cjoint

Publicité


Publicité

Format du document : text/plain

Prévisualisation

Résultats d'analyse de Farbar Recovery Scan Tool (FRST) (x64) Version:09-12-2015
Exécuté par yao-media (administrateur) sur YAO (12-12-2015 09:35:34)
Exécuté depuis C:\Users\yao-media\Desktop\ADMIN_2015\TELECHARGEMENTS
Profils chargés: yao-media (Profils disponibles: yao-media)
Platform: Windows 10 Home (X64) Langue: Français (France)
Internet Explorer Version 11 (Navigateur par défaut: Chrome)
Mode d'amorçage: Normal
Tutoriel pour Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processus (Avec liste blanche) =================

(Si un élément est inclus dans le fichier fixlist.txt, le processus sera arrêté. Le fichier ne sera pas déplacé.)

(AMD) C:\Windows\System32\atiesrxx.exe
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Creative Technology Ltd) C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe
(SurfRight B.V.) C:\Program Files\HitmanPro\hmpsched.exe
() C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe
(Qualcomm Atheros) C:\Program Files (x86)\Bluetooth Suite\AdminService.exe
(Alienware) C:\Program Files\Alienware\Graphics Amplifier\GraphicsAmplifierWindowsService.exe
(Flexera Software, Inc.) C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe
(LaCie) C:\Program Files (x86)\LaCie\LaCie Desktop Manager\LaCieDesktopManagerDaemon.exe
(Malwarebytes) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
(Malwarebytes) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
(Creative Technology Ltd) C:\Windows\SysWOW64\CtHdaSvc.exe
(Intel Corporation) C:\Windows\SysWOW64\esif_uf.exe
() C:\Program Files\Autodesk\3ds Max 2013\NVIDIA\raysat_3dsmax2013_64server.exe
(Panda Security, S.L.) C:\Program Files (x86)\Panda Security\Panda Devices Agent\AgentSvc.exe
(Visicom Media Inc.) C:\ProgramData\Panda Security URL Filtering\Panda_URL_Filteringb.exe
(Panda Security, S.L.) C:\Program Files (x86)\Panda Security\Panda Security Protection\PSUAService.exe
(Panda Security, S.L.) C:\Program Files (x86)\Panda Security\Panda Security Protection\PSANHost.exe
() C:\Program Files (x86)\Intel Driver Update Utility\SUR\SurSvc.exe
(WIBU-SYSTEMS AG) C:\Program Files (x86)\WIBUKEY\Server\WkSvW32.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Alienware) C:\Program Files\Alienware\Command Center\AlienFusionService.exe
(Dell) C:\Program Files\Dell\Dell Foundation Services\DFSSvc.exe
(Dell Inc.) C:\Program Files\Dell\DellDataVault\DellDataVaultWiz.exe
(Dell Products, LP.) C:\Program Files (x86)\Dell Digital Delivery\DeliveryService.exe
() C:\Program Files\Intel\SUR\WILLAMETTE\ESRV\esrv_svc.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Dell Inc.) C:\Program Files (x86)\Dell\SupportAssistAgent\bin\SupportAssistAgent.exe
(Dell Inc.) C:\Program Files\Dell\DellDataVault\DellDataVault.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Intel Corporation) C:\Windows\Temp\DPTF\esif_assist.exe
(Malwarebytes) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
() C:\Windows\System32\igfxTray.exe
(Alienware) C:\Program Files\Alienware\Command Center\AlienFusionController.exe
() C:\Program Files\Intel\SUR\WILLAMETTE\ESRV\esrv.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Valve Corporation) C:\Program Files (x86)\Steam\Steam.exe
(Alienware) C:\Program Files\Alienware\Command Center\AWCCServiceController.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Compal Inc.) C:\Program Files (x86)\Alienware On-Screen Display\AlienwareOn-ScreenDisplay.exe
(Alienware) C:\Program Files\Alienware\Command Center\AlienwareTactXMacroController.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Panda Security, S.L.) C:\Program Files (x86)\Panda Security\Panda Security Protection\PSUAMain.exe
(Alienware) C:\Program Files\Alienware\Command Center\AlienwareAlienFXController.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office\Office15\MSOSYNC.EXE
(Alienware) C:\Program Files\Alienware\Command Center\AWCCApplicationWatcher32.exe
(Alienware) C:\Program Files\Alienware\Command Center\AWCCApplicationWatcher64.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
(Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\InstallAgent.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Microsoft Corporation) C:\Windows\System32\CompatTelRunner.exe
(Microsoft Corporation) C:\Windows\Temp\6EDB6E93-FB6E-4416-8AA7-D5C3659DE44F\DismHost.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe


==================== Registre (Avec liste blanche) ===========================

(Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé. Le fichier ne sera pas déplacé.)

HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [287592 2014-05-28] (Intel Corporation)
HKLM\...\Run: [Command Center Controllers] => C:\Program Files\Alienware\Command Center\AWCCStartupOrchestrator.exe [35216 2014-11-10] (Alienware)
HKLM\...\Run: [StageLightUpdate] => C:\Program Files\Stagelight\StagelightUpdate.exe [1391104 2014-12-01] ()
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [500936 2015-05-25] (Adobe Systems Incorporated)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2857200 2014-11-06] (Synaptics Incorporated)
HKLM\...\Run: [CDAServer] => C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe [464608 2014-09-08] ()
HKLM-x32\...\Run: [UpdReg] => C:\WINDOWS\UpdReg.EXE
HKLM-x32\...\Run: [AlienwareOn-ScreenDisplay] => C:\Program Files (x86)\Alienware On-Screen Display\AlienwareOn-ScreenDisplay.exe [3746560 2014-09-26] (Compal Inc.)
HKLM-x32\...\Run: [PSUAMain] => C:\Program Files (x86)\Panda Security\Panda Security Protection\PSUAMain.exe [40184 2015-02-27] (Panda Security, S.L.)
HKLM-x32\...\Run: [AdobeCS5ServiceManager] => C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe [406992 2010-02-22] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [SwitchBoard] => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [926896 2012-09-23] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [Acrobat Assistant 8.0] => C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Acrotray.exe [3477640 2012-09-23] (Adobe Systems Inc.)
HKLM-x32\...\Run: [Sound Blaster Recon3Di SBX Control Panel] => C:\Program Files (x86)\Creative\Sound Blaster Recon3Di\Sound Blaster Recon3Di Control Panel\SBRcni.exe [1129984 2014-03-20] (Creative Technology Ltd)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [596528 2015-11-09] (Oracle Corporation)
HKLM\...\Winlogon: [Userinit] C:\Windows\SysWOW64\userinit.exe,
HKU\S-1-5-21-2982858499-2808115190-1059147886-1001\...\Run: [LaCie Desktop Manager 2 Startup] => C:\Program Files (x86)\LaCie\LaCie Desktop Manager\LaCie Desktop Manager.exe [872728 2015-04-22] (LaCie)
HKU\S-1-5-21-2982858499-2808115190-1059147886-1001\...\Run: [uTorrent] => C:\Users\yao-media\AppData\Roaming\uTorrent\uTorrent.exe [2026520 2015-12-01] (BitTorrent Inc.)
HKU\S-1-5-21-2982858499-2808115190-1059147886-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [8418584 2015-07-17] (Piriform Ltd)
HKU\S-1-5-21-2982858499-2808115190-1059147886-1001\...\Run: [DAEMON Tools Lite Automount] => C:\Program Files\DAEMON Tools Lite\DTAgent.exe [4468056 2015-06-18] (Disc Soft Ltd)
HKU\S-1-5-21-2982858499-2808115190-1059147886-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [3013200 2015-12-10] (Valve Corporation)
HKU\S-1-5-21-2982858499-2808115190-1059147886-1001\...\RunOnce: [Uninstall C:\Users\yao-media\AppData\Local\Microsoft\OneDrive\17.3.5892.0626\amd64] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\yao-media\AppData\Local\Microsoft\OneDrive\17.3.5892.0626\amd64"
HKU\S-1-5-21-2982858499-2808115190-1059147886-1001\...\RunOnce: [Uninstall C:\Users\yao-media\AppData\Local\Microsoft\OneDrive\17.3.5930.0814\amd64] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\yao-media\AppData\Local\Microsoft\OneDrive\17.3.5930.0814\amd64"
HKU\S-1-5-21-2982858499-2808115190-1059147886-1001\...\RunOnce: [Uninstall C:\Users\yao-media\AppData\Local\Microsoft\OneDrive\17.3.5951.0827\amd64] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\yao-media\AppData\Local\Microsoft\OneDrive\17.3.5951.0827\amd64"
HKU\S-1-5-21-2982858499-2808115190-1059147886-1001\...\Policies\system: [DisableLockWorkstation] 0
HKU\S-1-5-21-2982858499-2808115190-1059147886-1001\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\WINDOWS\system32\Ribbons.scr [149504 2015-07-10] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [ID de superposition d'icônes des signatures numériques AutoCAD] -> {36A21736-36C2-4C11-8ACB-D4136F2B57BD} => C:\WINDOWS\system32\AcSignIcon.dll [2011-02-04] (Autodesk, Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Serveur réseau.lnk [2015-08-24]
ShortcutTarget: Serveur réseau.lnk -> C:\Program Files (x86)\WIBUKEY\Server\WkSvMgr.exe (WIBU-SYSTEMS AG)
GroupPolicy: Restriction - Chrome <======= ATTENTION

==================== Internet (Avec liste blanche) ====================

(Si un élément est inclus dans le fichier fixlist.txt, s'il s'agit d'un élément du Registre, il sera supprimé ou restauré à la valeur par défaut.)

Hosts: Il y a plus d'un élément dans hosts. Voir la section Hosts de Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1 192.168.1.1
Tcpip\..\Interfaces\{6817d9b4-99de-4127-a49f-a3f92b917334}: [DhcpNameServer] 192.168.1.1 192.168.1.1

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com
HKU\S-1-5-21-2982858499-2808115190-1059147886-1001\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://www.alienwarearena.com/welcome-fr
HKU\S-1-5-21-2982858499-2808115190-1059147886-1001\Software\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = hxxp://www.alienwarearena.com/welcome-fr
HKU\S-1-5-21-2982858499-2808115190-1059147886-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://fr.yahoo.com/?fr=yset_ie_syc_oracle&type=orcl_hpset
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-2982858499-2808115190-1059147886-1001 -> {2CF5B3FC-F2D5-4ED2-B28E-126560904A5F} URL =
SearchScopes: HKU\S-1-5-21-2982858499-2808115190-1059147886-1001 -> {EF644C61-E0B2-43D3-A57A-9888A23E9207} URL = hxxps://fr.search.yahoo.com/search?p={searchTerms}&fr=yset_ie_syc_oracle&type=orcl_default
BHO-x32: ContributeBHO Class -> {074C1DC5-9320-4A9A-947D-C042949C6216} -> C:\Program Files (x86)\Adobe\Adobe Contribute CS5\Plugins\IEPlugin\contributeieplugin.dll [2010-03-27] (Adobe Systems, Inc.)
BHO-x32: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2012-09-23] (Adobe Systems Incorporated)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_66\bin\ssv.dll [2015-11-19] (Oracle Corporation)
BHO-x32: Adobe Acrobat Create PDF Toolbar Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll [2012-09-23] (Adobe Systems Incorporated)
BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL [2014-01-21] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_66\bin\jp2ssv.dll [2015-11-19] (Oracle Corporation)
BHO-x32: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll [2012-09-23] (Adobe Systems Incorporated)
Toolbar: HKLM-x32 - Pas de nom - {B821BF60-5C2D-41EB-92DC-3E4CCD3A22E4} - Pas de fichier
Toolbar: HKLM-x32 - Contribute Toolbar - {517BDDE4-E3A7-4570-B21E-2B52B6139FC7} - C:\Program Files (x86)\Adobe\Adobe Contribute CS5\Plugins\IEPlugin\contributeieplugin.dll [2010-03-27] (Adobe Systems, Inc.)
Toolbar: HKLM-x32 - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll [2012-09-23] (Adobe Systems Incorporated)
Toolbar: HKU\S-1-5-21-2982858499-2808115190-1059147886-1001 -> Pas de nom - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - Pas de fichier
Handler-x32: http - {E1D2BF42-A96B-11D1-9C6B-0000F875AC61} - C:\PROGRA~2\COMMON~1\System\OLEDB~1\MSDAIPP.DLL [1999-12-02] (Microsoft Corporation)
Handler-x32: http - {E1D2BF40-A96B-11D1-9C6B-0000F875AC61} - C:\PROGRA~2\COMMON~1\System\OLEDB~1\MSDAIPP.DLL [1999-12-02] (Microsoft Corporation)
Handler-x32: https - {E1D2BF42-A96B-11D1-9C6B-0000F875AC61} - C:\PROGRA~2\COMMON~1\System\OLEDB~1\MSDAIPP.DLL [1999-12-02] (Microsoft Corporation)
Handler-x32: https - {E1D2BF40-A96B-11D1-9C6B-0000F875AC61} - C:\PROGRA~2\COMMON~1\System\OLEDB~1\MSDAIPP.DLL [1999-12-02] (Microsoft Corporation)
Handler-x32: ipp - {E1D2BF42-A96B-11D1-9C6B-0000F875AC61} - C:\PROGRA~2\COMMON~1\System\OLEDB~1\MSDAIPP.DLL [1999-12-02] (Microsoft Corporation)
Handler-x32: msdaipp - {E1D2BF42-A96B-11D1-9C6B-0000F875AC61} - C:\PROGRA~2\COMMON~1\System\OLEDB~1\MSDAIPP.DLL [1999-12-02] (Microsoft Corporation)
Handler-x32: msdaipp - {E1D2BF40-A96B-11D1-9C6B-0000F875AC61} - C:\PROGRA~2\COMMON~1\System\OLEDB~1\MSDAIPP.DLL [1999-12-02] (Microsoft Corporation)
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL [2014-01-23] (Microsoft Corporation)

Edge:
======
Edge HomeButtonPage: HKU\S-1-5-21-2982858499-2808115190-1059147886-1001 -> hxxp://do-search.com/?type=hp&ts=1443431280&z=fc55454b79b1eb4f9e28344g3z5z6cfz4c4gaocbce&from=dae&uid=hgstxhts721010a9e630_jr10006p2ketrf2ketrfx

FireFox:
========
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~1\Office15\NPSPWRAP.DLL [2014-01-23] (Microsoft Corporation)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll [2015-03-09] (Adobe Systems)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll [2015-08-10] ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.56 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2014-10-10] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2014-10-10] (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.66.2 -> C:\Program Files (x86)\Java\jre1.8.0_66\bin\dtplugin\npDeployJava1.dll [2015-11-19] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.66.2 -> C:\Program Files (x86)\Java\jre1.8.0_66\bin\plugin2\npjp2.dll [2015-11-19] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office15\NPSPWRAP.DLL [2014-01-21] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.29.1\npGoogleUpdate3.dll [2015-12-02] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.29.1\npGoogleUpdate3.dll [2015-12-02] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.2.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin-x32: Adobe Acrobat -> C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Air\nppdf32.dll [2012-09-23] (Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll [2015-03-09] (Adobe Systems)
FF Plugin HKU\S-1-5-21-2982858499-2808115190-1059147886-1001: @citrixonline.com/appdetectorplugin -> C:\Users\yao-media\AppData\Local\Citrix\Plugins\104\npappdetector.dll [2015-10-30] (Citrix Online)
FF Plugin HKU\S-1-5-21-2982858499-2808115190-1059147886-1001: ubisoft.com/uplaypc -> C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll [2015-09-28] ()
FF HKLM-x32\...\Firefox\Extensions: [{01A8CA0A-4C96-465b-A49B-65C46FAD54F9}] - C:\Program Files (x86)\Adobe\Adobe Contribute CS5\Plugins\FirefoxPlugin\{01A8CA0A-4C96-465b-A49B-65C46FAD54F9}
FF Extension: Adobe Contribute Toolbar - C:\Program Files (x86)\Adobe\Adobe Contribute CS5\Plugins\FirefoxPlugin\{01A8CA0A-4C96-465b-A49B-65C46FAD54F9} [2015-08-10] [non signé]
FF HKLM-x32\...\Firefox\Extensions: [web2pdfextension@web2pdf.adobedotcom] - C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Browser\WCFirefoxExtn
FF Extension: Adobe Acrobat - Create PDF - C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Browser\WCFirefoxExtn [2015-08-14] [non signé]

Chrome:
=======
CHR HomePage: Default -> hxxp://isearch.babylon.com/?affID=116218&tt=201112_ccp_ctrl_4712_2&babsrc=HP_ss&mntrId=303fc2a800000000000088532e4f4966
CHR StartupUrls: Default -> "hxxps://www.google.fr/"
CHR DefaultSearchURL: Default -> hxxp://pandasecurity.mystart.com/results.php?searchsource=omnibar&pr=vmn&id=pandasecuritytb&v=2_3&ent=ds_671&q={searchTerms}
CHR DefaultSearchKeyword: Default -> yahoo
CHR DefaultSuggestURL: Default -> hxxps://fr.search.yahoo.com/sugg/ie?output=fxjson&command={searchTerms}&nResults=10
CHR Profile: C:\Users\yao-media\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Adblock Plus) - C:\Users\yao-media\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2015-11-24]
CHR Extension: (Adobe Acrobat) - C:\Users\yao-media\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2015-11-09]
CHR Extension: (Yahoo!) - C:\Users\yao-media\AppData\Local\Google\Chrome\User Data\Default\Extensions\fdhbkaahephniejapepaiggngjnedpci [2015-08-13]
CHR Extension: (Avast Online Security) - C:\Users\yao-media\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2015-11-03]
CHR Extension: (Paiements via le Chrome Web Store) - C:\Users\yao-media\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-08-13]
CHR Extension: (Quick Menu) - C:\Users\yao-media\AppData\Local\Google\Chrome\User Data\Default\Extensions\oggihoncmelambjaefiboekididcaffe [2015-11-30]
CHR HKLM\...\Chrome\Extension: [oggihoncmelambjaefiboekididcaffe] - C:\Users\yao-media\AppData\Local\Google\Chrome\User Data\Default\Extensions\oggihoncmelambjaefiboekididcaffe.crx [2015-11-02]
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Browser\WCChromeExtn\WCChromeExtn.crx [2012-09-23]
CHR HKLM-x32\...\Chrome\Extension: [fdhbkaahephniejapepaiggngjnedpci] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [npdicihegicnhaangkdmcgbjceoemeoo] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [oggihoncmelambjaefiboekididcaffe] - C:\Users\yao-media\AppData\Local\Google\Chrome\User Data\Default\Extensions\oggihoncmelambjaefiboekididcaffe.crx [2015-11-02]

==================== Services (Avec liste blanche) ========================

(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)

R2 AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [309376 2014-09-19] (Qualcomm Atheros) [Fichier non signé]
R2 Autodesk Content Service; C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe [18656 2011-02-02] ()
S3 cfbackd; C:\Program Files (x86)\CleverFiles\Disk Drill\cfbackd.w32.exe [211520 2014-08-31] (CleverFiles)
R2 CTAudSvcService; c:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe [429056 2013-10-29] (Creative Technology Ltd) [Fichier non signé]
R2 CtHdaSvc; C:\Windows\sysWow64\CtHdaSvc.exe [133640 2015-06-05] (Creative Technology Ltd)
R2 Dell Foundation Services; C:\Program Files\Dell\Dell Foundation Services\DFSSvc.exe [94568 2015-12-03] (Dell)
R2 DellDataVault; C:\Program Files\Dell\DellDataVault\DellDataVault.exe [2574168 2015-09-11] (Dell Inc.)
R2 DellDataVaultWiz; C:\Program Files\Dell\DellDataVault\DellDataVaultWiz.exe [201560 2015-09-11] (Dell Inc.)
S3 Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusService.exe [1268568 2015-06-18] (Disc Soft Ltd)
R2 esifsvc; C:\Windows\SysWOW64\esif_uf.exe [1037568 2014-09-19] (Intel Corporation)
R2 ESRV_SVC_WILLAMETTE; C:\Program Files\Intel\SUR\WILLAMETTE\ESRV\esrv_svc.exe [414360 2015-09-14] ()
R2 GraphicsAmplifierWindowsService; C:\Program Files\Alienware\Graphics Amplifier\GraphicsAmplifierWindowsService.exe [7680 2014-11-10] (Alienware) [Fichier non signé]
R2 HitmanProScheduler; C:\Program Files\HitmanPro\hmpsched.exe [127752 2015-12-11] (SurfRight B.V.)
R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [16232 2014-05-28] (Intel Corporation)
R2 igfxCUIService2.0.0.0; C:\Windows\system32\igfxCUIService.exe [350312 2015-09-18] (Intel Corporation)
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [887256 2014-05-13] (Intel(R) Corporation)
S3 ioloEnergyBooster; C:\Program Files\Alienware\Command Center\ioloEnergyBooster.exe [6145872 2012-11-01] (iolo technologies, LLC)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [158496 2014-10-10] (Intel Corporation)
R2 LaCieDesktopManagerDaemon; C:\Program Files (x86)\LaCie\LaCie Desktop Manager\LaCieDesktopManagerDaemon.exe [1149720 2015-04-22] (LaCie)
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1513784 2015-10-05] (Malwarebytes)
R2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1135416 2015-10-05] (Malwarebytes)
R2 mi-raysat_3dsmax2013_64; C:\Program Files\Autodesk\3ds Max 2013\NVIDIA\raysat_3dsmax2013_64server.exe [86016 2011-09-14] () [Fichier non signé]
R2 NanoServiceMain; C:\Program Files (x86)\Panda Security\Panda Security Protection\PSANHost.exe [142584 2015-02-27] (Panda Security, S.L.)
R2 PandaAgent; C:\Program Files (x86)\Panda Security\Panda Devices Agent\AgentSvc.exe [66808 2014-10-09] (Panda Security, S.L.)
R2 panda_url_filtering; C:\ProgramData\Panda Security URL Filtering\Panda_URL_Filteringb.exe [291336 2015-05-19] (Visicom Media Inc.)
R2 PSUAService; C:\Program Files (x86)\Panda Security\Panda Security Protection\PSUAService.exe [38136 2015-02-27] (Panda Security, S.L.)
R2 SupportAssistAgent; C:\Program Files (x86)\Dell\SupportAssistAgent\bin\SupportAssistAgent.exe [21160 2015-09-30] (Dell Inc.)
S3 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [Fichier non signé]
R2 SystemUsageReportSvc_WILLAMETTE; C:\Program Files (x86)\Intel Driver Update Utility\SUR\SurSvc.exe [112792 2015-09-14] ()
S3 USER_ESRV_SVC_WILLAMETTE; C:\Program Files\Intel\SUR\WILLAMETTE\ESRV\esrv_svc.exe [414360 2015-09-14] ()
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [362928 2015-07-10] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [24864 2015-07-10] (Microsoft Corporation)
R2 WkSvw32.exe; C:\Program Files (x86)\WIBUKEY\Server\WkSvw32.exe [668728 2015-07-21] (WIBU-SYSTEMS AG)

===================== Pilotes (Avec liste blanche) ==========================

(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)

R2 amdacpksd; C:\WINDOWS\system32\drivers\amdacpksd.sys [306424 2015-08-09] (Advanced Micro Devices)
R0 amdkmpfd; C:\Windows\System32\drivers\amdkmpfd.sys [62152 2014-10-28] (Advanced Micro Devices, Inc.)
R3 cthda; C:\Windows\system32\drivers\cthda.sys [1075496 2015-06-05] (Creative Technology Ltd)
R3 DDDriver; C:\Windows\system32\drivers\DDDriver64Dcsa.sys [23760 2015-05-22] (Dell Computer Corporation)
R3 DellProf; C:\Windows\system32\drivers\DellProf.sys [24240 2015-05-22] (Dell Computer Corporation)
R3 DellRbtn; C:\Windows\System32\drivers\DellRbtn.sys [10752 2013-01-25] (OSR Open Systems Resources, Inc.)
R3 dptf_acpi; C:\Windows\System32\drivers\dptf_acpi.sys [41824 2014-09-19] (Intel Corporation)
R3 dptf_cpu; C:\Windows\System32\drivers\dptf_cpu.sys [38720 2014-09-19] (Intel Corporation)
R3 dtlitescsibus; C:\Windows\System32\drivers\dtlitescsibus.sys [30264 2015-09-28] (Disc Soft Ltd)
R0 EMSC; C:\Windows\System32\drivers\EMSC.SYS [17720 2012-07-10] ()
R0 EMSC; C:\Windows\SysWOW64\drivers\EMSC.SYS [15160 2012-07-10] ()
S3 EsgScanner; C:\Windows\System32\DRIVERS\EsgScanner.sys [22704 2015-12-10] ()
R3 esif_lf; C:\Windows\System32\drivers\esif_lf.sys [216360 2014-09-19] (Intel Corporation)
S3 Ke2200; C:\Windows\System32\drivers\e22w8x64.sys [130224 2014-03-27] (Qualcomm Atheros, Inc.)
R3 KillerEth; C:\Windows\System32\drivers\e22w10x64.sys [133192 2015-10-27] (Qualcomm Atheros, Inc.)
R3 kiox_ff_driver; C:\Windows\System32\drivers\kiox_ff_driver.sys [32736 2014-10-09] (Kionix, Inc.)
R0 kxdiskprot; C:\Windows\System32\DRIVERS\kxdiskprot.sys [30664 2014-10-09] (Kionix, Inc.)
R3 MBAMProtector; C:\WINDOWS\system32\drivers\mbam.sys [25816 2015-10-05] (Malwarebytes)
R3 MBAMSwissArmy; C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [192216 2015-12-12] (Malwarebytes)
R3 MBAMWebAccessControl; C:\WINDOWS\system32\drivers\mwac.sys [64216 2015-10-05] (Malwarebytes Corporation)
R3 MEIx64; C:\Windows\system32\DRIVERS\TeeDriverx64.sys [129312 2014-10-10] (Intel Corporation)
R1 NNSALPC; C:\Windows\System32\DRIVERS\NNSAlpc.sys [93968 2015-02-09] (Panda Security, S.L.)
R1 NNSHTTP; C:\Windows\System32\DRIVERS\NNSHttp.sys [202000 2015-02-09] (Panda Security, S.L.)
R1 NNSHTTPS; C:\Windows\System32\DRIVERS\NNSHttps.sys [110864 2015-02-09] (Panda Security, S.L.)
R1 NNSIDS; C:\Windows\System32\DRIVERS\NNSIds.sys [116496 2015-02-09] (Panda Security, S.L.)
R1 NNSNAHSL; C:\Windows\system32\DRIVERS\NNSNAHSL.sys [49936 2014-12-31] (Panda Security, S.L.)
R1 NNSPICC; C:\Windows\System32\DRIVERS\NNSPicc.sys [99600 2015-02-09] (Panda Security, S.L.)
R1 NNSPIHSW; C:\Windows\System32\DRIVERS\NNSPihsw.sys [69904 2015-02-09] (Panda Security, S.L.)
R1 NNSPOP3; C:\Windows\System32\DRIVERS\NNSPop3.sys [124176 2015-02-09] (Panda Security, S.L.)
R1 NNSPROT; C:\Windows\System32\DRIVERS\NNSProt.sys [299792 2015-02-09] (Panda Security, S.L.)
R1 NNSPRV; C:\Windows\System32\DRIVERS\NNSPrv.sys [166160 2015-02-09] (Panda Security, S.L.)
R1 NNSSMTP; C:\Windows\System32\DRIVERS\NNSSmtp.sys [113424 2015-02-09] (Panda Security, S.L.)
R1 NNSSTRM; C:\Windows\System32\DRIVERS\NNSStrm.sys [257296 2015-02-09] (Panda Security, S.L.)
R1 NNSTLSC; C:\Windows\System32\DRIVERS\NNSTlsc.sys [106256 2015-02-09] (Panda Security, S.L.)
R3 panda_url_filteringd; C:\ProgramData\Panda Security URL Filtering\panda_url_filteringd.sys [51288 2014-03-19] (Visicom Media Inc.)
R2 PSINAflt; C:\Windows\System32\DRIVERS\PSINAflt.sys [163576 2015-06-17] (Panda Security, S.L.)
R2 PSINFile; C:\Windows\System32\DRIVERS\PSINFile.sys [121616 2015-02-25] (Panda Security, S.L.)
R1 PSINKNC; C:\Windows\System32\DRIVERS\psinknc.sys [197392 2015-02-25] (Panda Security, S.L.)
R2 PSINProc; C:\Windows\System32\DRIVERS\PSINProc.sys [124176 2015-02-25] (Panda Security, S.L.)
R2 PSINProt; C:\Windows\System32\DRIVERS\PSINProt.sys [133904 2015-02-25] (Panda Security, S.L.)
R2 PSINReg; C:\Windows\System32\DRIVERS\PSINReg.sys [107792 2015-02-25] (Panda Security, S.L.)
R3 PSKMAD; C:\Windows\System32\DRIVERS\PSKMAD.sys [61712 2015-05-22] (Panda Security, S.L.)
R3 Qcamain10x64; C:\Windows\System32\drivers\Qcamain10x64.sys [2257816 2015-05-21] (Atheros Communications, Inc.)
R3 RTSPER; C:\Windows\system32\DRIVERS\RtsPer.sys [751632 2015-05-14] (Realsil Semiconductor Corporation)
R3 semav6msr64; C:\WINDOWS\system32\drivers\semav6msr64.sys [21984 2015-06-04] ()
R3 SmbDrvI; C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys [33008 2014-11-06] (Synaptics Incorporated)
S3 UdeCx; C:\Windows\System32\drivers\udecx.sys [44032 2015-07-10] ()
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44568 2015-07-10] (Microsoft Corporation)
R3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [291680 2015-07-10] (Microsoft Corporation)
R2 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [119648 2015-07-10] (Microsoft Corporation)
R2 WIBUKEY; C:\Windows\System32\DRIVERS\WibuKey64.sys [106760 2015-07-21] (WIBU-SYSTEMS AG)
S3 wfpcapture; \SystemRoot\System32\drivers\wfpcapture.sys [X]

==================== NetSvcs (Avec liste blanche) ===================

(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)


==================== Un mois - Créés - fichiers et dossiers ========

(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)

2015-12-12 09:25 - 2015-12-12 09:25 - 00016148 _____ C:\WINDOWS\system32\YAO_yao-media_HistoryPrediction.bin
2015-12-11 21:10 - 2015-12-11 21:10 - 00372214 _____ C:\Users\yao-media\Downloads\hbi90efxha.pdf
2015-12-11 20:57 - 2015-12-11 20:57 - 00000000 ____D C:\d86aa8a37647c6f66f
2015-12-11 20:45 - 2015-12-11 20:45 - 00001569 _____ C:\Users\yao-media\Desktop\ZHPFixReport.txt
2015-12-11 20:38 - 2015-12-11 20:39 - 03521617 _____ (Nicolas Coolman ) C:\Users\yao-media\Downloads\ZHPFix (3).exe
2015-12-11 20:38 - 2015-12-11 20:38 - 03521617 _____ (Nicolas Coolman ) C:\Users\yao-media\Downloads\ZHPFix (2).exe
2015-12-11 20:27 - 2015-12-11 20:27 - 00000085 _____ C:\WINDOWS\wininit.ini
2015-12-11 20:26 - 2015-12-11 20:26 - 03521617 _____ (Nicolas Coolman ) C:\Users\yao-media\Downloads\ZHPFix (1).exe
2015-12-11 20:25 - 2015-12-11 20:26 - 00000000 ____D C:\Program Files (x86)\ZHPFix
2015-12-11 20:25 - 2015-12-11 20:25 - 03521617 _____ (Nicolas Coolman ) C:\Users\yao-media\Downloads\ZHPFix.exe
2015-12-11 20:25 - 2015-12-11 20:25 - 00001924 _____ C:\Users\Public\Desktop\ZHPFix.lnk
2015-12-11 20:25 - 2015-12-11 20:25 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ZHP
2015-12-11 19:16 - 2015-12-11 21:31 - 00126792 _____ C:\Users\yao-media\Desktop\ZHPDiag.txt
2015-12-11 19:15 - 2015-10-15 14:42 - 02420104 ____R (Adobe Systems, Incorporated) C:\Tempo.zhp
2015-12-11 19:14 - 2015-12-11 22:28 - 00000000 ____D C:\Users\yao-media\AppData\Roaming\ZHP
2015-12-11 19:14 - 2015-12-11 21:29 - 00000906 _____ C:\Users\yao-media\Desktop\ZHPDiag.lnk
2015-12-11 19:14 - 2015-12-11 19:14 - 02008064 _____ C:\Users\yao-media\Downloads\ZHPDiag3.exe
2015-12-11 17:04 - 2015-12-11 17:05 - 00057281 _____ C:\Users\yao-media\Downloads\Addition.txt
2015-12-11 17:03 - 2015-12-12 09:35 - 00000000 ____D C:\FRST
2015-12-11 17:03 - 2015-12-11 17:05 - 00060110 _____ C:\Users\yao-media\Downloads\FRST.txt
2015-12-11 17:03 - 2015-12-11 17:03 - 02369024 _____ (Farbar) C:\Users\yao-media\Downloads\FRST64.exe
2015-12-11 16:11 - 2015-12-11 16:11 - 00003880 _____ C:\Users\yao-media\Desktop\Paramètres - Moteurs de recherche.html
2015-12-11 16:11 - 2015-12-11 16:11 - 00000000 ____D C:\Users\yao-media\Desktop\Paramètres - Moteurs de recherche_files
2015-12-11 15:40 - 2015-12-11 15:41 - 04532825 _____ C:\Users\yao-media\Downloads\Mise_en_oeuvre_produits_PAVATEX.pdf
2015-12-11 15:40 - 2015-12-11 15:41 - 00876115 _____ C:\Users\yao-media\Downloads\PAVATHERM.frz.pdf
2015-12-11 15:39 - 2015-12-11 15:39 - 00951921 _____ C:\Users\yao-media\Downloads\PAVATEX_DB_3.5_04.pdf
2015-12-11 15:02 - 2015-12-11 15:02 - 03286400 _____ (Enigma Software Group USA, LLC.) C:\Users\yao-media\Downloads\SpyHunter-Installer (3).exe
2015-12-11 15:01 - 2015-12-11 15:01 - 03286400 _____ (Enigma Software Group USA, LLC.) C:\Users\yao-media\Downloads\SpyHunter-Installer (2).exe
2015-12-11 11:40 - 2015-12-11 11:40 - 00000000 ____D C:\Users\yao-media\AppData\LocalLow\uTorrent
2015-12-11 11:24 - 2015-12-11 11:24 - 00000000 ____D C:\Users\yao-media\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Itoo Software
2015-12-11 11:24 - 2015-12-11 11:24 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Itoo Software
2015-12-11 11:24 - 2015-12-11 11:24 - 00000000 ____D C:\ProgramData\Itoo Software
2015-12-11 11:23 - 2015-12-11 11:23 - 00000000 ____D C:\Program Files (x86)\Itoo Software
2015-12-11 07:14 - 2015-12-11 07:14 - 00009236 _____ C:\WINDOWS\system32\.crusader
2015-12-11 07:02 - 2015-12-11 07:02 - 00002016 _____ C:\Users\Public\Desktop\HitmanPro.lnk
2015-12-11 07:02 - 2015-12-11 07:02 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HitmanPro
2015-12-11 07:02 - 2015-12-11 07:02 - 00000000 ____D C:\Program Files\HitmanPro
2015-12-11 07:01 - 2015-12-11 07:15 - 00000000 ____D C:\ProgramData\HitmanPro
2015-12-11 07:01 - 2015-12-11 07:01 - 11337112 _____ (SurfRight B.V.) C:\Users\yao-media\Downloads\HitmanPro_x64.exe
2015-12-11 06:52 - 2015-12-11 06:52 - 01738240 _____ C:\Users\yao-media\Downloads\adwcleaner_5.024 (4).exe
2015-12-10 21:01 - 2015-12-10 21:02 - 01738240 _____ C:\Users\yao-media\Downloads\adwcleaner_5.024 (3).exe
2015-12-10 16:27 - 2015-12-10 16:27 - 00000000 ____D C:\Users\yao-media\AppData\LocalLow\BitTorrent
2015-12-10 15:58 - 2015-12-10 15:58 - 00000000 ____D C:\Program Files\Common Files\AV
2015-12-10 15:56 - 2015-12-10 15:56 - 00000000 ____D C:\WINDOWS\System32\Tasks\Safer-Networking
2015-12-10 15:55 - 2015-12-10 15:55 - 46525608 _____ (Safer-Networking Ltd. ) C:\Users\yao-media\Downloads\spybot-2.4.exe
2015-12-10 15:51 - 2015-12-10 15:51 - 01877792 _____ (BitTorrent Inc.) C:\Users\yao-media\Downloads\BitTorrent (torrent,b.bittorrent.com^2F265384).exe
2015-12-10 15:49 - 2015-12-10 15:51 - 00000000 ____D C:\Users\yao-media\Downloads\Golden Rules - Golden Ticket
2015-12-10 14:25 - 2015-12-10 14:25 - 00000000 _____ C:\autoexec.bat
2015-12-10 14:24 - 2015-12-10 14:24 - 00022704 _____ C:\WINDOWS\system32\Drivers\EsgScanner.sys
2015-12-10 14:23 - 2015-12-10 14:24 - 03286400 _____ (Enigma Software Group USA, LLC.) C:\Users\yao-media\Downloads\SpyHunter-Installer (1).exe
2015-12-10 14:23 - 2015-12-10 14:23 - 03286400 _____ (Enigma Software Group USA, LLC.) C:\Users\yao-media\Downloads\SpyHunter-Installer.exe
2015-12-09 18:01 - 2015-12-01 08:01 - 02115936 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys
2015-12-09 18:01 - 2015-12-01 07:03 - 00008192 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\gpuenergydrv.sys
2015-12-09 18:01 - 2015-12-01 06:54 - 00771072 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
2015-12-09 18:01 - 2015-12-01 06:51 - 07523840 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2015-12-09 18:01 - 2015-12-01 06:49 - 04792320 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2015-12-09 18:01 - 2015-12-01 06:02 - 03580416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2015-12-09 18:01 - 2015-12-01 05:59 - 05455360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2015-12-09 18:01 - 2015-11-25 06:42 - 04532304 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe
2015-12-09 18:01 - 2015-11-25 06:42 - 00168288 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetworkUXBroker.exe
2015-12-09 18:01 - 2015-11-25 06:41 - 01822280 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2015-12-09 18:01 - 2015-11-25 06:40 - 00516448 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBHUB3.SYS
2015-12-09 18:01 - 2015-11-25 06:33 - 03622272 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2015-12-09 18:01 - 2015-11-25 06:32 - 00113184 _____ (Microsoft Corporation) C:\WINDOWS\system32\userenv.dll
2015-12-09 18:01 - 2015-11-25 06:27 - 01366680 _____ (Microsoft Corporation) C:\WINDOWS\system32\user32.dll
2015-12-09 18:01 - 2015-11-25 06:12 - 04047288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe
2015-12-09 18:01 - 2015-11-25 06:11 - 01532984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
2015-12-09 18:01 - 2015-11-25 06:09 - 01310880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\user32.dll
2015-12-09 18:01 - 2015-11-25 06:01 - 02879024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2015-12-09 18:01 - 2015-11-25 05:59 - 00092992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\userenv.dll
2015-12-09 18:01 - 2015-11-25 05:49 - 01569280 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Globalization.dll
2015-12-09 18:01 - 2015-11-25 05:49 - 00498688 _____ (Microsoft Corporation) C:\WINDOWS\system32\WlanMediaManager.dll
2015-12-09 18:01 - 2015-11-25 05:49 - 00467456 _____ (Microsoft Corporation) C:\WINDOWS\system32\MBMediaManager.dll
2015-12-09 18:01 - 2015-11-25 05:49 - 00270336 _____ (Microsoft Corporation) C:\WINDOWS\system32\RasMediaManager.dll
2015-12-09 18:01 - 2015-11-25 05:48 - 00146944 _____ (Microsoft Corporation) C:\WINDOWS\system32\EthernetMediaManager.dll
2015-12-09 18:01 - 2015-11-25 05:48 - 00126464 _____ (Microsoft Corporation) C:\WINDOWS\system32\DAMediaManager.dll
2015-12-09 18:01 - 2015-11-25 05:44 - 21872640 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2015-12-09 18:01 - 2015-11-25 05:42 - 24592384 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2015-12-09 18:01 - 2015-11-25 05:37 - 02350592 _____ (Microsoft Corporation) C:\WINDOWS\system32\authui.dll
2015-12-09 18:01 - 2015-11-25 05:36 - 01710592 _____ (Microsoft Corporation) C:\WINDOWS\system32\SRHInproc.dll
2015-12-09 18:01 - 2015-11-25 05:36 - 00022528 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usb8023.sys
2015-12-09 18:01 - 2015-11-25 05:35 - 00929792 _____ (Microsoft Corporation) C:\WINDOWS\system32\SRH.dll
2015-12-09 18:01 - 2015-11-25 05:35 - 00845824 _____ (Microsoft Corporation) C:\WINDOWS\system32\Magnify.exe
2015-12-09 18:01 - 2015-11-25 05:34 - 12504576 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2015-12-09 18:01 - 2015-11-25 05:31 - 00121344 _____ (Microsoft Corporation) C:\WINDOWS\system32\DAMM.dll
2015-12-09 18:01 - 2015-11-25 05:30 - 00171008 _____ (Microsoft Corporation) C:\WINDOWS\system32\dot3mm.dll
2015-12-09 18:01 - 2015-11-25 05:30 - 00147968 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rmcast.sys
2015-12-09 18:01 - 2015-11-25 05:30 - 00080896 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hdaudbus.sys
2015-12-09 18:01 - 2015-11-25 05:29 - 01649152 _____ (Microsoft Corporation) C:\WINDOWS\system32\comsvcs.dll
2015-12-09 18:01 - 2015-11-25 05:29 - 00355328 _____ (Microsoft Corporation) C:\WINDOWS\system32\ninput.dll
2015-12-09 18:01 - 2015-11-25 05:28 - 00572928 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2015-12-09 18:01 - 2015-11-25 05:28 - 00523776 _____ (Microsoft Corporation) C:\WINDOWS\system32\catsrvut.dll
2015-12-09 18:01 - 2015-11-25 05:27 - 02180608 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2015-12-09 18:01 - 2015-11-25 05:26 - 00849408 _____ (Microsoft Corporation) C:\WINDOWS\system32\comdlg32.dll
2015-12-09 18:01 - 2015-11-25 05:26 - 00181760 _____ (Microsoft Corporation) C:\WINDOWS\system32\shutdownux.dll
2015-12-09 18:01 - 2015-11-25 05:25 - 00324096 _____ (Microsoft Corporation) C:\WINDOWS\system32\profsvc.dll
2015-12-09 18:01 - 2015-11-25 05:25 - 00067072 _____ (Microsoft Corporation) C:\WINDOWS\system32\profext.dll
2015-12-09 18:01 - 2015-11-25 05:23 - 19323392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2015-12-09 18:01 - 2015-11-25 05:23 - 03588096 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2015-12-09 18:01 - 2015-11-25 05:23 - 00587776 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieui.dll
2015-12-09 18:01 - 2015-11-25 05:22 - 01717248 _____ (Microsoft Corporation) C:\WINDOWS\system32\GdiPlus.dll
2015-12-09 18:01 - 2015-11-25 05:22 - 01383424 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2015-12-09 18:01 - 2015-11-25 05:22 - 00603648 _____ (Microsoft Corporation) C:\WINDOWS\system32\duser.dll
2015-12-09 18:01 - 2015-11-25 05:22 - 00007168 _____ (Microsoft Corporation) C:\WINDOWS\system32\kbdgeoqw.dll
2015-12-09 18:01 - 2015-11-25 05:22 - 00007168 _____ (Microsoft Corporation) C:\WINDOWS\system32\KBDAZST.DLL
2015-12-09 18:01 - 2015-11-25 05:22 - 00007168 _____ (Microsoft Corporation) C:\WINDOWS\system32\KBDAZEL.DLL
2015-12-09 18:01 - 2015-11-25 05:22 - 00007168 _____ (Microsoft Corporation) C:\WINDOWS\system32\KBDAZE.DLL
2015-12-09 18:01 - 2015-11-25 05:19 - 01795584 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.dll
2015-12-09 18:01 - 2015-11-25 05:19 - 00185344 _____ (Microsoft Corporation) C:\WINDOWS\system32\psmsrv.dll
2015-12-09 18:01 - 2015-11-25 05:18 - 01233920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Globalization.dll
2015-12-09 18:01 - 2015-11-25 05:17 - 00774656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SRH.dll
2015-12-09 18:01 - 2015-11-25 05:16 - 01442816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SRHInproc.dll
2015-12-09 18:01 - 2015-11-25 05:16 - 00786432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Magnify.exe
2015-12-09 18:01 - 2015-11-25 05:13 - 02153984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\authui.dll
2015-12-09 18:01 - 2015-11-25 05:11 - 00296960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ninput.dll
2015-12-09 18:01 - 2015-11-25 05:10 - 18801664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2015-12-09 18:01 - 2015-11-25 05:10 - 01328128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\comsvcs.dll
2015-12-09 18:01 - 2015-11-25 05:10 - 00503296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2015-12-09 18:01 - 2015-11-25 05:10 - 00415744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\catsrvut.dll
2015-12-09 18:01 - 2015-11-25 05:08 - 00749568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\comdlg32.dll
2015-12-09 18:01 - 2015-11-25 05:07 - 00053248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\profext.dll
2015-12-09 18:01 - 2015-11-25 05:05 - 11263488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2015-12-09 18:01 - 2015-11-25 05:04 - 01467392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GdiPlus.dll
2015-12-09 18:01 - 2015-11-25 05:04 - 00480768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\duser.dll
2015-12-09 18:01 - 2015-11-25 05:04 - 00474624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieui.dll
2015-12-09 18:01 - 2015-11-25 05:04 - 00007168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kbdgeoqw.dll
2015-12-09 18:01 - 2015-11-25 05:04 - 00007168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KBDAZST.DLL
2015-12-09 18:01 - 2015-11-25 05:04 - 00007168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KBDAZEL.DLL
2015-12-09 18:01 - 2015-11-25 05:04 - 00007168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KBDAZE.DLL
2015-12-09 18:01 - 2015-11-25 03:52 - 00775312 _____ C:\WINDOWS\SysWOW64\locale.nls
2015-12-09 18:01 - 2015-11-25 03:52 - 00775312 _____ C:\WINDOWS\system32\locale.nls
2015-12-08 17:10 - 2015-12-12 09:27 - 00192216 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2015-12-08 17:10 - 2015-12-08 17:10 - 00001177 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2015-12-08 17:10 - 2015-12-08 17:10 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2015-12-08 17:10 - 2015-12-08 17:10 - 00000000 ____D C:\ProgramData\Malwarebytes
2015-12-08 17:10 - 2015-12-08 17:10 - 00000000 ____D C:\Program Files (x86)\Malwarebytes Anti-Malware
2015-12-08 17:10 - 2015-10-05 09:50 - 00109272 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamchameleon.sys
2015-12-08 17:10 - 2015-10-05 09:50 - 00064216 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mwac.sys
2015-12-08 17:10 - 2015-10-05 09:50 - 00025816 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbam.sys
2015-12-08 17:09 - 2015-12-08 17:09 - 22908888 _____ (Malwarebytes ) C:\Users\yao-media\Downloads\mbam-setup-2.2.0.1024.exe
2015-12-08 17:08 - 2015-12-08 17:09 - 01738240 _____ C:\Users\yao-media\Downloads\adwcleaner_5.024 (2).exe
2015-12-08 16:14 - 2015-12-08 16:14 - 01738240 _____ C:\Users\yao-media\Downloads\adwcleaner_5.024 (1).exe
2015-12-08 14:48 - 2015-12-08 14:48 - 01738240 _____ C:\Users\yao-media\Downloads\adwcleaner_5.024.exe
2015-12-05 21:14 - 2015-12-05 21:14 - 00284112 _____ C:\WINDOWS\Minidump\120515-35546-01.dmp
2015-12-04 15:55 - 2015-12-04 15:55 - 00000601 _____ C:\Users\yao-media\Downloads\fchpb05.txt
2015-12-03 15:46 - 2015-12-04 09:40 - 00000000 ____D C:\Program Files (x86)\Mozilla Thunderbird
2015-12-02 08:32 - 2015-12-02 08:32 - 00284112 _____ C:\WINDOWS\Minidump\120215-24734-01.dmp
2015-12-01 19:42 - 2015-12-01 19:42 - 00292304 _____ C:\WINDOWS\Minidump\120115-30890-01.dmp
2015-12-01 12:47 - 2015-12-01 12:47 - 00001075 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe InDesign CC 2014.lnk
2015-12-01 12:42 - 2015-12-01 12:42 - 00001621 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Application Manager.lnk
2015-12-01 12:42 - 2015-12-01 12:42 - 00001609 _____ C:\Users\Public\Desktop\Adobe Application Manager.lnk
2015-12-01 10:48 - 2015-12-01 10:48 - 00000522 _____ C:\Users\yao-media\Desktop\HOSTS_YAO.txt
2015-11-29 19:52 - 2015-11-29 19:52 - 00292360 _____ C:\WINDOWS\Minidump\112915-50500-01.dmp
2015-11-29 19:51 - 2015-12-05 21:14 - 999282059 _____ C:\WINDOWS\MEMORY.DMP
2015-11-28 13:57 - 2015-11-28 13:57 - 00000219 _____ C:\Users\yao-media\Desktop\Dota 2.url
2015-11-28 13:54 - 2015-11-28 13:54 - 00000218 _____ C:\Users\yao-media\Desktop\Day of Defeat.url
2015-11-25 17:53 - 2015-11-25 17:53 - 00000218 _____ C:\Users\yao-media\Desktop\Counter-Strike.url
2015-11-25 17:39 - 2015-11-25 17:39 - 00001583 _____ C:\Users\yao-media\Desktop\Half-Life.lnk
2015-11-25 17:39 - 2015-11-25 17:39 - 00000057 _____ C:\WINDOWS\sierra.ini
2015-11-25 17:39 - 2015-11-25 17:39 - 00000000 ____D C:\Users\yao-media\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Sierra
2015-11-25 17:39 - 2015-11-25 17:39 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sierra
2015-11-25 17:37 - 2015-11-25 17:37 - 00000000 ____D C:\Sierra
2015-11-23 08:02 - 2015-12-12 09:29 - 00004162 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{75721034-2A34-4F50-9DC4-E2C388065EE7}
2015-11-20 13:55 - 2015-12-11 12:24 - 00005292 _____ C:\WINDOWS\System32\Tasks\Microsoft Office 15 Sync Maintenance for Yao-yao-media Yao
2015-11-19 15:50 - 2015-11-19 15:50 - 00000000 ____D C:\Users\yao-media\AppData\LocalLow\Temp
2015-11-19 15:16 - 2015-11-19 15:16 - 00002679 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Project.lnk
2015-11-19 15:16 - 2015-11-19 15:16 - 00000000 ____D C:\WINDOWS\Msagent
2015-11-19 15:16 - 2015-11-19 15:16 - 00000000 ____D C:\Users\yao-media\AppData\Roaming\Microsoft Web Folders
2015-11-19 15:16 - 2015-11-19 15:16 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Outils Microsoft Office
2015-11-19 14:42 - 2015-11-19 14:42 - 00000000 ____D C:\WINDOWS\PCHEALTH
2015-11-19 14:42 - 2015-11-19 14:42 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013
2015-11-19 14:42 - 2015-11-19 14:42 - 00000000 ____D C:\Program Files\Common Files\DESIGNER
2015-11-19 14:41 - 2015-11-19 14:41 - 00000000 __RHD C:\MSOCache
2015-11-19 14:41 - 2015-11-19 14:41 - 00000000 ____D C:\Program Files\Microsoft Analysis Services
2015-11-19 14:41 - 2015-11-19 14:41 - 00000000 ____D C:\Program Files (x86)\Microsoft Analysis Services
2015-11-19 13:10 - 2014-08-06 10:27 - 00040664 _____ (The OpenVPN Project) C:\WINDOWS\system32\Drivers\tap0901.sys
2015-11-19 13:07 - 2015-11-19 14:42 - 00000000 ____D C:\Program Files\Microsoft Office
2015-11-19 13:07 - 2015-11-19 13:07 - 00000000 ____D C:\Users\yao-media\AppData\Local\Microsoft Help
2015-11-19 13:03 - 2015-11-19 13:03 - 00003348 _____ C:\Users\yao-media\.ganttproject
2015-11-19 12:36 - 2015-11-19 12:36 - 00097888 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\WindowsAccessBridge-32.dll
2015-11-19 12:36 - 2015-11-19 12:36 - 00000000 ____D C:\Users\yao-media\AppData\Roaming\Sun
2015-11-19 12:36 - 2015-11-19 12:36 - 00000000 ____D C:\Users\yao-media\AppData\LocalLow\Sun
2015-11-19 12:36 - 2015-11-19 12:36 - 00000000 ____D C:\Users\yao-media\.oracle_jre_usage
2015-11-19 12:36 - 2015-11-19 12:36 - 00000000 ____D C:\ProgramData\Oracle
2015-11-19 12:36 - 2015-11-19 12:36 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2015-11-19 12:36 - 2015-11-19 12:36 - 00000000 ____D C:\Program Files (x86)\Java
2015-11-19 12:35 - 2015-11-19 12:35 - 00000000 ____D C:\Users\yao-media\AppData\LocalLow\Oracle
2015-11-19 11:06 - 2015-11-19 11:06 - 00000000 ____D C:\Users\yao-media\AppData\Roaming\Planning3
2015-11-19 11:06 - 2015-11-19 11:06 - 00000000 ____D C:\Program Files (x86)\SPELL Planning
2015-11-19 11:05 - 2015-11-19 11:05 - 00000000 ____D C:\Users\yao-media\AppData\Local\WDSetup
2015-11-18 19:10 - 2015-11-18 19:10 - 00000000 ____D C:\Users\Public\Documents\sun
2015-11-18 19:05 - 2015-11-18 19:05 - 00001092 _____ C:\Users\Public\Desktop\OpenOffice 4.1.2.lnk
2015-11-18 19:05 - 2015-11-18 19:05 - 00000000 ___SD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OpenOffice 4.1.2
2015-11-18 19:02 - 2015-11-18 19:02 - 00000000 ____D C:\Users\yao-media\Desktop\OpenOffice 4.1.2 (fr) Installation Files
2015-11-15 17:46 - 2015-11-15 17:47 - 00016384 ___SH C:\Users\yao-media\Desktop\Thumbs.db
2015-11-14 12:54 - 2015-11-14 12:55 - 00000000 ____D C:\Users\yao-media\Desktop\test image

==================== Un mois - Modifiés - fichiers et dossiers ========

(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)

2015-12-12 09:31 - 2015-07-10 12:04 - 00000000 ____D C:\WINDOWS\AppReadiness
2015-12-12 09:30 - 2015-07-10 12:04 - 00000000 ___HD C:\Program Files\WindowsApps
2015-12-12 09:29 - 2015-08-20 22:33 - 01842682 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2015-12-12 09:29 - 2015-07-10 17:24 - 00823494 _____ C:\WINDOWS\system32\perfh00C.dat
2015-12-12 09:29 - 2015-07-10 17:24 - 00155306 _____ C:\WINDOWS\system32\perfc00C.dat
2015-12-12 09:29 - 2015-07-10 12:02 - 00000000 ____D C:\WINDOWS\INF
2015-12-12 09:28 - 2015-08-09 14:06 - 00001084 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2015-12-12 09:26 - 2015-08-09 14:06 - 00001080 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2015-12-12 09:26 - 2015-06-18 12:27 - 00000000 ____D C:\Program Files (x86)\Steam
2015-12-12 09:25 - 2015-09-20 10:19 - 00000180 _____ C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2015-12-12 09:25 - 2015-06-29 16:02 - 00000000 __SHD C:\Users\yao-media\IntelGraphicsProfiles
2015-12-11 20:30 - 2015-07-10 13:21 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2015-12-11 20:29 - 2015-08-09 13:43 - 00000000 ____D C:\ProgramData\panda_url_filtering
2015-12-11 20:29 - 2015-07-10 10:05 - 00262144 ___SH C:\WINDOWS\system32\config\BBI
2015-12-11 20:29 - 2015-06-18 12:25 - 00065536 _____ C:\WINDOWS\system32\spu_storage.bin
2015-12-11 20:27 - 2015-08-13 12:41 - 00000000 ____D C:\Users\yao-media\AppData\Roaming\uTorrent
2015-12-11 20:27 - 2015-07-10 12:04 - 00000000 ____D C:\WINDOWS\system32\oobe
2015-12-11 20:27 - 2015-07-10 10:05 - 00000000 ____D C:\Windows
2015-12-11 13:06 - 2015-08-05 16:04 - 00000000 ____D C:\ProgramData\FLEXnet
2015-12-11 13:03 - 2015-09-03 16:01 - 00000000 ____D C:\Users\yao-media\Desktop\3d_yao
2015-12-11 12:21 - 2015-07-10 11:55 - 00000000 ____D C:\WINDOWS\CbsTemp
2015-12-11 12:13 - 2015-08-13 10:24 - 00000000 ____D C:\Users\yao-media\Desktop\3d
2015-12-11 07:15 - 2015-08-13 12:48 - 00000000 ____D C:\Users\yao-media\AppData\Roaming\BitTorrent
2015-12-11 07:14 - 2015-08-09 13:42 - 00000000 ____D C:\Program Files (x86)\pandasecuritytb
2015-12-11 06:53 - 2015-08-13 09:36 - 00000000 ____D C:\AdwCleaner
2015-12-11 03:35 - 2015-06-29 16:03 - 00000000 ____D C:\Users\yao-media\AppData\Local\Packages
2015-12-10 15:14 - 2015-08-14 12:18 - 00000000 ____D C:\Users\yao-media\Desktop\ARCHI_2015
2015-12-10 14:25 - 2015-08-20 22:17 - 00000000 ____D C:\Users\yao-media
2015-12-09 13:31 - 2015-08-20 22:35 - 00002260 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2015-12-09 08:18 - 2015-08-05 17:20 - 00000000 ____D C:\Users\yao-media\AppData\Local\cache
2015-12-08 20:46 - 2015-09-27 16:08 - 00000000 ____D C:\Users\yao-media\Desktop\VIDEO
2015-12-08 17:49 - 2015-07-11 08:45 - 00000000 ____D C:\Users\yao-media\AppData\Roaming\4C4C4544-1436600713-3410-8054-B1C04F533332
2015-12-08 17:49 - 2015-07-10 12:04 - 00000000 ____D C:\WINDOWS\LiveKernelReports
2015-12-08 17:34 - 2015-08-21 08:21 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dell
2015-12-08 17:34 - 2015-06-29 16:13 - 00000000 ____D C:\Program Files\Dell
2015-12-08 16:16 - 2015-08-09 14:07 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2015-12-06 17:34 - 2015-08-20 23:09 - 00000000 ___DC C:\WINDOWS\Panther
2015-12-06 17:32 - 2015-10-30 20:24 - 00000000 ___HD C:\$WINDOWS.~BT
2015-12-05 21:14 - 2015-08-20 22:28 - 00000000 ____D C:\WINDOWS\Minidump
2015-12-05 21:13 - 2015-09-02 07:09 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2015-12-02 14:23 - 2015-08-09 14:06 - 00004142 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2015-12-02 14:23 - 2015-08-09 14:06 - 00003910 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
2015-12-02 11:02 - 2015-10-14 18:50 - 00000034 _____ C:\Users\yao-media\AppData\Roaming\AdobeWLCMCache.dat
2015-12-02 10:40 - 2015-08-20 08:48 - 00000000 ____D C:\Users\yao-media\Documents\Scan
2015-12-01 16:11 - 2015-08-13 10:34 - 00000000 ____D C:\Users\yao-media\AppData\Local\ElevatedDiagnostics
2015-12-01 12:42 - 2015-08-10 12:13 - 00000000 ____D C:\Program Files\Adobe
2015-12-01 10:53 - 2015-08-10 12:08 - 00000000 ____D C:\Users\yao-media\AppData\Local\Adobe
2015-12-01 10:47 - 2015-08-14 11:34 - 00000995 _____ C:\Users\yao-media\Documents\hosts.txt
2015-12-01 10:34 - 2015-07-10 12:04 - 00000000 ____D C:\WINDOWS\system32\NDF
2015-12-01 01:32 - 2015-10-02 08:40 - 00826872 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2015-12-01 01:32 - 2015-10-02 08:40 - 00176632 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2015-11-29 19:52 - 2015-07-10 13:20 - 04890296 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2015-11-28 13:57 - 2015-10-26 13:01 - 00000000 ____D C:\Users\yao-media\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2015-11-25 13:33 - 2015-08-10 13:05 - 00000000 ____D C:\ProgramData\regid.1986-12.com.adobe
2015-11-25 13:09 - 2015-06-29 16:03 - 00000000 ____D C:\Users\yao-media\AppData\Roaming\Adobe
2015-11-25 13:06 - 2015-06-18 12:15 - 00000000 ____D C:\ProgramData\Package Cache
2015-11-25 10:19 - 2015-08-21 07:59 - 00000000 ____D C:\Users\yao-media\AppData\Local\Comms
2015-11-24 10:28 - 2015-08-13 10:01 - 00000000 ____D C:\Users\yao-media\Desktop\NORAH_2014
2015-11-24 09:47 - 2015-08-14 07:23 - 00000000 ____D C:\Program Files\Recuva
2015-11-19 15:17 - 2015-07-06 20:26 - 00000262 _____ C:\WINDOWS\ODBC.INI
2015-11-19 15:16 - 2015-07-10 17:28 - 00000000 ____D C:\WINDOWS\ShellNew
2015-11-19 15:16 - 2015-07-10 12:04 - 00000000 ____D C:\WINDOWS\Help
2015-11-19 15:16 - 2015-06-18 12:28 - 00000000 ____D C:\Program Files (x86)\Microsoft Office
2015-11-19 15:15 - 2015-07-10 12:04 - 00000000 ____D C:\WINDOWS\System
2015-11-19 14:42 - 2015-07-10 12:04 - 00000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2015-11-19 14:42 - 2015-07-10 12:04 - 00000000 ____D C:\Program Files\Common Files\microsoft shared
2015-11-19 14:37 - 2015-08-10 13:29 - 00000000 ____D C:\Users\yao-media\Desktop\ADMIN_2015
2015-11-18 19:05 - 2015-08-09 14:41 - 00000000 ____D C:\Program Files (x86)\OpenOffice 4
2015-11-13 16:24 - 2015-07-10 12:04 - 00000000 ____D C:\WINDOWS\rescache
2015-11-13 16:10 - 2015-09-28 10:07 - 00000000 ____D C:\Users\yao-media\AppData\Roaming\DAEMON Tools Lite
2015-11-12 03:30 - 2015-07-10 12:04 - 00000000 ____D C:\WINDOWS\system32\appraiser

==================== Fichiers à la racine de certains dossiers =======

2015-10-14 18:50 - 2015-12-02 11:02 - 0000034 _____ () C:\Users\yao-media\AppData\Roaming\AdobeWLCMCache.dat
2015-10-21 20:13 - 2015-10-21 20:13 - 0003584 _____ () C:\Users\yao-media\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2015-08-05 15:31 - 2015-08-05 15:31 - 0000153 _____ () C:\ProgramData\Microsoft.SqlServer.Compact.351.32.bc

==================== Bamital & volsnap =================

(Il n'y a pas de correction automatique pour les fichiers qui ne satisfont pas à la vérification.)

C:\WINDOWS\system32\winlogon.exe => Le fichier est signé numériquement
C:\WINDOWS\system32\wininit.exe => Le fichier est signé numériquement
C:\WINDOWS\explorer.exe => Le fichier est signé numériquement
C:\WINDOWS\SysWOW64\explorer.exe => Le fichier est signé numériquement
C:\WINDOWS\system32\svchost.exe => Le fichier est signé numériquement
C:\WINDOWS\SysWOW64\svchost.exe => Le fichier est signé numériquement
C:\WINDOWS\system32\services.exe => Le fichier est signé numériquement
C:\WINDOWS\system32\User32.dll => Le fichier est signé numériquement
C:\WINDOWS\SysWOW64\User32.dll => Le fichier est signé numériquement
C:\WINDOWS\system32\userinit.exe => Le fichier est signé numériquement
C:\WINDOWS\SysWOW64\userinit.exe => Le fichier est signé numériquement
C:\WINDOWS\system32\rpcss.dll => Le fichier est signé numériquement
C:\WINDOWS\system32\dnsapi.dll => Le fichier est signé numériquement
C:\WINDOWS\SysWOW64\dnsapi.dll => Le fichier est signé numériquement
C:\WINDOWS\system32\Drivers\volsnap.sys => Le fichier est signé numériquement


LastRegBack: 2015-12-09 16:35

==================== Fin de FRST.txt ============================

Publicité


Signaler le contenu de ce document

Publicité