Publicité
Publicité
Format du document : text/plain
Prévisualisation
Résultats d'analyse de Farbar Recovery Scan Tool (FRST) (x86) Version: 04-07-2017
Exécuté par A.BELAKHDAR (administrateur) sur NOUR (04-07-2017 23:08:32)
Exécuté depuis C:\Users\A.BELAKHDAR\Desktop
Profils chargés: A.BELAKHDAR & fbwuser & openpgsvc & DefaultAppPool (Profils disponibles: A.BELAKHDAR & fbwuser & openpgsvc & DefaultAppPool)
Platform: Microsoft Windows 7 Professionnel Service Pack 1 (X86) Langue: Français (France)
Internet Explorer Version 11 (Navigateur par défaut: Chrome)
Mode d'amorçage: Normal
Tutoriel pour Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processus (Avec liste blanche) =================
(Si un élément est inclus dans le fichier fixlist.txt, le processus sera arrêté. Le fichier ne sera pas déplacé.)
==================== Registre (Avec liste blanche) ====================
(Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé. Le fichier ne sera pas déplacé.)
HKLM\...\Run: [Antirun] => C:\Program Files\Antirun\antirun.exe [2521600 2014-02-06] ()
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [213832 2017-06-30] (AVAST Software)
HKLM\...\Run: [Bonus.SSR.FR12] => C:\Program Files\ABBYY FineReader 12\Bonus.ScreenshotReader.exe [1527960 2016-01-20] (ABBYY Production LLC.)
HKLM\...\Run: [Malwarebytes Anti-Exploit] => C:\Program Files\Malwarebytes Anti-Exploit\mbae.exe [2650576 2017-05-05] (Malwarebytes Corporation)
HKLM\...\Run: [ABNotify] => C:\Program Files\AOMEI Backupper\ABNotify.exe [77432 2016-07-11] ()
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKU\S-1-5-21-486766110-531225435-1456869208-1000\...\Run: [Dashlane] => C:\Users\A.BELAKHDAR\AppData\Roaming\Dashlane\Dashlane.exe [486352 2017-02-27] (Dashlane, Inc.)
HKU\S-1-5-21-486766110-531225435-1456869208-1000\...\Run: [DashlanePlugin] => C:\Users\A.BELAKHDAR\AppData\Roaming\Dashlane\DashlanePlugin.exe [544208 2017-02-27] ()
HKU\S-1-5-21-486766110-531225435-1456869208-1000\...\Run: [IDMan] => C:\Program Files\Internet Download Manager\IDMan.exe [4019312 2017-06-28] (Tonec Inc.)
HKU\S-1-5-21-486766110-531225435-1456869208-1000\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner.exe [6405912 2015-06-01] (Piriform Ltd)
HKU\S-1-5-21-486766110-531225435-1456869208-1000\...\Run: [SUPERAntiSpyware] => C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe [6843808 2017-06-12] (SUPERAntiSpyware)
HKU\S-1-5-21-486766110-531225435-1456869208-1000\...\Policies\system: [LogonHoursAction] 2
HKU\S-1-5-21-486766110-531225435-1456869208-1000\...\Policies\system: [DontDisplayLogonHoursWarnings] 1
HKU\S-1-5-21-486766110-531225435-1456869208-1000\...\Policies\Explorer: [NoRecentDocsHistory] 1
HKU\S-1-5-21-486766110-531225435-1456869208-1000\...\Policies\Explorer: [NolowDiskSpaceChecks] 1
HKU\S-1-5-21-486766110-531225435-1456869208-1000\Control Panel\Desktop\\SCRNSAVE.EXE ->
HKU\S-1-5-21-486766110-531225435-1456869208-1001\...\Run: [MediaDICO36] => C:\Program Files\Micro Application\36 Dictionnaires et Recueils de Correspondance\LanceMediaDICO36.exe [252416 2004-05-27] (L'Aventure Multimedia)
HKU\S-1-5-21-486766110-531225435-1456869208-1001\...\Run: [MediaDICO38] => C:\Program Files\Micro Application\38 Dictionnaires et Recueils de Correspondance\LanceMediaDICO38.exe [252416 2006-05-08] (L'Aventure Multimedia)
HKU\S-1-5-21-486766110-531225435-1456869208-1001\...\Policies\system: [LogonHoursAction] 2
HKU\S-1-5-21-486766110-531225435-1456869208-1001\...\Policies\system: [DontDisplayLogonHoursWarnings] 1
HKU\S-1-5-21-486766110-531225435-1456869208-1001\...\Policies\Explorer: [NoRecentDocsHistory] 1
HKU\S-1-5-21-486766110-531225435-1456869208-1001\...\MountPoints2: F - F:\setup.exe
HKU\S-1-5-18\...\RunOnce: [SPReview] => C:\Windows\System32\SPReview\SPReview.exe [280576 2014-05-17] (Microsoft Corporation)
ShellExecuteHooks: Pas de nom - {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - -> Pas de fichier
Startup: C:\Users\A.BELAKHDAR\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\alga.exe [2016-11-09] (Microsoft)
Startup: C:\Users\A.BELAKHDAR\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\MEGAsync.lnk [2017-01-28]
ShortcutTarget: MEGAsync.lnk -> C:\Users\A.BELAKHDAR\AppData\Local\MEGAsync\MEGAsync.exe (Mega Limited)
Startup: C:\Users\A.BELAKHDAR\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\alga.exe [2016-11-09] (Microsoft)
Startup: C:\Users\A.BELAKHDAR\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\MEGAsync.lnk [2017-01-28]
ShortcutTarget: MEGAsync.lnk -> C:\Users\A.BELAKHDAR\AppData\Local\MEGAsync\MEGAsync.exe (Mega Limited)
GroupPolicy: Restriction - Chrome <==== ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION
==================== Internet (Avec liste blanche) ====================
(Si un élément est inclus dans le fichier fixlist.txt, s'il s'agit d'un élément du Registre, il sera supprimé ou restauré à la valeur par défaut.)
Hosts: Il y a plus d'un élément dans hosts. Voir la section Hosts de Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{194D6942-57DE-49CB-9F1C-136708C5815D}: [DhcpNameServer] 192.168.1.254 192.168.1.254
Tcpip\..\Interfaces\{5A39ED76-1A10-4433-9A51-682CCF760F9C}: [DhcpNameServer] 192.168.8.1 192.168.8.1
Tcpip\..\Interfaces\{73AA0F16-0EBF-4C63-8749-A53B2CD2D90C}: [DhcpNameServer] 10.0.1.1
Tcpip\..\Interfaces\{8B7D6FFC-C57C-4F85-AD48-8CF41FFF1AD8}: [NameServer] 8.8.8.8,8.8.4.4
Tcpip\..\Interfaces\{8B7D6FFC-C57C-4F85-AD48-8CF41FFF1AD8}: [DhcpNameServer] 10.71.0.1
Tcpip\..\Interfaces\{9D44839A-809B-45E8-9EF1-687C6B922E27}: [DhcpNameServer] 192.168.8.1 192.168.8.1
Tcpip\..\Interfaces\{A16E23C0-89CE-46E5-B3C6-31250CE0FD8F}: [DhcpNameServer] 192.168.42.129
Tcpip\..\Interfaces\{DCD15794-FB75-4C14-AD71-F4BE24436880}: [NameServer] 8.8.8.8,4.4.4.4
Tcpip\..\Interfaces\{DCD15794-FB75-4C14-AD71-F4BE24436880}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{E41D62B3-22D0-4434-85C4-572E2653F71F}: [DhcpNameServer] 192.168.8.1 192.168.8.1
Internet Explorer:
==================
HKU\S-1-5-21-486766110-531225435-1456869208-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.ergative.com/
HKU\S-1-5-21-486766110-531225435-1456869208-1000\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxps://www.google.dz/search?hl=fr-DZ&source=hp&q=probleme+de+souris+pc&gbv=2&oq=probleme+de+sou&gs_l=heirloom-hp.1.2.0l10.235016.241037.0.248229.15.14.0.1.1.0.390.1811.2-4j2.6.0....0...1ac.1.34.heirloom-hp..8.7.1827.GdpcwXNZ8hM
hxxp://forum.zebulon.fr/comment-resoudre-mon-probleme-de-souris-t102255.html
hxxp://h10025.www1.hp.com/ewfrf/wc/document?cc=fr&lc=fr&dlc=fr&docname=c00575007
hxxp://support.microsoft.com/kb/838398/fr
hxxp://www.commentcamarche.net/forum/affich-4521229-probleme-de-souris-pour-un-pc-portable
HKU\S-1-5-21-486766110-531225435-1456869208-1001\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxps://www.google.dz/search?hl=fr-DZ&source=hp&q=probleme+de+souris+pc&gbv=2&oq=probleme+de+sou&gs_l=heirloom-hp.1.2.0l10.235016.241037.0.248229.15.14.0.1.1.0.390.1811.2-4j2.6.0....0...1ac.1.34.heirloom-hp..8.7.1827.GdpcwXNZ8hM
hxxp://forum.zebulon.fr/comment-resoudre-mon-probleme-de-souris-t102255.html
hxxp://h10025.www1.hp.com/ewfrf/wc/document?cc=fr&lc=fr&dlc=fr&docname=c00575007
hxxp://support.microsoft.com/kb/838398/fr
hxxp://www.commentcamarche.net/forum/affich-4521229-probleme-de-souris-pour-un-pc-portable
URLSearchHook: [S-1-5-21-486766110-531225435-1456869208-1001_classes] ATTENTION => URLSearchHook par défaut est absent
URLSearchHook: [S-1-5-21-486766110-531225435-1456869208-1005_classes] ATTENTION => URLSearchHook par défaut est absent
URLSearchHook: [S-1-5-82-3006700770-424185619-1745488364-794895919-4004696415_classes] ATTENTION => URLSearchHook par défaut est absent
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-486766110-531225435-1456869208-1000 -> DefaultScope {383D59D4-2767-4CC5-AED7-14792735EA38} URL = hxxps://www.google.com/search?q={searchTerms}
SearchScopes: HKU\S-1-5-21-486766110-531225435-1456869208-1000 -> {383D59D4-2767-4CC5-AED7-14792735EA38} URL = hxxps://www.google.com/search?q={searchTerms}
SearchScopes: HKU\S-1-5-21-486766110-531225435-1456869208-1001 -> {383D59D4-2767-4CC5-AED7-14792735EA38} URL = hxxps://www.google.com/search?q={searchTerms}
BHO: IDM integration (IDMIEHlprObj Class) -> {0055C089-8582-441B-A0BF-17B458C2A3A8} -> C:\Program Files\Internet Download Manager\IDMIECC.dll [2017-06-23] (Internet Download Manager, Tonec Inc.)
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2017-06-30] (AVAST Software)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO: Gaaiho PDF Conversion Toolbar Helper -> {C7DA0384-42AA-428c-B832-88AC343DE1A8} -> C:\Program Files\Nuance\PDF Professional 8\bin\GZeonIEFavClient.dll [2013-05-16] (Zeon Corporation)
Toolbar: HKLM - Nuance PDF - {BCCE15AE-AC7E-4bc9-94AF-2A714A412BCB} - C:\Program Files\Nuance\PDF Professional 8\bin\GZeonIEFavClient.dll [2013-05-16] (Zeon Corporation)
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_51-windows-i586.cab
DPF: {CAFEEFAC-0017-0000-0051-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_51-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_51-windows-i586.cab
FireFox:
========
FF DefaultProfile: aichabelakhdar2@gmail.com
FF ProfilePath: C:\Users\A.BELAKHDAR\AppData\Roaming\Mozilla\Firefox\Profiles\fd94oss2.default-1467670681343 [2017-07-04]
FF user.js: detected! => C:\Users\A.BELAKHDAR\AppData\Roaming\Mozilla\Firefox\Profiles\fd94oss2.default-1467670681343\user.js [2017-01-20]
FF Homepage: Mozilla\Firefox\Profiles\fd94oss2.default-1467670681343 -> hxxps://www.google.dz/
FF Session Restore: Mozilla\Firefox\Profiles\fd94oss2.default-1467670681343 -> est activé.
FF Extension: (IObit Surfing Protection & Ads Removal) - C:\Users\A.BELAKHDAR\AppData\Roaming\Mozilla\Firefox\Profiles\fd94oss2.default-1467670681343\Extensions\ascsurfingprotectionnew@iobit.com.xpi [2016-10-18]
FF Extension: (Ghostery) - C:\Users\A.BELAKHDAR\AppData\Roaming\Mozilla\Firefox\Profiles\fd94oss2.default-1467670681343\Extensions\firefox@ghostery.com.xpi [2017-06-09]
FF Extension: (MEGA) - C:\Users\A.BELAKHDAR\AppData\Roaming\Mozilla\Firefox\Profiles\fd94oss2.default-1467670681343\Extensions\firefox@mega.co.nz.xpi [2017-07-04]
FF Extension: (Dashlane) - C:\Users\A.BELAKHDAR\AppData\Roaming\Mozilla\Firefox\Profiles\fd94oss2.default-1467670681343\Extensions\jetpack-extension@dashlane.com.xpi [2017-06-01]
FF Extension: (OmniSidebar) - C:\Users\A.BELAKHDAR\AppData\Roaming\Mozilla\Firefox\Profiles\fd94oss2.default-1467670681343\Extensions\osb@quicksaver.xpi [2017-01-28]
FF Extension: (Avast SafePrice) - C:\Users\A.BELAKHDAR\AppData\Roaming\Mozilla\Firefox\Profiles\fd94oss2.default-1467670681343\Extensions\sp@avast.com.xpi [2017-06-01]
FF Extension: (Avast Online Security) - C:\Users\A.BELAKHDAR\AppData\Roaming\Mozilla\Firefox\Profiles\fd94oss2.default-1467670681343\Extensions\wrc@avast.com.xpi [2017-06-01]
FF Extension: (Flashblock) - C:\Users\A.BELAKHDAR\AppData\Roaming\Mozilla\Firefox\Profiles\fd94oss2.default-1467670681343\Extensions\{3d7eb24f-2740-49df-8937-200b1cc08f8a} [2017-01-28]
FF Extension: (NoScript) - C:\Users\A.BELAKHDAR\AppData\Roaming\Mozilla\Firefox\Profiles\fd94oss2.default-1467670681343\Extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi [2017-07-04]
FF Extension: (YouTube High Definition) - C:\Users\A.BELAKHDAR\AppData\Roaming\Mozilla\Firefox\Profiles\fd94oss2.default-1467670681343\Extensions\{7b1bf0b6-a1b9-42b0-b75d-252036438bdc}.xpi [2017-06-30]
FF Extension: (Adblock Plus) - C:\Users\A.BELAKHDAR\AppData\Roaming\Mozilla\Firefox\Profiles\fd94oss2.default-1467670681343\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2017-06-09]
FF HKU\S-1-5-21-486766110-531225435-1456869208-1000\...\Firefox\Extensions: [mozilla_cc3@internetdownloadmanager.com] - C:\Program Files\Internet Download Manager\idmmzcc3.xpi
FF Extension: (Pas de nom) - C:\Program Files\Internet Download Manager\idmmzcc3.xpi [2017-06-28]
FF HKU\S-1-5-21-486766110-531225435-1456869208-1000\...\SeaMonkey\Extensions: [mozilla_cc@internetdownloadmanager.com] - C:\Users\A.BELAKHDAR\AppData\Roaming\IDM\idmmzcc5
FF Extension: (IDM CC) - C:\Users\A.BELAKHDAR\AppData\Roaming\IDM\idmmzcc5 [2017-04-10] [non signé]
FF HKU\S-1-5-21-486766110-531225435-1456869208-1000\...\SeaMonkey\Extensions: [mozilla_cc2@internetdownloadmanager.com] - C:\Program Files\Internet Download Manager\idmmzcc2.xpi
FF Extension: (IDM integration) - C:\Program Files\Internet Download Manager\idmmzcc2.xpi [2017-01-26]
FF Plugin: @adobe.com/AuthorwarePlayer -> C:\Windows\system32\Macromed\AUTHORWA\np32asw.dll [2004-07-02] (Macromedia, Inc.)
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32_26_0_0_131.dll [2017-07-01] ()
FF Plugin: @adobe.com/ShockwavePlayer -> C:\Windows\system32\Adobe\Director\np32dsw_1229199.dll [2017-03-31] (Adobe Systems, Inc.)
FF Plugin: @microsoft.com/GENUINE -> disabled [Pas de fichier]
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.50901.0\npctrl.dll [2016-08-31] ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\Program Files\Microsoft Office\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation)
FF Plugin: @nitropdf.com/NitroPDF -> C:\Program Files\Nitro\Pro 8\npnitromozilla.dll [2013-03-25] (Nitro PDF)
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-07-01] (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-07-01] (Google Inc.)
FF Plugin: @videolan.org/vlc,version=2.0.7 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2017-05-24] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.1 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2017-05-24] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.2 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2017-05-24] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.3 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2017-05-24] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.5 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2017-05-24] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.2.0 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2017-05-24] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.2.1 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2017-05-24] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.2.2 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2017-05-24] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.2.3 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2017-05-24] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.2.4 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2017-05-24] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.2.6 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2017-05-24] (VideoLAN)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2017-04-05] (Adobe Systems Inc.)
FF Plugin: ZEON/PDF,version=2.0 -> C:\Program Files\Nuance\PDF Professional 8\bin\nppdf.dll [2013-05-24] (Zeon Corporation)
FF Plugin HKU\S-1-5-21-486766110-531225435-1456869208-1000: @talk.google.com/GoogleTalkPlugin -> C:\Users\A.BELAKHDAR\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll [2015-12-08] (Google)
FF Plugin HKU\S-1-5-21-486766110-531225435-1456869208-1000: @talk.google.com/O1DPlugin -> C:\Users\A.BELAKHDAR\AppData\Roaming\Mozilla\plugins\npo1d.dll [2015-12-08] (Google)
FF Plugin HKU\S-1-5-21-486766110-531225435-1456869208-1000: @tools.google.com/Google Update;version=3 -> C:\Users\A.BELAKHDAR\AppData\Local\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2016-12-17] (Google Inc.)
FF Plugin HKU\S-1-5-21-486766110-531225435-1456869208-1000: @tools.google.com/Google Update;version=9 -> C:\Users\A.BELAKHDAR\AppData\Local\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2016-12-17] (Google Inc.)
FF Plugin HKU\S-1-5-21-486766110-531225435-1456869208-1000: intel.com/AppUp -> C:\Program Files\Intel\IntelAppStore\bin\npAppUp.dll [2013-05-31] (Intel)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\CrazyTalk4Native.dll [2008-10-28] (C3D)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\ctdomemhelper.dll [2008-10-28] (Reallusion Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\ctframeplayerobject.dll [2008-10-28] (Reallusion Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\ctplayerobject.dll [2008-10-28] (Reallusion Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\imagickrt.dll [2008-10-28] (BEXTech)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\np-mswmp.dll [2007-04-10] (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\NPOFF12.DLL [2006-10-26] (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nppdf32.dll [2017-04-05] (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npRLCT4Player.dll [2008-10-28] ( )
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\rlcontentclass.dll [2008-10-28] (Reallusion Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\RLMusicPacker.dll [2008-10-28] ()
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\RLMusicUnpacker.dll [2008-10-28] ()
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\RLVoicePacker.dll [2008-10-28] ()
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\RLVoiceUnpacker.dll [2008-10-28] ()
FF Plugin ProgramFiles/Appdata: C:\Users\A.BELAKHDAR\AppData\Roaming\mozilla\plugins\npgoogletalk.dll [2015-12-08] (Google)
FF Plugin ProgramFiles/Appdata: C:\Users\A.BELAKHDAR\AppData\Roaming\mozilla\plugins\npo1d.dll [2015-12-08] (Google)
Chrome:
=======
CHR HomePage: Default -> hxxps://www.google.com/
CHR StartupUrls: Default -> "hxxp://internet-start.net/"
CHR Profile: C:\Users\A.BELAKHDAR\AppData\Local\Google\Chrome\User Data\Default [2017-07-04]
CHR Extension: (Google Slides) - C:\Users\A.BELAKHDAR\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-07-01]
CHR Extension: (Google Docs) - C:\Users\A.BELAKHDAR\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-07-01]
CHR Extension: (Google Drive) - C:\Users\A.BELAKHDAR\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2017-07-01]
CHR Extension: (YouTube) - C:\Users\A.BELAKHDAR\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2017-07-01]
CHR Extension: (Adblock Plus) - C:\Users\A.BELAKHDAR\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2017-07-02]
CHR Extension: (Сookies Control) - C:\Users\A.BELAKHDAR\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfkpefbllpconnkfpdgagkifmflckkdp [2017-07-04]
CHR Extension: (YouTube High Definition) - C:\Users\A.BELAKHDAR\AppData\Local\Google\Chrome\User Data\Default\Extensions\dokdlgjaaaijndfajoknjbelmadhomca [2017-07-04]
CHR Extension: (Dashlane - Gestionnaire de mots de passe sécurisé) - C:\Users\A.BELAKHDAR\AppData\Local\Google\Chrome\User Data\Default\Extensions\fdjamakpfbbddfjaooikfcpapjohcfmg [2017-07-01]
CHR Extension: (Google Sheets) - C:\Users\A.BELAKHDAR\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-07-01]
CHR Extension: (Google Docs hors connexion) - C:\Users\A.BELAKHDAR\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2017-07-01]
CHR Extension: (Avast Online Security) - C:\Users\A.BELAKHDAR\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2017-07-01]
CHR Extension: (IDM Integration Module) - C:\Users\A.BELAKHDAR\AppData\Local\Google\Chrome\User Data\Default\Extensions\ngpampappnmepgilojfohadhhmbhlaek [2017-07-01]
CHR Extension: (Paiements via le Chrome Web Store) - C:\Users\A.BELAKHDAR\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-07-01]
CHR Extension: (Gmail) - C:\Users\A.BELAKHDAR\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2017-07-01]
CHR Extension: (Chrome Media Router) - C:\Users\A.BELAKHDAR\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-07-02]
CHR HKLM\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChromeSp.crx
CHR HKLM\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx
CHR HKLM\...\Chrome\Extension: [ngpampappnmepgilojfohadhhmbhlaek] - C:\Program Files\Internet Download Manager\IDMGCExt.crx [2017-06-28]
Opera:
=======
OPR Extension: (IDM Integration Module) - C:\Users\A.BELAKHDAR\AppData\Roaming\Opera Software\Opera Stable\Extensions\ngpampappnmepgilojfohadhhmbhlaek [2017-06-30]
OPR Extension: (Adblock Plus) - C:\Users\A.BELAKHDAR\AppData\Roaming\Opera Software\Opera Stable\Extensions\oidhhegpmlfpoeialbgcdocjalghfpkp [2017-06-10]
==================== Services (Avec liste blanche) ====================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
R2 !SASCORE; C:\Program Files\SUPERAntiSpyware\SASCORE.EXE [143776 2017-01-31] (SUPERAntiSpyware.com)
R2 ABBYY.Licensing.FineReader.Corporate.12.0; C:\Program Files\Common Files\ABBYY\FineReader\12.00\Licensing\CE\NetworkLicenseServer.exe [964848 2015-11-30] (ABBYY Production LLC)
R3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\aswidsagent.exe [5815840 2017-06-30] (AVAST Software s.r.o.)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [263312 2017-06-30] (AVAST Software)
R2 avast! Firewall; C:\Program Files\AVAST Software\Avast\afwServ.exe [311592 2017-06-30] (AVAST Software)
R2 Backupper Service; C:\Program Files\AOMEI Backupper\ABService.exe [52856 2016-07-11] (AOMEI Tech Co., Ltd.)
S3 cphs; C:\Windows\system32\IntelCpHeciSvc.exe [280680 2015-06-04] (Intel Corporation)
S3 DellDigitalDelivery; C:\Program Files\Dell Digital Delivery\DeliveryService.exe [237448 2015-03-16] (Dell Products, LP.)
R2 DellUpdate; C:\Program Files\Dell Update\DellUpService.exe [210808 2015-02-10] (Dell Inc.)
R2 ExpressVpnService; C:\Program Files\ExpressVPN\bootstrap\x86\nssm.exe [294912 2017-04-25] () [Fichier non signé]
R2 hshld; C:\Program Files\Hotspot Shield\bin\cmw_srv.exe [2610808 2017-06-15] (AnchorFree Inc.)
R2 HuaweiHiSuiteService.exe; C:\Program Files\HiSuite\HandSetService\HuaweiHiSuiteService.exe [155848 2017-04-11] () [Fichier non signé]
S3 ICCS; C:\Program Files\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe [169752 2012-04-24] (Intel Corporation)
R2 MbaeSvc; C:\Program Files\Malwarebytes Anti-Exploit\mbae-svc.exe [155080 2017-05-05] (Malwarebytes Corporation)
R2 MBAMScheduler; C:\Program Files\Malwarebytes Anti-Malware\mbamscheduler.exe [1871160 2015-03-17] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe [1080120 2015-03-17] (Malwarebytes Corporation)
R2 Mobile Broadband HL Service; C:\ProgramData\MobileBrServ\mbbservice.exe [242256 2014-08-20] ()
S3 NitroDriverReadSpool8; C:\Program Files\Nitro\Pro 8\NitroPDFDriverService8.exe [196616 2013-03-25] (Nitro PDF Software)
S2 odoo-server-8.0; C:\Program Files\Odoo 8.0-20160130\service\win32_service.exe [23552 2016-01-29] () [Fichier non signé]
R2 PDFProFiltSrv; C:\Program Files\Nuance\PDF Professional 8\PDFProFiltSrv.exe [135496 2013-06-11] (Nuance Communications, Inc.)
S2 PostgreSQL_For_Odoo; C:\Program Files\Odoo 8.0-20160130\PostgreSQL\bin\pg_ctl.exe [76800 2014-07-22] (PostgreSQL Global Development Group) [Fichier non signé]
R2 SCPDFReadSpool; C:\Windows\Installer\MSID230.tmp [177784 2015-10-08] (Solid Documents, LLC) [Fichier non signé]
R2 ss_conn_service; C:\Program Files\SAMSUNG\USB Drivers\25_escape\conn\ss_conn_service.exe [743688 2014-10-13] (DEVGURU Co., LTD.)
S2 STacSV; C:\Program Files\IDT\WDM\STacSV.exe [303186 2012-08-09] (IDT, Inc.) [Fichier non signé]
R2 Themes; C:\Windows\system32\themeservice.dll [37376 2010-03-14] (Microsoft Corporation) [Fichier non signé]
S3 uSHAREitSvc; C:\Program Files\SHAREit Technologies\SHAREit\SHAREit.Service.exe [33224 2017-01-20] (SHAREit Technologies Co.Ltd)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [680960 2013-05-27] (Microsoft Corporation)
S3 rpcapd; "%ProgramFiles%\WinPcap\rpcapd.exe" -d -f "%ProgramFiles%\WinPcap\rpcapd.ini" [X]
===================== Pilotes (Avec liste blanche) ======================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
S3 AFTrafMgr1.2; C:\Program Files\Hotspot Shield\bin\TrafMgr_1_2_32.sys [49080 2017-05-08] (AnchorFree Inc.)
R0 ambakdrv; C:\Windows\System32\ambakdrv.sys [26968 2016-07-04] ()
R0 amdkmpfd; C:\Windows\System32\DRIVERS\amdkmpfd.sys [42720 2015-04-23] (Advanced Micro Devices, Inc.)
R2 ammntdrv; C:\Windows\system32\ammntdrv.sys [130264 2016-07-04] ()
R2 amwrtdrv; C:\Windows\system32\amwrtdrv.sys [14936 2016-07-04] ()
R1 aswbidsdriver; C:\Windows\system32\drivers\aswbidsdriverx.sys [266976 2017-06-30] (AVAST Software s.r.o.)
R0 aswbidsh; C:\Windows\system32\drivers\aswbidshx.sys [157384 2017-06-30] (AVAST Software s.r.o.)
R0 aswblog; C:\Windows\system32\drivers\aswblogx.sys [276704 2017-06-30] (AVAST Software s.r.o.)
R0 aswbuniv; C:\Windows\system32\drivers\aswbunivx.sys [50352 2017-06-30] (AVAST Software s.r.o.)
S3 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [42824 2017-06-30] (AVAST Software)
R1 aswKbd; C:\Windows\system32\drivers\aswKbd.sys [39752 2017-06-30] (AVAST Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [123896 2017-06-30] (AVAST Software)
R3 aswNetNd6; C:\Windows\System32\DRIVERS\aswNetNd6.sys [36104 2017-06-30] (AVAST Software)
R1 aswNetSec; C:\Windows\system32\drivers\aswNetSec.sys [408048 2017-06-30] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [99536 2017-06-30] (AVAST Software)
R0 aswRvrt; C:\Windows\system32\drivers\aswRvrt.sys [70840 2017-06-30] (AVAST Software)
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [774288 2017-06-30] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [496976 2017-06-30] (AVAST Software)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [147688 2017-06-30] (AVAST Software)
S3 aswTap; C:\Windows\System32\DRIVERS\aswTap.sys [38984 2014-07-15] (The OpenVPN Project)
R0 aswVmm; C:\Windows\system32\drivers\aswVmm.sys [296312 2017-06-30] (AVAST Software)
S3 bcbtums; C:\Windows\System32\drivers\bcbtums.sys [176856 2016-01-26] (Broadcom Corporation.)
R3 Btcsrusb; C:\Windows\System32\Drivers\btcusb.sys [47504 2017-01-20] (IVT Corporation.)
S3 btwampfl; C:\Windows\System32\DRIVERS\btwampfl.sys [510168 2016-01-26] (Broadcom Corporation.)
S3 dg_ssudbus; C:\Windows\System32\DRIVERS\ssudbus.sys [109184 2016-09-05] (Samsung Electronics Co., Ltd.)
R1 ESProtectionDriver; C:\Program Files\Malwarebytes Anti-Exploit\mbae.sys [59904 2017-05-05] ()
R1 HWiNFO32; C:\Windows\system32\drivers\HWiNFO32.SYS [23840 2017-01-20] (REALiX(tm))
R0 iaStorA; C:\Windows\System32\DRIVERS\iaStorA.sys [503048 2015-05-29] (Intel Corporation)
R0 iaStorF; C:\Windows\System32\DRIVERS\iaStorF.sys [27376 2015-05-29] (Intel Corporation)
R3 int0800; C:\Windows\System32\DRIVERS\flashud.sys [42496 2009-09-09] (Intel Corporation)
S3 intelkmd; C:\Windows\System32\DRIVERS\igdpmd32.sys [10843136 2011-08-09] (Intel Corporation) [Fichier non signé]
R0 iusb3hcs; C:\Windows\System32\DRIVERS\iusb3hcs.sys [16440 2012-12-04] (Intel Corporation)
R1 mbamchameleon; C:\Windows\system32\drivers\mbamchameleon.sys [126336 2016-03-10] (Malwarebytes)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [24448 2016-03-10] (Malwarebytes)
R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [119512 2017-07-04] (Malwarebytes Corporation)
S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [53120 2016-03-10] (Malwarebytes Corporation)
R3 MEI; C:\Windows\System32\DRIVERS\TeeDriver.sys [157752 2016-03-29] (Intel Corporation)
S3 netr28u; C:\Windows\System32\DRIVERS\netr28u.sys [1731416 2016-05-12] (MediaTek Inc.)
R2 NEWDRIVER; C:\Windows\system32\WinVDEdrv6.sys [188176 2014-02-22] ()
S3 NPF; C:\Windows\System32\drivers\npf.sys [35088 2010-06-25] (CACE Technologies, Inc.)
S3 RTL8192cu; C:\Windows\System32\DRIVERS\RTL8192cu.sys [801896 2012-11-01] (Realtek Semiconductor Corporation )
R3 RTSUER; C:\Windows\System32\Drivers\RtsUer.sys [304344 2017-01-20] (Realsil Semiconductor Corporation)
R1 SASDIFSV; C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS [12880 2011-07-22] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
R1 SASKUTIL; C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS [67664 2011-07-12] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
S0 sfdrv01; C:\Windows\System32\drivers\sfdrv01.sys [50688 2005-08-10] (Protection Technology) [Fichier non signé]
R0 sfhlp02; C:\Windows\System32\drivers\sfhlp02.sys [6656 2005-05-16] (Protection Technology) [Fichier non signé]
S0 sfvfs02; C:\Windows\System32\drivers\sfvfs02.sys [63488 2005-11-03] (Protection Technology) [Fichier non signé]
S3 SmbDrvI; C:\Windows\System32\DRIVERS\Smb_driver_Intel.sys [38200 2013-01-23] (Synaptics Incorporated)
R0 sptd; C:\Windows\System32\Drivers\sptd.sys [691696 2013-04-30] () [Fichier non signé]
S3 ssudmdm; C:\Windows\System32\DRIVERS\ssudmdm.sys [147072 2016-09-05] (Samsung Electronics Co., Ltd.)
S3 STHDA; C:\Windows\System32\DRIVERS\stwrt.sys [450560 2012-08-09] (IDT, Inc.) [Fichier non signé]
S3 tapexpressvpn; C:\Windows\System32\DRIVERS\tapexpressvpn.sys [32112 2017-04-25] (The OpenVPN Project)
S3 taphss; C:\Windows\System32\DRIVERS\taphss.sys [33512 2012-07-24] (AnchorFree Inc)
R3 taphss6; C:\Windows\System32\DRIVERS\taphss6.sys [36944 2017-02-22] (Anchorfree Inc.)
R1 WinFLAdrv; C:\Windows\System32\WinFLAdrv.sys [29184 2014-02-22] ()
==================== NetSvcs (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
==================== Un mois - Créés - fichiers et dossiers ========
(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)
2017-07-04 23:07 - 2017-07-04 23:08 - 00089023 _____ C:\Users\A.BELAKHDAR\Desktop\Addition.txt
2017-07-04 23:04 - 2017-07-04 23:08 - 00032038 _____ C:\Users\A.BELAKHDAR\Desktop\FRST.txt
2017-07-04 23:04 - 2017-07-04 23:08 - 00000000 ____D C:\FRST
2017-07-04 23:04 - 2017-07-04 23:04 - 00000000 ____D C:\ProgramData\SWCUTemp
2017-07-04 22:50 - 2017-07-04 22:50 - 00000377 _____ C:\Users\A.BELAKHDAR\Downloads\Key SUPERAntiSpyware.rar
2017-07-04 22:50 - 2017-07-04 22:50 - 00000000 ____D C:\Users\A.BELAKHDAR\Downloads\Key SUPERAntiSpyware
2017-07-04 22:16 - 2017-07-04 22:16 - 00000000 ____D C:\SUPERDelete
2017-07-04 22:08 - 2017-07-04 22:24 - 00000522 _____ C:\Windows\Tasks\SUPERAntiSpyware Scheduled Task c43242d9-9062-4b37-acf7-3713e179c70b.job
2017-07-04 22:08 - 2017-07-04 22:24 - 00000522 _____ C:\Windows\Tasks\SUPERAntiSpyware Scheduled Task 89db4665-e5a3-431a-b7e6-b60112c277ce.job
2017-07-04 22:08 - 2017-07-04 22:08 - 00000000 ____D C:\Users\A.BELAKHDAR\AppData\Roaming\SUPERAntiSpyware.com
2017-07-04 22:07 - 2017-07-04 22:52 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SUPERAntiSpyware
2017-07-04 22:07 - 2017-07-04 22:08 - 00000000 ____D C:\Program Files\SUPERAntiSpyware
2017-07-04 22:07 - 2017-07-04 22:07 - 00001941 _____ C:\Users\Public\Desktop\SUPERAntiSpyware Professional.lnk
2017-07-04 22:07 - 2017-07-04 22:07 - 00000000 ____D C:\ProgramData\SUPERAntiSpyware.com
2017-07-04 21:53 - 2017-07-04 21:53 - 00000000 ____D C:\ProgramData\Micro Application
2017-07-04 21:53 - 2017-07-04 21:53 - 00000000 ____D C:\ProgramData\Acronis
2017-07-04 20:45 - 2017-07-04 20:45 - 01782272 _____ (Farbar) C:\Users\A.BELAKHDAR\Desktop\FRST.exe
2017-07-04 18:57 - 2017-07-04 18:57 - 00000000 ____D C:\Users\A.BELAKHDAR\AppData\Roaming\DRPSu
2017-07-04 18:06 - 2017-07-04 18:55 - 00000000 ____D C:\Program Files\GridinSoft Trojan Killer
2017-07-04 18:06 - 2017-07-04 18:06 - 00000000 ____D C:\ProgramData\GridinSoft
2017-07-04 16:34 - 2017-07-04 22:23 - 00000000 ____D C:\Program Files\Zemana AntiMalware
2017-07-04 16:34 - 2017-07-04 22:22 - 00106026 _____ C:\Windows\ZAM_Guard.krnl.trace
2017-07-04 16:34 - 2017-07-04 18:54 - 00083782 _____ C:\Windows\ZAM.krnl.trace
2017-07-04 16:33 - 2017-07-04 16:33 - 00000000 ____D C:\Users\A.BELAKHDAR\AppData\Local\Zemana
2017-07-04 07:38 - 2017-07-04 07:38 - 00013285 _____ C:\Users\A.BELAKHDAR\Desktop\SpeedTestResults-20170704.txt
2017-07-03 23:33 - 2017-07-03 23:33 - 00000023 _____ C:\Users\A.BELAKHDAR\Downloads\activationcodeMrTornado.txt
2017-07-03 23:33 - 2017-07-03 23:33 - 00000000 ____D C:\Users\A.BELAKHDAR\Downloads\ExpressVPN 6.2.1 + Serial
2017-07-03 23:32 - 2017-07-03 23:32 - 18280788 _____ C:\Users\A.BELAKHDAR\Downloads\ExpressVPN 6.2.1 + Serial.rar
2017-07-03 23:31 - 2017-07-03 23:31 - 00000211 _____ C:\Users\A.BELAKHDAR\Downloads\serial number (2).rar
2017-07-03 23:25 - 2017-07-03 23:25 - 00000000 ____D C:\Users\A.BELAKHDAR\Downloads\serial number
2017-07-03 23:24 - 2017-07-03 23:24 - 00000211 _____ C:\Users\A.BELAKHDAR\Downloads\serial number (1).rar
2017-07-03 22:43 - 2017-07-03 22:44 - 00000211 _____ C:\Users\A.BELAKHDAR\Downloads\serial number.rar
2017-07-03 19:16 - 2017-07-03 19:16 - 00000000 ____D C:\ProgramData\MapControl
2017-07-03 19:13 - 2017-07-03 19:27 - 00000000 ____D C:\Users\A.BELAKHDAR\AppData\Roaming\IPVanish VPN
2017-07-03 19:09 - 2017-07-03 19:09 - 00000000 ____D C:\Users\A.BELAKHDAR\AppData\Local\IPVanish
2017-07-03 19:00 - 2017-07-04 18:55 - 00000000 ____D C:\Program Files\IPVanish
2017-07-03 18:37 - 2017-07-03 18:45 - 14934511 _____ C:\Users\A.BELAKHDAR\Downloads\ExpressVPN Best Android VPN_v6.4.0_apkpure.com (1).apk
2017-07-03 18:32 - 2017-07-03 18:38 - 14934511 _____ C:\Users\A.BELAKHDAR\Downloads\ExpressVPN Best Android VPN_v6.4.0_apkpure.com.apk
2017-07-03 18:25 - 2017-07-03 18:25 - 00001185 _____ C:\Users\A.BELAKHDAR\Downloads\Express_VPN_2017_Final___Crack.xht
2017-07-03 17:27 - 2017-07-03 17:27 - 00001177 _____ C:\Users\A.BELAKHDAR\Downloads\Express_vpn_activation_code___Express_vpn_serial_key_2017_to_2018.xht
2017-07-03 08:22 - 2017-07-03 08:22 - 00000050 _____ C:\Users\A.BELAKHDAR\Downloads\Aktivasi.txt
2017-07-03 07:42 - 2017-07-03 07:43 - 00001921 _____ C:\Users\Public\Desktop\ExpressVPN.lnk
2017-07-03 07:42 - 2017-07-03 07:42 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ExpressVPN
2017-07-03 07:42 - 2017-07-03 07:42 - 00000000 ____D C:\ProgramData\ExpressVPN
2017-07-03 07:42 - 2017-07-03 07:42 - 00000000 ____D C:\Program Files\ExpressVpn Tap Driver
2017-07-03 07:42 - 2017-07-03 07:42 - 00000000 ____D C:\Program Files\ExpressVPN
2017-07-02 23:13 - 2017-07-02 23:13 - 00425112 _____ C:\Windows\system32\FNTCACHE.DAT
2017-07-02 20:57 - 2017-07-02 20:57 - 00000978 _____ C:\Users\Public\Desktop\Hotspot Shield.lnk
2017-07-02 20:57 - 2017-07-02 20:57 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Hotspot Shield
2017-07-02 20:46 - 2017-07-02 20:58 - 00000000 ____D C:\ProgramData\Hotspot Shield
2017-07-02 20:46 - 2017-07-02 20:57 - 00000000 ____D C:\Program Files\Hotspot Shield
2017-07-02 20:46 - 2017-07-02 20:46 - 00119032 _____ C:\Users\A.BELAKHDAR\AppData\Local\GDIPFONTCACHEV1.DAT
2017-07-02 04:06 - 2017-07-02 04:06 - 00001833 _____ C:\Users\A.BELAKHDAR\Desktop\License Avast Vpn 8.avastvpn
2017-07-02 03:05 - 2017-07-02 03:05 - 00000568 _____ C:\Windows\system32\SoftwareCache.ini
2017-07-01 22:14 - 2017-07-01 23:59 - 00002105 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2017-07-01 22:14 - 2017-07-01 23:59 - 00002093 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2017-07-01 18:59 - 2017-07-02 20:59 - 00803328 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
2017-07-01 18:59 - 2017-07-02 20:59 - 00144896 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl
2017-07-01 14:56 - 2017-07-01 14:56 - 00000000 ____D C:\ProgramData\Apple Computer
2017-07-01 11:10 - 2017-07-02 23:34 - 00000000 ____D C:\Users\A.BELAKHDAR\Desktop\tv
2017-07-01 10:35 - 2017-07-01 10:35 - 00000000 ____D C:\Users\A.BELAKHDAR\AppData\Roaming\livestreamer
2017-07-01 10:33 - 2017-07-01 11:04 - 00000000 ____D C:\Users\A.BELAKHDAR\AppData\Roaming\tor
2017-07-01 10:31 - 2017-07-01 21:38 - 00000000 ____D C:\Users\A.BELAKHDAR\Downloads\Compressed\Documents\ZedTV
2017-07-01 10:31 - 2017-07-01 21:38 - 00000000 ____D C:\Program Files\ZedTV
2017-06-30 21:59 - 2017-06-30 21:58 - 00303280 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2017-06-30 21:58 - 2017-06-30 21:58 - 00036104 _____ (AVAST Software) C:\Windows\system32\Drivers\aswNetNd6.sys
2017-06-30 18:49 - 2017-06-30 19:59 - 00000000 ____D C:\Users\A.BELAKHDAR\AppData\Local\ExpressVPN
2017-06-30 18:44 - 2017-06-30 18:44 - 00000125 _____ C:\Users\A.BELAKHDAR\Desktop\serial number.txt
2017-06-30 18:19 - 2017-07-04 22:16 - 00000000 ____D C:\Program Files\Mozilla Firefox
2017-06-29 19:54 - 2017-06-29 19:54 - 00000000 ____D C:\Users\A.BELAKHDAR\AppData\Local\Smart PC Soft
2017-06-28 16:23 - 2017-06-08 17:15 - 00148104 _____ (Tonec Inc.) C:\Windows\system32\Drivers\idmwfp.sys
2017-06-27 09:50 - 2017-06-27 09:51 - 06122632 _____ C:\Users\A.BELAKHDAR\Desktop\acmarket.apk
2017-06-25 22:20 - 2017-06-25 22:20 - 00000913 _____ C:\Users\Public\Desktop\HiSuite.lnk
2017-06-25 22:20 - 2017-06-25 22:20 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HiSuite
2017-06-25 22:20 - 2017-04-11 03:17 - 00249856 _____ (Huawei Technologies Co., Ltd.) C:\Windows\system32\Drivers\hw_quusbnet.sys
2017-06-25 22:20 - 2017-04-11 03:17 - 00199680 _____ (Huawei Technologies Co., Ltd.) C:\Windows\system32\Drivers\hw_quusbmdm.sys
2017-06-25 22:20 - 2017-04-11 03:17 - 00113792 _____ (Huawei Technologies Co., Ltd.) C:\Windows\system32\Drivers\hw_cdcacm.sys
2017-06-25 22:20 - 2017-04-11 03:17 - 00102272 _____ (Huawei Technologies Co., Ltd.) C:\Windows\system32\Drivers\hw_usbdev.sys
2017-06-25 22:20 - 2017-04-11 03:17 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbser.sys
2017-06-25 22:20 - 2017-04-11 03:17 - 00015360 _____ (Huawei Technologies Co., Ltd.) C:\Windows\system32\Drivers\ew_usbccgpfilter.sys
2017-06-25 22:19 - 2017-06-25 22:20 - 00000000 ____D C:\Program Files\HiSuite
==================== Un mois - Modifiés - fichiers et dossiers ========
(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)
2017-07-04 22:48 - 2015-07-03 12:03 - 00000000 ____D C:\Users\A.BELAKHDAR\AppData\Roaming\IDM
2017-07-04 22:39 - 2009-07-14 05:34 - 00025632 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2017-07-04 22:39 - 2009-07-14 05:34 - 00025632 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2017-07-04 22:33 - 2015-12-25 17:35 - 00000000 ____D C:\Users\A.BELAKHDAR\AppData\Local\CrashDumps
2017-07-04 22:31 - 2014-04-25 16:23 - 00119512 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2017-07-04 22:24 - 2017-01-20 07:38 - 00000000 ____D C:\Program Files\AOMEI Backupper
2017-07-04 22:24 - 2009-07-14 05:53 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2017-07-04 22:23 - 2009-07-14 03:37 - 00000000 ____D C:\Windows\inf
2017-07-04 22:22 - 2013-05-02 04:24 - 00000000 ____D C:\Users\A.BELAKHDAR\AppData\Roaming\DMCache
2017-07-04 21:56 - 2015-01-23 21:10 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Micro Application
2017-07-04 21:56 - 2015-01-23 21:08 - 00000000 ____D C:\Program Files\Micro Application
2017-07-04 21:49 - 2017-01-20 09:23 - 00000000 ____D C:\Program Files\IObit
2017-07-04 21:16 - 2017-06-01 23:49 - 00000000 ____D C:\AdwCleaner
2017-07-04 20:39 - 2016-11-17 10:39 - 00000000 ____D C:\Users\A.BELAKHDAR\AppData\LocalLow\Mozilla
2017-07-04 18:57 - 2016-02-12 21:44 - 00000000 ____D C:\Users\A.BELAKHDAR\AppData\Roaming\DriverPack Easy Search
2017-07-04 18:55 - 2017-01-20 09:23 - 00000000 ____D C:\Users\A.BELAKHDAR\AppData\Roaming\IObit
2017-07-04 18:54 - 2013-05-02 19:08 - 00000000 ____D C:\ProgramData\Zbshareware Lab
2017-07-04 18:45 - 2016-11-17 13:37 - 00000000 ____D C:\Program Files\CCleaner
2017-07-04 17:48 - 2015-11-12 05:16 - 00000000 ____D C:\ProgramData\Malwarebytes Anti-Exploit
2017-07-04 17:35 - 2017-01-20 09:24 - 00000000 ____D C:\Users\A.BELAKHDAR\AppData\LocalLow\IObit
2017-07-04 16:44 - 2016-01-03 22:49 - 00000000 ____D C:\Users\A.BELAKHDAR\Desktop\Contact - ComRed_fichiers
2017-07-04 16:24 - 2016-02-15 10:10 - 00000592 __RSH C:\ProgramData\ntuser.pol
2017-07-04 16:24 - 2016-02-15 10:10 - 00000290 __RSH C:\Users\A.BELAKHDAR\ntuser.pol
2017-07-04 16:24 - 2013-04-30 18:55 - 00000000 ____D C:\Users\A.BELAKHDAR
2017-07-04 00:35 - 2009-07-14 03:37 - 00000000 ____D C:\Windows\system32\NDF
2017-07-03 23:30 - 2013-04-30 20:47 - 00000000 ____D C:\Users\A.BELAKHDAR\AppData\Roaming\vlc
2017-07-03 07:42 - 2016-01-22 09:13 - 00000000 ____D C:\ProgramData\Package Cache
2017-07-03 07:03 - 2013-04-30 19:01 - 00983500 _____ C:\Windows\system32\PerfStringBackup.INI
2017-07-03 07:03 - 2009-07-14 09:36 - 00812112 _____ C:\Windows\system32\perfh00C.dat
2017-07-03 07:03 - 2009-07-14 09:36 - 00174064 _____ C:\Windows\system32\perfc00C.dat
2017-07-02 20:59 - 2013-04-30 19:54 - 00000000 ____D C:\Users\A.BELAKHDAR\AppData\Local\Adobe
2017-07-02 20:59 - 2013-04-30 18:52 - 00000000 ____D C:\Windows\system32\Macromed
2017-07-02 01:29 - 2017-01-20 07:42 - 00000000 ____D C:\Program Files\Opera
2017-07-01 22:14 - 2013-05-03 03:31 - 00000000 ____D C:\Program Files\Google
2017-07-01 14:59 - 2013-10-12 20:20 - 00000000 ____D C:\Users\A.BELAKHDAR\AppData\Local\Apple Computer
2017-07-01 14:58 - 2013-10-12 20:20 - 00000000 ____D C:\Users\A.BELAKHDAR\AppData\Roaming\Apple Computer
2017-06-30 22:18 - 2016-02-13 07:44 - 00000000 ____D C:\Program Files\Mozilla Maintenance Service
2017-06-30 22:18 - 2015-07-03 12:03 - 00000000 ____D C:\Program Files\Internet Download Manager
2017-06-30 22:00 - 2016-08-21 08:43 - 00000000 _____ C:\Windows\system32\last.dump
2017-06-30 22:00 - 2016-06-07 23:46 - 00296312 _____ (AVAST Software) C:\Windows\system32\Drivers\aswvmm.sys
2017-06-30 21:59 - 2016-06-07 23:46 - 00496976 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys
2017-06-30 21:59 - 2016-06-07 23:46 - 00147688 _____ (AVAST Software) C:\Windows\system32\Drivers\aswStm.sys
2017-06-30 21:59 - 2016-06-07 23:46 - 00123896 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2017-06-30 21:59 - 2016-06-07 23:46 - 00099536 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2017-06-30 21:59 - 2016-06-07 23:46 - 00070840 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRvrt.sys
2017-06-30 21:59 - 2016-06-07 23:46 - 00042824 _____ (AVAST Software) C:\Windows\system32\Drivers\aswHwid.sys
2017-06-30 21:58 - 2017-03-18 19:21 - 00276704 _____ (AVAST Software s.r.o.) C:\Windows\system32\Drivers\aswblogx.sys
2017-06-30 21:58 - 2017-03-18 19:21 - 00266976 _____ (AVAST Software s.r.o.) C:\Windows\system32\Drivers\aswbidsdriverx.sys
2017-06-30 21:58 - 2017-03-18 19:21 - 00157384 _____ (AVAST Software s.r.o.) C:\Windows\system32\Drivers\aswbidshx.sys
2017-06-30 21:58 - 2017-03-18 19:21 - 00050352 _____ (AVAST Software s.r.o.) C:\Windows\system32\Drivers\aswbunivx.sys
2017-06-30 21:58 - 2016-06-08 00:10 - 00039752 _____ (AVAST Software) C:\Windows\system32\Drivers\aswKbd.sys
2017-06-30 21:58 - 2016-06-07 23:46 - 00774288 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys
2017-06-30 21:58 - 2016-06-07 23:46 - 00408048 _____ (AVAST Software) C:\Windows\system32\Drivers\aswNetSec.sys
2017-06-30 20:08 - 2013-05-03 05:03 - 00000000 ____D C:\Program Files\Common Files\Adobe AIR
2017-06-30 19:47 - 2017-01-20 09:23 - 00000000 ____D C:\ProgramData\IObit
2017-06-30 18:16 - 2017-01-20 09:25 - 00000000 ____D C:\ProgramData\ProductData
2017-06-29 12:54 - 2014-05-12 07:28 - 00000000 ____D C:\Users\A.BELAKHDAR\AppData\Local\ElevatedDiagnostics
2017-06-29 12:15 - 2009-07-14 05:52 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2017-06-25 22:23 - 2017-05-18 18:32 - 00000000 ____D C:\Users\A.BELAKHDAR\AppData\Local\Hisuite
2017-06-23 18:19 - 2017-01-28 09:20 - 00000000 ____D C:\Users\A.BELAKHDAR\AppData\Local\MEGAsync
==================== Fichiers à la racine de certains dossiers =======
2016-02-15 18:16 - 2007-03-30 14:43 - 0000036 _____ () C:\Program Files\Bin.cab
2016-02-14 13:03 - 2006-03-02 02:09 - 0638922 _____ () C:\Program Files\CmnSupt.cab
2016-02-14 13:03 - 2004-03-25 01:10 - 0286720 _____ (Creative Technology Ltd.) C:\Program Files\CTCabEx.DLL
2016-02-14 13:03 - 2004-10-01 01:08 - 0061440 _____ (Creative Technology Ltd.) C:\Program Files\CTUIXtra.dll
2016-02-06 17:57 - 2007-04-27 11:38 - 1105714 _____ () C:\Program Files\data1.cab
2016-02-06 17:57 - 2007-04-27 11:38 - 0017559 _____ () C:\Program Files\data1.hdr
2016-02-06 17:57 - 2007-04-27 11:38 - 0169798 _____ () C:\Program Files\data2.cab
2016-02-06 17:57 - 2011-06-27 13:43 - 0000295 _____ () C:\Program Files\Desc.xml
2016-02-14 13:03 - 2007-07-30 09:22 - 0000060 _____ () C:\Program Files\DISK.ID
2016-02-15 18:16 - 2007-04-27 11:42 - 0000036 _____ () C:\Program Files\Eng.cab
2016-02-14 13:03 - 2003-12-02 09:31 - 0459544 _____ () C:\Program Files\engine32.cab
2015-11-23 20:26 - 2010-03-24 16:46 - 5464064 _____ () C:\Program Files\iCom.mdb
2016-02-06 17:57 - 2007-04-27 11:38 - 0000555 _____ () C:\Program Files\layout.bin
2015-11-23 20:26 - 2010-03-24 17:12 - 6918144 _____ () C:\Program Files\Pharma.mdb
2016-02-06 17:57 - 2011-05-27 11:05 - 0921656 _____ () C:\Program Files\setup.bmp
2016-02-14 13:03 - 2003-11-10 19:55 - 0116880 _____ (InstallShield Software Corporation) C:\Program Files\setup.exe
2016-02-14 13:03 - 2007-04-27 11:38 - 0435969 _____ () C:\Program Files\setup.ibt
2016-02-14 13:03 - 2007-04-27 11:38 - 0000625 _____ () C:\Program Files\setup.ini
2016-02-06 17:57 - 2007-07-20 15:42 - 0216631 _____ () C:\Program Files\setup.inx
2016-02-14 13:03 - 2005-11-29 11:58 - 0000310 _____ () C:\Program Files\Setup.iss
2016-02-14 13:03 - 2002-10-23 17:32 - 0243858 _____ () C:\Program Files\setup.skin
2016-02-14 13:03 - 2007-03-29 19:47 - 0004196 _____ () C:\Program Files\Support.cab
2016-02-14 13:03 - 2007-08-22 01:38 - 0000789 _____ () C:\Program Files\Version.txt
2013-04-30 18:57 - 2010-04-12 14:11 - 0003639 _____ () C:\Users\A.BELAKHDAR\AppData\Roaming\GTShell.ini
2017-01-20 20:26 - 2017-01-20 20:26 - 0000078 _____ () C:\Users\A.BELAKHDAR\AppData\Roaming\JO.dat
2014-03-26 12:39 - 2013-04-10 07:56 - 0421200 _____ (Microsoft Corporation) C:\Users\A.BELAKHDAR\AppData\Roaming\msvcp100.dll
2014-03-26 12:39 - 2013-04-10 07:56 - 0770384 _____ (Microsoft Corporation) C:\Users\A.BELAKHDAR\AppData\Roaming\msvcr100.dll
2014-03-26 12:39 - 2014-03-19 06:04 - 1791600 _____ (Mozilla Foundation) C:\Users\A.BELAKHDAR\AppData\Roaming\nss3.dll
2013-05-02 18:45 - 2013-05-02 18:46 - 0000010 _____ () C:\Users\A.BELAKHDAR\AppData\Roaming\pdfdrawcodec.dll
2014-05-14 14:15 - 2014-05-14 14:15 - 0008194 _____ () C:\Users\A.BELAKHDAR\AppData\Local\ace12
2013-05-04 07:13 - 2013-05-21 08:13 - 0016384 _____ () C:\Users\A.BELAKHDAR\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2014-08-14 21:06 - 2014-08-14 21:06 - 0000099 _____ () C:\Users\A.BELAKHDAR\AppData\Local\fusioncache.dat
2014-03-23 05:36 - 2014-03-23 05:36 - 0000036 _____ () C:\Users\A.BELAKHDAR\AppData\Local\housecall.guid.cache
2013-11-09 16:51 - 2014-08-17 11:10 - 0007605 _____ () C:\Users\A.BELAKHDAR\AppData\Local\Resmon.ResmonCfg
2014-02-22 04:12 - 2014-02-28 17:46 - 0000700 ___SH () C:\Users\A.BELAKHDAR\AppData\Local\systemFL7.dat
2014-02-28 17:44 - 2014-02-28 17:45 - 0000520 ___SH () C:\Users\A.BELAKHDAR\AppData\Local\win_fldb_sys.dat
2014-02-22 04:09 - 2014-02-28 17:46 - 0003465 ___SH () C:\Users\A.BELAKHDAR\AppData\Local\win_stlthdb_sys.dat
2016-02-20 14:55 - 2016-02-20 14:55 - 0000106 _____ () C:\ProgramData\CameraRecorder.ini
Fichiers à déplacer ou supprimer:
====================
C:\Windows\Tasks\{88BCCB35-4196-4C8E-BCBC-E86BBB63E9A0}.job
C:\Windows\Tasks\{97C5EFDC-CE32-4376-84C3-FA591C6E885A}.job
C:\Windows\Tasks\{A459C6E7-766B-4D49-8F0E-175FC7C10121}.job
C:\Windows\Tasks\{E97FD650-7D85-4203-AF03-472E94262208}.job
C:\Windows\Tasks\{FBFA4762-A5FD-4AF6-974A-837BE77110A0}.job
==================== Bamital & volsnap ======================
(Il n'y a pas de correction automatique pour les fichiers qui ne satisfont pas à la vérification.)
C:\Windows\explorer.exe => Le fichier est signé numériquement
C:\Windows\system32\winlogon.exe => Le fichier est signé numériquement
C:\Windows\system32\wininit.exe => Le fichier est signé numériquement
C:\Windows\system32\svchost.exe => Le fichier est signé numériquement
C:\Windows\system32\services.exe => Le fichier est signé numériquement
C:\Windows\system32\User32.dll => Le fichier est signé numériquement
C:\Windows\system32\userinit.exe => Le fichier est signé numériquement
C:\Windows\system32\rpcss.dll => Le fichier est signé numériquement
C:\Windows\system32\dnsapi.dll => Le fichier est signé numériquement
C:\Windows\system32\Drivers\volsnap.sys => Le fichier est signé numériquement
LastRegBack: 2017-06-24 13:28
==================== Fin de FRST.txt ============================
Exécuté par A.BELAKHDAR (administrateur) sur NOUR (04-07-2017 23:08:32)
Exécuté depuis C:\Users\A.BELAKHDAR\Desktop
Profils chargés: A.BELAKHDAR & fbwuser & openpgsvc & DefaultAppPool (Profils disponibles: A.BELAKHDAR & fbwuser & openpgsvc & DefaultAppPool)
Platform: Microsoft Windows 7 Professionnel Service Pack 1 (X86) Langue: Français (France)
Internet Explorer Version 11 (Navigateur par défaut: Chrome)
Mode d'amorçage: Normal
Tutoriel pour Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processus (Avec liste blanche) =================
(Si un élément est inclus dans le fichier fixlist.txt, le processus sera arrêté. Le fichier ne sera pas déplacé.)
==================== Registre (Avec liste blanche) ====================
(Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé. Le fichier ne sera pas déplacé.)
HKLM\...\Run: [Antirun] => C:\Program Files\Antirun\antirun.exe [2521600 2014-02-06] ()
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [213832 2017-06-30] (AVAST Software)
HKLM\...\Run: [Bonus.SSR.FR12] => C:\Program Files\ABBYY FineReader 12\Bonus.ScreenshotReader.exe [1527960 2016-01-20] (ABBYY Production LLC.)
HKLM\...\Run: [Malwarebytes Anti-Exploit] => C:\Program Files\Malwarebytes Anti-Exploit\mbae.exe [2650576 2017-05-05] (Malwarebytes Corporation)
HKLM\...\Run: [ABNotify] => C:\Program Files\AOMEI Backupper\ABNotify.exe [77432 2016-07-11] ()
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKU\S-1-5-21-486766110-531225435-1456869208-1000\...\Run: [Dashlane] => C:\Users\A.BELAKHDAR\AppData\Roaming\Dashlane\Dashlane.exe [486352 2017-02-27] (Dashlane, Inc.)
HKU\S-1-5-21-486766110-531225435-1456869208-1000\...\Run: [DashlanePlugin] => C:\Users\A.BELAKHDAR\AppData\Roaming\Dashlane\DashlanePlugin.exe [544208 2017-02-27] ()
HKU\S-1-5-21-486766110-531225435-1456869208-1000\...\Run: [IDMan] => C:\Program Files\Internet Download Manager\IDMan.exe [4019312 2017-06-28] (Tonec Inc.)
HKU\S-1-5-21-486766110-531225435-1456869208-1000\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner.exe [6405912 2015-06-01] (Piriform Ltd)
HKU\S-1-5-21-486766110-531225435-1456869208-1000\...\Run: [SUPERAntiSpyware] => C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe [6843808 2017-06-12] (SUPERAntiSpyware)
HKU\S-1-5-21-486766110-531225435-1456869208-1000\...\Policies\system: [LogonHoursAction] 2
HKU\S-1-5-21-486766110-531225435-1456869208-1000\...\Policies\system: [DontDisplayLogonHoursWarnings] 1
HKU\S-1-5-21-486766110-531225435-1456869208-1000\...\Policies\Explorer: [NoRecentDocsHistory] 1
HKU\S-1-5-21-486766110-531225435-1456869208-1000\...\Policies\Explorer: [NolowDiskSpaceChecks] 1
HKU\S-1-5-21-486766110-531225435-1456869208-1000\Control Panel\Desktop\\SCRNSAVE.EXE ->
HKU\S-1-5-21-486766110-531225435-1456869208-1001\...\Run: [MediaDICO36] => C:\Program Files\Micro Application\36 Dictionnaires et Recueils de Correspondance\LanceMediaDICO36.exe [252416 2004-05-27] (L'Aventure Multimedia)
HKU\S-1-5-21-486766110-531225435-1456869208-1001\...\Run: [MediaDICO38] => C:\Program Files\Micro Application\38 Dictionnaires et Recueils de Correspondance\LanceMediaDICO38.exe [252416 2006-05-08] (L'Aventure Multimedia)
HKU\S-1-5-21-486766110-531225435-1456869208-1001\...\Policies\system: [LogonHoursAction] 2
HKU\S-1-5-21-486766110-531225435-1456869208-1001\...\Policies\system: [DontDisplayLogonHoursWarnings] 1
HKU\S-1-5-21-486766110-531225435-1456869208-1001\...\Policies\Explorer: [NoRecentDocsHistory] 1
HKU\S-1-5-21-486766110-531225435-1456869208-1001\...\MountPoints2: F - F:\setup.exe
HKU\S-1-5-18\...\RunOnce: [SPReview] => C:\Windows\System32\SPReview\SPReview.exe [280576 2014-05-17] (Microsoft Corporation)
ShellExecuteHooks: Pas de nom - {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - -> Pas de fichier
Startup: C:\Users\A.BELAKHDAR\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\alga.exe [2016-11-09] (Microsoft)
Startup: C:\Users\A.BELAKHDAR\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\MEGAsync.lnk [2017-01-28]
ShortcutTarget: MEGAsync.lnk -> C:\Users\A.BELAKHDAR\AppData\Local\MEGAsync\MEGAsync.exe (Mega Limited)
Startup: C:\Users\A.BELAKHDAR\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\alga.exe [2016-11-09] (Microsoft)
Startup: C:\Users\A.BELAKHDAR\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\MEGAsync.lnk [2017-01-28]
ShortcutTarget: MEGAsync.lnk -> C:\Users\A.BELAKHDAR\AppData\Local\MEGAsync\MEGAsync.exe (Mega Limited)
GroupPolicy: Restriction - Chrome <==== ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION
==================== Internet (Avec liste blanche) ====================
(Si un élément est inclus dans le fichier fixlist.txt, s'il s'agit d'un élément du Registre, il sera supprimé ou restauré à la valeur par défaut.)
Hosts: Il y a plus d'un élément dans hosts. Voir la section Hosts de Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{194D6942-57DE-49CB-9F1C-136708C5815D}: [DhcpNameServer] 192.168.1.254 192.168.1.254
Tcpip\..\Interfaces\{5A39ED76-1A10-4433-9A51-682CCF760F9C}: [DhcpNameServer] 192.168.8.1 192.168.8.1
Tcpip\..\Interfaces\{73AA0F16-0EBF-4C63-8749-A53B2CD2D90C}: [DhcpNameServer] 10.0.1.1
Tcpip\..\Interfaces\{8B7D6FFC-C57C-4F85-AD48-8CF41FFF1AD8}: [NameServer] 8.8.8.8,8.8.4.4
Tcpip\..\Interfaces\{8B7D6FFC-C57C-4F85-AD48-8CF41FFF1AD8}: [DhcpNameServer] 10.71.0.1
Tcpip\..\Interfaces\{9D44839A-809B-45E8-9EF1-687C6B922E27}: [DhcpNameServer] 192.168.8.1 192.168.8.1
Tcpip\..\Interfaces\{A16E23C0-89CE-46E5-B3C6-31250CE0FD8F}: [DhcpNameServer] 192.168.42.129
Tcpip\..\Interfaces\{DCD15794-FB75-4C14-AD71-F4BE24436880}: [NameServer] 8.8.8.8,4.4.4.4
Tcpip\..\Interfaces\{DCD15794-FB75-4C14-AD71-F4BE24436880}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{E41D62B3-22D0-4434-85C4-572E2653F71F}: [DhcpNameServer] 192.168.8.1 192.168.8.1
Internet Explorer:
==================
HKU\S-1-5-21-486766110-531225435-1456869208-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.ergative.com/
HKU\S-1-5-21-486766110-531225435-1456869208-1000\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxps://www.google.dz/search?hl=fr-DZ&source=hp&q=probleme+de+souris+pc&gbv=2&oq=probleme+de+sou&gs_l=heirloom-hp.1.2.0l10.235016.241037.0.248229.15.14.0.1.1.0.390.1811.2-4j2.6.0....0...1ac.1.34.heirloom-hp..8.7.1827.GdpcwXNZ8hM
hxxp://forum.zebulon.fr/comment-resoudre-mon-probleme-de-souris-t102255.html
hxxp://h10025.www1.hp.com/ewfrf/wc/document?cc=fr&lc=fr&dlc=fr&docname=c00575007
hxxp://support.microsoft.com/kb/838398/fr
hxxp://www.commentcamarche.net/forum/affich-4521229-probleme-de-souris-pour-un-pc-portable
HKU\S-1-5-21-486766110-531225435-1456869208-1001\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxps://www.google.dz/search?hl=fr-DZ&source=hp&q=probleme+de+souris+pc&gbv=2&oq=probleme+de+sou&gs_l=heirloom-hp.1.2.0l10.235016.241037.0.248229.15.14.0.1.1.0.390.1811.2-4j2.6.0....0...1ac.1.34.heirloom-hp..8.7.1827.GdpcwXNZ8hM
hxxp://forum.zebulon.fr/comment-resoudre-mon-probleme-de-souris-t102255.html
hxxp://h10025.www1.hp.com/ewfrf/wc/document?cc=fr&lc=fr&dlc=fr&docname=c00575007
hxxp://support.microsoft.com/kb/838398/fr
hxxp://www.commentcamarche.net/forum/affich-4521229-probleme-de-souris-pour-un-pc-portable
URLSearchHook: [S-1-5-21-486766110-531225435-1456869208-1001_classes] ATTENTION => URLSearchHook par défaut est absent
URLSearchHook: [S-1-5-21-486766110-531225435-1456869208-1005_classes] ATTENTION => URLSearchHook par défaut est absent
URLSearchHook: [S-1-5-82-3006700770-424185619-1745488364-794895919-4004696415_classes] ATTENTION => URLSearchHook par défaut est absent
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-486766110-531225435-1456869208-1000 -> DefaultScope {383D59D4-2767-4CC5-AED7-14792735EA38} URL = hxxps://www.google.com/search?q={searchTerms}
SearchScopes: HKU\S-1-5-21-486766110-531225435-1456869208-1000 -> {383D59D4-2767-4CC5-AED7-14792735EA38} URL = hxxps://www.google.com/search?q={searchTerms}
SearchScopes: HKU\S-1-5-21-486766110-531225435-1456869208-1001 -> {383D59D4-2767-4CC5-AED7-14792735EA38} URL = hxxps://www.google.com/search?q={searchTerms}
BHO: IDM integration (IDMIEHlprObj Class) -> {0055C089-8582-441B-A0BF-17B458C2A3A8} -> C:\Program Files\Internet Download Manager\IDMIECC.dll [2017-06-23] (Internet Download Manager, Tonec Inc.)
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2017-06-30] (AVAST Software)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO: Gaaiho PDF Conversion Toolbar Helper -> {C7DA0384-42AA-428c-B832-88AC343DE1A8} -> C:\Program Files\Nuance\PDF Professional 8\bin\GZeonIEFavClient.dll [2013-05-16] (Zeon Corporation)
Toolbar: HKLM - Nuance PDF - {BCCE15AE-AC7E-4bc9-94AF-2A714A412BCB} - C:\Program Files\Nuance\PDF Professional 8\bin\GZeonIEFavClient.dll [2013-05-16] (Zeon Corporation)
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_51-windows-i586.cab
DPF: {CAFEEFAC-0017-0000-0051-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_51-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_51-windows-i586.cab
FireFox:
========
FF DefaultProfile: aichabelakhdar2@gmail.com
FF ProfilePath: C:\Users\A.BELAKHDAR\AppData\Roaming\Mozilla\Firefox\Profiles\fd94oss2.default-1467670681343 [2017-07-04]
FF user.js: detected! => C:\Users\A.BELAKHDAR\AppData\Roaming\Mozilla\Firefox\Profiles\fd94oss2.default-1467670681343\user.js [2017-01-20]
FF Homepage: Mozilla\Firefox\Profiles\fd94oss2.default-1467670681343 -> hxxps://www.google.dz/
FF Session Restore: Mozilla\Firefox\Profiles\fd94oss2.default-1467670681343 -> est activé.
FF Extension: (IObit Surfing Protection & Ads Removal) - C:\Users\A.BELAKHDAR\AppData\Roaming\Mozilla\Firefox\Profiles\fd94oss2.default-1467670681343\Extensions\ascsurfingprotectionnew@iobit.com.xpi [2016-10-18]
FF Extension: (Ghostery) - C:\Users\A.BELAKHDAR\AppData\Roaming\Mozilla\Firefox\Profiles\fd94oss2.default-1467670681343\Extensions\firefox@ghostery.com.xpi [2017-06-09]
FF Extension: (MEGA) - C:\Users\A.BELAKHDAR\AppData\Roaming\Mozilla\Firefox\Profiles\fd94oss2.default-1467670681343\Extensions\firefox@mega.co.nz.xpi [2017-07-04]
FF Extension: (Dashlane) - C:\Users\A.BELAKHDAR\AppData\Roaming\Mozilla\Firefox\Profiles\fd94oss2.default-1467670681343\Extensions\jetpack-extension@dashlane.com.xpi [2017-06-01]
FF Extension: (OmniSidebar) - C:\Users\A.BELAKHDAR\AppData\Roaming\Mozilla\Firefox\Profiles\fd94oss2.default-1467670681343\Extensions\osb@quicksaver.xpi [2017-01-28]
FF Extension: (Avast SafePrice) - C:\Users\A.BELAKHDAR\AppData\Roaming\Mozilla\Firefox\Profiles\fd94oss2.default-1467670681343\Extensions\sp@avast.com.xpi [2017-06-01]
FF Extension: (Avast Online Security) - C:\Users\A.BELAKHDAR\AppData\Roaming\Mozilla\Firefox\Profiles\fd94oss2.default-1467670681343\Extensions\wrc@avast.com.xpi [2017-06-01]
FF Extension: (Flashblock) - C:\Users\A.BELAKHDAR\AppData\Roaming\Mozilla\Firefox\Profiles\fd94oss2.default-1467670681343\Extensions\{3d7eb24f-2740-49df-8937-200b1cc08f8a} [2017-01-28]
FF Extension: (NoScript) - C:\Users\A.BELAKHDAR\AppData\Roaming\Mozilla\Firefox\Profiles\fd94oss2.default-1467670681343\Extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi [2017-07-04]
FF Extension: (YouTube High Definition) - C:\Users\A.BELAKHDAR\AppData\Roaming\Mozilla\Firefox\Profiles\fd94oss2.default-1467670681343\Extensions\{7b1bf0b6-a1b9-42b0-b75d-252036438bdc}.xpi [2017-06-30]
FF Extension: (Adblock Plus) - C:\Users\A.BELAKHDAR\AppData\Roaming\Mozilla\Firefox\Profiles\fd94oss2.default-1467670681343\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2017-06-09]
FF HKU\S-1-5-21-486766110-531225435-1456869208-1000\...\Firefox\Extensions: [mozilla_cc3@internetdownloadmanager.com] - C:\Program Files\Internet Download Manager\idmmzcc3.xpi
FF Extension: (Pas de nom) - C:\Program Files\Internet Download Manager\idmmzcc3.xpi [2017-06-28]
FF HKU\S-1-5-21-486766110-531225435-1456869208-1000\...\SeaMonkey\Extensions: [mozilla_cc@internetdownloadmanager.com] - C:\Users\A.BELAKHDAR\AppData\Roaming\IDM\idmmzcc5
FF Extension: (IDM CC) - C:\Users\A.BELAKHDAR\AppData\Roaming\IDM\idmmzcc5 [2017-04-10] [non signé]
FF HKU\S-1-5-21-486766110-531225435-1456869208-1000\...\SeaMonkey\Extensions: [mozilla_cc2@internetdownloadmanager.com] - C:\Program Files\Internet Download Manager\idmmzcc2.xpi
FF Extension: (IDM integration) - C:\Program Files\Internet Download Manager\idmmzcc2.xpi [2017-01-26]
FF Plugin: @adobe.com/AuthorwarePlayer -> C:\Windows\system32\Macromed\AUTHORWA\np32asw.dll [2004-07-02] (Macromedia, Inc.)
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32_26_0_0_131.dll [2017-07-01] ()
FF Plugin: @adobe.com/ShockwavePlayer -> C:\Windows\system32\Adobe\Director\np32dsw_1229199.dll [2017-03-31] (Adobe Systems, Inc.)
FF Plugin: @microsoft.com/GENUINE -> disabled [Pas de fichier]
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.50901.0\npctrl.dll [2016-08-31] ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\Program Files\Microsoft Office\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation)
FF Plugin: @nitropdf.com/NitroPDF -> C:\Program Files\Nitro\Pro 8\npnitromozilla.dll [2013-03-25] (Nitro PDF)
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-07-01] (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-07-01] (Google Inc.)
FF Plugin: @videolan.org/vlc,version=2.0.7 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2017-05-24] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.1 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2017-05-24] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.2 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2017-05-24] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.3 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2017-05-24] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.5 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2017-05-24] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.2.0 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2017-05-24] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.2.1 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2017-05-24] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.2.2 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2017-05-24] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.2.3 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2017-05-24] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.2.4 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2017-05-24] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.2.6 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2017-05-24] (VideoLAN)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2017-04-05] (Adobe Systems Inc.)
FF Plugin: ZEON/PDF,version=2.0 -> C:\Program Files\Nuance\PDF Professional 8\bin\nppdf.dll [2013-05-24] (Zeon Corporation)
FF Plugin HKU\S-1-5-21-486766110-531225435-1456869208-1000: @talk.google.com/GoogleTalkPlugin -> C:\Users\A.BELAKHDAR\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll [2015-12-08] (Google)
FF Plugin HKU\S-1-5-21-486766110-531225435-1456869208-1000: @talk.google.com/O1DPlugin -> C:\Users\A.BELAKHDAR\AppData\Roaming\Mozilla\plugins\npo1d.dll [2015-12-08] (Google)
FF Plugin HKU\S-1-5-21-486766110-531225435-1456869208-1000: @tools.google.com/Google Update;version=3 -> C:\Users\A.BELAKHDAR\AppData\Local\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2016-12-17] (Google Inc.)
FF Plugin HKU\S-1-5-21-486766110-531225435-1456869208-1000: @tools.google.com/Google Update;version=9 -> C:\Users\A.BELAKHDAR\AppData\Local\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2016-12-17] (Google Inc.)
FF Plugin HKU\S-1-5-21-486766110-531225435-1456869208-1000: intel.com/AppUp -> C:\Program Files\Intel\IntelAppStore\bin\npAppUp.dll [2013-05-31] (Intel)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\CrazyTalk4Native.dll [2008-10-28] (C3D)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\ctdomemhelper.dll [2008-10-28] (Reallusion Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\ctframeplayerobject.dll [2008-10-28] (Reallusion Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\ctplayerobject.dll [2008-10-28] (Reallusion Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\imagickrt.dll [2008-10-28] (BEXTech)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\np-mswmp.dll [2007-04-10] (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\NPOFF12.DLL [2006-10-26] (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nppdf32.dll [2017-04-05] (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npRLCT4Player.dll [2008-10-28] ( )
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\rlcontentclass.dll [2008-10-28] (Reallusion Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\RLMusicPacker.dll [2008-10-28] ()
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\RLMusicUnpacker.dll [2008-10-28] ()
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\RLVoicePacker.dll [2008-10-28] ()
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\RLVoiceUnpacker.dll [2008-10-28] ()
FF Plugin ProgramFiles/Appdata: C:\Users\A.BELAKHDAR\AppData\Roaming\mozilla\plugins\npgoogletalk.dll [2015-12-08] (Google)
FF Plugin ProgramFiles/Appdata: C:\Users\A.BELAKHDAR\AppData\Roaming\mozilla\plugins\npo1d.dll [2015-12-08] (Google)
Chrome:
=======
CHR HomePage: Default -> hxxps://www.google.com/
CHR StartupUrls: Default -> "hxxp://internet-start.net/"
CHR Profile: C:\Users\A.BELAKHDAR\AppData\Local\Google\Chrome\User Data\Default [2017-07-04]
CHR Extension: (Google Slides) - C:\Users\A.BELAKHDAR\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-07-01]
CHR Extension: (Google Docs) - C:\Users\A.BELAKHDAR\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-07-01]
CHR Extension: (Google Drive) - C:\Users\A.BELAKHDAR\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2017-07-01]
CHR Extension: (YouTube) - C:\Users\A.BELAKHDAR\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2017-07-01]
CHR Extension: (Adblock Plus) - C:\Users\A.BELAKHDAR\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2017-07-02]
CHR Extension: (Сookies Control) - C:\Users\A.BELAKHDAR\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfkpefbllpconnkfpdgagkifmflckkdp [2017-07-04]
CHR Extension: (YouTube High Definition) - C:\Users\A.BELAKHDAR\AppData\Local\Google\Chrome\User Data\Default\Extensions\dokdlgjaaaijndfajoknjbelmadhomca [2017-07-04]
CHR Extension: (Dashlane - Gestionnaire de mots de passe sécurisé) - C:\Users\A.BELAKHDAR\AppData\Local\Google\Chrome\User Data\Default\Extensions\fdjamakpfbbddfjaooikfcpapjohcfmg [2017-07-01]
CHR Extension: (Google Sheets) - C:\Users\A.BELAKHDAR\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-07-01]
CHR Extension: (Google Docs hors connexion) - C:\Users\A.BELAKHDAR\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2017-07-01]
CHR Extension: (Avast Online Security) - C:\Users\A.BELAKHDAR\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2017-07-01]
CHR Extension: (IDM Integration Module) - C:\Users\A.BELAKHDAR\AppData\Local\Google\Chrome\User Data\Default\Extensions\ngpampappnmepgilojfohadhhmbhlaek [2017-07-01]
CHR Extension: (Paiements via le Chrome Web Store) - C:\Users\A.BELAKHDAR\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-07-01]
CHR Extension: (Gmail) - C:\Users\A.BELAKHDAR\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2017-07-01]
CHR Extension: (Chrome Media Router) - C:\Users\A.BELAKHDAR\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-07-02]
CHR HKLM\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChromeSp.crx
CHR HKLM\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx
CHR HKLM\...\Chrome\Extension: [ngpampappnmepgilojfohadhhmbhlaek] - C:\Program Files\Internet Download Manager\IDMGCExt.crx [2017-06-28]
Opera:
=======
OPR Extension: (IDM Integration Module) - C:\Users\A.BELAKHDAR\AppData\Roaming\Opera Software\Opera Stable\Extensions\ngpampappnmepgilojfohadhhmbhlaek [2017-06-30]
OPR Extension: (Adblock Plus) - C:\Users\A.BELAKHDAR\AppData\Roaming\Opera Software\Opera Stable\Extensions\oidhhegpmlfpoeialbgcdocjalghfpkp [2017-06-10]
==================== Services (Avec liste blanche) ====================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
R2 !SASCORE; C:\Program Files\SUPERAntiSpyware\SASCORE.EXE [143776 2017-01-31] (SUPERAntiSpyware.com)
R2 ABBYY.Licensing.FineReader.Corporate.12.0; C:\Program Files\Common Files\ABBYY\FineReader\12.00\Licensing\CE\NetworkLicenseServer.exe [964848 2015-11-30] (ABBYY Production LLC)
R3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\aswidsagent.exe [5815840 2017-06-30] (AVAST Software s.r.o.)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [263312 2017-06-30] (AVAST Software)
R2 avast! Firewall; C:\Program Files\AVAST Software\Avast\afwServ.exe [311592 2017-06-30] (AVAST Software)
R2 Backupper Service; C:\Program Files\AOMEI Backupper\ABService.exe [52856 2016-07-11] (AOMEI Tech Co., Ltd.)
S3 cphs; C:\Windows\system32\IntelCpHeciSvc.exe [280680 2015-06-04] (Intel Corporation)
S3 DellDigitalDelivery; C:\Program Files\Dell Digital Delivery\DeliveryService.exe [237448 2015-03-16] (Dell Products, LP.)
R2 DellUpdate; C:\Program Files\Dell Update\DellUpService.exe [210808 2015-02-10] (Dell Inc.)
R2 ExpressVpnService; C:\Program Files\ExpressVPN\bootstrap\x86\nssm.exe [294912 2017-04-25] () [Fichier non signé]
R2 hshld; C:\Program Files\Hotspot Shield\bin\cmw_srv.exe [2610808 2017-06-15] (AnchorFree Inc.)
R2 HuaweiHiSuiteService.exe; C:\Program Files\HiSuite\HandSetService\HuaweiHiSuiteService.exe [155848 2017-04-11] () [Fichier non signé]
S3 ICCS; C:\Program Files\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe [169752 2012-04-24] (Intel Corporation)
R2 MbaeSvc; C:\Program Files\Malwarebytes Anti-Exploit\mbae-svc.exe [155080 2017-05-05] (Malwarebytes Corporation)
R2 MBAMScheduler; C:\Program Files\Malwarebytes Anti-Malware\mbamscheduler.exe [1871160 2015-03-17] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe [1080120 2015-03-17] (Malwarebytes Corporation)
R2 Mobile Broadband HL Service; C:\ProgramData\MobileBrServ\mbbservice.exe [242256 2014-08-20] ()
S3 NitroDriverReadSpool8; C:\Program Files\Nitro\Pro 8\NitroPDFDriverService8.exe [196616 2013-03-25] (Nitro PDF Software)
S2 odoo-server-8.0; C:\Program Files\Odoo 8.0-20160130\service\win32_service.exe [23552 2016-01-29] () [Fichier non signé]
R2 PDFProFiltSrv; C:\Program Files\Nuance\PDF Professional 8\PDFProFiltSrv.exe [135496 2013-06-11] (Nuance Communications, Inc.)
S2 PostgreSQL_For_Odoo; C:\Program Files\Odoo 8.0-20160130\PostgreSQL\bin\pg_ctl.exe [76800 2014-07-22] (PostgreSQL Global Development Group) [Fichier non signé]
R2 SCPDFReadSpool; C:\Windows\Installer\MSID230.tmp [177784 2015-10-08] (Solid Documents, LLC) [Fichier non signé]
R2 ss_conn_service; C:\Program Files\SAMSUNG\USB Drivers\25_escape\conn\ss_conn_service.exe [743688 2014-10-13] (DEVGURU Co., LTD.)
S2 STacSV; C:\Program Files\IDT\WDM\STacSV.exe [303186 2012-08-09] (IDT, Inc.) [Fichier non signé]
R2 Themes; C:\Windows\system32\themeservice.dll [37376 2010-03-14] (Microsoft Corporation) [Fichier non signé]
S3 uSHAREitSvc; C:\Program Files\SHAREit Technologies\SHAREit\SHAREit.Service.exe [33224 2017-01-20] (SHAREit Technologies Co.Ltd)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [680960 2013-05-27] (Microsoft Corporation)
S3 rpcapd; "%ProgramFiles%\WinPcap\rpcapd.exe" -d -f "%ProgramFiles%\WinPcap\rpcapd.ini" [X]
===================== Pilotes (Avec liste blanche) ======================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
S3 AFTrafMgr1.2; C:\Program Files\Hotspot Shield\bin\TrafMgr_1_2_32.sys [49080 2017-05-08] (AnchorFree Inc.)
R0 ambakdrv; C:\Windows\System32\ambakdrv.sys [26968 2016-07-04] ()
R0 amdkmpfd; C:\Windows\System32\DRIVERS\amdkmpfd.sys [42720 2015-04-23] (Advanced Micro Devices, Inc.)
R2 ammntdrv; C:\Windows\system32\ammntdrv.sys [130264 2016-07-04] ()
R2 amwrtdrv; C:\Windows\system32\amwrtdrv.sys [14936 2016-07-04] ()
R1 aswbidsdriver; C:\Windows\system32\drivers\aswbidsdriverx.sys [266976 2017-06-30] (AVAST Software s.r.o.)
R0 aswbidsh; C:\Windows\system32\drivers\aswbidshx.sys [157384 2017-06-30] (AVAST Software s.r.o.)
R0 aswblog; C:\Windows\system32\drivers\aswblogx.sys [276704 2017-06-30] (AVAST Software s.r.o.)
R0 aswbuniv; C:\Windows\system32\drivers\aswbunivx.sys [50352 2017-06-30] (AVAST Software s.r.o.)
S3 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [42824 2017-06-30] (AVAST Software)
R1 aswKbd; C:\Windows\system32\drivers\aswKbd.sys [39752 2017-06-30] (AVAST Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [123896 2017-06-30] (AVAST Software)
R3 aswNetNd6; C:\Windows\System32\DRIVERS\aswNetNd6.sys [36104 2017-06-30] (AVAST Software)
R1 aswNetSec; C:\Windows\system32\drivers\aswNetSec.sys [408048 2017-06-30] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [99536 2017-06-30] (AVAST Software)
R0 aswRvrt; C:\Windows\system32\drivers\aswRvrt.sys [70840 2017-06-30] (AVAST Software)
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [774288 2017-06-30] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [496976 2017-06-30] (AVAST Software)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [147688 2017-06-30] (AVAST Software)
S3 aswTap; C:\Windows\System32\DRIVERS\aswTap.sys [38984 2014-07-15] (The OpenVPN Project)
R0 aswVmm; C:\Windows\system32\drivers\aswVmm.sys [296312 2017-06-30] (AVAST Software)
S3 bcbtums; C:\Windows\System32\drivers\bcbtums.sys [176856 2016-01-26] (Broadcom Corporation.)
R3 Btcsrusb; C:\Windows\System32\Drivers\btcusb.sys [47504 2017-01-20] (IVT Corporation.)
S3 btwampfl; C:\Windows\System32\DRIVERS\btwampfl.sys [510168 2016-01-26] (Broadcom Corporation.)
S3 dg_ssudbus; C:\Windows\System32\DRIVERS\ssudbus.sys [109184 2016-09-05] (Samsung Electronics Co., Ltd.)
R1 ESProtectionDriver; C:\Program Files\Malwarebytes Anti-Exploit\mbae.sys [59904 2017-05-05] ()
R1 HWiNFO32; C:\Windows\system32\drivers\HWiNFO32.SYS [23840 2017-01-20] (REALiX(tm))
R0 iaStorA; C:\Windows\System32\DRIVERS\iaStorA.sys [503048 2015-05-29] (Intel Corporation)
R0 iaStorF; C:\Windows\System32\DRIVERS\iaStorF.sys [27376 2015-05-29] (Intel Corporation)
R3 int0800; C:\Windows\System32\DRIVERS\flashud.sys [42496 2009-09-09] (Intel Corporation)
S3 intelkmd; C:\Windows\System32\DRIVERS\igdpmd32.sys [10843136 2011-08-09] (Intel Corporation) [Fichier non signé]
R0 iusb3hcs; C:\Windows\System32\DRIVERS\iusb3hcs.sys [16440 2012-12-04] (Intel Corporation)
R1 mbamchameleon; C:\Windows\system32\drivers\mbamchameleon.sys [126336 2016-03-10] (Malwarebytes)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [24448 2016-03-10] (Malwarebytes)
R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [119512 2017-07-04] (Malwarebytes Corporation)
S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [53120 2016-03-10] (Malwarebytes Corporation)
R3 MEI; C:\Windows\System32\DRIVERS\TeeDriver.sys [157752 2016-03-29] (Intel Corporation)
S3 netr28u; C:\Windows\System32\DRIVERS\netr28u.sys [1731416 2016-05-12] (MediaTek Inc.)
R2 NEWDRIVER; C:\Windows\system32\WinVDEdrv6.sys [188176 2014-02-22] ()
S3 NPF; C:\Windows\System32\drivers\npf.sys [35088 2010-06-25] (CACE Technologies, Inc.)
S3 RTL8192cu; C:\Windows\System32\DRIVERS\RTL8192cu.sys [801896 2012-11-01] (Realtek Semiconductor Corporation )
R3 RTSUER; C:\Windows\System32\Drivers\RtsUer.sys [304344 2017-01-20] (Realsil Semiconductor Corporation)
R1 SASDIFSV; C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS [12880 2011-07-22] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
R1 SASKUTIL; C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS [67664 2011-07-12] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
S0 sfdrv01; C:\Windows\System32\drivers\sfdrv01.sys [50688 2005-08-10] (Protection Technology) [Fichier non signé]
R0 sfhlp02; C:\Windows\System32\drivers\sfhlp02.sys [6656 2005-05-16] (Protection Technology) [Fichier non signé]
S0 sfvfs02; C:\Windows\System32\drivers\sfvfs02.sys [63488 2005-11-03] (Protection Technology) [Fichier non signé]
S3 SmbDrvI; C:\Windows\System32\DRIVERS\Smb_driver_Intel.sys [38200 2013-01-23] (Synaptics Incorporated)
R0 sptd; C:\Windows\System32\Drivers\sptd.sys [691696 2013-04-30] () [Fichier non signé]
S3 ssudmdm; C:\Windows\System32\DRIVERS\ssudmdm.sys [147072 2016-09-05] (Samsung Electronics Co., Ltd.)
S3 STHDA; C:\Windows\System32\DRIVERS\stwrt.sys [450560 2012-08-09] (IDT, Inc.) [Fichier non signé]
S3 tapexpressvpn; C:\Windows\System32\DRIVERS\tapexpressvpn.sys [32112 2017-04-25] (The OpenVPN Project)
S3 taphss; C:\Windows\System32\DRIVERS\taphss.sys [33512 2012-07-24] (AnchorFree Inc)
R3 taphss6; C:\Windows\System32\DRIVERS\taphss6.sys [36944 2017-02-22] (Anchorfree Inc.)
R1 WinFLAdrv; C:\Windows\System32\WinFLAdrv.sys [29184 2014-02-22] ()
==================== NetSvcs (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
==================== Un mois - Créés - fichiers et dossiers ========
(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)
2017-07-04 23:07 - 2017-07-04 23:08 - 00089023 _____ C:\Users\A.BELAKHDAR\Desktop\Addition.txt
2017-07-04 23:04 - 2017-07-04 23:08 - 00032038 _____ C:\Users\A.BELAKHDAR\Desktop\FRST.txt
2017-07-04 23:04 - 2017-07-04 23:08 - 00000000 ____D C:\FRST
2017-07-04 23:04 - 2017-07-04 23:04 - 00000000 ____D C:\ProgramData\SWCUTemp
2017-07-04 22:50 - 2017-07-04 22:50 - 00000377 _____ C:\Users\A.BELAKHDAR\Downloads\Key SUPERAntiSpyware.rar
2017-07-04 22:50 - 2017-07-04 22:50 - 00000000 ____D C:\Users\A.BELAKHDAR\Downloads\Key SUPERAntiSpyware
2017-07-04 22:16 - 2017-07-04 22:16 - 00000000 ____D C:\SUPERDelete
2017-07-04 22:08 - 2017-07-04 22:24 - 00000522 _____ C:\Windows\Tasks\SUPERAntiSpyware Scheduled Task c43242d9-9062-4b37-acf7-3713e179c70b.job
2017-07-04 22:08 - 2017-07-04 22:24 - 00000522 _____ C:\Windows\Tasks\SUPERAntiSpyware Scheduled Task 89db4665-e5a3-431a-b7e6-b60112c277ce.job
2017-07-04 22:08 - 2017-07-04 22:08 - 00000000 ____D C:\Users\A.BELAKHDAR\AppData\Roaming\SUPERAntiSpyware.com
2017-07-04 22:07 - 2017-07-04 22:52 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SUPERAntiSpyware
2017-07-04 22:07 - 2017-07-04 22:08 - 00000000 ____D C:\Program Files\SUPERAntiSpyware
2017-07-04 22:07 - 2017-07-04 22:07 - 00001941 _____ C:\Users\Public\Desktop\SUPERAntiSpyware Professional.lnk
2017-07-04 22:07 - 2017-07-04 22:07 - 00000000 ____D C:\ProgramData\SUPERAntiSpyware.com
2017-07-04 21:53 - 2017-07-04 21:53 - 00000000 ____D C:\ProgramData\Micro Application
2017-07-04 21:53 - 2017-07-04 21:53 - 00000000 ____D C:\ProgramData\Acronis
2017-07-04 20:45 - 2017-07-04 20:45 - 01782272 _____ (Farbar) C:\Users\A.BELAKHDAR\Desktop\FRST.exe
2017-07-04 18:57 - 2017-07-04 18:57 - 00000000 ____D C:\Users\A.BELAKHDAR\AppData\Roaming\DRPSu
2017-07-04 18:06 - 2017-07-04 18:55 - 00000000 ____D C:\Program Files\GridinSoft Trojan Killer
2017-07-04 18:06 - 2017-07-04 18:06 - 00000000 ____D C:\ProgramData\GridinSoft
2017-07-04 16:34 - 2017-07-04 22:23 - 00000000 ____D C:\Program Files\Zemana AntiMalware
2017-07-04 16:34 - 2017-07-04 22:22 - 00106026 _____ C:\Windows\ZAM_Guard.krnl.trace
2017-07-04 16:34 - 2017-07-04 18:54 - 00083782 _____ C:\Windows\ZAM.krnl.trace
2017-07-04 16:33 - 2017-07-04 16:33 - 00000000 ____D C:\Users\A.BELAKHDAR\AppData\Local\Zemana
2017-07-04 07:38 - 2017-07-04 07:38 - 00013285 _____ C:\Users\A.BELAKHDAR\Desktop\SpeedTestResults-20170704.txt
2017-07-03 23:33 - 2017-07-03 23:33 - 00000023 _____ C:\Users\A.BELAKHDAR\Downloads\activationcodeMrTornado.txt
2017-07-03 23:33 - 2017-07-03 23:33 - 00000000 ____D C:\Users\A.BELAKHDAR\Downloads\ExpressVPN 6.2.1 + Serial
2017-07-03 23:32 - 2017-07-03 23:32 - 18280788 _____ C:\Users\A.BELAKHDAR\Downloads\ExpressVPN 6.2.1 + Serial.rar
2017-07-03 23:31 - 2017-07-03 23:31 - 00000211 _____ C:\Users\A.BELAKHDAR\Downloads\serial number (2).rar
2017-07-03 23:25 - 2017-07-03 23:25 - 00000000 ____D C:\Users\A.BELAKHDAR\Downloads\serial number
2017-07-03 23:24 - 2017-07-03 23:24 - 00000211 _____ C:\Users\A.BELAKHDAR\Downloads\serial number (1).rar
2017-07-03 22:43 - 2017-07-03 22:44 - 00000211 _____ C:\Users\A.BELAKHDAR\Downloads\serial number.rar
2017-07-03 19:16 - 2017-07-03 19:16 - 00000000 ____D C:\ProgramData\MapControl
2017-07-03 19:13 - 2017-07-03 19:27 - 00000000 ____D C:\Users\A.BELAKHDAR\AppData\Roaming\IPVanish VPN
2017-07-03 19:09 - 2017-07-03 19:09 - 00000000 ____D C:\Users\A.BELAKHDAR\AppData\Local\IPVanish
2017-07-03 19:00 - 2017-07-04 18:55 - 00000000 ____D C:\Program Files\IPVanish
2017-07-03 18:37 - 2017-07-03 18:45 - 14934511 _____ C:\Users\A.BELAKHDAR\Downloads\ExpressVPN Best Android VPN_v6.4.0_apkpure.com (1).apk
2017-07-03 18:32 - 2017-07-03 18:38 - 14934511 _____ C:\Users\A.BELAKHDAR\Downloads\ExpressVPN Best Android VPN_v6.4.0_apkpure.com.apk
2017-07-03 18:25 - 2017-07-03 18:25 - 00001185 _____ C:\Users\A.BELAKHDAR\Downloads\Express_VPN_2017_Final___Crack.xht
2017-07-03 17:27 - 2017-07-03 17:27 - 00001177 _____ C:\Users\A.BELAKHDAR\Downloads\Express_vpn_activation_code___Express_vpn_serial_key_2017_to_2018.xht
2017-07-03 08:22 - 2017-07-03 08:22 - 00000050 _____ C:\Users\A.BELAKHDAR\Downloads\Aktivasi.txt
2017-07-03 07:42 - 2017-07-03 07:43 - 00001921 _____ C:\Users\Public\Desktop\ExpressVPN.lnk
2017-07-03 07:42 - 2017-07-03 07:42 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ExpressVPN
2017-07-03 07:42 - 2017-07-03 07:42 - 00000000 ____D C:\ProgramData\ExpressVPN
2017-07-03 07:42 - 2017-07-03 07:42 - 00000000 ____D C:\Program Files\ExpressVpn Tap Driver
2017-07-03 07:42 - 2017-07-03 07:42 - 00000000 ____D C:\Program Files\ExpressVPN
2017-07-02 23:13 - 2017-07-02 23:13 - 00425112 _____ C:\Windows\system32\FNTCACHE.DAT
2017-07-02 20:57 - 2017-07-02 20:57 - 00000978 _____ C:\Users\Public\Desktop\Hotspot Shield.lnk
2017-07-02 20:57 - 2017-07-02 20:57 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Hotspot Shield
2017-07-02 20:46 - 2017-07-02 20:58 - 00000000 ____D C:\ProgramData\Hotspot Shield
2017-07-02 20:46 - 2017-07-02 20:57 - 00000000 ____D C:\Program Files\Hotspot Shield
2017-07-02 20:46 - 2017-07-02 20:46 - 00119032 _____ C:\Users\A.BELAKHDAR\AppData\Local\GDIPFONTCACHEV1.DAT
2017-07-02 04:06 - 2017-07-02 04:06 - 00001833 _____ C:\Users\A.BELAKHDAR\Desktop\License Avast Vpn 8.avastvpn
2017-07-02 03:05 - 2017-07-02 03:05 - 00000568 _____ C:\Windows\system32\SoftwareCache.ini
2017-07-01 22:14 - 2017-07-01 23:59 - 00002105 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2017-07-01 22:14 - 2017-07-01 23:59 - 00002093 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2017-07-01 18:59 - 2017-07-02 20:59 - 00803328 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
2017-07-01 18:59 - 2017-07-02 20:59 - 00144896 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl
2017-07-01 14:56 - 2017-07-01 14:56 - 00000000 ____D C:\ProgramData\Apple Computer
2017-07-01 11:10 - 2017-07-02 23:34 - 00000000 ____D C:\Users\A.BELAKHDAR\Desktop\tv
2017-07-01 10:35 - 2017-07-01 10:35 - 00000000 ____D C:\Users\A.BELAKHDAR\AppData\Roaming\livestreamer
2017-07-01 10:33 - 2017-07-01 11:04 - 00000000 ____D C:\Users\A.BELAKHDAR\AppData\Roaming\tor
2017-07-01 10:31 - 2017-07-01 21:38 - 00000000 ____D C:\Users\A.BELAKHDAR\Downloads\Compressed\Documents\ZedTV
2017-07-01 10:31 - 2017-07-01 21:38 - 00000000 ____D C:\Program Files\ZedTV
2017-06-30 21:59 - 2017-06-30 21:58 - 00303280 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2017-06-30 21:58 - 2017-06-30 21:58 - 00036104 _____ (AVAST Software) C:\Windows\system32\Drivers\aswNetNd6.sys
2017-06-30 18:49 - 2017-06-30 19:59 - 00000000 ____D C:\Users\A.BELAKHDAR\AppData\Local\ExpressVPN
2017-06-30 18:44 - 2017-06-30 18:44 - 00000125 _____ C:\Users\A.BELAKHDAR\Desktop\serial number.txt
2017-06-30 18:19 - 2017-07-04 22:16 - 00000000 ____D C:\Program Files\Mozilla Firefox
2017-06-29 19:54 - 2017-06-29 19:54 - 00000000 ____D C:\Users\A.BELAKHDAR\AppData\Local\Smart PC Soft
2017-06-28 16:23 - 2017-06-08 17:15 - 00148104 _____ (Tonec Inc.) C:\Windows\system32\Drivers\idmwfp.sys
2017-06-27 09:50 - 2017-06-27 09:51 - 06122632 _____ C:\Users\A.BELAKHDAR\Desktop\acmarket.apk
2017-06-25 22:20 - 2017-06-25 22:20 - 00000913 _____ C:\Users\Public\Desktop\HiSuite.lnk
2017-06-25 22:20 - 2017-06-25 22:20 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HiSuite
2017-06-25 22:20 - 2017-04-11 03:17 - 00249856 _____ (Huawei Technologies Co., Ltd.) C:\Windows\system32\Drivers\hw_quusbnet.sys
2017-06-25 22:20 - 2017-04-11 03:17 - 00199680 _____ (Huawei Technologies Co., Ltd.) C:\Windows\system32\Drivers\hw_quusbmdm.sys
2017-06-25 22:20 - 2017-04-11 03:17 - 00113792 _____ (Huawei Technologies Co., Ltd.) C:\Windows\system32\Drivers\hw_cdcacm.sys
2017-06-25 22:20 - 2017-04-11 03:17 - 00102272 _____ (Huawei Technologies Co., Ltd.) C:\Windows\system32\Drivers\hw_usbdev.sys
2017-06-25 22:20 - 2017-04-11 03:17 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbser.sys
2017-06-25 22:20 - 2017-04-11 03:17 - 00015360 _____ (Huawei Technologies Co., Ltd.) C:\Windows\system32\Drivers\ew_usbccgpfilter.sys
2017-06-25 22:19 - 2017-06-25 22:20 - 00000000 ____D C:\Program Files\HiSuite
==================== Un mois - Modifiés - fichiers et dossiers ========
(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)
2017-07-04 22:48 - 2015-07-03 12:03 - 00000000 ____D C:\Users\A.BELAKHDAR\AppData\Roaming\IDM
2017-07-04 22:39 - 2009-07-14 05:34 - 00025632 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2017-07-04 22:39 - 2009-07-14 05:34 - 00025632 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2017-07-04 22:33 - 2015-12-25 17:35 - 00000000 ____D C:\Users\A.BELAKHDAR\AppData\Local\CrashDumps
2017-07-04 22:31 - 2014-04-25 16:23 - 00119512 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2017-07-04 22:24 - 2017-01-20 07:38 - 00000000 ____D C:\Program Files\AOMEI Backupper
2017-07-04 22:24 - 2009-07-14 05:53 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2017-07-04 22:23 - 2009-07-14 03:37 - 00000000 ____D C:\Windows\inf
2017-07-04 22:22 - 2013-05-02 04:24 - 00000000 ____D C:\Users\A.BELAKHDAR\AppData\Roaming\DMCache
2017-07-04 21:56 - 2015-01-23 21:10 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Micro Application
2017-07-04 21:56 - 2015-01-23 21:08 - 00000000 ____D C:\Program Files\Micro Application
2017-07-04 21:49 - 2017-01-20 09:23 - 00000000 ____D C:\Program Files\IObit
2017-07-04 21:16 - 2017-06-01 23:49 - 00000000 ____D C:\AdwCleaner
2017-07-04 20:39 - 2016-11-17 10:39 - 00000000 ____D C:\Users\A.BELAKHDAR\AppData\LocalLow\Mozilla
2017-07-04 18:57 - 2016-02-12 21:44 - 00000000 ____D C:\Users\A.BELAKHDAR\AppData\Roaming\DriverPack Easy Search
2017-07-04 18:55 - 2017-01-20 09:23 - 00000000 ____D C:\Users\A.BELAKHDAR\AppData\Roaming\IObit
2017-07-04 18:54 - 2013-05-02 19:08 - 00000000 ____D C:\ProgramData\Zbshareware Lab
2017-07-04 18:45 - 2016-11-17 13:37 - 00000000 ____D C:\Program Files\CCleaner
2017-07-04 17:48 - 2015-11-12 05:16 - 00000000 ____D C:\ProgramData\Malwarebytes Anti-Exploit
2017-07-04 17:35 - 2017-01-20 09:24 - 00000000 ____D C:\Users\A.BELAKHDAR\AppData\LocalLow\IObit
2017-07-04 16:44 - 2016-01-03 22:49 - 00000000 ____D C:\Users\A.BELAKHDAR\Desktop\Contact - ComRed_fichiers
2017-07-04 16:24 - 2016-02-15 10:10 - 00000592 __RSH C:\ProgramData\ntuser.pol
2017-07-04 16:24 - 2016-02-15 10:10 - 00000290 __RSH C:\Users\A.BELAKHDAR\ntuser.pol
2017-07-04 16:24 - 2013-04-30 18:55 - 00000000 ____D C:\Users\A.BELAKHDAR
2017-07-04 00:35 - 2009-07-14 03:37 - 00000000 ____D C:\Windows\system32\NDF
2017-07-03 23:30 - 2013-04-30 20:47 - 00000000 ____D C:\Users\A.BELAKHDAR\AppData\Roaming\vlc
2017-07-03 07:42 - 2016-01-22 09:13 - 00000000 ____D C:\ProgramData\Package Cache
2017-07-03 07:03 - 2013-04-30 19:01 - 00983500 _____ C:\Windows\system32\PerfStringBackup.INI
2017-07-03 07:03 - 2009-07-14 09:36 - 00812112 _____ C:\Windows\system32\perfh00C.dat
2017-07-03 07:03 - 2009-07-14 09:36 - 00174064 _____ C:\Windows\system32\perfc00C.dat
2017-07-02 20:59 - 2013-04-30 19:54 - 00000000 ____D C:\Users\A.BELAKHDAR\AppData\Local\Adobe
2017-07-02 20:59 - 2013-04-30 18:52 - 00000000 ____D C:\Windows\system32\Macromed
2017-07-02 01:29 - 2017-01-20 07:42 - 00000000 ____D C:\Program Files\Opera
2017-07-01 22:14 - 2013-05-03 03:31 - 00000000 ____D C:\Program Files\Google
2017-07-01 14:59 - 2013-10-12 20:20 - 00000000 ____D C:\Users\A.BELAKHDAR\AppData\Local\Apple Computer
2017-07-01 14:58 - 2013-10-12 20:20 - 00000000 ____D C:\Users\A.BELAKHDAR\AppData\Roaming\Apple Computer
2017-06-30 22:18 - 2016-02-13 07:44 - 00000000 ____D C:\Program Files\Mozilla Maintenance Service
2017-06-30 22:18 - 2015-07-03 12:03 - 00000000 ____D C:\Program Files\Internet Download Manager
2017-06-30 22:00 - 2016-08-21 08:43 - 00000000 _____ C:\Windows\system32\last.dump
2017-06-30 22:00 - 2016-06-07 23:46 - 00296312 _____ (AVAST Software) C:\Windows\system32\Drivers\aswvmm.sys
2017-06-30 21:59 - 2016-06-07 23:46 - 00496976 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys
2017-06-30 21:59 - 2016-06-07 23:46 - 00147688 _____ (AVAST Software) C:\Windows\system32\Drivers\aswStm.sys
2017-06-30 21:59 - 2016-06-07 23:46 - 00123896 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2017-06-30 21:59 - 2016-06-07 23:46 - 00099536 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2017-06-30 21:59 - 2016-06-07 23:46 - 00070840 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRvrt.sys
2017-06-30 21:59 - 2016-06-07 23:46 - 00042824 _____ (AVAST Software) C:\Windows\system32\Drivers\aswHwid.sys
2017-06-30 21:58 - 2017-03-18 19:21 - 00276704 _____ (AVAST Software s.r.o.) C:\Windows\system32\Drivers\aswblogx.sys
2017-06-30 21:58 - 2017-03-18 19:21 - 00266976 _____ (AVAST Software s.r.o.) C:\Windows\system32\Drivers\aswbidsdriverx.sys
2017-06-30 21:58 - 2017-03-18 19:21 - 00157384 _____ (AVAST Software s.r.o.) C:\Windows\system32\Drivers\aswbidshx.sys
2017-06-30 21:58 - 2017-03-18 19:21 - 00050352 _____ (AVAST Software s.r.o.) C:\Windows\system32\Drivers\aswbunivx.sys
2017-06-30 21:58 - 2016-06-08 00:10 - 00039752 _____ (AVAST Software) C:\Windows\system32\Drivers\aswKbd.sys
2017-06-30 21:58 - 2016-06-07 23:46 - 00774288 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys
2017-06-30 21:58 - 2016-06-07 23:46 - 00408048 _____ (AVAST Software) C:\Windows\system32\Drivers\aswNetSec.sys
2017-06-30 20:08 - 2013-05-03 05:03 - 00000000 ____D C:\Program Files\Common Files\Adobe AIR
2017-06-30 19:47 - 2017-01-20 09:23 - 00000000 ____D C:\ProgramData\IObit
2017-06-30 18:16 - 2017-01-20 09:25 - 00000000 ____D C:\ProgramData\ProductData
2017-06-29 12:54 - 2014-05-12 07:28 - 00000000 ____D C:\Users\A.BELAKHDAR\AppData\Local\ElevatedDiagnostics
2017-06-29 12:15 - 2009-07-14 05:52 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2017-06-25 22:23 - 2017-05-18 18:32 - 00000000 ____D C:\Users\A.BELAKHDAR\AppData\Local\Hisuite
2017-06-23 18:19 - 2017-01-28 09:20 - 00000000 ____D C:\Users\A.BELAKHDAR\AppData\Local\MEGAsync
==================== Fichiers à la racine de certains dossiers =======
2016-02-15 18:16 - 2007-03-30 14:43 - 0000036 _____ () C:\Program Files\Bin.cab
2016-02-14 13:03 - 2006-03-02 02:09 - 0638922 _____ () C:\Program Files\CmnSupt.cab
2016-02-14 13:03 - 2004-03-25 01:10 - 0286720 _____ (Creative Technology Ltd.) C:\Program Files\CTCabEx.DLL
2016-02-14 13:03 - 2004-10-01 01:08 - 0061440 _____ (Creative Technology Ltd.) C:\Program Files\CTUIXtra.dll
2016-02-06 17:57 - 2007-04-27 11:38 - 1105714 _____ () C:\Program Files\data1.cab
2016-02-06 17:57 - 2007-04-27 11:38 - 0017559 _____ () C:\Program Files\data1.hdr
2016-02-06 17:57 - 2007-04-27 11:38 - 0169798 _____ () C:\Program Files\data2.cab
2016-02-06 17:57 - 2011-06-27 13:43 - 0000295 _____ () C:\Program Files\Desc.xml
2016-02-14 13:03 - 2007-07-30 09:22 - 0000060 _____ () C:\Program Files\DISK.ID
2016-02-15 18:16 - 2007-04-27 11:42 - 0000036 _____ () C:\Program Files\Eng.cab
2016-02-14 13:03 - 2003-12-02 09:31 - 0459544 _____ () C:\Program Files\engine32.cab
2015-11-23 20:26 - 2010-03-24 16:46 - 5464064 _____ () C:\Program Files\iCom.mdb
2016-02-06 17:57 - 2007-04-27 11:38 - 0000555 _____ () C:\Program Files\layout.bin
2015-11-23 20:26 - 2010-03-24 17:12 - 6918144 _____ () C:\Program Files\Pharma.mdb
2016-02-06 17:57 - 2011-05-27 11:05 - 0921656 _____ () C:\Program Files\setup.bmp
2016-02-14 13:03 - 2003-11-10 19:55 - 0116880 _____ (InstallShield Software Corporation) C:\Program Files\setup.exe
2016-02-14 13:03 - 2007-04-27 11:38 - 0435969 _____ () C:\Program Files\setup.ibt
2016-02-14 13:03 - 2007-04-27 11:38 - 0000625 _____ () C:\Program Files\setup.ini
2016-02-06 17:57 - 2007-07-20 15:42 - 0216631 _____ () C:\Program Files\setup.inx
2016-02-14 13:03 - 2005-11-29 11:58 - 0000310 _____ () C:\Program Files\Setup.iss
2016-02-14 13:03 - 2002-10-23 17:32 - 0243858 _____ () C:\Program Files\setup.skin
2016-02-14 13:03 - 2007-03-29 19:47 - 0004196 _____ () C:\Program Files\Support.cab
2016-02-14 13:03 - 2007-08-22 01:38 - 0000789 _____ () C:\Program Files\Version.txt
2013-04-30 18:57 - 2010-04-12 14:11 - 0003639 _____ () C:\Users\A.BELAKHDAR\AppData\Roaming\GTShell.ini
2017-01-20 20:26 - 2017-01-20 20:26 - 0000078 _____ () C:\Users\A.BELAKHDAR\AppData\Roaming\JO.dat
2014-03-26 12:39 - 2013-04-10 07:56 - 0421200 _____ (Microsoft Corporation) C:\Users\A.BELAKHDAR\AppData\Roaming\msvcp100.dll
2014-03-26 12:39 - 2013-04-10 07:56 - 0770384 _____ (Microsoft Corporation) C:\Users\A.BELAKHDAR\AppData\Roaming\msvcr100.dll
2014-03-26 12:39 - 2014-03-19 06:04 - 1791600 _____ (Mozilla Foundation) C:\Users\A.BELAKHDAR\AppData\Roaming\nss3.dll
2013-05-02 18:45 - 2013-05-02 18:46 - 0000010 _____ () C:\Users\A.BELAKHDAR\AppData\Roaming\pdfdrawcodec.dll
2014-05-14 14:15 - 2014-05-14 14:15 - 0008194 _____ () C:\Users\A.BELAKHDAR\AppData\Local\ace12
2013-05-04 07:13 - 2013-05-21 08:13 - 0016384 _____ () C:\Users\A.BELAKHDAR\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2014-08-14 21:06 - 2014-08-14 21:06 - 0000099 _____ () C:\Users\A.BELAKHDAR\AppData\Local\fusioncache.dat
2014-03-23 05:36 - 2014-03-23 05:36 - 0000036 _____ () C:\Users\A.BELAKHDAR\AppData\Local\housecall.guid.cache
2013-11-09 16:51 - 2014-08-17 11:10 - 0007605 _____ () C:\Users\A.BELAKHDAR\AppData\Local\Resmon.ResmonCfg
2014-02-22 04:12 - 2014-02-28 17:46 - 0000700 ___SH () C:\Users\A.BELAKHDAR\AppData\Local\systemFL7.dat
2014-02-28 17:44 - 2014-02-28 17:45 - 0000520 ___SH () C:\Users\A.BELAKHDAR\AppData\Local\win_fldb_sys.dat
2014-02-22 04:09 - 2014-02-28 17:46 - 0003465 ___SH () C:\Users\A.BELAKHDAR\AppData\Local\win_stlthdb_sys.dat
2016-02-20 14:55 - 2016-02-20 14:55 - 0000106 _____ () C:\ProgramData\CameraRecorder.ini
Fichiers à déplacer ou supprimer:
====================
C:\Windows\Tasks\{88BCCB35-4196-4C8E-BCBC-E86BBB63E9A0}.job
C:\Windows\Tasks\{97C5EFDC-CE32-4376-84C3-FA591C6E885A}.job
C:\Windows\Tasks\{A459C6E7-766B-4D49-8F0E-175FC7C10121}.job
C:\Windows\Tasks\{E97FD650-7D85-4203-AF03-472E94262208}.job
C:\Windows\Tasks\{FBFA4762-A5FD-4AF6-974A-837BE77110A0}.job
==================== Bamital & volsnap ======================
(Il n'y a pas de correction automatique pour les fichiers qui ne satisfont pas à la vérification.)
C:\Windows\explorer.exe => Le fichier est signé numériquement
C:\Windows\system32\winlogon.exe => Le fichier est signé numériquement
C:\Windows\system32\wininit.exe => Le fichier est signé numériquement
C:\Windows\system32\svchost.exe => Le fichier est signé numériquement
C:\Windows\system32\services.exe => Le fichier est signé numériquement
C:\Windows\system32\User32.dll => Le fichier est signé numériquement
C:\Windows\system32\userinit.exe => Le fichier est signé numériquement
C:\Windows\system32\rpcss.dll => Le fichier est signé numériquement
C:\Windows\system32\dnsapi.dll => Le fichier est signé numériquement
C:\Windows\system32\Drivers\volsnap.sys => Le fichier est signé numériquement
LastRegBack: 2017-06-24 13:28
==================== Fin de FRST.txt ============================