Publicité
Publicité
Format du document : text/plain
Prévisualisation
Résultats d'analyse de Farbar Recovery Scan Tool (FRST) (x64) Version: 19-02-2017
Exécuté par Naharintsoa (administrateur) sur DESKTOP-A45705F (20-02-2017 20:57:59)
Exécuté depuis C:\Users\Naharintsoa\Downloads\Programs
Profils chargés: Naharintsoa (Profils disponibles: Naharintsoa)
Platform: Windows 10 Pro (X64) Langue: Français (France)
Internet Explorer Version 11 (Navigateur par défaut: IE)
Mode d'amorçage: Normal
Tutoriel pour Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processus (Avec liste blanche) =================
(Si un élément est inclus dans le fichier fixlist.txt, le processus sera arrêté. Le fichier ne sera pas déplacé.)
(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Ellora Assets Corp.) C:\Program Files (x86)\Freemake\CaptureLib\CaptureLibService.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
(RaMMicHaeL) C:\Program Files (x86)\Unchecky\bin\unchecky_svc.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(VMware, Inc.) C:\Windows\SysWOW64\vmnat.exe
(VMware, Inc.) C:\Windows\SysWOW64\vmnetdhcp.exe
(VMware, Inc.) C:\Program Files (x86)\VMware\VMware Player\vmware-authd.exe
() C:\Windows\Temp\gF470.tmp.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(RaMMicHaeL) C:\Program Files (x86)\Unchecky\bin\unchecky_bg.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Tonec Inc.) C:\Program Files (x86)\Internet Download Manager\IDMan.exe
(Tonec Inc.) C:\Program Files (x86)\Internet Download Manager\IEMonitor.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.32.7\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.32.7\GoogleCrashHandler64.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.ZuneVideo_3.6.25071.0_x64__8wekyb3d8bbwe\Video.UI.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsStore_11602.1.26.0_x64__8wekyb3d8bbwe\WinStore.Mobile.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
==================== Registre (Avec liste blanche) ====================
(Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé. Le fichier ne sera pas déplacé.)
HKLM-x32\...\Run: [ProductUpdater] => C:\Program Files (x86)\Common Files\Freemake Shared\ProductUpdater\ProductUpdater.exe
HKU\S-1-5-21-1389410128-70137882-352627930-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [8944344 2016-09-28] (Piriform Ltd)
HKU\S-1-5-21-1389410128-70137882-352627930-1001\...\Run: [IDMan] => C:\Program Files (x86)\Internet Download Manager\IDMan.exe [4019312 2017-02-13] (Tonec Inc.)
HKU\S-1-5-21-1389410128-70137882-352627930-1001\...\RunOnce: [Uninstall C:\Users\Naharintsoa\AppData\Local\Microsoft\OneDrive\17.3.5892.0626\amd64] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Naharintsoa\AppData\Local\Microsoft\OneDrive\17.3.5892.0626\amd64"
HKU\S-1-5-21-1389410128-70137882-352627930-1001\...\RunOnce: [Uninstall C:\Users\Naharintsoa\AppData\Local\Microsoft\OneDrive\17.3.6390.0509\amd64] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Naharintsoa\AppData\Local\Microsoft\OneDrive\17.3.6390.0509\amd64"
HKU\S-1-5-21-1389410128-70137882-352627930-1001\...\MountPoints2: {0176a64f-a327-11e6-8d7c-441ea1ce7076} - "F:\.\Driver\DriverInstaller.exe" -eject
HKU\S-1-5-21-1389410128-70137882-352627930-1001\...\MountPoints2: {018f0e6e-bd06-11e6-8dd4-441ea1ce7076} - "F:\AutoRun.exe" {D2D77DC2-8299-11D1-8949-444553540000} 5.2066.1.A11B02 PID_0083
HKU\S-1-5-21-1389410128-70137882-352627930-1001\...\MountPoints2: {018f0eba-bd06-11e6-8dd4-441ea1ce7076} - "F:\AutoRun.exe" {D2D77DC2-8299-11D1-8949-444553540000} 5.2066.1.A11B02 PID_0083
HKU\S-1-5-21-1389410128-70137882-352627930-1001\...\MountPoints2: {6764bebb-ddb1-11e6-8e55-441ea1ce7076} - "F:\Startme.exe"
HKU\S-1-5-21-1389410128-70137882-352627930-1001\...\MountPoints2: {91e0020a-bbba-11e6-8dcf-441ea1ce7076} - "F:\Startme.exe"
ShellIconOverlayIdentifiers: [ IDM Shell Extension] -> {CDC95B92-E27C-4745-A8C5-64A52A78855D} => C:\Program Files (x86)\Internet Download Manager\IDMShellExt64.dll [2015-08-14] (Tonec Inc.)
GroupPolicy: Restriction - Chrome <======= ATTENTION
==================== Internet (Avec liste blanche) ====================
(Si un élément est inclus dans le fichier fixlist.txt, s'il s'agit d'un élément du Registre, il sera supprimé ou restauré à la valeur par défaut.)
Hosts: 0x2320436F707972696768742028632920313939332D32303039204D6963726F736F667420436F72702E0D0A230D0A23205468697320697320612073616D706C6520484F5354532066696C652075736564206279204D6963726F736F6674205443502F495020666F722057696E646F77732E0D0A230D0A2320546869732066696C6520636F6E7461696E7320746865206D617070696E6773206F662049502061646472657373657320746F20686F7374206E616D65732E20456163680D0A2320656E7472792073686F756C64206265206B657074206F6E20616E20696E646976696475616C206C696E652E2054686520495020616464726573732073686F756C640D0A2320626520706C6163656420696E2074686520666972737420636F6C756D6E20666F6C6C6F7765642062792074686520636F72726573706F6E64696E6720686F7374206E616D652E0D0A2320546865204950206164647265737320616E642074686520686F7374206E616D652073686F756C6420626520736570617261746564206279206174206C65617374206F6E650D0A232073706163652E0D0A230D0A23204164646974696F6E616C6C792C20636F6D6D656E747320287375636820617320746865736529206D617920626520696E736572746564206F6E20696E646976696475616C0D0A23206C696E6573206F7220666F6C6C6F77696E6720746865206D616368696E65206E616D652064656E6F7465642062792061202723272073796D626F6C2E0D0A230D0A2320466F72206578616D706C653A0D0A230D0A232020202020203130322E35342E39342E393720202020207268696E6F2E61636D652E636F6D202020202020202020202320736F75726365207365727665720D0A232020202020202033382E32352E36332E31302020202020782E61636D652E636F6D202020202020202020202020202023207820636C69656E7420686F73740D0A0D0A23206C6F63616C686F7374206E616D65207265736F6C7574696F6E2069732068616E646C65642077697468696E20444E5320697473656C662E0D0A23093132372E302E302E31202020202020206C6F63616C686F73740D0A23093A3A31202020202020202020202020206C6F63616C686F73740D0A0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000D0A0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000D0A0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000D0A0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000D0A0D0A2320756E636865636B795F626567696E0D0A232054686573652072756C657320776572652061646465642062792074686520556E636865636B792070726F6772616D20696E206F7264657220746F20626C6F636B206164766572746973696E6720736F667477617265206D6F64756C65730D0A302E302E302E3020302E302E302E3020232066697820666F72207472616365726F75746520616E64206E65747374617420646973706C617920616E6F6D616C790D0A302E302E302E3020747261636B696E672E6F70656E63616E64792E636F6D2E73332E616D617A6F6E6177732E636F6D0D0A302E302E302E30206D656469612E6F70656E63616E64792E636F6D0D0A302E302E302E302063646E2E6F70656E63616E64792E636F6D0D0A302E302E302E3020747261636B696E672E6F70656E63616E64792E636F6D0D0A302E302E302E30206170692E6F70656E63616E64792E636F6D0D0A302E302E302E30206170692E7265636F6D6D656E64656473772E636F6D0D0A302E302E302E3020696E7374616C6C65722E626574746572696E7374616C6C65722E636F6D0D0A302E302E302E3020696E7374616C6C65722E66696C6562756C6C646F672E636F6D0D0A302E302E302E302064336F78746E31783362386437692E636C6F756466726F6E742E6E65740D0A302E302E302E3020696E6E6F2E62697372762E636F6D0D0A302E302E302E30206E7369732E62697372762E636F6D0D0A302E302E302E302063646E2E66696C65326465736B746F702E636F6D0D0A302E302E302E302063646E2E676F617465617374636163682E75730D0A302E302E302E302063646E2E677574746173746174646B2E75730D0A302E302E302E302063646E2E696E736B696E6D656469612E636F6D0D0A302E302E302E302063646E2E696E7374612E6F6962756E646C6573322E636F6D0D0A302E302E302E302063646E2E696E7374612E706C617962727974652E636F6D0D0A302E302E302E302063646E2E6C6C6F67657466617374636163682E75730D0A302E302E302E302063646E2E6D6F6E74696572612E636F6D0D0A302E302E302E302063646E2E6D7364776E6C642E636F6D0D0A302E302E302E302063646E2E6D7970636261636B75702E636F6D0D0A302E302E302E302063646E2E7070646F776E6C6F61642E636F6D0D0A302E302E302E302063646E2E72696365617465617374636163682E75730D0A302E302E302E302063646E2E73687961706F7461746F2E75730D0A302E302E302E302063646E2E736F6C696D62612E636F6D0D0A302E302E302E302063646E2E7475746F3470632E636F6D0D0A302E302E302E302063646E2E617070726F756E642E62697A0D0A302E302E302E302063646E2E626967737065656470726F2E636F6D0D0A302E302E302E302063646E2E62697370642E636F6D0D0A302E302E302E302063646E2E62697372762E636F6D0D0A302E302E302E302063646E2E63646E64702E636F6D0D0A302E302E302E302063646E2E646F776E6C6F61642E73776565747061636B732E636F6D0D0A302E302E302E302063646E2E6470646F776E6C6F61642E636F6D0D0A302E302E302E302063646E2E76697375616C6265652E6E65740D0A2320756E636865636B795F656E640D0A
Tcpip\..\Interfaces\{116c648a-0451-4edd-a058-1a0a1a53ba66}: [DhcpNameServer] 192.168.42.129
Tcpip\..\Interfaces\{b6de4c39-aa94-47bc-bc4e-7c7de6aceb0e}: [DhcpNameServer] 192.168.1.242
Tcpip\..\Interfaces\{efc1b0b5-b82d-4413-a19c-3df6d66b04aa}: [DhcpNameServer] 192.168.1.1 0.0.0.0
Internet Explorer:
==================
HKU\S-1-5-21-1389410128-70137882-352627930-1001\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://www.msn.com/fr-fr/?ocid=iehp
BHO: IDM integration (IDMIEHlprObj Class) -> {0055C089-8582-441B-A0BF-17B458C2A3A8} -> C:\Program Files (x86)\Internet Download Manager\IDMIECC64.dll [2016-12-10] (Internet Download Manager, Tonec Inc.)
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\Office15\OCHelper.dll [2015-02-10] (Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_111\bin\ssv.dll [2016-11-02] (Oracle Corporation)
BHO: Youtube AdBlock -> {95E84BD3-3604-4AAC-B2CA-D9AC3E55B64B} -> C:\Program Files (x86)\Youtube AdBlock\IEEF\2s18kA.dll => Pas de fichier
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL [2015-01-21] (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_111\bin\jp2ssv.dll [2016-11-02] (Oracle Corporation)
BHO-x32: IDM integration (IDMIEHlprObj Class) -> {0055C089-8582-441B-A0BF-17B458C2A3A8} -> C:\Program Files (x86)\Internet Download Manager\IDMIECC.dll [2016-12-10] (Internet Download Manager, Tonec Inc.)
BHO-x32: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll [2015-02-10] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_111\bin\ssv.dll [2016-11-02] (Oracle Corporation)
BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL [2015-01-21] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_111\bin\jp2ssv.dll [2016-11-02] (Oracle Corporation)
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL [2015-02-17] (Microsoft Corporation)
FireFox:
========
FF DefaultProfile: 6lku5ar5.default
FF ProfilePath: C:\Users\Naharintsoa\AppData\Roaming\Mozilla\Firefox\Profiles\6lku5ar5.default [2017-02-20]
FF Extension: (SHA-1 deprecation staged rollout) - C:\Users\Naharintsoa\AppData\Roaming\Mozilla\Firefox\Profiles\6lku5ar5.default\features\{d7c25857-54b1-482c-a4b9-2e92f5bfa0a5}\disableSHA1rollout@mozilla.org.xpi [2017-02-17]
FF Extension: (IDM integration) - C:\Program Files (x86)\Internet Download Manager\idmmzcc2.xpi [2017-01-26]
FF Extension: (Adblocker for Youtube™) - C:\Program Files (x86)\Mozilla Firefox\browser\features\{95E84BD3-3604-4AAC-B2CA-D9AC3E55B64B} [2017-02-16] [non signé]
FF HKU\S-1-5-21-1389410128-70137882-352627930-1001\...\Firefox\Extensions: [mozilla_cc2@internetdownloadmanager.com] - C:\Program Files (x86)\Internet Download Manager\idmmzcc2.xpi
FF HKU\S-1-5-21-1389410128-70137882-352627930-1001\...\SeaMonkey\Extensions: [mozilla_cc@internetdownloadmanager.com] - C:\Users\Naharintsoa\AppData\Roaming\IDM\idmmzcc5
FF Extension: (IDM CC) - C:\Users\Naharintsoa\AppData\Roaming\IDM\idmmzcc5 [2017-02-20] [non signé]
FF HKU\S-1-5-21-1389410128-70137882-352627930-1001\...\SeaMonkey\Extensions: [mozilla_cc2@internetdownloadmanager.com] - C:\Program Files (x86)\Internet Download Manager\idmmzcc2.xpi
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_24_0_0_221.dll [2017-02-18] ()
FF Plugin: @java.com/DTPlugin,version=11.111.2 -> C:\Program Files\Java\jre1.8.0_111\bin\dtplugin\npDeployJava1.dll [2016-11-02] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.111.2 -> C:\Program Files\Java\jre1.8.0_111\bin\plugin2\npjp2.dll [2016-11-02] (Oracle Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~1\Office15\NPSPWRAP.DLL [2014-01-23] (Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=2.2.4 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_24_0_0_221.dll [2017-02-18] ()
FF Plugin-x32: @java.com/DTPlugin,version=11.111.2 -> C:\Program Files (x86)\Java\jre1.8.0_111\bin\dtplugin\npDeployJava1.dll [2016-11-02] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.111.2 -> C:\Program Files (x86)\Java\jre1.8.0_111\bin\plugin2\npjp2.dll [2016-11-02] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2014-05-21] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office15\NPSPWRAP.DLL [2014-01-22] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2016-12-18] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2016-12-18] (Google Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npMeetingJoinPluginOC.dll [2014-05-21] (Microsoft Corporation)
Chrome:
=======
CHR StartupUrls: Default -> "hxxps://www.google.com/"
CHR Profile: C:\Users\Naharintsoa\AppData\Local\Google\Chrome\User Data\Default [2017-02-20]
CHR Extension: (Google Slides) - C:\Users\Naharintsoa\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2016-11-21]
CHR Extension: (Text URL Linker) - C:\Users\Naharintsoa\AppData\Local\Google\Chrome\User Data\Default\Extensions\aegfbpchoheaflicfmggkmlmcccpjpgd [2016-11-27]
CHR Extension: (Google Docs) - C:\Users\Naharintsoa\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2016-11-21]
CHR Extension: (Google Drive) - C:\Users\Naharintsoa\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-11-21]
CHR Extension: (WOT: Web of Trust, Website Reputation Ratings) - C:\Users\Naharintsoa\AppData\Local\Google\Chrome\User Data\Default\Extensions\bhmmomiinigofkjcapegjjndpbikblnp [2017-02-20]
CHR Extension: (YouTube) - C:\Users\Naharintsoa\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-11-21]
CHR Extension: (Webmail Ad Blocker) - C:\Users\Naharintsoa\AppData\Local\Google\Chrome\User Data\Default\Extensions\cbhfdchmklhpcngcgjmpdbjakdggkkjp [2016-11-21]
CHR Extension: (FlashBlock) - C:\Users\Naharintsoa\AppData\Local\Google\Chrome\User Data\Default\Extensions\cdngiadmnkhgemkimkhiilgffbjijcie [2016-11-21]
CHR Extension: (Adblock Plus) - C:\Users\Naharintsoa\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2017-02-16]
CHR Extension: (Ad-blocker for Gmail™) - C:\Users\Naharintsoa\AppData\Local\Google\Chrome\User Data\Default\Extensions\coibnogmjcpbccgjofoiklnfpbbjbapo [2016-11-21]
CHR Extension: (Tampermonkey) - C:\Users\Naharintsoa\AppData\Local\Google\Chrome\User Data\Default\Extensions\dhdgffkkebhmkfjojejmpbldmpobfkfo [2017-02-16]
CHR Extension: (Blur) - C:\Users\Naharintsoa\AppData\Local\Google\Chrome\User Data\Default\Extensions\epanfjkfahimkgomnigadpkobaefekcd [2017-02-17]
CHR Extension: (Google Sheets) - C:\Users\Naharintsoa\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2016-11-21]
CHR Extension: (EditThisCookie) - C:\Users\Naharintsoa\AppData\Local\Google\Chrome\User Data\Default\Extensions\fngmhnnpilhplaeedifhccceomclgfbg [2017-02-20]
CHR Extension: (Google Docs hors connexion) - C:\Users\Naharintsoa\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-11-21]
CHR Extension: (AdBlock) - C:\Users\Naharintsoa\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2017-02-20]
CHR Extension: (Page Captures d'écran Web - Fireshot) - C:\Users\Naharintsoa\AppData\Local\Google\Chrome\User Data\Default\Extensions\mcbpblocgmgfnpjjppndjkmgjaogfceg [2016-12-11]
CHR Extension: (IDM Integration Module) - C:\Users\Naharintsoa\AppData\Local\Google\Chrome\User Data\Default\Extensions\ngpampappnmepgilojfohadhhmbhlaek [2017-02-16]
CHR Extension: (Paiements via le Chrome Web Store) - C:\Users\Naharintsoa\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-01-18]
CHR Extension: (Gmail) - C:\Users\Naharintsoa\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-11-21]
CHR Extension: (Chrome Media Router) - C:\Users\Naharintsoa\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-02-09]
CHR HKLM\...\Chrome\Extension: [ngpampappnmepgilojfohadhhmbhlaek] - C:\Program Files (x86)\Internet Download Manager\IDMGCExt.crx [2017-02-13]
CHR HKLM-x32\...\Chrome\Extension: [ngpampappnmepgilojfohadhhmbhlaek] - C:\Program Files (x86)\Internet Download Manager\IDMGCExt.crx [2017-02-13]
==================== Services (Avec liste blanche) ====================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
S2 Freemake Improver; C:\ProgramData\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe [104448 2016-12-13] (Freemake) [Fichier non signé]
R2 FreemakeVideoCapture; C:\Program Files (x86)\Freemake\CaptureLib\CaptureLibService.exe [9216 2016-12-13] (Ellora Assets Corp.) [Fichier non signé]
R2 MSSQL$SQLEXPRESS; c:\Program Files (x86)\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe [29181272 2008-12-18] (Microsoft Corporation)
S4 msvsmon90; C:\Program Files\Microsoft Visual Studio 9.0\Common7\IDE\Remote Debugger\x64\msvsmon.exe [4466688 2007-11-07] (Microsoft Corporation)
R2 SynTPEnhService; C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe [246888 2016-12-13] (Synaptics Incorporated)
R2 Unchecky; C:\Program Files (x86)\Unchecky\bin\unchecky_svc.exe [304408 2017-02-08] (RaMMicHaeL)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [362928 2016-10-25] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [24864 2016-10-25] (Microsoft Corporation)
===================== Pilotes (Avec liste blanche) ======================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
S3 ALCATELUSB; C:\WINDOWS\System32\Drivers\AlcatelUsb.sys [25088 2012-08-23] (Windows (R) Codename Longhorn DDK provider)
R3 AtiHDAudioService; C:\WINDOWS\system32\drivers\AtihdWT6.sys [110096 2016-11-01] (Advanced Micro Devices)
R3 e1cexpress; C:\WINDOWS\system32\DRIVERS\e1c64x64.sys [468752 2014-07-28] (Intel Corporation)
R1 HWiNFO32; C:\WINDOWS\SysWOW64\drivers\HWiNFO64A.SYS [26528 2016-11-01] (REALiX(tm))
S3 massfilter_hs; C:\WINDOWS\system32\drivers\massfilter_hs.sys [18456 2011-07-07] (HandSet Incorporated)
S3 netr28ux; C:\WINDOWS\system32\DRIVERS\netr28ux.sys [2244944 2016-05-09] (MediaTek Inc.)
R3 NETwNe64; C:\WINDOWS\System32\drivers\NETwew01.sys [3354384 2015-08-06] (Intel Corporation)
R2 npf; C:\WINDOWS\System32\drivers\npf.sys [35344 2011-02-12] (CACE Technologies, Inc.)
S3 qcusbser; C:\WINDOWS\system32\DRIVERS\qcusbser.sys [242688 2013-01-16] (QUALCOMM Incorporated)
R3 SPUVCbv; C:\WINDOWS\System32\Drivers\SPUVCbv64.sys [760832 2016-12-13] (Sunplus)
S3 UdeCx; C:\WINDOWS\System32\drivers\udecx.sys [44032 2015-07-10] ()
R1 VBoxNetAdp; C:\WINDOWS\system32\DRIVERS\VBoxNetAdp6.sys [131144 2017-01-16] (Oracle Corporation)
R1 VBoxNetLwf; C:\WINDOWS\system32\DRIVERS\VBoxNetLwf.sys [205440 2017-01-16] (Oracle Corporation)
S3 VBoxUSB; C:\WINDOWS\System32\Drivers\VBoxUSB.sys [125008 2015-11-10] (Oracle Corporation)
R0 vsock; C:\WINDOWS\system32\DRIVERS\vsock.sys [91712 2016-09-30] (VMware, Inc.)
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [44568 2015-07-10] (Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\WdFilter.sys [291680 2015-07-10] (Microsoft Corporation)
R2 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [119648 2015-07-10] (Microsoft Corporation)
S3 wfpcapture; \SystemRoot\System32\drivers\wfpcapture.sys [X]
==================== NetSvcs (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
==================== Un mois - Créés - fichiers et dossiers ========
(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)
2017-02-20 20:57 - 2017-02-20 20:57 - 00000000 ____D C:\FRST
2017-02-20 19:59 - 2017-02-20 19:59 - 00016148 _____ C:\WINDOWS\system32\DESKTOP-A45705F_Naharintsoa_HistoryPrediction.bin
2017-02-20 16:37 - 2017-02-20 16:37 - 00114604 _____ C:\Users\Naharintsoa\Downloads\AntiAdware (1).user.js
2017-02-20 16:29 - 2017-02-20 16:30 - 02422784 _____ (Farbar) C:\Users\Naharintsoa\Downloads\FRST64.exe
2017-02-20 16:16 - 2017-02-20 16:16 - 00164174 _____ C:\Users\Naharintsoa\Downloads\adsbypasser (4).user.js
2017-02-20 16:15 - 2017-02-20 16:15 - 00164174 _____ C:\Users\Naharintsoa\Downloads\adsbypasser (3).user.js
2017-02-20 16:14 - 2017-02-20 16:14 - 00114604 _____ C:\Users\Naharintsoa\Downloads\AntiAdware.user.js
2017-02-20 16:13 - 2017-02-20 16:13 - 00226543 _____ C:\Users\Naharintsoa\Downloads\Anti-Adblock Killer - Reek (3).user.js
2017-02-20 16:08 - 2017-02-20 20:52 - 00001575 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2017-02-20 16:08 - 2017-02-20 20:52 - 00001563 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2017-02-20 12:12 - 2016-11-11 23:22 - 00400968 _____ (VMware, Inc.) C:\WINDOWS\SysWOW64\vmnat.exe
2017-02-20 12:12 - 2016-11-11 23:22 - 00366664 _____ (VMware, Inc.) C:\WINDOWS\SysWOW64\vmnetdhcp.exe
2017-02-20 12:12 - 2016-11-11 23:21 - 01148488 _____ (VMware, Inc.) C:\WINDOWS\system32\vnetlib64.dll
2017-02-20 12:12 - 2016-11-11 23:16 - 00088128 _____ (VMware, Inc.) C:\WINDOWS\system32\Drivers\vmx86.sys
2017-02-20 12:12 - 2016-11-11 23:05 - 00066624 _____ (VMware, Inc.) C:\WINDOWS\system32\vnetinst.dll
2017-02-20 12:12 - 2016-11-11 23:05 - 00044096 _____ (VMware, Inc.) C:\WINDOWS\system32\Drivers\vmnetuserif.sys
2017-02-20 12:12 - 2016-09-30 01:12 - 00091712 _____ (VMware, Inc.) C:\WINDOWS\system32\Drivers\vsock.sys
2017-02-20 12:12 - 2016-09-30 01:12 - 00069104 _____ (VMware, Inc.) C:\WINDOWS\system32\vsocklib.dll
2017-02-20 12:12 - 2016-09-30 01:12 - 00065016 _____ (VMware, Inc.) C:\WINDOWS\SysWOW64\vsocklib.dll
2017-02-20 12:12 - 2016-09-06 18:48 - 00083008 _____ (VMware, Inc.) C:\WINDOWS\system32\Drivers\hcmon.sys
2017-02-20 12:11 - 2017-02-20 12:11 - 00001261 _____ C:\Users\Public\Desktop\VMware Workstation 12 Player.lnk
2017-02-20 12:11 - 2017-02-20 12:11 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VMware
2017-02-20 12:11 - 2017-02-20 12:11 - 00000000 ____D C:\Program Files\Common Files\VMware
2017-02-20 12:11 - 2017-02-20 12:11 - 00000000 ____D C:\Program Files (x86)\VMware
2017-02-20 08:22 - 2017-02-20 08:22 - 00000000 ____D C:\WINDOWS\System32\Tasks\microsoft-windowscamera_2016-1215-40-0_x64__8wekyb3d8bbwe
2017-02-20 07:44 - 2017-02-20 12:02 - 00001149 _____ C:\Users\Public\Desktop\Oracle VM VirtualBox.lnk
2017-02-20 07:44 - 2017-02-20 12:02 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Oracle VM VirtualBox
2017-02-20 07:44 - 2017-02-20 07:44 - 00000000 ____D C:\Program Files\Oracle
2017-02-20 07:16 - 2017-02-20 12:13 - 00000000 ____D C:\Users\Naharintsoa\Documents\Virtual Machines
2017-02-20 07:14 - 2017-02-20 13:30 - 00000000 ____D C:\Users\Naharintsoa\AppData\Local\VMware
2017-02-20 07:14 - 2017-02-20 12:13 - 00000000 ____D C:\Users\Naharintsoa\AppData\Roaming\VMware
2017-02-20 07:08 - 2017-02-20 17:06 - 00000000 ____D C:\ProgramData\VMware
2017-02-19 19:42 - 2017-02-19 19:44 - 00000000 ____D C:\Users\Naharintsoa\Documents\Blender Tuto
2017-02-19 19:42 - 2017-02-19 19:42 - 00000000 ____D C:\Users\Naharintsoa\Documents\Cine 4D
2017-02-19 19:42 - 2017-02-19 19:42 - 00000000 ____D C:\Users\Naharintsoa\Documents\Autres Tuto
2017-02-19 07:50 - 2017-02-19 07:50 - 00000000 ____D C:\Users\Naharintsoa\.android
2017-02-19 07:50 - 2017-02-19 07:50 - 00000000 ____D C:\Program Files\ZTE Handset USB Driver
2017-02-19 07:50 - 2011-09-13 09:53 - 00129432 _____ (ZTE Incorporated) C:\WINDOWS\system32\Drivers\zghsvousb.sys
2017-02-19 07:50 - 2011-09-13 09:53 - 00129432 _____ (ZTE Incorporated) C:\WINDOWS\system32\Drivers\zghstrace.sys
2017-02-19 07:50 - 2011-09-13 09:53 - 00129432 _____ (ZTE Incorporated) C:\WINDOWS\system32\Drivers\zghsnmea.sys
2017-02-19 07:50 - 2011-09-13 09:53 - 00129432 _____ (ZTE Incorporated) C:\WINDOWS\system32\Drivers\zghsmdm.sys
2017-02-19 07:50 - 2011-09-13 09:53 - 00129432 _____ (ZTE Incorporated) C:\WINDOWS\system32\Drivers\zghsdiagmdm.sys
2017-02-19 07:50 - 2011-09-13 09:53 - 00129432 _____ (ZTE Incorporated) C:\WINDOWS\system32\Drivers\zghsdiag.sys
2017-02-19 07:50 - 2011-09-13 09:53 - 00129432 _____ (ZTE Incorporated) C:\WINDOWS\system32\Drivers\zghsat.sys
2017-02-19 07:50 - 2011-09-13 09:43 - 00163352 _____ (ZTE Incorporated) C:\WINDOWS\system32\Drivers\zghsnet.sys
2017-02-19 07:50 - 2011-08-15 16:43 - 00584584 _____ C:\WINDOWS\adb.exe
2017-02-19 07:50 - 2011-08-15 16:43 - 00102936 _____ (Google, inc) C:\WINDOWS\AdbWinApi.dll
2017-02-19 07:50 - 2011-07-07 16:13 - 00018456 _____ (HandSet Incorporated) C:\WINDOWS\system32\Drivers\massfilter_hs.sys
2017-02-19 07:50 - 2011-03-28 15:42 - 00129304 _____ (ZTE Incorporated) C:\WINDOWS\system32\Drivers\ghsnmea.sys
2017-02-19 07:50 - 2011-03-28 15:42 - 00129304 _____ (ZTE Incorporated) C:\WINDOWS\system32\Drivers\ghsmdm.sys
2017-02-19 07:50 - 2011-03-28 15:42 - 00129304 _____ (ZTE Incorporated) C:\WINDOWS\system32\Drivers\ghsdiag.sys
2017-02-19 07:50 - 2010-10-18 14:24 - 00038424 _____ (Google Inc) C:\WINDOWS\system32\Drivers\ghsandroid.sys
2017-02-18 16:54 - 2017-02-18 16:54 - 00000000 ____D C:\WINDOWS\System32\Tasks\microsoft-windowsstore_11602-1-26-0_x64__8wekyb3d8bbwe
2017-02-18 16:14 - 2017-02-18 16:19 - 00000000 ____D C:\Users\Naharintsoa\Documents\Freemake
2017-02-18 16:14 - 2017-02-18 16:14 - 00001401 _____ C:\Users\Public\Desktop\Freemake Video Downloader.lnk
2017-02-18 16:14 - 2017-02-18 16:14 - 00000000 ____D C:\Users\Naharintsoa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Freemake
2017-02-18 16:14 - 2017-02-18 16:14 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Freemake
2017-02-18 16:14 - 2017-02-18 16:14 - 00000000 ____D C:\ProgramData\Freemake
2017-02-18 16:14 - 2017-02-18 16:14 - 00000000 ____D C:\Program Files\WinPcap
2017-02-18 16:06 - 2017-02-18 16:06 - 00002044 _____ C:\Users\Naharintsoa\Downloads\2. Config IDM by Majax31 (2).reg
2017-02-18 16:04 - 2017-02-18 16:04 - 00000000 ____D C:\Users\Naharintsoa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Registry Trash Keys Finder
2017-02-18 16:04 - 2017-02-18 16:04 - 00000000 ____D C:\Program Files (x86)\TrashReg
2017-02-18 15:58 - 2017-02-18 15:58 - 01480021 _____ C:\Users\Naharintsoa\Downloads\[opensource] IDM trial reset (1).rar
2017-02-18 15:55 - 2017-02-18 15:55 - 01481190 _____ C:\Users\Naharintsoa\Downloads\IDM Trial Reset-20170218T125452Z.zip
2017-02-18 15:53 - 2017-02-18 15:53 - 00002044 _____ C:\Users\Naharintsoa\Downloads\2. Config IDM by Majax31 (1).reg
2017-02-18 13:27 - 2017-02-18 22:06 - 00001064 _____ C:\WINDOWS\Tasks\Adobe Flash Player PPAPI Notifier.job
2017-02-18 13:27 - 2017-02-18 13:27 - 00004156 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player PPAPI Notifier
2017-02-18 13:25 - 2017-02-18 13:49 - 90955904 _____ C:\Users\Naharintsoa\Downloads\31553759.m3u8
2017-02-18 13:20 - 2017-02-18 16:06 - 00000000 ____D C:\WINDOWS\System32\Tasks\flash
2017-02-18 13:20 - 2017-02-18 13:20 - 00000000 ____D C:\Users\Naharintsoa\AppData\Local\Macromedia
2017-02-18 13:18 - 2017-02-20 20:27 - 00001002 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2017-02-18 13:18 - 2017-02-18 13:27 - 00003988 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater
2017-02-18 13:18 - 2017-02-18 13:18 - 00000000 ____D C:\WINDOWS\System32\Tasks\temp
2017-02-18 13:13 - 2017-02-18 13:20 - 00000000 ____D C:\Users\Naharintsoa\AppData\Local\Adobe
2017-02-18 12:42 - 2017-02-18 12:42 - 00016832 _____ C:\WINDOWS\System32\Tasks\microsoft-getstarted_4-5
2017-02-18 12:41 - 2017-02-18 12:41 - 00016836 _____ C:\WINDOWS\System32\Tasks\microsoft-getstarted_4-5-6
2017-02-18 12:41 - 2017-02-18 12:41 - 00000000 ____D C:\WINDOWS\System32\Tasks\microsoft-getstarted_4-5-6-0_x64__8wekyb3d8bbwe
2017-02-18 07:10 - 2017-02-18 07:14 - 24291292 _____ C:\Users\Naharintsoa\Downloads\Rossy - Ikalasoa Bal Kabosy - vidéo Dailymotion.TS
2017-02-17 20:09 - 2017-02-17 20:09 - 00016842 _____ C:\WINDOWS\System32\Tasks\microsoft-zunevideo_3-6-25071
2017-02-17 20:09 - 2017-02-17 20:09 - 00016830 _____ C:\WINDOWS\System32\Tasks\microsoft-zunevideo_3-6
2017-02-17 20:09 - 2017-02-17 20:09 - 00016826 _____ C:\WINDOWS\System32\Tasks\microsoft-zunevideo_3
2017-02-17 15:59 - 2017-02-17 15:59 - 00000000 ____D C:\WINDOWS\System32\Tasks\updater
2017-02-17 15:59 - 2017-02-17 15:59 - 00000000 ____D C:\WINDOWS\System32\Tasks\phone
2017-02-17 15:59 - 2017-02-17 15:59 - 00000000 ____D C:\WINDOWS\System32\Tasks\browser
2017-02-17 13:35 - 2017-02-17 13:35 - 00016882 _____ C:\WINDOWS\System32\Tasks\microsoft-windowscommunicationsapps_17-6568-46361
2017-02-17 13:35 - 2017-02-17 13:35 - 00016870 _____ C:\WINDOWS\System32\Tasks\microsoft-windowscommunicationsapps_17-6568
2017-02-17 13:35 - 2017-02-17 13:35 - 00016860 _____ C:\WINDOWS\System32\Tasks\microsoft-windowscommunicationsapps_17
2017-02-17 13:35 - 2017-02-17 13:35 - 00000000 ____D C:\WINDOWS\System32\Tasks\microsoft-windowscommunicationsapps_17-6568-46361-0_x64__8wekyb3d8bbwe
2017-02-17 08:35 - 2017-02-20 16:36 - 00001532 _____ C:\WINDOWS\Tasks\microsoft.job
2017-02-17 07:15 - 2017-02-17 07:15 - 00000000 ____D C:\WINDOWS\System32\Tasks\microsoft-zunevideo_3-6-25071-0_x64__8wekyb3d8bbwe
2017-02-16 23:13 - 2017-02-16 23:13 - 00016820 _____ C:\WINDOWS\System32\Tasks\5335R53T21B403-dll
2017-02-16 22:36 - 2017-02-16 22:40 - 04015056 _____ C:\Users\Naharintsoa\Downloads\adwcleaner_6.043.exe
2017-02-16 22:26 - 2017-02-16 22:26 - 00002882 _____ C:\WINDOWS\System32\Tasks\CCleanerSkipUAC
2017-02-16 22:21 - 2017-02-18 15:45 - 00000290 __RSH C:\Users\Naharintsoa\ntuser.pol
2017-02-16 20:56 - 2017-02-16 20:56 - 00000000 ____D C:\WINDOWS\system32\appmgmt
2017-02-16 20:50 - 2017-02-16 20:50 - 00016860 _____ C:\WINDOWS\System32\Tasks\microsoft-windows-photos_16-1118-10000
2017-02-16 20:50 - 2017-02-16 20:50 - 00016848 _____ C:\WINDOWS\System32\Tasks\microsoft-windows-photos_16-1118
2017-02-16 20:50 - 2017-02-16 20:50 - 00016838 _____ C:\WINDOWS\System32\Tasks\microsoft-windows-photos_16
2017-02-16 20:50 - 2017-02-16 20:50 - 00016818 _____ C:\WINDOWS\System32\Tasks\microsoft-windows
2017-02-16 20:47 - 2017-02-16 20:50 - 00000000 ____D C:\WINDOWS\System32\Tasks\microsoft-windows-photos_16-1118-10000-0_x64__8wekyb3d8bbwe
2017-02-16 20:39 - 2017-02-16 20:39 - 00000000 ____D C:\Users\Naharintsoa\AppData\Local\Chromium
2017-02-16 20:39 - 2017-02-16 20:39 - 00000000 ____D C:\Users\Naharintsoa\AppData\Local\CEF
2017-02-16 20:34 - 2017-02-16 21:35 - 00016812 _____ C:\WINDOWS\System32\Tasks\5335R53T21B403
2017-02-16 20:34 - 2017-02-16 20:35 - 00000000 ____D C:\Users\Public\Thunder Network
2017-02-16 20:34 - 2017-02-16 20:34 - 00001876 __RSH C:\ProgramData\ntuser.pol
2017-02-16 20:34 - 2017-02-16 20:34 - 00001062 _____ C:\Users\Naharintsoa\Desktop\Play Warframe.lnk
2017-02-16 20:34 - 2017-02-16 20:34 - 00000000 ___HD C:\ProgramData\5335R53T21B403
2017-02-16 20:34 - 2017-02-16 20:34 - 00000000 ____D C:\ProgramData\Thunder Network
2017-02-16 20:28 - 2017-02-16 20:29 - 01773568 _____ C:\Users\Naharintsoa\Downloads\WiFi_Password_Hacking_Software_2017_WiFi_Hack.iso
2017-02-15 06:16 - 2016-10-10 22:22 - 07357784 _____ C:\Users\Naharintsoa\Desktop\Atao en Sim.avi
2017-02-14 21:58 - 2017-02-15 04:35 - 08665860 _____ C:\Users\Naharintsoa\Downloads\TSY MISY TSY HAY ATAO . KARMELA - vidéo Dailymotion.TS
2017-02-13 20:14 - 2016-10-17 18:35 - 00223464 _____ (Tonec Inc.) C:\WINDOWS\system32\Drivers\idmwfp.sys
2017-02-13 12:37 - 2017-02-13 12:37 - 00000000 ____D C:\Users\Naharintsoa\Documents\legend of korra
2017-02-13 11:42 - 2017-02-13 11:48 - 00000000 ____D C:\Users\Naharintsoa\Documents\Adobe CS 3
2017-02-13 11:42 - 2017-02-13 11:42 - 00000000 ____D C:\Users\Naharintsoa\Documents\3Ds Max 2017
2017-02-13 11:40 - 2017-02-13 11:50 - 00000000 ____D C:\Users\Naharintsoa\Documents\Les fondamentaux d AJAX par la pratique
2017-02-09 15:40 - 2017-02-09 15:40 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Python 2.7
2017-02-09 15:39 - 2017-02-09 15:39 - 00000000 ____D C:\Python27
2017-02-07 11:28 - 2017-02-07 11:51 - 00000000 ____D C:\Users\Naharintsoa\Desktop\-_Animation.de.personnages.3D.avec.3ds.Max.2012
2017-02-07 11:08 - 2017-02-07 11:56 - 00000000 ____D C:\Users\Naharintsoa\Desktop\Elephorm Maîtriser le Particule Flow dans 3ds Max 2013
2017-02-07 10:55 - 2017-02-20 19:49 - 00348160 ___SH C:\Users\Naharintsoa\Desktop\Thumbs.db
2017-02-07 10:51 - 2017-02-07 10:58 - 00036864 ___SH C:\Users\Public\Thumbs.db
2017-02-02 23:02 - 2017-02-02 23:02 - 00003302 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task v2
2017-02-02 13:56 - 2017-02-02 13:56 - 00000000 ____D C:\Users\Naharintsoa\AppData\Roaming\EurekaLog
2017-01-31 18:54 - 2017-02-16 22:44 - 00000000 ____D C:\Users\Naharintsoa\AppData\Roaming\Adobe
2017-01-31 08:12 - 2017-01-31 08:12 - 00001456 _____ C:\Users\Naharintsoa\AppData\Local\Adobe Enregistrer pour le Web 13.0 Prefs
2017-01-24 22:57 - 2017-02-20 12:02 - 00000000 ____D C:\Users\Naharintsoa\VirtualBox VMs
2017-01-24 22:56 - 2017-02-20 12:09 - 00000000 ____D C:\Users\Naharintsoa\.VirtualBox
2017-01-24 22:56 - 2017-01-16 17:38 - 00959720 _____ (Oracle Corporation) C:\WINDOWS\system32\Drivers\VBoxDrv.sys
2017-01-24 22:56 - 2017-01-16 17:38 - 00149304 _____ (Oracle Corporation) C:\WINDOWS\system32\Drivers\VBoxUSBMon.sys
2017-01-24 11:40 - 2017-01-24 22:35 - 00000000 ____D C:\Users\Naharintsoa\Desktop\Film
2017-01-24 11:16 - 2017-01-31 07:36 - 00000000 ____D C:\Users\Naharintsoa\Desktop\best workout
2017-01-23 21:23 - 2017-01-23 21:23 - 00000000 ____D C:\Users\Naharintsoa\AppData\Roaming\Blender Foundation
2017-01-22 06:01 - 2017-01-23 07:07 - 44309156 _____ C:\Users\Naharintsoa\Downloads\Hardcore Busty Babes Ta-Ta Therapy - XNXX.COM.TS
==================== Un mois - Modifiés - fichiers et dossiers ========
(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)
2017-02-20 20:56 - 2016-11-01 18:59 - 00000000 ____D C:\Users\Naharintsoa\AppData\Roaming\Skype
2017-02-20 20:52 - 2016-11-01 19:18 - 00001162 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2017-02-20 20:52 - 2016-11-01 19:18 - 00001150 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk
2017-02-20 20:06 - 2016-11-01 17:36 - 00000000 ____D C:\Users\Naharintsoa\AppData\Roaming\DMCache
2017-02-20 18:40 - 2016-11-27 09:03 - 00000000 ____D C:\Users\Naharintsoa\AppData\LocalLow\Mozilla
2017-02-20 17:51 - 2016-11-01 17:36 - 00000000 ____D C:\Users\Naharintsoa\AppData\Roaming\IDM
2017-02-20 17:14 - 2016-11-20 20:35 - 00004184 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{A9F64C99-D1F3-4545-B868-ACAF54245546}
2017-02-20 17:06 - 2015-07-31 00:52 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2017-02-20 17:05 - 2015-07-10 12:05 - 00262144 ___SH C:\WINDOWS\system32\config\BBI
2017-02-20 16:45 - 2015-07-31 01:42 - 00000000 ____D C:\WINDOWS\AppReadiness
2017-02-20 16:45 - 2015-06-08 17:55 - 00000000 ____D C:\AdwCleaner
2017-02-20 16:08 - 2016-11-01 16:29 - 00000000 ____D C:\Program Files (x86)\Google
2017-02-20 12:52 - 2016-11-03 07:02 - 00005366 _____ C:\WINDOWS\System32\Tasks\Microsoft Office 15 Sync Maintenance for DESKTOP-A45705F-Naharintsoa DESKTOP-A45705F
2017-02-20 12:12 - 2015-07-31 01:40 - 00000000 ____D C:\WINDOWS\INF
2017-02-20 12:11 - 2016-12-09 10:07 - 01999846 _____ C:\WINDOWS\SysWOW64\PerfStringBackup.INI
2017-02-20 12:11 - 2015-09-10 08:08 - 00870412 _____ C:\WINDOWS\system32\perfh00C.dat
2017-02-20 12:11 - 2015-09-10 08:08 - 00173202 _____ C:\WINDOWS\system32\perfc00C.dat
2017-02-20 12:01 - 2015-07-31 01:42 - 00000000 ____D C:\WINDOWS\system32\NDF
2017-02-20 08:16 - 2016-11-01 19:13 - 00000000 ____D C:\Users\Naharintsoa\AppData\Roaming\vlc
2017-02-20 08:04 - 2016-11-01 17:36 - 00000000 ____D C:\Users\Naharintsoa\Downloads\Compressed
2017-02-20 07:02 - 2016-11-01 17:36 - 00000000 ____D C:\Users\Naharintsoa\Downloads\Video
2017-02-19 21:05 - 2016-11-01 16:19 - 01970678 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2017-02-19 19:26 - 2016-11-01 16:24 - 00000000 ____D C:\Users\Naharintsoa\AppData\Local\Packages
2017-02-19 19:23 - 2015-07-31 01:42 - 00000000 ___HD C:\Program Files\WindowsApps
2017-02-19 07:50 - 2016-11-01 16:24 - 00000000 ____D C:\Users\Naharintsoa
2017-02-18 17:36 - 2016-11-01 17:36 - 00000000 ____D C:\Program Files (x86)\Internet Download Manager
2017-02-18 16:56 - 2016-11-01 18:15 - 00000000 ____D C:\WINDOWS\Minidump
2017-02-18 16:14 - 2016-11-15 20:40 - 00000000 ____D C:\Program Files (x86)\Freemake
2017-02-18 16:06 - 2016-11-01 17:36 - 00001074 _____ C:\Users\Naharintsoa\Desktop\Internet Download Manager.lnk
2017-02-18 15:59 - 2016-11-01 19:39 - 00005382 _____ C:\Users\Naharintsoa\Desktop\Nouveau document texte.txt
2017-02-18 13:54 - 2016-12-09 09:54 - 00000000 ____D C:\Users\Naharintsoa\Documents\Visual Studio 2008
2017-02-18 13:27 - 2015-07-31 01:42 - 00000000 ____D C:\WINDOWS\SysWOW64\Macromed
2017-02-18 13:27 - 2015-07-31 01:42 - 00000000 ____D C:\WINDOWS\system32\Macromed
2017-02-18 06:18 - 2016-12-09 06:55 - 00000000 ___HD C:\Users\Naharintsoa\Desktop\plan
2017-02-16 21:26 - 2016-11-01 18:29 - 00002361 _____ C:\Users\Public\Desktop\Driver Booster 4.lnk
2017-02-16 20:36 - 2016-11-01 18:29 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Driver Booster 4
2017-02-16 20:34 - 2015-07-31 01:42 - 00000000 ____D C:\WINDOWS\system32\GroupPolicy
2017-02-16 19:57 - 2016-11-01 18:59 - 00000000 ___RD C:\Program Files (x86)\Skype
2017-02-16 19:57 - 2016-11-01 18:59 - 00000000 ____D C:\ProgramData\Skype
2017-02-09 08:44 - 2016-11-04 08:42 - 00000000 ____D C:\Program Files\CCleaner
2017-02-09 07:12 - 2017-01-05 21:29 - 00000000 ____D C:\Users\Naharintsoa\AppData\Local\ElevatedDiagnostics
2017-02-03 16:35 - 2016-11-27 07:49 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2017-02-03 16:35 - 2016-11-01 19:18 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2017-02-02 23:02 - 2016-11-01 16:27 - 00002421 _____ C:\Users\Naharintsoa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2017-02-02 23:02 - 2016-11-01 16:27 - 00000000 ___RD C:\Users\Naharintsoa\OneDrive
2017-01-26 21:17 - 2016-11-01 16:53 - 00000000 ____D C:\ProgramData\ProductData
2017-01-21 23:37 - 2015-07-31 01:42 - 00000000 ____D C:\WINDOWS\LiveKernelReports
==================== Fichiers à la racine de certains dossiers =======
2017-01-31 08:12 - 2017-01-31 08:12 - 0001456 _____ () C:\Users\Naharintsoa\AppData\Local\Adobe Enregistrer pour le Web 13.0 Prefs
2016-11-21 19:32 - 2016-11-21 19:32 - 0048050 _____ () C:\ProgramData\agent.1479745963.bdinstall.bin
2016-11-21 21:39 - 2016-11-21 21:39 - 0029153 _____ () C:\ProgramData\agent.1479753564.bdinstall.bin
==================== Bamital & volsnap ======================
(Il n'y a pas de correction automatique pour les fichiers qui ne satisfont pas à la vérification.)
C:\WINDOWS\system32\winlogon.exe => Le fichier est signé numériquement
C:\WINDOWS\system32\wininit.exe => Le fichier est signé numériquement
C:\WINDOWS\explorer.exe => Le fichier est signé numériquement
C:\WINDOWS\SysWOW64\explorer.exe => Le fichier est signé numériquement
C:\WINDOWS\system32\svchost.exe => Le fichier est signé numériquement
C:\WINDOWS\SysWOW64\svchost.exe => Le fichier est signé numériquement
C:\WINDOWS\system32\services.exe => Le fichier est signé numériquement
C:\WINDOWS\system32\User32.dll => Le fichier est signé numériquement
C:\WINDOWS\SysWOW64\User32.dll => Le fichier est signé numériquement
C:\WINDOWS\system32\userinit.exe => Le fichier est signé numériquement
C:\WINDOWS\SysWOW64\userinit.exe => Le fichier est signé numériquement
C:\WINDOWS\system32\rpcss.dll => Le fichier est signé numériquement
C:\WINDOWS\system32\dnsapi.dll => Le fichier est signé numériquement
C:\WINDOWS\SysWOW64\dnsapi.dll => Le fichier est signé numériquement
C:\WINDOWS\system32\Drivers\volsnap.sys => Le fichier est signé numériquement
LastRegBack: 2017-02-19 19:35
==================== Fin de FRST.txt ============================
Exécuté par Naharintsoa (administrateur) sur DESKTOP-A45705F (20-02-2017 20:57:59)
Exécuté depuis C:\Users\Naharintsoa\Downloads\Programs
Profils chargés: Naharintsoa (Profils disponibles: Naharintsoa)
Platform: Windows 10 Pro (X64) Langue: Français (France)
Internet Explorer Version 11 (Navigateur par défaut: IE)
Mode d'amorçage: Normal
Tutoriel pour Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processus (Avec liste blanche) =================
(Si un élément est inclus dans le fichier fixlist.txt, le processus sera arrêté. Le fichier ne sera pas déplacé.)
(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Ellora Assets Corp.) C:\Program Files (x86)\Freemake\CaptureLib\CaptureLibService.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
(RaMMicHaeL) C:\Program Files (x86)\Unchecky\bin\unchecky_svc.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(VMware, Inc.) C:\Windows\SysWOW64\vmnat.exe
(VMware, Inc.) C:\Windows\SysWOW64\vmnetdhcp.exe
(VMware, Inc.) C:\Program Files (x86)\VMware\VMware Player\vmware-authd.exe
() C:\Windows\Temp\gF470.tmp.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(RaMMicHaeL) C:\Program Files (x86)\Unchecky\bin\unchecky_bg.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Tonec Inc.) C:\Program Files (x86)\Internet Download Manager\IDMan.exe
(Tonec Inc.) C:\Program Files (x86)\Internet Download Manager\IEMonitor.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.32.7\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.32.7\GoogleCrashHandler64.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.ZuneVideo_3.6.25071.0_x64__8wekyb3d8bbwe\Video.UI.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsStore_11602.1.26.0_x64__8wekyb3d8bbwe\WinStore.Mobile.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
==================== Registre (Avec liste blanche) ====================
(Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé. Le fichier ne sera pas déplacé.)
HKLM-x32\...\Run: [ProductUpdater] => C:\Program Files (x86)\Common Files\Freemake Shared\ProductUpdater\ProductUpdater.exe
HKU\S-1-5-21-1389410128-70137882-352627930-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [8944344 2016-09-28] (Piriform Ltd)
HKU\S-1-5-21-1389410128-70137882-352627930-1001\...\Run: [IDMan] => C:\Program Files (x86)\Internet Download Manager\IDMan.exe [4019312 2017-02-13] (Tonec Inc.)
HKU\S-1-5-21-1389410128-70137882-352627930-1001\...\RunOnce: [Uninstall C:\Users\Naharintsoa\AppData\Local\Microsoft\OneDrive\17.3.5892.0626\amd64] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Naharintsoa\AppData\Local\Microsoft\OneDrive\17.3.5892.0626\amd64"
HKU\S-1-5-21-1389410128-70137882-352627930-1001\...\RunOnce: [Uninstall C:\Users\Naharintsoa\AppData\Local\Microsoft\OneDrive\17.3.6390.0509\amd64] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Naharintsoa\AppData\Local\Microsoft\OneDrive\17.3.6390.0509\amd64"
HKU\S-1-5-21-1389410128-70137882-352627930-1001\...\MountPoints2: {0176a64f-a327-11e6-8d7c-441ea1ce7076} - "F:\.\Driver\DriverInstaller.exe" -eject
HKU\S-1-5-21-1389410128-70137882-352627930-1001\...\MountPoints2: {018f0e6e-bd06-11e6-8dd4-441ea1ce7076} - "F:\AutoRun.exe" {D2D77DC2-8299-11D1-8949-444553540000} 5.2066.1.A11B02 PID_0083
HKU\S-1-5-21-1389410128-70137882-352627930-1001\...\MountPoints2: {018f0eba-bd06-11e6-8dd4-441ea1ce7076} - "F:\AutoRun.exe" {D2D77DC2-8299-11D1-8949-444553540000} 5.2066.1.A11B02 PID_0083
HKU\S-1-5-21-1389410128-70137882-352627930-1001\...\MountPoints2: {6764bebb-ddb1-11e6-8e55-441ea1ce7076} - "F:\Startme.exe"
HKU\S-1-5-21-1389410128-70137882-352627930-1001\...\MountPoints2: {91e0020a-bbba-11e6-8dcf-441ea1ce7076} - "F:\Startme.exe"
ShellIconOverlayIdentifiers: [ IDM Shell Extension] -> {CDC95B92-E27C-4745-A8C5-64A52A78855D} => C:\Program Files (x86)\Internet Download Manager\IDMShellExt64.dll [2015-08-14] (Tonec Inc.)
GroupPolicy: Restriction - Chrome <======= ATTENTION
==================== Internet (Avec liste blanche) ====================
(Si un élément est inclus dans le fichier fixlist.txt, s'il s'agit d'un élément du Registre, il sera supprimé ou restauré à la valeur par défaut.)
Hosts: 0x2320436F707972696768742028632920313939332D32303039204D6963726F736F667420436F72702E0D0A230D0A23205468697320697320612073616D706C6520484F5354532066696C652075736564206279204D6963726F736F6674205443502F495020666F722057696E646F77732E0D0A230D0A2320546869732066696C6520636F6E7461696E7320746865206D617070696E6773206F662049502061646472657373657320746F20686F7374206E616D65732E20456163680D0A2320656E7472792073686F756C64206265206B657074206F6E20616E20696E646976696475616C206C696E652E2054686520495020616464726573732073686F756C640D0A2320626520706C6163656420696E2074686520666972737420636F6C756D6E20666F6C6C6F7765642062792074686520636F72726573706F6E64696E6720686F7374206E616D652E0D0A2320546865204950206164647265737320616E642074686520686F7374206E616D652073686F756C6420626520736570617261746564206279206174206C65617374206F6E650D0A232073706163652E0D0A230D0A23204164646974696F6E616C6C792C20636F6D6D656E747320287375636820617320746865736529206D617920626520696E736572746564206F6E20696E646976696475616C0D0A23206C696E6573206F7220666F6C6C6F77696E6720746865206D616368696E65206E616D652064656E6F7465642062792061202723272073796D626F6C2E0D0A230D0A2320466F72206578616D706C653A0D0A230D0A232020202020203130322E35342E39342E393720202020207268696E6F2E61636D652E636F6D202020202020202020202320736F75726365207365727665720D0A232020202020202033382E32352E36332E31302020202020782E61636D652E636F6D202020202020202020202020202023207820636C69656E7420686F73740D0A0D0A23206C6F63616C686F7374206E616D65207265736F6C7574696F6E2069732068616E646C65642077697468696E20444E5320697473656C662E0D0A23093132372E302E302E31202020202020206C6F63616C686F73740D0A23093A3A31202020202020202020202020206C6F63616C686F73740D0A0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000D0A0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000D0A0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000D0A0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000D0A0D0A2320756E636865636B795F626567696E0D0A232054686573652072756C657320776572652061646465642062792074686520556E636865636B792070726F6772616D20696E206F7264657220746F20626C6F636B206164766572746973696E6720736F667477617265206D6F64756C65730D0A302E302E302E3020302E302E302E3020232066697820666F72207472616365726F75746520616E64206E65747374617420646973706C617920616E6F6D616C790D0A302E302E302E3020747261636B696E672E6F70656E63616E64792E636F6D2E73332E616D617A6F6E6177732E636F6D0D0A302E302E302E30206D656469612E6F70656E63616E64792E636F6D0D0A302E302E302E302063646E2E6F70656E63616E64792E636F6D0D0A302E302E302E3020747261636B696E672E6F70656E63616E64792E636F6D0D0A302E302E302E30206170692E6F70656E63616E64792E636F6D0D0A302E302E302E30206170692E7265636F6D6D656E64656473772E636F6D0D0A302E302E302E3020696E7374616C6C65722E626574746572696E7374616C6C65722E636F6D0D0A302E302E302E3020696E7374616C6C65722E66696C6562756C6C646F672E636F6D0D0A302E302E302E302064336F78746E31783362386437692E636C6F756466726F6E742E6E65740D0A302E302E302E3020696E6E6F2E62697372762E636F6D0D0A302E302E302E30206E7369732E62697372762E636F6D0D0A302E302E302E302063646E2E66696C65326465736B746F702E636F6D0D0A302E302E302E302063646E2E676F617465617374636163682E75730D0A302E302E302E302063646E2E677574746173746174646B2E75730D0A302E302E302E302063646E2E696E736B696E6D656469612E636F6D0D0A302E302E302E302063646E2E696E7374612E6F6962756E646C6573322E636F6D0D0A302E302E302E302063646E2E696E7374612E706C617962727974652E636F6D0D0A302E302E302E302063646E2E6C6C6F67657466617374636163682E75730D0A302E302E302E302063646E2E6D6F6E74696572612E636F6D0D0A302E302E302E302063646E2E6D7364776E6C642E636F6D0D0A302E302E302E302063646E2E6D7970636261636B75702E636F6D0D0A302E302E302E302063646E2E7070646F776E6C6F61642E636F6D0D0A302E302E302E302063646E2E72696365617465617374636163682E75730D0A302E302E302E302063646E2E73687961706F7461746F2E75730D0A302E302E302E302063646E2E736F6C696D62612E636F6D0D0A302E302E302E302063646E2E7475746F3470632E636F6D0D0A302E302E302E302063646E2E617070726F756E642E62697A0D0A302E302E302E302063646E2E626967737065656470726F2E636F6D0D0A302E302E302E302063646E2E62697370642E636F6D0D0A302E302E302E302063646E2E62697372762E636F6D0D0A302E302E302E302063646E2E63646E64702E636F6D0D0A302E302E302E302063646E2E646F776E6C6F61642E73776565747061636B732E636F6D0D0A302E302E302E302063646E2E6470646F776E6C6F61642E636F6D0D0A302E302E302E302063646E2E76697375616C6265652E6E65740D0A2320756E636865636B795F656E640D0A
Tcpip\..\Interfaces\{116c648a-0451-4edd-a058-1a0a1a53ba66}: [DhcpNameServer] 192.168.42.129
Tcpip\..\Interfaces\{b6de4c39-aa94-47bc-bc4e-7c7de6aceb0e}: [DhcpNameServer] 192.168.1.242
Tcpip\..\Interfaces\{efc1b0b5-b82d-4413-a19c-3df6d66b04aa}: [DhcpNameServer] 192.168.1.1 0.0.0.0
Internet Explorer:
==================
HKU\S-1-5-21-1389410128-70137882-352627930-1001\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://www.msn.com/fr-fr/?ocid=iehp
BHO: IDM integration (IDMIEHlprObj Class) -> {0055C089-8582-441B-A0BF-17B458C2A3A8} -> C:\Program Files (x86)\Internet Download Manager\IDMIECC64.dll [2016-12-10] (Internet Download Manager, Tonec Inc.)
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\Office15\OCHelper.dll [2015-02-10] (Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_111\bin\ssv.dll [2016-11-02] (Oracle Corporation)
BHO: Youtube AdBlock -> {95E84BD3-3604-4AAC-B2CA-D9AC3E55B64B} -> C:\Program Files (x86)\Youtube AdBlock\IEEF\2s18kA.dll => Pas de fichier
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL [2015-01-21] (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_111\bin\jp2ssv.dll [2016-11-02] (Oracle Corporation)
BHO-x32: IDM integration (IDMIEHlprObj Class) -> {0055C089-8582-441B-A0BF-17B458C2A3A8} -> C:\Program Files (x86)\Internet Download Manager\IDMIECC.dll [2016-12-10] (Internet Download Manager, Tonec Inc.)
BHO-x32: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll [2015-02-10] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_111\bin\ssv.dll [2016-11-02] (Oracle Corporation)
BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL [2015-01-21] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_111\bin\jp2ssv.dll [2016-11-02] (Oracle Corporation)
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL [2015-02-17] (Microsoft Corporation)
FireFox:
========
FF DefaultProfile: 6lku5ar5.default
FF ProfilePath: C:\Users\Naharintsoa\AppData\Roaming\Mozilla\Firefox\Profiles\6lku5ar5.default [2017-02-20]
FF Extension: (SHA-1 deprecation staged rollout) - C:\Users\Naharintsoa\AppData\Roaming\Mozilla\Firefox\Profiles\6lku5ar5.default\features\{d7c25857-54b1-482c-a4b9-2e92f5bfa0a5}\disableSHA1rollout@mozilla.org.xpi [2017-02-17]
FF Extension: (IDM integration) - C:\Program Files (x86)\Internet Download Manager\idmmzcc2.xpi [2017-01-26]
FF Extension: (Adblocker for Youtube™) - C:\Program Files (x86)\Mozilla Firefox\browser\features\{95E84BD3-3604-4AAC-B2CA-D9AC3E55B64B} [2017-02-16] [non signé]
FF HKU\S-1-5-21-1389410128-70137882-352627930-1001\...\Firefox\Extensions: [mozilla_cc2@internetdownloadmanager.com] - C:\Program Files (x86)\Internet Download Manager\idmmzcc2.xpi
FF HKU\S-1-5-21-1389410128-70137882-352627930-1001\...\SeaMonkey\Extensions: [mozilla_cc@internetdownloadmanager.com] - C:\Users\Naharintsoa\AppData\Roaming\IDM\idmmzcc5
FF Extension: (IDM CC) - C:\Users\Naharintsoa\AppData\Roaming\IDM\idmmzcc5 [2017-02-20] [non signé]
FF HKU\S-1-5-21-1389410128-70137882-352627930-1001\...\SeaMonkey\Extensions: [mozilla_cc2@internetdownloadmanager.com] - C:\Program Files (x86)\Internet Download Manager\idmmzcc2.xpi
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_24_0_0_221.dll [2017-02-18] ()
FF Plugin: @java.com/DTPlugin,version=11.111.2 -> C:\Program Files\Java\jre1.8.0_111\bin\dtplugin\npDeployJava1.dll [2016-11-02] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.111.2 -> C:\Program Files\Java\jre1.8.0_111\bin\plugin2\npjp2.dll [2016-11-02] (Oracle Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~1\Office15\NPSPWRAP.DLL [2014-01-23] (Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=2.2.4 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_24_0_0_221.dll [2017-02-18] ()
FF Plugin-x32: @java.com/DTPlugin,version=11.111.2 -> C:\Program Files (x86)\Java\jre1.8.0_111\bin\dtplugin\npDeployJava1.dll [2016-11-02] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.111.2 -> C:\Program Files (x86)\Java\jre1.8.0_111\bin\plugin2\npjp2.dll [2016-11-02] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2014-05-21] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office15\NPSPWRAP.DLL [2014-01-22] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2016-12-18] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2016-12-18] (Google Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npMeetingJoinPluginOC.dll [2014-05-21] (Microsoft Corporation)
Chrome:
=======
CHR StartupUrls: Default -> "hxxps://www.google.com/"
CHR Profile: C:\Users\Naharintsoa\AppData\Local\Google\Chrome\User Data\Default [2017-02-20]
CHR Extension: (Google Slides) - C:\Users\Naharintsoa\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2016-11-21]
CHR Extension: (Text URL Linker) - C:\Users\Naharintsoa\AppData\Local\Google\Chrome\User Data\Default\Extensions\aegfbpchoheaflicfmggkmlmcccpjpgd [2016-11-27]
CHR Extension: (Google Docs) - C:\Users\Naharintsoa\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2016-11-21]
CHR Extension: (Google Drive) - C:\Users\Naharintsoa\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-11-21]
CHR Extension: (WOT: Web of Trust, Website Reputation Ratings) - C:\Users\Naharintsoa\AppData\Local\Google\Chrome\User Data\Default\Extensions\bhmmomiinigofkjcapegjjndpbikblnp [2017-02-20]
CHR Extension: (YouTube) - C:\Users\Naharintsoa\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-11-21]
CHR Extension: (Webmail Ad Blocker) - C:\Users\Naharintsoa\AppData\Local\Google\Chrome\User Data\Default\Extensions\cbhfdchmklhpcngcgjmpdbjakdggkkjp [2016-11-21]
CHR Extension: (FlashBlock) - C:\Users\Naharintsoa\AppData\Local\Google\Chrome\User Data\Default\Extensions\cdngiadmnkhgemkimkhiilgffbjijcie [2016-11-21]
CHR Extension: (Adblock Plus) - C:\Users\Naharintsoa\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2017-02-16]
CHR Extension: (Ad-blocker for Gmail™) - C:\Users\Naharintsoa\AppData\Local\Google\Chrome\User Data\Default\Extensions\coibnogmjcpbccgjofoiklnfpbbjbapo [2016-11-21]
CHR Extension: (Tampermonkey) - C:\Users\Naharintsoa\AppData\Local\Google\Chrome\User Data\Default\Extensions\dhdgffkkebhmkfjojejmpbldmpobfkfo [2017-02-16]
CHR Extension: (Blur) - C:\Users\Naharintsoa\AppData\Local\Google\Chrome\User Data\Default\Extensions\epanfjkfahimkgomnigadpkobaefekcd [2017-02-17]
CHR Extension: (Google Sheets) - C:\Users\Naharintsoa\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2016-11-21]
CHR Extension: (EditThisCookie) - C:\Users\Naharintsoa\AppData\Local\Google\Chrome\User Data\Default\Extensions\fngmhnnpilhplaeedifhccceomclgfbg [2017-02-20]
CHR Extension: (Google Docs hors connexion) - C:\Users\Naharintsoa\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-11-21]
CHR Extension: (AdBlock) - C:\Users\Naharintsoa\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2017-02-20]
CHR Extension: (Page Captures d'écran Web - Fireshot) - C:\Users\Naharintsoa\AppData\Local\Google\Chrome\User Data\Default\Extensions\mcbpblocgmgfnpjjppndjkmgjaogfceg [2016-12-11]
CHR Extension: (IDM Integration Module) - C:\Users\Naharintsoa\AppData\Local\Google\Chrome\User Data\Default\Extensions\ngpampappnmepgilojfohadhhmbhlaek [2017-02-16]
CHR Extension: (Paiements via le Chrome Web Store) - C:\Users\Naharintsoa\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-01-18]
CHR Extension: (Gmail) - C:\Users\Naharintsoa\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-11-21]
CHR Extension: (Chrome Media Router) - C:\Users\Naharintsoa\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-02-09]
CHR HKLM\...\Chrome\Extension: [ngpampappnmepgilojfohadhhmbhlaek] - C:\Program Files (x86)\Internet Download Manager\IDMGCExt.crx [2017-02-13]
CHR HKLM-x32\...\Chrome\Extension: [ngpampappnmepgilojfohadhhmbhlaek] - C:\Program Files (x86)\Internet Download Manager\IDMGCExt.crx [2017-02-13]
==================== Services (Avec liste blanche) ====================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
S2 Freemake Improver; C:\ProgramData\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe [104448 2016-12-13] (Freemake) [Fichier non signé]
R2 FreemakeVideoCapture; C:\Program Files (x86)\Freemake\CaptureLib\CaptureLibService.exe [9216 2016-12-13] (Ellora Assets Corp.) [Fichier non signé]
R2 MSSQL$SQLEXPRESS; c:\Program Files (x86)\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe [29181272 2008-12-18] (Microsoft Corporation)
S4 msvsmon90; C:\Program Files\Microsoft Visual Studio 9.0\Common7\IDE\Remote Debugger\x64\msvsmon.exe [4466688 2007-11-07] (Microsoft Corporation)
R2 SynTPEnhService; C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe [246888 2016-12-13] (Synaptics Incorporated)
R2 Unchecky; C:\Program Files (x86)\Unchecky\bin\unchecky_svc.exe [304408 2017-02-08] (RaMMicHaeL)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [362928 2016-10-25] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [24864 2016-10-25] (Microsoft Corporation)
===================== Pilotes (Avec liste blanche) ======================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
S3 ALCATELUSB; C:\WINDOWS\System32\Drivers\AlcatelUsb.sys [25088 2012-08-23] (Windows (R) Codename Longhorn DDK provider)
R3 AtiHDAudioService; C:\WINDOWS\system32\drivers\AtihdWT6.sys [110096 2016-11-01] (Advanced Micro Devices)
R3 e1cexpress; C:\WINDOWS\system32\DRIVERS\e1c64x64.sys [468752 2014-07-28] (Intel Corporation)
R1 HWiNFO32; C:\WINDOWS\SysWOW64\drivers\HWiNFO64A.SYS [26528 2016-11-01] (REALiX(tm))
S3 massfilter_hs; C:\WINDOWS\system32\drivers\massfilter_hs.sys [18456 2011-07-07] (HandSet Incorporated)
S3 netr28ux; C:\WINDOWS\system32\DRIVERS\netr28ux.sys [2244944 2016-05-09] (MediaTek Inc.)
R3 NETwNe64; C:\WINDOWS\System32\drivers\NETwew01.sys [3354384 2015-08-06] (Intel Corporation)
R2 npf; C:\WINDOWS\System32\drivers\npf.sys [35344 2011-02-12] (CACE Technologies, Inc.)
S3 qcusbser; C:\WINDOWS\system32\DRIVERS\qcusbser.sys [242688 2013-01-16] (QUALCOMM Incorporated)
R3 SPUVCbv; C:\WINDOWS\System32\Drivers\SPUVCbv64.sys [760832 2016-12-13] (Sunplus)
S3 UdeCx; C:\WINDOWS\System32\drivers\udecx.sys [44032 2015-07-10] ()
R1 VBoxNetAdp; C:\WINDOWS\system32\DRIVERS\VBoxNetAdp6.sys [131144 2017-01-16] (Oracle Corporation)
R1 VBoxNetLwf; C:\WINDOWS\system32\DRIVERS\VBoxNetLwf.sys [205440 2017-01-16] (Oracle Corporation)
S3 VBoxUSB; C:\WINDOWS\System32\Drivers\VBoxUSB.sys [125008 2015-11-10] (Oracle Corporation)
R0 vsock; C:\WINDOWS\system32\DRIVERS\vsock.sys [91712 2016-09-30] (VMware, Inc.)
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [44568 2015-07-10] (Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\WdFilter.sys [291680 2015-07-10] (Microsoft Corporation)
R2 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [119648 2015-07-10] (Microsoft Corporation)
S3 wfpcapture; \SystemRoot\System32\drivers\wfpcapture.sys [X]
==================== NetSvcs (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
==================== Un mois - Créés - fichiers et dossiers ========
(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)
2017-02-20 20:57 - 2017-02-20 20:57 - 00000000 ____D C:\FRST
2017-02-20 19:59 - 2017-02-20 19:59 - 00016148 _____ C:\WINDOWS\system32\DESKTOP-A45705F_Naharintsoa_HistoryPrediction.bin
2017-02-20 16:37 - 2017-02-20 16:37 - 00114604 _____ C:\Users\Naharintsoa\Downloads\AntiAdware (1).user.js
2017-02-20 16:29 - 2017-02-20 16:30 - 02422784 _____ (Farbar) C:\Users\Naharintsoa\Downloads\FRST64.exe
2017-02-20 16:16 - 2017-02-20 16:16 - 00164174 _____ C:\Users\Naharintsoa\Downloads\adsbypasser (4).user.js
2017-02-20 16:15 - 2017-02-20 16:15 - 00164174 _____ C:\Users\Naharintsoa\Downloads\adsbypasser (3).user.js
2017-02-20 16:14 - 2017-02-20 16:14 - 00114604 _____ C:\Users\Naharintsoa\Downloads\AntiAdware.user.js
2017-02-20 16:13 - 2017-02-20 16:13 - 00226543 _____ C:\Users\Naharintsoa\Downloads\Anti-Adblock Killer - Reek (3).user.js
2017-02-20 16:08 - 2017-02-20 20:52 - 00001575 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2017-02-20 16:08 - 2017-02-20 20:52 - 00001563 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2017-02-20 12:12 - 2016-11-11 23:22 - 00400968 _____ (VMware, Inc.) C:\WINDOWS\SysWOW64\vmnat.exe
2017-02-20 12:12 - 2016-11-11 23:22 - 00366664 _____ (VMware, Inc.) C:\WINDOWS\SysWOW64\vmnetdhcp.exe
2017-02-20 12:12 - 2016-11-11 23:21 - 01148488 _____ (VMware, Inc.) C:\WINDOWS\system32\vnetlib64.dll
2017-02-20 12:12 - 2016-11-11 23:16 - 00088128 _____ (VMware, Inc.) C:\WINDOWS\system32\Drivers\vmx86.sys
2017-02-20 12:12 - 2016-11-11 23:05 - 00066624 _____ (VMware, Inc.) C:\WINDOWS\system32\vnetinst.dll
2017-02-20 12:12 - 2016-11-11 23:05 - 00044096 _____ (VMware, Inc.) C:\WINDOWS\system32\Drivers\vmnetuserif.sys
2017-02-20 12:12 - 2016-09-30 01:12 - 00091712 _____ (VMware, Inc.) C:\WINDOWS\system32\Drivers\vsock.sys
2017-02-20 12:12 - 2016-09-30 01:12 - 00069104 _____ (VMware, Inc.) C:\WINDOWS\system32\vsocklib.dll
2017-02-20 12:12 - 2016-09-30 01:12 - 00065016 _____ (VMware, Inc.) C:\WINDOWS\SysWOW64\vsocklib.dll
2017-02-20 12:12 - 2016-09-06 18:48 - 00083008 _____ (VMware, Inc.) C:\WINDOWS\system32\Drivers\hcmon.sys
2017-02-20 12:11 - 2017-02-20 12:11 - 00001261 _____ C:\Users\Public\Desktop\VMware Workstation 12 Player.lnk
2017-02-20 12:11 - 2017-02-20 12:11 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VMware
2017-02-20 12:11 - 2017-02-20 12:11 - 00000000 ____D C:\Program Files\Common Files\VMware
2017-02-20 12:11 - 2017-02-20 12:11 - 00000000 ____D C:\Program Files (x86)\VMware
2017-02-20 08:22 - 2017-02-20 08:22 - 00000000 ____D C:\WINDOWS\System32\Tasks\microsoft-windowscamera_2016-1215-40-0_x64__8wekyb3d8bbwe
2017-02-20 07:44 - 2017-02-20 12:02 - 00001149 _____ C:\Users\Public\Desktop\Oracle VM VirtualBox.lnk
2017-02-20 07:44 - 2017-02-20 12:02 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Oracle VM VirtualBox
2017-02-20 07:44 - 2017-02-20 07:44 - 00000000 ____D C:\Program Files\Oracle
2017-02-20 07:16 - 2017-02-20 12:13 - 00000000 ____D C:\Users\Naharintsoa\Documents\Virtual Machines
2017-02-20 07:14 - 2017-02-20 13:30 - 00000000 ____D C:\Users\Naharintsoa\AppData\Local\VMware
2017-02-20 07:14 - 2017-02-20 12:13 - 00000000 ____D C:\Users\Naharintsoa\AppData\Roaming\VMware
2017-02-20 07:08 - 2017-02-20 17:06 - 00000000 ____D C:\ProgramData\VMware
2017-02-19 19:42 - 2017-02-19 19:44 - 00000000 ____D C:\Users\Naharintsoa\Documents\Blender Tuto
2017-02-19 19:42 - 2017-02-19 19:42 - 00000000 ____D C:\Users\Naharintsoa\Documents\Cine 4D
2017-02-19 19:42 - 2017-02-19 19:42 - 00000000 ____D C:\Users\Naharintsoa\Documents\Autres Tuto
2017-02-19 07:50 - 2017-02-19 07:50 - 00000000 ____D C:\Users\Naharintsoa\.android
2017-02-19 07:50 - 2017-02-19 07:50 - 00000000 ____D C:\Program Files\ZTE Handset USB Driver
2017-02-19 07:50 - 2011-09-13 09:53 - 00129432 _____ (ZTE Incorporated) C:\WINDOWS\system32\Drivers\zghsvousb.sys
2017-02-19 07:50 - 2011-09-13 09:53 - 00129432 _____ (ZTE Incorporated) C:\WINDOWS\system32\Drivers\zghstrace.sys
2017-02-19 07:50 - 2011-09-13 09:53 - 00129432 _____ (ZTE Incorporated) C:\WINDOWS\system32\Drivers\zghsnmea.sys
2017-02-19 07:50 - 2011-09-13 09:53 - 00129432 _____ (ZTE Incorporated) C:\WINDOWS\system32\Drivers\zghsmdm.sys
2017-02-19 07:50 - 2011-09-13 09:53 - 00129432 _____ (ZTE Incorporated) C:\WINDOWS\system32\Drivers\zghsdiagmdm.sys
2017-02-19 07:50 - 2011-09-13 09:53 - 00129432 _____ (ZTE Incorporated) C:\WINDOWS\system32\Drivers\zghsdiag.sys
2017-02-19 07:50 - 2011-09-13 09:53 - 00129432 _____ (ZTE Incorporated) C:\WINDOWS\system32\Drivers\zghsat.sys
2017-02-19 07:50 - 2011-09-13 09:43 - 00163352 _____ (ZTE Incorporated) C:\WINDOWS\system32\Drivers\zghsnet.sys
2017-02-19 07:50 - 2011-08-15 16:43 - 00584584 _____ C:\WINDOWS\adb.exe
2017-02-19 07:50 - 2011-08-15 16:43 - 00102936 _____ (Google, inc) C:\WINDOWS\AdbWinApi.dll
2017-02-19 07:50 - 2011-07-07 16:13 - 00018456 _____ (HandSet Incorporated) C:\WINDOWS\system32\Drivers\massfilter_hs.sys
2017-02-19 07:50 - 2011-03-28 15:42 - 00129304 _____ (ZTE Incorporated) C:\WINDOWS\system32\Drivers\ghsnmea.sys
2017-02-19 07:50 - 2011-03-28 15:42 - 00129304 _____ (ZTE Incorporated) C:\WINDOWS\system32\Drivers\ghsmdm.sys
2017-02-19 07:50 - 2011-03-28 15:42 - 00129304 _____ (ZTE Incorporated) C:\WINDOWS\system32\Drivers\ghsdiag.sys
2017-02-19 07:50 - 2010-10-18 14:24 - 00038424 _____ (Google Inc) C:\WINDOWS\system32\Drivers\ghsandroid.sys
2017-02-18 16:54 - 2017-02-18 16:54 - 00000000 ____D C:\WINDOWS\System32\Tasks\microsoft-windowsstore_11602-1-26-0_x64__8wekyb3d8bbwe
2017-02-18 16:14 - 2017-02-18 16:19 - 00000000 ____D C:\Users\Naharintsoa\Documents\Freemake
2017-02-18 16:14 - 2017-02-18 16:14 - 00001401 _____ C:\Users\Public\Desktop\Freemake Video Downloader.lnk
2017-02-18 16:14 - 2017-02-18 16:14 - 00000000 ____D C:\Users\Naharintsoa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Freemake
2017-02-18 16:14 - 2017-02-18 16:14 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Freemake
2017-02-18 16:14 - 2017-02-18 16:14 - 00000000 ____D C:\ProgramData\Freemake
2017-02-18 16:14 - 2017-02-18 16:14 - 00000000 ____D C:\Program Files\WinPcap
2017-02-18 16:06 - 2017-02-18 16:06 - 00002044 _____ C:\Users\Naharintsoa\Downloads\2. Config IDM by Majax31 (2).reg
2017-02-18 16:04 - 2017-02-18 16:04 - 00000000 ____D C:\Users\Naharintsoa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Registry Trash Keys Finder
2017-02-18 16:04 - 2017-02-18 16:04 - 00000000 ____D C:\Program Files (x86)\TrashReg
2017-02-18 15:58 - 2017-02-18 15:58 - 01480021 _____ C:\Users\Naharintsoa\Downloads\[opensource] IDM trial reset (1).rar
2017-02-18 15:55 - 2017-02-18 15:55 - 01481190 _____ C:\Users\Naharintsoa\Downloads\IDM Trial Reset-20170218T125452Z.zip
2017-02-18 15:53 - 2017-02-18 15:53 - 00002044 _____ C:\Users\Naharintsoa\Downloads\2. Config IDM by Majax31 (1).reg
2017-02-18 13:27 - 2017-02-18 22:06 - 00001064 _____ C:\WINDOWS\Tasks\Adobe Flash Player PPAPI Notifier.job
2017-02-18 13:27 - 2017-02-18 13:27 - 00004156 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player PPAPI Notifier
2017-02-18 13:25 - 2017-02-18 13:49 - 90955904 _____ C:\Users\Naharintsoa\Downloads\31553759.m3u8
2017-02-18 13:20 - 2017-02-18 16:06 - 00000000 ____D C:\WINDOWS\System32\Tasks\flash
2017-02-18 13:20 - 2017-02-18 13:20 - 00000000 ____D C:\Users\Naharintsoa\AppData\Local\Macromedia
2017-02-18 13:18 - 2017-02-20 20:27 - 00001002 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2017-02-18 13:18 - 2017-02-18 13:27 - 00003988 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater
2017-02-18 13:18 - 2017-02-18 13:18 - 00000000 ____D C:\WINDOWS\System32\Tasks\temp
2017-02-18 13:13 - 2017-02-18 13:20 - 00000000 ____D C:\Users\Naharintsoa\AppData\Local\Adobe
2017-02-18 12:42 - 2017-02-18 12:42 - 00016832 _____ C:\WINDOWS\System32\Tasks\microsoft-getstarted_4-5
2017-02-18 12:41 - 2017-02-18 12:41 - 00016836 _____ C:\WINDOWS\System32\Tasks\microsoft-getstarted_4-5-6
2017-02-18 12:41 - 2017-02-18 12:41 - 00000000 ____D C:\WINDOWS\System32\Tasks\microsoft-getstarted_4-5-6-0_x64__8wekyb3d8bbwe
2017-02-18 07:10 - 2017-02-18 07:14 - 24291292 _____ C:\Users\Naharintsoa\Downloads\Rossy - Ikalasoa Bal Kabosy - vidéo Dailymotion.TS
2017-02-17 20:09 - 2017-02-17 20:09 - 00016842 _____ C:\WINDOWS\System32\Tasks\microsoft-zunevideo_3-6-25071
2017-02-17 20:09 - 2017-02-17 20:09 - 00016830 _____ C:\WINDOWS\System32\Tasks\microsoft-zunevideo_3-6
2017-02-17 20:09 - 2017-02-17 20:09 - 00016826 _____ C:\WINDOWS\System32\Tasks\microsoft-zunevideo_3
2017-02-17 15:59 - 2017-02-17 15:59 - 00000000 ____D C:\WINDOWS\System32\Tasks\updater
2017-02-17 15:59 - 2017-02-17 15:59 - 00000000 ____D C:\WINDOWS\System32\Tasks\phone
2017-02-17 15:59 - 2017-02-17 15:59 - 00000000 ____D C:\WINDOWS\System32\Tasks\browser
2017-02-17 13:35 - 2017-02-17 13:35 - 00016882 _____ C:\WINDOWS\System32\Tasks\microsoft-windowscommunicationsapps_17-6568-46361
2017-02-17 13:35 - 2017-02-17 13:35 - 00016870 _____ C:\WINDOWS\System32\Tasks\microsoft-windowscommunicationsapps_17-6568
2017-02-17 13:35 - 2017-02-17 13:35 - 00016860 _____ C:\WINDOWS\System32\Tasks\microsoft-windowscommunicationsapps_17
2017-02-17 13:35 - 2017-02-17 13:35 - 00000000 ____D C:\WINDOWS\System32\Tasks\microsoft-windowscommunicationsapps_17-6568-46361-0_x64__8wekyb3d8bbwe
2017-02-17 08:35 - 2017-02-20 16:36 - 00001532 _____ C:\WINDOWS\Tasks\microsoft.job
2017-02-17 07:15 - 2017-02-17 07:15 - 00000000 ____D C:\WINDOWS\System32\Tasks\microsoft-zunevideo_3-6-25071-0_x64__8wekyb3d8bbwe
2017-02-16 23:13 - 2017-02-16 23:13 - 00016820 _____ C:\WINDOWS\System32\Tasks\5335R53T21B403-dll
2017-02-16 22:36 - 2017-02-16 22:40 - 04015056 _____ C:\Users\Naharintsoa\Downloads\adwcleaner_6.043.exe
2017-02-16 22:26 - 2017-02-16 22:26 - 00002882 _____ C:\WINDOWS\System32\Tasks\CCleanerSkipUAC
2017-02-16 22:21 - 2017-02-18 15:45 - 00000290 __RSH C:\Users\Naharintsoa\ntuser.pol
2017-02-16 20:56 - 2017-02-16 20:56 - 00000000 ____D C:\WINDOWS\system32\appmgmt
2017-02-16 20:50 - 2017-02-16 20:50 - 00016860 _____ C:\WINDOWS\System32\Tasks\microsoft-windows-photos_16-1118-10000
2017-02-16 20:50 - 2017-02-16 20:50 - 00016848 _____ C:\WINDOWS\System32\Tasks\microsoft-windows-photos_16-1118
2017-02-16 20:50 - 2017-02-16 20:50 - 00016838 _____ C:\WINDOWS\System32\Tasks\microsoft-windows-photos_16
2017-02-16 20:50 - 2017-02-16 20:50 - 00016818 _____ C:\WINDOWS\System32\Tasks\microsoft-windows
2017-02-16 20:47 - 2017-02-16 20:50 - 00000000 ____D C:\WINDOWS\System32\Tasks\microsoft-windows-photos_16-1118-10000-0_x64__8wekyb3d8bbwe
2017-02-16 20:39 - 2017-02-16 20:39 - 00000000 ____D C:\Users\Naharintsoa\AppData\Local\Chromium
2017-02-16 20:39 - 2017-02-16 20:39 - 00000000 ____D C:\Users\Naharintsoa\AppData\Local\CEF
2017-02-16 20:34 - 2017-02-16 21:35 - 00016812 _____ C:\WINDOWS\System32\Tasks\5335R53T21B403
2017-02-16 20:34 - 2017-02-16 20:35 - 00000000 ____D C:\Users\Public\Thunder Network
2017-02-16 20:34 - 2017-02-16 20:34 - 00001876 __RSH C:\ProgramData\ntuser.pol
2017-02-16 20:34 - 2017-02-16 20:34 - 00001062 _____ C:\Users\Naharintsoa\Desktop\Play Warframe.lnk
2017-02-16 20:34 - 2017-02-16 20:34 - 00000000 ___HD C:\ProgramData\5335R53T21B403
2017-02-16 20:34 - 2017-02-16 20:34 - 00000000 ____D C:\ProgramData\Thunder Network
2017-02-16 20:28 - 2017-02-16 20:29 - 01773568 _____ C:\Users\Naharintsoa\Downloads\WiFi_Password_Hacking_Software_2017_WiFi_Hack.iso
2017-02-15 06:16 - 2016-10-10 22:22 - 07357784 _____ C:\Users\Naharintsoa\Desktop\Atao en Sim.avi
2017-02-14 21:58 - 2017-02-15 04:35 - 08665860 _____ C:\Users\Naharintsoa\Downloads\TSY MISY TSY HAY ATAO . KARMELA - vidéo Dailymotion.TS
2017-02-13 20:14 - 2016-10-17 18:35 - 00223464 _____ (Tonec Inc.) C:\WINDOWS\system32\Drivers\idmwfp.sys
2017-02-13 12:37 - 2017-02-13 12:37 - 00000000 ____D C:\Users\Naharintsoa\Documents\legend of korra
2017-02-13 11:42 - 2017-02-13 11:48 - 00000000 ____D C:\Users\Naharintsoa\Documents\Adobe CS 3
2017-02-13 11:42 - 2017-02-13 11:42 - 00000000 ____D C:\Users\Naharintsoa\Documents\3Ds Max 2017
2017-02-13 11:40 - 2017-02-13 11:50 - 00000000 ____D C:\Users\Naharintsoa\Documents\Les fondamentaux d AJAX par la pratique
2017-02-09 15:40 - 2017-02-09 15:40 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Python 2.7
2017-02-09 15:39 - 2017-02-09 15:39 - 00000000 ____D C:\Python27
2017-02-07 11:28 - 2017-02-07 11:51 - 00000000 ____D C:\Users\Naharintsoa\Desktop\-_Animation.de.personnages.3D.avec.3ds.Max.2012
2017-02-07 11:08 - 2017-02-07 11:56 - 00000000 ____D C:\Users\Naharintsoa\Desktop\Elephorm Maîtriser le Particule Flow dans 3ds Max 2013
2017-02-07 10:55 - 2017-02-20 19:49 - 00348160 ___SH C:\Users\Naharintsoa\Desktop\Thumbs.db
2017-02-07 10:51 - 2017-02-07 10:58 - 00036864 ___SH C:\Users\Public\Thumbs.db
2017-02-02 23:02 - 2017-02-02 23:02 - 00003302 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task v2
2017-02-02 13:56 - 2017-02-02 13:56 - 00000000 ____D C:\Users\Naharintsoa\AppData\Roaming\EurekaLog
2017-01-31 18:54 - 2017-02-16 22:44 - 00000000 ____D C:\Users\Naharintsoa\AppData\Roaming\Adobe
2017-01-31 08:12 - 2017-01-31 08:12 - 00001456 _____ C:\Users\Naharintsoa\AppData\Local\Adobe Enregistrer pour le Web 13.0 Prefs
2017-01-24 22:57 - 2017-02-20 12:02 - 00000000 ____D C:\Users\Naharintsoa\VirtualBox VMs
2017-01-24 22:56 - 2017-02-20 12:09 - 00000000 ____D C:\Users\Naharintsoa\.VirtualBox
2017-01-24 22:56 - 2017-01-16 17:38 - 00959720 _____ (Oracle Corporation) C:\WINDOWS\system32\Drivers\VBoxDrv.sys
2017-01-24 22:56 - 2017-01-16 17:38 - 00149304 _____ (Oracle Corporation) C:\WINDOWS\system32\Drivers\VBoxUSBMon.sys
2017-01-24 11:40 - 2017-01-24 22:35 - 00000000 ____D C:\Users\Naharintsoa\Desktop\Film
2017-01-24 11:16 - 2017-01-31 07:36 - 00000000 ____D C:\Users\Naharintsoa\Desktop\best workout
2017-01-23 21:23 - 2017-01-23 21:23 - 00000000 ____D C:\Users\Naharintsoa\AppData\Roaming\Blender Foundation
2017-01-22 06:01 - 2017-01-23 07:07 - 44309156 _____ C:\Users\Naharintsoa\Downloads\Hardcore Busty Babes Ta-Ta Therapy - XNXX.COM.TS
==================== Un mois - Modifiés - fichiers et dossiers ========
(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)
2017-02-20 20:56 - 2016-11-01 18:59 - 00000000 ____D C:\Users\Naharintsoa\AppData\Roaming\Skype
2017-02-20 20:52 - 2016-11-01 19:18 - 00001162 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2017-02-20 20:52 - 2016-11-01 19:18 - 00001150 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk
2017-02-20 20:06 - 2016-11-01 17:36 - 00000000 ____D C:\Users\Naharintsoa\AppData\Roaming\DMCache
2017-02-20 18:40 - 2016-11-27 09:03 - 00000000 ____D C:\Users\Naharintsoa\AppData\LocalLow\Mozilla
2017-02-20 17:51 - 2016-11-01 17:36 - 00000000 ____D C:\Users\Naharintsoa\AppData\Roaming\IDM
2017-02-20 17:14 - 2016-11-20 20:35 - 00004184 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{A9F64C99-D1F3-4545-B868-ACAF54245546}
2017-02-20 17:06 - 2015-07-31 00:52 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2017-02-20 17:05 - 2015-07-10 12:05 - 00262144 ___SH C:\WINDOWS\system32\config\BBI
2017-02-20 16:45 - 2015-07-31 01:42 - 00000000 ____D C:\WINDOWS\AppReadiness
2017-02-20 16:45 - 2015-06-08 17:55 - 00000000 ____D C:\AdwCleaner
2017-02-20 16:08 - 2016-11-01 16:29 - 00000000 ____D C:\Program Files (x86)\Google
2017-02-20 12:52 - 2016-11-03 07:02 - 00005366 _____ C:\WINDOWS\System32\Tasks\Microsoft Office 15 Sync Maintenance for DESKTOP-A45705F-Naharintsoa DESKTOP-A45705F
2017-02-20 12:12 - 2015-07-31 01:40 - 00000000 ____D C:\WINDOWS\INF
2017-02-20 12:11 - 2016-12-09 10:07 - 01999846 _____ C:\WINDOWS\SysWOW64\PerfStringBackup.INI
2017-02-20 12:11 - 2015-09-10 08:08 - 00870412 _____ C:\WINDOWS\system32\perfh00C.dat
2017-02-20 12:11 - 2015-09-10 08:08 - 00173202 _____ C:\WINDOWS\system32\perfc00C.dat
2017-02-20 12:01 - 2015-07-31 01:42 - 00000000 ____D C:\WINDOWS\system32\NDF
2017-02-20 08:16 - 2016-11-01 19:13 - 00000000 ____D C:\Users\Naharintsoa\AppData\Roaming\vlc
2017-02-20 08:04 - 2016-11-01 17:36 - 00000000 ____D C:\Users\Naharintsoa\Downloads\Compressed
2017-02-20 07:02 - 2016-11-01 17:36 - 00000000 ____D C:\Users\Naharintsoa\Downloads\Video
2017-02-19 21:05 - 2016-11-01 16:19 - 01970678 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2017-02-19 19:26 - 2016-11-01 16:24 - 00000000 ____D C:\Users\Naharintsoa\AppData\Local\Packages
2017-02-19 19:23 - 2015-07-31 01:42 - 00000000 ___HD C:\Program Files\WindowsApps
2017-02-19 07:50 - 2016-11-01 16:24 - 00000000 ____D C:\Users\Naharintsoa
2017-02-18 17:36 - 2016-11-01 17:36 - 00000000 ____D C:\Program Files (x86)\Internet Download Manager
2017-02-18 16:56 - 2016-11-01 18:15 - 00000000 ____D C:\WINDOWS\Minidump
2017-02-18 16:14 - 2016-11-15 20:40 - 00000000 ____D C:\Program Files (x86)\Freemake
2017-02-18 16:06 - 2016-11-01 17:36 - 00001074 _____ C:\Users\Naharintsoa\Desktop\Internet Download Manager.lnk
2017-02-18 15:59 - 2016-11-01 19:39 - 00005382 _____ C:\Users\Naharintsoa\Desktop\Nouveau document texte.txt
2017-02-18 13:54 - 2016-12-09 09:54 - 00000000 ____D C:\Users\Naharintsoa\Documents\Visual Studio 2008
2017-02-18 13:27 - 2015-07-31 01:42 - 00000000 ____D C:\WINDOWS\SysWOW64\Macromed
2017-02-18 13:27 - 2015-07-31 01:42 - 00000000 ____D C:\WINDOWS\system32\Macromed
2017-02-18 06:18 - 2016-12-09 06:55 - 00000000 ___HD C:\Users\Naharintsoa\Desktop\plan
2017-02-16 21:26 - 2016-11-01 18:29 - 00002361 _____ C:\Users\Public\Desktop\Driver Booster 4.lnk
2017-02-16 20:36 - 2016-11-01 18:29 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Driver Booster 4
2017-02-16 20:34 - 2015-07-31 01:42 - 00000000 ____D C:\WINDOWS\system32\GroupPolicy
2017-02-16 19:57 - 2016-11-01 18:59 - 00000000 ___RD C:\Program Files (x86)\Skype
2017-02-16 19:57 - 2016-11-01 18:59 - 00000000 ____D C:\ProgramData\Skype
2017-02-09 08:44 - 2016-11-04 08:42 - 00000000 ____D C:\Program Files\CCleaner
2017-02-09 07:12 - 2017-01-05 21:29 - 00000000 ____D C:\Users\Naharintsoa\AppData\Local\ElevatedDiagnostics
2017-02-03 16:35 - 2016-11-27 07:49 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2017-02-03 16:35 - 2016-11-01 19:18 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2017-02-02 23:02 - 2016-11-01 16:27 - 00002421 _____ C:\Users\Naharintsoa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2017-02-02 23:02 - 2016-11-01 16:27 - 00000000 ___RD C:\Users\Naharintsoa\OneDrive
2017-01-26 21:17 - 2016-11-01 16:53 - 00000000 ____D C:\ProgramData\ProductData
2017-01-21 23:37 - 2015-07-31 01:42 - 00000000 ____D C:\WINDOWS\LiveKernelReports
==================== Fichiers à la racine de certains dossiers =======
2017-01-31 08:12 - 2017-01-31 08:12 - 0001456 _____ () C:\Users\Naharintsoa\AppData\Local\Adobe Enregistrer pour le Web 13.0 Prefs
2016-11-21 19:32 - 2016-11-21 19:32 - 0048050 _____ () C:\ProgramData\agent.1479745963.bdinstall.bin
2016-11-21 21:39 - 2016-11-21 21:39 - 0029153 _____ () C:\ProgramData\agent.1479753564.bdinstall.bin
==================== Bamital & volsnap ======================
(Il n'y a pas de correction automatique pour les fichiers qui ne satisfont pas à la vérification.)
C:\WINDOWS\system32\winlogon.exe => Le fichier est signé numériquement
C:\WINDOWS\system32\wininit.exe => Le fichier est signé numériquement
C:\WINDOWS\explorer.exe => Le fichier est signé numériquement
C:\WINDOWS\SysWOW64\explorer.exe => Le fichier est signé numériquement
C:\WINDOWS\system32\svchost.exe => Le fichier est signé numériquement
C:\WINDOWS\SysWOW64\svchost.exe => Le fichier est signé numériquement
C:\WINDOWS\system32\services.exe => Le fichier est signé numériquement
C:\WINDOWS\system32\User32.dll => Le fichier est signé numériquement
C:\WINDOWS\SysWOW64\User32.dll => Le fichier est signé numériquement
C:\WINDOWS\system32\userinit.exe => Le fichier est signé numériquement
C:\WINDOWS\SysWOW64\userinit.exe => Le fichier est signé numériquement
C:\WINDOWS\system32\rpcss.dll => Le fichier est signé numériquement
C:\WINDOWS\system32\dnsapi.dll => Le fichier est signé numériquement
C:\WINDOWS\SysWOW64\dnsapi.dll => Le fichier est signé numériquement
C:\WINDOWS\system32\Drivers\volsnap.sys => Le fichier est signé numériquement
LastRegBack: 2017-02-19 19:35
==================== Fin de FRST.txt ============================