM-x32\...\Run: [Super Charger] => C:\Program Files (x86)\MSI\Super Charger\Super Charger.exe [1022928 2017-05-22] (MSI) HKLM-x32\...\Run: [Aeria Ignite] => C:\Program Files (x86)\Aeria Games\Ignite\aeriaignite.exe [1925656 2013-06-06] (Aeria Games & Entertainment) HKU\S-1-5-21-3537187915-2253798678-3291736898-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [3071776 2017-09-07] (Valve Corporation) HKU\S-1-5-21-3537187915-2253798678-3291736898-1001\...\Run: [Akamai NetSession Interface] => C:\Users\garfi\AppData\Local\Akamai\netsession_win.exe [4490200 2017-01-03] (Akamai Technologies, Inc.) HKU\S-1-5-21-3537187915-2253798678-3291736898-1001\...\Run: [MyComGames] => C:\Users\garfi\AppData\Local\MyComGames\MyComGames.exe [5572304 2017-08-11] (MY.COM B.V.) HKU\S-1-5-21-3537187915-2253798678-3291736898-1001\...\Run: [BlueStacks Agent] => C:\Program Files (x86)\BlueStacks\HD-Agent.exe [160824 2017-05-24] (BlueStack Systems, Inc.) HKU\S-1-5-21-3537187915-2253798678-3291736898-1001\...\Run: [uTorrent] => C:\Users\garfi\AppData\Roaming\uTorrent\uTorrent.exe [2150336 2017-09-09] (BitTorrent Inc.) Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Killer Network Manager.lnk [2017-02-03] ShortcutTarget: Killer Network Manager.lnk -> C:\Program Files\Killer Networking\Network Manager\NetworkManager.exe (Rivet Networks) Startup: C:\Users\garfi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Nexon Launcher.lnk [2017-09-09] ShortcutTarget: Nexon Launcher.lnk -> D:\Nexon Launcher\nexon_launcher.exe () GroupPolicy: Restriction - Chrome <==== ATTENTION ==================== Internet (Avec liste blanche) ==================== (Si un élément est inclus dans le fichier fixlist.txt, s'il s'agit d'un élément du Registre, il sera supprimé ou restauré à la valeur par défaut.) Tcpip\Parameters: [DhcpNameServer] 192.168.1.254 Tcpip\Parameters: [NameServer] 8.8.8.8 Tcpip\..\Interfaces\{26515b14-388c-4ea4-89dd-4b3bf0d4e40e}: [NameServer] 8.8.8.8 Tcpip\..\Interfaces\{26515b14-388c-4ea4-89dd-4b3bf0d4e40e}: [DhcpNameServer] 192.168.1.254 Tcpip\..\Interfaces\{26b11a49-585f-4b43-a90c-9af3c3d7b25b}: [NameServer] 8.8.8.8 Tcpip\..\Interfaces\{33c2f18a-7a28-11e7-8652-806e6f6e6963}: [NameServer] 8.8.8.8 Tcpip\..\Interfaces\{a4992d5e-9f93-46c9-a155-3cd83c1b9489}: [NameServer] 8.8.8.8 Internet Explorer: ================== HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.com HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = www.google.com HKU\S-1-5-21-3537187915-2253798678-3291736898-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://go.microsoft.com/fwlink/p/?LinkId=619797&pc=UE01&ocid=UE01DHP SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\S-1-5-21-3537187915-2253798678-3291736898-1001 -> DefaultScope {2211d4a5-48d0-47f5-a7cd-81e861470f7f} URL = hxxps://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IESR02&pc=UE15 SearchScopes: HKU\S-1-5-21-3537187915-2253798678-3291736898-1001 -> {2211d4a5-48d0-47f5-a7cd-81e861470f7f} URL = hxxps://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IESR02&pc=UE15 BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2017-02-03] (Google Inc.) BHO-x32: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2008-06-11] (Adobe Systems Incorporated) BHO-x32: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2017-02-03] (Google Inc.) Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2017-02-03] (Google Inc.) Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2017-02-03] (Google Inc.) FireFox: ======== FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-04-28] (Google Inc.) FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-04-28] (Google Inc.) FF Plugin HKU\S-1-5-21-3537187915-2253798678-3291736898-1001: @my.com/Games -> C:\Users\garfi\AppData\Local\MyComGames\NPMyComDetector.dll [2017-03-03] (MY.COM B.V.) FF Plugin HKU\S-1-5-21-3537187915-2253798678-3291736898-1001: ubisoft.com/uplaypc -> C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll [2017-07-28] () Chrome: ======= CHR DefaultSearchURL: Default -> hxxp://srch.bar/{searchTerms} CHR DefaultSuggestURL: Default -> hxxp://srch.bar/?s={searchTerms} CHR Profile: C:\Users\garfi\AppData\Local\Google\Chrome\User Data\Default [2017-09-11] CHR Extension: (Google Slides) - C:\Users\garfi\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-02-03] CHR Extension: (Google Docs) - C:\Users\garfi\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-02-03] CHR Extension: (Google Drive) - C:\Users\garfi\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2017-02-03] CHR Extension: (YouTube) - C:\Users\garfi\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2017-02-03] CHR Extension: (Google Sheets) - C:\Users\garfi\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-02-03] CHR Extension: (Google Docs hors connexion) - C:\Users\garfi\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2017-02-03] CHR Extension: (AdBlock) - C:\Users\garfi\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2017-08-10] CHR Extension: (Paiements via le Chrome Web Store) - C:\Users\garfi\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-08-22] CHR Extension: (Gmail) - C:\Users\garfi\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2017-02-03] CHR Extension: (Chrome Media Router) - C:\Users\garfi\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-08-08] CHR Extension: (Always Weather) - C:\Users\garfi\AppData\Local\Google\Chrome\User Data\Default\Extensions\pmcboldhlmhecoigccicmippjglnhhic [2017-09-09] CHR HKLM\...\Chrome\Extension: [nahhmpbckpgdidfnmfkfgiflpjijilce] - hxxps://clients2.google.com/service/update2/crx CHR HKU\S-1-5-21-3537187915-2253798678-3291736898-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [nahhmpbckpgdidfnmfkfgiflpjijilce] - hxxps://clients2.google.com/service/update2/crx CHR HKLM-x32\...\Chrome\Extension: [clgckgfbhciacomhlchmgdnplmdiadbj] - hxxps://clients2.google.com/service/update2/crx CHR HKLM-x32\...\Chrome\Extension: [nahhmpbckpgdidfnmfkfgiflpjijilce] - hxxps://clients2.google.com/service/update2/crx ==================== Services (Avec liste blanche) ==================== (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.) R2 AdaptiveSleepService; C:\Program Files\ATI Technologies\ATI.ACE\A4\AdaptiveSleepService.exe [155016 2016-11-21] () S3 ALG; C:\WINDOWS\System32\alg.exe [92672 2017-03-18] (Microsoft Corporation) S3 BstHdAndroidSvc; C:\Program Files (x86)\BlueStacks\HD-Service.exe [387128 2017-05-24] (BlueStack Systems, Inc.) S3 BstHdLogRotatorSvc; C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe [369720 2017-05-24] (BlueStack Systems, Inc.) S3 BstHdPlusAndroidSvc; C:\Program Files (x86)\BlueStacks\HD-Plus-Service.exe [406584 2017-05-24] (BlueStack Systems, Inc.) R2 CDPUserSvc_43cab; C:\WINDOWS\system32\svchost.exe [47664 2017-03-18] (Microsoft Corporation) R2 CDPUserSvc_43cab; C:\WINDOWS\SysWOW64\svchost.exe [40904 2017-03-18] (Microsoft Corporation) S3 DevicesFlowUserSvc_43cab; C:\WINDOWS\system32\svchost.exe [47664 2017-03-18] (Microsoft Corporation) <==== ATTENTION (pas de ServiceDLL) S3 DevicesFlowUserSvc_43cab; C:\WINDOWS\SysWOW64\svchost.exe [40904 2017-03-18] (Microsoft Corporation) <==== ATTENTION (pas de ServiceDLL) S3 EasyAntiCheat; C:\WINDOWS\SysWOW64\EasyAntiCheat.exe [383016 2017-07-01] (EasyAntiCheat Ltd) S3 Fax; C:\WINDOWS\system32\fxssvc.exe [637440 2017-03-18] (Microsoft Corporation) R2 GamingApp_Service; C:\Program Files (x86)\MSI\Gaming APP\GamingApp_Service.exe [47056 2017-02-17] (Micro-Star Int'l Co., Ltd.) R2 GamingHotkey_Service; C:\Program Files (x86)\MSI\Gaming APP\GamingHotkey_Service.exe [2019792 2016-10-13] (Micro-Star INT'L CO., LTD.) R2 HiPatchService; D:\HiRez\HiPatchService.exe [9728 2017-07-12] (Hi-Rez Studios) [Fichier non signé] R2 Killer Service V2; C:\Program Files\Killer Networking\Network Manager\KillerService.exe [454872 2016-01-28] (Rivet Networks) R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [4470736 2017-05-09] (Malwarebytes) S3 MessagingService_43cab; C:\WINDOWS\system32\svchost.exe [47664 2017-03-18] (Microsoft Corporation) <==== ATTENTION (pas de ServiceDLL) S3 MessagingService_43cab; C:\WINDOWS\SysWOW64\svchost.exe [40904 2017-03-18] (Microsoft Corporation) <==== ATTENTION (pas de ServiceDLL) S3 MSDTC; C:\WINDOWS\System32\msdtc.exe [147456 2017-03-18] (Microsoft Corporation) S3 MSIClock_CC; C:\Program Files (x86)\MSI\Command Center\ClockGen\MSIClockService.exe [4163680 2016-09-09] (MSI) S3 MSICOMM_CC; C:\Program Files (x86)\MSI\Command Center\MSICommService.exe [2206304 2017-01-06] (MSI) S3 MSICPU_CC; C:\Program Files (x86)\MSI\Command Center\CPU\MSICPUService.exe [4172896 2016-12-14] (MSI) R2 MSICTL_CC; C:\Program Files (x86)\MSI\Command Center\MSIControlService.exe [2102880 2017-02-15] (MSI) S2 MSIDDR_CC; C:\Program Files (x86)\MSI\Command Center\DDR\MSIDDRService.exe [2331744 2017-02-15] (MSI) S3 msiserver; C:\WINDOWS\System32\msiexec.exe [66048 2017-03-18] (Microsoft Corporation) S3 msiserver; C:\WINDOWS\SysWOW64\msiexec.exe [59392 2017-03-18] (Microsoft Corporation) S3 MSISMB_CC; C:\Program Files (x86)\MSI\Command Center\SMBus\MSISMBService.exe [2076768 2016-12-05] (MSI) S3 MSISuperIO_CC; C:\Program Files (x86)\MSI\Command Center\SuperIO\MSISuperIOService.exe [611936 2017-02-10] (MSI) R2 MSI_ActiveX_Service; C:\Program Files (x86)\MSI\MSI OC Kit\ActiveX_Service\MSI_ActiveX_Service.exe [80312 2017-05-18] (Micro-Star INT'L CO., LTD.) R2 MSI_FastBoot; C:\Program Files (x86)\MSI\Fast Boot\FastBootService.exe [111568 2017-04-05] (MSI) R2 MSI_LiveUpdate_Service; C:\Program Files (x86)\MSI\Live Update\MSI_LiveUpdate_Service.exe [2285008 2017-05-11] (Micro-Star INT'L CO., LTD.) R2 MSI_SuperCharger; C:\Program Files (x86)\MSI\Super Charger\ChargeService.exe [174032 2017-04-28] (MSI) R2 OneSyncSvc_43cab; C:\WINDOWS\system32\svchost.exe [47664 2017-03-18] (Microsoft Corporation) R2 OneSyncSvc_43cab; C:\WINDOWS\SysWOW64\svchost.exe [40904 2017-03-18] (Microsoft Corporation) R3 PimIndexMaintenanceSvc_43cab; C:\WINDOWS\system32\svchost.exe [47664 2017-03-18] (Microsoft Corporation) R3 PimIndexMaintenanceSvc_43cab; C:\WINDOWS\SysWOW64\svchost.exe [40904 2017-03-18] (Microsoft Corporation) R2 PnkBstrA; C:\WINDOWS\SysWOW64\PnkBstrA.exe [76888 2017-07-28] () S3 RpcLocator; C:\WINDOWS\system32\locator.exe [11264 2017-03-18] (Microsoft Corporation) R2 SamSs; C:\WINDOWS\system32\lsass.exe [58488 2017-08-05] (Microsoft Corporation) R2 SecurityHealthService; C:\WINDOWS\system32\SecurityHealthService.exe [336320 2017-08-05] (Microsoft Corporation) S3 SensorDataService; C:\WINDOWS\System32\SensorDataService.exe [1284608 2017-03-18] (Microsoft Corporation) S3 SNMPTRAP; C:\WINDOWS\System32\snmptrap.exe [15872 2017-08-05] (Microsoft Corporation) S3 spectrum; C:\WINDOWS\system32\spectrum.exe [891904 2017-03-18] (Microsoft Corporation) R2 Spooler; C:\WINDOWS\System32\spoolsv.exe [757760 2017-03-18] (Microsoft Corporation) S2 sppsvc; C:\WINDOWS\system32\sppsvc.exe [4574192 2017-03-18] (Microsoft Corporation) S3 TieringEngineService; C:\WINDOWS\system32\TieringEngineService.exe [302592 2017-03-18] (Microsoft Corporation) S3 UI0Detect; C:\WINDOWS\system32\UI0Detect.exe [43008 2017-03-18] (Microsoft Corporation) R3 UnistoreSvc_43cab; C:\WINDOWS\System32\svchost.exe [47664 2017-03-18] (Microsoft Corporation) R3 UnistoreSvc_43cab; C:\WINDOWS\SysWOW64\svchost.exe [40904 2017-03-18] (Microsoft Corporation) R3 UserDataSvc_43cab; C:\WINDOWS\system32\svchost.exe [47664 2017-03-18] (Microsoft Corporation) R3 UserDataSvc_43cab; C:\WINDOWS\SysWOW64\svchost.exe [40904 2017-03-18] (Microsoft Corporation) S3 vds; C:\WINDOWS\System32\vds.exe [643072 2017-03-18] (Microsoft Corporation) S3 VSS; C:\WINDOWS\system32\vssvc.exe [1550848 2017-03-18] (Microsoft Corporation) R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [342264 2017-03-18] (Microsoft Corporation) R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [102816 2017-08-05] (Microsoft Corporation) R2 WpnUserService_43cab; C:\WINDOWS\system32\svchost.exe [47664 2017-03-18] (Microsoft Corporation) R2 WpnUserService_43cab; C:\WINDOWS\SysWOW64\svchost.exe [40904 2017-03-18] (Microsoft Corporation) R2 WSearch; C:\WINDOWS\system32\SearchIndexer.exe [933376 2017-08-05] (Microsoft Corporation) R2 WSearch; C:\WINDOWS\SysWOW64\SearchIndexer.exe [797184 2017-08-05] (Microsoft Corporation) R2 XTU3SERVICE; C:\Program Files (x86)\Intel\Intel(R) Extreme Tuning Utility\XtuService.exe [18232 2016-10-20] (Intel(R) Corporation) ===================== Pilotes (Avec liste blanche) ====================== (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.) S0 amdkmafd; C:\WINDOWS\System32\drivers\amdkmafd.sys [21160 2012-09-23] (Advanced Micro Devices, Inc.) R3 amdkmdag; C:\WINDOWS\System32\DriverStore\FileRepository\c0309377.inf_amd64_7ab08912e1e1da0a\atikmdag.sys [26568848 2017-02-03] (Advanced Micro Devices, Inc.) R3 amdkmdap; C:\WINDOWS\System32\DriverStore\FileRepository\c0309377.inf_amd64_7ab08912e1e1da0a\atikmpag.sys [536600 2017-02-03] (Advanced Micro Devices, Inc.) R3 AtiHDAudioService; C:\WINDOWS\system32\drivers\AtihdWT6.sys [110088 2017-04-26] (Advanced Micro Devices) R1 BfLwf; C:\WINDOWS\system32\DRIVERS\bwcW10x64.sys [144456 2016-01-22] (Rivet Networks, LLC.) S3 BstHdDrv; C:\Program Files (x86)\BlueStacks\HD-Hypervisor-amd64.sys [152672 2017-05-24] (BlueStack Systems) S3 BstkDrv; C:\Program Files (x86)\BlueStacks\BstkDrv.sys [270904 2017-05-22] (Bluestack System Inc. ) R1 ESProtectionDriver; C:\WINDOWS\system32\drivers\mbae64.sys [77376 2017-09-11] () R3 I2cHkBurn; C:\WINDOWS\system32\drivers\I2cHkBurn.sys [41760 2015-07-27] (FINTEK Corp.) R2 iocbios2; C:\Program Files (x86)\Intel\Intel(R) Extreme Tuning Utility\Drivers\IocDriver\64bit\iocbios2.sys [37064 2016-08-24] (Intel Corporation) R3 KillerEth; C:\WINDOWS\System32\drivers\e2xw10x64.sys [145920 2017-03-18] (Qualcomm Atheros, Inc.) R2 MBAMChameleon; C:\WINDOWS\system32\drivers\MBAMChameleon.sys [188352 2017-09-11] (Malwarebytes) R3 MBAMFarflt; C:\WINDOWS\system32\drivers\farflt.sys [101784 2017-09-11] (Malwarebytes) R3 MBAMProtection; C:\WINDOWS\system32\drivers\mbam.sys [45472 2017-09-11] (Malwarebytes) R0 MBAMSwissArmy; C:\WINDOWS\System32\drivers\MBAMSwissArmy.sys [253856 2017-09-11] (Malwarebytes) R3 MBAMWebProtection; C:\WINDOWS\system32\drivers\mwac.sys [93600 2017-09-11] (Malwarebytes) R1 MpKslf91c3665; C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{C4F3D6D5-14D5-4718-839A-298128E74AF0}\MpKslf91c3665.sys [44928 2017-09-11] (Microsoft Corporation) R3 NTIOLib_FastBoot; C:\Program Files (x86)\MSI\Fast Boot\NTIOLib_X64.sys [14288 2017-03-29] (MSI) R3 NTIOLib_MBAPI; C:\Program Files (x86)\MSI\Gaming APP\Lib\NTIOLib_X64.sys [14288 2017-05-18] (MSI) R3 NTIOLib_MSIDDR_CC; C:\Program Files (x86)\MSI\Command Center\DDR\NTIOLib_X64.sys [13368 2012-11-26] (MSI) R3 NTIOLib_SuperCharger; C:\Program Files (x86)\MSI\Super Charger\NTIOLib_X64.sys [14288 2017-03-15] (MSI) S3 RTCore64; C:\Program Files (x86)\MSI Afterburner\RTCore64.sys [14024 2016-10-24] () S3 SDFRd; C:\WINDOWS\System32\drivers\SDFRd.sys [31128 2017-03-18] () S0 WdBoot; C:\WINDOWS\System32\drivers\WdBoot.sys [44632 2017-03-18] (Microsoft Corporation) R0 WdFilter; C:\WINDOWS\System32\drivers\WdFilter.sys [294816 2017-03-18] (Microsoft Corporation) R3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [121248 2017-03-18] (Microsoft Corporation) S3 xhunter1; C:\WINDOWS\xhunter1.sys [37344 2017-09-06] (Wellbia.com Co., Ltd.) R3 XtuAcpiDriver; C:\WINDOWS\System32\drivers\XtuAcpiDriver.sys [54352 2016-08-18] (Intel Corporation) R1 YSDrv; C:\Program Files (x86)\Bignox\BigNoxVM\RT\YSDrv.sys [270608 2017-07-12] (BigNox Corporation) S3 VMnetAdapter; \SystemRoot\system32\DRIVERS\vmnetadapter.sys [X] ==================== NetSvcs (Avec liste blanche) =================== (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.) ==================== Un mois - Créés - fichiers et dossiers ======== (Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.) 2017-09-11 14:53 - 2017-09-11 14:54 - 000024936 _____ C:\Users\garfi\Desktop\FRST.txt 2017-09-11 14:53 - 2017-09-11 14:53 - 002396672 _____ (Farbar) C:\Users\garfi\Desktop\FRST64.exe 2017-09-11 14:53 - 2017-09-11 14:53 - 000000000 ____D C:\FRST 2017-09-11 14:50 - 2017-09-11 14:50 - 000002346 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk 2017-09-11 14:50 - 2017-09-11 14:50 - 000002334 _____ C:\Users\Public\Desktop\Google Chrome.lnk 2017-09-11 14:49 - 2017-09-11 14:49 - 001549800 _____ ( ) C:\Users\garfi\Downloads\chrome_setup.exe 2017-09-11 14:49 - 2017-09-11 14:49 - 000929872 _____ (Google Inc.) C:\Users\garfi\Downloads\chrome_francais.exe 2017-09-11 14:35 - 2017-09-11 14:35 - 064025992 _____ (Malwarebytes ) C:\Users\garfi\Downloads\mb3-setup-SEMFD.100SEM-3.1.2.1733-1.0.139-1.0.2060 (1).exe 2017-09-11 14:24 - 2017-09-11 14:27 - 000188352 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMChameleon.sys 2017-09-11 14:23 - 2017-09-11 14:39 - 000253856 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys 2017-09-11 14:23 - 2017-09-11 14:39 - 000101784 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\farflt.sys 2017-09-11 14:23 - 2017-09-11 14:39 - 000093600 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mwac.sys 2017-09-11 14:23 - 2017-09-11 14:39 - 000045472 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbam.sys 2017-09-11 14:23 - 2017-09-11 14:26 - 000077376 _____ C:\WINDOWS\system32\Drivers\mbae64.sys 2017-09-11 14:23 - 2017-09-11 14:23 - 000001912 _____ C:\Users\Public\Desktop\Malwarebytes.lnk 2017-09-11 14:23 - 2017-09-11 14:23 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes 2017-09-11 14:23 - 2017-09-11 14:23 - 000000000 ____D C:\ProgramData\Malwarebytes 2017-09-11 14:23 - 2017-09-11 14:23 - 000000000 ____D C:\Program Files\Malwarebytes 2017-09-11 14:21 - 2017-09-11 14:22 - 064025992 _____ (Malwarebytes ) C:\Users\garfi\Downloads\mb3-setup-SEMFD.100SEM-3.1.2.1733-1.0.139-1.0.2060.exe 2017-09-10 07:29 - 2017-09-10 07:29 - 000260864 _____ (Facebook) C:\Users\garfi\Downloads\FacebookGameroom.exe 2017-09-09 20:37 - 2017-09-09 20:37 - 000000000 ____D C:\ProgramData\NexonUS 2017-09-09 20:37 - 2017-09-09 20:37 - 000000000 ____D C:\ProgramData\Nexon 2017-09-09 20:36 - 2017-09-09 20:36 - 000000016 _____ C:\ProgramData\mntemp 2017-09-09 20:35 - 2017-09-09 20:38 - 000000000 ____D C:\Users\garfi\OneDrive\Documents\Vindictus 2017-09-09 20:12 - 2017-09-09 20:12 - 000001605 _____ C:\Users\garfi\Desktop\Vindictus.lnk 2017-09-09 20:07 - 2017-09-09 20:07 - 000000000 ____D C:\Users\garfi\AppData\Roaming\Python 2017-09-09 20:07 - 2017-09-09 20:07 - 000000000 ____D C:\Users\garfi\AppData\Local\NexonLauncher 2017-09-09 20:07 - 2017-09-09 20:07 - 000000000 ____D C:\Users\garfi\AppData\Local\Crashpad 2017-09-09 20:07 - 2017-09-09 20:07 - 000000000 ____D C:\Nexon 2017-09-09 20:06 - 2017-09-09 20:12 - 000000000 ____D C:\Users\garfi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Nexon 2017-09-09 20:06 - 2017-09-09 20:07 - 000000000 ____D C:\Users\garfi\AppData\Roaming\NexonLauncher 2017-09-09 20:06 - 2017-09-09 20:06 - 011437984 _____ C:\Users\garfi\Downloads\NexonLauncherSetup.exe 2017-09-09 20:06 - 2017-09-09 20:06 - 000000813 _____ C:\Users\garfi\Desktop\Nexon Launcher.lnk 2017-09-09 16:07 - 2017-09-09 16:11 - 000000000 ____D C:\Users\garfi\OneDrive\Documents\PROPCCleaner 2017-09-09 16:07 - 2017-09-09 16:07 - 001611944 _____ (Secure Download Ltd. ) C:\Users\garfi\Desktop\Registry_Activation 2017-09-09 16:06 - 2017-09-09 16:06 - 001733104 _____ (BitTorrent Inc.) C:\Users\garfi\Downloads\uTorrent (1).exe 2017-09-09 16:04 - 2017-09-11 14:33 - 000000000 ____D C:\Program Files (x86)\KMSPico 10.2.1 Final 2017-09-09 16:04 - 2017-09-09 16:04 - 000003562 _____ C:\WINDOWS\System32\Tasks\SVC Update 2017-09-09 15:53 - 2017-09-09 16:13 - 000000000 ____D C:\Users\garfi\AppData\Roaming\uTorrent 2017-09-09 15:53 - 2017-09-09 15:53 - 001733104 _____ (BitTorrent Inc.) C:\Users\garfi\Downloads\uTorrent.exe 2017-09-09 15:53 - 2017-09-09 15:53 - 000000896 _____ C:\Users\garfi\Desktop\µTorrent.lnk 2017-09-09 15:53 - 2017-09-09 15:53 - 000000876 _____ C:\Users\garfi\AppData\Roaming\Microsoft\Windows\Start Menu\µTorrent.lnk 2017-09-08 17:06 - 2017-09-08 17:06 - 000180933 _____ C:\Users\garfi\Downloads\Bouyguestelecom_Facture_20170623 (1).pdf 2017-09-06 18:04 - 2017-09-06 18:04 - 000000075 _____ C:\Users\garfi\Desktop\7-49 À regarder plus tard.url 2017-09-05 15:58 - 2017-09-05 15:58 - 000000000 ____H C:\WINDOWS\system32\Drivers\Msft_User_WpdFs_01_11_00.Wdf 2017-09-04 18:54 - 2017-09-04 18:54 - 000329566 _____ C:\Users\garfi\Desktop\watch.html 2017-08-29 17:26 - 2017-08-29 17:26 - 000069240 _____ C:\Users\garfi\Downloads\Bouyguestelecom_Facture_20170727.pdf 2017-08-29 17:22 - 2017-08-29 17:22 - 000068531 _____ C:\Users\garfi\Downloads\Bouyguestelecom_Facture_20170827.pdf 2017-08-29 15:21 - 2017-08-29 15:21 - 000180933 _____ C:\Users\garfi\Downloads\Bouyguestelecom_Facture_20170623.pdf 2017-08-29 15:21 - 2017-08-29 15:21 - 000180933 _____ C:\Users\garfi\Desktop\Bouyguestelecom_Facture_20170623.pdf 2017-08-29 15:20 - 2017-08-29 15:20 - 000183058 _____ C:\Users\garfi\Downloads\Bouyguestelecom_Facture_20170823 (1).pdf 2017-08-25 22:08 - 2017-08-25 22:08 - 000000000 ____D C:\Users\garfi\AppData\LocalLow\Unnyhog 2017-08-25 21:24 - 2017-08-25 21:24 - 000000222 _____ C:\Users\garfi\Desktop\UnnyWorld.url 2017-08-23 19:58 - 2017-08-23 19:58 - 000183058 _____ C:\Users\garfi\Downloads\Bouyguestelecom_Facture_20170823.pdf 2017-08-21 11:25 - 2017-08-21 11:25 - 000000222 _____ C:\Users\garfi\Desktop\S.K.I.L.L. - Special Force 2.url 2017-08-18 15:43 - 2017-08-18 15:43 - 000181033 _____ C:\Users\garfi\Downloads\Bouyguestelecom_Facture_20170723.pdf 2017-08-15 13:46 - 2017-08-15 13:46 - 000000000 ____D C:\Users\garfi\AppData\Roaming\EasyAntiCheat ==================== Un mois - Modifiés - fichiers et dossiers ======== (Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.) 2017-09-11 14:50 - 2017-02-03 04:12 - 000000000 ____D C:\Program Files (x86)\Google 2017-09-11 14:45 - 2017-08-05 22:56 - 002355274 _____ C:\WINDOWS\system32\PerfStringBackup.INI 2017-09-11 14:45 - 2017-03-20 07:10 - 001091714 _____ C:\WINDOWS\system32\perfh00C.dat 2017-09-11 14:45 - 2017-03-20 07:10 - 000235240 _____ C:\WINDOWS\system32\perfc00C.dat 2017-09-11 14:39 - 2017-08-05 22:58 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT 2017-09-11 14:39 - 2017-08-05 22:51 - 000065536 _____ C:\WINDOWS\system32\spu_storage.bin 2017-09-11 14:39 - 2017-03-18 13:40 - 001048576 _____ C:\WINDOWS\system32\config\BBI 2017-09-11 14:39 - 2017-03-03 10:59 - 000000000 ____D C:\Users\garfi\AppData\Local\MyComGames 2017-09-11 14:39 - 2017-02-05 19:34 - 000000000 ____D C:\Program Files (x86)\Steam 2017-09-11 14:34 - 2017-08-05 22:52 - 000000000 ____D C:\Users\garfi 2017-09-11 14:33 - 2017-03-03 10:18 - 000000000 ____D C:\Users\garfi\AppData\Local\cd04b59 2017-09-11 14:06 - 2017-08-05 22:51 - 000000000 ____D C:\WINDOWS\system32\SleepStudy 2017-09-11 08:07 - 2017-03-18 23:03 - 000000000 ____D C:\WINDOWS\AppReadiness 2017-09-10 21:59 - 2017-07-01 22:12 - 000779304 _____ C:\WINDOWS\system32\Drivers\EasyAntiCheat.sys 2017-09-10 21:00 - 2017-02-03 04:42 - 000000000 ____D C:\Users\garfi\AppData\Local\ElevatedDiagnostics 2017-09-09 20:06 - 2016-06-28 12:13 - 000000001 _____ C:\END 2017-09-09 16:08 - 2017-02-03 04:25 - 000000000 ____D C:\Users\garfi\AppData\Local\{9367A53B-B7CF-C983-DA57-EC6BFE3F10F3} 2017-09-09 15:20 - 2017-02-03 04:25 - 000000290 __RSH C:\ProgramData\ntuser.pol 2017-09-09 07:27 - 2017-03-18 23:03 - 000000000 ___HD C:\Program Files\WindowsApps 2017-09-09 04:10 - 2017-02-03 04:10 - 000000000 ___RD C:\Users\garfi\OneDrive 2017-09-09 03:20 - 2017-08-05 22:58 - 000003378 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-3537187915-2253798678-3291736898-1001 2017-09-09 03:20 - 2017-02-03 04:10 - 000002411 _____ C:\Users\garfi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk 2017-09-08 16:08 - 2017-07-31 12:04 - 000000000 ____D C:\Users\garfi\AppData\Roaming\Andy 2017-09-08 16:07 - 2017-07-31 12:07 - 000000000 ____D C:\Users\garfi\AppData\Roaming\VMware 2017-09-08 16:07 - 2017-03-18 23:01 - 000000000 ____D C:\WINDOWS\INF 2017-09-06 12:33 - 2017-02-07 10:58 - 000037344 _____ (Wellbia.com Co., Ltd.) C:\WINDOWS\xhunter1.sys 2017-09-05 13:14 - 2017-02-03 15:31 - 000000000 ____D C:\Users\garfi\AppData\Local\Blizzard Entertainment 2017-09-05 13:09 - 2017-02-03 15:31 - 000000000 ____D C:\Users\garfi\AppData\Local\Battle.net 2017-09-05 12:59 - 2017-02-03 15:31 - 000000000 ____D C:\Program Files (x86)\Battle.net 2017-09-02 20:59 - 2017-07-08 14:48 - 000000000 ____D C:\Users\garfi\AppData\Local\osu! 2017-08-30 23:46 - 2017-03-05 18:50 - 000000000 ____D C:\Users\garfi\AppData\Local\Warframe 2017-08-29 17:19 - 2017-02-21 17:18 - 000001361 _____ C:\Users\garfi\Desktop\Facture.txt 2017-08-26 13:33 - 2017-07-07 01:22 - 000000118 _____ C:\Users\garfi\Desktop\Compte.txt 2017-08-25 21:24 - 2017-02-05 20:13 - 000000000 ____D C:\Users\garfi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam 2017-08-24 18:22 - 2017-06-05 23:32 - 000000000 ____D C:\ProgramData\BlueStacksSetup 2017-08-22 07:45 - 2017-02-03 04:43 - 000002115 _____ C:\Users\Public\Desktop\Google Slides.lnk 2017-08-22 07:45 - 2017-02-03 04:43 - 000002113 _____ C:\Users\Public\Desktop\Google Sheets.lnk 2017-08-22 07:45 - 2017-02-03 04:43 - 000002103 _____ C:\Users\Public\Desktop\Google Docs.lnk 2017-08-22 07:45 - 2017-02-03 04:43 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Drive 2017-08-18 09:00 - 2017-02-03 05:42 - 000544424 ____N (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe 2017-08-12 18:10 - 2017-07-07 00:10 - 000012095 _____ C:\Users\garfi\AppData\Localtransition_12d464e8f184634e2f4fae5fa034aa5c.ini ==================== Fichiers à la racine de certains dossiers ======= 2017-07-31 11:44 - 2017-07-31 13:12 - 000001686 _____ () C:\Users\garfi\AppData\Roaming\droid4xinstaller.log 2017-03-02 11:56 - 2017-03-03 12:20 - 000053179 _____ () C:\Users\garfi\AppData\Roaming\Uninstall.exe 2017-02-03 15:45 - 2017-02-03 15:45 - 000000000 ____H () C:\ProgramData\DP45977C.lfl 2017-09-09 20:36 - 2017-09-09 20:36 - 000000016 _____ () C:\ProgramData\mntemp Certains fichiers dans TEMP: ==================== 2017-08-21 11:51 - 2017-08-21 11:53 - 000000093 _____ () C:\Users\garfi\AppData\Local\Temp\5fabfb55008d588056e87337294c0cfa.dll 2017-08-29 22:04 - 2017-09-06 12:33 - 000000016 _____ () C:\Users\garfi\AppData\Local\Temp\7af3804daef5ff49304bd5528859e921.dll 2017-08-21 11:50 - 2017-08-21 13:23 - 000000000 _____ () C:\Users\garfi\AppData\Local\Temp\ed6e8e8c4b588010c8f64663407c6196.dll 2017-08-29 22:04 - 2017-09-06 12:34 - 000000000 _____ () C:\Users\garfi\AppData\Local\Temp\fb1d5c12ab65a33663c67a42c8bf47b2.dll 2017-09-08 16:06 - 2017-02-03 15:20 - 001342792 _____ (Andy OS, inc.) C:\Users\garfi\AppData\Local\Temp\RemoveTemp.exe ==================== Bamital & volsnap ====================== (Il n'y a pas de correction automatique pour les fichiers qui ne satisfont pas à la vérification.) C:\WINDOWS\system32\winlogon.exe => Le fichier est signé numériquement C:\WINDOWS\system32\wininit.exe => Le fichier est signé numériquement C:\WINDOWS\explorer.exe => Le fichier est signé numériquement C:\WINDOWS\SysWOW64\explorer.exe => Le fichier est signé numériquement C:\WINDOWS\system32\svchost.exe => Le fichier est signé numériquement C:\WINDOWS\SysWOW64\svchost.exe => Le fichier est signé numériquement C:\WINDOWS\system32\services.exe => Le fichier est signé numériquement C:\WINDOWS\system32\User32.dll => Le fichier est signé numériquement C:\WINDOWS\SysWOW64\User32.dll => Le fichier est signé numériquement C:\WINDOWS\system32\userinit.exe => Le fichier est signé numériquement C:\WINDOWS\SysWOW64\userinit.exe => Le fichier est signé numériquement C:\WINDOWS\system32\rpcss.dll => Le fichier est signé numériquement C:\WINDOWS\system32\dnsapi.dll => Le fichier est signé numériquement C:\WINDOWS\SysWOW64\dnsapi.dll => Le fichier est signé numériquement C:\WINDOWS\system32\Drivers\volsnap.sys => Le fichier est signé numériquement LastRegBack: 2017-09-04 23:52 ==================== Fin de FRST.txt ============================