Publicité
Publicité
Format du document : text/plain
Prévisualisation
Résultats d'analyse de Farbar Recovery Scan Tool (FRST) (x64) Version: 20-04-2017
Exécuté par lotfi (administrateur) sur LOTFI-PC (20-04-2017 19:23:50)
Exécuté depuis C:\Users\lotfi\Desktop
Profils chargés: lotfi (Profils disponibles: lotfi)
Platform: Windows 7 Professional Service Pack 1 (X64) Langue: Français (France)
Internet Explorer Version 11 (Navigateur par défaut: Chrome)
Mode d'amorçage: Normal
Tutoriel pour Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processus (Avec liste blanche) =================
(Si un élément est inclus dans le fichier fixlist.txt, le processus sera arrêté. Le fichier ne sera pas déplacé.)
(IDT, Inc.) C:\Program Files\IDT\WDM\stacsv64.exe
(Hewlett-Packard Company) C:\Windows\System32\hpservice.exe
(QIHU 360 SOFTWARE CO. LIMITED) C:\Program Files (x86)\360\Total Security\safemon\QHActiveDefense.exe
(Andrea Electronics Corporation) C:\Program Files\IDT\WDM\AESTSr64.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
(WIBU-SYSTEMS AG) C:\Program Files (x86)\CodeMeter\Runtime\bin\CodeMeter.exe
(QIHU 360 SOFTWARE CO. LIMITED) C:\Program Files (x86)\360\Total Security\safemon\QHWatchdog.exe
(QIHU 360 SOFTWARE CO. LIMITED) C:\Program Files (x86)\360\Total Security\safemon\QHSafeTray.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Tonec Inc.) C:\Program Files (x86)\Internet Download Manager\IDMan.exe
(Tonec Inc.) C:\Program Files (x86)\Internet Download Manager\IEMonitor.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
==================== Registre (Avec liste blanche) ====================
(Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé. Le fichier ne sera pas déplacé.)
HKLM\...\Run: [SysTrayApp] => C:\Program Files\IDT\WDM\sttray64.exe [1664000 2012-10-24] (IDT, Inc.)
HKLM\...\Run: [CNAP2 Launcher] => C:\Windows\system32\spool\DRIVERS\x64\3\CNAP2LAK.EXE [226784 2010-10-14] (CANON INC.)
HKLM-x32\...\Run: [QHSafeTray] => C:\Program Files (x86)\360\Total Security\safemon\QHSafeTray.exe [1940904 2017-03-03] (QIHU 360 SOFTWARE CO. LIMITED)
HKU\S-1-5-21-321665254-2048846640-27385967-1000\...\Run: [EPSON Stylus C91 Series] => C:\Windows\system32\spool\DRIVERS\x64\3\E_IATIBZR.EXE [213504 2007-10-05] (SEIKO EPSON CORPORATION)
HKU\S-1-5-21-321665254-2048846640-27385967-1000\...\Run: [IDMan] => C:\Program Files (x86)\Internet Download Manager\IDMan.exe [3301376 2011-03-11] (Tonec Inc.)
HKU\S-1-5-21-321665254-2048846640-27385967-1000\...\MountPoints2: {6327974c-d333-11e5-bb07-806e6f6e6963} - F:\DriverPackSolution.exe
ShellIconOverlayIdentifiers: [IDM Shell Extension] -> {CDC95B92-E27C-4745-A8C5-64A52A78855D} => C:\Program Files (x86)\Internet Download Manager\IDMShellExt64.dll [2012-11-15] (Tonec Inc.)
BootExecute:
GroupPolicy: Restriction <======= ATTENTION
GroupPolicy\User: Restriction <======= ATTENTION
==================== Internet (Avec liste blanche) ====================
(Si un élément est inclus dans le fichier fixlist.txt, s'il s'agit d'un élément du Registre, il sera supprimé ou restauré à la valeur par défaut.)
Hosts: 127.0.0.1 www.internetdownloadmanager.com
Tcpip\Parameters: [DhcpNameServer] 192.168.8.1 192.168.8.1
Tcpip\..\Interfaces\{8BA5AA50-FA37-474A-86F8-798D77D7A9EB}: [DhcpNameServer] 192.168.8.1 192.168.8.1
Internet Explorer:
==================
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Local Page =
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [2010-03-25] (Microsoft Corporation)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2010-02-28] (Microsoft Corporation)
BHO: SafeMon Class -> {B69F34DD-F0F9-42DC-9EDD-957187DA688D} -> C:\Program Files (x86)\360\Total Security\safemon\safemon64.dll [2017-03-03] (Qihu 360 Software Co., Ltd.)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL [2010-03-25] (Microsoft Corporation)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2010-02-28] (Microsoft Corporation)
BHO-x32: SafeMon Class -> {B69F34DD-F0F9-42DC-9EDD-957187DA688D} -> C:\Program Files (x86)\360\Total Security\safemon\safemon.dll [2017-03-03] (Qihu 360 Software Co., Ltd.)
Filter: video/mp4 - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files\AMD\SteadyVideo\VideoMIMEFilter.dll [2011-06-07] (Advanced Micro Devices)
Filter-x32: video/mp4 - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files (x86)\amd\SteadyVideo\VideoMIMEFilter.dll [2011-06-07] (Advanced Micro Devices)
Filter: video/x-flv - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files\AMD\SteadyVideo\VideoMIMEFilter.dll [2011-06-07] (Advanced Micro Devices)
Filter-x32: video/x-flv - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files (x86)\amd\SteadyVideo\VideoMIMEFilter.dll [2011-06-07] (Advanced Micro Devices)
FireFox:
========
FF DefaultProfile: ojr1k0jo.default
FF ProfilePath: C:\Users\lotfi\AppData\Roaming\Mozilla\Firefox\Profiles\ojr1k0jo.default [2017-04-20]
FF DefaultSearchEngine: Mozilla\Firefox\Profiles\ojr1k0jo.default -> Google
FF Extension: (Спутник @Mail.Ru) - C:\Users\lotfi\AppData\Roaming\Mozilla\Firefox\Profiles\ojr1k0jo.default\Extensions\{37964A3C-4EE8-47b1-8321-34DE2C39BA4D} [2016-08-04] [non signé]
FF Extension: (Disable Prefetch) - C:\Users\lotfi\AppData\Roaming\Mozilla\Firefox\Profiles\ojr1k0jo.default\features\{07733378-6ace-41e7-a8d6-9f2df6832e03}\disable-prefetch@mozilla.org.xpi [2017-04-12]
FF Extension: (Site Deployment Checker) - C:\Program Files (x86)\Mozilla Firefox\browser\features\deployment-checker@mozilla.org.xpi [2017-03-29] [non signé]
FF HKLM-x32\...\Firefox\Extensions: [WebProtection@360safe.com] - C:\Program Files (x86)\360\Total Security\safemon\webprotection_firefox
FF Extension: (360 Internet Protection) - C:\Program Files (x86)\360\Total Security\safemon\webprotection_firefox [2017-01-28] [non signé]
FF HKU\S-1-5-21-321665254-2048846640-27385967-1000\...\Firefox\Extensions: [mozilla_cc2@internetdownloadmanager.com] - C:\Program Files (x86)\Tonec Inc., Copyright © 1999 - 2015\Internet Download Manager\idmmzcc2.xpi => non trouvé(e)
FF HKU\S-1-5-21-321665254-2048846640-27385967-1000\...\Firefox\Extensions: [mozilla_cc@internetdownloadmanager.com] - C:\Users\lotfi\AppData\Roaming\IDM\idmmzcc3
FF Extension: (IDM CC) - C:\Users\lotfi\AppData\Roaming\IDM\idmmzcc3 [2016-09-06] [non signé]
FF HKU\S-1-5-21-321665254-2048846640-27385967-1000\...\SeaMonkey\Extensions: [mozilla_cc@internetdownloadmanager.com] - C:\Users\lotfi\AppData\Roaming\IDM\idmmzcc3
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_18_0_0_232.dll [2015-08-11] ()
FF Plugin: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.fdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [Pas de fichier]
FF Plugin: @microsoft.com/GENUINE -> C:\Windows\system32\Wat\npWatWeb.dll [2016-03-19] (Microsoft Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.50901.0\npctrl.dll [2016-08-31] ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @adobe.com/AuthorwarePlayer -> C:\Windows\system32\Macromed\AUTHORWA\np32asw.dll [Pas de fichier]
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_18_0_0_232.dll [2015-08-11] ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\system32\Adobe\Director\np32dsw_1220162.dll [Pas de fichier]
FF Plugin-x32: @microsoft.com/GENUINE -> C:\Windows\system32\Wat\npWatWeb.dll [2016-03-19] (Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.50901.0\npctrl.dll [2016-08-31] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.3\npGoogleUpdate3.dll [2017-04-10] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.3\npGoogleUpdate3.dll [2017-04-10] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.1.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.4 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2017-04-05] (Adobe Systems Inc.)
Chrome:
=======
CHR Profile: C:\Users\lotfi\AppData\Local\Google\Chrome\User Data\Default [2017-04-20]
CHR Extension: (internet Download Manager For Chrome) - C:\Users\lotfi\AppData\Local\Google\Chrome\User Data\Default\Extensions\blhjobkfabeopalncconblmakfcllmhk [2017-04-14]
CHR Extension: (The “Howl” Heard Round the World) - C:\Users\lotfi\AppData\Local\Google\Chrome\User Data\Default\Extensions\docaaggbjgefhliaandfhlddlgbpmgnc [2017-04-18]
CHR Extension: (Downloads Manager) - C:\Users\lotfi\AppData\Local\Google\Chrome\User Data\Default\Extensions\ebcdgpnndibhdmgcbbfmhfpdpcljibbp [2017-04-18]
CHR Extension: (Adobe Acrobat) - C:\Users\lotfi\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2017-03-03]
CHR Extension: (Happy Wheels and More.) - C:\Users\lotfi\AppData\Local\Google\Chrome\User Data\Default\Extensions\fbdmaipjgejfiiopomakaklbclnbomif [2017-03-07]
CHR Extension: (Google Docs hors connexion) - C:\Users\lotfi\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-03-16]
CHR Extension: (AdBlock) - C:\Users\lotfi\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2017-04-13]
CHR Extension: (Perceptual Ad Highlighter) - C:\Users\lotfi\AppData\Local\Google\Chrome\User Data\Default\Extensions\mahgiflleahghaapkboihnbhdplhnchp [2017-04-19]
CHR Extension: (Chrome Media Router) - C:\Users\lotfi\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-04-04]
CHR HKLM\...\Chrome\Extension: [ngpampappnmepgilojfohadhhmbhlaek] - C:\Program Files (x86)\Tonec Inc., Copyright © 1999 - 2015\Internet Download Manager\IDMGCExt.crx
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [ngpampappnmepgilojfohadhhmbhlaek] - C:\Program Files (x86)\Tonec Inc., Copyright © 1999 - 2015\Internet Download Manager\IDMGCExt.crx
==================== Services (Avec liste blanche) ====================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
R2 AESTFilters; C:\Program Files\IDT\WDM\AESTSr64.exe [89600 2009-03-02] (Andrea Electronics Corporation) [Fichier non signé]
S3 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [344064 2014-09-15] (Advanced Micro Devices, Inc.) [Fichier non signé]
S3 Everything; C:\Program Files (x86)\Everything\Everything.exe [1048576 2014-08-06] () [Fichier non signé]
S3 Lenovo EasyPlus Hotspot; C:\Program Files (x86)\Common Files\LENOVO\easyplussdk\bin\EPHotspot64.exe [625648 2015-06-08] (Lenovo)
S3 LiveUpdateSvc; C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe [3046688 2016-07-29] (IObit)
R2 QHActiveDefense; C:\Program Files (x86)\360\Total Security\safemon\QHActiveDefense.exe [928168 2017-03-03] (QIHU 360 SOFTWARE CO. LIMITED)
S3 ShareItSvc; C:\Program Files (x86)\SHAREit\SHAREit\Shareit.Service.exe [31704 2016-03-31] (SHAREit Technologies Co.Ltd)
R2 STacSV; C:\Program Files\IDT\WDM\STacSV64.exe [327680 2012-10-24] (IDT, Inc.) [Fichier non signé]
R2 SynTPEnhService; C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe [246376 2016-06-29] (Synaptics Incorporated)
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
S2 CG6Service; "C:\Program Files\CyberGhost 6\CyberGhost.Service.exe" [X]
===================== Pilotes (Avec liste blanche) ======================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
S3 360AntiHacker; C:\Windows\System32\Drivers\360AntiHacker64.sys [151784 2017-03-03] (360.cn)
S3 360AvFlt; C:\Windows\System32\DRIVERS\360AvFlt.sys [86248 2017-03-03] (360.cn)
S3 360AvFlt; C:\Windows\SysWOW64\DRIVERS\360AvFlt.sys [86248 2017-03-03] (360.cn)
R1 360Box64; C:\Windows\System32\DRIVERS\360Box64.sys [330472 2017-03-03] (360.cn)
R1 360Camera; C:\Windows\System32\Drivers\360Camera64.sys [40520 2015-09-06] (360.cn)
R1 360FsFlt; C:\Windows\System32\DRIVERS\360FsFlt.sys [391392 2017-03-03] (360.cn)
R2 AODDriver4.3; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [59616 2014-02-11] (Advanced Micro Devices)
R1 BAPIDRV; C:\Windows\System32\DRIVERS\BAPIDRV64.sys [188864 2017-03-03] (360.cn)
R1 HWiNFO32; C:\Windows\SysWOW64\drivers\HWiNFO64A.SYS [26528 2016-02-25] (REALiX(tm))
S3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [192216 2017-03-12] (Malwarebytes)
R3 SPUVCbv; C:\Windows\System32\Drivers\SPUVCbv64.sys [735744 2016-07-06] (Sunplus)
R3 taphss6; C:\Windows\System32\DRIVERS\taphss6.sys [42064 2017-03-21] (Anchorfree Inc.)
S3 cpuz134; \??\C:\Users\lotfi\AppData\Local\Temp\cpuz134\cpuz134_x64.sys [X] <==== ATTENTION
S3 cpuz137; \??\C:\Users\lotfi\AppData\Local\Temp\cpuz137\cpuz137_x64.sys [X] <==== ATTENTION
S3 vmci; \SystemRoot\system32\DRIVERS\vmci.sys [X]
S3 VMnetAdapter; system32\DRIVERS\vmnetadapter.sys [X]
==================== NetSvcs (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
==================== Un mois - Créés - fichiers et dossiers ========
(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)
2017-04-20 19:23 - 2017-04-20 19:24 - 00016000 _____ C:\Users\lotfi\Desktop\FRST.txt
2017-04-20 19:23 - 2017-04-20 19:23 - 00000000 ____D C:\Users\lotfi\Desktop\FRST-OlderVersion
2017-04-20 19:18 - 2017-04-20 19:23 - 02424832 _____ (Farbar) C:\Users\lotfi\Desktop\FRST64.exe
2017-04-20 19:14 - 2017-04-20 19:13 - 00000407 _____ C:\Users\lotfi\Desktop\report_20170420_190554.klr.enc1
2017-04-20 19:05 - 2017-04-20 19:05 - 113099232 _____ (Kaspersky Lab ZAO) C:\Users\lotfi\Desktop\KVRT.exe
2017-04-20 19:05 - 2017-04-20 19:05 - 00000000 ____D C:\KVRT_Data
2017-04-20 18:10 - 2017-04-20 18:10 - 00367256 _____ C:\Users\lotfi\AppData\Local\GDIPFONTCACHEV1.DAT
2017-04-20 17:40 - 2017-04-20 17:40 - 00000000 ____H C:\ProgramData\cm-lock
2017-04-20 17:39 - 2017-04-20 17:39 - 00926096 _____ C:\Windows\system32\FNTCACHE.DAT
2017-04-20 14:34 - 2017-04-20 14:44 - 00000000 ____D C:\AdwCleaner
2017-04-20 14:25 - 2017-04-20 14:26 - 02030536 _____ (Bleeping Computer, LLC) C:\Users\lotfi\Downloads\rkill.com
2017-04-20 00:24 - 2017-04-20 00:26 - 07290880 _____ C:\Users\lotfi\Downloads\CimaClub.Com.Sleepless.2017.720p.WEB-DL.mkv.crdownload
2017-04-20 00:15 - 2017-04-20 03:50 - 732505519 _____ C:\Users\lotfi\Desktop\CimaClub.Com.Sully.2016.720p.BluRay.mkv
2017-04-19 19:52 - 2017-04-19 19:56 - 02772446 _____ C:\Users\lotfi\Downloads\بار بوانت رسالة الماجيستير النهائي.pdf
2017-04-19 14:31 - 2017-04-19 20:26 - 942165032 _____ C:\Users\lotfi\Desktop\CimaClub.Com.Split.2016.720p.BluRay.mkv
2017-04-19 13:45 - 2017-04-20 19:23 - 00000000 ____D C:\FRST
2017-04-19 12:14 - 2017-04-19 12:14 - 00241907 _____ C:\Users\lotfi\Desktop\1021-1059-1-PB.pdf
2017-04-18 22:56 - 2017-04-18 22:56 - 00408136 _____ C:\Users\lotfi\Downloads\idmmzcc (7).xpi
2017-04-18 22:56 - 2017-04-18 22:56 - 00408136 _____ C:\Users\lotfi\Downloads\idmmzcc (6).xpi
2017-04-18 22:55 - 2017-04-18 22:55 - 00408136 _____ C:\Users\lotfi\Downloads\idmmzcc (5).xpi
2017-04-18 22:55 - 2017-04-18 22:55 - 00408136 _____ C:\Users\lotfi\Downloads\idmmzcc (4).xpi
2017-04-18 22:54 - 2017-04-18 22:54 - 00408136 _____ C:\Users\lotfi\Downloads\idmmzcc (3).xpi
2017-04-18 22:54 - 2017-04-18 22:54 - 00408136 _____ C:\Users\lotfi\Downloads\idmmzcc (2).xpi
2017-04-18 22:53 - 2017-04-18 22:53 - 00408136 _____ C:\Users\lotfi\Downloads\idmmzcc (1).xpi
2017-04-18 22:10 - 2017-04-18 22:11 - 01551872 _____ C:\Users\lotfi\Downloads\pwrpnt Fatcho (1).ppt
2017-04-18 22:09 - 2017-04-18 22:10 - 01551872 _____ C:\Users\lotfi\Downloads\pwrpnt Fatcho.ppt
2017-04-17 22:58 - 2017-04-17 22:58 - 00000000 ____D C:\Users\lotfi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Winnydows
2017-04-17 22:58 - 2017-04-17 22:58 - 00000000 ____D C:\Temp
2017-04-17 22:58 - 2017-04-17 22:58 - 00000000 ____D C:\Program Files (x86)\Winnydows
2017-04-17 22:58 - 2017-04-17 22:58 - 00000000 ____D C:\Program Files (x86)\AviSynth 2.5
2017-04-17 22:49 - 2017-04-17 22:57 - 20232335 _____ C:\Users\lotfi\Downloads\HussamSalama.XviD4PSP_5036_full.rar
2017-04-17 22:35 - 2017-04-17 22:35 - 00009014 _____ C:\Users\lotfi\Downloads\the-simpsons-thirteenth-season_arabic-403688 (1).zip
2017-04-17 22:34 - 2017-04-17 22:34 - 00009014 _____ C:\Users\lotfi\Downloads\the-simpsons-thirteenth-season_arabic-403688.zip
2017-04-17 22:19 - 2017-04-17 22:19 - 00011494 _____ C:\Users\lotfi\Downloads\the-simpsons-thirteenth-season_arabic-403514 (2).zip
2017-04-17 22:19 - 2017-04-17 22:19 - 00011494 _____ C:\Users\lotfi\Downloads\the-simpsons-thirteenth-season_arabic-403514 (1).zip
2017-04-17 22:18 - 2017-04-17 22:19 - 00011494 _____ C:\Users\lotfi\Downloads\the-simpsons-thirteenth-season_arabic-403514.zip
2017-04-15 13:18 - 2017-04-15 13:18 - 04019578 _____ C:\Users\lotfi\Desktop\UNISCI DP 25 - NUMERO ENTERO (1).pdf
2017-04-15 12:57 - 2017-04-15 12:58 - 01204856 _____ (Adobe Systems Incorporated) C:\Users\lotfi\Downloads\readerdc_fr_ka_cra_install.exe
2017-04-14 13:58 - 2017-04-15 13:20 - 00000600 _____ C:\Users\lotfi\PUTTY.RND
2017-04-14 12:03 - 2017-04-14 12:03 - 00002067 _____ C:\Users\lotfi\Desktop\Cleanup.lnk
2017-04-14 10:56 - 2017-04-14 12:06 - 00000000 ____D C:\Program Files\CyberGhost 6
2017-04-14 10:56 - 2017-04-14 10:58 - 00000000 ____D C:\Program Files\TAP-Windows
2017-04-13 10:46 - 2017-04-13 10:46 - 00667203 _____ C:\Users\lotfi\Downloads\Document 5.pdf
2017-04-12 20:00 - 2017-04-12 20:00 - 00209108 _____ C:\Users\lotfi\Downloads\correspondance N° 542 version arabe.pdf
2017-04-12 15:18 - 2017-04-12 15:18 - 00002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2017-04-12 15:18 - 2017-04-12 15:18 - 00002047 _____ C:\Users\Public\Desktop\Acrobat Reader DC.lnk
2017-04-12 13:58 - 2017-04-12 13:58 - 00181991 _____ C:\Users\lotfi\Downloads\Turkey Vision 2023.pptx
2017-04-10 22:59 - 2017-04-10 22:59 - 01554037 _____ C:\Users\lotfi\Desktop\Putin Vs Putin Vladimir Putin Viewed From The Right.pdf
2017-04-10 22:55 - 2017-04-10 22:55 - 01554037 _____ C:\Users\lotfi\Downloads\Putin Vs Putin Vladimir Putin Viewed From The Right.pdf
2017-04-10 22:54 - 2017-04-10 22:54 - 11558007 _____ C:\Users\lotfi\Desktop\الاستراتيجية _ الايرانية _ في _ الخليج_العربي - (1).pdf
2017-04-10 22:50 - 2017-04-10 22:50 - 13804954 _____ C:\Users\lotfi\Desktop\من نحن.pdf
2017-04-10 22:49 - 2017-04-10 22:53 - 11558007 _____ C:\Users\lotfi\Downloads\الاستراتيجية _ الايرانية _ في _ الخليج_العربي - (1).pdf
2017-04-10 17:56 - 2017-04-10 18:02 - 13804954 _____ C:\Users\lotfi\Downloads\من نحن.pdf
2017-04-10 17:48 - 2017-04-10 17:48 - 03633231 _____ C:\Users\lotfi\Desktop\الجغرافيا السياسية والجغرافيا الاستراتيجية .. بيير سيليرييه.pdf
2017-04-10 17:45 - 2017-04-10 17:46 - 03633231 _____ C:\Users\lotfi\Downloads\الجغرافيا السياسية والجغرافيا الاستراتيجية .. بيير سيليرييه.pdf
2017-04-10 17:33 - 2017-04-10 17:34 - 00134194 _____ C:\Users\lotfi\Desktop\aljir.pdf
2017-04-10 17:30 - 2017-04-10 17:38 - 15085844 _____ C:\Users\lotfi\Downloads\قوة الدولية دراسات جيواستراتيجية.pdf
2017-04-10 16:40 - 2017-04-12 18:12 - 00000000 ____D C:\Users\lotfi\Desktop\ذكرة تخرج
2017-04-10 16:22 - 2017-04-10 16:22 - 00491930 _____ C:\Users\lotfi\Downloads\Consolidated Review - 2014.80 (2).pdf
2017-04-09 14:37 - 2017-04-09 14:37 - 00491930 _____ C:\Users\lotfi\Downloads\Consolidated Review - 2014.80 (1).pdf
2017-04-07 22:01 - 2017-04-07 22:02 - 12049459 _____ C:\Users\lotfi\Desktop\مصدق والصراع على السلطة في إيران.pdf
2017-04-07 14:37 - 2017-04-07 14:37 - 03306391 _____ C:\Users\lotfi\Desktop\130612_turk_casp_chap9 (1).pdf
2017-04-07 14:28 - 2017-04-07 14:28 - 03306391 _____ C:\Users\lotfi\Desktop\130612_turk_casp_chap9.pdf
2017-04-07 12:39 - 2017-04-07 12:39 - 00490613 _____ C:\Users\lotfi\Downloads\Classification of scientific journals in Algeria.pdf
2017-04-07 11:33 - 2017-04-07 11:34 - 01862733 _____ C:\Users\lotfi\Downloads\الأبعاد الجيوستراتيجية للسياستين الإيرانية والتركية حيال سورية - علي باكير- محرر.pdf
2017-04-04 12:43 - 2017-04-04 12:48 - 04826039 _____ C:\Users\lotfi\Downloads\بار بوانت النهائي.pptx
2017-04-02 10:38 - 2017-04-02 10:42 - 13090181 _____ C:\Users\lotfi\Downloads\title_list.xlsx
2017-04-01 19:15 - 2017-04-01 19:16 - 00966144 _____ C:\Users\lotfi\Downloads\043c00e6c7ff021e8cc4d394d3264cb5-original (1).ppt
2017-04-01 19:12 - 2017-04-01 19:14 - 06754092 _____ C:\Users\lotfi\Downloads\brochure 64 pages.ppsx
2017-03-31 22:24 - 2017-04-19 11:30 - 01479680 _____ C:\Users\lotfi\Desktop\lotfi.ppt
2017-03-31 19:41 - 2017-03-31 19:41 - 00966144 _____ C:\Users\lotfi\Downloads\043c00e6c7ff021e8cc4d394d3264cb5-original.ppt
2017-03-31 15:27 - 2017-03-31 15:29 - 07319858 _____ C:\Users\lotfi\Downloads\HRDISCUSSION.COM_50.Powerpoint-1.rar
2017-03-21 11:33 - 2017-03-21 11:33 - 00042064 _____ (Anchorfree Inc.) C:\Windows\system32\Drivers\taphss6.sys
==================== Un mois - Modifiés - fichiers et dossiers ========
(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)
2017-04-20 19:16 - 2016-03-03 22:19 - 00000000 ____D C:\Users\lotfi\AppData\Roaming\DMCache
2017-04-20 19:14 - 2009-07-14 04:45 - 00025504 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2017-04-20 19:14 - 2009-07-14 04:45 - 00025504 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2017-04-20 17:51 - 2017-01-28 10:20 - 00000000 ____D C:\Users\lotfi\AppData\LocalLow\360WD
2017-04-20 17:49 - 2016-02-14 22:34 - 00000000 ____D C:\Users\lotfi\AppData\Roaming\vlc
2017-04-20 17:47 - 2011-04-12 09:16 - 00747154 _____ C:\Windows\system32\perfh00C.dat
2017-04-20 17:47 - 2011-04-12 09:16 - 00149646 _____ C:\Windows\system32\perfc00C.dat
2017-04-20 17:47 - 2009-07-14 05:13 - 01667292 _____ C:\Windows\system32\PerfStringBackup.INI
2017-04-20 17:47 - 2009-07-14 03:20 - 00000000 ____D C:\Windows\inf
2017-04-20 17:40 - 2009-07-14 05:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2017-04-20 14:44 - 2016-02-25 11:39 - 00000000 ____D C:\ProgramData\IObit
2017-04-20 14:44 - 2016-02-25 11:39 - 00000000 ____D C:\Program Files (x86)\IObit
2017-04-20 14:43 - 2016-09-17 14:51 - 00000000 ____D C:\ProgramData\Lavasoft
2017-04-20 14:43 - 2016-02-25 11:44 - 00000000 ____D C:\Users\lotfi\AppData\LocalLow\IObit
2017-04-20 14:43 - 2016-02-25 11:39 - 00000000 ____D C:\Users\lotfi\AppData\Roaming\IObit
2017-04-20 13:01 - 2016-08-20 12:18 - 00000000 ____D C:\Users\lotfi\Desktop\revue
2017-04-20 12:19 - 2016-12-09 10:11 - 00000000 ____D C:\Users\lotfi\Desktop\English 2.0
2017-04-20 10:26 - 2016-03-17 08:10 - 00004476 _____ C:\Windows\System32\Tasks\Adobe Acrobat Update Task
2017-04-20 10:22 - 2017-02-28 11:34 - 00000000 ____D C:\Users\lotfi\Desktop\Spain
2017-04-19 21:58 - 2016-11-02 17:08 - 00000000 ____D C:\Users\lotfi\Desktop\Serbia
2017-04-19 14:19 - 2016-12-13 11:46 - 00000000 ____D C:\Users\lotfi\AppData\LocalLow\Mozilla
2017-04-19 11:56 - 2016-10-07 15:58 - 00000000 ____D C:\Users\lotfi\Desktop\UGR
2017-04-18 22:56 - 2016-03-03 22:19 - 00000000 ____D C:\Program Files (x86)\Internet Download Manager
2017-04-15 13:00 - 2016-02-19 22:58 - 00000000 ____D C:\Users\lotfi\AppData\Local\Adobe
2017-04-15 00:31 - 2016-10-24 17:59 - 00000000 ____D C:\Users\lotfi\AppData\Roaming\Everything
2017-04-14 13:58 - 2016-03-03 22:19 - 00000000 ____D C:\Users\lotfi\Downloads\Compressed
2017-04-14 13:58 - 2016-02-14 16:03 - 00000000 ____D C:\Users\lotfi
2017-04-14 13:21 - 2017-01-28 10:21 - 00000000 ____D C:\ProgramData\360Quarant
2017-04-14 13:21 - 2016-03-03 22:19 - 00000000 ____D C:\Users\lotfi\AppData\Roaming\IDM
2017-04-14 12:49 - 2016-06-02 17:53 - 00000000 ____D C:\ProgramData\Package Cache
2017-04-12 18:19 - 2017-03-15 23:21 - 00000000 ____D C:\Users\lotfi\Desktop\Nouveau dossier (4)
2017-04-10 23:17 - 2016-02-17 19:14 - 00003502 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2017-04-10 23:17 - 2016-02-17 19:14 - 00003374 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2017-04-10 16:39 - 2016-02-19 18:57 - 00000000 __SHD C:\$360Section
2017-04-07 21:49 - 2017-03-20 13:29 - 00000000 ____D C:\Users\lotfi\Desktop\Book
2017-04-07 15:38 - 2016-02-19 11:22 - 00000000 ____D C:\Windows\Tasks\360Disabled
2017-04-04 07:25 - 2016-02-17 19:31 - 00002193 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2017-04-04 07:25 - 2016-02-17 19:31 - 00002181 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2017-04-02 11:41 - 2016-04-04 21:58 - 00000000 ____D C:\Users\lotfi\Desktop\Nouveau dossier
2017-03-29 18:45 - 2016-07-02 23:28 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2017-03-21 20:01 - 2017-01-28 10:20 - 00000000 ____D C:\ProgramData\360TotalSecurity
==================== Fichiers à la racine de certains dossiers =======
2016-08-04 10:14 - 2016-08-04 10:15 - 0341504 _____ () C:\Users\lotfi\AppData\Roaming\wsrv_bbd498.dat
2017-04-20 17:40 - 2017-04-20 17:40 - 0000000 ____H () C:\ProgramData\cm-lock
==================== Bamital & volsnap ======================
(Il n'y a pas de correction automatique pour les fichiers qui ne satisfont pas à la vérification.)
C:\Windows\system32\winlogon.exe => Le fichier est signé numériquement
C:\Windows\system32\wininit.exe => Le fichier est signé numériquement
C:\Windows\SysWOW64\wininit.exe => Le fichier est signé numériquement
C:\Windows\explorer.exe => Le fichier est signé numériquement
C:\Windows\SysWOW64\explorer.exe => Le fichier est signé numériquement
C:\Windows\system32\svchost.exe => Le fichier est signé numériquement
C:\Windows\SysWOW64\svchost.exe => Le fichier est signé numériquement
C:\Windows\system32\services.exe => Le fichier est signé numériquement
C:\Windows\system32\User32.dll
[2016-03-03 19:13] - [2016-04-04 15:05] - 1008640 ____A (Microsoft Corporation) 2C353B6CE0C8D03225CAA2AF33B68D79
C:\Windows\SysWOW64\User32.dll
[2016-03-03 19:13] - [2016-04-04 15:05] - 0833024 ____A (Microsoft Corporation) 861C4346F9281DC0380DE72C8D55D6BE
C:\Windows\system32\userinit.exe => Le fichier est signé numériquement
C:\Windows\SysWOW64\userinit.exe => Le fichier est signé numériquement
C:\Windows\system32\rpcss.dll => Le fichier est signé numériquement
C:\Windows\system32\dnsapi.dll => Le fichier est signé numériquement
C:\Windows\SysWOW64\dnsapi.dll => Le fichier est signé numériquement
C:\Windows\system32\Drivers\volsnap.sys => Le fichier est signé numériquement
LastRegBack: 2017-04-20 18:27
==================== Fin de FRST.txt ============================
Exécuté par lotfi (administrateur) sur LOTFI-PC (20-04-2017 19:23:50)
Exécuté depuis C:\Users\lotfi\Desktop
Profils chargés: lotfi (Profils disponibles: lotfi)
Platform: Windows 7 Professional Service Pack 1 (X64) Langue: Français (France)
Internet Explorer Version 11 (Navigateur par défaut: Chrome)
Mode d'amorçage: Normal
Tutoriel pour Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processus (Avec liste blanche) =================
(Si un élément est inclus dans le fichier fixlist.txt, le processus sera arrêté. Le fichier ne sera pas déplacé.)
(IDT, Inc.) C:\Program Files\IDT\WDM\stacsv64.exe
(Hewlett-Packard Company) C:\Windows\System32\hpservice.exe
(QIHU 360 SOFTWARE CO. LIMITED) C:\Program Files (x86)\360\Total Security\safemon\QHActiveDefense.exe
(Andrea Electronics Corporation) C:\Program Files\IDT\WDM\AESTSr64.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
(WIBU-SYSTEMS AG) C:\Program Files (x86)\CodeMeter\Runtime\bin\CodeMeter.exe
(QIHU 360 SOFTWARE CO. LIMITED) C:\Program Files (x86)\360\Total Security\safemon\QHWatchdog.exe
(QIHU 360 SOFTWARE CO. LIMITED) C:\Program Files (x86)\360\Total Security\safemon\QHSafeTray.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Tonec Inc.) C:\Program Files (x86)\Internet Download Manager\IDMan.exe
(Tonec Inc.) C:\Program Files (x86)\Internet Download Manager\IEMonitor.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
==================== Registre (Avec liste blanche) ====================
(Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé. Le fichier ne sera pas déplacé.)
HKLM\...\Run: [SysTrayApp] => C:\Program Files\IDT\WDM\sttray64.exe [1664000 2012-10-24] (IDT, Inc.)
HKLM\...\Run: [CNAP2 Launcher] => C:\Windows\system32\spool\DRIVERS\x64\3\CNAP2LAK.EXE [226784 2010-10-14] (CANON INC.)
HKLM-x32\...\Run: [QHSafeTray] => C:\Program Files (x86)\360\Total Security\safemon\QHSafeTray.exe [1940904 2017-03-03] (QIHU 360 SOFTWARE CO. LIMITED)
HKU\S-1-5-21-321665254-2048846640-27385967-1000\...\Run: [EPSON Stylus C91 Series] => C:\Windows\system32\spool\DRIVERS\x64\3\E_IATIBZR.EXE [213504 2007-10-05] (SEIKO EPSON CORPORATION)
HKU\S-1-5-21-321665254-2048846640-27385967-1000\...\Run: [IDMan] => C:\Program Files (x86)\Internet Download Manager\IDMan.exe [3301376 2011-03-11] (Tonec Inc.)
HKU\S-1-5-21-321665254-2048846640-27385967-1000\...\MountPoints2: {6327974c-d333-11e5-bb07-806e6f6e6963} - F:\DriverPackSolution.exe
ShellIconOverlayIdentifiers: [IDM Shell Extension] -> {CDC95B92-E27C-4745-A8C5-64A52A78855D} => C:\Program Files (x86)\Internet Download Manager\IDMShellExt64.dll [2012-11-15] (Tonec Inc.)
BootExecute:
GroupPolicy: Restriction <======= ATTENTION
GroupPolicy\User: Restriction <======= ATTENTION
==================== Internet (Avec liste blanche) ====================
(Si un élément est inclus dans le fichier fixlist.txt, s'il s'agit d'un élément du Registre, il sera supprimé ou restauré à la valeur par défaut.)
Hosts: 127.0.0.1 www.internetdownloadmanager.com
Tcpip\Parameters: [DhcpNameServer] 192.168.8.1 192.168.8.1
Tcpip\..\Interfaces\{8BA5AA50-FA37-474A-86F8-798D77D7A9EB}: [DhcpNameServer] 192.168.8.1 192.168.8.1
Internet Explorer:
==================
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Local Page =
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [2010-03-25] (Microsoft Corporation)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2010-02-28] (Microsoft Corporation)
BHO: SafeMon Class -> {B69F34DD-F0F9-42DC-9EDD-957187DA688D} -> C:\Program Files (x86)\360\Total Security\safemon\safemon64.dll [2017-03-03] (Qihu 360 Software Co., Ltd.)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL [2010-03-25] (Microsoft Corporation)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2010-02-28] (Microsoft Corporation)
BHO-x32: SafeMon Class -> {B69F34DD-F0F9-42DC-9EDD-957187DA688D} -> C:\Program Files (x86)\360\Total Security\safemon\safemon.dll [2017-03-03] (Qihu 360 Software Co., Ltd.)
Filter: video/mp4 - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files\AMD\SteadyVideo\VideoMIMEFilter.dll [2011-06-07] (Advanced Micro Devices)
Filter-x32: video/mp4 - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files (x86)\amd\SteadyVideo\VideoMIMEFilter.dll [2011-06-07] (Advanced Micro Devices)
Filter: video/x-flv - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files\AMD\SteadyVideo\VideoMIMEFilter.dll [2011-06-07] (Advanced Micro Devices)
Filter-x32: video/x-flv - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files (x86)\amd\SteadyVideo\VideoMIMEFilter.dll [2011-06-07] (Advanced Micro Devices)
FireFox:
========
FF DefaultProfile: ojr1k0jo.default
FF ProfilePath: C:\Users\lotfi\AppData\Roaming\Mozilla\Firefox\Profiles\ojr1k0jo.default [2017-04-20]
FF DefaultSearchEngine: Mozilla\Firefox\Profiles\ojr1k0jo.default -> Google
FF Extension: (Спутник @Mail.Ru) - C:\Users\lotfi\AppData\Roaming\Mozilla\Firefox\Profiles\ojr1k0jo.default\Extensions\{37964A3C-4EE8-47b1-8321-34DE2C39BA4D} [2016-08-04] [non signé]
FF Extension: (Disable Prefetch) - C:\Users\lotfi\AppData\Roaming\Mozilla\Firefox\Profiles\ojr1k0jo.default\features\{07733378-6ace-41e7-a8d6-9f2df6832e03}\disable-prefetch@mozilla.org.xpi [2017-04-12]
FF Extension: (Site Deployment Checker) - C:\Program Files (x86)\Mozilla Firefox\browser\features\deployment-checker@mozilla.org.xpi [2017-03-29] [non signé]
FF HKLM-x32\...\Firefox\Extensions: [WebProtection@360safe.com] - C:\Program Files (x86)\360\Total Security\safemon\webprotection_firefox
FF Extension: (360 Internet Protection) - C:\Program Files (x86)\360\Total Security\safemon\webprotection_firefox [2017-01-28] [non signé]
FF HKU\S-1-5-21-321665254-2048846640-27385967-1000\...\Firefox\Extensions: [mozilla_cc2@internetdownloadmanager.com] - C:\Program Files (x86)\Tonec Inc., Copyright © 1999 - 2015\Internet Download Manager\idmmzcc2.xpi => non trouvé(e)
FF HKU\S-1-5-21-321665254-2048846640-27385967-1000\...\Firefox\Extensions: [mozilla_cc@internetdownloadmanager.com] - C:\Users\lotfi\AppData\Roaming\IDM\idmmzcc3
FF Extension: (IDM CC) - C:\Users\lotfi\AppData\Roaming\IDM\idmmzcc3 [2016-09-06] [non signé]
FF HKU\S-1-5-21-321665254-2048846640-27385967-1000\...\SeaMonkey\Extensions: [mozilla_cc@internetdownloadmanager.com] - C:\Users\lotfi\AppData\Roaming\IDM\idmmzcc3
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_18_0_0_232.dll [2015-08-11] ()
FF Plugin: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.fdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [Pas de fichier]
FF Plugin: @microsoft.com/GENUINE -> C:\Windows\system32\Wat\npWatWeb.dll [2016-03-19] (Microsoft Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.50901.0\npctrl.dll [2016-08-31] ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @adobe.com/AuthorwarePlayer -> C:\Windows\system32\Macromed\AUTHORWA\np32asw.dll [Pas de fichier]
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_18_0_0_232.dll [2015-08-11] ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\system32\Adobe\Director\np32dsw_1220162.dll [Pas de fichier]
FF Plugin-x32: @microsoft.com/GENUINE -> C:\Windows\system32\Wat\npWatWeb.dll [2016-03-19] (Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.50901.0\npctrl.dll [2016-08-31] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.3\npGoogleUpdate3.dll [2017-04-10] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.3\npGoogleUpdate3.dll [2017-04-10] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.1.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.4 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2017-04-05] (Adobe Systems Inc.)
Chrome:
=======
CHR Profile: C:\Users\lotfi\AppData\Local\Google\Chrome\User Data\Default [2017-04-20]
CHR Extension: (internet Download Manager For Chrome) - C:\Users\lotfi\AppData\Local\Google\Chrome\User Data\Default\Extensions\blhjobkfabeopalncconblmakfcllmhk [2017-04-14]
CHR Extension: (The “Howl” Heard Round the World) - C:\Users\lotfi\AppData\Local\Google\Chrome\User Data\Default\Extensions\docaaggbjgefhliaandfhlddlgbpmgnc [2017-04-18]
CHR Extension: (Downloads Manager) - C:\Users\lotfi\AppData\Local\Google\Chrome\User Data\Default\Extensions\ebcdgpnndibhdmgcbbfmhfpdpcljibbp [2017-04-18]
CHR Extension: (Adobe Acrobat) - C:\Users\lotfi\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2017-03-03]
CHR Extension: (Happy Wheels and More.) - C:\Users\lotfi\AppData\Local\Google\Chrome\User Data\Default\Extensions\fbdmaipjgejfiiopomakaklbclnbomif [2017-03-07]
CHR Extension: (Google Docs hors connexion) - C:\Users\lotfi\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-03-16]
CHR Extension: (AdBlock) - C:\Users\lotfi\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2017-04-13]
CHR Extension: (Perceptual Ad Highlighter) - C:\Users\lotfi\AppData\Local\Google\Chrome\User Data\Default\Extensions\mahgiflleahghaapkboihnbhdplhnchp [2017-04-19]
CHR Extension: (Chrome Media Router) - C:\Users\lotfi\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-04-04]
CHR HKLM\...\Chrome\Extension: [ngpampappnmepgilojfohadhhmbhlaek] - C:\Program Files (x86)\Tonec Inc., Copyright © 1999 - 2015\Internet Download Manager\IDMGCExt.crx
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [ngpampappnmepgilojfohadhhmbhlaek] - C:\Program Files (x86)\Tonec Inc., Copyright © 1999 - 2015\Internet Download Manager\IDMGCExt.crx
==================== Services (Avec liste blanche) ====================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
R2 AESTFilters; C:\Program Files\IDT\WDM\AESTSr64.exe [89600 2009-03-02] (Andrea Electronics Corporation) [Fichier non signé]
S3 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [344064 2014-09-15] (Advanced Micro Devices, Inc.) [Fichier non signé]
S3 Everything; C:\Program Files (x86)\Everything\Everything.exe [1048576 2014-08-06] () [Fichier non signé]
S3 Lenovo EasyPlus Hotspot; C:\Program Files (x86)\Common Files\LENOVO\easyplussdk\bin\EPHotspot64.exe [625648 2015-06-08] (Lenovo)
S3 LiveUpdateSvc; C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe [3046688 2016-07-29] (IObit)
R2 QHActiveDefense; C:\Program Files (x86)\360\Total Security\safemon\QHActiveDefense.exe [928168 2017-03-03] (QIHU 360 SOFTWARE CO. LIMITED)
S3 ShareItSvc; C:\Program Files (x86)\SHAREit\SHAREit\Shareit.Service.exe [31704 2016-03-31] (SHAREit Technologies Co.Ltd)
R2 STacSV; C:\Program Files\IDT\WDM\STacSV64.exe [327680 2012-10-24] (IDT, Inc.) [Fichier non signé]
R2 SynTPEnhService; C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe [246376 2016-06-29] (Synaptics Incorporated)
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
S2 CG6Service; "C:\Program Files\CyberGhost 6\CyberGhost.Service.exe" [X]
===================== Pilotes (Avec liste blanche) ======================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
S3 360AntiHacker; C:\Windows\System32\Drivers\360AntiHacker64.sys [151784 2017-03-03] (360.cn)
S3 360AvFlt; C:\Windows\System32\DRIVERS\360AvFlt.sys [86248 2017-03-03] (360.cn)
S3 360AvFlt; C:\Windows\SysWOW64\DRIVERS\360AvFlt.sys [86248 2017-03-03] (360.cn)
R1 360Box64; C:\Windows\System32\DRIVERS\360Box64.sys [330472 2017-03-03] (360.cn)
R1 360Camera; C:\Windows\System32\Drivers\360Camera64.sys [40520 2015-09-06] (360.cn)
R1 360FsFlt; C:\Windows\System32\DRIVERS\360FsFlt.sys [391392 2017-03-03] (360.cn)
R2 AODDriver4.3; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [59616 2014-02-11] (Advanced Micro Devices)
R1 BAPIDRV; C:\Windows\System32\DRIVERS\BAPIDRV64.sys [188864 2017-03-03] (360.cn)
R1 HWiNFO32; C:\Windows\SysWOW64\drivers\HWiNFO64A.SYS [26528 2016-02-25] (REALiX(tm))
S3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [192216 2017-03-12] (Malwarebytes)
R3 SPUVCbv; C:\Windows\System32\Drivers\SPUVCbv64.sys [735744 2016-07-06] (Sunplus)
R3 taphss6; C:\Windows\System32\DRIVERS\taphss6.sys [42064 2017-03-21] (Anchorfree Inc.)
S3 cpuz134; \??\C:\Users\lotfi\AppData\Local\Temp\cpuz134\cpuz134_x64.sys [X] <==== ATTENTION
S3 cpuz137; \??\C:\Users\lotfi\AppData\Local\Temp\cpuz137\cpuz137_x64.sys [X] <==== ATTENTION
S3 vmci; \SystemRoot\system32\DRIVERS\vmci.sys [X]
S3 VMnetAdapter; system32\DRIVERS\vmnetadapter.sys [X]
==================== NetSvcs (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
==================== Un mois - Créés - fichiers et dossiers ========
(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)
2017-04-20 19:23 - 2017-04-20 19:24 - 00016000 _____ C:\Users\lotfi\Desktop\FRST.txt
2017-04-20 19:23 - 2017-04-20 19:23 - 00000000 ____D C:\Users\lotfi\Desktop\FRST-OlderVersion
2017-04-20 19:18 - 2017-04-20 19:23 - 02424832 _____ (Farbar) C:\Users\lotfi\Desktop\FRST64.exe
2017-04-20 19:14 - 2017-04-20 19:13 - 00000407 _____ C:\Users\lotfi\Desktop\report_20170420_190554.klr.enc1
2017-04-20 19:05 - 2017-04-20 19:05 - 113099232 _____ (Kaspersky Lab ZAO) C:\Users\lotfi\Desktop\KVRT.exe
2017-04-20 19:05 - 2017-04-20 19:05 - 00000000 ____D C:\KVRT_Data
2017-04-20 18:10 - 2017-04-20 18:10 - 00367256 _____ C:\Users\lotfi\AppData\Local\GDIPFONTCACHEV1.DAT
2017-04-20 17:40 - 2017-04-20 17:40 - 00000000 ____H C:\ProgramData\cm-lock
2017-04-20 17:39 - 2017-04-20 17:39 - 00926096 _____ C:\Windows\system32\FNTCACHE.DAT
2017-04-20 14:34 - 2017-04-20 14:44 - 00000000 ____D C:\AdwCleaner
2017-04-20 14:25 - 2017-04-20 14:26 - 02030536 _____ (Bleeping Computer, LLC) C:\Users\lotfi\Downloads\rkill.com
2017-04-20 00:24 - 2017-04-20 00:26 - 07290880 _____ C:\Users\lotfi\Downloads\CimaClub.Com.Sleepless.2017.720p.WEB-DL.mkv.crdownload
2017-04-20 00:15 - 2017-04-20 03:50 - 732505519 _____ C:\Users\lotfi\Desktop\CimaClub.Com.Sully.2016.720p.BluRay.mkv
2017-04-19 19:52 - 2017-04-19 19:56 - 02772446 _____ C:\Users\lotfi\Downloads\بار بوانت رسالة الماجيستير النهائي.pdf
2017-04-19 14:31 - 2017-04-19 20:26 - 942165032 _____ C:\Users\lotfi\Desktop\CimaClub.Com.Split.2016.720p.BluRay.mkv
2017-04-19 13:45 - 2017-04-20 19:23 - 00000000 ____D C:\FRST
2017-04-19 12:14 - 2017-04-19 12:14 - 00241907 _____ C:\Users\lotfi\Desktop\1021-1059-1-PB.pdf
2017-04-18 22:56 - 2017-04-18 22:56 - 00408136 _____ C:\Users\lotfi\Downloads\idmmzcc (7).xpi
2017-04-18 22:56 - 2017-04-18 22:56 - 00408136 _____ C:\Users\lotfi\Downloads\idmmzcc (6).xpi
2017-04-18 22:55 - 2017-04-18 22:55 - 00408136 _____ C:\Users\lotfi\Downloads\idmmzcc (5).xpi
2017-04-18 22:55 - 2017-04-18 22:55 - 00408136 _____ C:\Users\lotfi\Downloads\idmmzcc (4).xpi
2017-04-18 22:54 - 2017-04-18 22:54 - 00408136 _____ C:\Users\lotfi\Downloads\idmmzcc (3).xpi
2017-04-18 22:54 - 2017-04-18 22:54 - 00408136 _____ C:\Users\lotfi\Downloads\idmmzcc (2).xpi
2017-04-18 22:53 - 2017-04-18 22:53 - 00408136 _____ C:\Users\lotfi\Downloads\idmmzcc (1).xpi
2017-04-18 22:10 - 2017-04-18 22:11 - 01551872 _____ C:\Users\lotfi\Downloads\pwrpnt Fatcho (1).ppt
2017-04-18 22:09 - 2017-04-18 22:10 - 01551872 _____ C:\Users\lotfi\Downloads\pwrpnt Fatcho.ppt
2017-04-17 22:58 - 2017-04-17 22:58 - 00000000 ____D C:\Users\lotfi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Winnydows
2017-04-17 22:58 - 2017-04-17 22:58 - 00000000 ____D C:\Temp
2017-04-17 22:58 - 2017-04-17 22:58 - 00000000 ____D C:\Program Files (x86)\Winnydows
2017-04-17 22:58 - 2017-04-17 22:58 - 00000000 ____D C:\Program Files (x86)\AviSynth 2.5
2017-04-17 22:49 - 2017-04-17 22:57 - 20232335 _____ C:\Users\lotfi\Downloads\HussamSalama.XviD4PSP_5036_full.rar
2017-04-17 22:35 - 2017-04-17 22:35 - 00009014 _____ C:\Users\lotfi\Downloads\the-simpsons-thirteenth-season_arabic-403688 (1).zip
2017-04-17 22:34 - 2017-04-17 22:34 - 00009014 _____ C:\Users\lotfi\Downloads\the-simpsons-thirteenth-season_arabic-403688.zip
2017-04-17 22:19 - 2017-04-17 22:19 - 00011494 _____ C:\Users\lotfi\Downloads\the-simpsons-thirteenth-season_arabic-403514 (2).zip
2017-04-17 22:19 - 2017-04-17 22:19 - 00011494 _____ C:\Users\lotfi\Downloads\the-simpsons-thirteenth-season_arabic-403514 (1).zip
2017-04-17 22:18 - 2017-04-17 22:19 - 00011494 _____ C:\Users\lotfi\Downloads\the-simpsons-thirteenth-season_arabic-403514.zip
2017-04-15 13:18 - 2017-04-15 13:18 - 04019578 _____ C:\Users\lotfi\Desktop\UNISCI DP 25 - NUMERO ENTERO (1).pdf
2017-04-15 12:57 - 2017-04-15 12:58 - 01204856 _____ (Adobe Systems Incorporated) C:\Users\lotfi\Downloads\readerdc_fr_ka_cra_install.exe
2017-04-14 13:58 - 2017-04-15 13:20 - 00000600 _____ C:\Users\lotfi\PUTTY.RND
2017-04-14 12:03 - 2017-04-14 12:03 - 00002067 _____ C:\Users\lotfi\Desktop\Cleanup.lnk
2017-04-14 10:56 - 2017-04-14 12:06 - 00000000 ____D C:\Program Files\CyberGhost 6
2017-04-14 10:56 - 2017-04-14 10:58 - 00000000 ____D C:\Program Files\TAP-Windows
2017-04-13 10:46 - 2017-04-13 10:46 - 00667203 _____ C:\Users\lotfi\Downloads\Document 5.pdf
2017-04-12 20:00 - 2017-04-12 20:00 - 00209108 _____ C:\Users\lotfi\Downloads\correspondance N° 542 version arabe.pdf
2017-04-12 15:18 - 2017-04-12 15:18 - 00002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2017-04-12 15:18 - 2017-04-12 15:18 - 00002047 _____ C:\Users\Public\Desktop\Acrobat Reader DC.lnk
2017-04-12 13:58 - 2017-04-12 13:58 - 00181991 _____ C:\Users\lotfi\Downloads\Turkey Vision 2023.pptx
2017-04-10 22:59 - 2017-04-10 22:59 - 01554037 _____ C:\Users\lotfi\Desktop\Putin Vs Putin Vladimir Putin Viewed From The Right.pdf
2017-04-10 22:55 - 2017-04-10 22:55 - 01554037 _____ C:\Users\lotfi\Downloads\Putin Vs Putin Vladimir Putin Viewed From The Right.pdf
2017-04-10 22:54 - 2017-04-10 22:54 - 11558007 _____ C:\Users\lotfi\Desktop\الاستراتيجية _ الايرانية _ في _ الخليج_العربي - (1).pdf
2017-04-10 22:50 - 2017-04-10 22:50 - 13804954 _____ C:\Users\lotfi\Desktop\من نحن.pdf
2017-04-10 22:49 - 2017-04-10 22:53 - 11558007 _____ C:\Users\lotfi\Downloads\الاستراتيجية _ الايرانية _ في _ الخليج_العربي - (1).pdf
2017-04-10 17:56 - 2017-04-10 18:02 - 13804954 _____ C:\Users\lotfi\Downloads\من نحن.pdf
2017-04-10 17:48 - 2017-04-10 17:48 - 03633231 _____ C:\Users\lotfi\Desktop\الجغرافيا السياسية والجغرافيا الاستراتيجية .. بيير سيليرييه.pdf
2017-04-10 17:45 - 2017-04-10 17:46 - 03633231 _____ C:\Users\lotfi\Downloads\الجغرافيا السياسية والجغرافيا الاستراتيجية .. بيير سيليرييه.pdf
2017-04-10 17:33 - 2017-04-10 17:34 - 00134194 _____ C:\Users\lotfi\Desktop\aljir.pdf
2017-04-10 17:30 - 2017-04-10 17:38 - 15085844 _____ C:\Users\lotfi\Downloads\قوة الدولية دراسات جيواستراتيجية.pdf
2017-04-10 16:40 - 2017-04-12 18:12 - 00000000 ____D C:\Users\lotfi\Desktop\ذكرة تخرج
2017-04-10 16:22 - 2017-04-10 16:22 - 00491930 _____ C:\Users\lotfi\Downloads\Consolidated Review - 2014.80 (2).pdf
2017-04-09 14:37 - 2017-04-09 14:37 - 00491930 _____ C:\Users\lotfi\Downloads\Consolidated Review - 2014.80 (1).pdf
2017-04-07 22:01 - 2017-04-07 22:02 - 12049459 _____ C:\Users\lotfi\Desktop\مصدق والصراع على السلطة في إيران.pdf
2017-04-07 14:37 - 2017-04-07 14:37 - 03306391 _____ C:\Users\lotfi\Desktop\130612_turk_casp_chap9 (1).pdf
2017-04-07 14:28 - 2017-04-07 14:28 - 03306391 _____ C:\Users\lotfi\Desktop\130612_turk_casp_chap9.pdf
2017-04-07 12:39 - 2017-04-07 12:39 - 00490613 _____ C:\Users\lotfi\Downloads\Classification of scientific journals in Algeria.pdf
2017-04-07 11:33 - 2017-04-07 11:34 - 01862733 _____ C:\Users\lotfi\Downloads\الأبعاد الجيوستراتيجية للسياستين الإيرانية والتركية حيال سورية - علي باكير- محرر.pdf
2017-04-04 12:43 - 2017-04-04 12:48 - 04826039 _____ C:\Users\lotfi\Downloads\بار بوانت النهائي.pptx
2017-04-02 10:38 - 2017-04-02 10:42 - 13090181 _____ C:\Users\lotfi\Downloads\title_list.xlsx
2017-04-01 19:15 - 2017-04-01 19:16 - 00966144 _____ C:\Users\lotfi\Downloads\043c00e6c7ff021e8cc4d394d3264cb5-original (1).ppt
2017-04-01 19:12 - 2017-04-01 19:14 - 06754092 _____ C:\Users\lotfi\Downloads\brochure 64 pages.ppsx
2017-03-31 22:24 - 2017-04-19 11:30 - 01479680 _____ C:\Users\lotfi\Desktop\lotfi.ppt
2017-03-31 19:41 - 2017-03-31 19:41 - 00966144 _____ C:\Users\lotfi\Downloads\043c00e6c7ff021e8cc4d394d3264cb5-original.ppt
2017-03-31 15:27 - 2017-03-31 15:29 - 07319858 _____ C:\Users\lotfi\Downloads\HRDISCUSSION.COM_50.Powerpoint-1.rar
2017-03-21 11:33 - 2017-03-21 11:33 - 00042064 _____ (Anchorfree Inc.) C:\Windows\system32\Drivers\taphss6.sys
==================== Un mois - Modifiés - fichiers et dossiers ========
(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)
2017-04-20 19:16 - 2016-03-03 22:19 - 00000000 ____D C:\Users\lotfi\AppData\Roaming\DMCache
2017-04-20 19:14 - 2009-07-14 04:45 - 00025504 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2017-04-20 19:14 - 2009-07-14 04:45 - 00025504 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2017-04-20 17:51 - 2017-01-28 10:20 - 00000000 ____D C:\Users\lotfi\AppData\LocalLow\360WD
2017-04-20 17:49 - 2016-02-14 22:34 - 00000000 ____D C:\Users\lotfi\AppData\Roaming\vlc
2017-04-20 17:47 - 2011-04-12 09:16 - 00747154 _____ C:\Windows\system32\perfh00C.dat
2017-04-20 17:47 - 2011-04-12 09:16 - 00149646 _____ C:\Windows\system32\perfc00C.dat
2017-04-20 17:47 - 2009-07-14 05:13 - 01667292 _____ C:\Windows\system32\PerfStringBackup.INI
2017-04-20 17:47 - 2009-07-14 03:20 - 00000000 ____D C:\Windows\inf
2017-04-20 17:40 - 2009-07-14 05:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2017-04-20 14:44 - 2016-02-25 11:39 - 00000000 ____D C:\ProgramData\IObit
2017-04-20 14:44 - 2016-02-25 11:39 - 00000000 ____D C:\Program Files (x86)\IObit
2017-04-20 14:43 - 2016-09-17 14:51 - 00000000 ____D C:\ProgramData\Lavasoft
2017-04-20 14:43 - 2016-02-25 11:44 - 00000000 ____D C:\Users\lotfi\AppData\LocalLow\IObit
2017-04-20 14:43 - 2016-02-25 11:39 - 00000000 ____D C:\Users\lotfi\AppData\Roaming\IObit
2017-04-20 13:01 - 2016-08-20 12:18 - 00000000 ____D C:\Users\lotfi\Desktop\revue
2017-04-20 12:19 - 2016-12-09 10:11 - 00000000 ____D C:\Users\lotfi\Desktop\English 2.0
2017-04-20 10:26 - 2016-03-17 08:10 - 00004476 _____ C:\Windows\System32\Tasks\Adobe Acrobat Update Task
2017-04-20 10:22 - 2017-02-28 11:34 - 00000000 ____D C:\Users\lotfi\Desktop\Spain
2017-04-19 21:58 - 2016-11-02 17:08 - 00000000 ____D C:\Users\lotfi\Desktop\Serbia
2017-04-19 14:19 - 2016-12-13 11:46 - 00000000 ____D C:\Users\lotfi\AppData\LocalLow\Mozilla
2017-04-19 11:56 - 2016-10-07 15:58 - 00000000 ____D C:\Users\lotfi\Desktop\UGR
2017-04-18 22:56 - 2016-03-03 22:19 - 00000000 ____D C:\Program Files (x86)\Internet Download Manager
2017-04-15 13:00 - 2016-02-19 22:58 - 00000000 ____D C:\Users\lotfi\AppData\Local\Adobe
2017-04-15 00:31 - 2016-10-24 17:59 - 00000000 ____D C:\Users\lotfi\AppData\Roaming\Everything
2017-04-14 13:58 - 2016-03-03 22:19 - 00000000 ____D C:\Users\lotfi\Downloads\Compressed
2017-04-14 13:58 - 2016-02-14 16:03 - 00000000 ____D C:\Users\lotfi
2017-04-14 13:21 - 2017-01-28 10:21 - 00000000 ____D C:\ProgramData\360Quarant
2017-04-14 13:21 - 2016-03-03 22:19 - 00000000 ____D C:\Users\lotfi\AppData\Roaming\IDM
2017-04-14 12:49 - 2016-06-02 17:53 - 00000000 ____D C:\ProgramData\Package Cache
2017-04-12 18:19 - 2017-03-15 23:21 - 00000000 ____D C:\Users\lotfi\Desktop\Nouveau dossier (4)
2017-04-10 23:17 - 2016-02-17 19:14 - 00003502 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2017-04-10 23:17 - 2016-02-17 19:14 - 00003374 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2017-04-10 16:39 - 2016-02-19 18:57 - 00000000 __SHD C:\$360Section
2017-04-07 21:49 - 2017-03-20 13:29 - 00000000 ____D C:\Users\lotfi\Desktop\Book
2017-04-07 15:38 - 2016-02-19 11:22 - 00000000 ____D C:\Windows\Tasks\360Disabled
2017-04-04 07:25 - 2016-02-17 19:31 - 00002193 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2017-04-04 07:25 - 2016-02-17 19:31 - 00002181 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2017-04-02 11:41 - 2016-04-04 21:58 - 00000000 ____D C:\Users\lotfi\Desktop\Nouveau dossier
2017-03-29 18:45 - 2016-07-02 23:28 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2017-03-21 20:01 - 2017-01-28 10:20 - 00000000 ____D C:\ProgramData\360TotalSecurity
==================== Fichiers à la racine de certains dossiers =======
2016-08-04 10:14 - 2016-08-04 10:15 - 0341504 _____ () C:\Users\lotfi\AppData\Roaming\wsrv_bbd498.dat
2017-04-20 17:40 - 2017-04-20 17:40 - 0000000 ____H () C:\ProgramData\cm-lock
==================== Bamital & volsnap ======================
(Il n'y a pas de correction automatique pour les fichiers qui ne satisfont pas à la vérification.)
C:\Windows\system32\winlogon.exe => Le fichier est signé numériquement
C:\Windows\system32\wininit.exe => Le fichier est signé numériquement
C:\Windows\SysWOW64\wininit.exe => Le fichier est signé numériquement
C:\Windows\explorer.exe => Le fichier est signé numériquement
C:\Windows\SysWOW64\explorer.exe => Le fichier est signé numériquement
C:\Windows\system32\svchost.exe => Le fichier est signé numériquement
C:\Windows\SysWOW64\svchost.exe => Le fichier est signé numériquement
C:\Windows\system32\services.exe => Le fichier est signé numériquement
C:\Windows\system32\User32.dll
[2016-03-03 19:13] - [2016-04-04 15:05] - 1008640 ____A (Microsoft Corporation) 2C353B6CE0C8D03225CAA2AF33B68D79
C:\Windows\SysWOW64\User32.dll
[2016-03-03 19:13] - [2016-04-04 15:05] - 0833024 ____A (Microsoft Corporation) 861C4346F9281DC0380DE72C8D55D6BE
C:\Windows\system32\userinit.exe => Le fichier est signé numériquement
C:\Windows\SysWOW64\userinit.exe => Le fichier est signé numériquement
C:\Windows\system32\rpcss.dll => Le fichier est signé numériquement
C:\Windows\system32\dnsapi.dll => Le fichier est signé numériquement
C:\Windows\SysWOW64\dnsapi.dll => Le fichier est signé numériquement
C:\Windows\system32\Drivers\volsnap.sys => Le fichier est signé numériquement
LastRegBack: 2017-04-20 18:27
==================== Fin de FRST.txt ============================