Résultats d'analyse de  Farbar Recovery Scan Tool (FRST) (x64) Version: 15-03-2017
Exécuté par kl (administrateur) sur SHADY (22-03-2017 14:40:22)
Exécuté depuis C:\Users\kl\Desktop
Profils chargés: kl (Profils disponibles: kl & FOX)
Platform: Windows 7 Home Basic Service Pack 1 (X64) Langue: Français (France)
Internet Explorer Version 11 (Navigateur par défaut: FF)
Mode d'amorçage: Normal
Tutoriel pour Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processus (Avec liste blanche) =================

(Si un élément est inclus dans le fichier fixlist.txt, le processus sera arrêté. Le fichier ne sera pas déplacé.)

(Faronics Corporation) C:\Program Files (x86)\Faronics\Deep Freeze\Install C-0\DFServ.exe
(AnchorFree Inc.) C:\Program Files (x86)\Hotspot Shield\bin\cmw_srv.exe
() C:\Program Files (x86)\Intel Driver Update Utility\SUR\SurSvc.exe
(McAfee, Inc.) C:\Program Files\TrueKey\McAfee.TrueKey.Service.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(McAfee, Inc.) C:\Program Files\TrueKey\McTkSchedulerService.exe
(Microsoft Corporation) C:\Windows\System32\wscript.exe
(Tonec Inc.) C:\Program Files (x86)\Internet Download Manager\IDMan.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Microsoft Corporation) C:\Windows\System32\wscript.exe
(Mega Limited) C:\Users\kl\AppData\Local\MEGAsync\MEGAsync.exe
(Faronics Corporation) C:\Program Files (x86)\Faronics\Deep Freeze\Install C-0\_$Df\FrzState2k.exe
(Faronics Corporation) C:\Windows\Temp\DFLocker64.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.32.7\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.32.7\GoogleCrashHandler64.exe
() C:\Program Files\Intel\SUR\WILLAMETTE\ESRV\esrv.exe
() C:\Program Files\Intel\SUR\WILLAMETTE\ESRV\esrv_svc.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe

==================== Registre (Avec liste blanche) ====================

(Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé. Le fichier ne sera pas déplacé.)

HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [446392 2012-04-04] (Adobe Systems Incorporated)
HKLM\...\Run: [VEFLSQM] => wscript.exe //B //E:vbs "C:\Users\kl\AppData\Local\Temp\VEFLSQM" <===== ATTENTION
HKLM-x32\...\Run: [SwitchBoard] => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [AdobeCS6ServiceManager] => C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe [1073312 2012-03-09] (Adobe Systems Incorporated)
Winlogon\Notify\DfLogon: LogonDll.dll [X]
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKLM\...\Policies\Explorer: [NoDrives] 32
HKU\S-1-5-21-3250740000-1501286622-4233108103-1000\...\Run: [Xvid] => powershell.exe -nologo -WindowStyle hidden -Noninteractive -NoProfile -ExecutionPolicy Bypass -File "C:\Program Files (x86)\Xvid\CheckUpdate.ps1"
HKU\S-1-5-21-3250740000-1501286622-4233108103-1000\...\Run: [IDMan] => C:\Program Files (x86)\Internet Download Manager\IDMan.exe [3964984 2016-09-07] (Tonec Inc.)
HKU\S-1-5-21-3250740000-1501286622-4233108103-1000\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [8418584 2015-07-17] (Piriform Ltd)
HKU\S-1-5-21-3250740000-1501286622-4233108103-1000\...\Run: [AdobeBridge] => [X]
HKU\S-1-5-21-3250740000-1501286622-4233108103-1000\...\Run: [GoogleChromeAutoLaunch_1D888319315F315F5501D470043442A4] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [1116504 2017-02-01] (Google Inc.)
HKU\S-1-5-21-3250740000-1501286622-4233108103-1000\...\Run: [SysinfY2X] => C:\WINDOWS\system32\cmd.exe /c start wscript  /e:VBScript.Encode %temp%\SysinfY2X.db
HKU\S-1-5-21-3250740000-1501286622-4233108103-1000\...\Run: [VEFLSQM] => wscript.exe //B //E:vbs "C:\Users\kl\AppData\Local\Temp\VEFLSQM" <===== ATTENTION
Lsa: [Notification Packages] scecli C:\Program Files\TrueKey\McAfeeTrueKeyPasswordFilter
ShellIconOverlayIdentifiers: [
 MEGA (Pending)] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => C:\Users\kl\AppData\Local\MEGAsync\ShellExtX64.dll [2016-10-31] ()
ShellIconOverlayIdentifiers: [
 MEGA (Synced)] -> {05B38830-F4E9-4329-978B-1DD28605D202} => C:\Users\kl\AppData\Local\MEGAsync\ShellExtX64.dll [2016-10-31] ()
ShellIconOverlayIdentifiers: [
 MEGA (Syncing)] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => C:\Users\kl\AppData\Local\MEGAsync\ShellExtX64.dll [2016-10-31] ()
ShellIconOverlayIdentifiers: [   IDM Shell Extension] -> {CDC95B92-E27C-4745-A8C5-64A52A78855D} => C:\Program Files (x86)\Internet Download Manager\IDMShellExt64.dll [2015-08-14] (Tonec Inc.)
ShellIconOverlayIdentifiers-x32: [
 MEGA (Pending)] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => C:\Users\kl\AppData\Local\MEGAsync\ShellExtX32.dll [2016-10-31] ()
ShellIconOverlayIdentifiers-x32: [
 MEGA (Synced)] -> {05B38830-F4E9-4329-978B-1DD28605D202} => C:\Users\kl\AppData\Local\MEGAsync\ShellExtX32.dll [2016-10-31] ()
ShellIconOverlayIdentifiers-x32: [
 MEGA (Syncing)] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => C:\Users\kl\AppData\Local\MEGAsync\ShellExtX32.dll [2016-10-31] ()
Startup: C:\Users\kl\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\MEGAsync.lnk [2017-03-12]
ShortcutTarget: MEGAsync.lnk -> C:\Users\kl\AppData\Local\MEGAsync\MEGAsync.exe (Mega Limited)
BootExecute: autocheck autochk /k:C /k:E * 

==================== Internet (Avec liste blanche) ====================

(Si un élément est inclus dans le fichier fixlist.txt, s'il s'agit d'un élément du Registre, il sera supprimé ou restauré à la valeur par défaut.)

Hosts: Il y a plus d'un élément dans hosts. Voir la section Hosts de Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{F30F35AC-7B2D-4B9B-90E8-AFFE0068DB86}: [DhcpNameServer] 192.168.1.1

Internet Explorer:
==================
URLSearchHook: [S-1-5-21-3250740000-1501286622-4233108103-1000] ATTENTION => URLSearchHook par défaut est absent
BHO: IDM integration (IDMIEHlprObj Class) -> {0055C089-8582-441B-A0BF-17B458C2A3A8} -> C:\Program Files (x86)\Internet Download Manager\IDMIECC64.dll [2016-09-06] (Internet Download Manager, Tonec Inc.)
BHO-x32: IDM integration (IDMIEHlprObj Class) -> {0055C089-8582-441B-A0BF-17B458C2A3A8} -> C:\Program Files (x86)\Internet Download Manager\IDMIECC.dll [2016-09-06] (Internet Download Manager, Tonec Inc.)
BHO-x32: True Key Helper -> {0F4B8786-5502-4803-8EBC-F652A1153BB6} -> C:\Program Files\Intel Security\True Key\MSIE\truekey_ie.dll [2017-02-07] (Intel Security)
Toolbar: HKLM-x32 - True Key - {4BAAC1B8-0800-42C9-8FA6-08B211F356B8} - C:\Program Files\Intel Security\True Key\MSIE\truekey_ie.dll [2017-02-07] (Intel Security)

FireFox:
========
FF DefaultProfile: 4lsg1rb5.default
FF ProfilePath: C:\Users\kl\AppData\Roaming\Mozilla\Firefox\Profiles\4lsg1rb5.default [2017-03-22]
FF Extension: (User Agent Overrider) - C:\Users\kl\AppData\Roaming\Mozilla\Firefox\Profiles\4lsg1rb5.default\Extensions\useragentoverrider@qixinglu.com.xpi [2017-03-22]
FF Extension: (Adblock Plus) - C:\Users\kl\AppData\Roaming\Mozilla\Firefox\Profiles\4lsg1rb5.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2017-03-22]
FF Extension: (BetterPrivacy) - C:\Users\kl\AppData\Roaming\Mozilla\Firefox\Profiles\4lsg1rb5.default\Extensions\{d40f5e7b-d2cf-4856-b441-cc613eeffbe3}.xpi [2017-03-22]
FF HKU\S-1-5-21-3250740000-1501286622-4233108103-1000\...\Firefox\Extensions: [mozilla_cc2@internetdownloadmanager.com] - C:\Program Files (x86)\Internet Download Manager\idmmzcc2.xpi
FF Extension: (IDM integration) - C:\Program Files (x86)\Internet Download Manager\idmmzcc2.xpi [2016-08-03]
FF HKU\S-1-5-21-3250740000-1501286622-4233108103-1000\...\SeaMonkey\Extensions: [mozilla_cc2@internetdownloadmanager.com] - C:\Program Files (x86)\Internet Download Manager\idmmzcc2.xpi
FF HKU\S-1-5-21-3250740000-1501286622-4233108103-1000\...\SeaMonkey\Extensions: [mozilla_cc@internetdownloadmanager.com] - C:\Users\kl\AppData\Roaming\IDM\idmmzcc5
FF Extension: (IDM CC) - C:\Users\kl\AppData\Roaming\IDM\idmmzcc5 [2017-03-22] [non signé]
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_25_0_0_127.dll [2017-03-15] ()
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_25_0_0_127.dll [2017-03-15] ()
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.50709.0\npctrl.dll [2016-07-11] ( Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2016-12-16] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2016-12-16] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.1.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2014-02-05] (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2016-12-17] (Adobe Systems Inc.)

Chrome: 
=======
CHR Profile: C:\Users\kl\AppData\Local\Google\Chrome\User Data\Default [2017-03-22]
CHR Extension: (Google Slides) - C:\Users\kl\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2016-11-05]
CHR Extension: (Flash Video Downloader) - C:\Users\kl\AppData\Local\Google\Chrome\User Data\Default\Extensions\aiimdkdngfcipjohbjenkahhlhccpdbc [2017-02-26]
CHR Extension: (Google Docs) - C:\Users\kl\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2016-11-05]
CHR Extension: (Google Drive) - C:\Users\kl\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-11-05]
CHR Extension: (YouTube) - C:\Users\kl\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-11-05]
CHR Extension: (Adblock Plus) - C:\Users\kl\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2017-03-21]
CHR Extension: (Tampermonkey) - C:\Users\kl\AppData\Local\Google\Chrome\User Data\Default\Extensions\dhdgffkkebhmkfjojejmpbldmpobfkfo [2016-12-14]
CHR Extension: (Google Sheets) - C:\Users\kl\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2016-11-05]
CHR Extension: (Google Docs hors connexion) - C:\Users\kl\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-11-05]
CHR Extension: (Enable right click) - C:\Users\kl\AppData\Local\Google\Chrome\User Data\Default\Extensions\hhojmcideegachlhfgfdhailpfhgknjm [2016-12-14]
CHR Extension: (Seo Enable Copy) - C:\Users\kl\AppData\Local\Google\Chrome\User Data\Default\Extensions\jecafjfpjgbbfagchnkocbjpbjdgambk [2016-12-14]
CHR Extension: (Popup Blocker Pro) - C:\Users\kl\AppData\Local\Google\Chrome\User Data\Default\Extensions\kiodaajmphnkcajieajajinghpejdjai [2016-12-14]
CHR Extension: (IDM Integration Module) - C:\Users\kl\AppData\Local\Google\Chrome\User Data\Default\Extensions\ngpampappnmepgilojfohadhhmbhlaek [2017-03-21]
CHR Extension: (Paiements via le Chrome Web Store) - C:\Users\kl\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-03-09]
CHR Extension: (AdF.ly Skipper ★WORKING★) - C:\Users\kl\AppData\Local\Google\Chrome\User Data\Default\Extensions\obnfifcganohemahpomajbhocfkdgmjb [2016-12-27]
CHR Extension: (Gmail) - C:\Users\kl\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-11-05]
CHR Extension: (Chrome Media Router) - C:\Users\kl\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-02-03]
CHR HKLM\...\Chrome\Extension: [ngpampappnmepgilojfohadhhmbhlaek] - C:\Program Files (x86)\Internet Download Manager\IDMGCExt.crx [2016-09-07]

==================== Services (Avec liste blanche) ====================

(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)

R2 DFServ; C:\Program Files (x86)\Faronics\Deep Freeze\Install C-0\DFServ.exe [1399672 2017-02-10] (Faronics Corporation) [Fichier non signé]
R2 ESRV_SVC_WILLAMETTE; C:\Program Files\Intel\SUR\WILLAMETTE\ESRV\esrv_svc.exe [416408 2016-06-08] ()
R2 hshld; C:\Program Files (x86)\Hotspot Shield\bin\cmw_srv.exe [2604664 2017-03-01] (AnchorFree Inc.)
S3 rpcapd; C:\Program Files (x86)\WinPcap\rpcapd.exe [118520 2013-03-01] (Riverbed Technology, Inc.)
S3 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [Fichier non signé]
R2 SystemUsageReportSvc_WILLAMETTE; C:\Program Files (x86)\Intel Driver Update Utility\SUR\SurSvc.exe [117400 2016-06-08] ()
R2 TrueKey; C:\Program Files\TrueKey\McAfee.TrueKey.Service.exe [996824 2017-02-06] (McAfee, Inc.)
R2 TrueKeyScheduler; C:\Program Files\TrueKey\McTkSchedulerService.exe [16248 2017-02-06] (McAfee, Inc.)
S3 TrueKeyServiceHelper; C:\Program Files\TrueKey\McAfee.TrueKey.ServiceHelper.exe [86864 2017-02-06] (McAfee, Inc.)
S3 USER_ESRV_SVC_WILLAMETTE; C:\Program Files\Intel\SUR\WILLAMETTE\ESRV\esrv_svc.exe [416408 2016-06-08] ()
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2009-07-14] (Microsoft Corporation)

===================== Pilotes (Avec liste blanche) ======================

(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)

R3 AFTrafMgr1.2; C:\Program Files (x86)\Hotspot Shield\bin\TrafMgr_1_2_64.sys [57272 2017-02-16] (AnchorFree Inc.)
R0 DeepFrz; C:\Windows\System32\Drivers\DeepFrz.sys [218088 2015-07-17] (Faronics Corporation)
R0 DfDiskLo; C:\Windows\System32\Drivers\DfDiskLo.sys [38632 2015-07-17] (Faronics Corporation)
R1 DFFilter; C:\Windows\System32\Drivers\DFFilter.sys [43240 2015-07-17] (Faronics Corporation)
R0 FarDisk; C:\Windows\System32\Drivers\FarDisk.sys [31464 2015-07-17] (Faronics Corporation)
R0 FarSpace; C:\Windows\System32\Drivers\FarSpace.sys [117992 2015-07-17] (Faronics Corporation)
R1 HssDRV6; C:\Windows\System32\DRIVERS\hssdrv6.sys [44744 2015-02-04] (AnchorFree Inc.)
R1 HWiNFO32; C:\Windows\SysWOW64\drivers\HWiNFO64A.SYS [27552 2016-08-18] (REALiX(tm))
R0 iaStorF; C:\Windows\System32\DRIVERS\iaStorF.sys [28656 2013-04-30] (Intel Corporation)
R3 IFXTPM; C:\Windows\System32\DRIVERS\IFXTPM.SYS [58880 2008-07-31] (Infineon Technologies AG)
R2 IntelHaxm; C:\Windows\System32\DRIVERS\IntelHaxm.sys [93192 2016-11-11] (Intel  Corporation)
R2 NPF; C:\Windows\System32\drivers\npf.sys [36600 2013-03-01] (Riverbed Technology, Inc.)
R3 semav6msr64; C:\Windows\system32\drivers\semav6msr64.sys [21984 2015-06-04] ()
R3 taphss6; C:\Windows\System32\DRIVERS\taphss6.sys [42184 2015-02-04] (Anchorfree Inc.)
R1 VBoxNetAdp; C:\Windows\System32\DRIVERS\VBoxNetAdp6.sys [131096 2016-10-18] (Oracle Corporation)
R1 VBoxNetLwf; C:\Windows\System32\DRIVERS\VBoxNetLwf.sys [203856 2016-10-18] (Oracle Corporation)
S3 BstHdDrv; \??\C:\Program Files (x86)\Bluestacks\HD-Hypervisor-amd64.sys [X]
S3 BstkDrv; \??\C:\Program Files (x86)\Bluestacks\BstkDrv.sys [X]

==================== NetSvcs (Avec liste blanche) ===================

(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)


==================== Un mois - Créés - fichiers et dossiers ========

(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)

2017-03-22 14:40 - 2017-03-22 14:40 - 00016093 _____ C:\Users\kl\Desktop\FRST.txt
2017-03-22 14:40 - 2017-03-22 14:40 - 00000000 ____D C:\FRST
2017-03-22 14:39 - 2017-03-22 14:39 - 02424832 _____ (Farbar) C:\Users\kl\Desktop\FRST64.exe
2017-03-22 14:34 - 2017-03-22 14:34 - 00111208 _____ C:\Users\kl\AppData\Local\GDIPFONTCACHEV1.DAT
2017-03-22 14:11 - 2017-03-22 14:11 - 02752512 _____ C:\Users\kl\Downloads\ZHPCleaner.exe
2017-03-22 14:11 - 2017-03-22 14:11 - 00000801 _____ C:\Users\kl\Desktop\ZHPCleaner.lnk
2017-03-22 13:56 - 2017-03-22 14:03 - 00000000 ____D C:\AdwCleaner
2017-03-22 13:56 - 2017-03-22 13:56 - 04031440 _____ C:\Users\kl\Downloads\adwcleaner_6.044.exe
2017-03-22 13:49 - 2017-03-22 13:50 - 02030536 _____ (Bleeping Computer, LLC) C:\Users\kl\Desktop\rkill.com
2017-03-22 13:09 - 2017-03-22 13:09 - 00000791 _____ C:\Users\kl\Desktop\ZHPDiag.lnk
2017-03-22 03:28 - 2017-03-22 03:28 - 00002136 _____ C:\Users\kl\Desktop\key.keystore
2017-03-21 16:20 - 2017-03-21 16:20 - 05163965 _____ C:\Users\kl\Desktop\coll.apk
2017-03-21 16:17 - 2017-03-22 03:13 - 00000000 ____D C:\Users\kl\Desktop\call.apk
2017-03-21 14:49 - 2017-03-21 15:25 - 00274751 _____ C:\Users\kl\Desktop\LOGO.psd
2017-03-21 12:57 - 2017-03-21 12:58 - 05391256 _____ C:\Users\kl\Downloads\Call Recorder Free_v4.2_apkpure.com.apk
2017-03-21 12:51 - 2017-03-21 12:52 - 02961575 _____ C:\Users\kl\Downloads\Call Recorder Pro_v1.0.4_apkpure.com.apk
2017-03-20 23:31 - 2017-03-20 23:31 - 02819501 _____ C:\Users\kl\Downloads\Italian Recipes Easy_v1.0_apkpure.com.apk
2017-03-20 23:22 - 2017-03-20 23:22 - 04799569 _____ C:\Users\kl\Downloads\Tasty Recipes_v2.4.2.2_apkpure.com.apk
2017-03-20 22:44 - 2017-03-20 22:44 - 17544694 _____ C:\Users\kl\Downloads\All Cooking Recipes_v1.0_apkpure.com.apk
2017-03-20 22:16 - 2017-03-20 22:17 - 03578291 _____ C:\Users\kl\Downloads\أشهى وصفات طبخ الدجاج_v3.0_apkpure.com.apk
2017-03-17 22:21 - 2017-03-17 22:21 - 00000000 ____D C:\Users\kl\Desktop\Joke App
2017-03-17 16:44 - 2017-03-17 16:44 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\7-Zip
2017-03-17 16:44 - 2017-03-17 16:44 - 00000000 ____D C:\Program Files\7-Zip
2017-03-17 16:31 - 2017-03-21 19:04 - 00000000 ____D C:\Users\kl\Desktop\apk-signer-1.8.5
2017-03-17 16:31 - 2017-03-17 16:31 - 00746592 _____ C:\Users\kl\Desktop\apk-signer-1.8.5.zip
2017-03-17 15:48 - 2017-03-17 15:48 - 06637356 _____ C:\Users\kl\Downloads\wasfa.apk
2017-03-17 14:01 - 2017-03-17 14:14 - 00000000 ____D C:\Users\kl\AppData\Roaming\Notepad++
2017-03-17 14:01 - 2017-03-17 14:01 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Notepad++
2017-03-17 14:01 - 2017-03-17 14:01 - 00000000 ____D C:\Program Files\Notepad++
2017-03-17 13:59 - 2017-03-17 16:41 - 00000786 _____ C:\Users\kl\Desktop\Nouveau document texte.txt
2017-03-17 13:41 - 2017-03-17 13:42 - 09157425 _____ C:\Users\kl\Downloads\Bb.apk
2017-03-16 12:53 - 2017-03-16 13:16 - 647823360 _____ C:\Users\kl\Downloads\_Getintopc.com_Windows_XP_Professional_SP3_Nov_2013_Incl_SATA_Drivers.iso
2017-03-14 18:31 - 2017-03-14 18:31 - 00001092 _____ C:\Users\Public\Desktop\Oracle VM VirtualBox.lnk
2017-03-14 18:31 - 2017-03-14 18:31 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Oracle VM VirtualBox
2017-03-14 18:31 - 2016-10-18 18:57 - 00928416 _____ (Oracle Corporation) C:\Windows\system32\Drivers\VBoxDrv.sys
2017-03-14 18:31 - 2016-10-18 18:57 - 00149768 _____ (Oracle Corporation) C:\Windows\system32\Drivers\VBoxUSBMon.sys
2017-03-14 18:30 - 2017-03-14 18:30 - 00000000 ____D C:\Program Files\Oracle
2017-03-14 18:29 - 2017-03-21 14:46 - 00001041 _____ C:\Users\Public\Desktop\Genymotion.lnk
2017-03-14 18:29 - 2017-03-21 14:46 - 00001036 _____ C:\Users\Public\Desktop\Genymotion Shell.lnk
2017-03-14 18:29 - 2017-03-14 18:29 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Genymotion
2017-03-14 18:20 - 2017-03-14 18:20 - 00043275 _____ C:\Users\kl\genymotion-log.zip
2017-03-14 18:19 - 2017-03-22 03:36 - 00000000 ____D C:\Users\kl\AppData\Local\Genymobile
2017-03-14 18:19 - 2017-03-14 18:19 - 00000000 ____D C:\Program Files\Genymobile
2017-03-13 23:26 - 2017-01-27 21:22 - 02793698 _____ C:\Users\kl\Desktop\04 - How to Change Graphics.mp4
2017-03-13 23:26 - 2017-01-27 20:58 - 06218984 _____ C:\Users\kl\Desktop\03 - How to Change Game Name and Admob IDs.mp4
2017-03-13 23:26 - 2017-01-27 20:37 - 03502519 _____ C:\Users\kl\Desktop\02 - How to Change Package Name.mp4
2017-03-13 23:26 - 2017-01-27 19:58 - 04564632 _____ C:\Users\kl\Desktop\01 - How to Import to Eclipse.mp4
2017-03-13 15:39 - 2017-03-13 15:39 - 00000016 _____ C:\Users\kl\.emulator_console_auth_token
2017-03-13 15:37 - 2016-11-11 16:10 - 00093192 _____ (Intel Corporation) C:\Windows\system32\Drivers\IntelHaxm.sys
2017-03-12 22:16 - 2017-03-12 22:16 - 00001009 _____ C:\Users\kl\Desktop\MEGAsync.lnk
2017-03-12 22:16 - 2017-03-12 22:16 - 00000000 ____D C:\Users\kl\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MEGAsync
2017-03-12 17:26 - 2017-03-12 18:22 - 00000000 ____D C:\Users\kl\.gradle
2017-03-12 13:14 - 2017-03-12 13:14 - 00001138 _____ C:\Users\kl\Desktop\Photoshop.lnk
2017-03-12 12:50 - 2017-03-12 12:50 - 00001293 _____ C:\Users\kl\Desktop\Android Studio.lnk
2017-03-11 12:28 - 2017-03-11 12:28 - 00000000 ____D C:\Users\kl\AppData\Roaming\JetBrains
2017-03-11 12:27 - 2017-03-11 12:27 - 00000000 ____D C:\Users\kl\.AndroidStudio2.3
2017-03-11 12:21 - 2017-03-18 11:51 - 00000000 ____D C:\Users\kl\.android
2017-03-11 12:21 - 2017-03-11 12:21 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Android Studio
2017-03-11 12:15 - 2017-03-13 13:29 - 00000000 ____D C:\Users\kl\AppData\Local\Android
2017-03-11 12:13 - 2017-03-11 12:13 - 00000000 ____D C:\Program Files\Android
2017-03-11 12:01 - 2017-03-11 12:01 - 00000000 ____D C:\Users\kl\AppData\Roaming\Sun
2017-03-11 12:01 - 2017-03-11 12:01 - 00000000 ____D C:\ProgramData\Oracle
2017-03-11 11:59 - 2017-03-12 16:56 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java Development Kit
2017-03-11 11:58 - 2017-03-12 16:56 - 00000000 ____D C:\Program Files\Java
2017-03-11 11:35 - 2017-03-11 11:35 - 00000000 ____D C:\Users\kl\AppData\LocalLow\Oracle
2017-03-08 21:17 - 2017-03-08 21:17 - 00001060 _____ C:\Users\Public\Desktop\Hotspot Shield.lnk
2017-03-08 21:17 - 2017-03-08 21:17 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Hotspot Shield
2017-03-08 19:26 - 2017-03-08 19:26 - 00001410 _____ C:\Users\kl\Desktop\Hein Recovery 1.6.lnk
2017-03-08 19:26 - 2017-03-08 19:26 - 00001335 _____ C:\Users\kl\Desktop\Hein 4.4.2.lnk
2017-03-07 23:08 - 2017-03-07 23:09 - 00000000 ____D C:\MRLS_QT78_temp
2017-03-07 23:08 - 2017-03-07 23:08 - 00000000 ____D C:\MRLS_QT78
2017-03-07 23:08 - 2017-03-07 23:08 - 00000000 ____D C:\CUSTOM
2017-03-07 11:22 - 2017-03-07 11:22 - 00001090 _____ C:\Users\kl\Desktop\TeamSpeak 3 Client.lnk
2017-03-06 12:16 - 2017-03-06 12:16 - 00000044 _____ C:\Users\kl\Desktop\lol.txt
2017-03-06 12:14 - 2017-03-06 12:14 - 00000000 ____D C:\Users\kl\.TeamSpeak 3
2017-03-06 12:11 - 2015-07-18 13:08 - 00984448 _____ (Microsoft Corporation) C:\Windows\system32\ucrtbase.dll
2017-03-06 12:11 - 2015-07-18 13:08 - 00901264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ucrtbase.dll
2017-03-06 12:11 - 2015-07-18 13:08 - 00066400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-private-l1-1-0.dll
2017-03-06 12:11 - 2015-07-18 13:08 - 00063840 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-private-l1-1-0.dll
2017-03-06 12:11 - 2015-07-18 13:08 - 00022368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-math-l1-1-0.dll
2017-03-06 12:11 - 2015-07-18 13:08 - 00020832 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-math-l1-1-0.dll
2017-03-06 12:11 - 2015-07-18 13:08 - 00019808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-multibyte-l1-1-0.dll
2017-03-06 12:11 - 2015-07-18 13:08 - 00019808 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-multibyte-l1-1-0.dll
2017-03-06 12:11 - 2015-07-18 13:08 - 00017760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-string-l1-1-0.dll
2017-03-06 12:11 - 2015-07-18 13:08 - 00017760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-stdio-l1-1-0.dll
2017-03-06 12:11 - 2015-07-18 13:08 - 00017760 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-string-l1-1-0.dll
2017-03-06 12:11 - 2015-07-18 13:08 - 00017760 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-stdio-l1-1-0.dll
2017-03-06 12:11 - 2015-07-18 13:08 - 00016224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-runtime-l1-1-0.dll
2017-03-06 12:11 - 2015-07-18 13:08 - 00016224 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-runtime-l1-1-0.dll
2017-03-06 12:11 - 2015-07-18 13:08 - 00015712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-convert-l1-1-0.dll
2017-03-06 12:11 - 2015-07-18 13:08 - 00015712 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-convert-l1-1-0.dll
2017-03-06 12:11 - 2015-07-18 13:08 - 00014176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-time-l1-1-0.dll
2017-03-06 12:11 - 2015-07-18 13:08 - 00014176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-2-0.dll
2017-03-06 12:11 - 2015-07-18 13:08 - 00014176 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-time-l1-1-0.dll
2017-03-06 12:11 - 2015-07-18 13:08 - 00014176 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-2-0.dll
2017-03-06 12:11 - 2015-07-18 13:08 - 00013664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-filesystem-l1-1-0.dll
2017-03-06 12:11 - 2015-07-18 13:08 - 00013664 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-filesystem-l1-1-0.dll
2017-03-06 12:11 - 2015-07-18 13:08 - 00012640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-process-l1-1-0.dll
2017-03-06 12:11 - 2015-07-18 13:08 - 00012640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-heap-l1-1-0.dll
2017-03-06 12:11 - 2015-07-18 13:08 - 00012640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-conio-l1-1-0.dll
2017-03-06 12:11 - 2015-07-18 13:08 - 00012640 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-process-l1-1-0.dll
2017-03-06 12:11 - 2015-07-18 13:08 - 00012640 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-heap-l1-1-0.dll
2017-03-06 12:11 - 2015-07-18 13:08 - 00012640 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-conio-l1-1-0.dll
2017-03-06 12:11 - 2015-07-18 13:08 - 00012128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-utility-l1-1-0.dll
2017-03-06 12:11 - 2015-07-18 13:08 - 00012128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-locale-l1-1-0.dll
2017-03-06 12:11 - 2015-07-18 13:08 - 00012128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-environment-l1-1-0.dll
2017-03-06 12:11 - 2015-07-18 13:08 - 00012128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-2-0.dll
2017-03-06 12:11 - 2015-07-18 13:08 - 00012128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-1.dll
2017-03-06 12:11 - 2015-07-18 13:08 - 00012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-utility-l1-1-0.dll
2017-03-06 12:11 - 2015-07-18 13:08 - 00012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-locale-l1-1-0.dll
2017-03-06 12:11 - 2015-07-18 13:08 - 00012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-environment-l1-1-0.dll
2017-03-06 12:11 - 2015-07-18 13:08 - 00012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-2-0.dll
2017-03-06 12:11 - 2015-07-18 13:08 - 00012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-1.dll
2017-03-06 12:11 - 2015-07-18 13:08 - 00011616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-eventing-provider-l1-1-0.dll
2017-03-06 12:11 - 2015-07-18 13:08 - 00011616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l2-1-0.dll
2017-03-06 12:11 - 2015-07-18 13:08 - 00011616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-timezone-l1-1-0.dll
2017-03-06 12:11 - 2015-07-18 13:08 - 00011616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l2-1-0.dll
2017-03-06 12:11 - 2015-07-18 13:08 - 00011616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-2-0.dll
2017-03-06 12:11 - 2015-07-18 13:08 - 00011616 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-eventing-provider-l1-1-0.dll
2017-03-06 12:11 - 2015-07-18 13:08 - 00011616 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l2-1-0.dll
2017-03-06 12:11 - 2015-07-18 13:08 - 00011616 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-timezone-l1-1-0.dll
2017-03-06 12:11 - 2015-07-18 13:08 - 00011616 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l2-1-0.dll
2017-03-06 12:11 - 2015-07-18 13:08 - 00011616 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-2-0.dll
2017-03-06 01:14 - 2010-05-26 10:41 - 01998168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_43.dll
2017-03-05 16:11 - 2017-03-05 16:11 - 00000219 _____ C:\Users\kl\Desktop\Counter-Strike Global Offensive.url
2017-03-05 12:49 - 2017-03-22 14:32 - 00000000 ____D C:\Program Files (x86)\Steam
2017-03-05 12:49 - 2017-03-05 12:49 - 00000977 _____ C:\Users\Public\Desktop\Steam.lnk
2017-03-05 12:49 - 2017-03-05 12:49 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam
2017-02-25 21:23 - 2017-02-25 21:23 - 00000000 ____D C:\Users\kl\AppData\Local\Deployment
2017-02-25 21:23 - 2017-02-25 21:23 - 00000000 ____D C:\Users\kl\AppData\Local\Apps\2.0
2017-02-23 21:26 - 2017-02-23 21:26 - 01884890 _____ C:\Users\kl\Downloads\16785011_392889281076753_5454060196164796416_n.mp4

==================== Un mois - Modifiés - fichiers et dossiers ========

(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)

2017-03-22 14:39 - 2009-07-14 15:24 - 00739634 _____ C:\Windows\system32\perfh00C.dat
2017-03-22 14:39 - 2009-07-14 15:24 - 00150212 _____ C:\Windows\system32\perfc00C.dat
2017-03-22 14:39 - 2009-07-14 05:13 - 01673388 _____ C:\Windows\system32\PerfStringBackup.INI
2017-03-22 14:39 - 2009-07-14 03:20 - 00000000 ____D C:\Windows\inf
2017-03-22 14:37 - 2016-11-24 18:49 - 00000000 ____D C:\Users\kl\AppData\LocalLow\Mozilla
2017-03-22 14:32 - 2016-08-20 21:24 - 00000000 ____D C:\Users\kl\AppData\Roaming\TS3Client
2017-03-22 14:32 - 2016-08-13 08:05 - 00000000 ____D C:\Users\kl\AppData\Roaming\IDM
2017-03-22 14:16 - 2016-10-30 15:44 - 00000000 ____D C:\Users\kl\AppData\Roaming\ZHP
2017-03-22 14:13 - 2009-07-14 04:45 - 00022080 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2017-03-22 14:13 - 2009-07-14 04:45 - 00022080 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2017-03-22 14:05 - 2016-09-29 13:36 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2017-03-22 14:05 - 2009-07-14 05:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2017-03-22 13:21 - 2016-12-15 19:03 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2017-03-22 03:36 - 2016-08-13 08:05 - 00000000 ____D C:\Users\kl\AppData\Roaming\DMCache
2017-03-22 03:31 - 2016-10-18 14:19 - 00000000 ____D C:\Users\kl\.VirtualBox
2017-03-22 02:27 - 2016-11-09 18:00 - 00000132 _____ C:\Users\kl\AppData\Roaming\Adobe PNG Format CS6 Prefs
2017-03-22 02:00 - 2016-08-24 22:00 - 00000000 ____D C:\Users\kl\AppData\Local\Adobe
2017-03-21 15:02 - 2009-07-14 05:32 - 00000000 ____D C:\Windows\system32\FxsTmp
2017-03-21 14:53 - 2016-08-12 18:15 - 00000000 ____D C:\Users\kl\AppData\Roaming\vlc
2017-03-20 11:24 - 2016-12-30 12:39 - 00000000 ____D C:\Program Files (x86)\McAfee
2017-03-20 11:23 - 2016-12-30 12:26 - 00000000 ____D C:\Program Files\TrueKey
2017-03-20 11:07 - 2009-07-14 05:08 - 00032496 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2017-03-19 22:16 - 2016-08-13 08:05 - 00000000 ____D C:\Users\kl\Downloads\Compressed
2017-03-16 13:18 - 2016-10-18 14:20 - 00000000 ____D C:\Users\kl\VirtualBox VMs
2017-03-16 12:08 - 2016-11-18 00:46 - 00000000 ____D C:\Users\kl\AppData\Local\Bluestacks
2017-03-15 12:13 - 2016-12-30 12:26 - 00802904 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2017-03-15 12:13 - 2016-12-30 12:26 - 00144472 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2017-03-15 12:13 - 2016-12-30 12:26 - 00004484 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2017-03-15 12:13 - 2016-09-29 13:44 - 00000000 ____D C:\Windows\SysWOW64\Macromed
2017-03-15 12:13 - 2016-09-29 13:44 - 00000000 ____D C:\Windows\system32\Macromed
2017-03-14 22:35 - 2016-08-12 18:11 - 00000000 ____D C:\Users\kl
2017-03-14 15:24 - 2016-08-13 08:05 - 00000000 ____D C:\Users\kl\Downloads\Video
2017-03-13 15:37 - 2016-08-18 15:41 - 00000000 ____D C:\Program Files\Intel
2017-03-12 22:16 - 2016-12-21 23:56 - 00000000 ____D C:\Users\kl\AppData\Local\MEGAsync
2017-03-12 13:07 - 2016-11-19 14:40 - 00000000 ____D C:\Users\kl\Documents\Bandicam
2017-03-12 12:52 - 2016-08-16 16:30 - 00007630 _____ C:\Windows\system32\--traceoff
2017-03-09 12:25 - 2016-11-18 00:49 - 00000000 ____D C:\ProgramData\BlueStacksSetup
2017-03-08 21:17 - 2016-09-26 13:26 - 00000000 ____D C:\ProgramData\Hotspot Shield
2017-03-08 21:17 - 2016-09-26 13:26 - 00000000 ____D C:\Program Files (x86)\Hotspot Shield
2017-03-08 21:16 - 2016-08-15 00:56 - 00000000 ____D C:\ProgramData\Package Cache
2017-03-08 19:29 - 2016-09-27 19:57 - 00000000 __SHD C:\Users\kl\AppData\Roaming\Latas
2017-03-08 19:29 - 2016-09-23 23:43 - 00000000 __SHD C:\Users\kl\AppData\Roaming\Pr
2017-03-06 12:14 - 2016-08-20 21:24 - 00000000 ____D C:\Program Files\TeamSpeak 3 Client
2017-03-06 12:09 - 2016-08-20 21:24 - 00001090 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamSpeak 3 Client.lnk
2017-03-05 16:11 - 2016-08-12 22:01 - 00000000 ____D C:\Users\kl\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam

==================== Fichiers à la racine de certains dossiers =======

2016-11-09 18:00 - 2017-03-22 02:27 - 0000132 _____ () C:\Users\kl\AppData\Roaming\Adobe PNG Format CS6 Prefs
2016-10-06 00:39 - 2016-12-15 00:43 - 0007605 _____ () C:\Users\kl\AppData\Local\resmon.resmoncfg
2016-11-16 02:23 - 2016-11-16 02:23 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
2009-07-14 02:34 - 2016-09-26 13:29 - 0854536 ____R () C:\ProgramData\hosts
2016-12-12 01:21 - 2016-12-12 01:21 - 0000016 _____ () C:\ProgramData\mntemp
2016-12-25 18:01 - 2017-01-04 01:39 - 0000079 _____ () C:\ProgramData\Path.ini

==================== Bamital & volsnap ======================

(Il n'y a pas de correction automatique pour les fichiers qui ne satisfont pas à la vérification.)

C:\Windows\system32\winlogon.exe => Le fichier est signé numériquement
C:\Windows\system32\wininit.exe => Le fichier est signé numériquement
C:\Windows\SysWOW64\wininit.exe => Le fichier est signé numériquement
C:\Windows\explorer.exe => Le fichier est signé numériquement
C:\Windows\SysWOW64\explorer.exe => Le fichier est signé numériquement
C:\Windows\system32\svchost.exe => Le fichier est signé numériquement
C:\Windows\SysWOW64\svchost.exe => Le fichier est signé numériquement
C:\Windows\system32\services.exe => Le fichier est signé numériquement
C:\Windows\system32\User32.dll => Le fichier est signé numériquement
C:\Windows\SysWOW64\User32.dll => Le fichier est signé numériquement
C:\Windows\system32\userinit.exe => Le fichier est signé numériquement
C:\Windows\SysWOW64\userinit.exe => Le fichier est signé numériquement
C:\Windows\system32\rpcss.dll => Le fichier est signé numériquement
C:\Windows\system32\dnsapi.dll => Le fichier est signé numériquement
C:\Windows\SysWOW64\dnsapi.dll => Le fichier est signé numériquement
C:\Windows\system32\Drivers\volsnap.sys => Le fichier est signé numériquement

LastRegBack: 2017-03-15 16:27

==================== Fin de FRST.txt ============================