Publicité
Publicité
Format du document : text/plain
Prévisualisation
Résultats d'analyse de Farbar Recovery Scan Tool (FRST) (x64) Version:05-03-2016 01
Exécuté par Hichem (administrateur) sur HICHEM-PC (31-03-2016 19:40:51)
Exécuté depuis C:\Users\Hichem\Downloads\Programs
Profils chargés: Hichem (Profils disponibles: Hichem & Invité)
Platform: Windows 7 Ultimate Service Pack 1 (X64) Langue: Français (France)
Internet Explorer Version 9 (Navigateur par défaut: Chrome)
Mode d'amorçage: Normal
Tutoriel pour Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processus (Avec liste blanche) =================
(Si un élément est inclus dans le fichier fixlist.txt, le processus sera arrêté. Le fichier ne sera pas déplacé.)
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Arcai.com) C:\Program Files (x86)\netcut\services\aips.exe
() C:\ProgramData\Airtostrong\Airtostrong.exe
(Qualcomm®Atheros®) C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe
(Tonec Inc.) C:\Program Files (x86)\Internet Download Manager\IDMan.exe
() C:\xampp\xampp-control.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.29.5\GoogleCrashHandler.exe
(Windows (R) Win 7 DDK provider) C:\Program Files (x86)\Bluetooth Suite\AdminService.exe
(BlueStack Systems, Inc.) C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe
(BlueStack Systems, Inc.) C:\Program Files (x86)\BlueStacks\HD-UpdaterService.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
() C:\Users\Hichem\AppData\Local\Scotcane.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.29.5\GoogleCrashHandler64.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(BlueStack Systems, Inc.) C:\Program Files (x86)\BlueStacks\HD-Service.exe
(BlueStack Systems) C:\Program Files (x86)\BlueStacks\HD-Network.exe
(BlueStack Systems) C:\Program Files (x86)\BlueStacks\HD-BlockDevice.exe
(BlueStack Systems) C:\Program Files (x86)\BlueStacks\HD-SharedFolder.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
(Flexera Software LLC) C:\Program Files (x86)\ArcGIS\License10.2\bin\lmgrd.exe
(Flexera Software LLC) C:\Program Files (x86)\ArcGIS\License10.2\bin\lmgrd.exe
(Flexera Software LLC) C:\Program Files (x86)\Common Files\Macrovision Shared\FlexNet Publisher\FNPLicensingService.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(ESRI) C:\Program Files (x86)\ArcGIS\License10.2\bin\ARCGIS.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Apache Software Foundation) C:\xampp\apache\bin\httpd.exe
() C:\xampp\mysql\bin\mysqld.exe
(Apache Software Foundation) C:\xampp\apache\bin\httpd.exe
(Opera Software) C:\Program Files (x86)\Opera\34.0.2036.47\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\34.0.2036.47\opera_crashreporter.exe
(Opera Software) C:\Program Files (x86)\Opera\34.0.2036.47\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\34.0.2036.47\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\34.0.2036.47\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\34.0.2036.47\opera.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
==================== Registre (Avec liste blanche) ===========================
(Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé. Le fichier ne sera pas déplacé.)
HKLM\...\Policies\Explorer\Run: [BtvStack] => C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe [134784 2015-01-04] (Qualcomm®Atheros®)
HKU\S-1-5-21-2806210034-2992568506-4107741175-1000\...\Run: [IDMan] => C:\Program Files (x86)\Internet Download Manager\IDMan.exe [3933392 2016-02-11] (Tonec Inc.)
HKU\S-1-5-21-2806210034-2992568506-4107741175-1000\...\Run: [IDM trial reset] => C:\Program Files (x86)\Internet Download Manager\IDMan Trial Reset by Chamsoo.exe [1178624 2015-07-22] ()
HKU\S-1-5-21-2806210034-2992568506-4107741175-1000\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [8551848 2015-10-19] (Piriform Ltd)
HKU\S-1-5-21-2806210034-2992568506-4107741175-1000\...\MountPoints2: {13c5264d-7109-11e5-992a-806e6f6e6963} - E:\wubi.exe
HKU\S-1-5-21-2806210034-2992568506-4107741175-1000\...\MountPoints2: {c962ea40-d338-11e5-913f-9cad9759a28e} - F:\autorun.exe
HKU\S-1-5-21-2806210034-2992568506-4107741175-1000\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\system32\scrnsave.scr [11264 2009-07-14] (Microsoft Corporation)
AppInit_DLLs: C:\ProgramData\Airtostrong\Toughphase.dll => C:\ProgramData\Airtostrong\Toughphase.dll [363520 2016-03-16] ()
AppInit_DLLs-x32: C:\ProgramData\Airtostrong\TipNix.dll => C:\ProgramData\Airtostrong\TipNix.dll [257536 2016-03-16] ()
ShellIconOverlayIdentifiers: [ IDM Shell Extension] -> {CDC95B92-E27C-4745-A8C5-64A52A78855D} => C:\Program Files (x86)\Internet Download Manager\IDMShellExt64.dll [2015-08-14] (Tonec Inc.)
Startup: C:\Users\Hichem\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\xampp-control - Raccourci.lnk [2016-02-22]
ShortcutTarget: xampp-control - Raccourci.lnk -> C:\xampp\xampp-control.exe ()
==================== Internet (Avec liste blanche) ====================
(Si un élément est inclus dans le fichier fixlist.txt, s'il s'agit d'un élément du Registre, il sera supprimé ou restauré à la valeur par défaut.)
Hosts: Il y a plus d'un élément dans hosts. Voir la section Hosts de Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1 192.168.1.1
Tcpip\..\Interfaces\{DFB7ADA1-1799-4BE5-AA79-8B992A619D40}: [DhcpNameServer] 192.168.1.1 192.168.1.1
Internet Explorer:
==================
HKU\S-1-5-21-2806210034-2992568506-4107741175-1000\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://%66%65%65%64.%73%6F%6E%69%63-%73%65%61%72%63%68.%63%6F%6D/?p=mKO_AwFzXIpYRaHdGKBUTxkij9_ByuMcS4zqTgWbU8wLEY3iXPVNXRaoopM9TuuAp3uTgXKzpQvn4BF_dVZutR1biVnFFgjqOOHibDAdsOsGk9TfhFFcsTPavx75skIILAOxxlhQiMzzVWQvZZvanJWTOblE8SVe7FS0e-r1UAKOReGm1xcdWrDUUBJ_UXkLcHiv_NE,&q={searchTerms}
HKU\S-1-5-21-2806210034-2992568506-4107741175-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://%66%65%65%64.%73%6E%61%70%64%6F.%63%6F%6D/?p=mKO_AwFzXIpYRaHdGKBUTxkij9_ByuMcS4zqTgWbU8wLEY3iXPVNXRaoopM9TuuAp3uTgXKzpQvn4BF_dVZutR1biVnFFgjqOOHibDAdsOfXqc9pw4-TwIubu70hSvztCcpugdUL8qYeC7RQ_3GX0mBNdcR51u_FMTrdoMXB_egfMKdnegMLRwDhnwh3M-7uyYCKIZ0,
HKU\S-1-5-21-2806210034-2992568506-4107741175-1000\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxp://%66%65%65%64.%73%6F%6E%69%63-%73%65%61%72%63%68.%63%6F%6D/?p=mKO_AwFzXIpYRaHdGKBUTxkij9_ByuMcS4zqTgWbU8wLEY3iXPVNXRaoopM9TuuAp3uTgXKzpQvn4BF_dVZutR1biVnFFgjqOOHibDAdsOsGk9TfhFFcsTPavx75skIILAOxxlhQiMzzVWQvZZvanJWTOblE8SVe7FS0e-r1UAKOReGm1xcdWrDUUBJ_UXkLcHiv_NE,&q={searchTerms}
HKU\S-1-5-21-2806210034-2992568506-4107741175-1000\Software\Microsoft\Internet Explorer\Main,SearchAssistant = hxxp://%66%65%65%64.%73%6F%6E%69%63-%73%65%61%72%63%68.%63%6F%6D/?p=mKO_AwFzXIpYRaHdGKBUTxkij9_ByuMcS4zqTgWbU8wLEY3iXPVNXRaoopM9TuuAp3uTgXKzpQvn4BF_dVZutR1biVnFFgjqOOHibDAdsOsGk9TfhFFcsTPavx75skIILAOxxlhQiMzzVWQvZZvanJWTOblE8SVe7FS0e-r1UAKOReGm1xcdWrDUUBJ_UXkLcHiv_NE,&q={searchTerms}
SearchScopes: HKLM-x32 -> DefaultScope {ielnksrch} URL =
SearchScopes: HKLM-x32 -> ielnksrch URL = hxxp://%66%65%65%64.%73%6F%6E%69%63-%73%65%61%72%63%68.%63%6F%6D/?p=mKO_AwFzXIpYRaHdGKBUTxkij9_ByuMcS4zqTgWbU8wLEY3iXPVNXRaoopM9TuuAp3uTgXKzpQvn4BF_dVZutR1biVnFFgjqOOHibDAdsOsGk9TfhFFcsTPavx75skIILAOxxlhQiMzzVWQvZZvanJWTOblE8SVe7FS0e-r1UAKOReGm1xcdWrDUUBJ_UXkLcHiv_NE,&q={searchTerms}
SearchScopes: HKU\S-1-5-21-2806210034-2992568506-4107741175-1000 -> DefaultScope {ielnksrch} URL = hxxp://%66%65%65%64.%73%6F%6E%69%63-%73%65%61%72%63%68.%63%6F%6D/?p=mKO_AwFzXIpYRaHdGKBUTxkij9_ByuMcS4zqTgWbU8wLEY3iXPVNXRaoopM9TuuAp3uTgXKzpQvn4BF_dVZutR1biVnFFgjqOOHibDAdsOsGk9TfhFFcsTPavx75skIILAOxxlhQiMzzVWQvZZvanJWTOblE8SVe7FS0e-r1UAKOReGm1xcdWrDUUBJ_UXkLcHiv_NE,&q={searchTerms}
SearchScopes: HKU\S-1-5-21-2806210034-2992568506-4107741175-1000 -> {ielnksrch} URL = hxxp://%66%65%65%64.%73%6F%6E%69%63-%73%65%61%72%63%68.%63%6F%6D/?p=mKO_AwFzXIpYRaHdGKBUTxkij9_ByuMcS4zqTgWbU8wLEY3iXPVNXRaoopM9TuuAp3uTgXKzpQvn4BF_dVZutR1biVnFFgjqOOHibDAdsOsGk9TfhFFcsTPavx75skIILAOxxlhQiMzzVWQvZZvanJWTOblE8SVe7FS0e-r1UAKOReGm1xcdWrDUUBJ_UXkLcHiv_NE,&q={searchTerms}
BHO: IDM integration (IDMIEHlprObj Class) -> {0055C089-8582-441B-A0BF-17B458C2A3A8} -> C:\Program Files (x86)\Internet Download Manager\IDMIECC64.dll [2015-12-08] (Internet Download Manager, Tonec Inc.)
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\Office15\OCHelper.dll [2012-10-01] (Microsoft Corporation)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office15\URLREDIR.DLL [2012-10-01] (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL [2012-10-01] (Microsoft Corporation)
BHO-x32: IDM integration (IDMIEHlprObj Class) -> {0055C089-8582-441B-A0BF-17B458C2A3A8} -> C:\Program Files (x86)\Internet Download Manager\IDMIECC.dll [2015-12-08] (Internet Download Manager, Tonec Inc.)
BHO-x32: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2012-01-03] (Adobe Systems Incorporated)
BHO-x32: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll [2012-10-01] (Microsoft Corporation)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office15\URLREDIR.DLL [2012-10-01] (Microsoft Corporation)
BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL [2012-10-01] (Microsoft Corporation)
Handler-x32: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.14.0.8117.0416.dll [2010-04-16] (Microsoft Corporation)
Handler-x32: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.14.0.8117.0416.dll [2010-04-16] (Microsoft Corporation)
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL [2012-10-01] (Microsoft Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll [2009-04-21] (Skype Technologies)
FireFox:
========
FF ProfilePath: C:\Users\Hichem\AppData\Roaming\Mozilla\Firefox\Profiles\vmk4b1w2.default
FF NewTab: C:\ProgramData\Airtostrongs\ff.NT
FF DefaultSearchEngine: findit
FF Homepage: C:\ProgramData\Airtostrongs\ff.HP
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_11_3_300_268.dll [2015-10-10] ()
FF Plugin: @microsoft.com/GENUINE -> disabled [Pas de fichier]
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~2\Office15\NPSPWRAP.DLL [2012-10-01] (Microsoft Corporation)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll [2013-03-21] (Adobe Systems)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32.dll [Pas de fichier]
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\system32\Adobe\Director\np32dsw.dll [Pas de fichier]
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll [2015-05-21] (Google)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-12-10] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-12-10] (Intel Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [Pas de fichier]
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2012-10-01] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office15\NPSPWRAP.DLL [2012-10-01] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-02-03] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-02-03] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.0.2 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2012-04-23] (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll [2012-01-03] (Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll [2013-03-21] (Adobe Systems)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npMeetingJoinPluginOC.dll [2012-10-01] (Microsoft Corporation)
FF SearchPlugin: C:\Users\Hichem\AppData\Roaming\Mozilla\Firefox\Profiles\vmk4b1w2.default\searchplugins\findit.xml [2016-03-31]
FF Extension: IDM integration - C:\Program Files (x86)\Internet Download Manager\idmmzcc2.xpi [2016-01-27]
FF Extension: Proxy Switcher - C:\Users\Hichem\AppData\Roaming\Mozilla\Firefox\Profiles\vmk4b1w2.default\Extensions\jid0-hjBdm7jJii7llLkqacvGnd3gHge@jetpack.xpi [2016-03-23]
FF HKU\S-1-5-21-2806210034-2992568506-4107741175-1000\...\Firefox\Extensions: [mozilla_cc2@internetdownloadmanager.com] - C:\Program Files (x86)\Internet Download Manager\idmmzcc2.xpi
FF HKU\S-1-5-21-2806210034-2992568506-4107741175-1000\...\SeaMonkey\Extensions: [mozilla_cc@internetdownloadmanager.com] - C:\Users\Hichem\AppData\Roaming\IDM\idmmzcc5
FF Extension: IDM CC - C:\Users\Hichem\AppData\Roaming\IDM\idmmzcc5 [2016-03-31] [non signé]
FF HKU\S-1-5-21-2806210034-2992568506-4107741175-1000\...\SeaMonkey\Extensions: [mozilla_cc2@internetdownloadmanager.com] - C:\Program Files (x86)\Internet Download Manager\idmmzcc2.xpi
Chrome:
=======
CHR HomePage: Profile 1 -> hxxp://%66%65%65%64.%73%6E%61%70%64%6F.%63%6F%6D/?p=mKO_AwFzXIpYRaHdGKBUTxkij9_ByuMcS4zqTgWbU8wLEY3iXPVNXRaoopM9TuuAp3uTgXKzpQvn4BF_dVZutR1biVnFFgjqOOHibDAdsOsdYvlK6g-RfhPiRCNAoh7uSSZWPDT9b_zFzAvOipb7Lq4913n3bU6kqDo67p-v0ompVhBxbN85RaIkdLUu6vVRhAir80g,
CHR StartupUrls: Profile 1 -> "hxxp://istart.webssearches.com/?type=hp&ts=1413757697&from=pjr&uid=TOSHIBAXMK5061GSY_51IBT8SKTXX51IBT8SKT","hxxp://search.yahoo.com/?fr=hp-ddc-bd&type=12_pr__alt__ddc_dsssyc_bd_com","hxxp://search.yahoo.com/?fr=hp-ddc-bd&type=pr__alt__ddc_dsssyc_bd_com","hxxp://q.search-simple.com/?affID=pr_02e41b5f-867c-4901-b54d-38b417884956"
CHR DefaultSearchURL: Profile 1 -> hxxp://%66%65%65%64.%73%6F%6E%69%63-%73%65%61%72%63%68.%63%6F%6D/?p=mKO_AwFzXIpYRaHdGKBUTxkij9_ByuMcS4zqTgWbU8wLEY3iXPVNXRaoopM9TuuAp3uTgXKzpQvn4BF_dVZutR1biVnFFgjqOOHibDAdsOsRVNz2hp2WmsU9SC3zLPva-83bTfm6hHCQIlxupnagUCGZxI7lNGIgnQsIRA4wymekhur6vF1pwrXB2dLOEWmNNUaFjpM,&q={searchTerms}
CHR DefaultSearchKeyword: Profile 1 -> feed.sonic-search.com
CHR DefaultSuggestURL: Profile 1 -> hxxps://search.yahoo.com/sugg/chrome?output=fxjson&appid=crmas&command={searchTerms}
CHR Profile: C:\Users\Hichem\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Slides) - C:\Users\Hichem\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-10-11]
CHR Extension: (h264ify) - C:\Users\Hichem\AppData\Local\Google\Chrome\User Data\Default\Extensions\aleakchihdccplidncghkekgioiakgal [2016-03-08]
CHR Extension: (Traducteur pour toutes les langues) - C:\Users\Hichem\AppData\Local\Google\Chrome\User Data\Default\Extensions\amdeidgbmcliegnpcbbkhlflkbdpomhk [2015-10-11]
CHR Extension: (Google Drive) - C:\Users\Hichem\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-10-27]
CHR Extension: (YouTube) - C:\Users\Hichem\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-10-11]
CHR Extension: (Adblock Plus) - C:\Users\Hichem\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2016-03-10]
CHR Extension: (IDM Integration Module Extension) - C:\Users\Hichem\AppData\Local\Google\Chrome\User Data\Default\Extensions\cnlojoclkbpmfhakhaagjpjfifbaoadf [2015-10-31]
CHR Extension: (Recherche Google) - C:\Users\Hichem\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-10-27]
CHR Extension: (Facebook Customizer (by Adblock Plus)) - C:\Users\Hichem\AppData\Local\Google\Chrome\User Data\Default\Extensions\deoeenbkoccjaefmmhpmlegngdjohdcm [2015-10-11]
CHR Extension: (Maze de lumière) - C:\Users\Hichem\AppData\Local\Google\Chrome\User Data\Default\Extensions\fcdbolegdomdkabhnmgapboiaophhiec [2016-01-03]
CHR Extension: (Google Sheets) - C:\Users\Hichem\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-10-11]
CHR Extension: (Google Docs hors connexion) - C:\Users\Hichem\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2015-11-18]
CHR Extension: (AdBlock) - C:\Users\Hichem\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2016-03-10]
CHR Extension: (Instant Translate: Translator and Dictionary) - C:\Users\Hichem\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihmgiclibbndffejedjimfjmfoabpcke [2016-03-08]
CHR Extension: (Emoji Input by EmojiStuff.com) - C:\Users\Hichem\AppData\Local\Google\Chrome\User Data\Default\Extensions\immhpnclomdloikkpcefncmfgjbkojmh [2015-11-28]
CHR Extension: (AdRemover for Google Chrome™) - C:\Users\Hichem\AppData\Local\Google\Chrome\User Data\Default\Extensions\mcefmojpghnaceadnghednjhbmphipkb [2016-03-08]
CHR Extension: (MailTrack for Gmail) - C:\Users\Hichem\AppData\Local\Google\Chrome\User Data\Default\Extensions\ndnaehgpjlnokgebbaldlmgkapkpjkkb [2016-03-10]
CHR Extension: (IDM Integration Module) - C:\Users\Hichem\AppData\Local\Google\Chrome\User Data\Default\Extensions\ngpampappnmepgilojfohadhhmbhlaek [2016-03-12]
CHR Extension: (Paiements via le Chrome Web Store) - C:\Users\Hichem\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-10-11]
CHR Extension: (Gmail) - C:\Users\Hichem\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-10-11]
CHR Profile: C:\Users\Hichem\AppData\Local\Google\Chrome\User Data\Profile 1
CHR Extension: (Google Slides) - C:\Users\Hichem\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2016-03-11]
CHR Extension: (h264ify) - C:\Users\Hichem\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aleakchihdccplidncghkekgioiakgal [2016-03-11]
CHR Extension: (Traducteur pour toutes les langues) - C:\Users\Hichem\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\amdeidgbmcliegnpcbbkhlflkbdpomhk [2016-03-11]
CHR Extension: (Google Docs) - C:\Users\Hichem\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aohghmighlieiainnegkcijnfilokake [2016-03-11]
CHR Extension: (Google Drive) - C:\Users\Hichem\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-03-11]
CHR Extension: (YouTube) - C:\Users\Hichem\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-03-11]
CHR Extension: (Adblock Plus) - C:\Users\Hichem\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2016-03-11]
CHR Extension: (Recherche Google) - C:\Users\Hichem\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2016-03-11]
CHR Extension: (Facebook Customizer (by Adblock Plus)) - C:\Users\Hichem\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\deoeenbkoccjaefmmhpmlegngdjohdcm [2016-03-11]
CHR Extension: (Talk and Comment - Notes vocales) - C:\Users\Hichem\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\djnhkfljnimcpelfndpcjcgngmefaobl [2016-03-30]
CHR Extension: (Maze de lumière) - C:\Users\Hichem\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\fcdbolegdomdkabhnmgapboiaophhiec [2016-03-14]
CHR Extension: (Google Sheets) - C:\Users\Hichem\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2016-03-11]
CHR Extension: (AdBlock) - C:\Users\Hichem\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2016-03-20]
CHR Extension: (Instant Translate: Translator and Dictionary) - C:\Users\Hichem\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ihmgiclibbndffejedjimfjmfoabpcke [2016-03-31]
CHR Extension: (Emoji Input by EmojiStuff.com) - C:\Users\Hichem\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\immhpnclomdloikkpcefncmfgjbkojmh [2016-03-22]
CHR Extension: (goMovix) - C:\Users\Hichem\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\jiogeidobnphbnjmnlcjpopgfghcnebf [2016-03-11]
CHR Extension: (AdRemover for Google Chrome™) - C:\Users\Hichem\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\mcefmojpghnaceadnghednjhbmphipkb [2016-03-24]
CHR Extension: (IDM Integration Module) - C:\Users\Hichem\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ngpampappnmepgilojfohadhhmbhlaek [2016-03-11]
CHR Extension: (Paiements via le Chrome Web Store) - C:\Users\Hichem\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-03-11]
CHR Extension: (Subtitles For YouTube) - C:\Users\Hichem\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\oanhbddbfkjaphdibnebkklpplclomal [2016-03-24]
CHR Extension: (Gmail) - C:\Users\Hichem\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-03-11]
CHR HKLM\...\Chrome\Extension: [fcgnigmofekcllgbiejhmigggmgehkip] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM\...\Chrome\Extension: [ngpampappnmepgilojfohadhhmbhlaek] - C:\Program Files (x86)\Internet Download Manager\IDMGCExt.crx [2016-02-11]
CHR HKLM-x32\...\Chrome\Extension: [ngpampappnmepgilojfohadhhmbhlaek] - C:\Program Files (x86)\Internet Download Manager\IDMGCExt.crx [2016-02-11]
==================== Services (Avec liste blanche) ========================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
R2 AIPS; C:\Program Files (x86)\netcut\services\AIPS.exe [262144 2011-07-28] (Arcai.com) [Fichier non signé]
R2 Airtostrong; C:\ProgramData\\Airtostrong\\Airtostrong.exe [529408 2016-03-16] () [Fichier non signé]
R2 ArcGIS License Manager; C:\Program Files (x86)\ArcGIS\License10.2\bin\lmgrd.exe [1452408 2013-11-13] (Flexera Software LLC)
R2 AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [323200 2015-01-04] (Windows (R) Win 7 DDK provider) [Fichier non signé]
R2 BstHdAndroidSvc; C:\Program Files (x86)\BlueStacks\HD-Service.exe [414720 2015-03-14] (BlueStack Systems, Inc.) [Fichier non signé]
R2 BstHdLogRotatorSvc; C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe [388824 2015-03-10] (BlueStack Systems, Inc.)
R2 BstHdUpdaterSvc; C:\Program Files (x86)\BlueStacks\HD-UpdaterService.exe [794328 2015-03-10] (BlueStack Systems, Inc.)
R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [18856 2015-06-23] (Intel Corporation)
R2 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe [344168 2015-10-08] (Intel Corporation)
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [747520 2013-08-27] (Intel(R) Corporation) [Fichier non signé]
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [828376 2013-08-27] (Intel(R) Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-12-10] (Intel Corporation)
R2 prmauct; C:\Users\Hichem\AppData\Local\Scotcane.exe [28160 2016-03-11] () [Fichier non signé]
S3 rpcapd; C:\Program Files (x86)\WinPcap\rpcapd.exe [117264 2010-06-25] (CACE Technologies, Inc.)
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [6889232 2015-12-14] (TeamViewer GmbH)
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2009-07-14] (Microsoft Corporation)
===================== Pilotes (Avec liste blanche) ==========================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
R2 BstHdDrv; C:\Program Files (x86)\BlueStacks\HD-Hypervisor-amd64.sys [145624 2015-03-10] (BlueStack Systems)
R3 BTATH_LWFLT; C:\Windows\System32\DRIVERS\btath_lwflt.sys [77464 2015-01-04] (Qualcomm Atheros)
S3 ebdrv; C:\Windows\system32\drivers\evbda.sys [3286016 2009-06-10] (Broadcom Corporation)
R0 iaStorF; C:\Windows\System32\DRIVERS\iaStorF.sys [31144 2015-06-23] (Intel Corporation)
R1 ISODrive; C:\Program Files (x86)\UltraISO\drivers\ISODrv64.sys [115448 2013-11-21] (EZB Systems, Inc.)
R3 MEIx64; C:\Windows\System32\DRIVERS\TeeDriverx64.sys [100312 2013-12-10] (Intel Corporation)
R2 NPF; C:\Windows\System32\drivers\npf.sys [35344 2010-06-25] (CACE Technologies, Inc.)
R3 RTSPER; C:\Windows\System32\DRIVERS\RtsPer.sys [752856 2015-05-29] (Realsil Semiconductor Corporation)
U5 RTSUER; C:\Windows\System32\Drivers\RTSUER.sys [402136 2015-05-27] (Realsil Semiconductor Corporation)
S3 VGPU; System32\drivers\rdvgkmd.sys [X]
==================== NetSvcs (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
==================== Un mois - Créés - fichiers et dossiers ========
(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)
2016-03-31 19:39 - 2016-03-31 19:40 - 00000000 ____D C:\FRST
2016-03-31 18:55 - 2016-03-31 19:25 - 19781274 _____ C:\Users\Hichem\Downloads\BeautifulQueenslandTracieLouise.themepack
2016-03-31 18:55 - 2016-03-31 19:15 - 07884764 _____ C:\Users\Hichem\Downloads\AuroraBorealis.themepack
2016-03-31 18:53 - 2016-03-31 19:13 - 10652531 _____ C:\Users\Hichem\Downloads\MomentsCaptured_RishAgarwal.themepack
2016-03-31 18:52 - 2016-03-31 19:11 - 06342103 _____ C:\Users\Hichem\Downloads\FireMarcSchroeder.themepack
2016-03-31 18:35 - 2016-03-31 18:51 - 09287153 _____ C:\Users\Hichem\Downloads\Roses.themepack
2016-03-31 18:35 - 2016-03-31 18:50 - 14505226 _____ C:\Users\Hichem\Downloads\RelicsOfTheSea.themepack
2016-03-31 18:34 - 2016-03-31 19:03 - 08050514 _____ C:\Users\Hichem\Downloads\TheMilkyWay.themepack
2016-03-31 18:30 - 2016-03-31 19:18 - 25780408 _____ C:\Users\Hichem\Downloads\CommunityShowcaseAqua3.themepack
2016-03-31 13:13 - 2016-03-31 13:13 - 00000000 ___RD C:\Users\Hichem\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BT Devices
2016-03-30 21:07 - 2016-03-30 21:09 - 00000000 ____D C:\Users\Hichem\Downloads\Terminator.Genisys.2015.BRRip.XViD-ETRG
2016-03-30 21:03 - 2016-03-30 21:03 - 00057595 _____ C:\Users\Hichem\Downloads\11582_Terminator.Genisys.2015.BRRip.XViDETRG.torrent
2016-03-30 21:03 - 2016-03-30 21:03 - 00057595 _____ C:\Users\Hichem\Downloads\11582_Terminator.Genisys.2015.BRRip.XViDETRG (1).torrent
2016-03-30 19:24 - 2016-03-30 19:26 - 03532922 _____ C:\Users\Hichem\Downloads\jetpack.3.9.4.zip
2016-03-30 19:22 - 2016-03-30 19:22 - 00053014 _____ C:\Users\Hichem\Downloads\theme-check.20151211.1.zip
2016-03-30 18:25 - 2016-03-30 18:25 - 00012876 _____ C:\Users\Hichem\Downloads\Liste infos WordPress.xlsx
2016-03-29 14:41 - 2016-03-29 14:42 - 00987728 _____ (Google Inc.) C:\Users\Hichem\Downloads\ChromeSetup.exe
2016-03-29 02:39 - 2016-03-29 02:40 - 01005568 _____ (Microsoft Corporation) C:\Users\Hichem\Downloads\dotNetFx45_Full_setup.exe
2016-03-29 02:37 - 2016-03-29 02:37 - 00728455 _____ C:\Users\Hichem\Downloads\kmdf-1.11-Win-6.1-x86.msu
2016-03-29 00:29 - 2016-03-29 00:29 - 00003276 _____ C:\Windows\System32\Tasks\psv_Lamhome
2016-03-28 16:53 - 2016-03-28 16:53 - 00003286 _____ C:\Windows\System32\Tasks\psv_Opeaptough
2016-03-28 16:53 - 2016-03-28 16:53 - 00003278 _____ C:\Windows\System32\Tasks\psv_Freshtip
2016-03-28 16:52 - 2016-03-28 16:52 - 00003280 _____ C:\Windows\System32\Tasks\psv_Voltjob
2016-03-27 19:04 - 2016-03-27 19:20 - 00000000 ____D C:\Users\Hichem\Downloads\La Formation - Concevez votre site web avec PHP et MySQL
2016-03-27 19:03 - 2016-03-27 19:03 - 00028174 _____ C:\Users\Hichem\Downloads\La Formation - Concevez votre site web avec PHP et MySQL.torrent
2016-03-26 23:08 - 2013-12-10 00:27 - 00016344 _____ (Intel Corporation) C:\Windows\system32\Drivers\IntelMEFWVer.dll
2016-03-26 23:07 - 2016-03-26 23:07 - 00000000 ____H C:\Windows\system32\Drivers\Msft_Kernel_TeeDriverx64_01011.Wdf
2016-03-26 23:06 - 2013-12-10 00:27 - 01795952 _____ (Microsoft Corporation) C:\Windows\system32\WdfCoInstaller01011.dll
2016-03-26 23:06 - 2013-12-10 00:27 - 00100312 _____ (Intel Corporation) C:\Windows\system32\Drivers\TeeDriverx64.sys
2016-03-26 21:45 - 2016-03-26 23:05 - 58728303 _____ C:\Users\Hichem\Downloads\MEI_Win7_8_8.1_9.5.24.1790_1.5M.zip
2016-03-26 18:01 - 2016-03-26 18:01 - 00003272 _____ C:\Windows\System32\Tasks\psv_Black-Lax
2016-03-26 12:29 - 2016-03-26 12:29 - 00003282 _____ C:\Windows\System32\Tasks\psv_Donity
2016-03-25 21:34 - 2016-03-25 21:34 - 00003284 _____ C:\Windows\System32\Tasks\psv_U-cof
2016-03-25 18:23 - 2016-03-25 18:23 - 00038680 _____ C:\Users\Hichem\Downloads\تسيير الموارد البشرية.rar
2016-03-25 17:15 - 2016-03-31 18:20 - 01212416 _____ C:\Users\Hichem\Desktop\تسيير الموارد البشرية.accdb
2016-03-25 02:16 - 2016-03-25 02:19 - 1051688960 _____ C:\Users\Hichem\Documents\UBUNTO 14.0.iso
2016-03-25 00:00 - 2016-03-25 01:38 - 00000000 ____D C:\Users\Hichem\VirtualBox VMs
2016-03-24 23:47 - 2016-03-26 00:55 - 00000000 ____D C:\Users\Hichem\.VirtualBox
2016-03-24 23:46 - 2016-03-24 23:46 - 00001076 _____ C:\Users\Public\Desktop\Oracle VM VirtualBox.lnk
2016-03-24 23:46 - 2016-03-24 23:46 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Oracle VM VirtualBox
2016-03-24 23:46 - 2016-03-24 23:46 - 00000000 ____D C:\Program Files\Oracle
2016-03-24 23:46 - 2012-12-19 14:48 - 00237992 _____ (Oracle Corporation) C:\Windows\system32\Drivers\VBoxDrv.sys
2016-03-24 23:46 - 2012-12-19 14:47 - 00120232 _____ (Oracle Corporation) C:\Windows\system32\Drivers\VBoxUSBMon.sys
2016-03-24 23:10 - 2016-03-24 23:11 - 00601940 _____ C:\Users\Hichem\Downloads\ns-3-tutorial.pdf
2016-03-24 22:21 - 2016-03-24 22:21 - 00003244 _____ C:\Windows\System32\Tasks\yeedownlxa
2016-03-24 18:41 - 2016-03-24 18:41 - 00098142 _____ C:\Users\Hichem\Downloads\M+22+Administration+de+reseau+sous+windows+server+2008.htm
2016-03-23 21:50 - 2016-03-23 21:58 - 13882908 _____ C:\Users\Hichem\Downloads\2016-03-23 data export.zip
2016-03-23 21:49 - 2016-03-23 21:49 - 00110788 _____ C:\Users\Hichem\Downloads\course_files_export.zip
2016-03-23 21:49 - 2016-03-23 21:49 - 00007522 _____ C:\Users\Hichem\Downloads\sso.htm
2016-03-23 21:35 - 2016-03-23 21:35 - 00104452 _____ C:\Users\Hichem\Downloads\webinar CyberSecurity.pdf
2016-03-23 16:15 - 2016-03-23 16:15 - 00003270 _____ C:\Windows\System32\Tasks\psv_S-trax
2016-03-20 00:03 - 2016-03-20 00:03 - 00003280 _____ C:\Windows\System32\Tasks\psv_PlusAir
2016-03-19 16:51 - 2016-03-19 16:51 - 00003290 _____ C:\Windows\System32\Tasks\psv_Zercom
2016-03-19 16:51 - 2016-03-19 16:51 - 00003286 _____ C:\Windows\System32\Tasks\psv_AnQuozap
2016-03-19 16:50 - 2016-03-19 16:50 - 00003286 _____ C:\Windows\System32\Tasks\psv_San-In
2016-03-16 16:50 - 2016-03-31 17:04 - 00002393 _____ C:\Windows\SysWOW64\findit.xml
2016-03-16 16:50 - 2016-03-31 17:04 - 00000000 ____D C:\ProgramData\Airtostrong
2016-03-16 16:50 - 2016-03-16 16:50 - 00000000 ____D C:\ProgramData\Airtostrongs
2016-03-16 16:46 - 2016-03-16 16:46 - 02794722 _____ () C:\Program Files\Common Files\esksy3vi.exe
2016-03-15 19:31 - 2016-03-15 19:31 - 00003282 _____ C:\Windows\System32\Tasks\psv_TranCore
2016-03-15 19:31 - 2016-03-15 19:31 - 00003278 _____ C:\Windows\System32\Tasks\psv_Tech-Touch
2016-03-15 19:30 - 2016-03-15 19:30 - 00003286 _____ C:\Windows\System32\Tasks\psv_Freshdom
2016-03-14 18:53 - 2016-03-14 18:53 - 00003296 _____ C:\Windows\System32\Tasks\psv_BamDonjob
2016-03-12 17:30 - 2016-03-31 13:14 - 00003490 _____ C:\Windows\System32\Tasks\AutoKMS
2016-03-12 15:50 - 2016-03-12 15:50 - 03170418 _____ () C:\Program Files\Common Files\0cden5fh.exe
2016-03-12 15:46 - 2016-03-12 15:46 - 00003388 _____ C:\Windows\System32\Tasks\1dpkq5r4
2016-03-12 15:46 - 2016-03-12 15:46 - 00000000 ____D C:\Program Files\Common Files\reegu3ih
2016-03-12 14:35 - 2016-03-12 17:26 - 00000000 ____D C:\Program Files (x86)\AdwCleaner
2016-03-12 14:26 - 2016-03-12 14:26 - 00000000 ____D C:\Program Files\Enigma Software Group
2016-03-12 14:22 - 2016-03-12 14:25 - 03237248 _____ (Enigma Software Group USA, LLC.) C:\Users\Hichem\Downloads\sh-remover.exe
2016-03-12 14:07 - 2016-03-12 14:08 - 00001798 _____ C:\Users\Hichem\Desktop\chrome - Raccourci.lnk
2016-03-12 13:59 - 2016-03-12 14:00 - 00000000 ____D C:\Users\Hichem\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108
2016-03-12 13:12 - 2016-03-12 13:49 - 00000000 ____D C:\ProgramData\serfe
2016-03-11 18:34 - 2016-03-11 18:34 - 00023064 _____ C:\Users\Hichem\Downloads\config.bin
2016-03-11 18:31 - 2016-03-11 18:31 - 00000000 ____D C:\Users\Public\Thunder Network
2016-03-11 18:31 - 2016-03-11 18:31 - 00000000 ____D C:\ProgramData\Thunder Network
2016-03-11 18:21 - 2016-03-12 13:49 - 00000000 ____D C:\Users\Hichem\AppData\Roaming\UPUpdata
2016-03-11 17:48 - 2016-03-11 17:49 - 00000000 ____D C:\Windows\pss
2016-03-11 17:28 - 2016-03-11 17:28 - 01132300 _____ C:\Users\Hichem\AppData\Roaming\Tempsunflex.tst
2016-03-11 17:28 - 2016-03-11 17:28 - 00000000 _____ C:\Users\Hichem\AppData\Roaming\agent.dat
2016-03-11 17:25 - 2016-03-11 18:03 - 00000000 ____D C:\Program Files\pclient
2016-03-11 17:22 - 2016-03-11 17:22 - 00126464 _____ C:\Users\Hichem\AppData\Roaming\lobby.dat
2016-03-11 17:22 - 2016-03-11 17:22 - 00072704 _____ C:\Users\Hichem\AppData\Roaming\Sunzap.tst
2016-03-11 17:22 - 2016-03-11 17:22 - 00054272 _____ C:\Users\Hichem\AppData\Roaming\ApplicationHosting.dat
2016-03-11 17:22 - 2016-03-11 17:22 - 00002880 _____ C:\Users\Hichem\AppData\Roaming\md.xml
2016-03-11 17:19 - 2016-03-11 17:19 - 00188573 _____ () C:\Users\Hichem\AppData\Roaming\Doneco.bin
2016-03-11 17:14 - 2016-03-11 17:14 - 00848437 _____ C:\Users\Hichem\AppData\Roaming\RonCof.bin
2016-03-11 17:03 - 2016-03-11 17:04 - 00017472 _____ C:\Users\Hichem\AppData\Roaming\InstallationConfiguration.xml
2016-03-11 17:03 - 2016-03-11 17:03 - 00127488 _____ C:\Users\Hichem\AppData\Roaming\Installer.dat
2016-03-11 17:02 - 2016-03-12 13:49 - 00000000 ____D C:\Program Files\Common Files\zwfvoivl
2016-03-11 16:45 - 2016-03-11 21:41 - 00000000 ____D C:\Users\Hichem\AppData\Local\app
2016-03-11 16:17 - 2016-03-11 16:17 - 00000000 ____D C:\Users\Hichem\AppData\Roaming\gplyra
2016-03-11 16:01 - 2016-03-11 16:04 - 00000000 ____D C:\Users\Public\Documents\dmp
2016-03-11 16:01 - 2016-03-11 15:54 - 00524849 _____ C:\Windows\system32\Drivers\etc\hp.bak
2016-03-11 16:00 - 2016-03-11 16:00 - 00041472 _____ C:\Users\Hichem\AppData\Local\Scotcane.dat
2016-03-11 16:00 - 2016-03-11 16:00 - 00028160 _____ C:\Users\Hichem\AppData\Local\Scotcane.exe
2016-03-11 16:00 - 2016-03-11 16:00 - 00000187 _____ C:\Users\Hichem\AppData\Local\Scotcane.exe.config
2016-03-10 16:53 - 2016-03-10 16:53 - 00007105 _____ C:\Users\Hichem\Downloads\craag.wordpress.2016-03-10.xml
2016-03-10 16:10 - 2016-03-10 16:10 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\XAMPP
2016-03-10 16:06 - 2016-03-12 13:50 - 00000000 ____D C:\xampp
2016-03-10 14:09 - 2016-03-10 14:14 - 10110021 _____ C:\Users\Hichem\Downloads\Station régionale d'Oran.zip
2016-03-10 13:54 - 2016-03-10 13:54 - 00000318 _____ C:\Users\Hichem\Downloads\facture.xls
2016-03-07 21:03 - 2016-03-07 21:03 - 00000000 ____D C:\Users\Hichem\AppData\Local\Paint.NET
2016-03-04 14:44 - 2016-03-04 14:44 - 00001509 _____ C:\Users\Hichem\Downloads\PT-Assessment-Client-3860894.jnlp
2016-03-04 14:43 - 2016-03-04 14:43 - 00000000 ____D C:\Users\Hichem\AppData\Roaming\IsolatedStorage
2016-03-04 14:43 - 2016-03-04 14:43 - 00000000 ____D C:\ProgramData\IsolatedStorage
2016-03-04 14:29 - 2016-03-04 14:29 - 00000000 ____D C:\Spacekace
2016-03-03 20:59 - 2016-03-03 21:01 - 00000000 ____D C:\Users\Hichem\Cisco Packet Tracer 6.3
2016-03-03 20:58 - 2016-03-03 20:58 - 00001233 _____ C:\Users\Hichem\Desktop\Cisco Packet Tracer.lnk
2016-03-03 20:58 - 2016-03-03 20:58 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Cisco Packet Tracer
2016-03-03 20:58 - 2016-03-03 20:58 - 00000000 ____D C:\Program Files (x86)\Cisco Packet Tracer 6.3
2016-03-03 19:11 - 2016-03-03 19:11 - 00001507 _____ C:\Users\Hichem\Downloads\PT-Assessment-Client-3835338.jnlp
2016-03-03 19:01 - 2016-03-03 19:01 - 00001507 _____ C:\Users\Hichem\Downloads\PT-Assessment-Client-3835032.jnlp
2016-03-01 18:13 - 2016-02-29 22:22 - 00043772 _____ C:\Users\Hichem\Documents\Configuration.mc
==================== Un mois - Modifiés - fichiers et dossiers ========
(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)
2016-03-31 18:55 - 2015-10-11 20:09 - 00001070 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2016-03-31 17:55 - 2015-10-11 20:09 - 00001066 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2016-03-31 17:09 - 2015-10-12 19:35 - 00000000 ____D C:\Users\Hichem\Downloads\Compressed
2016-03-31 17:05 - 2015-10-28 15:55 - 00000987 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk
2016-03-31 17:05 - 2015-10-11 20:44 - 00002275 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-03-31 17:05 - 2015-10-10 21:00 - 00000993 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2016-03-31 17:05 - 2015-10-10 17:28 - 00001204 _____ C:\Users\Hichem\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2016-03-31 13:19 - 2009-07-14 05:45 - 00021280 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2016-03-31 13:19 - 2009-07-14 05:45 - 00021280 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2016-03-31 13:16 - 2015-11-07 18:22 - 00000000 ____D C:\Program Files (x86)\Opera
2016-03-31 13:14 - 2015-11-01 18:43 - 00005064 _____ C:\Windows\System32\Tasks\Microsoft Office 15 Sync Maintenance for Hichem-PC-Hichem Hichem-PC
2016-03-31 13:13 - 2015-10-27 21:33 - 00000000 __SHD C:\Users\Hichem\IntelGraphicsProfiles
2016-03-31 13:11 - 2009-07-14 06:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2016-03-31 02:28 - 2015-10-12 19:35 - 00000000 ____D C:\Users\Hichem\AppData\Roaming\DMCache
2016-03-30 21:15 - 2015-10-10 21:08 - 00000000 ____D C:\Users\Hichem\AppData\Roaming\uTorrent
2016-03-30 19:00 - 2015-10-10 21:08 - 00000000 ____D C:\Users\Hichem\AppData\Roaming\Notepad++
2016-03-30 18:37 - 2015-10-12 19:40 - 00000000 ____D C:\Users\Hichem\AppData\Roaming\vlc
2016-03-30 18:02 - 2010-11-21 07:19 - 00738536 _____ C:\Windows\system32\perfh00C.dat
2016-03-30 18:02 - 2010-11-21 07:19 - 00149962 _____ C:\Windows\system32\perfc00C.dat
2016-03-30 18:02 - 2009-07-14 06:13 - 01671578 _____ C:\Windows\system32\PerfStringBackup.INI
2016-03-30 18:02 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\inf
2016-03-30 17:55 - 2009-07-14 06:08 - 00032482 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2016-03-29 13:30 - 2016-02-16 21:11 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2016-03-29 12:51 - 2015-10-11 19:26 - 00000000 ____D C:\Users\Hichem\Documents\Bluetooth Folder
2016-03-28 18:18 - 2015-10-12 19:15 - 00000000 ____D C:\Users\Hichem\AppData\Local\Adobe
2016-03-27 23:38 - 2015-10-25 20:00 - 00000233 _____ C:\Users\Hichem\Documents\site.txt
2016-03-26 23:08 - 2015-10-12 18:43 - 00000000 ____D C:\ProgramData\Intel
2016-03-26 23:08 - 2015-10-11 19:28 - 00000000 ____D C:\Program Files\Intel
2016-03-26 23:08 - 2015-10-11 19:18 - 00000000 ____D C:\Program Files (x86)\Intel
2016-03-25 19:59 - 2015-10-11 20:31 - 00000000 ____D C:\Users\Hichem\AppData\Local\CrashDumps
2016-03-25 00:00 - 2015-10-10 17:27 - 00000000 ____D C:\Users\Hichem
2016-03-23 22:29 - 2015-10-12 19:35 - 00000000 ____D C:\Users\Hichem\AppData\Roaming\IDM
2016-03-14 19:20 - 2015-11-08 17:50 - 00000000 ____D C:\Users\Hichem\Documents\Logiciels
2016-03-12 14:41 - 2016-01-13 01:29 - 00000438 __RSH C:\ProgramData\ntuser.pol
2016-03-12 14:38 - 2016-01-01 14:45 - 00000000 ____D C:\Users\Hichem\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome
2016-03-12 14:38 - 2015-11-07 18:22 - 00000998 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Opera.lnk
2016-03-12 14:38 - 2015-11-07 18:22 - 00000986 _____ C:\Users\Public\Desktop\Opera.lnk
2016-03-12 14:38 - 2015-10-30 01:52 - 00000000 ____D C:\Users\Hichem\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Applications Chrome
2016-03-12 13:50 - 2016-02-22 15:20 - 00000000 ____D C:\Users\Hichem\AppData\Roaming\TeamViewer
2016-03-12 13:50 - 2016-02-16 20:15 - 00000000 ____D C:\ProgramData\FLEXnet
2016-03-12 13:50 - 2016-01-18 09:31 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVCutty 3
2016-03-12 13:50 - 2016-01-12 18:34 - 00000000 ____D C:\Users\Invité
2016-03-12 13:50 - 2015-12-13 17:47 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinPcap
2016-03-12 13:50 - 2015-11-24 18:03 - 00000000 ____D C:\Program Files (x86)\WinPcap
2016-03-12 13:50 - 2015-10-12 19:20 - 00000000 ____D C:\Windows\AutoKMS
2016-03-12 13:50 - 2015-10-12 19:14 - 00000000 ____D C:\Windows\System32\Tasks\OfficeSoftwareProtectionPlatform
2016-03-12 13:49 - 2016-01-18 09:31 - 00000000 ____D C:\Program Files (x86)\AVCutty 3
2016-03-12 13:49 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\registration
2016-03-12 13:48 - 2015-12-24 00:36 - 00000000 ____D C:\Users\Hichem\AppData\LocalLow\Google
2016-03-12 13:48 - 2015-10-25 20:09 - 00000000 ____D C:\Users\Hichem\AppData\Local\Mozilla
2016-03-12 13:16 - 2015-12-27 19:31 - 00000124 _____ C:\Users\Hichem\Documents\E-Mail.txt
2016-03-11 17:15 - 2016-02-10 16:56 - 00000000 ____D C:\ProgramData\BlueStacksSetup
2016-03-10 12:42 - 2015-10-12 19:35 - 00000000 ____D C:\Users\Hichem\Downloads\Video
2016-03-10 12:35 - 2015-10-28 17:29 - 00000376 _____ C:\Users\Hichem\.packettracer
2016-03-03 18:33 - 2015-10-28 16:37 - 00000000 ____D C:\Users\Hichem\.oracle_jre_usage
==================== Fichiers à la racine de certains dossiers =======
2016-03-12 15:50 - 2016-03-12 15:50 - 3170418 _____ () C:\Program Files\Common Files\0cden5fh.exe
2016-03-16 16:46 - 2016-03-16 16:46 - 2794722 _____ () C:\Program Files\Common Files\esksy3vi.exe
2016-03-11 17:28 - 2016-03-11 17:28 - 0000000 _____ () C:\Users\Hichem\AppData\Roaming\agent.dat
2016-03-11 17:22 - 2016-03-11 17:22 - 0054272 _____ () C:\Users\Hichem\AppData\Roaming\ApplicationHosting.dat
2016-03-11 17:19 - 2016-03-11 17:19 - 0188573 _____ () C:\Users\Hichem\AppData\Roaming\Doneco.bin
2016-03-11 17:03 - 2016-03-11 17:04 - 0017472 _____ () C:\Users\Hichem\AppData\Roaming\InstallationConfiguration.xml
2016-03-11 17:03 - 2016-03-11 17:03 - 0127488 _____ () C:\Users\Hichem\AppData\Roaming\Installer.dat
2016-03-11 17:22 - 2016-03-11 17:22 - 0126464 _____ () C:\Users\Hichem\AppData\Roaming\lobby.dat
2016-03-11 17:22 - 2016-03-11 17:22 - 0002880 _____ () C:\Users\Hichem\AppData\Roaming\md.xml
2016-03-11 17:14 - 2016-03-11 17:14 - 0848437 _____ () C:\Users\Hichem\AppData\Roaming\RonCof.bin
2016-03-11 17:22 - 2016-03-11 17:22 - 0072704 _____ () C:\Users\Hichem\AppData\Roaming\Sunzap.tst
2016-03-11 17:28 - 2016-03-11 17:28 - 1132300 _____ () C:\Users\Hichem\AppData\Roaming\Tempsunflex.tst
2015-11-08 17:26 - 2015-11-08 17:26 - 225111747 _____ () C:\Users\Hichem\AppData\Local\ACCCx3_3_0_151.zip.aamdownload
2015-11-08 17:26 - 2015-11-08 17:26 - 0002615 _____ () C:\Users\Hichem\AppData\Local\ACCCx3_3_0_151.zip.aamdownload.aamd
2016-01-18 09:34 - 2016-02-13 18:36 - 0004608 _____ () C:\Users\Hichem\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2016-03-11 16:00 - 2016-03-11 16:00 - 0041472 _____ () C:\Users\Hichem\AppData\Local\Scotcane.dat
2016-03-11 16:00 - 2016-03-11 16:00 - 0028160 _____ () C:\Users\Hichem\AppData\Local\Scotcane.exe
2016-03-11 16:00 - 2016-03-11 16:00 - 0000187 _____ () C:\Users\Hichem\AppData\Local\Scotcane.exe.config
2015-10-11 19:24 - 2015-10-11 19:24 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
Certains fichiers dans TEMP:
====================
C:\Users\Hichem\AppData\Local\Temp\uttFFC7.tmp.exe
==================== Bamital & volsnap =================
(Il n'y a pas de correction automatique pour les fichiers qui ne satisfont pas à la vérification.)
C:\Windows\system32\winlogon.exe => Le fichier est signé numériquement
C:\Windows\system32\wininit.exe => Le fichier est signé numériquement
C:\Windows\SysWOW64\wininit.exe => Le fichier est signé numériquement
C:\Windows\explorer.exe => Le fichier est signé numériquement
C:\Windows\SysWOW64\explorer.exe => Le fichier est signé numériquement
C:\Windows\system32\svchost.exe => Le fichier est signé numériquement
C:\Windows\SysWOW64\svchost.exe => Le fichier est signé numériquement
C:\Windows\system32\services.exe => Le fichier est signé numériquement
C:\Windows\system32\User32.dll => Le fichier est signé numériquement
C:\Windows\SysWOW64\User32.dll => Le fichier est signé numériquement
C:\Windows\system32\userinit.exe => Le fichier est signé numériquement
C:\Windows\SysWOW64\userinit.exe => Le fichier est signé numériquement
C:\Windows\system32\rpcss.dll => Le fichier est signé numériquement
C:\Windows\system32\dnsapi.dll => Le fichier est signé numériquement
C:\Windows\SysWOW64\dnsapi.dll => Le fichier est signé numériquement
C:\Windows\system32\Drivers\volsnap.sys => Le fichier est signé numériquement
LastRegBack: 2016-03-29 17:35
==================== Fin de FRST.txt ============================
Exécuté par Hichem (administrateur) sur HICHEM-PC (31-03-2016 19:40:51)
Exécuté depuis C:\Users\Hichem\Downloads\Programs
Profils chargés: Hichem (Profils disponibles: Hichem & Invité)
Platform: Windows 7 Ultimate Service Pack 1 (X64) Langue: Français (France)
Internet Explorer Version 9 (Navigateur par défaut: Chrome)
Mode d'amorçage: Normal
Tutoriel pour Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processus (Avec liste blanche) =================
(Si un élément est inclus dans le fichier fixlist.txt, le processus sera arrêté. Le fichier ne sera pas déplacé.)
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Arcai.com) C:\Program Files (x86)\netcut\services\aips.exe
() C:\ProgramData\Airtostrong\Airtostrong.exe
(Qualcomm®Atheros®) C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe
(Tonec Inc.) C:\Program Files (x86)\Internet Download Manager\IDMan.exe
() C:\xampp\xampp-control.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.29.5\GoogleCrashHandler.exe
(Windows (R) Win 7 DDK provider) C:\Program Files (x86)\Bluetooth Suite\AdminService.exe
(BlueStack Systems, Inc.) C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe
(BlueStack Systems, Inc.) C:\Program Files (x86)\BlueStacks\HD-UpdaterService.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
() C:\Users\Hichem\AppData\Local\Scotcane.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.29.5\GoogleCrashHandler64.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(BlueStack Systems, Inc.) C:\Program Files (x86)\BlueStacks\HD-Service.exe
(BlueStack Systems) C:\Program Files (x86)\BlueStacks\HD-Network.exe
(BlueStack Systems) C:\Program Files (x86)\BlueStacks\HD-BlockDevice.exe
(BlueStack Systems) C:\Program Files (x86)\BlueStacks\HD-SharedFolder.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
(Flexera Software LLC) C:\Program Files (x86)\ArcGIS\License10.2\bin\lmgrd.exe
(Flexera Software LLC) C:\Program Files (x86)\ArcGIS\License10.2\bin\lmgrd.exe
(Flexera Software LLC) C:\Program Files (x86)\Common Files\Macrovision Shared\FlexNet Publisher\FNPLicensingService.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(ESRI) C:\Program Files (x86)\ArcGIS\License10.2\bin\ARCGIS.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Apache Software Foundation) C:\xampp\apache\bin\httpd.exe
() C:\xampp\mysql\bin\mysqld.exe
(Apache Software Foundation) C:\xampp\apache\bin\httpd.exe
(Opera Software) C:\Program Files (x86)\Opera\34.0.2036.47\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\34.0.2036.47\opera_crashreporter.exe
(Opera Software) C:\Program Files (x86)\Opera\34.0.2036.47\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\34.0.2036.47\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\34.0.2036.47\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\34.0.2036.47\opera.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
==================== Registre (Avec liste blanche) ===========================
(Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé. Le fichier ne sera pas déplacé.)
HKLM\...\Policies\Explorer\Run: [BtvStack] => C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe [134784 2015-01-04] (Qualcomm®Atheros®)
HKU\S-1-5-21-2806210034-2992568506-4107741175-1000\...\Run: [IDMan] => C:\Program Files (x86)\Internet Download Manager\IDMan.exe [3933392 2016-02-11] (Tonec Inc.)
HKU\S-1-5-21-2806210034-2992568506-4107741175-1000\...\Run: [IDM trial reset] => C:\Program Files (x86)\Internet Download Manager\IDMan Trial Reset by Chamsoo.exe [1178624 2015-07-22] ()
HKU\S-1-5-21-2806210034-2992568506-4107741175-1000\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [8551848 2015-10-19] (Piriform Ltd)
HKU\S-1-5-21-2806210034-2992568506-4107741175-1000\...\MountPoints2: {13c5264d-7109-11e5-992a-806e6f6e6963} - E:\wubi.exe
HKU\S-1-5-21-2806210034-2992568506-4107741175-1000\...\MountPoints2: {c962ea40-d338-11e5-913f-9cad9759a28e} - F:\autorun.exe
HKU\S-1-5-21-2806210034-2992568506-4107741175-1000\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\system32\scrnsave.scr [11264 2009-07-14] (Microsoft Corporation)
AppInit_DLLs: C:\ProgramData\Airtostrong\Toughphase.dll => C:\ProgramData\Airtostrong\Toughphase.dll [363520 2016-03-16] ()
AppInit_DLLs-x32: C:\ProgramData\Airtostrong\TipNix.dll => C:\ProgramData\Airtostrong\TipNix.dll [257536 2016-03-16] ()
ShellIconOverlayIdentifiers: [ IDM Shell Extension] -> {CDC95B92-E27C-4745-A8C5-64A52A78855D} => C:\Program Files (x86)\Internet Download Manager\IDMShellExt64.dll [2015-08-14] (Tonec Inc.)
Startup: C:\Users\Hichem\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\xampp-control - Raccourci.lnk [2016-02-22]
ShortcutTarget: xampp-control - Raccourci.lnk -> C:\xampp\xampp-control.exe ()
==================== Internet (Avec liste blanche) ====================
(Si un élément est inclus dans le fichier fixlist.txt, s'il s'agit d'un élément du Registre, il sera supprimé ou restauré à la valeur par défaut.)
Hosts: Il y a plus d'un élément dans hosts. Voir la section Hosts de Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1 192.168.1.1
Tcpip\..\Interfaces\{DFB7ADA1-1799-4BE5-AA79-8B992A619D40}: [DhcpNameServer] 192.168.1.1 192.168.1.1
Internet Explorer:
==================
HKU\S-1-5-21-2806210034-2992568506-4107741175-1000\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://%66%65%65%64.%73%6F%6E%69%63-%73%65%61%72%63%68.%63%6F%6D/?p=mKO_AwFzXIpYRaHdGKBUTxkij9_ByuMcS4zqTgWbU8wLEY3iXPVNXRaoopM9TuuAp3uTgXKzpQvn4BF_dVZutR1biVnFFgjqOOHibDAdsOsGk9TfhFFcsTPavx75skIILAOxxlhQiMzzVWQvZZvanJWTOblE8SVe7FS0e-r1UAKOReGm1xcdWrDUUBJ_UXkLcHiv_NE,&q={searchTerms}
HKU\S-1-5-21-2806210034-2992568506-4107741175-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://%66%65%65%64.%73%6E%61%70%64%6F.%63%6F%6D/?p=mKO_AwFzXIpYRaHdGKBUTxkij9_ByuMcS4zqTgWbU8wLEY3iXPVNXRaoopM9TuuAp3uTgXKzpQvn4BF_dVZutR1biVnFFgjqOOHibDAdsOfXqc9pw4-TwIubu70hSvztCcpugdUL8qYeC7RQ_3GX0mBNdcR51u_FMTrdoMXB_egfMKdnegMLRwDhnwh3M-7uyYCKIZ0,
HKU\S-1-5-21-2806210034-2992568506-4107741175-1000\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxp://%66%65%65%64.%73%6F%6E%69%63-%73%65%61%72%63%68.%63%6F%6D/?p=mKO_AwFzXIpYRaHdGKBUTxkij9_ByuMcS4zqTgWbU8wLEY3iXPVNXRaoopM9TuuAp3uTgXKzpQvn4BF_dVZutR1biVnFFgjqOOHibDAdsOsGk9TfhFFcsTPavx75skIILAOxxlhQiMzzVWQvZZvanJWTOblE8SVe7FS0e-r1UAKOReGm1xcdWrDUUBJ_UXkLcHiv_NE,&q={searchTerms}
HKU\S-1-5-21-2806210034-2992568506-4107741175-1000\Software\Microsoft\Internet Explorer\Main,SearchAssistant = hxxp://%66%65%65%64.%73%6F%6E%69%63-%73%65%61%72%63%68.%63%6F%6D/?p=mKO_AwFzXIpYRaHdGKBUTxkij9_ByuMcS4zqTgWbU8wLEY3iXPVNXRaoopM9TuuAp3uTgXKzpQvn4BF_dVZutR1biVnFFgjqOOHibDAdsOsGk9TfhFFcsTPavx75skIILAOxxlhQiMzzVWQvZZvanJWTOblE8SVe7FS0e-r1UAKOReGm1xcdWrDUUBJ_UXkLcHiv_NE,&q={searchTerms}
SearchScopes: HKLM-x32 -> DefaultScope {ielnksrch} URL =
SearchScopes: HKLM-x32 -> ielnksrch URL = hxxp://%66%65%65%64.%73%6F%6E%69%63-%73%65%61%72%63%68.%63%6F%6D/?p=mKO_AwFzXIpYRaHdGKBUTxkij9_ByuMcS4zqTgWbU8wLEY3iXPVNXRaoopM9TuuAp3uTgXKzpQvn4BF_dVZutR1biVnFFgjqOOHibDAdsOsGk9TfhFFcsTPavx75skIILAOxxlhQiMzzVWQvZZvanJWTOblE8SVe7FS0e-r1UAKOReGm1xcdWrDUUBJ_UXkLcHiv_NE,&q={searchTerms}
SearchScopes: HKU\S-1-5-21-2806210034-2992568506-4107741175-1000 -> DefaultScope {ielnksrch} URL = hxxp://%66%65%65%64.%73%6F%6E%69%63-%73%65%61%72%63%68.%63%6F%6D/?p=mKO_AwFzXIpYRaHdGKBUTxkij9_ByuMcS4zqTgWbU8wLEY3iXPVNXRaoopM9TuuAp3uTgXKzpQvn4BF_dVZutR1biVnFFgjqOOHibDAdsOsGk9TfhFFcsTPavx75skIILAOxxlhQiMzzVWQvZZvanJWTOblE8SVe7FS0e-r1UAKOReGm1xcdWrDUUBJ_UXkLcHiv_NE,&q={searchTerms}
SearchScopes: HKU\S-1-5-21-2806210034-2992568506-4107741175-1000 -> {ielnksrch} URL = hxxp://%66%65%65%64.%73%6F%6E%69%63-%73%65%61%72%63%68.%63%6F%6D/?p=mKO_AwFzXIpYRaHdGKBUTxkij9_ByuMcS4zqTgWbU8wLEY3iXPVNXRaoopM9TuuAp3uTgXKzpQvn4BF_dVZutR1biVnFFgjqOOHibDAdsOsGk9TfhFFcsTPavx75skIILAOxxlhQiMzzVWQvZZvanJWTOblE8SVe7FS0e-r1UAKOReGm1xcdWrDUUBJ_UXkLcHiv_NE,&q={searchTerms}
BHO: IDM integration (IDMIEHlprObj Class) -> {0055C089-8582-441B-A0BF-17B458C2A3A8} -> C:\Program Files (x86)\Internet Download Manager\IDMIECC64.dll [2015-12-08] (Internet Download Manager, Tonec Inc.)
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\Office15\OCHelper.dll [2012-10-01] (Microsoft Corporation)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office15\URLREDIR.DLL [2012-10-01] (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL [2012-10-01] (Microsoft Corporation)
BHO-x32: IDM integration (IDMIEHlprObj Class) -> {0055C089-8582-441B-A0BF-17B458C2A3A8} -> C:\Program Files (x86)\Internet Download Manager\IDMIECC.dll [2015-12-08] (Internet Download Manager, Tonec Inc.)
BHO-x32: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2012-01-03] (Adobe Systems Incorporated)
BHO-x32: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll [2012-10-01] (Microsoft Corporation)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office15\URLREDIR.DLL [2012-10-01] (Microsoft Corporation)
BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL [2012-10-01] (Microsoft Corporation)
Handler-x32: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.14.0.8117.0416.dll [2010-04-16] (Microsoft Corporation)
Handler-x32: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.14.0.8117.0416.dll [2010-04-16] (Microsoft Corporation)
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL [2012-10-01] (Microsoft Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll [2009-04-21] (Skype Technologies)
FireFox:
========
FF ProfilePath: C:\Users\Hichem\AppData\Roaming\Mozilla\Firefox\Profiles\vmk4b1w2.default
FF NewTab: C:\ProgramData\Airtostrongs\ff.NT
FF DefaultSearchEngine: findit
FF Homepage: C:\ProgramData\Airtostrongs\ff.HP
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_11_3_300_268.dll [2015-10-10] ()
FF Plugin: @microsoft.com/GENUINE -> disabled [Pas de fichier]
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~2\Office15\NPSPWRAP.DLL [2012-10-01] (Microsoft Corporation)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll [2013-03-21] (Adobe Systems)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32.dll [Pas de fichier]
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\system32\Adobe\Director\np32dsw.dll [Pas de fichier]
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll [2015-05-21] (Google)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-12-10] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-12-10] (Intel Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [Pas de fichier]
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2012-10-01] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office15\NPSPWRAP.DLL [2012-10-01] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-02-03] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-02-03] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.0.2 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2012-04-23] (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll [2012-01-03] (Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll [2013-03-21] (Adobe Systems)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npMeetingJoinPluginOC.dll [2012-10-01] (Microsoft Corporation)
FF SearchPlugin: C:\Users\Hichem\AppData\Roaming\Mozilla\Firefox\Profiles\vmk4b1w2.default\searchplugins\findit.xml [2016-03-31]
FF Extension: IDM integration - C:\Program Files (x86)\Internet Download Manager\idmmzcc2.xpi [2016-01-27]
FF Extension: Proxy Switcher - C:\Users\Hichem\AppData\Roaming\Mozilla\Firefox\Profiles\vmk4b1w2.default\Extensions\jid0-hjBdm7jJii7llLkqacvGnd3gHge@jetpack.xpi [2016-03-23]
FF HKU\S-1-5-21-2806210034-2992568506-4107741175-1000\...\Firefox\Extensions: [mozilla_cc2@internetdownloadmanager.com] - C:\Program Files (x86)\Internet Download Manager\idmmzcc2.xpi
FF HKU\S-1-5-21-2806210034-2992568506-4107741175-1000\...\SeaMonkey\Extensions: [mozilla_cc@internetdownloadmanager.com] - C:\Users\Hichem\AppData\Roaming\IDM\idmmzcc5
FF Extension: IDM CC - C:\Users\Hichem\AppData\Roaming\IDM\idmmzcc5 [2016-03-31] [non signé]
FF HKU\S-1-5-21-2806210034-2992568506-4107741175-1000\...\SeaMonkey\Extensions: [mozilla_cc2@internetdownloadmanager.com] - C:\Program Files (x86)\Internet Download Manager\idmmzcc2.xpi
Chrome:
=======
CHR HomePage: Profile 1 -> hxxp://%66%65%65%64.%73%6E%61%70%64%6F.%63%6F%6D/?p=mKO_AwFzXIpYRaHdGKBUTxkij9_ByuMcS4zqTgWbU8wLEY3iXPVNXRaoopM9TuuAp3uTgXKzpQvn4BF_dVZutR1biVnFFgjqOOHibDAdsOsdYvlK6g-RfhPiRCNAoh7uSSZWPDT9b_zFzAvOipb7Lq4913n3bU6kqDo67p-v0ompVhBxbN85RaIkdLUu6vVRhAir80g,
CHR StartupUrls: Profile 1 -> "hxxp://istart.webssearches.com/?type=hp&ts=1413757697&from=pjr&uid=TOSHIBAXMK5061GSY_51IBT8SKTXX51IBT8SKT","hxxp://search.yahoo.com/?fr=hp-ddc-bd&type=12_pr__alt__ddc_dsssyc_bd_com","hxxp://search.yahoo.com/?fr=hp-ddc-bd&type=pr__alt__ddc_dsssyc_bd_com","hxxp://q.search-simple.com/?affID=pr_02e41b5f-867c-4901-b54d-38b417884956"
CHR DefaultSearchURL: Profile 1 -> hxxp://%66%65%65%64.%73%6F%6E%69%63-%73%65%61%72%63%68.%63%6F%6D/?p=mKO_AwFzXIpYRaHdGKBUTxkij9_ByuMcS4zqTgWbU8wLEY3iXPVNXRaoopM9TuuAp3uTgXKzpQvn4BF_dVZutR1biVnFFgjqOOHibDAdsOsRVNz2hp2WmsU9SC3zLPva-83bTfm6hHCQIlxupnagUCGZxI7lNGIgnQsIRA4wymekhur6vF1pwrXB2dLOEWmNNUaFjpM,&q={searchTerms}
CHR DefaultSearchKeyword: Profile 1 -> feed.sonic-search.com
CHR DefaultSuggestURL: Profile 1 -> hxxps://search.yahoo.com/sugg/chrome?output=fxjson&appid=crmas&command={searchTerms}
CHR Profile: C:\Users\Hichem\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Slides) - C:\Users\Hichem\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-10-11]
CHR Extension: (h264ify) - C:\Users\Hichem\AppData\Local\Google\Chrome\User Data\Default\Extensions\aleakchihdccplidncghkekgioiakgal [2016-03-08]
CHR Extension: (Traducteur pour toutes les langues) - C:\Users\Hichem\AppData\Local\Google\Chrome\User Data\Default\Extensions\amdeidgbmcliegnpcbbkhlflkbdpomhk [2015-10-11]
CHR Extension: (Google Drive) - C:\Users\Hichem\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-10-27]
CHR Extension: (YouTube) - C:\Users\Hichem\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-10-11]
CHR Extension: (Adblock Plus) - C:\Users\Hichem\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2016-03-10]
CHR Extension: (IDM Integration Module Extension) - C:\Users\Hichem\AppData\Local\Google\Chrome\User Data\Default\Extensions\cnlojoclkbpmfhakhaagjpjfifbaoadf [2015-10-31]
CHR Extension: (Recherche Google) - C:\Users\Hichem\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-10-27]
CHR Extension: (Facebook Customizer (by Adblock Plus)) - C:\Users\Hichem\AppData\Local\Google\Chrome\User Data\Default\Extensions\deoeenbkoccjaefmmhpmlegngdjohdcm [2015-10-11]
CHR Extension: (Maze de lumière) - C:\Users\Hichem\AppData\Local\Google\Chrome\User Data\Default\Extensions\fcdbolegdomdkabhnmgapboiaophhiec [2016-01-03]
CHR Extension: (Google Sheets) - C:\Users\Hichem\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-10-11]
CHR Extension: (Google Docs hors connexion) - C:\Users\Hichem\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2015-11-18]
CHR Extension: (AdBlock) - C:\Users\Hichem\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2016-03-10]
CHR Extension: (Instant Translate: Translator and Dictionary) - C:\Users\Hichem\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihmgiclibbndffejedjimfjmfoabpcke [2016-03-08]
CHR Extension: (Emoji Input by EmojiStuff.com) - C:\Users\Hichem\AppData\Local\Google\Chrome\User Data\Default\Extensions\immhpnclomdloikkpcefncmfgjbkojmh [2015-11-28]
CHR Extension: (AdRemover for Google Chrome™) - C:\Users\Hichem\AppData\Local\Google\Chrome\User Data\Default\Extensions\mcefmojpghnaceadnghednjhbmphipkb [2016-03-08]
CHR Extension: (MailTrack for Gmail) - C:\Users\Hichem\AppData\Local\Google\Chrome\User Data\Default\Extensions\ndnaehgpjlnokgebbaldlmgkapkpjkkb [2016-03-10]
CHR Extension: (IDM Integration Module) - C:\Users\Hichem\AppData\Local\Google\Chrome\User Data\Default\Extensions\ngpampappnmepgilojfohadhhmbhlaek [2016-03-12]
CHR Extension: (Paiements via le Chrome Web Store) - C:\Users\Hichem\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-10-11]
CHR Extension: (Gmail) - C:\Users\Hichem\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-10-11]
CHR Profile: C:\Users\Hichem\AppData\Local\Google\Chrome\User Data\Profile 1
CHR Extension: (Google Slides) - C:\Users\Hichem\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2016-03-11]
CHR Extension: (h264ify) - C:\Users\Hichem\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aleakchihdccplidncghkekgioiakgal [2016-03-11]
CHR Extension: (Traducteur pour toutes les langues) - C:\Users\Hichem\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\amdeidgbmcliegnpcbbkhlflkbdpomhk [2016-03-11]
CHR Extension: (Google Docs) - C:\Users\Hichem\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aohghmighlieiainnegkcijnfilokake [2016-03-11]
CHR Extension: (Google Drive) - C:\Users\Hichem\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-03-11]
CHR Extension: (YouTube) - C:\Users\Hichem\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-03-11]
CHR Extension: (Adblock Plus) - C:\Users\Hichem\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2016-03-11]
CHR Extension: (Recherche Google) - C:\Users\Hichem\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2016-03-11]
CHR Extension: (Facebook Customizer (by Adblock Plus)) - C:\Users\Hichem\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\deoeenbkoccjaefmmhpmlegngdjohdcm [2016-03-11]
CHR Extension: (Talk and Comment - Notes vocales) - C:\Users\Hichem\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\djnhkfljnimcpelfndpcjcgngmefaobl [2016-03-30]
CHR Extension: (Maze de lumière) - C:\Users\Hichem\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\fcdbolegdomdkabhnmgapboiaophhiec [2016-03-14]
CHR Extension: (Google Sheets) - C:\Users\Hichem\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2016-03-11]
CHR Extension: (AdBlock) - C:\Users\Hichem\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2016-03-20]
CHR Extension: (Instant Translate: Translator and Dictionary) - C:\Users\Hichem\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ihmgiclibbndffejedjimfjmfoabpcke [2016-03-31]
CHR Extension: (Emoji Input by EmojiStuff.com) - C:\Users\Hichem\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\immhpnclomdloikkpcefncmfgjbkojmh [2016-03-22]
CHR Extension: (goMovix) - C:\Users\Hichem\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\jiogeidobnphbnjmnlcjpopgfghcnebf [2016-03-11]
CHR Extension: (AdRemover for Google Chrome™) - C:\Users\Hichem\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\mcefmojpghnaceadnghednjhbmphipkb [2016-03-24]
CHR Extension: (IDM Integration Module) - C:\Users\Hichem\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ngpampappnmepgilojfohadhhmbhlaek [2016-03-11]
CHR Extension: (Paiements via le Chrome Web Store) - C:\Users\Hichem\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-03-11]
CHR Extension: (Subtitles For YouTube) - C:\Users\Hichem\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\oanhbddbfkjaphdibnebkklpplclomal [2016-03-24]
CHR Extension: (Gmail) - C:\Users\Hichem\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-03-11]
CHR HKLM\...\Chrome\Extension: [fcgnigmofekcllgbiejhmigggmgehkip] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM\...\Chrome\Extension: [ngpampappnmepgilojfohadhhmbhlaek] - C:\Program Files (x86)\Internet Download Manager\IDMGCExt.crx [2016-02-11]
CHR HKLM-x32\...\Chrome\Extension: [ngpampappnmepgilojfohadhhmbhlaek] - C:\Program Files (x86)\Internet Download Manager\IDMGCExt.crx [2016-02-11]
==================== Services (Avec liste blanche) ========================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
R2 AIPS; C:\Program Files (x86)\netcut\services\AIPS.exe [262144 2011-07-28] (Arcai.com) [Fichier non signé]
R2 Airtostrong; C:\ProgramData\\Airtostrong\\Airtostrong.exe [529408 2016-03-16] () [Fichier non signé]
R2 ArcGIS License Manager; C:\Program Files (x86)\ArcGIS\License10.2\bin\lmgrd.exe [1452408 2013-11-13] (Flexera Software LLC)
R2 AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [323200 2015-01-04] (Windows (R) Win 7 DDK provider) [Fichier non signé]
R2 BstHdAndroidSvc; C:\Program Files (x86)\BlueStacks\HD-Service.exe [414720 2015-03-14] (BlueStack Systems, Inc.) [Fichier non signé]
R2 BstHdLogRotatorSvc; C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe [388824 2015-03-10] (BlueStack Systems, Inc.)
R2 BstHdUpdaterSvc; C:\Program Files (x86)\BlueStacks\HD-UpdaterService.exe [794328 2015-03-10] (BlueStack Systems, Inc.)
R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [18856 2015-06-23] (Intel Corporation)
R2 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe [344168 2015-10-08] (Intel Corporation)
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [747520 2013-08-27] (Intel(R) Corporation) [Fichier non signé]
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [828376 2013-08-27] (Intel(R) Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-12-10] (Intel Corporation)
R2 prmauct; C:\Users\Hichem\AppData\Local\Scotcane.exe [28160 2016-03-11] () [Fichier non signé]
S3 rpcapd; C:\Program Files (x86)\WinPcap\rpcapd.exe [117264 2010-06-25] (CACE Technologies, Inc.)
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [6889232 2015-12-14] (TeamViewer GmbH)
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2009-07-14] (Microsoft Corporation)
===================== Pilotes (Avec liste blanche) ==========================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
R2 BstHdDrv; C:\Program Files (x86)\BlueStacks\HD-Hypervisor-amd64.sys [145624 2015-03-10] (BlueStack Systems)
R3 BTATH_LWFLT; C:\Windows\System32\DRIVERS\btath_lwflt.sys [77464 2015-01-04] (Qualcomm Atheros)
S3 ebdrv; C:\Windows\system32\drivers\evbda.sys [3286016 2009-06-10] (Broadcom Corporation)
R0 iaStorF; C:\Windows\System32\DRIVERS\iaStorF.sys [31144 2015-06-23] (Intel Corporation)
R1 ISODrive; C:\Program Files (x86)\UltraISO\drivers\ISODrv64.sys [115448 2013-11-21] (EZB Systems, Inc.)
R3 MEIx64; C:\Windows\System32\DRIVERS\TeeDriverx64.sys [100312 2013-12-10] (Intel Corporation)
R2 NPF; C:\Windows\System32\drivers\npf.sys [35344 2010-06-25] (CACE Technologies, Inc.)
R3 RTSPER; C:\Windows\System32\DRIVERS\RtsPer.sys [752856 2015-05-29] (Realsil Semiconductor Corporation)
U5 RTSUER; C:\Windows\System32\Drivers\RTSUER.sys [402136 2015-05-27] (Realsil Semiconductor Corporation)
S3 VGPU; System32\drivers\rdvgkmd.sys [X]
==================== NetSvcs (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
==================== Un mois - Créés - fichiers et dossiers ========
(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)
2016-03-31 19:39 - 2016-03-31 19:40 - 00000000 ____D C:\FRST
2016-03-31 18:55 - 2016-03-31 19:25 - 19781274 _____ C:\Users\Hichem\Downloads\BeautifulQueenslandTracieLouise.themepack
2016-03-31 18:55 - 2016-03-31 19:15 - 07884764 _____ C:\Users\Hichem\Downloads\AuroraBorealis.themepack
2016-03-31 18:53 - 2016-03-31 19:13 - 10652531 _____ C:\Users\Hichem\Downloads\MomentsCaptured_RishAgarwal.themepack
2016-03-31 18:52 - 2016-03-31 19:11 - 06342103 _____ C:\Users\Hichem\Downloads\FireMarcSchroeder.themepack
2016-03-31 18:35 - 2016-03-31 18:51 - 09287153 _____ C:\Users\Hichem\Downloads\Roses.themepack
2016-03-31 18:35 - 2016-03-31 18:50 - 14505226 _____ C:\Users\Hichem\Downloads\RelicsOfTheSea.themepack
2016-03-31 18:34 - 2016-03-31 19:03 - 08050514 _____ C:\Users\Hichem\Downloads\TheMilkyWay.themepack
2016-03-31 18:30 - 2016-03-31 19:18 - 25780408 _____ C:\Users\Hichem\Downloads\CommunityShowcaseAqua3.themepack
2016-03-31 13:13 - 2016-03-31 13:13 - 00000000 ___RD C:\Users\Hichem\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BT Devices
2016-03-30 21:07 - 2016-03-30 21:09 - 00000000 ____D C:\Users\Hichem\Downloads\Terminator.Genisys.2015.BRRip.XViD-ETRG
2016-03-30 21:03 - 2016-03-30 21:03 - 00057595 _____ C:\Users\Hichem\Downloads\11582_Terminator.Genisys.2015.BRRip.XViDETRG.torrent
2016-03-30 21:03 - 2016-03-30 21:03 - 00057595 _____ C:\Users\Hichem\Downloads\11582_Terminator.Genisys.2015.BRRip.XViDETRG (1).torrent
2016-03-30 19:24 - 2016-03-30 19:26 - 03532922 _____ C:\Users\Hichem\Downloads\jetpack.3.9.4.zip
2016-03-30 19:22 - 2016-03-30 19:22 - 00053014 _____ C:\Users\Hichem\Downloads\theme-check.20151211.1.zip
2016-03-30 18:25 - 2016-03-30 18:25 - 00012876 _____ C:\Users\Hichem\Downloads\Liste infos WordPress.xlsx
2016-03-29 14:41 - 2016-03-29 14:42 - 00987728 _____ (Google Inc.) C:\Users\Hichem\Downloads\ChromeSetup.exe
2016-03-29 02:39 - 2016-03-29 02:40 - 01005568 _____ (Microsoft Corporation) C:\Users\Hichem\Downloads\dotNetFx45_Full_setup.exe
2016-03-29 02:37 - 2016-03-29 02:37 - 00728455 _____ C:\Users\Hichem\Downloads\kmdf-1.11-Win-6.1-x86.msu
2016-03-29 00:29 - 2016-03-29 00:29 - 00003276 _____ C:\Windows\System32\Tasks\psv_Lamhome
2016-03-28 16:53 - 2016-03-28 16:53 - 00003286 _____ C:\Windows\System32\Tasks\psv_Opeaptough
2016-03-28 16:53 - 2016-03-28 16:53 - 00003278 _____ C:\Windows\System32\Tasks\psv_Freshtip
2016-03-28 16:52 - 2016-03-28 16:52 - 00003280 _____ C:\Windows\System32\Tasks\psv_Voltjob
2016-03-27 19:04 - 2016-03-27 19:20 - 00000000 ____D C:\Users\Hichem\Downloads\La Formation - Concevez votre site web avec PHP et MySQL
2016-03-27 19:03 - 2016-03-27 19:03 - 00028174 _____ C:\Users\Hichem\Downloads\La Formation - Concevez votre site web avec PHP et MySQL.torrent
2016-03-26 23:08 - 2013-12-10 00:27 - 00016344 _____ (Intel Corporation) C:\Windows\system32\Drivers\IntelMEFWVer.dll
2016-03-26 23:07 - 2016-03-26 23:07 - 00000000 ____H C:\Windows\system32\Drivers\Msft_Kernel_TeeDriverx64_01011.Wdf
2016-03-26 23:06 - 2013-12-10 00:27 - 01795952 _____ (Microsoft Corporation) C:\Windows\system32\WdfCoInstaller01011.dll
2016-03-26 23:06 - 2013-12-10 00:27 - 00100312 _____ (Intel Corporation) C:\Windows\system32\Drivers\TeeDriverx64.sys
2016-03-26 21:45 - 2016-03-26 23:05 - 58728303 _____ C:\Users\Hichem\Downloads\MEI_Win7_8_8.1_9.5.24.1790_1.5M.zip
2016-03-26 18:01 - 2016-03-26 18:01 - 00003272 _____ C:\Windows\System32\Tasks\psv_Black-Lax
2016-03-26 12:29 - 2016-03-26 12:29 - 00003282 _____ C:\Windows\System32\Tasks\psv_Donity
2016-03-25 21:34 - 2016-03-25 21:34 - 00003284 _____ C:\Windows\System32\Tasks\psv_U-cof
2016-03-25 18:23 - 2016-03-25 18:23 - 00038680 _____ C:\Users\Hichem\Downloads\تسيير الموارد البشرية.rar
2016-03-25 17:15 - 2016-03-31 18:20 - 01212416 _____ C:\Users\Hichem\Desktop\تسيير الموارد البشرية.accdb
2016-03-25 02:16 - 2016-03-25 02:19 - 1051688960 _____ C:\Users\Hichem\Documents\UBUNTO 14.0.iso
2016-03-25 00:00 - 2016-03-25 01:38 - 00000000 ____D C:\Users\Hichem\VirtualBox VMs
2016-03-24 23:47 - 2016-03-26 00:55 - 00000000 ____D C:\Users\Hichem\.VirtualBox
2016-03-24 23:46 - 2016-03-24 23:46 - 00001076 _____ C:\Users\Public\Desktop\Oracle VM VirtualBox.lnk
2016-03-24 23:46 - 2016-03-24 23:46 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Oracle VM VirtualBox
2016-03-24 23:46 - 2016-03-24 23:46 - 00000000 ____D C:\Program Files\Oracle
2016-03-24 23:46 - 2012-12-19 14:48 - 00237992 _____ (Oracle Corporation) C:\Windows\system32\Drivers\VBoxDrv.sys
2016-03-24 23:46 - 2012-12-19 14:47 - 00120232 _____ (Oracle Corporation) C:\Windows\system32\Drivers\VBoxUSBMon.sys
2016-03-24 23:10 - 2016-03-24 23:11 - 00601940 _____ C:\Users\Hichem\Downloads\ns-3-tutorial.pdf
2016-03-24 22:21 - 2016-03-24 22:21 - 00003244 _____ C:\Windows\System32\Tasks\yeedownlxa
2016-03-24 18:41 - 2016-03-24 18:41 - 00098142 _____ C:\Users\Hichem\Downloads\M+22+Administration+de+reseau+sous+windows+server+2008.htm
2016-03-23 21:50 - 2016-03-23 21:58 - 13882908 _____ C:\Users\Hichem\Downloads\2016-03-23 data export.zip
2016-03-23 21:49 - 2016-03-23 21:49 - 00110788 _____ C:\Users\Hichem\Downloads\course_files_export.zip
2016-03-23 21:49 - 2016-03-23 21:49 - 00007522 _____ C:\Users\Hichem\Downloads\sso.htm
2016-03-23 21:35 - 2016-03-23 21:35 - 00104452 _____ C:\Users\Hichem\Downloads\webinar CyberSecurity.pdf
2016-03-23 16:15 - 2016-03-23 16:15 - 00003270 _____ C:\Windows\System32\Tasks\psv_S-trax
2016-03-20 00:03 - 2016-03-20 00:03 - 00003280 _____ C:\Windows\System32\Tasks\psv_PlusAir
2016-03-19 16:51 - 2016-03-19 16:51 - 00003290 _____ C:\Windows\System32\Tasks\psv_Zercom
2016-03-19 16:51 - 2016-03-19 16:51 - 00003286 _____ C:\Windows\System32\Tasks\psv_AnQuozap
2016-03-19 16:50 - 2016-03-19 16:50 - 00003286 _____ C:\Windows\System32\Tasks\psv_San-In
2016-03-16 16:50 - 2016-03-31 17:04 - 00002393 _____ C:\Windows\SysWOW64\findit.xml
2016-03-16 16:50 - 2016-03-31 17:04 - 00000000 ____D C:\ProgramData\Airtostrong
2016-03-16 16:50 - 2016-03-16 16:50 - 00000000 ____D C:\ProgramData\Airtostrongs
2016-03-16 16:46 - 2016-03-16 16:46 - 02794722 _____ () C:\Program Files\Common Files\esksy3vi.exe
2016-03-15 19:31 - 2016-03-15 19:31 - 00003282 _____ C:\Windows\System32\Tasks\psv_TranCore
2016-03-15 19:31 - 2016-03-15 19:31 - 00003278 _____ C:\Windows\System32\Tasks\psv_Tech-Touch
2016-03-15 19:30 - 2016-03-15 19:30 - 00003286 _____ C:\Windows\System32\Tasks\psv_Freshdom
2016-03-14 18:53 - 2016-03-14 18:53 - 00003296 _____ C:\Windows\System32\Tasks\psv_BamDonjob
2016-03-12 17:30 - 2016-03-31 13:14 - 00003490 _____ C:\Windows\System32\Tasks\AutoKMS
2016-03-12 15:50 - 2016-03-12 15:50 - 03170418 _____ () C:\Program Files\Common Files\0cden5fh.exe
2016-03-12 15:46 - 2016-03-12 15:46 - 00003388 _____ C:\Windows\System32\Tasks\1dpkq5r4
2016-03-12 15:46 - 2016-03-12 15:46 - 00000000 ____D C:\Program Files\Common Files\reegu3ih
2016-03-12 14:35 - 2016-03-12 17:26 - 00000000 ____D C:\Program Files (x86)\AdwCleaner
2016-03-12 14:26 - 2016-03-12 14:26 - 00000000 ____D C:\Program Files\Enigma Software Group
2016-03-12 14:22 - 2016-03-12 14:25 - 03237248 _____ (Enigma Software Group USA, LLC.) C:\Users\Hichem\Downloads\sh-remover.exe
2016-03-12 14:07 - 2016-03-12 14:08 - 00001798 _____ C:\Users\Hichem\Desktop\chrome - Raccourci.lnk
2016-03-12 13:59 - 2016-03-12 14:00 - 00000000 ____D C:\Users\Hichem\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108
2016-03-12 13:12 - 2016-03-12 13:49 - 00000000 ____D C:\ProgramData\serfe
2016-03-11 18:34 - 2016-03-11 18:34 - 00023064 _____ C:\Users\Hichem\Downloads\config.bin
2016-03-11 18:31 - 2016-03-11 18:31 - 00000000 ____D C:\Users\Public\Thunder Network
2016-03-11 18:31 - 2016-03-11 18:31 - 00000000 ____D C:\ProgramData\Thunder Network
2016-03-11 18:21 - 2016-03-12 13:49 - 00000000 ____D C:\Users\Hichem\AppData\Roaming\UPUpdata
2016-03-11 17:48 - 2016-03-11 17:49 - 00000000 ____D C:\Windows\pss
2016-03-11 17:28 - 2016-03-11 17:28 - 01132300 _____ C:\Users\Hichem\AppData\Roaming\Tempsunflex.tst
2016-03-11 17:28 - 2016-03-11 17:28 - 00000000 _____ C:\Users\Hichem\AppData\Roaming\agent.dat
2016-03-11 17:25 - 2016-03-11 18:03 - 00000000 ____D C:\Program Files\pclient
2016-03-11 17:22 - 2016-03-11 17:22 - 00126464 _____ C:\Users\Hichem\AppData\Roaming\lobby.dat
2016-03-11 17:22 - 2016-03-11 17:22 - 00072704 _____ C:\Users\Hichem\AppData\Roaming\Sunzap.tst
2016-03-11 17:22 - 2016-03-11 17:22 - 00054272 _____ C:\Users\Hichem\AppData\Roaming\ApplicationHosting.dat
2016-03-11 17:22 - 2016-03-11 17:22 - 00002880 _____ C:\Users\Hichem\AppData\Roaming\md.xml
2016-03-11 17:19 - 2016-03-11 17:19 - 00188573 _____ () C:\Users\Hichem\AppData\Roaming\Doneco.bin
2016-03-11 17:14 - 2016-03-11 17:14 - 00848437 _____ C:\Users\Hichem\AppData\Roaming\RonCof.bin
2016-03-11 17:03 - 2016-03-11 17:04 - 00017472 _____ C:\Users\Hichem\AppData\Roaming\InstallationConfiguration.xml
2016-03-11 17:03 - 2016-03-11 17:03 - 00127488 _____ C:\Users\Hichem\AppData\Roaming\Installer.dat
2016-03-11 17:02 - 2016-03-12 13:49 - 00000000 ____D C:\Program Files\Common Files\zwfvoivl
2016-03-11 16:45 - 2016-03-11 21:41 - 00000000 ____D C:\Users\Hichem\AppData\Local\app
2016-03-11 16:17 - 2016-03-11 16:17 - 00000000 ____D C:\Users\Hichem\AppData\Roaming\gplyra
2016-03-11 16:01 - 2016-03-11 16:04 - 00000000 ____D C:\Users\Public\Documents\dmp
2016-03-11 16:01 - 2016-03-11 15:54 - 00524849 _____ C:\Windows\system32\Drivers\etc\hp.bak
2016-03-11 16:00 - 2016-03-11 16:00 - 00041472 _____ C:\Users\Hichem\AppData\Local\Scotcane.dat
2016-03-11 16:00 - 2016-03-11 16:00 - 00028160 _____ C:\Users\Hichem\AppData\Local\Scotcane.exe
2016-03-11 16:00 - 2016-03-11 16:00 - 00000187 _____ C:\Users\Hichem\AppData\Local\Scotcane.exe.config
2016-03-10 16:53 - 2016-03-10 16:53 - 00007105 _____ C:\Users\Hichem\Downloads\craag.wordpress.2016-03-10.xml
2016-03-10 16:10 - 2016-03-10 16:10 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\XAMPP
2016-03-10 16:06 - 2016-03-12 13:50 - 00000000 ____D C:\xampp
2016-03-10 14:09 - 2016-03-10 14:14 - 10110021 _____ C:\Users\Hichem\Downloads\Station régionale d'Oran.zip
2016-03-10 13:54 - 2016-03-10 13:54 - 00000318 _____ C:\Users\Hichem\Downloads\facture.xls
2016-03-07 21:03 - 2016-03-07 21:03 - 00000000 ____D C:\Users\Hichem\AppData\Local\Paint.NET
2016-03-04 14:44 - 2016-03-04 14:44 - 00001509 _____ C:\Users\Hichem\Downloads\PT-Assessment-Client-3860894.jnlp
2016-03-04 14:43 - 2016-03-04 14:43 - 00000000 ____D C:\Users\Hichem\AppData\Roaming\IsolatedStorage
2016-03-04 14:43 - 2016-03-04 14:43 - 00000000 ____D C:\ProgramData\IsolatedStorage
2016-03-04 14:29 - 2016-03-04 14:29 - 00000000 ____D C:\Spacekace
2016-03-03 20:59 - 2016-03-03 21:01 - 00000000 ____D C:\Users\Hichem\Cisco Packet Tracer 6.3
2016-03-03 20:58 - 2016-03-03 20:58 - 00001233 _____ C:\Users\Hichem\Desktop\Cisco Packet Tracer.lnk
2016-03-03 20:58 - 2016-03-03 20:58 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Cisco Packet Tracer
2016-03-03 20:58 - 2016-03-03 20:58 - 00000000 ____D C:\Program Files (x86)\Cisco Packet Tracer 6.3
2016-03-03 19:11 - 2016-03-03 19:11 - 00001507 _____ C:\Users\Hichem\Downloads\PT-Assessment-Client-3835338.jnlp
2016-03-03 19:01 - 2016-03-03 19:01 - 00001507 _____ C:\Users\Hichem\Downloads\PT-Assessment-Client-3835032.jnlp
2016-03-01 18:13 - 2016-02-29 22:22 - 00043772 _____ C:\Users\Hichem\Documents\Configuration.mc
==================== Un mois - Modifiés - fichiers et dossiers ========
(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)
2016-03-31 18:55 - 2015-10-11 20:09 - 00001070 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2016-03-31 17:55 - 2015-10-11 20:09 - 00001066 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2016-03-31 17:09 - 2015-10-12 19:35 - 00000000 ____D C:\Users\Hichem\Downloads\Compressed
2016-03-31 17:05 - 2015-10-28 15:55 - 00000987 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk
2016-03-31 17:05 - 2015-10-11 20:44 - 00002275 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-03-31 17:05 - 2015-10-10 21:00 - 00000993 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2016-03-31 17:05 - 2015-10-10 17:28 - 00001204 _____ C:\Users\Hichem\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2016-03-31 13:19 - 2009-07-14 05:45 - 00021280 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2016-03-31 13:19 - 2009-07-14 05:45 - 00021280 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2016-03-31 13:16 - 2015-11-07 18:22 - 00000000 ____D C:\Program Files (x86)\Opera
2016-03-31 13:14 - 2015-11-01 18:43 - 00005064 _____ C:\Windows\System32\Tasks\Microsoft Office 15 Sync Maintenance for Hichem-PC-Hichem Hichem-PC
2016-03-31 13:13 - 2015-10-27 21:33 - 00000000 __SHD C:\Users\Hichem\IntelGraphicsProfiles
2016-03-31 13:11 - 2009-07-14 06:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2016-03-31 02:28 - 2015-10-12 19:35 - 00000000 ____D C:\Users\Hichem\AppData\Roaming\DMCache
2016-03-30 21:15 - 2015-10-10 21:08 - 00000000 ____D C:\Users\Hichem\AppData\Roaming\uTorrent
2016-03-30 19:00 - 2015-10-10 21:08 - 00000000 ____D C:\Users\Hichem\AppData\Roaming\Notepad++
2016-03-30 18:37 - 2015-10-12 19:40 - 00000000 ____D C:\Users\Hichem\AppData\Roaming\vlc
2016-03-30 18:02 - 2010-11-21 07:19 - 00738536 _____ C:\Windows\system32\perfh00C.dat
2016-03-30 18:02 - 2010-11-21 07:19 - 00149962 _____ C:\Windows\system32\perfc00C.dat
2016-03-30 18:02 - 2009-07-14 06:13 - 01671578 _____ C:\Windows\system32\PerfStringBackup.INI
2016-03-30 18:02 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\inf
2016-03-30 17:55 - 2009-07-14 06:08 - 00032482 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2016-03-29 13:30 - 2016-02-16 21:11 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2016-03-29 12:51 - 2015-10-11 19:26 - 00000000 ____D C:\Users\Hichem\Documents\Bluetooth Folder
2016-03-28 18:18 - 2015-10-12 19:15 - 00000000 ____D C:\Users\Hichem\AppData\Local\Adobe
2016-03-27 23:38 - 2015-10-25 20:00 - 00000233 _____ C:\Users\Hichem\Documents\site.txt
2016-03-26 23:08 - 2015-10-12 18:43 - 00000000 ____D C:\ProgramData\Intel
2016-03-26 23:08 - 2015-10-11 19:28 - 00000000 ____D C:\Program Files\Intel
2016-03-26 23:08 - 2015-10-11 19:18 - 00000000 ____D C:\Program Files (x86)\Intel
2016-03-25 19:59 - 2015-10-11 20:31 - 00000000 ____D C:\Users\Hichem\AppData\Local\CrashDumps
2016-03-25 00:00 - 2015-10-10 17:27 - 00000000 ____D C:\Users\Hichem
2016-03-23 22:29 - 2015-10-12 19:35 - 00000000 ____D C:\Users\Hichem\AppData\Roaming\IDM
2016-03-14 19:20 - 2015-11-08 17:50 - 00000000 ____D C:\Users\Hichem\Documents\Logiciels
2016-03-12 14:41 - 2016-01-13 01:29 - 00000438 __RSH C:\ProgramData\ntuser.pol
2016-03-12 14:38 - 2016-01-01 14:45 - 00000000 ____D C:\Users\Hichem\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome
2016-03-12 14:38 - 2015-11-07 18:22 - 00000998 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Opera.lnk
2016-03-12 14:38 - 2015-11-07 18:22 - 00000986 _____ C:\Users\Public\Desktop\Opera.lnk
2016-03-12 14:38 - 2015-10-30 01:52 - 00000000 ____D C:\Users\Hichem\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Applications Chrome
2016-03-12 13:50 - 2016-02-22 15:20 - 00000000 ____D C:\Users\Hichem\AppData\Roaming\TeamViewer
2016-03-12 13:50 - 2016-02-16 20:15 - 00000000 ____D C:\ProgramData\FLEXnet
2016-03-12 13:50 - 2016-01-18 09:31 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVCutty 3
2016-03-12 13:50 - 2016-01-12 18:34 - 00000000 ____D C:\Users\Invité
2016-03-12 13:50 - 2015-12-13 17:47 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinPcap
2016-03-12 13:50 - 2015-11-24 18:03 - 00000000 ____D C:\Program Files (x86)\WinPcap
2016-03-12 13:50 - 2015-10-12 19:20 - 00000000 ____D C:\Windows\AutoKMS
2016-03-12 13:50 - 2015-10-12 19:14 - 00000000 ____D C:\Windows\System32\Tasks\OfficeSoftwareProtectionPlatform
2016-03-12 13:49 - 2016-01-18 09:31 - 00000000 ____D C:\Program Files (x86)\AVCutty 3
2016-03-12 13:49 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\registration
2016-03-12 13:48 - 2015-12-24 00:36 - 00000000 ____D C:\Users\Hichem\AppData\LocalLow\Google
2016-03-12 13:48 - 2015-10-25 20:09 - 00000000 ____D C:\Users\Hichem\AppData\Local\Mozilla
2016-03-12 13:16 - 2015-12-27 19:31 - 00000124 _____ C:\Users\Hichem\Documents\E-Mail.txt
2016-03-11 17:15 - 2016-02-10 16:56 - 00000000 ____D C:\ProgramData\BlueStacksSetup
2016-03-10 12:42 - 2015-10-12 19:35 - 00000000 ____D C:\Users\Hichem\Downloads\Video
2016-03-10 12:35 - 2015-10-28 17:29 - 00000376 _____ C:\Users\Hichem\.packettracer
2016-03-03 18:33 - 2015-10-28 16:37 - 00000000 ____D C:\Users\Hichem\.oracle_jre_usage
==================== Fichiers à la racine de certains dossiers =======
2016-03-12 15:50 - 2016-03-12 15:50 - 3170418 _____ () C:\Program Files\Common Files\0cden5fh.exe
2016-03-16 16:46 - 2016-03-16 16:46 - 2794722 _____ () C:\Program Files\Common Files\esksy3vi.exe
2016-03-11 17:28 - 2016-03-11 17:28 - 0000000 _____ () C:\Users\Hichem\AppData\Roaming\agent.dat
2016-03-11 17:22 - 2016-03-11 17:22 - 0054272 _____ () C:\Users\Hichem\AppData\Roaming\ApplicationHosting.dat
2016-03-11 17:19 - 2016-03-11 17:19 - 0188573 _____ () C:\Users\Hichem\AppData\Roaming\Doneco.bin
2016-03-11 17:03 - 2016-03-11 17:04 - 0017472 _____ () C:\Users\Hichem\AppData\Roaming\InstallationConfiguration.xml
2016-03-11 17:03 - 2016-03-11 17:03 - 0127488 _____ () C:\Users\Hichem\AppData\Roaming\Installer.dat
2016-03-11 17:22 - 2016-03-11 17:22 - 0126464 _____ () C:\Users\Hichem\AppData\Roaming\lobby.dat
2016-03-11 17:22 - 2016-03-11 17:22 - 0002880 _____ () C:\Users\Hichem\AppData\Roaming\md.xml
2016-03-11 17:14 - 2016-03-11 17:14 - 0848437 _____ () C:\Users\Hichem\AppData\Roaming\RonCof.bin
2016-03-11 17:22 - 2016-03-11 17:22 - 0072704 _____ () C:\Users\Hichem\AppData\Roaming\Sunzap.tst
2016-03-11 17:28 - 2016-03-11 17:28 - 1132300 _____ () C:\Users\Hichem\AppData\Roaming\Tempsunflex.tst
2015-11-08 17:26 - 2015-11-08 17:26 - 225111747 _____ () C:\Users\Hichem\AppData\Local\ACCCx3_3_0_151.zip.aamdownload
2015-11-08 17:26 - 2015-11-08 17:26 - 0002615 _____ () C:\Users\Hichem\AppData\Local\ACCCx3_3_0_151.zip.aamdownload.aamd
2016-01-18 09:34 - 2016-02-13 18:36 - 0004608 _____ () C:\Users\Hichem\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2016-03-11 16:00 - 2016-03-11 16:00 - 0041472 _____ () C:\Users\Hichem\AppData\Local\Scotcane.dat
2016-03-11 16:00 - 2016-03-11 16:00 - 0028160 _____ () C:\Users\Hichem\AppData\Local\Scotcane.exe
2016-03-11 16:00 - 2016-03-11 16:00 - 0000187 _____ () C:\Users\Hichem\AppData\Local\Scotcane.exe.config
2015-10-11 19:24 - 2015-10-11 19:24 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
Certains fichiers dans TEMP:
====================
C:\Users\Hichem\AppData\Local\Temp\uttFFC7.tmp.exe
==================== Bamital & volsnap =================
(Il n'y a pas de correction automatique pour les fichiers qui ne satisfont pas à la vérification.)
C:\Windows\system32\winlogon.exe => Le fichier est signé numériquement
C:\Windows\system32\wininit.exe => Le fichier est signé numériquement
C:\Windows\SysWOW64\wininit.exe => Le fichier est signé numériquement
C:\Windows\explorer.exe => Le fichier est signé numériquement
C:\Windows\SysWOW64\explorer.exe => Le fichier est signé numériquement
C:\Windows\system32\svchost.exe => Le fichier est signé numériquement
C:\Windows\SysWOW64\svchost.exe => Le fichier est signé numériquement
C:\Windows\system32\services.exe => Le fichier est signé numériquement
C:\Windows\system32\User32.dll => Le fichier est signé numériquement
C:\Windows\SysWOW64\User32.dll => Le fichier est signé numériquement
C:\Windows\system32\userinit.exe => Le fichier est signé numériquement
C:\Windows\SysWOW64\userinit.exe => Le fichier est signé numériquement
C:\Windows\system32\rpcss.dll => Le fichier est signé numériquement
C:\Windows\system32\dnsapi.dll => Le fichier est signé numériquement
C:\Windows\SysWOW64\dnsapi.dll => Le fichier est signé numériquement
C:\Windows\system32\Drivers\volsnap.sys => Le fichier est signé numériquement
LastRegBack: 2016-03-29 17:35
==================== Fin de FRST.txt ============================