Publicité
Publicité
Format du document : text/plain
Prévisualisation
Résultats d'analyse de Farbar Recovery Scan Tool (FRST) (x86) Version: 13-03-2017
Exécuté par H3DMi (administrateur) sur WHOAMI (13-03-2017 21:31:08)
Exécuté depuis C:\Users\H3DMi\Desktop
Profils chargés: H3DMi (Profils disponibles: H3DMi)
Platform: Microsoft Windows 7 Ultimate (X86) Langue: French (France)
Internet Explorer Version 9 (Navigateur par défaut: Chrome)
Mode d'amorçage: Normal
Tutoriel pour Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processus (Avec liste blanche) =================
(Si un élément est inclus dans le fichier fixlist.txt, le processus sera arrêté. Le fichier ne sera pas déplacé.)
==================== Registre (Avec liste blanche) ====================
(Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé. Le fichier ne sera pas déplacé.)
HKU\S-1-5-21-1480127630-421335790-3021902173-1000\...\Policies\Explorer: [LinkResolveIgnoreLinkInfo] 1
HKU\S-1-5-21-1480127630-421335790-3021902173-1000\...\Policies\Explorer: [NoResolveSearch] 1
HKU\S-1-5-21-1480127630-421335790-3021902173-1000\...\Policies\Explorer: [NoInternetOpenWith] 1
HKU\S-1-5-21-1480127630-421335790-3021902173-1000\...\Policies\Explorer: [NoCommonGroups] 0
HKU\S-1-5-21-1480127630-421335790-3021902173-1000\...\Policies\Explorer: []
HKU\S-1-5-21-1480127630-421335790-3021902173-1000\...\Policies\Explorer: [NolowDiskSpaceChecks] 1
HKU\S-1-5-21-1480127630-421335790-3021902173-1000\...\Policies\Explorer: [DisallowRun] 0
HKU\S-1-5-21-1480127630-421335790-3021902173-1000\...\MountPoints2: E - E:\AutoRun.exe
HKU\S-1-5-21-1480127630-421335790-3021902173-1000\...\MountPoints2: {0a93b4ef-d541-11e4-8413-aed48c87bd5e} - F:\AutoRun.exe
HKU\S-1-5-21-1480127630-421335790-3021902173-1000\...\MountPoints2: {0f06fd68-ca72-11e4-b2fd-ebe72102d13e} - E:\AutoRun.exe
HKU\S-1-5-21-1480127630-421335790-3021902173-1000\...\MountPoints2: {1197aa7b-cfcf-11e5-8062-089e0186902f} - E:\AutoRun.exe
HKU\S-1-5-21-1480127630-421335790-3021902173-1000\...\MountPoints2: {1ca08800-a76b-11e6-aac1-089e0186902f} - E:\Lenovo_Suite.exe
HKU\S-1-5-21-1480127630-421335790-3021902173-1000\...\MountPoints2: {27895565-4c68-11e6-aced-969c59b5993c} - E:\Lenovo_Suite.exe
HKU\S-1-5-21-1480127630-421335790-3021902173-1000\...\MountPoints2: {499406fb-a9e5-11e4-adb6-344b50b7efb4} - E:\AutoRun.exe
HKU\S-1-5-21-1480127630-421335790-3021902173-1000\...\MountPoints2: {6ce8cde1-859b-11e6-b1bd-fe52bbe3893e} - E:\AutoRun.exe
HKU\S-1-5-21-1480127630-421335790-3021902173-1000\...\MountPoints2: {6ce8cdf1-859b-11e6-b1bd-965f39873e0a} - E:\AutoRun.exe
HKU\S-1-5-21-1480127630-421335790-3021902173-1000\...\MountPoints2: {6ce8ce0d-859b-11e6-b1bd-965f39873e0a} - E:\AutoRun.exe
HKU\S-1-5-21-1480127630-421335790-3021902173-1000\...\MountPoints2: {6ce8ce33-859b-11e6-b1bd-965f39873e0a} - E:\AutoRun.exe
HKU\S-1-5-21-1480127630-421335790-3021902173-1000\...\MountPoints2: {91956b0e-b2d3-11e5-ad90-fb672576f368} - E:\AutoRun.exe
HKU\S-1-5-21-1480127630-421335790-3021902173-1000\...\MountPoints2: {ad29c5f3-4017-11e6-a637-f83cff23fb3d} - E:\Lenovo_Suite.exe
HKU\S-1-5-21-1480127630-421335790-3021902173-1000\...\MountPoints2: {cc7f26c5-b0a3-11e4-9b42-001e101f9843} - E:\AutoRun.exe
HKU\S-1-5-21-1480127630-421335790-3021902173-1000\...\MountPoints2: {de53e372-98da-11e5-a67a-089e0186902f} - E:\AutoRun.exe
HKU\S-1-5-21-1480127630-421335790-3021902173-1000\...\MountPoints2: {ea901d67-c315-11e4-a2a8-98b45133b859} - E:\EMP_UDSe.exe /autorun
HKU\S-1-5-21-1480127630-421335790-3021902173-1000\...\MountPoints2: {f7003d02-8e8e-11e5-a529-b8763f109ebd} - E:\Auto.exe
ShellIconOverlayIdentifiers: [ IDM Shell Extension] -> {CDC95B92-E27C-4745-A8C5-64A52A78855D} => C:\Program Files\Internet Download Manager\IDMShellExt.dll [2015-08-14] (Tonec Inc.)
ShellIconOverlayIdentifiers: [###MegaShellExtPending] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => C:\Users\H3DMi\AppData\Local\MEGAsync\ShellExtX32.dll [2014-05-01] ()
ShellIconOverlayIdentifiers: [###MegaShellExtSynced] -> {05B38830-F4E9-4329-978B-1DD28605D202} => C:\Users\H3DMi\AppData\Local\MEGAsync\ShellExtX32.dll [2014-05-01] ()
ShellIconOverlayIdentifiers: [###MegaShellExtSyncing] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => C:\Users\H3DMi\AppData\Local\MEGAsync\ShellExtX32.dll [2014-05-01] ()
ShellIconOverlayIdentifiers: [AutoCAD Digital Signatures Icon Overlay Handler] -> {36A21736-36C2-4C11-8ACB-D4136F2B57BD} => C:\Windows\system32\AcSignIcon.dll [2015-02-06] (Autodesk, Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\ctfmon.exe - Raccourci.lnk [2015-10-16]
ShortcutTarget: ctfmon.exe - Raccourci.lnk -> C:\Windows\System32\ctfmon.exe (Microsoft Corporation)
GroupPolicy: Restriction - Chrome <======= ATTENTION
GroupPolicyScripts: Restriction <======= ATTENTION
GroupPolicyScripts\User: Restriction <======= ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Restriction <======= ATTENTION
==================== Internet (Avec liste blanche) ====================
(Si un élément est inclus dans le fichier fixlist.txt, s'il s'agit d'un élément du Registre, il sera supprimé ou restauré à la valeur par défaut.)
Hosts: Il y a plus d'un élément dans hosts. Voir la section Hosts de Addition.txt
Tcpip\..\Interfaces\{0163E39C-FBDE-47D9-96E5-7C000E2F3BCC}: [DhcpNameServer] 192.168.42.129
Tcpip\..\Interfaces\{687F5CCF-2443-4529-AE52-E8867D848168}: [NameServer] 192.168.4.220 209.244.0.3
Tcpip\..\Interfaces\{8132F200-A0AA-4ABE-B35F-958682D7E250}: [DhcpNameServer] 192.168.0.1 192.168.0.1
Tcpip\..\Interfaces\{95DAD448-57B5-42A6-A24E-198790239963}: [NameServer] 192.168.4.220 209.244.0.3
Tcpip\..\Interfaces\{ADB0968D-4B22-40EB-A71A-2B6EB777CEA0}: [NameServer] 192.168.1.1
Tcpip\..\Interfaces\{CD7F218B-20A8-4DD3-8B58-FC6EE2808D5D}: [NameServer] 192.168.4.220 209.244.0.3
Tcpip\..\Interfaces\{FB9165DD-4036-4DC9-BD39-10D902A7A032}: [NameServer] 192.168.1.1
Internet Explorer:
==================
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com
HKU\S-1-5-21-1480127630-421335790-3021902173-1000\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.fr
HKU\S-1-5-21-1480127630-421335790-3021902173-1000\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com/keyword/%s
BHO: Pas de nom -> {0055C089-8582-441B-A0BF-17B458C2A3A8} -> Pas de fichier
BHO: Dashlane BHO -> {42D79B50-CC4A-4A8E-860F-BE674AF053A2} -> C:\Users\H3DMi\AppData\Roaming\Dashlane\ie\Dashlanei.dll [2016-11-10] (Dashlane, Inc.)
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [2010-03-25] (Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_121\bin\ssv.dll [2017-02-02] (Oracle Corporation)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-08-18] (Microsoft Corporation)
BHO: Evernote extension -> {92EF2EAD-A7CE-4424-B0DB-499CF856608E} -> C:\Program Files\Evernote\Evernote\EvernoteIE.dll [2016-09-23] (Evernote Corp., 305 Walnut Street, Redwood City, CA 94063)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2010-02-28] (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_121\bin\jp2ssv.dll [2017-02-02] (Oracle Corporation)
Toolbar: HKLM - Dashlane Toolbar - {669695BC-A811-4A9D-8CDF-BA8C795F261C} - C:\Users\H3DMi\AppData\Roaming\Dashlane\ie\KWIEBar.dll [2016-11-10] (Dashlane, Inc.)
DPF: {CAFEEFAC-0016-0000-0045-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_45-windows-i586.cab
DPF: {CAFEEFAC-0018-0000-00102-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.8.0/jinstall-1_8_0_102-windows-i586.cab
DPF: {CAFEEFAC-0018-0000-00111-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.8.0/jinstall-1_8_0_111-windows-i586.cab
Handler: dialux - {8352FA4C-39C6-11D3-ADBA-00A0244FB1A2} - C:\Program Files\DIALux\DLXToolBox.dll [2007-08-29] (DIAL GmbH, Germany)
FireFox:
========
FF DefaultProfile: 6ygr6dan.default
FF DefaultProfile: h4bib0ss@gmail.com
FF ProfilePath: C:\Users\H3DMi\AppData\Roaming\Mozilla\SeaMonkey\Profiles\6ygr6dan.default [2017-03-10]
FF Extension: (MEGA) - C:\Users\H3DMi\AppData\Roaming\Mozilla\SeaMonkey\Profiles\6ygr6dan.default\Extensions\firefox@mega.co.nz.xpi [2016-04-01]
FF Extension: (DOM Inspector) - C:\Users\H3DMi\AppData\Roaming\Mozilla\SeaMonkey\Profiles\6ygr6dan.default\Extensions\inspector@mozilla.org [2016-04-27]
FF Extension: (ChatZilla) - C:\Users\H3DMi\AppData\Roaming\Mozilla\SeaMonkey\Profiles\6ygr6dan.default\Extensions\{59c81df5-4b7a-477b-912d-4e0fdf64e5f2} [2016-11-11]
FF Extension: (Adblock Plus) - C:\Users\H3DMi\AppData\Roaming\Mozilla\SeaMonkey\Profiles\6ygr6dan.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2016-11-24]
FF ProfilePath: C:\Users\H3DMi\AppData\Roaming\Mozilla\Firefox\Profiles\n4lzkus9.default [2017-03-12]
FF NetworkProxy: Mozilla\Firefox\Profiles\n4lzkus9.default -> backup.ftp", "192.30.136.222"
FF NetworkProxy: Mozilla\Firefox\Profiles\n4lzkus9.default -> backup.ftp_port", 80
FF NetworkProxy: Mozilla\Firefox\Profiles\n4lzkus9.default -> backup.socks", "192.30.136.222"
FF NetworkProxy: Mozilla\Firefox\Profiles\n4lzkus9.default -> backup.socks_port", 80
FF NetworkProxy: Mozilla\Firefox\Profiles\n4lzkus9.default -> backup.ssl", "192.30.136.222"
FF NetworkProxy: Mozilla\Firefox\Profiles\n4lzkus9.default -> backup.ssl_port", 80
FF NetworkProxy: Mozilla\Firefox\Profiles\n4lzkus9.default -> ftp", "mehide.org"
FF NetworkProxy: Mozilla\Firefox\Profiles\n4lzkus9.default -> ftp_port", 80
FF NetworkProxy: Mozilla\Firefox\Profiles\n4lzkus9.default -> share_proxy_settings", true
FF NetworkProxy: Mozilla\Firefox\Profiles\n4lzkus9.default -> socks", "mehide.org"
FF NetworkProxy: Mozilla\Firefox\Profiles\n4lzkus9.default -> socks_port", 80
FF NetworkProxy: Mozilla\Firefox\Profiles\n4lzkus9.default -> ssl", "mehide.org"
FF NetworkProxy: Mozilla\Firefox\Profiles\n4lzkus9.default -> ssl_port", 80
FF NetworkProxy: Mozilla\Firefox\Profiles\n4lzkus9.default -> type", 0
FF Extension: (ADB Helper) - C:\Users\H3DMi\AppData\Roaming\Mozilla\Firefox\Profiles\n4lzkus9.default\Extensions\adbhelper@mozilla.org [2015-07-04]
FF Extension: (Valence) - C:\Users\H3DMi\AppData\Roaming\Mozilla\Firefox\Profiles\n4lzkus9.default\Extensions\fxdevtools-adapters@mozilla.org [2015-10-21]
FF Extension: (Dashlane) - C:\Users\H3DMi\AppData\Roaming\Mozilla\Firefox\Profiles\n4lzkus9.default\Extensions\jetpack-extension@dashlane.com.xpi [2016-11-10]
FF Extension: (Unseen) - C:\Users\H3DMi\AppData\Roaming\Mozilla\Firefox\Profiles\n4lzkus9.default\Extensions\unseen@tangrs.xpi [2015-05-29]
FF Extension: (Adblock Plus) - C:\Users\H3DMi\AppData\Roaming\Mozilla\Firefox\Profiles\n4lzkus9.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2015-12-17]
FF ProfilePath: C:\Users\H3DMi\AppData\Roaming\Mozilla\Firefox\Profiles\kvswwnbu.default-1471771572293 [2017-03-12]
FF Extension: (Dashlane) - C:\Users\H3DMi\AppData\Roaming\Mozilla\Firefox\Profiles\kvswwnbu.default-1471771572293\Extensions\jetpack-extension@dashlane.com.xpi [2016-11-10]
FF Extension: (Pas de nom) - C:\Users\H3DMi\AppData\Roaming\Mozilla\Firefox\Profiles\kvswwnbu.default-1471771572293\extensions\ascsurfingprotection@iobit.com [non trouvé(e)]
FF Extension: (Pas de nom) - C:\Program Files\IObit Apps Toolbar\FF [non trouvé(e)]
FF Extension: (Java Console) - C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0045-ABCDEFFEDCBA} [2016-11-01] [non signé]
FF HKU\S-1-5-21-1480127630-421335790-3021902173-1000\...\Firefox\Extensions: [mozilla_cc2@internetdownloadmanager.com] - C:\Program Files\Internet Download Manager\idmmzcc2.xpi
FF Extension: (IDM integration) - C:\Program Files\Internet Download Manager\idmmzcc2.xpi [2015-10-02]
FF HKU\S-1-5-21-1480127630-421335790-3021902173-1000\...\SeaMonkey\Extensions: [mozilla_cc2@internetdownloadmanager.com] - C:\Program Files\Internet Download Manager\idmmzcc2.xpi
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32_24_0_0_186.dll [2017-02-01] ()
FF Plugin: @Google.com/GoogleEarthPlugin -> C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll [2013-09-05] (Google)
FF Plugin: @graphisoft.com/GDL Web Plug-in -> C:\Program Files\GRAPHISOFT\GDLWebControl\npGDLMozilla.dll [2012-06-27] (Graphisoft SE)
FF Plugin: @java.com/DTPlugin,version=11.121.2 -> C:\Program Files\Java\jre1.8.0_121\bin\dtplugin\npDeployJava1.dll [2017-02-02] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.121.2 -> C:\Program Files\Java\jre1.8.0_121\bin\plugin2\npjp2.dll [2017-02-02] (Oracle Corporation)
FF Plugin: @ma-config.com/HardwareDetection -> C:\Program Files\ma-config.com\nphardwaredetection.dll [2010-09-12] (Cybelsoft)
FF Plugin: @microsoft.com/GENUINE -> disabled [Pas de fichier]
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\Program Files\Microsoft Office\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin: @t.garena.com/garenatalk -> C:\Program Files\Garena Plus\bbtalk\plugins\npPlugin\npGarenaTalkPlugin.dll [2016-05-26] ( Garena)
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2017-02-28] (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2017-02-28] (Google Inc.)
FF Plugin: @videolan.org/vlc,version=2.2.2 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.2.3 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.2.4 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2014-12-03] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-1480127630-421335790-3021902173-1000: @my.com/Games -> C:\Users\H3DMi\AppData\Local\MyComGames\NPMyComDetector.dll [2016-04-08] (MY.COM B.V.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\np-mswmp.dll [2008-11-07] (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\np32asw.dll [2004-07-02] (Macromedia, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npFoxitReaderPlugin.dll [2010-07-07] (Foxit Software Company)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npLegitCheckPlugin.dll [2009-06-25] (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npnul32.dll [2010-10-27] (mozilla.org)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npOGAPlugin.dll [2009-08-03] (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nppdf32.dll [2014-12-03] (Adobe Systems Inc.)
FF ExtraCheck: C:\Program Files\mozilla firefox\defaults\pref\firefox-branding.js [2010-10-27]
FF ExtraCheck: C:\Program Files\mozilla firefox\defaults\pref\firefox-l10n.js [2010-10-27]
FF ExtraCheck: C:\Program Files\mozilla firefox\defaults\pref\firefox.js [2010-11-02]
FF ExtraCheck: C:\Program Files\mozilla firefox\defaults\pref\reporter.js [2010-10-27]
Chrome:
=======
CHR DefaultProfile: Default
CHR Profile: C:\Users\H3DMi\AppData\Local\Google\Chrome\User Data\Default [2017-03-13]
CHR Extension: (Google Slides) - C:\Users\H3DMi\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2016-03-09]
CHR Extension: (Google Docs) - C:\Users\H3DMi\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2016-03-09]
CHR Extension: (Google Drive) - C:\Users\H3DMi\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-03-09]
CHR Extension: (YouTube) - C:\Users\H3DMi\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-03-09]
CHR Extension: (Adblock Plus) - C:\Users\H3DMi\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2016-10-26]
CHR Extension: (Recherche Google) - C:\Users\H3DMi\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2016-03-09]
CHR Extension: (Tampermonkey) - C:\Users\H3DMi\AppData\Local\Google\Chrome\User Data\Default\Extensions\dhdgffkkebhmkfjojejmpbldmpobfkfo [2017-01-03]
CHR Extension: (Dashlane) - C:\Users\H3DMi\AppData\Local\Google\Chrome\User Data\Default\Extensions\fdjamakpfbbddfjaooikfcpapjohcfmg [2017-03-02]
CHR Extension: (Google Sheets) - C:\Users\H3DMi\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2016-03-09]
CHR Extension: (Google Docs hors connexion) - C:\Users\H3DMi\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-03-15]
CHR Extension: (Facebook - Delete All Messages) - C:\Users\H3DMi\AppData\Local\Google\Chrome\User Data\Default\Extensions\hgiidlnejdlfoacoeleopkljhbckmlko [2017-03-08]
CHR Extension: (Unseen) - C:\Users\H3DMi\AppData\Local\Google\Chrome\User Data\Default\Extensions\iicapmagmhahddefgokbabbgieiogjop [2017-03-11]
CHR Extension: (IDM Integration Module) - C:\Users\H3DMi\AppData\Local\Google\Chrome\User Data\Default\Extensions\ngpampappnmepgilojfohadhhmbhlaek [2016-12-11]
CHR Extension: (Paiements via le Chrome Web Store) - C:\Users\H3DMi\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-03-09]
CHR Extension: (Gmail) - C:\Users\H3DMi\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-03-09]
CHR Extension: (Chrome Media Router) - C:\Users\H3DMi\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-03-01]
CHR Profile: C:\Users\H3DMi\AppData\Local\Google\Chrome\User Data\System Profile [2017-03-10]
CHR HKLM\...\Chrome\Extension: [ngpampappnmepgilojfohadhhmbhlaek] - C:\Program Files\Internet Download Manager\IDMGCExt.crx [2015-10-16]
CHR HKU\S-1-5-21-1480127630-421335790-3021902173-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [dhdgffkkebhmkfjojejmpbldmpobfkfo] - hxxp://clients2.google.com/service/update2/crx
Opera:
=======
OPR Extension: (SaveFrom.net helper) - C:\Users\H3DMi\AppData\Roaming\Opera Software\Opera Stable\Extensions\npdpplbicnmpoigidfdjadamgfkilaak [2016-11-28]
StartMenuInternet: (HKLM) Operadeveloper - C:\Program Files\Opera developer\Launcher.exe
==================== Services (Avec liste blanche) ====================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
S3 ABBYY.Licensing.FineReader.Sprint.9.0; C:\Program Files\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe [759048 2009-05-14] (ABBYY)
S3 AdAppMgrSvc; C:\Program Files\Common Files\Autodesk Shared\AppManager\R1\AdAppMgrSvc.exe [1145928 2016-02-24] (Autodesk Inc.)
S3 AdvancedSystemCareService9; C:\Program Files\IObit\Advanced SystemCare Ultimate\ASCService.exe [456480 2016-05-30] (IObit)
S3 AMD FUEL Service; C:\Program Files\AMD\ATI.ACE\Fuel\Fuel.Service.exe [276992 2015-08-04] (Advanced Micro Devices, Inc.) [Fichier non signé]
S3 ASCAntivirusSrv; C:\Program Files\IObit\Advanced SystemCare Ultimate\ascavsvc.exe [1828640 2016-07-18] (IObit)
S3 AtherosSvc; C:\Program Files\Bluetooth Suite\adminservice.exe [85664 2012-02-28] (Atheros Commnucations) [Fichier non signé]
S3 Autodesk Content Service; C:\Program Files\Autodesk\Content Service\Connect.Service.ContentService.exe [31160 2015-02-05] (Autodesk, Inc.)
S3 Autodesk Licensing Service; C:\Program Files\Common Files\Autodesk Shared\Service\AdskScSrv.exe [72704 2015-01-22] (Autodesk) [Fichier non signé]
S3 c2cautoupdatesvc; C:\Program Files\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1390720 2014-04-11] (Microsoft Corporation)
S3 c2cpnrsvc; C:\Program Files\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1764992 2014-04-11] (Microsoft Corporation)
S3 cfbackd; C:\Program Files\CleverFiles\Disk Drill\cfbackd.w32.exe [211520 2014-08-31] (CleverFiles)
S3 CGVPNCliService; C:\Program Files\CyberGhost 5\Service.exe [64616 2014-11-03] (CyberGhost S.R.L)
S3 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [1776216 2015-08-15] (Microsoft Corporation)
S3 cmcore; c:\program files\cmcm\Clean Master\cmcore.exe [315240 2015-06-14] (Kingsoft Corporation)
S3 CodeMeter.exe; C:\Program Files\CodeMeter\Runtime\bin\CodeMeter.exe [2368912 2011-12-16] (WIBU-SYSTEMS AG)
S3 Connectify; C:\Program Files\Connectify\ConnectifyService.exe [254520 2017-02-22] (Connectify)
S3 D_Link_DWA-125; C:\Program Files\D-Link\DWA-125 revA\ANIWZCSdS.exe [126976 2010-04-21] (Wireless Service) [Fichier non signé]
S3 D_Link_DWA-125_WPS; C:\Program Files\D-Link\DWA-125 revA\ANIWConnService.exe [53248 2010-03-03] () [Fichier non signé]
S3 EMP_UDSA; C:\Program Files\EPSON Projector\EPSON USB Display V1.4\EMP_UDSA.exe [94208 2008-05-28] (SEIKO EPSON CORPORATION) [Fichier non signé]
S3 ePowerSvc; C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe [738688 2012-02-07] (Acer Incorporated)
S3 EpsonScanSvc; C:\Windows\system32\EscSvc.exe [122000 2011-12-12] (Seiko Epson Corporation)
S3 FLEXnet Licensing Service; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [1104128 2016-02-26] (Flexera Software LLC)
S3 Hamachi2Svc; C:\Program Files\LogMeIn Hamachi\hamachi-2.exe [1901576 2016-07-20] (LogMeIn Inc.)
S3 hmevpnsvc; C:\Program Files\hide.me VPN\vpnsvc.exe [136400 2017-02-19] (eVenture Limited)
S3 HWDeviceService.exe; C:\ProgramData\DatacardService\HWDeviceService.exe [271712 2011-03-14] ()
S3 IDriverT; C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe [73728 2004-10-22] (Macrovision Corporation) [Fichier non signé]
S3 IMFservice; C:\Program Files\IObit\IObit Malware Fighter\IMFsrv.exe [1600800 2016-10-21] (IObit)
S3 IObitUnSvr; C:\Program Files\IObit\IObit Uninstaller\IUService.exe [360736 2016-10-28] (IObit)
S3 Lenovo EasyPlus Hotspot; C:\Program Files\Common Files\LENOVO\easyplussdk\bin\EPHotspot.exe [509424 2015-06-08] (Lenovo)
S3 LiveUpdateSvc; C:\Program Files\IObit\LiveUpdate\LiveUpdate.exe [3046688 2016-07-29] (IObit)
S3 LMIGuardianSvc; C:\Program Files\LogMeIn Hamachi\LMIGuardianSvc.exe [405424 2016-07-20] (LogMeIn, Inc.)
S3 maconfservice; C:\Program Files\ma-config.com\maconfservice.exe [251248 2010-09-12] (CybelSoft)
S3 metasploitPostgreSQL; C:\metasploit\postgresql\bin\pg_ctl.exe [79872 2017-02-21] (PostgreSQL Global Development Group) [Fichier non signé]
S3 metasploitProSvc; C:\metasploit\ruby\bin\ruby.exe [107178 2017-02-21] (hxxp://www.ruby-lang.org/) [Fichier non signé]
S3 metasploitThin; C:\metasploit\ruby\bin\ruby.exe [107178 2017-02-21] (hxxp://www.ruby-lang.org/) [Fichier non signé]
S3 metasploitWorker; C:\metasploit\ruby\bin\ruby.exe [107178 2017-02-21] (hxxp://www.ruby-lang.org/) [Fichier non signé]
S3 mi-raysat_3dsmax8; C:\Program Files\Autodesk\3dsMax8\mentalray\satellite\raysat_3dsmax8server.exe [65536 2005-09-21] () [Fichier non signé]
S3 MobiConnect. RunOuc; C:\Program Files\MobiConnect\UpdateDog\ouc.exe [656976 2013-05-21] ()
S3 MyPublicWiFiService; C:\Program Files\MyPublicWiFi\PublicWiFiService.exe [756224 2013-04-03] () [Fichier non signé]
S3 nlsvc; C:\Program Files\Locktime Software\NetLimiter 4\NLSvc.exe [253056 2015-03-04] (Locktime Software)
S3 PlaysService; C:\Program Files\Raptr Inc\PlaysTV\plays_service.exe [32528 2016-03-10] (Plays.tv, LLC)
S3 reaConverter_service; C:\Program Files\reaConverter 7 Pro\rc_service.exe [5752832 2016-11-14] (reaConverter LLC) [Fichier non signé]
S3 SEVPNCLIENT; C:\Program Files\SoftEther VPN Client\vpnclient.exe [3971528 2016-11-28] (SoftEther VPN Project at University of Tsukuba, Japan.)
S3 sgbupt; C:\Program Files\SuperBoost\SuperBoost Software Updater\SuperBoostUpdater.exe [2444608 2016-02-01] (SuperBoost Software)
S3 TeamViewer; C:\Program Files\TeamViewer\TeamViewer_Service.exe [10351856 2016-12-15] (TeamViewer GmbH)
S3 TechSmith Uploader Service; C:\Program Files\Common Files\TechSmith Shared\Uploader\UploaderService.exe [3408384 2015-01-26] (TechSmith Corporation) [Fichier non signé]
S3 Themes; C:\Windows\system32\themeservice.dll [37376 2009-10-26] (Microsoft Corporation) [Fichier non signé]
S3 uSHAREitSvc; C:\Program Files\SHAREit Technologies\SHAREit\SHAREit.Service.exe [33224 2016-09-23] (SHAREit Technologies Co.Ltd)
S3 VMAuthdService; C:\Program Files\VMware\VMware Workstation\vmware-authd.exe [86096 2013-08-27] (VMware, Inc.)
S3 VMnetDHCP; C:\Windows\system32\vmnetdhcp.exe [358480 2013-08-27] (VMware, Inc.)
S3 VMUSBArbService; C:\Program Files\Common Files\VMware\USB\vmware-usbarbitrator.exe [719416 2013-08-26] (VMware, Inc.)
S3 VMware NAT Service; C:\Windows\system32\vmnat.exe [437328 2013-08-27] (VMware, Inc.)
S3 VMwareHostd; C:\Program Files\VMware\VMware Workstation\vmware-hostd.exe [14401104 2013-08-27] ()
S3 VRLService; C:\Program Files\Chaos Group\V-Ray\3dsmax 2008 for x86\startvrlservice.exe [181248 2016-08-24] () [Fichier non signé]
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [680960 2013-05-27] (Microsoft Corporation)
S3 ZAtheros Wlan Agent; C:\Program Files\Qualcomm Atheros\Ath_WlanAgent.exe [72864 2012-01-18] (Atheros) [Fichier non signé]
===================== Pilotes (Avec liste blanche) ======================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
R3 amdhub30; C:\Windows\System32\DRIVERS\amdhub30.sys [86752 2016-04-19] (Advanced Micro Devices, INC.)
R3 amdxhc; C:\Windows\System32\DRIVERS\amdxhc.sys [179936 2016-04-19] (Advanced Micro Devices, INC.)
R0 amd_sata; C:\Windows\System32\DRIVERS\amd_sata.sys [73928 2016-04-19] (Advanced Micro Devices)
R0 amd_xata; C:\Windows\System32\DRIVERS\amd_xata.sys [36040 2016-04-19] (Advanced Micro Devices)
S3 AmUStor; C:\Windows\System32\drivers\AmUStor.SYS [75416 2016-11-10] (Alcor Micro, Corp.)
R1 anodlwf; C:\Windows\System32\DRIVERS\anodlwf.sys [12800 2009-03-06] ()
R3 AsusVBus; C:\Windows\System32\DRIVERS\AsusVBus.sys [33048 2016-11-03] (Windows (R) Win 7 DDK provider)
R3 athr; C:\Windows\System32\DRIVERS\athr.sys [3365624 2016-11-10] (Qualcomm Atheros Communications, Inc.)
R3 ATP; C:\Windows\System32\DRIVERS\AsusTP.sys [66872 2016-11-03] (ASUS Corporation)
R3 BTATH_BUS; C:\Windows\System32\DRIVERS\btath_bus.sys [25248 2012-02-28] (Atheros)
R1 cfywlan1; C:\Windows\System32\DRIVERS\cfywlan1.sys [31616 2017-03-05] (Connectify)
R1 cnnctfy3; C:\Windows\System32\DRIVERS\cnnctfy3.sys [37728 2017-03-05] (Connectify)
S3 dg_ssudbus; C:\Windows\System32\DRIVERS\ssudbus.sys [108032 2016-10-14] (Samsung Electronics Co., Ltd.)
S3 driverhardwarev2; C:\Program Files\ma-config.com\Drivers\driverhardwarev2.sys [14336 2010-08-30] (CybelSoft)
S3 eagleGet; C:\Windows\System32\Drivers\eagleGet.sys [61240 2015-04-08] (eagleGet)
R1 EpfwLWF; C:\Windows\System32\DRIVERS\EpfwLWF.sys [44608 2015-09-23] (ESET)
R3 eppvad_simple; C:\Windows\System32\drivers\EMP_UDAU.sys [17664 2008-05-14] (SEIKO EPSON CORPORATION)
R3 ETD; C:\Windows\System32\DRIVERS\ETD.sys [268176 2012-07-27] (ELAN Microelectronics Corp.)
S3 GeneStor; C:\Windows\System32\DRIVERS\GeneStor.sys [56832 2016-04-19] (GenesysLogic)
R2 gzflt; C:\Windows\System32\DRIVERS\gzflt.sys [169992 2016-03-31] (BitDefender LLC)
S3 hamachi; C:\Windows\System32\DRIVERS\hamachi.sys [27040 2016-05-06] (LogMeIn, Inc.)
R2 hcmon; C:\Windows\system32\drivers\hcmon.sys [43192 2013-08-26] (VMware, Inc.)
R0 hrfwdrv; C:\Windows\System32\DRIVERS\hrfwdrv.sys [30368 2015-06-03] (Huorong Borui (Beijing) Technology Co., Ltd.)
S3 hwdatacard; C:\Windows\System32\DRIVERS\ewusbmdm.sys [199296 2016-10-14] (MBB Technologies Co., Ltd.)
R1 HWiNFO32; C:\Windows\system32\drivers\HWiNFO32.SYS [23840 2016-04-19] (REALiX(tm))
S4 IMFFilter; C:\Program Files\IObit\IObit Malware Fighter\Drivers\win7_x86\IMFFilter.sys [21184 2016-04-01] (IObit)
S3 ksapi; C:\Windows\system32\drivers\ksapi.sys [81768 2015-06-14] (Kingsoft Corporation)
S3 massfilter; C:\Windows\System32\drivers\massfilter.sys [9216 2011-08-29] (MBB Incorporated)
R3 maxjoypad; C:\Windows\System32\DRIVERS\maxjoypad.sys [16832 2016-08-05] (Windows (R) Win 7 DDK provider)
S3 MRV6X32U; C:\Windows\System32\DRIVERS\MRVW24B.sys [310016 2007-10-28] (Marvell Semiconductor, Inc) [Fichier non signé]
R1 ndiskhaz; C:\Windows\System32\DRIVERS\ndiskhaz.sys [25416 2012-12-07] (Khalil Azzouzi)
S3 netr28u; C:\Windows\System32\DRIVERS\Dnetr28u.sys [855392 2010-05-05] (Ralink Technology Corp.)
R2 nldrv; C:\Program Files\Locktime Software\NetLimiter 4\nldrv.sys [102832 2015-03-04] (Locktime Software)
R2 npf; C:\Windows\System32\drivers\npf.sys [36600 2015-11-15] (Riverbed Technology, Inc.)
S3 ptun0901; C:\Windows\System32\DRIVERS\ptun0901.sys [23552 2014-08-08] (The OpenVPN Project)
S3 qcusbser; C:\Windows\System32\DRIVERS\qcusbser.sys [205312 2016-08-24] (QUALCOMM Incorporated)
S3 RegFilter; C:\Program Files\IObit\IObit Malware Fighter\drivers\win7_x86\regfilter.sys [32288 2016-07-27] (IObit.com)
R3 rtsuvc; C:\Windows\System32\DRIVERS\rtsuvc.sys [7253208 2016-04-19] (Realtek Semiconductor Corp.)
R1 SCDEmu; C:\Windows\system32\Drivers\SCDEmu.sys [113904 2014-10-08] (Power Software Ltd)
R0 SmartDefragDriver; C:\Windows\System32\Drivers\SmartDefragDriver.sys [18800 2016-03-22] (IObit)
S3 sprdvcom; C:\Windows\System32\DRIVERS\sprdvcom.sys [23552 2014-10-10] (SPRD Device)
R0 sptd; C:\Windows\System32\Drivers\sptd.sys [420920 2015-01-22] () [Fichier non signé]
S3 ssudmdm; C:\Windows\System32\DRIVERS\ssudmdm.sys [199936 2016-10-14] (Samsung Electronics Co., Ltd.)
S3 ssudserd; C:\Windows\System32\DRIVERS\ssudserd.sys [181912 2013-05-02] (DEVGURU Co., LTD.(www.devguru.co.kr))
S3 Trufos; C:\Windows\System32\DRIVERS\TRUFOS.sys [408280 2016-03-31] (BitDefender S.R.L.)
S3 TTDrv; D:\KOPLAYER\vbox\TTDrv.sys [212632 2016-03-24] (Oracle Corporation)
S1 VBoxNetAdp; C:\Windows\System32\DRIVERS\VBoxNetAdp6.sys [108208 2016-03-04] (Oracle Corporation)
R1 VBoxNetLwf; C:\Windows\System32\DRIVERS\VBoxNetLwf.sys [174192 2016-03-04] (Oracle Corporation)
R3 vmkbd; C:\Windows\system32\drivers\VMkbd.sys [25808 2013-08-27] (VMware, Inc.)
S3 VMnetAdapter; C:\Windows\System32\DRIVERS\vmnetadapter.sys [17104 2013-08-27] (VMware, Inc.)
R2 VMnetBridge; C:\Windows\System32\DRIVERS\vmnetbridge.sys [37456 2013-08-27] (VMware, Inc.)
R2 VMnetuserif; C:\Windows\system32\drivers\vmnetuserif.sys [26192 2013-08-27] (VMware, Inc.)
S3 vmusb; C:\Windows\System32\DRIVERS\vmusb.sys [31928 2013-08-26] (VMware, Inc.)
R2 vmx86; C:\Windows\system32\Drivers\vmx86.sys [65488 2013-08-27] (VMware, Inc.)
R0 vsock; C:\Windows\System32\drivers\vsock.sys [63824 2013-08-15] (VMware, Inc.)
R2 vstor2-mntapi20-shared; C:\Windows\System32\drivers\vstor2-mntapi20-shared.sys [23632 2013-02-22] (VMware, Inc.)
R2 WIBUKEY; C:\Windows\System32\DRIVERS\WibuKey.sys [78648 2009-12-03] (WIBU-SYSTEMS AG)
S3 XBCD; C:\Windows\System32\Drivers\xbcd.sys [117884 2005-05-13] (Redcl0ud) [Fichier non signé]
S3 cpuz138; \??\C:\Users\H3DMi\AppData\Local\Temp\cpuz138\cpuz138_x32.sys [X] <==== ATTENTION
S3 ESETCleanersDriver; pas de ImagePath
S3 gkernel; pas de ImagePath
U4 Messenger; pas de ImagePath
S1 qutmipc; pas de ImagePath
S1 sysdiag; system32\DRIVERS\sysdiag.sys [X]
==================== NetSvcs (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
==================== Un mois - Créés - fichiers et dossiers ========
(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)
2017-03-13 21:31 - 2017-03-13 21:32 - 00032676 _____ C:\Users\H3DMi\Desktop\FRST.txt
2017-03-13 21:30 - 2017-03-13 21:30 - 00000000 ____D C:\Users\H3DMi\Desktop\FRST-OlderVersion
2017-03-13 19:26 - 2017-03-13 19:26 - 00000000 ____D C:\Users\H3DMi\Downloads\Master.2016.720p.HDRip.1.10GB.x264.Ganool
2017-03-13 18:48 - 2017-03-13 21:31 - 00000000 ____D C:\FRST
2017-03-13 18:33 - 2017-03-13 21:30 - 01766912 _____ (Farbar) C:\Users\H3DMi\Desktop\FRST.exe
2017-03-13 02:12 - 2017-03-13 09:37 - 00006642 _____ C:\Users\H3DMi\Desktop\ZHPCleaner.txt
2017-03-13 01:32 - 2017-03-13 01:32 - 00000801 _____ C:\Users\H3DMi\Desktop\ZHPCleaner.lnk
2017-03-13 01:32 - 2017-03-13 01:30 - 02748928 _____ C:\Users\H3DMi\Downloads\ZHPCleaner.exe
2017-03-12 22:32 - 2017-03-12 22:32 - 00191102 _____ C:\Users\H3DMi\Desktop\rk_delete.txt
2017-03-12 22:30 - 2017-03-12 22:30 - 00010342 _____ C:\Users\H3DMi\Desktop\rk_scan.txt
2017-03-12 19:07 - 2017-03-12 19:07 - 00024688 _____ C:\Windows\system32\Drivers\TrueSight.sys
2017-03-12 19:01 - 2017-03-12 22:35 - 00000000 ____D C:\ProgramData\RogueKiller
2017-03-12 19:01 - 2017-03-12 19:01 - 00000976 _____ C:\Users\Public\Desktop\RogueKiller.lnk
2017-03-12 19:01 - 2017-03-12 19:01 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RogueKiller
2017-03-12 19:01 - 2017-03-12 19:01 - 00000000 ____D C:\Program Files\RogueKiller
2017-03-12 09:36 - 2017-03-12 09:36 - 00000000 ____D C:\Users\H3DMi\AppData\Roaming\lazagne
2017-03-12 03:05 - 2017-03-12 03:05 - 00000000 ____D C:\Users\H3DMi\Downloads\Get.Out.2017.HDCAM.700MB.x264-DiRG
2017-03-12 02:10 - 2017-03-12 02:10 - 00004201 _____ C:\Users\H3DMi\Desktop\JRT.txt
2017-03-12 02:03 - 2017-03-12 02:03 - 01663736 _____ (Malwarebytes) C:\Users\H3DMi\Desktop\JRT.exe
2017-03-12 01:32 - 2017-03-12 01:53 - 00000000 ____D C:\AdwCleaner
2017-03-12 01:28 - 2017-03-12 01:31 - 04031440 _____ C:\Users\H3DMi\Desktop\adwcleaner_6.044.exe
2017-03-12 01:11 - 2017-03-12 01:11 - 00000000 ____D C:\Users\H3DMi\Desktop\rkill
2017-03-12 01:10 - 2017-03-12 01:22 - 00004030 _____ C:\Users\H3DMi\Desktop\Rkill.txt
2017-03-11 23:10 - 2017-03-11 23:09 - 02030536 _____ (Bleeping Computer, LLC) C:\Users\H3DMi\Desktop\rkill.com
2017-03-11 23:09 - 2017-03-11 23:09 - 02030536 _____ (Bleeping Computer, LLC) C:\Users\H3DMi\Downloads\rkill.com
2017-03-11 22:21 - 2017-03-11 22:21 - 00251619 _____ C:\Users\H3DMi\Desktop\ZHPDiag.txt
2017-03-11 22:00 - 2017-03-11 22:00 - 00000789 _____ C:\Users\H3DMi\Desktop\ZHPDiag.lnk
2017-03-11 14:08 - 2017-03-11 14:08 - 00170517 _____ C:\Users\H3DMi\Downloads\romarchi.dwg
2017-03-11 12:09 - 2017-03-11 12:13 - 02377064 _____ C:\Windows\system32\FNTCACHE.DAT
2017-03-10 18:25 - 2017-03-10 18:25 - 00126256 _____ C:\Users\H3DMi\AppData\Local\GDIPFONTCACHEV1.DAT
2017-03-10 17:30 - 2017-03-13 09:37 - 00000000 ____D C:\Users\H3DMi\AppData\Roaming\ZHP
2017-03-10 16:59 - 2017-03-10 16:59 - 00002071 _____ C:\Users\H3DMi\Documents\schtasks.txt
2017-03-10 16:13 - 2017-03-10 16:13 - 00000976 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 12.lnk
2017-03-10 12:18 - 2017-03-10 12:18 - 00003372 _____ C:\Users\H3DMi\Desktop\s.a3x
2017-03-10 10:52 - 2017-03-10 10:52 - 00002809 _____ C:\Users\H3DMi\Documents\secure.html
2017-03-09 20:43 - 2017-03-09 21:25 - 00000568 _____ C:\Users\H3DMi\Documents\ayuda.html
2017-03-09 20:00 - 2017-03-09 20:34 - 00000464 _____ C:\Users\H3DMi\Documents\ayuda.txt
2017-03-09 19:22 - 2017-03-10 10:53 - 00000000 ____D C:\Program Files\HTML Help Workshop
2017-03-09 19:22 - 2017-03-09 19:22 - 00000000 ____D C:\Users\H3DMi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\HTML Help Workshop
2017-03-09 19:22 - 2017-03-09 19:22 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HTML Help Workshop
2017-03-09 18:33 - 2017-03-10 12:58 - 00000000 ____D C:\Users\H3DMi\Downloads\Gone Girl (2014)
2017-03-09 18:33 - 2017-03-09 18:34 - 00000000 ____D C:\Users\H3DMi\Downloads\Connectify Hotspot Pro+Dispatch Pro 9.0.3.32290
2017-03-08 18:20 - 2017-03-08 18:20 - 00000193 _____ C:\Windows\WORDPAD.INI
2017-03-08 09:49 - 2017-03-08 09:49 - 00000000 ____D C:\Windows\system32\URTTEMP
2017-03-08 09:48 - 2017-03-08 09:48 - 00000000 ____D C:\Users\H3DMi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\TRNSYS 16
2017-03-08 09:47 - 2017-03-08 09:48 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Trnsys 16
2017-03-08 09:46 - 2017-03-08 09:53 - 00000000 ____D C:\Program Files\Trnsys16
2017-03-06 15:54 - 2017-03-06 16:39 - 14465505 _____ C:\Users\H3DMi\Documents\Drawing2 (1)_recover000.dwg
2017-03-06 15:41 - 2017-03-06 15:41 - 14462122 _____ C:\Users\H3DMi\Documents\Drawing2 (1)_recover.dwg
2017-03-06 15:35 - 2017-03-06 16:15 - 14497392 _____ C:\Users\H3DMi\Documents\Drawing2 (1).dwg
2017-03-06 15:35 - 2017-03-06 15:54 - 14494961 _____ C:\Users\H3DMi\Documents\Drawing2 (1).bak
2017-03-05 16:50 - 2017-03-06 17:14 - 00000488 _____ C:\Users\H3DMi\Documents\acad.err
2017-03-05 13:10 - 2017-03-05 13:10 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Connectify 2017
2017-03-05 13:09 - 2017-03-05 13:09 - 00037728 _____ (Connectify) C:\Windows\system32\Drivers\cnnctfy3.sys
2017-03-05 13:09 - 2017-03-05 13:09 - 00031616 _____ (Connectify) C:\Windows\system32\Drivers\cfywlan1.sys
2017-03-05 13:09 - 2017-03-05 13:09 - 00000000 ____D C:\Program Files\Connectify
2017-03-05 13:04 - 2017-03-05 13:11 - 00000000 ____D C:\ProgramData\Connectify
2017-03-04 12:01 - 2017-03-04 12:01 - 00000000 ____D C:\Program Files\Windows-Update
2017-03-04 12:01 - 2017-03-04 12:01 - 00000000 ____D C:\Program Files\backup
2017-03-03 23:24 - 2017-03-03 23:24 - 00000000 ____D C:\Users\H3DMi\Windows
2017-03-03 20:15 - 2017-03-03 20:15 - 00006227 _____ C:\Users\H3DMi\Downloads\create-segmentation-target.sh
2017-03-03 19:07 - 2017-03-03 19:08 - 00026106 _____ C:\Users\H3DMi\Downloads\sign.jar
2017-03-03 19:07 - 2017-03-03 19:07 - 00026112 _____ C:\Users\H3DMi\Downloads\signapk.jar
2017-03-03 17:54 - 2017-03-03 17:54 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Metasploit
2017-03-03 17:35 - 2017-03-03 17:35 - 00000000 ____D C:\Program Files\WinPcap
2017-03-03 17:33 - 2017-03-03 17:58 - 00000000 ____D C:\metasploit
2017-03-03 16:54 - 2017-03-03 17:14 - 00000000 ____D C:\Users\H3DMi\AppData\Roaming\Hide.me
2017-03-03 16:54 - 2017-03-03 16:54 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\hide.me VPN
2017-03-03 16:54 - 2017-03-03 16:54 - 00000000 ____D C:\Program Files\hide.me VPN
2017-03-03 15:47 - 2017-03-03 15:47 - 00002202 _____ C:\Users\H3DMi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2017-03-02 23:50 - 2017-03-02 23:51 - 08457318 _____ C:\Users\H3DMi\Downloads\poste.dwg
2017-03-02 13:38 - 2017-03-02 13:38 - 00000000 ____D C:\Users\H3DMi\Downloads\Ice.Age.Collision.Course.2016.1080p.BRRip.x264.AAC-ETRG
2017-03-01 22:26 - 2017-03-03 19:02 - 00000000 ____D C:\Users\H3DMi\Downloads\Disconnect (2012) [1080p]
2017-03-01 20:38 - 2017-03-01 20:44 - 00000000 ____D C:\Users\H3DMi\.gradle
2017-02-27 20:05 - 2017-02-27 20:06 - 00000000 ____D C:\Users\H3DMi\Downloads\Dr Strange 2016 DVDScr x264 Super HQ AC3 - Ghostman
2017-02-25 22:56 - 2017-03-01 20:23 - 00000055 _____ C:\Users\H3DMi\Documents\local.properties
2017-02-25 22:49 - 2017-02-25 22:49 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Android SDK Tools
2017-02-25 19:07 - 2017-02-25 19:08 - 00881984 _____ C:\Users\H3DMi\Downloads\msfvenom-backdoor-android-master.zip
2017-02-24 21:12 - 2017-02-22 12:30 - 00000000 ____D C:\Users\H3DMi\Downloads\Moana (2016) [YTS.AG]
2017-02-23 09:26 - 2017-02-23 09:26 - 00000000 ____D C:\Users\H3DMi\Documents\My EndNote Library.Data
2017-02-23 09:26 - 2017-02-23 09:26 - 00000000 _____ C:\Users\H3DMi\Documents\My EndNote Library.enl
2017-02-22 21:43 - 2017-03-10 12:17 - 00003372 _____ C:\Windows\system32\s.a3x
2017-02-22 20:05 - 2017-02-23 09:29 - 00000000 ____D C:\Users\H3DMi\AppData\Roaming\EndNote
2017-02-22 20:01 - 2017-02-27 02:20 - 00000000 ____D C:\Users\H3DMi\Downloads\EndNote X6 Bld 6348
2017-02-22 19:55 - 2017-02-22 19:55 - 00000000 ____D C:\Users\Public\Documents\EndNote
2017-02-22 19:55 - 2017-02-22 19:55 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EndNote
2017-02-22 19:55 - 2017-02-22 19:55 - 00000000 ____D C:\Program Files\Common Files\Risxtd
2017-02-22 19:55 - 2017-02-22 19:55 - 00000000 ____D C:\Program Files\Common Files\ResearchSoft
2017-02-22 19:54 - 2017-02-22 20:09 - 00000000 ____D C:\Program Files\EndNote X7
2017-02-22 19:54 - 2017-02-22 19:55 - 00000000 ____D C:\ProgramData\Thomson.ResearchSoft.Installers
2017-02-22 19:53 - 2017-02-22 19:53 - 00000000 ____D C:\Program Files\Common Files\Wise Installation Wizard
2017-02-22 19:33 - 2017-02-22 19:41 - 89324520 _____ C:\Users\H3DMi\Downloads\Thomson.Reuters.EndNote.X7.v17.0.0.7072.zip
2017-02-19 20:29 - 2017-02-19 20:29 - 00000000 ____D C:\Users\H3DMi\AndroidStudioProjects
2017-02-19 11:23 - 2017-02-19 11:23 - 00000000 ____D C:\Users\H3DMi\AppData\Roaming\JetBrains
2017-02-19 11:21 - 2017-02-19 11:21 - 00000000 ____D C:\Users\H3DMi\.AndroidStudio2.2
2017-02-19 11:20 - 2017-02-19 11:20 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Android Studio
2017-02-19 11:05 - 2017-02-25 22:48 - 00000000 ____D C:\Program Files\Android
2017-02-16 21:00 - 2017-02-16 21:00 - 00000000 ____D C:\Users\H3DMi\AppData\Roaming\Meteotest_Genossenschaft
2017-02-16 21:00 - 2017-02-16 21:00 - 00000000 ____D C:\Users\H3DMi\AppData\Roaming\Meteotest
2017-02-16 21:00 - 2017-02-16 21:00 - 00000000 ____D C:\Users\H3DMi\AppData\Local\Meteotest_Genossenschaft
2017-02-16 21:00 - 2017-02-16 21:00 - 00000000 ____D C:\ProgramData\Meteotest
2017-02-16 20:54 - 2017-02-16 20:54 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\meteonorm 7
2017-02-16 20:51 - 2017-02-16 20:51 - 00000000 ____D C:\Program Files\Meteotest
2017-02-11 17:37 - 2017-02-11 17:37 - 00000600 _____ C:\Users\H3DMi\AppData\Local\PUTTY.RND
2017-02-11 15:21 - 2017-02-17 10:40 - 00000000 ____D C:\Users\H3DMi\Documents\Macro
2017-02-11 11:43 - 2017-03-05 15:04 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2016 Tools
2017-02-11 11:37 - 2017-02-11 11:37 - 00000000 ____D C:\Program Files\Microsoft Office 15
2017-02-11 11:12 - 2017-02-11 17:37 - 00000000 ____D C:\Users\H3DMi\AppData\Local\FileZilla
==================== Un mois - Modifiés - fichiers et dossiers ========
(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)
2017-03-13 21:22 - 2016-10-13 17:21 - 00000000 ____D C:\Users\H3DMi\AppData\LocalLow\uTorrent
2017-03-13 21:22 - 2015-01-22 16:11 - 00000000 ____D C:\Users\H3DMi\AppData\Roaming\uTorrent
2017-03-13 21:21 - 2016-04-09 22:03 - 00000000 ____D C:\Users\H3DMi\AppData\Roaming\vlc
2017-03-13 21:11 - 2015-06-19 13:12 - 00760442 _____ C:\Windows\system32\perfh00A.dat
2017-03-13 21:11 - 2015-06-19 13:12 - 00165688 _____ C:\Windows\system32\perfc00A.dat
2017-03-13 21:11 - 2015-06-19 12:30 - 00712822 _____ C:\Windows\system32\perfh007.dat
2017-03-13 21:11 - 2015-06-19 12:30 - 00155520 _____ C:\Windows\system32\perfc007.dat
2017-03-13 21:11 - 2015-06-19 01:12 - 00425768 _____ C:\Windows\system32\perfh011.dat
2017-03-13 21:11 - 2015-06-19 01:12 - 00127766 _____ C:\Windows\system32\perfc011.dat
2017-03-13 21:11 - 2015-06-19 00:33 - 00623442 _____ C:\Windows\system32\perfh008.dat
2017-03-13 21:11 - 2015-06-19 00:33 - 00118484 _____ C:\Windows\system32\perfc008.dat
2017-03-13 21:11 - 2015-06-19 00:09 - 00670276 _____ C:\Windows\system32\perfh01F.dat
2017-03-13 21:11 - 2015-06-19 00:09 - 00146616 _____ C:\Windows\system32\perfc01F.dat
2017-03-13 21:11 - 2015-06-18 23:49 - 00699214 _____ C:\Windows\system32\perfh00E.dat
2017-03-13 21:11 - 2015-06-18 23:49 - 00178972 _____ C:\Windows\system32\perfc00E.dat
2017-03-13 21:11 - 2015-06-18 23:29 - 00743462 _____ C:\Windows\system32\prfh0816.dat
2017-03-13 21:11 - 2015-06-18 23:29 - 00159376 _____ C:\Windows\system32\prfc0816.dat
2017-03-13 21:11 - 2015-06-18 23:11 - 00686348 _____ C:\Windows\system32\perfh013.dat
2017-03-13 21:11 - 2015-06-18 23:11 - 00159662 _____ C:\Windows\system32\perfc013.dat
2017-03-13 21:11 - 2015-06-18 22:53 - 00523276 _____ C:\Windows\system32\perfh006.dat
2017-03-13 21:11 - 2015-06-18 22:53 - 00105270 _____ C:\Windows\system32\perfc006.dat
2017-03-13 21:11 - 2015-06-18 22:36 - 00677292 _____ C:\Windows\system32\perfh01D.dat
2017-03-13 21:11 - 2015-06-18 22:36 - 00148638 _____ C:\Windows\system32\perfc01D.dat
2017-03-13 21:11 - 2015-06-18 21:58 - 00755114 _____ C:\Windows\system32\perfh015.dat
2017-03-13 21:11 - 2015-06-18 21:58 - 00163026 _____ C:\Windows\system32\perfc015.dat
2017-03-13 21:11 - 2015-06-18 21:42 - 00728520 _____ C:\Windows\system32\prfh0416.dat
2017-03-13 21:11 - 2015-06-18 21:42 - 00154336 _____ C:\Windows\system32\prfc0416.dat
2017-03-13 21:11 - 2015-06-18 21:22 - 00755416 _____ C:\Windows\system32\perfh010.dat
2017-03-13 21:11 - 2015-06-18 21:22 - 00153534 _____ C:\Windows\system32\perfc010.dat
2017-03-13 21:11 - 2015-06-18 21:06 - 00682680 _____ C:\Windows\system32\perfh005.dat
2017-03-13 21:11 - 2015-06-18 21:06 - 00148018 _____ C:\Windows\system32\perfc005.dat
2017-03-13 21:11 - 2015-06-18 20:37 - 00389648 _____ C:\Windows\system32\prfh0804.dat
2017-03-13 21:11 - 2015-06-18 20:37 - 00125258 _____ C:\Windows\system32\prfc0804.dat
2017-03-13 21:11 - 2015-06-18 19:21 - 00492672 _____ C:\Windows\system32\perfh001.dat
2017-03-13 21:11 - 2015-06-18 19:21 - 00100438 _____ C:\Windows\system32\perfc001.dat
2017-03-13 21:11 - 2015-06-18 18:18 - 00738910 _____ C:\Windows\system32\perfh019.dat
2017-03-13 21:11 - 2015-06-18 18:18 - 00157262 _____ C:\Windows\system32\perfc019.dat
2017-03-13 21:11 - 2015-06-18 17:05 - 00404860 _____ C:\Windows\system32\perfh00D.dat
2017-03-13 21:11 - 2015-06-18 17:05 - 00090424 _____ C:\Windows\system32\perfc00D.dat
2017-03-13 21:11 - 2015-06-18 16:05 - 00407020 _____ C:\Windows\system32\prfh0404.dat
2017-03-13 21:11 - 2015-06-18 16:05 - 00120756 _____ C:\Windows\system32\prfc0404.dat
2017-03-13 21:11 - 2015-06-18 15:40 - 00438126 _____ C:\Windows\system32\perfh012.dat
2017-03-13 21:11 - 2015-06-18 15:40 - 00126050 _____ C:\Windows\system32\perfc012.dat
2017-03-13 21:11 - 2015-06-18 15:15 - 00495522 _____ C:\Windows\system32\perfh00B.dat
2017-03-13 21:11 - 2015-06-18 15:15 - 00108268 _____ C:\Windows\system32\perfc00B.dat
2017-03-13 21:11 - 2015-06-18 13:06 - 00507952 _____ C:\Windows\system32\perfh014.dat
2017-03-13 21:11 - 2015-06-18 13:06 - 00101364 _____ C:\Windows\system32\perfc014.dat
2017-03-13 21:11 - 2010-11-29 20:02 - 17752990 _____ C:\Windows\system32\PerfStringBackup.INI
2017-03-13 21:11 - 2009-07-14 09:39 - 00760558 _____ C:\Windows\system32\perfh00C.dat
2017-03-13 21:11 - 2009-07-14 09:39 - 00156220 _____ C:\Windows\system32\perfc00C.dat
2017-03-13 21:11 - 2009-07-14 03:37 - 00000000 ____D C:\Windows\inf
2017-03-13 21:09 - 2009-07-14 05:34 - 00022192 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2017-03-13 21:09 - 2009-07-14 05:34 - 00022192 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2017-03-13 18:48 - 2015-06-18 13:12 - 00000000 ____D C:\Users\H3DMi\AppData\Roaming\DMCache
2017-03-13 11:02 - 2016-04-21 17:21 - 00000000 ____D C:\Users\H3DMi\Downloads\Compressed
2017-03-13 10:37 - 2009-07-14 05:53 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2017-03-13 09:37 - 2016-11-26 10:42 - 00000000 ____D C:\Users\H3DMi\Downloads\office
2017-03-12 22:31 - 2015-01-22 15:46 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\arcai.com
2017-03-12 09:29 - 2015-10-09 16:33 - 00004417 _____ C:\Users\H3DMi\.aggressor.prop
2017-03-12 09:27 - 2016-05-01 11:07 - 00000000 ____D C:\Users\H3DMi\AppData\Local\clink
2017-03-12 02:45 - 2015-04-06 11:23 - 00000000 ____D C:\Users\H3DMi\AppData\Local\Microsoft Games
2017-03-12 01:52 - 2015-11-15 18:21 - 00000923 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Opera.lnk
2017-03-12 01:51 - 2015-04-02 20:25 - 00000000 ____D C:\Users\H3DMi\AppData\Roaming\Lavasoft
2017-03-12 01:51 - 2015-04-02 20:25 - 00000000 ____D C:\ProgramData\Lavasoft
2017-03-12 01:09 - 2015-06-23 23:21 - 00000000 ___RD C:\Users\H3DMi\Desktop\Applications
2017-03-11 20:55 - 2016-04-18 09:34 - 00000000 ____D C:\Users\H3DMi\Downloads\Video
2017-03-11 12:09 - 2015-01-22 02:06 - 00000000 ____D C:\Program Files\WinRAR
2017-03-10 18:00 - 2015-01-22 16:37 - 00000000 ____D C:\Users\H3DMi\AppData\Roaming\Notepad++
2017-03-10 17:00 - 2015-06-12 21:17 - 00000000 ____D C:\Users\H3DMi\AppData\Local\CrashDumps
2017-03-10 16:56 - 2015-01-22 01:11 - 00000000 ____D C:\Program Files\K-Lite Codec Pack
2017-03-10 16:55 - 2016-03-29 14:29 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\K-Lite Codec Pack
2017-03-10 16:13 - 2016-11-05 13:34 - 00000000 ____D C:\Program Files\TeamViewer
2017-03-10 16:13 - 2015-05-29 17:58 - 00000000 ____D C:\Users\H3DMi\AppData\Roaming\TeamViewer
2017-03-10 15:25 - 2015-06-22 16:56 - 00000000 ____D C:\Users\H3DMi\AppData\Roaming\FileZilla
2017-03-10 15:23 - 2015-06-22 16:56 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FileZilla FTP Client
2017-03-10 15:23 - 2015-06-22 16:56 - 00000000 ____D C:\Program Files\FileZilla FTP Client
2017-03-10 14:40 - 2015-01-22 02:06 - 00000000 ____D C:\Users\H3DMi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2017-03-10 14:40 - 2015-01-22 02:06 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
2017-03-10 14:36 - 2016-02-12 15:10 - 00000000 ____D C:\Program Files\NetBeans 8.1
2017-03-10 14:05 - 2016-03-20 12:10 - 00094936 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamchameleon.sys
2017-03-10 13:09 - 2016-03-20 14:07 - 00000000 ___RD C:\Users\H3DMi\Desktop\topapp
2017-03-09 19:22 - 2009-07-14 03:37 - 00000000 ____D C:\Windows\Help
2017-03-09 02:01 - 2015-11-15 19:42 - 00000464 __RSH C:\ProgramData\ntuser.pol
2017-03-08 18:14 - 2015-01-26 12:22 - 00000000 ____D C:\Users\H3DMi\Documents\Snagit
2017-03-08 09:50 - 2009-07-14 03:37 - 00000000 ____D C:\Windows\Registration
2017-03-08 09:29 - 2009-07-14 03:37 - 00000000 ____D C:\Windows\Resources
2017-03-06 15:14 - 2016-03-29 13:47 - 00000000 ____D C:\Users\H3DMi\AppData\Roaming\AIMP
2017-03-05 15:05 - 2015-06-18 13:01 - 00000000 ____D C:\Users\H3DMi\AppData\Roaming\IDM
2017-03-05 12:56 - 2015-04-04 20:10 - 00000496 _____ C:\Windows\system32\Drivers\etc\hosts.ics
2017-03-05 00:16 - 2015-06-13 12:36 - 00000000 ____D C:\Users\H3DMi\AppData\Local\VMware
2017-03-05 00:16 - 2015-02-22 03:01 - 00000000 ____D C:\Users\H3DMi\AppData\Roaming\VMware
2017-03-03 23:24 - 2015-01-22 01:07 - 00000000 ____D C:\Users\H3DMi
2017-03-03 16:55 - 2016-07-01 12:26 - 00000000 ____D C:\Users\H3DMi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup (Disabled by AnVir)
2017-03-01 23:39 - 2015-02-20 18:43 - 00000000 ____D C:\Users\H3DMi\AppData\Roaming\Skype
2017-02-27 21:26 - 2016-03-29 17:47 - 00000000 ____D C:\Program Files\SeaMonkey
2017-02-26 00:04 - 2016-09-03 14:23 - 00000187 _____ C:\Users\H3DMi\Documents\presistance.sh
2017-02-19 19:56 - 2015-04-17 00:45 - 00000000 ____D C:\Users\H3DMi\.android
2017-02-19 11:11 - 2016-08-24 16:22 - 00000000 ____D C:\Users\H3DMi\AppData\Local\Android
2017-02-18 13:03 - 2015-12-24 14:45 - 00000000 ____D C:\Users\H3DMi\Downloads\Shareit
2017-02-18 12:22 - 2017-02-02 23:15 - 00001836 _____ C:\Users\H3DMi\Documents\pw.txt
2017-02-14 17:13 - 2015-01-22 20:38 - 00000000 ____D C:\Users\H3DMi\Documents\Camtasia Studio
2017-02-11 18:05 - 2016-11-28 14:14 - 00000000 ____D C:\Program Files\Microsoft Office
2017-02-11 17:59 - 2016-08-16 13:34 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinPcap
2017-02-11 12:24 - 2015-03-20 13:45 - 00000000 ____D C:\ProgramData\Package Cache
2017-02-11 11:56 - 2016-11-28 14:18 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office
2017-02-11 11:56 - 2016-11-26 16:15 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SharePoint
2017-02-11 11:47 - 2016-11-26 16:09 - 00000000 ____D C:\Program Files\Microsoft Visual Studio 8
2017-02-11 11:47 - 2009-07-14 03:37 - 00000000 ____D C:\Program Files\Common Files\microsoft shared
2017-02-11 11:46 - 2009-07-14 03:04 - 00000478 _____ C:\Windows\win.ini
2017-02-11 11:41 - 2015-11-08 20:13 - 00000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
==================== Fichiers à la racine de certains dossiers =======
2016-10-21 23:34 - 2016-10-21 23:34 - 0000132 _____ () C:\Users\H3DMi\AppData\Roaming\Adobe PNG Format CS5 Prefs
2016-06-12 13:48 - 2016-06-12 13:48 - 0001453 _____ () C:\Users\H3DMi\AppData\Roaming\Network Meter_Settings.ini
2016-06-12 21:25 - 2016-06-15 03:44 - 0000025 _____ () C:\Users\H3DMi\AppData\Roaming\Network Meter_Usage.ini
2016-06-17 20:59 - 2016-06-19 19:27 - 0000143 _____ () C:\Users\H3DMi\AppData\Roaming\Webpage.url
2016-02-27 18:25 - 2016-02-27 18:25 - 0041472 _____ () C:\Users\H3DMi\AppData\Local\dontouch.dat
2016-02-27 18:25 - 2016-02-27 18:25 - 0000187 _____ () C:\Users\H3DMi\AppData\Local\dontouch.exe.config
2015-11-03 21:47 - 2016-02-12 21:43 - 1093128 _____ () C:\Users\H3DMi\AppData\Local\FontCache3.0.0.0.dat
2015-11-23 13:38 - 2015-11-23 13:38 - 0000187 _____ () C:\Users\H3DMi\AppData\Local\Freshtom.exe.config
2016-12-01 12:14 - 2016-12-01 12:15 - 0028765 _____ () C:\Users\H3DMi\AppData\Local\HWVendorDetection.log
2017-02-11 17:37 - 2017-02-11 17:37 - 0000600 _____ () C:\Users\H3DMi\AppData\Local\PUTTY.RND
2016-03-09 16:53 - 2016-03-09 16:53 - 0007606 _____ () C:\Users\H3DMi\AppData\Local\Resmon.ResmonCfg
Fichiers à déplacer ou supprimer:
====================
C:\Users\H3DMi\IP_Log_Data.js
C:\Users\H3DMi\Network_Meter_Data.js
Certains fichiers dans TEMP:
====================
2017-03-12 19:01 - 2011-11-17 06:41 - 1288984 _____ (Microsoft Corporation) C:\Users\H3DMi\AppData\Local\Temp\dllnt_dump.dll
==================== Bamital & volsnap ======================
(Il n'y a pas de correction automatique pour les fichiers qui ne satisfont pas à la vérification.)
C:\Windows\explorer.exe => Le fichier est signé numériquement
C:\Windows\system32\winlogon.exe => Le fichier est signé numériquement
C:\Windows\system32\wininit.exe => Le fichier est signé numériquement
C:\Windows\system32\svchost.exe => Le fichier est signé numériquement
C:\Windows\system32\services.exe => Le fichier est signé numériquement
C:\Windows\system32\User32.dll => Le fichier est signé numériquement
C:\Windows\system32\userinit.exe => Le fichier est signé numériquement
C:\Windows\system32\rpcss.dll => Le fichier est signé numériquement
C:\Windows\system32\dnsapi.dll => Le fichier est signé numériquement
C:\Windows\system32\Drivers\volsnap.sys => Le fichier est signé numériquement
LastRegBack: 2015-10-14 12:58
==================== Fin de FRST.txt ============================
Exécuté par H3DMi (administrateur) sur WHOAMI (13-03-2017 21:31:08)
Exécuté depuis C:\Users\H3DMi\Desktop
Profils chargés: H3DMi (Profils disponibles: H3DMi)
Platform: Microsoft Windows 7 Ultimate (X86) Langue: French (France)
Internet Explorer Version 9 (Navigateur par défaut: Chrome)
Mode d'amorçage: Normal
Tutoriel pour Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processus (Avec liste blanche) =================
(Si un élément est inclus dans le fichier fixlist.txt, le processus sera arrêté. Le fichier ne sera pas déplacé.)
==================== Registre (Avec liste blanche) ====================
(Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé. Le fichier ne sera pas déplacé.)
HKU\S-1-5-21-1480127630-421335790-3021902173-1000\...\Policies\Explorer: [LinkResolveIgnoreLinkInfo] 1
HKU\S-1-5-21-1480127630-421335790-3021902173-1000\...\Policies\Explorer: [NoResolveSearch] 1
HKU\S-1-5-21-1480127630-421335790-3021902173-1000\...\Policies\Explorer: [NoInternetOpenWith] 1
HKU\S-1-5-21-1480127630-421335790-3021902173-1000\...\Policies\Explorer: [NoCommonGroups] 0
HKU\S-1-5-21-1480127630-421335790-3021902173-1000\...\Policies\Explorer: []
HKU\S-1-5-21-1480127630-421335790-3021902173-1000\...\Policies\Explorer: [NolowDiskSpaceChecks] 1
HKU\S-1-5-21-1480127630-421335790-3021902173-1000\...\Policies\Explorer: [DisallowRun] 0
HKU\S-1-5-21-1480127630-421335790-3021902173-1000\...\MountPoints2: E - E:\AutoRun.exe
HKU\S-1-5-21-1480127630-421335790-3021902173-1000\...\MountPoints2: {0a93b4ef-d541-11e4-8413-aed48c87bd5e} - F:\AutoRun.exe
HKU\S-1-5-21-1480127630-421335790-3021902173-1000\...\MountPoints2: {0f06fd68-ca72-11e4-b2fd-ebe72102d13e} - E:\AutoRun.exe
HKU\S-1-5-21-1480127630-421335790-3021902173-1000\...\MountPoints2: {1197aa7b-cfcf-11e5-8062-089e0186902f} - E:\AutoRun.exe
HKU\S-1-5-21-1480127630-421335790-3021902173-1000\...\MountPoints2: {1ca08800-a76b-11e6-aac1-089e0186902f} - E:\Lenovo_Suite.exe
HKU\S-1-5-21-1480127630-421335790-3021902173-1000\...\MountPoints2: {27895565-4c68-11e6-aced-969c59b5993c} - E:\Lenovo_Suite.exe
HKU\S-1-5-21-1480127630-421335790-3021902173-1000\...\MountPoints2: {499406fb-a9e5-11e4-adb6-344b50b7efb4} - E:\AutoRun.exe
HKU\S-1-5-21-1480127630-421335790-3021902173-1000\...\MountPoints2: {6ce8cde1-859b-11e6-b1bd-fe52bbe3893e} - E:\AutoRun.exe
HKU\S-1-5-21-1480127630-421335790-3021902173-1000\...\MountPoints2: {6ce8cdf1-859b-11e6-b1bd-965f39873e0a} - E:\AutoRun.exe
HKU\S-1-5-21-1480127630-421335790-3021902173-1000\...\MountPoints2: {6ce8ce0d-859b-11e6-b1bd-965f39873e0a} - E:\AutoRun.exe
HKU\S-1-5-21-1480127630-421335790-3021902173-1000\...\MountPoints2: {6ce8ce33-859b-11e6-b1bd-965f39873e0a} - E:\AutoRun.exe
HKU\S-1-5-21-1480127630-421335790-3021902173-1000\...\MountPoints2: {91956b0e-b2d3-11e5-ad90-fb672576f368} - E:\AutoRun.exe
HKU\S-1-5-21-1480127630-421335790-3021902173-1000\...\MountPoints2: {ad29c5f3-4017-11e6-a637-f83cff23fb3d} - E:\Lenovo_Suite.exe
HKU\S-1-5-21-1480127630-421335790-3021902173-1000\...\MountPoints2: {cc7f26c5-b0a3-11e4-9b42-001e101f9843} - E:\AutoRun.exe
HKU\S-1-5-21-1480127630-421335790-3021902173-1000\...\MountPoints2: {de53e372-98da-11e5-a67a-089e0186902f} - E:\AutoRun.exe
HKU\S-1-5-21-1480127630-421335790-3021902173-1000\...\MountPoints2: {ea901d67-c315-11e4-a2a8-98b45133b859} - E:\EMP_UDSe.exe /autorun
HKU\S-1-5-21-1480127630-421335790-3021902173-1000\...\MountPoints2: {f7003d02-8e8e-11e5-a529-b8763f109ebd} - E:\Auto.exe
ShellIconOverlayIdentifiers: [ IDM Shell Extension] -> {CDC95B92-E27C-4745-A8C5-64A52A78855D} => C:\Program Files\Internet Download Manager\IDMShellExt.dll [2015-08-14] (Tonec Inc.)
ShellIconOverlayIdentifiers: [###MegaShellExtPending] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => C:\Users\H3DMi\AppData\Local\MEGAsync\ShellExtX32.dll [2014-05-01] ()
ShellIconOverlayIdentifiers: [###MegaShellExtSynced] -> {05B38830-F4E9-4329-978B-1DD28605D202} => C:\Users\H3DMi\AppData\Local\MEGAsync\ShellExtX32.dll [2014-05-01] ()
ShellIconOverlayIdentifiers: [###MegaShellExtSyncing] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => C:\Users\H3DMi\AppData\Local\MEGAsync\ShellExtX32.dll [2014-05-01] ()
ShellIconOverlayIdentifiers: [AutoCAD Digital Signatures Icon Overlay Handler] -> {36A21736-36C2-4C11-8ACB-D4136F2B57BD} => C:\Windows\system32\AcSignIcon.dll [2015-02-06] (Autodesk, Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\ctfmon.exe - Raccourci.lnk [2015-10-16]
ShortcutTarget: ctfmon.exe - Raccourci.lnk -> C:\Windows\System32\ctfmon.exe (Microsoft Corporation)
GroupPolicy: Restriction - Chrome <======= ATTENTION
GroupPolicyScripts: Restriction <======= ATTENTION
GroupPolicyScripts\User: Restriction <======= ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Restriction <======= ATTENTION
==================== Internet (Avec liste blanche) ====================
(Si un élément est inclus dans le fichier fixlist.txt, s'il s'agit d'un élément du Registre, il sera supprimé ou restauré à la valeur par défaut.)
Hosts: Il y a plus d'un élément dans hosts. Voir la section Hosts de Addition.txt
Tcpip\..\Interfaces\{0163E39C-FBDE-47D9-96E5-7C000E2F3BCC}: [DhcpNameServer] 192.168.42.129
Tcpip\..\Interfaces\{687F5CCF-2443-4529-AE52-E8867D848168}: [NameServer] 192.168.4.220 209.244.0.3
Tcpip\..\Interfaces\{8132F200-A0AA-4ABE-B35F-958682D7E250}: [DhcpNameServer] 192.168.0.1 192.168.0.1
Tcpip\..\Interfaces\{95DAD448-57B5-42A6-A24E-198790239963}: [NameServer] 192.168.4.220 209.244.0.3
Tcpip\..\Interfaces\{ADB0968D-4B22-40EB-A71A-2B6EB777CEA0}: [NameServer] 192.168.1.1
Tcpip\..\Interfaces\{CD7F218B-20A8-4DD3-8B58-FC6EE2808D5D}: [NameServer] 192.168.4.220 209.244.0.3
Tcpip\..\Interfaces\{FB9165DD-4036-4DC9-BD39-10D902A7A032}: [NameServer] 192.168.1.1
Internet Explorer:
==================
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com
HKU\S-1-5-21-1480127630-421335790-3021902173-1000\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.fr
HKU\S-1-5-21-1480127630-421335790-3021902173-1000\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com/keyword/%s
BHO: Pas de nom -> {0055C089-8582-441B-A0BF-17B458C2A3A8} -> Pas de fichier
BHO: Dashlane BHO -> {42D79B50-CC4A-4A8E-860F-BE674AF053A2} -> C:\Users\H3DMi\AppData\Roaming\Dashlane\ie\Dashlanei.dll [2016-11-10] (Dashlane, Inc.)
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [2010-03-25] (Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_121\bin\ssv.dll [2017-02-02] (Oracle Corporation)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-08-18] (Microsoft Corporation)
BHO: Evernote extension -> {92EF2EAD-A7CE-4424-B0DB-499CF856608E} -> C:\Program Files\Evernote\Evernote\EvernoteIE.dll [2016-09-23] (Evernote Corp., 305 Walnut Street, Redwood City, CA 94063)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2010-02-28] (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_121\bin\jp2ssv.dll [2017-02-02] (Oracle Corporation)
Toolbar: HKLM - Dashlane Toolbar - {669695BC-A811-4A9D-8CDF-BA8C795F261C} - C:\Users\H3DMi\AppData\Roaming\Dashlane\ie\KWIEBar.dll [2016-11-10] (Dashlane, Inc.)
DPF: {CAFEEFAC-0016-0000-0045-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_45-windows-i586.cab
DPF: {CAFEEFAC-0018-0000-00102-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.8.0/jinstall-1_8_0_102-windows-i586.cab
DPF: {CAFEEFAC-0018-0000-00111-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.8.0/jinstall-1_8_0_111-windows-i586.cab
Handler: dialux - {8352FA4C-39C6-11D3-ADBA-00A0244FB1A2} - C:\Program Files\DIALux\DLXToolBox.dll [2007-08-29] (DIAL GmbH, Germany)
FireFox:
========
FF DefaultProfile: 6ygr6dan.default
FF DefaultProfile: h4bib0ss@gmail.com
FF ProfilePath: C:\Users\H3DMi\AppData\Roaming\Mozilla\SeaMonkey\Profiles\6ygr6dan.default [2017-03-10]
FF Extension: (MEGA) - C:\Users\H3DMi\AppData\Roaming\Mozilla\SeaMonkey\Profiles\6ygr6dan.default\Extensions\firefox@mega.co.nz.xpi [2016-04-01]
FF Extension: (DOM Inspector) - C:\Users\H3DMi\AppData\Roaming\Mozilla\SeaMonkey\Profiles\6ygr6dan.default\Extensions\inspector@mozilla.org [2016-04-27]
FF Extension: (ChatZilla) - C:\Users\H3DMi\AppData\Roaming\Mozilla\SeaMonkey\Profiles\6ygr6dan.default\Extensions\{59c81df5-4b7a-477b-912d-4e0fdf64e5f2} [2016-11-11]
FF Extension: (Adblock Plus) - C:\Users\H3DMi\AppData\Roaming\Mozilla\SeaMonkey\Profiles\6ygr6dan.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2016-11-24]
FF ProfilePath: C:\Users\H3DMi\AppData\Roaming\Mozilla\Firefox\Profiles\n4lzkus9.default [2017-03-12]
FF NetworkProxy: Mozilla\Firefox\Profiles\n4lzkus9.default -> backup.ftp", "192.30.136.222"
FF NetworkProxy: Mozilla\Firefox\Profiles\n4lzkus9.default -> backup.ftp_port", 80
FF NetworkProxy: Mozilla\Firefox\Profiles\n4lzkus9.default -> backup.socks", "192.30.136.222"
FF NetworkProxy: Mozilla\Firefox\Profiles\n4lzkus9.default -> backup.socks_port", 80
FF NetworkProxy: Mozilla\Firefox\Profiles\n4lzkus9.default -> backup.ssl", "192.30.136.222"
FF NetworkProxy: Mozilla\Firefox\Profiles\n4lzkus9.default -> backup.ssl_port", 80
FF NetworkProxy: Mozilla\Firefox\Profiles\n4lzkus9.default -> ftp", "mehide.org"
FF NetworkProxy: Mozilla\Firefox\Profiles\n4lzkus9.default -> ftp_port", 80
FF NetworkProxy: Mozilla\Firefox\Profiles\n4lzkus9.default -> share_proxy_settings", true
FF NetworkProxy: Mozilla\Firefox\Profiles\n4lzkus9.default -> socks", "mehide.org"
FF NetworkProxy: Mozilla\Firefox\Profiles\n4lzkus9.default -> socks_port", 80
FF NetworkProxy: Mozilla\Firefox\Profiles\n4lzkus9.default -> ssl", "mehide.org"
FF NetworkProxy: Mozilla\Firefox\Profiles\n4lzkus9.default -> ssl_port", 80
FF NetworkProxy: Mozilla\Firefox\Profiles\n4lzkus9.default -> type", 0
FF Extension: (ADB Helper) - C:\Users\H3DMi\AppData\Roaming\Mozilla\Firefox\Profiles\n4lzkus9.default\Extensions\adbhelper@mozilla.org [2015-07-04]
FF Extension: (Valence) - C:\Users\H3DMi\AppData\Roaming\Mozilla\Firefox\Profiles\n4lzkus9.default\Extensions\fxdevtools-adapters@mozilla.org [2015-10-21]
FF Extension: (Dashlane) - C:\Users\H3DMi\AppData\Roaming\Mozilla\Firefox\Profiles\n4lzkus9.default\Extensions\jetpack-extension@dashlane.com.xpi [2016-11-10]
FF Extension: (Unseen) - C:\Users\H3DMi\AppData\Roaming\Mozilla\Firefox\Profiles\n4lzkus9.default\Extensions\unseen@tangrs.xpi [2015-05-29]
FF Extension: (Adblock Plus) - C:\Users\H3DMi\AppData\Roaming\Mozilla\Firefox\Profiles\n4lzkus9.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2015-12-17]
FF ProfilePath: C:\Users\H3DMi\AppData\Roaming\Mozilla\Firefox\Profiles\kvswwnbu.default-1471771572293 [2017-03-12]
FF Extension: (Dashlane) - C:\Users\H3DMi\AppData\Roaming\Mozilla\Firefox\Profiles\kvswwnbu.default-1471771572293\Extensions\jetpack-extension@dashlane.com.xpi [2016-11-10]
FF Extension: (Pas de nom) - C:\Users\H3DMi\AppData\Roaming\Mozilla\Firefox\Profiles\kvswwnbu.default-1471771572293\extensions\ascsurfingprotection@iobit.com [non trouvé(e)]
FF Extension: (Pas de nom) - C:\Program Files\IObit Apps Toolbar\FF [non trouvé(e)]
FF Extension: (Java Console) - C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0045-ABCDEFFEDCBA} [2016-11-01] [non signé]
FF HKU\S-1-5-21-1480127630-421335790-3021902173-1000\...\Firefox\Extensions: [mozilla_cc2@internetdownloadmanager.com] - C:\Program Files\Internet Download Manager\idmmzcc2.xpi
FF Extension: (IDM integration) - C:\Program Files\Internet Download Manager\idmmzcc2.xpi [2015-10-02]
FF HKU\S-1-5-21-1480127630-421335790-3021902173-1000\...\SeaMonkey\Extensions: [mozilla_cc2@internetdownloadmanager.com] - C:\Program Files\Internet Download Manager\idmmzcc2.xpi
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32_24_0_0_186.dll [2017-02-01] ()
FF Plugin: @Google.com/GoogleEarthPlugin -> C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll [2013-09-05] (Google)
FF Plugin: @graphisoft.com/GDL Web Plug-in -> C:\Program Files\GRAPHISOFT\GDLWebControl\npGDLMozilla.dll [2012-06-27] (Graphisoft SE)
FF Plugin: @java.com/DTPlugin,version=11.121.2 -> C:\Program Files\Java\jre1.8.0_121\bin\dtplugin\npDeployJava1.dll [2017-02-02] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.121.2 -> C:\Program Files\Java\jre1.8.0_121\bin\plugin2\npjp2.dll [2017-02-02] (Oracle Corporation)
FF Plugin: @ma-config.com/HardwareDetection -> C:\Program Files\ma-config.com\nphardwaredetection.dll [2010-09-12] (Cybelsoft)
FF Plugin: @microsoft.com/GENUINE -> disabled [Pas de fichier]
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\Program Files\Microsoft Office\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin: @t.garena.com/garenatalk -> C:\Program Files\Garena Plus\bbtalk\plugins\npPlugin\npGarenaTalkPlugin.dll [2016-05-26] ( Garena)
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2017-02-28] (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2017-02-28] (Google Inc.)
FF Plugin: @videolan.org/vlc,version=2.2.2 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.2.3 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.2.4 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2014-12-03] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-1480127630-421335790-3021902173-1000: @my.com/Games -> C:\Users\H3DMi\AppData\Local\MyComGames\NPMyComDetector.dll [2016-04-08] (MY.COM B.V.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\np-mswmp.dll [2008-11-07] (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\np32asw.dll [2004-07-02] (Macromedia, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npFoxitReaderPlugin.dll [2010-07-07] (Foxit Software Company)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npLegitCheckPlugin.dll [2009-06-25] (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npnul32.dll [2010-10-27] (mozilla.org)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npOGAPlugin.dll [2009-08-03] (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nppdf32.dll [2014-12-03] (Adobe Systems Inc.)
FF ExtraCheck: C:\Program Files\mozilla firefox\defaults\pref\firefox-branding.js [2010-10-27]
FF ExtraCheck: C:\Program Files\mozilla firefox\defaults\pref\firefox-l10n.js [2010-10-27]
FF ExtraCheck: C:\Program Files\mozilla firefox\defaults\pref\firefox.js [2010-11-02]
FF ExtraCheck: C:\Program Files\mozilla firefox\defaults\pref\reporter.js [2010-10-27]
Chrome:
=======
CHR DefaultProfile: Default
CHR Profile: C:\Users\H3DMi\AppData\Local\Google\Chrome\User Data\Default [2017-03-13]
CHR Extension: (Google Slides) - C:\Users\H3DMi\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2016-03-09]
CHR Extension: (Google Docs) - C:\Users\H3DMi\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2016-03-09]
CHR Extension: (Google Drive) - C:\Users\H3DMi\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-03-09]
CHR Extension: (YouTube) - C:\Users\H3DMi\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-03-09]
CHR Extension: (Adblock Plus) - C:\Users\H3DMi\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2016-10-26]
CHR Extension: (Recherche Google) - C:\Users\H3DMi\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2016-03-09]
CHR Extension: (Tampermonkey) - C:\Users\H3DMi\AppData\Local\Google\Chrome\User Data\Default\Extensions\dhdgffkkebhmkfjojejmpbldmpobfkfo [2017-01-03]
CHR Extension: (Dashlane) - C:\Users\H3DMi\AppData\Local\Google\Chrome\User Data\Default\Extensions\fdjamakpfbbddfjaooikfcpapjohcfmg [2017-03-02]
CHR Extension: (Google Sheets) - C:\Users\H3DMi\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2016-03-09]
CHR Extension: (Google Docs hors connexion) - C:\Users\H3DMi\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-03-15]
CHR Extension: (Facebook - Delete All Messages) - C:\Users\H3DMi\AppData\Local\Google\Chrome\User Data\Default\Extensions\hgiidlnejdlfoacoeleopkljhbckmlko [2017-03-08]
CHR Extension: (Unseen) - C:\Users\H3DMi\AppData\Local\Google\Chrome\User Data\Default\Extensions\iicapmagmhahddefgokbabbgieiogjop [2017-03-11]
CHR Extension: (IDM Integration Module) - C:\Users\H3DMi\AppData\Local\Google\Chrome\User Data\Default\Extensions\ngpampappnmepgilojfohadhhmbhlaek [2016-12-11]
CHR Extension: (Paiements via le Chrome Web Store) - C:\Users\H3DMi\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-03-09]
CHR Extension: (Gmail) - C:\Users\H3DMi\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-03-09]
CHR Extension: (Chrome Media Router) - C:\Users\H3DMi\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-03-01]
CHR Profile: C:\Users\H3DMi\AppData\Local\Google\Chrome\User Data\System Profile [2017-03-10]
CHR HKLM\...\Chrome\Extension: [ngpampappnmepgilojfohadhhmbhlaek] - C:\Program Files\Internet Download Manager\IDMGCExt.crx [2015-10-16]
CHR HKU\S-1-5-21-1480127630-421335790-3021902173-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [dhdgffkkebhmkfjojejmpbldmpobfkfo] - hxxp://clients2.google.com/service/update2/crx
Opera:
=======
OPR Extension: (SaveFrom.net helper) - C:\Users\H3DMi\AppData\Roaming\Opera Software\Opera Stable\Extensions\npdpplbicnmpoigidfdjadamgfkilaak [2016-11-28]
StartMenuInternet: (HKLM) Operadeveloper - C:\Program Files\Opera developer\Launcher.exe
==================== Services (Avec liste blanche) ====================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
S3 ABBYY.Licensing.FineReader.Sprint.9.0; C:\Program Files\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe [759048 2009-05-14] (ABBYY)
S3 AdAppMgrSvc; C:\Program Files\Common Files\Autodesk Shared\AppManager\R1\AdAppMgrSvc.exe [1145928 2016-02-24] (Autodesk Inc.)
S3 AdvancedSystemCareService9; C:\Program Files\IObit\Advanced SystemCare Ultimate\ASCService.exe [456480 2016-05-30] (IObit)
S3 AMD FUEL Service; C:\Program Files\AMD\ATI.ACE\Fuel\Fuel.Service.exe [276992 2015-08-04] (Advanced Micro Devices, Inc.) [Fichier non signé]
S3 ASCAntivirusSrv; C:\Program Files\IObit\Advanced SystemCare Ultimate\ascavsvc.exe [1828640 2016-07-18] (IObit)
S3 AtherosSvc; C:\Program Files\Bluetooth Suite\adminservice.exe [85664 2012-02-28] (Atheros Commnucations) [Fichier non signé]
S3 Autodesk Content Service; C:\Program Files\Autodesk\Content Service\Connect.Service.ContentService.exe [31160 2015-02-05] (Autodesk, Inc.)
S3 Autodesk Licensing Service; C:\Program Files\Common Files\Autodesk Shared\Service\AdskScSrv.exe [72704 2015-01-22] (Autodesk) [Fichier non signé]
S3 c2cautoupdatesvc; C:\Program Files\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1390720 2014-04-11] (Microsoft Corporation)
S3 c2cpnrsvc; C:\Program Files\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1764992 2014-04-11] (Microsoft Corporation)
S3 cfbackd; C:\Program Files\CleverFiles\Disk Drill\cfbackd.w32.exe [211520 2014-08-31] (CleverFiles)
S3 CGVPNCliService; C:\Program Files\CyberGhost 5\Service.exe [64616 2014-11-03] (CyberGhost S.R.L)
S3 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [1776216 2015-08-15] (Microsoft Corporation)
S3 cmcore; c:\program files\cmcm\Clean Master\cmcore.exe [315240 2015-06-14] (Kingsoft Corporation)
S3 CodeMeter.exe; C:\Program Files\CodeMeter\Runtime\bin\CodeMeter.exe [2368912 2011-12-16] (WIBU-SYSTEMS AG)
S3 Connectify; C:\Program Files\Connectify\ConnectifyService.exe [254520 2017-02-22] (Connectify)
S3 D_Link_DWA-125; C:\Program Files\D-Link\DWA-125 revA\ANIWZCSdS.exe [126976 2010-04-21] (Wireless Service) [Fichier non signé]
S3 D_Link_DWA-125_WPS; C:\Program Files\D-Link\DWA-125 revA\ANIWConnService.exe [53248 2010-03-03] () [Fichier non signé]
S3 EMP_UDSA; C:\Program Files\EPSON Projector\EPSON USB Display V1.4\EMP_UDSA.exe [94208 2008-05-28] (SEIKO EPSON CORPORATION) [Fichier non signé]
S3 ePowerSvc; C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe [738688 2012-02-07] (Acer Incorporated)
S3 EpsonScanSvc; C:\Windows\system32\EscSvc.exe [122000 2011-12-12] (Seiko Epson Corporation)
S3 FLEXnet Licensing Service; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [1104128 2016-02-26] (Flexera Software LLC)
S3 Hamachi2Svc; C:\Program Files\LogMeIn Hamachi\hamachi-2.exe [1901576 2016-07-20] (LogMeIn Inc.)
S3 hmevpnsvc; C:\Program Files\hide.me VPN\vpnsvc.exe [136400 2017-02-19] (eVenture Limited)
S3 HWDeviceService.exe; C:\ProgramData\DatacardService\HWDeviceService.exe [271712 2011-03-14] ()
S3 IDriverT; C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe [73728 2004-10-22] (Macrovision Corporation) [Fichier non signé]
S3 IMFservice; C:\Program Files\IObit\IObit Malware Fighter\IMFsrv.exe [1600800 2016-10-21] (IObit)
S3 IObitUnSvr; C:\Program Files\IObit\IObit Uninstaller\IUService.exe [360736 2016-10-28] (IObit)
S3 Lenovo EasyPlus Hotspot; C:\Program Files\Common Files\LENOVO\easyplussdk\bin\EPHotspot.exe [509424 2015-06-08] (Lenovo)
S3 LiveUpdateSvc; C:\Program Files\IObit\LiveUpdate\LiveUpdate.exe [3046688 2016-07-29] (IObit)
S3 LMIGuardianSvc; C:\Program Files\LogMeIn Hamachi\LMIGuardianSvc.exe [405424 2016-07-20] (LogMeIn, Inc.)
S3 maconfservice; C:\Program Files\ma-config.com\maconfservice.exe [251248 2010-09-12] (CybelSoft)
S3 metasploitPostgreSQL; C:\metasploit\postgresql\bin\pg_ctl.exe [79872 2017-02-21] (PostgreSQL Global Development Group) [Fichier non signé]
S3 metasploitProSvc; C:\metasploit\ruby\bin\ruby.exe [107178 2017-02-21] (hxxp://www.ruby-lang.org/) [Fichier non signé]
S3 metasploitThin; C:\metasploit\ruby\bin\ruby.exe [107178 2017-02-21] (hxxp://www.ruby-lang.org/) [Fichier non signé]
S3 metasploitWorker; C:\metasploit\ruby\bin\ruby.exe [107178 2017-02-21] (hxxp://www.ruby-lang.org/) [Fichier non signé]
S3 mi-raysat_3dsmax8; C:\Program Files\Autodesk\3dsMax8\mentalray\satellite\raysat_3dsmax8server.exe [65536 2005-09-21] () [Fichier non signé]
S3 MobiConnect. RunOuc; C:\Program Files\MobiConnect\UpdateDog\ouc.exe [656976 2013-05-21] ()
S3 MyPublicWiFiService; C:\Program Files\MyPublicWiFi\PublicWiFiService.exe [756224 2013-04-03] () [Fichier non signé]
S3 nlsvc; C:\Program Files\Locktime Software\NetLimiter 4\NLSvc.exe [253056 2015-03-04] (Locktime Software)
S3 PlaysService; C:\Program Files\Raptr Inc\PlaysTV\plays_service.exe [32528 2016-03-10] (Plays.tv, LLC)
S3 reaConverter_service; C:\Program Files\reaConverter 7 Pro\rc_service.exe [5752832 2016-11-14] (reaConverter LLC) [Fichier non signé]
S3 SEVPNCLIENT; C:\Program Files\SoftEther VPN Client\vpnclient.exe [3971528 2016-11-28] (SoftEther VPN Project at University of Tsukuba, Japan.)
S3 sgbupt; C:\Program Files\SuperBoost\SuperBoost Software Updater\SuperBoostUpdater.exe [2444608 2016-02-01] (SuperBoost Software)
S3 TeamViewer; C:\Program Files\TeamViewer\TeamViewer_Service.exe [10351856 2016-12-15] (TeamViewer GmbH)
S3 TechSmith Uploader Service; C:\Program Files\Common Files\TechSmith Shared\Uploader\UploaderService.exe [3408384 2015-01-26] (TechSmith Corporation) [Fichier non signé]
S3 Themes; C:\Windows\system32\themeservice.dll [37376 2009-10-26] (Microsoft Corporation) [Fichier non signé]
S3 uSHAREitSvc; C:\Program Files\SHAREit Technologies\SHAREit\SHAREit.Service.exe [33224 2016-09-23] (SHAREit Technologies Co.Ltd)
S3 VMAuthdService; C:\Program Files\VMware\VMware Workstation\vmware-authd.exe [86096 2013-08-27] (VMware, Inc.)
S3 VMnetDHCP; C:\Windows\system32\vmnetdhcp.exe [358480 2013-08-27] (VMware, Inc.)
S3 VMUSBArbService; C:\Program Files\Common Files\VMware\USB\vmware-usbarbitrator.exe [719416 2013-08-26] (VMware, Inc.)
S3 VMware NAT Service; C:\Windows\system32\vmnat.exe [437328 2013-08-27] (VMware, Inc.)
S3 VMwareHostd; C:\Program Files\VMware\VMware Workstation\vmware-hostd.exe [14401104 2013-08-27] ()
S3 VRLService; C:\Program Files\Chaos Group\V-Ray\3dsmax 2008 for x86\startvrlservice.exe [181248 2016-08-24] () [Fichier non signé]
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [680960 2013-05-27] (Microsoft Corporation)
S3 ZAtheros Wlan Agent; C:\Program Files\Qualcomm Atheros\Ath_WlanAgent.exe [72864 2012-01-18] (Atheros) [Fichier non signé]
===================== Pilotes (Avec liste blanche) ======================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
R3 amdhub30; C:\Windows\System32\DRIVERS\amdhub30.sys [86752 2016-04-19] (Advanced Micro Devices, INC.)
R3 amdxhc; C:\Windows\System32\DRIVERS\amdxhc.sys [179936 2016-04-19] (Advanced Micro Devices, INC.)
R0 amd_sata; C:\Windows\System32\DRIVERS\amd_sata.sys [73928 2016-04-19] (Advanced Micro Devices)
R0 amd_xata; C:\Windows\System32\DRIVERS\amd_xata.sys [36040 2016-04-19] (Advanced Micro Devices)
S3 AmUStor; C:\Windows\System32\drivers\AmUStor.SYS [75416 2016-11-10] (Alcor Micro, Corp.)
R1 anodlwf; C:\Windows\System32\DRIVERS\anodlwf.sys [12800 2009-03-06] ()
R3 AsusVBus; C:\Windows\System32\DRIVERS\AsusVBus.sys [33048 2016-11-03] (Windows (R) Win 7 DDK provider)
R3 athr; C:\Windows\System32\DRIVERS\athr.sys [3365624 2016-11-10] (Qualcomm Atheros Communications, Inc.)
R3 ATP; C:\Windows\System32\DRIVERS\AsusTP.sys [66872 2016-11-03] (ASUS Corporation)
R3 BTATH_BUS; C:\Windows\System32\DRIVERS\btath_bus.sys [25248 2012-02-28] (Atheros)
R1 cfywlan1; C:\Windows\System32\DRIVERS\cfywlan1.sys [31616 2017-03-05] (Connectify)
R1 cnnctfy3; C:\Windows\System32\DRIVERS\cnnctfy3.sys [37728 2017-03-05] (Connectify)
S3 dg_ssudbus; C:\Windows\System32\DRIVERS\ssudbus.sys [108032 2016-10-14] (Samsung Electronics Co., Ltd.)
S3 driverhardwarev2; C:\Program Files\ma-config.com\Drivers\driverhardwarev2.sys [14336 2010-08-30] (CybelSoft)
S3 eagleGet; C:\Windows\System32\Drivers\eagleGet.sys [61240 2015-04-08] (eagleGet)
R1 EpfwLWF; C:\Windows\System32\DRIVERS\EpfwLWF.sys [44608 2015-09-23] (ESET)
R3 eppvad_simple; C:\Windows\System32\drivers\EMP_UDAU.sys [17664 2008-05-14] (SEIKO EPSON CORPORATION)
R3 ETD; C:\Windows\System32\DRIVERS\ETD.sys [268176 2012-07-27] (ELAN Microelectronics Corp.)
S3 GeneStor; C:\Windows\System32\DRIVERS\GeneStor.sys [56832 2016-04-19] (GenesysLogic)
R2 gzflt; C:\Windows\System32\DRIVERS\gzflt.sys [169992 2016-03-31] (BitDefender LLC)
S3 hamachi; C:\Windows\System32\DRIVERS\hamachi.sys [27040 2016-05-06] (LogMeIn, Inc.)
R2 hcmon; C:\Windows\system32\drivers\hcmon.sys [43192 2013-08-26] (VMware, Inc.)
R0 hrfwdrv; C:\Windows\System32\DRIVERS\hrfwdrv.sys [30368 2015-06-03] (Huorong Borui (Beijing) Technology Co., Ltd.)
S3 hwdatacard; C:\Windows\System32\DRIVERS\ewusbmdm.sys [199296 2016-10-14] (MBB Technologies Co., Ltd.)
R1 HWiNFO32; C:\Windows\system32\drivers\HWiNFO32.SYS [23840 2016-04-19] (REALiX(tm))
S4 IMFFilter; C:\Program Files\IObit\IObit Malware Fighter\Drivers\win7_x86\IMFFilter.sys [21184 2016-04-01] (IObit)
S3 ksapi; C:\Windows\system32\drivers\ksapi.sys [81768 2015-06-14] (Kingsoft Corporation)
S3 massfilter; C:\Windows\System32\drivers\massfilter.sys [9216 2011-08-29] (MBB Incorporated)
R3 maxjoypad; C:\Windows\System32\DRIVERS\maxjoypad.sys [16832 2016-08-05] (Windows (R) Win 7 DDK provider)
S3 MRV6X32U; C:\Windows\System32\DRIVERS\MRVW24B.sys [310016 2007-10-28] (Marvell Semiconductor, Inc) [Fichier non signé]
R1 ndiskhaz; C:\Windows\System32\DRIVERS\ndiskhaz.sys [25416 2012-12-07] (Khalil Azzouzi)
S3 netr28u; C:\Windows\System32\DRIVERS\Dnetr28u.sys [855392 2010-05-05] (Ralink Technology Corp.)
R2 nldrv; C:\Program Files\Locktime Software\NetLimiter 4\nldrv.sys [102832 2015-03-04] (Locktime Software)
R2 npf; C:\Windows\System32\drivers\npf.sys [36600 2015-11-15] (Riverbed Technology, Inc.)
S3 ptun0901; C:\Windows\System32\DRIVERS\ptun0901.sys [23552 2014-08-08] (The OpenVPN Project)
S3 qcusbser; C:\Windows\System32\DRIVERS\qcusbser.sys [205312 2016-08-24] (QUALCOMM Incorporated)
S3 RegFilter; C:\Program Files\IObit\IObit Malware Fighter\drivers\win7_x86\regfilter.sys [32288 2016-07-27] (IObit.com)
R3 rtsuvc; C:\Windows\System32\DRIVERS\rtsuvc.sys [7253208 2016-04-19] (Realtek Semiconductor Corp.)
R1 SCDEmu; C:\Windows\system32\Drivers\SCDEmu.sys [113904 2014-10-08] (Power Software Ltd)
R0 SmartDefragDriver; C:\Windows\System32\Drivers\SmartDefragDriver.sys [18800 2016-03-22] (IObit)
S3 sprdvcom; C:\Windows\System32\DRIVERS\sprdvcom.sys [23552 2014-10-10] (SPRD Device)
R0 sptd; C:\Windows\System32\Drivers\sptd.sys [420920 2015-01-22] () [Fichier non signé]
S3 ssudmdm; C:\Windows\System32\DRIVERS\ssudmdm.sys [199936 2016-10-14] (Samsung Electronics Co., Ltd.)
S3 ssudserd; C:\Windows\System32\DRIVERS\ssudserd.sys [181912 2013-05-02] (DEVGURU Co., LTD.(www.devguru.co.kr))
S3 Trufos; C:\Windows\System32\DRIVERS\TRUFOS.sys [408280 2016-03-31] (BitDefender S.R.L.)
S3 TTDrv; D:\KOPLAYER\vbox\TTDrv.sys [212632 2016-03-24] (Oracle Corporation)
S1 VBoxNetAdp; C:\Windows\System32\DRIVERS\VBoxNetAdp6.sys [108208 2016-03-04] (Oracle Corporation)
R1 VBoxNetLwf; C:\Windows\System32\DRIVERS\VBoxNetLwf.sys [174192 2016-03-04] (Oracle Corporation)
R3 vmkbd; C:\Windows\system32\drivers\VMkbd.sys [25808 2013-08-27] (VMware, Inc.)
S3 VMnetAdapter; C:\Windows\System32\DRIVERS\vmnetadapter.sys [17104 2013-08-27] (VMware, Inc.)
R2 VMnetBridge; C:\Windows\System32\DRIVERS\vmnetbridge.sys [37456 2013-08-27] (VMware, Inc.)
R2 VMnetuserif; C:\Windows\system32\drivers\vmnetuserif.sys [26192 2013-08-27] (VMware, Inc.)
S3 vmusb; C:\Windows\System32\DRIVERS\vmusb.sys [31928 2013-08-26] (VMware, Inc.)
R2 vmx86; C:\Windows\system32\Drivers\vmx86.sys [65488 2013-08-27] (VMware, Inc.)
R0 vsock; C:\Windows\System32\drivers\vsock.sys [63824 2013-08-15] (VMware, Inc.)
R2 vstor2-mntapi20-shared; C:\Windows\System32\drivers\vstor2-mntapi20-shared.sys [23632 2013-02-22] (VMware, Inc.)
R2 WIBUKEY; C:\Windows\System32\DRIVERS\WibuKey.sys [78648 2009-12-03] (WIBU-SYSTEMS AG)
S3 XBCD; C:\Windows\System32\Drivers\xbcd.sys [117884 2005-05-13] (Redcl0ud) [Fichier non signé]
S3 cpuz138; \??\C:\Users\H3DMi\AppData\Local\Temp\cpuz138\cpuz138_x32.sys [X] <==== ATTENTION
S3 ESETCleanersDriver; pas de ImagePath
S3 gkernel; pas de ImagePath
U4 Messenger; pas de ImagePath
S1 qutmipc; pas de ImagePath
S1 sysdiag; system32\DRIVERS\sysdiag.sys [X]
==================== NetSvcs (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
==================== Un mois - Créés - fichiers et dossiers ========
(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)
2017-03-13 21:31 - 2017-03-13 21:32 - 00032676 _____ C:\Users\H3DMi\Desktop\FRST.txt
2017-03-13 21:30 - 2017-03-13 21:30 - 00000000 ____D C:\Users\H3DMi\Desktop\FRST-OlderVersion
2017-03-13 19:26 - 2017-03-13 19:26 - 00000000 ____D C:\Users\H3DMi\Downloads\Master.2016.720p.HDRip.1.10GB.x264.Ganool
2017-03-13 18:48 - 2017-03-13 21:31 - 00000000 ____D C:\FRST
2017-03-13 18:33 - 2017-03-13 21:30 - 01766912 _____ (Farbar) C:\Users\H3DMi\Desktop\FRST.exe
2017-03-13 02:12 - 2017-03-13 09:37 - 00006642 _____ C:\Users\H3DMi\Desktop\ZHPCleaner.txt
2017-03-13 01:32 - 2017-03-13 01:32 - 00000801 _____ C:\Users\H3DMi\Desktop\ZHPCleaner.lnk
2017-03-13 01:32 - 2017-03-13 01:30 - 02748928 _____ C:\Users\H3DMi\Downloads\ZHPCleaner.exe
2017-03-12 22:32 - 2017-03-12 22:32 - 00191102 _____ C:\Users\H3DMi\Desktop\rk_delete.txt
2017-03-12 22:30 - 2017-03-12 22:30 - 00010342 _____ C:\Users\H3DMi\Desktop\rk_scan.txt
2017-03-12 19:07 - 2017-03-12 19:07 - 00024688 _____ C:\Windows\system32\Drivers\TrueSight.sys
2017-03-12 19:01 - 2017-03-12 22:35 - 00000000 ____D C:\ProgramData\RogueKiller
2017-03-12 19:01 - 2017-03-12 19:01 - 00000976 _____ C:\Users\Public\Desktop\RogueKiller.lnk
2017-03-12 19:01 - 2017-03-12 19:01 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RogueKiller
2017-03-12 19:01 - 2017-03-12 19:01 - 00000000 ____D C:\Program Files\RogueKiller
2017-03-12 09:36 - 2017-03-12 09:36 - 00000000 ____D C:\Users\H3DMi\AppData\Roaming\lazagne
2017-03-12 03:05 - 2017-03-12 03:05 - 00000000 ____D C:\Users\H3DMi\Downloads\Get.Out.2017.HDCAM.700MB.x264-DiRG
2017-03-12 02:10 - 2017-03-12 02:10 - 00004201 _____ C:\Users\H3DMi\Desktop\JRT.txt
2017-03-12 02:03 - 2017-03-12 02:03 - 01663736 _____ (Malwarebytes) C:\Users\H3DMi\Desktop\JRT.exe
2017-03-12 01:32 - 2017-03-12 01:53 - 00000000 ____D C:\AdwCleaner
2017-03-12 01:28 - 2017-03-12 01:31 - 04031440 _____ C:\Users\H3DMi\Desktop\adwcleaner_6.044.exe
2017-03-12 01:11 - 2017-03-12 01:11 - 00000000 ____D C:\Users\H3DMi\Desktop\rkill
2017-03-12 01:10 - 2017-03-12 01:22 - 00004030 _____ C:\Users\H3DMi\Desktop\Rkill.txt
2017-03-11 23:10 - 2017-03-11 23:09 - 02030536 _____ (Bleeping Computer, LLC) C:\Users\H3DMi\Desktop\rkill.com
2017-03-11 23:09 - 2017-03-11 23:09 - 02030536 _____ (Bleeping Computer, LLC) C:\Users\H3DMi\Downloads\rkill.com
2017-03-11 22:21 - 2017-03-11 22:21 - 00251619 _____ C:\Users\H3DMi\Desktop\ZHPDiag.txt
2017-03-11 22:00 - 2017-03-11 22:00 - 00000789 _____ C:\Users\H3DMi\Desktop\ZHPDiag.lnk
2017-03-11 14:08 - 2017-03-11 14:08 - 00170517 _____ C:\Users\H3DMi\Downloads\romarchi.dwg
2017-03-11 12:09 - 2017-03-11 12:13 - 02377064 _____ C:\Windows\system32\FNTCACHE.DAT
2017-03-10 18:25 - 2017-03-10 18:25 - 00126256 _____ C:\Users\H3DMi\AppData\Local\GDIPFONTCACHEV1.DAT
2017-03-10 17:30 - 2017-03-13 09:37 - 00000000 ____D C:\Users\H3DMi\AppData\Roaming\ZHP
2017-03-10 16:59 - 2017-03-10 16:59 - 00002071 _____ C:\Users\H3DMi\Documents\schtasks.txt
2017-03-10 16:13 - 2017-03-10 16:13 - 00000976 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 12.lnk
2017-03-10 12:18 - 2017-03-10 12:18 - 00003372 _____ C:\Users\H3DMi\Desktop\s.a3x
2017-03-10 10:52 - 2017-03-10 10:52 - 00002809 _____ C:\Users\H3DMi\Documents\secure.html
2017-03-09 20:43 - 2017-03-09 21:25 - 00000568 _____ C:\Users\H3DMi\Documents\ayuda.html
2017-03-09 20:00 - 2017-03-09 20:34 - 00000464 _____ C:\Users\H3DMi\Documents\ayuda.txt
2017-03-09 19:22 - 2017-03-10 10:53 - 00000000 ____D C:\Program Files\HTML Help Workshop
2017-03-09 19:22 - 2017-03-09 19:22 - 00000000 ____D C:\Users\H3DMi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\HTML Help Workshop
2017-03-09 19:22 - 2017-03-09 19:22 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HTML Help Workshop
2017-03-09 18:33 - 2017-03-10 12:58 - 00000000 ____D C:\Users\H3DMi\Downloads\Gone Girl (2014)
2017-03-09 18:33 - 2017-03-09 18:34 - 00000000 ____D C:\Users\H3DMi\Downloads\Connectify Hotspot Pro+Dispatch Pro 9.0.3.32290
2017-03-08 18:20 - 2017-03-08 18:20 - 00000193 _____ C:\Windows\WORDPAD.INI
2017-03-08 09:49 - 2017-03-08 09:49 - 00000000 ____D C:\Windows\system32\URTTEMP
2017-03-08 09:48 - 2017-03-08 09:48 - 00000000 ____D C:\Users\H3DMi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\TRNSYS 16
2017-03-08 09:47 - 2017-03-08 09:48 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Trnsys 16
2017-03-08 09:46 - 2017-03-08 09:53 - 00000000 ____D C:\Program Files\Trnsys16
2017-03-06 15:54 - 2017-03-06 16:39 - 14465505 _____ C:\Users\H3DMi\Documents\Drawing2 (1)_recover000.dwg
2017-03-06 15:41 - 2017-03-06 15:41 - 14462122 _____ C:\Users\H3DMi\Documents\Drawing2 (1)_recover.dwg
2017-03-06 15:35 - 2017-03-06 16:15 - 14497392 _____ C:\Users\H3DMi\Documents\Drawing2 (1).dwg
2017-03-06 15:35 - 2017-03-06 15:54 - 14494961 _____ C:\Users\H3DMi\Documents\Drawing2 (1).bak
2017-03-05 16:50 - 2017-03-06 17:14 - 00000488 _____ C:\Users\H3DMi\Documents\acad.err
2017-03-05 13:10 - 2017-03-05 13:10 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Connectify 2017
2017-03-05 13:09 - 2017-03-05 13:09 - 00037728 _____ (Connectify) C:\Windows\system32\Drivers\cnnctfy3.sys
2017-03-05 13:09 - 2017-03-05 13:09 - 00031616 _____ (Connectify) C:\Windows\system32\Drivers\cfywlan1.sys
2017-03-05 13:09 - 2017-03-05 13:09 - 00000000 ____D C:\Program Files\Connectify
2017-03-05 13:04 - 2017-03-05 13:11 - 00000000 ____D C:\ProgramData\Connectify
2017-03-04 12:01 - 2017-03-04 12:01 - 00000000 ____D C:\Program Files\Windows-Update
2017-03-04 12:01 - 2017-03-04 12:01 - 00000000 ____D C:\Program Files\backup
2017-03-03 23:24 - 2017-03-03 23:24 - 00000000 ____D C:\Users\H3DMi\Windows
2017-03-03 20:15 - 2017-03-03 20:15 - 00006227 _____ C:\Users\H3DMi\Downloads\create-segmentation-target.sh
2017-03-03 19:07 - 2017-03-03 19:08 - 00026106 _____ C:\Users\H3DMi\Downloads\sign.jar
2017-03-03 19:07 - 2017-03-03 19:07 - 00026112 _____ C:\Users\H3DMi\Downloads\signapk.jar
2017-03-03 17:54 - 2017-03-03 17:54 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Metasploit
2017-03-03 17:35 - 2017-03-03 17:35 - 00000000 ____D C:\Program Files\WinPcap
2017-03-03 17:33 - 2017-03-03 17:58 - 00000000 ____D C:\metasploit
2017-03-03 16:54 - 2017-03-03 17:14 - 00000000 ____D C:\Users\H3DMi\AppData\Roaming\Hide.me
2017-03-03 16:54 - 2017-03-03 16:54 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\hide.me VPN
2017-03-03 16:54 - 2017-03-03 16:54 - 00000000 ____D C:\Program Files\hide.me VPN
2017-03-03 15:47 - 2017-03-03 15:47 - 00002202 _____ C:\Users\H3DMi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2017-03-02 23:50 - 2017-03-02 23:51 - 08457318 _____ C:\Users\H3DMi\Downloads\poste.dwg
2017-03-02 13:38 - 2017-03-02 13:38 - 00000000 ____D C:\Users\H3DMi\Downloads\Ice.Age.Collision.Course.2016.1080p.BRRip.x264.AAC-ETRG
2017-03-01 22:26 - 2017-03-03 19:02 - 00000000 ____D C:\Users\H3DMi\Downloads\Disconnect (2012) [1080p]
2017-03-01 20:38 - 2017-03-01 20:44 - 00000000 ____D C:\Users\H3DMi\.gradle
2017-02-27 20:05 - 2017-02-27 20:06 - 00000000 ____D C:\Users\H3DMi\Downloads\Dr Strange 2016 DVDScr x264 Super HQ AC3 - Ghostman
2017-02-25 22:56 - 2017-03-01 20:23 - 00000055 _____ C:\Users\H3DMi\Documents\local.properties
2017-02-25 22:49 - 2017-02-25 22:49 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Android SDK Tools
2017-02-25 19:07 - 2017-02-25 19:08 - 00881984 _____ C:\Users\H3DMi\Downloads\msfvenom-backdoor-android-master.zip
2017-02-24 21:12 - 2017-02-22 12:30 - 00000000 ____D C:\Users\H3DMi\Downloads\Moana (2016) [YTS.AG]
2017-02-23 09:26 - 2017-02-23 09:26 - 00000000 ____D C:\Users\H3DMi\Documents\My EndNote Library.Data
2017-02-23 09:26 - 2017-02-23 09:26 - 00000000 _____ C:\Users\H3DMi\Documents\My EndNote Library.enl
2017-02-22 21:43 - 2017-03-10 12:17 - 00003372 _____ C:\Windows\system32\s.a3x
2017-02-22 20:05 - 2017-02-23 09:29 - 00000000 ____D C:\Users\H3DMi\AppData\Roaming\EndNote
2017-02-22 20:01 - 2017-02-27 02:20 - 00000000 ____D C:\Users\H3DMi\Downloads\EndNote X6 Bld 6348
2017-02-22 19:55 - 2017-02-22 19:55 - 00000000 ____D C:\Users\Public\Documents\EndNote
2017-02-22 19:55 - 2017-02-22 19:55 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EndNote
2017-02-22 19:55 - 2017-02-22 19:55 - 00000000 ____D C:\Program Files\Common Files\Risxtd
2017-02-22 19:55 - 2017-02-22 19:55 - 00000000 ____D C:\Program Files\Common Files\ResearchSoft
2017-02-22 19:54 - 2017-02-22 20:09 - 00000000 ____D C:\Program Files\EndNote X7
2017-02-22 19:54 - 2017-02-22 19:55 - 00000000 ____D C:\ProgramData\Thomson.ResearchSoft.Installers
2017-02-22 19:53 - 2017-02-22 19:53 - 00000000 ____D C:\Program Files\Common Files\Wise Installation Wizard
2017-02-22 19:33 - 2017-02-22 19:41 - 89324520 _____ C:\Users\H3DMi\Downloads\Thomson.Reuters.EndNote.X7.v17.0.0.7072.zip
2017-02-19 20:29 - 2017-02-19 20:29 - 00000000 ____D C:\Users\H3DMi\AndroidStudioProjects
2017-02-19 11:23 - 2017-02-19 11:23 - 00000000 ____D C:\Users\H3DMi\AppData\Roaming\JetBrains
2017-02-19 11:21 - 2017-02-19 11:21 - 00000000 ____D C:\Users\H3DMi\.AndroidStudio2.2
2017-02-19 11:20 - 2017-02-19 11:20 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Android Studio
2017-02-19 11:05 - 2017-02-25 22:48 - 00000000 ____D C:\Program Files\Android
2017-02-16 21:00 - 2017-02-16 21:00 - 00000000 ____D C:\Users\H3DMi\AppData\Roaming\Meteotest_Genossenschaft
2017-02-16 21:00 - 2017-02-16 21:00 - 00000000 ____D C:\Users\H3DMi\AppData\Roaming\Meteotest
2017-02-16 21:00 - 2017-02-16 21:00 - 00000000 ____D C:\Users\H3DMi\AppData\Local\Meteotest_Genossenschaft
2017-02-16 21:00 - 2017-02-16 21:00 - 00000000 ____D C:\ProgramData\Meteotest
2017-02-16 20:54 - 2017-02-16 20:54 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\meteonorm 7
2017-02-16 20:51 - 2017-02-16 20:51 - 00000000 ____D C:\Program Files\Meteotest
2017-02-11 17:37 - 2017-02-11 17:37 - 00000600 _____ C:\Users\H3DMi\AppData\Local\PUTTY.RND
2017-02-11 15:21 - 2017-02-17 10:40 - 00000000 ____D C:\Users\H3DMi\Documents\Macro
2017-02-11 11:43 - 2017-03-05 15:04 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2016 Tools
2017-02-11 11:37 - 2017-02-11 11:37 - 00000000 ____D C:\Program Files\Microsoft Office 15
2017-02-11 11:12 - 2017-02-11 17:37 - 00000000 ____D C:\Users\H3DMi\AppData\Local\FileZilla
==================== Un mois - Modifiés - fichiers et dossiers ========
(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)
2017-03-13 21:22 - 2016-10-13 17:21 - 00000000 ____D C:\Users\H3DMi\AppData\LocalLow\uTorrent
2017-03-13 21:22 - 2015-01-22 16:11 - 00000000 ____D C:\Users\H3DMi\AppData\Roaming\uTorrent
2017-03-13 21:21 - 2016-04-09 22:03 - 00000000 ____D C:\Users\H3DMi\AppData\Roaming\vlc
2017-03-13 21:11 - 2015-06-19 13:12 - 00760442 _____ C:\Windows\system32\perfh00A.dat
2017-03-13 21:11 - 2015-06-19 13:12 - 00165688 _____ C:\Windows\system32\perfc00A.dat
2017-03-13 21:11 - 2015-06-19 12:30 - 00712822 _____ C:\Windows\system32\perfh007.dat
2017-03-13 21:11 - 2015-06-19 12:30 - 00155520 _____ C:\Windows\system32\perfc007.dat
2017-03-13 21:11 - 2015-06-19 01:12 - 00425768 _____ C:\Windows\system32\perfh011.dat
2017-03-13 21:11 - 2015-06-19 01:12 - 00127766 _____ C:\Windows\system32\perfc011.dat
2017-03-13 21:11 - 2015-06-19 00:33 - 00623442 _____ C:\Windows\system32\perfh008.dat
2017-03-13 21:11 - 2015-06-19 00:33 - 00118484 _____ C:\Windows\system32\perfc008.dat
2017-03-13 21:11 - 2015-06-19 00:09 - 00670276 _____ C:\Windows\system32\perfh01F.dat
2017-03-13 21:11 - 2015-06-19 00:09 - 00146616 _____ C:\Windows\system32\perfc01F.dat
2017-03-13 21:11 - 2015-06-18 23:49 - 00699214 _____ C:\Windows\system32\perfh00E.dat
2017-03-13 21:11 - 2015-06-18 23:49 - 00178972 _____ C:\Windows\system32\perfc00E.dat
2017-03-13 21:11 - 2015-06-18 23:29 - 00743462 _____ C:\Windows\system32\prfh0816.dat
2017-03-13 21:11 - 2015-06-18 23:29 - 00159376 _____ C:\Windows\system32\prfc0816.dat
2017-03-13 21:11 - 2015-06-18 23:11 - 00686348 _____ C:\Windows\system32\perfh013.dat
2017-03-13 21:11 - 2015-06-18 23:11 - 00159662 _____ C:\Windows\system32\perfc013.dat
2017-03-13 21:11 - 2015-06-18 22:53 - 00523276 _____ C:\Windows\system32\perfh006.dat
2017-03-13 21:11 - 2015-06-18 22:53 - 00105270 _____ C:\Windows\system32\perfc006.dat
2017-03-13 21:11 - 2015-06-18 22:36 - 00677292 _____ C:\Windows\system32\perfh01D.dat
2017-03-13 21:11 - 2015-06-18 22:36 - 00148638 _____ C:\Windows\system32\perfc01D.dat
2017-03-13 21:11 - 2015-06-18 21:58 - 00755114 _____ C:\Windows\system32\perfh015.dat
2017-03-13 21:11 - 2015-06-18 21:58 - 00163026 _____ C:\Windows\system32\perfc015.dat
2017-03-13 21:11 - 2015-06-18 21:42 - 00728520 _____ C:\Windows\system32\prfh0416.dat
2017-03-13 21:11 - 2015-06-18 21:42 - 00154336 _____ C:\Windows\system32\prfc0416.dat
2017-03-13 21:11 - 2015-06-18 21:22 - 00755416 _____ C:\Windows\system32\perfh010.dat
2017-03-13 21:11 - 2015-06-18 21:22 - 00153534 _____ C:\Windows\system32\perfc010.dat
2017-03-13 21:11 - 2015-06-18 21:06 - 00682680 _____ C:\Windows\system32\perfh005.dat
2017-03-13 21:11 - 2015-06-18 21:06 - 00148018 _____ C:\Windows\system32\perfc005.dat
2017-03-13 21:11 - 2015-06-18 20:37 - 00389648 _____ C:\Windows\system32\prfh0804.dat
2017-03-13 21:11 - 2015-06-18 20:37 - 00125258 _____ C:\Windows\system32\prfc0804.dat
2017-03-13 21:11 - 2015-06-18 19:21 - 00492672 _____ C:\Windows\system32\perfh001.dat
2017-03-13 21:11 - 2015-06-18 19:21 - 00100438 _____ C:\Windows\system32\perfc001.dat
2017-03-13 21:11 - 2015-06-18 18:18 - 00738910 _____ C:\Windows\system32\perfh019.dat
2017-03-13 21:11 - 2015-06-18 18:18 - 00157262 _____ C:\Windows\system32\perfc019.dat
2017-03-13 21:11 - 2015-06-18 17:05 - 00404860 _____ C:\Windows\system32\perfh00D.dat
2017-03-13 21:11 - 2015-06-18 17:05 - 00090424 _____ C:\Windows\system32\perfc00D.dat
2017-03-13 21:11 - 2015-06-18 16:05 - 00407020 _____ C:\Windows\system32\prfh0404.dat
2017-03-13 21:11 - 2015-06-18 16:05 - 00120756 _____ C:\Windows\system32\prfc0404.dat
2017-03-13 21:11 - 2015-06-18 15:40 - 00438126 _____ C:\Windows\system32\perfh012.dat
2017-03-13 21:11 - 2015-06-18 15:40 - 00126050 _____ C:\Windows\system32\perfc012.dat
2017-03-13 21:11 - 2015-06-18 15:15 - 00495522 _____ C:\Windows\system32\perfh00B.dat
2017-03-13 21:11 - 2015-06-18 15:15 - 00108268 _____ C:\Windows\system32\perfc00B.dat
2017-03-13 21:11 - 2015-06-18 13:06 - 00507952 _____ C:\Windows\system32\perfh014.dat
2017-03-13 21:11 - 2015-06-18 13:06 - 00101364 _____ C:\Windows\system32\perfc014.dat
2017-03-13 21:11 - 2010-11-29 20:02 - 17752990 _____ C:\Windows\system32\PerfStringBackup.INI
2017-03-13 21:11 - 2009-07-14 09:39 - 00760558 _____ C:\Windows\system32\perfh00C.dat
2017-03-13 21:11 - 2009-07-14 09:39 - 00156220 _____ C:\Windows\system32\perfc00C.dat
2017-03-13 21:11 - 2009-07-14 03:37 - 00000000 ____D C:\Windows\inf
2017-03-13 21:09 - 2009-07-14 05:34 - 00022192 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2017-03-13 21:09 - 2009-07-14 05:34 - 00022192 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2017-03-13 18:48 - 2015-06-18 13:12 - 00000000 ____D C:\Users\H3DMi\AppData\Roaming\DMCache
2017-03-13 11:02 - 2016-04-21 17:21 - 00000000 ____D C:\Users\H3DMi\Downloads\Compressed
2017-03-13 10:37 - 2009-07-14 05:53 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2017-03-13 09:37 - 2016-11-26 10:42 - 00000000 ____D C:\Users\H3DMi\Downloads\office
2017-03-12 22:31 - 2015-01-22 15:46 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\arcai.com
2017-03-12 09:29 - 2015-10-09 16:33 - 00004417 _____ C:\Users\H3DMi\.aggressor.prop
2017-03-12 09:27 - 2016-05-01 11:07 - 00000000 ____D C:\Users\H3DMi\AppData\Local\clink
2017-03-12 02:45 - 2015-04-06 11:23 - 00000000 ____D C:\Users\H3DMi\AppData\Local\Microsoft Games
2017-03-12 01:52 - 2015-11-15 18:21 - 00000923 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Opera.lnk
2017-03-12 01:51 - 2015-04-02 20:25 - 00000000 ____D C:\Users\H3DMi\AppData\Roaming\Lavasoft
2017-03-12 01:51 - 2015-04-02 20:25 - 00000000 ____D C:\ProgramData\Lavasoft
2017-03-12 01:09 - 2015-06-23 23:21 - 00000000 ___RD C:\Users\H3DMi\Desktop\Applications
2017-03-11 20:55 - 2016-04-18 09:34 - 00000000 ____D C:\Users\H3DMi\Downloads\Video
2017-03-11 12:09 - 2015-01-22 02:06 - 00000000 ____D C:\Program Files\WinRAR
2017-03-10 18:00 - 2015-01-22 16:37 - 00000000 ____D C:\Users\H3DMi\AppData\Roaming\Notepad++
2017-03-10 17:00 - 2015-06-12 21:17 - 00000000 ____D C:\Users\H3DMi\AppData\Local\CrashDumps
2017-03-10 16:56 - 2015-01-22 01:11 - 00000000 ____D C:\Program Files\K-Lite Codec Pack
2017-03-10 16:55 - 2016-03-29 14:29 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\K-Lite Codec Pack
2017-03-10 16:13 - 2016-11-05 13:34 - 00000000 ____D C:\Program Files\TeamViewer
2017-03-10 16:13 - 2015-05-29 17:58 - 00000000 ____D C:\Users\H3DMi\AppData\Roaming\TeamViewer
2017-03-10 15:25 - 2015-06-22 16:56 - 00000000 ____D C:\Users\H3DMi\AppData\Roaming\FileZilla
2017-03-10 15:23 - 2015-06-22 16:56 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FileZilla FTP Client
2017-03-10 15:23 - 2015-06-22 16:56 - 00000000 ____D C:\Program Files\FileZilla FTP Client
2017-03-10 14:40 - 2015-01-22 02:06 - 00000000 ____D C:\Users\H3DMi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2017-03-10 14:40 - 2015-01-22 02:06 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
2017-03-10 14:36 - 2016-02-12 15:10 - 00000000 ____D C:\Program Files\NetBeans 8.1
2017-03-10 14:05 - 2016-03-20 12:10 - 00094936 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamchameleon.sys
2017-03-10 13:09 - 2016-03-20 14:07 - 00000000 ___RD C:\Users\H3DMi\Desktop\topapp
2017-03-09 19:22 - 2009-07-14 03:37 - 00000000 ____D C:\Windows\Help
2017-03-09 02:01 - 2015-11-15 19:42 - 00000464 __RSH C:\ProgramData\ntuser.pol
2017-03-08 18:14 - 2015-01-26 12:22 - 00000000 ____D C:\Users\H3DMi\Documents\Snagit
2017-03-08 09:50 - 2009-07-14 03:37 - 00000000 ____D C:\Windows\Registration
2017-03-08 09:29 - 2009-07-14 03:37 - 00000000 ____D C:\Windows\Resources
2017-03-06 15:14 - 2016-03-29 13:47 - 00000000 ____D C:\Users\H3DMi\AppData\Roaming\AIMP
2017-03-05 15:05 - 2015-06-18 13:01 - 00000000 ____D C:\Users\H3DMi\AppData\Roaming\IDM
2017-03-05 12:56 - 2015-04-04 20:10 - 00000496 _____ C:\Windows\system32\Drivers\etc\hosts.ics
2017-03-05 00:16 - 2015-06-13 12:36 - 00000000 ____D C:\Users\H3DMi\AppData\Local\VMware
2017-03-05 00:16 - 2015-02-22 03:01 - 00000000 ____D C:\Users\H3DMi\AppData\Roaming\VMware
2017-03-03 23:24 - 2015-01-22 01:07 - 00000000 ____D C:\Users\H3DMi
2017-03-03 16:55 - 2016-07-01 12:26 - 00000000 ____D C:\Users\H3DMi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup (Disabled by AnVir)
2017-03-01 23:39 - 2015-02-20 18:43 - 00000000 ____D C:\Users\H3DMi\AppData\Roaming\Skype
2017-02-27 21:26 - 2016-03-29 17:47 - 00000000 ____D C:\Program Files\SeaMonkey
2017-02-26 00:04 - 2016-09-03 14:23 - 00000187 _____ C:\Users\H3DMi\Documents\presistance.sh
2017-02-19 19:56 - 2015-04-17 00:45 - 00000000 ____D C:\Users\H3DMi\.android
2017-02-19 11:11 - 2016-08-24 16:22 - 00000000 ____D C:\Users\H3DMi\AppData\Local\Android
2017-02-18 13:03 - 2015-12-24 14:45 - 00000000 ____D C:\Users\H3DMi\Downloads\Shareit
2017-02-18 12:22 - 2017-02-02 23:15 - 00001836 _____ C:\Users\H3DMi\Documents\pw.txt
2017-02-14 17:13 - 2015-01-22 20:38 - 00000000 ____D C:\Users\H3DMi\Documents\Camtasia Studio
2017-02-11 18:05 - 2016-11-28 14:14 - 00000000 ____D C:\Program Files\Microsoft Office
2017-02-11 17:59 - 2016-08-16 13:34 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinPcap
2017-02-11 12:24 - 2015-03-20 13:45 - 00000000 ____D C:\ProgramData\Package Cache
2017-02-11 11:56 - 2016-11-28 14:18 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office
2017-02-11 11:56 - 2016-11-26 16:15 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SharePoint
2017-02-11 11:47 - 2016-11-26 16:09 - 00000000 ____D C:\Program Files\Microsoft Visual Studio 8
2017-02-11 11:47 - 2009-07-14 03:37 - 00000000 ____D C:\Program Files\Common Files\microsoft shared
2017-02-11 11:46 - 2009-07-14 03:04 - 00000478 _____ C:\Windows\win.ini
2017-02-11 11:41 - 2015-11-08 20:13 - 00000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
==================== Fichiers à la racine de certains dossiers =======
2016-10-21 23:34 - 2016-10-21 23:34 - 0000132 _____ () C:\Users\H3DMi\AppData\Roaming\Adobe PNG Format CS5 Prefs
2016-06-12 13:48 - 2016-06-12 13:48 - 0001453 _____ () C:\Users\H3DMi\AppData\Roaming\Network Meter_Settings.ini
2016-06-12 21:25 - 2016-06-15 03:44 - 0000025 _____ () C:\Users\H3DMi\AppData\Roaming\Network Meter_Usage.ini
2016-06-17 20:59 - 2016-06-19 19:27 - 0000143 _____ () C:\Users\H3DMi\AppData\Roaming\Webpage.url
2016-02-27 18:25 - 2016-02-27 18:25 - 0041472 _____ () C:\Users\H3DMi\AppData\Local\dontouch.dat
2016-02-27 18:25 - 2016-02-27 18:25 - 0000187 _____ () C:\Users\H3DMi\AppData\Local\dontouch.exe.config
2015-11-03 21:47 - 2016-02-12 21:43 - 1093128 _____ () C:\Users\H3DMi\AppData\Local\FontCache3.0.0.0.dat
2015-11-23 13:38 - 2015-11-23 13:38 - 0000187 _____ () C:\Users\H3DMi\AppData\Local\Freshtom.exe.config
2016-12-01 12:14 - 2016-12-01 12:15 - 0028765 _____ () C:\Users\H3DMi\AppData\Local\HWVendorDetection.log
2017-02-11 17:37 - 2017-02-11 17:37 - 0000600 _____ () C:\Users\H3DMi\AppData\Local\PUTTY.RND
2016-03-09 16:53 - 2016-03-09 16:53 - 0007606 _____ () C:\Users\H3DMi\AppData\Local\Resmon.ResmonCfg
Fichiers à déplacer ou supprimer:
====================
C:\Users\H3DMi\IP_Log_Data.js
C:\Users\H3DMi\Network_Meter_Data.js
Certains fichiers dans TEMP:
====================
2017-03-12 19:01 - 2011-11-17 06:41 - 1288984 _____ (Microsoft Corporation) C:\Users\H3DMi\AppData\Local\Temp\dllnt_dump.dll
==================== Bamital & volsnap ======================
(Il n'y a pas de correction automatique pour les fichiers qui ne satisfont pas à la vérification.)
C:\Windows\explorer.exe => Le fichier est signé numériquement
C:\Windows\system32\winlogon.exe => Le fichier est signé numériquement
C:\Windows\system32\wininit.exe => Le fichier est signé numériquement
C:\Windows\system32\svchost.exe => Le fichier est signé numériquement
C:\Windows\system32\services.exe => Le fichier est signé numériquement
C:\Windows\system32\User32.dll => Le fichier est signé numériquement
C:\Windows\system32\userinit.exe => Le fichier est signé numériquement
C:\Windows\system32\rpcss.dll => Le fichier est signé numériquement
C:\Windows\system32\dnsapi.dll => Le fichier est signé numériquement
C:\Windows\system32\Drivers\volsnap.sys => Le fichier est signé numériquement
LastRegBack: 2015-10-14 12:58
==================== Fin de FRST.txt ============================