Publicité
Publicité
Format du document : text/plain
Prévisualisation
Résultats d'analyse de Farbar Recovery Scan Tool (FRST) (x86) Version: 14-02-2017
Exécuté par Admin (administrateur) sur ADMIN-PC (14-02-2017 18:12:12)
Exécuté depuis C:\Users\Admin\Desktop
Profils chargés: Admin (Profils disponibles: Admin)
Platform: Microsoft Windows 7 Professionnel Service Pack 1 (X86) Langue: Français (France)
Internet Explorer Version 11 (Navigateur par défaut: Chrome)
Mode d'amorçage: Normal
Tutoriel pour Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processus (Avec liste blanche) =================
(Si un élément est inclus dans le fichier fixlist.txt, le processus sera arrêté. Le fichier ne sera pas déplacé.)
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Andrea Electronics Corporation) C:\Windows\System32\AEADISRV.EXE
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(ESET) C:\Program Files\ESET\ESET Smart Security\ekrn.exe
(Foxit Corporation) C:\Program Files\Foxit Software\Foxit Reader\Foxit Cloud\FCUpdateService.exe
(Analog Devices, Inc.) C:\Program Files\Analog Devices\Core\smax4pnp.exe
() C:\Program Files\Hercules\Audio\DJ Console Series\HerculesDJControlMP3.EXE
(TeVii Technology Ltd.) C:\Windows\TeViiRC.exe
() C:\ProgramData\DatacardService\HWDeviceService.exe
(Cracked By Wh!5t
eR) C:\Program Files\ESET\ESET Smart Security\egui.exe
(Huawei Technologies Co., Ltd.) C:\ProgramData\DatacardService\DCSHelper.exe
() C:\ProgramData\Internet Mobile\OnlineUpdate\ouc.exe
(CybelSoft) C:\Program Files\ma-config.com\MaConfigAgent.exe
(Mediatek Inc.) C:\Program Files\MediatekWiFi\Common\RaRegistry.exe
() C:\Program Files\MeditelInternet\MeditelInternet_Service.exe
() C:\Program Files\DivX\DivX Update\DivXUpdate.exe
() C:\Program Files\Internet Haut Débit Mobile\AutoDect.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Hercules®) C:\Program Files\Hercules\Audio\DJ Console Series\HDJSeriesCPL.exe
(Samsung Electronics Co., Ltd.) C:\Program Files\Samsung\Kies\KiesTrayAgent.exe
(Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
(VMware, Inc.) F:\Program Files\vmware\vmware-tray.exe
(Tonec Inc.) C:\Program Files\Internet Download Manager\IDMan.exe
(Valve Corporation) C:\Program Files\Steam\Steam.exe
(Octoshape ApS) C:\Users\Admin\AppData\Roaming\Octoshape\Octoshape Streaming Services\OctoshapeClient.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner.exe
() C:\ProgramData\Modem HDM EC156\OnlineUpdate\ouc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NetService\NvNetworkService.exe
(Tonec Inc.) C:\Program Files\Internet Download Manager\IEMonitor.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
() C:\ProgDVB Professional\ProgLauncher.exe
() C:\Program Files\MeditelInternet\MeditelInternet_Launcher.exe
(TechSmith Corporation) C:\Program Files\TechSmith\SnagIt 8\TscHelp.exe
(Mega Limited) C:\Users\Admin\AppData\Local\MEGAsync\MEGAsync.exe
(Realtek) C:\Program Files\REALTEK\RTL8187 Wireless LAN Utility\RtlService.exe
(Realtek Semiconductor Corp.) C:\Program Files\REALTEK\RTL8187 Wireless LAN Utility\RtWLan.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
() C:\Program Files\Internet Mobile+\AssistantServices.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(VMware, Inc.) C:\Windows\System32\vmnat.exe
(Microsoft Corp.) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE
(WIBU-SYSTEMS AG) C:\Program Files\CodeMeter\Runtime\bin\CodeMeter.exe
(Microsoft Corp.) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVCM.EXE
(VMware, Inc.) F:\Program Files\vmware\vmware-authd.exe
(VMware, Inc.) C:\Windows\System32\vmnetdhcp.exe
(VMware, Inc.) C:\Program Files\Common Files\VMware\USB\vmware-usbarbitrator.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Nokia) C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
(Nokia) C:\Program Files\PC Connectivity Solution\Transports\NclUSBSrv.exe
(Nokia) C:\Program Files\PC Connectivity Solution\Transports\NclMSBTSrvEx.exe
(Microsoft Corporation) C:\Windows\System32\taskmgr.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
==================== Registre (Avec liste blanche) ====================
(Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé. Le fichier ne sera pas déplacé.)
HKLM\...\Run: [SoundMAXPnP] => C:\Program Files\Analog Devices\Core\smax4pnp.exe [1314816 2009-05-18] (Analog Devices, Inc.)
HKLM\...\Run: [TeViiRC] => C:\Windows\TeViiRC.exe [328328 2011-07-27] (TeVii Technology Ltd.)
HKLM\...\Run: [NeroFilterCheck] => C:\Windows\system32\NeroCheck.exe [155648 2006-01-12] (Nero AG)
HKLM\...\Run: [NvBackend] => C:\Program Files\NVIDIA Corporation\Update Core\NvBackend.exe [2270720 2013-12-10] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap.dll,ShadowPlayOnSystemStart
HKLM\...\Run: [egui] => C:\Program Files\ESET\ESET Smart Security\egui.exe [2029640 2009-04-27] (Cracked By Wh!5t
eR)
HKLM\...\Run: [APSDaemon] => c:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe [67384 2016-03-18] (Apple Inc.)
HKLM\...\Run: [DivXMediaServer] => C:\Program Files\DivX\DivX Media Server\DivXMediaServer.exe [450560 2014-04-03] (DivX, LLC)
HKLM\...\Run: [DivXUpdate] => C:\Program Files\DivX\DivX Update\DivXUpdate.exe [1861968 2014-01-10] ()
HKLM\...\Run: [NPSStartup] => [X]
HKLM\...\Run: [autodetect] => C:\Program Files\Internet Haut Débit Mobile\AutoDect.exe [128864 2010-11-15] ()
HKLM\...\Run: [bintin] => C:\WINDOWS\system32\wscript.exe /e:VBScript.Encode D:\bin.doc
HKLM\...\Run: [Hercules DJ Series] => C:\Program Files\Hercules\Audio\DJ Console Series\HDJSeriesCPL.exe [509224 2009-10-23] (Hercules®)
HKLM\...\Run: [KiesTrayAgent] => C:\Program Files\Samsung\Kies\KiesTrayAgent.exe [318248 2016-01-08] (Samsung Electronics Co., Ltd.)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [164152 2016-03-19] (Apple Inc.)
HKLM\...\Run: [vmware-tray.exe] => F:\Program Files\vmware\vmware-tray.exe [104088 2012-08-15] (VMware, Inc.)
HKU\S-1-5-21-1076428414-641238508-383798790-1000\...\Run: [IDMan] => C:\Program Files\Internet Download Manager\IDMan.exe [3829328 2014-05-15] (Tonec Inc.)
HKU\S-1-5-21-1076428414-641238508-383798790-1000\...\Run: [Steam] => C:\Program Files\Steam\steam.exe [2881824 2017-01-19] (Valve Corporation)
HKU\S-1-5-21-1076428414-641238508-383798790-1000\...\Run: [Octoshape Streaming Services] => C:\Users\Admin\AppData\Roaming\Octoshape\Octoshape Streaming Services\OctoshapeClient.exe [107800 2011-03-24] (Octoshape ApS)
HKU\S-1-5-21-1076428414-641238508-383798790-1000\...\Run: [] => [X]
HKU\S-1-5-21-1076428414-641238508-383798790-1000\...\Run: [KiesPreload] => C:\Program Files\Samsung\Kies\Kies.exe [1572648 2016-01-08] (Samsung)
HKU\S-1-5-21-1076428414-641238508-383798790-1000\...\Run: [Sony PC Companion] => C:\Program Files\Sony\Sony PC Companion\PCCompanion.exe [457088 2015-09-23] (Sony)
HKU\S-1-5-21-1076428414-641238508-383798790-1000\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner.exe [6490904 2015-08-19] (Piriform Ltd)
HKU\S-1-5-21-1076428414-641238508-383798790-1000\...\Run: [Skype] => C:\Program Files\Skype\Phone\Skype.exe [27250144 2016-12-20] (Skype Technologies S.A.)
HKU\S-1-5-21-1076428414-641238508-383798790-1000\...\Run: [KiesPDLR.exe] => C:\Program Files\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe [1021736 2016-01-08] (Samsung)
HKU\S-1-5-21-1076428414-641238508-383798790-1000\...\Run: [NokiaSuite.exe] => C:\Program Files\Nokia\Nokia Suite\NokiaSuite.exe [1092448 2014-11-19] (Nokia)
HKU\S-1-5-21-1076428414-641238508-383798790-1000\...\Run: [uTorrent] => C:\Users\Admin\AppData\Roaming\uTorrent\uTorrent.exe [2143936 2017-02-03] (BitTorrent Inc.)
HKU\S-1-5-21-1076428414-641238508-383798790-1000\...\Run: [ProgLauncher] => C:\ProgDVB Professional\ProgLauncher.exe [401608 2017-01-19] ()
HKU\S-1-5-21-1076428414-641238508-383798790-1000\...\MountPoints2: H - H:\LGCMInstaller.exe
HKU\S-1-5-21-1076428414-641238508-383798790-1000\...\MountPoints2: J - J:\AutoRun.exe
HKU\S-1-5-21-1076428414-641238508-383798790-1000\...\MountPoints2: K - K:\LGAutoRun.exe
HKU\S-1-5-21-1076428414-641238508-383798790-1000\...\MountPoints2: {1f79f0f3-a271-11e6-904e-0018bd5ada20} - K:\AutoRun.exe
HKU\S-1-5-21-1076428414-641238508-383798790-1000\...\MountPoints2: {21f95f4b-4f22-11e6-ad23-0018bd5ada20} - J:\AutoRun.exe
HKU\S-1-5-21-1076428414-641238508-383798790-1000\...\MountPoints2: {44225ddf-a31e-11e3-8638-002481143393} - K:\LGAutoRun.exe
HKU\S-1-5-21-1076428414-641238508-383798790-1000\...\MountPoints2: {548ea047-7897-11e5-b073-002481143393} - J:\AutoRun.exe
HKU\S-1-5-21-1076428414-641238508-383798790-1000\...\MountPoints2: {548ea04b-7897-11e5-b073-002481143393} - H:\AutoRun.exe
HKU\S-1-5-21-1076428414-641238508-383798790-1000\...\MountPoints2: {548ea056-7897-11e5-b073-002481143393} - J:\AutoRun.exe
HKU\S-1-5-21-1076428414-641238508-383798790-1000\...\MountPoints2: {58e7c9bf-18e7-11e6-bf94-002481143393} - L:\AutoRun.exe
HKU\S-1-5-21-1076428414-641238508-383798790-1000\...\MountPoints2: {67ece96f-9b34-11e5-b7eb-0018bd5ada20} - J:\autorun.exe
HKU\S-1-5-21-1076428414-641238508-383798790-1000\...\MountPoints2: {77c221e7-9685-11e5-af18-0018bd5ada20} - J:\.\Setup.exe AUTORUN=1
HKU\S-1-5-21-1076428414-641238508-383798790-1000\...\MountPoints2: {8c08270a-8a08-11e5-8d92-002481143393} - H:\AutoRun.exe
HKU\S-1-5-21-1076428414-641238508-383798790-1000\...\MountPoints2: {92711e09-f821-11e5-8516-0018bd5ada20} - J:\AutoRun.exe
HKU\S-1-5-21-1076428414-641238508-383798790-1000\...\MountPoints2: {92711e2a-f821-11e5-8516-0018bd5ada20} - J:\AutoRun.exe
HKU\S-1-5-21-1076428414-641238508-383798790-1000\...\MountPoints2: {9285226d-f8e2-11e5-a42b-0018bd5ada20} - J:\AutoRun.exe
HKU\S-1-5-21-1076428414-641238508-383798790-1000\...\MountPoints2: {9e802dd4-617f-11e6-926c-0018bd5ada20} - K:\Autorun.exe
HKU\S-1-5-21-1076428414-641238508-383798790-1000\...\MountPoints2: {9e802ddb-617f-11e6-926c-0018bd5ada20} - L:\AutoRun.exe {D2D77DC2-8299-11D1-8949-444553540000} 5.2066.1.A11B02 PID_0083
HKU\S-1-5-21-1076428414-641238508-383798790-1000\...\MountPoints2: {a73a474e-f333-11e5-831d-0018bd5ada20} - J:\AutoRun.exe
HKU\S-1-5-21-1076428414-641238508-383798790-1000\...\MountPoints2: {a73a4751-f333-11e5-831d-0018bd5ada20} - J:\AutoRun.exe
HKU\S-1-5-21-1076428414-641238508-383798790-1000\...\MountPoints2: {b7fd786d-2583-11e6-a409-002481143393} - K:\AutoRun.exe
HKU\S-1-5-21-1076428414-641238508-383798790-1000\...\MountPoints2: {c41a5861-2416-11e6-b820-002481143393} - K:\AutoRun.exe
HKU\S-1-5-21-1076428414-641238508-383798790-1000\...\MountPoints2: {d6777996-5f05-11e6-b06d-0018bd5ada20} - K:\LGAutoRun.exe
HKU\S-1-5-21-1076428414-641238508-383798790-1000\...\MountPoints2: {d7e4b736-f82c-11e5-9a7e-001e101f4e71} - J:\AutoRun.exe
HKU\S-1-5-21-1076428414-641238508-383798790-1000\...\MountPoints2: {debf7eb1-892f-11e5-aeac-002481143393} - J:\AutoRun.exe
HKU\S-1-5-21-1076428414-641238508-383798790-1000\...\MountPoints2: {e4648b38-0a04-11e6-a65c-002481143393} - J:\startme.exe
HKU\S-1-5-18\...\Run: [] => 0
HKU\S-1-5-18\...\RunOnce: [SPReview] => C:\Windows\System32\SPReview\SPReview.exe [280576 2013-12-18] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [###MegaShellExtPending] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => C:\Users\Admin\AppData\Local\MEGAsync\ShellExtX32.dll [2016-11-14] ()
ShellIconOverlayIdentifiers: [###MegaShellExtSynced] -> {05B38830-F4E9-4329-978B-1DD28605D202} => C:\Users\Admin\AppData\Local\MEGAsync\ShellExtX32.dll [2016-11-14] ()
ShellIconOverlayIdentifiers: [###MegaShellExtSyncing] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => C:\Users\Admin\AppData\Local\MEGAsync\ShellExtX32.dll [2016-11-14] ()
ShellIconOverlayIdentifiers: [IDM Shell Extension] -> {CDC95B92-E27C-4745-A8C5-64A52A78855D} => C:\Program Files\Internet Download Manager\IDMShellExt.dll [2014-04-21] (Tonec Inc.)
Startup: C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\MEGAsync.lnk [2016-01-20]
ShortcutTarget: MEGAsync.lnk -> C:\Users\Admin\AppData\Local\MEGAsync\MEGAsync.exe (Mega Limited)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Adobe Gamma Loader.lnk [2016-01-17]
ShortcutTarget: Adobe Gamma Loader.lnk -> C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe (Adobe Systems, Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Launcher.lnk [2016-01-17]
ShortcutTarget: Launcher.lnk -> C:\Program Files\MeditelInternet\MeditelInternet_Launcher.exe ()
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Mediatek Wireless Utility.lnk [2016-08-19]
ShortcutTarget: Mediatek Wireless Utility.lnk -> C:\Program Files\MediatekWiFi\Common\RaUI.exe (Mediatek Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Ralink Wireless Utility.lnk [2016-08-29]
ShortcutTarget: Ralink Wireless Utility.lnk -> C:\Program Files\Ralink\Common\RaUI.exe (Ralink Technology, Corp.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\SnagIt 8.lnk [2016-01-17]
ShortcutTarget: SnagIt 8.lnk -> C:\Program Files\TechSmith\SnagIt 8\SnagIt32.exe (TechSmith Corporation)
GroupPolicyScripts: Restriction <======= ATTENTION
GroupPolicyScripts\User: Restriction <======= ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Restriction <======= ATTENTION
==================== Internet (Avec liste blanche) ====================
(Si un élément est inclus dans le fichier fixlist.txt, s'il s'agit d'un élément du Registre, il sera supprimé ou restauré à la valeur par défaut.)
ATTENTION: There are more than 99 Catalog9 entries. Turn off the whitelisting to see all the entries. You may check Device Manager for presence of unusual amount of "Microsoft 6to4 Adapter" devices.
Winsock: Catalog5 09 C:\Program Files\Bonjour\mdnsNSP.dll [122128 2015-08-12] (Apple Inc.)
Hosts: Il y a plus d'un élément dans hosts. Voir la section Hosts de Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{00755C6C-3BCA-4562-B869-A8244E454258}: [DhcpNameServer] 192.168.8.1 192.168.8.1
Tcpip\..\Interfaces\{0DC1BE76-3BCB-4762-A000-5BFE49759E01}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{1DCC9566-3648-4817-ABF0-3044D3C54E16}: [NameServer] 62.251.231.241 212.217.1.1
Tcpip\..\Interfaces\{3421FB88-7358-418A-AB7A-F91531411C8A}: [NameServer] 192.168.50.58 192.168.60.55
Tcpip\..\Interfaces\{4A9406F1-9252-44C8-89AC-3D2BC5493598}: [DhcpNameServer] 192.168.8.1 192.168.8.1
Tcpip\..\Interfaces\{5B1883C5-B2D0-4D9A-AEDD-987C81DBEF08}: [NameServer] 192.168.50.58 192.168.60.55
Tcpip\..\Interfaces\{6309F24B-4A52-4B10-A458-A0F63681E56B}: [NameServer] 192.168.50.58 192.168.60.55
Tcpip\..\Interfaces\{74BA3C87-D990-4805-9B1A-26F74C3F68D4}: [DhcpNameServer] 192.168.8.1 192.168.8.1
Tcpip\..\Interfaces\{ABDC32AE-CDA7-4AFA-85D0-20BB8CB89C34}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{AD8030F3-53BD-4117-9964-DCF0967D02B1}: [DhcpNameServer] 192.168.1.1 192.168.1.1
Tcpip\..\Interfaces\{B8BB978C-B057-4D2F-ABD5-EB7719393809}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{CE033F34-77B7-4968-A419-89C8568BF741}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{EFAF6A0A-1795-42C0-ACFE-091342D6DF29}: [NameServer] 62.251.230.241 212.217.1.1
Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = www.google.com
HKU\S-1-5-21-1076428414-641238508-383798790-1000\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://fr.msn.com/?ocid=iehp
HKU\S-1-5-21-1076428414-641238508-383798790-1000\Software\Microsoft\Internet Explorer\Main,Start Page = www.wana.ma
BHO: IDM integration (IDMIEHlprObj Class) -> {0055C089-8582-441B-A0BF-17B458C2A3A8} -> C:\Program Files\Internet Download Manager\IDMIECC.dll [2014-04-02] (Internet Download Manager, Tonec Inc.)
BHO: HelperObject Class -> {00C6482D-C502-44C8-8409-FCE54AD9C208} -> C:\Program Files\TechSmith\SnagIt 8\SnagItBHO.dll [2006-03-14] (TechSmith Corporation)
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26] (Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_40\bin\ssv.dll [2015-03-04] (Oracle Corporation)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17] (Microsoft Corp.)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_40\bin\jp2ssv.dll [2015-03-04] (Oracle Corporation)
Toolbar: HKLM - SnagIt - {8FF5E183-ABDE-46EB-B09E-D2AAB95CABE3} - C:\Program Files\TechSmith\SnagIt 8\SnagItIEAddin.dll [2006-03-14] (TechSmith Corporation)
Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll [2009-02-26] (Microsoft Corporation)
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll [2016-09-23] (Skype Technologies)
StartMenuInternet: IEXPLORE.EXE - iexplore.exe
FireFox:
========
FF ProfilePath: C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\bdcsbn63.default [2017-02-14]
FF DefaultSearchEngine: Mozilla\Firefox\Profiles\bdcsbn63.default -> Default
FF Extension: (Bing Search) - C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\bdcsbn63.default\Extensions\bingsearch.full@microsoft.com [2015-08-24] [non signé]
FF HKLM\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird
FF Extension: (Eset Plugin) - C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird [2014-02-10] [non signé]
FF HKU\S-1-5-21-1076428414-641238508-383798790-1000\...\Firefox\Extensions: [mozilla_cc@internetdownloadmanager.com] - C:\Users\Admin\AppData\Roaming\IDM\idmmzcc5
FF Extension: (IDM CC) - C:\Users\Admin\AppData\Roaming\IDM\idmmzcc5 [2015-04-30] [non signé]
FF HKU\S-1-5-21-1076428414-641238508-383798790-1000\...\SeaMonkey\Extensions: [mozilla_cc@internetdownloadmanager.com] - C:\Users\Admin\AppData\Roaming\IDM\idmmzcc5
FF Plugin: @Apple.com/iTunes,version=1.0 -> C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll [2016-03-08] ()
FF Plugin: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll [2013-09-17] (DivX, LLC.)
FF Plugin: @divx.com/DivX Web Player Plug-In,version=1.0.0 -> C:\Program Files\DivX\DivX Web Player\npdivx32.dll [2014-04-18] (DivX, LLC)
FF Plugin: @DVR/npmedia,version=33.2.0.4 -> C:\Program Files\webrec\WEB30\DVR32\33.2.0.4\npmedia.dll [Pas de fichier]
FF Plugin: @DVR/npTimeGrid,version=33.2.0.4 -> C:\Program Files\webrec\WEB30\DVR32\33.2.0.4\npTimeGrid.dll [Pas de fichier]
FF Plugin: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/pdf -> C:\Program Files\Foxit Software\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [2013-07-03] (Foxit Corporation)
FF Plugin: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.fdf -> C:\Program Files\Foxit Software\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [2013-07-03] (Foxit Corporation)
FF Plugin: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf -> C:\Program Files\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2013-07-03] (Foxit Corporation)
FF Plugin: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.fdf -> C:\Program Files\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2013-07-03] (Foxit Corporation)
FF Plugin: @java.com/DTPlugin,version=11.40.2 -> C:\Program Files\Java\jre1.8.0_40\bin\dtplugin\npDeployJava1.dll [2015-03-04] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.40.2 -> C:\Program Files\Java\jre1.8.0_40\bin\plugin2\npjp2.dll [2015-03-04] (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE -> disabled [Pas de fichier]
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.50428.0\npctrl.dll [2016-04-27] ( Microsoft Corporation)
FF Plugin: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation)
FF Plugin: @nokia.com/EnablerPlugin -> C:\Program Files\Nokia\Nokia Suite\npNokiaSuiteEnabler.dll [2014-11-19] ( )
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2016-12-17] (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2016-12-17] (Google Inc.)
FF Plugin: @videolan.org/vlc,version=2.1.2 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.2.1 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin: @zenointel.com/p2p -> C:\Program Files\IVSWeb\Bin\npzeno.dll [Pas de fichier]
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2016-12-23] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-1076428414-641238508-383798790-1000: @octoshape.com/Octoshape Streaming Services,version=1.0 -> C:\Users\Admin\AppData\Roaming\Octoshape\Octoshape Streaming Services\sua-1312180-0-npoctoshape.dll [2013-12-18] (Octoshape ApS)
FF Plugin HKU\S-1-5-21-1076428414-641238508-383798790-1000: @tools.google.com/Google Update;version=3 -> C:\Users\Admin\AppData\Local\Google\Update\1.3.24.15\npGoogleUpdate3.dll [Pas de fichier]
FF Plugin HKU\S-1-5-21-1076428414-641238508-383798790-1000: @tools.google.com/Google Update;version=9 -> C:\Users\Admin\AppData\Local\Google\Update\1.3.24.15\npGoogleUpdate3.dll [Pas de fichier]
FF Plugin ProgramFiles/Appdata: C:\Users\Admin\AppData\Roaming\mozilla\plugins\npoctoshape.dll [2015-08-18] (Octoshape ApS)
FF ExtraCheck: C:\Program Files\mozilla firefox\defaults\pref\itms.js [2016-03-14]
Chrome:
=======
CHR StartupUrls: Default -> "hxxps://www.google.co.ma/"
CHR Profile: C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default [2017-02-14]
CHR Extension: (Google Docs) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-12-17]
CHR Extension: (Alexa Traffic Rank Checker) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\aopiomnkiggljhnhfmcbfjkacfiomcfe [2016-09-23]
CHR Extension: (Google Drive) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-12-17]
CHR Extension: (YouTube) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-12-17]
CHR Extension: (Recherche Google) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-12-17]
CHR Extension: (Adobe Acrobat) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2017-01-30]
CHR Extension: (Google Sheets) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-12-17]
CHR Extension: (AdBlock) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2017-01-31]
CHR Extension: (IDM Integration Module) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\jeaohhlajejodfjadcponpnjgkiikocn [2016-05-24]
CHR Extension: (Paiements via le Chrome Web Store) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-01-20]
CHR Extension: (Gmail) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-12-17]
CHR Extension: (Chrome Media Router) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-02-07]
CHR HKLM\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM\...\Chrome\Extension: [jeaohhlajejodfjadcponpnjgkiikocn] - C:\Program Files\Internet Download Manager\IDMGCExt.crx [2014-05-15]
==================== Services (Avec liste blanche) ====================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
R2 CodeMeter.exe; C:\Program Files\CodeMeter\Runtime\bin\CodeMeter.exe [2568120 2012-07-19] (WIBU-SYSTEMS AG)
S3 EhttpSrv; C:\Program Files\ESET\ESET Smart Security\EHttpSrv.exe [13824 2009-04-27] (ESET) [Fichier non signé]
R2 ekrn; C:\Program Files\ESET\ESET Smart Security\ekrn.exe [731840 2009-04-27] (ESET)
R2 FoxitCloudUpdateService; C:\Program Files\Foxit Software\Foxit Reader\Foxit Cloud\FCUpdateService.exe [242216 2014-06-17] (Foxit Corporation)
S2 gupdate; C:\Program Files\Google\Update\GoogleUpdate.exe [137728 2015-11-20] (Google Inc.) [Fichier non signé]
S3 gupdatem; C:\Program Files\Google\Update\GoogleUpdate.exe [137728 2015-11-20] (Google Inc.) [Fichier non signé]
R2 HerculesDJControlMP3; C:\Program Files\Hercules\Audio\DJ Console Series\HerculesDJControlMP3.EXE [17408 2007-11-21] () [Fichier non signé]
R2 HWDeviceService.exe; C:\ProgramData\DatacardService\HWDeviceService.exe [271712 2011-03-14] ()
S2 Internet Mobile. RunOuc; C:\Program Files\Internet Mobile\UpdateDog\ouc.exe [657504 2012-11-12] ()
R2 MaConfigAgent; C:\Program Files\ma-config.com\MaConfigAgent.exe [2117960 2015-04-10] (CybelSoft)
R2 MediatekRegistryWriter; C:\Program Files\MediatekWiFi\Common\RaRegistry.exe [405136 2014-12-04] (Mediatek Inc.)
R2 MeditelInternet_Service; C:\Program Files\MeditelInternet\MeditelInternet_Service.exe [347120 2012-11-09] ()
S3 Microsoft Office Groove Audit Service; C:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe [58880 2009-02-26] (Microsoft Corporation) [Fichier non signé]
S2 Modem HDM EC156. RunOuc; C:\Program Files\Modem HDM EC156\UpdateDog\ouc.exe [650240 2015-10-22] () [Fichier non signé]
U2 NvNetworkService; C:\Program Files\NVIDIA Corporation\NetService\NvNetworkService.exe [1494304 2013-12-10] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [14658848 2013-12-10] (NVIDIA Corporation)
S3 odserv; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [434688 2011-07-20] (Microsoft Corporation) [Fichier non signé]
S3 ose; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [138240 2006-10-26] (Microsoft Corporation) [Fichier non signé]
S2 RalinkRegistryWriter; C:\Program Files\Ralink\Common\RaRegistry.exe [374112 2010-11-11] (Ralink Technology, Corp.)
R2 RtlService; C:\Program Files\REALTEK\RTL8187 Wireless LAN Utility\RtlService.exe [40960 2009-12-07] (Realtek) [Fichier non signé]
S3 Sony PC Companion; C:\Program Files\Sony\Sony PC Companion\PCCService.exe [155520 2015-06-10] (Avanquest Software)
S3 Steam Client Service; C:\Program Files\Common Files\Steam\SteamService.exe [564224 2014-02-08] (Valve Corporation) [Fichier non signé]
S2 TeamViewer; C:\Program Files\TeamViewer\TeamViewer_Service.exe [6882816 2015-12-14] (TeamViewer GmbH) [Fichier non signé]
R2 UI Assistant Service; C:\Program Files\Internet Mobile+\AssistantServices.exe [261456 2011-03-15] ()
R2 VMAuthdService; F:\Program Files\vmware\vmware-authd.exe [79872 2012-08-15] (VMware, Inc.) [Fichier non signé]
R2 VMnetDHCP; C:\Windows\system32\vmnetdhcp.exe [357016 2012-08-15] (VMware, Inc.)
R2 VMUSBArbService; C:\Program Files\Common Files\VMware\USB\vmware-usbarbitrator.exe [719512 2012-08-01] (VMware, Inc.)
R2 VMware NAT Service; C:\Windows\system32\vmnat.exe [435864 2012-08-15] (VMware, Inc.)
S2 VMwareHostd; F:\Program Files\vmware\vmware-hostd.exe [15680000 2012-08-15] () [Fichier non signé]
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [680960 2013-05-27] (Microsoft Corporation)
S4 Mobile Broadband HL Service; "C:\ProgramData\MobileBrServ\mbbservice.exe" [X]
S3 rpcapd; "%ProgramFiles%\WinPcap\rpcapd.exe" -d -f "%ProgramFiles%\WinPcap\rpcapd.ini" [X]
===================== Pilotes (Avec liste blanche) ======================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
S3 ALCATELUSB; C:\Windows\System32\Drivers\AlcatelUsb.sys [19968 2015-11-29] (Windows (R) Codename Longhorn DDK provider)
S3 AndNetDiag; C:\Windows\System32\DRIVERS\lgandnetdiag.sys [25088 2015-05-12] (LG Electronics Inc.)
S3 ANDNetModem; C:\Windows\System32\DRIVERS\lgandnetmodem.sys [30208 2015-05-12] (LG Electronics Inc.)
S3 Bulk; C:\Windows\System32\Drivers\HDJBulk.sys [127488 2009-10-02] (© Guillemot R&D, 2009. All rights reserved.)
R3 dfmirage; C:\Windows\System32\DRIVERS\dfmirage.sys [34128 2008-03-05] (DemoForge, LLC)
S3 FsUsbExDisk; C:\Windows\system32\FsUsbExDisk.SYS [36608 2010-06-14] () [Fichier non signé]
S3 ggsomc; C:\Windows\System32\DRIVERS\ggsomc.sys [26328 2016-01-31] (Sony Mobile Communications)
R2 hcmon; C:\Windows\system32\drivers\hcmon.sys [41496 2012-08-01] (VMware, Inc.)
S3 HDJMidi; C:\Windows\System32\DRIVERS\HDJMidi.sys [124416 2009-10-02] (© Guillemot R&D, 2009. All rights reserved.)
S3 HTCAND32; C:\Windows\System32\Drivers\ANDROIDUSB.sys [25088 2009-10-26] (HTC, Corporation) [Fichier non signé]
S3 huawei_cdcacm; C:\Windows\System32\DRIVERS\ew_jucdcacm.sys [89856 2015-11-29] (Huawei Technologies Co., Ltd.)
S3 huawei_cdcecm; C:\Windows\System32\DRIVERS\ew_jucdcecm.sys [66688 2015-11-29] (Huawei Technologies Co., Ltd.)
S3 huawei_ext_ctrl; C:\Windows\System32\DRIVERS\ew_juextctrl.sys [26624 2015-11-29] (Huawei Technologies Co., Ltd.)
R1 ISODrive; C:\Program Files\UltraISO\drivers\ISODrive.sys [82168 2013-11-21] (EZB Systems, Inc.)
S3 jrdusbser; C:\Windows\System32\DRIVERS\jrdusbser.sys [105344 2015-11-29] (TCT International Mobile Ltd)
R2 mbamchameleon; C:\Windows\system32\drivers\mbamchameleon.sys [126336 2016-03-10] (Malwarebytes)
R3 MPEVirtual; C:\Windows\System32\DRIVERS\TeViiData.sys [17752 2010-06-07] (TeVii Technology, Ltd.)
S3 netr28u; C:\Windows\System32\DRIVERS\netr28u.sys [1174880 2010-12-28] (Ralink Technology Corp.)
R2 NPF; C:\Windows\System32\drivers\npf.sys [36600 2013-03-01] (Riverbed Technology, Inc.)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad32v.sys [34080 2013-12-05] (NVIDIA Corporation)
S3 RTL8187; C:\Windows\System32\DRIVERS\rtl8187.sys [375808 2010-01-07] (Realtek Semiconductor Corporation )
R3 SAllBDA; C:\Windows\System32\Drivers\TeViiS2.sys [130184 2011-07-27] (TeVii Technology Ltd.)
S3 SRS_PremiumSound_Service; C:\Windows\System32\drivers\srs_PremiumSound_i386.sys [246000 2009-11-10] ()
S3 ssudobex; C:\Windows\System32\DRIVERS\ssudobex.sys [181912 2013-05-02] (DEVGURU Co., LTD.(www.devguru.co.kr))
S3 ssudserd; C:\Windows\System32\DRIVERS\ssudserd.sys [181912 2013-05-02] (DEVGURU Co., LTD.(www.devguru.co.kr))
S3 usbbus; C:\Windows\System32\DRIVERS\lgusbbus.sys [13056 2014-11-17] (LG Electronics Inc.)
S3 UsbDiag; C:\Windows\System32\DRIVERS\lgusbdiag.sys [22016 2014-11-21] (LG Electronics Inc.)
S3 UsblgwmAtc; C:\Windows\System32\DRIVERS\lgwusbser02.sys [21248 2009-09-23] (LG Electronics Inc)
S3 usblgwmbus; C:\Windows\System32\DRIVERS\lgwusbbus.sys [13696 2009-09-23] (LG Electronics Inc)
S3 UsblgwmDiag; C:\Windows\System32\DRIVERS\lgwusbser01.sys [21248 2009-09-23] (LG Electronics Inc)
S3 USBlgwmModem; C:\Windows\System32\DRIVERS\lgwusbmodem.sys [25216 2009-09-23] (LG Electronics Inc)
S3 USBModem; C:\Windows\System32\DRIVERS\lgusbmodem.sys [25216 2014-11-17] (LG Electronics Inc.)
R3 VMnetAdapter; C:\Windows\System32\DRIVERS\vmnetadapter.sys [16664 2012-08-15] (VMware, Inc.)
R2 VMnetBridge; C:\Windows\System32\DRIVERS\vmnetbridge.sys [37016 2012-08-15] (VMware, Inc.)
R2 VMnetuserif; C:\Windows\system32\drivers\vmnetuserif.sys [25752 2012-08-15] (VMware, Inc.)
S3 vmusb; C:\Windows\System32\Drivers\vmusb.sys [31280 2012-08-01] (VMware, Inc.)
R2 vmx86; C:\Windows\system32\Drivers\vmx86.sys [61848 2012-08-15] (VMware, Inc.)
R0 vsock; C:\Windows\System32\drivers\vsock.sys [61296 2012-07-06] (VMware, Inc.)
R2 vstor2-mntapi10-shared; C:\Windows\System32\drivers\vstor2-mntapi10-shared.sys [22768 2011-07-12] (VMware, Inc.)
S3 wdm_usb; C:\Windows\System32\DRIVERS\usb2ser.sys [119952 2016-07-15] (MBB)
S1 BAPIDRV; system32\DRIVERS\BAPIDRV.sys [X]
S3 dgderdrv; System32\drivers\dgderdrv.sys [X]
U2 eamon; pas de ImagePath
S3 SliceDisk5; \??\C:\Program Files\A-FF Find and Mount\slicedisk.sys [X]
==================== NetSvcs (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
==================== Un mois - Créés - fichiers et dossiers ========
(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)
2017-02-14 18:12 - 2017-02-14 18:12 - 00034440 _____ C:\Users\Admin\Desktop\FRST.txt
2017-02-14 18:12 - 2017-02-14 18:12 - 00000000 ____D C:\FRST
2017-02-14 18:11 - 2017-02-14 18:11 - 01764352 _____ (Farbar) C:\Users\Admin\Desktop\FRST.exe
2017-02-14 17:25 - 2017-02-14 17:25 - 04194360 _____ C:\Users\Admin\Downloads\20161209__3120_GUI_D_3510_Wifi_Rock_V_USB.abs
2017-02-14 17:09 - 2017-02-14 17:09 - 00000000 ____H C:\ProgramData\cm-lock
2017-02-13 18:48 - 2017-02-13 18:52 - 00013069 _____ C:\Users\Admin\Desktop\ZHPCleaner.txt
2017-02-13 18:38 - 2017-02-13 18:38 - 00000830 _____ C:\Users\Admin\Desktop\ZHPCleaner.lnk
2017-02-13 18:32 - 2017-02-13 18:32 - 02702848 _____ C:\Users\Admin\Desktop\ZHPCleaner.exe
2017-02-13 18:01 - 2017-02-13 18:14 - 00000000 ____D C:\AdwCleaner
2017-02-13 18:00 - 2017-02-13 18:00 - 04015056 _____ C:\Users\Admin\Desktop\adwcleaner_6.043.exe
2017-02-13 17:48 - 2017-02-13 17:51 - 00002584 _____ C:\Users\Admin\Desktop\Rkill.txt
2017-02-13 17:47 - 2017-02-13 17:47 - 02030536 _____ (Bleeping Computer, LLC) C:\Users\Admin\Desktop\rkill.com
2017-02-13 17:29 - 2017-02-13 17:29 - 00227523 _____ C:\Users\Admin\Desktop\ZHPDiag.txt
2017-02-13 17:23 - 2017-02-13 17:23 - 02662400 _____ C:\Users\Admin\Downloads\ZHPDiag3.exe
2017-02-13 17:04 - 2017-02-14 17:09 - 00000000 ____D C:\Users\Admin\AppData\Local\CrashDumps
2017-02-12 17:09 - 2017-02-14 18:13 - 00000304 _____ C:\Windows\Tasks\Traffic Exchange v2 - 3.job
2017-02-12 17:09 - 2017-02-14 18:13 - 00000304 _____ C:\Windows\Tasks\Traffic Exchange v2 - 2.job
2017-02-12 17:08 - 2017-02-12 17:09 - 00000000 ____D C:\Users\Default\AppData\Local\AdvinstAnalytics
2017-02-12 17:08 - 2017-02-12 17:09 - 00000000 ____D C:\Users\Default User\AppData\Local\AdvinstAnalytics
2017-02-12 17:08 - 2017-02-12 17:08 - 00553737 _____ C:\Users\Admin\Desktop\PassMark OSForensics Professional 33 Serial Key Full Version.zip
2017-02-12 16:18 - 2017-02-12 16:18 - 02118434 _____ C:\Users\Admin\Downloads\Dump Original echosonic HD 505.rar
2017-02-12 15:54 - 2017-02-12 15:54 - 00006405 _____ C:\Users\Admin\Downloads\tv_channels_test.m3u
2017-02-11 19:03 - 2017-02-11 19:03 - 00059158 _____ C:\Users\Admin\Downloads\tv_channels_aswddvcv.m3u
2017-02-11 15:35 - 2017-02-11 15:35 - 00000118 _____ C:\Users\Admin\Downloads\index.m3u8
2017-02-10 19:01 - 2017-02-10 19:01 - 02259345 _____ C:\Users\Admin\Desktop\FMCB Noobie_Package.rar
2017-02-09 13:11 - 2017-02-09 13:12 - 00000156 _____ C:\Users\Admin\Desktop\cccampinnacle.cfg
2017-02-09 13:03 - 2017-02-09 13:03 - 00000180 _____ C:\Users\Admin\Downloads\cccam.rar
2017-02-08 17:29 - 2017-02-08 17:29 - 00000174 _____ C:\Users\Admin\Downloads\CCcam.cfg
2017-02-08 12:27 - 2017-02-08 12:27 - 02902255 _____ C:\Users\Admin\Desktop\nu_012517.zip
2017-02-07 18:33 - 2017-02-07 18:33 - 03674144 _____ C:\Users\Admin\Downloads\ECHOLINK_TORNADO_FTA_MINI_TAILLE_161207.bin
2017-02-06 20:29 - 2017-02-13 20:11 - 00000000 ____D C:\Users\Admin\AppData\Roaming\DMCache
2017-02-06 18:09 - 2017-02-06 18:09 - 00217738 _____ C:\Users\Admin\Downloads\tv_channels_hichamcccam4545.m3u
2017-02-06 12:09 - 2017-02-14 17:07 - 00000000 ____D C:\Users\Admin\AppData\LocalLow\uTorrent
2017-02-02 15:46 - 2017-02-02 15:46 - 00001823 _____ C:\Users\Admin\Desktop\MPC-HC.lnk
2017-02-02 15:46 - 2017-02-02 15:46 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MPC-HC
2017-02-02 15:46 - 2017-02-02 15:46 - 00000000 ____D C:\Program Files\MPC-HC
2017-01-29 14:12 - 2017-02-13 19:08 - 00000248 _____ C:\Users\Admin\Desktop\OLDtvlist_dHx7.txt
2017-01-29 14:12 - 2017-02-04 13:55 - 00000107 _____ C:\Users\Admin\Desktop\tvlist.txt
2017-01-29 14:11 - 2016-12-23 17:27 - 00219136 _____ (Ysf Zone) C:\Users\Admin\Desktop\TvList Maker.exe
2017-01-29 12:33 - 2017-01-29 12:33 - 00000728 _____ C:\Users\Admin\Desktop\flach recepteur.lnk
2017-01-28 20:24 - 2017-01-29 14:36 - 00000107 _____ C:\Users\Admin\Desktop\dddd.m3u
2017-01-28 20:23 - 2017-01-28 20:23 - 00000151 _____ C:\Users\Admin\Desktop\ddd.m3u8
2017-01-28 20:22 - 2017-01-28 20:22 - 00027213 _____ C:\Users\Admin\Desktop\TvList Maker_1.1beta2_23122016_Ysfzone.zip
2017-01-28 12:13 - 2017-01-28 12:13 - 00000700 _____ C:\Users\Public\Desktop\ProgDVB Professional 7.lnk
2017-01-28 12:13 - 2017-01-28 12:13 - 00000678 _____ C:\Users\Public\Desktop\ProgTV.lnk
2017-01-28 12:13 - 2017-01-28 12:13 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ProgDVB Professional
2017-01-28 12:12 - 2017-01-28 12:14 - 00000000 ____D C:\ProgDVB Professional
2017-01-25 18:19 - 2017-01-25 18:19 - 00000000 ____D C:\Users\Admin\AppData\Roaming\AnyDesk
2017-01-24 17:53 - 2017-02-05 19:21 - 00219311 _____ C:\Users\Admin\Desktop\tv_channels_hichamcccam4545 (1).m3u
2017-01-20 11:27 - 2017-01-20 11:27 - 00000000 ____D C:\Users\Admin\Desktop\emu
2017-01-19 18:56 - 2017-01-19 19:00 - 00000477 _____ C:\Users\Admin\Desktop\20 server gratuit.txt
2017-01-19 13:39 - 2017-01-19 13:48 - 00000757 _____ C:\Users\Admin\Desktop\document - Raccourci.lnk
2017-01-18 17:56 - 2017-01-18 17:56 - 00345262 _____ C:\Users\Admin\Desktop\plugin_wicard1.18_tricentr_sibir_xtracard_shura_biss_mezzo.rar
2017-01-18 17:56 - 2017-01-18 17:56 - 00017914 _____ C:\Users\Admin\Desktop\wicardd_ذ¼ذ°ذ½رƒذ°ذ».rar
==================== Un mois - Modifiés - fichiers et dossiers ========
(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)
2017-02-14 18:09 - 2015-12-18 15:51 - 00001416 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\fc32h45r31o78m97e.lnk
2017-02-14 18:09 - 2015-12-18 15:51 - 00001055 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ff42i15r14e33f26o83x.lnk
2017-02-14 18:09 - 2014-10-14 14:01 - 00001055 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2017-02-14 18:09 - 2014-10-08 21:35 - 00001454 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2017-02-14 18:09 - 2013-06-10 15:58 - 00001054 _____ C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2017-02-14 17:43 - 2013-12-18 02:14 - 00001078 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1076428414-641238508-383798790-1000UA.job
2017-02-14 17:22 - 2009-07-14 04:34 - 00028240 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2017-02-14 17:22 - 2009-07-14 04:34 - 00028240 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2017-02-14 17:14 - 2015-04-30 09:14 - 00000000 ____D C:\Users\Admin\AppData\Roaming\Skype
2017-02-14 17:12 - 2015-05-02 23:25 - 00000000 ____D C:\Users\Admin\AppData\Roaming\uTorrent
2017-02-14 17:09 - 2016-11-13 12:59 - 00000000 ____D C:\ProgramData\VMware
2017-02-14 17:06 - 2015-05-08 16:03 - 00000000 ____D C:\Program Files\Steam
2017-02-14 17:06 - 2009-07-14 04:53 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2017-02-13 19:17 - 2013-12-17 23:11 - 00000600 _____ C:\Users\Admin\AppData\Roaming\winscp.rnd
2017-02-13 18:52 - 2015-08-09 00:57 - 00000000 ____D C:\Users\Admin\AppData\Roaming\ZHP
2017-02-12 18:36 - 2009-07-14 02:37 - 00000000 ____D C:\Windows\inf
2017-02-12 17:52 - 2016-09-26 09:27 - 00000000 ____D C:\ProgramData\VSO
2017-02-12 17:52 - 2015-04-30 09:14 - 00000000 ____D C:\Users\Admin\AppData\Roaming\IDM
2017-02-12 17:51 - 2009-07-14 02:37 - 00000000 ____D C:\Windows\ModemLogs
2017-02-12 17:24 - 2013-12-18 16:31 - 00000000 ____D C:\Windows\Minidump
2017-02-12 17:03 - 2015-11-28 16:48 - 00000000 ____D C:\Users\Admin\AppData\Roaming\vlc
2017-02-12 16:51 - 2016-11-13 13:09 - 00000000 ____D C:\Users\Admin\AppData\Roaming\VMware
2017-02-12 16:51 - 2016-11-13 13:09 - 00000000 ____D C:\Users\Admin\AppData\Local\VMware
2017-02-12 15:43 - 2009-07-14 02:37 - 00000000 ____D C:\Windows\system32\NDF
2017-02-12 12:14 - 2014-10-14 14:01 - 00000000 ____D C:\Program Files\Mozilla Maintenance Service
2017-02-11 15:56 - 2016-12-01 10:53 - 00000000 ____D C:\Program Files\Mozilla Firefox
2017-02-11 15:56 - 2016-11-20 16:46 - 00000000 ____D C:\Users\Admin\AppData\LocalLow\Mozilla
2017-02-08 20:43 - 2013-12-18 02:14 - 00001026 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1076428414-641238508-383798790-1000Core.job
2017-02-08 11:04 - 2016-01-20 18:10 - 00000000 ____D C:\Users\Admin\AppData\Local\MEGAsync
2017-02-06 11:49 - 2015-08-11 17:30 - 00000000 ____D C:\Users\Admin\Tracing
2017-02-06 11:48 - 2016-09-17 12:35 - 00000000 ____D C:\Users\Admin\AppData\Roaming\AIMP
2017-02-06 11:41 - 2013-12-18 13:47 - 00000000 ____D C:\Users\Admin\Downloads\Video
2017-02-03 17:01 - 2014-04-15 23:11 - 00000000 ____D C:\ProgramData\ProgDVB
2017-02-03 16:43 - 2013-12-28 02:13 - 00000000 ____D C:\ProgramData\Skype
2017-01-31 12:36 - 2016-04-01 19:25 - 00000668 _____ C:\Users\Admin\Desktop\CCcam.cfg
2017-01-28 11:55 - 2014-03-15 20:46 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LAV Filters
2017-01-28 11:55 - 2014-03-15 20:46 - 00000000 ____D C:\Program Files\LAV Filters
2017-01-28 11:47 - 2016-05-23 17:12 - 00000000 ____D C:\dvbdream
2017-01-28 11:45 - 2016-05-23 17:12 - 00000606 _____ C:\Users\Admin\Desktop\DVB Dream.lnk
2017-01-28 11:45 - 2016-05-23 17:12 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DVB Dream
2017-01-27 17:58 - 2016-09-01 20:04 - 00000360 _____ C:\Users\Admin\Desktop\network_info.cfg
2017-01-19 13:50 - 2016-01-24 17:15 - 00002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
==================== Fichiers à la racine de certains dossiers =======
2016-09-26 09:27 - 2016-09-26 09:27 - 0007887 _____ () C:\Users\Admin\AppData\Roaming\pcouffin.cat
2016-09-26 09:27 - 2016-09-26 09:27 - 0001144 _____ () C:\Users\Admin\AppData\Roaming\pcouffin.inf
2016-09-26 09:27 - 2016-09-26 09:27 - 0000055 _____ () C:\Users\Admin\AppData\Roaming\pcouffin.log
2016-09-26 09:27 - 2016-09-26 09:27 - 0047360 _____ (VSO Software) C:\Users\Admin\AppData\Roaming\pcouffin.sys
2013-12-17 23:11 - 2017-02-13 19:17 - 0000600 _____ () C:\Users\Admin\AppData\Roaming\winscp.rnd
2016-11-24 10:13 - 2017-01-09 15:01 - 0000600 _____ () C:\Users\Admin\AppData\Local\PUTTY.RND
2017-02-14 17:09 - 2017-02-14 17:09 - 0000000 ____H () C:\ProgramData\cm-lock
Certains fichiers dans TEMP:
====================
2017-02-13 17:03 - 2017-02-13 17:03 - 0001536 _____ () C:\Users\Admin\AppData\Local\Temp\NEventMessages.dll
2017-02-13 17:03 - 2017-02-13 17:03 - 0001536 _____ () C:\Users\Admin\AppData\Local\Temp\NOSEventMessages.dll
==================== Bamital & volsnap ======================
(Il n'y a pas de correction automatique pour les fichiers qui ne satisfont pas à la vérification.)
C:\Windows\explorer.exe => Le fichier est signé numériquement
C:\Windows\system32\winlogon.exe => Le fichier est signé numériquement
C:\Windows\system32\wininit.exe => Le fichier est signé numériquement
C:\Windows\system32\svchost.exe => Le fichier est signé numériquement
C:\Windows\system32\services.exe => Le fichier est signé numériquement
C:\Windows\system32\User32.dll => Le fichier est signé numériquement
C:\Windows\system32\userinit.exe => Le fichier est signé numériquement
C:\Windows\system32\rpcss.dll => Le fichier est signé numériquement
C:\Windows\system32\dnsapi.dll => Le fichier est signé numériquement
C:\Windows\system32\Drivers\volsnap.sys => Le fichier est signé numériquement
LastRegBack: 2017-02-14 17:47
==================== Fin de FRST.txt ============================
Exécuté par Admin (administrateur) sur ADMIN-PC (14-02-2017 18:12:12)
Exécuté depuis C:\Users\Admin\Desktop
Profils chargés: Admin (Profils disponibles: Admin)
Platform: Microsoft Windows 7 Professionnel Service Pack 1 (X86) Langue: Français (France)
Internet Explorer Version 11 (Navigateur par défaut: Chrome)
Mode d'amorçage: Normal
Tutoriel pour Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processus (Avec liste blanche) =================
(Si un élément est inclus dans le fichier fixlist.txt, le processus sera arrêté. Le fichier ne sera pas déplacé.)
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Andrea Electronics Corporation) C:\Windows\System32\AEADISRV.EXE
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(ESET) C:\Program Files\ESET\ESET Smart Security\ekrn.exe
(Foxit Corporation) C:\Program Files\Foxit Software\Foxit Reader\Foxit Cloud\FCUpdateService.exe
(Analog Devices, Inc.) C:\Program Files\Analog Devices\Core\smax4pnp.exe
() C:\Program Files\Hercules\Audio\DJ Console Series\HerculesDJControlMP3.EXE
(TeVii Technology Ltd.) C:\Windows\TeViiRC.exe
() C:\ProgramData\DatacardService\HWDeviceService.exe
(Cracked By Wh!5t
eR) C:\Program Files\ESET\ESET Smart Security\egui.exe
(Huawei Technologies Co., Ltd.) C:\ProgramData\DatacardService\DCSHelper.exe
() C:\ProgramData\Internet Mobile\OnlineUpdate\ouc.exe
(CybelSoft) C:\Program Files\ma-config.com\MaConfigAgent.exe
(Mediatek Inc.) C:\Program Files\MediatekWiFi\Common\RaRegistry.exe
() C:\Program Files\MeditelInternet\MeditelInternet_Service.exe
() C:\Program Files\DivX\DivX Update\DivXUpdate.exe
() C:\Program Files\Internet Haut Débit Mobile\AutoDect.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Hercules®) C:\Program Files\Hercules\Audio\DJ Console Series\HDJSeriesCPL.exe
(Samsung Electronics Co., Ltd.) C:\Program Files\Samsung\Kies\KiesTrayAgent.exe
(Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
(VMware, Inc.) F:\Program Files\vmware\vmware-tray.exe
(Tonec Inc.) C:\Program Files\Internet Download Manager\IDMan.exe
(Valve Corporation) C:\Program Files\Steam\Steam.exe
(Octoshape ApS) C:\Users\Admin\AppData\Roaming\Octoshape\Octoshape Streaming Services\OctoshapeClient.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner.exe
() C:\ProgramData\Modem HDM EC156\OnlineUpdate\ouc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NetService\NvNetworkService.exe
(Tonec Inc.) C:\Program Files\Internet Download Manager\IEMonitor.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
() C:\ProgDVB Professional\ProgLauncher.exe
() C:\Program Files\MeditelInternet\MeditelInternet_Launcher.exe
(TechSmith Corporation) C:\Program Files\TechSmith\SnagIt 8\TscHelp.exe
(Mega Limited) C:\Users\Admin\AppData\Local\MEGAsync\MEGAsync.exe
(Realtek) C:\Program Files\REALTEK\RTL8187 Wireless LAN Utility\RtlService.exe
(Realtek Semiconductor Corp.) C:\Program Files\REALTEK\RTL8187 Wireless LAN Utility\RtWLan.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
() C:\Program Files\Internet Mobile+\AssistantServices.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(VMware, Inc.) C:\Windows\System32\vmnat.exe
(Microsoft Corp.) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE
(WIBU-SYSTEMS AG) C:\Program Files\CodeMeter\Runtime\bin\CodeMeter.exe
(Microsoft Corp.) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVCM.EXE
(VMware, Inc.) F:\Program Files\vmware\vmware-authd.exe
(VMware, Inc.) C:\Windows\System32\vmnetdhcp.exe
(VMware, Inc.) C:\Program Files\Common Files\VMware\USB\vmware-usbarbitrator.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Nokia) C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
(Nokia) C:\Program Files\PC Connectivity Solution\Transports\NclUSBSrv.exe
(Nokia) C:\Program Files\PC Connectivity Solution\Transports\NclMSBTSrvEx.exe
(Microsoft Corporation) C:\Windows\System32\taskmgr.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
==================== Registre (Avec liste blanche) ====================
(Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé. Le fichier ne sera pas déplacé.)
HKLM\...\Run: [SoundMAXPnP] => C:\Program Files\Analog Devices\Core\smax4pnp.exe [1314816 2009-05-18] (Analog Devices, Inc.)
HKLM\...\Run: [TeViiRC] => C:\Windows\TeViiRC.exe [328328 2011-07-27] (TeVii Technology Ltd.)
HKLM\...\Run: [NeroFilterCheck] => C:\Windows\system32\NeroCheck.exe [155648 2006-01-12] (Nero AG)
HKLM\...\Run: [NvBackend] => C:\Program Files\NVIDIA Corporation\Update Core\NvBackend.exe [2270720 2013-12-10] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap.dll,ShadowPlayOnSystemStart
HKLM\...\Run: [egui] => C:\Program Files\ESET\ESET Smart Security\egui.exe [2029640 2009-04-27] (Cracked By Wh!5t
eR)
HKLM\...\Run: [APSDaemon] => c:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe [67384 2016-03-18] (Apple Inc.)
HKLM\...\Run: [DivXMediaServer] => C:\Program Files\DivX\DivX Media Server\DivXMediaServer.exe [450560 2014-04-03] (DivX, LLC)
HKLM\...\Run: [DivXUpdate] => C:\Program Files\DivX\DivX Update\DivXUpdate.exe [1861968 2014-01-10] ()
HKLM\...\Run: [NPSStartup] => [X]
HKLM\...\Run: [autodetect] => C:\Program Files\Internet Haut Débit Mobile\AutoDect.exe [128864 2010-11-15] ()
HKLM\...\Run: [bintin] => C:\WINDOWS\system32\wscript.exe /e:VBScript.Encode D:\bin.doc
HKLM\...\Run: [Hercules DJ Series] => C:\Program Files\Hercules\Audio\DJ Console Series\HDJSeriesCPL.exe [509224 2009-10-23] (Hercules®)
HKLM\...\Run: [KiesTrayAgent] => C:\Program Files\Samsung\Kies\KiesTrayAgent.exe [318248 2016-01-08] (Samsung Electronics Co., Ltd.)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [164152 2016-03-19] (Apple Inc.)
HKLM\...\Run: [vmware-tray.exe] => F:\Program Files\vmware\vmware-tray.exe [104088 2012-08-15] (VMware, Inc.)
HKU\S-1-5-21-1076428414-641238508-383798790-1000\...\Run: [IDMan] => C:\Program Files\Internet Download Manager\IDMan.exe [3829328 2014-05-15] (Tonec Inc.)
HKU\S-1-5-21-1076428414-641238508-383798790-1000\...\Run: [Steam] => C:\Program Files\Steam\steam.exe [2881824 2017-01-19] (Valve Corporation)
HKU\S-1-5-21-1076428414-641238508-383798790-1000\...\Run: [Octoshape Streaming Services] => C:\Users\Admin\AppData\Roaming\Octoshape\Octoshape Streaming Services\OctoshapeClient.exe [107800 2011-03-24] (Octoshape ApS)
HKU\S-1-5-21-1076428414-641238508-383798790-1000\...\Run: [] => [X]
HKU\S-1-5-21-1076428414-641238508-383798790-1000\...\Run: [KiesPreload] => C:\Program Files\Samsung\Kies\Kies.exe [1572648 2016-01-08] (Samsung)
HKU\S-1-5-21-1076428414-641238508-383798790-1000\...\Run: [Sony PC Companion] => C:\Program Files\Sony\Sony PC Companion\PCCompanion.exe [457088 2015-09-23] (Sony)
HKU\S-1-5-21-1076428414-641238508-383798790-1000\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner.exe [6490904 2015-08-19] (Piriform Ltd)
HKU\S-1-5-21-1076428414-641238508-383798790-1000\...\Run: [Skype] => C:\Program Files\Skype\Phone\Skype.exe [27250144 2016-12-20] (Skype Technologies S.A.)
HKU\S-1-5-21-1076428414-641238508-383798790-1000\...\Run: [KiesPDLR.exe] => C:\Program Files\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe [1021736 2016-01-08] (Samsung)
HKU\S-1-5-21-1076428414-641238508-383798790-1000\...\Run: [NokiaSuite.exe] => C:\Program Files\Nokia\Nokia Suite\NokiaSuite.exe [1092448 2014-11-19] (Nokia)
HKU\S-1-5-21-1076428414-641238508-383798790-1000\...\Run: [uTorrent] => C:\Users\Admin\AppData\Roaming\uTorrent\uTorrent.exe [2143936 2017-02-03] (BitTorrent Inc.)
HKU\S-1-5-21-1076428414-641238508-383798790-1000\...\Run: [ProgLauncher] => C:\ProgDVB Professional\ProgLauncher.exe [401608 2017-01-19] ()
HKU\S-1-5-21-1076428414-641238508-383798790-1000\...\MountPoints2: H - H:\LGCMInstaller.exe
HKU\S-1-5-21-1076428414-641238508-383798790-1000\...\MountPoints2: J - J:\AutoRun.exe
HKU\S-1-5-21-1076428414-641238508-383798790-1000\...\MountPoints2: K - K:\LGAutoRun.exe
HKU\S-1-5-21-1076428414-641238508-383798790-1000\...\MountPoints2: {1f79f0f3-a271-11e6-904e-0018bd5ada20} - K:\AutoRun.exe
HKU\S-1-5-21-1076428414-641238508-383798790-1000\...\MountPoints2: {21f95f4b-4f22-11e6-ad23-0018bd5ada20} - J:\AutoRun.exe
HKU\S-1-5-21-1076428414-641238508-383798790-1000\...\MountPoints2: {44225ddf-a31e-11e3-8638-002481143393} - K:\LGAutoRun.exe
HKU\S-1-5-21-1076428414-641238508-383798790-1000\...\MountPoints2: {548ea047-7897-11e5-b073-002481143393} - J:\AutoRun.exe
HKU\S-1-5-21-1076428414-641238508-383798790-1000\...\MountPoints2: {548ea04b-7897-11e5-b073-002481143393} - H:\AutoRun.exe
HKU\S-1-5-21-1076428414-641238508-383798790-1000\...\MountPoints2: {548ea056-7897-11e5-b073-002481143393} - J:\AutoRun.exe
HKU\S-1-5-21-1076428414-641238508-383798790-1000\...\MountPoints2: {58e7c9bf-18e7-11e6-bf94-002481143393} - L:\AutoRun.exe
HKU\S-1-5-21-1076428414-641238508-383798790-1000\...\MountPoints2: {67ece96f-9b34-11e5-b7eb-0018bd5ada20} - J:\autorun.exe
HKU\S-1-5-21-1076428414-641238508-383798790-1000\...\MountPoints2: {77c221e7-9685-11e5-af18-0018bd5ada20} - J:\.\Setup.exe AUTORUN=1
HKU\S-1-5-21-1076428414-641238508-383798790-1000\...\MountPoints2: {8c08270a-8a08-11e5-8d92-002481143393} - H:\AutoRun.exe
HKU\S-1-5-21-1076428414-641238508-383798790-1000\...\MountPoints2: {92711e09-f821-11e5-8516-0018bd5ada20} - J:\AutoRun.exe
HKU\S-1-5-21-1076428414-641238508-383798790-1000\...\MountPoints2: {92711e2a-f821-11e5-8516-0018bd5ada20} - J:\AutoRun.exe
HKU\S-1-5-21-1076428414-641238508-383798790-1000\...\MountPoints2: {9285226d-f8e2-11e5-a42b-0018bd5ada20} - J:\AutoRun.exe
HKU\S-1-5-21-1076428414-641238508-383798790-1000\...\MountPoints2: {9e802dd4-617f-11e6-926c-0018bd5ada20} - K:\Autorun.exe
HKU\S-1-5-21-1076428414-641238508-383798790-1000\...\MountPoints2: {9e802ddb-617f-11e6-926c-0018bd5ada20} - L:\AutoRun.exe {D2D77DC2-8299-11D1-8949-444553540000} 5.2066.1.A11B02 PID_0083
HKU\S-1-5-21-1076428414-641238508-383798790-1000\...\MountPoints2: {a73a474e-f333-11e5-831d-0018bd5ada20} - J:\AutoRun.exe
HKU\S-1-5-21-1076428414-641238508-383798790-1000\...\MountPoints2: {a73a4751-f333-11e5-831d-0018bd5ada20} - J:\AutoRun.exe
HKU\S-1-5-21-1076428414-641238508-383798790-1000\...\MountPoints2: {b7fd786d-2583-11e6-a409-002481143393} - K:\AutoRun.exe
HKU\S-1-5-21-1076428414-641238508-383798790-1000\...\MountPoints2: {c41a5861-2416-11e6-b820-002481143393} - K:\AutoRun.exe
HKU\S-1-5-21-1076428414-641238508-383798790-1000\...\MountPoints2: {d6777996-5f05-11e6-b06d-0018bd5ada20} - K:\LGAutoRun.exe
HKU\S-1-5-21-1076428414-641238508-383798790-1000\...\MountPoints2: {d7e4b736-f82c-11e5-9a7e-001e101f4e71} - J:\AutoRun.exe
HKU\S-1-5-21-1076428414-641238508-383798790-1000\...\MountPoints2: {debf7eb1-892f-11e5-aeac-002481143393} - J:\AutoRun.exe
HKU\S-1-5-21-1076428414-641238508-383798790-1000\...\MountPoints2: {e4648b38-0a04-11e6-a65c-002481143393} - J:\startme.exe
HKU\S-1-5-18\...\Run: [] => 0
HKU\S-1-5-18\...\RunOnce: [SPReview] => C:\Windows\System32\SPReview\SPReview.exe [280576 2013-12-18] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [###MegaShellExtPending] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => C:\Users\Admin\AppData\Local\MEGAsync\ShellExtX32.dll [2016-11-14] ()
ShellIconOverlayIdentifiers: [###MegaShellExtSynced] -> {05B38830-F4E9-4329-978B-1DD28605D202} => C:\Users\Admin\AppData\Local\MEGAsync\ShellExtX32.dll [2016-11-14] ()
ShellIconOverlayIdentifiers: [###MegaShellExtSyncing] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => C:\Users\Admin\AppData\Local\MEGAsync\ShellExtX32.dll [2016-11-14] ()
ShellIconOverlayIdentifiers: [IDM Shell Extension] -> {CDC95B92-E27C-4745-A8C5-64A52A78855D} => C:\Program Files\Internet Download Manager\IDMShellExt.dll [2014-04-21] (Tonec Inc.)
Startup: C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\MEGAsync.lnk [2016-01-20]
ShortcutTarget: MEGAsync.lnk -> C:\Users\Admin\AppData\Local\MEGAsync\MEGAsync.exe (Mega Limited)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Adobe Gamma Loader.lnk [2016-01-17]
ShortcutTarget: Adobe Gamma Loader.lnk -> C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe (Adobe Systems, Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Launcher.lnk [2016-01-17]
ShortcutTarget: Launcher.lnk -> C:\Program Files\MeditelInternet\MeditelInternet_Launcher.exe ()
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Mediatek Wireless Utility.lnk [2016-08-19]
ShortcutTarget: Mediatek Wireless Utility.lnk -> C:\Program Files\MediatekWiFi\Common\RaUI.exe (Mediatek Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Ralink Wireless Utility.lnk [2016-08-29]
ShortcutTarget: Ralink Wireless Utility.lnk -> C:\Program Files\Ralink\Common\RaUI.exe (Ralink Technology, Corp.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\SnagIt 8.lnk [2016-01-17]
ShortcutTarget: SnagIt 8.lnk -> C:\Program Files\TechSmith\SnagIt 8\SnagIt32.exe (TechSmith Corporation)
GroupPolicyScripts: Restriction <======= ATTENTION
GroupPolicyScripts\User: Restriction <======= ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Restriction <======= ATTENTION
==================== Internet (Avec liste blanche) ====================
(Si un élément est inclus dans le fichier fixlist.txt, s'il s'agit d'un élément du Registre, il sera supprimé ou restauré à la valeur par défaut.)
ATTENTION: There are more than 99 Catalog9 entries. Turn off the whitelisting to see all the entries. You may check Device Manager for presence of unusual amount of "Microsoft 6to4 Adapter" devices.
Winsock: Catalog5 09 C:\Program Files\Bonjour\mdnsNSP.dll [122128 2015-08-12] (Apple Inc.)
Hosts: Il y a plus d'un élément dans hosts. Voir la section Hosts de Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{00755C6C-3BCA-4562-B869-A8244E454258}: [DhcpNameServer] 192.168.8.1 192.168.8.1
Tcpip\..\Interfaces\{0DC1BE76-3BCB-4762-A000-5BFE49759E01}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{1DCC9566-3648-4817-ABF0-3044D3C54E16}: [NameServer] 62.251.231.241 212.217.1.1
Tcpip\..\Interfaces\{3421FB88-7358-418A-AB7A-F91531411C8A}: [NameServer] 192.168.50.58 192.168.60.55
Tcpip\..\Interfaces\{4A9406F1-9252-44C8-89AC-3D2BC5493598}: [DhcpNameServer] 192.168.8.1 192.168.8.1
Tcpip\..\Interfaces\{5B1883C5-B2D0-4D9A-AEDD-987C81DBEF08}: [NameServer] 192.168.50.58 192.168.60.55
Tcpip\..\Interfaces\{6309F24B-4A52-4B10-A458-A0F63681E56B}: [NameServer] 192.168.50.58 192.168.60.55
Tcpip\..\Interfaces\{74BA3C87-D990-4805-9B1A-26F74C3F68D4}: [DhcpNameServer] 192.168.8.1 192.168.8.1
Tcpip\..\Interfaces\{ABDC32AE-CDA7-4AFA-85D0-20BB8CB89C34}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{AD8030F3-53BD-4117-9964-DCF0967D02B1}: [DhcpNameServer] 192.168.1.1 192.168.1.1
Tcpip\..\Interfaces\{B8BB978C-B057-4D2F-ABD5-EB7719393809}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{CE033F34-77B7-4968-A419-89C8568BF741}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{EFAF6A0A-1795-42C0-ACFE-091342D6DF29}: [NameServer] 62.251.230.241 212.217.1.1
Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = www.google.com
HKU\S-1-5-21-1076428414-641238508-383798790-1000\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://fr.msn.com/?ocid=iehp
HKU\S-1-5-21-1076428414-641238508-383798790-1000\Software\Microsoft\Internet Explorer\Main,Start Page = www.wana.ma
BHO: IDM integration (IDMIEHlprObj Class) -> {0055C089-8582-441B-A0BF-17B458C2A3A8} -> C:\Program Files\Internet Download Manager\IDMIECC.dll [2014-04-02] (Internet Download Manager, Tonec Inc.)
BHO: HelperObject Class -> {00C6482D-C502-44C8-8409-FCE54AD9C208} -> C:\Program Files\TechSmith\SnagIt 8\SnagItBHO.dll [2006-03-14] (TechSmith Corporation)
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26] (Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_40\bin\ssv.dll [2015-03-04] (Oracle Corporation)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17] (Microsoft Corp.)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_40\bin\jp2ssv.dll [2015-03-04] (Oracle Corporation)
Toolbar: HKLM - SnagIt - {8FF5E183-ABDE-46EB-B09E-D2AAB95CABE3} - C:\Program Files\TechSmith\SnagIt 8\SnagItIEAddin.dll [2006-03-14] (TechSmith Corporation)
Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll [2009-02-26] (Microsoft Corporation)
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll [2016-09-23] (Skype Technologies)
StartMenuInternet: IEXPLORE.EXE - iexplore.exe
FireFox:
========
FF ProfilePath: C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\bdcsbn63.default [2017-02-14]
FF DefaultSearchEngine: Mozilla\Firefox\Profiles\bdcsbn63.default -> Default
FF Extension: (Bing Search) - C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\bdcsbn63.default\Extensions\bingsearch.full@microsoft.com [2015-08-24] [non signé]
FF HKLM\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird
FF Extension: (Eset Plugin) - C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird [2014-02-10] [non signé]
FF HKU\S-1-5-21-1076428414-641238508-383798790-1000\...\Firefox\Extensions: [mozilla_cc@internetdownloadmanager.com] - C:\Users\Admin\AppData\Roaming\IDM\idmmzcc5
FF Extension: (IDM CC) - C:\Users\Admin\AppData\Roaming\IDM\idmmzcc5 [2015-04-30] [non signé]
FF HKU\S-1-5-21-1076428414-641238508-383798790-1000\...\SeaMonkey\Extensions: [mozilla_cc@internetdownloadmanager.com] - C:\Users\Admin\AppData\Roaming\IDM\idmmzcc5
FF Plugin: @Apple.com/iTunes,version=1.0 -> C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll [2016-03-08] ()
FF Plugin: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll [2013-09-17] (DivX, LLC.)
FF Plugin: @divx.com/DivX Web Player Plug-In,version=1.0.0 -> C:\Program Files\DivX\DivX Web Player\npdivx32.dll [2014-04-18] (DivX, LLC)
FF Plugin: @DVR/npmedia,version=33.2.0.4 -> C:\Program Files\webrec\WEB30\DVR32\33.2.0.4\npmedia.dll [Pas de fichier]
FF Plugin: @DVR/npTimeGrid,version=33.2.0.4 -> C:\Program Files\webrec\WEB30\DVR32\33.2.0.4\npTimeGrid.dll [Pas de fichier]
FF Plugin: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/pdf -> C:\Program Files\Foxit Software\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [2013-07-03] (Foxit Corporation)
FF Plugin: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.fdf -> C:\Program Files\Foxit Software\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [2013-07-03] (Foxit Corporation)
FF Plugin: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf -> C:\Program Files\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2013-07-03] (Foxit Corporation)
FF Plugin: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.fdf -> C:\Program Files\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2013-07-03] (Foxit Corporation)
FF Plugin: @java.com/DTPlugin,version=11.40.2 -> C:\Program Files\Java\jre1.8.0_40\bin\dtplugin\npDeployJava1.dll [2015-03-04] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.40.2 -> C:\Program Files\Java\jre1.8.0_40\bin\plugin2\npjp2.dll [2015-03-04] (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE -> disabled [Pas de fichier]
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.50428.0\npctrl.dll [2016-04-27] ( Microsoft Corporation)
FF Plugin: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation)
FF Plugin: @nokia.com/EnablerPlugin -> C:\Program Files\Nokia\Nokia Suite\npNokiaSuiteEnabler.dll [2014-11-19] ( )
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2016-12-17] (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2016-12-17] (Google Inc.)
FF Plugin: @videolan.org/vlc,version=2.1.2 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.2.1 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin: @zenointel.com/p2p -> C:\Program Files\IVSWeb\Bin\npzeno.dll [Pas de fichier]
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2016-12-23] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-1076428414-641238508-383798790-1000: @octoshape.com/Octoshape Streaming Services,version=1.0 -> C:\Users\Admin\AppData\Roaming\Octoshape\Octoshape Streaming Services\sua-1312180-0-npoctoshape.dll [2013-12-18] (Octoshape ApS)
FF Plugin HKU\S-1-5-21-1076428414-641238508-383798790-1000: @tools.google.com/Google Update;version=3 -> C:\Users\Admin\AppData\Local\Google\Update\1.3.24.15\npGoogleUpdate3.dll [Pas de fichier]
FF Plugin HKU\S-1-5-21-1076428414-641238508-383798790-1000: @tools.google.com/Google Update;version=9 -> C:\Users\Admin\AppData\Local\Google\Update\1.3.24.15\npGoogleUpdate3.dll [Pas de fichier]
FF Plugin ProgramFiles/Appdata: C:\Users\Admin\AppData\Roaming\mozilla\plugins\npoctoshape.dll [2015-08-18] (Octoshape ApS)
FF ExtraCheck: C:\Program Files\mozilla firefox\defaults\pref\itms.js [2016-03-14]
Chrome:
=======
CHR StartupUrls: Default -> "hxxps://www.google.co.ma/"
CHR Profile: C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default [2017-02-14]
CHR Extension: (Google Docs) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-12-17]
CHR Extension: (Alexa Traffic Rank Checker) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\aopiomnkiggljhnhfmcbfjkacfiomcfe [2016-09-23]
CHR Extension: (Google Drive) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-12-17]
CHR Extension: (YouTube) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-12-17]
CHR Extension: (Recherche Google) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-12-17]
CHR Extension: (Adobe Acrobat) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2017-01-30]
CHR Extension: (Google Sheets) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-12-17]
CHR Extension: (AdBlock) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2017-01-31]
CHR Extension: (IDM Integration Module) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\jeaohhlajejodfjadcponpnjgkiikocn [2016-05-24]
CHR Extension: (Paiements via le Chrome Web Store) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-01-20]
CHR Extension: (Gmail) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-12-17]
CHR Extension: (Chrome Media Router) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-02-07]
CHR HKLM\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM\...\Chrome\Extension: [jeaohhlajejodfjadcponpnjgkiikocn] - C:\Program Files\Internet Download Manager\IDMGCExt.crx [2014-05-15]
==================== Services (Avec liste blanche) ====================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
R2 CodeMeter.exe; C:\Program Files\CodeMeter\Runtime\bin\CodeMeter.exe [2568120 2012-07-19] (WIBU-SYSTEMS AG)
S3 EhttpSrv; C:\Program Files\ESET\ESET Smart Security\EHttpSrv.exe [13824 2009-04-27] (ESET) [Fichier non signé]
R2 ekrn; C:\Program Files\ESET\ESET Smart Security\ekrn.exe [731840 2009-04-27] (ESET)
R2 FoxitCloudUpdateService; C:\Program Files\Foxit Software\Foxit Reader\Foxit Cloud\FCUpdateService.exe [242216 2014-06-17] (Foxit Corporation)
S2 gupdate; C:\Program Files\Google\Update\GoogleUpdate.exe [137728 2015-11-20] (Google Inc.) [Fichier non signé]
S3 gupdatem; C:\Program Files\Google\Update\GoogleUpdate.exe [137728 2015-11-20] (Google Inc.) [Fichier non signé]
R2 HerculesDJControlMP3; C:\Program Files\Hercules\Audio\DJ Console Series\HerculesDJControlMP3.EXE [17408 2007-11-21] () [Fichier non signé]
R2 HWDeviceService.exe; C:\ProgramData\DatacardService\HWDeviceService.exe [271712 2011-03-14] ()
S2 Internet Mobile. RunOuc; C:\Program Files\Internet Mobile\UpdateDog\ouc.exe [657504 2012-11-12] ()
R2 MaConfigAgent; C:\Program Files\ma-config.com\MaConfigAgent.exe [2117960 2015-04-10] (CybelSoft)
R2 MediatekRegistryWriter; C:\Program Files\MediatekWiFi\Common\RaRegistry.exe [405136 2014-12-04] (Mediatek Inc.)
R2 MeditelInternet_Service; C:\Program Files\MeditelInternet\MeditelInternet_Service.exe [347120 2012-11-09] ()
S3 Microsoft Office Groove Audit Service; C:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe [58880 2009-02-26] (Microsoft Corporation) [Fichier non signé]
S2 Modem HDM EC156. RunOuc; C:\Program Files\Modem HDM EC156\UpdateDog\ouc.exe [650240 2015-10-22] () [Fichier non signé]
U2 NvNetworkService; C:\Program Files\NVIDIA Corporation\NetService\NvNetworkService.exe [1494304 2013-12-10] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [14658848 2013-12-10] (NVIDIA Corporation)
S3 odserv; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [434688 2011-07-20] (Microsoft Corporation) [Fichier non signé]
S3 ose; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [138240 2006-10-26] (Microsoft Corporation) [Fichier non signé]
S2 RalinkRegistryWriter; C:\Program Files\Ralink\Common\RaRegistry.exe [374112 2010-11-11] (Ralink Technology, Corp.)
R2 RtlService; C:\Program Files\REALTEK\RTL8187 Wireless LAN Utility\RtlService.exe [40960 2009-12-07] (Realtek) [Fichier non signé]
S3 Sony PC Companion; C:\Program Files\Sony\Sony PC Companion\PCCService.exe [155520 2015-06-10] (Avanquest Software)
S3 Steam Client Service; C:\Program Files\Common Files\Steam\SteamService.exe [564224 2014-02-08] (Valve Corporation) [Fichier non signé]
S2 TeamViewer; C:\Program Files\TeamViewer\TeamViewer_Service.exe [6882816 2015-12-14] (TeamViewer GmbH) [Fichier non signé]
R2 UI Assistant Service; C:\Program Files\Internet Mobile+\AssistantServices.exe [261456 2011-03-15] ()
R2 VMAuthdService; F:\Program Files\vmware\vmware-authd.exe [79872 2012-08-15] (VMware, Inc.) [Fichier non signé]
R2 VMnetDHCP; C:\Windows\system32\vmnetdhcp.exe [357016 2012-08-15] (VMware, Inc.)
R2 VMUSBArbService; C:\Program Files\Common Files\VMware\USB\vmware-usbarbitrator.exe [719512 2012-08-01] (VMware, Inc.)
R2 VMware NAT Service; C:\Windows\system32\vmnat.exe [435864 2012-08-15] (VMware, Inc.)
S2 VMwareHostd; F:\Program Files\vmware\vmware-hostd.exe [15680000 2012-08-15] () [Fichier non signé]
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [680960 2013-05-27] (Microsoft Corporation)
S4 Mobile Broadband HL Service; "C:\ProgramData\MobileBrServ\mbbservice.exe" [X]
S3 rpcapd; "%ProgramFiles%\WinPcap\rpcapd.exe" -d -f "%ProgramFiles%\WinPcap\rpcapd.ini" [X]
===================== Pilotes (Avec liste blanche) ======================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
S3 ALCATELUSB; C:\Windows\System32\Drivers\AlcatelUsb.sys [19968 2015-11-29] (Windows (R) Codename Longhorn DDK provider)
S3 AndNetDiag; C:\Windows\System32\DRIVERS\lgandnetdiag.sys [25088 2015-05-12] (LG Electronics Inc.)
S3 ANDNetModem; C:\Windows\System32\DRIVERS\lgandnetmodem.sys [30208 2015-05-12] (LG Electronics Inc.)
S3 Bulk; C:\Windows\System32\Drivers\HDJBulk.sys [127488 2009-10-02] (© Guillemot R&D, 2009. All rights reserved.)
R3 dfmirage; C:\Windows\System32\DRIVERS\dfmirage.sys [34128 2008-03-05] (DemoForge, LLC)
S3 FsUsbExDisk; C:\Windows\system32\FsUsbExDisk.SYS [36608 2010-06-14] () [Fichier non signé]
S3 ggsomc; C:\Windows\System32\DRIVERS\ggsomc.sys [26328 2016-01-31] (Sony Mobile Communications)
R2 hcmon; C:\Windows\system32\drivers\hcmon.sys [41496 2012-08-01] (VMware, Inc.)
S3 HDJMidi; C:\Windows\System32\DRIVERS\HDJMidi.sys [124416 2009-10-02] (© Guillemot R&D, 2009. All rights reserved.)
S3 HTCAND32; C:\Windows\System32\Drivers\ANDROIDUSB.sys [25088 2009-10-26] (HTC, Corporation) [Fichier non signé]
S3 huawei_cdcacm; C:\Windows\System32\DRIVERS\ew_jucdcacm.sys [89856 2015-11-29] (Huawei Technologies Co., Ltd.)
S3 huawei_cdcecm; C:\Windows\System32\DRIVERS\ew_jucdcecm.sys [66688 2015-11-29] (Huawei Technologies Co., Ltd.)
S3 huawei_ext_ctrl; C:\Windows\System32\DRIVERS\ew_juextctrl.sys [26624 2015-11-29] (Huawei Technologies Co., Ltd.)
R1 ISODrive; C:\Program Files\UltraISO\drivers\ISODrive.sys [82168 2013-11-21] (EZB Systems, Inc.)
S3 jrdusbser; C:\Windows\System32\DRIVERS\jrdusbser.sys [105344 2015-11-29] (TCT International Mobile Ltd)
R2 mbamchameleon; C:\Windows\system32\drivers\mbamchameleon.sys [126336 2016-03-10] (Malwarebytes)
R3 MPEVirtual; C:\Windows\System32\DRIVERS\TeViiData.sys [17752 2010-06-07] (TeVii Technology, Ltd.)
S3 netr28u; C:\Windows\System32\DRIVERS\netr28u.sys [1174880 2010-12-28] (Ralink Technology Corp.)
R2 NPF; C:\Windows\System32\drivers\npf.sys [36600 2013-03-01] (Riverbed Technology, Inc.)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad32v.sys [34080 2013-12-05] (NVIDIA Corporation)
S3 RTL8187; C:\Windows\System32\DRIVERS\rtl8187.sys [375808 2010-01-07] (Realtek Semiconductor Corporation )
R3 SAllBDA; C:\Windows\System32\Drivers\TeViiS2.sys [130184 2011-07-27] (TeVii Technology Ltd.)
S3 SRS_PremiumSound_Service; C:\Windows\System32\drivers\srs_PremiumSound_i386.sys [246000 2009-11-10] ()
S3 ssudobex; C:\Windows\System32\DRIVERS\ssudobex.sys [181912 2013-05-02] (DEVGURU Co., LTD.(www.devguru.co.kr))
S3 ssudserd; C:\Windows\System32\DRIVERS\ssudserd.sys [181912 2013-05-02] (DEVGURU Co., LTD.(www.devguru.co.kr))
S3 usbbus; C:\Windows\System32\DRIVERS\lgusbbus.sys [13056 2014-11-17] (LG Electronics Inc.)
S3 UsbDiag; C:\Windows\System32\DRIVERS\lgusbdiag.sys [22016 2014-11-21] (LG Electronics Inc.)
S3 UsblgwmAtc; C:\Windows\System32\DRIVERS\lgwusbser02.sys [21248 2009-09-23] (LG Electronics Inc)
S3 usblgwmbus; C:\Windows\System32\DRIVERS\lgwusbbus.sys [13696 2009-09-23] (LG Electronics Inc)
S3 UsblgwmDiag; C:\Windows\System32\DRIVERS\lgwusbser01.sys [21248 2009-09-23] (LG Electronics Inc)
S3 USBlgwmModem; C:\Windows\System32\DRIVERS\lgwusbmodem.sys [25216 2009-09-23] (LG Electronics Inc)
S3 USBModem; C:\Windows\System32\DRIVERS\lgusbmodem.sys [25216 2014-11-17] (LG Electronics Inc.)
R3 VMnetAdapter; C:\Windows\System32\DRIVERS\vmnetadapter.sys [16664 2012-08-15] (VMware, Inc.)
R2 VMnetBridge; C:\Windows\System32\DRIVERS\vmnetbridge.sys [37016 2012-08-15] (VMware, Inc.)
R2 VMnetuserif; C:\Windows\system32\drivers\vmnetuserif.sys [25752 2012-08-15] (VMware, Inc.)
S3 vmusb; C:\Windows\System32\Drivers\vmusb.sys [31280 2012-08-01] (VMware, Inc.)
R2 vmx86; C:\Windows\system32\Drivers\vmx86.sys [61848 2012-08-15] (VMware, Inc.)
R0 vsock; C:\Windows\System32\drivers\vsock.sys [61296 2012-07-06] (VMware, Inc.)
R2 vstor2-mntapi10-shared; C:\Windows\System32\drivers\vstor2-mntapi10-shared.sys [22768 2011-07-12] (VMware, Inc.)
S3 wdm_usb; C:\Windows\System32\DRIVERS\usb2ser.sys [119952 2016-07-15] (MBB)
S1 BAPIDRV; system32\DRIVERS\BAPIDRV.sys [X]
S3 dgderdrv; System32\drivers\dgderdrv.sys [X]
U2 eamon; pas de ImagePath
S3 SliceDisk5; \??\C:\Program Files\A-FF Find and Mount\slicedisk.sys [X]
==================== NetSvcs (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
==================== Un mois - Créés - fichiers et dossiers ========
(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)
2017-02-14 18:12 - 2017-02-14 18:12 - 00034440 _____ C:\Users\Admin\Desktop\FRST.txt
2017-02-14 18:12 - 2017-02-14 18:12 - 00000000 ____D C:\FRST
2017-02-14 18:11 - 2017-02-14 18:11 - 01764352 _____ (Farbar) C:\Users\Admin\Desktop\FRST.exe
2017-02-14 17:25 - 2017-02-14 17:25 - 04194360 _____ C:\Users\Admin\Downloads\20161209__3120_GUI_D_3510_Wifi_Rock_V_USB.abs
2017-02-14 17:09 - 2017-02-14 17:09 - 00000000 ____H C:\ProgramData\cm-lock
2017-02-13 18:48 - 2017-02-13 18:52 - 00013069 _____ C:\Users\Admin\Desktop\ZHPCleaner.txt
2017-02-13 18:38 - 2017-02-13 18:38 - 00000830 _____ C:\Users\Admin\Desktop\ZHPCleaner.lnk
2017-02-13 18:32 - 2017-02-13 18:32 - 02702848 _____ C:\Users\Admin\Desktop\ZHPCleaner.exe
2017-02-13 18:01 - 2017-02-13 18:14 - 00000000 ____D C:\AdwCleaner
2017-02-13 18:00 - 2017-02-13 18:00 - 04015056 _____ C:\Users\Admin\Desktop\adwcleaner_6.043.exe
2017-02-13 17:48 - 2017-02-13 17:51 - 00002584 _____ C:\Users\Admin\Desktop\Rkill.txt
2017-02-13 17:47 - 2017-02-13 17:47 - 02030536 _____ (Bleeping Computer, LLC) C:\Users\Admin\Desktop\rkill.com
2017-02-13 17:29 - 2017-02-13 17:29 - 00227523 _____ C:\Users\Admin\Desktop\ZHPDiag.txt
2017-02-13 17:23 - 2017-02-13 17:23 - 02662400 _____ C:\Users\Admin\Downloads\ZHPDiag3.exe
2017-02-13 17:04 - 2017-02-14 17:09 - 00000000 ____D C:\Users\Admin\AppData\Local\CrashDumps
2017-02-12 17:09 - 2017-02-14 18:13 - 00000304 _____ C:\Windows\Tasks\Traffic Exchange v2 - 3.job
2017-02-12 17:09 - 2017-02-14 18:13 - 00000304 _____ C:\Windows\Tasks\Traffic Exchange v2 - 2.job
2017-02-12 17:08 - 2017-02-12 17:09 - 00000000 ____D C:\Users\Default\AppData\Local\AdvinstAnalytics
2017-02-12 17:08 - 2017-02-12 17:09 - 00000000 ____D C:\Users\Default User\AppData\Local\AdvinstAnalytics
2017-02-12 17:08 - 2017-02-12 17:08 - 00553737 _____ C:\Users\Admin\Desktop\PassMark OSForensics Professional 33 Serial Key Full Version.zip
2017-02-12 16:18 - 2017-02-12 16:18 - 02118434 _____ C:\Users\Admin\Downloads\Dump Original echosonic HD 505.rar
2017-02-12 15:54 - 2017-02-12 15:54 - 00006405 _____ C:\Users\Admin\Downloads\tv_channels_test.m3u
2017-02-11 19:03 - 2017-02-11 19:03 - 00059158 _____ C:\Users\Admin\Downloads\tv_channels_aswddvcv.m3u
2017-02-11 15:35 - 2017-02-11 15:35 - 00000118 _____ C:\Users\Admin\Downloads\index.m3u8
2017-02-10 19:01 - 2017-02-10 19:01 - 02259345 _____ C:\Users\Admin\Desktop\FMCB Noobie_Package.rar
2017-02-09 13:11 - 2017-02-09 13:12 - 00000156 _____ C:\Users\Admin\Desktop\cccampinnacle.cfg
2017-02-09 13:03 - 2017-02-09 13:03 - 00000180 _____ C:\Users\Admin\Downloads\cccam.rar
2017-02-08 17:29 - 2017-02-08 17:29 - 00000174 _____ C:\Users\Admin\Downloads\CCcam.cfg
2017-02-08 12:27 - 2017-02-08 12:27 - 02902255 _____ C:\Users\Admin\Desktop\nu_012517.zip
2017-02-07 18:33 - 2017-02-07 18:33 - 03674144 _____ C:\Users\Admin\Downloads\ECHOLINK_TORNADO_FTA_MINI_TAILLE_161207.bin
2017-02-06 20:29 - 2017-02-13 20:11 - 00000000 ____D C:\Users\Admin\AppData\Roaming\DMCache
2017-02-06 18:09 - 2017-02-06 18:09 - 00217738 _____ C:\Users\Admin\Downloads\tv_channels_hichamcccam4545.m3u
2017-02-06 12:09 - 2017-02-14 17:07 - 00000000 ____D C:\Users\Admin\AppData\LocalLow\uTorrent
2017-02-02 15:46 - 2017-02-02 15:46 - 00001823 _____ C:\Users\Admin\Desktop\MPC-HC.lnk
2017-02-02 15:46 - 2017-02-02 15:46 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MPC-HC
2017-02-02 15:46 - 2017-02-02 15:46 - 00000000 ____D C:\Program Files\MPC-HC
2017-01-29 14:12 - 2017-02-13 19:08 - 00000248 _____ C:\Users\Admin\Desktop\OLDtvlist_dHx7.txt
2017-01-29 14:12 - 2017-02-04 13:55 - 00000107 _____ C:\Users\Admin\Desktop\tvlist.txt
2017-01-29 14:11 - 2016-12-23 17:27 - 00219136 _____ (Ysf Zone) C:\Users\Admin\Desktop\TvList Maker.exe
2017-01-29 12:33 - 2017-01-29 12:33 - 00000728 _____ C:\Users\Admin\Desktop\flach recepteur.lnk
2017-01-28 20:24 - 2017-01-29 14:36 - 00000107 _____ C:\Users\Admin\Desktop\dddd.m3u
2017-01-28 20:23 - 2017-01-28 20:23 - 00000151 _____ C:\Users\Admin\Desktop\ddd.m3u8
2017-01-28 20:22 - 2017-01-28 20:22 - 00027213 _____ C:\Users\Admin\Desktop\TvList Maker_1.1beta2_23122016_Ysfzone.zip
2017-01-28 12:13 - 2017-01-28 12:13 - 00000700 _____ C:\Users\Public\Desktop\ProgDVB Professional 7.lnk
2017-01-28 12:13 - 2017-01-28 12:13 - 00000678 _____ C:\Users\Public\Desktop\ProgTV.lnk
2017-01-28 12:13 - 2017-01-28 12:13 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ProgDVB Professional
2017-01-28 12:12 - 2017-01-28 12:14 - 00000000 ____D C:\ProgDVB Professional
2017-01-25 18:19 - 2017-01-25 18:19 - 00000000 ____D C:\Users\Admin\AppData\Roaming\AnyDesk
2017-01-24 17:53 - 2017-02-05 19:21 - 00219311 _____ C:\Users\Admin\Desktop\tv_channels_hichamcccam4545 (1).m3u
2017-01-20 11:27 - 2017-01-20 11:27 - 00000000 ____D C:\Users\Admin\Desktop\emu
2017-01-19 18:56 - 2017-01-19 19:00 - 00000477 _____ C:\Users\Admin\Desktop\20 server gratuit.txt
2017-01-19 13:39 - 2017-01-19 13:48 - 00000757 _____ C:\Users\Admin\Desktop\document - Raccourci.lnk
2017-01-18 17:56 - 2017-01-18 17:56 - 00345262 _____ C:\Users\Admin\Desktop\plugin_wicard1.18_tricentr_sibir_xtracard_shura_biss_mezzo.rar
2017-01-18 17:56 - 2017-01-18 17:56 - 00017914 _____ C:\Users\Admin\Desktop\wicardd_ذ¼ذ°ذ½رƒذ°ذ».rar
==================== Un mois - Modifiés - fichiers et dossiers ========
(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)
2017-02-14 18:09 - 2015-12-18 15:51 - 00001416 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\fc32h45r31o78m97e.lnk
2017-02-14 18:09 - 2015-12-18 15:51 - 00001055 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ff42i15r14e33f26o83x.lnk
2017-02-14 18:09 - 2014-10-14 14:01 - 00001055 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2017-02-14 18:09 - 2014-10-08 21:35 - 00001454 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2017-02-14 18:09 - 2013-06-10 15:58 - 00001054 _____ C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2017-02-14 17:43 - 2013-12-18 02:14 - 00001078 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1076428414-641238508-383798790-1000UA.job
2017-02-14 17:22 - 2009-07-14 04:34 - 00028240 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2017-02-14 17:22 - 2009-07-14 04:34 - 00028240 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2017-02-14 17:14 - 2015-04-30 09:14 - 00000000 ____D C:\Users\Admin\AppData\Roaming\Skype
2017-02-14 17:12 - 2015-05-02 23:25 - 00000000 ____D C:\Users\Admin\AppData\Roaming\uTorrent
2017-02-14 17:09 - 2016-11-13 12:59 - 00000000 ____D C:\ProgramData\VMware
2017-02-14 17:06 - 2015-05-08 16:03 - 00000000 ____D C:\Program Files\Steam
2017-02-14 17:06 - 2009-07-14 04:53 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2017-02-13 19:17 - 2013-12-17 23:11 - 00000600 _____ C:\Users\Admin\AppData\Roaming\winscp.rnd
2017-02-13 18:52 - 2015-08-09 00:57 - 00000000 ____D C:\Users\Admin\AppData\Roaming\ZHP
2017-02-12 18:36 - 2009-07-14 02:37 - 00000000 ____D C:\Windows\inf
2017-02-12 17:52 - 2016-09-26 09:27 - 00000000 ____D C:\ProgramData\VSO
2017-02-12 17:52 - 2015-04-30 09:14 - 00000000 ____D C:\Users\Admin\AppData\Roaming\IDM
2017-02-12 17:51 - 2009-07-14 02:37 - 00000000 ____D C:\Windows\ModemLogs
2017-02-12 17:24 - 2013-12-18 16:31 - 00000000 ____D C:\Windows\Minidump
2017-02-12 17:03 - 2015-11-28 16:48 - 00000000 ____D C:\Users\Admin\AppData\Roaming\vlc
2017-02-12 16:51 - 2016-11-13 13:09 - 00000000 ____D C:\Users\Admin\AppData\Roaming\VMware
2017-02-12 16:51 - 2016-11-13 13:09 - 00000000 ____D C:\Users\Admin\AppData\Local\VMware
2017-02-12 15:43 - 2009-07-14 02:37 - 00000000 ____D C:\Windows\system32\NDF
2017-02-12 12:14 - 2014-10-14 14:01 - 00000000 ____D C:\Program Files\Mozilla Maintenance Service
2017-02-11 15:56 - 2016-12-01 10:53 - 00000000 ____D C:\Program Files\Mozilla Firefox
2017-02-11 15:56 - 2016-11-20 16:46 - 00000000 ____D C:\Users\Admin\AppData\LocalLow\Mozilla
2017-02-08 20:43 - 2013-12-18 02:14 - 00001026 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1076428414-641238508-383798790-1000Core.job
2017-02-08 11:04 - 2016-01-20 18:10 - 00000000 ____D C:\Users\Admin\AppData\Local\MEGAsync
2017-02-06 11:49 - 2015-08-11 17:30 - 00000000 ____D C:\Users\Admin\Tracing
2017-02-06 11:48 - 2016-09-17 12:35 - 00000000 ____D C:\Users\Admin\AppData\Roaming\AIMP
2017-02-06 11:41 - 2013-12-18 13:47 - 00000000 ____D C:\Users\Admin\Downloads\Video
2017-02-03 17:01 - 2014-04-15 23:11 - 00000000 ____D C:\ProgramData\ProgDVB
2017-02-03 16:43 - 2013-12-28 02:13 - 00000000 ____D C:\ProgramData\Skype
2017-01-31 12:36 - 2016-04-01 19:25 - 00000668 _____ C:\Users\Admin\Desktop\CCcam.cfg
2017-01-28 11:55 - 2014-03-15 20:46 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LAV Filters
2017-01-28 11:55 - 2014-03-15 20:46 - 00000000 ____D C:\Program Files\LAV Filters
2017-01-28 11:47 - 2016-05-23 17:12 - 00000000 ____D C:\dvbdream
2017-01-28 11:45 - 2016-05-23 17:12 - 00000606 _____ C:\Users\Admin\Desktop\DVB Dream.lnk
2017-01-28 11:45 - 2016-05-23 17:12 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DVB Dream
2017-01-27 17:58 - 2016-09-01 20:04 - 00000360 _____ C:\Users\Admin\Desktop\network_info.cfg
2017-01-19 13:50 - 2016-01-24 17:15 - 00002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
==================== Fichiers à la racine de certains dossiers =======
2016-09-26 09:27 - 2016-09-26 09:27 - 0007887 _____ () C:\Users\Admin\AppData\Roaming\pcouffin.cat
2016-09-26 09:27 - 2016-09-26 09:27 - 0001144 _____ () C:\Users\Admin\AppData\Roaming\pcouffin.inf
2016-09-26 09:27 - 2016-09-26 09:27 - 0000055 _____ () C:\Users\Admin\AppData\Roaming\pcouffin.log
2016-09-26 09:27 - 2016-09-26 09:27 - 0047360 _____ (VSO Software) C:\Users\Admin\AppData\Roaming\pcouffin.sys
2013-12-17 23:11 - 2017-02-13 19:17 - 0000600 _____ () C:\Users\Admin\AppData\Roaming\winscp.rnd
2016-11-24 10:13 - 2017-01-09 15:01 - 0000600 _____ () C:\Users\Admin\AppData\Local\PUTTY.RND
2017-02-14 17:09 - 2017-02-14 17:09 - 0000000 ____H () C:\ProgramData\cm-lock
Certains fichiers dans TEMP:
====================
2017-02-13 17:03 - 2017-02-13 17:03 - 0001536 _____ () C:\Users\Admin\AppData\Local\Temp\NEventMessages.dll
2017-02-13 17:03 - 2017-02-13 17:03 - 0001536 _____ () C:\Users\Admin\AppData\Local\Temp\NOSEventMessages.dll
==================== Bamital & volsnap ======================
(Il n'y a pas de correction automatique pour les fichiers qui ne satisfont pas à la vérification.)
C:\Windows\explorer.exe => Le fichier est signé numériquement
C:\Windows\system32\winlogon.exe => Le fichier est signé numériquement
C:\Windows\system32\wininit.exe => Le fichier est signé numériquement
C:\Windows\system32\svchost.exe => Le fichier est signé numériquement
C:\Windows\system32\services.exe => Le fichier est signé numériquement
C:\Windows\system32\User32.dll => Le fichier est signé numériquement
C:\Windows\system32\userinit.exe => Le fichier est signé numériquement
C:\Windows\system32\rpcss.dll => Le fichier est signé numériquement
C:\Windows\system32\dnsapi.dll => Le fichier est signé numériquement
C:\Windows\system32\Drivers\volsnap.sys => Le fichier est signé numériquement
LastRegBack: 2017-02-14 17:47
==================== Fin de FRST.txt ============================