Publicité
Publicité
Format du document : text/plain
Prévisualisation
Résultats d'analyse de Farbar Recovery Scan Tool (FRST) (x86) Version:18-04-2016
Exécuté par Laurent (administrateur) sur LAURENT (22-04-2016 17:50:15)
Exécuté depuis M:\
Profils chargés: Laurent (Profils disponibles: Laurent)
Platform: Microsoft Windows 10 Professionnel (X86) Langue: Français (France)
Internet Explorer Version 11 (Navigateur par défaut: IE)
Mode d'amorçage: Normal
Tutoriel pour Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processus (Avec liste blanche) =================
(Si un élément est inclus dans le fichier fixlist.txt, le processus sera arrêté. Le fichier ne sera pas déplacé.)
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(BlueStack Systems, Inc.) C:\Program Files\BlueStacks\HD-LogRotatorService.exe
(BlueStack Systems, Inc.) C:\Program Files\BlueStacks\HD-UpdaterService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
(Native Instruments GmbH) C:\Program Files\Common Files\Native Instruments\Hardware\NIHardwareService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MpCmdRun.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\NisSrv.exe
(Disc Soft Ltd) C:\Program Files\DAEMON Tools Lite\DiscSoftBusService.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
(Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner.exe
(Anti-Valve Software ) C:\Program Files\cracked steam\Cracked Steam.exe
() C:\Users\Laurent\AppData\Local\Temp\is-306F4.tmp\Cracked Steam.tmp
(Microsoft Corporation) C:\Windows\System32\wbem\unsecapp.exe
==================== Registre (Avec liste blanche) ===========================
(Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé. Le fichier ne sera pas déplacé.)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe [12214528 2015-06-24] (Realtek Semiconductor)
HKLM\...\Run: [NvBackend] => C:\Program Files\NVIDIA Corporation\Update Core\NvBackend.exe [2787264 2016-01-12] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => "C:\WINDOWS\system32\rundll32.exe" C:\WINDOWS\system32\nvspcap.dll,ShadowPlayOnSystemStart
HKLM\...\Run: [BlueStacks Agent] => C:\Program Files\BlueStacks\HD-Agent.exe [896632 2015-07-22] (BlueStack Systems, Inc.)
HKLM\...\Run: [rec_be_217] => [X]
HKLM\...\Run: [ QQPCTray] => "C:\Program Files\Tencent\QQPCMgr\11.4.17339.217\QQPCTray.exe" /regrun
HKLM\...\Run: [SystemClose] => D:\Documents\systemfile.exe
HKLM\...\Run: [LightGate] => c:\programdata\lightgate.exe
HKLM\...\Run: [HomePageHelper] => c:\programdata\homepage.exe
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [164152 2016-03-19] (Apple Inc.)
HKLM\...\Run: [conhost.exe -start] => C:\Users\Laurent\AppData\Local\Temp\29419\conhost.exe -start <===== ATTENTION
HKLM\...\Winlogon: [Userinit] ,
HKU\S-1-5-21-349070587-518053807-3229101513-1001\...\Run: [DAEMON Tools Lite Automount] => C:\Program Files\DAEMON Tools Lite\DTAgent.exe [3576664 2015-06-18] (Disc Soft Ltd)
HKU\S-1-5-21-349070587-518053807-3229101513-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner.exe [6453528 2015-07-17] (Piriform Ltd)
HKU\S-1-5-21-349070587-518053807-3229101513-1001\...\Run: [Cracked Steam Service] => c:\program files\cracked steam\Cracked Steam.exe [337496 2011-05-06] (Anti-Valve Software )
HKU\S-1-5-21-349070587-518053807-3229101513-1001\...\Run: [msiql] => c:\programdata\msiql.exe /RUNNING
HKU\S-1-5-21-349070587-518053807-3229101513-1001\...\Run: [testLive] => c:\programdata\testlive.exe /RUNNING
HKU\S-1-5-21-349070587-518053807-3229101513-1001\...\MountPoints2: {69fa6f66-6ce1-11e5-972e-001fe254785f} - "N:\TmUnitedForever_Setup.exe"
HKU\S-1-5-21-349070587-518053807-3229101513-1001\...\MountPoints2: {daaf0e8e-4b6f-11e5-971f-001fe254785f} - "J:\TmUnitedForever_Setup.exe"
HKU\S-1-5-21-349070587-518053807-3229101513-1001\...\MountPoints2: {dda44def-4585-11e5-971b-001fe254785f} - "K:\Delicious12.exe"
HKU\S-1-5-21-349070587-518053807-3229101513-1001\...\MountPoints2: {dda4519f-4585-11e5-971b-001fe254785f} - "J:\setup.exe"
HKU\S-1-5-21-349070587-518053807-3229101513-1001\...\Winlogon: [Shell] C:\Users\Laurent\AppData\Local\Temp\195F91226C82852D.exe <==== ATTENTION
AppInit_DLLs: C:\ProgramData\Hayzumflex\SoloQuotex.dll => C:\ProgramData\Hayzumflex\SoloQuotex.dll [257536 2016-02-26] ()
ShellIconOverlayIdentifiers: [###MegaShellExtPending] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => C:\ProgramData\MEGAsync\ShellExtX32.dll [2014-05-01] ()
ShellIconOverlayIdentifiers: [###MegaShellExtSynced] -> {05B38830-F4E9-4329-978B-1DD28605D202} => C:\ProgramData\MEGAsync\ShellExtX32.dll [2014-05-01] ()
ShellIconOverlayIdentifiers: [###MegaShellExtSyncing] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => C:\ProgramData\MEGAsync\ShellExtX32.dll [2014-05-01] ()
GroupPolicy: Restriction - Chrome <======= ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Restriction <======= ATTENTION
==================== Internet (Avec liste blanche) ====================
(Si un élément est inclus dans le fichier fixlist.txt, s'il s'agit d'un élément du Registre, il sera supprimé ou restauré à la valeur par défaut.)
Winsock: Catalog5 01 Pas de fichier
Winsock: Catalog5 02 Pas de fichier
Winsock: Catalog5 03 Pas de fichier
Hosts: Il y a plus d'un élément dans hosts. Voir la section Hosts de Addition.txt
Tcpip\Parameters: [DhcpNameServer] 195.130.130.1 195.130.131.1
Tcpip\Parameters: [NameServer] 82.163.143.171 82.163.142.173
Tcpip\..\Interfaces\{b164dfd2-91b7-422f-9242-44e27b2b041e}: [DhcpNameServer] 195.130.130.1 195.130.131.1
Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.l114la.com
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://google.com
HKU\S-1-5-21-349070587-518053807-3229101513-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.l114la.com
SearchScopes: HKLM -> DefaultScope la valeur est absente
SearchScopes: HKLM -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1
SearchScopes: HKU\S-1-5-21-349070587-518053807-3229101513-1001 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1
SearchScopes: HKU\S-1-5-21-349070587-518053807-3229101513-1001 -> OldSearch URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1
SearchScopes: HKU\S-1-5-21-349070587-518053807-3229101513-1001 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1
BHO: Adblock Plus for IE Browser Helper Object -> {FFCB3198-32F3-4E8B-9539-4324694ED664} -> C:\Program Files\Adblock Plus for IE\AdblockPlus32.dll [2015-02-25] (Eyeo GmbH)
StartMenuInternet: IEXPLORE.EXE - C:\Program Files\Internet Explorer\iexplore.exe
Edge:
======
Edge HomeButtonPage: HKU\S-1-5-21-349070587-518053807-3229101513-1001 -> hxxp://www.omniboxes.com/?type=hp&ts=1447332781&z=cec9967d8e175271a6f402cg8zdz5mcc0c7odm9m8t&from=wpm07163&uid=SAMSUNGXHD252HJ_S17HJDWQ930445
FireFox:
========
FF ProfilePath: C:\Users\Laurent\AppData\Roaming\Mozilla\Firefox\Profiles\41A66E7E5EE1
FF Plugin: @Apple.com/iTunes,version=1.0 -> C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll [2016-03-08] ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-13] ( Microsoft Corporation)
==================== Services (Avec liste blanche) ========================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
S3 BstHdAndroidSvc; C:\Program Files\BlueStacks\HD-Service.exe [433784 2015-06-16] (BlueStack Systems, Inc.)
R2 BstHdLogRotatorSvc; C:\Program Files\BlueStacks\HD-LogRotatorService.exe [413304 2015-06-16] (BlueStack Systems, Inc.)
R2 BstHdUpdaterSvc; C:\Program Files\BlueStacks\HD-UpdaterService.exe [831096 2015-07-21] (BlueStack Systems, Inc.)
R3 Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusService.exe [1034584 2015-06-18] (Disc Soft Ltd)
R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [929728 2016-01-12] (NVIDIA Corporation)
S2 MBAMService; C:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe [1133880 2015-06-18] (Malwarebytes Corporation)
R2 NIHardwareService; C:\Program Files\Common Files\Native Instruments\Hardware\NIHardwareService.exe [10505008 2014-11-25] (Native Instruments GmbH)
S2 NvNetworkService; C:\Program Files\NVIDIA Corporation\NetService\NvNetworkService.exe [1879488 2016-01-12] (NVIDIA Corporation)
S3 NvStreamNetworkSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe [5178816 2016-01-12] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe [3996608 2016-01-12] (NVIDIA Corporation)
R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [277760 2015-07-10] (Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23264 2015-07-10] (Microsoft Corporation)
S2 GoogleChromeUpService; pas de ImagePath
S2 GoogleChromeUpSvc; C:\Users\Laurent\AppData\Roaming\svrupg.exe /s GoogleChromeUpSvc /uid:51477 /local:br [X]
S2 kefejuwizbt; pas de ImagePath
S2 rijufoze; pas de ImagePath
S2 rocufyky; pas de ImagePath
S2 zigipyro; pas de ImagePath
===================== Pilotes (Avec liste blanche) ==========================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
R2 BstHdDrv; C:\Program Files\BlueStacks\HD-Hypervisor-x86.sys [131704 2015-06-16] (BlueStack Systems)
R3 dtlitescsibus; C:\WINDOWS\System32\drivers\dtlitescsibus.sys [25016 2015-08-18] (Disc Soft Ltd)
S3 FairplayKD; C:\ProgramData\MTA San Andreas All\Common\temp\FairplayKD.sys [71952 2015-10-17] (Multi Theft Auto)
R3 MBAMProtector; C:\WINDOWS\system32\drivers\mbam.sys [23256 2015-06-18] (Malwarebytes Corporation)
S3 MBAMWebAccessControl; C:\WINDOWS\system32\drivers\mwac.sys [51928 2015-06-18] (Malwarebytes Corporation)
R3 nvvad_WaveExtensible; C:\WINDOWS\system32\drivers\nvvad32v.sys [42128 2015-12-18] (NVIDIA Corporation)
R3 rt640x86; C:\WINDOWS\System32\drivers\rt640x86.sys [492032 2015-07-10] (Realtek )
S3 Secdrv; C:\WINDOWS\system32\drivers\SECDRV.SYS [11968 2000-07-11] () [Fichier non signé]
R0 sfdrv01a; C:\WINDOWS\System32\drivers\sfdrv01a.sys [63096 2009-02-03] (Protection Technology (StarForce))
R0 sfvfs02; C:\WINDOWS\System32\drivers\sfvfs02.sys [83320 2007-02-08] (Protection Technology (StarForce))
R3 teVirtualMIDI32; C:\WINDOWS\system32\DRIVERS\teVirtualMIDI32.sys [34360 2014-03-19] (Tobias Erichsen)
S1 UCGuard; C:\WINDOWS\System32\DRIVERS\ucguard.sys [75504 2016-03-08] (Huorong Borui (Beijing) Technology Co., Ltd.)
S3 UdeCx; C:\WINDOWS\System32\drivers\udecx.sys [31744 2015-07-10] ()
S0 WdBoot; C:\WINDOWS\System32\drivers\WdBoot.sys [37400 2015-07-10] (Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\WdFilter.sys [245600 2015-07-10] (Microsoft Corporation)
R2 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [97632 2015-07-10] (Microsoft Corporation)
R3 WUDFWpdMtp; C:\WINDOWS\System32\drivers\WUDFRd.sys [161792 2015-07-10] (Microsoft Corporation)
S3 xusb22; C:\WINDOWS\System32\drivers\xusb22.sys [72704 2015-07-10] (Microsoft Corporation)
S3 wfpcapture; \SystemRoot\System32\drivers\wfpcapture.sys [X]
S1 {a11dc8d2-dcd1-4fde-8241-07146b8ed9cc}Gw; system32\drivers\{a11dc8d2-dcd1-4fde-8241-07146b8ed9cc}Gw.sys [X]
S1 {dadf6ae1-4000-408d-a830-dac594b6f02c}Gw; system32\drivers\{dadf6ae1-4000-408d-a830-dac594b6f02c}Gw.sys [X]
S1 {e432fd27-9a5f-42df-99b8-f298ddb6da56}Gw; system32\drivers\{e432fd27-9a5f-42df-99b8-f298ddb6da56}Gw.sys [X]
==================== NetSvcs (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
==================== Un mois - Créés - fichiers et dossiers ========
(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)
2016-04-22 17:49 - 2016-04-22 17:50 - 00000000 ____D C:\FRST
2016-04-22 17:48 - 2016-04-22 17:48 - 00016148 _____ C:\WINDOWS\system32\LAURENT_Laurent_HistoryPrediction.bin
2016-04-22 16:40 - 2016-04-22 17:49 - 00000214 _____ C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job
2016-04-18 14:21 - 2016-04-18 14:43 - 00353790 _____ C:\WINDOWS\ntbtlog.txt
2016-04-18 13:05 - 2016-04-18 13:24 - 00000000 ____D C:\AdwCleaner
2016-04-18 13:01 - 2016-04-04 18:14 - 00090872 _____ (Tencent Technology(Shenzhen) Company Limited) C:\WINDOWS\system32\Drivers\TAOKernelEx.sys
2016-04-18 12:09 - 2016-04-18 12:10 - 02190336 _____ C:\Users\Laurent\Downloads\ZHPDiag3 (1).exe
2016-04-18 11:48 - 2016-04-18 11:48 - 00000000 ____D C:\Users\Laurent\AppData\Local\ElevatedDiagnostics
2016-04-18 11:35 - 2016-04-18 11:35 - 00002167 _____ C:\ProgramData\service.exe.lnk
2016-04-18 11:34 - 2016-04-18 11:34 - 00002169 _____ C:\ProgramData\testLive.exe.lnk
2016-04-16 17:41 - 2016-04-18 11:31 - 00114632 _____ (深圳市迅雷网络技术有限公司) C:\WINDOWS\system32\xldl.dll
2016-04-16 17:41 - 2016-04-16 17:41 - 00000000 ____D C:\WINDOWS\system32\download
2016-04-16 17:41 - 2016-04-16 17:41 - 00000000 ____D C:\Users\Public\Thunder Network
2016-04-16 17:41 - 2016-04-16 17:41 - 00000000 ____D C:\ProgramData\Thunder Network
2016-04-16 17:41 - 2016-04-15 16:48 - 01265152 _____ C:\ProgramData\conhost.exe
2016-04-16 17:41 - 2016-04-14 18:08 - 01274368 _____ C:\ProgramData\MiniFriv01.exe
2016-04-16 17:40 - 2016-04-06 00:37 - 00114176 _____ C:\ProgramData\hp.exe
2016-04-13 17:01 - 2008-02-06 14:38 - 67108864 _____ C:\Users\Laurent\Desktop\1992 - Assassins Creed - Altairs Chronicles (U)(Micronauts).nds
2016-04-13 15:21 - 2016-04-13 15:21 - 00000000 ____D C:\Users\Laurent\Downloads\Crisis_Core_Final_Fantasy_VII_EUR_ENGLiSH_PSP-BAHAMUT
2016-04-13 15:11 - 2016-04-13 15:20 - 1010199000 _____ C:\Users\Laurent\Downloads\Crisis_Core_Final_Fantasy_VII_EUR_ENGLiSH_PSP-BAHAMUT.rar
2016-04-13 15:05 - 2016-04-13 15:06 - 07672257 _____ C:\Users\Laurent\Downloads\apeacademy2.zip
2016-04-13 14:50 - 2016-04-13 14:50 - 00000000 ____D C:\Users\Laurent\Documents\Xilisoft
2016-04-13 14:50 - 2016-04-13 14:50 - 00000000 ____D C:\Users\Laurent\AppData\Roaming\Xilisoft
2016-04-13 14:49 - 2016-04-13 14:54 - 00002222 _____ C:\Users\Public\Desktop\Xilisoft Transfert iPad PC.lnk
2016-04-13 14:49 - 2016-04-13 14:49 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Xilisoft
2016-04-13 14:48 - 2016-04-13 14:48 - 00000000 ____D C:\ProgramData\Xilisoft
2016-04-13 14:48 - 2016-04-13 14:48 - 00000000 ____D C:\Program Files\Xilisoft
2016-04-13 14:47 - 2016-04-13 14:48 - 76447920 _____ C:\Users\Laurent\Downloads\x-ipad-to-pc-transfer-601170.exe
2016-04-13 14:23 - 2016-04-13 16:16 - 00000000 ____D C:\WINDOWS\Panther
2016-04-13 14:23 - 2016-03-29 08:22 - 02987008 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2016-04-13 14:23 - 2016-03-16 06:21 - 02903232 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSService.dll
2016-04-13 14:23 - 2016-03-16 06:21 - 01767000 _____ C:\WINDOWS\system32\CoreUIComponents.dll
2016-04-13 14:23 - 2016-03-16 06:11 - 21088728 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2016-04-13 14:23 - 2016-03-16 06:10 - 00116768 _____ (Microsoft Corporation) C:\WINDOWS\system32\AuthHost.exe
2016-04-13 14:23 - 2016-03-16 06:01 - 00762208 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\http.sys
2016-04-13 14:23 - 2016-03-16 05:22 - 00701440 _____ (Microsoft Corporation) C:\WINDOWS\system32\samsrv.dll
2016-04-13 14:23 - 2016-03-16 05:21 - 18796544 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2016-04-13 14:23 - 2016-03-16 05:17 - 03680256 _____ (Microsoft Corporation) C:\WINDOWS\system32\msi.dll
2016-04-13 14:23 - 2016-03-16 05:17 - 00842240 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxPackaging.dll
2016-04-13 14:23 - 2016-03-16 05:17 - 00133120 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxSip.dll
2016-04-13 14:23 - 2016-03-16 05:17 - 00060928 _____ (Microsoft Corporation) C:\WINDOWS\system32\samlib.dll
2016-04-13 14:23 - 2016-03-16 05:11 - 01594368 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml3.dll
2016-04-13 14:22 - 2016-03-29 08:22 - 01133056 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2016-04-13 14:22 - 2016-03-25 09:13 - 19325440 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2016-04-13 14:22 - 2016-03-25 08:55 - 11263488 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2016-04-13 14:22 - 2016-03-25 08:54 - 05457408 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2016-04-13 14:22 - 2016-03-16 06:22 - 00873400 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2016-04-13 14:22 - 2016-03-16 06:22 - 00757192 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2016-04-13 14:22 - 2016-03-16 06:21 - 01529872 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2016-04-13 14:22 - 2016-03-16 06:21 - 01037656 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2016-04-13 14:22 - 2016-03-16 06:21 - 00910040 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2016-04-13 14:22 - 2016-03-16 06:19 - 00503600 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Shell.Broker.dll
2016-04-13 14:22 - 2016-03-16 06:11 - 02879024 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2016-04-13 14:22 - 2016-03-16 06:11 - 00700256 _____ (Microsoft Corporation) C:\WINDOWS\system32\WWAHost.exe
2016-04-13 14:22 - 2016-03-16 06:10 - 00520640 _____ (Microsoft Corporation) C:\WINDOWS\system32\ClipSVC.dll
2016-04-13 14:22 - 2016-03-16 06:06 - 00181088 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxAllUserStore.dll
2016-04-13 14:22 - 2016-03-16 06:05 - 00854368 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecConfig.efi
2016-04-13 14:22 - 2016-03-16 06:05 - 00539728 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontdrvhost.exe
2016-04-13 14:22 - 2016-03-16 05:41 - 00125440 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotification.exe
2016-04-13 14:22 - 2016-03-16 05:38 - 00063488 _____ (Microsoft Corporation) C:\WINDOWS\system32\browserbroker.dll
2016-04-13 14:22 - 2016-03-16 05:37 - 00673792 _____ (Microsoft Corporation) C:\WINDOWS\system32\SharedStartModel.dll
2016-04-13 14:22 - 2016-03-16 05:31 - 00195584 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataAccountApis.dll
2016-04-13 14:22 - 2016-03-16 05:31 - 00172032 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhoneCallHistoryApis.dll
2016-04-13 14:22 - 2016-03-16 05:31 - 00161280 _____ (Microsoft Corporation) C:\WINDOWS\system32\SharedStartModelShim.dll
2016-04-13 14:22 - 2016-03-16 05:31 - 00018944 _____ (Microsoft Corporation) C:\WINDOWS\system32\ExtrasXmlParser.dll
2016-04-13 14:22 - 2016-03-16 05:29 - 00212480 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatehandlers.dll
2016-04-13 14:22 - 2016-03-16 05:28 - 00163328 _____ (Microsoft Corporation) C:\WINDOWS\system32\fwbase.dll
2016-04-13 14:22 - 2016-03-16 05:27 - 00261632 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusUpdateHandlers.dll
2016-04-13 14:22 - 2016-03-16 05:27 - 00241664 _____ (Microsoft Corporation) C:\WINDOWS\system32\usocore.dll
2016-04-13 14:22 - 2016-03-16 05:27 - 00161792 _____ (Microsoft Corporation) C:\WINDOWS\system32\msorcl32.dll
2016-04-13 14:22 - 2016-03-16 05:24 - 00661504 _____ (Microsoft Corporation) C:\WINDOWS\system32\MPSSVC.dll
2016-04-13 14:22 - 2016-03-16 05:24 - 00365056 _____ (Microsoft Corporation) C:\WINDOWS\system32\FirewallAPI.dll
2016-04-13 14:22 - 2016-03-16 05:24 - 00163840 _____ (Microsoft Corporation) C:\WINDOWS\system32\fwpolicyiomgr.dll
2016-04-13 14:22 - 2016-03-16 05:24 - 00019456 _____ (Microsoft Corporation) C:\WINDOWS\system32\wfapigp.dll
2016-04-13 14:22 - 2016-03-16 05:22 - 01083904 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2016-04-13 14:22 - 2016-03-16 05:21 - 00445952 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Cortana.Desktop.dll
2016-04-13 14:22 - 2016-03-16 05:20 - 00118272 _____ (Microsoft Corporation) C:\WINDOWS\system32\mtxoci.dll
2016-04-13 14:22 - 2016-03-16 05:19 - 00990208 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Shell.dll
2016-04-13 14:22 - 2016-03-16 05:19 - 00738816 _____ (Microsoft Corporation) C:\WINDOWS\system32\RDXService.dll
2016-04-13 14:22 - 2016-03-16 05:18 - 01918976 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2016-04-13 14:22 - 2016-03-16 05:18 - 00768000 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll
2016-04-13 14:22 - 2016-03-16 05:18 - 00140800 _____ (Microsoft Corporation) C:\WINDOWS\system32\shutdownux.dll
2016-04-13 14:22 - 2016-03-16 05:18 - 00104960 _____ (Microsoft Corporation) C:\WINDOWS\system32\AuthBroker.dll
2016-04-13 14:22 - 2016-03-16 05:17 - 00251904 _____ (Microsoft Corporation) C:\WINDOWS\system32\vaultsvc.dll
2016-04-13 14:22 - 2016-03-16 05:17 - 00243712 _____ (Microsoft Corporation) C:\WINDOWS\system32\profsvc.dll
2016-04-13 14:22 - 2016-03-16 05:17 - 00203776 _____ (Microsoft Corporation) C:\WINDOWS\system32\vaultcli.dll
2016-04-13 14:22 - 2016-03-16 05:17 - 00168448 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Scanners.dll
2016-04-13 14:22 - 2016-03-16 05:16 - 00311808 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentClient.dll
2016-04-13 14:22 - 2016-03-16 05:16 - 00067584 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxSysprep.dll
2016-04-13 14:22 - 2016-03-16 05:15 - 01127936 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataService.dll
2016-04-13 14:22 - 2016-03-16 05:14 - 01275392 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActiveSyncProvider.dll
2016-04-13 14:22 - 2016-03-16 05:14 - 00625152 _____ (Microsoft Corporation) C:\WINDOWS\system32\ContactApis.dll
2016-04-13 14:22 - 2016-03-16 05:14 - 00579584 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppointmentApis.dll
2016-04-13 14:22 - 2016-03-16 05:14 - 00557568 _____ (Microsoft Corporation) C:\WINDOWS\system32\ChatApis.dll
2016-04-13 14:22 - 2016-03-16 05:14 - 00228352 _____ (Microsoft Corporation) C:\WINDOWS\system32\PimIndexMaintenance.dll
2016-04-13 14:22 - 2016-03-16 05:14 - 00084480 _____ (Microsoft Corporation) C:\WINDOWS\system32\FontProvider.dll
2016-04-13 14:22 - 2016-03-16 05:13 - 00928256 _____ (Microsoft Corporation) C:\WINDOWS\system32\Unistore.dll
2016-04-13 14:22 - 2016-03-16 05:13 - 00525312 _____ (Microsoft Corporation) C:\WINDOWS\system32\EmailApis.dll
2016-04-13 14:22 - 2016-03-16 05:13 - 00223744 _____ (Microsoft Corporation) C:\WINDOWS\system32\ExSMime.dll
2016-04-13 14:22 - 2016-03-16 05:13 - 00202240 _____ (Microsoft Corporation) C:\WINDOWS\system32\deviceaccess.dll
2016-04-13 14:22 - 2016-03-16 05:13 - 00201216 _____ (Microsoft Corporation) C:\WINDOWS\system32\cemapi.dll
2016-04-13 14:22 - 2016-03-16 05:13 - 00150528 _____ (Microsoft Corporation) C:\WINDOWS\system32\VCardParser.dll
2016-04-13 14:22 - 2016-03-16 05:13 - 00131072 _____ (Microsoft Corporation) C:\WINDOWS\system32\CallHistoryClient.dll
2016-04-13 14:22 - 2016-03-16 05:13 - 00091648 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataTimeUtil.dll
2016-04-13 14:22 - 2016-03-16 05:13 - 00062464 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpninprc.dll
2016-04-13 14:22 - 2016-03-16 05:13 - 00056320 _____ (Microsoft Corporation) C:\WINDOWS\system32\POSyncServices.dll
2016-04-13 14:22 - 2016-03-16 05:13 - 00055808 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataPlatformHelperUtil.dll
2016-04-13 14:22 - 2016-03-16 05:13 - 00052736 _____ (Microsoft Corporation) C:\WINDOWS\system32\PimIndexMaintenanceClient.dll
2016-04-13 14:22 - 2016-03-16 05:13 - 00037888 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataTypeHelperUtil.dll
2016-04-13 14:22 - 2016-03-16 05:13 - 00037888 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataLanguageUtil.dll
2016-04-13 14:22 - 2016-03-16 05:12 - 01498624 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.dll
2016-04-13 14:22 - 2016-03-16 05:12 - 00195584 _____ (Microsoft Corporation) C:\WINDOWS\system32\PackageStateRoaming.dll
2016-04-13 14:22 - 2016-03-16 05:12 - 00147456 _____ (Microsoft Corporation) C:\WINDOWS\system32\psmsrv.dll
2016-04-13 14:22 - 2016-03-16 05:12 - 00115712 _____ (Microsoft Corporation) C:\WINDOWS\system32\dssvc.dll
2016-04-13 14:22 - 2016-03-16 05:10 - 00295424 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieproxy.dll
2016-04-13 14:22 - 2016-03-16 05:08 - 00055296 _____ (Microsoft Corporation) C:\WINDOWS\system32\basesrv.dll
2016-04-13 14:18 - 2016-04-13 14:19 - 00000000 ____D C:\Users\Laurent\AppData\Roaming\Apple Computer
2016-04-13 14:18 - 2016-04-13 14:18 - 00001822 _____ C:\Users\Public\Desktop\iTunes.lnk
2016-04-13 14:18 - 2016-04-13 14:18 - 00000000 ____D C:\Users\Laurent\AppData\Local\Apple Computer
2016-04-13 14:18 - 2016-04-13 14:18 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2016-04-13 14:17 - 2016-04-13 14:18 - 00000000 ____D C:\Program Files\iTunes
2016-04-13 14:17 - 2016-04-13 14:17 - 00000000 ____D C:\ProgramData\Apple Computer
2016-04-13 14:17 - 2016-04-13 14:17 - 00000000 ____D C:\Program Files\iPod
2016-04-13 14:11 - 2016-04-13 14:11 - 00002535 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Apple Software Update.lnk
2016-04-13 14:11 - 2016-04-13 14:11 - 00000000 ____D C:\Users\Laurent\AppData\Local\Apple
2016-04-13 14:11 - 2016-04-13 14:11 - 00000000 ____D C:\Program Files\Bonjour
2016-04-13 14:11 - 2016-04-13 14:11 - 00000000 ____D C:\Program Files\Apple Software Update
2016-04-13 14:10 - 2016-04-13 14:17 - 00000000 ____D C:\Program Files\Common Files\Apple
2016-04-13 14:10 - 2016-04-13 14:11 - 00000000 ____D C:\ProgramData\Apple
2016-04-13 14:09 - 2016-04-13 14:09 - 118414152 _____ (Apple Inc.) C:\Users\Laurent\Downloads\iTunesSetup.exe
2016-04-11 16:30 - 2016-04-11 16:30 - 00917993 _____ C:\Users\Laurent\Downloads\EXAMEN HALKIN.pdf
2016-04-11 14:10 - 2016-04-11 14:10 - 00162636 _____ C:\Users\Laurent\Downloads\TMS Crazy Race Tracks.zip
2016-04-11 12:00 - 2016-04-11 12:00 - 00236864 _____ C:\Users\Laurent\Downloads\TMS Micro Series.zip
2016-04-11 11:57 - 2016-04-11 11:57 - 00247801 _____ C:\Users\Laurent\Downloads\TMS Mini Series.zip
2016-04-11 11:49 - 2016-04-11 11:49 - 00013342 _____ C:\Users\Laurent\Downloads\Chaos Area.Challenge.Gbx
2016-04-10 18:24 - 2016-04-10 18:24 - 00000000 ____D C:\Users\Laurent\AppData\LocalLow\Temp
2016-04-07 14:49 - 2016-04-18 12:56 - 00004550 _____ C:\Users\Laurent\Desktop\ZHPCleaner.txt
2016-04-07 13:52 - 2016-04-18 12:24 - 00117091 _____ C:\Users\Laurent\Desktop\ZHPDiag.txt
2016-04-07 13:48 - 2016-04-18 13:05 - 03119168 _____ C:\Users\Laurent\Downloads\adwcleaner_5.109.exe
2016-04-07 13:47 - 2016-04-07 13:53 - 02111488 _____ C:\Users\Laurent\Downloads\ZHPCleaner.exe
2016-04-07 13:46 - 2016-04-07 13:46 - 02179072 _____ C:\Users\Laurent\Downloads\ZHPDiag3.exe
2016-04-05 17:27 - 2016-04-05 17:27 - 00000000 ____D C:\Users\Laurent\AppData\Roaming\MCorp
2016-04-04 23:06 - 2016-04-04 23:06 - 00000000 ____D C:\Users\Laurent\AppData\Local\F727A298-4DB4-456A-AC54-A93EA5F8554D
2016-04-04 22:50 - 2016-04-04 22:50 - 00000000 ____D C:\Program Files\osTip
2016-04-04 22:49 - 2016-04-16 17:40 - 00000000 ____D C:\Users\Laurent\AppData\Roaming\LightGate
2016-04-04 22:49 - 2016-04-04 22:49 - 00000000 ____D C:\Users\Laurent\AppData\Roaming\UPUpdata
2016-04-04 22:49 - 2016-04-04 22:49 - 00000000 ____D C:\ProgramData\Windows Update
2016-04-04 18:15 - 2016-04-04 18:15 - 00005120 _____ C:\Users\Laurent\AppData\Roaming\GiftBag.db
2016-04-04 17:56 - 2016-04-04 22:57 - 00000000 ____D C:\Users\Laurent\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\UC浏览器
2016-04-04 17:52 - 2016-04-04 17:52 - 00000000 ____D C:\Users\Laurent\AppData\Local\UCBrowser
2016-04-04 17:52 - 2016-03-08 06:05 - 00075504 _____ (Huorong Borui (Beijing) Technology Co., Ltd.) C:\WINDOWS\system32\Drivers\ucguard.sys
2016-04-04 16:57 - 2016-04-04 18:19 - 00000000 ____D C:\Program Files\badu
2016-04-04 11:06 - 2016-04-04 11:06 - 00104111 _____ C:\Users\Laurent\Downloads\TMO Survival 11 - 18.zip
2016-04-04 11:05 - 2016-04-04 11:05 - 00155627 _____ C:\Users\Laurent\Downloads\TMO Snow Race C - E.zip
2016-04-04 11:04 - 2016-04-04 11:04 - 00116318 _____ C:\Users\Laurent\Downloads\TMO Rally Race C - E.zip
2016-04-04 11:04 - 2016-04-04 11:04 - 00099511 _____ C:\Users\Laurent\Downloads\TMO Rally Race A - B.zip
2016-04-04 11:03 - 2016-04-04 11:03 - 00226561 _____ C:\Users\Laurent\Downloads\TMO Puzzles E - G.zip
2016-04-04 11:02 - 2016-04-04 11:02 - 00211223 _____ C:\Users\Laurent\Downloads\TMO Puzzles C - D.zip
2016-04-04 11:00 - 2016-04-04 11:00 - 00121220 _____ C:\Users\Laurent\Downloads\TMO Desert Race C - E.zip
2016-04-04 10:59 - 2016-04-04 10:59 - 00108675 _____ C:\Users\Laurent\Downloads\TMO Desert Race A - B.zip
2016-04-04 10:58 - 2016-04-04 10:58 - 00173947 _____ C:\Users\Laurent\Downloads\TMO Survival 01 - 10.zip
2016-04-04 10:56 - 2016-04-04 10:56 - 00187128 _____ C:\Users\Laurent\Downloads\TMO Stunts.zip
2016-04-04 10:54 - 2016-04-04 10:59 - 00222328 _____ C:\Users\Laurent\Downloads\TMO Platform.zip
2016-04-04 10:53 - 2016-04-04 10:53 - 00191548 _____ C:\Users\Laurent\Downloads\TMO Puzzles A - C.zip
2016-04-04 10:35 - 2016-04-04 10:35 - 00123578 _____ C:\Users\Laurent\Downloads\TMO Snow Race A - B.zip
2016-04-03 23:13 - 2016-04-03 23:17 - 00000000 ____D C:\ProgramData\TrackMania
2016-04-03 23:11 - 2016-04-12 22:52 - 00000000 ____D C:\Users\Laurent\Documents\TrackMania
2016-04-03 23:10 - 2016-04-03 23:10 - 00000903 _____ C:\Users\Public\Desktop\TmUnitedForever.lnk
2016-04-03 23:10 - 2016-04-03 23:10 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TmUnitedForever
2016-04-03 18:23 - 2016-04-03 22:27 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TrackMania Sunrise
2016-04-03 13:54 - 2016-04-03 13:54 - 00000000 ____D C:\Users\Laurent\Downloads\TRACKMANIA mini-image
2016-04-03 13:33 - 2016-04-03 13:33 - 00000000 ____D C:\Users\Laurent\Desktop\trackmanul
2016-04-02 22:29 - 2016-04-02 22:26 - 00001006 _____ C:\WINDOWS\system32\Drivers\etc\hp.bak
2016-04-02 18:49 - 2016-04-04 23:15 - 00000000 ____D C:\ProgramData\Big Fish
2016-04-02 18:48 - 2016-04-04 23:15 - 00000000 ____D C:\BigFishCache
2016-04-02 18:48 - 2016-04-02 18:50 - 00000000 ____D C:\Users\Laurent\AppData\Local\Big Fish
2016-04-02 18:38 - 2016-04-02 18:38 - 00000000 ____D C:\ProgramData\GoBit Games
2016-04-02 16:43 - 2016-04-02 16:43 - 00000632 _____ C:\WINDOWS\CoDUO.INI
2016-04-02 00:27 - 2016-04-02 22:25 - 00000718 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2016-04-02 00:27 - 2016-04-02 00:27 - 00000000 ____D C:\Users\Laurent\AppData\Local\Mozilla
2016-03-30 21:10 - 2016-04-13 14:58 - 00000000 ____D C:\Users\Laurent\AppData\Local\CrashDumps
2016-03-30 12:52 - 2016-03-30 12:56 - 02102784 _____ C:\Users\Laurent\ZHPCleaner.exe
2016-03-30 12:43 - 2016-04-18 12:02 - 02190336 _____ C:\Users\Laurent\ZHPDiag3.exe
2016-03-30 12:08 - 2016-03-30 12:08 - 00000000 ____D C:\Users\Laurent\AppData\Roaming\ffgogogo
2016-03-30 12:07 - 2016-03-30 12:08 - 00000000 ____D C:\Users\Public\Documents\ffgogogo
2016-03-29 11:37 - 2016-03-29 11:37 - 00000000 ____D C:\temp
2016-03-28 18:38 - 2016-03-28 18:38 - 00001133 _____ C:\Users\Public\Desktop\Farm Frenzy 3 Roulette Russe.lnk
2016-03-28 18:38 - 2016-03-28 18:38 - 00001090 _____ C:\Users\Public\Desktop\Farm Frenzy 3 American Pie.lnk
2016-03-28 18:38 - 2016-03-28 18:38 - 00001081 _____ C:\Users\Public\Desktop\Farm Frenzy 3 Madagascar.lnk
2016-03-28 18:38 - 2016-03-28 18:38 - 00001078 _____ C:\Users\Public\Desktop\Farm Frenzy Gone Fishing.lnk
2016-03-28 18:38 - 2016-03-28 18:38 - 00001076 _____ C:\Users\Public\Desktop\Farm Frenzy Viking Heroes.lnk
2016-03-28 18:38 - 2016-03-28 18:38 - 00001076 _____ C:\Users\Public\Desktop\Farm Frenzy Rome Antique.lnk
2016-03-28 18:38 - 2016-03-28 18:38 - 00001053 _____ C:\Users\Public\Desktop\Farm Frenzy Pizza Party !.lnk
2016-03-28 18:38 - 2016-03-28 18:38 - 00001049 _____ C:\Users\Public\Desktop\Farm Frenzy 3 L'age de glace.lnk
2016-03-28 18:38 - 2016-03-28 18:38 - 00000973 _____ C:\Users\Public\Desktop\Farm Frenzy 3.lnk
2016-03-28 17:30 - 2016-03-28 17:30 - 00004096 _____ C:\WINDOWS\d3dx.dat
2016-03-28 17:30 - 2016-03-28 17:30 - 00000000 ____D C:\Users\Laurent\AppData\Roaming\World-LooM
2016-03-28 17:27 - 2016-03-28 17:27 - 00002207 _____ C:\Users\Laurent\AppData\Roaming\Microsoft\Windows\Start Menu\MyPlayCity Games.lnk
2016-03-28 17:27 - 2016-03-28 17:27 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MyPlayCity.com
2016-03-28 17:27 - 2016-03-28 17:27 - 00000000 ____D C:\Program Files\MyPlayCity.com
2016-03-28 17:07 - 2015-12-18 08:10 - 00090768 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvaudcap32v.dll
==================== Un mois - Modifiés - fichiers et dossiers ========
(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)
2016-04-22 17:37 - 2015-08-23 14:27 - 00000000 ____D C:\Users\Laurent\AppData\Roaming\ZHP
2016-04-22 17:36 - 2015-07-10 11:55 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2016-04-22 17:31 - 2015-08-09 20:56 - 00000000 ____D C:\Users\Laurent
2016-04-22 15:40 - 2015-07-10 08:59 - 00524288 ___SH C:\WINDOWS\system32\config\BBI
2016-04-18 14:13 - 2015-08-09 20:52 - 00000000 ____D C:\ProgramData\NVIDIA Corporation
2016-04-18 12:24 - 2015-11-25 16:12 - 00000000 ____D C:\Program Files\cracked steam
2016-04-18 12:17 - 2015-07-10 10:28 - 00000000 ____D C:\WINDOWS\system32\NDF
2016-04-18 11:52 - 2015-08-10 11:06 - 00000000 ____D C:\Users\Laurent\AppData\LocalLow\Adblock Plus for IE
2016-04-15 15:37 - 2015-08-09 19:19 - 00000000 __RHD C:\Users\Public\AccountPictures
2016-04-15 15:35 - 2015-07-10 10:27 - 00000000 ____D C:\WINDOWS\INF
2016-04-15 15:31 - 2015-07-10 08:59 - 00000000 ____D C:\WINDOWS\system32\Dism
2016-04-14 17:10 - 2015-07-10 10:28 - 00000000 ____D C:\WINDOWS\AppReadiness
2016-04-13 16:19 - 2015-07-10 10:20 - 00000000 ____D C:\WINDOWS\CbsTemp
2016-04-13 16:09 - 2016-02-13 15:03 - 00000000 ___HD C:\$WINDOWS.~BT
2016-04-13 15:53 - 2015-08-12 11:46 - 00000000 ____D C:\WINDOWS\system32\MRT
2016-04-13 15:47 - 2015-08-12 11:46 - 132539272 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2016-04-13 14:27 - 2015-07-10 10:28 - 00000000 ___HD C:\Program Files\WindowsApps
2016-04-13 14:03 - 2015-08-09 19:18 - 00000000 ____D C:\Users\Laurent\AppData\Local\Packages
2016-04-10 11:32 - 2015-11-25 14:02 - 00000000 ____D C:\Program Files\Common Files\Steam
2016-04-06 20:32 - 2015-07-10 10:29 - 00829944 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerApp.exe
2016-04-06 20:32 - 2015-07-10 10:29 - 00176632 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerCPLApp.cpl
2016-04-04 23:06 - 2016-03-13 13:09 - 00000000 ____D C:\Users\Laurent\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108
2016-04-04 19:49 - 2013-08-22 08:13 - 00000194 _____ C:\WINDOWS\win.ini
2016-04-04 00:06 - 2015-08-15 15:56 - 00000000 ____D C:\Users\Laurent\AppData\Roaming\uTorrent
2016-04-02 22:50 - 2015-12-24 14:22 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spore
2016-04-02 22:26 - 2015-08-24 08:29 - 00001906 __RSH C:\ProgramData\ntuser.pol
2016-04-02 15:09 - 2015-10-23 17:07 - 00000000 ____D C:\WINDOWS\Minidump
2016-04-02 13:00 - 2016-01-08 19:16 - 00000000 ____D C:\Users\Laurent\Desktop\9.2
2016-04-02 00:27 - 2016-02-26 14:33 - 00000000 ____D C:\Users\Laurent\AppData\Roaming\Mozilla
2016-03-30 12:56 - 2015-08-19 11:31 - 00000000 ____D C:\Program Files\baidu
2016-03-30 12:48 - 2015-08-09 21:06 - 01839260 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2016-03-30 12:48 - 2015-07-10 15:30 - 00819778 _____ C:\WINDOWS\system32\perfh00C.dat
2016-03-30 12:48 - 2015-07-10 15:30 - 00154144 _____ C:\WINDOWS\system32\perfc00C.dat
2016-03-30 11:38 - 2015-10-22 17:34 - 00000004 _____ C:\WINDOWS\system32\029B560A371F4E00AB32838EBC01B9E7
2016-03-29 12:06 - 2015-11-08 16:00 - 00000000 ____D C:\Program Files\Google
2016-03-29 12:05 - 2015-11-08 15:59 - 00000000 ____D C:\Users\Laurent\AppData\Local\Google
2016-03-28 18:38 - 2015-09-11 11:26 - 00000000 ____D C:\Users\Laurent\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Farm Frenzy Collection
2016-03-28 18:38 - 2015-09-11 11:26 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Farm Frenzy Collection
2016-03-28 17:19 - 2015-08-09 21:13 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
2016-03-28 17:09 - 2015-08-09 21:09 - 00000000 ____D C:\Users\Laurent\AppData\Local\NVIDIA
2016-03-28 17:01 - 2015-08-09 20:52 - 00000000 ____D C:\ProgramData\NVIDIA
==================== Fichiers à la racine de certains dossiers =======
2015-08-22 17:40 - 2015-08-22 17:41 - 214027005 _____ () C:\Program Files\Tencent.zip
2016-02-26 14:33 - 2016-02-26 14:33 - 8003072 _____ () C:\Users\Laurent\AppData\Roaming\agent.dat
2016-02-26 14:33 - 2016-02-26 14:33 - 0064752 _____ () C:\Users\Laurent\AppData\Roaming\Config.xml
2016-02-26 14:33 - 2016-02-26 14:33 - 0072720 _____ () C:\Users\Laurent\AppData\Roaming\EcoBam.tst
2016-04-04 18:15 - 2016-04-04 18:15 - 0005120 _____ () C:\Users\Laurent\AppData\Roaming\GiftBag.db
2016-02-26 14:32 - 2016-02-26 14:32 - 0015744 _____ () C:\Users\Laurent\AppData\Roaming\InstallationConfiguration.xml
2016-02-26 14:32 - 2016-02-26 14:32 - 0127488 _____ () C:\Users\Laurent\AppData\Roaming\Installer.dat
2016-02-26 14:33 - 2016-02-26 14:33 - 0126464 _____ () C:\Users\Laurent\AppData\Roaming\lobby.dat
2016-02-26 14:33 - 2016-02-26 14:33 - 0018432 _____ () C:\Users\Laurent\AppData\Roaming\Main.dat
2016-02-26 14:33 - 2016-02-26 14:33 - 0005568 _____ () C:\Users\Laurent\AppData\Roaming\md.xml
2016-02-26 14:33 - 2016-02-26 14:33 - 0126464 _____ () C:\Users\Laurent\AppData\Roaming\noah.dat
2016-02-26 14:33 - 2016-02-26 14:33 - 0032038 _____ () C:\Users\Laurent\AppData\Roaming\uninstall_temp.ico
2016-02-26 14:33 - 2016-02-26 14:33 - 1894599 _____ () C:\Users\Laurent\AppData\Roaming\VentoZap.tst
2016-02-26 14:32 - 2016-02-26 14:32 - 0848437 _____ () C:\Users\Laurent\AppData\Roaming\Zum-Lam.bin
2016-04-16 17:41 - 2016-04-15 16:48 - 1265152 _____ () C:\ProgramData\conhost.exe
2015-08-09 20:52 - 2015-08-09 20:52 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
2016-04-16 17:40 - 2016-04-06 00:37 - 0114176 _____ () C:\ProgramData\hp.exe
2016-04-16 17:41 - 2016-04-14 18:08 - 1274368 _____ () C:\ProgramData\MiniFriv01.exe
2016-04-18 11:35 - 2016-04-18 11:35 - 0002167 _____ () C:\ProgramData\service.exe.lnk
2016-04-18 11:34 - 2016-04-18 11:34 - 0002169 _____ () C:\ProgramData\testLive.exe.lnk
Fichiers à déplacer ou supprimer:
====================
C:\ProgramData\conhost.exe
C:\ProgramData\hp.exe
C:\ProgramData\MiniFriv01.exe
C:\Users\Laurent\ZHPCleaner.exe
C:\Users\Laurent\ZHPDiag3.exe
Certains fichiers dans TEMP:
====================
C:\Users\Laurent\AppData\Local\Temp\14C1.tmp.exe
C:\Users\Laurent\AppData\Local\Temp\15.tmp.exe
C:\Users\Laurent\AppData\Local\Temp\19B0.tmp.exe
C:\Users\Laurent\AppData\Local\Temp\2924.tmp.exe
C:\Users\Laurent\AppData\Local\Temp\2E45.tmp.exe
C:\Users\Laurent\AppData\Local\Temp\33F8.tmp.exe
C:\Users\Laurent\AppData\Local\Temp\4788.tmp.exe
C:\Users\Laurent\AppData\Local\Temp\56EE691F4203B924.exe
C:\Users\Laurent\AppData\Local\Temp\583B.tmp.exe
C:\Users\Laurent\AppData\Local\Temp\604A.tmp.exe
C:\Users\Laurent\AppData\Local\Temp\63B4.tmp.exe
C:\Users\Laurent\AppData\Local\Temp\65F7.tmp.exe
C:\Users\Laurent\AppData\Local\Temp\66CA.tmp.exe
C:\Users\Laurent\AppData\Local\Temp\7028.tmp.exe
C:\Users\Laurent\AppData\Local\Temp\77EB.tmp.exe
C:\Users\Laurent\AppData\Local\Temp\834C.tmp.exe
C:\Users\Laurent\AppData\Local\Temp\8459.tmp.exe
C:\Users\Laurent\AppData\Local\Temp\855.tmp.exe
C:\Users\Laurent\AppData\Local\Temp\9193.tmp.exe
C:\Users\Laurent\AppData\Local\Temp\91CD.tmp.exe
C:\Users\Laurent\AppData\Local\Temp\990A.tmp.exe
C:\Users\Laurent\AppData\Local\Temp\9E01.tmp.exe
C:\Users\Laurent\AppData\Local\Temp\A694.tmp.exe
C:\Users\Laurent\AppData\Local\Temp\A782.tmp.exe
C:\Users\Laurent\AppData\Local\Temp\AE3F.tmp.exe
C:\Users\Laurent\AppData\Local\Temp\AF2D.tmp.exe
C:\Users\Laurent\AppData\Local\Temp\B802.tmp.exe
C:\Users\Laurent\AppData\Local\Temp\BANDIZIP-SETUP.EXE
C:\Users\Laurent\AppData\Local\Temp\BF3.tmp.exe
C:\Users\Laurent\AppData\Local\Temp\Browser_V5.6.10551.6_f_4730_(Build1602291105).exe
C:\Users\Laurent\AppData\Local\Temp\C005.tmp.exe
C:\Users\Laurent\AppData\Local\Temp\C088.tmp.exe
C:\Users\Laurent\AppData\Local\Temp\C1CD.tmp.exe
C:\Users\Laurent\AppData\Local\Temp\C5EB.tmp.exe
C:\Users\Laurent\AppData\Local\Temp\C6E4.tmp.exe
C:\Users\Laurent\AppData\Local\Temp\C795.tmp.exe
C:\Users\Laurent\AppData\Local\Temp\CBBF.tmp.exe
C:\Users\Laurent\AppData\Local\Temp\CCFA.tmp.exe
C:\Users\Laurent\AppData\Local\Temp\ConductrServer-2.2.1.exe
C:\Users\Laurent\AppData\Local\Temp\DD1A.tmp.exe
C:\Users\Laurent\AppData\Local\Temp\E747.tmp.exe
C:\Users\Laurent\AppData\Local\Temp\ED37.tmp.exe
C:\Users\Laurent\AppData\Local\Temp\F218.tmp.exe
C:\Users\Laurent\AppData\Local\Temp\F258.tmp.exe
C:\Users\Laurent\AppData\Local\Temp\fsd22CE.exe
C:\Users\Laurent\AppData\Local\Temp\fsdF3DC.exe
C:\Users\Laurent\AppData\Local\Temp\ICReinstall_19B0.tmp.exe
C:\Users\Laurent\AppData\Local\Temp\libeay32.dll
C:\Users\Laurent\AppData\Local\Temp\msvcr120.dll
C:\Users\Laurent\AppData\Local\Temp\nvSCPAPI.dll
C:\Users\Laurent\AppData\Local\Temp\nvStInst.exe
C:\Users\Laurent\AppData\Local\Temp\set.exe
C:\Users\Laurent\AppData\Local\Temp\sqlite3.dll
==================== Bamital & volsnap =================
(Il n'y a pas de correction automatique pour les fichiers qui ne satisfont pas à la vérification.)
C:\WINDOWS\explorer.exe => Le fichier est signé numériquement
C:\WINDOWS\system32\winlogon.exe => Le fichier est signé numériquement
C:\WINDOWS\system32\wininit.exe => Le fichier est signé numériquement
C:\WINDOWS\system32\svchost.exe => Le fichier est signé numériquement
C:\WINDOWS\system32\services.exe => Le fichier est signé numériquement
C:\WINDOWS\system32\User32.dll => Le fichier est signé numériquement
C:\WINDOWS\system32\userinit.exe => Le fichier est signé numériquement
C:\WINDOWS\system32\rpcss.dll => Le fichier est signé numériquement
C:\WINDOWS\system32\dnsapi.dll => Le fichier est signé numériquement
C:\WINDOWS\system32\Drivers\volsnap.sys => Le fichier est signé numériquement
LastRegBack: 2016-04-16 17:51
==================== Fin de FRST.txt ============================
Exécuté par Laurent (administrateur) sur LAURENT (22-04-2016 17:50:15)
Exécuté depuis M:\
Profils chargés: Laurent (Profils disponibles: Laurent)
Platform: Microsoft Windows 10 Professionnel (X86) Langue: Français (France)
Internet Explorer Version 11 (Navigateur par défaut: IE)
Mode d'amorçage: Normal
Tutoriel pour Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processus (Avec liste blanche) =================
(Si un élément est inclus dans le fichier fixlist.txt, le processus sera arrêté. Le fichier ne sera pas déplacé.)
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(BlueStack Systems, Inc.) C:\Program Files\BlueStacks\HD-LogRotatorService.exe
(BlueStack Systems, Inc.) C:\Program Files\BlueStacks\HD-UpdaterService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
(Native Instruments GmbH) C:\Program Files\Common Files\Native Instruments\Hardware\NIHardwareService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MpCmdRun.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\NisSrv.exe
(Disc Soft Ltd) C:\Program Files\DAEMON Tools Lite\DiscSoftBusService.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
(Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner.exe
(Anti-Valve Software ) C:\Program Files\cracked steam\Cracked Steam.exe
() C:\Users\Laurent\AppData\Local\Temp\is-306F4.tmp\Cracked Steam.tmp
(Microsoft Corporation) C:\Windows\System32\wbem\unsecapp.exe
==================== Registre (Avec liste blanche) ===========================
(Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé. Le fichier ne sera pas déplacé.)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe [12214528 2015-06-24] (Realtek Semiconductor)
HKLM\...\Run: [NvBackend] => C:\Program Files\NVIDIA Corporation\Update Core\NvBackend.exe [2787264 2016-01-12] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => "C:\WINDOWS\system32\rundll32.exe" C:\WINDOWS\system32\nvspcap.dll,ShadowPlayOnSystemStart
HKLM\...\Run: [BlueStacks Agent] => C:\Program Files\BlueStacks\HD-Agent.exe [896632 2015-07-22] (BlueStack Systems, Inc.)
HKLM\...\Run: [rec_be_217] => [X]
HKLM\...\Run: [ QQPCTray] => "C:\Program Files\Tencent\QQPCMgr\11.4.17339.217\QQPCTray.exe" /regrun
HKLM\...\Run: [SystemClose] => D:\Documents\systemfile.exe
HKLM\...\Run: [LightGate] => c:\programdata\lightgate.exe
HKLM\...\Run: [HomePageHelper] => c:\programdata\homepage.exe
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [164152 2016-03-19] (Apple Inc.)
HKLM\...\Run: [conhost.exe -start] => C:\Users\Laurent\AppData\Local\Temp\29419\conhost.exe -start <===== ATTENTION
HKLM\...\Winlogon: [Userinit] ,
HKU\S-1-5-21-349070587-518053807-3229101513-1001\...\Run: [DAEMON Tools Lite Automount] => C:\Program Files\DAEMON Tools Lite\DTAgent.exe [3576664 2015-06-18] (Disc Soft Ltd)
HKU\S-1-5-21-349070587-518053807-3229101513-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner.exe [6453528 2015-07-17] (Piriform Ltd)
HKU\S-1-5-21-349070587-518053807-3229101513-1001\...\Run: [Cracked Steam Service] => c:\program files\cracked steam\Cracked Steam.exe [337496 2011-05-06] (Anti-Valve Software )
HKU\S-1-5-21-349070587-518053807-3229101513-1001\...\Run: [msiql] => c:\programdata\msiql.exe /RUNNING
HKU\S-1-5-21-349070587-518053807-3229101513-1001\...\Run: [testLive] => c:\programdata\testlive.exe /RUNNING
HKU\S-1-5-21-349070587-518053807-3229101513-1001\...\MountPoints2: {69fa6f66-6ce1-11e5-972e-001fe254785f} - "N:\TmUnitedForever_Setup.exe"
HKU\S-1-5-21-349070587-518053807-3229101513-1001\...\MountPoints2: {daaf0e8e-4b6f-11e5-971f-001fe254785f} - "J:\TmUnitedForever_Setup.exe"
HKU\S-1-5-21-349070587-518053807-3229101513-1001\...\MountPoints2: {dda44def-4585-11e5-971b-001fe254785f} - "K:\Delicious12.exe"
HKU\S-1-5-21-349070587-518053807-3229101513-1001\...\MountPoints2: {dda4519f-4585-11e5-971b-001fe254785f} - "J:\setup.exe"
HKU\S-1-5-21-349070587-518053807-3229101513-1001\...\Winlogon: [Shell] C:\Users\Laurent\AppData\Local\Temp\195F91226C82852D.exe <==== ATTENTION
AppInit_DLLs: C:\ProgramData\Hayzumflex\SoloQuotex.dll => C:\ProgramData\Hayzumflex\SoloQuotex.dll [257536 2016-02-26] ()
ShellIconOverlayIdentifiers: [###MegaShellExtPending] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => C:\ProgramData\MEGAsync\ShellExtX32.dll [2014-05-01] ()
ShellIconOverlayIdentifiers: [###MegaShellExtSynced] -> {05B38830-F4E9-4329-978B-1DD28605D202} => C:\ProgramData\MEGAsync\ShellExtX32.dll [2014-05-01] ()
ShellIconOverlayIdentifiers: [###MegaShellExtSyncing] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => C:\ProgramData\MEGAsync\ShellExtX32.dll [2014-05-01] ()
GroupPolicy: Restriction - Chrome <======= ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Restriction <======= ATTENTION
==================== Internet (Avec liste blanche) ====================
(Si un élément est inclus dans le fichier fixlist.txt, s'il s'agit d'un élément du Registre, il sera supprimé ou restauré à la valeur par défaut.)
Winsock: Catalog5 01 Pas de fichier
Winsock: Catalog5 02 Pas de fichier
Winsock: Catalog5 03 Pas de fichier
Hosts: Il y a plus d'un élément dans hosts. Voir la section Hosts de Addition.txt
Tcpip\Parameters: [DhcpNameServer] 195.130.130.1 195.130.131.1
Tcpip\Parameters: [NameServer] 82.163.143.171 82.163.142.173
Tcpip\..\Interfaces\{b164dfd2-91b7-422f-9242-44e27b2b041e}: [DhcpNameServer] 195.130.130.1 195.130.131.1
Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.l114la.com
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://google.com
HKU\S-1-5-21-349070587-518053807-3229101513-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.l114la.com
SearchScopes: HKLM -> DefaultScope la valeur est absente
SearchScopes: HKLM -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1
SearchScopes: HKU\S-1-5-21-349070587-518053807-3229101513-1001 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1
SearchScopes: HKU\S-1-5-21-349070587-518053807-3229101513-1001 -> OldSearch URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1
SearchScopes: HKU\S-1-5-21-349070587-518053807-3229101513-1001 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1
BHO: Adblock Plus for IE Browser Helper Object -> {FFCB3198-32F3-4E8B-9539-4324694ED664} -> C:\Program Files\Adblock Plus for IE\AdblockPlus32.dll [2015-02-25] (Eyeo GmbH)
StartMenuInternet: IEXPLORE.EXE - C:\Program Files\Internet Explorer\iexplore.exe
Edge:
======
Edge HomeButtonPage: HKU\S-1-5-21-349070587-518053807-3229101513-1001 -> hxxp://www.omniboxes.com/?type=hp&ts=1447332781&z=cec9967d8e175271a6f402cg8zdz5mcc0c7odm9m8t&from=wpm07163&uid=SAMSUNGXHD252HJ_S17HJDWQ930445
FireFox:
========
FF ProfilePath: C:\Users\Laurent\AppData\Roaming\Mozilla\Firefox\Profiles\41A66E7E5EE1
FF Plugin: @Apple.com/iTunes,version=1.0 -> C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll [2016-03-08] ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-13] ( Microsoft Corporation)
==================== Services (Avec liste blanche) ========================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
S3 BstHdAndroidSvc; C:\Program Files\BlueStacks\HD-Service.exe [433784 2015-06-16] (BlueStack Systems, Inc.)
R2 BstHdLogRotatorSvc; C:\Program Files\BlueStacks\HD-LogRotatorService.exe [413304 2015-06-16] (BlueStack Systems, Inc.)
R2 BstHdUpdaterSvc; C:\Program Files\BlueStacks\HD-UpdaterService.exe [831096 2015-07-21] (BlueStack Systems, Inc.)
R3 Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusService.exe [1034584 2015-06-18] (Disc Soft Ltd)
R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [929728 2016-01-12] (NVIDIA Corporation)
S2 MBAMService; C:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe [1133880 2015-06-18] (Malwarebytes Corporation)
R2 NIHardwareService; C:\Program Files\Common Files\Native Instruments\Hardware\NIHardwareService.exe [10505008 2014-11-25] (Native Instruments GmbH)
S2 NvNetworkService; C:\Program Files\NVIDIA Corporation\NetService\NvNetworkService.exe [1879488 2016-01-12] (NVIDIA Corporation)
S3 NvStreamNetworkSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe [5178816 2016-01-12] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe [3996608 2016-01-12] (NVIDIA Corporation)
R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [277760 2015-07-10] (Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23264 2015-07-10] (Microsoft Corporation)
S2 GoogleChromeUpService; pas de ImagePath
S2 GoogleChromeUpSvc; C:\Users\Laurent\AppData\Roaming\svrupg.exe /s GoogleChromeUpSvc /uid:51477 /local:br [X]
S2 kefejuwizbt; pas de ImagePath
S2 rijufoze; pas de ImagePath
S2 rocufyky; pas de ImagePath
S2 zigipyro; pas de ImagePath
===================== Pilotes (Avec liste blanche) ==========================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
R2 BstHdDrv; C:\Program Files\BlueStacks\HD-Hypervisor-x86.sys [131704 2015-06-16] (BlueStack Systems)
R3 dtlitescsibus; C:\WINDOWS\System32\drivers\dtlitescsibus.sys [25016 2015-08-18] (Disc Soft Ltd)
S3 FairplayKD; C:\ProgramData\MTA San Andreas All\Common\temp\FairplayKD.sys [71952 2015-10-17] (Multi Theft Auto)
R3 MBAMProtector; C:\WINDOWS\system32\drivers\mbam.sys [23256 2015-06-18] (Malwarebytes Corporation)
S3 MBAMWebAccessControl; C:\WINDOWS\system32\drivers\mwac.sys [51928 2015-06-18] (Malwarebytes Corporation)
R3 nvvad_WaveExtensible; C:\WINDOWS\system32\drivers\nvvad32v.sys [42128 2015-12-18] (NVIDIA Corporation)
R3 rt640x86; C:\WINDOWS\System32\drivers\rt640x86.sys [492032 2015-07-10] (Realtek )
S3 Secdrv; C:\WINDOWS\system32\drivers\SECDRV.SYS [11968 2000-07-11] () [Fichier non signé]
R0 sfdrv01a; C:\WINDOWS\System32\drivers\sfdrv01a.sys [63096 2009-02-03] (Protection Technology (StarForce))
R0 sfvfs02; C:\WINDOWS\System32\drivers\sfvfs02.sys [83320 2007-02-08] (Protection Technology (StarForce))
R3 teVirtualMIDI32; C:\WINDOWS\system32\DRIVERS\teVirtualMIDI32.sys [34360 2014-03-19] (Tobias Erichsen)
S1 UCGuard; C:\WINDOWS\System32\DRIVERS\ucguard.sys [75504 2016-03-08] (Huorong Borui (Beijing) Technology Co., Ltd.)
S3 UdeCx; C:\WINDOWS\System32\drivers\udecx.sys [31744 2015-07-10] ()
S0 WdBoot; C:\WINDOWS\System32\drivers\WdBoot.sys [37400 2015-07-10] (Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\WdFilter.sys [245600 2015-07-10] (Microsoft Corporation)
R2 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [97632 2015-07-10] (Microsoft Corporation)
R3 WUDFWpdMtp; C:\WINDOWS\System32\drivers\WUDFRd.sys [161792 2015-07-10] (Microsoft Corporation)
S3 xusb22; C:\WINDOWS\System32\drivers\xusb22.sys [72704 2015-07-10] (Microsoft Corporation)
S3 wfpcapture; \SystemRoot\System32\drivers\wfpcapture.sys [X]
S1 {a11dc8d2-dcd1-4fde-8241-07146b8ed9cc}Gw; system32\drivers\{a11dc8d2-dcd1-4fde-8241-07146b8ed9cc}Gw.sys [X]
S1 {dadf6ae1-4000-408d-a830-dac594b6f02c}Gw; system32\drivers\{dadf6ae1-4000-408d-a830-dac594b6f02c}Gw.sys [X]
S1 {e432fd27-9a5f-42df-99b8-f298ddb6da56}Gw; system32\drivers\{e432fd27-9a5f-42df-99b8-f298ddb6da56}Gw.sys [X]
==================== NetSvcs (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
==================== Un mois - Créés - fichiers et dossiers ========
(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)
2016-04-22 17:49 - 2016-04-22 17:50 - 00000000 ____D C:\FRST
2016-04-22 17:48 - 2016-04-22 17:48 - 00016148 _____ C:\WINDOWS\system32\LAURENT_Laurent_HistoryPrediction.bin
2016-04-22 16:40 - 2016-04-22 17:49 - 00000214 _____ C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job
2016-04-18 14:21 - 2016-04-18 14:43 - 00353790 _____ C:\WINDOWS\ntbtlog.txt
2016-04-18 13:05 - 2016-04-18 13:24 - 00000000 ____D C:\AdwCleaner
2016-04-18 13:01 - 2016-04-04 18:14 - 00090872 _____ (Tencent Technology(Shenzhen) Company Limited) C:\WINDOWS\system32\Drivers\TAOKernelEx.sys
2016-04-18 12:09 - 2016-04-18 12:10 - 02190336 _____ C:\Users\Laurent\Downloads\ZHPDiag3 (1).exe
2016-04-18 11:48 - 2016-04-18 11:48 - 00000000 ____D C:\Users\Laurent\AppData\Local\ElevatedDiagnostics
2016-04-18 11:35 - 2016-04-18 11:35 - 00002167 _____ C:\ProgramData\service.exe.lnk
2016-04-18 11:34 - 2016-04-18 11:34 - 00002169 _____ C:\ProgramData\testLive.exe.lnk
2016-04-16 17:41 - 2016-04-18 11:31 - 00114632 _____ (深圳市迅雷网络技术有限公司) C:\WINDOWS\system32\xldl.dll
2016-04-16 17:41 - 2016-04-16 17:41 - 00000000 ____D C:\WINDOWS\system32\download
2016-04-16 17:41 - 2016-04-16 17:41 - 00000000 ____D C:\Users\Public\Thunder Network
2016-04-16 17:41 - 2016-04-16 17:41 - 00000000 ____D C:\ProgramData\Thunder Network
2016-04-16 17:41 - 2016-04-15 16:48 - 01265152 _____ C:\ProgramData\conhost.exe
2016-04-16 17:41 - 2016-04-14 18:08 - 01274368 _____ C:\ProgramData\MiniFriv01.exe
2016-04-16 17:40 - 2016-04-06 00:37 - 00114176 _____ C:\ProgramData\hp.exe
2016-04-13 17:01 - 2008-02-06 14:38 - 67108864 _____ C:\Users\Laurent\Desktop\1992 - Assassins Creed - Altairs Chronicles (U)(Micronauts).nds
2016-04-13 15:21 - 2016-04-13 15:21 - 00000000 ____D C:\Users\Laurent\Downloads\Crisis_Core_Final_Fantasy_VII_EUR_ENGLiSH_PSP-BAHAMUT
2016-04-13 15:11 - 2016-04-13 15:20 - 1010199000 _____ C:\Users\Laurent\Downloads\Crisis_Core_Final_Fantasy_VII_EUR_ENGLiSH_PSP-BAHAMUT.rar
2016-04-13 15:05 - 2016-04-13 15:06 - 07672257 _____ C:\Users\Laurent\Downloads\apeacademy2.zip
2016-04-13 14:50 - 2016-04-13 14:50 - 00000000 ____D C:\Users\Laurent\Documents\Xilisoft
2016-04-13 14:50 - 2016-04-13 14:50 - 00000000 ____D C:\Users\Laurent\AppData\Roaming\Xilisoft
2016-04-13 14:49 - 2016-04-13 14:54 - 00002222 _____ C:\Users\Public\Desktop\Xilisoft Transfert iPad PC.lnk
2016-04-13 14:49 - 2016-04-13 14:49 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Xilisoft
2016-04-13 14:48 - 2016-04-13 14:48 - 00000000 ____D C:\ProgramData\Xilisoft
2016-04-13 14:48 - 2016-04-13 14:48 - 00000000 ____D C:\Program Files\Xilisoft
2016-04-13 14:47 - 2016-04-13 14:48 - 76447920 _____ C:\Users\Laurent\Downloads\x-ipad-to-pc-transfer-601170.exe
2016-04-13 14:23 - 2016-04-13 16:16 - 00000000 ____D C:\WINDOWS\Panther
2016-04-13 14:23 - 2016-03-29 08:22 - 02987008 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2016-04-13 14:23 - 2016-03-16 06:21 - 02903232 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSService.dll
2016-04-13 14:23 - 2016-03-16 06:21 - 01767000 _____ C:\WINDOWS\system32\CoreUIComponents.dll
2016-04-13 14:23 - 2016-03-16 06:11 - 21088728 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2016-04-13 14:23 - 2016-03-16 06:10 - 00116768 _____ (Microsoft Corporation) C:\WINDOWS\system32\AuthHost.exe
2016-04-13 14:23 - 2016-03-16 06:01 - 00762208 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\http.sys
2016-04-13 14:23 - 2016-03-16 05:22 - 00701440 _____ (Microsoft Corporation) C:\WINDOWS\system32\samsrv.dll
2016-04-13 14:23 - 2016-03-16 05:21 - 18796544 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2016-04-13 14:23 - 2016-03-16 05:17 - 03680256 _____ (Microsoft Corporation) C:\WINDOWS\system32\msi.dll
2016-04-13 14:23 - 2016-03-16 05:17 - 00842240 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxPackaging.dll
2016-04-13 14:23 - 2016-03-16 05:17 - 00133120 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxSip.dll
2016-04-13 14:23 - 2016-03-16 05:17 - 00060928 _____ (Microsoft Corporation) C:\WINDOWS\system32\samlib.dll
2016-04-13 14:23 - 2016-03-16 05:11 - 01594368 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml3.dll
2016-04-13 14:22 - 2016-03-29 08:22 - 01133056 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2016-04-13 14:22 - 2016-03-25 09:13 - 19325440 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2016-04-13 14:22 - 2016-03-25 08:55 - 11263488 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2016-04-13 14:22 - 2016-03-25 08:54 - 05457408 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2016-04-13 14:22 - 2016-03-16 06:22 - 00873400 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2016-04-13 14:22 - 2016-03-16 06:22 - 00757192 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2016-04-13 14:22 - 2016-03-16 06:21 - 01529872 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2016-04-13 14:22 - 2016-03-16 06:21 - 01037656 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2016-04-13 14:22 - 2016-03-16 06:21 - 00910040 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2016-04-13 14:22 - 2016-03-16 06:19 - 00503600 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Shell.Broker.dll
2016-04-13 14:22 - 2016-03-16 06:11 - 02879024 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2016-04-13 14:22 - 2016-03-16 06:11 - 00700256 _____ (Microsoft Corporation) C:\WINDOWS\system32\WWAHost.exe
2016-04-13 14:22 - 2016-03-16 06:10 - 00520640 _____ (Microsoft Corporation) C:\WINDOWS\system32\ClipSVC.dll
2016-04-13 14:22 - 2016-03-16 06:06 - 00181088 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxAllUserStore.dll
2016-04-13 14:22 - 2016-03-16 06:05 - 00854368 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecConfig.efi
2016-04-13 14:22 - 2016-03-16 06:05 - 00539728 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontdrvhost.exe
2016-04-13 14:22 - 2016-03-16 05:41 - 00125440 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotification.exe
2016-04-13 14:22 - 2016-03-16 05:38 - 00063488 _____ (Microsoft Corporation) C:\WINDOWS\system32\browserbroker.dll
2016-04-13 14:22 - 2016-03-16 05:37 - 00673792 _____ (Microsoft Corporation) C:\WINDOWS\system32\SharedStartModel.dll
2016-04-13 14:22 - 2016-03-16 05:31 - 00195584 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataAccountApis.dll
2016-04-13 14:22 - 2016-03-16 05:31 - 00172032 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhoneCallHistoryApis.dll
2016-04-13 14:22 - 2016-03-16 05:31 - 00161280 _____ (Microsoft Corporation) C:\WINDOWS\system32\SharedStartModelShim.dll
2016-04-13 14:22 - 2016-03-16 05:31 - 00018944 _____ (Microsoft Corporation) C:\WINDOWS\system32\ExtrasXmlParser.dll
2016-04-13 14:22 - 2016-03-16 05:29 - 00212480 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatehandlers.dll
2016-04-13 14:22 - 2016-03-16 05:28 - 00163328 _____ (Microsoft Corporation) C:\WINDOWS\system32\fwbase.dll
2016-04-13 14:22 - 2016-03-16 05:27 - 00261632 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusUpdateHandlers.dll
2016-04-13 14:22 - 2016-03-16 05:27 - 00241664 _____ (Microsoft Corporation) C:\WINDOWS\system32\usocore.dll
2016-04-13 14:22 - 2016-03-16 05:27 - 00161792 _____ (Microsoft Corporation) C:\WINDOWS\system32\msorcl32.dll
2016-04-13 14:22 - 2016-03-16 05:24 - 00661504 _____ (Microsoft Corporation) C:\WINDOWS\system32\MPSSVC.dll
2016-04-13 14:22 - 2016-03-16 05:24 - 00365056 _____ (Microsoft Corporation) C:\WINDOWS\system32\FirewallAPI.dll
2016-04-13 14:22 - 2016-03-16 05:24 - 00163840 _____ (Microsoft Corporation) C:\WINDOWS\system32\fwpolicyiomgr.dll
2016-04-13 14:22 - 2016-03-16 05:24 - 00019456 _____ (Microsoft Corporation) C:\WINDOWS\system32\wfapigp.dll
2016-04-13 14:22 - 2016-03-16 05:22 - 01083904 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2016-04-13 14:22 - 2016-03-16 05:21 - 00445952 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Cortana.Desktop.dll
2016-04-13 14:22 - 2016-03-16 05:20 - 00118272 _____ (Microsoft Corporation) C:\WINDOWS\system32\mtxoci.dll
2016-04-13 14:22 - 2016-03-16 05:19 - 00990208 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Shell.dll
2016-04-13 14:22 - 2016-03-16 05:19 - 00738816 _____ (Microsoft Corporation) C:\WINDOWS\system32\RDXService.dll
2016-04-13 14:22 - 2016-03-16 05:18 - 01918976 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2016-04-13 14:22 - 2016-03-16 05:18 - 00768000 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll
2016-04-13 14:22 - 2016-03-16 05:18 - 00140800 _____ (Microsoft Corporation) C:\WINDOWS\system32\shutdownux.dll
2016-04-13 14:22 - 2016-03-16 05:18 - 00104960 _____ (Microsoft Corporation) C:\WINDOWS\system32\AuthBroker.dll
2016-04-13 14:22 - 2016-03-16 05:17 - 00251904 _____ (Microsoft Corporation) C:\WINDOWS\system32\vaultsvc.dll
2016-04-13 14:22 - 2016-03-16 05:17 - 00243712 _____ (Microsoft Corporation) C:\WINDOWS\system32\profsvc.dll
2016-04-13 14:22 - 2016-03-16 05:17 - 00203776 _____ (Microsoft Corporation) C:\WINDOWS\system32\vaultcli.dll
2016-04-13 14:22 - 2016-03-16 05:17 - 00168448 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Scanners.dll
2016-04-13 14:22 - 2016-03-16 05:16 - 00311808 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentClient.dll
2016-04-13 14:22 - 2016-03-16 05:16 - 00067584 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxSysprep.dll
2016-04-13 14:22 - 2016-03-16 05:15 - 01127936 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataService.dll
2016-04-13 14:22 - 2016-03-16 05:14 - 01275392 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActiveSyncProvider.dll
2016-04-13 14:22 - 2016-03-16 05:14 - 00625152 _____ (Microsoft Corporation) C:\WINDOWS\system32\ContactApis.dll
2016-04-13 14:22 - 2016-03-16 05:14 - 00579584 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppointmentApis.dll
2016-04-13 14:22 - 2016-03-16 05:14 - 00557568 _____ (Microsoft Corporation) C:\WINDOWS\system32\ChatApis.dll
2016-04-13 14:22 - 2016-03-16 05:14 - 00228352 _____ (Microsoft Corporation) C:\WINDOWS\system32\PimIndexMaintenance.dll
2016-04-13 14:22 - 2016-03-16 05:14 - 00084480 _____ (Microsoft Corporation) C:\WINDOWS\system32\FontProvider.dll
2016-04-13 14:22 - 2016-03-16 05:13 - 00928256 _____ (Microsoft Corporation) C:\WINDOWS\system32\Unistore.dll
2016-04-13 14:22 - 2016-03-16 05:13 - 00525312 _____ (Microsoft Corporation) C:\WINDOWS\system32\EmailApis.dll
2016-04-13 14:22 - 2016-03-16 05:13 - 00223744 _____ (Microsoft Corporation) C:\WINDOWS\system32\ExSMime.dll
2016-04-13 14:22 - 2016-03-16 05:13 - 00202240 _____ (Microsoft Corporation) C:\WINDOWS\system32\deviceaccess.dll
2016-04-13 14:22 - 2016-03-16 05:13 - 00201216 _____ (Microsoft Corporation) C:\WINDOWS\system32\cemapi.dll
2016-04-13 14:22 - 2016-03-16 05:13 - 00150528 _____ (Microsoft Corporation) C:\WINDOWS\system32\VCardParser.dll
2016-04-13 14:22 - 2016-03-16 05:13 - 00131072 _____ (Microsoft Corporation) C:\WINDOWS\system32\CallHistoryClient.dll
2016-04-13 14:22 - 2016-03-16 05:13 - 00091648 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataTimeUtil.dll
2016-04-13 14:22 - 2016-03-16 05:13 - 00062464 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpninprc.dll
2016-04-13 14:22 - 2016-03-16 05:13 - 00056320 _____ (Microsoft Corporation) C:\WINDOWS\system32\POSyncServices.dll
2016-04-13 14:22 - 2016-03-16 05:13 - 00055808 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataPlatformHelperUtil.dll
2016-04-13 14:22 - 2016-03-16 05:13 - 00052736 _____ (Microsoft Corporation) C:\WINDOWS\system32\PimIndexMaintenanceClient.dll
2016-04-13 14:22 - 2016-03-16 05:13 - 00037888 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataTypeHelperUtil.dll
2016-04-13 14:22 - 2016-03-16 05:13 - 00037888 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataLanguageUtil.dll
2016-04-13 14:22 - 2016-03-16 05:12 - 01498624 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.dll
2016-04-13 14:22 - 2016-03-16 05:12 - 00195584 _____ (Microsoft Corporation) C:\WINDOWS\system32\PackageStateRoaming.dll
2016-04-13 14:22 - 2016-03-16 05:12 - 00147456 _____ (Microsoft Corporation) C:\WINDOWS\system32\psmsrv.dll
2016-04-13 14:22 - 2016-03-16 05:12 - 00115712 _____ (Microsoft Corporation) C:\WINDOWS\system32\dssvc.dll
2016-04-13 14:22 - 2016-03-16 05:10 - 00295424 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieproxy.dll
2016-04-13 14:22 - 2016-03-16 05:08 - 00055296 _____ (Microsoft Corporation) C:\WINDOWS\system32\basesrv.dll
2016-04-13 14:18 - 2016-04-13 14:19 - 00000000 ____D C:\Users\Laurent\AppData\Roaming\Apple Computer
2016-04-13 14:18 - 2016-04-13 14:18 - 00001822 _____ C:\Users\Public\Desktop\iTunes.lnk
2016-04-13 14:18 - 2016-04-13 14:18 - 00000000 ____D C:\Users\Laurent\AppData\Local\Apple Computer
2016-04-13 14:18 - 2016-04-13 14:18 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2016-04-13 14:17 - 2016-04-13 14:18 - 00000000 ____D C:\Program Files\iTunes
2016-04-13 14:17 - 2016-04-13 14:17 - 00000000 ____D C:\ProgramData\Apple Computer
2016-04-13 14:17 - 2016-04-13 14:17 - 00000000 ____D C:\Program Files\iPod
2016-04-13 14:11 - 2016-04-13 14:11 - 00002535 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Apple Software Update.lnk
2016-04-13 14:11 - 2016-04-13 14:11 - 00000000 ____D C:\Users\Laurent\AppData\Local\Apple
2016-04-13 14:11 - 2016-04-13 14:11 - 00000000 ____D C:\Program Files\Bonjour
2016-04-13 14:11 - 2016-04-13 14:11 - 00000000 ____D C:\Program Files\Apple Software Update
2016-04-13 14:10 - 2016-04-13 14:17 - 00000000 ____D C:\Program Files\Common Files\Apple
2016-04-13 14:10 - 2016-04-13 14:11 - 00000000 ____D C:\ProgramData\Apple
2016-04-13 14:09 - 2016-04-13 14:09 - 118414152 _____ (Apple Inc.) C:\Users\Laurent\Downloads\iTunesSetup.exe
2016-04-11 16:30 - 2016-04-11 16:30 - 00917993 _____ C:\Users\Laurent\Downloads\EXAMEN HALKIN.pdf
2016-04-11 14:10 - 2016-04-11 14:10 - 00162636 _____ C:\Users\Laurent\Downloads\TMS Crazy Race Tracks.zip
2016-04-11 12:00 - 2016-04-11 12:00 - 00236864 _____ C:\Users\Laurent\Downloads\TMS Micro Series.zip
2016-04-11 11:57 - 2016-04-11 11:57 - 00247801 _____ C:\Users\Laurent\Downloads\TMS Mini Series.zip
2016-04-11 11:49 - 2016-04-11 11:49 - 00013342 _____ C:\Users\Laurent\Downloads\Chaos Area.Challenge.Gbx
2016-04-10 18:24 - 2016-04-10 18:24 - 00000000 ____D C:\Users\Laurent\AppData\LocalLow\Temp
2016-04-07 14:49 - 2016-04-18 12:56 - 00004550 _____ C:\Users\Laurent\Desktop\ZHPCleaner.txt
2016-04-07 13:52 - 2016-04-18 12:24 - 00117091 _____ C:\Users\Laurent\Desktop\ZHPDiag.txt
2016-04-07 13:48 - 2016-04-18 13:05 - 03119168 _____ C:\Users\Laurent\Downloads\adwcleaner_5.109.exe
2016-04-07 13:47 - 2016-04-07 13:53 - 02111488 _____ C:\Users\Laurent\Downloads\ZHPCleaner.exe
2016-04-07 13:46 - 2016-04-07 13:46 - 02179072 _____ C:\Users\Laurent\Downloads\ZHPDiag3.exe
2016-04-05 17:27 - 2016-04-05 17:27 - 00000000 ____D C:\Users\Laurent\AppData\Roaming\MCorp
2016-04-04 23:06 - 2016-04-04 23:06 - 00000000 ____D C:\Users\Laurent\AppData\Local\F727A298-4DB4-456A-AC54-A93EA5F8554D
2016-04-04 22:50 - 2016-04-04 22:50 - 00000000 ____D C:\Program Files\osTip
2016-04-04 22:49 - 2016-04-16 17:40 - 00000000 ____D C:\Users\Laurent\AppData\Roaming\LightGate
2016-04-04 22:49 - 2016-04-04 22:49 - 00000000 ____D C:\Users\Laurent\AppData\Roaming\UPUpdata
2016-04-04 22:49 - 2016-04-04 22:49 - 00000000 ____D C:\ProgramData\Windows Update
2016-04-04 18:15 - 2016-04-04 18:15 - 00005120 _____ C:\Users\Laurent\AppData\Roaming\GiftBag.db
2016-04-04 17:56 - 2016-04-04 22:57 - 00000000 ____D C:\Users\Laurent\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\UC浏览器
2016-04-04 17:52 - 2016-04-04 17:52 - 00000000 ____D C:\Users\Laurent\AppData\Local\UCBrowser
2016-04-04 17:52 - 2016-03-08 06:05 - 00075504 _____ (Huorong Borui (Beijing) Technology Co., Ltd.) C:\WINDOWS\system32\Drivers\ucguard.sys
2016-04-04 16:57 - 2016-04-04 18:19 - 00000000 ____D C:\Program Files\badu
2016-04-04 11:06 - 2016-04-04 11:06 - 00104111 _____ C:\Users\Laurent\Downloads\TMO Survival 11 - 18.zip
2016-04-04 11:05 - 2016-04-04 11:05 - 00155627 _____ C:\Users\Laurent\Downloads\TMO Snow Race C - E.zip
2016-04-04 11:04 - 2016-04-04 11:04 - 00116318 _____ C:\Users\Laurent\Downloads\TMO Rally Race C - E.zip
2016-04-04 11:04 - 2016-04-04 11:04 - 00099511 _____ C:\Users\Laurent\Downloads\TMO Rally Race A - B.zip
2016-04-04 11:03 - 2016-04-04 11:03 - 00226561 _____ C:\Users\Laurent\Downloads\TMO Puzzles E - G.zip
2016-04-04 11:02 - 2016-04-04 11:02 - 00211223 _____ C:\Users\Laurent\Downloads\TMO Puzzles C - D.zip
2016-04-04 11:00 - 2016-04-04 11:00 - 00121220 _____ C:\Users\Laurent\Downloads\TMO Desert Race C - E.zip
2016-04-04 10:59 - 2016-04-04 10:59 - 00108675 _____ C:\Users\Laurent\Downloads\TMO Desert Race A - B.zip
2016-04-04 10:58 - 2016-04-04 10:58 - 00173947 _____ C:\Users\Laurent\Downloads\TMO Survival 01 - 10.zip
2016-04-04 10:56 - 2016-04-04 10:56 - 00187128 _____ C:\Users\Laurent\Downloads\TMO Stunts.zip
2016-04-04 10:54 - 2016-04-04 10:59 - 00222328 _____ C:\Users\Laurent\Downloads\TMO Platform.zip
2016-04-04 10:53 - 2016-04-04 10:53 - 00191548 _____ C:\Users\Laurent\Downloads\TMO Puzzles A - C.zip
2016-04-04 10:35 - 2016-04-04 10:35 - 00123578 _____ C:\Users\Laurent\Downloads\TMO Snow Race A - B.zip
2016-04-03 23:13 - 2016-04-03 23:17 - 00000000 ____D C:\ProgramData\TrackMania
2016-04-03 23:11 - 2016-04-12 22:52 - 00000000 ____D C:\Users\Laurent\Documents\TrackMania
2016-04-03 23:10 - 2016-04-03 23:10 - 00000903 _____ C:\Users\Public\Desktop\TmUnitedForever.lnk
2016-04-03 23:10 - 2016-04-03 23:10 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TmUnitedForever
2016-04-03 18:23 - 2016-04-03 22:27 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TrackMania Sunrise
2016-04-03 13:54 - 2016-04-03 13:54 - 00000000 ____D C:\Users\Laurent\Downloads\TRACKMANIA mini-image
2016-04-03 13:33 - 2016-04-03 13:33 - 00000000 ____D C:\Users\Laurent\Desktop\trackmanul
2016-04-02 22:29 - 2016-04-02 22:26 - 00001006 _____ C:\WINDOWS\system32\Drivers\etc\hp.bak
2016-04-02 18:49 - 2016-04-04 23:15 - 00000000 ____D C:\ProgramData\Big Fish
2016-04-02 18:48 - 2016-04-04 23:15 - 00000000 ____D C:\BigFishCache
2016-04-02 18:48 - 2016-04-02 18:50 - 00000000 ____D C:\Users\Laurent\AppData\Local\Big Fish
2016-04-02 18:38 - 2016-04-02 18:38 - 00000000 ____D C:\ProgramData\GoBit Games
2016-04-02 16:43 - 2016-04-02 16:43 - 00000632 _____ C:\WINDOWS\CoDUO.INI
2016-04-02 00:27 - 2016-04-02 22:25 - 00000718 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2016-04-02 00:27 - 2016-04-02 00:27 - 00000000 ____D C:\Users\Laurent\AppData\Local\Mozilla
2016-03-30 21:10 - 2016-04-13 14:58 - 00000000 ____D C:\Users\Laurent\AppData\Local\CrashDumps
2016-03-30 12:52 - 2016-03-30 12:56 - 02102784 _____ C:\Users\Laurent\ZHPCleaner.exe
2016-03-30 12:43 - 2016-04-18 12:02 - 02190336 _____ C:\Users\Laurent\ZHPDiag3.exe
2016-03-30 12:08 - 2016-03-30 12:08 - 00000000 ____D C:\Users\Laurent\AppData\Roaming\ffgogogo
2016-03-30 12:07 - 2016-03-30 12:08 - 00000000 ____D C:\Users\Public\Documents\ffgogogo
2016-03-29 11:37 - 2016-03-29 11:37 - 00000000 ____D C:\temp
2016-03-28 18:38 - 2016-03-28 18:38 - 00001133 _____ C:\Users\Public\Desktop\Farm Frenzy 3 Roulette Russe.lnk
2016-03-28 18:38 - 2016-03-28 18:38 - 00001090 _____ C:\Users\Public\Desktop\Farm Frenzy 3 American Pie.lnk
2016-03-28 18:38 - 2016-03-28 18:38 - 00001081 _____ C:\Users\Public\Desktop\Farm Frenzy 3 Madagascar.lnk
2016-03-28 18:38 - 2016-03-28 18:38 - 00001078 _____ C:\Users\Public\Desktop\Farm Frenzy Gone Fishing.lnk
2016-03-28 18:38 - 2016-03-28 18:38 - 00001076 _____ C:\Users\Public\Desktop\Farm Frenzy Viking Heroes.lnk
2016-03-28 18:38 - 2016-03-28 18:38 - 00001076 _____ C:\Users\Public\Desktop\Farm Frenzy Rome Antique.lnk
2016-03-28 18:38 - 2016-03-28 18:38 - 00001053 _____ C:\Users\Public\Desktop\Farm Frenzy Pizza Party !.lnk
2016-03-28 18:38 - 2016-03-28 18:38 - 00001049 _____ C:\Users\Public\Desktop\Farm Frenzy 3 L'age de glace.lnk
2016-03-28 18:38 - 2016-03-28 18:38 - 00000973 _____ C:\Users\Public\Desktop\Farm Frenzy 3.lnk
2016-03-28 17:30 - 2016-03-28 17:30 - 00004096 _____ C:\WINDOWS\d3dx.dat
2016-03-28 17:30 - 2016-03-28 17:30 - 00000000 ____D C:\Users\Laurent\AppData\Roaming\World-LooM
2016-03-28 17:27 - 2016-03-28 17:27 - 00002207 _____ C:\Users\Laurent\AppData\Roaming\Microsoft\Windows\Start Menu\MyPlayCity Games.lnk
2016-03-28 17:27 - 2016-03-28 17:27 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MyPlayCity.com
2016-03-28 17:27 - 2016-03-28 17:27 - 00000000 ____D C:\Program Files\MyPlayCity.com
2016-03-28 17:07 - 2015-12-18 08:10 - 00090768 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvaudcap32v.dll
==================== Un mois - Modifiés - fichiers et dossiers ========
(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)
2016-04-22 17:37 - 2015-08-23 14:27 - 00000000 ____D C:\Users\Laurent\AppData\Roaming\ZHP
2016-04-22 17:36 - 2015-07-10 11:55 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2016-04-22 17:31 - 2015-08-09 20:56 - 00000000 ____D C:\Users\Laurent
2016-04-22 15:40 - 2015-07-10 08:59 - 00524288 ___SH C:\WINDOWS\system32\config\BBI
2016-04-18 14:13 - 2015-08-09 20:52 - 00000000 ____D C:\ProgramData\NVIDIA Corporation
2016-04-18 12:24 - 2015-11-25 16:12 - 00000000 ____D C:\Program Files\cracked steam
2016-04-18 12:17 - 2015-07-10 10:28 - 00000000 ____D C:\WINDOWS\system32\NDF
2016-04-18 11:52 - 2015-08-10 11:06 - 00000000 ____D C:\Users\Laurent\AppData\LocalLow\Adblock Plus for IE
2016-04-15 15:37 - 2015-08-09 19:19 - 00000000 __RHD C:\Users\Public\AccountPictures
2016-04-15 15:35 - 2015-07-10 10:27 - 00000000 ____D C:\WINDOWS\INF
2016-04-15 15:31 - 2015-07-10 08:59 - 00000000 ____D C:\WINDOWS\system32\Dism
2016-04-14 17:10 - 2015-07-10 10:28 - 00000000 ____D C:\WINDOWS\AppReadiness
2016-04-13 16:19 - 2015-07-10 10:20 - 00000000 ____D C:\WINDOWS\CbsTemp
2016-04-13 16:09 - 2016-02-13 15:03 - 00000000 ___HD C:\$WINDOWS.~BT
2016-04-13 15:53 - 2015-08-12 11:46 - 00000000 ____D C:\WINDOWS\system32\MRT
2016-04-13 15:47 - 2015-08-12 11:46 - 132539272 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2016-04-13 14:27 - 2015-07-10 10:28 - 00000000 ___HD C:\Program Files\WindowsApps
2016-04-13 14:03 - 2015-08-09 19:18 - 00000000 ____D C:\Users\Laurent\AppData\Local\Packages
2016-04-10 11:32 - 2015-11-25 14:02 - 00000000 ____D C:\Program Files\Common Files\Steam
2016-04-06 20:32 - 2015-07-10 10:29 - 00829944 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerApp.exe
2016-04-06 20:32 - 2015-07-10 10:29 - 00176632 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerCPLApp.cpl
2016-04-04 23:06 - 2016-03-13 13:09 - 00000000 ____D C:\Users\Laurent\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108
2016-04-04 19:49 - 2013-08-22 08:13 - 00000194 _____ C:\WINDOWS\win.ini
2016-04-04 00:06 - 2015-08-15 15:56 - 00000000 ____D C:\Users\Laurent\AppData\Roaming\uTorrent
2016-04-02 22:50 - 2015-12-24 14:22 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spore
2016-04-02 22:26 - 2015-08-24 08:29 - 00001906 __RSH C:\ProgramData\ntuser.pol
2016-04-02 15:09 - 2015-10-23 17:07 - 00000000 ____D C:\WINDOWS\Minidump
2016-04-02 13:00 - 2016-01-08 19:16 - 00000000 ____D C:\Users\Laurent\Desktop\9.2
2016-04-02 00:27 - 2016-02-26 14:33 - 00000000 ____D C:\Users\Laurent\AppData\Roaming\Mozilla
2016-03-30 12:56 - 2015-08-19 11:31 - 00000000 ____D C:\Program Files\baidu
2016-03-30 12:48 - 2015-08-09 21:06 - 01839260 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2016-03-30 12:48 - 2015-07-10 15:30 - 00819778 _____ C:\WINDOWS\system32\perfh00C.dat
2016-03-30 12:48 - 2015-07-10 15:30 - 00154144 _____ C:\WINDOWS\system32\perfc00C.dat
2016-03-30 11:38 - 2015-10-22 17:34 - 00000004 _____ C:\WINDOWS\system32\029B560A371F4E00AB32838EBC01B9E7
2016-03-29 12:06 - 2015-11-08 16:00 - 00000000 ____D C:\Program Files\Google
2016-03-29 12:05 - 2015-11-08 15:59 - 00000000 ____D C:\Users\Laurent\AppData\Local\Google
2016-03-28 18:38 - 2015-09-11 11:26 - 00000000 ____D C:\Users\Laurent\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Farm Frenzy Collection
2016-03-28 18:38 - 2015-09-11 11:26 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Farm Frenzy Collection
2016-03-28 17:19 - 2015-08-09 21:13 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
2016-03-28 17:09 - 2015-08-09 21:09 - 00000000 ____D C:\Users\Laurent\AppData\Local\NVIDIA
2016-03-28 17:01 - 2015-08-09 20:52 - 00000000 ____D C:\ProgramData\NVIDIA
==================== Fichiers à la racine de certains dossiers =======
2015-08-22 17:40 - 2015-08-22 17:41 - 214027005 _____ () C:\Program Files\Tencent.zip
2016-02-26 14:33 - 2016-02-26 14:33 - 8003072 _____ () C:\Users\Laurent\AppData\Roaming\agent.dat
2016-02-26 14:33 - 2016-02-26 14:33 - 0064752 _____ () C:\Users\Laurent\AppData\Roaming\Config.xml
2016-02-26 14:33 - 2016-02-26 14:33 - 0072720 _____ () C:\Users\Laurent\AppData\Roaming\EcoBam.tst
2016-04-04 18:15 - 2016-04-04 18:15 - 0005120 _____ () C:\Users\Laurent\AppData\Roaming\GiftBag.db
2016-02-26 14:32 - 2016-02-26 14:32 - 0015744 _____ () C:\Users\Laurent\AppData\Roaming\InstallationConfiguration.xml
2016-02-26 14:32 - 2016-02-26 14:32 - 0127488 _____ () C:\Users\Laurent\AppData\Roaming\Installer.dat
2016-02-26 14:33 - 2016-02-26 14:33 - 0126464 _____ () C:\Users\Laurent\AppData\Roaming\lobby.dat
2016-02-26 14:33 - 2016-02-26 14:33 - 0018432 _____ () C:\Users\Laurent\AppData\Roaming\Main.dat
2016-02-26 14:33 - 2016-02-26 14:33 - 0005568 _____ () C:\Users\Laurent\AppData\Roaming\md.xml
2016-02-26 14:33 - 2016-02-26 14:33 - 0126464 _____ () C:\Users\Laurent\AppData\Roaming\noah.dat
2016-02-26 14:33 - 2016-02-26 14:33 - 0032038 _____ () C:\Users\Laurent\AppData\Roaming\uninstall_temp.ico
2016-02-26 14:33 - 2016-02-26 14:33 - 1894599 _____ () C:\Users\Laurent\AppData\Roaming\VentoZap.tst
2016-02-26 14:32 - 2016-02-26 14:32 - 0848437 _____ () C:\Users\Laurent\AppData\Roaming\Zum-Lam.bin
2016-04-16 17:41 - 2016-04-15 16:48 - 1265152 _____ () C:\ProgramData\conhost.exe
2015-08-09 20:52 - 2015-08-09 20:52 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
2016-04-16 17:40 - 2016-04-06 00:37 - 0114176 _____ () C:\ProgramData\hp.exe
2016-04-16 17:41 - 2016-04-14 18:08 - 1274368 _____ () C:\ProgramData\MiniFriv01.exe
2016-04-18 11:35 - 2016-04-18 11:35 - 0002167 _____ () C:\ProgramData\service.exe.lnk
2016-04-18 11:34 - 2016-04-18 11:34 - 0002169 _____ () C:\ProgramData\testLive.exe.lnk
Fichiers à déplacer ou supprimer:
====================
C:\ProgramData\conhost.exe
C:\ProgramData\hp.exe
C:\ProgramData\MiniFriv01.exe
C:\Users\Laurent\ZHPCleaner.exe
C:\Users\Laurent\ZHPDiag3.exe
Certains fichiers dans TEMP:
====================
C:\Users\Laurent\AppData\Local\Temp\14C1.tmp.exe
C:\Users\Laurent\AppData\Local\Temp\15.tmp.exe
C:\Users\Laurent\AppData\Local\Temp\19B0.tmp.exe
C:\Users\Laurent\AppData\Local\Temp\2924.tmp.exe
C:\Users\Laurent\AppData\Local\Temp\2E45.tmp.exe
C:\Users\Laurent\AppData\Local\Temp\33F8.tmp.exe
C:\Users\Laurent\AppData\Local\Temp\4788.tmp.exe
C:\Users\Laurent\AppData\Local\Temp\56EE691F4203B924.exe
C:\Users\Laurent\AppData\Local\Temp\583B.tmp.exe
C:\Users\Laurent\AppData\Local\Temp\604A.tmp.exe
C:\Users\Laurent\AppData\Local\Temp\63B4.tmp.exe
C:\Users\Laurent\AppData\Local\Temp\65F7.tmp.exe
C:\Users\Laurent\AppData\Local\Temp\66CA.tmp.exe
C:\Users\Laurent\AppData\Local\Temp\7028.tmp.exe
C:\Users\Laurent\AppData\Local\Temp\77EB.tmp.exe
C:\Users\Laurent\AppData\Local\Temp\834C.tmp.exe
C:\Users\Laurent\AppData\Local\Temp\8459.tmp.exe
C:\Users\Laurent\AppData\Local\Temp\855.tmp.exe
C:\Users\Laurent\AppData\Local\Temp\9193.tmp.exe
C:\Users\Laurent\AppData\Local\Temp\91CD.tmp.exe
C:\Users\Laurent\AppData\Local\Temp\990A.tmp.exe
C:\Users\Laurent\AppData\Local\Temp\9E01.tmp.exe
C:\Users\Laurent\AppData\Local\Temp\A694.tmp.exe
C:\Users\Laurent\AppData\Local\Temp\A782.tmp.exe
C:\Users\Laurent\AppData\Local\Temp\AE3F.tmp.exe
C:\Users\Laurent\AppData\Local\Temp\AF2D.tmp.exe
C:\Users\Laurent\AppData\Local\Temp\B802.tmp.exe
C:\Users\Laurent\AppData\Local\Temp\BANDIZIP-SETUP.EXE
C:\Users\Laurent\AppData\Local\Temp\BF3.tmp.exe
C:\Users\Laurent\AppData\Local\Temp\Browser_V5.6.10551.6_f_4730_(Build1602291105).exe
C:\Users\Laurent\AppData\Local\Temp\C005.tmp.exe
C:\Users\Laurent\AppData\Local\Temp\C088.tmp.exe
C:\Users\Laurent\AppData\Local\Temp\C1CD.tmp.exe
C:\Users\Laurent\AppData\Local\Temp\C5EB.tmp.exe
C:\Users\Laurent\AppData\Local\Temp\C6E4.tmp.exe
C:\Users\Laurent\AppData\Local\Temp\C795.tmp.exe
C:\Users\Laurent\AppData\Local\Temp\CBBF.tmp.exe
C:\Users\Laurent\AppData\Local\Temp\CCFA.tmp.exe
C:\Users\Laurent\AppData\Local\Temp\ConductrServer-2.2.1.exe
C:\Users\Laurent\AppData\Local\Temp\DD1A.tmp.exe
C:\Users\Laurent\AppData\Local\Temp\E747.tmp.exe
C:\Users\Laurent\AppData\Local\Temp\ED37.tmp.exe
C:\Users\Laurent\AppData\Local\Temp\F218.tmp.exe
C:\Users\Laurent\AppData\Local\Temp\F258.tmp.exe
C:\Users\Laurent\AppData\Local\Temp\fsd22CE.exe
C:\Users\Laurent\AppData\Local\Temp\fsdF3DC.exe
C:\Users\Laurent\AppData\Local\Temp\ICReinstall_19B0.tmp.exe
C:\Users\Laurent\AppData\Local\Temp\libeay32.dll
C:\Users\Laurent\AppData\Local\Temp\msvcr120.dll
C:\Users\Laurent\AppData\Local\Temp\nvSCPAPI.dll
C:\Users\Laurent\AppData\Local\Temp\nvStInst.exe
C:\Users\Laurent\AppData\Local\Temp\set.exe
C:\Users\Laurent\AppData\Local\Temp\sqlite3.dll
==================== Bamital & volsnap =================
(Il n'y a pas de correction automatique pour les fichiers qui ne satisfont pas à la vérification.)
C:\WINDOWS\explorer.exe => Le fichier est signé numériquement
C:\WINDOWS\system32\winlogon.exe => Le fichier est signé numériquement
C:\WINDOWS\system32\wininit.exe => Le fichier est signé numériquement
C:\WINDOWS\system32\svchost.exe => Le fichier est signé numériquement
C:\WINDOWS\system32\services.exe => Le fichier est signé numériquement
C:\WINDOWS\system32\User32.dll => Le fichier est signé numériquement
C:\WINDOWS\system32\userinit.exe => Le fichier est signé numériquement
C:\WINDOWS\system32\rpcss.dll => Le fichier est signé numériquement
C:\WINDOWS\system32\dnsapi.dll => Le fichier est signé numériquement
C:\WINDOWS\system32\Drivers\volsnap.sys => Le fichier est signé numériquement
LastRegBack: 2016-04-16 17:51
==================== Fin de FRST.txt ============================