SystemLook.txt

Document joint : GKCmXm1Nbzw_SystemLook.txt

Cliquez pour partager vos propres fichiers

Format du document : text/plain

Prévisualisation

SystemLook 30.07.11 by jpshortstuff
Log created at 13:04 on 28/11/2017 by Jean-Marie
Administrator - Elevation successful
WARNING: SystemLook running under WOW64. Use SystemLook_x64 for accurate results.

========== service ==========

msiserver
Windows Installer
"Ajoute, modifie et supprime des applications fournies en tant que package Windows Installer (*.msi, *.msp, *.appx). Si ce service est désactivé, les services qui en dépendent explicitement ne démarreront pas."
Current Status: Stopped
Startup Type: Demand
Error Control: Critical
Binary: C:\WINDOWS\system32\msiexec.exe /V
Group: (none)
SafeBoot: Minimal Network
Dependencies:
->rpcss
Dependant Services:
(none)

ezSharedSvc - Unable to open Service Handle.

========== dir ==========

C:\USERS\SY\APPDATA\ROAMING\MICROSOFT\WINDOWS\RECENT\ZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZ.ZZZ.ZZZ - Unable to find folder.

C:\Documents and Settings\All Users\Application Data\Communications - Unable to find folder.

C:\Documents and Settings\All Users\Application Data\Network - Unable to find folder.

C: - Parameters: "(none)"

---Files---
bootmgr -rahs-- 398156 bytes [08:18 26/07/2012] [03:44 26/07/2012]
BOOTNXT --ahs-- 1 bytes [08:18 26/07/2012] [14:30 02/06/2012]
hiberfil.sys --ahs-- 1535000576 bytes [09:20 26/11/2017] [10:16 27/11/2017]
OS -rahs-- 0 bytes [07:30 05/03/2013] [07:30 05/03/2013]
pagefile.sys --ahs-- 419430400 bytes [09:17 26/11/2017] [06:11 28/11/2017]
Pre_Scan.txt --a---- 7957 bytes [04:29 28/11/2017] [04:52 28/11/2017]
swapfile.sys --ahs-- 268435456 bytes [09:17 26/11/2017] [06:11 28/11/2017]

---Folders---
$RECYCLE.BIN d--hs-- [09:01 28/11/2017]
$Windows.~WS d--h--- [18:24 26/11/2017]
Adferno d------ [14:21 27/11/2017]
AdsFix d------ [04:29 28/11/2017]
AdwCleaner d------ [06:01 28/11/2017]
AMD d------ [11:43 27/11/2017]
Boot d--hs-- [02:02 02/08/2012]
Config.Msi d--hs-- [10:39 28/11/2017]
Cookie Control d------ [14:22 27/11/2017]
Documents and Settings d--hs-- [07:22 26/07/2012]
Ericksystem d------ [19:01 27/11/2017]
ESD d------ [12:45 26/11/2017]
Fcheck d------ [14:16 27/11/2017]
Force Check d------ [14:26 27/11/2017]
Force Login d------ [14:30 27/11/2017]
FRST d------ [11:52 28/11/2017]
HERALOGIC d------ [18:56 27/11/2017]
hp dr-hs-- [11:49 07/01/2013]
inetpub d------ [08:09 27/11/2017]
iolo d------ [11:30 26/11/2017]
logs d------ [11:31 26/11/2017]
NoBot d------ [13:48 27/11/2017]
OneDriveTemp d--h--- [11:08 27/11/2017]
PerfLogs d------ [13:46 29/09/2017]
Pre_Scan d------ [04:25 28/11/2017]
Program Files dr----- [13:46 29/09/2017]
Program Files (x86) d------ [13:46 29/09/2017]
ProgramData d--h--- [13:46 29/09/2017]
Recovery d--hs-- [09:37 27/11/2017]
RegBackup d------ [07:06 28/11/2017]
sources d------ [13:12 26/11/2017]
Startup Control d------ [14:19 27/11/2017]
SWSETUP d-a---- [03:15 02/08/2012]
System Volume Information d--hs-- [09:17 26/11/2017]
SYSTEM.SAV drahs-- [09:57 01/08/2012]
UsbFix d------ [17:57 27/11/2017]
Users dr----- [08:45 29/09/2017]
WebrootDebug d------ [13:51 27/11/2017]
Windows d------ [08:45 29/09/2017]
Windows.old d------ [09:32 27/11/2017]

G: - Parameters: "(none)"

---Files---
adware removal tool by tsa win10 compaq 16nov.txt ------- 226 bytes [11:14 16/11/2017] [11:14 16/11/2017]
AdwCleaner[C0].txt ------- 4481 bytes [12:30 16/11/2017] [08:43 16/11/2017]
adwcleaner_7.0.4.0.exe ------- 8261584 bytes [08:14 16/11/2017] [08:14 16/11/2017]
ClearLNK-16.11.2017_13-29.log ------- 123300 bytes [12:30 16/11/2017] [12:29 16/11/2017]
clearlnk_2.9.0.11.exe ------- 462976 bytes [08:25 16/11/2017] [08:25 16/11/2017]
geek.zip ------- 3005801 bytes [10:26 13/11/2017] [18:19 12/11/2017]
JRT win10 compaq 16 nov.txt ------- 1179 bytes [09:09 16/11/2017] [09:09 16/11/2017]
Nuance.Dragon.Pro.Indi.15.00.000.158.rar ------- -371853583 bytes [10:25 13/11/2017] [10:24 12/11/2017]
time.txt ------- 19 bytes [17:22 13/11/2017] [17:22 13/11/2017]
zhpcleaner compaq w10 16 nov.txt ------- 4683 bytes [12:15 16/11/2017] [12:15 16/11/2017]
ZHPCleaner.exe ------- 2971008 bytes [08:17 16/11/2017] [08:17 16/11/2017]
zhpfix results compaq w10 16 nov.txt ------- 5297 bytes [12:22 16/11/2017] [12:22 16/11/2017]
zhpfix script compaq w10 16 nov.txt ------- 17487 bytes [08:35 16/11/2017] [08:35 16/11/2017]
ZHPFix.exe ------- 3061760 bytes [08:21 16/11/2017] [08:21 16/11/2017]

---Folders---
Autorun.inf drahs-- [21:03 27/11/2017]
geek d------ [10:37 13/11/2017]
NMSDCID d------ [17:02 25/11/2017]
Nuance.Dragon.Pro.Indi.15.00.000.158 d------ [10:38 13/11/2017]
PHOTO FAMILY d------ [17:02 25/11/2017]
Quarantine d------ [12:20 16/11/2017]
ReviverSoft.PC.Reviver.2.16.1.2.Portable d------ [10:43 13/11/2017]
System Volume Information d--hs-- [14:05 11/11/2017]

P: - Parameters: "(none)"

---Files---
README.diskdefines ------- 237 bytes [10:14 27/06/2017] [23:03 19/07/2016]
md5sum.txt ------- 23431 bytes [10:20 27/06/2017] [23:05 19/07/2016]
casper-rw ------- 1782579200 bytes [15:19 02/11/2017] [15:19 02/11/2017]
ldlinux.sys ------- 69632 bytes [10:25 27/06/2017] [10:25 27/06/2017]
ldlinux.c32 ------- 122308 bytes [10:25 27/06/2017] [10:25 27/06/2017]
SmartClean.ini ------- 448 bytes [10:25 27/06/2017] [10:25 27/06/2017]
starburn.txt ------- 2879 bytes [07:07 14/10/2017] [11:39 03/09/2016]
BOOTEX.LOG ------- 15410 bytes [17:11 11/07/2017] [11:28 10/10/2017]
pp.key ------- 8192 bytes [07:07 14/10/2017] [08:47 03/01/2016]
autorun.inf ---hs-- 8192 bytes [21:11 23/07/2017] [21:11 23/07/2017]
2016-01-01 (4).AVI ------- 399736832 bytes [07:04 14/10/2017] [16:29 03/01/2016]
2016-01-01 (5).AVI ------- 884736 bytes [07:05 14/10/2017] [16:29 03/01/2016]
2016-01-01 (1).AVI ------- 65536 bytes [07:05 14/10/2017] [16:29 03/01/2016]
2015-12-31 (2).AVI ------- 706084864 bytes [07:05 14/10/2017] [16:12 03/01/2016]
réparer windows 7 sans perdre des données avec iso et dvd.pdf ------- 1717254 bytes [07:07 14/10/2017] [15:44 09/09/2016]
creee-en-1959-la-poupee-barbie-a-toujours-autant-de-succes-photo-rl-1439655987.jpg ------- 1279955 bytes [07:07 14/10/2017] [14:58 10/06/2016]
240¬ de plus à payer avec le 1ère logiciel Cewbé d (1).txt ------- 830 bytes [07:07 14/10/2017] [16:29 03/01/2016]
Macache Bonneau Clipboard (1).txt ------- 1317 bytes [07:07 14/10/2017] [15:56 03/01/2016]
pp (1).key ------- 8192 bytes [07:07 14/10/2017] [15:56 03/01/2016]
time (1).txt ------- 20 bytes [07:07 14/10/2017] [15:56 03/01/2016]
240¬ de plus à payer avec le 1ère logiciel Cewbé d.txt ------- 830 bytes [07:07 14/10/2017] [09:19 03/01/2016]
Macache Bonneau Clipboard.txt ------- 1317 bytes [07:07 14/10/2017] [08:47 03/01/2016]
time.txt ------- 19 bytes [07:07 14/10/2017] [17:22 13/11/2017]
aimer-dvd-creator-intel_full335.dmg ------- 62168080 bytes [07:07 14/10/2017] [23:31 02/01/2016]
aimer-video-converter-intel_full265.dmg ------- 44314993 bytes [07:08 14/10/2017] [23:31 02/01/2016]
aimer-video-pro_full432.exe ------- 21681496 bytes [07:08 14/10/2017] [23:31 02/01/2016]
aimer-video-converter_setup_full68.exe ------- 1239552 bytes [07:08 14/10/2017] [23:31 02/01/2016]
aimer-video-ultimate_full129.exe ------- 45682060 bytes [07:08 14/10/2017] [23:31 02/01/2016]
aimer-mac-video-studio-express_full700.dmg ------- 60733178 bytes [07:08 14/10/2017] [23:31 02/01/2016]
aimer-video-studio-express_full701.exe ------- 61243876 bytes [07:08 14/10/2017] [23:30 02/01/2016]
Akvzn3HKZzU&autoplay=0 ------- 5898 bytes [07:08 14/10/2017] [23:30 02/01/2016]
Akvzn3HKZzU&autoplay=0(2) ------- 5900 bytes [07:08 14/10/2017] [23:30 02/01/2016]
Akvzn3HKZzU&autoplay=0(3) ------- 5890 bytes [07:08 14/10/2017] [23:30 02/01/2016]
android_root.exe ------- 18023288 bytes [07:09 14/10/2017] [23:30 02/01/2016]
2015-12-31 (3).AVI ------- 452952064 bytes [07:00 14/10/2017] [16:16 03/01/2016]
2015-12-31 (4).AVI ------- 171048960 bytes [07:01 14/10/2017] [16:18 03/01/2016]
2015-12-31 (1).AVI ------- 30932992 bytes [07:02 14/10/2017] [16:18 03/01/2016]
2016-01-01 (2).AVI ------- 470450176 bytes [07:02 14/10/2017] [16:22 03/01/2016]
2016-01-01 (3).AVI ------- 449970176 bytes [07:03 14/10/2017] [16:26 03/01/2016]
CyberLink_PowerProducer_Downloader.exe ------- 967200 bytes [07:09 14/10/2017] [23:30 02/01/2016]
adwcleaner_5.027.exe ------- 1745920 bytes [07:09 14/10/2017] [23:30 02/01/2016]
CyberLink_Power2Go_Downloader.exe ------- 1299304 bytes [07:09 14/10/2017] [23:30 02/01/2016]
CyberLink_Media_Suite_Downloader.exe ------- 1031608 bytes [07:09 14/10/2017] [23:30 02/01/2016]
CyberLink_PowerDirector_Downloader.exe ------- 1031608 bytes [07:09 14/10/2017] [23:30 02/01/2016]
CyberLink_PowerDVD_Downloader.exe ------- 1031608 bytes [07:09 14/10/2017] [23:30 02/01/2016]
PortableApps.com_Platform_Setup_12.2.paf.exe ------- 3793168 bytes [07:10 14/10/2017] [23:28 02/01/2016]
android_root-1.exe ------- 18023288 bytes [07:10 14/10/2017] [23:28 02/01/2016]
clueful_log.txt ------- 876 bytes [07:10 14/10/2017] [23:28 02/01/2016]
Err Kernel Fuseau Origan Macarons Domino.zip ------- -1984284077 bytes [07:10 14/10/2017] [23:28 02/01/2016]
Erreur Kernel Fuseau Origan Macarons Domino.docx ------- 6701 bytes [07:15 14/10/2017] [23:28 02/01/2016]
Erreur Kernel Fuseau Origan Macarons Domino.txt ------- 1350 bytes [07:15 14/10/2017] [23:21 02/01/2016]
kr-stock-conf ------- 80 bytes [07:15 14/10/2017] [23:13 02/01/2016]
Erreur Kernel Fuseau Origan Macarons Domino.doc ------- 21504 bytes [07:15 14/10/2017] [23:08 02/01/2016]
Erreur Kernel Fuseau Origan Macarons Domino.pdf ------- 27137 bytes [07:15 14/10/2017] [23:08 02/01/2016]
la folie mirc-mirc avec lynnlo, léa, sonia et amélie.mp4 ------- 160450188 bytes [07:16 14/10/2017] [05:13 13/12/2014]

---Folders---
System Volume Information d------ [10:14 27/06/2017]
.disk d------ [10:14 27/06/2017]
EFI d------ [10:14 27/06/2017]
boot d------ [10:14 27/06/2017]
casper d------ [05:25 31/07/2017]
dists d------ [10:20 27/06/2017]
install d------ [10:20 27/06/2017]
syslinux d------ [10:20 27/06/2017]
pics d------ [10:20 27/06/2017]
pool d------ [10:20 27/06/2017]
preseed d------ [10:20 27/06/2017]
FOUND.000 d------ [11:28 10/10/2017]
Avatar d------ [07:07 14/10/2017]
pilpa 2 - pitmann playthrough - souvenir chez stine & lix le quadrige d------ [07:02 14/10/2017]
jean-marie.carribon@wanadoo.fr's Online Sync d------ [07:03 14/10/2017]
l'art du moine du wa miss dessert de widen, du ou quel tritoir nadia winiccyx, & du ou cewbélink power2ccyx d------ [07:03 14/10/2017]
AoaoPhoto Digital Studio d------ [07:03 14/10/2017]
YouCam d------ [07:07 14/10/2017]
iSkysoft iMedia Converter Deluxe d------ [07:07 14/10/2017]
Wondershare Filmora d------ [07:07 14/10/2017]
Notes d------ [07:07 14/10/2017]
IMAGE (2) d------ [07:07 14/10/2017]
LOST.DIR (2) d------ [07:07 14/10/2017]
IMAGE (1) d------ [07:07 14/10/2017]
LOST.DIR (1) d------ [07:07 14/10/2017]
Playlists d------ [07:07 14/10/2017]
Mail Orange d------ [07:07 14/10/2017]
Video d------ [07:07 14/10/2017]
kinguserdown d------ [07:07 14/10/2017]
Music d------ [07:07 14/10/2017]
Ringtones d------ [07:07 14/10/2017]
Image d------ [07:07 14/10/2017]
AI_RecycleBin d------ [14:19 11/08/2017]
My Documents d------ [07:07 14/10/2017]
Documents d------ [16:01 23/07/2017]
Nouveau dossier d------ [07:02 14/10/2017]
lin d------ [07:02 14/10/2017]
My Stationery d------ [07:03 14/10/2017]
LOST.DIR d------ [07:07 14/10/2017]
Download d------ [07:16 14/10/2017]
DCIM d------ [07:17 14/10/2017]
CyberShot d------ [07:18 14/10/2017]
cleanmaster d------ [07:18 14/10/2017]
wondershare d------ [07:20 14/10/2017]
stromaé - promiscuous d------ [07:20 14/10/2017]
Pictures d------ [07:21 14/10/2017]
image_cache d------ [07:21 14/10/2017]
Kingroot d------ [07:21 14/10/2017]
Download (2) d------ [07:21 14/10/2017]
fr.lcl.android.customerarea d------ [07:21 14/10/2017]
Download (1) d------ [07:21 14/10/2017]
CyberLink Power2Go 11 Essentials setup d------ [07:21 14/10/2017]
for de la rever'nifk - cyberlink freewares installers d------ [07:21 14/10/2017]
pilpa 1 - apps quand ou droopy fin li'lis pire framo 2009 parodié en tri'toir de brugnon-ultra-hush d------ [07:32 14/10/2017]
Nouveau dossier (2) d------ [07:47 14/10/2017]
NMSDCID d------ [17:02 25/11/2017]
PHOTO FAMILY d------ [17:02 25/11/2017]

R: - Parameters: "(none)"

---Files---
shell.efi ------- 683904 bytes [06:05 08/11/2017] [03:52 09/12/2014]
shellia32.efi ------- 683936 bytes [06:05 08/11/2017] [09:35 19/09/2015]
shellx64.efi ------- 771136 bytes [06:05 08/11/2017] [09:35 19/09/2015]
memdisk ------- 26140 bytes [06:05 08/11/2017] [16:29 06/10/2014]
info ------- 5 bytes [06:05 08/11/2017] [13:08 07/09/2014]
cdrom.ico ------- 354862 bytes [06:05 08/11/2017] [11:56 22/07/2014]
cat.c32 ------- 1652 bytes [06:05 08/11/2017] [16:29 06/10/2014]
chain.c32 ------- 24560 bytes [06:05 08/11/2017] [16:29 06/10/2014]
cmenu.c32 ------- 3688 bytes [06:05 08/11/2017] [16:29 06/10/2014]
gfxboot.c32 ------- 10408 bytes [06:05 08/11/2017] [16:29 06/10/2014]
ifcpu.c32 ------- 4112 bytes [06:05 08/11/2017] [16:29 06/10/2014]
ifcpu64.c32 ------- 1736 bytes [06:05 08/11/2017] [16:29 06/10/2014]
ifplop.c32 ------- 1912 bytes [06:05 08/11/2017] [16:29 06/10/2014]
libcom32.c32 ------- 186500 bytes [06:05 08/11/2017] [16:29 06/10/2014]
libgpl.c32 ------- 66524 bytes [06:05 08/11/2017] [16:29 06/10/2014]
libmenu.c32 ------- 24132 bytes [06:05 08/11/2017] [16:29 06/10/2014]
libutil.c32 ------- 24148 bytes [06:05 08/11/2017] [16:29 06/10/2014]
linux.c32 ------- 4660 bytes [06:05 08/11/2017] [16:29 06/10/2014]
localboot.c32 ------- 1252 bytes [06:05 08/11/2017] [16:29 06/10/2014]
mboot.c32 ------- 10772 bytes [06:05 08/11/2017] [16:29 06/10/2014]
menu.c32 ------- 26596 bytes [06:05 08/11/2017] [16:29 06/10/2014]
poweroff.c32 ------- 1664 bytes [06:05 08/11/2017] [16:29 06/10/2014]
reboot.c32 ------- 1376 bytes [06:05 08/11/2017] [16:29 06/10/2014]
syslinux.c32 ------- 7588 bytes [06:05 08/11/2017] [16:29 06/10/2014]
vesamenu.c32 ------- 27104 bytes [06:05 08/11/2017] [16:29 06/10/2014]
whichsys.c32 ------- 2460 bytes [06:05 08/11/2017] [16:29 06/10/2014]
SARDU - Multiboot Builder.url ------- 121 bytes [06:05 08/11/2017] [20:22 19/02/2017]
syslinux-6.03.txt ------- 0 bytes [06:05 08/11/2017] [13:44 14/05/2017]
syslinux.cfg ------- 1066 bytes [06:05 08/11/2017] [06:05 08/11/2017]
7-zip.dll ------- 49664 bytes [06:20 08/11/2017] [03:00 08/11/2017]
license-pro.txt ------- 18121 bytes [06:20 08/11/2017] [03:05 08/11/2017]
SARDU_1 ------- 24770815 bytes [06:20 08/11/2017] [03:00 08/11/2017]
time.txt ------- 19 bytes [17:22 13/11/2017] [17:22 13/11/2017]

---Folders---
System Volume Information d------ [13:22 06/11/2017]
efi d------ [06:03 08/11/2017]
SARDU d------ [06:04 08/11/2017]
boot d------ [06:04 08/11/2017]
.disk d------ [06:05 08/11/2017]
Extra d------ [06:05 08/11/2017]
CFG d------ [06:08 08/11/2017]
ISO d------ [06:08 08/11/2017]
languages d------ [06:20 08/11/2017]
log d------ [06:20 08/11/2017]
Temp d------ [06:20 08/11/2017]
tools d------ [06:20 08/11/2017]
PHOTO FAMILY d------ [17:01 25/11/2017]
NMSDCID d------ [17:02 25/11/2017]
Autorun.inf drahs-- [21:03 27/11/2017]

v: - Parameters: "(none)"

---Files---
None found.

---Folders---
Autorun.inf drahs-- [21:03 27/11/2017]

========== regfind ==========

Searching for "winlogon.exe"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\RADAR\HeapLeakDetection\ReflectionApplications\winlogon.exe]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\EventLog\Application\Winlogon]
"EventMessageFile"="%SystemRoot%\System32\winlogon.exe"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\EventLog\Application\Wlclntfy]
"EventMessageFile"="%SystemRoot%\System32\winlogon.exe"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\EventLog\System\Microsoft-Windows-Winlogon]
"EventMessageFile"="%SystemRoot%\system32\winlogon.exe"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\EventLog\Application\Winlogon]
"EventMessageFile"="%SystemRoot%\System32\winlogon.exe"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\EventLog\Application\Wlclntfy]
"EventMessageFile"="%SystemRoot%\System32\winlogon.exe"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\EventLog\System\Microsoft-Windows-Winlogon]
"EventMessageFile"="%SystemRoot%\system32\winlogon.exe"

========== reg ==========

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\OfferBox Browser]
(Unable to open key - key not found)

[HKEY_CURRENT_USER\Software\?? ?? ???? ????? ??? ?? ????]
(Unable to open key - key not found)

========== filefind ==========

Searching for "*CCleaner*"
C:\Program Files (x86)\atomicware\atomiccleaner3\atomiccleaner3.exe --a---- 2030592 bytes [13:46 27/11/2017] [18:58 03/11/2016] 951AB06BED9FDA9A9C39AB637FE07753
C:\Program Files (x86)\atomicware\atomiccleaner3\atomiccleaner3_.log --a---- 7182 bytes [17:03 27/11/2017] [17:19 27/11/2017] D12787BAEDA588D61603783914FA56A1
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\atomiccleaner3.lnk --a---- 1315 bytes [13:46 27/11/2017] [13:46 27/11/2017] 6ED4747BEB8CAE93A164353308CC2706
C:\Users\All Users\Microsoft\Windows\Start Menu\Programs\atomiccleaner3.lnk --a---- 1315 bytes [13:46 27/11/2017] [13:46 27/11/2017] 6ED4747BEB8CAE93A164353308CC2706
C:\Users\Jean-Marie\AppData\Local\Packages\Microsoft.Windows.Cortana_cw5n1h2txyewy\LocalState\AppIconCache\100\{7C5A40EF-A0FB-4BFC-874A-C0F2E0B9FA8E}_atomicware_atomiccleaner3_atomiccleaner3_exe --a---- 4246 bytes [14:43 27/11/2017] [14:43 27/11/2017] D85E26675B529DD21B3BF11D54F1DF78
C:\Users\Jean-Marie\Desktop\LFS Hyper-100% Sécurisé-Cewbé Suite 19.16\atomiccleaner3.lnk --a---- 1303 bytes [13:46 27/11/2017] [13:46 27/11/2017] 9167A06F80D6E4A1573FF73CDD95FFE8
C:\Users\Jean-Marie\Desktop\LoadTool - Téléchargement\CCleaner.exe --a---- 4965896 bytes [19:34 27/11/2017] [06:31 28/11/2017] 9AE4C48DB6D9EB7D060C71AB1AABF5F0
C:\Windows.old\Users\All Users\Microsoft\Windows\Start Menu\Programs\atomiccleaner3.lnk --a---- 1315 bytes [13:46 27/11/2017] [13:46 27/11/2017] 6ED4747BEB8CAE93A164353308CC2706

Searching for "*CCleaner.exe*"
C:\Users\Jean-Marie\Desktop\LoadTool - Téléchargement\CCleaner.exe --a---- 4965896 bytes [19:34 27/11/2017] [06:31 28/11/2017] 9AE4C48DB6D9EB7D060C71AB1AABF5F0

Searching for "explorer.exe"
C:\Windows\explorer.exe --a---- 3894968 bytes [13:42 29/09/2017] [13:42 29/09/2017] 4312C7F7CA8CC13A475CB150EEB5F35E
C:\Windows\System32\explorer.exe --a---- 3477128 bytes [13:42 29/09/2017] [13:42 29/09/2017] 51BF1A2C033F61A7CF665244731D6C8E
C:\Windows\SysWOW64\explorer.exe --a---- 3477128 bytes [13:42 29/09/2017] [13:42 29/09/2017] 51BF1A2C033F61A7CF665244731D6C8E
C:\Windows\WinSxS\amd64_microsoft-windows-explorer_31bf3856ad364e35_10.0.16299.15_none_74a0d304eae0e1e9\explorer.exe --a---- 3894968 bytes [13:42 29/09/2017] [13:42 29/09/2017] 4312C7F7CA8CC13A475CB150EEB5F35E
C:\Windows\WinSxS\wow64_microsoft-windows-explorer_31bf3856ad364e35_10.0.16299.15_none_7ef57d571f41a3e4\explorer.exe --a---- 3477128 bytes [13:42 29/09/2017] [13:42 29/09/2017] 51BF1A2C033F61A7CF665244731D6C8E
C:\Windows.old\Windows\explorer.exe --a---- 2380440 bytes [23:14 25/07/2012] [04:49 26/07/2012] 928791755FDDEA721B053535EF84FA17
C:\Windows.old\Windows\SysWOW64\explorer.exe --a---- 2114936 bytes [23:11 25/07/2012] [03:50 26/07/2012] 5B6ED1B57DBFF18D405A0260559B571E
C:\Windows.old\Windows\WinSxS\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.2.9200.16384_none_aa7e4e770380a4b6\explorer.exe --a---- 2380440 bytes [23:14 25/07/2012] [04:49 26/07/2012] 928791755FDDEA721B053535EF84FA17
C:\Windows.old\Windows\WinSxS\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.2.9200.16384_none_b4d2f8c937e166b1\explorer.exe --a---- 2114936 bytes [23:11 25/07/2012] [03:50 26/07/2012] 5B6ED1B57DBFF18D405A0260559B571E

Searching for "atapi.sys"
C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_amd64_f2fe4bdd6cb0f450\atapi.sys --a---- 28568 bytes [13:41 29/09/2017] [13:41 29/09/2017] 6191B9B2EE0E8CB957C683B9B341CC86
C:\Windows\WinSxS\amd64_mshdc.inf_31bf3856ad364e35_10.0.16299.15_none_0024540c92ae41c6\atapi.sys --a---- 28568 bytes [13:41 29/09/2017] [13:41 29/09/2017] 6191B9B2EE0E8CB957C683B9B341CC86

Searching for "CertLock"
No files found.

Searching for "ZeroAccess"
No files found.

Searching for "Optimizer Pro"
No files found.

Searching for "ByteFence"
C:\ProgramData\AVAST Software\Avast\Cache\InstallLocation\ByteFence --a---- 230 bytes [13:34 27/11/2017] [13:34 27/11/2017] EAC691D84A202EB1CEEA5DE3203E54D7
C:\ProgramData\AVAST Software\Avast\SWCUData\Cache\InstallLocation\ByteFence --a---- 278 bytes [13:11 26/11/2017] [09:58 27/11/2017] 749268DC71F99D22CB2844B069048CFC
C:\Users\All Users\AVAST Software\Avast\Cache\InstallLocation\ByteFence --a---- 230 bytes [13:34 27/11/2017] [13:34 27/11/2017] EAC691D84A202EB1CEEA5DE3203E54D7
C:\Users\All Users\AVAST Software\Avast\SWCUData\Cache\InstallLocation\ByteFence --a---- 278 bytes [13:11 26/11/2017] [09:58 27/11/2017] 749268DC71F99D22CB2844B069048CFC
C:\Windows.old\Users\All Users\AVAST Software\Avast\Cache\InstallLocation\ByteFence --a---- 230 bytes [13:34 27/11/2017] [13:34 27/11/2017] EAC691D84A202EB1CEEA5DE3203E54D7
C:\Windows.old\Users\All Users\AVAST Software\Avast\SWCUData\Cache\InstallLocation\ByteFence --a---- 278 bytes [13:11 26/11/2017] [09:58 27/11/2017] 749268DC71F99D22CB2844B069048CFC

========== file ==========

C:\Program Files\ByteFence - Unable to find/read file.

C:\Program Files (x86)\ByteFence - Unable to find/read file.

C:\USERS\SY\APPDATA\ROAMING\MICROSOFT\WINDOWS\RECENT\ZZZZZZZZZZZZZZZZ.ZZZ.ZZZ - Unable to find/read file.

C:\Windows\system32\lsass.exe - Unable to find/read file.

C:\Windows\System32\spoolsv.exe - Unable to find/read file.

P:\ldlinux.c32 - File found and opened.
MD5: 7D485AB19E5F072E0B7C19B93F95E3A0
Created at 10:25 on 27/06/2017
Modified at 10:25 on 27/06/2017
Size: 122308 bytes
Attributes: -------
No version information available.

P:\ldlinux.sys - File found and opened.
MD5: 1A26D01BEFAB10A93343D621ED36D8A2
Created at 10:25 on 27/06/2017
Modified at 10:25 on 27/06/2017
Size: 69632 bytes
Attributes: -------
No version information available.

R:\ldlinux.c32 - Unable to find/read file.

R:\ldlinux.sys - Unable to find/read file.

========== folderfind ==========

Searching for "*CCleaner*"
C:\Program Files (x86)\atomicware\atomiccleaner3 d------ [13:46 27/11/2017]

Searching for "CCleaner"
No folders found.

Searching for "PC Utilities"
No folders found.

Searching for "CertLock"
No folders found.

Searching for "ZeroAccess"
No folders found.

-= EOF =-

Signaler le contenu de ce document