Publicité
Publicité
Format du document : text/plain
Prévisualisation
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 02.08.2018
Ran by Adrian (administrator) on ADRIAN-PC (07-08-2018 13:11:22)
Running from C:\Users\Adrian\Desktop
Loaded Profiles: Adrian & Guest (Available Profiles: Adrian & Guest)
Platform: Windows 7 Professional Service Pack 1 (X64) Language: English (United States)
Internet Explorer Version 11 (Default browser: Opera)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Dell Inc.) C:\Program Files\Dell\DW WLAN Card\WLTRYSVC.EXE
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Dell Inc.) C:\Program Files\Dell\DW WLAN Card\BCMWLTRY.EXE
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Andrea Electronics Corporation) C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe
(Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe
(Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
(AnchorFree Inc.) C:\Program Files (x86)\Hotspot Shield\bin\cmw_srv.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Disc Soft Ltd) C:\Program Files\DAEMON Tools Lite\DTAgent.exe
(Disc Soft Ltd) C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe
(AnchorFree Inc.) C:\Program Files (x86)\Hotspot Shield\bin\hsscp.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(SUPERAntiSpyware.com) C:\Program Files\SUPERAntiSpyware\SASCore64.exe
(SUPERAntiSpyware) C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\Office12\EXCEL.EXE
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Farbar) C:\Users\Adrian\Desktop\FRST64 (1).exe
==================== Registry (Whitelisted) ===========================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [AdobeGCInvoker-1.0] => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [316392 2018-05-11] (Adobe Systems, Incorporated)
HKLM-x32\...\Run: [GrooveMonitor] => C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [31072 2008-10-25] (Microsoft Corporation)
Winlogon\Notify\igfxcui: C:\Windows\SYSTEM32\igfxdev.dll (Intel Corporation)
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKU\S-1-5-21-4055709356-1465872850-4113285666-1000\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [18385368 2018-06-27] (Piriform Ltd)
HKU\S-1-5-21-4055709356-1465872850-4113285666-1000\...\Run: [MinerGateGui] => C:\Users\Adrian\AppData\Roaming\server\minergate.exe --auto
HKU\S-1-5-21-4055709356-1465872850-4113285666-1000\...\Run: [DAEMON Tools Lite Automount] => C:\Program Files\DAEMON Tools Lite\DTAgent.exe [4836032 2017-08-14] (Disc Soft Ltd)
HKU\S-1-5-21-4055709356-1465872850-4113285666-1000\...\Run: [SUPERAntiSpyware] => C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe [8898480 2018-07-03] (SUPERAntiSpyware)
HKU\S-1-5-21-4055709356-1465872850-4113285666-1000\...\MountPoints2: F - F:\autorun.exe
HKU\S-1-5-21-4055709356-1465872850-4113285666-1000\...\MountPoints2: {abf5f654-731c-11e4-8cb8-f82fa8dc94ee} - E:\unlock.exe autoplay=true
HKU\S-1-5-21-4055709356-1465872850-4113285666-1000\...\MountPoints2: {bad336dc-380b-11e8-88ed-ecf4bb0c7e4f} - F:\autorun.exe
HKU\S-1-5-21-4055709356-1465872850-4113285666-1000\...\MountPoints2: {bad336e2-380b-11e8-88ed-ecf4bb0c7e4f} - G:\autorun.exe
HKU\S-1-5-21-4055709356-1465872850-4113285666-1000\...\MountPoints2: {fafbe510-26ac-11e4-88ef-f82fa8dc94ee} - E:\LG_PC_Programs.exe
GroupPolicy: Restriction ? <==== ATTENTION
GroupPolicy\User: Restriction ? <==== ATTENTION
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Hosts: 127.0.0.1 localhost
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1
Tcpip\Parameters: [NameServer] 8.8.8.8,8.8.8.4
Tcpip\..\Interfaces\{12AA26AC-4392-403A-9A14-02CD4B939AC0}: [DhcpNameServer] 192.168.2.1
Tcpip\..\Interfaces\{B1A57BC6-6D23-472E-B8AD-E4B5EB2CEAC1}: [NameServer] 8.8.8.8
Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Local Page =
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = www.bing.com
HKU\S-1-5-21-4055709356-1465872850-4113285666-1000\Software\Microsoft\Internet Explorer\Main,Start Page =
HKU\S-1-5-21-4055709356-1465872850-4113285666-501\Software\Microsoft\Internet Explorer\Main,Search Page = www.bing.com
URLSearchHook: [S-1-5-21-4055709356-1465872850-4113285666-501_classes] ATTENTION => Default URLSearchHook is missing
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-12] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_121\bin\ssv.dll [2017-03-14] (Oracle Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_121\bin\jp2ssv.dll [2017-03-14] (Oracle Corporation)
StartMenuInternet: IEXPLORE.EXE - iexplore.exe
FireFox:
========
FF DefaultProfile: haadg4ll.default-1485454395780-1505925842552
FF DefaultProfile: y4erocbx.default
FF ProfilePath: C:\Users\Adrian\AppData\Roaming\TomTom\HOME\Profiles\urd9ga9k.default [2017-06-01]
FF ProfilePath: C:\Users\Adrian\AppData\Roaming\Mozilla\Firefox\Profiles\haadg4ll.default-1485454395780-1505925842552 [2018-08-07]
FF user.js: detected! => C:\Users\Adrian\AppData\Roaming\Mozilla\Firefox\Profiles\haadg4ll.default-1485454395780-1505925842552\user.js [2017-06-30]
FF Homepage: Mozilla\Firefox\Profiles\haadg4ll.default-1485454395780-1505925842552 -> www.google.fr
FF NetworkProxy: Mozilla\Firefox\Profiles\haadg4ll.default-1485454395780-1505925842552 -> type",
FF Extension: (No Name) - C:\Users\Adrian\AppData\Roaming\Mozilla\Firefox\Profiles\haadg4ll.default-1485454395780-1505925842552\Extensions\3db0-6cc2-c767-dfda [2017-11-03]
FF Extension: (antiporn) - C:\Users\Adrian\AppData\Roaming\Mozilla\Firefox\Profiles\haadg4ll.default-1485454395780-1505925842552\Extensions\jid1-o7IpBfZ5ihakSw@jetpack.xpi [2017-10-10] [Legacy]
FF Extension: (Video DownloadHelper) - C:\Users\Adrian\AppData\Roaming\Mozilla\Firefox\Profiles\haadg4ll.default-1485454395780-1505925842552\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}.xpi [2017-10-21] [Legacy]
FF Extension: (Flash and Video Download) - C:\Users\Adrian\AppData\Roaming\Mozilla\Firefox\Profiles\haadg4ll.default-1485454395780-1505925842552\Extensions\{bee6eb20-01e0-ebd1-da83-080329fb9a3a} [2017-10-20] [Legacy]
FF ProfilePath: C:\Users\Adrian\AppData\Roaming\Moonchild Productions\Pale Moon\Profiles\y4erocbx.default [2018-08-07]
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_27_0_0_183.dll [2017-10-26] ()
FF Plugin: @microsoft.com/GENUINE -> C:\Windows\system32\Wat\npWatWeb.dll [2014-07-25] (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_27_0_0_183.dll [2017-10-26] ()
FF Plugin-x32: @java.com/DTPlugin,version=11.121.2 -> C:\Program Files (x86)\Java\jre1.8.0_121\bin\dtplugin\npDeployJava1.dll [2017-03-14] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.121.2 -> C:\Program Files (x86)\Java\jre1.8.0_121\bin\plugin2\npjp2.dll [2017-03-14] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> C:\Windows\system32\Wat\npWatWeb.dll [2014-07-25] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.17\npGoogleUpdate3.dll [2018-05-18] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.17\npGoogleUpdate3.dll [2018-05-18] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.1.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2017-05-24] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2017-05-24] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.4 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2017-05-24] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.6 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2017-05-24] (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2018-06-29] (Adobe Systems Inc.)
Chrome:
=======
CHR DefaultProfile: Default
CHR Profile: C:\Users\Adrian\AppData\Local\Google\Chrome\User Data\Default [2018-08-07]
CHR Extension: (Flash Video Downloader) - C:\Users\Adrian\AppData\Local\Google\Chrome\User Data\Default\Extensions\aiimdkdngfcipjohbjenkahhlhccpdbc [2018-02-26]
CHR Extension: (SportZone) - C:\Users\Adrian\AppData\Local\Google\Chrome\User Data\Default\Extensions\cmeikikackmjcmgkcgpnangjlnicecml [2018-03-05]
CHR Extension: (Image Downloader) - C:\Users\Adrian\AppData\Local\Google\Chrome\User Data\Default\Extensions\cnpniohnfphhjihaiiggeabnkjhpaldj [2018-03-18]
CHR Extension: (Anti-Porn Pro - The best Anti-Porn addon!) - C:\Users\Adrian\AppData\Local\Google\Chrome\User Data\Default\Extensions\hbepadcdhpahlikldbochnhfleejiokp [2018-06-22]
CHR Extension: (Video DownloadHelper) - C:\Users\Adrian\AppData\Local\Google\Chrome\User Data\Default\Extensions\lmjnegcaeklhafolokijcfjliaokphfk [2018-08-01]
CHR Extension: (Pursued) - C:\Users\Adrian\AppData\Local\Google\Chrome\User Data\Default\Extensions\mglmffkipgdhdkolbbkofkfhappinpin [2018-03-04]
CHR Extension: (Paiements via le Chrome Web Store) - C:\Users\Adrian\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-04-03]
CHR Extension: (Chrome Media Router) - C:\Users\Adrian\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2018-06-08]
CHR Profile: C:\Users\Adrian\AppData\Local\Google\Chrome\User Data\Guest Profile [2018-08-06]
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx [2015-10-12]
Opera:
=======
OPR Extension: (No Name) - C:\Users\Adrian\AppData\Roaming\Opera Software\Opera Stable\Extensions\oidhhegpmlfpoeialbgcdocjalghfpkp [2017-11-13]
==================== Services (Whitelisted) ====================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 !SASCORE; C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE [173472 2017-01-31] (SUPERAntiSpyware.com)
R2 AGMService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe [2321384 2018-05-11] (Adobe Systems, Incorporated)
R2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [2128872 2018-05-11] (Adobe Systems, Incorporated)
R3 Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe [2291904 2017-08-14] (Disc Soft Ltd)
R2 hshld; C:\Program Files (x86)\Hotspot Shield\bin\cmw_srv.exe [53680 2018-02-05] (AnchorFree Inc.)
R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [15720 2013-08-30] (Intel Corporation)
R2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [201872 2012-11-23] (Realtek Semiconductor)
R2 wltrysvc; C:\Program Files\Dell\DW WLAN Card\bcmwltry.exe [6170624 2014-07-23] (Dell Inc.) [File not signed]
===================== Drivers (Whitelisted) ======================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R3 AFTrafMgr1.4; C:\Program Files (x86)\Hotspot Shield\bin\TrafMgr_1_4_64.sys [56840 2018-01-03] (AnchorFree Inc.)
S3 Apowersoft_AudioDevice; C:\Windows\System32\drivers\Apowersoft_AudioDevice.sys [31920 2014-04-09] (Wondershare)
S3 atrfiltr; C:\Windows\System32\DRIVERS\atrfiltr.sys [16224 2014-09-11] (Windows (R) Win 7 DDK provider)
S3 cxbu0x64; C:\Windows\System32\DRIVERS\cxbu0x64.sys [191224 2014-05-14] (HID Global Corporation)
R3 dtlitescsibus; C:\Windows\System32\DRIVERS\dtlitescsibus.sys [30264 2015-12-06] (Disc Soft Ltd)
R3 dtliteusbbus; C:\Windows\System32\DRIVERS\dtliteusbbus.sys [47672 2017-12-03] (Disc Soft Ltd)
R0 fsbts; C:\Windows\System32\Drivers\fsbts.sys [73928 2018-01-12] ()
R1 HssDRV6; C:\Windows\System32\DRIVERS\hssdrv6.sys [44744 2015-05-08] (AnchorFree Inc.)
R0 iaStorF; C:\Windows\System32\DRIVERS\iaStorF.sys [28008 2013-08-30] (Intel Corporation)
S3 jakstaVA; C:\Windows\System32\DRIVERS\jaksta_va.sys [103816 2014-12-09] (e2eSoft)
S1 SASDIFSV; C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS [14928 2011-07-22] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
R1 SASKUTIL; C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS [12368 2011-07-13] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
S4 secdrv; C:\Windows\SysWow64\Drivers\secdrv.sys [11973 2016-12-28] (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.) [File not signed]
R3 taphss6; C:\Windows\System32\DRIVERS\taphss6.sys [42064 2016-05-27] (Anchorfree Inc.)
U5 UnlockerDriver5; C:\Program Files\Unlocker\UnlockerDriver5.sys [12352 2010-07-01] ()
S3 btwampfl; \??\C:\Windows\system32\drivers\btwampfl.sys [X]
S3 btwaudio; system32\drivers\btwaudio.sys [X]
S3 btwavdt; system32\drivers\btwavdt.sys [X]
S3 btwl2cap; system32\DRIVERS\btwl2cap.sys [X]
S3 btwrchid; system32\DRIVERS\btwrchid.sys [X]
S3 EsgScanner; system32\DRIVERS\EsgScanner.sys [X]
S3 SmbDrvI; system32\DRIVERS\Smb_driver_Intel.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2018-08-07 13:11 - 2018-08-07 13:12 - 000018010 _____ C:\Users\Adrian\Desktop\FRST.txt
2018-08-07 13:10 - 2018-08-07 13:10 - 002412544 _____ (Farbar) C:\Users\Adrian\Desktop\FRST64 (1).exe
2018-08-07 13:08 - 2018-08-07 13:08 - 000000165 ____H C:\Users\Adrian\Documents\~$Emploi du temps.xlsx
2018-08-07 11:38 - 2018-08-07 11:39 - 000000000 ____D C:\Program Files\SUPERAntiSpyware
2018-08-07 11:38 - 2018-08-07 11:38 - 034864672 _____ (SUPERAntiSpyware) C:\Users\Adrian\Desktop\SUPERAntiSpyware.exe
2018-08-07 11:38 - 2018-08-07 11:38 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SUPERAntiSpyware
2018-08-07 11:16 - 2018-08-07 11:16 - 003265408 _____ C:\Users\Adrian\Desktop\ZHPCleaner.exe
2018-08-07 00:50 - 2018-08-07 00:50 - 007417040 _____ (Malwarebytes) C:\Users\Adrian\Desktop\adwcleaner_7.2.2.exe
2018-08-07 00:42 - 2018-08-07 00:42 - 007417040 _____ (Malwarebytes) C:\Users\Adrian\Desktop\adwcleaner_7.2.2 (1).exe
2018-08-07 00:41 - 2018-08-07 00:41 - 007417040 _____ (Malwarebytes) C:\Users\Adrian\Downloads\adwcleaner_7.2.2.exe
2018-08-07 00:40 - 2018-08-07 11:31 - 000001508 _____ C:\Users\Adrian\Desktop\ZHPCleaner.txt
2018-08-07 00:33 - 2018-08-07 00:33 - 003265408 _____ C:\Users\Adrian\Downloads\ZHPCleaner.exe
2018-08-06 20:51 - 2018-08-07 11:12 - 000129035 _____ C:\Users\Adrian\Desktop\ZHPDiag.txt
2018-08-06 20:44 - 2018-08-06 20:44 - 003157376 _____ C:\Users\Adrian\Downloads\ZHPDiag3.exe
2018-08-06 20:44 - 2018-08-06 20:44 - 000000822 _____ C:\Users\Adrian\Desktop\ZHPDiag.lnk
2018-08-06 19:51 - 2018-08-06 19:51 - 000000000 ____D C:\ProgramData\Synaptics
2018-08-06 17:39 - 2018-08-06 17:39 - 000003870 _____ C:\Windows\System32\Tasks\CCleaner Update
2018-08-06 17:39 - 2018-08-06 17:39 - 000002794 _____ C:\Windows\System32\Tasks\CCleanerSkipUAC
2018-08-06 17:39 - 2018-08-06 17:39 - 000000822 _____ C:\Users\Public\Desktop\CCleaner.lnk
2018-08-06 17:38 - 2018-08-06 17:38 - 016004240 _____ (Piriform Ltd) C:\Users\Adrian\Downloads\ccsetup544pro.exe
2018-08-06 13:41 - 2018-08-06 13:41 - 000503455 _____ C:\Users\Adrian\Downloads\video-1533547320.mp4
2018-08-05 20:09 - 2018-08-06 16:29 - 000002203 _____ C:\Users\Public\Desktop\Les 9 Destins de Valdo.lnk
2018-08-04 21:21 - 2018-08-04 21:21 - 000000000 ____D C:\Users\Adrian\Downloads\Leonard Cohen - Songs Of Leonard Cohen
2018-08-04 21:08 - 2018-07-26 19:56 - 000000000 ____D C:\Users\Adrian\Downloads\Plain White T's
2018-08-04 20:57 - 2018-08-04 21:04 - 000000000 ____D C:\Users\Adrian\Downloads\The Doors
2018-08-04 20:34 - 2013-03-24 21:39 - 000000000 ____D C:\Users\Adrian\Downloads\monks - 1966 - black monk time
2018-08-04 20:31 - 2018-08-04 20:45 - 000000000 ____D C:\Users\Adrian\Downloads\Simon and Garfunkel
2018-08-04 20:30 - 2018-08-04 20:37 - 000000000 ____D C:\Users\Adrian\Downloads\The Byrds
2018-08-04 20:16 - 2018-08-04 20:26 - 000000000 ____D C:\Users\Adrian\Downloads\The Rolling Stones
2018-08-04 20:16 - 2018-08-04 20:22 - 000000000 ____D C:\Users\Adrian\Downloads\Bob Dylan
2018-08-02 21:28 - 2018-08-02 21:28 - 001397565 _____ C:\Users\Adrian\Downloads\Mossad_Un agent des services secrets israeliens parle - Claire Hoy et Victor Ostrovsky.epub
2018-07-31 19:50 - 2018-08-01 01:00 - 692740940 ____R C:\Users\Adrian\Downloads\House of Horrors (1946) 66 min.Rondo Hatton.Martin Kosleck.Jonzee.H264.mkv
2018-07-31 13:40 - 2018-07-31 14:23 - 000000000 ____D C:\Users\Adrian\Downloads\James Bond Diamonds Are Forever (1971)
2018-07-30 23:24 - 2018-07-28 22:07 - 000000000 ____D C:\Users\Adrian\Downloads\Frederick Forsyth
2018-07-30 10:21 - 2018-07-30 10:21 - 006510820 _____ C:\Users\Adrian\Downloads\Frederick Forsyth.(Dame).rar
2018-07-28 17:27 - 2018-07-28 17:27 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Championship Manager 01-02
2018-07-28 17:26 - 2018-08-07 03:13 - 000000000 ____D C:\Program Files (x86)\Championship Manager 01-02
2018-07-28 17:20 - 2018-07-28 17:43 - 000000000 ____D C:\Users\Adrian\Downloads\Championship.Manager.Season.00-01.PC.Game(djDEVASTATE™)
2018-07-28 17:19 - 2018-07-28 17:24 - 307431424 _____ C:\Users\Adrian\Downloads\Championship Manager 01-02.iso
2018-07-28 17:06 - 2018-07-28 19:11 - 000000000 ____D C:\Program Files (x86)\Championship Manager 3
2018-07-28 17:04 - 2016-05-16 16:24 - 571201536 _____ C:\Users\Adrian\Downloads\Entrain3.iso
2018-07-28 16:54 - 2018-07-28 17:02 - 515624523 _____ C:\Users\Adrian\Downloads\jeu-02340-entraineur_3-pcwin.7z
2018-07-27 19:30 - 2018-07-27 19:30 - 000014854 _____ C:\Users\Adrian\Downloads\Malta-day-by-day.xlsx
2018-07-25 04:56 - 2018-07-25 04:56 - 000075717 _____ C:\Users\Adrian\Downloads\Live Monitoring Weekly Production Highlights - Week 30.pdf
2018-07-23 21:08 - 2018-07-23 21:22 - 000000000 ____D C:\Users\Adrian\Downloads\James Bond Live And Let Die (1973) [1080p]
2018-07-21 17:46 - 2018-07-21 17:46 - 000018653 _____ C:\Users\Adrian\Downloads\shifts-EE-Tallinn-2018-08.xlsx
2018-07-20 16:53 - 2018-07-20 16:54 - 000000000 ____D C:\Users\Adrian\Downloads\Level 42
2018-07-20 16:53 - 2018-07-20 16:53 - 000000000 ____D C:\Users\Adrian\Downloads\Men At Work - Two Hearts (1985) By Muro
2018-07-19 17:59 - 2018-07-19 17:59 - 000000000 ____D C:\Users\Adrian\Downloads\Billy ze kick et les gamins en folie 1993
2018-07-19 17:58 - 2018-07-19 17:58 - 000000000 ____D C:\Users\Adrian\Downloads\1983 - Cargo
2018-07-12 23:58 - 2018-07-13 00:50 - 000000000 ____D C:\Users\Adrian\Downloads\Berlin - Pleasure Victim [FLAC+MP3](Big Papi) Original 1982 CD Source
2018-07-12 23:58 - 2018-07-13 00:04 - 000000000 ____D C:\Users\Adrian\Downloads\Berlin - Count Three And Pray
2018-07-12 23:56 - 2018-07-13 00:01 - 000000000 ____D C:\Users\Adrian\Downloads\The Shangri-Las - Myrmidons of melodrama (1963-66), pop
2018-07-12 23:56 - 2018-07-12 23:56 - 000000000 ____D C:\Users\Adrian\Downloads\The Shangri-Las - Leaders of the Pack [2005] FLAC
2018-07-12 23:55 - 2018-07-13 00:04 - 000000000 ____D C:\Users\Adrian\Downloads\Love Life
2018-07-12 23:55 - 2018-07-13 00:03 - 000000000 ____D C:\Users\Adrian\Downloads\Pleasure Victim
2018-07-12 23:47 - 2018-07-13 00:51 - 000000000 ____D C:\Users\Adrian\Downloads\[1980] Information
2018-07-12 21:55 - 2018-07-14 22:17 - 000003668 _____ C:\Users\Adrian\Documents\Good Charlotte Interview.txt
2018-07-09 10:21 - 2018-07-09 10:22 - 000464760 _____ C:\Windows\system32\FNTCACHE.DAT
2018-07-08 21:34 - 2018-07-08 21:34 - 001323258 _____ C:\Users\Adrian\Downloads\Dragon Ball Z (par Ariane Carletti) - fiche chanson - B&M.mpeg
2018-07-08 11:27 - 2018-07-08 11:27 - 000121864 _____ C:\Users\Adrian\AppData\Local\GDIPFONTCACHEV1.DAT
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2018-08-07 12:43 - 2018-05-30 11:50 - 000009659 _____ C:\Users\Adrian\Documents\Emploi du temps.xlsx
2018-08-07 12:19 - 2017-09-23 12:55 - 000000000 ____D C:\Program Files\Pale Moon
2018-08-07 11:38 - 2017-03-29 20:04 - 000001808 _____ C:\Users\Public\Desktop\SUPERAntiSpyware Free Edition.lnk
2018-08-07 11:31 - 2015-08-16 21:19 - 000000000 ____D C:\Users\Adrian\AppData\Roaming\ZHP
2018-08-07 11:24 - 2014-10-13 20:31 - 000000000 ____D C:\Users\Adrian\Downloads\Installations
2018-08-07 11:10 - 2009-07-14 07:45 - 000025120 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2018-08-07 11:10 - 2009-07-14 07:45 - 000025120 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2018-08-07 10:54 - 2009-07-14 08:08 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2018-08-07 00:43 - 2016-06-04 14:37 - 000000000 ____D C:\AdwCleaner
2018-08-07 00:33 - 2017-09-07 14:06 - 000000000 ____D C:\Users\Adrian\AppData\Local\ZHP
2018-08-06 19:51 - 2009-07-14 06:20 - 000000000 ____D C:\Windows\inf
2018-08-06 17:41 - 2016-06-03 17:33 - 000000000 ____D C:\Users\Adrian\AppData\Roaming\MPC-HC
2018-08-06 17:41 - 2015-08-17 15:39 - 000192216 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2018-08-06 17:41 - 2015-04-30 22:03 - 000000000 ____D C:\Users\Adrian\AppData\Roaming\DAEMON Tools Lite
2018-08-06 17:41 - 2014-07-30 10:34 - 000000000 ____D C:\Users\Adrian\AppData\Roaming\FileZilla
2018-08-06 17:41 - 2014-07-24 16:42 - 000000000 ____D C:\Users\Adrian\AppData\Roaming\uTorrent
2018-08-06 17:39 - 2015-08-31 18:49 - 000000000 ____D C:\Program Files\CCleaner
2018-08-06 16:29 - 2018-07-06 00:14 - 000002331 _____ C:\Users\Public\Desktop\Les Guignols de l'Info ...le jeu!.lnk
2018-08-06 16:29 - 2018-07-03 17:46 - 000001876 _____ C:\Users\Public\Desktop\DOSBox 0.74.lnk
2018-08-06 16:29 - 2018-06-28 21:45 - 000000624 _____ C:\Users\Public\Desktop\RomStation.lnk
2018-08-06 16:29 - 2018-03-31 14:35 - 000001022 _____ C:\Users\Public\Desktop\Hotspot Shield.lnk
2018-08-06 16:29 - 2018-01-17 17:13 - 000001264 _____ C:\Users\Public\Desktop\Skype.lnk
2018-08-06 16:29 - 2017-12-27 22:43 - 000002030 _____ C:\Users\Public\Desktop\Les états d'Amérique du Nord.lnk
2018-08-06 16:29 - 2017-12-03 02:40 - 000001811 _____ C:\Users\Public\Desktop\DAEMON Tools Lite.lnk
2018-08-06 16:29 - 2017-12-01 14:41 - 000002172 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2018-08-06 16:29 - 2017-12-01 14:41 - 000002137 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2018-08-06 16:29 - 2017-09-23 12:55 - 000001070 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Pale Moon.lnk
2018-08-06 16:29 - 2017-09-23 12:55 - 000000923 _____ C:\Users\Public\Desktop\Pale Moon.lnk
2018-08-06 16:29 - 2017-04-14 11:33 - 000002429 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2018-08-06 16:29 - 2017-04-14 11:33 - 000002001 _____ C:\Users\Public\Desktop\Acrobat Reader DC.lnk
2018-08-06 16:29 - 2016-06-26 15:25 - 000002429 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2018-08-06 16:29 - 2016-06-26 15:25 - 000002001 _____ C:\Users\Public\Desktop\Acrobat Reader DC.lnk
2018-08-06 16:29 - 2015-08-17 15:36 - 000001060 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2018-08-06 16:29 - 2015-07-30 19:04 - 000001070 _____ C:\Users\Public\Desktop\OpenOffice 4.1.1.lnk
2018-08-06 16:29 - 2014-09-01 22:47 - 000000947 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Audacity.lnk
2018-08-06 16:29 - 2014-08-01 15:32 - 000000977 _____ C:\Users\Public\Desktop\Mp3tag.lnk
2018-08-06 16:29 - 2014-07-24 14:39 - 000001024 _____ C:\Users\Public\Desktop\VLC media player.lnk
2018-08-06 16:29 - 2014-07-24 14:36 - 000001921 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SumatraPDF.lnk
2018-08-06 16:29 - 2009-07-14 07:57 - 000001511 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
2018-08-06 16:29 - 2009-07-14 07:57 - 000001340 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Anytime Upgrade.lnk
2018-08-06 16:29 - 2009-07-14 07:57 - 000001292 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sidebar.lnk
2018-08-06 16:29 - 2009-07-14 07:57 - 000001234 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\XPS Viewer.lnk
2018-08-06 16:29 - 2009-07-14 07:54 - 000001198 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Fax and Scan.lnk
2018-08-06 16:28 - 2016-06-05 17:10 - 000000832 _____ C:\Users\Adrian\Desktop\ZHPCleaner.lnk
2018-08-06 16:28 - 2016-06-03 17:32 - 000001748 _____ C:\Users\Adrian\Desktop\MPC-HC x64.lnk
2018-08-06 16:28 - 2016-05-02 20:24 - 000001968 _____ C:\Users\Adrian\Desktop\AVI ReComp.lnk
2018-08-06 16:28 - 2014-09-01 22:47 - 000000947 _____ C:\Users\Adrian\Desktop\Audacity.lnk
2018-08-06 16:28 - 2014-07-24 16:42 - 000000794 _____ C:\Users\Adrian\AppData\Roaming\Microsoft\Windows\Start Menu\µTorrent.lnk
2018-08-06 16:28 - 2009-07-14 08:01 - 000001218 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Default Programs.lnk
2018-08-06 16:28 - 2009-07-14 07:49 - 000001246 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Windows Update.lnk
2018-08-06 16:26 - 2017-11-03 23:14 - 000000000 ____D C:\Users\Adrian\AppData\Roaming\3hqdlvlvpef
2018-08-06 15:55 - 2017-09-13 20:24 - 000000000 ____D C:\FRST
2018-08-06 15:54 - 2017-09-15 10:46 - 000000000 ____D C:\Users\Adrian\Desktop\FRST-OlderVersion
2018-08-06 15:54 - 2017-09-13 20:23 - 002412544 _____ (Farbar) C:\Users\Adrian\Desktop\FRST64.exe
2018-08-05 20:09 - 2018-07-03 18:01 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Abandonware-France
2018-08-05 20:07 - 2017-09-14 21:10 - 000000000 ____D C:\Users\Adrian\AppData\Roaming\Abandonware-France
2018-08-05 17:53 - 2018-01-10 15:24 - 000000000 ____D C:\RomStation
2018-08-04 20:58 - 2009-07-14 08:13 - 000788374 _____ C:\Windows\system32\PerfStringBackup.INI
2018-08-04 20:06 - 2014-08-22 19:55 - 000000000 ____D C:\Users\Adrian\Downloads\Pas finis
2018-08-03 20:02 - 2014-08-01 15:32 - 000000000 ____D C:\Users\Adrian\AppData\Roaming\Mp3tag
2018-08-01 17:44 - 2018-04-29 14:41 - 000000000 ____D C:\Users\Adrian\Documents\Livre Ultravox
2018-07-28 22:18 - 2018-01-10 20:10 - 000000000 ____D C:\Users\Adrian\Documents\Roman
2018-07-19 18:00 - 2014-10-13 20:31 - 000000000 ____D C:\Users\Adrian\Downloads\Livres
2018-07-16 00:20 - 2014-09-04 17:35 - 023982391 _____ C:\Users\Adrian\Documents\Films vus.odt
2018-07-16 00:13 - 2014-09-04 18:07 - 001307465 _____ C:\Users\Adrian\Documents\Classement des réalisateurs.ods
2018-07-14 18:18 - 2014-07-24 17:31 - 000000000 ____D C:\Users\Adrian\AppData\Roaming\vlc
2018-07-13 17:44 - 2014-10-13 20:32 - 000000000 ____D C:\Users\Adrian\Downloads\Photos
2018-07-13 17:11 - 2018-06-14 15:40 - 000000000 ____D C:\Users\Adrian\Downloads\Polyester-John Waters.Eng..DVDRip.XViD.PARENTE.1981
2018-07-13 17:10 - 2018-06-15 17:06 - 000000000 ____D C:\Users\Adrian\Downloads\Cop Land
2018-07-13 17:10 - 2018-06-14 15:40 - 000000000 ____D C:\Users\Adrian\Downloads\Pink Flamingos
2018-07-10 20:10 - 2017-11-28 13:24 - 000004476 _____ C:\Windows\System32\Tasks\Adobe Acrobat Update Task
2018-07-10 10:16 - 2018-07-02 21:38 - 000000000 ____D C:\Users\Adrian\Downloads\GOOD CHARLOTTE - DISCOGRAPHY [CHANNEL NEO]
2018-07-10 10:12 - 2009-07-14 08:08 - 000032576 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2018-07-08 17:00 - 2018-04-26 22:38 - 000000000 ____D C:\Users\Adrian\Documents\Livre Blondie
==================== Files in the root of some directories =======
2015-12-06 19:47 - 2017-08-06 13:32 - 000011264 _____ () C:\Users\Adrian\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2017-09-06 20:27 - 2017-09-06 20:27 - 000140800 _____ () C:\Users\Adrian\AppData\Local\installer.dat
2016-07-17 10:44 - 2016-07-17 10:46 - 000002222 _____ () C:\Users\Adrian\AppData\Local\WiDiSetupLog.20160717.104454.txt
2016-07-17 10:55 - 2016-07-17 10:55 - 000011200 _____ () C:\Users\Adrian\AppData\Local\WiDiSetupLog.20160717.105514.txt
==================== Bamital & volsnap ======================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2015-12-17 13:22
==================== End of FRST.txt ============================
Ran by Adrian (administrator) on ADRIAN-PC (07-08-2018 13:11:22)
Running from C:\Users\Adrian\Desktop
Loaded Profiles: Adrian & Guest (Available Profiles: Adrian & Guest)
Platform: Windows 7 Professional Service Pack 1 (X64) Language: English (United States)
Internet Explorer Version 11 (Default browser: Opera)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Dell Inc.) C:\Program Files\Dell\DW WLAN Card\WLTRYSVC.EXE
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Dell Inc.) C:\Program Files\Dell\DW WLAN Card\BCMWLTRY.EXE
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Andrea Electronics Corporation) C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe
(Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe
(Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
(AnchorFree Inc.) C:\Program Files (x86)\Hotspot Shield\bin\cmw_srv.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Disc Soft Ltd) C:\Program Files\DAEMON Tools Lite\DTAgent.exe
(Disc Soft Ltd) C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe
(AnchorFree Inc.) C:\Program Files (x86)\Hotspot Shield\bin\hsscp.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(SUPERAntiSpyware.com) C:\Program Files\SUPERAntiSpyware\SASCore64.exe
(SUPERAntiSpyware) C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\Office12\EXCEL.EXE
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Farbar) C:\Users\Adrian\Desktop\FRST64 (1).exe
==================== Registry (Whitelisted) ===========================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [AdobeGCInvoker-1.0] => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [316392 2018-05-11] (Adobe Systems, Incorporated)
HKLM-x32\...\Run: [GrooveMonitor] => C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [31072 2008-10-25] (Microsoft Corporation)
Winlogon\Notify\igfxcui: C:\Windows\SYSTEM32\igfxdev.dll (Intel Corporation)
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKU\S-1-5-21-4055709356-1465872850-4113285666-1000\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [18385368 2018-06-27] (Piriform Ltd)
HKU\S-1-5-21-4055709356-1465872850-4113285666-1000\...\Run: [MinerGateGui] => C:\Users\Adrian\AppData\Roaming\server\minergate.exe --auto
HKU\S-1-5-21-4055709356-1465872850-4113285666-1000\...\Run: [DAEMON Tools Lite Automount] => C:\Program Files\DAEMON Tools Lite\DTAgent.exe [4836032 2017-08-14] (Disc Soft Ltd)
HKU\S-1-5-21-4055709356-1465872850-4113285666-1000\...\Run: [SUPERAntiSpyware] => C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe [8898480 2018-07-03] (SUPERAntiSpyware)
HKU\S-1-5-21-4055709356-1465872850-4113285666-1000\...\MountPoints2: F - F:\autorun.exe
HKU\S-1-5-21-4055709356-1465872850-4113285666-1000\...\MountPoints2: {abf5f654-731c-11e4-8cb8-f82fa8dc94ee} - E:\unlock.exe autoplay=true
HKU\S-1-5-21-4055709356-1465872850-4113285666-1000\...\MountPoints2: {bad336dc-380b-11e8-88ed-ecf4bb0c7e4f} - F:\autorun.exe
HKU\S-1-5-21-4055709356-1465872850-4113285666-1000\...\MountPoints2: {bad336e2-380b-11e8-88ed-ecf4bb0c7e4f} - G:\autorun.exe
HKU\S-1-5-21-4055709356-1465872850-4113285666-1000\...\MountPoints2: {fafbe510-26ac-11e4-88ef-f82fa8dc94ee} - E:\LG_PC_Programs.exe
GroupPolicy: Restriction ? <==== ATTENTION
GroupPolicy\User: Restriction ? <==== ATTENTION
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Hosts: 127.0.0.1 localhost
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1
Tcpip\Parameters: [NameServer] 8.8.8.8,8.8.8.4
Tcpip\..\Interfaces\{12AA26AC-4392-403A-9A14-02CD4B939AC0}: [DhcpNameServer] 192.168.2.1
Tcpip\..\Interfaces\{B1A57BC6-6D23-472E-B8AD-E4B5EB2CEAC1}: [NameServer] 8.8.8.8
Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Local Page =
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = www.bing.com
HKU\S-1-5-21-4055709356-1465872850-4113285666-1000\Software\Microsoft\Internet Explorer\Main,Start Page =
HKU\S-1-5-21-4055709356-1465872850-4113285666-501\Software\Microsoft\Internet Explorer\Main,Search Page = www.bing.com
URLSearchHook: [S-1-5-21-4055709356-1465872850-4113285666-501_classes] ATTENTION => Default URLSearchHook is missing
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-12] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_121\bin\ssv.dll [2017-03-14] (Oracle Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_121\bin\jp2ssv.dll [2017-03-14] (Oracle Corporation)
StartMenuInternet: IEXPLORE.EXE - iexplore.exe
FireFox:
========
FF DefaultProfile: haadg4ll.default-1485454395780-1505925842552
FF DefaultProfile: y4erocbx.default
FF ProfilePath: C:\Users\Adrian\AppData\Roaming\TomTom\HOME\Profiles\urd9ga9k.default [2017-06-01]
FF ProfilePath: C:\Users\Adrian\AppData\Roaming\Mozilla\Firefox\Profiles\haadg4ll.default-1485454395780-1505925842552 [2018-08-07]
FF user.js: detected! => C:\Users\Adrian\AppData\Roaming\Mozilla\Firefox\Profiles\haadg4ll.default-1485454395780-1505925842552\user.js [2017-06-30]
FF Homepage: Mozilla\Firefox\Profiles\haadg4ll.default-1485454395780-1505925842552 -> www.google.fr
FF NetworkProxy: Mozilla\Firefox\Profiles\haadg4ll.default-1485454395780-1505925842552 -> type",
FF Extension: (No Name) - C:\Users\Adrian\AppData\Roaming\Mozilla\Firefox\Profiles\haadg4ll.default-1485454395780-1505925842552\Extensions\3db0-6cc2-c767-dfda [2017-11-03]
FF Extension: (antiporn) - C:\Users\Adrian\AppData\Roaming\Mozilla\Firefox\Profiles\haadg4ll.default-1485454395780-1505925842552\Extensions\jid1-o7IpBfZ5ihakSw@jetpack.xpi [2017-10-10] [Legacy]
FF Extension: (Video DownloadHelper) - C:\Users\Adrian\AppData\Roaming\Mozilla\Firefox\Profiles\haadg4ll.default-1485454395780-1505925842552\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}.xpi [2017-10-21] [Legacy]
FF Extension: (Flash and Video Download) - C:\Users\Adrian\AppData\Roaming\Mozilla\Firefox\Profiles\haadg4ll.default-1485454395780-1505925842552\Extensions\{bee6eb20-01e0-ebd1-da83-080329fb9a3a} [2017-10-20] [Legacy]
FF ProfilePath: C:\Users\Adrian\AppData\Roaming\Moonchild Productions\Pale Moon\Profiles\y4erocbx.default [2018-08-07]
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_27_0_0_183.dll [2017-10-26] ()
FF Plugin: @microsoft.com/GENUINE -> C:\Windows\system32\Wat\npWatWeb.dll [2014-07-25] (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_27_0_0_183.dll [2017-10-26] ()
FF Plugin-x32: @java.com/DTPlugin,version=11.121.2 -> C:\Program Files (x86)\Java\jre1.8.0_121\bin\dtplugin\npDeployJava1.dll [2017-03-14] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.121.2 -> C:\Program Files (x86)\Java\jre1.8.0_121\bin\plugin2\npjp2.dll [2017-03-14] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> C:\Windows\system32\Wat\npWatWeb.dll [2014-07-25] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.17\npGoogleUpdate3.dll [2018-05-18] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.17\npGoogleUpdate3.dll [2018-05-18] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.1.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2017-05-24] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2017-05-24] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.4 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2017-05-24] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.6 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2017-05-24] (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2018-06-29] (Adobe Systems Inc.)
Chrome:
=======
CHR DefaultProfile: Default
CHR Profile: C:\Users\Adrian\AppData\Local\Google\Chrome\User Data\Default [2018-08-07]
CHR Extension: (Flash Video Downloader) - C:\Users\Adrian\AppData\Local\Google\Chrome\User Data\Default\Extensions\aiimdkdngfcipjohbjenkahhlhccpdbc [2018-02-26]
CHR Extension: (SportZone) - C:\Users\Adrian\AppData\Local\Google\Chrome\User Data\Default\Extensions\cmeikikackmjcmgkcgpnangjlnicecml [2018-03-05]
CHR Extension: (Image Downloader) - C:\Users\Adrian\AppData\Local\Google\Chrome\User Data\Default\Extensions\cnpniohnfphhjihaiiggeabnkjhpaldj [2018-03-18]
CHR Extension: (Anti-Porn Pro - The best Anti-Porn addon!) - C:\Users\Adrian\AppData\Local\Google\Chrome\User Data\Default\Extensions\hbepadcdhpahlikldbochnhfleejiokp [2018-06-22]
CHR Extension: (Video DownloadHelper) - C:\Users\Adrian\AppData\Local\Google\Chrome\User Data\Default\Extensions\lmjnegcaeklhafolokijcfjliaokphfk [2018-08-01]
CHR Extension: (Pursued) - C:\Users\Adrian\AppData\Local\Google\Chrome\User Data\Default\Extensions\mglmffkipgdhdkolbbkofkfhappinpin [2018-03-04]
CHR Extension: (Paiements via le Chrome Web Store) - C:\Users\Adrian\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-04-03]
CHR Extension: (Chrome Media Router) - C:\Users\Adrian\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2018-06-08]
CHR Profile: C:\Users\Adrian\AppData\Local\Google\Chrome\User Data\Guest Profile [2018-08-06]
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx [2015-10-12]
Opera:
=======
OPR Extension: (No Name) - C:\Users\Adrian\AppData\Roaming\Opera Software\Opera Stable\Extensions\oidhhegpmlfpoeialbgcdocjalghfpkp [2017-11-13]
==================== Services (Whitelisted) ====================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 !SASCORE; C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE [173472 2017-01-31] (SUPERAntiSpyware.com)
R2 AGMService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe [2321384 2018-05-11] (Adobe Systems, Incorporated)
R2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [2128872 2018-05-11] (Adobe Systems, Incorporated)
R3 Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe [2291904 2017-08-14] (Disc Soft Ltd)
R2 hshld; C:\Program Files (x86)\Hotspot Shield\bin\cmw_srv.exe [53680 2018-02-05] (AnchorFree Inc.)
R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [15720 2013-08-30] (Intel Corporation)
R2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [201872 2012-11-23] (Realtek Semiconductor)
R2 wltrysvc; C:\Program Files\Dell\DW WLAN Card\bcmwltry.exe [6170624 2014-07-23] (Dell Inc.) [File not signed]
===================== Drivers (Whitelisted) ======================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R3 AFTrafMgr1.4; C:\Program Files (x86)\Hotspot Shield\bin\TrafMgr_1_4_64.sys [56840 2018-01-03] (AnchorFree Inc.)
S3 Apowersoft_AudioDevice; C:\Windows\System32\drivers\Apowersoft_AudioDevice.sys [31920 2014-04-09] (Wondershare)
S3 atrfiltr; C:\Windows\System32\DRIVERS\atrfiltr.sys [16224 2014-09-11] (Windows (R) Win 7 DDK provider)
S3 cxbu0x64; C:\Windows\System32\DRIVERS\cxbu0x64.sys [191224 2014-05-14] (HID Global Corporation)
R3 dtlitescsibus; C:\Windows\System32\DRIVERS\dtlitescsibus.sys [30264 2015-12-06] (Disc Soft Ltd)
R3 dtliteusbbus; C:\Windows\System32\DRIVERS\dtliteusbbus.sys [47672 2017-12-03] (Disc Soft Ltd)
R0 fsbts; C:\Windows\System32\Drivers\fsbts.sys [73928 2018-01-12] ()
R1 HssDRV6; C:\Windows\System32\DRIVERS\hssdrv6.sys [44744 2015-05-08] (AnchorFree Inc.)
R0 iaStorF; C:\Windows\System32\DRIVERS\iaStorF.sys [28008 2013-08-30] (Intel Corporation)
S3 jakstaVA; C:\Windows\System32\DRIVERS\jaksta_va.sys [103816 2014-12-09] (e2eSoft)
S1 SASDIFSV; C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS [14928 2011-07-22] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
R1 SASKUTIL; C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS [12368 2011-07-13] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
S4 secdrv; C:\Windows\SysWow64\Drivers\secdrv.sys [11973 2016-12-28] (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.) [File not signed]
R3 taphss6; C:\Windows\System32\DRIVERS\taphss6.sys [42064 2016-05-27] (Anchorfree Inc.)
U5 UnlockerDriver5; C:\Program Files\Unlocker\UnlockerDriver5.sys [12352 2010-07-01] ()
S3 btwampfl; \??\C:\Windows\system32\drivers\btwampfl.sys [X]
S3 btwaudio; system32\drivers\btwaudio.sys [X]
S3 btwavdt; system32\drivers\btwavdt.sys [X]
S3 btwl2cap; system32\DRIVERS\btwl2cap.sys [X]
S3 btwrchid; system32\DRIVERS\btwrchid.sys [X]
S3 EsgScanner; system32\DRIVERS\EsgScanner.sys [X]
S3 SmbDrvI; system32\DRIVERS\Smb_driver_Intel.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2018-08-07 13:11 - 2018-08-07 13:12 - 000018010 _____ C:\Users\Adrian\Desktop\FRST.txt
2018-08-07 13:10 - 2018-08-07 13:10 - 002412544 _____ (Farbar) C:\Users\Adrian\Desktop\FRST64 (1).exe
2018-08-07 13:08 - 2018-08-07 13:08 - 000000165 ____H C:\Users\Adrian\Documents\~$Emploi du temps.xlsx
2018-08-07 11:38 - 2018-08-07 11:39 - 000000000 ____D C:\Program Files\SUPERAntiSpyware
2018-08-07 11:38 - 2018-08-07 11:38 - 034864672 _____ (SUPERAntiSpyware) C:\Users\Adrian\Desktop\SUPERAntiSpyware.exe
2018-08-07 11:38 - 2018-08-07 11:38 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SUPERAntiSpyware
2018-08-07 11:16 - 2018-08-07 11:16 - 003265408 _____ C:\Users\Adrian\Desktop\ZHPCleaner.exe
2018-08-07 00:50 - 2018-08-07 00:50 - 007417040 _____ (Malwarebytes) C:\Users\Adrian\Desktop\adwcleaner_7.2.2.exe
2018-08-07 00:42 - 2018-08-07 00:42 - 007417040 _____ (Malwarebytes) C:\Users\Adrian\Desktop\adwcleaner_7.2.2 (1).exe
2018-08-07 00:41 - 2018-08-07 00:41 - 007417040 _____ (Malwarebytes) C:\Users\Adrian\Downloads\adwcleaner_7.2.2.exe
2018-08-07 00:40 - 2018-08-07 11:31 - 000001508 _____ C:\Users\Adrian\Desktop\ZHPCleaner.txt
2018-08-07 00:33 - 2018-08-07 00:33 - 003265408 _____ C:\Users\Adrian\Downloads\ZHPCleaner.exe
2018-08-06 20:51 - 2018-08-07 11:12 - 000129035 _____ C:\Users\Adrian\Desktop\ZHPDiag.txt
2018-08-06 20:44 - 2018-08-06 20:44 - 003157376 _____ C:\Users\Adrian\Downloads\ZHPDiag3.exe
2018-08-06 20:44 - 2018-08-06 20:44 - 000000822 _____ C:\Users\Adrian\Desktop\ZHPDiag.lnk
2018-08-06 19:51 - 2018-08-06 19:51 - 000000000 ____D C:\ProgramData\Synaptics
2018-08-06 17:39 - 2018-08-06 17:39 - 000003870 _____ C:\Windows\System32\Tasks\CCleaner Update
2018-08-06 17:39 - 2018-08-06 17:39 - 000002794 _____ C:\Windows\System32\Tasks\CCleanerSkipUAC
2018-08-06 17:39 - 2018-08-06 17:39 - 000000822 _____ C:\Users\Public\Desktop\CCleaner.lnk
2018-08-06 17:38 - 2018-08-06 17:38 - 016004240 _____ (Piriform Ltd) C:\Users\Adrian\Downloads\ccsetup544pro.exe
2018-08-06 13:41 - 2018-08-06 13:41 - 000503455 _____ C:\Users\Adrian\Downloads\video-1533547320.mp4
2018-08-05 20:09 - 2018-08-06 16:29 - 000002203 _____ C:\Users\Public\Desktop\Les 9 Destins de Valdo.lnk
2018-08-04 21:21 - 2018-08-04 21:21 - 000000000 ____D C:\Users\Adrian\Downloads\Leonard Cohen - Songs Of Leonard Cohen
2018-08-04 21:08 - 2018-07-26 19:56 - 000000000 ____D C:\Users\Adrian\Downloads\Plain White T's
2018-08-04 20:57 - 2018-08-04 21:04 - 000000000 ____D C:\Users\Adrian\Downloads\The Doors
2018-08-04 20:34 - 2013-03-24 21:39 - 000000000 ____D C:\Users\Adrian\Downloads\monks - 1966 - black monk time
2018-08-04 20:31 - 2018-08-04 20:45 - 000000000 ____D C:\Users\Adrian\Downloads\Simon and Garfunkel
2018-08-04 20:30 - 2018-08-04 20:37 - 000000000 ____D C:\Users\Adrian\Downloads\The Byrds
2018-08-04 20:16 - 2018-08-04 20:26 - 000000000 ____D C:\Users\Adrian\Downloads\The Rolling Stones
2018-08-04 20:16 - 2018-08-04 20:22 - 000000000 ____D C:\Users\Adrian\Downloads\Bob Dylan
2018-08-02 21:28 - 2018-08-02 21:28 - 001397565 _____ C:\Users\Adrian\Downloads\Mossad_Un agent des services secrets israeliens parle - Claire Hoy et Victor Ostrovsky.epub
2018-07-31 19:50 - 2018-08-01 01:00 - 692740940 ____R C:\Users\Adrian\Downloads\House of Horrors (1946) 66 min.Rondo Hatton.Martin Kosleck.Jonzee.H264.mkv
2018-07-31 13:40 - 2018-07-31 14:23 - 000000000 ____D C:\Users\Adrian\Downloads\James Bond Diamonds Are Forever (1971)
2018-07-30 23:24 - 2018-07-28 22:07 - 000000000 ____D C:\Users\Adrian\Downloads\Frederick Forsyth
2018-07-30 10:21 - 2018-07-30 10:21 - 006510820 _____ C:\Users\Adrian\Downloads\Frederick Forsyth.(Dame).rar
2018-07-28 17:27 - 2018-07-28 17:27 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Championship Manager 01-02
2018-07-28 17:26 - 2018-08-07 03:13 - 000000000 ____D C:\Program Files (x86)\Championship Manager 01-02
2018-07-28 17:20 - 2018-07-28 17:43 - 000000000 ____D C:\Users\Adrian\Downloads\Championship.Manager.Season.00-01.PC.Game(djDEVASTATE™)
2018-07-28 17:19 - 2018-07-28 17:24 - 307431424 _____ C:\Users\Adrian\Downloads\Championship Manager 01-02.iso
2018-07-28 17:06 - 2018-07-28 19:11 - 000000000 ____D C:\Program Files (x86)\Championship Manager 3
2018-07-28 17:04 - 2016-05-16 16:24 - 571201536 _____ C:\Users\Adrian\Downloads\Entrain3.iso
2018-07-28 16:54 - 2018-07-28 17:02 - 515624523 _____ C:\Users\Adrian\Downloads\jeu-02340-entraineur_3-pcwin.7z
2018-07-27 19:30 - 2018-07-27 19:30 - 000014854 _____ C:\Users\Adrian\Downloads\Malta-day-by-day.xlsx
2018-07-25 04:56 - 2018-07-25 04:56 - 000075717 _____ C:\Users\Adrian\Downloads\Live Monitoring Weekly Production Highlights - Week 30.pdf
2018-07-23 21:08 - 2018-07-23 21:22 - 000000000 ____D C:\Users\Adrian\Downloads\James Bond Live And Let Die (1973) [1080p]
2018-07-21 17:46 - 2018-07-21 17:46 - 000018653 _____ C:\Users\Adrian\Downloads\shifts-EE-Tallinn-2018-08.xlsx
2018-07-20 16:53 - 2018-07-20 16:54 - 000000000 ____D C:\Users\Adrian\Downloads\Level 42
2018-07-20 16:53 - 2018-07-20 16:53 - 000000000 ____D C:\Users\Adrian\Downloads\Men At Work - Two Hearts (1985) By Muro
2018-07-19 17:59 - 2018-07-19 17:59 - 000000000 ____D C:\Users\Adrian\Downloads\Billy ze kick et les gamins en folie 1993
2018-07-19 17:58 - 2018-07-19 17:58 - 000000000 ____D C:\Users\Adrian\Downloads\1983 - Cargo
2018-07-12 23:58 - 2018-07-13 00:50 - 000000000 ____D C:\Users\Adrian\Downloads\Berlin - Pleasure Victim [FLAC+MP3](Big Papi) Original 1982 CD Source
2018-07-12 23:58 - 2018-07-13 00:04 - 000000000 ____D C:\Users\Adrian\Downloads\Berlin - Count Three And Pray
2018-07-12 23:56 - 2018-07-13 00:01 - 000000000 ____D C:\Users\Adrian\Downloads\The Shangri-Las - Myrmidons of melodrama (1963-66), pop
2018-07-12 23:56 - 2018-07-12 23:56 - 000000000 ____D C:\Users\Adrian\Downloads\The Shangri-Las - Leaders of the Pack [2005] FLAC
2018-07-12 23:55 - 2018-07-13 00:04 - 000000000 ____D C:\Users\Adrian\Downloads\Love Life
2018-07-12 23:55 - 2018-07-13 00:03 - 000000000 ____D C:\Users\Adrian\Downloads\Pleasure Victim
2018-07-12 23:47 - 2018-07-13 00:51 - 000000000 ____D C:\Users\Adrian\Downloads\[1980] Information
2018-07-12 21:55 - 2018-07-14 22:17 - 000003668 _____ C:\Users\Adrian\Documents\Good Charlotte Interview.txt
2018-07-09 10:21 - 2018-07-09 10:22 - 000464760 _____ C:\Windows\system32\FNTCACHE.DAT
2018-07-08 21:34 - 2018-07-08 21:34 - 001323258 _____ C:\Users\Adrian\Downloads\Dragon Ball Z (par Ariane Carletti) - fiche chanson - B&M.mpeg
2018-07-08 11:27 - 2018-07-08 11:27 - 000121864 _____ C:\Users\Adrian\AppData\Local\GDIPFONTCACHEV1.DAT
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2018-08-07 12:43 - 2018-05-30 11:50 - 000009659 _____ C:\Users\Adrian\Documents\Emploi du temps.xlsx
2018-08-07 12:19 - 2017-09-23 12:55 - 000000000 ____D C:\Program Files\Pale Moon
2018-08-07 11:38 - 2017-03-29 20:04 - 000001808 _____ C:\Users\Public\Desktop\SUPERAntiSpyware Free Edition.lnk
2018-08-07 11:31 - 2015-08-16 21:19 - 000000000 ____D C:\Users\Adrian\AppData\Roaming\ZHP
2018-08-07 11:24 - 2014-10-13 20:31 - 000000000 ____D C:\Users\Adrian\Downloads\Installations
2018-08-07 11:10 - 2009-07-14 07:45 - 000025120 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2018-08-07 11:10 - 2009-07-14 07:45 - 000025120 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2018-08-07 10:54 - 2009-07-14 08:08 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2018-08-07 00:43 - 2016-06-04 14:37 - 000000000 ____D C:\AdwCleaner
2018-08-07 00:33 - 2017-09-07 14:06 - 000000000 ____D C:\Users\Adrian\AppData\Local\ZHP
2018-08-06 19:51 - 2009-07-14 06:20 - 000000000 ____D C:\Windows\inf
2018-08-06 17:41 - 2016-06-03 17:33 - 000000000 ____D C:\Users\Adrian\AppData\Roaming\MPC-HC
2018-08-06 17:41 - 2015-08-17 15:39 - 000192216 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2018-08-06 17:41 - 2015-04-30 22:03 - 000000000 ____D C:\Users\Adrian\AppData\Roaming\DAEMON Tools Lite
2018-08-06 17:41 - 2014-07-30 10:34 - 000000000 ____D C:\Users\Adrian\AppData\Roaming\FileZilla
2018-08-06 17:41 - 2014-07-24 16:42 - 000000000 ____D C:\Users\Adrian\AppData\Roaming\uTorrent
2018-08-06 17:39 - 2015-08-31 18:49 - 000000000 ____D C:\Program Files\CCleaner
2018-08-06 16:29 - 2018-07-06 00:14 - 000002331 _____ C:\Users\Public\Desktop\Les Guignols de l'Info ...le jeu!.lnk
2018-08-06 16:29 - 2018-07-03 17:46 - 000001876 _____ C:\Users\Public\Desktop\DOSBox 0.74.lnk
2018-08-06 16:29 - 2018-06-28 21:45 - 000000624 _____ C:\Users\Public\Desktop\RomStation.lnk
2018-08-06 16:29 - 2018-03-31 14:35 - 000001022 _____ C:\Users\Public\Desktop\Hotspot Shield.lnk
2018-08-06 16:29 - 2018-01-17 17:13 - 000001264 _____ C:\Users\Public\Desktop\Skype.lnk
2018-08-06 16:29 - 2017-12-27 22:43 - 000002030 _____ C:\Users\Public\Desktop\Les états d'Amérique du Nord.lnk
2018-08-06 16:29 - 2017-12-03 02:40 - 000001811 _____ C:\Users\Public\Desktop\DAEMON Tools Lite.lnk
2018-08-06 16:29 - 2017-12-01 14:41 - 000002172 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2018-08-06 16:29 - 2017-12-01 14:41 - 000002137 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2018-08-06 16:29 - 2017-09-23 12:55 - 000001070 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Pale Moon.lnk
2018-08-06 16:29 - 2017-09-23 12:55 - 000000923 _____ C:\Users\Public\Desktop\Pale Moon.lnk
2018-08-06 16:29 - 2017-04-14 11:33 - 000002429 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2018-08-06 16:29 - 2017-04-14 11:33 - 000002001 _____ C:\Users\Public\Desktop\Acrobat Reader DC.lnk
2018-08-06 16:29 - 2016-06-26 15:25 - 000002429 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2018-08-06 16:29 - 2016-06-26 15:25 - 000002001 _____ C:\Users\Public\Desktop\Acrobat Reader DC.lnk
2018-08-06 16:29 - 2015-08-17 15:36 - 000001060 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2018-08-06 16:29 - 2015-07-30 19:04 - 000001070 _____ C:\Users\Public\Desktop\OpenOffice 4.1.1.lnk
2018-08-06 16:29 - 2014-09-01 22:47 - 000000947 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Audacity.lnk
2018-08-06 16:29 - 2014-08-01 15:32 - 000000977 _____ C:\Users\Public\Desktop\Mp3tag.lnk
2018-08-06 16:29 - 2014-07-24 14:39 - 000001024 _____ C:\Users\Public\Desktop\VLC media player.lnk
2018-08-06 16:29 - 2014-07-24 14:36 - 000001921 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SumatraPDF.lnk
2018-08-06 16:29 - 2009-07-14 07:57 - 000001511 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
2018-08-06 16:29 - 2009-07-14 07:57 - 000001340 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Anytime Upgrade.lnk
2018-08-06 16:29 - 2009-07-14 07:57 - 000001292 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sidebar.lnk
2018-08-06 16:29 - 2009-07-14 07:57 - 000001234 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\XPS Viewer.lnk
2018-08-06 16:29 - 2009-07-14 07:54 - 000001198 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Fax and Scan.lnk
2018-08-06 16:28 - 2016-06-05 17:10 - 000000832 _____ C:\Users\Adrian\Desktop\ZHPCleaner.lnk
2018-08-06 16:28 - 2016-06-03 17:32 - 000001748 _____ C:\Users\Adrian\Desktop\MPC-HC x64.lnk
2018-08-06 16:28 - 2016-05-02 20:24 - 000001968 _____ C:\Users\Adrian\Desktop\AVI ReComp.lnk
2018-08-06 16:28 - 2014-09-01 22:47 - 000000947 _____ C:\Users\Adrian\Desktop\Audacity.lnk
2018-08-06 16:28 - 2014-07-24 16:42 - 000000794 _____ C:\Users\Adrian\AppData\Roaming\Microsoft\Windows\Start Menu\µTorrent.lnk
2018-08-06 16:28 - 2009-07-14 08:01 - 000001218 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Default Programs.lnk
2018-08-06 16:28 - 2009-07-14 07:49 - 000001246 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Windows Update.lnk
2018-08-06 16:26 - 2017-11-03 23:14 - 000000000 ____D C:\Users\Adrian\AppData\Roaming\3hqdlvlvpef
2018-08-06 15:55 - 2017-09-13 20:24 - 000000000 ____D C:\FRST
2018-08-06 15:54 - 2017-09-15 10:46 - 000000000 ____D C:\Users\Adrian\Desktop\FRST-OlderVersion
2018-08-06 15:54 - 2017-09-13 20:23 - 002412544 _____ (Farbar) C:\Users\Adrian\Desktop\FRST64.exe
2018-08-05 20:09 - 2018-07-03 18:01 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Abandonware-France
2018-08-05 20:07 - 2017-09-14 21:10 - 000000000 ____D C:\Users\Adrian\AppData\Roaming\Abandonware-France
2018-08-05 17:53 - 2018-01-10 15:24 - 000000000 ____D C:\RomStation
2018-08-04 20:58 - 2009-07-14 08:13 - 000788374 _____ C:\Windows\system32\PerfStringBackup.INI
2018-08-04 20:06 - 2014-08-22 19:55 - 000000000 ____D C:\Users\Adrian\Downloads\Pas finis
2018-08-03 20:02 - 2014-08-01 15:32 - 000000000 ____D C:\Users\Adrian\AppData\Roaming\Mp3tag
2018-08-01 17:44 - 2018-04-29 14:41 - 000000000 ____D C:\Users\Adrian\Documents\Livre Ultravox
2018-07-28 22:18 - 2018-01-10 20:10 - 000000000 ____D C:\Users\Adrian\Documents\Roman
2018-07-19 18:00 - 2014-10-13 20:31 - 000000000 ____D C:\Users\Adrian\Downloads\Livres
2018-07-16 00:20 - 2014-09-04 17:35 - 023982391 _____ C:\Users\Adrian\Documents\Films vus.odt
2018-07-16 00:13 - 2014-09-04 18:07 - 001307465 _____ C:\Users\Adrian\Documents\Classement des réalisateurs.ods
2018-07-14 18:18 - 2014-07-24 17:31 - 000000000 ____D C:\Users\Adrian\AppData\Roaming\vlc
2018-07-13 17:44 - 2014-10-13 20:32 - 000000000 ____D C:\Users\Adrian\Downloads\Photos
2018-07-13 17:11 - 2018-06-14 15:40 - 000000000 ____D C:\Users\Adrian\Downloads\Polyester-John Waters.Eng..DVDRip.XViD.PARENTE.1981
2018-07-13 17:10 - 2018-06-15 17:06 - 000000000 ____D C:\Users\Adrian\Downloads\Cop Land
2018-07-13 17:10 - 2018-06-14 15:40 - 000000000 ____D C:\Users\Adrian\Downloads\Pink Flamingos
2018-07-10 20:10 - 2017-11-28 13:24 - 000004476 _____ C:\Windows\System32\Tasks\Adobe Acrobat Update Task
2018-07-10 10:16 - 2018-07-02 21:38 - 000000000 ____D C:\Users\Adrian\Downloads\GOOD CHARLOTTE - DISCOGRAPHY [CHANNEL NEO]
2018-07-10 10:12 - 2009-07-14 08:08 - 000032576 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2018-07-08 17:00 - 2018-04-26 22:38 - 000000000 ____D C:\Users\Adrian\Documents\Livre Blondie
==================== Files in the root of some directories =======
2015-12-06 19:47 - 2017-08-06 13:32 - 000011264 _____ () C:\Users\Adrian\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2017-09-06 20:27 - 2017-09-06 20:27 - 000140800 _____ () C:\Users\Adrian\AppData\Local\installer.dat
2016-07-17 10:44 - 2016-07-17 10:46 - 000002222 _____ () C:\Users\Adrian\AppData\Local\WiDiSetupLog.20160717.104454.txt
2016-07-17 10:55 - 2016-07-17 10:55 - 000011200 _____ () C:\Users\Adrian\AppData\Local\WiDiSetupLog.20160717.105514.txt
==================== Bamital & volsnap ======================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2015-12-17 13:22
==================== End of FRST.txt ============================