Format du document : text/plain
Prévisualisation
Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 27-05-2015 01
Ran by Mazi (administrator) on MAZI-PC on 28-05-2015 17:01:05
Running from C:\Users\Mazi\Desktop
Loaded Profiles: Mazi & UpdatusUser (Available Profiles: Mazi & UpdatusUser)
Platform: Microsoft Windows 7 Édition Intégrale (X86) OS Language: Français (France)
Internet Explorer Version 9 (Default browser path: "C:\Program Files\Opera\Opera.exe" "%1")
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Microsoft Corporation) C:\Program Files\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
(Microsoft Corporation) C:\Program Files\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
(ClaraLabs) C:\Program Files\Common Files\ClaraUpdater\ClaraUpdater.exe
(StarWind Software) C:\Program Files\Alcohol Soft\Alcohol 52\StarWind\StarWindServiceAE.exe
(Microsoft Corp.) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVCM.EXE
(iCinema) C:\Program Files\I - Cinema\03740980-0cfd-4ede-baa0-6a0d519b8476-6.exe
(iCinema) C:\Program Files\I - Cinema\03740980-0cfd-4ede-baa0-6a0d519b8476-10.exe
(iCinema) C:\Program Files\I - Cinema\03740980-0cfd-4ede-baa0-6a0d519b8476-1-6.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
(Microsoft Corporation) C:\Program Files\Windows Live\Messenger\msnmsgr.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Skype Technologies S.A.) C:\Program Files\Skype\Phone\Skype.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
(Microsoft Corporation) C:\Windows\System32\wuauclt.exe
() C:\Users\Mazi\AppData\Local\gmsd_fr_578\upgmsd_fr_578.exe
() C:\Program Files\gmsd_fr_578\gmsd_fr_578.exe
(Opera Software) C:\Program Files\Opera\opera.exe
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [Spykey] => C:\Users\Mazi\Downloads\Spykey.exe [169840 2010-11-03] (The Spykey Team)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe [12017368 2013-10-24] (Realtek Semiconductor)
HKLM\...\Run: [Adobe ARM] => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1022152 2014-12-19] (Adobe Systems Incorporated)
HKLM\...\Run: [gmsd_fr_571] => "C:\Program Files\gmsd_fr_571\gmsd_fr_571.exe"
HKLM\...\Run: [gmsd_fr_569] => "C:\Program Files\gmsd_fr_569\gmsd_fr_569.exe"
HKLM\...\Run: [gmsd_fr_579] => [X]
HKLM\...\Run: [gmsd_fr_578] => C:\Program Files\gmsd_fr_578\gmsd_fr_578.exe [3980968 2015-05-26] ()
HKLM\...\RunOnce: [upgmsd_fr_578.exe] => C:\Users\Mazi\AppData\Local\gmsd_fr_578\upgmsd_fr_578.exe [3288520 2015-05-26] ()
HKLM\...\Policies\Explorer: [AllowLegacyWebView] 1
HKLM\...\Policies\Explorer: [AllowUnhashedWebView] 1
HKU\S-1-5-21-941474947-1101879431-2883593184-1000\...\Run: [msnmsgr] => C:\Program Files\Windows Live\Messenger\msnmsgr.exe [4283256 2011-05-13] (Microsoft Corporation)
HKU\S-1-5-21-941474947-1101879431-2883593184-1000\...\Run: [AlcoholAutomount] => C:\Program Files\Alcohol Soft\Alcohol 52\AxAutoMntSrv.exe [33120 2010-08-20] (Alcohol Soft Development Team)
HKU\S-1-5-21-941474947-1101879431-2883593184-1000\...\Run: [Skype] => C:\Program Files\Skype\Phone\Skype.exe [31282816 2015-04-17] (Skype Technologies S.A.)
HKU\S-1-5-21-941474947-1101879431-2883593184-1000\...\MountPoints2: {2ea21340-fb3f-11e0-9c91-806e6f6e6963} - H:\Autorun.exe
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\S-1-5-21-941474947-1101879431-2883593184-1000\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://fr.msn.com/?ocid=iehp
HKU\S-1-5-21-941474947-1101879431-2883593184-1000\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome
HKU\S-1-5-21-941474947-1101879431-2883593184-1000\Software\Microsoft\Internet Explorer\Main,Search Bar = http://search.msn.com/spbasic.htm
HKU\S-1-5-21-941474947-1101879431-2883593184-1000\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
SearchScopes: HKLM -> DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = http://www.mystartsearch.com/web/?type=ds&ts=1432809482&z=7b0d583b1215bea3b4808abgbzbc9oeb3ebt7zbbdw&from=slb2&uid=395049983_266162_427DA0E2&q={searchTerms}
SearchScopes: HKLM -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = http://www.mystartsearch.com/web/?type=ds&ts=1432809482&z=7b0d583b1215bea3b4808abgbzbc9oeb3ebt7zbbdw&from=slb2&uid=395049983_266162_427DA0E2&q={searchTerms}
SearchScopes: HKLM -> {80c554b9-c7f8-4a21-9471-06d606da78a2} URL = http://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSSE
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\.DEFAULT -> {483830EE-A4CD-4b71-B0A3-3D82E62A6909} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-941474947-1101879431-2883593184-1000 -> DefaultScope {2023ECEC-E06A-4372-A1C7-0B49F9E0FFF0} URL = http://www.oursurfing.com/web/?utm_source=b&utm_medium=cmi&utm_campaign=install_ie&utm_content=ds&from=cmi&uid=395049983_266162_427DA0E2&ts=1432751214&type=default&q={searchTerms}
SearchScopes: HKU\S-1-5-21-941474947-1101879431-2883593184-1000 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://www.oursurfing.com/web/?utm_source=b&utm_medium=cmi&utm_campaign=install_ie&utm_content=ds&from=cmi&uid=395049983_266162_427DA0E2&ts=1432751214&type=default&q={searchTerms}
SearchScopes: HKU\S-1-5-21-941474947-1101879431-2883593184-1000 -> {2023ECEC-E06A-4372-A1C7-0B49F9E0FFF0} URL = http://www.oursurfing.com/web/?utm_source=b&utm_medium=cmi&utm_campaign=install_ie&utm_content=ds&from=cmi&uid=395049983_266162_427DA0E2&ts=1432751214&type=default&q={searchTerms}
SearchScopes: HKU\S-1-5-21-941474947-1101879431-2883593184-1000 -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = http://www.oursurfing.com/web/?utm_source=b&utm_medium=cmi&utm_campaign=install_ie&utm_content=ds&from=cmi&uid=395049983_266162_427DA0E2&ts=1432751214&type=default&q={searchTerms}
SearchScopes: HKU\S-1-5-21-941474947-1101879431-2883593184-1000 -> {E733165D-CBCF-4FDA-883E-ADEF965B476C} URL = http://www.oursurfing.com/web/?utm_source=b&utm_medium=cmi&utm_campaign=install_ie&utm_content=ds&from=cmi&uid=395049983_266162_427DA0E2&ts=1432751214&type=default&q={searchTerms}
BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2015-05-01] (Microsoft Corporation)
BHO: Edu App 1.0.0.7 -> {cf07d83b-d1b0-4642-b955-e7eb9b9cf5b3} -> C:\Program Files\Edu App\EduAppbho.dll [2015-05-27] (Edu App)
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2015-05-01] (Microsoft Corporation)
Winsock: Catalog5 000000000001 mswsock.dll File not found ATTENTION: LibraryPath should be "%SystemRoot%\system32\NLAapi.dll"
Winsock: Catalog5 000000000002 mswsock.dll File not found ATTENTION: LibraryPath should be "%SystemRoot%\System32\mswsock.dll"
Winsock: Catalog5 000000000007 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145280 2011-03-28] (Microsoft Corp.)
Winsock: Catalog5 000000000008 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145280 2011-03-28] (Microsoft Corp.)
Tcpip\Parameters: [DhcpNameServer] 89.2.0.1 89.2.0.2
StartMenuInternet: IEXPLORE.EXE - C:\Program Files\Internet Explorer\iexplore.exe http://www.oursurfing.com/?type=sc&ts=1432751195&z=c486fedd248ea81fbe4c691gczfcao0mew3g1gbt0m&from=cmi&uid=395049983_266162_427DA0E2
FireFox:
========
FF ProfilePath: C:\Users\Mazi\AppData\Roaming\Mozilla\Firefox\Profiles\xmtcd1sr.default
FF DefaultSearchEngine: Trovi
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32_17_0_0_169.dll [2015-05-11] ()
FF Plugin: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll [2011-05-13] (Microsoft Corporation)
FF Plugin: @microsoft.com/WLPG,version=15.4.3538.0513 -> C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll [2011-05-13] (Microsoft Corporation)
FF Plugin: @staging.google.com/globalUpdate Update;version=10 -> C:\Program Files\globalUpdate\Update\1.3.25.0\npglobalupdateUpdate4.dll No File
FF Plugin: @staging.google.com/globalUpdate Update;version=4 -> C:\Program Files\globalUpdate\Update\1.3.25.0\npglobalupdateUpdate4.dll No File
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.21.123\npGoogleUpdate3.dll [2012-11-06] (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.21.123\npGoogleUpdate3.dll [2012-11-06] (Google Inc.)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2015-05-01] (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Users\Mazi\AppData\Roaming\mozilla\plugins\np-mswmp.dll [2009-09-25] (Microsoft Corporation)
FF Extension: SNT - C:\Users\Mazi\AppData\Roaming\Mozilla\Firefox\Profiles\xmtcd1sr.default\Extensions\e_iiioi@kcy-aii.com [2014-05-25]
FF Extension: sbconformingmasahalinfo - C:\Users\Mazi\AppData\Roaming\Mozilla\Firefox\Profiles\xmtcd1sr.default\Extensions\sbconforming@masahal.info [2015-05-08]
FF Extension: winservice86 - C:\Users\Mazi\AppData\Roaming\Mozilla\Firefox\Profiles\xmtcd1sr.default\Extensions\taylorralston@hotmail.com [2014-09-16]
FF Extension: Savings Wizard - C:\Users\Mazi\AppData\Roaming\Mozilla\Firefox\Profiles\xmtcd1sr.default\Extensions\{090AF4A1-CDA6-D91F-096A-378C214EE20C} [2014-07-03]
FF Extension: c4080853c6994120b8e0618bff8a4474 - C:\Users\Mazi\AppData\Roaming\Mozilla\Firefox\Profiles\xmtcd1sr.default\Extensions\{c4080853-c699-4120-b8e0-618bff8a4474} [2015-05-14]
FF Extension: Skype Click to Call - C:\Program Files\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}.xpi [2014-07-14]
FF HKLM\...\Firefox\Extensions: [ext@RichMediaViewV1release115.net] - C:\Program Files\RichMediaViewV1\RichMediaViewV1release115\ff
FF HKLM\...\Firefox\Extensions: [ext@TrustMediaViewerV1alpha4667.net] - C:\Program Files\TrustMediaViewerV1\TrustMediaViewerV1alpha4667\ff
FF HKU\S-1-5-21-941474947-1101879431-2883593184-1000\...\Firefox\Extensions: [{E634117B-33A8-4C70-8210-198010F03834}] - C:\Users\Mazi\AppData\Roaming\07003.115
FF Extension: Java Link Helper - C:\Users\Mazi\AppData\Roaming\07003.115 [2013-11-06]
FF Extension: No Name - C:\Users\Mazi\AppData\Roaming\Mozilla\Firefox\Profiles\xmtcd1sr.default\extensions\faststartff@gmail.com [not found]
FF Extension: No Name - C:\Users\Mazi\AppData\Roaming\Mozilla\Firefox\Profiles\xmtcd1sr.default\extensions\quick_searchff@gmail.com [not found]
FF Extension: No Name - C:\Program Files\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} [not found]
FF ExtraCheck: C:\Program Files\mozilla firefox\firefox.cfg [2013-04-10] <==== ATTENTION
Chrome:
=======
CHR dev: Chrome dev build detected! <======= ATTENTION
CHR Profile: C:\Users\Mazi\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (No Name) - C:\Users\Mazi\AppData\Local\Google\Chrome\User Data\Default\Extensions\cnhdjbfjheoohmhpakglckehdcgfffbl [2015-05-26]
CHR Extension: (No Name) - C:\Users\Mazi\AppData\Local\Google\Chrome\User Data\Default\Extensions\dimfohdigjaffdaanhmbocfkpolglnjk [2015-05-27]
CHR Extension: (No Name) - C:\Users\Mazi\AppData\Local\Google\Chrome\User Data\Default\Extensions\idhkmcfanijhphphomamdkaejjadkhgn [2015-05-27]
CHR HKLM\...\Chrome\Extension: [fmgcacdoiabejjobhmhdhbifobmefnfk] - C:\Program Files\RichMediaViewV1\RichMediaViewV1release115\ch\RichMediaViewV1release115.crx [Not Found]
CHR HKLM\...\Chrome\Extension: [gfkbfjcbkhnmiignagpkiijohkcdkffb] - https://clients2.google.com/service/update2/crx
CHR HKLM\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx [2015-05-01]
CHR HKLM\...\Chrome\Extension: [nfcfkgcdgpcjpagdjegdjpglblcllimo] - C:\Program Files\MediaBuzzV1\MediaBuzzV1mode8657\ch\MediaBuzzV1mode8657.crx [Not Found]
CHR HKLM\...\Chrome\Extension: [pigmnjdjbekfpnfmblhnhfogbdmbcnif] - C:\ProgramData\Browse2save\pigmnjdjbekfpnfmblhnhfogbdmbcnif.crx [Not Found]
StartMenuInternet: Google Chrome - C:\Program Files\Google\Chrome\Application\chrome.exe http://www.mystartsearch.com/?type=sc&ts=1432809482&z=7b0d583b1215bea3b4808abgbzbc9oeb3ebt7zbbdw&from=slb2&uid=395049983_266162_427DA0E2
Opera:
=======
OPR Extension: (cnhdjbfjheoohmhpakglckehdcgfffbl) - C:\Users\Mazi\AppData\Roaming\Opera Software\Opera Stable\Extensions\cnhdjbfjheoohmhpakglckehdcgfffbl [2015-05-26]
OPR Extension: (I - Cinema) - C:\Users\Mazi\AppData\Roaming\Opera Software\Opera Stable\Extensions\dimfohdigjaffdaanhmbocfkpolglnjk [2015-05-27]
OPR Extension: (Assist Point) - C:\Users\Mazi\AppData\Roaming\Opera Software\Opera Stable\Extensions\gddfnoocepfjlafagonbpkmocgofkdna [2015-05-01]
OPR Extension: (iilcekgoelpgecpjnnoikhbleipnjdhf) - C:\Users\Mazi\AppData\Roaming\Opera Software\Opera Stable\Extensions\iilcekgoelpgecpjnnoikhbleipnjdhf [2015-05-14]
OPR Extension: (oipgklkggfaokcoipmecomffdpebimle) - C:\Users\Mazi\AppData\Roaming\Opera Software\Opera Stable\Extensions\oipgklkggfaokcoipmecomffdpebimle [2015-05-09]
OPR Extension: (winservice86) - C:\Users\Mazi\AppData\Roaming\Opera Software\Opera Stable\Extensions\onhcengeacabehdkdhbdcigfolmmakof [2014-10-12]
StartMenuInternet: (HKLM) Opera - C:\Program Files\Opera\Opera.exe http://www.mystartsearch.com/?type=sc&ts=1432809482&z=7b0d583b1215bea3b4808abgbzbc9oeb3ebt7zbbdw&from=slb2&uid=395049983_266162_427DA0E2
========================== Services (Whitelisted) =================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 c2cautoupdatesvc; C:\Program Files\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1394816 2015-05-01] (Microsoft Corporation)
R2 c2cpnrsvc; C:\Program Files\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1772672 2015-05-01] (Microsoft Corporation)
R2 ClaraUpdater; C:\Program Files\Common Files\ClaraUpdater\ClaraUpdater.exe [887376 2015-05-27] (ClaraLabs)
R2 StarWindServiceAE; C:\Program Files\Alcohol Soft\Alcohol 52\StarWind\StarWindServiceAE.exe [370620 2009-12-23] (StarWind Software) [File not signed]
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [680960 2009-07-14] (Microsoft Corporation)
==================== Drivers (Whitelisted) ====================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S3 ManyCam; C:\Windows\System32\DRIVERS\mcvidrv.sys [40736 2013-11-27] (Visicom Media Inc.)
S3 mcaudrv_simple; C:\Windows\System32\drivers\mcaudrv.sys [29728 2013-12-06] (Visicom Media Inc.)
S3 scvad_simple; C:\Windows\System32\drivers\SplitCamAudio.sys [18944 2013-04-24] (Windows (R) Win 7 DDK provider)
S3 SilverLink; C:\Windows\System32\Drivers\SilvrLnk.sys [21456 2004-01-28] (Texas Instruments Incorporated)
R0 sptd; C:\Windows\System32\Drivers\sptd.sys [431672 2011-05-20] () [File not signed]
S3 tap0901; C:\Windows\System32\DRIVERS\tap0901.sys [23040 2015-05-04] (The OpenVPN Project)
S3 TIEHDUSB; C:\Windows\System32\drivers\tiehdusb.sys [49536 2004-02-04] (Texas Instruments Incorporated) [File not signed]
S3 USBTINSP; C:\Windows\System32\DRIVERS\tinspusb.sys [122752 2012-04-27] (Texas Instruments)
U3 ayvzedq5; C:\Windows\system32\Drivers\ayvzedq5.sys [0 ] (Advanced Micro Devices) <==== ATTENTION (zero byte File/Folder)
S3 cpuz134; \??\C:\Users\Mazi\AppData\Local\Temp\cpuz134\cpuz134_x32.sys [X]
S1 ngiym2v2m3nibgf; system32\drivers\ngiym2v2m3nibgf.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== Three Months Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2015-05-28 17:01 - 2015-05-28 17:01 - 00017422 _____ () C:\Users\Mazi\Desktop\FRST.txt
2015-05-28 17:00 - 2015-05-28 17:01 - 00000000 ____D () C:\FRST
2015-05-28 16:59 - 2015-05-28 16:59 - 01147392 _____ (Farbar) C:\Users\Mazi\Desktop\FRST.exe
2015-05-28 13:21 - 2015-05-28 13:21 - 00022335 _____ () C:\Users\Mazi\Desktop\RKreport_DEL_05282015_132053.log
2015-05-28 13:20 - 2015-05-28 16:26 - 00000000 ____D () C:\Users\Mazi\AppData\Local\gmsd_fr_578
2015-05-28 13:20 - 2015-05-28 13:20 - 00000000 ____D () C:\Program Files\gmsd_fr_578
2015-05-28 13:04 - 2015-05-28 13:04 - 03480040 _____ (McAfee, Inc.) C:\Users\Mazi\Desktop\MCPR.exe
2015-05-28 12:48 - 2015-05-28 12:48 - 00022033 _____ () C:\Users\Mazi\Desktop\Rapport RogueKiller.txt
2015-05-28 12:38 - 2015-05-28 12:38 - 00000000 ____D () C:\Users\Mazi\AppData\Roaming\mystartsearch
2015-05-28 12:38 - 2015-05-28 12:38 - 00000000 ____D () C:\Users\Mazi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\GUPlayer
2015-05-28 12:38 - 2015-05-28 12:38 - 00000000 ____D () C:\Program Files\predm
2015-05-28 12:38 - 2015-05-28 12:38 - 00000000 ____D () C:\Program Files\GUPlayer
2015-05-28 12:21 - 2015-05-28 12:21 - 00000000 ____D () C:\Users\Mazi\AppData\Local\{C4D5BF44-D3A8-4E92-B9D6-3FC9678B1E42}
2015-05-27 23:32 - 2015-05-27 23:32 - 00000000 ____D () C:\Users\Mazi\AppData\Local\{9FA665CC-1794-4ACF-ADC0-0A03AFEA5276}
2015-05-27 21:31 - 2015-05-28 12:43 - 00000000 ____D () C:\Users\Mazi\AppData\Local\CrashDumps
2015-05-27 21:29 - 2015-05-28 13:12 - 00035064 _____ () C:\Windows\system32\Drivers\TrueSight.sys
2015-05-27 21:29 - 2015-05-27 21:37 - 00000000 ____D () C:\ProgramData\RogueKiller
2015-05-27 21:18 - 2015-05-27 21:19 - 00000128 _____ () C:\Windows\Reimage.ini
2015-05-27 21:14 - 2015-05-28 16:14 - 00005826 _____ () C:\Windows\Tasks\03740980-0cfd-4ede-baa0-6a0d519b8476-6.job
2015-05-27 21:14 - 2015-05-28 16:14 - 00003102 _____ () C:\Windows\Tasks\03740980-0cfd-4ede-baa0-6a0d519b8476-1-6.job
2015-05-27 21:14 - 2015-05-28 16:14 - 00002076 _____ () C:\Windows\Tasks\03740980-0cfd-4ede-baa0-6a0d519b8476-10_user.job
2015-05-27 21:14 - 2015-05-28 15:14 - 00005482 _____ () C:\Windows\Tasks\03740980-0cfd-4ede-baa0-6a0d519b8476-7.job
2015-05-27 21:14 - 2015-05-28 15:14 - 00005148 _____ () C:\Windows\Tasks\03740980-0cfd-4ede-baa0-6a0d519b8476-11.job
2015-05-27 21:14 - 2015-05-28 15:14 - 00004458 _____ () C:\Windows\Tasks\03740980-0cfd-4ede-baa0-6a0d519b8476-3.job
2015-05-27 21:14 - 2015-05-28 15:14 - 00003438 _____ () C:\Windows\Tasks\03740980-0cfd-4ede-baa0-6a0d519b8476-1-7.job
2015-05-27 21:14 - 2015-05-28 15:14 - 00002754 _____ () C:\Windows\Tasks\03740980-0cfd-4ede-baa0-6a0d519b8476-5_user.job
2015-05-27 21:14 - 2015-05-28 15:14 - 00002754 _____ () C:\Windows\Tasks\03740980-0cfd-4ede-baa0-6a0d519b8476-5.job
2015-05-27 21:14 - 2015-05-27 21:14 - 00000000 ____D () C:\Program Files\I - Cinema
2015-05-27 21:14 - 2015-05-27 21:14 - 00000000 ____D () C:\Program Files\bf3902a6-1f7b-48a2-a960-2125170239db
2015-05-27 21:13 - 2015-05-27 21:14 - 00000892 _____ () C:\Windows\system32\${LOGFILE}
2015-05-27 21:13 - 2015-05-27 21:13 - 00007862 _____ () C:\claraInstaller.txt
2015-05-27 21:13 - 2015-05-27 21:13 - 00000000 ____D () C:\Users\Mazi\AppData\Local\BoBrowser
2015-05-27 21:13 - 2015-05-27 21:13 - 00000000 ____D () C:\Program Files\Common Files\ClaraUpdater
2015-05-27 21:12 - 2015-05-27 21:12 - 00000000 ____D () C:\ProgramData\f6ab02470000049d
2015-05-27 20:39 - 2015-05-28 15:19 - 00000900 _____ () C:\Windows\Tasks\globalUpdateUpdateTaskMachineUA.job
2015-05-27 20:39 - 2015-05-27 20:39 - 00000000 ____D () C:\Program Files\Edu App
2015-05-27 20:38 - 2015-05-28 13:09 - 00000896 _____ () C:\Windows\Tasks\globalUpdateUpdateTaskMachineCore.job
2015-05-27 20:38 - 2015-05-28 12:36 - 00000000 ____D () C:\Users\Mazi\AppData\Roaming\WTools
2015-05-27 20:38 - 2015-05-28 12:30 - 00000000 ____D () C:\Users\Mazi\AppData\Roaming\Store
2015-05-27 20:38 - 2015-05-27 20:38 - 00000078 _____ () C:\Users\Mazi\AppData\Roaming\WindApp.installation.log
2015-05-27 20:38 - 2015-05-27 20:38 - 00000078 _____ () C:\Users\Mazi\AppData\Roaming\Selection Tools.installation.log
2015-05-27 20:38 - 2015-05-27 20:38 - 00000000 ____D () C:\Users\UpdatusUser\AppData\Local\Crossbrowse
2015-05-27 20:38 - 2015-05-27 20:38 - 00000000 ____D () C:\Users\Mazi\AppData\Local\globalUpdate
2015-05-27 20:38 - 2015-05-27 20:38 - 00000000 ____D () C:\Users\Mazi\AppData\Local\Crossbrowse
2015-05-27 20:38 - 2015-05-27 20:38 - 00000000 ____D () C:\Users\Invité\AppData\Local\Crossbrowse
2015-05-27 20:38 - 2015-05-27 20:38 - 00000000 ____D () C:\Users\HomeGroupUser$\AppData\Local\Crossbrowse
2015-05-27 20:38 - 2015-05-27 20:38 - 00000000 ____D () C:\Users\Administrateur\AppData\Local\Crossbrowse
2015-05-27 20:37 - 2015-05-27 21:14 - 00000000 ____D () C:\Users\Mazi\AppData\Roaming\Nosibay
2015-05-27 20:37 - 2015-05-27 20:38 - 00005708 _____ () C:\Users\Mazi\AppData\Roaming\Bubble Dock.installation.log
2015-05-27 20:37 - 2015-05-27 20:38 - 00001306 _____ () C:\Users\Mazi\AppData\Roaming\Bubble Dock.boostrap.log
2015-05-27 20:37 - 2015-05-27 20:37 - 00000097 _____ () C:\Users\Mazi\AppData\Roaming\WindApp.boostrap.log
2015-05-27 20:26 - 2015-05-27 21:11 - 00000000 ____D () C:\Users\Mazi\AppData\Local\SmartWeb
2015-05-27 20:26 - 2015-05-27 20:27 - 00000000 ____D () C:\Program Files\XTab
2015-05-27 20:26 - 2015-05-27 20:26 - 00000000 ____D () C:\Users\Mazi\AppData\Roaming\oursurfing
2015-05-27 20:26 - 2015-05-27 20:26 - 00000000 ____D () C:\ProgramData\WindowsMangerProtect
2015-05-27 20:26 - 2015-05-27 20:26 - 00000000 ____D () C:\ProgramData\IHProtectUpDate
2015-05-27 19:56 - 2015-05-27 19:56 - 00015512 _____ () C:\Users\Mazi\Desktop\AdwCleaner[S2].txt
2015-05-27 19:44 - 2015-05-27 19:44 - 00585180 _____ () C:\Users\Mazi\Desktop\ZHPCleaner.txt
2015-05-27 19:30 - 2015-05-28 12:58 - 00000828 _____ () C:\Users\Mazi\Desktop\ZHPCleaner.lnk
2015-05-27 19:30 - 2015-05-27 19:30 - 00000000 ____D () C:\Users\Mazi\AppData\Local\Opera Software
2015-05-27 16:38 - 2015-05-27 16:38 - 00001933 _____ () C:\Users\Mazi\Desktop\ZHPFix.lnk
2015-05-27 16:38 - 2015-05-27 16:38 - 00001806 _____ () C:\Users\Mazi\Desktop\ZHPDiag.lnk
2015-05-27 16:38 - 2015-05-27 16:38 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ZHP
2015-05-27 15:54 - 2015-05-28 12:38 - 00002061 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Opera.lnk
2015-05-27 15:54 - 2015-05-28 12:38 - 00002049 _____ () C:\Users\Public\Desktop\Opera.lnk
2015-05-27 12:27 - 2015-05-27 12:27 - 00157977 _____ () C:\Users\Mazi\Desktop\ZHPDiag.txt
2015-05-27 12:26 - 2015-05-27 12:26 - 00000512 _____ () C:\PhysicalDisk0_MBR.bin
2015-05-27 12:18 - 2015-05-27 16:38 - 00000000 ____D () C:\Program Files\ZHPDiag
2015-05-27 12:03 - 2015-05-27 12:03 - 00613255 _____ (CMI Limited) C:\Users\Mazi\AppData\Local\nsh7F5D.tmp
2015-05-27 11:31 - 2015-05-27 11:31 - 00000000 ____D () C:\Users\Mazi\AppData\Local\{0B42B49E-2534-4575-9A19-7E030893F291}
2015-05-26 23:41 - 2015-05-26 23:41 - 00613255 _____ (CMI Limited) C:\Users\Mazi\AppData\Local\nss738.tmp
2015-05-26 23:40 - 2015-05-27 21:18 - 00000000 ____D () C:\Program Files\8eb6b49d-3c54-4bc8-9a37-e9d20ec0bba8
2015-05-26 23:08 - 2015-05-26 23:08 - 00000000 ____D () C:\Users\Mazi\AppData\Local\{F8AA5C91-6E35-419E-B699-22CECE7CCF43}
2015-05-25 20:21 - 2015-05-25 20:21 - 00613255 _____ (CMI Limited) C:\Users\Mazi\AppData\Local\nsaBE62.tmp
2015-05-25 17:40 - 2015-05-25 17:40 - 00000000 ____D () C:\ProgramData\99ddd194860b49de9c3d4fa67f327de5
2015-05-25 16:18 - 2015-05-25 16:18 - 00613255 _____ (CMI Limited) C:\Users\Mazi\AppData\Local\nsx95AB.tmp
2015-05-25 15:14 - 2015-05-25 15:14 - 00000000 ____D () C:\Users\Mazi\AppData\Local\{17CD3238-89CA-451C-80A0-05C9A48F7A64}
2015-05-25 00:22 - 2015-05-25 00:22 - 00613255 _____ (CMI Limited) C:\Users\Mazi\AppData\Local\nsj638F.tmp
2015-05-24 18:05 - 2015-05-24 18:05 - 00000000 ____D () C:\Users\Mazi\AppData\Local\Skype
2015-05-24 13:21 - 2015-05-25 01:22 - 00000000 ____D () C:\Users\Mazi\AppData\Local\{DFB5D40D-7AFA-4615-85EA-1D4B97EE9CD1}
2015-05-23 11:48 - 2015-05-23 23:49 - 00000000 ____D () C:\Users\Mazi\AppData\Local\{0B903D86-EC83-4EF5-B363-40B5250856F1}
2015-05-23 11:47 - 2015-05-23 19:31 - 00000000 ____D () C:\Users\Mazi\AppData\Local\VirtualStore
2015-05-23 11:47 - 2015-05-23 11:47 - 00071224 _____ () C:\Users\Mazi\AppData\Local\GDIPFONTCACHEV1.DAT
2015-05-23 00:04 - 2015-05-23 00:04 - 00000000 ____D () C:\Users\Mazi\AppData\Local\Adobe
2015-05-22 19:41 - 2015-05-27 19:30 - 01840640 _____ () C:\Users\Mazi\ZHPCleaner.exe
2015-05-22 16:30 - 2015-05-28 12:58 - 00000000 ____D () C:\Users\Mazi\AppData\Roaming\ZHP
2015-05-22 13:40 - 2015-05-22 13:44 - 00000000 ____D () C:\ProgramData\wVerUb
2015-05-21 15:54 - 2015-05-28 12:38 - 00001226 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Opera 29.lnk
2015-05-21 00:31 - 2015-05-21 00:31 - 00000000 ____D () C:\ProgramData\Ruussiafkabar
2015-05-20 20:27 - 2015-05-20 20:27 - 00000000 ____D () C:\Users\Mazi\AppData\Roaming\Picexa Viewer
2015-05-20 19:20 - 2015-05-20 19:20 - 00000000 ____D () C:\ProgramData\7c0535b143fc4671b6ebd202fbffe066
2015-05-20 19:20 - 2015-05-20 19:20 - 00000000 ____D () C:\ProgramData\10311bf341d64c51bba171380dae5e03
2015-05-16 13:39 - 2015-05-22 13:35 - 00000000 ____D () C:\Users\Mazi\AppData\Roaming\Microsoft\Windows\Start Menu\Desktop Search
2015-05-14 22:09 - 2015-05-28 13:08 - 00001736 _____ () C:\Windows\setupact.log
2015-05-14 22:09 - 2015-05-28 12:54 - 00086658 _____ () C:\Windows\PFRO.log
2015-05-14 22:09 - 2015-05-14 22:09 - 00000000 _____ () C:\Windows\setuperr.log
2015-05-14 20:59 - 2015-05-14 20:59 - 06484352 _____ (Piriform Ltd) C:\Users\Mazi\Downloads\ccsetup505 [1].exe
2015-05-14 16:01 - 2015-05-14 16:01 - 00013524 _____ () C:\Windows\system32\cfg
2015-05-13 21:00 - 2015-05-13 21:00 - 00000000 ____D () C:\Users\Mazi\AppData\Roaming\00000000-1431543630-0000-0000-6C626D9EA8C0
2015-05-13 21:00 - 2015-05-13 21:00 - 00000000 ____D () C:\Users\Mazi\AppData\Roaming\00000000-1431543620-0000-0000-6C626D9EA8C0
2015-05-11 21:44 - 2015-05-11 21:55 - 00778416 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
2015-05-11 21:44 - 2015-05-11 21:55 - 00142512 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl
2015-05-11 19:45 - 2015-05-11 19:45 - 00000000 ____D () C:\Windows\system32\Flash
2015-05-11 18:30 - 2015-05-27 18:27 - 00000000 ____D () C:\Users\Mazi\AppData\Roaming\00000000-1431361858-0000-0000-6C626D9EA8C0
2015-05-11 18:26 - 2015-05-11 18:26 - 00000000 ____D () C:\Users\Mazi\A8B9466986544126BD28D0D2412CDED6.TMP
2015-05-11 18:13 - 2015-05-27 16:31 - 00000000 ____D () C:\ProgramData\b6b45000002a98
2015-05-10 22:39 - 2015-05-10 22:39 - 00000000 ____D () C:\Users\UpdatusUser\AppData\Roaming\Opera Software
2015-05-10 14:36 - 2015-05-10 14:36 - 33411912 _____ (Opera Software) C:\Users\Mazi\Downloads\opera_29_fr_18773 [1].exe
2015-05-10 13:22 - 2015-05-10 13:22 - 00000020 ___SH () C:\Users\UpdatusUser\ntuser.ini
2015-05-10 13:22 - 2015-05-10 13:22 - 00000000 _SHDL () C:\Users\UpdatusUser\Voisinage réseau
2015-05-10 13:22 - 2015-05-10 13:22 - 00000000 _SHDL () C:\Users\UpdatusUser\Voisinage d'impression
2015-05-10 13:22 - 2015-05-10 13:22 - 00000000 _SHDL () C:\Users\UpdatusUser\Modèles
2015-05-10 13:22 - 2015-05-10 13:22 - 00000000 _SHDL () C:\Users\UpdatusUser\Menu Démarrer
2015-05-10 13:22 - 2015-05-10 13:22 - 00000000 _SHDL () C:\Users\UpdatusUser\Documents\Mes vidéos
2015-05-10 13:22 - 2015-05-10 13:22 - 00000000 _SHDL () C:\Users\UpdatusUser\Documents\Mes images
2015-05-10 13:22 - 2015-05-10 13:22 - 00000000 _SHDL () C:\Users\UpdatusUser\Documents\Ma musique
2015-05-10 13:22 - 2015-05-10 13:22 - 00000000 _SHDL () C:\Users\UpdatusUser\AppData\Roaming\Microsoft\Windows\Start Menu\Programmes
2015-05-10 13:22 - 2015-05-10 13:22 - 00000000 _SHDL () C:\Users\UpdatusUser\AppData\Local\Historique
2015-05-10 13:22 - 2013-12-09 01:26 - 00000000 ____D () C:\Users\UpdatusUser\AppData\Roaming\Macromedia
2015-05-10 13:22 - 2013-07-17 15:01 - 00000000 ____D () C:\Users\UpdatusUser\AppData\Local\Google
2015-05-10 13:22 - 2009-07-14 06:42 - 00000000 ___RD () C:\Users\UpdatusUser\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2015-05-10 13:22 - 2009-07-14 06:37 - 00000000 ___RD () C:\Users\UpdatusUser\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2015-05-10 13:21 - 2015-05-10 13:22 - 00000000 ____D () C:\ProgramData\NVIDIA
2015-05-10 13:21 - 2013-02-19 21:33 - 00053024 _____ (Khronos Group) C:\Windows\system32\OpenCL.dll
2015-05-10 13:21 - 2013-01-31 11:01 - 03970848 _____ (NVIDIA Corporation) C:\Windows\system32\nvcpl.dll
2015-05-10 13:21 - 2013-01-31 11:01 - 02859296 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvc.dll
2015-05-10 13:21 - 2013-01-31 11:00 - 02557728 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvcr.dll
2015-05-10 13:21 - 2013-01-31 11:00 - 00634656 _____ (NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
2015-05-10 13:21 - 2013-01-31 11:00 - 00108832 _____ (NVIDIA Corporation) C:\Windows\system32\nvmctray.dll
2015-05-10 13:21 - 2013-01-31 11:00 - 00062752 _____ (NVIDIA Corporation) C:\Windows\system32\nvshext.dll
2015-05-10 13:20 - 2015-05-10 13:21 - 00000000 ____D () C:\Program Files\NVIDIA Corporation
2015-05-10 13:20 - 2015-05-10 13:20 - 00000000 ____D () C:\ProgramData\NVIDIA Corporation
2015-05-10 13:10 - 2015-05-10 13:10 - 00000000 ____D () C:\Users\Mazi\Documents\Optimizer Pro
2015-05-09 14:05 - 2015-05-09 14:05 - 00000000 ____D () C:\Program Files\Talking Tom Cat 4
2015-05-04 20:01 - 2015-05-04 20:01 - 00000000 ____D () C:\Users\Default\AppData\Local\Crossbrowse
2015-05-04 20:01 - 2015-05-04 20:01 - 00000000 ____D () C:\Users\Default User\AppData\Local\Crossbrowse
2015-05-04 19:26 - 2015-05-04 19:26 - 00023040 _____ (The OpenVPN Project) C:\Windows\system32\Drivers\tap0901.sys
2015-05-04 19:26 - 2015-05-04 19:26 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_Kernel_webTinstMKTN84_01009.Wdf
2015-05-04 19:26 - 2015-05-04 19:26 - 00000000 ____D () C:\Users\Mazi\AppData\Roaming\EasyVpn
2015-05-04 19:26 - 2015-05-04 19:26 - 00000000 ____D () C:\Program Files\Teal Kitty
2015-05-04 19:25 - 2015-05-27 14:41 - 00000000 ____D () C:\Users\Mazi\AppData\Roaming\ngyyy2vxm2tibwf
2015-05-04 19:12 - 2015-05-04 19:12 - 00000000 ____D () C:\Users\Mazi\Documents\ProPCCleaner
2015-04-20 16:05 - 2015-04-20 16:05 - 01579520 _____ () C:\Users\Mazi\AppData\Roaming\uOuYabFkSVHO5H6nthtPMK.exe
2015-04-19 14:20 - 2015-04-19 14:20 - 00005872 _____ () C:\Users\Mazi\AppData\Roaming\uOuYabFkSVHO5H6nthtPMK
2015-04-18 01:43 - 2015-04-18 02:26 - 00000000 ____D () C:\ProgramData\B0FFCDD9-5261-4e59-B29A-17A4FABDEBAB
2015-04-18 01:32 - 2015-05-04 19:12 - 00000020 _____ () C:\Users\Mazi\AppData\Roaming\appdataFr3.bin
2015-04-18 01:30 - 2015-04-18 01:30 - 88323920 _____ (Apple Inc.) C:\Users\Mazi\Downloads\iTunesSetup.exe
2015-04-17 00:31 - 2015-04-18 02:26 - 00000000 ____D () C:\ProgramData\Apple Computer
2015-04-13 00:52 - 2015-05-11 17:29 - 00000000 ____D () C:\ProgramData\895660228918991537
2015-04-09 20:14 - 2015-04-09 17:50 - 00000000 ____D () C:\Users\Mazi\Desktop\Booba
2015-04-05 20:32 - 2015-04-05 20:33 - 00000000 ____D () C:\Converted Audio Files
2015-03-24 12:37 - 2015-03-28 14:23 - 00000000 ____D () C:\Users\Mazi\Desktop\Future - Monster (DatPiff.com)
2015-03-23 21:58 - 2015-05-28 13:08 - 00000004 _____ () C:\Windows\system32\029B560A371F4E00AB32838EBC01B9E7
2015-03-23 20:59 - 2015-03-23 20:59 - 00000000 ____D () C:\Program Files\233ef4a7-f2dc-4b07-9e2b-94dc075461d7
2015-03-21 15:32 - 2015-02-22 15:33 - 00000000 ____D () C:\Users\Mazi\Desktop\Big_Sean_-_Dark_Sky_Paradise_2015
2015-03-20 22:52 - 2014-12-30 08:17 - 00000000 ____D () C:\Users\Mazi\Desktop\www.NewAlbumReleases.net_Rae Sremmurd - SremmLife (2015)
2015-03-06 20:29 - 2015-03-06 20:31 - 00000000 ____D () C:\Users\Mazi\AppData\Roaming\Synthesia
2015-03-05 20:47 - 2015-03-05 20:47 - 00000000 ____D () C:\Users\Mazi\AppData\Roaming\TI-Nspire
2015-03-05 20:46 - 2015-03-05 20:46 - 00002288 _____ () C:\Users\Public\Desktop\TI-Nspire CAS Student Software.lnk
2015-03-05 20:46 - 2015-03-05 20:46 - 00000000 ____D () C:\ProgramData\SafeNet Sentinel
2015-03-05 20:45 - 2015-03-05 20:46 - 00000000 ____D () C:\Windows\SysWOW64
2015-03-05 20:45 - 2015-03-05 20:45 - 00000000 ____D () C:\ProgramData\TI-Nspire CAS
==================== Three Months Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2015-05-28 16:33 - 2010-10-18 15:59 - 00001052 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-05-28 16:30 - 2010-10-13 04:32 - 00000000 ____D () C:\Users\Mazi\AppData\Roaming\Skype
2015-05-28 15:52 - 2011-05-14 23:17 - 01697559 _____ () C:\Windows\WindowsUpdate.log
2015-05-28 13:16 - 2009-07-14 06:34 - 00023168 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-05-28 13:16 - 2009-07-14 06:34 - 00023168 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-05-28 13:08 - 2010-10-18 15:59 - 00001048 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-05-28 13:08 - 2009-07-14 06:53 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2015-05-28 12:52 - 2011-10-25 00:18 - 00000000 ____D () C:\Windows\system32\config\Mazi
2015-05-28 12:52 - 2009-07-14 04:37 - 00000000 ____D () C:\Windows\system32\config\Journal
2015-05-28 12:38 - 2011-05-14 23:18 - 00001703 _____ () C:\Users\Mazi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2015-05-28 00:52 - 2014-08-14 23:49 - 00000000 ___RD () C:\Program Files\Skype
2015-05-28 00:26 - 2010-12-01 01:49 - 03450880 ___SH () C:\Users\Mazi\Desktop\Thumbs.db
2015-05-27 19:54 - 2014-07-02 19:37 - 00000000 ____D () C:\AdwCleaner
2015-05-27 19:30 - 2011-05-14 23:17 - 00000000 ____D () C:\Users\Mazi
2015-05-27 16:23 - 2013-11-09 18:44 - 00001912 _____ () C:\Windows\epplauncher.mif
2015-05-27 15:54 - 2010-12-14 03:38 - 00000000 ____D () C:\Program Files\Opera
2015-05-27 11:30 - 2011-10-20 19:19 - 00000000 ____D () C:\Users\Mazi\AppData\Local\Google
2015-05-23 11:48 - 2011-05-14 18:58 - 00000000 ____D () C:\Users\Mazi\AppData\Local\Windows Live
2015-05-22 19:38 - 2011-05-14 17:40 - 00000000 ____D () C:\Users\Mazi\AppData\Local\Mozilla
2015-05-20 19:48 - 2009-07-14 04:37 - 00000000 ____D () C:\Windows\system32\fr-FR
2015-05-20 19:47 - 2011-05-14 17:22 - 01524562 _____ () C:\Windows\system32\PerfStringBackup.INI
2015-05-17 22:18 - 2014-11-26 21:40 - 00000000 ____D () C:\Users\Mazi\Desktop\ii
2015-05-14 23:07 - 2009-07-14 04:37 - 00000000 ____D () C:\Program Files\Common Files\microsoft shared
2015-05-14 22:40 - 2011-05-17 22:04 - 00000000 ____D () C:\Users\Mazi\AppData\Roaming\vlc
2015-05-14 21:53 - 2011-10-14 15:41 - 00000000 ____D () C:\Windows\Minidump
2015-05-14 21:53 - 2011-05-15 00:10 - 00000000 ____D () C:\Windows\Panther
2015-05-14 19:57 - 2013-10-31 18:12 - 00002441 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
2015-05-13 19:06 - 2011-05-07 19:02 - 00000000 ____D () C:\Program Files\Acoustica MP3 To Wave Converter PLUS
2015-05-13 19:00 - 2013-05-04 17:39 - 00000000 ____D () C:\Users\Mazi\Desktop\Booba - 0.9 110kbps
2015-05-11 18:25 - 2011-05-05 13:57 - 00000000 ____D () C:\Program Files\Audacity
2015-05-11 18:25 - 2011-01-11 13:31 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Propellerhead
2015-05-11 18:25 - 2011-01-11 13:30 - 00000000 ____D () C:\Program Files\Propellerhead
2015-05-11 18:24 - 2011-05-21 00:44 - 00000000 ____D () C:\Program Files\Canon
2015-05-11 18:21 - 2013-10-22 17:36 - 00000000 ____D () C:\Program Files\DSPRobotics
2015-05-11 18:19 - 2011-10-20 19:42 - 00000000 ____D () C:\Program Files\DAEMON Tools Lite
2015-05-11 18:16 - 2014-10-09 19:46 - 00000000 ____D () C:\Program Files\Samsung
2015-05-11 18:16 - 2014-04-09 00:26 - 00000000 ___HD () C:\Program Files\InstallShield Installation Information
2015-05-11 18:07 - 2010-11-05 14:08 - 00000000 ___HD () C:\ProgramData\CanonIJScan
2015-05-11 18:07 - 2009-07-14 06:52 - 00000000 ____D () C:\Windows\twain_32
2015-05-10 21:47 - 2011-05-14 17:52 - 00000000 ____D () C:\Program Files\Mozilla Firefox
2015-05-10 21:23 - 2013-09-26 00:44 - 00000000 __SHD () C:\Windows\system32\MSDCSC
2015-05-10 19:36 - 2009-07-14 04:37 - 00000000 ____D () C:\Windows\system32\NDF
2015-05-10 18:31 - 2009-07-14 04:37 - 00000000 ____D () C:\Windows\system32\wfp
2015-05-10 18:30 - 2009-07-14 04:37 - 00000000 ____D () C:\Windows\registration
2015-05-10 15:34 - 2009-07-14 06:33 - 00353136 _____ () C:\Windows\system32\FNTCACHE.DAT
2015-05-10 15:21 - 2012-09-04 22:41 - 00000000 ____D () C:\Users\Mazi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\VirtualDJ
2015-05-10 15:21 - 2012-09-04 22:41 - 00000000 ____D () C:\Program Files\VirtualDJ
2015-05-10 14:47 - 2013-10-22 17:36 - 00000000 ____D () C:\Users\Mazi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Image-Line
2015-05-10 13:27 - 2010-10-13 04:30 - 00000000 ____D () C:\ProgramData\Skype
2015-05-10 13:21 - 2014-04-06 00:16 - 00000000 ____D () C:\temp
2015-05-10 13:21 - 2009-07-14 04:37 - 00000000 ____D () C:\Windows\Help
2015-05-06 16:43 - 2011-05-14 19:02 - 00000000 ____D () C:\Program Files\Windows Live
2015-05-01 16:23 - 2014-04-02 16:26 - 00001716 __RSH () C:\ProgramData\ntuser.pol
==================== Files in the root of some directories =======
2010-11-07 21:15 - 2013-01-06 03:36 - 0000006 _____ () C:\Program Files\Common Files\WPVersion.txt
2013-07-12 21:48 - 2013-09-25 18:32 - 0000050 _____ () C:\Users\Mazi\AppData\Roaming\AcroIEHelpe.txt
2013-09-25 18:32 - 2013-09-25 18:32 - 0367712 _____ () C:\Users\Mazi\AppData\Roaming\AcroIEHelpe006288.dll
2013-04-27 11:35 - 2013-04-27 12:58 - 0000004 _____ () C:\Users\Mazi\AppData\Roaming\AltShell.ini
2015-04-18 01:32 - 2015-05-04 19:12 - 0000020 _____ () C:\Users\Mazi\AppData\Roaming\appdataFr3.bin
2013-07-12 21:48 - 2013-07-12 21:48 - 0007496 _____ () C:\Users\Mazi\AppData\Roaming\BAcroIEHelpe005285.dll
2013-09-25 18:32 - 2013-09-25 18:32 - 0007496 _____ () C:\Users\Mazi\AppData\Roaming\BAcroIEHelpe006288.dll
2015-05-27 20:37 - 2015-05-27 20:38 - 0001306 _____ () C:\Users\Mazi\AppData\Roaming\Bubble Dock.boostrap.log
2015-05-27 20:37 - 2015-05-27 20:38 - 0005708 _____ () C:\Users\Mazi\AppData\Roaming\Bubble Dock.installation.log
2011-06-30 15:57 - 2011-10-20 19:42 - 0000000 _____ () C:\Users\Mazi\AppData\Roaming\chrtmp
2013-07-12 21:47 - 2013-07-12 21:47 - 0552126 _____ () C:\Users\Mazi\AppData\Roaming\dict.txt
2013-07-12 21:47 - 2013-07-12 21:47 - 0001308 _____ () C:\Users\Mazi\AppData\Roaming\jserv.txt
2005-04-08 04:16 - 2012-09-18 23:15 - 0009317 ____H () C:\Users\Mazi\AppData\Roaming\Mazilog.dat
2013-07-12 21:48 - 2013-07-12 21:48 - 0000356 _____ () C:\Users\Mazi\AppData\Roaming\rost.dat
2015-05-27 20:38 - 2015-05-27 20:38 - 0000078 _____ () C:\Users\Mazi\AppData\Roaming\Selection Tools.installation.log
2013-07-12 21:46 - 2013-07-12 21:46 - 0000260 _____ () C:\Users\Mazi\AppData\Roaming\srvblck5.tmp
2015-04-19 14:20 - 2015-04-19 14:20 - 0005872 _____ () C:\Users\Mazi\AppData\Roaming\uOuYabFkSVHO5H6nthtPMK
2015-04-20 16:05 - 2015-04-20 16:05 - 1579520 _____ () C:\Users\Mazi\AppData\Roaming\uOuYabFkSVHO5H6nthtPMK.exe
2014-01-14 01:56 - 2014-07-30 00:16 - 0000128 _____ () C:\Users\Mazi\AppData\Roaming\WB.CFG
2015-05-27 20:37 - 2015-05-27 20:37 - 0000097 _____ () C:\Users\Mazi\AppData\Roaming\WindApp.boostrap.log
2015-05-27 20:38 - 2015-05-27 20:38 - 0000078 _____ () C:\Users\Mazi\AppData\Roaming\WindApp.installation.log
2013-09-13 17:04 - 2013-11-05 18:05 - 0065536 _____ () C:\Users\Mazi\AppData\Roaming\xmtcd1sr.default.dat
2013-11-09 17:51 - 2013-11-09 17:56 - 0000000 _____ () C:\Users\Mazi\AppData\Roaming\xmtcd1sr.default.tmp
2015-05-25 20:21 - 2015-05-25 20:21 - 0613255 _____ (CMI Limited) C:\Users\Mazi\AppData\Local\nsaBE62.tmp
2015-05-27 12:03 - 2015-05-27 12:03 - 0613255 _____ (CMI Limited) C:\Users\Mazi\AppData\Local\nsh7F5D.tmp
2015-05-25 00:22 - 2015-05-25 00:22 - 0613255 _____ (CMI Limited) C:\Users\Mazi\AppData\Local\nsj638F.tmp
2015-05-26 23:41 - 2015-05-26 23:41 - 0613255 _____ (CMI Limited) C:\Users\Mazi\AppData\Local\nss738.tmp
2015-05-25 16:18 - 2015-05-25 16:18 - 0613255 _____ (CMI Limited) C:\Users\Mazi\AppData\Local\nsx95AB.tmp
2009-07-14 01:41 - 2009-07-14 03:14 - 0848709 __RSH () C:\ProgramData\ADService
2014-04-09 00:27 - 2014-04-09 00:27 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
2013-11-08 15:33 - 2013-11-09 17:56 - 0000000 _____ () C:\ProgramData\j7t84bjw.fvv
2013-01-06 03:36 - 2013-01-06 03:36 - 0000097 _____ () C:\ProgramData\Microsoft.SqlServer.Compact.351.32.bc
Files to move or delete:
====================
C:\ProgramData\j7t84bjw.fvv
C:\Users\Mazi\ZHPCleaner.exe
C:\Users\Mazi\AppData\Roaming\AltShell.ini
Some files in TEMP:
====================
C:\Users\Mazi\AppData\Local\Temp\1324.exe
C:\Users\Mazi\AppData\Local\Temp\1432566120.exe
C:\Users\Mazi\AppData\Local\Temp\657.exe
C:\Users\Mazi\AppData\Local\Temp\6676.exe
C:\Users\Mazi\AppData\Local\Temp\7844.exe
C:\Users\Mazi\AppData\Local\Temp\8633.exe
C:\Users\Mazi\AppData\Local\Temp\amisetup5595__13272.exe
C:\Users\Mazi\AppData\Local\Temp\bd372f849e7c49f384c9189a1e5bd271457872.exe
C:\Users\Mazi\AppData\Local\Temp\CmdLineExt03.dll
C:\Users\Mazi\AppData\Local\Temp\dllnt_dump.dll
C:\Users\Mazi\AppData\Local\Temp\jue1FDF.exe
C:\Users\Mazi\AppData\Local\Temp\jue2146.exe
C:\Users\Mazi\AppData\Local\Temp\jue54D3.exe
C:\Users\Mazi\AppData\Local\Temp\jue5A30.exe
C:\Users\Mazi\AppData\Local\Temp\jueA978.exe
C:\Users\Mazi\AppData\Local\Temp\jueC13C.exe
C:\Users\Mazi\AppData\Local\Temp\jueD78A.exe
C:\Users\Mazi\AppData\Local\Temp\mytmpinstaller.exe
C:\Users\Mazi\AppData\Local\Temp\OnlineBackup.exe
C:\Users\Mazi\AppData\Local\Temp\optprosetup.exe
C:\Users\Mazi\AppData\Local\Temp\Quarantine.exe
C:\Users\Mazi\AppData\Local\Temp\ReimagePackage.exe
C:\Users\Mazi\AppData\Local\Temp\ReiSysUpdate.exe
C:\Users\Mazi\AppData\Local\Temp\sdf1AAD.exe
C:\Users\Mazi\AppData\Local\Temp\sdf6F67.exe
C:\Users\Mazi\AppData\Local\Temp\sdfB9CD.exe
C:\Users\Mazi\AppData\Local\Temp\sqlite3.dll
C:\Users\Mazi\AppData\Local\Temp\System.Data.SQLite.dll
C:\Users\Mazi\AppData\Local\Temp\System.Data.SQLitebbb12e9f-4d5e-4aed-b1a6-ba5bed38ed43.dll
C:\Users\Mazi\AppData\Local\Temp\Uninstall.exe
==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2015-05-24 16:51
==================== End of log ============================