Publicité
Publicité
Format du document : text/plain
Prévisualisation
Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version:01-12-2015
Ran by MOHAMED (administrator) on MOHAMED-PC (02-12-2015 15:57:24)
Running from C:\Users\MOHAMED\Desktop
Loaded Profiles: MOHAMED (Available Profiles: MOHAMED)
Platform: Microsoft Windows 7 Édition Starter (X86) Language: Français (France)
Internet Explorer Version 8 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\Antivirus\sched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\Antivirus\avguard.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\Antivirus\avgnt.exe
(© 2015 Microsoft Corporation) C:\Users\MOHAMED\AppData\Local\Microsoft\BingSvc\BingSvc.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\Launcher\Avira.ServiceHost.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\Launcher\Avira.Systray.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\Antivirus\avshadow.exe
(Hewlett-Packard Company) C:\Program Files\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe
(Microsoft Corporation) C:\Windows\System32\mmc.exe
==================== Registry (Whitelisted) ===========================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [GrooveMonitor] => C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe [31016 2006-10-27] (Microsoft Corporation)
HKLM\...\Run: [avgnt] => C:\Program Files\Avira\Antivirus\avgnt.exe [788176 2015-10-28] (Avira Operations GmbH & Co. KG)
HKLM\...\Run: [Avira SystrayStartTrigger] => C:\Program Files\Avira\Launcher\Avira.SystrayStartTrigger.exe [66320 2015-11-03] (Avira Operations GmbH & Co. KG)
HKU\S-1-5-21-3701903417-2408125319-1798861659-1000\...\Run: [BingSvc] => C:\Users\MOHAMED\AppData\Local\Microsoft\BingSvc\BingSvc.exe [144008 2015-11-29] (© 2015 Microsoft Corporation)
HKU\S-1-5-21-3701903417-2408125319-1798861659-1000\...\MountPoints2: {0b5fe1ff-6dc8-11e5-9277-3cd92b242aaa} - G:\InstallerUniversalis2012.exe
HKU\S-1-5-21-3701903417-2408125319-1798861659-1000\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\system32\Bubbles.scr [878592 2009-07-14] (Microsoft Corporation)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1
Tcpip\..\Interfaces\{7BDC559C-2EFA-4228-AF69-1EAF97E826EE}: [DhcpNameServer] 192.168.2.1
Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://search.avira.net/#web/result?source=art&q=
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxps://search.avira.net/#web/result?source=art&q=
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxps://search.avira.net/#web/result?source=art&q=
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxps://search.avira.net/#web/result?source=art&q=
HKU\S-1-5-21-3701903417-2408125319-1798861659-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.msn.com/?pc=SL5M&ocid=SL5MDHP&osmkt=fr-fr
HKU\S-1-5-21-3701903417-2408125319-1798861659-1000\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxps://search.avira.net/#web/result?source=art&q=
HKU\S-1-5-21-3701903417-2408125319-1798861659-1000\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxps://search.avira.net/#web/result?source=art&q=
HKU\S-1-5-21-3701903417-2408125319-1798861659-1000\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxps://search.avira.net/#web/result?source=art&q=
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-3701903417-2408125319-1798861659-1000 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-3701903417-2408125319-1798861659-1000 -> {D9771667-EC10-41E9-AA9E-D692111367CC} URL = hxxp://www.bing.com/search?FORM=SL5MDF&PC=SL5M&q={searchTerms}&src=IE-SearchBox
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [2006-10-27] (Microsoft Corporation)
Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll [2006-10-27] (Microsoft Corporation)
FireFox:
========
FF ProfilePath: C:\Users\MOHAMED\AppData\Roaming\Mozilla\Firefox\Profiles\q946ll2b.default
FF SearchEngineOrder.3: Bing
FF SelectedSearchEngine: Bing
FF Homepage: hxxp://www.msn.com/?pc=SL5M&ocid=SL5MDHP&osmkt=fr-fr
FF Keyword.URL: hxxp://www.bing.com/search?FORM=SL5MDF&PC=SL5M&q=
FF Plugin: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf -> C:\PROGRAM FILES\FOXIT SOFTWARE\FOXIT READER\plugins\npFoxitReaderPlugin.dll [2015-02-11] (Foxit Corporation)
FF Plugin: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.fdf -> C:\PROGRAM FILES\FOXIT SOFTWARE\FOXIT READER\plugins\npFoxitReaderPlugin.dll [2015-02-11] (Foxit Corporation)
FF Plugin: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xdp -> C:\PROGRAM FILES\FOXIT SOFTWARE\FOXIT READER\plugins\npFoxitReaderPlugin.dll [2015-02-11] (Foxit Corporation)
FF Plugin: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xfdf -> C:\PROGRAM FILES\FOXIT SOFTWARE\FOXIT READER\plugins\npFoxitReaderPlugin.dll [2015-02-11] (Foxit Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] ( Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\NPSWF32.dll [2006-01-02] ()
FF SearchPlugin: C:\Users\MOHAMED\AppData\Roaming\Mozilla\Firefox\Profiles\q946ll2b.default\searchplugins\bing-.xml [2015-11-28]
FF Extension: EPUBReader - C:\Users\MOHAMED\AppData\Roaming\Mozilla\Firefox\Profiles\q946ll2b.default\extensions\{5384767E-00D9-40E9-B72F-9CC39D655D6F} [2015-10-26]
FF Extension: RADIO PLAYER - C:\Users\MOHAMED\AppData\Roaming\Mozilla\Firefox\Profiles\q946ll2b.default\extensions\radio@radioplayer.fr.xpi [2015-11-14]
FF Extension: Avira Browser Safety - C:\Users\MOHAMED\AppData\Roaming\Mozilla\Firefox\Profiles\q946ll2b.default\Extensions\abs@avira.com [2015-11-21] [not signed]
FF Extension: Bing Search - C:\Users\MOHAMED\AppData\Roaming\Mozilla\Firefox\Profiles\q946ll2b.default\Extensions\bingsearch.full@microsoft.com.xpi [2015-11-28]
FF Extension: mp3it - C:\Users\MOHAMED\AppData\Roaming\Mozilla\Firefox\Profiles\q946ll2b.default\Extensions\info@mp3it.eu.xpi [2015-10-12]
FF Extension: Discover Treasure - C:\Users\MOHAMED\AppData\Roaming\Mozilla\Firefox\Profiles\q946ll2b.default\Extensions\{f2946686-f9e9-480e-a42e-fa7351bd720c}.xpi [2015-11-21] [not signed]
FF ExtraCheck: C:\Program Files\mozilla firefox\defaults\pref\!7A8D88F6C2113928B54F491A53369C4A7A8D.js [2015-11-21]
Chrome:
=======
CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM\...\Chrome\Extension: [ngpampappnmepgilojfohadhhmbhlaek] - C:\Program Files\Internet Download Manager\IDMGCExt.crx
==================== Services (Whitelisted) ========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S2 AntiVirMailService; C:\Program Files\Avira\Antivirus\avmailc7.exe [936544 2015-10-28] (Avira Operations GmbH & Co. KG)
R2 AntiVirSchedulerService; C:\Program Files\Avira\Antivirus\sched.exe [466408 2015-10-28] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files\Avira\Antivirus\avguard.exe [466408 2015-10-28] (Avira Operations GmbH & Co. KG)
S2 AntiVirWebService; C:\Program Files\Avira\Antivirus\avwebg7.exe [1105952 2015-10-28] (Avira Operations GmbH & Co. KG)
R2 Avira.ServiceHost; C:\Program Files\Avira\Launcher\Avira.ServiceHost.exe [250136 2015-11-03] (Avira Operations GmbH & Co. KG)
R2 HPSupportSolutionsFrameworkService; C:\Program Files\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe [24888 2015-07-26] (Hewlett-Packard Company)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [680960 2009-07-14] (Microsoft Corporation)
===================== Drivers (Whitelisted) ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [108448 2015-10-28] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [136728 2015-10-28] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [37896 2015-10-28] (Avira Operations GmbH & Co. KG)
R2 avnetflt; C:\Windows\System32\DRIVERS\avnetflt.sys [55912 2015-10-28] (Avira Operations GmbH & Co. KG)
R1 ElbyCDIO; C:\Windows\System32\Drivers\ElbyCDIO.sys [30616 2014-12-20] (Elaborate Bytes AG)
R3 RTL8192Ce; C:\Windows\System32\DRIVERS\rtl8192Ce.sys [1035368 2011-04-22] (Realtek Semiconductor Corporation )
R1 ssmdrv; C:\Windows\System32\DRIVERS\ssmdrv.sys [31848 2015-10-28] (Avira Operations GmbH & Co. KG)
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2015-12-02 15:57 - 2015-12-02 15:58 - 00010318 _____ C:\Users\MOHAMED\Desktop\FRST.txt
2015-12-02 15:56 - 2015-12-02 15:57 - 00000000 ____D C:\FRST
2015-12-02 15:56 - 2015-12-02 15:55 - 01721344 _____ (Farbar) C:\Users\MOHAMED\Desktop\FRST.exe
2015-12-02 15:55 - 2015-12-02 15:55 - 01721344 _____ (Farbar) C:\Users\MOHAMED\Downloads\FRST.exe
2015-12-02 11:13 - 2015-12-02 11:13 - 00001216 _____ C:\Users\MOHAMED\Desktop\ZHPFixReport.txt
2015-12-02 11:10 - 2015-12-02 11:10 - 00001799 _____ C:\Users\Public\Desktop\ZHPFix.lnk
2015-12-02 11:10 - 2015-12-02 11:10 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ZHP
2015-12-02 00:00 - 2015-12-02 11:21 - 00059890 _____ C:\Users\MOHAMED\Desktop\ZHPDiag.txt
2015-12-01 23:54 - 2015-12-02 11:15 - 00000824 _____ C:\Users\MOHAMED\Desktop\ZHPDiag.lnk
2015-12-01 23:52 - 2015-12-01 23:52 - 00001849 _____ C:\Users\MOHAMED\Desktop\ZHPCleaner.txt
2015-12-01 23:14 - 2015-11-28 21:52 - 01977856 _____ C:\Users\MOHAMED\Desktop\ZHPDiag3.exe
2015-12-01 23:11 - 2015-12-02 11:17 - 00000000 ____D C:\Users\MOHAMED\AppData\Roaming\ZHP
2015-12-01 23:11 - 2015-12-01 23:11 - 00000834 _____ C:\Users\MOHAMED\Desktop\ZHPCleaner.lnk
2015-12-01 22:56 - 2015-12-01 22:56 - 00075434 _____ C:\Users\MOHAMED\Desktop\Pierre Bourdieu, Ce que parler veut dire. L'économie des échanges linguistiques. - Persée.htm
2015-12-01 22:56 - 2015-12-01 22:56 - 00000000 ____D C:\Users\MOHAMED\Desktop\Pierre Bourdieu, Ce que parler veut dire. L'économie des échanges linguistiques. - Persée_fichiers
2015-12-01 22:54 - 2015-12-01 22:54 - 00068992 _____ C:\Users\MOHAMED\Desktop\À propos de ce que parler veut dire.htm
2015-12-01 22:54 - 2015-12-01 22:54 - 00000000 ____D C:\Users\MOHAMED\Desktop\À propos de ce que parler veut dire_fichiers
2015-12-01 22:52 - 2015-12-01 22:53 - 00023411 _____ C:\Users\MOHAMED\Desktop\Les échanges linguistiques, 'Ce que parler veut dire'.htm
2015-12-01 22:52 - 2015-12-01 22:52 - 00000000 ____D C:\Users\MOHAMED\Desktop\Les échanges linguistiques, 'Ce que parler veut dire'_fichiers
2015-12-01 14:50 - 2015-12-01 14:50 - 00092710 _____ C:\Users\MOHAMED\Desktop\Esprit critique - Revue internationale de sociologie et de sciences sociales.htm
2015-12-01 14:50 - 2015-12-01 14:50 - 00000000 ____D C:\Users\MOHAMED\Desktop\Esprit critique - Revue internationale de sociologie et de sciences sociales_fichiers
2015-12-01 14:49 - 2015-12-01 14:50 - 00439332 ____H C:\Users\MOHAMED\Desktop\dictionnaire.GID
2015-12-01 14:47 - 2015-12-01 14:47 - 00086703 _____ C:\Users\MOHAMED\Desktop\Politique linguistique, politique scolaire la situation du Maroc - Cairn.info.htm
2015-12-01 14:45 - 2015-12-01 14:47 - 00000000 ____D C:\Users\MOHAMED\Desktop\Politique linguistique, politique scolaire la situation du Maroc - Cairn.info_fichiers
2015-11-30 16:04 - 2015-11-30 16:05 - 00044748 _____ C:\Users\MOHAMED\Downloads\séquences 4-5-6.zip
2015-11-29 21:47 - 2015-11-29 21:47 - 02754255 _____ C:\Users\MOHAMED\Downloads\000303_PartieVIII.pdf
2015-11-29 21:28 - 2015-11-29 21:28 - 00091590 _____ C:\Users\MOHAMED\Downloads\Approche_sur_la_politique_linguistique_a.pdf
2015-11-29 20:35 - 2015-11-30 11:53 - 00000000 ____D C:\Users\MOHAMED\Desktop\NOTES
2015-11-29 17:36 - 2015-11-29 17:36 - 00358378 _____ C:\Users\MOHAMED\Downloads\License-W7+.exe
2015-11-29 17:22 - 2015-11-29 17:22 - 80249168 _____ C:\Users\MOHAMED\Downloads\malwarebyte(1).rar
2015-11-29 16:56 - 2015-11-29 16:57 - 03521617 _____ (Nicolas Coolman ) C:\Users\MOHAMED\Downloads\ZHPFix(1).exe
2015-11-29 16:46 - 2015-12-02 11:10 - 00000000 ____D C:\Program Files\ZHPFix
2015-11-29 16:43 - 2015-11-29 16:43 - 03521617 _____ (Nicolas Coolman ) C:\Users\MOHAMED\Desktop\ZHPFix.exe
2015-11-29 15:49 - 2015-11-29 15:49 - 01903104 _____ C:\Users\MOHAMED\Downloads\ZHPCleaner.exe
2015-11-28 22:31 - 2015-11-28 22:31 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2015-11-28 22:31 - 2015-11-28 22:31 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2015-11-28 22:29 - 2015-11-28 22:29 - 07018720 _____ (Microsoft Corporation) C:\Users\MOHAMED\Downloads\Silverlight.exe
2015-11-28 21:51 - 2015-11-28 21:52 - 01977856 _____ C:\Users\MOHAMED\Downloads\ZHPDiag3.exe
2015-11-26 14:25 - 2015-11-13 05:48 - 00657334 _____ C:\Users\MOHAMED\Desktop\LL23_139_142.pdf
2015-11-25 23:04 - 2015-11-25 23:04 - 01306147 _____ C:\Users\MOHAMED\Downloads\42-3.pdf
2015-11-24 10:03 - 2015-11-24 10:04 - 01733632 _____ C:\Users\MOHAMED\Downloads\adwcleaner_5.022.exe
2015-11-21 23:53 - 2015-11-21 23:53 - 00000098 _____ C:\ProgramData\{262E20B8-6E20-4CEF-B1FD-D022AB1085F5}.dat
2015-11-21 23:34 - 2015-11-21 23:35 - 23671486 _____ C:\Users\MOHAMED\Downloads\Encyclopaedia.Universalis.NO-DVD.edition.2012_CRKEXE-FFF.rar
2015-11-21 22:56 - 2015-11-21 22:56 - 00249992 _____ C:\Users\MOHAMED\Downloads\LangCog2-print.pdf
2015-11-21 08:11 - 2010-04-02 02:05 - 37346150 _____ C:\Users\MOHAMED\Desktop\Le Bon Usage - grammaire française.djvu
2015-11-21 08:08 - 2015-11-21 08:10 - 37345957 _____ C:\Users\MOHAMED\Downloads\Le Bon Usage - gr fr .rar
2015-11-21 08:05 - 2015-11-21 08:05 - 00000000 ____D C:\Users\MOHAMED\AppData\Roaming\Avira
2015-11-21 07:50 - 2015-11-21 07:54 - 69144917 _____ C:\Users\MOHAMED\Desktop\Grammaire-Methodique-du-Francais.pdf
2015-11-21 07:42 - 2015-10-28 18:21 - 00136728 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avipbb.sys
2015-11-21 07:42 - 2015-10-28 18:21 - 00108448 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avgntflt.sys
2015-11-21 07:42 - 2015-10-28 18:21 - 00055912 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avnetflt.sys
2015-11-21 07:42 - 2015-10-28 18:21 - 00037896 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avkmgr.sys
2015-11-21 07:42 - 2015-10-28 18:21 - 00031848 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\ssmdrv.sys
2015-11-21 07:33 - 2015-11-29 20:37 - 00000000 ____D C:\Users\MOHAMED\Desktop\sclgst
2015-11-21 07:26 - 2015-11-26 07:03 - 00001136 _____ C:\Users\Public\Desktop\Avira Launcher.lnk
2015-11-21 07:26 - 2015-11-21 07:46 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2015-11-21 07:26 - 2015-11-21 07:41 - 00000000 ____D C:\ProgramData\Avira
2015-11-21 07:26 - 2015-11-21 07:41 - 00000000 ____D C:\Program Files\Avira
2015-11-21 07:26 - 2015-11-21 07:26 - 00000000 ____D C:\ProgramData\Package Cache
2015-11-21 07:17 - 2015-11-21 07:17 - 04584344 _____ (Avira Operations GmbH & Co. KG) C:\Users\MOHAMED\Downloads\avira_en_av_4446297808__ws.exe
2015-11-21 07:09 - 2015-11-28 22:35 - 00000000 ____D C:\AdwCleaner
2015-11-21 07:00 - 2015-11-21 07:01 - 01732096 _____ C:\Users\MOHAMED\Downloads\adwcleaner_5.021.exe
2015-11-21 06:48 - 2015-11-21 06:48 - 00007605 _____ C:\Users\MOHAMED\AppData\Local\Resmon.ResmonCfg
2015-11-21 06:15 - 2015-11-21 06:15 - 00000000 ____D C:\ProgramData\Loaris
2015-11-20 12:03 - 2015-11-20 12:03 - 00000000 ___SD C:\Windows\system32\CompatTel
2015-11-20 12:03 - 2015-11-20 12:03 - 00000000 ____D C:\Windows\system32\appraiser
2015-11-20 11:32 - 2015-11-20 11:33 - 01472475 _____ C:\Users\MOHAMED\Downloads\module1_1.pdf
2015-11-20 10:54 - 2015-11-20 10:54 - 01394981 _____ C:\Users\MOHAMED\Downloads\mots_0243-6450_1997_num_52_1_2467.pdf
2015-11-20 10:44 - 2015-09-18 16:32 - 00023384 _____ (Microsoft Corporation) C:\Windows\system32\CompatTelRunner.exe
2015-11-20 10:44 - 2015-09-18 16:30 - 01120768 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2015-11-20 10:44 - 2015-09-18 16:30 - 00615936 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2015-11-20 10:44 - 2015-09-18 16:30 - 00587776 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2015-11-20 10:44 - 2015-09-18 16:30 - 00423936 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2015-11-20 10:44 - 2015-09-18 16:30 - 00062976 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2015-11-20 10:44 - 2015-09-18 16:25 - 00999936 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2015-11-20 10:44 - 2015-05-21 13:18 - 00163840 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll
2015-11-20 10:44 - 2015-03-19 02:57 - 03963320 _____ (Microsoft Corporation) C:\Windows\system32\ntkrnlpa.exe
2015-11-20 10:44 - 2015-03-19 02:57 - 03908024 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-11-20 10:44 - 2015-01-27 23:28 - 01167520 _____ (Microsoft Corporation) C:\Windows\system32\aitstatic.exe
2015-11-20 10:44 - 2014-09-15 00:42 - 02377216 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2015-11-20 10:44 - 2013-03-19 04:54 - 00038912 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2015-11-20 10:44 - 2013-03-19 02:50 - 00069632 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2015-11-20 10:44 - 2010-12-18 05:29 - 00541184 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2015-11-20 10:38 - 2015-06-23 12:27 - 00246952 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2015-11-20 10:37 - 2015-11-20 10:37 - 00000000 ____D C:\Users\Public\Foxit Software
2015-11-20 10:35 - 2015-11-26 07:03 - 00002089 _____ C:\Users\Public\Desktop\Foxit Reader.lnk
2015-11-20 10:35 - 2015-11-20 10:35 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Foxit Reader
2015-11-20 10:17 - 2012-06-02 22:19 - 01933848 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2015-11-20 10:17 - 2012-06-02 22:19 - 00053784 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2015-11-20 10:17 - 2012-06-02 22:19 - 00045080 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2015-11-20 10:17 - 2012-06-02 22:12 - 02422272 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2015-11-20 10:16 - 2012-06-02 22:19 - 00577048 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2015-11-20 10:16 - 2012-06-02 22:19 - 00035864 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2015-11-20 10:16 - 2012-06-02 22:12 - 00088576 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2015-11-20 10:16 - 2012-06-02 15:19 - 00171904 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2015-11-20 10:16 - 2012-06-02 15:12 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2015-11-19 19:53 - 2015-11-26 07:03 - 00002611 _____ C:\Users\Public\Desktop\MEDIADICO pour votre PC.lnk
2015-11-19 19:53 - 2015-11-19 19:53 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LAventure
2015-11-19 19:53 - 2015-11-19 19:53 - 00000000 ____D C:\Program Files\LAventure
2015-11-19 19:51 - 2015-11-19 19:51 - 01159168 _____ C:\Users\MOHAMED\Downloads\dictionnaire mediadico.msi
2015-11-19 12:03 - 2015-11-19 12:03 - 00069873 _____ C:\Users\MOHAMED\Downloads\Sociolang.pdf
2015-11-18 11:41 - 2015-11-18 11:42 - 04935350 _____ C:\Users\MOHAMED\Downloads\eset_ess_8_userguide_fra(1).pdf
2015-11-18 11:41 - 2015-11-18 11:41 - 04935350 _____ C:\Users\MOHAMED\Downloads\eset_ess_8_userguide_fra.pdf
2015-11-17 10:25 - 2015-11-17 10:26 - 00139373 _____ C:\Users\MOHAMED\Downloads\praxematique-3063-28-henri-boyer-ed-sociolinguistique-territoire-et-objets.pdf
2015-11-12 10:40 - 2015-11-12 10:40 - 00127296 _____ C:\Users\MOHAMED\Downloads\Dialnet-SociolonguistiquePolitiqueLinguistiqueEtFonctionna-4411584.pdf
2015-11-12 10:34 - 2015-11-12 10:34 - 00677195 _____ C:\Users\MOHAMED\Downloads\2003-Diglossies_en_question_Cahiers_.pdf
2015-11-12 10:29 - 2015-11-12 10:29 - 00275284 _____ C:\Users\MOHAMED\Downloads\Variation_linguistique....pdf
2015-11-12 01:45 - 2015-11-12 01:46 - 75032577 _____ C:\Users\MOHAMED\Downloads\__rar_0.568
2015-11-12 01:26 - 2015-11-12 01:26 - 80249168 _____ C:\Users\MOHAMED\Downloads\malwarebyte.rar
2015-11-12 00:38 - 2015-11-29 17:42 - 00170200 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-11-12 00:36 - 2015-11-29 17:43 - 00000000 ____D C:\Program Files\Malwarebytes Anti-Malware
2015-11-12 00:36 - 2015-11-26 07:03 - 00001058 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2015-11-12 00:36 - 2015-11-12 00:36 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2015-11-12 00:36 - 2015-11-12 00:36 - 00000000 ____D C:\ProgramData\Malwarebytes
2015-11-12 00:36 - 2015-10-05 09:50 - 00094936 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamchameleon.sys
2015-11-12 00:36 - 2015-10-05 09:50 - 00051928 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2015-11-12 00:36 - 2015-10-05 09:50 - 00023256 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbam.sys
2015-11-12 00:31 - 2015-11-12 00:35 - 22908888 _____ (Malwarebytes ) C:\Users\MOHAMED\Downloads\mbam-setup-techspot.31794-2.2.0.1024.exe
2015-11-11 20:33 - 2015-11-21 23:52 - 00000000 ____D C:\Program Files\Mozilla Firefox
2015-11-11 17:10 - 2015-11-12 12:53 - 00000004 _____ C:\Windows\system32\029B560A371F4E00AB32838EBC01B9E7
2015-11-11 17:09 - 2015-11-11 17:09 - 00000000 ____D C:\Users\MOHAMED\AppData\Local\Opera Software
2015-11-11 17:08 - 2015-11-11 17:08 - 00000000 ____D C:\Users\MOHAMED\AppData\Roaming\Opera Software
2015-11-11 17:05 - 2015-11-21 08:16 - 00000000 ____D C:\Program Files\Opera
2015-11-11 17:05 - 2015-11-18 11:48 - 00000000 ____D C:\Program Files\Common Files\Warmlax
2015-11-11 17:04 - 2015-11-11 17:04 - 00000187 _____ C:\Users\MOHAMED\AppData\Local\Doublebase.exe.config
2015-11-05 06:15 - 2015-11-05 06:55 - 00000000 ____D C:\Users\MOHAMED\Desktop\séquence 4
2015-11-05 06:12 - 2015-11-05 06:12 - 00942435 _____ C:\Users\MOHAMED\Downloads\nouvel-espace.rar
2015-11-04 11:18 - 2015-11-04 11:18 - 00000000 ____D C:\Users\MOHAMED\AppData\Local\ElevatedDiagnostics
2015-11-03 15:15 - 2015-11-03 15:15 - 00000000 ____D C:\Users\MOHAMED\Desktop\sociolinguistique
2015-11-03 15:15 - 2015-11-03 15:15 - 00000000 ____D C:\Users\MOHAMED\Desktop\petite poucette
2015-11-02 16:54 - 2015-11-02 16:54 - 00000000 ____D C:\Program Files\Hewlett-Packard
2015-11-02 16:46 - 2015-11-02 16:48 - 03774136 _____ (Oleg N. Scherbakov) C:\Users\MOHAMED\Downloads\HPSupportSolutionsFramework-12.0.30.81.exe
2015-11-02 16:40 - 2015-11-04 11:12 - 00000000 ____D C:\Program Files\Driver Downloader
2015-11-02 16:11 - 2015-11-02 16:11 - 00040492 _____ C:\Users\MOHAMED\Downloads\Module_1.pdf
2015-11-02 15:47 - 2015-11-02 15:47 - 00085471 _____ C:\Users\MOHAMED\Downloads\PSP1125-Partie4bis.pdf
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2015-12-02 15:58 - 2009-07-14 02:37 - 00000000 ____D C:\Windows\inf
2015-12-02 15:56 - 2009-07-14 02:37 - 00000000 ____D C:\Windows
2015-12-02 15:48 - 2009-07-14 04:53 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2015-12-02 11:42 - 2009-07-14 04:34 - 00014400 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-12-02 11:42 - 2009-07-14 04:34 - 00014400 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-11-30 15:42 - 2015-10-01 06:56 - 00704480 _____ C:\Windows\system32\perfh00C.dat
2015-11-30 15:42 - 2015-10-01 06:56 - 00130754 _____ C:\Windows\system32\perfc00C.dat
2015-11-30 15:42 - 2015-10-01 04:06 - 01549700 _____ C:\Windows\system32\PerfStringBackup.INI
2015-11-26 14:00 - 2009-07-14 02:37 - 00000000 ____D C:\Windows\system32\NDF
2015-11-26 07:04 - 2015-10-01 04:00 - 00001393 _____ C:\Users\MOHAMED\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2015-11-26 07:04 - 2015-09-30 22:15 - 00001109 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2015-11-26 07:04 - 2009-07-14 04:46 - 00001479 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
2015-11-26 07:04 - 2009-07-14 04:42 - 00001340 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Anytime Upgrade.lnk
2015-11-26 07:04 - 2009-07-14 04:42 - 00001292 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sidebar.lnk
2015-11-26 07:04 - 2009-07-14 04:42 - 00001234 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\XPS Viewer.lnk
2015-11-26 07:04 - 2009-07-14 04:42 - 00001198 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Fax and Scan.lnk
2015-11-26 07:03 - 2015-10-25 23:57 - 00001162 _____ C:\Users\Public\Desktop\LG PC Suite.lnk
2015-11-26 07:03 - 2015-10-08 14:32 - 00001124 _____ C:\Users\Public\Desktop\Le Petit Robert 2014.lnk
2015-11-26 07:03 - 2015-10-08 14:21 - 00001206 _____ C:\Users\Public\Desktop\Virtual CloneDrive.lnk
2015-11-26 07:03 - 2015-10-01 14:24 - 00000963 _____ C:\Users\Public\Desktop\CCleaner.lnk
2015-11-26 07:03 - 2015-09-30 22:15 - 00001103 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk
2015-11-26 07:03 - 2009-07-14 04:46 - 00001218 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Default Programs.lnk
2015-11-26 07:03 - 2009-07-14 04:37 - 00001246 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Windows Update.lnk
2015-11-26 07:02 - 2015-10-08 21:10 - 00001425 _____ C:\Users\MOHAMED\Desktop\Encyclopaedia Universalis 2012.lnk
2015-11-26 07:02 - 2015-10-01 14:30 - 00000999 _____ C:\Users\MOHAMED\Desktop\Le Grand Robert.lnk
2015-11-26 07:02 - 2015-09-30 22:56 - 00000458 _____ C:\Users\MOHAMED\Desktop\Local Disk (D) - Shortcut.lnk
2015-11-25 22:35 - 2009-07-14 04:53 - 00032548 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2015-11-22 00:04 - 2015-10-08 21:25 - 00000000 ____D C:\Users\MOHAMED\.Universalis
2015-11-22 00:02 - 2015-10-08 21:25 - 00000000 ____D C:\Users\MOHAMED\.JxBrowser
2015-11-21 06:19 - 2009-07-14 04:52 - 00000000 ____D C:\Windows\Performance
2015-11-21 05:50 - 2009-07-14 02:37 - 00000000 ____D C:\Windows\AppCompat
2015-11-20 23:07 - 2009-07-14 04:33 - 00449472 _____ C:\Windows\system32\FNTCACHE.DAT
2015-11-13 05:47 - 2009-07-14 02:37 - 00000000 ____D C:\Windows\ModemLogs
2015-11-12 10:14 - 2015-09-30 22:15 - 00000000 ____D C:\Program Files\Mozilla Maintenance Service
2015-11-03 12:43 - 2015-09-30 21:50 - 00120976 _____ C:\Users\MOHAMED\AppData\Local\GDIPFONTCACHEV1.DAT
==================== Files in the root of some directories =======
2015-11-11 17:04 - 2015-11-11 17:04 - 0000187 _____ () C:\Users\MOHAMED\AppData\Local\Doublebase.exe.config
2015-11-21 06:48 - 2015-11-21 06:48 - 0007605 _____ () C:\Users\MOHAMED\AppData\Local\Resmon.ResmonCfg
2015-11-21 23:53 - 2015-11-21 23:53 - 0000098 _____ () C:\ProgramData\{262E20B8-6E20-4CEF-B1FD-D022AB1085F5}.dat
Files to move or delete:
====================
C:\ProgramData\{262E20B8-6E20-4CEF-B1FD-D022AB1085F5}.dat
Some files in TEMP:
====================
C:\Users\MOHAMED\AppData\Local\Temp\avgnt.exe
==================== Bamital & volsnap =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed
Ran by MOHAMED (administrator) on MOHAMED-PC (02-12-2015 15:57:24)
Running from C:\Users\MOHAMED\Desktop
Loaded Profiles: MOHAMED (Available Profiles: MOHAMED)
Platform: Microsoft Windows 7 Édition Starter (X86) Language: Français (France)
Internet Explorer Version 8 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\Antivirus\sched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\Antivirus\avguard.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\Antivirus\avgnt.exe
(© 2015 Microsoft Corporation) C:\Users\MOHAMED\AppData\Local\Microsoft\BingSvc\BingSvc.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\Launcher\Avira.ServiceHost.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\Launcher\Avira.Systray.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\Antivirus\avshadow.exe
(Hewlett-Packard Company) C:\Program Files\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe
(Microsoft Corporation) C:\Windows\System32\mmc.exe
==================== Registry (Whitelisted) ===========================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [GrooveMonitor] => C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe [31016 2006-10-27] (Microsoft Corporation)
HKLM\...\Run: [avgnt] => C:\Program Files\Avira\Antivirus\avgnt.exe [788176 2015-10-28] (Avira Operations GmbH & Co. KG)
HKLM\...\Run: [Avira SystrayStartTrigger] => C:\Program Files\Avira\Launcher\Avira.SystrayStartTrigger.exe [66320 2015-11-03] (Avira Operations GmbH & Co. KG)
HKU\S-1-5-21-3701903417-2408125319-1798861659-1000\...\Run: [BingSvc] => C:\Users\MOHAMED\AppData\Local\Microsoft\BingSvc\BingSvc.exe [144008 2015-11-29] (© 2015 Microsoft Corporation)
HKU\S-1-5-21-3701903417-2408125319-1798861659-1000\...\MountPoints2: {0b5fe1ff-6dc8-11e5-9277-3cd92b242aaa} - G:\InstallerUniversalis2012.exe
HKU\S-1-5-21-3701903417-2408125319-1798861659-1000\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\system32\Bubbles.scr [878592 2009-07-14] (Microsoft Corporation)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1
Tcpip\..\Interfaces\{7BDC559C-2EFA-4228-AF69-1EAF97E826EE}: [DhcpNameServer] 192.168.2.1
Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://search.avira.net/#web/result?source=art&q=
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxps://search.avira.net/#web/result?source=art&q=
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxps://search.avira.net/#web/result?source=art&q=
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxps://search.avira.net/#web/result?source=art&q=
HKU\S-1-5-21-3701903417-2408125319-1798861659-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.msn.com/?pc=SL5M&ocid=SL5MDHP&osmkt=fr-fr
HKU\S-1-5-21-3701903417-2408125319-1798861659-1000\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxps://search.avira.net/#web/result?source=art&q=
HKU\S-1-5-21-3701903417-2408125319-1798861659-1000\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxps://search.avira.net/#web/result?source=art&q=
HKU\S-1-5-21-3701903417-2408125319-1798861659-1000\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxps://search.avira.net/#web/result?source=art&q=
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-3701903417-2408125319-1798861659-1000 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-3701903417-2408125319-1798861659-1000 -> {D9771667-EC10-41E9-AA9E-D692111367CC} URL = hxxp://www.bing.com/search?FORM=SL5MDF&PC=SL5M&q={searchTerms}&src=IE-SearchBox
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [2006-10-27] (Microsoft Corporation)
Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll [2006-10-27] (Microsoft Corporation)
FireFox:
========
FF ProfilePath: C:\Users\MOHAMED\AppData\Roaming\Mozilla\Firefox\Profiles\q946ll2b.default
FF SearchEngineOrder.3: Bing
FF SelectedSearchEngine: Bing
FF Homepage: hxxp://www.msn.com/?pc=SL5M&ocid=SL5MDHP&osmkt=fr-fr
FF Keyword.URL: hxxp://www.bing.com/search?FORM=SL5MDF&PC=SL5M&q=
FF Plugin: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf -> C:\PROGRAM FILES\FOXIT SOFTWARE\FOXIT READER\plugins\npFoxitReaderPlugin.dll [2015-02-11] (Foxit Corporation)
FF Plugin: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.fdf -> C:\PROGRAM FILES\FOXIT SOFTWARE\FOXIT READER\plugins\npFoxitReaderPlugin.dll [2015-02-11] (Foxit Corporation)
FF Plugin: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xdp -> C:\PROGRAM FILES\FOXIT SOFTWARE\FOXIT READER\plugins\npFoxitReaderPlugin.dll [2015-02-11] (Foxit Corporation)
FF Plugin: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xfdf -> C:\PROGRAM FILES\FOXIT SOFTWARE\FOXIT READER\plugins\npFoxitReaderPlugin.dll [2015-02-11] (Foxit Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] ( Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\NPSWF32.dll [2006-01-02] ()
FF SearchPlugin: C:\Users\MOHAMED\AppData\Roaming\Mozilla\Firefox\Profiles\q946ll2b.default\searchplugins\bing-.xml [2015-11-28]
FF Extension: EPUBReader - C:\Users\MOHAMED\AppData\Roaming\Mozilla\Firefox\Profiles\q946ll2b.default\extensions\{5384767E-00D9-40E9-B72F-9CC39D655D6F} [2015-10-26]
FF Extension: RADIO PLAYER - C:\Users\MOHAMED\AppData\Roaming\Mozilla\Firefox\Profiles\q946ll2b.default\extensions\radio@radioplayer.fr.xpi [2015-11-14]
FF Extension: Avira Browser Safety - C:\Users\MOHAMED\AppData\Roaming\Mozilla\Firefox\Profiles\q946ll2b.default\Extensions\abs@avira.com [2015-11-21] [not signed]
FF Extension: Bing Search - C:\Users\MOHAMED\AppData\Roaming\Mozilla\Firefox\Profiles\q946ll2b.default\Extensions\bingsearch.full@microsoft.com.xpi [2015-11-28]
FF Extension: mp3it - C:\Users\MOHAMED\AppData\Roaming\Mozilla\Firefox\Profiles\q946ll2b.default\Extensions\info@mp3it.eu.xpi [2015-10-12]
FF Extension: Discover Treasure - C:\Users\MOHAMED\AppData\Roaming\Mozilla\Firefox\Profiles\q946ll2b.default\Extensions\{f2946686-f9e9-480e-a42e-fa7351bd720c}.xpi [2015-11-21] [not signed]
FF ExtraCheck: C:\Program Files\mozilla firefox\defaults\pref\!7A8D88F6C2113928B54F491A53369C4A7A8D.js [2015-11-21]
Chrome:
=======
CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM\...\Chrome\Extension: [ngpampappnmepgilojfohadhhmbhlaek] - C:\Program Files\Internet Download Manager\IDMGCExt.crx
==================== Services (Whitelisted) ========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S2 AntiVirMailService; C:\Program Files\Avira\Antivirus\avmailc7.exe [936544 2015-10-28] (Avira Operations GmbH & Co. KG)
R2 AntiVirSchedulerService; C:\Program Files\Avira\Antivirus\sched.exe [466408 2015-10-28] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files\Avira\Antivirus\avguard.exe [466408 2015-10-28] (Avira Operations GmbH & Co. KG)
S2 AntiVirWebService; C:\Program Files\Avira\Antivirus\avwebg7.exe [1105952 2015-10-28] (Avira Operations GmbH & Co. KG)
R2 Avira.ServiceHost; C:\Program Files\Avira\Launcher\Avira.ServiceHost.exe [250136 2015-11-03] (Avira Operations GmbH & Co. KG)
R2 HPSupportSolutionsFrameworkService; C:\Program Files\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe [24888 2015-07-26] (Hewlett-Packard Company)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [680960 2009-07-14] (Microsoft Corporation)
===================== Drivers (Whitelisted) ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [108448 2015-10-28] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [136728 2015-10-28] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [37896 2015-10-28] (Avira Operations GmbH & Co. KG)
R2 avnetflt; C:\Windows\System32\DRIVERS\avnetflt.sys [55912 2015-10-28] (Avira Operations GmbH & Co. KG)
R1 ElbyCDIO; C:\Windows\System32\Drivers\ElbyCDIO.sys [30616 2014-12-20] (Elaborate Bytes AG)
R3 RTL8192Ce; C:\Windows\System32\DRIVERS\rtl8192Ce.sys [1035368 2011-04-22] (Realtek Semiconductor Corporation )
R1 ssmdrv; C:\Windows\System32\DRIVERS\ssmdrv.sys [31848 2015-10-28] (Avira Operations GmbH & Co. KG)
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2015-12-02 15:57 - 2015-12-02 15:58 - 00010318 _____ C:\Users\MOHAMED\Desktop\FRST.txt
2015-12-02 15:56 - 2015-12-02 15:57 - 00000000 ____D C:\FRST
2015-12-02 15:56 - 2015-12-02 15:55 - 01721344 _____ (Farbar) C:\Users\MOHAMED\Desktop\FRST.exe
2015-12-02 15:55 - 2015-12-02 15:55 - 01721344 _____ (Farbar) C:\Users\MOHAMED\Downloads\FRST.exe
2015-12-02 11:13 - 2015-12-02 11:13 - 00001216 _____ C:\Users\MOHAMED\Desktop\ZHPFixReport.txt
2015-12-02 11:10 - 2015-12-02 11:10 - 00001799 _____ C:\Users\Public\Desktop\ZHPFix.lnk
2015-12-02 11:10 - 2015-12-02 11:10 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ZHP
2015-12-02 00:00 - 2015-12-02 11:21 - 00059890 _____ C:\Users\MOHAMED\Desktop\ZHPDiag.txt
2015-12-01 23:54 - 2015-12-02 11:15 - 00000824 _____ C:\Users\MOHAMED\Desktop\ZHPDiag.lnk
2015-12-01 23:52 - 2015-12-01 23:52 - 00001849 _____ C:\Users\MOHAMED\Desktop\ZHPCleaner.txt
2015-12-01 23:14 - 2015-11-28 21:52 - 01977856 _____ C:\Users\MOHAMED\Desktop\ZHPDiag3.exe
2015-12-01 23:11 - 2015-12-02 11:17 - 00000000 ____D C:\Users\MOHAMED\AppData\Roaming\ZHP
2015-12-01 23:11 - 2015-12-01 23:11 - 00000834 _____ C:\Users\MOHAMED\Desktop\ZHPCleaner.lnk
2015-12-01 22:56 - 2015-12-01 22:56 - 00075434 _____ C:\Users\MOHAMED\Desktop\Pierre Bourdieu, Ce que parler veut dire. L'économie des échanges linguistiques. - Persée.htm
2015-12-01 22:56 - 2015-12-01 22:56 - 00000000 ____D C:\Users\MOHAMED\Desktop\Pierre Bourdieu, Ce que parler veut dire. L'économie des échanges linguistiques. - Persée_fichiers
2015-12-01 22:54 - 2015-12-01 22:54 - 00068992 _____ C:\Users\MOHAMED\Desktop\À propos de ce que parler veut dire.htm
2015-12-01 22:54 - 2015-12-01 22:54 - 00000000 ____D C:\Users\MOHAMED\Desktop\À propos de ce que parler veut dire_fichiers
2015-12-01 22:52 - 2015-12-01 22:53 - 00023411 _____ C:\Users\MOHAMED\Desktop\Les échanges linguistiques, 'Ce que parler veut dire'.htm
2015-12-01 22:52 - 2015-12-01 22:52 - 00000000 ____D C:\Users\MOHAMED\Desktop\Les échanges linguistiques, 'Ce que parler veut dire'_fichiers
2015-12-01 14:50 - 2015-12-01 14:50 - 00092710 _____ C:\Users\MOHAMED\Desktop\Esprit critique - Revue internationale de sociologie et de sciences sociales.htm
2015-12-01 14:50 - 2015-12-01 14:50 - 00000000 ____D C:\Users\MOHAMED\Desktop\Esprit critique - Revue internationale de sociologie et de sciences sociales_fichiers
2015-12-01 14:49 - 2015-12-01 14:50 - 00439332 ____H C:\Users\MOHAMED\Desktop\dictionnaire.GID
2015-12-01 14:47 - 2015-12-01 14:47 - 00086703 _____ C:\Users\MOHAMED\Desktop\Politique linguistique, politique scolaire la situation du Maroc - Cairn.info.htm
2015-12-01 14:45 - 2015-12-01 14:47 - 00000000 ____D C:\Users\MOHAMED\Desktop\Politique linguistique, politique scolaire la situation du Maroc - Cairn.info_fichiers
2015-11-30 16:04 - 2015-11-30 16:05 - 00044748 _____ C:\Users\MOHAMED\Downloads\séquences 4-5-6.zip
2015-11-29 21:47 - 2015-11-29 21:47 - 02754255 _____ C:\Users\MOHAMED\Downloads\000303_PartieVIII.pdf
2015-11-29 21:28 - 2015-11-29 21:28 - 00091590 _____ C:\Users\MOHAMED\Downloads\Approche_sur_la_politique_linguistique_a.pdf
2015-11-29 20:35 - 2015-11-30 11:53 - 00000000 ____D C:\Users\MOHAMED\Desktop\NOTES
2015-11-29 17:36 - 2015-11-29 17:36 - 00358378 _____ C:\Users\MOHAMED\Downloads\License-W7+.exe
2015-11-29 17:22 - 2015-11-29 17:22 - 80249168 _____ C:\Users\MOHAMED\Downloads\malwarebyte(1).rar
2015-11-29 16:56 - 2015-11-29 16:57 - 03521617 _____ (Nicolas Coolman ) C:\Users\MOHAMED\Downloads\ZHPFix(1).exe
2015-11-29 16:46 - 2015-12-02 11:10 - 00000000 ____D C:\Program Files\ZHPFix
2015-11-29 16:43 - 2015-11-29 16:43 - 03521617 _____ (Nicolas Coolman ) C:\Users\MOHAMED\Desktop\ZHPFix.exe
2015-11-29 15:49 - 2015-11-29 15:49 - 01903104 _____ C:\Users\MOHAMED\Downloads\ZHPCleaner.exe
2015-11-28 22:31 - 2015-11-28 22:31 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2015-11-28 22:31 - 2015-11-28 22:31 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2015-11-28 22:29 - 2015-11-28 22:29 - 07018720 _____ (Microsoft Corporation) C:\Users\MOHAMED\Downloads\Silverlight.exe
2015-11-28 21:51 - 2015-11-28 21:52 - 01977856 _____ C:\Users\MOHAMED\Downloads\ZHPDiag3.exe
2015-11-26 14:25 - 2015-11-13 05:48 - 00657334 _____ C:\Users\MOHAMED\Desktop\LL23_139_142.pdf
2015-11-25 23:04 - 2015-11-25 23:04 - 01306147 _____ C:\Users\MOHAMED\Downloads\42-3.pdf
2015-11-24 10:03 - 2015-11-24 10:04 - 01733632 _____ C:\Users\MOHAMED\Downloads\adwcleaner_5.022.exe
2015-11-21 23:53 - 2015-11-21 23:53 - 00000098 _____ C:\ProgramData\{262E20B8-6E20-4CEF-B1FD-D022AB1085F5}.dat
2015-11-21 23:34 - 2015-11-21 23:35 - 23671486 _____ C:\Users\MOHAMED\Downloads\Encyclopaedia.Universalis.NO-DVD.edition.2012_CRKEXE-FFF.rar
2015-11-21 22:56 - 2015-11-21 22:56 - 00249992 _____ C:\Users\MOHAMED\Downloads\LangCog2-print.pdf
2015-11-21 08:11 - 2010-04-02 02:05 - 37346150 _____ C:\Users\MOHAMED\Desktop\Le Bon Usage - grammaire française.djvu
2015-11-21 08:08 - 2015-11-21 08:10 - 37345957 _____ C:\Users\MOHAMED\Downloads\Le Bon Usage - gr fr .rar
2015-11-21 08:05 - 2015-11-21 08:05 - 00000000 ____D C:\Users\MOHAMED\AppData\Roaming\Avira
2015-11-21 07:50 - 2015-11-21 07:54 - 69144917 _____ C:\Users\MOHAMED\Desktop\Grammaire-Methodique-du-Francais.pdf
2015-11-21 07:42 - 2015-10-28 18:21 - 00136728 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avipbb.sys
2015-11-21 07:42 - 2015-10-28 18:21 - 00108448 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avgntflt.sys
2015-11-21 07:42 - 2015-10-28 18:21 - 00055912 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avnetflt.sys
2015-11-21 07:42 - 2015-10-28 18:21 - 00037896 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avkmgr.sys
2015-11-21 07:42 - 2015-10-28 18:21 - 00031848 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\ssmdrv.sys
2015-11-21 07:33 - 2015-11-29 20:37 - 00000000 ____D C:\Users\MOHAMED\Desktop\sclgst
2015-11-21 07:26 - 2015-11-26 07:03 - 00001136 _____ C:\Users\Public\Desktop\Avira Launcher.lnk
2015-11-21 07:26 - 2015-11-21 07:46 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2015-11-21 07:26 - 2015-11-21 07:41 - 00000000 ____D C:\ProgramData\Avira
2015-11-21 07:26 - 2015-11-21 07:41 - 00000000 ____D C:\Program Files\Avira
2015-11-21 07:26 - 2015-11-21 07:26 - 00000000 ____D C:\ProgramData\Package Cache
2015-11-21 07:17 - 2015-11-21 07:17 - 04584344 _____ (Avira Operations GmbH & Co. KG) C:\Users\MOHAMED\Downloads\avira_en_av_4446297808__ws.exe
2015-11-21 07:09 - 2015-11-28 22:35 - 00000000 ____D C:\AdwCleaner
2015-11-21 07:00 - 2015-11-21 07:01 - 01732096 _____ C:\Users\MOHAMED\Downloads\adwcleaner_5.021.exe
2015-11-21 06:48 - 2015-11-21 06:48 - 00007605 _____ C:\Users\MOHAMED\AppData\Local\Resmon.ResmonCfg
2015-11-21 06:15 - 2015-11-21 06:15 - 00000000 ____D C:\ProgramData\Loaris
2015-11-20 12:03 - 2015-11-20 12:03 - 00000000 ___SD C:\Windows\system32\CompatTel
2015-11-20 12:03 - 2015-11-20 12:03 - 00000000 ____D C:\Windows\system32\appraiser
2015-11-20 11:32 - 2015-11-20 11:33 - 01472475 _____ C:\Users\MOHAMED\Downloads\module1_1.pdf
2015-11-20 10:54 - 2015-11-20 10:54 - 01394981 _____ C:\Users\MOHAMED\Downloads\mots_0243-6450_1997_num_52_1_2467.pdf
2015-11-20 10:44 - 2015-09-18 16:32 - 00023384 _____ (Microsoft Corporation) C:\Windows\system32\CompatTelRunner.exe
2015-11-20 10:44 - 2015-09-18 16:30 - 01120768 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2015-11-20 10:44 - 2015-09-18 16:30 - 00615936 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2015-11-20 10:44 - 2015-09-18 16:30 - 00587776 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2015-11-20 10:44 - 2015-09-18 16:30 - 00423936 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2015-11-20 10:44 - 2015-09-18 16:30 - 00062976 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2015-11-20 10:44 - 2015-09-18 16:25 - 00999936 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2015-11-20 10:44 - 2015-05-21 13:18 - 00163840 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll
2015-11-20 10:44 - 2015-03-19 02:57 - 03963320 _____ (Microsoft Corporation) C:\Windows\system32\ntkrnlpa.exe
2015-11-20 10:44 - 2015-03-19 02:57 - 03908024 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-11-20 10:44 - 2015-01-27 23:28 - 01167520 _____ (Microsoft Corporation) C:\Windows\system32\aitstatic.exe
2015-11-20 10:44 - 2014-09-15 00:42 - 02377216 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2015-11-20 10:44 - 2013-03-19 04:54 - 00038912 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2015-11-20 10:44 - 2013-03-19 02:50 - 00069632 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2015-11-20 10:44 - 2010-12-18 05:29 - 00541184 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2015-11-20 10:38 - 2015-06-23 12:27 - 00246952 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2015-11-20 10:37 - 2015-11-20 10:37 - 00000000 ____D C:\Users\Public\Foxit Software
2015-11-20 10:35 - 2015-11-26 07:03 - 00002089 _____ C:\Users\Public\Desktop\Foxit Reader.lnk
2015-11-20 10:35 - 2015-11-20 10:35 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Foxit Reader
2015-11-20 10:17 - 2012-06-02 22:19 - 01933848 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2015-11-20 10:17 - 2012-06-02 22:19 - 00053784 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2015-11-20 10:17 - 2012-06-02 22:19 - 00045080 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2015-11-20 10:17 - 2012-06-02 22:12 - 02422272 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2015-11-20 10:16 - 2012-06-02 22:19 - 00577048 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2015-11-20 10:16 - 2012-06-02 22:19 - 00035864 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2015-11-20 10:16 - 2012-06-02 22:12 - 00088576 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2015-11-20 10:16 - 2012-06-02 15:19 - 00171904 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2015-11-20 10:16 - 2012-06-02 15:12 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2015-11-19 19:53 - 2015-11-26 07:03 - 00002611 _____ C:\Users\Public\Desktop\MEDIADICO pour votre PC.lnk
2015-11-19 19:53 - 2015-11-19 19:53 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LAventure
2015-11-19 19:53 - 2015-11-19 19:53 - 00000000 ____D C:\Program Files\LAventure
2015-11-19 19:51 - 2015-11-19 19:51 - 01159168 _____ C:\Users\MOHAMED\Downloads\dictionnaire mediadico.msi
2015-11-19 12:03 - 2015-11-19 12:03 - 00069873 _____ C:\Users\MOHAMED\Downloads\Sociolang.pdf
2015-11-18 11:41 - 2015-11-18 11:42 - 04935350 _____ C:\Users\MOHAMED\Downloads\eset_ess_8_userguide_fra(1).pdf
2015-11-18 11:41 - 2015-11-18 11:41 - 04935350 _____ C:\Users\MOHAMED\Downloads\eset_ess_8_userguide_fra.pdf
2015-11-17 10:25 - 2015-11-17 10:26 - 00139373 _____ C:\Users\MOHAMED\Downloads\praxematique-3063-28-henri-boyer-ed-sociolinguistique-territoire-et-objets.pdf
2015-11-12 10:40 - 2015-11-12 10:40 - 00127296 _____ C:\Users\MOHAMED\Downloads\Dialnet-SociolonguistiquePolitiqueLinguistiqueEtFonctionna-4411584.pdf
2015-11-12 10:34 - 2015-11-12 10:34 - 00677195 _____ C:\Users\MOHAMED\Downloads\2003-Diglossies_en_question_Cahiers_.pdf
2015-11-12 10:29 - 2015-11-12 10:29 - 00275284 _____ C:\Users\MOHAMED\Downloads\Variation_linguistique....pdf
2015-11-12 01:45 - 2015-11-12 01:46 - 75032577 _____ C:\Users\MOHAMED\Downloads\__rar_0.568
2015-11-12 01:26 - 2015-11-12 01:26 - 80249168 _____ C:\Users\MOHAMED\Downloads\malwarebyte.rar
2015-11-12 00:38 - 2015-11-29 17:42 - 00170200 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-11-12 00:36 - 2015-11-29 17:43 - 00000000 ____D C:\Program Files\Malwarebytes Anti-Malware
2015-11-12 00:36 - 2015-11-26 07:03 - 00001058 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2015-11-12 00:36 - 2015-11-12 00:36 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2015-11-12 00:36 - 2015-11-12 00:36 - 00000000 ____D C:\ProgramData\Malwarebytes
2015-11-12 00:36 - 2015-10-05 09:50 - 00094936 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamchameleon.sys
2015-11-12 00:36 - 2015-10-05 09:50 - 00051928 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2015-11-12 00:36 - 2015-10-05 09:50 - 00023256 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbam.sys
2015-11-12 00:31 - 2015-11-12 00:35 - 22908888 _____ (Malwarebytes ) C:\Users\MOHAMED\Downloads\mbam-setup-techspot.31794-2.2.0.1024.exe
2015-11-11 20:33 - 2015-11-21 23:52 - 00000000 ____D C:\Program Files\Mozilla Firefox
2015-11-11 17:10 - 2015-11-12 12:53 - 00000004 _____ C:\Windows\system32\029B560A371F4E00AB32838EBC01B9E7
2015-11-11 17:09 - 2015-11-11 17:09 - 00000000 ____D C:\Users\MOHAMED\AppData\Local\Opera Software
2015-11-11 17:08 - 2015-11-11 17:08 - 00000000 ____D C:\Users\MOHAMED\AppData\Roaming\Opera Software
2015-11-11 17:05 - 2015-11-21 08:16 - 00000000 ____D C:\Program Files\Opera
2015-11-11 17:05 - 2015-11-18 11:48 - 00000000 ____D C:\Program Files\Common Files\Warmlax
2015-11-11 17:04 - 2015-11-11 17:04 - 00000187 _____ C:\Users\MOHAMED\AppData\Local\Doublebase.exe.config
2015-11-05 06:15 - 2015-11-05 06:55 - 00000000 ____D C:\Users\MOHAMED\Desktop\séquence 4
2015-11-05 06:12 - 2015-11-05 06:12 - 00942435 _____ C:\Users\MOHAMED\Downloads\nouvel-espace.rar
2015-11-04 11:18 - 2015-11-04 11:18 - 00000000 ____D C:\Users\MOHAMED\AppData\Local\ElevatedDiagnostics
2015-11-03 15:15 - 2015-11-03 15:15 - 00000000 ____D C:\Users\MOHAMED\Desktop\sociolinguistique
2015-11-03 15:15 - 2015-11-03 15:15 - 00000000 ____D C:\Users\MOHAMED\Desktop\petite poucette
2015-11-02 16:54 - 2015-11-02 16:54 - 00000000 ____D C:\Program Files\Hewlett-Packard
2015-11-02 16:46 - 2015-11-02 16:48 - 03774136 _____ (Oleg N. Scherbakov) C:\Users\MOHAMED\Downloads\HPSupportSolutionsFramework-12.0.30.81.exe
2015-11-02 16:40 - 2015-11-04 11:12 - 00000000 ____D C:\Program Files\Driver Downloader
2015-11-02 16:11 - 2015-11-02 16:11 - 00040492 _____ C:\Users\MOHAMED\Downloads\Module_1.pdf
2015-11-02 15:47 - 2015-11-02 15:47 - 00085471 _____ C:\Users\MOHAMED\Downloads\PSP1125-Partie4bis.pdf
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2015-12-02 15:58 - 2009-07-14 02:37 - 00000000 ____D C:\Windows\inf
2015-12-02 15:56 - 2009-07-14 02:37 - 00000000 ____D C:\Windows
2015-12-02 15:48 - 2009-07-14 04:53 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2015-12-02 11:42 - 2009-07-14 04:34 - 00014400 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-12-02 11:42 - 2009-07-14 04:34 - 00014400 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-11-30 15:42 - 2015-10-01 06:56 - 00704480 _____ C:\Windows\system32\perfh00C.dat
2015-11-30 15:42 - 2015-10-01 06:56 - 00130754 _____ C:\Windows\system32\perfc00C.dat
2015-11-30 15:42 - 2015-10-01 04:06 - 01549700 _____ C:\Windows\system32\PerfStringBackup.INI
2015-11-26 14:00 - 2009-07-14 02:37 - 00000000 ____D C:\Windows\system32\NDF
2015-11-26 07:04 - 2015-10-01 04:00 - 00001393 _____ C:\Users\MOHAMED\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2015-11-26 07:04 - 2015-09-30 22:15 - 00001109 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2015-11-26 07:04 - 2009-07-14 04:46 - 00001479 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
2015-11-26 07:04 - 2009-07-14 04:42 - 00001340 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Anytime Upgrade.lnk
2015-11-26 07:04 - 2009-07-14 04:42 - 00001292 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sidebar.lnk
2015-11-26 07:04 - 2009-07-14 04:42 - 00001234 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\XPS Viewer.lnk
2015-11-26 07:04 - 2009-07-14 04:42 - 00001198 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Fax and Scan.lnk
2015-11-26 07:03 - 2015-10-25 23:57 - 00001162 _____ C:\Users\Public\Desktop\LG PC Suite.lnk
2015-11-26 07:03 - 2015-10-08 14:32 - 00001124 _____ C:\Users\Public\Desktop\Le Petit Robert 2014.lnk
2015-11-26 07:03 - 2015-10-08 14:21 - 00001206 _____ C:\Users\Public\Desktop\Virtual CloneDrive.lnk
2015-11-26 07:03 - 2015-10-01 14:24 - 00000963 _____ C:\Users\Public\Desktop\CCleaner.lnk
2015-11-26 07:03 - 2015-09-30 22:15 - 00001103 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk
2015-11-26 07:03 - 2009-07-14 04:46 - 00001218 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Default Programs.lnk
2015-11-26 07:03 - 2009-07-14 04:37 - 00001246 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Windows Update.lnk
2015-11-26 07:02 - 2015-10-08 21:10 - 00001425 _____ C:\Users\MOHAMED\Desktop\Encyclopaedia Universalis 2012.lnk
2015-11-26 07:02 - 2015-10-01 14:30 - 00000999 _____ C:\Users\MOHAMED\Desktop\Le Grand Robert.lnk
2015-11-26 07:02 - 2015-09-30 22:56 - 00000458 _____ C:\Users\MOHAMED\Desktop\Local Disk (D) - Shortcut.lnk
2015-11-25 22:35 - 2009-07-14 04:53 - 00032548 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2015-11-22 00:04 - 2015-10-08 21:25 - 00000000 ____D C:\Users\MOHAMED\.Universalis
2015-11-22 00:02 - 2015-10-08 21:25 - 00000000 ____D C:\Users\MOHAMED\.JxBrowser
2015-11-21 06:19 - 2009-07-14 04:52 - 00000000 ____D C:\Windows\Performance
2015-11-21 05:50 - 2009-07-14 02:37 - 00000000 ____D C:\Windows\AppCompat
2015-11-20 23:07 - 2009-07-14 04:33 - 00449472 _____ C:\Windows\system32\FNTCACHE.DAT
2015-11-13 05:47 - 2009-07-14 02:37 - 00000000 ____D C:\Windows\ModemLogs
2015-11-12 10:14 - 2015-09-30 22:15 - 00000000 ____D C:\Program Files\Mozilla Maintenance Service
2015-11-03 12:43 - 2015-09-30 21:50 - 00120976 _____ C:\Users\MOHAMED\AppData\Local\GDIPFONTCACHEV1.DAT
==================== Files in the root of some directories =======
2015-11-11 17:04 - 2015-11-11 17:04 - 0000187 _____ () C:\Users\MOHAMED\AppData\Local\Doublebase.exe.config
2015-11-21 06:48 - 2015-11-21 06:48 - 0007605 _____ () C:\Users\MOHAMED\AppData\Local\Resmon.ResmonCfg
2015-11-21 23:53 - 2015-11-21 23:53 - 0000098 _____ () C:\ProgramData\{262E20B8-6E20-4CEF-B1FD-D022AB1085F5}.dat
Files to move or delete:
====================
C:\ProgramData\{262E20B8-6E20-4CEF-B1FD-D022AB1085F5}.dat
Some files in TEMP:
====================
C:\Users\MOHAMED\AppData\Local\Temp\avgnt.exe
==================== Bamital & volsnap =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed