cjoint

Publicité


Publicité

Format du document : text/plain

Prévisualisation

Résultats d'analyse de Farbar Recovery Scan Tool (FRST) (x86) Version: 22-01-2017
Exécuté par H!ch@m (administrateur) sur HICHAM (22-01-2017 22:36:16)
Exécuté depuis C:\Users\H!ch@m\Desktop
Profils chargés: H!ch@m (Profils disponibles: H!ch@m)
Platform: Microsoft Windows 7 Édition Intégrale Service Pack 1 (X86) Langue: Français (France)
Internet Explorer Version 11 (Navigateur par défaut: Chrome)
Mode d'amorçage: Normal
Tutoriel pour Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processus (Avec liste blanche) =================

(Si un élément est inclus dans le fichier fixlist.txt, le processus sera arrêté. Le fichier ne sera pas déplacé.)

(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
() C:\Program Files\EagleGet\EGMonitor.exe
(Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe
(Zbshareware Lab) C:\Program Files\USB Disk Security\USBGuard.exe
(SeriousBit) C:\Program Files\NetBalancer\SeriousBit.NetBalancer.Service.exe
(Tonec Inc.) C:\Program Files\Internet Download Manager\IDMan.exe
(SeriousBit) C:\Program Files\NetBalancer\SeriousBit.NetBalancer.Tray.exe
(Google Inc.) C:\Program Files\Google\Update\1.3.32.7\GoogleCrashHandler.exe
(DEVGURU Co., LTD.) C:\Program Files\SAMSUNG\USB Drivers\25_escape\conn\ss_conn_service.exe
(TeamViewer GmbH) C:\Program Files\TeamViewer\TeamViewer_Service.exe
(VMware, Inc.) C:\Windows\System32\vmnat.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Smart Network\VSNService.exe
() C:\Program Files\Windscribe\WindscribeService.exe
(VMware, Inc.) C:\Windows\System32\vmnetdhcp.exe
(VMware, Inc.) C:\Program Files\Common Files\VMware\USB\vmware-usbarbitrator.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe

==================== Registre (Avec liste blanche) ====================

(Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé. Le fichier ne sera pas déplacé.)

HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe [8546848 2010-08-16] (Realtek Semiconductor)
HKLM\...\Run: [USB Security] => C:\Program Files\USB Disk Security\USBGuard.exe [623520 2011-01-29] (Zbshareware Lab)
HKU\S-1-5-21-2460075080-491719790-2508453021-1000\...\Run: [EagleGet] => C:\Program Files\EagleGet\Eagleget.exe [1891328 2015-08-19] (EagleGet.com)
HKU\S-1-5-21-2460075080-491719790-2508453021-1000\...\Run: [IDMan] => C:\Program Files\Internet Download Manager\IDMan.exe [3903056 2015-05-20] (Tonec Inc.)
HKU\S-1-5-21-2460075080-491719790-2508453021-1000\...\Run: [NetBalancer] => C:\Program Files\NetBalancer\SeriousBit.NetBalancer.Tray.exe [1915256 2016-06-23] (SeriousBit)
HKU\S-1-5-18\...\RunOnce: [SPReview] => C:\Windows\System32\SPReview\SPReview.exe [280576 2015-06-11] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [ AccExtIco1] -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x86.dll [2015-04-16] ()
ShellIconOverlayIdentifiers: [ AccExtIco2] -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x86.dll [2015-04-16] ()
ShellIconOverlayIdentifiers: [ AccExtIco3] -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x86.dll [2015-04-16] ()
ShellIconOverlayIdentifiers: [IDM Shell Extension] -> {CDC95B92-E27C-4745-A8C5-64A52A78855D} => C:\Program Files\Internet Download Manager\IDMShellExt.dll [2014-04-21] (Tonec Inc.)
GroupPolicy: Restriction - Chrome <======= ATTENTION
GroupPolicyScripts: Restriction <======= ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Restriction <======= ATTENTION

==================== Internet (Avec liste blanche) ====================

(Si un élément est inclus dans le fichier fixlist.txt, s'il s'agit d'un élément du Registre, il sera supprimé ou restauré à la valeur par défaut.)

Winsock: Catalog5 08 C:\Program Files\Bonjour\mdnsNSP.dll [122128 2015-08-12] (Apple Inc.)
Tcpip\..\Interfaces\{AF3EF1E3-B271-494C-823B-E86A88E1238B}: [NameServer] 8.8.8.8,8.8.4.4

Internet Explorer:
==================
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
HKU\S-1-5-21-2460075080-491719790-2508453021-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
HKU\S-1-5-21-2460075080-491719790-2508453021-1000\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\S-1-5-21-2460075080-491719790-2508453021-1000\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\S-1-5-21-2460075080-491719790-2508453021-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/?LinkID=617910&ResetID=130945455584426952&GUID=00000000-0000-0000-0000-000000000000
SearchScopes: HKLM -> DefaultScope {BB82DE59-BC4C-4172-9AC4-73315F71CFFE} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1
SearchScopes: HKLM -> {BB82DE59-BC4C-4172-9AC4-73315F71CFFE} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1
SearchScopes: HKU\S-1-5-21-2460075080-491719790-2508453021-1000 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-2460075080-491719790-2508453021-1000 -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1
SearchScopes: HKU\S-1-5-21-2460075080-491719790-2508453021-1000 -> {C0C3A6C6-03BC-4195-8FCB-AEA091301353} URL = hxxps://search.yahoo.com/search?fr=vmn&type=vmn__webcompa__1_0__ya__ch_WCYID10099_swoc_campaign_150702__yaie&p={searchTerms}
BHO: IDM integration (IDMIEHlprObj Class) -> {0055C089-8582-441B-A0BF-17B458C2A3A8} -> C:\Program Files\Internet Download Manager\IDMIECC.dll [2015-05-20] (Internet Download Manager, Tonec Inc.)
BHO: EGet Class -> {1E871FF8-029C-4732-8AA7-39E3D3872057} -> C:\Program Files\EagleGet\eagleSniffer.dll [2015-08-19] (EagleGet.com)
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-18] (Microsoft Corporation)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)

FireFox:
========
FF ProfilePath: C:\Users\H!ch@m\AppData\Roaming\Mozilla\Firefox\Profiles\5xthzhe0.default-1479913138085 [2017-01-22]
FF Homepage: Mozilla\Firefox\Profiles\5xthzhe0.default-1479913138085 -> google.com/
FF NetworkProxy: Mozilla\Firefox\Profiles\5xthzhe0.default-1479913138085 -> type",
FF Extension: (IDM CC) - C:\Users\H!ch@m\AppData\Roaming\IDM\idmmzcc5 [2017-01-22] [non signé]
FF HKU\S-1-5-21-2460075080-491719790-2508453021-1000\...\Firefox\Extensions: [mozilla_cc@internetdownloadmanager.com] - C:\Users\H!ch@m\AppData\Roaming\IDM\idmmzcc5
FF HKU\S-1-5-21-2460075080-491719790-2508453021-1000\...\SeaMonkey\Extensions: [mozilla_cc@internetdownloadmanager.com] - C:\Users\H!ch@m\AppData\Roaming\IDM\idmmzcc5
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32_18_0_0_209.dll [2015-07-31] ()
FF Plugin: @Google.com/GoogleEarthPlugin -> C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll [2016-10-06] (Google)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.50901.0\npctrl.dll [2016-08-31] ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2016-12-17] (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2016-12-17] (Google Inc.)
FF Plugin: @videolan.org/vlc,version=2.2.0 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.2.1 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2016-12-17] (Adobe Systems Inc.)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll [2015-05-08] (Adobe Systems)
FF Plugin HKU\S-1-5-21-2460075080-491719790-2508453021-1000: eagleget.com/EagleGet32 -> C:\Program Files\EagleGet\npEagleget.dll [2015-08-19] (EagleGet)

Chrome:
=======
CHR dev: Chrome dev build détecté(e)! <======= ATTENTION
CHR Profile: C:\Users\H!ch@m\AppData\Local\Google\Chrome\User Data\Default [2017-01-22]
CHR Extension: (EagleGet Free Downloader) - C:\Users\H!ch@m\AppData\Local\Google\Chrome\User Data\Default\Extensions\kaebhgioafceeldhgjmendlfhbfjefmo [2017-01-22]
CHR Extension: (IDM Integration Module) - C:\Users\H!ch@m\AppData\Local\Google\Chrome\User Data\Default\Extensions\ngpampappnmepgilojfohadhhmbhlaek [2017-01-22]
CHR Profile: C:\Users\H!ch@m\AppData\Local\Google\Chrome\User Data\System Profile [2017-01-22]
CHR HKLM\...\Chrome\Extension: [fpmeembnagmagppkgghhfjfdfajdfcah] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM\...\Chrome\Extension: [kaebhgioafceeldhgjmendlfhbfjefmo] - C:\Program Files\EagleGet\addon\eagleget_cext@eagleget.com.crx [2015-10-03]
CHR HKLM\...\Chrome\Extension: [ngpampappnmepgilojfohadhhmbhlaek] - C:\Program Files\Internet Download Manager\IDMGCExt.crx [2015-05-20]
CHR HKU\S-1-5-21-2460075080-491719790-2508453021-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [kaebhgioafceeldhgjmendlfhbfjefmo] - C:\Program Files\EagleGet\addon\eagleget_cext@eagleget.com.crx [2015-10-03]

==================== Services (Avec liste blanche) ====================

(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)

R2 egGetSvc; C:\Program Files\EagleGet\EGMonitor.exe [235520 2015-08-19] () [Fichier non signé]
S3 Lenovo EasyPlus Hotspot; C:\Program Files\Common Files\LENOVO\easyplussdk\bin\EPHotspot.exe [509408 2015-07-22] (Lenovo)
R2 NetBalancerService; C:\Program Files\NetBalancer\SeriousBit.NetBalancer.Service.exe [179064 2016-06-23] (SeriousBit)
S3 OpenVPNService; C:\Program Files\PureVPN\bin\openvpnserv.exe [31872 2016-05-19] (The OpenVPN Project)
S3 ShareItSvc; C:\Program Files\SHAREit\SHAREit\Shareit.Service.exe [33224 2016-04-15] (SHAREit Technologies Co.Ltd)
R2 ss_conn_service; C:\Program Files\Samsung\USB Drivers\25_escape\conn\ss_conn_service.exe [743688 2014-10-13] (DEVGURU Co., LTD.)
R2 TeamViewer; C:\Program Files\TeamViewer\TeamViewer_Service.exe [10351856 2016-12-15] (TeamViewer GmbH) [Fichier non signé]
R2 Themes; C:\Windows\system32\themeservice.dll [37376 2009-08-03] (Microsoft Corporation) [Fichier non signé]
R2 VMAuthdService; C:\Program Files\VMware\VMware Workstation\vmware-authd.exe [86096 2013-08-27] (VMware, Inc.)
R2 VMnetDHCP; C:\Windows\system32\vmnetdhcp.exe [358480 2013-08-27] (VMware, Inc.)
R2 VMUSBArbService; C:\Program Files\Common Files\VMware\USB\vmware-usbarbitrator.exe [719416 2013-08-26] (VMware, Inc.)
R2 VMware NAT Service; C:\Windows\system32\vmnat.exe [437328 2013-08-27] (VMware, Inc.)
S2 VMwareHostd; C:\Program Files\VMware\VMware Workstation\vmware-hostd.exe [14401104 2013-08-27] ()
R2 VSNService; C:\Program Files\Sony\VAIO Smart Network\VSNService.exe [704512 2010-06-08] (Sony Corporation) [Fichier non signé]
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [680960 2013-05-27] (Microsoft Corporation)
R2 WindscribeService; C:\Program Files\Windscribe\WindscribeService.exe [53352 2016-12-08] ()
S3 rpcapd; "%ProgramFiles%\WinPcap\rpcapd.exe" -d -f "%ProgramFiles%\WinPcap\rpcapd.ini" [X]

===================== Pilotes (Avec liste blanche) ======================

(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)

R3 btwampfl; C:\Windows\System32\drivers\btwampfl.sys [294952 2010-09-23] (Broadcom Corporation.)
S3 dtlitescsibus; C:\Windows\System32\DRIVERS\dtlitescsibus.sys [25104 2015-04-02] (Disc Soft Ltd)
S3 eagleGet; C:\Windows\System32\Drivers\eagleGet.sys [94720 2015-07-29] (eagleGet) [Fichier non signé]
R2 hcmon; C:\Windows\system32\drivers\hcmon.sys [43192 2013-08-26] (VMware, Inc.)
R3 igfx; C:\Windows\System32\DRIVERS\igdkmd32.sys [8726528 2011-01-06] (Intel Corporation) [Fichier non signé]
R3 Impcd; C:\Windows\System32\DRIVERS\Impcd.sys [132352 2011-01-06] (Intel Corporation) [Fichier non signé]
R3 IntcDAud; C:\Windows\System32\DRIVERS\IntcDAud.sys [232960 2011-01-06] (Intel(R) Corporation) [Fichier non signé]
R3 L1C; C:\Windows\System32\DRIVERS\L1C62x86.sys [110280 2015-04-01] (Qualcomm Atheros Co., Ltd.)
R1 nbdrv; C:\Windows\System32\DRIVERS\nbdrv.sys [35344 2016-01-15] (SeriousBit)
R3 Neo_VPN; C:\Windows\System32\DRIVERS\neo_vpn.sys [25648 2016-07-26] (PureVPN)
R3 NETwNs32; C:\Windows\System32\DRIVERS\NETwsn00.sys [10381008 2014-05-09] (Intel Corporation)
R2 NPF; C:\Windows\System32\drivers\npf.sys [35088 2010-06-25] (CACE Technologies, Inc.)
R1 SCDEmu; C:\Windows\system32\Drivers\SCDEmu.sys [113984 2015-02-28] (Power Software Ltd)
R0 sptd; C:\Windows\System32\Drivers\sptd.sys [329384 2015-04-02] (Duplex Secure Ltd.)
R3 tap0901; C:\Windows\System32\DRIVERS\tap0901.sys [23040 2016-04-21] (The OpenVPN Project)
S3 usbrndis6; C:\Windows\system32\drivers\usb80236.sys [15872 2013-02-12] (Microsoft Corporation)
S3 VMnetAdapter; C:\Windows\System32\DRIVERS\vmnetadapter.sys [17104 2013-08-27] (VMware, Inc.)
R2 VMnetBridge; C:\Windows\System32\DRIVERS\vmnetbridge.sys [37456 2013-08-27] (VMware, Inc.)
R2 VMnetuserif; C:\Windows\system32\drivers\vmnetuserif.sys [26192 2013-08-27] (VMware, Inc.)
S3 vmusb; C:\Windows\System32\DRIVERS\vmusb.sys [31928 2013-08-26] (VMware, Inc.)
R2 vmx86; C:\Windows\system32\Drivers\vmx86.sys [65488 2013-08-27] (VMware, Inc.)
R0 vsock; C:\Windows\System32\drivers\vsock.sys [63824 2013-08-15] (VMware, Inc.)
R2 vstor2-mntapi20-shared; C:\Windows\System32\drivers\vstor2-mntapi20-shared.sys [23632 2013-02-22] (VMware, Inc.)
S3 catchme; \??\C:\Users\H!ch@m\AppData\Local\Temp\catchme.sys [X]
S3 dgderdrv; System32\drivers\dgderdrv.sys [X]
S1 qrnfd_1_10_0_12; system32\drivers\qrnfd_1_10_0_12.sys [X]
S3 Synth3dVsc; System32\drivers\synth3dvsc.sys [X]
S3 taphss; system32\DRIVERS\taphss.sys [X]
S3 taphss6; system32\DRIVERS\taphss6.sys [X]
S3 tsusbhub; system32\drivers\tsusbhub.sys [X]
S2 VBoxAswDrv; \??\C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxAswDrv.sys [X]
S3 VGPU; System32\drivers\rdvgkmd.sys [X]
S2 WCMVCAM; system32\DRIVERS\wcmvcam.sys [X]

==================== NetSvcs (Avec liste blanche) ===================

(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)


==================== Un mois - Créés - fichiers et dossiers ========

(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)

2017-01-22 22:36 - 2017-01-22 22:37 - 00015977 _____ C:\Users\H!ch@m\Desktop\FRST.txt
2017-01-22 22:36 - 2017-01-22 22:36 - 00000000 ____D C:\FRST
2017-01-22 22:35 - 2017-01-22 22:35 - 00000000 ____D C:\ProgramData\hsswpr
2017-01-22 22:35 - 2017-01-22 22:35 - 00000000 ____D C:\ProgramData\Hotspot Shield
2017-01-22 22:35 - 2017-01-22 22:33 - 01762816 ____N (Farbar) C:\Users\H!ch@m\Desktop\FRST.exe
2017-01-22 21:09 - 2017-01-22 21:09 - 00025447 _____ C:\ComboFix.txt
2017-01-22 20:18 - 2017-01-22 21:09 - 00000000 ____D C:\Qoobox
2017-01-22 20:18 - 2017-01-22 21:06 - 00000000 ____D C:\Windows\erdnt
2017-01-22 20:18 - 2011-06-26 07:45 - 00256000 _____ C:\Windows\PEV.exe
2017-01-22 20:18 - 2010-11-07 18:20 - 00208896 _____ C:\Windows\MBR.exe
2017-01-22 20:18 - 2009-04-20 05:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
2017-01-22 20:18 - 2000-08-31 01:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
2017-01-22 20:18 - 2000-08-31 01:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe
2017-01-22 20:18 - 2000-08-31 01:00 - 00098816 _____ C:\Windows\sed.exe
2017-01-22 20:18 - 2000-08-31 01:00 - 00080412 _____ C:\Windows\grep.exe
2017-01-22 20:18 - 2000-08-31 01:00 - 00068096 _____ C:\Windows\zip.exe
2017-01-22 19:34 - 2017-01-22 19:34 - 00024688 _____ C:\Windows\system32\Drivers\TrueSight.sys
2017-01-22 19:33 - 2017-01-22 19:33 - 00001035 _____ C:\Users\Public\Desktop\RogueKiller.lnk
2017-01-22 19:33 - 2017-01-22 19:33 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RogueKiller
2017-01-22 19:28 - 2017-01-22 19:28 - 02513920 ____N C:\Users\H!ch@m\Desktop\ZHPCleaner-2017.exe
2017-01-22 19:28 - 2017-01-22 19:27 - 34741672 ____N (Adlice Software ) C:\Users\H!ch@m\Desktop\setup.exe
2017-01-22 19:28 - 2017-01-22 19:27 - 05659349 ____R (Swearware) C:\Users\H!ch@m\Desktop\ComboFix.exe
2017-01-22 19:28 - 2017-01-22 19:27 - 02030536 ____N (Bleeping Computer, LLC) C:\Users\H!ch@m\Desktop\rkill.exe
2017-01-22 18:45 - 2017-01-22 18:45 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2017-01-22 03:06 - 2017-01-22 03:06 - 00000000 ____D C:\Program Files\Enigma Software Group
2017-01-22 02:24 - 2017-01-22 18:34 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Your Uninstaller! 7
2017-01-22 02:24 - 2017-01-22 18:34 - 00000000 ____D C:\Program Files\Your Uninstaller! 7
2017-01-22 02:24 - 2017-01-22 17:51 - 00000000 ____D C:\ProgramData\TEMP
2017-01-22 02:24 - 2017-01-22 02:24 - 00000000 ____D C:\Users\H!ch@m\AppData\Roaming\URSoft
2017-01-22 02:22 - 2017-01-22 18:34 - 00000000 ____D C:\Users\H!ch@m\Desktop\UNI
2017-01-22 01:28 - 2017-01-22 01:28 - 00000140 _____ C:\Users\H!ch@m\Desktop\STARTIMES.txt
2017-01-22 00:17 - 2017-01-22 19:33 - 00000000 ____D C:\ProgramData\RogueKiller
2017-01-22 00:17 - 2017-01-22 19:33 - 00000000 ____D C:\Program Files\RogueKiller
2017-01-21 15:20 - 2017-01-22 18:34 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVAST Software
2017-01-21 13:44 - 2017-01-21 13:45 - 00048783 _____ C:\Users\H!ch@m\Downloads\NetBalancerSetup.exe
2017-01-21 07:47 - 2017-01-21 08:12 - 01639896 _____ (Intel Corporation) C:\Users\H!ch@m\Downloads\Non confirmé 466338.crdownload
2017-01-21 07:35 - 2017-01-21 07:35 - 00000000 ____D C:\Program Files\CPUID
2017-01-21 07:17 - 2017-01-21 07:17 - 00000000 ____D C:\avast! sandbox
2017-01-21 06:40 - 2017-01-21 07:01 - 00000000 ____D C:\Users\H!ch@m\AppData\Roaming\WiperSoft
2017-01-21 06:39 - 2017-01-21 15:07 - 00000000 ____D C:\Program Files\WiperSoft
2017-01-21 04:11 - 2017-01-21 04:11 - 00000000 ____D C:\Users\H!ch@m\AppData\Roaming\AVAST Software
2017-01-21 04:07 - 2017-01-21 04:06 - 00106912 _____ (Avast Software s.r.o.) C:\Windows\system32\Drivers\aswStm.sys
2017-01-21 04:04 - 2017-01-21 04:04 - 00000000 ____D C:\Program Files\AVAST Software
2017-01-21 03:36 - 2017-01-22 18:34 - 00000000 ____D C:\Program Files\RegSeeker
2017-01-21 03:36 - 2017-01-21 03:36 - 00000000 ____D C:\Users\H!ch@m\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\RegSeeker
2017-01-21 02:56 - 2017-01-22 18:34 - 00000000 ____D C:\Program Files\Common Files\Saoit
2017-01-21 02:56 - 2017-01-21 02:56 - 01906972 _____ C:\Users\H!ch@m\AppData\Roaming\Lablex.tst
2017-01-21 02:56 - 2017-01-21 02:56 - 00072787 _____ C:\Users\H!ch@m\AppData\Roaming\Nimtop.tst
2017-01-21 01:47 - 2017-01-21 02:56 - 00126464 _____ C:\Users\H!ch@m\AppData\Roaming\lobby.dat
2017-01-21 01:47 - 2017-01-21 01:47 - 01908240 _____ C:\Users\H!ch@m\AppData\Roaming\Lexi-Tex.tst
2017-01-21 01:47 - 2017-01-21 01:47 - 00072787 _____ C:\Users\H!ch@m\AppData\Roaming\Dom-Hold.tst
2017-01-21 00:10 - 2017-01-22 18:34 - 00000000 ____D C:\Users\H!ch@m\AppData\Local\ZenMate
2017-01-20 23:47 - 2017-01-21 15:11 - 00000000 ____D C:\Users\H!ch@m\AppData\Local\Innovative Solutions
2017-01-20 23:47 - 2017-01-21 15:07 - 00000000 ____D C:\Program Files\Innovative Solutions
2017-01-20 23:47 - 2017-01-20 23:47 - 00000000 ____D C:\Users\H!ch@m\AppData\Roaming\Innovative Solutions
2017-01-20 23:46 - 2017-01-20 23:48 - 00000000 ____D C:\ProgramData\McAfee
2017-01-20 23:43 - 2017-01-20 23:44 - 00016103 _____ C:\Users\H!ch@m\Downloads\Non confirmé 806683.crdownload
2017-01-18 13:40 - 2017-01-18 13:40 - 00000000 ____D C:\Users\H!ch@m\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Android
2017-01-18 13:40 - 2017-01-18 13:40 - 00000000 ____D C:\Program Files\Android
2017-01-18 13:13 - 2017-01-18 13:13 - 00616498 _____ C:\Users\H!ch@m\Downloads\Hein Resources.rar
2017-01-17 19:16 - 2017-01-17 19:16 - 00000065 _____ C:\Users\H!ch@m\Downloads\code (1).txt
2017-01-17 19:08 - 2017-01-17 19:08 - 00000043 _____ C:\Users\H!ch@m\Downloads\code.txt
2017-01-17 16:45 - 2017-01-22 18:35 - 00000000 ____D C:\Users\H!ch@m\Desktop\Embratoria G6.4
2017-01-17 03:23 - 2017-01-17 17:01 - 00000000 ____D C:\Users\H!ch@m\Desktop\Windows 7
2017-01-16 18:22 - 2017-01-16 18:22 - 00001063 _____ C:\Users\Public\Desktop\Windscribe.lnk
2017-01-16 18:22 - 2017-01-16 18:22 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windscribe
2017-01-16 18:18 - 2017-01-16 18:18 - 00000000 ____D C:\Users\H!ch@m\AppData\Local\Windscribe
2017-01-16 18:08 - 2017-01-16 18:22 - 00000000 ____D C:\Program Files\Windscribe
2017-01-16 18:08 - 2017-01-16 18:22 - 00000000 ____D C:\Program Files\TAP-Windows
2017-01-16 18:03 - 2017-01-16 18:06 - 13430840 _____ (Windscribe ) C:\Users\H!ch@m\Downloads\Windscribe.exe
2017-01-16 01:22 - 2017-01-16 01:22 - 00011070 _____ C:\Users\H!ch@m\Downloads\Microsoft Internet Explorer 11.zip
2017-01-15 20:51 - 2017-01-15 21:16 - 00097970 _____ C:\Users\H!ch@m\Downloads\Non confirmé 575136.crdownload
2017-01-14 21:23 - 2017-01-14 21:23 - 00000026 _____ C:\Users\H!ch@m\Desktop\PVPN.txt
2017-01-14 21:20 - 2017-01-21 14:58 - 00000000 ____D C:\ProgramData\purevpn
2017-01-14 21:20 - 2017-01-14 21:21 - 00000000 ____D C:\Program Files\PureVPN
2017-01-14 21:20 - 2017-01-14 21:20 - 00001845 _____ C:\Users\Public\Desktop\PureVPN.lnk
2017-01-14 21:20 - 2017-01-14 21:20 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PureVPN
2017-01-14 21:12 - 2017-01-22 17:10 - 00000000 ____D C:\Users\H!ch@m\AppData\LocalLow\uTorrent
2017-01-14 21:00 - 2016-07-26 18:56 - 00025648 _____ (PureVPN) C:\Windows\system32\Drivers\neo_vpn.sys
2017-01-14 17:51 - 2017-01-17 02:31 - 00000000 ____D C:\Users\H!ch@m\Desktop\bien sports
2017-01-14 12:20 - 2017-01-14 12:20 - 00001647 _____ C:\Users\H!ch@m\Desktop\vmplayer.exe - Raccourci.lnk
2017-01-14 00:11 - 2013-08-15 18:25 - 00063824 _____ (VMware, Inc.) C:\Windows\system32\Drivers\vsock.sys
2017-01-14 00:11 - 2013-08-15 18:24 - 00063568 _____ (VMware, Inc.) C:\Windows\system32\vsocklib.dll
2017-01-14 00:10 - 2013-08-27 12:43 - 00776272 _____ (VMware, Inc.) C:\Windows\system32\vnetlib.dll
2017-01-14 00:10 - 2013-08-27 12:42 - 00437328 _____ (VMware, Inc.) C:\Windows\system32\vmnat.exe
2017-01-14 00:10 - 2013-08-27 12:42 - 00358480 _____ (VMware, Inc.) C:\Windows\system32\vmnetdhcp.exe
2017-01-14 00:10 - 2013-08-27 12:42 - 00026192 _____ (VMware, Inc.) C:\Windows\system32\Drivers\vmnetuserif.sys
2017-01-14 00:10 - 2013-08-26 23:33 - 00043192 _____ (VMware, Inc.) C:\Windows\system32\Drivers\hcmon.sys
2017-01-14 00:10 - 2013-08-26 23:33 - 00031928 _____ (VMware, Inc.) C:\Windows\system32\Drivers\vmusb.sys
2017-01-14 00:07 - 2017-01-14 00:07 - 00002119 _____ C:\Users\Public\Desktop\VMware Workstation.lnk
2017-01-14 00:07 - 2017-01-14 00:07 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VMware
2017-01-14 00:05 - 2017-01-14 00:05 - 00000000 ____D C:\Users\Public\Documents\Shared Virtual Machines
2017-01-14 00:05 - 2017-01-14 00:05 - 00000000 ____D C:\Program Files\VMware
2017-01-14 00:00 - 2017-01-14 00:01 - 487401522 _____ C:\Users\H!ch@m\Downloads\VMWare Workstation 10.rar
2017-01-13 23:50 - 2016-09-27 16:14 - 17687096 _____ (Hein) C:\Users\H!ch@m\Desktop\Hhelper.exe
2017-01-13 22:20 - 2017-01-14 00:07 - 00000000 ____D C:\Program Files\Common Files\VMware
2017-01-13 21:17 - 2017-01-13 21:17 - 00162240 _____ C:\Users\H!ch@m\Downloads\Keygen VMware Workstation 10 by mhtutorialespc.rar
2017-01-12 22:46 - 2016-10-24 17:50 - 00000000 ____D C:\Users\H!ch@m\Desktop\AD Sports
2017-01-08 23:28 - 2017-01-17 08:08 - 00000000 ____D C:\Program Files\TeamViewer
2017-01-08 23:28 - 2017-01-08 23:29 - 00000000 ____D C:\Users\H!ch@m\Desktop\TeamViewerCorporate.12.0.72365
2017-01-08 23:28 - 2017-01-08 23:28 - 00001035 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 12.lnk
2017-01-08 23:28 - 2017-01-08 23:28 - 00001023 _____ C:\Users\Public\Desktop\TeamViewer 12.lnk
2017-01-08 20:36 - 2017-01-08 20:36 - 00000000 ____D C:\Users\H!ch@m\AppData\Local\GWX
2017-01-08 20:30 - 2017-01-08 20:30 - 00057654 _____ C:\Windows\OEMLogo.bmp
2017-01-08 20:26 - 2017-01-08 20:26 - 01536897 _____ C:\Users\H!ch@m\Downloads\Windows_Loader_v2.2.2_By_AsaadSoft.rar
2017-01-08 20:26 - 2014-04-06 19:46 - 00000000 ____D C:\Users\H!ch@m\Desktop\Windows Loader v2.2.2
2017-01-06 22:02 - 2017-01-14 21:38 - 00005075 _____ C:\Users\H!ch@m\AppData\Local\Cracklock.settings
2017-01-06 22:02 - 2017-01-14 21:36 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Cracklock
2017-01-06 22:02 - 2017-01-14 21:36 - 00000000 ____D C:\Program Files\Cracklock
2017-01-06 21:54 - 2017-01-06 21:54 - 00000000 ____D C:\Users\H!ch@m\AppData\Local\IsolatedStorage
2017-01-06 21:50 - 2017-01-06 21:50 - 01338019 _____ (William Blum ) C:\Users\H!ch@m\Downloads\PureVPNTutosFaro.exe
2017-01-06 20:29 - 2017-01-06 20:29 - 00000000 ____D C:\Users\H!ch@m\AppData\Roaming\Hotspot Shield
2017-01-06 20:23 - 2015-09-25 19:03 - 01711616 _____ C:\Users\H!ch@m\Desktop\Hotspot Shield 5.X.X Patcher By PirateCity.NET.exe
2017-01-06 20:22 - 2015-09-25 19:08 - 00000000 ____D C:\Users\H!ch@m\Desktop\Setup
2017-01-06 19:59 - 2017-01-22 18:35 - 00000000 ____D C:\Users\H!ch@m\Desktop\TeamViewer v10
2017-01-06 19:53 - 2017-01-06 19:53 - 00000043 _____ C:\Users\H!ch@m\Downloads\free atlas iptv.txt
2017-01-06 19:28 - 2017-01-06 20:18 - 139521806 _____ (VMware, Inc.) C:\Users\H!ch@m\Downloads\VMware-workstation-full-12.5.2-4638234.exe
2017-01-06 18:26 - 2017-01-22 18:35 - 00000000 ____D C:\Users\H!ch@m\Desktop\Hein Resources
2017-01-02 14:54 - 2017-01-22 18:34 - 00000000 ____D C:\Program Files\Mouse Server
2017-01-02 14:54 - 2017-01-02 14:54 - 00001054 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mouse Server.lnk
2017-01-02 14:54 - 2017-01-02 14:54 - 00000055 _____ C:\Users\H!ch@m\AppData\Roaming\MouseServer.ini
2016-12-26 00:13 - 2016-12-26 00:13 - 00000000 ____D C:\Users\H!ch@m\Desktop\ECC 5.2
2016-12-25 16:06 - 2016-12-25 16:06 - 00000000 ____D C:\ProgramData\SeriousBit
2016-12-25 16:03 - 2017-01-22 18:35 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NetBalancer
2016-12-25 16:03 - 2017-01-22 18:34 - 00000000 ____D C:\Program Files\NetBalancer
2016-12-25 16:03 - 2016-12-25 16:03 - 00001105 _____ C:\Users\Public\Desktop\NetBalancer.lnk
2016-12-25 16:03 - 2016-11-13 13:45 - 06534328 _____ (SeriousBit ) C:\Users\H!ch@m\Desktop\NetBalancerSetup 9.4.exe
2016-12-25 16:03 - 2016-01-15 09:41 - 00035344 _____ (SeriousBit) C:\Windows\system32\Drivers\nbdrv.sys
2016-12-25 15:50 - 2016-12-25 15:50 - 00001165 _____ C:\Users\H!ch@m\Desktop\EmbratoriaG6 - Raccourci.lnk
2016-12-24 13:56 - 2017-01-22 18:35 - 00000000 __SHD C:\Users\H!ch@m\AppData\Roaming\Latas
2016-12-24 13:56 - 2017-01-17 07:55 - 00000000 __SHD C:\Users\H!ch@m\AppData\Roaming\Pr
2016-12-24 13:55 - 2016-09-10 02:42 - 04976359 _____ (Hero Hero) C:\Users\H!ch@m\Desktop\Hein Recovery.exe
2016-12-24 13:55 - 2016-09-10 02:41 - 00000000 ____D C:\Users\H!ch@m\Desktop\Hein Recovery Libs
2016-12-24 13:35 - 2017-01-17 07:26 - 00001313 _____ C:\Users\H!ch@m\Desktop\Hein 4.3.1.lnk
2016-12-24 13:34 - 2017-01-22 18:35 - 00000000 ____D C:\Users\H!ch@m\Desktop\HEIN
2016-12-24 13:07 - 2017-01-06 20:00 - 00000000 ____D C:\Users\H!ch@m\AppData\Roaming\TeamViewer
2016-12-24 13:00 - 2016-12-24 13:06 - 12972920 _____ (TeamViewer GmbH) C:\Users\H!ch@m\Downloads\TeamViewer_Setup_fr-ahnf.exe
2016-12-23 18:13 - 2017-01-22 18:45 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2016-12-23 06:52 - 2017-01-22 18:35 - 00000000 ____D C:\TempFldr
2016-12-23 06:52 - 2016-12-23 06:52 - 00001485 _____ C:\Users\H!ch@m\Desktop\Activator.lnk
2016-12-23 06:52 - 2016-12-23 06:52 - 00000000 ____D C:\Users\H!ch@m\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\beIN Activator
2016-12-23 06:46 - 2016-12-23 06:46 - 00172544 _____ (Samad.Dz) C:\Users\H!ch@m\Downloads\Secure-DATA.exe
2016-12-23 05:47 - 2017-01-17 07:55 - 14288957 _____ C:\Users\H!ch@m\Desktop\HeinBackup+max.zip
2016-12-23 05:12 - 2017-01-22 18:35 - 00000000 __SHD C:\Users\H!ch@m\AppData\Roaming\alFSVWJB
2016-12-23 05:11 - 2016-12-23 05:12 - 01350186 _____ C:\Users\H!ch@m\Desktop\IMG_331184.jpg
2016-12-23 05:10 - 2016-12-23 05:10 - 01487713 _____ C:\Users\H!ch@m\Downloads\manchester_united_stadium-wallpaper-2560x1600.jpg
2016-12-23 04:55 - 2016-12-16 17:59 - 00000000 ____D C:\Users\H!ch@m\Desktop\gold theme by mohamed baia
2016-12-23 01:18 - 2016-12-23 01:18 - 00000000 __RSH C:\MSDOS.SYS
2016-12-23 01:18 - 2016-12-23 01:18 - 00000000 __RSH C:\IO.SYS

==================== Un mois - Modifiés - fichiers et dossiers ========

(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)

2017-01-22 22:33 - 2015-07-30 14:47 - 00000000 ____D C:\ProgramData\VMware
2017-01-22 22:33 - 2015-07-17 20:23 - 00000496 __RSH C:\ProgramData\ntuser.pol
2017-01-22 22:31 - 2009-07-14 05:53 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2017-01-22 22:27 - 2015-04-01 14:31 - 00000000 ____D C:\Users\H!ch@m\AppData\Roaming\DMCache
2017-01-22 22:27 - 2009-07-14 05:34 - 00029632 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2017-01-22 22:27 - 2009-07-14 05:34 - 00029632 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2017-01-22 22:03 - 2009-07-14 03:37 - 00000000 ___HD C:\Windows\system32\GroupPolicy
2017-01-22 21:52 - 2009-07-14 03:37 - 00000000 ____D C:\Windows\system32\NDF
2017-01-22 21:46 - 2015-04-01 15:13 - 01676522 _____ C:\Windows\system32\PerfStringBackup.INI
2017-01-22 21:46 - 2009-07-14 09:39 - 00740240 _____ C:\Windows\system32\perfh00C.dat
2017-01-22 21:46 - 2009-07-14 09:39 - 00150694 _____ C:\Windows\system32\perfc00C.dat
2017-01-22 21:46 - 2009-07-14 03:37 - 00000000 ____D C:\Windows\inf
2017-01-22 21:22 - 2015-06-02 19:24 - 00000000 ____D C:\Program Files\Common Files\Topaz Labs
2017-01-22 21:17 - 2016-03-08 19:03 - 00000000 ____D C:\Windows\pss
2017-01-22 21:17 - 2015-04-01 23:09 - 00000000 ____D C:\Users\H!ch@m\AppData\Roaming\uTorrent
2017-01-22 21:00 - 2009-07-14 03:04 - 00000215 _____ C:\Windows\system.ini
2017-01-22 20:58 - 2009-07-14 03:03 - 65536000 _____ C:\Windows\system32\config\software.bak
2017-01-22 20:58 - 2009-07-14 03:03 - 23068672 _____ C:\Windows\system32\config\system.bak
2017-01-22 20:58 - 2009-07-14 03:03 - 02097152 _____ C:\Windows\system32\config\default.bak
2017-01-22 20:58 - 2009-07-14 03:03 - 00262144 _____ C:\Windows\system32\config\security.bak
2017-01-22 20:58 - 2009-07-14 03:03 - 00262144 _____ C:\Windows\system32\config\sam.bak
2017-01-22 20:06 - 2015-04-18 14:09 - 00002135 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2017-01-22 19:18 - 2015-04-01 14:31 - 00000000 ____D C:\Users\H!ch@m\Downloads\Compressed
2017-01-22 19:02 - 2016-12-21 17:30 - 00000000 ____D C:\Users\H!ch@m\Desktop\EmbratoriaG6.2
2017-01-22 18:53 - 2015-04-02 19:00 - 00000000 ____D C:\Users\H!ch@m\AppData\Local\Adobe
2017-01-22 18:39 - 2015-04-01 23:10 - 00190568 _____ C:\Users\H!ch@m\AppData\Local\GDIPFONTCACHEV1.DAT
2017-01-22 18:37 - 2015-04-01 13:08 - 00000000 ____D C:\Users\H!ch@m
2017-01-22 18:35 - 2016-12-22 22:51 - 00000000 ____D C:\Users\H!ch@m\Desktop\cs16patch_full_V23
2017-01-22 18:35 - 2015-08-02 23:39 - 00000000 ____D C:\Users\H!ch@m\AppData\Roaming\VMware
2017-01-22 18:35 - 2015-07-17 20:27 - 00000000 ____D C:\Users\H!ch@m\Desktop\plugin xbmc by Res aCker
2017-01-22 18:35 - 2015-06-14 02:19 - 00000000 ___SD C:\Windows\system32\GWX
2017-01-22 18:35 - 2015-04-27 20:27 - 00000000 ____D C:\ProgramData\iimbcommdhhjiaigaeghdijgepmpogmk
2017-01-22 18:35 - 2015-04-20 23:49 - 00000000 ____D C:\Users\H!ch@m\Desktop\hexvpn+
2017-01-22 18:35 - 2015-04-18 12:09 - 00000000 ____D C:\Users\H!ch@m\AppData\Roaming\TeraCopy
2017-01-22 18:35 - 2015-04-02 15:59 - 00000000 ____D C:\Windows\system32\vbox
2017-01-22 18:35 - 2015-04-02 13:23 - 00000000 ____D C:\Users\H!ch@m\AppData\Local\E7739940-1427984595-11DD-84B1-544249884A07
2017-01-22 18:35 - 2015-04-02 13:19 - 00000000 ____D C:\Users\H!ch@m\AppData\Local\E7739940-1427984356-11DD-84B1-544249884A07
2017-01-22 18:34 - 2016-12-20 19:37 - 00000000 ____D C:\Program Files\Mozilla Firefox
2017-01-22 18:34 - 2016-11-24 12:44 - 00000000 ____D C:\Program Files\Bonjour
2017-01-22 18:34 - 2015-04-20 23:35 - 00000000 ____D C:\Program Files\Internet Download Manager
2017-01-22 18:34 - 2015-04-02 19:07 - 00000000 ____D C:\Program Files\Apple Software Update
2017-01-22 18:34 - 2015-04-01 23:07 - 00000000 ____D C:\Program Files\Mozilla Maintenance Service
2017-01-22 18:34 - 2015-04-01 22:52 - 00000000 ____D C:\Program Files\Common Files\Intel
2017-01-22 18:34 - 2015-04-01 19:33 - 00000000 ____D C:\Program Files\Intel
2017-01-22 18:34 - 2015-04-01 19:33 - 00000000 ____D C:\Intel
2017-01-22 18:34 - 2009-07-14 03:37 - 00000000 ____D C:\Windows\registration
2017-01-22 18:32 - 2015-07-07 16:04 - 00000000 ____D C:\Users\H!ch@m\AppData\Roaming\IDM
2017-01-22 18:31 - 2015-04-01 23:45 - 00000000 ____D C:\ProgramData\AVAST Software
2017-01-22 02:22 - 2015-10-03 13:40 - 00000000 ____D C:\Users\H!ch@m\Documents\EGDownloads
2017-01-22 01:25 - 2016-03-24 13:25 - 00000000 ____D C:\ProgramData\Lavasoft
2017-01-21 05:34 - 2015-08-02 23:34 - 00000000 ____D C:\Users\H!ch@m\AppData\Local\CrashDumps
2017-01-21 02:56 - 2016-11-24 13:57 - 07316480 _____ C:\Users\H!ch@m\AppData\Roaming\agent.dat
2017-01-21 02:56 - 2016-11-24 13:57 - 00140288 _____ C:\Users\H!ch@m\AppData\Roaming\Installer.dat
2017-01-21 02:56 - 2016-11-24 13:57 - 00126464 _____ C:\Users\H!ch@m\AppData\Roaming\noah.dat
2017-01-21 02:56 - 2016-11-24 13:57 - 00070752 _____ C:\Users\H!ch@m\AppData\Roaming\Config.xml
2017-01-21 02:56 - 2016-11-24 13:57 - 00018432 _____ C:\Users\H!ch@m\AppData\Roaming\Main.dat
2017-01-21 02:56 - 2016-11-24 13:57 - 00016560 _____ C:\Users\H!ch@m\AppData\Roaming\InstallationConfiguration.xml
2017-01-21 02:56 - 2016-11-24 13:57 - 00005568 _____ C:\Users\H!ch@m\AppData\Roaming\md.xml
2017-01-21 02:28 - 2015-08-02 23:39 - 00000000 ____D C:\Users\H!ch@m\AppData\Local\VMware
2017-01-18 13:30 - 2016-12-22 21:18 - 00000000 ____D C:\Users\H!ch@m\Desktop\ثيم مانشستر يونايتد
2017-01-17 23:39 - 2009-07-14 03:37 - 00000000 ____D C:\Windows\ModemLogs
2017-01-17 17:53 - 2015-04-29 15:34 - 00004094 _____ C:\Users\H!ch@m\Desktop\WNetWatcher.cfg
2017-01-17 16:58 - 2009-07-14 05:52 - 00000000 ____D C:\Windows\system32\FxsTmp
2017-01-17 00:42 - 2009-07-14 05:53 - 00032496 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2017-01-12 22:43 - 2015-04-02 15:06 - 00002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
2017-01-10 20:31 - 2009-07-14 05:33 - 00567016 _____ C:\Windows\system32\FNTCACHE.DAT
2017-01-02 01:58 - 2016-12-22 21:51 - 00000000 ____D C:\Program Files\Counter-Strike 1.6
2016-12-30 22:24 - 2015-04-04 18:34 - 00000000 ____D C:\Users\H!ch@m\AppData\Roaming\vlc
2016-12-25 16:06 - 2009-07-14 03:37 - 00000000 __RSD C:\Windows\assembly
2016-12-23 05:21 - 2015-04-02 15:39 - 00000000 ____D C:\Users\H!ch@m\Desktop\MyPhotos

==================== Fichiers à la racine de certains dossiers =======

2015-08-23 04:42 - 2015-08-23 04:49 - 6420480 _____ () C:\Program Files\GUT3028.tmp
2015-04-19 13:20 - 2015-04-19 13:20 - 0005872 _____ () C:\Users\H!ch@m\AppData\Roaming\5oWz7FJI6xrM3A5qhg50yPfqL
2016-11-24 13:57 - 2017-01-21 02:56 - 7316480 _____ () C:\Users\H!ch@m\AppData\Roaming\agent.dat
2016-11-24 13:57 - 2017-01-21 02:56 - 0070752 _____ () C:\Users\H!ch@m\AppData\Roaming\Config.xml
2017-01-21 01:47 - 2017-01-21 01:47 - 0072787 _____ () C:\Users\H!ch@m\AppData\Roaming\Dom-Hold.tst
2016-11-24 13:58 - 2016-11-24 13:58 - 5826416 _____ (COMODO) C:\Users\H!ch@m\AppData\Roaming\Fax-Stock.bin
2016-11-24 13:57 - 2017-01-21 02:56 - 0016560 _____ () C:\Users\H!ch@m\AppData\Roaming\InstallationConfiguration.xml
2016-11-24 13:57 - 2017-01-21 02:56 - 0140288 _____ () C:\Users\H!ch@m\AppData\Roaming\Installer.dat
2015-04-14 17:28 - 2015-04-14 17:28 - 0004387 _____ () C:\Users\H!ch@m\AppData\Roaming\IyftFGoz
2017-01-21 02:56 - 2017-01-21 02:56 - 1906972 _____ () C:\Users\H!ch@m\AppData\Roaming\Lablex.tst
2017-01-21 01:47 - 2017-01-21 01:47 - 1908240 _____ () C:\Users\H!ch@m\AppData\Roaming\Lexi-Tex.tst
2017-01-21 01:47 - 2017-01-21 02:56 - 0126464 _____ () C:\Users\H!ch@m\AppData\Roaming\lobby.dat
2016-11-24 13:57 - 2017-01-21 02:56 - 0018432 _____ () C:\Users\H!ch@m\AppData\Roaming\Main.dat
2016-11-24 13:57 - 2017-01-21 02:56 - 0005568 _____ () C:\Users\H!ch@m\AppData\Roaming\md.xml
2017-01-02 14:54 - 2017-01-02 14:54 - 0000055 _____ () C:\Users\H!ch@m\AppData\Roaming\MouseServer.ini
2017-01-21 02:56 - 2017-01-21 02:56 - 0072787 _____ () C:\Users\H!ch@m\AppData\Roaming\Nimtop.tst
2016-11-24 13:57 - 2017-01-21 02:56 - 0126464 _____ () C:\Users\H!ch@m\AppData\Roaming\noah.dat
2015-06-01 17:22 - 2015-06-01 19:15 - 0000132 _____ () C:\Users\H!ch@m\AppData\Roaming\Préfs Format PNG Adobe CS6
2016-11-24 13:57 - 2016-11-24 13:57 - 1907297 _____ () C:\Users\H!ch@m\AppData\Roaming\Rancof.tst
2015-04-21 14:22 - 2015-04-21 14:22 - 0033134 _____ () C:\Users\H!ch@m\AppData\Roaming\UserTile.png
2015-06-01 19:15 - 2015-06-01 22:16 - 0001456 _____ () C:\Users\H!ch@m\AppData\Local\Adobe Enregistrer pour le Web 13.0 Prefs
2015-06-18 17:16 - 2015-10-24 21:44 - 0001456 _____ () C:\Users\H!ch@m\AppData\Local\Adobe Save for Web 13.0 Prefs
2017-01-06 22:02 - 2017-01-14 21:38 - 0005075 _____ () C:\Users\H!ch@m\AppData\Local\Cracklock.settings
2015-07-24 01:34 - 2015-07-24 01:34 - 0000156 _____ () C:\ProgramData\patch.dll

Fichiers à déplacer ou supprimer:
====================
C:\ProgramData\patch.dll


Certains fichiers dans TEMP:
====================
2017-01-22 21:16 - 2017-01-22 22:18 - 0003584 _____ () C:\Users\H!ch@m\AppData\Local\temp\dateinj01.dll
2017-01-22 21:32 - 2017-01-22 22:18 - 5908480 _____ (The PHP Group) C:\Users\H!ch@m\AppData\Local\temp\Helper.dll
2017-01-22 21:32 - 2017-01-22 22:18 - 1170432 _____ ( ) C:\Users\H!ch@m\AppData\Local\temp\Msserv32.exe
2017-01-22 21:32 - 2017-01-22 22:18 - 0027232 _____ () C:\Users\H!ch@m\AppData\Local\temp\rad.dll

==================== Bamital & volsnap ======================

(Il n'y a pas de correction automatique pour les fichiers qui ne satisfont pas à la vérification.)

C:\Windows\explorer.exe => Le fichier est signé numériquement
C:\Windows\system32\winlogon.exe => Le fichier est signé numériquement
C:\Windows\system32\wininit.exe => Le fichier est signé numériquement
C:\Windows\system32\svchost.exe => Le fichier est signé numériquement
C:\Windows\system32\services.exe => Le fichier est signé numériquement
C:\Windows\system32\User32.dll => Le fichier est signé numériquement
C:\Windows\system32\userinit.exe => Le fichier est signé numériquement
C:\Windows\system32\rpcss.dll => Le fichier est signé numériquement
C:\Windows\system32\dnsapi.dll => Le fichier est signé numériquement
C:\Windows\system32\Drivers\volsnap.sys => Le fichier est signé numériquement

LastRegBack: 2017-01-13 01:00

==================== Fin de FRST.txt ============================

Publicité


Signaler le contenu de ce document

Publicité