Résultats d'analyse de  Farbar Recovery Scan Tool (FRST) (x86) Version: 27-07-2016
Exécuté par admin (administrateur) sur SERVAF (29-07-2016 09:40:01)
Exécuté depuis C:\Users\admin\Desktop
Profils chargés: admin (Profils disponibles: admin & UpdatusUser)
Platform: Microsoft Windows 7 Édition Intégrale  Service Pack 1 (X86) Langue: Français (France)
Internet Explorer Version 11 (Navigateur par défaut: FF)
Mode d'amorçage: Normal
Tutoriel pour Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processus (Avec liste blanche) =================

(Si un élément est inclus dans le fichier fixlist.txt, le processus sera arrêté. Le fichier ne sera pas déplacé.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Microsoft Corporation) C:\Windows\System32\LogonUI.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(EVANGEL TECHNOLOGY (HK) LIMITED) C:\Program Files\Uncheckit\cktSvc.exe
(CybelSoft) C:\Program Files\ma-config.com\MaConfigAgent.exe
(EVANGEL TECHNOLOGY (HK) LIMITED) C:\Program Files\Uncheckit\UncheckitSvc.exe
() C:\ProgramData\Guntony\protect\protect.exe
(Elex do Brasil Participações Ltda) C:\Program Files\Elex-tech\YAC\iSafeSvc.exe
(Elex do Brasil Participações Ltda) C:\Program Files\Elex-tech\YAC\iSafeSvc2.exe
(Microsoft Corporation) C:\Windows\System32\rdpclip.exe
(EVANGEL TECHNOLOGY (HK) LIMITED) C:\Program Files\Uncheckit\UncheckitBsn.exe
(BitTorrent Inc.) C:\Users\admin\AppData\Roaming\uTorrent\uTorrent.exe
(Elex do Brasil Participações Ltda) C:\Program Files\Elex-tech\YAC\iSafeTray.exe
(BitTorrent Inc.) C:\Users\admin\AppData\Roaming\uTorrent\updates\3.4.7_42330\utorrentie.exe
(BitTorrent Inc.) C:\Users\admin\AppData\Roaming\uTorrent\updates\3.4.7_42330\utorrentie.exe
() C:\Program Files\WinSaber\WinSaber.exe
(ExWzp Pvt Ltd.) C:\Program Files\WinZipper\winzipersvc.exe
() C:\Program Files\Firefox\bin\FirefoxUpdate.exe
() C:\Program Files\Firefox\bin\FirefoxCommand.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner.exe
(Microsoft Corporation) C:\Windows\System32\UI0Detect.exe
() C:\Program Files\Safejumper\safejumper.exe
(The OpenVPN Project) C:\Program Files\OpenVPN\bin\openvpn.exe
(Mozilla Corporation) C:\Program Files\Firefox\Firefox.exe


==================== Registre (Avec liste blanche) ===========================

(Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé. Le fichier ne sera pas déplacé.)

HKLM\...\Run: [proxy_sh] => C:\Program Files\Safejumper\safejumper.exe [1851904 2015-12-31] ()
HKU\S-1-5-21-134549537-2189254231-3257418806-1000\...\Run: [uTorrent] => C:\Users\admin\AppData\Roaming\uTorrent\updates\3.4.7_42330.exe [2133504 2016-05-20] (BitTorrent Inc.)

==================== Internet (Avec liste blanche) ====================

(Si un élément est inclus dans le fichier fixlist.txt, s'il s'agit d'un élément du Registre, il sera supprimé ou restauré à la valeur par défaut.)

Hosts: Il y a plus d'un élément dans hosts. Voir la section Hosts de Addition.txt
Tcpip\Parameters: [DhcpNameServer] 146.185.134.104 192.241.172.159 8.8.8.8 8.8.4.4
Tcpip\..\Interfaces\{6932314B-3218-49CC-A947-1D339F2369C2}: [DhcpNameServer] 146.185.134.104 192.241.172.159 8.8.8.8 8.8.4.4
Tcpip\..\Interfaces\{A0D603B7-59F4-4832-A2A6-0829D39F87A3}: [NameServer] 192.168.0.254

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://v9.com?type=hp&ts=1450260174&from=mych123&uid=samsungxssdx840xevox250gb_s1dbnsbf440848r&z=e7f4d158c453d277db583d5gczfwae3odqae6gem0e
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://search.delta-homes.com/web/?type=ds&ts=1418366444&from=wpm12123&uid=ST2000DM001-1CH164_W1E6SJGWXXXXW1E6SJGW&q={searchTerms}
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://v9.com?type=hp&ts=1450260174&from=mych123&uid=samsungxssdx840xevox250gb_s1dbnsbf440848r&z=e7f4d158c453d277db583d5gczfwae3odqae6gem0e
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = www.google.com
HKU\S-1-5-19\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://v9.com?type=hp&ts=1450260174&from=mych123&uid=samsungxssdx840xevox250gb_s1dbnsbf440848r&z=e7f4d158c453d277db583d5gczfwae3odqae6gem0e
HKU\S-1-5-19\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://v9.com?type=hp&ts=1450260174&from=mych123&uid=samsungxssdx840xevox250gb_s1dbnsbf440848r&z=e7f4d158c453d277db583d5gczfwae3odqae6gem0e
HKU\S-1-5-20\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://v9.com?type=hp&ts=1450260174&from=mych123&uid=samsungxssdx840xevox250gb_s1dbnsbf440848r&z=e7f4d158c453d277db583d5gczfwae3odqae6gem0e
HKU\S-1-5-20\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://v9.com?type=hp&ts=1450260174&from=mych123&uid=samsungxssdx840xevox250gb_s1dbnsbf440848r&z=e7f4d158c453d277db583d5gczfwae3odqae6gem0e
HKU\S-1-5-21-134549537-2189254231-3257418806-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://v9.com?type=hp&ts=1450260174&from=mych123&uid=samsungxssdx840xevox250gb_s1dbnsbf440848r&z=e7f4d158c453d277db583d5gczfwae3odqae6gem0e
HKU\S-1-5-21-134549537-2189254231-3257418806-1000\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://fr.msn.com/
HKU\S-1-5-21-134549537-2189254231-3257418806-1000\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://v9.com?type=hp&ts=1450260174&from=mych123&uid=samsungxssdx840xevox250gb_s1dbnsbf440848r&z=e7f4d158c453d277db583d5gczfwae3odqae6gem0e
SearchScopes: HKLM -> DefaultScope {425ED333-6083-428a-92C9-0CFC28B9D1BF} URL = hxxp://v9.com/web?type=ds&ts=1450260174&from=zzgbkk123&uid=samsungxssdx840xevox250gb_s1dbnsbf440848r&z=e7f4d158c453d277db583d5gczfwae3odqae6gem0e&q={searchTerms}
SearchScopes: HKLM -> {425ED333-6083-428a-92C9-0CFC28B9D1BF} URL = hxxp://v9.com/web?type=ds&ts=1450260174&from=zzgbkk123&uid=samsungxssdx840xevox250gb_s1dbnsbf440848r&z=e7f4d158c453d277db583d5gczfwae3odqae6gem0e&q={searchTerms}
SearchScopes: HKU\.DEFAULT -> DefaultScope {425ED333-6083-428a-92C9-0CFC28B9D1BF} URL = hxxp://v9.com/web?type=ds&ts=1450260174&from=zzgbkk123&uid=samsungxssdx840xevox250gb_s1dbnsbf440848r&z=e7f4d158c453d277db583d5gczfwae3odqae6gem0e&q={searchTerms}
SearchScopes: HKU\.DEFAULT -> {425ED333-6083-428a-92C9-0CFC28B9D1BF} URL = hxxp://v9.com/web?type=ds&ts=1450260174&from=zzgbkk123&uid=samsungxssdx840xevox250gb_s1dbnsbf440848r&z=e7f4d158c453d277db583d5gczfwae3odqae6gem0e&q={searchTerms}
SearchScopes: HKU\S-1-5-19 -> DefaultScope {425ED333-6083-428a-92C9-0CFC28B9D1BF} URL = hxxp://v9.com/web?type=ds&ts=1450260174&from=zzgbkk123&uid=samsungxssdx840xevox250gb_s1dbnsbf440848r&z=e7f4d158c453d277db583d5gczfwae3odqae6gem0e&q={searchTerms}
SearchScopes: HKU\S-1-5-19 -> {425ED333-6083-428a-92C9-0CFC28B9D1BF} URL = hxxp://v9.com/web?type=ds&ts=1450260174&from=zzgbkk123&uid=samsungxssdx840xevox250gb_s1dbnsbf440848r&z=e7f4d158c453d277db583d5gczfwae3odqae6gem0e&q={searchTerms}
SearchScopes: HKU\S-1-5-20 -> DefaultScope {425ED333-6083-428a-92C9-0CFC28B9D1BF} URL = hxxp://v9.com/web?type=ds&ts=1450260174&from=zzgbkk123&uid=samsungxssdx840xevox250gb_s1dbnsbf440848r&z=e7f4d158c453d277db583d5gczfwae3odqae6gem0e&q={searchTerms}
SearchScopes: HKU\S-1-5-20 -> {425ED333-6083-428a-92C9-0CFC28B9D1BF} URL = hxxp://v9.com/web?type=ds&ts=1450260174&from=zzgbkk123&uid=samsungxssdx840xevox250gb_s1dbnsbf440848r&z=e7f4d158c453d277db583d5gczfwae3odqae6gem0e&q={searchTerms}
SearchScopes: HKU\S-1-5-21-134549537-2189254231-3257418806-1000 -> DefaultScope {425ED333-6083-428a-92C9-0CFC28B9D1BF} URL = hxxp://v9.com/web?type=ds&ts=1450260174&from=zzgbkk123&uid=samsungxssdx840xevox250gb_s1dbnsbf440848r&z=e7f4d158c453d277db583d5gczfwae3odqae6gem0e&q={searchTerms}
SearchScopes: HKU\S-1-5-21-134549537-2189254231-3257418806-1000 -> {425ED333-6083-428a-92C9-0CFC28B9D1BF} URL = hxxp://v9.com/web?type=ds&ts=1450260174&from=zzgbkk123&uid=samsungxssdx840xevox250gb_s1dbnsbf440848r&z=e7f4d158c453d277db583d5gczfwae3odqae6gem0e&q={searchTerms}
StartMenuInternet: IEXPLORE.EXE - iexplore.exe

FireFox:
========
FF ProfilePath: C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\7mkwm221.default
FF NewTab: hxxp://www.nicesearches.com?type=hp&ts=1460960906&from=86490418&uid=samsungxssdx840xevox250gb_s1dbnsbf440848r&z=454fe14a89b530c9ada6f6bg8z6qbeat0q7e2b6t6t
FF SearchEngineOrder.1: V9
FF SelectedSearchEngine: V9 
FF Homepage: hxxp://www.nicesearches.com?type=hp&ts=1460960906&from=86490418&uid=samsungxssdx840xevox250gb_s1dbnsbf440848r&z=454fe14a89b530c9ada6f6bg8z6qbeat0q7e2b6t6t
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32_22_0_0_209.dll [2016-07-13] ()
FF Plugin: @microsoft.com/GENUINE -> disabled [Pas de fichier]
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-07-29] (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-07-29] (Google Inc.)
FF Plugin: @videolan.org/vlc,version=2.1.0 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2013-09-23] (VideoLAN)
FF SearchPlugin: C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\7mkwm221.default\searchplugins\v9-.xml [2016-01-05]
FF SearchPlugin: C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\7mkwm221.default\searchplugins\V9.xml [2015-02-25]
FF Extension: xRocket Toolbar - C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\7mkwm221.default\Extensions\arthurj8283@gmail.com [2016-05-11] [non signé]
FF Extension: Security Protection - C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\7mkwm221.default\Extensions\detgdp@gmail.com [2014-12-12] [non signé]
FF Extension: Adblock Plus - C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\7mkwm221.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2016-05-07]
FF HKLM\...\Firefox\Extensions: [detgdp@gmail.com] - C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\7mkwm221.default\extensions\detgdp@gmail.com
FF HKLM\...\Firefox\Extensions: [arthurj8283@gmail.com] - C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\7mkwm221.default\extensions\arthurj8283@gmail.com

==================== Services (Avec liste blanche) ========================

(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)

R2 cktSvc; C:\Program Files\Uncheckit\cktSvc.exe [274688 2016-06-20] (EVANGEL TECHNOLOGY (HK) LIMITED)
R2 CommandHandler; C:\Program Files\Firefox\bin\FirefoxCommand.exe [253824 2016-07-28] ()
R2 FirefoxU; C:\Program Files\Firefox\bin\FirefoxUpdate.exe [499072 2016-07-28] ()
R2 Guntony_protect; C:\ProgramData\Guntony\protect\protect.exe [302976 2016-05-12] ()
S2 Guntony_update; C:\Program Files\Guntony\Guntony\bin\Guntony_server.exe [473472 2016-05-12] ()
R2 iSafeService; C:\Program Files\Elex-tech\YAC\iSafeSvc.exe [118048 2016-05-23] (Elex do Brasil Participações Ltda)
R2 MaConfigAgent; C:\Program Files\ma-config.com\MaConfigAgent.exe [2117448 2014-06-24] (CybelSoft)
S3 OpenVPNService; C:\Program Files\OpenVPN\bin\openvpnserv.exe [32568 2014-04-09] (The OpenVPN Project)
R2 UncheckitSvc; C:\Program Files\Uncheckit\UncheckitSvc.exe [247552 2016-06-20] (EVANGEL TECHNOLOGY (HK) LIMITED)
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [680960 2014-03-02] (Microsoft Corporation)
R2 winsaber; C:\Program Files\WinSaber\WinSaber.exe [432344 2016-07-28] ()
R2 winzipersvc; C:\Program Files\WinZipper\winzipersvc.exe [1242232 2016-07-27] (ExWzp Pvt Ltd.) <==== ATTENTION

===================== Pilotes (Avec liste blanche) ==========================

(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)

R1 iSafeKrnl; C:\Program Files\Elex-tech\YAC\iSafeKrnl.sys [227776 2016-05-23] (Elex do Brasil Participações Ltda)
S3 iSafeKrnlBoot; C:\Windows\System32\DRIVERS\iSafeKrnlBoot.sys [50280 2016-05-23] (Elex do Brasil Participações Ltda)
R1 iSafeKrnlKit; C:\Program Files\Elex-tech\YAC\iSafeKrnlKit.sys [97912 2016-05-23] (Elex do Brasil Participações Ltda)
R1 iSafeKrnlMon; C:\Program Files\Elex-tech\YAC\iSafeKrnlMon.sys [45032 2016-05-23] (Elex do Brasil Participações Ltda)
R1 iSafeKrnlR3; C:\Program Files\Elex-tech\YAC\iSafeKrnlR3.sys [73232 2016-05-23] (Elex do Brasil Participações Ltda)
R1 iSafeNetFilter; C:\Windows\System32\DRIVERS\iSafeNetFilter.sys [59152 2016-05-19] (Elex do Brasil Participações Ltda)
S3 ma-config_x86; C:\Program Files\ma-config.com\Drivers\ma-config_x86.sys [16160 2014-02-24] (CybelSoft)
R3 tap0901; C:\Windows\System32\DRIVERS\tap0901.sys [35288 2013-08-22] (The OpenVPN Project)
U5 UnlockerDriver5; C:\Program Files\Unlocker\UnlockerDriver5.sys [4096 2010-07-04] () [Fichier non signé]
S3 VGPU; System32\drivers\rdvgkmd.sys [X]

==================== NetSvcs (Avec liste blanche) ===================

(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)


==================== Un mois - Créés - fichiers et dossiers ========

(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)

2016-07-29 09:40 - 2016-07-29 09:40 - 00013507 _____ C:\Users\admin\Desktop\FRST.txt
2016-07-29 09:39 - 2016-07-29 09:40 - 00000000 ____D C:\FRST
2016-07-29 09:37 - 2016-07-29 09:37 - 01744384 _____ (Farbar) C:\Users\admin\Desktop\FRST.exe
2016-07-29 09:12 - 2016-07-29 09:12 - 00000000 ____D C:\Users\admin\AppData\Local\Guntony
2016-07-29 09:11 - 2016-07-29 09:22 - 00001058 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2016-07-29 09:11 - 2016-07-29 09:22 - 00001054 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2016-07-29 09:11 - 2016-07-29 09:11 - 00002245 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-07-29 09:11 - 2016-07-29 09:11 - 00002233 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2016-07-29 09:11 - 2016-07-29 09:11 - 00000000 ____D C:\Users\admin\AppData\Local\Google
2016-07-29 09:11 - 2016-07-29 09:11 - 00000000 ____D C:\Program Files\Google
2016-07-29 09:10 - 2016-07-29 09:10 - 08136664 _____ (Piriform Ltd) C:\Users\admin\Downloads\ccsetup520.exe
2016-07-28 19:07 - 2016-07-28 19:07 - 00000000 ____D C:\Users\admin\AppData\Local\Firefox
2016-07-28 19:06 - 2016-07-29 09:26 - 00000000 _____ C:\Users\Public\Documents\report.dat
2016-07-28 19:06 - 2016-07-28 19:06 - 00000000 ____D C:\Users\admin\AppData\Roaming\Firefox
2016-07-28 19:06 - 2016-07-28 19:06 - 00000000 ____D C:\Program Files\WinSaber
2016-07-28 19:06 - 2016-07-28 19:06 - 00000000 ____D C:\Program Files\Firefox
2016-07-28 19:06 - 2016-07-28 19:06 - 00000000 _____ C:\Users\Public\Documents\report1.dat
2016-07-28 18:36 - 2016-07-28 18:41 - 00000000 ____D C:\Users\admin\AppData\LocalLow\uTorrent
2016-07-28 18:30 - 2016-07-28 18:30 - 00001059 _____ C:\Users\admin\AppData\Roaming\Microsoft\Windows\Start Menu\Safejumper.lnk
2016-07-28 18:30 - 2016-07-28 18:30 - 00001035 _____ C:\Users\UpdatusUser\Desktop\Safejumper.lnk
2016-07-28 18:30 - 2016-07-28 18:30 - 00001035 _____ C:\Users\admin\Desktop\Safejumper.lnk
2016-07-28 18:30 - 2016-07-28 18:30 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TAP-Windows
2016-07-28 18:30 - 2016-07-28 18:30 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OpenVPN
2016-07-28 18:30 - 2016-07-28 18:30 - 00000000 ____D C:\Program Files\TAP-Windows
2016-07-28 18:30 - 2016-07-28 18:30 - 00000000 ____D C:\Program Files\Safejumper
2016-07-28 18:30 - 2016-07-28 18:30 - 00000000 ____D C:\Program Files\OpenVPN
2016-07-28 18:29 - 2016-07-28 17:42 - 11192711 _____ C:\Users\admin\Desktop\safejumper.exe
2016-07-14 06:29 - 2016-07-14 06:29 - 00000000 ____D C:\Program Files\unkbackup7z_00000049
2016-07-14 06:05 - 2016-07-14 06:05 - 00000000 ____D C:\Program Files\unkbackup7z_00000048
2016-07-14 04:29 - 2016-07-14 04:29 - 00000000 ____D C:\Program Files\unkbackup7z_00000047
2016-07-14 04:25 - 2016-07-14 04:25 - 00000000 ____D C:\Program Files\unkbackup7z_00000046
2016-07-14 02:45 - 2016-07-14 02:45 - 00000000 ____D C:\Program Files\unkbackup7z_00000045
2016-07-14 02:29 - 2016-07-14 02:29 - 00000000 ____D C:\Program Files\unkbackup7z_00000044
2016-07-14 01:04 - 2016-07-14 01:04 - 00000000 ____D C:\Program Files\unkbackup7z_00000043
2016-07-14 00:29 - 2016-07-14 00:29 - 00000000 ____D C:\Program Files\unkbackup7z_00000042
2016-07-13 23:24 - 2016-07-13 23:24 - 00000000 ____D C:\Program Files\unkbackup7z_00000041
2016-07-13 22:29 - 2016-07-13 22:29 - 00000000 ____D C:\Program Files\unkbackup7z_00000040
2016-07-13 21:44 - 2016-07-13 21:44 - 00000000 ____D C:\Program Files\unkbackup7z_0000003F
2016-07-13 20:29 - 2016-07-13 20:29 - 00000000 ____D C:\Program Files\unkbackup7z_0000003E
2016-07-13 20:04 - 2016-07-13 20:04 - 00000000 ____D C:\Program Files\unkbackup7z_0000003D
2016-07-13 18:29 - 2016-07-13 18:29 - 00000000 ____D C:\Program Files\unkbackup7z_0000003C
2016-07-13 18:24 - 2016-07-13 18:24 - 00000000 ____D C:\Program Files\unkbackup7z_0000003B
2016-07-13 16:44 - 2016-07-13 16:44 - 00000000 ____D C:\Program Files\unkbackup7z_0000003A
2016-07-13 16:29 - 2016-07-13 16:29 - 00000000 ____D C:\Program Files\unkbackup7z_00000039
2016-07-13 15:04 - 2016-07-13 15:04 - 00000000 ____D C:\Program Files\unkbackup7z_00000038
2016-07-13 14:29 - 2016-07-13 14:29 - 00000000 ____D C:\Program Files\unkbackup7z_00000037
2016-07-13 13:24 - 2016-07-13 13:24 - 00000000 ____D C:\Program Files\unkbackup7z_00000036
2016-07-13 12:29 - 2016-07-13 12:29 - 00000000 ____D C:\Program Files\unkbackup7z_00000035
2016-07-13 11:44 - 2016-07-13 11:44 - 00000000 ____D C:\Program Files\unkbackup7z_00000034
2016-07-13 10:29 - 2016-07-13 10:29 - 00000000 ____D C:\Program Files\unkbackup7z_00000033
2016-07-13 10:04 - 2016-07-13 10:04 - 00000000 ____D C:\Program Files\unkbackup7z_00000032
2016-07-13 08:29 - 2016-07-13 08:29 - 00000000 ____D C:\Program Files\unkbackup7z_00000031
2016-07-13 08:24 - 2016-07-13 08:24 - 00000000 ____D C:\Program Files\unkbackup7z_00000030
2016-07-13 06:44 - 2016-07-13 06:44 - 00000000 ____D C:\Program Files\unkbackup7z_0000002F
2016-07-13 06:29 - 2016-07-13 06:29 - 00000000 ____D C:\Program Files\unkbackup7z_0000002E
2016-07-13 05:04 - 2016-07-13 05:04 - 00000000 ____D C:\Program Files\unkbackup7z_0000002D
2016-07-13 04:29 - 2016-07-13 04:29 - 00000000 ____D C:\Program Files\unkbackup7z_0000002C
2016-07-13 03:24 - 2016-07-13 03:24 - 00000000 ____D C:\Program Files\unkbackup7z_0000002B
2016-07-13 02:29 - 2016-07-13 02:29 - 00000000 ____D C:\Program Files\unkbackup7z_0000002A
2016-07-13 01:44 - 2016-07-13 01:44 - 00000000 ____D C:\Program Files\unkbackup7z_00000029
2016-07-13 00:29 - 2016-07-13 00:29 - 00000000 ____D C:\Program Files\unkbackup7z_00000028
2016-07-13 00:04 - 2016-07-13 00:04 - 00000000 ____D C:\Program Files\unkbackup7z_00000027
2016-07-12 22:29 - 2016-07-12 22:29 - 00000000 ____D C:\Program Files\unkbackup7z_00000026
2016-07-12 22:24 - 2016-07-12 22:24 - 00000000 ____D C:\Program Files\unkbackup7z_00000025
2016-07-12 20:44 - 2016-07-12 20:44 - 00000000 ____D C:\Program Files\unkbackup7z_00000024
2016-07-12 20:29 - 2016-07-12 20:29 - 00000000 ____D C:\Program Files\unkbackup7z_00000023
2016-07-12 19:04 - 2016-07-12 19:04 - 00000000 ____D C:\Program Files\unkbackup7z_00000022
2016-07-12 18:29 - 2016-07-12 18:29 - 00000000 ____D C:\Program Files\unkbackup7z_00000021
2016-07-12 17:24 - 2016-07-12 17:24 - 00000000 ____D C:\Program Files\unkbackup7z_00000020
2016-07-12 16:29 - 2016-07-12 16:29 - 00000000 ____D C:\Program Files\unkbackup7z_0000001F
2016-07-12 15:44 - 2016-07-12 15:44 - 00000000 ____D C:\Program Files\unkbackup7z_0000001E
2016-07-12 14:29 - 2016-07-12 14:29 - 00000000 ____D C:\Program Files\unkbackup7z_0000001D
2016-07-12 14:04 - 2016-07-12 14:04 - 00000000 ____D C:\Program Files\unkbackup7z_0000001C
2016-07-12 12:29 - 2016-07-12 12:29 - 00000000 ____D C:\Program Files\unkbackup7z_0000001B
2016-07-12 12:24 - 2016-07-12 12:24 - 00000000 ____D C:\Program Files\unkbackup7z_0000001A
2016-07-12 10:44 - 2016-07-12 10:44 - 00000000 ____D C:\Program Files\unkbackup7z_00000019
2016-07-12 10:29 - 2016-07-12 10:29 - 00000000 ____D C:\Program Files\unkbackup7z_00000018
2016-07-12 09:04 - 2016-07-12 09:04 - 00000000 ____D C:\Program Files\unkbackup7z_00000017
2016-07-12 08:29 - 2016-07-12 08:29 - 00000000 ____D C:\Program Files\unkbackup7z_00000016
2016-07-12 07:24 - 2016-07-12 07:24 - 00000000 ____D C:\Program Files\unkbackup7z_00000015
2016-07-12 06:29 - 2016-07-12 06:29 - 00000000 ____D C:\Program Files\unkbackup7z_00000014
2016-07-12 05:44 - 2016-07-12 05:44 - 00000000 ____D C:\Program Files\unkbackup7z_00000013
2016-07-12 04:29 - 2016-07-12 04:29 - 00000000 ____D C:\Program Files\unkbackup7z_00000012
2016-07-12 04:04 - 2016-07-12 04:04 - 00000000 ____D C:\Program Files\unkbackup7z_00000011
2016-07-12 02:29 - 2016-07-12 02:29 - 00000000 ____D C:\Program Files\unkbackup7z_00000010
2016-07-12 02:24 - 2016-07-12 02:24 - 00000000 ____D C:\Program Files\unkbackup7z_0000000F
2016-07-12 00:43 - 2016-07-12 00:43 - 00000000 ____D C:\Program Files\unkbackup7z_0000000E
2016-07-12 00:29 - 2016-07-12 00:29 - 00000000 ____D C:\Program Files\unkbackup7z_0000000D
2016-07-11 23:03 - 2016-07-11 23:03 - 00000000 ____D C:\Program Files\unkbackup7z_0000000C
2016-07-11 22:29 - 2016-07-11 22:29 - 00000000 ____D C:\Program Files\unkbackup7z_0000000B
2016-07-11 21:23 - 2016-07-11 21:23 - 00000000 ____D C:\Program Files\unkbackup7z_0000000A
2016-07-11 20:29 - 2016-07-11 20:29 - 00000000 ____D C:\Program Files\unkbackup7z_00000009
2016-07-11 19:43 - 2016-07-11 19:43 - 00000000 ____D C:\Program Files\unkbackup7z_00000008
2016-07-11 18:29 - 2016-07-11 18:29 - 00000000 ____D C:\Program Files\unkbackup7z_00000007
2016-07-11 18:03 - 2016-07-11 18:03 - 00000000 ____D C:\Program Files\unkbackup7z_00000006
2016-07-11 16:29 - 2016-07-11 16:29 - 00000000 ____D C:\Program Files\unkbackup7z_00000005
2016-07-11 16:23 - 2016-07-11 16:23 - 00000000 ____D C:\Program Files\unkbackup7z_00000004
2016-07-11 14:43 - 2016-07-11 14:43 - 00000000 ____D C:\Program Files\unkbackup7z_00000003
2016-07-11 14:29 - 2016-07-11 14:29 - 00000000 ____D C:\Program Files\unkbackup7z_00000002
2016-07-11 13:03 - 2016-07-11 13:03 - 00000000 ____D C:\Program Files\unkbackup7z_00000001
2016-07-11 12:29 - 2016-07-11 12:29 - 00000000 ____D C:\Program Files\unkbackup7z_00000000

==================== Un mois - Modifiés - fichiers et dossiers ========

(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)

2016-07-29 09:38 - 2016-05-17 16:56 - 00000000 ____D C:\Program Files\Guntony
2016-07-29 09:38 - 2014-07-04 09:23 - 00000000 ____D C:\Users\admin\AppData\Roaming\uTorrent
2016-07-29 09:12 - 2009-07-14 04:37 - 00000000 ____D C:\Windows\inf
2016-07-29 09:11 - 2014-07-04 09:23 - 00000999 _____ C:\Users\Public\Desktop\CCleaner.lnk
2016-07-29 09:11 - 2014-07-04 09:23 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2016-07-29 08:53 - 2014-07-04 08:58 - 00001002 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2016-07-28 19:06 - 2014-12-12 08:40 - 00000000 ____D C:\Program Files\WinZipper
2016-07-28 19:06 - 2014-07-03 22:44 - 00002190 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2016-07-28 19:06 - 2014-07-03 22:44 - 00002120 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk
2016-07-28 18:45 - 2014-07-04 09:23 - 00000000 ____D C:\Users\admin\AppData\Roaming\vlc
2016-07-28 18:43 - 2009-07-14 06:34 - 00026768 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2016-07-28 18:43 - 2009-07-14 06:34 - 00026768 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2016-07-28 18:40 - 2011-04-12 03:35 - 00721074 _____ C:\Windows\system32\perfh00C.dat
2016-07-28 18:40 - 2011-04-12 03:35 - 00135994 _____ C:\Windows\system32\perfc00C.dat
2016-07-28 18:40 - 2010-11-20 23:01 - 01586578 _____ C:\Windows\system32\PerfStringBackup.INI
2016-07-28 18:36 - 2016-06-16 16:40 - 00000000 ____D C:\Program Files\Mozilla Firefox
2016-07-28 18:36 - 2014-07-03 22:44 - 00000000 ____D C:\Program Files\Mozilla Maintenance Service
2016-07-28 18:36 - 2009-07-14 06:53 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2016-07-15 22:54 - 2016-06-20 18:17 - 00000000 ___SD C:\Users\admin\AppData\LocalLow\Temp
2016-07-15 22:54 - 2014-07-03 22:37 - 00058528 _____ C:\Users\admin\AppData\Local\GDIPFONTCACHEV1.DAT
2016-07-13 06:53 - 2014-07-04 08:58 - 00796352 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
2016-07-13 06:53 - 2014-07-04 08:58 - 00142528 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl
2016-07-13 06:53 - 2014-07-04 08:58 - 00000000 ____D C:\Windows\system32\Macromed
2016-07-11 04:36 - 2009-07-14 06:33 - 00270632 _____ C:\Windows\system32\FNTCACHE.DAT

==================== Bamital & volsnap =================

(Il n'y a pas de correction automatique pour les fichiers qui ne satisfont pas à la vérification.)

C:\Windows\explorer.exe => Le fichier est signé numériquement
C:\Windows\system32\winlogon.exe => Le fichier est signé numériquement
C:\Windows\system32\wininit.exe => Le fichier est signé numériquement
C:\Windows\system32\svchost.exe => Le fichier est signé numériquement
C:\Windows\system32\services.exe => Le fichier est signé numériquement
C:\Windows\system32\User32.dll => Le fichier est signé numériquement
C:\Windows\system32\userinit.exe => Le fichier est signé numériquement
C:\Windows\system32\rpcss.dll => Le fichier est signé numériquement
C:\Windows\system32\dnsapi.dll => Le fichier est signé numériquement
C:\Windows\system32\Drivers\volsnap.sys => Le fichier est signé numériquement


LastRegBack: 2016-07-28 14:56

==================== Fin de FRST.txt ============================