Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

HijackThis Log: Please help Diagnose


  • This topic is locked This topic is locked
13 replies to this topic

#1 LiHo

LiHo

  • Members
  • 7 posts
  • OFFLINE
  •  
  • Local time:05:25 AM

Posted 02 September 2015 - 10:32 AM

Hello,

Please, can you help me for diagnose ?

 

 

Logfile of Trend Micro HijackThis v2.0.5
Scan saved at 14:52:48, on 02/09/2015
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.17937)


Boot mode: Normal

Running processes:
C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
C:\Program Files (x86)\Avira\Launcher\Avira.Systray.exe
C:\Program Files (x86)\TOSHIBA\ConfigFree\NDSTray.exe
C:\Program Files (x86)\TOSHIBA\ConfigFree\CFSwMgr.exe
C:\Users\SEBASTIEN\Downloads\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,SearchAssistant = about:blank
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,CustomizeSearch = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,SearchAssistant = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,CustomizeSearch = about:blank
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Windows Live Messenger Companion Helper - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O4 - HKLM\..\Run: [TSleepSrv] %ProgramFiles(x86)%\TOSHIBA\TOSHIBA Sleep Utility\TSleepSrv.exe
O4 - HKLM\..\Run: [TWebCamera] "C:\Program Files (x86)\TOSHIBA\TOSHIBA Web Camera Application\TWebCamera.exe" autorun
O4 - HKLM\..\Run: [avgnt] "C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe" /min
O4 - HKLM\..\Run: [Avira Systray] C:\Program Files (x86)\Avira\Launcher\Avira.Systray.exe
O4 - HKCU\..\Run: [TOPI.EXE] C:\Program Files (x86)\TOSHIBA\TOSHIBA Online Product Information\topi.exe /STAR
O4 - HKUS\S-1-5-18\..\Run: [TOPI.EXE] C:\Program Files (x86)\TOSHIBA\TOSHIBA Online Product Information\topi.exe /STARTUP (User 'Système')
O4 - HKUS\S-1-5-18\..\RunOnce: [SPReview] "C:\Windows\System32\SPReview\SPReview.exe" /sp:1 /errorfwlink:"http://go.microsoft.com/fwlink/?LinkID=122915" /build:7601 (User 'Système')
O4 - HKUS\.DEFAULT\..\Run: [TOPI.EXE] C:\Program Files (x86)\TOSHIBA\TOSHIBA Online Product Information\topi.exe /STARTUP (User 'Default user')
O4 - HKUS\.DEFAULT\..\RunOnce: [SPReview] "C:\Windows\System32\SPReview\SPReview.exe" /sp:1 /errorfwlink:"http://go.microsoft.com/fwlink/?LinkID=122915" /build:7601 (User 'Default user')
O4 - .DEFAULT User Startup: TRDCReminder.lnk = C:\Program Files (x86)\TOSHIBA\TRDCReminder\TRDCReminder.exe (User 'Default user')
O8 - Extra context menu item: Ajouter à TOSHIBA Bulletin Board - res://C:\Program Files\TOSHIBA\BulletinBoard\TosBBCom.dll/1000
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Companion\companionlang.dll,-600 - {0000036B-C524-4050-81A0-243669A86B9F} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra 'Tools' menuitem: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra button: @C:\Program Files\TOSHIBA\BulletinBoard\TosNcUi.dll,-229 - {97F922BD-8563-4184-87EE-8C4ACA438823} - (no file)
O9 - Extra 'Tools' menuitem: @C:\Program Files\TOSHIBA\BulletinBoard\TosNcUi.dll,-228 - {97F922BD-8563-4184-87EE-8C4ACA438823} - (no file)
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: @%SystemRoot%\system32\aelupsvc.dll,-1 (AeLookupSvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: Avira Protection e-mail (AntiVirMailService) - Avira Operations GmbH & Co. KG - C:\Program Files (x86)\Avira\AntiVir Desktop\avmailc7.exe
O23 - Service: Avira Planificateur (AntiVirSchedulerService) - Avira Operations GmbH & Co. KG - C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
O23 - Service: Avira Protection temps réel (AntiVirService) - Avira Operations GmbH & Co. KG - C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
O23 - Service: Avira Protection Web (AntiVirWebService) - Avira Operations GmbH & Co. KG - C:\Program Files (x86)\Avira\AntiVir Desktop\avwebg7.exe
O23 - Service: @%systemroot%\system32\appidsvc.dll,-100 (AppIDSvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%systemroot%\system32\appinfo.dll,-100 (Appinfo) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\audiosrv.dll,-204 (AudioEndpointBuilder) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\audiosrv.dll,-200 (AudioSrv) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: Avira Service Host (Avira.ServiceHost) - Avira Operations GmbH & Co. KG - C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe
O23 - Service: @%SystemRoot%\system32\AxInstSV.dll,-103 (AxInstSV) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\bdesvc.dll,-100 (BDESVC) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\bfe.dll,-1001 (BFE) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\qmgr.dll,-1000 (BITS) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%systemroot%\system32\browser.dll,-100 (Browser) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\System32\bthserv.dll,-101 (bthserv) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\System32\certprop.dll,-11 (CertPropSvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: ConfigFree WiMAX Service (cfWiMAXService) - TOSHIBA CORPORATION - C:\Program Files (x86)\TOSHIBA\ConfigFree\CFIWmxSvcs64.exe
O23 - Service: ConfigFree Service - TOSHIBA CORPORATION - C:\Program Files (x86)\TOSHIBA\ConfigFree\CFSvcs.exe
O23 - Service: @%SystemRoot%\system32\cryptsvc.dll,-1001 (CryptSvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @oleres.dll,-5012 (DcomLaunch) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\defragsvc.dll,-101 (defragsvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\dhcpcore.dll,-100 (Dhcp) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\UtcResources.dll,-3001 (DiagTrack) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\System32\dnsapi.dll,-101 (Dnscache) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%systemroot%\system32\dot3svc.dll,-1102 (dot3svc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%systemroot%\system32\dps.dll,-500 (DPS) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%systemroot%\system32\eapsvc.dll,-1 (EapHost) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\ehome\ehrecvr.exe,-101 (ehRecvr) - Unknown owner - C:\Windows\ehome\ehRecvr.exe
O23 - Service: @%SystemRoot%\ehome\ehsched.exe,-101 (ehSched) - Unknown owner - C:\Windows\ehome\ehsched.exe
O23 - Service: @%SystemRoot%\system32\wevtsvc.dll,-200 (eventlog) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @comres.dll,-2450 (EventSystem) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: Intel® PROSet/Wireless Event Log (EvtEng) - Intel® Corporation - C:\Program Files\Intel\WiFi\bin\EvtEng.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\fdPHost.dll,-100 (fdPHost) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%systemroot%\system32\fdrespub.dll,-100 (FDResPub) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%systemroot%\system32\FntCache.dll,-100 (FontCache) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: NVIDIA GeForce Experience Service (GfExperienceService) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
O23 - Service: @gpapi.dll,-112 (gpsvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: Service Google Update (gupdate) (gupdate) - Unknown owner - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Service Google Update (gupdatem) (gupdatem) - Unknown owner - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: @%SystemRoot%\System32\hidserv.dll,-101 (hidserv) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\kmsvc.dll,-6 (hkmsvc) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\System32\ListSvc.dll,-100 (HomeGroupListener) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\System32\provsvc.dll,-100 (HomeGroupProvider) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files (x86)\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ikeext.dll,-501 (IKEEXT) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%systemroot%\system32\IPBusEnum.dll,-102 (IPBusEnum) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @comres.dll,-2946 (KtmRm) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%systemroot%\system32\srvsvc.dll,-100 (LanmanServer) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%systemroot%\system32\wkssvc.dll,-100 (LanmanWorkstation) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\lltdres.dll,-1 (lltdsvc) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\lmhsvc.dll,-101 (lmhosts) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: Intel® Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
O23 - Service: MBAMScheduler - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
O23 - Service: @%systemroot%\system32\mmcss.dll,-100 (MMCSS) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\FirewallAPI.dll,-23090 (MpsSvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\iscsidsc.dll,-5000 (MSiSCSI) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\msimsg.dll,-27 (msiserver) - Unknown owner - C:\Windows\system32\msiexec.exe
O23 - Service: Wireless PAN DHCP Server (MyWiFiDHCPDNS) - Unknown owner - C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
O23 - Service: @%SystemRoot%\system32\qagentrt.dll,-6 (napagent) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @c:\Program Files (x86)\Nero\Update\NASvc.exe,-200 (NAUpdate) - Nero AG - c:\Program Files (x86)\Nero\Update\NASvc.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\netman.dll,-109 (Netman) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\netprofm.dll,-202 (netprofm) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\System32\nlasvc.dll,-1 (NlaSvc) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\nsisvc.dll,-200 (nsi) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: NVIDIA Network Service (NvNetworkService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
O23 - Service: NVIDIA Streamer Service (NvStreamSvc) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\pnrpsvc.dll,-8004 (p2pimsvc) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\p2psvc.dll,-8006 (p2psvc) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\pcasvc.dll,-1 (PcaSvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%systemroot%\sysWow64\perfhost.exe,-2 (PerfHost) - Unknown owner - C:\Windows\SysWow64\perfhost.exe
O23 - Service: @%systemroot%\system32\pla.dll,-500 (pla) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\umpnpmgr.dll,-100 (PlugPlay) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\pnrpauto.dll,-8002 (PNRPAutoReg) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\pnrpsvc.dll,-8000 (PNRPsvc) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\System32\polstore.dll,-5010 (PolicyAgent) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\umpo.dll,-100 (Power) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%systemroot%\system32\profsvc.dll,-300 (ProfSvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\qwave.dll,-1 (QWAVE) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%Systemroot%\system32\rasauto.dll,-200 (RasAuto) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%Systemroot%\system32\rasmans.dll,-200 (RasMan) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: Intel® PROSet/Wireless Registry Service (RegSrvc) - Intel® Corporation - C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
O23 - Service: @regsvc.dll,-1 (RemoteRegistry) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%windir%\system32\RpcEpMap.dll,-1001 (RpcEptMapper) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @oleres.dll,-5010 (RpcSs) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\System32\SCardSvr.dll,-1 (SCardSvr) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\schedsvc.dll,-100 (Schedule) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\System32\certprop.dll,-13 (SCPolicySvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\sdrsvc.dll,-107 (SDRSVC) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\seclogon.dll,-7001 (seclogon) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\Sens.dll,-200 (SENS) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\System32\sensrsvc.dll,-1000 (SensrSvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\System32\SessEnv.dll,-1026 (SessionEnv) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\System32\shsvcs.dll,-12288 (ShellHWDetection) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppuinotify.dll,-103 (sppuinotify) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%systemroot%\system32\ssdpsrv.dll,-100 (SSDPSRV) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\sstpsvc.dll,-200 (SstpSvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
O23 - Service: @%SystemRoot%\system32\wiaservc.dll,-9 (stisvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\System32\swprv.dll,-103 (swprv) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\sysmain.dll,-1000 (SysMain) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\TabSvc.dll,-100 (TabletInputService) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\tapisrv.dll,-10100 (TapiSrv) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\tbssvc.dll,-100 (TBS) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: Notebook Performance Tuning Service (TEMPRO) (TemproMonitoringService) - Toshiba Europe GmbH - C:\Program Files (x86)\Toshiba TEMPRO\TemproSvc.exe
O23 - Service: @%SystemRoot%\System32\termsrv.dll,-268 (TermService) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\System32\themeservice.dll,-8192 (Themes) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%systemroot%\system32\mmcss.dll,-102 (THREADORDER) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: TMachInfo - TOSHIBA Corporation - C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe
O23 - Service: TOSHIBA Optical Disc Drive Service (TODDSrv) - Unknown owner - C:\Windows\system32\TODDSrv.exe (file missing)
O23 - Service: TOSHIBA Power Saver (TosCoSrv) - TOSHIBA Corporation - C:\Program Files\Toshiba\Power Saver\TosCoSrv.exe
O23 - Service: TOSHIBA eco Utility Service - TOSHIBA Corporation - C:\Program Files\TOSHIBA\TECO\TecoService.exe
O23 - Service: TOSHIBA HDD SSD Alert Service - TOSHIBA Corporation - C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe
O23 - Service: TPCH Service (TPCHSrv) - TOSHIBA Corporation - C:\Program Files\TOSHIBA\TPHM\TPCHSrv.exe
O23 - Service: @%SystemRoot%\servicing\TrustedInstaller.exe,-100 (TrustedInstaller) - Unknown owner - C:\Windows\servicing\TrustedInstaller.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: Intel® Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
O23 - Service: @%systemroot%\system32\upnphost.dll,-213 (upnphost) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\dwm.exe,-2000 (UxSms) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\w32time.dll,-200 (W32Time) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%systemroot%\system32\wbiosrvc.dll,-100 (WbioSrvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\wcncsvc.dll,-3 (wcncsvc) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\WcsPlugInService.dll,-200 (WcsPlugInService) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%systemroot%\system32\wdi.dll,-502 (WdiServiceHost) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%systemroot%\system32\wdi.dll,-500 (WdiSystemHost) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%systemroot%\system32\webclnt.dll,-100 (WebClient) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\wecsvc.dll,-200 (Wecsvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\System32\wercplsupport.dll,-101 (wercplsupport) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\System32\wersvc.dll,-100 (WerSvc) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%ProgramFiles%\Windows Defender\MsMpRes.dll,-103 (WinDefend) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%Systemroot%\system32\wbem\wmisvc.dll,-205 (Winmgmt) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%Systemroot%\system32\wsmsvc.dll,-101 (WinRM) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\System32\wlansvc.dll,-257 (Wlansvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
O23 - Service: @%SystemRoot%\system32\wpcsvc.dll,-100 (WPCSvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\wpdbusenum.dll,-100 (WPDBusEnum) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\System32\wscsvc.dll,-200 (wscsvc) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%systemroot%\system32\SearchIndexer.exe,-103 (WSearch) - Unknown owner - C:\Windows\system32\SearchIndexer.exe
O23 - Service: @%systemroot%\system32\wuaueng.dll,-105 (wuauserv) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\wudfsvc.dll,-1000 (wudfsvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\System32\wwansvc.dll,-257 (WwanSvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: Intel® PROSet/Wireless Zero Configuration Service (ZeroConfigService) - Intel® Corporation - C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe

--
End of file - 25351 bytes
 

 

Thank you for helping



BC AdBot (Login to Remove)

 


m

#2 Machiavelli

Machiavelli

    Agent 007


  • Malware Response Instructor
  • 3,897 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Germany
  • Local time:10:25 PM

Posted 03 September 2015 - 05:10 AM

Hey, :)

 

Please run the following diagnostic scans so I can ascertain the state of your computer.
 
STEP 1

xlK5Hdb.png Farbar Recovery Scan Tool (FRST) Scan

  • Please download Farbar Recovery Scan Tool (x32) or Farbar Recovery Scan Tool (x64) and save the file to your Desktop.
  • Note: Download and run the version compatible with your system (32 or 64-bit). Download both if you're unsure; only one will run.
  • Right-Click FRST.exe or FRST64.exe and select AVOiBNU.jpg Run as administrator to run the programme.
  • Click Yes to the disclaimer.
  • Ensure the Addition.txt box is checked.
  • Click the Scan button and let the programme run.
  • Upon completion, click OK, then OK on the Addition.txt pop up screen.
  • Two logs (FRST.txt & Addition.txt) will now be open on your Desktop. Copy the contents of both logs and paste in your next reply. 
     

STEP 2
YARWD1t.png TDSSKiller Scan

  • Please download TDSSKiller and save the file to your Desktop.
  • Right-Click TDSSKiller.exe and select AVOiBNU.jpg Run as administrator to run the programme.
  • Click Change parameters. Place a checkmark next to Detect TDLFS file system and Verify file digital signatures.
  • ​Click Start Scan. Do not use the computer during the scan.
  • If objects are found, change the action to skip.
  • Click Continue and close the window.
  • A log will be created and saved to the root directory (usually C:\). Attach (not copy/paste) the file in your next reply.
     

======================================================
 
STEP 3
pfNZP4A.png Logs
In your next reply please include the following logs. Please be sure to copy and paste the requested logs, as well as provide information on any questions I may have asked.

  • FRST.txt
  • Addition.txt
  • TDSSKiller log (attached!)

~Machiavelli

If I don't reply within 24 hours please PM me!

  • Every topic with no replies within 5 days will be closed.
  • If you like my help here please give me feedback.

unite_blue.png
 
 


#3 LiHo

LiHo
  • Topic Starter

  • Members
  • 7 posts
  • OFFLINE
  •  
  • Local time:05:25 AM

Posted 03 September 2015 - 06:34 AM

Hi, 

Thanks for helping !

 

Results are in French...

 

FRST.txt

 

Résultats d'analyse de  Farbar Recovery Scan Tool (FRST) (x64) Version:31-08-2015

Exécuté par SEBASTIEN (administrateur) sur SEBASTIEN-TOSH (03-09-2015 13:13:41)
Exécuté depuis C:\Users\SEBASTIEN\Desktop
Profils chargés: SEBASTIEN &  (Profils disponibles: SEBASTIEN & Invité)
Platform: Windows 7 Home Premium Service Pack 1 (X64) Langue: Français (France)
Internet Explorer Version 11 (Navigateur par défaut: Chrome)
Mode d'amorçage: Normal
 
==================== Processus (Avec liste blanche) =================
 
(Si un élément est inclus dans le fichier fixlist.txt, le processus sera arrêté. Le fichier ne sera pas déplacé.)
 
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(Intel® Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Intel® Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(TOSHIBA Corporation) C:\Windows\System32\TODDSrv.exe
(TOSHIBA Corporation) C:\Program Files\Toshiba\Power Saver\TosCoSrv.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(TOSHIBA Corporation) C:\Program Files\Toshiba\TECO\TecoService.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(TOSHIBA CORPORATION) C:\Program Files (x86)\TOSHIBA\ConfigFree\CFIWmxSvcs64.exe
(TOSHIBA CORPORATION) C:\Program Files (x86)\TOSHIBA\ConfigFree\CFSvcs.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
(Nero AG) C:\Program Files (x86)\Nero\Update\NASvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
(TOSHIBA Corporation) C:\Program Files\Toshiba\BulletinBoard\TosNcCore.exe
(TOSHIBA Corporation) C:\Program Files\Toshiba\ReelTime\TosReelTimeMonitor.exe
(Toshiba Europe GmbH) C:\Program Files (x86)\Toshiba TEMPRO\TemproTray.exe
(TOSHIBA Corporation) C:\Program Files\Toshiba\Power Saver\TPwrMain.exe
(TOSHIBA Corporation) C:\Program Files\Toshiba\FlashCards\TCrdMain.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(TOSHIBA Corporation) C:\Program Files\Toshiba\TECO\Teco.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(TOSHIBA) C:\Program Files (x86)\TOSHIBA\TOSHIBA Online Product Information\TOPI.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.Systray.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe
(TOSHIBA CORPORATION) C:\Program Files (x86)\TOSHIBA\ConfigFree\NDSTray.exe
(TOSHIBA CORPORATION) C:\Program Files (x86)\TOSHIBA\ConfigFree\CFSwMgr.exe
(TOSHIBA Corporation) C:\Program Files\Toshiba\TPHM\TPCHSrv.exe
(TOSHIBA Corporation) C:\Program Files\Toshiba\TOSHIBA HDD SSD Alert\TosSmartSrv.exe
(TOSHIBA Corporation) C:\Program Files\Toshiba\TPHM\TPCHWMsg.exe
(TOSHIBA Corporation) C:\Program Files\Toshiba\TOSHIBA HDD SSD Alert\TosSENotify.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
 
 
==================== Registre (Avec liste blanche) ===========================
 
(Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé. Le fichier ne sera pas déplacé.)
 
HKLM\...\Run: [TosNC] => C:\Program Files\Toshiba\BulletinBoard\TosNcCore.exe [597928 2010-12-13] (TOSHIBA Corporation)
HKLM\...\Run: [TosReelTimeMonitor] => C:\Program Files\TOSHIBA\ReelTime\TosReelTimeMonitor.exe [38304 2010-12-14] (TOSHIBA Corporation)
HKLM\...\Run: [Toshiba TEMPRO] => C:\Program Files (x86)\Toshiba TEMPRO\TemproTray.exe [1546720 2011-02-10] (Toshiba Europe GmbH)
HKLM\...\Run: [TPwrMain] => C:\Program Files\TOSHIBA\Power Saver\TPwrMain.EXE [571304 2010-12-09] (TOSHIBA Corporation)
HKLM\...\Run: [HSON] => C:\Program Files\TOSHIBA\TBS\HSON.exe [296824 2010-09-25] (TOSHIBA Corporation)
HKLM\...\Run: [TCrdMain] => C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe [973176 2010-12-15] (TOSHIBA Corporation)
HKLM\...\Run: [SmartAudio] => C:\Program Files\CONEXANT\SAII\SAIICpl.exe [316032 2010-12-14] (Conexant systems, Inc.)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2679592 2011-02-03] (Synaptics Incorporated)
HKLM\...\Run: [Teco] => C:\Program Files\TOSHIBA\TECO\Teco.exe [1519016 2010-12-08] (TOSHIBA Corporation)
HKLM\...\Run: [TosSENotify] => C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosWaitSrv.exe [710040 2010-12-08] (TOSHIBA Corporation)
HKLM\...\Run: [TosWaitSrv] => C:\Program Files\TOSHIBA\TPHM\TosWaitSrv.exe [711576 2010-12-20] (TOSHIBA Corporation)
HKLM\...\Run: [TosVolRegulator] => C:\Program Files\TOSHIBA\TosVolRegulator\TosVolRegulator.exe [24376 2009-11-11] (TOSHIBA Corporation)
HKLM\...\Run: [Toshiba Registration] => C:\Program Files\Toshiba\Registration\ToshibaReminder.exe [150992 2011-03-03] (Toshiba Europe GmbH)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2464072 2014-11-06] (NVIDIA Corporation)
HKLM-x32\...\Run: [TSleepSrv] => C:\Program Files (x86)\TOSHIBA\TOSHIBA Sleep Utility\TSleepSrv.exe [252792 2010-06-04] (TOSHIBA)
HKLM-x32\...\Run: [TWebCamera] => C:\Program Files (x86)\TOSHIBA\TOSHIBA Web Camera Application\TWebCamera.exe [2475384 2011-01-16] (TOSHIBA CORPORATION.)
HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [782008 2015-09-01] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [Avira Systray] => C:\Program Files (x86)\Avira\Launcher\Avira.Systray.exe [134368 2015-07-02] (Avira Operations GmbH & Co. KG)
HKU\S-1-5-18-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [TOPI.EXE] => C:\Program Files (x86)\TOSHIBA\TOSHIBA Online Product Information\topi.exe [845176 2011-02-18] (TOSHIBA)
HKU\S-1-5-18-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\RunOnce: [SPReview] => C:\Windows\System32\SPReview\SPReview.exe [301568 2014-11-25] (Microsoft Corporation)
HKU\S-1-5-19\...\Run: [TOPI.EXE] => C:\Program Files (x86)\TOSHIBA\TOSHIBA Online Product Information\topi.exe [845176 2011-02-18] (TOSHIBA)
HKU\S-1-5-19-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [TOPI.EXE] => C:\Program Files (x86)\TOSHIBA\TOSHIBA Online Product Information\topi.exe [845176 2011-02-18] (TOSHIBA)
HKU\S-1-5-20\...\Run: [TOPI.EXE] => C:\Program Files (x86)\TOSHIBA\TOSHIBA Online Product Information\topi.exe [845176 2011-02-18] (TOSHIBA)
HKU\S-1-5-20-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [TOPI.EXE] => C:\Program Files (x86)\TOSHIBA\TOSHIBA Online Product Information\topi.exe [845176 2011-02-18] (TOSHIBA)
HKU\S-1-5-21-1714738709-1909791266-908670872-1000\...\Run: [TOPI.EXE] => C:\Program Files (x86)\TOSHIBA\TOSHIBA Online Product Information\topi.exe [845176 2011-02-18] (TOSHIBA)
HKU\S-1-5-21-1714738709-1909791266-908670872-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [TOPI.EXE] => C:\Program Files (x86)\TOSHIBA\TOSHIBA Online Product Information\topi.exe [845176 2011-02-18] (TOSHIBA)
HKU\S-1-5-21-1714738709-1909791266-908670872-501-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [TOPI.EXE] => C:\Program Files (x86)\TOSHIBA\TOSHIBA Online Product Information\topi.exe [845176 2011-02-18] (TOSHIBA)
HKU\S-1-5-18\...\Run: [TOPI.EXE] => C:\Program Files (x86)\TOSHIBA\TOSHIBA Online Product Information\topi.exe [845176 2011-02-18] (TOSHIBA)
HKU\S-1-5-18\...\RunOnce: [SPReview] => C:\Windows\System32\SPReview\SPReview.exe [301568 2014-11-25] (Microsoft Corporation)
Startup: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\TRDCReminder.lnk [2011-03-03]
ShortcutTarget: TRDCReminder.lnk -> C:\Program Files (x86)\TOSHIBA\TRDCReminder\TRDCReminder.exe (TOSHIBA Europe)
Startup: C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\TRDCReminder.lnk [2011-03-03]
ShortcutTarget: TRDCReminder.lnk -> C:\Program Files (x86)\TOSHIBA\TRDCReminder\TRDCReminder.exe (TOSHIBA Europe)
Startup: C:\Users\Invité\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\TRDCReminder.lnk [2013-04-08]
ShortcutTarget: TRDCReminder.lnk -> C:\Program Files (x86)\TOSHIBA\TRDCReminder\TRDCReminder.exe (TOSHIBA Europe)
 
==================== Internet (Avec liste blanche) ====================
 
(Si un élément est inclus dans le fichier fixlist.txt, s'il s'agit d'un élément du Registre, il sera supprimé ou restauré à la valeur par défaut.)
 
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{68286DD8-2390-4CC7-89AA-0E467F732497}: [DhcpNameServer] 192.168.1.1
 
Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com
HKU\S-1-5-21-1714738709-1909791266-908670872-501-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://toshiba.msn.com
HKU\S-1-5-21-1714738709-1909791266-908670872-501-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://toshiba.msn.com
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKLM -> {2101A788-24B3-4828-BFD7-38784E93DDF8} URL = hxxp://www.bing.com/search?q={searchTerms}&form=TSHMDF&pc=MATM&src=IE-SearchBox
SearchScopes: HKLM -> {DC91FAFB-6CEA-49E5-BB74-9CEE75D09B77} URL = 
SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKLM-x32 -> {1CC1A282-72B8-48FF-8512-A53A8B3B53F2} URL = hxxp://www.bing.com/search?q={searchTerms}&form=TSHMDF&pc=MATM&src=IE-SearchBox
SearchScopes: HKU\S-1-5-21-1714738709-1909791266-908670872-1000 -> DefaultScope {1CC1A282-72B8-48FF-8512-A53A8B3B53F2} URL = hxxp://www.bing.com/search?FORM=SKY2DF&PC=SKY2&q={searchTerms}&src=IE-SearchBox
SearchScopes: HKU\S-1-5-21-1714738709-1909791266-908670872-1000 -> {1CC1A282-72B8-48FF-8512-A53A8B3B53F2} URL = hxxp://www.bing.com/search?FORM=SKY2DF&PC=SKY2&q={searchTerms}&src=IE-SearchBox
SearchScopes: HKU\S-1-5-21-1714738709-1909791266-908670872-1000 -> {2101A788-24B3-4828-BFD7-38784E93DDF8} URL = 
SearchScopes: HKU\S-1-5-21-1714738709-1909791266-908670872-1000 -> {3359BB5C-6DE9-4434-ACCF-8CAFD5A30101} URL = hxxp://rover.ebay.com/rover/1/709-44555-9400-8/4?satitle={searchTerms}
SearchScopes: HKU\S-1-5-21-1714738709-1909791266-908670872-1000 -> {DC91FAFB-6CEA-49E5-BB74-9CEE75D09B77} URL = hxxp://www.bing.com/search?q={searchTerms}&form=TSHMDF&pc=MATM&src=IE-SearchBox
SearchScopes: HKU\S-1-5-21-1714738709-1909791266-908670872-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> DefaultScope {1CC1A282-72B8-48FF-8512-A53A8B3B53F2} URL = hxxp://www.bing.com/search?FORM=SKY2DF&PC=SKY2&q={searchTerms}&src=IE-SearchBox
SearchScopes: HKU\S-1-5-21-1714738709-1909791266-908670872-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> {1CC1A282-72B8-48FF-8512-A53A8B3B53F2} URL = hxxp://www.bing.com/search?FORM=SKY2DF&PC=SKY2&q={searchTerms}&src=IE-SearchBox
SearchScopes: HKU\S-1-5-21-1714738709-1909791266-908670872-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> {2101A788-24B3-4828-BFD7-38784E93DDF8} URL = 
SearchScopes: HKU\S-1-5-21-1714738709-1909791266-908670872-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> {3359BB5C-6DE9-4434-ACCF-8CAFD5A30101} URL = hxxp://rover.ebay.com/rover/1/709-44555-9400-8/4?satitle={searchTerms}
SearchScopes: HKU\S-1-5-21-1714738709-1909791266-908670872-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> {DC91FAFB-6CEA-49E5-BB74-9CEE75D09B77} URL = hxxp://www.bing.com/search?q={searchTerms}&form=TSHMDF&pc=MATM&src=IE-SearchBox
SearchScopes: HKU\S-1-5-21-1714738709-1909791266-908670872-501-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> DefaultScope {72B151F7-2FEA-4718-BC41-2B00BA540DE2} URL = hxxp://www.bing.com/search?q={searchTerms}&form=TSHMDF&pc=MATM&src=IE-SearchBox
SearchScopes: HKU\S-1-5-21-1714738709-1909791266-908670872-501-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> {72B151F7-2FEA-4718-BC41-2B00BA540DE2} URL = hxxp://www.bing.com/search?q={searchTerms}&form=TSHMDF&pc=MATM&src=IE-SearchBox
SearchScopes: HKU\S-1-5-21-1714738709-1909791266-908670872-501-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> {B4152887-DCB2-4A08-BA1A-01B1802740DE} URL = hxxp://rover.ebay.com/rover/1/709-44555-9400-8/4?satitle={searchTerms}
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21] (Microsoft Corp.)
BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21] (Microsoft Corp.)
BHO-x32: Windows Live Messenger Companion Helper -> {9FDDE16B-836F-4806-AB1F-1455CBEFF289} -> C:\Program Files (x86)\Windows Live\Companion\companioncore.dll [2010-11-10] (Microsoft Corporation)
BHO-x32: Skype Plug-In -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll [2010-09-27] (Skype Technologies S.A.)
Handler-x32: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll [2010-09-27] (Skype Technologies S.A.)
 
FireFox:
========
FF Plugin: @microsoft.com/GENUINE -> disabled [Pas de fichier]
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] ( Microsoft Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.25.2 -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\dtplugin\npDeployJava1.dll [2014-11-18] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.25.2 -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\plugin2\npjp2.dll [2014-11-18] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [Pas de fichier]
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2010-11-10] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2010-11-10] (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2014-11-12] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2014-11-12] (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.28.13\npGoogleUpdate3.dll [2015-09-01] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.28.13\npGoogleUpdate3.dll [2015-09-01] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll [2014-12-03] (Adobe Systems Inc.)
 
Chrome: 
=======
CHR StartupUrls: Default -> "hxxp://www.google.fr/"
CHR Profile: C:\Users\SEBASTIEN\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Slides) - C:\Users\SEBASTIEN\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2014-11-18]
CHR Extension: (Google Docs) - C:\Users\SEBASTIEN\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-11-18]
CHR Extension: (Google Drive) - C:\Users\SEBASTIEN\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-11-18]
CHR Extension: (YouTube) - C:\Users\SEBASTIEN\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-11-18]
CHR Extension: (Google Search) - C:\Users\SEBASTIEN\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-11-18]
CHR Extension: (Google Sheets) - C:\Users\SEBASTIEN\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2014-11-18]
CHR Extension: (Avira Browser Safety) - C:\Users\SEBASTIEN\AppData\Local\Google\Chrome\User Data\Default\Extensions\flliilndjeohchalpbbcdekjklbdgfkk [2014-11-18]
CHR Extension: (Google Docs Offline) - C:\Users\SEBASTIEN\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2015-09-02]
CHR Extension: (AdBlock) - C:\Users\SEBASTIEN\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2014-11-18]
CHR Extension: (Chrome Hotword Shared Module) - C:\Users\SEBASTIEN\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-03-16]
CHR Extension: (Chrome Web Store Payments) - C:\Users\SEBASTIEN\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-11-18]
CHR Extension: (Gmail) - C:\Users\SEBASTIEN\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-11-18]
CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - https://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - https://clients2.google.com/service/update2/crx
 
==================== Services (Avec liste blanche) ========================
 
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
 
S2 AntiVirMailService; C:\Program Files (x86)\Avira\AntiVir Desktop\avmailc7.exe [887128 2015-09-01] (Avira Operations GmbH & Co. KG)
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [461672 2015-09-01] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [461672 2015-09-01] (Avira Operations GmbH & Co. KG)
S2 AntiVirWebService; C:\Program Files (x86)\Avira\AntiVir Desktop\avwebg7.exe [1213072 2015-09-01] (Avira Operations GmbH & Co. KG)
R2 Avira.ServiceHost; C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe [218816 2015-07-02] (Avira Operations GmbH & Co. KG)
R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1148744 2014-11-06] (NVIDIA Corporation)
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe [69632 2005-11-14] (Macrovision Corporation) [Fichier non signé]
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1871160 2015-06-18] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1133880 2015-06-18] (Malwarebytes Corporation)
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [265936 2014-06-18] ()
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1795912 2014-11-06] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [19819848 2014-11-06] (NVIDIA Corporation)
S3 TemproMonitoringService; C:\Program Files (x86)\Toshiba TEMPRO\TemproSvc.exe [112080 2011-02-10] (Toshiba Europe GmbH)
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
R2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [3816656 2014-06-18] (Intel® Corporation)
 
===================== Pilotes (Avec liste blanche) ==========================
 
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
 
R2 atksgt; C:\Windows\System32\DRIVERS\atksgt.sys [314016 2012-08-04] ()
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [162528 2015-09-01] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [141416 2015-09-01] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2014-09-25] (Avira Operations GmbH & Co. KG)
R2 avnetflt; C:\Windows\System32\DRIVERS\avnetflt.sys [44088 2015-03-10] (Avira Operations GmbH & Co. KG)
S3 ebdrv; C:\Windows\system32\DRIVERS\evbda.sys [3286016 2009-06-10] (Broadcom Corporation)
R2 lirsgt; C:\Windows\System32\DRIVERS\lirsgt.sys [43680 2012-08-04] ()
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2015-06-18] (Malwarebytes Corporation)
R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [113880 2015-09-03] (Malwarebytes Corporation)
R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2015-06-18] (Malwarebytes Corporation)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [19784 2014-11-06] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [38216 2014-10-03] (NVIDIA Corporation)
S3 RSUSBSTOR; pas de ImagePath
S3 RSUSBVSTOR; pas de ImagePath
S3 RTL8192Ce; pas de ImagePath
R0 sfdrv01a; C:\Windows\System32\drivers\sfdrv01a.sys [77432 2009-02-03] (Protection Technology (StarForce))
S0 sfsync02; C:\Windows\System32\drivers\sfsync02.sys [22936 2006-07-10] (Protection Technology)
R0 sfvfs02; C:\Windows\System32\drivers\sfvfs02.sys [107384 2007-02-08] (Protection Technology (StarForce))
 
==================== NetSvcs (Avec liste blanche) ===================
 
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
 
 
==================== Un mois - Créés - fichiers et dossiers ========
 
(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)
 
2015-09-03 13:13 - 2015-09-03 13:14 - 00024522 _____ C:\Users\SEBASTIEN\Desktop\FRST.txt
2015-09-03 13:13 - 2015-09-03 13:13 - 00000000 ____D C:\FRST
2015-09-03 13:11 - 2015-09-03 13:11 - 02188800 _____ (Farbar) C:\Users\SEBASTIEN\Desktop\FRST64.exe
2015-09-03 13:10 - 2015-08-11 03:20 - 25191936 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-09-03 13:10 - 2015-08-11 03:14 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2015-09-03 13:10 - 2015-08-11 02:33 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2015-09-03 13:10 - 2015-08-11 02:20 - 19871232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2015-09-02 14:00 - 2015-09-02 14:00 - 00000000 _____ C:\autoexec.bat
2015-09-02 13:46 - 2015-09-02 13:46 - 00002045 _____ C:\AdwCleaner[C2].txt
2015-09-02 13:44 - 2015-09-02 13:44 - 00001790 _____ C:\AdwCleaner[S3].txt
2015-09-01 18:58 - 2015-09-01 18:58 - 00000000 ____D C:\Users\SEBASTIEN\AppData\Roaming\Intel
2015-09-01 18:58 - 2015-07-28 22:09 - 00017344 _____ (Microsoft Corporation) C:\Windows\system32\CompatTelRunner.exe
2015-09-01 18:58 - 2015-07-28 22:05 - 01116672 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2015-09-01 18:58 - 2015-07-28 22:05 - 00774656 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2015-09-01 18:58 - 2015-07-28 22:05 - 00743424 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2015-09-01 18:58 - 2015-07-28 22:05 - 00437760 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2015-09-01 18:58 - 2015-07-28 22:05 - 00227328 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2015-09-01 18:58 - 2015-07-28 22:05 - 00069120 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2015-09-01 18:58 - 2015-07-28 21:55 - 01148416 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2015-09-01 18:57 - 2015-09-01 18:57 - 00000000 ____D C:\ProgramData\Intel
2015-09-01 18:57 - 2015-09-01 18:57 - 00000000 ____D C:\Program Files\Common Files\Intel
2015-09-01 18:56 - 2015-09-01 18:57 - 00000000 ____D C:\Program Files\Intel
2015-09-01 18:56 - 2015-07-15 19:59 - 03989952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2015-09-01 18:56 - 2015-07-15 19:59 - 03934656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2015-09-01 18:56 - 2015-07-15 19:56 - 01311768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2015-09-01 18:56 - 2015-07-15 19:55 - 00248832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2015-09-01 18:56 - 2015-07-15 19:55 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2015-09-01 18:56 - 2015-07-15 19:55 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2015-09-01 18:56 - 2015-07-15 19:55 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2015-09-01 18:56 - 2015-07-15 19:55 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2015-09-01 18:56 - 2015-07-15 19:54 - 00552960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2015-09-01 18:56 - 2015-07-15 19:54 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2015-09-01 18:56 - 2015-07-15 19:54 - 00221184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2015-09-01 18:56 - 2015-07-15 19:54 - 00036864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptbase.dll
2015-09-01 18:56 - 2015-07-15 19:54 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2015-09-01 18:56 - 2015-07-15 19:54 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2015-09-01 18:56 - 2015-07-15 19:54 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2015-09-01 18:56 - 2015-07-15 19:53 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2015-09-01 18:56 - 2015-07-15 19:53 - 00665088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2015-09-01 18:56 - 2015-07-15 19:53 - 00274944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2015-09-01 18:56 - 2015-07-15 19:53 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2015-09-01 18:56 - 2015-07-15 19:53 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2015-09-01 18:56 - 2015-07-15 19:53 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2015-09-01 18:56 - 2015-07-15 19:49 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2015-09-01 18:56 - 2015-07-15 19:48 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2015-09-01 18:56 - 2015-07-15 19:44 - 00686080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2015-09-01 18:56 - 2015-07-15 19:44 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2015-09-01 18:56 - 2015-07-15 19:44 - 00005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2015-09-01 18:56 - 2015-07-15 19:44 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2015-09-01 18:56 - 2015-07-15 19:44 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2015-09-01 18:56 - 2015-07-15 19:44 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2015-09-01 18:56 - 2015-07-15 19:44 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2015-09-01 18:56 - 2015-07-15 19:44 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2015-09-01 18:56 - 2015-07-15 19:44 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2015-09-01 18:56 - 2015-07-15 19:44 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2015-09-01 18:56 - 2015-07-15 19:44 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2015-09-01 18:56 - 2015-07-15 19:44 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2015-09-01 18:56 - 2015-07-15 19:44 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2015-09-01 18:56 - 2015-07-15 19:44 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2015-09-01 18:56 - 2015-07-15 19:44 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2015-09-01 18:56 - 2015-07-15 19:44 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2015-09-01 18:56 - 2015-07-15 19:44 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-09-01 18:56 - 2015-07-15 19:44 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2015-09-01 18:56 - 2015-07-15 19:44 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2015-09-01 18:56 - 2015-07-15 19:44 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2015-09-01 18:56 - 2015-07-15 19:44 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2015-09-01 18:56 - 2015-07-15 19:44 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2015-09-01 18:56 - 2015-07-15 19:44 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2015-09-01 18:56 - 2015-07-15 19:44 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2015-09-01 18:56 - 2015-07-15 19:44 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2015-09-01 18:56 - 2015-07-15 19:44 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2015-09-01 18:56 - 2015-07-15 18:37 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2015-09-01 18:56 - 2015-07-15 18:37 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2015-09-01 18:56 - 2015-07-15 18:34 - 00006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2015-09-01 18:56 - 2015-07-15 18:34 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2015-09-01 18:56 - 2015-07-15 18:34 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2015-09-01 18:56 - 2015-07-15 18:34 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2015-09-01 18:55 - 2015-07-15 20:15 - 05568960 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-09-01 18:55 - 2015-07-15 20:15 - 00155584 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2015-09-01 18:55 - 2015-07-15 20:15 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2015-09-01 18:55 - 2015-07-15 20:15 - 00094656 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mountmgr.sys
2015-09-01 18:55 - 2015-07-15 20:12 - 01730496 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2015-09-01 18:55 - 2015-07-15 20:11 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2015-09-01 18:55 - 2015-07-15 20:11 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2015-09-01 18:55 - 2015-07-15 20:11 - 00215040 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2015-09-01 18:55 - 2015-07-15 20:11 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2015-09-01 18:55 - 2015-07-15 20:11 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2015-09-01 18:55 - 2015-07-15 20:10 - 01743360 _____ (Microsoft Corporation) C:\Windows\system32\sysmain.dll
2015-09-01 18:55 - 2015-07-15 20:10 - 01461760 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2015-09-01 18:55 - 2015-07-15 20:10 - 01216512 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2015-09-01 18:55 - 2015-07-15 20:10 - 01163264 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2015-09-01 18:55 - 2015-07-15 20:10 - 00729088 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2015-09-01 18:55 - 2015-07-15 20:10 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2015-09-01 18:55 - 2015-07-15 20:10 - 00424960 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2015-09-01 18:55 - 2015-07-15 20:10 - 00342016 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2015-09-01 18:55 - 2015-07-15 20:10 - 00315392 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2015-09-01 18:55 - 2015-07-15 20:10 - 00309760 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2015-09-01 18:55 - 2015-07-15 20:10 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2015-09-01 18:55 - 2015-07-15 20:10 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2015-09-01 18:55 - 2015-07-15 20:10 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2015-09-01 18:55 - 2015-07-15 20:10 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2015-09-01 18:55 - 2015-07-15 20:10 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2015-09-01 18:55 - 2015-07-15 20:10 - 00044032 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll
2015-09-01 18:55 - 2015-07-15 20:10 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2015-09-01 18:55 - 2015-07-15 20:10 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2015-09-01 18:55 - 2015-07-15 20:10 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2015-09-01 18:55 - 2015-07-15 20:10 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2015-09-01 18:55 - 2015-07-15 20:10 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2015-09-01 18:55 - 2015-07-15 20:10 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2015-09-01 18:55 - 2015-07-15 20:10 - 00011264 _____ (Microsoft Corporation) C:\Windows\system32\msmmsp.dll
2015-09-01 18:55 - 2015-07-15 20:09 - 00338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2015-09-01 18:55 - 2015-07-15 20:09 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2015-09-01 18:55 - 2015-07-15 20:05 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2015-09-01 18:55 - 2015-07-15 20:05 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2015-09-01 18:55 - 2015-07-15 20:00 - 00686080 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2015-09-01 18:55 - 2015-07-15 20:00 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2015-09-01 18:55 - 2015-07-15 20:00 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2015-09-01 18:55 - 2015-07-15 20:00 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2015-09-01 18:55 - 2015-07-15 20:00 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2015-09-01 18:55 - 2015-07-15 20:00 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2015-09-01 18:55 - 2015-07-15 20:00 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2015-09-01 18:55 - 2015-07-15 20:00 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2015-09-01 18:55 - 2015-07-15 20:00 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2015-09-01 18:55 - 2015-07-15 20:00 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2015-09-01 18:55 - 2015-07-15 20:00 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-09-01 18:55 - 2015-07-15 20:00 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2015-09-01 18:55 - 2015-07-15 20:00 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2015-09-01 18:55 - 2015-07-15 20:00 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2015-09-01 18:55 - 2015-07-15 20:00 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2015-09-01 18:55 - 2015-07-15 20:00 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2015-09-01 18:55 - 2015-07-15 20:00 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2015-09-01 18:55 - 2015-07-15 20:00 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2015-09-01 18:55 - 2015-07-15 20:00 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2015-09-01 18:55 - 2015-07-15 20:00 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2015-09-01 18:55 - 2015-07-15 20:00 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2015-09-01 18:55 - 2015-07-15 20:00 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2015-09-01 18:55 - 2015-07-15 20:00 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2015-09-01 18:55 - 2015-07-15 20:00 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2015-09-01 18:55 - 2015-07-15 20:00 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2015-09-01 18:55 - 2015-07-15 20:00 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2015-09-01 18:55 - 2015-07-15 20:00 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2015-09-01 18:55 - 2015-07-15 20:00 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2015-09-01 18:55 - 2015-07-15 20:00 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2015-09-01 18:55 - 2015-07-15 20:00 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2015-09-01 18:55 - 2015-07-15 18:46 - 00290816 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2015-09-01 18:55 - 2015-07-15 18:46 - 00159232 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2015-09-01 18:55 - 2015-07-15 18:46 - 00129024 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2015-09-01 18:49 - 2015-07-10 19:51 - 03722752 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll
2015-09-01 18:49 - 2015-07-10 19:51 - 00158720 _____ (Microsoft Corporation) C:\Windows\system32\aaclient.dll
2015-09-01 18:49 - 2015-07-10 19:51 - 00044032 _____ (Microsoft Corporation) C:\Windows\system32\tsgqec.dll
2015-09-01 18:49 - 2015-07-10 19:34 - 03221504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll
2015-09-01 18:49 - 2015-07-10 19:34 - 00036864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tsgqec.dll
2015-09-01 18:49 - 2015-07-10 19:33 - 00131584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\aaclient.dll
2015-09-01 18:46 - 2015-07-15 05:19 - 00052736 _____ (Microsoft Corporation) C:\Windows\system32\basesrv.dll
2015-09-01 18:45 - 2015-07-21 02:39 - 00389840 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2015-09-01 18:45 - 2015-07-21 02:12 - 00342736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2015-09-01 18:45 - 2015-07-16 22:54 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2015-09-01 18:45 - 2015-07-16 22:37 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2015-09-01 18:45 - 2015-07-16 22:36 - 00584192 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-09-01 18:45 - 2015-07-16 22:36 - 00417792 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2015-09-01 18:45 - 2015-07-16 22:36 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2015-09-01 18:45 - 2015-07-16 22:35 - 02885632 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-09-01 18:45 - 2015-07-16 22:35 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2015-09-01 18:45 - 2015-07-16 22:27 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2015-09-01 18:45 - 2015-07-16 22:26 - 05923328 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-09-01 18:45 - 2015-07-16 22:26 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2015-09-01 18:45 - 2015-07-16 22:23 - 00615936 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2015-09-01 18:45 - 2015-07-16 22:21 - 00816640 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2015-09-01 18:45 - 2015-07-16 22:21 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2015-09-01 18:45 - 2015-07-16 22:21 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2015-09-01 18:45 - 2015-07-16 22:21 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2015-09-01 18:45 - 2015-07-16 22:12 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2015-09-01 18:45 - 2015-07-16 22:08 - 00490496 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2015-09-01 18:45 - 2015-07-16 22:00 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2015-09-01 18:45 - 2015-07-16 21:55 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2015-09-01 18:45 - 2015-07-16 21:54 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-09-01 18:45 - 2015-07-16 21:51 - 00504320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2015-09-01 18:45 - 2015-07-16 21:51 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-09-01 18:45 - 2015-07-16 21:51 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2015-09-01 18:45 - 2015-07-16 21:50 - 00341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2015-09-01 18:45 - 2015-07-16 21:50 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2015-09-01 18:45 - 2015-07-16 21:49 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2015-09-01 18:45 - 2015-07-16 21:45 - 02279424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2015-09-01 18:45 - 2015-07-16 21:43 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2015-09-01 18:45 - 2015-07-16 21:43 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2015-09-01 18:45 - 2015-07-16 21:41 - 00479232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2015-09-01 18:45 - 2015-07-16 21:39 - 00664064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2015-09-01 18:45 - 2015-07-16 21:39 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2015-09-01 18:45 - 2015-07-16 21:38 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2015-09-01 18:45 - 2015-07-16 21:36 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-09-01 18:45 - 2015-07-16 21:35 - 00720384 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2015-09-01 18:45 - 2015-07-16 21:34 - 14451200 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-09-01 18:45 - 2015-07-16 21:33 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2015-09-01 18:45 - 2015-07-16 21:29 - 00418304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2015-09-01 18:45 - 2015-07-16 21:24 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2015-09-01 18:45 - 2015-07-16 21:20 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2015-09-01 18:45 - 2015-07-16 21:19 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2015-09-01 18:45 - 2015-07-16 21:17 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2015-09-01 18:45 - 2015-07-16 21:12 - 04520448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2015-09-01 18:45 - 2015-07-16 21:12 - 02427904 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-09-01 18:45 - 2015-07-16 21:10 - 12856832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2015-09-01 18:45 - 2015-07-16 21:06 - 02052608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2015-09-01 18:45 - 2015-07-16 21:06 - 00689152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2015-09-01 18:45 - 2015-07-16 21:05 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2015-09-01 18:45 - 2015-07-16 20:49 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2015-09-01 18:45 - 2015-07-16 20:42 - 01951232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2015-09-01 18:45 - 2015-07-16 20:38 - 01310720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2015-09-01 18:45 - 2015-07-16 20:37 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2015-09-01 18:44 - 2015-07-30 20:06 - 02565120 _____ (Microsoft Corporation) C:\Windows\system32\d3d10warp.dll
2015-09-01 18:44 - 2015-07-30 20:06 - 01648128 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll
2015-09-01 18:44 - 2015-07-30 20:06 - 01180160 _____ (Microsoft Corporation) C:\Windows\system32\FntCache.dll
2015-09-01 18:44 - 2015-07-30 20:06 - 00100864 _____ (Microsoft Corporation) C:\Windows\system32\fontsub.dll
2015-09-01 18:44 - 2015-07-30 20:06 - 00046080 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2015-09-01 18:44 - 2015-07-30 20:06 - 00041984 _____ (Microsoft Corporation) C:\Windows\system32\lpk.dll
2015-09-01 18:44 - 2015-07-30 20:06 - 00014336 _____ (Microsoft Corporation) C:\Windows\system32\dciman32.dll
2015-09-01 18:44 - 2015-07-30 19:57 - 01987584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10warp.dll
2015-09-01 18:44 - 2015-07-30 19:57 - 01251328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll
2015-09-01 18:44 - 2015-07-30 19:57 - 00070656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fontsub.dll
2015-09-01 18:44 - 2015-07-30 19:57 - 00034304 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll
2015-09-01 18:44 - 2015-07-30 19:57 - 00010240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dciman32.dll
2015-09-01 18:44 - 2015-07-30 19:55 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\lpk.dll
2015-09-01 18:44 - 2015-07-30 18:56 - 03208192 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2015-09-01 18:44 - 2015-07-30 18:52 - 00372736 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2015-09-01 18:44 - 2015-07-30 18:49 - 00299520 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll
2015-09-01 18:44 - 2015-07-16 21:32 - 02125824 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-09-01 18:44 - 2015-07-16 21:01 - 01545728 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-09-01 18:44 - 2015-07-15 05:19 - 02004992 _____ (Microsoft Corporation) C:\Windows\system32\msxml6.dll
2015-09-01 18:44 - 2015-07-15 05:19 - 01887232 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2015-09-01 18:44 - 2015-07-15 05:14 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml6r.dll
2015-09-01 18:44 - 2015-07-15 05:13 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll
2015-09-01 18:44 - 2015-07-15 04:55 - 01390592 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6.dll
2015-09-01 18:44 - 2015-07-15 04:55 - 01241088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2015-09-01 18:44 - 2015-07-15 04:51 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6r.dll
2015-09-01 18:44 - 2015-07-15 04:51 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3r.dll
2015-09-01 18:44 - 2015-07-09 19:57 - 00193536 _____ (Microsoft Corporation) C:\Windows\system32\notepad.exe
2015-09-01 18:44 - 2015-07-09 19:57 - 00193536 _____ (Microsoft Corporation) C:\Windows\notepad.exe
2015-09-01 18:44 - 2015-07-09 19:42 - 00179712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\notepad.exe
2015-09-01 18:44 - 2015-07-01 22:49 - 00260096 _____ (Microsoft Corporation) C:\Windows\system32\WebClnt.dll
2015-09-01 18:44 - 2015-07-01 22:48 - 00102912 _____ (Microsoft Corporation) C:\Windows\system32\davclnt.dll
2015-09-01 18:44 - 2015-07-01 22:30 - 00206848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WebClnt.dll
2015-09-01 18:44 - 2015-07-01 22:30 - 00082432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\davclnt.dll
2015-09-01 18:43 - 2015-07-10 19:51 - 14177280 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2015-09-01 18:43 - 2015-07-10 19:34 - 12875776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2015-09-01 18:34 - 2015-09-03 13:08 - 00113880 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-09-01 18:34 - 2015-09-01 19:32 - 00001063 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2015-09-01 18:34 - 2015-09-01 18:34 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2015-09-01 18:34 - 2015-06-18 08:41 - 00109272 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2015-09-01 18:34 - 2015-06-18 08:41 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2015-09-01 18:34 - 2015-06-18 08:41 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2015-09-01 18:33 - 2015-07-30 15:13 - 00124624 _____ (Microsoft Corporation) C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll
2015-09-01 18:33 - 2015-07-30 15:13 - 00103120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2015-09-01 18:28 - 2015-07-20 20:12 - 03154944 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2015-09-01 18:28 - 2015-07-20 20:12 - 02606080 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2015-09-01 18:28 - 2015-07-20 20:12 - 00696320 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2015-09-01 18:28 - 2015-07-20 20:12 - 00192000 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2015-09-01 18:28 - 2015-07-20 20:12 - 00139776 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2015-09-01 18:28 - 2015-07-20 20:12 - 00098304 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2015-09-01 18:28 - 2015-07-20 20:12 - 00091136 _____ (Microsoft Corporation) C:\Windows\system32\WinSetupUI.dll
2015-09-01 18:28 - 2015-07-20 20:12 - 00037888 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2015-09-01 18:28 - 2015-07-20 20:12 - 00037376 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2015-09-01 18:28 - 2015-07-20 20:12 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2015-09-01 18:28 - 2015-07-20 20:12 - 00012288 _____ (Microsoft Corporation) C:\Windows\system32\wu.upgrade.ps.dll
2015-09-01 18:28 - 2015-07-20 19:56 - 00566784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2015-09-01 18:28 - 2015-07-20 19:56 - 00173056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2015-09-01 18:28 - 2015-07-20 19:56 - 00093184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2015-09-01 18:28 - 2015-07-20 19:56 - 00034816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2015-09-01 18:28 - 2015-07-20 19:56 - 00030208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll
2015-09-01 16:36 - 2015-09-02 12:41 - 00000000 ____D C:\Windows\pss
2015-09-01 15:29 - 2015-09-02 10:36 - 00000000 ____D C:\AdwCleaner
2015-09-01 14:45 - 2015-09-01 18:34 - 00000000 ____D C:\Program Files (x86)\Malwarebytes Anti-Malware
2015-09-01 14:45 - 2015-09-01 14:45 - 00000000 ____D C:\ProgramData\Malwarebytes
2015-09-01 14:36 - 2015-09-01 14:36 - 00000000 ____D C:\Users\SEBASTIEN\AppData\Roaming\WinBatch
2015-08-24 19:54 - 2015-08-25 15:34 - 00000000 ____D C:\Users\SEBASTIEN\Documents\KONAMI
2015-08-24 19:30 - 2015-08-25 15:08 - 00000000 ____D C:\ProgramData\KONAMI
2015-08-24 19:30 - 2015-08-25 14:47 - 00000000 ____D C:\Program Files (x86)\KONAMI
2015-08-24 16:42 - 2015-08-24 16:42 - 00000000 ____D C:\Users\SEBASTIEN\AppData\Roaming\Windows Live Writer
2015-08-24 16:42 - 2015-08-24 16:42 - 00000000 ____D C:\Users\SEBASTIEN\AppData\Local\Windows Live Writer
 
==================== Un mois - Modifiés - fichiers et dossiers ========
 
(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)
 
2015-09-03 13:11 - 2011-05-23 12:56 - 01339552 _____ C:\Windows\WindowsUpdate.log
2015-09-03 13:09 - 2014-11-18 13:09 - 00001070 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-09-03 13:08 - 2014-11-18 12:42 - 00001356 _____ C:\Windows\Tasks\RMNWCKQ.job
2015-09-03 13:08 - 2014-11-18 12:41 - 00001700 _____ C:\Windows\Tasks\GJKWJWF.job
2015-09-02 20:56 - 2009-07-14 06:45 - 00019248 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-09-02 20:56 - 2009-07-14 06:45 - 00019248 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-09-02 18:23 - 2014-11-18 13:09 - 00001066 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-09-02 17:10 - 2012-02-20 16:12 - 00003976 _____ C:\Windows\System32\Tasks\User_Feed_Synchronization-{A70A911E-8373-4DCE-82E0-292F8D42E84F}
2015-09-02 14:46 - 2014-11-18 15:05 - 00000000 ____D C:\ProgramData\NVIDIA
2015-09-02 14:46 - 2009-07-14 07:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2015-09-02 14:46 - 2009-07-14 06:51 - 00112646 _____ C:\Windows\setupact.log
2015-09-02 14:00 - 2011-12-26 14:04 - 00000000 ____D C:\Users\SEBASTIEN
2015-09-02 13:27 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\rescache
2015-09-02 12:58 - 2011-05-23 13:04 - 00538896 _____ C:\Windows\PFRO.log
2015-09-02 12:39 - 2012-08-15 15:59 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Vietcong 2
2015-09-02 12:39 - 2009-07-14 07:32 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2015-09-02 12:08 - 2012-03-26 17:58 - 00000000 ____D C:\Users\SEBASTIEN\AppData\Roaming\Skype
2015-09-02 10:57 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\system32\NDF
2015-09-02 10:39 - 2009-07-14 06:45 - 00267816 _____ C:\Windows\system32\FNTCACHE.DAT
2015-09-02 10:37 - 2014-12-16 16:44 - 00000000 ____D C:\Windows\system32\appraiser
2015-09-02 10:37 - 2014-11-18 13:03 - 00000000 ___SD C:\Windows\system32\CompatTel
2015-09-01 19:41 - 2011-03-03 14:58 - 00000000 ____D C:\Windows\en
2015-09-01 19:33 - 2011-12-26 14:07 - 00000516 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Toshiba Music Place.lnk
2015-09-01 19:33 - 2011-12-26 14:07 - 00000450 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Toshiba Places.lnk
2015-09-01 19:33 - 2011-03-03 21:59 - 00001314 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows DVD Maker.lnk
2015-09-01 19:33 - 2011-03-03 15:05 - 00002423 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2010.lnk
2015-09-01 19:33 - 2011-03-03 14:57 - 00001369 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live Photo Gallery.lnk
2015-09-01 19:33 - 2011-03-03 14:57 - 00001300 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live Movie Maker.lnk
2015-09-01 19:33 - 2011-03-03 14:56 - 00001453 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live Mail.lnk
2015-09-01 19:33 - 2011-03-03 14:55 - 00002481 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live Messenger.lnk
2015-09-01 19:33 - 2009-07-14 06:57 - 00001511 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
2015-09-01 19:33 - 2009-07-14 06:57 - 00001340 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Anytime Upgrade.lnk
2015-09-01 19:33 - 2009-07-14 06:57 - 00001292 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sidebar.lnk
2015-09-01 19:33 - 2009-07-14 06:57 - 00001234 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\XPS Viewer.lnk
2015-09-01 19:33 - 2009-07-14 06:54 - 00001198 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Fax and Scan.lnk
2015-09-01 19:32 - 2015-03-02 12:29 - 00001270 _____ C:\Users\Public\Desktop\Encore plus de jeux.lnk
2015-09-01 19:32 - 2015-01-05 12:49 - 00002062 _____ C:\Users\Public\Desktop\Jouer à The Treasures of Montezuma 3.lnk
2015-09-01 19:32 - 2014-11-17 12:34 - 00001916 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Game Manager.lnk
2015-09-01 19:32 - 2014-11-17 12:04 - 00001248 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Encore plus de jeux.lnk
2015-09-01 19:32 - 2011-03-03 22:00 - 00001333 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Media Center.lnk
2015-09-01 19:32 - 2011-03-03 14:37 - 00002429 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader X.lnk
2015-09-01 19:31 - 2012-01-16 10:07 - 00000000 ____D C:\Users\SEBASTIEN\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games
2015-09-01 19:31 - 2011-12-26 14:06 - 00001466 _____ C:\Users\SEBASTIEN\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2015-09-01 19:31 - 2009-07-14 07:01 - 00001218 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Default Programs.lnk
2015-09-01 19:31 - 2009-07-14 06:49 - 00001246 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Windows Update.lnk
2015-09-01 19:09 - 2014-11-18 15:29 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2015-09-01 19:07 - 2014-11-18 15:32 - 00162528 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avgntflt.sys
2015-09-01 19:07 - 2014-11-18 15:32 - 00141416 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avipbb.sys
2015-09-01 18:58 - 2013-04-08 18:24 - 00000000 ____D C:\Users\Invité
2015-09-01 18:58 - 2009-07-14 05:20 - 00000000 __RHD C:\Users\Default
2015-09-01 18:57 - 2011-05-23 13:12 - 00048578 _____ C:\Windows\DPINST.LOG
2015-09-01 18:57 - 2011-05-23 12:50 - 00000000 ____D C:\Program Files (x86)\Intel
2015-09-01 18:56 - 2014-11-18 15:29 - 00000000 ____D C:\ProgramData\Package Cache
2015-09-01 18:52 - 2014-11-17 12:39 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2015-09-01 18:51 - 2014-11-17 12:39 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight
2015-09-01 18:33 - 2014-11-17 12:40 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2015-09-01 18:29 - 2014-12-01 13:54 - 00000000 ____D C:\Windows\system32\MRT
2015-09-01 18:20 - 2014-12-01 13:54 - 132483416 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2015-09-01 18:19 - 2010-01-14 14:42 - 00405742 _____ C:\Windows\system32\perfh00C.dat
2015-09-01 18:19 - 2010-01-14 14:42 - 00064238 _____ C:\Windows\system32\perfc00C.dat
2015-09-01 18:19 - 2009-07-14 07:13 - 00460604 _____ C:\Windows\system32\PerfStringBackup.INI
2015-09-01 18:18 - 2014-11-18 13:09 - 00004066 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2015-09-01 18:18 - 2014-11-18 13:09 - 00003814 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2015-09-01 18:13 - 2015-04-07 17:06 - 00000000 ___SD C:\Windows\system32\GWX
2015-09-01 18:13 - 2015-03-02 12:26 - 00000000 ____D C:\Users\SEBASTIEN\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\The Path of Hercules
2015-09-01 18:13 - 2015-03-02 12:24 - 00000000 ____D C:\Users\SEBASTIEN\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Imperial Island - La Naissance d un Empire
2015-09-01 18:13 - 2015-03-02 12:24 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Imperial Island - La Naissance d un Empire
2015-09-01 18:13 - 2015-02-09 14:01 - 00000000 ____D C:\Users\SEBASTIEN\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Les Chasseurs de Tresor - Sur la Piste des Fantomes
2015-09-01 18:13 - 2015-02-09 14:01 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Les Chasseurs de Tresor - Sur la Piste des Fantomes
2015-09-01 18:13 - 2015-01-19 14:11 - 00000000 ____D C:\Users\SEBASTIEN\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Travel Riddles - Trip to India
2015-09-01 18:13 - 2015-01-05 12:47 - 00000000 ____D C:\Users\SEBASTIEN\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\The Treasures of Montezuma 3
2015-09-01 18:13 - 2014-12-30 16:17 - 00000000 ____D C:\Users\SEBASTIEN\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Rise of Dynasty
2015-09-01 18:13 - 2014-12-12 14:03 - 00000000 ____D C:\Users\SEBASTIEN\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Les Tresors de Montezuma 2
2015-09-01 18:13 - 2014-12-12 14:03 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Les Tresors de Montezuma 2
2015-09-01 18:13 - 2014-12-02 15:12 - 00000000 ____D C:\Users\SEBASTIEN\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Vault Cracker
2015-09-01 18:13 - 2014-12-02 15:07 - 00000000 ____D C:\Users\SEBASTIEN\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Rhianna Ford - La Lettre de Leonard de Vinci
2015-09-01 18:13 - 2014-12-02 14:57 - 00000000 ____D C:\Users\SEBASTIEN\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Reincarnations - L'Eveil
2015-09-01 18:13 - 2014-12-02 14:55 - 00000000 ____D C:\Users\SEBASTIEN\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Reves d'orient
2015-09-01 18:13 - 2014-12-02 14:48 - 00000000 ____D C:\Users\SEBASTIEN\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Nightfall Mysteries - La Malediction de l'Opera
2015-09-01 18:13 - 2014-12-02 14:41 - 00000000 ____D C:\Users\SEBASTIEN\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Luxor 3
2015-09-01 18:13 - 2014-12-02 14:41 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Luxor 3
2015-09-01 18:13 - 2014-12-02 14:40 - 00000000 ____D C:\Users\SEBASTIEN\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Million Dollar Quest
2015-09-01 18:13 - 2014-12-02 14:40 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Million Dollar Quest
2015-09-01 18:13 - 2014-12-02 14:38 - 00000000 ____D C:\Users\SEBASTIEN\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Mushroom Age
2015-09-01 18:13 - 2014-12-02 14:38 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mushroom Age
2015-09-01 18:13 - 2014-12-02 14:32 - 00000000 ____D C:\Users\SEBASTIEN\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\My Kingdom for the Princess
2015-09-01 18:13 - 2014-12-02 14:32 - 00000000 ____D C:\Users\SEBASTIEN\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Les Chasseurs de Tresor II - Les Toiles Enchantees
2015-09-01 18:13 - 2014-12-02 14:32 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mystery P.I. - The Vegas Heist
2015-09-01 18:13 - 2014-12-02 14:32 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\My Kingdom for the Princess
2015-09-01 18:13 - 2014-12-02 14:32 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Les Chasseurs de Tresor II - Les Toiles Enchantees
2015-09-01 18:13 - 2014-12-02 14:30 - 00000000 ____D C:\Users\SEBASTIEN\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Les Chasseurs de Tresor - Reves d'Or
2015-09-01 18:13 - 2014-12-02 14:30 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Les Chasseurs de Tresor - Reves d'Or
2015-09-01 18:13 - 2014-12-02 14:23 - 00000000 ___RD C:\Users\SEBASTIEN\Desktop\OBJETS CACHES
2015-09-01 18:13 - 2014-12-02 14:23 - 00000000 ___RD C:\Users\SEBASTIEN\Desktop\MACH3
2015-09-01 18:13 - 2014-12-02 14:23 - 00000000 ____D C:\Users\SEBASTIEN\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Les Gardiens du Joyau - Ile de Paques
2015-09-01 18:13 - 2014-12-02 14:23 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Les Gardiens du Joyau - Ile de Paques
2015-09-01 18:13 - 2014-12-02 14:22 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Jungle Fruit
2015-09-01 18:13 - 2014-12-02 14:21 - 00000000 ____D C:\Users\SEBASTIEN\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Kate Arrow - La Jungle Deserte
2015-09-01 18:13 - 2014-12-02 14:21 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Kate Arrow - La Jungle Deserte
2015-09-01 18:13 - 2014-12-02 14:19 - 00000000 ____D C:\Users\SEBASTIEN\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Laby
2015-09-01 18:13 - 2014-12-02 14:19 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Laby
2015-09-01 18:13 - 2014-12-02 14:18 - 00000000 ____D C:\Users\SEBASTIEN\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Jewel Match 3
2015-09-01 18:13 - 2014-12-02 14:18 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Jewel Match 3
2015-09-01 18:13 - 2014-12-02 14:15 - 00000000 ____D C:\Users\SEBASTIEN\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Hidden Expedition - Amazon
2015-09-01 18:13 - 2014-12-02 14:15 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Hidden Expedition - Amazon
2015-09-01 18:13 - 2014-12-02 14:13 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Flip Words
2015-09-01 18:13 - 2014-12-02 14:13 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Emerald Tale
2015-09-01 18:13 - 2014-12-02 14:12 - 00000000 ____D C:\Users\SEBASTIEN\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Cave Quest
2015-09-01 18:13 - 2014-12-02 14:12 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Cave Quest
2015-09-01 18:13 - 2014-12-02 14:11 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Azkend
2015-09-01 18:13 - 2014-12-02 14:10 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Atlantis Quest
2015-09-01 18:13 - 2014-11-25 13:53 - 00000000 ____D C:\Users\SEBASTIEN\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\The Treasures of Montezuma 4
2015-09-01 18:13 - 2014-11-25 13:36 - 00000000 ____D C:\Users\SEBASTIEN\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Cradle of Egypt
2015-09-01 18:13 - 2014-11-25 13:36 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Cradle of Egypt
2015-09-01 18:13 - 2014-11-18 19:33 - 00000000 ____D C:\Users\SEBASTIEN\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Shaolin Mystery - Le Sceptre du Dragon
2015-09-01 18:13 - 2014-11-18 18:07 - 00000000 ____D C:\Users\SEBASTIEN\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\LEpreuve des Dieux - Le Periple dAriane
2015-09-01 18:13 - 2014-11-18 18:07 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LEpreuve des Dieux - Le Periple dAriane
2015-09-01 18:13 - 2014-11-18 18:00 - 00000000 ____D C:\Users\SEBASTIEN\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Wizard's Hat
2015-09-01 18:13 - 2014-11-18 17:57 - 00000000 ____D C:\Users\SEBASTIEN\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Mon Beau Sapin
2015-09-01 18:13 - 2014-11-18 17:57 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mon Beau Sapin
2015-09-01 18:13 - 2014-11-18 17:55 - 00000000 ____D C:\Users\SEBASTIEN\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Heroes of Hellas 2 - Olympie
2015-09-01 18:13 - 2014-11-18 17:55 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Heroes of Hellas 2 - Olympie
2015-09-01 18:13 - 2014-11-18 17:50 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2015-09-01 18:13 - 2014-11-18 17:33 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2015-09-01 18:13 - 2014-11-18 17:32 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Enchanted Cavern
2015-09-01 18:13 - 2014-11-18 17:31 - 00000000 ____D C:\Users\SEBASTIEN\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Coupe Du Monde Solitaire
2015-09-01 18:13 - 2014-11-18 17:31 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Coupe Du Monde Solitaire
2015-09-01 18:13 - 2014-11-18 16:56 - 00000000 ____D C:\Users\SEBASTIEN\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Glyph 2
2015-09-01 18:13 - 2014-11-18 16:56 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Glyph 2
2015-09-01 18:13 - 2014-11-18 16:54 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Eco-Match
2015-09-01 18:13 - 2014-11-18 16:52 - 00000000 ____D C:\Users\SEBASTIEN\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Babylonia
2015-09-01 18:13 - 2014-11-18 16:52 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Babylonia
2015-09-01 18:13 - 2014-11-18 16:48 - 00000000 ____D C:\Users\SEBASTIEN\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\1912 - Titanic Mystery
2015-09-01 18:13 - 2014-11-18 16:48 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\1912 - Titanic Mystery
2015-09-01 18:13 - 2014-11-18 16:41 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Cradle of Rome
2015-09-01 18:13 - 2014-11-18 15:05 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
2015-09-01 18:13 - 2014-11-18 13:09 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2015-09-01 18:13 - 2014-11-17 12:16 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DragonStone
2015-09-01 18:13 - 2014-11-17 12:07 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Jewels of Cleopatra
2015-09-01 18:13 - 2014-11-17 12:05 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Le Comte de Monte Cristo
2015-09-01 18:13 - 2011-12-26 14:04 - 00000000 ___RD C:\Users\SEBASTIEN\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2015-09-01 18:13 - 2011-12-26 14:04 - 00000000 ___RD C:\Users\SEBASTIEN\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2015-09-01 18:13 - 2011-05-23 12:55 - 00000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2015-09-01 18:13 - 2011-05-23 12:54 - 00000000 ____D C:\Program Files\NVIDIA Corporation
2015-09-01 18:13 - 2011-03-03 14:41 - 00000000 ___RD C:\Program Files (x86)\Skype
2015-09-01 18:13 - 2009-07-14 05:20 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Maintenance
2015-09-01 18:13 - 2009-07-14 05:20 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories
2015-09-01 18:13 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\security
2015-09-01 18:13 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\PolicyDefinitions
2015-09-01 18:13 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\Help
2015-09-01 18:11 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\registration
2015-09-01 18:09 - 2012-01-02 20:32 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Cyanide
2015-09-01 15:34 - 2015-05-28 11:44 - 00000000 ____D C:\temp
2015-08-26 21:23 - 2014-11-17 12:05 - 00000000 ____D C:\ProgramData\TEMP
2015-08-26 21:14 - 2014-12-05 16:51 - 00000000 ____D C:\Users\SEBASTIEN\AppData\Roaming\Artogon
2015-08-25 12:47 - 2014-12-03 22:54 - 00000000 ____D C:\ProgramData\SecretsOfOlympus
2015-08-25 12:46 - 2015-01-19 14:14 - 00000000 ____D C:\Users\SEBASTIEN\AppData\Local\TravelRiddlesTripToIndia
2015-08-24 18:21 - 2014-11-17 12:19 - 00000000 ____D C:\ProgramData\Enkord
2015-08-24 17:47 - 2014-11-18 21:40 - 00000000 ____D C:\Users\SEBASTIEN\AppData\Roaming\Babylonia
2015-08-24 16:53 - 2011-05-23 13:03 - 00000000 ____D C:\Program Files (x86)\Realtek
2015-08-24 16:53 - 2011-03-03 14:18 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2015-08-24 16:43 - 2014-12-02 14:09 - 00000000 ____D C:\Program Files (x86)\Atlantis Quest
2015-08-24 13:14 - 2014-11-17 12:05 - 00000000 ____D C:\ProgramData\MonteCristo
2015-08-10 12:06 - 2009-07-14 07:09 - 00000000 ____D C:\Windows\System32\Tasks\WPD
2015-08-07 12:43 - 2011-03-03 14:41 - 00000000 ____D C:\ProgramData\Skype
2015-08-06 12:56 - 2015-07-10 19:02 - 00000000 ___HD C:\$Windows.~BT
2015-08-06 12:39 - 2011-03-03 12:54 - 00000000 ____D C:\Windows\Panther
2015-08-05 12:28 - 2015-04-07 17:06 - 00000000 ___SD C:\Windows\SysWOW64\GWX
 
==================== Fichiers à la racine de certains dossiers =======
 
2014-09-01 10:18 - 2014-09-01 10:18 - 0001248 _____ () C:\Users\SEBASTIEN\AppData\Roaming\GJKWJWF
2014-09-01 10:18 - 2014-09-01 10:18 - 0002086 _____ () C:\Users\SEBASTIEN\AppData\Roaming\RMNWCKQ
2014-11-18 17:55 - 2014-11-18 17:55 - 0000036 _____ () C:\Users\SEBASTIEN\AppData\Roaming\SuYZkvrV.tmp
2013-04-08 13:40 - 2013-04-08 13:40 - 0001858 _____ () C:\Users\SEBASTIEN\AppData\Roaming\UserTile.png
 
Certains fichiers dans TEMP:
====================
C:\Users\SEBASTIEN\AppData\Local\Temp\avgnt.exe
C:\Users\SEBASTIEN\AppData\Local\Temp\detectionapi_rd.dll
C:\Users\SEBASTIEN\AppData\Local\Temp\directx9tests_rd.dll
C:\Users\SEBASTIEN\AppData\Local\Temp\Launcher.exe
C:\Users\SEBASTIEN\AppData\Local\Temp\local.dll
C:\Users\SEBASTIEN\AppData\Local\Temp\mfc80.dll
C:\Users\SEBASTIEN\AppData\Local\Temp\mfc80u.dll
C:\Users\SEBASTIEN\AppData\Local\Temp\mfcm80.dll
C:\Users\SEBASTIEN\AppData\Local\Temp\mfcm80u.dll
C:\Users\SEBASTIEN\AppData\Local\Temp\msvcm80.dll
C:\Users\SEBASTIEN\AppData\Local\Temp\msvcp80.dll
C:\Users\SEBASTIEN\AppData\Local\Temp\msvcr80.dll
C:\Users\SEBASTIEN\AppData\Local\Temp\sqlite3.dll
C:\Users\SEBASTIEN\AppData\Local\Temp\_is1573.exe
C:\Users\SEBASTIEN\AppData\Local\Temp\_is2480.exe
C:\Users\SEBASTIEN\AppData\Local\Temp\_isAD40.exe
C:\Users\SEBASTIEN\AppData\Local\Temp\_isB7CB.exe
C:\Users\SEBASTIEN\AppData\Local\Temp\_isCC64.exe
 
 
==================== Bamital & volsnap =================
 
(Il n'y a pas de correction automatique pour les fichiers qui ne satisfont pas à la vérification.)
 
C:\Windows\system32\winlogon.exe => Le fichier est signé numériquement
C:\Windows\system32\wininit.exe => Le fichier est signé numériquement
C:\Windows\SysWOW64\wininit.exe => Le fichier est signé numériquement
C:\Windows\explorer.exe => Le fichier est signé numériquement
C:\Windows\SysWOW64\explorer.exe => Le fichier est signé numériquement
C:\Windows\system32\svchost.exe => Le fichier est signé numériquement
C:\Windows\SysWOW64\svchost.exe => Le fichier est signé numériquement
C:\Windows\system32\services.exe => Le fichier est signé numériquement
C:\Windows\system32\User32.dll => Le fichier est signé numériquement
C:\Windows\SysWOW64\User32.dll => Le fichier est signé numériquement
C:\Windows\system32\userinit.exe => Le fichier est signé numériquement
C:\Windows\SysWOW64\userinit.exe => Le fichier est signé numériquement
C:\Windows\system32\rpcss.dll => Le fichier est signé numériquement
C:\Windows\system32\dnsapi.dll => Le fichier est signé numériquement
C:\Windows\SysWOW64\dnsapi.dll => Le fichier est signé numériquement
C:\Windows\system32\Drivers\volsnap.sys => Le fichier est signé numériquement
 
 
LastRegBack: 2015-09-01 20:23
 
==================== Fin de FRST.txt ============================

 

Addition.txt

 

Résultats de l'Analyse supplémentaire de Farbar Recovery Scan Tool (x64) Version:31-08-2015

Exécuté par SEBASTIEN (2015-09-03 13:14:47)
Exécuté depuis C:\Users\SEBASTIEN\Desktop
Mode d'amorçage: Normal
==========================================================
 
 
==================== Comptes: =============================
 
Administrateur (S-1-5-21-1714738709-1909791266-908670872-500 - Administrator - Disabled)
Invité (S-1-5-21-1714738709-1909791266-908670872-501 - Limited - Enabled) => C:\Users\Invité
SEBASTIEN (S-1-5-21-1714738709-1909791266-908670872-1000 - Administrator - Enabled) => C:\Users\SEBASTIEN
 
==================== Centre de sécurité ========================
 
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé.)
 
AV: Avira Antivirus (Enabled - Up to date) {4D041356-F94D-285F-8768-AAE50FA36859}
AS: Avira Antivirus (Enabled - Up to date) {F665F2B2-DF77-27D1-BDD8-9197742422E4}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
 
==================== Programmes installés ======================
 
(Seuls les logiciels publicitaires ('adware') avec la marque 'caché' ('Hidden') sont susceptibles d'être ajoutés au fichier fixlist.txt pour qu'ils ne soient plus masqués. Les programmes publicitaires devront être désinstallés manuellement.)
 
1912: Titanic Mystery (HKLM-x32\...\BFG-1912 - Titanic Mystery) (Version:  - )
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 2.0.3.13070 - Adobe Systems Inc.)
Adobe Flash Player 10 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 10.1.102.64 - Adobe Systems Incorporated)
Adobe Reader X (10.1.13) MUI (HKLM-x32\...\{AC76BA86-7AD7-FFFF-7B44-AA0000000001}) (Version: 10.1.13 - Adobe Systems Incorporated)
Around the World in 80 Days (HKLM-x32\...\BFG-Around the World in 80 Days) (Version:  - )
Atheros Communications Inc.® AR81Family Gigabit/Fast Ethernet Driver (HKLM-x32\...\{3108C217-BE83-42E4-AE9E-A56A2A92E549}) (Version: 1.0.0.36 - Atheros Communications Inc.)
Atlantis Quest (HKLM-x32\...\BFG-Atlantis Quest) (Version:  - )
Avira (HKLM-x32\...\{a5e00a72-db4a-4f77-8874-d1265b8fcd7e}) (Version: 1.1.42.10415 - Avira Operations GmbH & Co. KG)
Avira (x32 Version: 1.1.42.10415 - Avira Operations GmbH & Co. KG) Hidden
Avira Antivirus (HKLM-x32\...\Avira Antivirus) (Version: 15.0.12.420 - Avira Operations GmbH & Co. KG)
Azkend (HKLM-x32\...\BFG-Azkend) (Version:  - )
Babylonia (HKLM-x32\...\BFG-Babylonia) (Version:  - )
Big Fish: Game Manager (HKLM-x32\...\BFGC) (Version: 3.3.0.2 - )
Cave Quest (HKLM-x32\...\BFG-Cave Quest) (Version:  - )
Cisco EAP-FAST Module (HKLM-x32\...\{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}) (Version: 2.2.14 - Cisco Systems, Inc.)
Cisco LEAP Module (HKLM-x32\...\{51C7AD07-C3F6-4635-8E8A-231306D810FE}) (Version: 1.0.19 - Cisco Systems, Inc.)
Cisco PEAP Module (HKLM-x32\...\{ED5776D5-59B4-46B7-AF81-5F2D94D7C640}) (Version: 1.1.6 - Cisco Systems, Inc.)
Complément Messenger (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Complemento Messenger (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Conexant HD Audio (HKLM\...\CNXT_AUDIO_HDA) (Version: 8.51.1.0 - Conexant)
Coupe Du Monde Solitaire (HKLM-x32\...\BFG-Coupe Du Monde Solitaire) (Version:  - )
Cradle of Egypt (HKLM-x32\...\BFG-Cradle of Egypt) (Version:  - )
Cradle of Rome (HKLM-x32\...\BFG-Cradle of Rome) (Version:  - )
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
DragonStone (HKLM-x32\...\BFG-DragonStone) (Version:  - )
Eco-Match (HKLM-x32\...\BFG-Eco-Match) (Version:  - )
Emerald Tale (HKLM-x32\...\BFG-Emerald Tale) (Version:  - )
Enchanted Cavern (HKLM-x32\...\BFG-Enchanted Cavern) (Version:  - )
Flip Words (HKLM-x32\...\BFG-Flip Words) (Version:  - )
Galeria de Fotografias do Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galerie de photos Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Glyph 2 (HKLM-x32\...\BFG-Glyph 2) (Version:  - )
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 45.0.2454.85 - Google Inc.)
Google Update Helper (x32 Version: 1.3.28.13 - Google Inc.) Hidden
Heroes of Hellas 2: Olympie (HKLM-x32\...\BFG-Heroes of Hellas 2 - Olympie) (Version:  - )
Hidden Expedition: Amazon ™ (HKLM-x32\...\BFG-Hidden Expedition - Amazon) (Version:  - )
High-Definition Video Playback (x32 Version: 7.1.13900.47.0 - Nero AG) Hidden
Imperial Island: La Naissance d'un Empire (HKLM-x32\...\BFG-Imperial Island - La Naissance d un Empire) (Version:  - )
Intel® Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 7.0.0.1144 - Intel Corporation)
Intel® Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 10.1.2.1004 - Intel Corporation)
Java 8 Update 25 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218025F0}) (Version: 8.0.250 - Oracle Corporation)
Jewel Match 3 (HKLM-x32\...\BFG-Jewel Match 3) (Version:  - )
Jewels of Cleopatra (HKLM-x32\...\BFG-Jewels of Cleopatra) (Version:  - )
Jungle Fruit (HKLM-x32\...\BFG-Jungle Fruit) (Version:  - )
Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Kate Arrow: La Jungle Déserte (HKLM-x32\...\BFG-Kate Arrow - La Jungle Deserte) (Version:  - )
Laby (HKLM-x32\...\BFG-Laby) (Version:  - )
Le Comte de Monte Cristo (HKLM-x32\...\BFG-Le Comte de Monte Cristo) (Version:  - )
L'Epreuve des Dieux: Le Périple d'Ariane (HKLM-x32\...\BFG-LEpreuve des Dieux - Le Periple dAriane) (Version:  - )
Les Chasseurs de Trésor ™ II: Les Toiles Enchantées (HKLM-x32\...\BFG-Les Chasseurs de Tresor II - Les Toiles Enchantees) (Version:  - )
Les Chasseurs de Trésor ™: Rêves d'Or (HKLM-x32\...\BFG-Les Chasseurs de Tresor - Reves d'Or) (Version:  - )
Les Chasseurs de Trésor: Sur la Piste des Fantômes (HKLM-x32\...\BFG-Les Chasseurs de Tresor - Sur la Piste des Fantomes) (Version:  - )
Les Gardiens du Joyau : Ile de Pâques (HKLM-x32\...\BFG-Les Gardiens du Joyau - Ile de Paques) (Version:  - )
Les Trésors de Montezuma 2 (HKLM-x32\...\BFG-Les Tresors de Montezuma 2) (Version:  - )
Logiciel Intel® PROSet/Wireless (HKLM-x32\...\{7a06df8f-4c5a-4207-aa9e-019406e3a46d}) (Version: 17.1.0 - Intel Corporation)
Luxor 3 (HKLM-x32\...\BFG-Luxor 3) (Version:  - )
Malwarebytes Anti-Malware version 2.1.8.1057 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.1.8.1057 - Malwarebytes Corporation)
Mesh Runtime (x32 Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Messenger Companion (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (Français) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1036) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft Office 2010 (HKLM-x32\...\{95140000-0070-0000-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Primary Interoperability Assemblies 2005 (HKLM-x32\...\{2C303EE0-A595-3543-A71A-931C7AC40EDE}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.40728.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Million Dollar Quest (HKLM-x32\...\BFG-Million Dollar Quest) (Version:  - )
Mises à jour NVIDIA 16.13.65 (Version: 16.13.65 - NVIDIA Corporation) Hidden
Mon Beau Sapin (HKLM-x32\...\BFG-Mon Beau Sapin) (Version:  - )
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
Mushroom Age (HKLM-x32\...\BFG-Mushroom Age) (Version:  - )
My Kingdom for the Princess (HKLM-x32\...\BFG-My Kingdom for the Princess) (Version:  - )
Mystery P.I.: The Vegas Heist (HKLM-x32\...\BFG-Mystery P.I. - The Vegas Heist) (Version:  - )
Nero BackItUp 10 (HKLM-x32\...\{68AB6930-5BFF-4FF6-923B-516A91984FE6}) (Version: 5.6.11500.16.100 - Nero AG)
Nero BurnRights 10 (HKLM-x32\...\{943CFD7D-5336-47AF-9418-E02473A5A517}) (Version: 4.2.10500.1.102 - Nero AG)
Nero Express 10 (HKLM-x32\...\{70550193-1C22-445C-8FA4-564E155DB1A7}) (Version: 10.2.12000.21.100 - Nero AG)
Nero InfoTool 10 (HKLM-x32\...\{F412B4AF-388C-4FF5-9B2F-33DB1C536953}) (Version: 7.2.10400.5.100 - Nero AG)
Nero MediaHub 10 (HKLM-x32\...\{1F7FB68F-52F6-46A3-B42F-38CE46295AE5}) (Version: 1.2.13300.36.100 - Nero AG)
Nero Multimedia Suite 10 Essentials (HKLM-x32\...\{0FF68F26-416C-4954-ACA5-6AD5F9DE99C1}) (Version: 10.5.14800 - Nero AG)
Nero RescueAgent 10 (HKLM-x32\...\{E337E787-CF61-4B7B-B84F-509202A54023}) (Version: 3.2.10800.9.100 - Nero AG)
Nero StartSmart 10 (HKLM-x32\...\{F61D489E-6C44-49AC-AD02-7DA8ACA73A65}) (Version: 10.2.11600.14.100 - Nero AG)
Nero Update (HKLM-x32\...\{65BB0407-4CC8-4DC7-952E-3EEFDF05602A}) (Version: 1.0.10300.25.0 - Nero AG)
Nightfall Mysteries: La Malédiction de l'Opéra (HKLM-x32\...\BFG-Nightfall Mysteries - La Malediction de l'Opera) (Version:  - )
NVIDIA GeForce Experience 2.1.4 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.1.4 - NVIDIA Corporation)
NVIDIA Logiciel système PhysX 9.14.0702 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.14.0702 - NVIDIA Corporation)
NVIDIA Pilote 3D Vision 344.75 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 344.75 - NVIDIA Corporation)
NVIDIA Pilote audio HD : 1.3.32.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.32.1 - NVIDIA Corporation)
NVIDIA Pilote graphique 344.75 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 344.75 - NVIDIA Corporation)
Panneau de configuration NVIDIA 344.75 (Version: 344.75 - NVIDIA Corporation) Hidden
Pro Evolution Soccer 2009 (HKLM-x32\...\{A8DB611A-D80E-450D-85F6-3ACDD164BE31}) (Version: 1.00.0000 - KONAMI)
Pro Evolution Soccer 2010 (HKLM-x32\...\{283FFB23-8751-4B08-ACB8-5E0F8BCF7727}) (Version: 1.00.0000 - KONAMI)
Pro Evolution Soccer 2011 (HKLM-x32\...\{1148E85C-E1AF-48E0-A29C-68DACE07E054}) (Version: 1.00.0000 - KONAMI)
Pro Evolution Soccer 2013 (HKLM-x32\...\{C2523AE6-F335-4D0B-BC15-1C07E4ACE629}) (Version: 1.00.0000 - KONAMI)
ProtectDisc Driver, Version 11 (HKLM-x32\...\ProtectDisc Driver 11) (Version: 11.0.0.11 - ProtectDisc Software GmbH)
Réincarnations: L'Éveil (HKLM-x32\...\BFG-Reincarnations - L'Eveil) (Version:  - )
Rêves d'orient (HKLM-x32\...\BFG-Reves d'orient) (Version:  - )
Rhianna Ford & La Lettre de Léonard de Vinci (HKLM-x32\...\BFG-Rhianna Ford - La Lettre de Leonard de Vinci) (Version:  - )
Rise of Dynasty (HKLM-x32\...\BFG-Rise of Dynasty) (Version:  - )
Secrets of Olympus (HKLM-x32\...\BFG-Secrets of Olympus) (Version:  - )
Shaolin Mystery: Le Sceptre du Dragon (HKLM-x32\...\BFG-Shaolin Mystery - Le Sceptre du Dragon) (Version:  - )
SHIELD Streaming (Version: 3.1.2000 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (Version: 16.13.65 - NVIDIA Corporation) Hidden
Skype™ 7.7 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.7.103 - Skype Technologies S.A.)
Stoneloops! of Jurassica (HKLM-x32\...\BFG-Stoneloops! of Jurassica) (Version:  - )
Svetlograd (HKLM-x32\...\BFG-Svetlograd) (Version:  - )
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 15.2.11.1 - Synaptics Incorporated)
The Path of Hercules (HKLM-x32\...\BFG-The Path of Hercules) (Version:  - )
The Treasures of Montezuma (HKLM-x32\...\BFG-The Treasures of Montezuma) (Version:  - )
The Treasures of Montezuma 3 (HKLM-x32\...\BFG-The Treasures of Montezuma 3) (Version:  - )
The Treasures of Montezuma 4 (HKLM-x32\...\BFG-The Treasures of Montezuma 4) (Version:  - )
Tom Clancy's Rainbow Six Vegas 2 (HKLM-x32\...\{FD416706-875C-4B0B-A23A-9E740DAE029E}) (Version: 1.00 - Ubisoft)
TOSHIBA Assist (HKLM-x32\...\{C2A276E3-154E-44DC-AAF1-FFDD7FD30E35}) (Version: 4.02.02 - TOSHIBA CORPORATION)
TOSHIBA Bulletin Board (HKLM-x32\...\InstallShield_{229C190B-7690-40B7-8680-42530179F3E9}) (Version: 2.0.16.64 - TOSHIBA Corporation)
TOSHIBA ConfigFree (HKLM-x32\...\{F52618B2-A995-4F8D-A6C8-9E235A470C68}) (Version: 8.0.36 - TOSHIBA CORPORATION)
TOSHIBA Disc Creator (HKLM\...\{5DA0E02F-970B-424B-BF41-513A5018E4C0}) (Version: 2.1.0.6 for x64 - TOSHIBA Corporation)
TOSHIBA eco Utility (HKLM-x32\...\InstallShield_{B3FF1CD9-B2F0-4D71-BB55-5F580401C48E}) (Version: 1.2.23.64 - TOSHIBA Corporation)
TOSHIBA Face Recognition (HKLM-x32\...\InstallShield_{F67FA545-D8E5-4209-86B1-AEE045D1003F}) (Version: 3.1.8.64 - TOSHIBA Corporation)
TOSHIBA Hardware Setup (HKLM-x32\...\InstallShield_{C4FFA951-9678-4D51-84B4-AFD15D3C45AD}) (Version: 4.08.06.00 - )
TOSHIBA HDD/SSD Alert (HKLM-x32\...\InstallShield_{D4322448-B6AF-4316-B859-D8A0E84DCB38}) (Version: 3.1.64.7 - TOSHIBA Corporation)
Toshiba Manuals (HKLM-x32\...\{90FF4432-21B7-4AF6-BA6E-FB8C1FED9173}) (Version: 10.02 - TOSHIBA)
TOSHIBA Online Product Information (HKLM-x32\...\{2290A680-4083-410A-ADCC-7092C67FC052}) (Version: 4.00.0008 - TOSHIBA)
TOSHIBA PC Health Monitor (HKLM\...\{9DECD0F9-D3E8-48B0-A390-1CF09F54E3A4}) (Version: 1.7.4.64 - TOSHIBA Corporation)
TOSHIBA Recovery Media Creator (HKLM-x32\...\{B65BBB06-1F8E-48F5-8A54-B024A9E15FDF}) (Version: 2.1.3.10010 - TOSHIBA CORPORATION)
TOSHIBA Recovery Media Creator Reminder (HKLM-x32\...\InstallShield_{773970F1-5EBA-4474-ADEE-1EA3B0A59492}) (Version: 1.00.0019 - TOSHIBA)
TOSHIBA ReelTime (HKLM-x32\...\InstallShield_{24811C12-F4A9-4D0F-8494-A7B8FE46123C}) (Version: 1.7.17.64 - TOSHIBA Corporation)
TOSHIBA Service Station (HKLM-x32\...\{AC6569FA-6919-442A-8552-073BE69E247A}) (Version: 2.1.52 - TOSHIBA)
TOSHIBA Sleep Utility (HKLM-x32\...\{654F7484-88C5-46DC-AB32-C66BCB0E2102}) (Version: 1.4.2.7 - TOSHIBA Corporation)
TOSHIBA Supervisor Password (HKLM-x32\...\InstallShield_{CBD6B23D-41D5-4A46-8019-6208516C9712}) (Version: 4.08.06.00 - )
TOSHIBA TEMPRO (HKLM-x32\...\{F082CB11-4794-4259-99A1-D91BA762AD15}) (Version: 3.35 - Toshiba Europe GmbH)
TOSHIBA Value Added Package (HKLM-x32\...\InstallShield_{066CFFF8-12BF-4390-A673-75F95EFF188E}) (Version: 1.5.1.64 - TOSHIBA Corporation)
TOSHIBA Web Camera Application (HKLM-x32\...\InstallShield_{6F3C8901-EBD3-470D-87F8-AC210F6E5E02}) (Version: 1.1.6.3 - TOSHIBA Corporation)
Travel Riddles: Trip to India (HKLM-x32\...\BFG-Travel Riddles - Trip to India) (Version:  - )
TRORMCLauncher (HKLM-x32\...\InstallShield_{E65C7D8E-186D-484B-BEA8-DEF0331CE600}) (Version:  - )
TRORMCLauncher (Version: 1.0.0.10 - TOSHIBA) Hidden
Vault Cracker (HKLM-x32\...\BFG-Vault Cracker) (Version:  - )
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3508.1109 - Microsoft Corporation)
Wizard's Hat (HKLM-x32\...\BFG-Wizard's Hat) (Version:  - )
بريد Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
معرض صور Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
 
==================== Personnalisé CLSID (Avec liste blanche): ==========================
 
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
 
 
==================== Points de restauration =========================
 
02-09-2015 10:26:18 Windows Update
02-09-2015 12:36:54 Uniblue SpeedUpMyPC installation
02-09-2015 12:42:06 Uniblue SpeedUpMyPC installation
02-09-2015 12:55:52 Opération de restauration
03-09-2015 13:08:21 Windows Update
 
==================== Hosts contenu: ===============================
 
(Si nécessaire, la commande Hosts: peut être incluse dans le fichier fixlist.txt afin de réinitialiser le fichier hosts.)
 
2009-07-14 04:34 - 2014-11-18 12:52 - 00000824 ____N C:\Windows\system32\Drivers\etc\hosts
 
==================== Tâches planifiées (Avec liste blanche) =============
 
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
 
Task: {12EF5AF1-6DA8-4104-8D3F-0CB6AD47BD22} - System32\Tasks\{1D85356A-4E6E-4348-99C4-A5BC1931E661} => pcalua.exe -a "C:\Program Files (x86)\InstallShield Installation Information\{FD416706-875C-4B0B-A23A-9E740DAE029E}\setup.exe" -c -runfromtemp -l0x040c -removeonly
Task: {619DF43A-C4F1-4E9C-BF4A-DEA3D24557AC} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-09-01] (Google Inc.)
Task: {61F4DF97-9D42-4A52-852F-AD177E406825} - System32\Tasks\GJKWJWF => C:\Users\SEBASTIEN\AppData\Roaming\GJKWJWF.exe <==== ATTENTION
Task: {643F5034-9159-4736-AB22-628789015131} - System32\Tasks\RMNWCKQ => C:\Users\SEBASTIEN\AppData\Roaming\RMNWCKQ.exe <==== ATTENTION
Task: {93411CE9-04D3-4989-AC8C-702F22F5A609} - System32\Tasks\ConfigFree Startup Programs => C:\Program Files (x86)\TOSHIBA\ConfigFree\NDSTray.exe [2010-12-03] (TOSHIBA CORPORATION)
Task: {94E829AB-D9C0-47D3-AD54-6DA9126762CF} - System32\Tasks\{9CCAEF95-9090-400F-B511-3E2066091097} => pcalua.exe -a "C:\Program Files (x86)\Monte Cristo\Fire Department 3\FireSplash.exe" -d "C:\Program Files (x86)\Monte Cristo\Fire Department 3"
Task: {EFC309ED-79B5-42FA-9C16-C263AE34470B} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-09-01] (Google Inc.)
Task: {F41459CA-87DA-44C3-9422-45FA954CFF58} - System32\Tasks\Microsoft\Windows\Application Experience\ProgramDataUpdater => Rundll32.exe invagent.dll,RunUpdate -noappraiser
 
(Si un élément est inclus dans le fichier fixlist.txt, le fichier tâche (.job) sera déplacé. Le fichier exécuté par la tâche ne sera pas déplacé.)
 
Task: C:\Windows\Tasks\GJKWJWF.job => C:\Users\SEBASTIEN\AppData\Roaming\GJKWJWF.exe <==== ATTENTION
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\RMNWCKQ.job => C:\Users\SEBASTIEN\AppData\Roaming\RMNWCKQ.exe <==== ATTENTION
 
==================== Modules chargés (Avec liste blanche) ==============
 
2014-11-18 15:04 - 2014-11-12 23:56 - 00118080 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2010-12-13 18:32 - 2010-12-13 18:32 - 03420584 _____ () C:\Program Files\Toshiba\BulletinBoard\TosNcUi.dll
2010-11-18 17:18 - 2010-11-18 17:18 - 11190784 _____ () C:\Program Files\Toshiba\FlashCards\BlackPng.dll
2010-12-15 15:19 - 2010-12-15 15:19 - 00124320 _____ () C:\Program Files\Toshiba\TECO\MUIHelp.dll
2011-03-03 14:41 - 2011-02-22 11:03 - 00559104 _____ () C:\Program Files (x86)\TOSHIBA\TOSHIBA Online Product Information\fr\Humphrey.resources.dll
2010-12-08 15:42 - 2010-12-08 15:42 - 00079264 _____ () C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosIPCWraper.dll
2015-09-02 11:24 - 2015-08-28 02:17 - 01501512 _____ () C:\Program Files (x86)\Google\Chrome\Application\45.0.2454.85\libglesv2.dll
2015-09-02 11:24 - 2015-08-28 02:17 - 00081224 _____ () C:\Program Files (x86)\Google\Chrome\Application\45.0.2454.85\libegl.dll
2015-09-02 11:24 - 2015-08-28 02:17 - 16393032 _____ () C:\Program Files (x86)\Google\Chrome\Application\45.0.2454.85\PepperFlash\pepflashplayer.dll
 
==================== Alternate Data Streams (Avec liste blanche) =========
 
(Si un élément est inclus dans le fichier fixlist.txt, seul le flux de données additionnel (ADS - Alternate Data Stream) sera supprimé.)
 
AlternateDataStreams: C:\ProgramData\TEMP:0AC32449
AlternateDataStreams: C:\ProgramData\TEMP:124B94C0
AlternateDataStreams: C:\ProgramData\TEMP:16A4620C
AlternateDataStreams: C:\ProgramData\TEMP:1EE5EBCB
AlternateDataStreams: C:\ProgramData\TEMP:27D1368B
AlternateDataStreams: C:\ProgramData\TEMP:28CCFEFB
AlternateDataStreams: C:\ProgramData\TEMP:2CB9631F
AlternateDataStreams: C:\ProgramData\TEMP:2EA99C48
AlternateDataStreams: C:\ProgramData\TEMP:2FBB2B9B
AlternateDataStreams: C:\ProgramData\TEMP:35A81752
AlternateDataStreams: C:\ProgramData\TEMP:3E06C78F
AlternateDataStreams: C:\ProgramData\TEMP:436BE28C
AlternateDataStreams: C:\ProgramData\TEMP:43A31AEA
AlternateDataStreams: C:\ProgramData\TEMP:43C9D140
AlternateDataStreams: C:\ProgramData\TEMP:43D34EF3
AlternateDataStreams: C:\ProgramData\TEMP:47FE7AB7
AlternateDataStreams: C:\ProgramData\TEMP:4AB83B21
AlternateDataStreams: C:\ProgramData\TEMP:538A9F02
AlternateDataStreams: C:\ProgramData\TEMP:569CEE83
AlternateDataStreams: C:\ProgramData\TEMP:57B374AB
AlternateDataStreams: C:\ProgramData\TEMP:59846E5E
AlternateDataStreams: C:\ProgramData\TEMP:5A437AC3
AlternateDataStreams: C:\ProgramData\TEMP:5AE41FFB
AlternateDataStreams: C:\ProgramData\TEMP:6017A808
AlternateDataStreams: C:\ProgramData\TEMP:639BB5E9
AlternateDataStreams: C:\ProgramData\TEMP:64170090
AlternateDataStreams: C:\ProgramData\TEMP:69D59C23
AlternateDataStreams: C:\ProgramData\TEMP:73AFBB96
AlternateDataStreams: C:\ProgramData\TEMP:7B8AF9AA
AlternateDataStreams: C:\ProgramData\TEMP:8B4B9596
AlternateDataStreams: C:\ProgramData\TEMP:9290C91C
AlternateDataStreams: C:\ProgramData\TEMP:98982C88
AlternateDataStreams: C:\ProgramData\TEMP:99A29126
AlternateDataStreams: C:\ProgramData\TEMP:9B3B8E95
AlternateDataStreams: C:\ProgramData\TEMP:9B711F92
AlternateDataStreams: C:\ProgramData\TEMP:9C8D5426
AlternateDataStreams: C:\ProgramData\TEMP:A2907225
AlternateDataStreams: C:\ProgramData\TEMP:AC95B5ED
AlternateDataStreams: C:\ProgramData\TEMP:BF6C81B2
AlternateDataStreams: C:\ProgramData\TEMP:C3D26A8A
AlternateDataStreams: C:\ProgramData\TEMP:C72A744C
AlternateDataStreams: C:\ProgramData\TEMP:C7F5E798
AlternateDataStreams: C:\ProgramData\TEMP:D2397415
AlternateDataStreams: C:\ProgramData\TEMP:D4BB0AD6
AlternateDataStreams: C:\ProgramData\TEMP:D51F4BAE
AlternateDataStreams: C:\ProgramData\TEMP:DE47A3DA
AlternateDataStreams: C:\ProgramData\TEMP:DFC3B090
AlternateDataStreams: C:\ProgramData\TEMP:E1CC2D5E
AlternateDataStreams: C:\ProgramData\TEMP:E2295807
AlternateDataStreams: C:\ProgramData\TEMP:F0A06891
AlternateDataStreams: C:\ProgramData\TEMP:F8F070C2
AlternateDataStreams: C:\ProgramData\TEMP:FB430AFA
AlternateDataStreams: C:\ProgramData\TEMP:FBE5FDB9
 
==================== Mode sans échec (Avec liste blanche) ===================
 
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le "AlternateShell" sera restauré.)
 
 
==================== EXE Association (Avec liste blanche) ===============
 
(Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé.)
 
 
==================== Internet Explorer sites de confiance/sensibles ===============
 
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre.)
 
 
==================== Autres zones ============================
 
(Actuellement, il n'y a pas de correction automatique pour cette section.)
 
HKU\S-1-5-21-1714738709-1909791266-908670872-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\SEBASTIEN\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
HKU\S-1-5-21-1714738709-1909791266-908670872-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Control Panel\Desktop\\Wallpaper -> C:\Users\SEBASTIEN\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
HKU\S-1-5-21-1714738709-1909791266-908670872-501-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Control Panel\Desktop\\Wallpaper -> C:\Users\Invité\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Le Pare-feu est activé.
 
==================== MSCONFIG/TASK MANAGER éléments désactivés ==
 
(Actuellement, il n'y a pas de correction automatique pour cette section.)
 
MSCONFIG\startupfolder: C:^Users^SEBASTIEN^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^MyPC Backup.lnk => C:\Windows\pss\MyPC Backup.lnk.Startup
MSCONFIG\startupreg: Adobe ARM => "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
MSCONFIG\startupreg: Adobe Reader Speed Launcher => "C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe"
MSCONFIG\startupreg: NBAgent => "c:\Program Files (x86)\Nero\Nero 10\Nero BackItUp\NBAgent.exe" /WinStart
 
==================== RèglesPare-feu (Avec liste blanche) ===============
 
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
 
FirewallRules: [{E4B835F9-97A8-420C-B4CB-4E3E3DD0CE12}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{CB3033A9-1BA0-4795-B19B-BE5C501E90BD}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{0CC488C1-893A-4428-89FC-212558E8BC5B}] => (Allow) LPort=2869
FirewallRules: [{D5987659-7889-461B-8084-C95A811D09DF}] => (Allow) LPort=1900
FirewallRules: [{A84FABB1-F4F4-4E56-8B6E-A4A9EAE50EB2}] => (Allow) C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe
FirewallRules: [{90EB44D0-8807-4AB8-813B-B22D5B3BDFBC}] => (Allow) C:\Program Files (x86)\Windows Live\Mesh\MOE.exe
FirewallRules: [{14D7BA49-F126-4298-B5DC-04350CCAD519}] => (Allow) LPort=48113
FirewallRules: [{D8B374DD-63DB-4118-9FC4-91E1031C7D5E}] => (Allow) LPort=48114
FirewallRules: [{A8E4AF19-58A7-4799-B6D1-33F98A9BA616}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{813C66AD-7F33-4228-82AD-8F44523B6A7E}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{5C2C1096-AE08-47C5-878C-BD3801F7ABD8}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
FirewallRules: [{E087159B-B34D-493A-A2DF-869FFE7B7093}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
FirewallRules: [{B4C64008-2E76-4BE0-98E4-33DB0F502EBC}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{0CF55033-8460-4417-892A-A74A72B9C364}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [TCP Query User{CD9A2768-9A8A-41AB-9398-FD57E5779FDF}C:\program files (x86)\java\jre1.8.0_25\bin\javaw.exe] => (Block) C:\program files (x86)\java\jre1.8.0_25\bin\javaw.exe
FirewallRules: [UDP Query User{5841D1FC-7936-4960-A18D-96A643F27641}C:\program files (x86)\java\jre1.8.0_25\bin\javaw.exe] => (Block) C:\program files (x86)\java\jre1.8.0_25\bin\javaw.exe
FirewallRules: [TCP Query User{EE40D079-DF02-4745-A71A-6E0A13A27AC9}C:\program files (x86)\konami\pro evolution soccer 2009\pes2009.exe] => (Allow) C:\program files (x86)\konami\pro evolution soccer 2009\pes2009.exe
FirewallRules: [UDP Query User{D573F966-7C9D-4CB0-8871-E262ADB43295}C:\program files (x86)\konami\pro evolution soccer 2009\pes2009.exe] => (Allow) C:\program files (x86)\konami\pro evolution soccer 2009\pes2009.exe
FirewallRules: [{0CABF62E-59E8-4E2D-9BDC-A2290C2D49D8}] => (Allow) C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
FirewallRules: [{8FAF320B-0AB2-4FC8-8469-445F4B2A4931}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
 
==================== Éléments en erreur du Gestionnaire de périphériques =============
 
Name: Contrôleur de réseau
Description: Contrôleur de réseau
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
 
Name: Teredo Tunneling Pseudo-Interface
Description: Microsoft Teredo Tunneling Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.
 
 
==================== Erreurs du Journal des événements: =========================
 
Erreurs Application:
==================
Error: (09/02/2015 02:46:50 PM) (Source: NvStreamSvc) (EventID: 1) (User: )
Description: NvStreamSvcNvVAD initialization failed [6]
 
Error: (09/02/2015 02:46:50 PM) (Source: NvStreamSvc) (EventID: 1) (User: )
Description: NvStreamSvcFailed to set NvVAD endpoint as default Audio endpoint [0]
 
Error: (09/02/2015 02:46:50 PM) (Source: NvStreamSvc) (EventID: 1) (User: )
Description: NvStreamSvcNvVAD endpoint registration failed [0]
 
Error: (09/02/2015 01:02:03 PM) (Source: System Restore) (EventID: 8210) (User: )
Description: Une erreur non spécifiée s’est produite au cours de la restauration du système : (Sauvegarde Windows). Informations supplémentaires : 0x8000ffff.
 
Error: (09/01/2015 07:05:37 PM) (Source: Avira Antivirus) (EventID: 4117) (User: AUTORITE NT)
Description: Le fichier de clé ne contient pas de licence valide. Le service va être arrêté.
 
Error: (09/01/2015 06:52:36 PM) (Source: Avira Antivirus) (EventID: 4117) (User: AUTORITE NT)
Description: Le fichier de clé ne contient pas de licence valide. Le service va être arrêté.
 
Error: (09/01/2015 06:19:29 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3012) (User: AUTORITE NT)
Description: Les chaînes de performance dans la valeur de Registre Performance sont endommagées lors du traitement du fournisseur de compteurs d’extension Performance. La valeur BaseIndex à partir du Registre de performance est le premier DWORD dans la section Données, la valeur LastCounter est le deuxième DWORD dans la section Données, et la valeur LastHelp est le troisième DWORD dans la section Données.
 
Error: (09/01/2015 06:15:26 PM) (Source: Avira Antivirus) (EventID: 4117) (User: AUTORITE NT)
Description: Le fichier de clé ne contient pas de licence valide. Le service va être arrêté.
 
Error: (09/01/2015 03:15:12 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3012) (User: AUTORITE NT)
Description: Les chaînes de performance dans la valeur de Registre Performance sont endommagées lors du traitement du fournisseur de compteurs d’extension Performance. La valeur BaseIndex à partir du Registre de performance est le premier DWORD dans la section Données, la valeur LastCounter est le deuxième DWORD dans la section Données, et la valeur LastHelp est le troisième DWORD dans la section Données.
 
Error: (09/01/2015 02:00:54 PM) (Source: RasClient) (EventID: 20227) (User: )
Description: CoID={3950049B-EFE3-4D49-B23A-1962A6CDAF0D} : L’utilisateur SEBASTIEN-TOSH\SEBASTIEN a composé le numéro de la connexion Connexion haut débit. La connexion a échoué. Code d’erreur retourné : 651.
 
 
Erreurs système:
=============
Error: (09/02/2015 03:01:34 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: AUTORITE NT)
Description: Échec de l’installation : l’installation de la mise à jour suivante a échoue avec l’erreur 0x80240020 : Passer à la version Windows 10 Famille.
 
Error: (09/02/2015 02:47:19 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Le pilote de démarrage système ou d’amorçage suivant n’a pas pu se charger : 
sfsync02
 
Error: (09/02/2015 02:46:13 PM) (Source: Application Popup) (EventID: 875) (User: )
Description: Le chargement du pilote sfsync02.sys a été bloqué.
 
Error: (09/02/2015 01:48:12 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Le pilote de démarrage système ou d’amorçage suivant n’a pas pu se charger : 
sfsync02
 
Error: (09/02/2015 01:47:31 PM) (Source: Application Popup) (EventID: 875) (User: )
Description: Le chargement du pilote sfsync02.sys a été bloqué.
 
Error: (09/02/2015 01:46:50 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Le service Programme d’installation pour les modules Windows s’est terminé de manière inattendue. Ceci s’est produit 1 fois. L’action corrective suivante va être effectuée dans 120000 millisecondes : Redémarrer le service.
 
Error: (09/02/2015 01:46:50 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Le service TPCH Service s’est terminé de façon inattendue pour la 1ème fois.
 
Error: (09/02/2015 01:46:50 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Le service TOSHIBA HDD SSD Alert Service s’est terminé de façon inattendue pour la 1ème fois.
 
Error: (09/02/2015 01:46:50 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Le service Intel® Management and Security Application User Notification Service s’est terminé de façon inattendue pour la 1ème fois.
 
Error: (09/02/2015 01:46:49 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Le service Windows Search s’est terminé de manière inattendue. Ceci s’est produit 1 fois. L’action corrective suivante va être effectuée dans 30000 millisecondes : Redémarrer le service.
 
 
Microsoft Office:
=========================
Error: (09/02/2015 02:46:50 PM) (Source: NvStreamSvc) (EventID: 1) (User: )
Description: NvStreamSvcNvVAD initialization failed [6]
 
Error: (09/02/2015 02:46:50 PM) (Source: NvStreamSvc) (EventID: 1) (User: )
Description: NvStreamSvcFailed to set NvVAD endpoint as default Audio endpoint [0]
 
Error: (09/02/2015 02:46:50 PM) (Source: NvStreamSvc) (EventID: 1) (User: )
Description: NvStreamSvcNvVAD endpoint registration failed [0]
 
Error: (09/02/2015 01:02:03 PM) (Source: System Restore) (EventID: 8210) (User: )
Description: Sauvegarde Windows0x8000ffff
 
Error: (09/01/2015 07:05:37 PM) (Source: Avira Antivirus) (EventID: 4117) (User: AUTORITE NT)
Description: 0x0
 
Error: (09/01/2015 06:52:36 PM) (Source: Avira Antivirus) (EventID: 4117) (User: AUTORITE NT)
Description: 0x0
 
Error: (09/01/2015 06:19:29 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3012) (User: AUTORITE NT)
Description: Performance1637070000000000000000000009030000
 
Error: (09/01/2015 06:15:26 PM) (Source: Avira Antivirus) (EventID: 4117) (User: AUTORITE NT)
Description: 0x0
 
Error: (09/01/2015 03:15:12 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3012) (User: AUTORITE NT)
Description: Performance1637070000000000000000000009030000
 
Error: (09/01/2015 02:00:54 PM) (Source: RasClient) (EventID: 20227) (User: )
Description: {3950049B-EFE3-4D49-B23A-1962A6CDAF0D}SEBASTIEN-TOSH\SEBASTIENConnexion haut débit651
 
 
CodeIntegrity:
===================================
  Date: 2015-09-02 11:04:53.213
  Description: Windows ne peut pas vérifier l’intégrité du fichier \Device\HarddiskVolume2\$Windows.~BT\Updates\Critical\8e08ca47-f6ba-409d-82de-698e324c0004\x86_microsoft-windows-errorreportingfaults_31bf3856ad364e35_10.0.10074.1_none_96f694b33cfd42bf\werfault.exe car le certificat de signature a été révoqué. Vérifiez auprès de l’éditeur si une nouvelle version signée du module noyau est disponible.
 
  Date: 2015-09-02 11:04:53.208
  Description: Windows ne peut pas vérifier l’intégrité du fichier \Device\HarddiskVolume2\$Windows.~BT\Updates\Critical\8e08ca47-f6ba-409d-82de-698e324c0004\x86_microsoft-windows-errorreportingfaults_31bf3856ad364e35_10.0.10074.1_none_96f694b33cfd42bf\werfault.exe car le certificat de signature a été révoqué. Vérifiez auprès de l’éditeur si une nouvelle version signée du module noyau est disponible.
 
  Date: 2015-09-02 11:04:53.203
  Description: Windows ne peut pas vérifier l’intégrité du fichier \Device\HarddiskVolume2\$Windows.~BT\Updates\Critical\8e08ca47-f6ba-409d-82de-698e324c0004\x86_microsoft-windows-errorreportingfaults_31bf3856ad364e35_10.0.10074.1_none_96f694b33cfd42bf\werfault.exe car le certificat de signature a été révoqué. Vérifiez auprès de l’éditeur si une nouvelle version signée du module noyau est disponible.
 
  Date: 2015-09-02 11:04:53.197
  Description: Windows ne peut pas vérifier l’intégrité du fichier \Device\HarddiskVolume2\$Windows.~BT\Updates\Critical\8e08ca47-f6ba-409d-82de-698e324c0004\x86_microsoft-windows-errorreportingfaults_31bf3856ad364e35_10.0.10074.1_none_96f694b33cfd42bf\werfault.exe car le certificat de signature a été révoqué. Vérifiez auprès de l’éditeur si une nouvelle version signée du module noyau est disponible.
 
  Date: 2015-09-02 11:04:52.886
  Description: Windows ne peut pas vérifier l’intégrité du fichier \Device\HarddiskVolume2\$Windows.~BT\Updates\Critical\8e08ca47-f6ba-409d-82de-698e324c0004\x86_microsoft-windows-errorreportingcore_31bf3856ad364e35_10.0.10074.1_none_47662a2706182d6f\wermgr.exe car le certificat de signature a été révoqué. Vérifiez auprès de l’éditeur si une nouvelle version signée du module noyau est disponible.
 
  Date: 2015-09-02 11:04:52.882
  Description: Windows ne peut pas vérifier l’intégrité du fichier \Device\HarddiskVolume2\$Windows.~BT\Updates\Critical\8e08ca47-f6ba-409d-82de-698e324c0004\x86_microsoft-windows-errorreportingcore_31bf3856ad364e35_10.0.10074.1_none_47662a2706182d6f\wermgr.exe car le certificat de signature a été révoqué. Vérifiez auprès de l’éditeur si une nouvelle version signée du module noyau est disponible.
 
  Date: 2015-09-02 11:04:52.877
  Description: Windows ne peut pas vérifier l’intégrité du fichier \Device\HarddiskVolume2\$Windows.~BT\Updates\Critical\8e08ca47-f6ba-409d-82de-698e324c0004\x86_microsoft-windows-errorreportingcore_31bf3856ad364e35_10.0.10074.1_none_47662a2706182d6f\wermgr.exe car le certificat de signature a été révoqué. Vérifiez auprès de l’éditeur si une nouvelle version signée du module noyau est disponible.
 
  Date: 2015-09-02 11:04:52.872
  Description: Windows ne peut pas vérifier l’intégrité du fichier \Device\HarddiskVolume2\$Windows.~BT\Updates\Critical\8e08ca47-f6ba-409d-82de-698e324c0004\x86_microsoft-windows-errorreportingcore_31bf3856ad364e35_10.0.10074.1_none_47662a2706182d6f\wermgr.exe car le certificat de signature a été révoqué. Vérifiez auprès de l’éditeur si une nouvelle version signée du module noyau est disponible.
 
  Date: 2015-09-02 11:04:52.032
  Description: Windows ne peut pas vérifier l’intégrité du fichier \Device\HarddiskVolume2\$Windows.~BT\Updates\Critical\8e08ca47-f6ba-409d-82de-698e324c0004\amd64_microsoft-windows-errorreportingfaults_31bf3856ad364e35_10.0.10074.1_none_f3153036f55ab3f5\werfault.exe car le certificat de signature a été révoqué. Vérifiez auprès de l’éditeur si une nouvelle version signée du module noyau est disponible.
 
  Date: 2015-09-02 11:04:52.027
  Description: Windows ne peut pas vérifier l’intégrité du fichier \Device\HarddiskVolume2\$Windows.~BT\Updates\Critical\8e08ca47-f6ba-409d-82de-698e324c0004\amd64_microsoft-windows-errorreportingfaults_31bf3856ad364e35_10.0.10074.1_none_f3153036f55ab3f5\werfault.exe car le certificat de signature a été révoqué. Vérifiez auprès de l’éditeur si une nouvelle version signée du module noyau est disponible.
 
 
==================== Infos Mémoire =========================== 
 
Processeur: Intel® Core™ i5-2410M CPU @ 2.30GHz
Pourcentage de mémoire utilisée: 65%
Mémoire physique - RAM - totale: 4077.86 MB
Mémoire physique - RAM - disponible: 1405.93 MB
Mémoire virtuelle totale: 8153.92 MB
Mémoire virtuelle disponible: 5110.05 MB
 
==================== Lecteurs ================================
 
Drive c: (WINDOWS) (Fixed) (Total:348.61 GB) (Free:251.34 GB) NTFS
Drive d: (Data) (Fixed) (Total:349.64 GB) (Free:120.49 GB) NTFS
 
==================== MBR & Table des partitions ==================
 
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 698.6 GB) (Disk ID: 7322675B)
Partition 1: (Active) - (Size=399 MB) - (Type=27)
Partition 2: (Not Active) - (Size=348.6 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=349.6 GB) - (Type=07 NTFS)
 
==================== Fin de Addition.txt ============================

 



#4 LiHo

LiHo
  • Topic Starter

  • Members
  • 7 posts
  • OFFLINE
  •  
  • Local time:05:25 AM

Posted 03 September 2015 - 06:36 AM

TDSSkiller log

Attached Files


Edited by LiHo, 03 September 2015 - 06:36 AM.


#5 Machiavelli

Machiavelli

    Agent 007


  • Malware Response Instructor
  • 3,897 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Germany
  • Local time:10:25 PM

Posted 03 September 2015 - 09:19 AM

Hey, :)

 

STEP 1
GfiJrQ9.png Malwarebytes Anti-Malware (MBAM)

  • Open Malwarebytes Anti-Malware and click Update Now.
  • Once updated, click the Settings tab, followed by Detection and Protection and tick Scan for rootkits.
  • Click the Scan tab, ensure Threat Scan is selected and click Start Scan.
  • Note: You may see the following message, "Could not load DDA driver". Click Yes, allow your PC to reboot and continue afterwards. 
  • If threats are detected, click Remove Selected. If you are prompted to reboot, click Yes.
  • Upon completion of the scan (or after the reboot), click the History tab.
  • Click Application Logs and double-click the Scan Log.
  • Click Copy to Clipboard and paste the log in your next reply. 
  •  

STEP 2
E3feWj5.png Junkware Removal Tool (JRT)

  • Please download Junkware Removal Tool and save the file to your Desktop.
  • Temporarily disable your anti-virus software. For instructions, please refer to the following link.
  • Right-Click JRT.exe and select AVOiBNU.jpg Run as administrator to run the programme.
  • Follow the prompts and allow the scan to run uninterrupted. 
  • Upon completion, a log (JRT.txt) will open on your desktop.
  • Re-enable your anti-virus software.
  • Copy the contents of JRT.txt and paste in your next reply.
     

STEP 3

BY4dvz9.png AdwCleaner

  • Please download AdwCleaner and save the file to your Desktop.
  • Right-Click AdwCleaner.exe and select AVOiBNU.jpg Run as administrator to run the programme.
  • Follow the prompts. 
  • Click Scan
  • Upon completion, click Logfile. A log (AdwCleaner[S1].txt) will open. Briefly check the log for anything you know to be legitimate. 
  • Ensure anything you know to be legitimate does not have a checkmark under the corresponding tab, and click Cleaning
  • Follow the prompts and allow your computer to reboot
  • After the reboot, a log (AdwCleaner[C1].txt) will open. Copy the contents of the log and paste in your next reply.

-- File and folder backups are made for items removed using this tool. Should a legitimate file or folder be removed (otherwise known as a 'false-positive'), simple steps can be taken to restore the item. Please do not overly concern yourself with the contents of AdwCleaner[S1].txt.


~Machiavelli

If I don't reply within 24 hours please PM me!

  • Every topic with no replies within 5 days will be closed.
  • If you like my help here please give me feedback.

unite_blue.png
 
 


#6 LiHo

LiHo
  • Topic Starter

  • Members
  • 7 posts
  • OFFLINE
  •  
  • Local time:05:25 AM

Posted 03 September 2015 - 10:31 AM

MBAM

 

Malwarebytes Anti-Malware

www.malwarebytes.org
 
Date de l'analyse: 03/09/2015
Heure de l'analyse: 16:32
Fichier journal: MBAM.txt
Administrateur: Oui
 
Version: 2.1.8.1057
Base de données de programmes malveillants: v2015.09.03.05
Base de données de rootkits: v2015.08.16.01
Licence: Essai
Protection contre les programmes malveillants: Activé
Protection contre les sites Web malveillants: Activé
Autoprotection: Désactivé
 
Système d'exploitation: Windows 7 Service Pack 1
Processeur: x64
Système de fichiers: NTFS
Utilisateur: SEBASTIEN
 
Type d'analyse: Analyse des menaces
Résultat: Terminé
Objets analysés: 404243
Temps écoulé: 27 min, 0 s
 
Mémoire: Activé
Démarrage: Activé
Système de fichiers: Activé
Archives: Activé
Rootkits: Activé
Heuristique: Activé
PUP: Activé
PUM: Activé
 
Processus: 0
(Aucun élément malveillant détecté)
 
Modules: 0
(Aucun élément malveillant détecté)
 
Clés du registre: 0
(Aucun élément malveillant détecté)
 
Valeurs du registre: 0
(Aucun élément malveillant détecté)
 
Données du registre: 0
(Aucun élément malveillant détecté)
 
Dossiers: 0
(Aucun élément malveillant détecté)
 
Fichiers: 0
(Aucun élément malveillant détecté)
 
Secteurs physiques: 0
(Aucun élément malveillant détecté)
 
 
(end)

 

JRT

 

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Junkware Removal Tool (JRT) by Malwarebytes
Version: 7.6.0 (08.31.2015:1)
OS: Windows 7 Home Premium x64
Ran by SEBASTIEN on 03/09/2015 at 17:09:38,08
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 
 
 
 
~~~ Services
 
 
 
~~~ Tasks
 
 
 
~~~ Registry Values
 
 
 
~~~ Registry Keys
 
 
 
~~~ Files
 
 
 
~~~ Folders
 
Successfully deleted: [Empty Folder] C:\Users\SEBASTIEN\Appdata\Local\{1173F694-CB52-46F9-A1BC-4D6727E5B3B0}
Successfully deleted: [Empty Folder] C:\Users\SEBASTIEN\Appdata\Local\{B13C50F3-6426-4AB7-BA82-F5C734F4F4F4}
Successfully deleted: [Empty Folder] C:\Users\SEBASTIEN\Appdata\Local\{D4DEE271-D976-408B-9C50-1F60F08CDA5A}
Successfully deleted: [Folder] C:\Users\SEBASTIEN\AppData\Roaming\alawarentertainment
 
 
 
~~~ Chrome
 
 
[C:\Users\SEBASTIEN\Appdata\Local\Google\Chrome\User Data\Default\Preferences] - default search provider reset
 
[C:\Users\SEBASTIEN\Appdata\Local\Google\Chrome\User Data\Default\Preferences] - Extensions Deleted:
 
[C:\Users\SEBASTIEN\Appdata\Local\Google\Chrome\User Data\Default\Secure Preferences] - default search provider reset
 
[C:\Users\SEBASTIEN\Appdata\Local\Google\Chrome\User Data\Default\Secure Preferences] - Extensions Deleted:
[]
 
 
 
 
 
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 03/09/2015 at 17:12:41,65
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 

 

Adwcleaner

 

# AdwCleaner v5.005 - Rapport créé le 03/09/2015 à 17:23:43

# Mis à jour le 31/08/2015 par Xplode
# Base de données : 2015-08-31.2 [Serveur]
# Système d'exploitation : Windows 7 Home Premium Service Pack 1 (x64)
# Nom d'utilisateur : SEBASTIEN - SEBASTIEN-TOSH
# Exécuté depuis : C:\Users\SEBASTIEN\Desktop\AdwCleaner.exe
# Option : Nettoyer
 
***** [ Services ] *****
 
 
***** [ Dossiers ] *****
 
 
***** [ Fichiers ] *****
 
 
***** [ Raccourcis ] *****
 
 
***** [ Tâches planifiées ] *****
 
 
***** [ Registre ] *****
 
 
***** [ Navigateurs ] *****
 
 
*************************
 
:: Paramètres Winsock réinitialisés
 
########## EOF - C:\AdwCleaner\AdwCleaner[C1].txt - [680 octets] ##########
 

 



#7 Machiavelli

Machiavelli

    Agent 007


  • Malware Response Instructor
  • 3,897 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Germany
  • Local time:10:25 PM

Posted 03 September 2015 - 12:14 PM

Well done. :)
  • Run FRST. (if you have Windows Vista / Windows 7 / Windows 8: Please do a Right click on the FRST icon and select Run as Administrator)
  • Click Scan to start FRST.
  • When FRST finishes scanning, a log, FRST.txt, will open.
  • Copy (Ctrl+C) and Paste (Ctrl+V) the contents of this log into your next post please.

~Machiavelli

If I don't reply within 24 hours please PM me!

  • Every topic with no replies within 5 days will be closed.
  • If you like my help here please give me feedback.

unite_blue.png
 
 


#8 LiHo

LiHo
  • Topic Starter

  • Members
  • 7 posts
  • OFFLINE
  •  
  • Local time:05:25 AM

Posted 03 September 2015 - 12:27 PM

FRST.txt

 

Résultats d'analyse de  Farbar Recovery Scan Tool (FRST) (x64) Version:31-08-2015

Exécuté par SEBASTIEN (administrateur) sur SEBASTIEN-TOSH (03-09-2015 19:23:47)
Exécuté depuis C:\Users\SEBASTIEN\Desktop
Profils chargés: SEBASTIEN (Profils disponibles: SEBASTIEN & Invité)
Platform: Windows 7 Home Premium Service Pack 1 (X64) Langue: Français (France)
Internet Explorer Version 11 (Navigateur par défaut: Chrome)
Mode d'amorçage: Normal
 
==================== Processus (Avec liste blanche) =================
 
(Si un élément est inclus dans le fichier fixlist.txt, le processus sera arrêté. Le fichier ne sera pas déplacé.)
 
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(Intel® Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Intel® Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(TOSHIBA Corporation) C:\Windows\System32\TODDSrv.exe
(TOSHIBA Corporation) C:\Program Files\Toshiba\Power Saver\TosCoSrv.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(TOSHIBA Corporation) C:\Program Files\Toshiba\TECO\TecoService.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
(TOSHIBA Corporation) C:\Program Files\Toshiba\BulletinBoard\TosNcCore.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(TOSHIBA Corporation) C:\Program Files\Toshiba\ReelTime\TosReelTimeMonitor.exe
(Toshiba Europe GmbH) C:\Program Files (x86)\Toshiba TEMPRO\TemproTray.exe
(TOSHIBA Corporation) C:\Program Files\Toshiba\Power Saver\TPwrMain.exe
(TOSHIBA Corporation) C:\Program Files\Toshiba\FlashCards\TCrdMain.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(TOSHIBA Corporation) C:\Program Files\Toshiba\TECO\Teco.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(TOSHIBA) C:\Program Files (x86)\TOSHIBA\TOSHIBA Online Product Information\TOPI.exe
(Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.Systray.exe
(TOSHIBA CORPORATION) C:\Program Files (x86)\TOSHIBA\ConfigFree\NDSTray.exe
(TOSHIBA CORPORATION) C:\Program Files (x86)\TOSHIBA\ConfigFree\CFSwMgr.exe
(TOSHIBA CORPORATION) C:\Program Files (x86)\TOSHIBA\ConfigFree\CFIWmxSvcs64.exe
(TOSHIBA CORPORATION) C:\Program Files (x86)\TOSHIBA\ConfigFree\CFSvcs.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
(Nero AG) C:\Program Files (x86)\Nero\Update\NASvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
(TOSHIBA Corporation) C:\Program Files\Toshiba\TOSHIBA HDD SSD Alert\TosSmartSrv.exe
(TOSHIBA Corporation) C:\Program Files\Toshiba\TPHM\TPCHSrv.exe
(TOSHIBA Corporation) C:\Program Files\Toshiba\TOSHIBA HDD SSD Alert\TosSENotify.exe
(TOSHIBA Corporation) C:\Program Files\Toshiba\TPHM\TPCHWMsg.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
 
 
==================== Registre (Avec liste blanche) ===========================
 
(Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé. Le fichier ne sera pas déplacé.)
 
HKLM\...\Run: [TosNC] => C:\Program Files\Toshiba\BulletinBoard\TosNcCore.exe [597928 2010-12-13] (TOSHIBA Corporation)
HKLM\...\Run: [TosReelTimeMonitor] => C:\Program Files\TOSHIBA\ReelTime\TosReelTimeMonitor.exe [38304 2010-12-14] (TOSHIBA Corporation)
HKLM\...\Run: [Toshiba TEMPRO] => C:\Program Files (x86)\Toshiba TEMPRO\TemproTray.exe [1546720 2011-02-10] (Toshiba Europe GmbH)
HKLM\...\Run: [TPwrMain] => C:\Program Files\TOSHIBA\Power Saver\TPwrMain.EXE [571304 2010-12-09] (TOSHIBA Corporation)
HKLM\...\Run: [HSON] => C:\Program Files\TOSHIBA\TBS\HSON.exe [296824 2010-09-25] (TOSHIBA Corporation)
HKLM\...\Run: [TCrdMain] => C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe [973176 2010-12-15] (TOSHIBA Corporation)
HKLM\...\Run: [SmartAudio] => C:\Program Files\CONEXANT\SAII\SAIICpl.exe [316032 2010-12-14] (Conexant systems, Inc.)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2679592 2011-02-03] (Synaptics Incorporated)
HKLM\...\Run: [Teco] => C:\Program Files\TOSHIBA\TECO\Teco.exe [1519016 2010-12-08] (TOSHIBA Corporation)
HKLM\...\Run: [TosSENotify] => C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosWaitSrv.exe [710040 2010-12-08] (TOSHIBA Corporation)
HKLM\...\Run: [TosWaitSrv] => C:\Program Files\TOSHIBA\TPHM\TosWaitSrv.exe [711576 2010-12-20] (TOSHIBA Corporation)
HKLM\...\Run: [TosVolRegulator] => C:\Program Files\TOSHIBA\TosVolRegulator\TosVolRegulator.exe [24376 2009-11-11] (TOSHIBA Corporation)
HKLM\...\Run: [Toshiba Registration] => C:\Program Files\Toshiba\Registration\ToshibaReminder.exe [150992 2011-03-03] (Toshiba Europe GmbH)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2464072 2014-11-06] (NVIDIA Corporation)
HKLM-x32\...\Run: [TSleepSrv] => C:\Program Files (x86)\TOSHIBA\TOSHIBA Sleep Utility\TSleepSrv.exe [252792 2010-06-04] (TOSHIBA)
HKLM-x32\...\Run: [TWebCamera] => C:\Program Files (x86)\TOSHIBA\TOSHIBA Web Camera Application\TWebCamera.exe [2475384 2011-01-16] (TOSHIBA CORPORATION.)
HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [782008 2015-09-01] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [Avira Systray] => C:\Program Files (x86)\Avira\Launcher\Avira.Systray.exe [134368 2015-07-02] (Avira Operations GmbH & Co. KG)
HKU\S-1-5-19\...\Run: [TOPI.EXE] => C:\Program Files (x86)\TOSHIBA\TOSHIBA Online Product Information\topi.exe [845176 2011-02-18] (TOSHIBA)
HKU\S-1-5-20\...\Run: [TOPI.EXE] => C:\Program Files (x86)\TOSHIBA\TOSHIBA Online Product Information\topi.exe [845176 2011-02-18] (TOSHIBA)
HKU\S-1-5-21-1714738709-1909791266-908670872-1000\...\Run: [TOPI.EXE] => C:\Program Files (x86)\TOSHIBA\TOSHIBA Online Product Information\topi.exe [845176 2011-02-18] (TOSHIBA)
HKU\S-1-5-18\...\Run: [TOPI.EXE] => C:\Program Files (x86)\TOSHIBA\TOSHIBA Online Product Information\topi.exe [845176 2011-02-18] (TOSHIBA)
HKU\S-1-5-18\...\RunOnce: [SPReview] => C:\Windows\System32\SPReview\SPReview.exe [301568 2014-11-25] (Microsoft Corporation)
Startup: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\TRDCReminder.lnk [2011-03-03]
ShortcutTarget: TRDCReminder.lnk -> C:\Program Files (x86)\TOSHIBA\TRDCReminder\TRDCReminder.exe (TOSHIBA Europe)
Startup: C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\TRDCReminder.lnk [2011-03-03]
ShortcutTarget: TRDCReminder.lnk -> C:\Program Files (x86)\TOSHIBA\TRDCReminder\TRDCReminder.exe (TOSHIBA Europe)
Startup: C:\Users\Invité\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\TRDCReminder.lnk [2013-04-08]
ShortcutTarget: TRDCReminder.lnk -> C:\Program Files (x86)\TOSHIBA\TRDCReminder\TRDCReminder.exe (TOSHIBA Europe)
 
==================== Internet (Avec liste blanche) ====================
 
(Si un élément est inclus dans le fichier fixlist.txt, s'il s'agit d'un élément du Registre, il sera supprimé ou restauré à la valeur par défaut.)
 
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{60E67FE4-43BC-442E-86EE-26F37292F586}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{68286DD8-2390-4CC7-89AA-0E467F732497}: [DhcpNameServer] 192.168.1.1
 
Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKLM -> {2101A788-24B3-4828-BFD7-38784E93DDF8} URL = hxxp://www.bing.com/search?q={searchTerms}&form=TSHMDF&pc=MATM&src=IE-SearchBox
SearchScopes: HKLM -> {DC91FAFB-6CEA-49E5-BB74-9CEE75D09B77} URL = 
SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKLM-x32 -> {1CC1A282-72B8-48FF-8512-A53A8B3B53F2} URL = hxxp://www.bing.com/search?q={searchTerms}&form=TSHMDF&pc=MATM&src=IE-SearchBox
SearchScopes: HKU\S-1-5-21-1714738709-1909791266-908670872-1000 -> DefaultScope {1CC1A282-72B8-48FF-8512-A53A8B3B53F2} URL = hxxp://www.bing.com/search?FORM=SKY2DF&PC=SKY2&q={searchTerms}&src=IE-SearchBox
SearchScopes: HKU\S-1-5-21-1714738709-1909791266-908670872-1000 -> {1CC1A282-72B8-48FF-8512-A53A8B3B53F2} URL = hxxp://www.bing.com/search?FORM=SKY2DF&PC=SKY2&q={searchTerms}&src=IE-SearchBox
SearchScopes: HKU\S-1-5-21-1714738709-1909791266-908670872-1000 -> {2101A788-24B3-4828-BFD7-38784E93DDF8} URL = 
SearchScopes: HKU\S-1-5-21-1714738709-1909791266-908670872-1000 -> {3359BB5C-6DE9-4434-ACCF-8CAFD5A30101} URL = hxxp://rover.ebay.com/rover/1/709-44555-9400-8/4?satitle={searchTerms}
SearchScopes: HKU\S-1-5-21-1714738709-1909791266-908670872-1000 -> {DC91FAFB-6CEA-49E5-BB74-9CEE75D09B77} URL = hxxp://www.bing.com/search?q={searchTerms}&form=TSHMDF&pc=MATM&src=IE-SearchBox
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21] (Microsoft Corp.)
BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21] (Microsoft Corp.)
BHO-x32: Windows Live Messenger Companion Helper -> {9FDDE16B-836F-4806-AB1F-1455CBEFF289} -> C:\Program Files (x86)\Windows Live\Companion\companioncore.dll [2010-11-10] (Microsoft Corporation)
BHO-x32: Skype Plug-In -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll [2010-09-27] (Skype Technologies S.A.)
Handler-x32: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll [2010-09-27] (Skype Technologies S.A.)
 
FireFox:
========
FF Plugin: @microsoft.com/GENUINE -> disabled [Pas de fichier]
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] ( Microsoft Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.25.2 -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\dtplugin\npDeployJava1.dll [2014-11-18] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.25.2 -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\plugin2\npjp2.dll [2014-11-18] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [Pas de fichier]
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2010-11-10] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2010-11-10] (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2014-11-12] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2014-11-12] (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.28.13\npGoogleUpdate3.dll [2015-09-01] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.28.13\npGoogleUpdate3.dll [2015-09-01] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll [2014-12-03] (Adobe Systems Inc.)
 
Chrome: 
=======
CHR StartupUrls: Default -> "hxxp://www.google.fr/"
CHR Profile: C:\Users\SEBASTIEN\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Slides) - C:\Users\SEBASTIEN\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2014-11-18]
CHR Extension: (Google Docs) - C:\Users\SEBASTIEN\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-11-18]
CHR Extension: (Google Drive) - C:\Users\SEBASTIEN\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-11-18]
CHR Extension: (YouTube) - C:\Users\SEBASTIEN\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-11-18]
CHR Extension: (Google Search) - C:\Users\SEBASTIEN\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-11-18]
CHR Extension: (Google Sheets) - C:\Users\SEBASTIEN\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2014-11-18]
CHR Extension: (Avira Browser Safety) - C:\Users\SEBASTIEN\AppData\Local\Google\Chrome\User Data\Default\Extensions\flliilndjeohchalpbbcdekjklbdgfkk [2014-11-18]
CHR Extension: (Google Docs Offline) - C:\Users\SEBASTIEN\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2015-09-02]
CHR Extension: (AdBlock) - C:\Users\SEBASTIEN\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2014-11-18]
CHR Extension: (Chrome Hotword Shared Module) - C:\Users\SEBASTIEN\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-03-16]
CHR Extension: (Chrome Web Store Payments) - C:\Users\SEBASTIEN\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-11-18]
CHR Extension: (Gmail) - C:\Users\SEBASTIEN\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-11-18]
CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - https://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - https://clients2.google.com/service/update2/crx
 
==================== Services (Avec liste blanche) ========================
 
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
 
S2 AntiVirMailService; C:\Program Files (x86)\Avira\AntiVir Desktop\avmailc7.exe [887128 2015-09-01] (Avira Operations GmbH & Co. KG)
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [461672 2015-09-01] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [461672 2015-09-01] (Avira Operations GmbH & Co. KG)
S2 AntiVirWebService; C:\Program Files (x86)\Avira\AntiVir Desktop\avwebg7.exe [1213072 2015-09-01] (Avira Operations GmbH & Co. KG)
R2 Avira.ServiceHost; C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe [218816 2015-07-02] (Avira Operations GmbH & Co. KG)
R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1148744 2014-11-06] (NVIDIA Corporation)
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe [69632 2005-11-14] (Macrovision Corporation) [Fichier non signé]
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1871160 2015-06-18] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1133880 2015-06-18] (Malwarebytes Corporation)
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [265936 2014-06-18] ()
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1795912 2014-11-06] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [19819848 2014-11-06] (NVIDIA Corporation)
S3 TemproMonitoringService; C:\Program Files (x86)\Toshiba TEMPRO\TemproSvc.exe [112080 2011-02-10] (Toshiba Europe GmbH)
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
R2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [3816656 2014-06-18] (Intel® Corporation)
 
===================== Pilotes (Avec liste blanche) ==========================
 
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
 
R2 atksgt; C:\Windows\System32\DRIVERS\atksgt.sys [314016 2012-08-04] ()
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [162528 2015-09-01] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [141416 2015-09-01] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2014-09-25] (Avira Operations GmbH & Co. KG)
R2 avnetflt; C:\Windows\System32\DRIVERS\avnetflt.sys [44088 2015-03-10] (Avira Operations GmbH & Co. KG)
S3 ebdrv; C:\Windows\system32\DRIVERS\evbda.sys [3286016 2009-06-10] (Broadcom Corporation)
R2 lirsgt; C:\Windows\System32\DRIVERS\lirsgt.sys [43680 2012-08-04] ()
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2015-06-18] (Malwarebytes Corporation)
R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [113880 2015-09-03] (Malwarebytes Corporation)
R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2015-06-18] (Malwarebytes Corporation)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [19784 2014-11-06] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [38216 2014-10-03] (NVIDIA Corporation)
S3 RSUSBSTOR; pas de ImagePath
S3 RSUSBVSTOR; pas de ImagePath
S3 RTL8192Ce; pas de ImagePath
R3 RTWlanE; C:\Windows\System32\DRIVERS\rtwlane.sys [1514568 2013-05-02] (Realtek Semiconductor Corporation                           )
R0 sfdrv01a; C:\Windows\System32\drivers\sfdrv01a.sys [77432 2009-02-03] (Protection Technology (StarForce))
S0 sfsync02; C:\Windows\System32\drivers\sfsync02.sys [22936 2006-07-10] (Protection Technology)
R0 sfvfs02; C:\Windows\System32\drivers\sfvfs02.sys [107384 2007-02-08] (Protection Technology (StarForce))
 
==================== NetSvcs (Avec liste blanche) ===================
 
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
 
 
==================== Un mois - Créés - fichiers et dossiers ========
 
(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)
 
2015-09-03 19:23 - 2015-09-03 19:24 - 00021459 _____ C:\Users\SEBASTIEN\Desktop\FRST.txt
2015-09-03 19:22 - 2015-09-03 19:23 - 02188800 _____ (Farbar) C:\Users\SEBASTIEN\Desktop\FRST64.exe
2015-09-03 13:13 - 2015-09-03 19:23 - 00000000 ____D C:\FRST
2015-09-03 13:10 - 2015-08-11 03:20 - 25191936 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-09-03 13:10 - 2015-08-11 03:14 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2015-09-03 13:10 - 2015-08-11 02:33 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2015-09-03 13:10 - 2015-08-11 02:20 - 19871232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2015-09-02 14:00 - 2015-09-02 14:00 - 00000000 _____ C:\autoexec.bat
2015-09-01 18:58 - 2015-09-01 18:58 - 00000000 ____D C:\Users\SEBASTIEN\AppData\Roaming\Intel
2015-09-01 18:58 - 2015-07-28 22:09 - 00017344 _____ (Microsoft Corporation) C:\Windows\system32\CompatTelRunner.exe
2015-09-01 18:58 - 2015-07-28 22:05 - 01116672 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2015-09-01 18:58 - 2015-07-28 22:05 - 00774656 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2015-09-01 18:58 - 2015-07-28 22:05 - 00743424 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2015-09-01 18:58 - 2015-07-28 22:05 - 00437760 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2015-09-01 18:58 - 2015-07-28 22:05 - 00227328 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2015-09-01 18:58 - 2015-07-28 22:05 - 00069120 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2015-09-01 18:58 - 2015-07-28 21:55 - 01148416 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2015-09-01 18:57 - 2015-09-01 18:57 - 00000000 ____D C:\ProgramData\Intel
2015-09-01 18:57 - 2015-09-01 18:57 - 00000000 ____D C:\Program Files\Common Files\Intel
2015-09-01 18:56 - 2015-09-01 18:57 - 00000000 ____D C:\Program Files\Intel
2015-09-01 18:56 - 2015-07-15 19:59 - 03989952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2015-09-01 18:56 - 2015-07-15 19:59 - 03934656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2015-09-01 18:56 - 2015-07-15 19:56 - 01311768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2015-09-01 18:56 - 2015-07-15 19:55 - 00248832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2015-09-01 18:56 - 2015-07-15 19:55 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2015-09-01 18:56 - 2015-07-15 19:55 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2015-09-01 18:56 - 2015-07-15 19:55 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2015-09-01 18:56 - 2015-07-15 19:55 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2015-09-01 18:56 - 2015-07-15 19:54 - 00552960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2015-09-01 18:56 - 2015-07-15 19:54 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2015-09-01 18:56 - 2015-07-15 19:54 - 00221184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2015-09-01 18:56 - 2015-07-15 19:54 - 00036864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptbase.dll
2015-09-01 18:56 - 2015-07-15 19:54 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2015-09-01 18:56 - 2015-07-15 19:54 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2015-09-01 18:56 - 2015-07-15 19:54 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2015-09-01 18:56 - 2015-07-15 19:53 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2015-09-01 18:56 - 2015-07-15 19:53 - 00665088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2015-09-01 18:56 - 2015-07-15 19:53 - 00274944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2015-09-01 18:56 - 2015-07-15 19:53 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2015-09-01 18:56 - 2015-07-15 19:53 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2015-09-01 18:56 - 2015-07-15 19:53 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2015-09-01 18:56 - 2015-07-15 19:49 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2015-09-01 18:56 - 2015-07-15 19:48 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2015-09-01 18:56 - 2015-07-15 19:44 - 00686080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2015-09-01 18:56 - 2015-07-15 19:44 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2015-09-01 18:56 - 2015-07-15 19:44 - 00005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2015-09-01 18:56 - 2015-07-15 19:44 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2015-09-01 18:56 - 2015-07-15 19:44 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2015-09-01 18:56 - 2015-07-15 19:44 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2015-09-01 18:56 - 2015-07-15 19:44 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2015-09-01 18:56 - 2015-07-15 19:44 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2015-09-01 18:56 - 2015-07-15 19:44 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2015-09-01 18:56 - 2015-07-15 19:44 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2015-09-01 18:56 - 2015-07-15 19:44 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2015-09-01 18:56 - 2015-07-15 19:44 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2015-09-01 18:56 - 2015-07-15 19:44 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2015-09-01 18:56 - 2015-07-15 19:44 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2015-09-01 18:56 - 2015-07-15 19:44 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2015-09-01 18:56 - 2015-07-15 19:44 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2015-09-01 18:56 - 2015-07-15 19:44 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-09-01 18:56 - 2015-07-15 19:44 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2015-09-01 18:56 - 2015-07-15 19:44 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2015-09-01 18:56 - 2015-07-15 19:44 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2015-09-01 18:56 - 2015-07-15 19:44 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2015-09-01 18:56 - 2015-07-15 19:44 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2015-09-01 18:56 - 2015-07-15 19:44 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2015-09-01 18:56 - 2015-07-15 19:44 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2015-09-01 18:56 - 2015-07-15 19:44 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2015-09-01 18:56 - 2015-07-15 19:44 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2015-09-01 18:56 - 2015-07-15 18:37 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2015-09-01 18:56 - 2015-07-15 18:37 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2015-09-01 18:56 - 2015-07-15 18:34 - 00006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2015-09-01 18:56 - 2015-07-15 18:34 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2015-09-01 18:56 - 2015-07-15 18:34 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2015-09-01 18:56 - 2015-07-15 18:34 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2015-09-01 18:55 - 2015-07-15 20:15 - 05568960 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-09-01 18:55 - 2015-07-15 20:15 - 00155584 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2015-09-01 18:55 - 2015-07-15 20:15 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2015-09-01 18:55 - 2015-07-15 20:15 - 00094656 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mountmgr.sys
2015-09-01 18:55 - 2015-07-15 20:12 - 01730496 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2015-09-01 18:55 - 2015-07-15 20:11 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2015-09-01 18:55 - 2015-07-15 20:11 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2015-09-01 18:55 - 2015-07-15 20:11 - 00215040 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2015-09-01 18:55 - 2015-07-15 20:11 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2015-09-01 18:55 - 2015-07-15 20:11 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2015-09-01 18:55 - 2015-07-15 20:10 - 01743360 _____ (Microsoft Corporation) C:\Windows\system32\sysmain.dll
2015-09-01 18:55 - 2015-07-15 20:10 - 01461760 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2015-09-01 18:55 - 2015-07-15 20:10 - 01216512 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2015-09-01 18:55 - 2015-07-15 20:10 - 01163264 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2015-09-01 18:55 - 2015-07-15 20:10 - 00729088 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2015-09-01 18:55 - 2015-07-15 20:10 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2015-09-01 18:55 - 2015-07-15 20:10 - 00424960 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2015-09-01 18:55 - 2015-07-15 20:10 - 00342016 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2015-09-01 18:55 - 2015-07-15 20:10 - 00315392 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2015-09-01 18:55 - 2015-07-15 20:10 - 00309760 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2015-09-01 18:55 - 2015-07-15 20:10 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2015-09-01 18:55 - 2015-07-15 20:10 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2015-09-01 18:55 - 2015-07-15 20:10 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2015-09-01 18:55 - 2015-07-15 20:10 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2015-09-01 18:55 - 2015-07-15 20:10 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2015-09-01 18:55 - 2015-07-15 20:10 - 00044032 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll
2015-09-01 18:55 - 2015-07-15 20:10 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2015-09-01 18:55 - 2015-07-15 20:10 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2015-09-01 18:55 - 2015-07-15 20:10 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2015-09-01 18:55 - 2015-07-15 20:10 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2015-09-01 18:55 - 2015-07-15 20:10 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2015-09-01 18:55 - 2015-07-15 20:10 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2015-09-01 18:55 - 2015-07-15 20:10 - 00011264 _____ (Microsoft Corporation) C:\Windows\system32\msmmsp.dll
2015-09-01 18:55 - 2015-07-15 20:09 - 00338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2015-09-01 18:55 - 2015-07-15 20:09 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2015-09-01 18:55 - 2015-07-15 20:05 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2015-09-01 18:55 - 2015-07-15 20:05 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2015-09-01 18:55 - 2015-07-15 20:00 - 00686080 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2015-09-01 18:55 - 2015-07-15 20:00 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2015-09-01 18:55 - 2015-07-15 20:00 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2015-09-01 18:55 - 2015-07-15 20:00 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2015-09-01 18:55 - 2015-07-15 20:00 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2015-09-01 18:55 - 2015-07-15 20:00 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2015-09-01 18:55 - 2015-07-15 20:00 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2015-09-01 18:55 - 2015-07-15 20:00 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2015-09-01 18:55 - 2015-07-15 20:00 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2015-09-01 18:55 - 2015-07-15 20:00 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2015-09-01 18:55 - 2015-07-15 20:00 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-09-01 18:55 - 2015-07-15 20:00 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2015-09-01 18:55 - 2015-07-15 20:00 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2015-09-01 18:55 - 2015-07-15 20:00 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2015-09-01 18:55 - 2015-07-15 20:00 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2015-09-01 18:55 - 2015-07-15 20:00 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2015-09-01 18:55 - 2015-07-15 20:00 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2015-09-01 18:55 - 2015-07-15 20:00 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2015-09-01 18:55 - 2015-07-15 20:00 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2015-09-01 18:55 - 2015-07-15 20:00 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2015-09-01 18:55 - 2015-07-15 20:00 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2015-09-01 18:55 - 2015-07-15 20:00 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2015-09-01 18:55 - 2015-07-15 20:00 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2015-09-01 18:55 - 2015-07-15 20:00 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2015-09-01 18:55 - 2015-07-15 20:00 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2015-09-01 18:55 - 2015-07-15 20:00 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2015-09-01 18:55 - 2015-07-15 20:00 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2015-09-01 18:55 - 2015-07-15 20:00 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2015-09-01 18:55 - 2015-07-15 20:00 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2015-09-01 18:55 - 2015-07-15 20:00 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2015-09-01 18:55 - 2015-07-15 18:46 - 00290816 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2015-09-01 18:55 - 2015-07-15 18:46 - 00159232 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2015-09-01 18:55 - 2015-07-15 18:46 - 00129024 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2015-09-01 18:49 - 2015-07-10 19:51 - 03722752 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll
2015-09-01 18:49 - 2015-07-10 19:51 - 00158720 _____ (Microsoft Corporation) C:\Windows\system32\aaclient.dll
2015-09-01 18:49 - 2015-07-10 19:51 - 00044032 _____ (Microsoft Corporation) C:\Windows\system32\tsgqec.dll
2015-09-01 18:49 - 2015-07-10 19:34 - 03221504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll
2015-09-01 18:49 - 2015-07-10 19:34 - 00036864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tsgqec.dll
2015-09-01 18:49 - 2015-07-10 19:33 - 00131584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\aaclient.dll
2015-09-01 18:46 - 2015-07-15 05:19 - 00052736 _____ (Microsoft Corporation) C:\Windows\system32\basesrv.dll
2015-09-01 18:45 - 2015-07-21 02:39 - 00389840 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2015-09-01 18:45 - 2015-07-21 02:12 - 00342736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2015-09-01 18:45 - 2015-07-16 22:54 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2015-09-01 18:45 - 2015-07-16 22:37 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2015-09-01 18:45 - 2015-07-16 22:36 - 00584192 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-09-01 18:45 - 2015-07-16 22:36 - 00417792 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2015-09-01 18:45 - 2015-07-16 22:36 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2015-09-01 18:45 - 2015-07-16 22:35 - 02885632 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-09-01 18:45 - 2015-07-16 22:35 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2015-09-01 18:45 - 2015-07-16 22:27 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2015-09-01 18:45 - 2015-07-16 22:26 - 05923328 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-09-01 18:45 - 2015-07-16 22:26 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2015-09-01 18:45 - 2015-07-16 22:23 - 00615936 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2015-09-01 18:45 - 2015-07-16 22:21 - 00816640 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2015-09-01 18:45 - 2015-07-16 22:21 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2015-09-01 18:45 - 2015-07-16 22:21 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2015-09-01 18:45 - 2015-07-16 22:21 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2015-09-01 18:45 - 2015-07-16 22:12 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2015-09-01 18:45 - 2015-07-16 22:08 - 00490496 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2015-09-01 18:45 - 2015-07-16 22:00 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2015-09-01 18:45 - 2015-07-16 21:55 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2015-09-01 18:45 - 2015-07-16 21:54 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-09-01 18:45 - 2015-07-16 21:51 - 00504320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2015-09-01 18:45 - 2015-07-16 21:51 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-09-01 18:45 - 2015-07-16 21:51 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2015-09-01 18:45 - 2015-07-16 21:50 - 00341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2015-09-01 18:45 - 2015-07-16 21:50 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2015-09-01 18:45 - 2015-07-16 21:49 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2015-09-01 18:45 - 2015-07-16 21:45 - 02279424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2015-09-01 18:45 - 2015-07-16 21:43 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2015-09-01 18:45 - 2015-07-16 21:43 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2015-09-01 18:45 - 2015-07-16 21:41 - 00479232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2015-09-01 18:45 - 2015-07-16 21:39 - 00664064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2015-09-01 18:45 - 2015-07-16 21:39 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2015-09-01 18:45 - 2015-07-16 21:38 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2015-09-01 18:45 - 2015-07-16 21:36 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-09-01 18:45 - 2015-07-16 21:35 - 00720384 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2015-09-01 18:45 - 2015-07-16 21:34 - 14451200 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-09-01 18:45 - 2015-07-16 21:33 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2015-09-01 18:45 - 2015-07-16 21:29 - 00418304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2015-09-01 18:45 - 2015-07-16 21:24 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2015-09-01 18:45 - 2015-07-16 21:20 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2015-09-01 18:45 - 2015-07-16 21:19 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2015-09-01 18:45 - 2015-07-16 21:17 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2015-09-01 18:45 - 2015-07-16 21:12 - 04520448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2015-09-01 18:45 - 2015-07-16 21:12 - 02427904 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-09-01 18:45 - 2015-07-16 21:10 - 12856832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2015-09-01 18:45 - 2015-07-16 21:06 - 02052608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2015-09-01 18:45 - 2015-07-16 21:06 - 00689152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2015-09-01 18:45 - 2015-07-16 21:05 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2015-09-01 18:45 - 2015-07-16 20:49 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2015-09-01 18:45 - 2015-07-16 20:42 - 01951232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2015-09-01 18:45 - 2015-07-16 20:38 - 01310720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2015-09-01 18:45 - 2015-07-16 20:37 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2015-09-01 18:44 - 2015-07-30 20:06 - 02565120 _____ (Microsoft Corporation) C:\Windows\system32\d3d10warp.dll
2015-09-01 18:44 - 2015-07-30 20:06 - 01648128 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll
2015-09-01 18:44 - 2015-07-30 20:06 - 01180160 _____ (Microsoft Corporation) C:\Windows\system32\FntCache.dll
2015-09-01 18:44 - 2015-07-30 20:06 - 00100864 _____ (Microsoft Corporation) C:\Windows\system32\fontsub.dll
2015-09-01 18:44 - 2015-07-30 20:06 - 00046080 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2015-09-01 18:44 - 2015-07-30 20:06 - 00041984 _____ (Microsoft Corporation) C:\Windows\system32\lpk.dll
2015-09-01 18:44 - 2015-07-30 20:06 - 00014336 _____ (Microsoft Corporation) C:\Windows\system32\dciman32.dll
2015-09-01 18:44 - 2015-07-30 19:57 - 01987584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10warp.dll
2015-09-01 18:44 - 2015-07-30 19:57 - 01251328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll
2015-09-01 18:44 - 2015-07-30 19:57 - 00070656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fontsub.dll
2015-09-01 18:44 - 2015-07-30 19:57 - 00034304 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll
2015-09-01 18:44 - 2015-07-30 19:57 - 00010240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dciman32.dll
2015-09-01 18:44 - 2015-07-30 19:55 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\lpk.dll
2015-09-01 18:44 - 2015-07-30 18:56 - 03208192 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2015-09-01 18:44 - 2015-07-30 18:52 - 00372736 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2015-09-01 18:44 - 2015-07-30 18:49 - 00299520 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll
2015-09-01 18:44 - 2015-07-16 21:32 - 02125824 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-09-01 18:44 - 2015-07-16 21:01 - 01545728 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-09-01 18:44 - 2015-07-15 05:19 - 02004992 _____ (Microsoft Corporation) C:\Windows\system32\msxml6.dll
2015-09-01 18:44 - 2015-07-15 05:19 - 01887232 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2015-09-01 18:44 - 2015-07-15 05:14 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml6r.dll
2015-09-01 18:44 - 2015-07-15 05:13 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll
2015-09-01 18:44 - 2015-07-15 04:55 - 01390592 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6.dll
2015-09-01 18:44 - 2015-07-15 04:55 - 01241088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2015-09-01 18:44 - 2015-07-15 04:51 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6r.dll
2015-09-01 18:44 - 2015-07-15 04:51 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3r.dll
2015-09-01 18:44 - 2015-07-09 19:57 - 00193536 _____ (Microsoft Corporation) C:\Windows\system32\notepad.exe
2015-09-01 18:44 - 2015-07-09 19:57 - 00193536 _____ (Microsoft Corporation) C:\Windows\notepad.exe
2015-09-01 18:44 - 2015-07-09 19:42 - 00179712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\notepad.exe
2015-09-01 18:44 - 2015-07-01 22:49 - 00260096 _____ (Microsoft Corporation) C:\Windows\system32\WebClnt.dll
2015-09-01 18:44 - 2015-07-01 22:48 - 00102912 _____ (Microsoft Corporation) C:\Windows\system32\davclnt.dll
2015-09-01 18:44 - 2015-07-01 22:30 - 00206848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WebClnt.dll
2015-09-01 18:44 - 2015-07-01 22:30 - 00082432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\davclnt.dll
2015-09-01 18:43 - 2015-07-10 19:51 - 14177280 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2015-09-01 18:43 - 2015-07-10 19:34 - 12875776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2015-09-01 18:34 - 2015-09-03 17:25 - 00113880 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-09-01 18:34 - 2015-09-01 19:32 - 00001063 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2015-09-01 18:34 - 2015-09-01 18:34 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2015-09-01 18:34 - 2015-06-18 08:41 - 00109272 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2015-09-01 18:34 - 2015-06-18 08:41 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2015-09-01 18:34 - 2015-06-18 08:41 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2015-09-01 18:33 - 2015-07-30 15:13 - 00124624 _____ (Microsoft Corporation) C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll
2015-09-01 18:33 - 2015-07-30 15:13 - 00103120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2015-09-01 18:28 - 2015-07-20 20:12 - 03154944 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2015-09-01 18:28 - 2015-07-20 20:12 - 02606080 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2015-09-01 18:28 - 2015-07-20 20:12 - 00696320 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2015-09-01 18:28 - 2015-07-20 20:12 - 00192000 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2015-09-01 18:28 - 2015-07-20 20:12 - 00139776 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2015-09-01 18:28 - 2015-07-20 20:12 - 00098304 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2015-09-01 18:28 - 2015-07-20 20:12 - 00091136 _____ (Microsoft Corporation) C:\Windows\system32\WinSetupUI.dll
2015-09-01 18:28 - 2015-07-20 20:12 - 00037888 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2015-09-01 18:28 - 2015-07-20 20:12 - 00037376 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2015-09-01 18:28 - 2015-07-20 20:12 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2015-09-01 18:28 - 2015-07-20 20:12 - 00012288 _____ (Microsoft Corporation) C:\Windows\system32\wu.upgrade.ps.dll
2015-09-01 18:28 - 2015-07-20 19:56 - 00566784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2015-09-01 18:28 - 2015-07-20 19:56 - 00173056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2015-09-01 18:28 - 2015-07-20 19:56 - 00093184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2015-09-01 18:28 - 2015-07-20 19:56 - 00034816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2015-09-01 18:28 - 2015-07-20 19:56 - 00030208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll
2015-09-01 16:36 - 2015-09-02 12:41 - 00000000 ____D C:\Windows\pss
2015-09-01 15:29 - 2015-09-03 17:23 - 00000000 ____D C:\AdwCleaner
2015-09-01 14:45 - 2015-09-01 18:34 - 00000000 ____D C:\Program Files (x86)\Malwarebytes Anti-Malware
2015-09-01 14:45 - 2015-09-01 14:45 - 00000000 ____D C:\ProgramData\Malwarebytes
2015-09-01 14:36 - 2015-09-01 14:36 - 00000000 ____D C:\Users\SEBASTIEN\AppData\Roaming\WinBatch
2015-08-24 19:54 - 2015-08-25 15:34 - 00000000 ____D C:\Users\SEBASTIEN\Documents\KONAMI
2015-08-24 19:30 - 2015-08-25 15:08 - 00000000 ____D C:\ProgramData\KONAMI
2015-08-24 19:30 - 2015-08-25 14:47 - 00000000 ____D C:\Program Files (x86)\KONAMI
2015-08-24 16:42 - 2015-08-24 16:42 - 00000000 ____D C:\Users\SEBASTIEN\AppData\Roaming\Windows Live Writer
2015-08-24 16:42 - 2015-08-24 16:42 - 00000000 ____D C:\Users\SEBASTIEN\AppData\Local\Windows Live Writer
 
==================== Un mois - Modifiés - fichiers et dossiers ========
 
(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)
 
2015-09-03 19:23 - 2014-11-18 13:09 - 00001070 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-09-03 19:22 - 2012-02-20 16:12 - 00003976 _____ C:\Windows\System32\Tasks\User_Feed_Synchronization-{A70A911E-8373-4DCE-82E0-292F8D42E84F}
2015-09-03 19:21 - 2014-11-18 13:09 - 00001066 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-09-03 19:21 - 2014-11-18 12:41 - 00001700 _____ C:\Windows\Tasks\GJKWJWF.job
2015-09-03 19:21 - 2011-05-23 12:56 - 01439276 _____ C:\Windows\WindowsUpdate.log
2015-09-03 19:21 - 2009-07-14 06:45 - 00019248 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-09-03 19:21 - 2009-07-14 06:45 - 00019248 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-09-03 17:25 - 2014-11-18 12:42 - 00001356 _____ C:\Windows\Tasks\RMNWCKQ.job
2015-09-03 17:24 - 2014-11-18 15:05 - 00000000 ____D C:\ProgramData\NVIDIA
2015-09-03 17:24 - 2009-07-14 07:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2015-09-03 17:24 - 2009-07-14 06:51 - 00112982 _____ C:\Windows\setupact.log
2015-09-03 17:20 - 2010-01-14 14:42 - 00405742 _____ C:\Windows\system32\perfh00C.dat
2015-09-03 17:20 - 2010-01-14 14:42 - 00064238 _____ C:\Windows\system32\perfc00C.dat
2015-09-03 17:20 - 2009-07-14 07:13 - 00460604 _____ C:\Windows\system32\PerfStringBackup.INI
2015-09-03 17:19 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\system32\NDF
2015-09-03 16:26 - 2011-05-23 13:14 - 00000000 ____D C:\Windows\SysWOW64\Atheros_L1e
2015-09-03 16:08 - 2011-12-26 14:08 - 00000000 ____D C:\Users\SEBASTIEN\AppData\Roaming\Toshiba
2015-09-03 15:31 - 2014-11-18 15:10 - 00000000 ____D C:\Users\SEBASTIEN\AppData\Local\NVIDIA Corporation
2015-09-02 14:00 - 2011-12-26 14:04 - 00000000 ____D C:\Users\SEBASTIEN
2015-09-02 13:27 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\rescache
2015-09-02 12:58 - 2011-05-23 13:04 - 00538896 _____ C:\Windows\PFRO.log
2015-09-02 12:39 - 2012-08-15 15:59 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Vietcong 2
2015-09-02 12:39 - 2009-07-14 07:32 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2015-09-02 12:08 - 2012-03-26 17:58 - 00000000 ____D C:\Users\SEBASTIEN\AppData\Roaming\Skype
2015-09-02 10:39 - 2009-07-14 06:45 - 00267816 _____ C:\Windows\system32\FNTCACHE.DAT
2015-09-02 10:37 - 2014-12-16 16:44 - 00000000 ____D C:\Windows\system32\appraiser
2015-09-02 10:37 - 2014-11-18 13:03 - 00000000 ___SD C:\Windows\system32\CompatTel
2015-09-01 19:41 - 2011-03-03 14:58 - 00000000 ____D C:\Windows\en
2015-09-01 19:33 - 2011-12-26 14:07 - 00000516 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Toshiba Music Place.lnk
2015-09-01 19:33 - 2011-12-26 14:07 - 00000450 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Toshiba Places.lnk
2015-09-01 19:33 - 2011-03-03 21:59 - 00001314 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows DVD Maker.lnk
2015-09-01 19:33 - 2011-03-03 15:05 - 00002423 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2010.lnk
2015-09-01 19:33 - 2011-03-03 14:57 - 00001369 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live Photo Gallery.lnk
2015-09-01 19:33 - 2011-03-03 14:57 - 00001300 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live Movie Maker.lnk
2015-09-01 19:33 - 2011-03-03 14:56 - 00001453 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live Mail.lnk
2015-09-01 19:33 - 2011-03-03 14:55 - 00002481 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live Messenger.lnk
2015-09-01 19:33 - 2009-07-14 06:57 - 00001511 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
2015-09-01 19:33 - 2009-07-14 06:57 - 00001340 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Anytime Upgrade.lnk
2015-09-01 19:33 - 2009-07-14 06:57 - 00001292 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sidebar.lnk
2015-09-01 19:33 - 2009-07-14 06:57 - 00001234 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\XPS Viewer.lnk
2015-09-01 19:33 - 2009-07-14 06:54 - 00001198 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Fax and Scan.lnk
2015-09-01 19:32 - 2015-03-02 12:29 - 00001270 _____ C:\Users\Public\Desktop\Encore plus de jeux.lnk
2015-09-01 19:32 - 2015-01-05 12:49 - 00002062 _____ C:\Users\Public\Desktop\Jouer à The Treasures of Montezuma 3.lnk
2015-09-01 19:32 - 2014-11-17 12:34 - 00001916 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Game Manager.lnk
2015-09-01 19:32 - 2014-11-17 12:04 - 00001248 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Encore plus de jeux.lnk
2015-09-01 19:32 - 2011-03-03 22:00 - 00001333 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Media Center.lnk
2015-09-01 19:32 - 2011-03-03 14:37 - 00002429 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader X.lnk
2015-09-01 19:31 - 2012-01-16 10:07 - 00000000 ____D C:\Users\SEBASTIEN\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games
2015-09-01 19:31 - 2011-12-26 14:06 - 00001466 _____ C:\Users\SEBASTIEN\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2015-09-01 19:31 - 2009-07-14 07:01 - 00001218 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Default Programs.lnk
2015-09-01 19:31 - 2009-07-14 06:49 - 00001246 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Windows Update.lnk
2015-09-01 19:09 - 2014-11-18 15:29 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2015-09-01 19:07 - 2014-11-18 15:32 - 00162528 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avgntflt.sys
2015-09-01 19:07 - 2014-11-18 15:32 - 00141416 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avipbb.sys
2015-09-01 18:58 - 2013-04-08 18:24 - 00000000 ____D C:\Users\Invité
2015-09-01 18:58 - 2009-07-14 05:20 - 00000000 __RHD C:\Users\Default
2015-09-01 18:57 - 2011-05-23 13:12 - 00048578 _____ C:\Windows\DPINST.LOG
2015-09-01 18:57 - 2011-05-23 12:50 - 00000000 ____D C:\Program Files (x86)\Intel
2015-09-01 18:56 - 2014-11-18 15:29 - 00000000 ____D C:\ProgramData\Package Cache
2015-09-01 18:52 - 2014-11-17 12:39 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2015-09-01 18:51 - 2014-11-17 12:39 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight
2015-09-01 18:33 - 2014-11-17 12:40 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2015-09-01 18:29 - 2014-12-01 13:54 - 00000000 ____D C:\Windows\system32\MRT
2015-09-01 18:20 - 2014-12-01 13:54 - 132483416 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2015-09-01 18:18 - 2014-11-18 13:09 - 00004066 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2015-09-01 18:18 - 2014-11-18 13:09 - 00003814 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2015-09-01 18:13 - 2015-04-07 17:06 - 00000000 ___SD C:\Windows\system32\GWX
2015-09-01 18:13 - 2015-03-02 12:26 - 00000000 ____D C:\Users\SEBASTIEN\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\The Path of Hercules
2015-09-01 18:13 - 2015-03-02 12:24 - 00000000 ____D C:\Users\SEBASTIEN\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Imperial Island - La Naissance d un Empire
2015-09-01 18:13 - 2015-03-02 12:24 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Imperial Island - La Naissance d un Empire
2015-09-01 18:13 - 2015-02-09 14:01 - 00000000 ____D C:\Users\SEBASTIEN\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Les Chasseurs de Tresor - Sur la Piste des Fantomes
2015-09-01 18:13 - 2015-02-09 14:01 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Les Chasseurs de Tresor - Sur la Piste des Fantomes
2015-09-01 18:13 - 2015-01-19 14:11 - 00000000 ____D C:\Users\SEBASTIEN\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Travel Riddles - Trip to India
2015-09-01 18:13 - 2015-01-05 12:47 - 00000000 ____D C:\Users\SEBASTIEN\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\The Treasures of Montezuma 3
2015-09-01 18:13 - 2014-12-30 16:17 - 00000000 ____D C:\Users\SEBASTIEN\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Rise of Dynasty
2015-09-01 18:13 - 2014-12-12 14:03 - 00000000 ____D C:\Users\SEBASTIEN\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Les Tresors de Montezuma 2
2015-09-01 18:13 - 2014-12-12 14:03 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Les Tresors de Montezuma 2
2015-09-01 18:13 - 2014-12-02 15:12 - 00000000 ____D C:\Users\SEBASTIEN\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Vault Cracker
2015-09-01 18:13 - 2014-12-02 15:07 - 00000000 ____D C:\Users\SEBASTIEN\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Rhianna Ford - La Lettre de Leonard de Vinci
2015-09-01 18:13 - 2014-12-02 14:57 - 00000000 ____D C:\Users\SEBASTIEN\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Reincarnations - L'Eveil
2015-09-01 18:13 - 2014-12-02 14:55 - 00000000 ____D C:\Users\SEBASTIEN\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Reves d'orient
2015-09-01 18:13 - 2014-12-02 14:48 - 00000000 ____D C:\Users\SEBASTIEN\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Nightfall Mysteries - La Malediction de l'Opera
2015-09-01 18:13 - 2014-12-02 14:41 - 00000000 ____D C:\Users\SEBASTIEN\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Luxor 3
2015-09-01 18:13 - 2014-12-02 14:41 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Luxor 3
2015-09-01 18:13 - 2014-12-02 14:40 - 00000000 ____D C:\Users\SEBASTIEN\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Million Dollar Quest
2015-09-01 18:13 - 2014-12-02 14:40 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Million Dollar Quest
2015-09-01 18:13 - 2014-12-02 14:38 - 00000000 ____D C:\Users\SEBASTIEN\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Mushroom Age
2015-09-01 18:13 - 2014-12-02 14:38 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mushroom Age
2015-09-01 18:13 - 2014-12-02 14:32 - 00000000 ____D C:\Users\SEBASTIEN\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\My Kingdom for the Princess
2015-09-01 18:13 - 2014-12-02 14:32 - 00000000 ____D C:\Users\SEBASTIEN\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Les Chasseurs de Tresor II - Les Toiles Enchantees
2015-09-01 18:13 - 2014-12-02 14:32 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mystery P.I. - The Vegas Heist
2015-09-01 18:13 - 2014-12-02 14:32 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\My Kingdom for the Princess
2015-09-01 18:13 - 2014-12-02 14:32 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Les Chasseurs de Tresor II - Les Toiles Enchantees
2015-09-01 18:13 - 2014-12-02 14:30 - 00000000 ____D C:\Users\SEBASTIEN\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Les Chasseurs de Tresor - Reves d'Or
2015-09-01 18:13 - 2014-12-02 14:30 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Les Chasseurs de Tresor - Reves d'Or
2015-09-01 18:13 - 2014-12-02 14:23 - 00000000 ___RD C:\Users\SEBASTIEN\Desktop\OBJETS CACHES
2015-09-01 18:13 - 2014-12-02 14:23 - 00000000 ___RD C:\Users\SEBASTIEN\Desktop\MACH3
2015-09-01 18:13 - 2014-12-02 14:23 - 00000000 ____D C:\Users\SEBASTIEN\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Les Gardiens du Joyau - Ile de Paques
2015-09-01 18:13 - 2014-12-02 14:23 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Les Gardiens du Joyau - Ile de Paques
2015-09-01 18:13 - 2014-12-02 14:22 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Jungle Fruit
2015-09-01 18:13 - 2014-12-02 14:21 - 00000000 ____D C:\Users\SEBASTIEN\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Kate Arrow - La Jungle Deserte
2015-09-01 18:13 - 2014-12-02 14:21 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Kate Arrow - La Jungle Deserte
2015-09-01 18:13 - 2014-12-02 14:19 - 00000000 ____D C:\Users\SEBASTIEN\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Laby
2015-09-01 18:13 - 2014-12-02 14:19 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Laby
2015-09-01 18:13 - 2014-12-02 14:18 - 00000000 ____D C:\Users\SEBASTIEN\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Jewel Match 3
2015-09-01 18:13 - 2014-12-02 14:18 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Jewel Match 3
2015-09-01 18:13 - 2014-12-02 14:15 - 00000000 ____D C:\Users\SEBASTIEN\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Hidden Expedition - Amazon
2015-09-01 18:13 - 2014-12-02 14:15 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Hidden Expedition - Amazon
2015-09-01 18:13 - 2014-12-02 14:13 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Flip Words
2015-09-01 18:13 - 2014-12-02 14:13 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Emerald Tale
2015-09-01 18:13 - 2014-12-02 14:12 - 00000000 ____D C:\Users\SEBASTIEN\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Cave Quest
2015-09-01 18:13 - 2014-12-02 14:12 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Cave Quest
2015-09-01 18:13 - 2014-12-02 14:11 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Azkend
2015-09-01 18:13 - 2014-12-02 14:10 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Atlantis Quest
2015-09-01 18:13 - 2014-11-25 13:53 - 00000000 ____D C:\Users\SEBASTIEN\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\The Treasures of Montezuma 4
2015-09-01 18:13 - 2014-11-25 13:36 - 00000000 ____D C:\Users\SEBASTIEN\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Cradle of Egypt
2015-09-01 18:13 - 2014-11-25 13:36 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Cradle of Egypt
2015-09-01 18:13 - 2014-11-18 19:33 - 00000000 ____D C:\Users\SEBASTIEN\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Shaolin Mystery - Le Sceptre du Dragon
2015-09-01 18:13 - 2014-11-18 18:07 - 00000000 ____D C:\Users\SEBASTIEN\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\LEpreuve des Dieux - Le Periple dAriane
2015-09-01 18:13 - 2014-11-18 18:07 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LEpreuve des Dieux - Le Periple dAriane
2015-09-01 18:13 - 2014-11-18 18:00 - 00000000 ____D C:\Users\SEBASTIEN\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Wizard's Hat
2015-09-01 18:13 - 2014-11-18 17:57 - 00000000 ____D C:\Users\SEBASTIEN\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Mon Beau Sapin
2015-09-01 18:13 - 2014-11-18 17:57 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mon Beau Sapin
2015-09-01 18:13 - 2014-11-18 17:55 - 00000000 ____D C:\Users\SEBASTIEN\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Heroes of Hellas 2 - Olympie
2015-09-01 18:13 - 2014-11-18 17:55 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Heroes of Hellas 2 - Olympie
2015-09-01 18:13 - 2014-11-18 17:50 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2015-09-01 18:13 - 2014-11-18 17:33 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2015-09-01 18:13 - 2014-11-18 17:32 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Enchanted Cavern
2015-09-01 18:13 - 2014-11-18 17:31 - 00000000 ____D C:\Users\SEBASTIEN\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Coupe Du Monde Solitaire
2015-09-01 18:13 - 2014-11-18 17:31 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Coupe Du Monde Solitaire
2015-09-01 18:13 - 2014-11-18 16:56 - 00000000 ____D C:\Users\SEBASTIEN\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Glyph 2
2015-09-01 18:13 - 2014-11-18 16:56 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Glyph 2
2015-09-01 18:13 - 2014-11-18 16:54 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Eco-Match
2015-09-01 18:13 - 2014-11-18 16:52 - 00000000 ____D C:\Users\SEBASTIEN\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Babylonia
2015-09-01 18:13 - 2014-11-18 16:52 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Babylonia
2015-09-01 18:13 - 2014-11-18 16:48 - 00000000 ____D C:\Users\SEBASTIEN\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\1912 - Titanic Mystery
2015-09-01 18:13 - 2014-11-18 16:48 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\1912 - Titanic Mystery
2015-09-01 18:13 - 2014-11-18 16:41 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Cradle of Rome
2015-09-01 18:13 - 2014-11-18 15:05 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
2015-09-01 18:13 - 2014-11-18 13:09 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2015-09-01 18:13 - 2014-11-17 12:16 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DragonStone
2015-09-01 18:13 - 2014-11-17 12:07 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Jewels of Cleopatra
2015-09-01 18:13 - 2014-11-17 12:05 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Le Comte de Monte Cristo
2015-09-01 18:13 - 2011-12-26 14:04 - 00000000 ___RD C:\Users\SEBASTIEN\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2015-09-01 18:13 - 2011-12-26 14:04 - 00000000 ___RD C:\Users\SEBASTIEN\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2015-09-01 18:13 - 2011-05-23 12:55 - 00000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2015-09-01 18:13 - 2011-05-23 12:54 - 00000000 ____D C:\Program Files\NVIDIA Corporation
2015-09-01 18:13 - 2011-03-03 14:41 - 00000000 ___RD C:\Program Files (x86)\Skype
2015-09-01 18:13 - 2009-07-14 05:20 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Maintenance
2015-09-01 18:13 - 2009-07-14 05:20 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories
2015-09-01 18:13 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\security
2015-09-01 18:13 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\PolicyDefinitions
2015-09-01 18:13 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\Help
2015-09-01 18:11 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\registration
2015-09-01 18:09 - 2012-01-02 20:32 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Cyanide
2015-09-01 15:34 - 2015-05-28 11:44 - 00000000 ____D C:\temp
2015-08-26 21:23 - 2014-11-17 12:05 - 00000000 ____D C:\ProgramData\TEMP
2015-08-26 21:14 - 2014-12-05 16:51 - 00000000 ____D C:\Users\SEBASTIEN\AppData\Roaming\Artogon
2015-08-25 12:47 - 2014-12-03 22:54 - 00000000 ____D C:\ProgramData\SecretsOfOlympus
2015-08-25 12:46 - 2015-01-19 14:14 - 00000000 ____D C:\Users\SEBASTIEN\AppData\Local\TravelRiddlesTripToIndia
2015-08-24 18:21 - 2014-11-17 12:19 - 00000000 ____D C:\ProgramData\Enkord
2015-08-24 17:47 - 2014-11-18 21:40 - 00000000 ____D C:\Users\SEBASTIEN\AppData\Roaming\Babylonia
2015-08-24 16:53 - 2011-05-23 13:03 - 00000000 ____D C:\Program Files (x86)\Realtek
2015-08-24 16:53 - 2011-03-03 14:18 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2015-08-24 16:43 - 2014-12-02 14:09 - 00000000 ____D C:\Program Files (x86)\Atlantis Quest
2015-08-24 13:14 - 2014-11-17 12:05 - 00000000 ____D C:\ProgramData\MonteCristo
2015-08-10 12:06 - 2009-07-14 07:09 - 00000000 ____D C:\Windows\System32\Tasks\WPD
2015-08-07 12:43 - 2011-03-03 14:41 - 00000000 ____D C:\ProgramData\Skype
2015-08-06 12:56 - 2015-07-10 19:02 - 00000000 ___HD C:\$Windows.~BT
2015-08-06 12:39 - 2011-03-03 12:54 - 00000000 ____D C:\Windows\Panther
2015-08-05 12:28 - 2015-04-07 17:06 - 00000000 ___SD C:\Windows\SysWOW64\GWX
 
==================== Fichiers à la racine de certains dossiers =======
 
2014-09-01 10:18 - 2014-09-01 10:18 - 0001248 _____ () C:\Users\SEBASTIEN\AppData\Roaming\GJKWJWF
2014-09-01 10:18 - 2014-09-01 10:18 - 0002086 _____ () C:\Users\SEBASTIEN\AppData\Roaming\RMNWCKQ
2014-11-18 17:55 - 2014-11-18 17:55 - 0000036 _____ () C:\Users\SEBASTIEN\AppData\Roaming\SuYZkvrV.tmp
2013-04-08 13:40 - 2013-04-08 13:40 - 0001858 _____ () C:\Users\SEBASTIEN\AppData\Roaming\UserTile.png
 
Certains fichiers dans TEMP:
====================
C:\Users\SEBASTIEN\AppData\Local\Temp\avgnt.exe
C:\Users\SEBASTIEN\AppData\Local\Temp\detectionapi_rd.dll
C:\Users\SEBASTIEN\AppData\Local\Temp\directx9tests_rd.dll
C:\Users\SEBASTIEN\AppData\Local\Temp\Launcher.exe
C:\Users\SEBASTIEN\AppData\Local\Temp\local.dll
C:\Users\SEBASTIEN\AppData\Local\Temp\mfc80.dll
C:\Users\SEBASTIEN\AppData\Local\Temp\mfc80u.dll
C:\Users\SEBASTIEN\AppData\Local\Temp\mfcm80.dll
C:\Users\SEBASTIEN\AppData\Local\Temp\mfcm80u.dll
C:\Users\SEBASTIEN\AppData\Local\Temp\msvcm80.dll
C:\Users\SEBASTIEN\AppData\Local\Temp\msvcp80.dll
C:\Users\SEBASTIEN\AppData\Local\Temp\msvcr80.dll
C:\Users\SEBASTIEN\AppData\Local\Temp\sqlite3.dll
C:\Users\SEBASTIEN\AppData\Local\Temp\_is1573.exe
C:\Users\SEBASTIEN\AppData\Local\Temp\_is2480.exe
C:\Users\SEBASTIEN\AppData\Local\Temp\_isAD40.exe
C:\Users\SEBASTIEN\AppData\Local\Temp\_isB7CB.exe
C:\Users\SEBASTIEN\AppData\Local\Temp\_isCC64.exe
 
 
==================== Bamital & volsnap =================
 
(Il n'y a pas de correction automatique pour les fichiers qui ne satisfont pas à la vérification.)
 
C:\Windows\system32\winlogon.exe => Le fichier est signé numériquement
C:\Windows\system32\wininit.exe => Le fichier est signé numériquement
C:\Windows\SysWOW64\wininit.exe => Le fichier est signé numériquement
C:\Windows\explorer.exe => Le fichier est signé numériquement
C:\Windows\SysWOW64\explorer.exe => Le fichier est signé numériquement
C:\Windows\system32\svchost.exe => Le fichier est signé numériquement
C:\Windows\SysWOW64\svchost.exe => Le fichier est signé numériquement
C:\Windows\system32\services.exe => Le fichier est signé numériquement
C:\Windows\system32\User32.dll => Le fichier est signé numériquement
C:\Windows\SysWOW64\User32.dll => Le fichier est signé numériquement
C:\Windows\system32\userinit.exe => Le fichier est signé numériquement
C:\Windows\SysWOW64\userinit.exe => Le fichier est signé numériquement
C:\Windows\system32\rpcss.dll => Le fichier est signé numériquement
C:\Windows\system32\dnsapi.dll => Le fichier est signé numériquement
C:\Windows\SysWOW64\dnsapi.dll => Le fichier est signé numériquement
C:\Windows\system32\Drivers\volsnap.sys => Le fichier est signé numériquement
 
 
LastRegBack: 2015-09-01 20:23
 
==================== Fin de FRST.txt ============================

 



#9 Machiavelli

Machiavelli

    Agent 007


  • Malware Response Instructor
  • 3,897 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Germany
  • Local time:10:25 PM

Posted 05 September 2015 - 07:04 AM

Hello,
I'm sorry for the delay. Had to help my parents yesterday. :)

 

STEP 1
xlK5Hdb.png Farbar Recovery Scan Tool (FRST) Script

  • Press the Windows Key pdKOQKY.png + r on your keyboard at the same time. Type Notepad and click OK.
  • Copy the entire contents of the codebox below and paste into the Notepad document.
    start
    CreateRestorePoint:
    SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
    SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
    SearchScopes: HKLM -> {DC91FAFB-6CEA-49E5-BB74-9CEE75D09B77} URL =
    SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
    SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
    SearchScopes: HKU\S-1-5-21-1714738709-1909791266-908670872-1000 -> {2101A788-24B3-4828-BFD7-38784E93DDF8} URL =
    FF Plugin: @microsoft.com/GENUINE -> disabled [Pas de fichier]
    FF Plugin-x32: @microsoft.com/GENUINE -> disabled [Pas de fichier]
    2014-09-01 10:18 - 2014-09-01 10:18 - 0001248 _____ () C:\Users\SEBASTIEN\AppData\Roaming\GJKWJWF
    2014-09-01 10:18 - 2014-09-01 10:18 - 0002086 _____ () C:\Users\SEBASTIEN\AppData\Roaming\RMNWCKQ
    2014-11-18 17:55 - 2014-11-18 17:55 - 0000036 _____ () C:\Users\SEBASTIEN\AppData\Roaming\SuYZkvrV.tmp
    EmptyTemp:
    end
  • Click File, Save As and type fixlist.txt as the File Name
  • Important: The file must be saved in the same location as FRST64.exe. 

NOTICE: This script is intended for use on this particular machine. Do not use this script on any other machine; doing so may cause damage to your Operating System.

  • Right-Click FRST64.exe and select AVOiBNU.jpg Run as administrator to run the programme.
  • Click Fix.
  • A log (Fixlog.txt) will open on your desktop. Copy the contents of the log and paste in your next reply.

 

STEP 2
xlK5Hdb.png Farbar Recovery Scan Tool (FRST) Scan

  • Right-Click FRST.exe or FRST64.exe and select AVOiBNU.jpg Run as administrator to run the programme.
  • Ensure the Addition.txt box is checked.
  • Click the Scan button and let the programme run.
  • Upon completion, click OK, then OK on the Addition.txt pop up screen.
  • Two logs (FRST.txt & Addition.txt) will now be open on your Desktop. Copy the contents of both logs and paste in your next reply.

STEP 3
GzlsbnV.png ESET Online Scan
Note: This scan may take a long time to complete. Please do not browse the Internet whilst your Anti-Virus is disabled.

  • Please download ESET Online Scan and save the file to your Desktop.
  • Temporarily disable your anti-virus software. For instructions, please refer to the following link.
  • Double-click esetsmartinstaller_enu.exe to run the programme. 
  • Agree to the EULA by placing a checkmark next to Yes, I accept the Terms of Use. Then click Start.
  • Agree to the Terms of Use once more and click Start. Allow components to download.
  • Place a checkmark next to Enable detection of potentially unwanted applications.
  • Click Advanced settings. Place a checkmark next to:
    • Scan archives
    • Scan for potentially unsafe applications
    • Enable Anti-Stealth technology
  • Ensure Remove found threats is unchecked.
  • Click Start.
  • Wait for the scan to finish. Please be patient as this can take some time.
  • Upon completion, click esetListThreats.png. If no threats were found, skip the next two bullet points. 
  • Click esetExport.png and save the file to your Desktop, naming it something such as "MyEsetScan".
  • Push the Back button.
  • Place a checkmark next to KN1w2nv.png and click SzOC1p0.png.
  • Re-enable your anti-virus software.
  • Copy the contents of the log and paste in your next reply.



 


~Machiavelli

If I don't reply within 24 hours please PM me!

  • Every topic with no replies within 5 days will be closed.
  • If you like my help here please give me feedback.

unite_blue.png
 
 


#10 LiHo

LiHo
  • Topic Starter

  • Members
  • 7 posts
  • OFFLINE
  •  
  • Local time:05:25 AM

Posted 07 September 2015 - 07:02 AM

Hello,
I'm sorry for the delay. I was really busy last days...

 

Fixlog.txt


 

Résultats de correction de Farbar Recovery Scan Tool (x64) Version:31-08-2015

Exécuté par SEBASTIEN (2015-09-05 14:09:25) Run:1
Exécuté depuis C:\Users\SEBASTIEN\Desktop
Profils chargés: SEBASTIEN &  (Profils disponibles: SEBASTIEN & Invité)
Mode d'amorçage: Normal
==============================================
 
fixlist contenu:
***************a**
start
CreateRestorePoint:
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM -> {DC91FAFB-6CEA-49E5-BB74-9CEE75D09B77} URL =
SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-1714738709-1909791266-908670872-1000 -> {2101A788-24B3-4828-BFD7-38784E93DDF8} URL =
FF Plugin: @microsoft.com/GENUINE -> disabled [Pas de fichier]
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [Pas de fichier]
2014-09-01 10:18 - 2014-09-01 10:18 - 0001248 _____ () C:\Users\SEBASTIEN\AppData\Roaming\GJKWJWF
2014-09-01 10:18 - 2014-09-01 10:18 - 0002086 _____ () C:\Users\SEBASTIEN\AppData\Roaming\RMNWCKQ
2014-11-18 17:55 - 2014-11-18 17:55 - 0000036 _____ () C:\Users\SEBASTIEN\AppData\Roaming\SuYZkvrV.tmp
EmptyTemp:
end
*****************
 
Le Point de restauration a été créé avec succès.
HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => valeur restauré(es) avec succès
"HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}" => clé supprimé(es) avec succès
HKCR\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => clé non trouvé(e). 
"HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{DC91FAFB-6CEA-49E5-BB74-9CEE75D09B77}" => clé supprimé(es) avec succès
HKCR\CLSID\{DC91FAFB-6CEA-49E5-BB74-9CEE75D09B77} => clé non trouvé(e). 
HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => valeur restauré(es) avec succès
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}" => clé supprimé(es) avec succès
HKCR\Wow6432Node\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => clé non trouvé(e). 
"HKU\S-1-5-21-1714738709-1909791266-908670872-1000\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{2101A788-24B3-4828-BFD7-38784E93DDF8}" => clé supprimé(es) avec succès
HKCR\CLSID\{2101A788-24B3-4828-BFD7-38784E93DDF8} => clé non trouvé(e). 
"HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE" => clé supprimé(es) avec succès
"HKLM\Software\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE" => clé supprimé(es) avec succès
C:\Users\SEBASTIEN\AppData\Roaming\GJKWJWF => déplacé(es) avec succès
C:\Users\SEBASTIEN\AppData\Roaming\RMNWCKQ => déplacé(es) avec succès
C:\Users\SEBASTIEN\AppData\Roaming\SuYZkvrV.tmp => déplacé(es) avec succès
EmptyTemp: => 219.9 MB données temporaires supprimées.
 
 
Le système a dû redémarrer.. 
 
==== Fin de Fixlog 14:11:57 ====

 

 

 

FRST.txt

 

Résultats d'analyse de  Farbar Recovery Scan Tool (FRST) (x64) Version:31-08-2015

Exécuté par SEBASTIEN (administrateur) sur SEBASTIEN-TOSH (05-09-2015 14:18:07)
Exécuté depuis C:\Users\SEBASTIEN\Desktop
Profils chargés: SEBASTIEN (Profils disponibles: SEBASTIEN & Invité)
Platform: Windows 7 Home Premium Service Pack 1 (X64) Langue: Français (France)
Internet Explorer Version 11 (Navigateur par défaut: Chrome)
Mode d'amorçage: Normal
 
==================== Processus (Avec liste blanche) =================
 
(Si un élément est inclus dans le fichier fixlist.txt, le processus sera arrêté. Le fichier ne sera pas déplacé.)
 
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(Intel® Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Intel® Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(TOSHIBA Corporation) C:\Windows\System32\TODDSrv.exe
(TOSHIBA Corporation) C:\Program Files\Toshiba\Power Saver\TosCoSrv.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(TOSHIBA Corporation) C:\Program Files\Toshiba\TECO\TecoService.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe
(TOSHIBA Corporation) C:\Program Files\Toshiba\BulletinBoard\TosNcCore.exe
(TOSHIBA Corporation) C:\Program Files\Toshiba\ReelTime\TosReelTimeMonitor.exe
(Toshiba Europe GmbH) C:\Program Files (x86)\Toshiba TEMPRO\TemproTray.exe
(TOSHIBA Corporation) C:\Program Files\Toshiba\Power Saver\TPwrMain.exe
(TOSHIBA Corporation) C:\Program Files\Toshiba\FlashCards\TCrdMain.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(TOSHIBA Corporation) C:\Program Files\Toshiba\TECO\Teco.exe
(TOSHIBA Corporation) C:\Program Files\Toshiba\TosVolRegulator\TosVolRegulator.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(TOSHIBA) C:\Program Files (x86)\TOSHIBA\TOSHIBA Online Product Information\TOPI.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.Systray.exe
(TOSHIBA CORPORATION) C:\Program Files (x86)\TOSHIBA\ConfigFree\NDSTray.exe
(TOSHIBA CORPORATION) C:\Program Files (x86)\TOSHIBA\ConfigFree\CFSwMgr.exe
(TOSHIBA CORPORATION) C:\Program Files (x86)\TOSHIBA\ConfigFree\CFIWmxSvcs64.exe
(TOSHIBA CORPORATION) C:\Program Files (x86)\TOSHIBA\ConfigFree\CFSvcs.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
(Nero AG) C:\Program Files (x86)\Nero\Update\NASvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
(TOSHIBA Corporation) C:\Program Files\Toshiba\TOSHIBA HDD SSD Alert\TosSmartSrv.exe
(TOSHIBA Corporation) C:\Program Files\Toshiba\TPHM\TPCHSrv.exe
(TOSHIBA Corporation) C:\Program Files\Toshiba\TOSHIBA HDD SSD Alert\TosSENotify.exe
(TOSHIBA Corporation) C:\Program Files\Toshiba\TPHM\TPCHWMsg.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
 
 
==================== Registre (Avec liste blanche) ===========================
 
(Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé. Le fichier ne sera pas déplacé.)
 
HKLM\...\Run: [TosNC] => C:\Program Files\Toshiba\BulletinBoard\TosNcCore.exe [597928 2010-12-13] (TOSHIBA Corporation)
HKLM\...\Run: [TosReelTimeMonitor] => C:\Program Files\TOSHIBA\ReelTime\TosReelTimeMonitor.exe [38304 2010-12-14] (TOSHIBA Corporation)
HKLM\...\Run: [Toshiba TEMPRO] => C:\Program Files (x86)\Toshiba TEMPRO\TemproTray.exe [1546720 2011-02-10] (Toshiba Europe GmbH)
HKLM\...\Run: [TPwrMain] => C:\Program Files\TOSHIBA\Power Saver\TPwrMain.EXE [571304 2010-12-09] (TOSHIBA Corporation)
HKLM\...\Run: [HSON] => C:\Program Files\TOSHIBA\TBS\HSON.exe [296824 2010-09-25] (TOSHIBA Corporation)
HKLM\...\Run: [TCrdMain] => C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe [973176 2010-12-15] (TOSHIBA Corporation)
HKLM\...\Run: [SmartAudio] => C:\Program Files\CONEXANT\SAII\SAIICpl.exe [316032 2010-12-14] (Conexant systems, Inc.)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2679592 2011-02-03] (Synaptics Incorporated)
HKLM\...\Run: [Teco] => C:\Program Files\TOSHIBA\TECO\Teco.exe [1519016 2010-12-08] (TOSHIBA Corporation)
HKLM\...\Run: [TosSENotify] => C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosWaitSrv.exe [710040 2010-12-08] (TOSHIBA Corporation)
HKLM\...\Run: [TosWaitSrv] => C:\Program Files\TOSHIBA\TPHM\TosWaitSrv.exe [711576 2010-12-20] (TOSHIBA Corporation)
HKLM\...\Run: [TosVolRegulator] => C:\Program Files\TOSHIBA\TosVolRegulator\TosVolRegulator.exe [24376 2009-11-11] (TOSHIBA Corporation)
HKLM\...\Run: [Toshiba Registration] => C:\Program Files\Toshiba\Registration\ToshibaReminder.exe [150992 2011-03-03] (Toshiba Europe GmbH)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2464072 2014-11-06] (NVIDIA Corporation)
HKLM-x32\...\Run: [TSleepSrv] => C:\Program Files (x86)\TOSHIBA\TOSHIBA Sleep Utility\TSleepSrv.exe [252792 2010-06-04] (TOSHIBA)
HKLM-x32\...\Run: [TWebCamera] => C:\Program Files (x86)\TOSHIBA\TOSHIBA Web Camera Application\TWebCamera.exe [2475384 2011-01-16] (TOSHIBA CORPORATION.)
HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [782008 2015-09-01] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [Avira SystrayStartTrigger] => C:\Program Files (x86)\Avira\Launcher\Avira.SystrayStartTrigger.exe [66936 2015-08-13] (Avira Operations GmbH & Co. KG)
HKU\S-1-5-19\...\Run: [TOPI.EXE] => C:\Program Files (x86)\TOSHIBA\TOSHIBA Online Product Information\topi.exe [845176 2011-02-18] (TOSHIBA)
HKU\S-1-5-20\...\Run: [TOPI.EXE] => C:\Program Files (x86)\TOSHIBA\TOSHIBA Online Product Information\topi.exe [845176 2011-02-18] (TOSHIBA)
HKU\S-1-5-21-1714738709-1909791266-908670872-1000\...\Run: [TOPI.EXE] => C:\Program Files (x86)\TOSHIBA\TOSHIBA Online Product Information\topi.exe [845176 2011-02-18] (TOSHIBA)
HKU\S-1-5-18\...\Run: [TOPI.EXE] => C:\Program Files (x86)\TOSHIBA\TOSHIBA Online Product Information\topi.exe [845176 2011-02-18] (TOSHIBA)
HKU\S-1-5-18\...\RunOnce: [SPReview] => C:\Windows\System32\SPReview\SPReview.exe [301568 2014-11-25] (Microsoft Corporation)
Startup: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\TRDCReminder.lnk [2011-03-03]
ShortcutTarget: TRDCReminder.lnk -> C:\Program Files (x86)\TOSHIBA\TRDCReminder\TRDCReminder.exe (TOSHIBA Europe)
Startup: C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\TRDCReminder.lnk [2011-03-03]
ShortcutTarget: TRDCReminder.lnk -> C:\Program Files (x86)\TOSHIBA\TRDCReminder\TRDCReminder.exe (TOSHIBA Europe)
Startup: C:\Users\Invité\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\TRDCReminder.lnk [2013-04-08]
ShortcutTarget: TRDCReminder.lnk -> C:\Program Files (x86)\TOSHIBA\TRDCReminder\TRDCReminder.exe (TOSHIBA Europe)
 
==================== Internet (Avec liste blanche) ====================
 
(Si un élément est inclus dans le fichier fixlist.txt, s'il s'agit d'un élément du Registre, il sera supprimé ou restauré à la valeur par défaut.)
 
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{60E67FE4-43BC-442E-86EE-26F37292F586}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{68286DD8-2390-4CC7-89AA-0E467F732497}: [DhcpNameServer] 192.168.1.1
 
Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKLM -> {2101A788-24B3-4828-BFD7-38784E93DDF8} URL = hxxp://www.bing.com/search?q={searchTerms}&form=TSHMDF&pc=MATM&src=IE-SearchBox
SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKLM-x32 -> {1CC1A282-72B8-48FF-8512-A53A8B3B53F2} URL = hxxp://www.bing.com/search?q={searchTerms}&form=TSHMDF&pc=MATM&src=IE-SearchBox
SearchScopes: HKU\S-1-5-21-1714738709-1909791266-908670872-1000 -> DefaultScope {1CC1A282-72B8-48FF-8512-A53A8B3B53F2} URL = hxxp://www.bing.com/search?FORM=SKY2DF&PC=SKY2&q={searchTerms}&src=IE-SearchBox
SearchScopes: HKU\S-1-5-21-1714738709-1909791266-908670872-1000 -> {1CC1A282-72B8-48FF-8512-A53A8B3B53F2} URL = hxxp://www.bing.com/search?FORM=SKY2DF&PC=SKY2&q={searchTerms}&src=IE-SearchBox
SearchScopes: HKU\S-1-5-21-1714738709-1909791266-908670872-1000 -> {3359BB5C-6DE9-4434-ACCF-8CAFD5A30101} URL = hxxp://rover.ebay.com/rover/1/709-44555-9400-8/4?satitle={searchTerms}
SearchScopes: HKU\S-1-5-21-1714738709-1909791266-908670872-1000 -> {DC91FAFB-6CEA-49E5-BB74-9CEE75D09B77} URL = hxxp://www.bing.com/search?q={searchTerms}&form=TSHMDF&pc=MATM&src=IE-SearchBox
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21] (Microsoft Corp.)
BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21] (Microsoft Corp.)
BHO-x32: Windows Live Messenger Companion Helper -> {9FDDE16B-836F-4806-AB1F-1455CBEFF289} -> C:\Program Files (x86)\Windows Live\Companion\companioncore.dll [2010-11-10] (Microsoft Corporation)
BHO-x32: Skype Plug-In -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll [2010-09-27] (Skype Technologies S.A.)
Handler-x32: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll [2010-09-27] (Skype Technologies S.A.)
 
FireFox:
========
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] ( Microsoft Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.25.2 -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\dtplugin\npDeployJava1.dll [2014-11-18] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.25.2 -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\plugin2\npjp2.dll [2014-11-18] (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2010-11-10] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2010-11-10] (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2014-11-12] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2014-11-12] (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.28.13\npGoogleUpdate3.dll [2015-09-01] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.28.13\npGoogleUpdate3.dll [2015-09-01] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll [2014-12-03] (Adobe Systems Inc.)
 
Chrome: 
=======
CHR StartupUrls: Default -> "hxxp://www.google.fr/"
CHR Profile: C:\Users\SEBASTIEN\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Slides) - C:\Users\SEBASTIEN\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2014-11-18]
CHR Extension: (Google Docs) - C:\Users\SEBASTIEN\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-11-18]
CHR Extension: (Google Drive) - C:\Users\SEBASTIEN\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-11-18]
CHR Extension: (YouTube) - C:\Users\SEBASTIEN\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-11-18]
CHR Extension: (Google Search) - C:\Users\SEBASTIEN\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-11-18]
CHR Extension: (Google Sheets) - C:\Users\SEBASTIEN\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2014-11-18]
CHR Extension: (Avira Browser Safety) - C:\Users\SEBASTIEN\AppData\Local\Google\Chrome\User Data\Default\Extensions\flliilndjeohchalpbbcdekjklbdgfkk [2014-11-18]
CHR Extension: (Google Docs Offline) - C:\Users\SEBASTIEN\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2015-09-02]
CHR Extension: (AdBlock) - C:\Users\SEBASTIEN\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2014-11-18]
CHR Extension: (Chrome Hotword Shared Module) - C:\Users\SEBASTIEN\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-03-16]
CHR Extension: (Chrome Web Store Payments) - C:\Users\SEBASTIEN\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-11-18]
CHR Extension: (Gmail) - C:\Users\SEBASTIEN\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-11-18]
CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - https://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - https://clients2.google.com/service/update2/crx
 
==================== Services (Avec liste blanche) ========================
 
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
 
S2 AntiVirMailService; C:\Program Files (x86)\Avira\AntiVir Desktop\avmailc7.exe [887128 2015-09-01] (Avira Operations GmbH & Co. KG)
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [461672 2015-09-01] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [461672 2015-09-01] (Avira Operations GmbH & Co. KG)
S2 AntiVirWebService; C:\Program Files (x86)\Avira\AntiVir Desktop\avwebg7.exe [1213072 2015-09-01] (Avira Operations GmbH & Co. KG)
R2 Avira.ServiceHost; C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe [228104 2015-08-13] (Avira Operations GmbH & Co. KG)
R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1148744 2014-11-06] (NVIDIA Corporation)
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe [69632 2005-11-14] (Macrovision Corporation) [Fichier non signé]
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1871160 2015-06-18] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1133880 2015-06-18] (Malwarebytes Corporation)
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [265936 2014-06-18] ()
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1795912 2014-11-06] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [19819848 2014-11-06] (NVIDIA Corporation)
S3 TemproMonitoringService; C:\Program Files (x86)\Toshiba TEMPRO\TemproSvc.exe [112080 2011-02-10] (Toshiba Europe GmbH)
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
R2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [3816656 2014-06-18] (Intel® Corporation)
 
===================== Pilotes (Avec liste blanche) ==========================
 
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
 
R2 atksgt; C:\Windows\System32\DRIVERS\atksgt.sys [314016 2012-08-04] ()
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [162528 2015-09-01] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [141416 2015-09-01] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2014-09-25] (Avira Operations GmbH & Co. KG)
R2 avnetflt; C:\Windows\System32\DRIVERS\avnetflt.sys [44088 2015-03-10] (Avira Operations GmbH & Co. KG)
S3 ebdrv; C:\Windows\system32\DRIVERS\evbda.sys [3286016 2009-06-10] (Broadcom Corporation)
R2 lirsgt; C:\Windows\System32\DRIVERS\lirsgt.sys [43680 2012-08-04] ()
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2015-06-18] (Malwarebytes Corporation)
R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [113880 2015-09-05] (Malwarebytes Corporation)
R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2015-06-18] (Malwarebytes Corporation)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [19784 2014-11-06] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [38216 2014-10-03] (NVIDIA Corporation)
S3 RSUSBSTOR; pas de ImagePath
S3 RSUSBVSTOR; pas de ImagePath
S3 RTL8192Ce; pas de ImagePath
R3 RTWlanE; C:\Windows\System32\DRIVERS\rtwlane.sys [1514568 2013-05-02] (Realtek Semiconductor Corporation                           )
R0 sfdrv01a; C:\Windows\System32\drivers\sfdrv01a.sys [77432 2009-02-03] (Protection Technology (StarForce))
S0 sfsync02; C:\Windows\System32\drivers\sfsync02.sys [22936 2006-07-10] (Protection Technology)
R0 sfvfs02; C:\Windows\System32\drivers\sfvfs02.sys [107384 2007-02-08] (Protection Technology (StarForce))
 
==================== NetSvcs (Avec liste blanche) ===================
 
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
 
 
==================== Un mois - Créés - fichiers et dossiers ========
 
(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)
 
2015-09-05 14:18 - 2015-09-05 14:18 - 00020905 _____ C:\Users\SEBASTIEN\Desktop\FRST.txt
2015-09-05 14:11 - 2015-09-05 14:11 - 02870984 _____ (ESET) C:\Users\SEBASTIEN\Downloads\esetsmartinstaller_enu.exe
2015-09-03 19:22 - 2015-09-03 19:23 - 02188800 _____ (Farbar) C:\Users\SEBASTIEN\Desktop\FRST64.exe
2015-09-03 13:13 - 2015-09-05 14:18 - 00000000 ____D C:\FRST
2015-09-03 13:10 - 2015-08-11 03:20 - 25191936 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-09-03 13:10 - 2015-08-11 03:14 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2015-09-03 13:10 - 2015-08-11 02:33 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2015-09-03 13:10 - 2015-08-11 02:20 - 19871232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2015-09-02 14:00 - 2015-09-02 14:00 - 00000000 _____ C:\autoexec.bat
2015-09-01 18:58 - 2015-09-01 18:58 - 00000000 ____D C:\Users\SEBASTIEN\AppData\Roaming\Intel
2015-09-01 18:58 - 2015-07-28 22:09 - 00017344 _____ (Microsoft Corporation) C:\Windows\system32\CompatTelRunner.exe
2015-09-01 18:58 - 2015-07-28 22:05 - 01116672 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2015-09-01 18:58 - 2015-07-28 22:05 - 00774656 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2015-09-01 18:58 - 2015-07-28 22:05 - 00743424 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2015-09-01 18:58 - 2015-07-28 22:05 - 00437760 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2015-09-01 18:58 - 2015-07-28 22:05 - 00227328 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2015-09-01 18:58 - 2015-07-28 22:05 - 00069120 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2015-09-01 18:58 - 2015-07-28 21:55 - 01148416 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2015-09-01 18:57 - 2015-09-01 18:57 - 00000000 ____D C:\ProgramData\Intel
2015-09-01 18:57 - 2015-09-01 18:57 - 00000000 ____D C:\Program Files\Common Files\Intel
2015-09-01 18:56 - 2015-09-01 18:57 - 00000000 ____D C:\Program Files\Intel
2015-09-01 18:56 - 2015-07-15 19:59 - 03989952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2015-09-01 18:56 - 2015-07-15 19:59 - 03934656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2015-09-01 18:56 - 2015-07-15 19:56 - 01311768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2015-09-01 18:56 - 2015-07-15 19:55 - 00248832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2015-09-01 18:56 - 2015-07-15 19:55 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2015-09-01 18:56 - 2015-07-15 19:55 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2015-09-01 18:56 - 2015-07-15 19:55 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2015-09-01 18:56 - 2015-07-15 19:55 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2015-09-01 18:56 - 2015-07-15 19:54 - 00552960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2015-09-01 18:56 - 2015-07-15 19:54 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2015-09-01 18:56 - 2015-07-15 19:54 - 00221184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2015-09-01 18:56 - 2015-07-15 19:54 - 00036864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptbase.dll
2015-09-01 18:56 - 2015-07-15 19:54 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2015-09-01 18:56 - 2015-07-15 19:54 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2015-09-01 18:56 - 2015-07-15 19:54 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2015-09-01 18:56 - 2015-07-15 19:53 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2015-09-01 18:56 - 2015-07-15 19:53 - 00665088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2015-09-01 18:56 - 2015-07-15 19:53 - 00274944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2015-09-01 18:56 - 2015-07-15 19:53 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2015-09-01 18:56 - 2015-07-15 19:53 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2015-09-01 18:56 - 2015-07-15 19:53 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2015-09-01 18:56 - 2015-07-15 19:49 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2015-09-01 18:56 - 2015-07-15 19:48 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2015-09-01 18:56 - 2015-07-15 19:44 - 00686080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2015-09-01 18:56 - 2015-07-15 19:44 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2015-09-01 18:56 - 2015-07-15 19:44 - 00005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2015-09-01 18:56 - 2015-07-15 19:44 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2015-09-01 18:56 - 2015-07-15 19:44 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2015-09-01 18:56 - 2015-07-15 19:44 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2015-09-01 18:56 - 2015-07-15 19:44 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2015-09-01 18:56 - 2015-07-15 19:44 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2015-09-01 18:56 - 2015-07-15 19:44 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2015-09-01 18:56 - 2015-07-15 19:44 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2015-09-01 18:56 - 2015-07-15 19:44 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2015-09-01 18:56 - 2015-07-15 19:44 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2015-09-01 18:56 - 2015-07-15 19:44 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2015-09-01 18:56 - 2015-07-15 19:44 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2015-09-01 18:56 - 2015-07-15 19:44 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2015-09-01 18:56 - 2015-07-15 19:44 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2015-09-01 18:56 - 2015-07-15 19:44 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-09-01 18:56 - 2015-07-15 19:44 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2015-09-01 18:56 - 2015-07-15 19:44 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2015-09-01 18:56 - 2015-07-15 19:44 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2015-09-01 18:56 - 2015-07-15 19:44 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2015-09-01 18:56 - 2015-07-15 19:44 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2015-09-01 18:56 - 2015-07-15 19:44 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2015-09-01 18:56 - 2015-07-15 19:44 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2015-09-01 18:56 - 2015-07-15 19:44 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2015-09-01 18:56 - 2015-07-15 19:44 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2015-09-01 18:56 - 2015-07-15 18:37 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2015-09-01 18:56 - 2015-07-15 18:37 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2015-09-01 18:56 - 2015-07-15 18:34 - 00006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2015-09-01 18:56 - 2015-07-15 18:34 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2015-09-01 18:56 - 2015-07-15 18:34 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2015-09-01 18:56 - 2015-07-15 18:34 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2015-09-01 18:55 - 2015-07-15 20:15 - 05568960 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-09-01 18:55 - 2015-07-15 20:15 - 00155584 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2015-09-01 18:55 - 2015-07-15 20:15 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2015-09-01 18:55 - 2015-07-15 20:15 - 00094656 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mountmgr.sys
2015-09-01 18:55 - 2015-07-15 20:12 - 01730496 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2015-09-01 18:55 - 2015-07-15 20:11 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2015-09-01 18:55 - 2015-07-15 20:11 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2015-09-01 18:55 - 2015-07-15 20:11 - 00215040 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2015-09-01 18:55 - 2015-07-15 20:11 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2015-09-01 18:55 - 2015-07-15 20:11 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2015-09-01 18:55 - 2015-07-15 20:10 - 01743360 _____ (Microsoft Corporation) C:\Windows\system32\sysmain.dll
2015-09-01 18:55 - 2015-07-15 20:10 - 01461760 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2015-09-01 18:55 - 2015-07-15 20:10 - 01216512 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2015-09-01 18:55 - 2015-07-15 20:10 - 01163264 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2015-09-01 18:55 - 2015-07-15 20:10 - 00729088 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2015-09-01 18:55 - 2015-07-15 20:10 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2015-09-01 18:55 - 2015-07-15 20:10 - 00424960 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2015-09-01 18:55 - 2015-07-15 20:10 - 00342016 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2015-09-01 18:55 - 2015-07-15 20:10 - 00315392 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2015-09-01 18:55 - 2015-07-15 20:10 - 00309760 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2015-09-01 18:55 - 2015-07-15 20:10 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2015-09-01 18:55 - 2015-07-15 20:10 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2015-09-01 18:55 - 2015-07-15 20:10 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2015-09-01 18:55 - 2015-07-15 20:10 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2015-09-01 18:55 - 2015-07-15 20:10 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2015-09-01 18:55 - 2015-07-15 20:10 - 00044032 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll
2015-09-01 18:55 - 2015-07-15 20:10 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2015-09-01 18:55 - 2015-07-15 20:10 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2015-09-01 18:55 - 2015-07-15 20:10 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2015-09-01 18:55 - 2015-07-15 20:10 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2015-09-01 18:55 - 2015-07-15 20:10 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2015-09-01 18:55 - 2015-07-15 20:10 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2015-09-01 18:55 - 2015-07-15 20:10 - 00011264 _____ (Microsoft Corporation) C:\Windows\system32\msmmsp.dll
2015-09-01 18:55 - 2015-07-15 20:09 - 00338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2015-09-01 18:55 - 2015-07-15 20:09 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2015-09-01 18:55 - 2015-07-15 20:05 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2015-09-01 18:55 - 2015-07-15 20:05 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2015-09-01 18:55 - 2015-07-15 20:00 - 00686080 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2015-09-01 18:55 - 2015-07-15 20:00 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2015-09-01 18:55 - 2015-07-15 20:00 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2015-09-01 18:55 - 2015-07-15 20:00 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2015-09-01 18:55 - 2015-07-15 20:00 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2015-09-01 18:55 - 2015-07-15 20:00 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2015-09-01 18:55 - 2015-07-15 20:00 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2015-09-01 18:55 - 2015-07-15 20:00 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2015-09-01 18:55 - 2015-07-15 20:00 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2015-09-01 18:55 - 2015-07-15 20:00 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2015-09-01 18:55 - 2015-07-15 20:00 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-09-01 18:55 - 2015-07-15 20:00 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2015-09-01 18:55 - 2015-07-15 20:00 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2015-09-01 18:55 - 2015-07-15 20:00 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2015-09-01 18:55 - 2015-07-15 20:00 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2015-09-01 18:55 - 2015-07-15 20:00 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2015-09-01 18:55 - 2015-07-15 20:00 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2015-09-01 18:55 - 2015-07-15 20:00 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2015-09-01 18:55 - 2015-07-15 20:00 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2015-09-01 18:55 - 2015-07-15 20:00 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2015-09-01 18:55 - 2015-07-15 20:00 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2015-09-01 18:55 - 2015-07-15 20:00 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2015-09-01 18:55 - 2015-07-15 20:00 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2015-09-01 18:55 - 2015-07-15 20:00 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2015-09-01 18:55 - 2015-07-15 20:00 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2015-09-01 18:55 - 2015-07-15 20:00 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2015-09-01 18:55 - 2015-07-15 20:00 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2015-09-01 18:55 - 2015-07-15 20:00 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2015-09-01 18:55 - 2015-07-15 20:00 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2015-09-01 18:55 - 2015-07-15 20:00 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2015-09-01 18:55 - 2015-07-15 18:46 - 00290816 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2015-09-01 18:55 - 2015-07-15 18:46 - 00159232 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2015-09-01 18:55 - 2015-07-15 18:46 - 00129024 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2015-09-01 18:49 - 2015-07-10 19:51 - 03722752 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll
2015-09-01 18:49 - 2015-07-10 19:51 - 00158720 _____ (Microsoft Corporation) C:\Windows\system32\aaclient.dll
2015-09-01 18:49 - 2015-07-10 19:51 - 00044032 _____ (Microsoft Corporation) C:\Windows\system32\tsgqec.dll
2015-09-01 18:49 - 2015-07-10 19:34 - 03221504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll
2015-09-01 18:49 - 2015-07-10 19:34 - 00036864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tsgqec.dll
2015-09-01 18:49 - 2015-07-10 19:33 - 00131584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\aaclient.dll
2015-09-01 18:46 - 2015-07-15 05:19 - 00052736 _____ (Microsoft Corporation) C:\Windows\system32\basesrv.dll
2015-09-01 18:45 - 2015-07-21 02:39 - 00389840 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2015-09-01 18:45 - 2015-07-21 02:12 - 00342736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2015-09-01 18:45 - 2015-07-16 22:54 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2015-09-01 18:45 - 2015-07-16 22:37 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2015-09-01 18:45 - 2015-07-16 22:36 - 00584192 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-09-01 18:45 - 2015-07-16 22:36 - 00417792 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2015-09-01 18:45 - 2015-07-16 22:36 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2015-09-01 18:45 - 2015-07-16 22:35 - 02885632 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-09-01 18:45 - 2015-07-16 22:35 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2015-09-01 18:45 - 2015-07-16 22:27 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2015-09-01 18:45 - 2015-07-16 22:26 - 05923328 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-09-01 18:45 - 2015-07-16 22:26 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2015-09-01 18:45 - 2015-07-16 22:23 - 00615936 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2015-09-01 18:45 - 2015-07-16 22:21 - 00816640 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2015-09-01 18:45 - 2015-07-16 22:21 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2015-09-01 18:45 - 2015-07-16 22:21 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2015-09-01 18:45 - 2015-07-16 22:21 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2015-09-01 18:45 - 2015-07-16 22:12 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2015-09-01 18:45 - 2015-07-16 22:08 - 00490496 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2015-09-01 18:45 - 2015-07-16 22:00 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2015-09-01 18:45 - 2015-07-16 21:55 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2015-09-01 18:45 - 2015-07-16 21:54 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-09-01 18:45 - 2015-07-16 21:51 - 00504320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2015-09-01 18:45 - 2015-07-16 21:51 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-09-01 18:45 - 2015-07-16 21:51 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2015-09-01 18:45 - 2015-07-16 21:50 - 00341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2015-09-01 18:45 - 2015-07-16 21:50 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2015-09-01 18:45 - 2015-07-16 21:49 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2015-09-01 18:45 - 2015-07-16 21:45 - 02279424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2015-09-01 18:45 - 2015-07-16 21:43 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2015-09-01 18:45 - 2015-07-16 21:43 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2015-09-01 18:45 - 2015-07-16 21:41 - 00479232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2015-09-01 18:45 - 2015-07-16 21:39 - 00664064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2015-09-01 18:45 - 2015-07-16 21:39 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2015-09-01 18:45 - 2015-07-16 21:38 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2015-09-01 18:45 - 2015-07-16 21:36 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-09-01 18:45 - 2015-07-16 21:35 - 00720384 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2015-09-01 18:45 - 2015-07-16 21:34 - 14451200 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-09-01 18:45 - 2015-07-16 21:33 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2015-09-01 18:45 - 2015-07-16 21:29 - 00418304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2015-09-01 18:45 - 2015-07-16 21:24 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2015-09-01 18:45 - 2015-07-16 21:20 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2015-09-01 18:45 - 2015-07-16 21:19 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2015-09-01 18:45 - 2015-07-16 21:17 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2015-09-01 18:45 - 2015-07-16 21:12 - 04520448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2015-09-01 18:45 - 2015-07-16 21:12 - 02427904 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-09-01 18:45 - 2015-07-16 21:10 - 12856832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2015-09-01 18:45 - 2015-07-16 21:06 - 02052608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2015-09-01 18:45 - 2015-07-16 21:06 - 00689152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2015-09-01 18:45 - 2015-07-16 21:05 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2015-09-01 18:45 - 2015-07-16 20:49 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2015-09-01 18:45 - 2015-07-16 20:42 - 01951232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2015-09-01 18:45 - 2015-07-16 20:38 - 01310720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2015-09-01 18:45 - 2015-07-16 20:37 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2015-09-01 18:44 - 2015-07-30 20:06 - 02565120 _____ (Microsoft Corporation) C:\Windows\system32\d3d10warp.dll
2015-09-01 18:44 - 2015-07-30 20:06 - 01648128 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll
2015-09-01 18:44 - 2015-07-30 20:06 - 01180160 _____ (Microsoft Corporation) C:\Windows\system32\FntCache.dll
2015-09-01 18:44 - 2015-07-30 20:06 - 00100864 _____ (Microsoft Corporation) C:\Windows\system32\fontsub.dll
2015-09-01 18:44 - 2015-07-30 20:06 - 00046080 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2015-09-01 18:44 - 2015-07-30 20:06 - 00041984 _____ (Microsoft Corporation) C:\Windows\system32\lpk.dll
2015-09-01 18:44 - 2015-07-30 20:06 - 00014336 _____ (Microsoft Corporation) C:\Windows\system32\dciman32.dll
2015-09-01 18:44 - 2015-07-30 19:57 - 01987584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10warp.dll
2015-09-01 18:44 - 2015-07-30 19:57 - 01251328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll
2015-09-01 18:44 - 2015-07-30 19:57 - 00070656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fontsub.dll
2015-09-01 18:44 - 2015-07-30 19:57 - 00034304 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll
2015-09-01 18:44 - 2015-07-30 19:57 - 00010240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dciman32.dll
2015-09-01 18:44 - 2015-07-30 19:55 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\lpk.dll
2015-09-01 18:44 - 2015-07-30 18:56 - 03208192 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2015-09-01 18:44 - 2015-07-30 18:52 - 00372736 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2015-09-01 18:44 - 2015-07-30 18:49 - 00299520 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll
2015-09-01 18:44 - 2015-07-16 21:32 - 02125824 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-09-01 18:44 - 2015-07-16 21:01 - 01545728 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-09-01 18:44 - 2015-07-15 05:19 - 02004992 _____ (Microsoft Corporation) C:\Windows\system32\msxml6.dll
2015-09-01 18:44 - 2015-07-15 05:19 - 01887232 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2015-09-01 18:44 - 2015-07-15 05:14 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml6r.dll
2015-09-01 18:44 - 2015-07-15 05:13 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll
2015-09-01 18:44 - 2015-07-15 04:55 - 01390592 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6.dll
2015-09-01 18:44 - 2015-07-15 04:55 - 01241088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2015-09-01 18:44 - 2015-07-15 04:51 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6r.dll
2015-09-01 18:44 - 2015-07-15 04:51 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3r.dll
2015-09-01 18:44 - 2015-07-09 19:57 - 00193536 _____ (Microsoft Corporation) C:\Windows\system32\notepad.exe
2015-09-01 18:44 - 2015-07-09 19:57 - 00193536 _____ (Microsoft Corporation) C:\Windows\notepad.exe
2015-09-01 18:44 - 2015-07-09 19:42 - 00179712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\notepad.exe
2015-09-01 18:44 - 2015-07-01 22:49 - 00260096 _____ (Microsoft Corporation) C:\Windows\system32\WebClnt.dll
2015-09-01 18:44 - 2015-07-01 22:48 - 00102912 _____ (Microsoft Corporation) C:\Windows\system32\davclnt.dll
2015-09-01 18:44 - 2015-07-01 22:30 - 00206848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WebClnt.dll
2015-09-01 18:44 - 2015-07-01 22:30 - 00082432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\davclnt.dll
2015-09-01 18:43 - 2015-07-10 19:51 - 14177280 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2015-09-01 18:43 - 2015-07-10 19:34 - 12875776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2015-09-01 18:34 - 2015-09-05 14:15 - 00113880 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-09-01 18:34 - 2015-09-01 19:32 - 00001063 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2015-09-01 18:34 - 2015-09-01 18:34 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2015-09-01 18:34 - 2015-06-18 08:41 - 00109272 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2015-09-01 18:34 - 2015-06-18 08:41 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2015-09-01 18:34 - 2015-06-18 08:41 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2015-09-01 18:33 - 2015-07-30 15:13 - 00124624 _____ (Microsoft Corporation) C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll
2015-09-01 18:33 - 2015-07-30 15:13 - 00103120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2015-09-01 18:28 - 2015-07-20 20:12 - 03154944 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2015-09-01 18:28 - 2015-07-20 20:12 - 02606080 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2015-09-01 18:28 - 2015-07-20 20:12 - 00696320 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2015-09-01 18:28 - 2015-07-20 20:12 - 00192000 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2015-09-01 18:28 - 2015-07-20 20:12 - 00139776 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2015-09-01 18:28 - 2015-07-20 20:12 - 00098304 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2015-09-01 18:28 - 2015-07-20 20:12 - 00091136 _____ (Microsoft Corporation) C:\Windows\system32\WinSetupUI.dll
2015-09-01 18:28 - 2015-07-20 20:12 - 00037888 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2015-09-01 18:28 - 2015-07-20 20:12 - 00037376 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2015-09-01 18:28 - 2015-07-20 20:12 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2015-09-01 18:28 - 2015-07-20 20:12 - 00012288 _____ (Microsoft Corporation) C:\Windows\system32\wu.upgrade.ps.dll
2015-09-01 18:28 - 2015-07-20 19:56 - 00566784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2015-09-01 18:28 - 2015-07-20 19:56 - 00173056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2015-09-01 18:28 - 2015-07-20 19:56 - 00093184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2015-09-01 18:28 - 2015-07-20 19:56 - 00034816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2015-09-01 18:28 - 2015-07-20 19:56 - 00030208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll
2015-09-01 16:36 - 2015-09-02 12:41 - 00000000 ____D C:\Windows\pss
2015-09-01 15:29 - 2015-09-03 17:23 - 00000000 ____D C:\AdwCleaner
2015-09-01 14:45 - 2015-09-01 18:34 - 00000000 ____D C:\Program Files (x86)\Malwarebytes Anti-Malware
2015-09-01 14:45 - 2015-09-01 14:45 - 00000000 ____D C:\ProgramData\Malwarebytes
2015-09-01 14:36 - 2015-09-01 14:36 - 00000000 ____D C:\Users\SEBASTIEN\AppData\Roaming\WinBatch
2015-08-24 19:54 - 2015-08-25 15:34 - 00000000 ____D C:\Users\SEBASTIEN\Documents\KONAMI
2015-08-24 19:30 - 2015-08-25 15:08 - 00000000 ____D C:\ProgramData\KONAMI
2015-08-24 19:30 - 2015-08-25 14:47 - 00000000 ____D C:\Program Files (x86)\KONAMI
2015-08-24 16:42 - 2015-08-24 16:42 - 00000000 ____D C:\Users\SEBASTIEN\AppData\Roaming\Windows Live Writer
2015-08-24 16:42 - 2015-08-24 16:42 - 00000000 ____D C:\Users\SEBASTIEN\AppData\Local\Windows Live Writer
 
==================== Un mois - Modifiés - fichiers et dossiers ========
 
(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)
 
2015-09-05 14:17 - 2011-05-23 12:56 - 01534611 _____ C:\Windows\WindowsUpdate.log
2015-09-05 14:15 - 2014-11-18 15:29 - 00000000 ____D C:\ProgramData\Package Cache
2015-09-05 14:15 - 2014-11-18 13:09 - 00001066 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-09-05 14:15 - 2014-11-18 12:42 - 00001356 _____ C:\Windows\Tasks\RMNWCKQ.job
2015-09-05 14:15 - 2014-11-18 12:41 - 00001700 _____ C:\Windows\Tasks\GJKWJWF.job
2015-09-05 14:14 - 2014-11-18 15:05 - 00000000 ____D C:\ProgramData\NVIDIA
2015-09-05 14:14 - 2009-07-14 07:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2015-09-05 14:14 - 2009-07-14 06:51 - 00113150 _____ C:\Windows\setupact.log
2015-09-05 14:13 - 2011-05-23 13:04 - 00541166 _____ C:\Windows\PFRO.log
2015-09-05 14:12 - 2009-07-14 06:45 - 00019248 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-09-05 14:12 - 2009-07-14 06:45 - 00019248 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-09-05 14:07 - 2014-11-18 13:09 - 00001070 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-09-05 14:06 - 2014-11-18 15:29 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2015-09-04 17:29 - 2012-02-20 16:12 - 00003976 _____ C:\Windows\System32\Tasks\User_Feed_Synchronization-{A70A911E-8373-4DCE-82E0-292F8D42E84F}
2015-09-03 17:20 - 2010-01-14 14:42 - 00405742 _____ C:\Windows\system32\perfh00C.dat
2015-09-03 17:20 - 2010-01-14 14:42 - 00064238 _____ C:\Windows\system32\perfc00C.dat
2015-09-03 17:20 - 2009-07-14 07:13 - 00460604 _____ C:\Windows\system32\PerfStringBackup.INI
2015-09-03 17:19 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\system32\NDF
2015-09-03 16:26 - 2011-05-23 13:14 - 00000000 ____D C:\Windows\SysWOW64\Atheros_L1e
2015-09-03 16:08 - 2011-12-26 14:08 - 00000000 ____D C:\Users\SEBASTIEN\AppData\Roaming\Toshiba
2015-09-03 15:31 - 2014-11-18 15:10 - 00000000 ____D C:\Users\SEBASTIEN\AppData\Local\NVIDIA Corporation
2015-09-02 14:00 - 2011-12-26 14:04 - 00000000 ____D C:\Users\SEBASTIEN
2015-09-02 13:27 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\rescache
2015-09-02 12:39 - 2012-08-15 15:59 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Vietcong 2
2015-09-02 12:39 - 2009-07-14 07:32 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2015-09-02 12:08 - 2012-03-26 17:58 - 00000000 ____D C:\Users\SEBASTIEN\AppData\Roaming\Skype
2015-09-02 10:39 - 2009-07-14 06:45 - 00267816 _____ C:\Windows\system32\FNTCACHE.DAT
2015-09-02 10:37 - 2014-12-16 16:44 - 00000000 ____D C:\Windows\system32\appraiser
2015-09-02 10:37 - 2014-11-18 13:03 - 00000000 ___SD C:\Windows\system32\CompatTel
2015-09-01 19:41 - 2011-03-03 14:58 - 00000000 ____D C:\Windows\en
2015-09-01 19:33 - 2011-12-26 14:07 - 00000516 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Toshiba Music Place.lnk
2015-09-01 19:33 - 2011-12-26 14:07 - 00000450 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Toshiba Places.lnk
2015-09-01 19:33 - 2011-03-03 21:59 - 00001314 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows DVD Maker.lnk
2015-09-01 19:33 - 2011-03-03 15:05 - 00002423 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2010.lnk
2015-09-01 19:33 - 2011-03-03 14:57 - 00001369 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live Photo Gallery.lnk
2015-09-01 19:33 - 2011-03-03 14:57 - 00001300 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live Movie Maker.lnk
2015-09-01 19:33 - 2011-03-03 14:56 - 00001453 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live Mail.lnk
2015-09-01 19:33 - 2011-03-03 14:55 - 00002481 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live Messenger.lnk
2015-09-01 19:33 - 2009-07-14 06:57 - 00001511 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
2015-09-01 19:33 - 2009-07-14 06:57 - 00001340 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Anytime Upgrade.lnk
2015-09-01 19:33 - 2009-07-14 06:57 - 00001292 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sidebar.lnk
2015-09-01 19:33 - 2009-07-14 06:57 - 00001234 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\XPS Viewer.lnk
2015-09-01 19:33 - 2009-07-14 06:54 - 00001198 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Fax and Scan.lnk
2015-09-01 19:32 - 2015-03-02 12:29 - 00001270 _____ C:\Users\Public\Desktop\Encore plus de jeux.lnk
2015-09-01 19:32 - 2015-01-05 12:49 - 00002062 _____ C:\Users\Public\Desktop\Jouer à The Treasures of Montezuma 3.lnk
2015-09-01 19:32 - 2014-11-17 12:34 - 00001916 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Game Manager.lnk
2015-09-01 19:32 - 2014-11-17 12:04 - 00001248 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Encore plus de jeux.lnk
2015-09-01 19:32 - 2011-03-03 22:00 - 00001333 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Media Center.lnk
2015-09-01 19:32 - 2011-03-03 14:37 - 00002429 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader X.lnk
2015-09-01 19:31 - 2012-01-16 10:07 - 00000000 ____D C:\Users\SEBASTIEN\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games
2015-09-01 19:31 - 2011-12-26 14:06 - 00001466 _____ C:\Users\SEBASTIEN\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2015-09-01 19:31 - 2009-07-14 07:01 - 00001218 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Default Programs.lnk
2015-09-01 19:31 - 2009-07-14 06:49 - 00001246 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Windows Update.lnk
2015-09-01 19:07 - 2014-11-18 15:32 - 00162528 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avgntflt.sys
2015-09-01 19:07 - 2014-11-18 15:32 - 00141416 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avipbb.sys
2015-09-01 18:58 - 2013-04-08 18:24 - 00000000 ____D C:\Users\Invité
2015-09-01 18:58 - 2009-07-14 05:20 - 00000000 __RHD C:\Users\Default
2015-09-01 18:57 - 2011-05-23 13:12 - 00048578 _____ C:\Windows\DPINST.LOG
2015-09-01 18:57 - 2011-05-23 12:50 - 00000000 ____D C:\Program Files (x86)\Intel
2015-09-01 18:52 - 2014-11-17 12:39 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2015-09-01 18:51 - 2014-11-17 12:39 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight
2015-09-01 18:33 - 2014-11-17 12:40 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2015-09-01 18:29 - 2014-12-01 13:54 - 00000000 ____D C:\Windows\system32\MRT
2015-09-01 18:20 - 2014-12-01 13:54 - 132483416 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2015-09-01 18:18 - 2014-11-18 13:09 - 00004066 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2015-09-01 18:18 - 2014-11-18 13:09 - 00003814 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2015-09-01 18:13 - 2015-04-07 17:06 - 00000000 ___SD C:\Windows\system32\GWX
2015-09-01 18:13 - 2015-03-02 12:26 - 00000000 ____D C:\Users\SEBASTIEN\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\The Path of Hercules
2015-09-01 18:13 - 2015-03-02 12:24 - 00000000 ____D C:\Users\SEBASTIEN\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Imperial Island - La Naissance d un Empire
2015-09-01 18:13 - 2015-03-02 12:24 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Imperial Island - La Naissance d un Empire
2015-09-01 18:13 - 2015-02-09 14:01 - 00000000 ____D C:\Users\SEBASTIEN\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Les Chasseurs de Tresor - Sur la Piste des Fantomes
2015-09-01 18:13 - 2015-02-09 14:01 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Les Chasseurs de Tresor - Sur la Piste des Fantomes
2015-09-01 18:13 - 2015-01-19 14:11 - 00000000 ____D C:\Users\SEBASTIEN\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Travel Riddles - Trip to India
2015-09-01 18:13 - 2015-01-05 12:47 - 00000000 ____D C:\Users\SEBASTIEN\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\The Treasures of Montezuma 3
2015-09-01 18:13 - 2014-12-30 16:17 - 00000000 ____D C:\Users\SEBASTIEN\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Rise of Dynasty
2015-09-01 18:13 - 2014-12-12 14:03 - 00000000 ____D C:\Users\SEBASTIEN\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Les Tresors de Montezuma 2
2015-09-01 18:13 - 2014-12-12 14:03 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Les Tresors de Montezuma 2
2015-09-01 18:13 - 2014-12-02 15:12 - 00000000 ____D C:\Users\SEBASTIEN\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Vault Cracker
2015-09-01 18:13 - 2014-12-02 15:07 - 00000000 ____D C:\Users\SEBASTIEN\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Rhianna Ford - La Lettre de Leonard de Vinci
2015-09-01 18:13 - 2014-12-02 14:57 - 00000000 ____D C:\Users\SEBASTIEN\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Reincarnations - L'Eveil
2015-09-01 18:13 - 2014-12-02 14:55 - 00000000 ____D C:\Users\SEBASTIEN\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Reves d'orient
2015-09-01 18:13 - 2014-12-02 14:48 - 00000000 ____D C:\Users\SEBASTIEN\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Nightfall Mysteries - La Malediction de l'Opera
2015-09-01 18:13 - 2014-12-02 14:41 - 00000000 ____D C:\Users\SEBASTIEN\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Luxor 3
2015-09-01 18:13 - 2014-12-02 14:41 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Luxor 3
2015-09-01 18:13 - 2014-12-02 14:40 - 00000000 ____D C:\Users\SEBASTIEN\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Million Dollar Quest
2015-09-01 18:13 - 2014-12-02 14:40 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Million Dollar Quest
2015-09-01 18:13 - 2014-12-02 14:38 - 00000000 ____D C:\Users\SEBASTIEN\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Mushroom Age
2015-09-01 18:13 - 2014-12-02 14:38 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mushroom Age
2015-09-01 18:13 - 2014-12-02 14:32 - 00000000 ____D C:\Users\SEBASTIEN\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\My Kingdom for the Princess
2015-09-01 18:13 - 2014-12-02 14:32 - 00000000 ____D C:\Users\SEBASTIEN\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Les Chasseurs de Tresor II - Les Toiles Enchantees
2015-09-01 18:13 - 2014-12-02 14:32 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mystery P.I. - The Vegas Heist
2015-09-01 18:13 - 2014-12-02 14:32 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\My Kingdom for the Princess
2015-09-01 18:13 - 2014-12-02 14:32 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Les Chasseurs de Tresor II - Les Toiles Enchantees
2015-09-01 18:13 - 2014-12-02 14:30 - 00000000 ____D C:\Users\SEBASTIEN\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Les Chasseurs de Tresor - Reves d'Or
2015-09-01 18:13 - 2014-12-02 14:30 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Les Chasseurs de Tresor - Reves d'Or
2015-09-01 18:13 - 2014-12-02 14:23 - 00000000 ___RD C:\Users\SEBASTIEN\Desktop\OBJETS CACHES
2015-09-01 18:13 - 2014-12-02 14:23 - 00000000 ___RD C:\Users\SEBASTIEN\Desktop\MACH3
2015-09-01 18:13 - 2014-12-02 14:23 - 00000000 ____D C:\Users\SEBASTIEN\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Les Gardiens du Joyau - Ile de Paques
2015-09-01 18:13 - 2014-12-02 14:23 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Les Gardiens du Joyau - Ile de Paques
2015-09-01 18:13 - 2014-12-02 14:22 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Jungle Fruit
2015-09-01 18:13 - 2014-12-02 14:21 - 00000000 ____D C:\Users\SEBASTIEN\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Kate Arrow - La Jungle Deserte
2015-09-01 18:13 - 2014-12-02 14:21 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Kate Arrow - La Jungle Deserte
2015-09-01 18:13 - 2014-12-02 14:19 - 00000000 ____D C:\Users\SEBASTIEN\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Laby
2015-09-01 18:13 - 2014-12-02 14:19 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Laby
2015-09-01 18:13 - 2014-12-02 14:18 - 00000000 ____D C:\Users\SEBASTIEN\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Jewel Match 3
2015-09-01 18:13 - 2014-12-02 14:18 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Jewel Match 3
2015-09-01 18:13 - 2014-12-02 14:15 - 00000000 ____D C:\Users\SEBASTIEN\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Hidden Expedition - Amazon
2015-09-01 18:13 - 2014-12-02 14:15 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Hidden Expedition - Amazon
2015-09-01 18:13 - 2014-12-02 14:13 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Flip Words
2015-09-01 18:13 - 2014-12-02 14:13 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Emerald Tale
2015-09-01 18:13 - 2014-12-02 14:12 - 00000000 ____D C:\Users\SEBASTIEN\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Cave Quest
2015-09-01 18:13 - 2014-12-02 14:12 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Cave Quest
2015-09-01 18:13 - 2014-12-02 14:11 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Azkend
2015-09-01 18:13 - 2014-12-02 14:10 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Atlantis Quest
2015-09-01 18:13 - 2014-11-25 13:53 - 00000000 ____D C:\Users\SEBASTIEN\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\The Treasures of Montezuma 4
2015-09-01 18:13 - 2014-11-25 13:36 - 00000000 ____D C:\Users\SEBASTIEN\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Cradle of Egypt
2015-09-01 18:13 - 2014-11-25 13:36 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Cradle of Egypt
2015-09-01 18:13 - 2014-11-18 19:33 - 00000000 ____D C:\Users\SEBASTIEN\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Shaolin Mystery - Le Sceptre du Dragon
2015-09-01 18:13 - 2014-11-18 18:07 - 00000000 ____D C:\Users\SEBASTIEN\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\LEpreuve des Dieux - Le Periple dAriane
2015-09-01 18:13 - 2014-11-18 18:07 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LEpreuve des Dieux - Le Periple dAriane
2015-09-01 18:13 - 2014-11-18 18:00 - 00000000 ____D C:\Users\SEBASTIEN\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Wizard's Hat
2015-09-01 18:13 - 2014-11-18 17:57 - 00000000 ____D C:\Users\SEBASTIEN\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Mon Beau Sapin
2015-09-01 18:13 - 2014-11-18 17:57 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mon Beau Sapin
2015-09-01 18:13 - 2014-11-18 17:55 - 00000000 ____D C:\Users\SEBASTIEN\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Heroes of Hellas 2 - Olympie
2015-09-01 18:13 - 2014-11-18 17:55 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Heroes of Hellas 2 - Olympie
2015-09-01 18:13 - 2014-11-18 17:50 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2015-09-01 18:13 - 2014-11-18 17:33 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2015-09-01 18:13 - 2014-11-18 17:32 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Enchanted Cavern
2015-09-01 18:13 - 2014-11-18 17:31 - 00000000 ____D C:\Users\SEBASTIEN\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Coupe Du Monde Solitaire
2015-09-01 18:13 - 2014-11-18 17:31 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Coupe Du Monde Solitaire
2015-09-01 18:13 - 2014-11-18 16:56 - 00000000 ____D C:\Users\SEBASTIEN\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Glyph 2
2015-09-01 18:13 - 2014-11-18 16:56 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Glyph 2
2015-09-01 18:13 - 2014-11-18 16:54 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Eco-Match
2015-09-01 18:13 - 2014-11-18 16:52 - 00000000 ____D C:\Users\SEBASTIEN\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Babylonia
2015-09-01 18:13 - 2014-11-18 16:52 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Babylonia
2015-09-01 18:13 - 2014-11-18 16:48 - 00000000 ____D C:\Users\SEBASTIEN\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\1912 - Titanic Mystery
2015-09-01 18:13 - 2014-11-18 16:48 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\1912 - Titanic Mystery
2015-09-01 18:13 - 2014-11-18 16:41 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Cradle of Rome
2015-09-01 18:13 - 2014-11-18 15:05 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
2015-09-01 18:13 - 2014-11-18 13:09 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2015-09-01 18:13 - 2014-11-17 12:16 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DragonStone
2015-09-01 18:13 - 2014-11-17 12:07 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Jewels of Cleopatra
2015-09-01 18:13 - 2014-11-17 12:05 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Le Comte de Monte Cristo
2015-09-01 18:13 - 2011-12-26 14:04 - 00000000 ___RD C:\Users\SEBASTIEN\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2015-09-01 18:13 - 2011-12-26 14:04 - 00000000 ___RD C:\Users\SEBASTIEN\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2015-09-01 18:13 - 2011-05-23 12:55 - 00000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2015-09-01 18:13 - 2011-05-23 12:54 - 00000000 ____D C:\Program Files\NVIDIA Corporation
2015-09-01 18:13 - 2011-03-03 14:41 - 00000000 ___RD C:\Program Files (x86)\Skype
2015-09-01 18:13 - 2009-07-14 05:20 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Maintenance
2015-09-01 18:13 - 2009-07-14 05:20 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories
2015-09-01 18:13 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\security
2015-09-01 18:13 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\PolicyDefinitions
2015-09-01 18:13 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\Help
2015-09-01 18:11 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\registration
2015-09-01 18:09 - 2012-01-02 20:32 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Cyanide
2015-09-01 15:34 - 2015-05-28 11:44 - 00000000 ____D C:\temp
2015-08-26 21:23 - 2014-11-17 12:05 - 00000000 ____D C:\ProgramData\TEMP
2015-08-26 21:14 - 2014-12-05 16:51 - 00000000 ____D C:\Users\SEBASTIEN\AppData\Roaming\Artogon
2015-08-25 12:47 - 2014-12-03 22:54 - 00000000 ____D C:\ProgramData\SecretsOfOlympus
2015-08-25 12:46 - 2015-01-19 14:14 - 00000000 ____D C:\Users\SEBASTIEN\AppData\Local\TravelRiddlesTripToIndia
2015-08-24 18:21 - 2014-11-17 12:19 - 00000000 ____D C:\ProgramData\Enkord
2015-08-24 17:47 - 2014-11-18 21:40 - 00000000 ____D C:\Users\SEBASTIEN\AppData\Roaming\Babylonia
2015-08-24 16:53 - 2011-05-23 13:03 - 00000000 ____D C:\Program Files (x86)\Realtek
2015-08-24 16:53 - 2011-03-03 14:18 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2015-08-24 16:43 - 2014-12-02 14:09 - 00000000 ____D C:\Program Files (x86)\Atlantis Quest
2015-08-24 13:14 - 2014-11-17 12:05 - 00000000 ____D C:\ProgramData\MonteCristo
2015-08-10 12:06 - 2009-07-14 07:09 - 00000000 ____D C:\Windows\System32\Tasks\WPD
2015-08-07 12:43 - 2011-03-03 14:41 - 00000000 ____D C:\ProgramData\Skype
2015-08-06 12:56 - 2015-07-10 19:02 - 00000000 ___HD C:\$Windows.~BT
2015-08-06 12:39 - 2011-03-03 12:54 - 00000000 ____D C:\Windows\Panther
 
==================== Fichiers à la racine de certains dossiers =======
 
2013-04-08 13:40 - 2013-04-08 13:40 - 0001858 _____ () C:\Users\SEBASTIEN\AppData\Roaming\UserTile.png
 
Certains fichiers dans TEMP:
====================
C:\Users\SEBASTIEN\AppData\Local\Temp\avgnt.exe
 
 
==================== Bamital & volsnap =================
 
(Il n'y a pas de correction automatique pour les fichiers qui ne satisfont pas à la vérification.)
 
C:\Windows\system32\winlogon.exe => Le fichier est signé numériquement
C:\Windows\system32\wininit.exe => Le fichier est signé numériquement
C:\Windows\SysWOW64\wininit.exe => Le fichier est signé numériquement
C:\Windows\explorer.exe => Le fichier est signé numériquement
C:\Windows\SysWOW64\explorer.exe => Le fichier est signé numériquement
C:\Windows\system32\svchost.exe => Le fichier est signé numériquement
C:\Windows\SysWOW64\svchost.exe => Le fichier est signé numériquement
C:\Windows\system32\services.exe => Le fichier est signé numériquement
C:\Windows\system32\User32.dll => Le fichier est signé numériquement
C:\Windows\SysWOW64\User32.dll => Le fichier est signé numériquement
C:\Windows\system32\userinit.exe => Le fichier est signé numériquement
C:\Windows\SysWOW64\userinit.exe => Le fichier est signé numériquement
C:\Windows\system32\rpcss.dll => Le fichier est signé numériquement
C:\Windows\system32\dnsapi.dll => Le fichier est signé numériquement
C:\Windows\SysWOW64\dnsapi.dll => Le fichier est signé numériquement
C:\Windows\system32\Drivers\volsnap.sys => Le fichier est signé numériquement
 
 
LastRegBack: 2015-09-01 20:23
 
==================== Fin de FRST.txt ============================

 

Addition.txt

 

Résultats de l'Analyse supplémentaire de Farbar Recovery Scan Tool (x64) Version:31-08-2015

Exécuté par SEBASTIEN (2015-09-05 14:19:34)
Exécuté depuis C:\Users\SEBASTIEN\Desktop
Mode d'amorçage: Normal
==========================================================
 
 
==================== Comptes: =============================
 
Administrateur (S-1-5-21-1714738709-1909791266-908670872-500 - Administrator - Disabled)
Invité (S-1-5-21-1714738709-1909791266-908670872-501 - Limited - Enabled) => C:\Users\Invité
SEBASTIEN (S-1-5-21-1714738709-1909791266-908670872-1000 - Administrator - Enabled) => C:\Users\SEBASTIEN
 
==================== Centre de sécurité ========================
 
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé.)
 
AV: Avira Antivirus (Enabled - Up to date) {4D041356-F94D-285F-8768-AAE50FA36859}
AS: Avira Antivirus (Enabled - Up to date) {F665F2B2-DF77-27D1-BDD8-9197742422E4}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
 
==================== Programmes installés ======================
 
(Seuls les logiciels publicitaires ('adware') avec la marque 'caché' ('Hidden') sont susceptibles d'être ajoutés au fichier fixlist.txt pour qu'ils ne soient plus masqués. Les programmes publicitaires devront être désinstallés manuellement.)
 
1912: Titanic Mystery (HKLM-x32\...\BFG-1912 - Titanic Mystery) (Version:  - )
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 2.0.3.13070 - Adobe Systems Inc.)
Adobe Flash Player 10 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 10.1.102.64 - Adobe Systems Incorporated)
Adobe Reader X (10.1.13) MUI (HKLM-x32\...\{AC76BA86-7AD7-FFFF-7B44-AA0000000001}) (Version: 10.1.13 - Adobe Systems Incorporated)
Around the World in 80 Days (HKLM-x32\...\BFG-Around the World in 80 Days) (Version:  - )
Atheros Communications Inc.® AR81Family Gigabit/Fast Ethernet Driver (HKLM-x32\...\{3108C217-BE83-42E4-AE9E-A56A2A92E549}) (Version: 1.0.0.36 - Atheros Communications Inc.)
Atlantis Quest (HKLM-x32\...\BFG-Atlantis Quest) (Version:  - )
Avira Antivirus (HKLM-x32\...\Avira Antivirus) (Version: 15.0.12.420 - Avira Operations GmbH & Co. KG)
Avira Launcher (HKLM-x32\...\{315dd168-0794-4cf1-8355-f195cde642fc}) (Version: 1.1.45.11819 - Avira Operations GmbH & Co. KG)
Avira Launcher (x32 Version: 1.1.45.11819 - Avira Operations GmbH & Co. KG) Hidden
Azkend (HKLM-x32\...\BFG-Azkend) (Version:  - )
Babylonia (HKLM-x32\...\BFG-Babylonia) (Version:  - )
Big Fish: Game Manager (HKLM-x32\...\BFGC) (Version: 3.3.0.2 - )
Cave Quest (HKLM-x32\...\BFG-Cave Quest) (Version:  - )
Cisco EAP-FAST Module (HKLM-x32\...\{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}) (Version: 2.2.14 - Cisco Systems, Inc.)
Cisco LEAP Module (HKLM-x32\...\{51C7AD07-C3F6-4635-8E8A-231306D810FE}) (Version: 1.0.19 - Cisco Systems, Inc.)
Cisco PEAP Module (HKLM-x32\...\{ED5776D5-59B4-46B7-AF81-5F2D94D7C640}) (Version: 1.1.6 - Cisco Systems, Inc.)
Complément Messenger (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Complemento Messenger (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Conexant HD Audio (HKLM\...\CNXT_AUDIO_HDA) (Version: 8.51.1.0 - Conexant)
Coupe Du Monde Solitaire (HKLM-x32\...\BFG-Coupe Du Monde Solitaire) (Version:  - )
Cradle of Egypt (HKLM-x32\...\BFG-Cradle of Egypt) (Version:  - )
Cradle of Rome (HKLM-x32\...\BFG-Cradle of Rome) (Version:  - )
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
DragonStone (HKLM-x32\...\BFG-DragonStone) (Version:  - )
Eco-Match (HKLM-x32\...\BFG-Eco-Match) (Version:  - )
Emerald Tale (HKLM-x32\...\BFG-Emerald Tale) (Version:  - )
Enchanted Cavern (HKLM-x32\...\BFG-Enchanted Cavern) (Version:  - )
Flip Words (HKLM-x32\...\BFG-Flip Words) (Version:  - )
Galeria de Fotografias do Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galerie de photos Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Glyph 2 (HKLM-x32\...\BFG-Glyph 2) (Version:  - )
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 45.0.2454.85 - Google Inc.)
Google Update Helper (x32 Version: 1.3.28.13 - Google Inc.) Hidden
Heroes of Hellas 2: Olympie (HKLM-x32\...\BFG-Heroes of Hellas 2 - Olympie) (Version:  - )
Hidden Expedition: Amazon ™ (HKLM-x32\...\BFG-Hidden Expedition - Amazon) (Version:  - )
High-Definition Video Playback (x32 Version: 7.1.13900.47.0 - Nero AG) Hidden
Imperial Island: La Naissance d'un Empire (HKLM-x32\...\BFG-Imperial Island - La Naissance d un Empire) (Version:  - )
Intel® Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 7.0.0.1144 - Intel Corporation)
Intel® Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 10.1.2.1004 - Intel Corporation)
Java 8 Update 25 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218025F0}) (Version: 8.0.250 - Oracle Corporation)
Jewel Match 3 (HKLM-x32\...\BFG-Jewel Match 3) (Version:  - )
Jewels of Cleopatra (HKLM-x32\...\BFG-Jewels of Cleopatra) (Version:  - )
Jungle Fruit (HKLM-x32\...\BFG-Jungle Fruit) (Version:  - )
Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Kate Arrow: La Jungle Déserte (HKLM-x32\...\BFG-Kate Arrow - La Jungle Deserte) (Version:  - )
Laby (HKLM-x32\...\BFG-Laby) (Version:  - )
Le Comte de Monte Cristo (HKLM-x32\...\BFG-Le Comte de Monte Cristo) (Version:  - )
L'Epreuve des Dieux: Le Périple d'Ariane (HKLM-x32\...\BFG-LEpreuve des Dieux - Le Periple dAriane) (Version:  - )
Les Chasseurs de Trésor ™ II: Les Toiles Enchantées (HKLM-x32\...\BFG-Les Chasseurs de Tresor II - Les Toiles Enchantees) (Version:  - )
Les Chasseurs de Trésor ™: Rêves d'Or (HKLM-x32\...\BFG-Les Chasseurs de Tresor - Reves d'Or) (Version:  - )
Les Chasseurs de Trésor: Sur la Piste des Fantômes (HKLM-x32\...\BFG-Les Chasseurs de Tresor - Sur la Piste des Fantomes) (Version:  - )
Les Gardiens du Joyau : Ile de Pâques (HKLM-x32\...\BFG-Les Gardiens du Joyau - Ile de Paques) (Version:  - )
Les Trésors de Montezuma 2 (HKLM-x32\...\BFG-Les Tresors de Montezuma 2) (Version:  - )
Logiciel Intel® PROSet/Wireless (HKLM-x32\...\{7a06df8f-4c5a-4207-aa9e-019406e3a46d}) (Version: 17.1.0 - Intel Corporation)
Luxor 3 (HKLM-x32\...\BFG-Luxor 3) (Version:  - )
Malwarebytes Anti-Malware version 2.1.8.1057 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.1.8.1057 - Malwarebytes Corporation)
Mesh Runtime (x32 Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Messenger Companion (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (Français) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1036) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft Office 2010 (HKLM-x32\...\{95140000-0070-0000-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Primary Interoperability Assemblies 2005 (HKLM-x32\...\{2C303EE0-A595-3543-A71A-931C7AC40EDE}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.40728.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Million Dollar Quest (HKLM-x32\...\BFG-Million Dollar Quest) (Version:  - )
Mises à jour NVIDIA 16.13.65 (Version: 16.13.65 - NVIDIA Corporation) Hidden
Mon Beau Sapin (HKLM-x32\...\BFG-Mon Beau Sapin) (Version:  - )
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
Mushroom Age (HKLM-x32\...\BFG-Mushroom Age) (Version:  - )
My Kingdom for the Princess (HKLM-x32\...\BFG-My Kingdom for the Princess) (Version:  - )
Mystery P.I.: The Vegas Heist (HKLM-x32\...\BFG-Mystery P.I. - The Vegas Heist) (Version:  - )
Nero BackItUp 10 (HKLM-x32\...\{68AB6930-5BFF-4FF6-923B-516A91984FE6}) (Version: 5.6.11500.16.100 - Nero AG)
Nero BurnRights 10 (HKLM-x32\...\{943CFD7D-5336-47AF-9418-E02473A5A517}) (Version: 4.2.10500.1.102 - Nero AG)
Nero Express 10 (HKLM-x32\...\{70550193-1C22-445C-8FA4-564E155DB1A7}) (Version: 10.2.12000.21.100 - Nero AG)
Nero InfoTool 10 (HKLM-x32\...\{F412B4AF-388C-4FF5-9B2F-33DB1C536953}) (Version: 7.2.10400.5.100 - Nero AG)
Nero MediaHub 10 (HKLM-x32\...\{1F7FB68F-52F6-46A3-B42F-38CE46295AE5}) (Version: 1.2.13300.36.100 - Nero AG)
Nero Multimedia Suite 10 Essentials (HKLM-x32\...\{0FF68F26-416C-4954-ACA5-6AD5F9DE99C1}) (Version: 10.5.14800 - Nero AG)
Nero RescueAgent 10 (HKLM-x32\...\{E337E787-CF61-4B7B-B84F-509202A54023}) (Version: 3.2.10800.9.100 - Nero AG)
Nero StartSmart 10 (HKLM-x32\...\{F61D489E-6C44-49AC-AD02-7DA8ACA73A65}) (Version: 10.2.11600.14.100 - Nero AG)
Nero Update (HKLM-x32\...\{65BB0407-4CC8-4DC7-952E-3EEFDF05602A}) (Version: 1.0.10300.25.0 - Nero AG)
Nightfall Mysteries: La Malédiction de l'Opéra (HKLM-x32\...\BFG-Nightfall Mysteries - La Malediction de l'Opera) (Version:  - )
NVIDIA GeForce Experience 2.1.4 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.1.4 - NVIDIA Corporation)
NVIDIA Logiciel système PhysX 9.14.0702 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.14.0702 - NVIDIA Corporation)
NVIDIA Pilote 3D Vision 344.75 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 344.75 - NVIDIA Corporation)
NVIDIA Pilote audio HD : 1.3.32.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.32.1 - NVIDIA Corporation)
NVIDIA Pilote graphique 344.75 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 344.75 - NVIDIA Corporation)
Panneau de configuration NVIDIA 344.75 (Version: 344.75 - NVIDIA Corporation) Hidden
Pro Evolution Soccer 2009 (HKLM-x32\...\{A8DB611A-D80E-450D-85F6-3ACDD164BE31}) (Version: 1.00.0000 - KONAMI)
Pro Evolution Soccer 2010 (HKLM-x32\...\{283FFB23-8751-4B08-ACB8-5E0F8BCF7727}) (Version: 1.00.0000 - KONAMI)
Pro Evolution Soccer 2011 (HKLM-x32\...\{1148E85C-E1AF-48E0-A29C-68DACE07E054}) (Version: 1.00.0000 - KONAMI)
Pro Evolution Soccer 2013 (HKLM-x32\...\{C2523AE6-F335-4D0B-BC15-1C07E4ACE629}) (Version: 1.00.0000 - KONAMI)
ProtectDisc Driver, Version 11 (HKLM-x32\...\ProtectDisc Driver 11) (Version: 11.0.0.11 - ProtectDisc Software GmbH)
Réincarnations: L'Éveil (HKLM-x32\...\BFG-Reincarnations - L'Eveil) (Version:  - )
Rêves d'orient (HKLM-x32\...\BFG-Reves d'orient) (Version:  - )
Rhianna Ford & La Lettre de Léonard de Vinci (HKLM-x32\...\BFG-Rhianna Ford - La Lettre de Leonard de Vinci) (Version:  - )
Rise of Dynasty (HKLM-x32\...\BFG-Rise of Dynasty) (Version:  - )
Secrets of Olympus (HKLM-x32\...\BFG-Secrets of Olympus) (Version:  - )
Shaolin Mystery: Le Sceptre du Dragon (HKLM-x32\...\BFG-Shaolin Mystery - Le Sceptre du Dragon) (Version:  - )
SHIELD Streaming (Version: 3.1.2000 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (Version: 16.13.65 - NVIDIA Corporation) Hidden
Skype™ 7.7 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.7.103 - Skype Technologies S.A.)
Stoneloops! of Jurassica (HKLM-x32\...\BFG-Stoneloops! of Jurassica) (Version:  - )
Svetlograd (HKLM-x32\...\BFG-Svetlograd) (Version:  - )
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 15.2.11.1 - Synaptics Incorporated)
The Path of Hercules (HKLM-x32\...\BFG-The Path of Hercules) (Version:  - )
The Treasures of Montezuma (HKLM-x32\...\BFG-The Treasures of Montezuma) (Version:  - )
The Treasures of Montezuma 3 (HKLM-x32\...\BFG-The Treasures of Montezuma 3) (Version:  - )
The Treasures of Montezuma 4 (HKLM-x32\...\BFG-The Treasures of Montezuma 4) (Version:  - )
Tom Clancy's Rainbow Six Vegas 2 (HKLM-x32\...\{FD416706-875C-4B0B-A23A-9E740DAE029E}) (Version: 1.00 - Ubisoft)
TOSHIBA Assist (HKLM-x32\...\{C2A276E3-154E-44DC-AAF1-FFDD7FD30E35}) (Version: 4.02.02 - TOSHIBA CORPORATION)
TOSHIBA Bulletin Board (HKLM-x32\...\InstallShield_{229C190B-7690-40B7-8680-42530179F3E9}) (Version: 2.0.16.64 - TOSHIBA Corporation)
TOSHIBA ConfigFree (HKLM-x32\...\{F52618B2-A995-4F8D-A6C8-9E235A470C68}) (Version: 8.0.36 - TOSHIBA CORPORATION)
TOSHIBA Disc Creator (HKLM\...\{5DA0E02F-970B-424B-BF41-513A5018E4C0}) (Version: 2.1.0.6 for x64 - TOSHIBA Corporation)
TOSHIBA eco Utility (HKLM-x32\...\InstallShield_{B3FF1CD9-B2F0-4D71-BB55-5F580401C48E}) (Version: 1.2.23.64 - TOSHIBA Corporation)
TOSHIBA Face Recognition (HKLM-x32\...\InstallShield_{F67FA545-D8E5-4209-86B1-AEE045D1003F}) (Version: 3.1.8.64 - TOSHIBA Corporation)
TOSHIBA Hardware Setup (HKLM-x32\...\InstallShield_{C4FFA951-9678-4D51-84B4-AFD15D3C45AD}) (Version: 4.08.06.00 - )
TOSHIBA HDD/SSD Alert (HKLM-x32\...\InstallShield_{D4322448-B6AF-4316-B859-D8A0E84DCB38}) (Version: 3.1.64.7 - TOSHIBA Corporation)
Toshiba Manuals (HKLM-x32\...\{90FF4432-21B7-4AF6-BA6E-FB8C1FED9173}) (Version: 10.02 - TOSHIBA)
TOSHIBA Online Product Information (HKLM-x32\...\{2290A680-4083-410A-ADCC-7092C67FC052}) (Version: 4.00.0008 - TOSHIBA)
TOSHIBA PC Health Monitor (HKLM\...\{9DECD0F9-D3E8-48B0-A390-1CF09F54E3A4}) (Version: 1.7.4.64 - TOSHIBA Corporation)
TOSHIBA Recovery Media Creator (HKLM-x32\...\{B65BBB06-1F8E-48F5-8A54-B024A9E15FDF}) (Version: 2.1.3.10010 - TOSHIBA CORPORATION)
TOSHIBA Recovery Media Creator Reminder (HKLM-x32\...\InstallShield_{773970F1-5EBA-4474-ADEE-1EA3B0A59492}) (Version: 1.00.0019 - TOSHIBA)
TOSHIBA ReelTime (HKLM-x32\...\InstallShield_{24811C12-F4A9-4D0F-8494-A7B8FE46123C}) (Version: 1.7.17.64 - TOSHIBA Corporation)
TOSHIBA Service Station (HKLM-x32\...\{AC6569FA-6919-442A-8552-073BE69E247A}) (Version: 2.1.52 - TOSHIBA)
TOSHIBA Sleep Utility (HKLM-x32\...\{654F7484-88C5-46DC-AB32-C66BCB0E2102}) (Version: 1.4.2.7 - TOSHIBA Corporation)
TOSHIBA Supervisor Password (HKLM-x32\...\InstallShield_{CBD6B23D-41D5-4A46-8019-6208516C9712}) (Version: 4.08.06.00 - )
TOSHIBA TEMPRO (HKLM-x32\...\{F082CB11-4794-4259-99A1-D91BA762AD15}) (Version: 3.35 - Toshiba Europe GmbH)
TOSHIBA Value Added Package (HKLM-x32\...\InstallShield_{066CFFF8-12BF-4390-A673-75F95EFF188E}) (Version: 1.5.1.64 - TOSHIBA Corporation)
TOSHIBA Web Camera Application (HKLM-x32\...\InstallShield_{6F3C8901-EBD3-470D-87F8-AC210F6E5E02}) (Version: 1.1.6.3 - TOSHIBA Corporation)
Travel Riddles: Trip to India (HKLM-x32\...\BFG-Travel Riddles - Trip to India) (Version:  - )
TRORMCLauncher (HKLM-x32\...\InstallShield_{E65C7D8E-186D-484B-BEA8-DEF0331CE600}) (Version:  - )
TRORMCLauncher (Version: 1.0.0.10 - TOSHIBA) Hidden
Vault Cracker (HKLM-x32\...\BFG-Vault Cracker) (Version:  - )
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3508.1109 - Microsoft Corporation)
Wizard's Hat (HKLM-x32\...\BFG-Wizard's Hat) (Version:  - )
بريد Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
معرض صور Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
 
==================== Personnalisé CLSID (Avec liste blanche): ==========================
 
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
 
 
==================== Points de restauration =========================
 
02-09-2015 10:26:18 Windows Update
02-09-2015 12:36:54 Uniblue SpeedUpMyPC installation
02-09-2015 12:42:06 Uniblue SpeedUpMyPC installation
02-09-2015 12:55:52 Opération de restauration
03-09-2015 13:08:21 Windows Update
03-09-2015 16:26:41 Installed Atheros Communications Inc.® AR81Family Gigabit/Fast"U4!
03-09-2015 16:34:15 Windows Update
03-09-2015 17:07:55 JRT Pre-Junkware Removal
03-09-2015 17:09:38 JRT Pre-Junkware Removal
05-09-2015 14:09:36 Restore Point Created by FRST
 
==================== Hosts contenu: ===============================
 
(Si nécessaire, la commande Hosts: peut être incluse dans le fichier fixlist.txt afin de réinitialiser le fichier hosts.)
 
2009-07-14 04:34 - 2014-11-18 12:52 - 00000824 ____N C:\Windows\system32\Drivers\etc\hosts
 
==================== Tâches planifiées (Avec liste blanche) =============
 
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
 
Task: {12EF5AF1-6DA8-4104-8D3F-0CB6AD47BD22} - System32\Tasks\{1D85356A-4E6E-4348-99C4-A5BC1931E661} => pcalua.exe -a "C:\Program Files (x86)\InstallShield Installation Information\{FD416706-875C-4B0B-A23A-9E740DAE029E}\setup.exe" -c -runfromtemp -l0x040c -removeonly
Task: {619DF43A-C4F1-4E9C-BF4A-DEA3D24557AC} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-09-01] (Google Inc.)
Task: {61F4DF97-9D42-4A52-852F-AD177E406825} - System32\Tasks\GJKWJWF => C:\Users\SEBASTIEN\AppData\Roaming\GJKWJWF.exe <==== ATTENTION
Task: {643F5034-9159-4736-AB22-628789015131} - System32\Tasks\RMNWCKQ => C:\Users\SEBASTIEN\AppData\Roaming\RMNWCKQ.exe <==== ATTENTION
Task: {93411CE9-04D3-4989-AC8C-702F22F5A609} - System32\Tasks\ConfigFree Startup Programs => C:\Program Files (x86)\TOSHIBA\ConfigFree\NDSTray.exe [2010-12-03] (TOSHIBA CORPORATION)
Task: {94E829AB-D9C0-47D3-AD54-6DA9126762CF} - System32\Tasks\{9CCAEF95-9090-400F-B511-3E2066091097} => pcalua.exe -a "C:\Program Files (x86)\Monte Cristo\Fire Department 3\FireSplash.exe" -d "C:\Program Files (x86)\Monte Cristo\Fire Department 3"
Task: {EFC309ED-79B5-42FA-9C16-C263AE34470B} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-09-01] (Google Inc.)
Task: {F41459CA-87DA-44C3-9422-45FA954CFF58} - System32\Tasks\Microsoft\Windows\Application Experience\ProgramDataUpdater => Rundll32.exe invagent.dll,RunUpdate -noappraiser
 
(Si un élément est inclus dans le fichier fixlist.txt, le fichier tâche (.job) sera déplacé. Le fichier exécuté par la tâche ne sera pas déplacé.)
 
Task: C:\Windows\Tasks\GJKWJWF.job => C:\Users\SEBASTIEN\AppData\Roaming\GJKWJWF.exe <==== ATTENTION
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\RMNWCKQ.job => C:\Users\SEBASTIEN\AppData\Roaming\RMNWCKQ.exe <==== ATTENTION
 
==================== Modules chargés (Avec liste blanche) ==============
 
2014-11-18 15:04 - 2014-11-12 23:56 - 00118080 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2010-12-13 18:32 - 2010-12-13 18:32 - 03420584 _____ () C:\Program Files\Toshiba\BulletinBoard\TosNcUi.dll
2010-11-18 17:18 - 2010-11-18 17:18 - 11190784 _____ () C:\Program Files\Toshiba\FlashCards\BlackPng.dll
2010-12-15 15:19 - 2010-12-15 15:19 - 00124320 _____ () C:\Program Files\Toshiba\TECO\MUIHelp.dll
2011-03-03 14:41 - 2011-02-22 11:03 - 00559104 _____ () C:\Program Files (x86)\TOSHIBA\TOSHIBA Online Product Information\fr\Humphrey.resources.dll
2010-12-08 15:42 - 2010-12-08 15:42 - 00079264 _____ () C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosIPCWraper.dll
2015-09-02 11:24 - 2015-08-28 02:17 - 01501512 _____ () C:\Program Files (x86)\Google\Chrome\Application\45.0.2454.85\libglesv2.dll
2015-09-02 11:24 - 2015-08-28 02:17 - 00081224 _____ () C:\Program Files (x86)\Google\Chrome\Application\45.0.2454.85\libegl.dll
 
==================== Alternate Data Streams (Avec liste blanche) =========
 
(Si un élément est inclus dans le fichier fixlist.txt, seul le flux de données additionnel (ADS - Alternate Data Stream) sera supprimé.)
 
AlternateDataStreams: C:\ProgramData\TEMP:0AC32449
AlternateDataStreams: C:\ProgramData\TEMP:124B94C0
AlternateDataStreams: C:\ProgramData\TEMP:16A4620C
AlternateDataStreams: C:\ProgramData\TEMP:1EE5EBCB
AlternateDataStreams: C:\ProgramData\TEMP:27D1368B
AlternateDataStreams: C:\ProgramData\TEMP:28CCFEFB
AlternateDataStreams: C:\ProgramData\TEMP:2CB9631F
AlternateDataStreams: C:\ProgramData\TEMP:2EA99C48
AlternateDataStreams: C:\ProgramData\TEMP:2FBB2B9B
AlternateDataStreams: C:\ProgramData\TEMP:35A81752
AlternateDataStreams: C:\ProgramData\TEMP:3E06C78F
AlternateDataStreams: C:\ProgramData\TEMP:436BE28C
AlternateDataStreams: C:\ProgramData\TEMP:43A31AEA
AlternateDataStreams: C:\ProgramData\TEMP:43C9D140
AlternateDataStreams: C:\ProgramData\TEMP:43D34EF3
AlternateDataStreams: C:\ProgramData\TEMP:47FE7AB7
AlternateDataStreams: C:\ProgramData\TEMP:4AB83B21
AlternateDataStreams: C:\ProgramData\TEMP:538A9F02
AlternateDataStreams: C:\ProgramData\TEMP:569CEE83
AlternateDataStreams: C:\ProgramData\TEMP:57B374AB
AlternateDataStreams: C:\ProgramData\TEMP:59846E5E
AlternateDataStreams: C:\ProgramData\TEMP:5A437AC3
AlternateDataStreams: C:\ProgramData\TEMP:5AE41FFB
AlternateDataStreams: C:\ProgramData\TEMP:6017A808
AlternateDataStreams: C:\ProgramData\TEMP:639BB5E9
AlternateDataStreams: C:\ProgramData\TEMP:64170090
AlternateDataStreams: C:\ProgramData\TEMP:69D59C23
AlternateDataStreams: C:\ProgramData\TEMP:73AFBB96
AlternateDataStreams: C:\ProgramData\TEMP:7B8AF9AA
AlternateDataStreams: C:\ProgramData\TEMP:8B4B9596
AlternateDataStreams: C:\ProgramData\TEMP:9290C91C
AlternateDataStreams: C:\ProgramData\TEMP:98982C88
AlternateDataStreams: C:\ProgramData\TEMP:99A29126
AlternateDataStreams: C:\ProgramData\TEMP:9B3B8E95
AlternateDataStreams: C:\ProgramData\TEMP:9B711F92
AlternateDataStreams: C:\ProgramData\TEMP:9C8D5426
AlternateDataStreams: C:\ProgramData\TEMP:A2907225
AlternateDataStreams: C:\ProgramData\TEMP:AC95B5ED
AlternateDataStreams: C:\ProgramData\TEMP:BF6C81B2
AlternateDataStreams: C:\ProgramData\TEMP:C3D26A8A
AlternateDataStreams: C:\ProgramData\TEMP:C72A744C
AlternateDataStreams: C:\ProgramData\TEMP:C7F5E798
AlternateDataStreams: C:\ProgramData\TEMP:D2397415
AlternateDataStreams: C:\ProgramData\TEMP:D4BB0AD6
AlternateDataStreams: C:\ProgramData\TEMP:D51F4BAE
AlternateDataStreams: C:\ProgramData\TEMP:DE47A3DA
AlternateDataStreams: C:\ProgramData\TEMP:DFC3B090
AlternateDataStreams: C:\ProgramData\TEMP:E1CC2D5E
AlternateDataStreams: C:\ProgramData\TEMP:E2295807
AlternateDataStreams: C:\ProgramData\TEMP:F0A06891
AlternateDataStreams: C:\ProgramData\TEMP:F8F070C2
AlternateDataStreams: C:\ProgramData\TEMP:FB430AFA
AlternateDataStreams: C:\ProgramData\TEMP:FBE5FDB9
 
==================== Mode sans échec (Avec liste blanche) ===================
 
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le "AlternateShell" sera restauré.)
 
 
==================== EXE Association (Avec liste blanche) ===============
 
(Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé.)
 
 
==================== Internet Explorer sites de confiance/sensibles ===============
 
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre.)
 
 
==================== Autres zones ============================
 
(Actuellement, il n'y a pas de correction automatique pour cette section.)
 
HKU\S-1-5-21-1714738709-1909791266-908670872-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\SEBASTIEN\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Le Pare-feu est activé.
 
==================== MSCONFIG/TASK MANAGER éléments désactivés ==
 
(Actuellement, il n'y a pas de correction automatique pour cette section.)
 
MSCONFIG\startupfolder: C:^Users^SEBASTIEN^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^MyPC Backup.lnk => C:\Windows\pss\MyPC Backup.lnk.Startup
MSCONFIG\startupreg: Adobe ARM => "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
MSCONFIG\startupreg: Adobe Reader Speed Launcher => "C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe"
MSCONFIG\startupreg: NBAgent => "c:\Program Files (x86)\Nero\Nero 10\Nero BackItUp\NBAgent.exe" /WinStart
 
==================== RèglesPare-feu (Avec liste blanche) ===============
 
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
 
FirewallRules: [{E4B835F9-97A8-420C-B4CB-4E3E3DD0CE12}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{CB3033A9-1BA0-4795-B19B-BE5C501E90BD}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{0CC488C1-893A-4428-89FC-212558E8BC5B}] => (Allow) LPort=2869
FirewallRules: [{D5987659-7889-461B-8084-C95A811D09DF}] => (Allow) LPort=1900
FirewallRules: [{A84FABB1-F4F4-4E56-8B6E-A4A9EAE50EB2}] => (Allow) C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe
FirewallRules: [{90EB44D0-8807-4AB8-813B-B22D5B3BDFBC}] => (Allow) C:\Program Files (x86)\Windows Live\Mesh\MOE.exe
FirewallRules: [{14D7BA49-F126-4298-B5DC-04350CCAD519}] => (Allow) LPort=48113
FirewallRules: [{D8B374DD-63DB-4118-9FC4-91E1031C7D5E}] => (Allow) LPort=48114
FirewallRules: [{A8E4AF19-58A7-4799-B6D1-33F98A9BA616}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{813C66AD-7F33-4228-82AD-8F44523B6A7E}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{5C2C1096-AE08-47C5-878C-BD3801F7ABD8}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
FirewallRules: [{E087159B-B34D-493A-A2DF-869FFE7B7093}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
FirewallRules: [{B4C64008-2E76-4BE0-98E4-33DB0F502EBC}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{0CF55033-8460-4417-892A-A74A72B9C364}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [TCP Query User{CD9A2768-9A8A-41AB-9398-FD57E5779FDF}C:\program files (x86)\java\jre1.8.0_25\bin\javaw.exe] => (Block) C:\program files (x86)\java\jre1.8.0_25\bin\javaw.exe
FirewallRules: [UDP Query User{5841D1FC-7936-4960-A18D-96A643F27641}C:\program files (x86)\java\jre1.8.0_25\bin\javaw.exe] => (Block) C:\program files (x86)\java\jre1.8.0_25\bin\javaw.exe
FirewallRules: [TCP Query User{EE40D079-DF02-4745-A71A-6E0A13A27AC9}C:\program files (x86)\konami\pro evolution soccer 2009\pes2009.exe] => (Allow) C:\program files (x86)\konami\pro evolution soccer 2009\pes2009.exe
FirewallRules: [UDP Query User{D573F966-7C9D-4CB0-8871-E262ADB43295}C:\program files (x86)\konami\pro evolution soccer 2009\pes2009.exe] => (Allow) C:\program files (x86)\konami\pro evolution soccer 2009\pes2009.exe
FirewallRules: [{0CABF62E-59E8-4E2D-9BDC-A2290C2D49D8}] => (Allow) C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
FirewallRules: [{8FAF320B-0AB2-4FC8-8469-445F4B2A4931}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
 
==================== Éléments en erreur du Gestionnaire de périphériques =============
 
Name: Teredo Tunneling Pseudo-Interface
Description: Microsoft Teredo Tunneling Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.
 
 
==================== Erreurs du Journal des événements: =========================
 
Erreurs Application:
==================
Error: (09/05/2015 02:09:35 PM) (Source: VSS) (EventID: 8194) (User: )
Description: Erreur du service de cliché instantané des volumes : erreur lors de l’interrogation de l’interface IVssWriterCallback. hr = 0x80070005, Accès refusé.
.
Cette erreur est souvent due à des paramètres de sécurité incorrects dans le processus du rédacteur ou du demandeur.
 
 
Opération :
   Données du rédacteur en cours de collecte
 
Contexte :
   ID de classe du rédacteur: {e8132975-6f93-4464-a53e-1050253ae220}
   Nom du rédacteur: System Writer
   ID d’instance du rédacteur: {5c90f6a3-e692-408c-9ab4-3f258f921db4}
 
Error: (09/03/2015 05:20:10 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3012) (User: AUTORITE NT)
Description: Les chaînes de performance dans la valeur de Registre Performance sont endommagées lors du traitement du fournisseur de compteurs d’extension Performance. La valeur BaseIndex à partir du Registre de performance est le premier DWORD dans la section Données, la valeur LastCounter est le deuxième DWORD dans la section Données, et la valeur LastHelp est le troisième DWORD dans la section Données.
 
Error: (09/03/2015 04:39:33 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3012) (User: AUTORITE NT)
Description: Les chaînes de performance dans la valeur de Registre Performance sont endommagées lors du traitement du fournisseur de compteurs d’extension Performance. La valeur BaseIndex à partir du Registre de performance est le premier DWORD dans la section Données, la valeur LastCounter est le deuxième DWORD dans la section Données, et la valeur LastHelp est le troisième DWORD dans la section Données.
 
Error: (09/02/2015 02:46:50 PM) (Source: NvStreamSvc) (EventID: 1) (User: )
Description: NvStreamSvcNvVAD initialization failed [6]
 
Error: (09/02/2015 02:46:50 PM) (Source: NvStreamSvc) (EventID: 1) (User: )
Description: NvStreamSvcFailed to set NvVAD endpoint as default Audio endpoint [0]
 
Error: (09/02/2015 02:46:50 PM) (Source: NvStreamSvc) (EventID: 1) (User: )
Description: NvStreamSvcNvVAD endpoint registration failed [0]
 
Error: (09/02/2015 01:02:03 PM) (Source: System Restore) (EventID: 8210) (User: )
Description: Une erreur non spécifiée s’est produite au cours de la restauration du système : (Sauvegarde Windows). Informations supplémentaires : 0x8000ffff.
 
Error: (09/01/2015 07:05:37 PM) (Source: Avira Antivirus) (EventID: 4117) (User: AUTORITE NT)
Description: Le fichier de clé ne contient pas de licence valide. Le service va être arrêté.
 
Error: (09/01/2015 06:52:36 PM) (Source: Avira Antivirus) (EventID: 4117) (User: AUTORITE NT)
Description: Le fichier de clé ne contient pas de licence valide. Le service va être arrêté.
 
Error: (09/01/2015 06:19:29 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3012) (User: AUTORITE NT)
Description: Les chaînes de performance dans la valeur de Registre Performance sont endommagées lors du traitement du fournisseur de compteurs d’extension Performance. La valeur BaseIndex à partir du Registre de performance est le premier DWORD dans la section Données, la valeur LastCounter est le deuxième DWORD dans la section Données, et la valeur LastHelp est le troisième DWORD dans la section Données.
 
 
Erreurs système:
=============
Error: (09/05/2015 02:17:36 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: AUTORITE NT)
Description: Échec de l’installation : l’installation de la mise à jour suivante a échoue avec l’erreur 0x80240020 : Passer à la version Windows 10 Famille.
 
Error: (09/05/2015 02:15:17 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Le pilote de démarrage système ou d’amorçage suivant n’a pas pu se charger : 
sfsync02
 
Error: (09/05/2015 02:14:11 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10000) (User: AUTORITE NT)
Description: Le module d’extensibilité WLAN n’a pas pu démarrer.
 
Chemin d’accès du module : C:\Windows\system32\Rtlihvs.dll
Code d’erreur : 126
 
Error: (09/05/2015 02:13:31 PM) (Source: Application Popup) (EventID: 875) (User: )
Description: Le chargement du pilote sfsync02.sys a été bloqué.
 
Error: (09/03/2015 05:25:07 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Le pilote de démarrage système ou d’amorçage suivant n’a pas pu se charger : 
sfsync02
 
Error: (09/03/2015 05:24:46 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10000) (User: AUTORITE NT)
Description: Le module d’extensibilité WLAN n’a pas pu démarrer.
 
Chemin d’accès du module : C:\Windows\system32\Rtlihvs.dll
Code d’erreur : 126
 
Error: (09/03/2015 05:24:22 PM) (Source: Application Popup) (EventID: 875) (User: )
Description: Le chargement du pilote sfsync02.sys a été bloqué.
 
Error: (09/03/2015 05:23:43 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Le service Avira Service Host s’est terminé de manière inattendue. Ceci s’est produit 2 fois. L’action corrective suivante va être effectuée dans 10000 millisecondes : Redémarrer le service.
 
Error: (09/03/2015 05:23:43 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Le service Windows Live ID Sign-in Assistant s’est terminé de manière inattendue. Ceci s’est produit 2 fois. L’action corrective suivante va être effectuée dans 10000 millisecondes : Redémarrer le service.
 
Error: (09/03/2015 05:23:43 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Le service Windows Search s’est terminé de manière inattendue. Ceci s’est produit 1 fois. L’action corrective suivante va être effectuée dans 30000 millisecondes : Redémarrer le service.
 
 
Microsoft Office:
=========================
Error: (09/05/2015 02:09:35 PM) (Source: VSS) (EventID: 8194) (User: )
Description: 0x80070005, Accès refusé.
 
 
Opération :
   Données du rédacteur en cours de collecte
 
Contexte :
   ID de classe du rédacteur: {e8132975-6f93-4464-a53e-1050253ae220}
   Nom du rédacteur: System Writer
   ID d’instance du rédacteur: {5c90f6a3-e692-408c-9ab4-3f258f921db4}
 
Error: (09/03/2015 05:20:10 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3012) (User: AUTORITE NT)
Description: Performance1637070000000000000000000009030000
 
Error: (09/03/2015 04:39:33 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3012) (User: AUTORITE NT)
Description: Performance1637070000000000000000000009030000
 
Error: (09/02/2015 02:46:50 PM) (Source: NvStreamSvc) (EventID: 1) (User: )
Description: NvStreamSvcNvVAD initialization failed [6]
 
Error: (09/02/2015 02:46:50 PM) (Source: NvStreamSvc) (EventID: 1) (User: )
Description: NvStreamSvcFailed to set NvVAD endpoint as default Audio endpoint [0]
 
Error: (09/02/2015 02:46:50 PM) (Source: NvStreamSvc) (EventID: 1) (User: )
Description: NvStreamSvcNvVAD endpoint registration failed [0]
 
Error: (09/02/2015 01:02:03 PM) (Source: System Restore) (EventID: 8210) (User: )
Description: Sauvegarde Windows0x8000ffff
 
Error: (09/01/2015 07:05:37 PM) (Source: Avira Antivirus) (EventID: 4117) (User: AUTORITE NT)
Description: 0x0
 
Error: (09/01/2015 06:52:36 PM) (Source: Avira Antivirus) (EventID: 4117) (User: AUTORITE NT)
Description: 0x0
 
Error: (09/01/2015 06:19:29 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3012) (User: AUTORITE NT)
Description: Performance1637070000000000000000000009030000
 
 
CodeIntegrity:
===================================
  Date: 2015-09-02 11:04:53.213
  Description: Windows ne peut pas vérifier l’intégrité du fichier \Device\HarddiskVolume2\$Windows.~BT\Updates\Critical\8e08ca47-f6ba-409d-82de-698e324c0004\x86_microsoft-windows-errorreportingfaults_31bf3856ad364e35_10.0.10074.1_none_96f694b33cfd42bf\werfault.exe car le certificat de signature a été révoqué. Vérifiez auprès de l’éditeur si une nouvelle version signée du module noyau est disponible.
 
  Date: 2015-09-02 11:04:53.208
  Description: Windows ne peut pas vérifier l’intégrité du fichier \Device\HarddiskVolume2\$Windows.~BT\Updates\Critical\8e08ca47-f6ba-409d-82de-698e324c0004\x86_microsoft-windows-errorreportingfaults_31bf3856ad364e35_10.0.10074.1_none_96f694b33cfd42bf\werfault.exe car le certificat de signature a été révoqué. Vérifiez auprès de l’éditeur si une nouvelle version signée du module noyau est disponible.
 
  Date: 2015-09-02 11:04:53.203
  Description: Windows ne peut pas vérifier l’intégrité du fichier \Device\HarddiskVolume2\$Windows.~BT\Updates\Critical\8e08ca47-f6ba-409d-82de-698e324c0004\x86_microsoft-windows-errorreportingfaults_31bf3856ad364e35_10.0.10074.1_none_96f694b33cfd42bf\werfault.exe car le certificat de signature a été révoqué. Vérifiez auprès de l’éditeur si une nouvelle version signée du module noyau est disponible.
 
  Date: 2015-09-02 11:04:53.197
  Description: Windows ne peut pas vérifier l’intégrité du fichier \Device\HarddiskVolume2\$Windows.~BT\Updates\Critical\8e08ca47-f6ba-409d-82de-698e324c0004\x86_microsoft-windows-errorreportingfaults_31bf3856ad364e35_10.0.10074.1_none_96f694b33cfd42bf\werfault.exe car le certificat de signature a été révoqué. Vérifiez auprès de l’éditeur si une nouvelle version signée du module noyau est disponible.
 
  Date: 2015-09-02 11:04:52.886
  Description: Windows ne peut pas vérifier l’intégrité du fichier \Device\HarddiskVolume2\$Windows.~BT\Updates\Critical\8e08ca47-f6ba-409d-82de-698e324c0004\x86_microsoft-windows-errorreportingcore_31bf3856ad364e35_10.0.10074.1_none_47662a2706182d6f\wermgr.exe car le certificat de signature a été révoqué. Vérifiez auprès de l’éditeur si une nouvelle version signée du module noyau est disponible.
 
  Date: 2015-09-02 11:04:52.882
  Description: Windows ne peut pas vérifier l’intégrité du fichier \Device\HarddiskVolume2\$Windows.~BT\Updates\Critical\8e08ca47-f6ba-409d-82de-698e324c0004\x86_microsoft-windows-errorreportingcore_31bf3856ad364e35_10.0.10074.1_none_47662a2706182d6f\wermgr.exe car le certificat de signature a été révoqué. Vérifiez auprès de l’éditeur si une nouvelle version signée du module noyau est disponible.
 
  Date: 2015-09-02 11:04:52.877
  Description: Windows ne peut pas vérifier l’intégrité du fichier \Device\HarddiskVolume2\$Windows.~BT\Updates\Critical\8e08ca47-f6ba-409d-82de-698e324c0004\x86_microsoft-windows-errorreportingcore_31bf3856ad364e35_10.0.10074.1_none_47662a2706182d6f\wermgr.exe car le certificat de signature a été révoqué. Vérifiez auprès de l’éditeur si une nouvelle version signée du module noyau est disponible.
 
  Date: 2015-09-02 11:04:52.872
  Description: Windows ne peut pas vérifier l’intégrité du fichier \Device\HarddiskVolume2\$Windows.~BT\Updates\Critical\8e08ca47-f6ba-409d-82de-698e324c0004\x86_microsoft-windows-errorreportingcore_31bf3856ad364e35_10.0.10074.1_none_47662a2706182d6f\wermgr.exe car le certificat de signature a été révoqué. Vérifiez auprès de l’éditeur si une nouvelle version signée du module noyau est disponible.
 
  Date: 2015-09-02 11:04:52.032
  Description: Windows ne peut pas vérifier l’intégrité du fichier \Device\HarddiskVolume2\$Windows.~BT\Updates\Critical\8e08ca47-f6ba-409d-82de-698e324c0004\amd64_microsoft-windows-errorreportingfaults_31bf3856ad364e35_10.0.10074.1_none_f3153036f55ab3f5\werfault.exe car le certificat de signature a été révoqué. Vérifiez auprès de l’éditeur si une nouvelle version signée du module noyau est disponible.
 
  Date: 2015-09-02 11:04:52.027
  Description: Windows ne peut pas vérifier l’intégrité du fichier \Device\HarddiskVolume2\$Windows.~BT\Updates\Critical\8e08ca47-f6ba-409d-82de-698e324c0004\amd64_microsoft-windows-errorreportingfaults_31bf3856ad364e35_10.0.10074.1_none_f3153036f55ab3f5\werfault.exe car le certificat de signature a été révoqué. Vérifiez auprès de l’éditeur si une nouvelle version signée du module noyau est disponible.
 
 
==================== Infos Mémoire =========================== 
 
Processeur: Intel® Core™ i5-2410M CPU @ 2.30GHz
Pourcentage de mémoire utilisée: 67%
Mémoire physique - RAM - totale: 4077.86 MB
Mémoire physique - RAM - disponible: 1307.23 MB
Mémoire virtuelle totale: 8153.92 MB
Mémoire virtuelle disponible: 5055.27 MB
 
==================== Lecteurs ================================
 
Drive c: (WINDOWS) (Fixed) (Total:348.61 GB) (Free:249 GB) NTFS
Drive d: (Data) (Fixed) (Total:349.64 GB) (Free:120.49 GB) NTFS
 
==================== MBR & Table des partitions ==================
 
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 698.6 GB) (Disk ID: 7322675B)
Partition 1: (Active) - (Size=399 MB) - (Type=27)
Partition 2: (Not Active) - (Size=348.6 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=349.6 GB) - (Type=07 NTFS)
 
==================== Fin de Addition.txt ============================

 

MyEsetScan

 

C:\AdwCleaner\Quarantine\C\Program Files (x86)\Uniblue\SpeedUpMyPC\speedupmypc.exe.vir Win32/UniBlue.E potentially unwanted application

C:\AdwCleaner\Quarantine\C\Program Files (x86)\Uniblue\SpeedUpMyPC\thirdpartyinstaller.exe.vir Win32/UniBlue.D potentially unwanted application
C:\AdwCleaner\Quarantine\C\Users\SEBASTIEN\AppData\Roaming\Uniblue\SpeedUpMyPC\app_downloads\liveupdate.exe.vir Win32/UniBlue.E potentially unwanted application
C:\FRST\Quarantine\C\Users\SEBASTIEN\AppData\Roaming\GJKWJWF.xBAD JS/Toolbar.Crossrider.C potentially unwanted application
C:\FRST\Quarantine\C\Users\SEBASTIEN\AppData\Roaming\RMNWCKQ.xBAD JS/Toolbar.Crossrider.C potentially unwanted application
D:\SEBASTIEN-TOSH\Backup Set 2014-12-18 192752\Backup Files 2014-12-18 192752\Backup files 1.zip JS/Toolbar.Crossrider.C potentially unwanted application
D:\SEBASTIEN-TOSH\Backup Set 2014-12-18 192752\Backup Files 2014-12-18 192752\Backup files 4.zip multiple threats
D:\SEBASTIEN-TOSH\Backup Set 2015-02-03 132107\Backup Files 2015-02-03 132107\Backup files 1.zip JS/Toolbar.Crossrider.C potentially unwanted application
D:\SEBASTIEN-TOSH\Backup Set 2015-02-03 132107\Backup Files 2015-02-03 132107\Backup files 4.zip a variant of Win32/AdGazelle.B potentially unwanted application
D:\SEBASTIEN-TOSH\Backup Set 2015-02-03 132107\Backup Files 2015-02-17 121715\Backup files 3.zip Win32/SoftPulse.X potentially unwanted application
D:\SEBASTIEN-TOSH\Backup Set 2015-03-31 133244\Backup Files 2015-03-31 133244\Backup files 1.zip JS/Toolbar.Crossrider.C potentially unwanted application
D:\SEBASTIEN-TOSH\Backup Set 2015-03-31 133244\Backup Files 2015-03-31 133244\Backup files 6.zip Win32/SoftPulse.X potentially unwanted application
D:\SEBASTIEN-TOSH\Backup Set 2015-05-06 121857\Backup Files 2015-05-06 121857\Backup files 1.zip JS/Toolbar.Crossrider.C potentially unwanted application
D:\SEBASTIEN-TOSH\Backup Set 2015-05-06 121857\Backup Files 2015-05-06 121857\Backup files 6.zip Win32/SoftPulse.X potentially unwanted application
D:\SEBASTIEN-TOSH\Backup Set 2015-06-16 122748\Backup Files 2015-06-16 122748\Backup files 1.zip JS/Toolbar.Crossrider.C potentially unwanted application
D:\SEBASTIEN-TOSH\Backup Set 2015-06-16 122748\Backup Files 2015-06-16 122748\Backup files 9.zip Win32/SoftPulse.X potentially unwanted application
D:\SEBASTIEN-TOSH\Backup Set 2015-06-24 131411\Backup Files 2015-06-24 131411\Backup files 1.zip JS/Toolbar.Crossrider.C potentially unwanted application
D:\SEBASTIEN-TOSH\Backup Set 2015-06-24 131411\Backup Files 2015-06-24 131411\Backup files 9.zip Win32/SoftPulse.X potentially unwanted application
D:\SEBASTIEN-TOSH\Backup Set 2015-08-04 133840\Backup Files 2015-08-04 133840\Backup files 1.zip JS/Toolbar.Crossrider.C potentially unwanted application
D:\SEBASTIEN-TOSH\Backup Set 2015-08-04 133840\Backup Files 2015-08-04 133840\Backup files 6.zip Win32/SoftPulse.X potentially unwanted application
 

 



#11 Machiavelli

Machiavelli

    Agent 007


  • Malware Response Instructor
  • 3,897 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Germany
  • Local time:10:25 PM

Posted 07 September 2015 - 08:18 AM

How is your system running now? :)


~Machiavelli

If I don't reply within 24 hours please PM me!

  • Every topic with no replies within 5 days will be closed.
  • If you like my help here please give me feedback.

unite_blue.png
 
 


#12 LiHo

LiHo
  • Topic Starter

  • Members
  • 7 posts
  • OFFLINE
  •  
  • Local time:05:25 AM

Posted 07 September 2015 - 09:32 AM

It seems to work very well !!

Thank you so much for your great help !



#13 Machiavelli

Machiavelli

    Agent 007


  • Malware Response Instructor
  • 3,897 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Germany
  • Local time:10:25 PM

Posted 07 September 2015 - 01:44 PM

Hello,
in my opinion your PC is clean. :) If you would like to donate some money to me, then click on the button paypal.gif. I'd really appreciate it, my friend. :)


We need to remove the tools we've used during cleaning your machine.
  • Download Delfix from here and run it (If you have Windows Vista / Windows 7 / Windows 8 please do a Right click on the Delfix icon and select Run as Administrator).
  • Ensure Remove disinfection tools is ticked
    Also tick:
    • Create registry backup
    • Purge system restore
    delfix.jpg
  • Click Run
The program will run for a few moments and then notepad will open with a log. Please paste the log in your next reply

 

Exercise common sense

Having security programs installed is very helpful to you, but none of them have the gift of human thought. The best way to make sure you don't get infected is to look before you leap. Be careful of what websites you visit - if a site looks suspicious, trust your instincts and get out of there. Be careful of what attachments you open in emails and files you download from websites - check them over carefully and look at the file extensions to make sure that you know what you're getting. Using peer-to-peer file sharing programs or downloading cracks and keygens is something else to avoid - the files you will be downloading are infected in the vast majority of cases, and the benefits simply aren't worth the risk to your computer.

Keep up on Windows updates

Along with keeping all of the security programs that you choose to use updated, it is also important to keep up on system updates from Microsoft, as these patch critical security vulnerabilities and help to keep you safe. Typically the windows update icon will appear in your taskbar when new updates are available, whenever you see it you should open the menu up and install the updates that are available. Although it may be an annoyance, that little bit of extra time it takes to stay updated is very well worth it instead of getting infected from an exploit and having to clean your PC again.

Slow computer?

If your computer begins to slow down again in the future for no particular reason, your first step should not be to come back to the malware forum. As your computer ages and is used, its parts wear, files and programs accumulate, and its performance speed can decrease. To restore your computer's performance to its best possible level, follow the steps in this guide written by tech expert Artellos.

Keep Safe! :thumbsup:

~Machiavelli

If I don't reply within 24 hours please PM me!

  • Every topic with no replies within 5 days will be closed.
  • If you like my help here please give me feedback.

unite_blue.png
 
 


#14 Machiavelli

Machiavelli

    Agent 007


  • Malware Response Instructor
  • 3,897 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Germany
  • Local time:10:25 PM

Posted 11 September 2015 - 02:08 PM

Due to the lack of feedback, this topic is now closed.

In the event you still have problems, please send me or any Moderator a Private Message and ask them to reopen this topic within the next 5 days.

Please include a link to your topic in the Private Message. Thank you.

~Machiavelli

If I don't reply within 24 hours please PM me!

  • Every topic with no replies within 5 days will be closed.
  • If you like my help here please give me feedback.

unite_blue.png
 
 





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users