Résultats d'analyse de  Farbar Recovery Scan Tool (FRST) (x64) Version:21-08-2015 03
Exécuté par Mourad (administrateur) sur HAMRAOUI (23-08-2015 09:06:55)
Exécuté depuis C:\Users\Mourad\Downloads
Profils chargés: Mourad (Profils disponibles: Mourad)
Platform: Windows 8 Pro (X64) Langue: Français (France)
Internet Explorer Version 10 (Navigateur par défaut: FF)
Mode d'amorçage: Normal
Tutoriel pour Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processus (Avec liste blanche) =================

(Si un élément est inclus dans le fichier fixlist.txt, le processus sera arrêté. Le fichier ne sera pas déplacé.)

(ABBYY) C:\Program Files (x86)\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe
(Apple Computer, Inc.) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
(Macrovision) C:\Windows\SysWOW64\drivers\CDAC11BA.EXE
() C:\Users\Mourad\AppData\Local\Labsoltax.exe
(Evolis Card Printer) C:\Program Files\Evolis Card Printer\Evolis Premium Suite\EvoPCSvc.exe
(SafeNet Inc.) C:\Windows\System32\hasplms.exe
() C:\Program Files (x86)\BCE34770-1440073806-0149-CCC0-D0278834D007\jnswFEA1.tmp
() C:\Program Files\igfx32\igfx32.exe
() C:\Program Files (x86)\BCE34770-1440073806-0149-CCC0-D0278834D007\hnsn1CF8.tmp
(Reimage®) C:\Program Files\Reimage\Reimage Protector\ReiGuard.exe
() C:\Program Files\Reimage\Reimage Protector\ReiSystem.exe
() C:\Program Files (x86)\BrowserProtect\srvBrowserProtect.exe_old
() C:\Program Files (x86)\BCE34770-1440073806-0149-CCC0-D0278834D007\knszC75E.tmpfs
(cake bake) C:\Program Files (x86)\WBDesktop.Updater.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.28.1\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.28.1\GoogleCrashHandler64.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\LogonUI.exe
() C:\Program Files (x86)\Deal Flow\deal_flow_helper_service.exe
(FreeDownloadManager.ORG) C:\Program Files (x86)\Free Download Manager\fdm.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(Bandoo Media Inc.) C:\Users\Mourad\AppData\Local\iLivid\iLivid.exe
() C:\Program Files (x86)\baidu\baidu.exe
(Evolis Card Printer) C:\Program Files\Evolis Card Printer\Evolis Premium Suite\PrinterManager.exe
(Microsoft Corporation) C:\Windows\System32\cmd.exe
(Acresso Software Inc.) C:\Cracked License Manager 10\lmgrd.exe
() C:\Program Files (x86)\HSPA USB Modem\HSPALauncher.exe
() C:\Cracked License Manager 10\ARCGIS.EXE
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\AAM Updates Notifier.exe
(Microsoft Corporation) C:\Windows\System32\mobsync.exe
(FileProperties_CompanyName) C:\Program Files (x86)\24Seven savings\24seven_savings_notification_service.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_18_0_0_232.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_18_0_0_232.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MSASCui.exe


==================== Registre (Avec liste blanche) ===========================

(Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé. Le fichier ne sera pas déplacé.)

HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [446392 2012-04-04] (Adobe Systems Incorporated)
HKLM\...\Run: [Windows Mobile Device Center] => C:\Windows\WindowsMobile\wmdc.exe [660360 2007-05-31] (Microsoft Corporation)
HKLM-x32\...\Run: [AdobeCS4ServiceManager] => C:\Program Files (x86)\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe [611712 2008-08-14] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [AdobeCS5ServiceManager] => C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe [406992 2010-02-22] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [SwitchBoard] => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [HSPALauncher] => C:\Program Files (x86)\HSPA USB Modem\HSPALauncher.exe [233472 2012-01-09] ()
HKLM-x32\...\Run: [Adobe Reader Speed Launcher] => C:\Program Files (x86)\Adobe\Reader 8.0\Reader\Reader_sl.exe [39792 2008-01-11] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [NBKeyScan] => "C:\Program Files (x86)\Nero\Nero8\Nero BackItUp\NBKeyScan.exe"
HKLM-x32\...\Run: [Chedot] => C:\Users\Mourad\AppData\Local\Chedot\Application\chedot.exe
HKU\S-1-5-21-1922014417-3918058363-1606673995-1001\...\Run: [Free Download Manager] => C:\Program Files (x86)\Free Download Manager\fdm.exe [6875136 2013-03-27] (FreeDownloadManager.ORG)
HKU\S-1-5-21-1922014417-3918058363-1606673995-1001\...\Run: [AdobeBridge] => [X]
HKU\S-1-5-21-1922014417-3918058363-1606673995-1001\...\Run: [Epson Stylus SX230] => C:\Windows\system32\spool\DRIVERS\x64\3\E_IATIHKE.EXE [232448 2011-01-21] (SEIKO EPSON CORPORATION)
HKU\S-1-5-21-1922014417-3918058363-1606673995-1001\...\Run: [EPSON SX230 Series] => C:\Windows\system32\spool\DRIVERS\x64\3\E_IATIHKE.EXE [232448 2011-01-21] (SEIKO EPSON CORPORATION)
HKU\S-1-5-21-1922014417-3918058363-1606673995-1001\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [30877280 2014-12-11] (Skype Technologies S.A.)
HKU\S-1-5-21-1922014417-3918058363-1606673995-1001\...\Run: [iLivid] => C:\Users\Mourad\AppData\Local\iLivid\iLivid.exe [8146632 2014-12-15] (Bandoo Media Inc.)
HKU\S-1-5-21-1922014417-3918058363-1606673995-1001\...\Run: [apphide] => C:\Program Files (x86)\baidu\baidu.exe [69632 2015-07-22] ()
HKU\S-1-5-21-1922014417-3918058363-1606673995-1001\...\Run: [HCDNClient] => C:\IQIYI Video\Common\QyKernel.exe [576104 2015-05-12] (iQIYI.COM)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Adobe Gamma Loader.lnk [2013-12-09]
ShortcutTarget: Adobe Gamma Loader.lnk -> C:\Program Files (x86)\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe (Adobe Systems, Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Evolis Printer Manager.lnk [2014-07-10]
ShortcutTarget: Evolis Printer Manager.lnk -> C:\Program Files\Evolis Card Printer\Evolis Premium Suite\PrinterManager.exe (Evolis Card Printer)
Startup: C:\Users\Mourad\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ArcGIS License Manager 10 CRACKED.lnk [2014-01-08]
ShortcutTarget: ArcGIS License Manager 10 CRACKED.lnk -> C:\Cracked License Manager 10\start_lic_mgr_invisible.vbs ()
ShellIconOverlayIdentifiers: [Identificateur de superposition d'icônes dans les signatures numériques AutoCAD] -> {36A21736-36C2-4C11-8ACB-D4136F2B57BD} => C:\Windows\system32\AcSignIcon.dll [2010-02-10] (Autodesk, Inc.)
ShellIconOverlayIdentifiers-x32: [AutoCAD Digital Signatures Icon Overlay Handler] -> {36A21736-36C2-4C11-8ACB-D4136F2B57BD} => C:\Windows\SysWOW64\AcSignIcon.dll [2003-02-14] (Autodesk)
GroupPolicy: Stratégie de groupe sur Chrome détecté(e) <======= ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Stratégie de restriction <======= ATTENTION

==================== Internet (Avec liste blanche) ====================

(Si un élément est inclus dans le fichier fixlist.txt, s'il s'agit d'un élément du Registre, il sera supprimé ou restauré à la valeur par défaut.)

HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Stratégie de restriction <======= ATTENTION
HKU\S-1-5-21-1922014417-3918058363-1606673995-1001\SOFTWARE\Policies\Microsoft\Internet Explorer: Stratégie de restriction <======= ATTENTION
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.msn.com/?pc=MSE1
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.msn.com/?pc=MSE1
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/?LinkID=617910&ResetID=130847895227493677&GUID=A5203E7E-00AD-4F1D-BD6F-ACE4F5236996
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,First Home Page = hxxp://go.microsoft.com/fwlink/?LinkID=226786&Mkt=fr-FR&Src=WD8&Tid=0003446E&OHP=http%3A%2F%2Fen.eazel.com%2F&OSP=
HKU\S-1-5-21-1922014417-3918058363-1606673995-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.msn.com/?pc=MSE1
HKU\S-1-5-21-1922014417-3918058363-1606673995-1001\Software\Microsoft\Internet Explorer\Main,bProtector Start Page = hxxp://search.babylon.com/?affID=119531&babsrc=HP_ss_din2g&mntrId=CCD7D0278834D007
HKU\S-1-5-21-1922014417-3918058363-1606673995-1001\Software\Microsoft\Internet Explorer\Main,Default_search_url = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\S-1-5-21-1922014417-3918058363-1606673995-1001\Software\Microsoft\Internet Explorer\Main,Default_page_url = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1
SearchScopes: HKLM -> {9BB47C17-9C68-4BB3-B188-DD9AF0FD2406} URL = hxxp://dts.search.ask.com/sr?src=ieb&gct=ds&appid=0&systemid=406&v=u15946-241&apn_uid=9349614032554151&apn_dtid=BND406&o=APN10645&apn_ptnrs=AG6&q={searchTerms}
SearchScopes: HKLM-x32 -> {9BB47C17-9C68-4BB3-B188-DD9AF0FD2406} URL = hxxp://dts.search.ask.com/sr?src=ieb&gct=ds&appid=0&systemid=406&v=u15946-241&apn_uid=9349614032554151&apn_dtid=BND406&o=APN10645&apn_ptnrs=AG6&q={searchTerms}
SearchScopes: HKU\S-1-5-21-1922014417-3918058363-1606673995-1001 -> DefaultScope {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1
SearchScopes: HKU\S-1-5-21-1922014417-3918058363-1606673995-1001 -> bProtectorDefaultScope {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}
SearchScopes: HKU\S-1-5-21-1922014417-3918058363-1606673995-1001 -> OldSearch URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1
SearchScopes: HKU\S-1-5-21-1922014417-3918058363-1606673995-1001 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://en.eazel.com/results.php?id=BBED3BAE1229475C92C4A31FEB088521&oid=1&cat=web&co=&lg=en&q={searchTerms}
SearchScopes: HKU\S-1-5-21-1922014417-3918058363-1606673995-1001 -> {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1
SearchScopes: HKU\S-1-5-21-1922014417-3918058363-1606673995-1001 -> {80c554b9-c7f8-4a21-9471-06d606da78a2} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1
SearchScopes: HKU\S-1-5-21-1922014417-3918058363-1606673995-1001 -> {9BB47C17-9C68-4BB3-B188-DD9AF0FD2406} URL = hxxp://dts.search.ask.com/sr?src=ieb&gct=ds&appid=0&systemid=406&v=u15946-241&apn_uid=9349614032554151&apn_dtid=BND406&o=APN10645&apn_ptnrs=AG6&q={searchTerms}
BHO: Pas de nom -> {4646332D-5637-006A-76A7-7A786E7484D7} ->  Pas de fichier
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-19] (Microsoft Corporation)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO-x32: Adobe PDF Reader Link Helper -> {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [2006-10-22] (Adobe Systems Incorporated)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-19] (Microsoft Corporation)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO-x32: Free Download Manager -> {CC59E0F9-7E43-44FA-9FAA-8377850BF205} -> C:\Program Files (x86)\Free Download Manager\iefdm2.dll [2013-03-11] (FreeDownloadManager.ORG)
BHO-x32: °®ÆæÒÕÖúÊÖ -> {FB4F6285-4C32-49F2-950F-A5998F9CEC6C} -> C:\IQIYI Video\Common\Accelerator\IEHelper.dll [2015-04-29] (爱奇艺)
Hosts: Il y a plus d'un élément dans hosts. Voir la section Hosts de Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{A74ADD58-2B19-4C78-8164-7398BF1F6BD5}: [DhcpNameServer] 192.168.1.1
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe http://www.mystartsearch.com/?type=sc&ts=1440082939&z=fd83ea8edd68252a55028e7gdz0z0e2efbbofb2zbe&from=cmi&uid=HitachiXHUA722010CLA330_JPW9H0HQ12S1YH12S1YHX

FireFox:
========
FF ProfilePath: C:\Users\Mourad\AppData\Roaming\Mozilla\Firefox\Profiles\ditufqeh.default
FF NewTab: chrome://quick_start/content/index.html
FF DefaultSearchEngine: mystartsearch
FF SearchEngineOrder.1: Search with EazelBar
FF SelectedSearchEngine: mystartsearch
FF Homepage: hxxp://en.eazel.com/
FF Keyword.URL: hxxp://en.eazel.com/results.php?id=BBBBBBBBBB08e80e287d4837a8edffc5271&cat=web&co=&lg=en&q=
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_18_0_0_232.dll [2015-08-17] ()
FF Plugin: @iqiyi.com/npclient -> C:\IQIYI Video\LStyle\npclient.dll [2015-05-12] ()
FF Plugin: @iqiyi.com/npWebPlayer -> C:\IQIYI Video\LStyle\npWebPlayer.dll [2015-04-29] (爱奇艺公司)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_18_0_0_232.dll [2015-08-17] ()
FF Plugin-x32: @ei.UtilityChest_49.com/Plugin -> C:\Program Files (x86)\UtilityChest_49EI\Installr\1.bin\NP49EISB.dll [2013-07-09] (Utility Chest)
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll [2013-10-07] (Google)
FF Plugin-x32: @iqiyi.com/npclient -> C:\IQIYI Video\LStyle\npclient.dll [2015-05-12] ()
FF Plugin-x32: @iqiyi.com/npWebPlayer -> C:\IQIYI Video\LStyle\npWebPlayer.dll [2015-04-29] (爱奇艺公司)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin-x32: @staging.google.com/globalUpdate Update;version=10 -> C:\Program Files (x86)\globalUpdate\Update\1.3.25.0\npglobalupdateUpdate4.dll [2015-08-20] (globalUpdate)
FF Plugin-x32: @staging.google.com/globalUpdate Update;version=4 -> C:\Program Files (x86)\globalUpdate\Update\1.3.25.0\npglobalupdateUpdate4.dll [2015-08-20] (globalUpdate)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.28.1\npGoogleUpdate3.dll [2015-07-16] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.28.1\npGoogleUpdate3.dll [2015-07-16] (Google Inc.)
FF Plugin HKU\S-1-5-21-1922014417-3918058363-1606673995-1001: @iqiyi.com/npWebPlayer -> C:\IQIYI Video\LStyle\npWebPlayer.dll [2015-04-29] (爱奇艺公司)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll [2007-05-10] (Adobe Systems Inc.)
FF SearchPlugin: C:\Users\Mourad\AppData\Roaming\Mozilla\Firefox\Profiles\ditufqeh.default\searchplugins\Ask.xml [2014-07-13]
FF SearchPlugin: C:\Users\Mourad\AppData\Roaming\Mozilla\Firefox\Profiles\ditufqeh.default\searchplugins\istartsurf.xml [2015-08-20]
FF SearchPlugin: C:\Users\Mourad\AppData\Roaming\Mozilla\Firefox\Profiles\ditufqeh.default\searchplugins\mystartsearch.xml [2015-08-23]
FF SearchPlugin: C:\Users\Mourad\AppData\Roaming\Mozilla\Firefox\Profiles\ditufqeh.default\searchplugins\search-with-eazelbar.xml [2015-08-20]
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\Ask.xml [2014-07-13]
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\search-with-eazelbar.xml [2013-11-12]
FF Extension: Deal Flow - C:\Users\Mourad\AppData\Roaming\Mozilla\Firefox\Profiles\ditufqeh.default\Extensions\0LAWNEV@gmail.com [2015-05-28]
FF Extension: Zwinky - C:\Users\Mourad\AppData\Roaming\Mozilla\Firefox\Profiles\ditufqeh.default\Extensions\5qffxtbr@www.zwinky.com [2015-06-23]
FF Extension: autoreloadyzcom - C:\Users\Mourad\AppData\Roaming\Mozilla\Firefox\Profiles\ditufqeh.default\Extensions\autoreload@yz.com [2015-04-22]
FF Extension: Default SearchProtected  - C:\Users\Mourad\AppData\Roaming\Mozilla\Firefox\Profiles\ditufqeh.default\Extensions\defsearchp@gmail.com [2015-08-20]
FF Extension: deskCut - C:\Users\Mourad\AppData\Roaming\Mozilla\Firefox\Profiles\ditufqeh.default\Extensions\deskCutv2@gmail.com [2015-08-20]
FF Extension: 24Seven savings - C:\Users\Mourad\AppData\Roaming\Mozilla\Firefox\Profiles\ditufqeh.default\Extensions\oya1Nx8Hb@gmail.com [2015-04-02]
FF Extension: WinToFlash Suggestor - C:\Users\Mourad\AppData\Roaming\Mozilla\Firefox\Profiles\ditufqeh.default\Extensions\{285ACFBB-8E53-4feb-90E6-F02A128927F3} [2013-08-05]
FF Extension: Yahoo! Toolbar - C:\Users\Mourad\AppData\Roaming\Mozilla\Firefox\Profiles\ditufqeh.default\Extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1} [2015-03-02]
FF Extension: b555dfc956a840a48619fab2c7ab2c59 - C:\Users\Mourad\AppData\Roaming\Mozilla\Firefox\Profiles\ditufqeh.default\Extensions\{b555dfc9-56a8-40a4-8619-fab2c7ab2c59} [2015-04-02]
FF Extension: FDD8ECF0451A414D8C8F7B7F78B0ECD3 - C:\Users\Mourad\AppData\Roaming\Mozilla\Firefox\Profiles\ditufqeh.default\Extensions\{FDD8ECF0-451A-414D-8C8F-7B7F78B0ECD3} [2015-05-28]
FF Extension: WinToFlash Suggestor - C:\Users\Mourad\AppData\Roaming\Mozilla\Firefox\Profiles\ditufqeh.default\Extensions\{285ACFBB-8E53-4feb-90E6-F02A128927F3}.xpi [2012-05-25]
FF HKLM-x32\...\Firefox\Extensions: [defsearchp@gmail.com] - C:\Users\Mourad\AppData\Roaming\Mozilla\Firefox\Profiles\ditufqeh.default\extensions\defsearchp@gmail.com
FF HKLM-x32\...\Firefox\Extensions: [deskCutv2@gmail.com] - C:\Users\Mourad\AppData\Roaming\Mozilla\Firefox\Profiles\ditufqeh.default\extensions\deskCutv2@gmail.com
StartMenuInternet: FIREFOX.EXE - C:\Program Files (x86)\Mozilla Firefox\firefox.exe http://www.mystartsearch.com/?type=sc&ts=1440082939&z=fd83ea8edd68252a55028e7gdz0z0e2efbbofb2zbe&from=cmi&uid=HitachiXHUA722010CLA330_JPW9H0HQ12S1YH12S1YHX
FF ExtraCheck: C:\Program Files (x86)\mozilla firefox\browser\defaults\preferences\my-prefs.js [2015-05-17] <==== ATTENTION (Pointe vers un fichier *.cfg)
FF ExtraCheck: C:\Program Files (x86)\mozilla firefox\my.cfg [2015-05-17] <==== ATTENTION

Chrome: 
=======
CHR HKLM-x32\...\Chrome\Extension: [acaoakiamfeidcmgooclgeleejkbaecf] - C:\Program Files (x86)\WinToFlash Suggestor\WinToFlashSuggestor.crx <non trouvé(e)>
CHR HKLM-x32\...\Chrome\Extension: [dnligehkhogpcngalffdoomehjcbecna] - https://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [eooncjejnppfjjklapaamhcdmjbilmde] - C:\Users\Mourad\AppData\Roaming\BabSolution\CR\Delta.crx <non trouvé(e)>
CHR HKLM-x32\...\Chrome\Extension: [gehmndecgbcffhmfjkenpamdgechcgpe] - https://clients2.google.com/service/update2/crx

==================== Services (Avec liste blanche) ========================

(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)

R2 ABBYY.Licensing.FineReader.Sprint.9.0; C:\Program Files (x86)\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe [759048 2009-05-14] (ABBYY)
S3 Adobe LM Service; C:\Program Files (x86)\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe [68096 2013-07-07] () [Fichier non signé]
R2 Bonjour Service; C:\Program Files (x86)\Bonjour\mDNSResponder.exe [229376 2006-02-28] (Apple Computer, Inc.) [Fichier non signé]
R2 C-DillaCdaC11BA; C:\Windows\SysWOW64\drivers\CDAC11BA.EXE [54784 2014-01-05] (Macrovision) [Fichier non signé]
R2 dowaeoad; C:\Users\Mourad\AppData\Local\Labsoltax.exe [47616 2015-08-20] () [Fichier non signé]
R2 Evolis Print Center Service; C:\Program Files\Evolis Card Printer\Evolis Premium Suite\EvoPCSvc.exe [1594648 2013-06-13] (Evolis Card Printer)
S2 globalUpdate; C:\Program Files (x86)\globalUpdate\Update\globalupdate.exe [68608 2015-08-20] (globalUpdate) [Fichier non signé] <==== ATTENTION
S3 globalUpdatem; C:\Program Files (x86)\globalUpdate\Update\globalupdate.exe [68608 2015-08-20] (globalUpdate) [Fichier non signé] <==== ATTENTION
R2 hasplms; C:\Windows\system32\hasplms.exe [4609928 2013-08-01] (SafeNet Inc.)
R2 hyverumu; C:\Program Files (x86)\BCE34770-1440073806-0149-CCC0-D0278834D007\jnswFEA1.tmp [209920 2015-08-20] () [Fichier non signé]
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-04] (Macrovision Corporation) [Fichier non signé]
R2 igfx32; C:\Program Files\igfx32\igfx32.exe [379904 2015-08-19] () [Fichier non signé]
R2 kefowydy; C:\Program Files (x86)\BCE34770-1440073806-0149-CCC0-D0278834D007\hnsn1CF8.tmp [137728 2015-08-20] () [Fichier non signé]
R2 ReimageRealTimeProtector; C:\Program Files\Reimage\Reimage Protector\ReiGuard.exe [7414256 2015-05-19] (Reimage®)
R2 srvBrowserProtect; C:\Program Files (x86)\BrowserProtect\srvBrowserProtect.exe [60416 2014-09-22] () [Fichier non signé]
S3 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [Fichier non signé]
R2 WebCake Desktop Updater; C:\Program Files (x86)\WBDesktop.Updater.exe [51992 2013-08-11] (cake bake)
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [16056 2015-07-06] (Microsoft Corporation)
S3 Sepcltorvb; pas de ImagePath
R2 sumiryhi; C:\Program Files (x86)\BCE34770-1440073806-0149-CCC0-D0278834D007\knszC75E.tmpfs [X]

===================== Pilotes (Avec liste blanche) ==========================

(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)

S3 61883; C:\Windows\System32\drivers\61883.sys [61440 2012-07-26] (Microsoft Corporation)
S2 CdaC15BA; C:\Windows\SysWOW64\drivers\CDAC15BA.SYS [12464 2014-01-05] (Macrovision Europe Ltd) [Fichier non signé]
R2 hardlock; C:\Windows\system32\drivers\hardlock.sys [331328 2013-08-01] (SafeNet Inc.)
U5 TMUSB; C:\Windows\System32\DRIVERS\TMUSB64.SYS [63096 2012-12-05] (Seiko Epson Corporation)
S3 catchme; \??\C:\ComboFix\catchme.sys [X]
S1 erysbvvn; \??\C:\Windows\system32\drivers\erysbvvn.sys [X]
S1 hexayscq; \??\C:\Windows\system32\drivers\hexayscq.sys [X]
S1 hgykfyob; \??\C:\Windows\system32\drivers\hgykfyob.sys [X]
S1 lribevll; \??\C:\Windows\system32\drivers\lribevll.sys [X]
S1 MpKsld508f518; \??\C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{6E36D615-AA2B-4319-8EAA-4D1947BCD808}\MpKsld508f518.sys [X]

==================== NetSvcs (Avec liste blanche) ===================

(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)


==================== Un mois - Créés - fichiers et dossiers ========

(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)

2015-08-23 09:06 - 2015-08-23 09:07 - 00024079 _____ C:\Users\Mourad\Downloads\FRST.txt
2015-08-23 09:06 - 2015-08-23 09:06 - 00000000 ____D C:\FRST
2015-08-23 09:05 - 2015-08-23 09:05 - 02173952 _____ (Farbar) C:\Users\Mourad\Downloads\FRST64.exe
2015-08-23 08:55 - 2015-08-23 08:55 - 00003240 _____ C:\Windows\System32\Tasks\downlpad
2015-08-23 08:14 - 2015-08-23 08:14 - 00000989 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2015-08-23 08:14 - 2015-08-23 08:14 - 00000977 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk
2015-08-20 16:13 - 2015-08-20 16:13 - 00003098 _____ C:\Windows\System32\Tasks\{CA7A5519-9085-4EEB-AB41-0A4F4488DF21}
2015-08-20 16:05 - 2015-08-20 16:05 - 00613255 _____ (CMI Limited) C:\Users\Mourad\AppData\Local\nslF78D.tmp
2015-08-20 16:02 - 2015-08-20 16:02 - 00004290 _____ C:\Windows\System32\Tasks\3EAC8F03-75E5-4CE1-910-4DA450911761
2015-08-20 16:02 - 2015-08-20 16:02 - 00000000 ____D C:\Users\Mourad\AppData\Local\3EAC8F03-75E5-4CE1-910-4DA450911761
2015-08-20 15:51 - 2015-08-23 08:04 - 00001022 _____ C:\Windows\Tasks\6S1WIpUP0tAcpb.job
2015-08-20 15:51 - 2015-08-20 15:51 - 00004032 _____ C:\Windows\System32\Tasks\6S1WIpUP0tAcpb
2015-08-20 14:19 - 2015-08-20 15:39 - 00000376 _____ C:\Windows\Tasks\APSnotifierPP3.job
2015-08-20 14:19 - 2015-08-20 15:39 - 00000376 _____ C:\Windows\Tasks\APSnotifierPP2.job
2015-08-20 14:19 - 2015-08-20 14:50 - 00000378 _____ C:\Windows\Tasks\APSnotifierPP1.job
2015-08-20 14:19 - 2015-08-20 14:19 - 00002810 _____ C:\Windows\System32\Tasks\APSnotifierPP1
2015-08-20 14:19 - 2015-08-20 14:19 - 00002808 _____ C:\Windows\System32\Tasks\APSnotifierPP3
2015-08-20 14:19 - 2015-08-20 14:19 - 00002808 _____ C:\Windows\System32\Tasks\APSnotifierPP2
2015-08-20 14:19 - 2015-08-20 14:19 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2015-08-20 14:17 - 2015-08-20 14:17 - 00613255 _____ (CMI Limited) C:\Users\Mourad\AppData\Local\nseBE1C.tmp
2015-08-20 14:17 - 2015-08-20 14:17 - 00000000 __SHD C:\Users\Mourad\AppData\Roaming\AnyProtectEx
2015-08-20 14:05 - 2015-08-20 14:14 - 42088312 _____ C:\Users\Mourad\Downloads\Firefox-Setup-40-0-2_FR.exe
2015-08-20 13:49 - 2015-08-20 13:49 - 00001094 _____ C:\Users\Mourad\Desktop\Continue Live Installation.lnk
2015-08-20 13:43 - 2015-08-20 13:43 - 00000496 __RSH C:\ProgramData\ntuser.pol
2015-08-20 13:41 - 2015-08-20 14:14 - 00000434 _____ C:\task.vbs
2015-08-20 13:41 - 2015-08-20 13:41 - 00000000 _____ C:\Windows\prleth.sys
2015-08-20 13:41 - 2015-08-20 13:41 - 00000000 _____ C:\Windows\hgfs.sys
2015-08-20 13:30 - 2015-08-20 16:12 - 00000000 ____D C:\Users\Mourad\AppData\Local\BCE34770-1440077458-0149-CCC0-D0278834D007
2015-08-20 13:30 - 2015-08-20 13:41 - 00000000 ____D C:\Program Files (x86)\BCE34770-1440073806-0149-CCC0-D0278834D007
2015-08-20 13:30 - 2010-05-07 18:51 - 00000413 _____ C:\Windows\system32\Drivers\etc\hp.bak
2015-08-20 13:29 - 2015-08-20 15:29 - 00000000 ____D C:\Program Files\igfx32
2015-08-20 13:29 - 2015-08-20 13:29 - 00047616 _____ C:\Users\Mourad\AppData\Local\Labsoltax.exe
2015-08-20 09:50 - 2015-08-20 09:50 - 00030450 _____ C:\Users\Mourad\Downloads\UNITE TIZI-OUZOU  EPI  AOUT 2015.xlsx
2015-08-20 09:50 - 2015-08-20 09:50 - 00009672 _____ C:\Users\Mourad\Downloads\SITUATION DES VEHICULES PEUGEOT PARTNER.xlsx
2015-08-20 09:38 - 2015-08-20 09:38 - 01187032 _____ (Adobe Systems Incorporated) C:\Users\Mourad\Downloads\flashplayer18pp_da_install.exe
2015-08-20 08:49 - 2015-08-20 08:49 - 00028184 _____ C:\Windows\system32\ScanResults.xml
2015-08-20 08:45 - 2015-08-20 08:45 - 00000464 _____ C:\Windows\system32\ScannerSettings
2015-08-19 16:21 - 2015-08-20 10:05 - 00000000 ____D C:\Users\Mourad\AppData\Roaming\Opera Software
2015-08-19 16:21 - 2015-08-20 10:05 - 00000000 ____D C:\Users\Mourad\AppData\Local\Opera Software
2015-08-19 16:16 - 2015-08-20 13:36 - 00000000 ____D C:\Users\Mourad\AppData\Local\Unity
2015-08-19 16:16 - 2015-08-20 10:05 - 00000000 ____D C:\Program Files (x86)\Opera
2015-08-19 16:16 - 2015-08-19 16:17 - 00000000 ____D C:\Users\Mourad\AppData\Local\SysassistByHotWheel
2015-08-19 16:16 - 2015-08-19 16:16 - 00000000 ____D C:\IQIYI Video
2015-08-19 16:15 - 2015-08-23 08:24 - 00000000 ____D C:\ProgramData\IQIYI Video
2015-08-19 16:15 - 2015-08-19 16:16 - 00000000 ____D C:\Users\Mourad\AppData\Roaming\IQIYI Video
2015-08-19 16:15 - 2015-08-19 16:15 - 00000000 ____D C:\Users\Public\QiYi
2015-08-19 16:11 - 2015-08-19 16:11 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\baidu
2015-08-19 16:11 - 2015-08-19 16:11 - 00000000 ____D C:\Program Files (x86)\baidu
2015-08-19 16:09 - 2015-08-19 16:10 - 01141264 _____ C:\Users\Mourad\Downloads\wedding dad cover 19.rar__15022_i1588980345_il352657.exe
2015-08-19 10:53 - 2015-08-19 10:53 - 00008442 _____ C:\Users\Mourad\Desktop\BILAN DES ACTIVITES ET REALISATIONS AU 30_06_2015 ZTO - Raccourci.lnk
2015-08-19 09:21 - 2015-08-13 13:34 - 19292160 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-08-19 09:21 - 2015-08-13 12:02 - 14383616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2015-08-19 09:21 - 2015-08-13 11:49 - 02706432 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2015-08-19 09:21 - 2015-08-13 11:44 - 02706432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2015-08-17 15:56 - 2015-08-17 15:56 - 00003438 _____ C:\Windows\System32\Tasks\Reimage Reminder
2015-08-17 15:55 - 2015-08-17 15:55 - 00004276 _____ C:\Windows\System32\Tasks\ReimageUpdater
2015-08-17 15:54 - 2015-08-23 08:21 - 00000000 ____D C:\Program Files\Reimage
2015-08-17 15:54 - 2015-08-17 15:57 - 00000000 ____D C:\rei
2015-08-17 15:54 - 2015-08-17 15:56 - 00000000 ____D C:\ProgramData\Reimage Protector
2015-08-17 15:54 - 2015-08-17 15:54 - 00001861 _____ C:\Users\Public\Desktop\PC Scan & Repair by Reimage.lnk
2015-08-17 15:54 - 2015-08-17 15:54 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Reimage Repair
2015-08-17 15:51 - 2015-08-17 15:56 - 00000139 _____ C:\Windows\Reimage.ini
2015-08-17 15:49 - 2015-08-17 15:49 - 00772016 _____ (Reimage®) C:\Users\Mourad\Downloads\ReimageRepair.exe
2015-08-17 09:58 - 2015-07-13 22:05 - 00054272 _____ (Microsoft Corporation) C:\Windows\system32\basesrv.dll
2015-08-17 09:58 - 2015-07-13 22:05 - 00048128 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2015-08-17 09:58 - 2015-07-09 22:46 - 05982208 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll
2015-08-17 09:58 - 2015-07-09 22:44 - 00322560 _____ (Microsoft Corporation) C:\Windows\system32\aaclient.dll
2015-08-17 09:58 - 2015-07-09 21:17 - 05095424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll
2015-08-17 09:58 - 2015-07-09 21:16 - 00269824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\aaclient.dll
2015-08-17 09:58 - 2015-07-01 14:00 - 00227328 _____ (Microsoft Corporation) C:\Windows\system32\WebClnt.dll
2015-08-17 09:58 - 2015-07-01 13:58 - 00104448 _____ (Microsoft Corporation) C:\Windows\system32\davclnt.dll
2015-08-17 09:58 - 2015-07-01 12:42 - 00198656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WebClnt.dll
2015-08-17 09:58 - 2015-07-01 12:41 - 00086016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\davclnt.dll
2015-08-17 09:57 - 2015-07-30 14:11 - 00124624 _____ (Microsoft Corporation) C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll
2015-08-17 09:57 - 2015-07-30 14:10 - 00103120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2015-08-17 09:57 - 2015-07-28 17:25 - 00025776 _____ (Microsoft Corporation) C:\Windows\system32\CompatTelRunner.exe
2015-08-17 09:57 - 2015-07-28 15:13 - 01116160 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2015-08-17 09:57 - 2015-07-28 15:13 - 00774144 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2015-08-17 09:57 - 2015-07-28 15:13 - 00743424 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2015-08-17 09:57 - 2015-07-28 15:13 - 00437248 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2015-08-17 09:57 - 2015-07-28 15:13 - 00069120 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2015-08-17 09:57 - 2015-07-28 14:12 - 01148416 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2015-08-17 09:57 - 2015-07-06 17:16 - 00044560 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WdBoot.sys
2015-08-17 09:57 - 2015-07-06 15:32 - 00281944 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WdFilter.sys
2015-08-17 09:56 - 2015-07-16 21:32 - 02239488 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-08-17 09:56 - 2015-07-16 21:32 - 01409024 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-08-17 09:56 - 2015-07-16 21:32 - 00601600 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-08-17 09:56 - 2015-07-16 21:31 - 03959808 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-08-17 09:56 - 2015-07-16 21:31 - 00856064 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2015-08-17 09:56 - 2015-07-16 21:31 - 00603136 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-08-17 09:56 - 2015-07-16 21:30 - 15416320 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-08-17 09:56 - 2015-07-16 21:30 - 02657280 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-08-17 09:56 - 2015-07-16 21:30 - 00949760 _____ (Microsoft Corporation) C:\Windows\system32\inetcomm.dll
2015-08-17 09:56 - 2015-07-16 20:07 - 01763328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2015-08-17 09:56 - 2015-07-16 20:07 - 01181696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2015-08-17 09:56 - 2015-07-16 20:07 - 00524288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2015-08-17 09:56 - 2015-07-16 20:06 - 13774848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2015-08-17 09:56 - 2015-07-16 20:06 - 02865664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2015-08-17 09:56 - 2015-07-16 20:06 - 02056704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2015-08-17 09:56 - 2015-07-16 20:06 - 00737280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcomm.dll
2015-08-17 09:56 - 2015-07-16 20:06 - 00690176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2015-08-17 09:56 - 2015-07-16 20:06 - 00493056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2015-08-17 09:56 - 2015-07-16 20:06 - 00357888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2015-08-17 09:56 - 2015-07-16 20:06 - 00226816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2015-08-17 09:54 - 2015-07-13 22:23 - 01744384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6.dll
2015-08-17 09:54 - 2015-07-13 22:23 - 01422336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2015-08-17 09:54 - 2015-07-13 22:05 - 02340864 _____ (Microsoft Corporation) C:\Windows\system32\msxml6.dll
2015-08-17 09:54 - 2015-07-13 22:05 - 01850880 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2015-08-17 09:53 - 2015-07-29 15:45 - 01412608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll
2015-08-17 09:53 - 2015-07-29 15:45 - 00035328 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll
2015-08-17 09:53 - 2015-07-29 14:52 - 01840640 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll
2015-08-17 09:53 - 2015-07-29 14:52 - 01280000 _____ (Microsoft Corporation) C:\Windows\system32\FntCache.dll
2015-08-17 09:53 - 2015-07-29 14:52 - 00046080 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2015-08-17 09:53 - 2015-07-27 23:42 - 00304128 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll
2015-08-17 09:53 - 2015-07-27 23:40 - 04064768 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2015-08-17 09:53 - 2015-07-27 23:40 - 00366592 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2015-08-17 09:53 - 2015-06-09 14:09 - 00411133 _____ C:\Windows\system32\ApnDatabase.xml
2015-08-17 09:46 - 2015-07-15 17:09 - 06969688 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-08-17 09:45 - 2015-07-15 17:09 - 00095064 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mountmgr.sys
2015-08-17 09:45 - 2015-07-15 17:06 - 01824296 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2015-08-17 09:45 - 2015-07-15 14:49 - 01410000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2015-08-17 09:45 - 2015-07-15 14:29 - 01333248 _____ (Microsoft Corporation) C:\Windows\system32\sysmain.dll
2015-08-17 09:42 - 2015-07-09 22:47 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\notepad.exe
2015-08-17 09:42 - 2015-07-09 22:47 - 00243712 _____ (Microsoft Corporation) C:\Windows\notepad.exe
2015-08-17 09:42 - 2015-07-09 21:18 - 00233984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\notepad.exe
2015-08-09 09:25 - 2015-08-09 15:51 - 00000000 ____D C:\Users\Mourad\Desktop\budget 2015
2015-08-09 09:17 - 2015-08-09 09:21 - 00000000 ____D C:\Users\Mourad\Desktop\consommation budgetaires au 30.06.2015

==================== Un mois - Modifiés - fichiers et dossiers ========

(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)

2015-08-23 09:00 - 2012-07-26 09:12 - 00000000 ____D C:\Windows\system32\sru
2015-08-23 08:57 - 2013-07-30 13:32 - 00001002 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-08-23 08:54 - 2013-05-20 10:10 - 01449166 _____ C:\Windows\WindowsUpdate.log
2015-08-23 08:20 - 2013-06-17 12:12 - 00001094 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-08-23 08:18 - 2015-04-05 08:12 - 00000004 _____ C:\Windows\SysWOW64\029B560A371F4E00AB32838EBC01B9E7
2015-08-23 08:18 - 2015-04-02 16:18 - 00001364 _____ C:\Windows\Tasks\24seven_savings_notification_service.job
2015-08-23 08:17 - 2013-07-11 14:45 - 00000000 ____D C:\Users\Mourad\AppData\Roaming\Skype
2015-08-23 08:05 - 2013-05-20 10:33 - 00000000 ____D C:\Users\Mourad\AppData\Local\Adobe
2015-08-23 08:04 - 2015-07-23 16:19 - 00000990 _____ C:\Windows\Tasks\globalUpdateUpdateTaskMachineCore.job
2015-08-23 08:04 - 2015-05-28 10:22 - 00000516 _____ C:\Windows\Tasks\deal_flow_helper_service.job
2015-08-23 08:04 - 2015-04-02 16:18 - 00000726 _____ C:\Windows\Tasks\24seven_savings_updating_service.job
2015-08-23 08:04 - 2013-06-17 12:12 - 00001090 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-08-20 16:12 - 2013-05-20 10:11 - 00001492 _____ C:\Users\Mourad\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2015-08-20 16:08 - 2013-12-19 14:40 - 00000000 ____D C:\Program Files (x86)\BrowserProtect
2015-08-20 16:07 - 2013-05-20 10:01 - 00245234 _____ C:\Windows\PFRO.log
2015-08-20 16:07 - 2012-07-26 08:22 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2015-08-20 16:02 - 2015-05-17 10:52 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2015-08-20 15:55 - 2015-07-23 16:19 - 00000994 _____ C:\Windows\Tasks\globalUpdateUpdateTaskMachineUA.job
2015-08-20 15:50 - 2015-07-23 16:19 - 00003966 _____ C:\Windows\System32\Tasks\globalUpdateUpdateTaskMachineUA
2015-08-20 15:50 - 2015-07-23 16:19 - 00003730 _____ C:\Windows\System32\Tasks\globalUpdateUpdateTaskMachineCore
2015-08-20 11:21 - 2012-07-26 09:12 - 00000000 ____D C:\Windows\rescache
2015-08-20 09:32 - 2012-07-26 09:12 - 00000000 ___HD C:\Windows\system32\GroupPolicy
2015-08-20 08:24 - 2015-04-06 14:56 - 08241728 _____ C:\Windows\system32\FNTCACHE.DAT
2015-08-19 16:24 - 2012-07-26 09:12 - 00000000 ___RD C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2015-08-19 16:24 - 2012-07-26 09:12 - 00000000 ___RD C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2015-08-19 16:24 - 2012-07-26 09:12 - 00000000 ____D C:\Program Files\Windows Defender
2015-08-19 16:24 - 2012-07-26 09:12 - 00000000 ____D C:\Program Files (x86)\Windows Defender
2015-08-19 15:55 - 2014-06-24 11:44 - 00101376 ___SH C:\Users\Mourad\Documents\Thumbs.db
2015-08-19 11:37 - 2013-12-30 10:03 - 00000000 ____D C:\Users\Mourad\AppData\Roaming\vlc
2015-08-19 09:22 - 2012-07-26 08:59 - 00000000 ____D C:\Windows\CbsTemp
2015-08-19 09:04 - 2013-12-24 16:03 - 01019392 ___SH C:\Users\Mourad\Desktop\Thumbs.db
2015-08-19 08:52 - 2012-07-26 09:12 - 00000000 ____D C:\Windows\AUInstallAgent
2015-08-18 14:33 - 2012-07-26 11:09 - 00799736 _____ C:\Windows\system32\perfh00C.dat
2015-08-18 14:33 - 2012-07-26 11:09 - 00155444 _____ C:\Windows\system32\perfc00C.dat
2015-08-18 14:33 - 2012-07-26 08:28 - 01793362 _____ C:\Windows\system32\PerfStringBackup.INI
2015-08-18 14:30 - 2015-05-06 13:17 - 00005446 _____ C:\Windows\setupact.log
2015-08-18 11:07 - 2012-07-26 09:12 - 00000000 ____D C:\Windows\system32\FxsTmp
2015-08-17 11:41 - 2015-07-14 15:09 - 00000000 ____D C:\ProgramData\temp
2015-08-17 11:41 - 2012-07-26 06:26 - 00262144 ___SH C:\Windows\system32\config\BBI
2015-08-17 11:39 - 2015-04-19 09:01 - 00000000 ___SD C:\Windows\system32\CompatTel
2015-08-17 11:39 - 2015-04-19 09:01 - 00000000 ____D C:\Windows\system32\appraiser
2015-08-17 11:39 - 2013-08-29 11:28 - 00000000 ____D C:\Windows\system32\MRT
2015-08-17 11:36 - 2013-05-27 08:18 - 132483416 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2015-08-17 11:35 - 2013-05-20 12:54 - 00000000 ____D C:\ProgramData\Microsoft Help
2015-08-17 11:31 - 2012-07-26 09:12 - 00000000 ___RD C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2015-08-17 11:31 - 2012-07-26 09:12 - 00000000 ___RD C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2015-08-17 08:58 - 2013-07-30 13:32 - 00003890 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2015-08-08 03:27 - 2015-07-19 08:48 - 00793544 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-08-08 03:27 - 2015-07-19 08:48 - 00177632 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-07-30 15:23 - 2013-05-20 10:48 - 00000000 ____D C:\ProgramData\Adobe
2015-07-30 15:23 - 2013-05-20 10:11 - 00000000 ____D C:\Users\Mourad\AppData\Roaming\Adobe
2015-07-27 13:21 - 2015-07-07 14:33 - 00000000 ____D C:\Users\Mourad\Downloads\Tizi Ouzou Primaire 2015
2015-07-27 13:21 - 2015-07-07 14:33 - 00000000 ____D C:\Users\Mourad\Downloads\Tizi Ouzou CEM 2015
2015-07-27 13:21 - 2014-01-02 14:42 - 01413632 ___SH C:\Users\Mourad\Downloads\Thumbs.db

==================== Fichiers à la racine de certains dossiers =======

2013-08-11 09:07 - 2013-08-11 09:07 - 0051992 _____ (cake bake) C:\Program Files (x86)\WBDesktop.Updater.exe
2015-04-14 17:28 - 2015-04-14 17:28 - 0004387 _____ () C:\Users\Mourad\AppData\Roaming\6S1WIpUP0tAcpb
2015-04-20 15:05 - 2015-04-20 15:05 - 1246720 _____ () C:\Users\Mourad\AppData\Roaming\6S1WIpUP0tAcpb.exe
2013-05-28 09:28 - 2015-05-10 10:15 - 0000132 _____ () C:\Users\Mourad\AppData\Roaming\Adobe PNG Format CS5 Prefs
2013-06-24 11:58 - 2015-03-08 16:02 - 0000132 _____ () C:\Users\Mourad\AppData\Roaming\Préfs Filtre IllExportation Adobe CS5
2014-05-08 16:03 - 2014-05-08 16:03 - 0003584 _____ () C:\Users\Mourad\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2015-08-20 13:29 - 2015-08-20 13:29 - 0047616 _____ () C:\Users\Mourad\AppData\Local\Labsoltax.exe
2015-08-20 13:29 - 2015-08-20 13:29 - 0000187 _____ () C:\Users\Mourad\AppData\Local\Labsoltax.exe.config
2015-08-20 14:17 - 2015-08-20 14:17 - 0613255 _____ (CMI Limited) C:\Users\Mourad\AppData\Local\nseBE1C.tmp
2015-08-20 16:05 - 2015-08-20 16:05 - 0613255 _____ (CMI Limited) C:\Users\Mourad\AppData\Local\nslF78D.tmp
2013-11-25 16:19 - 2013-11-25 16:19 - 0000017 _____ () C:\Users\Mourad\AppData\Local\resmon.resmoncfg
2013-06-19 16:19 - 2015-03-11 09:17 - 0000088 __RSH () C:\ProgramData\8680A42720.sys
2014-06-26 10:25 - 2014-06-26 11:22 - 0000855 _____ () C:\ProgramData\hpzinstall.log
2013-06-19 16:19 - 2015-03-11 09:17 - 0002516 ___SH () C:\ProgramData\KGyGaAvL.sys

Certains fichiers dans TEMP:
====================
C:\Users\Mourad\AppData\Local\temp\11975.exe
C:\Users\Mourad\AppData\Local\temp\12228.exe
C:\Users\Mourad\AppData\Local\temp\1416.exe
C:\Users\Mourad\AppData\Local\temp\14214.exe
C:\Users\Mourad\AppData\Local\temp\14446.exe
C:\Users\Mourad\AppData\Local\temp\1527.exe
C:\Users\Mourad\AppData\Local\temp\19641.exe
C:\Users\Mourad\AppData\Local\temp\20538.exe
C:\Users\Mourad\AppData\Local\temp\22169.exe
C:\Users\Mourad\AppData\Local\temp\23644.exe
C:\Users\Mourad\AppData\Local\temp\28599.exe
C:\Users\Mourad\AppData\Local\temp\30807.exe
C:\Users\Mourad\AppData\Local\temp\31341.exe
C:\Users\Mourad\AppData\Local\temp\3389.exe
C:\Users\Mourad\AppData\Local\temp\5188.exe
C:\Users\Mourad\AppData\Local\temp\526.exe
C:\Users\Mourad\AppData\Local\temp\5470.exe
C:\Users\Mourad\AppData\Local\temp\5574.exe
C:\Users\Mourad\AppData\Local\temp\5639.exe
C:\Users\Mourad\AppData\Local\temp\5737.exe
C:\Users\Mourad\AppData\Local\temp\6459.exe
C:\Users\Mourad\AppData\Local\temp\6882.exe
C:\Users\Mourad\AppData\Local\temp\7619.exe
C:\Users\Mourad\AppData\Local\temp\789.exe
C:\Users\Mourad\AppData\Local\temp\8557.exe
C:\Users\Mourad\AppData\Local\temp\8948.exe
C:\Users\Mourad\AppData\Local\temp\amiupdater1622.exe
C:\Users\Mourad\AppData\Local\temp\beeaafafed.exe
C:\Users\Mourad\AppData\Local\temp\fsd22CF.exe
C:\Users\Mourad\AppData\Local\temp\fsd7BDA.exe
C:\Users\Mourad\AppData\Local\temp\IQIYIsetup_l_huayukeji@kb006.exe
C:\Users\Mourad\AppData\Local\temp\nsn9F22.exe
C:\Users\Mourad\AppData\Local\temp\ofwz1025.exe
C:\Users\Mourad\AppData\Local\temp\ofwz40336.exe
C:\Users\Mourad\AppData\Local\temp\ofwz42833.exe
C:\Users\Mourad\AppData\Local\temp\Opera_NI_stable.exe
C:\Users\Mourad\AppData\Local\temp\Oursurfing.1.07.exe
C:\Users\Mourad\AppData\Local\temp\playerfile.exe
C:\Users\Mourad\AppData\Local\temp\ppstreamsetup_unfix.exe
C:\Users\Mourad\AppData\Local\temp\qqpcmgr_v10.7.16066.216_71761_Silence.exe
C:\Users\Mourad\AppData\Local\temp\ReimagePackage.exe
C:\Users\Mourad\AppData\Local\temp\Uninstall.exe
C:\Users\Mourad\AppData\Local\temp\updtr17946.exe
C:\Users\Mourad\AppData\Local\temp\updtr45698.exe
C:\Users\Mourad\AppData\Local\temp\updtr71504.exe
C:\Users\Mourad\AppData\Local\temp\{01AAB121-8E0D-487C-BEBB-A56460D4F286}.dll
C:\Users\Mourad\AppData\Local\temp\{0A064E76-A7D1-48B6-8116-5C75AAABC215}-43.0.2357.130_43.0.2357.124_chrome_updater.exe
C:\Users\Mourad\AppData\Local\temp\{1FF86E5D-2C16-435F-A7E4-8666696C08DB}.dll
C:\Users\Mourad\AppData\Local\temp\{3BDF2872-15A4-4CB1-B0CD-6FEA48131333}.dll
C:\Users\Mourad\AppData\Local\temp\{50F4B7B2-A6D0-4C0F-B3E1-8D793A586657}.dll
C:\Users\Mourad\AppData\Local\temp\{5CC91D84-DD58-41B0-97F6-A2B62DFA6886}.dll
C:\Users\Mourad\AppData\Local\temp\{611ED6F2-8979-4E2A-A1C1-2A79F37609C7}.dll
C:\Users\Mourad\AppData\Local\temp\{68274565-406E-4899-BA10-57B49B0938E6}.dll
C:\Users\Mourad\AppData\Local\temp\{7809F117-CDF2-4409-A93E-AB7373C682F3}.dll
C:\Users\Mourad\AppData\Local\temp\{88FC2B37-6B91-410F-B2ED-7243F146DB22}.dll
C:\Users\Mourad\AppData\Local\temp\{8D16B8E1-E29B-4F29-BECF-34B500DDB4C7}.dll
C:\Users\Mourad\AppData\Local\temp\{97971388-CCB2-4957-A963-69BE691083CF}.dll
C:\Users\Mourad\AppData\Local\temp\{9CA5960E-1352-48A7-8D55-38F282E81B21}.dll
C:\Users\Mourad\AppData\Local\temp\{9E982F0E-E0AD-4F8F-9E3C-5DBE05BCECAF}.dll
C:\Users\Mourad\AppData\Local\temp\{9F342BE0-435D-487F-B08A-0EC7E9D9D426}.dll
C:\Users\Mourad\AppData\Local\temp\{AB2B234A-A4F8-4A54-8C07-55E8D054B169}.dll
C:\Users\Mourad\AppData\Local\temp\{B48104F2-A33D-45B7-AA0F-5A87B0BCC320}.dll
C:\Users\Mourad\AppData\Local\temp\{BE433E5C-5218-48EF-B89E-AB0A40FC49A5}.dll
C:\Users\Mourad\AppData\Local\temp\{D6A8EDCD-61F4-4CA7-BC46-1015E6385161}.dll
C:\Users\Mourad\AppData\Local\temp\{E8A56A86-457F-4376-8C13-A30354490EEA}.dll
C:\Users\Mourad\AppData\Local\temp\{F01541A5-826B-4C96-A4D4-125643EFB184}.dll
C:\Users\Mourad\AppData\Local\temp\{FBDF62AC-C4BD-42D7-9909-4BFAB3314E88}.dll


==================== Bamital & volsnap =================

(Il n'y a pas de correction automatique pour les fichiers qui ne satisfont pas à la vérification.)

C:\Windows\system32\winlogon.exe => Le fichier est signé numériquement
C:\Windows\system32\wininit.exe => Le fichier est signé numériquement
C:\Windows\explorer.exe => Le fichier est signé numériquement
C:\Windows\SysWOW64\explorer.exe => Le fichier est signé numériquement
C:\Windows\system32\svchost.exe => Le fichier est signé numériquement
C:\Windows\SysWOW64\svchost.exe => Le fichier est signé numériquement
C:\Windows\system32\services.exe => Le fichier est signé numériquement
C:\Windows\system32\User32.dll => Le fichier est signé numériquement
C:\Windows\SysWOW64\User32.dll => Le fichier est signé numériquement
C:\Windows\system32\userinit.exe => Le fichier est signé numériquement
C:\Windows\SysWOW64\userinit.exe => Le fichier est signé numériquement
C:\Windows\system32\rpcss.dll => Le fichier est signé numériquement
C:\Windows\system32\dnsapi.dll => Le fichier est signé numériquement
C:\Windows\SysWOW64\dnsapi.dll => Le fichier est signé numériquement
C:\Windows\system32\Drivers\volsnap.sys => Le fichier est signé numériquement


LastRegBack: 2015-08-17 12:04

==================== Fin de journal ============================