Publicité
Publicité
Format du document : text/plain
Prévisualisation
Résultats d'analyse de Farbar Recovery Scan Tool (FRST) (x86) Version: 15-01-2017
Exécuté par g (administrateur) sur G-PC (17-01-2017 20:18:59)
Exécuté depuis C:\Users\g\Desktop
Profils chargés: g (Profils disponibles: g)
Platform: Microsoft Windows 7 Édition Intégrale Service Pack 1 (X86) Langue: Français (France)
Internet Explorer Version 11 (Navigateur par défaut: Chrome)
Mode d'amorçage: Normal
Tutoriel pour Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processus (Avec liste blanche) =================
(Si un élément est inclus dans le fichier fixlist.txt, le processus sera arrêté. Le fichier ne sera pas déplacé.)
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(LSI Corporation) C:\Program Files\LSI SoftModem\agrsmsvc.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Smadsoft) C:\Program Files\SMADAV\SMΔRTP.exe
() C:\Program Files\Droid4X\Droid4XService.exe
(ESET) C:\Program Files\ESET\ESET Smart Security\ekrn.exe
(Google Inc.) C:\Program Files\Google\Update\1.3.32.7\GoogleCrashHandler.exe
(Smadav Software) C:\Program Files\SMADAV\SmadavProtect32.exe
(Ralink Technology, Corp.) C:\Program Files\Ralink\Common\RaRegistry.exe
(DEVGURU Co., LTD.) C:\Program Files\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(ESET) C:\Program Files\ESET\ESET Smart Security\egui.exe
(Wondershare) C:\Program Files\Wondershare\WAF\2.3.1.1\WsAppService.exe
() C:\Program Files\DFX\DFX.exe
(Hewlett-Packard Company) C:\Windows\System32\ps2.EXE
(Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jusched.exe
(Realtek Semiconductor Corp.) C:\Windows\RtsCM.exe
(Baidu, Inc.) C:\Program Files\PC Faster\5.1.0.0\PCFTray.exe
(SFX TEAM) C:\Program Files\SuperCopier2\SuperCopier2.exe
(© 2015 Microsoft Corporation) C:\Users\g\AppData\Local\Microsoft\BingSvc\BingSvc.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner.exe
(Tonec Inc.) C:\Program Files\Internet Download Manager\IDMan.exe
(Ralink Technology, Corp.) C:\Program Files\Ralink\Common\RaUI.exe
() C:\Program Files\DFX\Universal\Apps\DfxSharedApp32.exe
(Tonec Inc.) C:\Program Files\Internet Download Manager\IEMonitor.exe
(WIBU-SYSTEMS AG) C:\Program Files\CodeMeter\Runtime\bin\CodeMeter.exe
(Microsoft Corporation) C:\Windows\System32\wbem\unsecapp.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(HP Inc.) C:\Program Files\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbam.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
==================== Registre (Avec liste blanche) ====================
(Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé. Le fichier ne sera pas déplacé.)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [1791272 2010-06-04] (Synaptics Incorporated)
HKLM\...\Run: [egui] => C:\Program Files\ESET\ESET Smart Security\egui.exe [5088456 2014-10-01] (ESET)
HKLM\...\Run: [DFX] => C:\Program Files\DFX\DFX.exe [1328632 2016-05-29] ()
HKLM\...\Run: [PS2] => C:\Windows\system32\ps2.exe [81920 2001-07-03] (Hewlett-Packard Company)
HKLM\...\Run: [SunJavaUpdateSched] => C:\Program Files\Common Files\Java\Java Update\jusched.exe [587288 2016-09-22] (Oracle Corporation)
HKLM\...\Run: [RtsCM] => C:\Windows\RTSCM.EXE [199936 2016-12-28] (Realtek Semiconductor Corp.)
HKLM\...\Run: [Malwarebytes TrayApp] => C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\mbamtray.exe [2776528 2016-12-14] (Malwarebytes)
HKLM\...\Run: [Baidu PC Faster 4.0.0.0] => C:\Program Files\PC Faster\5.1.0.0\PCFTray.exe [2333152 2015-05-13] (Baidu, Inc.)
HKLM\...\Run: [SMΔRT-Protection] => C:\Program Files\Smadav\SMΔRTP.exe [1736704 2017-01-14] (Smadsoft)
HKU\S-1-5-21-69554075-1431682049-3063101698-1000\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner.exe [5503768 2015-02-19] (Piriform Ltd)
HKU\S-1-5-21-69554075-1431682049-3063101698-1000\...\Run: [SuperCopier2.exe] => C:\Program Files\SuperCopier2\SuperCopier2.exe [955392 2009-08-16] (SFX TEAM)
HKU\S-1-5-21-69554075-1431682049-3063101698-1000\...\Run: [BingSvc] => C:\Users\g\AppData\Local\Microsoft\BingSvc\BingSvc.exe [144008 2015-11-15] (© 2015 Microsoft Corporation)
HKU\S-1-5-21-69554075-1431682049-3063101698-1000\...\Run: [IDMan] => C:\Program Files\Internet Download Manager\IDMan.exe [3907152 2015-08-14] (Tonec Inc.)
HKU\S-1-5-21-69554075-1431682049-3063101698-1000\...\Policies\Explorer: [DisallowRun] 1
HKU\S-1-5-21-69554075-1431682049-3063101698-1000\...\Policies\Explorer\DisallowRun: [1] Mshta.exe
HKU\S-1-5-21-69554075-1431682049-3063101698-1000\...\Policies\Explorer\DisallowRun: [2] powershell.exe
HKU\S-1-5-21-69554075-1431682049-3063101698-1000\...\Policies\Explorer\DisallowRun: [3] bitsadmin.exe
HKU\S-1-5-21-69554075-1431682049-3063101698-1000\...\MountPoints2: F - F:\Setup.exe
HKU\S-1-5-21-69554075-1431682049-3063101698-1000\...\MountPoints2: G - G:\Setup.exe
HKU\S-1-5-21-69554075-1431682049-3063101698-1000\...\MountPoints2: {0126abf3-e829-11e4-9f0d-001e101fabdd} - F:\AutoRun.exe
HKU\S-1-5-21-69554075-1431682049-3063101698-1000\...\MountPoints2: {03753110-a0d8-11e5-993d-1cc1deb36e80} - F:\AutoRun.exe
HKU\S-1-5-21-69554075-1431682049-3063101698-1000\...\MountPoints2: {03ae10b8-66ab-11e5-aaa3-1cc1deb36e80} - F:\AutoRun.exe
HKU\S-1-5-21-69554075-1431682049-3063101698-1000\...\MountPoints2: {056cbcec-4c49-11e5-8311-1cc1deb36e80} - F:\AutoRun.exe
HKU\S-1-5-21-69554075-1431682049-3063101698-1000\...\MountPoints2: {05e06023-70e0-11e5-994e-1cc1deb36e80} - F:\Setup.exe
HKU\S-1-5-21-69554075-1431682049-3063101698-1000\...\MountPoints2: {05f99fb3-9aba-11e5-83aa-001e101f1ed9} - G:\AutoRun.exe
HKU\S-1-5-21-69554075-1431682049-3063101698-1000\...\MountPoints2: {05f99fbf-9aba-11e5-83aa-001e101f1ed9} - G:\AutoRun.exe
HKU\S-1-5-21-69554075-1431682049-3063101698-1000\...\MountPoints2: {064d0927-6b8c-11e6-abd4-1cc1deb36e80} - F:\Setup.exe
HKU\S-1-5-21-69554075-1431682049-3063101698-1000\...\MountPoints2: {06a1405c-cacf-11e5-b10f-1cc1deb36e80} - F:\Setup.exe
HKU\S-1-5-21-69554075-1431682049-3063101698-1000\...\MountPoints2: {1034cacb-3dda-11e5-b2bd-001e101f50a4} - F:\AutoRun.exe
HKU\S-1-5-21-69554075-1431682049-3063101698-1000\...\MountPoints2: {11402712-3ec0-11e5-b851-001e101f8aaa} - F:\AutoRun.exe
HKU\S-1-5-21-69554075-1431682049-3063101698-1000\...\MountPoints2: {15402315-ec02-11e4-9d7a-806e6f6e6963} - F:\Setup.exe
HKU\S-1-5-21-69554075-1431682049-3063101698-1000\...\MountPoints2: {15af205b-e484-11e4-b7b9-70f395dc4edc} - F:\AutoRun.exe
HKU\S-1-5-21-69554075-1431682049-3063101698-1000\...\MountPoints2: {15af207b-e484-11e4-b7b9-70f395dc4edc} - F:\AutoRun.exe
HKU\S-1-5-21-69554075-1431682049-3063101698-1000\...\MountPoints2: {15ce6bca-651b-11e5-8c46-1cc1deb36e80} - F:\Setup.exe
HKU\S-1-5-21-69554075-1431682049-3063101698-1000\...\MountPoints2: {15ce6c54-651b-11e5-8c46-001e101f2c0e} - F:\Setup.exe
HKU\S-1-5-21-69554075-1431682049-3063101698-1000\...\MountPoints2: {19bb7fb4-d55b-11e4-a0ae-806e6f6e6963} - F:\autorun.exe
HKU\S-1-5-21-69554075-1431682049-3063101698-1000\...\MountPoints2: {1dcfcfcf-0718-11e5-86ea-001e101f63cf} - F:\AutoRun.exe
HKU\S-1-5-21-69554075-1431682049-3063101698-1000\...\MountPoints2: {20975d00-a04e-11e5-b3e5-1cc1deb36e80} - F:\Setup.exe
HKU\S-1-5-21-69554075-1431682049-3063101698-1000\...\MountPoints2: {226bb64c-ef17-11e4-babf-001e101f82a7} - F:\AutoRun.exe
HKU\S-1-5-21-69554075-1431682049-3063101698-1000\...\MountPoints2: {24c39610-6d35-11e5-b887-001e101f1838} - F:\Setup.exe
HKU\S-1-5-21-69554075-1431682049-3063101698-1000\...\MountPoints2: {257d9afd-8349-11e5-a2d1-1cc1deb36e80} - F:\Setup.exe
HKU\S-1-5-21-69554075-1431682049-3063101698-1000\...\MountPoints2: {26bf142f-bb92-11e5-90bb-1cc1deb36e80} - F:\Setup.exe
HKU\S-1-5-21-69554075-1431682049-3063101698-1000\...\MountPoints2: {26bf144a-bb92-11e5-90bb-1cc1deb36e80} - F:\Setup.exe
HKU\S-1-5-21-69554075-1431682049-3063101698-1000\...\MountPoints2: {26bf145f-bb92-11e5-90bb-1cc1deb36e80} - F:\Setup.exe
HKU\S-1-5-21-69554075-1431682049-3063101698-1000\...\MountPoints2: {26bf1471-bb92-11e5-90bb-1cc1deb36e80} - F:\Setup.exe
HKU\S-1-5-21-69554075-1431682049-3063101698-1000\...\MountPoints2: {285ecafc-cd15-11e5-a289-001e101f2c0e} - F:\Setup.exe
HKU\S-1-5-21-69554075-1431682049-3063101698-1000\...\MountPoints2: {2c6d6e4d-e8e7-11e4-9fbe-1cc1deb36e80} - F:\AutoRun.exe
HKU\S-1-5-21-69554075-1431682049-3063101698-1000\...\MountPoints2: {2e2e305f-75c6-11e6-84f3-1cc1deb36e80} - F:\autorun.exe
HKU\S-1-5-21-69554075-1431682049-3063101698-1000\...\MountPoints2: {2ed32880-045d-11e5-9a9e-001e101f4da1} - F:\Setup.exe
HKU\S-1-5-21-69554075-1431682049-3063101698-1000\...\MountPoints2: {2f49aa0e-7354-11e5-bfa3-1cc1deb36e80} - F:\AutoRun.exe
HKU\S-1-5-21-69554075-1431682049-3063101698-1000\...\MountPoints2: {2f7a7b9e-36a5-11e5-bd10-001e101f1838} - F:\AutoRun.exe
HKU\S-1-5-21-69554075-1431682049-3063101698-1000\...\MountPoints2: {35efdfa9-6e83-11e5-8d88-1cc1deb36e80} - F:\Setup.exe
HKU\S-1-5-21-69554075-1431682049-3063101698-1000\...\MountPoints2: {35efdfbd-6e83-11e5-8d88-001e101fb681} - F:\Setup.exe
HKU\S-1-5-21-69554075-1431682049-3063101698-1000\...\MountPoints2: {38634c2a-66b7-11e5-b44a-001e101f1838} - F:\AutoRun.exe
HKU\S-1-5-21-69554075-1431682049-3063101698-1000\...\MountPoints2: {38634cbd-66b7-11e5-b44a-001e101f1838} - F:\AutoRun.exe
HKU\S-1-5-21-69554075-1431682049-3063101698-1000\...\MountPoints2: {388aa067-71c1-11e5-b635-1cc1deb36e80} - F:\Setup.exe
HKU\S-1-5-21-69554075-1431682049-3063101698-1000\...\MountPoints2: {3a88ce89-80aa-11e5-81c3-001e101f8aaa} - F:\AutoRun.exe
HKU\S-1-5-21-69554075-1431682049-3063101698-1000\...\MountPoints2: {3b072783-3977-11e5-9439-001e101f4e71} - F:\Setup.exe
HKU\S-1-5-21-69554075-1431682049-3063101698-1000\...\MountPoints2: {3b0727a3-3977-11e5-9439-001e101f4e71} - F:\Setup.exe
HKU\S-1-5-21-69554075-1431682049-3063101698-1000\...\MountPoints2: {3b0727b5-3977-11e5-9439-001e101f4e71} - F:\Setup.exe
HKU\S-1-5-21-69554075-1431682049-3063101698-1000\...\MountPoints2: {3b17711f-6d4f-11e5-ba13-001e101f79c9} - F:\Setup.exe
HKU\S-1-5-21-69554075-1431682049-3063101698-1000\...\MountPoints2: {3c3d039b-6daf-11e5-9836-1cc1deb36e80} - F:\AutoRun.exe
HKU\S-1-5-21-69554075-1431682049-3063101698-1000\...\MountPoints2: {3c3d03ce-6daf-11e5-9836-1cc1deb36e80} - F:\AutoRun.exe
HKU\S-1-5-21-69554075-1431682049-3063101698-1000\...\MountPoints2: {3fa64aea-32dd-11e5-84ea-001e101fb681} - F:\Setup.exe
HKU\S-1-5-21-69554075-1431682049-3063101698-1000\...\MountPoints2: {4bb7d41d-fa33-11e4-9ad6-001e101f3315} - F:\Setup.exe
HKU\S-1-5-21-69554075-1431682049-3063101698-1000\...\MountPoints2: {4e1cb8d6-6dc8-11e5-b486-70f395dc4edc} - F:\Setup.exe
HKU\S-1-5-21-69554075-1431682049-3063101698-1000\...\MountPoints2: {4e7ce646-3d0f-11e5-a933-001e101faa49} - F:\Setup.exe
HKU\S-1-5-21-69554075-1431682049-3063101698-1000\...\MountPoints2: {55c2fb37-738e-11e5-b493-70f395dc4edc} - F:\AutoRun.exe
HKU\S-1-5-21-69554075-1431682049-3063101698-1000\...\MountPoints2: {5759602f-70fd-11e5-8899-1cc1deb36e80} - F:\Setup.exe
HKU\S-1-5-21-69554075-1431682049-3063101698-1000\...\MountPoints2: {57596084-70fd-11e5-8899-001e101fb4df} - F:\Setup.exe
HKU\S-1-5-21-69554075-1431682049-3063101698-1000\...\MountPoints2: {58e35702-ac27-11e5-8813-1cc1deb36e80} - F:\Setup.exe
HKU\S-1-5-21-69554075-1431682049-3063101698-1000\...\MountPoints2: {5aee5f25-ac29-11e5-9c98-1cc1deb36e80} - G:\Setup.exe
HKU\S-1-5-21-69554075-1431682049-3063101698-1000\...\MountPoints2: {5b7df9a5-2392-11e5-a362-001e101f9843} - F:\Setup.exe
HKU\S-1-5-21-69554075-1431682049-3063101698-1000\...\MountPoints2: {5df3023a-707a-11e5-a9c3-001e101f3315} - F:\Setup.exe
HKU\S-1-5-21-69554075-1431682049-3063101698-1000\...\MountPoints2: {5e7993e8-048a-11e5-b450-70f395dc4edc} - F:\Setup.exe
HKU\S-1-5-21-69554075-1431682049-3063101698-1000\...\MountPoints2: {5e7994cf-048a-11e5-b450-70f395dc4edc} - F:\Setup.exe
HKU\S-1-5-21-69554075-1431682049-3063101698-1000\...\MountPoints2: {5e82c602-6cc0-11e6-ade9-1cc1deb36e80} - F:\Setup.exe
HKU\S-1-5-21-69554075-1431682049-3063101698-1000\...\MountPoints2: {6ac246a0-a107-11e5-bc83-1cc1deb36e80} - F:\AutoRun.exe
HKU\S-1-5-21-69554075-1431682049-3063101698-1000\...\MountPoints2: {73ad47df-d96b-11e5-80b8-1cc1deb36e80} - F:\autorun.exe
HKU\S-1-5-21-69554075-1431682049-3063101698-1000\...\MountPoints2: {78870819-6ba4-11e5-bd79-70f395dc4edc} - F:\Setup.exe
HKU\S-1-5-21-69554075-1431682049-3063101698-1000\...\MountPoints2: {7887085a-6ba4-11e5-bd79-70f395dc4edc} - F:\Setup.exe
HKU\S-1-5-21-69554075-1431682049-3063101698-1000\...\MountPoints2: {7a6f9e81-6d0a-11e5-b65f-1cc1deb36e80} - F:\Setup.exe
HKU\S-1-5-21-69554075-1431682049-3063101698-1000\...\MountPoints2: {7a6f9eb9-6d0a-11e5-b65f-1cc1deb36e80} - F:\Setup.exe
HKU\S-1-5-21-69554075-1431682049-3063101698-1000\...\MountPoints2: {84698ca7-03e5-11e5-b4fc-1cc1deb36e80} - F:\AutoRun.exe
HKU\S-1-5-21-69554075-1431682049-3063101698-1000\...\MountPoints2: {862c4f2e-71a7-11e5-b2ca-70f395dc4edc} - F:\Setup.exe
HKU\S-1-5-21-69554075-1431682049-3063101698-1000\...\MountPoints2: {86892afe-65e0-11e5-ada4-001e101f36d9} - F:\AutoRun.exe
HKU\S-1-5-21-69554075-1431682049-3063101698-1000\...\MountPoints2: {8ae8239c-8e3b-11e5-a578-1cc1deb36e80} - G:\AutoRun.exe
HKU\S-1-5-21-69554075-1431682049-3063101698-1000\...\MountPoints2: {8b1fdd52-dd68-11e4-9f89-1cc1deb36e80} - F:\AutoRun.exe
HKU\S-1-5-21-69554075-1431682049-3063101698-1000\...\MountPoints2: {8d2322bf-41cc-11e5-8d9b-1cc1deb36e80} - F:\AutoRun.exe
HKU\S-1-5-21-69554075-1431682049-3063101698-1000\...\MountPoints2: {8e47d847-9b86-11e5-9ab9-1cc1deb36e80} - F:\AutoRun.exe
HKU\S-1-5-21-69554075-1431682049-3063101698-1000\...\MountPoints2: {8e47d864-9b86-11e5-9ab9-1cc1deb36e80} - F:\AutoRun.exe
HKU\S-1-5-21-69554075-1431682049-3063101698-1000\...\MountPoints2: {8e47d86f-9b86-11e5-9ab9-1cc1deb36e80} - F:\AutoRun.exe
HKU\S-1-5-21-69554075-1431682049-3063101698-1000\...\MountPoints2: {8e47d89a-9b86-11e5-9ab9-1cc1deb36e80} - G:\AutoRun.exe
HKU\S-1-5-21-69554075-1431682049-3063101698-1000\...\MountPoints2: {8f110ab2-54e9-11e5-8e6e-806e6f6e6963} - F:\AutoRun.exe
HKU\S-1-5-21-69554075-1431682049-3063101698-1000\...\MountPoints2: {919f45f3-7f14-11e5-b12f-1cc1deb36e80} - F:\Setup.exe
HKU\S-1-5-21-69554075-1431682049-3063101698-1000\...\MountPoints2: {929abbbd-274c-11e5-a516-806e6f6e6963} - F:\AutoRun.exe
HKU\S-1-5-21-69554075-1431682049-3063101698-1000\...\MountPoints2: {93eeba59-d264-11e4-a384-70f395dc4edc} - F:\autorun.exe
HKU\S-1-5-21-69554075-1431682049-3063101698-1000\...\MountPoints2: {96558239-8279-11e5-80d5-001e101fb45e} - F:\Setup.exe
HKU\S-1-5-21-69554075-1431682049-3063101698-1000\...\MountPoints2: {9655827b-8279-11e5-80d5-001e101fb45e} - F:\Setup.exe
HKU\S-1-5-21-69554075-1431682049-3063101698-1000\...\MountPoints2: {97673c6a-3d0b-11e5-b2ab-806e6f6e6963} - F:\Setup.exe
HKU\S-1-5-21-69554075-1431682049-3063101698-1000\...\MountPoints2: {97673ca9-3d0b-11e5-b2ab-1cc1deb36e80} - F:\Setup.exe
HKU\S-1-5-21-69554075-1431682049-3063101698-1000\...\MountPoints2: {98fa7202-8002-11e5-84a3-1cc1deb36e80} - F:\Setup.exe
HKU\S-1-5-21-69554075-1431682049-3063101698-1000\...\MountPoints2: {98fa7268-8002-11e5-84a3-001e101faa49} - F:\Setup.exe
HKU\S-1-5-21-69554075-1431682049-3063101698-1000\...\MountPoints2: {9a06d1ef-7079-11e5-bd17-1cc1deb36e80} - F:\Setup.exe
HKU\S-1-5-21-69554075-1431682049-3063101698-1000\...\MountPoints2: {9ba59a94-87f9-11e5-9c7c-1cc1deb36e80} - F:\Setup.exe
HKU\S-1-5-21-69554075-1431682049-3063101698-1000\...\MountPoints2: {9d0d6693-5187-11e5-84c5-1cc1deb36e80} - F:\Setup.exe
HKU\S-1-5-21-69554075-1431682049-3063101698-1000\...\MountPoints2: {a32cebcd-6560-11e5-94ae-1cc1deb36e80} - F:\AutoRun.exe
HKU\S-1-5-21-69554075-1431682049-3063101698-1000\...\MountPoints2: {a3afe77e-3437-11e5-9b25-1cc1deb36e80} - F:\Setup.exe
HKU\S-1-5-21-69554075-1431682049-3063101698-1000\...\MountPoints2: {a737b491-6a14-11e5-9ad4-1cc1deb36e80} - F:\AutoRun.exe
HKU\S-1-5-21-69554075-1431682049-3063101698-1000\...\MountPoints2: {a7d54ced-8bdc-11e5-88b1-1cc1deb36e80} - G:\AutoRun.exe
HKU\S-1-5-21-69554075-1431682049-3063101698-1000\...\MountPoints2: {afd315a4-448d-11e5-a8e2-70f395dc4edc} - F:\Setup.exe
HKU\S-1-5-21-69554075-1431682049-3063101698-1000\...\MountPoints2: {b0738fdf-d59b-11e4-957d-70f395dc4edc} - F:\AutoRun.exe
HKU\S-1-5-21-69554075-1431682049-3063101698-1000\...\MountPoints2: {b44f720a-6cb0-11e6-b1d2-1cc1deb36e80} - G:\Setup.exe
HKU\S-1-5-21-69554075-1431682049-3063101698-1000\...\MountPoints2: {b5c11ae8-37d1-11e5-a2a2-001e101f82a0} - G:\AutoRun.exe
HKU\S-1-5-21-69554075-1431682049-3063101698-1000\...\MountPoints2: {b6b10678-6dbf-11e5-bb5f-001e101f82a0} - F:\AutoRun.exe
HKU\S-1-5-21-69554075-1431682049-3063101698-1000\...\MountPoints2: {b6b1069f-6dbf-11e5-bb5f-001e101f82a0} - F:\AutoRun.exe
HKU\S-1-5-21-69554075-1431682049-3063101698-1000\...\MountPoints2: {b7ca59e6-1438-11e5-bcd8-001e101fabdd} - F:\AutoRun.exe
HKU\S-1-5-21-69554075-1431682049-3063101698-1000\...\MountPoints2: {c17cddfe-3a2f-11e5-b797-1cc1deb36e80} - F:\Setup.exe
HKU\S-1-5-21-69554075-1431682049-3063101698-1000\...\MountPoints2: {c4936e24-4861-11e5-8ca6-1cc1deb36e80} - F:\Setup.exe
HKU\S-1-5-21-69554075-1431682049-3063101698-1000\...\MountPoints2: {c6a20f25-06c7-11e5-868b-001e101fb45e} - F:\AutoRun.exe
HKU\S-1-5-21-69554075-1431682049-3063101698-1000\...\MountPoints2: {c87ecd55-6be9-11e6-aaf4-1cc1deb36e80} - F:\Setup.exe
HKU\S-1-5-21-69554075-1431682049-3063101698-1000\...\MountPoints2: {c87ecd79-6be9-11e6-aaf4-001e101faa49} - F:\Setup.exe
HKU\S-1-5-21-69554075-1431682049-3063101698-1000\...\MountPoints2: {cd72fae4-70ee-11e5-b483-001e101fa1f5} - F:\Setup.exe
HKU\S-1-5-21-69554075-1431682049-3063101698-1000\...\MountPoints2: {cfc335c7-35f6-11e5-95e4-1cc1deb36e80} - F:\Setup.exe
HKU\S-1-5-21-69554075-1431682049-3063101698-1000\...\MountPoints2: {d33c2079-70fa-11e5-8afa-1cc1deb36e80} - F:\Setup.exe
HKU\S-1-5-21-69554075-1431682049-3063101698-1000\...\MountPoints2: {d405a3b4-71fd-11e5-8198-70f395dc4edc} - F:\Setup.exe
HKU\S-1-5-21-69554075-1431682049-3063101698-1000\...\MountPoints2: {d4464de9-d720-11e4-beee-1cc1deb36e80} - F:\Setup.exe
HKU\S-1-5-21-69554075-1431682049-3063101698-1000\...\MountPoints2: {db2bf5bd-e87e-11e4-9828-001e101f1838} - F:\AutoRun.exe
HKU\S-1-5-21-69554075-1431682049-3063101698-1000\...\MountPoints2: {dd7405a6-269f-11e5-acf9-001e101f1f81} - F:\AutoRun.exe
HKU\S-1-5-21-69554075-1431682049-3063101698-1000\...\MountPoints2: {dd7405c8-269f-11e5-acf9-001e101f1f81} - G:\AutoRun.exe
HKU\S-1-5-21-69554075-1431682049-3063101698-1000\...\MountPoints2: {e0d9a9d3-a06e-11e5-9cd3-806e6f6e6963} - F:\Setup.exe
HKU\S-1-5-21-69554075-1431682049-3063101698-1000\...\MountPoints2: {e1041f15-4805-11e5-bf9b-70f395dc4edc} - F:\Setup.exe
HKU\S-1-5-21-69554075-1431682049-3063101698-1000\...\MountPoints2: {e6efbf1b-4927-11e5-8e9a-1cc1deb36e80} - F:\AutoRun.exe
HKU\S-1-5-21-69554075-1431682049-3063101698-1000\...\MountPoints2: {e918b787-279d-11e5-b1fb-1cc1deb36e80} - F:\Setup.exe
HKU\S-1-5-21-69554075-1431682049-3063101698-1000\...\MountPoints2: {e9956471-e223-11e4-8241-001e101f8924} - F:\AutoRun.exe
HKU\S-1-5-21-69554075-1431682049-3063101698-1000\...\MountPoints2: {ec86707b-4a84-11e5-b2b3-70f395dc4edc} - F:\Setup.exe
HKU\S-1-5-21-69554075-1431682049-3063101698-1000\...\MountPoints2: {ed55f3a7-4541-11e5-86e6-70f395dc4edc} - F:\Setup.exe
HKU\S-1-5-21-69554075-1431682049-3063101698-1000\...\MountPoints2: {f12b0609-7f61-11e5-a3e4-1cc1deb36e80} - F:\Setup.exe
HKU\S-1-5-21-69554075-1431682049-3063101698-1000\...\MountPoints2: {f193c36b-eb96-11e4-80a8-001e101fe70e} - F:\Setup.exe
HKU\S-1-5-21-69554075-1431682049-3063101698-1000\...\MountPoints2: {f347a360-d26d-11e4-9faf-1cc1deb36e80} - F:\Setup.exe
HKU\S-1-5-21-69554075-1431682049-3063101698-1000\...\MountPoints2: {f347a370-d26d-11e4-9faf-1cc1deb36e80} - F:\Setup.exe
HKU\S-1-5-21-69554075-1431682049-3063101698-1000\...\MountPoints2: {fb15d0de-8caa-11e5-887c-1cc1deb36e80} - F:\AutoRun.exe
HKU\S-1-5-21-69554075-1431682049-3063101698-1000\...\MountPoints2: {ff3edda7-2608-11e5-983c-70f395dc4edc} - F:\Setup.exe
ShellIconOverlayIdentifiers: [ IDM Shell Extension] -> {CDC95B92-E27C-4745-A8C5-64A52A78855D} => C:\Program Files\Internet Download Manager\IDMShellExt.dll [2015-08-14] (Tonec Inc.)
ShellIconOverlayIdentifiers: [###MegaShellExtPending] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => -> Pas de fichier
ShellIconOverlayIdentifiers: [###MegaShellExtSynced] -> {05B38830-F4E9-4329-978B-1DD28605D202} => -> Pas de fichier
ShellIconOverlayIdentifiers: [###MegaShellExtSyncing] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => -> Pas de fichier
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Ralink Wireless Utility.lnk [2017-01-07]
ShortcutTarget: Ralink Wireless Utility.lnk -> C:\Program Files\Ralink\Common\RaUI.exe (Ralink Technology, Corp.)
==================== Internet (Avec liste blanche) ====================
(Si un élément est inclus dans le fichier fixlist.txt, s'il s'agit d'un élément du Registre, il sera supprimé ou restauré à la valeur par défaut.)
ATTENTION: There are more than 99 Catalog9 entries. Turn off the whitelisting to see all the entries. You may check Device Manager for presence of unusual amount of "Microsoft 6to4 Adapter" devices.
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{29F9E621-8F9E-45A9-BC86-C6A37F34A13F}: [DhcpNameServer] 172.20.10.1
Tcpip\..\Interfaces\{991A24D8-CB02-4C92-9D45-2EC4027A21EE}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{D15F014A-8488-477D-9257-3E1D896FEFEB}: [NameServer] 10.137.35.50 41.137.33.24
Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =
HKU\S-1-5-21-69554075-1431682049-3063101698-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.msn.com/?pc=SL5M&ocid=SL5MDHP&osmkt=ar-xl
HKU\S-1-5-21-69554075-1431682049-3063101698-1000\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://www.startimes.com/
SearchScopes: HKU\S-1-5-21-69554075-1431682049-3063101698-1000 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?FORM=SL5MDF&PC=SL5M&q={searchTerms}&src=IE-SearchBox
SearchScopes: HKU\S-1-5-21-69554075-1431682049-3063101698-1000 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?FORM=SL5MDF&PC=SL5M&q={searchTerms}&src=IE-SearchBox
BHO: IDM integration (IDMIEHlprObj Class) -> {0055C089-8582-441B-A0BF-17B458C2A3A8} -> C:\Program Files\Internet Download Manager\IDMIECC.dll [2015-07-08] (Internet Download Manager, Tonec Inc.)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_112\bin\ssv.dll [2016-11-17] (Oracle Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_112\bin\jp2ssv.dll [2016-11-17] (Oracle Corporation)
FireFox:
========
FF DefaultProfile: 9ynmtmie.default
FF ProfilePath: C:\Users\g\AppData\Roaming\Mozilla\Firefox\Profiles\9ynmtmie.default [2017-01-17]
FF SearchEngineOrder.3: Mozilla\Firefox\Profiles\9ynmtmie.default -> Bing
FF SelectedSearchEngine: Mozilla\Firefox\Profiles\9ynmtmie.default -> Bing
FF Homepage: Mozilla\Firefox\Profiles\9ynmtmie.default -> hxxp://www.msn.com/?pc=SK216&ocid=SK216DHP&osmkt=ar-xl
hxxps://www.google.com/?gws_rd=ssl
FF Keyword.URL: Mozilla\Firefox\Profiles\9ynmtmie.default -> hxxp://www.bing.com/search?FORM=SL5MDF&PC=SL5M&q=
FF Extension: (Bing Search) - C:\Users\g\AppData\Roaming\Mozilla\Firefox\Profiles\9ynmtmie.default\Extensions\bingsearch.full@microsoft.com [2017-01-15] [non signé]
FF Extension: (Bing Search) - C:\Users\g\AppData\Roaming\Mozilla\Firefox\Profiles\9ynmtmie.default\Extensions\bingsearch.full@microsoft.com.xpi [2015-12-08]
FF Extension: (Firefox Hotfix) - C:\Users\g\AppData\Roaming\Mozilla\Firefox\Profiles\9ynmtmie.default\Extensions\firefox-hotfix@mozilla.org.xpi [2016-09-23]
FF Extension: (Auto Shutdown NG) - C:\Users\g\AppData\Roaming\Mozilla\Firefox\Profiles\9ynmtmie.default\Extensions\jid0-HZ5UvAEiWWAxT9TKLuhEgUCARqo@jetpack.xpi [2016-12-24]
FF Extension: (Cookies Manager+) - C:\Users\g\AppData\Roaming\Mozilla\Firefox\Profiles\9ynmtmie.default\Extensions\{bb6bc1bb-f824-4702-90cd-35e2fb24f25d} [2017-01-03]
FF Extension: (IDM integration) - C:\Program Files\Internet Download Manager\idmmzcc2.xpi [2015-08-14]
FF SearchPlugin: C:\Users\g\AppData\Roaming\Mozilla\Firefox\Profiles\9ynmtmie.default\searchplugins\bing-.xml [2015-12-08]
FF HKU\S-1-5-21-69554075-1431682049-3063101698-1000\...\Firefox\Extensions: [mozilla_cc2@internetdownloadmanager.com] - C:\Program Files\Internet Download Manager\idmmzcc2.xpi
FF HKU\S-1-5-21-69554075-1431682049-3063101698-1000\...\SeaMonkey\Extensions: [mozilla_cc2@internetdownloadmanager.com] - C:\Program Files\Internet Download Manager\idmmzcc2.xpi
FF HKU\S-1-5-21-69554075-1431682049-3063101698-1000\...\SeaMonkey\Extensions: [mozilla_cc@internetdownloadmanager.com] - C:\Users\g\AppData\Roaming\IDM\idmmzcc5
FF Extension: (IDM CC) - C:\Users\g\AppData\Roaming\IDM\idmmzcc5 [2016-04-09] [non signé]
FF Plugin: @java.com/DTPlugin,version=11.112.2 -> C:\Program Files\Java\jre1.8.0_112\bin\dtplugin\npDeployJava1.dll [2016-11-17] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.112.2 -> C:\Program Files\Java\jre1.8.0_112\bin\plugin2\npjp2.dll [2016-11-17] (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.50901.0\npctrl.dll [2016-08-31] ( Microsoft Corporation)
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2016-12-24] (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2016-12-24] (Google Inc.)
FF Plugin: @videolan.org/vlc,version=2.1.5 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.2.1 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.2.4 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2016-12-23] (Adobe Systems Inc.)
Chrome:
=======
CHR StartupUrls: Default -> "hxxp://www.google.com/"
CHR Profile: C:\Users\g\AppData\Local\Google\Chrome\User Data\Default [2017-01-17]
CHR Extension: (Google Slides) - C:\Users\g\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2016-12-24]
CHR Extension: (Google Docs) - C:\Users\g\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2016-12-24]
CHR Extension: (YouTube) - C:\Users\g\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-09-26]
CHR Extension: (Adblock Plus) - C:\Users\g\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2016-10-29]
CHR Extension: (Recherche Google) - C:\Users\g\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-10-27]
CHR Extension: (Adobe Acrobat) - C:\Users\g\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2017-01-16]
CHR Extension: (Disable Youtube™ HTML5 Player) - C:\Users\g\AppData\Local\Google\Chrome\User Data\Default\Extensions\enmofgaijnbjpblfljopnpdogpldapoc [2016-03-28]
CHR Extension: (Google Sheets) - C:\Users\g\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-05-16]
CHR Extension: (Google Docs hors connexion) - C:\Users\g\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-03-16]
CHR Extension: (IE Tab) - C:\Users\g\AppData\Local\Google\Chrome\User Data\Default\Extensions\hehijbfgiekmjfkfjpbkbammjbdenadd [2017-01-12]
CHR Extension: (Flatbook) - C:\Users\g\AppData\Local\Google\Chrome\User Data\Default\Extensions\kadbillinepbjlgenaliokdhejdmmlgp [2016-12-21]
CHR Extension: (Skype) - C:\Users\g\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2016-10-23]
CHR Extension: (IDM Integration Module) - C:\Users\g\AppData\Local\Google\Chrome\User Data\Default\Extensions\ngpampappnmepgilojfohadhhmbhlaek [2016-12-11]
CHR Extension: (Paiements via le Chrome Web Store) - C:\Users\g\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-04-02]
CHR Extension: (Gmail) - C:\Users\g\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-05-16]
CHR Extension: (Chrome Media Router) - C:\Users\g\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2016-12-09]
CHR Profile: C:\Users\g\AppData\Local\Google\Chrome\User Data\Profile 1 [2017-01-16]
CHR Extension: (Google Docs) - C:\Users\g\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aohghmighlieiainnegkcijnfilokake [2015-07-29]
CHR Extension: (Google Drive) - C:\Users\g\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-07-29]
CHR Extension: (YouTube) - C:\Users\g\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-07-29]
CHR Extension: (Recherche Google) - C:\Users\g\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-07-29]
CHR Extension: (Chrome Hotword Shared Module) - C:\Users\g\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-07-29]
CHR Extension: (Skype Click to Call) - C:\Users\g\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2015-07-29]
CHR Extension: (IDM Integration Module) - C:\Users\g\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ngpampappnmepgilojfohadhhmbhlaek [2015-07-29]
CHR Extension: (Paiements via le Chrome Web Store) - C:\Users\g\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-07-29]
CHR Extension: (Gmail) - C:\Users\g\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-07-29]
CHR Profile: C:\Users\g\AppData\Local\Google\Chrome\User Data\System Profile [2017-01-16]
CHR Extension: (Google Slides) - C:\Users\g\AppData\Local\Google\Chrome\User Data\System Profile\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-07-29]
CHR Extension: (Google Docs) - C:\Users\g\AppData\Local\Google\Chrome\User Data\System Profile\Extensions\aohghmighlieiainnegkcijnfilokake [2015-07-29]
CHR Extension: (Google Drive) - C:\Users\g\AppData\Local\Google\Chrome\User Data\System Profile\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-07-29]
CHR Extension: (YouTube) - C:\Users\g\AppData\Local\Google\Chrome\User Data\System Profile\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-07-29]
CHR Extension: (Recherche Google) - C:\Users\g\AppData\Local\Google\Chrome\User Data\System Profile\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-07-29]
CHR Extension: (Bing) - C:\Users\g\AppData\Local\Google\Chrome\User Data\System Profile\Extensions\fcfenmboojpjinhpgggodefccipikbpd [2015-07-29]
CHR Extension: (Google Sheets) - C:\Users\g\AppData\Local\Google\Chrome\User Data\System Profile\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-07-29]
CHR Extension: (Chrome Hotword Shared Module) - C:\Users\g\AppData\Local\Google\Chrome\User Data\System Profile\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-07-29]
CHR Extension: (Skype Click to Call) - C:\Users\g\AppData\Local\Google\Chrome\User Data\System Profile\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2015-07-29]
CHR Extension: (IDM Integration Module) - C:\Users\g\AppData\Local\Google\Chrome\User Data\System Profile\Extensions\ngpampappnmepgilojfohadhhmbhlaek [2015-07-29]
CHR Extension: (Paiements via le Chrome Web Store) - C:\Users\g\AppData\Local\Google\Chrome\User Data\System Profile\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-07-29]
CHR Extension: (Gmail) - C:\Users\g\AppData\Local\Google\Chrome\User Data\System Profile\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-07-29]
CHR HKLM\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM\...\Chrome\Extension: [ngpampappnmepgilojfohadhhmbhlaek] - C:\Program Files\Internet Download Manager\IDMGCExt.crx [2015-08-14]
==================== Services (Avec liste blanche) ====================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
R2 AgereModemAudio; C:\Program Files\LSI SoftModem\agrsmsvc.exe [26112 2009-12-03] (LSI Corporation)
R2 CodeMeter.exe; C:\Program Files\CodeMeter\Runtime\bin\CodeMeter.exe [3105144 2013-11-27] (WIBU-SYSTEMS AG)
R2 Droid4XService; C:\Program Files\Droid4X\Droid4XService.exe [269312 2016-01-06] () [Fichier non signé]
R2 ekrn; C:\Program Files\ESET\ESET Smart Security\ekrn.exe [1349576 2014-10-01] (ESET)
S3 hpqcaslwmiex; C:\Program Files\HP\Shared\hpqwmiex.exe [1031704 2016-06-03] (HP)
R2 HPSupportSolutionsFrameworkService; C:\Program Files\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe [31776 2016-12-07] (HP Inc.)
S2 LiveUpdateSvc; C:\Program Files\IObit\LiveUpdate\LiveUpdate.exe [2909472 2015-07-29] (IObit)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [3381200 2016-12-14] (Malwarebytes)
R2 RalinkRegistryWriter; C:\Program Files\Ralink\Common\RaRegistry.exe [372736 2012-07-04] (Ralink Technology, Corp.) [Fichier non signé]
S3 RaMediaServer; C:\Program Files\Ralink\Common\RaMediaServer.exe [1863680 2012-07-06] (Ralink) [Fichier non signé]
R2 ss_conn_service; C:\Program Files\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe [754784 2016-07-22] (DEVGURU Co., LTD.)
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [680960 2013-05-27] (Microsoft Corporation)
R2 WsAppService; C:\Program Files\Wondershare\WAF\2.3.1.1\WsAppService.exe [437392 2016-10-10] (Wondershare)
S4 PCFasterSvc_{PCFaster_5.1.0.0}; C:\Program Files\PC Faster\5.1.0.0\PCFasterSvc.exe [X]
===================== Pilotes (Avec liste blanche) ======================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
R2 AegisP; C:\Windows\System32\DRIVERS\AegisP.sys [21035 2016-08-28] (Meetinghouse Data Communications) [Fichier non signé]
S3 AmUStor; C:\Windows\System32\drivers\AmUStor.SYS [75416 2016-10-11] (Alcor Micro, Corp.)
R0 Bhbase; C:\Windows\System32\drivers\Bhbase.sys [46440 2015-03-31] (Baidu, Inc.)
R1 BprotectEx; C:\Windows\System32\drivers\BprotectEx.sys [113992 2015-03-31] (Baidu, Inc.)
S3 Btcsrusb; C:\Windows\System32\Drivers\btcusb.sys [47504 2016-06-16] (IVT Corporation.)
S3 BTMUSB; C:\Windows\System32\Drivers\btmusb.sys [402432 2015-12-04] (Motorola, Inc.) [Fichier non signé]
S3 CH341SER; C:\Windows\System32\Drivers\CH341SER.SYS [39696 2011-11-05] (www.winchiphead.com)
S3 DFX11_1; C:\Windows\System32\drivers\dfx11_1.sys [24424 2015-08-31] (Windows (R) Win 7 DDK provider)
R3 DFX12; C:\Windows\System32\drivers\dfx12.sys [26104 2015-11-12] (Windows (R) Win 7 DDK provider)
S3 dg_ssudbus; C:\Windows\System32\DRIVERS\ssudbus.sys [109184 2016-09-05] (Samsung Electronics Co., Ltd.)
R1 eamonm; C:\Windows\System32\DRIVERS\eamonm.sys [191928 2014-09-22] (ESET)
R1 ehdrv; C:\Windows\System32\DRIVERS\ehdrv.sys [135296 2014-09-22] (ESET)
R2 epfw; C:\Windows\System32\DRIVERS\epfw.sys [176448 2014-09-22] (ESET)
R1 EpfwLWF; C:\Windows\System32\DRIVERS\EpfwLWF.sys [37928 2014-09-22] (ESET)
R0 epfwwfp; C:\Windows\System32\DRIVERS\epfwwfp.sys [51288 2014-09-22] (ESET)
R1 ESProtectionDriver; C:\Windows\system32\drivers\mbae.sys [59968 2016-12-14] ()
S3 FcSerial; C:\Windows\System32\DRIVERS\FcSerial.sys [194944 2015-05-28] (Flash Card.)
S3 GeneStor; C:\Windows\System32\DRIVERS\GeneStor.sys [56832 2016-09-21] (GenesysLogic)
S3 hwdatacard; C:\Windows\System32\DRIVERS\ewusbmdm.sys [199296 2016-08-28] (MBB Technologies Co., Ltd.)
R1 HWiNFO32; C:\Windows\system32\drivers\HWiNFO32.SYS [23840 2015-10-05] (REALiX(tm))
R3 IntcHdmiAddService; C:\Windows\System32\drivers\IntcHdmi.sys [127488 2016-01-10] (Intel(R) Corporation) [Fichier non signé]
R2 MBAMChameleon; C:\Windows\system32\drivers\MBAMChameleon.sys [153024 2017-01-15] (Malwarebytes)
R3 MBAMFarflt; C:\Windows\system32\drivers\farflt.sys [87496 2017-01-17] (Malwarebytes)
R3 MBAMProtection; C:\Windows\system32\drivers\mbam.sys [39360 2017-01-17] (Malwarebytes)
S3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [39360 2017-01-17] (Malwarebytes)
R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [219072 2017-01-17] (Malwarebytes)
S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63264 2017-01-17] (Malwarebytes)
R3 MTKSCVAD; C:\Windows\System32\drivers\mtkvad.sys [37376 2012-07-16] (Ralink Technology, Corp.)
R1 ndisrd; C:\Windows\System32\DRIVERS\ndisrd.sys [37408 2014-08-14] (NT Kernel Resources)
R3 netr28; C:\Windows\System32\DRIVERS\netr28.sys [2099856 2015-12-04] (MediaTek Inc.)
R3 netr28u; C:\Windows\System32\DRIVERS\netr28u.sys [1321568 2012-08-17] (Ralink Technology Corp.)
S3 rtsuvc; C:\Windows\System32\DRIVERS\rtsuvc.sys [2003712 2016-12-23] (Realtek Semiconductor Corp.)
S3 ssudmdm; C:\Windows\System32\DRIVERS\ssudmdm.sys [147072 2016-09-05] (Samsung Electronics Co., Ltd.)
S3 usbrndis6; C:\Windows\system32\drivers\usb80236.sys [15872 2013-02-12] (Microsoft Corporation)
S3 btmaudio; system32\drivers\btmaud.sys [X]
S3 BTMCOM; System32\Drivers\btmcom.sys [X]
S3 dgderdrv; System32\drivers\dgderdrv.sys [X]
S3 ewusbnet; system32\DRIVERS\ewusbnet.sys [X]
S3 hwusbdev; system32\DRIVERS\ewusbdev.sys [X]
S3 PCFApiUtil; \??\C:\Program Files\PC Faster\5.1.0.0\PCFApiUtil.sys [X]
S3 RimUsb; System32\Drivers\RimUsb.sys [X]
S3 VGPU; System32\drivers\rdvgkmd.sys [X]
S3 vmci; \SystemRoot\system32\DRIVERS\vmci.sys [X]
S3 VMnetAdapter; system32\DRIVERS\vmnetadapter.sys [X]
==================== NetSvcs (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
==================== Un mois - Créés - fichiers et dossiers ========
(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)
2017-01-17 20:19 - 2017-01-17 20:21 - 00040121 _____ C:\Users\g\Desktop\FRST.txt
2017-01-17 20:18 - 2017-01-17 20:18 - 00000000 ____D C:\FRST
2017-01-17 20:16 - 2017-01-17 20:16 - 01761280 _____ (Farbar) C:\Users\g\Desktop\FRST.exe
2017-01-17 19:01 - 2017-01-17 19:01 - 00000000 ____H C:\ProgramData\cm-lock
2017-01-17 17:04 - 2017-01-17 18:41 - 00000000 __SHD C:\[Smad-Cage]
2017-01-17 17:04 - 2017-01-17 18:40 - 00000000 ____D C:\Program Files\SMADAV
2017-01-17 17:04 - 2017-01-17 17:04 - 00000978 _____ C:\Users\Public\Desktop\SMADΔV.lnk
2017-01-17 17:04 - 2017-01-17 17:04 - 00000000 ____D C:\Users\g\AppData\Roaming\Smadav
2017-01-17 17:04 - 2017-01-17 17:04 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SMADAV Antivirus
2017-01-17 16:12 - 2017-01-17 16:26 - 00011361 _____ C:\missing.ini
2017-01-17 16:12 - 2017-01-17 16:12 - 00110408 _____ C:\Users\g\AppData\Local\GDIPFONTCACHEV1.DAT
2017-01-17 13:45 - 2017-01-17 13:47 - 00000000 ____D C:\Users\g\Desktop\program ccleaner
2017-01-16 18:09 - 2017-01-16 18:09 - 00000000 ____D C:\Windows\pss
2017-01-16 17:29 - 2017-01-16 17:29 - 00000000 ____D C:\Users\Public\Documents\Baidu Security
2017-01-16 17:12 - 2017-01-16 17:12 - 00014501 _____ C:\ProgramData\Duplicaterecord.js
2017-01-16 17:12 - 2017-01-16 17:12 - 00001067 _____ C:\Users\g\Desktop\Baidu PC Faster.lnk
2017-01-16 17:12 - 2017-01-16 17:12 - 00000000 ____D C:\Users\g\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Baidu PC Faster
2017-01-16 17:12 - 2017-01-16 17:12 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Baidu PC Faster
2017-01-16 17:12 - 2015-03-31 06:22 - 00113992 _____ (Baidu, Inc.) C:\Windows\system32\Drivers\BprotectEx.sys
2017-01-16 17:12 - 2015-03-31 06:22 - 00046440 _____ (Baidu, Inc.) C:\Windows\system32\Drivers\Bhbase.sys
2017-01-16 17:11 - 2017-01-16 17:11 - 00000000 ____D C:\Program Files\PC Faster
2017-01-16 17:09 - 2017-01-16 17:09 - 00000000 ____D C:\ProgramData\Baidu Security
2017-01-16 17:09 - 2017-01-16 17:09 - 00000000 ____D C:\Program Files\Baidu Security
2017-01-16 17:05 - 2017-01-16 17:05 - 00000000 ____D C:\Users\g\AppData\Roaming\PC Faster
2017-01-16 17:00 - 2017-01-16 17:00 - 00001061 _____ C:\Users\g\Desktop\Baidu WiFi Hotspot.lnk
2017-01-16 17:00 - 2017-01-16 17:00 - 00000000 ____D C:\Users\Public\Documents\PC Faster
2017-01-16 17:00 - 2017-01-16 17:00 - 00000000 ____D C:\Users\g\AppData\Roaming\Baidu
2017-01-16 17:00 - 2017-01-16 17:00 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Baidu WiFi Hotspot
2017-01-16 17:00 - 2014-08-14 09:18 - 00037408 _____ (NT Kernel Resources) C:\Windows\system32\Drivers\ndisrd.sys
2017-01-16 16:59 - 2017-01-16 17:08 - 00000000 ____D C:\Program Files\Baidu WiFiHotspot
2017-01-16 16:59 - 2017-01-16 16:59 - 00000000 ____D C:\ProgramData\PC Faster
2017-01-16 15:03 - 2017-01-16 15:03 - 00411816 _____ C:\Windows\system32\FNTCACHE.DAT
2017-01-16 13:33 - 2017-01-17 19:21 - 00000000 _____ C:\hsrv.txt
2017-01-16 12:59 - 2017-01-16 12:59 - 00000000 ____D C:\ProgramData\Ralink
2017-01-15 23:40 - 2017-01-15 23:40 - 00000000 ____D C:\Users\g\AppData\Roaming\ProductData
2017-01-15 17:00 - 2017-01-17 19:31 - 00087496 _____ (Malwarebytes) C:\Windows\system32\Drivers\farflt.sys
2017-01-15 16:59 - 2017-01-17 19:28 - 00001980 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2017-01-15 16:59 - 2017-01-17 19:28 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes
2017-01-15 16:59 - 2016-12-14 12:55 - 00059968 _____ C:\Windows\system32\Drivers\mbae.sys
2017-01-15 16:58 - 2017-01-15 16:58 - 00000000 ____D C:\Program Files\Malwarebytes
2017-01-15 13:03 - 2017-01-15 14:00 - 00000000 ____D C:\AdwCleaner
2017-01-15 12:47 - 2017-01-15 02:46 - 03334055 ____N C:\Users\g\Downloads\Apk Downloader_v1.00_apkpure.com.apk
2017-01-14 20:59 - 2017-01-14 20:59 - 05386416 _____ C:\Users\g\Downloads\BL_G930FXXU1BPK3_CL9519568_QB11426133_REV00_user_low_ship.tar (1).md5
2017-01-14 20:58 - 2017-01-14 20:59 - 05386416 _____ C:\Users\g\Downloads\BL_G930FXXU1BPLB_CL9689434_QB11912457_REV00_user_low_ship.tar.md5
2017-01-14 20:54 - 2017-01-14 20:56 - 38758577 _____ C:\Users\g\Downloads\CP_G930FXXU1BPJJ_CL9519568_QB11350220_REV00_user_low_ship.tar.md5
2017-01-14 20:29 - 2017-01-14 20:30 - 38758496 _____ C:\Users\g\Downloads\CP_G930FXXU1BPJG_CL9519568_QB11325553_REV00_user_low_ship.tar.md5
2017-01-14 20:26 - 2017-01-14 20:29 - 05386416 _____ C:\Users\g\Downloads\BL_G930FXXU1BPK3_CL9519568_QB11426133_REV00_user_low_ship.tar.md5
2017-01-13 23:18 - 2017-01-13 23:19 - 19968000 _____ C:\Users\g\Downloads\twrp-3.0.1-0-s5neolte.img.tar
2017-01-13 23:17 - 2017-01-13 23:18 - 19978240 _____ C:\Users\g\Downloads\twrp-3.0.2-0-s5neolte.img.tar
2017-01-13 22:32 - 2017-01-13 22:35 - 01897652 _____ C:\Users\g\Downloads\me.twrp.twrpapp-18.apk
2017-01-13 21:58 - 2017-01-13 22:07 - 10065967 _____ C:\Users\g\Downloads\recovery.tar.md5
2017-01-13 04:41 - 2017-01-13 04:41 - 00000000 __SHD C:\found.001
2017-01-12 18:51 - 2017-01-14 20:55 - 00000000 ____D C:\Users\g\Desktop\NOTE 7
2017-01-12 18:37 - 2017-01-14 21:03 - 00000000 ____D C:\Users\g\Desktop\s6G920F
2017-01-12 03:37 - 2017-01-05 17:46 - 00137960 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2017-01-12 03:37 - 2017-01-05 17:46 - 00067304 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2017-01-12 03:37 - 2017-01-05 17:43 - 01062912 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2017-01-12 03:37 - 2017-01-05 17:43 - 00655360 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2017-01-12 03:37 - 2017-01-05 17:43 - 00553472 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2017-01-12 03:37 - 2017-01-05 17:43 - 00261120 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2017-01-12 03:37 - 2017-01-05 17:43 - 00254464 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2017-01-12 03:37 - 2017-01-05 17:43 - 00223232 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2017-01-12 03:37 - 2017-01-05 17:43 - 00172032 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2017-01-12 03:37 - 2017-01-05 17:43 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2017-01-12 03:37 - 2017-01-05 17:43 - 00141312 _____ (Microsoft Corporation) C:\Windows\system32\rpchttp.dll
2017-01-12 03:37 - 2017-01-05 17:43 - 00099840 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2017-01-12 03:37 - 2017-01-05 17:43 - 00082432 _____ (Microsoft Corporation) C:\Windows\system32\bcrypt.dll
2017-01-12 03:37 - 2017-01-05 17:43 - 00065536 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2017-01-12 03:37 - 2017-01-05 17:43 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2017-01-12 03:37 - 2017-01-05 17:43 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2017-01-12 03:37 - 2017-01-05 17:43 - 00017408 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2017-01-12 03:37 - 2017-01-05 17:42 - 00690688 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2017-01-12 03:37 - 2017-01-05 17:23 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2017-01-12 03:37 - 2017-01-05 17:19 - 00226304 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2017-01-12 03:37 - 2017-01-05 17:19 - 00124416 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2017-01-12 03:37 - 2017-01-05 17:19 - 00098304 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2017-01-12 03:37 - 2017-01-05 17:19 - 00036352 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll
2017-01-12 03:37 - 2017-01-05 17:19 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2017-01-12 03:37 - 2017-01-05 17:19 - 00015872 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2017-01-11 23:34 - 2017-01-12 19:35 - 00000000 ____D C:\Users\g\Desktop\Tenda
2017-01-07 00:05 - 2012-07-16 16:20 - 00037376 _____ (Ralink Technology, Corp.) C:\Windows\system32\Drivers\mtkvad.sys
2017-01-07 00:04 - 2017-01-07 00:04 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ralink Wireless
2017-01-07 00:04 - 2011-09-08 05:51 - 00237568 _____ (The OpenSSL Project, hxxp://www.openssl.org/) C:\Windows\system32\ssleay32.dll
2017-01-07 00:04 - 2011-09-08 05:50 - 01100288 _____ (The OpenSSL Project, hxxp://www.openssl.org/) C:\Windows\system32\libeay32.dll
2017-01-07 00:04 - 2010-12-29 09:22 - 00822272 _____ C:\Windows\system32\libstdc++-6.dll
2017-01-07 00:04 - 2010-12-29 09:22 - 00089088 _____ C:\Windows\system32\libgcc_s_sjlj-1.dll
2017-01-07 00:03 - 2012-08-17 22:31 - 01321568 _____ (Ralink Technology Corp.) C:\Windows\system32\Drivers\netr28u.sys
2017-01-07 00:02 - 2017-01-07 00:03 - 00000000 ____D C:\Program Files\Ralink
2017-01-06 22:57 - 2010-11-26 20:18 - 00000000 ____D C:\Users\g\Desktop\nxp.hd.3.2 Loader
2017-01-06 21:23 - 2017-01-06 21:26 - 00000363 _____ C:\Windows\RTacDbg.txt
2017-01-06 21:23 - 2010-12-14 15:41 - 00180608 ____N (Realtek Semiconductor Corporation ) C:\Windows\system32\Drivers\RTL8187.SYS
2017-01-06 21:22 - 2017-01-06 23:29 - 00000000 ____D C:\Program Files\REALTEK RTL8187 Wireless LAN Driver and Utility
2016-12-29 02:15 - 2016-12-29 02:15 - 00000000 ____D C:\Users\g\AppData\Local\Hewlett-Packard
2016-12-29 01:31 - 2016-12-29 01:31 - 00000000 ____D C:\Users\g\AppData\Roaming\Hewlett-Packard
2016-12-29 01:13 - 2016-12-29 01:13 - 00000000 ____D C:\ProgramData\HP Inc
2016-12-29 01:12 - 2016-12-29 01:12 - 00000000 ____D C:\System.sav
2016-12-29 01:11 - 2016-12-29 01:13 - 00000000 ____D C:\ProgramData\Hewlett-Packard
2016-12-29 01:10 - 2016-12-29 01:11 - 00000000 ____D C:\Users\g\AppData\Roaming\hpqLog
2016-12-29 01:10 - 2016-12-29 01:10 - 00000000 ____D C:\Program Files\HP
2016-12-29 00:25 - 2016-12-29 01:13 - 00000000 ____D C:\Program Files\Hewlett-Packard
2016-12-28 22:37 - 2016-12-28 22:36 - 00046940 _____ C:\Users\g\Documents\Configuration.mc
2016-12-28 22:34 - 2017-01-05 19:41 - 00524288 ___SH C:\Windows\system32\config\components{f4af3647-cd4a-11e6-acd5-1cc1deb36e80}.TMContainer00000000000000000001.regtrans-ms
2016-12-28 22:34 - 2017-01-05 19:41 - 00065536 ___SH C:\Windows\system32\config\components{f4af3647-cd4a-11e6-acd5-1cc1deb36e80}.TM.blf
2016-12-28 22:34 - 2016-12-28 22:34 - 00524288 ___SH C:\Windows\system32\config\components{f4af3647-cd4a-11e6-acd5-1cc1deb36e80}.TMContainer00000000000000000002.regtrans-ms
2016-12-28 21:49 - 2016-12-28 21:49 - 01980672 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RsDecode.dll
2016-12-28 21:49 - 2016-12-28 21:49 - 00199936 _____ (Realtek Semiconductor Corp.) C:\Windows\RtsCM.exe
2016-12-28 21:29 - 2016-12-28 21:29 - 01048576 ___SH C:\Windows\system32\config\components{eec11fb9-cc4e-11e6-b32f-1cc1deb36e80}.TxR.2.regtrans-ms
2016-12-28 21:29 - 2016-12-28 21:29 - 01048576 ___SH C:\Windows\system32\config\components{eec11fb9-cc4e-11e6-b32f-1cc1deb36e80}.TxR.1.regtrans-ms
2016-12-28 21:29 - 2016-12-28 21:29 - 01048576 ___SH C:\Windows\system32\config\components{eec11fb9-cc4e-11e6-b32f-1cc1deb36e80}.TxR.0.regtrans-ms
2016-12-28 21:29 - 2016-12-28 21:29 - 00065536 ___SH C:\Windows\system32\config\components{eec11fb9-cc4e-11e6-b32f-1cc1deb36e80}.TxR.blf
2016-12-27 16:30 - 2016-12-28 21:27 - 00524288 ___SH C:\Windows\system32\config\components{eec11fba-cc4e-11e6-b32f-1cc1deb36e80}.TMContainer00000000000000000001.regtrans-ms
2016-12-27 16:30 - 2016-12-28 21:27 - 00065536 ___SH C:\Windows\system32\config\components{eec11fba-cc4e-11e6-b32f-1cc1deb36e80}.TM.blf
2016-12-27 16:30 - 2016-12-27 16:30 - 00524288 ___SH C:\Windows\system32\config\components{eec11fba-cc4e-11e6-b32f-1cc1deb36e80}.TMContainer00000000000000000002.regtrans-ms
2016-12-27 15:36 - 2016-12-27 15:36 - 01048576 ___SH C:\Windows\system32\config\components{0b2c1847-cab1-11e6-867c-1cc1deb36e80}.TxR.2.regtrans-ms
2016-12-27 15:36 - 2016-12-27 15:36 - 01048576 ___SH C:\Windows\system32\config\components{0b2c1847-cab1-11e6-867c-1cc1deb36e80}.TxR.1.regtrans-ms
2016-12-27 15:36 - 2016-12-27 15:36 - 01048576 ___SH C:\Windows\system32\config\components{0b2c1847-cab1-11e6-867c-1cc1deb36e80}.TxR.0.regtrans-ms
2016-12-27 15:36 - 2016-12-27 15:36 - 00065536 ___SH C:\Windows\system32\config\components{0b2c1847-cab1-11e6-867c-1cc1deb36e80}.TxR.blf
2016-12-26 14:33 - 2016-12-26 14:33 - 00000000 __SHD C:\found.000
2016-12-25 14:56 - 2016-12-27 01:09 - 00524288 ___SH C:\Windows\system32\config\components{0b2c1848-cab1-11e6-867c-1cc1deb36e80}.TMContainer00000000000000000001.regtrans-ms
2016-12-25 14:56 - 2016-12-27 01:09 - 00065536 ___SH C:\Windows\system32\config\components{0b2c1848-cab1-11e6-867c-1cc1deb36e80}.TM.blf
2016-12-25 14:56 - 2016-12-25 15:19 - 00524288 ___SH C:\Windows\system32\config\components{0b2c1848-cab1-11e6-867c-1cc1deb36e80}.TMContainer00000000000000000002.regtrans-ms
2016-12-25 01:01 - 2016-12-25 01:01 - 00000000 ____D C:\Users\g\Desktop\Odin307+ at&t Karnel And recovery
2016-12-24 22:40 - 2016-12-24 22:40 - 00001875 _____ C:\Users\Public\Desktop\Samsung Kies 3.lnk
2016-12-24 22:32 - 2016-12-24 22:32 - 00000000 ____D C:\Users\Public\Documents\CrashDump
2016-12-24 21:08 - 2017-01-17 04:38 - 00000000 ____D C:\Users\g\Desktop\GUERMED
2016-12-24 20:03 - 2017-01-08 15:27 - 00000000 ____D C:\Users\g\AppData\Roaming\Samsung
2016-12-24 20:03 - 2016-12-31 14:49 - 00000000 ____D C:\Users\g\Documents\samsung
2016-12-24 20:03 - 2016-12-24 20:03 - 00000000 ____D C:\Users\Public\Documents\NativeFus_Log
2016-12-24 20:03 - 2016-12-24 20:03 - 00000000 ____D C:\Users\g\AppData\Local\Samsung
2016-12-24 19:35 - 2017-01-11 14:36 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Samsung
2016-12-24 19:35 - 2016-05-18 14:49 - 04659712 _____ (Dmitry Streblechenko) C:\Windows\system32\Redemption.dll
2016-12-24 19:35 - 2016-05-18 14:49 - 00144664 _____ (MAPILab Ltd. & Add-in Express Ltd.) C:\Windows\system32\secman.dll
2016-12-24 19:34 - 2016-05-18 14:49 - 00821824 _____ (Devguru Co., Ltd.) C:\Windows\system32\dgderapi.dll
2016-12-24 16:14 - 2016-12-24 16:14 - 00000000 ____D C:\Program Files\NirSoft
2016-12-24 02:12 - 2016-12-24 02:12 - 00002173 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-12-24 02:12 - 2016-12-24 02:12 - 00002161 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2016-12-24 02:10 - 2016-12-24 02:10 - 00000816 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2016-12-23 23:14 - 2017-01-07 00:03 - 00000000 ____D C:\Program Files\Cisco
2016-12-23 23:13 - 2017-01-07 00:03 - 00000000 ____D C:\Windows\system32\RaLanguages
2016-12-23 23:13 - 2012-01-10 11:29 - 00117760 _____ (Ralink Technology, Corp.) C:\Windows\system32\RAEXTUI.dll
2016-12-23 23:13 - 2011-05-04 13:56 - 01608768 _____ (Ralink Technology, Corp.) C:\Windows\system32\RaCertMgr.dll
2016-12-23 23:13 - 2010-06-29 10:34 - 00480608 _____ C:\Windows\system32\DiagFunc.dll
2016-12-23 23:13 - 2010-01-27 11:54 - 00000451 _____ C:\Windows\system32\DiagFunc.ini
2016-12-23 22:49 - 2016-12-25 01:30 - 00524288 ___SH C:\Windows\system32\config\components{03a7c7b0-c962-11e6-aff5-1cc1deb36e80}.TMContainer00000000000000000001.regtrans-ms
2016-12-23 22:49 - 2016-12-25 01:30 - 00065536 ___SH C:\Windows\system32\config\components{03a7c7b0-c962-11e6-aff5-1cc1deb36e80}.TM.blf
2016-12-23 22:49 - 2016-12-23 23:00 - 00524288 ___SH C:\Windows\system32\config\components{03a7c7b0-c962-11e6-aff5-1cc1deb36e80}.TMContainer00000000000000000002.regtrans-ms
2016-12-23 22:26 - 2016-12-23 22:26 - 01048576 ___SH C:\Windows\system32\config\components{40b92aef-c959-11e6-b372-e84e062eebf4}.TxR.2.regtrans-ms
2016-12-23 22:26 - 2016-12-23 22:26 - 01048576 ___SH C:\Windows\system32\config\components{40b92aef-c959-11e6-b372-e84e062eebf4}.TxR.1.regtrans-ms
2016-12-23 22:26 - 2016-12-23 22:26 - 01048576 ___SH C:\Windows\system32\config\components{40b92aef-c959-11e6-b372-e84e062eebf4}.TxR.0.regtrans-ms
2016-12-23 22:26 - 2016-12-23 22:26 - 00065536 ___SH C:\Windows\system32\config\components{40b92aef-c959-11e6-b372-e84e062eebf4}.TxR.blf
2016-12-23 21:46 - 2016-12-23 21:57 - 00524288 ___SH C:\Windows\system32\config\components{40b92af0-c959-11e6-b372-e84e062eebf4}.TMContainer00000000000000000002.regtrans-ms
2016-12-23 21:46 - 2016-12-23 21:57 - 00524288 ___SH C:\Windows\system32\config\components{40b92af0-c959-11e6-b372-e84e062eebf4}.TMContainer00000000000000000001.regtrans-ms
2016-12-23 21:46 - 2016-12-23 21:57 - 00065536 ___SH C:\Windows\system32\config\components{40b92af0-c959-11e6-b372-e84e062eebf4}.TM.blf
2016-12-23 21:20 - 2016-12-23 21:20 - 01048576 ___SH C:\Windows\system32\config\components{4745a37a-c955-11e6-b303-1cc1deb36e80}.TxR.2.regtrans-ms
2016-12-23 21:20 - 2016-12-23 21:20 - 01048576 ___SH C:\Windows\system32\config\components{4745a37a-c955-11e6-b303-1cc1deb36e80}.TxR.1.regtrans-ms
2016-12-23 21:20 - 2016-12-23 21:20 - 01048576 ___SH C:\Windows\system32\config\components{4745a37a-c955-11e6-b303-1cc1deb36e80}.TxR.0.regtrans-ms
2016-12-23 21:20 - 2016-12-23 21:20 - 00524288 ___SH C:\Windows\system32\config\components{4745a37b-c955-11e6-b303-1cc1deb36e80}.TMContainer00000000000000000002.regtrans-ms
2016-12-23 21:20 - 2016-12-23 21:20 - 00524288 ___SH C:\Windows\system32\config\components{4745a37b-c955-11e6-b303-1cc1deb36e80}.TMContainer00000000000000000001.regtrans-ms
2016-12-23 21:20 - 2016-12-23 21:20 - 00065536 ___SH C:\Windows\system32\config\components{4745a37b-c955-11e6-b303-1cc1deb36e80}.TM.blf
2016-12-23 21:20 - 2016-12-23 21:20 - 00065536 ___SH C:\Windows\system32\config\components{4745a37a-c955-11e6-b303-1cc1deb36e80}.TxR.blf
2016-12-23 18:42 - 2016-12-23 18:42 - 00000000 ____D C:\Users\g\AppData\Local\Smart PC Soft
2016-12-23 18:41 - 2016-12-23 21:50 - 00000000 ____D C:\Program Files\TV 3L PC
2016-12-23 18:23 - 2016-12-23 18:23 - 01048576 ___SH C:\Windows\system32\config\components{85f894be-c859-11e6-ade1-70f395dc4edc}.TxR.2.regtrans-ms
2016-12-23 18:23 - 2016-12-23 18:23 - 01048576 ___SH C:\Windows\system32\config\components{85f894be-c859-11e6-ade1-70f395dc4edc}.TxR.1.regtrans-ms
2016-12-23 18:23 - 2016-12-23 18:23 - 01048576 ___SH C:\Windows\system32\config\components{85f894be-c859-11e6-ade1-70f395dc4edc}.TxR.0.regtrans-ms
2016-12-23 18:23 - 2016-12-23 18:23 - 00065536 ___SH C:\Windows\system32\config\components{85f894be-c859-11e6-ade1-70f395dc4edc}.TxR.blf
2016-12-23 15:22 - 2017-01-09 20:34 - 00000000 ____D C:\Users\g\Downloads\Video
2016-12-23 03:27 - 2016-12-28 21:52 - 00002194 _____ C:\Users\Public\Desktop\Driver Booster 4.lnk
2016-12-23 03:27 - 2016-12-23 03:27 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Driver Booster 4
2016-12-23 03:12 - 2016-12-23 03:12 - 02003712 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\Drivers\rtsuvc.sys
2016-12-23 03:12 - 2016-12-23 03:12 - 01896704 _____ (Realtek Semiconductor Corp.) C:\Windows\RtCamU.exe
2016-12-23 03:12 - 2016-12-23 03:12 - 00555264 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtCamP.dll
2016-12-23 03:12 - 2016-12-23 03:12 - 00086784 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtCamO.dll
2016-12-23 01:13 - 2016-12-27 16:33 - 00000000 ____D C:\Users\g\Desktop\Windows Loader
2016-12-22 21:11 - 2015-05-26 22:00 - 02464768 _____ (Samsung Electronics Co., Ltd.) C:\Users\g\Desktop\Odin3 v3.10.7.exe
2016-12-22 15:20 - 2016-12-23 18:06 - 00524288 ___SH C:\Windows\system32\config\components{85f894bf-c859-11e6-ade1-70f395dc4edc}.TMContainer00000000000000000001.regtrans-ms
2016-12-22 15:20 - 2016-12-23 18:06 - 00065536 ___SH C:\Windows\system32\config\components{85f894bf-c859-11e6-ade1-70f395dc4edc}.TM.blf
2016-12-22 15:20 - 2016-12-22 15:35 - 00524288 ___SH C:\Windows\system32\config\components{85f894bf-c859-11e6-ade1-70f395dc4edc}.TMContainer00000000000000000002.regtrans-ms
2016-12-22 02:01 - 2016-12-23 21:01 - 00000000 ____D C:\ProgramData\ASUS Driver
2016-12-22 01:46 - 2016-12-22 01:46 - 00000000 ____D C:\DRIVERS
2016-12-22 01:28 - 2016-12-30 00:01 - 00000000 ____D C:\Program Files\Driver Identifier
2016-12-22 01:28 - 2016-12-22 01:28 - 00000000 ____D C:\Users\g\AppData\Roaming\driveridentifier
2016-12-22 01:27 - 2017-01-17 20:17 - 00000000 ____D C:\Users\g\Downloads\Programs
2016-12-22 00:19 - 2016-12-22 00:22 - 15853038 _____ C:\Users\g\Downloads\solidstreamz1.0.apk
2016-12-20 01:36 - 2017-01-13 04:43 - 00000000 ____D C:\Users\g\Desktop\not4 hassan
2016-12-19 20:47 - 2016-12-20 21:47 - 00000000 ____D C:\Users\g\Documents\LOADER SUNPLUS HD 1512-1502 . BY HAMID DZZ
2016-12-18 14:40 - 2016-12-18 14:40 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2016-12-18 14:39 - 2016-12-18 14:39 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2016-12-18 10:13 - 2016-12-22 15:00 - 00524288 ___SH C:\Windows\system32\config\components{8bf93f82-c509-11e6-932f-1cc1deb36e80}.TMContainer00000000000000000001.regtrans-ms
2016-12-18 10:13 - 2016-12-22 15:00 - 00065536 ___SH C:\Windows\system32\config\components{8bf93f82-c509-11e6-932f-1cc1deb36e80}.TM.blf
2016-12-18 10:13 - 2016-12-18 10:27 - 00524288 ___SH C:\Windows\system32\config\components{8bf93f82-c509-11e6-932f-1cc1deb36e80}.TMContainer00000000000000000002.regtrans-ms
==================== Un mois - Modifiés - fichiers et dossiers ========
(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)
2017-01-17 20:17 - 2009-07-14 04:34 - 00029744 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2017-01-17 20:17 - 2009-07-14 04:34 - 00029744 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2017-01-17 19:32 - 2015-10-05 14:14 - 00001002 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2017-01-17 19:31 - 2015-03-25 17:49 - 00063264 _____ (Malwarebytes) C:\Windows\system32\Drivers\mwac.sys
2017-01-17 19:30 - 2015-03-25 17:49 - 00219072 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2017-01-17 19:30 - 2015-03-25 17:49 - 00039360 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbam.sys
2017-01-17 19:21 - 2009-07-14 04:53 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2017-01-17 19:19 - 2015-03-25 15:52 - 00000000 ____D C:\Program Files\CCleaner
2017-01-17 19:08 - 2011-02-07 12:31 - 00737104 _____ C:\Windows\system32\perfh00C.dat
2017-01-17 19:08 - 2011-02-07 12:31 - 00480452 _____ C:\Windows\system32\perfh001.dat
2017-01-17 19:08 - 2011-02-07 12:31 - 00149032 _____ C:\Windows\system32\perfc00C.dat
2017-01-17 19:08 - 2011-02-07 12:31 - 00094838 _____ C:\Windows\system32\perfc001.dat
2017-01-17 19:08 - 2010-11-20 21:01 - 02229580 _____ C:\Windows\system32\PerfStringBackup.INI
2017-01-17 19:08 - 2009-07-14 02:37 - 00000000 ____D C:\Windows\inf
2017-01-17 18:43 - 2015-03-25 15:04 - 00000000 ____D C:\Users\g\AppData\Roaming\DMCache
2017-01-17 16:57 - 2009-07-14 02:37 - 00000000 ____D C:\Windows\system32\NDF
2017-01-17 16:26 - 2015-12-27 00:10 - 00000000 ____D C:\ProgramData\TEMP
2017-01-17 04:52 - 2016-01-02 02:00 - 00000000 ____D C:\Users\g\Documents\EGDownloads
2017-01-17 04:52 - 2015-03-25 15:04 - 00000000 ____D C:\Users\g\Downloads\Compressed
2017-01-16 22:53 - 2009-07-14 02:04 - 00000219 _____ C:\Windows\system.ini
2017-01-16 18:22 - 2015-12-12 11:57 - 00000000 ____D C:\Users\g\AppData\Roaming\ZHP
2017-01-16 17:02 - 2015-05-14 17:22 - 00000431 _____ C:\Windows\system32\Drivers\etc\hosts.ics
2017-01-16 16:59 - 2016-04-09 01:04 - 00000000 ____D C:\Users\g\AppData\Roaming\IDM
2017-01-16 14:58 - 2015-05-03 01:02 - 00000000 ____D C:\Windows\Minidump
2017-01-16 14:58 - 2009-07-14 02:37 - 00000000 ____D C:\Windows\ModemLogs
2017-01-16 00:38 - 2016-05-21 15:17 - 00000000 ____D C:\ProgramData\Ashampoo
2017-01-16 00:37 - 2015-10-12 17:03 - 00000000 ____D C:\Users\g\Desktop\hassane
2017-01-15 19:13 - 2009-07-14 02:37 - 00000000 ____D C:\Windows\rescache
2017-01-15 17:01 - 2015-03-25 17:49 - 00153024 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamchameleon.sys
2017-01-15 16:58 - 2015-03-25 17:49 - 00000000 ____D C:\ProgramData\Malwarebytes
2017-01-14 18:59 - 2016-01-24 14:19 - 00001797 _____ C:\Users\g\Desktop\KEY1.txt
2017-01-13 14:29 - 2016-12-14 20:42 - 00000000 ____D C:\Program Files\Mozilla Firefox
2017-01-13 03:08 - 2016-01-01 15:58 - 00000000 ____D C:\Windows\system32\MRT
2017-01-13 03:01 - 2016-01-01 15:58 - 133456224 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2017-01-12 23:57 - 2009-07-14 04:53 - 00032482 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2017-01-12 19:34 - 2015-11-06 20:06 - 00023552 ___SH C:\Users\g\Thumbs.db
2017-01-12 03:49 - 2015-11-02 19:30 - 00002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2017-01-11 21:22 - 2015-10-12 01:25 - 00000000 ____D C:\Users\g\AppData\Local\IE Tab
2017-01-11 16:17 - 2016-09-19 21:54 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\BitComet
2017-01-11 16:17 - 2016-04-04 21:25 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Droid4X
2017-01-11 16:17 - 2016-02-14 11:12 - 00000000 ____D C:\Users\g\Desktop\phone
2017-01-11 16:17 - 2016-02-04 14:00 - 00000000 ____D C:\Users\g\Desktop\cart mimoire
2017-01-11 16:17 - 2015-03-25 17:49 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2017-01-11 14:37 - 2016-01-02 01:57 - 00000000 ____D C:\Program Files\Common Files\EagleGet
2017-01-04 00:05 - 2015-03-25 16:10 - 00000000 ____D C:\Users\g\AppData\Roaming\SlimBrowser
2016-12-31 14:47 - 2015-10-30 14:34 - 00000000 ___HD C:\Program Files\InstallShield Installation Information
2016-12-31 14:46 - 2016-09-07 02:29 - 00000000 ____D C:\Program Files\Samsung
2016-12-30 00:39 - 2015-03-24 18:44 - 00000000 ___RD C:\Users\g\Favorites
2016-12-29 23:41 - 2016-07-07 16:04 - 00000000 ____D C:\Users\g\Downloads\Nouveau dossier
2016-12-29 01:13 - 2009-07-14 02:37 - 00000000 ____D C:\Windows\Help
2016-12-29 01:11 - 2009-07-14 02:37 - 00000000 __RSD C:\Windows\assembly
2016-12-29 00:25 - 2009-07-14 02:37 - 00000000 __RSD C:\Windows\Fonts
2016-12-28 21:50 - 2009-07-14 04:52 - 00000000 ____D C:\Windows\twain_32
2016-12-27 18:03 - 2015-03-25 17:32 - 00000000 ____D C:\Users\g\AppData\Roaming\vlc
2016-12-24 20:03 - 2015-03-25 20:44 - 00000000 ____D C:\ProgramData\Skype
2016-12-24 20:02 - 2015-03-25 20:44 - 00000000 ___RD C:\Program Files\Skype
2016-12-24 20:02 - 2015-03-25 20:44 - 00000000 ____D C:\Users\g\AppData\Roaming\Skype
2016-12-24 20:02 - 2009-07-14 02:37 - 00000000 ____D C:\Program Files\Common Files
2016-12-24 19:32 - 2016-09-07 02:27 - 00000000 ____D C:\ProgramData\Samsung
2016-12-24 19:29 - 2016-01-04 03:23 - 00000000 ____D C:\Users\g\AppData\Local\Downloaded Installations
2016-12-24 16:30 - 2015-03-24 18:44 - 00000000 ____D C:\Users\g
2016-12-24 02:10 - 2015-12-12 11:50 - 00000820 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2016-12-24 02:10 - 2015-03-25 15:28 - 00000000 ____D C:\Program Files\Google
2016-12-24 01:23 - 2015-03-27 05:12 - 00000000 ____D C:\ProgramData\Package Cache
2016-12-23 03:09 - 2015-03-25 15:36 - 00000000 ____D C:\ProgramData\IObit
2016-12-23 02:52 - 2015-12-27 13:03 - 00000000 ____D C:\Program Files\iTunes
2016-12-23 02:52 - 2015-12-27 12:56 - 00000000 ____D C:\Program Files\Common Files\Apple
2016-12-23 02:45 - 2015-12-27 12:59 - 00000000 ____D C:\Program Files\Apple Software Update
2016-12-23 02:31 - 2016-01-04 00:43 - 00000000 ____D C:\Program Files\Common Files\Research In Motion
2016-12-23 02:24 - 2016-01-04 00:50 - 00000000 ____D C:\Users\g\AppData\Local\Research In Motion
2016-12-23 02:24 - 2016-01-04 00:43 - 00000000 ____D C:\Program Files\Common Files\XCPCSync.OEM
2016-12-23 02:23 - 2016-01-04 00:45 - 00002009 _____ C:\Users\g\AppData\Roaming\Rim.Desktop.HttpServerSetup.log
2016-12-23 02:22 - 2015-03-24 18:44 - 00000000 ___SD C:\Users\g\AppData\Roaming\Microsoft
2016-12-23 02:15 - 2015-10-05 23:10 - 00000000 ____D C:\Program Files\VMware
2016-12-23 02:15 - 2015-10-05 12:11 - 00000000 ____D C:\ProgramData\VMware
2016-12-23 02:05 - 2015-10-05 13:55 - 00000000 ____D C:\Users\g\AppData\Roaming\VMware
2016-12-22 14:41 - 2015-08-05 18:06 - 00000000 ____D C:\SWsetup
2016-12-22 02:00 - 2009-07-14 02:04 - 00000612 _____ C:\Windows\win.ini
2016-12-22 01:53 - 2015-08-05 18:06 - 00000000 ____D C:\Intel
2016-12-22 01:22 - 2009-07-14 02:37 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories
2016-12-19 20:15 - 2015-05-28 12:03 - 00000000 ____D C:\Program Files\Common Files\Adobe AIR
2016-12-19 20:14 - 2015-10-05 14:14 - 00802904 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
2016-12-19 20:13 - 2015-10-05 14:14 - 00144472 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl
2016-12-19 20:13 - 2015-03-25 17:10 - 00000000 ____D C:\Windows\system32\Macromed
2016-12-18 20:51 - 2016-08-23 20:45 - 00000000 ____D C:\Users\g\Desktop\bluetooth
2016-12-18 20:50 - 2015-05-03 21:34 - 00000000 ____D C:\Users\g\Desktop\flach
==================== Fichiers à la racine de certains dossiers =======
2016-04-04 21:12 - 2016-04-04 21:28 - 0002579 _____ () C:\Users\g\AppData\Roaming\droid4xinstaller.log
2016-01-04 00:50 - 2016-02-07 05:12 - 0001001 _____ () C:\Users\g\AppData\Roaming\Rim.Desktop.Exception.log
2016-01-04 00:45 - 2016-12-23 02:23 - 0002009 _____ () C:\Users\g\AppData\Roaming\Rim.Desktop.HttpServerSetup.log
2016-01-04 00:50 - 2016-02-07 05:12 - 0001001 _____ () C:\Users\g\AppData\Roaming\Rim.DesktopHelper.Exception.log
2016-02-04 23:25 - 2016-02-04 23:25 - 0000001 _____ () C:\Users\g\AppData\Local\llftool.4.25.agreement
2016-01-10 00:34 - 2016-02-01 02:45 - 0005676 _____ () C:\Users\g\AppData\Local\mbt-actwiz.log
2017-01-17 19:01 - 2017-01-17 19:01 - 0000000 ____H () C:\ProgramData\cm-lock
2017-01-16 17:12 - 2017-01-16 17:12 - 0014501 _____ () C:\ProgramData\Duplicaterecord.js
Fichiers à déplacer ou supprimer:
====================
C:\ProgramData\Duplicaterecord.js
Certains fichiers dans TEMP:
====================
C:\Users\g\AppData\Local\Temp\Baidu_Secure_SystemUp_5.1.3.131061.exe
==================== Bamital & volsnap ======================
(Il n'y a pas de correction automatique pour les fichiers qui ne satisfont pas à la vérification.)
C:\Windows\explorer.exe => Le fichier est signé numériquement
C:\Windows\system32\winlogon.exe => Le fichier est signé numériquement
C:\Windows\system32\wininit.exe => Le fichier est signé numériquement
C:\Windows\system32\svchost.exe => Le fichier est signé numériquement
C:\Windows\system32\services.exe => Le fichier est signé numériquement
C:\Windows\system32\User32.dll => Le fichier est signé numériquement
C:\Windows\system32\userinit.exe => Le fichier est signé numériquement
C:\Windows\system32\rpcss.dll => Le fichier est signé numériquement
C:\Windows\system32\dnsapi.dll => Le fichier est signé numériquement
C:\Windows\system32\Drivers\volsnap.sys => Le fichier est signé numériquement
LastRegBack: 2017-01-14 23:24
==================== Fin de FRST.txt ============================
Exécuté par g (administrateur) sur G-PC (17-01-2017 20:18:59)
Exécuté depuis C:\Users\g\Desktop
Profils chargés: g (Profils disponibles: g)
Platform: Microsoft Windows 7 Édition Intégrale Service Pack 1 (X86) Langue: Français (France)
Internet Explorer Version 11 (Navigateur par défaut: Chrome)
Mode d'amorçage: Normal
Tutoriel pour Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processus (Avec liste blanche) =================
(Si un élément est inclus dans le fichier fixlist.txt, le processus sera arrêté. Le fichier ne sera pas déplacé.)
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(LSI Corporation) C:\Program Files\LSI SoftModem\agrsmsvc.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Smadsoft) C:\Program Files\SMADAV\SMΔRTP.exe
() C:\Program Files\Droid4X\Droid4XService.exe
(ESET) C:\Program Files\ESET\ESET Smart Security\ekrn.exe
(Google Inc.) C:\Program Files\Google\Update\1.3.32.7\GoogleCrashHandler.exe
(Smadav Software) C:\Program Files\SMADAV\SmadavProtect32.exe
(Ralink Technology, Corp.) C:\Program Files\Ralink\Common\RaRegistry.exe
(DEVGURU Co., LTD.) C:\Program Files\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(ESET) C:\Program Files\ESET\ESET Smart Security\egui.exe
(Wondershare) C:\Program Files\Wondershare\WAF\2.3.1.1\WsAppService.exe
() C:\Program Files\DFX\DFX.exe
(Hewlett-Packard Company) C:\Windows\System32\ps2.EXE
(Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jusched.exe
(Realtek Semiconductor Corp.) C:\Windows\RtsCM.exe
(Baidu, Inc.) C:\Program Files\PC Faster\5.1.0.0\PCFTray.exe
(SFX TEAM) C:\Program Files\SuperCopier2\SuperCopier2.exe
(© 2015 Microsoft Corporation) C:\Users\g\AppData\Local\Microsoft\BingSvc\BingSvc.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner.exe
(Tonec Inc.) C:\Program Files\Internet Download Manager\IDMan.exe
(Ralink Technology, Corp.) C:\Program Files\Ralink\Common\RaUI.exe
() C:\Program Files\DFX\Universal\Apps\DfxSharedApp32.exe
(Tonec Inc.) C:\Program Files\Internet Download Manager\IEMonitor.exe
(WIBU-SYSTEMS AG) C:\Program Files\CodeMeter\Runtime\bin\CodeMeter.exe
(Microsoft Corporation) C:\Windows\System32\wbem\unsecapp.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(HP Inc.) C:\Program Files\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbam.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
==================== Registre (Avec liste blanche) ====================
(Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé. Le fichier ne sera pas déplacé.)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [1791272 2010-06-04] (Synaptics Incorporated)
HKLM\...\Run: [egui] => C:\Program Files\ESET\ESET Smart Security\egui.exe [5088456 2014-10-01] (ESET)
HKLM\...\Run: [DFX] => C:\Program Files\DFX\DFX.exe [1328632 2016-05-29] ()
HKLM\...\Run: [PS2] => C:\Windows\system32\ps2.exe [81920 2001-07-03] (Hewlett-Packard Company)
HKLM\...\Run: [SunJavaUpdateSched] => C:\Program Files\Common Files\Java\Java Update\jusched.exe [587288 2016-09-22] (Oracle Corporation)
HKLM\...\Run: [RtsCM] => C:\Windows\RTSCM.EXE [199936 2016-12-28] (Realtek Semiconductor Corp.)
HKLM\...\Run: [Malwarebytes TrayApp] => C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\mbamtray.exe [2776528 2016-12-14] (Malwarebytes)
HKLM\...\Run: [Baidu PC Faster 4.0.0.0] => C:\Program Files\PC Faster\5.1.0.0\PCFTray.exe [2333152 2015-05-13] (Baidu, Inc.)
HKLM\...\Run: [SMΔRT-Protection] => C:\Program Files\Smadav\SMΔRTP.exe [1736704 2017-01-14] (Smadsoft)
HKU\S-1-5-21-69554075-1431682049-3063101698-1000\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner.exe [5503768 2015-02-19] (Piriform Ltd)
HKU\S-1-5-21-69554075-1431682049-3063101698-1000\...\Run: [SuperCopier2.exe] => C:\Program Files\SuperCopier2\SuperCopier2.exe [955392 2009-08-16] (SFX TEAM)
HKU\S-1-5-21-69554075-1431682049-3063101698-1000\...\Run: [BingSvc] => C:\Users\g\AppData\Local\Microsoft\BingSvc\BingSvc.exe [144008 2015-11-15] (© 2015 Microsoft Corporation)
HKU\S-1-5-21-69554075-1431682049-3063101698-1000\...\Run: [IDMan] => C:\Program Files\Internet Download Manager\IDMan.exe [3907152 2015-08-14] (Tonec Inc.)
HKU\S-1-5-21-69554075-1431682049-3063101698-1000\...\Policies\Explorer: [DisallowRun] 1
HKU\S-1-5-21-69554075-1431682049-3063101698-1000\...\Policies\Explorer\DisallowRun: [1] Mshta.exe
HKU\S-1-5-21-69554075-1431682049-3063101698-1000\...\Policies\Explorer\DisallowRun: [2] powershell.exe
HKU\S-1-5-21-69554075-1431682049-3063101698-1000\...\Policies\Explorer\DisallowRun: [3] bitsadmin.exe
HKU\S-1-5-21-69554075-1431682049-3063101698-1000\...\MountPoints2: F - F:\Setup.exe
HKU\S-1-5-21-69554075-1431682049-3063101698-1000\...\MountPoints2: G - G:\Setup.exe
HKU\S-1-5-21-69554075-1431682049-3063101698-1000\...\MountPoints2: {0126abf3-e829-11e4-9f0d-001e101fabdd} - F:\AutoRun.exe
HKU\S-1-5-21-69554075-1431682049-3063101698-1000\...\MountPoints2: {03753110-a0d8-11e5-993d-1cc1deb36e80} - F:\AutoRun.exe
HKU\S-1-5-21-69554075-1431682049-3063101698-1000\...\MountPoints2: {03ae10b8-66ab-11e5-aaa3-1cc1deb36e80} - F:\AutoRun.exe
HKU\S-1-5-21-69554075-1431682049-3063101698-1000\...\MountPoints2: {056cbcec-4c49-11e5-8311-1cc1deb36e80} - F:\AutoRun.exe
HKU\S-1-5-21-69554075-1431682049-3063101698-1000\...\MountPoints2: {05e06023-70e0-11e5-994e-1cc1deb36e80} - F:\Setup.exe
HKU\S-1-5-21-69554075-1431682049-3063101698-1000\...\MountPoints2: {05f99fb3-9aba-11e5-83aa-001e101f1ed9} - G:\AutoRun.exe
HKU\S-1-5-21-69554075-1431682049-3063101698-1000\...\MountPoints2: {05f99fbf-9aba-11e5-83aa-001e101f1ed9} - G:\AutoRun.exe
HKU\S-1-5-21-69554075-1431682049-3063101698-1000\...\MountPoints2: {064d0927-6b8c-11e6-abd4-1cc1deb36e80} - F:\Setup.exe
HKU\S-1-5-21-69554075-1431682049-3063101698-1000\...\MountPoints2: {06a1405c-cacf-11e5-b10f-1cc1deb36e80} - F:\Setup.exe
HKU\S-1-5-21-69554075-1431682049-3063101698-1000\...\MountPoints2: {1034cacb-3dda-11e5-b2bd-001e101f50a4} - F:\AutoRun.exe
HKU\S-1-5-21-69554075-1431682049-3063101698-1000\...\MountPoints2: {11402712-3ec0-11e5-b851-001e101f8aaa} - F:\AutoRun.exe
HKU\S-1-5-21-69554075-1431682049-3063101698-1000\...\MountPoints2: {15402315-ec02-11e4-9d7a-806e6f6e6963} - F:\Setup.exe
HKU\S-1-5-21-69554075-1431682049-3063101698-1000\...\MountPoints2: {15af205b-e484-11e4-b7b9-70f395dc4edc} - F:\AutoRun.exe
HKU\S-1-5-21-69554075-1431682049-3063101698-1000\...\MountPoints2: {15af207b-e484-11e4-b7b9-70f395dc4edc} - F:\AutoRun.exe
HKU\S-1-5-21-69554075-1431682049-3063101698-1000\...\MountPoints2: {15ce6bca-651b-11e5-8c46-1cc1deb36e80} - F:\Setup.exe
HKU\S-1-5-21-69554075-1431682049-3063101698-1000\...\MountPoints2: {15ce6c54-651b-11e5-8c46-001e101f2c0e} - F:\Setup.exe
HKU\S-1-5-21-69554075-1431682049-3063101698-1000\...\MountPoints2: {19bb7fb4-d55b-11e4-a0ae-806e6f6e6963} - F:\autorun.exe
HKU\S-1-5-21-69554075-1431682049-3063101698-1000\...\MountPoints2: {1dcfcfcf-0718-11e5-86ea-001e101f63cf} - F:\AutoRun.exe
HKU\S-1-5-21-69554075-1431682049-3063101698-1000\...\MountPoints2: {20975d00-a04e-11e5-b3e5-1cc1deb36e80} - F:\Setup.exe
HKU\S-1-5-21-69554075-1431682049-3063101698-1000\...\MountPoints2: {226bb64c-ef17-11e4-babf-001e101f82a7} - F:\AutoRun.exe
HKU\S-1-5-21-69554075-1431682049-3063101698-1000\...\MountPoints2: {24c39610-6d35-11e5-b887-001e101f1838} - F:\Setup.exe
HKU\S-1-5-21-69554075-1431682049-3063101698-1000\...\MountPoints2: {257d9afd-8349-11e5-a2d1-1cc1deb36e80} - F:\Setup.exe
HKU\S-1-5-21-69554075-1431682049-3063101698-1000\...\MountPoints2: {26bf142f-bb92-11e5-90bb-1cc1deb36e80} - F:\Setup.exe
HKU\S-1-5-21-69554075-1431682049-3063101698-1000\...\MountPoints2: {26bf144a-bb92-11e5-90bb-1cc1deb36e80} - F:\Setup.exe
HKU\S-1-5-21-69554075-1431682049-3063101698-1000\...\MountPoints2: {26bf145f-bb92-11e5-90bb-1cc1deb36e80} - F:\Setup.exe
HKU\S-1-5-21-69554075-1431682049-3063101698-1000\...\MountPoints2: {26bf1471-bb92-11e5-90bb-1cc1deb36e80} - F:\Setup.exe
HKU\S-1-5-21-69554075-1431682049-3063101698-1000\...\MountPoints2: {285ecafc-cd15-11e5-a289-001e101f2c0e} - F:\Setup.exe
HKU\S-1-5-21-69554075-1431682049-3063101698-1000\...\MountPoints2: {2c6d6e4d-e8e7-11e4-9fbe-1cc1deb36e80} - F:\AutoRun.exe
HKU\S-1-5-21-69554075-1431682049-3063101698-1000\...\MountPoints2: {2e2e305f-75c6-11e6-84f3-1cc1deb36e80} - F:\autorun.exe
HKU\S-1-5-21-69554075-1431682049-3063101698-1000\...\MountPoints2: {2ed32880-045d-11e5-9a9e-001e101f4da1} - F:\Setup.exe
HKU\S-1-5-21-69554075-1431682049-3063101698-1000\...\MountPoints2: {2f49aa0e-7354-11e5-bfa3-1cc1deb36e80} - F:\AutoRun.exe
HKU\S-1-5-21-69554075-1431682049-3063101698-1000\...\MountPoints2: {2f7a7b9e-36a5-11e5-bd10-001e101f1838} - F:\AutoRun.exe
HKU\S-1-5-21-69554075-1431682049-3063101698-1000\...\MountPoints2: {35efdfa9-6e83-11e5-8d88-1cc1deb36e80} - F:\Setup.exe
HKU\S-1-5-21-69554075-1431682049-3063101698-1000\...\MountPoints2: {35efdfbd-6e83-11e5-8d88-001e101fb681} - F:\Setup.exe
HKU\S-1-5-21-69554075-1431682049-3063101698-1000\...\MountPoints2: {38634c2a-66b7-11e5-b44a-001e101f1838} - F:\AutoRun.exe
HKU\S-1-5-21-69554075-1431682049-3063101698-1000\...\MountPoints2: {38634cbd-66b7-11e5-b44a-001e101f1838} - F:\AutoRun.exe
HKU\S-1-5-21-69554075-1431682049-3063101698-1000\...\MountPoints2: {388aa067-71c1-11e5-b635-1cc1deb36e80} - F:\Setup.exe
HKU\S-1-5-21-69554075-1431682049-3063101698-1000\...\MountPoints2: {3a88ce89-80aa-11e5-81c3-001e101f8aaa} - F:\AutoRun.exe
HKU\S-1-5-21-69554075-1431682049-3063101698-1000\...\MountPoints2: {3b072783-3977-11e5-9439-001e101f4e71} - F:\Setup.exe
HKU\S-1-5-21-69554075-1431682049-3063101698-1000\...\MountPoints2: {3b0727a3-3977-11e5-9439-001e101f4e71} - F:\Setup.exe
HKU\S-1-5-21-69554075-1431682049-3063101698-1000\...\MountPoints2: {3b0727b5-3977-11e5-9439-001e101f4e71} - F:\Setup.exe
HKU\S-1-5-21-69554075-1431682049-3063101698-1000\...\MountPoints2: {3b17711f-6d4f-11e5-ba13-001e101f79c9} - F:\Setup.exe
HKU\S-1-5-21-69554075-1431682049-3063101698-1000\...\MountPoints2: {3c3d039b-6daf-11e5-9836-1cc1deb36e80} - F:\AutoRun.exe
HKU\S-1-5-21-69554075-1431682049-3063101698-1000\...\MountPoints2: {3c3d03ce-6daf-11e5-9836-1cc1deb36e80} - F:\AutoRun.exe
HKU\S-1-5-21-69554075-1431682049-3063101698-1000\...\MountPoints2: {3fa64aea-32dd-11e5-84ea-001e101fb681} - F:\Setup.exe
HKU\S-1-5-21-69554075-1431682049-3063101698-1000\...\MountPoints2: {4bb7d41d-fa33-11e4-9ad6-001e101f3315} - F:\Setup.exe
HKU\S-1-5-21-69554075-1431682049-3063101698-1000\...\MountPoints2: {4e1cb8d6-6dc8-11e5-b486-70f395dc4edc} - F:\Setup.exe
HKU\S-1-5-21-69554075-1431682049-3063101698-1000\...\MountPoints2: {4e7ce646-3d0f-11e5-a933-001e101faa49} - F:\Setup.exe
HKU\S-1-5-21-69554075-1431682049-3063101698-1000\...\MountPoints2: {55c2fb37-738e-11e5-b493-70f395dc4edc} - F:\AutoRun.exe
HKU\S-1-5-21-69554075-1431682049-3063101698-1000\...\MountPoints2: {5759602f-70fd-11e5-8899-1cc1deb36e80} - F:\Setup.exe
HKU\S-1-5-21-69554075-1431682049-3063101698-1000\...\MountPoints2: {57596084-70fd-11e5-8899-001e101fb4df} - F:\Setup.exe
HKU\S-1-5-21-69554075-1431682049-3063101698-1000\...\MountPoints2: {58e35702-ac27-11e5-8813-1cc1deb36e80} - F:\Setup.exe
HKU\S-1-5-21-69554075-1431682049-3063101698-1000\...\MountPoints2: {5aee5f25-ac29-11e5-9c98-1cc1deb36e80} - G:\Setup.exe
HKU\S-1-5-21-69554075-1431682049-3063101698-1000\...\MountPoints2: {5b7df9a5-2392-11e5-a362-001e101f9843} - F:\Setup.exe
HKU\S-1-5-21-69554075-1431682049-3063101698-1000\...\MountPoints2: {5df3023a-707a-11e5-a9c3-001e101f3315} - F:\Setup.exe
HKU\S-1-5-21-69554075-1431682049-3063101698-1000\...\MountPoints2: {5e7993e8-048a-11e5-b450-70f395dc4edc} - F:\Setup.exe
HKU\S-1-5-21-69554075-1431682049-3063101698-1000\...\MountPoints2: {5e7994cf-048a-11e5-b450-70f395dc4edc} - F:\Setup.exe
HKU\S-1-5-21-69554075-1431682049-3063101698-1000\...\MountPoints2: {5e82c602-6cc0-11e6-ade9-1cc1deb36e80} - F:\Setup.exe
HKU\S-1-5-21-69554075-1431682049-3063101698-1000\...\MountPoints2: {6ac246a0-a107-11e5-bc83-1cc1deb36e80} - F:\AutoRun.exe
HKU\S-1-5-21-69554075-1431682049-3063101698-1000\...\MountPoints2: {73ad47df-d96b-11e5-80b8-1cc1deb36e80} - F:\autorun.exe
HKU\S-1-5-21-69554075-1431682049-3063101698-1000\...\MountPoints2: {78870819-6ba4-11e5-bd79-70f395dc4edc} - F:\Setup.exe
HKU\S-1-5-21-69554075-1431682049-3063101698-1000\...\MountPoints2: {7887085a-6ba4-11e5-bd79-70f395dc4edc} - F:\Setup.exe
HKU\S-1-5-21-69554075-1431682049-3063101698-1000\...\MountPoints2: {7a6f9e81-6d0a-11e5-b65f-1cc1deb36e80} - F:\Setup.exe
HKU\S-1-5-21-69554075-1431682049-3063101698-1000\...\MountPoints2: {7a6f9eb9-6d0a-11e5-b65f-1cc1deb36e80} - F:\Setup.exe
HKU\S-1-5-21-69554075-1431682049-3063101698-1000\...\MountPoints2: {84698ca7-03e5-11e5-b4fc-1cc1deb36e80} - F:\AutoRun.exe
HKU\S-1-5-21-69554075-1431682049-3063101698-1000\...\MountPoints2: {862c4f2e-71a7-11e5-b2ca-70f395dc4edc} - F:\Setup.exe
HKU\S-1-5-21-69554075-1431682049-3063101698-1000\...\MountPoints2: {86892afe-65e0-11e5-ada4-001e101f36d9} - F:\AutoRun.exe
HKU\S-1-5-21-69554075-1431682049-3063101698-1000\...\MountPoints2: {8ae8239c-8e3b-11e5-a578-1cc1deb36e80} - G:\AutoRun.exe
HKU\S-1-5-21-69554075-1431682049-3063101698-1000\...\MountPoints2: {8b1fdd52-dd68-11e4-9f89-1cc1deb36e80} - F:\AutoRun.exe
HKU\S-1-5-21-69554075-1431682049-3063101698-1000\...\MountPoints2: {8d2322bf-41cc-11e5-8d9b-1cc1deb36e80} - F:\AutoRun.exe
HKU\S-1-5-21-69554075-1431682049-3063101698-1000\...\MountPoints2: {8e47d847-9b86-11e5-9ab9-1cc1deb36e80} - F:\AutoRun.exe
HKU\S-1-5-21-69554075-1431682049-3063101698-1000\...\MountPoints2: {8e47d864-9b86-11e5-9ab9-1cc1deb36e80} - F:\AutoRun.exe
HKU\S-1-5-21-69554075-1431682049-3063101698-1000\...\MountPoints2: {8e47d86f-9b86-11e5-9ab9-1cc1deb36e80} - F:\AutoRun.exe
HKU\S-1-5-21-69554075-1431682049-3063101698-1000\...\MountPoints2: {8e47d89a-9b86-11e5-9ab9-1cc1deb36e80} - G:\AutoRun.exe
HKU\S-1-5-21-69554075-1431682049-3063101698-1000\...\MountPoints2: {8f110ab2-54e9-11e5-8e6e-806e6f6e6963} - F:\AutoRun.exe
HKU\S-1-5-21-69554075-1431682049-3063101698-1000\...\MountPoints2: {919f45f3-7f14-11e5-b12f-1cc1deb36e80} - F:\Setup.exe
HKU\S-1-5-21-69554075-1431682049-3063101698-1000\...\MountPoints2: {929abbbd-274c-11e5-a516-806e6f6e6963} - F:\AutoRun.exe
HKU\S-1-5-21-69554075-1431682049-3063101698-1000\...\MountPoints2: {93eeba59-d264-11e4-a384-70f395dc4edc} - F:\autorun.exe
HKU\S-1-5-21-69554075-1431682049-3063101698-1000\...\MountPoints2: {96558239-8279-11e5-80d5-001e101fb45e} - F:\Setup.exe
HKU\S-1-5-21-69554075-1431682049-3063101698-1000\...\MountPoints2: {9655827b-8279-11e5-80d5-001e101fb45e} - F:\Setup.exe
HKU\S-1-5-21-69554075-1431682049-3063101698-1000\...\MountPoints2: {97673c6a-3d0b-11e5-b2ab-806e6f6e6963} - F:\Setup.exe
HKU\S-1-5-21-69554075-1431682049-3063101698-1000\...\MountPoints2: {97673ca9-3d0b-11e5-b2ab-1cc1deb36e80} - F:\Setup.exe
HKU\S-1-5-21-69554075-1431682049-3063101698-1000\...\MountPoints2: {98fa7202-8002-11e5-84a3-1cc1deb36e80} - F:\Setup.exe
HKU\S-1-5-21-69554075-1431682049-3063101698-1000\...\MountPoints2: {98fa7268-8002-11e5-84a3-001e101faa49} - F:\Setup.exe
HKU\S-1-5-21-69554075-1431682049-3063101698-1000\...\MountPoints2: {9a06d1ef-7079-11e5-bd17-1cc1deb36e80} - F:\Setup.exe
HKU\S-1-5-21-69554075-1431682049-3063101698-1000\...\MountPoints2: {9ba59a94-87f9-11e5-9c7c-1cc1deb36e80} - F:\Setup.exe
HKU\S-1-5-21-69554075-1431682049-3063101698-1000\...\MountPoints2: {9d0d6693-5187-11e5-84c5-1cc1deb36e80} - F:\Setup.exe
HKU\S-1-5-21-69554075-1431682049-3063101698-1000\...\MountPoints2: {a32cebcd-6560-11e5-94ae-1cc1deb36e80} - F:\AutoRun.exe
HKU\S-1-5-21-69554075-1431682049-3063101698-1000\...\MountPoints2: {a3afe77e-3437-11e5-9b25-1cc1deb36e80} - F:\Setup.exe
HKU\S-1-5-21-69554075-1431682049-3063101698-1000\...\MountPoints2: {a737b491-6a14-11e5-9ad4-1cc1deb36e80} - F:\AutoRun.exe
HKU\S-1-5-21-69554075-1431682049-3063101698-1000\...\MountPoints2: {a7d54ced-8bdc-11e5-88b1-1cc1deb36e80} - G:\AutoRun.exe
HKU\S-1-5-21-69554075-1431682049-3063101698-1000\...\MountPoints2: {afd315a4-448d-11e5-a8e2-70f395dc4edc} - F:\Setup.exe
HKU\S-1-5-21-69554075-1431682049-3063101698-1000\...\MountPoints2: {b0738fdf-d59b-11e4-957d-70f395dc4edc} - F:\AutoRun.exe
HKU\S-1-5-21-69554075-1431682049-3063101698-1000\...\MountPoints2: {b44f720a-6cb0-11e6-b1d2-1cc1deb36e80} - G:\Setup.exe
HKU\S-1-5-21-69554075-1431682049-3063101698-1000\...\MountPoints2: {b5c11ae8-37d1-11e5-a2a2-001e101f82a0} - G:\AutoRun.exe
HKU\S-1-5-21-69554075-1431682049-3063101698-1000\...\MountPoints2: {b6b10678-6dbf-11e5-bb5f-001e101f82a0} - F:\AutoRun.exe
HKU\S-1-5-21-69554075-1431682049-3063101698-1000\...\MountPoints2: {b6b1069f-6dbf-11e5-bb5f-001e101f82a0} - F:\AutoRun.exe
HKU\S-1-5-21-69554075-1431682049-3063101698-1000\...\MountPoints2: {b7ca59e6-1438-11e5-bcd8-001e101fabdd} - F:\AutoRun.exe
HKU\S-1-5-21-69554075-1431682049-3063101698-1000\...\MountPoints2: {c17cddfe-3a2f-11e5-b797-1cc1deb36e80} - F:\Setup.exe
HKU\S-1-5-21-69554075-1431682049-3063101698-1000\...\MountPoints2: {c4936e24-4861-11e5-8ca6-1cc1deb36e80} - F:\Setup.exe
HKU\S-1-5-21-69554075-1431682049-3063101698-1000\...\MountPoints2: {c6a20f25-06c7-11e5-868b-001e101fb45e} - F:\AutoRun.exe
HKU\S-1-5-21-69554075-1431682049-3063101698-1000\...\MountPoints2: {c87ecd55-6be9-11e6-aaf4-1cc1deb36e80} - F:\Setup.exe
HKU\S-1-5-21-69554075-1431682049-3063101698-1000\...\MountPoints2: {c87ecd79-6be9-11e6-aaf4-001e101faa49} - F:\Setup.exe
HKU\S-1-5-21-69554075-1431682049-3063101698-1000\...\MountPoints2: {cd72fae4-70ee-11e5-b483-001e101fa1f5} - F:\Setup.exe
HKU\S-1-5-21-69554075-1431682049-3063101698-1000\...\MountPoints2: {cfc335c7-35f6-11e5-95e4-1cc1deb36e80} - F:\Setup.exe
HKU\S-1-5-21-69554075-1431682049-3063101698-1000\...\MountPoints2: {d33c2079-70fa-11e5-8afa-1cc1deb36e80} - F:\Setup.exe
HKU\S-1-5-21-69554075-1431682049-3063101698-1000\...\MountPoints2: {d405a3b4-71fd-11e5-8198-70f395dc4edc} - F:\Setup.exe
HKU\S-1-5-21-69554075-1431682049-3063101698-1000\...\MountPoints2: {d4464de9-d720-11e4-beee-1cc1deb36e80} - F:\Setup.exe
HKU\S-1-5-21-69554075-1431682049-3063101698-1000\...\MountPoints2: {db2bf5bd-e87e-11e4-9828-001e101f1838} - F:\AutoRun.exe
HKU\S-1-5-21-69554075-1431682049-3063101698-1000\...\MountPoints2: {dd7405a6-269f-11e5-acf9-001e101f1f81} - F:\AutoRun.exe
HKU\S-1-5-21-69554075-1431682049-3063101698-1000\...\MountPoints2: {dd7405c8-269f-11e5-acf9-001e101f1f81} - G:\AutoRun.exe
HKU\S-1-5-21-69554075-1431682049-3063101698-1000\...\MountPoints2: {e0d9a9d3-a06e-11e5-9cd3-806e6f6e6963} - F:\Setup.exe
HKU\S-1-5-21-69554075-1431682049-3063101698-1000\...\MountPoints2: {e1041f15-4805-11e5-bf9b-70f395dc4edc} - F:\Setup.exe
HKU\S-1-5-21-69554075-1431682049-3063101698-1000\...\MountPoints2: {e6efbf1b-4927-11e5-8e9a-1cc1deb36e80} - F:\AutoRun.exe
HKU\S-1-5-21-69554075-1431682049-3063101698-1000\...\MountPoints2: {e918b787-279d-11e5-b1fb-1cc1deb36e80} - F:\Setup.exe
HKU\S-1-5-21-69554075-1431682049-3063101698-1000\...\MountPoints2: {e9956471-e223-11e4-8241-001e101f8924} - F:\AutoRun.exe
HKU\S-1-5-21-69554075-1431682049-3063101698-1000\...\MountPoints2: {ec86707b-4a84-11e5-b2b3-70f395dc4edc} - F:\Setup.exe
HKU\S-1-5-21-69554075-1431682049-3063101698-1000\...\MountPoints2: {ed55f3a7-4541-11e5-86e6-70f395dc4edc} - F:\Setup.exe
HKU\S-1-5-21-69554075-1431682049-3063101698-1000\...\MountPoints2: {f12b0609-7f61-11e5-a3e4-1cc1deb36e80} - F:\Setup.exe
HKU\S-1-5-21-69554075-1431682049-3063101698-1000\...\MountPoints2: {f193c36b-eb96-11e4-80a8-001e101fe70e} - F:\Setup.exe
HKU\S-1-5-21-69554075-1431682049-3063101698-1000\...\MountPoints2: {f347a360-d26d-11e4-9faf-1cc1deb36e80} - F:\Setup.exe
HKU\S-1-5-21-69554075-1431682049-3063101698-1000\...\MountPoints2: {f347a370-d26d-11e4-9faf-1cc1deb36e80} - F:\Setup.exe
HKU\S-1-5-21-69554075-1431682049-3063101698-1000\...\MountPoints2: {fb15d0de-8caa-11e5-887c-1cc1deb36e80} - F:\AutoRun.exe
HKU\S-1-5-21-69554075-1431682049-3063101698-1000\...\MountPoints2: {ff3edda7-2608-11e5-983c-70f395dc4edc} - F:\Setup.exe
ShellIconOverlayIdentifiers: [ IDM Shell Extension] -> {CDC95B92-E27C-4745-A8C5-64A52A78855D} => C:\Program Files\Internet Download Manager\IDMShellExt.dll [2015-08-14] (Tonec Inc.)
ShellIconOverlayIdentifiers: [###MegaShellExtPending] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => -> Pas de fichier
ShellIconOverlayIdentifiers: [###MegaShellExtSynced] -> {05B38830-F4E9-4329-978B-1DD28605D202} => -> Pas de fichier
ShellIconOverlayIdentifiers: [###MegaShellExtSyncing] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => -> Pas de fichier
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Ralink Wireless Utility.lnk [2017-01-07]
ShortcutTarget: Ralink Wireless Utility.lnk -> C:\Program Files\Ralink\Common\RaUI.exe (Ralink Technology, Corp.)
==================== Internet (Avec liste blanche) ====================
(Si un élément est inclus dans le fichier fixlist.txt, s'il s'agit d'un élément du Registre, il sera supprimé ou restauré à la valeur par défaut.)
ATTENTION: There are more than 99 Catalog9 entries. Turn off the whitelisting to see all the entries. You may check Device Manager for presence of unusual amount of "Microsoft 6to4 Adapter" devices.
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{29F9E621-8F9E-45A9-BC86-C6A37F34A13F}: [DhcpNameServer] 172.20.10.1
Tcpip\..\Interfaces\{991A24D8-CB02-4C92-9D45-2EC4027A21EE}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{D15F014A-8488-477D-9257-3E1D896FEFEB}: [NameServer] 10.137.35.50 41.137.33.24
Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =
HKU\S-1-5-21-69554075-1431682049-3063101698-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.msn.com/?pc=SL5M&ocid=SL5MDHP&osmkt=ar-xl
HKU\S-1-5-21-69554075-1431682049-3063101698-1000\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://www.startimes.com/
SearchScopes: HKU\S-1-5-21-69554075-1431682049-3063101698-1000 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?FORM=SL5MDF&PC=SL5M&q={searchTerms}&src=IE-SearchBox
SearchScopes: HKU\S-1-5-21-69554075-1431682049-3063101698-1000 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?FORM=SL5MDF&PC=SL5M&q={searchTerms}&src=IE-SearchBox
BHO: IDM integration (IDMIEHlprObj Class) -> {0055C089-8582-441B-A0BF-17B458C2A3A8} -> C:\Program Files\Internet Download Manager\IDMIECC.dll [2015-07-08] (Internet Download Manager, Tonec Inc.)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_112\bin\ssv.dll [2016-11-17] (Oracle Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_112\bin\jp2ssv.dll [2016-11-17] (Oracle Corporation)
FireFox:
========
FF DefaultProfile: 9ynmtmie.default
FF ProfilePath: C:\Users\g\AppData\Roaming\Mozilla\Firefox\Profiles\9ynmtmie.default [2017-01-17]
FF SearchEngineOrder.3: Mozilla\Firefox\Profiles\9ynmtmie.default -> Bing
FF SelectedSearchEngine: Mozilla\Firefox\Profiles\9ynmtmie.default -> Bing
FF Homepage: Mozilla\Firefox\Profiles\9ynmtmie.default -> hxxp://www.msn.com/?pc=SK216&ocid=SK216DHP&osmkt=ar-xl
hxxps://www.google.com/?gws_rd=ssl
FF Keyword.URL: Mozilla\Firefox\Profiles\9ynmtmie.default -> hxxp://www.bing.com/search?FORM=SL5MDF&PC=SL5M&q=
FF Extension: (Bing Search) - C:\Users\g\AppData\Roaming\Mozilla\Firefox\Profiles\9ynmtmie.default\Extensions\bingsearch.full@microsoft.com [2017-01-15] [non signé]
FF Extension: (Bing Search) - C:\Users\g\AppData\Roaming\Mozilla\Firefox\Profiles\9ynmtmie.default\Extensions\bingsearch.full@microsoft.com.xpi [2015-12-08]
FF Extension: (Firefox Hotfix) - C:\Users\g\AppData\Roaming\Mozilla\Firefox\Profiles\9ynmtmie.default\Extensions\firefox-hotfix@mozilla.org.xpi [2016-09-23]
FF Extension: (Auto Shutdown NG) - C:\Users\g\AppData\Roaming\Mozilla\Firefox\Profiles\9ynmtmie.default\Extensions\jid0-HZ5UvAEiWWAxT9TKLuhEgUCARqo@jetpack.xpi [2016-12-24]
FF Extension: (Cookies Manager+) - C:\Users\g\AppData\Roaming\Mozilla\Firefox\Profiles\9ynmtmie.default\Extensions\{bb6bc1bb-f824-4702-90cd-35e2fb24f25d} [2017-01-03]
FF Extension: (IDM integration) - C:\Program Files\Internet Download Manager\idmmzcc2.xpi [2015-08-14]
FF SearchPlugin: C:\Users\g\AppData\Roaming\Mozilla\Firefox\Profiles\9ynmtmie.default\searchplugins\bing-.xml [2015-12-08]
FF HKU\S-1-5-21-69554075-1431682049-3063101698-1000\...\Firefox\Extensions: [mozilla_cc2@internetdownloadmanager.com] - C:\Program Files\Internet Download Manager\idmmzcc2.xpi
FF HKU\S-1-5-21-69554075-1431682049-3063101698-1000\...\SeaMonkey\Extensions: [mozilla_cc2@internetdownloadmanager.com] - C:\Program Files\Internet Download Manager\idmmzcc2.xpi
FF HKU\S-1-5-21-69554075-1431682049-3063101698-1000\...\SeaMonkey\Extensions: [mozilla_cc@internetdownloadmanager.com] - C:\Users\g\AppData\Roaming\IDM\idmmzcc5
FF Extension: (IDM CC) - C:\Users\g\AppData\Roaming\IDM\idmmzcc5 [2016-04-09] [non signé]
FF Plugin: @java.com/DTPlugin,version=11.112.2 -> C:\Program Files\Java\jre1.8.0_112\bin\dtplugin\npDeployJava1.dll [2016-11-17] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.112.2 -> C:\Program Files\Java\jre1.8.0_112\bin\plugin2\npjp2.dll [2016-11-17] (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.50901.0\npctrl.dll [2016-08-31] ( Microsoft Corporation)
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2016-12-24] (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2016-12-24] (Google Inc.)
FF Plugin: @videolan.org/vlc,version=2.1.5 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.2.1 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.2.4 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2016-12-23] (Adobe Systems Inc.)
Chrome:
=======
CHR StartupUrls: Default -> "hxxp://www.google.com/"
CHR Profile: C:\Users\g\AppData\Local\Google\Chrome\User Data\Default [2017-01-17]
CHR Extension: (Google Slides) - C:\Users\g\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2016-12-24]
CHR Extension: (Google Docs) - C:\Users\g\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2016-12-24]
CHR Extension: (YouTube) - C:\Users\g\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-09-26]
CHR Extension: (Adblock Plus) - C:\Users\g\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2016-10-29]
CHR Extension: (Recherche Google) - C:\Users\g\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-10-27]
CHR Extension: (Adobe Acrobat) - C:\Users\g\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2017-01-16]
CHR Extension: (Disable Youtube™ HTML5 Player) - C:\Users\g\AppData\Local\Google\Chrome\User Data\Default\Extensions\enmofgaijnbjpblfljopnpdogpldapoc [2016-03-28]
CHR Extension: (Google Sheets) - C:\Users\g\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-05-16]
CHR Extension: (Google Docs hors connexion) - C:\Users\g\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-03-16]
CHR Extension: (IE Tab) - C:\Users\g\AppData\Local\Google\Chrome\User Data\Default\Extensions\hehijbfgiekmjfkfjpbkbammjbdenadd [2017-01-12]
CHR Extension: (Flatbook) - C:\Users\g\AppData\Local\Google\Chrome\User Data\Default\Extensions\kadbillinepbjlgenaliokdhejdmmlgp [2016-12-21]
CHR Extension: (Skype) - C:\Users\g\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2016-10-23]
CHR Extension: (IDM Integration Module) - C:\Users\g\AppData\Local\Google\Chrome\User Data\Default\Extensions\ngpampappnmepgilojfohadhhmbhlaek [2016-12-11]
CHR Extension: (Paiements via le Chrome Web Store) - C:\Users\g\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-04-02]
CHR Extension: (Gmail) - C:\Users\g\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-05-16]
CHR Extension: (Chrome Media Router) - C:\Users\g\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2016-12-09]
CHR Profile: C:\Users\g\AppData\Local\Google\Chrome\User Data\Profile 1 [2017-01-16]
CHR Extension: (Google Docs) - C:\Users\g\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aohghmighlieiainnegkcijnfilokake [2015-07-29]
CHR Extension: (Google Drive) - C:\Users\g\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-07-29]
CHR Extension: (YouTube) - C:\Users\g\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-07-29]
CHR Extension: (Recherche Google) - C:\Users\g\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-07-29]
CHR Extension: (Chrome Hotword Shared Module) - C:\Users\g\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-07-29]
CHR Extension: (Skype Click to Call) - C:\Users\g\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2015-07-29]
CHR Extension: (IDM Integration Module) - C:\Users\g\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ngpampappnmepgilojfohadhhmbhlaek [2015-07-29]
CHR Extension: (Paiements via le Chrome Web Store) - C:\Users\g\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-07-29]
CHR Extension: (Gmail) - C:\Users\g\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-07-29]
CHR Profile: C:\Users\g\AppData\Local\Google\Chrome\User Data\System Profile [2017-01-16]
CHR Extension: (Google Slides) - C:\Users\g\AppData\Local\Google\Chrome\User Data\System Profile\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-07-29]
CHR Extension: (Google Docs) - C:\Users\g\AppData\Local\Google\Chrome\User Data\System Profile\Extensions\aohghmighlieiainnegkcijnfilokake [2015-07-29]
CHR Extension: (Google Drive) - C:\Users\g\AppData\Local\Google\Chrome\User Data\System Profile\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-07-29]
CHR Extension: (YouTube) - C:\Users\g\AppData\Local\Google\Chrome\User Data\System Profile\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-07-29]
CHR Extension: (Recherche Google) - C:\Users\g\AppData\Local\Google\Chrome\User Data\System Profile\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-07-29]
CHR Extension: (Bing) - C:\Users\g\AppData\Local\Google\Chrome\User Data\System Profile\Extensions\fcfenmboojpjinhpgggodefccipikbpd [2015-07-29]
CHR Extension: (Google Sheets) - C:\Users\g\AppData\Local\Google\Chrome\User Data\System Profile\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-07-29]
CHR Extension: (Chrome Hotword Shared Module) - C:\Users\g\AppData\Local\Google\Chrome\User Data\System Profile\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-07-29]
CHR Extension: (Skype Click to Call) - C:\Users\g\AppData\Local\Google\Chrome\User Data\System Profile\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2015-07-29]
CHR Extension: (IDM Integration Module) - C:\Users\g\AppData\Local\Google\Chrome\User Data\System Profile\Extensions\ngpampappnmepgilojfohadhhmbhlaek [2015-07-29]
CHR Extension: (Paiements via le Chrome Web Store) - C:\Users\g\AppData\Local\Google\Chrome\User Data\System Profile\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-07-29]
CHR Extension: (Gmail) - C:\Users\g\AppData\Local\Google\Chrome\User Data\System Profile\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-07-29]
CHR HKLM\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM\...\Chrome\Extension: [ngpampappnmepgilojfohadhhmbhlaek] - C:\Program Files\Internet Download Manager\IDMGCExt.crx [2015-08-14]
==================== Services (Avec liste blanche) ====================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
R2 AgereModemAudio; C:\Program Files\LSI SoftModem\agrsmsvc.exe [26112 2009-12-03] (LSI Corporation)
R2 CodeMeter.exe; C:\Program Files\CodeMeter\Runtime\bin\CodeMeter.exe [3105144 2013-11-27] (WIBU-SYSTEMS AG)
R2 Droid4XService; C:\Program Files\Droid4X\Droid4XService.exe [269312 2016-01-06] () [Fichier non signé]
R2 ekrn; C:\Program Files\ESET\ESET Smart Security\ekrn.exe [1349576 2014-10-01] (ESET)
S3 hpqcaslwmiex; C:\Program Files\HP\Shared\hpqwmiex.exe [1031704 2016-06-03] (HP)
R2 HPSupportSolutionsFrameworkService; C:\Program Files\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe [31776 2016-12-07] (HP Inc.)
S2 LiveUpdateSvc; C:\Program Files\IObit\LiveUpdate\LiveUpdate.exe [2909472 2015-07-29] (IObit)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [3381200 2016-12-14] (Malwarebytes)
R2 RalinkRegistryWriter; C:\Program Files\Ralink\Common\RaRegistry.exe [372736 2012-07-04] (Ralink Technology, Corp.) [Fichier non signé]
S3 RaMediaServer; C:\Program Files\Ralink\Common\RaMediaServer.exe [1863680 2012-07-06] (Ralink) [Fichier non signé]
R2 ss_conn_service; C:\Program Files\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe [754784 2016-07-22] (DEVGURU Co., LTD.)
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [680960 2013-05-27] (Microsoft Corporation)
R2 WsAppService; C:\Program Files\Wondershare\WAF\2.3.1.1\WsAppService.exe [437392 2016-10-10] (Wondershare)
S4 PCFasterSvc_{PCFaster_5.1.0.0}; C:\Program Files\PC Faster\5.1.0.0\PCFasterSvc.exe [X]
===================== Pilotes (Avec liste blanche) ======================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
R2 AegisP; C:\Windows\System32\DRIVERS\AegisP.sys [21035 2016-08-28] (Meetinghouse Data Communications) [Fichier non signé]
S3 AmUStor; C:\Windows\System32\drivers\AmUStor.SYS [75416 2016-10-11] (Alcor Micro, Corp.)
R0 Bhbase; C:\Windows\System32\drivers\Bhbase.sys [46440 2015-03-31] (Baidu, Inc.)
R1 BprotectEx; C:\Windows\System32\drivers\BprotectEx.sys [113992 2015-03-31] (Baidu, Inc.)
S3 Btcsrusb; C:\Windows\System32\Drivers\btcusb.sys [47504 2016-06-16] (IVT Corporation.)
S3 BTMUSB; C:\Windows\System32\Drivers\btmusb.sys [402432 2015-12-04] (Motorola, Inc.) [Fichier non signé]
S3 CH341SER; C:\Windows\System32\Drivers\CH341SER.SYS [39696 2011-11-05] (www.winchiphead.com)
S3 DFX11_1; C:\Windows\System32\drivers\dfx11_1.sys [24424 2015-08-31] (Windows (R) Win 7 DDK provider)
R3 DFX12; C:\Windows\System32\drivers\dfx12.sys [26104 2015-11-12] (Windows (R) Win 7 DDK provider)
S3 dg_ssudbus; C:\Windows\System32\DRIVERS\ssudbus.sys [109184 2016-09-05] (Samsung Electronics Co., Ltd.)
R1 eamonm; C:\Windows\System32\DRIVERS\eamonm.sys [191928 2014-09-22] (ESET)
R1 ehdrv; C:\Windows\System32\DRIVERS\ehdrv.sys [135296 2014-09-22] (ESET)
R2 epfw; C:\Windows\System32\DRIVERS\epfw.sys [176448 2014-09-22] (ESET)
R1 EpfwLWF; C:\Windows\System32\DRIVERS\EpfwLWF.sys [37928 2014-09-22] (ESET)
R0 epfwwfp; C:\Windows\System32\DRIVERS\epfwwfp.sys [51288 2014-09-22] (ESET)
R1 ESProtectionDriver; C:\Windows\system32\drivers\mbae.sys [59968 2016-12-14] ()
S3 FcSerial; C:\Windows\System32\DRIVERS\FcSerial.sys [194944 2015-05-28] (Flash Card.)
S3 GeneStor; C:\Windows\System32\DRIVERS\GeneStor.sys [56832 2016-09-21] (GenesysLogic)
S3 hwdatacard; C:\Windows\System32\DRIVERS\ewusbmdm.sys [199296 2016-08-28] (MBB Technologies Co., Ltd.)
R1 HWiNFO32; C:\Windows\system32\drivers\HWiNFO32.SYS [23840 2015-10-05] (REALiX(tm))
R3 IntcHdmiAddService; C:\Windows\System32\drivers\IntcHdmi.sys [127488 2016-01-10] (Intel(R) Corporation) [Fichier non signé]
R2 MBAMChameleon; C:\Windows\system32\drivers\MBAMChameleon.sys [153024 2017-01-15] (Malwarebytes)
R3 MBAMFarflt; C:\Windows\system32\drivers\farflt.sys [87496 2017-01-17] (Malwarebytes)
R3 MBAMProtection; C:\Windows\system32\drivers\mbam.sys [39360 2017-01-17] (Malwarebytes)
S3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [39360 2017-01-17] (Malwarebytes)
R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [219072 2017-01-17] (Malwarebytes)
S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63264 2017-01-17] (Malwarebytes)
R3 MTKSCVAD; C:\Windows\System32\drivers\mtkvad.sys [37376 2012-07-16] (Ralink Technology, Corp.)
R1 ndisrd; C:\Windows\System32\DRIVERS\ndisrd.sys [37408 2014-08-14] (NT Kernel Resources)
R3 netr28; C:\Windows\System32\DRIVERS\netr28.sys [2099856 2015-12-04] (MediaTek Inc.)
R3 netr28u; C:\Windows\System32\DRIVERS\netr28u.sys [1321568 2012-08-17] (Ralink Technology Corp.)
S3 rtsuvc; C:\Windows\System32\DRIVERS\rtsuvc.sys [2003712 2016-12-23] (Realtek Semiconductor Corp.)
S3 ssudmdm; C:\Windows\System32\DRIVERS\ssudmdm.sys [147072 2016-09-05] (Samsung Electronics Co., Ltd.)
S3 usbrndis6; C:\Windows\system32\drivers\usb80236.sys [15872 2013-02-12] (Microsoft Corporation)
S3 btmaudio; system32\drivers\btmaud.sys [X]
S3 BTMCOM; System32\Drivers\btmcom.sys [X]
S3 dgderdrv; System32\drivers\dgderdrv.sys [X]
S3 ewusbnet; system32\DRIVERS\ewusbnet.sys [X]
S3 hwusbdev; system32\DRIVERS\ewusbdev.sys [X]
S3 PCFApiUtil; \??\C:\Program Files\PC Faster\5.1.0.0\PCFApiUtil.sys [X]
S3 RimUsb; System32\Drivers\RimUsb.sys [X]
S3 VGPU; System32\drivers\rdvgkmd.sys [X]
S3 vmci; \SystemRoot\system32\DRIVERS\vmci.sys [X]
S3 VMnetAdapter; system32\DRIVERS\vmnetadapter.sys [X]
==================== NetSvcs (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
==================== Un mois - Créés - fichiers et dossiers ========
(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)
2017-01-17 20:19 - 2017-01-17 20:21 - 00040121 _____ C:\Users\g\Desktop\FRST.txt
2017-01-17 20:18 - 2017-01-17 20:18 - 00000000 ____D C:\FRST
2017-01-17 20:16 - 2017-01-17 20:16 - 01761280 _____ (Farbar) C:\Users\g\Desktop\FRST.exe
2017-01-17 19:01 - 2017-01-17 19:01 - 00000000 ____H C:\ProgramData\cm-lock
2017-01-17 17:04 - 2017-01-17 18:41 - 00000000 __SHD C:\[Smad-Cage]
2017-01-17 17:04 - 2017-01-17 18:40 - 00000000 ____D C:\Program Files\SMADAV
2017-01-17 17:04 - 2017-01-17 17:04 - 00000978 _____ C:\Users\Public\Desktop\SMADΔV.lnk
2017-01-17 17:04 - 2017-01-17 17:04 - 00000000 ____D C:\Users\g\AppData\Roaming\Smadav
2017-01-17 17:04 - 2017-01-17 17:04 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SMADAV Antivirus
2017-01-17 16:12 - 2017-01-17 16:26 - 00011361 _____ C:\missing.ini
2017-01-17 16:12 - 2017-01-17 16:12 - 00110408 _____ C:\Users\g\AppData\Local\GDIPFONTCACHEV1.DAT
2017-01-17 13:45 - 2017-01-17 13:47 - 00000000 ____D C:\Users\g\Desktop\program ccleaner
2017-01-16 18:09 - 2017-01-16 18:09 - 00000000 ____D C:\Windows\pss
2017-01-16 17:29 - 2017-01-16 17:29 - 00000000 ____D C:\Users\Public\Documents\Baidu Security
2017-01-16 17:12 - 2017-01-16 17:12 - 00014501 _____ C:\ProgramData\Duplicaterecord.js
2017-01-16 17:12 - 2017-01-16 17:12 - 00001067 _____ C:\Users\g\Desktop\Baidu PC Faster.lnk
2017-01-16 17:12 - 2017-01-16 17:12 - 00000000 ____D C:\Users\g\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Baidu PC Faster
2017-01-16 17:12 - 2017-01-16 17:12 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Baidu PC Faster
2017-01-16 17:12 - 2015-03-31 06:22 - 00113992 _____ (Baidu, Inc.) C:\Windows\system32\Drivers\BprotectEx.sys
2017-01-16 17:12 - 2015-03-31 06:22 - 00046440 _____ (Baidu, Inc.) C:\Windows\system32\Drivers\Bhbase.sys
2017-01-16 17:11 - 2017-01-16 17:11 - 00000000 ____D C:\Program Files\PC Faster
2017-01-16 17:09 - 2017-01-16 17:09 - 00000000 ____D C:\ProgramData\Baidu Security
2017-01-16 17:09 - 2017-01-16 17:09 - 00000000 ____D C:\Program Files\Baidu Security
2017-01-16 17:05 - 2017-01-16 17:05 - 00000000 ____D C:\Users\g\AppData\Roaming\PC Faster
2017-01-16 17:00 - 2017-01-16 17:00 - 00001061 _____ C:\Users\g\Desktop\Baidu WiFi Hotspot.lnk
2017-01-16 17:00 - 2017-01-16 17:00 - 00000000 ____D C:\Users\Public\Documents\PC Faster
2017-01-16 17:00 - 2017-01-16 17:00 - 00000000 ____D C:\Users\g\AppData\Roaming\Baidu
2017-01-16 17:00 - 2017-01-16 17:00 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Baidu WiFi Hotspot
2017-01-16 17:00 - 2014-08-14 09:18 - 00037408 _____ (NT Kernel Resources) C:\Windows\system32\Drivers\ndisrd.sys
2017-01-16 16:59 - 2017-01-16 17:08 - 00000000 ____D C:\Program Files\Baidu WiFiHotspot
2017-01-16 16:59 - 2017-01-16 16:59 - 00000000 ____D C:\ProgramData\PC Faster
2017-01-16 15:03 - 2017-01-16 15:03 - 00411816 _____ C:\Windows\system32\FNTCACHE.DAT
2017-01-16 13:33 - 2017-01-17 19:21 - 00000000 _____ C:\hsrv.txt
2017-01-16 12:59 - 2017-01-16 12:59 - 00000000 ____D C:\ProgramData\Ralink
2017-01-15 23:40 - 2017-01-15 23:40 - 00000000 ____D C:\Users\g\AppData\Roaming\ProductData
2017-01-15 17:00 - 2017-01-17 19:31 - 00087496 _____ (Malwarebytes) C:\Windows\system32\Drivers\farflt.sys
2017-01-15 16:59 - 2017-01-17 19:28 - 00001980 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2017-01-15 16:59 - 2017-01-17 19:28 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes
2017-01-15 16:59 - 2016-12-14 12:55 - 00059968 _____ C:\Windows\system32\Drivers\mbae.sys
2017-01-15 16:58 - 2017-01-15 16:58 - 00000000 ____D C:\Program Files\Malwarebytes
2017-01-15 13:03 - 2017-01-15 14:00 - 00000000 ____D C:\AdwCleaner
2017-01-15 12:47 - 2017-01-15 02:46 - 03334055 ____N C:\Users\g\Downloads\Apk Downloader_v1.00_apkpure.com.apk
2017-01-14 20:59 - 2017-01-14 20:59 - 05386416 _____ C:\Users\g\Downloads\BL_G930FXXU1BPK3_CL9519568_QB11426133_REV00_user_low_ship.tar (1).md5
2017-01-14 20:58 - 2017-01-14 20:59 - 05386416 _____ C:\Users\g\Downloads\BL_G930FXXU1BPLB_CL9689434_QB11912457_REV00_user_low_ship.tar.md5
2017-01-14 20:54 - 2017-01-14 20:56 - 38758577 _____ C:\Users\g\Downloads\CP_G930FXXU1BPJJ_CL9519568_QB11350220_REV00_user_low_ship.tar.md5
2017-01-14 20:29 - 2017-01-14 20:30 - 38758496 _____ C:\Users\g\Downloads\CP_G930FXXU1BPJG_CL9519568_QB11325553_REV00_user_low_ship.tar.md5
2017-01-14 20:26 - 2017-01-14 20:29 - 05386416 _____ C:\Users\g\Downloads\BL_G930FXXU1BPK3_CL9519568_QB11426133_REV00_user_low_ship.tar.md5
2017-01-13 23:18 - 2017-01-13 23:19 - 19968000 _____ C:\Users\g\Downloads\twrp-3.0.1-0-s5neolte.img.tar
2017-01-13 23:17 - 2017-01-13 23:18 - 19978240 _____ C:\Users\g\Downloads\twrp-3.0.2-0-s5neolte.img.tar
2017-01-13 22:32 - 2017-01-13 22:35 - 01897652 _____ C:\Users\g\Downloads\me.twrp.twrpapp-18.apk
2017-01-13 21:58 - 2017-01-13 22:07 - 10065967 _____ C:\Users\g\Downloads\recovery.tar.md5
2017-01-13 04:41 - 2017-01-13 04:41 - 00000000 __SHD C:\found.001
2017-01-12 18:51 - 2017-01-14 20:55 - 00000000 ____D C:\Users\g\Desktop\NOTE 7
2017-01-12 18:37 - 2017-01-14 21:03 - 00000000 ____D C:\Users\g\Desktop\s6G920F
2017-01-12 03:37 - 2017-01-05 17:46 - 00137960 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2017-01-12 03:37 - 2017-01-05 17:46 - 00067304 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2017-01-12 03:37 - 2017-01-05 17:43 - 01062912 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2017-01-12 03:37 - 2017-01-05 17:43 - 00655360 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2017-01-12 03:37 - 2017-01-05 17:43 - 00553472 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2017-01-12 03:37 - 2017-01-05 17:43 - 00261120 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2017-01-12 03:37 - 2017-01-05 17:43 - 00254464 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2017-01-12 03:37 - 2017-01-05 17:43 - 00223232 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2017-01-12 03:37 - 2017-01-05 17:43 - 00172032 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2017-01-12 03:37 - 2017-01-05 17:43 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2017-01-12 03:37 - 2017-01-05 17:43 - 00141312 _____ (Microsoft Corporation) C:\Windows\system32\rpchttp.dll
2017-01-12 03:37 - 2017-01-05 17:43 - 00099840 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2017-01-12 03:37 - 2017-01-05 17:43 - 00082432 _____ (Microsoft Corporation) C:\Windows\system32\bcrypt.dll
2017-01-12 03:37 - 2017-01-05 17:43 - 00065536 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2017-01-12 03:37 - 2017-01-05 17:43 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2017-01-12 03:37 - 2017-01-05 17:43 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2017-01-12 03:37 - 2017-01-05 17:43 - 00017408 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2017-01-12 03:37 - 2017-01-05 17:42 - 00690688 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2017-01-12 03:37 - 2017-01-05 17:23 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2017-01-12 03:37 - 2017-01-05 17:19 - 00226304 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2017-01-12 03:37 - 2017-01-05 17:19 - 00124416 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2017-01-12 03:37 - 2017-01-05 17:19 - 00098304 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2017-01-12 03:37 - 2017-01-05 17:19 - 00036352 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll
2017-01-12 03:37 - 2017-01-05 17:19 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2017-01-12 03:37 - 2017-01-05 17:19 - 00015872 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2017-01-11 23:34 - 2017-01-12 19:35 - 00000000 ____D C:\Users\g\Desktop\Tenda
2017-01-07 00:05 - 2012-07-16 16:20 - 00037376 _____ (Ralink Technology, Corp.) C:\Windows\system32\Drivers\mtkvad.sys
2017-01-07 00:04 - 2017-01-07 00:04 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ralink Wireless
2017-01-07 00:04 - 2011-09-08 05:51 - 00237568 _____ (The OpenSSL Project, hxxp://www.openssl.org/) C:\Windows\system32\ssleay32.dll
2017-01-07 00:04 - 2011-09-08 05:50 - 01100288 _____ (The OpenSSL Project, hxxp://www.openssl.org/) C:\Windows\system32\libeay32.dll
2017-01-07 00:04 - 2010-12-29 09:22 - 00822272 _____ C:\Windows\system32\libstdc++-6.dll
2017-01-07 00:04 - 2010-12-29 09:22 - 00089088 _____ C:\Windows\system32\libgcc_s_sjlj-1.dll
2017-01-07 00:03 - 2012-08-17 22:31 - 01321568 _____ (Ralink Technology Corp.) C:\Windows\system32\Drivers\netr28u.sys
2017-01-07 00:02 - 2017-01-07 00:03 - 00000000 ____D C:\Program Files\Ralink
2017-01-06 22:57 - 2010-11-26 20:18 - 00000000 ____D C:\Users\g\Desktop\nxp.hd.3.2 Loader
2017-01-06 21:23 - 2017-01-06 21:26 - 00000363 _____ C:\Windows\RTacDbg.txt
2017-01-06 21:23 - 2010-12-14 15:41 - 00180608 ____N (Realtek Semiconductor Corporation ) C:\Windows\system32\Drivers\RTL8187.SYS
2017-01-06 21:22 - 2017-01-06 23:29 - 00000000 ____D C:\Program Files\REALTEK RTL8187 Wireless LAN Driver and Utility
2016-12-29 02:15 - 2016-12-29 02:15 - 00000000 ____D C:\Users\g\AppData\Local\Hewlett-Packard
2016-12-29 01:31 - 2016-12-29 01:31 - 00000000 ____D C:\Users\g\AppData\Roaming\Hewlett-Packard
2016-12-29 01:13 - 2016-12-29 01:13 - 00000000 ____D C:\ProgramData\HP Inc
2016-12-29 01:12 - 2016-12-29 01:12 - 00000000 ____D C:\System.sav
2016-12-29 01:11 - 2016-12-29 01:13 - 00000000 ____D C:\ProgramData\Hewlett-Packard
2016-12-29 01:10 - 2016-12-29 01:11 - 00000000 ____D C:\Users\g\AppData\Roaming\hpqLog
2016-12-29 01:10 - 2016-12-29 01:10 - 00000000 ____D C:\Program Files\HP
2016-12-29 00:25 - 2016-12-29 01:13 - 00000000 ____D C:\Program Files\Hewlett-Packard
2016-12-28 22:37 - 2016-12-28 22:36 - 00046940 _____ C:\Users\g\Documents\Configuration.mc
2016-12-28 22:34 - 2017-01-05 19:41 - 00524288 ___SH C:\Windows\system32\config\components{f4af3647-cd4a-11e6-acd5-1cc1deb36e80}.TMContainer00000000000000000001.regtrans-ms
2016-12-28 22:34 - 2017-01-05 19:41 - 00065536 ___SH C:\Windows\system32\config\components{f4af3647-cd4a-11e6-acd5-1cc1deb36e80}.TM.blf
2016-12-28 22:34 - 2016-12-28 22:34 - 00524288 ___SH C:\Windows\system32\config\components{f4af3647-cd4a-11e6-acd5-1cc1deb36e80}.TMContainer00000000000000000002.regtrans-ms
2016-12-28 21:49 - 2016-12-28 21:49 - 01980672 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RsDecode.dll
2016-12-28 21:49 - 2016-12-28 21:49 - 00199936 _____ (Realtek Semiconductor Corp.) C:\Windows\RtsCM.exe
2016-12-28 21:29 - 2016-12-28 21:29 - 01048576 ___SH C:\Windows\system32\config\components{eec11fb9-cc4e-11e6-b32f-1cc1deb36e80}.TxR.2.regtrans-ms
2016-12-28 21:29 - 2016-12-28 21:29 - 01048576 ___SH C:\Windows\system32\config\components{eec11fb9-cc4e-11e6-b32f-1cc1deb36e80}.TxR.1.regtrans-ms
2016-12-28 21:29 - 2016-12-28 21:29 - 01048576 ___SH C:\Windows\system32\config\components{eec11fb9-cc4e-11e6-b32f-1cc1deb36e80}.TxR.0.regtrans-ms
2016-12-28 21:29 - 2016-12-28 21:29 - 00065536 ___SH C:\Windows\system32\config\components{eec11fb9-cc4e-11e6-b32f-1cc1deb36e80}.TxR.blf
2016-12-27 16:30 - 2016-12-28 21:27 - 00524288 ___SH C:\Windows\system32\config\components{eec11fba-cc4e-11e6-b32f-1cc1deb36e80}.TMContainer00000000000000000001.regtrans-ms
2016-12-27 16:30 - 2016-12-28 21:27 - 00065536 ___SH C:\Windows\system32\config\components{eec11fba-cc4e-11e6-b32f-1cc1deb36e80}.TM.blf
2016-12-27 16:30 - 2016-12-27 16:30 - 00524288 ___SH C:\Windows\system32\config\components{eec11fba-cc4e-11e6-b32f-1cc1deb36e80}.TMContainer00000000000000000002.regtrans-ms
2016-12-27 15:36 - 2016-12-27 15:36 - 01048576 ___SH C:\Windows\system32\config\components{0b2c1847-cab1-11e6-867c-1cc1deb36e80}.TxR.2.regtrans-ms
2016-12-27 15:36 - 2016-12-27 15:36 - 01048576 ___SH C:\Windows\system32\config\components{0b2c1847-cab1-11e6-867c-1cc1deb36e80}.TxR.1.regtrans-ms
2016-12-27 15:36 - 2016-12-27 15:36 - 01048576 ___SH C:\Windows\system32\config\components{0b2c1847-cab1-11e6-867c-1cc1deb36e80}.TxR.0.regtrans-ms
2016-12-27 15:36 - 2016-12-27 15:36 - 00065536 ___SH C:\Windows\system32\config\components{0b2c1847-cab1-11e6-867c-1cc1deb36e80}.TxR.blf
2016-12-26 14:33 - 2016-12-26 14:33 - 00000000 __SHD C:\found.000
2016-12-25 14:56 - 2016-12-27 01:09 - 00524288 ___SH C:\Windows\system32\config\components{0b2c1848-cab1-11e6-867c-1cc1deb36e80}.TMContainer00000000000000000001.regtrans-ms
2016-12-25 14:56 - 2016-12-27 01:09 - 00065536 ___SH C:\Windows\system32\config\components{0b2c1848-cab1-11e6-867c-1cc1deb36e80}.TM.blf
2016-12-25 14:56 - 2016-12-25 15:19 - 00524288 ___SH C:\Windows\system32\config\components{0b2c1848-cab1-11e6-867c-1cc1deb36e80}.TMContainer00000000000000000002.regtrans-ms
2016-12-25 01:01 - 2016-12-25 01:01 - 00000000 ____D C:\Users\g\Desktop\Odin307+ at&t Karnel And recovery
2016-12-24 22:40 - 2016-12-24 22:40 - 00001875 _____ C:\Users\Public\Desktop\Samsung Kies 3.lnk
2016-12-24 22:32 - 2016-12-24 22:32 - 00000000 ____D C:\Users\Public\Documents\CrashDump
2016-12-24 21:08 - 2017-01-17 04:38 - 00000000 ____D C:\Users\g\Desktop\GUERMED
2016-12-24 20:03 - 2017-01-08 15:27 - 00000000 ____D C:\Users\g\AppData\Roaming\Samsung
2016-12-24 20:03 - 2016-12-31 14:49 - 00000000 ____D C:\Users\g\Documents\samsung
2016-12-24 20:03 - 2016-12-24 20:03 - 00000000 ____D C:\Users\Public\Documents\NativeFus_Log
2016-12-24 20:03 - 2016-12-24 20:03 - 00000000 ____D C:\Users\g\AppData\Local\Samsung
2016-12-24 19:35 - 2017-01-11 14:36 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Samsung
2016-12-24 19:35 - 2016-05-18 14:49 - 04659712 _____ (Dmitry Streblechenko) C:\Windows\system32\Redemption.dll
2016-12-24 19:35 - 2016-05-18 14:49 - 00144664 _____ (MAPILab Ltd. & Add-in Express Ltd.) C:\Windows\system32\secman.dll
2016-12-24 19:34 - 2016-05-18 14:49 - 00821824 _____ (Devguru Co., Ltd.) C:\Windows\system32\dgderapi.dll
2016-12-24 16:14 - 2016-12-24 16:14 - 00000000 ____D C:\Program Files\NirSoft
2016-12-24 02:12 - 2016-12-24 02:12 - 00002173 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-12-24 02:12 - 2016-12-24 02:12 - 00002161 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2016-12-24 02:10 - 2016-12-24 02:10 - 00000816 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2016-12-23 23:14 - 2017-01-07 00:03 - 00000000 ____D C:\Program Files\Cisco
2016-12-23 23:13 - 2017-01-07 00:03 - 00000000 ____D C:\Windows\system32\RaLanguages
2016-12-23 23:13 - 2012-01-10 11:29 - 00117760 _____ (Ralink Technology, Corp.) C:\Windows\system32\RAEXTUI.dll
2016-12-23 23:13 - 2011-05-04 13:56 - 01608768 _____ (Ralink Technology, Corp.) C:\Windows\system32\RaCertMgr.dll
2016-12-23 23:13 - 2010-06-29 10:34 - 00480608 _____ C:\Windows\system32\DiagFunc.dll
2016-12-23 23:13 - 2010-01-27 11:54 - 00000451 _____ C:\Windows\system32\DiagFunc.ini
2016-12-23 22:49 - 2016-12-25 01:30 - 00524288 ___SH C:\Windows\system32\config\components{03a7c7b0-c962-11e6-aff5-1cc1deb36e80}.TMContainer00000000000000000001.regtrans-ms
2016-12-23 22:49 - 2016-12-25 01:30 - 00065536 ___SH C:\Windows\system32\config\components{03a7c7b0-c962-11e6-aff5-1cc1deb36e80}.TM.blf
2016-12-23 22:49 - 2016-12-23 23:00 - 00524288 ___SH C:\Windows\system32\config\components{03a7c7b0-c962-11e6-aff5-1cc1deb36e80}.TMContainer00000000000000000002.regtrans-ms
2016-12-23 22:26 - 2016-12-23 22:26 - 01048576 ___SH C:\Windows\system32\config\components{40b92aef-c959-11e6-b372-e84e062eebf4}.TxR.2.regtrans-ms
2016-12-23 22:26 - 2016-12-23 22:26 - 01048576 ___SH C:\Windows\system32\config\components{40b92aef-c959-11e6-b372-e84e062eebf4}.TxR.1.regtrans-ms
2016-12-23 22:26 - 2016-12-23 22:26 - 01048576 ___SH C:\Windows\system32\config\components{40b92aef-c959-11e6-b372-e84e062eebf4}.TxR.0.regtrans-ms
2016-12-23 22:26 - 2016-12-23 22:26 - 00065536 ___SH C:\Windows\system32\config\components{40b92aef-c959-11e6-b372-e84e062eebf4}.TxR.blf
2016-12-23 21:46 - 2016-12-23 21:57 - 00524288 ___SH C:\Windows\system32\config\components{40b92af0-c959-11e6-b372-e84e062eebf4}.TMContainer00000000000000000002.regtrans-ms
2016-12-23 21:46 - 2016-12-23 21:57 - 00524288 ___SH C:\Windows\system32\config\components{40b92af0-c959-11e6-b372-e84e062eebf4}.TMContainer00000000000000000001.regtrans-ms
2016-12-23 21:46 - 2016-12-23 21:57 - 00065536 ___SH C:\Windows\system32\config\components{40b92af0-c959-11e6-b372-e84e062eebf4}.TM.blf
2016-12-23 21:20 - 2016-12-23 21:20 - 01048576 ___SH C:\Windows\system32\config\components{4745a37a-c955-11e6-b303-1cc1deb36e80}.TxR.2.regtrans-ms
2016-12-23 21:20 - 2016-12-23 21:20 - 01048576 ___SH C:\Windows\system32\config\components{4745a37a-c955-11e6-b303-1cc1deb36e80}.TxR.1.regtrans-ms
2016-12-23 21:20 - 2016-12-23 21:20 - 01048576 ___SH C:\Windows\system32\config\components{4745a37a-c955-11e6-b303-1cc1deb36e80}.TxR.0.regtrans-ms
2016-12-23 21:20 - 2016-12-23 21:20 - 00524288 ___SH C:\Windows\system32\config\components{4745a37b-c955-11e6-b303-1cc1deb36e80}.TMContainer00000000000000000002.regtrans-ms
2016-12-23 21:20 - 2016-12-23 21:20 - 00524288 ___SH C:\Windows\system32\config\components{4745a37b-c955-11e6-b303-1cc1deb36e80}.TMContainer00000000000000000001.regtrans-ms
2016-12-23 21:20 - 2016-12-23 21:20 - 00065536 ___SH C:\Windows\system32\config\components{4745a37b-c955-11e6-b303-1cc1deb36e80}.TM.blf
2016-12-23 21:20 - 2016-12-23 21:20 - 00065536 ___SH C:\Windows\system32\config\components{4745a37a-c955-11e6-b303-1cc1deb36e80}.TxR.blf
2016-12-23 18:42 - 2016-12-23 18:42 - 00000000 ____D C:\Users\g\AppData\Local\Smart PC Soft
2016-12-23 18:41 - 2016-12-23 21:50 - 00000000 ____D C:\Program Files\TV 3L PC
2016-12-23 18:23 - 2016-12-23 18:23 - 01048576 ___SH C:\Windows\system32\config\components{85f894be-c859-11e6-ade1-70f395dc4edc}.TxR.2.regtrans-ms
2016-12-23 18:23 - 2016-12-23 18:23 - 01048576 ___SH C:\Windows\system32\config\components{85f894be-c859-11e6-ade1-70f395dc4edc}.TxR.1.regtrans-ms
2016-12-23 18:23 - 2016-12-23 18:23 - 01048576 ___SH C:\Windows\system32\config\components{85f894be-c859-11e6-ade1-70f395dc4edc}.TxR.0.regtrans-ms
2016-12-23 18:23 - 2016-12-23 18:23 - 00065536 ___SH C:\Windows\system32\config\components{85f894be-c859-11e6-ade1-70f395dc4edc}.TxR.blf
2016-12-23 15:22 - 2017-01-09 20:34 - 00000000 ____D C:\Users\g\Downloads\Video
2016-12-23 03:27 - 2016-12-28 21:52 - 00002194 _____ C:\Users\Public\Desktop\Driver Booster 4.lnk
2016-12-23 03:27 - 2016-12-23 03:27 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Driver Booster 4
2016-12-23 03:12 - 2016-12-23 03:12 - 02003712 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\Drivers\rtsuvc.sys
2016-12-23 03:12 - 2016-12-23 03:12 - 01896704 _____ (Realtek Semiconductor Corp.) C:\Windows\RtCamU.exe
2016-12-23 03:12 - 2016-12-23 03:12 - 00555264 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtCamP.dll
2016-12-23 03:12 - 2016-12-23 03:12 - 00086784 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtCamO.dll
2016-12-23 01:13 - 2016-12-27 16:33 - 00000000 ____D C:\Users\g\Desktop\Windows Loader
2016-12-22 21:11 - 2015-05-26 22:00 - 02464768 _____ (Samsung Electronics Co., Ltd.) C:\Users\g\Desktop\Odin3 v3.10.7.exe
2016-12-22 15:20 - 2016-12-23 18:06 - 00524288 ___SH C:\Windows\system32\config\components{85f894bf-c859-11e6-ade1-70f395dc4edc}.TMContainer00000000000000000001.regtrans-ms
2016-12-22 15:20 - 2016-12-23 18:06 - 00065536 ___SH C:\Windows\system32\config\components{85f894bf-c859-11e6-ade1-70f395dc4edc}.TM.blf
2016-12-22 15:20 - 2016-12-22 15:35 - 00524288 ___SH C:\Windows\system32\config\components{85f894bf-c859-11e6-ade1-70f395dc4edc}.TMContainer00000000000000000002.regtrans-ms
2016-12-22 02:01 - 2016-12-23 21:01 - 00000000 ____D C:\ProgramData\ASUS Driver
2016-12-22 01:46 - 2016-12-22 01:46 - 00000000 ____D C:\DRIVERS
2016-12-22 01:28 - 2016-12-30 00:01 - 00000000 ____D C:\Program Files\Driver Identifier
2016-12-22 01:28 - 2016-12-22 01:28 - 00000000 ____D C:\Users\g\AppData\Roaming\driveridentifier
2016-12-22 01:27 - 2017-01-17 20:17 - 00000000 ____D C:\Users\g\Downloads\Programs
2016-12-22 00:19 - 2016-12-22 00:22 - 15853038 _____ C:\Users\g\Downloads\solidstreamz1.0.apk
2016-12-20 01:36 - 2017-01-13 04:43 - 00000000 ____D C:\Users\g\Desktop\not4 hassan
2016-12-19 20:47 - 2016-12-20 21:47 - 00000000 ____D C:\Users\g\Documents\LOADER SUNPLUS HD 1512-1502 . BY HAMID DZZ
2016-12-18 14:40 - 2016-12-18 14:40 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2016-12-18 14:39 - 2016-12-18 14:39 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2016-12-18 10:13 - 2016-12-22 15:00 - 00524288 ___SH C:\Windows\system32\config\components{8bf93f82-c509-11e6-932f-1cc1deb36e80}.TMContainer00000000000000000001.regtrans-ms
2016-12-18 10:13 - 2016-12-22 15:00 - 00065536 ___SH C:\Windows\system32\config\components{8bf93f82-c509-11e6-932f-1cc1deb36e80}.TM.blf
2016-12-18 10:13 - 2016-12-18 10:27 - 00524288 ___SH C:\Windows\system32\config\components{8bf93f82-c509-11e6-932f-1cc1deb36e80}.TMContainer00000000000000000002.regtrans-ms
==================== Un mois - Modifiés - fichiers et dossiers ========
(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)
2017-01-17 20:17 - 2009-07-14 04:34 - 00029744 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2017-01-17 20:17 - 2009-07-14 04:34 - 00029744 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2017-01-17 19:32 - 2015-10-05 14:14 - 00001002 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2017-01-17 19:31 - 2015-03-25 17:49 - 00063264 _____ (Malwarebytes) C:\Windows\system32\Drivers\mwac.sys
2017-01-17 19:30 - 2015-03-25 17:49 - 00219072 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2017-01-17 19:30 - 2015-03-25 17:49 - 00039360 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbam.sys
2017-01-17 19:21 - 2009-07-14 04:53 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2017-01-17 19:19 - 2015-03-25 15:52 - 00000000 ____D C:\Program Files\CCleaner
2017-01-17 19:08 - 2011-02-07 12:31 - 00737104 _____ C:\Windows\system32\perfh00C.dat
2017-01-17 19:08 - 2011-02-07 12:31 - 00480452 _____ C:\Windows\system32\perfh001.dat
2017-01-17 19:08 - 2011-02-07 12:31 - 00149032 _____ C:\Windows\system32\perfc00C.dat
2017-01-17 19:08 - 2011-02-07 12:31 - 00094838 _____ C:\Windows\system32\perfc001.dat
2017-01-17 19:08 - 2010-11-20 21:01 - 02229580 _____ C:\Windows\system32\PerfStringBackup.INI
2017-01-17 19:08 - 2009-07-14 02:37 - 00000000 ____D C:\Windows\inf
2017-01-17 18:43 - 2015-03-25 15:04 - 00000000 ____D C:\Users\g\AppData\Roaming\DMCache
2017-01-17 16:57 - 2009-07-14 02:37 - 00000000 ____D C:\Windows\system32\NDF
2017-01-17 16:26 - 2015-12-27 00:10 - 00000000 ____D C:\ProgramData\TEMP
2017-01-17 04:52 - 2016-01-02 02:00 - 00000000 ____D C:\Users\g\Documents\EGDownloads
2017-01-17 04:52 - 2015-03-25 15:04 - 00000000 ____D C:\Users\g\Downloads\Compressed
2017-01-16 22:53 - 2009-07-14 02:04 - 00000219 _____ C:\Windows\system.ini
2017-01-16 18:22 - 2015-12-12 11:57 - 00000000 ____D C:\Users\g\AppData\Roaming\ZHP
2017-01-16 17:02 - 2015-05-14 17:22 - 00000431 _____ C:\Windows\system32\Drivers\etc\hosts.ics
2017-01-16 16:59 - 2016-04-09 01:04 - 00000000 ____D C:\Users\g\AppData\Roaming\IDM
2017-01-16 14:58 - 2015-05-03 01:02 - 00000000 ____D C:\Windows\Minidump
2017-01-16 14:58 - 2009-07-14 02:37 - 00000000 ____D C:\Windows\ModemLogs
2017-01-16 00:38 - 2016-05-21 15:17 - 00000000 ____D C:\ProgramData\Ashampoo
2017-01-16 00:37 - 2015-10-12 17:03 - 00000000 ____D C:\Users\g\Desktop\hassane
2017-01-15 19:13 - 2009-07-14 02:37 - 00000000 ____D C:\Windows\rescache
2017-01-15 17:01 - 2015-03-25 17:49 - 00153024 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamchameleon.sys
2017-01-15 16:58 - 2015-03-25 17:49 - 00000000 ____D C:\ProgramData\Malwarebytes
2017-01-14 18:59 - 2016-01-24 14:19 - 00001797 _____ C:\Users\g\Desktop\KEY1.txt
2017-01-13 14:29 - 2016-12-14 20:42 - 00000000 ____D C:\Program Files\Mozilla Firefox
2017-01-13 03:08 - 2016-01-01 15:58 - 00000000 ____D C:\Windows\system32\MRT
2017-01-13 03:01 - 2016-01-01 15:58 - 133456224 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2017-01-12 23:57 - 2009-07-14 04:53 - 00032482 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2017-01-12 19:34 - 2015-11-06 20:06 - 00023552 ___SH C:\Users\g\Thumbs.db
2017-01-12 03:49 - 2015-11-02 19:30 - 00002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2017-01-11 21:22 - 2015-10-12 01:25 - 00000000 ____D C:\Users\g\AppData\Local\IE Tab
2017-01-11 16:17 - 2016-09-19 21:54 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\BitComet
2017-01-11 16:17 - 2016-04-04 21:25 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Droid4X
2017-01-11 16:17 - 2016-02-14 11:12 - 00000000 ____D C:\Users\g\Desktop\phone
2017-01-11 16:17 - 2016-02-04 14:00 - 00000000 ____D C:\Users\g\Desktop\cart mimoire
2017-01-11 16:17 - 2015-03-25 17:49 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2017-01-11 14:37 - 2016-01-02 01:57 - 00000000 ____D C:\Program Files\Common Files\EagleGet
2017-01-04 00:05 - 2015-03-25 16:10 - 00000000 ____D C:\Users\g\AppData\Roaming\SlimBrowser
2016-12-31 14:47 - 2015-10-30 14:34 - 00000000 ___HD C:\Program Files\InstallShield Installation Information
2016-12-31 14:46 - 2016-09-07 02:29 - 00000000 ____D C:\Program Files\Samsung
2016-12-30 00:39 - 2015-03-24 18:44 - 00000000 ___RD C:\Users\g\Favorites
2016-12-29 23:41 - 2016-07-07 16:04 - 00000000 ____D C:\Users\g\Downloads\Nouveau dossier
2016-12-29 01:13 - 2009-07-14 02:37 - 00000000 ____D C:\Windows\Help
2016-12-29 01:11 - 2009-07-14 02:37 - 00000000 __RSD C:\Windows\assembly
2016-12-29 00:25 - 2009-07-14 02:37 - 00000000 __RSD C:\Windows\Fonts
2016-12-28 21:50 - 2009-07-14 04:52 - 00000000 ____D C:\Windows\twain_32
2016-12-27 18:03 - 2015-03-25 17:32 - 00000000 ____D C:\Users\g\AppData\Roaming\vlc
2016-12-24 20:03 - 2015-03-25 20:44 - 00000000 ____D C:\ProgramData\Skype
2016-12-24 20:02 - 2015-03-25 20:44 - 00000000 ___RD C:\Program Files\Skype
2016-12-24 20:02 - 2015-03-25 20:44 - 00000000 ____D C:\Users\g\AppData\Roaming\Skype
2016-12-24 20:02 - 2009-07-14 02:37 - 00000000 ____D C:\Program Files\Common Files
2016-12-24 19:32 - 2016-09-07 02:27 - 00000000 ____D C:\ProgramData\Samsung
2016-12-24 19:29 - 2016-01-04 03:23 - 00000000 ____D C:\Users\g\AppData\Local\Downloaded Installations
2016-12-24 16:30 - 2015-03-24 18:44 - 00000000 ____D C:\Users\g
2016-12-24 02:10 - 2015-12-12 11:50 - 00000820 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2016-12-24 02:10 - 2015-03-25 15:28 - 00000000 ____D C:\Program Files\Google
2016-12-24 01:23 - 2015-03-27 05:12 - 00000000 ____D C:\ProgramData\Package Cache
2016-12-23 03:09 - 2015-03-25 15:36 - 00000000 ____D C:\ProgramData\IObit
2016-12-23 02:52 - 2015-12-27 13:03 - 00000000 ____D C:\Program Files\iTunes
2016-12-23 02:52 - 2015-12-27 12:56 - 00000000 ____D C:\Program Files\Common Files\Apple
2016-12-23 02:45 - 2015-12-27 12:59 - 00000000 ____D C:\Program Files\Apple Software Update
2016-12-23 02:31 - 2016-01-04 00:43 - 00000000 ____D C:\Program Files\Common Files\Research In Motion
2016-12-23 02:24 - 2016-01-04 00:50 - 00000000 ____D C:\Users\g\AppData\Local\Research In Motion
2016-12-23 02:24 - 2016-01-04 00:43 - 00000000 ____D C:\Program Files\Common Files\XCPCSync.OEM
2016-12-23 02:23 - 2016-01-04 00:45 - 00002009 _____ C:\Users\g\AppData\Roaming\Rim.Desktop.HttpServerSetup.log
2016-12-23 02:22 - 2015-03-24 18:44 - 00000000 ___SD C:\Users\g\AppData\Roaming\Microsoft
2016-12-23 02:15 - 2015-10-05 23:10 - 00000000 ____D C:\Program Files\VMware
2016-12-23 02:15 - 2015-10-05 12:11 - 00000000 ____D C:\ProgramData\VMware
2016-12-23 02:05 - 2015-10-05 13:55 - 00000000 ____D C:\Users\g\AppData\Roaming\VMware
2016-12-22 14:41 - 2015-08-05 18:06 - 00000000 ____D C:\SWsetup
2016-12-22 02:00 - 2009-07-14 02:04 - 00000612 _____ C:\Windows\win.ini
2016-12-22 01:53 - 2015-08-05 18:06 - 00000000 ____D C:\Intel
2016-12-22 01:22 - 2009-07-14 02:37 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories
2016-12-19 20:15 - 2015-05-28 12:03 - 00000000 ____D C:\Program Files\Common Files\Adobe AIR
2016-12-19 20:14 - 2015-10-05 14:14 - 00802904 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
2016-12-19 20:13 - 2015-10-05 14:14 - 00144472 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl
2016-12-19 20:13 - 2015-03-25 17:10 - 00000000 ____D C:\Windows\system32\Macromed
2016-12-18 20:51 - 2016-08-23 20:45 - 00000000 ____D C:\Users\g\Desktop\bluetooth
2016-12-18 20:50 - 2015-05-03 21:34 - 00000000 ____D C:\Users\g\Desktop\flach
==================== Fichiers à la racine de certains dossiers =======
2016-04-04 21:12 - 2016-04-04 21:28 - 0002579 _____ () C:\Users\g\AppData\Roaming\droid4xinstaller.log
2016-01-04 00:50 - 2016-02-07 05:12 - 0001001 _____ () C:\Users\g\AppData\Roaming\Rim.Desktop.Exception.log
2016-01-04 00:45 - 2016-12-23 02:23 - 0002009 _____ () C:\Users\g\AppData\Roaming\Rim.Desktop.HttpServerSetup.log
2016-01-04 00:50 - 2016-02-07 05:12 - 0001001 _____ () C:\Users\g\AppData\Roaming\Rim.DesktopHelper.Exception.log
2016-02-04 23:25 - 2016-02-04 23:25 - 0000001 _____ () C:\Users\g\AppData\Local\llftool.4.25.agreement
2016-01-10 00:34 - 2016-02-01 02:45 - 0005676 _____ () C:\Users\g\AppData\Local\mbt-actwiz.log
2017-01-17 19:01 - 2017-01-17 19:01 - 0000000 ____H () C:\ProgramData\cm-lock
2017-01-16 17:12 - 2017-01-16 17:12 - 0014501 _____ () C:\ProgramData\Duplicaterecord.js
Fichiers à déplacer ou supprimer:
====================
C:\ProgramData\Duplicaterecord.js
Certains fichiers dans TEMP:
====================
C:\Users\g\AppData\Local\Temp\Baidu_Secure_SystemUp_5.1.3.131061.exe
==================== Bamital & volsnap ======================
(Il n'y a pas de correction automatique pour les fichiers qui ne satisfont pas à la vérification.)
C:\Windows\explorer.exe => Le fichier est signé numériquement
C:\Windows\system32\winlogon.exe => Le fichier est signé numériquement
C:\Windows\system32\wininit.exe => Le fichier est signé numériquement
C:\Windows\system32\svchost.exe => Le fichier est signé numériquement
C:\Windows\system32\services.exe => Le fichier est signé numériquement
C:\Windows\system32\User32.dll => Le fichier est signé numériquement
C:\Windows\system32\userinit.exe => Le fichier est signé numériquement
C:\Windows\system32\rpcss.dll => Le fichier est signé numériquement
C:\Windows\system32\dnsapi.dll => Le fichier est signé numériquement
C:\Windows\system32\Drivers\volsnap.sys => Le fichier est signé numériquement
LastRegBack: 2017-01-14 23:24
==================== Fin de FRST.txt ============================