Résultats d'analyse de  Farbar Recovery Scan Tool (FRST) (x86) Version:05-12-2015
Exécuté par nours52 (administrateur) sur NOURS52-PC (05-12-2015 18:58:19)
Exécuté depuis C:\Users\nours52\Downloads
Profils chargés: nours52 (Profils disponibles: nours52)
Platform: Microsoft Windows 7 Édition Familiale Premium  (X86) Langue: Français (France)
Internet Explorer Version 11 (Navigateur par défaut: IE)
Mode d'amorçage: Normal
Tutoriel pour Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processus (Avec liste blanche) =================

(Si un élément est inclus dans le fichier fixlist.txt, le processus sera arrêté. Le fichier ne sera pas déplacé.)

(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
(IBM Corp.) C:\Program Files\Trusteer\Rapport\bin\RapportMgmtService.exe
(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(pdfforge GmbH) C:\Program Files\PDF Architect 2\creator-ws.exe
() C:\Windows\runSW.exe
(TeamViewer GmbH) C:\Program Files\TeamViewer\Version7\TeamViewer_Service.exe
(Realtek) C:\Windows\SwUSB.exe
(Microsoft Corp.) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
() C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcAppFlt.exe
() C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcIp.exe
(Microsoft Corp.) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVCM.EXE
(IBM Corp.) C:\Program Files\Trusteer\Rapport\bin\RapportService.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Raid\nvraidservice.exe
(Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jusched.exe
(Advanced Micro Devices Inc.) C:\Program Files\AMD\ATI.ACE\Core-Static\MOM.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner.exe
(VoipConnect) C:\Program Files\VoipConnect.com\VoipConnect\voipconnect.exe
(Raptr, Inc) C:\Program Files\Raptr\raptr.exe
() C:\Program Files\TP-LINK\TP-LINK Wireless Configuration Utility\TWCU.exe
(Microsoft Corporation) C:\Windows\System32\wbem\unsecapp.exe
(Advanced Micro Devices Inc.) C:\Program Files\AMD\ATI.ACE\Core-Static\CCC.exe
(Raptr, Inc) C:\Program Files\Raptr\raptr_im.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(LINE Corporation) C:\Program Files\Naver\LINE\Line.exe
(LINE Corp) C:\Program Files\Naver\LINE\LinePlayer\LinePlayer.exe
(Microsoft Corporation) C:\Program Files\Windows Live\Mail\wlmail.exe
(Microsoft Corporation) C:\Program Files\Windows Live\Contacts\wlcomm.exe
(Malwarebytes) C:\Program Files\Malwarebytes Anti-Malware\mbam.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Eyeo GmbH) C:\Program Files\Adblock Plus for IE\AdblockPlusEngine.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe


==================== Registre (Avec liste blanche) ===========================

(Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé. Le fichier ne sera pas déplacé.)

HKLM\...\Run: [MSC] => c:\Program Files\Microsoft Security Client\msseces.exe [974432 2014-08-22] (Microsoft Corporation)
HKLM\...\Run: [Raptr] => C:\Program Files\Raptr\raptrstub.exe [56080 2015-12-02] (Raptr, Inc)
HKLM\...\Run: [NVRaidService] => C:\Program Files\NVIDIA Corporation\Raid\nvraidservice.exe [163944 2010-04-09] (NVIDIA Corporation)
HKLM\...\Run: [StartCCC] => C:\Program Files\AMD\ATI.ACE\Core-Static\x86\CLIStart.exe [748744 2015-08-04] (Advanced Micro Devices, Inc.)
HKLM\...\Run: [SunJavaUpdateSched] => C:\Program Files\Common Files\Java\Java Update\jusched.exe [596528 2015-11-09] (Oracle Corporation)
HKLM\...\RunOnce: [Toropecelof] => C:\Windows\system32\wscript.exe /E:vbscript /B "C:\Users\nours52\AppData\Local\2DE9E3~1\Copimo.dat"
HKLM\...\RunOnce: [Delafe] => C:\Windows\system32\wscript.exe /E:vbscript /B "C:\Users\nours52\AppData\Local\7B01AA~1\Molapa.dat"
HKU\S-1-5-21-1281696408-34496212-1937324486-1001\...\Run: [Secret Disk Maintance] => C:\Program Files\Secret Disk\net1.exe [512664 2015-11-19] (www.privacyroot.com)
HKU\S-1-5-21-1281696408-34496212-1937324486-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner.exe [6602152 2015-11-16] (Piriform Ltd)
HKU\S-1-5-21-1281696408-34496212-1937324486-1001\...\Run: [VoipConnect] => C:\Program Files\VoipConnect.com\VoipConnect\voipconnect.exe [32417376 2015-11-14] (VoipConnect)
HKU\S-1-5-21-1281696408-34496212-1937324486-1001\...\MountPoints2: {e7abd753-7d00-11e4-b7d6-001d927269d7} - E:\LaunchU3.exe -a
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\TP-LINK Wireless Configuration Utility.lnk [2015-12-04]
ShortcutTarget: TP-LINK Wireless Configuration Utility.lnk -> C:\Program Files\TP-LINK\TP-LINK Wireless Configuration Utility\TWCU.exe ()
GroupPolicy: Restriction - Chrome <======= ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Restriction <======= ATTENTION

==================== Internet (Avec liste blanche) ====================

(Si un élément est inclus dans le fichier fixlist.txt, s'il s'agit d'un élément du Registre, il sera supprimé ou restauré à la valeur par défaut.)

Tcpip\Parameters: [DhcpNameServer] 212.27.40.241 212.27.40.240
Tcpip\..\Interfaces\{46414B2F-FD5B-41CE-8CD5-EFDC532156BA}: [DhcpNameServer] 212.27.40.241 212.27.40.240
Tcpip\..\Interfaces\{7073DC32-2D44-496F-B631-2B231C704DEF}: [DhcpNameServer] 212.27.40.241 212.27.40.240
Tcpip\..\Interfaces\{72AB79E9-BD6B-4850-8F5A-72E9DC0BAF4B}: [DhcpNameServer] 212.27.40.241 212.27.40.240

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://google.fr
HKU\S-1-5-21-1281696408-34496212-1937324486-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://google.fr/
SearchScopes: HKLM -> {1b31c9d2-7135-442b-bb93-7c002172adc6} URL = 
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-21-1281696408-34496212-1937324486-1001 -> DefaultScope {20C30A92-62A6-430B-8ED7-46739AB5295F} URL = 
SearchScopes: HKU\S-1-5-21-1281696408-34496212-1937324486-1001 -> {1b31c9d2-7135-442b-bb93-7c002172adc6} URL = hxxps://www.google.com/search?q={searchTerms}
BHO: PDF Architect Helper -> {691B33B0-B86E-47F3-81C7-56E4FE3B929C} -> C:\Program Files\PDF Architect 2\creator-ie-helper.dll [2014-10-10] (pdfforge GmbH)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_66\bin\ssv.dll [2015-11-19] (Oracle Corporation)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17] (Microsoft Corp.)
BHO: Easy Photo Print -> {9421DD08-935F-4701-A9CA-22DF90AC4EA6} -> C:\Program Files\Epson Software\Easy Photo Print\EPTBL.dll [2011-01-26] (SEIKO EPSON CORPORATION)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_66\bin\jp2ssv.dll [2015-11-19] (Oracle Corporation)
BHO: Adblock Plus for IE Browser Helper Object -> {FFCB3198-32F3-4E8B-9539-4324694ED664} -> C:\Program Files\Adblock Plus for IE\AdblockPlus32.dll [2014-08-12] (Adblock Plus)
Toolbar: HKLM - Easy Photo Print - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files\Epson Software\Easy Photo Print\EPTBL.dll [2011-01-26] (SEIKO EPSON CORPORATION)
Toolbar: HKLM - PDF Architect Toolbar - {DEEB13D7-CEA9-45FB-B77C-E039BEC85221} - C:\Program Files\PDF Architect 2\creator-ie-plugin.dll [2014-10-10] (pdfforge GmbH)
StartMenuInternet: IEXPLORE.EXE - iexplore.exe

FireFox:
========
FF ProfilePath: C:\Users\nours52\AppData\Roaming\Mozilla\Firefox\Profiles\nn6v4sm1.default-1448083578042
FF NewTab: about:newtab
FF DefaultSearchEngine: Search Provided by Yahoo
FF Homepage: hxxp://www.google.fr/
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32_19_0_0_245.dll [2015-12-02] ()
FF Plugin: @java.com/DTPlugin,version=11.66.2 -> C:\Program Files\Java\jre1.8.0_66\bin\dtplugin\npDeployJava1.dll [2015-11-19] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.66.2 -> C:\Program Files\Java\jre1.8.0_66\bin\plugin2\npjp2.dll [2015-11-19] (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-13] ( Microsoft Corporation)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2015-09-30] (Adobe Systems Inc.)
FF Plugin: PDF Architect 2 -> C:\Program Files\PDF Architect 2\np-previewer.dll [2014-10-10] (pdfforge GmbH)
FF Extension: NoScript - C:\Users\nours52\AppData\Roaming\Mozilla\Firefox\Profiles\nn6v4sm1.default-1448083578042\extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi [2015-12-04]
FF Extension: uBlock Origin - C:\Users\nours52\AppData\Roaming\Mozilla\Firefox\Profiles\nn6v4sm1.default-1448083578042\Extensions\uBlock0@raymondhill.net.xpi [2015-12-04]
FF HKLM\...\Firefox\Extensions: [pdf_architect_2_conv@pdfarchitect.org] - C:\Program Files\PDF Architect 2\resources\pdfarchitect2firefoxextension
FF Extension: PDF Architect 2 Creator - C:\Program Files\PDF Architect 2\resources\pdfarchitect2firefoxextension [2015-01-14] [non signé]
StartMenuInternet: FIREFOX.EXE - firefox.exe

Chrome: 
=======
CHR StartupUrls: Default -> "hxxp://www.google.com"
		
CHR Profile: C:\Users\nours52\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Drive) - C:\Users\nours52\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-12-04]
CHR Extension: (YouTube) - C:\Users\nours52\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-12-04]
CHR Extension: (Recherche Google) - C:\Users\nours52\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-12-04]
CHR Extension: (Gmail) - C:\Users\nours52\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-12-04]
CHR HKLM\...\Chrome\Extension: [npdicihegicnhaangkdmcgbjceoemeoo] - hxxps://clients2.google.com/service/update2/crx
CHR HKU\S-1-5-21-1281696408-34496212-1937324486-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [bbjllphbppobebmjpjcijfbakobcheof] - hxxps://clients2.google.com/service/update2/crx

==================== Services (Avec liste blanche) ========================

(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)

R2 ForceWare Intelligent Application Manager (IAM); C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcAppFlt.exe [370792 2010-01-21] ()
S3 IDriverT; C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-04] (Macrovision Corporation) [Fichier non signé]
S4 MBAMScheduler; C:\Program Files\Malwarebytes Anti-Malware\mbamscheduler.exe [1513784 2015-10-05] (Malwarebytes)
S2 MBAMService; C:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe [1135416 2015-10-05] (Malwarebytes)
R2 MsMpSvc; c:\Program Files\Microsoft Security Client\MsMpEng.exe [22192 2014-08-22] (Microsoft Corporation)
S3 NisSrv; c:\Program Files\Microsoft Security Client\NisSrv.exe [288120 2014-08-22] (Microsoft Corporation)
R2 nSvcIp; C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcIp.exe [167528 2010-01-21] ()
S3 PDF Architect 2; C:\Program Files\PDF Architect 2\ws.exe [1771560 2014-10-10] (pdfforge GmbH)
R2 PDF Architect 2 Creator; C:\Program Files\PDF Architect 2\creator-ws.exe [738856 2014-10-10] (pdfforge GmbH)
S3 pdfforge CrashHandler; C:\Program Files\PDF Architect 2\crash-handler-ws.exe [861736 2014-10-10] (pdfforge GmbH)
R2 RapportMgmtService; C:\Program Files\Trusteer\Rapport\bin\RapportMgmtService.exe [2259224 2015-11-24] (IBM Corp.)
R2 RunSwUSB; C:\Windows\runSW.exe [48856 2015-03-19] ()
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [680960 2013-05-27] (Microsoft Corporation)

===================== Pilotes (Avec liste blanche) ==========================

(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)

R3 CompFilter; C:\Windows\System32\DRIVERS\lvbusflt.sys [19688 2012-09-21] (Logitech Inc.)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [23256 2015-10-05] (Malwarebytes)
R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [170200 2015-12-05] (Malwarebytes)
S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [51928 2015-10-05] (Malwarebytes Corporation)
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [231800 2014-07-17] (Microsoft Corporation)
R1 RapportCerberus_1507079; C:\ProgramData\Trusteer\Rapport\store\exts\RapportCerberus\baseline\RapportCerberus32_1507079.sys [558456 2015-12-05] (IBM Corp.)
R1 RapportEI; C:\Program Files\Trusteer\Rapport\bin\RapportEI.sys [294968 2015-11-24] (IBM Corp.)
R0 RapportHades; C:\Windows\System32\Drivers\RapportHades.sys [71384 2015-11-24] (IBM Corp.)
R0 RapportKELL; C:\Windows\System32\Drivers\RapportKELL.sys [224344 2015-11-24] (IBM Corp.)
R1 RapportPG; C:\Program Files\Trusteer\Rapport\bin\RapportPG.sys [352408 2015-11-24] (IBM Corp.)
S3 RtlWlanu; C:\Windows\System32\DRIVERS\rtwlanu.sys [2516696 2015-01-15] (Realtek Semiconductor Corporation                           )
R3 ubohci; C:\Windows\System32\DRIVERS\ubohci.sys [116736 2012-10-05] (Unibrain)
R2 ubsbm; C:\Windows\System32\DRIVERS\ubsbm.sys [17408 2012-10-05] (Unibrain)
R2 ubumapi; C:\Windows\System32\DRIVERS\ubumapi.sys [46592 2012-10-05] (Unibrain)
S3 dgderdrv; System32\drivers\dgderdrv.sys [X]

==================== NetSvcs (Avec liste blanche) ===================

(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)


==================== Un mois - Créés - fichiers et dossiers ========

(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)

2015-12-05 18:58 - 2015-12-05 18:58 - 00014794 _____ C:\Users\nours52\Downloads\FRST.txt
2015-12-05 18:57 - 2015-12-05 18:58 - 00000000 ____D C:\FRST
2015-12-05 18:57 - 2015-12-05 18:57 - 01719808 _____ (Farbar) C:\Users\nours52\Downloads\FRST.exe
2015-12-05 17:21 - 2015-12-05 17:21 - 00000732 _____ C:\Users\nours52\Desktop\AdwCleaner[S15].txt
2015-12-05 17:19 - 2015-12-05 17:19 - 00002043 _____ C:\Users\nours52\Desktop\ZHPCleaner - Raccourci.lnk
2015-12-05 17:18 - 2015-12-05 17:18 - 01736704 _____ C:\Users\nours52\Downloads\adwcleaner_5.023(4).exe
2015-12-05 06:17 - 2015-12-05 06:17 - 01736704 _____ C:\Users\nours52\Downloads\adwcleaner_5.023 (2).exe
2015-12-04 19:29 - 2015-12-04 19:29 - 01222889 _____ C:\Users\nours52\Downloads\(1) Facebook.htm
2015-12-04 19:29 - 2015-12-04 19:29 - 00000000 ____D C:\Users\nours52\Downloads\(1) Facebook_fichiers
2015-12-04 18:48 - 2015-12-04 18:48 - 03208000 _____ C:\Users\nours52\Downloads\IPCOCX_X(4).exe
2015-12-04 11:48 - 2015-12-04 11:49 - 00000000 ____D C:\Users\nours52\AppData\Roaming\TP-LINK
2015-12-04 11:47 - 2015-12-04 11:48 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TP-LINK
2015-12-04 11:47 - 2015-12-04 11:47 - 00002213 _____ C:\Users\Public\Desktop\TP-LINK Wireless Configuration Utility.lnk
2015-12-04 11:47 - 2015-12-04 11:47 - 00000000 ____D C:\Program Files\TP-LINK
2015-12-04 11:45 - 2015-03-17 06:33 - 00008994 _____ C:\Windows\system32\netrtwlanu.cat
2015-12-04 11:45 - 2015-01-16 10:52 - 00008100 _____ C:\Windows\system32\rtlCoInst.dat
2015-12-04 11:45 - 2015-01-15 14:00 - 02516696 _____ (Realtek Semiconductor Corporation ) C:\Windows\system32\rtwlanu.sys
2015-12-04 11:45 - 2015-01-15 14:00 - 02516696 _____ (Realtek Semiconductor Corporation ) C:\Windows\system32\Drivers\RTWlanU.sys
2015-12-04 11:45 - 2015-01-15 14:00 - 00017112 _____ (Windows (R) 2000 DDK provider) C:\Windows\system32\rtlCoInst.dll
2015-12-04 11:44 - 2015-03-19 08:41 - 00454360 _____ (Realtek) C:\Windows\SwUSB.exe
2015-12-04 11:44 - 2015-03-19 08:41 - 00048856 _____ () C:\Windows\runSW.exe
2015-12-04 11:42 - 2015-12-04 11:46 - 00000000 ____D C:\ProgramData\TP-LINK
2015-12-04 10:08 - 2015-12-04 10:08 - 01979392 _____ C:\Users\nours52\Downloads\ZHPDiag3(1).exe
2015-12-04 08:50 - 2015-12-04 08:50 - 01736704 _____ C:\Users\nours52\Downloads\adwcleaner_5.023 (1).exe
2015-12-03 21:16 - 2015-12-03 21:16 - 03208000 _____ C:\Users\nours52\Downloads\IPCOCX_X(3).exe
2015-12-03 21:14 - 2015-12-03 21:14 - 03208000 _____ C:\Users\nours52\Downloads\IPCOCX_X(2).exe
2015-12-03 21:13 - 2015-12-03 21:13 - 01736704 _____ C:\Users\nours52\Downloads\adwcleaner_5.023(3).exe
2015-12-03 16:54 - 2015-12-03 16:54 - 01979392 _____ C:\Users\nours52\Downloads\ZHPDiag3.exe
2015-12-02 21:35 - 2015-12-02 21:35 - 01736704 _____ C:\Users\nours52\Downloads\adwcleaner_5.023(2).exe
2015-12-02 19:59 - 2015-12-02 20:00 - 03208000 _____ C:\Users\nours52\Downloads\IPCOCX_X(1).exe
2015-12-02 19:56 - 2015-12-02 19:56 - 03208000 _____ C:\Users\nours52\Downloads\IPCOCX_X.exe
2015-12-02 08:55 - 2015-12-02 08:55 - 00000230 _____ C:\Users\nours52\Desktop\Patlayboys.URL
2015-12-01 22:25 - 2015-12-01 23:16 - 1258291200 _____ C:\Users\nours52\Downloads\Le Grand Raid - Zone-Telechargement.com.part1.rar
2015-12-01 22:13 - 2015-12-01 23:09 - 1499032636 _____ C:\Users\nours52\Downloads\Miasto.44.2014.FRENCH.BDRip.XviD-ViVi.zone-telechargement.com.avi
2015-12-01 19:17 - 2015-12-01 19:17 - 01736704 _____ C:\Users\nours52\Downloads\adwcleaner_5.023(1).exe
2015-12-01 19:16 - 2015-12-01 19:16 - 00002278 _____ C:\Users\nours52\Downloads\adwcleaner_5.023.exe
2015-11-30 19:19 - 2015-11-30 19:20 - 42829656 _____ C:\Users\nours52\Downloads\Firefox Setup 41.0.2.exe
2015-11-30 18:07 - 2015-11-30 18:07 - 00000000 ____D C:\Record
2015-11-30 15:30 - 2015-11-30 15:30 - 00000208 _____ C:\Users\nours52\Desktop\IP Camera.url
2015-11-30 08:45 - 2015-11-30 08:45 - 01733632 _____ C:\Users\nours52\Downloads\AdwCleaner-5.022(3).exe
2015-11-30 06:29 - 2015-11-30 20:40 - 00000000 ____D C:\Users\nours52\Desktop\CAMERA SURVEILLANCE
2015-11-29 23:10 - 2015-11-29 23:10 - 01733632 _____ C:\Users\nours52\Downloads\AdwCleaner-5.022(2).exe
2015-11-29 22:38 - 2015-11-29 22:38 - 01733632 _____ C:\Users\nours52\Downloads\AdwCleaner-5.022(1).exe
2015-11-29 22:32 - 2015-11-29 22:32 - 01733632 _____ C:\Users\nours52\Downloads\AdwCleaner-5.022.exe
2015-11-29 13:55 - 2015-11-29 14:02 - 287496950 _____ C:\Users\nours52\Downloads\20151128_095428.mp4
2015-11-29 10:44 - 2015-12-05 16:28 - 00000000 ____D C:\Users\nours52\AppData\LocalLow\Adblock Plus for IE
2015-11-29 10:44 - 2015-11-29 10:44 - 00000000 ____D C:\Program Files\Adblock Plus for IE
2015-11-29 10:42 - 2015-11-29 10:42 - 05952624 _____ ( ) C:\Users\nours52\Downloads\adblock-plus-for-internet-explorer-1-2-en-win.exe
2015-11-29 10:09 - 2015-11-29 10:10 - 00000000 ____D C:\Users\nours52\Desktop\SITES DE VENTES
2015-11-29 08:16 - 2015-11-29 08:16 - 00000193 _____ C:\Windows\WORDPAD.INI
2015-11-29 08:11 - 2015-11-29 08:11 - 00000277 _____ C:\Users\nours52\Desktop\Les Clés de la Banque Informations pratiques sur la banque et l'argent - Espace Particuliers    .URL
2015-11-28 18:52 - 2015-11-28 18:52 - 06801752 _____ (Piriform Ltd) C:\Users\nours52\Downloads\ccsetup512.exe
2015-11-28 18:36 - 2015-11-28 18:36 - 00000000 ____D C:\Users\nours52\Desktop\TOUS PROGRAMMES
2015-11-28 17:35 - 2015-11-28 17:36 - 05952624 _____ ( ) C:\Users\nours52\Downloads\adblockplusie-1.2.exe
2015-11-28 17:34 - 2015-11-28 17:34 - 05915456 _____ ( ) C:\Users\nours52\Downloads\adblockplusie-1.3.exe
2015-11-28 08:28 - 2015-11-28 08:28 - 00000000 ___HD C:\Users\nours52\AppData\Local\7b01aaf652e7b2d2
2015-11-27 08:54 - 2015-11-27 08:54 - 00000000 ____D C:\Capture
2015-11-27 06:28 - 2015-11-29 23:07 - 00000000 ____D C:\Users\nours52\AppData\Local\OppositelySorted
2015-11-26 20:09 - 2015-11-26 20:09 - 00000168 _____ C:\Users\nours52\Desktop\Vivabuzz Accueil.url
2015-11-26 07:11 - 2015-12-04 18:49 - 00000000 ____D C:\Windows\Netview_X OCX
2015-11-26 07:11 - 2015-12-04 18:49 - 00000000 ____D C:\Users\nours52\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Netview_X OCX
2015-11-26 07:11 - 2015-11-26 07:11 - 00000000 ____D C:\Program Files\NetviewX
2015-11-25 06:05 - 2015-11-25 06:05 - 00009989 _____ C:\Users\nours52\Documents\SysConfig.conf
2015-11-24 16:27 - 2015-11-24 16:27 - 00224344 _____ (IBM Corp.) C:\Windows\system32\Drivers\RapportKELL.sys
2015-11-24 16:27 - 2015-11-24 16:27 - 00071384 _____ (IBM Corp.) C:\Windows\system32\Drivers\RapportHades.sys
2015-11-24 16:12 - 2015-11-24 16:12 - 00000242 _____ C:\Users\nours52\Desktop\Espace abonné Freebox.url
2015-11-24 06:48 - 2015-11-24 06:48 - 00000000 ____D C:\Recovered data 11-24-2015 at 06_48_05
2015-11-22 23:17 - 2015-11-22 23:17 - 00000267 _____ C:\Users\nours52\Desktop\Pink Floyd - Wish You Were Here Lyrics MetroLyrics.URL
2015-11-22 20:49 - 2015-11-22 20:50 - 00000000 ____D C:\Users\nours52\Desktop\APPRENDRE LE THAI
2015-11-22 07:17 - 2015-11-22 08:17 - 00000000 ____D C:\Users\nours52\AppData\Local\{2250140C-06F8-78B4-6B60-5D5C4F08A1C4}
2015-11-21 17:01 - 2015-11-21 17:01 - 00000224 _____ C:\Users\nours52\Desktop\Les meilleures vidéos insolite du Web Accueil.url
2015-11-21 05:15 - 2015-11-21 05:15 - 00000000 ___HD C:\Users\nours52\AppData\Local\2de9e3a650274c40
2015-11-20 17:03 - 2015-11-20 17:03 - 00001132 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 7.lnk
2015-11-20 17:03 - 2015-11-20 17:03 - 00000000 ____D C:\Users\nours52\temp
2015-11-20 17:03 - 2015-11-20 17:03 - 00000000 ____D C:\Program Files\TeamViewer
2015-11-20 15:45 - 2015-11-20 15:45 - 00000000 ____D C:\CMS
2015-11-20 15:27 - 2015-11-26 14:54 - 00000000 ____D C:\Program Files\HeroSpeedCMS
2015-11-20 15:27 - 2015-11-20 15:44 - 00000000 ____D C:\Windows\Netview Pad OCX
2015-11-20 15:27 - 2015-11-20 15:44 - 00000000 ____D C:\Users\nours52\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Netview Pad OCX
2015-11-20 15:27 - 2015-11-20 15:44 - 00000000 ____D C:\Users\nours52\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\HeroSpeedCMS
2015-11-20 15:27 - 2015-11-20 15:27 - 00000000 ____D C:\Program Files\NetviewPad
2015-11-20 14:14 - 2015-11-20 14:14 - 00000000 ____D C:\Users\nours52\AppData\Local\videocapture
2015-11-20 14:13 - 2015-11-20 14:13 - 00000000 ____D C:\Users\nours52\AppData\Local\Movavi
2015-11-20 14:12 - 2015-11-20 14:12 - 00000000 ____D C:\Users\nours52\AppData\Roaming\AMD
2015-11-20 14:12 - 2015-11-20 14:12 - 00000000 ____D C:\Users\nours52\AppData\Local\VideoEditor
2015-11-20 14:09 - 2015-11-20 14:22 - 00000000 ____D C:\ProgramData\Movavi Video Editor 11
2015-11-20 14:09 - 2015-11-20 14:09 - 00004943 _____ C:\ProgramData\rxsmznjf.zcp
2015-11-20 14:06 - 2015-11-20 14:07 - 69242096 _____ (Movavi) C:\Users\nours52\Downloads\MovaviVideoEditorSetupF.exe
2015-11-19 20:37 - 2015-11-19 20:37 - 00000000 ____D C:\Program Files\Common Files\Java
2015-11-19 14:24 - 2015-11-19 14:25 - 00000000 ____D C:\Users\nours52\Documents\CONTROLE FOIE REIN ETC
2015-11-19 08:08 - 2015-11-19 08:08 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Secret Disk
2015-11-18 17:36 - 2015-11-21 06:59 - 00000000 ____D C:\Program Files\Recuva
2015-11-18 17:36 - 2015-11-18 17:36 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Recuva
2015-11-18 17:35 - 2015-11-18 17:35 - 04426120 _____ (Piriform Ltd) C:\Users\nours52\Downloads\rcsetup152.exe
2015-11-18 16:50 - 2015-12-01 18:50 - 00021504 ___SH C:\Users\nours52\Thumbs.db
2015-11-18 16:39 - 2015-11-27 15:39 - 00000000 ____D C:\Users\nours52\Documents\TOUT MUTUELLES
2015-11-17 06:29 - 2015-11-17 06:29 - 01844409 _____ C:\Users\nours52\Downloads\cerfa_14881-01.pdf
2015-11-16 15:53 - 2015-12-05 13:08 - 01908224 _____ C:\Users\nours52\ZHPCleaner.exe
2015-11-16 15:25 - 2015-11-16 15:25 - 00444240 _____ C:\Users\nours52\Downloads\pnac_install.exe
2015-11-16 15:19 - 2015-11-16 15:25 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\IncrediMail
2015-11-16 15:19 - 2015-11-16 15:19 - 00001995 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\IncrediMail.lnk
2015-11-16 15:19 - 2015-11-16 15:19 - 00001983 _____ C:\Users\Public\Desktop\IncrediMail.lnk
2015-11-16 15:19 - 2015-11-16 15:19 - 00000000 ____D C:\ProgramData\IncrediMail
2015-11-16 15:17 - 2015-11-16 15:17 - 13045672 _____ C:\Users\nours52\Downloads\IncrediMailSetup_fr(2).exe
2015-11-15 15:47 - 2015-11-15 15:47 - 00362088 _____ C:\Users\nours52\Downloads\im_dict_fr(1).exe
2015-11-15 15:45 - 2015-11-15 15:45 - 00362088 _____ C:\Users\nours52\Downloads\im_dict_fr.exe
2015-11-15 15:41 - 2015-11-15 15:41 - 13045672 _____ C:\Users\nours52\Downloads\IncrediMailSetup_fr(1).exe
2015-11-15 06:54 - 2015-11-15 06:54 - 00000224 _____ C:\Users\nours52\Desktop\Moto GP 2015.URL
2015-11-15 06:36 - 2015-12-04 11:48 - 00000438 _____ C:\Windows\system32\Drivers\etc\hosts.ics
2015-11-15 06:28 - 2015-11-15 06:30 - 00009728 ___SH C:\Users\nours52\Documents\Thumbs.db
2015-11-15 06:16 - 2015-11-15 06:16 - 00163797 _____ C:\Users\nours52\Downloads\Depart a la retraite.pdf
2015-11-15 05:52 - 2015-11-15 05:52 - 00000231 _____ C:\Users\nours52\Desktop\www.Egepargne.com Mon compte Natixis Interépargne.URL
2015-11-14 19:25 - 2015-11-14 19:25 - 00000000 ____D C:\Users\nours52\Documents\JUGEMENT divorce 21 jUILLET 1981
2015-11-14 18:57 - 2015-11-14 18:57 - 00000000 ____D C:\Users\nours52\AppData\Local\CEF
2015-11-14 18:43 - 2015-11-14 18:43 - 00000970 _____ C:\Users\Public\Desktop\DriversCloud.com - Démarrer la détection.lnk
2015-11-14 18:43 - 2015-11-14 18:43 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DriversCloud.com
2015-11-14 18:43 - 2015-11-14 18:43 - 00000000 ____D C:\ProgramData\DriversCloud.com
2015-11-14 18:43 - 2015-11-14 18:43 - 00000000 ____D C:\Program Files\DriversCloud.com
2015-11-14 18:06 - 2015-12-05 13:15 - 00000000 ____D C:\Users\nours52\AppData\Roaming\ZHP
2015-11-14 18:06 - 2015-12-05 13:09 - 00000834 _____ C:\Users\nours52\Desktop\ZHPCleaner.lnk
2015-11-14 18:06 - 2015-11-14 18:06 - 01876992 _____ C:\Users\nours52\Downloads\ZHPCleaner.exe
2015-11-14 14:19 - 2015-11-14 14:19 - 06762072 _____ (Piriform Ltd) C:\Users\nours52\Downloads\ccsetup511.exe
2015-11-14 13:58 - 2015-11-14 13:58 - 00001404 _____ C:\Users\nours52\Desktop\Windows Live Mail.lnk
2015-11-14 13:56 - 2015-11-14 13:56 - 01290600 _____ (Microsoft Corporation) C:\Users\nours52\Downloads\wlsetup-web.exe
2015-11-14 12:10 - 2015-11-16 15:19 - 00000000 ____D C:\Program Files\IncrediMail
2015-11-14 12:10 - 2015-11-14 12:10 - 00000000 ____D C:\ProgramData\Photo Notifier and Animation Creator
2015-11-14 12:10 - 2015-11-14 12:10 - 00000000 ____D C:\Program Files\Photo Notifier and Animation Creator
2015-11-14 12:08 - 2015-11-14 12:08 - 00491784 _____ C:\Users\nours52\Downloads\incredimail_install.exe
2015-11-14 12:04 - 2015-11-28 07:49 - 00002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2015-11-14 11:56 - 2015-11-14 11:56 - 13045672 _____ C:\Users\nours52\Downloads\IncrediMailSetup_fr.exe
2015-11-14 11:42 - 2015-11-14 11:42 - 00000000 ____D C:\Users\nours52\AppData\LocalLow\Yahoo
2015-11-14 11:42 - 2015-11-14 11:42 - 00000000 ____D C:\Program Files\Yahoo!
2015-11-14 05:35 - 2015-11-19 20:37 - 00000000 ____D C:\Users\nours52\.oracle_jre_usage
2015-11-14 05:35 - 2015-11-14 05:35 - 00000000 ____D C:\Users\nours52\AppData\Roaming\Sun
2015-11-14 04:09 - 2015-11-14 04:09 - 00243992 _____ C:\Users\nours52\Downloads\Firefox Setup Stub 42.0.exe
2015-11-14 03:57 - 2015-11-14 03:57 - 00000000 ____D C:\ProgramData\ATI
2015-11-14 03:56 - 2015-11-14 03:56 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Catalyst Control Center
2015-11-14 03:46 - 2015-11-28 08:28 - 00000176 _____ C:\Users\nours52\AppData\Roaming\WB.CFG

==================== Un mois - Modifiés - fichiers et dossiers ========

(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)

2015-12-05 18:57 - 2009-07-14 03:37 - 00000000 ____D C:\Windows
2015-12-05 18:56 - 2014-12-04 14:23 - 00001002 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-12-05 18:46 - 2015-05-14 08:46 - 00000336 _____ C:\Windows\Tasks\Chromium.job
2015-12-05 18:22 - 2014-12-13 12:59 - 00000000 ____D C:\Users\nours52\AppData\Roaming\Raptr
2015-12-05 17:18 - 2015-01-13 22:16 - 00000000 ____D C:\AdwCleaner
2015-12-05 13:29 - 2011-04-12 02:35 - 00747518 _____ C:\Windows\system32\perfh00C.dat
2015-12-05 13:29 - 2011-04-12 02:35 - 00150042 _____ C:\Windows\system32\perfc00C.dat
2015-12-05 13:29 - 2010-11-20 22:01 - 01669052 _____ C:\Windows\system32\PerfStringBackup.INI
2015-12-05 13:29 - 2009-07-14 03:37 - 00000000 ____D C:\Windows\inf
2015-12-05 13:09 - 2014-12-04 16:33 - 00170200 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-12-05 13:08 - 2014-12-04 13:04 - 00000000 ____D C:\Users\nours52
2015-12-05 09:35 - 2009-07-14 05:34 - 00028112 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-12-05 09:35 - 2009-07-14 05:34 - 00028112 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-12-05 06:21 - 2009-07-14 05:53 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2015-12-05 05:52 - 2014-12-10 08:30 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Trusteer Sécurité des points d'accès
2015-12-05 05:51 - 2009-07-14 05:53 - 00032484 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2015-12-04 11:47 - 2014-12-04 15:21 - 00000000 ___HD C:\Program Files\InstallShield Installation Information
2015-12-04 08:23 - 2014-12-06 05:45 - 00000000 ____D C:\Users\nours52\AppData\Local\ElevatedDiagnostics
2015-12-02 21:59 - 2014-12-13 12:59 - 00000000 ____D C:\Program Files\Raptr
2015-12-02 18:49 - 2014-12-04 14:23 - 00780488 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
2015-12-02 18:49 - 2014-12-04 14:23 - 00142536 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl
2015-12-02 18:49 - 2014-12-04 14:23 - 00000000 ____D C:\Users\nours52\AppData\Local\Adobe
2015-11-30 19:21 - 2014-12-04 14:06 - 00000000 ____D C:\Program Files\Mozilla Firefox
2015-11-30 06:33 - 2014-12-17 14:00 - 00000000 ____D C:\Users\nours52\Documents\CAMERA DE SURVEILLANCE
2015-11-29 23:09 - 2015-01-14 10:12 - 00000000 ____D C:\Windows\Sun
2015-11-28 18:53 - 2014-12-04 16:37 - 00000965 _____ C:\Users\Public\Desktop\CCleaner.lnk
2015-11-26 20:03 - 2014-12-07 09:27 - 00000000 ____D C:\Users\nours52\AppData\Local\Windows Live Writer
2015-11-24 20:12 - 2009-07-14 03:37 - 00000000 ____D C:\Windows\system32\NDF
2015-11-23 08:35 - 2014-12-04 18:53 - 00000000 ____D C:\Users\nours52\AppData\Roaming\VoipConnect
2015-11-22 07:17 - 2015-05-14 09:28 - 00000290 __RSH C:\ProgramData\ntuser.pol
2015-11-22 07:17 - 2014-12-04 14:06 - 00001105 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk
2015-11-22 07:17 - 2014-12-04 14:04 - 00001130 _____ C:\Users\nours52\Desktop\Internet Explorer.lnk
2015-11-22 07:17 - 2009-07-14 03:37 - 00000000 ___HD C:\Windows\system32\GroupPolicy
2015-11-21 07:18 - 2009-07-14 05:52 - 00000000 ____D C:\Windows\Downloaded Program Files
2015-11-19 20:39 - 2015-01-14 10:10 - 00000000 ____D C:\ProgramData\Oracle
2015-11-19 20:38 - 2015-01-14 10:10 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2015-11-19 20:38 - 2015-01-14 10:10 - 00000000 ____D C:\Program Files\Java
2015-11-19 20:37 - 2015-01-14 10:11 - 00095840 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge.dll
2015-11-19 08:08 - 2014-12-05 07:51 - 00000000 ____D C:\Program Files\Secret Disk
2015-11-18 13:42 - 2014-12-04 18:06 - 00001021 _____ C:\ProgramData\Microsoft\Windows\Start Menu\LINE.lnk
2015-11-18 13:42 - 2014-12-04 18:06 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LINE
2015-11-17 06:00 - 2014-12-14 11:58 - 00000000 ____D C:\Users\nours52\Documents\Manuel Dashcam
2015-11-16 15:20 - 2014-12-04 19:14 - 00000000 ____D C:\Users\nours52\AppData\Local\IM
2015-11-16 15:19 - 2009-07-14 05:52 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2015-11-15 07:26 - 2014-12-06 06:19 - 00000000 ____D C:\Users\nours52\Documents\vrac
2015-11-15 07:21 - 2014-12-07 09:27 - 00000000 ____D C:\Users\nours52\AppData\Roaming\Windows Live Writer
2015-11-15 05:14 - 2014-12-04 18:15 - 00000000 ____D C:\Users\nours52\AppData\Local\Windows Live
2015-11-14 18:43 - 2014-12-13 11:28 - 00000000 ____D C:\ProgramData\ma-config.com
2015-11-14 18:43 - 2014-12-13 11:28 - 00000000 ____D C:\Program Files\ma-config.com
2015-11-14 18:41 - 2015-01-14 08:21 - 00000000 ____D C:\Program Files\PDFCreator
2015-11-14 18:41 - 2014-12-04 18:31 - 00000000 ____D C:\Users\nours52\Tracing
2015-11-14 18:38 - 2009-07-14 03:37 - 00000000 ____D C:\Windows\registration
2015-11-14 18:16 - 2014-12-04 16:30 - 00001060 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2015-11-14 18:16 - 2014-12-04 16:30 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2015-11-14 18:16 - 2014-12-04 16:30 - 00000000 ____D C:\Program Files\Malwarebytes Anti-Malware
2015-11-14 12:04 - 2014-12-17 14:25 - 00000000 ____D C:\Program Files\Common Files\Adobe
2015-11-14 12:04 - 2014-12-04 19:44 - 00000000 ____D C:\ProgramData\Adobe
2015-11-14 12:04 - 2014-12-04 19:44 - 00000000 ____D C:\Program Files\Adobe
2015-11-14 12:00 - 2014-12-04 14:06 - 00000000 ____D C:\Program Files\Mozilla Maintenance Service
2015-11-14 04:11 - 2014-12-04 14:06 - 00001117 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2015-11-14 03:53 - 2014-12-13 12:51 - 00000000 ____D C:\Program Files\AMD
2015-11-14 03:51 - 2014-12-13 12:50 - 00000000 ____D C:\AMD

==================== Fichiers à la racine de certains dossiers =======

2014-12-15 21:09 - 2014-12-15 21:09 - 0000000 _____ () C:\Users\nours52\AppData\Roaming\FAP11E5.tmp
2014-12-15 21:09 - 2014-12-15 21:09 - 0000000 _____ () C:\Users\nours52\AppData\Roaming\FAP14B6.tmp
2014-12-15 21:09 - 2014-12-15 21:09 - 0000000 _____ () C:\Users\nours52\AppData\Roaming\FAP1555.tmp
2014-12-15 21:09 - 2014-12-15 21:09 - 0000000 _____ () C:\Users\nours52\AppData\Roaming\FAP15B5.tmp
2014-12-15 21:09 - 2014-12-15 21:09 - 0000000 _____ () C:\Users\nours52\AppData\Roaming\FAP1616.tmp
2014-12-15 21:22 - 2014-12-15 21:22 - 0000000 _____ () C:\Users\nours52\AppData\Roaming\FAP3453.tmp
2014-12-15 21:22 - 2014-12-15 21:22 - 0000000 _____ () C:\Users\nours52\AppData\Roaming\FAP3511.tmp
2014-12-15 21:22 - 2014-12-15 21:22 - 0000000 _____ () C:\Users\nours52\AppData\Roaming\FAP3572.tmp
2014-12-15 21:22 - 2014-12-15 21:22 - 0000000 _____ () C:\Users\nours52\AppData\Roaming\FAP35E2.tmp
2014-12-15 21:22 - 2014-12-15 21:22 - 0000000 _____ () C:\Users\nours52\AppData\Roaming\FAP3643.tmp
2014-09-03 22:36 - 2014-09-03 22:36 - 0001248 _____ () C:\Users\nours52\AppData\Roaming\MVVDSGW
2014-09-03 22:36 - 2014-09-03 22:36 - 0002086 _____ () C:\Users\nours52\AppData\Roaming\RSA
2015-11-14 03:46 - 2015-11-28 08:28 - 0000176 _____ () C:\Users\nours52\AppData\Roaming\WB.CFG
2014-12-04 20:05 - 2014-12-04 20:05 - 0003584 _____ () C:\Users\nours52\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2014-12-10 14:02 - 2014-12-10 14:03 - 0007611 _____ () C:\Users\nours52\AppData\Local\resmon.resmoncfg
2014-12-10 09:16 - 2014-12-10 09:16 - 0005054 _____ () C:\ProgramData\mtbjfghn.xbe
2015-11-20 14:09 - 2015-11-20 14:09 - 0004943 _____ () C:\ProgramData\rxsmznjf.zcp

Fichiers à déplacer ou supprimer:
====================
C:\Users\nours52\ZHPCleaner.exe


==================== Bamital & volsnap =================

(Il n'y a pas de correction automatique pour les fichiers qui ne satisfont pas à la vérification.)

C:\Windows\explorer.exe => Le fichier est signé numériquement
C:\Windows\system32\winlogon.exe => Le fichier est signé numériquement
C:\Windows\system32\wininit.exe => Le fichier est signé numériquement
C:\Windows\system32\svchost.exe => Le fichier est signé numériquement
C:\Windows\system32\services.exe => Le fichier est signé numériquement
C:\Windows\system32\User32.dll => Le fichier est signé numériquement
C:\Windows\system32\userinit.exe => Le fichier est signé numériquement
C:\Windows\system32\rpcss.dll => Le fichier est signé numériquement
C:\Windows\system32\dnsapi.dll => Le fichier est signé numériquement
C:\Windows\system32\Drivers\volsnap.sys => Le fichier est signé numériquement


LastRegBack: 2015-11-30 13:25

==================== Fin de FRST.txt ============================