Publicité
Publicité
Format du document : text/plain
Prévisualisation
Résultats d'analyse de Farbar Recovery Scan Tool (FRST) (x64) Version: 31-07-2017
Exécuté par jean- (administrateur) sur DESKTOP-37KC94K (01-08-2017 14:57:09)
Exécuté depuis C:\Users\jean-\Desktop
Profils chargés: jean- (Profils disponibles: jean- & MSSQL$ADK)
Platform: Windows 10 Home Version 1607 (X64) Langue: Français (France)
Internet Explorer Version 11 (Navigateur par défaut: Opera)
Mode d'amorçage: Safe Mode (with Networking)
Tutoriel pour Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processus (Avec liste blanche) =================
(Si un élément est inclus dans le fichier fixlist.txt, le processus sera arrêté. Le fichier ne sera pas déplacé.)
() C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.12.945.9202\AdAwareService.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
() C:\Program Files (x86)\EaseUS\EaseUS EverySync\bin\EaseUSEverySyncCache.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\HelpPane.exe
(Microsoft Corporation) C:\Windows\System32\InstallAgent.exe
(Microsoft Corporation) C:\Windows\System32\InstallAgentUserBroker.exe
(Opera Software) C:\Users\jean-\AppData\Local\Programs\Opera\46.0.2597.26374\opera.exe
(Opera Software) C:\Users\jean-\AppData\Local\Programs\Opera\46.0.2597.26374\opera_crashreporter.exe
(Opera Software) C:\Users\jean-\AppData\Local\Programs\Opera\46.0.2597.26374\opera.exe
(Opera Software) C:\Users\jean-\AppData\Local\Programs\Opera\46.0.2597.26374\opera.exe
(Opera Software) C:\Users\jean-\AppData\Local\Programs\Opera\46.0.2597.26374\opera.exe
(Opera Software) C:\Users\jean-\AppData\Local\Programs\Opera\46.0.2597.26374\opera.exe
(Opera Software) C:\Users\jean-\AppData\Local\Programs\Opera\46.0.2597.26374\opera.exe
() C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.12.945.9202\AdAwareDesktop.exe
() C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.12.945.9202\AdAwareTray.exe
(ESET spol. s r.o.) C:\Users\jean-\Downloads\esetonlinescanner_enu.exe
(Auslogics) C:\Users\jean-\Downloads\ausdiskdefragportable.exe
(Auslogics) C:\Users\jean-\AppData\Local\Temp\RarSFX3\DiskDefrag\DiskDefrag.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
==================== Registre (Avec liste blanche) ====================
(Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé. Le fichier ne sera pas déplacé.)
HKLM\...\Run: [AdAwareTray] => C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.12.945.9202\AdAwareTray.exe [9571552 2016-07-18] ()
HKLM\...\Run: [] => [X]
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [16408320 2015-12-14] (Realtek Semiconductor)
HKLM\...\Run: [Zoolz Tray] => C:\Program Files\Genie9\Zoolz2\Zoolz.exe [2003088 2017-03-22] (Genie9)
HKLM\...\Run: [Malwarebytes TrayApp] => C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\mbamtray.exe [3146704 2017-05-09] (Malwarebytes)
HKLM\...\Policies\Explorer: [NoDriveTypeAutoRun]
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKU\S-1-5-21-4265624635-2019933758-61733912-1001\...\Run: [COS] => C:\Program Files\COMODO\cCloud\cCloud.exe [7195824 2014-09-03] (COMODO Security Solutions)
HKU\S-1-5-21-4265624635-2019933758-61733912-1001\...\Run: [USB Safely Remove] => C:\Program Files (x86)\USB Safely Remove\USBSafelyRemove.exe [6528096 2017-06-03] (Crystal Rich Ltd)
HKU\S-1-5-21-4265624635-2019933758-61733912-1001\...\Run: [Advanced SystemCare 10] => C:\Program Files (x86)\IObit\Advanced SystemCare\ASCTray.exe [3921184 2017-04-10] (IObit)
HKU\S-1-5-21-4265624635-2019933758-61733912-1001\...\Policies\Explorer: [NolowDiskSpaceChecks] 1
AppInit_DLLs: C:\PROGRA~2\KeyCryptSDK\KeyCrypt64(2).dll => C:\Program Files (x86)\KeyCryptSDK\KeyCrypt64(2).dll [94568 2017-01-19] (Zemana Ltd.)
AppInit_DLLs-x32: C:\PROGRA~2\KeyCryptSDK\KeyCrypt32(2).dll => C:\Program Files (x86)\KeyCryptSDK\KeyCrypt32(2).dll [85864 2017-01-19] (Zemana Ltd.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\RocketDock.lnk [2017-07-29]
ShortcutTarget: RocketDock.lnk -> C:\skinpack\RocketDock\RocketDock.exe ()
BootExecute: autocheck autochk /p \??\C:autocheck autochk /p \??\N:autocheck autochk /p \??\H:autocheck autochk *
GroupPolicy: Restriction <==== ATTENTION
==================== Internet (Avec liste blanche) ====================
(Si un élément est inclus dans le fichier fixlist.txt, s'il s'agit d'un élément du Registre, il sera supprimé ou restauré à la valeur par défaut.)
Hosts: 127.0.0.1 localhost
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1 192.168.1.1
Tcpip\..\Interfaces\{a778058e-ddb3-4e56-a8fe-5582c6425c94}: [DhcpNameServer] 192.168.1.1 192.168.1.1
Internet Explorer:
==================
HKU\S-1-5-21-4265624635-2019933758-61733912-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.fr/
BHO: Pas de nom -> {27DD0F8B-3E0E-4ADC-A78A-66047E71ADC5} -> C:\skinpack\OldNewExplorer64.dll [2016-07-25] (www.startisback.com)
BHO: Easy Photo Print -> {9421DD08-935F-4701-A9CA-22DF90AC4EA6} -> C:\Program Files (x86)\Epson Software\Easy Photo Print\EPTBL.dll [2015-07-31] (Seiko Epson Corporation)
BHO-x32: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2016-09-02] (Adobe Systems Incorporated)
BHO-x32: E-Web Print -> {201CF130-E29C-4E5C-A73F-CD197DEFA6AE} -> C:\Program Files (x86)\Epson Software\E-Web Print\ewps_tb.dll [2014-11-27] (SEIKO EPSON CORPORATION)
BHO-x32: Pas de nom -> {27DD0F8B-3E0E-4ADC-A78A-66047E71ADC5} -> C:\skinpack\OldNewExplorer32.dll [2016-07-25] (www.startisback.com)
BHO-x32: Wondershare Video Converter Ultimate -> {65DEE40A-3E93-4cae-9F98-B8E06DCEE2BF} -> C:\Program Files (x86)\Wondershare\VideoConverterFree\SVRIEPlugin.dll [2012-09-28] (Wondershare Software Co., Ltd.)
BHO-x32: Programme d'aide de l'Assistant de connexion Windows Live -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2016-09-02] (Microsoft Corporation)
BHO-x32: iSkysoft iMedia Converter Deluxe 5.1.0 -> {AEAF002F-E6D8-4A21-ABD3-2B309B79A6CE} -> C:\ProgramData\iSkysoft\Video Converter Ultimate\WSBrowserAppMgr.dll [2016-08-18] (Wondershare)
BHO-x32: IObit Ads Removal -> {FFCB3198-32F3-4E8B-9539-4324694ED664} -> C:\Program Files (x86)\IObit\Advanced SystemCare\Surfing Protection\Adblock\Adblock.dll [2016-06-23] (IObit)
Toolbar: HKLM - Easy Photo Print - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files (x86)\Epson Software\Easy Photo Print\EPTBL.dll [2015-07-31] (Seiko Epson Corporation)
Toolbar: HKLM-x32 - E-Web Print - {201CF130-E29C-4E5C-A73F-CD197DEFA6AE} - C:\Program Files (x86)\Epson Software\E-Web Print\ewps_tb.dll [2014-11-27] (SEIKO EPSON CORPORATION)
Handler-x32: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.14.0.8117.0416.dll [2016-09-02] (Microsoft Corporation)
Handler-x32: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.14.0.8117.0416.dll [2016-09-02] (Microsoft Corporation)
Handler: WSISVCUchrome - Pas de valeur CLSID
FireFox:
========
FF HKLM-x32\...\Firefox\Extensions: [e-webprint@epson.com] - C:\Program Files (x86)\Epson Software\E-Web Print\Firefox Add-on
FF Extension: (E-Web Print) - C:\Program Files (x86)\Epson Software\E-Web Print\Firefox Add-on [2016-08-29] [non signé]
FF HKLM-x32\...\Firefox\Extensions: [ISVCU@iSkysoft.com] - C:\ProgramData\iSkysoft\Video Converter Ultimate\ISVCU@iSkysoft.com_xpi
FF Extension: (iSkysoft iMedia Converter Deluxe) - C:\ProgramData\iSkysoft\Video Converter Ultimate\ISVCU@iSkysoft.com_xpi [2016-09-07]
FF HKLM-x32\...\Firefox\Extensions: [{8D150B8F-EFE8-45a3-A4A3-053020F48FAC}] - C:\Program Files (x86)\Wondershare\VideoConverterFree\SVRFirefoxExt
FF Extension: (Wondershare Video Converter Ultimate) - C:\Program Files (x86)\Wondershare\VideoConverterFree\SVRFirefoxExt [2017-07-29] [non signé]
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.50907.0\npctrl.dll [2017-05-03] ( Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.50907.0\npctrl.dll [2017-05-03] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=14.0.8117.0416 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2016-09-02] (Microsoft Corporation)
Chrome:
=======
CHR HKLM-x32\...\Chrome\Extension: [cfmjkokphadmhbenfjjecfbhbbonbjcb] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [chgdeabpmphfhkoemjjglmilajldekbp] - C:\Program Files (x86)\Wondershare\VideoConverterFree\SVRChromePlugin.crx [2017-07-29]
==================== Services (Avec liste blanche) ====================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
S2 AdvancedSystemCareService10; C:\Program Files (x86)\IObit\Advanced SystemCare\ASCService.exe [462624 2017-03-21] (IObit)
S2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [344064 2015-08-21] (Advanced Micro Devices, Inc.) [Fichier non signé]
S4 BingDesktopUpdate; C:\Program Files (x86)\Microsoft\BingDesktop\BingDesktopUpdater.exe [173248 2014-11-26] (Microsoft Corp.)
S2 COSService.exe; C:\Program Files\COMODO\COMMON\COSService.exe [3550400 2014-10-07] (COMODO Security Solutions)
S3 Diskeeper; C:\Program Files\Condusiv Technologies\Diskeeper\DKService.exe [2695920 2015-03-05] (Condusiv Technologies)
S3 EaseUS Agent; C:\Program Files (x86)\EaseUS\Todo Backup\bin\Agent.exe [39616 2016-06-03] (CHENGDU YIWO Tech Development Co., Ltd)
S3 FolderSize; C:\Program Files\FolderSize\FolderSizeSvc.exe [163840 2013-02-13] (Brio) [Fichier non signé]
S3 GsServer; C:\Program Files\Siber Systems\GoodSync\gs-server.exe [7184608 2017-05-19] ()
R2 LavasoftAdAwareService11; C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.12.945.9202\AdAwareService.exe [732056 2016-07-18] ()
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [4470736 2017-05-09] (Malwarebytes)
S2 MSSQL$ADK; C:\Program Files (x86)\Microsoft SQL Server\MSSQL11.ADK\MSSQL\Binn\sqlservr.exe [163008 2016-09-24] (Microsoft Corporation)
S3 NeroBackItUpBackgroundService; C:\Program Files (x86)\Nero\Nero BackItUp\NBService.exe [287088 2016-04-01] (Nero AG)
S3 RichVideo64; C:\Program Files\CyberLink\Shared files\RichVideo64.exe [614664 2016-05-20] (CyberLink)
S3 rscp; C:\Program Files (x86)\Reason\Security\Protection\rscp\bin\rscp_svc.exe [303896 2017-07-28] ()
S3 rsEngineSvc; C:\Program Files (x86)\Reason\Security\rsEngineSvc.exe [82680 2016-09-02] (Reason Software Company Inc.)
S3 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [307456 2015-12-14] (Realtek Semiconductor)
S4 SQLAgent$ADK; C:\Program Files (x86)\Microsoft SQL Server\MSSQL11.ADK\MSSQL\Binn\SQLAGENT.EXE [448704 2016-09-24] (Microsoft Corporation)
S3 SyncBackTouch; C:\Program Files (x86)\2BrightSparks\SyncBackTouch\SyncBackTouchSvc.exe [4715576 2016-09-30] (2BrightSparks Pte. Ltd.)
S2 SynchronizationService.exe; C:\Program Files\COMODO\COMMON\SynchronizationService.exe [2575552 2014-10-07] (COMODO Security Solutions)
S3 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [7534864 2016-08-25] (TeamViewer GmbH)
S2 TeraCopyService; C:\Program Files\TeraCopy\TeraCopyService.exe [110416 2017-01-31] (Code Sector)
S3 USBSafelyRemoveService; C:\Program Files (x86)\USB Safely Remove\USBSRService.exe [1731168 2017-06-03] (Crystal Rich Ltd)
S3 wdcservice; C:\Program Files (x86)\Wise\Wise Driver Care\wdcservice.exe [367272 2017-07-19] (WiseCleaner.com)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [347328 2016-07-16] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [103720 2016-07-16] (Microsoft Corporation)
S3 WsAppService; C:\Program Files (x86)\Wondershare\WAF\2.4.3.224\WsAppService.exe [473824 2017-04-20] (Wondershare)
S3 WsDrvInst; C:\Program Files (x86)\Wondershare\MirrorGo\DriverInstall.exe [111328 2017-05-05] (Wondershare)
S3 ZAMSvc; C:\Program Files (x86)\Zemana AntiLogger\ZAM.exe [15546512 2017-06-19] (Copyright 2017.)
S3 Zoolz 2 Service; C:\Program Files\Genie9\Zoolz2\ZoolzService.exe [475280 2017-03-22] (Genie9)
===================== Pilotes (Avec liste blanche) ======================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
S2 amwrtdrv; C:\WINDOWS\System32\amwrtdrv.sys [18392 2016-07-28] ()
S3 avc3; C:\WINDOWS\System32\DRIVERS\avc3.sys [1600512 2016-01-05] (BitDefender)
R3 avchv; C:\WINDOWS\system32\DRIVERS\avchv.sys [282000 2016-01-05] (BitDefender)
S3 avckf; C:\WINDOWS\System32\DRIVERS\avckf.sys [775424 2016-01-05] (BitDefender)
R1 BdfNdisf; C:\WINDOWS\system32\DRIVERS\bdfndisf6.sys [107496 2016-02-16] (BitDefender LLC)
R1 bdfwfpf; C:\Program Files\Lavasoft\Ad-Aware Antivirus\Firewall Engine\1.6.1.0\Drivers\bdfwfpf.sys [115800 2016-02-16] (BitDefender LLC)
R0 bdisk; C:\WINDOWS\System32\DRIVERS\bdisk.sys [85488 2014-10-07] (COMODO Security Solutions Inc.)
R0 CBUFS; C:\WINDOWS\System32\DRIVERS\CBUFS.sys [230712 2014-10-07] (COMODO Security Solutions Inc.)
R0 cbvd; C:\WINDOWS\System32\DRIVERS\cbvd.sys [677744 2014-10-07] (COMODO Security Solutions Inc.)
S3 CisUtMonitor; C:\WINDOWS\System32\DRIVERS\CisUtMonitor.sys [54192 2017-01-13] (CrystalIdea Software)
S3 clvad; C:\WINDOWS\system32\drivers\clvad.sys [40384 2016-05-27] (CyberLink)
R3 CLVirtualBus01; C:\WINDOWS\System32\drivers\CLVirtualBus01.sys [103176 2014-11-05] (CyberLink)
S3 clwvd7; C:\WINDOWS\system32\DRIVERS\clwvd7.sys [49944 2016-06-02] (CyberLink Corporation)
S3 clwvdVM; C:\WINDOWS\system32\DRIVERS\clwvdVM.sys [55240 2016-05-27] (CyberLink Corporation)
S3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus.sys [131984 2017-05-18] (Samsung Electronics Co., Ltd.)
R0 DKDFM; C:\WINDOWS\System32\drivers\DKDFM.sys [41744 2013-05-06] (Condusiv Technologies)
S3 DKRtWrt; C:\WINDOWS\system32\drivers\DKRtWrt.sys [53520 2014-10-24] (Condusiv Technologies)
R0 DKTLFSMF; C:\WINDOWS\System32\drivers\DKTLFSMF.sys [119536 2014-04-14] (Condusiv Technologies)
R3 dtproscsibus; C:\WINDOWS\System32\drivers\dtproscsibus.sys [30264 2016-08-28] (Disc Soft Ltd)
S1 ElRawDisk; C:\WINDOWS\system32\drivers\rsdrvx64.sys [26024 2009-02-12] (EldoS Corporation)
R0 EUBKMON; C:\WINDOWS\System32\drivers\EUBKMON.sys [48168 2015-12-10] ()
S1 GUSBootStartup; C:\WINDOWS\System32\drivers\GUSBootStartup.sys [20160 2016-09-03] (Glarysoft Ltd)
S3 gzflt; C:\Program Files\Lavasoft\Ad-Aware Antivirus\Antimalware Engine\3.0.129.0\gzflt.sys [161592 2016-04-28] (BitDefender LLC)
S1 IMFMBRProtect; C:\Program Files (x86)\IObit\IObit MBR Guard\drivers\win10_amd64\IMFMBRProtect.sys [38904 2017-06-29] (IObit.com)
R3 keycrypt; C:\WINDOWS\System32\DRIVERS\KeyCrypt64.sys [161408 2017-03-22] (Zemana Ltd.)
R3 MBAMSwissArmy; C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [253856 2017-08-01] (Malwarebytes)
S3 MDA_NTDRV; C:\Windows\system32\MDA_NTDRV.sys [47104 2016-05-20] ()
S3 NetAdapterCx; C:\WINDOWS\System32\drivers\NetAdapterCx.sys [90624 2016-07-16] ()
R0 Reparse; C:\WINDOWS\System32\DRIVERS\CBReparse.sys [674160 2014-10-07] (COMODO Security Solutions Inc.)
R3 RTSUER; C:\WINDOWS\system32\Drivers\RtsUer.sys [416472 2016-05-17] (Realsil Semiconductor Corporation)
U3 TrueSight; C:\Windows\System32\drivers\TrueSight.sys [28272 2017-07-29] ()
S3 Trufos; C:\WINDOWS\System32\DRIVERS\Trufos.sys [485512 2016-04-28] (BitDefender S.R.L.)
U5 UnlockerDriver5; C:\Program Files\Unlocker\UnlockerDriver5.sys [12352 2010-07-01] ()
R3 vdbus; C:\WINDOWS\System32\drivers\vdbus.sys [826040 2014-10-07] (COMODO Security Solutions Inc.)
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [44056 2016-07-16] (Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [290144 2016-07-16] (Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [123232 2016-07-16] (Microsoft Corporation)
S3 WIMMount; C:\Program Files (x86)\Windows Kits\10\Assessment and Deployment Kit\Deployment Tools\amd64\DISM\wimmount.sys [42688 2016-07-16] (Microsoft Corporation)
S3 WofAdk; C:\Program Files (x86)\Windows Kits\10\Assessment and Deployment Kit\Deployment Tools\amd64\DISM\wofadk.sys [221376 2016-07-16] (Microsoft Corporation)
S1 xlkfs; C:\WINDOWS\System32\DRIVERS\xlkfs.sys [44272 2016-05-26] (XOSLAB.COM)
S1 ZAM; C:\WINDOWS\System32\drivers\zam64.sys [203680 2016-09-07] (Zemana Ltd.)
S1 ZAM_Guard; C:\WINDOWS\System32\drivers\zamguard64.sys [203680 2016-09-07] (Zemana Ltd.)
==================== NetSvcs (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
==================== Un mois - Créés - fichiers et dossiers ========
(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)
2017-08-01 14:57 - 2017-08-01 14:58 - 000017493 _____ C:\Users\jean-\Desktop\FRST.txt
2017-08-01 14:57 - 2017-08-01 14:57 - 000000000 ____D C:\FRST
2017-08-01 14:56 - 2017-08-01 14:56 - 002381312 _____ (Farbar) C:\Users\jean-\Desktop\FRST64.exe
2017-08-01 08:01 - 2017-08-01 08:02 - 005352424 _____ (Auslogics) C:\Users\jean-\Downloads\ausdiskdefragportable.exe
2017-08-01 03:32 - 2017-08-01 03:32 - 000012864 ____N C:\bootsqm.dat
2017-07-31 18:34 - 2017-07-31 18:36 - 064025992 _____ (Malwarebytes ) C:\Users\jean-\Downloads\mb3-setup-35891.35891-3.1.2.1733-1.0.139-1.0.2060 (1).exe
2017-07-31 14:11 - 2017-07-31 14:12 - 000000000 ____D C:\Program Files\UNP
2017-07-31 14:11 - 2017-07-31 14:11 - 000000000 ____D C:\WINDOWS\system32\UNP
2017-07-31 14:02 - 2017-04-21 23:53 - 000029376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aspnet_counters.dll
2017-07-31 14:02 - 2017-04-21 23:50 - 000030912 _____ (Microsoft Corporation) C:\WINDOWS\system32\aspnet_counters.dll
2017-07-31 14:01 - 2017-04-21 23:53 - 000018600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvcr100_clr0400.dll
2017-07-31 14:01 - 2017-04-21 23:50 - 000018592 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvcr100_clr0400.dll
2017-07-31 14:01 - 2017-04-11 20:27 - 000993632 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvcr120_clr0400.dll
2017-07-31 14:01 - 2017-04-11 20:27 - 000690008 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvcp120_clr0400.dll
2017-07-31 14:01 - 2017-03-15 20:15 - 000987840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvcr120_clr0400.dll
2017-07-31 14:01 - 2017-03-15 20:15 - 000485576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvcp120_clr0400.dll
2017-07-31 10:36 - 2017-07-31 10:37 - 000414524 _____ C:\WINDOWS\Minidump\073117-33250-01.dmp
2017-07-31 10:35 - 2017-07-31 10:35 - 692127616 _____ C:\WINDOWS\MEMORY.DMP
2017-07-31 10:20 - 2017-07-31 10:31 - 000000000 ____D C:\Program Files\rempl
2017-07-31 10:18 - 2017-06-03 12:50 - 000192856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aepic.dll
2017-07-31 10:18 - 2017-06-03 12:14 - 001564512 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll
2017-07-31 10:18 - 2017-06-03 12:14 - 001214816 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
2017-07-31 10:18 - 2017-06-03 12:14 - 000629088 _____ (Microsoft Corporation) C:\WINDOWS\system32\generaltel.dll
2017-07-31 10:18 - 2017-06-03 12:14 - 000544096 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll
2017-07-31 10:18 - 2017-06-03 12:14 - 000335712 _____ (Microsoft Corporation) C:\WINDOWS\system32\dcntel.dll
2017-07-31 10:18 - 2017-06-03 12:14 - 000334176 _____ (Microsoft Corporation) C:\WINDOWS\system32\invagent.dll
2017-07-31 10:18 - 2017-06-03 12:14 - 000233824 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepic.dll
2017-07-31 10:18 - 2017-06-03 12:14 - 000136032 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
2017-07-31 10:18 - 2017-06-03 12:14 - 000096608 _____ (Microsoft Corporation) C:\WINDOWS\system32\CompatTelRunner.exe
2017-07-31 10:18 - 2017-06-03 12:14 - 000034648 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceCensus.exe
2017-07-31 08:36 - 2017-07-31 08:36 - 000000000 ____D C:\ProgramData\Auslogics
2017-07-31 08:30 - 2017-07-31 08:30 - 000000000 ____D C:\Users\jean-\AppData\Local\ESET
2017-07-31 08:29 - 2017-07-31 08:30 - 006754944 _____ (ESET spol. s r.o.) C:\Users\jean-\Downloads\esetonlinescanner_enu.exe
2017-07-31 08:16 - 2017-07-31 08:16 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\BCUninstaller
2017-07-31 08:16 - 2017-07-31 08:16 - 000000000 ____D C:\Program Files\BCUninstaller
2017-07-31 08:15 - 2017-07-31 08:15 - 002683160 _____ (Marcin Szeniak ) C:\Users\jean-\Downloads\BCUninstaller_3.12_setup.exe
2017-07-31 07:48 - 2016-12-21 06:44 - 000120320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\poqexec.exe
2017-07-31 07:47 - 2016-12-21 09:08 - 000142848 _____ (Microsoft Corporation) C:\WINDOWS\system32\poqexec.exe
2017-07-30 16:40 - 2017-07-30 16:40 - 002800512 _____ C:\Users\jean-\ZHPDiag3.exe
2017-07-30 13:24 - 2017-08-01 04:02 - 000253856 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2017-07-30 13:24 - 2017-07-30 13:24 - 000188312 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMChameleon.sys
2017-07-30 13:24 - 2017-07-30 13:24 - 000044960 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbam.sys
2017-07-30 13:23 - 2017-08-01 03:46 - 000077376 _____ C:\WINDOWS\system32\Drivers\mbae64.sys
2017-07-30 13:23 - 2017-07-31 18:36 - 000001914 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2017-07-30 13:23 - 2017-07-31 18:36 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes
2017-07-30 13:23 - 2017-07-30 13:23 - 000000000 ____D C:\ProgramData\Malwarebytes
2017-07-30 13:23 - 2017-07-30 13:23 - 000000000 ____D C:\Program Files\Malwarebytes
2017-07-30 13:22 - 2017-07-30 13:23 - 064025992 _____ (Malwarebytes ) C:\Users\jean-\Downloads\mb3-setup-35891.35891-3.1.2.1733-1.0.139-1.0.2060.exe
2017-07-30 12:19 - 2017-07-30 12:19 - 001721576 _____ (Microsoft Corporation) C:\WINDOWS\system32\WdfCoInstaller01009.dll
2017-07-30 12:19 - 2017-07-30 12:19 - 001002728 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinUSBCoInstaller2.dll
2017-07-30 12:14 - 2017-07-30 12:14 - 000000000 ____D C:\Users\jean-\Documents\CyberLink
2017-07-30 11:07 - 2017-08-01 03:48 - 000045291 _____ C:\WINDOWS\ZAM.krnl.trace
2017-07-30 11:07 - 2017-08-01 03:48 - 000010690 _____ C:\WINDOWS\ZAM_Guard.krnl.trace
2017-07-30 10:40 - 2017-07-30 10:40 - 000001473 _____ C:\Users\jean-\Desktop\UsbFix.lnk
2017-07-30 10:40 - 2017-07-30 10:40 - 000000000 ____D C:\Users\jean-\Desktop\Quarantine
2017-07-30 10:40 - 2017-07-30 10:40 - 000000000 ____D C:\Users\jean-\Desktop\Log
2017-07-30 10:23 - 2017-07-30 10:23 - 000000000 ____D C:\Users\jean-\AppData\LocalLow\ADSRemoval
2017-07-30 09:52 - 2017-07-30 09:52 - 000002908 _____ C:\WINDOWS\System32\Tasks\ASC10_SkipUac_jean-
2017-07-30 09:45 - 2017-07-30 09:45 - 000000000 ___HD C:\OneDriveTemp
2017-07-30 09:12 - 2017-07-30 09:12 - 000000000 ____D C:\ProgramData\ProductData
2017-07-30 09:11 - 2017-07-30 09:40 - 000002250 _____ C:\Users\Public\Desktop\Advanced SystemCare 10.lnk
2017-07-30 09:11 - 2017-07-30 09:11 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Advanced SystemCare
2017-07-30 09:09 - 2017-07-30 09:09 - 001605936 _____ (IObit) C:\Users\jean-\Downloads\ascscan10_01netfr.exe
2017-07-30 09:07 - 2017-07-30 09:07 - 000000000 ____H C:\WINDOWS\system32\Drivers\Msft_User_WpdMtpDr_01_11_00.Wdf
2017-07-29 21:42 - 2017-07-29 21:44 - 000006028 _____ C:\Users\jean-\Desktop\ZHPCleaner.txt
2017-07-29 21:24 - 2017-07-29 21:24 - 002839936 _____ C:\Users\jean-\Downloads\ZHPCleaner.exe
2017-07-29 21:24 - 2017-07-29 21:24 - 000000877 _____ C:\Users\jean-\Desktop\ZHPCleaner.lnk
2017-07-29 20:24 - 2017-07-29 20:25 - 000000000 ____D C:\Users\jean-\AppData\Roaming\Geek Uninstaller
2017-07-29 20:24 - 2017-07-29 20:24 - 003000643 _____ C:\Users\jean-\Downloads\geek.zip
2017-07-29 20:23 - 2017-07-29 20:23 - 003952496 _____ (CrystalIdea Software ) C:\Users\jean-\Downloads\uninstalltool_setup.exe
2017-07-29 20:23 - 2017-07-29 20:23 - 000000942 _____ C:\Users\jean-\Desktop\Uninstall Tool.lnk
2017-07-29 20:23 - 2017-07-29 20:23 - 000000252 _____ C:\WINDOWS\Tasks\RunUninstallTool_SkipUac.job
2017-07-29 20:23 - 2017-07-29 20:23 - 000000000 ____D C:\Users\jean-\AppData\Roaming\CrystalIdea Software
2017-07-29 20:23 - 2017-07-29 20:23 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Uninstall Tool
2017-07-29 20:23 - 2017-07-29 20:23 - 000000000 ____D C:\Program Files\Uninstall Tool
2017-07-29 20:23 - 2017-01-13 12:54 - 000054192 _____ (CrystalIdea Software) C:\WINDOWS\system32\Drivers\CisUtMonitor.sys
2017-07-29 18:59 - 2017-07-30 20:07 - 000172522 _____ C:\Users\jean-\Desktop\ZHPDiag.txt
2017-07-29 18:51 - 2017-07-30 16:42 - 000000000 ____D C:\Users\jean-\AppData\Roaming\ZHP
2017-07-29 18:51 - 2017-07-30 16:42 - 000000000 ____D C:\Users\jean-\AppData\Local\ZHP
2017-07-29 18:51 - 2017-07-30 16:40 - 000000726 _____ C:\Users\jean-\Desktop\ZHPDiag.lnk
2017-07-29 18:51 - 2017-07-29 18:51 - 002798464 _____ C:\Users\jean-\Desktop\ZHPDiag3.exe
2017-07-29 17:19 - 2017-07-29 17:19 - 000000000 ____D C:\Users\jean-\AppData\Roaming\MultiCommander
2017-07-29 17:17 - 2017-07-29 17:20 - 000000000 ____D C:\mydrivers
2017-07-29 16:50 - 2017-07-29 16:50 - 000000000 ____D C:\ProgramData\Kingsoft
2017-07-29 16:49 - 2017-07-29 16:49 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wise Driver Care
2017-07-29 16:42 - 2017-07-29 16:49 - 007510176 _____ (WiseCleaner.com ) C:\Users\jean-\Downloads\WiseDriverCareSetup.exe
2017-07-29 16:17 - 2017-07-29 16:17 - 000000224 _____ C:\WINDOWS\Tasks\ACD.exe_20170729_161719_0698.job
2017-07-29 16:07 - 2017-07-29 16:07 - 000002067 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CyberLink ActionDirector 2 (64-bit).lnk
2017-07-29 16:03 - 2017-07-29 16:07 - 000000000 ____D C:\Program Files\CyberLink
2017-07-29 15:46 - 2017-07-29 15:46 - 000000000 ____D C:\ProgramData\install_backup
2017-07-29 15:35 - 2017-07-29 15:35 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Remo Duplicate Photos Remover
2017-07-29 15:35 - 2017-07-29 15:35 - 000000000 ____D C:\Program Files\Remo Duplicate Photos Remover 1.0
2017-07-29 15:34 - 2017-07-29 15:45 - 556887696 _____ C:\Users\jean-\Downloads\ActionDirector_1216_GM2_Trial_Trial_ACD161103-02.exe
2017-07-29 15:03 - 2017-07-29 15:03 - 000000000 ____D C:\ProgramData\2BrightSparks
2017-07-29 13:31 - 2017-07-29 21:07 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinZip
2017-07-29 13:30 - 2017-07-29 21:07 - 000000000 ____D C:\ProgramData\WinZip
2017-07-29 13:29 - 2017-07-29 13:29 - 000001244 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Booking.lnk
2017-07-29 13:29 - 2017-07-29 13:29 - 000001232 _____ C:\Users\Public\Desktop\Booking.lnk
2017-07-29 13:28 - 2017-07-29 13:29 - 000000000 ____D C:\Program Files (x86)\Booking
2017-07-29 13:24 - 2017-07-29 13:24 - 006178186 _____ (Media Play Air ) C:\Users\jean-\Downloads\JavaPlugin.exe
2017-07-29 13:19 - 2017-07-29 13:19 - 001548583 _____ ( ) C:\Users\jean-\Downloads\JavaPlugin_0562582603.exe
2017-07-29 13:17 - 2017-07-29 13:17 - 000000000 ___HD C:\Users\jean-\AppData\Roaming\Obsidium
2017-07-29 13:17 - 2017-07-29 13:17 - 000000000 ___HD C:\Users\jean-\.obs32
2017-07-29 13:13 - 2017-07-29 13:13 - 000028272 _____ C:\WINDOWS\system32\Drivers\TrueSight.sys
2017-07-29 13:11 - 2017-07-29 13:11 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SkinPack
2017-07-29 13:08 - 2017-07-29 14:54 - 000000000 ____D C:\Program Files (x86)\YP6XHVzWgC
2017-07-29 13:06 - 2017-07-29 14:53 - 000000000 ____D C:\Users\jean-\AppData\Roaming\a3bf6b7a34b746398d95f6d9d8c7bb49
2017-07-29 13:06 - 2017-07-29 14:53 - 000000000 ____D C:\Users\jean-\AppData\Roaming\456151808c11472195a5ec81eae4d2e9
2017-07-29 12:59 - 2017-07-29 21:23 - 000000835 _____ C:\Users\jean-\Desktop\JRT.txt
2017-07-29 12:45 - 2017-07-30 09:39 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows 10 - Codec Pack
2017-07-29 12:44 - 2017-07-29 12:46 - 000000000 ____D C:\WINDOWS\SysWOW64\Codecs
2017-07-29 12:44 - 2017-07-29 12:45 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows 7 - Codec Pack
2017-07-29 12:43 - 2017-07-29 12:43 - 000000000 ____D C:\Users\jean-\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\trolCommander
2017-07-29 12:43 - 2017-07-29 12:43 - 000000000 ____D C:\Users\jean-\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\iGetting Audio
2017-07-29 12:43 - 2017-07-29 12:43 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\2BrightSparks
2017-07-29 12:43 - 2017-07-29 12:43 - 000000000 ____D C:\Program Files (x86)\trolCommander
2017-07-29 12:43 - 2017-07-29 12:43 - 000000000 ____D C:\Program Files (x86)\iGetting Audio
2017-07-29 12:43 - 2017-07-29 12:43 - 000000000 ____D C:\Program Files (x86)\2BrightSparks
2017-07-29 12:42 - 2017-07-29 12:43 - 000000000 ____D C:\Users\jean-\Documents\Speed Install
2017-07-29 12:42 - 2017-07-29 12:42 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Speed Install
2017-07-29 12:41 - 2017-07-29 12:41 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Remo Repair ZIP
2017-07-29 12:41 - 2017-07-29 12:41 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Remo Repair Word
2017-07-29 12:41 - 2017-07-29 12:41 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Remo Repair Registry
2017-07-29 12:41 - 2017-07-29 12:41 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Remo Recover FREE Edition
2017-07-29 12:41 - 2017-07-29 12:41 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Remo File Eraser 2.0
2017-07-29 12:41 - 2017-07-29 12:41 - 000000000 ____D C:\Program Files (x86)\Remo File Eraser 2.0
2017-07-29 12:40 - 2017-07-29 12:41 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Remo Repair RAR
2017-07-29 12:40 - 2017-07-29 12:41 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Remo Repair PowerPoint
2017-07-29 12:40 - 2017-07-29 12:41 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Remo Repair MOV
2017-07-29 12:40 - 2017-07-29 12:41 - 000000000 ____D C:\Program Files\Remo Repair Registry
2017-07-29 12:40 - 2017-07-29 12:41 - 000000000 ____D C:\Program Files\Remo Recover FREE Edition
2017-07-29 12:40 - 2017-07-29 12:41 - 000000000 ____D C:\Program Files (x86)\Remo Repair ZIP 2.0
2017-07-29 12:40 - 2017-07-29 12:41 - 000000000 ____D C:\Program Files (x86)\Remo Repair Word 2.0
2017-07-29 12:40 - 2017-07-29 12:40 - 000000000 ____D C:\Users\Public\Documents\EFL
2017-07-29 12:40 - 2017-07-29 12:40 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Remo Recover for Android
2017-07-29 12:40 - 2017-07-29 12:40 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Remo Outlook Backup & Migrate
2017-07-29 12:40 - 2017-07-29 12:40 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Remo Drive Wipe
2017-07-29 12:40 - 2017-07-29 12:40 - 000000000 ____D C:\Program Files\Remo Repair MOV 2.0
2017-07-29 12:40 - 2017-07-29 12:40 - 000000000 ____D C:\Program Files\Remo Recover for Android 2.0
2017-07-29 12:40 - 2017-07-29 12:40 - 000000000 ____D C:\Program Files (x86)\Remo Repair RAR 2.0
2017-07-29 12:40 - 2017-07-29 12:40 - 000000000 ____D C:\Program Files (x86)\Remo Repair PowerPoint 2.0
2017-07-29 12:40 - 2017-07-29 12:40 - 000000000 ____D C:\Program Files (x86)\Remo Outlook Backup & Migrate
2017-07-29 12:40 - 2017-07-29 12:40 - 000000000 ____D C:\Program Files (x86)\Remo Drive Wipe
2017-07-29 12:39 - 2017-07-29 15:35 - 000000000 ____D C:\Users\jean-\AppData\Roaming\Remo
2017-07-29 12:39 - 2017-07-29 12:40 - 000000000 ____D C:\Program Files\Easy File Locker
2017-07-29 12:39 - 2017-07-29 12:39 - 000000000 ____D C:\Users\jean-\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\muCommander
2017-07-29 12:39 - 2017-07-29 12:39 - 000000000 ____D C:\Users\jean-\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Easy File Locker
2017-07-29 12:39 - 2017-07-29 12:39 - 000000000 ____D C:\Unreal Commander
2017-07-29 12:39 - 2017-07-29 12:39 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Remo Drive Defrag
2017-07-29 12:39 - 2017-07-29 12:39 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MultiCommander
2017-07-29 12:39 - 2017-07-29 12:39 - 000000000 ____D C:\Program Files\MultiCommander (x64)
2017-07-29 12:39 - 2017-07-29 12:39 - 000000000 ____D C:\Program Files (x86)\Remo Drive Defrag
2017-07-29 12:39 - 2017-07-29 12:39 - 000000000 ____D C:\Program Files (x86)\muCommander
2017-07-29 12:39 - 2009-02-12 15:11 - 000026024 _____ (EldoS Corporation) C:\WINDOWS\system32\Drivers\rsdrvx64.sys
2017-07-29 12:30 - 2017-07-29 12:31 - 000000000 ____D C:\ProgramData\regid.2003-04.com.caphyon
2017-07-29 12:30 - 2017-07-29 12:30 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Advanced Installer 13.8.1
2017-07-29 12:30 - 2017-07-29 12:30 - 000000000 ____D C:\Program Files (x86)\MSBuild
2017-07-29 12:30 - 2017-07-29 12:30 - 000000000 ____D C:\Program Files (x86)\Caphyon
2017-07-29 12:29 - 2017-07-29 12:29 - 000000000 ____D C:\ProgramData\Caphyon
2017-07-29 12:27 - 2017-07-29 21:07 - 000000000 ____D C:\AdwCleaner
2017-07-29 12:05 - 2017-07-29 12:05 - 001847296 _____ C:\Users\jean-\AppData\Local\po.db
2017-07-29 12:05 - 2017-07-29 12:05 - 000140800 _____ C:\Users\jean-\AppData\Local\installer.dat
2017-07-29 12:05 - 2017-07-29 12:05 - 000001516 _____ C:\WINDOWS\Tasks\PowerMaster.job
2017-07-29 12:04 - 2017-07-29 12:04 - 000000000 ____D C:\Users\jean-\AppData\Roaming\Opera Software
2017-07-29 12:04 - 2017-07-29 12:04 - 000000000 ____D C:\Users\jean-\AppData\Local\Opera Software
2017-07-29 12:03 - 2017-07-29 14:54 - 000000000 ____D C:\Users\jean-\AppData\Local\e66923851c834945ab5bdb4feca9ec87
2017-07-29 12:03 - 2017-07-29 14:54 - 000000000 ____D C:\Program Files (x86)\tefpOLC7oN
2017-07-29 12:03 - 2017-07-29 14:53 - 000000000 ____D C:\Users\jean-\AppData\Roaming\d6fd9e2d07604c7aa289e71501fd36fa
2017-07-29 12:03 - 2017-07-29 14:53 - 000000000 ____D C:\Users\jean-\AppData\Roaming\a551db79fa4f40878e49536c9f415fad
2017-07-29 12:02 - 2017-07-29 12:02 - 000001350 _____ C:\Users\jean-\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Navigateur Opera.lnk
2017-07-29 12:02 - 2017-07-29 12:02 - 000000000 ____D C:\Program Files\AVAST Software
2017-07-29 12:01 - 2017-07-29 12:01 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\IconPack
2017-07-29 12:01 - 2017-07-29 12:01 - 000000000 ____D C:\ProgramData\AVAST Software
2017-07-29 12:00 - 2017-07-31 08:14 - 000000000 ____D C:\IconPack
2017-07-29 12:00 - 2017-07-29 13:07 - 000000000 ___HD C:\W7P_Backups
2017-07-29 12:00 - 2017-07-29 12:00 - 001167128 _____ (CyberLink) C:\Users\jean-\Downloads\cyberlink-power2go_Essential-11.0.exe
2017-07-29 11:59 - 2017-07-29 13:11 - 000000000 ____D C:\skinpack
2017-07-29 11:59 - 2017-07-29 11:59 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Clear ThemePack
2017-07-29 11:59 - 2017-07-29 11:59 - 000000000 ____D C:\Clear ThemePack
2017-07-29 11:57 - 2017-07-29 11:57 - 000000000 ____D C:\Users\jean-\AppData\Roaming\Viv
2017-07-29 11:57 - 2017-07-29 11:57 - 000000000 ____D C:\Users\jean-\AppData\Roaming\PhrozenWinja
2017-07-29 11:57 - 2017-07-29 11:57 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Winja
2017-07-29 11:56 - 2017-07-29 11:56 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VivPDF Editor
2017-07-29 11:56 - 2017-07-29 11:56 - 000000000 ____D C:\Program Files (x86)\VivPDF Editor
2017-07-29 11:50 - 2017-07-29 11:50 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LopeSoft
2017-07-29 11:50 - 2017-07-29 11:50 - 000000000 ____D C:\ProgramData\LopeSoft
2017-07-29 11:50 - 2017-07-29 11:50 - 000000000 ____D C:\Program Files\LopeSoft
2017-07-29 11:43 - 2017-07-29 11:44 - 001790024 _____ (Malwarebytes) C:\Users\jean-\Desktop\JRT.exe
2017-07-29 11:43 - 2017-07-29 11:43 - 008162248 _____ (Malwarebytes) C:\Users\jean-\Desktop\adwcleaner_7.0.0.0.exe
2017-07-29 11:23 - 2017-08-01 13:31 - 000000000 ___RD C:\Users\jean-\Desktop\cadeaux jes-jes m-moulu st-j conr (jessica 2x de brugnon u h) 17_9_2016, 17_3_2017 & 17_9_2017 & lfsu100%sf
2017-07-29 11:08 - 2017-07-29 11:10 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Morae
2017-07-29 11:08 - 2017-07-29 11:08 - 000000000 ____D C:\Users\jean-\AppData\Roaming\Xilisoft
2017-07-29 11:06 - 2017-07-29 11:08 - 000000000 ____D C:\Program Files (x86)\TechSmith
2017-07-29 11:06 - 2017-07-29 11:06 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TechSmith
2017-07-29 11:05 - 2017-07-29 11:05 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\IObit Unlocker
2017-07-29 11:04 - 2017-07-29 11:08 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Xilisoft
2017-07-29 11:04 - 2017-07-29 11:04 - 000000000 ____D C:\Users\jean-\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PerigeeCopy
2017-07-29 11:04 - 2017-07-29 11:04 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MiniCopier
2017-07-29 11:04 - 2017-07-29 11:04 - 000000000 ____D C:\Program Files\PerigeeCopy
2017-07-29 11:03 - 2017-07-29 11:03 - 000000000 ____D C:\Users\jean-\AppData\Local\Copy Handler
2017-07-29 11:03 - 2017-07-29 11:03 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Fast File Copy by Daanav.com
2017-07-29 11:03 - 2017-07-29 11:03 - 000000000 ____D C:\Program Files (x86)\MiniCopier
2017-07-29 11:03 - 2017-07-29 11:03 - 000000000 ____D C:\Program Files (x86)\Fast File Copy by Daanav.com
2017-07-29 11:02 - 2017-07-29 11:02 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Copy Handler
2017-07-29 11:02 - 2017-07-29 11:02 - 000000000 ____D C:\Program Files\Copy Handler
2017-07-29 11:01 - 2017-07-29 11:07 - 000000000 ____D C:\ProgramData\Xilisoft
2017-07-29 11:01 - 2017-07-29 11:07 - 000000000 ____D C:\Program Files (x86)\Xilisoft
2017-07-29 11:01 - 2017-07-29 11:01 - 000000000 ____D C:\Users\jean-\AppData\Roaming\Genie9
2017-07-29 11:00 - 2017-07-29 11:00 - 000000000 ___RD C:\Users\jean-\Desktop\Non-Zoolz Zone
2017-07-29 11:00 - 2017-07-29 11:00 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Zoolz
2017-07-29 11:00 - 2017-07-29 11:00 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Xiph.Org
2017-07-29 10:59 - 2017-07-29 10:59 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Icecream Screen Recorder
2017-07-29 10:59 - 2017-07-29 10:59 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\free-video-splitter
2017-07-29 10:59 - 2017-07-29 10:59 - 000000000 ____D C:\Program Files\Genie9
2017-07-29 10:59 - 2017-07-29 10:59 - 000000000 ____D C:\Program Files (x86)\Xiph.Org
2017-07-29 10:59 - 2017-07-29 10:59 - 000000000 ____D C:\Program Files (x86)\free-video-splitter
2017-07-29 10:58 - 2017-07-29 10:59 - 000000000 ____D C:\Program Files (x86)\Icecream Screen Recorder
2017-07-29 10:57 - 2017-07-29 10:57 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GiliSoft
2017-07-29 10:57 - 2017-07-29 10:57 - 000000000 ____D C:\Program Files (x86)\GiliSoft
2017-07-29 10:56 - 2017-07-29 10:56 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GoodSync
2017-07-29 10:55 - 2017-07-29 10:56 - 000000000 ____D C:\ProgramData\GoodSync
2017-07-29 10:54 - 2017-07-29 10:54 - 000000000 ____D C:\Program Files\Siber Systems
2017-07-29 10:51 - 2017-07-29 10:51 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Hasleo Data Recovery
2017-07-29 10:51 - 2017-07-29 10:51 - 000000000 ____D C:\Program Files\Hasleo
2017-07-29 10:50 - 2017-07-29 11:05 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Roadkil.Net
2017-07-29 10:50 - 2017-07-29 11:05 - 000000000 ____D C:\Program Files (x86)\Roadkil.Net
2017-07-29 10:49 - 2017-07-29 10:50 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Runtime Software
2017-07-29 10:49 - 2017-07-29 10:49 - 000001727 _____ C:\ProgramData\Microsoft\Windows\Start Menu\TeraCopy.lnk
2017-07-29 10:49 - 2017-07-29 10:49 - 000000000 ____D C:\Users\jean-\AppData\Local\Xenocode
2017-07-29 10:49 - 2017-07-29 10:49 - 000000000 ____D C:\Program Files (x86)\Runtime Software
2017-07-29 10:45 - 2017-07-29 12:02 - 000000000 ____D C:\Program Files\Bandizip
2017-07-29 10:45 - 2017-07-29 10:45 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Bandizip
2017-07-29 10:44 - 2017-07-29 10:44 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Folderico
2017-07-29 10:44 - 2017-07-29 10:44 - 000000000 ____D C:\ProgramData\Folderico
2017-07-29 10:44 - 2017-07-29 10:44 - 000000000 ____D C:\Program Files (x86)\Folderico
2017-07-29 10:43 - 2017-07-29 10:43 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Transcend
2017-07-29 10:43 - 2017-07-29 10:43 - 000000000 ____D C:\Program Files (x86)\Transcend
2017-07-29 10:43 - 2013-05-23 09:52 - 000386560 _____ (Dart Communications) C:\WINDOWS\SysWOW64\DartSecure2.dll
2017-07-29 10:43 - 2013-05-23 09:52 - 000234496 _____ (Dart Communications) C:\WINDOWS\SysWOW64\DartCertificate.dll
2017-07-29 10:43 - 2013-05-06 13:17 - 000425472 _____ (Dart Communications) C:\WINDOWS\SysWOW64\DartSock.dll
2017-07-29 10:43 - 2008-08-18 19:18 - 000077824 _____ (Fox Magic Software) C:\WINDOWS\SysWOW64\fmcodec.DLL
2017-07-29 10:39 - 2015-02-27 10:35 - 000000232 _____ C:\WINDOWS\SysWOW64\dllhost.exe.config
2017-07-29 10:36 - 2012-09-21 10:25 - 000727952 _____ () C:\WINDOWS\SysWOW64\WSCM64.dll
2017-07-29 10:36 - 2012-09-21 10:25 - 000159120 _____ () C:\WINDOWS\SysWOW64\WSCM32.dll
2017-07-29 10:34 - 2017-07-29 10:34 - 000000000 ____D C:\ProgramData\ProductFeatures
2017-07-29 10:33 - 2017-07-29 10:33 - 000000000 ____D C:\Users\jean-\.swt
2017-07-29 10:32 - 2017-08-01 04:20 - 000000214 _____ C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job
2017-07-29 10:20 - 2017-07-29 10:33 - 000000000 ____D C:\Users\jean-\AppData\Local\Degoo
2017-07-29 10:19 - 2017-07-29 10:19 - 000000000 ____D C:\Users\jean-\Documents\Wondershare MediaServer
2017-07-29 10:19 - 2017-07-29 10:19 - 000000000 ____D C:\ProgramData\Wondershare Video Converter Free
2017-07-29 10:17 - 2017-07-29 10:21 - 000000000 ____D C:\Users\jean-\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Degoo
2017-07-29 10:08 - 2017-07-29 10:08 - 000000000 ____D C:\ProgramData\Wondershare Video Converter Pro
2017-07-29 10:05 - 2017-07-29 10:33 - 000000000 ____D C:\Users\jean-\AppData\Roaming\iSkysoft
2017-07-29 09:25 - 2017-07-29 10:55 - 000000000 ____D C:\Users\jean-\AppData\Roaming\GoodSync
2017-07-29 09:20 - 2017-07-29 10:13 - 000000000 ____D C:\Users\jean-\AppData\Roaming\Wondershare
2017-07-29 09:19 - 2017-07-30 09:56 - 000000000 ____D C:\Users\jean-\.android
2017-07-29 08:53 - 2017-07-29 10:52 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\IObit MBR Guard
2017-07-29 08:53 - 2017-07-29 08:53 - 000000000 _____ C:\WINDOWS\1
2017-07-29 08:42 - 2017-07-31 08:07 - 000000000 ____D C:\Users\jean-\AppData\Roaming\USBSafelyRemove
2017-07-29 08:31 - 2017-07-29 10:43 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\aTube Catcher
2017-07-29 08:31 - 2017-07-29 08:31 - 000000000 ____D C:\Program Files (x86)\DsNET Corp
2017-07-29 08:30 - 2017-07-29 08:30 - 000000000 ____D C:\Users\jean-\AppData\Roaming\ProtectStar
2017-07-29 08:30 - 2017-07-29 08:30 - 000000000 ____D C:\Users\jean-\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ProtectStar
2017-07-29 08:30 - 2017-07-29 08:30 - 000000000 ____D C:\Program Files (x86)\ProtectStar
2017-07-29 08:29 - 2017-07-29 08:29 - 000000000 ____D C:\zemana_logs
2017-07-29 08:28 - 2017-07-29 08:29 - 000000000 ____D C:\Program Files\Zemana Control Center
2017-07-29 08:27 - 2017-07-29 08:28 - 000000000 ____D C:\Program Files\Rebit 5
2017-07-29 08:20 - 2017-07-29 08:20 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ISO to USB
2017-07-29 08:20 - 2017-07-29 08:20 - 000000000 ____D C:\Program Files (x86)\ISO to USB
2017-07-29 08:18 - 2017-07-29 08:19 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Silent Install Builder 5
2017-07-29 08:18 - 2017-07-29 08:19 - 000000000 ____D C:\Program Files (x86)\Silent Install Builder 5
2017-07-29 08:14 - 2017-07-29 08:14 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Start Menu X
2017-07-29 08:13 - 2017-07-29 08:40 - 000000000 ____D C:\Users\jean-\AppData\Roaming\StartMenuX
2017-07-29 08:13 - 2017-07-29 08:14 - 000000000 ____D C:\Program Files\Start Menu X
2017-07-29 08:13 - 2017-07-29 08:13 - 000000000 ____D C:\ProgramData\StartMenuX
2017-07-29 08:12 - 2017-07-29 08:12 - 000000000 ____D C:\ProgramData\{74E9F814-C737-42CC-B721-DBBC4059367A}
2017-07-29 08:11 - 2017-07-30 09:12 - 000000000 ____D C:\Users\jean-\AppData\LocalLow\IObit
2017-07-29 08:09 - 2017-07-29 08:09 - 000000000 ____D C:\WINDOWS\Tasks\ImCleanDisabled
2017-07-29 08:07 - 2017-07-29 10:16 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Degoo
2017-07-29 08:06 - 2017-07-29 08:06 - 000000000 ____D C:\ProgramData\MindGems
2017-07-29 08:06 - 2017-07-29 08:06 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LiteManager Pro - Viewer
2017-07-29 08:06 - 2017-07-29 08:06 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Folder Size
2017-07-29 08:06 - 2017-07-29 08:06 - 000000000 ____D C:\Program Files\FolderSize
2017-07-29 08:06 - 2017-07-29 08:06 - 000000000 ____D C:\Program Files (x86)\LiteManager Pro - Viewer
2017-07-29 08:06 - 2017-07-29 08:06 - 000000000 ____D C:\Program Files (x86)\Folder Size
2017-07-29 08:05 - 2017-07-31 16:22 - 000000000 ____D C:\Program Files (x86)\LiteManager Pro - Server
2017-07-29 08:05 - 2017-07-29 08:05 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LiteManager Pro - Server
2017-07-29 08:05 - 2017-07-29 08:05 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Kotobee Publisher
2017-07-29 08:04 - 2017-07-29 08:05 - 000000000 ____D C:\Program Files (x86)\Kotobee Publisher
2017-07-29 08:03 - 2017-07-29 08:03 - 000000000 ____D C:\Users\jean-\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\USB Safely Remove
2017-07-29 08:03 - 2017-07-29 08:03 - 000000000 ____D C:\ProgramData\USBSRService
2017-07-29 08:03 - 2017-07-29 08:03 - 000000000 ____D C:\Program Files (x86)\USB Safely Remove
2017-07-29 06:28 - 2017-07-29 06:28 - 000003656 _____ C:\WINDOWS\System32\Tasks\CreateExplorerShellUnelevatedTask
2017-07-29 06:24 - 2017-07-29 06:28 - 000000000 ____D C:\Users\jean-\AppData\Roaming\UsbFix
2017-07-29 06:24 - 2017-07-29 06:24 - 000000000 ____D C:\Users\jean-\AppData\Roaming\Modules
2017-07-29 06:19 - 2017-07-29 06:19 - 000002409 _____ C:\Users\jean-\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2017-07-29 06:14 - 2017-07-29 06:14 - 000000000 ____D C:\ProgramData\Avanquest
2017-07-29 06:14 - 2017-07-29 06:14 - 000000000 ____D C:\Program Files (x86)\Avanquest update
2017-07-29 06:11 - 2017-07-29 06:11 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Zemana AntiLogger
2017-07-29 06:11 - 2017-07-29 06:11 - 000000000 ____D C:\ProgramData\BVRP Software
2017-07-29 06:11 - 2017-03-22 12:44 - 000161408 _____ (Zemana Ltd.) C:\WINDOWS\system32\Drivers\KeyCrypt64.sys
2017-07-28 15:01 - 2017-07-28 15:01 - 000528896 _____ C:\WINDOWS\c69fd46f34b502ccef5b6a80d3c08909.exe
2017-07-28 15:01 - 2017-07-28 15:01 - 000051618 _____ C:\WINDOWS\uninstaller.dat
==================== Un mois - Modifiés - fichiers et dossiers ========
(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)
2017-08-01 14:49 - 2016-08-31 15:57 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2017-08-01 08:15 - 2016-09-09 16:27 - 000000000 ____D C:\Users\jean-\Desktop\cadeaux muscade moulue jessica jessica franprix temptations, franprix & syrtos (16 octobre)
2017-08-01 08:15 - 2016-09-06 20:58 - 000000000 ____D C:\Users\jean-\AppData\Roaming\TeraCopy
2017-08-01 04:06 - 2016-08-28 12:36 - 002592972 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2017-08-01 04:06 - 2016-07-17 00:40 - 001081020 _____ C:\WINDOWS\system32\perfh00C.dat
2017-08-01 04:06 - 2016-07-17 00:40 - 000261644 _____ C:\WINDOWS\system32\perfc00C.dat
2017-08-01 03:48 - 2016-08-31 16:16 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2017-07-31 14:47 - 2016-08-31 16:04 - 000000000 ____D C:\Users\jean-
2017-07-31 14:46 - 2016-07-16 13:47 - 000000000 ____D C:\WINDOWS\system32\appraiser
2017-07-31 14:41 - 2016-07-16 08:04 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2017-07-31 14:40 - 2016-09-03 08:59 - 000000000 ____D C:\Program Files\Microsoft Silverlight
2017-07-31 14:40 - 2016-09-02 16:23 - 000000000 ____D C:\Program Files (x86)\Microsoft Silverlight
2017-07-31 14:12 - 2016-07-16 13:45 - 000000000 ____D C:\WINDOWS\INF
2017-07-31 14:12 - 2016-07-16 13:36 - 000000000 ____D C:\WINDOWS\CbsTemp
2017-07-31 14:11 - 2016-08-31 13:06 - 135225752 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2017-07-31 14:00 - 2016-09-02 16:24 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2017-07-31 13:54 - 2016-09-07 01:54 - 002529856 _____ C:\WINDOWS\SysWOW64\PerfStringBackup.INI
2017-07-31 13:49 - 2016-09-07 01:56 - 000000000 ____D C:\Users\MSSQL$ADK
2017-07-31 13:48 - 2016-09-07 01:46 - 000000000 ____D C:\Program Files\Microsoft SQL Server
2017-07-31 13:48 - 2016-09-07 01:39 - 000000000 ____D C:\Program Files (x86)\Microsoft SQL Server
2017-07-31 10:36 - 2016-09-08 14:35 - 000000000 ____D C:\WINDOWS\Minidump
2017-07-31 10:20 - 2016-07-16 13:47 - 000000000 ____D C:\WINDOWS\AppReadiness
2017-07-31 08:29 - 2016-09-07 12:53 - 000000000 ___RD C:\Users\jean-\Desktop\LFS Ultra Suite v5.6, lfsu100%sfpzs++sfce, part 6 & sfcec-barrow 2 à 4-widen apps, & tools for manage youcam 8 & photodirector 9
2017-07-31 08:14 - 2016-07-16 08:04 - 000000000 ____D C:\Program Files\PowerMaster
2017-07-31 08:07 - 2016-08-28 12:50 - 000000000 ___RD C:\Users\jean-\OneDrive
2017-07-30 12:14 - 2016-09-06 23:43 - 000000000 ____D C:\Users\jean-\AppData\Roaming\CyberLink
2017-07-30 12:14 - 2016-09-06 23:42 - 000000000 ____D C:\Users\jean-\AppData\Local\CyberLink
2017-07-30 10:40 - 2016-08-28 16:25 - 000000000 ____D C:\Users\jean-\Downloads\UsbFix
2017-07-30 10:07 - 2016-09-06 16:18 - 000004174 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{3EF053DA-9088-495B-9E19-1A7664ABB844}
2017-07-30 09:39 - 2016-09-09 07:08 - 000000000 ____D C:\Users\jean-\Desktop\others applications
2017-07-30 09:39 - 2016-08-28 19:38 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DAEMON Tools Pro
2017-07-30 09:39 - 2016-08-28 16:54 - 000000000 ____D C:\Users\jean-\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\KillCopy
2017-07-30 09:39 - 2016-08-28 14:42 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Rebit 5
2017-07-30 09:38 - 2016-08-31 16:56 - 000000000 ___DC C:\WINDOWS\Panther
2017-07-30 09:11 - 2016-09-07 13:09 - 000000000 ____D C:\ProgramData\IObit
2017-07-30 09:09 - 2016-09-08 08:25 - 000000000 ____D C:\Users\jean-\AppData\Roaming\IObit
2017-07-30 06:39 - 2016-09-03 09:08 - 000000000 ____D C:\Users\jean-\AppData\Local\CrashDumps
2017-07-29 16:49 - 2016-09-07 13:20 - 000000000 ____D C:\Program Files (x86)\Wise
2017-07-29 16:17 - 2016-09-06 23:12 - 000000000 ____D C:\ProgramData\SUPPORTDIR
2017-07-29 16:07 - 2016-09-06 23:32 - 000000000 ____D C:\Program Files (x86)\NSIS Uninstall Information
2017-07-29 16:07 - 2016-08-29 06:52 - 000000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2017-07-29 16:03 - 2016-08-31 16:00 - 000000000 ____D C:\ProgramData\Package Cache
2017-07-29 15:46 - 2016-09-06 23:12 - 000000000 ____D C:\ProgramData\install_clap
2017-07-29 15:02 - 2016-08-31 15:57 - 000220152 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2017-07-29 13:11 - 2016-09-07 20:38 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RogueKiller
2017-07-29 13:11 - 2016-09-07 20:38 - 000000000 ____D C:\Program Files\RogueKiller
2017-07-29 13:09 - 2016-07-16 13:47 - 000000000 ____D C:\WINDOWS\Cursors
2017-07-29 13:07 - 2016-07-16 13:43 - 046823424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\imageres.dll
2017-07-29 13:07 - 2016-07-16 13:43 - 001752576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\imagesp1.dll
2017-07-29 13:07 - 2016-07-16 13:42 - 046823424 _____ (Microsoft Corporation) C:\WINDOWS\system32\imageres.dll
2017-07-29 13:07 - 2016-07-16 13:42 - 001752576 _____ (Microsoft Corporation) C:\WINDOWS\system32\imagesp1.dll
2017-07-29 13:07 - 2016-07-16 13:42 - 000598016 _____ (Microsoft Corporation) C:\WINDOWS\system32\zipfldr.dll
2017-07-29 13:07 - 2016-07-16 13:42 - 000558080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\zipfldr.dll
2017-07-29 13:06 - 2016-07-16 13:47 - 000000000 __SHD C:\Program Files\Windows Sidebar
2017-07-29 12:58 - 2016-09-07 20:38 - 000000000 ____D C:\ProgramData\RogueKiller
2017-07-29 11:17 - 2016-09-06 20:50 - 000000000 ____D C:\Program Files\TeraCopy
2017-07-29 11:05 - 2016-09-07 13:09 - 000000000 ____D C:\Program Files (x86)\IObit
2017-07-29 10:40 - 2016-08-28 14:33 - 000000000 ____D C:\Users\Public\Documents\Wondershare
2017-07-29 10:38 - 2016-08-28 19:42 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wondershare
2017-07-29 10:36 - 2016-08-28 19:46 - 000000000 ____D C:\Program Files (x86)\Wondershare
2017-07-29 10:34 - 2016-09-07 13:26 - 000000000 ____D C:\Users\jean-\AppData\Local\iSkysoft
2017-07-29 10:34 - 2016-09-07 13:24 - 000000000 ____D C:\ProgramData\iSkysoft iMedia Converter Deluxe
2017-07-29 10:21 - 2016-09-07 13:22 - 000000000 ____D C:\Users\Public\Documents\iSkysoft
2017-07-29 10:18 - 2016-08-28 19:43 - 000000000 ____D C:\ProgramData\Wondershare
2017-07-29 10:09 - 2016-09-07 13:24 - 000000000 ____D C:\ProgramData\iSkysoft
2017-07-29 10:05 - 2016-09-07 13:24 - 000000000 ____D C:\Program Files (x86)\iSkysoft
2017-07-29 08:58 - 2016-09-07 14:41 - 000000000 ____D C:\Program Files (x86)\Zemana AntiLogger
2017-07-29 08:58 - 2016-09-07 14:41 - 000000000 ____D C:\Program Files (x86)\KeyCryptSDK
2017-07-29 08:41 - 2016-09-04 15:23 - 000000000 ____D C:\Users\jean-\AppData\Roaming\eufsc
2017-07-29 08:25 - 2016-09-03 15:37 - 000003554 _____ C:\WINDOWS\System32\Tasks\SoftwareUpdate Pro
2017-07-29 08:17 - 2016-07-16 13:47 - 000000000 ___HD C:\Program Files\WindowsApps
2017-07-29 07:52 - 2016-07-16 13:47 - 000000000 ____D C:\WINDOWS\SysWOW64\GroupPolicy
2017-07-29 07:52 - 2015-10-30 09:24 - 000000000 ___HD C:\WINDOWS\system32\GroupPolicy
2017-07-29 06:04 - 2016-09-07 13:37 - 000000000 ____D C:\Program Files\Common Files\logishrd
2017-07-28 22:11 - 2016-08-28 17:04 - 000565416 _____ (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe
2017-07-28 21:51 - 2016-09-06 16:06 - 000000000 ____D C:\WINDOWS\System32\Tasks\NCH Software
==================== Fichiers à la racine de certains dossiers =======
2017-07-29 12:05 - 2017-07-29 12:05 - 000140800 _____ () C:\Users\jean-\AppData\Local\installer.dat
2017-07-29 12:05 - 2017-07-29 12:05 - 001847296 _____ () C:\Users\jean-\AppData\Local\po.db
Fichiers à déplacer ou supprimer:
====================
C:\Users\jean-\ZHPDiag3.exe
Certains fichiers dans TEMP:
====================
2017-07-29 20:24 - 2017-07-29 20:24 - 004043712 _____ (Geek Unіnstaller) C:\Users\jean-\AppData\Local\Temp\geek64.exe
2017-07-29 10:56 - 2017-07-29 10:56 - 004895891 _____ () C:\Users\jean-\AppData\Local\Temp\Redist642008.exe
2017-07-29 10:58 - 2017-07-29 10:58 - 004149146 _____ () C:\Users\jean-\AppData\Local\Temp\Redist862008.exe
==================== Bamital & volsnap ======================
(Il n'y a pas de correction automatique pour les fichiers qui ne satisfont pas à la vérification.)
C:\WINDOWS\system32\winlogon.exe => Le fichier est signé numériquement
C:\WINDOWS\system32\wininit.exe => Le fichier est signé numériquement
C:\WINDOWS\explorer.exe => Le fichier est signé numériquement
C:\WINDOWS\SysWOW64\explorer.exe => Le fichier est signé numériquement
C:\WINDOWS\system32\svchost.exe => Le fichier est signé numériquement
C:\WINDOWS\SysWOW64\svchost.exe => Le fichier est signé numériquement
C:\WINDOWS\system32\services.exe => Le fichier est signé numériquement
C:\WINDOWS\system32\User32.dll => Le fichier est signé numériquement
C:\WINDOWS\SysWOW64\User32.dll => Le fichier est signé numériquement
C:\WINDOWS\system32\userinit.exe => Le fichier est signé numériquement
C:\WINDOWS\SysWOW64\userinit.exe => Le fichier est signé numériquement
C:\WINDOWS\system32\rpcss.dll => Le fichier est signé numériquement
C:\WINDOWS\system32\dnsapi.dll => Le fichier est signé numériquement
C:\WINDOWS\SysWOW64\dnsapi.dll => Le fichier est signé numériquement
C:\WINDOWS\system32\Drivers\volsnap.sys => Le fichier est signé numériquement
LastRegBack: 2017-07-28 22:26
==================== Fin de FRST.txt ============================
Exécuté par jean- (administrateur) sur DESKTOP-37KC94K (01-08-2017 14:57:09)
Exécuté depuis C:\Users\jean-\Desktop
Profils chargés: jean- (Profils disponibles: jean- & MSSQL$ADK)
Platform: Windows 10 Home Version 1607 (X64) Langue: Français (France)
Internet Explorer Version 11 (Navigateur par défaut: Opera)
Mode d'amorçage: Safe Mode (with Networking)
Tutoriel pour Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processus (Avec liste blanche) =================
(Si un élément est inclus dans le fichier fixlist.txt, le processus sera arrêté. Le fichier ne sera pas déplacé.)
() C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.12.945.9202\AdAwareService.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
() C:\Program Files (x86)\EaseUS\EaseUS EverySync\bin\EaseUSEverySyncCache.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\HelpPane.exe
(Microsoft Corporation) C:\Windows\System32\InstallAgent.exe
(Microsoft Corporation) C:\Windows\System32\InstallAgentUserBroker.exe
(Opera Software) C:\Users\jean-\AppData\Local\Programs\Opera\46.0.2597.26374\opera.exe
(Opera Software) C:\Users\jean-\AppData\Local\Programs\Opera\46.0.2597.26374\opera_crashreporter.exe
(Opera Software) C:\Users\jean-\AppData\Local\Programs\Opera\46.0.2597.26374\opera.exe
(Opera Software) C:\Users\jean-\AppData\Local\Programs\Opera\46.0.2597.26374\opera.exe
(Opera Software) C:\Users\jean-\AppData\Local\Programs\Opera\46.0.2597.26374\opera.exe
(Opera Software) C:\Users\jean-\AppData\Local\Programs\Opera\46.0.2597.26374\opera.exe
(Opera Software) C:\Users\jean-\AppData\Local\Programs\Opera\46.0.2597.26374\opera.exe
() C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.12.945.9202\AdAwareDesktop.exe
() C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.12.945.9202\AdAwareTray.exe
(ESET spol. s r.o.) C:\Users\jean-\Downloads\esetonlinescanner_enu.exe
(Auslogics) C:\Users\jean-\Downloads\ausdiskdefragportable.exe
(Auslogics) C:\Users\jean-\AppData\Local\Temp\RarSFX3\DiskDefrag\DiskDefrag.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
==================== Registre (Avec liste blanche) ====================
(Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé. Le fichier ne sera pas déplacé.)
HKLM\...\Run: [AdAwareTray] => C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.12.945.9202\AdAwareTray.exe [9571552 2016-07-18] ()
HKLM\...\Run: [] => [X]
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [16408320 2015-12-14] (Realtek Semiconductor)
HKLM\...\Run: [Zoolz Tray] => C:\Program Files\Genie9\Zoolz2\Zoolz.exe [2003088 2017-03-22] (Genie9)
HKLM\...\Run: [Malwarebytes TrayApp] => C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\mbamtray.exe [3146704 2017-05-09] (Malwarebytes)
HKLM\...\Policies\Explorer: [NoDriveTypeAutoRun]
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKU\S-1-5-21-4265624635-2019933758-61733912-1001\...\Run: [COS] => C:\Program Files\COMODO\cCloud\cCloud.exe [7195824 2014-09-03] (COMODO Security Solutions)
HKU\S-1-5-21-4265624635-2019933758-61733912-1001\...\Run: [USB Safely Remove] => C:\Program Files (x86)\USB Safely Remove\USBSafelyRemove.exe [6528096 2017-06-03] (Crystal Rich Ltd)
HKU\S-1-5-21-4265624635-2019933758-61733912-1001\...\Run: [Advanced SystemCare 10] => C:\Program Files (x86)\IObit\Advanced SystemCare\ASCTray.exe [3921184 2017-04-10] (IObit)
HKU\S-1-5-21-4265624635-2019933758-61733912-1001\...\Policies\Explorer: [NolowDiskSpaceChecks] 1
AppInit_DLLs: C:\PROGRA~2\KeyCryptSDK\KeyCrypt64(2).dll => C:\Program Files (x86)\KeyCryptSDK\KeyCrypt64(2).dll [94568 2017-01-19] (Zemana Ltd.)
AppInit_DLLs-x32: C:\PROGRA~2\KeyCryptSDK\KeyCrypt32(2).dll => C:\Program Files (x86)\KeyCryptSDK\KeyCrypt32(2).dll [85864 2017-01-19] (Zemana Ltd.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\RocketDock.lnk [2017-07-29]
ShortcutTarget: RocketDock.lnk -> C:\skinpack\RocketDock\RocketDock.exe ()
BootExecute: autocheck autochk /p \??\C:autocheck autochk /p \??\N:autocheck autochk /p \??\H:autocheck autochk *
GroupPolicy: Restriction <==== ATTENTION
==================== Internet (Avec liste blanche) ====================
(Si un élément est inclus dans le fichier fixlist.txt, s'il s'agit d'un élément du Registre, il sera supprimé ou restauré à la valeur par défaut.)
Hosts: 127.0.0.1 localhost
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1 192.168.1.1
Tcpip\..\Interfaces\{a778058e-ddb3-4e56-a8fe-5582c6425c94}: [DhcpNameServer] 192.168.1.1 192.168.1.1
Internet Explorer:
==================
HKU\S-1-5-21-4265624635-2019933758-61733912-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.fr/
BHO: Pas de nom -> {27DD0F8B-3E0E-4ADC-A78A-66047E71ADC5} -> C:\skinpack\OldNewExplorer64.dll [2016-07-25] (www.startisback.com)
BHO: Easy Photo Print -> {9421DD08-935F-4701-A9CA-22DF90AC4EA6} -> C:\Program Files (x86)\Epson Software\Easy Photo Print\EPTBL.dll [2015-07-31] (Seiko Epson Corporation)
BHO-x32: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2016-09-02] (Adobe Systems Incorporated)
BHO-x32: E-Web Print -> {201CF130-E29C-4E5C-A73F-CD197DEFA6AE} -> C:\Program Files (x86)\Epson Software\E-Web Print\ewps_tb.dll [2014-11-27] (SEIKO EPSON CORPORATION)
BHO-x32: Pas de nom -> {27DD0F8B-3E0E-4ADC-A78A-66047E71ADC5} -> C:\skinpack\OldNewExplorer32.dll [2016-07-25] (www.startisback.com)
BHO-x32: Wondershare Video Converter Ultimate -> {65DEE40A-3E93-4cae-9F98-B8E06DCEE2BF} -> C:\Program Files (x86)\Wondershare\VideoConverterFree\SVRIEPlugin.dll [2012-09-28] (Wondershare Software Co., Ltd.)
BHO-x32: Programme d'aide de l'Assistant de connexion Windows Live -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2016-09-02] (Microsoft Corporation)
BHO-x32: iSkysoft iMedia Converter Deluxe 5.1.0 -> {AEAF002F-E6D8-4A21-ABD3-2B309B79A6CE} -> C:\ProgramData\iSkysoft\Video Converter Ultimate\WSBrowserAppMgr.dll [2016-08-18] (Wondershare)
BHO-x32: IObit Ads Removal -> {FFCB3198-32F3-4E8B-9539-4324694ED664} -> C:\Program Files (x86)\IObit\Advanced SystemCare\Surfing Protection\Adblock\Adblock.dll [2016-06-23] (IObit)
Toolbar: HKLM - Easy Photo Print - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files (x86)\Epson Software\Easy Photo Print\EPTBL.dll [2015-07-31] (Seiko Epson Corporation)
Toolbar: HKLM-x32 - E-Web Print - {201CF130-E29C-4E5C-A73F-CD197DEFA6AE} - C:\Program Files (x86)\Epson Software\E-Web Print\ewps_tb.dll [2014-11-27] (SEIKO EPSON CORPORATION)
Handler-x32: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.14.0.8117.0416.dll [2016-09-02] (Microsoft Corporation)
Handler-x32: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.14.0.8117.0416.dll [2016-09-02] (Microsoft Corporation)
Handler: WSISVCUchrome - Pas de valeur CLSID
FireFox:
========
FF HKLM-x32\...\Firefox\Extensions: [e-webprint@epson.com] - C:\Program Files (x86)\Epson Software\E-Web Print\Firefox Add-on
FF Extension: (E-Web Print) - C:\Program Files (x86)\Epson Software\E-Web Print\Firefox Add-on [2016-08-29] [non signé]
FF HKLM-x32\...\Firefox\Extensions: [ISVCU@iSkysoft.com] - C:\ProgramData\iSkysoft\Video Converter Ultimate\ISVCU@iSkysoft.com_xpi
FF Extension: (iSkysoft iMedia Converter Deluxe) - C:\ProgramData\iSkysoft\Video Converter Ultimate\ISVCU@iSkysoft.com_xpi [2016-09-07]
FF HKLM-x32\...\Firefox\Extensions: [{8D150B8F-EFE8-45a3-A4A3-053020F48FAC}] - C:\Program Files (x86)\Wondershare\VideoConverterFree\SVRFirefoxExt
FF Extension: (Wondershare Video Converter Ultimate) - C:\Program Files (x86)\Wondershare\VideoConverterFree\SVRFirefoxExt [2017-07-29] [non signé]
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.50907.0\npctrl.dll [2017-05-03] ( Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.50907.0\npctrl.dll [2017-05-03] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=14.0.8117.0416 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2016-09-02] (Microsoft Corporation)
Chrome:
=======
CHR HKLM-x32\...\Chrome\Extension: [cfmjkokphadmhbenfjjecfbhbbonbjcb] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [chgdeabpmphfhkoemjjglmilajldekbp] - C:\Program Files (x86)\Wondershare\VideoConverterFree\SVRChromePlugin.crx [2017-07-29]
==================== Services (Avec liste blanche) ====================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
S2 AdvancedSystemCareService10; C:\Program Files (x86)\IObit\Advanced SystemCare\ASCService.exe [462624 2017-03-21] (IObit)
S2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [344064 2015-08-21] (Advanced Micro Devices, Inc.) [Fichier non signé]
S4 BingDesktopUpdate; C:\Program Files (x86)\Microsoft\BingDesktop\BingDesktopUpdater.exe [173248 2014-11-26] (Microsoft Corp.)
S2 COSService.exe; C:\Program Files\COMODO\COMMON\COSService.exe [3550400 2014-10-07] (COMODO Security Solutions)
S3 Diskeeper; C:\Program Files\Condusiv Technologies\Diskeeper\DKService.exe [2695920 2015-03-05] (Condusiv Technologies)
S3 EaseUS Agent; C:\Program Files (x86)\EaseUS\Todo Backup\bin\Agent.exe [39616 2016-06-03] (CHENGDU YIWO Tech Development Co., Ltd)
S3 FolderSize; C:\Program Files\FolderSize\FolderSizeSvc.exe [163840 2013-02-13] (Brio) [Fichier non signé]
S3 GsServer; C:\Program Files\Siber Systems\GoodSync\gs-server.exe [7184608 2017-05-19] ()
R2 LavasoftAdAwareService11; C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.12.945.9202\AdAwareService.exe [732056 2016-07-18] ()
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [4470736 2017-05-09] (Malwarebytes)
S2 MSSQL$ADK; C:\Program Files (x86)\Microsoft SQL Server\MSSQL11.ADK\MSSQL\Binn\sqlservr.exe [163008 2016-09-24] (Microsoft Corporation)
S3 NeroBackItUpBackgroundService; C:\Program Files (x86)\Nero\Nero BackItUp\NBService.exe [287088 2016-04-01] (Nero AG)
S3 RichVideo64; C:\Program Files\CyberLink\Shared files\RichVideo64.exe [614664 2016-05-20] (CyberLink)
S3 rscp; C:\Program Files (x86)\Reason\Security\Protection\rscp\bin\rscp_svc.exe [303896 2017-07-28] ()
S3 rsEngineSvc; C:\Program Files (x86)\Reason\Security\rsEngineSvc.exe [82680 2016-09-02] (Reason Software Company Inc.)
S3 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [307456 2015-12-14] (Realtek Semiconductor)
S4 SQLAgent$ADK; C:\Program Files (x86)\Microsoft SQL Server\MSSQL11.ADK\MSSQL\Binn\SQLAGENT.EXE [448704 2016-09-24] (Microsoft Corporation)
S3 SyncBackTouch; C:\Program Files (x86)\2BrightSparks\SyncBackTouch\SyncBackTouchSvc.exe [4715576 2016-09-30] (2BrightSparks Pte. Ltd.)
S2 SynchronizationService.exe; C:\Program Files\COMODO\COMMON\SynchronizationService.exe [2575552 2014-10-07] (COMODO Security Solutions)
S3 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [7534864 2016-08-25] (TeamViewer GmbH)
S2 TeraCopyService; C:\Program Files\TeraCopy\TeraCopyService.exe [110416 2017-01-31] (Code Sector)
S3 USBSafelyRemoveService; C:\Program Files (x86)\USB Safely Remove\USBSRService.exe [1731168 2017-06-03] (Crystal Rich Ltd)
S3 wdcservice; C:\Program Files (x86)\Wise\Wise Driver Care\wdcservice.exe [367272 2017-07-19] (WiseCleaner.com)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [347328 2016-07-16] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [103720 2016-07-16] (Microsoft Corporation)
S3 WsAppService; C:\Program Files (x86)\Wondershare\WAF\2.4.3.224\WsAppService.exe [473824 2017-04-20] (Wondershare)
S3 WsDrvInst; C:\Program Files (x86)\Wondershare\MirrorGo\DriverInstall.exe [111328 2017-05-05] (Wondershare)
S3 ZAMSvc; C:\Program Files (x86)\Zemana AntiLogger\ZAM.exe [15546512 2017-06-19] (Copyright 2017.)
S3 Zoolz 2 Service; C:\Program Files\Genie9\Zoolz2\ZoolzService.exe [475280 2017-03-22] (Genie9)
===================== Pilotes (Avec liste blanche) ======================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
S2 amwrtdrv; C:\WINDOWS\System32\amwrtdrv.sys [18392 2016-07-28] ()
S3 avc3; C:\WINDOWS\System32\DRIVERS\avc3.sys [1600512 2016-01-05] (BitDefender)
R3 avchv; C:\WINDOWS\system32\DRIVERS\avchv.sys [282000 2016-01-05] (BitDefender)
S3 avckf; C:\WINDOWS\System32\DRIVERS\avckf.sys [775424 2016-01-05] (BitDefender)
R1 BdfNdisf; C:\WINDOWS\system32\DRIVERS\bdfndisf6.sys [107496 2016-02-16] (BitDefender LLC)
R1 bdfwfpf; C:\Program Files\Lavasoft\Ad-Aware Antivirus\Firewall Engine\1.6.1.0\Drivers\bdfwfpf.sys [115800 2016-02-16] (BitDefender LLC)
R0 bdisk; C:\WINDOWS\System32\DRIVERS\bdisk.sys [85488 2014-10-07] (COMODO Security Solutions Inc.)
R0 CBUFS; C:\WINDOWS\System32\DRIVERS\CBUFS.sys [230712 2014-10-07] (COMODO Security Solutions Inc.)
R0 cbvd; C:\WINDOWS\System32\DRIVERS\cbvd.sys [677744 2014-10-07] (COMODO Security Solutions Inc.)
S3 CisUtMonitor; C:\WINDOWS\System32\DRIVERS\CisUtMonitor.sys [54192 2017-01-13] (CrystalIdea Software)
S3 clvad; C:\WINDOWS\system32\drivers\clvad.sys [40384 2016-05-27] (CyberLink)
R3 CLVirtualBus01; C:\WINDOWS\System32\drivers\CLVirtualBus01.sys [103176 2014-11-05] (CyberLink)
S3 clwvd7; C:\WINDOWS\system32\DRIVERS\clwvd7.sys [49944 2016-06-02] (CyberLink Corporation)
S3 clwvdVM; C:\WINDOWS\system32\DRIVERS\clwvdVM.sys [55240 2016-05-27] (CyberLink Corporation)
S3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus.sys [131984 2017-05-18] (Samsung Electronics Co., Ltd.)
R0 DKDFM; C:\WINDOWS\System32\drivers\DKDFM.sys [41744 2013-05-06] (Condusiv Technologies)
S3 DKRtWrt; C:\WINDOWS\system32\drivers\DKRtWrt.sys [53520 2014-10-24] (Condusiv Technologies)
R0 DKTLFSMF; C:\WINDOWS\System32\drivers\DKTLFSMF.sys [119536 2014-04-14] (Condusiv Technologies)
R3 dtproscsibus; C:\WINDOWS\System32\drivers\dtproscsibus.sys [30264 2016-08-28] (Disc Soft Ltd)
S1 ElRawDisk; C:\WINDOWS\system32\drivers\rsdrvx64.sys [26024 2009-02-12] (EldoS Corporation)
R0 EUBKMON; C:\WINDOWS\System32\drivers\EUBKMON.sys [48168 2015-12-10] ()
S1 GUSBootStartup; C:\WINDOWS\System32\drivers\GUSBootStartup.sys [20160 2016-09-03] (Glarysoft Ltd)
S3 gzflt; C:\Program Files\Lavasoft\Ad-Aware Antivirus\Antimalware Engine\3.0.129.0\gzflt.sys [161592 2016-04-28] (BitDefender LLC)
S1 IMFMBRProtect; C:\Program Files (x86)\IObit\IObit MBR Guard\drivers\win10_amd64\IMFMBRProtect.sys [38904 2017-06-29] (IObit.com)
R3 keycrypt; C:\WINDOWS\System32\DRIVERS\KeyCrypt64.sys [161408 2017-03-22] (Zemana Ltd.)
R3 MBAMSwissArmy; C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [253856 2017-08-01] (Malwarebytes)
S3 MDA_NTDRV; C:\Windows\system32\MDA_NTDRV.sys [47104 2016-05-20] ()
S3 NetAdapterCx; C:\WINDOWS\System32\drivers\NetAdapterCx.sys [90624 2016-07-16] ()
R0 Reparse; C:\WINDOWS\System32\DRIVERS\CBReparse.sys [674160 2014-10-07] (COMODO Security Solutions Inc.)
R3 RTSUER; C:\WINDOWS\system32\Drivers\RtsUer.sys [416472 2016-05-17] (Realsil Semiconductor Corporation)
U3 TrueSight; C:\Windows\System32\drivers\TrueSight.sys [28272 2017-07-29] ()
S3 Trufos; C:\WINDOWS\System32\DRIVERS\Trufos.sys [485512 2016-04-28] (BitDefender S.R.L.)
U5 UnlockerDriver5; C:\Program Files\Unlocker\UnlockerDriver5.sys [12352 2010-07-01] ()
R3 vdbus; C:\WINDOWS\System32\drivers\vdbus.sys [826040 2014-10-07] (COMODO Security Solutions Inc.)
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [44056 2016-07-16] (Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [290144 2016-07-16] (Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [123232 2016-07-16] (Microsoft Corporation)
S3 WIMMount; C:\Program Files (x86)\Windows Kits\10\Assessment and Deployment Kit\Deployment Tools\amd64\DISM\wimmount.sys [42688 2016-07-16] (Microsoft Corporation)
S3 WofAdk; C:\Program Files (x86)\Windows Kits\10\Assessment and Deployment Kit\Deployment Tools\amd64\DISM\wofadk.sys [221376 2016-07-16] (Microsoft Corporation)
S1 xlkfs; C:\WINDOWS\System32\DRIVERS\xlkfs.sys [44272 2016-05-26] (XOSLAB.COM)
S1 ZAM; C:\WINDOWS\System32\drivers\zam64.sys [203680 2016-09-07] (Zemana Ltd.)
S1 ZAM_Guard; C:\WINDOWS\System32\drivers\zamguard64.sys [203680 2016-09-07] (Zemana Ltd.)
==================== NetSvcs (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
==================== Un mois - Créés - fichiers et dossiers ========
(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)
2017-08-01 14:57 - 2017-08-01 14:58 - 000017493 _____ C:\Users\jean-\Desktop\FRST.txt
2017-08-01 14:57 - 2017-08-01 14:57 - 000000000 ____D C:\FRST
2017-08-01 14:56 - 2017-08-01 14:56 - 002381312 _____ (Farbar) C:\Users\jean-\Desktop\FRST64.exe
2017-08-01 08:01 - 2017-08-01 08:02 - 005352424 _____ (Auslogics) C:\Users\jean-\Downloads\ausdiskdefragportable.exe
2017-08-01 03:32 - 2017-08-01 03:32 - 000012864 ____N C:\bootsqm.dat
2017-07-31 18:34 - 2017-07-31 18:36 - 064025992 _____ (Malwarebytes ) C:\Users\jean-\Downloads\mb3-setup-35891.35891-3.1.2.1733-1.0.139-1.0.2060 (1).exe
2017-07-31 14:11 - 2017-07-31 14:12 - 000000000 ____D C:\Program Files\UNP
2017-07-31 14:11 - 2017-07-31 14:11 - 000000000 ____D C:\WINDOWS\system32\UNP
2017-07-31 14:02 - 2017-04-21 23:53 - 000029376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aspnet_counters.dll
2017-07-31 14:02 - 2017-04-21 23:50 - 000030912 _____ (Microsoft Corporation) C:\WINDOWS\system32\aspnet_counters.dll
2017-07-31 14:01 - 2017-04-21 23:53 - 000018600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvcr100_clr0400.dll
2017-07-31 14:01 - 2017-04-21 23:50 - 000018592 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvcr100_clr0400.dll
2017-07-31 14:01 - 2017-04-11 20:27 - 000993632 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvcr120_clr0400.dll
2017-07-31 14:01 - 2017-04-11 20:27 - 000690008 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvcp120_clr0400.dll
2017-07-31 14:01 - 2017-03-15 20:15 - 000987840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvcr120_clr0400.dll
2017-07-31 14:01 - 2017-03-15 20:15 - 000485576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvcp120_clr0400.dll
2017-07-31 10:36 - 2017-07-31 10:37 - 000414524 _____ C:\WINDOWS\Minidump\073117-33250-01.dmp
2017-07-31 10:35 - 2017-07-31 10:35 - 692127616 _____ C:\WINDOWS\MEMORY.DMP
2017-07-31 10:20 - 2017-07-31 10:31 - 000000000 ____D C:\Program Files\rempl
2017-07-31 10:18 - 2017-06-03 12:50 - 000192856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aepic.dll
2017-07-31 10:18 - 2017-06-03 12:14 - 001564512 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll
2017-07-31 10:18 - 2017-06-03 12:14 - 001214816 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
2017-07-31 10:18 - 2017-06-03 12:14 - 000629088 _____ (Microsoft Corporation) C:\WINDOWS\system32\generaltel.dll
2017-07-31 10:18 - 2017-06-03 12:14 - 000544096 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll
2017-07-31 10:18 - 2017-06-03 12:14 - 000335712 _____ (Microsoft Corporation) C:\WINDOWS\system32\dcntel.dll
2017-07-31 10:18 - 2017-06-03 12:14 - 000334176 _____ (Microsoft Corporation) C:\WINDOWS\system32\invagent.dll
2017-07-31 10:18 - 2017-06-03 12:14 - 000233824 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepic.dll
2017-07-31 10:18 - 2017-06-03 12:14 - 000136032 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
2017-07-31 10:18 - 2017-06-03 12:14 - 000096608 _____ (Microsoft Corporation) C:\WINDOWS\system32\CompatTelRunner.exe
2017-07-31 10:18 - 2017-06-03 12:14 - 000034648 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceCensus.exe
2017-07-31 08:36 - 2017-07-31 08:36 - 000000000 ____D C:\ProgramData\Auslogics
2017-07-31 08:30 - 2017-07-31 08:30 - 000000000 ____D C:\Users\jean-\AppData\Local\ESET
2017-07-31 08:29 - 2017-07-31 08:30 - 006754944 _____ (ESET spol. s r.o.) C:\Users\jean-\Downloads\esetonlinescanner_enu.exe
2017-07-31 08:16 - 2017-07-31 08:16 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\BCUninstaller
2017-07-31 08:16 - 2017-07-31 08:16 - 000000000 ____D C:\Program Files\BCUninstaller
2017-07-31 08:15 - 2017-07-31 08:15 - 002683160 _____ (Marcin Szeniak ) C:\Users\jean-\Downloads\BCUninstaller_3.12_setup.exe
2017-07-31 07:48 - 2016-12-21 06:44 - 000120320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\poqexec.exe
2017-07-31 07:47 - 2016-12-21 09:08 - 000142848 _____ (Microsoft Corporation) C:\WINDOWS\system32\poqexec.exe
2017-07-30 16:40 - 2017-07-30 16:40 - 002800512 _____ C:\Users\jean-\ZHPDiag3.exe
2017-07-30 13:24 - 2017-08-01 04:02 - 000253856 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2017-07-30 13:24 - 2017-07-30 13:24 - 000188312 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMChameleon.sys
2017-07-30 13:24 - 2017-07-30 13:24 - 000044960 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbam.sys
2017-07-30 13:23 - 2017-08-01 03:46 - 000077376 _____ C:\WINDOWS\system32\Drivers\mbae64.sys
2017-07-30 13:23 - 2017-07-31 18:36 - 000001914 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2017-07-30 13:23 - 2017-07-31 18:36 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes
2017-07-30 13:23 - 2017-07-30 13:23 - 000000000 ____D C:\ProgramData\Malwarebytes
2017-07-30 13:23 - 2017-07-30 13:23 - 000000000 ____D C:\Program Files\Malwarebytes
2017-07-30 13:22 - 2017-07-30 13:23 - 064025992 _____ (Malwarebytes ) C:\Users\jean-\Downloads\mb3-setup-35891.35891-3.1.2.1733-1.0.139-1.0.2060.exe
2017-07-30 12:19 - 2017-07-30 12:19 - 001721576 _____ (Microsoft Corporation) C:\WINDOWS\system32\WdfCoInstaller01009.dll
2017-07-30 12:19 - 2017-07-30 12:19 - 001002728 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinUSBCoInstaller2.dll
2017-07-30 12:14 - 2017-07-30 12:14 - 000000000 ____D C:\Users\jean-\Documents\CyberLink
2017-07-30 11:07 - 2017-08-01 03:48 - 000045291 _____ C:\WINDOWS\ZAM.krnl.trace
2017-07-30 11:07 - 2017-08-01 03:48 - 000010690 _____ C:\WINDOWS\ZAM_Guard.krnl.trace
2017-07-30 10:40 - 2017-07-30 10:40 - 000001473 _____ C:\Users\jean-\Desktop\UsbFix.lnk
2017-07-30 10:40 - 2017-07-30 10:40 - 000000000 ____D C:\Users\jean-\Desktop\Quarantine
2017-07-30 10:40 - 2017-07-30 10:40 - 000000000 ____D C:\Users\jean-\Desktop\Log
2017-07-30 10:23 - 2017-07-30 10:23 - 000000000 ____D C:\Users\jean-\AppData\LocalLow\ADSRemoval
2017-07-30 09:52 - 2017-07-30 09:52 - 000002908 _____ C:\WINDOWS\System32\Tasks\ASC10_SkipUac_jean-
2017-07-30 09:45 - 2017-07-30 09:45 - 000000000 ___HD C:\OneDriveTemp
2017-07-30 09:12 - 2017-07-30 09:12 - 000000000 ____D C:\ProgramData\ProductData
2017-07-30 09:11 - 2017-07-30 09:40 - 000002250 _____ C:\Users\Public\Desktop\Advanced SystemCare 10.lnk
2017-07-30 09:11 - 2017-07-30 09:11 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Advanced SystemCare
2017-07-30 09:09 - 2017-07-30 09:09 - 001605936 _____ (IObit) C:\Users\jean-\Downloads\ascscan10_01netfr.exe
2017-07-30 09:07 - 2017-07-30 09:07 - 000000000 ____H C:\WINDOWS\system32\Drivers\Msft_User_WpdMtpDr_01_11_00.Wdf
2017-07-29 21:42 - 2017-07-29 21:44 - 000006028 _____ C:\Users\jean-\Desktop\ZHPCleaner.txt
2017-07-29 21:24 - 2017-07-29 21:24 - 002839936 _____ C:\Users\jean-\Downloads\ZHPCleaner.exe
2017-07-29 21:24 - 2017-07-29 21:24 - 000000877 _____ C:\Users\jean-\Desktop\ZHPCleaner.lnk
2017-07-29 20:24 - 2017-07-29 20:25 - 000000000 ____D C:\Users\jean-\AppData\Roaming\Geek Uninstaller
2017-07-29 20:24 - 2017-07-29 20:24 - 003000643 _____ C:\Users\jean-\Downloads\geek.zip
2017-07-29 20:23 - 2017-07-29 20:23 - 003952496 _____ (CrystalIdea Software ) C:\Users\jean-\Downloads\uninstalltool_setup.exe
2017-07-29 20:23 - 2017-07-29 20:23 - 000000942 _____ C:\Users\jean-\Desktop\Uninstall Tool.lnk
2017-07-29 20:23 - 2017-07-29 20:23 - 000000252 _____ C:\WINDOWS\Tasks\RunUninstallTool_SkipUac.job
2017-07-29 20:23 - 2017-07-29 20:23 - 000000000 ____D C:\Users\jean-\AppData\Roaming\CrystalIdea Software
2017-07-29 20:23 - 2017-07-29 20:23 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Uninstall Tool
2017-07-29 20:23 - 2017-07-29 20:23 - 000000000 ____D C:\Program Files\Uninstall Tool
2017-07-29 20:23 - 2017-01-13 12:54 - 000054192 _____ (CrystalIdea Software) C:\WINDOWS\system32\Drivers\CisUtMonitor.sys
2017-07-29 18:59 - 2017-07-30 20:07 - 000172522 _____ C:\Users\jean-\Desktop\ZHPDiag.txt
2017-07-29 18:51 - 2017-07-30 16:42 - 000000000 ____D C:\Users\jean-\AppData\Roaming\ZHP
2017-07-29 18:51 - 2017-07-30 16:42 - 000000000 ____D C:\Users\jean-\AppData\Local\ZHP
2017-07-29 18:51 - 2017-07-30 16:40 - 000000726 _____ C:\Users\jean-\Desktop\ZHPDiag.lnk
2017-07-29 18:51 - 2017-07-29 18:51 - 002798464 _____ C:\Users\jean-\Desktop\ZHPDiag3.exe
2017-07-29 17:19 - 2017-07-29 17:19 - 000000000 ____D C:\Users\jean-\AppData\Roaming\MultiCommander
2017-07-29 17:17 - 2017-07-29 17:20 - 000000000 ____D C:\mydrivers
2017-07-29 16:50 - 2017-07-29 16:50 - 000000000 ____D C:\ProgramData\Kingsoft
2017-07-29 16:49 - 2017-07-29 16:49 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wise Driver Care
2017-07-29 16:42 - 2017-07-29 16:49 - 007510176 _____ (WiseCleaner.com ) C:\Users\jean-\Downloads\WiseDriverCareSetup.exe
2017-07-29 16:17 - 2017-07-29 16:17 - 000000224 _____ C:\WINDOWS\Tasks\ACD.exe_20170729_161719_0698.job
2017-07-29 16:07 - 2017-07-29 16:07 - 000002067 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CyberLink ActionDirector 2 (64-bit).lnk
2017-07-29 16:03 - 2017-07-29 16:07 - 000000000 ____D C:\Program Files\CyberLink
2017-07-29 15:46 - 2017-07-29 15:46 - 000000000 ____D C:\ProgramData\install_backup
2017-07-29 15:35 - 2017-07-29 15:35 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Remo Duplicate Photos Remover
2017-07-29 15:35 - 2017-07-29 15:35 - 000000000 ____D C:\Program Files\Remo Duplicate Photos Remover 1.0
2017-07-29 15:34 - 2017-07-29 15:45 - 556887696 _____ C:\Users\jean-\Downloads\ActionDirector_1216_GM2_Trial_Trial_ACD161103-02.exe
2017-07-29 15:03 - 2017-07-29 15:03 - 000000000 ____D C:\ProgramData\2BrightSparks
2017-07-29 13:31 - 2017-07-29 21:07 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinZip
2017-07-29 13:30 - 2017-07-29 21:07 - 000000000 ____D C:\ProgramData\WinZip
2017-07-29 13:29 - 2017-07-29 13:29 - 000001244 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Booking.lnk
2017-07-29 13:29 - 2017-07-29 13:29 - 000001232 _____ C:\Users\Public\Desktop\Booking.lnk
2017-07-29 13:28 - 2017-07-29 13:29 - 000000000 ____D C:\Program Files (x86)\Booking
2017-07-29 13:24 - 2017-07-29 13:24 - 006178186 _____ (Media Play Air ) C:\Users\jean-\Downloads\JavaPlugin.exe
2017-07-29 13:19 - 2017-07-29 13:19 - 001548583 _____ ( ) C:\Users\jean-\Downloads\JavaPlugin_0562582603.exe
2017-07-29 13:17 - 2017-07-29 13:17 - 000000000 ___HD C:\Users\jean-\AppData\Roaming\Obsidium
2017-07-29 13:17 - 2017-07-29 13:17 - 000000000 ___HD C:\Users\jean-\.obs32
2017-07-29 13:13 - 2017-07-29 13:13 - 000028272 _____ C:\WINDOWS\system32\Drivers\TrueSight.sys
2017-07-29 13:11 - 2017-07-29 13:11 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SkinPack
2017-07-29 13:08 - 2017-07-29 14:54 - 000000000 ____D C:\Program Files (x86)\YP6XHVzWgC
2017-07-29 13:06 - 2017-07-29 14:53 - 000000000 ____D C:\Users\jean-\AppData\Roaming\a3bf6b7a34b746398d95f6d9d8c7bb49
2017-07-29 13:06 - 2017-07-29 14:53 - 000000000 ____D C:\Users\jean-\AppData\Roaming\456151808c11472195a5ec81eae4d2e9
2017-07-29 12:59 - 2017-07-29 21:23 - 000000835 _____ C:\Users\jean-\Desktop\JRT.txt
2017-07-29 12:45 - 2017-07-30 09:39 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows 10 - Codec Pack
2017-07-29 12:44 - 2017-07-29 12:46 - 000000000 ____D C:\WINDOWS\SysWOW64\Codecs
2017-07-29 12:44 - 2017-07-29 12:45 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows 7 - Codec Pack
2017-07-29 12:43 - 2017-07-29 12:43 - 000000000 ____D C:\Users\jean-\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\trolCommander
2017-07-29 12:43 - 2017-07-29 12:43 - 000000000 ____D C:\Users\jean-\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\iGetting Audio
2017-07-29 12:43 - 2017-07-29 12:43 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\2BrightSparks
2017-07-29 12:43 - 2017-07-29 12:43 - 000000000 ____D C:\Program Files (x86)\trolCommander
2017-07-29 12:43 - 2017-07-29 12:43 - 000000000 ____D C:\Program Files (x86)\iGetting Audio
2017-07-29 12:43 - 2017-07-29 12:43 - 000000000 ____D C:\Program Files (x86)\2BrightSparks
2017-07-29 12:42 - 2017-07-29 12:43 - 000000000 ____D C:\Users\jean-\Documents\Speed Install
2017-07-29 12:42 - 2017-07-29 12:42 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Speed Install
2017-07-29 12:41 - 2017-07-29 12:41 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Remo Repair ZIP
2017-07-29 12:41 - 2017-07-29 12:41 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Remo Repair Word
2017-07-29 12:41 - 2017-07-29 12:41 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Remo Repair Registry
2017-07-29 12:41 - 2017-07-29 12:41 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Remo Recover FREE Edition
2017-07-29 12:41 - 2017-07-29 12:41 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Remo File Eraser 2.0
2017-07-29 12:41 - 2017-07-29 12:41 - 000000000 ____D C:\Program Files (x86)\Remo File Eraser 2.0
2017-07-29 12:40 - 2017-07-29 12:41 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Remo Repair RAR
2017-07-29 12:40 - 2017-07-29 12:41 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Remo Repair PowerPoint
2017-07-29 12:40 - 2017-07-29 12:41 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Remo Repair MOV
2017-07-29 12:40 - 2017-07-29 12:41 - 000000000 ____D C:\Program Files\Remo Repair Registry
2017-07-29 12:40 - 2017-07-29 12:41 - 000000000 ____D C:\Program Files\Remo Recover FREE Edition
2017-07-29 12:40 - 2017-07-29 12:41 - 000000000 ____D C:\Program Files (x86)\Remo Repair ZIP 2.0
2017-07-29 12:40 - 2017-07-29 12:41 - 000000000 ____D C:\Program Files (x86)\Remo Repair Word 2.0
2017-07-29 12:40 - 2017-07-29 12:40 - 000000000 ____D C:\Users\Public\Documents\EFL
2017-07-29 12:40 - 2017-07-29 12:40 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Remo Recover for Android
2017-07-29 12:40 - 2017-07-29 12:40 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Remo Outlook Backup & Migrate
2017-07-29 12:40 - 2017-07-29 12:40 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Remo Drive Wipe
2017-07-29 12:40 - 2017-07-29 12:40 - 000000000 ____D C:\Program Files\Remo Repair MOV 2.0
2017-07-29 12:40 - 2017-07-29 12:40 - 000000000 ____D C:\Program Files\Remo Recover for Android 2.0
2017-07-29 12:40 - 2017-07-29 12:40 - 000000000 ____D C:\Program Files (x86)\Remo Repair RAR 2.0
2017-07-29 12:40 - 2017-07-29 12:40 - 000000000 ____D C:\Program Files (x86)\Remo Repair PowerPoint 2.0
2017-07-29 12:40 - 2017-07-29 12:40 - 000000000 ____D C:\Program Files (x86)\Remo Outlook Backup & Migrate
2017-07-29 12:40 - 2017-07-29 12:40 - 000000000 ____D C:\Program Files (x86)\Remo Drive Wipe
2017-07-29 12:39 - 2017-07-29 15:35 - 000000000 ____D C:\Users\jean-\AppData\Roaming\Remo
2017-07-29 12:39 - 2017-07-29 12:40 - 000000000 ____D C:\Program Files\Easy File Locker
2017-07-29 12:39 - 2017-07-29 12:39 - 000000000 ____D C:\Users\jean-\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\muCommander
2017-07-29 12:39 - 2017-07-29 12:39 - 000000000 ____D C:\Users\jean-\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Easy File Locker
2017-07-29 12:39 - 2017-07-29 12:39 - 000000000 ____D C:\Unreal Commander
2017-07-29 12:39 - 2017-07-29 12:39 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Remo Drive Defrag
2017-07-29 12:39 - 2017-07-29 12:39 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MultiCommander
2017-07-29 12:39 - 2017-07-29 12:39 - 000000000 ____D C:\Program Files\MultiCommander (x64)
2017-07-29 12:39 - 2017-07-29 12:39 - 000000000 ____D C:\Program Files (x86)\Remo Drive Defrag
2017-07-29 12:39 - 2017-07-29 12:39 - 000000000 ____D C:\Program Files (x86)\muCommander
2017-07-29 12:39 - 2009-02-12 15:11 - 000026024 _____ (EldoS Corporation) C:\WINDOWS\system32\Drivers\rsdrvx64.sys
2017-07-29 12:30 - 2017-07-29 12:31 - 000000000 ____D C:\ProgramData\regid.2003-04.com.caphyon
2017-07-29 12:30 - 2017-07-29 12:30 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Advanced Installer 13.8.1
2017-07-29 12:30 - 2017-07-29 12:30 - 000000000 ____D C:\Program Files (x86)\MSBuild
2017-07-29 12:30 - 2017-07-29 12:30 - 000000000 ____D C:\Program Files (x86)\Caphyon
2017-07-29 12:29 - 2017-07-29 12:29 - 000000000 ____D C:\ProgramData\Caphyon
2017-07-29 12:27 - 2017-07-29 21:07 - 000000000 ____D C:\AdwCleaner
2017-07-29 12:05 - 2017-07-29 12:05 - 001847296 _____ C:\Users\jean-\AppData\Local\po.db
2017-07-29 12:05 - 2017-07-29 12:05 - 000140800 _____ C:\Users\jean-\AppData\Local\installer.dat
2017-07-29 12:05 - 2017-07-29 12:05 - 000001516 _____ C:\WINDOWS\Tasks\PowerMaster.job
2017-07-29 12:04 - 2017-07-29 12:04 - 000000000 ____D C:\Users\jean-\AppData\Roaming\Opera Software
2017-07-29 12:04 - 2017-07-29 12:04 - 000000000 ____D C:\Users\jean-\AppData\Local\Opera Software
2017-07-29 12:03 - 2017-07-29 14:54 - 000000000 ____D C:\Users\jean-\AppData\Local\e66923851c834945ab5bdb4feca9ec87
2017-07-29 12:03 - 2017-07-29 14:54 - 000000000 ____D C:\Program Files (x86)\tefpOLC7oN
2017-07-29 12:03 - 2017-07-29 14:53 - 000000000 ____D C:\Users\jean-\AppData\Roaming\d6fd9e2d07604c7aa289e71501fd36fa
2017-07-29 12:03 - 2017-07-29 14:53 - 000000000 ____D C:\Users\jean-\AppData\Roaming\a551db79fa4f40878e49536c9f415fad
2017-07-29 12:02 - 2017-07-29 12:02 - 000001350 _____ C:\Users\jean-\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Navigateur Opera.lnk
2017-07-29 12:02 - 2017-07-29 12:02 - 000000000 ____D C:\Program Files\AVAST Software
2017-07-29 12:01 - 2017-07-29 12:01 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\IconPack
2017-07-29 12:01 - 2017-07-29 12:01 - 000000000 ____D C:\ProgramData\AVAST Software
2017-07-29 12:00 - 2017-07-31 08:14 - 000000000 ____D C:\IconPack
2017-07-29 12:00 - 2017-07-29 13:07 - 000000000 ___HD C:\W7P_Backups
2017-07-29 12:00 - 2017-07-29 12:00 - 001167128 _____ (CyberLink) C:\Users\jean-\Downloads\cyberlink-power2go_Essential-11.0.exe
2017-07-29 11:59 - 2017-07-29 13:11 - 000000000 ____D C:\skinpack
2017-07-29 11:59 - 2017-07-29 11:59 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Clear ThemePack
2017-07-29 11:59 - 2017-07-29 11:59 - 000000000 ____D C:\Clear ThemePack
2017-07-29 11:57 - 2017-07-29 11:57 - 000000000 ____D C:\Users\jean-\AppData\Roaming\Viv
2017-07-29 11:57 - 2017-07-29 11:57 - 000000000 ____D C:\Users\jean-\AppData\Roaming\PhrozenWinja
2017-07-29 11:57 - 2017-07-29 11:57 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Winja
2017-07-29 11:56 - 2017-07-29 11:56 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VivPDF Editor
2017-07-29 11:56 - 2017-07-29 11:56 - 000000000 ____D C:\Program Files (x86)\VivPDF Editor
2017-07-29 11:50 - 2017-07-29 11:50 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LopeSoft
2017-07-29 11:50 - 2017-07-29 11:50 - 000000000 ____D C:\ProgramData\LopeSoft
2017-07-29 11:50 - 2017-07-29 11:50 - 000000000 ____D C:\Program Files\LopeSoft
2017-07-29 11:43 - 2017-07-29 11:44 - 001790024 _____ (Malwarebytes) C:\Users\jean-\Desktop\JRT.exe
2017-07-29 11:43 - 2017-07-29 11:43 - 008162248 _____ (Malwarebytes) C:\Users\jean-\Desktop\adwcleaner_7.0.0.0.exe
2017-07-29 11:23 - 2017-08-01 13:31 - 000000000 ___RD C:\Users\jean-\Desktop\cadeaux jes-jes m-moulu st-j conr (jessica 2x de brugnon u h) 17_9_2016, 17_3_2017 & 17_9_2017 & lfsu100%sf
2017-07-29 11:08 - 2017-07-29 11:10 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Morae
2017-07-29 11:08 - 2017-07-29 11:08 - 000000000 ____D C:\Users\jean-\AppData\Roaming\Xilisoft
2017-07-29 11:06 - 2017-07-29 11:08 - 000000000 ____D C:\Program Files (x86)\TechSmith
2017-07-29 11:06 - 2017-07-29 11:06 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TechSmith
2017-07-29 11:05 - 2017-07-29 11:05 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\IObit Unlocker
2017-07-29 11:04 - 2017-07-29 11:08 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Xilisoft
2017-07-29 11:04 - 2017-07-29 11:04 - 000000000 ____D C:\Users\jean-\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PerigeeCopy
2017-07-29 11:04 - 2017-07-29 11:04 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MiniCopier
2017-07-29 11:04 - 2017-07-29 11:04 - 000000000 ____D C:\Program Files\PerigeeCopy
2017-07-29 11:03 - 2017-07-29 11:03 - 000000000 ____D C:\Users\jean-\AppData\Local\Copy Handler
2017-07-29 11:03 - 2017-07-29 11:03 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Fast File Copy by Daanav.com
2017-07-29 11:03 - 2017-07-29 11:03 - 000000000 ____D C:\Program Files (x86)\MiniCopier
2017-07-29 11:03 - 2017-07-29 11:03 - 000000000 ____D C:\Program Files (x86)\Fast File Copy by Daanav.com
2017-07-29 11:02 - 2017-07-29 11:02 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Copy Handler
2017-07-29 11:02 - 2017-07-29 11:02 - 000000000 ____D C:\Program Files\Copy Handler
2017-07-29 11:01 - 2017-07-29 11:07 - 000000000 ____D C:\ProgramData\Xilisoft
2017-07-29 11:01 - 2017-07-29 11:07 - 000000000 ____D C:\Program Files (x86)\Xilisoft
2017-07-29 11:01 - 2017-07-29 11:01 - 000000000 ____D C:\Users\jean-\AppData\Roaming\Genie9
2017-07-29 11:00 - 2017-07-29 11:00 - 000000000 ___RD C:\Users\jean-\Desktop\Non-Zoolz Zone
2017-07-29 11:00 - 2017-07-29 11:00 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Zoolz
2017-07-29 11:00 - 2017-07-29 11:00 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Xiph.Org
2017-07-29 10:59 - 2017-07-29 10:59 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Icecream Screen Recorder
2017-07-29 10:59 - 2017-07-29 10:59 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\free-video-splitter
2017-07-29 10:59 - 2017-07-29 10:59 - 000000000 ____D C:\Program Files\Genie9
2017-07-29 10:59 - 2017-07-29 10:59 - 000000000 ____D C:\Program Files (x86)\Xiph.Org
2017-07-29 10:59 - 2017-07-29 10:59 - 000000000 ____D C:\Program Files (x86)\free-video-splitter
2017-07-29 10:58 - 2017-07-29 10:59 - 000000000 ____D C:\Program Files (x86)\Icecream Screen Recorder
2017-07-29 10:57 - 2017-07-29 10:57 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GiliSoft
2017-07-29 10:57 - 2017-07-29 10:57 - 000000000 ____D C:\Program Files (x86)\GiliSoft
2017-07-29 10:56 - 2017-07-29 10:56 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GoodSync
2017-07-29 10:55 - 2017-07-29 10:56 - 000000000 ____D C:\ProgramData\GoodSync
2017-07-29 10:54 - 2017-07-29 10:54 - 000000000 ____D C:\Program Files\Siber Systems
2017-07-29 10:51 - 2017-07-29 10:51 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Hasleo Data Recovery
2017-07-29 10:51 - 2017-07-29 10:51 - 000000000 ____D C:\Program Files\Hasleo
2017-07-29 10:50 - 2017-07-29 11:05 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Roadkil.Net
2017-07-29 10:50 - 2017-07-29 11:05 - 000000000 ____D C:\Program Files (x86)\Roadkil.Net
2017-07-29 10:49 - 2017-07-29 10:50 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Runtime Software
2017-07-29 10:49 - 2017-07-29 10:49 - 000001727 _____ C:\ProgramData\Microsoft\Windows\Start Menu\TeraCopy.lnk
2017-07-29 10:49 - 2017-07-29 10:49 - 000000000 ____D C:\Users\jean-\AppData\Local\Xenocode
2017-07-29 10:49 - 2017-07-29 10:49 - 000000000 ____D C:\Program Files (x86)\Runtime Software
2017-07-29 10:45 - 2017-07-29 12:02 - 000000000 ____D C:\Program Files\Bandizip
2017-07-29 10:45 - 2017-07-29 10:45 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Bandizip
2017-07-29 10:44 - 2017-07-29 10:44 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Folderico
2017-07-29 10:44 - 2017-07-29 10:44 - 000000000 ____D C:\ProgramData\Folderico
2017-07-29 10:44 - 2017-07-29 10:44 - 000000000 ____D C:\Program Files (x86)\Folderico
2017-07-29 10:43 - 2017-07-29 10:43 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Transcend
2017-07-29 10:43 - 2017-07-29 10:43 - 000000000 ____D C:\Program Files (x86)\Transcend
2017-07-29 10:43 - 2013-05-23 09:52 - 000386560 _____ (Dart Communications) C:\WINDOWS\SysWOW64\DartSecure2.dll
2017-07-29 10:43 - 2013-05-23 09:52 - 000234496 _____ (Dart Communications) C:\WINDOWS\SysWOW64\DartCertificate.dll
2017-07-29 10:43 - 2013-05-06 13:17 - 000425472 _____ (Dart Communications) C:\WINDOWS\SysWOW64\DartSock.dll
2017-07-29 10:43 - 2008-08-18 19:18 - 000077824 _____ (Fox Magic Software) C:\WINDOWS\SysWOW64\fmcodec.DLL
2017-07-29 10:39 - 2015-02-27 10:35 - 000000232 _____ C:\WINDOWS\SysWOW64\dllhost.exe.config
2017-07-29 10:36 - 2012-09-21 10:25 - 000727952 _____ () C:\WINDOWS\SysWOW64\WSCM64.dll
2017-07-29 10:36 - 2012-09-21 10:25 - 000159120 _____ () C:\WINDOWS\SysWOW64\WSCM32.dll
2017-07-29 10:34 - 2017-07-29 10:34 - 000000000 ____D C:\ProgramData\ProductFeatures
2017-07-29 10:33 - 2017-07-29 10:33 - 000000000 ____D C:\Users\jean-\.swt
2017-07-29 10:32 - 2017-08-01 04:20 - 000000214 _____ C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job
2017-07-29 10:20 - 2017-07-29 10:33 - 000000000 ____D C:\Users\jean-\AppData\Local\Degoo
2017-07-29 10:19 - 2017-07-29 10:19 - 000000000 ____D C:\Users\jean-\Documents\Wondershare MediaServer
2017-07-29 10:19 - 2017-07-29 10:19 - 000000000 ____D C:\ProgramData\Wondershare Video Converter Free
2017-07-29 10:17 - 2017-07-29 10:21 - 000000000 ____D C:\Users\jean-\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Degoo
2017-07-29 10:08 - 2017-07-29 10:08 - 000000000 ____D C:\ProgramData\Wondershare Video Converter Pro
2017-07-29 10:05 - 2017-07-29 10:33 - 000000000 ____D C:\Users\jean-\AppData\Roaming\iSkysoft
2017-07-29 09:25 - 2017-07-29 10:55 - 000000000 ____D C:\Users\jean-\AppData\Roaming\GoodSync
2017-07-29 09:20 - 2017-07-29 10:13 - 000000000 ____D C:\Users\jean-\AppData\Roaming\Wondershare
2017-07-29 09:19 - 2017-07-30 09:56 - 000000000 ____D C:\Users\jean-\.android
2017-07-29 08:53 - 2017-07-29 10:52 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\IObit MBR Guard
2017-07-29 08:53 - 2017-07-29 08:53 - 000000000 _____ C:\WINDOWS\1
2017-07-29 08:42 - 2017-07-31 08:07 - 000000000 ____D C:\Users\jean-\AppData\Roaming\USBSafelyRemove
2017-07-29 08:31 - 2017-07-29 10:43 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\aTube Catcher
2017-07-29 08:31 - 2017-07-29 08:31 - 000000000 ____D C:\Program Files (x86)\DsNET Corp
2017-07-29 08:30 - 2017-07-29 08:30 - 000000000 ____D C:\Users\jean-\AppData\Roaming\ProtectStar
2017-07-29 08:30 - 2017-07-29 08:30 - 000000000 ____D C:\Users\jean-\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ProtectStar
2017-07-29 08:30 - 2017-07-29 08:30 - 000000000 ____D C:\Program Files (x86)\ProtectStar
2017-07-29 08:29 - 2017-07-29 08:29 - 000000000 ____D C:\zemana_logs
2017-07-29 08:28 - 2017-07-29 08:29 - 000000000 ____D C:\Program Files\Zemana Control Center
2017-07-29 08:27 - 2017-07-29 08:28 - 000000000 ____D C:\Program Files\Rebit 5
2017-07-29 08:20 - 2017-07-29 08:20 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ISO to USB
2017-07-29 08:20 - 2017-07-29 08:20 - 000000000 ____D C:\Program Files (x86)\ISO to USB
2017-07-29 08:18 - 2017-07-29 08:19 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Silent Install Builder 5
2017-07-29 08:18 - 2017-07-29 08:19 - 000000000 ____D C:\Program Files (x86)\Silent Install Builder 5
2017-07-29 08:14 - 2017-07-29 08:14 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Start Menu X
2017-07-29 08:13 - 2017-07-29 08:40 - 000000000 ____D C:\Users\jean-\AppData\Roaming\StartMenuX
2017-07-29 08:13 - 2017-07-29 08:14 - 000000000 ____D C:\Program Files\Start Menu X
2017-07-29 08:13 - 2017-07-29 08:13 - 000000000 ____D C:\ProgramData\StartMenuX
2017-07-29 08:12 - 2017-07-29 08:12 - 000000000 ____D C:\ProgramData\{74E9F814-C737-42CC-B721-DBBC4059367A}
2017-07-29 08:11 - 2017-07-30 09:12 - 000000000 ____D C:\Users\jean-\AppData\LocalLow\IObit
2017-07-29 08:09 - 2017-07-29 08:09 - 000000000 ____D C:\WINDOWS\Tasks\ImCleanDisabled
2017-07-29 08:07 - 2017-07-29 10:16 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Degoo
2017-07-29 08:06 - 2017-07-29 08:06 - 000000000 ____D C:\ProgramData\MindGems
2017-07-29 08:06 - 2017-07-29 08:06 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LiteManager Pro - Viewer
2017-07-29 08:06 - 2017-07-29 08:06 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Folder Size
2017-07-29 08:06 - 2017-07-29 08:06 - 000000000 ____D C:\Program Files\FolderSize
2017-07-29 08:06 - 2017-07-29 08:06 - 000000000 ____D C:\Program Files (x86)\LiteManager Pro - Viewer
2017-07-29 08:06 - 2017-07-29 08:06 - 000000000 ____D C:\Program Files (x86)\Folder Size
2017-07-29 08:05 - 2017-07-31 16:22 - 000000000 ____D C:\Program Files (x86)\LiteManager Pro - Server
2017-07-29 08:05 - 2017-07-29 08:05 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LiteManager Pro - Server
2017-07-29 08:05 - 2017-07-29 08:05 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Kotobee Publisher
2017-07-29 08:04 - 2017-07-29 08:05 - 000000000 ____D C:\Program Files (x86)\Kotobee Publisher
2017-07-29 08:03 - 2017-07-29 08:03 - 000000000 ____D C:\Users\jean-\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\USB Safely Remove
2017-07-29 08:03 - 2017-07-29 08:03 - 000000000 ____D C:\ProgramData\USBSRService
2017-07-29 08:03 - 2017-07-29 08:03 - 000000000 ____D C:\Program Files (x86)\USB Safely Remove
2017-07-29 06:28 - 2017-07-29 06:28 - 000003656 _____ C:\WINDOWS\System32\Tasks\CreateExplorerShellUnelevatedTask
2017-07-29 06:24 - 2017-07-29 06:28 - 000000000 ____D C:\Users\jean-\AppData\Roaming\UsbFix
2017-07-29 06:24 - 2017-07-29 06:24 - 000000000 ____D C:\Users\jean-\AppData\Roaming\Modules
2017-07-29 06:19 - 2017-07-29 06:19 - 000002409 _____ C:\Users\jean-\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2017-07-29 06:14 - 2017-07-29 06:14 - 000000000 ____D C:\ProgramData\Avanquest
2017-07-29 06:14 - 2017-07-29 06:14 - 000000000 ____D C:\Program Files (x86)\Avanquest update
2017-07-29 06:11 - 2017-07-29 06:11 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Zemana AntiLogger
2017-07-29 06:11 - 2017-07-29 06:11 - 000000000 ____D C:\ProgramData\BVRP Software
2017-07-29 06:11 - 2017-03-22 12:44 - 000161408 _____ (Zemana Ltd.) C:\WINDOWS\system32\Drivers\KeyCrypt64.sys
2017-07-28 15:01 - 2017-07-28 15:01 - 000528896 _____ C:\WINDOWS\c69fd46f34b502ccef5b6a80d3c08909.exe
2017-07-28 15:01 - 2017-07-28 15:01 - 000051618 _____ C:\WINDOWS\uninstaller.dat
==================== Un mois - Modifiés - fichiers et dossiers ========
(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)
2017-08-01 14:49 - 2016-08-31 15:57 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2017-08-01 08:15 - 2016-09-09 16:27 - 000000000 ____D C:\Users\jean-\Desktop\cadeaux muscade moulue jessica jessica franprix temptations, franprix & syrtos (16 octobre)
2017-08-01 08:15 - 2016-09-06 20:58 - 000000000 ____D C:\Users\jean-\AppData\Roaming\TeraCopy
2017-08-01 04:06 - 2016-08-28 12:36 - 002592972 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2017-08-01 04:06 - 2016-07-17 00:40 - 001081020 _____ C:\WINDOWS\system32\perfh00C.dat
2017-08-01 04:06 - 2016-07-17 00:40 - 000261644 _____ C:\WINDOWS\system32\perfc00C.dat
2017-08-01 03:48 - 2016-08-31 16:16 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2017-07-31 14:47 - 2016-08-31 16:04 - 000000000 ____D C:\Users\jean-
2017-07-31 14:46 - 2016-07-16 13:47 - 000000000 ____D C:\WINDOWS\system32\appraiser
2017-07-31 14:41 - 2016-07-16 08:04 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2017-07-31 14:40 - 2016-09-03 08:59 - 000000000 ____D C:\Program Files\Microsoft Silverlight
2017-07-31 14:40 - 2016-09-02 16:23 - 000000000 ____D C:\Program Files (x86)\Microsoft Silverlight
2017-07-31 14:12 - 2016-07-16 13:45 - 000000000 ____D C:\WINDOWS\INF
2017-07-31 14:12 - 2016-07-16 13:36 - 000000000 ____D C:\WINDOWS\CbsTemp
2017-07-31 14:11 - 2016-08-31 13:06 - 135225752 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2017-07-31 14:00 - 2016-09-02 16:24 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2017-07-31 13:54 - 2016-09-07 01:54 - 002529856 _____ C:\WINDOWS\SysWOW64\PerfStringBackup.INI
2017-07-31 13:49 - 2016-09-07 01:56 - 000000000 ____D C:\Users\MSSQL$ADK
2017-07-31 13:48 - 2016-09-07 01:46 - 000000000 ____D C:\Program Files\Microsoft SQL Server
2017-07-31 13:48 - 2016-09-07 01:39 - 000000000 ____D C:\Program Files (x86)\Microsoft SQL Server
2017-07-31 10:36 - 2016-09-08 14:35 - 000000000 ____D C:\WINDOWS\Minidump
2017-07-31 10:20 - 2016-07-16 13:47 - 000000000 ____D C:\WINDOWS\AppReadiness
2017-07-31 08:29 - 2016-09-07 12:53 - 000000000 ___RD C:\Users\jean-\Desktop\LFS Ultra Suite v5.6, lfsu100%sfpzs++sfce, part 6 & sfcec-barrow 2 à 4-widen apps, & tools for manage youcam 8 & photodirector 9
2017-07-31 08:14 - 2016-07-16 08:04 - 000000000 ____D C:\Program Files\PowerMaster
2017-07-31 08:07 - 2016-08-28 12:50 - 000000000 ___RD C:\Users\jean-\OneDrive
2017-07-30 12:14 - 2016-09-06 23:43 - 000000000 ____D C:\Users\jean-\AppData\Roaming\CyberLink
2017-07-30 12:14 - 2016-09-06 23:42 - 000000000 ____D C:\Users\jean-\AppData\Local\CyberLink
2017-07-30 10:40 - 2016-08-28 16:25 - 000000000 ____D C:\Users\jean-\Downloads\UsbFix
2017-07-30 10:07 - 2016-09-06 16:18 - 000004174 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{3EF053DA-9088-495B-9E19-1A7664ABB844}
2017-07-30 09:39 - 2016-09-09 07:08 - 000000000 ____D C:\Users\jean-\Desktop\others applications
2017-07-30 09:39 - 2016-08-28 19:38 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DAEMON Tools Pro
2017-07-30 09:39 - 2016-08-28 16:54 - 000000000 ____D C:\Users\jean-\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\KillCopy
2017-07-30 09:39 - 2016-08-28 14:42 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Rebit 5
2017-07-30 09:38 - 2016-08-31 16:56 - 000000000 ___DC C:\WINDOWS\Panther
2017-07-30 09:11 - 2016-09-07 13:09 - 000000000 ____D C:\ProgramData\IObit
2017-07-30 09:09 - 2016-09-08 08:25 - 000000000 ____D C:\Users\jean-\AppData\Roaming\IObit
2017-07-30 06:39 - 2016-09-03 09:08 - 000000000 ____D C:\Users\jean-\AppData\Local\CrashDumps
2017-07-29 16:49 - 2016-09-07 13:20 - 000000000 ____D C:\Program Files (x86)\Wise
2017-07-29 16:17 - 2016-09-06 23:12 - 000000000 ____D C:\ProgramData\SUPPORTDIR
2017-07-29 16:07 - 2016-09-06 23:32 - 000000000 ____D C:\Program Files (x86)\NSIS Uninstall Information
2017-07-29 16:07 - 2016-08-29 06:52 - 000000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2017-07-29 16:03 - 2016-08-31 16:00 - 000000000 ____D C:\ProgramData\Package Cache
2017-07-29 15:46 - 2016-09-06 23:12 - 000000000 ____D C:\ProgramData\install_clap
2017-07-29 15:02 - 2016-08-31 15:57 - 000220152 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2017-07-29 13:11 - 2016-09-07 20:38 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RogueKiller
2017-07-29 13:11 - 2016-09-07 20:38 - 000000000 ____D C:\Program Files\RogueKiller
2017-07-29 13:09 - 2016-07-16 13:47 - 000000000 ____D C:\WINDOWS\Cursors
2017-07-29 13:07 - 2016-07-16 13:43 - 046823424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\imageres.dll
2017-07-29 13:07 - 2016-07-16 13:43 - 001752576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\imagesp1.dll
2017-07-29 13:07 - 2016-07-16 13:42 - 046823424 _____ (Microsoft Corporation) C:\WINDOWS\system32\imageres.dll
2017-07-29 13:07 - 2016-07-16 13:42 - 001752576 _____ (Microsoft Corporation) C:\WINDOWS\system32\imagesp1.dll
2017-07-29 13:07 - 2016-07-16 13:42 - 000598016 _____ (Microsoft Corporation) C:\WINDOWS\system32\zipfldr.dll
2017-07-29 13:07 - 2016-07-16 13:42 - 000558080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\zipfldr.dll
2017-07-29 13:06 - 2016-07-16 13:47 - 000000000 __SHD C:\Program Files\Windows Sidebar
2017-07-29 12:58 - 2016-09-07 20:38 - 000000000 ____D C:\ProgramData\RogueKiller
2017-07-29 11:17 - 2016-09-06 20:50 - 000000000 ____D C:\Program Files\TeraCopy
2017-07-29 11:05 - 2016-09-07 13:09 - 000000000 ____D C:\Program Files (x86)\IObit
2017-07-29 10:40 - 2016-08-28 14:33 - 000000000 ____D C:\Users\Public\Documents\Wondershare
2017-07-29 10:38 - 2016-08-28 19:42 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wondershare
2017-07-29 10:36 - 2016-08-28 19:46 - 000000000 ____D C:\Program Files (x86)\Wondershare
2017-07-29 10:34 - 2016-09-07 13:26 - 000000000 ____D C:\Users\jean-\AppData\Local\iSkysoft
2017-07-29 10:34 - 2016-09-07 13:24 - 000000000 ____D C:\ProgramData\iSkysoft iMedia Converter Deluxe
2017-07-29 10:21 - 2016-09-07 13:22 - 000000000 ____D C:\Users\Public\Documents\iSkysoft
2017-07-29 10:18 - 2016-08-28 19:43 - 000000000 ____D C:\ProgramData\Wondershare
2017-07-29 10:09 - 2016-09-07 13:24 - 000000000 ____D C:\ProgramData\iSkysoft
2017-07-29 10:05 - 2016-09-07 13:24 - 000000000 ____D C:\Program Files (x86)\iSkysoft
2017-07-29 08:58 - 2016-09-07 14:41 - 000000000 ____D C:\Program Files (x86)\Zemana AntiLogger
2017-07-29 08:58 - 2016-09-07 14:41 - 000000000 ____D C:\Program Files (x86)\KeyCryptSDK
2017-07-29 08:41 - 2016-09-04 15:23 - 000000000 ____D C:\Users\jean-\AppData\Roaming\eufsc
2017-07-29 08:25 - 2016-09-03 15:37 - 000003554 _____ C:\WINDOWS\System32\Tasks\SoftwareUpdate Pro
2017-07-29 08:17 - 2016-07-16 13:47 - 000000000 ___HD C:\Program Files\WindowsApps
2017-07-29 07:52 - 2016-07-16 13:47 - 000000000 ____D C:\WINDOWS\SysWOW64\GroupPolicy
2017-07-29 07:52 - 2015-10-30 09:24 - 000000000 ___HD C:\WINDOWS\system32\GroupPolicy
2017-07-29 06:04 - 2016-09-07 13:37 - 000000000 ____D C:\Program Files\Common Files\logishrd
2017-07-28 22:11 - 2016-08-28 17:04 - 000565416 _____ (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe
2017-07-28 21:51 - 2016-09-06 16:06 - 000000000 ____D C:\WINDOWS\System32\Tasks\NCH Software
==================== Fichiers à la racine de certains dossiers =======
2017-07-29 12:05 - 2017-07-29 12:05 - 000140800 _____ () C:\Users\jean-\AppData\Local\installer.dat
2017-07-29 12:05 - 2017-07-29 12:05 - 001847296 _____ () C:\Users\jean-\AppData\Local\po.db
Fichiers à déplacer ou supprimer:
====================
C:\Users\jean-\ZHPDiag3.exe
Certains fichiers dans TEMP:
====================
2017-07-29 20:24 - 2017-07-29 20:24 - 004043712 _____ (Geek Unіnstaller) C:\Users\jean-\AppData\Local\Temp\geek64.exe
2017-07-29 10:56 - 2017-07-29 10:56 - 004895891 _____ () C:\Users\jean-\AppData\Local\Temp\Redist642008.exe
2017-07-29 10:58 - 2017-07-29 10:58 - 004149146 _____ () C:\Users\jean-\AppData\Local\Temp\Redist862008.exe
==================== Bamital & volsnap ======================
(Il n'y a pas de correction automatique pour les fichiers qui ne satisfont pas à la vérification.)
C:\WINDOWS\system32\winlogon.exe => Le fichier est signé numériquement
C:\WINDOWS\system32\wininit.exe => Le fichier est signé numériquement
C:\WINDOWS\explorer.exe => Le fichier est signé numériquement
C:\WINDOWS\SysWOW64\explorer.exe => Le fichier est signé numériquement
C:\WINDOWS\system32\svchost.exe => Le fichier est signé numériquement
C:\WINDOWS\SysWOW64\svchost.exe => Le fichier est signé numériquement
C:\WINDOWS\system32\services.exe => Le fichier est signé numériquement
C:\WINDOWS\system32\User32.dll => Le fichier est signé numériquement
C:\WINDOWS\SysWOW64\User32.dll => Le fichier est signé numériquement
C:\WINDOWS\system32\userinit.exe => Le fichier est signé numériquement
C:\WINDOWS\SysWOW64\userinit.exe => Le fichier est signé numériquement
C:\WINDOWS\system32\rpcss.dll => Le fichier est signé numériquement
C:\WINDOWS\system32\dnsapi.dll => Le fichier est signé numériquement
C:\WINDOWS\SysWOW64\dnsapi.dll => Le fichier est signé numériquement
C:\WINDOWS\system32\Drivers\volsnap.sys => Le fichier est signé numériquement
LastRegBack: 2017-07-28 22:26
==================== Fin de FRST.txt ============================